May 2025 - Linux-stable-mirror

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.92 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm64/net/bpf_jit_comp.c | 12 arch/loongarch/Makefile | 2 arch/loongarch/include/asm/ptrace.h | 2 arch/loongarch/include/asm/uprobes.h | 1 arch/loongarch/kernel/kfpu.c | 22 arch/loongarch/kernel/time.c | 2 arch/loongarch/kernel/uprobes.c | 11 arch/loongarch/power/hibernate.c | 3 arch/x86/kernel/alternative.c | 17 arch/x86/kvm/smm.c | 1 arch/x86/kvm/svm/svm.c | 19 block/bio.c | 2 drivers/acpi/pptt.c | 11 drivers/bluetooth/btnxpuart.c | 6 drivers/char/tpm/tpm_tis_core.h | 2 drivers/dma-buf/dma-resv.c | 5 drivers/dma/dmatest.c | 6 drivers/dma/idxd/init.c | 159 ++++-- drivers/dma/ti/k3-udma.c | 10 drivers/firmware/arm_scmi/Kconfig | 14 drivers/firmware/arm_scmi/common.h | 35 + drivers/firmware/arm_scmi/driver.c | 89 +++ drivers/firmware/arm_scmi/mailbox.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 51 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 11 drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 29 + drivers/gpu/drm/amd/amdgpu/amdgpu_virt.h | 3 drivers/gpu/drm/amd/amdgpu/mxgpu_ai.c | 2 drivers/gpu/drm/amd/amdgpu/mxgpu_nv.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c | 16 drivers/hid/hid-thrustmaster.c | 1 drivers/hid/hid-uclogic-core.c | 7 drivers/hv/channel.c | 65 -- drivers/iio/adc/ad7266.c | 2 drivers/iio/adc/ad7768-1.c | 2 drivers/iio/chemical/sps30.c | 2 drivers/infiniband/sw/rxe/rxe_cq.c | 5 drivers/net/dsa/sja1105/sja1105_main.c | 6 drivers/net/ethernet/cadence/macb_main.c | 19 drivers/net/ethernet/engleder/tsnep_hw.h | 2 drivers/net/ethernet/engleder/tsnep_main.c | 131 ++++- drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 5 drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c | 3 drivers/net/ethernet/mediatek/mtk_eth_soc.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 4 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c | 3 drivers/net/ethernet/qlogic/qede/qede_main.c | 2 drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 7 drivers/net/hyperv/hyperv_net.h | 13 drivers/net/hyperv/netvsc.c | 57 ++ drivers/net/hyperv/netvsc_drv.c | 62 -- drivers/net/hyperv/rndis_filter.c | 24 - drivers/net/wireless/mediatek/mt76/dma.c | 1 drivers/nvme/host/pci.c | 4 drivers/phy/renesas/phy-rcar-gen3-usb2.c | 40 - drivers/phy/tegra/xusb-tegra186.c | 46 +- drivers/phy/tegra/xusb.c | 8 drivers/platform/x86/amd/pmc/pmc-quirks.c | 7 drivers/platform/x86/asus-wmi.c | 3 drivers/regulator/max20086-regulator.c | 7 drivers/scsi/sd_zbc.c | 6 drivers/scsi/storvsc_drv.c | 1 drivers/spi/spi-loopback-test.c | 2 drivers/spi/spi-tegra114.c | 6 drivers/usb/gadget/function/f_midi2.c | 2 drivers/usb/typec/ucsi/displayport.c | 19 drivers/usb/typec/ucsi/ucsi.c | 34 + drivers/usb/typec/ucsi/ucsi.h | 2 fs/binfmt_elf.c | 273 ++++++------ fs/btrfs/extent-tree.c | 25 - fs/nfs/nfs4proc.c | 9 fs/nfs/pnfs.c | 9 fs/smb/client/smb2pdu.c | 2 fs/udf/truncate.c | 2 fs/xattr.c | 24 + include/linux/bio.h | 1 include/linux/hyperv.h | 7 include/linux/tpm.h | 2 include/net/sch_generic.h | 15 include/sound/ump_msg.h | 4 kernel/cgroup/cpuset.c | 6 kernel/trace/trace_dynevent.c | 16 kernel/trace/trace_dynevent.h | 1 kernel/trace/trace_events_trigger.c | 2 kernel/trace/trace_functions.c | 6 kernel/trace/trace_kprobe.c | 2 kernel/trace/trace_probe.c | 9 kernel/trace/trace_uprobe.c | 2 mm/memblock.c | 9 mm/memory_hotplug.c | 6 mm/migrate.c | 16 mm/page_alloc.c | 27 - net/bluetooth/mgmt.c | 9 net/mac80211/main.c | 6 net/mctp/device.c | 65 +- net/mctp/route.c | 4 net/sched/sch_codel.c | 2 net/sched/sch_fq.c | 2 net/sched/sch_fq_codel.c | 2 net/sched/sch_fq_pie.c | 2 net/sched/sch_hhf.c | 2 net/sched/sch_pie.c | 2 net/sctp/sysctl.c | 4 net/tls/tls_strp.c | 3 samples/ftrace/sample-trace-array.c | 2 sound/core/seq/seq_clientmgr.c | 52 +- sound/core/seq/seq_ump_convert.c | 18 sound/core/seq/seq_ump_convert.h | 1 sound/pci/es1968.c | 6 sound/sh/Kconfig | 2 sound/usb/quirks.c | 4 tools/net/ynl/ethtool.py | 29 + tools/testing/selftests/exec/Makefile | 19 tools/testing/selftests/exec/load_address.c | 83 ++- tools/testing/selftests/mm/compaction_test.c | 19 118 files changed, 1290 insertions(+), 689 deletions(-) Aaron Kling (1): spi: tegra114: Use value to check for invalid delays Abdun Nihaal (1): qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd() Alex Deucher (2): Revert "drm/amd: Stop evicting resources on APUs in suspend" drm/amdgpu: fix pm notifier handling Andrei Kuchynski (1): usb: typec: ucsi: displayport: Fix deadlock Andrew Jeffery (1): net: mctp: Ensure keys maintain only one ref to corresponding dev Bo-Cun Chen (1): net: ethernet: mtk_eth_soc: fix typo for declaration MT7988 ESW capability Carolina Jubran (1): net/mlx5e: Disable MACsec offload for uplink representor profile Christian Heusel (1): ALSA: usb-audio: Add sample rate quirk for Audioengine D1 Claudiu Beznea (2): phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind phy: renesas: rcar-gen3-usb2: Set timing registers only once Cong Wang (1): net_sched: Flush gso_skb list too during ->change() Cosmin Tanislav (1): regulator: max20086: fix invalid memory access Cristian Marussi (3): firmware: arm_scmi: Add helper to trace bad messages firmware: arm_scmi: Add message dump traces for bad and unexpected replies firmware: arm_scmi: Fix timeout checks on polling path Dan Carpenter (1): phy: tegra: xusb: remove a stray unlock David Lechner (1): iio: chemical: sps30: use aligned_s64 for timestamp Eric Dumazet (2): mctp: no longer rely on net->dev_index_head[] sctp: add mutual exclusion in proc_sctp_do_udp_port() Eric W. Biederman (1): binfmt_elf: Support segments with 0 filesz and misaligned starts Fedor Pchelkin (1): wifi: mt76: disable napi on driver removal Feng Tang (1): selftests/mm: compaction_test: support platform with huge mount of memory Filipe Manana (1): btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Geert Uytterhoeven (2): spi: loopback-test: Do not split 1024-byte hexdumps ALSA: sh: SND_AICA should depend on SH_DMA_API Gerhard Engleder (2): tsnep: Inline small fragments within TX descriptor tsnep: fix timestamping with a stacked DSA driver Greg Kroah-Hartman (1): Linux 6.6.92 Hangbin Liu (1): tools/net/ynl: ethtool: fix crash when Hardware Clock info is missing Hans de Goede (1): platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection Hariprasad Kelam (1): octeontx2-af: Fix CGX Receive counters Henry Martin (1): HID: uclogic: Add NULL check in uclogic_input_configured() Huacai Chen (3): LoongArch: Save and restore CSR.CNTC for hibernation LoongArch: Fix MAX_REG_OFFSET calculation LoongArch: Explicitly specify code model in Makefile Hyejeong Choi (1): dma-buf: insert memory barrier before updating num_fences Ido Schimmel (1): mlxsw: spectrum_router: Fix use-after-free when deleting GRE net devices Jan Kara (1): udf: Make sure i_lenExtents is uptodate on inode eviction Jeremy Linton (1): ACPI: PPTT: Fix processor subtable walk Jethro Donaldson (1): smb: client: fix memory leak during error handling for POSIX mkdir Jonathan Cameron (2): iio: adc: ad7266: Fix potential timestamp alignment issue. iio: adc: ad7768-1: Fix insufficient alignment of timestamp. Kees Cook (8): binfmt_elf: elf_bss no longer used by load_elf_binary() binfmt_elf: Leave a gap between .bss and brk selftests/exec: Build both static and non-static load_address tests binfmt_elf: Calculate total_size earlier binfmt_elf: Honor PT_LOAD alignment for static PIE binfmt_elf: Move brk for static PIE even if ASLR disabled nvme-pci: make nvme_pci_npages_prp() __always_inline wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request Keith Busch (1): nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable Kirill A. Shutemov (1): mm/page_alloc: fix race condition in unaccepted memory handling Li Lingfeng (1): nfs: handle failure of nfs_get_lock_context in unlock path Luiz Augusto von Dentz (1): Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags Luke Parkin (2): firmware: arm_scmi: Add support for debug metrics at the interface firmware: arm_scmi: Track basic SCMI communication debug metrics Ma Jun (1): drm/amdgpu: Fix the runtime resume failure issue Ma Ke (1): phy: Fix error handling in tegra_xusb_port_init Ma Wupeng (1): hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio Mario Limonciello (2): drm/amd: Stop evicting resources on APUs in suspend drm/amd: Add Suspend/Hibernate notification callback support Masami Hiramatsu (Google) (1): tracing: probes: Fix a possible race in trace_probe_log APIs Mathieu Othacehe (1): net: cadence: macb: Fix a possible deadlock in macb_halt_tx. Matt Johnston (1): net: mctp: Don't access ifa_index when missing Michael Kelley (5): hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages hv_netvsc: Preserve contiguous PFN grouping in the page buffer array hv_netvsc: Remove rmsg_pgcnt Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges Drivers: hv: vmbus: Remove vmbus_sendpacket_pagebuffer() Michal Suchanek (1): tpm: tis: Double the timeout B to 4s Mikhail Lobanov (1): KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Muhammad Usama Anjum (1): selftests/exec: load_address: conform test to TAP format output Nathan Chancellor (1): net: qede: Initialize qede_ll_ops with designated initializer Nathan Lynch (1): dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" Neeraj Sanjay Kale (1): Bluetooth: btnxpuart: Fix kernel panic during FW release Nicolas Chauvet (1): ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera Pawan Gupta (1): x86/its: Fix build error for its_static_thunk() Pengtao He (1): net/tls: fix kernel panic when alloc_page failed Peter Collingbourne (1): bpf, arm64: Fix address emission with tag-based KASAN enabled Peter Gonda (1): KVM: SVM: Update SEV-ES shutdown intercepts with more metadata Puranjay Mohan (1): bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG Qasim Ijaz (1): HID: thrustmaster: fix memory leak in thrustmaster_interrupts() Rahul Rameshbabu (1): tools: ynl: ethtool.py: Output timestamping statistics from tsinfo-get operation Ronald Wahl (1): dmaengine: ti: k3-udma: Add missing locking Runhua He (1): platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) Shuai Xue (9): dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals dmaengine: idxd: Add missing cleanups in cleanup internals dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call dmaengine: idxd: fix memory leak in error handling path of idxd_alloc dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe dmaengine: idxd: Refactor remove call with idxd_cleanup() helper Stephen Smalley (1): fs/xattr.c: fix simple_xattr_list to always include security.* xattrs Steve Siwinski (1): scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer Steven Rostedt (1): tracing: samples: Initialize trace_array_printk() with the correct function Subbaraya Sundeep (1): octeontx2-pf: macsec: Fix incorrect max transmit size in TX secy Takashi Iwai (2): ALSA: seq: Fix delivery of UMP events to group ports ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info Tianyang Zhang (1): LoongArch: Prevent cond_resched() occurring within kernel-fpu Tiezhu Yang (2): LoongArch: uprobes: Remove user_{en,dis}able_single_step() LoongArch: uprobes: Remove redundant code about resume_era Tom Lendacky (1): memblock: Accept allocated memory before use in memblock_double_array() Trond Myklebust (1): NFSv4/pnfs: Reset the layout state after a layoutreturn Vladimir Oltean (1): net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING Waiman Long (1): cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks Wayne Chang (1): phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking Wayne Lin (2): drm/amd/display: Correct the reply value when AUX write incomplete drm/amd/display: Avoid flooding unnecessary info messages Wentao Liang (1): ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() Yemike Abhilash Chandra (1): dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy Zhigang Luo (1): drm/amdgpu: trigger flr_work if reading pf2vf data failed Zhu Yanjun (1): RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug Zi Yan (1): mm/migrate: correct nr_failed in migrate_pages_sync() pengdonglin (2): ftrace: Fix preemption accounting for stacktrace trigger command ftrace: Fix preemption accounting for stacktrace filter command

