May 2025 - Linux-stable-mirror

Re: Patch "btrfs: prevent inline data extents read from touching blocks beyond its range" has been added to the 6.14-stable tree

by Qu Wenruo

在 2025/5/23 06:35, Sasha Levin 写道: > This is a note to let you know that I've just added the patch titled > > btrfs: prevent inline data extents read from touching blocks beyond its range > > to the 6.14-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > btrfs-prevent-inline-data-extents-read-from-touching.patch > and it can be found in the queue-6.14 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. Please drop this patch. This is again a preparation patch for larger folios support of btrfs, and the optimization to dirty a block without reading the full page. This patch alone doesn't cause any difference for older kernels and should not be backported. Thanks, Qu > > > > commit 6a2d904623a8d1711b6b5065845d52cb3f2be60a > Author: Qu Wenruo <wqu(a)suse.com> > Date: Fri Nov 15 19:15:34 2024 +1030 > > btrfs: prevent inline data extents read from touching blocks beyond its range > > [ Upstream commit 1a5b5668d711d3d1ef447446beab920826decec3 ] > > Currently reading an inline data extent will zero out the remaining > range in the page. > > This is not yet causing problems even for block size < page size > (subpage) cases because: > > 1) An inline data extent always starts at file offset 0 > Meaning at page read, we always read the inline extent first, before > any other blocks in the page. Then later blocks are properly read out > and re-fill the zeroed out ranges. > > 2) Currently btrfs will read out the whole page if a buffered write is > not page aligned > So a page is either fully uptodate at buffered write time (covers the > whole page), or we will read out the whole page first. > Meaning there is nothing to lose for such an inline extent read. > > But it's still not ideal: > > - We're zeroing out the page twice > Once done by read_inline_extent()/uncompress_inline(), once done by > btrfs_do_readpage() for ranges beyond i_size. > > - We're touching blocks that don't belong to the inline extent > In the incoming patches, we can have a partial uptodate folio, of > which some dirty blocks can exist while the page is not fully uptodate: > > The page size is 16K and block size is 4K: > > 0 4K 8K 12K 16K > | | |/////////| | > > And range [8K, 12K) is dirtied by a buffered write, the remaining > blocks are not uptodate. > > If range [0, 4K) contains an inline data extent, and we try to read > the whole page, the current behavior will overwrite range [8K, 12K) > with zero and cause data loss. > > So to make the behavior more consistent and in preparation for future > changes, limit the inline data extents read to only zero out the range > inside the first block, not the whole page. > > Reviewed-by: Filipe Manana <fdmanana(a)suse.com> > Signed-off-by: Qu Wenruo <wqu(a)suse.com> > Signed-off-by: David Sterba <dsterba(a)suse.com> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > > diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c > index 9a648fb130230..a7136311a13c6 100644 > --- a/fs/btrfs/inode.c > +++ b/fs/btrfs/inode.c > @@ -6779,6 +6779,7 @@ static noinline int uncompress_inline(struct btrfs_path *path, > { > int ret; > struct extent_buffer *leaf = path->nodes[0]; > + const u32 blocksize = leaf->fs_info->sectorsize; > char *tmp; > size_t max_size; > unsigned long inline_size; > @@ -6795,7 +6796,7 @@ static noinline int uncompress_inline(struct btrfs_path *path, > > read_extent_buffer(leaf, tmp, ptr, inline_size); > > - max_size = min_t(unsigned long, PAGE_SIZE, max_size); > + max_size = min_t(unsigned long, blocksize, max_size); > ret = btrfs_decompress(compress_type, tmp, folio, 0, inline_size, > max_size); > > @@ -6807,14 +6808,15 @@ static noinline int uncompress_inline(struct btrfs_path *path, > * cover that region here. > */ > > - if (max_size < PAGE_SIZE) > - folio_zero_range(folio, max_size, PAGE_SIZE - max_size); > + if (max_size < blocksize) > + folio_zero_range(folio, max_size, blocksize - max_size); > kfree(tmp); > return ret; > } > > static int read_inline_extent(struct btrfs_path *path, struct folio *folio) > { > + const u32 blocksize = path->nodes[0]->fs_info->sectorsize; > struct btrfs_file_extent_item *fi; > void *kaddr; > size_t copy_size; > @@ -6829,14 +6831,14 @@ static int read_inline_extent(struct btrfs_path *path, struct folio *folio) > if (btrfs_file_extent_compression(path->nodes[0], fi) != BTRFS_COMPRESS_NONE) > return uncompress_inline(path, folio, fi); > > - copy_size = min_t(u64, PAGE_SIZE, > + copy_size = min_t(u64, blocksize, > btrfs_file_extent_ram_bytes(path->nodes[0], fi)); > kaddr = kmap_local_folio(folio, 0); > read_extent_buffer(path->nodes[0], kaddr, > btrfs_file_extent_inline_start(fi), copy_size); > kunmap_local(kaddr); > - if (copy_size < PAGE_SIZE) > - folio_zero_range(folio, copy_size, PAGE_SIZE - copy_size); > + if (copy_size < blocksize) > + folio_zero_range(folio, copy_size, blocksize - copy_size); > return 0; > } >

5 months, 2 weeks

1
0
0 0

Re: Patch "btrfs: properly limit inline data extent according to block size" has been added to the 6.14-stable tree

by Qu Wenruo

在 2025/5/23 06:35, Sasha Levin 写道: > This is a note to let you know that I've just added the patch titled > > btrfs: properly limit inline data extent according to block size > > to the 6.14-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > btrfs-properly-limit-inline-data-extent-according-to.patch > and it can be found in the queue-6.14 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. Please drop this patch. This is mostly for the incoming large folios support for btrfs. For older kernels this patch will not cause any behavior change. Thanks, Qu> > > > commit ec02842137bdccb74ed331a1b0a335ee22eb179c > Author: Qu Wenruo <wqu(a)suse.com> > Date: Tue Feb 25 14:30:44 2025 +1030 > > btrfs: properly limit inline data extent according to block size > > [ Upstream commit 23019d3e6617a8ec99a8d2f5947aa3dd8a74a1b8 ] > > Btrfs utilizes inline data extent for the following cases: > > - Regular small files > - Symlinks > > And "btrfs check" detects any file extents that are too large as an > error. > > It's not a problem for 4K block size, but for the incoming smaller > block sizes (2K), it can cause problems due to bad limits: > > - Non-compressed inline data extents > We do not allow a non-compressed inline data extent to be as large as > block size. > > - Symlinks > Currently the only real limit on symlinks are 4K, which can be larger > than 2K block size. > > These will result btrfs-check to report too large file extents. > > Fix it by adding proper size checks for the above cases. > > Signed-off-by: Qu Wenruo <wqu(a)suse.com> > Reviewed-by: David Sterba <dsterba(a)suse.com> > Signed-off-by: David Sterba <dsterba(a)suse.com> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > > diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c > index a06fca7934d55..9a648fb130230 100644 > --- a/fs/btrfs/inode.c > +++ b/fs/btrfs/inode.c > @@ -583,6 +583,10 @@ static bool can_cow_file_range_inline(struct btrfs_inode *inode, > if (size > fs_info->sectorsize) > return false; > > + /* We do not allow a non-compressed extent to be as large as block size. */ > + if (data_len >= fs_info->sectorsize) > + return false; > + > /* We cannot exceed the maximum inline data size. */ > if (data_len > BTRFS_MAX_INLINE_DATA_SIZE(fs_info)) > return false; > @@ -8671,7 +8675,12 @@ static int btrfs_symlink(struct mnt_idmap *idmap, struct inode *dir, > struct extent_buffer *leaf; > > name_len = strlen(symname); > - if (name_len > BTRFS_MAX_INLINE_DATA_SIZE(fs_info)) > + /* > + * Symlinks utilize uncompressed inline extent data, which should not > + * reach block size. > + */ > + if (name_len > BTRFS_MAX_INLINE_DATA_SIZE(fs_info) || > + name_len >= fs_info->sectorsize) > return -ENAMETOOLONG; > > inode = new_inode(dir->i_sb);

5 months, 2 weeks

1
0
0 0

[PATCH v1] Revert "usb: xhci: Implement xhci_handshake_check_state() helper"

by Roy Luo

This reverts commit 6ccb83d6c4972ebe6ae49de5eba051de3638362c. Commit 6ccb83d6c497 ("usb: xhci: Implement xhci_handshake_check_state() helper") was introduced to workaround watchdog timeout issues on some platforms, allowing xhci_reset() to bail out early without waiting for the reset to complete. Skipping the xhci handshake during a reset is a dangerous move. The xhci specification explicitly states that certain registers cannot be accessed during reset in section 5.4.1 USB Command Register (USBCMD), Host Controller Reset (HCRST) field: "This bit is cleared to '0' by the Host Controller when the reset process is complete. Software cannot terminate the reset process early by writinga '0' to this bit and shall not write any xHC Operational or Runtime registers until while HCRST is '1'." This behavior causes a regression on SNPS DWC3 USB controller with dual-role capability. When the DWC3 controller exits host mode and removes xhci while a reset is still in progress, and then tries to configure its hardware for device mode, the ongoing reset leads to register access issues; specifically, all register reads returns 0. These issues extend beyond the xhci register space (which is expected during a reset) and affect the entire DWC3 IP block, causing the DWC3 device mode to malfunction. Cc: stable(a)vger.kernel.org Fixes: 6ccb83d6c497 ("usb: xhci: Implement xhci_handshake_check_state() helper") Signed-off-by: Roy Luo <royluo(a)google.com> --- Changes in v1: - Link to previous patchset: https://lore.kernel.org/r/20250515185227.1507363-1-royluo@google.com/ --- drivers/usb/host/xhci-ring.c | 5 ++--- drivers/usb/host/xhci.c | 26 +------------------------- drivers/usb/host/xhci.h | 2 -- 3 files changed, 3 insertions(+), 30 deletions(-) diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c index 423bf3649570..b720e04ce7d8 100644 --- a/drivers/usb/host/xhci-ring.c +++ b/drivers/usb/host/xhci-ring.c @@ -518,9 +518,8 @@ static int xhci_abort_cmd_ring(struct xhci_hcd *xhci, unsigned long flags) * In the future we should distinguish between -ENODEV and -ETIMEDOUT * and try to recover a -ETIMEDOUT with a host controller reset. */ - ret = xhci_handshake_check_state(xhci, &xhci->op_regs->cmd_ring, - CMD_RING_RUNNING, 0, 5 * 1000 * 1000, - XHCI_STATE_REMOVING); + ret = xhci_handshake(&xhci->op_regs->cmd_ring, + CMD_RING_RUNNING, 0, 5 * 1000 * 1000); if (ret < 0) { xhci_err(xhci, "Abort failed to stop command ring: %d\n", ret); xhci_halt(xhci); diff --git a/drivers/usb/host/xhci.c b/drivers/usb/host/xhci.c index 90eb491267b5..472c4b6ae59e 100644 --- a/drivers/usb/host/xhci.c +++ b/drivers/usb/host/xhci.c @@ -83,29 +83,6 @@ int xhci_handshake(void __iomem *ptr, u32 mask, u32 done, u64 timeout_us) return ret; } -/* - * xhci_handshake_check_state - same as xhci_handshake but takes an additional - * exit_state parameter, and bails out with an error immediately when xhc_state - * has exit_state flag set. - */ -int xhci_handshake_check_state(struct xhci_hcd *xhci, void __iomem *ptr, - u32 mask, u32 done, int usec, unsigned int exit_state) -{ - u32 result; - int ret; - - ret = readl_poll_timeout_atomic(ptr, result, - (result & mask) == done || - result == U32_MAX || - xhci->xhc_state & exit_state, - 1, usec); - - if (result == U32_MAX || xhci->xhc_state & exit_state) - return -ENODEV; - - return ret; -} - /* * Disable interrupts and begin the xHCI halting process. */ @@ -226,8 +203,7 @@ int xhci_reset(struct xhci_hcd *xhci, u64 timeout_us) if (xhci->quirks & XHCI_INTEL_HOST) udelay(1000); - ret = xhci_handshake_check_state(xhci, &xhci->op_regs->command, - CMD_RESET, 0, timeout_us, XHCI_STATE_REMOVING); + ret = xhci_handshake(&xhci->op_regs->command, CMD_RESET, 0, timeout_us); if (ret) return ret; diff --git a/drivers/usb/host/xhci.h b/drivers/usb/host/xhci.h index 242ab9fbc8ae..5e698561b96d 100644 --- a/drivers/usb/host/xhci.h +++ b/drivers/usb/host/xhci.h @@ -1855,8 +1855,6 @@ void xhci_remove_secondary_interrupter(struct usb_hcd /* xHCI host controller glue */ typedef void (*xhci_get_quirks_t)(struct device *, struct xhci_hcd *); int xhci_handshake(void __iomem *ptr, u32 mask, u32 done, u64 timeout_us); -int xhci_handshake_check_state(struct xhci_hcd *xhci, void __iomem *ptr, - u32 mask, u32 done, int usec, unsigned int exit_state); void xhci_quiesce(struct xhci_hcd *xhci); int xhci_halt(struct xhci_hcd *xhci); int xhci_start(struct xhci_hcd *xhci); base-commit: 172a9d94339cea832d89630b89d314e41d622bd8 -- 2.49.0.1112.g889b7c5bd8-goog

5 months, 2 weeks

5
8
0 0

[PATCH v1 2/2] Revert "usb: xhci: Implement xhci_handshake_check_state() helper"

by Roy Luo

This reverts commit 6ccb83d6c4972ebe6ae49de5eba051de3638362c. Commit 6ccb83d6c497 ("usb: xhci: Implement xhci_handshake_check_state() helper") was introduced to workaround watchdog timeout issues on some platforms, allowing xhci_reset() to bail out early without waiting for the reset to complete. Skipping the xhci handshake during a reset is a dangerous move. The xhci specification explicitly states that certain registers cannot be accessed during reset in section 5.4.1 USB Command Register (USBCMD), Host Controller Reset (HCRST) field: "This bit is cleared to '0' by the Host Controller when the reset process is complete. Software cannot terminate the reset process early by writinga '0' to this bit and shall not write any xHC Operational or Runtime registers until while HCRST is '1'." This behavior causes a regression on SNPS DWC3 USB controller with dual-role capability. When the DWC3 controller exits host mode and removes xhci while a reset is still in progress, and then tries to configure its hardware for device mode, the ongoing reset leads to register access issues; specifically, all register reads returns 0. These issues extend beyond the xhci register space (which is expected during a reset) and affect the entire DWC3 IP block, causing the DWC3 device mode to malfunction. Cc: stable(a)vger.kernel.org Fixes: 6ccb83d6c497 ("usb: xhci: Implement xhci_handshake_check_state() helper") Signed-off-by: Roy Luo <royluo(a)google.com> --- drivers/usb/host/xhci-ring.c | 5 ++--- drivers/usb/host/xhci.c | 26 +------------------------- drivers/usb/host/xhci.h | 2 -- 3 files changed, 3 insertions(+), 30 deletions(-) diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c index 423bf3649570..b720e04ce7d8 100644 --- a/drivers/usb/host/xhci-ring.c +++ b/drivers/usb/host/xhci-ring.c @@ -518,9 +518,8 @@ static int xhci_abort_cmd_ring(struct xhci_hcd *xhci, unsigned long flags) * In the future we should distinguish between -ENODEV and -ETIMEDOUT * and try to recover a -ETIMEDOUT with a host controller reset. */ - ret = xhci_handshake_check_state(xhci, &xhci->op_regs->cmd_ring, - CMD_RING_RUNNING, 0, 5 * 1000 * 1000, - XHCI_STATE_REMOVING); + ret = xhci_handshake(&xhci->op_regs->cmd_ring, + CMD_RING_RUNNING, 0, 5 * 1000 * 1000); if (ret < 0) { xhci_err(xhci, "Abort failed to stop command ring: %d\n", ret); xhci_halt(xhci); diff --git a/drivers/usb/host/xhci.c b/drivers/usb/host/xhci.c index 244b12eafd95..cb9f35acb1f9 100644 --- a/drivers/usb/host/xhci.c +++ b/drivers/usb/host/xhci.c @@ -83,29 +83,6 @@ int xhci_handshake(void __iomem *ptr, u32 mask, u32 done, u64 timeout_us) return ret; } -/* - * xhci_handshake_check_state - same as xhci_handshake but takes an additional - * exit_state parameter, and bails out with an error immediately when xhc_state - * has exit_state flag set. - */ -int xhci_handshake_check_state(struct xhci_hcd *xhci, void __iomem *ptr, - u32 mask, u32 done, int usec, unsigned int exit_state) -{ - u32 result; - int ret; - - ret = readl_poll_timeout_atomic(ptr, result, - (result & mask) == done || - result == U32_MAX || - xhci->xhc_state & exit_state, - 1, usec); - - if (result == U32_MAX || xhci->xhc_state & exit_state) - return -ENODEV; - - return ret; -} - /* * Disable interrupts and begin the xHCI halting process. */ @@ -226,8 +203,7 @@ int xhci_reset(struct xhci_hcd *xhci, u64 timeout_us) if (xhci->quirks & XHCI_INTEL_HOST) udelay(1000); - ret = xhci_handshake_check_state(xhci, &xhci->op_regs->command, - CMD_RESET, 0, timeout_us, XHCI_STATE_REMOVING); + ret = xhci_handshake(&xhci->op_regs->command, CMD_RESET, 0, timeout_us); if (ret) return ret; diff --git a/drivers/usb/host/xhci.h b/drivers/usb/host/xhci.h index 242ab9fbc8ae..5e698561b96d 100644 --- a/drivers/usb/host/xhci.h +++ b/drivers/usb/host/xhci.h @@ -1855,8 +1855,6 @@ void xhci_remove_secondary_interrupter(struct usb_hcd /* xHCI host controller glue */ typedef void (*xhci_get_quirks_t)(struct device *, struct xhci_hcd *); int xhci_handshake(void __iomem *ptr, u32 mask, u32 done, u64 timeout_us); -int xhci_handshake_check_state(struct xhci_hcd *xhci, void __iomem *ptr, - u32 mask, u32 done, int usec, unsigned int exit_state); void xhci_quiesce(struct xhci_hcd *xhci); int xhci_halt(struct xhci_hcd *xhci); int xhci_start(struct xhci_hcd *xhci); -- 2.49.0.1204.g71687c7c1d-goog

