- Linux-stable-mirror - lists.linaro.org

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.17.2 release. There are 26 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 12 Oct 2025 13:13:18 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.17.2-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.17.2-rc1 Ankit Khushwaha <ankitkhushwaha.linux(a)gmail.com> ring buffer: Propagate __rb_map_vma return value to caller Chao Yu <chao(a)kernel.org> f2fs: fix to do sanity check on node footer for non inode dnode Sean Christopherson <seanjc(a)google.com> KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O Nalivayko Sergey <Sergey.Nalivayko(a)kaspersky.com> net/9p: fix double req put in p9_fd_cancelled Herbert Xu <herbert(a)gondor.apana.org.au> crypto: rng - Ensure set_ent is always present Herbert Xu <herbert(a)gondor.apana.org.au> crypto: zstd - Fix compression bug caused by truncation Herbert Xu <herbert(a)gondor.apana.org.au> Revert "crypto: testmgr - desupport SHA-1 for FIPS 140" Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> driver core/PM: Set power.no_callbacks along with power.no_pm Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> driver core: faux: Set power.no_pm for faux devices Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: flush RX FIFO on read errors Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: fix TX handling on copy_from_user() failure Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: fix maximum TX packet length check Raphael Gallais-Pou <raphael.gallais-pou(a)foss.st.com> serial: stm32: allow selecting console when the driver is module Carlos Llamas <cmllamas(a)google.com> binder: fix double-free in dbitmap Max Kellermann <max.kellermann(a)ionos.com> drivers/misc/amd-sbi/Kconfig: select REGMAP_I2C Michael Walle <mwalle(a)kernel.org> nvmem: layouts: fix automatic module loading Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> serial: qcom-geni: Fix blocked task Rahul Rameshbabu <sergeantsagara(a)protonmail.com> rust: pci: fix incorrect platform reference in PCI driver unbind doc comment Rahul Rameshbabu <sergeantsagara(a)protonmail.com> rust: pci: fix incorrect platform reference in PCI driver probe doc comment Miguel Ojeda <ojeda(a)kernel.org> rust: block: fix `srctree/` links Miguel Ojeda <ojeda(a)kernel.org> rust: drm: fix `srctree/` links Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtl8xxxu: Don't claim USB ID 07b8:8188 Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 Zenm Chen <zenmchen(a)gmail.com> Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 Xiaowei Li <xiaowei.li(a)simcom.com> USB: serial: option: add SIMCom 8230C compositions Mario Limonciello <mario.limonciello(a)amd.com> drm/amdgpu: Enable MES lr_compute_wa by default ------------- Diffstat: Makefile | 4 +- arch/x86/kvm/emulate.c | 9 +- arch/x86/kvm/kvm_emulate.h | 3 +- arch/x86/kvm/x86.c | 15 +- crypto/rng.c | 8 + crypto/testmgr.c | 5 + crypto/zstd.c | 2 +- drivers/android/dbitmap.h | 1 + drivers/base/faux.c | 1 + drivers/bluetooth/btusb.c | 2 + drivers/gpu/drm/amd/amdgpu/mes_v11_0.c | 6 + drivers/gpu/drm/amd/amdgpu/mes_v12_0.c | 5 + drivers/gpu/drm/amd/include/mes_v11_api_def.h | 3 +- drivers/gpu/drm/amd/include/mes_v12_api_def.h | 3 +- drivers/misc/amd-sbi/Kconfig | 1 + drivers/net/wireless/realtek/rtl8xxxu/core.c | 2 - .../net/wireless/realtek/rtlwifi/rtl8192cu/sw.c | 1 - drivers/nvmem/layouts.c | 13 ++ drivers/staging/axis-fifo/axis-fifo.c | 68 ++++---- drivers/tty/serial/Kconfig | 2 +- drivers/tty/serial/qcom_geni_serial.c | 176 ++------------------- drivers/usb/serial/option.c | 6 + fs/f2fs/f2fs.h | 4 +- fs/f2fs/gc.c | 4 +- fs/f2fs/node.c | 58 ++++--- fs/f2fs/node.h | 1 + fs/f2fs/recovery.c | 2 +- include/linux/device.h | 3 + kernel/trace/ring_buffer.c | 2 +- net/9p/trans_fd.c | 8 +- rust/kernel/block/mq/gen_disk.rs | 2 +- rust/kernel/drm/device.rs | 2 +- rust/kernel/drm/driver.rs | 2 +- rust/kernel/drm/file.rs | 2 +- rust/kernel/drm/gem/mod.rs | 2 +- rust/kernel/drm/ioctl.rs | 2 +- rust/kernel/pci.rs | 6 +- 37 files changed, 179 insertions(+), 257 deletions(-)