3 months, 3 weeks

1
1
0 0

Linux 6.12.30

by Greg Kroah-Hartman

I'm announcing the release of the 6.12.30 kernel. All users of the 6.12 kernel series must upgrade. The updated 6.12.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/netlink/specs/tc.yaml | 10 MAINTAINERS | 6 Makefile | 2 arch/arm64/boot/dts/amlogic/meson-g12b-dreambox.dtsi | 4 arch/arm64/boot/dts/freescale/imx8mp-var-som.dtsi | 12 arch/arm64/boot/dts/rockchip/rk3588-friendlyelec-cm3588.dtsi | 4 arch/arm64/boot/dts/rockchip/rk3588j.dtsi | 53 - arch/loongarch/include/asm/ptrace.h | 2 arch/loongarch/include/asm/uprobes.h | 1 arch/loongarch/kernel/genex.S | 7 arch/loongarch/kernel/kfpu.c | 22 arch/loongarch/kernel/time.c | 2 arch/loongarch/kernel/uprobes.c | 11 arch/loongarch/power/hibernate.c | 3 arch/riscv/boot/dts/sophgo/cv18xx.dtsi | 2 arch/x86/kvm/mmu/mmu.c | 75 +- block/bio.c | 2 drivers/accel/ivpu/ivpu_debugfs.c | 2 drivers/accel/ivpu/ivpu_fw.c | 4 drivers/accel/ivpu/ivpu_fw_log.c | 113 ++- drivers/accel/ivpu/ivpu_fw_log.h | 9 drivers/accel/ivpu/ivpu_pm.c | 1 drivers/acpi/pptt.c | 11 drivers/bluetooth/btnxpuart.c | 6 drivers/char/tpm/tpm2-sessions.c | 20 drivers/char/tpm/tpm_tis_core.h | 2 drivers/dma-buf/dma-resv.c | 5 drivers/dma/dmatest.c | 6 drivers/dma/idxd/init.c | 159 +++- drivers/dma/ti/k3-udma.c | 10 drivers/gpio/gpio-pca953x.c | 6 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c | 18 drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 47 + drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 11 drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 12 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c | 16 drivers/gpu/drm/amd/display/dc/dpp/dcn401/dcn401_dpp_cm.c | 5 drivers/gpu/drm/drm_fbdev_dma.c | 60 + drivers/gpu/drm/tiny/Kconfig | 1 drivers/gpu/drm/tiny/panel-mipi-dbi.c | 7 drivers/gpu/drm/xe/instructions/xe_mi_commands.h | 4 drivers/gpu/drm/xe/xe_gsc.c | 22 drivers/gpu/drm/xe/xe_gsc.h | 1 drivers/gpu/drm/xe/xe_gsc_proxy.c | 11 drivers/gpu/drm/xe/xe_gsc_proxy.h | 1 drivers/gpu/drm/xe/xe_gt.c | 2 drivers/gpu/drm/xe/xe_lrc.c | 2 drivers/gpu/drm/xe/xe_ring_ops.c | 7 drivers/gpu/drm/xe/xe_uc.c | 8 drivers/gpu/drm/xe/xe_uc.h | 1 drivers/hid/bpf/hid_bpf_dispatch.c | 9 drivers/hid/hid-thrustmaster.c | 1 drivers/hid/hid-uclogic-core.c | 7 drivers/hv/channel.c | 65 - drivers/hv/hyperv_vmbus.h | 6 drivers/hv/vmbus_drv.c | 100 ++ drivers/iio/adc/ad7266.c | 2 drivers/iio/adc/ad7768-1.c | 2 drivers/iio/chemical/pms7003.c | 5 drivers/iio/chemical/sps30.c | 2 drivers/iio/light/opt3001.c | 5 drivers/iio/pressure/mprls0025pa.h | 17 drivers/infiniband/core/device.c | 6 drivers/infiniband/sw/rxe/rxe_cq.c | 5 drivers/net/dsa/b53/b53_common.c | 33 drivers/net/dsa/b53/b53_regs.h | 14 drivers/net/dsa/sja1105/sja1105_main.c | 6 drivers/net/ethernet/cadence/macb_main.c | 19 drivers/net/ethernet/engleder/tsnep_main.c | 30 drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 5 drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c | 3 drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.h | 1 drivers/net/ethernet/marvell/octeontx2/nic/otx2_devlink.c | 1 drivers/net/ethernet/marvell/octeontx2/nic/otx2_flows.c | 3 drivers/net/ethernet/mediatek/mtk_eth_soc.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 4 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c | 3 drivers/net/ethernet/qlogic/qede/qede_main.c | 2 drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 7 drivers/net/hyperv/hyperv_net.h | 13 drivers/net/hyperv/netvsc.c | 57 + drivers/net/hyperv/netvsc_drv.c | 62 - drivers/net/hyperv/rndis_filter.c | 24 drivers/net/virtio_net.c | 5 drivers/net/wireless/mediatek/mt76/dma.c | 1 drivers/nvme/host/pci.c | 4 drivers/phy/renesas/phy-rcar-gen3-usb2.c | 40 - drivers/phy/tegra/xusb-tegra186.c | 46 - drivers/phy/tegra/xusb.c | 8 drivers/platform/x86/amd/pmc/pmc-quirks.c | 7 drivers/platform/x86/amd/pmf/tee-if.c | 23 drivers/platform/x86/asus-wmi.c | 3 drivers/regulator/max20086-regulator.c | 7 drivers/scsi/sd_zbc.c | 6 drivers/scsi/storvsc_drv.c | 1 drivers/spi/spi-loopback-test.c | 2 drivers/spi/spi-tegra114.c | 6 drivers/uio/uio_hv_generic.c | 39 - drivers/usb/gadget/function/f_midi2.c | 2 drivers/usb/host/xhci-dbgcap.c | 21 drivers/usb/host/xhci-dbgcap.h | 3 drivers/usb/typec/ucsi/displayport.c | 19 drivers/usb/typec/ucsi/ucsi.c | 34 drivers/usb/typec/ucsi/ucsi.h | 2 drivers/virtio/virtio_ring.c | 6 fs/binfmt_elf.c | 71 + fs/btrfs/discard.c | 17 fs/btrfs/fs.h | 1 fs/btrfs/inode.c | 7 fs/btrfs/super.c | 4 fs/nfs/nfs4proc.c | 9 fs/nfs/pnfs.c | 9 fs/smb/client/cifs_spnego.c | 16 fs/smb/client/cifsfs.c | 25 fs/smb/client/cifsglob.h | 7 fs/smb/client/connect.c | 20 fs/smb/client/fs_context.c | 39 + fs/smb/client/fs_context.h | 10 fs/smb/client/smb2pdu.c | 2 fs/udf/truncate.c | 2 fs/xattr.c | 24 include/drm/drm_fbdev_dma.h | 12 include/linux/bio.h | 1 include/linux/hyperv.h | 13 include/linux/kvm_host.h | 6 include/linux/tpm.h | 21 include/linux/virtio.h | 3 include/net/sch_generic.h | 15 include/sound/ump_msg.h | 4 kernel/cgroup/cpuset.c | 6 kernel/sched/ext.c | 6 kernel/trace/ring_buffer.c | 8 kernel/trace/trace_dynevent.c | 16 kernel/trace/trace_dynevent.h | 1 kernel/trace/trace_events_trigger.c | 2 kernel/trace/trace_functions.c | 6 kernel/trace/trace_kprobe.c | 2 kernel/trace/trace_probe.c | 9 kernel/trace/trace_uprobe.c | 2 mm/page_alloc.c | 23 mm/userfaultfd.c | 12 net/bluetooth/mgmt.c | 9 net/mac80211/main.c | 6 net/mctp/device.c | 65 - net/mctp/route.c | 4 net/sched/sch_codel.c | 2 net/sched/sch_fq.c | 2 net/sched/sch_fq_codel.c | 2 net/sched/sch_fq_pie.c | 2 net/sched/sch_hhf.c | 2 net/sched/sch_pie.c | 2 net/tls/tls_strp.c | 3 samples/ftrace/sample-trace-array.c | 2 scripts/Makefile.extrawarn | 12 sound/core/seq/seq_clientmgr.c | 52 - sound/core/seq/seq_ump_convert.c | 18 sound/core/seq/seq_ump_convert.h | 1 sound/pci/es1968.c | 6 sound/sh/Kconfig | 2 sound/usb/quirks.c | 4 tools/net/ynl/ethtool.py | 22 tools/testing/selftests/net/ncdevmem.c | 394 ++++++----- tools/testing/vsock/vsock_test.c | 28 virt/kvm/guest_memfd.c | 2 virt/kvm/kvm_main.c | 14 168 files changed, 1803 insertions(+), 906 deletions(-) Aaron Kling (1): spi: tegra114: Use value to check for invalid delays Abdun Nihaal (1): qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd() Alex Deucher (2): Revert "drm/amd: Stop evicting resources on APUs in suspend" drm/amdgpu: fix pm notifier handling Alexey Makhalov (1): MAINTAINERS: Update Alexey Makhalov's email address Andrei Kuchynski (1): usb: typec: ucsi: displayport: Fix deadlock Andrew Jeffery (1): net: mctp: Ensure keys maintain only one ref to corresponding dev Barry Song (1): mm: userfaultfd: correct dirty flags set for both present and swap pte Bo-Cun Chen (1): net: ethernet: mtk_eth_soc: fix typo for declaration MT7988 ESW capability Boris Burkov (1): btrfs: fix folio leak in submit_one_async_extent() Carolina Jubran (1): net/mlx5e: Disable MACsec offload for uplink representor profile Christian Heusel (1): ALSA: usb-audio: Add sample rate quirk for Audioengine D1 Christian Hewitt (1): arm64: dts: amlogic: dreambox: fix missing clkc_audio node Claudiu Beznea (2): phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind phy: renesas: rcar-gen3-usb2: Set timing registers only once Cong Wang (1): net_sched: Flush gso_skb list too during ->change() Cosmin Ratiu (1): tests/ncdevmem: Fix double-free of queue array Cosmin Tanislav (1): regulator: max20086: fix invalid memory access Dan Carpenter (1): phy: tegra: xusb: remove a stray unlock Daniele Ceraolo Spurio (1): drm/xe/gsc: do not flush the GSC worker from the reset path David Lechner (3): iio: chemical: pms7003: use aligned_s64 for timestamp iio: pressure: mprls0025pa: use aligned_s64 for timestamp iio: chemical: sps30: use aligned_s64 for timestamp Dragan Simic (1): arm64: dts: rockchip: Remove overdrive-mode OPPs from RK3588J SoC dtsi Emanuele Ghidoli (1): gpio: pca953x: fix IRQ storm on system wake up Eric Dumazet (1): mctp: no longer rely on net->dev_index_head[] Fabio Estevam (1): drm/tiny: panel-mipi-dbi: Use drm_client_setup_with_fourcc() Fedor Pchelkin (1): wifi: mt76: disable napi on driver removal Filipe Manana (1): btrfs: fix discard worker infinite loop after disabling discard Geert Uytterhoeven (2): spi: loopback-test: Do not split 1024-byte hexdumps ALSA: sh: SND_AICA should depend on SH_DMA_API Gerhard Engleder (1): tsnep: fix timestamping with a stacked DSA driver Greg Kroah-Hartman (1): Linux 6.12.30 Hangbin Liu (1): tools/net/ynl: ethtool: fix crash when Hardware Clock info is missing Hans de Goede (1): platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection Hariprasad Kelam (1): octeontx2-af: Fix CGX Receive counters Henry Martin (1): HID: uclogic: Add NULL check in uclogic_input_configured() Himanshu Bhavani (1): arm64: dts: imx8mp-var-som: Fix LDO5 shutdown causing SD card timeout Huacai Chen (3): LoongArch: Move __arch_cpu_idle() to .cpuidle.text section LoongArch: Save and restore CSR.CNTC for hibernation LoongArch: Fix MAX_REG_OFFSET calculation Hyejeong Choi (1): dma-buf: insert memory barrier before updating num_fences Ido Schimmel (1): mlxsw: spectrum_router: Fix use-after-free when deleting GRE net devices Isaku Yamahata (1): KVM: Add member to struct kvm_gfn_range to indicate private/shared Jacek Lawrynowicz (3): accel/ivpu: Rename ivpu_log_level to fw_log_level accel/ivpu: Refactor functions in ivpu_fw_log.c accel/ivpu: Fix fw log printing Jakub Kicinski (2): netlink: specs: tc: fix a couple of attribute names netlink: specs: tc: all actions are indexed arrays Jan Kara (1): udf: Make sure i_lenExtents is uptodate on inode eviction Jarkko Sakkinen (1): tpm: Mask TPM RC in tpm2_start_auth_session() Jeremy Linton (1): ACPI: PPTT: Fix processor subtable walk Jethro Donaldson (1): smb: client: fix memory leak during error handling for POSIX mkdir Jonas Gorski (1): net: dsa: b53: prevent standalone from trying to forward to other ports Jonathan Cameron (2): iio: adc: ad7266: Fix potential timestamp alignment issue. iio: adc: ad7768-1: Fix insufficient alignment of timestamp. Kees Cook (3): binfmt_elf: Move brk for static PIE even if ASLR disabled nvme-pci: make nvme_pci_npages_prp() __always_inline wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request Keith Busch (1): nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable Kirill A. Shutemov (1): mm/page_alloc: fix race condition in unaccepted memory handling Koichiro Den (2): virtio_ring: add a func argument 'recycle_done' to virtqueue_reset() virtio_net: ensure netdev_tx_reset_queue is called on bind xsk for tx Konstantin Shkolnyy (1): vsock/test: Fix occasional failure in SIOCOUTQ tests Kyoji Ogasawara (1): btrfs: add back warning for mount option commit values exceeding 300 Li Lingfeng (1): nfs: handle failure of nfs_get_lock_context in unlock path Luca Ceresoli (1): iio: light: opt3001: fix deadlock due to concurrent flag access Luiz Augusto von Dentz (1): Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags Ma Ke (1): phy: Fix error handling in tegra_xusb_port_init Mario Limonciello (3): drivers/platform/x86/amd: pmf: Check for invalid sideloaded Smart PC Policies drivers/platform/x86/amd: pmf: Check for invalid Smart PC Policies drm/amd: Add Suspend/Hibernate notification callback support Masami Hiramatsu (Google) (1): tracing: probes: Fix a possible race in trace_probe_log APIs Mathias Nyman (2): xhci: dbc: Improve performance by removing delay in transfer event polling. xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive. Mathieu Othacehe (1): net: cadence: macb: Fix a possible deadlock in macb_halt_tx. Matt Johnston (1): net: mctp: Don't access ifa_index when missing Melissa Wen (1): Revert "drm/amd/display: Hardware cursor changes color when switched to software cursor" Michael Kelley (5): hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages hv_netvsc: Preserve contiguous PFN grouping in the page buffer array hv_netvsc: Remove rmsg_pgcnt Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges Drivers: hv: vmbus: Remove vmbus_sendpacket_pagebuffer() Michal Suchanek (1): tpm: tis: Double the timeout B to 4s Naman Jain (1): uio_hv_generic: Fix sysfs creation path for ring buffer Nathan Chancellor (2): kbuild: Disable -Wdefault-const-init-unsafe net: qede: Initialize qede_ll_ops with designated initializer Nathan Lynch (1): dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" Neeraj Sanjay Kale (1): Bluetooth: btnxpuart: Fix kernel panic during FW release Nicolas Chauvet (1): ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera Pengtao He (1): net/tls: fix kernel panic when alloc_page failed Philip Yang (1): drm/amdgpu: csa unmap use uninterruptible lock Qasim Ijaz (1): HID: thrustmaster: fix memory leak in thrustmaster_interrupts() Ritvik Budhiraja (1): CIFS: New mount option for cifs.upcall namespace resolution Ronald Wahl (1): dmaengine: ti: k3-udma: Add missing locking Rong Zhang (1): HID: bpf: abort dispatch if device destroyed Runhua He (1): platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) Sean Christopherson (1): KVM: x86/mmu: Prevent installing hugepages when mem attributes are changing Shuai Xue (9): dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals dmaengine: idxd: Add missing cleanups in cleanup internals dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call dmaengine: idxd: fix memory leak in error handling path of idxd_alloc dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe dmaengine: idxd: Refactor remove call with idxd_cleanup() helper Stanislav Fomichev (5): selftests: ncdevmem: Redirect all non-payload output to stderr selftests: ncdevmem: Separate out dmabuf provider selftests: ncdevmem: Unify error handling selftests: ncdevmem: Make client_ip optional selftests: ncdevmem: Switch to AF_INET6 Stephen Smalley (1): fs/xattr.c: fix simple_xattr_list to always include security.* xattrs Steve Siwinski (1): scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer Steven Rostedt (2): tracing: samples: Initialize trace_array_printk() with the correct function ring-buffer: Fix persistent buffer when commit page is the reader page Subbaraya Sundeep (2): octeontx2-pf: macsec: Fix incorrect max transmit size in TX secy octeontx2-pf: Do not reallocate all ntuple filters Takashi Iwai (2): ALSA: seq: Fix delivery of UMP events to group ports ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info Tejun Heo (1): sched_ext: bpf_iter_scx_dsq_new() should always initialize iterator Thomas Zimmermann (2): drm/fbdev-dma: Support struct drm_driver.fbdev_probe drm/panel-mipi-dbi: Run DRM default client setup Tianyang Zhang (1): LoongArch: Prevent cond_resched() occurring within kernel-fpu Tiezhu Yang (2): LoongArch: uprobes: Remove user_{en,dis}able_single_step() LoongArch: uprobes: Remove redundant code about resume_era Tim Huang (1): drm/amdgpu: fix incorrect MALL size for GFX1151 Tom Vincent (1): arm64: dts: rockchip: Assign RT5616 MCLK rate on rk3588-friendlyelec-cm3588 Tomasz Rusinowicz (1): accel/ivpu: Reset fw log on cold boot Trond Myklebust (1): NFSv4/pnfs: Reset the layout state after a layoutreturn Umesh Nerlige Ramappa (1): drm/xe: Save CTX_TIMESTAMP mmio value instead of LRC value Vladimir Oltean (1): net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING Waiman Long (1): cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks Wayne Chang (1): phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking Wayne Lin (2): drm/amd/display: Correct the reply value when AUX write incomplete drm/amd/display: Avoid flooding unnecessary info messages Wentao Liang (1): ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() Yemike Abhilash Chandra (1): dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy Ze Huang (1): riscv: dts: sophgo: fix DMA data-width configuration for CV18xx Zhu Yanjun (2): RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem pengdonglin (2): ftrace: Fix preemption accounting for stacktrace trigger command ftrace: Fix preemption accounting for stacktrace filter command

3 months, 3 weeks

1
1
0 0

Linux 6.1.140

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.140 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm64/kernel/fpsimd.c | 6 arch/arm64/net/bpf_jit_comp.c | 12 arch/loongarch/Makefile | 2 arch/loongarch/include/asm/ptrace.h | 2 arch/riscv/include/asm/page.h | 1 arch/riscv/include/asm/pgtable.h | 2 arch/riscv/mm/init.c | 17 arch/x86/kernel/ftrace.c | 2 arch/x86/kernel/kprobes/core.c | 1 arch/x86/kernel/module.c | 9 block/bio.c | 2 drivers/acpi/pptt.c | 11 drivers/char/tpm/tpm_tis_core.h | 2 drivers/clocksource/i8253.c | 4 drivers/dma-buf/dma-resv.c | 5 drivers/dma/dmatest.c | 6 drivers/dma/idxd/init.c | 145 ++++-- drivers/dma/ti/k3-udma.c | 10 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 51 +- drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 11 drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 29 + drivers/gpu/drm/amd/amdgpu/amdgpu_virt.h | 3 drivers/gpu/drm/amd/amdgpu/mxgpu_ai.c | 2 drivers/gpu/drm/amd/amdgpu/mxgpu_nv.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c | 16 drivers/hid/hid-thrustmaster.c | 1 drivers/hid/hid-uclogic-core.c | 7 drivers/hv/channel.c | 65 -- drivers/iio/adc/ad7266.c | 2 drivers/iio/adc/ad7768-1.c | 2 drivers/iio/chemical/sps30.c | 2 drivers/infiniband/sw/rxe/rxe_cq.c | 5 drivers/net/dsa/sja1105/sja1105_main.c | 6 drivers/net/ethernet/broadcom/bnxt/bnxt.c | 10 drivers/net/ethernet/cadence/macb_main.c | 19 drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c | 3 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 4 drivers/net/ethernet/qlogic/qede/qede_main.c | 2 drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 7 drivers/net/hyperv/hyperv_net.h | 13 drivers/net/hyperv/netvsc.c | 57 ++ drivers/net/hyperv/netvsc_drv.c | 62 -- drivers/net/hyperv/rndis_filter.c | 24 - drivers/net/wireless/mediatek/mt76/dma.c | 1 drivers/nvme/host/pci.c | 4 drivers/phy/renesas/phy-rcar-gen3-usb2.c | 40 - drivers/phy/tegra/xusb.c | 8 drivers/platform/x86/amd/pmc.c | 8 drivers/platform/x86/asus-wmi.c | 3 drivers/regulator/max20086-regulator.c | 7 drivers/scsi/sd_zbc.c | 6 drivers/scsi/storvsc_drv.c | 1 drivers/spi/spi-cadence-quadspi.c | 6 drivers/spi/spi-loopback-test.c | 2 drivers/usb/typec/altmodes/displayport.c | 18 drivers/usb/typec/ucsi/displayport.c | 19 drivers/usb/typec/ucsi/ucsi.c | 34 + drivers/usb/typec/ucsi/ucsi.h | 3 drivers/usb/typec/ucsi/ucsi_ccg.c | 5 fs/binfmt_elf.c | 285 ++++++------ fs/binfmt_elf_fdpic.c | 2 fs/btrfs/discard.c | 17 fs/btrfs/extent-tree.c | 25 - fs/exec.c | 2 fs/nfs/nfs4proc.c | 9 fs/nfs/pnfs.c | 9 fs/smb/client/smb2pdu.c | 2 include/linux/bio.h | 1 include/linux/hyperv.h | 7 include/linux/tpm.h | 2 include/net/netfilter/nf_tables.h | 3 include/net/sch_generic.h | 15 include/uapi/linux/elf.h | 2 kernel/trace/trace_dynevent.c | 16 kernel/trace/trace_dynevent.h | 1 kernel/trace/trace_events_trigger.c | 2 kernel/trace/trace_functions.c | 6 kernel/trace/trace_kprobe.c | 2 kernel/trace/trace_probe.c | 9 kernel/trace/trace_uprobe.c | 2 mm/memory_hotplug.c | 6 mm/migrate.c | 8 net/ipv4/ip_output.c | 3 net/ipv4/raw.c | 3 net/ipv6/ip6_output.c | 3 net/mctp/route.c | 4 net/netfilter/nf_tables_api.c | 54 +- net/netfilter/nft_immediate.c | 2 net/sched/sch_codel.c | 2 net/sched/sch_fq.c | 2 net/sched/sch_fq_codel.c | 2 net/sched/sch_fq_pie.c | 2 net/sched/sch_hhf.c | 2 net/sched/sch_pie.c | 2 net/sctp/sysctl.c | 4 net/tls/tls_strp.c | 3 samples/ftrace/sample-trace-array.c | 2 sound/pci/es1968.c | 6 sound/sh/Kconfig | 2 sound/usb/quirks.c | 4 tools/testing/selftests/exec/Makefile | 19 tools/testing/selftests/exec/load_address.c | 83 ++- tools/testing/selftests/vm/compaction_test.c | 19 106 files changed, 938 insertions(+), 533 deletions(-) Abdun Nihaal (1): qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd() Alex Deucher (2): Revert "drm/amd: Stop evicting resources on APUs in suspend" drm/amdgpu: fix pm notifier handling Andrei Kuchynski (1): usb: typec: ucsi: displayport: Fix deadlock Andrew Jeffery (1): net: mctp: Ensure keys maintain only one ref to corresponding dev Byungchul Park (1): mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index Carolina Jubran (1): net/mlx5e: Disable MACsec offload for uplink representor profile Christian Heusel (1): ALSA: usb-audio: Add sample rate quirk for Audioengine D1 Claudiu Beznea (2): phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind phy: renesas: rcar-gen3-usb2: Set timing registers only once Cong Wang (1): net_sched: Flush gso_skb list too during ->change() Cosmin Tanislav (1): regulator: max20086: fix invalid memory access Dan Carpenter (1): usb: typec: fix potential array underflow in ucsi_ccg_sync_control() David Lechner (1): iio: chemical: sps30: use aligned_s64 for timestamp Eric Dumazet (1): sctp: add mutual exclusion in proc_sctp_do_udp_port() Eric W. Biederman (1): binfmt_elf: Support segments with 0 filesz and misaligned starts Fedor Pchelkin (1): wifi: mt76: disable napi on driver removal Feng Tang (1): selftests/mm: compaction_test: support platform with huge mount of memory Filipe Manana (2): btrfs: fix discard worker infinite loop after disabling discard btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Florian Westphal (2): netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx netfilter: nf_tables: do not defer rule destruction via call_rcu GONG Ruiqi (1): usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() Geert Uytterhoeven (2): spi: loopback-test: Do not split 1024-byte hexdumps ALSA: sh: SND_AICA should depend on SH_DMA_API Greg Kroah-Hartman (1): Linux 6.1.140 Hans de Goede (1): platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection Henry Martin (1): HID: uclogic: Add NULL check in uclogic_input_configured() Huacai Chen (2): LoongArch: Fix MAX_REG_OFFSET calculation LoongArch: Explicitly specify code model in Makefile Hyejeong Choi (1): dma-buf: insert memory barrier before updating num_fences Jeremy Linton (1): ACPI: PPTT: Fix processor subtable walk Jethro Donaldson (1): smb: client: fix memory leak during error handling for POSIX mkdir Jonathan Cameron (2): iio: adc: ad7266: Fix potential timestamp alignment issue. iio: adc: ad7768-1: Fix insufficient alignment of timestamp. Kees Cook (8): binfmt: Fix whitespace issues binfmt_elf: elf_bss no longer used by load_elf_binary() binfmt_elf: Leave a gap between .bss and brk selftests/exec: Build both static and non-static load_address tests binfmt_elf: Calculate total_size earlier binfmt_elf: Honor PT_LOAD alignment for static PIE binfmt_elf: Move brk for static PIE even if ASLR disabled nvme-pci: make nvme_pci_npages_prp() __always_inline Keith Busch (1): nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable Li Lingfeng (1): nfs: handle failure of nfs_get_lock_context in unlock path Ma Jun (1): drm/amdgpu: Fix the runtime resume failure issue Ma Ke (1): phy: Fix error handling in tegra_xusb_port_init Ma Wupeng (1): hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio Maciej S. Szmigiero (1): platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it Mario Limonciello (2): drm/amd: Stop evicting resources on APUs in suspend drm/amd: Add Suspend/Hibernate notification callback support Mark Brown (1): arm64/sme: Always exit sme_alloc() early with existing storage Masami Hiramatsu (Google) (1): tracing: probes: Fix a possible race in trace_probe_log APIs Mathieu Othacehe (1): net: cadence: macb: Fix a possible deadlock in macb_halt_tx. Michael Kelley (5): hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages hv_netvsc: Preserve contiguous PFN grouping in the page buffer array hv_netvsc: Remove rmsg_pgcnt Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges Drivers: hv: vmbus: Remove vmbus_sendpacket_pagebuffer() Michal Suchanek (1): tpm: tis: Double the timeout B to 4s Muhammad Usama Anjum (1): selftests/exec: load_address: conform test to TAP format output Nathan Chancellor (1): net: qede: Initialize qede_ll_ops with designated initializer Nathan Lynch (1): dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" Nicolas Chauvet (1): ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera Pablo Neira Ayuso (1): netfilter: nf_tables: wait for rcu grace period on net_device removal Pengtao He (1): net/tls: fix kernel panic when alloc_page failed Peter Collingbourne (1): bpf, arm64: Fix address emission with tag-based KASAN enabled Puranjay Mohan (1): bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG Qasim Ijaz (1): HID: thrustmaster: fix memory leak in thrustmaster_interrupts() RD Babiera (1): usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group Ronald Wahl (1): dmaengine: ti: k3-udma: Add missing locking Sebastian Andrzej Siewior (1): clocksource/i8253: Use raw_spinlock_irqsave() in clockevent_i8253_disable() Shigeru Yoshida (2): ipv6: Fix potential uninit-value access in __ip6_make_skb() ipv4: Fix uninit-value access in __ip_make_skb() Shravya KN (1): bnxt_en: Fix receive ring space parameters when XDP is active Shuai Xue (8): dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals dmaengine: idxd: Add missing cleanups in cleanup internals dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call dmaengine: idxd: fix memory leak in error handling path of idxd_alloc dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe Steve Siwinski (1): scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer Steven Rostedt (1): tracing: samples: Initialize trace_array_printk() with the correct function Subbaraya Sundeep (1): octeontx2-pf: macsec: Fix incorrect max transmit size in TX secy Thomas Gleixner (1): x86/modules: Set VM_FLUSH_RESET_PERMS in module_alloc() Théo Lebrun (1): spi: cadence-qspi: fix pointer reference in runtime PM hooks Trond Myklebust (1): NFSv4/pnfs: Reset the layout state after a layoutreturn Vladimir Oltean (1): net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING Wayne Lin (2): drm/amd/display: Correct the reply value when AUX write incomplete drm/amd/display: Avoid flooding unnecessary info messages Wentao Liang (1): ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() Xu Lu (1): riscv: mm: Fix the out of bound issue of vmemmap address Yemike Abhilash Chandra (1): dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy Zhigang Luo (1): drm/amdgpu: trigger flr_work if reading pf2vf data failed Zhu Yanjun (1): RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug pengdonglin (2): ftrace: Fix preemption accounting for stacktrace trigger command ftrace: Fix preemption accounting for stacktrace filter command