5 months, 2 weeks

1
0
0 0

[PATCH v3] net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid()

by Wentao Liang

The function mlx5_query_nic_vport_node_guid() calls the function mlx5_query_nic_vport_context() but does not check its return value. A proper implementation can be found in mlx5_nic_vport_query_local_lb(). Add error handling for mlx5_query_nic_vport_context(). If it fails, free the out buffer via kvfree() and return error code. Fixes: 9efa75254593 ("net/mlx5_core: Introduce access functions to query vport RoCE fields") Cc: stable(a)vger.kernel.org # v4.5 Target: net Signed-off-by: Wentao Liang <vulab(a)iscas.ac.cn> --- v3: Explicitly mention target branch. Change improper code. v2: Remove redundant reassignment. Fix typo error. drivers/net/ethernet/mellanox/mlx5/core/vport.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlx5/core/vport.c b/drivers/net/ethernet/mellanox/mlx5/core/vport.c index 0d5f750faa45..66e44905c1f0 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/vport.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/vport.c @@ -465,19 +465,22 @@ int mlx5_query_nic_vport_node_guid(struct mlx5_core_dev *mdev, u64 *node_guid) { u32 *out; int outlen = MLX5_ST_SZ_BYTES(query_nic_vport_context_out); + int err; out = kvzalloc(outlen, GFP_KERNEL); if (!out) return -ENOMEM; - mlx5_query_nic_vport_context(mdev, 0, out); + ret = mlx5_query_nic_vport_context(mdev, 0, out); + if (err) + goto out; *node_guid = MLX5_GET64(query_nic_vport_context_out, out, nic_vport_context.node_guid); - +out: kvfree(out); - return 0; + return err; } EXPORT_SYMBOL_GPL(mlx5_query_nic_vport_node_guid); -- 2.42.0.windows.2

5 months, 2 weeks

3
2
0 0

[PATCH] remoteproc: mediatek: Add SCP watchdog handler in IRQ processing

by Wentao Liang

In mt8195_scp_c1_irq_handler(), only the IPC interrupt bit (MT8192_SCP_IPC_INT_BIT) was checked., but does not handle when this bit is not set. This could lead to unhandled watchdog events. This could lead to unhandled watchdog events. A proper implementation can be found in mt8183_scp_irq_handler(). Add a new branch to handle SCP watchdog events when the IPC interrupt bit is not set. Fixes: 6a1c9aaf04eb ("remoteproc: mediatek: Add MT8195 SCP core 1 operations") Cc: stable(a)vger.kernel.org # v6.7 Signed-off-by: Wentao Liang <vulab(a)iscas.ac.cn> --- drivers/remoteproc/mtk_scp.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/remoteproc/mtk_scp.c b/drivers/remoteproc/mtk_scp.c index 0f4a7065d0bd..316e8c98a503 100644 --- a/drivers/remoteproc/mtk_scp.c +++ b/drivers/remoteproc/mtk_scp.c @@ -273,6 +273,8 @@ static void mt8195_scp_c1_irq_handler(struct mtk_scp *scp) if (scp_to_host & MT8192_SCP_IPC_INT_BIT) scp_ipi_handler(scp); + else + scp_wdt_handler(scp, scp_to_host); writel(scp_to_host, scp->cluster->reg_base + MT8195_SSHUB2APMCU_IPC_CLR); } -- 2.42.0.windows.2

5 months, 2 weeks

3
2
0 0

[PATCH v6 6/7] media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval

by Mathis Foerst

Getting / Setting the frame interval using the V4L2 subdev pad ops get_frame_interval/set_frame_interval causes a deadlock, as the subdev state is locked in the [1] but also in the driver itself. In [2] it's described that the caller is responsible to acquire and release the lock in this case. Therefore, acquiring the lock in the driver is wrong. Remove the lock acquisitions/releases from mt9m114_ifp_get_frame_interval() and mt9m114_ifp_set_frame_interval(). [1] drivers/media/v4l2-core/v4l2-subdev.c - line 1129 [2] Documentation/driver-api/media/v4l2-subdev.rst Fixes: 24d756e914fc ("media: i2c: Add driver for onsemi MT9M114 camera sensor") Cc: stable(a)vger.kernel.org Signed-off-by: Mathis Foerst <mathis.foerst(a)mt.com> Reviewed-by: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> --- drivers/media/i2c/mt9m114.c | 8 -------- 1 file changed, 8 deletions(-) diff --git a/drivers/media/i2c/mt9m114.c b/drivers/media/i2c/mt9m114.c index e909c1227e51..9ff46c72dbc1 100644 --- a/drivers/media/i2c/mt9m114.c +++ b/drivers/media/i2c/mt9m114.c @@ -1652,13 +1652,9 @@ static int mt9m114_ifp_get_frame_interval(struct v4l2_subdev *sd, if (interval->which != V4L2_SUBDEV_FORMAT_ACTIVE) return -EINVAL; - mutex_lock(sensor->ifp.hdl.lock); - ival->numerator = 1; ival->denominator = sensor->ifp.frame_rate; - mutex_unlock(sensor->ifp.hdl.lock); - return 0; } @@ -1677,8 +1673,6 @@ static int mt9m114_ifp_set_frame_interval(struct v4l2_subdev *sd, if (interval->which != V4L2_SUBDEV_FORMAT_ACTIVE) return -EINVAL; - mutex_lock(sensor->ifp.hdl.lock); - if (ival->numerator != 0 && ival->denominator != 0) sensor->ifp.frame_rate = min_t(unsigned int, ival->denominator / ival->numerator, @@ -1692,8 +1686,6 @@ static int mt9m114_ifp_set_frame_interval(struct v4l2_subdev *sd, if (sensor->streaming) ret = mt9m114_set_frame_rate(sensor); - mutex_unlock(sensor->ifp.hdl.lock); - return ret; } -- 2.34.1

5 months, 2 weeks

1
0
0 0

[PATCH v5 6/7] media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval

by Mathis Foerst

Getting / Setting the frame interval using the V4L2 subdev pad ops get_frame_interval/set_frame_interval causes a deadlock, as the subdev state is locked in the [1] but also in the driver itself. In [2] it's described that the caller is responsible to acquire and release the lock in this case. Therefore, acquiring the lock in the driver is wrong. Remove the lock acquisitions/releases from mt9m114_ifp_get_frame_interval() and mt9m114_ifp_set_frame_interval(). [1] drivers/media/v4l2-core/v4l2-subdev.c - line 1129 [2] Documentation/driver-api/media/v4l2-subdev.rst Fixes: 24d756e914fc ("media: i2c: Add driver for onsemi MT9M114 camera sensor") Cc: stable(a)vger.kernel.org Signed-off-by: Mathis Foerst <mathis.foerst(a)mt.com> --- drivers/media/i2c/mt9m114.c | 8 -------- 1 file changed, 8 deletions(-) diff --git a/drivers/media/i2c/mt9m114.c b/drivers/media/i2c/mt9m114.c index e909c1227e51..9ff46c72dbc1 100644 --- a/drivers/media/i2c/mt9m114.c +++ b/drivers/media/i2c/mt9m114.c @@ -1652,13 +1652,9 @@ static int mt9m114_ifp_get_frame_interval(struct v4l2_subdev *sd, if (interval->which != V4L2_SUBDEV_FORMAT_ACTIVE) return -EINVAL; - mutex_lock(sensor->ifp.hdl.lock); - ival->numerator = 1; ival->denominator = sensor->ifp.frame_rate; - mutex_unlock(sensor->ifp.hdl.lock); - return 0; } @@ -1677,8 +1673,6 @@ static int mt9m114_ifp_set_frame_interval(struct v4l2_subdev *sd, if (interval->which != V4L2_SUBDEV_FORMAT_ACTIVE) return -EINVAL; - mutex_lock(sensor->ifp.hdl.lock); - if (ival->numerator != 0 && ival->denominator != 0) sensor->ifp.frame_rate = min_t(unsigned int, ival->denominator / ival->numerator, @@ -1692,8 +1686,6 @@ static int mt9m114_ifp_set_frame_interval(struct v4l2_subdev *sd, if (sensor->streaming) ret = mt9m114_set_frame_rate(sensor); - mutex_unlock(sensor->ifp.hdl.lock); - return ret; } -- 2.34.1

5 months, 2 weeks

1
0
0 0

patch "iio: adc: ti-ads1298: Kconfig: add kfifo dependency to fix module" added to char-misc-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled iio: adc: ti-ads1298: Kconfig: add kfifo dependency to fix module to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. From 3c5dfea39a245b2dad869db24e2830aa299b1cf2 Mon Sep 17 00:00:00 2001 From: Arthur-Prince <r2.arthur.prince(a)gmail.com> Date: Wed, 30 Apr 2025 16:07:37 -0300 Subject: iio: adc: ti-ads1298: Kconfig: add kfifo dependency to fix module build MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add dependency to Kconfig’s ti-ads1298 because compiling it as a module failed with an undefined kfifo symbol. Fixes: 00ef7708fa60 ("iio: adc: ti-ads1298: Add driver") Signed-off-by: Arthur-Prince <r2.arthur.prince(a)gmail.com> Co-developed-by: Mariana Valério <mariana.valerio2(a)hotmail.com> Signed-off-by: Mariana Valério <mariana.valerio2(a)hotmail.com> Link: https://patch.msgid.link/20250430191131.120831-1-r2.arthur.prince@gmail.com Cc: <Stable(a)vger.kernel.org> Signed-off-by: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> --- drivers/iio/adc/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/iio/adc/Kconfig b/drivers/iio/adc/Kconfig index ad06cf556785..0fe6601e59ed 100644 --- a/drivers/iio/adc/Kconfig +++ b/drivers/iio/adc/Kconfig @@ -1562,6 +1562,7 @@ config TI_ADS1298 tristate "Texas Instruments ADS1298" depends on SPI select IIO_BUFFER + select IIO_KFIFO_BUF help If you say yes here you get support for Texas Instruments ADS1298 medical ADC chips -- 2.49.0

5 months, 2 weeks

1
0
0 0

patch "iio: adc: ti-ads1298: Kconfig: add kfifo dependency to fix module" added to char-misc-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled iio: adc: ti-ads1298: Kconfig: add kfifo dependency to fix module to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the char-misc-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. From 3c5dfea39a245b2dad869db24e2830aa299b1cf2 Mon Sep 17 00:00:00 2001 From: Arthur-Prince <r2.arthur.prince(a)gmail.com> Date: Wed, 30 Apr 2025 16:07:37 -0300 Subject: iio: adc: ti-ads1298: Kconfig: add kfifo dependency to fix module build MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add dependency to Kconfig’s ti-ads1298 because compiling it as a module failed with an undefined kfifo symbol. Fixes: 00ef7708fa60 ("iio: adc: ti-ads1298: Add driver") Signed-off-by: Arthur-Prince <r2.arthur.prince(a)gmail.com> Co-developed-by: Mariana Valério <mariana.valerio2(a)hotmail.com> Signed-off-by: Mariana Valério <mariana.valerio2(a)hotmail.com> Link: https://patch.msgid.link/20250430191131.120831-1-r2.arthur.prince@gmail.com Cc: <Stable(a)vger.kernel.org> Signed-off-by: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> --- drivers/iio/adc/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/iio/adc/Kconfig b/drivers/iio/adc/Kconfig index ad06cf556785..0fe6601e59ed 100644 --- a/drivers/iio/adc/Kconfig +++ b/drivers/iio/adc/Kconfig @@ -1562,6 +1562,7 @@ config TI_ADS1298 tristate "Texas Instruments ADS1298" depends on SPI select IIO_BUFFER + select IIO_KFIFO_BUF help If you say yes here you get support for Texas Instruments ADS1298 medical ADC chips -- 2.49.0