49 minutes

11
36
0 0

[PATCH 6.16 00/41] 6.16.12-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.16.12 release. There are 41 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 12 Oct 2025 13:13:18 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.16.12-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.16.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.16.12-rc1 Ankit Khushwaha <ankitkhushwaha.linux(a)gmail.com> ring buffer: Propagate __rb_map_vma return value to caller Sean Christopherson <seanjc(a)google.com> KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O Nalivayko Sergey <Sergey.Nalivayko(a)kaspersky.com> net/9p: fix double req put in p9_fd_cancelled Herbert Xu <herbert(a)gondor.apana.org.au> crypto: rng - Ensure set_ent is always present Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> driver core/PM: Set power.no_callbacks along with power.no_pm Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> driver core: faux: Set power.no_pm for faux devices Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: flush RX FIFO on read errors Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: fix TX handling on copy_from_user() failure Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: fix maximum TX packet length check Raphael Gallais-Pou <raphael.gallais-pou(a)foss.st.com> serial: stm32: allow selecting console when the driver is module Carlos Llamas <cmllamas(a)google.com> binder: fix double-free in dbitmap Max Kellermann <max.kellermann(a)ionos.com> drivers/misc/amd-sbi/Kconfig: select REGMAP_I2C Michael Walle <mwalle(a)kernel.org> nvmem: layouts: fix automatic module loading Arnaud Lecomte <contact(a)arnaud-lcm.com> hid: fix I2C read buffer overflow in raw_event() for mcp2221 Christoffer Sandberg <cs(a)tuxedo.de> platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list Duy Nguyen <duy.nguyen.rh(a)renesas.com> can: rcar_canfd: Fix controller mode setting Chen Yufeng <chenyufeng(a)iie.ac.cn> can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled Jason Gunthorpe <jgg(a)ziepe.ca> iommufd: WARN if an object is aborted with an elevated refcount Lizhi Xu <lizhi.xu(a)windriver.com> netfs: Prevent duplicate unlocking David Sterba <dsterba(a)suse.com> btrfs: ref-verify: handle damaged extent root tree Jack Yu <jack.yu(a)realtek.com> ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue Shyam Sundar S K <Shyam-sundar.S-k(a)amd.com> platform/x86/amd/pmf: Support new ACPI ID AMDI0108 Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu/gfx11: Add Cleaner Shader Support for GFX11.0.1/11.0.4 GPUs hupu <hupu.gm(a)gmail.com> perf subcmd: avoid crash in exclude_cmds when excludes is empty Antheas Kapenekakis <lkml(a)antheas.dev> platform/x86: oxpec: Add support for OneXPlayer X1Pro EVA-02 aprilgrimoire <aprilgrimoire(a)proton.me> platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list Mikulas Patocka <mpatocka(a)redhat.com> dm-integrity: limit MAX_TAG_SIZE to 255 Venkata Prasad Potturu <venkataprasad.potturu(a)amd.com> ASoC: amd: acp: Adjust pdm gain value Shuming Fan <shumingf(a)realtek.com> ASoC: rt712: avoid skipping the blind write Antheas Kapenekakis <lkml(a)antheas.dev> gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-05 Rahul Rameshbabu <sergeantsagara(a)protonmail.com> rust: pci: fix incorrect platform reference in PCI driver probe doc comment Miguel Ojeda <ojeda(a)kernel.org> rust: block: fix `srctree/` links Miguel Ojeda <ojeda(a)kernel.org> rust: drm: fix `srctree/` links Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtl8xxxu: Don't claim USB ID 07b8:8188 Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 Zenm Chen <zenmchen(a)gmail.com> Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 Xiaowei Li <xiaowei.li(a)simcom.com> USB: serial: option: add SIMCom 8230C compositions Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() Chih-Kang Chang <gary.chang(a)realtek.com> wifi: rtw89: mcc: stop TX during MCC prepare Mario Limonciello <mario.limonciello(a)amd.com> drm/amdgpu: Enable MES lr_compute_wa by default Shenghao Ding <shenghao-ding(a)ti.com> ALSA: hda/tas2781: Fix the order of TAS2781 calibrated-data ------------- Diffstat: Makefile | 4 +- arch/x86/kvm/emulate.c | 9 ++- arch/x86/kvm/kvm_emulate.h | 3 +- arch/x86/kvm/x86.c | 15 ++--- crypto/rng.c | 8 +++ drivers/android/dbitmap.h | 1 + drivers/base/faux.c | 1 + drivers/bluetooth/btusb.c | 2 + drivers/gpio/gpiolib-acpi-quirks.c | 12 ++++ drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 15 +++++ drivers/gpu/drm/amd/amdgpu/mes_v11_0.c | 6 ++ drivers/gpu/drm/amd/amdgpu/mes_v12_0.c | 5 ++ drivers/gpu/drm/amd/include/mes_v11_api_def.h | 3 +- drivers/gpu/drm/amd/include/mes_v12_api_def.h | 3 +- drivers/hid/hid-mcp2221.c | 4 ++ drivers/iommu/iommufd/device.c | 3 +- drivers/iommu/iommufd/iommufd_private.h | 3 +- drivers/iommu/iommufd/main.c | 4 ++ drivers/md/dm-integrity.c | 2 +- drivers/misc/amd-sbi/Kconfig | 1 + drivers/net/can/rcar/rcar_canfd.c | 7 ++- drivers/net/can/spi/hi311x.c | 33 ++++++----- drivers/net/wireless/realtek/rtl8xxxu/core.c | 2 - .../net/wireless/realtek/rtlwifi/rtl8192cu/sw.c | 1 - drivers/net/wireless/realtek/rtw89/chan.c | 35 +++++++++++ drivers/net/wireless/realtek/rtw89/chan.h | 2 + drivers/net/wireless/realtek/rtw89/core.c | 32 ++++++++-- drivers/net/wireless/realtek/rtw89/core.h | 37 +++++++++++- drivers/net/wireless/realtek/rtw89/pci.c | 3 +- drivers/net/wireless/realtek/rtw89/ser.c | 2 + drivers/nvmem/layouts.c | 13 +++++ drivers/platform/x86/amd/pmc/pmc-quirks.c | 15 +++++ drivers/platform/x86/amd/pmf/core.c | 1 + drivers/platform/x86/oxpec.c | 7 +++ drivers/staging/axis-fifo/axis-fifo.c | 68 ++++++++++------------ drivers/tty/serial/Kconfig | 2 +- drivers/usb/serial/option.c | 6 ++ fs/btrfs/ref-verify.c | 9 ++- fs/netfs/buffered_write.c | 2 +- include/linux/device.h | 3 + kernel/trace/ring_buffer.c | 2 +- net/9p/trans_fd.c | 8 +-- rust/kernel/block/mq/gen_disk.rs | 2 +- rust/kernel/drm/device.rs | 2 +- rust/kernel/drm/driver.rs | 2 +- rust/kernel/drm/file.rs | 2 +- rust/kernel/drm/gem/mod.rs | 2 +- rust/kernel/drm/ioctl.rs | 2 +- rust/kernel/pci.rs | 4 +- sound/pci/hda/tas2781_hda.c | 25 ++++++-- sound/soc/amd/acp/amd.h | 2 +- sound/soc/codecs/rt5682s.c | 17 +++--- sound/soc/codecs/rt712-sdca.c | 6 +- tools/lib/subcmd/help.c | 3 + 54 files changed, 339 insertions(+), 124 deletions(-)