3 months, 3 weeks

1
1
0 0

Linux 5.15.184

by Greg Kroah-Hartman

I'm announcing the release of the 5.15.184 kernel. All users of the 5.15 kernel series must upgrade. The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-devices-system-cpu | 1 Documentation/admin-guide/hw-vuln/index.rst | 1 Documentation/admin-guide/hw-vuln/indirect-target-selection.rst | 156 ++++++ Documentation/admin-guide/kernel-parameters.txt | 15 Makefile | 2 arch/x86/Kconfig | 11 arch/x86/entry/entry_64.S | 20 arch/x86/include/asm/alternative.h | 32 + arch/x86/include/asm/cpufeatures.h | 3 arch/x86/include/asm/msr-index.h | 8 arch/x86/include/asm/nospec-branch.h | 57 +- arch/x86/kernel/alternative.c | 243 +++++++++- arch/x86/kernel/cpu/bugs.c | 139 +++++ arch/x86/kernel/cpu/common.c | 63 ++ arch/x86/kernel/ftrace.c | 4 arch/x86/kernel/kprobes/core.c | 1 arch/x86/kernel/module.c | 15 arch/x86/kernel/static_call.c | 2 arch/x86/kernel/vmlinux.lds.S | 10 arch/x86/kvm/x86.c | 4 arch/x86/lib/retpoline.S | 39 + arch/x86/net/bpf_jit_comp.c | 8 block/fops.c | 5 drivers/acpi/pptt.c | 11 drivers/base/cpu.c | 8 drivers/clocksource/i8253.c | 6 drivers/dma/dmatest.c | 6 drivers/dma/idxd/init.c | 8 drivers/dma/ti/k3-udma.c | 10 drivers/iio/adc/ad7768-1.c | 2 drivers/iio/chemical/sps30.c | 2 drivers/infiniband/sw/rxe/rxe_cq.c | 5 drivers/net/dsa/sja1105/sja1105_main.c | 6 drivers/net/ethernet/cadence/macb_main.c | 19 drivers/net/ethernet/intel/ice/ice_arfs.c | 9 drivers/net/ethernet/intel/ice/ice_lib.c | 5 drivers/net/ethernet/intel/ice/ice_main.c | 20 drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 7 drivers/net/wireless/mediatek/mt76/dma.c | 1 drivers/phy/renesas/phy-rcar-gen3-usb2.c | 7 drivers/phy/tegra/xusb.c | 8 drivers/platform/x86/asus-wmi.c | 3 drivers/spi/spi-loopback-test.c | 2 drivers/usb/typec/altmodes/displayport.c | 18 drivers/usb/typec/ucsi/displayport.c | 19 drivers/usb/typec/ucsi/ucsi.c | 34 + drivers/usb/typec/ucsi/ucsi.h | 3 drivers/usb/typec/ucsi/ucsi_ccg.c | 5 fs/btrfs/discard.c | 17 fs/btrfs/extent-tree.c | 25 - fs/btrfs/extent_io.c | 15 fs/nfs/nfs4proc.c | 9 fs/nfs/pnfs.c | 9 include/linux/cpu.h | 2 include/linux/module.h | 5 include/net/netfilter/nf_tables.h | 2 include/net/sch_generic.h | 15 kernel/trace/trace_dynevent.c | 16 kernel/trace/trace_dynevent.h | 1 kernel/trace/trace_events_trigger.c | 2 kernel/trace/trace_functions.c | 6 kernel/trace/trace_kprobe.c | 2 kernel/trace/trace_probe.c | 9 kernel/trace/trace_uprobe.c | 2 net/netfilter/nf_tables_api.c | 54 +- net/netfilter/nft_immediate.c | 2 net/sched/sch_codel.c | 2 net/sched/sch_fq.c | 2 net/sched/sch_fq_codel.c | 2 net/sched/sch_fq_pie.c | 2 net/sched/sch_hhf.c | 2 net/sched/sch_pie.c | 2 net/sctp/sysctl.c | 4 samples/ftrace/sample-trace-array.c | 2 sound/pci/es1968.c | 6 sound/sh/Kconfig | 2 sound/usb/quirks.c | 4 tools/testing/selftests/vm/compaction_test.c | 19 78 files changed, 1115 insertions(+), 190 deletions(-) Abdun Nihaal (1): qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd() Alexander Lobakin (1): ice: arfs: fix use-after-free when freeing @rx_cpu_rmap Andrei Kuchynski (1): usb: typec: ucsi: displayport: Fix deadlock Borislav Petkov (AMD) (1): x86/alternative: Optimize returns patching Christian Heusel (1): ALSA: usb-audio: Add sample rate quirk for Audioengine D1 Claudiu Beznea (1): phy: renesas: rcar-gen3-usb2: Set timing registers only once Cong Wang (1): net_sched: Flush gso_skb list too during ->change() Dan Carpenter (1): usb: typec: fix potential array underflow in ucsi_ccg_sync_control() David Lechner (1): iio: chemical: sps30: use aligned_s64 for timestamp Eric Biggers (1): x86/its: Fix build errors when CONFIG_MODULES=n Eric Dumazet (1): sctp: add mutual exclusion in proc_sctp_do_udp_port() Fedor Pchelkin (1): wifi: mt76: disable napi on driver removal Feng Tang (1): selftests/mm: compaction_test: support platform with huge mount of memory Fengnan Chang (1): block: fix direct io NOWAIT flag not work Filipe Manana (2): btrfs: fix discard worker infinite loop after disabling discard btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Florian Westphal (2): netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx netfilter: nf_tables: do not defer rule destruction via call_rcu GONG Ruiqi (1): usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() Geert Uytterhoeven (2): spi: loopback-test: Do not split 1024-byte hexdumps ALSA: sh: SND_AICA should depend on SH_DMA_API Greg Kroah-Hartman (1): Linux 5.15.184 Hans de Goede (1): platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection Jeremy Linton (1): ACPI: PPTT: Fix processor subtable walk Jonathan Cameron (1): iio: adc: ad7768-1: Fix insufficient alignment of timestamp. Josef Bacik (1): btrfs: do not clean up repair bio if submit fails Josh Poimboeuf (1): x86/alternatives: Remove faulty optimization Li Lingfeng (1): nfs: handle failure of nfs_get_lock_context in unlock path Ma Ke (1): phy: Fix error handling in tegra_xusb_port_init Masami Hiramatsu (Google) (1): tracing: probes: Fix a possible race in trace_probe_log APIs Mathieu Othacehe (1): net: cadence: macb: Fix a possible deadlock in macb_halt_tx. Nathan Lynch (1): dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" Nicolas Chauvet (1): ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera Pablo Neira Ayuso (1): netfilter: nf_tables: wait for rcu grace period on net_device removal Pawan Gupta (10): x86/speculation: Simplify and make CALL_NOSPEC consistent x86/speculation: Add a conditional CS prefix to CALL_NOSPEC x86/speculation: Remove the extra #ifdef around CALL_NOSPEC Documentation: x86/bugs/its: Add ITS documentation x86/its: Enumerate Indirect Target Selection (ITS) bug x86/its: Add support for ITS-safe indirect thunk x86/its: Add support for ITS-safe return thunk x86/its: Enable Indirect Target Selection mitigation x86/its: Add "vmexit" option to skip mitigation on some CPUs x86/its: Align RETs in BHB clear sequence to avoid thunking Peter Zijlstra (3): x86,nospec: Simplify {JMP,CALL}_NOSPEC x86/its: Use dynamic thunks for indirect branches x86/its: FineIBT-paranoid vs ITS RD Babiera (1): usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group Ronald Wahl (1): dmaengine: ti: k3-udma: Add missing locking Sebastian Andrzej Siewior (1): clocksource/i8253: Use raw_spinlock_irqsave() in clockevent_i8253_disable() Shuai Xue (2): dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups Steven Rostedt (1): tracing: samples: Initialize trace_array_printk() with the correct function Thomas Gleixner (1): x86/modules: Set VM_FLUSH_RESET_PERMS in module_alloc() Trond Myklebust (1): NFSv4/pnfs: Reset the layout state after a layoutreturn Vladimir Oltean (1): net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING Wentao Liang (1): ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() Yemike Abhilash Chandra (1): dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy Zhu Yanjun (1): RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug pengdonglin (2): ftrace: Fix preemption accounting for stacktrace trigger command ftrace: Fix preemption accounting for stacktrace filter command

3 months, 3 weeks

1
1
0 0

[PATCH 6.1 0/1] Oopses on module unload seen on 6.1.y

by Fedor Pchelkin

Hi, commit 959cadf09dbae7b304f03e039b8d8e13c529e2dd Author: Peter Zijlstra <peterz(a)infradead.org> Date: Mon Oct 14 10:05:48 2024 -0700 x86/its: Use dynamic thunks for indirect branches commit 872df34d7c51a79523820ea6a14860398c639b87 upstream. was ported at v6.1.139 and leads to kernel crashes there after module unload operations. Example trace: BUG: unable to handle page fault for address: ffff8fcb47dd4000 #PF: supervisor write access in kernel mode #PF: error_code(0x0003) - permissions violation PGD 34801067 P4D 34801067 PUD 100148063 PMD 107dd5063 PTE 8000000107dd4161 Oops: 0003 [#1] PREEMPT SMP NOPTI CPU: 3 PID: 378 Comm: modprobe Not tainted 6.1.139-01446-g753bd4a5f9a9 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 RIP: 0010:__change_page_attr_set_clr+0x49d/0x1280 Call Trace: <TASK> ? free_unref_page_prepare+0x80/0x4b0 set_direct_map_invalid_noflush+0x6e/0xa0 __vunmap+0x18c/0x3e0 __vfree+0x21/0xb0 vfree+0x2b/0x90 module_memfree+0x1b/0x50 free_module+0x17c/0x250 __do_sys_delete_module+0x337/0x4b0 __x64_sys_delete_module+0x15/0x30 x64_sys_call+0x3f9a/0x43a0 do_syscall_64+0x33/0x80 entry_SYSCALL_64_after_hwframe+0x6e/0xd8 RIP: 0033:0x7f70755c0807 </TASK> Modules linked in: dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua [last unloaded: scsi_debug] As mentioned in the blamed patch comment describing the backport adaptations: [ pawan: CONFIG_EXECMEM and CONFIG_EXECMEM_ROX are not supported on backport kernel, made changes to use module_alloc() and set_memory_*() for dynamic thunks. ] module_alloc/module_memfree in conjunction with memory protection routines were used. The allocated memory is vmalloc-based, and it ends up being ROX upon release inside its_free_mod(). Freeing of special permissioned memory in vmalloc requires its own handling. VM_FLUSH_RESET_PERMS flag was introduced for these purposes. In-kernel users dealing with the stuff had to care about this explicitly before commit 4c4eb3ecc91f ("x86/modules: Set VM_FLUSH_RESET_PERMS in module_alloc()"). More recent kernels starting from 6.2 have the commit and are not affected. So port it as a followup for ITS mitigation 6.1-series to fix the aforementioned failures. The problem concerns 5.15-series (currently in stable-queue) as well. It needs its own patch to apply cleanly. Will send it shortly, too. Found by Linux Verification Center (linuxtesting.org). Thomas Gleixner (1): x86/modules: Set VM_FLUSH_RESET_PERMS in module_alloc() arch/x86/kernel/ftrace.c | 2 -- arch/x86/kernel/kprobes/core.c | 1 - arch/x86/kernel/module.c | 9 +++++---- 3 files changed, 5 insertions(+), 7 deletions(-) -- 2.49.0

3 months, 3 weeks

2
2
0 0

[PATCH net 1/4] can: kvaser_pciefd: Force IRQ edge in case of nested IRQ

by Marc Kleine-Budde

From: Axel Forsman <axfo(a)kvaser.com> Avoid the driver missing IRQs by temporarily masking IRQs in the ISR to enforce an edge even if a different IRQ is signalled before handled IRQs are cleared. Fixes: 48f827d4f48f ("can: kvaser_pciefd: Move reset of DMA RX buffers to the end of the ISR") Cc: stable(a)vger.kernel.org Signed-off-by: Axel Forsman <axfo(a)kvaser.com> Tested-by: Jimmy Assarsson <extja(a)kvaser.com> Reviewed-by: Jimmy Assarsson <extja(a)kvaser.com> Link: https://patch.msgid.link/20250520114332.8961-2-axfo@kvaser.com Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> --- drivers/net/can/kvaser_pciefd.c | 83 ++++++++++++++++----------------- 1 file changed, 39 insertions(+), 44 deletions(-) diff --git a/drivers/net/can/kvaser_pciefd.c b/drivers/net/can/kvaser_pciefd.c index cf0d51805272..9cc9176c2058 100644 --- a/drivers/net/can/kvaser_pciefd.c +++ b/drivers/net/can/kvaser_pciefd.c @@ -1646,24 +1646,28 @@ static int kvaser_pciefd_read_buffer(struct kvaser_pciefd *pcie, int dma_buf) return res; } -static u32 kvaser_pciefd_receive_irq(struct kvaser_pciefd *pcie) +static void kvaser_pciefd_receive_irq(struct kvaser_pciefd *pcie) { + void __iomem *srb_cmd_reg = KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_CMD_REG; u32 irq = ioread32(KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_IRQ_REG); - if (irq & KVASER_PCIEFD_SRB_IRQ_DPD0) - kvaser_pciefd_read_buffer(pcie, 0); + iowrite32(irq, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_IRQ_REG); - if (irq & KVASER_PCIEFD_SRB_IRQ_DPD1) + if (irq & KVASER_PCIEFD_SRB_IRQ_DPD0) { + kvaser_pciefd_read_buffer(pcie, 0); + iowrite32(KVASER_PCIEFD_SRB_CMD_RDB0, srb_cmd_reg); /* Rearm buffer */ + } + + if (irq & KVASER_PCIEFD_SRB_IRQ_DPD1) { kvaser_pciefd_read_buffer(pcie, 1); + iowrite32(KVASER_PCIEFD_SRB_CMD_RDB1, srb_cmd_reg); /* Rearm buffer */ + } if (unlikely(irq & KVASER_PCIEFD_SRB_IRQ_DOF0 || irq & KVASER_PCIEFD_SRB_IRQ_DOF1 || irq & KVASER_PCIEFD_SRB_IRQ_DUF0 || irq & KVASER_PCIEFD_SRB_IRQ_DUF1)) dev_err(&pcie->pci->dev, "DMA IRQ error 0x%08X\n", irq); - - iowrite32(irq, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_IRQ_REG); - return irq; } static void kvaser_pciefd_transmit_irq(struct kvaser_pciefd_can *can) @@ -1691,29 +1695,22 @@ static irqreturn_t kvaser_pciefd_irq_handler(int irq, void *dev) struct kvaser_pciefd *pcie = (struct kvaser_pciefd *)dev; const struct kvaser_pciefd_irq_mask *irq_mask = pcie->driver_data->irq_mask; u32 pci_irq = ioread32(KVASER_PCIEFD_PCI_IRQ_ADDR(pcie)); - u32 srb_irq = 0; - u32 srb_release = 0; int i; if (!(pci_irq & irq_mask->all)) return IRQ_NONE; + iowrite32(0, KVASER_PCIEFD_PCI_IEN_ADDR(pcie)); + if (pci_irq & irq_mask->kcan_rx0) - srb_irq = kvaser_pciefd_receive_irq(pcie); + kvaser_pciefd_receive_irq(pcie); for (i = 0; i < pcie->nr_channels; i++) { if (pci_irq & irq_mask->kcan_tx[i]) kvaser_pciefd_transmit_irq(pcie->can[i]); } - if (srb_irq & KVASER_PCIEFD_SRB_IRQ_DPD0) - srb_release |= KVASER_PCIEFD_SRB_CMD_RDB0; - - if (srb_irq & KVASER_PCIEFD_SRB_IRQ_DPD1) - srb_release |= KVASER_PCIEFD_SRB_CMD_RDB1; - - if (srb_release) - iowrite32(srb_release, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_CMD_REG); + iowrite32(irq_mask->all, KVASER_PCIEFD_PCI_IEN_ADDR(pcie)); return IRQ_HANDLED; } @@ -1733,13 +1730,22 @@ static void kvaser_pciefd_teardown_can_ctrls(struct kvaser_pciefd *pcie) } } +static void kvaser_pciefd_disable_irq_srcs(struct kvaser_pciefd *pcie) +{ + unsigned int i; + + /* Masking PCI_IRQ is insufficient as running ISR will unmask it */ + iowrite32(0, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_IEN_REG); + for (i = 0; i < pcie->nr_channels; ++i) + iowrite32(0, pcie->can[i]->reg_base + KVASER_PCIEFD_KCAN_IEN_REG); +} + static int kvaser_pciefd_probe(struct pci_dev *pdev, const struct pci_device_id *id) { int ret; struct kvaser_pciefd *pcie; const struct kvaser_pciefd_irq_mask *irq_mask; - void __iomem *irq_en_base; pcie = devm_kzalloc(&pdev->dev, sizeof(*pcie), GFP_KERNEL); if (!pcie) @@ -1805,8 +1811,7 @@ static int kvaser_pciefd_probe(struct pci_dev *pdev, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_IEN_REG); /* Enable PCI interrupts */ - irq_en_base = KVASER_PCIEFD_PCI_IEN_ADDR(pcie); - iowrite32(irq_mask->all, irq_en_base); + iowrite32(irq_mask->all, KVASER_PCIEFD_PCI_IEN_ADDR(pcie)); /* Ready the DMA buffers */ iowrite32(KVASER_PCIEFD_SRB_CMD_RDB0, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_CMD_REG); @@ -1820,8 +1825,7 @@ static int kvaser_pciefd_probe(struct pci_dev *pdev, return 0; err_free_irq: - /* Disable PCI interrupts */ - iowrite32(0, irq_en_base); + kvaser_pciefd_disable_irq_srcs(pcie); free_irq(pcie->pci->irq, pcie); err_pci_free_irq_vectors: @@ -1844,35 +1848,26 @@ static int kvaser_pciefd_probe(struct pci_dev *pdev, return ret; } -static void kvaser_pciefd_remove_all_ctrls(struct kvaser_pciefd *pcie) -{ - int i; - - for (i = 0; i < pcie->nr_channels; i++) { - struct kvaser_pciefd_can *can = pcie->can[i]; - - if (can) { - iowrite32(0, can->reg_base + KVASER_PCIEFD_KCAN_IEN_REG); - unregister_candev(can->can.dev); - timer_delete(&can->bec_poll_timer); - kvaser_pciefd_pwm_stop(can); - free_candev(can->can.dev); - } - } -} - static void kvaser_pciefd_remove(struct pci_dev *pdev) { struct kvaser_pciefd *pcie = pci_get_drvdata(pdev); + unsigned int i; - kvaser_pciefd_remove_all_ctrls(pcie); + for (i = 0; i < pcie->nr_channels; ++i) { + struct kvaser_pciefd_can *can = pcie->can[i]; - /* Disable interrupts */ - iowrite32(0, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_CTRL_REG); - iowrite32(0, KVASER_PCIEFD_PCI_IEN_ADDR(pcie)); + unregister_candev(can->can.dev); + timer_delete(&can->bec_poll_timer); + kvaser_pciefd_pwm_stop(can); + } + kvaser_pciefd_disable_irq_srcs(pcie); free_irq(pcie->pci->irq, pcie); pci_free_irq_vectors(pcie->pci); + + for (i = 0; i < pcie->nr_channels; ++i) + free_candev(pcie->can[i]->can.dev); + pci_iounmap(pdev, pcie->reg_base); pci_release_regions(pdev); pci_disable_device(pdev); base-commit: 9e89db3d847f2d66d2799c5533d00aebee2be4d1 -- 2.47.2