5 months, 2 weeks

1
0
0 0

Linux 6.14.8

by Greg Kroah-Hartman

I'm announcing the release of the 6.14.8 kernel. All users of the 6.14 kernel series must upgrade. The updated 6.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.14.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/netlink/specs/tc.yaml | 10 MAINTAINERS | 6 Makefile | 3 arch/arm64/boot/dts/amlogic/meson-g12b-dreambox.dtsi | 4 arch/arm64/boot/dts/freescale/imx8mp-var-som.dtsi | 12 arch/arm64/boot/dts/rockchip/rk3576-armsom-sige5.dts | 2 arch/arm64/boot/dts/rockchip/rk3588-friendlyelec-cm3588.dtsi | 4 arch/arm64/boot/dts/rockchip/rk3588-turing-rk1.dtsi | 2 arch/arm64/boot/dts/rockchip/rk3588j.dtsi | 53 -- arch/loongarch/include/asm/ptrace.h | 2 arch/loongarch/include/asm/uprobes.h | 1 arch/loongarch/kernel/genex.S | 7 arch/loongarch/kernel/kfpu.c | 22 arch/loongarch/kernel/time.c | 2 arch/loongarch/kernel/uprobes.c | 11 arch/loongarch/power/hibernate.c | 3 arch/riscv/boot/dts/sophgo/cv18xx.dtsi | 2 arch/x86/coco/sev/core.c | 255 +++++++---- arch/x86/include/asm/amd_nb.h | 1 arch/x86/include/asm/amd_node.h | 13 arch/x86/kernel/amd_nb.c | 1 arch/x86/kernel/amd_node.c | 9 block/bio.c | 2 drivers/accel/ivpu/ivpu_drv.c | 39 - drivers/accel/ivpu/ivpu_drv.h | 5 drivers/accel/ivpu/ivpu_hw.c | 5 drivers/accel/ivpu/ivpu_hw.h | 9 drivers/accel/ivpu/ivpu_hw_btrs.c | 3 drivers/accel/ivpu/ivpu_ipc.c | 7 drivers/accel/ivpu/ivpu_ipc.h | 2 drivers/accel/ivpu/ivpu_job.c | 15 drivers/accel/ivpu/ivpu_job.h | 2 drivers/accel/ivpu/ivpu_mmu.c | 109 +++- drivers/accel/ivpu/ivpu_mmu.h | 2 drivers/accel/ivpu/ivpu_mmu_context.c | 13 drivers/accel/ivpu/ivpu_mmu_context.h | 2 drivers/accel/ivpu/ivpu_pm.c | 3 drivers/accel/ivpu/ivpu_pm.h | 2 drivers/acpi/pptt.c | 11 drivers/block/ublk_drv.c | 2 drivers/char/tpm/tpm2-sessions.c | 20 drivers/char/tpm/tpm_tis_core.h | 2 drivers/dma-buf/dma-resv.c | 5 drivers/dma/dmatest.c | 6 drivers/dma/idxd/init.c | 159 ++++-- drivers/dma/ti/k3-udma.c | 10 drivers/gpio/gpio-pca953x.c | 6 drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 2 drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 12 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c | 16 drivers/gpu/drm/amd/display/dc/dpp/dcn401/dcn401_dpp_cm.c | 5 drivers/gpu/drm/amd/display/dc/hwss/dcn401/dcn401_hwseq.c | 6 drivers/gpu/drm/meson/meson_encoder_hdmi.c | 4 drivers/gpu/drm/tiny/panel-mipi-dbi.c | 5 drivers/gpu/drm/xe/instructions/xe_mi_commands.h | 4 drivers/gpu/drm/xe/xe_gsc.c | 22 drivers/gpu/drm/xe/xe_gsc.h | 1 drivers/gpu/drm/xe/xe_gsc_proxy.c | 11 drivers/gpu/drm/xe/xe_gsc_proxy.h | 1 drivers/gpu/drm/xe/xe_gt.c | 2 drivers/gpu/drm/xe/xe_lrc.c | 2 drivers/gpu/drm/xe/xe_ring_ops.c | 7 drivers/gpu/drm/xe/xe_uc.c | 8 drivers/gpu/drm/xe/xe_uc.h | 1 drivers/hid/amd-sfh-hid/sfh1_1/amd_sfh_init.c | 7 drivers/hid/bpf/hid_bpf_dispatch.c | 9 drivers/hid/hid-thrustmaster.c | 1 drivers/hid/hid-uclogic-core.c | 7 drivers/hv/channel.c | 65 -- drivers/i2c/busses/i2c-designware-pcidrv.c | 4 drivers/iio/adc/ad7606.c | 154 +++++- drivers/iio/adc/ad7606.h | 37 + drivers/iio/adc/ad7606_spi.c | 137 ----- drivers/infiniband/core/device.c | 6 drivers/infiniband/sw/rxe/rxe_cq.c | 5 drivers/net/dsa/b53/b53_common.c | 33 + drivers/net/dsa/b53/b53_regs.h | 14 drivers/net/dsa/microchip/ksz_common.c | 135 ++++- drivers/net/dsa/sja1105/sja1105_main.c | 6 drivers/net/ethernet/cadence/macb_main.c | 19 drivers/net/ethernet/engleder/tsnep_main.c | 30 - drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 5 drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c | 3 drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.h | 1 drivers/net/ethernet/marvell/octeontx2/nic/otx2_devlink.c | 1 drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c | 10 drivers/net/ethernet/marvell/octeontx2/nic/otx2_flows.c | 3 drivers/net/ethernet/mediatek/mtk_eth_soc.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 4 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c | 3 drivers/net/ethernet/qlogic/qede/qede_main.c | 2 drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 7 drivers/net/hyperv/hyperv_net.h | 13 drivers/net/hyperv/netvsc.c | 57 ++ drivers/net/hyperv/netvsc_drv.c | 62 -- drivers/net/hyperv/rndis_filter.c | 24 - drivers/net/phy/micrel.c | 7 drivers/net/wireless/mediatek/mt76/dma.c | 1 drivers/net/wireless/mediatek/mt76/mt7925/mcu.c | 4 drivers/nvme/host/pci.c | 4 drivers/phy/renesas/phy-rcar-gen3-usb2.c | 40 - drivers/phy/tegra/xusb-tegra186.c | 46 + drivers/phy/tegra/xusb.c | 8 drivers/platform/x86/amd/hsmp/Kconfig | 2 drivers/platform/x86/amd/hsmp/acpi.c | 10 drivers/platform/x86/amd/hsmp/hsmp.c | 1 drivers/platform/x86/amd/hsmp/hsmp.h | 4 drivers/platform/x86/amd/hsmp/plat.c | 42 - drivers/platform/x86/amd/pmc/pmc-quirks.c | 7 drivers/platform/x86/amd/pmf/tee-if.c | 23 drivers/platform/x86/asus-wmi.c | 3 drivers/regulator/max20086-regulator.c | 7 drivers/scsi/sd_zbc.c | 6 drivers/scsi/storvsc_drv.c | 1 drivers/spi/spi-loopback-test.c | 2 drivers/spi/spi-tegra114.c | 6 drivers/usb/gadget/function/f_midi2.c | 2 fs/binfmt_elf.c | 71 ++- fs/btrfs/discard.c | 17 fs/btrfs/fs.h | 1 fs/btrfs/inode.c | 7 fs/btrfs/super.c | 4 fs/eventpoll.c | 7 fs/nfs/localio.c | 2 fs/nfs/nfs4proc.c | 9 fs/nfs/pnfs.c | 9 fs/smb/client/smb2pdu.c | 2 fs/udf/truncate.c | 2 fs/xattr.c | 24 + include/linux/bio.h | 1 include/linux/hyperv.h | 7 include/linux/micrel_phy.h | 1 include/linux/tpm.h | 21 include/net/sch_generic.h | 15 include/sound/ump_msg.h | 4 io_uring/fdinfo.c | 48 +- io_uring/memmap.c | 2 io_uring/uring_cmd.c | 5 kernel/cgroup/cpuset.c | 6 kernel/sched/ext.c | 6 kernel/trace/fprobe.c | 3 kernel/trace/ring_buffer.c | 8 kernel/trace/trace_dynevent.c | 16 kernel/trace/trace_dynevent.h | 1 kernel/trace/trace_events_trigger.c | 2 kernel/trace/trace_functions.c | 6 kernel/trace/trace_kprobe.c | 2 kernel/trace/trace_probe.c | 9 kernel/trace/trace_uprobe.c | 2 mm/hugetlb.c | 28 - mm/page_alloc.c | 23 mm/userfaultfd.c | 12 net/bluetooth/mgmt.c | 9 net/mac80211/main.c | 6 net/mctp/device.c | 17 net/mctp/route.c | 4 net/sched/sch_codel.c | 2 net/sched/sch_fq.c | 2 net/sched/sch_fq_codel.c | 2 net/sched/sch_fq_pie.c | 2 net/sched/sch_hhf.c | 2 net/sched/sch_pie.c | 2 net/tls/tls_strp.c | 3 samples/ftrace/sample-trace-array.c | 2 scripts/Makefile.extrawarn | 12 sound/core/seq/seq_clientmgr.c | 52 +- sound/core/seq/seq_ump_convert.c | 18 sound/core/seq/seq_ump_convert.h | 1 sound/pci/es1968.c | 6 sound/sh/Kconfig | 2 sound/usb/quirks.c | 4 tools/net/ynl/pyynl/ethtool.py | 22 tools/perf/arch/loongarch/include/syscall_table.h | 2 tools/testing/selftests/drivers/net/hw/ncdevmem.c | 55 -- tools/testing/vsock/vsock_test.c | 28 - 176 files changed, 1681 insertions(+), 1027 deletions(-) Aaron Kling (1): spi: tegra114: Use value to check for invalid delays Abdun Nihaal (1): qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd() Alexey Makhalov (1): MAINTAINERS: Update Alexey Makhalov's email address Andrew Jeffery (1): net: mctp: Ensure keys maintain only one ref to corresponding dev Ashish Kalra (2): x86/sev: Do not touch VMSA pages during SNP guest memory kdump x86/sev: Make sure pages are not skipped during kdump Barry Song (1): mm: userfaultfd: correct dirty flags set for both present and swap pte Bo-Cun Chen (1): net: ethernet: mtk_eth_soc: fix typo for declaration MT7988 ESW capability Boris Burkov (1): btrfs: fix folio leak in submit_one_async_extent() Breno Leitao (1): tracing: fprobe: Fix RCU warning message in list traversal Carolina Jubran (1): net/mlx5e: Disable MACsec offload for uplink representor profile Christian Heusel (1): ALSA: usb-audio: Add sample rate quirk for Audioengine D1 Christian Hewitt (1): arm64: dts: amlogic: dreambox: fix missing clkc_audio node Christophe JAILLET (1): i2c: designware: Fix an error handling path in i2c_dw_pci_probe() Claudiu Beznea (2): phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind phy: renesas: rcar-gen3-usb2: Set timing registers only once Cong Wang (1): net_sched: Flush gso_skb list too during ->change() Cosmin Ratiu (1): tests/ncdevmem: Fix double-free of queue array Cosmin Tanislav (1): regulator: max20086: fix invalid memory access Dan Carpenter (1): phy: tegra: xusb: remove a stray unlock Daniele Ceraolo Spurio (1): drm/xe/gsc: do not flush the GSC worker from the reset path David Lechner (1): iio: adc: ad7606: check for NULL before calling sw_mode_config() Dragan Simic (1): arm64: dts: rockchip: Remove overdrive-mode OPPs from RK3588J SoC dtsi Emanuele Ghidoli (1): gpio: pca953x: fix IRQ storm on system wake up Fabio Estevam (1): drm/tiny: panel-mipi-dbi: Use drm_client_setup_with_fourcc() Fedor Pchelkin (1): wifi: mt76: disable napi on driver removal Filipe Manana (1): btrfs: fix discard worker infinite loop after disabling discard Geert Uytterhoeven (2): spi: loopback-test: Do not split 1024-byte hexdumps ALSA: sh: SND_AICA should depend on SH_DMA_API Gerhard Engleder (1): tsnep: fix timestamping with a stacked DSA driver Greg Kroah-Hartman (1): Linux 6.14.8 Guillaume Stols (2): iio: adc: ad7606: move the software mode configuration iio: adc: ad7606: move software functions into common file Hangbin Liu (1): tools/net/ynl: ethtool: fix crash when Hardware Clock info is missing Hans de Goede (1): platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection Hariprasad Kelam (2): octeontx2-pf: Fix ethtool support for SDP representors octeontx2-af: Fix CGX Receive counters Henry Martin (1): HID: uclogic: Add NULL check in uclogic_input_configured() Himanshu Bhavani (1): arm64: dts: imx8mp-var-som: Fix LDO5 shutdown causing SD card timeout Huacai Chen (3): LoongArch: Move __arch_cpu_idle() to .cpuidle.text section LoongArch: Save and restore CSR.CNTC for hibernation LoongArch: Fix MAX_REG_OFFSET calculation Hyejeong Choi (1): dma-buf: insert memory barrier before updating num_fences I Hsin Cheng (1): drm/meson: Use 1000ULL when operating with mode->clock Ido Schimmel (1): mlxsw: spectrum_router: Fix use-after-free when deleting GRE net devices Jakub Kicinski (2): netlink: specs: tc: fix a couple of attribute names netlink: specs: tc: all actions are indexed arrays Jan Kara (1): udf: Make sure i_lenExtents is uptodate on inode eviction Jarkko Sakkinen (1): tpm: Mask TPM RC in tpm2_start_auth_session() Jens Axboe (2): io_uring/fdinfo: grab ctx->uring_lock around io_uring_show_fdinfo() io_uring/memmap: don't use page_address() on a highmem page Jeremy Linton (1): ACPI: PPTT: Fix processor subtable walk Jethro Donaldson (1): smb: client: fix memory leak during error handling for POSIX mkdir Jonas Gorski (1): net: dsa: b53: prevent standalone from trying to forward to other ports Karol Wachowski (4): accel/ivpu: Dump only first MMU fault from single context accel/ivpu: Move parts of MMU event IRQ handling to thread handler accel/ivpu: Fix missing MMU events from reserved SSID accel/ivpu: Fix missing MMU events if file_priv is unbound Kees Cook (3): binfmt_elf: Move brk for static PIE even if ASLR disabled nvme-pci: make nvme_pci_npages_prp() __always_inline wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request Keith Busch (1): nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable Kirill A. Shutemov (1): mm/page_alloc: fix race condition in unaccepted memory handling Konstantin Shkolnyy (1): vsock/test: Fix occasional failure in SIOCOUTQ tests Kyoji Ogasawara (1): btrfs: add back warning for mount option commit values exceeding 300 Li Lingfeng (1): nfs: handle failure of nfs_get_lock_context in unlock path Luiz Augusto von Dentz (1): Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags Ma Ke (1): phy: Fix error handling in tegra_xusb_port_init Maciej Falkowski (2): accel/ivpu: Use workqueue for IRQ handling accel/ivpu: Flush pending jobs of device's workqueues Mario Limonciello (3): drivers/platform/x86/amd: pmf: Check for invalid sideloaded Smart PC Policies drivers/platform/x86/amd: pmf: Check for invalid Smart PC Policies HID: amd_sfh: Fix SRA sensor when it's the only sensor Masami Hiramatsu (Google) (1): tracing: probes: Fix a possible race in trace_probe_log APIs Mathieu Othacehe (1): net: cadence: macb: Fix a possible deadlock in macb_halt_tx. Matt Johnston (1): net: mctp: Don't access ifa_index when missing Max Kellermann (1): fs/eventpoll: fix endless busy loop after timeout has expired Melissa Wen (2): drm/amd/display: Fix null check of pipe_ctx->plane_state for update_dchubp_dpp Revert "drm/amd/display: Hardware cursor changes color when switched to software cursor" Michael Kelley (5): hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages hv_netvsc: Preserve contiguous PFN grouping in the page buffer array hv_netvsc: Remove rmsg_pgcnt Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges Drivers: hv: vmbus: Remove vmbus_sendpacket_pagebuffer() Michal Suchanek (1): tpm: tis: Double the timeout B to 4s Ming Lei (1): ublk: fix dead loop when canceling io command Ming Yen Hsieh (1): wifi: mt76: mt7925: fix missing hdr_trans_tlv command for broadcast wtbl Nathan Chancellor (2): kbuild: Disable -Wdefault-const-init-unsafe net: qede: Initialize qede_ll_ops with designated initializer Nathan Lynch (1): dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" Nicolas Chauvet (1): ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera Nicolas Frattaroli (1): arm64: dts: rockchip: fix Sige5 RTC interrupt pin Oleksij Rempel (2): net: dsa: microchip: let phylink manage PHY EEE configuration on KSZ switches net: phy: micrel: remove KSZ9477 EEE quirks now handled by phylink Pengtao He (1): net/tls: fix kernel panic when alloc_page failed Philip Yang (1): drm/amdgpu: csa unmap use uninterruptible lock Qasim Ijaz (1): HID: thrustmaster: fix memory leak in thrustmaster_interrupts() Ronald Wahl (1): dmaengine: ti: k3-udma: Add missing locking Rong Zhang (1): HID: bpf: abort dispatch if device destroyed Runhua He (1): platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) Sam Edwards (1): arm64: dts: rockchip: Allow Turing RK1 cooling fan to spin down Shuai Xue (9): dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals dmaengine: idxd: Add missing cleanups in cleanup internals dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call dmaengine: idxd: fix memory leak in error handling path of idxd_alloc dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe dmaengine: idxd: Refactor remove call with idxd_cleanup() helper Stephen Smalley (1): fs/xattr.c: fix simple_xattr_list to always include security.* xattrs Steve Siwinski (1): scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer Steven Rostedt (2): tracing: samples: Initialize trace_array_printk() with the correct function ring-buffer: Fix persistent buffer when commit page is the reader page Subbaraya Sundeep (2): octeontx2-pf: macsec: Fix incorrect max transmit size in TX secy octeontx2-pf: Do not reallocate all ntuple filters Suma Hegde (1): platform/x86/amd/hsmp: Make amd_hsmp and hsmp_acpi as mutually exclusive drivers Takashi Iwai (2): ALSA: seq: Fix delivery of UMP events to group ports ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info Tejun Heo (1): sched_ext: bpf_iter_scx_dsq_new() should always initialize iterator Thomas Weißschuh (1): Revert "kbuild, rust: use -fremap-path-prefix to make paths relative" Tianyang Zhang (1): LoongArch: Prevent cond_resched() occurring within kernel-fpu Tiezhu Yang (3): LoongArch: uprobes: Remove user_{en,dis}able_single_step() LoongArch: uprobes: Remove redundant code about resume_era perf tools: Fix build error for LoongArch Tim Huang (1): drm/amdgpu: fix incorrect MALL size for GFX1151 Tom Vincent (1): arm64: dts: rockchip: Assign RT5616 MCLK rate on rk3588-friendlyelec-cm3588 Trond Myklebust (2): NFS/localio: Fix a race in nfs_local_open_fh() NFSv4/pnfs: Reset the layout state after a layoutreturn Umesh Nerlige Ramappa (1): drm/xe: Save CTX_TIMESTAMP mmio value instead of LRC value Vladimir Oltean (1): net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING Waiman Long (1): cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks Wayne Chang (1): phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking Wayne Lin (2): drm/amd/display: Correct the reply value when AUX write incomplete drm/amd/display: Avoid flooding unnecessary info messages Wentao Liang (1): ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() Wupeng Ma (1): mm: hugetlb: fix incorrect fallback for subpool Yazen Ghannam (1): x86/amd_node, platform/x86/amd/hsmp: Have HSMP use SMN through AMD_NODE Yemike Abhilash Chandra (1): dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy Ze Huang (1): riscv: dts: sophgo: fix DMA data-width configuration for CV18xx Zhu Yanjun (2): RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem hexue (1): io_uring/uring_cmd: fix hybrid polling initialization issue pengdonglin (2): ftrace: Fix preemption accounting for stacktrace trigger command ftrace: Fix preemption accounting for stacktrace filter command