2 hours, 14 minutes

11
51
0 0

[PATCH 6.12 00/35] 6.12.52-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.12.52 release. There are 35 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 12 Oct 2025 13:13:18 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.12.52-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.12.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.12.52-rc1 Sean Christopherson <seanjc(a)google.com> KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O Nalivayko Sergey <Sergey.Nalivayko(a)kaspersky.com> net/9p: fix double req put in p9_fd_cancelled Herbert Xu <herbert(a)gondor.apana.org.au> crypto: rng - Ensure set_ent is always present Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> driver core/PM: Set power.no_callbacks along with power.no_pm Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: flush RX FIFO on read errors Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: fix TX handling on copy_from_user() failure Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: fix maximum TX packet length check Raphael Gallais-Pou <raphael.gallais-pou(a)foss.st.com> serial: stm32: allow selecting console when the driver is module Carlos Llamas <cmllamas(a)google.com> binder: fix double-free in dbitmap Michael Walle <mwalle(a)kernel.org> nvmem: layouts: fix automatic module loading Arnaud Lecomte <contact(a)arnaud-lcm.com> hid: fix I2C read buffer overflow in raw_event() for mcp2221 Jeongjun Park <aha310510(a)gmail.com> ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Kill timer properly at removal Mario Limonciello <mario.limonciello(a)amd.com> drm/amdgpu: Enable MES lr_compute_wa by default Shaoyun Liu <shaoyun.liu(a)amd.com> drm/amd/include : Update MES v12 API for fence update Shaoyun Liu <shaoyun.liu(a)amd.com> drm/amd/include : MES v11 and v12 API header update Shaoyun Liu <shaoyun.liu(a)amd.com> drm/amd : Update MES API header file for v11 & v12 Christoffer Sandberg <cs(a)tuxedo.de> platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list Duy Nguyen <duy.nguyen.rh(a)renesas.com> can: rcar_canfd: Fix controller mode setting Chen Yufeng <chenyufeng(a)iie.ac.cn> can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled Lizhi Xu <lizhi.xu(a)windriver.com> netfs: Prevent duplicate unlocking David Sterba <dsterba(a)suse.com> btrfs: ref-verify: handle damaged extent root tree Jack Yu <jack.yu(a)realtek.com> ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue Shyam Sundar S K <Shyam-sundar.S-k(a)amd.com> platform/x86/amd/pmf: Support new ACPI ID AMDI0108 hupu <hupu.gm(a)gmail.com> perf subcmd: avoid crash in exclude_cmds when excludes is empty aprilgrimoire <aprilgrimoire(a)proton.me> platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list Mikulas Patocka <mpatocka(a)redhat.com> dm-integrity: limit MAX_TAG_SIZE to 255 Venkata Prasad Potturu <venkataprasad.potturu(a)amd.com> ASoC: amd: acp: Adjust pdm gain value Miguel Ojeda <ojeda(a)kernel.org> rust: block: fix `srctree/` links Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtl8xxxu: Don't claim USB ID 07b8:8188 Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 Zenm Chen <zenmchen(a)gmail.com> Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 Xiaowei Li <xiaowei.li(a)simcom.com> USB: serial: option: add SIMCom 8230C compositions Duoming Zhou <duoming(a)zju.edu.cn> media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() ------------- Diffstat: Makefile | 4 +- arch/x86/kvm/emulate.c | 9 ++- arch/x86/kvm/kvm_emulate.h | 3 +- arch/x86/kvm/x86.c | 15 +++-- crypto/rng.c | 8 +++ drivers/android/dbitmap.h | 1 + drivers/bluetooth/btusb.c | 2 + drivers/gpu/drm/amd/amdgpu/mes_v11_0.c | 6 ++ drivers/gpu/drm/amd/amdgpu/mes_v12_0.c | 5 ++ drivers/gpu/drm/amd/include/mes_v11_api_def.h | 47 +++++++++++++- drivers/gpu/drm/amd/include/mes_v12_api_def.h | 74 +++++++++++++++++++++- drivers/hid/hid-mcp2221.c | 4 ++ drivers/md/dm-integrity.c | 2 +- drivers/media/i2c/tc358743.c | 4 +- drivers/net/can/rcar/rcar_canfd.c | 7 +- drivers/net/can/spi/hi311x.c | 33 +++++----- drivers/net/wireless/realtek/rtl8xxxu/core.c | 2 - .../net/wireless/realtek/rtlwifi/rtl8192cu/sw.c | 1 - drivers/net/wireless/realtek/rtw89/core.c | 31 +++++++-- drivers/net/wireless/realtek/rtw89/core.h | 35 +++++++++- drivers/net/wireless/realtek/rtw89/pci.c | 3 +- drivers/net/wireless/realtek/rtw89/ser.c | 3 + drivers/nvmem/layouts.c | 13 ++++ drivers/platform/x86/amd/pmc/pmc-quirks.c | 15 +++++ drivers/platform/x86/amd/pmf/core.c | 1 + drivers/staging/axis-fifo/axis-fifo.c | 68 +++++++++----------- drivers/tty/serial/Kconfig | 2 +- drivers/usb/serial/option.c | 6 ++ fs/btrfs/ref-verify.c | 9 ++- fs/netfs/buffered_write.c | 2 +- include/linux/device.h | 3 + net/9p/trans_fd.c | 8 +-- rust/kernel/block/mq/gen_disk.rs | 2 +- sound/soc/amd/acp/amd.h | 2 +- sound/soc/codecs/rt5682s.c | 17 ++--- sound/usb/midi.c | 10 +-- tools/lib/subcmd/help.c | 3 + 37 files changed, 347 insertions(+), 113 deletions(-)