3 months, 3 weeks

2
1
0 0

[PATCH v2 1/2] drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1

by Ville Syrjala

From: Ville Syrjälä <ville.syrjala(a)linux.intel.com> The intel-media-driver is currently broken on DG1 because it uses EXEC_CAPTURE with recovarable contexts. Relax the check to allow that. I've also submitted a fix for the intel-media-driver: https://github.com/intel/media-driver/pull/1920 Cc: stable(a)vger.kernel.org Cc: Matthew Auld <matthew.auld(a)intel.com> Cc: Thomas Hellström <thomas.hellstrom(a)linux.intel.com> Testcase: igt/gem_exec_capture/capture-invisible Fixes: 71b1669ea9bd ("drm/i915/uapi: tweak error capture on recoverable contexts") Reviewed-by: Andi Shyti <andi.shyti(a)linux.intel.com> Signed-off-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> --- drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c index ca7e9216934a..ea9d5063ce78 100644 --- a/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c +++ b/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c @@ -2013,7 +2013,7 @@ static int eb_capture_stage(struct i915_execbuffer *eb) continue; if (i915_gem_context_is_recoverable(eb->gem_context) && - (IS_DGFX(eb->i915) || GRAPHICS_VER_FULL(eb->i915) > IP_VER(12, 0))) + GRAPHICS_VER_FULL(eb->i915) > IP_VER(12, 10)) return -EINVAL; for_each_batch_create_order(eb, j) { -- 2.49.0

3 months, 3 weeks

4
4
0 0

[PATCH v3] usb: hub: lack of clearing xHC resources

by Pawel Laszczak

The xHC resources allocated for USB devices are not released in correct order after resuming in case when while suspend device was reconnected. This issue has been detected during the fallowing scenario: - connect hub HS to root port - connect LS/FS device to hub port - wait for enumeration to finish - force host to suspend - reconnect hub attached to root port - wake host For this scenario during enumeration of USB LS/FS device the Cadence xHC reports completion error code for xHC commands because the xHC resources used for devices has not been properly released. XHCI specification doesn't mention that device can be reset in any order so, we should not treat this issue as Cadence xHC controller bug. Similar as during disconnecting in this case the device resources should be cleared starting form the last usb device in tree toward the root hub. To fix this issue usbcore driver should call hcd->driver->reset_device for all USB devices connected to hub which was reconnected while suspending. Fixes: 3d82904559f4 ("usb: cdnsp: cdns3 Add main part of Cadence USBSSP DRD Driver") cc: <stable(a)vger.kernel.org> Signed-off-by: Pawel Laszczak <pawell(a)cadence.com> --- Changelog: v3: - Changed patch title - Corrected typo - Moved hub_hc_release_resources above mutex_lock(hcd->address0_mutex) v2: - Replaced disconnection procedure with releasing only the xHC resources drivers/usb/core/hub.c | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c index a76bb50b6202..dcba4281ea48 100644 --- a/drivers/usb/core/hub.c +++ b/drivers/usb/core/hub.c @@ -6065,6 +6065,36 @@ void usb_hub_cleanup(void) usb_deregister(&hub_driver); } /* usb_hub_cleanup() */ +/** + * hub_hc_release_resources - clear resources used by host controller + * @udev: pointer to device being released + * + * Context: task context, might sleep + * + * Function releases the host controller resources in correct order before + * making any operation on resuming usb device. The host controller resources + * allocated for devices in tree should be released starting from the last + * usb device in tree toward the root hub. This function is used only during + * resuming device when usb device require reinitialization – that is, when + * flag udev->reset_resume is set. + * + * This call is synchronous, and may not be used in an interrupt context. + */ +static void hub_hc_release_resources(struct usb_device *udev) +{ + struct usb_hub *hub = usb_hub_to_struct_hub(udev); + struct usb_hcd *hcd = bus_to_hcd(udev->bus); + int i; + + /* Release up resources for all children before this device */ + for (i = 0; i < udev->maxchild; i++) + if (hub->ports[i]->child) + hub_hc_release_resources(hub->ports[i]->child); + + if (hcd->driver->reset_device) + hcd->driver->reset_device(hcd, udev); +} + /** * usb_reset_and_verify_device - perform a USB port reset to reinitialize a device * @udev: device to reset (not in SUSPENDED or NOTATTACHED state) @@ -6129,6 +6159,9 @@ static int usb_reset_and_verify_device(struct usb_device *udev) bos = udev->bos; udev->bos = NULL; + if (udev->reset_resume) + hub_hc_release_resources(udev); + mutex_lock(hcd->address0_mutex); for (i = 0; i < PORT_INIT_TRIES; ++i) { -- 2.43.0

3 months, 3 weeks

4
5
0 0

[PATCH 3/4 v3] crypto: octeontx2: Fix address alignment on CN10K A0/A1 and OcteonTX2

by Bharat Bhushan

octeontx2 crypto driver allocates memory using kmalloc/kzalloc, and uses this memory for dma (does dma_map_single()). It assumes that kmalloc/kzalloc will return 128-byte aligned address. But kmalloc/kzalloc returns 8-byte aligned address after below changes: "9382bc44b5f5 arm64: allow kmalloc() caches aligned to the smaller cache_line_size() Memory allocated are used for following purpose: - Input data or scatter list address - 8-Byte alignment - Output data or gather list address - 8-Byte alignment - Completion address - 32-Byte alignment. This patch ensures all addresses are aligned as mentioned above. Signed-off-by: Bharat Bhushan <bbhushan2(a)marvell.com> Cc: <stable(a)vger.kernel.org> #v6.5+ --- v2->v3: - Align DMA memory to ARCH_DMA_MINALIGN as that is mapped as bidirectional v1->v2: - Fixed memory padding size calculation as per review comment .../marvell/octeontx2/otx2_cpt_reqmgr.h | 63 ++++++++++++++----- 1 file changed, 48 insertions(+), 15 deletions(-) diff --git a/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h b/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h index e27e849b01df..204a31755710 100644 --- a/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h +++ b/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h @@ -34,6 +34,9 @@ #define SG_COMP_2 2 #define SG_COMP_1 1 +#define OTX2_CPT_DPTR_RPTR_ALIGN 8 +#define OTX2_CPT_RES_ADDR_ALIGN 32 + union otx2_cpt_opcode { u16 flags; struct { @@ -417,10 +420,9 @@ static inline struct otx2_cpt_inst_info * otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, gfp_t gfp) { - int align = OTX2_CPT_DMA_MINALIGN; struct otx2_cpt_inst_info *info; - u32 dlen, align_dlen, info_len; - u16 g_sz_bytes, s_sz_bytes; + u32 dlen, info_len; + u16 g_len, s_len; u32 total_mem_len; if (unlikely(req->in_cnt > OTX2_CPT_MAX_SG_IN_CNT || @@ -429,22 +431,51 @@ otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, return NULL; } - g_sz_bytes = ((req->in_cnt + 3) / 4) * - sizeof(struct otx2_cpt_sglist_component); - s_sz_bytes = ((req->out_cnt + 3) / 4) * - sizeof(struct otx2_cpt_sglist_component); + /* Allocate memory to meet below alignment requirement: + * ---------------------------------- + * | struct otx2_cpt_inst_info | + * | (No alignment required) | + * | -----------------------------| + * | | padding for 8B alignment | + * |----------------------------------| + * | SG List Gather/Input memory | + * | Length = multiple of 32Bytes | + * | Alignment = 8Byte | + * |----------------------------------| + * | SG List Scatter/Output memory | + * | Length = multiple of 32Bytes | + * | Alignment = 8Byte | + * | (padding for below alignment) | + * | -----------------------------| + * | | padding for 32B alignment | + * |----------------------------------| + * | Result response memory | + * ---------------------------------- + */ - dlen = g_sz_bytes + s_sz_bytes + SG_LIST_HDR_SIZE; - align_dlen = ALIGN(dlen, align); - info_len = ALIGN(sizeof(*info), align); - total_mem_len = align_dlen + info_len + sizeof(union otx2_cpt_res_s); + info_len = sizeof(*info); + + g_len = ((req->in_cnt + 3) / 4) * + sizeof(struct otx2_cpt_sglist_component); + s_len = ((req->out_cnt + 3) / 4) * + sizeof(struct otx2_cpt_sglist_component); + + dlen = g_len + s_len + SG_LIST_HDR_SIZE; + + /* Allocate extra memory for SG and response address alignment */ + total_mem_len = ALIGN(info_len, ARCH_DMA_MINALIGN) + dlen; + total_mem_len = ALIGN(total_mem_len, OTX2_CPT_DPTR_RPTR_ALIGN); + total_mem_len += (OTX2_CPT_RES_ADDR_ALIGN - 1) & + ~(OTX2_CPT_DPTR_RPTR_ALIGN - 1); + total_mem_len += sizeof(union otx2_cpt_res_s); info = kzalloc(total_mem_len, gfp); if (unlikely(!info)) return NULL; info->dlen = dlen; - info->in_buffer = (u8 *)info + info_len; + info->in_buffer = PTR_ALIGN((u8 *)info + info_len, ARCH_DMA_MINALIGN); + info->out_buffer = info->in_buffer + SG_LIST_HDR_SIZE + g_len; ((u16 *)info->in_buffer)[0] = req->out_cnt; ((u16 *)info->in_buffer)[1] = req->in_cnt; @@ -460,7 +491,7 @@ otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, } if (setup_sgio_components(pdev, req->out, req->out_cnt, - &info->in_buffer[8 + g_sz_bytes])) { + info->out_buffer)) { dev_err(&pdev->dev, "Failed to setup scatter list\n"); goto destroy_info; } @@ -476,8 +507,10 @@ otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, * Get buffer for union otx2_cpt_res_s response * structure and its physical address */ - info->completion_addr = info->in_buffer + align_dlen; - info->comp_baddr = info->dptr_baddr + align_dlen; + info->completion_addr = PTR_ALIGN((info->in_buffer + dlen), + OTX2_CPT_RES_ADDR_ALIGN); + info->comp_baddr = ALIGN((info->dptr_baddr + dlen), + OTX2_CPT_RES_ADDR_ALIGN); return info; -- 2.34.1

3 months, 3 weeks

3
2
0 0

[PATCH 4/4 v4] crypto: octeontx2: Fix address alignment on CN10KB and CN10KA-B0

by Bharat Bhushan

octeontx2 crypto driver allocates memory using kmalloc/kzalloc, and uses this memory for dma (does dma_map_single()). It assumes that kmalloc/kzalloc will return 128-byte aligned address. But kmalloc/kzalloc returns 8-byte aligned address after below changes: "9382bc44b5f5 arm64: allow kmalloc() caches aligned to the smaller cache_line_size() Memory allocated are used for following purpose: - Input data or scatter list address - 8-Byte alignment - Output data or gather list address - 8-Byte alignment - Completion address - 32-Byte alignment. This patch ensures all addresses are aligned as mentioned above. Signed-off-by: Bharat Bhushan <bbhushan2(a)marvell.com> Cc: <stable(a)vger.kernel.org> # v6.8+ --- v3->v4: - Again fixed memory size calculation as per review comment v2->v3: - Align DMA memory to ARCH_DMA_MINALIGN as that is mapped as bidirectional v1->v2: - Fixed memory padding size calculation as per review comment .../marvell/octeontx2/otx2_cpt_reqmgr.h | 59 ++++++++++++++----- 1 file changed, 44 insertions(+), 15 deletions(-) diff --git a/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h b/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h index 98de93851ba1..90a031421aac 100644 --- a/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h +++ b/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h @@ -350,22 +350,48 @@ static inline struct otx2_cpt_inst_info * cn10k_sgv2_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, gfp_t gfp) { - u32 dlen = 0, g_len, sg_len, info_len; - int align = OTX2_CPT_DMA_MINALIGN; + u32 dlen = 0, g_len, s_len, sg_len, info_len; struct otx2_cpt_inst_info *info; - u16 g_sz_bytes, s_sz_bytes; u32 total_mem_len; int i; - g_sz_bytes = ((req->in_cnt + 2) / 3) * - sizeof(struct cn10kb_cpt_sglist_component); - s_sz_bytes = ((req->out_cnt + 2) / 3) * - sizeof(struct cn10kb_cpt_sglist_component); + /* Allocate memory to meet below alignment requirement: + * ------------------------------------ + * | struct otx2_cpt_inst_info | + * | (No alignment required) | + * | --------------------------------| + * | | padding for ARCH_DMA_MINALIGN | + * | | alignment | + * |------------------------------------| + * | SG List Gather/Input memory | + * | Length = multiple of 32Bytes | + * | Alignment = 8Byte | + * |---------------------------------- | + * | SG List Scatter/Output memory | + * | Length = multiple of 32Bytes | + * | Alignment = 8Byte | + * | -------------------------------| + * | | padding for 32B alignment | + * |------------------------------------| + * | Result response memory | + * | Alignment = 32Byte | + * ------------------------------------ + */ + + info_len = sizeof(*info); + + g_len = ((req->in_cnt + 2) / 3) * + sizeof(struct cn10kb_cpt_sglist_component); + s_len = ((req->out_cnt + 2) / 3) * + sizeof(struct cn10kb_cpt_sglist_component); + sg_len = g_len + s_len; - g_len = ALIGN(g_sz_bytes, align); - sg_len = ALIGN(g_len + s_sz_bytes, align); - info_len = ALIGN(sizeof(*info), align); - total_mem_len = sg_len + info_len + sizeof(union otx2_cpt_res_s); + /* Allocate extra memory for SG and response address alignment */ + total_mem_len = ALIGN(info_len, OTX2_CPT_DPTR_RPTR_ALIGN); + total_mem_len += (ARCH_DMA_MINALIGN - 1) & + ~(OTX2_CPT_DPTR_RPTR_ALIGN - 1); + total_mem_len += ALIGN(sg_len, OTX2_CPT_RES_ADDR_ALIGN); + total_mem_len += sizeof(union otx2_cpt_res_s); info = kzalloc(total_mem_len, gfp); if (unlikely(!info)) @@ -375,7 +401,8 @@ cn10k_sgv2_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, dlen += req->in[i].size; info->dlen = dlen; - info->in_buffer = (u8 *)info + info_len; + info->in_buffer = PTR_ALIGN((u8 *)info + info_len, ARCH_DMA_MINALIGN); + info->out_buffer = info->in_buffer + g_len; info->gthr_sz = req->in_cnt; info->sctr_sz = req->out_cnt; @@ -387,7 +414,7 @@ cn10k_sgv2_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, } if (sgv2io_components_setup(pdev, req->out, req->out_cnt, - &info->in_buffer[g_len])) { + info->out_buffer)) { dev_err(&pdev->dev, "Failed to setup scatter list\n"); goto destroy_info; } @@ -404,8 +431,10 @@ cn10k_sgv2_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, * Get buffer for union otx2_cpt_res_s response * structure and its physical address */ - info->completion_addr = info->in_buffer + sg_len; - info->comp_baddr = info->dptr_baddr + sg_len; + info->completion_addr = PTR_ALIGN((info->in_buffer + sg_len), + OTX2_CPT_RES_ADDR_ALIGN); + info->comp_baddr = ALIGN((info->dptr_baddr + sg_len), + OTX2_CPT_RES_ADDR_ALIGN); return info; -- 2.34.1

3 months, 3 weeks

1
0
0 0

[PATCH 3/4 v4] crypto: octeontx2: Fix address alignment on CN10K A0/A1 and OcteonTX2

by Bharat Bhushan

octeontx2 crypto driver allocates memory using kmalloc/kzalloc, and uses this memory for dma (does dma_map_single()). It assumes that kmalloc/kzalloc will return 128-byte aligned address. But kmalloc/kzalloc returns 8-byte aligned address after below changes: "9382bc44b5f5 arm64: allow kmalloc() caches aligned to the smaller cache_line_size() Memory allocated are used for following purpose: - Input data or scatter list address - 8-Byte alignment - Output data or gather list address - 8-Byte alignment - Completion address - 32-Byte alignment. This patch ensures all addresses are aligned as mentioned above. Signed-off-by: Bharat Bhushan <bbhushan2(a)marvell.com> Cc: <stable(a)vger.kernel.org> # v6.5+ --- v3->v4: - Again fixed memory size calculation as per review comment v2->v3: - Align DMA memory to ARCH_DMA_MINALIGN as that is mapped as bidirectional v1->v2: - Fixed memory padding size calculation as per review comment .../marvell/octeontx2/otx2_cpt_reqmgr.h | 66 ++++++++++++++----- 1 file changed, 51 insertions(+), 15 deletions(-) diff --git a/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h b/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h index e27e849b01df..98de93851ba1 100644 --- a/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h +++ b/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h @@ -34,6 +34,9 @@ #define SG_COMP_2 2 #define SG_COMP_1 1 +#define OTX2_CPT_DPTR_RPTR_ALIGN 8 +#define OTX2_CPT_RES_ADDR_ALIGN 32 + union otx2_cpt_opcode { u16 flags; struct { @@ -417,10 +420,9 @@ static inline struct otx2_cpt_inst_info * otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, gfp_t gfp) { - int align = OTX2_CPT_DMA_MINALIGN; struct otx2_cpt_inst_info *info; - u32 dlen, align_dlen, info_len; - u16 g_sz_bytes, s_sz_bytes; + u32 dlen, info_len; + u16 g_len, s_len; u32 total_mem_len; if (unlikely(req->in_cnt > OTX2_CPT_MAX_SG_IN_CNT || @@ -429,22 +431,54 @@ otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, return NULL; } - g_sz_bytes = ((req->in_cnt + 3) / 4) * - sizeof(struct otx2_cpt_sglist_component); - s_sz_bytes = ((req->out_cnt + 3) / 4) * - sizeof(struct otx2_cpt_sglist_component); + /* Allocate memory to meet below alignment requirement: + * ------------------------------------ + * | struct otx2_cpt_inst_info | + * | (No alignment required) | + * | --------------------------------| + * | | padding for ARCH_DMA_MINALIGN | + * | | alignment | + * |------------------------------------| + * | SG List Header of 8 Byte | + * |------------------------------------| + * | SG List Gather/Input memory | + * | Length = multiple of 32Bytes | + * | Alignment = 8Byte | + * |---------------------------------- | + * | SG List Scatter/Output memory | + * | Length = multiple of 32Bytes | + * | Alignment = 8Byte | + * | -------------------------------| + * | | padding for 32B alignment | + * |------------------------------------| + * | Result response memory | + * | Alignment = 32Byte | + * ------------------------------------ + */ - dlen = g_sz_bytes + s_sz_bytes + SG_LIST_HDR_SIZE; - align_dlen = ALIGN(dlen, align); - info_len = ALIGN(sizeof(*info), align); - total_mem_len = align_dlen + info_len + sizeof(union otx2_cpt_res_s); + info_len = sizeof(*info); + + g_len = ((req->in_cnt + 3) / 4) * + sizeof(struct otx2_cpt_sglist_component); + s_len = ((req->out_cnt + 3) / 4) * + sizeof(struct otx2_cpt_sglist_component); + + dlen = g_len + s_len + SG_LIST_HDR_SIZE; + + /* Allocate extra memory for SG and response address alignment */ + total_mem_len = ALIGN(info_len, OTX2_CPT_DPTR_RPTR_ALIGN); + total_mem_len += (ARCH_DMA_MINALIGN - 1) & + ~(OTX2_CPT_DPTR_RPTR_ALIGN - 1); + total_mem_len += ALIGN(dlen, OTX2_CPT_RES_ADDR_ALIGN); + total_mem_len += sizeof(union otx2_cpt_res_s); info = kzalloc(total_mem_len, gfp); if (unlikely(!info)) return NULL; info->dlen = dlen; - info->in_buffer = (u8 *)info + info_len; + info->in_buffer = PTR_ALIGN((u8 *)info + info_len, ARCH_DMA_MINALIGN); + info->out_buffer = info->in_buffer + SG_LIST_HDR_SIZE + g_len; ((u16 *)info->in_buffer)[0] = req->out_cnt; ((u16 *)info->in_buffer)[1] = req->in_cnt; @@ -460,7 +494,7 @@ otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, } if (setup_sgio_components(pdev, req->out, req->out_cnt, - &info->in_buffer[8 + g_sz_bytes])) { + info->out_buffer)) { dev_err(&pdev->dev, "Failed to setup scatter list\n"); goto destroy_info; } @@ -476,8 +510,10 @@ otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, * Get buffer for union otx2_cpt_res_s response * structure and its physical address */ - info->completion_addr = info->in_buffer + align_dlen; - info->comp_baddr = info->dptr_baddr + align_dlen; + info->completion_addr = PTR_ALIGN((info->in_buffer + dlen), + OTX2_CPT_RES_ADDR_ALIGN); + info->comp_baddr = ALIGN((info->dptr_baddr + dlen), + OTX2_CPT_RES_ADDR_ALIGN); return info; -- 2.34.1