5 months, 2 weeks

1
1
0 0

Linux 6.6.92

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.92 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm64/net/bpf_jit_comp.c | 12 arch/loongarch/Makefile | 2 arch/loongarch/include/asm/ptrace.h | 2 arch/loongarch/include/asm/uprobes.h | 1 arch/loongarch/kernel/kfpu.c | 22 arch/loongarch/kernel/time.c | 2 arch/loongarch/kernel/uprobes.c | 11 arch/loongarch/power/hibernate.c | 3 arch/x86/kernel/alternative.c | 17 arch/x86/kvm/smm.c | 1 arch/x86/kvm/svm/svm.c | 19 block/bio.c | 2 drivers/acpi/pptt.c | 11 drivers/bluetooth/btnxpuart.c | 6 drivers/char/tpm/tpm_tis_core.h | 2 drivers/dma-buf/dma-resv.c | 5 drivers/dma/dmatest.c | 6 drivers/dma/idxd/init.c | 159 ++++-- drivers/dma/ti/k3-udma.c | 10 drivers/firmware/arm_scmi/Kconfig | 14 drivers/firmware/arm_scmi/common.h | 35 + drivers/firmware/arm_scmi/driver.c | 89 +++ drivers/firmware/arm_scmi/mailbox.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 51 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 11 drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 29 + drivers/gpu/drm/amd/amdgpu/amdgpu_virt.h | 3 drivers/gpu/drm/amd/amdgpu/mxgpu_ai.c | 2 drivers/gpu/drm/amd/amdgpu/mxgpu_nv.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c | 16 drivers/hid/hid-thrustmaster.c | 1 drivers/hid/hid-uclogic-core.c | 7 drivers/hv/channel.c | 65 -- drivers/iio/adc/ad7266.c | 2 drivers/iio/adc/ad7768-1.c | 2 drivers/iio/chemical/sps30.c | 2 drivers/infiniband/sw/rxe/rxe_cq.c | 5 drivers/net/dsa/sja1105/sja1105_main.c | 6 drivers/net/ethernet/cadence/macb_main.c | 19 drivers/net/ethernet/engleder/tsnep_hw.h | 2 drivers/net/ethernet/engleder/tsnep_main.c | 131 ++++- drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 5 drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c | 3 drivers/net/ethernet/mediatek/mtk_eth_soc.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 4 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c | 3 drivers/net/ethernet/qlogic/qede/qede_main.c | 2 drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 7 drivers/net/hyperv/hyperv_net.h | 13 drivers/net/hyperv/netvsc.c | 57 ++ drivers/net/hyperv/netvsc_drv.c | 62 -- drivers/net/hyperv/rndis_filter.c | 24 - drivers/net/wireless/mediatek/mt76/dma.c | 1 drivers/nvme/host/pci.c | 4 drivers/phy/renesas/phy-rcar-gen3-usb2.c | 40 - drivers/phy/tegra/xusb-tegra186.c | 46 +- drivers/phy/tegra/xusb.c | 8 drivers/platform/x86/amd/pmc/pmc-quirks.c | 7 drivers/platform/x86/asus-wmi.c | 3 drivers/regulator/max20086-regulator.c | 7 drivers/scsi/sd_zbc.c | 6 drivers/scsi/storvsc_drv.c | 1 drivers/spi/spi-loopback-test.c | 2 drivers/spi/spi-tegra114.c | 6 drivers/usb/gadget/function/f_midi2.c | 2 drivers/usb/typec/ucsi/displayport.c | 19 drivers/usb/typec/ucsi/ucsi.c | 34 + drivers/usb/typec/ucsi/ucsi.h | 2 fs/binfmt_elf.c | 273 ++++++------ fs/btrfs/extent-tree.c | 25 - fs/nfs/nfs4proc.c | 9 fs/nfs/pnfs.c | 9 fs/smb/client/smb2pdu.c | 2 fs/udf/truncate.c | 2 fs/xattr.c | 24 + include/linux/bio.h | 1 include/linux/hyperv.h | 7 include/linux/tpm.h | 2 include/net/sch_generic.h | 15 include/sound/ump_msg.h | 4 kernel/cgroup/cpuset.c | 6 kernel/trace/trace_dynevent.c | 16 kernel/trace/trace_dynevent.h | 1 kernel/trace/trace_events_trigger.c | 2 kernel/trace/trace_functions.c | 6 kernel/trace/trace_kprobe.c | 2 kernel/trace/trace_probe.c | 9 kernel/trace/trace_uprobe.c | 2 mm/memblock.c | 9 mm/memory_hotplug.c | 6 mm/migrate.c | 16 mm/page_alloc.c | 27 - net/bluetooth/mgmt.c | 9 net/mac80211/main.c | 6 net/mctp/device.c | 65 +- net/mctp/route.c | 4 net/sched/sch_codel.c | 2 net/sched/sch_fq.c | 2 net/sched/sch_fq_codel.c | 2 net/sched/sch_fq_pie.c | 2 net/sched/sch_hhf.c | 2 net/sched/sch_pie.c | 2 net/sctp/sysctl.c | 4 net/tls/tls_strp.c | 3 samples/ftrace/sample-trace-array.c | 2 sound/core/seq/seq_clientmgr.c | 52 +- sound/core/seq/seq_ump_convert.c | 18 sound/core/seq/seq_ump_convert.h | 1 sound/pci/es1968.c | 6 sound/sh/Kconfig | 2 sound/usb/quirks.c | 4 tools/net/ynl/ethtool.py | 29 + tools/testing/selftests/exec/Makefile | 19 tools/testing/selftests/exec/load_address.c | 83 ++- tools/testing/selftests/mm/compaction_test.c | 19 118 files changed, 1290 insertions(+), 689 deletions(-) Aaron Kling (1): spi: tegra114: Use value to check for invalid delays Abdun Nihaal (1): qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd() Alex Deucher (2): Revert "drm/amd: Stop evicting resources on APUs in suspend" drm/amdgpu: fix pm notifier handling Andrei Kuchynski (1): usb: typec: ucsi: displayport: Fix deadlock Andrew Jeffery (1): net: mctp: Ensure keys maintain only one ref to corresponding dev Bo-Cun Chen (1): net: ethernet: mtk_eth_soc: fix typo for declaration MT7988 ESW capability Carolina Jubran (1): net/mlx5e: Disable MACsec offload for uplink representor profile Christian Heusel (1): ALSA: usb-audio: Add sample rate quirk for Audioengine D1 Claudiu Beznea (2): phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind phy: renesas: rcar-gen3-usb2: Set timing registers only once Cong Wang (1): net_sched: Flush gso_skb list too during ->change() Cosmin Tanislav (1): regulator: max20086: fix invalid memory access Cristian Marussi (3): firmware: arm_scmi: Add helper to trace bad messages firmware: arm_scmi: Add message dump traces for bad and unexpected replies firmware: arm_scmi: Fix timeout checks on polling path Dan Carpenter (1): phy: tegra: xusb: remove a stray unlock David Lechner (1): iio: chemical: sps30: use aligned_s64 for timestamp Eric Dumazet (2): mctp: no longer rely on net->dev_index_head[] sctp: add mutual exclusion in proc_sctp_do_udp_port() Eric W. Biederman (1): binfmt_elf: Support segments with 0 filesz and misaligned starts Fedor Pchelkin (1): wifi: mt76: disable napi on driver removal Feng Tang (1): selftests/mm: compaction_test: support platform with huge mount of memory Filipe Manana (1): btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Geert Uytterhoeven (2): spi: loopback-test: Do not split 1024-byte hexdumps ALSA: sh: SND_AICA should depend on SH_DMA_API Gerhard Engleder (2): tsnep: Inline small fragments within TX descriptor tsnep: fix timestamping with a stacked DSA driver Greg Kroah-Hartman (1): Linux 6.6.92 Hangbin Liu (1): tools/net/ynl: ethtool: fix crash when Hardware Clock info is missing Hans de Goede (1): platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection Hariprasad Kelam (1): octeontx2-af: Fix CGX Receive counters Henry Martin (1): HID: uclogic: Add NULL check in uclogic_input_configured() Huacai Chen (3): LoongArch: Save and restore CSR.CNTC for hibernation LoongArch: Fix MAX_REG_OFFSET calculation LoongArch: Explicitly specify code model in Makefile Hyejeong Choi (1): dma-buf: insert memory barrier before updating num_fences Ido Schimmel (1): mlxsw: spectrum_router: Fix use-after-free when deleting GRE net devices Jan Kara (1): udf: Make sure i_lenExtents is uptodate on inode eviction Jeremy Linton (1): ACPI: PPTT: Fix processor subtable walk Jethro Donaldson (1): smb: client: fix memory leak during error handling for POSIX mkdir Jonathan Cameron (2): iio: adc: ad7266: Fix potential timestamp alignment issue. iio: adc: ad7768-1: Fix insufficient alignment of timestamp. Kees Cook (8): binfmt_elf: elf_bss no longer used by load_elf_binary() binfmt_elf: Leave a gap between .bss and brk selftests/exec: Build both static and non-static load_address tests binfmt_elf: Calculate total_size earlier binfmt_elf: Honor PT_LOAD alignment for static PIE binfmt_elf: Move brk for static PIE even if ASLR disabled nvme-pci: make nvme_pci_npages_prp() __always_inline wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request Keith Busch (1): nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable Kirill A. Shutemov (1): mm/page_alloc: fix race condition in unaccepted memory handling Li Lingfeng (1): nfs: handle failure of nfs_get_lock_context in unlock path Luiz Augusto von Dentz (1): Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags Luke Parkin (2): firmware: arm_scmi: Add support for debug metrics at the interface firmware: arm_scmi: Track basic SCMI communication debug metrics Ma Jun (1): drm/amdgpu: Fix the runtime resume failure issue Ma Ke (1): phy: Fix error handling in tegra_xusb_port_init Ma Wupeng (1): hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio Mario Limonciello (2): drm/amd: Stop evicting resources on APUs in suspend drm/amd: Add Suspend/Hibernate notification callback support Masami Hiramatsu (Google) (1): tracing: probes: Fix a possible race in trace_probe_log APIs Mathieu Othacehe (1): net: cadence: macb: Fix a possible deadlock in macb_halt_tx. Matt Johnston (1): net: mctp: Don't access ifa_index when missing Michael Kelley (5): hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages hv_netvsc: Preserve contiguous PFN grouping in the page buffer array hv_netvsc: Remove rmsg_pgcnt Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges Drivers: hv: vmbus: Remove vmbus_sendpacket_pagebuffer() Michal Suchanek (1): tpm: tis: Double the timeout B to 4s Mikhail Lobanov (1): KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Muhammad Usama Anjum (1): selftests/exec: load_address: conform test to TAP format output Nathan Chancellor (1): net: qede: Initialize qede_ll_ops with designated initializer Nathan Lynch (1): dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" Neeraj Sanjay Kale (1): Bluetooth: btnxpuart: Fix kernel panic during FW release Nicolas Chauvet (1): ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera Pawan Gupta (1): x86/its: Fix build error for its_static_thunk() Pengtao He (1): net/tls: fix kernel panic when alloc_page failed Peter Collingbourne (1): bpf, arm64: Fix address emission with tag-based KASAN enabled Peter Gonda (1): KVM: SVM: Update SEV-ES shutdown intercepts with more metadata Puranjay Mohan (1): bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG Qasim Ijaz (1): HID: thrustmaster: fix memory leak in thrustmaster_interrupts() Rahul Rameshbabu (1): tools: ynl: ethtool.py: Output timestamping statistics from tsinfo-get operation Ronald Wahl (1): dmaengine: ti: k3-udma: Add missing locking Runhua He (1): platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) Shuai Xue (9): dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals dmaengine: idxd: Add missing cleanups in cleanup internals dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call dmaengine: idxd: fix memory leak in error handling path of idxd_alloc dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe dmaengine: idxd: Refactor remove call with idxd_cleanup() helper Stephen Smalley (1): fs/xattr.c: fix simple_xattr_list to always include security.* xattrs Steve Siwinski (1): scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer Steven Rostedt (1): tracing: samples: Initialize trace_array_printk() with the correct function Subbaraya Sundeep (1): octeontx2-pf: macsec: Fix incorrect max transmit size in TX secy Takashi Iwai (2): ALSA: seq: Fix delivery of UMP events to group ports ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info Tianyang Zhang (1): LoongArch: Prevent cond_resched() occurring within kernel-fpu Tiezhu Yang (2): LoongArch: uprobes: Remove user_{en,dis}able_single_step() LoongArch: uprobes: Remove redundant code about resume_era Tom Lendacky (1): memblock: Accept allocated memory before use in memblock_double_array() Trond Myklebust (1): NFSv4/pnfs: Reset the layout state after a layoutreturn Vladimir Oltean (1): net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING Waiman Long (1): cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks Wayne Chang (1): phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking Wayne Lin (2): drm/amd/display: Correct the reply value when AUX write incomplete drm/amd/display: Avoid flooding unnecessary info messages Wentao Liang (1): ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() Yemike Abhilash Chandra (1): dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy Zhigang Luo (1): drm/amdgpu: trigger flr_work if reading pf2vf data failed Zhu Yanjun (1): RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug Zi Yan (1): mm/migrate: correct nr_failed in migrate_pages_sync() pengdonglin (2): ftrace: Fix preemption accounting for stacktrace trigger command ftrace: Fix preemption accounting for stacktrace filter command