2 hours, 48 minutes

10
44
0 0

[for-linus][PATCH v2 2/2] tracing: Stop fortify-string from warning in tracing_mark_raw_write()

by Steven Rostedt

From: Steven Rostedt <rostedt(a)goodmis.org> The way tracing_mark_raw_write() records its data is that it has the following structure: struct { struct trace_entry; int id; char buf[]; }; But memcpy(&entry->id, buf, size) triggers the following warning when the size is greater than the id: ------------[ cut here ]------------ memcpy: detected field-spanning write (size 6) of single field "&entry->id" at kernel/trace/trace.c:7458 (size 4) WARNING: CPU: 7 PID: 995 at kernel/trace/trace.c:7458 write_raw_marker_to_buffer.isra.0+0x1f9/0x2e0 Modules linked in: CPU: 7 UID: 0 PID: 995 Comm: bash Not tainted 6.17.0-test-00007-g60b82183e78a-dirty #211 PREEMPT(voluntary) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-debian-1.17.0-1 04/01/2014 RIP: 0010:write_raw_marker_to_buffer.isra.0+0x1f9/0x2e0 Code: 04 00 75 a7 b9 04 00 00 00 48 89 de 48 89 04 24 48 c7 c2 e0 b1 d1 b2 48 c7 c7 40 b2 d1 b2 c6 05 2d 88 6a 04 01 e8 f7 e8 bd ff <0f> 0b 48 8b 04 24 e9 76 ff ff ff 49 8d 7c 24 04 49 8d 5c 24 08 48 RSP: 0018:ffff888104c3fc78 EFLAGS: 00010292 RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 1ffffffff6b363b4 RDI: 0000000000000001 RBP: ffff888100058a00 R08: ffffffffb041d459 R09: ffffed1020987f40 R10: 0000000000000007 R11: 0000000000000001 R12: ffff888100bb9010 R13: 0000000000000000 R14: 00000000000003e3 R15: ffff888134800000 FS: 00007fa61d286740(0000) GS:ffff888286cad000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000560d28d509f1 CR3: 00000001047a4006 CR4: 0000000000172ef0 Call Trace: <TASK> tracing_mark_raw_write+0x1fe/0x290 ? __pfx_tracing_mark_raw_write+0x10/0x10 ? security_file_permission+0x50/0xf0 ? rw_verify_area+0x6f/0x4b0 vfs_write+0x1d8/0xdd0 ? __pfx_vfs_write+0x10/0x10 ? __pfx_css_rstat_updated+0x10/0x10 ? count_memcg_events+0xd9/0x410 ? fdget_pos+0x53/0x5e0 ksys_write+0x182/0x200 ? __pfx_ksys_write+0x10/0x10 ? do_user_addr_fault+0x4af/0xa30 do_syscall_64+0x63/0x350 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7fa61d318687 Code: 48 89 fa 4c 89 df e8 58 b3 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff RSP: 002b:00007ffd87fe0120 EFLAGS: 00000202 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fa61d286740 RCX: 00007fa61d318687 RDX: 0000000000000006 RSI: 0000560d28d509f0 RDI: 0000000000000001 RBP: 0000560d28d509f0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000006 R13: 00007fa61d4715c0 R14: 00007fa61d46ee80 R15: 0000000000000000 </TASK> ---[ end trace 0000000000000000 ]--- This is because fortify string sees that the size of entry->id is only 4 bytes, but it is writing more than that. But this is OK as the dynamic_array is allocated to handle that copy. The size allocated on the ring buffer was actually a bit too big: size = sizeof(*entry) + cnt; But cnt includes the 'id' and the buffer data, so adding cnt to the size of *entry actually allocates too much on the ring buffer. Change the allocation to: size = struct_size(entry, buf, cnt - sizeof(entry->id)); and the memcpy() to unsafe_memcpy() with an added justification. Cc: stable(a)vger.kernel.org Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Andrew Morton <akpm(a)linux-foundation.org> Link: https://lore.kernel.org/20251011112032.77be18e4@gandalf.local.home Fixes: 64cf7d058a00 ("tracing: Have trace_marker use per-cpu data to read user space") Reported-by: syzbot+9a2ede1643175f350105(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/68e973f5.050a0220.1186a4.0010.GAE@google.com/ Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- kernel/trace/trace.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index bbb89206a891..eb256378e65b 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -7441,7 +7441,8 @@ static ssize_t write_raw_marker_to_buffer(struct trace_array *tr, ssize_t written; size_t size; - size = sizeof(*entry) + cnt; + /* cnt includes both the entry->id and the data behind it. */ + size = struct_size(entry, buf, cnt - sizeof(entry->id)); buffer = tr->array_buffer.buffer; @@ -7455,7 +7456,10 @@ static ssize_t write_raw_marker_to_buffer(struct trace_array *tr, return -EBADF; entry = ring_buffer_event_data(event); - memcpy(&entry->id, buf, cnt); + unsafe_memcpy(&entry->id, buf, cnt, + "id and content already reserved on ring buffer" + "'buf' includes the 'id' and the data." + "'entry' was allocated with cnt from 'id'."); written = cnt; __buffer_unlock_commit(buffer, event); -- 2.51.0