3 months, 3 weeks

1
0
0 0

[PATCH 2/4 v4] crypto: octeontx2: Fix address alignment issue on ucode loading

by Bharat Bhushan

octeontx2 crypto driver allocates memory using kmalloc/kzalloc, and uses this memory for dma (does dma_map_single()). It assumes that kmalloc/kzalloc will return 128-byte aligned address. But kmalloc/kzalloc returns 8-byte aligned address after below changes: "9382bc44b5f5 arm64: allow kmalloc() caches aligned to the smaller cache_line_size()" Completion address should be 32-Byte alignment when loading microcode. Signed-off-by: Bharat Bhushan <bbhushan2(a)marvell.com> Cc: <stable(a)vger.kernel.org> # v6.5+ --- v2->v3: - Align DMA memory to ARCH_DMA_MINALIGN as that is mapped as bidirectional .../marvell/octeontx2/otx2_cptpf_ucode.c | 35 +++++++++++-------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c b/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c index 3a818ac89295..88f0f72a4462 100644 --- a/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c +++ b/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c @@ -1491,12 +1491,13 @@ int otx2_cpt_discover_eng_capabilities(struct otx2_cptpf_dev *cptpf) union otx2_cpt_opcode opcode; union otx2_cpt_res_s *result; union otx2_cpt_inst_s inst; + dma_addr_t result_baddr; dma_addr_t rptr_baddr; struct pci_dev *pdev; - u32 len, compl_rlen; int timeout = 10000; + void *base, *rptr; int ret, etype; - void *rptr; + u32 len; /* * We don't get capabilities if it was already done @@ -1521,22 +1522,28 @@ int otx2_cpt_discover_eng_capabilities(struct otx2_cptpf_dev *cptpf) if (ret) goto delete_grps; - compl_rlen = ALIGN(sizeof(union otx2_cpt_res_s), OTX2_CPT_DMA_MINALIGN); - len = compl_rlen + LOADFVC_RLEN; + /* Allocate extra memory for "rptr" and "result" pointer alignment */ + len = LOADFVC_RLEN + ARCH_DMA_MINALIGN + + sizeof(union otx2_cpt_res_s) + OTX2_CPT_RES_ADDR_ALIGN; - result = kzalloc(len, GFP_KERNEL); - if (!result) { + base = kzalloc(len, GFP_KERNEL); + if (!base) { ret = -ENOMEM; goto lf_cleanup; } - rptr_baddr = dma_map_single(&pdev->dev, (void *)result, len, - DMA_BIDIRECTIONAL); + + rptr = PTR_ALIGN(base, ARCH_DMA_MINALIGN); + rptr_baddr = dma_map_single(&pdev->dev, rptr, len, DMA_BIDIRECTIONAL); if (dma_mapping_error(&pdev->dev, rptr_baddr)) { dev_err(&pdev->dev, "DMA mapping failed\n"); ret = -EFAULT; - goto free_result; + goto free_rptr; } - rptr = (u8 *)result + compl_rlen; + + result = (union otx2_cpt_res_s *)PTR_ALIGN(rptr + LOADFVC_RLEN, + OTX2_CPT_RES_ADDR_ALIGN); + result_baddr = ALIGN(rptr_baddr + LOADFVC_RLEN, + OTX2_CPT_RES_ADDR_ALIGN); /* Fill in the command */ opcode.s.major = LOADFVC_MAJOR_OP; @@ -1548,14 +1555,14 @@ int otx2_cpt_discover_eng_capabilities(struct otx2_cptpf_dev *cptpf) /* 64-bit swap for microcode data reads, not needed for addresses */ cpu_to_be64s(&iq_cmd.cmd.u); iq_cmd.dptr = 0; - iq_cmd.rptr = rptr_baddr + compl_rlen; + iq_cmd.rptr = rptr_baddr; iq_cmd.cptr.u = 0; for (etype = 1; etype < OTX2_CPT_MAX_ENG_TYPES; etype++) { result->s.compcode = OTX2_CPT_COMPLETION_CODE_INIT; iq_cmd.cptr.s.grp = otx2_cpt_get_eng_grp(&cptpf->eng_grps, etype); - otx2_cpt_fill_inst(&inst, &iq_cmd, rptr_baddr); + otx2_cpt_fill_inst(&inst, &iq_cmd, result_baddr); lfs->ops->send_cmd(&inst, 1, &cptpf->lfs.lf[0]); timeout = 10000; @@ -1578,8 +1585,8 @@ int otx2_cpt_discover_eng_capabilities(struct otx2_cptpf_dev *cptpf) error_no_response: dma_unmap_single(&pdev->dev, rptr_baddr, len, DMA_BIDIRECTIONAL); -free_result: - kfree(result); +free_rptr: + kfree(base); lf_cleanup: otx2_cptlf_shutdown(lfs); delete_grps: -- 2.34.1

3 months, 3 weeks

1
0
0 0

[PATCH] objtool/rust: relax slice condition to cover more `noreturn` Rust functions

by Miguel Ojeda

Developers are indeed hitting other of the `noreturn` slice symbols in Nova [1], thus relax the last check in the list so that we catch all of them, i.e. *_4core5slice5index22slice_index_order_fail *_4core5slice5index24slice_end_index_len_fail *_4core5slice5index26slice_start_index_len_fail *_4core5slice5index29slice_end_index_overflow_fail *_4core5slice5index31slice_start_index_overflow_fail These all exist since at least Rust 1.78.0, thus backport it too. See commit 56d680dd23c3 ("objtool/rust: list `noreturn` Rust functions") for more details. Cc: stable(a)vger.kernel.org # Needed in 6.12.y and later. Cc: John Hubbard <jhubbard(a)nvidia.com> Cc: Timur Tabi <ttabi(a)nvidia.com> Cc: Kane York <kanepyork(a)gmail.com> Cc: Josh Poimboeuf <jpoimboe(a)kernel.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Reported-by: Joel Fernandes <joelagnelf(a)nvidia.com> Link: https://lore.kernel.org/rust-for-linux/20250513180757.GA1295002@joelnvbox/ [1] Signed-off-by: Miguel Ojeda <ojeda(a)kernel.org> --- I tested it with the Timur's `alex` branch, but a Tested-by is appreciated. Thanks! tools/objtool/check.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/objtool/check.c b/tools/objtool/check.c index b21b12ec88d9..f23bdda737aa 100644 --- a/tools/objtool/check.c +++ b/tools/objtool/check.c @@ -230,7 +230,8 @@ static bool is_rust_noreturn(const struct symbol *func) str_ends_with(func->name, "_7___rustc17rust_begin_unwind") || strstr(func->name, "_4core9panicking13assert_failed") || strstr(func->name, "_4core9panicking11panic_const24panic_const_") || - (strstr(func->name, "_4core5slice5index24slice_") && + (strstr(func->name, "_4core5slice5index") && + strstr(func->name, "slice_") && str_ends_with(func->name, "_fail")); } base-commit: a5806cd506af5a7c19bcd596e4708b5c464bfd21 -- 2.49.0

3 months, 3 weeks

3
2
0 0

[PATCH 5.10.y/5.15.y] ELF: fix kernel.randomize_va_space double read

by Feng Liu

From: Alexey Dobriyan <adobriyan(a)gmail.com> [ Upstream commit 2a97388a807b6ab5538aa8f8537b2463c6988bd2 ] ELF loader uses "randomize_va_space" twice. It is sysctl and can change at any moment, so 2 loads could see 2 different values in theory with unpredictable consequences. Issue exactly one load for consistent value across one exec. Signed-off-by: Alexey Dobriyan <adobriyan(a)gmail.com> Link: https://lore.kernel.org/r/3329905c-7eb8-400a-8f0a-d87cff979b5b@p183 Signed-off-by: Kees Cook <kees(a)kernel.org> Signed-off-by: Feng Liu <Feng.Liu3(a)windriver.com> Signed-off-by: He Zhe <Zhe.He(a)windriver.com> --- Verified the build test. --- fs/binfmt_elf.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index 11dc833ca2c4..a1f0dff2f818 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -1008,7 +1008,8 @@ static int load_elf_binary(struct linux_binprm *bprm) if (elf_read_implies_exec(*elf_ex, executable_stack)) current->personality |= READ_IMPLIES_EXEC; - if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space) + const int snapshot_randomize_va_space = READ_ONCE(randomize_va_space); + if (!(current->personality & ADDR_NO_RANDOMIZE) && snapshot_randomize_va_space) current->flags |= PF_RANDOMIZE; setup_new_exec(bprm); @@ -1278,7 +1279,7 @@ static int load_elf_binary(struct linux_binprm *bprm) mm->end_data = end_data; mm->start_stack = bprm->p; - if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1)) { + if ((current->flags & PF_RANDOMIZE) && (snapshot_randomize_va_space > 1)) { /* * For architectures with ELF randomization, when executing * a loader directly (i.e. no interpreter listed in ELF -- 2.34.1

3 months, 3 weeks

4
7
0 0

[PATCH] iio: common: st_sensors: Fix use of uninitialize device structs

by Maud Spierings via B4 Relay

From: Maud Spierings <maudspierings(a)gocontroll.com> Throughout the various probe functions &indio_dev->dev is used before it is initialized. This caused a kernel panic in st_sensors_power_enable when the call to devm_regulator_bulk_get_enable() fails and then calls dev_err_probe() with the uninitialized device. This seems to only cause a panic with dev_err_probe(), dev_err, dev_warn and dev_info don't seem to cause a panic, but are fixed as well. --- When I search for general &indio_dev->dev usage, I see quite a lot more hits, but I am not sure if there are issues with those too. This issue has existed for a long time it seems and therefore it is nearly impossible to find a proper fixes tag. I would love to see it at least backported to 6.12 as that is where I encountered it, and I believe the patch should apply without conflicts. The investigation into this issue can be found in this thread [1] [1]: https://lore.kernel.org/all/AM7P189MB100986A83D2F28AF3FFAF976E39EA@AM7P189M… Signed-off-by: Maud Spierings <maudspierings(a)gocontroll.com> --- drivers/iio/accel/st_accel_core.c | 10 +++---- drivers/iio/common/st_sensors/st_sensors_core.c | 35 +++++++++++----------- drivers/iio/common/st_sensors/st_sensors_trigger.c | 18 +++++------ 3 files changed, 31 insertions(+), 32 deletions(-) diff --git a/drivers/iio/accel/st_accel_core.c b/drivers/iio/accel/st_accel_core.c index 99cb661fabb2d9cc1943fa8d0a6f3becb71126e6..a7961c610ed203d039bbf298c8883031a578fb0b 100644 --- a/drivers/iio/accel/st_accel_core.c +++ b/drivers/iio/accel/st_accel_core.c @@ -1353,6 +1353,7 @@ static int apply_acpi_orientation(struct iio_dev *indio_dev) union acpi_object *ont; union acpi_object *elements; acpi_status status; + struct device *parent = indio_dev->dev.parent; int ret = -EINVAL; unsigned int val; int i, j; @@ -1371,7 +1372,7 @@ static int apply_acpi_orientation(struct iio_dev *indio_dev) }; - adev = ACPI_COMPANION(indio_dev->dev.parent); + adev = ACPI_COMPANION(parent); if (!adev) return -ENXIO; @@ -1380,8 +1381,7 @@ static int apply_acpi_orientation(struct iio_dev *indio_dev) if (status == AE_NOT_FOUND) { return -ENXIO; } else if (ACPI_FAILURE(status)) { - dev_warn(&indio_dev->dev, "failed to execute _ONT: %d\n", - status); + dev_warn(parent, "failed to execute _ONT: %d\n", status); return status; } @@ -1457,12 +1457,12 @@ static int apply_acpi_orientation(struct iio_dev *indio_dev) } ret = 0; - dev_info(&indio_dev->dev, "computed mount matrix from ACPI\n"); + dev_info(parent, "computed mount matrix from ACPI\n"); out: kfree(buffer.pointer); if (ret) - dev_dbg(&indio_dev->dev, + dev_dbg(parent, "failed to apply ACPI orientation data: %d\n", ret); return ret; diff --git a/drivers/iio/common/st_sensors/st_sensors_core.c b/drivers/iio/common/st_sensors/st_sensors_core.c index 8ce1dccfea4f5aaff45d3d40f6542323dd1f0b09..11cbf561b16d41f429745abb516c137cfbb302bb 100644 --- a/drivers/iio/common/st_sensors/st_sensors_core.c +++ b/drivers/iio/common/st_sensors/st_sensors_core.c @@ -154,7 +154,7 @@ static int st_sensors_set_fullscale(struct iio_dev *indio_dev, unsigned int fs) return err; st_accel_set_fullscale_error: - dev_err(&indio_dev->dev, "failed to set new fullscale.\n"); + dev_err(indio_dev->dev.parent, "failed to set new fullscale.\n"); return err; } @@ -231,7 +231,7 @@ int st_sensors_power_enable(struct iio_dev *indio_dev) ARRAY_SIZE(regulator_names), regulator_names); if (err) - return dev_err_probe(&indio_dev->dev, err, + return dev_err_probe(parent, err, "unable to enable supplies\n"); return 0; @@ -241,13 +241,14 @@ EXPORT_SYMBOL_NS(st_sensors_power_enable, "IIO_ST_SENSORS"); static int st_sensors_set_drdy_int_pin(struct iio_dev *indio_dev, struct st_sensors_platform_data *pdata) { + struct device *parent = indio_dev->dev.parent; struct st_sensor_data *sdata = iio_priv(indio_dev); /* Sensor does not support interrupts */ if (!sdata->sensor_settings->drdy_irq.int1.addr && !sdata->sensor_settings->drdy_irq.int2.addr) { if (pdata->drdy_int_pin) - dev_info(&indio_dev->dev, + dev_info(parent, "DRDY on pin INT%d specified, but sensor does not support interrupts\n", pdata->drdy_int_pin); return 0; @@ -256,29 +257,27 @@ static int st_sensors_set_drdy_int_pin(struct iio_dev *indio_dev, switch (pdata->drdy_int_pin) { case 1: if (!sdata->sensor_settings->drdy_irq.int1.mask) { - dev_err(&indio_dev->dev, - "DRDY on INT1 not available.\n"); + dev_err(parent, "DRDY on INT1 not available.\n"); return -EINVAL; } sdata->drdy_int_pin = 1; break; case 2: if (!sdata->sensor_settings->drdy_irq.int2.mask) { - dev_err(&indio_dev->dev, - "DRDY on INT2 not available.\n"); + dev_err(parent, "DRDY on INT2 not available.\n"); return -EINVAL; } sdata->drdy_int_pin = 2; break; default: - dev_err(&indio_dev->dev, "DRDY on pdata not valid.\n"); + dev_err(parent, "DRDY on pdata not valid.\n"); return -EINVAL; } if (pdata->open_drain) { if (!sdata->sensor_settings->drdy_irq.int1.addr_od && !sdata->sensor_settings->drdy_irq.int2.addr_od) - dev_err(&indio_dev->dev, + dev_err(parent, "open drain requested but unsupported.\n"); else sdata->int_pin_open_drain = true; @@ -336,6 +335,7 @@ EXPORT_SYMBOL_NS(st_sensors_dev_name_probe, "IIO_ST_SENSORS"); int st_sensors_init_sensor(struct iio_dev *indio_dev, struct st_sensors_platform_data *pdata) { + struct device *parent = indio_dev->dev.parent; struct st_sensor_data *sdata = iio_priv(indio_dev); struct st_sensors_platform_data *of_pdata; int err = 0; @@ -343,7 +343,7 @@ int st_sensors_init_sensor(struct iio_dev *indio_dev, mutex_init(&sdata->odr_lock); /* If OF/DT pdata exists, it will take precedence of anything else */ - of_pdata = st_sensors_dev_probe(indio_dev->dev.parent, pdata); + of_pdata = st_sensors_dev_probe(parent, pdata); if (IS_ERR(of_pdata)) return PTR_ERR(of_pdata); if (of_pdata) @@ -370,7 +370,7 @@ int st_sensors_init_sensor(struct iio_dev *indio_dev, if (err < 0) return err; } else - dev_info(&indio_dev->dev, "Full-scale not possible\n"); + dev_info(parent, "Full-scale not possible\n"); err = st_sensors_set_odr(indio_dev, sdata->odr); if (err < 0) @@ -405,7 +405,7 @@ int st_sensors_init_sensor(struct iio_dev *indio_dev, mask = sdata->sensor_settings->drdy_irq.int2.mask_od; } - dev_info(&indio_dev->dev, + dev_info(parent, "set interrupt line to open drain mode on pin %d\n", sdata->drdy_int_pin); err = st_sensors_write_data_with_mask(indio_dev, addr, @@ -593,21 +593,20 @@ EXPORT_SYMBOL_NS(st_sensors_get_settings_index, "IIO_ST_SENSORS"); int st_sensors_verify_id(struct iio_dev *indio_dev) { struct st_sensor_data *sdata = iio_priv(indio_dev); + struct device *parent = indio_dev->dev.parent; int wai, err; if (sdata->sensor_settings->wai_addr) { err = regmap_read(sdata->regmap, sdata->sensor_settings->wai_addr, &wai); if (err < 0) { - dev_err(&indio_dev->dev, - "failed to read Who-Am-I register.\n"); - return err; + return dev_err_probe(parent, err, + "failed to read Who-Am-I register.\n"); } if (sdata->sensor_settings->wai != wai) { - dev_warn(&indio_dev->dev, - "%s: WhoAmI mismatch (0x%x).\n", - indio_dev->name, wai); + dev_warn(parent, "%s: WhoAmI mismatch (0x%x).\n", + indio_dev->name, wai); } } diff --git a/drivers/iio/common/st_sensors/st_sensors_trigger.c b/drivers/iio/common/st_sensors/st_sensors_trigger.c index 9d4bf822a15dfcdd6c2835f6b9d7698cd3cb0b08..32c3278968089699dff5329e943d92b151b55fdf 100644 --- a/drivers/iio/common/st_sensors/st_sensors_trigger.c +++ b/drivers/iio/common/st_sensors/st_sensors_trigger.c @@ -127,7 +127,7 @@ int st_sensors_allocate_trigger(struct iio_dev *indio_dev, sdata->trig = devm_iio_trigger_alloc(parent, "%s-trigger", indio_dev->name); if (sdata->trig == NULL) { - dev_err(&indio_dev->dev, "failed to allocate iio trigger.\n"); + dev_err(parent, "failed to allocate iio trigger.\n"); return -ENOMEM; } @@ -143,7 +143,7 @@ int st_sensors_allocate_trigger(struct iio_dev *indio_dev, case IRQF_TRIGGER_FALLING: case IRQF_TRIGGER_LOW: if (!sdata->sensor_settings->drdy_irq.addr_ihl) { - dev_err(&indio_dev->dev, + dev_err(parent, "falling/low specified for IRQ but hardware supports only rising/high: will request rising/high\n"); if (irq_trig == IRQF_TRIGGER_FALLING) irq_trig = IRQF_TRIGGER_RISING; @@ -156,21 +156,21 @@ int st_sensors_allocate_trigger(struct iio_dev *indio_dev, sdata->sensor_settings->drdy_irq.mask_ihl, 1); if (err < 0) return err; - dev_info(&indio_dev->dev, + dev_info(parent, "interrupts on the falling edge or active low level\n"); } break; case IRQF_TRIGGER_RISING: - dev_info(&indio_dev->dev, + dev_info(parent, "interrupts on the rising edge\n"); break; case IRQF_TRIGGER_HIGH: - dev_info(&indio_dev->dev, + dev_info(parent, "interrupts active high level\n"); break; default: /* This is the most preferred mode, if possible */ - dev_err(&indio_dev->dev, + dev_err(parent, "unsupported IRQ trigger specified (%lx), enforce rising edge\n", irq_trig); irq_trig = IRQF_TRIGGER_RISING; } @@ -179,7 +179,7 @@ int st_sensors_allocate_trigger(struct iio_dev *indio_dev, if (irq_trig == IRQF_TRIGGER_FALLING || irq_trig == IRQF_TRIGGER_RISING) { if (!sdata->sensor_settings->drdy_irq.stat_drdy.addr) { - dev_err(&indio_dev->dev, + dev_err(parent, "edge IRQ not supported w/o stat register.\n"); return -EOPNOTSUPP; } @@ -214,13 +214,13 @@ int st_sensors_allocate_trigger(struct iio_dev *indio_dev, sdata->trig->name, sdata->trig); if (err) { - dev_err(&indio_dev->dev, "failed to request trigger IRQ.\n"); + dev_err(parent, "failed to request trigger IRQ.\n"); return err; } err = devm_iio_trigger_register(parent, sdata->trig); if (err < 0) { - dev_err(&indio_dev->dev, "failed to register iio trigger.\n"); + dev_err(parent, "failed to register iio trigger.\n"); return err; } indio_dev->trig = iio_trigger_get(sdata->trig); --- base-commit: 7bac2c97af4078d7a627500c9bcdd5b033f97718 change-id: 20250522-st_iio_fix-1c58fdd4d420 Best regards, -- Maud Spierings <maudspierings(a)gocontroll.com>