5 months, 2 weeks

1
1
0 0

Linux 6.12.30

by Greg Kroah-Hartman

I'm announcing the release of the 6.12.30 kernel. All users of the 6.12 kernel series must upgrade. The updated 6.12.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/netlink/specs/tc.yaml | 10 MAINTAINERS | 6 Makefile | 2 arch/arm64/boot/dts/amlogic/meson-g12b-dreambox.dtsi | 4 arch/arm64/boot/dts/freescale/imx8mp-var-som.dtsi | 12 arch/arm64/boot/dts/rockchip/rk3588-friendlyelec-cm3588.dtsi | 4 arch/arm64/boot/dts/rockchip/rk3588j.dtsi | 53 - arch/loongarch/include/asm/ptrace.h | 2 arch/loongarch/include/asm/uprobes.h | 1 arch/loongarch/kernel/genex.S | 7 arch/loongarch/kernel/kfpu.c | 22 arch/loongarch/kernel/time.c | 2 arch/loongarch/kernel/uprobes.c | 11 arch/loongarch/power/hibernate.c | 3 arch/riscv/boot/dts/sophgo/cv18xx.dtsi | 2 arch/x86/kvm/mmu/mmu.c | 75 +- block/bio.c | 2 drivers/accel/ivpu/ivpu_debugfs.c | 2 drivers/accel/ivpu/ivpu_fw.c | 4 drivers/accel/ivpu/ivpu_fw_log.c | 113 ++- drivers/accel/ivpu/ivpu_fw_log.h | 9 drivers/accel/ivpu/ivpu_pm.c | 1 drivers/acpi/pptt.c | 11 drivers/bluetooth/btnxpuart.c | 6 drivers/char/tpm/tpm2-sessions.c | 20 drivers/char/tpm/tpm_tis_core.h | 2 drivers/dma-buf/dma-resv.c | 5 drivers/dma/dmatest.c | 6 drivers/dma/idxd/init.c | 159 +++- drivers/dma/ti/k3-udma.c | 10 drivers/gpio/gpio-pca953x.c | 6 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c | 18 drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 47 + drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 11 drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 12 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c | 16 drivers/gpu/drm/amd/display/dc/dpp/dcn401/dcn401_dpp_cm.c | 5 drivers/gpu/drm/drm_fbdev_dma.c | 60 + drivers/gpu/drm/tiny/Kconfig | 1 drivers/gpu/drm/tiny/panel-mipi-dbi.c | 7 drivers/gpu/drm/xe/instructions/xe_mi_commands.h | 4 drivers/gpu/drm/xe/xe_gsc.c | 22 drivers/gpu/drm/xe/xe_gsc.h | 1 drivers/gpu/drm/xe/xe_gsc_proxy.c | 11 drivers/gpu/drm/xe/xe_gsc_proxy.h | 1 drivers/gpu/drm/xe/xe_gt.c | 2 drivers/gpu/drm/xe/xe_lrc.c | 2 drivers/gpu/drm/xe/xe_ring_ops.c | 7 drivers/gpu/drm/xe/xe_uc.c | 8 drivers/gpu/drm/xe/xe_uc.h | 1 drivers/hid/bpf/hid_bpf_dispatch.c | 9 drivers/hid/hid-thrustmaster.c | 1 drivers/hid/hid-uclogic-core.c | 7 drivers/hv/channel.c | 65 - drivers/hv/hyperv_vmbus.h | 6 drivers/hv/vmbus_drv.c | 100 ++ drivers/iio/adc/ad7266.c | 2 drivers/iio/adc/ad7768-1.c | 2 drivers/iio/chemical/pms7003.c | 5 drivers/iio/chemical/sps30.c | 2 drivers/iio/light/opt3001.c | 5 drivers/iio/pressure/mprls0025pa.h | 17 drivers/infiniband/core/device.c | 6 drivers/infiniband/sw/rxe/rxe_cq.c | 5 drivers/net/dsa/b53/b53_common.c | 33 drivers/net/dsa/b53/b53_regs.h | 14 drivers/net/dsa/sja1105/sja1105_main.c | 6 drivers/net/ethernet/cadence/macb_main.c | 19 drivers/net/ethernet/engleder/tsnep_main.c | 30 drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 5 drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c | 3 drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.h | 1 drivers/net/ethernet/marvell/octeontx2/nic/otx2_devlink.c | 1 drivers/net/ethernet/marvell/octeontx2/nic/otx2_flows.c | 3 drivers/net/ethernet/mediatek/mtk_eth_soc.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 4 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c | 3 drivers/net/ethernet/qlogic/qede/qede_main.c | 2 drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 7 drivers/net/hyperv/hyperv_net.h | 13 drivers/net/hyperv/netvsc.c | 57 + drivers/net/hyperv/netvsc_drv.c | 62 - drivers/net/hyperv/rndis_filter.c | 24 drivers/net/virtio_net.c | 5 drivers/net/wireless/mediatek/mt76/dma.c | 1 drivers/nvme/host/pci.c | 4 drivers/phy/renesas/phy-rcar-gen3-usb2.c | 40 - drivers/phy/tegra/xusb-tegra186.c | 46 - drivers/phy/tegra/xusb.c | 8 drivers/platform/x86/amd/pmc/pmc-quirks.c | 7 drivers/platform/x86/amd/pmf/tee-if.c | 23 drivers/platform/x86/asus-wmi.c | 3 drivers/regulator/max20086-regulator.c | 7 drivers/scsi/sd_zbc.c | 6 drivers/scsi/storvsc_drv.c | 1 drivers/spi/spi-loopback-test.c | 2 drivers/spi/spi-tegra114.c | 6 drivers/uio/uio_hv_generic.c | 39 - drivers/usb/gadget/function/f_midi2.c | 2 drivers/usb/host/xhci-dbgcap.c | 21 drivers/usb/host/xhci-dbgcap.h | 3 drivers/usb/typec/ucsi/displayport.c | 19 drivers/usb/typec/ucsi/ucsi.c | 34 drivers/usb/typec/ucsi/ucsi.h | 2 drivers/virtio/virtio_ring.c | 6 fs/binfmt_elf.c | 71 + fs/btrfs/discard.c | 17 fs/btrfs/fs.h | 1 fs/btrfs/inode.c | 7 fs/btrfs/super.c | 4 fs/nfs/nfs4proc.c | 9 fs/nfs/pnfs.c | 9 fs/smb/client/cifs_spnego.c | 16 fs/smb/client/cifsfs.c | 25 fs/smb/client/cifsglob.h | 7 fs/smb/client/connect.c | 20 fs/smb/client/fs_context.c | 39 + fs/smb/client/fs_context.h | 10 fs/smb/client/smb2pdu.c | 2 fs/udf/truncate.c | 2 fs/xattr.c | 24 include/drm/drm_fbdev_dma.h | 12 include/linux/bio.h | 1 include/linux/hyperv.h | 13 include/linux/kvm_host.h | 6 include/linux/tpm.h | 21 include/linux/virtio.h | 3 include/net/sch_generic.h | 15 include/sound/ump_msg.h | 4 kernel/cgroup/cpuset.c | 6 kernel/sched/ext.c | 6 kernel/trace/ring_buffer.c | 8 kernel/trace/trace_dynevent.c | 16 kernel/trace/trace_dynevent.h | 1 kernel/trace/trace_events_trigger.c | 2 kernel/trace/trace_functions.c | 6 kernel/trace/trace_kprobe.c | 2 kernel/trace/trace_probe.c | 9 kernel/trace/trace_uprobe.c | 2 mm/page_alloc.c | 23 mm/userfaultfd.c | 12 net/bluetooth/mgmt.c | 9 net/mac80211/main.c | 6 net/mctp/device.c | 65 - net/mctp/route.c | 4 net/sched/sch_codel.c | 2 net/sched/sch_fq.c | 2 net/sched/sch_fq_codel.c | 2 net/sched/sch_fq_pie.c | 2 net/sched/sch_hhf.c | 2 net/sched/sch_pie.c | 2 net/tls/tls_strp.c | 3 samples/ftrace/sample-trace-array.c | 2 scripts/Makefile.extrawarn | 12 sound/core/seq/seq_clientmgr.c | 52 - sound/core/seq/seq_ump_convert.c | 18 sound/core/seq/seq_ump_convert.h | 1 sound/pci/es1968.c | 6 sound/sh/Kconfig | 2 sound/usb/quirks.c | 4 tools/net/ynl/ethtool.py | 22 tools/testing/selftests/net/ncdevmem.c | 394 ++++++----- tools/testing/vsock/vsock_test.c | 28 virt/kvm/guest_memfd.c | 2 virt/kvm/kvm_main.c | 14 168 files changed, 1803 insertions(+), 906 deletions(-) Aaron Kling (1): spi: tegra114: Use value to check for invalid delays Abdun Nihaal (1): qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd() Alex Deucher (2): Revert "drm/amd: Stop evicting resources on APUs in suspend" drm/amdgpu: fix pm notifier handling Alexey Makhalov (1): MAINTAINERS: Update Alexey Makhalov's email address Andrei Kuchynski (1): usb: typec: ucsi: displayport: Fix deadlock Andrew Jeffery (1): net: mctp: Ensure keys maintain only one ref to corresponding dev Barry Song (1): mm: userfaultfd: correct dirty flags set for both present and swap pte Bo-Cun Chen (1): net: ethernet: mtk_eth_soc: fix typo for declaration MT7988 ESW capability Boris Burkov (1): btrfs: fix folio leak in submit_one_async_extent() Carolina Jubran (1): net/mlx5e: Disable MACsec offload for uplink representor profile Christian Heusel (1): ALSA: usb-audio: Add sample rate quirk for Audioengine D1 Christian Hewitt (1): arm64: dts: amlogic: dreambox: fix missing clkc_audio node Claudiu Beznea (2): phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind phy: renesas: rcar-gen3-usb2: Set timing registers only once Cong Wang (1): net_sched: Flush gso_skb list too during ->change() Cosmin Ratiu (1): tests/ncdevmem: Fix double-free of queue array Cosmin Tanislav (1): regulator: max20086: fix invalid memory access Dan Carpenter (1): phy: tegra: xusb: remove a stray unlock Daniele Ceraolo Spurio (1): drm/xe/gsc: do not flush the GSC worker from the reset path David Lechner (3): iio: chemical: pms7003: use aligned_s64 for timestamp iio: pressure: mprls0025pa: use aligned_s64 for timestamp iio: chemical: sps30: use aligned_s64 for timestamp Dragan Simic (1): arm64: dts: rockchip: Remove overdrive-mode OPPs from RK3588J SoC dtsi Emanuele Ghidoli (1): gpio: pca953x: fix IRQ storm on system wake up Eric Dumazet (1): mctp: no longer rely on net->dev_index_head[] Fabio Estevam (1): drm/tiny: panel-mipi-dbi: Use drm_client_setup_with_fourcc() Fedor Pchelkin (1): wifi: mt76: disable napi on driver removal Filipe Manana (1): btrfs: fix discard worker infinite loop after disabling discard Geert Uytterhoeven (2): spi: loopback-test: Do not split 1024-byte hexdumps ALSA: sh: SND_AICA should depend on SH_DMA_API Gerhard Engleder (1): tsnep: fix timestamping with a stacked DSA driver Greg Kroah-Hartman (1): Linux 6.12.30 Hangbin Liu (1): tools/net/ynl: ethtool: fix crash when Hardware Clock info is missing Hans de Goede (1): platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection Hariprasad Kelam (1): octeontx2-af: Fix CGX Receive counters Henry Martin (1): HID: uclogic: Add NULL check in uclogic_input_configured() Himanshu Bhavani (1): arm64: dts: imx8mp-var-som: Fix LDO5 shutdown causing SD card timeout Huacai Chen (3): LoongArch: Move __arch_cpu_idle() to .cpuidle.text section LoongArch: Save and restore CSR.CNTC for hibernation LoongArch: Fix MAX_REG_OFFSET calculation Hyejeong Choi (1): dma-buf: insert memory barrier before updating num_fences Ido Schimmel (1): mlxsw: spectrum_router: Fix use-after-free when deleting GRE net devices Isaku Yamahata (1): KVM: Add member to struct kvm_gfn_range to indicate private/shared Jacek Lawrynowicz (3): accel/ivpu: Rename ivpu_log_level to fw_log_level accel/ivpu: Refactor functions in ivpu_fw_log.c accel/ivpu: Fix fw log printing Jakub Kicinski (2): netlink: specs: tc: fix a couple of attribute names netlink: specs: tc: all actions are indexed arrays Jan Kara (1): udf: Make sure i_lenExtents is uptodate on inode eviction Jarkko Sakkinen (1): tpm: Mask TPM RC in tpm2_start_auth_session() Jeremy Linton (1): ACPI: PPTT: Fix processor subtable walk Jethro Donaldson (1): smb: client: fix memory leak during error handling for POSIX mkdir Jonas Gorski (1): net: dsa: b53: prevent standalone from trying to forward to other ports Jonathan Cameron (2): iio: adc: ad7266: Fix potential timestamp alignment issue. iio: adc: ad7768-1: Fix insufficient alignment of timestamp. Kees Cook (3): binfmt_elf: Move brk for static PIE even if ASLR disabled nvme-pci: make nvme_pci_npages_prp() __always_inline wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request Keith Busch (1): nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable Kirill A. Shutemov (1): mm/page_alloc: fix race condition in unaccepted memory handling Koichiro Den (2): virtio_ring: add a func argument 'recycle_done' to virtqueue_reset() virtio_net: ensure netdev_tx_reset_queue is called on bind xsk for tx Konstantin Shkolnyy (1): vsock/test: Fix occasional failure in SIOCOUTQ tests Kyoji Ogasawara (1): btrfs: add back warning for mount option commit values exceeding 300 Li Lingfeng (1): nfs: handle failure of nfs_get_lock_context in unlock path Luca Ceresoli (1): iio: light: opt3001: fix deadlock due to concurrent flag access Luiz Augusto von Dentz (1): Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags Ma Ke (1): phy: Fix error handling in tegra_xusb_port_init Mario Limonciello (3): drivers/platform/x86/amd: pmf: Check for invalid sideloaded Smart PC Policies drivers/platform/x86/amd: pmf: Check for invalid Smart PC Policies drm/amd: Add Suspend/Hibernate notification callback support Masami Hiramatsu (Google) (1): tracing: probes: Fix a possible race in trace_probe_log APIs Mathias Nyman (2): xhci: dbc: Improve performance by removing delay in transfer event polling. xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive. Mathieu Othacehe (1): net: cadence: macb: Fix a possible deadlock in macb_halt_tx. Matt Johnston (1): net: mctp: Don't access ifa_index when missing Melissa Wen (1): Revert "drm/amd/display: Hardware cursor changes color when switched to software cursor" Michael Kelley (5): hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages hv_netvsc: Preserve contiguous PFN grouping in the page buffer array hv_netvsc: Remove rmsg_pgcnt Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges Drivers: hv: vmbus: Remove vmbus_sendpacket_pagebuffer() Michal Suchanek (1): tpm: tis: Double the timeout B to 4s Naman Jain (1): uio_hv_generic: Fix sysfs creation path for ring buffer Nathan Chancellor (2): kbuild: Disable -Wdefault-const-init-unsafe net: qede: Initialize qede_ll_ops with designated initializer Nathan Lynch (1): dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" Neeraj Sanjay Kale (1): Bluetooth: btnxpuart: Fix kernel panic during FW release Nicolas Chauvet (1): ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera Pengtao He (1): net/tls: fix kernel panic when alloc_page failed Philip Yang (1): drm/amdgpu: csa unmap use uninterruptible lock Qasim Ijaz (1): HID: thrustmaster: fix memory leak in thrustmaster_interrupts() Ritvik Budhiraja (1): CIFS: New mount option for cifs.upcall namespace resolution Ronald Wahl (1): dmaengine: ti: k3-udma: Add missing locking Rong Zhang (1): HID: bpf: abort dispatch if device destroyed Runhua He (1): platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) Sean Christopherson (1): KVM: x86/mmu: Prevent installing hugepages when mem attributes are changing Shuai Xue (9): dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals dmaengine: idxd: Add missing cleanups in cleanup internals dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call dmaengine: idxd: fix memory leak in error handling path of idxd_alloc dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe dmaengine: idxd: Refactor remove call with idxd_cleanup() helper Stanislav Fomichev (5): selftests: ncdevmem: Redirect all non-payload output to stderr selftests: ncdevmem: Separate out dmabuf provider selftests: ncdevmem: Unify error handling selftests: ncdevmem: Make client_ip optional selftests: ncdevmem: Switch to AF_INET6 Stephen Smalley (1): fs/xattr.c: fix simple_xattr_list to always include security.* xattrs Steve Siwinski (1): scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer Steven Rostedt (2): tracing: samples: Initialize trace_array_printk() with the correct function ring-buffer: Fix persistent buffer when commit page is the reader page Subbaraya Sundeep (2): octeontx2-pf: macsec: Fix incorrect max transmit size in TX secy octeontx2-pf: Do not reallocate all ntuple filters Takashi Iwai (2): ALSA: seq: Fix delivery of UMP events to group ports ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info Tejun Heo (1): sched_ext: bpf_iter_scx_dsq_new() should always initialize iterator Thomas Zimmermann (2): drm/fbdev-dma: Support struct drm_driver.fbdev_probe drm/panel-mipi-dbi: Run DRM default client setup Tianyang Zhang (1): LoongArch: Prevent cond_resched() occurring within kernel-fpu Tiezhu Yang (2): LoongArch: uprobes: Remove user_{en,dis}able_single_step() LoongArch: uprobes: Remove redundant code about resume_era Tim Huang (1): drm/amdgpu: fix incorrect MALL size for GFX1151 Tom Vincent (1): arm64: dts: rockchip: Assign RT5616 MCLK rate on rk3588-friendlyelec-cm3588 Tomasz Rusinowicz (1): accel/ivpu: Reset fw log on cold boot Trond Myklebust (1): NFSv4/pnfs: Reset the layout state after a layoutreturn Umesh Nerlige Ramappa (1): drm/xe: Save CTX_TIMESTAMP mmio value instead of LRC value Vladimir Oltean (1): net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING Waiman Long (1): cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks Wayne Chang (1): phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking Wayne Lin (2): drm/amd/display: Correct the reply value when AUX write incomplete drm/amd/display: Avoid flooding unnecessary info messages Wentao Liang (1): ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() Yemike Abhilash Chandra (1): dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy Ze Huang (1): riscv: dts: sophgo: fix DMA data-width configuration for CV18xx Zhu Yanjun (2): RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem pengdonglin (2): ftrace: Fix preemption accounting for stacktrace trigger command ftrace: Fix preemption accounting for stacktrace filter command

5 months, 2 weeks

1
1
0 0

Linux 6.1.140

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.140 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm64/kernel/fpsimd.c | 6 arch/arm64/net/bpf_jit_comp.c | 12 arch/loongarch/Makefile | 2 arch/loongarch/include/asm/ptrace.h | 2 arch/riscv/include/asm/page.h | 1 arch/riscv/include/asm/pgtable.h | 2 arch/riscv/mm/init.c | 17 arch/x86/kernel/ftrace.c | 2 arch/x86/kernel/kprobes/core.c | 1 arch/x86/kernel/module.c | 9 block/bio.c | 2 drivers/acpi/pptt.c | 11 drivers/char/tpm/tpm_tis_core.h | 2 drivers/clocksource/i8253.c | 4 drivers/dma-buf/dma-resv.c | 5 drivers/dma/dmatest.c | 6 drivers/dma/idxd/init.c | 145 ++++-- drivers/dma/ti/k3-udma.c | 10 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 51 +- drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 11 drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 29 + drivers/gpu/drm/amd/amdgpu/amdgpu_virt.h | 3 drivers/gpu/drm/amd/amdgpu/mxgpu_ai.c | 2 drivers/gpu/drm/amd/amdgpu/mxgpu_nv.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c | 16 drivers/hid/hid-thrustmaster.c | 1 drivers/hid/hid-uclogic-core.c | 7 drivers/hv/channel.c | 65 -- drivers/iio/adc/ad7266.c | 2 drivers/iio/adc/ad7768-1.c | 2 drivers/iio/chemical/sps30.c | 2 drivers/infiniband/sw/rxe/rxe_cq.c | 5 drivers/net/dsa/sja1105/sja1105_main.c | 6 drivers/net/ethernet/broadcom/bnxt/bnxt.c | 10 drivers/net/ethernet/cadence/macb_main.c | 19 drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c | 3 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 4 drivers/net/ethernet/qlogic/qede/qede_main.c | 2 drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 7 drivers/net/hyperv/hyperv_net.h | 13 drivers/net/hyperv/netvsc.c | 57 ++ drivers/net/hyperv/netvsc_drv.c | 62 -- drivers/net/hyperv/rndis_filter.c | 24 - drivers/net/wireless/mediatek/mt76/dma.c | 1 drivers/nvme/host/pci.c | 4 drivers/phy/renesas/phy-rcar-gen3-usb2.c | 40 - drivers/phy/tegra/xusb.c | 8 drivers/platform/x86/amd/pmc.c | 8 drivers/platform/x86/asus-wmi.c | 3 drivers/regulator/max20086-regulator.c | 7 drivers/scsi/sd_zbc.c | 6 drivers/scsi/storvsc_drv.c | 1 drivers/spi/spi-cadence-quadspi.c | 6 drivers/spi/spi-loopback-test.c | 2 drivers/usb/typec/altmodes/displayport.c | 18 drivers/usb/typec/ucsi/displayport.c | 19 drivers/usb/typec/ucsi/ucsi.c | 34 + drivers/usb/typec/ucsi/ucsi.h | 3 drivers/usb/typec/ucsi/ucsi_ccg.c | 5 fs/binfmt_elf.c | 285 ++++++------ fs/binfmt_elf_fdpic.c | 2 fs/btrfs/discard.c | 17 fs/btrfs/extent-tree.c | 25 - fs/exec.c | 2 fs/nfs/nfs4proc.c | 9 fs/nfs/pnfs.c | 9 fs/smb/client/smb2pdu.c | 2 include/linux/bio.h | 1 include/linux/hyperv.h | 7 include/linux/tpm.h | 2 include/net/netfilter/nf_tables.h | 3 include/net/sch_generic.h | 15 include/uapi/linux/elf.h | 2 kernel/trace/trace_dynevent.c | 16 kernel/trace/trace_dynevent.h | 1 kernel/trace/trace_events_trigger.c | 2 kernel/trace/trace_functions.c | 6 kernel/trace/trace_kprobe.c | 2 kernel/trace/trace_probe.c | 9 kernel/trace/trace_uprobe.c | 2 mm/memory_hotplug.c | 6 mm/migrate.c | 8 net/ipv4/ip_output.c | 3 net/ipv4/raw.c | 3 net/ipv6/ip6_output.c | 3 net/mctp/route.c | 4 net/netfilter/nf_tables_api.c | 54 +- net/netfilter/nft_immediate.c | 2 net/sched/sch_codel.c | 2 net/sched/sch_fq.c | 2 net/sched/sch_fq_codel.c | 2 net/sched/sch_fq_pie.c | 2 net/sched/sch_hhf.c | 2 net/sched/sch_pie.c | 2 net/sctp/sysctl.c | 4 net/tls/tls_strp.c | 3 samples/ftrace/sample-trace-array.c | 2 sound/pci/es1968.c | 6 sound/sh/Kconfig | 2 sound/usb/quirks.c | 4 tools/testing/selftests/exec/Makefile | 19 tools/testing/selftests/exec/load_address.c | 83 ++- tools/testing/selftests/vm/compaction_test.c | 19 106 files changed, 938 insertions(+), 533 deletions(-) Abdun Nihaal (1): qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd() Alex Deucher (2): Revert "drm/amd: Stop evicting resources on APUs in suspend" drm/amdgpu: fix pm notifier handling Andrei Kuchynski (1): usb: typec: ucsi: displayport: Fix deadlock Andrew Jeffery (1): net: mctp: Ensure keys maintain only one ref to corresponding dev Byungchul Park (1): mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index Carolina Jubran (1): net/mlx5e: Disable MACsec offload for uplink representor profile Christian Heusel (1): ALSA: usb-audio: Add sample rate quirk for Audioengine D1 Claudiu Beznea (2): phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind phy: renesas: rcar-gen3-usb2: Set timing registers only once Cong Wang (1): net_sched: Flush gso_skb list too during ->change() Cosmin Tanislav (1): regulator: max20086: fix invalid memory access Dan Carpenter (1): usb: typec: fix potential array underflow in ucsi_ccg_sync_control() David Lechner (1): iio: chemical: sps30: use aligned_s64 for timestamp Eric Dumazet (1): sctp: add mutual exclusion in proc_sctp_do_udp_port() Eric W. Biederman (1): binfmt_elf: Support segments with 0 filesz and misaligned starts Fedor Pchelkin (1): wifi: mt76: disable napi on driver removal Feng Tang (1): selftests/mm: compaction_test: support platform with huge mount of memory Filipe Manana (2): btrfs: fix discard worker infinite loop after disabling discard btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Florian Westphal (2): netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx netfilter: nf_tables: do not defer rule destruction via call_rcu GONG Ruiqi (1): usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() Geert Uytterhoeven (2): spi: loopback-test: Do not split 1024-byte hexdumps ALSA: sh: SND_AICA should depend on SH_DMA_API Greg Kroah-Hartman (1): Linux 6.1.140 Hans de Goede (1): platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection Henry Martin (1): HID: uclogic: Add NULL check in uclogic_input_configured() Huacai Chen (2): LoongArch: Fix MAX_REG_OFFSET calculation LoongArch: Explicitly specify code model in Makefile Hyejeong Choi (1): dma-buf: insert memory barrier before updating num_fences Jeremy Linton (1): ACPI: PPTT: Fix processor subtable walk Jethro Donaldson (1): smb: client: fix memory leak during error handling for POSIX mkdir Jonathan Cameron (2): iio: adc: ad7266: Fix potential timestamp alignment issue. iio: adc: ad7768-1: Fix insufficient alignment of timestamp. Kees Cook (8): binfmt: Fix whitespace issues binfmt_elf: elf_bss no longer used by load_elf_binary() binfmt_elf: Leave a gap between .bss and brk selftests/exec: Build both static and non-static load_address tests binfmt_elf: Calculate total_size earlier binfmt_elf: Honor PT_LOAD alignment for static PIE binfmt_elf: Move brk for static PIE even if ASLR disabled nvme-pci: make nvme_pci_npages_prp() __always_inline Keith Busch (1): nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable Li Lingfeng (1): nfs: handle failure of nfs_get_lock_context in unlock path Ma Jun (1): drm/amdgpu: Fix the runtime resume failure issue Ma Ke (1): phy: Fix error handling in tegra_xusb_port_init Ma Wupeng (1): hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio Maciej S. Szmigiero (1): platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it Mario Limonciello (2): drm/amd: Stop evicting resources on APUs in suspend drm/amd: Add Suspend/Hibernate notification callback support Mark Brown (1): arm64/sme: Always exit sme_alloc() early with existing storage Masami Hiramatsu (Google) (1): tracing: probes: Fix a possible race in trace_probe_log APIs Mathieu Othacehe (1): net: cadence: macb: Fix a possible deadlock in macb_halt_tx. Michael Kelley (5): hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages hv_netvsc: Preserve contiguous PFN grouping in the page buffer array hv_netvsc: Remove rmsg_pgcnt Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges Drivers: hv: vmbus: Remove vmbus_sendpacket_pagebuffer() Michal Suchanek (1): tpm: tis: Double the timeout B to 4s Muhammad Usama Anjum (1): selftests/exec: load_address: conform test to TAP format output Nathan Chancellor (1): net: qede: Initialize qede_ll_ops with designated initializer Nathan Lynch (1): dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" Nicolas Chauvet (1): ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera Pablo Neira Ayuso (1): netfilter: nf_tables: wait for rcu grace period on net_device removal Pengtao He (1): net/tls: fix kernel panic when alloc_page failed Peter Collingbourne (1): bpf, arm64: Fix address emission with tag-based KASAN enabled Puranjay Mohan (1): bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG Qasim Ijaz (1): HID: thrustmaster: fix memory leak in thrustmaster_interrupts() RD Babiera (1): usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group Ronald Wahl (1): dmaengine: ti: k3-udma: Add missing locking Sebastian Andrzej Siewior (1): clocksource/i8253: Use raw_spinlock_irqsave() in clockevent_i8253_disable() Shigeru Yoshida (2): ipv6: Fix potential uninit-value access in __ip6_make_skb() ipv4: Fix uninit-value access in __ip_make_skb() Shravya KN (1): bnxt_en: Fix receive ring space parameters when XDP is active Shuai Xue (8): dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals dmaengine: idxd: Add missing cleanups in cleanup internals dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call dmaengine: idxd: fix memory leak in error handling path of idxd_alloc dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe Steve Siwinski (1): scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer Steven Rostedt (1): tracing: samples: Initialize trace_array_printk() with the correct function Subbaraya Sundeep (1): octeontx2-pf: macsec: Fix incorrect max transmit size in TX secy Thomas Gleixner (1): x86/modules: Set VM_FLUSH_RESET_PERMS in module_alloc() Théo Lebrun (1): spi: cadence-qspi: fix pointer reference in runtime PM hooks Trond Myklebust (1): NFSv4/pnfs: Reset the layout state after a layoutreturn Vladimir Oltean (1): net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING Wayne Lin (2): drm/amd/display: Correct the reply value when AUX write incomplete drm/amd/display: Avoid flooding unnecessary info messages Wentao Liang (1): ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() Xu Lu (1): riscv: mm: Fix the out of bound issue of vmemmap address Yemike Abhilash Chandra (1): dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy Zhigang Luo (1): drm/amdgpu: trigger flr_work if reading pf2vf data failed Zhu Yanjun (1): RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug pengdonglin (2): ftrace: Fix preemption accounting for stacktrace trigger command ftrace: Fix preemption accounting for stacktrace filter command