3 hours, 5 minutes

1
0
0 0

[for-linus][PATCH v2 1/2] tracing: Fix tracing_mark_raw_write() to use buf and not ubuf

by Steven Rostedt

From: Steven Rostedt <rostedt(a)goodmis.org> The fix to use a per CPU buffer to read user space tested only the writes to trace_marker. But it appears that the selftests are missing tests to the trace_maker_raw file. The trace_maker_raw file is used by applications that writes data structures and not strings into the file, and the tools read the raw ring buffer to process the structures it writes. The fix that reads the per CPU buffers passes the new per CPU buffer to the trace_marker file writes, but the update to the trace_marker_raw write read the data from user space into the per CPU buffer, but then still used then passed the user space address to the function that records the data. Pass in the per CPU buffer and not the user space address. TODO: Add a test to better test trace_marker_raw. Cc: stable(a)vger.kernel.org Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Andrew Morton <akpm(a)linux-foundation.org> Link: https://lore.kernel.org/20251011035243.386098147@kernel.org Fixes: 64cf7d058a00 ("tracing: Have trace_marker use per-cpu data to read user space") Reported-by: syzbot+9a2ede1643175f350105(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/68e973f5.050a0220.1186a4.0010.GAE@google.com/ Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- kernel/trace/trace.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 0fd582651293..bbb89206a891 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -7497,12 +7497,12 @@ tracing_mark_raw_write(struct file *filp, const char __user *ubuf, if (tr == &global_trace) { guard(rcu)(); list_for_each_entry_rcu(tr, &marker_copies, marker_list) { - written = write_raw_marker_to_buffer(tr, ubuf, cnt); + written = write_raw_marker_to_buffer(tr, buf, cnt); if (written < 0) break; } } else { - written = write_raw_marker_to_buffer(tr, ubuf, cnt); + written = write_raw_marker_to_buffer(tr, buf, cnt); } return written; -- 2.51.0