3 months, 3 weeks

2
1
0 0

[PATCH 5.15 1/1] ocfs2: fix deadlock in ocfs2_get_system_file_inode

by Dmitriy Privalov

From: Mohammed Anees <pvmohammedanees2003(a)gmail.com> commit 7bf1823e010e8db2fb649c790bd1b449a75f52d8 upstream. syzbot has found a possible deadlock in ocfs2_get_system_file_inode [1]. The scenario is depicted here, CPU0 CPU1 lock(&ocfs2_file_ip_alloc_sem_key); lock(&osb->system_file_mutex); lock(&ocfs2_file_ip_alloc_sem_key); lock(&osb->system_file_mutex); The function calls which could lead to this are: CPU0 ocfs2_mknod - lock(&ocfs2_file_ip_alloc_sem_key); . . . ocfs2_get_system_file_inode - lock(&osb->system_file_mutex); CPU1 - ocfs2_fill_super - lock(&osb->system_file_mutex); . . . ocfs2_read_virt_blocks - lock(&ocfs2_file_ip_alloc_sem_key); This issue can be resolved by making the down_read -> down_read_try in the ocfs2_read_virt_blocks. [1] https://syzkaller.appspot.com/bug?extid=e0055ea09f1f5e6fabdd Link: https://lkml.kernel.org/r/20240924093257.7181-1-pvmohammedanees2003@gmail.c… Signed-off-by: Mohammed Anees <pvmohammedanees2003(a)gmail.com> Reviewed-by: Joseph Qi <joseph.qi(a)linux.alibaba.com> Reported-by: <syzbot+e0055ea09f1f5e6fabdd(a)syzkaller.appspotmail.com> Closes: https://syzkaller.appspot.com/bug?extid=e0055ea09f1f5e6fabdd Tested-by: syzbot+e0055ea09f1f5e6fabdd(a)syzkaller.appspotmail.com Cc: Mark Fasheh <mark(a)fasheh.com> Cc: Joel Becker <jlbec(a)evilplan.org> Cc: Junxiao Bi <junxiao.bi(a)oracle.com> Cc: Changwei Ge <gechangwei(a)live.cn> Cc: Gang He <ghe(a)suse.com> Cc: Jun Piao <piaojun(a)huawei.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Dmitriy Privalov <d.privalov(a)omp.ru> --- fs/ocfs2/extent_map.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/fs/ocfs2/extent_map.c b/fs/ocfs2/extent_map.c index 70a768b623cf..f7672472fa82 100644 --- a/fs/ocfs2/extent_map.c +++ b/fs/ocfs2/extent_map.c @@ -973,7 +973,13 @@ int ocfs2_read_virt_blocks(struct inode *inode, u64 v_block, int nr, } while (done < nr) { - down_read(&OCFS2_I(inode)->ip_alloc_sem); + if (!down_read_trylock(&OCFS2_I(inode)->ip_alloc_sem)) { + rc = -EAGAIN; + mlog(ML_ERROR, + "Inode #%llu ip_alloc_sem is temporarily unavailable\n", + (unsigned long long)OCFS2_I(inode)->ip_blkno); + break; + } rc = ocfs2_extent_map_get_blocks(inode, v_block + done, &p_block, &p_count, NULL); up_read(&OCFS2_I(inode)->ip_alloc_sem); -- 2.34.1

3 months, 3 weeks

1
0
0 0

[PATCH] ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params()

by Wentao Liang

The function sdm845_slim_snd_hw_params() calls the functuion snd_soc_dai_set_channel_map() but does not check its return value. A proper implementation can be found in msm_snd_hw_params(). Add error handling for snd_soc_dai_set_channel_map(). If the function fails and it is not a unsupported error, return the error code immediately. Fixes: 5caf64c633a3 ("ASoC: qcom: sdm845: add support to DB845c and Lenovo Yoga") Cc: stable(a)vger.kernel.org # v5.6 Signed-off-by: Wentao Liang <vulab(a)iscas.ac.cn> --- sound/soc/qcom/sdm845.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sound/soc/qcom/sdm845.c b/sound/soc/qcom/sdm845.c index a479d7e5b7fb..314ff68506d9 100644 --- a/sound/soc/qcom/sdm845.c +++ b/sound/soc/qcom/sdm845.c @@ -91,6 +91,10 @@ static int sdm845_slim_snd_hw_params(struct snd_pcm_substream *substream, else ret = snd_soc_dai_set_channel_map(cpu_dai, tx_ch_cnt, tx_ch, 0, NULL); + if (ret != 0 && ret != -ENOTSUPP) { + dev_err(rtd->dev, "failed to set cpu chan map, err:%d\n", ret); + return ret; + } } return 0; -- 2.42.0.windows.2

3 months, 3 weeks

3
2
0 0

Re: Panic with a lis2dw12 accelerometer

by Maud Spierings

On 5/21/25 11:48, Maud Spierings wrote: > On 5/21/25 11:29, Christian Heusel wrote: >> On 25/05/21 10:53AM, Maud Spierings wrote: >>> I've just experienced an Issue that I think may be a regression. >>> >>> I'm enabling a device which incorporates a lis2dw12 accelerometer, >>> currently >>> I am running 6.12 lts, so 6.12.29 as of typing this message. >> >> Could you check whether the latest mainline release (at the time this is >> v6.15-rc7) is also affected? If that's not the case the bug might >> already be fixed ^_^ > > Unfortunately doesn't seem to be the case, still gets the panic. I also > tried 6.12(.0), but that also has the panic, so it is definitely older > than this lts. > >> Also as you said that this is a regression, what is the last revision >> that the accelerometer worked with? > > Thats a difficult one to pin down, I'm moving from the nxp vendor kernel > to mainline, the last working one that I know sure is 5.10.72 of that > vendor kernel. I did some more digging and the latest lts it seems to work with is 6.1.139, 6.6.91 also crashes. So it seems to be a very old regression. >>> This is where my ability to fix thing fizzles out and so here I am >>> asking >>> for assistance. >>> >>> Kind regards, >>> Maud >> >> Cheers, >> Chris >

3 months, 3 weeks

3
4
0 0

RE: [PATCH v6] virtio_blk: Fix disk deletion hang on device surprise removal

by Parav Pandit

> From: Parav Pandit <parav(a)nvidia.com> > Sent: Thursday, May 22, 2025 1:19 PM > To: Max Gurtovoy <mgurtovoy(a)nvidia.com>; Israel Rukshin > <israelr(a)nvidia.com> > Cc: Parav Pandit <parav(a)nvidia.com>; stable(a)vger.kernel.org; NBU-Contact- > Li Rongqing (EXTERNAL) <lirongqing(a)baidu.com> > Subject: [PATCH v6] virtio_blk: Fix disk deletion hang on device surprise > removal > > When the PCI device is surprise removed, requests may not complete the > device as the VQ is marked as broken. Due to this, the disk deletion hangs. > > Fix it by aborting the requests when the VQ is broken. > > With this fix now fio completes swiftly. > An alternative of IO timeout has been considered, however when the driver > knows about unresponsive block device, swiftly clearing them enables users > and upper layers to react quickly. > > Verified with multiple device unplug iterations with pending requests in virtio > used ring and some pending with the device. > > Fixes: 43bb40c5b926 ("virtio_pci: Support surprise removal of virtio pci > device") > Cc: stable(a)vger.kernel.org > Reported-by: Li RongQing <lirongqing(a)baidu.com> > Closes: > https://lore.kernel.org/virtualization/c45dd68698cd47238c55fb73ca9b4741 > @baidu.com/ > Signed-off-by: Parav Pandit <parav(a)nvidia.com> > This is an internal patch, which got CCed to stable by mistake. Please ignore this patch for stable kernels. It is still under internal review. I am sorry for the noise. > --- > v1->v2: (internal v5->v6): > - Addressed comments from Stephan > - fixed spelling to 'waiting' > v1->v2: (internal v4->v5): > - Addressed comments from MST > - removed the vq broken check in queue_rq(s) > --- > drivers/block/virtio_blk.c | 85 > ++++++++++++++++++++++++++++++++++++++ > 1 file changed, 85 insertions(+) > > diff --git a/drivers/block/virtio_blk.c b/drivers/block/virtio_blk.c index > 7cffea01d868..04f24ec20405 100644 > --- a/drivers/block/virtio_blk.c > +++ b/drivers/block/virtio_blk.c > @@ -1554,6 +1554,89 @@ static int virtblk_probe(struct virtio_device *vdev) > return err; > } > > +static bool virtblk_request_cancel(struct request *rq, void *data) { > + struct virtblk_req *vbr = blk_mq_rq_to_pdu(rq); > + struct virtio_blk *vblk = data; > + struct virtio_blk_vq *vq; > + unsigned long flags; > + > + vq = &vblk->vqs[rq->mq_hctx->queue_num]; > + > + spin_lock_irqsave(&vq->lock, flags); > + > + vbr->in_hdr.status = VIRTIO_BLK_S_IOERR; > + if (blk_mq_request_started(rq) && !blk_mq_request_completed(rq)) > + blk_mq_complete_request(rq); > + > + spin_unlock_irqrestore(&vq->lock, flags); > + return true; > +} > + > +static void virtblk_broken_device_cleanup(struct virtio_blk *vblk) { > + struct request_queue *q = vblk->disk->queue; > + > + return; > + > + if (!virtqueue_is_broken(vblk->vqs[0].vq)) > + return; > + > + /* Start freezing the queue, so that new requests keeps waiting at the > + * door of bio_queue_enter(). We cannot fully freeze the queue > because > + * freezed queue is an empty queue and there are pending requests, > so > + * only start freezing it. > + */ > + blk_freeze_queue_start(q); > + > + /* When quiescing completes, all ongoing dispatches have completed > + * and no new dispatch will happen towards the driver. > + * This ensures that later when cancel is attempted, then are not > + * getting processed by the queue_rq() or queue_rqs() handlers. > + */ > + blk_mq_quiesce_queue(q); > + > + /* > + * Synchronize with any ongoing VQ callbacks, effectively quiescing > + * the device and preventing it from completing further requests > + * to the block layer. Any outstanding, incomplete requests will be > + * completed by virtblk_request_cancel(). > + */ > + virtio_synchronize_cbs(vblk->vdev); > + > + /* At this point, no new requests can enter the queue_rq() and > + * completion routine will not complete any new requests either for > the > + * broken vq. Hence, it is safe to cancel all requests which are > + * started. > + */ > + blk_mq_tagset_busy_iter(&vblk->tag_set, virtblk_request_cancel, > vblk); > + blk_mq_tagset_wait_completed_request(&vblk->tag_set); > + > + /* All pending requests are cleaned up. Time to resume so that disk > + * deletion can be smooth. Start the HW queues so that when queue is > + * unquiesced requests can again enter the driver. > + */ > + blk_mq_start_stopped_hw_queues(q, true); > + > + /* Unquiescing will trigger dispatching any pending requests to the > + * driver which has crossed bio_queue_enter() to the driver. > + */ > + blk_mq_unquiesce_queue(q); > + > + /* Wait for all pending dispatches to terminate which may have been > + * initiated after unquiescing. > + */ > + blk_mq_freeze_queue_wait(q); > + > + /* Mark the disk dead so that once queue unfreeze, the requests > + * waiting at the door of bio_queue_enter() can be aborted right away. > + */ > + blk_mark_disk_dead(vblk->disk); > + > + /* Unfreeze the queue so that any waiting requests will be aborted. */ > + blk_mq_unfreeze_queue_nomemrestore(q); > +} > + > static void virtblk_remove(struct virtio_device *vdev) { > struct virtio_blk *vblk = vdev->priv; > @@ -1561,6 +1644,8 @@ static void virtblk_remove(struct virtio_device > *vdev) > /* Make sure no work handler is accessing the device. */ > flush_work(&vblk->config_work); > > + virtblk_broken_device_cleanup(vblk); > + > del_gendisk(vblk->disk); > blk_mq_free_tag_set(&vblk->tag_set); > > -- > 2.34.1

3 months, 3 weeks

1
0
0 0

[PATCH net 4/4] can: slcan: allow reception of short error messages

by Marc Kleine-Budde

From: Carlos Sanchez <carlossanchez(a)geotab.com> Allows slcan to receive short messages (typically errors) from the serial interface. When error support was added to slcan protocol in b32ff4668544e1333b694fcc7812b2d7397b4d6a ("can: slcan: extend the protocol with error info") the minimum valid message size changed from 5 (minimum standard can frame tIII0) to 3 ("e1a" is a valid protocol message, it is one of the examples given in the comments for slcan_bump_err() ), but the check for minimum message length prodicating all decoding was not adjusted. This makes short error messages discarded and error frames not being generated. This patch changes the minimum length to the new minimum (3 characters, excluding terminator, is now a valid message). Signed-off-by: Carlos Sanchez <carlossanchez(a)geotab.com> Fixes: b32ff4668544 ("can: slcan: extend the protocol with error info") Reviewed-by: Vincent Mailhol <mailhol.vincent(a)wanadoo.fr> Link: https://patch.msgid.link/20250520102305.1097494-1-carlossanchez@geotab.com Cc: stable(a)vger.kernel.org Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> --- drivers/net/can/slcan/slcan-core.c | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/drivers/net/can/slcan/slcan-core.c b/drivers/net/can/slcan/slcan-core.c index 24c6622d36bd..58ff2ec1d975 100644 --- a/drivers/net/can/slcan/slcan-core.c +++ b/drivers/net/can/slcan/slcan-core.c @@ -71,12 +71,21 @@ MODULE_AUTHOR("Dario Binacchi <dario.binacchi(a)amarulasolutions.com>"); #define SLCAN_CMD_LEN 1 #define SLCAN_SFF_ID_LEN 3 #define SLCAN_EFF_ID_LEN 8 +#define SLCAN_DATA_LENGTH_LEN 1 +#define SLCAN_ERROR_LEN 1 #define SLCAN_STATE_LEN 1 #define SLCAN_STATE_BE_RXCNT_LEN 3 #define SLCAN_STATE_BE_TXCNT_LEN 3 -#define SLCAN_STATE_FRAME_LEN (1 + SLCAN_CMD_LEN + \ - SLCAN_STATE_BE_RXCNT_LEN + \ - SLCAN_STATE_BE_TXCNT_LEN) +#define SLCAN_STATE_MSG_LEN (SLCAN_CMD_LEN + \ + SLCAN_STATE_LEN + \ + SLCAN_STATE_BE_RXCNT_LEN + \ + SLCAN_STATE_BE_TXCNT_LEN) +#define SLCAN_ERROR_MSG_LEN_MIN (SLCAN_CMD_LEN + \ + SLCAN_ERROR_LEN + \ + SLCAN_DATA_LENGTH_LEN) +#define SLCAN_FRAME_MSG_LEN_MIN (SLCAN_CMD_LEN + \ + SLCAN_SFF_ID_LEN + \ + SLCAN_DATA_LENGTH_LEN) struct slcan { struct can_priv can; @@ -176,6 +185,9 @@ static void slcan_bump_frame(struct slcan *sl) u32 tmpid; char *cmd = sl->rbuff; + if (sl->rcount < SLCAN_FRAME_MSG_LEN_MIN) + return; + skb = alloc_can_skb(sl->dev, &cf); if (unlikely(!skb)) { sl->dev->stats.rx_dropped++; @@ -281,7 +293,7 @@ static void slcan_bump_state(struct slcan *sl) return; } - if (state == sl->can.state || sl->rcount < SLCAN_STATE_FRAME_LEN) + if (state == sl->can.state || sl->rcount != SLCAN_STATE_MSG_LEN) return; cmd += SLCAN_STATE_BE_RXCNT_LEN + SLCAN_CMD_LEN + 1; @@ -328,6 +340,9 @@ static void slcan_bump_err(struct slcan *sl) bool rx_errors = false, tx_errors = false, rx_over_errors = false; int i, len; + if (sl->rcount < SLCAN_ERROR_MSG_LEN_MIN) + return; + /* get len from sanitized ASCII value */ len = cmd[1]; if (len >= '0' && len < '9') @@ -456,8 +471,7 @@ static void slcan_bump(struct slcan *sl) static void slcan_unesc(struct slcan *sl, unsigned char s) { if ((s == '\r') || (s == '\a')) { /* CR or BEL ends the pdu */ - if (!test_and_clear_bit(SLF_ERROR, &sl->flags) && - sl->rcount > 4) + if (!test_and_clear_bit(SLF_ERROR, &sl->flags)) slcan_bump(sl); sl->rcount = 0; -- 2.47.2

3 months, 3 weeks

1
0
0 0

[PATCH net 3/4] can: kvaser_pciefd: Continue parsing DMA buf after dropped RX

by Marc Kleine-Budde

From: Axel Forsman <axfo(a)kvaser.com> Going bus-off on a channel doing RX could result in dropped packets. As netif_running() gets cleared before the channel abort procedure, the handling of any last RDATA packets would see netif_rx() return non-zero to signal a dropped packet. kvaser_pciefd_read_buffer() dealt with this "error" by breaking out of processing the remaining DMA RX buffer. Only return an error from kvaser_pciefd_read_buffer() due to packet corruption, otherwise handle it internally. Cc: stable(a)vger.kernel.org Signed-off-by: Axel Forsman <axfo(a)kvaser.com> Tested-by: Jimmy Assarsson <extja(a)kvaser.com> Reviewed-by: Jimmy Assarsson <extja(a)kvaser.com> Link: https://patch.msgid.link/20250520114332.8961-4-axfo@kvaser.com Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> --- drivers/net/can/kvaser_pciefd.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/net/can/kvaser_pciefd.c b/drivers/net/can/kvaser_pciefd.c index a61cbade96d9..f6921368cd14 100644 --- a/drivers/net/can/kvaser_pciefd.c +++ b/drivers/net/can/kvaser_pciefd.c @@ -1209,7 +1209,7 @@ static int kvaser_pciefd_handle_data_packet(struct kvaser_pciefd *pcie, skb = alloc_canfd_skb(priv->dev, &cf); if (!skb) { priv->dev->stats.rx_dropped++; - return -ENOMEM; + return 0; } cf->len = can_fd_dlc2len(dlc); @@ -1221,7 +1221,7 @@ static int kvaser_pciefd_handle_data_packet(struct kvaser_pciefd *pcie, skb = alloc_can_skb(priv->dev, (struct can_frame **)&cf); if (!skb) { priv->dev->stats.rx_dropped++; - return -ENOMEM; + return 0; } can_frame_set_cc_len((struct can_frame *)cf, dlc, priv->ctrlmode); } @@ -1239,7 +1239,9 @@ static int kvaser_pciefd_handle_data_packet(struct kvaser_pciefd *pcie, priv->dev->stats.rx_packets++; kvaser_pciefd_set_skb_timestamp(pcie, skb, p->timestamp); - return netif_rx(skb); + netif_rx(skb); + + return 0; } static void kvaser_pciefd_change_state(struct kvaser_pciefd_can *can, -- 2.47.2

3 months, 3 weeks

1
0
0 0

[PATCH net 2/4] can: kvaser_pciefd: Fix echo_skb race

by Marc Kleine-Budde

From: Axel Forsman <axfo(a)kvaser.com> The functions kvaser_pciefd_start_xmit() and kvaser_pciefd_handle_ack_packet() raced to stop/wake TX queues and get/put echo skbs, as kvaser_pciefd_can->echo_lock was only ever taken when transmitting and KCAN_TX_NR_PACKETS_CURRENT gets decremented prior to handling of ACKs. E.g., this caused the following error: can_put_echo_skb: BUG! echo_skb 5 is occupied! Instead, use the synchronization helpers in netdev_queues.h. As those piggyback on BQL barriers, start updating in-flight packets and bytes counts as well. Cc: stable(a)vger.kernel.org Signed-off-by: Axel Forsman <axfo(a)kvaser.com> Tested-by: Jimmy Assarsson <extja(a)kvaser.com> Reviewed-by: Jimmy Assarsson <extja(a)kvaser.com> Link: https://patch.msgid.link/20250520114332.8961-3-axfo@kvaser.com Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> --- drivers/net/can/kvaser_pciefd.c | 93 +++++++++++++++++++++------------ 1 file changed, 59 insertions(+), 34 deletions(-) diff --git a/drivers/net/can/kvaser_pciefd.c b/drivers/net/can/kvaser_pciefd.c index 9cc9176c2058..a61cbade96d9 100644 --- a/drivers/net/can/kvaser_pciefd.c +++ b/drivers/net/can/kvaser_pciefd.c @@ -16,6 +16,7 @@ #include <linux/netdevice.h> #include <linux/pci.h> #include <linux/timer.h> +#include <net/netdev_queues.h> MODULE_LICENSE("Dual BSD/GPL"); MODULE_AUTHOR("Kvaser AB <support(a)kvaser.com>"); @@ -410,10 +411,13 @@ struct kvaser_pciefd_can { void __iomem *reg_base; struct can_berr_counter bec; u8 cmd_seq; + u8 tx_max_count; + u8 tx_idx; + u8 ack_idx; int err_rep_cnt; - int echo_idx; + unsigned int completed_tx_pkts; + unsigned int completed_tx_bytes; spinlock_t lock; /* Locks sensitive registers (e.g. MODE) */ - spinlock_t echo_lock; /* Locks the message echo buffer */ struct timer_list bec_poll_timer; struct completion start_comp, flush_comp; }; @@ -714,6 +718,9 @@ static int kvaser_pciefd_open(struct net_device *netdev) int ret; struct kvaser_pciefd_can *can = netdev_priv(netdev); + can->tx_idx = 0; + can->ack_idx = 0; + ret = open_candev(netdev); if (ret) return ret; @@ -745,21 +752,26 @@ static int kvaser_pciefd_stop(struct net_device *netdev) timer_delete(&can->bec_poll_timer); } can->can.state = CAN_STATE_STOPPED; + netdev_reset_queue(netdev); close_candev(netdev); return ret; } +static unsigned int kvaser_pciefd_tx_avail(const struct kvaser_pciefd_can *can) +{ + return can->tx_max_count - (READ_ONCE(can->tx_idx) - READ_ONCE(can->ack_idx)); +} + static int kvaser_pciefd_prepare_tx_packet(struct kvaser_pciefd_tx_packet *p, - struct kvaser_pciefd_can *can, + struct can_priv *can, u8 seq, struct sk_buff *skb) { struct canfd_frame *cf = (struct canfd_frame *)skb->data; int packet_size; - int seq = can->echo_idx; memset(p, 0, sizeof(*p)); - if (can->can.ctrlmode & CAN_CTRLMODE_ONE_SHOT) + if (can->ctrlmode & CAN_CTRLMODE_ONE_SHOT) p->header[1] |= KVASER_PCIEFD_TPACKET_SMS; if (cf->can_id & CAN_RTR_FLAG) @@ -782,7 +794,7 @@ static int kvaser_pciefd_prepare_tx_packet(struct kvaser_pciefd_tx_packet *p, } else { p->header[1] |= FIELD_PREP(KVASER_PCIEFD_RPACKET_DLC_MASK, - can_get_cc_dlc((struct can_frame *)cf, can->can.ctrlmode)); + can_get_cc_dlc((struct can_frame *)cf, can->ctrlmode)); } p->header[1] |= FIELD_PREP(KVASER_PCIEFD_PACKET_SEQ_MASK, seq); @@ -797,22 +809,24 @@ static netdev_tx_t kvaser_pciefd_start_xmit(struct sk_buff *skb, struct net_device *netdev) { struct kvaser_pciefd_can *can = netdev_priv(netdev); - unsigned long irq_flags; struct kvaser_pciefd_tx_packet packet; + unsigned int seq = can->tx_idx & (can->can.echo_skb_max - 1); + unsigned int frame_len; int nr_words; - u8 count; if (can_dev_dropped_skb(netdev, skb)) return NETDEV_TX_OK; + if (!netif_subqueue_maybe_stop(netdev, 0, kvaser_pciefd_tx_avail(can), 1, 1)) + return NETDEV_TX_BUSY; - nr_words = kvaser_pciefd_prepare_tx_packet(&packet, can, skb); + nr_words = kvaser_pciefd_prepare_tx_packet(&packet, &can->can, seq, skb); - spin_lock_irqsave(&can->echo_lock, irq_flags); /* Prepare and save echo skb in internal slot */ - can_put_echo_skb(skb, netdev, can->echo_idx, 0); - - /* Move echo index to the next slot */ - can->echo_idx = (can->echo_idx + 1) % can->can.echo_skb_max; + WRITE_ONCE(can->can.echo_skb[seq], NULL); + frame_len = can_skb_get_frame_len(skb); + can_put_echo_skb(skb, netdev, seq, frame_len); + netdev_sent_queue(netdev, frame_len); + WRITE_ONCE(can->tx_idx, can->tx_idx + 1); /* Write header to fifo */ iowrite32(packet.header[0], @@ -836,14 +850,7 @@ static netdev_tx_t kvaser_pciefd_start_xmit(struct sk_buff *skb, KVASER_PCIEFD_KCAN_FIFO_LAST_REG); } - count = FIELD_GET(KVASER_PCIEFD_KCAN_TX_NR_PACKETS_CURRENT_MASK, - ioread32(can->reg_base + KVASER_PCIEFD_KCAN_TX_NR_PACKETS_REG)); - /* No room for a new message, stop the queue until at least one - * successful transmit - */ - if (count >= can->can.echo_skb_max || can->can.echo_skb[can->echo_idx]) - netif_stop_queue(netdev); - spin_unlock_irqrestore(&can->echo_lock, irq_flags); + netif_subqueue_maybe_stop(netdev, 0, kvaser_pciefd_tx_avail(can), 1, 1); return NETDEV_TX_OK; } @@ -970,6 +977,8 @@ static int kvaser_pciefd_setup_can_ctrls(struct kvaser_pciefd *pcie) can->kv_pcie = pcie; can->cmd_seq = 0; can->err_rep_cnt = 0; + can->completed_tx_pkts = 0; + can->completed_tx_bytes = 0; can->bec.txerr = 0; can->bec.rxerr = 0; @@ -983,11 +992,10 @@ static int kvaser_pciefd_setup_can_ctrls(struct kvaser_pciefd *pcie) tx_nr_packets_max = FIELD_GET(KVASER_PCIEFD_KCAN_TX_NR_PACKETS_MAX_MASK, ioread32(can->reg_base + KVASER_PCIEFD_KCAN_TX_NR_PACKETS_REG)); + can->tx_max_count = min(KVASER_PCIEFD_CAN_TX_MAX_COUNT, tx_nr_packets_max - 1); can->can.clock.freq = pcie->freq; - can->can.echo_skb_max = min(KVASER_PCIEFD_CAN_TX_MAX_COUNT, tx_nr_packets_max - 1); - can->echo_idx = 0; - spin_lock_init(&can->echo_lock); + can->can.echo_skb_max = roundup_pow_of_two(can->tx_max_count); spin_lock_init(&can->lock); can->can.bittiming_const = &kvaser_pciefd_bittiming_const; @@ -1510,19 +1518,21 @@ static int kvaser_pciefd_handle_ack_packet(struct kvaser_pciefd *pcie, netdev_dbg(can->can.dev, "Packet was flushed\n"); } else { int echo_idx = FIELD_GET(KVASER_PCIEFD_PACKET_SEQ_MASK, p->header[0]); - int len; - u8 count; + unsigned int len, frame_len = 0; struct sk_buff *skb; + if (echo_idx != (can->ack_idx & (can->can.echo_skb_max - 1))) + return 0; skb = can->can.echo_skb[echo_idx]; - if (skb) - kvaser_pciefd_set_skb_timestamp(pcie, skb, p->timestamp); - len = can_get_echo_skb(can->can.dev, echo_idx, NULL); - count = FIELD_GET(KVASER_PCIEFD_KCAN_TX_NR_PACKETS_CURRENT_MASK, - ioread32(can->reg_base + KVASER_PCIEFD_KCAN_TX_NR_PACKETS_REG)); + if (!skb) + return 0; + kvaser_pciefd_set_skb_timestamp(pcie, skb, p->timestamp); + len = can_get_echo_skb(can->can.dev, echo_idx, &frame_len); - if (count < can->can.echo_skb_max && netif_queue_stopped(can->can.dev)) - netif_wake_queue(can->can.dev); + /* Pairs with barrier in kvaser_pciefd_start_xmit() */ + smp_store_release(&can->ack_idx, can->ack_idx + 1); + can->completed_tx_pkts++; + can->completed_tx_bytes += frame_len; if (!one_shot_fail) { can->can.dev->stats.tx_bytes += len; @@ -1638,11 +1648,26 @@ static int kvaser_pciefd_read_buffer(struct kvaser_pciefd *pcie, int dma_buf) { int pos = 0; int res = 0; + unsigned int i; do { res = kvaser_pciefd_read_packet(pcie, &pos, dma_buf); } while (!res && pos > 0 && pos < KVASER_PCIEFD_DMA_SIZE); + /* Report ACKs in this buffer to BQL en masse for correct periods */ + for (i = 0; i < pcie->nr_channels; ++i) { + struct kvaser_pciefd_can *can = pcie->can[i]; + + if (!can->completed_tx_pkts) + continue; + netif_subqueue_completed_wake(can->can.dev, 0, + can->completed_tx_pkts, + can->completed_tx_bytes, + kvaser_pciefd_tx_avail(can), 1); + can->completed_tx_pkts = 0; + can->completed_tx_bytes = 0; + } + return res; } -- 2.47.2

3 months, 3 weeks

1
0
0 0

[PATCH 5.10 1/1] ocfs2: fix deadlock in ocfs2_get_system_file_inode

by Dmitriy Privalov

From: Mohammed Anees <pvmohammedanees2003(a)gmail.com> commit 7bf1823e010e8db2fb649c790bd1b449a75f52d8 upstream. syzbot has found a possible deadlock in ocfs2_get_system_file_inode [1]. The scenario is depicted here, CPU0 CPU1 lock(&ocfs2_file_ip_alloc_sem_key); lock(&osb->system_file_mutex); lock(&ocfs2_file_ip_alloc_sem_key); lock(&osb->system_file_mutex); The function calls which could lead to this are: CPU0 ocfs2_mknod - lock(&ocfs2_file_ip_alloc_sem_key); . . . ocfs2_get_system_file_inode - lock(&osb->system_file_mutex); CPU1 - ocfs2_fill_super - lock(&osb->system_file_mutex); . . . ocfs2_read_virt_blocks - lock(&ocfs2_file_ip_alloc_sem_key); This issue can be resolved by making the down_read -> down_read_try in the ocfs2_read_virt_blocks. [1] https://syzkaller.appspot.com/bug?extid=e0055ea09f1f5e6fabdd Link: https://lkml.kernel.org/r/20240924093257.7181-1-pvmohammedanees2003@gmail.c… Signed-off-by: Mohammed Anees <pvmohammedanees2003(a)gmail.com> Reviewed-by: Joseph Qi <joseph.qi(a)linux.alibaba.com> Reported-by: <syzbot+e0055ea09f1f5e6fabdd(a)syzkaller.appspotmail.com> Closes: https://syzkaller.appspot.com/bug?extid=e0055ea09f1f5e6fabdd Tested-by: syzbot+e0055ea09f1f5e6fabdd(a)syzkaller.appspotmail.com Cc: Mark Fasheh <mark(a)fasheh.com> Cc: Joel Becker <jlbec(a)evilplan.org> Cc: Junxiao Bi <junxiao.bi(a)oracle.com> Cc: Changwei Ge <gechangwei(a)live.cn> Cc: Gang He <ghe(a)suse.com> Cc: Jun Piao <piaojun(a)huawei.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Dmitriy Privalov <d.privalov(a)omp.ru> --- fs/ocfs2/extent_map.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/fs/ocfs2/extent_map.c b/fs/ocfs2/extent_map.c index 70a768b623cf..f7672472fa82 100644 --- a/fs/ocfs2/extent_map.c +++ b/fs/ocfs2/extent_map.c @@ -973,7 +973,13 @@ int ocfs2_read_virt_blocks(struct inode *inode, u64 v_block, int nr, } while (done < nr) { - down_read(&OCFS2_I(inode)->ip_alloc_sem); + if (!down_read_trylock(&OCFS2_I(inode)->ip_alloc_sem)) { + rc = -EAGAIN; + mlog(ML_ERROR, + "Inode #%llu ip_alloc_sem is temporarily unavailable\n", + (unsigned long long)OCFS2_I(inode)->ip_blkno); + break; + } rc = ocfs2_extent_map_get_blocks(inode, v_block + done, &p_block, &p_count, NULL); up_read(&OCFS2_I(inode)->ip_alloc_sem); -- 2.34.1