5 months, 2 weeks

1
1
0 0

Linux 5.15.184

by Greg Kroah-Hartman

I'm announcing the release of the 5.15.184 kernel. All users of the 5.15 kernel series must upgrade. The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-devices-system-cpu | 1 Documentation/admin-guide/hw-vuln/index.rst | 1 Documentation/admin-guide/hw-vuln/indirect-target-selection.rst | 156 ++++++ Documentation/admin-guide/kernel-parameters.txt | 15 Makefile | 2 arch/x86/Kconfig | 11 arch/x86/entry/entry_64.S | 20 arch/x86/include/asm/alternative.h | 32 + arch/x86/include/asm/cpufeatures.h | 3 arch/x86/include/asm/msr-index.h | 8 arch/x86/include/asm/nospec-branch.h | 57 +- arch/x86/kernel/alternative.c | 243 +++++++++- arch/x86/kernel/cpu/bugs.c | 139 +++++ arch/x86/kernel/cpu/common.c | 63 ++ arch/x86/kernel/ftrace.c | 4 arch/x86/kernel/kprobes/core.c | 1 arch/x86/kernel/module.c | 15 arch/x86/kernel/static_call.c | 2 arch/x86/kernel/vmlinux.lds.S | 10 arch/x86/kvm/x86.c | 4 arch/x86/lib/retpoline.S | 39 + arch/x86/net/bpf_jit_comp.c | 8 block/fops.c | 5 drivers/acpi/pptt.c | 11 drivers/base/cpu.c | 8 drivers/clocksource/i8253.c | 6 drivers/dma/dmatest.c | 6 drivers/dma/idxd/init.c | 8 drivers/dma/ti/k3-udma.c | 10 drivers/iio/adc/ad7768-1.c | 2 drivers/iio/chemical/sps30.c | 2 drivers/infiniband/sw/rxe/rxe_cq.c | 5 drivers/net/dsa/sja1105/sja1105_main.c | 6 drivers/net/ethernet/cadence/macb_main.c | 19 drivers/net/ethernet/intel/ice/ice_arfs.c | 9 drivers/net/ethernet/intel/ice/ice_lib.c | 5 drivers/net/ethernet/intel/ice/ice_main.c | 20 drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 7 drivers/net/wireless/mediatek/mt76/dma.c | 1 drivers/phy/renesas/phy-rcar-gen3-usb2.c | 7 drivers/phy/tegra/xusb.c | 8 drivers/platform/x86/asus-wmi.c | 3 drivers/spi/spi-loopback-test.c | 2 drivers/usb/typec/altmodes/displayport.c | 18 drivers/usb/typec/ucsi/displayport.c | 19 drivers/usb/typec/ucsi/ucsi.c | 34 + drivers/usb/typec/ucsi/ucsi.h | 3 drivers/usb/typec/ucsi/ucsi_ccg.c | 5 fs/btrfs/discard.c | 17 fs/btrfs/extent-tree.c | 25 - fs/btrfs/extent_io.c | 15 fs/nfs/nfs4proc.c | 9 fs/nfs/pnfs.c | 9 include/linux/cpu.h | 2 include/linux/module.h | 5 include/net/netfilter/nf_tables.h | 2 include/net/sch_generic.h | 15 kernel/trace/trace_dynevent.c | 16 kernel/trace/trace_dynevent.h | 1 kernel/trace/trace_events_trigger.c | 2 kernel/trace/trace_functions.c | 6 kernel/trace/trace_kprobe.c | 2 kernel/trace/trace_probe.c | 9 kernel/trace/trace_uprobe.c | 2 net/netfilter/nf_tables_api.c | 54 +- net/netfilter/nft_immediate.c | 2 net/sched/sch_codel.c | 2 net/sched/sch_fq.c | 2 net/sched/sch_fq_codel.c | 2 net/sched/sch_fq_pie.c | 2 net/sched/sch_hhf.c | 2 net/sched/sch_pie.c | 2 net/sctp/sysctl.c | 4 samples/ftrace/sample-trace-array.c | 2 sound/pci/es1968.c | 6 sound/sh/Kconfig | 2 sound/usb/quirks.c | 4 tools/testing/selftests/vm/compaction_test.c | 19 78 files changed, 1115 insertions(+), 190 deletions(-) Abdun Nihaal (1): qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd() Alexander Lobakin (1): ice: arfs: fix use-after-free when freeing @rx_cpu_rmap Andrei Kuchynski (1): usb: typec: ucsi: displayport: Fix deadlock Borislav Petkov (AMD) (1): x86/alternative: Optimize returns patching Christian Heusel (1): ALSA: usb-audio: Add sample rate quirk for Audioengine D1 Claudiu Beznea (1): phy: renesas: rcar-gen3-usb2: Set timing registers only once Cong Wang (1): net_sched: Flush gso_skb list too during ->change() Dan Carpenter (1): usb: typec: fix potential array underflow in ucsi_ccg_sync_control() David Lechner (1): iio: chemical: sps30: use aligned_s64 for timestamp Eric Biggers (1): x86/its: Fix build errors when CONFIG_MODULES=n Eric Dumazet (1): sctp: add mutual exclusion in proc_sctp_do_udp_port() Fedor Pchelkin (1): wifi: mt76: disable napi on driver removal Feng Tang (1): selftests/mm: compaction_test: support platform with huge mount of memory Fengnan Chang (1): block: fix direct io NOWAIT flag not work Filipe Manana (2): btrfs: fix discard worker infinite loop after disabling discard btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Florian Westphal (2): netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx netfilter: nf_tables: do not defer rule destruction via call_rcu GONG Ruiqi (1): usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() Geert Uytterhoeven (2): spi: loopback-test: Do not split 1024-byte hexdumps ALSA: sh: SND_AICA should depend on SH_DMA_API Greg Kroah-Hartman (1): Linux 5.15.184 Hans de Goede (1): platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection Jeremy Linton (1): ACPI: PPTT: Fix processor subtable walk Jonathan Cameron (1): iio: adc: ad7768-1: Fix insufficient alignment of timestamp. Josef Bacik (1): btrfs: do not clean up repair bio if submit fails Josh Poimboeuf (1): x86/alternatives: Remove faulty optimization Li Lingfeng (1): nfs: handle failure of nfs_get_lock_context in unlock path Ma Ke (1): phy: Fix error handling in tegra_xusb_port_init Masami Hiramatsu (Google) (1): tracing: probes: Fix a possible race in trace_probe_log APIs Mathieu Othacehe (1): net: cadence: macb: Fix a possible deadlock in macb_halt_tx. Nathan Lynch (1): dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" Nicolas Chauvet (1): ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera Pablo Neira Ayuso (1): netfilter: nf_tables: wait for rcu grace period on net_device removal Pawan Gupta (10): x86/speculation: Simplify and make CALL_NOSPEC consistent x86/speculation: Add a conditional CS prefix to CALL_NOSPEC x86/speculation: Remove the extra #ifdef around CALL_NOSPEC Documentation: x86/bugs/its: Add ITS documentation x86/its: Enumerate Indirect Target Selection (ITS) bug x86/its: Add support for ITS-safe indirect thunk x86/its: Add support for ITS-safe return thunk x86/its: Enable Indirect Target Selection mitigation x86/its: Add "vmexit" option to skip mitigation on some CPUs x86/its: Align RETs in BHB clear sequence to avoid thunking Peter Zijlstra (3): x86,nospec: Simplify {JMP,CALL}_NOSPEC x86/its: Use dynamic thunks for indirect branches x86/its: FineIBT-paranoid vs ITS RD Babiera (1): usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group Ronald Wahl (1): dmaengine: ti: k3-udma: Add missing locking Sebastian Andrzej Siewior (1): clocksource/i8253: Use raw_spinlock_irqsave() in clockevent_i8253_disable() Shuai Xue (2): dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups Steven Rostedt (1): tracing: samples: Initialize trace_array_printk() with the correct function Thomas Gleixner (1): x86/modules: Set VM_FLUSH_RESET_PERMS in module_alloc() Trond Myklebust (1): NFSv4/pnfs: Reset the layout state after a layoutreturn Vladimir Oltean (1): net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING Wentao Liang (1): ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() Yemike Abhilash Chandra (1): dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy Zhu Yanjun (1): RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug pengdonglin (2): ftrace: Fix preemption accounting for stacktrace trigger command ftrace: Fix preemption accounting for stacktrace filter command

5 months, 2 weeks

1
1
0 0

[PATCH 6.1 0/1] Oopses on module unload seen on 6.1.y

by Fedor Pchelkin

Hi, commit 959cadf09dbae7b304f03e039b8d8e13c529e2dd Author: Peter Zijlstra <peterz(a)infradead.org> Date: Mon Oct 14 10:05:48 2024 -0700 x86/its: Use dynamic thunks for indirect branches commit 872df34d7c51a79523820ea6a14860398c639b87 upstream. was ported at v6.1.139 and leads to kernel crashes there after module unload operations. Example trace: BUG: unable to handle page fault for address: ffff8fcb47dd4000 #PF: supervisor write access in kernel mode #PF: error_code(0x0003) - permissions violation PGD 34801067 P4D 34801067 PUD 100148063 PMD 107dd5063 PTE 8000000107dd4161 Oops: 0003 [#1] PREEMPT SMP NOPTI CPU: 3 PID: 378 Comm: modprobe Not tainted 6.1.139-01446-g753bd4a5f9a9 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 RIP: 0010:__change_page_attr_set_clr+0x49d/0x1280 Call Trace: <TASK> ? free_unref_page_prepare+0x80/0x4b0 set_direct_map_invalid_noflush+0x6e/0xa0 __vunmap+0x18c/0x3e0 __vfree+0x21/0xb0 vfree+0x2b/0x90 module_memfree+0x1b/0x50 free_module+0x17c/0x250 __do_sys_delete_module+0x337/0x4b0 __x64_sys_delete_module+0x15/0x30 x64_sys_call+0x3f9a/0x43a0 do_syscall_64+0x33/0x80 entry_SYSCALL_64_after_hwframe+0x6e/0xd8 RIP: 0033:0x7f70755c0807 </TASK> Modules linked in: dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua [last unloaded: scsi_debug] As mentioned in the blamed patch comment describing the backport adaptations: [ pawan: CONFIG_EXECMEM and CONFIG_EXECMEM_ROX are not supported on backport kernel, made changes to use module_alloc() and set_memory_*() for dynamic thunks. ] module_alloc/module_memfree in conjunction with memory protection routines were used. The allocated memory is vmalloc-based, and it ends up being ROX upon release inside its_free_mod(). Freeing of special permissioned memory in vmalloc requires its own handling. VM_FLUSH_RESET_PERMS flag was introduced for these purposes. In-kernel users dealing with the stuff had to care about this explicitly before commit 4c4eb3ecc91f ("x86/modules: Set VM_FLUSH_RESET_PERMS in module_alloc()"). More recent kernels starting from 6.2 have the commit and are not affected. So port it as a followup for ITS mitigation 6.1-series to fix the aforementioned failures. The problem concerns 5.15-series (currently in stable-queue) as well. It needs its own patch to apply cleanly. Will send it shortly, too. Found by Linux Verification Center (linuxtesting.org). Thomas Gleixner (1): x86/modules: Set VM_FLUSH_RESET_PERMS in module_alloc() arch/x86/kernel/ftrace.c | 2 -- arch/x86/kernel/kprobes/core.c | 1 - arch/x86/kernel/module.c | 9 +++++---- 3 files changed, 5 insertions(+), 7 deletions(-) -- 2.49.0

5 months, 2 weeks

2
2
0 0

[PATCH net 1/4] can: kvaser_pciefd: Force IRQ edge in case of nested IRQ

by Marc Kleine-Budde

From: Axel Forsman <axfo(a)kvaser.com> Avoid the driver missing IRQs by temporarily masking IRQs in the ISR to enforce an edge even if a different IRQ is signalled before handled IRQs are cleared. Fixes: 48f827d4f48f ("can: kvaser_pciefd: Move reset of DMA RX buffers to the end of the ISR") Cc: stable(a)vger.kernel.org Signed-off-by: Axel Forsman <axfo(a)kvaser.com> Tested-by: Jimmy Assarsson <extja(a)kvaser.com> Reviewed-by: Jimmy Assarsson <extja(a)kvaser.com> Link: https://patch.msgid.link/20250520114332.8961-2-axfo@kvaser.com Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> --- drivers/net/can/kvaser_pciefd.c | 83 ++++++++++++++++----------------- 1 file changed, 39 insertions(+), 44 deletions(-) diff --git a/drivers/net/can/kvaser_pciefd.c b/drivers/net/can/kvaser_pciefd.c index cf0d51805272..9cc9176c2058 100644 --- a/drivers/net/can/kvaser_pciefd.c +++ b/drivers/net/can/kvaser_pciefd.c @@ -1646,24 +1646,28 @@ static int kvaser_pciefd_read_buffer(struct kvaser_pciefd *pcie, int dma_buf) return res; } -static u32 kvaser_pciefd_receive_irq(struct kvaser_pciefd *pcie) +static void kvaser_pciefd_receive_irq(struct kvaser_pciefd *pcie) { + void __iomem *srb_cmd_reg = KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_CMD_REG; u32 irq = ioread32(KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_IRQ_REG); - if (irq & KVASER_PCIEFD_SRB_IRQ_DPD0) - kvaser_pciefd_read_buffer(pcie, 0); + iowrite32(irq, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_IRQ_REG); - if (irq & KVASER_PCIEFD_SRB_IRQ_DPD1) + if (irq & KVASER_PCIEFD_SRB_IRQ_DPD0) { + kvaser_pciefd_read_buffer(pcie, 0); + iowrite32(KVASER_PCIEFD_SRB_CMD_RDB0, srb_cmd_reg); /* Rearm buffer */ + } + + if (irq & KVASER_PCIEFD_SRB_IRQ_DPD1) { kvaser_pciefd_read_buffer(pcie, 1); + iowrite32(KVASER_PCIEFD_SRB_CMD_RDB1, srb_cmd_reg); /* Rearm buffer */ + } if (unlikely(irq & KVASER_PCIEFD_SRB_IRQ_DOF0 || irq & KVASER_PCIEFD_SRB_IRQ_DOF1 || irq & KVASER_PCIEFD_SRB_IRQ_DUF0 || irq & KVASER_PCIEFD_SRB_IRQ_DUF1)) dev_err(&pcie->pci->dev, "DMA IRQ error 0x%08X\n", irq); - - iowrite32(irq, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_IRQ_REG); - return irq; } static void kvaser_pciefd_transmit_irq(struct kvaser_pciefd_can *can) @@ -1691,29 +1695,22 @@ static irqreturn_t kvaser_pciefd_irq_handler(int irq, void *dev) struct kvaser_pciefd *pcie = (struct kvaser_pciefd *)dev; const struct kvaser_pciefd_irq_mask *irq_mask = pcie->driver_data->irq_mask; u32 pci_irq = ioread32(KVASER_PCIEFD_PCI_IRQ_ADDR(pcie)); - u32 srb_irq = 0; - u32 srb_release = 0; int i; if (!(pci_irq & irq_mask->all)) return IRQ_NONE; + iowrite32(0, KVASER_PCIEFD_PCI_IEN_ADDR(pcie)); + if (pci_irq & irq_mask->kcan_rx0) - srb_irq = kvaser_pciefd_receive_irq(pcie); + kvaser_pciefd_receive_irq(pcie); for (i = 0; i < pcie->nr_channels; i++) { if (pci_irq & irq_mask->kcan_tx[i]) kvaser_pciefd_transmit_irq(pcie->can[i]); } - if (srb_irq & KVASER_PCIEFD_SRB_IRQ_DPD0) - srb_release |= KVASER_PCIEFD_SRB_CMD_RDB0; - - if (srb_irq & KVASER_PCIEFD_SRB_IRQ_DPD1) - srb_release |= KVASER_PCIEFD_SRB_CMD_RDB1; - - if (srb_release) - iowrite32(srb_release, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_CMD_REG); + iowrite32(irq_mask->all, KVASER_PCIEFD_PCI_IEN_ADDR(pcie)); return IRQ_HANDLED; } @@ -1733,13 +1730,22 @@ static void kvaser_pciefd_teardown_can_ctrls(struct kvaser_pciefd *pcie) } } +static void kvaser_pciefd_disable_irq_srcs(struct kvaser_pciefd *pcie) +{ + unsigned int i; + + /* Masking PCI_IRQ is insufficient as running ISR will unmask it */ + iowrite32(0, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_IEN_REG); + for (i = 0; i < pcie->nr_channels; ++i) + iowrite32(0, pcie->can[i]->reg_base + KVASER_PCIEFD_KCAN_IEN_REG); +} + static int kvaser_pciefd_probe(struct pci_dev *pdev, const struct pci_device_id *id) { int ret; struct kvaser_pciefd *pcie; const struct kvaser_pciefd_irq_mask *irq_mask; - void __iomem *irq_en_base; pcie = devm_kzalloc(&pdev->dev, sizeof(*pcie), GFP_KERNEL); if (!pcie) @@ -1805,8 +1811,7 @@ static int kvaser_pciefd_probe(struct pci_dev *pdev, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_IEN_REG); /* Enable PCI interrupts */ - irq_en_base = KVASER_PCIEFD_PCI_IEN_ADDR(pcie); - iowrite32(irq_mask->all, irq_en_base); + iowrite32(irq_mask->all, KVASER_PCIEFD_PCI_IEN_ADDR(pcie)); /* Ready the DMA buffers */ iowrite32(KVASER_PCIEFD_SRB_CMD_RDB0, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_CMD_REG); @@ -1820,8 +1825,7 @@ static int kvaser_pciefd_probe(struct pci_dev *pdev, return 0; err_free_irq: - /* Disable PCI interrupts */ - iowrite32(0, irq_en_base); + kvaser_pciefd_disable_irq_srcs(pcie); free_irq(pcie->pci->irq, pcie); err_pci_free_irq_vectors: @@ -1844,35 +1848,26 @@ static int kvaser_pciefd_probe(struct pci_dev *pdev, return ret; } -static void kvaser_pciefd_remove_all_ctrls(struct kvaser_pciefd *pcie) -{ - int i; - - for (i = 0; i < pcie->nr_channels; i++) { - struct kvaser_pciefd_can *can = pcie->can[i]; - - if (can) { - iowrite32(0, can->reg_base + KVASER_PCIEFD_KCAN_IEN_REG); - unregister_candev(can->can.dev); - timer_delete(&can->bec_poll_timer); - kvaser_pciefd_pwm_stop(can); - free_candev(can->can.dev); - } - } -} - static void kvaser_pciefd_remove(struct pci_dev *pdev) { struct kvaser_pciefd *pcie = pci_get_drvdata(pdev); + unsigned int i; - kvaser_pciefd_remove_all_ctrls(pcie); + for (i = 0; i < pcie->nr_channels; ++i) { + struct kvaser_pciefd_can *can = pcie->can[i]; - /* Disable interrupts */ - iowrite32(0, KVASER_PCIEFD_SRB_ADDR(pcie) + KVASER_PCIEFD_SRB_CTRL_REG); - iowrite32(0, KVASER_PCIEFD_PCI_IEN_ADDR(pcie)); + unregister_candev(can->can.dev); + timer_delete(&can->bec_poll_timer); + kvaser_pciefd_pwm_stop(can); + } + kvaser_pciefd_disable_irq_srcs(pcie); free_irq(pcie->pci->irq, pcie); pci_free_irq_vectors(pcie->pci); + + for (i = 0; i < pcie->nr_channels; ++i) + free_candev(pcie->can[i]->can.dev); + pci_iounmap(pdev, pcie->reg_base); pci_release_regions(pdev); pci_disable_device(pdev); base-commit: 9e89db3d847f2d66d2799c5533d00aebee2be4d1 -- 2.47.2

5 months, 2 weeks

2
1
0 0

[PATCH v2 1/2] drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1

by Ville Syrjala

From: Ville Syrjälä <ville.syrjala(a)linux.intel.com> The intel-media-driver is currently broken on DG1 because it uses EXEC_CAPTURE with recovarable contexts. Relax the check to allow that. I've also submitted a fix for the intel-media-driver: https://github.com/intel/media-driver/pull/1920 Cc: stable(a)vger.kernel.org Cc: Matthew Auld <matthew.auld(a)intel.com> Cc: Thomas Hellström <thomas.hellstrom(a)linux.intel.com> Testcase: igt/gem_exec_capture/capture-invisible Fixes: 71b1669ea9bd ("drm/i915/uapi: tweak error capture on recoverable contexts") Reviewed-by: Andi Shyti <andi.shyti(a)linux.intel.com> Signed-off-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> --- drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c index ca7e9216934a..ea9d5063ce78 100644 --- a/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c +++ b/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c @@ -2013,7 +2013,7 @@ static int eb_capture_stage(struct i915_execbuffer *eb) continue; if (i915_gem_context_is_recoverable(eb->gem_context) && - (IS_DGFX(eb->i915) || GRAPHICS_VER_FULL(eb->i915) > IP_VER(12, 0))) + GRAPHICS_VER_FULL(eb->i915) > IP_VER(12, 10)) return -EINVAL; for_each_batch_create_order(eb, j) { -- 2.49.0

5 months, 2 weeks

4
4
0 0

[PATCH v3] usb: hub: lack of clearing xHC resources

by Pawel Laszczak

The xHC resources allocated for USB devices are not released in correct order after resuming in case when while suspend device was reconnected. This issue has been detected during the fallowing scenario: - connect hub HS to root port - connect LS/FS device to hub port - wait for enumeration to finish - force host to suspend - reconnect hub attached to root port - wake host For this scenario during enumeration of USB LS/FS device the Cadence xHC reports completion error code for xHC commands because the xHC resources used for devices has not been properly released. XHCI specification doesn't mention that device can be reset in any order so, we should not treat this issue as Cadence xHC controller bug. Similar as during disconnecting in this case the device resources should be cleared starting form the last usb device in tree toward the root hub. To fix this issue usbcore driver should call hcd->driver->reset_device for all USB devices connected to hub which was reconnected while suspending. Fixes: 3d82904559f4 ("usb: cdnsp: cdns3 Add main part of Cadence USBSSP DRD Driver") cc: <stable(a)vger.kernel.org> Signed-off-by: Pawel Laszczak <pawell(a)cadence.com> --- Changelog: v3: - Changed patch title - Corrected typo - Moved hub_hc_release_resources above mutex_lock(hcd->address0_mutex) v2: - Replaced disconnection procedure with releasing only the xHC resources drivers/usb/core/hub.c | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c index a76bb50b6202..dcba4281ea48 100644 --- a/drivers/usb/core/hub.c +++ b/drivers/usb/core/hub.c @@ -6065,6 +6065,36 @@ void usb_hub_cleanup(void) usb_deregister(&hub_driver); } /* usb_hub_cleanup() */ +/** + * hub_hc_release_resources - clear resources used by host controller + * @udev: pointer to device being released + * + * Context: task context, might sleep + * + * Function releases the host controller resources in correct order before + * making any operation on resuming usb device. The host controller resources + * allocated for devices in tree should be released starting from the last + * usb device in tree toward the root hub. This function is used only during + * resuming device when usb device require reinitialization – that is, when + * flag udev->reset_resume is set. + * + * This call is synchronous, and may not be used in an interrupt context. + */ +static void hub_hc_release_resources(struct usb_device *udev) +{ + struct usb_hub *hub = usb_hub_to_struct_hub(udev); + struct usb_hcd *hcd = bus_to_hcd(udev->bus); + int i; + + /* Release up resources for all children before this device */ + for (i = 0; i < udev->maxchild; i++) + if (hub->ports[i]->child) + hub_hc_release_resources(hub->ports[i]->child); + + if (hcd->driver->reset_device) + hcd->driver->reset_device(hcd, udev); +} + /** * usb_reset_and_verify_device - perform a USB port reset to reinitialize a device * @udev: device to reset (not in SUSPENDED or NOTATTACHED state) @@ -6129,6 +6159,9 @@ static int usb_reset_and_verify_device(struct usb_device *udev) bos = udev->bos; udev->bos = NULL; + if (udev->reset_resume) + hub_hc_release_resources(udev); + mutex_lock(hcd->address0_mutex); for (i = 0; i < PORT_INIT_TRIES; ++i) { -- 2.43.0

5 months, 2 weeks

4
5
0 0

[PATCH 3/4 v3] crypto: octeontx2: Fix address alignment on CN10K A0/A1 and OcteonTX2

by Bharat Bhushan

octeontx2 crypto driver allocates memory using kmalloc/kzalloc, and uses this memory for dma (does dma_map_single()). It assumes that kmalloc/kzalloc will return 128-byte aligned address. But kmalloc/kzalloc returns 8-byte aligned address after below changes: "9382bc44b5f5 arm64: allow kmalloc() caches aligned to the smaller cache_line_size() Memory allocated are used for following purpose: - Input data or scatter list address - 8-Byte alignment - Output data or gather list address - 8-Byte alignment - Completion address - 32-Byte alignment. This patch ensures all addresses are aligned as mentioned above. Signed-off-by: Bharat Bhushan <bbhushan2(a)marvell.com> Cc: <stable(a)vger.kernel.org> #v6.5+ --- v2->v3: - Align DMA memory to ARCH_DMA_MINALIGN as that is mapped as bidirectional v1->v2: - Fixed memory padding size calculation as per review comment .../marvell/octeontx2/otx2_cpt_reqmgr.h | 63 ++++++++++++++----- 1 file changed, 48 insertions(+), 15 deletions(-) diff --git a/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h b/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h index e27e849b01df..204a31755710 100644 --- a/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h +++ b/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h @@ -34,6 +34,9 @@ #define SG_COMP_2 2 #define SG_COMP_1 1 +#define OTX2_CPT_DPTR_RPTR_ALIGN 8 +#define OTX2_CPT_RES_ADDR_ALIGN 32 + union otx2_cpt_opcode { u16 flags; struct { @@ -417,10 +420,9 @@ static inline struct otx2_cpt_inst_info * otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, gfp_t gfp) { - int align = OTX2_CPT_DMA_MINALIGN; struct otx2_cpt_inst_info *info; - u32 dlen, align_dlen, info_len; - u16 g_sz_bytes, s_sz_bytes; + u32 dlen, info_len; + u16 g_len, s_len; u32 total_mem_len; if (unlikely(req->in_cnt > OTX2_CPT_MAX_SG_IN_CNT || @@ -429,22 +431,51 @@ otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, return NULL; } - g_sz_bytes = ((req->in_cnt + 3) / 4) * - sizeof(struct otx2_cpt_sglist_component); - s_sz_bytes = ((req->out_cnt + 3) / 4) * - sizeof(struct otx2_cpt_sglist_component); + /* Allocate memory to meet below alignment requirement: + * ---------------------------------- + * | struct otx2_cpt_inst_info | + * | (No alignment required) | + * | -----------------------------| + * | | padding for 8B alignment | + * |----------------------------------| + * | SG List Gather/Input memory | + * | Length = multiple of 32Bytes | + * | Alignment = 8Byte | + * |----------------------------------| + * | SG List Scatter/Output memory | + * | Length = multiple of 32Bytes | + * | Alignment = 8Byte | + * | (padding for below alignment) | + * | -----------------------------| + * | | padding for 32B alignment | + * |----------------------------------| + * | Result response memory | + * ---------------------------------- + */ - dlen = g_sz_bytes + s_sz_bytes + SG_LIST_HDR_SIZE; - align_dlen = ALIGN(dlen, align); - info_len = ALIGN(sizeof(*info), align); - total_mem_len = align_dlen + info_len + sizeof(union otx2_cpt_res_s); + info_len = sizeof(*info); + + g_len = ((req->in_cnt + 3) / 4) * + sizeof(struct otx2_cpt_sglist_component); + s_len = ((req->out_cnt + 3) / 4) * + sizeof(struct otx2_cpt_sglist_component); + + dlen = g_len + s_len + SG_LIST_HDR_SIZE; + + /* Allocate extra memory for SG and response address alignment */ + total_mem_len = ALIGN(info_len, ARCH_DMA_MINALIGN) + dlen; + total_mem_len = ALIGN(total_mem_len, OTX2_CPT_DPTR_RPTR_ALIGN); + total_mem_len += (OTX2_CPT_RES_ADDR_ALIGN - 1) & + ~(OTX2_CPT_DPTR_RPTR_ALIGN - 1); + total_mem_len += sizeof(union otx2_cpt_res_s); info = kzalloc(total_mem_len, gfp); if (unlikely(!info)) return NULL; info->dlen = dlen; - info->in_buffer = (u8 *)info + info_len; + info->in_buffer = PTR_ALIGN((u8 *)info + info_len, ARCH_DMA_MINALIGN); + info->out_buffer = info->in_buffer + SG_LIST_HDR_SIZE + g_len; ((u16 *)info->in_buffer)[0] = req->out_cnt; ((u16 *)info->in_buffer)[1] = req->in_cnt; @@ -460,7 +491,7 @@ otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, } if (setup_sgio_components(pdev, req->out, req->out_cnt, - &info->in_buffer[8 + g_sz_bytes])) { + info->out_buffer)) { dev_err(&pdev->dev, "Failed to setup scatter list\n"); goto destroy_info; } @@ -476,8 +507,10 @@ otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, * Get buffer for union otx2_cpt_res_s response * structure and its physical address */ - info->completion_addr = info->in_buffer + align_dlen; - info->comp_baddr = info->dptr_baddr + align_dlen; + info->completion_addr = PTR_ALIGN((info->in_buffer + dlen), + OTX2_CPT_RES_ADDR_ALIGN); + info->comp_baddr = ALIGN((info->dptr_baddr + dlen), + OTX2_CPT_RES_ADDR_ALIGN); return info; -- 2.34.1

5 months, 2 weeks

3
2
0 0

[PATCH 4/4 v4] crypto: octeontx2: Fix address alignment on CN10KB and CN10KA-B0

by Bharat Bhushan

octeontx2 crypto driver allocates memory using kmalloc/kzalloc, and uses this memory for dma (does dma_map_single()). It assumes that kmalloc/kzalloc will return 128-byte aligned address. But kmalloc/kzalloc returns 8-byte aligned address after below changes: "9382bc44b5f5 arm64: allow kmalloc() caches aligned to the smaller cache_line_size() Memory allocated are used for following purpose: - Input data or scatter list address - 8-Byte alignment - Output data or gather list address - 8-Byte alignment - Completion address - 32-Byte alignment. This patch ensures all addresses are aligned as mentioned above. Signed-off-by: Bharat Bhushan <bbhushan2(a)marvell.com> Cc: <stable(a)vger.kernel.org> # v6.8+ --- v3->v4: - Again fixed memory size calculation as per review comment v2->v3: - Align DMA memory to ARCH_DMA_MINALIGN as that is mapped as bidirectional v1->v2: - Fixed memory padding size calculation as per review comment .../marvell/octeontx2/otx2_cpt_reqmgr.h | 59 ++++++++++++++----- 1 file changed, 44 insertions(+), 15 deletions(-) diff --git a/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h b/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h index 98de93851ba1..90a031421aac 100644 --- a/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h +++ b/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h @@ -350,22 +350,48 @@ static inline struct otx2_cpt_inst_info * cn10k_sgv2_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, gfp_t gfp) { - u32 dlen = 0, g_len, sg_len, info_len; - int align = OTX2_CPT_DMA_MINALIGN; + u32 dlen = 0, g_len, s_len, sg_len, info_len; struct otx2_cpt_inst_info *info; - u16 g_sz_bytes, s_sz_bytes; u32 total_mem_len; int i; - g_sz_bytes = ((req->in_cnt + 2) / 3) * - sizeof(struct cn10kb_cpt_sglist_component); - s_sz_bytes = ((req->out_cnt + 2) / 3) * - sizeof(struct cn10kb_cpt_sglist_component); + /* Allocate memory to meet below alignment requirement: + * ------------------------------------ + * | struct otx2_cpt_inst_info | + * | (No alignment required) | + * | --------------------------------| + * | | padding for ARCH_DMA_MINALIGN | + * | | alignment | + * |------------------------------------| + * | SG List Gather/Input memory | + * | Length = multiple of 32Bytes | + * | Alignment = 8Byte | + * |---------------------------------- | + * | SG List Scatter/Output memory | + * | Length = multiple of 32Bytes | + * | Alignment = 8Byte | + * | -------------------------------| + * | | padding for 32B alignment | + * |------------------------------------| + * | Result response memory | + * | Alignment = 32Byte | + * ------------------------------------ + */ + + info_len = sizeof(*info); + + g_len = ((req->in_cnt + 2) / 3) * + sizeof(struct cn10kb_cpt_sglist_component); + s_len = ((req->out_cnt + 2) / 3) * + sizeof(struct cn10kb_cpt_sglist_component); + sg_len = g_len + s_len; - g_len = ALIGN(g_sz_bytes, align); - sg_len = ALIGN(g_len + s_sz_bytes, align); - info_len = ALIGN(sizeof(*info), align); - total_mem_len = sg_len + info_len + sizeof(union otx2_cpt_res_s); + /* Allocate extra memory for SG and response address alignment */ + total_mem_len = ALIGN(info_len, OTX2_CPT_DPTR_RPTR_ALIGN); + total_mem_len += (ARCH_DMA_MINALIGN - 1) & + ~(OTX2_CPT_DPTR_RPTR_ALIGN - 1); + total_mem_len += ALIGN(sg_len, OTX2_CPT_RES_ADDR_ALIGN); + total_mem_len += sizeof(union otx2_cpt_res_s); info = kzalloc(total_mem_len, gfp); if (unlikely(!info)) @@ -375,7 +401,8 @@ cn10k_sgv2_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, dlen += req->in[i].size; info->dlen = dlen; - info->in_buffer = (u8 *)info + info_len; + info->in_buffer = PTR_ALIGN((u8 *)info + info_len, ARCH_DMA_MINALIGN); + info->out_buffer = info->in_buffer + g_len; info->gthr_sz = req->in_cnt; info->sctr_sz = req->out_cnt; @@ -387,7 +414,7 @@ cn10k_sgv2_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, } if (sgv2io_components_setup(pdev, req->out, req->out_cnt, - &info->in_buffer[g_len])) { + info->out_buffer)) { dev_err(&pdev->dev, "Failed to setup scatter list\n"); goto destroy_info; } @@ -404,8 +431,10 @@ cn10k_sgv2_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, * Get buffer for union otx2_cpt_res_s response * structure and its physical address */ - info->completion_addr = info->in_buffer + sg_len; - info->comp_baddr = info->dptr_baddr + sg_len; + info->completion_addr = PTR_ALIGN((info->in_buffer + sg_len), + OTX2_CPT_RES_ADDR_ALIGN); + info->comp_baddr = ALIGN((info->dptr_baddr + sg_len), + OTX2_CPT_RES_ADDR_ALIGN); return info; -- 2.34.1

5 months, 2 weeks

1
0
0 0

[PATCH 3/4 v4] crypto: octeontx2: Fix address alignment on CN10K A0/A1 and OcteonTX2

by Bharat Bhushan

octeontx2 crypto driver allocates memory using kmalloc/kzalloc, and uses this memory for dma (does dma_map_single()). It assumes that kmalloc/kzalloc will return 128-byte aligned address. But kmalloc/kzalloc returns 8-byte aligned address after below changes: "9382bc44b5f5 arm64: allow kmalloc() caches aligned to the smaller cache_line_size() Memory allocated are used for following purpose: - Input data or scatter list address - 8-Byte alignment - Output data or gather list address - 8-Byte alignment - Completion address - 32-Byte alignment. This patch ensures all addresses are aligned as mentioned above. Signed-off-by: Bharat Bhushan <bbhushan2(a)marvell.com> Cc: <stable(a)vger.kernel.org> # v6.5+ --- v3->v4: - Again fixed memory size calculation as per review comment v2->v3: - Align DMA memory to ARCH_DMA_MINALIGN as that is mapped as bidirectional v1->v2: - Fixed memory padding size calculation as per review comment .../marvell/octeontx2/otx2_cpt_reqmgr.h | 66 ++++++++++++++----- 1 file changed, 51 insertions(+), 15 deletions(-) diff --git a/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h b/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h index e27e849b01df..98de93851ba1 100644 --- a/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h +++ b/drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h @@ -34,6 +34,9 @@ #define SG_COMP_2 2 #define SG_COMP_1 1 +#define OTX2_CPT_DPTR_RPTR_ALIGN 8 +#define OTX2_CPT_RES_ADDR_ALIGN 32 + union otx2_cpt_opcode { u16 flags; struct { @@ -417,10 +420,9 @@ static inline struct otx2_cpt_inst_info * otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, gfp_t gfp) { - int align = OTX2_CPT_DMA_MINALIGN; struct otx2_cpt_inst_info *info; - u32 dlen, align_dlen, info_len; - u16 g_sz_bytes, s_sz_bytes; + u32 dlen, info_len; + u16 g_len, s_len; u32 total_mem_len; if (unlikely(req->in_cnt > OTX2_CPT_MAX_SG_IN_CNT || @@ -429,22 +431,54 @@ otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, return NULL; } - g_sz_bytes = ((req->in_cnt + 3) / 4) * - sizeof(struct otx2_cpt_sglist_component); - s_sz_bytes = ((req->out_cnt + 3) / 4) * - sizeof(struct otx2_cpt_sglist_component); + /* Allocate memory to meet below alignment requirement: + * ------------------------------------ + * | struct otx2_cpt_inst_info | + * | (No alignment required) | + * | --------------------------------| + * | | padding for ARCH_DMA_MINALIGN | + * | | alignment | + * |------------------------------------| + * | SG List Header of 8 Byte | + * |------------------------------------| + * | SG List Gather/Input memory | + * | Length = multiple of 32Bytes | + * | Alignment = 8Byte | + * |---------------------------------- | + * | SG List Scatter/Output memory | + * | Length = multiple of 32Bytes | + * | Alignment = 8Byte | + * | -------------------------------| + * | | padding for 32B alignment | + * |------------------------------------| + * | Result response memory | + * | Alignment = 32Byte | + * ------------------------------------ + */ - dlen = g_sz_bytes + s_sz_bytes + SG_LIST_HDR_SIZE; - align_dlen = ALIGN(dlen, align); - info_len = ALIGN(sizeof(*info), align); - total_mem_len = align_dlen + info_len + sizeof(union otx2_cpt_res_s); + info_len = sizeof(*info); + + g_len = ((req->in_cnt + 3) / 4) * + sizeof(struct otx2_cpt_sglist_component); + s_len = ((req->out_cnt + 3) / 4) * + sizeof(struct otx2_cpt_sglist_component); + + dlen = g_len + s_len + SG_LIST_HDR_SIZE; + + /* Allocate extra memory for SG and response address alignment */ + total_mem_len = ALIGN(info_len, OTX2_CPT_DPTR_RPTR_ALIGN); + total_mem_len += (ARCH_DMA_MINALIGN - 1) & + ~(OTX2_CPT_DPTR_RPTR_ALIGN - 1); + total_mem_len += ALIGN(dlen, OTX2_CPT_RES_ADDR_ALIGN); + total_mem_len += sizeof(union otx2_cpt_res_s); info = kzalloc(total_mem_len, gfp); if (unlikely(!info)) return NULL; info->dlen = dlen; - info->in_buffer = (u8 *)info + info_len; + info->in_buffer = PTR_ALIGN((u8 *)info + info_len, ARCH_DMA_MINALIGN); + info->out_buffer = info->in_buffer + SG_LIST_HDR_SIZE + g_len; ((u16 *)info->in_buffer)[0] = req->out_cnt; ((u16 *)info->in_buffer)[1] = req->in_cnt; @@ -460,7 +494,7 @@ otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, } if (setup_sgio_components(pdev, req->out, req->out_cnt, - &info->in_buffer[8 + g_sz_bytes])) { + info->out_buffer)) { dev_err(&pdev->dev, "Failed to setup scatter list\n"); goto destroy_info; } @@ -476,8 +510,10 @@ otx2_sg_info_create(struct pci_dev *pdev, struct otx2_cpt_req_info *req, * Get buffer for union otx2_cpt_res_s response * structure and its physical address */ - info->completion_addr = info->in_buffer + align_dlen; - info->comp_baddr = info->dptr_baddr + align_dlen; + info->completion_addr = PTR_ALIGN((info->in_buffer + dlen), + OTX2_CPT_RES_ADDR_ALIGN); + info->comp_baddr = ALIGN((info->dptr_baddr + dlen), + OTX2_CPT_RES_ADDR_ALIGN); return info; -- 2.34.1

5 months, 2 weeks

1
0
0 0

[PATCH 2/4 v4] crypto: octeontx2: Fix address alignment issue on ucode loading

by Bharat Bhushan

octeontx2 crypto driver allocates memory using kmalloc/kzalloc, and uses this memory for dma (does dma_map_single()). It assumes that kmalloc/kzalloc will return 128-byte aligned address. But kmalloc/kzalloc returns 8-byte aligned address after below changes: "9382bc44b5f5 arm64: allow kmalloc() caches aligned to the smaller cache_line_size()" Completion address should be 32-Byte alignment when loading microcode. Signed-off-by: Bharat Bhushan <bbhushan2(a)marvell.com> Cc: <stable(a)vger.kernel.org> # v6.5+ --- v2->v3: - Align DMA memory to ARCH_DMA_MINALIGN as that is mapped as bidirectional .../marvell/octeontx2/otx2_cptpf_ucode.c | 35 +++++++++++-------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c b/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c index 3a818ac89295..88f0f72a4462 100644 --- a/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c +++ b/drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c @@ -1491,12 +1491,13 @@ int otx2_cpt_discover_eng_capabilities(struct otx2_cptpf_dev *cptpf) union otx2_cpt_opcode opcode; union otx2_cpt_res_s *result; union otx2_cpt_inst_s inst; + dma_addr_t result_baddr; dma_addr_t rptr_baddr; struct pci_dev *pdev; - u32 len, compl_rlen; int timeout = 10000; + void *base, *rptr; int ret, etype; - void *rptr; + u32 len; /* * We don't get capabilities if it was already done @@ -1521,22 +1522,28 @@ int otx2_cpt_discover_eng_capabilities(struct otx2_cptpf_dev *cptpf) if (ret) goto delete_grps; - compl_rlen = ALIGN(sizeof(union otx2_cpt_res_s), OTX2_CPT_DMA_MINALIGN); - len = compl_rlen + LOADFVC_RLEN; + /* Allocate extra memory for "rptr" and "result" pointer alignment */ + len = LOADFVC_RLEN + ARCH_DMA_MINALIGN + + sizeof(union otx2_cpt_res_s) + OTX2_CPT_RES_ADDR_ALIGN; - result = kzalloc(len, GFP_KERNEL); - if (!result) { + base = kzalloc(len, GFP_KERNEL); + if (!base) { ret = -ENOMEM; goto lf_cleanup; } - rptr_baddr = dma_map_single(&pdev->dev, (void *)result, len, - DMA_BIDIRECTIONAL); + + rptr = PTR_ALIGN(base, ARCH_DMA_MINALIGN); + rptr_baddr = dma_map_single(&pdev->dev, rptr, len, DMA_BIDIRECTIONAL); if (dma_mapping_error(&pdev->dev, rptr_baddr)) { dev_err(&pdev->dev, "DMA mapping failed\n"); ret = -EFAULT; - goto free_result; + goto free_rptr; } - rptr = (u8 *)result + compl_rlen; + + result = (union otx2_cpt_res_s *)PTR_ALIGN(rptr + LOADFVC_RLEN, + OTX2_CPT_RES_ADDR_ALIGN); + result_baddr = ALIGN(rptr_baddr + LOADFVC_RLEN, + OTX2_CPT_RES_ADDR_ALIGN); /* Fill in the command */ opcode.s.major = LOADFVC_MAJOR_OP; @@ -1548,14 +1555,14 @@ int otx2_cpt_discover_eng_capabilities(struct otx2_cptpf_dev *cptpf) /* 64-bit swap for microcode data reads, not needed for addresses */ cpu_to_be64s(&iq_cmd.cmd.u); iq_cmd.dptr = 0; - iq_cmd.rptr = rptr_baddr + compl_rlen; + iq_cmd.rptr = rptr_baddr; iq_cmd.cptr.u = 0; for (etype = 1; etype < OTX2_CPT_MAX_ENG_TYPES; etype++) { result->s.compcode = OTX2_CPT_COMPLETION_CODE_INIT; iq_cmd.cptr.s.grp = otx2_cpt_get_eng_grp(&cptpf->eng_grps, etype); - otx2_cpt_fill_inst(&inst, &iq_cmd, rptr_baddr); + otx2_cpt_fill_inst(&inst, &iq_cmd, result_baddr); lfs->ops->send_cmd(&inst, 1, &cptpf->lfs.lf[0]); timeout = 10000; @@ -1578,8 +1585,8 @@ int otx2_cpt_discover_eng_capabilities(struct otx2_cptpf_dev *cptpf) error_no_response: dma_unmap_single(&pdev->dev, rptr_baddr, len, DMA_BIDIRECTIONAL); -free_result: - kfree(result); +free_rptr: + kfree(base); lf_cleanup: otx2_cptlf_shutdown(lfs); delete_grps: -- 2.34.1

5 months, 2 weeks

1
0
0 0

[PATCH] objtool/rust: relax slice condition to cover more `noreturn` Rust functions

by Miguel Ojeda

Developers are indeed hitting other of the `noreturn` slice symbols in Nova [1], thus relax the last check in the list so that we catch all of them, i.e. *_4core5slice5index22slice_index_order_fail *_4core5slice5index24slice_end_index_len_fail *_4core5slice5index26slice_start_index_len_fail *_4core5slice5index29slice_end_index_overflow_fail *_4core5slice5index31slice_start_index_overflow_fail These all exist since at least Rust 1.78.0, thus backport it too. See commit 56d680dd23c3 ("objtool/rust: list `noreturn` Rust functions") for more details. Cc: stable(a)vger.kernel.org # Needed in 6.12.y and later. Cc: John Hubbard <jhubbard(a)nvidia.com> Cc: Timur Tabi <ttabi(a)nvidia.com> Cc: Kane York <kanepyork(a)gmail.com> Cc: Josh Poimboeuf <jpoimboe(a)kernel.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Reported-by: Joel Fernandes <joelagnelf(a)nvidia.com> Link: https://lore.kernel.org/rust-for-linux/20250513180757.GA1295002@joelnvbox/ [1] Signed-off-by: Miguel Ojeda <ojeda(a)kernel.org> --- I tested it with the Timur's `alex` branch, but a Tested-by is appreciated. Thanks! tools/objtool/check.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/objtool/check.c b/tools/objtool/check.c index b21b12ec88d9..f23bdda737aa 100644 --- a/tools/objtool/check.c +++ b/tools/objtool/check.c @@ -230,7 +230,8 @@ static bool is_rust_noreturn(const struct symbol *func) str_ends_with(func->name, "_7___rustc17rust_begin_unwind") || strstr(func->name, "_4core9panicking13assert_failed") || strstr(func->name, "_4core9panicking11panic_const24panic_const_") || - (strstr(func->name, "_4core5slice5index24slice_") && + (strstr(func->name, "_4core5slice5index") && + strstr(func->name, "slice_") && str_ends_with(func->name, "_fail")); } base-commit: a5806cd506af5a7c19bcd596e4708b5c464bfd21 -- 2.49.0

5 months, 2 weeks

3
2
0 0

[PATCH 5.10.y/5.15.y] ELF: fix kernel.randomize_va_space double read

by Feng Liu

From: Alexey Dobriyan <adobriyan(a)gmail.com> [ Upstream commit 2a97388a807b6ab5538aa8f8537b2463c6988bd2 ] ELF loader uses "randomize_va_space" twice. It is sysctl and can change at any moment, so 2 loads could see 2 different values in theory with unpredictable consequences. Issue exactly one load for consistent value across one exec. Signed-off-by: Alexey Dobriyan <adobriyan(a)gmail.com> Link: https://lore.kernel.org/r/3329905c-7eb8-400a-8f0a-d87cff979b5b@p183 Signed-off-by: Kees Cook <kees(a)kernel.org> Signed-off-by: Feng Liu <Feng.Liu3(a)windriver.com> Signed-off-by: He Zhe <Zhe.He(a)windriver.com> --- Verified the build test. --- fs/binfmt_elf.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index 11dc833ca2c4..a1f0dff2f818 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -1008,7 +1008,8 @@ static int load_elf_binary(struct linux_binprm *bprm) if (elf_read_implies_exec(*elf_ex, executable_stack)) current->personality |= READ_IMPLIES_EXEC; - if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space) + const int snapshot_randomize_va_space = READ_ONCE(randomize_va_space); + if (!(current->personality & ADDR_NO_RANDOMIZE) && snapshot_randomize_va_space) current->flags |= PF_RANDOMIZE; setup_new_exec(bprm); @@ -1278,7 +1279,7 @@ static int load_elf_binary(struct linux_binprm *bprm) mm->end_data = end_data; mm->start_stack = bprm->p; - if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1)) { + if ((current->flags & PF_RANDOMIZE) && (snapshot_randomize_va_space > 1)) { /* * For architectures with ELF randomization, when executing * a loader directly (i.e. no interpreter listed in ELF -- 2.34.1

5 months, 2 weeks

4
7
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror May 2025