3 hours, 5 minutes

1
0
0 0

[PATCH 6.6 00/28] 6.6.111-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.111 release. There are 28 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 12 Oct 2025 13:13:18 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.111-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.111-rc1 Sean Christopherson <seanjc(a)google.com> KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O Nalivayko Sergey <Sergey.Nalivayko(a)kaspersky.com> net/9p: fix double req put in p9_fd_cancelled Herbert Xu <herbert(a)gondor.apana.org.au> crypto: rng - Ensure set_ent is always present Charlie Jenkins <charlie(a)rivosinc.com> riscv: mm: Do not restrict mmap address based on hint Charlie Jenkins <charlie(a)rivosinc.com> riscv: mm: Use hint address in mmap if available Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> driver core/PM: Set power.no_callbacks along with power.no_pm Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: flush RX FIFO on read errors Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: fix TX handling on copy_from_user() failure Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: fix maximum TX packet length check Raphael Gallais-Pou <raphael.gallais-pou(a)foss.st.com> serial: stm32: allow selecting console when the driver is module Arnaud Lecomte <contact(a)arnaud-lcm.com> hid: fix I2C read buffer overflow in raw_event() for mcp2221 Jeongjun Park <aha310510(a)gmail.com> ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Kill timer properly at removal Christoffer Sandberg <cs(a)tuxedo.de> platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list Duy Nguyen <duy.nguyen.rh(a)renesas.com> can: rcar_canfd: Fix controller mode setting Chen Yufeng <chenyufeng(a)iie.ac.cn> can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled David Sterba <dsterba(a)suse.com> btrfs: ref-verify: handle damaged extent root tree Jack Yu <jack.yu(a)realtek.com> ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue hupu <hupu.gm(a)gmail.com> perf subcmd: avoid crash in exclude_cmds when excludes is empty aprilgrimoire <aprilgrimoire(a)proton.me> platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list Mikulas Patocka <mpatocka(a)redhat.com> dm-integrity: limit MAX_TAG_SIZE to 255 Venkata Prasad Potturu <venkataprasad.potturu(a)amd.com> ASoC: amd: acp: Adjust pdm gain value Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 Xiaowei Li <xiaowei.li(a)simcom.com> USB: serial: option: add SIMCom 8230C compositions Duoming Zhou <duoming(a)zju.edu.cn> media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe Duoming Zhou <duoming(a)zju.edu.cn> media: tuner: xc5000: Fix use-after-free in xc5000_release Ricardo Ribalda <ribalda(a)chromium.org> media: tunner: xc5000: Refactor firmware load Will Deacon <will(a)kernel.org> KVM: arm64: Fix softirq masking in FPSIMD register saving sequence ------------- Diffstat: Makefile | 4 +- arch/arm64/kernel/fpsimd.c | 8 ++- arch/riscv/include/asm/processor.h | 33 ++--------- arch/x86/kvm/emulate.c | 9 ++- arch/x86/kvm/kvm_emulate.h | 3 +- arch/x86/kvm/x86.c | 15 ++--- crypto/rng.c | 8 +++ drivers/hid/hid-mcp2221.c | 4 ++ drivers/md/dm-integrity.c | 2 +- drivers/media/i2c/tc358743.c | 4 +- drivers/media/tuners/xc5000.c | 41 ++++++------- drivers/net/can/rcar/rcar_canfd.c | 7 ++- drivers/net/can/spi/hi311x.c | 33 ++++++----- .../net/wireless/realtek/rtlwifi/rtl8192cu/sw.c | 1 - drivers/platform/x86/amd/pmc/pmc-quirks.c | 15 +++++ drivers/staging/axis-fifo/axis-fifo.c | 68 ++++++++++------------ drivers/tty/serial/Kconfig | 2 +- drivers/usb/serial/option.c | 6 ++ fs/btrfs/ref-verify.c | 9 ++- include/linux/device.h | 3 + net/9p/trans_fd.c | 8 +-- sound/soc/amd/acp/amd.h | 2 +- sound/soc/codecs/rt5682s.c | 17 +++--- sound/usb/midi.c | 10 ++-- tools/lib/subcmd/help.c | 3 + 25 files changed, 166 insertions(+), 149 deletions(-)