3 months, 3 weeks

1
0
0 0

[PATCH 1/2] drm/amdgpu/vcn4.0.5: split code along instances

by Eric Naim

From: Alex Deucher <alexander.deucher(a)amd.com> commit ecc9ab4e924b7eb9e2c4a668162aaa1d9d60d08c upstream Split the code on a per instance basis. This will allow us to use the per instance functions in the future to handle more things per instance. v2: squash in fix for stop() from Boyuan Reviewed-by: Boyuan Zhang <Boyuan.Zhang(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> Tested-by: Eric Naim <dnaim(a)cachyos.org> Signed-off-by: Eric Naim <dnaim(a)cachyos.org> --- drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c | 444 ++++++++++++------------ 1 file changed, 220 insertions(+), 224 deletions(-) diff --git a/drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c b/drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c index d2dfdb141b24..9f9a9bf8dab9 100644 --- a/drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c +++ b/drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c @@ -991,183 +991,178 @@ static int vcn_v4_0_5_start_dpg_mode(struct amdgpu_device *adev, int inst_idx, b * vcn_v4_0_5_start - VCN start * * @adev: amdgpu_device pointer + * @i: instance to start * * Start VCN block */ -static int vcn_v4_0_5_start(struct amdgpu_device *adev) +static int vcn_v4_0_5_start(struct amdgpu_device *adev, int i) { volatile struct amdgpu_vcn4_fw_shared *fw_shared; struct amdgpu_ring *ring; uint32_t tmp; - int i, j, k, r; + int j, k, r; - for (i = 0; i < adev->vcn.num_vcn_inst; ++i) { - if (adev->pm.dpm_enabled) - amdgpu_dpm_enable_vcn(adev, true, i); - } + if (adev->vcn.harvest_config & (1 << i)) + return 0; - for (i = 0; i < adev->vcn.num_vcn_inst; ++i) { - if (adev->vcn.harvest_config & (1 << i)) - continue; + if (adev->pm.dpm_enabled) + amdgpu_dpm_enable_vcn(adev, true, i); - fw_shared = adev->vcn.inst[i].fw_shared.cpu_addr; + fw_shared = adev->vcn.inst[i].fw_shared.cpu_addr; - if (adev->pg_flags & AMD_PG_SUPPORT_VCN_DPG) { - r = vcn_v4_0_5_start_dpg_mode(adev, i, adev->vcn.indirect_sram); - continue; - } + if (adev->pg_flags & AMD_PG_SUPPORT_VCN_DPG) + return vcn_v4_0_5_start_dpg_mode(adev, i, adev->vcn.indirect_sram); - /* disable VCN power gating */ - vcn_v4_0_5_disable_static_power_gating(adev, i); - - /* set VCN status busy */ - tmp = RREG32_SOC15(VCN, i, regUVD_STATUS) | UVD_STATUS__UVD_BUSY; - WREG32_SOC15(VCN, i, regUVD_STATUS, tmp); - - /*SW clock gating */ - vcn_v4_0_5_disable_clock_gating(adev, i); - - /* enable VCPU clock */ - WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_VCPU_CNTL), - UVD_VCPU_CNTL__CLK_EN_MASK, ~UVD_VCPU_CNTL__CLK_EN_MASK); - - /* disable master interrupt */ - WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_MASTINT_EN), 0, - ~UVD_MASTINT_EN__VCPU_EN_MASK); - - /* enable LMI MC and UMC channels */ - WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_LMI_CTRL2), 0, - ~UVD_LMI_CTRL2__STALL_ARB_UMC_MASK); - - tmp = RREG32_SOC15(VCN, i, regUVD_SOFT_RESET); - tmp &= ~UVD_SOFT_RESET__LMI_SOFT_RESET_MASK; - tmp &= ~UVD_SOFT_RESET__LMI_UMC_SOFT_RESET_MASK; - WREG32_SOC15(VCN, i, regUVD_SOFT_RESET, tmp); - - /* setup regUVD_LMI_CTRL */ - tmp = RREG32_SOC15(VCN, i, regUVD_LMI_CTRL); - WREG32_SOC15(VCN, i, regUVD_LMI_CTRL, tmp | - UVD_LMI_CTRL__WRITE_CLEAN_TIMER_EN_MASK | - UVD_LMI_CTRL__MASK_MC_URGENT_MASK | - UVD_LMI_CTRL__DATA_COHERENCY_EN_MASK | - UVD_LMI_CTRL__VCPU_DATA_COHERENCY_EN_MASK); - - /* setup regUVD_MPC_CNTL */ - tmp = RREG32_SOC15(VCN, i, regUVD_MPC_CNTL); - tmp &= ~UVD_MPC_CNTL__REPLACEMENT_MODE_MASK; - tmp |= 0x2 << UVD_MPC_CNTL__REPLACEMENT_MODE__SHIFT; - WREG32_SOC15(VCN, i, regUVD_MPC_CNTL, tmp); - - /* setup UVD_MPC_SET_MUXA0 */ - WREG32_SOC15(VCN, i, regUVD_MPC_SET_MUXA0, - ((0x1 << UVD_MPC_SET_MUXA0__VARA_1__SHIFT) | - (0x2 << UVD_MPC_SET_MUXA0__VARA_2__SHIFT) | - (0x3 << UVD_MPC_SET_MUXA0__VARA_3__SHIFT) | - (0x4 << UVD_MPC_SET_MUXA0__VARA_4__SHIFT))); - - /* setup UVD_MPC_SET_MUXB0 */ - WREG32_SOC15(VCN, i, regUVD_MPC_SET_MUXB0, - ((0x1 << UVD_MPC_SET_MUXB0__VARB_1__SHIFT) | - (0x2 << UVD_MPC_SET_MUXB0__VARB_2__SHIFT) | - (0x3 << UVD_MPC_SET_MUXB0__VARB_3__SHIFT) | - (0x4 << UVD_MPC_SET_MUXB0__VARB_4__SHIFT))); - - /* setup UVD_MPC_SET_MUX */ - WREG32_SOC15(VCN, i, regUVD_MPC_SET_MUX, - ((0x0 << UVD_MPC_SET_MUX__SET_0__SHIFT) | - (0x1 << UVD_MPC_SET_MUX__SET_1__SHIFT) | - (0x2 << UVD_MPC_SET_MUX__SET_2__SHIFT))); - - vcn_v4_0_5_mc_resume(adev, i); - - /* VCN global tiling registers */ - WREG32_SOC15(VCN, i, regUVD_GFX10_ADDR_CONFIG, - adev->gfx.config.gb_addr_config); - - /* unblock VCPU register access */ - WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_RB_ARB_CTRL), 0, - ~UVD_RB_ARB_CTRL__VCPU_DIS_MASK); - - /* release VCPU reset to boot */ - WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_VCPU_CNTL), 0, - ~UVD_VCPU_CNTL__BLK_RST_MASK); - - for (j = 0; j < 10; ++j) { - uint32_t status; - - for (k = 0; k < 100; ++k) { - status = RREG32_SOC15(VCN, i, regUVD_STATUS); - if (status & 2) - break; - mdelay(10); - if (amdgpu_emu_mode == 1) - msleep(1); - } + /* disable VCN power gating */ + vcn_v4_0_5_disable_static_power_gating(adev, i); + + /* set VCN status busy */ + tmp = RREG32_SOC15(VCN, i, regUVD_STATUS) | UVD_STATUS__UVD_BUSY; + WREG32_SOC15(VCN, i, regUVD_STATUS, tmp); - if (amdgpu_emu_mode == 1) { - r = -1; - if (status & 2) { - r = 0; - break; - } - } else { + /* SW clock gating */ + vcn_v4_0_5_disable_clock_gating(adev, i); + + /* enable VCPU clock */ + WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_VCPU_CNTL), + UVD_VCPU_CNTL__CLK_EN_MASK, ~UVD_VCPU_CNTL__CLK_EN_MASK); + + /* disable master interrupt */ + WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_MASTINT_EN), 0, + ~UVD_MASTINT_EN__VCPU_EN_MASK); + + /* enable LMI MC and UMC channels */ + WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_LMI_CTRL2), 0, + ~UVD_LMI_CTRL2__STALL_ARB_UMC_MASK); + + tmp = RREG32_SOC15(VCN, i, regUVD_SOFT_RESET); + tmp &= ~UVD_SOFT_RESET__LMI_SOFT_RESET_MASK; + tmp &= ~UVD_SOFT_RESET__LMI_UMC_SOFT_RESET_MASK; + WREG32_SOC15(VCN, i, regUVD_SOFT_RESET, tmp); + + /* setup regUVD_LMI_CTRL */ + tmp = RREG32_SOC15(VCN, i, regUVD_LMI_CTRL); + WREG32_SOC15(VCN, i, regUVD_LMI_CTRL, tmp | + UVD_LMI_CTRL__WRITE_CLEAN_TIMER_EN_MASK | + UVD_LMI_CTRL__MASK_MC_URGENT_MASK | + UVD_LMI_CTRL__DATA_COHERENCY_EN_MASK | + UVD_LMI_CTRL__VCPU_DATA_COHERENCY_EN_MASK); + + /* setup regUVD_MPC_CNTL */ + tmp = RREG32_SOC15(VCN, i, regUVD_MPC_CNTL); + tmp &= ~UVD_MPC_CNTL__REPLACEMENT_MODE_MASK; + tmp |= 0x2 << UVD_MPC_CNTL__REPLACEMENT_MODE__SHIFT; + WREG32_SOC15(VCN, i, regUVD_MPC_CNTL, tmp); + + /* setup UVD_MPC_SET_MUXA0 */ + WREG32_SOC15(VCN, i, regUVD_MPC_SET_MUXA0, + ((0x1 << UVD_MPC_SET_MUXA0__VARA_1__SHIFT) | + (0x2 << UVD_MPC_SET_MUXA0__VARA_2__SHIFT) | + (0x3 << UVD_MPC_SET_MUXA0__VARA_3__SHIFT) | + (0x4 << UVD_MPC_SET_MUXA0__VARA_4__SHIFT))); + + /* setup UVD_MPC_SET_MUXB0 */ + WREG32_SOC15(VCN, i, regUVD_MPC_SET_MUXB0, + ((0x1 << UVD_MPC_SET_MUXB0__VARB_1__SHIFT) | + (0x2 << UVD_MPC_SET_MUXB0__VARB_2__SHIFT) | + (0x3 << UVD_MPC_SET_MUXB0__VARB_3__SHIFT) | + (0x4 << UVD_MPC_SET_MUXB0__VARB_4__SHIFT))); + + /* setup UVD_MPC_SET_MUX */ + WREG32_SOC15(VCN, i, regUVD_MPC_SET_MUX, + ((0x0 << UVD_MPC_SET_MUX__SET_0__SHIFT) | + (0x1 << UVD_MPC_SET_MUX__SET_1__SHIFT) | + (0x2 << UVD_MPC_SET_MUX__SET_2__SHIFT))); + + vcn_v4_0_5_mc_resume(adev, i); + + /* VCN global tiling registers */ + WREG32_SOC15(VCN, i, regUVD_GFX10_ADDR_CONFIG, + adev->gfx.config.gb_addr_config); + + /* unblock VCPU register access */ + WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_RB_ARB_CTRL), 0, + ~UVD_RB_ARB_CTRL__VCPU_DIS_MASK); + + /* release VCPU reset to boot */ + WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_VCPU_CNTL), 0, + ~UVD_VCPU_CNTL__BLK_RST_MASK); + + for (j = 0; j < 10; ++j) { + uint32_t status; + + for (k = 0; k < 100; ++k) { + status = RREG32_SOC15(VCN, i, regUVD_STATUS); + if (status & 2) + break; + mdelay(10); + if (amdgpu_emu_mode == 1) + msleep(1); + } + + if (amdgpu_emu_mode == 1) { + r = -1; + if (status & 2) { r = 0; - if (status & 2) - break; - - dev_err(adev->dev, - "VCN[%d] is not responding, trying to reset VCPU!!!\n", i); - WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_VCPU_CNTL), - UVD_VCPU_CNTL__BLK_RST_MASK, - ~UVD_VCPU_CNTL__BLK_RST_MASK); - mdelay(10); - WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_VCPU_CNTL), 0, - ~UVD_VCPU_CNTL__BLK_RST_MASK); - - mdelay(10); - r = -1; + break; } + } else { + r = 0; + if (status & 2) + break; + + dev_err(adev->dev, + "VCN[%d] is not responding, trying to reset VCPU!!!\n", i); + WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_VCPU_CNTL), + UVD_VCPU_CNTL__BLK_RST_MASK, + ~UVD_VCPU_CNTL__BLK_RST_MASK); + mdelay(10); + WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_VCPU_CNTL), 0, + ~UVD_VCPU_CNTL__BLK_RST_MASK); + + mdelay(10); + r = -1; } + } - if (r) { - dev_err(adev->dev, "VCN[%d] is not responding, giving up!!!\n", i); - return r; - } + if (r) { + dev_err(adev->dev, "VCN[%d] is not responding, giving up!!!\n", i); + return r; + } - /* enable master interrupt */ - WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_MASTINT_EN), - UVD_MASTINT_EN__VCPU_EN_MASK, - ~UVD_MASTINT_EN__VCPU_EN_MASK); + /* enable master interrupt */ + WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_MASTINT_EN), + UVD_MASTINT_EN__VCPU_EN_MASK, + ~UVD_MASTINT_EN__VCPU_EN_MASK); - /* clear the busy bit of VCN_STATUS */ - WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_STATUS), 0, - ~(2 << UVD_STATUS__VCPU_REPORT__SHIFT)); + /* clear the busy bit of VCN_STATUS */ + WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_STATUS), 0, + ~(2 << UVD_STATUS__VCPU_REPORT__SHIFT)); - ring = &adev->vcn.inst[i].ring_enc[0]; - WREG32_SOC15(VCN, i, regVCN_RB1_DB_CTRL, - ring->doorbell_index << VCN_RB1_DB_CTRL__OFFSET__SHIFT | - VCN_RB1_DB_CTRL__EN_MASK); - - WREG32_SOC15(VCN, i, regUVD_RB_BASE_LO, ring->gpu_addr); - WREG32_SOC15(VCN, i, regUVD_RB_BASE_HI, upper_32_bits(ring->gpu_addr)); - WREG32_SOC15(VCN, i, regUVD_RB_SIZE, ring->ring_size / 4); - - tmp = RREG32_SOC15(VCN, i, regVCN_RB_ENABLE); - tmp &= ~(VCN_RB_ENABLE__RB1_EN_MASK); - WREG32_SOC15(VCN, i, regVCN_RB_ENABLE, tmp); - fw_shared->sq.queue_mode |= FW_QUEUE_RING_RESET; - WREG32_SOC15(VCN, i, regUVD_RB_RPTR, 0); - WREG32_SOC15(VCN, i, regUVD_RB_WPTR, 0); - - tmp = RREG32_SOC15(VCN, i, regUVD_RB_RPTR); - WREG32_SOC15(VCN, i, regUVD_RB_WPTR, tmp); - ring->wptr = RREG32_SOC15(VCN, i, regUVD_RB_WPTR); - - tmp = RREG32_SOC15(VCN, i, regVCN_RB_ENABLE); - tmp |= VCN_RB_ENABLE__RB1_EN_MASK; - WREG32_SOC15(VCN, i, regVCN_RB_ENABLE, tmp); - fw_shared->sq.queue_mode &= ~(FW_QUEUE_RING_RESET | FW_QUEUE_DPG_HOLD_OFF); - } + ring = &adev->vcn.inst[i].ring_enc[0]; + WREG32_SOC15(VCN, i, regVCN_RB1_DB_CTRL, + ring->doorbell_index << VCN_RB1_DB_CTRL__OFFSET__SHIFT | + VCN_RB1_DB_CTRL__EN_MASK); + + WREG32_SOC15(VCN, i, regUVD_RB_BASE_LO, ring->gpu_addr); + WREG32_SOC15(VCN, i, regUVD_RB_BASE_HI, upper_32_bits(ring->gpu_addr)); + WREG32_SOC15(VCN, i, regUVD_RB_SIZE, ring->ring_size / 4); + + tmp = RREG32_SOC15(VCN, i, regVCN_RB_ENABLE); + tmp &= ~(VCN_RB_ENABLE__RB1_EN_MASK); + WREG32_SOC15(VCN, i, regVCN_RB_ENABLE, tmp); + fw_shared->sq.queue_mode |= FW_QUEUE_RING_RESET; + WREG32_SOC15(VCN, i, regUVD_RB_RPTR, 0); + WREG32_SOC15(VCN, i, regUVD_RB_WPTR, 0); + + tmp = RREG32_SOC15(VCN, i, regUVD_RB_RPTR); + WREG32_SOC15(VCN, i, regUVD_RB_WPTR, tmp); + ring->wptr = RREG32_SOC15(VCN, i, regUVD_RB_WPTR); + + tmp = RREG32_SOC15(VCN, i, regVCN_RB_ENABLE); + tmp |= VCN_RB_ENABLE__RB1_EN_MASK; + WREG32_SOC15(VCN, i, regVCN_RB_ENABLE, tmp); + fw_shared->sq.queue_mode &= ~(FW_QUEUE_RING_RESET | FW_QUEUE_DPG_HOLD_OFF); return 0; } @@ -1204,88 +1199,87 @@ static void vcn_v4_0_5_stop_dpg_mode(struct amdgpu_device *adev, int inst_idx) * vcn_v4_0_5_stop - VCN stop * * @adev: amdgpu_device pointer + * @i: instance to stop * * Stop VCN block */ -static int vcn_v4_0_5_stop(struct amdgpu_device *adev) +static int vcn_v4_0_5_stop(struct amdgpu_device *adev, int i) { volatile struct amdgpu_vcn4_fw_shared *fw_shared; uint32_t tmp; - int i, r = 0; + int r = 0; - for (i = 0; i < adev->vcn.num_vcn_inst; ++i) { - if (adev->vcn.harvest_config & (1 << i)) - continue; - - fw_shared = adev->vcn.inst[i].fw_shared.cpu_addr; - fw_shared->sq.queue_mode |= FW_QUEUE_DPG_HOLD_OFF; + if (adev->vcn.harvest_config & (1 << i)) + return 0; - if (adev->pg_flags & AMD_PG_SUPPORT_VCN_DPG) { - vcn_v4_0_5_stop_dpg_mode(adev, i); - continue; - } + fw_shared = adev->vcn.inst[i].fw_shared.cpu_addr; + fw_shared->sq.queue_mode |= FW_QUEUE_DPG_HOLD_OFF; - /* wait for vcn idle */ - r = SOC15_WAIT_ON_RREG(VCN, i, regUVD_STATUS, UVD_STATUS__IDLE, 0x7); - if (r) - return r; + if (adev->pg_flags & AMD_PG_SUPPORT_VCN_DPG) { + vcn_v4_0_5_stop_dpg_mode(adev, i); + r = 0; + goto done; + } - tmp = UVD_LMI_STATUS__VCPU_LMI_WRITE_CLEAN_MASK | - UVD_LMI_STATUS__READ_CLEAN_MASK | - UVD_LMI_STATUS__WRITE_CLEAN_MASK | - UVD_LMI_STATUS__WRITE_CLEAN_RAW_MASK; - r = SOC15_WAIT_ON_RREG(VCN, i, regUVD_LMI_STATUS, tmp, tmp); - if (r) - return r; + /* wait for vcn idle */ + r = SOC15_WAIT_ON_RREG(VCN, i, regUVD_STATUS, UVD_STATUS__IDLE, 0x7); + if (r) + goto done; - /* disable LMI UMC channel */ - tmp = RREG32_SOC15(VCN, i, regUVD_LMI_CTRL2); - tmp |= UVD_LMI_CTRL2__STALL_ARB_UMC_MASK; - WREG32_SOC15(VCN, i, regUVD_LMI_CTRL2, tmp); - tmp = UVD_LMI_STATUS__UMC_READ_CLEAN_RAW_MASK | - UVD_LMI_STATUS__UMC_WRITE_CLEAN_RAW_MASK; - r = SOC15_WAIT_ON_RREG(VCN, i, regUVD_LMI_STATUS, tmp, tmp); - if (r) - return r; + tmp = UVD_LMI_STATUS__VCPU_LMI_WRITE_CLEAN_MASK | + UVD_LMI_STATUS__READ_CLEAN_MASK | + UVD_LMI_STATUS__WRITE_CLEAN_MASK | + UVD_LMI_STATUS__WRITE_CLEAN_RAW_MASK; + r = SOC15_WAIT_ON_RREG(VCN, i, regUVD_LMI_STATUS, tmp, tmp); + if (r) + goto done; + + /* disable LMI UMC channel */ + tmp = RREG32_SOC15(VCN, i, regUVD_LMI_CTRL2); + tmp |= UVD_LMI_CTRL2__STALL_ARB_UMC_MASK; + WREG32_SOC15(VCN, i, regUVD_LMI_CTRL2, tmp); + tmp = UVD_LMI_STATUS__UMC_READ_CLEAN_RAW_MASK | + UVD_LMI_STATUS__UMC_WRITE_CLEAN_RAW_MASK; + r = SOC15_WAIT_ON_RREG(VCN, i, regUVD_LMI_STATUS, tmp, tmp); + if (r) + goto done; - /* block VCPU register access */ - WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_RB_ARB_CTRL), - UVD_RB_ARB_CTRL__VCPU_DIS_MASK, - ~UVD_RB_ARB_CTRL__VCPU_DIS_MASK); + /* block VCPU register access */ + WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_RB_ARB_CTRL), + UVD_RB_ARB_CTRL__VCPU_DIS_MASK, + ~UVD_RB_ARB_CTRL__VCPU_DIS_MASK); - /* reset VCPU */ - WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_VCPU_CNTL), - UVD_VCPU_CNTL__BLK_RST_MASK, - ~UVD_VCPU_CNTL__BLK_RST_MASK); + /* reset VCPU */ + WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_VCPU_CNTL), + UVD_VCPU_CNTL__BLK_RST_MASK, + ~UVD_VCPU_CNTL__BLK_RST_MASK); - /* disable VCPU clock */ - WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_VCPU_CNTL), 0, - ~(UVD_VCPU_CNTL__CLK_EN_MASK)); + /* disable VCPU clock */ + WREG32_P(SOC15_REG_OFFSET(VCN, i, regUVD_VCPU_CNTL), 0, + ~(UVD_VCPU_CNTL__CLK_EN_MASK)); - /* apply soft reset */ - tmp = RREG32_SOC15(VCN, i, regUVD_SOFT_RESET); - tmp |= UVD_SOFT_RESET__LMI_UMC_SOFT_RESET_MASK; - WREG32_SOC15(VCN, i, regUVD_SOFT_RESET, tmp); - tmp = RREG32_SOC15(VCN, i, regUVD_SOFT_RESET); - tmp |= UVD_SOFT_RESET__LMI_SOFT_RESET_MASK; - WREG32_SOC15(VCN, i, regUVD_SOFT_RESET, tmp); + /* apply soft reset */ + tmp = RREG32_SOC15(VCN, i, regUVD_SOFT_RESET); + tmp |= UVD_SOFT_RESET__LMI_UMC_SOFT_RESET_MASK; + WREG32_SOC15(VCN, i, regUVD_SOFT_RESET, tmp); + tmp = RREG32_SOC15(VCN, i, regUVD_SOFT_RESET); + tmp |= UVD_SOFT_RESET__LMI_SOFT_RESET_MASK; + WREG32_SOC15(VCN, i, regUVD_SOFT_RESET, tmp); - /* clear status */ - WREG32_SOC15(VCN, i, regUVD_STATUS, 0); + /* clear status */ + WREG32_SOC15(VCN, i, regUVD_STATUS, 0); - /* apply HW clock gating */ - vcn_v4_0_5_enable_clock_gating(adev, i); + /* apply HW clock gating */ + vcn_v4_0_5_enable_clock_gating(adev, i); - /* enable VCN power gating */ - vcn_v4_0_5_enable_static_power_gating(adev, i); - } + /* enable VCN power gating */ + vcn_v4_0_5_enable_static_power_gating(adev, i); - for (i = 0; i < adev->vcn.num_vcn_inst; ++i) { - if (adev->pm.dpm_enabled) - amdgpu_dpm_enable_vcn(adev, false, i); - } +done: + if (adev->pm.dpm_enabled) + amdgpu_dpm_enable_vcn(adev, false, i); - return 0; + return r; } /** @@ -1537,15 +1531,17 @@ static int vcn_v4_0_5_set_powergating_state(struct amdgpu_ip_block *ip_block, enum amd_powergating_state state) { struct amdgpu_device *adev = ip_block->adev; - int ret; + int ret = 0, i; if (state == adev->vcn.cur_state) return 0; - if (state == AMD_PG_STATE_GATE) - ret = vcn_v4_0_5_stop(adev); - else - ret = vcn_v4_0_5_start(adev); + for (i = 0; i < adev->vcn.num_vcn_inst; ++i) { + if (state == AMD_PG_STATE_GATE) + ret |= vcn_v4_0_5_stop(adev, i); + else + ret |= vcn_v4_0_5_start(adev, i); + } if (!ret) adev->vcn.cur_state = state; -- 2.49.0

3 months, 3 weeks

2
3
0 0

Regression between 6.1.135 and 6.1.139, possibly related to ITS mitigations

by Moritz Mühlenhoff

Hi, I'd like to report a regression which seems related to the latest ITS mitigations in Linux 6.1.x: The server in question is a Supermicro SYS-120C-TN10R with a "Intel(R) Xeon(R) Silver 4310 CPU @ 2.10GHz" CPU, running Debian Bookworm. The full output of /proc/cpuinfo is attached as cpuinfo.txt In addition to the kernel changes between 6.1.135 and 6.1.139 there is also some additional invariant, namely the Intel microcode loaded at early boot: On Linux 6.1.135 every works fine with both the 20250211 and 20250512 microcode releases (kern.log is attached as 6.1.135-feb-microcode.log and 6.1.135-may-microcode.log) With 6.1.139 and the February microcode, oopses appear related to clear_bhb_loop() (which may be related to "x86/its: Align RETs in BHB clear sequence to avoid thunking"?). This is captured in 6.1.139-feb-microcode.log. With 6.1.139 and the May microcode, the system mostly crashes on bootup (in my tests it crashed in three out of four attempts). I've captured both the crash (6.1.139-may-microcode-crash.log) and a working boot (6.1.139-may-microcode-noncrash.log). If you need any additional information, please let me know! Cheers, Moritz

3 months, 3 weeks

3
3
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror May 2025