3 hours, 23 minutes

8
35
0 0

+ mm-prevent-poison-consumption-when-splitting-thp.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm: prevent poison consumption when splitting THP has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-prevent-poison-consumption-when-splitting-thp.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> Subject: mm: prevent poison consumption when splitting THP Date: Sat, 11 Oct 2025 15:55:19 +0800 When performing memory error injection on a THP (Transparent Huge Page) mapped to userspace on an x86 server, the kernel panics with the following trace. The expected behavior is to terminate the affected process instead of panicking the kernel, as the x86 Machine Check code can recover from an in-userspace #MC. mce: [Hardware Error]: CPU 0: Machine Check Exception: f Bank 3: bd80000000070134 mce: [Hardware Error]: RIP 10:<ffffffff8372f8bc> {memchr_inv+0x4c/0xf0} mce: [Hardware Error]: TSC afff7bbff88a ADDR 1d301b000 MISC 80 PPIN 1e741e77539027db mce: [Hardware Error]: PROCESSOR 0:d06d0 TIME 1758093249 SOCKET 0 APIC 0 microcode 80000320 mce: [Hardware Error]: Run the above through 'mcelog --ascii' mce: [Hardware Error]: Machine check: Data load in unrecoverable area of kernel Kernel panic - not syncing: Fatal local machine check The root cause of this panic is that handling a memory failure triggered by an in-userspace #MC necessitates splitting the THP. The splitting process employs a mechanism, implemented in try_to_map_unused_to_zeropage(), which reads the sub-pages of the THP to identify zero-filled pages. However, reading the sub-pages results in a second in-kernel #MC, occurring before the initial memory_failure() completes, ultimately leading to a kernel panic. See the kernel panic call trace on the two #MCs. First Machine Check occurs // [1] memory_failure() // [2] try_to_split_thp_page() split_huge_page() split_huge_page_to_list_to_order() __folio_split() // [3] remap_page() remove_migration_ptes() remove_migration_pte() try_to_map_unused_to_zeropage() // [4] memchr_inv() // [5] Second Machine Check occurs // [6] Kernel panic [1] Triggered by accessing a hardware-poisoned THP in userspace, which is typically recoverable by terminating the affected process. [2] Call folio_set_has_hwpoisoned() before try_to_split_thp_page(). [3] Pass the RMP_USE_SHARED_ZEROPAGE remap flag to remap_page(). [4] Try to map the unused THP to zeropage. [5] Re-access sub-pages of the hw-poisoned THP in the kernel. [6] Triggered in-kernel, leading to a panic kernel. In Step[2], memory_failure() sets the poisoned flag on the sub-page of the THP by TestSetPageHWPoison() before calling try_to_split_thp_page(). As suggested by David Hildenbrand, fix this panic by not accessing to the poisoned sub-page of the THP during zeropage identification, while continuing to scan unaffected sub-pages of the THP for possible zeropage mapping. This prevents a second in-kernel #MC that would cause kernel panic in Step[4]. [ Credits to Andrew Zaborowski <andrew.zaborowski(a)intel.com> for his original fix that prevents passing the RMP_USE_SHARED_ZEROPAGE flag to remap_page() in Step[3] if the THP has the has_hwpoisoned flag set, avoiding access to the entire THP for zero-page identification. ] Link: https://lkml.kernel.org/r/20251011075520.320862-1-qiuxu.zhuo@intel.com Signed-off-by: Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> Reported-by: Farrah Chen <farrah.chen(a)intel.com> Suggested-by: David Hildenbrand <david(a)redhat.com> Tested-by: Farrah Chen <farrah.chen(a)intel.com> Tested-by: Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> Acked-by: Lance Yang <lance.yang(a)linux.dev> Cc: Baolin Wang <baolin.wang(a)linux.alibaba.com> Cc: Barry Song <baohua(a)kernel.org> Cc: Dev Jain <dev.jain(a)arm.com> Cc: Jiaqi Yan <jiaqiyan(a)google.com> Cc: Liam Howlett <liam.howlett(a)oracle.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: "Luck, Tony" <tony.luck(a)intel.com> Cc: Mariano Pache <npache(a)redhat.com> Cc: Miaohe Lin <linmiaohe(a)huawei.com> Cc: Naoya Horiguchi <nao.horiguchi(a)gmail.com> Cc: Ryan Roberts <ryan.roberts(a)arm.com> Cc: Zi Yan <ziy(a)nvidia.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/huge_memory.c | 3 +++ mm/migrate.c | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) --- a/mm/huge_memory.c~mm-prevent-poison-consumption-when-splitting-thp +++ a/mm/huge_memory.c @@ -4109,6 +4109,9 @@ static bool thp_underused(struct folio * if (khugepaged_max_ptes_none == HPAGE_PMD_NR - 1) return false; + if (folio_contain_hwpoisoned_page(folio)) + return false; + for (i = 0; i < folio_nr_pages(folio); i++) { if (pages_identical(folio_page(folio, i), ZERO_PAGE(0))) { if (++num_zero_pages > khugepaged_max_ptes_none) --- a/mm/migrate.c~mm-prevent-poison-consumption-when-splitting-thp +++ a/mm/migrate.c @@ -301,8 +301,9 @@ static bool try_to_map_unused_to_zeropag struct page *page = folio_page(folio, idx); pte_t newpte; - if (PageCompound(page)) + if (PageCompound(page) || PageHWPoison(page)) return false; + VM_BUG_ON_PAGE(!PageAnon(page), page); VM_BUG_ON_PAGE(!PageLocked(page), page); VM_BUG_ON_PAGE(pte_present(old_pte), page); _ Patches currently in -mm which might be from qiuxu.zhuo(a)intel.com are mm-prevent-poison-consumption-when-splitting-thp.patch

4 hours, 29 minutes

1
0
0 0

[PATCH v2 0/5] rtc: Fix problems with missing UIE irqs

by Esben Haabendal

This fixes a couple of different problems, that can cause RTC (alarm) irqs to be missing when generating UIE interrupts. The first commit fixes a long-standing problem, which has been documented in a comment since 2010. This fixes a race that could cause UIE irqs to stop being generated, which was easily reproduced by timing the use of RTC_UIE_ON ioctl with the seconds tick in the RTC. The last commit ensures that RTC (alarm) irqs are enabled whenever RTC_UIE_ON ioctl is used. The driver specific commits avoids kernel warnings about unbalanced enable_irq/disable_irq, which gets triggered on first RTC_UIE_ON with the last commit. Before this series, the same warning should be seen on initial RTC_AIE_ON with those drivers. Signed-off-by: Esben Haabendal <esben(a)geanix.com> --- Changes in v2: - Dropped patch for rtc-st-lpc driver. - Link to v1: https://lore.kernel.org/r/20241203-rtc-uie-irq-fixes-v1-0-01286ecd9f3f@gean… --- Esben Haabendal (5): rtc: interface: Fix long-standing race when setting alarm rtc: isl12022: Fix initial enable_irq/disable_irq balance rtc: cpcap: Fix initial enable_irq/disable_irq balance rtc: tps6586x: Fix initial enable_irq/disable_irq balance rtc: interface: Ensure alarm irq is enabled when UIE is enabled drivers/rtc/interface.c | 27 +++++++++++++++++++++++++++ drivers/rtc/rtc-cpcap.c | 1 + drivers/rtc/rtc-isl12022.c | 1 + drivers/rtc/rtc-tps6586x.c | 1 + 4 files changed, 30 insertions(+) --- base-commit: 82f2b0b97b36ee3fcddf0f0780a9a0825d52fec3 change-id: 20241203-rtc-uie-irq-fixes-f2838782d0f8 Best regards, -- Esben Haabendal <esben(a)geanix.com>

6 hours, 26 minutes

2
3
0 0

[PATCH] leds: leds-lp50xx: allow LED 0 to be added to module bank

by Christian Hitz

From: Christian Hitz <christian.hitz(a)bbv.ch> led_banks contains LED module number(s) that should be grouped into the module bank. led_banks is 0-initialized. By checking the led_banks entries for 0, un-set entries are detected. But a 0-entry also indicates that LED module 0 should be grouped into the module bank. By only iterating over the available entries no check for unused entries is required and LED module 0 can be added to bank. Signed-off-by: Christian Hitz <christian.hitz(a)bbv.ch> Cc: stable(a)vger.kernel.org --- drivers/leds/leds-lp50xx.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/drivers/leds/leds-lp50xx.c b/drivers/leds/leds-lp50xx.c index 94f8ef6b482c..d50c7f3e8f99 100644 --- a/drivers/leds/leds-lp50xx.c +++ b/drivers/leds/leds-lp50xx.c @@ -341,17 +341,15 @@ static int lp50xx_brightness_set(struct led_classdev *cdev, return ret; } -static int lp50xx_set_banks(struct lp50xx *priv, u32 led_banks[]) +static int lp50xx_set_banks(struct lp50xx *priv, u32 led_banks[], int num_leds) { u8 led_config_lo, led_config_hi; u32 bank_enable_mask = 0; int ret; int i; - for (i = 0; i < priv->chip_info->max_modules; i++) { - if (led_banks[i]) - bank_enable_mask |= (1 << led_banks[i]); - } + for (i = 0; i < num_leds; i++) + bank_enable_mask |= (1 << led_banks[i]); led_config_lo = bank_enable_mask; led_config_hi = bank_enable_mask >> 8; @@ -405,7 +403,7 @@ static int lp50xx_probe_leds(struct fwnode_handle *child, struct lp50xx *priv, return ret; } - ret = lp50xx_set_banks(priv, led_banks); + ret = lp50xx_set_banks(priv, led_banks, num_leds); if (ret) { dev_err(priv->dev, "Cannot setup banked LEDs\n"); return ret; -- 2.51.0

10 hours, 31 minutes

2
1
0 0

[PATCH] ALSA: usb-audio: apply quirk for Huawei Technologies Co., Ltd. CM-Q3

by Cryolitia PukNgae

There're several different actual hardwares sold by Huawei, using the same USB ID 12d1:3a07. The first one we found, having a volume control named "Headset Playback Volume", reports a min value -15360, and will mute iff setting it to -15360. It can be simply fixed by quirk flag MIXER_PLAYBACK_MIN_MUTE, which we have already submitted previously.[1] The second one we found today, having a volume control named "PCM Playback Volume", reports its min -11520 and res 256, and will mute when less than -11008. Because of the already existing quirk flag, we can just set its min to -11264, and the new minimum value will still not be available to userspace, so that userspace's minimum will be the correct -11008. 1. https://lore.kernel.org/all/20250903-sound-v1-3-d4ca777b8512@uniontech.com/ Tested-by: Guoli An <anguoli(a)uniontech.com> Signed-off-by: Cryolitia PukNgae <cryolitia.pukngae(a)linux.dev> --- sound/usb/mixer.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/sound/usb/mixer.c b/sound/usb/mixer.c index 34bcbfd8b54e66abc0229eefd354eb7bc4c01576..ae412e651faf905c9f7d600de8e19c51995cd3f9 100644 --- a/sound/usb/mixer.c +++ b/sound/usb/mixer.c @@ -1189,6 +1189,13 @@ static void volume_control_quirks(struct usb_mixer_elem_info *cval, cval->min = -14208; /* Mute under it */ } break; + case USB_ID(0x12d1, 0x3a07): /* Huawei Technologies Co., Ltd. CM-Q3 */ + if (!strcmp(kctl->id.name, "PCM Playback Volume")) { + usb_audio_info(chip, + "set volume quirk for Huawei Technologies Co., Ltd. CM-Q3\n"); + cval->min = -11264; /* Mute under it */ + } + break; } } --- base-commit: 7e9827afc78073096149cf3565ba668fe2ef4831 change-id: 20251011-sound_quirk-6a8326325451 Best regards, -- Cryolitia PukNgae <cryolitia.pukngae(a)linux.dev>

11 hours, 57 minutes

3
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror