- Linux-stable-mirror - lists.linaro.org

[PATCH v3 0/5] scsi: ufs: qcom: fix UFSDHCD support on MSM8996 platform

by Dmitry Baryshkov

First several patches target fixing the UFS support on the Qualcomm MSM8996 / APQ8096 platforms, broken by the commit b4e13e1ae95e ("scsi: ufs: qcom: Add multiple frequency support for MAX_CORE_CLK_1US_CYCLES"). Last two patches clean up the UFS DT device on that platform to follow the bindings on other MSM8969 platforms. If such breaking change is unacceptable, they can be simply ignored, merging fixes only. Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> --- Changes in v3: - dropped the patch conflicting with Yassine's patch that got accepted - Cc stable on the UFS change (Manivannan) - Fixed typos in the commit message (Manivannan) - Link to v2: https://lore.kernel.org/r/20240213-msm8996-fix-ufs-v2-0-650758c26458@linaro… Changes in v2: - Dropped patches adding RX_SYMBOL_1_CLK, MSM8996 uses single lane (Krzysztof). - Link to v1: https://lore.kernel.org/r/20240209-msm8996-fix-ufs-v1-0-107b52e57420@linaro… --- Dmitry Baryshkov (5): scsi: ufs: qcom: provide default cycles_in_1us value arm64: dts: qcom: msm8996: specify UFS core_clk frequencies arm64: dts: qcom: msm8996: set GCC_UFS_ICE_CORE_CLK freq directly dt-bindings: ufs: qcom,ufs: drop source clock entries arm64: dts: qcom: msm8996: drop source clock entries from the UFS node Documentation/devicetree/bindings/ufs/qcom,ufs.yaml | 12 +++++------- arch/arm64/boot/dts/qcom/msm8996.dtsi | 8 +------- drivers/ufs/host/ufs-qcom.c | 6 ++++-- 3 files changed, 10 insertions(+), 16 deletions(-) --- base-commit: 0035c3918a74a83f94158fbbd667e163bfd4a0d0 change-id: 20240209-msm8996-fix-ufs-f80ae6d4d8cf Best regards, -- Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org>

1 year, 6 months

2
3
0 0

[PATCH v2] usb: gadget: ncm: Fix handling of zero block length packets

by Krishna Kurapati

While connecting to a Linux host with CDC_NCM_NTB_DEF_SIZE_TX set to 65536, it has been observed that we receive short packets, which come at interval of 5-10 seconds sometimes and have block length zero but still contain 1-2 valid datagrams present. According to the NCM spec: "If wBlockLength = 0x0000, the block is terminated by a short packet. In this case, the USB transfer must still be shorter than dwNtbInMaxSize or dwNtbOutMaxSize. If exactly dwNtbInMaxSize or dwNtbOutMaxSize bytes are sent, and the size is a multiple of wMaxPacketSize for the given pipe, then no ZLP shall be sent. wBlockLength= 0x0000 must be used with extreme care, because of the possibility that the host and device may get out of sync, and because of test issues. wBlockLength = 0x0000 allows the sender to reduce latency by starting to send a very large NTB, and then shortening it when the sender discovers that there’s not sufficient data to justify sending a large NTB" However, there is a potential issue with the current implementation, as it checks for the occurrence of multiple NTBs in a single giveback by verifying if the leftover bytes to be processed is zero or not. If the block length reads zero, we would process the same NTB infintely because the leftover bytes is never zero and it leads to a crash. Fix this by bailing out if block length reads zero. Cc: <stable(a)vger.kernel.org> Fixes: 427694cfaafa ("usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call") Signed-off-by: Krishna Kurapati <quic_kriskura(a)quicinc.com> --- Changes in v2: Removed goto label Link to v1: https://lore.kernel.org/all/20240226112815.2616719-1-quic_kriskura@quicinc.… drivers/usb/gadget/function/f_ncm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/gadget/function/f_ncm.c b/drivers/usb/gadget/function/f_ncm.c index e2a059cfda2c..28f4e6552e84 100644 --- a/drivers/usb/gadget/function/f_ncm.c +++ b/drivers/usb/gadget/function/f_ncm.c @@ -1346,7 +1346,7 @@ static int ncm_unwrap_ntb(struct gether *port, if (to_process == 1 && (*(unsigned char *)(ntb_ptr + block_len) == 0x00)) { to_process--; - } else if (to_process > 0) { + } else if ((to_process > 0) && (block_len != 0)) { ntb_ptr = (unsigned char *)(ntb_ptr + block_len); goto parse_ntb; } -- 2.34.1

1 year, 6 months

2
1
0 0

FAILED: patch "[PATCH] memcg: fix use-after-free in uncharge_batch" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x f1796544a0ca0f14386a679d3d05fbc69235015e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022759-crave-busily-bef7@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: f1796544a0ca ("memcg: fix use-after-free in uncharge_batch") 1a3e1f40962c ("mm: memcontrol: decouple reference counting from page accounting") 8d22a9351035 ("mm/memcg: fix refcount error while moving and swapping") d9eb1ea2bf87 ("mm: memcontrol: delete unused lrucare handling") 4c6355b25e8b ("mm: memcontrol: charge swapin pages on instantiation") f0e45fb4da29 ("mm: memcontrol: drop unused try/commit/cancel charge API") 9d82c69438d0 ("mm: memcontrol: convert anon and file-thp to new mem_cgroup_charge() API") 468c398233da ("mm: memcontrol: switch to native NR_ANON_THPS counter") be5d0a74c62d ("mm: memcontrol: switch to native NR_ANON_MAPPED counter") 0d1c20722ab3 ("mm: memcontrol: switch to native NR_FILE_PAGES and NR_SHMEM counters") 49e50d277ba2 ("mm: memcontrol: prepare move_account for removal of private page type counters") 9f762dbe19b9 ("mm: memcontrol: prepare uncharging for removal of private page type counters") 3fea5a499d57 ("mm: memcontrol: convert page cache to a new mem_cgroup_charge() API") 6caa6a0703e0 ("mm: memcontrol: move out cgroup swaprate throttling") 14235ab36019 ("mm: shmem: remove rare optimization when swapin races with hole punching") 3fba69a56e16 ("mm: memcontrol: drop @compound parameter from memcg charging API") abb242f57196 ("mm: memcontrol: fix stat-corrupting race in charge moving") f4129ea3591a ("mm: fix NUMA node file count error in replace_page_cache()") ffe945e633b5 ("khugepaged: do not stop collapse if less than half PTEs are referenced") 396bcc5299c2 ("mm: remove CONFIG_TRANSPARENT_HUGE_PAGECACHE") 85b9f46e8ea4 ("mm, thp: track fallbacks due to failed memcg charges separately") dcdf11ee1441 ("mm, shmem: add vmstat for hugepage fallback") 9c315e4d7d8c ("mm: memcg/slab: cache page number in memcg_(un)charge_slab()") 92d0510c3585 ("mm: kmem: switch to nr_pages in (__)memcg_kmem_charge_memcg()") f4b00eab5004 ("mm: kmem: rename memcg_kmem_(un)charge() into memcg_kmem_(un)charge_page()") 50591183fa86 ("mm: kmem: cleanup memcg_kmem_uncharge_memcg() arguments") 10eaec2f63b6 ("mm: kmem: cleanup (__)memcg_kmem_charge_memcg() arguments") 47e29d32afba ("mm/gup: page->hpage_pinned_refcount: exact pin counts for huge pages") 3faa52c03f44 ("mm/gup: track FOLL_PIN pages") 3b78d8347d31 ("mm/gup: pass gup flags to two more routines") c23a0c99793f ("mm/migrate: clean up some minor coding style") 92855270ff08 ("mm/memcontrol.c: cleanup some useless code") f1f6a7dd9b53 ("mm, tree-wide: rename put_user_page*() to unpin_user_page*()") aa4b87fe9ea3 ("powerpc: book3s64: convert to pin_user_pages() and put_user_page()") 19fed0dae94d ("vfio, mm: pin_user_pages (FOLL_PIN) and put_user_page() conversion") 1f815afcfca7 ("media/v4l2-core: pin_user_pages (FOLL_PIN) and put_user_page() conversion") 803e4572d7c5 ("mm/process_vm_access: set FOLL_PIN via pin_user_pages_remote()") 57459435cff5 ("goldish_pipe: convert to pin_user_pages() and put_user_page()") eddb1c228f79 ("mm/gup: introduce pin_user_pages*() and FOLL_PIN") 3c7470b6f684 ("media/v4l2-core: set pages dirty upon releasing DMA buffers") f4000fdf435b ("mm/gup: allow FOLL_FORCE for get_user_pages_fast()") 3567813eae5e ("vfio: fix FOLL_LONGTERM use, simplify get_user_pages_remote() call") c4237f8b1f4f ("mm: fix get_user_pages_remote()'s handling of FOLL_LONGTERM") a707cdd55f0f ("mm/gup: move try_get_compound_head() to top, fix minor issues") a43e982082c2 ("mm/gup: factor out duplicate code from four routines") fac0516b5534 ("mm: thp: don't need care deferred split queue in memcg charge move path") f1fe80d4ae33 ("mm, thp: do not queue fully unmapped pages for deferred split") acbfb087e3b1 ("mm/hugetlb: avoid looping to the same hugepage if !pages and !vmas") 867e5e1de14b ("mm: clean up and clarify lruvec lookup procedure") 242c37b459ce ("include/linux/memcontrol.h: fix comments based on per-node memcg") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f1796544a0ca0f14386a679d3d05fbc69235015e Mon Sep 17 00:00:00 2001 From: Michal Hocko <mhocko(a)suse.com> Date: Fri, 4 Sep 2020 16:35:24 -0700 Subject: [PATCH] memcg: fix use-after-free in uncharge_batch syzbot has reported an use-after-free in the uncharge_batch path BUG: KASAN: use-after-free in instrument_atomic_write include/linux/instrumented.h:71 [inline] BUG: KASAN: use-after-free in atomic64_sub_return include/asm-generic/atomic-instrumented.h:970 [inline] BUG: KASAN: use-after-free in atomic_long_sub_return include/asm-generic/atomic-long.h:113 [inline] BUG: KASAN: use-after-free in page_counter_cancel mm/page_counter.c:54 [inline] BUG: KASAN: use-after-free in page_counter_uncharge+0x3d/0xc0 mm/page_counter.c:155 Write of size 8 at addr ffff8880371c0148 by task syz-executor.0/9304 CPU: 0 PID: 9304 Comm: syz-executor.0 Not tainted 5.8.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1f0/0x31e lib/dump_stack.c:118 print_address_description+0x66/0x620 mm/kasan/report.c:383 __kasan_report mm/kasan/report.c:513 [inline] kasan_report+0x132/0x1d0 mm/kasan/report.c:530 check_memory_region_inline mm/kasan/generic.c:183 [inline] check_memory_region+0x2b5/0x2f0 mm/kasan/generic.c:192 instrument_atomic_write include/linux/instrumented.h:71 [inline] atomic64_sub_return include/asm-generic/atomic-instrumented.h:970 [inline] atomic_long_sub_return include/asm-generic/atomic-long.h:113 [inline] page_counter_cancel mm/page_counter.c:54 [inline] page_counter_uncharge+0x3d/0xc0 mm/page_counter.c:155 uncharge_batch+0x6c/0x350 mm/memcontrol.c:6764 uncharge_page+0x115/0x430 mm/memcontrol.c:6796 uncharge_list mm/memcontrol.c:6835 [inline] mem_cgroup_uncharge_list+0x70/0xe0 mm/memcontrol.c:6877 release_pages+0x13a2/0x1550 mm/swap.c:911 tlb_batch_pages_flush mm/mmu_gather.c:49 [inline] tlb_flush_mmu_free mm/mmu_gather.c:242 [inline] tlb_flush_mmu+0x780/0x910 mm/mmu_gather.c:249 tlb_finish_mmu+0xcb/0x200 mm/mmu_gather.c:328 exit_mmap+0x296/0x550 mm/mmap.c:3185 __mmput+0x113/0x370 kernel/fork.c:1076 exit_mm+0x4cd/0x550 kernel/exit.c:483 do_exit+0x576/0x1f20 kernel/exit.c:793 do_group_exit+0x161/0x2d0 kernel/exit.c:903 get_signal+0x139b/0x1d30 kernel/signal.c:2743 arch_do_signal+0x33/0x610 arch/x86/kernel/signal.c:811 exit_to_user_mode_loop kernel/entry/common.c:135 [inline] exit_to_user_mode_prepare+0x8d/0x1b0 kernel/entry/common.c:166 syscall_exit_to_user_mode+0x5e/0x1a0 kernel/entry/common.c:241 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Commit 1a3e1f40962c ("mm: memcontrol: decouple reference counting from page accounting") reworked the memcg lifetime to be bound the the struct page rather than charges. It also removed the css_put_many from uncharge_batch and that is causing the above splat. uncharge_batch() is supposed to uncharge accumulated charges for all pages freed from the same memcg. The queuing is done by uncharge_page which however drops the memcg reference after it adds charges to the batch. If the current page happens to be the last one holding the reference for its memcg then the memcg is OK to go and the next page to be freed will trigger batched uncharge which needs to access the memcg which is gone already. Fix the issue by taking a reference for the memcg in the current batch. Fixes: 1a3e1f40962c ("mm: memcontrol: decouple reference counting from page accounting") Reported-by: syzbot+b305848212deec86eabe(a)syzkaller.appspotmail.com Reported-by: syzbot+b5ea6fb6f139c8b9482b(a)syzkaller.appspotmail.com Signed-off-by: Michal Hocko <mhocko(a)suse.com> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Reviewed-by: Shakeel Butt <shakeelb(a)google.com> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Roman Gushchin <guro(a)fb.com> Cc: Hugh Dickins <hughd(a)google.com> Link: https://lkml.kernel.org/r/20200820090341.GC5033@dhcp22.suse.cz Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> diff --git a/mm/memcontrol.c b/mm/memcontrol.c index b807952b4d43..cfa6cbad21d5 100644 --- a/mm/memcontrol.c +++ b/mm/memcontrol.c @@ -6774,6 +6774,9 @@ static void uncharge_batch(const struct uncharge_gather *ug) __this_cpu_add(ug->memcg->vmstats_percpu->nr_page_events, ug->nr_pages); memcg_check_events(ug->memcg, ug->dummy_page); local_irq_restore(flags); + + /* drop reference from uncharge_page */ + css_put(&ug->memcg->css); } static void uncharge_page(struct page *page, struct uncharge_gather *ug) @@ -6797,6 +6800,9 @@ static void uncharge_page(struct page *page, struct uncharge_gather *ug) uncharge_gather_clear(ug); } ug->memcg = page->mem_cgroup; + + /* pairs with css_put in uncharge_batch */ + css_get(&ug->memcg->css); } nr_pages = compound_nr(page);

1 year, 6 months

3
4
0 0

[PATCH v1] net: sfp: add quirks for ODI DFP-34X-2C2

by Shengyu Qu

ODI DFP-34X-2C2 is capable of 2500base-X, but incorrectly report its capabilities in the EEPROM. So use sfp_quirk_2500basex for this module to allow 2500Base-X mode. Signed-off-by: Shengyu Qu <wiagn233(a)outlook.com> --- drivers/net/phy/sfp.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/net/phy/sfp.c b/drivers/net/phy/sfp.c index f75c9eb3958e..2021cb4ff2f6 100644 --- a/drivers/net/phy/sfp.c +++ b/drivers/net/phy/sfp.c @@ -495,6 +495,13 @@ static const struct sfp_quirk sfp_quirks[] = { // 2500MBd NRZ in their EEPROM SFP_QUIRK_M("Lantech", "8330-262D-E", sfp_quirk_2500basex), + // ODI DFP-34X-2C2 can operate at 2500base-X, but incorrectly report 1300MBd + // NRZ in the EEPROM. + // Besides, In early batches, vendor id is set to OEM, but that is fixed in + // newer batches. + SFP_QUIRK_M("ODI", "DFP-34X-2C2", sfp_quirk_2500basex), + SFP_QUIRK_M("OEM", "DFP-34X-2C2", sfp_quirk_2500basex), + SFP_QUIRK_M("UBNT", "UF-INSTANT", sfp_quirk_ubnt_uf_instant), // Walsun HXSX-ATR[CI]-1 don't identify as copper, and use the -- 2.39.2

1 year, 6 months

4
14
0 0

[PATCH -fixes v4 1/3] riscv: Fix enabling cbo.zero when running in M-mode

by Samuel Holland

When the kernel is running in M-mode, the CBZE bit must be set in the menvcfg CSR, not in senvcfg. Cc: <stable(a)vger.kernel.org> Fixes: 43c16d51a19b ("RISC-V: Enable cbo.zero in usermode") Reviewed-by: Andrew Jones <ajones(a)ventanamicro.com> Signed-off-by: Samuel Holland <samuel.holland(a)sifive.com> --- (no changes since v1) arch/riscv/include/asm/csr.h | 2 ++ arch/riscv/kernel/cpufeature.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/riscv/include/asm/csr.h b/arch/riscv/include/asm/csr.h index 510014051f5d..2468c55933cd 100644 --- a/arch/riscv/include/asm/csr.h +++ b/arch/riscv/include/asm/csr.h @@ -424,6 +424,7 @@ # define CSR_STATUS CSR_MSTATUS # define CSR_IE CSR_MIE # define CSR_TVEC CSR_MTVEC +# define CSR_ENVCFG CSR_MENVCFG # define CSR_SCRATCH CSR_MSCRATCH # define CSR_EPC CSR_MEPC # define CSR_CAUSE CSR_MCAUSE @@ -448,6 +449,7 @@ # define CSR_STATUS CSR_SSTATUS # define CSR_IE CSR_SIE # define CSR_TVEC CSR_STVEC +# define CSR_ENVCFG CSR_SENVCFG # define CSR_SCRATCH CSR_SSCRATCH # define CSR_EPC CSR_SEPC # define CSR_CAUSE CSR_SCAUSE diff --git a/arch/riscv/kernel/cpufeature.c b/arch/riscv/kernel/cpufeature.c index 89920f84d0a3..c5b13f7dd482 100644 --- a/arch/riscv/kernel/cpufeature.c +++ b/arch/riscv/kernel/cpufeature.c @@ -950,7 +950,7 @@ arch_initcall(check_unaligned_access_all_cpus); void riscv_user_isa_enable(void) { if (riscv_cpu_has_extension_unlikely(smp_processor_id(), RISCV_ISA_EXT_ZICBOZ)) - csr_set(CSR_SENVCFG, ENVCFG_CBZE); + csr_set(CSR_ENVCFG, ENVCFG_CBZE); } #ifdef CONFIG_RISCV_ALTERNATIVE -- 2.43.1

1 year, 6 months

2
1
0 0

[PATCH] Bluetooth: Add device 0bda:4853 to blacklist/quirk table

by WangYuli

This new device is part of a Realtek RTW8852BE chip. Without this change the device utilizes an obsolete version of the firmware that is encoded in it rather than the updated Realtek firmware and config files from the firmware directory. The latter files implement many new features. The device table is as follows: T: Bus=03 Lev=01 Prnt=01 Port=09 Cnt=03 Dev#= 4 Spd=12 MxCh= 0 D: Ver= 1.00 Cls=e0(wlcon) Sub=01 Prot=01 MxPS=64 #Cfgs= 1 P: Vendor=0bda ProdID=4853 Rev= 0.00 S: Manufacturer=Realtek S: Product=Bluetooth Radio S: SerialNumber=00e04c000001 C:* #Ifs= 2 Cfg#= 1 Atr=e0 MxPwr=500mA I:* If#= 0 Alt= 0 #EPs= 3 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=81(I) Atr=03(Int.) MxPS= 16 Ivl=1ms E: Ad=02(O) Atr=02(Bulk) MxPS= 64 Ivl=0ms E: Ad=82(I) Atr=02(Bulk) MxPS= 64 Ivl=0ms I:* If#= 1 Alt= 0 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 0 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 0 Ivl=1ms I: If#= 1 Alt= 1 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 9 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 9 Ivl=1ms I: If#= 1 Alt= 2 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 17 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 17 Ivl=1ms I: If#= 1 Alt= 3 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 25 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 25 Ivl=1ms I: If#= 1 Alt= 4 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 33 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 33 Ivl=1ms I: If#= 1 Alt= 5 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 49 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 49 Ivl=1ms Link: https://lore.kernel.org/all/20230810144507.9599-1-Larry.Finger@lwfinger.net/ Cc: stable(a)vger.kernel.org Signed-off-by: Larry Finger <Larry.Finger(a)lwfinger.net> Signed-off-by: WangYuli <wangyuli(a)uniontech.com> --- drivers/bluetooth/btusb.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c index edfb49bbaa28..5225a6075626 100644 --- a/drivers/bluetooth/btusb.c +++ b/drivers/bluetooth/btusb.c @@ -542,6 +542,8 @@ static const struct usb_device_id quirks_table[] = { /* Realtek 8852BE Bluetooth devices */ { USB_DEVICE(0x0cb8, 0xc559), .driver_info = BTUSB_REALTEK | BTUSB_WIDEBAND_SPEECH }, + { USB_DEVICE(0x0bda, 0x4853), .driver_info = BTUSB_REALTEK | + BTUSB_WIDEBAND_SPEECH }, { USB_DEVICE(0x0bda, 0x887b), .driver_info = BTUSB_REALTEK | BTUSB_WIDEBAND_SPEECH }, { USB_DEVICE(0x0bda, 0xb85b), .driver_info = BTUSB_REALTEK | -- 2.43.0

1 year, 6 months

1
0
0 0

[PATCH] usb: xhci: Add error handling in xhci_map_urb_for_dma

by Prashanth K

Currently xhci_map_urb_for_dma() creates a temporary buffer and copies the SG list to the new linear buffer. But if the kzalloc_node() fails, then the following sg_pcopy_to_buffer() can lead to crash since it tries to memcpy to NULL pointer. So return -EAGAIN if kzalloc returns null pointer. Cc: <stable(a)vger.kernel.org> # 5.11 Fixes: 2017a1e58472 ("usb: xhci: Use temporary buffer to consolidate SG") Signed-off-by: Prashanth K <quic_prashk(a)quicinc.com> --- drivers/usb/host/xhci.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/usb/host/xhci.c b/drivers/usb/host/xhci.c index c057c42c36f4..0597a60bec34 100644 --- a/drivers/usb/host/xhci.c +++ b/drivers/usb/host/xhci.c @@ -1218,6 +1218,9 @@ static int xhci_map_temp_buffer(struct usb_hcd *hcd, struct urb *urb) temp = kzalloc_node(buf_len, GFP_ATOMIC, dev_to_node(hcd->self.sysdev)); + if (!temp) + return -EAGAIN; + if (usb_urb_dir_out(urb)) sg_pcopy_to_buffer(urb->sg, urb->num_sgs, temp, buf_len, 0); -- 2.25.1

1 year, 6 months

2
2
0 0

[PATCH] mk68k: Fix broken THREAD_SIZE_ORDER

by Dawei Li

Current THREAD_SIZE_ORDER implementation for m68k is incorrect, fix it by ilog2(). Fixes: cddafa3500fd ("m68k/m68knommu: merge MMU and non-MMU thread_info.h") Signed-off-by: Dawei Li <dawei.li(a)shingroup.cn> Cc: stable(a)vger.kernel.org --- arch/m68k/include/asm/thread_info.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/m68k/include/asm/thread_info.h b/arch/m68k/include/asm/thread_info.h index 31be2ad999ca..50faecd6fc5f 100644 --- a/arch/m68k/include/asm/thread_info.h +++ b/arch/m68k/include/asm/thread_info.h @@ -19,7 +19,8 @@ #else #define THREAD_SIZE PAGE_SIZE #endif -#define THREAD_SIZE_ORDER ((THREAD_SIZE / PAGE_SIZE) - 1) + +#define THREAD_SIZE_ORDER ilog2(THREAD_SIZE / PAGE_SIZE) #ifndef __ASSEMBLY__ -- 2.27.0

1 year, 6 months

3
3
0 0

[PATCH v2 vfio 1/2] vfio/pds: Always clear the save/restore FDs on reset

by Brett Creeley

After reset the VFIO device state will always be put in VFIO_DEVICE_STATE_RUNNING, but the save/restore files will only be cleared if the previous state was VFIO_DEVICE_STATE_ERROR. This can/will cause the restore/save files to be leaked if/when the migration state machine transitions through the states that re-allocates these files. Fix this by always clearing the restore/save files for resets. Fixes: 7dabb1bcd177 ("vfio/pds: Add support for firmware recovery") Cc: stable(a)vger.kernel.org Signed-off-by: Brett Creeley <brett.creeley(a)amd.com> Reviewed-by: Shannon Nelson <shannon.nelson(a)amd.com> --- drivers/vfio/pci/pds/vfio_dev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/vfio/pci/pds/vfio_dev.c b/drivers/vfio/pci/pds/vfio_dev.c index 4c351c59d05a..a286ebcc7112 100644 --- a/drivers/vfio/pci/pds/vfio_dev.c +++ b/drivers/vfio/pci/pds/vfio_dev.c @@ -32,9 +32,9 @@ void pds_vfio_state_mutex_unlock(struct pds_vfio_pci_device *pds_vfio) mutex_lock(&pds_vfio->reset_mutex); if (pds_vfio->deferred_reset) { pds_vfio->deferred_reset = false; + pds_vfio_put_restore_file(pds_vfio); + pds_vfio_put_save_file(pds_vfio); if (pds_vfio->state == VFIO_DEVICE_STATE_ERROR) { - pds_vfio_put_restore_file(pds_vfio); - pds_vfio_put_save_file(pds_vfio); pds_vfio_dirty_disable(pds_vfio, false); } pds_vfio->state = pds_vfio->deferred_reset_state; -- 2.17.1

1 year, 6 months

2
1
0 0

[PATCH 0/3] Support intra-function call validation

by Rui Qi

Since kernel version 5.4.250 LTS, there has been an issue with the kernel live patching feature becoming unavailable. When compiling the sample code for kernel live patching, the following message is displayed when enabled: livepatch: klp_check_stack: kworker/u256:6:23490 has an unreliable stack After investigation, it was found that this is due to objtool not supporting intra-function calls, resulting in incorrect orc entry generation. This patchset adds support for intra-function calls, allowing the kernel live patching feature to work correctly. Alexandre Chartre (2): objtool: is_fentry_call() crashes if call has no destination objtool: Add support for intra-function calls Rui Qi (1): x86/speculation: Support intra-function call validation arch/x86/include/asm/nospec-branch.h | 7 ++ include/linux/frame.h | 11 ++++ .../Documentation/stack-validation.txt | 8 +++ tools/objtool/arch/x86/decode.c | 6 ++ tools/objtool/check.c | 64 +++++++++++++++++-- 5 files changed, 91 insertions(+), 5 deletions(-) -- 2.39.2 (Apple Git-143)

1 year, 6 months

5
8
0 0

[PATCH v2 0/2] x86/cpu: fix invalid MTRR mask values for SEV or TME

by Paolo Bonzini

Supersedes: <20240130180400.1698136-1-pbonzini(a)redhat.com> MKTME repurposes the high bit of physical address to key id for encryption key and, even though MAXPHYADDR in CPUID[0x80000008] remains the same, the valid bits in the MTRR mask register are based on the reduced number of physical address bits. This breaks boot on machines that have TME enabled and do something to cleanup MTRRs, unless "disable_mtrr_cleanup" is passed on the command line. The fix is to move the check to early CPU initialization, which runs before Linux sets up MTRRs. However, as noticed by Kirill, the patch I sent as v1 actually works only until Linux 6.6. In Linux 6.7, commit fbf6449f84bf ("x86/sev-es: Set x86_virt_bits to the correct value straight away, instead of a two-phase approach") reorganized the initialization of c->x86_phys_bits in a way that broke the patch. But even in 6.7 AMD processors, which did try to reduce it in this_cpu->c_early_init(c), had their x86_phys_bits value overwritten by get_cpu_address_sizes(), so that early_identify_cpu() left the wrong value in x86_phys_bits. This probably went unnoticed because on AMD processors you need not apply the reduced MAXPHYADDR to MTRR masks. Therefore, this v2 prepends the fix for this issue in commit fbf6449f84bf. Apologies for the oversight. Tested on an AMD Epyc machine (where I resorted to dumping mtrr_state) and on the problematic Intel Emerald Rapids machine. Thanks, Paolo Paolo Bonzini (2): x86/cpu: allow reducing x86_phys_bits during early_identify_cpu() x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers arch/x86/kernel/cpu/common.c | 4 +- arch/x86/kernel/cpu/intel.c | 178 ++++++++++++++++++----------------- 2 files changed, 93 insertions(+), 89 deletions(-) -- 2.43.0

1 year, 6 months

5
23
0 0

[PATCH v1] usb: typec: tpcm: Fix PORT_RESET behavior for self powered devices

by Badhri Jagan Sridharan

While commit 69f89168b310 ("usb: typec: tpcm: Fix issues with power being removed during reset") fixes the boot issues for bus powered devices such as LibreTech Renegade Elite/Firefly, it trades off the CC pins NOT being Hi-Zed during errory recovery (i.e PORT_RESET) for devices which are NOT bus powered(a.k.a self powered). This change Hi-Zs the CC pins only for self powered devices, thus preventing brown out for bus powered devices Adhering to spec is gaining more importance due to the Common charger initiative enforced by the European Union. Quoting from the spec: 4.5.2.2.2.1 ErrorRecovery State Requirements The port shall not drive VBUS or VCONN, and shall present a high-impedance to ground (above zOPEN) on its CC1 and CC2 pins. Hi-Zing the CC pins is the inteded behavior for PORT_RESET. CC pins are set to default state after tErrorRecovery in PORT_RESET_WAIT_OFF. 4.5.2.2.2.2 Exiting From ErrorRecovery State A Sink shall transition to Unattached.SNK after tErrorRecovery. A Source shall transition to Unattached.SRC after tErrorRecovery. Fixes: 69f89168b310 ("usb: typec: tpcm: Fix issues with power being removed during reset") Cc: stable(a)kernel.org Cc: Mark Brown <broonie(a)kernel.org> Signed-off-by: Badhri Jagan Sridharan <badhri(a)google.com> --- drivers/usb/typec/tcpm/tcpm.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/usb/typec/tcpm/tcpm.c b/drivers/usb/typec/tcpm/tcpm.c index c9a78f55ca48..bbe1381232eb 100644 --- a/drivers/usb/typec/tcpm/tcpm.c +++ b/drivers/usb/typec/tcpm/tcpm.c @@ -5593,8 +5593,11 @@ static void run_state_machine(struct tcpm_port *port) break; case PORT_RESET: tcpm_reset_port(port); - tcpm_set_cc(port, tcpm_default_state(port) == SNK_UNATTACHED ? - TYPEC_CC_RD : tcpm_rp_cc(port)); + if (port->self_powered) + tcpm_set_cc(port, TYPEC_CC_OPEN); + else + tcpm_set_cc(port, tcpm_default_state(port) == SNK_UNATTACHED ? + TYPEC_CC_RD : tcpm_rp_cc(port)); tcpm_set_state(port, PORT_RESET_WAIT_OFF, PD_T_ERROR_RECOVERY); break; base-commit: a560a5672826fc1e057068bda93b3d4c98d037a2 -- 2.44.0.rc1.240.g4c46232300-goog

1 year, 6 months

2
2
0 0

Re: [PATCH v4] mm/swap: fix race when skipping swapcache

by Chris Li

On Tue, Feb 27, 2024 at 10:14 AM Kairui Song <ryncsn(a)gmail.com> wrote: > > On Wed, Feb 21, 2024 at 12:32 AM Chris Li <chrisl(a)kernel.org> wrote: > > > > On Mon, Feb 19, 2024 at 8:56 PM Kairui Song <ryncsn(a)gmail.com> wrote: > > > > > > > > Hi Barry, > > > > > > > it might not be a problem for throughput. but for real-time and tail latency, > > > > this hurts. For example, this might increase dropping frames of UI which > > > > is an important parameter to evaluate performance :-) > > > > > > > > > > That's a true issue, as Chris mentioned before I think we need to > > > think of some clever data struct to solve this more naturally in the > > > future, similar issue exists for cached swapin as well and it has been > > > there for a while. On the other hand I think maybe applications that > > > are extremely latency sensitive should try to avoid swap on fault? A > > > swapin could cause other issues like reclaim, throttled or contention > > > with many other things, these seem to have a higher chance than this > > > race. > > > > > > Yes, I do think the best long term solution is to have some clever > > data structure to solve the synchronization issue and allow racing > > threads to make forward progress at the same time. > > > > I have also explored some (failed) synchronization ideas, for example > > having the run time swap entry refcount separate from swap_map count. > > BTW, zswap entry->refcount behaves like that, it is separate from swap > > entry and manages the temporary run time usage count held by the > > function. However that idea has its own problem as well, it needs to > > have an xarray to track the swap entry run time refcount (only stored > > in the xarray when CPU fails to get SWAP_HAS_CACHE bit.) When we are > > done with page faults, we still need to look up the xarray to make > > sure there is no racing CPU and put the refcount into the xarray. That > > kind of defeats the purpose of avoiding the swap cache in the first > > place. We still need to do the xarray lookup in the normal path. > > > > I came to realize that, while this current fix is not perfect, (I > > still wish we had a better solution not pausing the racing CPU). This > > patch stands better than not fixing this data corruption issue and the > > patch remains relatively simple. Yes it has latency issues but still > > better than data corruption. It also doesn't stop us from coming up > > with better solutions later on. If we want to address the > > synchronization in a way not blocking other CPUs, it will likely > > require a much bigger change. > > > > Unless we have a better suggestion. It seems the better one among the > > alternatives so far. > > > > Hi, > > Thanks for the comments. I've been trying some ideas locally, I think a simple and straight solution exists: We just don't skip the swap cache xarray. Yes, I have been pondering about that as well. Notice in __read_swap_cache_async(), it has a similar "schedule_timeout_uninterruptible(1)" when swapcache_prepare(entry) fails to grab the SWAP_HAS_CACHE bit. So falling back to use the swap cache does not automatically solve the latency issue. Similar delay exists in the swap cache case as well. > The current reason we are skipping it is for performance, but with some optimization, the performance should be as good as skipping it (in current behavior). Notice even in the swap cache bypass path, we need to do one lookup, and one modify (delete the shadow). That can't be skipped. So the usage of swap cache can be better organized and optimized. > After all swapin makes use of swap cache, swapin can insert the folio in swap cache xarray first, then set swap map cache bit. I'm thinking about reusing the folio lock, or having an intermediate value in xarray, so raced swapins can wait properly. There are some tricky parts syncing with swap maps though. Inserting the swap cache xarray first and setting SWAP_HAS_CACHE bit later will need more audit on the race. I assume you take the swap device/cluster lock before folio insert into swap cache xarray? Chris > > Currently working on a series, will send in a few weeks if it works.

1 year, 6 months

1
0
0 0

[PATCH v4] md/raid5: fix atomicity violation in raid5_cache_count

by Gui-Dong Han

In raid5_cache_count(): if (conf->max_nr_stripes < conf->min_nr_stripes) return 0; return conf->max_nr_stripes - conf->min_nr_stripes; The current check is ineffective, as the values could change immediately after being checked. In raid5_set_cache_size(): ... conf->min_nr_stripes = size; ... while (size > conf->max_nr_stripes) conf->min_nr_stripes = conf->max_nr_stripes; ... Due to intermediate value updates in raid5_set_cache_size(), concurrent execution of raid5_cache_count() and raid5_set_cache_size() may lead to inconsistent reads of conf->max_nr_stripes and conf->min_nr_stripes. The current checks are ineffective as values could change immediately after being checked, raising the risk of conf->min_nr_stripes exceeding conf->max_nr_stripes and potentially causing an integer overflow. This possible bug is found by an experimental static analysis tool developed by our team. This tool analyzes the locking APIs to extract function pairs that can be concurrently executed, and then analyzes the instructions in the paired functions to identify possible concurrency bugs including data races and atomicity violations. The above possible bug is reported when our tool analyzes the source code of Linux 6.2. To resolve this issue, it is suggested to introduce local variables 'min_stripes' and 'max_stripes' in raid5_cache_count() to ensure the values remain stable throughout the check. Adding locks in raid5_cache_count() fails to resolve atomicity violations, as raid5_set_cache_size() may hold intermediate values of conf->min_nr_stripes while unlocked. With this patch applied, our tool no longer reports the bug, with the kernel configuration allyesconfig for x86_64. Due to the lack of associated hardware, we cannot test the patch in runtime testing, and just verify it according to the code logic. Fixes: edbe83ab4c27 ("md/raid5: allow the stripe_cache to grow and shrink.") Cc: stable(a)vger.kernel.org Signed-off-by: Gui-Dong Han <2045gemini(a)gmail.com> --- v2: * In this patch v2, we've updated to use READ_ONCE() instead of direct reads for accessing max_nr_stripes and min_nr_stripes, since read and write can concurrent. Thank Yu Kuai for helpful advice. --- v3: * In this patch v3, we've updated to use WRITE_ONCE() in raid5_set_cache_size(), grow_one_stripe() and drop_one_stripe(), in order to pair READ_ONCE() with WRITE_ONCE(). Thank Yu Kuai for helpful advice. --- v4: * In this patch v4, we've addressed several code style issues. Thank Yu Kuai for helpful advice. --- drivers/md/raid5.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c index 8497880135ee..30e118d10c0b 100644 --- a/drivers/md/raid5.c +++ b/drivers/md/raid5.c @@ -2412,7 +2412,7 @@ static int grow_one_stripe(struct r5conf *conf, gfp_t gfp) atomic_inc(&conf->active_stripes); raid5_release_stripe(sh); - conf->max_nr_stripes++; + WRITE_ONCE(conf->max_nr_stripes, conf->max_nr_stripes + 1); return 1; } @@ -2707,7 +2707,7 @@ static int drop_one_stripe(struct r5conf *conf) shrink_buffers(sh); free_stripe(conf->slab_cache, sh); atomic_dec(&conf->active_stripes); - conf->max_nr_stripes--; + WRITE_ONCE(conf->max_nr_stripes, conf->max_nr_stripes - 1); return 1; } @@ -6820,7 +6820,7 @@ raid5_set_cache_size(struct mddev *mddev, int size) if (size <= 16 || size > 32768) return -EINVAL; - conf->min_nr_stripes = size; + WRITE_ONCE(conf->min_nr_stripes, size); mutex_lock(&conf->cache_size_mutex); while (size < conf->max_nr_stripes && drop_one_stripe(conf)) @@ -6832,7 +6832,7 @@ raid5_set_cache_size(struct mddev *mddev, int size) mutex_lock(&conf->cache_size_mutex); while (size > conf->max_nr_stripes) if (!grow_one_stripe(conf, GFP_KERNEL)) { - conf->min_nr_stripes = conf->max_nr_stripes; + WRITE_ONCE(conf->min_nr_stripes, conf->max_nr_stripes); result = -ENOMEM; break; } @@ -7390,11 +7390,13 @@ static unsigned long raid5_cache_count(struct shrinker *shrink, struct shrink_control *sc) { struct r5conf *conf = shrink->private_data; + int max_stripes = READ_ONCE(conf->max_nr_stripes); + int min_stripes = READ_ONCE(conf->min_nr_stripes); - if (conf->max_nr_stripes < conf->min_nr_stripes) + if (max_stripes < min_stripes) /* unlikely, but not impossible */ return 0; - return conf->max_nr_stripes - conf->min_nr_stripes; + return max_stripes - min_stripes; } static struct r5conf *setup_conf(struct mddev *mddev) -- 2.34.1

1 year, 6 months

3
4
0 0

[PATCH -fixes v3 1/2] riscv: Fix enabling cbo.zero when running in M-mode

by Samuel Holland

When the kernel is running in M-mode, the CBZE bit must be set in the menvcfg CSR, not in senvcfg. Cc: <stable(a)vger.kernel.org> Fixes: 43c16d51a19b ("RISC-V: Enable cbo.zero in usermode") Reviewed-by: Andrew Jones <ajones(a)ventanamicro.com> Signed-off-by: Samuel Holland <samuel.holland(a)sifive.com> --- (no changes since v1) arch/riscv/include/asm/csr.h | 2 ++ arch/riscv/kernel/cpufeature.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/riscv/include/asm/csr.h b/arch/riscv/include/asm/csr.h index 510014051f5d..2468c55933cd 100644 --- a/arch/riscv/include/asm/csr.h +++ b/arch/riscv/include/asm/csr.h @@ -424,6 +424,7 @@ # define CSR_STATUS CSR_MSTATUS # define CSR_IE CSR_MIE # define CSR_TVEC CSR_MTVEC +# define CSR_ENVCFG CSR_MENVCFG # define CSR_SCRATCH CSR_MSCRATCH # define CSR_EPC CSR_MEPC # define CSR_CAUSE CSR_MCAUSE @@ -448,6 +449,7 @@ # define CSR_STATUS CSR_SSTATUS # define CSR_IE CSR_SIE # define CSR_TVEC CSR_STVEC +# define CSR_ENVCFG CSR_SENVCFG # define CSR_SCRATCH CSR_SSCRATCH # define CSR_EPC CSR_SEPC # define CSR_CAUSE CSR_SCAUSE diff --git a/arch/riscv/kernel/cpufeature.c b/arch/riscv/kernel/cpufeature.c index 89920f84d0a3..c5b13f7dd482 100644 --- a/arch/riscv/kernel/cpufeature.c +++ b/arch/riscv/kernel/cpufeature.c @@ -950,7 +950,7 @@ arch_initcall(check_unaligned_access_all_cpus); void riscv_user_isa_enable(void) { if (riscv_cpu_has_extension_unlikely(smp_processor_id(), RISCV_ISA_EXT_ZICBOZ)) - csr_set(CSR_SENVCFG, ENVCFG_CBZE); + csr_set(CSR_ENVCFG, ENVCFG_CBZE); } #ifdef CONFIG_RISCV_ALTERNATIVE -- 2.43.0

1 year, 6 months

3
3
0 0

Re: [PATCH 6.7 000/334] 6.7.7-rc1 review

by Ronald Warsow

Hi Greg *no* regressions here on x86_64 (RKL, Intel 11th Gen. CPU) Thanks Tested-by: Ronald Warsow <rwarsow(a)gmx.de>

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] mptcp: fix duplicate subflow creation" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 045e9d812868a2d80b7a57b224ce8009444b7bbc # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022601-footwork-fastness-bcab@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 045e9d812868 ("mptcp: fix duplicate subflow creation") b9d69db87fb7 ("mptcp: let the in-kernel PM use mixed IPv4 and IPv6 addresses") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 045e9d812868a2d80b7a57b224ce8009444b7bbc Mon Sep 17 00:00:00 2001 From: Paolo Abeni <pabeni(a)redhat.com> Date: Thu, 15 Feb 2024 19:25:33 +0100 Subject: [PATCH] mptcp: fix duplicate subflow creation Fullmesh endpoints could end-up unexpectedly generating duplicate subflows - same local and remote addresses - when multiple incoming ADD_ADDR are processed before the PM creates the subflow for the local endpoints. Address the issue explicitly checking for duplicates at subflow creation time. To avoid a quadratic computational complexity, track the unavailable remote address ids in a temporary bitmap and initialize such bitmap with the remote ids of all the existing subflows matching the local address currently processed. The above allows additionally replacing the existing code checking for duplicate entry in the current set with a simple bit test operation. Fixes: 2843ff6f36db ("mptcp: remote addresses fullmesh") Cc: stable(a)vger.kernel.org Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/435 Signed-off-by: Paolo Abeni <pabeni(a)redhat.com> Reviewed-by: Mat Martineau <martineau(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: David S. Miller <davem(a)davemloft.net> diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index ed6983af1ab2..58d17d9604e7 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -396,19 +396,6 @@ void mptcp_pm_free_anno_list(struct mptcp_sock *msk) } } -static bool lookup_address_in_vec(const struct mptcp_addr_info *addrs, unsigned int nr, - const struct mptcp_addr_info *addr) -{ - int i; - - for (i = 0; i < nr; i++) { - if (addrs[i].id == addr->id) - return true; - } - - return false; -} - /* Fill all the remote addresses into the array addrs[], * and return the array size. */ @@ -440,6 +427,16 @@ static unsigned int fill_remote_addresses_vec(struct mptcp_sock *msk, msk->pm.subflows++; addrs[i++] = remote; } else { + DECLARE_BITMAP(unavail_id, MPTCP_PM_MAX_ADDR_ID + 1); + + /* Forbid creation of new subflows matching existing + * ones, possibly already created by incoming ADD_ADDR + */ + bitmap_zero(unavail_id, MPTCP_PM_MAX_ADDR_ID + 1); + mptcp_for_each_subflow(msk, subflow) + if (READ_ONCE(subflow->local_id) == local->id) + __set_bit(subflow->remote_id, unavail_id); + mptcp_for_each_subflow(msk, subflow) { ssk = mptcp_subflow_tcp_sock(subflow); remote_address((struct sock_common *)ssk, &addrs[i]); @@ -447,11 +444,17 @@ static unsigned int fill_remote_addresses_vec(struct mptcp_sock *msk, if (deny_id0 && !addrs[i].id) continue; + if (test_bit(addrs[i].id, unavail_id)) + continue; + if (!mptcp_pm_addr_families_match(sk, local, &addrs[i])) continue; - if (!lookup_address_in_vec(addrs, i, &addrs[i]) && - msk->pm.subflows < subflows_max) { + if (msk->pm.subflows < subflows_max) { + /* forbid creating multiple address towards + * this id + */ + __set_bit(addrs[i].id, unavail_id); msk->pm.subflows++; i++; }

1 year, 6 months

2
1
0 0

FAILED: patch "[PATCH] mptcp: fix data races on remote_id" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 967d3c27127e71a10ff5c083583a038606431b61 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022642-overjoyed-retying-c027@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 967d3c27127e ("mptcp: fix data races on remote_id") a7cfe7766370 ("mptcp: fix data races on local_id") 84c531f54ad9 ("mptcp: userspace pm send RM_ADDR for ID 0") f1f26512a9bf ("mptcp: use plain bool instead of custom binary enum") 1e07938e29c5 ("net: mptcp: rename netlink handlers to mptcp_pm_nl_<blah>_{doit,dumpit}") 1d0507f46843 ("net: mptcp: convert netlink from small_ops to ops") fce68b03086f ("mptcp: add scheduled in mptcp_subflow_context") 1730b2b2c5a5 ("mptcp: add sched in mptcp_sock") 740ebe35bd3f ("mptcp: add struct mptcp_sched_ops") a7384f391875 ("Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 967d3c27127e71a10ff5c083583a038606431b61 Mon Sep 17 00:00:00 2001 From: Paolo Abeni <pabeni(a)redhat.com> Date: Thu, 15 Feb 2024 19:25:32 +0100 Subject: [PATCH] mptcp: fix data races on remote_id Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE annotations. Fixes: bedee0b56113 ("mptcp: address lookup improvements") Cc: stable(a)vger.kernel.org Signed-off-by: Paolo Abeni <pabeni(a)redhat.com> Reviewed-by: Mat Martineau <martineau(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: David S. Miller <davem(a)davemloft.net> diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index 912e25077437..ed6983af1ab2 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -443,7 +443,7 @@ static unsigned int fill_remote_addresses_vec(struct mptcp_sock *msk, mptcp_for_each_subflow(msk, subflow) { ssk = mptcp_subflow_tcp_sock(subflow); remote_address((struct sock_common *)ssk, &addrs[i]); - addrs[i].id = subflow->remote_id; + addrs[i].id = READ_ONCE(subflow->remote_id); if (deny_id0 && !addrs[i].id) continue; @@ -799,18 +799,18 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk, mptcp_for_each_subflow_safe(msk, subflow, tmp) { struct sock *ssk = mptcp_subflow_tcp_sock(subflow); + u8 remote_id = READ_ONCE(subflow->remote_id); int how = RCV_SHUTDOWN | SEND_SHUTDOWN; u8 id = subflow_get_local_id(subflow); - if (rm_type == MPTCP_MIB_RMADDR && subflow->remote_id != rm_id) + if (rm_type == MPTCP_MIB_RMADDR && remote_id != rm_id) continue; if (rm_type == MPTCP_MIB_RMSUBFLOW && !mptcp_local_id_match(msk, id, rm_id)) continue; pr_debug(" -> %s rm_list_ids[%d]=%u local_id=%u remote_id=%u mpc_id=%u", rm_type == MPTCP_MIB_RMADDR ? "address" : "subflow", - i, rm_id, id, subflow->remote_id, - msk->mpc_endpoint_id); + i, rm_id, id, remote_id, msk->mpc_endpoint_id); spin_unlock_bh(&msk->pm.lock); mptcp_subflow_shutdown(sk, ssk, how); diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index 015184bbf06c..71ba86246ff8 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -535,7 +535,7 @@ static void subflow_finish_connect(struct sock *sk, const struct sk_buff *skb) subflow->backup = mp_opt.backup; subflow->thmac = mp_opt.thmac; subflow->remote_nonce = mp_opt.nonce; - subflow->remote_id = mp_opt.join_id; + WRITE_ONCE(subflow->remote_id, mp_opt.join_id); pr_debug("subflow=%p, thmac=%llu, remote_nonce=%u backup=%d", subflow, subflow->thmac, subflow->remote_nonce, subflow->backup); @@ -1567,7 +1567,7 @@ int __mptcp_subflow_connect(struct sock *sk, const struct mptcp_addr_info *loc, pr_debug("msk=%p remote_token=%u local_id=%d remote_id=%d", msk, remote_token, local_id, remote_id); subflow->remote_token = remote_token; - subflow->remote_id = remote_id; + WRITE_ONCE(subflow->remote_id, remote_id); subflow->request_join = 1; subflow->request_bkup = !!(flags & MPTCP_PM_ADDR_FLAG_BACKUP); subflow->subflow_id = msk->subflow_id++; @@ -1974,7 +1974,7 @@ static void subflow_ulp_clone(const struct request_sock *req, new_ctx->fully_established = 1; new_ctx->remote_key_valid = 1; new_ctx->backup = subflow_req->backup; - new_ctx->remote_id = subflow_req->remote_id; + WRITE_ONCE(new_ctx->remote_id, subflow_req->remote_id); new_ctx->token = subflow_req->token; new_ctx->thmac = subflow_req->thmac;

1 year, 6 months

2
1
0 0

FAILED: patch "[PATCH] mptcp: fix data races on local_id" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x a7cfe776637004a4c938fde78be4bd608c32c3ef # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022609-elongated-activity-64a1@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: a7cfe7766370 ("mptcp: fix data races on local_id") 84c531f54ad9 ("mptcp: userspace pm send RM_ADDR for ID 0") f1f26512a9bf ("mptcp: use plain bool instead of custom binary enum") 1e07938e29c5 ("net: mptcp: rename netlink handlers to mptcp_pm_nl_<blah>_{doit,dumpit}") 1d0507f46843 ("net: mptcp: convert netlink from small_ops to ops") fce68b03086f ("mptcp: add scheduled in mptcp_subflow_context") 1730b2b2c5a5 ("mptcp: add sched in mptcp_sock") 740ebe35bd3f ("mptcp: add struct mptcp_sched_ops") a7384f391875 ("Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From a7cfe776637004a4c938fde78be4bd608c32c3ef Mon Sep 17 00:00:00 2001 From: Paolo Abeni <pabeni(a)redhat.com> Date: Thu, 15 Feb 2024 19:25:31 +0100 Subject: [PATCH] mptcp: fix data races on local_id The local address id is accessed lockless by the NL PM, add all the required ONCE annotation. There is a caveat: the local id can be initialized late in the subflow life-cycle, and its validity is controlled by the local_id_valid flag. Remove such flag and encode the validity in the local_id field itself with negative value before initialization. That allows accessing the field consistently with a single read operation. Fixes: 0ee4261a3681 ("mptcp: implement mptcp_pm_remove_subflow") Cc: stable(a)vger.kernel.org Signed-off-by: Paolo Abeni <pabeni(a)redhat.com> Reviewed-by: Mat Martineau <martineau(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: David S. Miller <davem(a)davemloft.net> diff --git a/net/mptcp/diag.c b/net/mptcp/diag.c index e57c5f47f035..6ff6f14674aa 100644 --- a/net/mptcp/diag.c +++ b/net/mptcp/diag.c @@ -65,7 +65,7 @@ static int subflow_get_info(struct sock *sk, struct sk_buff *skb) sf->map_data_len) || nla_put_u32(skb, MPTCP_SUBFLOW_ATTR_FLAGS, flags) || nla_put_u8(skb, MPTCP_SUBFLOW_ATTR_ID_REM, sf->remote_id) || - nla_put_u8(skb, MPTCP_SUBFLOW_ATTR_ID_LOC, sf->local_id)) { + nla_put_u8(skb, MPTCP_SUBFLOW_ATTR_ID_LOC, subflow_get_local_id(sf))) { err = -EMSGSIZE; goto nla_failure; } diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index a24c9128dee9..912e25077437 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -800,7 +800,7 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk, mptcp_for_each_subflow_safe(msk, subflow, tmp) { struct sock *ssk = mptcp_subflow_tcp_sock(subflow); int how = RCV_SHUTDOWN | SEND_SHUTDOWN; - u8 id = subflow->local_id; + u8 id = subflow_get_local_id(subflow); if (rm_type == MPTCP_MIB_RMADDR && subflow->remote_id != rm_id) continue; @@ -809,7 +809,7 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk, pr_debug(" -> %s rm_list_ids[%d]=%u local_id=%u remote_id=%u mpc_id=%u", rm_type == MPTCP_MIB_RMADDR ? "address" : "subflow", - i, rm_id, subflow->local_id, subflow->remote_id, + i, rm_id, id, subflow->remote_id, msk->mpc_endpoint_id); spin_unlock_bh(&msk->pm.lock); mptcp_subflow_shutdown(sk, ssk, how); @@ -1994,7 +1994,7 @@ static int mptcp_event_add_subflow(struct sk_buff *skb, const struct sock *ssk) if (WARN_ON_ONCE(!sf)) return -EINVAL; - if (nla_put_u8(skb, MPTCP_ATTR_LOC_ID, sf->local_id)) + if (nla_put_u8(skb, MPTCP_ATTR_LOC_ID, subflow_get_local_id(sf))) return -EMSGSIZE; if (nla_put_u8(skb, MPTCP_ATTR_REM_ID, sf->remote_id)) diff --git a/net/mptcp/pm_userspace.c b/net/mptcp/pm_userspace.c index e582b3b2d174..d396a5973429 100644 --- a/net/mptcp/pm_userspace.c +++ b/net/mptcp/pm_userspace.c @@ -234,7 +234,7 @@ static int mptcp_userspace_pm_remove_id_zero_address(struct mptcp_sock *msk, lock_sock(sk); mptcp_for_each_subflow(msk, subflow) { - if (subflow->local_id == 0) { + if (READ_ONCE(subflow->local_id) == 0) { has_id_0 = true; break; } diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 8ef2927ebca2..948606a537da 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -85,7 +85,7 @@ static int __mptcp_socket_create(struct mptcp_sock *msk) subflow->subflow_id = msk->subflow_id++; /* This is the first subflow, always with id 0 */ - subflow->local_id_valid = 1; + WRITE_ONCE(subflow->local_id, 0); mptcp_sock_graft(msk->first, sk->sk_socket); iput(SOCK_INODE(ssock)); diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index ed50f2015dc3..631a7f445f34 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -491,10 +491,9 @@ struct mptcp_subflow_context { remote_key_valid : 1, /* received the peer key from */ disposable : 1, /* ctx can be free at ulp release time */ stale : 1, /* unable to snd/rcv data, do not use for xmit */ - local_id_valid : 1, /* local_id is correctly initialized */ valid_csum_seen : 1, /* at least one csum validated */ is_mptfo : 1, /* subflow is doing TFO */ - __unused : 9; + __unused : 10; bool data_avail; bool scheduled; u32 remote_nonce; @@ -505,7 +504,7 @@ struct mptcp_subflow_context { u8 hmac[MPTCPOPT_HMAC_LEN]; /* MPJ subflow only */ u64 iasn; /* initial ack sequence number, MPC subflows only */ }; - u8 local_id; + s16 local_id; /* if negative not initialized yet */ u8 remote_id; u8 reset_seen:1; u8 reset_transient:1; @@ -556,6 +555,7 @@ mptcp_subflow_ctx_reset(struct mptcp_subflow_context *subflow) { memset(&subflow->reset, 0, sizeof(subflow->reset)); subflow->request_mptcp = 1; + WRITE_ONCE(subflow->local_id, -1); } static inline u64 @@ -1022,6 +1022,15 @@ int mptcp_pm_get_local_id(struct mptcp_sock *msk, struct sock_common *skc); int mptcp_pm_nl_get_local_id(struct mptcp_sock *msk, struct mptcp_addr_info *skc); int mptcp_userspace_pm_get_local_id(struct mptcp_sock *msk, struct mptcp_addr_info *skc); +static inline u8 subflow_get_local_id(const struct mptcp_subflow_context *subflow) +{ + int local_id = READ_ONCE(subflow->local_id); + + if (local_id < 0) + return 0; + return local_id; +} + void __init mptcp_pm_nl_init(void); void mptcp_pm_nl_work(struct mptcp_sock *msk); void mptcp_pm_nl_rm_subflow_received(struct mptcp_sock *msk, diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index c34ecadee120..015184bbf06c 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -577,8 +577,8 @@ static void subflow_finish_connect(struct sock *sk, const struct sk_buff *skb) static void subflow_set_local_id(struct mptcp_subflow_context *subflow, int local_id) { - subflow->local_id = local_id; - subflow->local_id_valid = 1; + WARN_ON_ONCE(local_id < 0 || local_id > 255); + WRITE_ONCE(subflow->local_id, local_id); } static int subflow_chk_local_id(struct sock *sk) @@ -587,7 +587,7 @@ static int subflow_chk_local_id(struct sock *sk) struct mptcp_sock *msk = mptcp_sk(subflow->conn); int err; - if (likely(subflow->local_id_valid)) + if (likely(subflow->local_id >= 0)) return 0; err = mptcp_pm_get_local_id(msk, (struct sock_common *)sk); @@ -1731,6 +1731,7 @@ static struct mptcp_subflow_context *subflow_create_ctx(struct sock *sk, pr_debug("subflow=%p", ctx); ctx->tcp_sock = sk; + WRITE_ONCE(ctx->local_id, -1); return ctx; } @@ -1966,7 +1967,7 @@ static void subflow_ulp_clone(const struct request_sock *req, new_ctx->idsn = subflow_req->idsn; /* this is the first subflow, id is always 0 */ - new_ctx->local_id_valid = 1; + subflow_set_local_id(new_ctx, 0); } else if (subflow_req->mp_join) { new_ctx->ssn_offset = subflow_req->ssn_offset; new_ctx->mp_join = 1;

1 year, 6 months

2
1
0 0

FAILED: patch "[PATCH] mptcp: fix more tx path fields initialization" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 3f83d8a77eeeb47011b990fd766a421ee64f1d73 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021911-fragment-yearly-5b45@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 3f83d8a77eee ("mptcp: fix more tx path fields initialization") 013e3179dbd2 ("mptcp: fix rcv space initialization") c693a8516429 ("mptcp: use mptcp_set_state") 4fd19a307016 ("mptcp: fix inconsistent state on fastopen race") d109a7767273 ("mptcp: fix possible NULL pointer dereference on close") 8005184fd1ca ("mptcp: refactor sndbuf auto-tuning") a5efdbcece83 ("mptcp: fix delegated action races") 27e5ccc2d5a5 ("mptcp: fix dangling connection hang-up") f6909dc1c1f4 ("mptcp: rename timer related helper to less confusing names") 9f1a98813b4b ("mptcp: process pending subflow error on close") d5fbeff1ab81 ("mptcp: move __mptcp_error_report in protocol.c") ebc1e08f01eb ("mptcp: drop last_snd and MPTCP_RESET_SCHEDULER") e263691773cd ("mptcp: Remove unnecessary test for __mptcp_init_sock()") 39880bd808ad ("mptcp: get rid of msk->subflow") 3f326a821b99 ("mptcp: change the mpc check helper to return a sk") 3aa362494170 ("mptcp: avoid ssock usage in mptcp_pm_nl_create_listen_socket()") f0bc514bd5c1 ("mptcp: avoid additional indirection in sockopt") 40f56d0c7043 ("mptcp: avoid additional indirection in mptcp_listen()") 8cf2ebdc0078 ("mptcp: mptcp: avoid additional indirection in mptcp_bind()") ccae357c1c6a ("mptcp: avoid additional __inet_stream_connect() call") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 3f83d8a77eeeb47011b990fd766a421ee64f1d73 Mon Sep 17 00:00:00 2001 From: Paolo Abeni <pabeni(a)redhat.com> Date: Thu, 8 Feb 2024 19:03:51 +0100 Subject: [PATCH] mptcp: fix more tx path fields initialization The 'msk->write_seq' and 'msk->snd_nxt' are always updated under the msk socket lock, except at MPC handshake completiont time. Builds-up on the previous commit to move such init under the relevant lock. There are no known problems caused by the potential race, the primary goal is consistency. Fixes: 6d0060f600ad ("mptcp: Write MPTCP DSS headers to outgoing data packets") Cc: stable(a)vger.kernel.org Signed-off-by: Paolo Abeni <pabeni(a)redhat.com> Reviewed-by: Mat Martineau <martineau(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: David S. Miller <davem(a)davemloft.net> diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 7632eafb683b..8cb6a873dae9 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -3478,10 +3478,8 @@ void mptcp_finish_connect(struct sock *ssk) * accessing the field below */ WRITE_ONCE(msk->local_key, subflow->local_key); - WRITE_ONCE(msk->write_seq, subflow->idsn + 1); - WRITE_ONCE(msk->snd_nxt, msk->write_seq); - WRITE_ONCE(msk->snd_una, msk->write_seq); - WRITE_ONCE(msk->wnd_end, msk->snd_nxt + tcp_sk(ssk)->snd_wnd); + WRITE_ONCE(msk->snd_una, subflow->idsn + 1); + WRITE_ONCE(msk->wnd_end, subflow->idsn + 1 + tcp_sk(ssk)->snd_wnd); mptcp_pm_new_connection(msk, ssk, 0); } diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index 56b2ac2f2f22..c2df34ebcf28 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -421,12 +421,21 @@ static bool subflow_use_different_dport(struct mptcp_sock *msk, const struct soc void __mptcp_sync_state(struct sock *sk, int state) { + struct mptcp_subflow_context *subflow; struct mptcp_sock *msk = mptcp_sk(sk); + struct sock *ssk = msk->first; - __mptcp_propagate_sndbuf(sk, msk->first); + subflow = mptcp_subflow_ctx(ssk); + __mptcp_propagate_sndbuf(sk, ssk); if (!msk->rcvspace_init) - mptcp_rcv_space_init(msk, msk->first); + mptcp_rcv_space_init(msk, ssk); + if (sk->sk_state == TCP_SYN_SENT) { + /* subflow->idsn is always available is TCP_SYN_SENT state, + * even for the FASTOPEN scenarios + */ + WRITE_ONCE(msk->write_seq, subflow->idsn + 1); + WRITE_ONCE(msk->snd_nxt, msk->write_seq); mptcp_set_state(sk, state); sk->sk_state_change(sk); }

1 year, 6 months

3
2
0 0

RE: [PATCHi V2] wifi: rtw88: Add missing VID/PIDs doe 8811CU and 8821CU

by Ping-Ke Shih

Hi Larry, > -----Original Message----- > From: Larry Finger <Larry.Finger(a)gmail.com> > Sent: Tuesday, February 27, 2024 10:35 AM > To: Kalle Valo <kvalo(a)kernel.org> > Cc: Johannes Berg <johannes(a)sipsolutions.net>; linux-wireless(a)vger.kernel.org; Nick Morrow > <morrownr(a)gmail.com>; Larry Finger <Larry.Finger(a)lwfinger.net>; Ping-Ke Shih <pkshih(a)realtek.com>; > stable(a)vger.kernel.org > Subject: [PATCHi V2] wifi: rtw88: Add missing VID/PIDs doe 8811CU and 8821CU Not sure if "doe" is typo? > > From: Nick Morrow <morrownr(a)gmail.com> > > Purpose: Add VID/PIDs that are known to be missing for this driver. > - removed /* 8811CU */ and /* 8821CU */ as they are redundant > since the file is specific to those chips. > - removed /* TOTOLINK A650UA v3 */ as the manufacturer. It has a REALTEK > VID so it may not be specific to this adapter. > > Source is > https://1EHFQ.trk.elasticemail.com/tracking/click?d=I82H0YR_W_h175Lb3Nkb0D8… > 0SPxd1Olp3PNJEJTqsu4kyqBXayE0BVd_k7uLFvlTe65Syx2uqLUB-UQSfsKKLkuyE-frMZXSCL7q824UG3Oer614GGEeEz-DNEWHh > 43p_e8oz7OouS6gRBEng0 > Verified and tested. > > Signed-off-by: Nick Morrow <morrownr(a)gmail.com> > Signed-off-by: Larry Finger <Larry.Finger(a)lwfinger.net> > Acked-by: Ping-Ke Shih <pkshih(a)realtek.com> > Did you keep a blank line intentionally? > Cc: stable(a)vger.kernel.org

1 year, 6 months

3
2
0 0

FAILED: patch "[PATCH] mptcp: corner case locking for rx path fields initialization" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x e4a0fa47e816e186f6b4c0055d07eeec42d11871 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021904-carol-mullets-5f01@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: e4a0fa47e816 ("mptcp: corner case locking for rx path fields initialization") 3f83d8a77eee ("mptcp: fix more tx path fields initialization") 013e3179dbd2 ("mptcp: fix rcv space initialization") c693a8516429 ("mptcp: use mptcp_set_state") 4fd19a307016 ("mptcp: fix inconsistent state on fastopen race") d109a7767273 ("mptcp: fix possible NULL pointer dereference on close") 8005184fd1ca ("mptcp: refactor sndbuf auto-tuning") a5efdbcece83 ("mptcp: fix delegated action races") 27e5ccc2d5a5 ("mptcp: fix dangling connection hang-up") f6909dc1c1f4 ("mptcp: rename timer related helper to less confusing names") 9f1a98813b4b ("mptcp: process pending subflow error on close") d5fbeff1ab81 ("mptcp: move __mptcp_error_report in protocol.c") e3b2870b6d22 ("mptcp: add a new sysctl scheduler") ebc1e08f01eb ("mptcp: drop last_snd and MPTCP_RESET_SCHEDULER") e263691773cd ("mptcp: Remove unnecessary test for __mptcp_init_sock()") 39880bd808ad ("mptcp: get rid of msk->subflow") 3f326a821b99 ("mptcp: change the mpc check helper to return a sk") 3aa362494170 ("mptcp: avoid ssock usage in mptcp_pm_nl_create_listen_socket()") f0bc514bd5c1 ("mptcp: avoid additional indirection in sockopt") 40f56d0c7043 ("mptcp: avoid additional indirection in mptcp_listen()") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e4a0fa47e816e186f6b4c0055d07eeec42d11871 Mon Sep 17 00:00:00 2001 From: Paolo Abeni <pabeni(a)redhat.com> Date: Thu, 8 Feb 2024 19:03:52 +0100 Subject: [PATCH] mptcp: corner case locking for rx path fields initialization Most MPTCP-level related fields are under the mptcp data lock protection, but are written one-off without such lock at MPC complete time, both for the client and the server Leverage the mptcp_propagate_state() infrastructure to move such initialization under the proper lock client-wise. The server side critical init steps are done by mptcp_subflow_fully_established(): ensure the caller properly held the relevant lock, and avoid acquiring the same lock in the nested scopes. There are no real potential races, as write access to such fields is implicitly serialized by the MPTCP state machine; the primary goal is consistency. Fixes: d22f4988ffec ("mptcp: process MP_CAPABLE data option") Cc: stable(a)vger.kernel.org Signed-off-by: Paolo Abeni <pabeni(a)redhat.com> Reviewed-by: Mat Martineau <martineau(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: David S. Miller <davem(a)davemloft.net> diff --git a/net/mptcp/fastopen.c b/net/mptcp/fastopen.c index 74698582a285..ad28da655f8b 100644 --- a/net/mptcp/fastopen.c +++ b/net/mptcp/fastopen.c @@ -59,13 +59,12 @@ void mptcp_fastopen_subflow_synack_set_params(struct mptcp_subflow_context *subf mptcp_data_unlock(sk); } -void mptcp_fastopen_gen_msk_ackseq(struct mptcp_sock *msk, struct mptcp_subflow_context *subflow, - const struct mptcp_options_received *mp_opt) +void __mptcp_fastopen_gen_msk_ackseq(struct mptcp_sock *msk, struct mptcp_subflow_context *subflow, + const struct mptcp_options_received *mp_opt) { struct sock *sk = (struct sock *)msk; struct sk_buff *skb; - mptcp_data_lock(sk); skb = skb_peek_tail(&sk->sk_receive_queue); if (skb) { WARN_ON_ONCE(MPTCP_SKB_CB(skb)->end_seq); @@ -77,5 +76,4 @@ void mptcp_fastopen_gen_msk_ackseq(struct mptcp_sock *msk, struct mptcp_subflow_ } pr_debug("msk=%p ack_seq=%llx", msk, msk->ack_seq); - mptcp_data_unlock(sk); } diff --git a/net/mptcp/options.c b/net/mptcp/options.c index d2527d189a79..e3e96a49f922 100644 --- a/net/mptcp/options.c +++ b/net/mptcp/options.c @@ -962,9 +962,7 @@ static bool check_fully_established(struct mptcp_sock *msk, struct sock *ssk, /* subflows are fully established as soon as we get any * additional ack, including ADD_ADDR. */ - subflow->fully_established = 1; - WRITE_ONCE(msk->fully_established, true); - goto check_notify; + goto set_fully_established; } /* If the first established packet does not contain MP_CAPABLE + data @@ -986,7 +984,10 @@ static bool check_fully_established(struct mptcp_sock *msk, struct sock *ssk, set_fully_established: if (unlikely(!READ_ONCE(msk->pm.server_side))) pr_warn_once("bogus mpc option on established client sk"); - mptcp_subflow_fully_established(subflow, mp_opt); + + mptcp_data_lock((struct sock *)msk); + __mptcp_subflow_fully_established(msk, subflow, mp_opt); + mptcp_data_unlock((struct sock *)msk); check_notify: /* if the subflow is not already linked into the conn_list, we can't diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 8cb6a873dae9..8ef2927ebca2 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -3186,6 +3186,7 @@ struct sock *mptcp_sk_clone_init(const struct sock *sk, { struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req); struct sock *nsk = sk_clone_lock(sk, GFP_ATOMIC); + struct mptcp_subflow_context *subflow; struct mptcp_sock *msk; if (!nsk) @@ -3226,7 +3227,8 @@ struct sock *mptcp_sk_clone_init(const struct sock *sk, /* The msk maintain a ref to each subflow in the connections list */ WRITE_ONCE(msk->first, ssk); - list_add(&mptcp_subflow_ctx(ssk)->node, &msk->conn_list); + subflow = mptcp_subflow_ctx(ssk); + list_add(&subflow->node, &msk->conn_list); sock_hold(ssk); /* new mpc subflow takes ownership of the newly @@ -3241,6 +3243,9 @@ struct sock *mptcp_sk_clone_init(const struct sock *sk, __mptcp_propagate_sndbuf(nsk, ssk); mptcp_rcv_space_init(msk, ssk); + + if (mp_opt->suboptions & OPTION_MPTCP_MPC_ACK) + __mptcp_subflow_fully_established(msk, subflow, mp_opt); bh_unlock_sock(nsk); /* note: the newly allocated socket refcount is 2 now */ @@ -3478,8 +3483,6 @@ void mptcp_finish_connect(struct sock *ssk) * accessing the field below */ WRITE_ONCE(msk->local_key, subflow->local_key); - WRITE_ONCE(msk->snd_una, subflow->idsn + 1); - WRITE_ONCE(msk->wnd_end, subflow->idsn + 1 + tcp_sk(ssk)->snd_wnd); mptcp_pm_new_connection(msk, ssk, 0); } diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index 9f5ee82e3473..fefcbf585411 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -622,8 +622,9 @@ unsigned int mptcp_stale_loss_cnt(const struct net *net); unsigned int mptcp_close_timeout(const struct sock *sk); int mptcp_get_pm_type(const struct net *net); const char *mptcp_get_scheduler(const struct net *net); -void mptcp_subflow_fully_established(struct mptcp_subflow_context *subflow, - const struct mptcp_options_received *mp_opt); +void __mptcp_subflow_fully_established(struct mptcp_sock *msk, + struct mptcp_subflow_context *subflow, + const struct mptcp_options_received *mp_opt); bool __mptcp_retransmit_pending_data(struct sock *sk); void mptcp_check_and_set_pending(struct sock *sk); void __mptcp_push_pending(struct sock *sk, unsigned int flags); @@ -952,8 +953,8 @@ void mptcp_event_pm_listener(const struct sock *ssk, enum mptcp_event_type event); bool mptcp_userspace_pm_active(const struct mptcp_sock *msk); -void mptcp_fastopen_gen_msk_ackseq(struct mptcp_sock *msk, struct mptcp_subflow_context *subflow, - const struct mptcp_options_received *mp_opt); +void __mptcp_fastopen_gen_msk_ackseq(struct mptcp_sock *msk, struct mptcp_subflow_context *subflow, + const struct mptcp_options_received *mp_opt); void mptcp_fastopen_subflow_synack_set_params(struct mptcp_subflow_context *subflow, struct request_sock *req); diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index c2df34ebcf28..c34ecadee120 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -441,20 +441,6 @@ void __mptcp_sync_state(struct sock *sk, int state) } } -static void mptcp_propagate_state(struct sock *sk, struct sock *ssk) -{ - struct mptcp_sock *msk = mptcp_sk(sk); - - mptcp_data_lock(sk); - if (!sock_owned_by_user(sk)) { - __mptcp_sync_state(sk, ssk->sk_state); - } else { - msk->pending_state = ssk->sk_state; - __set_bit(MPTCP_SYNC_STATE, &msk->cb_flags); - } - mptcp_data_unlock(sk); -} - static void subflow_set_remote_key(struct mptcp_sock *msk, struct mptcp_subflow_context *subflow, const struct mptcp_options_received *mp_opt) @@ -476,6 +462,31 @@ static void subflow_set_remote_key(struct mptcp_sock *msk, atomic64_set(&msk->rcv_wnd_sent, subflow->iasn); } +static void mptcp_propagate_state(struct sock *sk, struct sock *ssk, + struct mptcp_subflow_context *subflow, + const struct mptcp_options_received *mp_opt) +{ + struct mptcp_sock *msk = mptcp_sk(sk); + + mptcp_data_lock(sk); + if (mp_opt) { + /* Options are available only in the non fallback cases + * avoid updating rx path fields otherwise + */ + WRITE_ONCE(msk->snd_una, subflow->idsn + 1); + WRITE_ONCE(msk->wnd_end, subflow->idsn + 1 + tcp_sk(ssk)->snd_wnd); + subflow_set_remote_key(msk, subflow, mp_opt); + } + + if (!sock_owned_by_user(sk)) { + __mptcp_sync_state(sk, ssk->sk_state); + } else { + msk->pending_state = ssk->sk_state; + __set_bit(MPTCP_SYNC_STATE, &msk->cb_flags); + } + mptcp_data_unlock(sk); +} + static void subflow_finish_connect(struct sock *sk, const struct sk_buff *skb) { struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); @@ -510,10 +521,9 @@ static void subflow_finish_connect(struct sock *sk, const struct sk_buff *skb) if (mp_opt.deny_join_id0) WRITE_ONCE(msk->pm.remote_deny_join_id0, true); subflow->mp_capable = 1; - subflow_set_remote_key(msk, subflow, &mp_opt); MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_MPCAPABLEACTIVEACK); mptcp_finish_connect(sk); - mptcp_propagate_state(parent, sk); + mptcp_propagate_state(parent, sk, subflow, &mp_opt); } else if (subflow->request_join) { u8 hmac[SHA256_DIGEST_SIZE]; @@ -556,7 +566,7 @@ static void subflow_finish_connect(struct sock *sk, const struct sk_buff *skb) } } else if (mptcp_check_fallback(sk)) { fallback: - mptcp_propagate_state(parent, sk); + mptcp_propagate_state(parent, sk, subflow, NULL); } return; @@ -741,17 +751,16 @@ void mptcp_subflow_drop_ctx(struct sock *ssk) kfree_rcu(ctx, rcu); } -void mptcp_subflow_fully_established(struct mptcp_subflow_context *subflow, - const struct mptcp_options_received *mp_opt) +void __mptcp_subflow_fully_established(struct mptcp_sock *msk, + struct mptcp_subflow_context *subflow, + const struct mptcp_options_received *mp_opt) { - struct mptcp_sock *msk = mptcp_sk(subflow->conn); - subflow_set_remote_key(msk, subflow, mp_opt); subflow->fully_established = 1; WRITE_ONCE(msk->fully_established, true); if (subflow->is_mptfo) - mptcp_fastopen_gen_msk_ackseq(msk, subflow, mp_opt); + __mptcp_fastopen_gen_msk_ackseq(msk, subflow, mp_opt); } static struct sock *subflow_syn_recv_sock(const struct sock *sk, @@ -844,7 +853,6 @@ static struct sock *subflow_syn_recv_sock(const struct sock *sk, * mpc option */ if (mp_opt.suboptions & OPTION_MPTCP_MPC_ACK) { - mptcp_subflow_fully_established(ctx, &mp_opt); mptcp_pm_fully_established(owner, child); ctx->pm_notified = 1; } @@ -1756,7 +1764,7 @@ static void subflow_state_change(struct sock *sk) mptcp_do_fallback(sk); pr_fallback(msk); subflow->conn_finished = 1; - mptcp_propagate_state(parent, sk); + mptcp_propagate_state(parent, sk, subflow, NULL); } /* as recvmsg() does not acquire the subflow socket for ssk selection

1 year, 6 months

2
1
0 0

FAILED: patch "[PATCH] mptcp: fix rcv space initialization" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 013e3179dbd2bc756ce1dd90354abac62f65b739 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021902-cleft-esquire-a9ae@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 013e3179dbd2 ("mptcp: fix rcv space initialization") 4fd19a307016 ("mptcp: fix inconsistent state on fastopen race") d109a7767273 ("mptcp: fix possible NULL pointer dereference on close") 8005184fd1ca ("mptcp: refactor sndbuf auto-tuning") a5efdbcece83 ("mptcp: fix delegated action races") 27e5ccc2d5a5 ("mptcp: fix dangling connection hang-up") f6909dc1c1f4 ("mptcp: rename timer related helper to less confusing names") ebc1e08f01eb ("mptcp: drop last_snd and MPTCP_RESET_SCHEDULER") e263691773cd ("mptcp: Remove unnecessary test for __mptcp_init_sock()") 39880bd808ad ("mptcp: get rid of msk->subflow") 17ebf8a4c38b ("mptcp: fix the incorrect judgment for msk->cb_flags") a7384f391875 ("Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 013e3179dbd2bc756ce1dd90354abac62f65b739 Mon Sep 17 00:00:00 2001 From: Paolo Abeni <pabeni(a)redhat.com> Date: Thu, 8 Feb 2024 19:03:50 +0100 Subject: [PATCH] mptcp: fix rcv space initialization mptcp_rcv_space_init() is supposed to happen under the msk socket lock, but active msk socket does that without such protection. Leverage the existing mptcp_propagate_state() helper to that extent. We need to ensure mptcp_rcv_space_init will happen before mptcp_rcv_space_adjust(), and the release_cb does not assure that: explicitly check for such condition. While at it, move the wnd_end initialization out of mptcp_rcv_space_init(), it never belonged there. Note that the race does not produce ill effect in practice, but change allows cleaning-up and defying better the locking model. Fixes: a6b118febbab ("mptcp: add receive buffer auto-tuning") Cc: stable(a)vger.kernel.org Signed-off-by: Paolo Abeni <pabeni(a)redhat.com> Reviewed-by: Mat Martineau <martineau(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: David S. Miller <davem(a)davemloft.net> diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 2111819016af..7632eafb683b 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -1963,6 +1963,9 @@ static void mptcp_rcv_space_adjust(struct mptcp_sock *msk, int copied) if (copied <= 0) return; + if (!msk->rcvspace_init) + mptcp_rcv_space_init(msk, msk->first); + msk->rcvq_space.copied += copied; mstamp = div_u64(tcp_clock_ns(), NSEC_PER_USEC); @@ -3160,6 +3163,7 @@ static int mptcp_disconnect(struct sock *sk, int flags) msk->bytes_received = 0; msk->bytes_sent = 0; msk->bytes_retrans = 0; + msk->rcvspace_init = 0; WRITE_ONCE(sk->sk_shutdown, 0); sk_error_report(sk); @@ -3247,6 +3251,7 @@ void mptcp_rcv_space_init(struct mptcp_sock *msk, const struct sock *ssk) { const struct tcp_sock *tp = tcp_sk(ssk); + msk->rcvspace_init = 1; msk->rcvq_space.copied = 0; msk->rcvq_space.rtt_us = 0; @@ -3257,8 +3262,6 @@ void mptcp_rcv_space_init(struct mptcp_sock *msk, const struct sock *ssk) TCP_INIT_CWND * tp->advmss); if (msk->rcvq_space.space == 0) msk->rcvq_space.space = TCP_INIT_CWND * TCP_MSS_DEFAULT; - - WRITE_ONCE(msk->wnd_end, msk->snd_nxt + tcp_sk(ssk)->snd_wnd); } void mptcp_destroy_common(struct mptcp_sock *msk, unsigned int flags) @@ -3478,10 +3481,9 @@ void mptcp_finish_connect(struct sock *ssk) WRITE_ONCE(msk->write_seq, subflow->idsn + 1); WRITE_ONCE(msk->snd_nxt, msk->write_seq); WRITE_ONCE(msk->snd_una, msk->write_seq); + WRITE_ONCE(msk->wnd_end, msk->snd_nxt + tcp_sk(ssk)->snd_wnd); mptcp_pm_new_connection(msk, ssk, 0); - - mptcp_rcv_space_init(msk, ssk); } void mptcp_sock_graft(struct sock *sk, struct socket *parent) diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index b905f1868298..9f5ee82e3473 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -304,7 +304,8 @@ struct mptcp_sock { nodelay:1, fastopening:1, in_accept_queue:1, - free_first:1; + free_first:1, + rcvspace_init:1; struct work_struct work; struct sk_buff *ooo_last_skb; struct rb_root out_of_order_queue; diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index 0dcb721c89d1..56b2ac2f2f22 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -424,6 +424,8 @@ void __mptcp_sync_state(struct sock *sk, int state) struct mptcp_sock *msk = mptcp_sk(sk); __mptcp_propagate_sndbuf(sk, msk->first); + if (!msk->rcvspace_init) + mptcp_rcv_space_init(msk, msk->first); if (sk->sk_state == TCP_SYN_SENT) { mptcp_set_state(sk, state); sk->sk_state_change(sk); @@ -545,7 +547,6 @@ static void subflow_finish_connect(struct sock *sk, const struct sk_buff *skb) } } else if (mptcp_check_fallback(sk)) { fallback: - mptcp_rcv_space_init(msk, sk); mptcp_propagate_state(parent, sk); } return; @@ -1744,7 +1745,6 @@ static void subflow_state_change(struct sock *sk) msk = mptcp_sk(parent); if (subflow_simultaneous_connect(sk)) { mptcp_do_fallback(sk); - mptcp_rcv_space_init(msk, sk); pr_fallback(msk); subflow->conn_finished = 1; mptcp_propagate_state(parent, sk);

1 year, 6 months

2
1
0 0

[PATCH 5.15 1/2] ext4: regenerate buddy after block freeing failed if under fc replay

by Baokun Li

commit c9b528c35795b711331ed36dc3dbee90d5812d4e upstream. This mostly reverts commit 6bd97bf273bd ("ext4: remove redundant mb_regenerate_buddy()") and reintroduces mb_regenerate_buddy(). Based on code in mb_free_blocks(), fast commit replay can end up marking as free blocks that are already marked as such. This causes corruption of the buddy bitmap so we need to regenerate it in that case. Reported-by: Jan Kara <jack(a)suse.cz> Fixes: 6bd97bf273bd ("ext4: remove redundant mb_regenerate_buddy()") CVE: CVE-2024-26601 Signed-off-by: Baokun Li <libaokun1(a)huawei.com> Reviewed-by: Jan Kara <jack(a)suse.cz> Link: https://lore.kernel.org/r/20240104142040.2835097-4-libaokun1@huawei.com Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Signed-off-by: Baokun Li <libaokun1(a)huawei.com> --- fs/ext4/mballoc.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index 762c2f8b5b2a..63e4c3b9e608 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -1168,6 +1168,24 @@ void ext4_mb_generate_buddy(struct super_block *sb, mb_update_avg_fragment_size(sb, grp); } +static void mb_regenerate_buddy(struct ext4_buddy *e4b) +{ + int count; + int order = 1; + void *buddy; + + while ((buddy = mb_find_buddy(e4b, order++, &count))) + ext4_set_bits(buddy, 0, count); + + e4b->bd_info->bb_fragments = 0; + memset(e4b->bd_info->bb_counters, 0, + sizeof(*e4b->bd_info->bb_counters) * + (e4b->bd_sb->s_blocksize_bits + 2)); + + ext4_mb_generate_buddy(e4b->bd_sb, e4b->bd_buddy, + e4b->bd_bitmap, e4b->bd_group, e4b->bd_info); +} + /* The buddy information is attached the buddy cache inode * for convenience. The information regarding each group * is loaded via ext4_mb_load_buddy. The information involve @@ -1846,6 +1864,8 @@ static void mb_free_blocks(struct inode *inode, struct ext4_buddy *e4b, ext4_mark_group_bitmap_corrupted( sb, e4b->bd_group, EXT4_GROUP_INFO_BBITMAP_CORRUPT); + } else { + mb_regenerate_buddy(e4b); } goto done; } -- 2.31.1

1 year, 6 months

2
4
0 0

[PATCH v2 1/3] rust: make mutually exclusive with CFI_CLANG

by Conor Dooley

From: Conor Dooley <conor.dooley(a)microchip.com> On RISC-V, and presumably x86/arm64, if CFI_CLANG is enabled loading a rust module will trigger a kernel panic. Support for sanitisers, including kcfi (CFI_CLANG), is in the works, but for now they're nightly-only options in rustc. Make RUST depend on !CFI_CLANG to prevent configuring a kernel without symmetrical support for kfi. Fixes: 2f7ab1267dc9 ("Kbuild: add Rust support") cc: stable(a)vger.kernel.org Signed-off-by: Conor Dooley <conor.dooley(a)microchip.com> --- This probably needs to go to stable. The correct fixes tag for that I am not sure of however, but since CFI_CLANG predates RUST, I blamed the commit adding rust support. --- init/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/init/Kconfig b/init/Kconfig index 8d4e836e1b6b..6cf05824859e 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -1895,6 +1895,7 @@ config RUST bool "Rust support" depends on HAVE_RUST depends on RUST_IS_AVAILABLE + depends on !CFI_CLANG depends on !MODVERSIONS depends on !GCC_PLUGINS depends on !RANDSTRUCT -- 2.43.0

1 year, 6 months

3
5
0 0

FAILED: patch "[PATCH] mptcp: add needs_id for netlink appending addr" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 584f3894262634596532cf43a5e782e34a0ce374 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022654-senate-unleaded-7ae3@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: 584f38942626 ("mptcp: add needs_id for netlink appending addr") aab4d8564947 ("net: mptcp: use policy generated by YAML spec") 1e07938e29c5 ("net: mptcp: rename netlink handlers to mptcp_pm_nl_<blah>_{doit,dumpit}") 1d0507f46843 ("net: mptcp: convert netlink from small_ops to ops") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 584f3894262634596532cf43a5e782e34a0ce374 Mon Sep 17 00:00:00 2001 From: Geliang Tang <tanggeliang(a)kylinos.cn> Date: Thu, 15 Feb 2024 19:25:29 +0100 Subject: [PATCH] mptcp: add needs_id for netlink appending addr Just the same as userspace PM, a new parameter needs_id is added for in-kernel PM mptcp_pm_nl_append_new_local_addr() too. Add a new helper mptcp_pm_has_addr_attr_id() to check whether an address ID is set from PM or not. In mptcp_pm_nl_get_local_id(), needs_id is always true, but in mptcp_pm_nl_add_addr_doit(), pass mptcp_pm_has_addr_attr_id() to needs_it. Fixes: efd5a4c04e18 ("mptcp: add the address ID assignment bitmap") Cc: stable(a)vger.kernel.org Signed-off-by: Geliang Tang <tanggeliang(a)kylinos.cn> Reviewed-by: Mat Martineau <martineau(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: David S. Miller <davem(a)davemloft.net> diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index 287a60381eae..a24c9128dee9 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -901,7 +901,8 @@ static void __mptcp_pm_release_addr_entry(struct mptcp_pm_addr_entry *entry) } static int mptcp_pm_nl_append_new_local_addr(struct pm_nl_pernet *pernet, - struct mptcp_pm_addr_entry *entry) + struct mptcp_pm_addr_entry *entry, + bool needs_id) { struct mptcp_pm_addr_entry *cur, *del_entry = NULL; unsigned int addr_max; @@ -949,7 +950,7 @@ static int mptcp_pm_nl_append_new_local_addr(struct pm_nl_pernet *pernet, } } - if (!entry->addr.id) { + if (!entry->addr.id && needs_id) { find_next: entry->addr.id = find_next_zero_bit(pernet->id_bitmap, MPTCP_PM_MAX_ADDR_ID + 1, @@ -960,7 +961,7 @@ static int mptcp_pm_nl_append_new_local_addr(struct pm_nl_pernet *pernet, } } - if (!entry->addr.id) + if (!entry->addr.id && needs_id) goto out; __set_bit(entry->addr.id, pernet->id_bitmap); @@ -1092,7 +1093,7 @@ int mptcp_pm_nl_get_local_id(struct mptcp_sock *msk, struct mptcp_addr_info *skc entry->ifindex = 0; entry->flags = MPTCP_PM_ADDR_FLAG_IMPLICIT; entry->lsk = NULL; - ret = mptcp_pm_nl_append_new_local_addr(pernet, entry); + ret = mptcp_pm_nl_append_new_local_addr(pernet, entry, true); if (ret < 0) kfree(entry); @@ -1285,6 +1286,18 @@ static int mptcp_nl_add_subflow_or_signal_addr(struct net *net) return 0; } +static bool mptcp_pm_has_addr_attr_id(const struct nlattr *attr, + struct genl_info *info) +{ + struct nlattr *tb[MPTCP_PM_ADDR_ATTR_MAX + 1]; + + if (!nla_parse_nested_deprecated(tb, MPTCP_PM_ADDR_ATTR_MAX, attr, + mptcp_pm_address_nl_policy, info->extack) && + tb[MPTCP_PM_ADDR_ATTR_ID]) + return true; + return false; +} + int mptcp_pm_nl_add_addr_doit(struct sk_buff *skb, struct genl_info *info) { struct nlattr *attr = info->attrs[MPTCP_PM_ENDPOINT_ADDR]; @@ -1326,7 +1339,8 @@ int mptcp_pm_nl_add_addr_doit(struct sk_buff *skb, struct genl_info *info) goto out_free; } } - ret = mptcp_pm_nl_append_new_local_addr(pernet, entry); + ret = mptcp_pm_nl_append_new_local_addr(pernet, entry, + !mptcp_pm_has_addr_attr_id(attr, info)); if (ret < 0) { GENL_SET_ERR_MSG_FMT(info, "too many addresses or duplicate one: %d", ret); goto out_free;

1 year, 6 months

4
5
0 0

[PATCH 5.10 1/2] ext4: regenerate buddy after block freeing failed if under fc replay

by Baokun Li

commit c9b528c35795b711331ed36dc3dbee90d5812d4e upstream. This mostly reverts commit 6bd97bf273bd ("ext4: remove redundant mb_regenerate_buddy()") and reintroduces mb_regenerate_buddy(). Based on code in mb_free_blocks(), fast commit replay can end up marking as free blocks that are already marked as such. This causes corruption of the buddy bitmap so we need to regenerate it in that case. Reported-by: Jan Kara <jack(a)suse.cz> Fixes: 6bd97bf273bd ("ext4: remove redundant mb_regenerate_buddy()") CVE: CVE-2024-26601 Signed-off-by: Baokun Li <libaokun1(a)huawei.com> Reviewed-by: Jan Kara <jack(a)suse.cz> Link: https://lore.kernel.org/r/20240104142040.2835097-4-libaokun1@huawei.com Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Signed-off-by: Baokun Li <libaokun1(a)huawei.com> --- fs/ext4/mballoc.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index 9bec75847b85..5799706e20cc 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -823,6 +823,24 @@ void ext4_mb_generate_buddy(struct super_block *sb, atomic64_add(period, &sbi->s_mb_generation_time); } +static void mb_regenerate_buddy(struct ext4_buddy *e4b) +{ + int count; + int order = 1; + void *buddy; + + while ((buddy = mb_find_buddy(e4b, order++, &count))) + ext4_set_bits(buddy, 0, count); + + e4b->bd_info->bb_fragments = 0; + memset(e4b->bd_info->bb_counters, 0, + sizeof(*e4b->bd_info->bb_counters) * + (e4b->bd_sb->s_blocksize_bits + 2)); + + ext4_mb_generate_buddy(e4b->bd_sb, e4b->bd_buddy, + e4b->bd_bitmap, e4b->bd_group, e4b->bd_info); +} + /* The buddy information is attached the buddy cache inode * for convenience. The information regarding each group * is loaded via ext4_mb_load_buddy. The information involve @@ -1505,6 +1523,8 @@ static void mb_free_blocks(struct inode *inode, struct ext4_buddy *e4b, ext4_mark_group_bitmap_corrupted( sb, e4b->bd_group, EXT4_GROUP_INFO_BBITMAP_CORRUPT); + } else { + mb_regenerate_buddy(e4b); } goto done; } -- 2.31.1

1 year, 6 months

1
1
0 0

FAILED: patch "[PATCH] memcg: fix use-after-free in uncharge_batch" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x f1796544a0ca0f14386a679d3d05fbc69235015e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022702-ignition-astonish-a4f1@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: f1796544a0ca ("memcg: fix use-after-free in uncharge_batch") 1a3e1f40962c ("mm: memcontrol: decouple reference counting from page accounting") 8d22a9351035 ("mm/memcg: fix refcount error while moving and swapping") d9eb1ea2bf87 ("mm: memcontrol: delete unused lrucare handling") 4c6355b25e8b ("mm: memcontrol: charge swapin pages on instantiation") f0e45fb4da29 ("mm: memcontrol: drop unused try/commit/cancel charge API") 9d82c69438d0 ("mm: memcontrol: convert anon and file-thp to new mem_cgroup_charge() API") 468c398233da ("mm: memcontrol: switch to native NR_ANON_THPS counter") be5d0a74c62d ("mm: memcontrol: switch to native NR_ANON_MAPPED counter") 0d1c20722ab3 ("mm: memcontrol: switch to native NR_FILE_PAGES and NR_SHMEM counters") 49e50d277ba2 ("mm: memcontrol: prepare move_account for removal of private page type counters") 9f762dbe19b9 ("mm: memcontrol: prepare uncharging for removal of private page type counters") 3fea5a499d57 ("mm: memcontrol: convert page cache to a new mem_cgroup_charge() API") 6caa6a0703e0 ("mm: memcontrol: move out cgroup swaprate throttling") 14235ab36019 ("mm: shmem: remove rare optimization when swapin races with hole punching") 3fba69a56e16 ("mm: memcontrol: drop @compound parameter from memcg charging API") abb242f57196 ("mm: memcontrol: fix stat-corrupting race in charge moving") f4129ea3591a ("mm: fix NUMA node file count error in replace_page_cache()") ffe945e633b5 ("khugepaged: do not stop collapse if less than half PTEs are referenced") 396bcc5299c2 ("mm: remove CONFIG_TRANSPARENT_HUGE_PAGECACHE") 85b9f46e8ea4 ("mm, thp: track fallbacks due to failed memcg charges separately") dcdf11ee1441 ("mm, shmem: add vmstat for hugepage fallback") 9c315e4d7d8c ("mm: memcg/slab: cache page number in memcg_(un)charge_slab()") 92d0510c3585 ("mm: kmem: switch to nr_pages in (__)memcg_kmem_charge_memcg()") f4b00eab5004 ("mm: kmem: rename memcg_kmem_(un)charge() into memcg_kmem_(un)charge_page()") 50591183fa86 ("mm: kmem: cleanup memcg_kmem_uncharge_memcg() arguments") 10eaec2f63b6 ("mm: kmem: cleanup (__)memcg_kmem_charge_memcg() arguments") 47e29d32afba ("mm/gup: page->hpage_pinned_refcount: exact pin counts for huge pages") 3faa52c03f44 ("mm/gup: track FOLL_PIN pages") 3b78d8347d31 ("mm/gup: pass gup flags to two more routines") c23a0c99793f ("mm/migrate: clean up some minor coding style") 92855270ff08 ("mm/memcontrol.c: cleanup some useless code") f1f6a7dd9b53 ("mm, tree-wide: rename put_user_page*() to unpin_user_page*()") aa4b87fe9ea3 ("powerpc: book3s64: convert to pin_user_pages() and put_user_page()") 19fed0dae94d ("vfio, mm: pin_user_pages (FOLL_PIN) and put_user_page() conversion") 1f815afcfca7 ("media/v4l2-core: pin_user_pages (FOLL_PIN) and put_user_page() conversion") 803e4572d7c5 ("mm/process_vm_access: set FOLL_PIN via pin_user_pages_remote()") 57459435cff5 ("goldish_pipe: convert to pin_user_pages() and put_user_page()") eddb1c228f79 ("mm/gup: introduce pin_user_pages*() and FOLL_PIN") 3c7470b6f684 ("media/v4l2-core: set pages dirty upon releasing DMA buffers") f4000fdf435b ("mm/gup: allow FOLL_FORCE for get_user_pages_fast()") 3567813eae5e ("vfio: fix FOLL_LONGTERM use, simplify get_user_pages_remote() call") c4237f8b1f4f ("mm: fix get_user_pages_remote()'s handling of FOLL_LONGTERM") a707cdd55f0f ("mm/gup: move try_get_compound_head() to top, fix minor issues") a43e982082c2 ("mm/gup: factor out duplicate code from four routines") fac0516b5534 ("mm: thp: don't need care deferred split queue in memcg charge move path") f1fe80d4ae33 ("mm, thp: do not queue fully unmapped pages for deferred split") acbfb087e3b1 ("mm/hugetlb: avoid looping to the same hugepage if !pages and !vmas") 867e5e1de14b ("mm: clean up and clarify lruvec lookup procedure") 242c37b459ce ("include/linux/memcontrol.h: fix comments based on per-node memcg") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f1796544a0ca0f14386a679d3d05fbc69235015e Mon Sep 17 00:00:00 2001 From: Michal Hocko <mhocko(a)suse.com> Date: Fri, 4 Sep 2020 16:35:24 -0700 Subject: [PATCH] memcg: fix use-after-free in uncharge_batch syzbot has reported an use-after-free in the uncharge_batch path BUG: KASAN: use-after-free in instrument_atomic_write include/linux/instrumented.h:71 [inline] BUG: KASAN: use-after-free in atomic64_sub_return include/asm-generic/atomic-instrumented.h:970 [inline] BUG: KASAN: use-after-free in atomic_long_sub_return include/asm-generic/atomic-long.h:113 [inline] BUG: KASAN: use-after-free in page_counter_cancel mm/page_counter.c:54 [inline] BUG: KASAN: use-after-free in page_counter_uncharge+0x3d/0xc0 mm/page_counter.c:155 Write of size 8 at addr ffff8880371c0148 by task syz-executor.0/9304 CPU: 0 PID: 9304 Comm: syz-executor.0 Not tainted 5.8.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1f0/0x31e lib/dump_stack.c:118 print_address_description+0x66/0x620 mm/kasan/report.c:383 __kasan_report mm/kasan/report.c:513 [inline] kasan_report+0x132/0x1d0 mm/kasan/report.c:530 check_memory_region_inline mm/kasan/generic.c:183 [inline] check_memory_region+0x2b5/0x2f0 mm/kasan/generic.c:192 instrument_atomic_write include/linux/instrumented.h:71 [inline] atomic64_sub_return include/asm-generic/atomic-instrumented.h:970 [inline] atomic_long_sub_return include/asm-generic/atomic-long.h:113 [inline] page_counter_cancel mm/page_counter.c:54 [inline] page_counter_uncharge+0x3d/0xc0 mm/page_counter.c:155 uncharge_batch+0x6c/0x350 mm/memcontrol.c:6764 uncharge_page+0x115/0x430 mm/memcontrol.c:6796 uncharge_list mm/memcontrol.c:6835 [inline] mem_cgroup_uncharge_list+0x70/0xe0 mm/memcontrol.c:6877 release_pages+0x13a2/0x1550 mm/swap.c:911 tlb_batch_pages_flush mm/mmu_gather.c:49 [inline] tlb_flush_mmu_free mm/mmu_gather.c:242 [inline] tlb_flush_mmu+0x780/0x910 mm/mmu_gather.c:249 tlb_finish_mmu+0xcb/0x200 mm/mmu_gather.c:328 exit_mmap+0x296/0x550 mm/mmap.c:3185 __mmput+0x113/0x370 kernel/fork.c:1076 exit_mm+0x4cd/0x550 kernel/exit.c:483 do_exit+0x576/0x1f20 kernel/exit.c:793 do_group_exit+0x161/0x2d0 kernel/exit.c:903 get_signal+0x139b/0x1d30 kernel/signal.c:2743 arch_do_signal+0x33/0x610 arch/x86/kernel/signal.c:811 exit_to_user_mode_loop kernel/entry/common.c:135 [inline] exit_to_user_mode_prepare+0x8d/0x1b0 kernel/entry/common.c:166 syscall_exit_to_user_mode+0x5e/0x1a0 kernel/entry/common.c:241 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Commit 1a3e1f40962c ("mm: memcontrol: decouple reference counting from page accounting") reworked the memcg lifetime to be bound the the struct page rather than charges. It also removed the css_put_many from uncharge_batch and that is causing the above splat. uncharge_batch() is supposed to uncharge accumulated charges for all pages freed from the same memcg. The queuing is done by uncharge_page which however drops the memcg reference after it adds charges to the batch. If the current page happens to be the last one holding the reference for its memcg then the memcg is OK to go and the next page to be freed will trigger batched uncharge which needs to access the memcg which is gone already. Fix the issue by taking a reference for the memcg in the current batch. Fixes: 1a3e1f40962c ("mm: memcontrol: decouple reference counting from page accounting") Reported-by: syzbot+b305848212deec86eabe(a)syzkaller.appspotmail.com Reported-by: syzbot+b5ea6fb6f139c8b9482b(a)syzkaller.appspotmail.com Signed-off-by: Michal Hocko <mhocko(a)suse.com> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Reviewed-by: Shakeel Butt <shakeelb(a)google.com> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Roman Gushchin <guro(a)fb.com> Cc: Hugh Dickins <hughd(a)google.com> Link: https://lkml.kernel.org/r/20200820090341.GC5033@dhcp22.suse.cz Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> diff --git a/mm/memcontrol.c b/mm/memcontrol.c index b807952b4d43..cfa6cbad21d5 100644 --- a/mm/memcontrol.c +++ b/mm/memcontrol.c @@ -6774,6 +6774,9 @@ static void uncharge_batch(const struct uncharge_gather *ug) __this_cpu_add(ug->memcg->vmstats_percpu->nr_page_events, ug->nr_pages); memcg_check_events(ug->memcg, ug->dummy_page); local_irq_restore(flags); + + /* drop reference from uncharge_page */ + css_put(&ug->memcg->css); } static void uncharge_page(struct page *page, struct uncharge_gather *ug) @@ -6797,6 +6800,9 @@ static void uncharge_page(struct page *page, struct uncharge_gather *ug) uncharge_gather_clear(ug); } ug->memcg = page->mem_cgroup; + + /* pairs with css_put in uncharge_batch */ + css_get(&ug->memcg->css); } nr_pages = compound_nr(page);

1 year, 6 months

1
0
0 0

[PATCH 0/2] Disable automatic load CCS load balancing

by Andi Shyti

Hi, this series does basically two things: 1. Disables automatic load balancing as adviced by the hardware workaround. 2. Forces the sharing of the load submitted to CCS among all the CCS available (as of now only DG2 has more than one CCS). This way the user, when sending a query, will see only one CCS available. Andi Andi Shyti (2): drm/i915/gt: Disable HW load balancing for CCS drm/i915/gt: Set default CCS mode '1' drivers/gpu/drm/i915/gt/intel_gt.c | 11 +++++++++++ drivers/gpu/drm/i915/gt/intel_gt_regs.h | 3 +++ drivers/gpu/drm/i915/gt/intel_workarounds.c | 6 ++++++ drivers/gpu/drm/i915/i915_drv.h | 17 +++++++++++++++++ drivers/gpu/drm/i915/i915_query.c | 5 +++-- 5 files changed, 40 insertions(+), 2 deletions(-) -- 2.43.0

1 year, 6 months

3
8
0 0

Backport commit 4f082a753122 "fs/ntfs3: Enhance the attribute size check"

by Doebel, Bjoern

Hi, please backport commit 4f082a753122 "fs/ntfs3: Enhance the attribute size check" to the 6.1 stable branch. Commit message: """ This combines the overflow and boundary check so that all attribute size will be properly examined while enumerating them. """ We have seen Syzkaller reports for the 6.1 stable build and this patch fixes the issue. The issue does not reproduce on any of the other stable branches. Best regards, Bjoern Report: ================================================================== loop4: detected capacity change from 0 to 65536 BUG: KASAN: use-after-free in ntfs_read_mft+0x3187/0x3210 fs/ntfs3/inode.c:163 Read of size 8 at addr ffff888023c28036 by task syz-executor.5/29379 CPU: 1 PID: 29379 Comm: syz-executor.5 Not tainted 6.1.78 #33 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-5 04/01/2014 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x70/0x93 lib/dump_stack.c:106 print_address_description.constprop.0+0x81/0x2b0 mm/kasan/report.c:284 print_report+0x116/0x1f6 mm/kasan/report.c:395 kasan_report+0xad/0x130 mm/kasan/report.c:495 ntfs_read_mft+0x3187/0x3210 fs/ntfs3/inode.c:163 ntfs_iget5+0x1a7/0x240 fs/ntfs3/inode.c:524 ntfs_loadlog_and_replay+0x128/0x5e0 fs/ntfs3/fsntfs.c:272 ntfs_fill_super+0xb28/0x22c0 fs/ntfs3/super.c:1018 get_tree_bdev+0x40a/0x700 fs/super.c:1355 vfs_get_tree+0x86/0x2e0 fs/super.c:1562 do_new_mount+0x344/0x6b0 fs/namespace.c:3051 path_mount+0x4c4/0x17e0 fs/namespace.c:3381 do_mount fs/namespace.c:3394 [inline] __do_sys_mount fs/namespace.c:3602 [inline] __se_sys_mount fs/namespace.c:3579 [inline] __x64_sys_mount+0x287/0x310 fs/namespace.c:3579 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:81 entry_SYSCALL_64_after_hwframe+0x64/0xce RIP: 0033:0x7fd43486377e Code: 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fd4355d6ec8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00007fd4355d6f60 RCX: 00007fd43486377e RDX: 000000002001f800 RSI: 0000000020000040 RDI: 00007fd4355d6f20 RBP: 000000002001f800 R08: 00007fd4355d6f60 R09: 0000000000000003 R10: 0000000000000003 R11: 0000000000000202 R12: 0000000020000040 R13: 00007fd4355d6f20 R14: 000000000001f7f9 R15: 0000000020000000 </TASK> Allocated by task 6435: kasan_save_stack+0x1c/0x40 mm/kasan/common.c:45 kasan_set_track+0x21/0x30 mm/kasan/common.c:52 __kasan_slab_alloc+0x6d/0x70 mm/kasan/common.c:328 kasan_slab_alloc include/linux/kasan.h:201 [inline] slab_post_alloc_hook mm/slab.h:737 [inline] slab_alloc_node mm/slub.c:3398 [inline] slab_alloc mm/slub.c:3406 [inline] __kmem_cache_alloc_lru mm/slub.c:3413 [inline] kmem_cache_alloc+0x144/0x320 mm/slub.c:3422 getname_flags.part.0+0x55/0x4f0 fs/namei.c:139 getname_flags+0x9d/0xf0 include/linux/audit.h:320 vfs_fstatat+0x78/0xb0 fs/stat.c:266 vfs_stat include/linux/fs.h:3352 [inline] __do_sys_newstat+0x89/0x110 fs/stat.c:410 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:81 entry_SYSCALL_64_after_hwframe+0x64/0xce Freed by task 6435: kasan_save_stack+0x1c/0x40 mm/kasan/common.c:45 kasan_set_track+0x21/0x30 mm/kasan/common.c:52 kasan_save_free_info+0x2a/0x50 mm/kasan/generic.c:516 ____kasan_slab_free mm/kasan/common.c:236 [inline] ____kasan_slab_free+0x15b/0x1c0 mm/kasan/common.c:200 kasan_slab_free include/linux/kasan.h:177 [inline] slab_free_hook mm/slub.c:1724 [inline] slab_free_freelist_hook mm/slub.c:1750 [inline] slab_free mm/slub.c:3661 [inline] kmem_cache_free+0x123/0x4c0 mm/slub.c:3683 putname+0x12f/0x170 fs/namei.c:273 vfs_fstatat+0x9b/0xb0 fs/stat.c:268 vfs_stat include/linux/fs.h:3352 [inline] __do_sys_newstat+0x89/0x110 fs/stat.c:410 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:81 entry_SYSCALL_64_after_hwframe+0x64/0xce The buggy address belongs to the object at ffff888023c28000 which belongs to the cache names_cache of size 4096 The buggy address is located 54 bytes inside of 4096-byte region [ffff888023c28000, ffff888023c29000) The buggy address belongs to the physical page: page:0000000034b12153 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23c28 head:0000000034b12153 order:3 compound_mapcount:0 compound_pincount:0 flags: 0xfffffc0010200(slab|head|node=0|zone=1|lastcpupid=0x1fffff) raw: 000fffffc0010200 0000000000000000 dead000000000001 ffff88800cf57a00 raw: 0000000000000000 0000000000070007 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff888023c27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff888023c27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc > ffff888023c28000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff888023c28080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff888023c28100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ================================================================== Amazon Development Center Germany GmbH Krausenstr. 38 10117 Berlin Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B Sitz: Berlin Ust-ID: DE 289 237 879

1 year, 6 months

2
1
0 0

[PATCH v2 2/8] KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled

by David Woodhouse

From: David Woodhouse <dwmw(a)amazon.co.uk> Linux guests since commit b1c3497e604d ("x86/xen: Add support for HVMOP_set_evtchn_upcall_vector") in v6.0 onwards will use the per-vCPU upcall vector when it's advertised in the Xen CPUID leaves. This upcall is injected through the guest's local APIC as an MSI, unlike the older system vector which was merely injected by the hypervisor any time the CPU was able to receive an interrupt and the upcall_pending flags is set in its vcpu_info. Effectively, that makes the per-CPU upcall edge triggered instead of level triggered, which results in the upcall being lost if the MSI is delivered when the local APIC is *disabled*. Xen checks the vcpu_info->evtchn_upcall_pending flag when the local APIC for a vCPU is software enabled (in fact, on any write to the SPIV register which doesn't disable the APIC). Do the same in KVM since KVM doesn't provide a way for userspace to intervene and trap accesses to the SPIV register of a local APIC emulated by KVM. Fixes: fde0451be8fb3 ("KVM: x86/xen: Support per-vCPU event channel upcall via local APIC") Signed-off-by: David Woodhouse <dwmw(a)amazon.co.uk> Reviewed-by: Paul Durrant <paul(a)xen.org> Cc: stable(a)vger.kernel.org --- arch/x86/kvm/lapic.c | 5 ++++- arch/x86/kvm/xen.c | 2 +- arch/x86/kvm/xen.h | 18 ++++++++++++++++++ 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index 3242f3da2457..75bc7d3f0022 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -41,6 +41,7 @@ #include "ioapic.h" #include "trace.h" #include "x86.h" +#include "xen.h" #include "cpuid.h" #include "hyperv.h" #include "smm.h" @@ -499,8 +500,10 @@ static inline void apic_set_spiv(struct kvm_lapic *apic, u32 val) } /* Check if there are APF page ready requests pending */ - if (enabled) + if (enabled) { kvm_make_request(KVM_REQ_APF_READY, apic->vcpu); + kvm_xen_sw_enable_lapic(apic->vcpu); + } } static inline void kvm_apic_set_xapic_id(struct kvm_lapic *apic, u8 id) diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c index ccd2dc753fd6..06904696759c 100644 --- a/arch/x86/kvm/xen.c +++ b/arch/x86/kvm/xen.c @@ -568,7 +568,7 @@ void kvm_xen_update_runstate(struct kvm_vcpu *v, int state) kvm_xen_update_runstate_guest(v, state == RUNSTATE_runnable); } -static void kvm_xen_inject_vcpu_vector(struct kvm_vcpu *v) +void kvm_xen_inject_vcpu_vector(struct kvm_vcpu *v) { struct kvm_lapic_irq irq = { }; int r; diff --git a/arch/x86/kvm/xen.h b/arch/x86/kvm/xen.h index f8f1fe22d090..f5841d9000ae 100644 --- a/arch/x86/kvm/xen.h +++ b/arch/x86/kvm/xen.h @@ -18,6 +18,7 @@ extern struct static_key_false_deferred kvm_xen_enabled; int __kvm_xen_has_interrupt(struct kvm_vcpu *vcpu); void kvm_xen_inject_pending_events(struct kvm_vcpu *vcpu); +void kvm_xen_inject_vcpu_vector(struct kvm_vcpu *vcpu); int kvm_xen_vcpu_set_attr(struct kvm_vcpu *vcpu, struct kvm_xen_vcpu_attr *data); int kvm_xen_vcpu_get_attr(struct kvm_vcpu *vcpu, struct kvm_xen_vcpu_attr *data); int kvm_xen_hvm_set_attr(struct kvm *kvm, struct kvm_xen_hvm_attr *data); @@ -36,6 +37,19 @@ int kvm_xen_setup_evtchn(struct kvm *kvm, const struct kvm_irq_routing_entry *ue); void kvm_xen_update_tsc_info(struct kvm_vcpu *vcpu); +static inline void kvm_xen_sw_enable_lapic(struct kvm_vcpu *vcpu) +{ + /* + * The local APIC is being enabled. If the per-vCPU upcall vector is + * set and the vCPU's evtchn_upcall_pending flag is set, inject the + * interrupt. + */ + if (static_branch_unlikely(&kvm_xen_enabled.key) && + vcpu->arch.xen.vcpu_info_cache.active && + vcpu->arch.xen.upcall_vector && __kvm_xen_has_interrupt(vcpu)) + kvm_xen_inject_vcpu_vector(vcpu); +} + static inline bool kvm_xen_msr_enabled(struct kvm *kvm) { return static_branch_unlikely(&kvm_xen_enabled.key) && @@ -101,6 +115,10 @@ static inline void kvm_xen_destroy_vcpu(struct kvm_vcpu *vcpu) { } +static inline void kvm_xen_sw_enable_lapic(struct kvm_vcpu *vcpu) +{ +} + static inline bool kvm_xen_msr_enabled(struct kvm *kvm) { return false; -- 2.43.0

1 year, 6 months

1
0
0 0

[PATCH v2 2/2] landlock: Warn once if a Landlock action is requested while disabled

by Mickaël Salaün

Because sandboxing can be used as an opportunistic security measure, user space may not log unsupported features. Let the system administrator know if an application tries to use Landlock but failed because it isn't enabled at boot time. This may be caused by bootloader configurations with outdated "lsm" kernel's command-line parameter. Cc: stable(a)vger.kernel.org Fixes: 265885daf3e5 ("landlock: Add syscall implementations") Reviewed-by: Kees Cook <keescook(a)chromium.org> Reviewed-by: Günther Noack <gnoack3000(a)gmail.com> Signed-off-by: Mickaël Salaün <mic(a)digikod.net> --- Changes since v1: * Add Kees's and Günther's Reviewed-by. * Rename is_not_initialized() to not_initialized() and invert the logic, as suggested by Günther. This is a cosmetic change without global behavioral changed. * Update link to point to a new subsection. --- security/landlock/syscalls.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/security/landlock/syscalls.c b/security/landlock/syscalls.c index 898358f57fa0..6788e73b6681 100644 --- a/security/landlock/syscalls.c +++ b/security/landlock/syscalls.c @@ -33,6 +33,18 @@ #include "ruleset.h" #include "setup.h" +static bool is_initialized(void) +{ + if (likely(landlock_initialized)) + return true; + + pr_warn_once( + "Disabled but requested by user space. " + "You should enable Landlock at boot time: " + "https://docs.kernel.org/userspace-api/landlock.html#boot-time-configuration…"); + return false; +} + /** * copy_min_struct_from_user - Safe future-proof argument copying * @@ -173,7 +185,7 @@ SYSCALL_DEFINE3(landlock_create_ruleset, /* Build-time checks. */ build_check_abi(); - if (!landlock_initialized) + if (!is_initialized()) return -EOPNOTSUPP; if (flags) { @@ -398,7 +410,7 @@ SYSCALL_DEFINE4(landlock_add_rule, const int, ruleset_fd, struct landlock_ruleset *ruleset; int err; - if (!landlock_initialized) + if (!is_initialized()) return -EOPNOTSUPP; /* No flag for now. */ @@ -458,7 +470,7 @@ SYSCALL_DEFINE2(landlock_restrict_self, const int, ruleset_fd, const __u32, struct landlock_cred_security *new_llcred; int err; - if (!landlock_initialized) + if (!is_initialized()) return -EOPNOTSUPP; /* -- 2.44.0

1 year, 6 months

1
0
0 0

[PATCH net] xfrm: Avoid clang fortify warning in copy_to_user_tmpl()

by Nathan Chancellor

After a couple recent changes in LLVM, there is a warning (or error with CONFIG_WERROR=y or W=e) from the compile time fortify source routines, specifically the memset() in copy_to_user_tmpl(). In file included from net/xfrm/xfrm_user.c:14: ... include/linux/fortify-string.h:438:4: error: call to '__write_overflow_field' declared with 'warning' attribute: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror,-Wattribute-warning] 438 | __write_overflow_field(p_size_field, size); | ^ 1 error generated. While ->xfrm_nr has been validated against XFRM_MAX_DEPTH when its value is first assigned in copy_templates() by calling validate_tmpl() first (so there should not be any issue in practice), LLVM/clang cannot really deduce that across the boundaries of these functions. Without that knowledge, it cannot assume that the loop stops before i is greater than XFRM_MAX_DEPTH, which would indeed result a stack buffer overflow in the memset(). To make the bounds of ->xfrm_nr clear to the compiler and add additional defense in case copy_to_user_tmpl() is ever used in a path where ->xfrm_nr has not been properly validated against XFRM_MAX_DEPTH first, add an explicit bound check and early return, which clears up the warning. Cc: stable(a)vger.kernel.org Link: https://github.com/ClangBuiltLinux/linux/issues/1985 Signed-off-by: Nathan Chancellor <nathan(a)kernel.org> --- net/xfrm/xfrm_user.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index f037be190bae..912c1189ba41 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -2017,6 +2017,9 @@ static int copy_to_user_tmpl(struct xfrm_policy *xp, struct sk_buff *skb) if (xp->xfrm_nr == 0) return 0; + if (xp->xfrm_nr > XFRM_MAX_DEPTH) + return -ENOBUFS; + for (i = 0; i < xp->xfrm_nr; i++) { struct xfrm_user_tmpl *up = &vec[i]; struct xfrm_tmpl *kp = &xp->xfrm_vec[i]; --- base-commit: 14dec56fdd4c70a0ebe40077368e367421ea6fef change-id: 20240221-xfrm-avoid-clang-fortify-warning-copy_to_user_tmpl-40cb10b003e3 Best regards, -- Nathan Chancellor <nathan(a)kernel.org>

1 year, 6 months

3
2
0 0

[PATCH 5.15 0/1] rcutorture: Add missing return and use __func__ in warning

by Daniil Dulov

Svacer reports a potential division by zero at rcu_torture_writer() in 5.15 stable release. The problem has been fixed by the following patch that can be cleanly applied to 5.15 branch.

1 year, 6 months

1
1
0 0

FAILED: patch "[PATCH] mm: zswap: fix missing folio cleanup in writeback race path" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x e3b63e966cac0bf78aaa1efede1827a252815a1d # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022612-uncloak-pretext-f4a2@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: e3b63e966cac ("mm: zswap: fix missing folio cleanup in writeback race path") 96c7b0b42239 ("mm: return the folio from __read_swap_cache_async()") e947ba0bbf47 ("mm/zswap: cleanup zswap_writeback_entry()") 32acba4c0483 ("mm/zswap: refactor out __zswap_load()") c75f5c1e0f1d ("mm/zswap: reuse dstmem when decompress") b5ba474f3f51 ("zswap: shrink zswap pool based on memory pressure") a65b0e7607cc ("zswap: make shrinking memcg-aware") ddc1a5cbc05d ("mempolicy: alloc_pages_mpol() for NUMA policy without vma") 23e4883248f0 ("mm: add page_rmappable_folio() wrapper") c36f6e6dff4d ("mempolicy trivia: slightly more consistent naming") 7f1ee4e20708 ("mempolicy trivia: delete those ancient pr_debug()s") 1cb5d11a370f ("mempolicy: fix migrate_pages(2) syscall return nr_failed") 3657fdc2451a ("mm: move vma_policy() and anon_vma_name() decls to mm_types.h") 3022fd7af960 ("shmem: _add_to_page_cache() before shmem_inode_acct_blocks()") 054a9f7ccd0a ("shmem: move memcg charge out of shmem_add_to_page_cache()") 4199f51a7eb2 ("shmem: shmem_acct_blocks() and shmem_inode_acct_blocks()") e3e1a5067fd2 ("shmem: remove vma arg from shmem_get_folio_gfp()") 75c70128a673 ("mm: mempolicy: make mpol_misplaced() to take a folio") cda6d93672ac ("mm: memory: make numa_migrate_prep() to take a folio") 6695cf68b15c ("mm: memory: use a folio in do_numa_page()") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e3b63e966cac0bf78aaa1efede1827a252815a1d Mon Sep 17 00:00:00 2001 From: Yosry Ahmed <yosryahmed(a)google.com> Date: Thu, 25 Jan 2024 08:51:27 +0000 Subject: [PATCH] mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that the swap entry was not invalidated and recycled. If it was, we delete the folio we just added to the swap cache and exit. However, __read_swap_cache_async() returns the folio locked when it is newly allocated, which is always true for this path, and the folio is ref'd. Make sure to unlock and put the folio before returning. This was discovered by code inspection, probably because this path handles a race condition that should not happen often, and the bug would not crash the system, it will only strand the folio indefinitely. Link: https://lkml.kernel.org/r/20240125085127.1327013-1-yosryahmed@google.com Fixes: 04fc7816089c ("mm: fix zswap writeback race condition") Signed-off-by: Yosry Ahmed <yosryahmed(a)google.com> Reviewed-by: Chengming Zhou <zhouchengming(a)bytedance.com> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Reviewed-by: Nhat Pham <nphamcs(a)gmail.com> Cc: Domenico Cerasuolo <cerasuolodomenico(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/zswap.c b/mm/zswap.c index 350dd2fc8159..d2423247acfd 100644 --- a/mm/zswap.c +++ b/mm/zswap.c @@ -1440,6 +1440,8 @@ static int zswap_writeback_entry(struct zswap_entry *entry, if (zswap_rb_search(&tree->rbroot, swp_offset(entry->swpentry)) != entry) { spin_unlock(&tree->lock); delete_from_swap_cache(folio); + folio_unlock(folio); + folio_put(folio); return -ENOMEM; } spin_unlock(&tree->lock);

1 year, 6 months

3
6
0 0

FAILED: patch "[PATCH] mm: zswap: fix missing folio cleanup in writeback race path" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x e3b63e966cac0bf78aaa1efede1827a252815a1d # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022611-tropics-deferred-2483@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: e3b63e966cac ("mm: zswap: fix missing folio cleanup in writeback race path") 96c7b0b42239 ("mm: return the folio from __read_swap_cache_async()") e947ba0bbf47 ("mm/zswap: cleanup zswap_writeback_entry()") 32acba4c0483 ("mm/zswap: refactor out __zswap_load()") c75f5c1e0f1d ("mm/zswap: reuse dstmem when decompress") b5ba474f3f51 ("zswap: shrink zswap pool based on memory pressure") a65b0e7607cc ("zswap: make shrinking memcg-aware") ddc1a5cbc05d ("mempolicy: alloc_pages_mpol() for NUMA policy without vma") 23e4883248f0 ("mm: add page_rmappable_folio() wrapper") c36f6e6dff4d ("mempolicy trivia: slightly more consistent naming") 7f1ee4e20708 ("mempolicy trivia: delete those ancient pr_debug()s") 1cb5d11a370f ("mempolicy: fix migrate_pages(2) syscall return nr_failed") 3657fdc2451a ("mm: move vma_policy() and anon_vma_name() decls to mm_types.h") 3022fd7af960 ("shmem: _add_to_page_cache() before shmem_inode_acct_blocks()") 054a9f7ccd0a ("shmem: move memcg charge out of shmem_add_to_page_cache()") 4199f51a7eb2 ("shmem: shmem_acct_blocks() and shmem_inode_acct_blocks()") e3e1a5067fd2 ("shmem: remove vma arg from shmem_get_folio_gfp()") 75c70128a673 ("mm: mempolicy: make mpol_misplaced() to take a folio") cda6d93672ac ("mm: memory: make numa_migrate_prep() to take a folio") 6695cf68b15c ("mm: memory: use a folio in do_numa_page()") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e3b63e966cac0bf78aaa1efede1827a252815a1d Mon Sep 17 00:00:00 2001 From: Yosry Ahmed <yosryahmed(a)google.com> Date: Thu, 25 Jan 2024 08:51:27 +0000 Subject: [PATCH] mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that the swap entry was not invalidated and recycled. If it was, we delete the folio we just added to the swap cache and exit. However, __read_swap_cache_async() returns the folio locked when it is newly allocated, which is always true for this path, and the folio is ref'd. Make sure to unlock and put the folio before returning. This was discovered by code inspection, probably because this path handles a race condition that should not happen often, and the bug would not crash the system, it will only strand the folio indefinitely. Link: https://lkml.kernel.org/r/20240125085127.1327013-1-yosryahmed@google.com Fixes: 04fc7816089c ("mm: fix zswap writeback race condition") Signed-off-by: Yosry Ahmed <yosryahmed(a)google.com> Reviewed-by: Chengming Zhou <zhouchengming(a)bytedance.com> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Reviewed-by: Nhat Pham <nphamcs(a)gmail.com> Cc: Domenico Cerasuolo <cerasuolodomenico(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/zswap.c b/mm/zswap.c index 350dd2fc8159..d2423247acfd 100644 --- a/mm/zswap.c +++ b/mm/zswap.c @@ -1440,6 +1440,8 @@ static int zswap_writeback_entry(struct zswap_entry *entry, if (zswap_rb_search(&tree->rbroot, swp_offset(entry->swpentry)) != entry) { spin_unlock(&tree->lock); delete_from_swap_cache(folio); + folio_unlock(folio); + folio_put(folio); return -ENOMEM; } spin_unlock(&tree->lock);

1 year, 6 months

4
4
0 0

FAILED: patch "[PATCH] mm/zswap: invalidate duplicate entry when !zswap_enabled" failed to apply to 6.7-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.7-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.7.y git checkout FETCH_HEAD git cherry-pick -x 678e54d4bb9a4822f8ae99690ac131c5d490cdb1 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022622-agony-salvaging-5082@gregkh' --subject-prefix 'PATCH 6.7.y' HEAD^.. Possible dependencies: 678e54d4bb9a ("mm/zswap: invalidate duplicate entry when !zswap_enabled") a65b0e7607cc ("zswap: make shrinking memcg-aware") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 678e54d4bb9a4822f8ae99690ac131c5d490cdb1 Mon Sep 17 00:00:00 2001 From: Chengming Zhou <zhouchengming(a)bytedance.com> Date: Thu, 8 Feb 2024 02:32:54 +0000 Subject: [PATCH] mm/zswap: invalidate duplicate entry when !zswap_enabled We have to invalidate any duplicate entry even when !zswap_enabled since zswap can be disabled anytime. If the folio store success before, then got dirtied again but zswap disabled, we won't invalidate the old duplicate entry in the zswap_store(). So later lru writeback may overwrite the new data in swapfile. Link: https://lkml.kernel.org/r/20240208023254.3873823-1-chengming.zhou@linux.dev Fixes: 42c06a0e8ebe ("mm: kill frontswap") Signed-off-by: Chengming Zhou <zhouchengming(a)bytedance.com> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Nhat Pham <nphamcs(a)gmail.com> Cc: Yosry Ahmed <yosryahmed(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/zswap.c b/mm/zswap.c index 36903d938c15..db4625af65fb 100644 --- a/mm/zswap.c +++ b/mm/zswap.c @@ -1518,7 +1518,7 @@ bool zswap_store(struct folio *folio) if (folio_test_large(folio)) return false; - if (!zswap_enabled || !tree) + if (!tree) return false; /* @@ -1533,6 +1533,10 @@ bool zswap_store(struct folio *folio) zswap_invalidate_entry(tree, dupentry); } spin_unlock(&tree->lock); + + if (!zswap_enabled) + return false; + objcg = get_obj_cgroup_from_folio(folio); if (objcg && !obj_cgroup_may_zswap(objcg)) { memcg = get_mem_cgroup_from_objcg(objcg);

1 year, 6 months

4
4
0 0

[PATCH 6.7.y 0/6] Delay VERW - 6.7.y backport

by Pawan Gupta

This is the backport of recently upstreamed series that moves VERW execution to a later point in exit-to-user path. This is needed because in some cases it may be possible for data accessed after VERW executions may end into MDS affected CPU buffers. Moving VERW closer to ring transition reduces the attack surface. Patch 1/6 includes a minor fix that is queued for upstream: https://lore.kernel.org/lkml/170899674562.398.6398007479766564897.tip-bot2@… Patch 2/6 needed a conflict to be resolved for the hunk swapgs_restore_regs_and_return_to_usermode. Signed-off-by: Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> --- Pawan Gupta (5): x86/bugs: Add asm helpers for executing VERW x86/entry_64: Add VERW just before userspace transition x86/entry_32: Add VERW just before userspace transition x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key KVM/VMX: Move VERW closer to VMentry for MDS mitigation Sean Christopherson (1): KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH Documentation/arch/x86/mds.rst | 38 +++++++++++++++++++++++++----------- arch/x86/entry/entry.S | 23 ++++++++++++++++++++++ arch/x86/entry/entry_32.S | 3 +++ arch/x86/entry/entry_64.S | 11 +++++++++++ arch/x86/entry/entry_64_compat.S | 1 + arch/x86/include/asm/cpufeatures.h | 2 +- arch/x86/include/asm/entry-common.h | 1 - arch/x86/include/asm/nospec-branch.h | 25 ++++++++++++------------ arch/x86/kernel/cpu/bugs.c | 15 ++++++-------- arch/x86/kernel/nmi.c | 3 --- arch/x86/kvm/vmx/run_flags.h | 7 +++++-- arch/x86/kvm/vmx/vmenter.S | 9 ++++++--- arch/x86/kvm/vmx/vmx.c | 20 +++++++++++++++---- 13 files changed, 112 insertions(+), 46 deletions(-) --- base-commit: b631f5b445dc3379f67ff63a2e4c58f22d4975dc change-id: 20240226-delay-verw-backport-6-7-y-a2cb3f26bb90 Best regards, -- Thanks, Pawan

1 year, 6 months

3
12
0 0

[PATCH v4 0/4] usb: dwc3-am62: module removal and errata fixes

by Roger Quadros

Hi, This series fixes errors during module removal. It also implements PHY core voltage selection as per TI recommendation and workaround for Errata i2409 [1]. The workaround needs PHY2 region to be present in device node. The device tree patch will be sent later after the DT binding doc is merged. [1] - https://www.ti.com/lit/er/sprz487d/sprz487d.pdf Signed-off-by: Roger Quadros <rogerq(a)kernel.org> --- Changes in v4: - re-arranged patches into first 2 bug-fixes and added Cc stable for them - Added Acked-by - Link to v3: https://lore.kernel.org/r/20240214-for-v6-9-am62-usb-errata-3-0-v3-0-147ec5… --- Roger Quadros (4): usb: dwc3-am62: fix module unload/reload behavior usb: dwc3-am62: Disable wakeup at remove usb: dwc3-am62: Fix PHY core voltage selection usb: dwc3-am62: add workaround for Errata i2409 drivers/usb/dwc3/dwc3-am62.c | 42 ++++++++++++++++++++++++++++++------------ 1 file changed, 30 insertions(+), 12 deletions(-) --- base-commit: 6613476e225e090cc9aad49be7fa504e290dd33d change-id: 20240206-for-v6-9-am62-usb-errata-3-0-233024ea8e9d Best regards, -- Roger Quadros <rogerq(a)kernel.org>

1 year, 6 months

1
2
0 0

FAILED: patch "[PATCH] fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x b820de741ae48ccf50dd95e297889c286ff4f760 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022602-unwrapped-haggler-daae@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: b820de741ae4 ("fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio") 9cf3516c29e6 ("fs: add IOCB flags related to passing back dio completions") f6c73a11133e ("fs.h: Add TRACE_IOCB_STRINGS for use in trace points") 1da8cf961bb1 ("Merge tag 'io_uring-6.0-2022-08-13' of git://git.kernel.dk/linux-block") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b820de741ae48ccf50dd95e297889c286ff4f760 Mon Sep 17 00:00:00 2001 From: Bart Van Assche <bvanassche(a)acm.org> Date: Thu, 15 Feb 2024 12:47:38 -0800 Subject: [PATCH] fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8 Call trace: kiocb_set_cancel_fn+0x9c/0xa8 ffs_epfile_read_iter+0x144/0x1d0 io_read+0x19c/0x498 io_issue_sqe+0x118/0x27c io_submit_sqes+0x25c/0x5fc __arm64_sys_io_uring_enter+0x104/0xab0 invoke_syscall+0x58/0x11c el0_svc_common+0xb4/0xf4 do_el0_svc+0x2c/0xb0 el0_svc+0x2c/0xa4 el0t_64_sync_handler+0x68/0xb4 el0t_64_sync+0x1a4/0x1a8 Fix this by setting the IOCB_AIO_RW flag for read and write I/O that is submitted by libaio. Suggested-by: Jens Axboe <axboe(a)kernel.dk> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Avi Kivity <avi(a)scylladb.com> Cc: Sandeep Dhavale <dhavale(a)google.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Kent Overstreet <kent.overstreet(a)linux.dev> Cc: stable(a)vger.kernel.org Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> Link: https://lore.kernel.org/r/20240215204739.2677806-2-bvanassche@acm.org Signed-off-by: Christian Brauner <brauner(a)kernel.org> diff --git a/fs/aio.c b/fs/aio.c index bb2ff48991f3..da18dbcfcb22 100644 --- a/fs/aio.c +++ b/fs/aio.c @@ -593,6 +593,13 @@ void kiocb_set_cancel_fn(struct kiocb *iocb, kiocb_cancel_fn *cancel) struct kioctx *ctx = req->ki_ctx; unsigned long flags; + /* + * kiocb didn't come from aio or is neither a read nor a write, hence + * ignore it. + */ + if (!(iocb->ki_flags & IOCB_AIO_RW)) + return; + if (WARN_ON_ONCE(!list_empty(&req->ki_list))) return; @@ -1509,7 +1516,7 @@ static int aio_prep_rw(struct kiocb *req, const struct iocb *iocb) req->ki_complete = aio_complete_rw; req->private = NULL; req->ki_pos = iocb->aio_offset; - req->ki_flags = req->ki_filp->f_iocb_flags; + req->ki_flags = req->ki_filp->f_iocb_flags | IOCB_AIO_RW; if (iocb->aio_flags & IOCB_FLAG_RESFD) req->ki_flags |= IOCB_EVENTFD; if (iocb->aio_flags & IOCB_FLAG_IOPRIO) { diff --git a/include/linux/fs.h b/include/linux/fs.h index ed5966a70495..c2dcc98cb4c8 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -352,6 +352,8 @@ enum rw_hint { * unrelated IO (like cache flushing, new IO generation, etc). */ #define IOCB_DIO_CALLER_COMP (1 << 22) +/* kiocb is a read or write operation submitted by fs/aio.c. */ +#define IOCB_AIO_RW (1 << 23) /* for use in trace events */ #define TRACE_IOCB_STRINGS \

1 year, 6 months

3
2
0 0

FAILED: patch "[PATCH] mm/damon/reclaim: fix quota stauts loss due to online tunings" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 1b0ca4e4ff10a2c8402e2cf70132c683e1c772e4 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022643-scorn-filtrate-8677@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 1b0ca4e4ff10 ("mm/damon/reclaim: fix quota stauts loss due to online tunings") 66d9faec0745 ("mm/damon/reclaim: add a parameter called skip_anon for avoiding anonymous pages reclamation") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 1b0ca4e4ff10a2c8402e2cf70132c683e1c772e4 Mon Sep 17 00:00:00 2001 From: SeongJae Park <sj(a)kernel.org> Date: Fri, 16 Feb 2024 11:40:24 -0800 Subject: [PATCH] mm/damon/reclaim: fix quota stauts loss due to online tunings Patch series "mm/damon: fix quota status loss due to online tunings". DAMON_RECLAIM and DAMON_LRU_SORT is not preserving internal quota status when applying new user parameters, and hence could cause temporal quota accuracy degradation. Fix it by preserving the status. This patch (of 2): For online parameters change, DAMON_RECLAIM creates new scheme based on latest values of the parameters and replaces the old scheme with the new one. When creating it, the internal status of the quota of the old scheme is not preserved. As a result, charging of the quota starts from zero after the online tuning. The data that collected to estimate the throughput of the scheme's action is also reset, and therefore the estimation should start from the scratch again. Because the throughput estimation is being used to convert the time quota to the effective size quota, this could result in temporal time quota inaccuracy. It would be recovered over time, though. In short, the quota accuracy could be temporarily degraded after online parameters update. Fix the problem by checking the case and copying the internal fields for the status. Link: https://lkml.kernel.org/r/20240216194025.9207-1-sj@kernel.org Link: https://lkml.kernel.org/r/20240216194025.9207-2-sj@kernel.org Fixes: e035c280f6df ("mm/damon/reclaim: support online inputs update") Signed-off-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> [5.19+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/damon/reclaim.c b/mm/damon/reclaim.c index ab974e477d2f..66e190f0374a 100644 --- a/mm/damon/reclaim.c +++ b/mm/damon/reclaim.c @@ -150,9 +150,20 @@ static struct damos *damon_reclaim_new_scheme(void) &damon_reclaim_wmarks); } +static void damon_reclaim_copy_quota_status(struct damos_quota *dst, + struct damos_quota *src) +{ + dst->total_charged_sz = src->total_charged_sz; + dst->total_charged_ns = src->total_charged_ns; + dst->charged_sz = src->charged_sz; + dst->charged_from = src->charged_from; + dst->charge_target_from = src->charge_target_from; + dst->charge_addr_from = src->charge_addr_from; +} + static int damon_reclaim_apply_parameters(void) { - struct damos *scheme; + struct damos *scheme, *old_scheme; struct damos_filter *filter; int err = 0; @@ -164,6 +175,11 @@ static int damon_reclaim_apply_parameters(void) scheme = damon_reclaim_new_scheme(); if (!scheme) return -ENOMEM; + if (!list_empty(&ctx->schemes)) { + damon_for_each_scheme(old_scheme, ctx) + damon_reclaim_copy_quota_status(&scheme->quota, + &old_scheme->quota); + } if (skip_anon) { filter = damos_new_filter(DAMOS_FILTER_TYPE_ANON, true); if (!filter) {

1 year, 6 months

3
2
0 0

[Regression] 5.4.269 fails to build due to security/apparmor/af_unix.c:583:17: error: too few arguments to function ‘unix_state_lock_nested’

by Philip Müller

Hi Greg, the issue might be due to this patch: https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tre… 2024-02-23T15:39:05.6297767Z CC kernel/sys_ni.o 2024-02-23T15:39:05.7583048Z security/apparmor/af_unix.c: In function ‘unix_state_double_lock’: 2024-02-23T15:39:05.7586076Z security/apparmor/af_unix.c:583:17: error: too few arguments to function ‘unix_state_lock_nested’ 2024-02-23T15:39:05.7588374Z 583 | unix_state_lock_nested(sk2); 2024-02-23T15:39:05.7589913Z | ^~~~~~~~~~~~~~~~~~~~~~ 2024-02-23T15:39:05.7591564Z In file included from security/apparmor/include/af_unix.h:15, 2024-02-23T15:39:05.7593341Z from security/apparmor/af_unix.c:17: 2024-02-23T15:39:05.7594989Z ./include/net/af_unix.h:77:20: note: declared here 2024-02-23T15:39:05.7596733Z 77 | static inline void unix_state_lock_nested(struct sock *sk, 2024-02-23T15:39:05.7598516Z | ^~~~~~~~~~~~~~~~~~~~~~ 2024-02-23T15:39:05.7600862Z security/apparmor/af_unix.c:586:17: error: too few arguments to function ‘unix_state_lock_nested’ 2024-02-23T15:39:05.7603177Z 586 | unix_state_lock_nested(sk1); 2024-02-23T15:39:05.7605189Z | ^~~~~~~~~~~~~~~~~~~~~~ 2024-02-23T15:39:05.7606765Z ./include/net/af_unix.h:77:20: note: declared here 2024-02-23T15:39:05.7608497Z 77 | static inline void unix_state_lock_nested(struct sock *sk, 2024-02-23T15:39:05.7610208Z | ^~~~~~~~~~~~~~~~~~~~~~ 2024-02-23T15:39:05.8002385Z make[2]: *** [scripts/Makefile.build:262: security/apparmor/af_unix.o] Error 1 2024-02-23T15:39:05.8005077Z make[2]: *** Waiting for unfinished jobs.... 2024-02-23T15:39:05.8094726Z CC crypto/scatterwalk.o 2024-02-23T15:39:05.9082621Z CC [M] fs/btrfs/sysfs.o 2024-02-23T15:39:06.2502316Z CC kernel/nsproxy.o 2024-02-23T15:39:06.4094246Z make[1]: *** [scripts/Makefile.build:497: security/apparmor] Error 2 2024-02-23T15:39:06.4207119Z make: *** [Makefile:1750: security] Error 2 2024-02-23T15:39:06.4208636Z CC kernel/notifier.o 2024-02-23T15:39:06.4210296Z make: *** Waiting for unfinished jobs.... 2024-02-23T15:39:06.8604827Z CC crypto/proc.o -- Best, Philip

1 year, 6 months

2
7
0 0

[PATCH 6.6.y 0/6] Delay VERW - 6.6.y backport

by Pawan Gupta

This is the backport of recently upstreamed series that moves VERW execution to a later point in exit-to-user path. This is needed because in some cases it may be possible for data accessed after VERW executions may end into MDS affected CPU buffers. Moving VERW closer to ring transition reduces the attack surface. Patch 1/6 includes a minor fix that is queued for upstream: https://lore.kernel.org/lkml/170899674562.398.6398007479766564897.tip-bot2@… Patch 2/6 needed a conflict to be resolved for the hunk swapgs_restore_regs_and_return_to_usermode. This is only compile and boot tested on qemu. Cc: Dave Hansen <dave.hansen(a)linux.intel.com> To: stable(a)vger.kernel.org Signed-off-by: Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> --- Pawan Gupta (5): x86/bugs: Add asm helpers for executing VERW x86/entry_64: Add VERW just before userspace transition x86/entry_32: Add VERW just before userspace transition x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key KVM/VMX: Move VERW closer to VMentry for MDS mitigation Sean Christopherson (1): KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH Documentation/arch/x86/mds.rst | 38 +++++++++++++++++++++++++----------- arch/x86/entry/entry.S | 23 ++++++++++++++++++++++ arch/x86/entry/entry_32.S | 3 +++ arch/x86/entry/entry_64.S | 11 +++++++++++ arch/x86/entry/entry_64_compat.S | 1 + arch/x86/include/asm/cpufeatures.h | 2 +- arch/x86/include/asm/entry-common.h | 1 - arch/x86/include/asm/nospec-branch.h | 25 ++++++++++++------------ arch/x86/kernel/cpu/bugs.c | 15 ++++++-------- arch/x86/kernel/nmi.c | 3 --- arch/x86/kvm/vmx/run_flags.h | 7 +++++-- arch/x86/kvm/vmx/vmenter.S | 9 ++++++--- arch/x86/kvm/vmx/vmx.c | 20 +++++++++++++++---- 13 files changed, 112 insertions(+), 46 deletions(-) --- base-commit: d8a27ea2c98685cdaa5fa66c809c7069a4ff394b change-id: 20240226-delay-verw-backport-6-6-y-2cda3298e600

1 year, 6 months

2
9
0 0

[PATCH] block: ataflop: more blk-mq refactoring fixes

by Michael Schmitz

[ commit d28e4dff085c5a87025c9a0a85fb798bd8e9ca17 upstream ] As it turns out, my earlier patch in commit 86d46fdaa12a (block: ataflop: fix breakage introduced at blk-mq refactoring) was incomplete. This patch fixes any remaining issues found during more testing and code review. Requests exceeding 4 k are handled in 4k segments but __blk_mq_end_request() is never called on these (still sectors outstanding on the request). With redo_fd_request() removed, there is no provision to kick off processing of the next segment, causing requests exceeding 4k to hang. (By setting /sys/block/fd0/queue/max_sectors_k <= 4 as workaround, this behaviour can be avoided). Instead of reintroducing redo_fd_request(), requeue the remainder of the request by calling blk_mq_requeue_request() on incomplete requests (i.e. when blk_update_request() still returns true), and rely on the block layer to queue the residual as new request. Both error handling and formatting needs to release the ST-DMA lock, so call finish_fdc() on these (this was previously handled by redo_fd_request()). finish_fdc() may be called legitimately without the ST-DMA lock held - make sure we only release the lock if we actually held it. In a similar way, early exit due to errors in ataflop_queue_rq() must release the lock. After minor errors, fd_error sets up to recalibrate the drive but never re-runs the current operation (another task handled by redo_fd_request() before). Call do_fd_action() to get the next steps (seek, retry read/write) underway. Signed-off-by: Michael Schmitz <schmitzmic(a)gmail.com> Fixes: 6ec3938cff95f (ataflop: convert to blk-mq) Fixes: 86d46fdaa12a (block: ataflop: fix breakage introduced at blk-mq refactoring) CC: stable(a)vger.kernel.org # 5.10.x Link: https://lore.kernel.org/r/20211024002013.9332-1-schmitzmic@gmail.com Signed-off-by: Jens Axboe <axboe(a)kernel.dk> [MSch: v5.10 backport merge conflict fix] --- drivers/block/ataflop.c | 42 ++++++++++++++++++++++++++++++++++++----- 1 file changed, 37 insertions(+), 5 deletions(-) diff --git a/drivers/block/ataflop.c b/drivers/block/ataflop.c index cd612cd04767..224450c90e45 100644 --- a/drivers/block/ataflop.c +++ b/drivers/block/ataflop.c @@ -456,10 +456,20 @@ static DEFINE_TIMER(fd_timer, check_change); static void fd_end_request_cur(blk_status_t err) { + DPRINT(("fd_end_request_cur(), bytes %d of %d\n", + blk_rq_cur_bytes(fd_request), + blk_rq_bytes(fd_request))); + if (!blk_update_request(fd_request, err, blk_rq_cur_bytes(fd_request))) { + DPRINT(("calling __blk_mq_end_request()\n")); __blk_mq_end_request(fd_request, err); fd_request = NULL; + } else { + /* requeue rest of request */ + DPRINT(("calling blk_mq_requeue_request()\n")); + blk_mq_requeue_request(fd_request, true); + fd_request = NULL; } } @@ -697,12 +707,21 @@ static void fd_error( void ) if (fd_request->error_count >= MAX_ERRORS) { printk(KERN_ERR "fd%d: too many errors.\n", SelectedDrive ); fd_end_request_cur(BLK_STS_IOERR); + finish_fdc(); + return; } else if (fd_request->error_count == RECALIBRATE_ERRORS) { printk(KERN_WARNING "fd%d: recalibrating\n", SelectedDrive ); if (SelectedDrive != -1) SUD.track = -1; } + /* need to re-run request to recalibrate */ + atari_disable_irq( IRQ_MFP_FDC ); + + setup_req_params( SelectedDrive ); + do_fd_action( SelectedDrive ); + + atari_enable_irq( IRQ_MFP_FDC ); } @@ -737,6 +756,7 @@ static int do_format(int drive, int type, struct atari_format_descr *desc) if (type) { if (--type >= NUM_DISK_MINORS || minor2disktype[type].drive_types > DriveType) { + finish_fdc(); ret = -EINVAL; goto out; } @@ -745,6 +765,7 @@ static int do_format(int drive, int type, struct atari_format_descr *desc) } if (!UDT || desc->track >= UDT->blocks/UDT->spt/2 || desc->head >= 2) { + finish_fdc(); ret = -EINVAL; goto out; } @@ -785,6 +806,7 @@ static int do_format(int drive, int type, struct atari_format_descr *desc) wait_for_completion(&format_wait); + finish_fdc(); ret = FormatError ? -EIO : 0; out: blk_mq_unquiesce_queue(q); @@ -819,6 +841,7 @@ static void do_fd_action( int drive ) else { /* all sectors finished */ fd_end_request_cur(BLK_STS_OK); + finish_fdc(); return; } } @@ -1222,8 +1245,8 @@ static void fd_rwsec_done1(int status) } else { /* all sectors finished */ - finish_fdc(); fd_end_request_cur(BLK_STS_OK); + finish_fdc(); } return; @@ -1345,7 +1368,7 @@ static void fd_times_out(struct timer_list *unused) static void finish_fdc( void ) { - if (!NeedSeek) { + if (!NeedSeek || !stdma_is_locked_by(floppy_irq)) { finish_fdc_done( 0 ); } else { @@ -1380,7 +1403,8 @@ static void finish_fdc_done( int dummy ) start_motor_off_timer(); local_irq_save(flags); - stdma_release(); + if (stdma_is_locked_by(floppy_irq)) + stdma_release(); local_irq_restore(flags); DPRINT(("finish_fdc() finished\n")); @@ -1477,7 +1501,9 @@ static blk_status_t ataflop_queue_rq(struct blk_mq_hw_ctx *hctx, int drive = floppy - unit; int type = floppy->type; - DPRINT(("Queue request: drive %d type %d last %d\n", drive, type, bd->last)); + DPRINT(("Queue request: drive %d type %d sectors %d of %d last %d\n", + drive, type, blk_rq_cur_sectors(bd->rq), + blk_rq_sectors(bd->rq), bd->last)); spin_lock_irq(&ataflop_lock); if (fd_request) { @@ -1499,6 +1525,7 @@ static blk_status_t ataflop_queue_rq(struct blk_mq_hw_ctx *hctx, /* drive not connected */ printk(KERN_ERR "Unknown Device: fd%d\n", drive ); fd_end_request_cur(BLK_STS_IOERR); + stdma_release(); goto out; } @@ -1515,11 +1542,13 @@ static blk_status_t ataflop_queue_rq(struct blk_mq_hw_ctx *hctx, if (--type >= NUM_DISK_MINORS) { printk(KERN_WARNING "fd%d: invalid disk format", drive ); fd_end_request_cur(BLK_STS_IOERR); + stdma_release(); goto out; } if (minor2disktype[type].drive_types > DriveType) { printk(KERN_WARNING "fd%d: unsupported disk format", drive ); fd_end_request_cur(BLK_STS_IOERR); + stdma_release(); goto out; } type = minor2disktype[type].index; @@ -1620,6 +1649,7 @@ static int fd_locked_ioctl(struct block_device *bdev, fmode_t mode, /* what if type > 0 here? Overwrite specified entry ? */ if (type) { /* refuse to re-set a predefined type for now */ + finish_fdc(); return -EINVAL; } @@ -1687,8 +1717,10 @@ static int fd_locked_ioctl(struct block_device *bdev, fmode_t mode, /* sanity check */ if (setprm.track != dtp->blocks/dtp->spt/2 || - setprm.head != 2) + setprm.head != 2) { + finish_fdc(); return -EINVAL; + } UDT = dtp; set_capacity(floppy->disk, UDT->blocks); -- 2.17.1

1 year, 6 months

2
1
0 0

[PATCH 4.19.y 0/2] KVM: arm64: VGIC ITS fix backports

by Oliver Upton

Oliver Upton (2): KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler virt/kvm/arm/vgic/vgic-its.c | 5 +++++ 1 file changed, 5 insertions(+) base-commit: ab219d38aef198d26083cc800954d352acd5137b -- 2.44.0.rc1.240.g4c46232300-goog

1 year, 6 months

2
3
0 0

FAILED: patch "[PATCH] mm/zswap: invalidate duplicate entry when !zswap_enabled" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 678e54d4bb9a4822f8ae99690ac131c5d490cdb1 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022622-resent-ripeness-43f1@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: 678e54d4bb9a ("mm/zswap: invalidate duplicate entry when !zswap_enabled") a65b0e7607cc ("zswap: make shrinking memcg-aware") ddc1a5cbc05d ("mempolicy: alloc_pages_mpol() for NUMA policy without vma") 23e4883248f0 ("mm: add page_rmappable_folio() wrapper") c36f6e6dff4d ("mempolicy trivia: slightly more consistent naming") 7f1ee4e20708 ("mempolicy trivia: delete those ancient pr_debug()s") 1cb5d11a370f ("mempolicy: fix migrate_pages(2) syscall return nr_failed") 3657fdc2451a ("mm: move vma_policy() and anon_vma_name() decls to mm_types.h") 3022fd7af960 ("shmem: _add_to_page_cache() before shmem_inode_acct_blocks()") 054a9f7ccd0a ("shmem: move memcg charge out of shmem_add_to_page_cache()") 4199f51a7eb2 ("shmem: shmem_acct_blocks() and shmem_inode_acct_blocks()") e3e1a5067fd2 ("shmem: remove vma arg from shmem_get_folio_gfp()") 75c70128a673 ("mm: mempolicy: make mpol_misplaced() to take a folio") cda6d93672ac ("mm: memory: make numa_migrate_prep() to take a folio") 6695cf68b15c ("mm: memory: use a folio in do_numa_page()") 667ffc31aa95 ("mm: huge_memory: use a folio in do_huge_pmd_numa_page()") 73eab3ca481e ("mm: migrate: convert migrate_misplaced_page() to migrate_misplaced_folio()") 2ac9e99f3b21 ("mm: migrate: convert numamigrate_isolate_page() to numamigrate_isolate_folio()") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 678e54d4bb9a4822f8ae99690ac131c5d490cdb1 Mon Sep 17 00:00:00 2001 From: Chengming Zhou <zhouchengming(a)bytedance.com> Date: Thu, 8 Feb 2024 02:32:54 +0000 Subject: [PATCH] mm/zswap: invalidate duplicate entry when !zswap_enabled We have to invalidate any duplicate entry even when !zswap_enabled since zswap can be disabled anytime. If the folio store success before, then got dirtied again but zswap disabled, we won't invalidate the old duplicate entry in the zswap_store(). So later lru writeback may overwrite the new data in swapfile. Link: https://lkml.kernel.org/r/20240208023254.3873823-1-chengming.zhou@linux.dev Fixes: 42c06a0e8ebe ("mm: kill frontswap") Signed-off-by: Chengming Zhou <zhouchengming(a)bytedance.com> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Nhat Pham <nphamcs(a)gmail.com> Cc: Yosry Ahmed <yosryahmed(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/zswap.c b/mm/zswap.c index 36903d938c15..db4625af65fb 100644 --- a/mm/zswap.c +++ b/mm/zswap.c @@ -1518,7 +1518,7 @@ bool zswap_store(struct folio *folio) if (folio_test_large(folio)) return false; - if (!zswap_enabled || !tree) + if (!tree) return false; /* @@ -1533,6 +1533,10 @@ bool zswap_store(struct folio *folio) zswap_invalidate_entry(tree, dupentry); } spin_unlock(&tree->lock); + + if (!zswap_enabled) + return false; + objcg = get_obj_cgroup_from_folio(folio); if (objcg && !obj_cgroup_may_zswap(objcg)) { memcg = get_mem_cgroup_from_objcg(objcg);

1 year, 6 months

4
3
0 0

FAILED: patch "[PATCH] PCI/MSI: Prevent MSI hardware interrupt number truncation" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x db744ddd59be798c2627efbfc71f707f5a935a40 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022609-womanless-imprison-678c@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: db744ddd59be ("PCI/MSI: Prevent MSI hardware interrupt number truncation") aa423ac4221a ("PCI/MSI: Split out irqdomain code") a01e09ef1237 ("PCI/MSI: Split out !IRQDOMAIN code") 54324c2f3d72 ("PCI/MSI: Split out CONFIG_PCI_MSI independent part") 288c81ce4be7 ("PCI/MSI: Move code into a separate directory") 29a03ada4a00 ("PCI/MSI: Cleanup include zoo") ae72f3156729 ("PCI/MSI: Make arch_restore_msi_irqs() less horrible.") e58f2259b91c ("genirq/msi, treewide: Use a named struct for PCI/MSI attributes") ade044a3d0f0 ("PCI/MSI: Remove msi_desc_to_pci_sysdata()") 9e8688c5f299 ("PCI/MSI: Make pci_msi_domain_write_msg() static") 29bbc35e29d9 ("PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()") c36e33e2f477 ("Merge tag 'irq-urgent-2021-11-14' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From db744ddd59be798c2627efbfc71f707f5a935a40 Mon Sep 17 00:00:00 2001 From: Vidya Sagar <vidyas(a)nvidia.com> Date: Mon, 15 Jan 2024 19:26:49 +0530 Subject: [PATCH] PCI/MSI: Prevent MSI hardware interrupt number truncation While calculating the hardware interrupt number for a MSI interrupt, the higher bits (i.e. from bit-5 onwards a.k.a domain_nr >= 32) of the PCI domain number gets truncated because of the shifted value casting to return type of pci_domain_nr() which is 'int'. This for example is resulting in same hardware interrupt number for devices 0019:00:00.0 and 0039:00:00.0. To address this cast the PCI domain number to 'irq_hw_number_t' before left shifting it to calculate the hardware interrupt number. Please note that this fixes the issue only on 64-bit systems and doesn't change the behavior for 32-bit systems i.e. the 32-bit systems continue to have the issue. Since the issue surfaces only if there are too many PCIe controllers in the system which usually is the case in modern server systems and they don't tend to run 32-bit kernels. Fixes: 3878eaefb89a ("PCI/MSI: Enhance core to support hierarchy irqdomain") Signed-off-by: Vidya Sagar <vidyas(a)nvidia.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Tested-by: Shanker Donthineni <sdonthineni(a)nvidia.com> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/20240115135649.708536-1-vidyas@nvidia.com diff --git a/drivers/pci/msi/irqdomain.c b/drivers/pci/msi/irqdomain.c index c8be056c248d..cfd84a899c82 100644 --- a/drivers/pci/msi/irqdomain.c +++ b/drivers/pci/msi/irqdomain.c @@ -61,7 +61,7 @@ static irq_hw_number_t pci_msi_domain_calc_hwirq(struct msi_desc *desc) return (irq_hw_number_t)desc->msi_index | pci_dev_id(dev) << 11 | - (pci_domain_nr(dev->bus) & 0xFFFFFFFF) << 27; + ((irq_hw_number_t)(pci_domain_nr(dev->bus) & 0xFFFFFFFF)) << 27; } static void pci_msi_domain_set_desc(msi_alloc_info_t *arg,

1 year, 6 months

3
2
0 0

[PATCH 5.15.y] cifs: fix mid leak during reconnection after timeout threshold

by Harshit Mogalapalli

From: Shyam Prasad N <nspmangalore(a)gmail.com> commit 69cba9d3c1284e0838ae408830a02c4a063104bc upstream. When the number of responses with status of STATUS_IO_TIMEOUT exceeds a specified threshold (NUM_STATUS_IO_TIMEOUT), we reconnect the connection. But we do not return the mid, or the credits returned for the mid, or reduce the number of in-flight requests. This bug could result in the server->in_flight count to go bad, and also cause a leak in the mids. This change moves the check to a few lines below where the response is decrypted, even of the response is read from the transform header. This way, the code for returning the mids can be reused. Also, the cifs_reconnect was reconnecting just the transport connection before. In case of multi-channel, this may not be what we want to do after several timeouts. Changed that to reconnect the session and the tree too. Also renamed NUM_STATUS_IO_TIMEOUT to a more appropriate name MAX_STATUS_IO_TIMEOUT. Fixes: 8e670f77c4a5 ("Handle STATUS_IO_TIMEOUT gracefully") Signed-off-by: Shyam Prasad N <sprasad(a)microsoft.com> Signed-off-by: Steve French <stfrench(a)microsoft.com> [Harshit: Backport to 5.15.y] Conflicts: fs/cifs/connect.c -- 5.15.y doesn't have commit 183eea2ee5ba ("cifs: reconnect only the connection and not smb session where possible") -- User cifs_reconnect(server) instead of cifs_reconnect(server, true) Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> --- Would be nice to get a review from author/maintainer of the upstream patch. A backport request was made previously but the patch didnot apply cleanly then: https://lore.kernel.org/all/CANT5p=oPGnCd4H5ppMbAiHsAKMor3LT_aQRqU7tKu=q6q1… xfstests with cifs done: before and after patching with this patch on 5.15.149. There is no change in test results before and after the patch. Ran: cifs/001 generic/001 generic/002 generic/005 generic/006 generic/007 generic/010 generic/011 generic/013 generic/014 generic/023 generic/024 generic/028 generic/029 generic/030 generic/036 generic/069 generic/074 generic/075 generic/084 generic/091 generic/095 generic/098 generic/100 generic/109 generic/112 generic/113 generic/124 generic/127 generic/129 generic/130 generic/132 generic/133 generic/135 generic/141 generic/169 generic/198 generic/207 generic/208 generic/210 generic/211 generic/212 generic/221 generic/239 generic/241 generic/245 generic/246 generic/247 generic/248 generic/249 generic/257 generic/263 generic/285 generic/286 generic/308 generic/309 generic/310 generic/315 generic/323 generic/339 generic/340 generic/344 generic/345 generic/346 generic/354 generic/360 generic/393 generic/394 Not run: generic/010 generic/286 generic/315 Failures: generic/075 generic/112 generic/127 generic/285 Failed 4 of 68 tests SECTION -- smb3 ========================= Ran: cifs/001 generic/001 generic/002 generic/005 generic/006 generic/007 generic/010 generic/011 generic/013 generic/014 generic/023 generic/024 generic/028 generic/029 generic/030 generic/036 generic/069 generic/074 generic/075 generic/084 generic/091 generic/095 generic/098 generic/100 generic/109 generic/112 generic/113 generic/124 generic/127 generic/129 generic/130 generic/132 generic/133 generic/135 generic/141 generic/169 generic/198 generic/207 generic/208 generic/210 generic/211 generic/212 generic/221 generic/239 generic/241 generic/245 generic/246 generic/247 generic/248 generic/249 generic/257 generic/263 generic/285 generic/286 generic/308 generic/309 generic/310 generic/315 generic/323 generic/339 generic/340 generic/344 generic/345 generic/346 generic/354 generic/360 generic/393 generic/394 Not run: generic/010 generic/014 generic/129 generic/130 generic/239 Failures: generic/075 generic/091 generic/112 generic/127 generic/263 generic/285 generic/286 Failed 7 of 68 tests SECTION -- smb21 ========================= Ran: cifs/001 generic/001 generic/002 generic/005 generic/006 generic/007 generic/010 generic/011 generic/013 generic/014 generic/023 generic/024 generic/028 generic/029 generic/030 generic/036 generic/069 generic/074 generic/075 generic/084 generic/091 generic/095 generic/098 generic/100 generic/109 generic/112 generic/113 generic/124 generic/127 generic/129 generic/130 generic/132 generic/133 generic/135 generic/141 generic/169 generic/198 generic/207 generic/208 generic/210 generic/211 generic/212 generic/221 generic/239 generic/241 generic/245 generic/246 generic/247 generic/248 generic/249 generic/257 generic/263 generic/285 generic/286 generic/308 generic/309 generic/310 generic/315 generic/323 generic/339 generic/340 generic/344 generic/345 generic/346 generic/354 generic/360 generic/393 generic/394 Not run: generic/010 generic/014 generic/129 generic/130 generic/239 generic/286 generic/315 Failures: generic/075 generic/112 generic/127 generic/285 Failed 4 of 68 tests SECTION -- smb2 ========================= Ran: cifs/001 generic/001 generic/002 generic/005 generic/006 generic/007 generic/010 generic/011 generic/013 generic/014 generic/023 generic/024 generic/028 generic/029 generic/030 generic/036 generic/069 generic/074 generic/075 generic/084 generic/091 generic/095 generic/098 generic/100 generic/109 generic/112 generic/113 generic/124 generic/127 generic/129 generic/130 generic/132 generic/133 generic/135 generic/141 generic/169 generic/198 generic/207 generic/208 generic/210 generic/211 generic/212 generic/221 generic/239 generic/241 generic/245 generic/246 generic/247 generic/248 generic/249 generic/257 generic/263 generic/285 generic/286 generic/308 generic/309 generic/310 generic/315 generic/323 generic/339 generic/340 generic/344 generic/345 generic/346 generic/354 generic/360 generic/393 generic/394 Not run: generic/010 generic/286 generic/315 Failures: generic/075 generic/112 generic/127 generic/285 Failed 4 of 68 tests --- fs/cifs/connect.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index a521c705b0d7..a3e4811b7871 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -59,7 +59,7 @@ extern bool disable_legacy_dialects; #define TLINK_IDLE_EXPIRE (600 * HZ) /* Drop the connection to not overload the server */ -#define NUM_STATUS_IO_TIMEOUT 5 +#define MAX_STATUS_IO_TIMEOUT 5 struct mount_ctx { struct cifs_sb_info *cifs_sb; @@ -965,6 +965,7 @@ cifs_demultiplex_thread(void *p) struct mid_q_entry *mids[MAX_COMPOUND]; char *bufs[MAX_COMPOUND]; unsigned int noreclaim_flag, num_io_timeout = 0; + bool pending_reconnect = false; noreclaim_flag = memalloc_noreclaim_save(); cifs_dbg(FYI, "Demultiplex PID: %d\n", task_pid_nr(current)); @@ -1004,6 +1005,8 @@ cifs_demultiplex_thread(void *p) cifs_dbg(FYI, "RFC1002 header 0x%x\n", pdu_length); if (!is_smb_response(server, buf[0])) continue; + + pending_reconnect = false; next_pdu: server->pdu_size = pdu_length; @@ -1063,10 +1066,13 @@ cifs_demultiplex_thread(void *p) if (server->ops->is_status_io_timeout && server->ops->is_status_io_timeout(buf)) { num_io_timeout++; - if (num_io_timeout > NUM_STATUS_IO_TIMEOUT) { - cifs_reconnect(server); + if (num_io_timeout > MAX_STATUS_IO_TIMEOUT) { + cifs_server_dbg(VFS, + "Number of request timeouts exceeded %d. Reconnecting", + MAX_STATUS_IO_TIMEOUT); + + pending_reconnect = true; num_io_timeout = 0; - continue; } } @@ -1113,6 +1119,11 @@ cifs_demultiplex_thread(void *p) buf = server->smallbuf; goto next_pdu; } + + /* do this reconnect at the very end after processing all MIDs */ + if (pending_reconnect) + cifs_reconnect(server); + } /* end while !EXITING */ /* buffer usually freed in free_mid - need to free it here on exit */ -- 2.43.0

1 year, 6 months

3
2
0 0

FAILED: patch "[PATCH] mm: zswap: fix missing folio cleanup in writeback race path" failed to apply to 6.7-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.7-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.7.y git checkout FETCH_HEAD git cherry-pick -x e3b63e966cac0bf78aaa1efede1827a252815a1d # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022610-amino-basically-add3@gregkh' --subject-prefix 'PATCH 6.7.y' HEAD^.. Possible dependencies: e3b63e966cac ("mm: zswap: fix missing folio cleanup in writeback race path") 96c7b0b42239 ("mm: return the folio from __read_swap_cache_async()") e947ba0bbf47 ("mm/zswap: cleanup zswap_writeback_entry()") 32acba4c0483 ("mm/zswap: refactor out __zswap_load()") c75f5c1e0f1d ("mm/zswap: reuse dstmem when decompress") b5ba474f3f51 ("zswap: shrink zswap pool based on memory pressure") a65b0e7607cc ("zswap: make shrinking memcg-aware") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e3b63e966cac0bf78aaa1efede1827a252815a1d Mon Sep 17 00:00:00 2001 From: Yosry Ahmed <yosryahmed(a)google.com> Date: Thu, 25 Jan 2024 08:51:27 +0000 Subject: [PATCH] mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that the swap entry was not invalidated and recycled. If it was, we delete the folio we just added to the swap cache and exit. However, __read_swap_cache_async() returns the folio locked when it is newly allocated, which is always true for this path, and the folio is ref'd. Make sure to unlock and put the folio before returning. This was discovered by code inspection, probably because this path handles a race condition that should not happen often, and the bug would not crash the system, it will only strand the folio indefinitely. Link: https://lkml.kernel.org/r/20240125085127.1327013-1-yosryahmed@google.com Fixes: 04fc7816089c ("mm: fix zswap writeback race condition") Signed-off-by: Yosry Ahmed <yosryahmed(a)google.com> Reviewed-by: Chengming Zhou <zhouchengming(a)bytedance.com> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Reviewed-by: Nhat Pham <nphamcs(a)gmail.com> Cc: Domenico Cerasuolo <cerasuolodomenico(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/zswap.c b/mm/zswap.c index 350dd2fc8159..d2423247acfd 100644 --- a/mm/zswap.c +++ b/mm/zswap.c @@ -1440,6 +1440,8 @@ static int zswap_writeback_entry(struct zswap_entry *entry, if (zswap_rb_search(&tree->rbroot, swp_offset(entry->swpentry)) != entry) { spin_unlock(&tree->lock); delete_from_swap_cache(folio); + folio_unlock(folio); + folio_put(folio); return -ENOMEM; } spin_unlock(&tree->lock);

1 year, 6 months

3
4
0 0

[PATCH v4 2/2] fs/aio: Make io_cancel() generate completions again

by Bart Van Assche

The following patch accidentally removed the code for delivering completions for cancelled reads and writes to user space: "[PATCH 04/33] aio: remove retry-based AIO" (https://lore.kernel.org/all/1363883754-27966-5-git-send-email-koverstreet@g…) From that patch: - if (kiocbIsCancelled(iocb)) { - ret = -EINTR; - aio_complete(iocb, ret, 0); - /* must not access the iocb after this */ - goto out; - } This leads to a leak in user space of a struct iocb. Hence this patch that restores the code that reports to user space that a read or write has been cancelled successfully. Fixes: 41003a7bcfed ("aio: remove retry-based AIO") Cc: Christoph Hellwig <hch(a)lst.de> Cc: Avi Kivity <avi(a)scylladb.com> Cc: Sandeep Dhavale <dhavale(a)google.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Kent Overstreet <kent.overstreet(a)linux.dev> Cc: <stable(a)vger.kernel.org> Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> --- fs/aio.c | 27 +++++++++++---------------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/fs/aio.c b/fs/aio.c index da18dbcfcb22..28223f511931 100644 --- a/fs/aio.c +++ b/fs/aio.c @@ -2165,14 +2165,11 @@ COMPAT_SYSCALL_DEFINE3(io_submit, compat_aio_context_t, ctx_id, #endif /* sys_io_cancel: - * Attempts to cancel an iocb previously passed to io_submit. If - * the operation is successfully cancelled, the resulting event is - * copied into the memory pointed to by result without being placed - * into the completion queue and 0 is returned. May fail with - * -EFAULT if any of the data structures pointed to are invalid. - * May fail with -EINVAL if aio_context specified by ctx_id is - * invalid. May fail with -EAGAIN if the iocb specified was not - * cancelled. Will fail with -ENOSYS if not implemented. + * Attempts to cancel an iocb previously passed to io_submit(). If the + * operation is successfully cancelled 0 is returned. May fail with + * -EFAULT if any of the data structures pointed to are invalid. May + * fail with -EINVAL if aio_context specified by ctx_id is invalid. Will + * fail with -ENOSYS if not implemented. */ SYSCALL_DEFINE3(io_cancel, aio_context_t, ctx_id, struct iocb __user *, iocb, struct io_event __user *, result) @@ -2203,14 +2200,12 @@ SYSCALL_DEFINE3(io_cancel, aio_context_t, ctx_id, struct iocb __user *, iocb, } spin_unlock_irq(&ctx->ctx_lock); - if (!ret) { - /* - * The result argument is no longer used - the io_event is - * always delivered via the ring buffer. -EINPROGRESS indicates - * cancellation is progress: - */ - ret = -EINPROGRESS; - } + /* + * The result argument is no longer used - the io_event is always + * delivered via the ring buffer. + */ + if (ret == 0 && kiocb->rw.ki_flags & IOCB_AIO_RW) + aio_complete_rw(&kiocb->rw, -EINTR); percpu_ref_put(&ctx->users);

1 year, 6 months

3
4
0 0

[PATCH 6.1.y 1/2] erofs: simplify compression configuration parser

by Yue Hu

From: Gao Xiang <hsiangkao(a)linux.alibaba.com> [ Upstream commit efb4fb02cef3ab410b603c8f0e1c67f61d55f542 ] Move erofs_load_compr_cfgs() into decompressor.c as well as introduce a callback instead of a hard-coded switch for each algorithm for simplicity. Reviewed-by: Chao Yu <chao(a)kernel.org> Signed-off-by: Gao Xiang <hsiangkao(a)linux.alibaba.com> Link: https://lore.kernel.org/r/20231022130957.11398-1-xiang@kernel.org Stable-dep-of: 118a8cf504d7 ("erofs: fix inconsistent per-file compression format") Signed-off-by: Yue Hu <huyue2(a)coolpad.com> --- fs/erofs/compress.h | 4 ++ fs/erofs/decompressor.c | 60 ++++++++++++++++++++++++++++-- fs/erofs/decompressor_lzma.c | 4 +- fs/erofs/internal.h | 28 ++------------ fs/erofs/super.c | 72 +++++------------------------------- 5 files changed, 76 insertions(+), 92 deletions(-) diff --git a/fs/erofs/compress.h b/fs/erofs/compress.h index 26fa170090b8..c4a3187bdb8f 100644 --- a/fs/erofs/compress.h +++ b/fs/erofs/compress.h @@ -21,6 +21,8 @@ struct z_erofs_decompress_req { }; struct z_erofs_decompressor { + int (*config)(struct super_block *sb, struct erofs_super_block *dsb, + void *data, int size); int (*decompress)(struct z_erofs_decompress_req *rq, struct page **pagepool); char *name; @@ -93,6 +95,8 @@ int z_erofs_decompress(struct z_erofs_decompress_req *rq, struct page **pagepool); /* prototypes for specific algorithms */ +int z_erofs_load_lzma_config(struct super_block *sb, + struct erofs_super_block *dsb, void *data, int size); int z_erofs_lzma_decompress(struct z_erofs_decompress_req *rq, struct page **pagepool); #endif diff --git a/fs/erofs/decompressor.c b/fs/erofs/decompressor.c index 0cfad74374ca..ae3cfd018d99 100644 --- a/fs/erofs/decompressor.c +++ b/fs/erofs/decompressor.c @@ -24,11 +24,11 @@ struct z_erofs_lz4_decompress_ctx { unsigned int oend; }; -int z_erofs_load_lz4_config(struct super_block *sb, - struct erofs_super_block *dsb, - struct z_erofs_lz4_cfgs *lz4, int size) +static int z_erofs_load_lz4_config(struct super_block *sb, + struct erofs_super_block *dsb, void *data, int size) { struct erofs_sb_info *sbi = EROFS_SB(sb); + struct z_erofs_lz4_cfgs *lz4 = data; u16 distance; if (lz4) { @@ -374,17 +374,71 @@ static struct z_erofs_decompressor decompressors[] = { .name = "interlaced" }, [Z_EROFS_COMPRESSION_LZ4] = { + .config = z_erofs_load_lz4_config, .decompress = z_erofs_lz4_decompress, .name = "lz4" }, #ifdef CONFIG_EROFS_FS_ZIP_LZMA [Z_EROFS_COMPRESSION_LZMA] = { + .config = z_erofs_load_lzma_config, .decompress = z_erofs_lzma_decompress, .name = "lzma" }, #endif }; +int z_erofs_parse_cfgs(struct super_block *sb, struct erofs_super_block *dsb) +{ + struct erofs_sb_info *sbi = EROFS_SB(sb); + struct erofs_buf buf = __EROFS_BUF_INITIALIZER; + unsigned int algs, alg; + erofs_off_t offset; + int size, ret = 0; + + if (!erofs_sb_has_compr_cfgs(sbi)) { + sbi->available_compr_algs = Z_EROFS_COMPRESSION_LZ4; + return z_erofs_load_lz4_config(sb, dsb, NULL, 0); + } + + sbi->available_compr_algs = le16_to_cpu(dsb->u1.available_compr_algs); + if (sbi->available_compr_algs & ~Z_EROFS_ALL_COMPR_ALGS) { + erofs_err(sb, "unidentified algorithms %x, please upgrade kernel", + sbi->available_compr_algs & ~Z_EROFS_ALL_COMPR_ALGS); + return -EOPNOTSUPP; + } + + offset = EROFS_SUPER_OFFSET + sbi->sb_size; + alg = 0; + for (algs = sbi->available_compr_algs; algs; algs >>= 1, ++alg) { + void *data; + + if (!(algs & 1)) + continue; + + data = erofs_read_metadata(sb, &buf, &offset, &size); + if (IS_ERR(data)) { + ret = PTR_ERR(data); + break; + } + + if (alg >= ARRAY_SIZE(decompressors) || + !decompressors[alg].config) { + erofs_err(sb, "algorithm %d isn't enabled on this kernel", + alg); + ret = -EOPNOTSUPP; + } else { + ret = decompressors[alg].config(sb, + dsb, data, size); + } + + kfree(data); + if (ret) + break; + } + erofs_put_metabuf(&buf); + return ret; +} + int z_erofs_decompress(struct z_erofs_decompress_req *rq, struct page **pagepool) { diff --git a/fs/erofs/decompressor_lzma.c b/fs/erofs/decompressor_lzma.c index 49addc345aeb..970464c4b676 100644 --- a/fs/erofs/decompressor_lzma.c +++ b/fs/erofs/decompressor_lzma.c @@ -72,10 +72,10 @@ int z_erofs_lzma_init(void) } int z_erofs_load_lzma_config(struct super_block *sb, - struct erofs_super_block *dsb, - struct z_erofs_lzma_cfgs *lzma, int size) + struct erofs_super_block *dsb, void *data, int size) { static DEFINE_MUTEX(lzma_resize_mutex); + struct z_erofs_lzma_cfgs *lzma = data; unsigned int dict_size, i; struct z_erofs_lzma *strm, *head = NULL; int err; diff --git a/fs/erofs/internal.h b/fs/erofs/internal.h index d8d09fc3ed65..79a7a5815ea6 100644 --- a/fs/erofs/internal.h +++ b/fs/erofs/internal.h @@ -471,6 +471,8 @@ struct erofs_map_dev { /* data.c */ extern const struct file_operations erofs_file_fops; +void *erofs_read_metadata(struct super_block *sb, struct erofs_buf *buf, + erofs_off_t *offset, int *lengthp); void erofs_unmap_metabuf(struct erofs_buf *buf); void erofs_put_metabuf(struct erofs_buf *buf); void *erofs_bread(struct erofs_buf *buf, struct inode *inode, @@ -565,9 +567,7 @@ void z_erofs_exit_zip_subsystem(void); int erofs_try_to_free_all_cached_pages(struct erofs_sb_info *sbi, struct erofs_workgroup *egrp); int erofs_try_to_free_cached_page(struct page *page); -int z_erofs_load_lz4_config(struct super_block *sb, - struct erofs_super_block *dsb, - struct z_erofs_lz4_cfgs *lz4, int len); +int z_erofs_parse_cfgs(struct super_block *sb, struct erofs_super_block *dsb); #else static inline void erofs_shrinker_register(struct super_block *sb) {} static inline void erofs_shrinker_unregister(struct super_block *sb) {} @@ -575,36 +575,14 @@ static inline int erofs_init_shrinker(void) { return 0; } static inline void erofs_exit_shrinker(void) {} static inline int z_erofs_init_zip_subsystem(void) { return 0; } static inline void z_erofs_exit_zip_subsystem(void) {} -static inline int z_erofs_load_lz4_config(struct super_block *sb, - struct erofs_super_block *dsb, - struct z_erofs_lz4_cfgs *lz4, int len) -{ - if (lz4 || dsb->u1.lz4_max_distance) { - erofs_err(sb, "lz4 algorithm isn't enabled"); - return -EINVAL; - } - return 0; -} #endif /* !CONFIG_EROFS_FS_ZIP */ #ifdef CONFIG_EROFS_FS_ZIP_LZMA int z_erofs_lzma_init(void); void z_erofs_lzma_exit(void); -int z_erofs_load_lzma_config(struct super_block *sb, - struct erofs_super_block *dsb, - struct z_erofs_lzma_cfgs *lzma, int size); #else static inline int z_erofs_lzma_init(void) { return 0; } static inline int z_erofs_lzma_exit(void) { return 0; } -static inline int z_erofs_load_lzma_config(struct super_block *sb, - struct erofs_super_block *dsb, - struct z_erofs_lzma_cfgs *lzma, int size) { - if (lzma) { - erofs_err(sb, "lzma algorithm isn't enabled"); - return -EINVAL; - } - return 0; -} #endif /* !CONFIG_EROFS_FS_ZIP */ /* flags for erofs_fscache_register_cookie() */ diff --git a/fs/erofs/super.c b/fs/erofs/super.c index bd8bf8fc2f5d..f2647126cb2f 100644 --- a/fs/erofs/super.c +++ b/fs/erofs/super.c @@ -126,8 +126,8 @@ static bool check_layout_compatibility(struct super_block *sb, #ifdef CONFIG_EROFS_FS_ZIP /* read variable-sized metadata, offset will be aligned by 4-byte */ -static void *erofs_read_metadata(struct super_block *sb, struct erofs_buf *buf, - erofs_off_t *offset, int *lengthp) +void *erofs_read_metadata(struct super_block *sb, struct erofs_buf *buf, + erofs_off_t *offset, int *lengthp) { u8 *buffer, *ptr; int len, i, cnt; @@ -159,64 +159,15 @@ static void *erofs_read_metadata(struct super_block *sb, struct erofs_buf *buf, } return buffer; } - -static int erofs_load_compr_cfgs(struct super_block *sb, - struct erofs_super_block *dsb) -{ - struct erofs_sb_info *sbi = EROFS_SB(sb); - struct erofs_buf buf = __EROFS_BUF_INITIALIZER; - unsigned int algs, alg; - erofs_off_t offset; - int size, ret = 0; - - sbi->available_compr_algs = le16_to_cpu(dsb->u1.available_compr_algs); - if (sbi->available_compr_algs & ~Z_EROFS_ALL_COMPR_ALGS) { - erofs_err(sb, "try to load compressed fs with unsupported algorithms %x", - sbi->available_compr_algs & ~Z_EROFS_ALL_COMPR_ALGS); - return -EINVAL; - } - - offset = EROFS_SUPER_OFFSET + sbi->sb_size; - alg = 0; - for (algs = sbi->available_compr_algs; algs; algs >>= 1, ++alg) { - void *data; - - if (!(algs & 1)) - continue; - - data = erofs_read_metadata(sb, &buf, &offset, &size); - if (IS_ERR(data)) { - ret = PTR_ERR(data); - break; - } - - switch (alg) { - case Z_EROFS_COMPRESSION_LZ4: - ret = z_erofs_load_lz4_config(sb, dsb, data, size); - break; - case Z_EROFS_COMPRESSION_LZMA: - ret = z_erofs_load_lzma_config(sb, dsb, data, size); - break; - default: - DBG_BUGON(1); - ret = -EFAULT; - } - kfree(data); - if (ret) - break; - } - erofs_put_metabuf(&buf); - return ret; -} #else -static int erofs_load_compr_cfgs(struct super_block *sb, - struct erofs_super_block *dsb) +static int z_erofs_parse_cfgs(struct super_block *sb, + struct erofs_super_block *dsb) { - if (dsb->u1.available_compr_algs) { - erofs_err(sb, "try to load compressed fs when compression is disabled"); - return -EINVAL; - } - return 0; + if (!dsb->u1.available_compr_algs) + return 0; + + erofs_err(sb, "compression disabled, unable to mount compressed EROFS"); + return -EOPNOTSUPP; } #endif @@ -398,10 +349,7 @@ static int erofs_read_superblock(struct super_block *sb) } /* parse on-disk compression configurations */ - if (erofs_sb_has_compr_cfgs(sbi)) - ret = erofs_load_compr_cfgs(sb, dsb); - else - ret = z_erofs_load_lz4_config(sb, dsb, NULL, 0); + ret = z_erofs_parse_cfgs(sb, dsb); if (ret < 0) goto out; -- 2.17.1

1 year, 6 months

3
4
0 0

[PATCH v2] nvmem: rmem: Fix return value of rmem_read()

by Joy Chakraborty

reg_read() callback registered with nvmem core expects an integer error as a return value but rmem_read() returns the number of bytes read, as a result error checks in nvmem core fail even when they shouldn't. Return 0 on success where number of bytes read match the number of bytes requested and a negative error -EINVAL on all other cases. Fixes: 5a3fa75a4d9c ("nvmem: Add driver to expose reserved memory as nvmem") Cc: stable(a)vger.kernel.org Signed-off-by: Joy Chakraborty <joychakr(a)google.com> --- drivers/nvmem/rmem.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/drivers/nvmem/rmem.c b/drivers/nvmem/rmem.c index 752d0bf4445e..a74dfa279ff4 100644 --- a/drivers/nvmem/rmem.c +++ b/drivers/nvmem/rmem.c @@ -46,7 +46,12 @@ static int rmem_read(void *context, unsigned int offset, memunmap(addr); - return count; + if (count != bytes) { + dev_err(priv->dev, "Failed read memory (%d)\n", count); + return -EINVAL; + } + + return 0; } static int rmem_probe(struct platform_device *pdev) -- 2.43.0.594.gd9cf4e227d-goog

1 year, 6 months

3
13
0 0

Re: Follow Up

by Olivia Stewart

Hi, I wanted to check with you if you had a time to go through my previous email, Let me know your thoughts about acquiring this email list Regards, *Olivia* ______________________________________________________________________________________________ Hi, I hope you are the right person to discuss about *Healthcare Leads*, which includes complete contact details, and tele-verified email addresses. Please find the Leads Breakdown Chart below: *Criteria* *Counts* *Criteria* *Counts* *Criteria* *Counts* Allergy immunology 5,064 Healthcare Technology 20,540 Plastic surgery 8,371 Anesthesiology 30,155 Nephrology 6,606 Preventive medicine 6,642 Cardiology 24,577 Neurological surgery 7,066 Psychiatry 4,315 Dermatology 8,467 Neurology 13,354 Radiology 32,763 Emergency medicine 22,300 Obgyn 35,163 Surgery 39,517 Endocrinology diabetes metabolism 3,756 Oncology 17,881 Urology 10,135 Family practice1 62,544 Ophthalmology 15,237 Physician 100,000 Gastroenterology 11,913 Orthopedics 22,145 Doctors 128,000 General practice 12,957 Other 15,559 Dentists 150,200 Geriatrics Doctors 9,634 Otolaryngology 9,539 Osteopathic 25,000 Infectious disease 5,677 Pathology 15,467 Acupuncture 5,000 Internal medicine1 120,029 Pediatrics 55,684 Chiropractors 11,000 Haematology Doctors 12,850 Physical medicine 8,437 Rheumatology 5,000 *Data Fields:* Every lead includes Name, Company, Job Title, Website, Physical Address, Industry, *Phone Number and Verified/Opt-In Email Address.* Please let me know if you have any queries about our custom opt-in list and I would love to answer them. Kindly share your thoughts. Warm Regards, *Olivia Stewart* *Marketing Executive * ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- We respect your privacy, if you want to remove it from this list. Please reply with the subject line as “Leave Out”.

1 year, 6 months

1
0
0 0

[PATCH net 00/10] mptcp: more misc. fixes for v6.8

by Matthieu Baerts (NGI0)

This series includes 6 types of fixes: - Patch 1 fixes v4 mapped in v6 addresses support for the userspace PM, when asking to delete a subflow. It was done everywhere else, but not there. Patch 2 validates the modification, thanks to a subtest in mptcp_join.sh. These patches can be backported up to v5.19. - Patch 3 is a small fix for a recent bug-fix patch, just to avoid printing an irrelevant warning (pr_warn()) once. It can be backported up to v5.6, alongside the bug-fix that has been introduced in the v6.8-rc5. - Patches 4 to 6 are fixes for bugs found by Paolo while working on TCP_NOTSENT_LOWAT support for MPTCP. These fixes can improve the performances in some cases. Patches can be backported up to v5.6, v5.11 and v6.7 respectively. - Patch 7 makes sure 'ss -M' is available when starting MPTCP Join selftest as it is required for some subtests since v5.18. - Patch 8 fixes a possible double-free on socket dismantle. The issue always existed, but was unnoticed because it was not causing any problem so far. This fix can be backported up to v5.6. - Patch 9 is a fix for a very recent patch causing lockdep warnings in subflow diag. The patch causing the regression -- which fixes another issue present since v5.7 -- should be part of the future v6.8-rc6. Patch 10 validates the modification, thanks to a new subtest in diag.sh. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Davide Caratti (1): mptcp: fix double-free on socket dismantle Geliang Tang (3): mptcp: map v4 address to v6 when destroying subflow selftests: mptcp: rm subflow with v4/v4mapped addr selftests: mptcp: join: add ss mptcp support check Matthieu Baerts (NGI0) (1): mptcp: avoid printing warning once on client side Paolo Abeni (5): mptcp: push at DSS boundaries mptcp: fix snd_wnd initialization for passive socket mptcp: fix potential wake-up event loss mptcp: fix possible deadlock in subflow diag selftests: mptcp: explicitly trigger the listener diag code-path net/mptcp/diag.c | 3 ++ net/mptcp/options.c | 2 +- net/mptcp/pm_userspace.c | 10 +++++ net/mptcp/protocol.c | 52 ++++++++++++++++++++++++- net/mptcp/protocol.h | 21 +++++----- tools/testing/selftests/net/mptcp/diag.sh | 30 +++++++++++++- tools/testing/selftests/net/mptcp/mptcp_join.sh | 33 ++++++++++------ tools/testing/selftests/net/mptcp/mptcp_lib.sh | 4 +- 8 files changed, 128 insertions(+), 27 deletions(-) --- base-commit: b0b1210bc150fbd741b4b9fce8a24541306b40fc change-id: 20240223-upstream-net-20240223-misc-fixes-1630cd6b3b0a Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

1 year, 6 months

3
11
0 0

[PATCHi V2] wifi: rtw88: Add missing VID/PIDs doe 8811CU and 8821CU

by Larry Finger

From: Nick Morrow <morrownr(a)gmail.com> Purpose: Add VID/PIDs that are known to be missing for this driver. - removed /* 8811CU */ and /* 8821CU */ as they are redundant since the file is specific to those chips. - removed /* TOTOLINK A650UA v3 */ as the manufacturer. It has a REALTEK VID so it may not be specific to this adapter. Source is https://1EHFQ.trk.elasticemail.com/tracking/click?d=I82H0YR_W_h175Lb3Nkb0D8… Verified and tested. Signed-off-by: Nick Morrow <morrownr(a)gmail.com> Signed-off-by: Larry Finger <Larry.Finger(a)lwfinger.net> Acked-by: Ping-Ke Shih <pkshih(a)realtek.com> Cc: stable(a)vger.kernel.org --- .../net/wireless/realtek/rtw88/rtw8821cu.c | 40 ++++++++++++------- 1 file changed, 26 insertions(+), 14 deletions(-) diff --git a/drivers/net/wireless/realtek/rtw88/rtw8821cu.c b/drivers/net/wireless/realtek/rtw88/rtw8821cu.c index 7a5cbdc31ef7..e2c7d9f87683 100644 --- a/drivers/net/wireless/realtek/rtw88/rtw8821cu.c +++ b/drivers/net/wireless/realtek/rtw88/rtw8821cu.c @@ -9,24 +9,36 @@ #include "usb.h" static const struct usb_device_id rtw_8821cu_id_table[] = { - { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xb82b, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8821CU */ + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0x2006, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0x8731, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0x8811, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xb820, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8821CU */ - { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc821, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8821CU */ + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xb82b, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc80c, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc811, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc820, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8821CU */ + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc821, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc82a, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8821CU */ + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc82b, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8821CU */ - { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc811, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8811CU */ - { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0x8811, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8811CU */ - { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0x2006, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* TOTOLINK A650UA v3 */ + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc82c, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(0x2001, 0x331d, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* D-Link */ + { USB_DEVICE_AND_INTERFACE_INFO(0x7392, 0xc811, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* Edimax */ + { USB_DEVICE_AND_INTERFACE_INFO(0x7392, 0xd811, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* Edimax */ {}, }; MODULE_DEVICE_TABLE(usb, rtw_8821cu_id_table); -- 2.43.2 https://1EHFQ.trk.elasticemail.com/tracking/unsubscribe?d=enVLNtTvRHoJzm7zg…

1 year, 6 months

1
0
0 0

RE: [PATCH] wifi:rtw88: Add missing VID/PIDs

by Ping-Ke Shih

> -----Original Message----- > From: Larry Finger <Larry.Finger(a)gmail.com> > Sent: Tuesday, February 27, 2024 9:41 AM > To: Kalle Valo <kvalo(a)kernel.org> > Cc: Johannes Berg <johannes(a)sipsolutions.net>; linux-wireless(a)vger.kernel.org; Nick Morrow > <morrownr(a)gmail.com>; Larry Finger <Larry.Finger(a)lwfinger.net>; stable(a)vger.kernel.org > Subject: [PATCH] wifi:rtw88: Add missing VID/PIDs Missing a space between "wifi:" and "rtw88:", and suggest to mention 8811CU and 8821CU in subject. Others look good to me. > > From: Nick Morrow <morrownr(a)gmail.com> > > Purpose: Add VID/PIDs that are known to be missing for this driver. > - removed /* 8811CU */ and /* 8821CU */ as they are redundant > since the file is specific to those chips. > - removed /* TOTOLINK A650UA v3 */ as the manufacturer. It has a REALTEK > VID so it may not be specific to this adapter. > > Source is > https://1EHFQ.trk.elasticemail.com/tracking/click?d=I82H0YR_W_h175Lb3Nkb0D8… > 0SPxd1Olp3PNJEm7h1Gft8lKFiXqYf1jEjniUnBHTdCi0Ypi2Y9ugy88eGHqb5MB9U0M7ZbBBaOwoaG0eHpd73dxUfRcicgS3TFBvw > 066sdoIh1JxdrADO_ro60 > Verified and tested. > > Signed-off-by: Nick Morrow <morrownr(a)gmail.com> > Signed-off-by: Larry Finger <Larry.Finger(a)lwfinger.net> > Cc: stable(a)vger.kernel.org Acked-by: Ping-Ke Shih <pkshih(a)realtek.com>

1 year, 6 months

1
0
0 0

[PATCH] wifi:rtw88: Add missing VID/PIDs

by Larry Finger

From: Nick Morrow <morrownr(a)gmail.com> Purpose: Add VID/PIDs that are known to be missing for this driver. - removed /* 8811CU */ and /* 8821CU */ as they are redundant since the file is specific to those chips. - removed /* TOTOLINK A650UA v3 */ as the manufacturer. It has a REALTEK VID so it may not be specific to this adapter. Source is https://1EHFQ.trk.elasticemail.com/tracking/click?d=I82H0YR_W_h175Lb3Nkb0D8… Verified and tested. Signed-off-by: Nick Morrow <morrownr(a)gmail.com> Signed-off-by: Larry Finger <Larry.Finger(a)lwfinger.net> Cc: stable(a)vger.kernel.org --- .../net/wireless/realtek/rtw88/rtw8821cu.c | 40 ++++++++++++------- 1 file changed, 26 insertions(+), 14 deletions(-) diff --git a/drivers/net/wireless/realtek/rtw88/rtw8821cu.c b/drivers/net/wireless/realtek/rtw88/rtw8821cu.c index 7a5cbdc31ef7..e2c7d9f87683 100644 --- a/drivers/net/wireless/realtek/rtw88/rtw8821cu.c +++ b/drivers/net/wireless/realtek/rtw88/rtw8821cu.c @@ -9,24 +9,36 @@ #include "usb.h" static const struct usb_device_id rtw_8821cu_id_table[] = { - { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xb82b, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8821CU */ + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0x2006, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0x8731, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0x8811, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xb820, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8821CU */ - { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc821, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8821CU */ + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xb82b, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc80c, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc811, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc820, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8821CU */ + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc821, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc82a, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8821CU */ + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc82b, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8821CU */ - { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc811, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8811CU */ - { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0x8811, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* 8811CU */ - { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0x2006, 0xff, 0xff, 0xff), - .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* TOTOLINK A650UA v3 */ + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(RTW_USB_VENDOR_ID_REALTEK, 0xc82c, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, + { USB_DEVICE_AND_INTERFACE_INFO(0x2001, 0x331d, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* D-Link */ + { USB_DEVICE_AND_INTERFACE_INFO(0x7392, 0xc811, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* Edimax */ + { USB_DEVICE_AND_INTERFACE_INFO(0x7392, 0xd811, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)&(rtw8821c_hw_spec) }, /* Edimax */ {}, }; MODULE_DEVICE_TABLE(usb, rtw_8821cu_id_table); -- 2.43.2 https://1EHFQ.trk.elasticemail.com/tracking/unsubscribe?d=GtKKPX7rhUiB3wTyG…

1 year, 6 months

1
0
0 0

[PATCH v1] usb: typec: altmodes/displayport: add null pointer check for sysfs nodes

by RD Babiera

The DisplayPort driver's sysfs nodes may be present to the userspace before typec_altmode_set_drvdata() completes in dp_altmode_probe. This means that a sysfs read can trigger a NULL pointer error by deferencing dp->hpd in hpd_show or dp->lock in pin_assignment_show, as dev_get_drvdata() returns NULL in those cases. Verify dp drvdata is present in sysfs reads and writes before proceeding. Fixes: 0e3bb7d6894d ("usb: typec: Add driver for DisplayPort alternate mode") Cc: stable(a)vger.kernel.org Signed-off-by: RD Babiera <rdbabiera(a)google.com> --- drivers/usb/typec/altmodes/displayport.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/drivers/usb/typec/altmodes/displayport.c b/drivers/usb/typec/altmodes/displayport.c index 5a80776c7255..0423326219d8 100644 --- a/drivers/usb/typec/altmodes/displayport.c +++ b/drivers/usb/typec/altmodes/displayport.c @@ -518,6 +518,9 @@ configuration_store(struct device *dev, struct device_attribute *attr, int con; int ret = 0; + if (!dp) + return -ENODEV; + con = sysfs_match_string(configurations, buf); if (con < 0) return con; @@ -563,6 +566,9 @@ static ssize_t configuration_show(struct device *dev, u8 cur; int i; + if (!dp) + return -ENODEV; + mutex_lock(&dp->lock); cap = DP_CAP_CAPABILITY(dp->alt->vdo); @@ -615,6 +621,9 @@ pin_assignment_store(struct device *dev, struct device_attribute *attr, u32 conf; int ret; + if (!dp) + return -ENODEV; + ret = sysfs_match_string(pin_assignments, buf); if (ret < 0) return ret; @@ -666,6 +675,9 @@ static ssize_t pin_assignment_show(struct device *dev, u8 cur; int i; + if (!dp) + return -ENODEV; + mutex_lock(&dp->lock); cur = get_count_order(DP_CONF_GET_PIN_ASSIGN(dp->data.conf)); @@ -698,6 +710,9 @@ static ssize_t hpd_show(struct device *dev, struct device_attribute *attr, char { struct dp_altmode *dp = dev_get_drvdata(dev); + if (!dp) + return -ENODEV; + return sysfs_emit(buf, "%d\n", dp->hpd); } static DEVICE_ATTR_RO(hpd); base-commit: f1a27f081c1fa1eeebf38406e45f29636114470f -- 2.43.0.429.g432eaa2c6b-goog

1 year, 6 months

2
2
0 0

Re: [REGRESSION 6.1.70] system calls with CIFS mounts failing with "Resource temporarily unavailable"

by Mohamed Abuelfotoh, Hazem

It looks like both 5.15.146 and 5.10.206 are impacted by this regression as they both have the bad commit 33eae65c6f (smb: client: fix OOB in SMB2_query_info_init()). We tried to apply the proposed fix eb3e28c1e89b ("smb3: Replace smb2pdu 1-element arrays with flex-arrays”) but there are a lot of dependencies required to do the backport. Is it possible to consider the simple fix that Paulo proposed as a solution for 5.10 and 5.15. We were lucky with 5.4 as it doesn’t have the bad commit because of merge conflict reported in https://lore.kernel.org/all/2023122857-doubling-crazed-27f4@gregkh/T/#m3aa0… diff --git a/fs/smb/client/smb2pdu.c b/fs/smb/client/smb2pdu.c index 05ff8a457a3d..aed5067661de 100644 --- a/fs/smb/client/smb2pdu.c +++ b/fs/smb/client/smb2pdu.c @@ -3556,7 +3556,7 @@ SMB2_query_info_init(struct cifs_tcon *tcon, struct TCP_Server_Info *server, iov[0].iov_base = (char *)req; /* 1 for Buffer */ - iov[0].iov_len = len; + iov[0].iov_len = len - 1; return 0; } Hazem

1 year, 6 months

9
19
0 0

[tip: x86/misc] x86/nmi: Fix the inverse "in NMI handler" check

by tip-bot2 for Breno Leitao

The following commit has been merged into the x86/misc branch of tip: Commit-ID: d54e56f31a34fa38fcb5e91df609f9633419a79a Gitweb: https://git.kernel.org/tip/d54e56f31a34fa38fcb5e91df609f9633419a79a Author: Breno Leitao <leitao(a)debian.org> AuthorDate: Wed, 07 Feb 2024 08:52:35 -08:00 Committer: Thomas Gleixner <tglx(a)linutronix.de> CommitterDate: Mon, 26 Feb 2024 23:41:30 +01:00 x86/nmi: Fix the inverse "in NMI handler" check Commit 344da544f177 ("x86/nmi: Print reasons why backtrace NMIs are ignored") creates a super nice framework to diagnose NMIs. Every time nmi_exc() is called, it increments a per_cpu counter (nsp->idt_nmi_seq). At its exit, it also increments the same counter. By reading this counter it can be seen how many times that function was called (dividing by 2), and, if the function is still being executed, by checking the idt_nmi_seq's least significant bit. On the check side (nmi_backtrace_stall_check()), that variable is queried to check if the NMI is still being executed, but, there is a mistake in the bitwise operation. That code wants to check if the least significant bit of the idt_nmi_seq is set or not, but does the opposite, and checks for all the other bits, which will always be true after the first exc_nmi() executed successfully. This appends the misleading string to the dump "(CPU currently in NMI handler function)" Fix it by checking the least significant bit, and if it is set, append the string. Fixes: 344da544f177 ("x86/nmi: Print reasons why backtrace NMIs are ignored") Signed-off-by: Breno Leitao <leitao(a)debian.org> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Paul E. McKenney <paulmck(a)kernel.org> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/20240207165237.1048837-1-leitao@debian.org --- arch/x86/kernel/nmi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/nmi.c b/arch/x86/kernel/nmi.c index d238679..c95dc1b 100644 --- a/arch/x86/kernel/nmi.c +++ b/arch/x86/kernel/nmi.c @@ -639,7 +639,7 @@ void nmi_backtrace_stall_check(const struct cpumask *btp) msgp = nmi_check_stall_msg[idx]; if (nsp->idt_ignored_snap != READ_ONCE(nsp->idt_ignored) && (idx & 0x1)) modp = ", but OK because ignore_nmis was set"; - if (nmi_seq & ~0x1) + if (nmi_seq & 0x1) msghp = " (CPU currently in NMI handler function)"; else if (nsp->idt_nmi_seq_snap + 1 == nmi_seq) msghp = " (CPU exited one NMI handler function)";

1 year, 6 months

1
0
0 0

Re: Kernel 6.6.17-LTS breaks almost all bash scripts involving a directory

by Konstantin Ryabitsev

On Mon, Feb 26, 2024 at 05:27:50PM +0200, Радослав Ненчовски wrote: > Hi. IDK how more clear to write it in the title, so let me explain what the > problem is. I'm sending your message to stable instead, because helpdesk is only for requesting help with kernel.org infrastructure. Stable folks, please see below. -K > In the past 4 or 5 years I've been using this script (with an alias) to > compress a single folder: > 7z a "$1.7z" "$1"/ -mx=0 -mmt=8 > > I know it doesn't look like much but essentially it creates a 7z archive > (with "store" level of compression) with a name I've entered right after the > alias. For instance: 7z0 "my dir" will create "my dir.7z". > And in the past 4 or 5 years this script was working just fine because it > was recognizing the slash as an indication that the target to compress is a > directory. > However, ever since 6.6.17-LTS arrived (altough I've heard the same > complaints from people who use the regular rolling kernel, but they didn't > tell me which version) bash stopped recognizing the slash as an indication > for directory and thinks of it as the entire root directory, thus it > attempts to compress not only "my dir" but also the whole root (/) > directory. And it doesn't matter whether I'll put the slash between the > quotes or outside of them - the result is the same. And, naturally, it > throws out an unlimited number of errors about "access denied" to everything > in root. I can't even begin to comprehend why on Earth you or whoever writes > the kernel would make this change. Forget about me but ALL linux sysadmins I > know use all kinds of scripts and changing the slash at the end of a word to > mean "root" instead of a sign for directory is a rude way to ruin their > work. Since this change occurred, I can no longer put a directory in an > archive through CLI and I have to do it through GUI, which is about 10 times > slower. I have a DE and I can do that but what about the sysadmins who > usually use linux without a DE or directly SSH into the distro they're > admins of? With this change you're literally hindering their job! > > I downgraded the kernel to 6.6.15-LTS and the problem disappeared - now the > slash is properly recognized as a sign for directory. > > The point is: *it is urgent that you undo this change back to the way it > was! I'm pretty sure sysadmins will begin to email you about this, if they > haven't already. > *

1 year, 6 months

3
2
0 0

[PATCH 6.6.y] selftests: mptcp: add mptcp_lib_get_counter

by Matthieu Baerts (NGI0)

From: Geliang Tang <geliang.tang(a)suse.com> To avoid duplicated code in different MPTCP selftests, we can add and use helpers defined in mptcp_lib.sh. The helper get_counter() in mptcp_join.sh and get_mib_counter() in mptcp_connect.sh have the same functionality, export get_counter() into mptcp_lib.sh and rename it as mptcp_lib_get_counter(). Use this new helper instead of get_counter() and get_mib_counter(). Use this helper in test_prio() in userspace_pm.sh too instead of open-coding. Reviewed-by: Matthieu Baerts <matttbe(a)kernel.org> Signed-off-by: Geliang Tang <geliang.tang(a)suse.com> Signed-off-by: Mat Martineau <martineau(a)kernel.org> Link: https://lore.kernel.org/r/20231128-send-net-next-2023107-v4-11-8d6b94150f6b… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> Stable-dep-of: acaef88f2624 ("selftests: mptcp: diag: check CURRESTAB counters") (cherry picked from commit 61c131f5d4d2b79904af2fdcb2839a9db8e7c55c) Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Notes: - this patch is needed for "selftests: mptcp: diag: check CURRESTAB counters" that has been added to the queue for v6.6 today, to avoid failures and this message: ./diag.sh: line 62: mptcp_lib_get_counter: command not found - conflicts in mptcp_lib.sh because the new helper expected to be placed after mptcp_lib_kill_wait() which has not been backported. --- .../selftests/net/mptcp/mptcp_connect.sh | 41 +++------ .../testing/selftests/net/mptcp/mptcp_join.sh | 88 ++++++++----------- .../testing/selftests/net/mptcp/mptcp_lib.sh | 16 ++++ .../selftests/net/mptcp/userspace_pm.sh | 14 +-- 4 files changed, 73 insertions(+), 86 deletions(-) diff --git a/tools/testing/selftests/net/mptcp/mptcp_connect.sh b/tools/testing/selftests/net/mptcp/mptcp_connect.sh index b1fc8afd072d..10cd322e05c4 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_connect.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_connect.sh @@ -341,21 +341,6 @@ do_ping() return 0 } -# $1: ns, $2: MIB counter -get_mib_counter() -{ - local listener_ns="${1}" - local mib="${2}" - - # strip the header - ip netns exec "${listener_ns}" \ - nstat -z -a "${mib}" | \ - tail -n+2 | \ - while read a count c rest; do - echo $count - done -} - # $1: ns, $2: port wait_local_port_listen() { @@ -441,12 +426,12 @@ do_transfer() nstat -n fi - local stat_synrx_last_l=$(get_mib_counter "${listener_ns}" "MPTcpExtMPCapableSYNRX") - local stat_ackrx_last_l=$(get_mib_counter "${listener_ns}" "MPTcpExtMPCapableACKRX") - local stat_cookietx_last=$(get_mib_counter "${listener_ns}" "TcpExtSyncookiesSent") - local stat_cookierx_last=$(get_mib_counter "${listener_ns}" "TcpExtSyncookiesRecv") - local stat_csum_err_s=$(get_mib_counter "${listener_ns}" "MPTcpExtDataCsumErr") - local stat_csum_err_c=$(get_mib_counter "${connector_ns}" "MPTcpExtDataCsumErr") + local stat_synrx_last_l=$(mptcp_lib_get_counter "${listener_ns}" "MPTcpExtMPCapableSYNRX") + local stat_ackrx_last_l=$(mptcp_lib_get_counter "${listener_ns}" "MPTcpExtMPCapableACKRX") + local stat_cookietx_last=$(mptcp_lib_get_counter "${listener_ns}" "TcpExtSyncookiesSent") + local stat_cookierx_last=$(mptcp_lib_get_counter "${listener_ns}" "TcpExtSyncookiesRecv") + local stat_csum_err_s=$(mptcp_lib_get_counter "${listener_ns}" "MPTcpExtDataCsumErr") + local stat_csum_err_c=$(mptcp_lib_get_counter "${connector_ns}" "MPTcpExtDataCsumErr") timeout ${timeout_test} \ ip netns exec ${listener_ns} \ @@ -509,11 +494,11 @@ do_transfer() check_transfer $cin $sout "file received by server" rets=$? - local stat_synrx_now_l=$(get_mib_counter "${listener_ns}" "MPTcpExtMPCapableSYNRX") - local stat_ackrx_now_l=$(get_mib_counter "${listener_ns}" "MPTcpExtMPCapableACKRX") - local stat_cookietx_now=$(get_mib_counter "${listener_ns}" "TcpExtSyncookiesSent") - local stat_cookierx_now=$(get_mib_counter "${listener_ns}" "TcpExtSyncookiesRecv") - local stat_ooo_now=$(get_mib_counter "${listener_ns}" "TcpExtTCPOFOQueue") + local stat_synrx_now_l=$(mptcp_lib_get_counter "${listener_ns}" "MPTcpExtMPCapableSYNRX") + local stat_ackrx_now_l=$(mptcp_lib_get_counter "${listener_ns}" "MPTcpExtMPCapableACKRX") + local stat_cookietx_now=$(mptcp_lib_get_counter "${listener_ns}" "TcpExtSyncookiesSent") + local stat_cookierx_now=$(mptcp_lib_get_counter "${listener_ns}" "TcpExtSyncookiesRecv") + local stat_ooo_now=$(mptcp_lib_get_counter "${listener_ns}" "TcpExtTCPOFOQueue") expect_synrx=$((stat_synrx_last_l)) expect_ackrx=$((stat_ackrx_last_l)) @@ -542,8 +527,8 @@ do_transfer() fi if $checksum; then - local csum_err_s=$(get_mib_counter "${listener_ns}" "MPTcpExtDataCsumErr") - local csum_err_c=$(get_mib_counter "${connector_ns}" "MPTcpExtDataCsumErr") + local csum_err_s=$(mptcp_lib_get_counter "${listener_ns}" "MPTcpExtDataCsumErr") + local csum_err_c=$(mptcp_lib_get_counter "${connector_ns}" "MPTcpExtDataCsumErr") local csum_err_s_nr=$((csum_err_s - stat_csum_err_s)) if [ $csum_err_s_nr -gt 0 ]; then diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index bc85570a6b26..a72104dae2b9 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -611,25 +611,9 @@ wait_local_port_listen() done } -# $1: ns ; $2: counter -get_counter() -{ - local ns="${1}" - local counter="${2}" - local count - - count=$(ip netns exec ${ns} nstat -asz "${counter}" | awk 'NR==1 {next} {print $2}') - if [ -z "${count}" ]; then - mptcp_lib_fail_if_expected_feature "${counter} counter" - return 1 - fi - - echo "${count}" -} - rm_addr_count() { - get_counter "${1}" "MPTcpExtRmAddr" + mptcp_lib_get_counter "${1}" "MPTcpExtRmAddr" } # $1: ns, $2: old rm_addr counter in $ns @@ -649,7 +633,7 @@ wait_rm_addr() rm_sf_count() { - get_counter "${1}" "MPTcpExtRmSubflow" + mptcp_lib_get_counter "${1}" "MPTcpExtRmSubflow" } # $1: ns, $2: old rm_sf counter in $ns @@ -672,11 +656,11 @@ wait_mpj() local ns="${1}" local cnt old_cnt - old_cnt=$(get_counter ${ns} "MPTcpExtMPJoinAckRx") + old_cnt=$(mptcp_lib_get_counter ${ns} "MPTcpExtMPJoinAckRx") local i for i in $(seq 10); do - cnt=$(get_counter ${ns} "MPTcpExtMPJoinAckRx") + cnt=$(mptcp_lib_get_counter ${ns} "MPTcpExtMPJoinAckRx") [ "$cnt" = "${old_cnt}" ] || break sleep 0.1 done @@ -1271,7 +1255,7 @@ chk_csum_nr() fi print_check "sum" - count=$(get_counter ${ns1} "MPTcpExtDataCsumErr") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtDataCsumErr") if [ "$count" != "$csum_ns1" ]; then extra_msg="$extra_msg ns1=$count" fi @@ -1284,7 +1268,7 @@ chk_csum_nr() print_ok fi print_check "csum" - count=$(get_counter ${ns2} "MPTcpExtDataCsumErr") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtDataCsumErr") if [ "$count" != "$csum_ns2" ]; then extra_msg="$extra_msg ns2=$count" fi @@ -1328,7 +1312,7 @@ chk_fail_nr() fi print_check "ftx" - count=$(get_counter ${ns_tx} "MPTcpExtMPFailTx") + count=$(mptcp_lib_get_counter ${ns_tx} "MPTcpExtMPFailTx") if [ "$count" != "$fail_tx" ]; then extra_msg="$extra_msg,tx=$count" fi @@ -1342,7 +1326,7 @@ chk_fail_nr() fi print_check "failrx" - count=$(get_counter ${ns_rx} "MPTcpExtMPFailRx") + count=$(mptcp_lib_get_counter ${ns_rx} "MPTcpExtMPFailRx") if [ "$count" != "$fail_rx" ]; then extra_msg="$extra_msg,rx=$count" fi @@ -1375,7 +1359,7 @@ chk_fclose_nr() fi print_check "ctx" - count=$(get_counter ${ns_tx} "MPTcpExtMPFastcloseTx") + count=$(mptcp_lib_get_counter ${ns_tx} "MPTcpExtMPFastcloseTx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$fclose_tx" ]; then @@ -1386,7 +1370,7 @@ chk_fclose_nr() fi print_check "fclzrx" - count=$(get_counter ${ns_rx} "MPTcpExtMPFastcloseRx") + count=$(mptcp_lib_get_counter ${ns_rx} "MPTcpExtMPFastcloseRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$fclose_rx" ]; then @@ -1416,7 +1400,7 @@ chk_rst_nr() fi print_check "rtx" - count=$(get_counter ${ns_tx} "MPTcpExtMPRstTx") + count=$(mptcp_lib_get_counter ${ns_tx} "MPTcpExtMPRstTx") if [ -z "$count" ]; then print_skip # accept more rst than expected except if we don't expect any @@ -1428,7 +1412,7 @@ chk_rst_nr() fi print_check "rstrx" - count=$(get_counter ${ns_rx} "MPTcpExtMPRstRx") + count=$(mptcp_lib_get_counter ${ns_rx} "MPTcpExtMPRstRx") if [ -z "$count" ]; then print_skip # accept more rst than expected except if we don't expect any @@ -1449,7 +1433,7 @@ chk_infi_nr() local count print_check "itx" - count=$(get_counter ${ns2} "MPTcpExtInfiniteMapTx") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtInfiniteMapTx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$infi_tx" ]; then @@ -1459,7 +1443,7 @@ chk_infi_nr() fi print_check "infirx" - count=$(get_counter ${ns1} "MPTcpExtInfiniteMapRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtInfiniteMapRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$infi_rx" ]; then @@ -1488,7 +1472,7 @@ chk_join_nr() fi print_check "syn" - count=$(get_counter ${ns1} "MPTcpExtMPJoinSynRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMPJoinSynRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$syn_nr" ]; then @@ -1499,7 +1483,7 @@ chk_join_nr() print_check "synack" with_cookie=$(ip netns exec $ns2 sysctl -n net.ipv4.tcp_syncookies) - count=$(get_counter ${ns2} "MPTcpExtMPJoinSynAckRx") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtMPJoinSynAckRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$syn_ack_nr" ]; then @@ -1516,7 +1500,7 @@ chk_join_nr() fi print_check "ack" - count=$(get_counter ${ns1} "MPTcpExtMPJoinAckRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMPJoinAckRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$ack_nr" ]; then @@ -1549,8 +1533,8 @@ chk_stale_nr() print_check "stale" - stale_nr=$(get_counter ${ns} "MPTcpExtSubflowStale") - recover_nr=$(get_counter ${ns} "MPTcpExtSubflowRecover") + stale_nr=$(mptcp_lib_get_counter ${ns} "MPTcpExtSubflowStale") + recover_nr=$(mptcp_lib_get_counter ${ns} "MPTcpExtSubflowRecover") if [ -z "$stale_nr" ] || [ -z "$recover_nr" ]; then print_skip elif [ $stale_nr -lt $stale_min ] || @@ -1587,7 +1571,7 @@ chk_add_nr() timeout=$(ip netns exec $ns1 sysctl -n net.mptcp.add_addr_timeout) print_check "add" - count=$(get_counter ${ns2} "MPTcpExtAddAddr") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtAddAddr") if [ -z "$count" ]; then print_skip # if the test configured a short timeout tolerate greater then expected @@ -1599,7 +1583,7 @@ chk_add_nr() fi print_check "echo" - count=$(get_counter ${ns1} "MPTcpExtEchoAdd") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtEchoAdd") if [ -z "$count" ]; then print_skip elif [ "$count" != "$echo_nr" ]; then @@ -1610,7 +1594,7 @@ chk_add_nr() if [ $port_nr -gt 0 ]; then print_check "pt" - count=$(get_counter ${ns2} "MPTcpExtPortAdd") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtPortAdd") if [ -z "$count" ]; then print_skip elif [ "$count" != "$port_nr" ]; then @@ -1620,7 +1604,7 @@ chk_add_nr() fi print_check "syn" - count=$(get_counter ${ns1} "MPTcpExtMPJoinPortSynRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMPJoinPortSynRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$syn_nr" ]; then @@ -1631,7 +1615,7 @@ chk_add_nr() fi print_check "synack" - count=$(get_counter ${ns2} "MPTcpExtMPJoinPortSynAckRx") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtMPJoinPortSynAckRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$syn_ack_nr" ]; then @@ -1642,7 +1626,7 @@ chk_add_nr() fi print_check "ack" - count=$(get_counter ${ns1} "MPTcpExtMPJoinPortAckRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMPJoinPortAckRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$ack_nr" ]; then @@ -1653,7 +1637,7 @@ chk_add_nr() fi print_check "syn" - count=$(get_counter ${ns1} "MPTcpExtMismatchPortSynRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMismatchPortSynRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$mis_syn_nr" ]; then @@ -1664,7 +1648,7 @@ chk_add_nr() fi print_check "ack" - count=$(get_counter ${ns1} "MPTcpExtMismatchPortAckRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMismatchPortAckRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$mis_ack_nr" ]; then @@ -1686,7 +1670,7 @@ chk_add_tx_nr() timeout=$(ip netns exec $ns1 sysctl -n net.mptcp.add_addr_timeout) print_check "add TX" - count=$(get_counter ${ns1} "MPTcpExtAddAddrTx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtAddAddrTx") if [ -z "$count" ]; then print_skip # if the test configured a short timeout tolerate greater then expected @@ -1698,7 +1682,7 @@ chk_add_tx_nr() fi print_check "echo TX" - count=$(get_counter ${ns2} "MPTcpExtEchoAddTx") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtEchoAddTx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$echo_tx_nr" ]; then @@ -1736,7 +1720,7 @@ chk_rm_nr() fi print_check "rm" - count=$(get_counter ${addr_ns} "MPTcpExtRmAddr") + count=$(mptcp_lib_get_counter ${addr_ns} "MPTcpExtRmAddr") if [ -z "$count" ]; then print_skip elif [ "$count" != "$rm_addr_nr" ]; then @@ -1746,13 +1730,13 @@ chk_rm_nr() fi print_check "rmsf" - count=$(get_counter ${subflow_ns} "MPTcpExtRmSubflow") + count=$(mptcp_lib_get_counter ${subflow_ns} "MPTcpExtRmSubflow") if [ -z "$count" ]; then print_skip elif [ -n "$simult" ]; then local cnt suffix - cnt=$(get_counter ${addr_ns} "MPTcpExtRmSubflow") + cnt=$(mptcp_lib_get_counter ${addr_ns} "MPTcpExtRmSubflow") # in case of simult flush, the subflow removal count on each side is # unreliable @@ -1778,7 +1762,7 @@ chk_rm_tx_nr() local rm_addr_tx_nr=$1 print_check "rm TX" - count=$(get_counter ${ns2} "MPTcpExtRmAddrTx") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtRmAddrTx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$rm_addr_tx_nr" ]; then @@ -1795,7 +1779,7 @@ chk_prio_nr() local count print_check "ptx" - count=$(get_counter ${ns1} "MPTcpExtMPPrioTx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMPPrioTx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$mp_prio_nr_tx" ]; then @@ -1805,7 +1789,7 @@ chk_prio_nr() fi print_check "prx" - count=$(get_counter ${ns1} "MPTcpExtMPPrioRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMPPrioRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$mp_prio_nr_rx" ]; then @@ -1905,7 +1889,7 @@ wait_attempt_fail() while [ $time -lt $timeout_ms ]; do local cnt - cnt=$(get_counter ${ns} "TcpAttemptFails") + cnt=$(mptcp_lib_get_counter ${ns} "TcpAttemptFails") [ "$cnt" = 1 ] && return 1 time=$((time + 100)) diff --git a/tools/testing/selftests/net/mptcp/mptcp_lib.sh b/tools/testing/selftests/net/mptcp/mptcp_lib.sh index 4cd4297ca86d..2b10f200de40 100644 --- a/tools/testing/selftests/net/mptcp/mptcp_lib.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_lib.sh @@ -216,3 +216,19 @@ mptcp_lib_kill_wait() { kill "${1}" > /dev/null 2>&1 wait "${1}" 2>/dev/null } + +# $1: ns, $2: MIB counter +mptcp_lib_get_counter() { + local ns="${1}" + local counter="${2}" + local count + + count=$(ip netns exec "${ns}" nstat -asz "${counter}" | + awk 'NR==1 {next} {print $2}') + if [ -z "${count}" ]; then + mptcp_lib_fail_if_expected_feature "${counter} counter" + return 1 + fi + + echo "${count}" +} diff --git a/tools/testing/selftests/net/mptcp/userspace_pm.sh b/tools/testing/selftests/net/mptcp/userspace_pm.sh index 0e573c6c393a..0e748068ee95 100755 --- a/tools/testing/selftests/net/mptcp/userspace_pm.sh +++ b/tools/testing/selftests/net/mptcp/userspace_pm.sh @@ -887,9 +887,10 @@ test_prio() # Check TX print_test "MP_PRIO TX" - count=$(ip netns exec "$ns2" nstat -as | grep MPTcpExtMPPrioTx | awk '{print $2}') - [ -z "$count" ] && count=0 - if [ $count != 1 ]; then + count=$(mptcp_lib_get_counter "$ns2" "MPTcpExtMPPrioTx") + if [ -z "$count" ]; then + test_skip + elif [ $count != 1 ]; then test_fail "Count != 1: ${count}" else test_pass @@ -897,9 +898,10 @@ test_prio() # Check RX print_test "MP_PRIO RX" - count=$(ip netns exec "$ns1" nstat -as | grep MPTcpExtMPPrioRx | awk '{print $2}') - [ -z "$count" ] && count=0 - if [ $count != 1 ]; then + count=$(mptcp_lib_get_counter "$ns1" "MPTcpExtMPPrioRx") + if [ -z "$count" ]; then + test_skip + elif [ $count != 1 ]; then test_fail "Count != 1: ${count}" else test_pass -- 2.43.0

1 year, 6 months

1
0
0 0

[PATCH 5.4.y 0/2] KVM: arm64: VGIC ITS fix backports

by Oliver Upton

Oliver Upton (2): KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler virt/kvm/arm/vgic/vgic-its.c | 5 +++++ 1 file changed, 5 insertions(+) base-commit: 6e1f54a4985b63bc1b55a09e5e75a974c5d6719b -- 2.44.0.rc1.240.g4c46232300-goog

1 year, 6 months

1
2
0 0

FAILED: patch "[PATCH] selftests: mptcp: join: stop transfer when check is done" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 04b57c9e096a9479fe0ad31e3956e336fa589cb2 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021924-setback-disinfect-0bd6@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: 04b57c9e096a ("selftests: mptcp: join: stop transfer when check is done (part 2)") b9fb176081fb ("selftests: mptcp: userspace pm send RM_ADDR for ID 0") e3b47e460b4b ("selftests: mptcp: userspace pm remove initial subflow") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 04b57c9e096a9479fe0ad31e3956e336fa589cb2 Mon Sep 17 00:00:00 2001 From: "Matthieu Baerts (NGI0)" <matttbe(a)kernel.org> Date: Wed, 31 Jan 2024 22:49:54 +0100 Subject: [PATCH] selftests: mptcp: join: stop transfer when check is done (part 2) Since the "Fixes" commits mentioned below, the newly added "userspace pm" subtests of mptcp_join selftests are launching the whole transfer in the background, do the required checks, then wait for the end of transfer. There is no need to wait longer, especially because the checks at the end of the transfer are ignored (which is fine). This saves quite a few seconds on slow environments. While at it, use 'mptcp_lib_kill_wait()' helper everywhere, instead of on a specific one with 'kill_tests_wait()'. Fixes: b2e2248f365a ("selftests: mptcp: userspace pm create id 0 subflow") Fixes: e3b47e460b4b ("selftests: mptcp: userspace pm remove initial subflow") Fixes: b9fb176081fb ("selftests: mptcp: userspace pm send RM_ADDR for ID 0") Cc: stable(a)vger.kernel.org Reviewed-and-tested-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://lore.kernel.org/r/20240131-upstream-net-20240131-mptcp-ci-issues-v1… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index 85bcc95f4ede..c07386e21e0a 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -643,13 +643,6 @@ kill_events_pids() mptcp_lib_kill_wait $evts_ns2_pid } -kill_tests_wait() -{ - #shellcheck disable=SC2046 - kill -SIGUSR1 $(ip netns pids $ns2) $(ip netns pids $ns1) - wait -} - pm_nl_set_limits() { local ns=$1 @@ -3494,7 +3487,7 @@ userspace_tests() chk_mptcp_info subflows 1 subflows 1 chk_subflows_total 2 2 kill_events_pids - wait $tests_pid + mptcp_lib_kill_wait $tests_pid fi # userspace pm remove initial subflow @@ -3518,7 +3511,7 @@ userspace_tests() chk_mptcp_info subflows 1 subflows 1 chk_subflows_total 1 1 kill_events_pids - wait $tests_pid + mptcp_lib_kill_wait $tests_pid fi # userspace pm send RM_ADDR for ID 0 @@ -3544,7 +3537,7 @@ userspace_tests() chk_mptcp_info subflows 1 subflows 1 chk_subflows_total 1 1 kill_events_pids - wait $tests_pid + mptcp_lib_kill_wait $tests_pid fi } @@ -3558,7 +3551,8 @@ endpoint_tests() pm_nl_set_limits $ns2 2 2 pm_nl_add_endpoint $ns1 10.0.2.1 flags signal speed=slow \ - run_tests $ns1 $ns2 10.0.1.1 2>/dev/null & + run_tests $ns1 $ns2 10.0.1.1 & + local tests_pid=$! wait_mpj $ns1 pm_nl_check_endpoint "creation" \ @@ -3573,7 +3567,7 @@ endpoint_tests() pm_nl_add_endpoint $ns2 10.0.2.2 flags signal pm_nl_check_endpoint "modif is allowed" \ $ns2 10.0.2.2 id 1 flags signal - kill_tests_wait + mptcp_lib_kill_wait $tests_pid fi if reset "delete and re-add" && @@ -3582,7 +3576,8 @@ endpoint_tests() pm_nl_set_limits $ns2 1 1 pm_nl_add_endpoint $ns2 10.0.2.2 id 2 dev ns2eth2 flags subflow test_linkfail=4 speed=20 \ - run_tests $ns1 $ns2 10.0.1.1 2>/dev/null & + run_tests $ns1 $ns2 10.0.1.1 & + local tests_pid=$! wait_mpj $ns2 chk_subflow_nr "before delete" 2 @@ -3597,7 +3592,7 @@ endpoint_tests() wait_mpj $ns2 chk_subflow_nr "after re-add" 2 chk_mptcp_info subflows 1 subflows 1 - kill_tests_wait + mptcp_lib_kill_wait $tests_pid fi }

1 year, 6 months

2
1
0 0

FAILED: patch "[PATCH] selftests: mptcp: join: stop transfer when check is done" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 31ee4ad86afd6ed6f4bb1b38c43011216080c42a # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021917-nuzzle-magenta-7de4@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: 31ee4ad86afd ("selftests: mptcp: join: stop transfer when check is done (part 1)") 80775412882e ("selftests: mptcp: add chk_subflows_total helper") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 31ee4ad86afd6ed6f4bb1b38c43011216080c42a Mon Sep 17 00:00:00 2001 From: "Matthieu Baerts (NGI0)" <matttbe(a)kernel.org> Date: Wed, 31 Jan 2024 22:49:53 +0100 Subject: [PATCH] selftests: mptcp: join: stop transfer when check is done (part 1) Since the "Fixes" commit mentioned below, "userspace pm" subtests of mptcp_join selftests introduced in v6.5 are launching the whole transfer in the background, do the required checks, then wait for the end of transfer. There is no need to wait longer, especially because the checks at the end of the transfer are ignored (which is fine). This saves quite a few seconds in slow environments. Note that old versions will need commit bdbef0a6ff10 ("selftests: mptcp: add mptcp_lib_kill_wait") as well to get 'mptcp_lib_kill_wait()' helper. Fixes: 4369c198e599 ("selftests: mptcp: test userspace pm out of transfer") Cc: stable(a)vger.kernel.org # 6.5.x: bdbef0a6ff10: selftests: mptcp: add mptcp_lib_kill_wait Cc: stable(a)vger.kernel.org # 6.5.x Reviewed-and-tested-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://lore.kernel.org/r/20240131-upstream-net-20240131-mptcp-ci-issues-v1… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index 3a5b63026191..85bcc95f4ede 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -3453,7 +3453,7 @@ userspace_tests() chk_mptcp_info subflows 0 subflows 0 chk_subflows_total 1 1 kill_events_pids - wait $tests_pid + mptcp_lib_kill_wait $tests_pid fi # userspace pm create destroy subflow @@ -3475,7 +3475,7 @@ userspace_tests() chk_mptcp_info subflows 0 subflows 0 chk_subflows_total 1 1 kill_events_pids - wait $tests_pid + mptcp_lib_kill_wait $tests_pid fi # userspace pm create id 0 subflow

1 year, 6 months

2
1
0 0

[PATCH 6.6.y] mptcp: userspace pm send RM_ADDR for ID 0

by Matthieu Baerts (NGI0)

From: Geliang Tang <geliang.tang(a)suse.com> This patch adds the ability to send RM_ADDR for local ID 0. Check whether id 0 address is removed, if not, put id 0 into a removing list, pass it to mptcp_pm_remove_addr() to remove id 0 address. There is no reason not to allow the userspace to remove the initial address (ID 0). This special case was not taken into account not letting the userspace to delete all addresses as announced. Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/379 Reviewed-by: Matthieu Baerts <matttbe(a)kernel.org> Signed-off-by: Geliang Tang <geliang.tang(a)suse.com> Signed-off-by: Mat Martineau <martineau(a)kernel.org> Link: https://lore.kernel.org/r/20231025-send-net-next-20231025-v1-3-db8f25f798eb… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> (cherry picked from commit 84c531f54ad9a124a924c9505d74e33d16965146) Fixes: d9a4594edabf ("mptcp: netlink: Add MPTCP_PM_CMD_REMOVE") Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Notes: - As mentioned in [1], the 'Fixes' tag has been accidentally dropped: [1] https://lore.kernel.org/stable/a7a3675a-4531-4559-bea2-c7689317764a@kernel.… - Conflict in pm_userspace.c because the new helper function expected to be on top of mptcp_pm_nl_remove_doit() which has been recently renamed in commit 1e07938e29c5 ("net: mptcp: rename netlink handlers to mptcp_pm_nl_<blah>_{doit,dumpit}"). --- net/mptcp/pm_userspace.c | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/net/mptcp/pm_userspace.c b/net/mptcp/pm_userspace.c index 3b34b7cf56c9..ecd166ce047d 100644 --- a/net/mptcp/pm_userspace.c +++ b/net/mptcp/pm_userspace.c @@ -220,6 +220,40 @@ int mptcp_nl_cmd_announce(struct sk_buff *skb, struct genl_info *info) return err; } +static int mptcp_userspace_pm_remove_id_zero_address(struct mptcp_sock *msk, + struct genl_info *info) +{ + struct mptcp_rm_list list = { .nr = 0 }; + struct mptcp_subflow_context *subflow; + struct sock *sk = (struct sock *)msk; + bool has_id_0 = false; + int err = -EINVAL; + + lock_sock(sk); + mptcp_for_each_subflow(msk, subflow) { + if (subflow->local_id == 0) { + has_id_0 = true; + break; + } + } + if (!has_id_0) { + GENL_SET_ERR_MSG(info, "address with id 0 not found"); + goto remove_err; + } + + list.ids[list.nr++] = 0; + + spin_lock_bh(&msk->pm.lock); + mptcp_pm_remove_addr(msk, &list); + spin_unlock_bh(&msk->pm.lock); + + err = 0; + +remove_err: + release_sock(sk); + return err; +} + int mptcp_nl_cmd_remove(struct sk_buff *skb, struct genl_info *info) { struct nlattr *token = info->attrs[MPTCP_PM_ATTR_TOKEN]; @@ -251,6 +285,11 @@ int mptcp_nl_cmd_remove(struct sk_buff *skb, struct genl_info *info) goto remove_err; } + if (id_val == 0) { + err = mptcp_userspace_pm_remove_id_zero_address(msk, info); + goto remove_err; + } + lock_sock((struct sock *)msk); list_for_each_entry(entry, &msk->pm.userspace_pm_local_addr_list, list) { -- 2.43.0

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x b820de741ae48ccf50dd95e297889c286ff4f760 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022601-stem-comfort-1bb5@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: b820de741ae4 ("fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio") 9cf3516c29e6 ("fs: add IOCB flags related to passing back dio completions") f6c73a11133e ("fs.h: Add TRACE_IOCB_STRINGS for use in trace points") 1da8cf961bb1 ("Merge tag 'io_uring-6.0-2022-08-13' of git://git.kernel.dk/linux-block") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b820de741ae48ccf50dd95e297889c286ff4f760 Mon Sep 17 00:00:00 2001 From: Bart Van Assche <bvanassche(a)acm.org> Date: Thu, 15 Feb 2024 12:47:38 -0800 Subject: [PATCH] fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8 Call trace: kiocb_set_cancel_fn+0x9c/0xa8 ffs_epfile_read_iter+0x144/0x1d0 io_read+0x19c/0x498 io_issue_sqe+0x118/0x27c io_submit_sqes+0x25c/0x5fc __arm64_sys_io_uring_enter+0x104/0xab0 invoke_syscall+0x58/0x11c el0_svc_common+0xb4/0xf4 do_el0_svc+0x2c/0xb0 el0_svc+0x2c/0xa4 el0t_64_sync_handler+0x68/0xb4 el0t_64_sync+0x1a4/0x1a8 Fix this by setting the IOCB_AIO_RW flag for read and write I/O that is submitted by libaio. Suggested-by: Jens Axboe <axboe(a)kernel.dk> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Avi Kivity <avi(a)scylladb.com> Cc: Sandeep Dhavale <dhavale(a)google.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Kent Overstreet <kent.overstreet(a)linux.dev> Cc: stable(a)vger.kernel.org Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> Link: https://lore.kernel.org/r/20240215204739.2677806-2-bvanassche@acm.org Signed-off-by: Christian Brauner <brauner(a)kernel.org> diff --git a/fs/aio.c b/fs/aio.c index bb2ff48991f3..da18dbcfcb22 100644 --- a/fs/aio.c +++ b/fs/aio.c @@ -593,6 +593,13 @@ void kiocb_set_cancel_fn(struct kiocb *iocb, kiocb_cancel_fn *cancel) struct kioctx *ctx = req->ki_ctx; unsigned long flags; + /* + * kiocb didn't come from aio or is neither a read nor a write, hence + * ignore it. + */ + if (!(iocb->ki_flags & IOCB_AIO_RW)) + return; + if (WARN_ON_ONCE(!list_empty(&req->ki_list))) return; @@ -1509,7 +1516,7 @@ static int aio_prep_rw(struct kiocb *req, const struct iocb *iocb) req->ki_complete = aio_complete_rw; req->private = NULL; req->ki_pos = iocb->aio_offset; - req->ki_flags = req->ki_filp->f_iocb_flags; + req->ki_flags = req->ki_filp->f_iocb_flags | IOCB_AIO_RW; if (iocb->aio_flags & IOCB_FLAG_RESFD) req->ki_flags |= IOCB_EVENTFD; if (iocb->aio_flags & IOCB_FLAG_IOPRIO) { diff --git a/include/linux/fs.h b/include/linux/fs.h index ed5966a70495..c2dcc98cb4c8 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -352,6 +352,8 @@ enum rw_hint { * unrelated IO (like cache flushing, new IO generation, etc). */ #define IOCB_DIO_CALLER_COMP (1 << 22) +/* kiocb is a read or write operation submitted by fs/aio.c. */ +#define IOCB_AIO_RW (1 << 23) /* for use in trace events */ #define TRACE_IOCB_STRINGS \

1 year, 6 months

2
1
0 0

FAILED: patch "[PATCH] fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x b820de741ae48ccf50dd95e297889c286ff4f760 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022654-stainless-aground-196f@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: b820de741ae4 ("fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio") 9cf3516c29e6 ("fs: add IOCB flags related to passing back dio completions") f6c73a11133e ("fs.h: Add TRACE_IOCB_STRINGS for use in trace points") 1da8cf961bb1 ("Merge tag 'io_uring-6.0-2022-08-13' of git://git.kernel.dk/linux-block") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b820de741ae48ccf50dd95e297889c286ff4f760 Mon Sep 17 00:00:00 2001 From: Bart Van Assche <bvanassche(a)acm.org> Date: Thu, 15 Feb 2024 12:47:38 -0800 Subject: [PATCH] fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8 Call trace: kiocb_set_cancel_fn+0x9c/0xa8 ffs_epfile_read_iter+0x144/0x1d0 io_read+0x19c/0x498 io_issue_sqe+0x118/0x27c io_submit_sqes+0x25c/0x5fc __arm64_sys_io_uring_enter+0x104/0xab0 invoke_syscall+0x58/0x11c el0_svc_common+0xb4/0xf4 do_el0_svc+0x2c/0xb0 el0_svc+0x2c/0xa4 el0t_64_sync_handler+0x68/0xb4 el0t_64_sync+0x1a4/0x1a8 Fix this by setting the IOCB_AIO_RW flag for read and write I/O that is submitted by libaio. Suggested-by: Jens Axboe <axboe(a)kernel.dk> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Avi Kivity <avi(a)scylladb.com> Cc: Sandeep Dhavale <dhavale(a)google.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Kent Overstreet <kent.overstreet(a)linux.dev> Cc: stable(a)vger.kernel.org Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> Link: https://lore.kernel.org/r/20240215204739.2677806-2-bvanassche@acm.org Signed-off-by: Christian Brauner <brauner(a)kernel.org> diff --git a/fs/aio.c b/fs/aio.c index bb2ff48991f3..da18dbcfcb22 100644 --- a/fs/aio.c +++ b/fs/aio.c @@ -593,6 +593,13 @@ void kiocb_set_cancel_fn(struct kiocb *iocb, kiocb_cancel_fn *cancel) struct kioctx *ctx = req->ki_ctx; unsigned long flags; + /* + * kiocb didn't come from aio or is neither a read nor a write, hence + * ignore it. + */ + if (!(iocb->ki_flags & IOCB_AIO_RW)) + return; + if (WARN_ON_ONCE(!list_empty(&req->ki_list))) return; @@ -1509,7 +1516,7 @@ static int aio_prep_rw(struct kiocb *req, const struct iocb *iocb) req->ki_complete = aio_complete_rw; req->private = NULL; req->ki_pos = iocb->aio_offset; - req->ki_flags = req->ki_filp->f_iocb_flags; + req->ki_flags = req->ki_filp->f_iocb_flags | IOCB_AIO_RW; if (iocb->aio_flags & IOCB_FLAG_RESFD) req->ki_flags |= IOCB_EVENTFD; if (iocb->aio_flags & IOCB_FLAG_IOPRIO) { diff --git a/include/linux/fs.h b/include/linux/fs.h index ed5966a70495..c2dcc98cb4c8 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -352,6 +352,8 @@ enum rw_hint { * unrelated IO (like cache flushing, new IO generation, etc). */ #define IOCB_DIO_CALLER_COMP (1 << 22) +/* kiocb is a read or write operation submitted by fs/aio.c. */ +#define IOCB_AIO_RW (1 << 23) /* for use in trace events */ #define TRACE_IOCB_STRINGS \

1 year, 6 months

2
1
0 0

FAILED: patch "[PATCH] fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x b820de741ae48ccf50dd95e297889c286ff4f760 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022653-schedule-unloaded-e4ed@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: b820de741ae4 ("fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio") 9cf3516c29e6 ("fs: add IOCB flags related to passing back dio completions") f6c73a11133e ("fs.h: Add TRACE_IOCB_STRINGS for use in trace points") 1da8cf961bb1 ("Merge tag 'io_uring-6.0-2022-08-13' of git://git.kernel.dk/linux-block") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b820de741ae48ccf50dd95e297889c286ff4f760 Mon Sep 17 00:00:00 2001 From: Bart Van Assche <bvanassche(a)acm.org> Date: Thu, 15 Feb 2024 12:47:38 -0800 Subject: [PATCH] fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8 Call trace: kiocb_set_cancel_fn+0x9c/0xa8 ffs_epfile_read_iter+0x144/0x1d0 io_read+0x19c/0x498 io_issue_sqe+0x118/0x27c io_submit_sqes+0x25c/0x5fc __arm64_sys_io_uring_enter+0x104/0xab0 invoke_syscall+0x58/0x11c el0_svc_common+0xb4/0xf4 do_el0_svc+0x2c/0xb0 el0_svc+0x2c/0xa4 el0t_64_sync_handler+0x68/0xb4 el0t_64_sync+0x1a4/0x1a8 Fix this by setting the IOCB_AIO_RW flag for read and write I/O that is submitted by libaio. Suggested-by: Jens Axboe <axboe(a)kernel.dk> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Avi Kivity <avi(a)scylladb.com> Cc: Sandeep Dhavale <dhavale(a)google.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Kent Overstreet <kent.overstreet(a)linux.dev> Cc: stable(a)vger.kernel.org Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> Link: https://lore.kernel.org/r/20240215204739.2677806-2-bvanassche@acm.org Signed-off-by: Christian Brauner <brauner(a)kernel.org> diff --git a/fs/aio.c b/fs/aio.c index bb2ff48991f3..da18dbcfcb22 100644 --- a/fs/aio.c +++ b/fs/aio.c @@ -593,6 +593,13 @@ void kiocb_set_cancel_fn(struct kiocb *iocb, kiocb_cancel_fn *cancel) struct kioctx *ctx = req->ki_ctx; unsigned long flags; + /* + * kiocb didn't come from aio or is neither a read nor a write, hence + * ignore it. + */ + if (!(iocb->ki_flags & IOCB_AIO_RW)) + return; + if (WARN_ON_ONCE(!list_empty(&req->ki_list))) return; @@ -1509,7 +1516,7 @@ static int aio_prep_rw(struct kiocb *req, const struct iocb *iocb) req->ki_complete = aio_complete_rw; req->private = NULL; req->ki_pos = iocb->aio_offset; - req->ki_flags = req->ki_filp->f_iocb_flags; + req->ki_flags = req->ki_filp->f_iocb_flags | IOCB_AIO_RW; if (iocb->aio_flags & IOCB_FLAG_RESFD) req->ki_flags |= IOCB_EVENTFD; if (iocb->aio_flags & IOCB_FLAG_IOPRIO) { diff --git a/include/linux/fs.h b/include/linux/fs.h index ed5966a70495..c2dcc98cb4c8 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -352,6 +352,8 @@ enum rw_hint { * unrelated IO (like cache flushing, new IO generation, etc). */ #define IOCB_DIO_CALLER_COMP (1 << 22) +/* kiocb is a read or write operation submitted by fs/aio.c. */ +#define IOCB_AIO_RW (1 << 23) /* for use in trace events */ #define TRACE_IOCB_STRINGS \

1 year, 6 months

2
1
0 0

FAILED: patch "[PATCH] fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x b820de741ae48ccf50dd95e297889c286ff4f760 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022651-shrimp-freezing-6b17@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: b820de741ae4 ("fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio") 9cf3516c29e6 ("fs: add IOCB flags related to passing back dio completions") f6c73a11133e ("fs.h: Add TRACE_IOCB_STRINGS for use in trace points") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b820de741ae48ccf50dd95e297889c286ff4f760 Mon Sep 17 00:00:00 2001 From: Bart Van Assche <bvanassche(a)acm.org> Date: Thu, 15 Feb 2024 12:47:38 -0800 Subject: [PATCH] fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8 Call trace: kiocb_set_cancel_fn+0x9c/0xa8 ffs_epfile_read_iter+0x144/0x1d0 io_read+0x19c/0x498 io_issue_sqe+0x118/0x27c io_submit_sqes+0x25c/0x5fc __arm64_sys_io_uring_enter+0x104/0xab0 invoke_syscall+0x58/0x11c el0_svc_common+0xb4/0xf4 do_el0_svc+0x2c/0xb0 el0_svc+0x2c/0xa4 el0t_64_sync_handler+0x68/0xb4 el0t_64_sync+0x1a4/0x1a8 Fix this by setting the IOCB_AIO_RW flag for read and write I/O that is submitted by libaio. Suggested-by: Jens Axboe <axboe(a)kernel.dk> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Avi Kivity <avi(a)scylladb.com> Cc: Sandeep Dhavale <dhavale(a)google.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Kent Overstreet <kent.overstreet(a)linux.dev> Cc: stable(a)vger.kernel.org Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> Link: https://lore.kernel.org/r/20240215204739.2677806-2-bvanassche@acm.org Signed-off-by: Christian Brauner <brauner(a)kernel.org> diff --git a/fs/aio.c b/fs/aio.c index bb2ff48991f3..da18dbcfcb22 100644 --- a/fs/aio.c +++ b/fs/aio.c @@ -593,6 +593,13 @@ void kiocb_set_cancel_fn(struct kiocb *iocb, kiocb_cancel_fn *cancel) struct kioctx *ctx = req->ki_ctx; unsigned long flags; + /* + * kiocb didn't come from aio or is neither a read nor a write, hence + * ignore it. + */ + if (!(iocb->ki_flags & IOCB_AIO_RW)) + return; + if (WARN_ON_ONCE(!list_empty(&req->ki_list))) return; @@ -1509,7 +1516,7 @@ static int aio_prep_rw(struct kiocb *req, const struct iocb *iocb) req->ki_complete = aio_complete_rw; req->private = NULL; req->ki_pos = iocb->aio_offset; - req->ki_flags = req->ki_filp->f_iocb_flags; + req->ki_flags = req->ki_filp->f_iocb_flags | IOCB_AIO_RW; if (iocb->aio_flags & IOCB_FLAG_RESFD) req->ki_flags |= IOCB_EVENTFD; if (iocb->aio_flags & IOCB_FLAG_IOPRIO) { diff --git a/include/linux/fs.h b/include/linux/fs.h index ed5966a70495..c2dcc98cb4c8 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -352,6 +352,8 @@ enum rw_hint { * unrelated IO (like cache flushing, new IO generation, etc). */ #define IOCB_DIO_CALLER_COMP (1 << 22) +/* kiocb is a read or write operation submitted by fs/aio.c. */ +#define IOCB_AIO_RW (1 << 23) /* for use in trace events */ #define TRACE_IOCB_STRINGS \

1 year, 6 months

2
1
0 0

[PATCH 6.7.y] selftests: mptcp: add mptcp_lib_get_counter

by Matthieu Baerts (NGI0)

From: Geliang Tang <geliang.tang(a)suse.com> To avoid duplicated code in different MPTCP selftests, we can add and use helpers defined in mptcp_lib.sh. The helper get_counter() in mptcp_join.sh and get_mib_counter() in mptcp_connect.sh have the same functionality, export get_counter() into mptcp_lib.sh and rename it as mptcp_lib_get_counter(). Use this new helper instead of get_counter() and get_mib_counter(). Use this helper in test_prio() in userspace_pm.sh too instead of open-coding. Reviewed-by: Matthieu Baerts <matttbe(a)kernel.org> Signed-off-by: Geliang Tang <geliang.tang(a)suse.com> Signed-off-by: Mat Martineau <martineau(a)kernel.org> Link: https://lore.kernel.org/r/20231128-send-net-next-2023107-v4-11-8d6b94150f6b… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> Stable-dep-of: acaef88f2624 ("selftests: mptcp: diag: check CURRESTAB counters") (cherry picked from commit 61c131f5d4d2b79904af2fdcb2839a9db8e7c55c) Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Notes: - this patch is needed for "selftests: mptcp: diag: check CURRESTAB counters" that has been added to the queue for v6.7 today, to avoid failures and this message: ./diag.sh: line 62: mptcp_lib_get_counter: command not found - conflicts in mptcp_lib.sh because the new helper expected to be placed after mptcp_lib_kill_wait() which has not been backported. --- .../selftests/net/mptcp/mptcp_connect.sh | 41 +++------ .../testing/selftests/net/mptcp/mptcp_join.sh | 88 ++++++++----------- .../testing/selftests/net/mptcp/mptcp_lib.sh | 16 ++++ .../selftests/net/mptcp/userspace_pm.sh | 14 +-- 4 files changed, 73 insertions(+), 86 deletions(-) diff --git a/tools/testing/selftests/net/mptcp/mptcp_connect.sh b/tools/testing/selftests/net/mptcp/mptcp_connect.sh index b1fc8afd072d..10cd322e05c4 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_connect.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_connect.sh @@ -341,21 +341,6 @@ do_ping() return 0 } -# $1: ns, $2: MIB counter -get_mib_counter() -{ - local listener_ns="${1}" - local mib="${2}" - - # strip the header - ip netns exec "${listener_ns}" \ - nstat -z -a "${mib}" | \ - tail -n+2 | \ - while read a count c rest; do - echo $count - done -} - # $1: ns, $2: port wait_local_port_listen() { @@ -441,12 +426,12 @@ do_transfer() nstat -n fi - local stat_synrx_last_l=$(get_mib_counter "${listener_ns}" "MPTcpExtMPCapableSYNRX") - local stat_ackrx_last_l=$(get_mib_counter "${listener_ns}" "MPTcpExtMPCapableACKRX") - local stat_cookietx_last=$(get_mib_counter "${listener_ns}" "TcpExtSyncookiesSent") - local stat_cookierx_last=$(get_mib_counter "${listener_ns}" "TcpExtSyncookiesRecv") - local stat_csum_err_s=$(get_mib_counter "${listener_ns}" "MPTcpExtDataCsumErr") - local stat_csum_err_c=$(get_mib_counter "${connector_ns}" "MPTcpExtDataCsumErr") + local stat_synrx_last_l=$(mptcp_lib_get_counter "${listener_ns}" "MPTcpExtMPCapableSYNRX") + local stat_ackrx_last_l=$(mptcp_lib_get_counter "${listener_ns}" "MPTcpExtMPCapableACKRX") + local stat_cookietx_last=$(mptcp_lib_get_counter "${listener_ns}" "TcpExtSyncookiesSent") + local stat_cookierx_last=$(mptcp_lib_get_counter "${listener_ns}" "TcpExtSyncookiesRecv") + local stat_csum_err_s=$(mptcp_lib_get_counter "${listener_ns}" "MPTcpExtDataCsumErr") + local stat_csum_err_c=$(mptcp_lib_get_counter "${connector_ns}" "MPTcpExtDataCsumErr") timeout ${timeout_test} \ ip netns exec ${listener_ns} \ @@ -509,11 +494,11 @@ do_transfer() check_transfer $cin $sout "file received by server" rets=$? - local stat_synrx_now_l=$(get_mib_counter "${listener_ns}" "MPTcpExtMPCapableSYNRX") - local stat_ackrx_now_l=$(get_mib_counter "${listener_ns}" "MPTcpExtMPCapableACKRX") - local stat_cookietx_now=$(get_mib_counter "${listener_ns}" "TcpExtSyncookiesSent") - local stat_cookierx_now=$(get_mib_counter "${listener_ns}" "TcpExtSyncookiesRecv") - local stat_ooo_now=$(get_mib_counter "${listener_ns}" "TcpExtTCPOFOQueue") + local stat_synrx_now_l=$(mptcp_lib_get_counter "${listener_ns}" "MPTcpExtMPCapableSYNRX") + local stat_ackrx_now_l=$(mptcp_lib_get_counter "${listener_ns}" "MPTcpExtMPCapableACKRX") + local stat_cookietx_now=$(mptcp_lib_get_counter "${listener_ns}" "TcpExtSyncookiesSent") + local stat_cookierx_now=$(mptcp_lib_get_counter "${listener_ns}" "TcpExtSyncookiesRecv") + local stat_ooo_now=$(mptcp_lib_get_counter "${listener_ns}" "TcpExtTCPOFOQueue") expect_synrx=$((stat_synrx_last_l)) expect_ackrx=$((stat_ackrx_last_l)) @@ -542,8 +527,8 @@ do_transfer() fi if $checksum; then - local csum_err_s=$(get_mib_counter "${listener_ns}" "MPTcpExtDataCsumErr") - local csum_err_c=$(get_mib_counter "${connector_ns}" "MPTcpExtDataCsumErr") + local csum_err_s=$(mptcp_lib_get_counter "${listener_ns}" "MPTcpExtDataCsumErr") + local csum_err_c=$(mptcp_lib_get_counter "${connector_ns}" "MPTcpExtDataCsumErr") local csum_err_s_nr=$((csum_err_s - stat_csum_err_s)) if [ $csum_err_s_nr -gt 0 ]; then diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index 2f28d594b2c5..be10b971e912 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -611,25 +611,9 @@ wait_local_port_listen() done } -# $1: ns ; $2: counter -get_counter() -{ - local ns="${1}" - local counter="${2}" - local count - - count=$(ip netns exec ${ns} nstat -asz "${counter}" | awk 'NR==1 {next} {print $2}') - if [ -z "${count}" ]; then - mptcp_lib_fail_if_expected_feature "${counter} counter" - return 1 - fi - - echo "${count}" -} - rm_addr_count() { - get_counter "${1}" "MPTcpExtRmAddr" + mptcp_lib_get_counter "${1}" "MPTcpExtRmAddr" } # $1: ns, $2: old rm_addr counter in $ns @@ -649,7 +633,7 @@ wait_rm_addr() rm_sf_count() { - get_counter "${1}" "MPTcpExtRmSubflow" + mptcp_lib_get_counter "${1}" "MPTcpExtRmSubflow" } # $1: ns, $2: old rm_sf counter in $ns @@ -672,11 +656,11 @@ wait_mpj() local ns="${1}" local cnt old_cnt - old_cnt=$(get_counter ${ns} "MPTcpExtMPJoinAckRx") + old_cnt=$(mptcp_lib_get_counter ${ns} "MPTcpExtMPJoinAckRx") local i for i in $(seq 10); do - cnt=$(get_counter ${ns} "MPTcpExtMPJoinAckRx") + cnt=$(mptcp_lib_get_counter ${ns} "MPTcpExtMPJoinAckRx") [ "$cnt" = "${old_cnt}" ] || break sleep 0.1 done @@ -1271,7 +1255,7 @@ chk_csum_nr() fi print_check "sum" - count=$(get_counter ${ns1} "MPTcpExtDataCsumErr") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtDataCsumErr") if [ "$count" != "$csum_ns1" ]; then extra_msg="$extra_msg ns1=$count" fi @@ -1284,7 +1268,7 @@ chk_csum_nr() print_ok fi print_check "csum" - count=$(get_counter ${ns2} "MPTcpExtDataCsumErr") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtDataCsumErr") if [ "$count" != "$csum_ns2" ]; then extra_msg="$extra_msg ns2=$count" fi @@ -1328,7 +1312,7 @@ chk_fail_nr() fi print_check "ftx" - count=$(get_counter ${ns_tx} "MPTcpExtMPFailTx") + count=$(mptcp_lib_get_counter ${ns_tx} "MPTcpExtMPFailTx") if [ "$count" != "$fail_tx" ]; then extra_msg="$extra_msg,tx=$count" fi @@ -1342,7 +1326,7 @@ chk_fail_nr() fi print_check "failrx" - count=$(get_counter ${ns_rx} "MPTcpExtMPFailRx") + count=$(mptcp_lib_get_counter ${ns_rx} "MPTcpExtMPFailRx") if [ "$count" != "$fail_rx" ]; then extra_msg="$extra_msg,rx=$count" fi @@ -1375,7 +1359,7 @@ chk_fclose_nr() fi print_check "ctx" - count=$(get_counter ${ns_tx} "MPTcpExtMPFastcloseTx") + count=$(mptcp_lib_get_counter ${ns_tx} "MPTcpExtMPFastcloseTx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$fclose_tx" ]; then @@ -1386,7 +1370,7 @@ chk_fclose_nr() fi print_check "fclzrx" - count=$(get_counter ${ns_rx} "MPTcpExtMPFastcloseRx") + count=$(mptcp_lib_get_counter ${ns_rx} "MPTcpExtMPFastcloseRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$fclose_rx" ]; then @@ -1416,7 +1400,7 @@ chk_rst_nr() fi print_check "rtx" - count=$(get_counter ${ns_tx} "MPTcpExtMPRstTx") + count=$(mptcp_lib_get_counter ${ns_tx} "MPTcpExtMPRstTx") if [ -z "$count" ]; then print_skip # accept more rst than expected except if we don't expect any @@ -1428,7 +1412,7 @@ chk_rst_nr() fi print_check "rstrx" - count=$(get_counter ${ns_rx} "MPTcpExtMPRstRx") + count=$(mptcp_lib_get_counter ${ns_rx} "MPTcpExtMPRstRx") if [ -z "$count" ]; then print_skip # accept more rst than expected except if we don't expect any @@ -1449,7 +1433,7 @@ chk_infi_nr() local count print_check "itx" - count=$(get_counter ${ns2} "MPTcpExtInfiniteMapTx") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtInfiniteMapTx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$infi_tx" ]; then @@ -1459,7 +1443,7 @@ chk_infi_nr() fi print_check "infirx" - count=$(get_counter ${ns1} "MPTcpExtInfiniteMapRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtInfiniteMapRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$infi_rx" ]; then @@ -1488,7 +1472,7 @@ chk_join_nr() fi print_check "syn" - count=$(get_counter ${ns1} "MPTcpExtMPJoinSynRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMPJoinSynRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$syn_nr" ]; then @@ -1499,7 +1483,7 @@ chk_join_nr() print_check "synack" with_cookie=$(ip netns exec $ns2 sysctl -n net.ipv4.tcp_syncookies) - count=$(get_counter ${ns2} "MPTcpExtMPJoinSynAckRx") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtMPJoinSynAckRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$syn_ack_nr" ]; then @@ -1516,7 +1500,7 @@ chk_join_nr() fi print_check "ack" - count=$(get_counter ${ns1} "MPTcpExtMPJoinAckRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMPJoinAckRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$ack_nr" ]; then @@ -1549,8 +1533,8 @@ chk_stale_nr() print_check "stale" - stale_nr=$(get_counter ${ns} "MPTcpExtSubflowStale") - recover_nr=$(get_counter ${ns} "MPTcpExtSubflowRecover") + stale_nr=$(mptcp_lib_get_counter ${ns} "MPTcpExtSubflowStale") + recover_nr=$(mptcp_lib_get_counter ${ns} "MPTcpExtSubflowRecover") if [ -z "$stale_nr" ] || [ -z "$recover_nr" ]; then print_skip elif [ $stale_nr -lt $stale_min ] || @@ -1587,7 +1571,7 @@ chk_add_nr() timeout=$(ip netns exec $ns1 sysctl -n net.mptcp.add_addr_timeout) print_check "add" - count=$(get_counter ${ns2} "MPTcpExtAddAddr") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtAddAddr") if [ -z "$count" ]; then print_skip # if the test configured a short timeout tolerate greater then expected @@ -1599,7 +1583,7 @@ chk_add_nr() fi print_check "echo" - count=$(get_counter ${ns1} "MPTcpExtEchoAdd") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtEchoAdd") if [ -z "$count" ]; then print_skip elif [ "$count" != "$echo_nr" ]; then @@ -1610,7 +1594,7 @@ chk_add_nr() if [ $port_nr -gt 0 ]; then print_check "pt" - count=$(get_counter ${ns2} "MPTcpExtPortAdd") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtPortAdd") if [ -z "$count" ]; then print_skip elif [ "$count" != "$port_nr" ]; then @@ -1620,7 +1604,7 @@ chk_add_nr() fi print_check "syn" - count=$(get_counter ${ns1} "MPTcpExtMPJoinPortSynRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMPJoinPortSynRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$syn_nr" ]; then @@ -1631,7 +1615,7 @@ chk_add_nr() fi print_check "synack" - count=$(get_counter ${ns2} "MPTcpExtMPJoinPortSynAckRx") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtMPJoinPortSynAckRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$syn_ack_nr" ]; then @@ -1642,7 +1626,7 @@ chk_add_nr() fi print_check "ack" - count=$(get_counter ${ns1} "MPTcpExtMPJoinPortAckRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMPJoinPortAckRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$ack_nr" ]; then @@ -1653,7 +1637,7 @@ chk_add_nr() fi print_check "syn" - count=$(get_counter ${ns1} "MPTcpExtMismatchPortSynRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMismatchPortSynRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$mis_syn_nr" ]; then @@ -1664,7 +1648,7 @@ chk_add_nr() fi print_check "ack" - count=$(get_counter ${ns1} "MPTcpExtMismatchPortAckRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMismatchPortAckRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$mis_ack_nr" ]; then @@ -1686,7 +1670,7 @@ chk_add_tx_nr() timeout=$(ip netns exec $ns1 sysctl -n net.mptcp.add_addr_timeout) print_check "add TX" - count=$(get_counter ${ns1} "MPTcpExtAddAddrTx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtAddAddrTx") if [ -z "$count" ]; then print_skip # if the test configured a short timeout tolerate greater then expected @@ -1698,7 +1682,7 @@ chk_add_tx_nr() fi print_check "echo TX" - count=$(get_counter ${ns2} "MPTcpExtEchoAddTx") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtEchoAddTx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$echo_tx_nr" ]; then @@ -1736,7 +1720,7 @@ chk_rm_nr() fi print_check "rm" - count=$(get_counter ${addr_ns} "MPTcpExtRmAddr") + count=$(mptcp_lib_get_counter ${addr_ns} "MPTcpExtRmAddr") if [ -z "$count" ]; then print_skip elif [ "$count" != "$rm_addr_nr" ]; then @@ -1746,13 +1730,13 @@ chk_rm_nr() fi print_check "rmsf" - count=$(get_counter ${subflow_ns} "MPTcpExtRmSubflow") + count=$(mptcp_lib_get_counter ${subflow_ns} "MPTcpExtRmSubflow") if [ -z "$count" ]; then print_skip elif [ -n "$simult" ]; then local cnt suffix - cnt=$(get_counter ${addr_ns} "MPTcpExtRmSubflow") + cnt=$(mptcp_lib_get_counter ${addr_ns} "MPTcpExtRmSubflow") # in case of simult flush, the subflow removal count on each side is # unreliable @@ -1781,7 +1765,7 @@ chk_rm_tx_nr() local rm_addr_tx_nr=$1 print_check "rm TX" - count=$(get_counter ${ns2} "MPTcpExtRmAddrTx") + count=$(mptcp_lib_get_counter ${ns2} "MPTcpExtRmAddrTx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$rm_addr_tx_nr" ]; then @@ -1798,7 +1782,7 @@ chk_prio_nr() local count print_check "ptx" - count=$(get_counter ${ns1} "MPTcpExtMPPrioTx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMPPrioTx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$mp_prio_nr_tx" ]; then @@ -1808,7 +1792,7 @@ chk_prio_nr() fi print_check "prx" - count=$(get_counter ${ns1} "MPTcpExtMPPrioRx") + count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtMPPrioRx") if [ -z "$count" ]; then print_skip elif [ "$count" != "$mp_prio_nr_rx" ]; then @@ -1908,7 +1892,7 @@ wait_attempt_fail() while [ $time -lt $timeout_ms ]; do local cnt - cnt=$(get_counter ${ns} "TcpAttemptFails") + cnt=$(mptcp_lib_get_counter ${ns} "TcpAttemptFails") [ "$cnt" = 1 ] && return 1 time=$((time + 100)) diff --git a/tools/testing/selftests/net/mptcp/mptcp_lib.sh b/tools/testing/selftests/net/mptcp/mptcp_lib.sh index 4cd4297ca86d..2b10f200de40 100644 --- a/tools/testing/selftests/net/mptcp/mptcp_lib.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_lib.sh @@ -216,3 +216,19 @@ mptcp_lib_kill_wait() { kill "${1}" > /dev/null 2>&1 wait "${1}" 2>/dev/null } + +# $1: ns, $2: MIB counter +mptcp_lib_get_counter() { + local ns="${1}" + local counter="${2}" + local count + + count=$(ip netns exec "${ns}" nstat -asz "${counter}" | + awk 'NR==1 {next} {print $2}') + if [ -z "${count}" ]; then + mptcp_lib_fail_if_expected_feature "${counter} counter" + return 1 + fi + + echo "${count}" +} diff --git a/tools/testing/selftests/net/mptcp/userspace_pm.sh b/tools/testing/selftests/net/mptcp/userspace_pm.sh index 0e573c6c393a..0e748068ee95 100755 --- a/tools/testing/selftests/net/mptcp/userspace_pm.sh +++ b/tools/testing/selftests/net/mptcp/userspace_pm.sh @@ -887,9 +887,10 @@ test_prio() # Check TX print_test "MP_PRIO TX" - count=$(ip netns exec "$ns2" nstat -as | grep MPTcpExtMPPrioTx | awk '{print $2}') - [ -z "$count" ] && count=0 - if [ $count != 1 ]; then + count=$(mptcp_lib_get_counter "$ns2" "MPTcpExtMPPrioTx") + if [ -z "$count" ]; then + test_skip + elif [ $count != 1 ]; then test_fail "Count != 1: ${count}" else test_pass @@ -897,9 +898,10 @@ test_prio() # Check RX print_test "MP_PRIO RX" - count=$(ip netns exec "$ns1" nstat -as | grep MPTcpExtMPPrioRx | awk '{print $2}') - [ -z "$count" ] && count=0 - if [ $count != 1 ]; then + count=$(mptcp_lib_get_counter "$ns1" "MPTcpExtMPPrioRx") + if [ -z "$count" ]; then + test_skip + elif [ $count != 1 ]; then test_fail "Count != 1: ${count}" else test_pass -- 2.43.0

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] selftests: mptcp: join: stop transfer when check is done" failed to apply to 6.7-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.7-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.7.y git checkout FETCH_HEAD git cherry-pick -x 04b57c9e096a9479fe0ad31e3956e336fa589cb2 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021925-saloon-pursuit-2736@gregkh' --subject-prefix 'PATCH 6.7.y' HEAD^.. Possible dependencies: 04b57c9e096a ("selftests: mptcp: join: stop transfer when check is done (part 2)") b9fb176081fb ("selftests: mptcp: userspace pm send RM_ADDR for ID 0") e3b47e460b4b ("selftests: mptcp: userspace pm remove initial subflow") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 04b57c9e096a9479fe0ad31e3956e336fa589cb2 Mon Sep 17 00:00:00 2001 From: "Matthieu Baerts (NGI0)" <matttbe(a)kernel.org> Date: Wed, 31 Jan 2024 22:49:54 +0100 Subject: [PATCH] selftests: mptcp: join: stop transfer when check is done (part 2) Since the "Fixes" commits mentioned below, the newly added "userspace pm" subtests of mptcp_join selftests are launching the whole transfer in the background, do the required checks, then wait for the end of transfer. There is no need to wait longer, especially because the checks at the end of the transfer are ignored (which is fine). This saves quite a few seconds on slow environments. While at it, use 'mptcp_lib_kill_wait()' helper everywhere, instead of on a specific one with 'kill_tests_wait()'. Fixes: b2e2248f365a ("selftests: mptcp: userspace pm create id 0 subflow") Fixes: e3b47e460b4b ("selftests: mptcp: userspace pm remove initial subflow") Fixes: b9fb176081fb ("selftests: mptcp: userspace pm send RM_ADDR for ID 0") Cc: stable(a)vger.kernel.org Reviewed-and-tested-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://lore.kernel.org/r/20240131-upstream-net-20240131-mptcp-ci-issues-v1… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index 85bcc95f4ede..c07386e21e0a 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -643,13 +643,6 @@ kill_events_pids() mptcp_lib_kill_wait $evts_ns2_pid } -kill_tests_wait() -{ - #shellcheck disable=SC2046 - kill -SIGUSR1 $(ip netns pids $ns2) $(ip netns pids $ns1) - wait -} - pm_nl_set_limits() { local ns=$1 @@ -3494,7 +3487,7 @@ userspace_tests() chk_mptcp_info subflows 1 subflows 1 chk_subflows_total 2 2 kill_events_pids - wait $tests_pid + mptcp_lib_kill_wait $tests_pid fi # userspace pm remove initial subflow @@ -3518,7 +3511,7 @@ userspace_tests() chk_mptcp_info subflows 1 subflows 1 chk_subflows_total 1 1 kill_events_pids - wait $tests_pid + mptcp_lib_kill_wait $tests_pid fi # userspace pm send RM_ADDR for ID 0 @@ -3544,7 +3537,7 @@ userspace_tests() chk_mptcp_info subflows 1 subflows 1 chk_subflows_total 1 1 kill_events_pids - wait $tests_pid + mptcp_lib_kill_wait $tests_pid fi } @@ -3558,7 +3551,8 @@ endpoint_tests() pm_nl_set_limits $ns2 2 2 pm_nl_add_endpoint $ns1 10.0.2.1 flags signal speed=slow \ - run_tests $ns1 $ns2 10.0.1.1 2>/dev/null & + run_tests $ns1 $ns2 10.0.1.1 & + local tests_pid=$! wait_mpj $ns1 pm_nl_check_endpoint "creation" \ @@ -3573,7 +3567,7 @@ endpoint_tests() pm_nl_add_endpoint $ns2 10.0.2.2 flags signal pm_nl_check_endpoint "modif is allowed" \ $ns2 10.0.2.2 id 1 flags signal - kill_tests_wait + mptcp_lib_kill_wait $tests_pid fi if reset "delete and re-add" && @@ -3582,7 +3576,8 @@ endpoint_tests() pm_nl_set_limits $ns2 1 1 pm_nl_add_endpoint $ns2 10.0.2.2 id 2 dev ns2eth2 flags subflow test_linkfail=4 speed=20 \ - run_tests $ns1 $ns2 10.0.1.1 2>/dev/null & + run_tests $ns1 $ns2 10.0.1.1 & + local tests_pid=$! wait_mpj $ns2 chk_subflow_nr "before delete" 2 @@ -3597,7 +3592,7 @@ endpoint_tests() wait_mpj $ns2 chk_subflow_nr "after re-add" 2 chk_mptcp_info subflows 1 subflows 1 - kill_tests_wait + mptcp_lib_kill_wait $tests_pid fi }

1 year, 6 months

2
1
0 0

FAILED: patch "[PATCH] selftests: mptcp: join: stop transfer when check is done" failed to apply to 6.7-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.7-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.7.y git checkout FETCH_HEAD git cherry-pick -x 31ee4ad86afd6ed6f4bb1b38c43011216080c42a # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021916-striking-evoke-4847@gregkh' --subject-prefix 'PATCH 6.7.y' HEAD^.. Possible dependencies: 31ee4ad86afd ("selftests: mptcp: join: stop transfer when check is done (part 1)") 80775412882e ("selftests: mptcp: add chk_subflows_total helper") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 31ee4ad86afd6ed6f4bb1b38c43011216080c42a Mon Sep 17 00:00:00 2001 From: "Matthieu Baerts (NGI0)" <matttbe(a)kernel.org> Date: Wed, 31 Jan 2024 22:49:53 +0100 Subject: [PATCH] selftests: mptcp: join: stop transfer when check is done (part 1) Since the "Fixes" commit mentioned below, "userspace pm" subtests of mptcp_join selftests introduced in v6.5 are launching the whole transfer in the background, do the required checks, then wait for the end of transfer. There is no need to wait longer, especially because the checks at the end of the transfer are ignored (which is fine). This saves quite a few seconds in slow environments. Note that old versions will need commit bdbef0a6ff10 ("selftests: mptcp: add mptcp_lib_kill_wait") as well to get 'mptcp_lib_kill_wait()' helper. Fixes: 4369c198e599 ("selftests: mptcp: test userspace pm out of transfer") Cc: stable(a)vger.kernel.org # 6.5.x: bdbef0a6ff10: selftests: mptcp: add mptcp_lib_kill_wait Cc: stable(a)vger.kernel.org # 6.5.x Reviewed-and-tested-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://lore.kernel.org/r/20240131-upstream-net-20240131-mptcp-ci-issues-v1… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index 3a5b63026191..85bcc95f4ede 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -3453,7 +3453,7 @@ userspace_tests() chk_mptcp_info subflows 0 subflows 0 chk_subflows_total 1 1 kill_events_pids - wait $tests_pid + mptcp_lib_kill_wait $tests_pid fi # userspace pm create destroy subflow @@ -3475,7 +3475,7 @@ userspace_tests() chk_mptcp_info subflows 0 subflows 0 chk_subflows_total 1 1 kill_events_pids - wait $tests_pid + mptcp_lib_kill_wait $tests_pid fi # userspace pm create id 0 subflow

1 year, 6 months

2
1
0 0

[tip: x86/urgent] x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu()

by tip-bot2 for Paolo Bonzini

The following commit has been merged into the x86/urgent branch of tip: Commit-ID: 9a458198eba98b7207669a166e64d04b04cb651b Gitweb: https://git.kernel.org/tip/9a458198eba98b7207669a166e64d04b04cb651b Author: Paolo Bonzini <pbonzini(a)redhat.com> AuthorDate: Thu, 01 Feb 2024 00:09:01 +01:00 Committer: Dave Hansen <dave.hansen(a)linux.intel.com> CommitterDate: Mon, 26 Feb 2024 08:16:15 -08:00 x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() In commit fbf6449f84bf ("x86/sev-es: Set x86_virt_bits to the correct value straight away, instead of a two-phase approach"), the initialization of c->x86_phys_bits was moved after this_cpu->c_early_init(c). This is incorrect because early_init_amd() expected to be able to reduce the value according to the contents of CPUID leaf 0x8000001f. Fortunately, the bug was negated by init_amd()'s call to early_init_amd(), which does reduce x86_phys_bits in the end. However, this is very late in the boot process and, most notably, the wrong value is used for x86_phys_bits when setting up MTRRs. To fix this, call get_cpu_address_sizes() as soon as X86_FEATURE_CPUID is set/cleared, and c->extended_cpuid_level is retrieved. Fixes: fbf6449f84bf ("x86/sev-es: Set x86_virt_bits to the correct value straight away, instead of a two-phase approach") Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> Signed-off-by: Dave Hansen <dave.hansen(a)linux.intel.com> Cc:stable@vger.kernel.org Link: https://lore.kernel.org/all/20240131230902.1867092-2-pbonzini%40redhat.com --- arch/x86/kernel/cpu/common.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 0b97bcd..fbc4e60 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -1589,6 +1589,7 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c) get_cpu_vendor(c); get_cpu_cap(c); setup_force_cpu_cap(X86_FEATURE_CPUID); + get_cpu_address_sizes(c); cpu_parse_early_param(); if (this_cpu->c_early_init) @@ -1601,10 +1602,9 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c) this_cpu->c_bsp_init(c); } else { setup_clear_cpu_cap(X86_FEATURE_CPUID); + get_cpu_address_sizes(c); } - get_cpu_address_sizes(c); - setup_force_cpu_cap(X86_FEATURE_ALWAYS); cpu_set_bug_bits(c);

1 year, 6 months

1
0
0 0

[tip: x86/urgent] x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers

by tip-bot2 for Paolo Bonzini

The following commit has been merged into the x86/urgent branch of tip: Commit-ID: 6890cb1ace350b4386c8aee1343dc3b3ddd214da Gitweb: https://git.kernel.org/tip/6890cb1ace350b4386c8aee1343dc3b3ddd214da Author: Paolo Bonzini <pbonzini(a)redhat.com> AuthorDate: Thu, 01 Feb 2024 00:09:02 +01:00 Committer: Dave Hansen <dave.hansen(a)linux.intel.com> CommitterDate: Mon, 26 Feb 2024 08:16:16 -08:00 x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers MKTME repurposes the high bit of physical address to key id for encryption key and, even though MAXPHYADDR in CPUID[0x80000008] remains the same, the valid bits in the MTRR mask register are based on the reduced number of physical address bits. detect_tme() in arch/x86/kernel/cpu/intel.c detects TME and subtracts it from the total usable physical bits, but it is called too late. Move the call to early_init_intel() so that it is called in setup_arch(), before MTRRs are setup. This fixes boot on TDX-enabled systems, which until now only worked with "disable_mtrr_cleanup". Without the patch, the values written to the MTRRs mask registers were 52-bit wide (e.g. 0x000fffff_80000800) and the writes failed; with the patch, the values are 46-bit wide, which matches the reduced MAXPHYADDR that is shown in /proc/cpuinfo. Reported-by: Zixi Chen <zixchen(a)redhat.com> Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> Signed-off-by: Dave Hansen <dave.hansen(a)linux.intel.com> Cc:stable@vger.kernel.org Link: https://lore.kernel.org/all/20240131230902.1867092-3-pbonzini%40redhat.com --- arch/x86/kernel/cpu/intel.c | 178 +++++++++++++++++------------------ 1 file changed, 91 insertions(+), 87 deletions(-) diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index a927a8f..40dec9b 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -184,6 +184,90 @@ static bool bad_spectre_microcode(struct cpuinfo_x86 *c) return false; } +#define MSR_IA32_TME_ACTIVATE 0x982 + +/* Helpers to access TME_ACTIVATE MSR */ +#define TME_ACTIVATE_LOCKED(x) (x & 0x1) +#define TME_ACTIVATE_ENABLED(x) (x & 0x2) + +#define TME_ACTIVATE_POLICY(x) ((x >> 4) & 0xf) /* Bits 7:4 */ +#define TME_ACTIVATE_POLICY_AES_XTS_128 0 + +#define TME_ACTIVATE_KEYID_BITS(x) ((x >> 32) & 0xf) /* Bits 35:32 */ + +#define TME_ACTIVATE_CRYPTO_ALGS(x) ((x >> 48) & 0xffff) /* Bits 63:48 */ +#define TME_ACTIVATE_CRYPTO_AES_XTS_128 1 + +/* Values for mktme_status (SW only construct) */ +#define MKTME_ENABLED 0 +#define MKTME_DISABLED 1 +#define MKTME_UNINITIALIZED 2 +static int mktme_status = MKTME_UNINITIALIZED; + +static void detect_tme_early(struct cpuinfo_x86 *c) +{ + u64 tme_activate, tme_policy, tme_crypto_algs; + int keyid_bits = 0, nr_keyids = 0; + static u64 tme_activate_cpu0 = 0; + + rdmsrl(MSR_IA32_TME_ACTIVATE, tme_activate); + + if (mktme_status != MKTME_UNINITIALIZED) { + if (tme_activate != tme_activate_cpu0) { + /* Broken BIOS? */ + pr_err_once("x86/tme: configuration is inconsistent between CPUs\n"); + pr_err_once("x86/tme: MKTME is not usable\n"); + mktme_status = MKTME_DISABLED; + + /* Proceed. We may need to exclude bits from x86_phys_bits. */ + } + } else { + tme_activate_cpu0 = tme_activate; + } + + if (!TME_ACTIVATE_LOCKED(tme_activate) || !TME_ACTIVATE_ENABLED(tme_activate)) { + pr_info_once("x86/tme: not enabled by BIOS\n"); + mktme_status = MKTME_DISABLED; + return; + } + + if (mktme_status != MKTME_UNINITIALIZED) + goto detect_keyid_bits; + + pr_info("x86/tme: enabled by BIOS\n"); + + tme_policy = TME_ACTIVATE_POLICY(tme_activate); + if (tme_policy != TME_ACTIVATE_POLICY_AES_XTS_128) + pr_warn("x86/tme: Unknown policy is active: %#llx\n", tme_policy); + + tme_crypto_algs = TME_ACTIVATE_CRYPTO_ALGS(tme_activate); + if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_AES_XTS_128)) { + pr_err("x86/mktme: No known encryption algorithm is supported: %#llx\n", + tme_crypto_algs); + mktme_status = MKTME_DISABLED; + } +detect_keyid_bits: + keyid_bits = TME_ACTIVATE_KEYID_BITS(tme_activate); + nr_keyids = (1UL << keyid_bits) - 1; + if (nr_keyids) { + pr_info_once("x86/mktme: enabled by BIOS\n"); + pr_info_once("x86/mktme: %d KeyIDs available\n", nr_keyids); + } else { + pr_info_once("x86/mktme: disabled by BIOS\n"); + } + + if (mktme_status == MKTME_UNINITIALIZED) { + /* MKTME is usable */ + mktme_status = MKTME_ENABLED; + } + + /* + * KeyID bits effectively lower the number of physical address + * bits. Update cpuinfo_x86::x86_phys_bits accordingly. + */ + c->x86_phys_bits -= keyid_bits; +} + static void early_init_intel(struct cpuinfo_x86 *c) { u64 misc_enable; @@ -322,6 +406,13 @@ static void early_init_intel(struct cpuinfo_x86 *c) */ if (detect_extended_topology_early(c) < 0) detect_ht_early(c); + + /* + * Adjust the number of physical bits early because it affects the + * valid bits of the MTRR mask registers. + */ + if (cpu_has(c, X86_FEATURE_TME)) + detect_tme_early(c); } static void bsp_init_intel(struct cpuinfo_x86 *c) @@ -482,90 +573,6 @@ static void srat_detect_node(struct cpuinfo_x86 *c) #endif } -#define MSR_IA32_TME_ACTIVATE 0x982 - -/* Helpers to access TME_ACTIVATE MSR */ -#define TME_ACTIVATE_LOCKED(x) (x & 0x1) -#define TME_ACTIVATE_ENABLED(x) (x & 0x2) - -#define TME_ACTIVATE_POLICY(x) ((x >> 4) & 0xf) /* Bits 7:4 */ -#define TME_ACTIVATE_POLICY_AES_XTS_128 0 - -#define TME_ACTIVATE_KEYID_BITS(x) ((x >> 32) & 0xf) /* Bits 35:32 */ - -#define TME_ACTIVATE_CRYPTO_ALGS(x) ((x >> 48) & 0xffff) /* Bits 63:48 */ -#define TME_ACTIVATE_CRYPTO_AES_XTS_128 1 - -/* Values for mktme_status (SW only construct) */ -#define MKTME_ENABLED 0 -#define MKTME_DISABLED 1 -#define MKTME_UNINITIALIZED 2 -static int mktme_status = MKTME_UNINITIALIZED; - -static void detect_tme(struct cpuinfo_x86 *c) -{ - u64 tme_activate, tme_policy, tme_crypto_algs; - int keyid_bits = 0, nr_keyids = 0; - static u64 tme_activate_cpu0 = 0; - - rdmsrl(MSR_IA32_TME_ACTIVATE, tme_activate); - - if (mktme_status != MKTME_UNINITIALIZED) { - if (tme_activate != tme_activate_cpu0) { - /* Broken BIOS? */ - pr_err_once("x86/tme: configuration is inconsistent between CPUs\n"); - pr_err_once("x86/tme: MKTME is not usable\n"); - mktme_status = MKTME_DISABLED; - - /* Proceed. We may need to exclude bits from x86_phys_bits. */ - } - } else { - tme_activate_cpu0 = tme_activate; - } - - if (!TME_ACTIVATE_LOCKED(tme_activate) || !TME_ACTIVATE_ENABLED(tme_activate)) { - pr_info_once("x86/tme: not enabled by BIOS\n"); - mktme_status = MKTME_DISABLED; - return; - } - - if (mktme_status != MKTME_UNINITIALIZED) - goto detect_keyid_bits; - - pr_info("x86/tme: enabled by BIOS\n"); - - tme_policy = TME_ACTIVATE_POLICY(tme_activate); - if (tme_policy != TME_ACTIVATE_POLICY_AES_XTS_128) - pr_warn("x86/tme: Unknown policy is active: %#llx\n", tme_policy); - - tme_crypto_algs = TME_ACTIVATE_CRYPTO_ALGS(tme_activate); - if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_AES_XTS_128)) { - pr_err("x86/mktme: No known encryption algorithm is supported: %#llx\n", - tme_crypto_algs); - mktme_status = MKTME_DISABLED; - } -detect_keyid_bits: - keyid_bits = TME_ACTIVATE_KEYID_BITS(tme_activate); - nr_keyids = (1UL << keyid_bits) - 1; - if (nr_keyids) { - pr_info_once("x86/mktme: enabled by BIOS\n"); - pr_info_once("x86/mktme: %d KeyIDs available\n", nr_keyids); - } else { - pr_info_once("x86/mktme: disabled by BIOS\n"); - } - - if (mktme_status == MKTME_UNINITIALIZED) { - /* MKTME is usable */ - mktme_status = MKTME_ENABLED; - } - - /* - * KeyID bits effectively lower the number of physical address - * bits. Update cpuinfo_x86::x86_phys_bits accordingly. - */ - c->x86_phys_bits -= keyid_bits; -} - static void init_cpuid_fault(struct cpuinfo_x86 *c) { u64 msr; @@ -702,9 +709,6 @@ static void init_intel(struct cpuinfo_x86 *c) init_ia32_feat_ctl(c); - if (cpu_has(c, X86_FEATURE_TME)) - detect_tme(c); - init_intel_misc_features(c); split_lock_init();

1 year, 6 months

1
0
0 0

[PATCH] landlock: Warn once if a Landlock action is requested while disabled

by Mickaël Salaün

Because sandboxing can be used as an opportunistic security measure, user space may not log unsupported features. Let the system administrator know if an application tries to use Landlock but failed because it isn't enabled at boot time. This may be caused by bootloader configurations with outdated "lsm" kernel's command-line parameter. Cc: Günther Noack <gnoack(a)google.com> Cc: stable(a)vger.kernel.org Fixes: 265885daf3e5 ("landlock: Add syscall implementations") Signed-off-by: Mickaël Salaün <mic(a)digikod.net> --- security/landlock/syscalls.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/security/landlock/syscalls.c b/security/landlock/syscalls.c index f0bc50003b46..b5b424819dee 100644 --- a/security/landlock/syscalls.c +++ b/security/landlock/syscalls.c @@ -33,6 +33,18 @@ #include "ruleset.h" #include "setup.h" +static bool is_not_initialized(void) +{ + if (likely(landlock_initialized)) + return false; + + pr_warn_once( + "Disabled but requested by user space. " + "You should enable Landlock at boot time: " + "https://docs.kernel.org/userspace-api/landlock.html#kernel-support\n"); + return true; +} + /** * copy_min_struct_from_user - Safe future-proof argument copying * @@ -173,7 +185,7 @@ SYSCALL_DEFINE3(landlock_create_ruleset, /* Build-time checks. */ build_check_abi(); - if (!landlock_initialized) + if (is_not_initialized()) return -EOPNOTSUPP; if (flags) { @@ -407,7 +419,7 @@ SYSCALL_DEFINE4(landlock_add_rule, const int, ruleset_fd, struct landlock_ruleset *ruleset; int err; - if (!landlock_initialized) + if (is_not_initialized()) return -EOPNOTSUPP; /* No flag for now. */ @@ -467,7 +479,7 @@ SYSCALL_DEFINE2(landlock_restrict_self, const int, ruleset_fd, const __u32, struct landlock_cred_security *new_llcred; int err; - if (!landlock_initialized) + if (is_not_initialized()) return -EOPNOTSUPP; /* -- 2.43.0

1 year, 6 months

3
4
0 0

[PATCH 5.10 0/1] rcutorture: Add missing return and use __func__ in warning

by Daniil Dulov

Svacer reports a potential division by zero at rcu_torture_writer() in 5.10 stable release. The problem has been fixed by the following patch that can be cleanly applied to 5.10 branches.

1 year, 6 months

1
1
0 0

[PATCH v2 1/3] PCI/DPC: Request DPC only if also requesting AER

by Bjorn Helgaas

From: Bjorn Helgaas <bhelgaas(a)google.com> When booting with "pci=noaer", we don't request control of AER, but we previously *did* request control of DPC, as in the dmesg log attached at the bugzilla below: Command line: ... pci=noaer acpi PNP0A08:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI EDR HPX-Type3] acpi PNP0A08:00: _OSC: OS now controls [PCIeHotplug SHPCHotplug PME PCIeCapability LTR DPC] That's illegal per PCI Firmware Spec, r3.3, sec 4.5.1, table 4-5, which says: If the operating system sets this bit [OSC_PCI_EXPRESS_DPC_CONTROL], it must also set bit 7 of the Support field (indicating support for Error Disconnect Recover notifications) and bits 3 and 4 of the Control field (requesting control of PCI Express Advanced Error Reporting and the PCI Express Capability Structure). Request DPC control only if we have also requested AER control. Fixes: ac1c8e35a326 ("PCI/DPC: Add Error Disconnect Recover (EDR) support") Link: https://bugzilla.kernel.org/show_bug.cgi?id=218491#c12 Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com> Cc: <stable(a)vger.kernel.org> # v5.7+ Cc: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy(a)linux.intel.com> Cc: Matthew W Carlis <mattc(a)purestorage.com> Cc: Keith Busch <kbusch(a)kernel.org> Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Mika Westerberg <mika.westerberg(a)linux.intel.com> Cc: Jesse Brandeburg <jesse.brandeburg(a)intel.com> --- drivers/acpi/pci_root.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/drivers/acpi/pci_root.c b/drivers/acpi/pci_root.c index 58b89b8d950e..efc292b6214e 100644 --- a/drivers/acpi/pci_root.c +++ b/drivers/acpi/pci_root.c @@ -518,17 +518,19 @@ static u32 calculate_control(void) if (IS_ENABLED(CONFIG_HOTPLUG_PCI_SHPC)) control |= OSC_PCI_SHPC_NATIVE_HP_CONTROL; - if (pci_aer_available()) + if (pci_aer_available()) { control |= OSC_PCI_EXPRESS_AER_CONTROL; - /* - * Per the Downstream Port Containment Related Enhancements ECN to - * the PCI Firmware Spec, r3.2, sec 4.5.1, table 4-5, - * OSC_PCI_EXPRESS_DPC_CONTROL indicates the OS supports both DPC - * and EDR. - */ - if (IS_ENABLED(CONFIG_PCIE_DPC) && IS_ENABLED(CONFIG_PCIE_EDR)) - control |= OSC_PCI_EXPRESS_DPC_CONTROL; + /* + * Per PCI Firmware Spec, r3.3, sec 4.5.1, table 4-5, the + * OS can request DPC control only if it has advertised + * OSC_PCI_EDR_SUPPORT and requested both + * OSC_PCI_EXPRESS_CAPABILITY_CONTROL and + * OSC_PCI_EXPRESS_AER_CONTROL. + */ + if (IS_ENABLED(CONFIG_PCIE_DPC)) + control |= OSC_PCI_EXPRESS_DPC_CONTROL; + } return control; } -- 2.34.1

1 year, 6 months

2
5
0 0

[PATCH] cxl/acpi: Fix load failures due to single window creation failure

by Dan Williams

The expectation is that cxl_parse_cfwms() continues in the face the of failure as evidenced by code like: cxlrd = cxl_root_decoder_alloc(root_port, ways, cxl_calc_hb); if (IS_ERR(cxlrd)) return 0; There are other error paths in that function which mistakenly follow idiomatic expectations and return an error when they should not. Most of those mistakes are innocuous checks that hardly ever fail in practice. However, a recent change succeed in making the implementation more fragile by applying an idiomatic, but still wrong "fix" [1]. In this failure case the kernel reports: cxl root0: Failed to populate active decoder targets cxl_acpi ACPI0017:00: Failed to add decode range: [mem 0x00000000-0x7fffffff flags 0x200] ...which is a real issue with that one window (to be fixed separately), but ends up failing the entirety of cxl_acpi_probe(). Undo that recent breakage while also removing the confusion about ignoring errors. Update all exits paths to return an error per typical expectations and let an outer wrapper function handle dropping the error. Fixes: 91019b5bc7c2 ("cxl/acpi: Return 'rc' instead of '0' in cxl_parse_cfmws()") [1] Cc: <stable(a)vger.kernel.org> Cc: Breno Leitao <leitao(a)debian.org> Cc: Alison Schofield <alison.schofield(a)intel.com> Cc: Vishal Verma <vishal.l.verma(a)intel.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- drivers/cxl/acpi.c | 45 +++++++++++++++++++++++++++------------------ 1 file changed, 27 insertions(+), 18 deletions(-) diff --git a/drivers/cxl/acpi.c b/drivers/cxl/acpi.c index dcf2b39e1048..53d2dff0c7a3 100644 --- a/drivers/cxl/acpi.c +++ b/drivers/cxl/acpi.c @@ -316,31 +316,27 @@ static const struct cxl_root_ops acpi_root_ops = { .qos_class = cxl_acpi_qos_class, }; -static int cxl_parse_cfmws(union acpi_subtable_headers *header, void *arg, - const unsigned long end) +static int __cxl_parse_cfmws(struct acpi_cedt_cfmws *cfmws, + struct cxl_cfmws_context *ctx) { int target_map[CXL_DECODER_MAX_INTERLEAVE]; - struct cxl_cfmws_context *ctx = arg; struct cxl_port *root_port = ctx->root_port; struct resource *cxl_res = ctx->cxl_res; struct cxl_cxims_context cxims_ctx; struct cxl_root_decoder *cxlrd; struct device *dev = ctx->dev; - struct acpi_cedt_cfmws *cfmws; cxl_calc_hb_fn cxl_calc_hb; struct cxl_decoder *cxld; unsigned int ways, i, ig; struct resource *res; int rc; - cfmws = (struct acpi_cedt_cfmws *) header; - rc = cxl_acpi_cfmws_verify(dev, cfmws); if (rc) { dev_err(dev, "CFMWS range %#llx-%#llx not registered\n", cfmws->base_hpa, cfmws->base_hpa + cfmws->window_size - 1); - return 0; + return rc; } rc = eiw_to_ways(cfmws->interleave_ways, &ways); @@ -376,7 +372,7 @@ static int cxl_parse_cfmws(union acpi_subtable_headers *header, void *arg, cxlrd = cxl_root_decoder_alloc(root_port, ways, cxl_calc_hb); if (IS_ERR(cxlrd)) - return 0; + return PTR_ERR(cxlrd); cxld = &cxlrd->cxlsd.cxld; cxld->flags = cfmws_to_decoder_flags(cfmws->restrictions); @@ -420,16 +416,7 @@ static int cxl_parse_cfmws(union acpi_subtable_headers *header, void *arg, put_device(&cxld->dev); else rc = cxl_decoder_autoremove(dev, cxld); - if (rc) { - dev_err(dev, "Failed to add decode range: %pr", res); - return rc; - } - dev_dbg(dev, "add: %s node: %d range [%#llx - %#llx]\n", - dev_name(&cxld->dev), - phys_to_target_node(cxld->hpa_range.start), - cxld->hpa_range.start, cxld->hpa_range.end); - - return 0; + return rc; err_insert: kfree(res->name); @@ -438,6 +425,28 @@ static int cxl_parse_cfmws(union acpi_subtable_headers *header, void *arg, return -ENOMEM; } +static int cxl_parse_cfmws(union acpi_subtable_headers *header, void *arg, + const unsigned long end) +{ + struct acpi_cedt_cfmws *cfmws = (struct acpi_cedt_cfmws *)header; + struct cxl_cfmws_context *ctx = arg; + struct device *dev = ctx->dev; + int rc; + + dev_dbg(dev, "decode range: node: %d range [%#llx - %#llx]\n", + phys_to_target_node(cfmws->base_hpa), cfmws->base_hpa, + cfmws->base_hpa + cfmws->window_size - 1); + rc = __cxl_parse_cfmws(cfmws, ctx); + if (rc) + dev_err(dev, + "Failed to add decode range: [%#llx - %#llx] (%d)\n", + cfmws->base_hpa, + cfmws->base_hpa + cfmws->window_size - 1, rc); + + /* never fail cxl_acpi load for a single window failure */ + return 0; +} + __mock struct acpi_device *to_cxl_host_bridge(struct device *host, struct device *dev) {

1 year, 6 months

2
8
0 0

[PATCH 0/2] possible deadlock in sco_conn_del

by Alexander Ofitserov

This bug was found by syzkaller. This series of patches is fix for this particular bug. Both of these patches were taken from upstream and applied clearly without any conflicts. First one is the fix for the problem and another one is for fix first patch. Luiz Augusto von Dentz (1): Bluetooth: SCO: Fix possible circular locking dependency on sco_connect_cfm Pauli Virtanen (1): Bluetooth: SCO: fix sco_conn related locking and validity issues net/bluetooth/sco.c | 76 ++++++++++++++++++++++++++------------------- 1 file changed, 44 insertions(+), 32 deletions(-) -- 2.42.1

1 year, 6 months

1
2
0 0

FAILED: patch "[PATCH] mptcp: fix data races on local_id" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x a7cfe776637004a4c938fde78be4bd608c32c3ef # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022611-duh-rising-d12e@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: a7cfe7766370 ("mptcp: fix data races on local_id") 84c531f54ad9 ("mptcp: userspace pm send RM_ADDR for ID 0") f1f26512a9bf ("mptcp: use plain bool instead of custom binary enum") 1e07938e29c5 ("net: mptcp: rename netlink handlers to mptcp_pm_nl_<blah>_{doit,dumpit}") 1d0507f46843 ("net: mptcp: convert netlink from small_ops to ops") fce68b03086f ("mptcp: add scheduled in mptcp_subflow_context") 1730b2b2c5a5 ("mptcp: add sched in mptcp_sock") 740ebe35bd3f ("mptcp: add struct mptcp_sched_ops") a7384f391875 ("Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From a7cfe776637004a4c938fde78be4bd608c32c3ef Mon Sep 17 00:00:00 2001 From: Paolo Abeni <pabeni(a)redhat.com> Date: Thu, 15 Feb 2024 19:25:31 +0100 Subject: [PATCH] mptcp: fix data races on local_id The local address id is accessed lockless by the NL PM, add all the required ONCE annotation. There is a caveat: the local id can be initialized late in the subflow life-cycle, and its validity is controlled by the local_id_valid flag. Remove such flag and encode the validity in the local_id field itself with negative value before initialization. That allows accessing the field consistently with a single read operation. Fixes: 0ee4261a3681 ("mptcp: implement mptcp_pm_remove_subflow") Cc: stable(a)vger.kernel.org Signed-off-by: Paolo Abeni <pabeni(a)redhat.com> Reviewed-by: Mat Martineau <martineau(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: David S. Miller <davem(a)davemloft.net> diff --git a/net/mptcp/diag.c b/net/mptcp/diag.c index e57c5f47f035..6ff6f14674aa 100644 --- a/net/mptcp/diag.c +++ b/net/mptcp/diag.c @@ -65,7 +65,7 @@ static int subflow_get_info(struct sock *sk, struct sk_buff *skb) sf->map_data_len) || nla_put_u32(skb, MPTCP_SUBFLOW_ATTR_FLAGS, flags) || nla_put_u8(skb, MPTCP_SUBFLOW_ATTR_ID_REM, sf->remote_id) || - nla_put_u8(skb, MPTCP_SUBFLOW_ATTR_ID_LOC, sf->local_id)) { + nla_put_u8(skb, MPTCP_SUBFLOW_ATTR_ID_LOC, subflow_get_local_id(sf))) { err = -EMSGSIZE; goto nla_failure; } diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index a24c9128dee9..912e25077437 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -800,7 +800,7 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk, mptcp_for_each_subflow_safe(msk, subflow, tmp) { struct sock *ssk = mptcp_subflow_tcp_sock(subflow); int how = RCV_SHUTDOWN | SEND_SHUTDOWN; - u8 id = subflow->local_id; + u8 id = subflow_get_local_id(subflow); if (rm_type == MPTCP_MIB_RMADDR && subflow->remote_id != rm_id) continue; @@ -809,7 +809,7 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk, pr_debug(" -> %s rm_list_ids[%d]=%u local_id=%u remote_id=%u mpc_id=%u", rm_type == MPTCP_MIB_RMADDR ? "address" : "subflow", - i, rm_id, subflow->local_id, subflow->remote_id, + i, rm_id, id, subflow->remote_id, msk->mpc_endpoint_id); spin_unlock_bh(&msk->pm.lock); mptcp_subflow_shutdown(sk, ssk, how); @@ -1994,7 +1994,7 @@ static int mptcp_event_add_subflow(struct sk_buff *skb, const struct sock *ssk) if (WARN_ON_ONCE(!sf)) return -EINVAL; - if (nla_put_u8(skb, MPTCP_ATTR_LOC_ID, sf->local_id)) + if (nla_put_u8(skb, MPTCP_ATTR_LOC_ID, subflow_get_local_id(sf))) return -EMSGSIZE; if (nla_put_u8(skb, MPTCP_ATTR_REM_ID, sf->remote_id)) diff --git a/net/mptcp/pm_userspace.c b/net/mptcp/pm_userspace.c index e582b3b2d174..d396a5973429 100644 --- a/net/mptcp/pm_userspace.c +++ b/net/mptcp/pm_userspace.c @@ -234,7 +234,7 @@ static int mptcp_userspace_pm_remove_id_zero_address(struct mptcp_sock *msk, lock_sock(sk); mptcp_for_each_subflow(msk, subflow) { - if (subflow->local_id == 0) { + if (READ_ONCE(subflow->local_id) == 0) { has_id_0 = true; break; } diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 8ef2927ebca2..948606a537da 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -85,7 +85,7 @@ static int __mptcp_socket_create(struct mptcp_sock *msk) subflow->subflow_id = msk->subflow_id++; /* This is the first subflow, always with id 0 */ - subflow->local_id_valid = 1; + WRITE_ONCE(subflow->local_id, 0); mptcp_sock_graft(msk->first, sk->sk_socket); iput(SOCK_INODE(ssock)); diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index ed50f2015dc3..631a7f445f34 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -491,10 +491,9 @@ struct mptcp_subflow_context { remote_key_valid : 1, /* received the peer key from */ disposable : 1, /* ctx can be free at ulp release time */ stale : 1, /* unable to snd/rcv data, do not use for xmit */ - local_id_valid : 1, /* local_id is correctly initialized */ valid_csum_seen : 1, /* at least one csum validated */ is_mptfo : 1, /* subflow is doing TFO */ - __unused : 9; + __unused : 10; bool data_avail; bool scheduled; u32 remote_nonce; @@ -505,7 +504,7 @@ struct mptcp_subflow_context { u8 hmac[MPTCPOPT_HMAC_LEN]; /* MPJ subflow only */ u64 iasn; /* initial ack sequence number, MPC subflows only */ }; - u8 local_id; + s16 local_id; /* if negative not initialized yet */ u8 remote_id; u8 reset_seen:1; u8 reset_transient:1; @@ -556,6 +555,7 @@ mptcp_subflow_ctx_reset(struct mptcp_subflow_context *subflow) { memset(&subflow->reset, 0, sizeof(subflow->reset)); subflow->request_mptcp = 1; + WRITE_ONCE(subflow->local_id, -1); } static inline u64 @@ -1022,6 +1022,15 @@ int mptcp_pm_get_local_id(struct mptcp_sock *msk, struct sock_common *skc); int mptcp_pm_nl_get_local_id(struct mptcp_sock *msk, struct mptcp_addr_info *skc); int mptcp_userspace_pm_get_local_id(struct mptcp_sock *msk, struct mptcp_addr_info *skc); +static inline u8 subflow_get_local_id(const struct mptcp_subflow_context *subflow) +{ + int local_id = READ_ONCE(subflow->local_id); + + if (local_id < 0) + return 0; + return local_id; +} + void __init mptcp_pm_nl_init(void); void mptcp_pm_nl_work(struct mptcp_sock *msk); void mptcp_pm_nl_rm_subflow_received(struct mptcp_sock *msk, diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index c34ecadee120..015184bbf06c 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -577,8 +577,8 @@ static void subflow_finish_connect(struct sock *sk, const struct sk_buff *skb) static void subflow_set_local_id(struct mptcp_subflow_context *subflow, int local_id) { - subflow->local_id = local_id; - subflow->local_id_valid = 1; + WARN_ON_ONCE(local_id < 0 || local_id > 255); + WRITE_ONCE(subflow->local_id, local_id); } static int subflow_chk_local_id(struct sock *sk) @@ -587,7 +587,7 @@ static int subflow_chk_local_id(struct sock *sk) struct mptcp_sock *msk = mptcp_sk(subflow->conn); int err; - if (likely(subflow->local_id_valid)) + if (likely(subflow->local_id >= 0)) return 0; err = mptcp_pm_get_local_id(msk, (struct sock_common *)sk); @@ -1731,6 +1731,7 @@ static struct mptcp_subflow_context *subflow_create_ctx(struct sock *sk, pr_debug("subflow=%p", ctx); ctx->tcp_sock = sk; + WRITE_ONCE(ctx->local_id, -1); return ctx; } @@ -1966,7 +1967,7 @@ static void subflow_ulp_clone(const struct request_sock *req, new_ctx->idsn = subflow_req->idsn; /* this is the first subflow, id is always 0 */ - new_ctx->local_id_valid = 1; + subflow_set_local_id(new_ctx, 0); } else if (subflow_req->mp_join) { new_ctx->ssn_offset = subflow_req->ssn_offset; new_ctx->mp_join = 1;

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] mptcp: add needs_id for netlink appending addr" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 584f3894262634596532cf43a5e782e34a0ce374 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022626-oversold-imply-5fed@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 584f38942626 ("mptcp: add needs_id for netlink appending addr") aab4d8564947 ("net: mptcp: use policy generated by YAML spec") 1e07938e29c5 ("net: mptcp: rename netlink handlers to mptcp_pm_nl_<blah>_{doit,dumpit}") 1d0507f46843 ("net: mptcp: convert netlink from small_ops to ops") 740ebe35bd3f ("mptcp: add struct mptcp_sched_ops") 6ba7ce89905c ("mptcp: unify pm set_flags interfaces") a963853fd465 ("mptcp: use net instead of sock_net") dfc8d0603033 ("mptcp: implement delayed seq generation for passive fastopen") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 584f3894262634596532cf43a5e782e34a0ce374 Mon Sep 17 00:00:00 2001 From: Geliang Tang <tanggeliang(a)kylinos.cn> Date: Thu, 15 Feb 2024 19:25:29 +0100 Subject: [PATCH] mptcp: add needs_id for netlink appending addr Just the same as userspace PM, a new parameter needs_id is added for in-kernel PM mptcp_pm_nl_append_new_local_addr() too. Add a new helper mptcp_pm_has_addr_attr_id() to check whether an address ID is set from PM or not. In mptcp_pm_nl_get_local_id(), needs_id is always true, but in mptcp_pm_nl_add_addr_doit(), pass mptcp_pm_has_addr_attr_id() to needs_it. Fixes: efd5a4c04e18 ("mptcp: add the address ID assignment bitmap") Cc: stable(a)vger.kernel.org Signed-off-by: Geliang Tang <tanggeliang(a)kylinos.cn> Reviewed-by: Mat Martineau <martineau(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: David S. Miller <davem(a)davemloft.net> diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index 287a60381eae..a24c9128dee9 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -901,7 +901,8 @@ static void __mptcp_pm_release_addr_entry(struct mptcp_pm_addr_entry *entry) } static int mptcp_pm_nl_append_new_local_addr(struct pm_nl_pernet *pernet, - struct mptcp_pm_addr_entry *entry) + struct mptcp_pm_addr_entry *entry, + bool needs_id) { struct mptcp_pm_addr_entry *cur, *del_entry = NULL; unsigned int addr_max; @@ -949,7 +950,7 @@ static int mptcp_pm_nl_append_new_local_addr(struct pm_nl_pernet *pernet, } } - if (!entry->addr.id) { + if (!entry->addr.id && needs_id) { find_next: entry->addr.id = find_next_zero_bit(pernet->id_bitmap, MPTCP_PM_MAX_ADDR_ID + 1, @@ -960,7 +961,7 @@ static int mptcp_pm_nl_append_new_local_addr(struct pm_nl_pernet *pernet, } } - if (!entry->addr.id) + if (!entry->addr.id && needs_id) goto out; __set_bit(entry->addr.id, pernet->id_bitmap); @@ -1092,7 +1093,7 @@ int mptcp_pm_nl_get_local_id(struct mptcp_sock *msk, struct mptcp_addr_info *skc entry->ifindex = 0; entry->flags = MPTCP_PM_ADDR_FLAG_IMPLICIT; entry->lsk = NULL; - ret = mptcp_pm_nl_append_new_local_addr(pernet, entry); + ret = mptcp_pm_nl_append_new_local_addr(pernet, entry, true); if (ret < 0) kfree(entry); @@ -1285,6 +1286,18 @@ static int mptcp_nl_add_subflow_or_signal_addr(struct net *net) return 0; } +static bool mptcp_pm_has_addr_attr_id(const struct nlattr *attr, + struct genl_info *info) +{ + struct nlattr *tb[MPTCP_PM_ADDR_ATTR_MAX + 1]; + + if (!nla_parse_nested_deprecated(tb, MPTCP_PM_ADDR_ATTR_MAX, attr, + mptcp_pm_address_nl_policy, info->extack) && + tb[MPTCP_PM_ADDR_ATTR_ID]) + return true; + return false; +} + int mptcp_pm_nl_add_addr_doit(struct sk_buff *skb, struct genl_info *info) { struct nlattr *attr = info->attrs[MPTCP_PM_ENDPOINT_ADDR]; @@ -1326,7 +1339,8 @@ int mptcp_pm_nl_add_addr_doit(struct sk_buff *skb, struct genl_info *info) goto out_free; } } - ret = mptcp_pm_nl_append_new_local_addr(pernet, entry); + ret = mptcp_pm_nl_append_new_local_addr(pernet, entry, + !mptcp_pm_has_addr_attr_id(attr, info)); if (ret < 0) { GENL_SET_ERR_MSG_FMT(info, "too many addresses or duplicate one: %d", ret); goto out_free;

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] usb: roles: fix NULL pointer issue when put module's" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x 1c9be13846c0b2abc2480602f8ef421360e1ad9e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022632-wise-dose-46ed@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: 1c9be13846c0 ("usb: roles: fix NULL pointer issue when put module's reference") 044a61158b9e ("USB: roles: make role_class a static const structure") 1aaba11da9aa ("driver core: class: remove module * from class_create()") 6e30a66433af ("driver core: class: remove struct module owner out of struct class") 0b2a1a3938aa ("driver core: class: Clear private pointer on registration failures") 71a7507afbc3 ("Merge tag 'driver-core-6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 1c9be13846c0b2abc2480602f8ef421360e1ad9e Mon Sep 17 00:00:00 2001 From: Xu Yang <xu.yang_2(a)nxp.com> Date: Mon, 29 Jan 2024 17:37:38 +0800 Subject: [PATCH] usb: roles: fix NULL pointer issue when put module's reference In current design, usb role class driver will get usb_role_switch parent's module reference after the user get usb_role_switch device and put the reference after the user put the usb_role_switch device. However, the parent device of usb_role_switch may be removed before the user put the usb_role_switch. If so, then, NULL pointer issue will be met when the user put the parent module's reference. This will save the module pointer in structure of usb_role_switch. Then, we don't need to find module by iterating long relations. Fixes: 5c54fcac9a9d ("usb: roles: Take care of driver module reference counting") cc: stable(a)vger.kernel.org Signed-off-by: Xu Yang <xu.yang_2(a)nxp.com> Acked-by: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> Link: https://lore.kernel.org/r/20240129093739.2371530-1-xu.yang_2@nxp.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/usb/roles/class.c b/drivers/usb/roles/class.c index ae41578bd014..2bad038fb9ad 100644 --- a/drivers/usb/roles/class.c +++ b/drivers/usb/roles/class.c @@ -21,6 +21,7 @@ static const struct class role_class = { struct usb_role_switch { struct device dev; struct mutex lock; /* device lock*/ + struct module *module; /* the module this device depends on */ enum usb_role role; /* From descriptor */ @@ -135,7 +136,7 @@ struct usb_role_switch *usb_role_switch_get(struct device *dev) usb_role_switch_match); if (!IS_ERR_OR_NULL(sw)) - WARN_ON(!try_module_get(sw->dev.parent->driver->owner)); + WARN_ON(!try_module_get(sw->module)); return sw; } @@ -157,7 +158,7 @@ struct usb_role_switch *fwnode_usb_role_switch_get(struct fwnode_handle *fwnode) sw = fwnode_connection_find_match(fwnode, "usb-role-switch", NULL, usb_role_switch_match); if (!IS_ERR_OR_NULL(sw)) - WARN_ON(!try_module_get(sw->dev.parent->driver->owner)); + WARN_ON(!try_module_get(sw->module)); return sw; } @@ -172,7 +173,7 @@ EXPORT_SYMBOL_GPL(fwnode_usb_role_switch_get); void usb_role_switch_put(struct usb_role_switch *sw) { if (!IS_ERR_OR_NULL(sw)) { - module_put(sw->dev.parent->driver->owner); + module_put(sw->module); put_device(&sw->dev); } } @@ -189,15 +190,18 @@ struct usb_role_switch * usb_role_switch_find_by_fwnode(const struct fwnode_handle *fwnode) { struct device *dev; + struct usb_role_switch *sw = NULL; if (!fwnode) return NULL; dev = class_find_device_by_fwnode(&role_class, fwnode); - if (dev) - WARN_ON(!try_module_get(dev->parent->driver->owner)); + if (dev) { + sw = to_role_switch(dev); + WARN_ON(!try_module_get(sw->module)); + } - return dev ? to_role_switch(dev) : NULL; + return sw; } EXPORT_SYMBOL_GPL(usb_role_switch_find_by_fwnode); @@ -338,6 +342,7 @@ usb_role_switch_register(struct device *parent, sw->set = desc->set; sw->get = desc->get; + sw->module = parent->driver->owner; sw->dev.parent = parent; sw->dev.fwnode = desc->fwnode; sw->dev.class = &role_class;

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] usb: roles: fix NULL pointer issue when put module's" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 1c9be13846c0b2abc2480602f8ef421360e1ad9e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022630-streak-bleep-1f75@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: 1c9be13846c0 ("usb: roles: fix NULL pointer issue when put module's reference") 044a61158b9e ("USB: roles: make role_class a static const structure") 1aaba11da9aa ("driver core: class: remove module * from class_create()") 6e30a66433af ("driver core: class: remove struct module owner out of struct class") 0b2a1a3938aa ("driver core: class: Clear private pointer on registration failures") 71a7507afbc3 ("Merge tag 'driver-core-6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 1c9be13846c0b2abc2480602f8ef421360e1ad9e Mon Sep 17 00:00:00 2001 From: Xu Yang <xu.yang_2(a)nxp.com> Date: Mon, 29 Jan 2024 17:37:38 +0800 Subject: [PATCH] usb: roles: fix NULL pointer issue when put module's reference In current design, usb role class driver will get usb_role_switch parent's module reference after the user get usb_role_switch device and put the reference after the user put the usb_role_switch device. However, the parent device of usb_role_switch may be removed before the user put the usb_role_switch. If so, then, NULL pointer issue will be met when the user put the parent module's reference. This will save the module pointer in structure of usb_role_switch. Then, we don't need to find module by iterating long relations. Fixes: 5c54fcac9a9d ("usb: roles: Take care of driver module reference counting") cc: stable(a)vger.kernel.org Signed-off-by: Xu Yang <xu.yang_2(a)nxp.com> Acked-by: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> Link: https://lore.kernel.org/r/20240129093739.2371530-1-xu.yang_2@nxp.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/usb/roles/class.c b/drivers/usb/roles/class.c index ae41578bd014..2bad038fb9ad 100644 --- a/drivers/usb/roles/class.c +++ b/drivers/usb/roles/class.c @@ -21,6 +21,7 @@ static const struct class role_class = { struct usb_role_switch { struct device dev; struct mutex lock; /* device lock*/ + struct module *module; /* the module this device depends on */ enum usb_role role; /* From descriptor */ @@ -135,7 +136,7 @@ struct usb_role_switch *usb_role_switch_get(struct device *dev) usb_role_switch_match); if (!IS_ERR_OR_NULL(sw)) - WARN_ON(!try_module_get(sw->dev.parent->driver->owner)); + WARN_ON(!try_module_get(sw->module)); return sw; } @@ -157,7 +158,7 @@ struct usb_role_switch *fwnode_usb_role_switch_get(struct fwnode_handle *fwnode) sw = fwnode_connection_find_match(fwnode, "usb-role-switch", NULL, usb_role_switch_match); if (!IS_ERR_OR_NULL(sw)) - WARN_ON(!try_module_get(sw->dev.parent->driver->owner)); + WARN_ON(!try_module_get(sw->module)); return sw; } @@ -172,7 +173,7 @@ EXPORT_SYMBOL_GPL(fwnode_usb_role_switch_get); void usb_role_switch_put(struct usb_role_switch *sw) { if (!IS_ERR_OR_NULL(sw)) { - module_put(sw->dev.parent->driver->owner); + module_put(sw->module); put_device(&sw->dev); } } @@ -189,15 +190,18 @@ struct usb_role_switch * usb_role_switch_find_by_fwnode(const struct fwnode_handle *fwnode) { struct device *dev; + struct usb_role_switch *sw = NULL; if (!fwnode) return NULL; dev = class_find_device_by_fwnode(&role_class, fwnode); - if (dev) - WARN_ON(!try_module_get(dev->parent->driver->owner)); + if (dev) { + sw = to_role_switch(dev); + WARN_ON(!try_module_get(sw->module)); + } - return dev ? to_role_switch(dev) : NULL; + return sw; } EXPORT_SYMBOL_GPL(usb_role_switch_find_by_fwnode); @@ -338,6 +342,7 @@ usb_role_switch_register(struct device *parent, sw->set = desc->set; sw->get = desc->get; + sw->module = parent->driver->owner; sw->dev.parent = parent; sw->dev.fwnode = desc->fwnode; sw->dev.class = &role_class;

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] irqchip/gic-v3-its: Do not assume vPE tables are preallocated" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x ec4308ecfc887128a468f03fb66b767559c57c23 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022602-daunting-dreamland-882c@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: ec4308ecfc88 ("irqchip/gic-v3-its: Do not assume vPE tables are preallocated") c0cdc89072a3 ("irqchip/gic-v3-its: Give the percpu rdist struct its own flags field") 5e5168461c22 ("irqchip/gic-v4.1: VPE table (aka GICR_VPROPBASER) allocation") b25319d279b6 ("irqchip/gic-v3: Detect GICv4.1 supporting RVPEID") 576a83429757 ("irqchip/gic-v3-its: Kill its->device_ids and use TYPER copy instead") ffedbf0cba15 ("irqchip/gic-v3-its: Kill its->ite_size and use TYPER copy instead") 0dd57fed6b46 ("irqchip/gic-v3-its: Make is_v4 use a TYPER copy") 8424312516e5 ("irqchip/gic-v3-its: Use the exact ITSList for VMOVP") 5f51f803826e ("irqchip/gic-v3: Add EPPI range support") 81a43273045b ("irqchip/gic-v3: Dynamically allocate PPI NMI refcounts") 1a60e1e64391 ("irqchip/gic: Prepare for more than 16 PPIs") 211bddd210a6 ("irqchip/gic-v3: Add ESPI range support") e91b036e1c20 ("irqchip/gic-v3: Add INTID range and convertion primitives") 13d22e2e1f35 ("irqchip/gic: Rework gic_configure_irq to take the full ICFGR base") 3d8dfe75ef69 ("Merge tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From ec4308ecfc887128a468f03fb66b767559c57c23 Mon Sep 17 00:00:00 2001 From: Oliver Upton <oliver.upton(a)linux.dev> Date: Mon, 19 Feb 2024 18:58:06 +0000 Subject: [PATCH] irqchip/gic-v3-its: Do not assume vPE tables are preallocated The GIC/ITS code is designed to ensure to pick up any preallocated LPI tables on the redistributors, as enabling LPIs is a one-way switch. There is no such restriction for vLPIs, and for GICv4.1 it is expected to allocate a new vPE table at boot. This works as intended when initializing an ITS, however when setting up a redistributor in cpu_init_lpis() the early return for preallocated RD tables skips straight past the GICv4 setup. This all comes to a head when trying to kexec() into a new kernel, as the new kernel silently fails to set up GICv4, leading to a complete loss of SGIs and LPIs for KVM VMs. Slap a band-aid on the problem by ensuring its_cpu_init_lpis() always initializes GICv4 on the way out, even if the other RD tables were preallocated. Fixes: 6479450f72c1 ("irqchip/gic-v4: Fix occasional VLPI drop") Reported-by: George Cherian <gcherian(a)marvell.com> Co-developed-by: Marc Zyngier <maz(a)kernel.org> Signed-off-by: Marc Zyngier <maz(a)kernel.org> Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/20240219185809.286724-2-oliver.upton@linux.dev diff --git a/drivers/irqchip/irq-gic-v3-its.c b/drivers/irqchip/irq-gic-v3-its.c index 53abd4779914..b822752c4261 100644 --- a/drivers/irqchip/irq-gic-v3-its.c +++ b/drivers/irqchip/irq-gic-v3-its.c @@ -3181,6 +3181,7 @@ static void its_cpu_init_lpis(void) val |= GICR_CTLR_ENABLE_LPIS; writel_relaxed(val, rbase + GICR_CTLR); +out: if (gic_rdists->has_vlpis && !gic_rdists->has_rvpeid) { void __iomem *vlpi_base = gic_data_rdist_vlpi_base(); @@ -3216,7 +3217,6 @@ static void its_cpu_init_lpis(void) /* Make sure the GIC has seen the above */ dsb(sy); -out: gic_data_rdist()->flags |= RD_LOCAL_LPI_ENABLED; pr_info("GICv3: CPU%d: using %s LPI pending table @%pa\n", smp_processor_id(),

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] irqchip/gic-v3-its: Do not assume vPE tables are preallocated" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x ec4308ecfc887128a468f03fb66b767559c57c23 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022658-brethren-stopper-8b5e@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: ec4308ecfc88 ("irqchip/gic-v3-its: Do not assume vPE tables are preallocated") c0cdc89072a3 ("irqchip/gic-v3-its: Give the percpu rdist struct its own flags field") 5e5168461c22 ("irqchip/gic-v4.1: VPE table (aka GICR_VPROPBASER) allocation") b25319d279b6 ("irqchip/gic-v3: Detect GICv4.1 supporting RVPEID") 576a83429757 ("irqchip/gic-v3-its: Kill its->device_ids and use TYPER copy instead") ffedbf0cba15 ("irqchip/gic-v3-its: Kill its->ite_size and use TYPER copy instead") 0dd57fed6b46 ("irqchip/gic-v3-its: Make is_v4 use a TYPER copy") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From ec4308ecfc887128a468f03fb66b767559c57c23 Mon Sep 17 00:00:00 2001 From: Oliver Upton <oliver.upton(a)linux.dev> Date: Mon, 19 Feb 2024 18:58:06 +0000 Subject: [PATCH] irqchip/gic-v3-its: Do not assume vPE tables are preallocated The GIC/ITS code is designed to ensure to pick up any preallocated LPI tables on the redistributors, as enabling LPIs is a one-way switch. There is no such restriction for vLPIs, and for GICv4.1 it is expected to allocate a new vPE table at boot. This works as intended when initializing an ITS, however when setting up a redistributor in cpu_init_lpis() the early return for preallocated RD tables skips straight past the GICv4 setup. This all comes to a head when trying to kexec() into a new kernel, as the new kernel silently fails to set up GICv4, leading to a complete loss of SGIs and LPIs for KVM VMs. Slap a band-aid on the problem by ensuring its_cpu_init_lpis() always initializes GICv4 on the way out, even if the other RD tables were preallocated. Fixes: 6479450f72c1 ("irqchip/gic-v4: Fix occasional VLPI drop") Reported-by: George Cherian <gcherian(a)marvell.com> Co-developed-by: Marc Zyngier <maz(a)kernel.org> Signed-off-by: Marc Zyngier <maz(a)kernel.org> Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/20240219185809.286724-2-oliver.upton@linux.dev diff --git a/drivers/irqchip/irq-gic-v3-its.c b/drivers/irqchip/irq-gic-v3-its.c index 53abd4779914..b822752c4261 100644 --- a/drivers/irqchip/irq-gic-v3-its.c +++ b/drivers/irqchip/irq-gic-v3-its.c @@ -3181,6 +3181,7 @@ static void its_cpu_init_lpis(void) val |= GICR_CTLR_ENABLE_LPIS; writel_relaxed(val, rbase + GICR_CTLR); +out: if (gic_rdists->has_vlpis && !gic_rdists->has_rvpeid) { void __iomem *vlpi_base = gic_data_rdist_vlpi_base(); @@ -3216,7 +3217,6 @@ static void its_cpu_init_lpis(void) /* Make sure the GIC has seen the above */ dsb(sy); -out: gic_data_rdist()->flags |= RD_LOCAL_LPI_ENABLED; pr_info("GICv3: CPU%d: using %s LPI pending table @%pa\n", smp_processor_id(),

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] irqchip/gic-v3-its: Do not assume vPE tables are preallocated" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x ec4308ecfc887128a468f03fb66b767559c57c23 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022654-drained-afterglow-ddb6@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: ec4308ecfc88 ("irqchip/gic-v3-its: Do not assume vPE tables are preallocated") c0cdc89072a3 ("irqchip/gic-v3-its: Give the percpu rdist struct its own flags field") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From ec4308ecfc887128a468f03fb66b767559c57c23 Mon Sep 17 00:00:00 2001 From: Oliver Upton <oliver.upton(a)linux.dev> Date: Mon, 19 Feb 2024 18:58:06 +0000 Subject: [PATCH] irqchip/gic-v3-its: Do not assume vPE tables are preallocated The GIC/ITS code is designed to ensure to pick up any preallocated LPI tables on the redistributors, as enabling LPIs is a one-way switch. There is no such restriction for vLPIs, and for GICv4.1 it is expected to allocate a new vPE table at boot. This works as intended when initializing an ITS, however when setting up a redistributor in cpu_init_lpis() the early return for preallocated RD tables skips straight past the GICv4 setup. This all comes to a head when trying to kexec() into a new kernel, as the new kernel silently fails to set up GICv4, leading to a complete loss of SGIs and LPIs for KVM VMs. Slap a band-aid on the problem by ensuring its_cpu_init_lpis() always initializes GICv4 on the way out, even if the other RD tables were preallocated. Fixes: 6479450f72c1 ("irqchip/gic-v4: Fix occasional VLPI drop") Reported-by: George Cherian <gcherian(a)marvell.com> Co-developed-by: Marc Zyngier <maz(a)kernel.org> Signed-off-by: Marc Zyngier <maz(a)kernel.org> Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/20240219185809.286724-2-oliver.upton@linux.dev diff --git a/drivers/irqchip/irq-gic-v3-its.c b/drivers/irqchip/irq-gic-v3-its.c index 53abd4779914..b822752c4261 100644 --- a/drivers/irqchip/irq-gic-v3-its.c +++ b/drivers/irqchip/irq-gic-v3-its.c @@ -3181,6 +3181,7 @@ static void its_cpu_init_lpis(void) val |= GICR_CTLR_ENABLE_LPIS; writel_relaxed(val, rbase + GICR_CTLR); +out: if (gic_rdists->has_vlpis && !gic_rdists->has_rvpeid) { void __iomem *vlpi_base = gic_data_rdist_vlpi_base(); @@ -3216,7 +3217,6 @@ static void its_cpu_init_lpis(void) /* Make sure the GIC has seen the above */ dsb(sy); -out: gic_data_rdist()->flags |= RD_LOCAL_LPI_ENABLED; pr_info("GICv3: CPU%d: using %s LPI pending table @%pa\n", smp_processor_id(),

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] irqchip/gic-v3-its: Do not assume vPE tables are preallocated" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x ec4308ecfc887128a468f03fb66b767559c57c23 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022650-washroom-undusted-2aff@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: ec4308ecfc88 ("irqchip/gic-v3-its: Do not assume vPE tables are preallocated") c0cdc89072a3 ("irqchip/gic-v3-its: Give the percpu rdist struct its own flags field") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From ec4308ecfc887128a468f03fb66b767559c57c23 Mon Sep 17 00:00:00 2001 From: Oliver Upton <oliver.upton(a)linux.dev> Date: Mon, 19 Feb 2024 18:58:06 +0000 Subject: [PATCH] irqchip/gic-v3-its: Do not assume vPE tables are preallocated The GIC/ITS code is designed to ensure to pick up any preallocated LPI tables on the redistributors, as enabling LPIs is a one-way switch. There is no such restriction for vLPIs, and for GICv4.1 it is expected to allocate a new vPE table at boot. This works as intended when initializing an ITS, however when setting up a redistributor in cpu_init_lpis() the early return for preallocated RD tables skips straight past the GICv4 setup. This all comes to a head when trying to kexec() into a new kernel, as the new kernel silently fails to set up GICv4, leading to a complete loss of SGIs and LPIs for KVM VMs. Slap a band-aid on the problem by ensuring its_cpu_init_lpis() always initializes GICv4 on the way out, even if the other RD tables were preallocated. Fixes: 6479450f72c1 ("irqchip/gic-v4: Fix occasional VLPI drop") Reported-by: George Cherian <gcherian(a)marvell.com> Co-developed-by: Marc Zyngier <maz(a)kernel.org> Signed-off-by: Marc Zyngier <maz(a)kernel.org> Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/20240219185809.286724-2-oliver.upton@linux.dev diff --git a/drivers/irqchip/irq-gic-v3-its.c b/drivers/irqchip/irq-gic-v3-its.c index 53abd4779914..b822752c4261 100644 --- a/drivers/irqchip/irq-gic-v3-its.c +++ b/drivers/irqchip/irq-gic-v3-its.c @@ -3181,6 +3181,7 @@ static void its_cpu_init_lpis(void) val |= GICR_CTLR_ENABLE_LPIS; writel_relaxed(val, rbase + GICR_CTLR); +out: if (gic_rdists->has_vlpis && !gic_rdists->has_rvpeid) { void __iomem *vlpi_base = gic_data_rdist_vlpi_base(); @@ -3216,7 +3217,6 @@ static void its_cpu_init_lpis(void) /* Make sure the GIC has seen the above */ dsb(sy); -out: gic_data_rdist()->flags |= RD_LOCAL_LPI_ENABLED; pr_info("GICv3: CPU%d: using %s LPI pending table @%pa\n", smp_processor_id(),

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] scsi: sd: usb_storage: uas: Access media prior to querying" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 321da3dc1f3c92a12e3c5da934090d2992a8814c # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022657-skintight-fetal-ec4b@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 321da3dc1f3c ("scsi: sd: usb_storage: uas: Access media prior to querying device properties") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 321da3dc1f3c92a12e3c5da934090d2992a8814c Mon Sep 17 00:00:00 2001 From: "Martin K. Petersen" <martin.petersen(a)oracle.com> Date: Tue, 13 Feb 2024 09:33:06 -0500 Subject: [PATCH] scsi: sd: usb_storage: uas: Access media prior to querying device properties It has been observed that some USB/UAS devices return generic properties hardcoded in firmware for mode pages for a period of time after a device has been discovered. The reported properties are either garbage or they do not accurately reflect the characteristics of the physical storage device attached in the case of a bridge. Prior to commit 1e029397d12f ("scsi: sd: Reorganize DIF/DIX code to avoid calling revalidate twice") we would call revalidate several times during device discovery. As a result, incorrect values would eventually get replaced with ones accurately describing the attached storage. When we did away with the redundant revalidate pass, several cases were reported where devices reported nonsensical values or would end up in write-protected state. An initial attempt at addressing this issue involved introducing a delayed second revalidate invocation. However, this approach still left some devices reporting incorrect characteristics. Tasos Sahanidis debugged the problem further and identified that introducing a READ operation prior to MODE SENSE fixed the problem and that it wasn't a timing issue. Issuing a READ appears to cause the devices to update their state to reflect the actual properties of the storage media. Device properties like vendor, model, and storage capacity appear to be correctly reported from the get-go. It is unclear why these devices defer populating the remaining characteristics. Match the behavior of a well known commercial operating system and trigger a READ operation prior to querying device characteristics to force the device to populate the mode pages. The additional READ is triggered by a flag set in the USB storage and UAS drivers. We avoid issuing the READ for other transport classes since some storage devices identify Linux through our particular discovery command sequence. Link: https://lore.kernel.org/r/20240213143306.2194237-1-martin.petersen@oracle.c… Fixes: 1e029397d12f ("scsi: sd: Reorganize DIF/DIX code to avoid calling revalidate twice") Cc: stable(a)vger.kernel.org Reported-by: Tasos Sahanidis <tasos(a)tasossah.com> Reviewed-by: Ewan D. Milne <emilne(a)redhat.com> Reviewed-by: Bart Van Assche <bvanassche(a)acm.org> Tested-by: Tasos Sahanidis <tasos(a)tasossah.com> Signed-off-by: Martin K. Petersen <martin.petersen(a)oracle.com> diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c index 0833b3e6aa6e..bdd0acf7fa3c 100644 --- a/drivers/scsi/sd.c +++ b/drivers/scsi/sd.c @@ -3407,6 +3407,24 @@ static bool sd_validate_opt_xfer_size(struct scsi_disk *sdkp, return true; } +static void sd_read_block_zero(struct scsi_disk *sdkp) +{ + unsigned int buf_len = sdkp->device->sector_size; + char *buffer, cmd[10] = { }; + + buffer = kmalloc(buf_len, GFP_KERNEL); + if (!buffer) + return; + + cmd[0] = READ_10; + put_unaligned_be32(0, &cmd[2]); /* Logical block address 0 */ + put_unaligned_be16(1, &cmd[7]); /* Transfer 1 logical block */ + + scsi_execute_cmd(sdkp->device, cmd, REQ_OP_DRV_IN, buffer, buf_len, + SD_TIMEOUT, sdkp->max_retries, NULL); + kfree(buffer); +} + /** * sd_revalidate_disk - called the first time a new disk is seen, * performs disk spin up, read_capacity, etc. @@ -3446,7 +3464,13 @@ static int sd_revalidate_disk(struct gendisk *disk) */ if (sdkp->media_present) { sd_read_capacity(sdkp, buffer); - + /* + * Some USB/UAS devices return generic values for mode pages + * until the media has been accessed. Trigger a READ operation + * to force the device to populate mode pages. + */ + if (sdp->read_before_ms) + sd_read_block_zero(sdkp); /* * set the default to rotational. All non-rotational devices * support the block characteristics VPD page, which will diff --git a/drivers/usb/storage/scsiglue.c b/drivers/usb/storage/scsiglue.c index c54e9805da53..12cf9940e5b6 100644 --- a/drivers/usb/storage/scsiglue.c +++ b/drivers/usb/storage/scsiglue.c @@ -179,6 +179,13 @@ static int slave_configure(struct scsi_device *sdev) */ sdev->use_192_bytes_for_3f = 1; + /* + * Some devices report generic values until the media has been + * accessed. Force a READ(10) prior to querying device + * characteristics. + */ + sdev->read_before_ms = 1; + /* * Some devices don't like MODE SENSE with page=0x3f, * which is the command used for checking if a device diff --git a/drivers/usb/storage/uas.c b/drivers/usb/storage/uas.c index 9707f53cfda9..71ace274761f 100644 --- a/drivers/usb/storage/uas.c +++ b/drivers/usb/storage/uas.c @@ -878,6 +878,13 @@ static int uas_slave_configure(struct scsi_device *sdev) if (devinfo->flags & US_FL_CAPACITY_HEURISTICS) sdev->guess_capacity = 1; + /* + * Some devices report generic values until the media has been + * accessed. Force a READ(10) prior to querying device + * characteristics. + */ + sdev->read_before_ms = 1; + /* * Some devices don't like MODE SENSE with page=0x3f, * which is the command used for checking if a device diff --git a/include/scsi/scsi_device.h b/include/scsi/scsi_device.h index 5ec1e71a09de..01c02cb76ea6 100644 --- a/include/scsi/scsi_device.h +++ b/include/scsi/scsi_device.h @@ -208,6 +208,7 @@ struct scsi_device { unsigned use_10_for_rw:1; /* first try 10-byte read / write */ unsigned use_10_for_ms:1; /* first try 10-byte mode sense/select */ unsigned set_dbd_for_ms:1; /* Set "DBD" field in mode sense */ + unsigned read_before_ms:1; /* perform a READ before MODE SENSE */ unsigned no_report_opcodes:1; /* no REPORT SUPPORTED OPERATION CODES */ unsigned no_write_same:1; /* no WRITE SAME command */ unsigned use_16_for_rw:1; /* Use read/write(16) over read/write(10) */

1 year, 6 months

1
0
0 0

[PATCH] serial: Lock console when calling into driver before registration

by Peter Collingbourne

During the handoff from earlycon to the real console driver, we have two separate drivers operating on the same device concurrently. In the case of the 8250 driver these concurrent accesses cause problems due to the driver's use of banked registers, controlled by LCR.DLAB. It is possible for the setup(), config_port(), pm() and set_mctrl() callbacks to set DLAB, which can cause the earlycon code that intends to access TX to instead access DLL, leading to missed output and corruption on the serial line due to unintended modifications to the baud rate. In particular, for setup() we have: univ8250_console_setup() -> serial8250_console_setup() -> uart_set_options() -> serial8250_set_termios() -> serial8250_do_set_termios() -> serial8250_do_set_divisor() For config_port() we have: serial8250_config_port() -> autoconfig() For pm() we have: serial8250_pm() -> serial8250_do_pm() -> serial8250_set_sleep() For set_mctrl() we have (for some devices): serial8250_set_mctrl() -> omap8250_set_mctrl() -> __omap8250_set_mctrl() To avoid such problems, let's make it so that the console is locked during pre-registration calls to these callbacks, which will prevent the earlycon driver from running concurrently. Remove the partial solution to this problem in the 8250 driver that locked the console only during autoconfig_irq(), as this would result in a deadlock with the new approach. The console continues to be locked during autoconfig_irq() because it can only be called through uart_configure_port(). Although this patch introduces more locking than strictly necessary (and in particular it also locks during the call to rs485_config() which is not affected by this issue as far as I can tell), it follows the principle that it is the responsibility of the generic console code to manage the earlycon handoff by ensuring that earlycon and real console driver code cannot run concurrently, and not the individual drivers. Signed-off-by: Peter Collingbourne <pcc(a)google.com> Link: https://linux-review.googlesource.com/id/I7cf8124dcebf8618e6b2ee543fa5b2553… Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable(a)vger.kernel.org --- drivers/tty/serial/8250/8250_port.c | 6 ------ drivers/tty/serial/serial_core.c | 10 ++++++++++ kernel/printk/printk.c | 20 +++++++++++++++++--- 3 files changed, 27 insertions(+), 9 deletions(-) diff --git a/drivers/tty/serial/8250/8250_port.c b/drivers/tty/serial/8250/8250_port.c index 8ca061d3bbb9..1d65055dde27 100644 --- a/drivers/tty/serial/8250/8250_port.c +++ b/drivers/tty/serial/8250/8250_port.c @@ -1329,9 +1329,6 @@ static void autoconfig_irq(struct uart_8250_port *up) inb_p(ICP); } - if (uart_console(port)) - console_lock(); - /* forget possible initially masked and pending IRQ */ probe_irq_off(probe_irq_on()); save_mcr = serial8250_in_MCR(up); @@ -1371,9 +1368,6 @@ static void autoconfig_irq(struct uart_8250_port *up) if (port->flags & UPF_FOURPORT) outb_p(save_ICP, ICP); - if (uart_console(port)) - console_unlock(); - port->irq = (irq > 0) ? irq : 0; } diff --git a/drivers/tty/serial/serial_core.c b/drivers/tty/serial/serial_core.c index d6a58a9e072a..128aa0e0ae24 100644 --- a/drivers/tty/serial/serial_core.c +++ b/drivers/tty/serial/serial_core.c @@ -2608,7 +2608,11 @@ uart_configure_port(struct uart_driver *drv, struct uart_state *state, port->type = PORT_UNKNOWN; flags |= UART_CONFIG_TYPE; } + if (uart_console(port)) + console_lock(); port->ops->config_port(port, flags); + if (uart_console(port)) + console_unlock(); } if (port->type != PORT_UNKNOWN) { @@ -2616,6 +2620,9 @@ uart_configure_port(struct uart_driver *drv, struct uart_state *state, uart_report_port(drv, port); + if (uart_console(port)) + console_lock(); + /* Power up port for set_mctrl() */ uart_change_pm(state, UART_PM_STATE_ON); @@ -2632,6 +2639,9 @@ uart_configure_port(struct uart_driver *drv, struct uart_state *state, uart_rs485_config(port); + if (uart_console(port)) + console_unlock(); + /* * If this driver supports console, and it hasn't been * successfully registered yet, try to re-register it. diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c index f2444b581e16..db69545e6250 100644 --- a/kernel/printk/printk.c +++ b/kernel/printk/printk.c @@ -3263,6 +3263,20 @@ static int __init keep_bootcon_setup(char *str) early_param("keep_bootcon", keep_bootcon_setup); +static int console_call_setup(struct console *newcon, char *options) +{ + int err; + + if (!newcon->setup) + return 0; + + console_lock(); + err = newcon->setup(newcon, options); + console_unlock(); + + return err; +} + /* * This is called by register_console() to try to match * the newly registered console with any of the ones selected @@ -3298,8 +3312,8 @@ static int try_enable_preferred_console(struct console *newcon, if (_braille_register_console(newcon, c)) return 0; - if (newcon->setup && - (err = newcon->setup(newcon, c->options)) != 0) + err = console_call_setup(newcon, c->options); + if (err != 0) return err; } newcon->flags |= CON_ENABLED; @@ -3325,7 +3339,7 @@ static void try_enable_default_console(struct console *newcon) if (newcon->index < 0) newcon->index = 0; - if (newcon->setup && newcon->setup(newcon, NULL) != 0) + if (console_call_setup(newcon, NULL) != 0) return; newcon->flags |= CON_ENABLED; -- 2.44.0.rc1.240.g4c46232300-goog

1 year, 6 months

2
1
0 0

Re: [PATCH] mfd: twl6030-irq: Revert to use of_match_device()

by Andreas Schwab

On Okt 29 2023, Peter Ujfalusi wrote: > The core twl chip is probed via i2c and the dev->driver->of_match_table is > NULL, causing the driver to fail to probe. > > This partially reverts commit 1e0c866887f4. > > Fixes: 1e0c866887f4 ("mfd: Use device_get_match_data() in a bunch of drivers") That commit id does not exist, which is why it hasn't been picked up by stable. The correct commit id is 830fafce06e6f. -- Andreas Schwab, SUSE Labs, schwab(a)suse.de GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7 "And now for something completely different."

1 year, 6 months

3
2
0 0

Request to include a couple of fixes to stable branches

by Shyam Prasad N

Hi stable maintainers, We seem to have missed adding the stable tag to a couple of important patches that went upstream for fs/smb/client. Can you please include them in all the stable trees? https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -- Regards, Shyam

1 year, 6 months

2
2
0 0

[PATCH v1] mtd: rawnand: meson: fix scrambling mode value in command macro

by Arseniy Krasnov

Scrambling mode is enabled by value (1 << 19). NFC_CMD_SCRAMBLER_ENABLE is already (1 << 19), so there is no need to shift it again in CMDRWGEN macro. Signed-off-by: Arseniy Krasnov <avkrasnov(a)salutedevices.com> Cc: <Stable(a)vger.kernel.org> Fixes: 8fae856c5350 ("mtd: rawnand: meson: add support for Amlogic NAND flash controller") --- drivers/mtd/nand/raw/meson_nand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/mtd/nand/raw/meson_nand.c b/drivers/mtd/nand/raw/meson_nand.c index cdb58aca59c0..2a96a87cf79c 100644 --- a/drivers/mtd/nand/raw/meson_nand.c +++ b/drivers/mtd/nand/raw/meson_nand.c @@ -63,7 +63,7 @@ #define CMDRWGEN(cmd_dir, ran, bch, short_mode, page_size, pages) \ ( \ (cmd_dir) | \ - ((ran) << 19) | \ + (ran) | \ ((bch) << 14) | \ ((short_mode) << 13) | \ (((page_size) & 0x7f) << 6) | \ -- 2.35.0

1 year, 6 months

2
1
0 0

[PATCH 0/7] 5.4 backport of recent mds improvement patches

by Nikolay Borisov

Here's the recently merged mds improvement patches adapted to latest stable tree. I've only compile tested them, but since I have also done similar backports for older kernels I'm sure they should work. The main difference is in the definition of the CLEAR_CPU_BUFFERS macro since 5.4 doesn't contains the alternative relocation handling logic hence the verw instruction is moved out of the alternative definition and instead we have a jump which skips the verw instruction there. That way the relocation will be handled by the toolchain rather than the kernel. H. Peter Anvin (Intel) (1): x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix Pawan Gupta (5): x86/bugs: Add asm helpers for executing VERW x86/entry_64: Add VERW just before userspace transition x86/entry_32: Add VERW just before userspace transition x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key KVM/VMX: Move VERW closer to VMentry for MDS mitigation Sean Christopherson (1): KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH Documentation/x86/mds.rst | 38 ++++++++++++++++++++-------- arch/x86/entry/Makefile | 2 +- arch/x86/entry/common.c | 2 -- arch/x86/entry/entry.S | 23 +++++++++++++++++ arch/x86/entry/entry_32.S | 3 +++ arch/x86/entry/entry_64.S | 10 ++++++++ arch/x86/entry/entry_64_compat.S | 1 + arch/x86/include/asm/asm.h | 6 ++++- arch/x86/include/asm/cpufeatures.h | 2 +- arch/x86/include/asm/irqflags.h | 1 + arch/x86/include/asm/nospec-branch.h | 26 ++++++++++--------- arch/x86/kernel/cpu/bugs.c | 15 +++++------ arch/x86/kernel/nmi.c | 3 --- arch/x86/kvm/vmx/run_flags.h | 7 +++-- arch/x86/kvm/vmx/vmenter.S | 9 ++++--- arch/x86/kvm/vmx/vmx.c | 12 ++++++--- 16 files changed, 111 insertions(+), 49 deletions(-) create mode 100644 arch/x86/entry/entry.S -- 2.34.1

1 year, 6 months

2
8
0 0

FAILED: patch "[PATCH] crypto: virtio/akcipher - Fix stack overflow on memcpy" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x c0ec2a712daf133d9996a8a1b7ee2d4996080363 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022629-defog-preoccupy-2fb8@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: c0ec2a712daf ("crypto: virtio/akcipher - Fix stack overflow on memcpy") 0756ad15b1fe ("virtio-crypto: use private buffer for control request") 6fd763d15586 ("virtio-crypto: change code style") 59ca6c93387d ("virtio-crypto: implement RSA algorithm") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From c0ec2a712daf133d9996a8a1b7ee2d4996080363 Mon Sep 17 00:00:00 2001 From: zhenwei pi <pizhenwei(a)bytedance.com> Date: Tue, 30 Jan 2024 19:27:40 +0800 Subject: [PATCH] crypto: virtio/akcipher - Fix stack overflow on memcpy sizeof(struct virtio_crypto_akcipher_session_para) is less than sizeof(struct virtio_crypto_op_ctrl_req::u), copying more bytes from stack variable leads stack overflow. Clang reports this issue by commands: make -j CC=clang-14 mrproper >/dev/null 2>&1 make -j O=/tmp/crypto-build CC=clang-14 allmodconfig >/dev/null 2>&1 make -j O=/tmp/crypto-build W=1 CC=clang-14 drivers/crypto/virtio/ virtio_crypto_akcipher_algs.o Fixes: 59ca6c93387d ("virtio-crypto: implement RSA algorithm") Link: https://lore.kernel.org/all/0a194a79-e3a3-45e7-be98-83abd3e1cb7e@roeck-us.n… Cc: <stable(a)vger.kernel.org> Signed-off-by: zhenwei pi <pizhenwei(a)bytedance.com> Tested-by: Nathan Chancellor <nathan(a)kernel.org> # build Acked-by: Michael S. Tsirkin <mst(a)redhat.com> Acked-by: Jason Wang <jasowang(a)redhat.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> diff --git a/drivers/crypto/virtio/virtio_crypto_akcipher_algs.c b/drivers/crypto/virtio/virtio_crypto_akcipher_algs.c index 2621ff8a9376..de53eddf6796 100644 --- a/drivers/crypto/virtio/virtio_crypto_akcipher_algs.c +++ b/drivers/crypto/virtio/virtio_crypto_akcipher_algs.c @@ -104,7 +104,8 @@ static void virtio_crypto_dataq_akcipher_callback(struct virtio_crypto_request * } static int virtio_crypto_alg_akcipher_init_session(struct virtio_crypto_akcipher_ctx *ctx, - struct virtio_crypto_ctrl_header *header, void *para, + struct virtio_crypto_ctrl_header *header, + struct virtio_crypto_akcipher_session_para *para, const uint8_t *key, unsigned int keylen) { struct scatterlist outhdr_sg, key_sg, inhdr_sg, *sgs[3]; @@ -128,7 +129,7 @@ static int virtio_crypto_alg_akcipher_init_session(struct virtio_crypto_akcipher ctrl = &vc_ctrl_req->ctrl; memcpy(&ctrl->header, header, sizeof(ctrl->header)); - memcpy(&ctrl->u, para, sizeof(ctrl->u)); + memcpy(&ctrl->u.akcipher_create_session.para, para, sizeof(*para)); input = &vc_ctrl_req->input; input->status = cpu_to_le32(VIRTIO_CRYPTO_ERR);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] crypto: virtio/akcipher - Fix stack overflow on memcpy" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x c0ec2a712daf133d9996a8a1b7ee2d4996080363 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022621-shine-synergy-f0c6@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: c0ec2a712daf ("crypto: virtio/akcipher - Fix stack overflow on memcpy") 0756ad15b1fe ("virtio-crypto: use private buffer for control request") 6fd763d15586 ("virtio-crypto: change code style") 59ca6c93387d ("virtio-crypto: implement RSA algorithm") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From c0ec2a712daf133d9996a8a1b7ee2d4996080363 Mon Sep 17 00:00:00 2001 From: zhenwei pi <pizhenwei(a)bytedance.com> Date: Tue, 30 Jan 2024 19:27:40 +0800 Subject: [PATCH] crypto: virtio/akcipher - Fix stack overflow on memcpy sizeof(struct virtio_crypto_akcipher_session_para) is less than sizeof(struct virtio_crypto_op_ctrl_req::u), copying more bytes from stack variable leads stack overflow. Clang reports this issue by commands: make -j CC=clang-14 mrproper >/dev/null 2>&1 make -j O=/tmp/crypto-build CC=clang-14 allmodconfig >/dev/null 2>&1 make -j O=/tmp/crypto-build W=1 CC=clang-14 drivers/crypto/virtio/ virtio_crypto_akcipher_algs.o Fixes: 59ca6c93387d ("virtio-crypto: implement RSA algorithm") Link: https://lore.kernel.org/all/0a194a79-e3a3-45e7-be98-83abd3e1cb7e@roeck-us.n… Cc: <stable(a)vger.kernel.org> Signed-off-by: zhenwei pi <pizhenwei(a)bytedance.com> Tested-by: Nathan Chancellor <nathan(a)kernel.org> # build Acked-by: Michael S. Tsirkin <mst(a)redhat.com> Acked-by: Jason Wang <jasowang(a)redhat.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> diff --git a/drivers/crypto/virtio/virtio_crypto_akcipher_algs.c b/drivers/crypto/virtio/virtio_crypto_akcipher_algs.c index 2621ff8a9376..de53eddf6796 100644 --- a/drivers/crypto/virtio/virtio_crypto_akcipher_algs.c +++ b/drivers/crypto/virtio/virtio_crypto_akcipher_algs.c @@ -104,7 +104,8 @@ static void virtio_crypto_dataq_akcipher_callback(struct virtio_crypto_request * } static int virtio_crypto_alg_akcipher_init_session(struct virtio_crypto_akcipher_ctx *ctx, - struct virtio_crypto_ctrl_header *header, void *para, + struct virtio_crypto_ctrl_header *header, + struct virtio_crypto_akcipher_session_para *para, const uint8_t *key, unsigned int keylen) { struct scatterlist outhdr_sg, key_sg, inhdr_sg, *sgs[3]; @@ -128,7 +129,7 @@ static int virtio_crypto_alg_akcipher_init_session(struct virtio_crypto_akcipher ctrl = &vc_ctrl_req->ctrl; memcpy(&ctrl->header, header, sizeof(ctrl->header)); - memcpy(&ctrl->u, para, sizeof(ctrl->u)); + memcpy(&ctrl->u.akcipher_create_session.para, para, sizeof(*para)); input = &vc_ctrl_req->input; input->status = cpu_to_le32(VIRTIO_CRYPTO_ERR);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] KVM: arm64: vgic-its: Test for valid IRQ in" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x 8d3a7dfb801d157ac423261d7cd62c33e95375f8 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022635-thinner-disinfect-f761@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: 8d3a7dfb801d ("KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table()") 9ed24f4b712b ("KVM: arm64: Move virt/kvm/arm to arch/arm64") 3b50142d8528 ("MAINTAINERS: sort field names for all entries") 4400b7d68f6e ("MAINTAINERS: sort entries by entry name") b032227c6293 ("Merge tag 'nios2-v5.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/lftan/nios2") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8d3a7dfb801d157ac423261d7cd62c33e95375f8 Mon Sep 17 00:00:00 2001 From: Oliver Upton <oliver.upton(a)linux.dev> Date: Wed, 21 Feb 2024 09:27:31 +0000 Subject: [PATCH] KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() vgic_get_irq() may not return a valid descriptor if there is no ITS that holds a valid translation for the specified INTID. If that is the case, it is safe to silently ignore it and continue processing the LPI pending table. Cc: stable(a)vger.kernel.org Fixes: 33d3bc9556a7 ("KVM: arm64: vgic-its: Read initial LPI pending table") Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> Link: https://lore.kernel.org/r/20240221092732.4126848-2-oliver.upton@linux.dev Signed-off-by: Marc Zyngier <maz(a)kernel.org> diff --git a/arch/arm64/kvm/vgic/vgic-its.c b/arch/arm64/kvm/vgic/vgic-its.c index e2764d0ffa9f..082448de27ed 100644 --- a/arch/arm64/kvm/vgic/vgic-its.c +++ b/arch/arm64/kvm/vgic/vgic-its.c @@ -468,6 +468,9 @@ static int its_sync_lpi_pending_table(struct kvm_vcpu *vcpu) } irq = vgic_get_irq(vcpu->kvm, NULL, intids[i]); + if (!irq) + continue; + raw_spin_lock_irqsave(&irq->irq_lock, flags); irq->pending_latch = pendmask & (1U << bit_nr); vgic_queue_irq_unlock(vcpu->kvm, irq, flags);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] KVM: arm64: vgic-its: Test for valid IRQ in" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 8d3a7dfb801d157ac423261d7cd62c33e95375f8 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022634-rut-premises-24cc@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: 8d3a7dfb801d ("KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table()") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8d3a7dfb801d157ac423261d7cd62c33e95375f8 Mon Sep 17 00:00:00 2001 From: Oliver Upton <oliver.upton(a)linux.dev> Date: Wed, 21 Feb 2024 09:27:31 +0000 Subject: [PATCH] KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() vgic_get_irq() may not return a valid descriptor if there is no ITS that holds a valid translation for the specified INTID. If that is the case, it is safe to silently ignore it and continue processing the LPI pending table. Cc: stable(a)vger.kernel.org Fixes: 33d3bc9556a7 ("KVM: arm64: vgic-its: Read initial LPI pending table") Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> Link: https://lore.kernel.org/r/20240221092732.4126848-2-oliver.upton@linux.dev Signed-off-by: Marc Zyngier <maz(a)kernel.org> diff --git a/arch/arm64/kvm/vgic/vgic-its.c b/arch/arm64/kvm/vgic/vgic-its.c index e2764d0ffa9f..082448de27ed 100644 --- a/arch/arm64/kvm/vgic/vgic-its.c +++ b/arch/arm64/kvm/vgic/vgic-its.c @@ -468,6 +468,9 @@ static int its_sync_lpi_pending_table(struct kvm_vcpu *vcpu) } irq = vgic_get_irq(vcpu->kvm, NULL, intids[i]); + if (!irq) + continue; + raw_spin_lock_irqsave(&irq->irq_lock, flags); irq->pending_latch = pendmask & (1U << bit_nr); vgic_queue_irq_unlock(vcpu->kvm, irq, flags);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x 85a71ee9a0700f6c18862ef3b0011ed9dad99aca # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022619-opulently-accustom-dbe1@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: 85a71ee9a070 ("KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 85a71ee9a0700f6c18862ef3b0011ed9dad99aca Mon Sep 17 00:00:00 2001 From: Oliver Upton <oliver.upton(a)linux.dev> Date: Wed, 21 Feb 2024 09:27:32 +0000 Subject: [PATCH] KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler It is possible that an LPI mapped in a different ITS gets unmapped while handling the MOVALL command. If that is the case, there is no state that can be migrated to the destination. Silently ignore it and continue migrating other LPIs. Cc: stable(a)vger.kernel.org Fixes: ff9c114394aa ("KVM: arm/arm64: GICv4: Handle MOVALL applied to a vPE") Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> Link: https://lore.kernel.org/r/20240221092732.4126848-3-oliver.upton@linux.dev Signed-off-by: Marc Zyngier <maz(a)kernel.org> diff --git a/arch/arm64/kvm/vgic/vgic-its.c b/arch/arm64/kvm/vgic/vgic-its.c index 082448de27ed..28a93074eca1 100644 --- a/arch/arm64/kvm/vgic/vgic-its.c +++ b/arch/arm64/kvm/vgic/vgic-its.c @@ -1435,6 +1435,8 @@ static int vgic_its_cmd_handle_movall(struct kvm *kvm, struct vgic_its *its, for (i = 0; i < irq_count; i++) { irq = vgic_get_irq(kvm, NULL, intids[i]); + if (!irq) + continue; update_affinity(irq, vcpu2);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 85a71ee9a0700f6c18862ef3b0011ed9dad99aca # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022618-maternal-runny-28b5@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: 85a71ee9a070 ("KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 85a71ee9a0700f6c18862ef3b0011ed9dad99aca Mon Sep 17 00:00:00 2001 From: Oliver Upton <oliver.upton(a)linux.dev> Date: Wed, 21 Feb 2024 09:27:32 +0000 Subject: [PATCH] KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler It is possible that an LPI mapped in a different ITS gets unmapped while handling the MOVALL command. If that is the case, there is no state that can be migrated to the destination. Silently ignore it and continue migrating other LPIs. Cc: stable(a)vger.kernel.org Fixes: ff9c114394aa ("KVM: arm/arm64: GICv4: Handle MOVALL applied to a vPE") Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> Link: https://lore.kernel.org/r/20240221092732.4126848-3-oliver.upton@linux.dev Signed-off-by: Marc Zyngier <maz(a)kernel.org> diff --git a/arch/arm64/kvm/vgic/vgic-its.c b/arch/arm64/kvm/vgic/vgic-its.c index 082448de27ed..28a93074eca1 100644 --- a/arch/arm64/kvm/vgic/vgic-its.c +++ b/arch/arm64/kvm/vgic/vgic-its.c @@ -1435,6 +1435,8 @@ static int vgic_its_cmd_handle_movall(struct kvm *kvm, struct vgic_its *its, for (i = 0; i < irq_count; i++) { irq = vgic_get_irq(kvm, NULL, intids[i]); + if (!irq) + continue; update_affinity(irq, vcpu2);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] cachefiles: fix memory leak in cachefiles_add_cache()" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x e21a2f17566cbd64926fb8f16323972f7a064444 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022639-selection-angrily-d6ff@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: e21a2f17566c ("cachefiles: fix memory leak in cachefiles_add_cache()") d1065b0a6fd9 ("cachefiles: Implement cache registration and withdrawal") 32759f7d7af5 ("cachefiles: Implement a function to get/create a directory in the cache") 1bd9c4e4f049 ("vfs, cachefiles: Mark a backing file in use with an inode flag") 80f94f29f677 ("cachefiles: Provide a function to check how much space there is") 8667d434b2a9 ("cachefiles: Register a miscdev and parse commands over it") 254947d47945 ("cachefiles: Add security derivation") 1493bf74bcf2 ("cachefiles: Add cache error reporting macro") ecf5a6ce15f9 ("cachefiles: Add a couple of tracepoints for logging errors") a70f6526267e ("cachefiles: Add some error injection support") 8390fbc46570 ("cachefiles: Define structs") 77443f6171f3 ("cachefiles: Introduce rewritten driver") 850cba069c26 ("cachefiles: Delete the cachefiles driver pending rewrite") b6773cdb0e9f ("Merge tag 'for-5.16/ki_complete-2021-10-29' of git://git.kernel.dk/linux-block") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e21a2f17566cbd64926fb8f16323972f7a064444 Mon Sep 17 00:00:00 2001 From: Baokun Li <libaokun1(a)huawei.com> Date: Sat, 17 Feb 2024 16:14:31 +0800 Subject: [PATCH] cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== unreferenced object 0xffff9b674176e3c0 (size 192): comm "cachefilesd2", pid 680, jiffies 4294881224 hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc ea38a44b): [<ffffffff8eb8a1a5>] kmem_cache_alloc+0x2d5/0x370 [<ffffffff8e917f86>] prepare_creds+0x26/0x2e0 [<ffffffffc002eeef>] cachefiles_determine_cache_security+0x1f/0x120 [<ffffffffc00243ec>] cachefiles_add_cache+0x13c/0x3a0 [<ffffffffc0025216>] cachefiles_daemon_write+0x146/0x1c0 [<ffffffff8ebc4a3b>] vfs_write+0xcb/0x520 [<ffffffff8ebc5069>] ksys_write+0x69/0xf0 [<ffffffff8f6d4662>] do_syscall_64+0x72/0x140 [<ffffffff8f8000aa>] entry_SYSCALL_64_after_hwframe+0x6e/0x76 ================================================================== Put the reference count of cache_cred in cachefiles_daemon_unbind() to fix the problem. And also put cache_cred in cachefiles_add_cache() error branch to avoid memory leaks. Fixes: 9ae326a69004 ("CacheFiles: A cache that backs onto a mounted filesystem") CC: stable(a)vger.kernel.org Signed-off-by: Baokun Li <libaokun1(a)huawei.com> Link: https://lore.kernel.org/r/20240217081431.796809-1-libaokun1@huawei.com Acked-by: David Howells <dhowells(a)redhat.com> Reviewed-by: Jingbo Xu <jefflexu(a)linux.alibaba.com> Reviewed-by: Jeff Layton <jlayton(a)kernel.org> Signed-off-by: Christian Brauner <brauner(a)kernel.org> diff --git a/fs/cachefiles/cache.c b/fs/cachefiles/cache.c index 7077f72e6f47..f449f7340aad 100644 --- a/fs/cachefiles/cache.c +++ b/fs/cachefiles/cache.c @@ -168,6 +168,8 @@ int cachefiles_add_cache(struct cachefiles_cache *cache) dput(root); error_open_root: cachefiles_end_secure(cache, saved_cred); + put_cred(cache->cache_cred); + cache->cache_cred = NULL; error_getsec: fscache_relinquish_cache(cache_cookie); cache->cache = NULL; diff --git a/fs/cachefiles/daemon.c b/fs/cachefiles/daemon.c index 3f24905f4066..6465e2574230 100644 --- a/fs/cachefiles/daemon.c +++ b/fs/cachefiles/daemon.c @@ -816,6 +816,7 @@ static void cachefiles_daemon_unbind(struct cachefiles_cache *cache) cachefiles_put_directory(cache->graveyard); cachefiles_put_directory(cache->store); mntput(cache->mnt); + put_cred(cache->cache_cred); kfree(cache->rootdirname); kfree(cache->secctx);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] cachefiles: fix memory leak in cachefiles_add_cache()" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x e21a2f17566cbd64926fb8f16323972f7a064444 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022638-jingling-atlas-4340@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: e21a2f17566c ("cachefiles: fix memory leak in cachefiles_add_cache()") d1065b0a6fd9 ("cachefiles: Implement cache registration and withdrawal") 32759f7d7af5 ("cachefiles: Implement a function to get/create a directory in the cache") 1bd9c4e4f049 ("vfs, cachefiles: Mark a backing file in use with an inode flag") 80f94f29f677 ("cachefiles: Provide a function to check how much space there is") 8667d434b2a9 ("cachefiles: Register a miscdev and parse commands over it") 254947d47945 ("cachefiles: Add security derivation") 1493bf74bcf2 ("cachefiles: Add cache error reporting macro") ecf5a6ce15f9 ("cachefiles: Add a couple of tracepoints for logging errors") a70f6526267e ("cachefiles: Add some error injection support") 8390fbc46570 ("cachefiles: Define structs") 77443f6171f3 ("cachefiles: Introduce rewritten driver") 850cba069c26 ("cachefiles: Delete the cachefiles driver pending rewrite") b6773cdb0e9f ("Merge tag 'for-5.16/ki_complete-2021-10-29' of git://git.kernel.dk/linux-block") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e21a2f17566cbd64926fb8f16323972f7a064444 Mon Sep 17 00:00:00 2001 From: Baokun Li <libaokun1(a)huawei.com> Date: Sat, 17 Feb 2024 16:14:31 +0800 Subject: [PATCH] cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== unreferenced object 0xffff9b674176e3c0 (size 192): comm "cachefilesd2", pid 680, jiffies 4294881224 hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc ea38a44b): [<ffffffff8eb8a1a5>] kmem_cache_alloc+0x2d5/0x370 [<ffffffff8e917f86>] prepare_creds+0x26/0x2e0 [<ffffffffc002eeef>] cachefiles_determine_cache_security+0x1f/0x120 [<ffffffffc00243ec>] cachefiles_add_cache+0x13c/0x3a0 [<ffffffffc0025216>] cachefiles_daemon_write+0x146/0x1c0 [<ffffffff8ebc4a3b>] vfs_write+0xcb/0x520 [<ffffffff8ebc5069>] ksys_write+0x69/0xf0 [<ffffffff8f6d4662>] do_syscall_64+0x72/0x140 [<ffffffff8f8000aa>] entry_SYSCALL_64_after_hwframe+0x6e/0x76 ================================================================== Put the reference count of cache_cred in cachefiles_daemon_unbind() to fix the problem. And also put cache_cred in cachefiles_add_cache() error branch to avoid memory leaks. Fixes: 9ae326a69004 ("CacheFiles: A cache that backs onto a mounted filesystem") CC: stable(a)vger.kernel.org Signed-off-by: Baokun Li <libaokun1(a)huawei.com> Link: https://lore.kernel.org/r/20240217081431.796809-1-libaokun1@huawei.com Acked-by: David Howells <dhowells(a)redhat.com> Reviewed-by: Jingbo Xu <jefflexu(a)linux.alibaba.com> Reviewed-by: Jeff Layton <jlayton(a)kernel.org> Signed-off-by: Christian Brauner <brauner(a)kernel.org> diff --git a/fs/cachefiles/cache.c b/fs/cachefiles/cache.c index 7077f72e6f47..f449f7340aad 100644 --- a/fs/cachefiles/cache.c +++ b/fs/cachefiles/cache.c @@ -168,6 +168,8 @@ int cachefiles_add_cache(struct cachefiles_cache *cache) dput(root); error_open_root: cachefiles_end_secure(cache, saved_cred); + put_cred(cache->cache_cred); + cache->cache_cred = NULL; error_getsec: fscache_relinquish_cache(cache_cookie); cache->cache = NULL; diff --git a/fs/cachefiles/daemon.c b/fs/cachefiles/daemon.c index 3f24905f4066..6465e2574230 100644 --- a/fs/cachefiles/daemon.c +++ b/fs/cachefiles/daemon.c @@ -816,6 +816,7 @@ static void cachefiles_daemon_unbind(struct cachefiles_cache *cache) cachefiles_put_directory(cache->graveyard); cachefiles_put_directory(cache->store); mntput(cache->mnt); + put_cred(cache->cache_cred); kfree(cache->rootdirname); kfree(cache->secctx);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] cachefiles: fix memory leak in cachefiles_add_cache()" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x e21a2f17566cbd64926fb8f16323972f7a064444 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022636-prevail-headway-01c9@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: e21a2f17566c ("cachefiles: fix memory leak in cachefiles_add_cache()") d1065b0a6fd9 ("cachefiles: Implement cache registration and withdrawal") 32759f7d7af5 ("cachefiles: Implement a function to get/create a directory in the cache") 1bd9c4e4f049 ("vfs, cachefiles: Mark a backing file in use with an inode flag") 80f94f29f677 ("cachefiles: Provide a function to check how much space there is") 8667d434b2a9 ("cachefiles: Register a miscdev and parse commands over it") 254947d47945 ("cachefiles: Add security derivation") 1493bf74bcf2 ("cachefiles: Add cache error reporting macro") ecf5a6ce15f9 ("cachefiles: Add a couple of tracepoints for logging errors") a70f6526267e ("cachefiles: Add some error injection support") 8390fbc46570 ("cachefiles: Define structs") 77443f6171f3 ("cachefiles: Introduce rewritten driver") 850cba069c26 ("cachefiles: Delete the cachefiles driver pending rewrite") b6773cdb0e9f ("Merge tag 'for-5.16/ki_complete-2021-10-29' of git://git.kernel.dk/linux-block") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e21a2f17566cbd64926fb8f16323972f7a064444 Mon Sep 17 00:00:00 2001 From: Baokun Li <libaokun1(a)huawei.com> Date: Sat, 17 Feb 2024 16:14:31 +0800 Subject: [PATCH] cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== unreferenced object 0xffff9b674176e3c0 (size 192): comm "cachefilesd2", pid 680, jiffies 4294881224 hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc ea38a44b): [<ffffffff8eb8a1a5>] kmem_cache_alloc+0x2d5/0x370 [<ffffffff8e917f86>] prepare_creds+0x26/0x2e0 [<ffffffffc002eeef>] cachefiles_determine_cache_security+0x1f/0x120 [<ffffffffc00243ec>] cachefiles_add_cache+0x13c/0x3a0 [<ffffffffc0025216>] cachefiles_daemon_write+0x146/0x1c0 [<ffffffff8ebc4a3b>] vfs_write+0xcb/0x520 [<ffffffff8ebc5069>] ksys_write+0x69/0xf0 [<ffffffff8f6d4662>] do_syscall_64+0x72/0x140 [<ffffffff8f8000aa>] entry_SYSCALL_64_after_hwframe+0x6e/0x76 ================================================================== Put the reference count of cache_cred in cachefiles_daemon_unbind() to fix the problem. And also put cache_cred in cachefiles_add_cache() error branch to avoid memory leaks. Fixes: 9ae326a69004 ("CacheFiles: A cache that backs onto a mounted filesystem") CC: stable(a)vger.kernel.org Signed-off-by: Baokun Li <libaokun1(a)huawei.com> Link: https://lore.kernel.org/r/20240217081431.796809-1-libaokun1@huawei.com Acked-by: David Howells <dhowells(a)redhat.com> Reviewed-by: Jingbo Xu <jefflexu(a)linux.alibaba.com> Reviewed-by: Jeff Layton <jlayton(a)kernel.org> Signed-off-by: Christian Brauner <brauner(a)kernel.org> diff --git a/fs/cachefiles/cache.c b/fs/cachefiles/cache.c index 7077f72e6f47..f449f7340aad 100644 --- a/fs/cachefiles/cache.c +++ b/fs/cachefiles/cache.c @@ -168,6 +168,8 @@ int cachefiles_add_cache(struct cachefiles_cache *cache) dput(root); error_open_root: cachefiles_end_secure(cache, saved_cred); + put_cred(cache->cache_cred); + cache->cache_cred = NULL; error_getsec: fscache_relinquish_cache(cache_cookie); cache->cache = NULL; diff --git a/fs/cachefiles/daemon.c b/fs/cachefiles/daemon.c index 3f24905f4066..6465e2574230 100644 --- a/fs/cachefiles/daemon.c +++ b/fs/cachefiles/daemon.c @@ -816,6 +816,7 @@ static void cachefiles_daemon_unbind(struct cachefiles_cache *cache) cachefiles_put_directory(cache->graveyard); cachefiles_put_directory(cache->store); mntput(cache->mnt); + put_cred(cache->cache_cred); kfree(cache->rootdirname); kfree(cache->secctx);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] cachefiles: fix memory leak in cachefiles_add_cache()" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x e21a2f17566cbd64926fb8f16323972f7a064444 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022635-princess-penniless-bfa6@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: e21a2f17566c ("cachefiles: fix memory leak in cachefiles_add_cache()") d1065b0a6fd9 ("cachefiles: Implement cache registration and withdrawal") 32759f7d7af5 ("cachefiles: Implement a function to get/create a directory in the cache") 1bd9c4e4f049 ("vfs, cachefiles: Mark a backing file in use with an inode flag") 80f94f29f677 ("cachefiles: Provide a function to check how much space there is") 8667d434b2a9 ("cachefiles: Register a miscdev and parse commands over it") 254947d47945 ("cachefiles: Add security derivation") 1493bf74bcf2 ("cachefiles: Add cache error reporting macro") ecf5a6ce15f9 ("cachefiles: Add a couple of tracepoints for logging errors") a70f6526267e ("cachefiles: Add some error injection support") 8390fbc46570 ("cachefiles: Define structs") 77443f6171f3 ("cachefiles: Introduce rewritten driver") 850cba069c26 ("cachefiles: Delete the cachefiles driver pending rewrite") b6773cdb0e9f ("Merge tag 'for-5.16/ki_complete-2021-10-29' of git://git.kernel.dk/linux-block") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e21a2f17566cbd64926fb8f16323972f7a064444 Mon Sep 17 00:00:00 2001 From: Baokun Li <libaokun1(a)huawei.com> Date: Sat, 17 Feb 2024 16:14:31 +0800 Subject: [PATCH] cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== unreferenced object 0xffff9b674176e3c0 (size 192): comm "cachefilesd2", pid 680, jiffies 4294881224 hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc ea38a44b): [<ffffffff8eb8a1a5>] kmem_cache_alloc+0x2d5/0x370 [<ffffffff8e917f86>] prepare_creds+0x26/0x2e0 [<ffffffffc002eeef>] cachefiles_determine_cache_security+0x1f/0x120 [<ffffffffc00243ec>] cachefiles_add_cache+0x13c/0x3a0 [<ffffffffc0025216>] cachefiles_daemon_write+0x146/0x1c0 [<ffffffff8ebc4a3b>] vfs_write+0xcb/0x520 [<ffffffff8ebc5069>] ksys_write+0x69/0xf0 [<ffffffff8f6d4662>] do_syscall_64+0x72/0x140 [<ffffffff8f8000aa>] entry_SYSCALL_64_after_hwframe+0x6e/0x76 ================================================================== Put the reference count of cache_cred in cachefiles_daemon_unbind() to fix the problem. And also put cache_cred in cachefiles_add_cache() error branch to avoid memory leaks. Fixes: 9ae326a69004 ("CacheFiles: A cache that backs onto a mounted filesystem") CC: stable(a)vger.kernel.org Signed-off-by: Baokun Li <libaokun1(a)huawei.com> Link: https://lore.kernel.org/r/20240217081431.796809-1-libaokun1@huawei.com Acked-by: David Howells <dhowells(a)redhat.com> Reviewed-by: Jingbo Xu <jefflexu(a)linux.alibaba.com> Reviewed-by: Jeff Layton <jlayton(a)kernel.org> Signed-off-by: Christian Brauner <brauner(a)kernel.org> diff --git a/fs/cachefiles/cache.c b/fs/cachefiles/cache.c index 7077f72e6f47..f449f7340aad 100644 --- a/fs/cachefiles/cache.c +++ b/fs/cachefiles/cache.c @@ -168,6 +168,8 @@ int cachefiles_add_cache(struct cachefiles_cache *cache) dput(root); error_open_root: cachefiles_end_secure(cache, saved_cred); + put_cred(cache->cache_cred); + cache->cache_cred = NULL; error_getsec: fscache_relinquish_cache(cache_cookie); cache->cache = NULL; diff --git a/fs/cachefiles/daemon.c b/fs/cachefiles/daemon.c index 3f24905f4066..6465e2574230 100644 --- a/fs/cachefiles/daemon.c +++ b/fs/cachefiles/daemon.c @@ -816,6 +816,7 @@ static void cachefiles_daemon_unbind(struct cachefiles_cache *cache) cachefiles_put_directory(cache->graveyard); cachefiles_put_directory(cache->store); mntput(cache->mnt); + put_cred(cache->cache_cred); kfree(cache->rootdirname); kfree(cache->secctx);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] platform/x86: touchscreen_dmi: Allow partial (prefix) matches" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x dbcbfd662a725641d118fb3ae5ffb7be4e3d0fb0 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022608-trombone-banker-5ed4@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: dbcbfd662a72 ("platform/x86: touchscreen_dmi: Allow partial (prefix) matches for ACPI names") 87eaede45385 ("platform/x86: touchscreen_dmi: Handle device properties with software node API") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From dbcbfd662a725641d118fb3ae5ffb7be4e3d0fb0 Mon Sep 17 00:00:00 2001 From: Hans de Goede <hdegoede(a)redhat.com> Date: Mon, 12 Feb 2024 13:06:07 +0100 Subject: [PATCH] platform/x86: touchscreen_dmi: Allow partial (prefix) matches for ACPI names On some devices the ACPI name of the touchscreen is e.g. either MSSL1680:00 or MSSL1680:01 depending on the BIOS version. This happens for example on the "Chuwi Hi8 Air" tablet where the initial commit's ts_data uses "MSSL1680:00" but the tablets from the github issue and linux-hardware.org probe linked below both use "MSSL1680:01". Replace the strcmp() match on ts_data->acpi_name with a strstarts() check to allow using a partial match on just the ACPI HID of "MSSL1680" and change the ts_data->acpi_name for the "Chuwi Hi8 Air" accordingly to fix the touchscreen not working on models where it is "MSSL1680:01". Note this drops the length check for I2C_NAME_SIZE. This never was necessary since the ACPI names used are never more then 11 chars and I2C_NAME_SIZE is 20 so the replaced strncmp() would always stop long before reaching I2C_NAME_SIZE. Link: https://linux-hardware.org/?computer=AC4301C0542A Fixes: bbb97d728f77 ("platform/x86: touchscreen_dmi: Add info for the Chuwi Hi8 Air tablet") Closes: https://github.com/onitake/gsl-firmware/issues/91 Cc: stable(a)vger.kernel.org Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy(a)linux.intel.com> Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> Link: https://lore.kernel.org/r/20240212120608.30469-1-hdegoede@redhat.com diff --git a/drivers/platform/x86/touchscreen_dmi.c b/drivers/platform/x86/touchscreen_dmi.c index 7aee5e9ff2b8..969477c83e56 100644 --- a/drivers/platform/x86/touchscreen_dmi.c +++ b/drivers/platform/x86/touchscreen_dmi.c @@ -81,7 +81,7 @@ static const struct property_entry chuwi_hi8_air_props[] = { }; static const struct ts_dmi_data chuwi_hi8_air_data = { - .acpi_name = "MSSL1680:00", + .acpi_name = "MSSL1680", .properties = chuwi_hi8_air_props, }; @@ -1821,7 +1821,7 @@ static void ts_dmi_add_props(struct i2c_client *client) int error; if (has_acpi_companion(dev) && - !strncmp(ts_data->acpi_name, client->name, I2C_NAME_SIZE)) { + strstarts(client->name, ts_data->acpi_name)) { error = device_create_managed_software_node(dev, ts_data->properties, NULL); if (error) dev_err(dev, "failed to add properties: %d\n", error);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] platform/x86: touchscreen_dmi: Allow partial (prefix) matches" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x dbcbfd662a725641d118fb3ae5ffb7be4e3d0fb0 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022607-tainted-tinderbox-4920@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: dbcbfd662a72 ("platform/x86: touchscreen_dmi: Allow partial (prefix) matches for ACPI names") 87eaede45385 ("platform/x86: touchscreen_dmi: Handle device properties with software node API") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From dbcbfd662a725641d118fb3ae5ffb7be4e3d0fb0 Mon Sep 17 00:00:00 2001 From: Hans de Goede <hdegoede(a)redhat.com> Date: Mon, 12 Feb 2024 13:06:07 +0100 Subject: [PATCH] platform/x86: touchscreen_dmi: Allow partial (prefix) matches for ACPI names On some devices the ACPI name of the touchscreen is e.g. either MSSL1680:00 or MSSL1680:01 depending on the BIOS version. This happens for example on the "Chuwi Hi8 Air" tablet where the initial commit's ts_data uses "MSSL1680:00" but the tablets from the github issue and linux-hardware.org probe linked below both use "MSSL1680:01". Replace the strcmp() match on ts_data->acpi_name with a strstarts() check to allow using a partial match on just the ACPI HID of "MSSL1680" and change the ts_data->acpi_name for the "Chuwi Hi8 Air" accordingly to fix the touchscreen not working on models where it is "MSSL1680:01". Note this drops the length check for I2C_NAME_SIZE. This never was necessary since the ACPI names used are never more then 11 chars and I2C_NAME_SIZE is 20 so the replaced strncmp() would always stop long before reaching I2C_NAME_SIZE. Link: https://linux-hardware.org/?computer=AC4301C0542A Fixes: bbb97d728f77 ("platform/x86: touchscreen_dmi: Add info for the Chuwi Hi8 Air tablet") Closes: https://github.com/onitake/gsl-firmware/issues/91 Cc: stable(a)vger.kernel.org Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy(a)linux.intel.com> Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> Link: https://lore.kernel.org/r/20240212120608.30469-1-hdegoede@redhat.com diff --git a/drivers/platform/x86/touchscreen_dmi.c b/drivers/platform/x86/touchscreen_dmi.c index 7aee5e9ff2b8..969477c83e56 100644 --- a/drivers/platform/x86/touchscreen_dmi.c +++ b/drivers/platform/x86/touchscreen_dmi.c @@ -81,7 +81,7 @@ static const struct property_entry chuwi_hi8_air_props[] = { }; static const struct ts_dmi_data chuwi_hi8_air_data = { - .acpi_name = "MSSL1680:00", + .acpi_name = "MSSL1680", .properties = chuwi_hi8_air_props, }; @@ -1821,7 +1821,7 @@ static void ts_dmi_add_props(struct i2c_client *client) int error; if (has_acpi_companion(dev) && - !strncmp(ts_data->acpi_name, client->name, I2C_NAME_SIZE)) { + strstarts(client->name, ts_data->acpi_name)) { error = device_create_managed_software_node(dev, ts_data->properties, NULL); if (error) dev_err(dev, "failed to add properties: %d\n", error);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] mm/swap: fix race when skipping swapcache" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x 13ddaf26be324a7f951891ecd9ccd04466d27458 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022608-green-engaging-46db@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: 13ddaf26be32 ("mm/swap: fix race when skipping swapcache") c9edc242811d ("swap: add swap_cache_get_folio()") 1baec203b77c ("mm/khugepaged: try to free transhuge swapcache when possible") 442701e7058b ("mm/swap: remove swap_cache_info statistics") 014bb1de4fc1 ("mm: create new mm/swap.h header file") 1493a1913e34 ("mm/swap: remember PG_anon_exclusive via a swp pte bit") 6c287605fd56 ("mm: remember exclusively mapped anonymous pages with PG_anon_exclusive") 78fbe906cc90 ("mm/page-flags: reuse PG_mappedtodisk as PG_anon_exclusive for PageAnon() pages") 6c54dc6c7437 ("mm/rmap: use page_move_anon_rmap() when reusing a mapped PageAnon() page exclusively") 28c5209dfd5f ("mm/rmap: pass rmap flags to hugepage_add_anon_rmap()") f1e2db12e45b ("mm/rmap: remove do_page_add_anon_rmap()") 14f9135d5470 ("mm/rmap: convert RMAP flags to a proper distinct rmap_t type") fb3d824d1a46 ("mm/rmap: split page_dup_rmap() into page_dup_file_rmap() and page_try_dup_anon_rmap()") b51ad4f8679e ("mm/memory: slightly simplify copy_present_pte()") 623a1ddfeb23 ("mm/hugetlb: take src_mm->write_protect_seq in copy_hugetlb_page_range()") 3bff7e3f1f16 ("mm/huge_memory: streamline COW logic in do_huge_pmd_wp_page()") c145e0b47c77 ("mm: streamline COW logic in do_swap_page()") 84d60fdd3733 ("mm: slightly clarify KSM logic in do_swap_page()") 53a05ad9f21d ("mm: optimize do_wp_page() for exclusive pages in the swapcache") 6b1f86f8e9c7 ("Merge tag 'folio-5.18b' of git://git.infradead.org/users/willy/pagecache") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 13ddaf26be324a7f951891ecd9ccd04466d27458 Mon Sep 17 00:00:00 2001 From: Kairui Song <kasong(a)tencent.com> Date: Wed, 7 Feb 2024 02:25:59 +0800 Subject: [PATCH] mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B). Before one thread (T0) finishes the swapin and installs page (A) to the PTE, another thread (T1) could finish swapin of page (B), swap_free the entry, then swap out the possibly modified page reusing the same entry. It breaks the pte_same check in (T0) because PTE value is unchanged, causing ABA problem. Thread (T0) will install a stalled page (A) into the PTE and cause data corruption. One possible callstack is like this: CPU0 CPU1 ---- ---- do_swap_page() do_swap_page() with same entry <direct swapin path> <direct swapin path> <alloc page A> <alloc page B> swap_read_folio() <- read to page A swap_read_folio() <- read to page B <slow on later locks or interrupt> <finished swapin first> ... set_pte_at() swap_free() <- entry is free <write to page B, now page A stalled> <swap out page B to same swap entry> pte_same() <- Check pass, PTE seems unchanged, but page A is stalled! swap_free() <- page B content lost! set_pte_at() <- staled page A installed! And besides, for ZRAM, swap_free() allows the swap device to discard the entry content, so even if page (B) is not modified, if swap_read_folio() on CPU0 happens later than swap_free() on CPU1, it may also cause data loss. To fix this, reuse swapcache_prepare which will pin the swap entry using the cache flag, and allow only one thread to swap it in, also prevent any parallel code from putting the entry in the cache. Release the pin after PT unlocked. Racers just loop and wait since it's a rare and very short event. A schedule_timeout_uninterruptible(1) call is added to avoid repeated page faults wasting too much CPU, causing livelock or adding too much noise to perf statistics. A similar livelock issue was described in commit 029c4628b2eb ("mm: swap: get rid of livelock in swapin readahead") Reproducer: This race issue can be triggered easily using a well constructed reproducer and patched brd (with a delay in read path) [1]: With latest 6.8 mainline, race caused data loss can be observed easily: $ gcc -g -lpthread test-thread-swap-race.c && ./a.out Polulating 32MB of memory region... Keep swapping out... Starting round 0... Spawning 65536 workers... 32746 workers spawned, wait for done... Round 0: Error on 0x5aa00, expected 32746, got 32743, 3 data loss! Round 0: Error on 0x395200, expected 32746, got 32743, 3 data loss! Round 0: Error on 0x3fd000, expected 32746, got 32737, 9 data loss! Round 0 Failed, 15 data loss! This reproducer spawns multiple threads sharing the same memory region using a small swap device. Every two threads updates mapped pages one by one in opposite direction trying to create a race, with one dedicated thread keep swapping out the data out using madvise. The reproducer created a reproduce rate of about once every 5 minutes, so the race should be totally possible in production. After this patch, I ran the reproducer for over a few hundred rounds and no data loss observed. Performance overhead is minimal, microbenchmark swapin 10G from 32G zram: Before: 10934698 us After: 11157121 us Cached: 13155355 us (Dropping SWP_SYNCHRONOUS_IO flag) [kasong(a)tencent.com: v4] Link: https://lkml.kernel.org/r/20240219082040.7495-1-ryncsn@gmail.com Link: https://lkml.kernel.org/r/20240206182559.32264-1-ryncsn@gmail.com Fixes: 0bcac06f27d7 ("mm, swap: skip swapcache for swapin of synchronous device") Reported-by: "Huang, Ying" <ying.huang(a)intel.com> Closes: https://lore.kernel.org/lkml/87bk92gqpx.fsf_-_@yhuang6-desk2.ccr.corp.intel… Link: https://github.com/ryncsn/emm-test-project/tree/master/swap-stress-race [1] Signed-off-by: Kairui Song <kasong(a)tencent.com> Reviewed-by: "Huang, Ying" <ying.huang(a)intel.com> Acked-by: Yu Zhao <yuzhao(a)google.com> Acked-by: David Hildenbrand <david(a)redhat.com> Acked-by: Chris Li <chrisl(a)kernel.org> Cc: Hugh Dickins <hughd(a)google.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Minchan Kim <minchan(a)kernel.org> Cc: Yosry Ahmed <yosryahmed(a)google.com> Cc: Yu Zhao <yuzhao(a)google.com> Cc: Barry Song <21cnbao(a)gmail.com> Cc: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/include/linux/swap.h b/include/linux/swap.h index 4db00ddad261..8d28f6091a32 100644 --- a/include/linux/swap.h +++ b/include/linux/swap.h @@ -549,6 +549,11 @@ static inline int swap_duplicate(swp_entry_t swp) return 0; } +static inline int swapcache_prepare(swp_entry_t swp) +{ + return 0; +} + static inline void swap_free(swp_entry_t swp) { } diff --git a/mm/memory.c b/mm/memory.c index 15f8b10ea17c..0bfc8b007c01 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -3799,6 +3799,7 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) struct page *page; struct swap_info_struct *si = NULL; rmap_t rmap_flags = RMAP_NONE; + bool need_clear_cache = false; bool exclusive = false; swp_entry_t entry; pte_t pte; @@ -3867,6 +3868,20 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) if (!folio) { if (data_race(si->flags & SWP_SYNCHRONOUS_IO) && __swap_count(entry) == 1) { + /* + * Prevent parallel swapin from proceeding with + * the cache flag. Otherwise, another thread may + * finish swapin first, free the entry, and swapout + * reusing the same entry. It's undetectable as + * pte_same() returns true due to entry reuse. + */ + if (swapcache_prepare(entry)) { + /* Relax a bit to prevent rapid repeated page faults */ + schedule_timeout_uninterruptible(1); + goto out; + } + need_clear_cache = true; + /* skip swapcache */ folio = vma_alloc_folio(GFP_HIGHUSER_MOVABLE, 0, vma, vmf->address, false); @@ -4117,6 +4132,9 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) if (vmf->pte) pte_unmap_unlock(vmf->pte, vmf->ptl); out: + /* Clear the swap cache pin for direct swapin after PTL unlock */ + if (need_clear_cache) + swapcache_clear(si, entry); if (si) put_swap_device(si); return ret; @@ -4131,6 +4149,8 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) folio_unlock(swapcache); folio_put(swapcache); } + if (need_clear_cache) + swapcache_clear(si, entry); if (si) put_swap_device(si); return ret; diff --git a/mm/swap.h b/mm/swap.h index 758c46ca671e..fc2f6ade7f80 100644 --- a/mm/swap.h +++ b/mm/swap.h @@ -41,6 +41,7 @@ void __delete_from_swap_cache(struct folio *folio, void delete_from_swap_cache(struct folio *folio); void clear_shadow_from_swap_cache(int type, unsigned long begin, unsigned long end); +void swapcache_clear(struct swap_info_struct *si, swp_entry_t entry); struct folio *swap_cache_get_folio(swp_entry_t entry, struct vm_area_struct *vma, unsigned long addr); struct folio *filemap_get_incore_folio(struct address_space *mapping, @@ -97,6 +98,10 @@ static inline int swap_writepage(struct page *p, struct writeback_control *wbc) return 0; } +static inline void swapcache_clear(struct swap_info_struct *si, swp_entry_t entry) +{ +} + static inline struct folio *swap_cache_get_folio(swp_entry_t entry, struct vm_area_struct *vma, unsigned long addr) { diff --git a/mm/swapfile.c b/mm/swapfile.c index 556ff7347d5f..746aa9da5302 100644 --- a/mm/swapfile.c +++ b/mm/swapfile.c @@ -3365,6 +3365,19 @@ int swapcache_prepare(swp_entry_t entry) return __swap_duplicate(entry, SWAP_HAS_CACHE); } +void swapcache_clear(struct swap_info_struct *si, swp_entry_t entry) +{ + struct swap_cluster_info *ci; + unsigned long offset = swp_offset(entry); + unsigned char usage; + + ci = lock_cluster_or_swap_info(si, offset); + usage = __swap_entry_free_locked(si, offset, SWAP_HAS_CACHE); + unlock_cluster_or_swap_info(si, ci); + if (!usage) + free_swap_slot(entry); +} + struct swap_info_struct *swp_swap_info(swp_entry_t entry) { return swap_type_to_swap_info(swp_type(entry));

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] mm/swap: fix race when skipping swapcache" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 13ddaf26be324a7f951891ecd9ccd04466d27458 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022604-labrador-edgy-5b56@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: 13ddaf26be32 ("mm/swap: fix race when skipping swapcache") c9edc242811d ("swap: add swap_cache_get_folio()") 1baec203b77c ("mm/khugepaged: try to free transhuge swapcache when possible") 442701e7058b ("mm/swap: remove swap_cache_info statistics") 014bb1de4fc1 ("mm: create new mm/swap.h header file") 1493a1913e34 ("mm/swap: remember PG_anon_exclusive via a swp pte bit") 6c287605fd56 ("mm: remember exclusively mapped anonymous pages with PG_anon_exclusive") 78fbe906cc90 ("mm/page-flags: reuse PG_mappedtodisk as PG_anon_exclusive for PageAnon() pages") 6c54dc6c7437 ("mm/rmap: use page_move_anon_rmap() when reusing a mapped PageAnon() page exclusively") 28c5209dfd5f ("mm/rmap: pass rmap flags to hugepage_add_anon_rmap()") f1e2db12e45b ("mm/rmap: remove do_page_add_anon_rmap()") 14f9135d5470 ("mm/rmap: convert RMAP flags to a proper distinct rmap_t type") fb3d824d1a46 ("mm/rmap: split page_dup_rmap() into page_dup_file_rmap() and page_try_dup_anon_rmap()") b51ad4f8679e ("mm/memory: slightly simplify copy_present_pte()") 623a1ddfeb23 ("mm/hugetlb: take src_mm->write_protect_seq in copy_hugetlb_page_range()") 3bff7e3f1f16 ("mm/huge_memory: streamline COW logic in do_huge_pmd_wp_page()") c145e0b47c77 ("mm: streamline COW logic in do_swap_page()") 84d60fdd3733 ("mm: slightly clarify KSM logic in do_swap_page()") 53a05ad9f21d ("mm: optimize do_wp_page() for exclusive pages in the swapcache") 6b1f86f8e9c7 ("Merge tag 'folio-5.18b' of git://git.infradead.org/users/willy/pagecache") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 13ddaf26be324a7f951891ecd9ccd04466d27458 Mon Sep 17 00:00:00 2001 From: Kairui Song <kasong(a)tencent.com> Date: Wed, 7 Feb 2024 02:25:59 +0800 Subject: [PATCH] mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B). Before one thread (T0) finishes the swapin and installs page (A) to the PTE, another thread (T1) could finish swapin of page (B), swap_free the entry, then swap out the possibly modified page reusing the same entry. It breaks the pte_same check in (T0) because PTE value is unchanged, causing ABA problem. Thread (T0) will install a stalled page (A) into the PTE and cause data corruption. One possible callstack is like this: CPU0 CPU1 ---- ---- do_swap_page() do_swap_page() with same entry <direct swapin path> <direct swapin path> <alloc page A> <alloc page B> swap_read_folio() <- read to page A swap_read_folio() <- read to page B <slow on later locks or interrupt> <finished swapin first> ... set_pte_at() swap_free() <- entry is free <write to page B, now page A stalled> <swap out page B to same swap entry> pte_same() <- Check pass, PTE seems unchanged, but page A is stalled! swap_free() <- page B content lost! set_pte_at() <- staled page A installed! And besides, for ZRAM, swap_free() allows the swap device to discard the entry content, so even if page (B) is not modified, if swap_read_folio() on CPU0 happens later than swap_free() on CPU1, it may also cause data loss. To fix this, reuse swapcache_prepare which will pin the swap entry using the cache flag, and allow only one thread to swap it in, also prevent any parallel code from putting the entry in the cache. Release the pin after PT unlocked. Racers just loop and wait since it's a rare and very short event. A schedule_timeout_uninterruptible(1) call is added to avoid repeated page faults wasting too much CPU, causing livelock or adding too much noise to perf statistics. A similar livelock issue was described in commit 029c4628b2eb ("mm: swap: get rid of livelock in swapin readahead") Reproducer: This race issue can be triggered easily using a well constructed reproducer and patched brd (with a delay in read path) [1]: With latest 6.8 mainline, race caused data loss can be observed easily: $ gcc -g -lpthread test-thread-swap-race.c && ./a.out Polulating 32MB of memory region... Keep swapping out... Starting round 0... Spawning 65536 workers... 32746 workers spawned, wait for done... Round 0: Error on 0x5aa00, expected 32746, got 32743, 3 data loss! Round 0: Error on 0x395200, expected 32746, got 32743, 3 data loss! Round 0: Error on 0x3fd000, expected 32746, got 32737, 9 data loss! Round 0 Failed, 15 data loss! This reproducer spawns multiple threads sharing the same memory region using a small swap device. Every two threads updates mapped pages one by one in opposite direction trying to create a race, with one dedicated thread keep swapping out the data out using madvise. The reproducer created a reproduce rate of about once every 5 minutes, so the race should be totally possible in production. After this patch, I ran the reproducer for over a few hundred rounds and no data loss observed. Performance overhead is minimal, microbenchmark swapin 10G from 32G zram: Before: 10934698 us After: 11157121 us Cached: 13155355 us (Dropping SWP_SYNCHRONOUS_IO flag) [kasong(a)tencent.com: v4] Link: https://lkml.kernel.org/r/20240219082040.7495-1-ryncsn@gmail.com Link: https://lkml.kernel.org/r/20240206182559.32264-1-ryncsn@gmail.com Fixes: 0bcac06f27d7 ("mm, swap: skip swapcache for swapin of synchronous device") Reported-by: "Huang, Ying" <ying.huang(a)intel.com> Closes: https://lore.kernel.org/lkml/87bk92gqpx.fsf_-_@yhuang6-desk2.ccr.corp.intel… Link: https://github.com/ryncsn/emm-test-project/tree/master/swap-stress-race [1] Signed-off-by: Kairui Song <kasong(a)tencent.com> Reviewed-by: "Huang, Ying" <ying.huang(a)intel.com> Acked-by: Yu Zhao <yuzhao(a)google.com> Acked-by: David Hildenbrand <david(a)redhat.com> Acked-by: Chris Li <chrisl(a)kernel.org> Cc: Hugh Dickins <hughd(a)google.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Minchan Kim <minchan(a)kernel.org> Cc: Yosry Ahmed <yosryahmed(a)google.com> Cc: Yu Zhao <yuzhao(a)google.com> Cc: Barry Song <21cnbao(a)gmail.com> Cc: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/include/linux/swap.h b/include/linux/swap.h index 4db00ddad261..8d28f6091a32 100644 --- a/include/linux/swap.h +++ b/include/linux/swap.h @@ -549,6 +549,11 @@ static inline int swap_duplicate(swp_entry_t swp) return 0; } +static inline int swapcache_prepare(swp_entry_t swp) +{ + return 0; +} + static inline void swap_free(swp_entry_t swp) { } diff --git a/mm/memory.c b/mm/memory.c index 15f8b10ea17c..0bfc8b007c01 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -3799,6 +3799,7 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) struct page *page; struct swap_info_struct *si = NULL; rmap_t rmap_flags = RMAP_NONE; + bool need_clear_cache = false; bool exclusive = false; swp_entry_t entry; pte_t pte; @@ -3867,6 +3868,20 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) if (!folio) { if (data_race(si->flags & SWP_SYNCHRONOUS_IO) && __swap_count(entry) == 1) { + /* + * Prevent parallel swapin from proceeding with + * the cache flag. Otherwise, another thread may + * finish swapin first, free the entry, and swapout + * reusing the same entry. It's undetectable as + * pte_same() returns true due to entry reuse. + */ + if (swapcache_prepare(entry)) { + /* Relax a bit to prevent rapid repeated page faults */ + schedule_timeout_uninterruptible(1); + goto out; + } + need_clear_cache = true; + /* skip swapcache */ folio = vma_alloc_folio(GFP_HIGHUSER_MOVABLE, 0, vma, vmf->address, false); @@ -4117,6 +4132,9 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) if (vmf->pte) pte_unmap_unlock(vmf->pte, vmf->ptl); out: + /* Clear the swap cache pin for direct swapin after PTL unlock */ + if (need_clear_cache) + swapcache_clear(si, entry); if (si) put_swap_device(si); return ret; @@ -4131,6 +4149,8 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) folio_unlock(swapcache); folio_put(swapcache); } + if (need_clear_cache) + swapcache_clear(si, entry); if (si) put_swap_device(si); return ret; diff --git a/mm/swap.h b/mm/swap.h index 758c46ca671e..fc2f6ade7f80 100644 --- a/mm/swap.h +++ b/mm/swap.h @@ -41,6 +41,7 @@ void __delete_from_swap_cache(struct folio *folio, void delete_from_swap_cache(struct folio *folio); void clear_shadow_from_swap_cache(int type, unsigned long begin, unsigned long end); +void swapcache_clear(struct swap_info_struct *si, swp_entry_t entry); struct folio *swap_cache_get_folio(swp_entry_t entry, struct vm_area_struct *vma, unsigned long addr); struct folio *filemap_get_incore_folio(struct address_space *mapping, @@ -97,6 +98,10 @@ static inline int swap_writepage(struct page *p, struct writeback_control *wbc) return 0; } +static inline void swapcache_clear(struct swap_info_struct *si, swp_entry_t entry) +{ +} + static inline struct folio *swap_cache_get_folio(swp_entry_t entry, struct vm_area_struct *vma, unsigned long addr) { diff --git a/mm/swapfile.c b/mm/swapfile.c index 556ff7347d5f..746aa9da5302 100644 --- a/mm/swapfile.c +++ b/mm/swapfile.c @@ -3365,6 +3365,19 @@ int swapcache_prepare(swp_entry_t entry) return __swap_duplicate(entry, SWAP_HAS_CACHE); } +void swapcache_clear(struct swap_info_struct *si, swp_entry_t entry) +{ + struct swap_cluster_info *ci; + unsigned long offset = swp_offset(entry); + unsigned char usage; + + ci = lock_cluster_or_swap_info(si, offset); + usage = __swap_entry_free_locked(si, offset, SWAP_HAS_CACHE); + unlock_cluster_or_swap_info(si, ci); + if (!usage) + free_swap_slot(entry); +} + struct swap_info_struct *swp_swap_info(swp_entry_t entry) { return swap_type_to_swap_info(swp_type(entry));

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] mm/swap: fix race when skipping swapcache" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 13ddaf26be324a7f951891ecd9ccd04466d27458 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022601-skinny-audacious-d173@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: 13ddaf26be32 ("mm/swap: fix race when skipping swapcache") c9edc242811d ("swap: add swap_cache_get_folio()") 1baec203b77c ("mm/khugepaged: try to free transhuge swapcache when possible") 442701e7058b ("mm/swap: remove swap_cache_info statistics") 014bb1de4fc1 ("mm: create new mm/swap.h header file") 1493a1913e34 ("mm/swap: remember PG_anon_exclusive via a swp pte bit") 6c287605fd56 ("mm: remember exclusively mapped anonymous pages with PG_anon_exclusive") 78fbe906cc90 ("mm/page-flags: reuse PG_mappedtodisk as PG_anon_exclusive for PageAnon() pages") 6c54dc6c7437 ("mm/rmap: use page_move_anon_rmap() when reusing a mapped PageAnon() page exclusively") 28c5209dfd5f ("mm/rmap: pass rmap flags to hugepage_add_anon_rmap()") f1e2db12e45b ("mm/rmap: remove do_page_add_anon_rmap()") 14f9135d5470 ("mm/rmap: convert RMAP flags to a proper distinct rmap_t type") fb3d824d1a46 ("mm/rmap: split page_dup_rmap() into page_dup_file_rmap() and page_try_dup_anon_rmap()") b51ad4f8679e ("mm/memory: slightly simplify copy_present_pte()") 623a1ddfeb23 ("mm/hugetlb: take src_mm->write_protect_seq in copy_hugetlb_page_range()") 3bff7e3f1f16 ("mm/huge_memory: streamline COW logic in do_huge_pmd_wp_page()") c145e0b47c77 ("mm: streamline COW logic in do_swap_page()") 84d60fdd3733 ("mm: slightly clarify KSM logic in do_swap_page()") 53a05ad9f21d ("mm: optimize do_wp_page() for exclusive pages in the swapcache") 6b1f86f8e9c7 ("Merge tag 'folio-5.18b' of git://git.infradead.org/users/willy/pagecache") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 13ddaf26be324a7f951891ecd9ccd04466d27458 Mon Sep 17 00:00:00 2001 From: Kairui Song <kasong(a)tencent.com> Date: Wed, 7 Feb 2024 02:25:59 +0800 Subject: [PATCH] mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B). Before one thread (T0) finishes the swapin and installs page (A) to the PTE, another thread (T1) could finish swapin of page (B), swap_free the entry, then swap out the possibly modified page reusing the same entry. It breaks the pte_same check in (T0) because PTE value is unchanged, causing ABA problem. Thread (T0) will install a stalled page (A) into the PTE and cause data corruption. One possible callstack is like this: CPU0 CPU1 ---- ---- do_swap_page() do_swap_page() with same entry <direct swapin path> <direct swapin path> <alloc page A> <alloc page B> swap_read_folio() <- read to page A swap_read_folio() <- read to page B <slow on later locks or interrupt> <finished swapin first> ... set_pte_at() swap_free() <- entry is free <write to page B, now page A stalled> <swap out page B to same swap entry> pte_same() <- Check pass, PTE seems unchanged, but page A is stalled! swap_free() <- page B content lost! set_pte_at() <- staled page A installed! And besides, for ZRAM, swap_free() allows the swap device to discard the entry content, so even if page (B) is not modified, if swap_read_folio() on CPU0 happens later than swap_free() on CPU1, it may also cause data loss. To fix this, reuse swapcache_prepare which will pin the swap entry using the cache flag, and allow only one thread to swap it in, also prevent any parallel code from putting the entry in the cache. Release the pin after PT unlocked. Racers just loop and wait since it's a rare and very short event. A schedule_timeout_uninterruptible(1) call is added to avoid repeated page faults wasting too much CPU, causing livelock or adding too much noise to perf statistics. A similar livelock issue was described in commit 029c4628b2eb ("mm: swap: get rid of livelock in swapin readahead") Reproducer: This race issue can be triggered easily using a well constructed reproducer and patched brd (with a delay in read path) [1]: With latest 6.8 mainline, race caused data loss can be observed easily: $ gcc -g -lpthread test-thread-swap-race.c && ./a.out Polulating 32MB of memory region... Keep swapping out... Starting round 0... Spawning 65536 workers... 32746 workers spawned, wait for done... Round 0: Error on 0x5aa00, expected 32746, got 32743, 3 data loss! Round 0: Error on 0x395200, expected 32746, got 32743, 3 data loss! Round 0: Error on 0x3fd000, expected 32746, got 32737, 9 data loss! Round 0 Failed, 15 data loss! This reproducer spawns multiple threads sharing the same memory region using a small swap device. Every two threads updates mapped pages one by one in opposite direction trying to create a race, with one dedicated thread keep swapping out the data out using madvise. The reproducer created a reproduce rate of about once every 5 minutes, so the race should be totally possible in production. After this patch, I ran the reproducer for over a few hundred rounds and no data loss observed. Performance overhead is minimal, microbenchmark swapin 10G from 32G zram: Before: 10934698 us After: 11157121 us Cached: 13155355 us (Dropping SWP_SYNCHRONOUS_IO flag) [kasong(a)tencent.com: v4] Link: https://lkml.kernel.org/r/20240219082040.7495-1-ryncsn@gmail.com Link: https://lkml.kernel.org/r/20240206182559.32264-1-ryncsn@gmail.com Fixes: 0bcac06f27d7 ("mm, swap: skip swapcache for swapin of synchronous device") Reported-by: "Huang, Ying" <ying.huang(a)intel.com> Closes: https://lore.kernel.org/lkml/87bk92gqpx.fsf_-_@yhuang6-desk2.ccr.corp.intel… Link: https://github.com/ryncsn/emm-test-project/tree/master/swap-stress-race [1] Signed-off-by: Kairui Song <kasong(a)tencent.com> Reviewed-by: "Huang, Ying" <ying.huang(a)intel.com> Acked-by: Yu Zhao <yuzhao(a)google.com> Acked-by: David Hildenbrand <david(a)redhat.com> Acked-by: Chris Li <chrisl(a)kernel.org> Cc: Hugh Dickins <hughd(a)google.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Minchan Kim <minchan(a)kernel.org> Cc: Yosry Ahmed <yosryahmed(a)google.com> Cc: Yu Zhao <yuzhao(a)google.com> Cc: Barry Song <21cnbao(a)gmail.com> Cc: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/include/linux/swap.h b/include/linux/swap.h index 4db00ddad261..8d28f6091a32 100644 --- a/include/linux/swap.h +++ b/include/linux/swap.h @@ -549,6 +549,11 @@ static inline int swap_duplicate(swp_entry_t swp) return 0; } +static inline int swapcache_prepare(swp_entry_t swp) +{ + return 0; +} + static inline void swap_free(swp_entry_t swp) { } diff --git a/mm/memory.c b/mm/memory.c index 15f8b10ea17c..0bfc8b007c01 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -3799,6 +3799,7 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) struct page *page; struct swap_info_struct *si = NULL; rmap_t rmap_flags = RMAP_NONE; + bool need_clear_cache = false; bool exclusive = false; swp_entry_t entry; pte_t pte; @@ -3867,6 +3868,20 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) if (!folio) { if (data_race(si->flags & SWP_SYNCHRONOUS_IO) && __swap_count(entry) == 1) { + /* + * Prevent parallel swapin from proceeding with + * the cache flag. Otherwise, another thread may + * finish swapin first, free the entry, and swapout + * reusing the same entry. It's undetectable as + * pte_same() returns true due to entry reuse. + */ + if (swapcache_prepare(entry)) { + /* Relax a bit to prevent rapid repeated page faults */ + schedule_timeout_uninterruptible(1); + goto out; + } + need_clear_cache = true; + /* skip swapcache */ folio = vma_alloc_folio(GFP_HIGHUSER_MOVABLE, 0, vma, vmf->address, false); @@ -4117,6 +4132,9 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) if (vmf->pte) pte_unmap_unlock(vmf->pte, vmf->ptl); out: + /* Clear the swap cache pin for direct swapin after PTL unlock */ + if (need_clear_cache) + swapcache_clear(si, entry); if (si) put_swap_device(si); return ret; @@ -4131,6 +4149,8 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) folio_unlock(swapcache); folio_put(swapcache); } + if (need_clear_cache) + swapcache_clear(si, entry); if (si) put_swap_device(si); return ret; diff --git a/mm/swap.h b/mm/swap.h index 758c46ca671e..fc2f6ade7f80 100644 --- a/mm/swap.h +++ b/mm/swap.h @@ -41,6 +41,7 @@ void __delete_from_swap_cache(struct folio *folio, void delete_from_swap_cache(struct folio *folio); void clear_shadow_from_swap_cache(int type, unsigned long begin, unsigned long end); +void swapcache_clear(struct swap_info_struct *si, swp_entry_t entry); struct folio *swap_cache_get_folio(swp_entry_t entry, struct vm_area_struct *vma, unsigned long addr); struct folio *filemap_get_incore_folio(struct address_space *mapping, @@ -97,6 +98,10 @@ static inline int swap_writepage(struct page *p, struct writeback_control *wbc) return 0; } +static inline void swapcache_clear(struct swap_info_struct *si, swp_entry_t entry) +{ +} + static inline struct folio *swap_cache_get_folio(swp_entry_t entry, struct vm_area_struct *vma, unsigned long addr) { diff --git a/mm/swapfile.c b/mm/swapfile.c index 556ff7347d5f..746aa9da5302 100644 --- a/mm/swapfile.c +++ b/mm/swapfile.c @@ -3365,6 +3365,19 @@ int swapcache_prepare(swp_entry_t entry) return __swap_duplicate(entry, SWAP_HAS_CACHE); } +void swapcache_clear(struct swap_info_struct *si, swp_entry_t entry) +{ + struct swap_cluster_info *ci; + unsigned long offset = swp_offset(entry); + unsigned char usage; + + ci = lock_cluster_or_swap_info(si, offset); + usage = __swap_entry_free_locked(si, offset, SWAP_HAS_CACHE); + unlock_cluster_or_swap_info(si, ci); + if (!usage) + free_swap_slot(entry); +} + struct swap_info_struct *swp_swap_info(swp_entry_t entry) { return swap_type_to_swap_info(swp_type(entry));

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] mm/swap: fix race when skipping swapcache" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 13ddaf26be324a7f951891ecd9ccd04466d27458 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022658-expensive-autograph-1b92@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 13ddaf26be32 ("mm/swap: fix race when skipping swapcache") c9edc242811d ("swap: add swap_cache_get_folio()") 1baec203b77c ("mm/khugepaged: try to free transhuge swapcache when possible") 442701e7058b ("mm/swap: remove swap_cache_info statistics") 014bb1de4fc1 ("mm: create new mm/swap.h header file") 1493a1913e34 ("mm/swap: remember PG_anon_exclusive via a swp pte bit") 6c287605fd56 ("mm: remember exclusively mapped anonymous pages with PG_anon_exclusive") 78fbe906cc90 ("mm/page-flags: reuse PG_mappedtodisk as PG_anon_exclusive for PageAnon() pages") 6c54dc6c7437 ("mm/rmap: use page_move_anon_rmap() when reusing a mapped PageAnon() page exclusively") 28c5209dfd5f ("mm/rmap: pass rmap flags to hugepage_add_anon_rmap()") f1e2db12e45b ("mm/rmap: remove do_page_add_anon_rmap()") 14f9135d5470 ("mm/rmap: convert RMAP flags to a proper distinct rmap_t type") fb3d824d1a46 ("mm/rmap: split page_dup_rmap() into page_dup_file_rmap() and page_try_dup_anon_rmap()") b51ad4f8679e ("mm/memory: slightly simplify copy_present_pte()") 623a1ddfeb23 ("mm/hugetlb: take src_mm->write_protect_seq in copy_hugetlb_page_range()") 3bff7e3f1f16 ("mm/huge_memory: streamline COW logic in do_huge_pmd_wp_page()") c145e0b47c77 ("mm: streamline COW logic in do_swap_page()") 84d60fdd3733 ("mm: slightly clarify KSM logic in do_swap_page()") 53a05ad9f21d ("mm: optimize do_wp_page() for exclusive pages in the swapcache") 6b1f86f8e9c7 ("Merge tag 'folio-5.18b' of git://git.infradead.org/users/willy/pagecache") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 13ddaf26be324a7f951891ecd9ccd04466d27458 Mon Sep 17 00:00:00 2001 From: Kairui Song <kasong(a)tencent.com> Date: Wed, 7 Feb 2024 02:25:59 +0800 Subject: [PATCH] mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B). Before one thread (T0) finishes the swapin and installs page (A) to the PTE, another thread (T1) could finish swapin of page (B), swap_free the entry, then swap out the possibly modified page reusing the same entry. It breaks the pte_same check in (T0) because PTE value is unchanged, causing ABA problem. Thread (T0) will install a stalled page (A) into the PTE and cause data corruption. One possible callstack is like this: CPU0 CPU1 ---- ---- do_swap_page() do_swap_page() with same entry <direct swapin path> <direct swapin path> <alloc page A> <alloc page B> swap_read_folio() <- read to page A swap_read_folio() <- read to page B <slow on later locks or interrupt> <finished swapin first> ... set_pte_at() swap_free() <- entry is free <write to page B, now page A stalled> <swap out page B to same swap entry> pte_same() <- Check pass, PTE seems unchanged, but page A is stalled! swap_free() <- page B content lost! set_pte_at() <- staled page A installed! And besides, for ZRAM, swap_free() allows the swap device to discard the entry content, so even if page (B) is not modified, if swap_read_folio() on CPU0 happens later than swap_free() on CPU1, it may also cause data loss. To fix this, reuse swapcache_prepare which will pin the swap entry using the cache flag, and allow only one thread to swap it in, also prevent any parallel code from putting the entry in the cache. Release the pin after PT unlocked. Racers just loop and wait since it's a rare and very short event. A schedule_timeout_uninterruptible(1) call is added to avoid repeated page faults wasting too much CPU, causing livelock or adding too much noise to perf statistics. A similar livelock issue was described in commit 029c4628b2eb ("mm: swap: get rid of livelock in swapin readahead") Reproducer: This race issue can be triggered easily using a well constructed reproducer and patched brd (with a delay in read path) [1]: With latest 6.8 mainline, race caused data loss can be observed easily: $ gcc -g -lpthread test-thread-swap-race.c && ./a.out Polulating 32MB of memory region... Keep swapping out... Starting round 0... Spawning 65536 workers... 32746 workers spawned, wait for done... Round 0: Error on 0x5aa00, expected 32746, got 32743, 3 data loss! Round 0: Error on 0x395200, expected 32746, got 32743, 3 data loss! Round 0: Error on 0x3fd000, expected 32746, got 32737, 9 data loss! Round 0 Failed, 15 data loss! This reproducer spawns multiple threads sharing the same memory region using a small swap device. Every two threads updates mapped pages one by one in opposite direction trying to create a race, with one dedicated thread keep swapping out the data out using madvise. The reproducer created a reproduce rate of about once every 5 minutes, so the race should be totally possible in production. After this patch, I ran the reproducer for over a few hundred rounds and no data loss observed. Performance overhead is minimal, microbenchmark swapin 10G from 32G zram: Before: 10934698 us After: 11157121 us Cached: 13155355 us (Dropping SWP_SYNCHRONOUS_IO flag) [kasong(a)tencent.com: v4] Link: https://lkml.kernel.org/r/20240219082040.7495-1-ryncsn@gmail.com Link: https://lkml.kernel.org/r/20240206182559.32264-1-ryncsn@gmail.com Fixes: 0bcac06f27d7 ("mm, swap: skip swapcache for swapin of synchronous device") Reported-by: "Huang, Ying" <ying.huang(a)intel.com> Closes: https://lore.kernel.org/lkml/87bk92gqpx.fsf_-_@yhuang6-desk2.ccr.corp.intel… Link: https://github.com/ryncsn/emm-test-project/tree/master/swap-stress-race [1] Signed-off-by: Kairui Song <kasong(a)tencent.com> Reviewed-by: "Huang, Ying" <ying.huang(a)intel.com> Acked-by: Yu Zhao <yuzhao(a)google.com> Acked-by: David Hildenbrand <david(a)redhat.com> Acked-by: Chris Li <chrisl(a)kernel.org> Cc: Hugh Dickins <hughd(a)google.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Minchan Kim <minchan(a)kernel.org> Cc: Yosry Ahmed <yosryahmed(a)google.com> Cc: Yu Zhao <yuzhao(a)google.com> Cc: Barry Song <21cnbao(a)gmail.com> Cc: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/include/linux/swap.h b/include/linux/swap.h index 4db00ddad261..8d28f6091a32 100644 --- a/include/linux/swap.h +++ b/include/linux/swap.h @@ -549,6 +549,11 @@ static inline int swap_duplicate(swp_entry_t swp) return 0; } +static inline int swapcache_prepare(swp_entry_t swp) +{ + return 0; +} + static inline void swap_free(swp_entry_t swp) { } diff --git a/mm/memory.c b/mm/memory.c index 15f8b10ea17c..0bfc8b007c01 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -3799,6 +3799,7 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) struct page *page; struct swap_info_struct *si = NULL; rmap_t rmap_flags = RMAP_NONE; + bool need_clear_cache = false; bool exclusive = false; swp_entry_t entry; pte_t pte; @@ -3867,6 +3868,20 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) if (!folio) { if (data_race(si->flags & SWP_SYNCHRONOUS_IO) && __swap_count(entry) == 1) { + /* + * Prevent parallel swapin from proceeding with + * the cache flag. Otherwise, another thread may + * finish swapin first, free the entry, and swapout + * reusing the same entry. It's undetectable as + * pte_same() returns true due to entry reuse. + */ + if (swapcache_prepare(entry)) { + /* Relax a bit to prevent rapid repeated page faults */ + schedule_timeout_uninterruptible(1); + goto out; + } + need_clear_cache = true; + /* skip swapcache */ folio = vma_alloc_folio(GFP_HIGHUSER_MOVABLE, 0, vma, vmf->address, false); @@ -4117,6 +4132,9 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) if (vmf->pte) pte_unmap_unlock(vmf->pte, vmf->ptl); out: + /* Clear the swap cache pin for direct swapin after PTL unlock */ + if (need_clear_cache) + swapcache_clear(si, entry); if (si) put_swap_device(si); return ret; @@ -4131,6 +4149,8 @@ vm_fault_t do_swap_page(struct vm_fault *vmf) folio_unlock(swapcache); folio_put(swapcache); } + if (need_clear_cache) + swapcache_clear(si, entry); if (si) put_swap_device(si); return ret; diff --git a/mm/swap.h b/mm/swap.h index 758c46ca671e..fc2f6ade7f80 100644 --- a/mm/swap.h +++ b/mm/swap.h @@ -41,6 +41,7 @@ void __delete_from_swap_cache(struct folio *folio, void delete_from_swap_cache(struct folio *folio); void clear_shadow_from_swap_cache(int type, unsigned long begin, unsigned long end); +void swapcache_clear(struct swap_info_struct *si, swp_entry_t entry); struct folio *swap_cache_get_folio(swp_entry_t entry, struct vm_area_struct *vma, unsigned long addr); struct folio *filemap_get_incore_folio(struct address_space *mapping, @@ -97,6 +98,10 @@ static inline int swap_writepage(struct page *p, struct writeback_control *wbc) return 0; } +static inline void swapcache_clear(struct swap_info_struct *si, swp_entry_t entry) +{ +} + static inline struct folio *swap_cache_get_folio(swp_entry_t entry, struct vm_area_struct *vma, unsigned long addr) { diff --git a/mm/swapfile.c b/mm/swapfile.c index 556ff7347d5f..746aa9da5302 100644 --- a/mm/swapfile.c +++ b/mm/swapfile.c @@ -3365,6 +3365,19 @@ int swapcache_prepare(swp_entry_t entry) return __swap_duplicate(entry, SWAP_HAS_CACHE); } +void swapcache_clear(struct swap_info_struct *si, swp_entry_t entry) +{ + struct swap_cluster_info *ci; + unsigned long offset = swp_offset(entry); + unsigned char usage; + + ci = lock_cluster_or_swap_info(si, offset); + usage = __swap_entry_free_locked(si, offset, SWAP_HAS_CACHE); + unlock_cluster_or_swap_info(si, ci); + if (!usage) + free_swap_slot(entry); +} + struct swap_info_struct *swp_swap_info(swp_entry_t entry) { return swap_type_to_swap_info(swp_type(entry));

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] cxl/acpi: Fix load failures due to single window creation" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 5c6224bfabbf7f3e491c51ab50fd2c6f92ba1141 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022643-rearview-spouse-b8a1@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 5c6224bfabbf ("cxl/acpi: Fix load failures due to single window creation failure") 790815902ec6 ("cxl: Add support for _DSM Function for retrieving QTG ID") 91019b5bc7c2 ("cxl/acpi: Return 'rc' instead of '0' in cxl_parse_cfmws()") 4cf67d3cc999 ("cxl/acpi: Fix a use-after-free in cxl_parse_cfmws()") d35b495ddf92 ("cxl/port: Fix find_cxl_root() for RCDs and simplify it") a32320b71f08 ("cxl/region: Add region autodiscovery") 32ce3f185bbb ("cxl/port: Split endpoint and switch port probe") 9995576cef48 ("cxl/region: Move region-position validation to a helper") 86987c766276 ("cxl/region: Cleanup target list on attach error") 1b9b7a6fd618 ("cxl/region: Validate region mode vs decoder mode") 7d505f982f53 ("cxl/region: Add a mode attribute for regions") 02fedf146656 ("Merge branch 'for-6.2/cxl-xor' into for-6.2/cxl") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5c6224bfabbf7f3e491c51ab50fd2c6f92ba1141 Mon Sep 17 00:00:00 2001 From: Dan Williams <dan.j.williams(a)intel.com> Date: Fri, 16 Feb 2024 19:11:34 -0800 Subject: [PATCH] cxl/acpi: Fix load failures due to single window creation failure The expectation is that cxl_parse_cfwms() continues in the face the of failure as evidenced by code like: cxlrd = cxl_root_decoder_alloc(root_port, ways, cxl_calc_hb); if (IS_ERR(cxlrd)) return 0; There are other error paths in that function which mistakenly follow idiomatic expectations and return an error when they should not. Most of those mistakes are innocuous checks that hardly ever fail in practice. However, a recent change succeed in making the implementation more fragile by applying an idiomatic, but still wrong "fix" [1]. In this failure case the kernel reports: cxl root0: Failed to populate active decoder targets cxl_acpi ACPI0017:00: Failed to add decode range: [mem 0x00000000-0x7fffffff flags 0x200] ...which is a real issue with that one window (to be fixed separately), but ends up failing the entirety of cxl_acpi_probe(). Undo that recent breakage while also removing the confusion about ignoring errors. Update all exits paths to return an error per typical expectations and let an outer wrapper function handle dropping the error. Fixes: 91019b5bc7c2 ("cxl/acpi: Return 'rc' instead of '0' in cxl_parse_cfmws()") [1] Cc: <stable(a)vger.kernel.org> Cc: Breno Leitao <leitao(a)debian.org> Cc: Alison Schofield <alison.schofield(a)intel.com> Cc: Vishal Verma <vishal.l.verma(a)intel.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> diff --git a/drivers/cxl/acpi.c b/drivers/cxl/acpi.c index dcf2b39e1048..1a3e6aafbdcc 100644 --- a/drivers/cxl/acpi.c +++ b/drivers/cxl/acpi.c @@ -316,31 +316,27 @@ static const struct cxl_root_ops acpi_root_ops = { .qos_class = cxl_acpi_qos_class, }; -static int cxl_parse_cfmws(union acpi_subtable_headers *header, void *arg, - const unsigned long end) +static int __cxl_parse_cfmws(struct acpi_cedt_cfmws *cfmws, + struct cxl_cfmws_context *ctx) { int target_map[CXL_DECODER_MAX_INTERLEAVE]; - struct cxl_cfmws_context *ctx = arg; struct cxl_port *root_port = ctx->root_port; struct resource *cxl_res = ctx->cxl_res; struct cxl_cxims_context cxims_ctx; struct cxl_root_decoder *cxlrd; struct device *dev = ctx->dev; - struct acpi_cedt_cfmws *cfmws; cxl_calc_hb_fn cxl_calc_hb; struct cxl_decoder *cxld; unsigned int ways, i, ig; struct resource *res; int rc; - cfmws = (struct acpi_cedt_cfmws *) header; - rc = cxl_acpi_cfmws_verify(dev, cfmws); if (rc) { dev_err(dev, "CFMWS range %#llx-%#llx not registered\n", cfmws->base_hpa, cfmws->base_hpa + cfmws->window_size - 1); - return 0; + return rc; } rc = eiw_to_ways(cfmws->interleave_ways, &ways); @@ -376,7 +372,7 @@ static int cxl_parse_cfmws(union acpi_subtable_headers *header, void *arg, cxlrd = cxl_root_decoder_alloc(root_port, ways, cxl_calc_hb); if (IS_ERR(cxlrd)) - return 0; + return PTR_ERR(cxlrd); cxld = &cxlrd->cxlsd.cxld; cxld->flags = cfmws_to_decoder_flags(cfmws->restrictions); @@ -420,16 +416,7 @@ static int cxl_parse_cfmws(union acpi_subtable_headers *header, void *arg, put_device(&cxld->dev); else rc = cxl_decoder_autoremove(dev, cxld); - if (rc) { - dev_err(dev, "Failed to add decode range: %pr", res); - return rc; - } - dev_dbg(dev, "add: %s node: %d range [%#llx - %#llx]\n", - dev_name(&cxld->dev), - phys_to_target_node(cxld->hpa_range.start), - cxld->hpa_range.start, cxld->hpa_range.end); - - return 0; + return rc; err_insert: kfree(res->name); @@ -438,6 +425,29 @@ static int cxl_parse_cfmws(union acpi_subtable_headers *header, void *arg, return -ENOMEM; } +static int cxl_parse_cfmws(union acpi_subtable_headers *header, void *arg, + const unsigned long end) +{ + struct acpi_cedt_cfmws *cfmws = (struct acpi_cedt_cfmws *)header; + struct cxl_cfmws_context *ctx = arg; + struct device *dev = ctx->dev; + int rc; + + rc = __cxl_parse_cfmws(cfmws, ctx); + if (rc) + dev_err(dev, + "Failed to add decode range: [%#llx - %#llx] (%d)\n", + cfmws->base_hpa, + cfmws->base_hpa + cfmws->window_size - 1, rc); + else + dev_dbg(dev, "decode range: node: %d range [%#llx - %#llx]\n", + phys_to_target_node(cfmws->base_hpa), cfmws->base_hpa, + cfmws->base_hpa + cfmws->window_size - 1); + + /* never fail cxl_acpi load for a single window failure */ + return 0; +} + __mock struct acpi_device *to_cxl_host_bridge(struct device *host, struct device *dev) {

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] drm/amd/display: Only allow dig mapping to pwrseq in new asic" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 4e73826089ce899357580bbf6e0afe4e6f9900b7 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022602-handshake-spoiled-e4a5@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: 4e73826089ce ("drm/amd/display: Only allow dig mapping to pwrseq in new asic") b17ef04bf3a4 ("drm/amd/display: Pass pwrseq inst for backlight and ABM") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 4e73826089ce899357580bbf6e0afe4e6f9900b7 Mon Sep 17 00:00:00 2001 From: Lewis Huang <lewis.huang(a)amd.com> Date: Wed, 31 Jan 2024 17:20:17 +0800 Subject: [PATCH] drm/amd/display: Only allow dig mapping to pwrseq in new asic [Why] The old asic only have 1 pwrseq hw. We don't need to map the diginst to pwrseq inst in old asic. [How] 1. Only mapping dig to pwrseq for new asic. 2. Move mapping function into dcn specific panel control component Cc: Stable <stable(a)vger.kernel.org> # v6.6+ Cc: Mario Limonciello <mario.limonciello(a)amd.com> Link: https://gitlab.freedesktop.org/drm/amd/-/issues/3122 Reviewed-by: Anthony Koo <anthony.koo(a)amd.com> Acked-by: Rodrigo Siqueira <rodrigo.siqueira(a)amd.com> Tested-by: Daniel Wheeler <daniel.wheeler(a)amd.com> Signed-off-by: Lewis Huang <lewis.huang(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> diff --git a/drivers/gpu/drm/amd/display/dc/dce/dce_panel_cntl.c b/drivers/gpu/drm/amd/display/dc/dce/dce_panel_cntl.c index e8570060d007..5bca67407c5b 100644 --- a/drivers/gpu/drm/amd/display/dc/dce/dce_panel_cntl.c +++ b/drivers/gpu/drm/amd/display/dc/dce/dce_panel_cntl.c @@ -290,4 +290,5 @@ void dce_panel_cntl_construct( dce_panel_cntl->base.funcs = &dce_link_panel_cntl_funcs; dce_panel_cntl->base.ctx = init_data->ctx; dce_panel_cntl->base.inst = init_data->inst; + dce_panel_cntl->base.pwrseq_inst = 0; } diff --git a/drivers/gpu/drm/amd/display/dc/dcn301/dcn301_panel_cntl.c b/drivers/gpu/drm/amd/display/dc/dcn301/dcn301_panel_cntl.c index ad0df1a72a90..9e96a3ace207 100644 --- a/drivers/gpu/drm/amd/display/dc/dcn301/dcn301_panel_cntl.c +++ b/drivers/gpu/drm/amd/display/dc/dcn301/dcn301_panel_cntl.c @@ -215,4 +215,5 @@ void dcn301_panel_cntl_construct( dcn301_panel_cntl->base.funcs = &dcn301_link_panel_cntl_funcs; dcn301_panel_cntl->base.ctx = init_data->ctx; dcn301_panel_cntl->base.inst = init_data->inst; + dcn301_panel_cntl->base.pwrseq_inst = 0; } diff --git a/drivers/gpu/drm/amd/display/dc/dcn31/dcn31_panel_cntl.c b/drivers/gpu/drm/amd/display/dc/dcn31/dcn31_panel_cntl.c index 03248422d6ff..281be20b1a10 100644 --- a/drivers/gpu/drm/amd/display/dc/dcn31/dcn31_panel_cntl.c +++ b/drivers/gpu/drm/amd/display/dc/dcn31/dcn31_panel_cntl.c @@ -154,8 +154,24 @@ void dcn31_panel_cntl_construct( struct dcn31_panel_cntl *dcn31_panel_cntl, const struct panel_cntl_init_data *init_data) { + uint8_t pwrseq_inst = 0xF; + dcn31_panel_cntl->base.funcs = &dcn31_link_panel_cntl_funcs; dcn31_panel_cntl->base.ctx = init_data->ctx; dcn31_panel_cntl->base.inst = init_data->inst; - dcn31_panel_cntl->base.pwrseq_inst = init_data->pwrseq_inst; + + switch (init_data->eng_id) { + case ENGINE_ID_DIGA: + pwrseq_inst = 0; + break; + case ENGINE_ID_DIGB: + pwrseq_inst = 1; + break; + default: + DC_LOG_WARNING("Unsupported pwrseq engine id: %d!\n", init_data->eng_id); + ASSERT(false); + break; + } + + dcn31_panel_cntl->base.pwrseq_inst = pwrseq_inst; } diff --git a/drivers/gpu/drm/amd/display/dc/inc/hw/panel_cntl.h b/drivers/gpu/drm/amd/display/dc/inc/hw/panel_cntl.h index 5dcbaa2db964..e97d964a1791 100644 --- a/drivers/gpu/drm/amd/display/dc/inc/hw/panel_cntl.h +++ b/drivers/gpu/drm/amd/display/dc/inc/hw/panel_cntl.h @@ -57,7 +57,7 @@ struct panel_cntl_funcs { struct panel_cntl_init_data { struct dc_context *ctx; uint32_t inst; - uint32_t pwrseq_inst; + uint32_t eng_id; }; struct panel_cntl { diff --git a/drivers/gpu/drm/amd/display/dc/link/link_factory.c b/drivers/gpu/drm/amd/display/dc/link/link_factory.c index 37d3027c32dc..cf22b8f28ba6 100644 --- a/drivers/gpu/drm/amd/display/dc/link/link_factory.c +++ b/drivers/gpu/drm/amd/display/dc/link/link_factory.c @@ -370,30 +370,6 @@ static enum transmitter translate_encoder_to_transmitter( } } -static uint8_t translate_dig_inst_to_pwrseq_inst(struct dc_link *link) -{ - uint8_t pwrseq_inst = 0xF; - struct dc_context *dc_ctx = link->dc->ctx; - - DC_LOGGER_INIT(dc_ctx->logger); - - switch (link->eng_id) { - case ENGINE_ID_DIGA: - pwrseq_inst = 0; - break; - case ENGINE_ID_DIGB: - pwrseq_inst = 1; - break; - default: - DC_LOG_WARNING("Unsupported pwrseq engine id: %d!\n", link->eng_id); - ASSERT(false); - break; - } - - return pwrseq_inst; -} - - static void link_destruct(struct dc_link *link) { int i; @@ -657,7 +633,7 @@ static bool construct_phy(struct dc_link *link, link->link_id.id == CONNECTOR_ID_LVDS)) { panel_cntl_init_data.ctx = dc_ctx; panel_cntl_init_data.inst = panel_cntl_init_data.ctx->dc_edp_id_count; - panel_cntl_init_data.pwrseq_inst = translate_dig_inst_to_pwrseq_inst(link); + panel_cntl_init_data.eng_id = link->eng_id; link->panel_cntl = link->dc->res_pool->funcs->panel_cntl_create( &panel_cntl_init_data);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] drm/meson: Don't remove bridges which are created by other" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x bd915ae73a2d78559b376ad2caf5e4ef51de2455 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022642-retool-clover-ecd7@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: bd915ae73a2d ("drm/meson: Don't remove bridges which are created by other drivers") 42dcf15f901c ("drm/meson: add DSI encoder") 6a044642988b ("drm/meson: fix unbind path if HDMI fails to bind") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From bd915ae73a2d78559b376ad2caf5e4ef51de2455 Mon Sep 17 00:00:00 2001 From: Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> Date: Thu, 15 Feb 2024 23:04:42 +0100 Subject: [PATCH] drm/meson: Don't remove bridges which are created by other drivers Stop calling drm_bridge_remove() for bridges allocated/managed by other drivers in the remove paths of meson_encoder_{cvbs,dsi,hdmi}. drm_bridge_remove() unregisters the bridge so it cannot be used anymore. Doing so for bridges we don't own can lead to the video pipeline not being able to come up after -EPROBE_DEFER of the VPU because we're unregistering a bridge that's managed by another driver. The other driver doesn't know that we have unregistered it's bridge and on subsequent .probe() we're not able to find those bridges anymore (since nobody re-creates them). This fixes probe errors on Meson8b boards with the CVBS outputs enabled. Fixes: 09847723c12f ("drm/meson: remove drm bridges at aggregate driver unbind time") Fixes: 42dcf15f901c ("drm/meson: add DSI encoder") Cc: <stable(a)vger.kernel.org> Reported-by: Steve Morvai <stevemorvai(a)hotmail.com> Signed-off-by: Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> Reviewed-by: Neil Armstrong <neil.armstrong(a)linaro.org> Tested-by: Steve Morvai <stevemorvai(a)hotmail.com> Link: https://lore.kernel.org/r/20240215220442.1343152-1-martin.blumenstingl@goog… Reviewed-by: Neil Armstrong <neil.armstrong(a)linaro.org> Signed-off-by: Neil Armstrong <neil.armstrong(a)linaro.org> Link: https://patchwork.freedesktop.org/patch/msgid/20240215220442.1343152-1-mart… diff --git a/drivers/gpu/drm/meson/meson_encoder_cvbs.c b/drivers/gpu/drm/meson/meson_encoder_cvbs.c index 3f73b211fa8e..3407450435e2 100644 --- a/drivers/gpu/drm/meson/meson_encoder_cvbs.c +++ b/drivers/gpu/drm/meson/meson_encoder_cvbs.c @@ -294,6 +294,5 @@ void meson_encoder_cvbs_remove(struct meson_drm *priv) if (priv->encoders[MESON_ENC_CVBS]) { meson_encoder_cvbs = priv->encoders[MESON_ENC_CVBS]; drm_bridge_remove(&meson_encoder_cvbs->bridge); - drm_bridge_remove(meson_encoder_cvbs->next_bridge); } } diff --git a/drivers/gpu/drm/meson/meson_encoder_dsi.c b/drivers/gpu/drm/meson/meson_encoder_dsi.c index 3f93c70488ca..311b91630fbe 100644 --- a/drivers/gpu/drm/meson/meson_encoder_dsi.c +++ b/drivers/gpu/drm/meson/meson_encoder_dsi.c @@ -168,6 +168,5 @@ void meson_encoder_dsi_remove(struct meson_drm *priv) if (priv->encoders[MESON_ENC_DSI]) { meson_encoder_dsi = priv->encoders[MESON_ENC_DSI]; drm_bridge_remove(&meson_encoder_dsi->bridge); - drm_bridge_remove(meson_encoder_dsi->next_bridge); } } diff --git a/drivers/gpu/drm/meson/meson_encoder_hdmi.c b/drivers/gpu/drm/meson/meson_encoder_hdmi.c index 25ea76558690..c4686568c9ca 100644 --- a/drivers/gpu/drm/meson/meson_encoder_hdmi.c +++ b/drivers/gpu/drm/meson/meson_encoder_hdmi.c @@ -474,6 +474,5 @@ void meson_encoder_hdmi_remove(struct meson_drm *priv) if (priv->encoders[MESON_ENC_HDMI]) { meson_encoder_hdmi = priv->encoders[MESON_ENC_HDMI]; drm_bridge_remove(&meson_encoder_hdmi->bridge); - drm_bridge_remove(meson_encoder_hdmi->next_bridge); } }

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix deadlock with fiemap and extent locking" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x b0ad381fa7690244802aed119b478b4bdafc31dd # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022655-fled-exes-9ef4@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: b0ad381fa769 ("btrfs: fix deadlock with fiemap and extent locking") 519b7e13b5ae ("btrfs: lock the inode in shared mode before starting fiemap") b3e744fe6d28 ("btrfs: use cached state when looking for delalloc ranges with fiemap") 8c6e53a79d16 ("btrfs: allow passing a cached state record to count_range_bits()") 8ddc8274e4be ("btrfs: search for delalloc more efficiently during lseek/fiemap") af979fd618a4 ("btrfs: skip unnecessary delalloc searches during lseek/fiemap") 40daf3e095db ("btrfs: add an early exit when searching for delalloc range for lseek/fiemap") af142b6f44d3 ("btrfs: move file prototypes to file.h") 7572dec8f522 ("btrfs: move ioctl prototypes into ioctl.h") c7a03b524d30 ("btrfs: move uuid tree prototypes to uuid-tree.h") 7c8ede162805 ("btrfs: move file-item prototypes into their own header") f2b39277b87d ("btrfs: move dir-item prototypes into dir-item.h") 59b818e064ab ("btrfs: move defrag related prototypes to their own header") a6a01ca61f49 ("btrfs: move the file defrag code into defrag.c") 6e3df18ba7e8 ("btrfs: move the auto defrag code to defrag.c") 2885fd632050 ("btrfs: move inode prototypes to btrfs_inode.h") 911bd75aca73 ("btrfs: remove unused function prototypes") 45c40c8f9541 ("btrfs: move root tree prototypes to their own header") 2839c2c142dd ("btrfs: move delalloc space related prototypes to delalloc-space.h") a0231804affe ("btrfs: move extent-tree helpers into their own header file") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b0ad381fa7690244802aed119b478b4bdafc31dd Mon Sep 17 00:00:00 2001 From: Josef Bacik <josef(a)toxicpanda.com> Date: Mon, 12 Feb 2024 11:56:02 -0500 Subject: [PATCH] btrfs: fix deadlock with fiemap and extent locking While working on the patchset to remove extent locking I got a lockdep splat with fiemap and pagefaulting with my new extent lock replacement lock. This deadlock exists with our normal code, we just don't have lockdep annotations with the extent locking so we've never noticed it. Since we're copying the fiemap extent to user space on every iteration we have the chance of pagefaulting. Because we hold the extent lock for the entire range we could mkwrite into a range in the file that we have mmap'ed. This would deadlock with the following stack trace [<0>] lock_extent+0x28d/0x2f0 [<0>] btrfs_page_mkwrite+0x273/0x8a0 [<0>] do_page_mkwrite+0x50/0xb0 [<0>] do_fault+0xc1/0x7b0 [<0>] __handle_mm_fault+0x2fa/0x460 [<0>] handle_mm_fault+0xa4/0x330 [<0>] do_user_addr_fault+0x1f4/0x800 [<0>] exc_page_fault+0x7c/0x1e0 [<0>] asm_exc_page_fault+0x26/0x30 [<0>] rep_movs_alternative+0x33/0x70 [<0>] _copy_to_user+0x49/0x70 [<0>] fiemap_fill_next_extent+0xc8/0x120 [<0>] emit_fiemap_extent+0x4d/0xa0 [<0>] extent_fiemap+0x7f8/0xad0 [<0>] btrfs_fiemap+0x49/0x80 [<0>] __x64_sys_ioctl+0x3e1/0xb50 [<0>] do_syscall_64+0x94/0x1a0 [<0>] entry_SYSCALL_64_after_hwframe+0x6e/0x76 I wrote an fstest to reproduce this deadlock without my replacement lock and verified that the deadlock exists with our existing locking. To fix this simply don't take the extent lock for the entire duration of the fiemap. This is safe in general because we keep track of where we are when we're searching the tree, so if an ordered extent updates in the middle of our fiemap call we'll still emit the correct extents because we know what offset we were on before. The only place we maintain the lock is searching delalloc. Since the delalloc stuff can change during writeback we want to lock the extent range so we have a consistent view of delalloc at the time we're checking to see if we need to set the delalloc flag. With this patch applied we no longer deadlock with my testcase. CC: stable(a)vger.kernel.org # 6.1+ Reviewed-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: Josef Bacik <josef(a)toxicpanda.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index a0ffd41c5cc1..61d961a30dee 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -2689,16 +2689,34 @@ static int fiemap_process_hole(struct btrfs_inode *inode, * it beyond i_size. */ while (cur_offset < end && cur_offset < i_size) { + struct extent_state *cached_state = NULL; u64 delalloc_start; u64 delalloc_end; u64 prealloc_start; + u64 lockstart; + u64 lockend; u64 prealloc_len = 0; bool delalloc; + lockstart = round_down(cur_offset, inode->root->fs_info->sectorsize); + lockend = round_up(end, inode->root->fs_info->sectorsize); + + /* + * We are only locking for the delalloc range because that's the + * only thing that can change here. With fiemap we have a lock + * on the inode, so no buffered or direct writes can happen. + * + * However mmaps and normal page writeback will cause this to + * change arbitrarily. We have to lock the extent lock here to + * make sure that nobody messes with the tree while we're doing + * btrfs_find_delalloc_in_range. + */ + lock_extent(&inode->io_tree, lockstart, lockend, &cached_state); delalloc = btrfs_find_delalloc_in_range(inode, cur_offset, end, delalloc_cached_state, &delalloc_start, &delalloc_end); + unlock_extent(&inode->io_tree, lockstart, lockend, &cached_state); if (!delalloc) break; @@ -2866,15 +2884,15 @@ int extent_fiemap(struct btrfs_inode *inode, struct fiemap_extent_info *fieinfo, u64 start, u64 len) { const u64 ino = btrfs_ino(inode); - struct extent_state *cached_state = NULL; struct extent_state *delalloc_cached_state = NULL; struct btrfs_path *path; struct fiemap_cache cache = { 0 }; struct btrfs_backref_share_check_ctx *backref_ctx; u64 last_extent_end; u64 prev_extent_end; - u64 lockstart; - u64 lockend; + u64 range_start; + u64 range_end; + const u64 sectorsize = inode->root->fs_info->sectorsize; bool stopped = false; int ret; @@ -2885,12 +2903,11 @@ int extent_fiemap(struct btrfs_inode *inode, struct fiemap_extent_info *fieinfo, goto out; } - lockstart = round_down(start, inode->root->fs_info->sectorsize); - lockend = round_up(start + len, inode->root->fs_info->sectorsize); - prev_extent_end = lockstart; + range_start = round_down(start, sectorsize); + range_end = round_up(start + len, sectorsize); + prev_extent_end = range_start; btrfs_inode_lock(inode, BTRFS_ILOCK_SHARED); - lock_extent(&inode->io_tree, lockstart, lockend, &cached_state); ret = fiemap_find_last_extent_offset(inode, path, &last_extent_end); if (ret < 0) @@ -2898,7 +2915,7 @@ int extent_fiemap(struct btrfs_inode *inode, struct fiemap_extent_info *fieinfo, btrfs_release_path(path); path->reada = READA_FORWARD; - ret = fiemap_search_slot(inode, path, lockstart); + ret = fiemap_search_slot(inode, path, range_start); if (ret < 0) { goto out_unlock; } else if (ret > 0) { @@ -2910,7 +2927,7 @@ int extent_fiemap(struct btrfs_inode *inode, struct fiemap_extent_info *fieinfo, goto check_eof_delalloc; } - while (prev_extent_end < lockend) { + while (prev_extent_end < range_end) { struct extent_buffer *leaf = path->nodes[0]; struct btrfs_file_extent_item *ei; struct btrfs_key key; @@ -2933,19 +2950,19 @@ int extent_fiemap(struct btrfs_inode *inode, struct fiemap_extent_info *fieinfo, * The first iteration can leave us at an extent item that ends * before our range's start. Move to the next item. */ - if (extent_end <= lockstart) + if (extent_end <= range_start) goto next_item; backref_ctx->curr_leaf_bytenr = leaf->start; /* We have in implicit hole (NO_HOLES feature enabled). */ if (prev_extent_end < key.offset) { - const u64 range_end = min(key.offset, lockend) - 1; + const u64 hole_end = min(key.offset, range_end) - 1; ret = fiemap_process_hole(inode, fieinfo, &cache, &delalloc_cached_state, backref_ctx, 0, 0, 0, - prev_extent_end, range_end); + prev_extent_end, hole_end); if (ret < 0) { goto out_unlock; } else if (ret > 0) { @@ -2955,7 +2972,7 @@ int extent_fiemap(struct btrfs_inode *inode, struct fiemap_extent_info *fieinfo, } /* We've reached the end of the fiemap range, stop. */ - if (key.offset >= lockend) { + if (key.offset >= range_end) { stopped = true; break; } @@ -3049,29 +3066,41 @@ int extent_fiemap(struct btrfs_inode *inode, struct fiemap_extent_info *fieinfo, btrfs_free_path(path); path = NULL; - if (!stopped && prev_extent_end < lockend) { + if (!stopped && prev_extent_end < range_end) { ret = fiemap_process_hole(inode, fieinfo, &cache, &delalloc_cached_state, backref_ctx, - 0, 0, 0, prev_extent_end, lockend - 1); + 0, 0, 0, prev_extent_end, range_end - 1); if (ret < 0) goto out_unlock; - prev_extent_end = lockend; + prev_extent_end = range_end; } if (cache.cached && cache.offset + cache.len >= last_extent_end) { const u64 i_size = i_size_read(&inode->vfs_inode); if (prev_extent_end < i_size) { + struct extent_state *cached_state = NULL; u64 delalloc_start; u64 delalloc_end; + u64 lockstart; + u64 lockend; bool delalloc; + lockstart = round_down(prev_extent_end, sectorsize); + lockend = round_up(i_size, sectorsize); + + /* + * See the comment in fiemap_process_hole as to why + * we're doing the locking here. + */ + lock_extent(&inode->io_tree, lockstart, lockend, &cached_state); delalloc = btrfs_find_delalloc_in_range(inode, prev_extent_end, i_size - 1, &delalloc_cached_state, &delalloc_start, &delalloc_end); + unlock_extent(&inode->io_tree, lockstart, lockend, &cached_state); if (!delalloc) cache.flags |= FIEMAP_EXTENT_LAST; } else { @@ -3082,7 +3111,6 @@ int extent_fiemap(struct btrfs_inode *inode, struct fiemap_extent_info *fieinfo, ret = emit_last_fiemap_cache(fieinfo, &cache); out_unlock: - unlock_extent(&inode->io_tree, lockstart, lockend, &cached_state); btrfs_inode_unlock(inode, BTRFS_ILOCK_SHARED); out: free_extent_state(delalloc_cached_state);

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: defrag: avoid unnecessary defrag caused by incorrect" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x e42b9d8b9ea2672811285e6a7654887ff64d23f3 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022640-deepness-manatee-1a30@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: e42b9d8b9ea2 ("btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size") a6a01ca61f49 ("btrfs: move the file defrag code into defrag.c") 6e3df18ba7e8 ("btrfs: move the auto defrag code to defrag.c") 07e81dc94474 ("btrfs: move accessor helpers into accessors.h") ad1ac5012c2b ("btrfs: move btrfs_map_token to accessors") 55e5cfd36da5 ("btrfs: remove fs_info::pending_changes and related code") 7966a6b5959b ("btrfs: move fs_info::flags enum to fs.h") fc97a410bd78 ("btrfs: move mount option definitions to fs.h") 0d3a9cf8c306 ("btrfs: convert incompat and compat flag test helpers to macros") ec8eb376e271 ("btrfs: move BTRFS_FS_STATE* definitions and helpers to fs.h") 9b569ea0be6f ("btrfs: move the printk helpers out of ctree.h") e118578a8df7 ("btrfs: move assert helpers out of ctree.h") c7f13d428ea1 ("btrfs: move fs wide helpers out of ctree.h") 63a7cb130718 ("btrfs: auto enable discard=async when possible") 7a66eda351ba ("btrfs: move the btrfs_verity_descriptor_item defs up in ctree.h") 956504a331a6 ("btrfs: move trans_handle_cachep out of ctree.h") f1e5c6185ca1 ("btrfs: move flush related definitions to space-info.h") ed4c491a3db2 ("btrfs: move BTRFS_MAX_MIRRORS into scrub.c") 4300c58f8090 ("btrfs: move btrfs on-disk definitions out of ctree.h") d60d956eb41f ("btrfs: remove unused set/clear_pending_info helpers") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e42b9d8b9ea2672811285e6a7654887ff64d23f3 Mon Sep 17 00:00:00 2001 From: Qu Wenruo <wqu(a)suse.com> Date: Wed, 7 Feb 2024 10:00:42 +1030 Subject: [PATCH] btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size [BUG] With the following file extent layout, defrag would do unnecessary IO and result more on-disk space usage. # mkfs.btrfs -f $dev # mount $dev $mnt # xfs_io -f -c "pwrite 0 40m" $mnt/foobar # sync # xfs_io -f -c "pwrite 40m 16k" $mnt/foobar # sync Above command would lead to the following file extent layout: item 6 key (257 EXTENT_DATA 0) itemoff 15816 itemsize 53 generation 7 type 1 (regular) extent data disk byte 298844160 nr 41943040 extent data offset 0 nr 41943040 ram 41943040 extent compression 0 (none) item 7 key (257 EXTENT_DATA 41943040) itemoff 15763 itemsize 53 generation 8 type 1 (regular) extent data disk byte 13631488 nr 16384 extent data offset 0 nr 16384 ram 16384 extent compression 0 (none) Which is mostly fine. We can allow the final 16K to be merged with the previous 40M, but it's upon the end users' preference. But if we defrag the file using the default parameters, it would result worse file layout: # btrfs filesystem defrag $mnt/foobar # sync item 6 key (257 EXTENT_DATA 0) itemoff 15816 itemsize 53 generation 7 type 1 (regular) extent data disk byte 298844160 nr 41943040 extent data offset 0 nr 8650752 ram 41943040 extent compression 0 (none) item 7 key (257 EXTENT_DATA 8650752) itemoff 15763 itemsize 53 generation 9 type 1 (regular) extent data disk byte 340787200 nr 33292288 extent data offset 0 nr 33292288 ram 33292288 extent compression 0 (none) item 8 key (257 EXTENT_DATA 41943040) itemoff 15710 itemsize 53 generation 8 type 1 (regular) extent data disk byte 13631488 nr 16384 extent data offset 0 nr 16384 ram 16384 extent compression 0 (none) Note the original 40M extent is still there, but a new 32M extent is created for no benefit at all. [CAUSE] There is an existing check to make sure we won't defrag a large enough extent (the threshold is by default 32M). But the check is using the length to the end of the extent: range_len = em->len - (cur - em->start); /* Skip too large extent */ if (range_len >= extent_thresh) goto next; This means, for the first 8MiB of the extent, the range_len is always smaller than the default threshold, and would not be defragged. But after the first 8MiB, the remaining part would fit the requirement, and be defragged. Such different behavior inside the same extent caused the above problem, and we should avoid different defrag decision inside the same extent. [FIX] Instead of using @range_len, just use @em->len, so that we have a consistent decision among the same file extent. Now with this fix, we won't touch the extent, thus not making it any worse. Reported-by: Filipe Manana <fdmanana(a)suse.com> Fixes: 0cb5950f3f3b ("btrfs: fix deadlock when reserving space during defrag") CC: stable(a)vger.kernel.org # 6.1+ Reviewed-by: Boris Burkov <boris(a)bur.io> Reviewed-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/defrag.c b/fs/btrfs/defrag.c index c276b136ab63..5b0b64571418 100644 --- a/fs/btrfs/defrag.c +++ b/fs/btrfs/defrag.c @@ -1046,7 +1046,7 @@ static int defrag_collect_targets(struct btrfs_inode *inode, goto add; /* Skip too large extent */ - if (range_len >= extent_thresh) + if (em->len >= extent_thresh) goto next; /*

1 year, 6 months

1
0
0 0

FAILED: patch "[PATCH] LoongArch: Update cpu_sibling_map when disabling nonboot CPUs" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 752cd08da320a667a833803a8fd6bb266114cce5 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024022657-dash-dividers-8bff@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 752cd08da320 ("LoongArch: Update cpu_sibling_map when disabling nonboot CPUs") f6f0c9a74a48 ("LoongArch: Add SMT (Simultaneous Multi-Threading) support") 366bb35a8e48 ("LoongArch: Add suspend (ACPI S3) support") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 752cd08da320a667a833803a8fd6bb266114cce5 Mon Sep 17 00:00:00 2001 From: Huacai Chen <chenhuacai(a)kernel.org> Date: Fri, 23 Feb 2024 14:36:31 +0800 Subject: [PATCH] LoongArch: Update cpu_sibling_map when disabling nonboot CPUs Update cpu_sibling_map when disabling nonboot CPUs by defining & calling clear_cpu_sibling_map(), otherwise we get such errors on SMT systems: jump label: negative count! WARNING: CPU: 6 PID: 45 at kernel/jump_label.c:263 __static_key_slow_dec_cpuslocked+0xec/0x100 CPU: 6 PID: 45 Comm: cpuhp/6 Not tainted 6.8.0-rc5+ #1340 pc 90000000004c302c ra 90000000004c302c tp 90000001005bc000 sp 90000001005bfd20 a0 000000000000001b a1 900000000224c278 a2 90000001005bfb58 a3 900000000224c280 a4 900000000224c278 a5 90000001005bfb50 a6 0000000000000001 a7 0000000000000001 t0 ce87a4763eb5234a t1 ce87a4763eb5234a t2 0000000000000000 t3 0000000000000000 t4 0000000000000006 t5 0000000000000000 t6 0000000000000064 t7 0000000000001964 t8 000000000009ebf6 u0 9000000001f2a068 s9 0000000000000000 s0 900000000246a2d8 s1 ffffffffffffffff s2 ffffffffffffffff s3 90000000021518c0 s4 0000000000000040 s5 9000000002151058 s6 9000000009828e40 s7 00000000000000b4 s8 0000000000000006 ra: 90000000004c302c __static_key_slow_dec_cpuslocked+0xec/0x100 ERA: 90000000004c302c __static_key_slow_dec_cpuslocked+0xec/0x100 CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE) PRMD: 00000004 (PPLV0 +PIE -PWE) EUEN: 00000000 (-FPE -SXE -ASXE -BTE) ECFG: 00071c1c (LIE=2-4,10-12 VS=7) ESTAT: 000c0000 [BRK] (IS= ECode=12 EsubCode=0) PRID: 0014d000 (Loongson-64bit, Loongson-3A6000-HV) CPU: 6 PID: 45 Comm: cpuhp/6 Not tainted 6.8.0-rc5+ #1340 Stack : 0000000000000000 900000000203f258 900000000179afc8 90000001005bc000 90000001005bf980 0000000000000000 90000001005bf988 9000000001fe0be0 900000000224c280 900000000224c278 90000001005bf8c0 0000000000000001 0000000000000001 ce87a4763eb5234a 0000000007f38000 90000001003f8cc0 0000000000000000 0000000000000006 0000000000000000 4c206e6f73676e6f 6f4c203a656d616e 000000000009ec99 0000000007f38000 0000000000000000 900000000214b000 9000000001fe0be0 0000000000000004 0000000000000000 0000000000000107 0000000000000009 ffffffffffafdabe 00000000000000b4 0000000000000006 90000000004c302c 9000000000224528 00005555939a0c7c 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1c ... Call Trace: [<9000000000224528>] show_stack+0x48/0x1a0 [<900000000179afc8>] dump_stack_lvl+0x78/0xa0 [<9000000000263ed0>] __warn+0x90/0x1a0 [<90000000017419b8>] report_bug+0x1b8/0x280 [<900000000179c564>] do_bp+0x264/0x420 [<90000000004c302c>] __static_key_slow_dec_cpuslocked+0xec/0x100 [<90000000002b4d7c>] sched_cpu_deactivate+0x2fc/0x300 [<9000000000266498>] cpuhp_invoke_callback+0x178/0x8a0 [<9000000000267f70>] cpuhp_thread_fun+0xf0/0x240 [<90000000002a117c>] smpboot_thread_fn+0x1dc/0x2e0 [<900000000029a720>] kthread+0x140/0x160 [<9000000000222288>] ret_from_kernel_thread+0xc/0xa4 Cc: stable(a)vger.kernel.org Signed-off-by: Huacai Chen <chenhuacai(a)loongson.cn> diff --git a/arch/loongarch/kernel/smp.c b/arch/loongarch/kernel/smp.c index 87b7190fe48e..aabee0b280fe 100644 --- a/arch/loongarch/kernel/smp.c +++ b/arch/loongarch/kernel/smp.c @@ -88,6 +88,73 @@ void show_ipi_list(struct seq_file *p, int prec) } } +static inline void set_cpu_core_map(int cpu) +{ + int i; + + cpumask_set_cpu(cpu, &cpu_core_setup_map); + + for_each_cpu(i, &cpu_core_setup_map) { + if (cpu_data[cpu].package == cpu_data[i].package) { + cpumask_set_cpu(i, &cpu_core_map[cpu]); + cpumask_set_cpu(cpu, &cpu_core_map[i]); + } + } +} + +static inline void set_cpu_sibling_map(int cpu) +{ + int i; + + cpumask_set_cpu(cpu, &cpu_sibling_setup_map); + + for_each_cpu(i, &cpu_sibling_setup_map) { + if (cpus_are_siblings(cpu, i)) { + cpumask_set_cpu(i, &cpu_sibling_map[cpu]); + cpumask_set_cpu(cpu, &cpu_sibling_map[i]); + } + } +} + +static inline void clear_cpu_sibling_map(int cpu) +{ + int i; + + for_each_cpu(i, &cpu_sibling_setup_map) { + if (cpus_are_siblings(cpu, i)) { + cpumask_clear_cpu(i, &cpu_sibling_map[cpu]); + cpumask_clear_cpu(cpu, &cpu_sibling_map[i]); + } + } + + cpumask_clear_cpu(cpu, &cpu_sibling_setup_map); +} + +/* + * Calculate a new cpu_foreign_map mask whenever a + * new cpu appears or disappears. + */ +void calculate_cpu_foreign_map(void) +{ + int i, k, core_present; + cpumask_t temp_foreign_map; + + /* Re-calculate the mask */ + cpumask_clear(&temp_foreign_map); + for_each_online_cpu(i) { + core_present = 0; + for_each_cpu(k, &temp_foreign_map) + if (cpus_are_siblings(i, k)) + core_present = 1; + if (!core_present) + cpumask_set_cpu(i, &temp_foreign_map); + } + + for_each_online_cpu(i) + cpumask_andnot(&cpu_foreign_map[i], + &temp_foreign_map, &cpu_sibling_map[i]); +} + /* Send mailbox buffer via Mail_Send */ static void csr_mail_send(uint64_t data, int cpu, int mailbox) { @@ -303,6 +370,7 @@ int loongson_cpu_disable(void) numa_remove_cpu(cpu); #endif set_cpu_online(cpu, false); + clear_cpu_sibling_map(cpu); calculate_cpu_foreign_map(); local_irq_save(flags); irq_migrate_all_off_this_cpu(); @@ -380,59 +448,6 @@ static int __init ipi_pm_init(void) core_initcall(ipi_pm_init); #endif -static inline void set_cpu_sibling_map(int cpu) -{ - int i; - - cpumask_set_cpu(cpu, &cpu_sibling_setup_map); - - for_each_cpu(i, &cpu_sibling_setup_map) { - if (cpus_are_siblings(cpu, i)) { - cpumask_set_cpu(i, &cpu_sibling_map[cpu]); - cpumask_set_cpu(cpu, &cpu_sibling_map[i]); - } - } -} - -static inline void set_cpu_core_map(int cpu) -{ - int i; - - cpumask_set_cpu(cpu, &cpu_core_setup_map); - - for_each_cpu(i, &cpu_core_setup_map) { - if (cpu_data[cpu].package == cpu_data[i].package) { - cpumask_set_cpu(i, &cpu_core_map[cpu]); - cpumask_set_cpu(cpu, &cpu_core_map[i]); - } - } -} - -/* - * Calculate a new cpu_foreign_map mask whenever a - * new cpu appears or disappears. - */ -void calculate_cpu_foreign_map(void) -{ - int i, k, core_present; - cpumask_t temp_foreign_map; - - /* Re-calculate the mask */ - cpumask_clear(&temp_foreign_map); - for_each_online_cpu(i) { - core_present = 0; - for_each_cpu(k, &temp_foreign_map) - if (cpus_are_siblings(i, k)) - core_present = 1; - if (!core_present) - cpumask_set_cpu(i, &temp_foreign_map); - } - - for_each_online_cpu(i) - cpumask_andnot(&cpu_foreign_map[i], - &temp_foreign_map, &cpu_sibling_map[i]); -} - /* Preload SMP state for boot cpu */ void smp_prepare_boot_cpu(void) {

1 year, 6 months

1
0
0 0

[PATCH 0/3] Support intra-function call validation

by $(name)

From: Rui Qi <qirui.001(a)bytedance.com> Since kernel version 5.4.250 LTS, there has been an issue with the kernel live patching feature becoming unavailable. When compiling the sample code for kernel live patching, the following message is displayed when enabled: livepatch: klp_check_stack: kworker/u256:6:23490 has an unreliable stack After investigation, it was found that this is due to objtool not supporting intra-function calls, resulting in incorrect orc entry generation. This patchset adds support for intra-function calls, allowing the kernel live patching feature to work correctly. Alexandre Chartre (2): objtool: is_fentry_call() crashes if call has no destination objtool: Add support for intra-function calls Rui Qi (1): x86/speculation: Support intra-function call validation arch/x86/include/asm/nospec-branch.h | 7 ++ include/linux/frame.h | 11 ++++ .../Documentation/stack-validation.txt | 8 +++ tools/objtool/arch/x86/decode.c | 6 ++ tools/objtool/check.c | 64 +++++++++++++++++-- 5 files changed, 91 insertions(+), 5 deletions(-) -- 2.39.2 (Apple Git-143)

1 year, 6 months

2
4
0 0

[PATCH 5.15] media: atomisp: sh_css: check ia_css_pipeline_create_and_add_stage() return code

by Alexandra Diupina

commit 912680064f94 ("media: atomisp: make sh_css similar to Intel Aero driver") removes the affected code, but in versions tags/v5.8-rc1~10^2~220 - tags/v5.17-rc1~114^2~261 there is no check for the return value of the ia_css_pipeline_create_and_add_stage() function. ia_css_pipeline_create_and_add_stage() may return an error code, so check and return it on error. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 7796e455170e ("media: staging: media: atomisp: Fix alignment and line length issues") Signed-off-by: Alexandra Diupina <adiupina(a)astralinux.ru> --- drivers/staging/media/atomisp/pci/sh_css.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/staging/media/atomisp/pci/sh_css.c b/drivers/staging/media/atomisp/pci/sh_css.c index ba25d0da8b81..8502adb75a5a 100644 --- a/drivers/staging/media/atomisp/pci/sh_css.c +++ b/drivers/staging/media/atomisp/pci/sh_css.c @@ -7912,6 +7912,10 @@ create_host_regular_capture_pipeline(struct ia_css_pipe *pipe) out_frames, in_frame, NULL); err = ia_css_pipeline_create_and_add_stage(me, &stage_desc, NULL); + if (err) { + IA_CSS_LEAVE_ERR_PRIVATE(err); + return err; + } } else if (need_pp && current_stage) { in_frame = current_stage->args.out_frame[0]; err = add_capture_pp_stage(pipe, me, in_frame, -- 2.30.2

1 year, 6 months

2
1
0 0

[PATCH 0/3] Support intra-function call validation

by $(uname)

From: Rui Qi <qirui.001(a)bytedance.com> Since kernel version 5.4.250 LTS, there has been an issue with the kernel live patching feature becoming unavailable. When compiling the sample code for kernel live patching, the following message is displayed when enabled: livepatch: klp_check_stack: kworker/u256:6:23490 has an unreliable stack After investigation, it was found that this is due to objtool not supporting intra-function calls, resulting in incorrect orc entry generation. This patchset adds support for intra-function calls, allowing the kernel live patching feature to work correctly. Alexandre Chartre (2): objtool: is_fentry_call() crashes if call has no destination objtool: Add support for intra-function calls Rui Qi (1): x86/speculation: Support intra-function call validation arch/x86/include/asm/nospec-branch.h | 7 ++ include/linux/frame.h | 11 ++++ .../Documentation/stack-validation.txt | 8 +++ tools/objtool/arch/x86/decode.c | 6 ++ tools/objtool/check.c | 64 +++++++++++++++++-- 5 files changed, 91 insertions(+), 5 deletions(-) -- 2.39.2 (Apple Git-143)

1 year, 6 months

1
0
0 0

[PATCH V2] usb: dwc3: gadget: Fix suspend/resume warning when no-gadget is connected

by Michael Trimarchi

This patch restore the logic but protects the variable using a spinlock without moving the code [ 45.597274] dwc3 31000000.usb: wait for SETUP phase timed out [ 45.599140] dwc3 31000000.usb: failed to set STALL on ep0out [ 45.601069] ------------[ cut here ]------------ [ 45.601073] WARNING: CPU: 0 PID: 150 at drivers/usb/dwc3/ep0.c:289 dwc3_ep0_out_start+0xcc/0xd4 [ 45.601102] Modules linked in: cfg80211 rfkill ipv6 rpmsg_ctrl rpmsg_char crct10dif_ce rti_wdt k3_j72xx_bandgap rtc_ti_k3 omap_mailbox sa2ul authenc [last unloaded: ti_k3_r5_remoteproc] [ 45.601151] CPU: 0 PID: 150 Comm: sh Not tainted 6.8.0-rc5 #1 [ 45.601159] Hardware name: BSH - CCM-M3 (DT) [ 45.601164] pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 45.601172] pc : dwc3_ep0_out_start+0xcc/0xd4 [ 45.601179] lr : dwc3_ep0_out_start+0x50/0xd4 [ 45.601186] sp : ffff8000832739e0 [ 45.601189] x29: ffff8000832739e0 x28: ffff800082a21000 x27: ffff8000808dc630 [ 45.601200] x26: 0000000000000002 x25: ffff800082530a44 x24: 0000000000000000 [ 45.601210] x23: ffff000000e079a0 x22: ffff000000e07a68 x21: 0000000000000001 [ 45.601219] x20: ffff000000e07880 x19: ffff000000e07880 x18: 0000000000000040 [ 45.601229] x17: ffff7fff8e1ce000 x16: ffff800080000000 x15: fffffffffffe5260 [ 45.601239] x14: 0000000000000000 x13: 206e6f204c4c4154 x12: 5320746573206f74 [ 45.601249] x11: 0000000000000001 x10: 000000000000000a x9 : ffff800083273930 [ 45.601259] x8 : 000000000000000a x7 : ffffffffffff3f0c x6 : ffffffffffff3f00 [ 45.601268] x5 : ffffffffffff3f0c x4 : 0000000000000000 x3 : 0000000000000000 [ 45.601278] x2 : 0000000000000000 x1 : ffff000004e7e600 x0 : 00000000ffffff92 [ 45.601289] Call trace: [ 45.601293] dwc3_ep0_out_start+0xcc/0xd4 [ 45.601301] dwc3_ep0_stall_and_restart+0x98/0xbc [ 45.601309] dwc3_ep0_reset_state+0x5c/0x88 [ 45.601315] dwc3_gadget_soft_disconnect+0x144/0x160 [ 45.601323] dwc3_gadget_suspend+0x18/0xb0 [ 45.601329] dwc3_suspend_common+0x5c/0x18c [ 45.601341] dwc3_suspend+0x20/0x44 [ 45.601350] platform_pm_suspend+0x2c/0x6c [ 45.601360] __device_suspend+0x10c/0x34c [ 45.601372] dpm_suspend+0x1a8/0x240 [ 45.601382] dpm_suspend_start+0x80/0x9c [ 45.601391] suspend_devices_and_enter+0x1c4/0x584 [ 45.601402] pm_suspend+0x1b0/0x264 [ 45.601408] state_store+0x80/0xec [ 45.601415] kobj_attr_store+0x18/0x2c [ 45.601426] sysfs_kf_write+0x44/0x54 [ 45.601434] kernfs_fop_write_iter+0x120/0x1ec [ 45.601445] vfs_write+0x23c/0x358 [ 45.601458] ksys_write+0x70/0x104 [ 45.601467] __arm64_sys_write+0x1c/0x28 [ 45.601477] invoke_syscall+0x48/0x114 [ 45.601488] el0_svc_common.constprop.0+0x40/0xe0 [ 45.601498] do_el0_svc+0x1c/0x28 [ 45.601506] el0_svc+0x34/0xb8 [ 45.601516] el0t_64_sync_handler+0x100/0x12c [ 45.601522] el0t_64_sync+0x190/0x194 [ 45.601531] ---[ end trace 0000000000000000 ]--- [ 45.608794] Disabling non-boot CPUs ... [ 45.611029] psci: CPU1 killed (polled 0 ms) [ 45.611837] Enabling non-boot CPUs ... [ 45.612247] Detected VIPT I-cache on CPU1 Tested on a am62x board Fixes: 61a348857e86 ("usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend) Cc: stable(a)vger.kernel.org Signed-off-by: Michael Trimarchi <michael(a)amarulasolutions.com> --- V1->V2: Add cc to stable --- drivers/usb/dwc3/gadget.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c index 4c8dd6724678..4c88e44127b5 100644 --- a/drivers/usb/dwc3/gadget.c +++ b/drivers/usb/dwc3/gadget.c @@ -4703,13 +4703,19 @@ int dwc3_gadget_suspend(struct dwc3 *dwc) unsigned long flags; int ret; + spin_lock_irqsave(&dwc->lock, flags); + if (!dwc->gadget_driver) { + spin_unlock_irqrestore(&dwc->lock, flags); + return 0; + } + spin_unlock_irqrestore(&dwc->lock, flags); + ret = dwc3_gadget_soft_disconnect(dwc); if (ret) goto err; spin_lock_irqsave(&dwc->lock, flags); - if (dwc->gadget_driver) - dwc3_disconnect_gadget(dwc); + dwc3_disconnect_gadget(dwc); spin_unlock_irqrestore(&dwc->lock, flags); return 0; -- 2.40.1

1 year, 6 months

2
1
0 0

[PATCH] Revert "usb: typec: tcpm: reset counter when enter into unattached state after try role"

by Ondřej Jirman

From: Ondrej Jirman <megi(a)xff.cz> The reverted commit makes the state machine only ever go from SRC_ATTACH_WAIT to SNK_TRY in endless loop when toggling. After revert it goes to SRC_ATTACHED after initially trying SNK_TRY earlier, as it should for toggling to ever detect the power source mode and the port is again able to provide power to attached power sinks. This reverts commit 2d6d80127006ae3da26b1f21a65eccf957f2d1e5. Cc: stable(a)vger.kernel.org Fixes: 2d6d80127006 ("usb: typec: tcpm: reset counter when enter into unattached state after try role") Signed-of-by: Ondrej Jirman <megi(a)xff.cz> --- drivers/usb/typec/tcpm/tcpm.c | 3 --- 1 file changed, 3 deletions(-) See https://lore.kernel.org/all/odggrbbgjpardze76qiv57mw6tllisyu5sbrta37iadjzwa… for more. diff --git a/drivers/usb/typec/tcpm/tcpm.c b/drivers/usb/typec/tcpm/tcpm.c index f7d7daa60c8d..295ae7eb912c 100644 --- a/drivers/usb/typec/tcpm/tcpm.c +++ b/drivers/usb/typec/tcpm/tcpm.c @@ -3743,9 +3743,6 @@ static void tcpm_detach(struct tcpm_port *port) if (tcpm_port_is_disconnected(port)) port->hard_reset_count = 0; - port->try_src_count = 0; - port->try_snk_count = 0; - if (!port->attached) return; -- 2.43.0

1 year, 6 months

2
1
0 0

[PATCH stable 4.19] mm: memcontrol: switch to rcu protection in drain_all_stock()

by GONG, Ruiqi

From: Roman Gushchin <guro(a)fb.com> commit e1a366be5cb4f849ec4de170d50eebc08bb0af20 upstream. Commit 72f0184c8a00 ("mm, memcg: remove hotplug locking from try_charge") introduced css_tryget()/css_put() calls in drain_all_stock(), which are supposed to protect the target memory cgroup from being released during the mem_cgroup_is_descendant() call. However, it's not completely safe. In theory, memcg can go away between reading stock->cached pointer and calling css_tryget(). This can happen if drain_all_stock() races with drain_local_stock() performed on the remote cpu as a result of a work, scheduled by the previous invocation of drain_all_stock(). The race is a bit theoretical and there are few chances to trigger it, but the current code looks a bit confusing, so it makes sense to fix it anyway. The code looks like as if css_tryget() and css_put() are used to protect stocks drainage. It's not necessary because stocked pages are holding references to the cached cgroup. And it obviously won't work for works, scheduled on other cpus. So, let's read the stock->cached pointer and evaluate the memory cgroup inside a rcu read section, and get rid of css_tryget()/css_put() calls. Link: http://lkml.kernel.org/r/20190802192241.3253165-1-guro@fb.com Signed-off-by: Roman Gushchin <guro(a)fb.com> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: Hillf Danton <hdanton(a)sina.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Vladimir Davydov <vdavydov.dev(a)gmail.com> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: stable(a)vger.kernel.org # 4.19 Fixes: cdec2e4265df ("memcg: coalesce charging via percpu storage") Signed-off-by: GONG, Ruiqi <gongruiqi1(a)huawei.com> --- This patch [1] fixed a UAF problem in drain_all_stock() existed prior to 5.9, and following discussions [2] mentioned that the fix depends on an RCU read protection to stock->cached (introduced in 5.4), which doesn't existed in 4.19. So backport this part to 4.19 as well. [1]: https://lore.kernel.org/all/20240221081801.69764-1-gongruiqi1@huawei.com/ [2]: https://lore.kernel.org/all/ZdXLgjpUfpwEwAe0@tiehlicka/ mm/memcontrol.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/mm/memcontrol.c b/mm/memcontrol.c index 8c04296df1c7..d187bfb43b1f 100644 --- a/mm/memcontrol.c +++ b/mm/memcontrol.c @@ -2094,21 +2094,22 @@ static void drain_all_stock(struct mem_cgroup *root_memcg) for_each_online_cpu(cpu) { struct memcg_stock_pcp *stock = &per_cpu(memcg_stock, cpu); struct mem_cgroup *memcg; + bool flush = false; + rcu_read_lock(); memcg = stock->cached; - if (!memcg || !stock->nr_pages || !css_tryget(&memcg->css)) - continue; - if (!mem_cgroup_is_descendant(memcg, root_memcg)) { - css_put(&memcg->css); - continue; - } - if (!test_and_set_bit(FLUSHING_CACHED_CHARGE, &stock->flags)) { + if (memcg && stock->nr_pages && + mem_cgroup_is_descendant(memcg, root_memcg)) + flush = true; + rcu_read_unlock(); + + if (flush && + !test_and_set_bit(FLUSHING_CACHED_CHARGE, &stock->flags)) { if (cpu == curcpu) drain_local_stock(&stock->work); else schedule_work_on(cpu, &stock->work); } - css_put(&memcg->css); } put_cpu(); mutex_unlock(&percpu_charge_mutex); -- 2.25.1

1 year, 6 months

2
1
0 0

[PATCH 5.10/5.15 v2 0/1 RESEND] mm/truncate: fix WARNING in ext4_set_page_dirty()

by Roman Smirnov

Syzkaller reports warning in ext4_set_page_dirty() in 5.10 and 5.15 stable releases. It happens because invalidate_inode_page() frees pages that are needed for the system. To fix this we need to add additional checks to the function. page_mapped() checks if a page exists in the page tables, but this is not enough. The page can be used in other places: https://elixir.bootlin.com/linux/v6.8-rc1/source/include/linux/page_ref.h#L… Kernel outputs an error line related to direct I/O: https://syzkaller.appspot.com/text?tag=CrashLog&x=14ab52dac80000 The problem can be fixed in 5.10 and 5.15 stable releases by the following patch. The patch replaces page_mapped() call with check that finds additional references to the page excluding page cache and filesystem private data. If additional references exist, the page cannot be freed. This version does not include the first patch from the first version. The problem can be fixed without it. Found by Linux Verification Center (linuxtesting.org) with Syzkaller. Link: https://syzkaller.appspot.com/bug?extid=02f21431b65c214aa1d6 Previous discussion: https://lore.kernel.org/all/20240125130947.600632-1-r.smirnov@omp.ru/T/ Matthew Wilcox (Oracle) (1): mm/truncate: Replace page_mapped() call in invalidate_inode_page() mm/truncate.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) -- 2.34.1

1 year, 6 months

1
2
0 0

Re: Patch "xhci: fix possible null pointer deref during xhci urb enqueue" has been added to the 6.7-stab

by Pascal Ernster

[2024-02-23 18:45] Sasha Levin: > This is a note to let you know that I've just added the patch titled > > xhci: fix possible null pointer deref during xhci urb enqueue > > to the 6.7-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > xhci-fix-possible-null-pointer-deref-during-xhci-urb.patch > and it can be found in the queue-6.7 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > > commit fb9100c2c6b7b172650ba25283cc4cf9af1d082c > Author: Mathias Nyman <mathias.nyman(a)linux.intel.com> > Date: Fri Dec 1 17:06:47 2023 +0200 > > xhci: fix possible null pointer deref during xhci urb enqueue > > [ Upstream commit e2e2aacf042f52854c92775b7800ba668e0bdfe4 ] > > There is a short gap between urb being submitted and actually added to the > endpoint queue (linked). If the device is disconnected during this time > then usb core is not yet aware of the pending urb, and device may be freed > just before xhci_urq_enqueue() continues, dereferencing the freed device. > > Freeing the device is protected by the xhci spinlock, so make sure we take > and keep the lock while checking that device exists, dereference it, and > add the urb to the queue. > > Remove the unnecessary URB check, usb core checks it before calling > xhci_urb_enqueue() > > Suggested-by: Kuen-Han Tsai <khtsai(a)google.com> > Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> > Link: https://lore.kernel.org/r/20231201150647.1307406-20-mathias.nyman@linux.int… > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > > diff --git a/drivers/usb/host/xhci.c b/drivers/usb/host/xhci.c > index 884b0898d9c95..ddb686301af5d 100644 > --- a/drivers/usb/host/xhci.c > +++ b/drivers/usb/host/xhci.c > @@ -1522,24 +1522,7 @@ static int xhci_urb_enqueue(struct usb_hcd *hcd, struct urb *urb, gfp_t mem_flag > struct urb_priv *urb_priv; > int num_tds; > > - if (!urb) > - return -EINVAL; > - ret = xhci_check_args(hcd, urb->dev, urb->ep, > - true, true, __func__); > - if (ret <= 0) > - return ret ? ret : -EINVAL; > - > - slot_id = urb->dev->slot_id; > ep_index = xhci_get_endpoint_index(&urb->ep->desc); > - ep_state = &xhci->devs[slot_id]->eps[ep_index].ep_state; > - > - if (!HCD_HW_ACCESSIBLE(hcd)) > - return -ESHUTDOWN; > - > - if (xhci->devs[slot_id]->flags & VDEV_PORT_ERROR) { > - xhci_dbg(xhci, "Can't queue urb, port error, link inactive\n"); > - return -ENODEV; > - } > > if (usb_endpoint_xfer_isoc(&urb->ep->desc)) > num_tds = urb->number_of_packets; > @@ -1578,12 +1561,35 @@ static int xhci_urb_enqueue(struct usb_hcd *hcd, struct urb *urb, gfp_t mem_flag > > spin_lock_irqsave(&xhci->lock, flags); > > + ret = xhci_check_args(hcd, urb->dev, urb->ep, > + true, true, __func__); > + if (ret <= 0) { > + ret = ret ? ret : -EINVAL; > + goto free_priv; > + } > + > + slot_id = urb->dev->slot_id; > + > + if (!HCD_HW_ACCESSIBLE(hcd)) { > + ret = -ESHUTDOWN; > + goto free_priv; > + } > + > + if (xhci->devs[slot_id]->flags & VDEV_PORT_ERROR) { > + xhci_dbg(xhci, "Can't queue urb, port error, link inactive\n"); > + ret = -ENODEV; > + goto free_priv; > + } > + > if (xhci->xhc_state & XHCI_STATE_DYING) { > xhci_dbg(xhci, "Ep 0x%x: URB %p submitted for non-responsive xHCI host.\n", > urb->ep->desc.bEndpointAddress, urb); > ret = -ESHUTDOWN; > goto free_priv; > } > + > + ep_state = &xhci->devs[slot_id]->eps[ep_index].ep_state; > + > if (*ep_state & (EP_GETTING_STREAMS | EP_GETTING_NO_STREAMS)) { > xhci_warn(xhci, "WARN: Can't enqueue URB, ep in streams transition state %x\n", > *ep_state); Hi, this patch is causing my laptop (Dell Precision 7530) to crash during early boot with a kernel 6.7.6 with all the patches from your current stable-queue applied on top (https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tre…). Booting with "module_blacklist=xhci_pci,xhci_pci_renesas" stops the crashes. This patch was already thrown out a few weeks ago because it was causing problems: https://lore.kernel.org/stable/2024020331-confetti-ducking-8afb@gregkh/ Regards Pascal

1 year, 6 months

2
1
0 0

Please apply 56778b49c9a2cbc32c6b0fbd3ba1a9d64192d3af to linux-6.7.y

by Nathan Chancellor

Hi Greg and Sasha, Please apply commit 56778b49c9a2 ("kunit: Add a macro to wrap a deferred action function") to the 6.7 branch, as there are reported kCFI failures that are resolved by that change: https://github.com/ClangBuiltLinux/linux/issues/1998 It applies cleanly for me. We may want this in earlier branches as well but there are some conflicts that I did not have too much time to look at, we can always wait for other reports to come in before going further back as well. Cheers, Nathan

1 year, 6 months

2
1
0 0

[PATCH] PCI/DPC: Request DPC only if also requesting AER

by Bjorn Helgaas

From: Bjorn Helgaas <bhelgaas(a)google.com> When booting with "pci=noaer", we don't request control of AER, but we previously *did* request control of DPC, as in the dmesg log attached at the bugzilla below: Command line: ... pci=noaer acpi PNP0A08:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI EDR HPX-Type3] acpi PNP0A08:00: _OSC: OS now controls [PCIeHotplug SHPCHotplug PME PCIeCapability LTR DPC] That's illegal per PCI Firmware Spec, r3.3, sec 4.5.1, table 4-5, which says: If the operating system sets this bit [OSC_PCI_EXPRESS_DPC_CONTROL], it must also set bit 7 of the Support field (indicating support for Error Disconnect Recover notifications) and bits 3 and 4 of the Control field (requesting control of PCI Express Advanced Error Reporting and the PCI Express Capability Structure). Request DPC control only if we have also requested AER control. Fixes: ac1c8e35a326 ("PCI/DPC: Add Error Disconnect Recover (EDR) support") Link: https://bugzilla.kernel.org/show_bug.cgi?id=218491#c12 Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com> Cc: <stable(a)vger.kernel.org> # v5.7+ Cc: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy(a)linux.intel.com> Cc: Matthew W Carlis <mattc(a)purestorage.com> Cc: Keith Busch <kbusch(a)kernel.org> Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Mika Westerberg <mika.westerberg(a)linux.intel.com> Cc: Jesse Brandeburg <jesse.brandeburg(a)intel.com> --- drivers/acpi/pci_root.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/drivers/acpi/pci_root.c b/drivers/acpi/pci_root.c index 58b89b8d950e..1c16965427b3 100644 --- a/drivers/acpi/pci_root.c +++ b/drivers/acpi/pci_root.c @@ -518,17 +518,19 @@ static u32 calculate_control(void) if (IS_ENABLED(CONFIG_HOTPLUG_PCI_SHPC)) control |= OSC_PCI_SHPC_NATIVE_HP_CONTROL; - if (pci_aer_available()) + if (pci_aer_available()) { control |= OSC_PCI_EXPRESS_AER_CONTROL; - /* - * Per the Downstream Port Containment Related Enhancements ECN to - * the PCI Firmware Spec, r3.2, sec 4.5.1, table 4-5, - * OSC_PCI_EXPRESS_DPC_CONTROL indicates the OS supports both DPC - * and EDR. - */ - if (IS_ENABLED(CONFIG_PCIE_DPC) && IS_ENABLED(CONFIG_PCIE_EDR)) - control |= OSC_PCI_EXPRESS_DPC_CONTROL; + /* + * Per PCI Firmware Spec, r3.3, sec 4.5.1, table 4-5, the + * OS can request DPC control only if it has advertised + * OSC_PCI_EDR_SUPPORT and requested both + * OSC_PCI_EXPRESS_CAPABILITY_CONTROL and + * OSC_PCI_EXPRESS_AER_CONTROL. + */ + if (IS_ENABLED(CONFIG_PCIE_DPC) && IS_ENABLED(CONFIG_PCIE_EDR)) + control |= OSC_PCI_EXPRESS_DPC_CONTROL; + } return control; } -- 2.34.1

1 year, 6 months

2
3
0 0

[PATCH] linux-4.19/rcu-tasks: Eliminate deadlocks involving do_exit() and RCU tasks

by Zqiang

From: Paul E. McKenney <paulmck(a)kernel.org> commit bc31e6cb27a9334140ff2f0a209d59b08bc0bc8c upstream. Holding a mutex across synchronize_rcu_tasks() and acquiring that same mutex in code called from do_exit() after its call to exit_tasks_rcu_start() but before its call to exit_tasks_rcu_stop() results in deadlock. This is by design, because tasks that are far enough into do_exit() are no longer present on the tasks list, making it a bit difficult for RCU Tasks to find them, let alone wait on them to do a voluntary context switch. However, such deadlocks are becoming more frequent. In addition, lockdep currently does not detect such deadlocks and they can be difficult to reproduce. In addition, if a task voluntarily context switches during that time (for example, if it blocks acquiring a mutex), then this task is in an RCU Tasks quiescent state. And with some adjustments, RCU Tasks could just as well take advantage of that fact. This commit therefore eliminates these deadlock by replacing the SRCU-based wait for do_exit() completion with per-CPU lists of tasks currently exiting. A given task will be on one of these per-CPU lists for the same period of time that this task would previously have been in the previous SRCU read-side critical section. These lists enable RCU Tasks to find the tasks that have already been removed from the tasks list, but that must nevertheless be waited upon. The RCU Tasks grace period gathers any of these do_exit() tasks that it must wait on, and adds them to the list of holdouts. Per-CPU locking and get_task_struct() are used to synchronize addition to and removal from these lists. Link: https://lore.kernel.org/all/20240118021842.290665-1-chenzhongjin@huawei.com/ Reported-by: Chen Zhongjin <chenzhongjin(a)huawei.com> Signed-off-by: Paul E. McKenney <paulmck(a)kernel.org> Signed-off-by: Zqiang <qiang.zhang1211(a)gmail.com> --- include/linux/sched.h | 1 + init/init_task.c | 1 + kernel/fork.c | 1 + kernel/rcu/update.c | 65 ++++++++++++++++++++++++++++++------------- 4 files changed, 49 insertions(+), 19 deletions(-) diff --git a/include/linux/sched.h b/include/linux/sched.h index fd4899236037..0b555d8e9d5e 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -679,6 +679,7 @@ struct task_struct { u8 rcu_tasks_idx; int rcu_tasks_idle_cpu; struct list_head rcu_tasks_holdout_list; + struct list_head rcu_tasks_exit_list; #endif /* #ifdef CONFIG_TASKS_RCU */ struct sched_info sched_info; diff --git a/init/init_task.c b/init/init_task.c index 994ffe018120..f741cbfd891c 100644 --- a/init/init_task.c +++ b/init/init_task.c @@ -139,6 +139,7 @@ struct task_struct init_task .rcu_tasks_holdout = false, .rcu_tasks_holdout_list = LIST_HEAD_INIT(init_task.rcu_tasks_holdout_list), .rcu_tasks_idle_cpu = -1, + .rcu_tasks_exit_list = LIST_HEAD_INIT(init_task.rcu_tasks_exit_list), #endif #ifdef CONFIG_CPUSETS .mems_allowed_seq = SEQCNT_ZERO(init_task.mems_allowed_seq), diff --git a/kernel/fork.c b/kernel/fork.c index b65871600507..d416d16df62f 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -1626,6 +1626,7 @@ static inline void rcu_copy_process(struct task_struct *p) p->rcu_tasks_holdout = false; INIT_LIST_HEAD(&p->rcu_tasks_holdout_list); p->rcu_tasks_idle_cpu = -1; + INIT_LIST_HEAD(&p->rcu_tasks_exit_list); #endif /* #ifdef CONFIG_TASKS_RCU */ } diff --git a/kernel/rcu/update.c b/kernel/rcu/update.c index 81688a133552..5227cb5c1bea 100644 --- a/kernel/rcu/update.c +++ b/kernel/rcu/update.c @@ -527,7 +527,8 @@ static DECLARE_WAIT_QUEUE_HEAD(rcu_tasks_cbs_wq); static DEFINE_RAW_SPINLOCK(rcu_tasks_cbs_lock); /* Track exiting tasks in order to allow them to be waited for. */ -DEFINE_STATIC_SRCU(tasks_rcu_exit_srcu); +static LIST_HEAD(rtp_exit_list); +static DEFINE_RAW_SPINLOCK(rtp_exit_list_lock); /* Control stall timeouts. Disable with <= 0, otherwise jiffies till stall. */ #define RCU_TASK_STALL_TIMEOUT (HZ * 60 * 10) @@ -661,6 +662,17 @@ static void check_holdout_task(struct task_struct *t, sched_show_task(t); } +static void rcu_tasks_pertask(struct task_struct *t, struct list_head *hop) +{ + if (t != current && READ_ONCE(t->on_rq) && + !is_idle_task(t)) { + get_task_struct(t); + t->rcu_tasks_nvcsw = READ_ONCE(t->nvcsw); + WRITE_ONCE(t->rcu_tasks_holdout, true); + list_add(&t->rcu_tasks_holdout_list, hop); + } +} + /* RCU-tasks kthread that detects grace periods and invokes callbacks. */ static int __noreturn rcu_tasks_kthread(void *arg) { @@ -726,14 +738,7 @@ static int __noreturn rcu_tasks_kthread(void *arg) */ rcu_read_lock(); for_each_process_thread(g, t) { - if (t != current && READ_ONCE(t->on_rq) && - !is_idle_task(t)) { - get_task_struct(t); - t->rcu_tasks_nvcsw = READ_ONCE(t->nvcsw); - WRITE_ONCE(t->rcu_tasks_holdout, true); - list_add(&t->rcu_tasks_holdout_list, - &rcu_tasks_holdouts); - } + rcu_tasks_pertask(t, &rcu_tasks_holdouts); } rcu_read_unlock(); @@ -744,8 +749,12 @@ static int __noreturn rcu_tasks_kthread(void *arg) * where they have disabled preemption, allowing the * later synchronize_sched() to finish the job. */ - synchronize_srcu(&tasks_rcu_exit_srcu); - + raw_spin_lock_irqsave(&rtp_exit_list_lock, flags); + list_for_each_entry(t, &rtp_exit_list, rcu_tasks_exit_list) { + if (list_empty(&t->rcu_tasks_holdout_list)) + rcu_tasks_pertask(t, &rcu_tasks_holdouts); + } + raw_spin_unlock_irqrestore(&rtp_exit_list_lock, flags); /* * Each pass through the following loop scans the list * of holdout tasks, removing any that are no longer @@ -802,8 +811,7 @@ static int __noreturn rcu_tasks_kthread(void *arg) * * In addition, this synchronize_sched() waits for exiting * tasks to complete their final preempt_disable() region - * of execution, cleaning up after the synchronize_srcu() - * above. + * of execution. */ synchronize_sched(); @@ -834,20 +842,39 @@ static int __init rcu_spawn_tasks_kthread(void) } core_initcall(rcu_spawn_tasks_kthread); -/* Do the srcu_read_lock() for the above synchronize_srcu(). */ +/* + * Protect against tasklist scan blind spot while the task is exiting and + * may be removed from the tasklist. Do this by adding the task to yet + * another list. + */ void exit_tasks_rcu_start(void) { + unsigned long flags; + struct task_struct *t = current; + + WARN_ON_ONCE(!list_empty(&t->rcu_tasks_exit_list)); + get_task_struct(t); preempt_disable(); - current->rcu_tasks_idx = __srcu_read_lock(&tasks_rcu_exit_srcu); + raw_spin_lock_irqsave(&rtp_exit_list_lock, flags); + list_add(&t->rcu_tasks_exit_list, &rtp_exit_list); + raw_spin_unlock_irqrestore(&rtp_exit_list_lock, flags); preempt_enable(); } -/* Do the srcu_read_unlock() for the above synchronize_srcu(). */ +/* + * Remove the task from the "yet another list" because do_exit() is now + * non-preemptible, allowing synchronize_rcu() to wait beyond this point. + */ void exit_tasks_rcu_finish(void) { - preempt_disable(); - __srcu_read_unlock(&tasks_rcu_exit_srcu, current->rcu_tasks_idx); - preempt_enable(); + unsigned long flags; + struct task_struct *t = current; + + WARN_ON_ONCE(list_empty(&t->rcu_tasks_exit_list)); + raw_spin_lock_irqsave(&rtp_exit_list_lock, flags); + list_del_init(&t->rcu_tasks_exit_list); + raw_spin_unlock_irqrestore(&rtp_exit_list_lock, flags); + put_task_struct(t); } #endif /* #ifdef CONFIG_TASKS_RCU */ -- 2.17.1

1 year, 6 months

4
6
0 0

FAILED: patch "[PATCH] x86/fpu: Stop relying on userspace for info to fault in xsave" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x d877550eaf2dc9090d782864c96939397a3c6835 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021941-reprimand-grudge-7734@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: d877550eaf2d ("x86/fpu: Stop relying on userspace for info to fault in xsave buffer") c03098d4b9ad ("Merge tag 'gfs2-v5.15-rc5-mmap-fault' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d877550eaf2dc9090d782864c96939397a3c6835 Mon Sep 17 00:00:00 2001 From: Andrei Vagin <avagin(a)google.com> Date: Mon, 29 Jan 2024 22:36:03 -0800 Subject: [PATCH] x86/fpu: Stop relying on userspace for info to fault in xsave buffer Before this change, the expected size of the user space buffer was taken from fx_sw->xstate_size. fx_sw->xstate_size can be changed from user-space, so it is possible construct a sigreturn frame where: * fx_sw->xstate_size is smaller than the size required by valid bits in fx_sw->xfeatures. * user-space unmaps parts of the sigrame fpu buffer so that not all of the buffer required by xrstor is accessible. In this case, xrstor tries to restore and accesses the unmapped area which results in a fault. But fault_in_readable succeeds because buf + fx_sw->xstate_size is within the still mapped area, so it goes back and tries xrstor again. It will spin in this loop forever. Instead, fault in the maximum size which can be touched by XRSTOR (taken from fpstate->user_size). [ dhansen: tweak subject / changelog ] Fixes: fcb3635f5018 ("x86/fpu/signal: Handle #PF in the direct restore path") Reported-by: Konstantin Bogomolov <bogomolov(a)google.com> Suggested-by: Thomas Gleixner <tglx(a)linutronix.de> Signed-off-by: Andrei Vagin <avagin(a)google.com> Signed-off-by: Dave Hansen <dave.hansen(a)linux.intel.com> Cc:stable@vger.kernel.org Link: https://lore.kernel.org/all/20240130063603.3392627-1-avagin%40google.com diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c index 558076dbde5b..247f2225aa9f 100644 --- a/arch/x86/kernel/fpu/signal.c +++ b/arch/x86/kernel/fpu/signal.c @@ -274,12 +274,13 @@ static int __restore_fpregs_from_user(void __user *buf, u64 ufeatures, * Attempt to restore the FPU registers directly from user memory. * Pagefaults are handled and any errors returned are fatal. */ -static bool restore_fpregs_from_user(void __user *buf, u64 xrestore, - bool fx_only, unsigned int size) +static bool restore_fpregs_from_user(void __user *buf, u64 xrestore, bool fx_only) { struct fpu *fpu = &current->thread.fpu; int ret; + /* Restore enabled features only. */ + xrestore &= fpu->fpstate->user_xfeatures; retry: fpregs_lock(); /* Ensure that XFD is up to date */ @@ -309,7 +310,7 @@ static bool restore_fpregs_from_user(void __user *buf, u64 xrestore, if (ret != X86_TRAP_PF) return false; - if (!fault_in_readable(buf, size)) + if (!fault_in_readable(buf, fpu->fpstate->user_size)) goto retry; return false; } @@ -339,7 +340,6 @@ static bool __fpu_restore_sig(void __user *buf, void __user *buf_fx, struct user_i387_ia32_struct env; bool success, fx_only = false; union fpregs_state *fpregs; - unsigned int state_size; u64 user_xfeatures = 0; if (use_xsave()) { @@ -349,17 +349,14 @@ static bool __fpu_restore_sig(void __user *buf, void __user *buf_fx, return false; fx_only = !fx_sw_user.magic1; - state_size = fx_sw_user.xstate_size; user_xfeatures = fx_sw_user.xfeatures; } else { user_xfeatures = XFEATURE_MASK_FPSSE; - state_size = fpu->fpstate->user_size; } if (likely(!ia32_fxstate)) { /* Restore the FPU registers directly from user memory. */ - return restore_fpregs_from_user(buf_fx, user_xfeatures, fx_only, - state_size); + return restore_fpregs_from_user(buf_fx, user_xfeatures, fx_only); } /*

1 year, 6 months

3
3
0 0

[PATCH v2] iio: imu: inv_mpu6050: fix frequency setting when chip is off

by inv.git-commit＠tdk.com

From: Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com> Track correctly FIFO state and apply ODR change before starting the chip. Without the fix, you cannot change ODR more than 1 time when data buffering is off. Fixes: 111e1abd0045 ("iio: imu: inv_mpu6050: use the common inv_sensors timestamp module") Cc: stable(a)vger.kernel.org Signed-off-by: Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com> --- V2: add missing stable tag drivers/iio/imu/inv_mpu6050/inv_mpu_trigger.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/iio/imu/inv_mpu6050/inv_mpu_trigger.c b/drivers/iio/imu/inv_mpu6050/inv_mpu_trigger.c index 676704f9151f..e6e6e94452a3 100644 --- a/drivers/iio/imu/inv_mpu6050/inv_mpu_trigger.c +++ b/drivers/iio/imu/inv_mpu6050/inv_mpu_trigger.c @@ -111,6 +111,7 @@ int inv_mpu6050_prepare_fifo(struct inv_mpu6050_state *st, bool enable) if (enable) { /* reset timestamping */ inv_sensors_timestamp_reset(&st->timestamp); + inv_sensors_timestamp_apply_odr(&st->timestamp, 0, 0, 0); /* reset FIFO */ d = st->chip_config.user_ctrl | INV_MPU6050_BIT_FIFO_RST; ret = regmap_write(st->map, st->reg->user_ctrl, d); @@ -184,6 +185,10 @@ static int inv_mpu6050_set_enable(struct iio_dev *indio_dev, bool enable) if (result) goto error_power_off; } else { + st->chip_config.gyro_fifo_enable = 0; + st->chip_config.accl_fifo_enable = 0; + st->chip_config.temp_fifo_enable = 0; + st->chip_config.magn_fifo_enable = 0; result = inv_mpu6050_prepare_fifo(st, false); if (result) goto error_power_off; -- 2.34.1

1 year, 6 months

3
3
0 0

FAILED: patch "[PATCH] erofs: fix lz4 inplace decompression" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 3c12466b6b7bf1e56f9b32c366a3d83d87afb4de # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024012650-altitude-gush-572f@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: 3c12466b6b7b ("erofs: fix lz4 inplace decompression") 123ec246ebe3 ("erofs: get rid of the remaining kmap_atomic()") ab749badf9f4 ("erofs: support unaligned data decompression") 10e5f6e482e1 ("erofs: introduce z_erofs_fixup_insize") d67aee76d418 ("erofs: tidy up z_erofs_lz4_decompress") 7e508f2ca8bb ("erofs: rename lz4_0pading to zero_padding") eaa9172ad988 ("erofs: get rid of ->lru usage") 622ceaddb764 ("erofs: lzma compression support") 966edfb0a3dc ("erofs: rename some generic methods in decompressor") 386292919c25 ("erofs: introduce readmore decompression strategy") 8f89926290c4 ("erofs: get compression algorithms directly on mapping") dfeab2e95a75 ("erofs: add multiple device support") e62424651f43 ("erofs: decouple basic mount options from fs_context") 5b6e7e120e71 ("erofs: remove the fast path of per-CPU buffer decompression") 2e5fd489a4e5 ("Merge tag 'libnvdimm-for-5.15' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 3c12466b6b7bf1e56f9b32c366a3d83d87afb4de Mon Sep 17 00:00:00 2001 From: Gao Xiang <xiang(a)kernel.org> Date: Wed, 6 Dec 2023 12:55:34 +0800 Subject: [PATCH] erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I/O. However, like most simple LZ77 algorithms, LZ4 expects the compressed data is arranged at the end of the decompressed buffer and it explicitly uses memmove() to handle overlapping: __________________________________________________________ |_ direction of decompression --> ____ |_ compressed data _| Although EROFS arranges compressed data like this, it typically maps two individual virtual buffers so the relative order is uncertain. Previously, it was hardly observed since LZ4 only uses memmove() for short overlapped literals and x86/arm64 memmove implementations seem to completely cover it up and they don't have this issue. Juhyung reported that EROFS data corruption can be found on a new Intel x86 processor. After some analysis, it seems that recent x86 processors with the new FSRM feature expose this issue with "rep movsb". Let's strictly use the decompressed buffer for lz4 inplace decompression for now. Later, as an useful improvement, we could try to tie up these two buffers together in the correct order. Reported-and-tested-by: Juhyung Park <qkrwngud825(a)gmail.com> Closes: https://lore.kernel.org/r/CAD14+f2AVKf8Fa2OO1aAUdDNTDsVzzR6ctU_oJSmTyd6zSYR… Fixes: 0ffd71bcc3a0 ("staging: erofs: introduce LZ4 decompression inplace") Fixes: 598162d05080 ("erofs: support decompress big pcluster for lz4 backend") Cc: stable <stable(a)vger.kernel.org> # 5.4+ Tested-by: Yifan Zhao <zhaoyifan(a)sjtu.edu.cn> Signed-off-by: Gao Xiang <hsiangkao(a)linux.alibaba.com> Link: https://lore.kernel.org/r/20231206045534.3920847-1-hsiangkao@linux.alibaba.… diff --git a/fs/erofs/decompressor.c b/fs/erofs/decompressor.c index 021be5feb1bc..e0d609c3958f 100644 --- a/fs/erofs/decompressor.c +++ b/fs/erofs/decompressor.c @@ -121,11 +121,11 @@ static int z_erofs_lz4_prepare_dstpages(struct z_erofs_lz4_decompress_ctx *ctx, } static void *z_erofs_lz4_handle_overlap(struct z_erofs_lz4_decompress_ctx *ctx, - void *inpage, unsigned int *inputmargin, int *maptype, - bool may_inplace) + void *inpage, void *out, unsigned int *inputmargin, + int *maptype, bool may_inplace) { struct z_erofs_decompress_req *rq = ctx->rq; - unsigned int omargin, total, i, j; + unsigned int omargin, total, i; struct page **in; void *src, *tmp; @@ -135,12 +135,13 @@ static void *z_erofs_lz4_handle_overlap(struct z_erofs_lz4_decompress_ctx *ctx, omargin < LZ4_DECOMPRESS_INPLACE_MARGIN(rq->inputsize)) goto docopy; - for (i = 0; i < ctx->inpages; ++i) { - DBG_BUGON(rq->in[i] == NULL); - for (j = 0; j < ctx->outpages - ctx->inpages + i; ++j) - if (rq->out[j] == rq->in[i]) - goto docopy; - } + for (i = 0; i < ctx->inpages; ++i) + if (rq->out[ctx->outpages - ctx->inpages + i] != + rq->in[i]) + goto docopy; + kunmap_local(inpage); + *maptype = 3; + return out + ((ctx->outpages - ctx->inpages) << PAGE_SHIFT); } if (ctx->inpages <= 1) { @@ -148,7 +149,6 @@ static void *z_erofs_lz4_handle_overlap(struct z_erofs_lz4_decompress_ctx *ctx, return inpage; } kunmap_local(inpage); - might_sleep(); src = erofs_vm_map_ram(rq->in, ctx->inpages); if (!src) return ERR_PTR(-ENOMEM); @@ -204,12 +204,12 @@ int z_erofs_fixup_insize(struct z_erofs_decompress_req *rq, const char *padbuf, } static int z_erofs_lz4_decompress_mem(struct z_erofs_lz4_decompress_ctx *ctx, - u8 *out) + u8 *dst) { struct z_erofs_decompress_req *rq = ctx->rq; bool support_0padding = false, may_inplace = false; unsigned int inputmargin; - u8 *headpage, *src; + u8 *out, *headpage, *src; int ret, maptype; DBG_BUGON(*rq->in == NULL); @@ -230,11 +230,12 @@ static int z_erofs_lz4_decompress_mem(struct z_erofs_lz4_decompress_ctx *ctx, } inputmargin = rq->pageofs_in; - src = z_erofs_lz4_handle_overlap(ctx, headpage, &inputmargin, + src = z_erofs_lz4_handle_overlap(ctx, headpage, dst, &inputmargin, &maptype, may_inplace); if (IS_ERR(src)) return PTR_ERR(src); + out = dst + rq->pageofs_out; /* legacy format could compress extra data in a pcluster. */ if (rq->partial_decoding || !support_0padding) ret = LZ4_decompress_safe_partial(src + inputmargin, out, @@ -265,7 +266,7 @@ static int z_erofs_lz4_decompress_mem(struct z_erofs_lz4_decompress_ctx *ctx, vm_unmap_ram(src, ctx->inpages); } else if (maptype == 2) { erofs_put_pcpubuf(src); - } else { + } else if (maptype != 3) { DBG_BUGON(1); return -EFAULT; } @@ -308,7 +309,7 @@ static int z_erofs_lz4_decompress(struct z_erofs_decompress_req *rq, } dstmap_out: - ret = z_erofs_lz4_decompress_mem(&ctx, dst + rq->pageofs_out); + ret = z_erofs_lz4_decompress_mem(&ctx, dst); if (!dst_maptype) kunmap_local(dst); else if (dst_maptype == 2)

1 year, 6 months

3
2
0 0

[PATCH v3] ALSA: hda/realtek: Add special fixup for Lenovo 14IRP8

by Willian Wang

Lenovo Slim/Yoga Pro 9 14IRP8 requires a special fixup because there is a collision of its PCI SSID (17aa:3802) with Lenovo Yoga DuetITL 2021 codec SSID. Fixes: 3babae915f4c ("ALSA: hda/tas2781: Add tas2781 HDA driver") Link: https://bugzilla.kernel.org/show_bug.cgi?id=208555 Link: https://lore.kernel.org/all/d5b42e483566a3815d229270abd668131a0d9f3a.camel@… Cc: stable(a)vger.kernel.org Signed-off-by: Willian Wang <git(a)willian.wang> --- sound/pci/hda/patch_realtek.c | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c index 0ec1312bffd5..f3b847f38153 100644 --- a/sound/pci/hda/patch_realtek.c +++ b/sound/pci/hda/patch_realtek.c @@ -7444,6 +7444,7 @@ enum { ALC287_FIXUP_LEGION_15IMHG05_AUTOMUTE, ALC287_FIXUP_YOGA7_14ITL_SPEAKERS, ALC298_FIXUP_LENOVO_C940_DUET7, + ALC287_FIXUP_LENOVO_14IRP8_DUETITL, ALC287_FIXUP_13S_GEN2_SPEAKERS, ALC256_FIXUP_SET_COEF_DEFAULTS, ALC256_FIXUP_SYSTEM76_MIC_NO_PRESENCE, @@ -7495,6 +7496,26 @@ static void alc298_fixup_lenovo_c940_duet7(struct hda_codec *codec, __snd_hda_apply_fixup(codec, id, action, 0); } +/* A special fixup for Lenovo Slim/Yoga Pro 9 14IRP8 and Yoga DuetITL 2021; + * 14IRP8 PCI SSID will mistakenly be matched with the DuetITL codec SSID, + * so we need to apply a different fixup in this case. The only DuetITL codec + * SSID reported so far is the 17aa:3802 while the 14IRP8 has the 17aa:38be + * and 17aa:38bf. If it weren't for the PCI SSID, the 14IRP8 models would + * have matched correctly by their codecs. + */ +static void alc287_fixup_lenovo_14irp8_duetitl(struct hda_codec *codec, + const struct hda_fixup *fix, + int action) +{ + int id; + + if (codec->core.subsystem_id == 0x17aa3802) + id = ALC287_FIXUP_YOGA7_14ITL_SPEAKERS; /* DuetITL */ + else + id = ALC287_FIXUP_TAS2781_I2C; /* 14IRP8 */ + __snd_hda_apply_fixup(codec, id, action, 0); +} + static const struct hda_fixup alc269_fixups[] = { [ALC269_FIXUP_GPIO2] = { .type = HDA_FIXUP_FUNC, @@ -9379,6 +9400,10 @@ static const struct hda_fixup alc269_fixups[] = { .type = HDA_FIXUP_FUNC, .v.func = alc298_fixup_lenovo_c940_duet7, }, + [ALC287_FIXUP_LENOVO_14IRP8_DUETITL] = { + .type = HDA_FIXUP_FUNC, + .v.func = alc287_fixup_lenovo_14irp8_duetitl, + }, [ALC287_FIXUP_13S_GEN2_SPEAKERS] = { .type = HDA_FIXUP_VERBS, .v.verbs = (const struct hda_verb[]) { @@ -10247,7 +10272,7 @@ static const struct snd_pci_quirk alc269_fixup_tbl[] = { SND_PCI_QUIRK(0x17aa, 0x31af, "ThinkCentre Station", ALC623_FIXUP_LENOVO_THINKSTATION_P340), SND_PCI_QUIRK(0x17aa, 0x334b, "Lenovo ThinkCentre M70 Gen5", ALC283_FIXUP_HEADSET_MIC), SND_PCI_QUIRK(0x17aa, 0x3801, "Lenovo Yoga9 14IAP7", ALC287_FIXUP_YOGA9_14IAP7_BASS_SPK_PIN), - SND_PCI_QUIRK(0x17aa, 0x3802, "Lenovo Yoga DuetITL 2021", ALC287_FIXUP_YOGA7_14ITL_SPEAKERS), + SND_PCI_QUIRK(0x17aa, 0x3802, "Lenovo Yoga Pro 9 14IRP8 / DuetITL 2021", ALC287_FIXUP_LENOVO_14IRP8_DUETITL), SND_PCI_QUIRK(0x17aa, 0x3813, "Legion 7i 15IMHG05", ALC287_FIXUP_LEGION_15IMHG05_SPEAKERS), SND_PCI_QUIRK(0x17aa, 0x3818, "Lenovo C940 / Yoga Duet 7", ALC298_FIXUP_LENOVO_C940_DUET7), SND_PCI_QUIRK(0x17aa, 0x3819, "Lenovo 13s Gen2 ITL", ALC287_FIXUP_13S_GEN2_SPEAKERS), -- 2.43.2

1 year, 6 months

3
2
0 0

[PATCH v2] iio: imu: inv_mpu6050: fix FIFO parsing when empty

by inv.git-commit＠tdk.com

From: Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com> Now that we are reading the full FIFO in the interrupt handler, it is possible to have an emply FIFO since we are still receiving 1 interrupt per data. Handle correctly this case instead of having an error causing a reset of the FIFO. Fixes: 0829edc43e0a ("iio: imu: inv_mpu6050: read the full fifo when processing data") Cc: stable(a)vger.kernel.org Signed-off-by: Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com> --- V2: add missing stable tag drivers/iio/imu/inv_mpu6050/inv_mpu_ring.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/iio/imu/inv_mpu6050/inv_mpu_ring.c b/drivers/iio/imu/inv_mpu6050/inv_mpu_ring.c index 66d4ba088e70..d4f9b5d8d28d 100644 --- a/drivers/iio/imu/inv_mpu6050/inv_mpu_ring.c +++ b/drivers/iio/imu/inv_mpu6050/inv_mpu_ring.c @@ -109,6 +109,8 @@ irqreturn_t inv_mpu6050_read_fifo(int irq, void *p) /* compute and process only all complete datum */ nb = fifo_count / bytes_per_datum; fifo_count = nb * bytes_per_datum; + if (nb == 0) + goto end_session; /* Each FIFO data contains all sensors, so same number for FIFO and sensor data */ fifo_period = NSEC_PER_SEC / INV_MPU6050_DIVIDER_TO_FIFO_RATE(st->chip_config.divider); inv_sensors_timestamp_interrupt(&st->timestamp, fifo_period, nb, nb, pf->timestamp); -- 2.34.1

1 year, 6 months

2
1
0 0

[PATCH v2] ALSA: hda/realtek: Add special fixup for Lenovo 14IRP8

by Willian Wang

Lenovo Slim/Yoga Pro 9 14IRP8 requires a special fixup because there is a collision of its PCI SSID (17aa:3802) with Lenovo Yoga DuetITL 2021 codec SSID. Cc: stable(a)vger.kernel.org Link: https://bugzilla.kernel.org/show_bug.cgi?id=208555 Link: https://lore.kernel.org/all/d5b42e483566a3815d229270abd668131a0d9f3a.camel@… Signed-off-by: Willian Wang <git(a)willian.wang> --- sound/pci/hda/patch_realtek.c | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c index 0ec1312bffd5..3f2541b61e8c 100644 --- a/sound/pci/hda/patch_realtek.c +++ b/sound/pci/hda/patch_realtek.c @@ -7444,6 +7444,7 @@ enum { ALC287_FIXUP_LEGION_15IMHG05_AUTOMUTE, ALC287_FIXUP_YOGA7_14ITL_SPEAKERS, ALC298_FIXUP_LENOVO_C940_DUET7, + ALC287_FIXUP_LENOVO_14IRP8_DUETITL, ALC287_FIXUP_13S_GEN2_SPEAKERS, ALC256_FIXUP_SET_COEF_DEFAULTS, ALC256_FIXUP_SYSTEM76_MIC_NO_PRESENCE, @@ -7495,6 +7496,26 @@ static void alc298_fixup_lenovo_c940_duet7(struct hda_codec *codec, __snd_hda_apply_fixup(codec, id, action, 0); } +/* A special fixup for Lenovo Slim/Yoga Pro 9 14IRP8 and Yoga DuetITL 2021; + * 14IRP8 PCI SSID will mistakenly be matched with the DuetITL codec SSID, + * so we need to apply different fixup on this case. The only DuetITL codec + * SSID reported so far is the 17aa:3802, while the 14IRP8 has the 17aa:38be + * and 17aa:38bf. If it weren't for the PCI SSID, the 14IRP8 models would + * have matched correctly. + */ +static void alc287_fixup_lenovo_14irp8_duetitl(struct hda_codec *codec, + const struct hda_fixup *fix, + int action) +{ + int id; + + if (codec->core.subsystem_id == 0x17aa3802) + id = ALC287_FIXUP_YOGA7_14ITL_SPEAKERS; /* DuetITL */ + else + id = ALC287_FIXUP_TAS2781_I2C; /* 14IRP8 */ + __snd_hda_apply_fixup(codec, id, action, 0); +} + static const struct hda_fixup alc269_fixups[] = { [ALC269_FIXUP_GPIO2] = { .type = HDA_FIXUP_FUNC, @@ -9379,6 +9400,10 @@ static const struct hda_fixup alc269_fixups[] = { .type = HDA_FIXUP_FUNC, .v.func = alc298_fixup_lenovo_c940_duet7, }, + [ALC287_FIXUP_LENOVO_14IRP8_DUETITL] = { + .type = HDA_FIXUP_FUNC, + .v.func = alc287_fixup_lenovo_14irp8_duetitl, + }, [ALC287_FIXUP_13S_GEN2_SPEAKERS] = { .type = HDA_FIXUP_VERBS, .v.verbs = (const struct hda_verb[]) { @@ -10247,7 +10272,7 @@ static const struct snd_pci_quirk alc269_fixup_tbl[] = { SND_PCI_QUIRK(0x17aa, 0x31af, "ThinkCentre Station", ALC623_FIXUP_LENOVO_THINKSTATION_P340), SND_PCI_QUIRK(0x17aa, 0x334b, "Lenovo ThinkCentre M70 Gen5", ALC283_FIXUP_HEADSET_MIC), SND_PCI_QUIRK(0x17aa, 0x3801, "Lenovo Yoga9 14IAP7", ALC287_FIXUP_YOGA9_14IAP7_BASS_SPK_PIN), - SND_PCI_QUIRK(0x17aa, 0x3802, "Lenovo Yoga DuetITL 2021", ALC287_FIXUP_YOGA7_14ITL_SPEAKERS), + SND_PCI_QUIRK(0x17aa, 0x3802, "Lenovo Yoga Pro 9 14IRP8 / DuetITL 2021", ALC287_FIXUP_LENOVO_14IRP8_DUETITL), SND_PCI_QUIRK(0x17aa, 0x3813, "Legion 7i 15IMHG05", ALC287_FIXUP_LEGION_15IMHG05_SPEAKERS), SND_PCI_QUIRK(0x17aa, 0x3818, "Lenovo C940 / Yoga Duet 7", ALC298_FIXUP_LENOVO_C940_DUET7), SND_PCI_QUIRK(0x17aa, 0x3819, "Lenovo 13s Gen2 ITL", ALC287_FIXUP_13S_GEN2_SPEAKERS), -- 2.43.2

1 year, 6 months

1
0
0 0

[PATCH] ALSA: hda/realtek: Add special fixup for Lenovo 14IRP8

by Willian Wang

Lenovo Slim/Yoga Pro 9 14IRP8 requires a special fixup because there is a collision of its PCI SSID (17aa:3802) with Lenovo Yoga DuetITL 2021 codec SSID. Fixes: 3babae915f4c ("ALSA: hda/tas2781: Add tas2781 HDA driver") Link: https://bugzilla.kernel.org/show_bug.cgi?id=208555 Link: https://lore.kernel.org/all/d5b42e483566a3815d229270abd668131a0d9f3a.camel@… Cc: stable(a)vger.kernel.org Signed-off-by: Willian Wang <git(a)willian.wang> --- sound/pci/hda/patch_realtek.c | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c index 0ec1312bffd5..f3b847f38153 100644 --- a/sound/pci/hda/patch_realtek.c +++ b/sound/pci/hda/patch_realtek.c @@ -7444,6 +7444,7 @@ enum { ALC287_FIXUP_LEGION_15IMHG05_AUTOMUTE, ALC287_FIXUP_YOGA7_14ITL_SPEAKERS, ALC298_FIXUP_LENOVO_C940_DUET7, + ALC287_FIXUP_LENOVO_14IRP8_DUETITL, ALC287_FIXUP_13S_GEN2_SPEAKERS, ALC256_FIXUP_SET_COEF_DEFAULTS, ALC256_FIXUP_SYSTEM76_MIC_NO_PRESENCE, @@ -7495,6 +7496,26 @@ static void alc298_fixup_lenovo_c940_duet7(struct hda_codec *codec, __snd_hda_apply_fixup(codec, id, action, 0); } +/* A special fixup for Lenovo Slim/Yoga Pro 9 14IRP8 and Yoga DuetITL 2021; + * 14IRP8 PCI SSID will mistakenly be matched with the DuetITL codec SSID, + * so we need to apply a different fixup in this case. The only DuetITL codec + * SSID reported so far is the 17aa:3802 while the 14IRP8 has the 17aa:38be + * and 17aa:38bf. If it weren't for the PCI SSID, the 14IRP8 models would + * have matched correctly by their codecs. + */ +static void alc287_fixup_lenovo_14irp8_duetitl(struct hda_codec *codec, + const struct hda_fixup *fix, + int action) +{ + int id; + + if (codec->core.subsystem_id == 0x17aa3802) + id = ALC287_FIXUP_YOGA7_14ITL_SPEAKERS; /* DuetITL */ + else + id = ALC287_FIXUP_TAS2781_I2C; /* 14IRP8 */ + __snd_hda_apply_fixup(codec, id, action, 0); +} + static const struct hda_fixup alc269_fixups[] = { [ALC269_FIXUP_GPIO2] = { .type = HDA_FIXUP_FUNC, @@ -9379,6 +9400,10 @@ static const struct hda_fixup alc269_fixups[] = { .type = HDA_FIXUP_FUNC, .v.func = alc298_fixup_lenovo_c940_duet7, }, + [ALC287_FIXUP_LENOVO_14IRP8_DUETITL] = { + .type = HDA_FIXUP_FUNC, + .v.func = alc287_fixup_lenovo_14irp8_duetitl, + }, [ALC287_FIXUP_13S_GEN2_SPEAKERS] = { .type = HDA_FIXUP_VERBS, .v.verbs = (const struct hda_verb[]) { @@ -10247,7 +10272,7 @@ static const struct snd_pci_quirk alc269_fixup_tbl[] = { SND_PCI_QUIRK(0x17aa, 0x31af, "ThinkCentre Station", ALC623_FIXUP_LENOVO_THINKSTATION_P340), SND_PCI_QUIRK(0x17aa, 0x334b, "Lenovo ThinkCentre M70 Gen5", ALC283_FIXUP_HEADSET_MIC), SND_PCI_QUIRK(0x17aa, 0x3801, "Lenovo Yoga9 14IAP7", ALC287_FIXUP_YOGA9_14IAP7_BASS_SPK_PIN), - SND_PCI_QUIRK(0x17aa, 0x3802, "Lenovo Yoga DuetITL 2021", ALC287_FIXUP_YOGA7_14ITL_SPEAKERS), + SND_PCI_QUIRK(0x17aa, 0x3802, "Lenovo Yoga Pro 9 14IRP8 / DuetITL 2021", ALC287_FIXUP_LENOVO_14IRP8_DUETITL), SND_PCI_QUIRK(0x17aa, 0x3813, "Legion 7i 15IMHG05", ALC287_FIXUP_LEGION_15IMHG05_SPEAKERS), SND_PCI_QUIRK(0x17aa, 0x3818, "Lenovo C940 / Yoga Duet 7", ALC298_FIXUP_LENOVO_C940_DUET7), SND_PCI_QUIRK(0x17aa, 0x3819, "Lenovo 13s Gen2 ITL", ALC287_FIXUP_13S_GEN2_SPEAKERS), -- 2.43.2

1 year, 6 months

1
0
0 0

[PATCH] cpufreq: Limit resolving a frequency to policy min/max

by Shivnandan Kumar

Resolving a frequency to an efficient one should not transgress policy->max (which can be set for thermal reason) and policy->min. Currently there is possibility where scaling_cur_freq can exceed scaling_max_freq when scaling_max_freq is inefficient frequency. Add additional check to ensure that resolving a frequency will respect policy->min/max. Fixes: 1f39fa0dccff ("cpufreq: Introducing CPUFREQ_RELATION_E") Signed-off-by: Shivnandan Kumar <quic_kshivnan(a)quicinc.com> --- include/linux/cpufreq.h | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/include/linux/cpufreq.h b/include/linux/cpufreq.h index afda5f24d3dd..42d98b576a36 100644 --- a/include/linux/cpufreq.h +++ b/include/linux/cpufreq.h @@ -1021,6 +1021,19 @@ static inline int cpufreq_table_find_index_c(struct cpufreq_policy *policy, efficiencies); } +static inline bool cpufreq_table_index_is_in_limits(struct cpufreq_policy *policy, + int idx) +{ + unsigned int freq; + + if (idx < 0) + return false; + + freq = policy->freq_table[idx].frequency; + + return (freq == clamp_val(freq, policy->min, policy->max)); +} + static inline int cpufreq_frequency_table_target(struct cpufreq_policy *policy, unsigned int target_freq, unsigned int relation) @@ -1054,7 +1067,10 @@ static inline int cpufreq_frequency_table_target(struct cpufreq_policy *policy, return 0; } - if (idx < 0 && efficiencies) { + /* + * Limit frequency index to honor policy->min/max + */ + if (!cpufreq_table_index_is_in_limits(policy, idx) && efficiencies) { efficiencies = false; goto retry; } -- 2.25.1

1 year, 6 months

3
3
0 0

[PATCH v2] cpufreq: Limit resolving a frequency to policy min/max

by Shivnandan Kumar

Resolving a frequency to an efficient one should not transgress policy->max (which can be set for thermal reason) and policy->min. Currently there is possibility where scaling_cur_freq can exceed scaling_max_freq when scaling_max_freq is inefficient frequency. Add additional check to ensure that resolving a frequency will respect policy->min/max. Cc: <stable(a)vger.kernel.org> Fixes: 1f39fa0dccff ("cpufreq: Introducing CPUFREQ_RELATION_E") Signed-off-by: Shivnandan Kumar <quic_kshivnan(a)quicinc.com> -- Changes in v2: -rename function name from cpufreq_table_index_is_in_limits to cpufreq_is_in_limits -remove redundant outer parenthesis in return statement -Make comment single line -- --- include/linux/cpufreq.h | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/include/linux/cpufreq.h b/include/linux/cpufreq.h index afda5f24d3dd..7741244dee6e 100644 --- a/include/linux/cpufreq.h +++ b/include/linux/cpufreq.h @@ -1021,6 +1021,19 @@ static inline int cpufreq_table_find_index_c(struct cpufreq_policy *policy, efficiencies); } +static inline bool cpufreq_is_in_limits(struct cpufreq_policy *policy, + int idx) +{ + unsigned int freq; + + if (idx < 0) + return false; + + freq = policy->freq_table[idx].frequency; + + return freq == clamp_val(freq, policy->min, policy->max); +} + static inline int cpufreq_frequency_table_target(struct cpufreq_policy *policy, unsigned int target_freq, unsigned int relation) @@ -1054,7 +1067,8 @@ static inline int cpufreq_frequency_table_target(struct cpufreq_policy *policy, return 0; } - if (idx < 0 && efficiencies) { + /* Limit frequency index to honor policy->min/max */ + if (!cpufreq_is_in_limits(policy, idx) && efficiencies) { efficiencies = false; goto retry; } -- 2.25.1

1 year, 6 months

1
0
0 0

[PATCH 1/1] slimbus: core: Remove usage of the deprecated ida_simple_xx() API

by srinivas.kandagatla＠linaro.org

From: Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> ida_alloc() and ida_free() should be preferred to the deprecated ida_simple_get() and ida_simple_remove(). Note that the upper limit of ida_simple_get() is exclusive, but the one of ida_alloc_range() is inclusive. So change this change allows one more device. Previously address 0xFE was never used. Fixes: 46a2bb5a7f7e ("slimbus: core: Add slim controllers support") Cc: <Stable(a)vger.kernel.org> Signed-off-by: Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> --- drivers/slimbus/core.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/slimbus/core.c b/drivers/slimbus/core.c index d43873bb5fe6..01cbd4621981 100644 --- a/drivers/slimbus/core.c +++ b/drivers/slimbus/core.c @@ -436,8 +436,8 @@ static int slim_device_alloc_laddr(struct slim_device *sbdev, if (ret < 0) goto err; } else if (report_present) { - ret = ida_simple_get(&ctrl->laddr_ida, - 0, SLIM_LA_MANAGER - 1, GFP_KERNEL); + ret = ida_alloc_max(&ctrl->laddr_ida, + SLIM_LA_MANAGER - 1, GFP_KERNEL); if (ret < 0) goto err; -- 2.25.1

1 year, 6 months

1
0
0 0

[PATCH 1/1] nvmem: meson-efuse: fix function pointer type mismatch

by srinivas.kandagatla＠linaro.org

From: Jerome Brunet <jbrunet(a)baylibre.com> clang-16 warns about casting functions to incompatible types, as is done here to call clk_disable_unprepare: drivers/nvmem/meson-efuse.c:78:12: error: cast from 'void (*)(struct clk *)' to 'void (*)(void *)' converts to incompatible function type [-Werror,-Wcast-function-type-strict] 78 | (void(*)(void *))clk_disable_unprepare, The pattern of getting, enabling and setting a disable callback for a clock can be replaced with devm_clk_get_enabled(), which also fixes this warning. Fixes: 611fbca1c861 ("nvmem: meson-efuse: add peripheral clock") Cc: <Stable(a)vger.kernel.org> Reported-by: Arnd Bergmann <arnd(a)arndb.de> Signed-off-by: Jerome Brunet <jbrunet(a)baylibre.com> Reviewed-by: Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> Acked-by: Arnd Bergmann <arnd(a)arndb.de> Reviewed-by: Justin Stitt <justinstitt(a)google.com> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> --- drivers/nvmem/meson-efuse.c | 25 +++---------------------- 1 file changed, 3 insertions(+), 22 deletions(-) diff --git a/drivers/nvmem/meson-efuse.c b/drivers/nvmem/meson-efuse.c index b922df99f9bc..33678d0af2c2 100644 --- a/drivers/nvmem/meson-efuse.c +++ b/drivers/nvmem/meson-efuse.c @@ -47,7 +47,6 @@ static int meson_efuse_probe(struct platform_device *pdev) struct nvmem_config *econfig; struct clk *clk; unsigned int size; - int ret; sm_np = of_parse_phandle(pdev->dev.of_node, "secure-monitor", 0); if (!sm_np) { @@ -60,27 +59,9 @@ static int meson_efuse_probe(struct platform_device *pdev) if (!fw) return -EPROBE_DEFER; - clk = devm_clk_get(dev, NULL); - if (IS_ERR(clk)) { - ret = PTR_ERR(clk); - if (ret != -EPROBE_DEFER) - dev_err(dev, "failed to get efuse gate"); - return ret; - } - - ret = clk_prepare_enable(clk); - if (ret) { - dev_err(dev, "failed to enable gate"); - return ret; - } - - ret = devm_add_action_or_reset(dev, - (void(*)(void *))clk_disable_unprepare, - clk); - if (ret) { - dev_err(dev, "failed to add disable callback"); - return ret; - } + clk = devm_clk_get_enabled(dev, NULL); + if (IS_ERR(clk)) + return dev_err_probe(dev, PTR_ERR(clk), "failed to get efuse gate"); if (meson_sm_call(fw, SM_EFUSE_USER_MAX, &size, 0, 0, 0, 0, 0) < 0) { dev_err(dev, "failed to get max user"); -- 2.25.1

1 year, 6 months

1
0
0 0

[PATCH v2] kbuild: tools: drop overridden CFLAGS from MAKEOVERRIDES

by Max Filippov

Some Makefiles under tools/ use the 'override CFLAGS += ...' construct to add a few required options to CFLAGS passed by the user. Unfortunately that only works when user passes CFLAGS as an environment variable, i.e. CFLAGS=... make ... and not in case when CFLAGS are passed as make command line arguments: make ... CFLAGS=... It happens because in the latter case CFLAGS=... is recorded in the make variable MAKEOVERRIDES and this variable is passed in its original form to all $(MAKE) subcommands, taking precedence over modified CFLAGS value passed in the environment variable. E.g. this causes build failure for gpio and iio tools when the build is run with user CFLAGS because of missing _GNU_SOURCE definition needed for the asprintf(). One way to fix it is by removing overridden variables from the MAKEOVERRIDES. Add macro 'drop-var-from-overrides' that removes a definition of a variable passed to it from the MAKEOVERRIDES and use it to fix CFLAGS passing for tools/gpio and tools/iio. This implementation tries to be precise in string processing and handle variables with embedded spaces and backslashes correctly. To achieve that it replaces every '\\' sequence with '\-' to make sure that every '\' in the resulting string is an escape character. It then replaces every '\ ' sequence with '\_' to turn string values with embedded spaces into single words. After filtering the overridden variable definition out of the resulting string these two transformations are reversed. Cc: stable(a)vger.kernel.org Fixes: 4ccc98a48958 ("tools gpio: Allow overriding CFLAGS") Fixes: 572974610273 ("tools iio: Override CFLAGS assignments") Signed-off-by: Max Filippov <jcmvbkbc(a)gmail.com> --- Changes v1->v2: - make drop-var-from-overrides-code work correctly with arbitrary variables, including thoses ending with '\'. tools/gpio/Makefile | 1 + tools/iio/Makefile | 1 + tools/scripts/Makefile.include | 9 +++++++++ 3 files changed, 11 insertions(+) diff --git a/tools/gpio/Makefile b/tools/gpio/Makefile index d29c9c49e251..46fc38d51639 100644 --- a/tools/gpio/Makefile +++ b/tools/gpio/Makefile @@ -24,6 +24,7 @@ ALL_PROGRAMS := $(patsubst %,$(OUTPUT)%,$(ALL_TARGETS)) all: $(ALL_PROGRAMS) export srctree OUTPUT CC LD CFLAGS +$(call drop-var-from-overrides,CFLAGS) include $(srctree)/tools/build/Makefile.include # diff --git a/tools/iio/Makefile b/tools/iio/Makefile index fa720f062229..04307588dd3f 100644 --- a/tools/iio/Makefile +++ b/tools/iio/Makefile @@ -20,6 +20,7 @@ ALL_PROGRAMS := $(patsubst %,$(OUTPUT)%,$(ALL_TARGETS)) all: $(ALL_PROGRAMS) export srctree OUTPUT CC LD CFLAGS +$(call drop-var-from-overrides,CFLAGS) include $(srctree)/tools/build/Makefile.include # diff --git a/tools/scripts/Makefile.include b/tools/scripts/Makefile.include index 6fba29f3222d..0f68b95cf55c 100644 --- a/tools/scripts/Makefile.include +++ b/tools/scripts/Makefile.include @@ -51,6 +51,15 @@ define allow-override $(eval $(1) = $(2))) endef +# When a Makefile overrides a variable and exports it for the nested $(MAKE) +# invocations to use its modified value, it must remove that variable definition +# from the MAKEOVERRIDES variable, otherwise the original definition from the +# MAKEOVERRIDES takes precedence over the exported value. +drop-var-from-overrides = $(eval $(drop-var-from-overrides-code)) +define drop-var-from-overrides-code +MAKEOVERRIDES := $(subst \-,\\,$(subst \_,\ ,$(filter-out $(1)=%,$(subst \ ,\_,$(subst \\,\-,$(MAKEOVERRIDES)))))) +endef + ifneq ($(LLVM),) ifneq ($(filter %/,$(LLVM)),) LLVM_PREFIX := $(LLVM) -- 2.39.2

1 year, 6 months

2
2
0 0

Re: [PATCH 6.7 000/313] 6.7.6-rc2 review

by Ronald Warsow

Hi Greg *no* regressions here on x86_64 (RKL, Intel 11th Gen. CPU) Thanks Tested-by: Ronald Warsow <rwarsow(a)gmx.de>

1 year, 6 months

3
7
0 0

FAILED: patch "[PATCH] erofs: fix lz4 inplace decompression" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 3c12466b6b7bf1e56f9b32c366a3d83d87afb4de # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024012648-backwater-colt-7290@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 3c12466b6b7b ("erofs: fix lz4 inplace decompression") 123ec246ebe3 ("erofs: get rid of the remaining kmap_atomic()") ab749badf9f4 ("erofs: support unaligned data decompression") 10e5f6e482e1 ("erofs: introduce z_erofs_fixup_insize") d67aee76d418 ("erofs: tidy up z_erofs_lz4_decompress") 7e508f2ca8bb ("erofs: rename lz4_0pading to zero_padding") eaa9172ad988 ("erofs: get rid of ->lru usage") 622ceaddb764 ("erofs: lzma compression support") 966edfb0a3dc ("erofs: rename some generic methods in decompressor") 386292919c25 ("erofs: introduce readmore decompression strategy") 8f89926290c4 ("erofs: get compression algorithms directly on mapping") dfeab2e95a75 ("erofs: add multiple device support") e62424651f43 ("erofs: decouple basic mount options from fs_context") 5b6e7e120e71 ("erofs: remove the fast path of per-CPU buffer decompression") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 3c12466b6b7bf1e56f9b32c366a3d83d87afb4de Mon Sep 17 00:00:00 2001 From: Gao Xiang <xiang(a)kernel.org> Date: Wed, 6 Dec 2023 12:55:34 +0800 Subject: [PATCH] erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I/O. However, like most simple LZ77 algorithms, LZ4 expects the compressed data is arranged at the end of the decompressed buffer and it explicitly uses memmove() to handle overlapping: __________________________________________________________ |_ direction of decompression --> ____ |_ compressed data _| Although EROFS arranges compressed data like this, it typically maps two individual virtual buffers so the relative order is uncertain. Previously, it was hardly observed since LZ4 only uses memmove() for short overlapped literals and x86/arm64 memmove implementations seem to completely cover it up and they don't have this issue. Juhyung reported that EROFS data corruption can be found on a new Intel x86 processor. After some analysis, it seems that recent x86 processors with the new FSRM feature expose this issue with "rep movsb". Let's strictly use the decompressed buffer for lz4 inplace decompression for now. Later, as an useful improvement, we could try to tie up these two buffers together in the correct order. Reported-and-tested-by: Juhyung Park <qkrwngud825(a)gmail.com> Closes: https://lore.kernel.org/r/CAD14+f2AVKf8Fa2OO1aAUdDNTDsVzzR6ctU_oJSmTyd6zSYR… Fixes: 0ffd71bcc3a0 ("staging: erofs: introduce LZ4 decompression inplace") Fixes: 598162d05080 ("erofs: support decompress big pcluster for lz4 backend") Cc: stable <stable(a)vger.kernel.org> # 5.4+ Tested-by: Yifan Zhao <zhaoyifan(a)sjtu.edu.cn> Signed-off-by: Gao Xiang <hsiangkao(a)linux.alibaba.com> Link: https://lore.kernel.org/r/20231206045534.3920847-1-hsiangkao@linux.alibaba.… diff --git a/fs/erofs/decompressor.c b/fs/erofs/decompressor.c index 021be5feb1bc..e0d609c3958f 100644 --- a/fs/erofs/decompressor.c +++ b/fs/erofs/decompressor.c @@ -121,11 +121,11 @@ static int z_erofs_lz4_prepare_dstpages(struct z_erofs_lz4_decompress_ctx *ctx, } static void *z_erofs_lz4_handle_overlap(struct z_erofs_lz4_decompress_ctx *ctx, - void *inpage, unsigned int *inputmargin, int *maptype, - bool may_inplace) + void *inpage, void *out, unsigned int *inputmargin, + int *maptype, bool may_inplace) { struct z_erofs_decompress_req *rq = ctx->rq; - unsigned int omargin, total, i, j; + unsigned int omargin, total, i; struct page **in; void *src, *tmp; @@ -135,12 +135,13 @@ static void *z_erofs_lz4_handle_overlap(struct z_erofs_lz4_decompress_ctx *ctx, omargin < LZ4_DECOMPRESS_INPLACE_MARGIN(rq->inputsize)) goto docopy; - for (i = 0; i < ctx->inpages; ++i) { - DBG_BUGON(rq->in[i] == NULL); - for (j = 0; j < ctx->outpages - ctx->inpages + i; ++j) - if (rq->out[j] == rq->in[i]) - goto docopy; - } + for (i = 0; i < ctx->inpages; ++i) + if (rq->out[ctx->outpages - ctx->inpages + i] != + rq->in[i]) + goto docopy; + kunmap_local(inpage); + *maptype = 3; + return out + ((ctx->outpages - ctx->inpages) << PAGE_SHIFT); } if (ctx->inpages <= 1) { @@ -148,7 +149,6 @@ static void *z_erofs_lz4_handle_overlap(struct z_erofs_lz4_decompress_ctx *ctx, return inpage; } kunmap_local(inpage); - might_sleep(); src = erofs_vm_map_ram(rq->in, ctx->inpages); if (!src) return ERR_PTR(-ENOMEM); @@ -204,12 +204,12 @@ int z_erofs_fixup_insize(struct z_erofs_decompress_req *rq, const char *padbuf, } static int z_erofs_lz4_decompress_mem(struct z_erofs_lz4_decompress_ctx *ctx, - u8 *out) + u8 *dst) { struct z_erofs_decompress_req *rq = ctx->rq; bool support_0padding = false, may_inplace = false; unsigned int inputmargin; - u8 *headpage, *src; + u8 *out, *headpage, *src; int ret, maptype; DBG_BUGON(*rq->in == NULL); @@ -230,11 +230,12 @@ static int z_erofs_lz4_decompress_mem(struct z_erofs_lz4_decompress_ctx *ctx, } inputmargin = rq->pageofs_in; - src = z_erofs_lz4_handle_overlap(ctx, headpage, &inputmargin, + src = z_erofs_lz4_handle_overlap(ctx, headpage, dst, &inputmargin, &maptype, may_inplace); if (IS_ERR(src)) return PTR_ERR(src); + out = dst + rq->pageofs_out; /* legacy format could compress extra data in a pcluster. */ if (rq->partial_decoding || !support_0padding) ret = LZ4_decompress_safe_partial(src + inputmargin, out, @@ -265,7 +266,7 @@ static int z_erofs_lz4_decompress_mem(struct z_erofs_lz4_decompress_ctx *ctx, vm_unmap_ram(src, ctx->inpages); } else if (maptype == 2) { erofs_put_pcpubuf(src); - } else { + } else if (maptype != 3) { DBG_BUGON(1); return -EFAULT; } @@ -308,7 +309,7 @@ static int z_erofs_lz4_decompress(struct z_erofs_decompress_req *rq, } dstmap_out: - ret = z_erofs_lz4_decompress_mem(&ctx, dst + rq->pageofs_out); + ret = z_erofs_lz4_decompress_mem(&ctx, dst); if (!dst_maptype) kunmap_local(dst); else if (dst_maptype == 2)

1 year, 6 months

2
2
0 0

[PATCH 0/6] sparc32: build fixes for all{yes,mod}config builds

by Sam Ravnborg via B4 Relay

This is a small set of patches that address build breakage with allyesconfig / allmodconfig. This solves some, but not all, build breakage. The parport fix depends on the previous patch, the rest are independent fixes. Signed-off-by: Sam Ravnborg <sam(a)ravnborg.org> --- Sam Ravnborg (6): sparc32: Use generic cmpdi2/ucmpdi2 variants sparc32: Fix build with trapbase mtd: maps: sun_uflash: Declare uflash_devinit static usb: host: uhci-grlib.c: Fix build, add platform_device sparc32: Do not select GENERIC_ISA_DMA sparc32: Fix parport build with sparc32 arch/sparc/Kconfig | 6 +- arch/sparc/include/asm/parport.h | 259 +----------------------------------- arch/sparc/include/asm/parport_64.h | 256 +++++++++++++++++++++++++++++++++++ arch/sparc/kernel/irq_32.c | 6 +- arch/sparc/kernel/kernel.h | 8 +- arch/sparc/kernel/kgdb_32.c | 4 +- arch/sparc/kernel/leon_smp.c | 6 +- arch/sparc/kernel/setup_32.c | 4 +- arch/sparc/lib/Makefile | 4 +- arch/sparc/lib/cmpdi2.c | 28 ---- arch/sparc/lib/ucmpdi2.c | 20 --- drivers/mtd/maps/sun_uflash.c | 2 +- drivers/usb/host/uhci-grlib.c | 1 + 13 files changed, 283 insertions(+), 321 deletions(-) --- base-commit: 626db6ee8ee1edac206610db407114aa83b53fd3 change-id: 20240223-sam-fix-sparc32-all-builds-0a0403d6e1b3 Best regards, -- Sam Ravnborg <sam(a)ravnborg.org>

1 year, 6 months

3
3
0 0

[PATCH 4/7] ext4: add positive int attr pointer to avoid sysfs variables overflow

by Baokun Li

We can easily trigger a BUG_ON by using the following commands: mount /dev/$disk /tmp/test echo 2147483650 > /sys/fs/ext4/$disk/mb_group_prealloc echo test > /tmp/test/file && sync ================================================================== kernel BUG at fs/ext4/mballoc.c:2029! invalid opcode: 0000 [#1] PREEMPT SMP PTI CPU: 3 PID: 320 Comm: kworker/u36:1 Not tainted 6.8.0-rc1 #462 RIP: 0010:mb_mark_used+0x358/0x370 [...] Call Trace: ext4_mb_use_best_found+0x56/0x140 ext4_mb_complex_scan_group+0x196/0x2f0 ext4_mb_regular_allocator+0xa92/0xf00 ext4_mb_new_blocks+0x302/0xbc0 ext4_ext_map_blocks+0x95a/0xef0 ext4_map_blocks+0x2b1/0x680 ext4_do_writepages+0x733/0xbd0 [...] ================================================================== In ext4_mb_normalize_group_request(): ac->ac_g_ex.fe_len = EXT4_SB(sb)->s_mb_group_prealloc; Here fe_len is of type int, but s_mb_group_prealloc is of type unsigned int, so setting s_mb_group_prealloc to 2147483650 overflows fe_len to a negative number, which ultimately triggers a BUG_ON() in mb_mark_used(). Therefore, we add attr_pointer_pi (aka positive int attr pointer) with a value range of 0-INT_MAX to avoid the above problem. In addition to the mb_group_prealloc sysfs interface, the following interfaces also have uint to int conversions that result in overflows, and are also fixed. err_ratelimit_burst msg_ratelimit_burst warning_ratelimit_burst err_ratelimit_interval_ms msg_ratelimit_interval_ms warning_ratelimit_interval_ms mb_best_avail_max_trim_order CC: stable(a)vger.kernel.org Signed-off-by: Baokun Li <libaokun1(a)huawei.com> --- fs/ext4/sysfs.c | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/fs/ext4/sysfs.c b/fs/ext4/sysfs.c index a5d657fa05cb..6f9f96e00f2f 100644 --- a/fs/ext4/sysfs.c +++ b/fs/ext4/sysfs.c @@ -30,6 +30,7 @@ typedef enum { attr_first_error_time, attr_last_error_time, attr_feature, + attr_pointer_pi, attr_pointer_ui, attr_pointer_ul, attr_pointer_u64, @@ -178,6 +179,9 @@ static struct ext4_attr ext4_attr_##_name = { \ #define EXT4_RO_ATTR_ES_STRING(_name,_elname,_size) \ EXT4_ATTR_STRING(_name, 0444, _size, ext4_super_block, _elname) +#define EXT4_RW_ATTR_SBI_PI(_name,_elname) \ + EXT4_ATTR_OFFSET(_name, 0644, pointer_pi, ext4_sb_info, _elname) + #define EXT4_RW_ATTR_SBI_UI(_name,_elname) \ EXT4_ATTR_OFFSET(_name, 0644, pointer_ui, ext4_sb_info, _elname) @@ -213,17 +217,17 @@ EXT4_RW_ATTR_SBI_UI(mb_max_to_scan, s_mb_max_to_scan); EXT4_RW_ATTR_SBI_UI(mb_min_to_scan, s_mb_min_to_scan); EXT4_RW_ATTR_SBI_UI(mb_order2_req, s_mb_order2_reqs); EXT4_RW_ATTR_SBI_UI(mb_stream_req, s_mb_stream_request); -EXT4_RW_ATTR_SBI_UI(mb_group_prealloc, s_mb_group_prealloc); +EXT4_RW_ATTR_SBI_PI(mb_group_prealloc, s_mb_group_prealloc); EXT4_RW_ATTR_SBI_UI(mb_max_linear_groups, s_mb_max_linear_groups); EXT4_RW_ATTR_SBI_UI(extent_max_zeroout_kb, s_extent_max_zeroout_kb); EXT4_ATTR(trigger_fs_error, 0200, trigger_test_error); -EXT4_RW_ATTR_SBI_UI(err_ratelimit_interval_ms, s_err_ratelimit_state.interval); -EXT4_RW_ATTR_SBI_UI(err_ratelimit_burst, s_err_ratelimit_state.burst); -EXT4_RW_ATTR_SBI_UI(warning_ratelimit_interval_ms, s_warning_ratelimit_state.interval); -EXT4_RW_ATTR_SBI_UI(warning_ratelimit_burst, s_warning_ratelimit_state.burst); -EXT4_RW_ATTR_SBI_UI(msg_ratelimit_interval_ms, s_msg_ratelimit_state.interval); -EXT4_RW_ATTR_SBI_UI(msg_ratelimit_burst, s_msg_ratelimit_state.burst); -EXT4_RW_ATTR_SBI_UI(mb_best_avail_max_trim_order, s_mb_best_avail_max_trim_order); +EXT4_RW_ATTR_SBI_PI(err_ratelimit_interval_ms, s_err_ratelimit_state.interval); +EXT4_RW_ATTR_SBI_PI(err_ratelimit_burst, s_err_ratelimit_state.burst); +EXT4_RW_ATTR_SBI_PI(warning_ratelimit_interval_ms, s_warning_ratelimit_state.interval); +EXT4_RW_ATTR_SBI_PI(warning_ratelimit_burst, s_warning_ratelimit_state.burst); +EXT4_RW_ATTR_SBI_PI(msg_ratelimit_interval_ms, s_msg_ratelimit_state.interval); +EXT4_RW_ATTR_SBI_PI(msg_ratelimit_burst, s_msg_ratelimit_state.burst); +EXT4_RW_ATTR_SBI_PI(mb_best_avail_max_trim_order, s_mb_best_avail_max_trim_order); #ifdef CONFIG_EXT4_DEBUG EXT4_RW_ATTR_SBI_UL(simulate_fail, s_simulate_fail); #endif @@ -376,6 +380,7 @@ static ssize_t ext4_generic_attr_show(struct ext4_attr *a, switch (a->attr_id) { case attr_inode_readahead: + case attr_pointer_pi: case attr_pointer_ui: if (a->attr_ptr == ptr_ext4_super_block_offset) return sysfs_emit(buf, "%u\n", le32_to_cpup(ptr)); @@ -448,6 +453,10 @@ static ssize_t ext4_generic_attr_store(struct ext4_attr *a, return ret; switch (a->attr_id) { + case attr_pointer_pi: + if ((int)t < 0) + return -EINVAL; + fallthrough; case attr_pointer_ui: if (t != (unsigned int)t) return -EINVAL; -- 2.31.1

1 year, 6 months

3
5
0 0

[merged mm-hotfixes-stable] mm-debug_vm_pgtable-fix-bug_on-with-pud-advanced-test.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm/debug_vm_pgtable: fix BUG_ON with pud advanced test has been removed from the -mm tree. Its filename was mm-debug_vm_pgtable-fix-bug_on-with-pud-advanced-test.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: "Aneesh Kumar K.V (IBM)" <aneesh.kumar(a)kernel.org> Subject: mm/debug_vm_pgtable: fix BUG_ON with pud advanced test Date: Mon, 29 Jan 2024 11:30:22 +0530 Architectures like powerpc add debug checks to ensure we find only devmap PUD pte entries. These debug checks are only done with CONFIG_DEBUG_VM. This patch marks the ptes used for PUD advanced test devmap pte entries so that we don't hit on debug checks on architecture like ppc64 as below. WARNING: CPU: 2 PID: 1 at arch/powerpc/mm/book3s64/radix_pgtable.c:1382 radix__pud_hugepage_update+0x38/0x138 .... NIP [c0000000000a7004] radix__pud_hugepage_update+0x38/0x138 LR [c0000000000a77a8] radix__pudp_huge_get_and_clear+0x28/0x60 Call Trace: [c000000004a2f950] [c000000004a2f9a0] 0xc000000004a2f9a0 (unreliable) [c000000004a2f980] [000d34c100000000] 0xd34c100000000 [c000000004a2f9a0] [c00000000206ba98] pud_advanced_tests+0x118/0x334 [c000000004a2fa40] [c00000000206db34] debug_vm_pgtable+0xcbc/0x1c48 [c000000004a2fc10] [c00000000000fd28] do_one_initcall+0x60/0x388 Also kernel BUG at arch/powerpc/mm/book3s64/pgtable.c:202! .... NIP [c000000000096510] pudp_huge_get_and_clear_full+0x98/0x174 LR [c00000000206bb34] pud_advanced_tests+0x1b4/0x334 Call Trace: [c000000004a2f950] [000d34c100000000] 0xd34c100000000 (unreliable) [c000000004a2f9a0] [c00000000206bb34] pud_advanced_tests+0x1b4/0x334 [c000000004a2fa40] [c00000000206db34] debug_vm_pgtable+0xcbc/0x1c48 [c000000004a2fc10] [c00000000000fd28] do_one_initcall+0x60/0x388 Link: https://lkml.kernel.org/r/20240129060022.68044-1-aneesh.kumar@kernel.org Fixes: 27af67f35631 ("powerpc/book3s64/mm: enable transparent pud hugepage") Signed-off-by: Aneesh Kumar K.V (IBM) <aneesh.kumar(a)kernel.org> Cc: Anshuman Khandual <anshuman.khandual(a)arm.com> Cc: Michael Ellerman <mpe(a)ellerman.id.au> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/debug_vm_pgtable.c | 8 ++++++++ 1 file changed, 8 insertions(+) --- a/mm/debug_vm_pgtable.c~mm-debug_vm_pgtable-fix-bug_on-with-pud-advanced-test +++ a/mm/debug_vm_pgtable.c @@ -362,6 +362,12 @@ static void __init pud_advanced_tests(st vaddr &= HPAGE_PUD_MASK; pud = pfn_pud(args->pud_pfn, args->page_prot); + /* + * Some architectures have debug checks to make sure + * huge pud mapping are only found with devmap entries + * For now test with only devmap entries. + */ + pud = pud_mkdevmap(pud); set_pud_at(args->mm, vaddr, args->pudp, pud); flush_dcache_page(page); pudp_set_wrprotect(args->mm, vaddr, args->pudp); @@ -374,6 +380,7 @@ static void __init pud_advanced_tests(st WARN_ON(!pud_none(pud)); #endif /* __PAGETABLE_PMD_FOLDED */ pud = pfn_pud(args->pud_pfn, args->page_prot); + pud = pud_mkdevmap(pud); pud = pud_wrprotect(pud); pud = pud_mkclean(pud); set_pud_at(args->mm, vaddr, args->pudp, pud); @@ -391,6 +398,7 @@ static void __init pud_advanced_tests(st #endif /* __PAGETABLE_PMD_FOLDED */ pud = pfn_pud(args->pud_pfn, args->page_prot); + pud = pud_mkdevmap(pud); pud = pud_mkyoung(pud); set_pud_at(args->mm, vaddr, args->pudp, pud); flush_dcache_page(page); _ Patches currently in -mm which might be from aneesh.kumar(a)kernel.org are

1 year, 6 months

1
0
0 0

[merged mm-hotfixes-stable] mm-cachestat-fix-folio-read-after-free-in-cache-walk.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm: cachestat: fix folio read-after-free in cache walk has been removed from the -mm tree. Its filename was mm-cachestat-fix-folio-read-after-free-in-cache-walk.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Nhat Pham <nphamcs(a)gmail.com> Subject: mm: cachestat: fix folio read-after-free in cache walk Date: Mon, 19 Feb 2024 19:01:21 -0800 In cachestat, we access the folio from the page cache's xarray to compute its page offset, and check for its dirty and writeback flags. However, we do not hold a reference to the folio before performing these actions, which means the folio can concurrently be released and reused as another folio/page/slab. Get around this altogether by just using xarray's existing machinery for the folio page offsets and dirty/writeback states. This changes behavior for tmpfs files to now always report zeroes in their dirty and writeback counters. This is okay as tmpfs doesn't follow conventional writeback cache behavior: its pages get "cleaned" during swapout, after which they're no longer resident etc. Link: https://lkml.kernel.org/r/20240220153409.GA216065@cmpxchg.org Fixes: cf264e1329fb ("cachestat: implement cachestat syscall") Reported-by: Jann Horn <jannh(a)google.com> Suggested-by: Matthew Wilcox <willy(a)infradead.org> Signed-off-by: Nhat Pham <nphamcs(a)gmail.com> Signed-off-by: Johannes Weiner <hannes(a)cmpxchg.org> Tested-by: Jann Horn <jannh(a)google.com> Cc: <stable(a)vger.kernel.org> [6.4+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/filemap.c | 51 ++++++++++++++++++++++++------------------------- 1 file changed, 26 insertions(+), 25 deletions(-) --- a/mm/filemap.c~mm-cachestat-fix-folio-read-after-free-in-cache-walk +++ a/mm/filemap.c @@ -4111,28 +4111,40 @@ static void filemap_cachestat(struct add rcu_read_lock(); xas_for_each(&xas, folio, last_index) { + int order; unsigned long nr_pages; pgoff_t folio_first_index, folio_last_index; + /* + * Don't deref the folio. It is not pinned, and might + * get freed (and reused) underneath us. + * + * We *could* pin it, but that would be expensive for + * what should be a fast and lightweight syscall. + * + * Instead, derive all information of interest from + * the rcu-protected xarray. + */ + if (xas_retry(&xas, folio)) continue; + order = xa_get_order(xas.xa, xas.xa_index); + nr_pages = 1 << order; + folio_first_index = round_down(xas.xa_index, 1 << order); + folio_last_index = folio_first_index + nr_pages - 1; + + /* Folios might straddle the range boundaries, only count covered pages */ + if (folio_first_index < first_index) + nr_pages -= first_index - folio_first_index; + + if (folio_last_index > last_index) + nr_pages -= folio_last_index - last_index; + if (xa_is_value(folio)) { /* page is evicted */ void *shadow = (void *)folio; bool workingset; /* not used */ - int order = xa_get_order(xas.xa, xas.xa_index); - - nr_pages = 1 << order; - folio_first_index = round_down(xas.xa_index, 1 << order); - folio_last_index = folio_first_index + nr_pages - 1; - - /* Folios might straddle the range boundaries, only count covered pages */ - if (folio_first_index < first_index) - nr_pages -= first_index - folio_first_index; - - if (folio_last_index > last_index) - nr_pages -= folio_last_index - last_index; cs->nr_evicted += nr_pages; @@ -4150,24 +4162,13 @@ static void filemap_cachestat(struct add goto resched; } - nr_pages = folio_nr_pages(folio); - folio_first_index = folio_pgoff(folio); - folio_last_index = folio_first_index + nr_pages - 1; - - /* Folios might straddle the range boundaries, only count covered pages */ - if (folio_first_index < first_index) - nr_pages -= first_index - folio_first_index; - - if (folio_last_index > last_index) - nr_pages -= folio_last_index - last_index; - /* page is in cache */ cs->nr_cache += nr_pages; - if (folio_test_dirty(folio)) + if (xas_get_mark(&xas, PAGECACHE_TAG_DIRTY)) cs->nr_dirty += nr_pages; - if (folio_test_writeback(folio)) + if (xas_get_mark(&xas, PAGECACHE_TAG_WRITEBACK)) cs->nr_writeback += nr_pages; resched: _ Patches currently in -mm which might be from nphamcs(a)gmail.com are

1 year, 6 months

1
0
0 0

[merged mm-hotfixes-stable] mm-vmscan-fix-a-bug-calling-wakeup_kswapd-with-a-wrong-zone-index.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index has been removed from the -mm tree. Its filename was mm-vmscan-fix-a-bug-calling-wakeup_kswapd-with-a-wrong-zone-index.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Byungchul Park <byungchul(a)sk.com> Subject: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index Date: Fri, 16 Feb 2024 20:15:02 +0900 With numa balancing on, when a numa system is running where a numa node doesn't have its local memory so it has no managed zones, the following oops has been observed. It's because wakeup_kswapd() is called with a wrong zone index, -1. Fixed it by checking the index before calling wakeup_kswapd(). > BUG: unable to handle page fault for address: 00000000000033f3 > #PF: supervisor read access in kernel mode > #PF: error_code(0x0000) - not-present page > PGD 0 P4D 0 > Oops: 0000 [#1] PREEMPT SMP NOPTI > CPU: 2 PID: 895 Comm: masim Not tainted 6.6.0-dirty #255 > Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS > rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 > RIP: 0010:wakeup_kswapd (./linux/mm/vmscan.c:7812) > Code: (omitted) > RSP: 0000:ffffc90004257d58 EFLAGS: 00010286 > RAX: ffffffffffffffff RBX: ffff88883fff0480 RCX: 0000000000000003 > RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88883fff0480 > RBP: ffffffffffffffff R08: ff0003ffffffffff R09: ffffffffffffffff > R10: ffff888106c95540 R11: 0000000055555554 R12: 0000000000000003 > R13: 0000000000000000 R14: 0000000000000000 R15: ffff88883fff0940 > FS: 00007fc4b8124740(0000) GS:ffff888827c00000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 00000000000033f3 CR3: 000000026cc08004 CR4: 0000000000770ee0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > PKRU: 55555554 > Call Trace: > <TASK> > ? __die > ? page_fault_oops > ? __pte_offset_map_lock > ? exc_page_fault > ? asm_exc_page_fault > ? wakeup_kswapd > migrate_misplaced_page > __handle_mm_fault > handle_mm_fault > do_user_addr_fault > exc_page_fault > asm_exc_page_fault > RIP: 0033:0x55b897ba0808 > Code: (omitted) > RSP: 002b:00007ffeefa821a0 EFLAGS: 00010287 > RAX: 000055b89983acd0 RBX: 00007ffeefa823f8 RCX: 000055b89983acd0 > RDX: 00007fc2f8122010 RSI: 0000000000020000 RDI: 000055b89983acd0 > RBP: 00007ffeefa821a0 R08: 0000000000000037 R09: 0000000000000075 > R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 > R13: 00007ffeefa82410 R14: 000055b897ba5dd8 R15: 00007fc4b8340000 > </TASK> Link: https://lkml.kernel.org/r/20240216111502.79759-1-byungchul@sk.com Signed-off-by: Byungchul Park <byungchul(a)sk.com> Reported-by: Hyeongtak Ji <hyeongtak.ji(a)sk.com> Fixes: c574bbe917036 ("NUMA balancing: optimize page placement for memory tiering system") Reviewed-by: Oscar Salvador <osalvador(a)suse.de> Cc: Baolin Wang <baolin.wang(a)linux.alibaba.com> Cc: "Huang, Ying" <ying.huang(a)intel.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/migrate.c | 8 ++++++++ 1 file changed, 8 insertions(+) --- a/mm/migrate.c~mm-vmscan-fix-a-bug-calling-wakeup_kswapd-with-a-wrong-zone-index +++ a/mm/migrate.c @@ -2519,6 +2519,14 @@ static int numamigrate_isolate_folio(pg_ if (managed_zone(pgdat->node_zones + z)) break; } + + /* + * If there are no managed zones, it should not proceed + * further. + */ + if (z < 0) + return 0; + wakeup_kswapd(pgdat->node_zones + z, 0, folio_order(folio), ZONE_MOVABLE); return 0; _ Patches currently in -mm which might be from byungchul(a)sk.com are sched-numa-mm-do-not-try-to-migrate-memory-to-memoryless-nodes.patch mm-vmscan-do-not-turn-on-cache_trim_mode-if-it-doesnt-work.patch

1 year, 6 months

1
0
0 0

+ init-kconfig-lower-gcc-version-check-for-warray-bounds.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: init/Kconfig: lower GCC version check for -Warray-bounds has been added to the -mm mm-hotfixes-unstable branch. Its filename is init-kconfig-lower-gcc-version-check-for-warray-bounds.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Kees Cook <keescook(a)chromium.org> Subject: init/Kconfig: lower GCC version check for -Warray-bounds Date: Fri, 23 Feb 2024 09:08:27 -0800 We continue to see false positives from -Warray-bounds even in GCC 10, which is getting reported in a few places[1] still: security/security.c:811:2: warning: `memcpy' offset 32 is out of the bounds [0, 0] [-Warray-bounds] Lower the GCC version check from 11 to 10. Link: https://lkml.kernel.org/r/20240223170824.work.768-kees@kernel.org Reported-by: Lu Yao <yaolu(a)kylinos.cn> Closes: https://lore.kernel.org/lkml/20240117014541.8887-1-yaolu@kylinos.cn/ Link: https://lore.kernel.org/linux-next/65d84438.620a0220.7d171.81a7@mx.google.c… [1] Signed-off-by: Kees Cook <keescook(a)chromium.org> Cc: Ard Biesheuvel <ardb(a)kernel.org> Cc: Christophe Leroy <christophe.leroy(a)csgroup.eu> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: "Gustavo A. R. Silva" <gustavoars(a)kernel.org> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Marc Aur��le La France <tsi(a)tuyoix.net> Cc: Masahiro Yamada <masahiroy(a)kernel.org> Cc: Nathan Chancellor <nathan(a)kernel.org> Cc: Nhat Pham <nphamcs(a)gmail.com> Cc: Paul Moore <paul(a)paul-moore.com> Cc: Petr Mladek <pmladek(a)suse.com> Cc: Randy Dunlap <rdunlap(a)infradead.org> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- init/Kconfig | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) --- a/init/Kconfig~init-kconfig-lower-gcc-version-check-for-warray-bounds +++ a/init/Kconfig @@ -876,14 +876,14 @@ config CC_IMPLICIT_FALLTHROUGH default "-Wimplicit-fallthrough=5" if CC_IS_GCC && $(cc-option,-Wimplicit-fallthrough=5) default "-Wimplicit-fallthrough" if CC_IS_CLANG && $(cc-option,-Wunreachable-code-fallthrough) -# Currently, disable gcc-11+ array-bounds globally. +# Currently, disable gcc-10+ array-bounds globally. # It's still broken in gcc-13, so no upper bound yet. -config GCC11_NO_ARRAY_BOUNDS +config GCC10_NO_ARRAY_BOUNDS def_bool y config CC_NO_ARRAY_BOUNDS bool - default y if CC_IS_GCC && GCC_VERSION >= 110000 && GCC11_NO_ARRAY_BOUNDS + default y if CC_IS_GCC && GCC_VERSION >= 100000 && GCC10_NO_ARRAY_BOUNDS # Currently, disable -Wstringop-overflow for GCC globally. config GCC_NO_STRINGOP_OVERFLOW _ Patches currently in -mm which might be from keescook(a)chromium.org are init-kconfig-lower-gcc-version-check-for-warray-bounds.patch

1 year, 6 months

1
0
0 0

[PATCH v2 08/12] arm64: dts: qcom: sc8280xp-crd: disable ASPM L0s for NVMe

by Johan Hovold

Enabling ASPM L0s on the CRD results in a large amount of Correctable Errors (Timeout) when accessing the NVMe controller so disable it for now. Fixes: 9f4f3dfad8cf ("PCI: qcom: Enable ASPM for platforms supporting 1.9.0 ops") Cc: stable(a)vger.kernel.org # 6.7 Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- arch/arm64/boot/dts/qcom/sc8280xp-crd.dts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm64/boot/dts/qcom/sc8280xp-crd.dts b/arch/arm64/boot/dts/qcom/sc8280xp-crd.dts index 41215567b3ae..7e94a68d5d9f 100644 --- a/arch/arm64/boot/dts/qcom/sc8280xp-crd.dts +++ b/arch/arm64/boot/dts/qcom/sc8280xp-crd.dts @@ -525,6 +525,8 @@ keyboard@68 { }; &pcie2a { + aspm-no-l0s; + perst-gpios = <&tlmm 143 GPIO_ACTIVE_LOW>; wake-gpios = <&tlmm 145 GPIO_ACTIVE_LOW>; -- 2.43.0

1 year, 6 months

2
1
0 0

[PATCH v2 07/12] arm64: dts: qcom: sc8280xp-x13s: limit pcie4 link speed

by Johan Hovold

Limit the WiFi PCIe link speed to Gen2 speed (500 MB/s), which is the speed that the boot firmware has brought up the link at (and that Windows uses). This is specifically needed to avoid a large amount of link errors when restarting the link during boot (but which are currently not reported). This also appears to fix intermittent failures to download the ath11k firmware during boot which can be seen when there is a longer delay between restarting the link and loading the WiFi driver (e.g. when using full disk encryption). Fixes: 123b30a75623 ("arm64: dts: qcom: sc8280xp-x13s: enable WiFi controller") Cc: stable(a)vger.kernel.org # 6.2 Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts b/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts index 2c17e137563a..a67756ada990 100644 --- a/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts +++ b/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts @@ -768,6 +768,8 @@ &pcie3a_phy { }; &pcie4 { + max-link-speed = <2>; + perst-gpios = <&tlmm 141 GPIO_ACTIVE_LOW>; wake-gpios = <&tlmm 139 GPIO_ACTIVE_LOW>; -- 2.43.0

1 year, 6 months

2
1
0 0

[PATCH v2 05/12] arm64: dts: qcom: sc8280xp: add missing PCIe minimum OPP

by Johan Hovold

Add the missing PCIe CX performance level votes to avoid relying on other drivers (e.g. USB or UFS) to maintain the nominal performance level required for Gen3 speeds. Fixes: 813e83157001 ("arm64: dts: qcom: sc8280xp/sa8540p: add PCIe2-4 nodes") Cc: stable(a)vger.kernel.org # 6.2 Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- arch/arm64/boot/dts/qcom/sc8280xp.dtsi | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/arm64/boot/dts/qcom/sc8280xp.dtsi b/arch/arm64/boot/dts/qcom/sc8280xp.dtsi index 0a40b8dec14e..95c7b746407f 100644 --- a/arch/arm64/boot/dts/qcom/sc8280xp.dtsi +++ b/arch/arm64/boot/dts/qcom/sc8280xp.dtsi @@ -1780,6 +1780,7 @@ pcie4: pcie@1c00000 { reset-names = "pci"; power-domains = <&gcc PCIE_4_GDSC>; + required-opps = <&rpmhpd_opp_nom>; phys = <&pcie4_phy>; phy-names = "pciephy"; @@ -1878,6 +1879,7 @@ pcie3b: pcie@1c08000 { reset-names = "pci"; power-domains = <&gcc PCIE_3B_GDSC>; + required-opps = <&rpmhpd_opp_nom>; phys = <&pcie3b_phy>; phy-names = "pciephy"; @@ -1976,6 +1978,7 @@ pcie3a: pcie@1c10000 { reset-names = "pci"; power-domains = <&gcc PCIE_3A_GDSC>; + required-opps = <&rpmhpd_opp_nom>; phys = <&pcie3a_phy>; phy-names = "pciephy"; @@ -2077,6 +2080,7 @@ pcie2b: pcie@1c18000 { reset-names = "pci"; power-domains = <&gcc PCIE_2B_GDSC>; + required-opps = <&rpmhpd_opp_nom>; phys = <&pcie2b_phy>; phy-names = "pciephy"; @@ -2175,6 +2179,7 @@ pcie2a: pcie@1c20000 { reset-names = "pci"; power-domains = <&gcc PCIE_2A_GDSC>; + required-opps = <&rpmhpd_opp_nom>; phys = <&pcie2a_phy>; phy-names = "pciephy"; -- 2.43.0

1 year, 6 months

2
1
0 0

[PATCH] linux-5.10/rcu-tasks: Eliminate deadlocks involving do_exit() and RCU tasks

by Zqiang

From: Paul E. McKenney <paulmck(a)kernel.org> commit bc31e6cb27a9334140ff2f0a209d59b08bc0bc8c upstream. Holding a mutex across synchronize_rcu_tasks() and acquiring that same mutex in code called from do_exit() after its call to exit_tasks_rcu_start() but before its call to exit_tasks_rcu_stop() results in deadlock. This is by design, because tasks that are far enough into do_exit() are no longer present on the tasks list, making it a bit difficult for RCU Tasks to find them, let alone wait on them to do a voluntary context switch. However, such deadlocks are becoming more frequent. In addition, lockdep currently does not detect such deadlocks and they can be difficult to reproduce. In addition, if a task voluntarily context switches during that time (for example, if it blocks acquiring a mutex), then this task is in an RCU Tasks quiescent state. And with some adjustments, RCU Tasks could just as well take advantage of that fact. This commit therefore eliminates these deadlock by replacing the SRCU-based wait for do_exit() completion with per-CPU lists of tasks currently exiting. A given task will be on one of these per-CPU lists for the same period of time that this task would previously have been in the previous SRCU read-side critical section. These lists enable RCU Tasks to find the tasks that have already been removed from the tasks list, but that must nevertheless be waited upon. The RCU Tasks grace period gathers any of these do_exit() tasks that it must wait on, and adds them to the list of holdouts. Per-CPU locking and get_task_struct() are used to synchronize addition to and removal from these lists. Link: https://lore.kernel.org/all/20240118021842.290665-1-chenzhongjin@huawei.com/ Reported-by: Chen Zhongjin <chenzhongjin(a)huawei.com> Signed-off-by: Paul E. McKenney <paulmck(a)kernel.org> Signed-off-by: Zqiang <qiang.zhang1211(a)gmail.com> --- include/linux/sched.h | 1 + init/init_task.c | 1 + kernel/fork.c | 1 + kernel/rcu/tasks.h | 54 ++++++++++++++++++++++++++++--------------- 4 files changed, 39 insertions(+), 18 deletions(-) diff --git a/include/linux/sched.h b/include/linux/sched.h index aa015416c569..80499f7ab39a 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -740,6 +740,7 @@ struct task_struct { u8 rcu_tasks_idx; int rcu_tasks_idle_cpu; struct list_head rcu_tasks_holdout_list; + struct list_head rcu_tasks_exit_list; #endif /* #ifdef CONFIG_TASKS_RCU */ #ifdef CONFIG_TASKS_TRACE_RCU diff --git a/init/init_task.c b/init/init_task.c index 5fa18ed59d33..59454d6e2c2a 100644 --- a/init/init_task.c +++ b/init/init_task.c @@ -151,6 +151,7 @@ struct task_struct init_task .rcu_tasks_holdout = false, .rcu_tasks_holdout_list = LIST_HEAD_INIT(init_task.rcu_tasks_holdout_list), .rcu_tasks_idle_cpu = -1, + .rcu_tasks_exit_list = LIST_HEAD_INIT(init_task.rcu_tasks_exit_list), #endif #ifdef CONFIG_TASKS_TRACE_RCU .trc_reader_nesting = 0, diff --git a/kernel/fork.c b/kernel/fork.c index 633b0af1d1a7..86803165aa00 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -1699,6 +1699,7 @@ static inline void rcu_copy_process(struct task_struct *p) p->rcu_tasks_holdout = false; INIT_LIST_HEAD(&p->rcu_tasks_holdout_list); p->rcu_tasks_idle_cpu = -1; + INIT_LIST_HEAD(&p->rcu_tasks_exit_list); #endif /* #ifdef CONFIG_TASKS_RCU */ #ifdef CONFIG_TASKS_TRACE_RCU p->trc_reader_nesting = 0; diff --git a/kernel/rcu/tasks.h b/kernel/rcu/tasks.h index c5624ab0580c..901cd7bc78ed 100644 --- a/kernel/rcu/tasks.h +++ b/kernel/rcu/tasks.h @@ -81,9 +81,6 @@ static struct rcu_tasks rt_name = \ .kname = #rt_name, \ } -/* Track exiting tasks in order to allow them to be waited for. */ -DEFINE_STATIC_SRCU(tasks_rcu_exit_srcu); - /* Avoid IPIing CPUs early in the grace period. */ #define RCU_TASK_IPI_DELAY (IS_ENABLED(CONFIG_TASKS_TRACE_RCU_READ_MB) ? HZ / 2 : 0) static int rcu_task_ipi_delay __read_mostly = RCU_TASK_IPI_DELAY; @@ -383,6 +380,9 @@ static void rcu_tasks_wait_gp(struct rcu_tasks *rtp) // rates from multiple CPUs. If this is required, per-CPU callback lists // will be needed. +static LIST_HEAD(rtp_exit_list); +static DEFINE_RAW_SPINLOCK(rtp_exit_list_lock); + /* Pre-grace-period preparation. */ static void rcu_tasks_pregp_step(void) { @@ -416,15 +416,18 @@ static void rcu_tasks_pertask(struct task_struct *t, struct list_head *hop) /* Processing between scanning taskslist and draining the holdout list. */ static void rcu_tasks_postscan(struct list_head *hop) { + unsigned long flags; + struct task_struct *t; + /* * Exiting tasks may escape the tasklist scan. Those are vulnerable * until their final schedule() with TASK_DEAD state. To cope with * this, divide the fragile exit path part in two intersecting * read side critical sections: * - * 1) An _SRCU_ read side starting before calling exit_notify(), - * which may remove the task from the tasklist, and ending after - * the final preempt_disable() call in do_exit(). + * 1) A task_struct list addition before calling exit_notify(), + * which may remove the task from the tasklist, with the + * removal after the final preempt_disable() call in do_exit(). * * 2) An _RCU_ read side starting with the final preempt_disable() * call in do_exit() and ending with the final call to schedule() @@ -433,7 +436,12 @@ static void rcu_tasks_postscan(struct list_head *hop) * This handles the part 1). And postgp will handle part 2) with a * call to synchronize_rcu(). */ - synchronize_srcu(&tasks_rcu_exit_srcu); + raw_spin_lock_irqsave(&rtp_exit_list_lock, flags); + list_for_each_entry(t, &rtp_exit_list, rcu_tasks_exit_list) { + if (list_empty(&t->rcu_tasks_holdout_list)) + rcu_tasks_pertask(t, hop); + } + raw_spin_unlock_irqrestore(&rtp_exit_list_lock, flags); } /* See if tasks are still holding out, complain if so. */ @@ -498,7 +506,6 @@ static void rcu_tasks_postgp(struct rcu_tasks *rtp) * * In addition, this synchronize_rcu() waits for exiting tasks * to complete their final preempt_disable() region of execution, - * cleaning up after synchronize_srcu(&tasks_rcu_exit_srcu), * enforcing the whole region before tasklist removal until * the final schedule() with TASK_DEAD state to be an RCU TASKS * read side critical section. @@ -591,25 +598,36 @@ static void show_rcu_tasks_classic_gp_kthread(void) #endif /* #ifndef CONFIG_TINY_RCU */ /* - * Contribute to protect against tasklist scan blind spot while the - * task is exiting and may be removed from the tasklist. See - * corresponding synchronize_srcu() for further details. + * Protect against tasklist scan blind spot while the task is exiting and + * may be removed from the tasklist. Do this by adding the task to yet + * another list. */ -void exit_tasks_rcu_start(void) __acquires(&tasks_rcu_exit_srcu) +void exit_tasks_rcu_start(void) { - current->rcu_tasks_idx = __srcu_read_lock(&tasks_rcu_exit_srcu); + unsigned long flags; + struct task_struct *t = current; + + WARN_ON_ONCE(!list_empty(&t->rcu_tasks_exit_list)); + get_task_struct(t); + raw_spin_lock_irqsave(&rtp_exit_list_lock, flags); + list_add(&t->rcu_tasks_exit_list, &rtp_exit_list); + raw_spin_unlock_irqrestore(&rtp_exit_list_lock, flags); } /* - * Contribute to protect against tasklist scan blind spot while the - * task is exiting and may be removed from the tasklist. See - * corresponding synchronize_srcu() for further details. + * Remove the task from the "yet another list" because do_exit() is now + * non-preemptible, allowing synchronize_rcu() to wait beyond this point. */ -void exit_tasks_rcu_stop(void) __releases(&tasks_rcu_exit_srcu) +void exit_tasks_rcu_stop(void) { + unsigned long flags; struct task_struct *t = current; - __srcu_read_unlock(&tasks_rcu_exit_srcu, t->rcu_tasks_idx); + WARN_ON_ONCE(list_empty(&t->rcu_tasks_exit_list)); + raw_spin_lock_irqsave(&rtp_exit_list_lock, flags); + list_del_init(&t->rcu_tasks_exit_list); + raw_spin_unlock_irqrestore(&rtp_exit_list_lock, flags); + put_task_struct(t); } /* -- 2.17.1

1 year, 6 months

4
3
0 0

fs/bcachefs/

by Kent Overstreet

Hi stable team - please don't take patches for fs/bcachefs/ except from myself; I'll be doing backports and sending pull requests after stuff has been tested by my CI. Thanks, and let me know if there's any other workflow things I should know about -Kent

1 year, 6 months

6
30
0 0

[PATCH 6.6 000/338] 6.6.18-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.18 release. There are 338 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 23 Feb 2024 12:59:02 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.18-rc2… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.18-rc2 Dan Carpenter <dan.carpenter(a)linaro.org> tracing: Fix a NULL vs IS_ERR() bug in event_subsystem_dir() Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Make system_callback() function static Vegard Nossum <vegard.nossum(a)oracle.com> Documentation/arch/ia64/features.rst: fix kernel-feat directive Borislav Petkov (AMD) <bp(a)alien8.de> x86/barrier: Do not serialize MSR accesses on AMD Mikulas Patocka <mpatocka(a)redhat.com> dm: limit the number of targets and parameter size area Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix potential bug in end_buffer_async_write Saravana Kannan <saravanak(a)google.com> of: property: Add in-ports/out-ports support to of_graph_get_port_parent() Linus Torvalds <torvalds(a)linuxfoundation.org> sched/membarrier: reduce the ability to hammer on sys_membarrier Ard Biesheuvel <ardb(a)kernel.org> x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section Ard Biesheuvel <ardb(a)kernel.org> x86/boot: Increase section and file alignment to 4k/512 Ard Biesheuvel <ardb(a)kernel.org> x86/boot: Split off PE/COFF .data section Ard Biesheuvel <ardb(a)kernel.org> x86/boot: Drop PE/COFF .reloc section Ard Biesheuvel <ardb(a)kernel.org> x86/boot: Construct PE/COFF .text section from assembler Ard Biesheuvel <ardb(a)kernel.org> x86/boot: Derive file size from _edata symbol Ard Biesheuvel <ardb(a)kernel.org> x86/boot: Define setup size in linker script Ard Biesheuvel <ardb(a)kernel.org> x86/boot: Set EFI handover offset directly in header asm Ard Biesheuvel <ardb(a)kernel.org> x86/boot: Grab kernel_info offset from zoffset header directly Ard Biesheuvel <ardb(a)kernel.org> x86/boot: Drop references to startup_64 Ard Biesheuvel <ardb(a)kernel.org> x86/boot: Drop redundant code setting the root device Ard Biesheuvel <ardb(a)kernel.org> x86/boot: Omit compression buffer from PE/COFF image memory footprint Ard Biesheuvel <ardb(a)kernel.org> x86/boot: Remove the 'bugger off' message Ard Biesheuvel <ardb(a)kernel.org> x86/efi: Drop alignment flags from PE section headers Ard Biesheuvel <ardb(a)kernel.org> x86/efi: Disregard setup header of loaded image Ard Biesheuvel <ardb(a)kernel.org> x86/efi: Drop EFI stub .bss from .data section NeilBrown <neilb(a)suse.de> nfsd: don't take fi_lock in nfsd_break_deleg_cb() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Keep all directory links at 1 Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Remove fsnotify*() functions from lookup() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Restructure eventfs_inode structure to be more condensed Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Warn if an eventfs_inode is freed without is_freed being set Linus Torvalds <torvalds(a)linux-foundation.org> eventfs: Get rid of dentry pointers without refcounts Linus Torvalds <torvalds(a)linux-foundation.org> eventfs: Clean up dentry ops and add revalidate function Linus Torvalds <torvalds(a)linux-foundation.org> eventfs: Remove unused d_parent pointer field Linus Torvalds <torvalds(a)linux-foundation.org> tracefs: dentry lookup crapectomy Linus Torvalds <torvalds(a)linux-foundation.org> tracefs: Avoid using the ei->dentry pointer unnecessarily Linus Torvalds <torvalds(a)linux-foundation.org> eventfs: Initialize the tracefs inode properly Steven Rostedt (Google) <rostedt(a)goodmis.org> tracefs: Zero out the tracefs_inode when allocating it Linus Torvalds <torvalds(a)linux-foundation.org> tracefs: remove stale update_gid code Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Save directory inodes in the eventfs_inode structure Erick Archer <erick.archer(a)gmx.com> eventfs: Use kcalloc() instead of kzalloc() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Do not create dentries nor inodes in iterate_shared Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Have the inodes all for files and directories all be the same Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Shortcut eventfs_iterate() by skipping entries already read Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Read ei->entries before ei->children in eventfs_iterate() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Do ctx->pos update for all iterations in eventfs_iterate() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Have eventfs_iterate() stop immediately if ei->is_freed is set Steven Rostedt (Google) <rostedt(a)goodmis.org> tracefs/eventfs: Use root and instance inodes as default ownership Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Stop using dcache_readdir() for getdents() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Remove "lookup" parameter from create_dir/file_dentry() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Fix bitwise fields for "is_events" Steven Rostedt (Google) <rostedt(a)goodmis.org> tracefs: Check for dentry->d_inode exists in set_gid() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Fix file and directory uid and gid ownership Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Have event files and directories default to parent uid and gid Beau Belgrave <beaub(a)linux.microsoft.com> eventfs: Fix events beyond NAME_MAX blocking tasks Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Make sure that parent->d_inode is locked in creating files/dirs Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Do not allow NULL parent to eventfs_start_creating() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Move taking of inode_lock into dcache_dir_open_wrapper() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Use GFP_NOFS for allocation when eventfs_mutex is held Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Do not invalidate dentry in create_file/dir_dentry() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Remove expectation that ei->is_freed means ei->dentry == NULL Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Use simple_recursive_removal() to clean up dentries Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Remove special processing of dput() of events directory Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Delete eventfs_inode when the last dentry is freed Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Hold eventfs_mutex when calling callback functions Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Save ownership and mode Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Test for ei->is_freed when accessing ei->dentry Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Have a free_ei() that just frees the eventfs_inode Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Remove "is_freed" union with rcu head Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Fix kerneldoc of eventfs_remove_rec() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Remove extra dget() in eventfs_create_events_dir() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Fix typo in eventfs_inode union comment Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Fix WARN_ON() in create_file_dentry() Jiapeng Chong <jiapeng.chong(a)linux.alibaba.com> tracefs/eventfs: Modify mismatched function name Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Fix failure path in eventfs_create_events_dir() Nathan Chancellor <nathan(a)kernel.org> eventfs: Use ERR_CAST() in eventfs_create_events_dir() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Use eventfs_remove_events_dir() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Remove eventfs_file and just use eventfs_inode Steven Rostedt (Google) <rostedt(a)goodmis.org> Revert "eventfs: Remove "is_freed" union with rcu head" Steven Rostedt (Google) <rostedt(a)goodmis.org> Revert "eventfs: Save ownership and mode" Steven Rostedt (Google) <rostedt(a)goodmis.org> Revert "eventfs: Delete eventfs_inode when the last dentry is freed" Steven Rostedt (Google) <rostedt(a)goodmis.org> Revert "eventfs: Use simple_recursive_removal() to clean up dentries" Steven Rostedt (Google) <rostedt(a)goodmis.org> Revert "eventfs: Check for NULL ef in eventfs_set_attr()" Steven Rostedt (Google) <rostedt(a)goodmis.org> Revert "eventfs: Do not allow NULL parent to eventfs_start_creating()" Helge Deller <deller(a)gmx.de> parisc: Fix random data corruption from exception handler Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: Missing gc cancellations fixed Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: fix performance regression in swap operation Damien Le Moal <dlemoal(a)kernel.org> block: fix partial zone append completion handling in req_bio_endio() Junxiao Bi <junxiao.bi(a)oracle.com> md: bypass block throttle for superblock update Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Inform kmemleak of saved_cmdlines allocation Petr Pavlu <petr.pavlu(a)suse.com> tracing: Fix HAVE_DYNAMIC_FTRACE_WITH_REGS ifdef Oleg Nesterov <oleg(a)redhat.com> fs/proc: do_task_stat: move thread_group_cputime_adjusted() outside of lock_task_sighand() Konrad Dybcio <konrad.dybcio(a)linaro.org> pmdomain: core: Move the unused cleanup to a _sync initcall Oleksij Rempel <o.rempel(a)pengutronix.de> can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Ziqi Zhao <astrajoan(a)yahoo.com> can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock Maxime Jayat <maxime.jayat(a)mobile-devices.fr> can: netlink: Fix TDCO calculation using the old data bittiming Nuno Sa <nuno.sa(a)analog.com> of: property: fix typo in io-channels Vegard Nossum <vegard.nossum(a)oracle.com> docs: kernel_feat.py: fix build error for missing files Jan Kara <jack(a)suse.cz> blk-wbt: Fix detection of dirty-throttled tasks Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Fix earlycon parameter if KASAN enabled Prakash Sangappa <prakash.sangappa(a)oracle.com> mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE Oscar Salvador <osalvador(a)suse.de> fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super Rishabh Dave <ridave(a)redhat.com> ceph: prevent use-after-free in encode_cap_msg() Shradha Gupta <shradhagupta(a)linux.microsoft.com> hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed Petr Tesarik <petr(a)tesarici.cz> net: stmmac: protect updates of 64-bit statistics counters Geert Uytterhoeven <geert+renesas(a)glider.be> pmdomain: renesas: r8a77980-sysc: CR7 must be always on Sinthu Raja <sinthu.raja(a)ti.com> net: ethernet: ti: cpsw_new: enable mac_managed_pm to fix mdio Alexandra Winter <wintera(a)linux.ibm.com> s390/qeth: Fix potential loss of L3-IP@ in case of network issues Sinthu Raja <sinthu.raja(a)ti.com> net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio Christian Brauner <brauner(a)kernel.org> fs: relax mount_setattr() permission checks Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rtla: Fix Makefile compiler options for clang Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rtla: Fix uninitialized bucket/data->bucket_size warning John Kacur <jkacur(a)redhat.com> tools/rtla: Exit with EXIT_SUCCESS when help is invoked Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rtla: Fix clang warning about mount_point var size limingming3 <limingming890315(a)gmail.com> tools/rtla: Replace setting prio with nice for SCHED_OTHER Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rtla: Remove unused sched_getattr() function Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rv: Fix Makefile compiler options for clang Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rv: Fix curr_reactor uninitialized variable Mario Limonciello <mario.limonciello(a)amd.com> ASoC: amd: yc: Add DMI quirk for Lenovo Ideapad Pro 5 16ARP8 Gergo Koteles <soyer(a)irl.hu> ASoC: tas2781: add module parameter to tascodec_init() Curtis Malainey <cujomalainey(a)chromium.org> ASoC: SOF: IPC3: fix message bounds on ipc ops Easwar Hariharan <eahariha(a)linux.microsoft.com> arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata Mark Brown <broonie(a)kernel.org> arm64/signal: Don't assume that TIF_SVE means we saved SVE state Fred Ai <fred.ai(a)bayhubtech.com> mmc: sdhci-pci-o2micro: Fix a warm reboot issue that disk can't be detected by BIOS Damien Le Moal <dlemoal(a)kernel.org> zonefs: Improve error handling Sebastian Ene <sebastianene(a)google.com> KVM: arm64: Fix circular locking dependency Steve French <stfrench(a)microsoft.com> smb: Fix regression in writes when non-standard maximum write size negotiated Paulo Alcantara <pc(a)manguebit.com> smb: client: set correct id, uid and cruid for multiuser automounts Mohammad Rahimi <rahimi.mhmmd(a)gmail.com> thunderbolt: Fix setting the CNS bit in ROUTER_CS_5 Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems Doug Berger <opendmb(a)gmail.com> irqchip/irq-brcmstb-l2: Add write memory barrier before exit Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: iwlwifi: mvm: fix a crash when we run out of stations Johannes Berg <johannes.berg(a)intel.com> wifi: mac80211: reload info pointer in ieee80211_tx_dequeue() Johannes Berg <johannes.berg(a)intel.com> wifi: cfg80211: fix wiphy delayed work queueing Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: fix double-free bug Daniel de Villiers <daniel.devilliers(a)corigine.com> nfp: flower: prevent re-adding mac index for bonded port James Hershaw <james.hershaw(a)corigine.com> nfp: enable NETDEV_XDP_ACT_REDIRECT feature flag Daniel Basilio <daniel.basilio(a)corigine.com> nfp: use correct macro for LengthSelect in BAR config Herbert Xu <herbert(a)gondor.apana.org.au> crypto: algif_hash - Remove bogus SGL free on zero-length error path Kim Phillips <kim.phillips(a)amd.com> crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix data corruption in dsync block recovery for small block sizes Shuming Fan <shumingf(a)realtek.com> ALSA: hda/realtek: add IDs for Dell dual spk platform bo liu <bo.liu(a)senarytech.com> ALSA: hda/conexant: Add quirk for SWS JS201D Eniac Zhang <eniac-xw.zhang(a)hp.com> ALSA: hda/realtek: fix mute/micmute LED For HP mt645 Alexander Stein <alexander.stein(a)ew.tq-group.com> mmc: slot-gpio: Allow non-sleeping GPIO ro Jens Axboe <axboe(a)kernel.dk> io_uring/net: fix multishot accept overflow handling Steve Wahl <steve.wahl(a)hpe.com> x86/mm/ident_map: Use gbpages only where full GB page should be mapped. Mingwei Zhang <mizhang(a)google.com> KVM: x86/pmu: Fix type length error when reading pmu->fixed_ctr_ctrl Prasad Pandit <pjp(a)fedoraproject.org> KVM: x86: make KVM_REQ_NMI request iff NMI pending for vcpu Andrei Vagin <avagin(a)google.com> x86/fpu: Stop relying on userspace for info to fault in xsave buffer Aleksander Mazur <deweloper(a)wp.pl> x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 Jiri Slaby (SUSE) <jirislaby(a)kernel.org> serial: mxs-auart: fix tx Jiri Slaby (SUSE) <jirislaby(a)kernel.org> serial: core: introduce uart_port_tx_flags() Shrikanth Hegde <sshegde(a)linux.ibm.com> powerpc/pseries: fix accuracy of stolen time David Engraf <david.engraf(a)sysgo.com> powerpc/cputable: Add missing PPC_FEATURE_BOOKE on PPC64 Book-E Naveen N Rao <naveen(a)kernel.org> powerpc/64: Set task pt_regs->link to the LR value on scv entry Masami Hiramatsu (Google) <mhiramat(a)kernel.org> ftrace: Fix DIRECT_CALLS to use SAVE_REGS by default Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: max310x: prevent infinite while() loop in port startup Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: max310x: fail probe if clock crystal is unstable Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: max310x: improve crystal stable clock detection Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: max310x: set default value when reading clock ready bit Hui Zhou <hui.zhou(a)corigine.com> nfp: flower: fix hardware offload for the transfer layer port Hui Zhou <hui.zhou(a)corigine.com> nfp: flower: add hardware offload check for post ct entry Andrew Lunn <andrew(a)lunn.ch> net: dsa: mv88e6xxx: Fix failed probe due to unsupported C45 reads Vincent Donnefort <vdonnefort(a)google.com> ring-buffer: Clean ring_buffer_poll_wait() error return Souradeep Chakrabarti <schakrabarti(a)linux.microsoft.com> hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove Tom Chung <chiahsuan.chung(a)amd.com> drm/amd/display: Preserve original aspect ratio in create stream Nathan Chancellor <nathan(a)kernel.org> drm/amd/display: Increase frame-larger-than for all display_mode_vba files Fangzhi Zuo <jerry.zuo(a)amd.com> drm/amd/display: Fix MST Null Ptr for RV Thong <thong.thai(a)amd.com> drm/amdgpu/soc21: update VCN 4 max HEVC encoding resolution Philip Yang <Philip.Yang(a)amd.com> drm/prime: Support page array >= 4GB Zhikai Zhai <zhikai.zhai(a)amd.com> drm/amd/display: Add align done check Rob Clark <robdclark(a)chromium.org> drm/msm: Wire up tlb ops Fedor Pchelkin <pchelkin(a)ispras.ru> ksmbd: free aux buffer if ksmbd_iov_pin_rsp_read fails Sean Young <sean(a)mess.org> media: rc: bpf attach/detach requires write permission Eugen Hristev <eugen.hristev(a)collabora.com> pmdomain: mediatek: fix race conditions with genpd Sam Protsenko <semen.protsenko(a)linaro.org> iio: pressure: bmp280: Add missing bmp085 to SPI id table Randy Dunlap <rdunlap(a)infradead.org> iio: imu: bno055: serdev requires REGMAP Nuno Sa <nuno.sa(a)analog.com> iio: imu: adis: ensure proper DMA alignment Nuno Sa <nuno.sa(a)analog.com> iio: adc: ad_sigma_delta: ensure proper DMA alignment Mario Limonciello <mario.limonciello(a)amd.com> iio: accel: bma400: Fix a compilation problem Nuno Sa <nuno.sa(a)analog.com> iio: commom: st_sensors: ensure proper DMA alignment Dinghao Liu <dinghao.liu(a)zju.edu.cn> iio: core: fix memleak in iio_device_register_sysfs zhili.liu <zhili.liu(a)ucas.com.cn> iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC David Schiller <david.schiller(a)jku.at> staging: iio: ad5933: fix type mismatch regression Tejun Heo <tj(a)kernel.org> Revert "workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask()" Masami Hiramatsu (Google) <mhiramat(a)kernel.org> tracing/probes: Fix to search structure fields correctly Masami Hiramatsu (Google) <mhiramat(a)kernel.org> tracing/probes: Fix to set arg size and fmt after setting type from BTF Masami Hiramatsu (Google) <mhiramat(a)kernel.org> tracing/probes: Fix to show a parse error for bad type for $comm Thorsten Blum <thorsten.blum(a)toblux.com> tracing/synthetic: Fix trace_string() return value Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Fix wasted memory in saved_cmdlines logic Daniel Bristot de Oliveira <bristot(a)kernel.org> tracing/timerlat: Move hrtimer_init to timerlat_fd open() Baokun Li <libaokun1(a)huawei.com> ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks() Baokun Li <libaokun1(a)huawei.com> ext4: fix double-free of blocks due to wrong extents moved_len Ekansh Gupta <quic_ekangupt(a)quicinc.com> misc: fastrpc: Mark all sessions as invalid in cb_remove Carlos Llamas <cmllamas(a)google.com> binder: signal epoll threads of self-work Andy Chi <andy.chi(a)canonical.com> ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power Vitaly Rodionov <vitalyr(a)opensource.cirrus.com> ALSA: hda/cs8409: Suppress vmaster control for Dolphin models Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ASoC: codecs: wcd938x: handle deferred probe Kailang Yang <kailang(a)realtek.com> ALSA: hda/realtek - Add speaker pin verbtable for Dell dual speaker platform Edson Juliano Drosdeck <edson.drosdeck(a)gmail.com> ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL Mark Brown <broonie(a)kernel.org> usb: typec: tpcm: Fix issues with power being removed during reset Nathan Chancellor <nathan(a)kernel.org> modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS Masahiro Yamada <masahiroy(a)kernel.org> linux/init: remove __memexit* annotations Nathan Chancellor <nathan(a)kernel.org> um: Fix adding '-no-pie' for clang Jan Beulich <jbeulich(a)suse.com> xen-netback: properly sync TX responses Helge Deller <deller(a)gmx.de> parisc: BTLB: Fix crash when setting up BTLB at CPU bringup Esben Haabendal <esben(a)geanix.com> net: stmmac: do not clear TBS enable bit on link up/down Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Fedor Pchelkin <pchelkin(a)ispras.ru> nfc: nci: free rx_data_reassembly skb on NCI device cleanup Nathan Chancellor <nathan(a)kernel.org> kbuild: Fix changing ELF file type for output of gen_btf for big endian José Relvas <josemonsantorelvas(a)gmail.com> ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287 thinkpads Takashi Sakamoto <o-takashi(a)sakamocchi.jp> firewire: core: correct documentation of fw_csr_string() kernel API Ondrej Mosnacek <omosnace(a)redhat.com> lsm: fix the logic in security_inode_getsecctx() Ondrej Mosnacek <omosnace(a)redhat.com> lsm: fix default return value of the socket_getpeersec_*() hooks David McFarland <corngood(a)gmail.com> drm/amd: Don't init MEC2 firmware when it fails to load Friedrich Vock <friedrich.vock(a)gmx.de> drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Sebastian Ott <sebott(a)redhat.com> drm/virtio: Set segment size for virtio_gpu device Keqi Wang <wangkeqi_chris(a)163.com> connector/cn_proc: revert "connector: Fix proc_event_num_listeners count not cleared" Rob Clark <robdclark(a)chromium.org> Revert "drm/msm/gpu: Push gpu lock down past runpm" Mario Limonciello <mario.limonciello(a)amd.com> Revert "drm/amd: flush any delayed gfxoff on suspend entry" Lee Duncan <lduncan(a)suse.com> scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: Revert "media: rkisp1: Drop IRQF_SHARED" Michael Ellerman <mpe(a)ellerman.id.au> Revert "powerpc/pseries/iommu: Fix iommu initialisation during DLPAR add" Paolo Abeni <pabeni(a)redhat.com> mptcp: really cope with fastopen race Geliang Tang <geliang(a)kernel.org> mptcp: check addrs list in userspace_pm_get_local_id Paolo Abeni <pabeni(a)redhat.com> mptcp: fix rcv space initialization Paolo Abeni <pabeni(a)redhat.com> mptcp: drop the push_pending field Geliang Tang <geliang.tang(a)suse.com> selftests: mptcp: add mptcp_lib_kill_wait Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: allow changing subtests prefix Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: increase timeout to 30 min Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: add missing kconfig for NF Mangle Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: add missing kconfig for NF Filter in v6 Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: add missing kconfig for NF Filter Paolo Abeni <pabeni(a)redhat.com> mptcp: fix data re-injection from stale subflow Arnd Bergmann <arnd(a)arndb.de> kallsyms: ignore ARMv4 thunks along with others Radek Krejci <radek.krejci(a)oracle.com> modpost: trim leading spaces when processing source files list Jean Delvare <jdelvare(a)suse.de> i2c: i801: Fix block process call transactions Arnd Bergmann <arnd(a)arndb.de> i2c: pasemi: split driver into two separate modules Michael Ellerman <mpe(a)ellerman.id.au> powerpc/kasan: Limit KASAN thread size increase to 32KB Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3-its: Handle non-coherent GICv4 redistributors Bibo Mao <maobibo(a)loongson.cn> irqchip/loongson-eiointc: Use correct struct type in eiointc_domain_alloc() Viken Dadhaniya <quic_vdadhani(a)quicinc.com> i2c: qcom-geni: Correct I2C TRE sequence Dan Carpenter <dan.carpenter(a)linaro.org> cifs: fix underflow in parse_server_interfaces() Cosmin Tanislav <demonsingur(a)gmail.com> iio: adc: ad4130: only set GPIO_CTRL if pin is unused Cosmin Tanislav <demonsingur(a)gmail.com> iio: adc: ad4130: zero-initialize clock init data Alex Williamson <alex.williamson(a)redhat.com> PCI: Fix active state requirement in PME polling Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "kobject: Remove redundant checks for whether ktype is NULL" Jiangfeng Xiao <xiaojiangfeng(a)huawei.com> powerpc/kasan: Fix addr error caused by page alignment Matthias Schiffer <matthias.schiffer(a)ew.tq-group.com> powerpc/6xx: set High BAT Enable flag on G2_LE cores Gaurav Batra <gbatra(a)linux.ibm.com> powerpc/pseries/iommu: Fix iommu initialisation during DLPAR add Saravana Kannan <saravanak(a)google.com> driver core: fw_devlink: Improve detection of overlapping cycles Zhipeng Lu <alexious(a)zju.edu.cn> media: ir_toy: fix a memleak in irtoy_tx Konrad Dybcio <konrad.dybcio(a)linaro.org> interconnect: qcom: sm8550: Enable sync_state Konrad Dybcio <konrad.dybcio(a)linaro.org> interconnect: qcom: sc8180x: Mark CO0 BCM keepalive Uttkarsh Aggarwal <quic_uaggarwa(a)quicinc.com> usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend Udipto Goswami <quic_ugoswami(a)quicinc.com> usb: core: Prevent null pointer dereference in update_port_device_state Xu Yang <xu.yang_2(a)nxp.com> usb: chipidea: core: handle power lost in workqueue yuan linyu <yuanlinyu(a)hihonor.com> usb: f_mass_storage: forbid async queue when shutdown happen Oliver Neukum <oneukum(a)suse.com> USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT Christian A. Ehrhardt <lk(a)c--e.de> usb: ucsi_acpi: Fix command completion handling Sean Anderson <sean.anderson(a)seco.com> usb: ulpi: Fix debugfs directory leak Christian A. Ehrhardt <lk(a)c--e.de> usb: ucsi: Add missing ppm_lock Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> iio: hid-sensor-als: Return 0 for HID_USAGE_SENSOR_TIME_TIMESTAMP Jason Gerecke <killertofu(a)gmail.com> HID: wacom: Do not register input devices until after hid_hw_start Tatsunosuke Tobita <tatsunosuke.tobita(a)wacom.com> HID: wacom: generic: Avoid reporting a serial of '0' to userspace Johan Hovold <johan+linaro(a)kernel.org> HID: i2c-hid-of: fix NULL-deref on failed power up Benjamin Tissoires <bentiss(a)kernel.org> HID: bpf: actually free hdev memory after attaching a HID-BPF program Benjamin Tissoires <bentiss(a)kernel.org> HID: bpf: remove double fdget() Luka Guzenko <l.guzenko(a)web.de> ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx David Senoner <seda18(a)rolmail.net> ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 Helge Deller <deller(a)gmx.de> parisc: Prevent hung tasks when printing inventory on serial console Techno Mooney <techno.mooney(a)gmail.com> ASoC: amd: yc: Add DMI quirk for MSI Bravo 15 C7VF Mikulas Patocka <mpatocka(a)redhat.com> dm-crypt, dm-verity: disable tasklets Dave Airlie <airlied(a)redhat.com> nouveau: offload fence uevents work to workqueue Michael Kelley <mhklinux(a)outlook.com> scsi: storvsc: Fix ring buffer size calculation Nico Pache <npache(a)redhat.com> selftests: mm: fix map_hugetlb failure on 64K page size systems Audra Mitchell <audra(a)redhat.com> selftests/mm: Update va_high_addr_switch.sh to check CPU for la57 flag Zach O'Keefe <zokeefe(a)google.com> mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again Muhammad Usama Anjum <usama.anjum(a)collabora.com> selftests/mm: switch to bash from sh Masami Hiramatsu (Google) <mhiramat(a)kernel.org> tracing/trigger: Fix to return error if failed to alloc snapshot Samuel Holland <samuel.holland(a)sifive.com> scs: add CONFIG_MMU dependency for vfree_atomic() Ryan Roberts <ryan.roberts(a)arm.com> selftests/mm: ksm_tests should only MADV_HUGEPAGE valid memory Lokesh Gidra <lokeshgidra(a)google.com> userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb Ivan Vecera <ivecera(a)redhat.com> i40e: Fix waiting for queues of all VSIs to be disabled Ivan Vecera <ivecera(a)redhat.com> i40e: Do not allow untrusted VF to remove administratively set MAC Jiaxun Yang <jiaxun.yang(a)flygoat.com> mm/memory: Use exception ip to search exception tables Jiaxun Yang <jiaxun.yang(a)flygoat.com> ptrace: Introduce exception_ip arch hook Guenter Roeck <linux(a)roeck-us.net> MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler Arnd Bergmann <arnd(a)arndb.de> nouveau/svm: fix kvcalloc() argument order Breno Leitao <leitao(a)debian.org> net: sysfs: Fix /sys/class/net/<iface> path for statistics Alexey Khoroshilov <khoroshilov(a)ispras.ru> ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> spi: ppc4xx: Drop write-only variable Jakub Kicinski <kuba(a)kernel.org> net: tls: fix returned read length with async decrypt Sabrina Dubroca <sd(a)queasysnail.net> net: tls: fix use-after-free with partial reads and async decrypt Jakub Kicinski <kuba(a)kernel.org> net: tls: handle backlogging of crypto requests Jakub Kicinski <kuba(a)kernel.org> tls: fix race between tx work scheduling and socket close Jakub Kicinski <kuba(a)kernel.org> tls: fix race between async notify and socket close Jakub Kicinski <kuba(a)kernel.org> net: tls: factor out tls_*crypt_async_wait() Sabrina Dubroca <sd(a)queasysnail.net> tls: extract context alloc/initialization out of tls_set_sw_offload Horatiu Vultur <horatiu.vultur(a)microchip.com> lan966x: Fix crash when adding interface under a lag Aaron Conole <aconole(a)redhat.com> net: openvswitch: limit the number of recursions from action sets Ido Schimmel <idosch(a)nvidia.com> selftests: forwarding: Fix bridge locked port test flakiness Ido Schimmel <idosch(a)nvidia.com> selftests: forwarding: Suppress grep warnings Ido Schimmel <idosch(a)nvidia.com> selftests: bridge_mdb: Use MDB get instead of dump Ido Schimmel <idosch(a)nvidia.com> selftests: forwarding: Fix bridge MDB test flakiness Ido Schimmel <idosch(a)nvidia.com> selftests: forwarding: Fix layer 2 miss test flakiness Ido Schimmel <idosch(a)nvidia.com> selftests: net: Fix bridge backup port test flakiness Hangbin Liu <liuhangbin(a)gmail.com> selftests/net: convert test_bridge_backup_port.sh to run it in unique namespace Hojin Nam <hj96.nam(a)samsung.com> perf: CXL: fix mismatched cpmu event opcode Lukas Bulwahn <lukas.bulwahn(a)gmail.com> ALSA: hda/cs35l56: select intended config FW_CS_DSP Saravana Kannan <saravanak(a)google.com> of: property: Improve finding the supplier of a remote-endpoint property Saravana Kannan <saravanak(a)google.com> of: property: Improve finding the consumer of a remote-endpoint property Parav Pandit <parav(a)nvidia.com> devlink: Fix command annotation documentation Magnus Karlsson <magnus.karlsson(a)intel.com> bonding: do not report NETDEV_XDP_ACT_XSK_ZEROCOPY Chuck Lever <chuck.lever(a)oracle.com> net/handshake: Fix handshake_req_destroy_test1 Ranjani Sridharan <ranjani.sridharan(a)linux.intel.com> ASoC: SOF: ipc3-topology: Fix pipeline tear down logic Dan Carpenter <dan.carpenter(a)linaro.org> wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() Dan Carpenter <dan.carpenter(a)linaro.org> wifi: iwlwifi: Fix some error codes Sean Christopherson <seanjc(a)google.com> KVM: selftests: Fix a semaphore imbalance in the dirty ring logging test Carlos Song <carlos.song(a)nxp.com> spi: imx: fix the burst length at DMA mode and CPU mode Rob Clark <robdclark(a)chromium.org> drm/msm/gem: Fix double resv lock aquire Christian A. Ehrhardt <lk(a)c--e.de> of: unittest: Fix compile in the non-dynamic case Vitaly Kuznetsov <vkuznets(a)redhat.com> KVM: selftests: Avoid infinite loop in hyperv_features when invtsc is missing Sean Christopherson <seanjc(a)google.com> KVM: selftests: Delete superfluous, unused "stage" variable in AMX test Hu Yadi <hu.yadi(a)h3c.com> selftests/landlock: Fix fs_test build with old libc Saravana Kannan <saravanak(a)google.com> driver core: Fix device_link_flag_is_sync_state_only() Josef Bacik <josef(a)toxicpanda.com> btrfs: don't drop extent_map for free space inode on write error Filipe Manana <fdmanana(a)suse.com> btrfs: reject encoded write if inode has nodatasum flag set Filipe Manana <fdmanana(a)suse.com> btrfs: don't reserve space for checksums when writing to nocow files David Sterba <dsterba(a)suse.com> btrfs: send: return EOPNOTSUPP on unknown flags Boris Burkov <boris(a)bur.io> btrfs: forbid deleting live subvol qgroup Qu Wenruo <wqu(a)suse.com> btrfs: do not ASSERT() if the newly created subvolume already got read Boris Burkov <boris(a)bur.io> btrfs: forbid creating subvol qgroups Filipe Manana <fdmanana(a)suse.com> btrfs: do not delete unused block group if it may be used soon Filipe Manana <fdmanana(a)suse.com> btrfs: add and use helper to check if block group is used Linus Torvalds <torvalds(a)linux-foundation.org> update workarounds for gcc "asm goto" issue Linus Torvalds <torvalds(a)linux-foundation.org> work around gcc bugs with 'asm goto' with outputs ------------- Diffstat: .../ABI/testing/sysfs-class-net-statistics | 48 +- Documentation/arch/arm64/silicon-errata.rst | 7 + Documentation/arch/ia64/features.rst | 2 +- Documentation/networking/devlink/devlink-port.rst | 2 +- Documentation/sphinx/kernel_feat.py | 2 +- Makefile | 4 +- arch/Kconfig | 1 + arch/arc/include/asm/jump_label.h | 4 +- arch/arm/include/asm/jump_label.h | 4 +- arch/arm64/include/asm/alternative-macros.h | 4 +- arch/arm64/include/asm/cputype.h | 4 + arch/arm64/include/asm/jump_label.h | 4 +- arch/arm64/kernel/cpu_errata.c | 3 + arch/arm64/kernel/fpsimd.c | 2 +- arch/arm64/kernel/signal.c | 4 +- arch/arm64/kvm/pkvm.c | 27 +- arch/csky/include/asm/jump_label.h | 4 +- arch/loongarch/include/asm/jump_label.h | 4 +- arch/loongarch/mm/kasan_init.c | 3 + arch/mips/include/asm/checksum.h | 3 +- arch/mips/include/asm/jump_label.h | 4 +- arch/mips/include/asm/ptrace.h | 2 + arch/mips/kernel/ptrace.c | 7 + arch/parisc/Kconfig | 1 - arch/parisc/include/asm/assembly.h | 1 + arch/parisc/include/asm/extable.h | 64 + arch/parisc/include/asm/jump_label.h | 4 +- arch/parisc/include/asm/special_insns.h | 6 +- arch/parisc/include/asm/uaccess.h | 48 +- arch/parisc/kernel/cache.c | 6 +- arch/parisc/kernel/drivers.c | 3 + arch/parisc/kernel/unaligned.c | 44 +- arch/parisc/mm/fault.c | 11 +- arch/powerpc/include/asm/jump_label.h | 4 +- arch/powerpc/include/asm/reg.h | 2 + arch/powerpc/include/asm/thread_info.h | 2 +- arch/powerpc/include/asm/uaccess.h | 12 +- arch/powerpc/kernel/cpu_setup_6xx.S | 20 +- arch/powerpc/kernel/cpu_specs_e500mc.h | 3 +- arch/powerpc/kernel/interrupt_64.S | 4 +- arch/powerpc/kernel/irq_64.c | 2 +- arch/powerpc/mm/kasan/init_32.c | 1 + arch/powerpc/platforms/pseries/lpar.c | 8 +- arch/riscv/include/asm/hwcap.h | 4 +- arch/riscv/include/asm/jump_label.h | 4 +- arch/s390/include/asm/jump_label.h | 4 +- arch/sparc/include/asm/jump_label.h | 4 +- arch/um/Makefile | 4 +- arch/um/include/asm/cpufeature.h | 2 +- arch/x86/Kconfig.cpu | 2 +- arch/x86/boot/Makefile | 2 +- arch/x86/boot/compressed/vmlinux.lds.S | 6 +- arch/x86/boot/header.S | 211 ++-- arch/x86/boot/setup.ld | 14 +- arch/x86/boot/tools/build.c | 273 +--- arch/x86/include/asm/barrier.h | 18 - arch/x86/include/asm/cpufeature.h | 2 +- arch/x86/include/asm/cpufeatures.h | 2 +- arch/x86/include/asm/jump_label.h | 6 +- arch/x86/include/asm/processor.h | 18 + arch/x86/include/asm/rmwcc.h | 2 +- arch/x86/include/asm/special_insns.h | 2 +- arch/x86/include/asm/uaccess.h | 10 +- arch/x86/kernel/cpu/amd.c | 3 + arch/x86/kernel/cpu/common.c | 7 + arch/x86/kernel/cpu/hygon.c | 3 + arch/x86/kernel/fpu/signal.c | 13 +- arch/x86/kvm/svm/svm_ops.h | 6 +- arch/x86/kvm/vmx/pmu_intel.c | 2 +- arch/x86/kvm/vmx/vmx.c | 4 +- arch/x86/kvm/vmx/vmx_ops.h | 6 +- arch/x86/kvm/x86.c | 3 +- arch/x86/mm/ident_map.c | 23 +- arch/xtensa/include/asm/jump_label.h | 4 +- block/blk-mq.c | 9 +- block/blk-wbt.c | 4 +- crypto/algif_hash.c | 5 +- drivers/android/binder.c | 10 + drivers/base/core.c | 15 +- drivers/base/power/domain.c | 2 +- drivers/connector/cn_proc.c | 5 +- drivers/crypto/ccp/sev-dev.c | 10 +- drivers/firewire/core-device.c | 7 +- drivers/firmware/efi/libstub/Makefile | 7 - drivers/firmware/efi/libstub/x86-stub.c | 46 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 - drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 9 +- drivers/gpu/drm/amd/amdgpu/cik_ih.c | 6 + drivers/gpu/drm/amd/amdgpu/cz_ih.c | 5 + drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 2 - drivers/gpu/drm/amd/amdgpu/iceland_ih.c | 5 + drivers/gpu/drm/amd/amdgpu/ih_v6_0.c | 6 + drivers/gpu/drm/amd/amdgpu/ih_v6_1.c | 7 + drivers/gpu/drm/amd/amdgpu/navi10_ih.c | 6 + drivers/gpu/drm/amd/amdgpu/si_ih.c | 6 + drivers/gpu/drm/amd/amdgpu/soc21.c | 4 +- drivers/gpu/drm/amd/amdgpu/tonga_ih.c | 6 + drivers/gpu/drm/amd/amdgpu/vega10_ih.c | 6 + drivers/gpu/drm/amd/amdgpu/vega20_ih.c | 6 + drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 14 +- drivers/gpu/drm/amd/display/dc/dml/Makefile | 6 +- .../display/dc/link/protocols/link_dp_training.c | 5 +- drivers/gpu/drm/drm_prime.c | 2 +- drivers/gpu/drm/msm/msm_gem_prime.c | 4 +- drivers/gpu/drm/msm/msm_gpu.c | 11 +- drivers/gpu/drm/msm/msm_iommu.c | 32 +- drivers/gpu/drm/msm/msm_ringbuffer.c | 7 +- drivers/gpu/drm/nouveau/nouveau_fence.c | 26 +- drivers/gpu/drm/nouveau/nouveau_fence.h | 1 + drivers/gpu/drm/nouveau/nouveau_svm.c | 2 +- drivers/gpu/drm/virtio/virtgpu_drv.c | 1 + drivers/hid/bpf/hid_bpf_dispatch.c | 83 +- drivers/hid/bpf/hid_bpf_dispatch.h | 4 +- drivers/hid/bpf/hid_bpf_jmp_table.c | 40 +- drivers/hid/i2c-hid/i2c-hid-of.c | 1 + drivers/hid/wacom_sys.c | 63 +- drivers/hid/wacom_wac.c | 9 +- drivers/i2c/busses/Makefile | 6 +- drivers/i2c/busses/i2c-i801.c | 4 +- drivers/i2c/busses/i2c-pasemi-core.c | 6 + drivers/i2c/busses/i2c-qcom-geni.c | 16 +- drivers/iio/accel/Kconfig | 2 + drivers/iio/adc/ad4130.c | 12 +- drivers/iio/imu/bno055/Kconfig | 1 + drivers/iio/industrialio-core.c | 5 +- drivers/iio/light/hid-sensor-als.c | 1 + drivers/iio/magnetometer/rm3100-core.c | 10 +- drivers/iio/pressure/bmp280-spi.c | 1 + drivers/interconnect/qcom/sc8180x.c | 1 + drivers/interconnect/qcom/sm8550.c | 1 + drivers/irqchip/irq-brcmstb-l2.c | 5 +- drivers/irqchip/irq-gic-v3-its.c | 62 +- drivers/irqchip/irq-loongson-eiointc.c | 2 +- drivers/md/dm-core.h | 2 + drivers/md/dm-crypt.c | 38 +- drivers/md/dm-ioctl.c | 3 +- drivers/md/dm-table.c | 9 +- drivers/md/dm-verity-target.c | 26 +- drivers/md/dm-verity.h | 1 - drivers/md/md.c | 7 +- .../media/platform/rockchip/rkisp1/rkisp1-dev.c | 2 +- drivers/media/rc/bpf-lirc.c | 6 +- drivers/media/rc/ir_toy.c | 2 + drivers/media/rc/lirc_dev.c | 5 +- drivers/media/rc/rc-core-priv.h | 2 +- drivers/misc/fastrpc.c | 2 +- drivers/mmc/core/slot-gpio.c | 6 +- drivers/mmc/host/sdhci-pci-o2micro.c | 30 + drivers/net/bonding/bond_main.c | 5 +- drivers/net/can/dev/netlink.c | 2 +- drivers/net/dsa/mv88e6xxx/chip.c | 2 +- drivers/net/ethernet/intel/i40e/i40e_main.c | 2 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 38 +- .../net/ethernet/microchip/lan966x/lan966x_lag.c | 9 +- .../net/ethernet/netronome/nfp/flower/conntrack.c | 46 +- .../ethernet/netronome/nfp/flower/tunnel_conf.c | 2 +- .../net/ethernet/netronome/nfp/nfp_net_common.c | 1 + .../ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c | 6 +- drivers/net/ethernet/stmicro/stmmac/common.h | 56 +- drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c | 15 +- drivers/net/ethernet/stmicro/stmmac/dwmac4_lib.c | 15 +- drivers/net/ethernet/stmicro/stmmac/dwmac_lib.c | 15 +- drivers/net/ethernet/stmicro/stmmac/dwxgmac2_dma.c | 15 +- .../net/ethernet/stmicro/stmmac/stmmac_ethtool.c | 125 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 136 +- drivers/net/ethernet/ti/cpsw.c | 2 + drivers/net/ethernet/ti/cpsw_new.c | 3 + drivers/net/hyperv/netvsc.c | 5 +- drivers/net/hyperv/netvsc_drv.c | 82 +- drivers/net/wireless/intel/iwlwifi/fw/acpi.c | 15 +- drivers/net/wireless/intel/iwlwifi/iwl-drv.c | 1 + drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 3 + drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c | 4 + drivers/net/xen-netback/netback.c | 100 +- drivers/of/property.c | 65 +- drivers/of/unittest.c | 12 +- drivers/pci/pci.c | 37 +- drivers/perf/cxl_pmu.c | 2 +- drivers/pmdomain/mediatek/mtk-pm-domains.c | 15 +- drivers/pmdomain/renesas/r8a77980-sysc.c | 3 +- drivers/s390/net/qeth_l3_main.c | 9 +- drivers/scsi/fcoe/fcoe_ctlr.c | 20 +- drivers/scsi/storvsc_drv.c | 12 +- drivers/spi/spi-imx.c | 9 +- drivers/spi/spi-ppc4xx.c | 5 - drivers/staging/iio/impedance-analyzer/ad5933.c | 2 +- drivers/thunderbolt/tb_regs.h | 2 +- drivers/thunderbolt/usb4.c | 2 +- drivers/tty/serial/max310x.c | 53 +- drivers/tty/serial/mxs-auart.c | 5 +- drivers/usb/chipidea/ci.h | 2 + drivers/usb/chipidea/core.c | 44 +- drivers/usb/common/ulpi.c | 2 +- drivers/usb/core/hub.c | 46 +- drivers/usb/dwc3/gadget.c | 6 +- drivers/usb/gadget/function/f_mass_storage.c | 20 +- drivers/usb/typec/tcpm/tcpm.c | 3 +- drivers/usb/typec/ucsi/ucsi.c | 2 + drivers/usb/typec/ucsi/ucsi_acpi.c | 17 +- fs/btrfs/block-group.c | 49 +- fs/btrfs/block-group.h | 7 + fs/btrfs/delalloc-space.c | 29 +- fs/btrfs/disk-io.c | 13 +- fs/btrfs/inode.c | 26 +- fs/btrfs/ioctl.c | 5 + fs/btrfs/qgroup.c | 14 + fs/btrfs/send.c | 2 +- fs/ceph/caps.c | 3 +- fs/ext4/mballoc.c | 39 +- fs/ext4/move_extent.c | 6 +- fs/hugetlbfs/inode.c | 19 +- fs/namespace.c | 11 +- fs/nfsd/nfs4state.c | 11 +- fs/nilfs2/file.c | 8 +- fs/nilfs2/recovery.c | 7 +- fs/nilfs2/segment.c | 8 +- fs/proc/array.c | 10 +- fs/smb/client/connect.c | 14 +- fs/smb/client/fs_context.c | 11 + fs/smb/client/namespace.c | 16 + fs/smb/client/smb2ops.c | 2 +- fs/smb/server/smb2pdu.c | 8 +- fs/tracefs/event_inode.c | 1310 +++++++++----------- fs/tracefs/inode.c | 276 ++--- fs/tracefs/internal.h | 60 +- fs/zonefs/file.c | 42 +- fs/zonefs/super.c | 66 +- include/asm-generic/vmlinux.lds.h | 6 - include/linux/backing-dev-defs.h | 7 +- include/linux/compiler-gcc.h | 20 + include/linux/compiler_types.h | 11 +- include/linux/iio/adc/ad_sigma_delta.h | 4 +- include/linux/iio/common/st_sensors.h | 4 +- include/linux/iio/imu/adis.h | 3 +- include/linux/init.h | 3 - include/linux/lsm_hook_defs.h | 4 +- include/linux/netfilter/ipset/ip_set.h | 4 + include/linux/ptrace.h | 4 + include/linux/serial_core.h | 32 +- include/linux/trace_events.h | 2 +- include/linux/tracefs.h | 73 +- include/net/tls.h | 5 - include/sound/tas2781.h | 1 + init/Kconfig | 9 + io_uring/net.c | 5 +- kernel/sched/membarrier.c | 6 + kernel/trace/ftrace.c | 10 + kernel/trace/ring_buffer.c | 2 +- kernel/trace/trace.c | 85 +- kernel/trace/trace.h | 4 +- kernel/trace/trace_btf.c | 4 +- kernel/trace/trace_events.c | 311 +++-- kernel/trace/trace_events_synth.c | 3 +- kernel/trace/trace_events_trigger.c | 6 +- kernel/trace/trace_osnoise.c | 6 +- kernel/trace/trace_probe.c | 32 +- kernel/trace/trace_probe.h | 3 +- kernel/workqueue.c | 8 +- lib/kobject.c | 24 +- mm/backing-dev.c | 2 +- mm/memory.c | 4 +- mm/page-writeback.c | 4 +- mm/userfaultfd.c | 15 +- net/can/j1939/j1939-priv.h | 3 +- net/can/j1939/main.c | 2 +- net/can/j1939/socket.c | 46 +- net/handshake/handshake-test.c | 5 +- net/hsr/hsr_device.c | 4 +- net/mac80211/tx.c | 5 +- net/mptcp/pm_userspace.c | 13 +- net/mptcp/protocol.c | 25 +- net/mptcp/protocol.h | 7 +- net/mptcp/subflow.c | 4 +- net/netfilter/ipset/ip_set_bitmap_gen.h | 14 +- net/netfilter/ipset/ip_set_core.c | 39 +- net/netfilter/ipset/ip_set_hash_gen.h | 19 +- net/netfilter/ipset/ip_set_list_set.c | 13 +- net/netfilter/nft_set_pipapo_avx2.c | 2 +- net/nfc/nci/core.c | 4 + net/openvswitch/flow_netlink.c | 49 +- net/tls/tls_sw.c | 217 ++-- net/wireless/core.c | 1 + samples/bpf/asm_goto_workaround.h | 8 +- scripts/link-vmlinux.sh | 9 +- scripts/mksysmap | 13 +- scripts/mod/modpost.c | 18 +- scripts/mod/sumversion.c | 7 +- security/security.c | 45 +- sound/pci/hda/Kconfig | 4 +- sound/pci/hda/patch_conexant.c | 18 + sound/pci/hda/patch_cs8409.c | 1 + sound/pci/hda/patch_realtek.c | 20 +- sound/pci/hda/tas2781_hda_i2c.c | 2 +- sound/soc/amd/yc/acp6x-mach.c | 14 + sound/soc/codecs/rt5645.c | 1 + sound/soc/codecs/tas2781-comlib.c | 3 +- sound/soc/codecs/tas2781-i2c.c | 2 +- sound/soc/codecs/wcd938x.c | 2 +- sound/soc/sof/ipc3-topology.c | 69 +- sound/soc/sof/ipc3.c | 2 +- tools/arch/x86/include/asm/rmwcc.h | 2 +- tools/include/linux/compiler_types.h | 4 +- tools/testing/selftests/kvm/dirty_log_test.c | 50 +- tools/testing/selftests/kvm/x86_64/amx_test.c | 4 +- .../testing/selftests/kvm/x86_64/hyperv_features.c | 9 +- tools/testing/selftests/landlock/fs_test.c | 11 +- .../selftests/mm/charge_reserved_hugetlb.sh | 2 +- tools/testing/selftests/mm/ksm_tests.c | 2 +- tools/testing/selftests/mm/map_hugetlb.c | 7 + tools/testing/selftests/mm/va_high_addr_switch.sh | 6 + tools/testing/selftests/mm/write_hugetlb_memory.sh | 2 +- .../selftests/net/forwarding/bridge_locked_port.sh | 4 +- .../testing/selftests/net/forwarding/bridge_mdb.sh | 192 ++- .../selftests/net/forwarding/tc_flower_l2_miss.sh | 8 +- tools/testing/selftests/net/mptcp/config | 3 + tools/testing/selftests/net/mptcp/mptcp_join.sh | 10 +- tools/testing/selftests/net/mptcp/mptcp_lib.sh | 11 +- tools/testing/selftests/net/mptcp/settings | 2 +- tools/testing/selftests/net/mptcp/userspace_pm.sh | 31 +- .../selftests/net/test_bridge_backup_port.sh | 394 +++--- tools/tracing/rtla/Makefile | 7 +- tools/tracing/rtla/src/osnoise_hist.c | 9 +- tools/tracing/rtla/src/osnoise_top.c | 6 +- tools/tracing/rtla/src/timerlat_hist.c | 9 +- tools/tracing/rtla/src/timerlat_top.c | 6 +- tools/tracing/rtla/src/utils.c | 14 +- tools/tracing/rtla/src/utils.h | 2 + tools/verification/rv/Makefile | 7 +- tools/verification/rv/src/in_kernel.c | 2 +- 329 files changed, 4093 insertions(+), 3172 deletions(-)

1 year, 6 months

12
11
0 0

[PATCH 6.1 000/206] 6.1.79-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.1.79 release. There are 206 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 23 Feb 2024 13:01:46 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.79-rc2… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.1.79-rc2 Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Add null pointer checks Easwar Hariharan <eahariha(a)linux.microsoft.com> arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata Mikulas Patocka <mpatocka(a)redhat.com> dm: limit the number of targets and parameter size area Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: replace WARN_ONs for invalid DAT metadata block requests Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix potential bug in end_buffer_async_write Saravana Kannan <saravanak(a)google.com> of: property: Add in-ports/out-ports support to of_graph_get_port_parent() Linus Torvalds <torvalds(a)linuxfoundation.org> sched/membarrier: reduce the ability to hammer on sys_membarrier Peter Zijlstra <peterz(a)infradead.org> kbuild: Drop -Wdeclaration-after-statement Peter Zijlstra <peterz(a)infradead.org> locking: Introduce __cleanup() based infrastructure Peter Zijlstra <peterz(a)infradead.org> apparmor: Free up __cleanup() name Peter Zijlstra <peterz(a)infradead.org> dmaengine: ioat: Free up __cleanup() name Lokesh Gidra <lokeshgidra(a)google.com> userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb Jiri Olsa <jolsa(a)kernel.org> bpf: Remove trace_printk_lock Jiri Olsa <jolsa(a)kernel.org> bpf: Do cleanup in bpf_bprintf_cleanup only when needed Jiri Olsa <jolsa(a)kernel.org> bpf: Add struct for bin_args arg in bpf_bprintf_prepare Eric Dumazet <edumazet(a)google.com> net: prevent mss overflow in skb_segment() Paulo Alcantara <pc(a)manguebit.com> smb: client: fix parsing of SMB3.1.1 POSIX create context Paulo Alcantara <pc(a)manguebit.com> smb: client: fix potential OOBs in smb2_parse_contexts() Mike Marciniszyn <mike.marciniszyn(a)intel.com> RDMA/irdma: Ensure iWarp QP queue memory is OS paged aligned Davidlohr Bueso <dave(a)stgolabs.net> hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range() NeilBrown <neilb(a)suse.de> nfsd: don't take fi_lock in nfsd_break_deleg_cb() NeilBrown <neilb(a)suse.de> nfsd: fix RELEASE_LOCKOWNER Helge Deller <deller(a)gmx.de> parisc: Fix random data corruption from exception handler Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: Missing gc cancellations fixed Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: fix performance regression in swap operation Damien Le Moal <dlemoal(a)kernel.org> block: fix partial zone append completion handling in req_bio_endio() Tianjia Zhang <tianjia.zhang(a)linux.alibaba.com> crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init David Lin <yu-hao.lin(a)nxp.com> wifi: mwifiex: fix uninitialized firmware_stat Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sm8150: fix USB SS wakeup Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sdm845: fix USB SS wakeup Stephan Gerhold <stephan(a)gerhold.net> arm64: dts: qcom: msm8916: Make blsp_dma controlled-remotely Stephan Gerhold <stephan(a)gerhold.net> arm64: dts: qcom: msm8916: Enable blsp_dma by default Sjoerd Simons <sjoerd(a)collabora.com> bus: moxtet: Add spi device table David Lin <yu-hao.lin(a)nxp.com> wifi: mwifiex: add extra delay for firmware ready Lukas Wunner <lukas(a)wunner.de> wifi: mwifiex: Support SD8978 chipset Andrejs Cainikovs <andrejs.cainikovs(a)toradex.com> ARM: dts: imx6q-apalis: add can power-up delay on ixora board Junxiao Bi <junxiao.bi(a)oracle.com> md: bypass block throttle for superblock update Audra Mitchell <audra(a)redhat.com> selftests/mm: Update va_high_addr_switch.sh to check CPU for la57 flag Ryan Roberts <ryan.roberts(a)arm.com> selftests/mm: ksm_tests should only MADV_HUGEPAGE valid memory Jann Horn <jannh(a)google.com> tls: fix NULL deref on tls_sw_splice_eof() with empty record Herbert Xu <herbert(a)gondor.apana.org.au> xfrm: Silence warnings triggerable by bad packets Herbert Xu <herbert(a)gondor.apana.org.au> xfrm: Use xfrm_state selector for BEET input Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Inform kmemleak of saved_cmdlines allocation Oleg Nesterov <oleg(a)redhat.com> fs/proc: do_task_stat: move thread_group_cputime_adjusted() outside of lock_task_sighand() Konrad Dybcio <konrad.dybcio(a)linaro.org> pmdomain: core: Move the unused cleanup to a _sync initcall Oleksij Rempel <linux(a)rempel-privat.de> can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Ziqi Zhao <astrajoan(a)yahoo.com> can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock Maxime Jayat <maxime.jayat(a)mobile-devices.fr> can: netlink: Fix TDCO calculation using the old data bittiming Nuno Sa <nuno.sa(a)analog.com> of: property: fix typo in io-channels Prakash Sangappa <prakash.sangappa(a)oracle.com> mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE Oscar Salvador <osalvador(a)suse.de> fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super Rishabh Dave <ridave(a)redhat.com> ceph: prevent use-after-free in encode_cap_msg() Shradha Gupta <shradhagupta(a)linux.microsoft.com> hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed Sinthu Raja <sinthu.raja(a)ti.com> net: ethernet: ti: cpsw_new: enable mac_managed_pm to fix mdio Alexandra Winter <wintera(a)linux.ibm.com> s390/qeth: Fix potential loss of L3-IP@ in case of network issues Sinthu Raja <sinthu.raja(a)ti.com> net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio Christian Brauner <brauner(a)kernel.org> fs: relax mount_setattr() permission checks Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rtla: Fix Makefile compiler options for clang Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rtla: Fix uninitialized bucket/data->bucket_size warning John Kacur <jkacur(a)redhat.com> tools/rtla: Exit with EXIT_SUCCESS when help is invoked limingming3 <limingming890315(a)gmail.com> tools/rtla: Replace setting prio with nice for SCHED_OTHER Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rtla: Remove unused sched_getattr() function Mario Limonciello <mario.limonciello(a)amd.com> ASoC: amd: yc: Add DMI quirk for Lenovo Ideapad Pro 5 16ARP8 Fred Ai <fred.ai(a)bayhubtech.com> mmc: sdhci-pci-o2micro: Fix a warm reboot issue that disk can't be detected by BIOS Damien Le Moal <dlemoal(a)kernel.org> zonefs: Improve error handling Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update Doug Berger <opendmb(a)gmail.com> irqchip/irq-brcmstb-l2: Add write memory barrier before exit Johannes Berg <johannes.berg(a)intel.com> wifi: mac80211: reload info pointer in ieee80211_tx_dequeue() Johannes Berg <johannes.berg(a)intel.com> wifi: cfg80211: fix wiphy delayed work queueing Daniel de Villiers <daniel.devilliers(a)corigine.com> nfp: flower: prevent re-adding mac index for bonded port Daniel Basilio <daniel.basilio(a)corigine.com> nfp: use correct macro for LengthSelect in BAR config Kim Phillips <kim.phillips(a)amd.com> crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix data corruption in dsync block recovery for small block sizes bo liu <bo.liu(a)senarytech.com> ALSA: hda/conexant: Add quirk for SWS JS201D Eniac Zhang <eniac-xw.zhang(a)hp.com> ALSA: hda/realtek: fix mute/micmute LED For HP mt645 Alexander Stein <alexander.stein(a)ew.tq-group.com> mmc: slot-gpio: Allow non-sleeping GPIO ro Jens Axboe <axboe(a)kernel.dk> io_uring/net: fix multishot accept overflow handling Steve Wahl <steve.wahl(a)hpe.com> x86/mm/ident_map: Use gbpages only where full GB page should be mapped. Mingwei Zhang <mizhang(a)google.com> KVM: x86/pmu: Fix type length error when reading pmu->fixed_ctr_ctrl Andrei Vagin <avagin(a)google.com> x86/fpu: Stop relying on userspace for info to fault in xsave buffer Aleksander Mazur <deweloper(a)wp.pl> x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 Shrikanth Hegde <sshegde(a)linux.ibm.com> powerpc/pseries: fix accuracy of stolen time David Engraf <david.engraf(a)sysgo.com> powerpc/cputable: Add missing PPC_FEATURE_BOOKE on PPC64 Book-E Naveen N Rao <naveen(a)kernel.org> powerpc/64: Set task pt_regs->link to the LR value on scv entry Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: max310x: prevent infinite while() loop in port startup Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: max310x: fail probe if clock crystal is unstable Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: max310x: improve crystal stable clock detection Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: max310x: set default value when reading clock ready bit Hui Zhou <hui.zhou(a)corigine.com> nfp: flower: fix hardware offload for the transfer layer port Vincent Donnefort <vdonnefort(a)google.com> ring-buffer: Clean ring_buffer_poll_wait() error return Souradeep Chakrabarti <schakrabarti(a)linux.microsoft.com> hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove Tom Chung <chiahsuan.chung(a)amd.com> drm/amd/display: Preserve original aspect ratio in create stream Nathan Chancellor <nathan(a)kernel.org> drm/amd/display: Increase frame-larger-than for all display_mode_vba files Philip Yang <Philip.Yang(a)amd.com> drm/prime: Support page array >= 4GB Rob Clark <robdclark(a)chromium.org> drm/msm: Wire up tlb ops Herbert Xu <herbert(a)gondor.apana.org.au> xfrm: Remove inner/outer modes from input path Herbert Xu <herbert(a)gondor.apana.org.au> xfrm: Remove inner/outer modes from output path Fedor Pchelkin <pchelkin(a)ispras.ru> ksmbd: free aux buffer if ksmbd_iov_pin_rsp_read fails Sean Young <sean(a)mess.org> media: rc: bpf attach/detach requires write permission Randy Dunlap <rdunlap(a)infradead.org> iio: imu: bno055: serdev requires REGMAP Nuno Sa <nuno.sa(a)analog.com> iio: imu: adis: ensure proper DMA alignment Nuno Sa <nuno.sa(a)analog.com> iio: adc: ad_sigma_delta: ensure proper DMA alignment Mario Limonciello <mario.limonciello(a)amd.com> iio: accel: bma400: Fix a compilation problem Nuno Sa <nuno.sa(a)analog.com> iio: commom: st_sensors: ensure proper DMA alignment Dinghao Liu <dinghao.liu(a)zju.edu.cn> iio: core: fix memleak in iio_device_register_sysfs zhili.liu <zhili.liu(a)ucas.com.cn> iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC David Schiller <david.schiller(a)jku.at> staging: iio: ad5933: fix type mismatch regression Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Fix wasted memory in saved_cmdlines logic Baokun Li <libaokun1(a)huawei.com> ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks() Baokun Li <libaokun1(a)huawei.com> ext4: fix double-free of blocks due to wrong extents moved_len Ekansh Gupta <quic_ekangupt(a)quicinc.com> misc: fastrpc: Mark all sessions as invalid in cb_remove Carlos Llamas <cmllamas(a)google.com> binder: signal epoll threads of self-work Andy Chi <andy.chi(a)canonical.com> ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power Vitaly Rodionov <vitalyr(a)opensource.cirrus.com> ALSA: hda/cs8409: Suppress vmaster control for Dolphin models Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ASoC: codecs: wcd938x: handle deferred probe Edson Juliano Drosdeck <edson.drosdeck(a)gmail.com> ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL Nathan Chancellor <nathan(a)kernel.org> modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS Nathan Chancellor <nathan(a)kernel.org> um: Fix adding '-no-pie' for clang Nathan Chancellor <nathan(a)kernel.org> modpost: Include '.text.*' in TEXT_SECTIONS Masahiro Yamada <masahiroy(a)kernel.org> linux/init: remove __memexit* annotations Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> modpost: Don't let "driver"s reference .exit.* Masahiro Yamada <masahiroy(a)kernel.org> modpost: propagate W=1 build option to modpost Jan Beulich <jbeulich(a)suse.com> xen-netback: properly sync TX responses Esben Haabendal <esben(a)geanix.com> net: stmmac: do not clear TBS enable bit on link up/down Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Fedor Pchelkin <pchelkin(a)ispras.ru> nfc: nci: free rx_data_reassembly skb on NCI device cleanup Nathan Chancellor <nathan(a)kernel.org> kbuild: Fix changing ELF file type for output of gen_btf for big endian José Relvas <josemonsantorelvas(a)gmail.com> ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287 thinkpads Takashi Sakamoto <o-takashi(a)sakamocchi.jp> firewire: core: correct documentation of fw_csr_string() kernel API Ondrej Mosnacek <omosnace(a)redhat.com> lsm: fix the logic in security_inode_getsecctx() Sebastian Ott <sebott(a)redhat.com> drm/virtio: Set segment size for virtio_gpu device Mario Limonciello <mario.limonciello(a)amd.com> Revert "drm/amd: flush any delayed gfxoff on suspend entry" Lee Duncan <lduncan(a)suse.com> scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: Revert "media: rkisp1: Drop IRQF_SHARED" Geliang Tang <geliang(a)kernel.org> mptcp: check addrs list in userspace_pm_get_local_id Paolo Abeni <pabeni(a)redhat.com> mptcp: drop the push_pending field Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: increase timeout to 30 min Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: add missing kconfig for NF Mangle Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: add missing kconfig for NF Filter in v6 Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: add missing kconfig for NF Filter Paolo Abeni <pabeni(a)redhat.com> mptcp: fix data re-injection from stale subflow Paolo Abeni <pabeni(a)redhat.com> mptcp: get rid of msk->subflow Radek Krejci <radek.krejci(a)oracle.com> modpost: trim leading spaces when processing source files list Jean Delvare <jdelvare(a)suse.de> i2c: i801: Fix block process call transactions Arnd Bergmann <arnd(a)arndb.de> i2c: pasemi: split driver into two separate modules Michael Ellerman <mpe(a)ellerman.id.au> powerpc/kasan: Limit KASAN thread size increase to 32KB Bibo Mao <maobibo(a)loongson.cn> irqchip/loongson-eiointc: Use correct struct type in eiointc_domain_alloc() Viken Dadhaniya <quic_vdadhani(a)quicinc.com> i2c: qcom-geni: Correct I2C TRE sequence Dan Carpenter <dan.carpenter(a)linaro.org> cifs: fix underflow in parse_server_interfaces() Jiangfeng Xiao <xiaojiangfeng(a)huawei.com> powerpc/kasan: Fix addr error caused by page alignment Saravana Kannan <saravanak(a)google.com> driver core: fw_devlink: Improve detection of overlapping cycles Zhipeng Lu <alexious(a)zju.edu.cn> media: ir_toy: fix a memleak in irtoy_tx Konrad Dybcio <konrad.dybcio(a)linaro.org> interconnect: qcom: sc8180x: Mark CO0 BCM keepalive Uttkarsh Aggarwal <quic_uaggarwa(a)quicinc.com> usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend yuan linyu <yuanlinyu(a)hihonor.com> usb: f_mass_storage: forbid async queue when shutdown happen Oliver Neukum <oneukum(a)suse.com> USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT Christian A. Ehrhardt <lk(a)c--e.de> usb: ucsi_acpi: Fix command completion handling Sean Anderson <sean.anderson(a)seco.com> usb: ulpi: Fix debugfs directory leak Christian A. Ehrhardt <lk(a)c--e.de> usb: ucsi: Add missing ppm_lock Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> iio: hid-sensor-als: Return 0 for HID_USAGE_SENSOR_TIME_TIMESTAMP Jason Gerecke <killertofu(a)gmail.com> HID: wacom: Do not register input devices until after hid_hw_start Tatsunosuke Tobita <tatsunosuke.tobita(a)wacom.com> HID: wacom: generic: Avoid reporting a serial of '0' to userspace Johan Hovold <johan+linaro(a)kernel.org> HID: i2c-hid-of: fix NULL-deref on failed power up Luka Guzenko <l.guzenko(a)web.de> ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx David Senoner <seda18(a)rolmail.net> ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 Helge Deller <deller(a)gmx.de> parisc: Prevent hung tasks when printing inventory on serial console Techno Mooney <techno.mooney(a)gmail.com> ASoC: amd: yc: Add DMI quirk for MSI Bravo 15 C7VF Mikulas Patocka <mpatocka(a)redhat.com> dm-crypt, dm-verity: disable tasklets Michael Kelley <mhklinux(a)outlook.com> scsi: storvsc: Fix ring buffer size calculation Zach O'Keefe <zokeefe(a)google.com> mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again Masami Hiramatsu (Google) <mhiramat(a)kernel.org> tracing/trigger: Fix to return error if failed to alloc snapshot Samuel Holland <samuel.holland(a)sifive.com> scs: add CONFIG_MMU dependency for vfree_atomic() Ivan Vecera <ivecera(a)redhat.com> i40e: Fix waiting for queues of all VSIs to be disabled Ivan Vecera <ivecera(a)redhat.com> i40e: Do not allow untrusted VF to remove administratively set MAC Guenter Roeck <linux(a)roeck-us.net> MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler Arnd Bergmann <arnd(a)arndb.de> nouveau/svm: fix kvcalloc() argument order Breno Leitao <leitao(a)debian.org> net: sysfs: Fix /sys/class/net/<iface> path for statistics Alexey Khoroshilov <khoroshilov(a)ispras.ru> ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> spi: ppc4xx: Drop write-only variable Jakub Kicinski <kuba(a)kernel.org> net: tls: fix returned read length with async decrypt Sabrina Dubroca <sd(a)queasysnail.net> net: tls: fix use-after-free with partial reads and async decrypt Jakub Kicinski <kuba(a)kernel.org> tls: fix race between async notify and socket close Jakub Kicinski <kuba(a)kernel.org> net: tls: factor out tls_*crypt_async_wait() Sabrina Dubroca <sd(a)queasysnail.net> tls: extract context alloc/initialization out of tls_set_sw_offload David Howells <dhowells(a)redhat.com> tls/sw: Use splice_eof() to flush Horatiu Vultur <horatiu.vultur(a)microchip.com> lan966x: Fix crash when adding interface under a lag Aaron Conole <aconole(a)redhat.com> net: openvswitch: limit the number of recursions from action sets Saravana Kannan <saravanak(a)google.com> of: property: Improve finding the supplier of a remote-endpoint property Dan Carpenter <dan.carpenter(a)linaro.org> wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() Dan Carpenter <dan.carpenter(a)linaro.org> wifi: iwlwifi: Fix some error codes Sean Christopherson <seanjc(a)google.com> KVM: selftests: Fix a semaphore imbalance in the dirty ring logging test Gavin Shan <gshan(a)redhat.com> KVM: selftests: Clear dirty ring states between two modes in dirty_log_test Christian A. Ehrhardt <lk(a)c--e.de> of: unittest: Fix compile in the non-dynamic case Saravana Kannan <saravanak(a)google.com> driver core: Fix device_link_flag_is_sync_state_only() Josef Bacik <josef(a)toxicpanda.com> btrfs: don't drop extent_map for free space inode on write error Filipe Manana <fdmanana(a)suse.com> btrfs: reject encoded write if inode has nodatasum flag set Filipe Manana <fdmanana(a)suse.com> btrfs: don't reserve space for checksums when writing to nocow files David Sterba <dsterba(a)suse.com> btrfs: send: return EOPNOTSUPP on unknown flags Boris Burkov <boris(a)bur.io> btrfs: forbid deleting live subvol qgroup Qu Wenruo <wqu(a)suse.com> btrfs: do not ASSERT() if the newly created subvolume already got read Boris Burkov <boris(a)bur.io> btrfs: forbid creating subvol qgroups Filipe Manana <fdmanana(a)suse.com> btrfs: do not delete unused block group if it may be used soon Filipe Manana <fdmanana(a)suse.com> btrfs: add and use helper to check if block group is used Linus Torvalds <torvalds(a)linux-foundation.org> update workarounds for gcc "asm goto" issue Linus Torvalds <torvalds(a)linux-foundation.org> work around gcc bugs with 'asm goto' with outputs ------------- Diffstat: .../ABI/testing/sysfs-class-net-statistics | 48 ++--- Documentation/arm64/silicon-errata.rst | 7 + .../bindings/net/wireless/marvell-8xxx.txt | 4 +- Makefile | 10 +- arch/Kconfig | 1 + arch/arc/include/asm/jump_label.h | 4 +- arch/arm/boot/dts/imx6q-apalis-ixora-v1.2.dts | 2 + arch/arm/include/asm/jump_label.h | 4 +- arch/arm64/boot/dts/qcom/apq8016-sbc.dts | 4 - arch/arm64/boot/dts/qcom/msm8916.dtsi | 2 +- arch/arm64/boot/dts/qcom/sdm845.dtsi | 4 +- arch/arm64/boot/dts/qcom/sm8150.dtsi | 4 +- arch/arm64/include/asm/alternative-macros.h | 4 +- arch/arm64/include/asm/cputype.h | 4 + arch/arm64/include/asm/jump_label.h | 4 +- arch/arm64/kernel/cpu_errata.c | 3 + arch/arm64/kernel/vdso32/Makefile | 2 - arch/csky/include/asm/jump_label.h | 4 +- arch/mips/include/asm/checksum.h | 3 +- arch/mips/include/asm/jump_label.h | 4 +- arch/parisc/Kconfig | 1 - arch/parisc/include/asm/assembly.h | 1 + arch/parisc/include/asm/extable.h | 64 ++++++ arch/parisc/include/asm/jump_label.h | 4 +- arch/parisc/include/asm/special_insns.h | 6 +- arch/parisc/include/asm/uaccess.h | 48 +---- arch/parisc/kernel/drivers.c | 3 + arch/parisc/kernel/unaligned.c | 44 ++-- arch/parisc/mm/fault.c | 11 +- arch/powerpc/include/asm/bug.h | 2 +- arch/powerpc/include/asm/jump_label.h | 4 +- arch/powerpc/include/asm/thread_info.h | 2 +- arch/powerpc/include/asm/uaccess.h | 8 +- arch/powerpc/kernel/cpu_specs_e500mc.h | 3 +- arch/powerpc/kernel/interrupt_64.S | 4 +- arch/powerpc/kernel/irq_64.c | 2 +- arch/powerpc/mm/kasan/init_32.c | 1 + arch/powerpc/platforms/pseries/lpar.c | 8 +- arch/riscv/include/asm/jump_label.h | 4 +- arch/s390/include/asm/jump_label.h | 4 +- arch/sparc/include/asm/jump_label.h | 4 +- arch/um/Makefile | 4 +- arch/um/include/asm/cpufeature.h | 2 +- arch/x86/Kconfig.cpu | 2 +- arch/x86/include/asm/cpufeature.h | 2 +- arch/x86/include/asm/jump_label.h | 6 +- arch/x86/include/asm/rmwcc.h | 2 +- arch/x86/include/asm/uaccess.h | 10 +- arch/x86/include/asm/virtext.h | 12 +- arch/x86/kernel/fpu/signal.c | 13 +- arch/x86/kvm/svm/svm_ops.h | 6 +- arch/x86/kvm/vmx/pmu_intel.c | 2 +- arch/x86/kvm/vmx/vmx.c | 8 +- arch/x86/kvm/vmx/vmx_ops.h | 6 +- arch/x86/mm/ident_map.c | 23 ++- arch/xtensa/include/asm/jump_label.h | 4 +- block/blk-mq.c | 9 +- drivers/android/binder.c | 10 + drivers/base/core.c | 15 +- drivers/base/power/domain.c | 2 +- drivers/bus/moxtet.c | 7 + drivers/crypto/ccp/sev-dev.c | 10 +- drivers/dma/ioat/dma.c | 12 +- drivers/firewire/core-device.c | 7 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 - drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 9 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 2 + drivers/gpu/drm/amd/display/dc/dml/Makefile | 6 +- drivers/gpu/drm/drm_prime.c | 2 +- drivers/gpu/drm/msm/msm_iommu.c | 32 ++- drivers/gpu/drm/nouveau/nouveau_svm.c | 2 +- drivers/gpu/drm/virtio/virtgpu_drv.c | 1 + drivers/hid/i2c-hid/i2c-hid-of.c | 1 + drivers/hid/wacom_sys.c | 63 ++++-- drivers/hid/wacom_wac.c | 9 +- drivers/i2c/busses/Makefile | 6 +- drivers/i2c/busses/i2c-i801.c | 4 +- drivers/i2c/busses/i2c-pasemi-core.c | 5 + drivers/i2c/busses/i2c-qcom-geni.c | 16 +- drivers/iio/accel/Kconfig | 2 + drivers/iio/imu/bno055/Kconfig | 1 + drivers/iio/industrialio-core.c | 5 +- drivers/iio/light/hid-sensor-als.c | 1 + drivers/iio/magnetometer/rm3100-core.c | 10 +- drivers/infiniband/hw/irdma/verbs.c | 7 + drivers/interconnect/qcom/sc8180x.c | 1 + drivers/irqchip/irq-brcmstb-l2.c | 5 +- drivers/irqchip/irq-gic-v3-its.c | 22 +- drivers/irqchip/irq-loongson-eiointc.c | 2 +- drivers/md/dm-core.h | 2 + drivers/md/dm-crypt.c | 37 +--- drivers/md/dm-ioctl.c | 3 +- drivers/md/dm-table.c | 9 +- drivers/md/dm-verity-target.c | 26 +-- drivers/md/dm-verity.h | 1 - drivers/md/md.c | 7 +- .../media/platform/rockchip/rkisp1/rkisp1-dev.c | 2 +- drivers/media/rc/bpf-lirc.c | 6 +- drivers/media/rc/ir_toy.c | 2 + drivers/media/rc/lirc_dev.c | 5 +- drivers/media/rc/rc-core-priv.h | 2 +- drivers/misc/fastrpc.c | 2 +- drivers/mmc/core/slot-gpio.c | 6 +- drivers/mmc/host/sdhci-pci-o2micro.c | 30 +++ drivers/net/can/dev/netlink.c | 2 +- drivers/net/ethernet/intel/i40e/i40e_main.c | 2 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 38 +++- .../net/ethernet/microchip/lan966x/lan966x_lag.c | 9 +- .../net/ethernet/netronome/nfp/flower/conntrack.c | 24 ++- .../ethernet/netronome/nfp/flower/tunnel_conf.c | 2 +- .../ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c | 6 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 3 + drivers/net/ethernet/ti/cpsw.c | 2 + drivers/net/ethernet/ti/cpsw_new.c | 3 + drivers/net/hyperv/netvsc.c | 5 +- drivers/net/hyperv/netvsc_drv.c | 82 ++++++-- drivers/net/wireless/intel/iwlwifi/fw/acpi.c | 15 +- drivers/net/wireless/marvell/mwifiex/Kconfig | 5 +- drivers/net/wireless/marvell/mwifiex/sdio.c | 46 ++++- drivers/net/wireless/marvell/mwifiex/sdio.h | 3 + drivers/net/xen-netback/netback.c | 100 +++++---- drivers/of/property.c | 18 +- drivers/of/unittest.c | 12 +- drivers/s390/net/qeth_l3_main.c | 9 +- drivers/scsi/fcoe/fcoe_ctlr.c | 20 +- drivers/scsi/storvsc_drv.c | 12 +- drivers/spi/spi-ppc4xx.c | 5 - drivers/staging/iio/impedance-analyzer/ad5933.c | 2 +- drivers/tty/serial/max310x.c | 53 ++++- drivers/usb/common/ulpi.c | 2 +- drivers/usb/core/hub.c | 30 ++- drivers/usb/dwc3/gadget.c | 6 +- drivers/usb/gadget/function/f_mass_storage.c | 20 +- drivers/usb/typec/ucsi/ucsi.c | 2 + drivers/usb/typec/ucsi/ucsi_acpi.c | 17 +- fs/btrfs/block-group.c | 49 ++++- fs/btrfs/block-group.h | 7 + fs/btrfs/delalloc-space.c | 29 ++- fs/btrfs/disk-io.c | 13 +- fs/btrfs/inode.c | 26 ++- fs/btrfs/ioctl.c | 5 + fs/btrfs/qgroup.c | 14 ++ fs/btrfs/send.c | 2 +- fs/ceph/caps.c | 3 +- fs/ext4/mballoc.c | 39 ++-- fs/ext4/move_extent.c | 6 +- fs/hugetlbfs/inode.c | 19 +- fs/namespace.c | 11 +- fs/nfsd/nfs4state.c | 37 ++-- fs/nilfs2/dat.c | 27 ++- fs/nilfs2/file.c | 8 +- fs/nilfs2/recovery.c | 7 +- fs/nilfs2/segment.c | 8 +- fs/ntfs3/fsntfs.c | 16 +- fs/ntfs3/index.c | 3 +- fs/proc/array.c | 10 +- fs/smb/client/cached_dir.c | 8 +- fs/smb/client/smb2ops.c | 2 +- fs/smb/client/smb2pdu.c | 95 +++++---- fs/smb/client/smb2proto.h | 12 +- fs/smb/server/smb2pdu.c | 8 +- fs/zonefs/file.c | 42 ++-- fs/zonefs/super.c | 66 +++--- include/asm-generic/vmlinux.lds.h | 6 - include/linux/bpf.h | 12 +- include/linux/cleanup.h | 171 ++++++++++++++++ include/linux/compiler-clang.h | 9 + include/linux/compiler-gcc.h | 20 ++ include/linux/compiler_attributes.h | 6 + include/linux/compiler_types.h | 11 +- include/linux/device.h | 7 + include/linux/file.h | 6 + include/linux/iio/adc/ad_sigma_delta.h | 4 +- include/linux/iio/common/st_sensors.h | 4 +- include/linux/iio/imu/adis.h | 3 +- include/linux/init.h | 3 - include/linux/irqflags.h | 7 + include/linux/mmc/sdio_ids.h | 1 + include/linux/mutex.h | 4 + include/linux/netfilter/ipset/ip_set.h | 4 + include/linux/percpu.h | 4 + include/linux/preempt.h | 5 + include/linux/rcupdate.h | 3 + include/linux/rwsem.h | 8 + include/linux/sched/task.h | 2 + include/linux/slab.h | 3 + include/linux/spinlock.h | 31 +++ include/linux/srcu.h | 5 + include/net/tls.h | 5 - init/Kconfig | 9 + io_uring/net.c | 5 +- kernel/bpf/helpers.c | 67 +++--- kernel/bpf/verifier.c | 3 +- kernel/sched/membarrier.c | 6 + kernel/time/hrtimer.c | 14 +- kernel/trace/bpf_trace.c | 56 +++-- kernel/trace/ring_buffer.c | 2 +- kernel/trace/trace.c | 78 +++---- kernel/trace/trace_events_trigger.c | 6 +- lib/mpi/ec.c | 3 + mm/page-writeback.c | 2 +- mm/userfaultfd.c | 15 +- net/can/j1939/j1939-priv.h | 3 +- net/can/j1939/main.c | 2 +- net/can/j1939/socket.c | 46 +++-- net/core/skbuff.c | 3 +- net/hsr/hsr_device.c | 4 +- net/mac80211/tx.c | 5 +- net/mptcp/pm_userspace.c | 13 +- net/mptcp/protocol.c | 24 +-- net/mptcp/protocol.h | 4 +- net/netfilter/ipset/ip_set_bitmap_gen.h | 14 +- net/netfilter/ipset/ip_set_core.c | 39 +++- net/netfilter/ipset/ip_set_hash_gen.h | 19 +- net/netfilter/ipset/ip_set_list_set.c | 13 +- net/netfilter/nft_set_pipapo_avx2.c | 2 +- net/nfc/nci/core.c | 4 + net/openvswitch/flow_netlink.c | 49 +++-- net/tls/tls.h | 1 + net/tls/tls_main.c | 2 + net/tls/tls_sw.c | 226 +++++++++++++-------- net/wireless/core.c | 1 + net/xfrm/xfrm_input.c | 77 +++---- net/xfrm/xfrm_output.c | 33 +-- samples/bpf/asm_goto_workaround.h | 8 +- scripts/Makefile.modpost | 1 + scripts/checkpatch.pl | 2 +- scripts/link-vmlinux.sh | 9 +- scripts/mod/modpost.c | 43 ++-- scripts/mod/sumversion.c | 7 +- security/apparmor/include/lib.h | 6 +- security/security.c | 14 +- sound/pci/hda/patch_conexant.c | 18 ++ sound/pci/hda/patch_cs8409.c | 1 + sound/pci/hda/patch_realtek.c | 11 +- sound/soc/amd/yc/acp6x-mach.c | 14 ++ sound/soc/codecs/rt5645.c | 1 + sound/soc/codecs/wcd938x.c | 2 +- tools/arch/x86/include/asm/rmwcc.h | 2 +- tools/include/linux/compiler_types.h | 4 +- tools/testing/selftests/kvm/dirty_log_test.c | 77 ++++--- tools/testing/selftests/net/mptcp/config | 3 + tools/testing/selftests/net/mptcp/settings | 2 +- tools/testing/selftests/vm/ksm_tests.c | 2 +- tools/testing/selftests/vm/va_128TBswitch.sh | 6 + tools/tracing/rtla/Makefile | 7 +- tools/tracing/rtla/src/osnoise_hist.c | 9 +- tools/tracing/rtla/src/osnoise_top.c | 6 +- tools/tracing/rtla/src/timerlat_hist.c | 9 +- tools/tracing/rtla/src/timerlat_top.c | 6 +- tools/tracing/rtla/src/utils.c | 12 +- tools/tracing/rtla/src/utils.h | 2 + 252 files changed, 2347 insertions(+), 1137 deletions(-)

1 year, 6 months

12
11
0 0

[PATCH] mfd: twl: select MFD_CORE

by A. Sverdlin

From: Alexander Sverdlin <alexander.sverdlin(a)siemens.com> Fix link error: ld.bfd: drivers/mfd/twl-core.o: in function `twl_probe': git/drivers/mfd/twl-core.c:846: undefined reference to `devm_mfd_add_devices' Cc: <stable(a)vger.kernel.org> Fixes: 63416320419e ("mfd: twl-core: Add a clock subdevice for the TWL6032") Signed-off-by: Alexander Sverdlin <alexander.sverdlin(a)siemens.com> --- drivers/mfd/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/mfd/Kconfig b/drivers/mfd/Kconfig index 90ce58fd629e5..1195a27c881e4 100644 --- a/drivers/mfd/Kconfig +++ b/drivers/mfd/Kconfig @@ -1772,6 +1772,7 @@ config TWL4030_CORE bool "TI TWL4030/TWL5030/TWL6030/TPS659x0 Support" depends on I2C=y select IRQ_DOMAIN + select MFD_CORE select REGMAP_I2C help Say yes here if you have TWL4030 / TWL6030 family chip on your board. -- 2.43.0

1 year, 6 months

3
2
0 0

[PATCH 4.19 v2 1/3] sched/rt: Fix sysctl_sched_rr_timeslice intial value

by Petr Vorel

From: Cyril Hrubis <chrubis(a)suse.cz> [ Upstream commit c7fcb99877f9f542c918509b2801065adcaf46fa ] There is a 10% rounding error in the intial value of the sysctl_sched_rr_timeslice with CONFIG_HZ_300=y. This was found with LTP test sched_rr_get_interval01: sched_rr_get_interval01.c:57: TPASS: sched_rr_get_interval() passed sched_rr_get_interval01.c:64: TPASS: Time quantum 0s 99999990ns sched_rr_get_interval01.c:72: TFAIL: /proc/sys/kernel/sched_rr_timeslice_ms != 100 got 90 sched_rr_get_interval01.c:57: TPASS: sched_rr_get_interval() passed sched_rr_get_interval01.c:64: TPASS: Time quantum 0s 99999990ns sched_rr_get_interval01.c:72: TFAIL: /proc/sys/kernel/sched_rr_timeslice_ms != 100 got 90 What this test does is to compare the return value from the sched_rr_get_interval() and the sched_rr_timeslice_ms sysctl file and fails if they do not match. The problem it found is the intial sysctl file value which was computed as: static int sysctl_sched_rr_timeslice = (MSEC_PER_SEC / HZ) * RR_TIMESLICE; which works fine as long as MSEC_PER_SEC is multiple of HZ, however it introduces 10% rounding error for CONFIG_HZ_300: (MSEC_PER_SEC / HZ) * (100 * HZ / 1000) (1000 / 300) * (100 * 300 / 1000) 3 * 30 = 90 This can be easily fixed by reversing the order of the multiplication and division. After this fix we get: (MSEC_PER_SEC * (100 * HZ / 1000)) / HZ (1000 * (100 * 300 / 1000)) / 300 (1000 * 30) / 300 = 100 Fixes: 975e155ed873 ("sched/rt: Show the 'sched_rr_timeslice' SCHED_RR timeslice tuning knob in milliseconds") Signed-off-by: Cyril Hrubis <chrubis(a)suse.cz> Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Reviewed-by: Petr Vorel <pvorel(a)suse.cz> Acked-by: Mel Gorman <mgorman(a)suse.de> Tested-by: Petr Vorel <pvorel(a)suse.cz> Link: https://lore.kernel.org/r/20230802151906.25258-2-chrubis@suse.cz [ pvorel: rebased for 4.19 ] Signed-off-by: Petr Vorel <pvorel(a)suse.cz> --- kernel/sched/rt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c index 394c66442cff..ce4594215728 100644 --- a/kernel/sched/rt.c +++ b/kernel/sched/rt.c @@ -8,7 +8,7 @@ #include "pelt.h" int sched_rr_timeslice = RR_TIMESLICE; -int sysctl_sched_rr_timeslice = (MSEC_PER_SEC / HZ) * RR_TIMESLICE; +int sysctl_sched_rr_timeslice = (MSEC_PER_SEC * RR_TIMESLICE) / HZ; static int do_sched_rt_period_timer(struct rt_bandwidth *rt_b, int overrun); -- 2.35.3

1 year, 6 months

2
3
0 0

[PATCH 6.1.y] riscv/efistub: Ensure GP-relative addressing is not used

by Jan Kiszka

From: Jan Kiszka <jan.kiszka(a)siemens.com> commit afb2a4fb84555ef9e61061f6ea63ed7087b295d5 upstream. The cflags for the RISC-V efistub were missing -mno-relax, thus were under the risk that the compiler could use GP-relative addressing. That happened for _edata with binutils-2.41 and kernel 6.1, causing the relocation to fail due to an invalid kernel_size in handle_kernel_image. It was not yet observed with newer versions, but that may just be luck. Cc: <stable(a)vger.kernel.org> Signed-off-by: Jan Kiszka <jan.kiszka(a)siemens.com> Signed-off-by: Ard Biesheuvel <ardb(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/firmware/efi/libstub/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile index ef5045a53ce0..b6e1dcb98a64 100644 --- a/drivers/firmware/efi/libstub/Makefile +++ b/drivers/firmware/efi/libstub/Makefile @@ -25,7 +25,7 @@ cflags-$(CONFIG_ARM) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \ -fno-builtin -fpic \ $(call cc-option,-mno-single-pic-base) cflags-$(CONFIG_RISCV) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \ - -fpic + -fpic -mno-relax cflags-$(CONFIG_LOONGARCH) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \ -fpie -- 2.35.3

1 year, 6 months

2
1
0 0

FAILED: patch "[PATCH] zonefs: Improve error handling" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 14db5f64a971fce3d8ea35de4dfc7f443a3efb92 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021942-driven-backhand-7edd@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 14db5f64a971 ("zonefs: Improve error handling") 77af13ba3c7f ("zonefs: Do not propagate iomap_dio_rw() ENOTBLK error to user space") aa7f243f32e1 ("zonefs: Separate zone information from inode information") 34422914dc00 ("zonefs: Reduce struct zonefs_inode_info size") 46a9c526eef7 ("zonefs: Simplify IO error handling") 4008e2a0b01a ("zonefs: Reorganize code") a608da3bd730 ("zonefs: Detect append writes at invalid locations") db58653ce0c7 ("zonefs: Fix active zone accounting") 7dd12d65ac64 ("zonefs: fix zone report size in __zonefs_io_error()") 8745889a7fd0 ("Merge tag 'iomap-6.0-merge-2' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 14db5f64a971fce3d8ea35de4dfc7f443a3efb92 Mon Sep 17 00:00:00 2001 From: Damien Le Moal <dlemoal(a)kernel.org> Date: Thu, 8 Feb 2024 17:26:59 +0900 Subject: [PATCH] zonefs: Improve error handling Write error handling is racy and can sometime lead to the error recovery path wrongly changing the inode size of a sequential zone file to an incorrect value which results in garbage data being readable at the end of a file. There are 2 problems: 1) zonefs_file_dio_write() updates a zone file write pointer offset after issuing a direct IO with iomap_dio_rw(). This update is done only if the IO succeed for synchronous direct writes. However, for asynchronous direct writes, the update is done without waiting for the IO completion so that the next asynchronous IO can be immediately issued. However, if an asynchronous IO completes with a failure right before the i_truncate_mutex lock protecting the update, the update may change the value of the inode write pointer offset that was corrected by the error path (zonefs_io_error() function). 2) zonefs_io_error() is called when a read or write error occurs. This function executes a report zone operation using the callback function zonefs_io_error_cb(), which does all the error recovery handling based on the current zone condition, write pointer position and according to the mount options being used. However, depending on the zoned device being used, a report zone callback may be executed in a context that is different from the context of __zonefs_io_error(). As a result, zonefs_io_error_cb() may be executed without the inode truncate mutex lock held, which can lead to invalid error processing. Fix both problems as follows: - Problem 1: Perform the inode write pointer offset update before a direct write is issued with iomap_dio_rw(). This is safe to do as partial direct writes are not supported (IOMAP_DIO_PARTIAL is not set) and any failed IO will trigger the execution of zonefs_io_error() which will correct the inode write pointer offset to reflect the current state of the one on the device. - Problem 2: Change zonefs_io_error_cb() into zonefs_handle_io_error() and call this function directly from __zonefs_io_error() after obtaining the zone information using blkdev_report_zones() with a simple callback function that copies to a local stack variable the struct blk_zone obtained from the device. This ensures that error handling is performed holding the inode truncate mutex. This change also simplifies error handling for conventional zone files by bypassing the execution of report zones entirely. This is safe to do because the condition of conventional zones cannot be read-only or offline and conventional zone files are always fully mapped with a constant file size. Reported-by: Shin'ichiro Kawasaki <shinichiro.kawasaki(a)wdc.com> Fixes: 8dcc1a9d90c1 ("fs: New zonefs file system") Cc: stable(a)vger.kernel.org Signed-off-by: Damien Le Moal <dlemoal(a)kernel.org> Tested-by: Shin'ichiro Kawasaki <shinichiro.kawasaki(a)wdc.com> Reviewed-by: Johannes Thumshirn <johannes.thumshirn(a)wdc.com> Reviewed-by: Himanshu Madhani <himanshu.madhani(a)oracle.com> diff --git a/fs/zonefs/file.c b/fs/zonefs/file.c index 6ab2318a9c8e..dba5dcb62bef 100644 --- a/fs/zonefs/file.c +++ b/fs/zonefs/file.c @@ -348,7 +348,12 @@ static int zonefs_file_write_dio_end_io(struct kiocb *iocb, ssize_t size, struct zonefs_inode_info *zi = ZONEFS_I(inode); if (error) { - zonefs_io_error(inode, true); + /* + * For Sync IOs, error recovery is called from + * zonefs_file_dio_write(). + */ + if (!is_sync_kiocb(iocb)) + zonefs_io_error(inode, true); return error; } @@ -491,6 +496,14 @@ static ssize_t zonefs_file_dio_write(struct kiocb *iocb, struct iov_iter *from) ret = -EINVAL; goto inode_unlock; } + /* + * Advance the zone write pointer offset. This assumes that the + * IO will succeed, which is OK to do because we do not allow + * partial writes (IOMAP_DIO_PARTIAL is not set) and if the IO + * fails, the error path will correct the write pointer offset. + */ + z->z_wpoffset += count; + zonefs_inode_account_active(inode); mutex_unlock(&zi->i_truncate_mutex); } @@ -504,20 +517,19 @@ static ssize_t zonefs_file_dio_write(struct kiocb *iocb, struct iov_iter *from) if (ret == -ENOTBLK) ret = -EBUSY; - if (zonefs_zone_is_seq(z) && - (ret > 0 || ret == -EIOCBQUEUED)) { - if (ret > 0) - count = ret; - - /* - * Update the zone write pointer offset assuming the write - * operation succeeded. If it did not, the error recovery path - * will correct it. Also do active seq file accounting. - */ - mutex_lock(&zi->i_truncate_mutex); - z->z_wpoffset += count; - zonefs_inode_account_active(inode); - mutex_unlock(&zi->i_truncate_mutex); + /* + * For a failed IO or partial completion, trigger error recovery + * to update the zone write pointer offset to a correct value. + * For asynchronous IOs, zonefs_file_write_dio_end_io() may already + * have executed error recovery if the IO already completed when we + * reach here. However, we cannot know that and execute error recovery + * again (that will not change anything). + */ + if (zonefs_zone_is_seq(z)) { + if (ret > 0 && ret != count) + ret = -EIO; + if (ret < 0 && ret != -EIOCBQUEUED) + zonefs_io_error(inode, true); } inode_unlock: diff --git a/fs/zonefs/super.c b/fs/zonefs/super.c index 93971742613a..b6e8e7c96251 100644 --- a/fs/zonefs/super.c +++ b/fs/zonefs/super.c @@ -246,16 +246,18 @@ static void zonefs_inode_update_mode(struct inode *inode) z->z_mode = inode->i_mode; } -struct zonefs_ioerr_data { - struct inode *inode; - bool write; -}; - static int zonefs_io_error_cb(struct blk_zone *zone, unsigned int idx, void *data) { - struct zonefs_ioerr_data *err = data; - struct inode *inode = err->inode; + struct blk_zone *z = data; + + *z = *zone; + return 0; +} + +static void zonefs_handle_io_error(struct inode *inode, struct blk_zone *zone, + bool write) +{ struct zonefs_zone *z = zonefs_inode_zone(inode); struct super_block *sb = inode->i_sb; struct zonefs_sb_info *sbi = ZONEFS_SB(sb); @@ -270,8 +272,8 @@ static int zonefs_io_error_cb(struct blk_zone *zone, unsigned int idx, data_size = zonefs_check_zone_condition(sb, z, zone); isize = i_size_read(inode); if (!(z->z_flags & (ZONEFS_ZONE_READONLY | ZONEFS_ZONE_OFFLINE)) && - !err->write && isize == data_size) - return 0; + !write && isize == data_size) + return; /* * At this point, we detected either a bad zone or an inconsistency @@ -292,7 +294,7 @@ static int zonefs_io_error_cb(struct blk_zone *zone, unsigned int idx, * In all cases, warn about inode size inconsistency and handle the * IO error according to the zone condition and to the mount options. */ - if (zonefs_zone_is_seq(z) && isize != data_size) + if (isize != data_size) zonefs_warn(sb, "inode %lu: invalid size %lld (should be %lld)\n", inode->i_ino, isize, data_size); @@ -352,8 +354,6 @@ static int zonefs_io_error_cb(struct blk_zone *zone, unsigned int idx, zonefs_i_size_write(inode, data_size); z->z_wpoffset = data_size; zonefs_inode_account_active(inode); - - return 0; } /* @@ -367,23 +367,25 @@ void __zonefs_io_error(struct inode *inode, bool write) { struct zonefs_zone *z = zonefs_inode_zone(inode); struct super_block *sb = inode->i_sb; - struct zonefs_sb_info *sbi = ZONEFS_SB(sb); unsigned int noio_flag; - unsigned int nr_zones = 1; - struct zonefs_ioerr_data err = { - .inode = inode, - .write = write, - }; + struct blk_zone zone; int ret; /* - * The only files that have more than one zone are conventional zone - * files with aggregated conventional zones, for which the inode zone - * size is always larger than the device zone size. + * Conventional zone have no write pointer and cannot become read-only + * or offline. So simply fake a report for a single or aggregated zone + * and let zonefs_handle_io_error() correct the zone inode information + * according to the mount options. */ - if (z->z_size > bdev_zone_sectors(sb->s_bdev)) - nr_zones = z->z_size >> - (sbi->s_zone_sectors_shift + SECTOR_SHIFT); + if (!zonefs_zone_is_seq(z)) { + zone.start = z->z_sector; + zone.len = z->z_size >> SECTOR_SHIFT; + zone.wp = zone.start + zone.len; + zone.type = BLK_ZONE_TYPE_CONVENTIONAL; + zone.cond = BLK_ZONE_COND_NOT_WP; + zone.capacity = zone.len; + goto handle_io_error; + } /* * Memory allocations in blkdev_report_zones() can trigger a memory @@ -394,12 +396,20 @@ void __zonefs_io_error(struct inode *inode, bool write) * the GFP_NOIO context avoids both problems. */ noio_flag = memalloc_noio_save(); - ret = blkdev_report_zones(sb->s_bdev, z->z_sector, nr_zones, - zonefs_io_error_cb, &err); - if (ret != nr_zones) + ret = blkdev_report_zones(sb->s_bdev, z->z_sector, 1, + zonefs_io_error_cb, &zone); + memalloc_noio_restore(noio_flag); + + if (ret != 1) { zonefs_err(sb, "Get inode %lu zone information failed %d\n", inode->i_ino, ret); - memalloc_noio_restore(noio_flag); + zonefs_warn(sb, "remounting filesystem read-only\n"); + sb->s_flags |= SB_RDONLY; + return; + } + +handle_io_error: + zonefs_handle_io_error(inode, &zone, write); } static struct kmem_cache *zonefs_inode_cachep;

1 year, 6 months

3
2
0 0

FAILED: patch "[PATCH] userfaultfd: fix mmap_changing checking in" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 67695f18d55924b2013534ef3bdc363bc9e14605 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021850-vaseline-mongrel-489e@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 67695f18d55924b2013534ef3bdc363bc9e14605 Mon Sep 17 00:00:00 2001 From: Lokesh Gidra <lokeshgidra(a)google.com> Date: Wed, 17 Jan 2024 14:37:29 -0800 Subject: [PATCH] userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb In mfill_atomic_hugetlb(), mmap_changing isn't being checked again if we drop mmap_lock and reacquire it. When the lock is not held, mmap_changing could have been incremented. This is also inconsistent with the behavior in mfill_atomic(). Link: https://lkml.kernel.org/r/20240117223729.1444522-1-lokeshgidra@google.com Fixes: df2cc96e77011 ("userfaultfd: prevent non-cooperative events vs mcopy_atomic races") Signed-off-by: Lokesh Gidra <lokeshgidra(a)google.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Mike Rapoport <rppt(a)kernel.org> Cc: Axel Rasmussen <axelrasmussen(a)google.com> Cc: Brian Geffon <bgeffon(a)google.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: Jann Horn <jannh(a)google.com> Cc: Kalesh Singh <kaleshsingh(a)google.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Nicolas Geoffray <ngeoffray(a)google.com> Cc: Peter Xu <peterx(a)redhat.com> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c index 20e3b0d9cf7e..75fcf1f783bc 100644 --- a/mm/userfaultfd.c +++ b/mm/userfaultfd.c @@ -357,6 +357,7 @@ static __always_inline ssize_t mfill_atomic_hugetlb( unsigned long dst_start, unsigned long src_start, unsigned long len, + atomic_t *mmap_changing, uffd_flags_t flags) { struct mm_struct *dst_mm = dst_vma->vm_mm; @@ -472,6 +473,15 @@ static __always_inline ssize_t mfill_atomic_hugetlb( goto out; } mmap_read_lock(dst_mm); + /* + * If memory mappings are changing because of non-cooperative + * operation (e.g. mremap) running in parallel, bail out and + * request the user to retry later + */ + if (mmap_changing && atomic_read(mmap_changing)) { + err = -EAGAIN; + break; + } dst_vma = NULL; goto retry; @@ -506,6 +516,7 @@ extern ssize_t mfill_atomic_hugetlb(struct vm_area_struct *dst_vma, unsigned long dst_start, unsigned long src_start, unsigned long len, + atomic_t *mmap_changing, uffd_flags_t flags); #endif /* CONFIG_HUGETLB_PAGE */ @@ -622,8 +633,8 @@ static __always_inline ssize_t mfill_atomic(struct mm_struct *dst_mm, * If this is a HUGETLB vma, pass off to appropriate routine */ if (is_vm_hugetlb_page(dst_vma)) - return mfill_atomic_hugetlb(dst_vma, dst_start, - src_start, len, flags); + return mfill_atomic_hugetlb(dst_vma, dst_start, src_start, + len, mmap_changing, flags); if (!vma_is_anonymous(dst_vma) && !vma_is_shmem(dst_vma)) goto out_unlock;

1 year, 6 months

3
2
0 0

[PATCH 4.19 5.4] nilfs2: replace WARN_ONs for invalid DAT metadata block requests

by Ryusuke Konishi

commit 5124a0a549857c4b87173280e192eea24dea72ad upstream. If DAT metadata file block access fails due to corruption of the DAT file or abnormal virtual block numbers held by b-trees or inodes, a kernel warning is generated. This replaces the WARN_ONs by error output, so that a kernel, booted with panic_on_warn, does not panic. This patch also replaces the detected return code -ENOENT with another internal code -EINVAL to notify the bmap layer of metadata corruption. When the bmap layer sees -EINVAL, it handles the abnormal situation with nilfs_bmap_convert_error() and finally returns code -EIO as it should. Link: https://lkml.kernel.org/r/0000000000005cc3d205ea23ddcf@google.com Link: https://lkml.kernel.org/r/20230126164114.6911-1-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Reported-by: <syzbot+5d5d25f90f195a3cfcb4(a)syzkaller.appspotmail.com> Tested-by: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- Please use this patch for these versions instead of the patch I asked you to drop in the previous review comments. This replacement patch uses an equivalent call using nilfs_msg() instead of nilfs_err(), which does not exist in these versions. Thanks, Ryusuke Konishi fs/nilfs2/dat.c | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/fs/nilfs2/dat.c b/fs/nilfs2/dat.c index e2a5320f2718..b9c759addd50 100644 --- a/fs/nilfs2/dat.c +++ b/fs/nilfs2/dat.c @@ -40,8 +40,21 @@ static inline struct nilfs_dat_info *NILFS_DAT_I(struct inode *dat) static int nilfs_dat_prepare_entry(struct inode *dat, struct nilfs_palloc_req *req, int create) { - return nilfs_palloc_get_entry_block(dat, req->pr_entry_nr, - create, &req->pr_entry_bh); + int ret; + + ret = nilfs_palloc_get_entry_block(dat, req->pr_entry_nr, + create, &req->pr_entry_bh); + if (unlikely(ret == -ENOENT)) { + nilfs_msg(dat->i_sb, KERN_ERR, + "DAT doesn't have a block to manage vblocknr = %llu", + (unsigned long long)req->pr_entry_nr); + /* + * Return internal code -EINVAL to notify bmap layer of + * metadata corruption. + */ + ret = -EINVAL; + } + return ret; } static void nilfs_dat_commit_entry(struct inode *dat, @@ -123,11 +136,7 @@ static void nilfs_dat_commit_free(struct inode *dat, int nilfs_dat_prepare_start(struct inode *dat, struct nilfs_palloc_req *req) { - int ret; - - ret = nilfs_dat_prepare_entry(dat, req, 0); - WARN_ON(ret == -ENOENT); - return ret; + return nilfs_dat_prepare_entry(dat, req, 0); } void nilfs_dat_commit_start(struct inode *dat, struct nilfs_palloc_req *req, @@ -154,10 +163,8 @@ int nilfs_dat_prepare_end(struct inode *dat, struct nilfs_palloc_req *req) int ret; ret = nilfs_dat_prepare_entry(dat, req, 0); - if (ret < 0) { - WARN_ON(ret == -ENOENT); + if (ret < 0) return ret; - } kaddr = kmap_atomic(req->pr_entry_bh->b_page); entry = nilfs_palloc_block_get_entry(dat, req->pr_entry_nr, -- 2.39.3

1 year, 6 months

2
1
0 0

[PATCH 5.15,6.1] Fixup preempt imbalance with bpf_trace_printk

by Thadeu Lima de Souza Cascardo

When bpf_trace_printk is called without any args in a second depth level, it will enable preemption without disabling it. These patch series fix this for 5.15 and 6.1. The fix was introduced in 6.3, so later kernels already have it. And 5.10 and earlier did not have the code that disabled preemption, so they are fine in that regard. This was tested by attaching a bpf program doing a non-0 arguments trace_printk at sys_enter and a 0 arguments snprintf at local_timer_entry. Dave Marchevsky (1): bpf: Merge printk and seq_printf VARARG max macros Jiri Olsa (3): bpf: Add struct for bin_args arg in bpf_bprintf_prepare bpf: Do cleanup in bpf_bprintf_cleanup only when needed bpf: Remove trace_printk_lock include/linux/bpf.h | 14 ++++++-- kernel/bpf/helpers.c | 71 ++++++++++++++++++++++------------------ kernel/bpf/verifier.c | 3 +- kernel/trace/bpf_trace.c | 39 ++++++++++------------ 4 files changed, 72 insertions(+), 55 deletions(-) -- 2.34.1

1 year, 6 months

2
8
0 0

Re: Patch "PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support" has been added to the 5.10-stable tree

by Niklas Cassel

On Mon, Feb 19, 2024 at 08:28:39PM -0500, Sasha Levin wrote: > This is a note to let you know that I've just added the patch titled > > PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support > > to the 5.10-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > pci-dwc-endpoint-fix-dw_pcie_ep_raise_msix_irq-align.patch > and it can be found in the queue-5.10 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. Hello stable maintainers, I notice that upstream commit: 2217fffcd63f ("PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support") has been backported (as it should) to: 5.10: https://marc.info/?l=linux-stable-commits&m=170839241818847&w=2 (only queued so far) 5.15: https://lore.kernel.org/stable/20240122235754.541847685@linuxfoundation.org/ 6.1: https://lore.kernel.org/stable/20240122235802.692374956@linuxfoundation.org/ 6.6: https://lore.kernel.org/stable/20240122235824.991665077@linuxfoundation.org/ 6.7: https://lore.kernel.org/stable/20240122235832.684822707@linuxfoundation.org/ Unfortunately, while this commit fixed a bug, it introduced another bug. This "another bug" is fixed in upstream commit: b5d1b4b46f85 ("PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq()") This fix has been backported to: 6.7: https://marc.info/?l=linux-stable-commits&m=170836979506847&w=2 (only queued so far) But needs to be backported to 5.10, 5.15, 6.1, 6.6, 6.7. It does not apply without conflicts, so I've attached two backported versions. (There was a minor conflict with the headers.) backport-all-but-5_10.patch - for 5.15, 6.1, 6.6, 6.7 backport-5_10.patch - for 5.10 Kind regards, Niklas

1 year, 6 months

2
1
0 0

Please pick up 3a9626c816db90 ("drm/amd: Stop evicting resources on APUs in suspend") for linux-6.7.y

by Thorsten Leemhuis

Hi Greg! Could you please pick up 3a9626c816db90 ("drm/amd: Stop evicting resources on APUs in suspend") for the earliest convenient linux-6.7.y release? It together with another commit (91636168531909 ("Revert "drm/amd: flush any delayed gfxoff on suspend entry"")) that is also queued for 6.7.6 fixes suspend problems that apparently bother quite a few people: https://gitlab.freedesktop.org/drm/amd/-/issues/3132 Both come from the same series (note, patch 3 of that series was deferred): https://lore.kernel.org/all/20240208055256.130917-1-mario.limonciello@amd.c… Mario, who authored 3a9626c816db90, forgot to add a stable tag and ask me to send this mail: https://gitlab.freedesktop.org/drm/amd/-/issues/3132#note_2292543 Ciao, Thorsten

1 year, 6 months

2
1
0 0

[PATCH v2 11/12] arm64: dts: qcom: sc8280xp-x13s: disable ASPM L0s for NVMe and modem

by Johan Hovold

There are indications that ASPM L0s is not working very well on this machine so disable it also for the NVMe and modem controllers for now. Note that this is done as a precaution based on problems with the Wi-Fi on the X13s as well as the NVMe, modem and Wi-Fi on the sc8280xp-crd reference design (the NVMe controller on my X13s does not support L0 and the machine lacks a modem). Fixes: 9f4f3dfad8cf ("PCI: qcom: Enable ASPM for platforms supporting 1.9.0 ops") Cc: stable(a)vger.kernel.org # 6.7 Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts b/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts index 70824294108e..06fc88d5d025 100644 --- a/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts +++ b/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts @@ -730,6 +730,8 @@ keyboard@68 { }; &pcie2a { + aspm-no-l0s; + perst-gpios = <&tlmm 143 GPIO_ACTIVE_LOW>; wake-gpios = <&tlmm 145 GPIO_ACTIVE_LOW>; @@ -749,6 +751,8 @@ &pcie2a_phy { }; &pcie3a { + aspm-no-l0s; + perst-gpios = <&tlmm 151 GPIO_ACTIVE_LOW>; wake-gpios = <&tlmm 148 GPIO_ACTIVE_LOW>; -- 2.43.0

1 year, 6 months

1
0
0 0

[PATCH v2 10/12] arm64: dts: qcom: sc8280xp-x13s: disable ASPM L0s for Wi-Fi

by Johan Hovold

Enabling ASPM L0s on the Lenovo Thinkpad X13s results in Correctable Errors (BadTLP, Timeout) when accessing the Wi-Fi controller so disable it for now. Fixes: 9f4f3dfad8cf ("PCI: qcom: Enable ASPM for platforms supporting 1.9.0 ops") Cc: stable(a)vger.kernel.org # 6.7 Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts b/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts index a67756ada990..70824294108e 100644 --- a/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts +++ b/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts @@ -769,6 +769,7 @@ &pcie3a_phy { &pcie4 { max-link-speed = <2>; + aspm-no-l0s; perst-gpios = <&tlmm 141 GPIO_ACTIVE_LOW>; wake-gpios = <&tlmm 139 GPIO_ACTIVE_LOW>; -- 2.43.0

1 year, 6 months

1
0
0 0

[PATCH v2 09/12] arm64: dts: qcom: sc8280xp-crd: disable ASPM L0s for modem and Wi-Fi

by Johan Hovold

There are indications that ASPM L0s is not working very well on this machine so disable it also for the modem and Wi-Fi controllers for now. This specifically avoids having the modem and Wi-Fi controllers bounce in an out of L0s when not used (the modem still bounces in and out of L1) as well as intermittent Correctable errors on the Wi-Fi link when not used. Fixes: 9f4f3dfad8cf ("PCI: qcom: Enable ASPM for platforms supporting 1.9.0 ops") Cc: stable(a)vger.kernel.org # 6.7 Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- arch/arm64/boot/dts/qcom/sc8280xp-crd.dts | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/arm64/boot/dts/qcom/sc8280xp-crd.dts b/arch/arm64/boot/dts/qcom/sc8280xp-crd.dts index 7e94a68d5d9f..8fc0380f65a0 100644 --- a/arch/arm64/boot/dts/qcom/sc8280xp-crd.dts +++ b/arch/arm64/boot/dts/qcom/sc8280xp-crd.dts @@ -546,6 +546,8 @@ &pcie2a_phy { }; &pcie3a { + aspm-no-l0s; + perst-gpios = <&tlmm 151 GPIO_ACTIVE_LOW>; wake-gpios = <&tlmm 148 GPIO_ACTIVE_LOW>; @@ -566,6 +568,7 @@ &pcie3a_phy { &pcie4 { max-link-speed = <2>; + aspm-no-l0s; perst-gpios = <&tlmm 141 GPIO_ACTIVE_LOW>; wake-gpios = <&tlmm 139 GPIO_ACTIVE_LOW>; -- 2.43.0

1 year, 6 months

1
0
0 0

[PATCH v2] x86/tools: fix line number reported for malformed lines

by Valentin Obst

While debugging the `X86_DECODER_SELFTEST` failure first reported in [1], we noticed that the line numbers reported by the `insn_decoder_test` tool do not correspond to the line in the output of `objdump_reformat.awk` that was causing the failure: # TEST posttest llvm-objdump -d -j .text ./vmlinux | \ awk -f ./arch/x86/tools/objdump_reformat.awk | \ arch/x86/tools/insn_decoder_test -y -v arch/x86/tools/insn_decoder_test: error: malformed line 1657116: 68db0 $ llvm-objdump -d -j .text ./vmlinux | \ awk -f ./arch/x86/tools/objdump_reformat.awk > objdump_reformat.txt $ head -n `echo 1657116+2 | bc` objdump_reformat.txt | tail -n 5 ffffffff815430b1 41 8b 47 1c movl ffffffff815430b5 89 c1 movl ffffffff815430b7 81 c9 00 40 00 00 orl ffffffff815430bd 41 89 4e 18 movl ffffffff815430c1 a8 40 testb These lines are perfectly fine. The reason is that the line count reported by the tool only includes instruction lines, i.e., it does not count symbol lines. This behavior was introduced in Commit 35039eb6b199 ("x86: Show symbol name if insn decoder test failed"), which included symbol lines in the output of the awk script. This broke the `instuction lines == total lines` property without accounting for it in `insn_decoder_test.c`. Add a new variable to count the combined (insn+symbol) line count and report this in the error message. With this patch, the line reported by the tool is the line causing the failure (long line wrapped at 75 chars): # TEST posttest llvm-objdump -d -j .text ./vmlinux | \ awk -f ./arch/x86/tools/objdump_reformat.awk | \ arch/x86/tools/insn_decoder_test -y -v arch/x86/tools/insn_decoder_test: error: malformed line 1699686: 68db0 $ head -n ` echo 1699686+2 | bc` objdump_reformat.txt | tail -n 5 ffffffff81568dac c3 retq <_RNvXsP_NtCs7qddEHlz8fK_4core3fmtRINtNtNtNtB7_4iter8adapters5chain5Chain INtNtBA_7flatten7FlattenINtNtB7_6option8IntoIterNtNtB7_4char11EscapeDebug EEINtB1a_7FlatMapNtNtNtB7_3str4iter5CharsB1T_NtB2D_23CharEscapeDebugConti nueEENtB5_5Debug3fmtB7_>:ffffffff81568db0 ffffffff81568dad 0f 1f 00 nopl ffffffff81568db0 f3 0f 1e fa endbr64 ffffffff81568db4 41 56 pushq [In this case the line causing the failure is interpreted as two lines by the tool (due to its length, but this is fixed by [1, 2]), and the second line is reported. Still the spatial closeness between the reported line and the line causing the failure would have made debugging a lot easier.] Link: https://lore.kernel.org/lkml/Y9ES4UKl%2F+DtvAVS@gmail.com/T/ [1] Link: https://lore.kernel.org/rust-for-linux/20231119180145.157455-1-sergio.colla… [2] Fixes: 35039eb6b199 ("x86: Show symbol name if insn decoder test failed") Reviewed-by: Miguel Ojeda <ojeda(a)kernel.org> Tested-by: Miguel Ojeda <ojeda(a)kernel.org> Reported-by: John Baublitz <john.m.baublitz(a)gmail.com> Debugged-by: John Baublitz <john.m.baublitz(a)gmail.com> Signed-off-by: Valentin Obst <kernel(a)valentinobst.de> --- Changes in v2: - Added tags 'Reviewed-by', 'Tested-by', 'Reported-by', 'Debugged-by', 'Link', and 'Fixes'. - Explain why this patch fixes the commit mentioned in the 'Fixes' tag. - CCed the stable list and sent to all x86 maintainers. - Link to v1: https://lore.kernel.org/r/20240221-x86-insn-decoder-line-fix-v1-1-47cd5a171… --- arch/x86/tools/insn_decoder_test.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/arch/x86/tools/insn_decoder_test.c b/arch/x86/tools/insn_decoder_test.c index 472540aeabc2..727017a3c3c7 100644 --- a/arch/x86/tools/insn_decoder_test.c +++ b/arch/x86/tools/insn_decoder_test.c @@ -114,6 +114,7 @@ int main(int argc, char **argv) unsigned char insn_buff[16]; struct insn insn; int insns = 0; + int lines = 0; int warnings = 0; parse_args(argc, argv); @@ -123,6 +124,8 @@ int main(int argc, char **argv) int nb = 0, ret; unsigned int b; + lines++; + if (line[0] == '<') { /* Symbol line */ strcpy(sym, line); @@ -134,12 +137,12 @@ int main(int argc, char **argv) strcpy(copy, line); tab1 = strchr(copy, '\t'); if (!tab1) - malformed_line(line, insns); + malformed_line(line, lines); s = tab1 + 1; s += strspn(s, " "); tab2 = strchr(s, '\t'); if (!tab2) - malformed_line(line, insns); + malformed_line(line, lines); *tab2 = '\0'; /* Characters beyond tab2 aren't examined */ while (s < tab2) { if (sscanf(s, "%x", &b) == 1) { --- base-commit: b401b621758e46812da61fa58a67c3fd8d91de0d change-id: 20240221-x86-insn-decoder-line-fix-7b1f2e1732ff Best regards, -- Valentin Obst <kernel(a)valentinobst.de>

1 year, 6 months

3
2
0 0

Linux 5.10.210

by Greg Kroah-Hartman

I'm announcing the release of the 5.10.210 kernel. All users of the 5.10 kernel series must upgrade. The updated 5.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-class-net-queues | 22 Documentation/ABI/testing/sysfs-class-net-statistics | 48 - Documentation/filesystems/directory-locking.rst | 29 - Documentation/filesystems/locking.rst | 5 Documentation/filesystems/porting.rst | 18 Documentation/sound/soc/dapm.rst | 2 Makefile | 2 arch/arm/boot/dts/exynos4210-i9100.dts | 8 arch/arm/boot/dts/imx1-ads.dts | 2 arch/arm/boot/dts/imx1-apf9328.dts | 2 arch/arm/boot/dts/imx1.dtsi | 5 arch/arm/boot/dts/imx23-sansa.dts | 12 arch/arm/boot/dts/imx23.dtsi | 2 arch/arm/boot/dts/imx25-eukrea-cpuimx25.dtsi | 2 arch/arm/boot/dts/imx25-eukrea-mbimxsd25-baseboard-cmo-qvga.dts | 2 arch/arm/boot/dts/imx25-eukrea-mbimxsd25-baseboard-dvi-svga.dts | 2 arch/arm/boot/dts/imx25-eukrea-mbimxsd25-baseboard-dvi-vga.dts | 2 arch/arm/boot/dts/imx25-pdk.dts | 2 arch/arm/boot/dts/imx25.dtsi | 2 arch/arm/boot/dts/imx27-apf27dev.dts | 4 arch/arm/boot/dts/imx27-eukrea-cpuimx27.dtsi | 4 arch/arm/boot/dts/imx27-eukrea-mbimxsd27-baseboard.dts | 2 arch/arm/boot/dts/imx27-phytec-phycard-s-rdk.dts | 2 arch/arm/boot/dts/imx27-phytec-phycore-rdk.dts | 2 arch/arm/boot/dts/imx27-phytec-phycore-som.dtsi | 2 arch/arm/boot/dts/imx27.dtsi | 3 arch/arm/boot/dts/imx28.dtsi | 2 arch/arm/boot/dts/imx7d.dtsi | 3 arch/arm/boot/dts/imx7s.dtsi | 10 arch/arm/boot/dts/rk3036.dtsi | 14 arch/arm64/boot/dts/qcom/msm8996.dtsi | 21 arch/arm64/boot/dts/qcom/msm8998.dtsi | 32 - arch/arm64/boot/dts/qcom/sc7180.dtsi | 8 arch/arm64/boot/dts/qcom/sdm845.dtsi | 16 arch/arm64/kernel/entry.S | 8 arch/arm64/kernel/perf_event.c | 6 arch/mips/include/asm/checksum.h | 3 arch/mips/kernel/elf.c | 6 arch/mips/mm/init.c | 15 arch/parisc/kernel/firmware.c | 4 arch/powerpc/include/asm/mmu.h | 4 arch/powerpc/include/asm/mmzone.h | 3 arch/powerpc/kernel/traps.c | 2 arch/powerpc/kvm/book3s_hv_uvmem.c | 2 arch/powerpc/lib/sstep.c | 10 arch/powerpc/mm/book3s64/pgtable.c | 2 arch/powerpc/mm/init-common.c | 5 arch/powerpc/mm/kasan/kasan_init_32.c | 1 arch/s390/crypto/aes_s390.c | 4 arch/s390/crypto/paes_s390.c | 4 arch/s390/kernel/ptrace.c | 6 arch/s390/kvm/kvm-s390.c | 5 arch/um/drivers/net_kern.c | 2 arch/um/include/shared/kern_util.h | 2 arch/um/kernel/process.c | 2 arch/um/os-Linux/helper.c | 6 arch/um/os-Linux/util.c | 19 arch/x86/Kconfig.cpu | 2 arch/x86/boot/compressed/ident_map_64.c | 5 arch/x86/boot/compressed/idt_64.c | 1 arch/x86/boot/compressed/idt_handlers_64.S | 1 arch/x86/boot/compressed/misc.h | 1 arch/x86/include/asm/syscall_wrapper.h | 25 arch/x86/kernel/cpu/mce/core.c | 16 arch/x86/kvm/mmu/page_track.c | 2 arch/x86/kvm/x86.c | 4 arch/x86/mm/ident_map.c | 23 block/bio.c | 9 block/blk-iocost.c | 7 block/blk-mq.c | 16 crypto/algapi.c | 1 drivers/acpi/acpi_extlog.c | 5 drivers/acpi/acpi_video.c | 9 drivers/acpi/apei/ghes.c | 29 - drivers/android/binder.c | 10 drivers/ata/libata-eh.c | 2 drivers/atm/idt77252.c | 2 drivers/base/power/domain.c | 2 drivers/base/power/main.c | 251 +++++----- drivers/base/power/runtime.c | 22 drivers/block/rbd.c | 22 drivers/block/rnbd/rnbd-srv.c | 19 drivers/bluetooth/hci_qca.c | 1 drivers/bus/mhi/host/main.c | 4 drivers/bus/moxtet.c | 7 drivers/char/hw_random/core.c | 34 - drivers/clk/hisilicon/clk-hi3620.c | 4 drivers/clk/mmp/clk-of-pxa168.c | 3 drivers/crypto/ccp/sev-dev.c | 10 drivers/crypto/stm32/stm32-crc32.c | 2 drivers/devfreq/devfreq.c | 24 drivers/dma/dmaengine.c | 3 drivers/dma/fsl-dpaa2-qdma/dpaa2-qdma.c | 10 drivers/dma/fsl-qdma.c | 27 - drivers/dma/ti/k3-udma.c | 10 drivers/firewire/core-device.c | 7 drivers/gpio/gpio-eic-sprd.c | 32 + drivers/gpio/gpiolib-acpi.c | 14 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_sync.c | 3 drivers/gpu/drm/amd/display/dc/core/dc.c | 4 drivers/gpu/drm/amd/pm/powerplay/hwmgr/process_pptables_v1_0.c | 2 drivers/gpu/drm/bridge/nxp-ptn3460.c | 6 drivers/gpu/drm/drm_file.c | 2 drivers/gpu/drm/drm_framebuffer.c | 2 drivers/gpu/drm/drm_mipi_dsi.c | 17 drivers/gpu/drm/drm_plane.c | 1 drivers/gpu/drm/exynos/exynos5433_drm_decon.c | 4 drivers/gpu/drm/exynos/exynos_drm_drv.c | 11 drivers/gpu/drm/exynos/exynos_drm_fimd.c | 4 drivers/gpu/drm/exynos/exynos_drm_gsc.c | 2 drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 5 drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 1 drivers/gpu/drm/msm/dp/dp_link.c | 12 drivers/gpu/drm/msm/dp/dp_reg.h | 3 drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 drivers/gpu/drm/nouveau/nouveau_vmm.c | 3 drivers/gpu/drm/panel/panel-simple.c | 2 drivers/gpu/drm/tidss/tidss_crtc.c | 10 drivers/hid/hid-apple.c | 33 + drivers/hid/hid-ids.h | 1 drivers/hid/hid-quirks.c | 1 drivers/hid/wacom_sys.c | 63 +- drivers/hid/wacom_wac.c | 9 drivers/hwmon/aspeed-pwm-tacho.c | 7 drivers/hwmon/coretemp.c | 40 - drivers/i2c/busses/i2c-i801.c | 19 drivers/i3c/master/i3c-master-cdns.c | 7 drivers/iio/accel/Kconfig | 2 drivers/iio/adc/ad7091r-base.c | 173 ++++++ drivers/iio/adc/ad7091r-base.h | 8 drivers/iio/adc/ad7091r5.c | 29 - drivers/iio/magnetometer/rm3100-core.c | 10 drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 7 drivers/input/keyboard/atkbd.c | 13 drivers/input/serio/i8042-acpipnpio.h | 6 drivers/irqchip/irq-brcmstb-l2.c | 5 drivers/irqchip/irq-gic-v3-its.c | 22 drivers/leds/trigger/ledtrig-panic.c | 5 drivers/md/dm-core.h | 2 drivers/md/dm-ioctl.c | 3 drivers/md/dm-table.c | 9 drivers/md/md.c | 54 +- drivers/md/raid5.c | 12 drivers/media/pci/ddbridge/ddbridge-main.c | 2 drivers/media/platform/mtk-jpeg/mtk_jpeg_core.c | 6 drivers/media/platform/rockchip/rga/rga.c | 15 drivers/media/rc/bpf-lirc.c | 6 drivers/media/rc/ir_toy.c | 2 drivers/media/rc/lirc_dev.c | 5 drivers/media/rc/rc-core-priv.h | 2 drivers/media/usb/stk1160/stk1160-video.c | 5 drivers/mfd/Kconfig | 1 drivers/misc/fastrpc.c | 2 drivers/mmc/core/block.c | 46 + drivers/mmc/core/slot-gpio.c | 6 drivers/mmc/host/mmc_spi.c | 186 ------- drivers/net/bonding/bond_alb.c | 3 drivers/net/dsa/mv88e6xxx/chip.h | 4 drivers/net/dsa/mv88e6xxx/serdes.c | 8 drivers/net/dsa/mv88e6xxx/serdes.h | 8 drivers/net/ethernet/broadcom/bnxt/bnxt.c | 5 drivers/net/ethernet/broadcom/genet/bcmgenet.c | 22 drivers/net/ethernet/broadcom/genet/bcmgenet.h | 3 drivers/net/ethernet/broadcom/genet/bcmmii.c | 6 drivers/net/ethernet/freescale/fec_main.c | 2 drivers/net/ethernet/intel/i40e/i40e_main.c | 2 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 32 + drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c | 36 - drivers/net/ethernet/intel/ixgbe/ixgbe_82599.c | 61 +- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 177 +++---- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 44 - drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c | 34 - drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 1 drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 105 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_phy.h | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 51 -- drivers/net/ethernet/intel/ixgbe/ixgbe_x540.c | 44 - drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 149 +++-- drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c | 27 + drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c | 26 - drivers/net/ethernet/mellanox/mlx5/core/steering/dr_action.c | 1 drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c | 2 drivers/net/ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c | 6 drivers/net/ethernet/pensando/ionic/ionic_dev.c | 1 drivers/net/ethernet/pensando/ionic/ionic_dev.h | 1 drivers/net/ethernet/pensando/ionic/ionic_main.c | 2 drivers/net/ethernet/stmicro/stmmac/common.h | 1 drivers/net/ethernet/stmicro/stmmac/dwxgmac2.h | 3 drivers/net/ethernet/stmicro/stmmac/dwxgmac2_core.c | 58 ++ drivers/net/fjes/fjes_hw.c | 37 + drivers/net/hyperv/netvsc.c | 5 drivers/net/ppp/ppp_async.c | 4 drivers/net/virtio_net.c | 9 drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 5 drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c | 2 drivers/net/wireless/ralink/rt2x00/rt2x00dev.c | 3 drivers/net/wireless/ralink/rt2x00/rt2x00mac.c | 11 drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 12 drivers/net/wireless/realtek/rtlwifi/rtl8723ae/phy.c | 6 drivers/net/wireless/realtek/rtlwifi/rtl8723be/phy.c | 4 drivers/net/xen-netback/netback.c | 84 +-- drivers/of/property.c | 2 drivers/of/unittest.c | 12 drivers/pci/controller/dwc/pcie-designware-ep.c | 2 drivers/pci/controller/pcie-mediatek.c | 10 drivers/pci/pcie/aer.c | 9 drivers/pci/quirks.c | 24 drivers/pci/switch/switchtec.c | 25 drivers/phy/renesas/phy-rcar-gen3-usb2.c | 4 drivers/phy/ti/phy-omap-usb2.c | 4 drivers/pnp/pnpacpi/rsparser.c | 12 drivers/regulator/core.c | 56 +- drivers/rpmsg/virtio_rpmsg_bus.c | 1 drivers/rtc/rtc-cmos.c | 4 drivers/s390/net/qeth_l3_main.c | 9 drivers/scsi/arcmsr/arcmsr.h | 4 drivers/scsi/arcmsr/arcmsr_hba.c | 6 drivers/scsi/device_handler/scsi_dh_alua.c | 4 drivers/scsi/device_handler/scsi_dh_emc.c | 4 drivers/scsi/device_handler/scsi_dh_rdac.c | 4 drivers/scsi/fcoe/fcoe_ctlr.c | 20 drivers/scsi/isci/request.c | 2 drivers/scsi/libfc/fc_fcp.c | 18 drivers/scsi/lpfc/lpfc.h | 1 drivers/scsi/lpfc/lpfc_init.c | 4 drivers/scsi/scsi_error.c | 73 +- drivers/scsi/scsi_lib.c | 6 drivers/scsi/scsi_priv.h | 4 drivers/spi/spi-bcm-qspi.c | 4 drivers/spi/spi-ppc4xx.c | 5 drivers/staging/iio/impedance-analyzer/ad5933.c | 2 drivers/tty/serial/8250/8250_core.c | 1 drivers/tty/serial/8250/8250_exar.c | 13 drivers/tty/serial/max310x.c | 21 drivers/tty/serial/sc16is7xx.c | 8 drivers/tty/tty_ioctl.c | 4 drivers/usb/cdns3/ep0.c | 4 drivers/usb/cdns3/gadget.c | 150 ++++- drivers/usb/cdns3/gadget.h | 3 drivers/usb/core/hub.c | 34 - drivers/usb/gadget/function/f_mass_storage.c | 20 drivers/usb/host/xhci-plat.c | 3 drivers/usb/serial/cp210x.c | 1 drivers/usb/serial/option.c | 1 drivers/usb/serial/qcserial.c | 2 drivers/usb/typec/ucsi/ucsi_acpi.c | 17 drivers/vhost/vhost.c | 5 drivers/watchdog/it87_wdt.c | 14 drivers/xen/gntdev-dmabuf.c | 50 - fs/afs/callback.c | 3 fs/afs/dir.c | 8 fs/afs/server.c | 7 fs/btrfs/disk-io.c | 13 fs/btrfs/extent-tree.c | 3 fs/btrfs/inode.c | 43 - fs/btrfs/ioctl.c | 12 fs/btrfs/qgroup.c | 14 fs/btrfs/ref-verify.c | 6 fs/btrfs/send.c | 2 fs/btrfs/tree-checker.c | 2 fs/ceph/caps.c | 12 fs/cifs/smb2misc.c | 2 fs/cifs/smb2ops.c | 14 fs/cifs/smb2pdu.c | 13 fs/cifs/smb2pdu.h | 42 - fs/dcache.c | 7 fs/ecryptfs/inode.c | 8 fs/exec.c | 3 fs/ext4/mballoc.c | 26 - fs/ext4/move_extent.c | 6 fs/ext4/resize.c | 37 - fs/f2fs/recovery.c | 25 fs/ioctl.c | 3 fs/jfs/jfs_dmap.c | 57 +- fs/jfs/jfs_dtree.c | 7 fs/jfs/jfs_imap.c | 3 fs/jfs/jfs_mount.c | 6 fs/kernfs/dir.c | 12 fs/namei.c | 60 +- fs/nilfs2/dat.c | 27 - fs/nilfs2/file.c | 8 fs/nilfs2/recovery.c | 7 fs/nilfs2/segment.c | 8 fs/pipe.c | 19 fs/pstore/ram.c | 1 fs/ubifs/dir.c | 2 include/drm/drm_color_mgmt.h | 1 include/drm/drm_mipi_dsi.h | 2 include/linux/async.h | 2 include/linux/bpf.h | 6 include/linux/dmaengine.h | 3 include/linux/hrtimer.h | 4 include/linux/lsm_hook_defs.h | 2 include/linux/mmzone.h | 18 include/linux/netfilter/ipset/ip_set.h | 4 include/linux/pci_ids.h | 1 include/linux/pipe_fs_i.h | 16 include/linux/pm_runtime.h | 8 include/linux/security.h | 9 include/linux/serial_core.h | 1 include/linux/spi/spi.h | 1 include/linux/stddef.h | 13 include/linux/syscalls.h | 1 include/linux/units.h | 10 include/linux/vmalloc.h | 5 include/net/af_unix.h | 20 include/net/inet_connection_sock.h | 8 include/net/llc_pdu.h | 6 include/net/netfilter/nf_tables.h | 4 include/scsi/scsi.h | 21 include/scsi/scsi_dh.h | 3 include/scsi/scsi_eh.h | 2 include/uapi/linux/btrfs.h | 3 include/uapi/linux/netfilter/nf_tables.h | 2 include/uapi/linux/stddef.h | 23 kernel/async.c | 85 ++- kernel/audit.c | 31 - kernel/bpf/arraymap.c | 12 kernel/bpf/hashtab.c | 6 kernel/bpf/map_in_map.c | 2 kernel/bpf/map_in_map.h | 2 kernel/bpf/syscall.c | 6 kernel/events/core.c | 38 + kernel/power/swap.c | 38 - kernel/sched/membarrier.c | 9 kernel/time/clocksource.c | 25 kernel/time/hrtimer.c | 17 kernel/time/tick-sched.c | 5 kernel/trace/ring_buffer.c | 2 kernel/trace/trace.c | 78 +-- kernel/trace/trace_events_trigger.c | 6 kernel/trace/tracing_map.c | 7 lib/debugobjects.c | 200 +++---- lib/mpi/ec.c | 3 mm/page-writeback.c | 2 mm/sparse.c | 17 mm/util.c | 50 + net/8021q/vlan_netlink.c | 4 net/bluetooth/l2cap_core.c | 3 net/can/j1939/j1939-priv.h | 1 net/can/j1939/socket.c | 22 net/core/request_sock.c | 3 net/core/skbuff.c | 3 net/hsr/hsr_device.c | 4 net/ipv4/af_inet.c | 9 net/ipv4/inet_connection_sock.c | 4 net/ipv4/ip_output.c | 12 net/ipv4/ip_tunnel_core.c | 2 net/ipv4/tcp.c | 45 + net/ipv6/addrconf_core.c | 21 net/ipv6/af_inet6.c | 3 net/ipv6/ip6_tunnel.c | 28 - net/iucv/af_iucv.c | 14 net/llc/af_llc.c | 26 - net/llc/llc_core.c | 7 net/mac80211/tx.c | 3 net/netfilter/ipset/ip_set_bitmap_gen.h | 14 net/netfilter/ipset/ip_set_core.c | 39 + net/netfilter/ipset/ip_set_hash_gen.h | 19 net/netfilter/ipset/ip_set_list_set.c | 13 net/netfilter/nf_log.c | 7 net/netfilter/nf_tables_api.c | 20 net/netfilter/nft_byteorder.c | 5 net/netfilter/nft_chain_filter.c | 11 net/netfilter/nft_compat.c | 23 net/netfilter/nft_ct.c | 27 + net/netfilter/nft_flow_offload.c | 5 net/netfilter/nft_meta.c | 2 net/netfilter/nft_nat.c | 5 net/netfilter/nft_rt.c | 5 net/netfilter/nft_set_pipapo.c | 108 ++-- net/netfilter/nft_set_pipapo.h | 18 net/netfilter/nft_set_pipapo_avx2.c | 17 net/netfilter/nft_set_rbtree.c | 6 net/netfilter/nft_socket.c | 5 net/netfilter/nft_synproxy.c | 7 net/netfilter/nft_tproxy.c | 5 net/netfilter/nft_xfrm.c | 5 net/netlink/af_netlink.c | 2 net/nfc/nci/core.c | 4 net/openvswitch/flow_netlink.c | 49 + net/rds/af_rds.c | 2 net/rxrpc/conn_event.c | 8 net/rxrpc/conn_service.c | 3 net/smc/smc_diag.c | 2 net/sunrpc/xprtmultipath.c | 17 net/tipc/bearer.c | 6 net/unix/af_unix.c | 14 net/unix/diag.c | 2 net/wireless/scan.c | 4 scripts/decode_stacktrace.sh | 64 ++ scripts/get_abi.pl | 2 scripts/kernel-doc | 3 scripts/link-vmlinux.sh | 9 scripts/mod/sumversion.c | 7 security/security.c | 32 + security/selinux/hooks.c | 28 + security/smack/smack_lsm.c | 1 security/tomoyo/tomoyo.c | 1 sound/hda/hdac_stream.c | 9 sound/hda/intel-dsp-config.c | 10 sound/pci/hda/hda_intel.c | 2 sound/pci/hda/patch_conexant.c | 18 sound/pci/hda/patch_realtek.c | 3 sound/soc/codecs/rt5645.c | 1 tools/lib/subcmd/help.c | 18 tools/testing/selftests/bpf/prog_tests/btf.c | 1 tools/testing/selftests/bpf/progs/pyperf180.c | 22 tools/testing/selftests/drivers/net/netdevsim/udp_tunnel_nic.sh | 9 tools/testing/selftests/net/pmtu.sh | 18 virt/kvm/kvm_main.c | 4 416 files changed, 3967 insertions(+), 2174 deletions(-) Aaron Conole (1): net: openvswitch: limit the number of recursions from action sets Adrian Reber (1): tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE Al Viro (2): rename(): fix the locking of subdirectories fast_dput(): handle underflows gracefully Aleksander Mazur (1): x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 Alex Henrie (1): HID: apple: Add support for the 2021 Magic Keyboard Alex Lyakas (1): md: Whenassemble the array, consult the superblock of the freshest device Alexander Stein (4): ARM: dts: imx7d: Fix coresight funnel ports ARM: dts: imx7s: Fix lcdif compatible ARM: dts: imx7s: Fix nand-controller #size-cells mmc: slot-gpio: Allow non-sleeping GPIO ro Alexandra Winter (1): s390/qeth: Fix potential loss of L3-IP@ in case of network issues Alexey Dobriyan (1): uapi: stddef.h: Fix __DECLARE_FLEX_ARRAY for C++ Alexey Khoroshilov (1): ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() Alfred Piccioni (1): lsm: new security_file_ioctl_compat() hook Amelie Delaunay (1): dmaengine: fix NULL pointer in channel unregistration function Andrii Nakryiko (1): selftests/bpf: satisfy compiler by having explicit return in btf test Andrii Staikov (1): i40e: Fix VF disable behavior to block all traffic Andrzej Hajda (1): debugobjects: Stop accessing objects after releasing hash bucket lock Andy Shevchenko (1): mmc: mmc_spi: remove custom DMA mapped buffers Anna Schumaker (1): SUNRPC: Fix a suspicious RCU usage warning Antoine Tenart (1): tunnels: fix out of bounds access when building IPv6 PMTU error Anton Ivanov (1): um: Fix naming clash between UML and scheduler Arjun Roy (1): net-zerocopy: Refactor frag-is-remappable test. Arnd Bergmann (1): drm/exynos: fix accidental on-stack copy of exynos_drm_plane Avri Altman (1): mmc: core: Use mrq.sbc in close-ended ffu Baokun Li (4): ext4: unify the type of flexbg_size to unsigned int ext4: remove unnecessary check from alloc_flex_gd() ext4: avoid online resizing failures due to oversized flex bg ext4: fix double-free of blocks due to wrong extents moved_len Bart Van Assche (1): scsi: core: Introduce enum scsi_disposition Benjamin Berg (3): wifi: cfg80211: free beacon_ies when overridden from hidden BSS um: Don't use vfprintf() for os_info() HID: apple: Add 2021 magic keyboard FN key mapping Bernd Edlinger (1): exec: Fix error handling in begin_new_exec() Bjorn Helgaas (2): PM: sleep: Use dev_printk() when possible PCI/AER: Decode Requester ID when no error info found Boris Burkov (2): btrfs: forbid creating subvol qgroups btrfs: forbid deleting live subvol qgroup Breno Leitao (2): net: sysfs: Fix /sys/class/net/<iface> path net: sysfs: Fix /sys/class/net/<iface> path for statistics Carlos Llamas (2): binder: signal epoll threads of self-work scripts/decode_stacktrace.sh: optionally use LLVM utilities Chao Yu (1): f2fs: fix to check return value of f2fs_reserve_new_block() Charan Teja Kalla (1): mm/sparsemem: fix race in accessing memory_section->usage Chris Riches (1): audit: Send netlink ACK before setting connection in auditd_set Christian A. Ehrhardt (2): of: unittest: Fix compile in the non-dynamic case usb: ucsi_acpi: Fix command completion handling Christoph Hellwig (1): block: prevent an integer overflow in bvec_try_merge_hw_page Christophe JAILLET (3): ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA Chung-Chiang Cheng (1): btrfs: tree-checker: fix inline ref size in error messages Cristian Ciocaltea (1): ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Dan Carpenter (4): drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking drm/bridge: nxp-ptn3460: simplify some error checking netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() Daniel Basilio (1): nfp: use correct macro for LengthSelect in BAR config Daniel Lezcano (2): units: change from 'L' to 'UL' units: add the HZ macros Daniel Stodden (1): PCI: switchtec: Fix stdev_release() crash after surprise hot remove Daniel Vacek (1): IB/ipoib: Fix mcast list locking Daniel de Villiers (1): nfp: flower: prevent re-adding mac index for bonded port Dave Airlie (1): nouveau/vmm: don't set addr on the fail path to avoid warning David Howells (2): afs: Hide silly-rename files from userspace rxrpc: Fix response to PING RESPONSE ACKs to a dead call David Schiller (1): staging: iio: ad5933: fix type mismatch regression David Senoner (1): ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 David Sterba (2): btrfs: don't warn if discard range is not aligned to sector btrfs: send: return EOPNOTSUPP on unknown flags Davidlohr Bueso (1): hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range() Dmitry Antipov (1): PNP: ACPI: fix fortify warning Dmitry Baryshkov (1): PM: runtime: add devm_pm_runtime_enable helper Doug Berger (1): irqchip/irq-brcmstb-l2: Add write memory barrier before exit Douglas Anderson (2): drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time PM: runtime: Have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL Edward Adam Davis (3): jfs: fix uaf in jfs_evict_inode jfs: fix array-index-out-of-bounds in diNewExt wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Ekansh Gupta (1): misc: fastrpc: Mark all sessions as invalid in cb_remove Emmanuel Grumbach (1): wifi: iwlwifi: fix a memory corruption Eric Dumazet (9): llc: make llc_ui_sendmsg() more robust against bonding changes ip6_tunnel: use dev_sw_netstats_rx_add() ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() tcp: add sanity checks to rx zerocopy llc: call sock_orphan() at release time af_unix: fix lockdep positive in sk_diag_dump_icons() inet: read sk->sk_family once in inet_recv_error() ppp_async: limit MRU to 64K net: prevent mss overflow in skb_segment() Fabio Estevam (9): ARM: dts: imx25/27-eukrea: Fix RTC node name ARM: dts: imx: Use flash@0,0 pattern ARM: dts: imx27: Fix sram node ARM: dts: imx1: Fix sram node ARM: dts: imx25: Fix the iim compatible string ARM: dts: imx25/27: Pass timing0 ARM: dts: imx27-apf27dev: Fix LED name ARM: dts: imx23-sansa: Use preferred i2c-gpios properties ARM: dts: imx23/28: Fix the DMA controller node name Fedor Pchelkin (3): btrfs: ref-verify: free ref cache before clearing mount opt drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume nfc: nci: free rx_data_reassembly skb on NCI device cleanup Felix Kuehling (1): drm/amdgpu: Let KFD sync with VM fences Florian Fainelli (1): net: bcmgenet: Fix EEE implementation Florian Westphal (5): netfilter: nf_tables: restrict anonymous set and map names to 16 bytes netfilter: nf_tables: reject QUEUE/DROP verdict parameters netfilter: nft_set_pipapo: store index in scratch maps netfilter: nft_set_pipapo: add helper to release pcpu scratch area netfilter: nft_set_pipapo: remove scratch_aligned pointer Frank Li (5): usb: cdns3: fix uvc failure work since sg support enabled usb: cdns3: fix incorrect calculation of ep_buf_size when more than one config usb: cdns3: fix iso transfer error when mult is not zero usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg enabled dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV Frederic Weisbecker (1): hrtimer: Report offline hrtimer enqueue Frédéric Danis (1): Bluetooth: L2CAP: Fix possible multiple reject send Furong Xu (2): net: stmmac: xgmac: fix handling of DPP safety error for DMA channels net: stmmac: xgmac: fix a typo of register name in DPP safety handling Gabriel Krisman Bertazi (1): ecryptfs: Reject casefold directory inodes Ghanshyam Agrawal (1): media: stk1160: Fixed high volume of stk1160_dbg messages Greg KH (1): perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file Greg Kroah-Hartman (1): Linux 5.10.210 Guanhua Gao (1): dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools Guenter Roeck (1): MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler Guilherme G. Piccoli (1): PCI: Only override AMD USB controller if required Hannes Reinecke (2): scsi: libfc: Don't schedule abort twice scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hans de Goede (1): Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID Hardik Gajjar (1): usb: hub: Replace hardcoded quirk value with BIT() macro Harshit Shah (1): i3c: master: cdns: Update maximum prescaler value for i2c clock Heiko Carstens (2): s390/ptrace: handle setting of fpc register correctly KVM: s390: fix setting of fpc register Heiner Kallweit (2): leds: trigger: panic: Don't register panic notifier if creating the trigger failed i2c: i801: Remove i801_set_block_buffer_mode Helge Deller (2): parisc/firmware: Fix F-extend for PDC addresses ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Herbert Xu (3): crypto: api - Disallow identical driver names hwrng: core - Fix page fault dead lock on mmap-ed hwrng crypto: s390/aes - Fix buffer overread in CTR mode Hongchen Zhang (1): PM: hibernate: Enforce ordering during image compression/decompression Hou Tao (2): bpf: Add map and need_defer parameters to .map_fd_put_ptr() bpf: Set uattr->batch.count as zero before batched update or deletion Hugo Villeneuve (4): serial: sc16is7xx: set safe default SPI clock frequency serial: sc16is7xx: add check for unsupported SPI modes during probe serial: max310x: set default value when reading clock ready bit serial: max310x: improve crystal stable clock detection Ian Rogers (1): libsubcmd: Fix memory leak in uniq() Ido Schimmel (1): PCI: Add no PM reset quirk for NVIDIA Spectrum devices Ilpo Järvinen (2): serial: Add rs485_supported to uart_port serial: 8250_exar: Fill in rs485_supported Ilya Dryomov (1): rbd: don't move requests to the running list on errors Ivan Vecera (1): i40e: Fix waiting for queues of all VSIs to be disabled Jack Wang (1): RDMA/IPoIB: Fix error code return in ipoib_mcast_join JackBB Wu (1): USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e Jaegeuk Kim (1): f2fs: fix write pointers on zoned device after roll forward Jai Luthra (1): dmaengine: ti: k3-udma: Report short packet errors Jakub Kicinski (1): selftests: netdevsim: fix the udp_tunnel_nic test Jan Beulich (1): xen-netback: properly sync TX responses Jason Gerecke (1): HID: wacom: Do not register input devices until after hid_hw_start Jean Delvare (1): i2c: i801: Fix block process call transactions Jedrzej Jagielski (2): ixgbe: Refactor returning internal error codes ixgbe: Refactor overtemp event handling Jenishkumar Maheshbhai Patel (1): net: mvpp2: clear BM pool before initialization Jiangfeng Xiao (1): powerpc/kasan: Fix addr error caused by page alignment Jiri Wiesner (1): clocksource: Skip watchdog check for large watchdog intervals Johan Hovold (3): arm64: dts: qcom: sdm845: fix USB wakeup interrupt types arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts arm64: dts: qcom: sc7180: fix USB wakeup interrupt types Johan Jonker (1): ARM: dts: rockchip: fix rk3036 hdmi ports node Johannes Berg (1): wifi: mac80211: reload info pointer in ieee80211_tx_dequeue() Jonathan Cameron (1): iio:adc:ad7091r: Move exports into IIO_AD7091R namespace. Jozsef Kadlecsik (2): netfilter: ipset: fix performance regression in swap operation netfilter: ipset: Missing gc cancellations fixed Julian Wiedmann (1): net/af_iucv: clean up a try_then_request_module() Jun'ichi Nomura (1): x86/boot: Ignore NMIs during very early boot Junxiao Bi (1): Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" Justin Tee (1): scsi: lpfc: Fix possible file string name overflow when updating firmware Kamal Dasu (1): spi: bcm-qspi: fix SFDP BFPT read by usig mspi read Kees Cook (3): stddef: Introduce DECLARE_FLEX_ARRAY() helper smb3: Replace smb2pdu 1-element arrays with flex-arrays block/rnbd-srv: Check for unlikely string overflow Kim Phillips (1): crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked Konrad Dybcio (2): pmdomain: core: Move the unused cleanup to a _sync initcall drm/msm/dsi: Enable runtime PM Kuan-Wei Chiu (2): clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() Kuniyuki Iwashima (1): llc: Drop support for ETH_P_TR_802_2. Kunwu Chan (1): powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Kuogee Hsieh (1): drm/msm/dp: return correct Colorimetry for DP_TEST_DYNAMIC_RANGE_CEA case Lee Duncan (1): scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" Leonard Dallmayr (1): USB: serial: cp210x: add ID for IMST iM871A-USB Li zeming (1): PM: core: Remove unnecessary (void *) conversions Lin Ma (1): vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING Lino Sanfilippo (1): serial: 8250_exar: Set missing rs485_supported flag Linus Torvalds (1): sched/membarrier: reduce the ability to hammer on sys_membarrier Loic Prylli (1): hwmon: (aspeed-pwm-tacho) mutex for tach reading Luka Guzenko (1): ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx Lukas Schauer (1): pipe: wakeup wr_wait after setting max_usage Manas Ghandat (2): jfs: fix slab-out-of-bounds Read in dtSearch jfs: fix array-index-out-of-bounds in dbAdjTree Mao Jinlong (2): arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property Marc Zyngier (1): irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update Marcelo Schmitt (3): iio: adc: ad7091r: Set alert bit in config register iio: adc: ad7091r: Allow users to configure device events iio: adc: ad7091r: Enable internal vref if external vref is not supplied Mario Limonciello (3): rtc: Adjust failure return code for cmos_set_alarm() gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 iio: accel: bma400: Fix a compilation problem Mark Rutland (1): drivers/perf: pmuv3: don't expose SW_INCR event in sysfs Markus Niebel (1): drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33] Masami Hiramatsu (Google) (1): tracing/trigger: Fix to return error if failed to alloc snapshot Matthew Wilcox (Oracle) (1): block: Remove special-casing of compound pages Max Kellermann (2): fs/pipe: move check to pipe_has_watch_queue() fs/kernfs/dir: obey S_ISGID Meenakshikumar Somasundaram (1): drm/amd/display: Fix tiled display misalignment Michael Chan (1): bnxt_en: Wait for FLR to complete during probe Michael Ellerman (2): powerpc: Fix build error due to is_valid_bugaddr() powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() Michael Tretter (1): media: rockchip: rga: fix swizzling for RGB formats Miguel Ojeda (1): scripts: decode_stacktrace: demangle Rust symbols Mikulas Patocka (1): dm: limit the number of targets and parameter size area Ming Lei (3): blk-mq: fix IO hang from sbitmap wakeup race scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler scsi: core: Move scsi_host_busy() out of host lock if it is for per-command Minsuk Kang (1): wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Mukesh Ojha (1): PM / devfreq: Synchronize devfreq_monitor_[start/stop] Nathan Chancellor (2): um: net: Fix return type of uml_net_start_xmit() kbuild: Fix changing ELF file type for output of gen_btf for big endian Naveen N Rao (1): powerpc/lib: Validate size for vector operations Nikita Zhandarovich (1): net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Niklas Cassel (1): PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support Nikolay Borisov (1): btrfs: remove err variable from btrfs_delete_subvolume Nuno Sa (1): of: property: fix typo in io-channels Oleg Nesterov (3): afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleksandr Tyshchenko (1): xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import Oleksij Rempel (2): spi: introduce SPI_MODE_X_MASK macro can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Oliver Neukum (1): USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT Omar Sandoval (2): btrfs: don't abort filesystem when attempting to snapshot deleted subvolume btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted Ondrej Mosnacek (1): lsm: fix the logic in security_inode_getsecctx() Osama Muhammad (2): FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree UBSAN: array-index-out-of-bounds in dtSplitRoot Pablo Neira Ayuso (8): netfilter: nf_tables: validate NFPROTO_* family netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations netfilter: nft_compat: reject unused compat flag netfilter: nft_compat: restrict match/target protocol to u16 netfilter: nft_ct: reject direction for ct id netfilter: nft_set_rbtree: skip end interval element from gc Paolo Abeni (1): selftests: net: avoid just another constant wait Paolo Bonzini (2): mm: vmalloc: introduce array allocation functions KVM: use __vcalloc for very large allocations Paul Cercueil (1): ARM: dts: samsung: exynos4210-i9100: Unconditionally enable LDO12 Pawel Laszczak (1): usb: cdns3: Fixes for sparse warnings Peter Robinson (1): mfd: ti_am335x_tscadc: Fix TI SoC dependencies Peter Zijlstra (1): perf: Fix the nr_addr_filters fix Petr Pavlu (1): tracing: Ensure visibility when inserting an element into tracing_map Pierre-Louis Bossart (3): PCI: add INTEL_HDA_ARL to pci_ids.h ALSA: hda: Intel: add HDA_ARL PCI ID support ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL Piotr Skajewski (1): ixgbe: Remove non-inclusive language Prarit Bhargava (1): ACPI: extlog: fix NULL pointer dereference check Prashanth K (1): usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK Prathu Baronia (1): vhost: use kzalloc() instead of kmalloc() followed by memset() Puliang Lu (1): USB: serial: option: add Fibocom FM101-GL variant Qiang Yu (1): bus: mhi: host: Drop chan lock before queuing buffers Qu Wenruo (2): btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args btrfs: do not ASSERT() if the newly created subvolume already got read Radek Krejci (1): modpost: trim leading spaces when processing source files list Rafael J. Wysocki (5): async: Split async_schedule_node_domain() async: Introduce async_schedule_dev_nocall() PM: sleep: Avoid calling put_device() under dpm_list_mtx PM: sleep: Fix possible deadlocks in core system-wide PM code PM: sleep: Fix error handling in dpm_prepare() Richard Palethorpe (1): x86/entry/ia32: Ensure s32 is sign extended to s64 Rishabh Dave (1): ceph: prevent use-after-free in encode_cap_msg() Rob Clark (1): drm/msm/dpu: Ratelimit framedone timeout msgs Rolf Eike Beer (1): mm: use __pfn_to_section() instead of open coding it Rui Zhang (1): regulator: core: Only increment use_count when enable_count changes Ryusuke Konishi (4): nilfs2: fix data corruption in dsync block recovery for small block sizes nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() nilfs2: fix potential bug in end_buffer_async_write nilfs2: replace WARN_ONs for invalid DAT metadata block requests Salvatore Dipietro (1): tcp: Add memory barrier to tcp_push() Sandeep Maheswaram (1): arm64: dts: qcom: sc7180: Use pdc interrupts for USB instead of GIC interrupts Schspa Shi (1): scripts/decode_stacktrace.sh: support old bash version Sean Young (1): media: rc: bpf attach/detach requires write permission Serge Semin (1): mips: Fix max_mapnr being uninitialized on early stages Shannon Nelson (1): ionic: pass opcode to devcmd_wait Sharath Srinivasan (1): net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv Shenwei Wang (1): net: fec: fix the unhandled context fault from smmu Shigeru Yoshida (1): tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() Shiji Yang (1): wifi: rt2x00: restart beacon queue when hardware reset Shuai Xue (1): ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events Simon Horman (1): net: stmmac: xgmac: use #define for string constants Sjoerd Simons (1): bus: moxtet: Add spi device table Souradeep Chakrabarti (1): hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove Srinivasan Shanmugam (3): drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' Stephen Boyd (1): scripts/decode_stacktrace.sh: silence stderr messages from addr2line/nm Stephen Rothwell (2): powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE drm: using mul_u32_u32() requires linux/math64.h Steve Wahl (1): x86/mm/ident_map: Use gbpages only where full GB page should be mapped. Steven Rostedt (Google) (2): tracing: Fix wasted memory in saved_cmdlines logic tracing: Inform kmemleak of saved_cmdlines allocation Su Hui (3): wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() media: ddbridge: fix an error code problem in ddb_probe scsi: isci: Fix an error code problem in isci_io_request_build() Suraj Jitindar Singh (1): ext4: allow for the last group to be marked as trimmed Takashi Iwai (1): ALSA: hda: Refer to correct stream index at loops Takashi Sakamoto (1): firewire: core: correct documentation of fw_csr_string() kernel API Tatsunosuke Tobita (1): HID: wacom: generic: Avoid reporting a serial of '0' to userspace Tejun Heo (1): blk-iocost: Fix an UBSAN shift-out-of-bounds warning Thomas Bourgoin (1): crypto: stm32/crc32 - fix parsing list of devices Tianjia Zhang (1): crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init Tim Chen (1): tick/sched: Preserve number of idle sleeps across CPU hotplug events Tobias Waldekranz (1): net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error path Tomi Valkeinen (4): drm/tidss: Fix atomic_flush check drm/drm_file: fix use of uninitialized variable drm/framebuffer: Fix use of uninitialized variable drm/mipi-dsi: Fix detach call without attach Tony Lindgren (1): phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP Uwe Kleine-König (1): spi: ppc4xx: Drop write-only variable Vegard Nossum (1): scripts/get_abi: fix source path leak Ville Syrjälä (1): drm: Don't unref the same fb many times by mistake due to deadlock handling Vincent Donnefort (1): ring-buffer: Clean ring_buffer_poll_wait() error return Weichen Chen (1): pstore/ram: Fix crash when setting number of cpus to an odd number Wen Gu (1): net/smc: fix illegal rmb_desc access in SMC-D connection dump Wenhua Lin (1): gpio: eic-sprd: Clear interrupt after set the interrupt type Werner Fischer (1): watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 Werner Sembach (1): Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU Xi Ruoyao (1): mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan Xiang Yang (1): Revert "arm64: Stash shadow stack pointer in the task struct on interrupt" Xiaolei Wang (1): rpmsg: virtio: Free driver_override when rpmsg_remove() Xiubo Li (1): ceph: fix deadlock or deadcode of misusing dget() Ye Bin (1): ext4: fix inconsistent between segment fstrim and full fstrim Yevgeny Kliteynik (1): net/mlx5: DR, Use the right GVMI number for drop action Yonghong Song (1): selftests/bpf: Fix pyperf180 compilation failure with clang18 Yoshihiro Shimoda (1): phy: renesas: rcar-gen3-usb2: Fix returning wrong error code Yuluo Qiu (1): ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Zach O'Keefe (1): mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again Zenm Chen (1): wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Zhang Rui (2): hwmon: (coretemp) Fix out-of-bounds memory access hwmon: (coretemp) Fix bogus core_id to attr name mapping Zheng Wang (1): media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run Zhengchao Shao (5): tcp: make sure init the accept_queue's spinlocks once netlink: fix potential sleeping issue in mqueue_flush_file ipv6: init the accept_queue's spinlocks in inet6_create bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk bonding: remove print in bond_verify_device_path Zhihao Cheng (1): ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path Zhipeng Lu (5): net/mlx5e: fix a double-free in arfs_create_groups fjes: fix memleaks in fjes_hw_setup net: ipv4: fix a memleak in ip_setup_cork atm: idt77252: fix a memleak in open_card_ubr0 media: ir_toy: fix a memleak in irtoy_tx Zhiquan Li (1): x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel Zhu Yanjun (1): virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings Zijun Hu (1): Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066 bo liu (1): ALSA: hda/conexant: Add quirk for SWS JS201D ching Huang (1): scsi: arcmsr: Support new PCI device IDs 1883 and 1886 qizhong cheng (1): PCI: mediatek: Clear interrupt status before dispatching handler yuan linyu (1): usb: f_mass_storage: forbid async queue when shutdown happen zhili.liu (1): iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC

1 year, 6 months

1
1
0 0

Linux 5.10.210

by Greg Kroah-Hartman

I'm announcing the release of the 5.10.210 kernel. All users of the 5.10 kernel series must upgrade. The updated 5.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Aaron Conole (1): net: openvswitch: limit the number of recursions from action sets Adrian Reber (1): tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE Al Viro (2): rename(): fix the locking of subdirectories fast_dput(): handle underflows gracefully Aleksander Mazur (1): x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 Alex Henrie (1): HID: apple: Add support for the 2021 Magic Keyboard Alex Lyakas (1): md: Whenassemble the array, consult the superblock of the freshest device Alexander Stein (4): ARM: dts: imx7d: Fix coresight funnel ports ARM: dts: imx7s: Fix lcdif compatible ARM: dts: imx7s: Fix nand-controller #size-cells mmc: slot-gpio: Allow non-sleeping GPIO ro Alexandra Winter (1): s390/qeth: Fix potential loss of L3-IP@ in case of network issues Alexey Dobriyan (1): uapi: stddef.h: Fix __DECLARE_FLEX_ARRAY for C++ Alexey Khoroshilov (1): ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() Alfred Piccioni (1): lsm: new security_file_ioctl_compat() hook Amelie Delaunay (1): dmaengine: fix NULL pointer in channel unregistration function Andrii Nakryiko (1): selftests/bpf: satisfy compiler by having explicit return in btf test Andrii Staikov (1): i40e: Fix VF disable behavior to block all traffic Andrzej Hajda (1): debugobjects: Stop accessing objects after releasing hash bucket lock Andy Shevchenko (1): mmc: mmc_spi: remove custom DMA mapped buffers Anna Schumaker (1): SUNRPC: Fix a suspicious RCU usage warning Antoine Tenart (1): tunnels: fix out of bounds access when building IPv6 PMTU error Anton Ivanov (1): um: Fix naming clash between UML and scheduler Arjun Roy (1): net-zerocopy: Refactor frag-is-remappable test. Arnd Bergmann (1): drm/exynos: fix accidental on-stack copy of exynos_drm_plane Avri Altman (1): mmc: core: Use mrq.sbc in close-ended ffu Baokun Li (4): ext4: unify the type of flexbg_size to unsigned int ext4: remove unnecessary check from alloc_flex_gd() ext4: avoid online resizing failures due to oversized flex bg ext4: fix double-free of blocks due to wrong extents moved_len Bart Van Assche (1): scsi: core: Introduce enum scsi_disposition Benjamin Berg (3): wifi: cfg80211: free beacon_ies when overridden from hidden BSS um: Don't use vfprintf() for os_info() HID: apple: Add 2021 magic keyboard FN key mapping Bernd Edlinger (1): exec: Fix error handling in begin_new_exec() Bjorn Helgaas (2): PM: sleep: Use dev_printk() when possible PCI/AER: Decode Requester ID when no error info found Boris Burkov (2): btrfs: forbid creating subvol qgroups btrfs: forbid deleting live subvol qgroup Breno Leitao (2): net: sysfs: Fix /sys/class/net/<iface> path net: sysfs: Fix /sys/class/net/<iface> path for statistics Carlos Llamas (2): binder: signal epoll threads of self-work scripts/decode_stacktrace.sh: optionally use LLVM utilities Chao Yu (1): f2fs: fix to check return value of f2fs_reserve_new_block() Charan Teja Kalla (1): mm/sparsemem: fix race in accessing memory_section->usage Chris Riches (1): audit: Send netlink ACK before setting connection in auditd_set Christian A. Ehrhardt (2): of: unittest: Fix compile in the non-dynamic case usb: ucsi_acpi: Fix command completion handling Christoph Hellwig (1): block: prevent an integer overflow in bvec_try_merge_hw_page Christophe JAILLET (3): ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA Chung-Chiang Cheng (1): btrfs: tree-checker: fix inline ref size in error messages Cristian Ciocaltea (1): ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Dan Carpenter (4): drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking drm/bridge: nxp-ptn3460: simplify some error checking netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() Daniel Basilio (1): nfp: use correct macro for LengthSelect in BAR config Daniel Lezcano (2): units: change from 'L' to 'UL' units: add the HZ macros Daniel Stodden (1): PCI: switchtec: Fix stdev_release() crash after surprise hot remove Daniel Vacek (1): IB/ipoib: Fix mcast list locking Daniel de Villiers (1): nfp: flower: prevent re-adding mac index for bonded port Dave Airlie (1): nouveau/vmm: don't set addr on the fail path to avoid warning David Howells (2): afs: Hide silly-rename files from userspace rxrpc: Fix response to PING RESPONSE ACKs to a dead call David Schiller (1): staging: iio: ad5933: fix type mismatch regression David Senoner (1): ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 David Sterba (2): btrfs: don't warn if discard range is not aligned to sector btrfs: send: return EOPNOTSUPP on unknown flags Davidlohr Bueso (1): hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range() Dmitry Antipov (1): PNP: ACPI: fix fortify warning Dmitry Baryshkov (1): PM: runtime: add devm_pm_runtime_enable helper Doug Berger (1): irqchip/irq-brcmstb-l2: Add write memory barrier before exit Douglas Anderson (2): drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time PM: runtime: Have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL Edward Adam Davis (3): jfs: fix uaf in jfs_evict_inode jfs: fix array-index-out-of-bounds in diNewExt wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Ekansh Gupta (1): misc: fastrpc: Mark all sessions as invalid in cb_remove Emmanuel Grumbach (1): wifi: iwlwifi: fix a memory corruption Eric Dumazet (9): llc: make llc_ui_sendmsg() more robust against bonding changes ip6_tunnel: use dev_sw_netstats_rx_add() ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() tcp: add sanity checks to rx zerocopy llc: call sock_orphan() at release time af_unix: fix lockdep positive in sk_diag_dump_icons() inet: read sk->sk_family once in inet_recv_error() ppp_async: limit MRU to 64K net: prevent mss overflow in skb_segment() Fabio Estevam (9): ARM: dts: imx25/27-eukrea: Fix RTC node name ARM: dts: imx: Use flash@0,0 pattern ARM: dts: imx27: Fix sram node ARM: dts: imx1: Fix sram node ARM: dts: imx25: Fix the iim compatible string ARM: dts: imx25/27: Pass timing0 ARM: dts: imx27-apf27dev: Fix LED name ARM: dts: imx23-sansa: Use preferred i2c-gpios properties ARM: dts: imx23/28: Fix the DMA controller node name Fedor Pchelkin (3): btrfs: ref-verify: free ref cache before clearing mount opt drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume nfc: nci: free rx_data_reassembly skb on NCI device cleanup Felix Kuehling (1): drm/amdgpu: Let KFD sync with VM fences Florian Fainelli (1): net: bcmgenet: Fix EEE implementation Florian Westphal (5): netfilter: nf_tables: restrict anonymous set and map names to 16 bytes netfilter: nf_tables: reject QUEUE/DROP verdict parameters netfilter: nft_set_pipapo: store index in scratch maps netfilter: nft_set_pipapo: add helper to release pcpu scratch area netfilter: nft_set_pipapo: remove scratch_aligned pointer Frank Li (5): usb: cdns3: fix uvc failure work since sg support enabled usb: cdns3: fix incorrect calculation of ep_buf_size when more than one config usb: cdns3: fix iso transfer error when mult is not zero usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg enabled dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV Frederic Weisbecker (1): hrtimer: Report offline hrtimer enqueue Frédéric Danis (1): Bluetooth: L2CAP: Fix possible multiple reject send Furong Xu (2): net: stmmac: xgmac: fix handling of DPP safety error for DMA channels net: stmmac: xgmac: fix a typo of register name in DPP safety handling Gabriel Krisman Bertazi (1): ecryptfs: Reject casefold directory inodes Ghanshyam Agrawal (1): media: stk1160: Fixed high volume of stk1160_dbg messages Greg KH (1): perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file Greg Kroah-Hartman (1): Linux 5.10.210 Guanhua Gao (1): dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools Guenter Roeck (1): MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler Guilherme G. Piccoli (1): PCI: Only override AMD USB controller if required Hannes Reinecke (2): scsi: libfc: Don't schedule abort twice scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hans de Goede (1): Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID Hardik Gajjar (1): usb: hub: Replace hardcoded quirk value with BIT() macro Harshit Shah (1): i3c: master: cdns: Update maximum prescaler value for i2c clock Heiko Carstens (2): s390/ptrace: handle setting of fpc register correctly KVM: s390: fix setting of fpc register Heiner Kallweit (2): leds: trigger: panic: Don't register panic notifier if creating the trigger failed i2c: i801: Remove i801_set_block_buffer_mode Helge Deller (2): parisc/firmware: Fix F-extend for PDC addresses ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Herbert Xu (3): crypto: api - Disallow identical driver names hwrng: core - Fix page fault dead lock on mmap-ed hwrng crypto: s390/aes - Fix buffer overread in CTR mode Hongchen Zhang (1): PM: hibernate: Enforce ordering during image compression/decompression Hou Tao (2): bpf: Add map and need_defer parameters to .map_fd_put_ptr() bpf: Set uattr->batch.count as zero before batched update or deletion Hugo Villeneuve (4): serial: sc16is7xx: set safe default SPI clock frequency serial: sc16is7xx: add check for unsupported SPI modes during probe serial: max310x: set default value when reading clock ready bit serial: max310x: improve crystal stable clock detection Ian Rogers (1): libsubcmd: Fix memory leak in uniq() Ido Schimmel (1): PCI: Add no PM reset quirk for NVIDIA Spectrum devices Ilpo Järvinen (2): serial: Add rs485_supported to uart_port serial: 8250_exar: Fill in rs485_supported Ilya Dryomov (1): rbd: don't move requests to the running list on errors Ivan Vecera (1): i40e: Fix waiting for queues of all VSIs to be disabled Jack Wang (1): RDMA/IPoIB: Fix error code return in ipoib_mcast_join JackBB Wu (1): USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e Jaegeuk Kim (1): f2fs: fix write pointers on zoned device after roll forward Jai Luthra (1): dmaengine: ti: k3-udma: Report short packet errors Jakub Kicinski (1): selftests: netdevsim: fix the udp_tunnel_nic test Jan Beulich (1): xen-netback: properly sync TX responses Jason Gerecke (1): HID: wacom: Do not register input devices until after hid_hw_start Jean Delvare (1): i2c: i801: Fix block process call transactions Jedrzej Jagielski (2): ixgbe: Refactor returning internal error codes ixgbe: Refactor overtemp event handling Jenishkumar Maheshbhai Patel (1): net: mvpp2: clear BM pool before initialization Jiangfeng Xiao (1): powerpc/kasan: Fix addr error caused by page alignment Jiri Wiesner (1): clocksource: Skip watchdog check for large watchdog intervals Johan Hovold (3): arm64: dts: qcom: sdm845: fix USB wakeup interrupt types arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts arm64: dts: qcom: sc7180: fix USB wakeup interrupt types Johan Jonker (1): ARM: dts: rockchip: fix rk3036 hdmi ports node Johannes Berg (1): wifi: mac80211: reload info pointer in ieee80211_tx_dequeue() Jonathan Cameron (1): iio:adc:ad7091r: Move exports into IIO_AD7091R namespace. Jozsef Kadlecsik (2): netfilter: ipset: fix performance regression in swap operation netfilter: ipset: Missing gc cancellations fixed Julian Wiedmann (1): net/af_iucv: clean up a try_then_request_module() Jun'ichi Nomura (1): x86/boot: Ignore NMIs during very early boot Junxiao Bi (1): Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" Justin Tee (1): scsi: lpfc: Fix possible file string name overflow when updating firmware Kamal Dasu (1): spi: bcm-qspi: fix SFDP BFPT read by usig mspi read Kees Cook (3): stddef: Introduce DECLARE_FLEX_ARRAY() helper smb3: Replace smb2pdu 1-element arrays with flex-arrays block/rnbd-srv: Check for unlikely string overflow Kim Phillips (1): crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked Konrad Dybcio (2): pmdomain: core: Move the unused cleanup to a _sync initcall drm/msm/dsi: Enable runtime PM Kuan-Wei Chiu (2): clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() Kuniyuki Iwashima (1): llc: Drop support for ETH_P_TR_802_2. Kunwu Chan (1): powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Kuogee Hsieh (1): drm/msm/dp: return correct Colorimetry for DP_TEST_DYNAMIC_RANGE_CEA case Lee Duncan (1): scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" Leonard Dallmayr (1): USB: serial: cp210x: add ID for IMST iM871A-USB Li zeming (1): PM: core: Remove unnecessary (void *) conversions Lin Ma (1): vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING Lino Sanfilippo (1): serial: 8250_exar: Set missing rs485_supported flag Linus Torvalds (1): sched/membarrier: reduce the ability to hammer on sys_membarrier Loic Prylli (1): hwmon: (aspeed-pwm-tacho) mutex for tach reading Luka Guzenko (1): ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx Lukas Schauer (1): pipe: wakeup wr_wait after setting max_usage Manas Ghandat (2): jfs: fix slab-out-of-bounds Read in dtSearch jfs: fix array-index-out-of-bounds in dbAdjTree Mao Jinlong (2): arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property Marc Zyngier (1): irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update Marcelo Schmitt (3): iio: adc: ad7091r: Set alert bit in config register iio: adc: ad7091r: Allow users to configure device events iio: adc: ad7091r: Enable internal vref if external vref is not supplied Mario Limonciello (3): rtc: Adjust failure return code for cmos_set_alarm() gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 iio: accel: bma400: Fix a compilation problem Mark Rutland (1): drivers/perf: pmuv3: don't expose SW_INCR event in sysfs Markus Niebel (1): drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33] Masami Hiramatsu (Google) (1): tracing/trigger: Fix to return error if failed to alloc snapshot Matthew Wilcox (Oracle) (1): block: Remove special-casing of compound pages Max Kellermann (2): fs/pipe: move check to pipe_has_watch_queue() fs/kernfs/dir: obey S_ISGID Meenakshikumar Somasundaram (1): drm/amd/display: Fix tiled display misalignment Michael Chan (1): bnxt_en: Wait for FLR to complete during probe Michael Ellerman (2): powerpc: Fix build error due to is_valid_bugaddr() powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() Michael Tretter (1): media: rockchip: rga: fix swizzling for RGB formats Miguel Ojeda (1): scripts: decode_stacktrace: demangle Rust symbols Mikulas Patocka (1): dm: limit the number of targets and parameter size area Ming Lei (3): blk-mq: fix IO hang from sbitmap wakeup race scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler scsi: core: Move scsi_host_busy() out of host lock if it is for per-command Minsuk Kang (1): wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Mukesh Ojha (1): PM / devfreq: Synchronize devfreq_monitor_[start/stop] Nathan Chancellor (2): um: net: Fix return type of uml_net_start_xmit() kbuild: Fix changing ELF file type for output of gen_btf for big endian Naveen N Rao (1): powerpc/lib: Validate size for vector operations Nikita Zhandarovich (1): net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Niklas Cassel (1): PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support Nikolay Borisov (1): btrfs: remove err variable from btrfs_delete_subvolume Nuno Sa (1): of: property: fix typo in io-channels Oleg Nesterov (3): afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleksandr Tyshchenko (1): xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import Oleksij Rempel (2): spi: introduce SPI_MODE_X_MASK macro can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Oliver Neukum (1): USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT Omar Sandoval (2): btrfs: don't abort filesystem when attempting to snapshot deleted subvolume btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted Ondrej Mosnacek (1): lsm: fix the logic in security_inode_getsecctx() Osama Muhammad (2): FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree UBSAN: array-index-out-of-bounds in dtSplitRoot Pablo Neira Ayuso (8): netfilter: nf_tables: validate NFPROTO_* family netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations netfilter: nft_compat: reject unused compat flag netfilter: nft_compat: restrict match/target protocol to u16 netfilter: nft_ct: reject direction for ct id netfilter: nft_set_rbtree: skip end interval element from gc Paolo Abeni (1): selftests: net: avoid just another constant wait Paolo Bonzini (2): mm: vmalloc: introduce array allocation functions KVM: use __vcalloc for very large allocations Paul Cercueil (1): ARM: dts: samsung: exynos4210-i9100: Unconditionally enable LDO12 Pawel Laszczak (1): usb: cdns3: Fixes for sparse warnings Peter Robinson (1): mfd: ti_am335x_tscadc: Fix TI SoC dependencies Peter Zijlstra (1): perf: Fix the nr_addr_filters fix Petr Pavlu (1): tracing: Ensure visibility when inserting an element into tracing_map Pierre-Louis Bossart (3): PCI: add INTEL_HDA_ARL to pci_ids.h ALSA: hda: Intel: add HDA_ARL PCI ID support ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL Piotr Skajewski (1): ixgbe: Remove non-inclusive language Prarit Bhargava (1): ACPI: extlog: fix NULL pointer dereference check Prashanth K (1): usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK Prathu Baronia (1): vhost: use kzalloc() instead of kmalloc() followed by memset() Puliang Lu (1): USB: serial: option: add Fibocom FM101-GL variant Qiang Yu (1): bus: mhi: host: Drop chan lock before queuing buffers Qu Wenruo (2): btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args btrfs: do not ASSERT() if the newly created subvolume already got read Radek Krejci (1): modpost: trim leading spaces when processing source files list Rafael J. Wysocki (5): async: Split async_schedule_node_domain() async: Introduce async_schedule_dev_nocall() PM: sleep: Avoid calling put_device() under dpm_list_mtx PM: sleep: Fix possible deadlocks in core system-wide PM code PM: sleep: Fix error handling in dpm_prepare() Richard Palethorpe (1): x86/entry/ia32: Ensure s32 is sign extended to s64 Rishabh Dave (1): ceph: prevent use-after-free in encode_cap_msg() Rob Clark (1): drm/msm/dpu: Ratelimit framedone timeout msgs Rolf Eike Beer (1): mm: use __pfn_to_section() instead of open coding it Rui Zhang (1): regulator: core: Only increment use_count when enable_count changes Ryusuke Konishi (4): nilfs2: fix data corruption in dsync block recovery for small block sizes nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() nilfs2: fix potential bug in end_buffer_async_write nilfs2: replace WARN_ONs for invalid DAT metadata block requests Salvatore Dipietro (1): tcp: Add memory barrier to tcp_push() Sandeep Maheswaram (1): arm64: dts: qcom: sc7180: Use pdc interrupts for USB instead of GIC interrupts Schspa Shi (1): scripts/decode_stacktrace.sh: support old bash version Sean Young (1): media: rc: bpf attach/detach requires write permission Serge Semin (1): mips: Fix max_mapnr being uninitialized on early stages Shannon Nelson (1): ionic: pass opcode to devcmd_wait Sharath Srinivasan (1): net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv Shenwei Wang (1): net: fec: fix the unhandled context fault from smmu Shigeru Yoshida (1): tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() Shiji Yang (1): wifi: rt2x00: restart beacon queue when hardware reset Shuai Xue (1): ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events Simon Horman (1): net: stmmac: xgmac: use #define for string constants Sjoerd Simons (1): bus: moxtet: Add spi device table Souradeep Chakrabarti (1): hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove Srinivasan Shanmugam (3): drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' Stephen Boyd (1): scripts/decode_stacktrace.sh: silence stderr messages from addr2line/nm Stephen Rothwell (2): powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE drm: using mul_u32_u32() requires linux/math64.h Steve Wahl (1): x86/mm/ident_map: Use gbpages only where full GB page should be mapped. Steven Rostedt (Google) (2): tracing: Fix wasted memory in saved_cmdlines logic tracing: Inform kmemleak of saved_cmdlines allocation Su Hui (3): wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() media: ddbridge: fix an error code problem in ddb_probe scsi: isci: Fix an error code problem in isci_io_request_build() Suraj Jitindar Singh (1): ext4: allow for the last group to be marked as trimmed Takashi Iwai (1): ALSA: hda: Refer to correct stream index at loops Takashi Sakamoto (1): firewire: core: correct documentation of fw_csr_string() kernel API Tatsunosuke Tobita (1): HID: wacom: generic: Avoid reporting a serial of '0' to userspace Tejun Heo (1): blk-iocost: Fix an UBSAN shift-out-of-bounds warning Thomas Bourgoin (1): crypto: stm32/crc32 - fix parsing list of devices Tianjia Zhang (1): crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init Tim Chen (1): tick/sched: Preserve number of idle sleeps across CPU hotplug events Tobias Waldekranz (1): net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error path Tomi Valkeinen (4): drm/tidss: Fix atomic_flush check drm/drm_file: fix use of uninitialized variable drm/framebuffer: Fix use of uninitialized variable drm/mipi-dsi: Fix detach call without attach Tony Lindgren (1): phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP Uwe Kleine-König (1): spi: ppc4xx: Drop write-only variable Vegard Nossum (1): scripts/get_abi: fix source path leak Ville Syrjälä (1): drm: Don't unref the same fb many times by mistake due to deadlock handling Vincent Donnefort (1): ring-buffer: Clean ring_buffer_poll_wait() error return Weichen Chen (1): pstore/ram: Fix crash when setting number of cpus to an odd number Wen Gu (1): net/smc: fix illegal rmb_desc access in SMC-D connection dump Wenhua Lin (1): gpio: eic-sprd: Clear interrupt after set the interrupt type Werner Fischer (1): watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 Werner Sembach (1): Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU Xi Ruoyao (1): mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan Xiang Yang (1): Revert "arm64: Stash shadow stack pointer in the task struct on interrupt" Xiaolei Wang (1): rpmsg: virtio: Free driver_override when rpmsg_remove() Xiubo Li (1): ceph: fix deadlock or deadcode of misusing dget() Ye Bin (1): ext4: fix inconsistent between segment fstrim and full fstrim Yevgeny Kliteynik (1): net/mlx5: DR, Use the right GVMI number for drop action Yonghong Song (1): selftests/bpf: Fix pyperf180 compilation failure with clang18 Yoshihiro Shimoda (1): phy: renesas: rcar-gen3-usb2: Fix returning wrong error code Yuluo Qiu (1): ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Zach O'Keefe (1): mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again Zenm Chen (1): wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Zhang Rui (2): hwmon: (coretemp) Fix out-of-bounds memory access hwmon: (coretemp) Fix bogus core_id to attr name mapping Zheng Wang (1): media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run Zhengchao Shao (5): tcp: make sure init the accept_queue's spinlocks once netlink: fix potential sleeping issue in mqueue_flush_file ipv6: init the accept_queue's spinlocks in inet6_create bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk bonding: remove print in bond_verify_device_path Zhihao Cheng (1): ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path Zhipeng Lu (5): net/mlx5e: fix a double-free in arfs_create_groups fjes: fix memleaks in fjes_hw_setup net: ipv4: fix a memleak in ip_setup_cork atm: idt77252: fix a memleak in open_card_ubr0 media: ir_toy: fix a memleak in irtoy_tx Zhiquan Li (1): x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel Zhu Yanjun (1): virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings Zijun Hu (1): Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066 bo liu (1): ALSA: hda/conexant: Add quirk for SWS JS201D ching Huang (1): scsi: arcmsr: Support new PCI device IDs 1883 and 1886 qizhong cheng (1): PCI: mediatek: Clear interrupt status before dispatching handler yuan linyu (1): usb: f_mass_storage: forbid async queue when shutdown happen zhili.liu (1): iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC

1 year, 6 months

2
3
0 0

Backport commit be80e9cdbca8 ("libbpf: Rename DECLARE_LIBBPF_OPTS into LIBBPF_OPTS") to 5.15

by Roxana Nicolescu

Hi, Please include commit be80e9cdbca8 ("libbpf: Rename DECLARE_LIBBPF_OPTS into LIBBPF_OPTS") to the 5.15 stable branch. Commit 3eefb2fbf4ec ("selftests/bpf: Test tail call counting with bpf2bpf and data on stack") introduced in v5.15.39 is dependent on it, and now building selftests fails with: ... linux/tools/testing/selftests/bpf/prog_tests/tailcalls.c: In function ‘test_tailcall_bpf2bpf_6’: linux/tools/testing/selftests/bpf/prog_tests/tailcalls.c:822:9: warning: implicit declaration of function ‘LIBBPF_OPTS’; did you mean ‘LIBBPF_API’? [-Wimplicit-function-declaration] 822 | LIBBPF_OPTS(bpf_test_run_opts, topts, | ^~~~~~~~~~~ | LIBBPF_API linux/tools/testing/selftests/bpf/prog_tests/tailcalls.c:822:21: error: ‘bpf_test_run_opts’ undeclared (first use in this function) 822 | LIBBPF_OPTS(bpf_test_run_opts, topts, | ^~~~~~~~~~~~~~~~~ linux/tools/testing/selftests/bpf/prog_tests/tailcalls.c:822:21: note: each undeclared identifier is reported only once for each function it appears in linux/tools/testing/selftests/bpf/prog_tests/tailcalls.c:822:40: error: ‘topts’ undeclared (first use in this function) 822 | LIBBPF_OPTS(bpf_test_run_opts, topts, | ^~~~~ tools/testing/selftests/bpf/prog_tests/tailcalls.c:823:17: error: expected expression before ‘.’ token 823 | .data_in = &pkt_v4, | ^ ... Thanks in advance, Roxana

1 year, 6 months

2
2
0 0

[PATCH] ALSA: hda/realtek: tas2781: enable subwoofer volume control

by Gergo Koteles

The volume of subwoofer channels is always at maximum with the ALC269_FIXUP_THINKPAD_ACPI chain. Use ALC285_FIXUP_THINKPAD_HEADSET_JACK to align it to the master volume. Link: https://bugzilla.kernel.org/show_bug.cgi?id=208555#c827 Fixes: 3babae915f4c ("ALSA: hda/tas2781: Add tas2781 HDA driver") Cc: <stable(a)vger.kernel.org> Signed-off-by: Gergo Koteles <soyer(a)irl.hu> --- sound/pci/hda/patch_realtek.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c index 0ec1312bffd5..24a26959070f 100644 --- a/sound/pci/hda/patch_realtek.c +++ b/sound/pci/hda/patch_realtek.c @@ -9585,7 +9585,7 @@ static const struct hda_fixup alc269_fixups[] = { .type = HDA_FIXUP_FUNC, .v.func = tas2781_fixup_i2c, .chained = true, - .chain_id = ALC269_FIXUP_THINKPAD_ACPI, + .chain_id = ALC285_FIXUP_THINKPAD_HEADSET_JACK, }, [ALC287_FIXUP_YOGA7_14ARB7_I2C] = { .type = HDA_FIXUP_FUNC, base-commit: b401b621758e46812da61fa58a67c3fd8d91de0d -- 2.43.2

1 year, 6 months

2
1
0 0

[PATCH stmmac 4.19 0/2] Fix kernel freeze when probing stmmac devices

by hsimeliere.opensource＠witekio.com

Fix kernel freeze reproduced when probing stmmac devices on kernel 4.19: Upstream commit 474a31e13a4e9749fb3ee55794d69d0f17ee0998 to fix freeze and upstream commit 8d72ab119f42f25abb393093472ae0ca275088b6 to apply the fix correctly.

1 year, 6 months

3
4
0 0

backport sched_rt_period_us and sysctl_sched_rr_timeslice invalid values fixes

by Mahmoud Adam

Hi, The commit `c1fc6484e1fb sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset` is a clean cherry-pick for v5.4+ kernels and the commit `079be8fc6309 sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset` cleanly applicable for v6.1 These are trivial fixes which fix the parsing the negative values when read from the userspace, but will also make LTP test `proc_sched_rt01.c` happy instead of ignoring it. -MNAdam

1 year, 6 months

2
1
0 0

[PATCH 5.10.y 1/3] smb: client: fix OOB in receive_encrypted_standard()

by Guruswamy Basavaiah

From: Paulo Alcantara <pc(a)manguebit.com> [ Upstream commit eec04ea119691e65227a97ce53c0da6b9b74b0b7 ] Fix potential OOB in receive_encrypted_standard() if server returned a large shdr->NextCommand that would end up writing off the end of @next_buffer. Fixes: b24df3e30cbf ("cifs: update receive_encrypted_standard to handle compounded responses") Cc: stable(a)vger.kernel.org Reported-by: Robert Morris <rtm(a)csail.mit.edu> Signed-off-by: Paulo Alcantara (SUSE) <pc(a)manguebit.com> Signed-off-by: Steve French <stfrench(a)microsoft.com> [Guru: receive_encrypted_standard() is present in file smb2ops.c, smb2ops.c file location is changed, modified patch accordingly.] Signed-off-by: Guruswamy Basavaiah <guruswamy.basavaiah(a)broadcom.com> --- fs/cifs/smb2ops.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c index 26edaeb4245d..5ba7056c78c7 100644 --- a/fs/cifs/smb2ops.c +++ b/fs/cifs/smb2ops.c @@ -4892,6 +4892,7 @@ receive_encrypted_standard(struct TCP_Server_Info *server, struct smb2_sync_hdr *shdr; unsigned int pdu_length = server->pdu_size; unsigned int buf_size; + unsigned int next_cmd; struct mid_q_entry *mid_entry; int next_is_large; char *next_buffer = NULL; @@ -4920,14 +4921,15 @@ receive_encrypted_standard(struct TCP_Server_Info *server, next_is_large = server->large_buf; one_more: shdr = (struct smb2_sync_hdr *)buf; - if (shdr->NextCommand) { + next_cmd = le32_to_cpu(shdr->NextCommand); + if (next_cmd) { + if (WARN_ON_ONCE(next_cmd > pdu_length)) + return -1; if (next_is_large) next_buffer = (char *)cifs_buf_get(); else next_buffer = (char *)cifs_small_buf_get(); - memcpy(next_buffer, - buf + le32_to_cpu(shdr->NextCommand), - pdu_length - le32_to_cpu(shdr->NextCommand)); + memcpy(next_buffer, buf + next_cmd, pdu_length - next_cmd); } mid_entry = smb2_find_mid(server, buf); @@ -4951,8 +4953,8 @@ receive_encrypted_standard(struct TCP_Server_Info *server, else ret = cifs_handle_standard(server, mid_entry); - if (ret == 0 && shdr->NextCommand) { - pdu_length -= le32_to_cpu(shdr->NextCommand); + if (ret == 0 && next_cmd) { + pdu_length -= next_cmd; server->large_buf = next_is_large; if (next_is_large) server->bigbuf = buf = next_buffer; -- 2.25.1

1 year, 6 months

2
4
0 0

[PATCH 6/6] phy: qcom-qmp-combo: fix type-c switch registration

by Johan Hovold

Due to a long-standing issue in driver core, drivers may not probe defer after having registered child devices to avoid triggering a probe deferral loop (see fbc35b45f9f6 ("Add documentation on meaning of -EPROBE_DEFER")). Move registration of the typec switch to after looking up clocks and other resources. Note that PHY creation can in theory also trigger a probe deferral when a 'phy' supply is used. This does not seem to affect the QMP PHY driver but the PHY subsystem should be reworked to address this (i.e. by separating initialisation and registration of the PHY). Fixes: 2851117f8f42 ("phy: qcom-qmp-combo: Introduce orientation switching") Cc: stable(a)vger.kernel.org # 6.5 Cc: Bjorn Andersson <quic_bjorande(a)quicinc.com> Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- drivers/phy/qualcomm/phy-qcom-qmp-combo.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/phy/qualcomm/phy-qcom-qmp-combo.c b/drivers/phy/qualcomm/phy-qcom-qmp-combo.c index e19d6a084f10..17c4ad7553a5 100644 --- a/drivers/phy/qualcomm/phy-qcom-qmp-combo.c +++ b/drivers/phy/qualcomm/phy-qcom-qmp-combo.c @@ -3562,10 +3562,6 @@ static int qmp_combo_probe(struct platform_device *pdev) if (ret) return ret; - ret = qmp_combo_typec_switch_register(qmp); - if (ret) - return ret; - /* Check for legacy binding with child nodes. */ usb_np = of_get_child_by_name(dev->of_node, "usb3-phy"); if (usb_np) { @@ -3585,6 +3581,10 @@ static int qmp_combo_probe(struct platform_device *pdev) if (ret) goto err_node_put; + ret = qmp_combo_typec_switch_register(qmp); + if (ret) + goto err_node_put; + ret = drm_aux_bridge_register(dev); if (ret) goto err_node_put; -- 2.43.0

1 year, 6 months

4
3
0 0

[PATCH 5/6] phy: qcom-qmp-combo: fix drm bridge registration

by Johan Hovold

Due to a long-standing issue in driver core, drivers may not probe defer after having registered child devices to avoid triggering a probe deferral loop (see fbc35b45f9f6 ("Add documentation on meaning of -EPROBE_DEFER")). This could potentially also trigger a bug in the DRM bridge implementation which does not expect bridges to go away even if device links may avoid triggering this (when enabled). Move registration of the DRM aux bridge to after looking up clocks and other resources. Note that PHY creation can in theory also trigger a probe deferral when a 'phy' supply is used. This does not seem to affect the QMP PHY driver but the PHY subsystem should be reworked to address this (i.e. by separating initialisation and registration of the PHY). Fixes: 35921910bbd0 ("phy: qcom: qmp-combo: switch to DRM_AUX_BRIDGE") Fixes: 1904c3f578dc ("phy: qcom-qmp-combo: Introduce drm_bridge") Cc: stable(a)vger.kernel.org # 6.5 Cc: Bjorn Andersson <quic_bjorande(a)quicinc.com> Cc: Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- drivers/phy/qualcomm/phy-qcom-qmp-combo.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/phy/qualcomm/phy-qcom-qmp-combo.c b/drivers/phy/qualcomm/phy-qcom-qmp-combo.c index 1ad10110dd25..e19d6a084f10 100644 --- a/drivers/phy/qualcomm/phy-qcom-qmp-combo.c +++ b/drivers/phy/qualcomm/phy-qcom-qmp-combo.c @@ -3566,10 +3566,6 @@ static int qmp_combo_probe(struct platform_device *pdev) if (ret) return ret; - ret = drm_aux_bridge_register(dev); - if (ret) - return ret; - /* Check for legacy binding with child nodes. */ usb_np = of_get_child_by_name(dev->of_node, "usb3-phy"); if (usb_np) { @@ -3589,6 +3585,10 @@ static int qmp_combo_probe(struct platform_device *pdev) if (ret) goto err_node_put; + ret = drm_aux_bridge_register(dev); + if (ret) + goto err_node_put; + pm_runtime_set_active(dev); ret = devm_pm_runtime_enable(dev); if (ret) -- 2.43.0

1 year, 6 months

5
4
0 0

[PATCH] dmaengine: ptdma: use consistent DMA masks

by Tadeusz Struk

The PTDMA driver sets DMA masks in two different places for the same device inconsistently. First call is in pt_pci_probe(), where it uses 48bit mask. The second call is in pt_dmaengine_register(), where it uses a 64bit mask. Using 64bit dma mask causes IO_PAGE_FAULT errors on DMA transfers between main memory and other devices. Without the extra call it works fine. Additionally the second call doesn't check the return value so it can silently fail. Remove the superfluous dma_set_mask() call and only use 48bit mask. Cc: stable(a)vger.kernel.org Fixes: b0b4a6b10577 ("dmaengine: ptdma: register PTDMA controller as a DMA resource") Signed-off-by: Tadeusz Struk <tstruk(a)gigaio.com> --- drivers/dma/ptdma/ptdma-dmaengine.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/drivers/dma/ptdma/ptdma-dmaengine.c b/drivers/dma/ptdma/ptdma-dmaengine.c index 1aa65e5de0f3..f79240734807 100644 --- a/drivers/dma/ptdma/ptdma-dmaengine.c +++ b/drivers/dma/ptdma/ptdma-dmaengine.c @@ -385,8 +385,6 @@ int pt_dmaengine_register(struct pt_device *pt) chan->vc.desc_free = pt_do_cleanup; vchan_init(&chan->vc, dma_dev); - dma_set_mask_and_coherent(pt->dev, DMA_BIT_MASK(64)); - ret = dma_async_device_register(dma_dev); if (ret) goto err_reg; -- 2.43.2

1 year, 6 months

4
6
0 0

(iOS and Android) App....

by anjali rao

Hello, Do you need help with your ongoing or any new Project in the following? *Followed are our key services*- · Mobile app development (iOS and Android) · Custom software development Let me know if you need help with the above services and would be happy to discuss over a no-obligation consultation on how you may plan your project and how we may help. Look forward to your reply. Thanks & Regards Anjali

1 year, 6 months

1
0
0 0

[PATCH 2/3] mtd: rawnand: Add a helper for calculating a page index

by Miquel Raynal

For LUN crossing boundaries, it is handy to know what is the index of the last page in a LUN. This helper will soon be reused. At the same time I rename page_per_lun to ppl in the calling function to clarify the lines. Cc: stable(a)vger.kernel.org Signed-off-by: Miquel Raynal <miquel.raynal(a)bootlin.com> --- This is a dependency for the next patch, so I Cc'd stable on it as well. --- drivers/mtd/nand/raw/nand_base.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/drivers/mtd/nand/raw/nand_base.c b/drivers/mtd/nand/raw/nand_base.c index bcfd99a1699f..d6a27e08b112 100644 --- a/drivers/mtd/nand/raw/nand_base.c +++ b/drivers/mtd/nand/raw/nand_base.c @@ -1211,19 +1211,25 @@ static int nand_lp_exec_read_page_op(struct nand_chip *chip, unsigned int page, return nand_exec_op(chip, &op); } +static unsigned int rawnand_last_page_of_lun(unsigned int pages_per_lun, unsigned int lun) +{ + /* lun is expected to be very small */ + return (lun * pages_per_lun) + pages_per_lun - 1; +} + static void rawnand_cap_cont_reads(struct nand_chip *chip) { struct nand_memory_organization *memorg; - unsigned int pages_per_lun, first_lun, last_lun; + unsigned int ppl, first_lun, last_lun; memorg = nanddev_get_memorg(&chip->base); - pages_per_lun = memorg->pages_per_eraseblock * memorg->eraseblocks_per_lun; - first_lun = chip->cont_read.first_page / pages_per_lun; - last_lun = chip->cont_read.last_page / pages_per_lun; + ppl = memorg->pages_per_eraseblock * memorg->eraseblocks_per_lun; + first_lun = chip->cont_read.first_page / ppl; + last_lun = chip->cont_read.last_page / ppl; /* Prevent sequential cache reads across LUN boundaries */ if (first_lun != last_lun) - chip->cont_read.pause_page = first_lun * pages_per_lun + pages_per_lun - 1; + chip->cont_read.pause_page = rawnand_last_page_of_lun(ppl, first_lun); else chip->cont_read.pause_page = chip->cont_read.last_page; } -- 2.34.1

1 year, 6 months

1
0
0 0

[PATCH 4/6] soc: qcom: pmic_glink: Fix boot when QRTR=m

by Johan Hovold

From: Rob Clark <robdclark(a)chromium.org> We need to bail out before adding/removing devices if we are going to -EPROBE_DEFER. Otherwise boot can get stuck in a probe deferral loop due to a long-standing issue in driver core (see fbc35b45f9f6 ("Add documentation on meaning of -EPROBE_DEFER")). Deregistering the altmode child device can potentially also trigger bugs in the DRM bridge implementation, which does not expect bridges to go away. Suggested-by: Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> Signed-off-by: Rob Clark <robdclark(a)chromium.org> Link: https://lore.kernel.org/r/20231213210644.8702-1-robdclark@gmail.com [ johan: rebase on 6.8-rc4, amend commit message and mention DRM ] Fixes: 58ef4ece1e41 ("soc: qcom: pmic_glink: Introduce base PMIC GLINK driver") Cc: stable(a)vger.kernel.org # 6.3 Cc: Bjorn Andersson <andersson(a)kernel.org> Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- drivers/soc/qcom/pmic_glink.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/drivers/soc/qcom/pmic_glink.c b/drivers/soc/qcom/pmic_glink.c index f4bfd24386f1..f913e9bd57ed 100644 --- a/drivers/soc/qcom/pmic_glink.c +++ b/drivers/soc/qcom/pmic_glink.c @@ -265,10 +265,17 @@ static int pmic_glink_probe(struct platform_device *pdev) pg->client_mask = *match_data; + pg->pdr = pdr_handle_alloc(pmic_glink_pdr_callback, pg); + if (IS_ERR(pg->pdr)) { + ret = dev_err_probe(&pdev->dev, PTR_ERR(pg->pdr), + "failed to initialize pdr\n"); + return ret; + } + if (pg->client_mask & BIT(PMIC_GLINK_CLIENT_UCSI)) { ret = pmic_glink_add_aux_device(pg, &pg->ucsi_aux, "ucsi"); if (ret) - return ret; + goto out_release_pdr_handle; } if (pg->client_mask & BIT(PMIC_GLINK_CLIENT_ALTMODE)) { ret = pmic_glink_add_aux_device(pg, &pg->altmode_aux, "altmode"); @@ -281,17 +288,11 @@ static int pmic_glink_probe(struct platform_device *pdev) goto out_release_altmode_aux; } - pg->pdr = pdr_handle_alloc(pmic_glink_pdr_callback, pg); - if (IS_ERR(pg->pdr)) { - ret = dev_err_probe(&pdev->dev, PTR_ERR(pg->pdr), "failed to initialize pdr\n"); - goto out_release_aux_devices; - } - service = pdr_add_lookup(pg->pdr, "tms/servreg", "msm/adsp/charger_pd"); if (IS_ERR(service)) { ret = dev_err_probe(&pdev->dev, PTR_ERR(service), "failed adding pdr lookup for charger_pd\n"); - goto out_release_pdr_handle; + goto out_release_aux_devices; } mutex_lock(&__pmic_glink_lock); @@ -300,8 +301,6 @@ static int pmic_glink_probe(struct platform_device *pdev) return 0; -out_release_pdr_handle: - pdr_handle_release(pg->pdr); out_release_aux_devices: if (pg->client_mask & BIT(PMIC_GLINK_CLIENT_BATT)) pmic_glink_del_aux_device(pg, &pg->ps_aux); @@ -311,6 +310,8 @@ static int pmic_glink_probe(struct platform_device *pdev) out_release_ucsi_aux: if (pg->client_mask & BIT(PMIC_GLINK_CLIENT_UCSI)) pmic_glink_del_aux_device(pg, &pg->ucsi_aux); +out_release_pdr_handle: + pdr_handle_release(pg->pdr); return ret; } -- 2.43.0

1 year, 6 months

4
3
0 0

Re: [PATCH] x86/tools: fix line number reported for malformed lines

by Miguel Ojeda

On Wed, Feb 21, 2024 at 10:00 AM Valentin Obst <kernel(a)valentinobst.de> wrote: > > While debugging the `X86_DECODER_SELFTEST` failure first reported in [1], > [In this case the line causing the failure is interpreted as two lines by > the tool (due to its length, but this is fixed by [1, 2]), and the second > line is reported. Still the spatial closeness between the reported line and > the line causing the failure would have made debugging a lot easier.] Thanks Valentin, John et al. for digging into this (and the related issue) -- very much appreciated. It looks good to me: Reviewed-by: Miguel Ojeda <ojeda(a)kernel.org> Tested-by: Miguel Ojeda <ojeda(a)kernel.org> This should probably have a Fixes tag -- from a quick look, the original test did not seem to have the problem because `insns` was equivalent to the number of lines since there was no `if ... { continue; }` for the symbol case. At some point that branch was added, so that was not true anymore, thus that one should probably be the Fixes tag, though please double-check: Fixes: 35039eb6b199 ("x86: Show symbol name if insn decoder test failed") It is a minor issue for sure, so perhaps not worth backporting, but nevertheless the hash is in a very old kernel, and thus the issue applies to all stable kernels. So it does not hurt flagging it to the stable team: Cc: stable(a)vger.kernel.org In addition, John reported the original issue, but this one was found due to that one, and I am not exactly sure who did what here. Please consider whether one of the following (or similar) may be fair: Reported-by: John Baublitz <john.m.baublitz(a)gmail.com> Debugged-by: John Baublitz <john.m.baublitz(a)gmail.com> An extra Link to the discussion in Zulip could be nice too: Link: https://rust-for-linux.zulipchat.com/#narrow/stream/291565-Help/topic/insn_… Finally, a nit: links are typically written like the following -- you can still use bracket references at the end: Link: https://lore.kernel.org/lkml/Y9ES4UKl%2F+DtvAVS@gmail.com/T/ [1] Link: https://lore.kernel.org/rust-for-linux/20231119180145.157455-1-sergio.colla… [2] Cheers, Miguel

1 year, 6 months

2
2
0 0

[PATCH] usb: dwc3: gadget: remove warning during kernel boot

by Ray Chi

The dwc3->gadget_driver is not initialized during the dwc3 probe process. This leads to a warning when the runtime power management (PM) attempts to suspend the gadget using dwc3_gadget_suspend(). This patch adds a check to prevent the warning. Cc: stable(a)vger.kernel.org Fixes: 61a348857e86 ("usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend") Signed-off-by: Ray Chi <raychi(a)google.com> --- drivers/usb/dwc3/gadget.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c index 28f49400f3e8..de987cffe1ec 100644 --- a/drivers/usb/dwc3/gadget.c +++ b/drivers/usb/dwc3/gadget.c @@ -4708,6 +4708,9 @@ int dwc3_gadget_suspend(struct dwc3 *dwc) unsigned long flags; int ret; + if (!dwc->gadget_driver) + return 0; + ret = dwc3_gadget_soft_disconnect(dwc); if (ret) goto err; -- 2.44.0.rc0.258.g7320e95886-goog

1 year, 6 months

3
7
0 0

Linux 6.7.6

by Greg Kroah-Hartman

I'm announcing the release of the 6.7.6 kernel. All users of the 6.7 kernel series must upgrade. The updated 6.7.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.7.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-class-net-statistics | 48 Documentation/arch/arm64/silicon-errata.rst | 7 Documentation/netlink/specs/dpll.yaml | 4 Documentation/networking/devlink/devlink-port.rst | 2 Documentation/sphinx/kernel_feat.py | 2 Makefile | 2 arch/Kconfig | 1 arch/arc/include/asm/jump_label.h | 4 arch/arm/include/asm/jump_label.h | 4 arch/arm64/include/asm/alternative-macros.h | 4 arch/arm64/include/asm/cputype.h | 4 arch/arm64/include/asm/jump_label.h | 4 arch/arm64/kernel/cpu_errata.c | 3 arch/arm64/kernel/fpsimd.c | 2 arch/arm64/kernel/signal.c | 4 arch/arm64/kvm/pkvm.c | 27 arch/csky/include/asm/jump_label.h | 4 arch/loongarch/include/asm/jump_label.h | 4 arch/loongarch/mm/kasan_init.c | 3 arch/mips/include/asm/checksum.h | 3 arch/mips/include/asm/jump_label.h | 4 arch/mips/include/asm/ptrace.h | 2 arch/mips/kernel/ptrace.c | 7 arch/parisc/Kconfig | 1 arch/parisc/include/asm/assembly.h | 1 arch/parisc/include/asm/extable.h | 64 arch/parisc/include/asm/jump_label.h | 4 arch/parisc/include/asm/special_insns.h | 6 arch/parisc/include/asm/uaccess.h | 48 arch/parisc/kernel/cache.c | 6 arch/parisc/kernel/drivers.c | 3 arch/parisc/kernel/unaligned.c | 44 arch/parisc/mm/fault.c | 11 arch/powerpc/include/asm/jump_label.h | 4 arch/powerpc/include/asm/reg.h | 2 arch/powerpc/include/asm/thread_info.h | 2 arch/powerpc/include/asm/uaccess.h | 12 arch/powerpc/kernel/cpu_setup_6xx.S | 20 arch/powerpc/kernel/cpu_specs_e500mc.h | 3 arch/powerpc/kernel/interrupt_64.S | 4 arch/powerpc/kernel/iommu.c | 4 arch/powerpc/kernel/irq_64.c | 2 arch/powerpc/mm/kasan/init_32.c | 1 arch/powerpc/platforms/pseries/lpar.c | 8 arch/riscv/include/asm/bitops.h | 8 arch/riscv/include/asm/cpufeature.h | 4 arch/riscv/include/asm/jump_label.h | 4 arch/s390/include/asm/jump_label.h | 4 arch/s390/kvm/vsie.c | 1 arch/s390/mm/gmap.c | 1 arch/sparc/include/asm/jump_label.h | 4 arch/um/Makefile | 4 arch/um/include/asm/cpufeature.h | 2 arch/x86/Kconfig.cpu | 2 arch/x86/include/asm/barrier.h | 18 arch/x86/include/asm/cpufeature.h | 2 arch/x86/include/asm/cpufeatures.h | 2 arch/x86/include/asm/jump_label.h | 6 arch/x86/include/asm/processor.h | 18 arch/x86/include/asm/rmwcc.h | 2 arch/x86/include/asm/special_insns.h | 2 arch/x86/include/asm/uaccess.h | 10 arch/x86/kernel/cpu/amd.c | 3 arch/x86/kernel/cpu/common.c | 7 arch/x86/kernel/cpu/hygon.c | 3 arch/x86/kernel/fpu/signal.c | 13 arch/x86/kvm/svm/svm_ops.h | 6 arch/x86/kvm/vmx/pmu_intel.c | 2 arch/x86/kvm/vmx/vmx.c | 4 arch/x86/kvm/vmx/vmx_ops.h | 6 arch/x86/kvm/x86.c | 3 arch/x86/mm/ident_map.c | 23 arch/xtensa/include/asm/jump_label.h | 4 block/blk-mq.c | 9 block/blk-wbt.c | 4 crypto/algif_hash.c | 5 drivers/android/binder.c | 10 drivers/base/core.c | 15 drivers/base/power/domain.c | 2 drivers/connector/cn_proc.c | 5 drivers/crypto/ccp/sev-dev.c | 10 drivers/dpll/dpll_netlink.c | 20 drivers/dpll/dpll_nl.c | 4 drivers/dpll/dpll_nl.h | 2 drivers/firewire/core-device.c | 7 drivers/firmware/efi/libstub/Makefile | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 9 drivers/gpu/drm/amd/amdgpu/cik_ih.c | 6 drivers/gpu/drm/amd/amdgpu/cz_ih.c | 5 drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 2 drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 8 drivers/gpu/drm/amd/amdgpu/iceland_ih.c | 5 drivers/gpu/drm/amd/amdgpu/ih_v6_0.c | 6 drivers/gpu/drm/amd/amdgpu/ih_v6_1.c | 7 drivers/gpu/drm/amd/amdgpu/navi10_ih.c | 6 drivers/gpu/drm/amd/amdgpu/si_ih.c | 6 drivers/gpu/drm/amd/amdgpu/soc21.c | 4 drivers/gpu/drm/amd/amdgpu/tonga_ih.c | 6 drivers/gpu/drm/amd/amdgpu/vega10_ih.c | 6 drivers/gpu/drm/amd/amdgpu/vega20_ih.c | 6 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 14 drivers/gpu/drm/amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c | 15 drivers/gpu/drm/amd/display/dc/dml/Makefile | 6 drivers/gpu/drm/amd/display/dc/dml/dcn32/dcn32_fpu.c | 2 drivers/gpu/drm/amd/display/dc/dml2/dml2_translation_helper.c | 29 drivers/gpu/drm/amd/display/dc/inc/core_types.h | 2 drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_training.c | 5 drivers/gpu/drm/drm_buddy.c | 6 drivers/gpu/drm/drm_prime.c | 2 drivers/gpu/drm/i915/display/intel_dp.c | 3 drivers/gpu/drm/i915/display/intel_vdsc_regs.h | 4 drivers/gpu/drm/msm/msm_gem_prime.c | 4 drivers/gpu/drm/msm/msm_gpu.c | 11 drivers/gpu/drm/msm/msm_iommu.c | 32 drivers/gpu/drm/msm/msm_ringbuffer.c | 7 drivers/gpu/drm/nouveau/include/nvkm/subdev/gsp.h | 2 drivers/gpu/drm/nouveau/nouveau_fence.c | 24 drivers/gpu/drm/nouveau/nouveau_fence.h | 1 drivers/gpu/drm/nouveau/nouveau_svm.c | 2 drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c | 61 drivers/gpu/drm/virtio/virtgpu_drv.c | 1 drivers/hid/bpf/hid_bpf_dispatch.c | 83 - drivers/hid/bpf/hid_bpf_dispatch.h | 4 drivers/hid/bpf/hid_bpf_jmp_table.c | 40 drivers/hid/i2c-hid/i2c-hid-of.c | 1 drivers/hid/wacom_sys.c | 63 drivers/hid/wacom_wac.c | 9 drivers/i2c/busses/Makefile | 6 drivers/i2c/busses/i2c-i801.c | 4 drivers/i2c/busses/i2c-pasemi-core.c | 6 drivers/i2c/busses/i2c-qcom-geni.c | 14 drivers/iio/accel/Kconfig | 2 drivers/iio/adc/ad4130.c | 12 drivers/iio/imu/bno055/Kconfig | 1 drivers/iio/industrialio-core.c | 5 drivers/iio/light/hid-sensor-als.c | 1 drivers/iio/magnetometer/rm3100-core.c | 10 drivers/iio/pressure/bmp280-spi.c | 1 drivers/interconnect/qcom/sc8180x.c | 1 drivers/interconnect/qcom/sm8550.c | 1 drivers/irqchip/irq-brcmstb-l2.c | 5 drivers/irqchip/irq-gic-v3-its.c | 62 drivers/irqchip/irq-loongson-eiointc.c | 2 drivers/md/dm-core.h | 2 drivers/md/dm-crypt.c | 38 drivers/md/dm-ioctl.c | 3 drivers/md/dm-table.c | 9 drivers/md/dm-verity-target.c | 26 drivers/md/dm-verity.h | 1 drivers/md/md.c | 7 drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c | 2 drivers/media/rc/bpf-lirc.c | 6 drivers/media/rc/ir_toy.c | 2 drivers/media/rc/lirc_dev.c | 5 drivers/media/rc/rc-core-priv.h | 2 drivers/misc/fastrpc.c | 2 drivers/mmc/core/slot-gpio.c | 6 drivers/mmc/host/sdhci-pci-o2micro.c | 30 drivers/net/bonding/bond_main.c | 5 drivers/net/can/dev/netlink.c | 2 drivers/net/dsa/mv88e6xxx/chip.c | 2 drivers/net/ethernet/intel/i40e/i40e_main.c | 2 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 38 drivers/net/ethernet/mellanox/mlx5/core/dpll.c | 2 drivers/net/ethernet/microchip/lan966x/lan966x_lag.c | 9 drivers/net/ethernet/netronome/nfp/flower/conntrack.c | 46 drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c | 2 drivers/net/ethernet/netronome/nfp/nfp_net_common.c | 1 drivers/net/ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c | 6 drivers/net/ethernet/stmicro/stmmac/common.h | 56 drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c | 15 drivers/net/ethernet/stmicro/stmmac/dwmac4_lib.c | 15 drivers/net/ethernet/stmicro/stmmac/dwmac_lib.c | 15 drivers/net/ethernet/stmicro/stmmac/dwxgmac2_dma.c | 15 drivers/net/ethernet/stmicro/stmmac/stmmac_ethtool.c | 129 + drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 136 - drivers/net/ethernet/ti/cpsw.c | 2 drivers/net/ethernet/ti/cpsw_new.c | 3 drivers/net/hyperv/netvsc.c | 5 drivers/net/hyperv/netvsc_drv.c | 82 - drivers/net/wireless/intel/iwlwifi/fw/acpi.c | 15 drivers/net/wireless/intel/iwlwifi/iwl-drv.c | 1 drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 3 drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c | 4 drivers/net/wireless/intel/iwlwifi/mvm/time-event.c | 3 drivers/net/xen-netback/netback.c | 84 - drivers/of/property.c | 65 drivers/of/unittest.c | 12 drivers/pci/controller/dwc/pcie-designware-ep.c | 3 drivers/pci/pci.c | 37 drivers/perf/cxl_pmu.c | 2 drivers/pmdomain/mediatek/mtk-pm-domains.c | 15 drivers/pmdomain/renesas/r8a77980-sysc.c | 3 drivers/s390/net/qeth_l3_main.c | 9 drivers/scsi/fcoe/fcoe_ctlr.c | 20 drivers/scsi/storvsc_drv.c | 12 drivers/spi/spi-imx.c | 9 drivers/spi/spi-omap2-mcspi.c | 137 - drivers/spi/spi-ppc4xx.c | 5 drivers/staging/iio/impedance-analyzer/ad5933.c | 2 drivers/thunderbolt/tb_regs.h | 2 drivers/thunderbolt/usb4.c | 2 drivers/tty/serial/max310x.c | 53 drivers/tty/serial/mxs-auart.c | 5 drivers/tty/serial/serial_core.c | 2 drivers/usb/chipidea/ci.h | 2 drivers/usb/chipidea/core.c | 44 drivers/usb/common/ulpi.c | 2 drivers/usb/core/hub.c | 46 drivers/usb/dwc3/gadget.c | 6 drivers/usb/gadget/function/f_mass_storage.c | 20 drivers/usb/typec/tcpm/tcpm.c | 3 drivers/usb/typec/ucsi/ucsi.c | 2 drivers/usb/typec/ucsi/ucsi_acpi.c | 17 drivers/xen/events/events_base.c | 8 fs/btrfs/block-group.c | 80 fs/btrfs/block-group.h | 7 fs/btrfs/delalloc-space.c | 29 fs/btrfs/disk-io.c | 13 fs/btrfs/inode.c | 26 fs/btrfs/ioctl.c | 5 fs/btrfs/qgroup.c | 14 fs/btrfs/send.c | 2 fs/btrfs/transaction.c | 38 fs/ceph/caps.c | 3 fs/ext4/mballoc.c | 39 fs/ext4/move_extent.c | 6 fs/hugetlbfs/inode.c | 21 fs/namespace.c | 11 fs/nfsd/nfs4state.c | 11 fs/nilfs2/file.c | 8 fs/nilfs2/recovery.c | 7 fs/nilfs2/segment.c | 8 fs/proc/array.c | 66 fs/smb/client/connect.c | 14 fs/smb/client/fs_context.c | 11 fs/smb/client/namespace.c | 16 fs/smb/client/smb2ops.c | 2 fs/smb/server/smb2pdu.c | 8 fs/tracefs/event_inode.c | 808 ++-------- fs/tracefs/inode.c | 102 - fs/tracefs/internal.h | 44 fs/zonefs/file.c | 42 fs/zonefs/super.c | 66 include/linux/backing-dev-defs.h | 7 include/linux/compiler-gcc.h | 20 include/linux/compiler_types.h | 11 include/linux/gpio/driver.h | 12 include/linux/iio/adc/ad_sigma_delta.h | 4 include/linux/iio/common/st_sensors.h | 4 include/linux/iio/imu/adis.h | 3 include/linux/lsm_hook_defs.h | 4 include/linux/mman.h | 1 include/linux/netfilter/ipset/ip_set.h | 4 include/linux/ptrace.h | 4 include/linux/serial_core.h | 32 include/net/tls.h | 5 include/sound/tas2781.h | 1 init/Kconfig | 9 io_uring/net.c | 5 kernel/sched/membarrier.c | 6 kernel/sys.c | 50 kernel/trace/ftrace.c | 10 kernel/trace/ring_buffer.c | 2 kernel/trace/trace.c | 78 kernel/trace/trace_btf.c | 4 kernel/trace/trace_events_synth.c | 3 kernel/trace/trace_events_trigger.c | 6 kernel/trace/trace_osnoise.c | 6 kernel/trace/trace_probe.c | 32 kernel/trace/trace_probe.h | 3 kernel/workqueue.c | 8 lib/kobject.c | 24 mm/backing-dev.c | 2 mm/damon/sysfs-schemes.c | 2 mm/huge_memory.c | 14 mm/memory-failure.c | 2 mm/memory.c | 4 mm/mmap.c | 6 mm/page-writeback.c | 4 mm/userfaultfd.c | 15 net/can/j1939/j1939-priv.h | 3 net/can/j1939/main.c | 2 net/can/j1939/socket.c | 46 net/handshake/handshake-test.c | 5 net/hsr/hsr_device.c | 4 net/mac80211/tx.c | 5 net/mptcp/pm_userspace.c | 13 net/mptcp/protocol.c | 25 net/mptcp/protocol.h | 7 net/mptcp/subflow.c | 4 net/netfilter/ipset/ip_set_bitmap_gen.h | 14 net/netfilter/ipset/ip_set_core.c | 39 net/netfilter/ipset/ip_set_hash_gen.h | 19 net/netfilter/ipset/ip_set_list_set.c | 13 net/netfilter/nft_set_pipapo_avx2.c | 2 net/nfc/nci/core.c | 4 net/openvswitch/flow_netlink.c | 49 net/tls/tls_sw.c | 135 - net/wireless/core.c | 3 samples/bpf/asm_goto_workaround.h | 8 scripts/link-vmlinux.sh | 9 scripts/mksysmap | 13 scripts/mod/modpost.c | 3 scripts/mod/sumversion.c | 7 security/security.c | 45 sound/pci/hda/Kconfig | 4 sound/pci/hda/patch_conexant.c | 18 sound/pci/hda/patch_cs8409.c | 1 sound/pci/hda/patch_realtek.c | 20 sound/pci/hda/tas2781_hda_i2c.c | 2 sound/soc/amd/yc/acp6x-mach.c | 14 sound/soc/codecs/rt5645.c | 1 sound/soc/codecs/tas2781-comlib.c | 3 sound/soc/codecs/tas2781-i2c.c | 2 sound/soc/codecs/wcd938x.c | 2 sound/soc/intel/avs/core.c | 3 sound/soc/intel/avs/topology.c | 2 sound/soc/sof/ipc3-topology.c | 55 sound/soc/sof/ipc3.c | 2 tools/arch/x86/include/asm/rmwcc.h | 2 tools/include/linux/compiler_types.h | 4 tools/testing/selftests/dt/test_unprobed_devices.sh | 13 tools/testing/selftests/landlock/common.h | 48 tools/testing/selftests/landlock/fs_test.c | 11 tools/testing/selftests/landlock/net_test.c | 13 tools/testing/selftests/mm/charge_reserved_hugetlb.sh | 2 tools/testing/selftests/mm/ksm_tests.c | 2 tools/testing/selftests/mm/map_hugetlb.c | 7 tools/testing/selftests/mm/va_high_addr_switch.sh | 6 tools/testing/selftests/mm/write_hugetlb_memory.sh | 2 tools/testing/selftests/net/forwarding/bridge_locked_port.sh | 4 tools/testing/selftests/net/forwarding/bridge_mdb.sh | 14 tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh | 8 tools/testing/selftests/net/mptcp/config | 3 tools/testing/selftests/net/mptcp/mptcp_join.sh | 10 tools/testing/selftests/net/mptcp/mptcp_lib.sh | 11 tools/testing/selftests/net/mptcp/settings | 2 tools/testing/selftests/net/mptcp/userspace_pm.sh | 31 tools/testing/selftests/net/test_bridge_backup_port.sh | 394 ++-- tools/tracing/rtla/Makefile | 7 tools/tracing/rtla/src/osnoise_hist.c | 9 tools/tracing/rtla/src/osnoise_top.c | 6 tools/tracing/rtla/src/timerlat_hist.c | 9 tools/tracing/rtla/src/timerlat_top.c | 6 tools/tracing/rtla/src/utils.c | 14 tools/tracing/rtla/src/utils.h | 2 tools/verification/rv/Makefile | 7 tools/verification/rv/src/in_kernel.c | 2 350 files changed, 3331 insertions(+), 2533 deletions(-) Aaron Conole (1): net: openvswitch: limit the number of recursions from action sets Aleksander Mazur (1): x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 Alex Williamson (1): PCI: Fix active state requirement in PME polling Alexander Stein (1): mmc: slot-gpio: Allow non-sleeping GPIO ro Alexandra Winter (1): s390/qeth: Fix potential loss of L3-IP@ in case of network issues Alexey Khoroshilov (1): ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() Amadeusz Sławiński (1): ASoC: Intel: avs: Fix dynamic port assignment when TDM is set Andrei Vagin (1): x86/fpu: Stop relying on userspace for info to fault in xsave buffer Andrew Lunn (1): net: dsa: mv88e6xxx: Fix failed probe due to unsupported C45 reads Andy Chi (1): ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power Arnd Bergmann (3): nouveau/svm: fix kvcalloc() argument order i2c: pasemi: split driver into two separate modules kallsyms: ignore ARMv4 thunks along with others Arunpravin Paneer Selvam (1): drm/buddy: Fix alloc_range() error handling code Audra Mitchell (1): selftests/mm: Update va_high_addr_switch.sh to check CPU for la57 flag Baokun Li (2): ext4: fix double-free of blocks due to wrong extents moved_len ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks() Benjamin Tissoires (2): HID: bpf: remove double fdget() HID: bpf: actually free hdev memory after attaching a HID-BPF program Bibo Mao (1): irqchip/loongson-eiointc: Use correct struct type in eiointc_domain_alloc() Boris Burkov (2): btrfs: forbid creating subvol qgroups btrfs: forbid deleting live subvol qgroup Borislav Petkov (AMD) (1): x86/barrier: Do not serialize MSR accesses on AMD Breno Leitao (1): net: sysfs: Fix /sys/class/net/<iface> path for statistics Carlos Llamas (1): binder: signal epoll threads of self-work Carlos Song (1): spi: imx: fix the burst length at DMA mode and CPU mode Cezary Rojewski (1): ASoC: Intel: avs: Fix pci_probe() error path Christian A. Ehrhardt (3): of: unittest: Fix compile in the non-dynamic case usb: ucsi: Add missing ppm_lock usb: ucsi_acpi: Fix command completion handling Christian Borntraeger (1): KVM: s390: vsie: fix race during shadow creation Christian Brauner (1): fs: relax mount_setattr() permission checks Chuck Lever (1): net/handshake: Fix handshake_req_destroy_test1 Cosmin Tanislav (2): iio: adc: ad4130: zero-initialize clock init data iio: adc: ad4130: only set GPIO_CTRL if pin is unused Curtis Malainey (1): ASoC: SOF: IPC3: fix message bounds on ipc ops Damien Le Moal (2): zonefs: Improve error handling block: fix partial zone append completion handling in req_bio_endio() Dan Carpenter (4): wifi: iwlwifi: Fix some error codes wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() cifs: fix underflow in parse_server_interfaces() PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() Daniel Basilio (1): nfp: use correct macro for LengthSelect in BAR config Daniel Bristot de Oliveira (7): tracing/timerlat: Move hrtimer_init to timerlat_fd open() tools/rv: Fix curr_reactor uninitialized variable tools/rv: Fix Makefile compiler options for clang tools/rtla: Remove unused sched_getattr() function tools/rtla: Fix clang warning about mount_point var size tools/rtla: Fix uninitialized bucket/data->bucket_size warning tools/rtla: Fix Makefile compiler options for clang Daniel de Villiers (1): nfp: flower: prevent re-adding mac index for bonded port Dave Airlie (2): nouveau: offload fence uevents work to workqueue nouveau/gsp: use correct size for registry rpc. David Engraf (1): powerpc/cputable: Add missing PPC_FEATURE_BOOKE on PPC64 Book-E David McFarland (1): drm/amd: Don't init MEC2 firmware when it fails to load David Schiller (1): staging: iio: ad5933: fix type mismatch regression David Senoner (1): ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 David Sterba (1): btrfs: send: return EOPNOTSUPP on unknown flags Dinghao Liu (1): iio: core: fix memleak in iio_device_register_sysfs Doug Berger (1): irqchip/irq-brcmstb-l2: Add write memory barrier before exit Easwar Hariharan (1): arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL Ekansh Gupta (1): misc: fastrpc: Mark all sessions as invalid in cb_remove Emmanuel Grumbach (1): wifi: iwlwifi: mvm: fix a crash when we run out of stations Eniac Zhang (1): ALSA: hda/realtek: fix mute/micmute LED For HP mt645 Erick Archer (1): eventfs: Use kcalloc() instead of kzalloc() Esben Haabendal (1): net: stmmac: do not clear TBS enable bit on link up/down Eugen Hristev (1): pmdomain: mediatek: fix race conditions with genpd Fangzhi Zuo (2): drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue drm/amd/display: Fix MST Null Ptr for RV Fedor Pchelkin (2): nfc: nci: free rx_data_reassembly skb on NCI device cleanup ksmbd: free aux buffer if ksmbd_iov_pin_rsp_read fails Filipe Manana (6): btrfs: add and use helper to check if block group is used btrfs: do not delete unused block group if it may be used soon btrfs: add new unused block groups to the list of unused block groups btrfs: don't refill whole delayed refs block reserve when starting transaction btrfs: don't reserve space for checksums when writing to nocow files btrfs: reject encoded write if inode has nodatasum flag set Fred Ai (1): mmc: sdhci-pci-o2micro: Fix a warm reboot issue that disk can't be detected by BIOS Friedrich Vock (1): drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Gaurav Batra (1): powerpc/pseries/iommu: Fix iommu initialisation during DLPAR add Geert Uytterhoeven (1): pmdomain: renesas: r8a77980-sysc: CR7 must be always on Geliang Tang (2): selftests: mptcp: add mptcp_lib_kill_wait mptcp: check addrs list in userspace_pm_get_local_id Gergo Koteles (1): ASoC: tas2781: add module parameter to tascodec_init() Greg Kroah-Hartman (2): Revert "kobject: Remove redundant checks for whether ktype is NULL" Linux 6.7.6 Guenter Roeck (1): MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler Gui-Dong Han (1): serial: core: Fix atomicity violation in uart_tiocmget Hangbin Liu (1): selftests/net: convert test_bridge_backup_port.sh to run it in unique namespace Helge Deller (3): parisc: Prevent hung tasks when printing inventory on serial console parisc: Fix random data corruption from exception handler parisc: BTLB: Fix crash when setting up BTLB at CPU bringup Herbert Xu (1): crypto: algif_hash - Remove bogus SGL free on zero-length error path Hojin Nam (1): perf: CXL: fix mismatched cpmu event opcode Horatiu Vultur (1): lan966x: Fix crash when adding interface under a lag Hu Yadi (2): selftests/landlock: Fix net_test build with old libc selftests/landlock: Fix fs_test build with old libc Huacai Chen (1): LoongArch: Fix earlycon parameter if KASAN enabled Hugo Villeneuve (4): serial: max310x: set default value when reading clock ready bit serial: max310x: improve crystal stable clock detection serial: max310x: fail probe if clock crystal is unstable serial: max310x: prevent infinite while() loop in port startup Hui Zhou (2): nfp: flower: add hardware offload check for post ct entry nfp: flower: fix hardware offload for the transfer layer port Ido Schimmel (5): selftests: net: Fix bridge backup port test flakiness selftests: forwarding: Fix layer 2 miss test flakiness selftests: forwarding: Fix bridge MDB test flakiness selftests: forwarding: Suppress grep warnings selftests: forwarding: Fix bridge locked port test flakiness Ivan Vecera (2): i40e: Do not allow untrusted VF to remove administratively set MAC i40e: Fix waiting for queues of all VSIs to be disabled Jakub Kicinski (5): net: tls: factor out tls_*crypt_async_wait() tls: fix race between async notify and socket close tls: fix race between tx work scheduling and socket close net: tls: handle backlogging of crypto requests net: tls: fix returned read length with async decrypt James Hershaw (1): nfp: enable NETDEV_XDP_ACT_REDIRECT feature flag Jan Beulich (1): xen-netback: properly sync TX responses Jan Kara (1): blk-wbt: Fix detection of dirty-throttled tasks Jan Kiszka (1): riscv/efistub: Ensure GP-relative addressing is not used Jason Gerecke (1): HID: wacom: Do not register input devices until after hid_hw_start Jean Delvare (1): i2c: i801: Fix block process call transactions Jens Axboe (1): io_uring/net: fix multishot accept overflow handling Jiangfeng Xiao (1): powerpc/kasan: Fix addr error caused by page alignment Jiaxun Yang (2): ptrace: Introduce exception_ip arch hook mm/memory: Use exception ip to search exception tables Jiri Pirko (2): dpll: fix possible deadlock during netlink dump operation net/mlx5: DPLL, Fix possible use after free after delayed work timer triggers Jiri Slaby (SUSE) (2): serial: core: introduce uart_port_tx_flags() serial: mxs-auart: fix tx Johan Hovold (1): HID: i2c-hid-of: fix NULL-deref on failed power up Johannes Berg (3): wifi: iwlwifi: fix double-free bug wifi: cfg80211: fix wiphy delayed work queueing wifi: mac80211: reload info pointer in ieee80211_tx_dequeue() John Kacur (1): tools/rtla: Exit with EXIT_SUCCESS when help is invoked Josef Bacik (1): btrfs: don't drop extent_map for free space inode on write error José Relvas (1): ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287 thinkpads Jozsef Kadlecsik (2): netfilter: ipset: fix performance regression in swap operation netfilter: ipset: Missing gc cancellations fixed Junxiao Bi (1): md: bypass block throttle for superblock update Kailang Yang (1): ALSA: hda/realtek - Add speaker pin verbtable for Dell dual speaker platform Keqi Wang (1): connector/cn_proc: revert "connector: Fix proc_event_num_listeners count not cleared" Kim Phillips (1): crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked Konrad Dybcio (3): interconnect: qcom: sc8180x: Mark CO0 BCM keepalive interconnect: qcom: sm8550: Enable sync_state pmdomain: core: Move the unused cleanup to a _sync initcall Krzysztof Kozlowski (3): ASoC: codecs: wcd938x: handle deferred probe gpiolib: add gpio_device_get_base() stub for !GPIOLIB gpiolib: add gpiod_to_gpio_device() stub for !GPIOLIB Lee Duncan (1): scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" Lijo Lazar (1): drm/amdgpu: Avoid fetching VRAM vendor info Linus Torvalds (9): work around gcc bugs with 'asm goto' with outputs update workarounds for gcc "asm goto" issue eventfs: Initialize the tracefs inode properly tracefs: Avoid using the ei->dentry pointer unnecessarily tracefs: dentry lookup crapectomy eventfs: Remove unused d_parent pointer field eventfs: Clean up dentry ops and add revalidate function eventfs: Get rid of dentry pointers without refcounts sched/membarrier: reduce the ability to hammer on sys_membarrier Lokesh Gidra (1): userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb Luka Guzenko (1): ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx Lukas Bulwahn (1): ALSA: hda/cs35l56: select intended config FW_CS_DSP Magnus Karlsson (1): bonding: do not report NETDEV_XDP_ACT_XSK_ZEROCOPY Manasi Navare (1): drm/i915/dsc: Fix the macro that calculates DSCC_/DSCA_ PPS reg address Marc Zyngier (3): irqchip/gic-v3-its: Handle non-coherent GICv4 redistributors irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update Mario Limonciello (3): Revert "drm/amd: flush any delayed gfxoff on suspend entry" iio: accel: bma400: Fix a compilation problem ASoC: amd: yc: Add DMI quirk for Lenovo Ideapad Pro 5 16ARP8 Mark Brown (2): arm64/signal: Don't assume that TIF_SVE means we saved SVE state usb: typec: tpcm: Fix issues with power being removed during reset Masami Hiramatsu (Google) (5): tracing/trigger: Fix to return error if failed to alloc snapshot tracing/probes: Fix to show a parse error for bad type for $comm tracing/probes: Fix to set arg size and fmt after setting type from BTF tracing/probes: Fix to search structure fields correctly ftrace: Fix DIRECT_CALLS to use SAVE_REGS by default Matthias Schiffer (1): powerpc/6xx: set High BAT Enable flag on G2_LE cores Matthieu Baerts (NGI0) (5): selftests: mptcp: add missing kconfig for NF Filter selftests: mptcp: add missing kconfig for NF Filter in v6 selftests: mptcp: add missing kconfig for NF Mangle selftests: mptcp: increase timeout to 30 min selftests: mptcp: allow changing subtests prefix Maxime Jayat (1): can: netlink: Fix TDCO calculation using the old data bittiming Maximilian Heyne (1): xen/events: close evtchn after mapping cleanup Michael Ellerman (2): powerpc/kasan: Limit KASAN thread size increase to 32KB Revert "powerpc/pseries/iommu: Fix iommu initialisation during DLPAR add" Michael Kelley (1): scsi: storvsc: Fix ring buffer size calculation Mickaël Salaün (1): selftests/landlock: Fix capability for net_test Mikulas Patocka (2): dm-crypt, dm-verity: disable tasklets dm: limit the number of targets and parameter size area Mingwei Zhang (1): KVM: x86/pmu: Fix type length error when reading pmu->fixed_ctr_ctrl Miri Korenblit (1): wifi: iwlwifi: clear link_id in time_event Mohammad Rahimi (1): thunderbolt: Fix setting the CNS bit in ROUTER_CS_5 Muhammad Usama Anjum (1): selftests/mm: switch to bash from sh Nathan Chancellor (4): kbuild: Fix changing ELF file type for output of gen_btf for big endian um: Fix adding '-no-pie' for clang modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS drm/amd/display: Increase frame-larger-than for all display_mode_vba files Naveen N Rao (1): powerpc/64: Set task pt_regs->link to the LR value on scv entry NeilBrown (1): nfsd: don't take fi_lock in nfsd_break_deleg_cb() Nico Pache (1): selftests: mm: fix map_hugetlb failure on 64K page size systems Nikita Zhandarovich (1): net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Nuno Sa (4): iio: commom: st_sensors: ensure proper DMA alignment iio: adc: ad_sigma_delta: ensure proper DMA alignment iio: imu: adis: ensure proper DMA alignment of: property: fix typo in io-channels Nícolas F. R. A. Prado (1): kselftest: dt: Stop relying on dirname to improve performance Oleg Nesterov (4): getrusage: move thread_group_cputime_adjusted() outside of lock_task_sighand() getrusage: use sig->stats_lock rather than lock_task_sighand() fs/proc: do_task_stat: move thread_group_cputime_adjusted() outside of lock_task_sighand() fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats Oleksij Rempel (1): can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Oliver Neukum (1): USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT Ondrej Mosnacek (2): lsm: fix default return value of the socket_getpeersec_*() hooks lsm: fix the logic in security_inode_getsecctx() Oscar Salvador (1): fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super Paolo Abeni (4): mptcp: fix data re-injection from stale subflow mptcp: drop the push_pending field mptcp: fix rcv space initialization mptcp: really cope with fastopen race Parav Pandit (1): devlink: Fix command annotation documentation Paulo Alcantara (1): smb: client: set correct id, uid and cruid for multiuser automounts Petr Pavlu (1): tracing: Fix HAVE_DYNAMIC_FTRACE_WITH_REGS ifdef Petr Tesarik (1): net: stmmac: protect updates of 64-bit statistics counters Philip Yang (1): drm/prime: Support page array >= 4GB Prakash Sangappa (1): mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE Prasad Pandit (1): KVM: x86: make KVM_REQ_NMI request iff NMI pending for vcpu Qu Wenruo (1): btrfs: do not ASSERT() if the newly created subvolume already got read Radek Krejci (1): modpost: trim leading spaces when processing source files list Randy Dunlap (1): iio: imu: bno055: serdev requires REGMAP Ranjani Sridharan (1): ASoC: SOF: ipc3-topology: Fix pipeline tear down logic Rishabh Dave (1): ceph: prevent use-after-free in encode_cap_msg() Rob Clark (3): drm/msm/gem: Fix double resv lock aquire Revert "drm/msm/gpu: Push gpu lock down past runpm" drm/msm: Wire up tlb ops Roman Li (1): drm/amd/display: Fix array-index-out-of-bounds in dcn35_clkmgr Ryan Roberts (2): mm: thp_get_unmapped_area must honour topdown preference selftests/mm: ksm_tests should only MADV_HUGEPAGE valid memory Ryusuke Konishi (3): nilfs2: fix data corruption in dsync block recovery for small block sizes nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() nilfs2: fix potential bug in end_buffer_async_write Sabrina Dubroca (1): net: tls: fix use-after-free with partial reads and async decrypt Sam Protsenko (1): iio: pressure: bmp280: Add missing bmp085 to SPI id table Samuel Holland (1): scs: add CONFIG_MMU dependency for vfree_atomic() Saravana Kannan (5): driver core: Fix device_link_flag_is_sync_state_only() of: property: Improve finding the consumer of a remote-endpoint property of: property: Improve finding the supplier of a remote-endpoint property driver core: fw_devlink: Improve detection of overlapping cycles of: property: Add in-ports/out-ports support to of_graph_get_port_parent() Sean Anderson (1): usb: ulpi: Fix debugfs directory leak Sean Young (1): media: rc: bpf attach/detach requires write permission Sebastian Ene (1): KVM: arm64: Fix circular locking dependency Sebastian Ott (1): drm/virtio: Set segment size for virtio_gpu device SeongJae Park (1): mm/damon/sysfs-schemes: fix wrong DAMOS tried regions update timeout setup Shivaprasad G Bhat (1): powerpc/iommu: Fix the missing iommu_group_put() during platform domain attach Shradha Gupta (1): hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed Shrikanth Hegde (1): powerpc/pseries: fix accuracy of stolen time Shuming Fan (1): ALSA: hda/realtek: add IDs for Dell dual spk platform Sidhartha Kumar (1): fs/hugetlbfs/inode.c: mm/memory-failure.c: fix hugetlbfs hwpoison handling Sinthu Raja (2): net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio net: ethernet: ti: cpsw_new: enable mac_managed_pm to fix mdio Souradeep Chakrabarti (1): hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove Srinivas Pandruvada (1): iio: hid-sensor-als: Return 0 for HID_USAGE_SENSOR_TIME_TIMESTAMP Steve French (1): smb: Fix regression in writes when non-standard maximum write size negotiated Steve Wahl (1): x86/mm/ident_map: Use gbpages only where full GB page should be mapped. Steven Rostedt (Google) (16): tracing: Fix wasted memory in saved_cmdlines logic eventfs: Remove "lookup" parameter from create_dir/file_dentry() eventfs: Stop using dcache_readdir() for getdents() eventfs: Have eventfs_iterate() stop immediately if ei->is_freed is set eventfs: Do ctx->pos update for all iterations in eventfs_iterate() eventfs: Read ei->entries before ei->children in eventfs_iterate() eventfs: Shortcut eventfs_iterate() by skipping entries already read eventfs: Have the inodes all for files and directories all be the same eventfs: Do not create dentries nor inodes in iterate_shared eventfs: Save directory inodes in the eventfs_inode structure tracefs: Zero out the tracefs_inode when allocating it eventfs: Warn if an eventfs_inode is freed without is_freed being set eventfs: Restructure eventfs_inode structure to be more condensed eventfs: Remove fsnotify*() functions from lookup() eventfs: Keep all directory links at 1 tracing: Inform kmemleak of saved_cmdlines allocation Takashi Sakamoto (1): firewire: core: correct documentation of fw_csr_string() kernel API Tatsunosuke Tobita (1): HID: wacom: generic: Avoid reporting a serial of '0' to userspace Techno Mooney (1): ASoC: amd: yc: Add DMI quirk for MSI Bravo 15 C7VF Tejun Heo (1): Revert "workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask()" Thong (1): drm/amdgpu/soc21: update VCN 4 max HEVC encoding resolution Thorsten Blum (1): tracing/synthetic: Fix trace_string() return value Timur Tabi (1): drm/nouveau: fix several DMA buffer leaks Tom Chung (1): drm/amd/display: Preserve original aspect ratio in create stream Tomi Valkeinen (1): media: Revert "media: rkisp1: Drop IRQF_SHARED" Udipto Goswami (1): usb: core: Prevent null pointer dereference in update_port_device_state Uttkarsh Aggarwal (1): usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend Uwe Kleine-König (1): spi: ppc4xx: Drop write-only variable Vaishnav Achath (1): spi: omap2-mcspi: Revert FIFO support without DMA Vegard Nossum (1): docs: kernel_feat.py: fix build error for missing files Viken Dadhaniya (1): i2c: qcom-geni: Correct I2C TRE sequence Ville Syrjälä (1): drm/i915/dp: Limit SST link rate to <=8.1Gbps Vincent Donnefort (1): ring-buffer: Clean ring_buffer_poll_wait() error return Vitaly Rodionov (1): ALSA: hda/cs8409: Suppress vmaster control for Dolphin models Wenjing Liu (1): drm/amd/display: fix incorrect mpc_combine array size Xu Yang (1): usb: chipidea: core: handle power lost in workqueue Yang Shi (2): mm: huge_memory: don't force huge page alignment on 32 bit mm: mmap: map MAP_STACK to VM_NOHUGEPAGE Zach O'Keefe (1): mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again Zhikai Zhai (1): drm/amd/display: Add align done check Zhipeng Lu (1): media: ir_toy: fix a memleak in irtoy_tx Ziqi Zhao (1): can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock bo liu (1): ALSA: hda/conexant: Add quirk for SWS JS201D limingming3 (1): tools/rtla: Replace setting prio with nice for SCHED_OTHER yuan linyu (1): usb: f_mass_storage: forbid async queue when shutdown happen zhili.liu (1): iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC

1 year, 6 months

1
1
0 0

Linux 6.6.18

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.18 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-class-net-statistics | 48 Documentation/arch/arm64/silicon-errata.rst | 7 Documentation/arch/ia64/features.rst | 2 Documentation/networking/devlink/devlink-port.rst | 2 Documentation/sphinx/kernel_feat.py | 2 Makefile | 2 arch/Kconfig | 1 arch/arc/include/asm/jump_label.h | 4 arch/arm/include/asm/jump_label.h | 4 arch/arm64/include/asm/alternative-macros.h | 4 arch/arm64/include/asm/cputype.h | 4 arch/arm64/include/asm/jump_label.h | 4 arch/arm64/kernel/cpu_errata.c | 3 arch/arm64/kernel/fpsimd.c | 2 arch/arm64/kernel/signal.c | 4 arch/arm64/kvm/pkvm.c | 27 arch/csky/include/asm/jump_label.h | 4 arch/loongarch/include/asm/jump_label.h | 4 arch/loongarch/mm/kasan_init.c | 3 arch/mips/include/asm/checksum.h | 3 arch/mips/include/asm/jump_label.h | 4 arch/mips/include/asm/ptrace.h | 2 arch/mips/kernel/ptrace.c | 7 arch/parisc/Kconfig | 1 arch/parisc/include/asm/assembly.h | 1 arch/parisc/include/asm/extable.h | 64 arch/parisc/include/asm/jump_label.h | 4 arch/parisc/include/asm/special_insns.h | 6 arch/parisc/include/asm/uaccess.h | 48 arch/parisc/kernel/cache.c | 6 arch/parisc/kernel/drivers.c | 3 arch/parisc/kernel/unaligned.c | 44 arch/parisc/mm/fault.c | 11 arch/powerpc/include/asm/jump_label.h | 4 arch/powerpc/include/asm/reg.h | 2 arch/powerpc/include/asm/thread_info.h | 2 arch/powerpc/include/asm/uaccess.h | 12 arch/powerpc/kernel/cpu_setup_6xx.S | 20 arch/powerpc/kernel/cpu_specs_e500mc.h | 3 arch/powerpc/kernel/interrupt_64.S | 4 arch/powerpc/kernel/irq_64.c | 2 arch/powerpc/mm/kasan/init_32.c | 1 arch/powerpc/platforms/pseries/lpar.c | 8 arch/riscv/include/asm/hwcap.h | 4 arch/riscv/include/asm/jump_label.h | 4 arch/s390/include/asm/jump_label.h | 4 arch/sparc/include/asm/jump_label.h | 4 arch/um/Makefile | 4 arch/um/include/asm/cpufeature.h | 2 arch/x86/Kconfig.cpu | 2 arch/x86/boot/Makefile | 2 arch/x86/boot/compressed/vmlinux.lds.S | 6 arch/x86/boot/header.S | 211 - arch/x86/boot/setup.ld | 14 arch/x86/boot/tools/build.c | 273 -- arch/x86/include/asm/barrier.h | 18 arch/x86/include/asm/cpufeature.h | 2 arch/x86/include/asm/cpufeatures.h | 2 arch/x86/include/asm/jump_label.h | 6 arch/x86/include/asm/processor.h | 18 arch/x86/include/asm/rmwcc.h | 2 arch/x86/include/asm/special_insns.h | 2 arch/x86/include/asm/uaccess.h | 10 arch/x86/kernel/cpu/amd.c | 3 arch/x86/kernel/cpu/common.c | 7 arch/x86/kernel/cpu/hygon.c | 3 arch/x86/kernel/fpu/signal.c | 13 arch/x86/kvm/svm/svm_ops.h | 6 arch/x86/kvm/vmx/pmu_intel.c | 2 arch/x86/kvm/vmx/vmx.c | 4 arch/x86/kvm/vmx/vmx_ops.h | 6 arch/x86/kvm/x86.c | 3 arch/x86/mm/ident_map.c | 23 arch/xtensa/include/asm/jump_label.h | 4 block/blk-mq.c | 9 block/blk-wbt.c | 4 crypto/algif_hash.c | 5 drivers/android/binder.c | 10 drivers/base/core.c | 15 drivers/base/power/domain.c | 2 drivers/connector/cn_proc.c | 5 drivers/crypto/ccp/sev-dev.c | 10 drivers/firewire/core-device.c | 7 drivers/firmware/efi/libstub/Makefile | 7 drivers/firmware/efi/libstub/x86-stub.c | 46 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 9 drivers/gpu/drm/amd/amdgpu/cik_ih.c | 6 drivers/gpu/drm/amd/amdgpu/cz_ih.c | 5 drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 2 drivers/gpu/drm/amd/amdgpu/iceland_ih.c | 5 drivers/gpu/drm/amd/amdgpu/ih_v6_0.c | 6 drivers/gpu/drm/amd/amdgpu/ih_v6_1.c | 7 drivers/gpu/drm/amd/amdgpu/navi10_ih.c | 6 drivers/gpu/drm/amd/amdgpu/si_ih.c | 6 drivers/gpu/drm/amd/amdgpu/soc21.c | 4 drivers/gpu/drm/amd/amdgpu/tonga_ih.c | 6 drivers/gpu/drm/amd/amdgpu/vega10_ih.c | 6 drivers/gpu/drm/amd/amdgpu/vega20_ih.c | 6 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 14 drivers/gpu/drm/amd/display/dc/dml/Makefile | 6 drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_training.c | 5 drivers/gpu/drm/drm_prime.c | 2 drivers/gpu/drm/msm/msm_gem_prime.c | 4 drivers/gpu/drm/msm/msm_gpu.c | 11 drivers/gpu/drm/msm/msm_iommu.c | 32 drivers/gpu/drm/msm/msm_ringbuffer.c | 7 drivers/gpu/drm/nouveau/nouveau_fence.c | 24 drivers/gpu/drm/nouveau/nouveau_fence.h | 1 drivers/gpu/drm/nouveau/nouveau_svm.c | 2 drivers/gpu/drm/virtio/virtgpu_drv.c | 1 drivers/hid/bpf/hid_bpf_dispatch.c | 83 drivers/hid/bpf/hid_bpf_dispatch.h | 4 drivers/hid/bpf/hid_bpf_jmp_table.c | 40 drivers/hid/i2c-hid/i2c-hid-of.c | 1 drivers/hid/wacom_sys.c | 63 drivers/hid/wacom_wac.c | 9 drivers/i2c/busses/Makefile | 6 drivers/i2c/busses/i2c-i801.c | 4 drivers/i2c/busses/i2c-pasemi-core.c | 6 drivers/i2c/busses/i2c-qcom-geni.c | 14 drivers/iio/accel/Kconfig | 2 drivers/iio/adc/ad4130.c | 12 drivers/iio/imu/bno055/Kconfig | 1 drivers/iio/industrialio-core.c | 5 drivers/iio/light/hid-sensor-als.c | 1 drivers/iio/magnetometer/rm3100-core.c | 10 drivers/iio/pressure/bmp280-spi.c | 1 drivers/interconnect/qcom/sc8180x.c | 1 drivers/interconnect/qcom/sm8550.c | 1 drivers/irqchip/irq-brcmstb-l2.c | 5 drivers/irqchip/irq-gic-v3-its.c | 62 drivers/irqchip/irq-loongson-eiointc.c | 2 drivers/md/dm-core.h | 2 drivers/md/dm-crypt.c | 38 drivers/md/dm-ioctl.c | 3 drivers/md/dm-table.c | 9 drivers/md/dm-verity-target.c | 26 drivers/md/dm-verity.h | 1 drivers/md/md.c | 7 drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c | 2 drivers/media/rc/bpf-lirc.c | 6 drivers/media/rc/ir_toy.c | 2 drivers/media/rc/lirc_dev.c | 5 drivers/media/rc/rc-core-priv.h | 2 drivers/misc/fastrpc.c | 2 drivers/mmc/core/slot-gpio.c | 6 drivers/mmc/host/sdhci-pci-o2micro.c | 30 drivers/net/bonding/bond_main.c | 5 drivers/net/can/dev/netlink.c | 2 drivers/net/dsa/mv88e6xxx/chip.c | 2 drivers/net/ethernet/intel/i40e/i40e_main.c | 2 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 38 drivers/net/ethernet/microchip/lan966x/lan966x_lag.c | 9 drivers/net/ethernet/netronome/nfp/flower/conntrack.c | 46 drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c | 2 drivers/net/ethernet/netronome/nfp/nfp_net_common.c | 1 drivers/net/ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c | 6 drivers/net/ethernet/stmicro/stmmac/common.h | 56 drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c | 15 drivers/net/ethernet/stmicro/stmmac/dwmac4_lib.c | 15 drivers/net/ethernet/stmicro/stmmac/dwmac_lib.c | 15 drivers/net/ethernet/stmicro/stmmac/dwxgmac2_dma.c | 15 drivers/net/ethernet/stmicro/stmmac/stmmac_ethtool.c | 129 - drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 136 - drivers/net/ethernet/ti/cpsw.c | 2 drivers/net/ethernet/ti/cpsw_new.c | 3 drivers/net/hyperv/netvsc.c | 5 drivers/net/hyperv/netvsc_drv.c | 82 drivers/net/wireless/intel/iwlwifi/fw/acpi.c | 15 drivers/net/wireless/intel/iwlwifi/iwl-drv.c | 1 drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 3 drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c | 4 drivers/net/xen-netback/netback.c | 84 drivers/of/property.c | 65 drivers/of/unittest.c | 12 drivers/pci/pci.c | 37 drivers/perf/cxl_pmu.c | 2 drivers/pmdomain/mediatek/mtk-pm-domains.c | 15 drivers/pmdomain/renesas/r8a77980-sysc.c | 3 drivers/s390/net/qeth_l3_main.c | 9 drivers/scsi/fcoe/fcoe_ctlr.c | 20 drivers/scsi/storvsc_drv.c | 12 drivers/spi/spi-imx.c | 9 drivers/spi/spi-ppc4xx.c | 5 drivers/staging/iio/impedance-analyzer/ad5933.c | 2 drivers/thunderbolt/tb_regs.h | 2 drivers/thunderbolt/usb4.c | 2 drivers/tty/serial/max310x.c | 53 drivers/tty/serial/mxs-auart.c | 5 drivers/usb/chipidea/ci.h | 2 drivers/usb/chipidea/core.c | 44 drivers/usb/common/ulpi.c | 2 drivers/usb/core/hub.c | 46 drivers/usb/dwc3/gadget.c | 6 drivers/usb/gadget/function/f_mass_storage.c | 20 drivers/usb/typec/tcpm/tcpm.c | 3 drivers/usb/typec/ucsi/ucsi.c | 2 drivers/usb/typec/ucsi/ucsi_acpi.c | 17 fs/btrfs/block-group.c | 49 fs/btrfs/block-group.h | 7 fs/btrfs/delalloc-space.c | 29 fs/btrfs/disk-io.c | 13 fs/btrfs/inode.c | 26 fs/btrfs/ioctl.c | 5 fs/btrfs/qgroup.c | 14 fs/btrfs/send.c | 2 fs/ceph/caps.c | 3 fs/ext4/mballoc.c | 39 fs/ext4/move_extent.c | 6 fs/hugetlbfs/inode.c | 19 fs/namespace.c | 11 fs/nfsd/nfs4state.c | 11 fs/nilfs2/file.c | 8 fs/nilfs2/recovery.c | 7 fs/nilfs2/segment.c | 8 fs/proc/array.c | 10 fs/smb/client/connect.c | 14 fs/smb/client/fs_context.c | 11 fs/smb/client/namespace.c | 16 fs/smb/client/smb2ops.c | 2 fs/smb/server/smb2pdu.c | 8 fs/tracefs/event_inode.c | 1250 ++++------ fs/tracefs/inode.c | 276 +- fs/tracefs/internal.h | 60 fs/zonefs/file.c | 42 fs/zonefs/super.c | 66 include/asm-generic/vmlinux.lds.h | 6 include/linux/backing-dev-defs.h | 7 include/linux/compiler-gcc.h | 20 include/linux/compiler_types.h | 11 include/linux/iio/adc/ad_sigma_delta.h | 4 include/linux/iio/common/st_sensors.h | 4 include/linux/iio/imu/adis.h | 3 include/linux/init.h | 3 include/linux/lsm_hook_defs.h | 4 include/linux/netfilter/ipset/ip_set.h | 4 include/linux/ptrace.h | 4 include/linux/serial_core.h | 32 include/linux/trace_events.h | 2 include/linux/tracefs.h | 73 include/net/tls.h | 5 include/sound/tas2781.h | 1 init/Kconfig | 9 io_uring/net.c | 5 kernel/sched/membarrier.c | 6 kernel/trace/ftrace.c | 10 kernel/trace/ring_buffer.c | 2 kernel/trace/trace.c | 85 kernel/trace/trace.h | 4 kernel/trace/trace_btf.c | 4 kernel/trace/trace_events.c | 311 +- kernel/trace/trace_events_synth.c | 3 kernel/trace/trace_events_trigger.c | 6 kernel/trace/trace_osnoise.c | 6 kernel/trace/trace_probe.c | 32 kernel/trace/trace_probe.h | 3 kernel/workqueue.c | 8 lib/kobject.c | 24 mm/backing-dev.c | 2 mm/memory.c | 4 mm/page-writeback.c | 4 mm/userfaultfd.c | 15 net/can/j1939/j1939-priv.h | 3 net/can/j1939/main.c | 2 net/can/j1939/socket.c | 46 net/handshake/handshake-test.c | 5 net/hsr/hsr_device.c | 4 net/mac80211/tx.c | 5 net/mptcp/pm_userspace.c | 13 net/mptcp/protocol.c | 25 net/mptcp/protocol.h | 7 net/mptcp/subflow.c | 4 net/netfilter/ipset/ip_set_bitmap_gen.h | 14 net/netfilter/ipset/ip_set_core.c | 39 net/netfilter/ipset/ip_set_hash_gen.h | 19 net/netfilter/ipset/ip_set_list_set.c | 13 net/netfilter/nft_set_pipapo_avx2.c | 2 net/nfc/nci/core.c | 4 net/openvswitch/flow_netlink.c | 49 net/tls/tls_sw.c | 217 - net/wireless/core.c | 1 samples/bpf/asm_goto_workaround.h | 8 scripts/link-vmlinux.sh | 9 scripts/mksysmap | 13 scripts/mod/modpost.c | 18 scripts/mod/sumversion.c | 7 security/security.c | 45 sound/pci/hda/Kconfig | 4 sound/pci/hda/patch_conexant.c | 18 sound/pci/hda/patch_cs8409.c | 1 sound/pci/hda/patch_realtek.c | 20 sound/pci/hda/tas2781_hda_i2c.c | 2 sound/soc/amd/yc/acp6x-mach.c | 14 sound/soc/codecs/rt5645.c | 1 sound/soc/codecs/tas2781-comlib.c | 3 sound/soc/codecs/tas2781-i2c.c | 2 sound/soc/codecs/wcd938x.c | 2 sound/soc/sof/ipc3-topology.c | 55 sound/soc/sof/ipc3.c | 2 tools/arch/x86/include/asm/rmwcc.h | 2 tools/include/linux/compiler_types.h | 4 tools/testing/selftests/kvm/dirty_log_test.c | 50 tools/testing/selftests/kvm/x86_64/amx_test.c | 4 tools/testing/selftests/kvm/x86_64/hyperv_features.c | 9 tools/testing/selftests/landlock/fs_test.c | 11 tools/testing/selftests/mm/charge_reserved_hugetlb.sh | 2 tools/testing/selftests/mm/ksm_tests.c | 2 tools/testing/selftests/mm/map_hugetlb.c | 7 tools/testing/selftests/mm/va_high_addr_switch.sh | 6 tools/testing/selftests/mm/write_hugetlb_memory.sh | 2 tools/testing/selftests/net/forwarding/bridge_locked_port.sh | 4 tools/testing/selftests/net/forwarding/bridge_mdb.sh | 192 - tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh | 8 tools/testing/selftests/net/mptcp/config | 3 tools/testing/selftests/net/mptcp/mptcp_join.sh | 10 tools/testing/selftests/net/mptcp/mptcp_lib.sh | 11 tools/testing/selftests/net/mptcp/settings | 2 tools/testing/selftests/net/mptcp/userspace_pm.sh | 31 tools/testing/selftests/net/test_bridge_backup_port.sh | 394 +-- tools/tracing/rtla/Makefile | 7 tools/tracing/rtla/src/osnoise_hist.c | 9 tools/tracing/rtla/src/osnoise_top.c | 6 tools/tracing/rtla/src/timerlat_hist.c | 9 tools/tracing/rtla/src/timerlat_top.c | 6 tools/tracing/rtla/src/utils.c | 14 tools/tracing/rtla/src/utils.h | 2 tools/verification/rv/Makefile | 7 tools/verification/rv/src/in_kernel.c | 2 329 files changed, 4047 insertions(+), 3126 deletions(-) Aaron Conole (1): net: openvswitch: limit the number of recursions from action sets Aleksander Mazur (1): x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 Alex Williamson (1): PCI: Fix active state requirement in PME polling Alexander Stein (1): mmc: slot-gpio: Allow non-sleeping GPIO ro Alexandra Winter (1): s390/qeth: Fix potential loss of L3-IP@ in case of network issues Alexey Khoroshilov (1): ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() Andrei Vagin (1): x86/fpu: Stop relying on userspace for info to fault in xsave buffer Andrew Lunn (1): net: dsa: mv88e6xxx: Fix failed probe due to unsupported C45 reads Andy Chi (1): ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power Ard Biesheuvel (16): x86/efi: Drop EFI stub .bss from .data section x86/efi: Disregard setup header of loaded image x86/efi: Drop alignment flags from PE section headers x86/boot: Remove the 'bugger off' message x86/boot: Omit compression buffer from PE/COFF image memory footprint x86/boot: Drop redundant code setting the root device x86/boot: Drop references to startup_64 x86/boot: Grab kernel_info offset from zoffset header directly x86/boot: Set EFI handover offset directly in header asm x86/boot: Define setup size in linker script x86/boot: Derive file size from _edata symbol x86/boot: Construct PE/COFF .text section from assembler x86/boot: Drop PE/COFF .reloc section x86/boot: Split off PE/COFF .data section x86/boot: Increase section and file alignment to 4k/512 x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section Arnd Bergmann (3): nouveau/svm: fix kvcalloc() argument order i2c: pasemi: split driver into two separate modules kallsyms: ignore ARMv4 thunks along with others Audra Mitchell (1): selftests/mm: Update va_high_addr_switch.sh to check CPU for la57 flag Baokun Li (2): ext4: fix double-free of blocks due to wrong extents moved_len ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks() Beau Belgrave (1): eventfs: Fix events beyond NAME_MAX blocking tasks Benjamin Tissoires (2): HID: bpf: remove double fdget() HID: bpf: actually free hdev memory after attaching a HID-BPF program Bibo Mao (1): irqchip/loongson-eiointc: Use correct struct type in eiointc_domain_alloc() Boris Burkov (2): btrfs: forbid creating subvol qgroups btrfs: forbid deleting live subvol qgroup Borislav Petkov (AMD) (1): x86/barrier: Do not serialize MSR accesses on AMD Breno Leitao (1): net: sysfs: Fix /sys/class/net/<iface> path for statistics Carlos Llamas (1): binder: signal epoll threads of self-work Carlos Song (1): spi: imx: fix the burst length at DMA mode and CPU mode Christian A. Ehrhardt (3): of: unittest: Fix compile in the non-dynamic case usb: ucsi: Add missing ppm_lock usb: ucsi_acpi: Fix command completion handling Christian Brauner (1): fs: relax mount_setattr() permission checks Chuck Lever (1): net/handshake: Fix handshake_req_destroy_test1 Cosmin Tanislav (2): iio: adc: ad4130: zero-initialize clock init data iio: adc: ad4130: only set GPIO_CTRL if pin is unused Curtis Malainey (1): ASoC: SOF: IPC3: fix message bounds on ipc ops Damien Le Moal (2): zonefs: Improve error handling block: fix partial zone append completion handling in req_bio_endio() Dan Carpenter (4): wifi: iwlwifi: Fix some error codes wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() cifs: fix underflow in parse_server_interfaces() tracing: Fix a NULL vs IS_ERR() bug in event_subsystem_dir() Daniel Basilio (1): nfp: use correct macro for LengthSelect in BAR config Daniel Bristot de Oliveira (7): tracing/timerlat: Move hrtimer_init to timerlat_fd open() tools/rv: Fix curr_reactor uninitialized variable tools/rv: Fix Makefile compiler options for clang tools/rtla: Remove unused sched_getattr() function tools/rtla: Fix clang warning about mount_point var size tools/rtla: Fix uninitialized bucket/data->bucket_size warning tools/rtla: Fix Makefile compiler options for clang Daniel de Villiers (1): nfp: flower: prevent re-adding mac index for bonded port Dave Airlie (1): nouveau: offload fence uevents work to workqueue David Engraf (1): powerpc/cputable: Add missing PPC_FEATURE_BOOKE on PPC64 Book-E David McFarland (1): drm/amd: Don't init MEC2 firmware when it fails to load David Schiller (1): staging: iio: ad5933: fix type mismatch regression David Senoner (1): ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 David Sterba (1): btrfs: send: return EOPNOTSUPP on unknown flags Dinghao Liu (1): iio: core: fix memleak in iio_device_register_sysfs Doug Berger (1): irqchip/irq-brcmstb-l2: Add write memory barrier before exit Easwar Hariharan (1): arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL Ekansh Gupta (1): misc: fastrpc: Mark all sessions as invalid in cb_remove Emmanuel Grumbach (1): wifi: iwlwifi: mvm: fix a crash when we run out of stations Eniac Zhang (1): ALSA: hda/realtek: fix mute/micmute LED For HP mt645 Erick Archer (1): eventfs: Use kcalloc() instead of kzalloc() Esben Haabendal (1): net: stmmac: do not clear TBS enable bit on link up/down Eugen Hristev (1): pmdomain: mediatek: fix race conditions with genpd Fangzhi Zuo (1): drm/amd/display: Fix MST Null Ptr for RV Fedor Pchelkin (2): nfc: nci: free rx_data_reassembly skb on NCI device cleanup ksmbd: free aux buffer if ksmbd_iov_pin_rsp_read fails Filipe Manana (4): btrfs: add and use helper to check if block group is used btrfs: do not delete unused block group if it may be used soon btrfs: don't reserve space for checksums when writing to nocow files btrfs: reject encoded write if inode has nodatasum flag set Fred Ai (1): mmc: sdhci-pci-o2micro: Fix a warm reboot issue that disk can't be detected by BIOS Friedrich Vock (1): drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Gaurav Batra (1): powerpc/pseries/iommu: Fix iommu initialisation during DLPAR add Geert Uytterhoeven (1): pmdomain: renesas: r8a77980-sysc: CR7 must be always on Geliang Tang (2): selftests: mptcp: add mptcp_lib_kill_wait mptcp: check addrs list in userspace_pm_get_local_id Gergo Koteles (1): ASoC: tas2781: add module parameter to tascodec_init() Greg Kroah-Hartman (2): Revert "kobject: Remove redundant checks for whether ktype is NULL" Linux 6.6.18 Guenter Roeck (1): MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler Hangbin Liu (1): selftests/net: convert test_bridge_backup_port.sh to run it in unique namespace Helge Deller (3): parisc: Prevent hung tasks when printing inventory on serial console parisc: BTLB: Fix crash when setting up BTLB at CPU bringup parisc: Fix random data corruption from exception handler Herbert Xu (1): crypto: algif_hash - Remove bogus SGL free on zero-length error path Hojin Nam (1): perf: CXL: fix mismatched cpmu event opcode Horatiu Vultur (1): lan966x: Fix crash when adding interface under a lag Hu Yadi (1): selftests/landlock: Fix fs_test build with old libc Huacai Chen (1): LoongArch: Fix earlycon parameter if KASAN enabled Hugo Villeneuve (4): serial: max310x: set default value when reading clock ready bit serial: max310x: improve crystal stable clock detection serial: max310x: fail probe if clock crystal is unstable serial: max310x: prevent infinite while() loop in port startup Hui Zhou (2): nfp: flower: add hardware offload check for post ct entry nfp: flower: fix hardware offload for the transfer layer port Ido Schimmel (6): selftests: net: Fix bridge backup port test flakiness selftests: forwarding: Fix layer 2 miss test flakiness selftests: forwarding: Fix bridge MDB test flakiness selftests: bridge_mdb: Use MDB get instead of dump selftests: forwarding: Suppress grep warnings selftests: forwarding: Fix bridge locked port test flakiness Ivan Vecera (2): i40e: Do not allow untrusted VF to remove administratively set MAC i40e: Fix waiting for queues of all VSIs to be disabled Jakub Kicinski (5): net: tls: factor out tls_*crypt_async_wait() tls: fix race between async notify and socket close tls: fix race between tx work scheduling and socket close net: tls: handle backlogging of crypto requests net: tls: fix returned read length with async decrypt James Hershaw (1): nfp: enable NETDEV_XDP_ACT_REDIRECT feature flag Jan Beulich (1): xen-netback: properly sync TX responses Jan Kara (1): blk-wbt: Fix detection of dirty-throttled tasks Jason Gerecke (1): HID: wacom: Do not register input devices until after hid_hw_start Jean Delvare (1): i2c: i801: Fix block process call transactions Jens Axboe (1): io_uring/net: fix multishot accept overflow handling Jiangfeng Xiao (1): powerpc/kasan: Fix addr error caused by page alignment Jiapeng Chong (1): tracefs/eventfs: Modify mismatched function name Jiaxun Yang (2): ptrace: Introduce exception_ip arch hook mm/memory: Use exception ip to search exception tables Jiri Slaby (SUSE) (2): serial: core: introduce uart_port_tx_flags() serial: mxs-auart: fix tx Johan Hovold (1): HID: i2c-hid-of: fix NULL-deref on failed power up Johannes Berg (3): wifi: iwlwifi: fix double-free bug wifi: cfg80211: fix wiphy delayed work queueing wifi: mac80211: reload info pointer in ieee80211_tx_dequeue() John Kacur (1): tools/rtla: Exit with EXIT_SUCCESS when help is invoked Josef Bacik (1): btrfs: don't drop extent_map for free space inode on write error José Relvas (1): ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287 thinkpads Jozsef Kadlecsik (2): netfilter: ipset: fix performance regression in swap operation netfilter: ipset: Missing gc cancellations fixed Junxiao Bi (1): md: bypass block throttle for superblock update Kailang Yang (1): ALSA: hda/realtek - Add speaker pin verbtable for Dell dual speaker platform Keqi Wang (1): connector/cn_proc: revert "connector: Fix proc_event_num_listeners count not cleared" Kim Phillips (1): crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked Konrad Dybcio (3): interconnect: qcom: sc8180x: Mark CO0 BCM keepalive interconnect: qcom: sm8550: Enable sync_state pmdomain: core: Move the unused cleanup to a _sync initcall Krzysztof Kozlowski (1): ASoC: codecs: wcd938x: handle deferred probe Lee Duncan (1): scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" Linus Torvalds (10): work around gcc bugs with 'asm goto' with outputs update workarounds for gcc "asm goto" issue tracefs: remove stale update_gid code eventfs: Initialize the tracefs inode properly tracefs: Avoid using the ei->dentry pointer unnecessarily tracefs: dentry lookup crapectomy eventfs: Remove unused d_parent pointer field eventfs: Clean up dentry ops and add revalidate function eventfs: Get rid of dentry pointers without refcounts sched/membarrier: reduce the ability to hammer on sys_membarrier Lokesh Gidra (1): userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb Luka Guzenko (1): ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx Lukas Bulwahn (1): ALSA: hda/cs35l56: select intended config FW_CS_DSP Magnus Karlsson (1): bonding: do not report NETDEV_XDP_ACT_XSK_ZEROCOPY Marc Zyngier (3): irqchip/gic-v3-its: Handle non-coherent GICv4 redistributors irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update Mario Limonciello (3): Revert "drm/amd: flush any delayed gfxoff on suspend entry" iio: accel: bma400: Fix a compilation problem ASoC: amd: yc: Add DMI quirk for Lenovo Ideapad Pro 5 16ARP8 Mark Brown (2): usb: typec: tpcm: Fix issues with power being removed during reset arm64/signal: Don't assume that TIF_SVE means we saved SVE state Masahiro Yamada (1): linux/init: remove __memexit* annotations Masami Hiramatsu (Google) (5): tracing/trigger: Fix to return error if failed to alloc snapshot tracing/probes: Fix to show a parse error for bad type for $comm tracing/probes: Fix to set arg size and fmt after setting type from BTF tracing/probes: Fix to search structure fields correctly ftrace: Fix DIRECT_CALLS to use SAVE_REGS by default Matthias Schiffer (1): powerpc/6xx: set High BAT Enable flag on G2_LE cores Matthieu Baerts (NGI0) (5): selftests: mptcp: add missing kconfig for NF Filter selftests: mptcp: add missing kconfig for NF Filter in v6 selftests: mptcp: add missing kconfig for NF Mangle selftests: mptcp: increase timeout to 30 min selftests: mptcp: allow changing subtests prefix Maxime Jayat (1): can: netlink: Fix TDCO calculation using the old data bittiming Michael Ellerman (2): powerpc/kasan: Limit KASAN thread size increase to 32KB Revert "powerpc/pseries/iommu: Fix iommu initialisation during DLPAR add" Michael Kelley (1): scsi: storvsc: Fix ring buffer size calculation Mikulas Patocka (2): dm-crypt, dm-verity: disable tasklets dm: limit the number of targets and parameter size area Mingwei Zhang (1): KVM: x86/pmu: Fix type length error when reading pmu->fixed_ctr_ctrl Mohammad Rahimi (1): thunderbolt: Fix setting the CNS bit in ROUTER_CS_5 Muhammad Usama Anjum (1): selftests/mm: switch to bash from sh Nathan Chancellor (5): kbuild: Fix changing ELF file type for output of gen_btf for big endian um: Fix adding '-no-pie' for clang modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS drm/amd/display: Increase frame-larger-than for all display_mode_vba files eventfs: Use ERR_CAST() in eventfs_create_events_dir() Naveen N Rao (1): powerpc/64: Set task pt_regs->link to the LR value on scv entry NeilBrown (1): nfsd: don't take fi_lock in nfsd_break_deleg_cb() Nico Pache (1): selftests: mm: fix map_hugetlb failure on 64K page size systems Nikita Zhandarovich (1): net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Nuno Sa (4): iio: commom: st_sensors: ensure proper DMA alignment iio: adc: ad_sigma_delta: ensure proper DMA alignment iio: imu: adis: ensure proper DMA alignment of: property: fix typo in io-channels Oleg Nesterov (1): fs/proc: do_task_stat: move thread_group_cputime_adjusted() outside of lock_task_sighand() Oleksij Rempel (1): can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Oliver Neukum (1): USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT Ondrej Mosnacek (2): lsm: fix default return value of the socket_getpeersec_*() hooks lsm: fix the logic in security_inode_getsecctx() Oscar Salvador (1): fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super Paolo Abeni (4): mptcp: fix data re-injection from stale subflow mptcp: drop the push_pending field mptcp: fix rcv space initialization mptcp: really cope with fastopen race Parav Pandit (1): devlink: Fix command annotation documentation Paulo Alcantara (1): smb: client: set correct id, uid and cruid for multiuser automounts Petr Pavlu (1): tracing: Fix HAVE_DYNAMIC_FTRACE_WITH_REGS ifdef Petr Tesarik (1): net: stmmac: protect updates of 64-bit statistics counters Philip Yang (1): drm/prime: Support page array >= 4GB Prakash Sangappa (1): mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE Prasad Pandit (1): KVM: x86: make KVM_REQ_NMI request iff NMI pending for vcpu Qu Wenruo (1): btrfs: do not ASSERT() if the newly created subvolume already got read Radek Krejci (1): modpost: trim leading spaces when processing source files list Randy Dunlap (1): iio: imu: bno055: serdev requires REGMAP Ranjani Sridharan (1): ASoC: SOF: ipc3-topology: Fix pipeline tear down logic Rishabh Dave (1): ceph: prevent use-after-free in encode_cap_msg() Rob Clark (3): drm/msm/gem: Fix double resv lock aquire Revert "drm/msm/gpu: Push gpu lock down past runpm" drm/msm: Wire up tlb ops Ryan Roberts (1): selftests/mm: ksm_tests should only MADV_HUGEPAGE valid memory Ryusuke Konishi (3): nilfs2: fix data corruption in dsync block recovery for small block sizes nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() nilfs2: fix potential bug in end_buffer_async_write Sabrina Dubroca (2): tls: extract context alloc/initialization out of tls_set_sw_offload net: tls: fix use-after-free with partial reads and async decrypt Sam Protsenko (1): iio: pressure: bmp280: Add missing bmp085 to SPI id table Samuel Holland (1): scs: add CONFIG_MMU dependency for vfree_atomic() Saravana Kannan (5): driver core: Fix device_link_flag_is_sync_state_only() of: property: Improve finding the consumer of a remote-endpoint property of: property: Improve finding the supplier of a remote-endpoint property driver core: fw_devlink: Improve detection of overlapping cycles of: property: Add in-ports/out-ports support to of_graph_get_port_parent() Sean Anderson (1): usb: ulpi: Fix debugfs directory leak Sean Christopherson (2): KVM: selftests: Delete superfluous, unused "stage" variable in AMX test KVM: selftests: Fix a semaphore imbalance in the dirty ring logging test Sean Young (1): media: rc: bpf attach/detach requires write permission Sebastian Ene (1): KVM: arm64: Fix circular locking dependency Sebastian Ott (1): drm/virtio: Set segment size for virtio_gpu device Shradha Gupta (1): hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed Shrikanth Hegde (1): powerpc/pseries: fix accuracy of stolen time Shuming Fan (1): ALSA: hda/realtek: add IDs for Dell dual spk platform Sinthu Raja (2): net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio net: ethernet: ti: cpsw_new: enable mac_managed_pm to fix mdio Souradeep Chakrabarti (1): hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove Srinivas Pandruvada (1): iio: hid-sensor-als: Return 0 for HID_USAGE_SENSOR_TIME_TIMESTAMP Steve French (1): smb: Fix regression in writes when non-standard maximum write size negotiated Steve Wahl (1): x86/mm/ident_map: Use gbpages only where full GB page should be mapped. Steven Rostedt (Google) (49): tracing: Fix wasted memory in saved_cmdlines logic tracing: Inform kmemleak of saved_cmdlines allocation Revert "eventfs: Do not allow NULL parent to eventfs_start_creating()" Revert "eventfs: Check for NULL ef in eventfs_set_attr()" Revert "eventfs: Use simple_recursive_removal() to clean up dentries" Revert "eventfs: Delete eventfs_inode when the last dentry is freed" Revert "eventfs: Save ownership and mode" Revert "eventfs: Remove "is_freed" union with rcu head" eventfs: Remove eventfs_file and just use eventfs_inode eventfs: Use eventfs_remove_events_dir() eventfs: Fix failure path in eventfs_create_events_dir() eventfs: Fix WARN_ON() in create_file_dentry() eventfs: Fix typo in eventfs_inode union comment eventfs: Remove extra dget() in eventfs_create_events_dir() eventfs: Fix kerneldoc of eventfs_remove_rec() eventfs: Remove "is_freed" union with rcu head eventfs: Have a free_ei() that just frees the eventfs_inode eventfs: Test for ei->is_freed when accessing ei->dentry eventfs: Save ownership and mode eventfs: Hold eventfs_mutex when calling callback functions eventfs: Delete eventfs_inode when the last dentry is freed eventfs: Remove special processing of dput() of events directory eventfs: Use simple_recursive_removal() to clean up dentries eventfs: Remove expectation that ei->is_freed means ei->dentry == NULL eventfs: Do not invalidate dentry in create_file/dir_dentry() eventfs: Use GFP_NOFS for allocation when eventfs_mutex is held eventfs: Move taking of inode_lock into dcache_dir_open_wrapper() eventfs: Do not allow NULL parent to eventfs_start_creating() eventfs: Make sure that parent->d_inode is locked in creating files/dirs eventfs: Have event files and directories default to parent uid and gid eventfs: Fix file and directory uid and gid ownership tracefs: Check for dentry->d_inode exists in set_gid() eventfs: Fix bitwise fields for "is_events" eventfs: Remove "lookup" parameter from create_dir/file_dentry() eventfs: Stop using dcache_readdir() for getdents() tracefs/eventfs: Use root and instance inodes as default ownership eventfs: Have eventfs_iterate() stop immediately if ei->is_freed is set eventfs: Do ctx->pos update for all iterations in eventfs_iterate() eventfs: Read ei->entries before ei->children in eventfs_iterate() eventfs: Shortcut eventfs_iterate() by skipping entries already read eventfs: Have the inodes all for files and directories all be the same eventfs: Do not create dentries nor inodes in iterate_shared eventfs: Save directory inodes in the eventfs_inode structure tracefs: Zero out the tracefs_inode when allocating it eventfs: Warn if an eventfs_inode is freed without is_freed being set eventfs: Restructure eventfs_inode structure to be more condensed eventfs: Remove fsnotify*() functions from lookup() eventfs: Keep all directory links at 1 tracing: Make system_callback() function static Takashi Sakamoto (1): firewire: core: correct documentation of fw_csr_string() kernel API Tatsunosuke Tobita (1): HID: wacom: generic: Avoid reporting a serial of '0' to userspace Techno Mooney (1): ASoC: amd: yc: Add DMI quirk for MSI Bravo 15 C7VF Tejun Heo (1): Revert "workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask()" Thong (1): drm/amdgpu/soc21: update VCN 4 max HEVC encoding resolution Thorsten Blum (1): tracing/synthetic: Fix trace_string() return value Tom Chung (1): drm/amd/display: Preserve original aspect ratio in create stream Tomi Valkeinen (1): media: Revert "media: rkisp1: Drop IRQF_SHARED" Udipto Goswami (1): usb: core: Prevent null pointer dereference in update_port_device_state Uttkarsh Aggarwal (1): usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend Uwe Kleine-König (1): spi: ppc4xx: Drop write-only variable Vegard Nossum (2): docs: kernel_feat.py: fix build error for missing files Documentation/arch/ia64/features.rst: fix kernel-feat directive Viken Dadhaniya (1): i2c: qcom-geni: Correct I2C TRE sequence Vincent Donnefort (1): ring-buffer: Clean ring_buffer_poll_wait() error return Vitaly Kuznetsov (1): KVM: selftests: Avoid infinite loop in hyperv_features when invtsc is missing Vitaly Rodionov (1): ALSA: hda/cs8409: Suppress vmaster control for Dolphin models Xu Yang (1): usb: chipidea: core: handle power lost in workqueue Zach O'Keefe (1): mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again Zhikai Zhai (1): drm/amd/display: Add align done check Zhipeng Lu (1): media: ir_toy: fix a memleak in irtoy_tx Ziqi Zhao (1): can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock bo liu (1): ALSA: hda/conexant: Add quirk for SWS JS201D limingming3 (1): tools/rtla: Replace setting prio with nice for SCHED_OTHER yuan linyu (1): usb: f_mass_storage: forbid async queue when shutdown happen zhili.liu (1): iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC

1 year, 6 months

1
1
0 0

[PATCH] firmware/psci: Move psci_init_system_suspend() to late_initcall()

by Maulik Shah

psci_init_system_suspend() invokes suspend_set_ops() very early during bootup even before kernel command line for mem_sleep_default is setup. This leads to kernel command line mem_sleep_default=s2idle not working as mem_sleep_current gets changed to deep via suspend_set_ops() and never changes back to s2idle. Move psci_init_system_suspend() to late_initcall() to make sure kernel command line mem_sleep_default=s2idle sets up s2idle as default suspend mode. Fixes: faf7ec4a92c0 ("drivers: firmware: psci: add system suspend support") CC: stable(a)vger.kernel.org # 5.15+ Signed-off-by: Maulik Shah <quic_mkshah(a)quicinc.com> --- drivers/firmware/psci/psci.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/drivers/firmware/psci/psci.c b/drivers/firmware/psci/psci.c index d9629ff87861..655a2db70a67 100644 --- a/drivers/firmware/psci/psci.c +++ b/drivers/firmware/psci/psci.c @@ -523,18 +523,26 @@ static void __init psci_init_system_reset2(void) psci_system_reset2_supported = true; } -static void __init psci_init_system_suspend(void) +static int __init psci_init_system_suspend(void) { int ret; + u32 ver; if (!IS_ENABLED(CONFIG_SUSPEND)) - return; + return 0; + + ver = psci_0_2_get_version(); + if (PSCI_VERSION_MAJOR(ver) < 1) + return 0; ret = psci_features(PSCI_FN_NATIVE(1_0, SYSTEM_SUSPEND)); if (ret != PSCI_RET_NOT_SUPPORTED) suspend_set_ops(&psci_suspend_ops); + + return ret; } +late_initcall(psci_init_system_suspend) static void __init psci_init_cpu_suspend(void) { @@ -651,7 +659,6 @@ static int __init psci_probe(void) if (PSCI_VERSION_MAJOR(ver) >= 1) { psci_init_smccc(); psci_init_cpu_suspend(); - psci_init_system_suspend(); psci_init_system_reset2(); kvm_init_hyp_services(); } --- base-commit: d37e1e4c52bc60578969f391fb81f947c3e83118 change-id: 20240219-suspend_ops_late_init-27fb0b15baee Best regards, -- Maulik Shah <quic_mkshah(a)quicinc.com>

1 year, 6 months

4
3
0 0

Linux 6.1.79

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.79 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-class-net-statistics | 48 +- Documentation/arm64/silicon-errata.rst | 7 Documentation/devicetree/bindings/net/wireless/marvell-8xxx.txt | 4 Makefile | 8 arch/Kconfig | 1 arch/arc/include/asm/jump_label.h | 4 arch/arm/boot/dts/imx6q-apalis-ixora-v1.2.dts | 2 arch/arm/include/asm/jump_label.h | 4 arch/arm64/boot/dts/qcom/apq8016-sbc.dts | 4 arch/arm64/boot/dts/qcom/msm8916.dtsi | 2 arch/arm64/boot/dts/qcom/sdm845.dtsi | 4 arch/arm64/boot/dts/qcom/sm8150.dtsi | 4 arch/arm64/include/asm/alternative-macros.h | 4 arch/arm64/include/asm/cputype.h | 4 arch/arm64/include/asm/jump_label.h | 4 arch/arm64/kernel/cpu_errata.c | 3 arch/arm64/kernel/vdso32/Makefile | 2 arch/csky/include/asm/jump_label.h | 4 arch/mips/include/asm/checksum.h | 3 arch/mips/include/asm/jump_label.h | 4 arch/parisc/Kconfig | 1 arch/parisc/include/asm/assembly.h | 1 arch/parisc/include/asm/extable.h | 64 ++ arch/parisc/include/asm/jump_label.h | 4 arch/parisc/include/asm/special_insns.h | 6 arch/parisc/include/asm/uaccess.h | 48 -- arch/parisc/kernel/drivers.c | 3 arch/parisc/kernel/unaligned.c | 44 - arch/parisc/mm/fault.c | 11 arch/powerpc/include/asm/bug.h | 2 arch/powerpc/include/asm/jump_label.h | 4 arch/powerpc/include/asm/thread_info.h | 2 arch/powerpc/include/asm/uaccess.h | 8 arch/powerpc/kernel/cpu_specs_e500mc.h | 3 arch/powerpc/kernel/interrupt_64.S | 4 arch/powerpc/kernel/irq_64.c | 2 arch/powerpc/mm/kasan/init_32.c | 1 arch/powerpc/platforms/pseries/lpar.c | 8 arch/riscv/include/asm/jump_label.h | 4 arch/s390/include/asm/jump_label.h | 4 arch/sparc/include/asm/jump_label.h | 4 arch/um/Makefile | 4 arch/um/include/asm/cpufeature.h | 2 arch/x86/Kconfig.cpu | 2 arch/x86/include/asm/cpufeature.h | 2 arch/x86/include/asm/jump_label.h | 6 arch/x86/include/asm/rmwcc.h | 2 arch/x86/include/asm/uaccess.h | 10 arch/x86/include/asm/virtext.h | 12 arch/x86/kernel/fpu/signal.c | 13 arch/x86/kvm/svm/svm_ops.h | 6 arch/x86/kvm/vmx/pmu_intel.c | 2 arch/x86/kvm/vmx/vmx.c | 8 arch/x86/kvm/vmx/vmx_ops.h | 6 arch/x86/mm/ident_map.c | 23 - arch/xtensa/include/asm/jump_label.h | 4 block/blk-mq.c | 9 drivers/android/binder.c | 10 drivers/base/core.c | 15 drivers/base/power/domain.c | 2 drivers/bus/moxtet.c | 7 drivers/crypto/ccp/sev-dev.c | 10 drivers/dma/ioat/dma.c | 12 drivers/firewire/core-device.c | 7 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 9 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 2 drivers/gpu/drm/amd/display/dc/dml/Makefile | 6 drivers/gpu/drm/drm_prime.c | 2 drivers/gpu/drm/msm/msm_iommu.c | 32 + drivers/gpu/drm/nouveau/nouveau_svm.c | 2 drivers/gpu/drm/virtio/virtgpu_drv.c | 1 drivers/hid/i2c-hid/i2c-hid-of.c | 1 drivers/hid/wacom_sys.c | 63 +- drivers/hid/wacom_wac.c | 9 drivers/i2c/busses/Makefile | 6 drivers/i2c/busses/i2c-i801.c | 4 drivers/i2c/busses/i2c-pasemi-core.c | 5 drivers/i2c/busses/i2c-qcom-geni.c | 14 drivers/iio/accel/Kconfig | 2 drivers/iio/imu/bno055/Kconfig | 1 drivers/iio/industrialio-core.c | 5 drivers/iio/light/hid-sensor-als.c | 1 drivers/iio/magnetometer/rm3100-core.c | 10 drivers/infiniband/hw/irdma/verbs.c | 7 drivers/interconnect/qcom/sc8180x.c | 1 drivers/irqchip/irq-brcmstb-l2.c | 5 drivers/irqchip/irq-gic-v3-its.c | 22 drivers/irqchip/irq-loongson-eiointc.c | 2 drivers/md/dm-core.h | 2 drivers/md/dm-crypt.c | 37 - drivers/md/dm-ioctl.c | 3 drivers/md/dm-table.c | 9 drivers/md/dm-verity-target.c | 26 - drivers/md/dm-verity.h | 1 drivers/md/md.c | 7 drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c | 2 drivers/media/rc/bpf-lirc.c | 6 drivers/media/rc/ir_toy.c | 2 drivers/media/rc/lirc_dev.c | 5 drivers/media/rc/rc-core-priv.h | 2 drivers/misc/fastrpc.c | 2 drivers/mmc/core/slot-gpio.c | 6 drivers/mmc/host/sdhci-pci-o2micro.c | 30 + drivers/net/can/dev/netlink.c | 2 drivers/net/ethernet/intel/i40e/i40e_main.c | 2 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 38 + drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c | 2 drivers/net/ethernet/microchip/lan966x/lan966x_lag.c | 9 drivers/net/ethernet/netronome/nfp/flower/conntrack.c | 24 - drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c | 2 drivers/net/ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c | 6 drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 3 drivers/net/ethernet/ti/cpsw.c | 2 drivers/net/ethernet/ti/cpsw_new.c | 3 drivers/net/hyperv/netvsc.c | 5 drivers/net/hyperv/netvsc_drv.c | 82 ++- drivers/net/wireless/intel/iwlwifi/fw/acpi.c | 15 drivers/net/wireless/marvell/mwifiex/Kconfig | 5 drivers/net/wireless/marvell/mwifiex/sdio.c | 46 +- drivers/net/wireless/marvell/mwifiex/sdio.h | 3 drivers/net/xen-netback/netback.c | 84 +-- drivers/of/property.c | 18 drivers/of/unittest.c | 12 drivers/s390/net/qeth_l3_main.c | 9 drivers/scsi/fcoe/fcoe_ctlr.c | 20 drivers/scsi/storvsc_drv.c | 12 drivers/spi/spi-ppc4xx.c | 5 drivers/staging/iio/impedance-analyzer/ad5933.c | 2 drivers/tty/serial/max310x.c | 53 +- drivers/usb/common/ulpi.c | 2 drivers/usb/core/hub.c | 30 - drivers/usb/dwc3/gadget.c | 6 drivers/usb/gadget/function/f_mass_storage.c | 20 drivers/usb/typec/ucsi/ucsi.c | 2 drivers/usb/typec/ucsi/ucsi_acpi.c | 17 fs/btrfs/block-group.c | 49 ++ fs/btrfs/block-group.h | 7 fs/btrfs/delalloc-space.c | 29 - fs/btrfs/disk-io.c | 13 fs/btrfs/inode.c | 26 + fs/btrfs/ioctl.c | 5 fs/btrfs/qgroup.c | 14 fs/btrfs/send.c | 2 fs/ceph/caps.c | 3 fs/ext4/mballoc.c | 39 - fs/ext4/move_extent.c | 6 fs/hugetlbfs/inode.c | 19 fs/namespace.c | 11 fs/nfsd/nfs4state.c | 37 - fs/nilfs2/dat.c | 27 - fs/nilfs2/file.c | 8 fs/nilfs2/recovery.c | 7 fs/nilfs2/segment.c | 8 fs/ntfs3/fsntfs.c | 16 fs/ntfs3/index.c | 3 fs/proc/array.c | 10 fs/smb/client/cached_dir.c | 8 fs/smb/client/smb2ops.c | 2 fs/smb/client/smb2pdu.c | 93 ++-- fs/smb/client/smb2proto.h | 12 fs/smb/server/smb2pdu.c | 8 fs/zonefs/file.c | 42 + fs/zonefs/super.c | 66 +- include/asm-generic/vmlinux.lds.h | 6 include/linux/bpf.h | 12 include/linux/cleanup.h | 171 +++++++ include/linux/compiler-clang.h | 9 include/linux/compiler-gcc.h | 20 include/linux/compiler_attributes.h | 6 include/linux/compiler_types.h | 11 include/linux/device.h | 7 include/linux/file.h | 6 include/linux/iio/adc/ad_sigma_delta.h | 4 include/linux/iio/common/st_sensors.h | 4 include/linux/iio/imu/adis.h | 3 include/linux/init.h | 3 include/linux/irqflags.h | 7 include/linux/mmc/sdio_ids.h | 1 include/linux/mutex.h | 4 include/linux/netfilter/ipset/ip_set.h | 4 include/linux/percpu.h | 4 include/linux/preempt.h | 5 include/linux/rcupdate.h | 3 include/linux/rwsem.h | 8 include/linux/sched/task.h | 2 include/linux/slab.h | 3 include/linux/spinlock.h | 31 + include/linux/srcu.h | 5 include/net/tls.h | 5 init/Kconfig | 9 io_uring/net.c | 5 kernel/bpf/helpers.c | 67 +- kernel/bpf/verifier.c | 3 kernel/sched/membarrier.c | 6 kernel/time/hrtimer.c | 14 kernel/trace/bpf_trace.c | 56 +- kernel/trace/ring_buffer.c | 2 kernel/trace/trace.c | 78 +-- kernel/trace/trace_events_trigger.c | 6 lib/mpi/ec.c | 3 mm/page-writeback.c | 2 mm/userfaultfd.c | 15 net/can/j1939/j1939-priv.h | 3 net/can/j1939/main.c | 2 net/can/j1939/socket.c | 46 +- net/core/skbuff.c | 3 net/hsr/hsr_device.c | 4 net/mac80211/tx.c | 5 net/mptcp/pm_userspace.c | 13 net/mptcp/protocol.c | 24 - net/mptcp/protocol.h | 4 net/netfilter/ipset/ip_set_bitmap_gen.h | 14 net/netfilter/ipset/ip_set_core.c | 39 + net/netfilter/ipset/ip_set_hash_gen.h | 19 net/netfilter/ipset/ip_set_list_set.c | 13 net/netfilter/nft_set_pipapo_avx2.c | 2 net/nfc/nci/core.c | 4 net/openvswitch/flow_netlink.c | 49 +- net/tls/tls.h | 1 net/tls/tls_main.c | 2 net/tls/tls_sw.c | 226 ++++++---- net/wireless/core.c | 1 net/xfrm/xfrm_input.c | 77 +-- net/xfrm/xfrm_output.c | 33 - samples/bpf/asm_goto_workaround.h | 8 scripts/Makefile.modpost | 1 scripts/checkpatch.pl | 2 scripts/link-vmlinux.sh | 9 scripts/mod/modpost.c | 43 + scripts/mod/sumversion.c | 7 security/apparmor/include/lib.h | 6 security/security.c | 14 sound/pci/hda/patch_conexant.c | 18 sound/pci/hda/patch_cs8409.c | 1 sound/pci/hda/patch_realtek.c | 11 sound/soc/amd/yc/acp6x-mach.c | 14 sound/soc/codecs/rt5645.c | 1 sound/soc/codecs/wcd938x.c | 2 tools/arch/x86/include/asm/rmwcc.h | 2 tools/include/linux/compiler_types.h | 4 tools/testing/selftests/drivers/net/mlxsw/spectrum-2/tc_flower.sh | 56 ++ tools/testing/selftests/kvm/dirty_log_test.c | 77 +-- tools/testing/selftests/net/mptcp/config | 3 tools/testing/selftests/net/mptcp/settings | 2 tools/testing/selftests/vm/ksm_tests.c | 2 tools/testing/selftests/vm/va_128TBswitch.sh | 6 tools/tracing/rtla/Makefile | 7 tools/tracing/rtla/src/osnoise_hist.c | 9 tools/tracing/rtla/src/osnoise_top.c | 6 tools/tracing/rtla/src/timerlat_hist.c | 9 tools/tracing/rtla/src/timerlat_top.c | 6 tools/tracing/rtla/src/utils.c | 12 tools/tracing/rtla/src/utils.h | 2 254 files changed, 2393 insertions(+), 1127 deletions(-) Aaron Conole (1): net: openvswitch: limit the number of recursions from action sets Aleksander Mazur (1): x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 Alexander Stein (1): mmc: slot-gpio: Allow non-sleeping GPIO ro Alexandra Winter (1): s390/qeth: Fix potential loss of L3-IP@ in case of network issues Alexey Khoroshilov (1): ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() Andrei Vagin (1): x86/fpu: Stop relying on userspace for info to fault in xsave buffer Andrejs Cainikovs (1): ARM: dts: imx6q-apalis: add can power-up delay on ixora board Andy Chi (1): ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power Arnd Bergmann (2): nouveau/svm: fix kvcalloc() argument order i2c: pasemi: split driver into two separate modules Audra Mitchell (1): selftests/mm: Update va_high_addr_switch.sh to check CPU for la57 flag Baokun Li (2): ext4: fix double-free of blocks due to wrong extents moved_len ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks() Bibo Mao (1): irqchip/loongson-eiointc: Use correct struct type in eiointc_domain_alloc() Boris Burkov (2): btrfs: forbid creating subvol qgroups btrfs: forbid deleting live subvol qgroup Breno Leitao (1): net: sysfs: Fix /sys/class/net/<iface> path for statistics Carlos Llamas (1): binder: signal epoll threads of self-work Christian A. Ehrhardt (3): of: unittest: Fix compile in the non-dynamic case usb: ucsi: Add missing ppm_lock usb: ucsi_acpi: Fix command completion handling Christian Brauner (1): fs: relax mount_setattr() permission checks Damien Le Moal (2): zonefs: Improve error handling block: fix partial zone append completion handling in req_bio_endio() Dan Carpenter (3): wifi: iwlwifi: Fix some error codes wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() cifs: fix underflow in parse_server_interfaces() Daniel Basilio (1): nfp: use correct macro for LengthSelect in BAR config Daniel Bristot de Oliveira (3): tools/rtla: Remove unused sched_getattr() function tools/rtla: Fix uninitialized bucket/data->bucket_size warning tools/rtla: Fix Makefile compiler options for clang Daniel de Villiers (1): nfp: flower: prevent re-adding mac index for bonded port David Engraf (1): powerpc/cputable: Add missing PPC_FEATURE_BOOKE on PPC64 Book-E David Howells (1): tls/sw: Use splice_eof() to flush David Lin (2): wifi: mwifiex: add extra delay for firmware ready wifi: mwifiex: fix uninitialized firmware_stat David Schiller (1): staging: iio: ad5933: fix type mismatch regression David Senoner (1): ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 David Sterba (1): btrfs: send: return EOPNOTSUPP on unknown flags Davidlohr Bueso (1): hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range() Dinghao Liu (1): iio: core: fix memleak in iio_device_register_sysfs Doug Berger (1): irqchip/irq-brcmstb-l2: Add write memory barrier before exit Easwar Hariharan (1): arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL Ekansh Gupta (1): misc: fastrpc: Mark all sessions as invalid in cb_remove Eniac Zhang (1): ALSA: hda/realtek: fix mute/micmute LED For HP mt645 Eric Dumazet (1): net: prevent mss overflow in skb_segment() Esben Haabendal (1): net: stmmac: do not clear TBS enable bit on link up/down Fedor Pchelkin (2): nfc: nci: free rx_data_reassembly skb on NCI device cleanup ksmbd: free aux buffer if ksmbd_iov_pin_rsp_read fails Filipe Manana (4): btrfs: add and use helper to check if block group is used btrfs: do not delete unused block group if it may be used soon btrfs: don't reserve space for checksums when writing to nocow files btrfs: reject encoded write if inode has nodatasum flag set Fred Ai (1): mmc: sdhci-pci-o2micro: Fix a warm reboot issue that disk can't be detected by BIOS Gavin Shan (1): KVM: selftests: Clear dirty ring states between two modes in dirty_log_test Geliang Tang (1): mptcp: check addrs list in userspace_pm_get_local_id Greg Kroah-Hartman (1): Linux 6.1.79 Guenter Roeck (1): MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler Helge Deller (2): parisc: Prevent hung tasks when printing inventory on serial console parisc: Fix random data corruption from exception handler Herbert Xu (4): xfrm: Remove inner/outer modes from output path xfrm: Remove inner/outer modes from input path xfrm: Use xfrm_state selector for BEET input xfrm: Silence warnings triggerable by bad packets Horatiu Vultur (1): lan966x: Fix crash when adding interface under a lag Hugo Villeneuve (4): serial: max310x: set default value when reading clock ready bit serial: max310x: improve crystal stable clock detection serial: max310x: fail probe if clock crystal is unstable serial: max310x: prevent infinite while() loop in port startup Hui Zhou (1): nfp: flower: fix hardware offload for the transfer layer port Ido Schimmel (1): mlxsw: spectrum_acl_tcam: Fix stack corruption Ivan Vecera (2): i40e: Do not allow untrusted VF to remove administratively set MAC i40e: Fix waiting for queues of all VSIs to be disabled Jakub Kicinski (3): net: tls: factor out tls_*crypt_async_wait() tls: fix race between async notify and socket close net: tls: fix returned read length with async decrypt Jan Beulich (1): xen-netback: properly sync TX responses Jann Horn (1): tls: fix NULL deref on tls_sw_splice_eof() with empty record Jason Gerecke (1): HID: wacom: Do not register input devices until after hid_hw_start Jean Delvare (1): i2c: i801: Fix block process call transactions Jens Axboe (1): io_uring/net: fix multishot accept overflow handling Jiangfeng Xiao (1): powerpc/kasan: Fix addr error caused by page alignment Jiri Olsa (3): bpf: Add struct for bin_args arg in bpf_bprintf_prepare bpf: Do cleanup in bpf_bprintf_cleanup only when needed bpf: Remove trace_printk_lock Johan Hovold (3): HID: i2c-hid-of: fix NULL-deref on failed power up arm64: dts: qcom: sdm845: fix USB SS wakeup arm64: dts: qcom: sm8150: fix USB SS wakeup Johannes Berg (2): wifi: cfg80211: fix wiphy delayed work queueing wifi: mac80211: reload info pointer in ieee80211_tx_dequeue() John Kacur (1): tools/rtla: Exit with EXIT_SUCCESS when help is invoked Josef Bacik (1): btrfs: don't drop extent_map for free space inode on write error José Relvas (1): ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287 thinkpads Jozsef Kadlecsik (2): netfilter: ipset: fix performance regression in swap operation netfilter: ipset: Missing gc cancellations fixed Junxiao Bi (1): md: bypass block throttle for superblock update Kim Phillips (1): crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked Konrad Dybcio (2): interconnect: qcom: sc8180x: Mark CO0 BCM keepalive pmdomain: core: Move the unused cleanup to a _sync initcall Konstantin Komarov (1): fs/ntfs3: Add null pointer checks Krzysztof Kozlowski (1): ASoC: codecs: wcd938x: handle deferred probe Lee Duncan (1): scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" Linus Torvalds (3): work around gcc bugs with 'asm goto' with outputs update workarounds for gcc "asm goto" issue sched/membarrier: reduce the ability to hammer on sys_membarrier Lokesh Gidra (1): userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb Luka Guzenko (1): ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx Lukas Wunner (1): wifi: mwifiex: Support SD8978 chipset Marc Zyngier (1): irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update Mario Limonciello (3): Revert "drm/amd: flush any delayed gfxoff on suspend entry" iio: accel: bma400: Fix a compilation problem ASoC: amd: yc: Add DMI quirk for Lenovo Ideapad Pro 5 16ARP8 Masahiro Yamada (2): modpost: propagate W=1 build option to modpost linux/init: remove __memexit* annotations Masami Hiramatsu (Google) (1): tracing/trigger: Fix to return error if failed to alloc snapshot Matthieu Baerts (NGI0) (4): selftests: mptcp: add missing kconfig for NF Filter selftests: mptcp: add missing kconfig for NF Filter in v6 selftests: mptcp: add missing kconfig for NF Mangle selftests: mptcp: increase timeout to 30 min Maxime Jayat (1): can: netlink: Fix TDCO calculation using the old data bittiming Michael Ellerman (1): powerpc/kasan: Limit KASAN thread size increase to 32KB Michael Kelley (1): scsi: storvsc: Fix ring buffer size calculation Mike Marciniszyn (1): RDMA/irdma: Ensure iWarp QP queue memory is OS paged aligned Mikulas Patocka (2): dm-crypt, dm-verity: disable tasklets dm: limit the number of targets and parameter size area Mingwei Zhang (1): KVM: x86/pmu: Fix type length error when reading pmu->fixed_ctr_ctrl Nathan Chancellor (5): kbuild: Fix changing ELF file type for output of gen_btf for big endian modpost: Include '.text.*' in TEXT_SECTIONS um: Fix adding '-no-pie' for clang modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS drm/amd/display: Increase frame-larger-than for all display_mode_vba files Naveen N Rao (1): powerpc/64: Set task pt_regs->link to the LR value on scv entry NeilBrown (2): nfsd: fix RELEASE_LOCKOWNER nfsd: don't take fi_lock in nfsd_break_deleg_cb() Nikita Zhandarovich (1): net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Nuno Sa (4): iio: commom: st_sensors: ensure proper DMA alignment iio: adc: ad_sigma_delta: ensure proper DMA alignment iio: imu: adis: ensure proper DMA alignment of: property: fix typo in io-channels Oleg Nesterov (1): fs/proc: do_task_stat: move thread_group_cputime_adjusted() outside of lock_task_sighand() Oleksij Rempel (1): can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Oliver Neukum (1): USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT Ondrej Mosnacek (1): lsm: fix the logic in security_inode_getsecctx() Oscar Salvador (1): fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super Paolo Abeni (3): mptcp: get rid of msk->subflow mptcp: fix data re-injection from stale subflow mptcp: drop the push_pending field Paulo Alcantara (2): smb: client: fix potential OOBs in smb2_parse_contexts() smb: client: fix parsing of SMB3.1.1 POSIX create context Peter Zijlstra (4): dmaengine: ioat: Free up __cleanup() name apparmor: Free up __cleanup() name locking: Introduce __cleanup() based infrastructure kbuild: Drop -Wdeclaration-after-statement Philip Yang (1): drm/prime: Support page array >= 4GB Prakash Sangappa (1): mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE Qu Wenruo (1): btrfs: do not ASSERT() if the newly created subvolume already got read Radek Krejci (1): modpost: trim leading spaces when processing source files list Randy Dunlap (1): iio: imu: bno055: serdev requires REGMAP Rishabh Dave (1): ceph: prevent use-after-free in encode_cap_msg() Rob Clark (1): drm/msm: Wire up tlb ops Ryan Roberts (1): selftests/mm: ksm_tests should only MADV_HUGEPAGE valid memory Ryusuke Konishi (4): nilfs2: fix data corruption in dsync block recovery for small block sizes nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() nilfs2: fix potential bug in end_buffer_async_write nilfs2: replace WARN_ONs for invalid DAT metadata block requests Sabrina Dubroca (2): tls: extract context alloc/initialization out of tls_set_sw_offload net: tls: fix use-after-free with partial reads and async decrypt Samuel Holland (1): scs: add CONFIG_MMU dependency for vfree_atomic() Saravana Kannan (4): driver core: Fix device_link_flag_is_sync_state_only() of: property: Improve finding the supplier of a remote-endpoint property driver core: fw_devlink: Improve detection of overlapping cycles of: property: Add in-ports/out-ports support to of_graph_get_port_parent() Sean Anderson (1): usb: ulpi: Fix debugfs directory leak Sean Christopherson (1): KVM: selftests: Fix a semaphore imbalance in the dirty ring logging test Sean Young (1): media: rc: bpf attach/detach requires write permission Sebastian Ott (1): drm/virtio: Set segment size for virtio_gpu device Shradha Gupta (1): hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed Shrikanth Hegde (1): powerpc/pseries: fix accuracy of stolen time Sinthu Raja (2): net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio net: ethernet: ti: cpsw_new: enable mac_managed_pm to fix mdio Sjoerd Simons (1): bus: moxtet: Add spi device table Souradeep Chakrabarti (1): hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove Srinivas Pandruvada (1): iio: hid-sensor-als: Return 0 for HID_USAGE_SENSOR_TIME_TIMESTAMP Stephan Gerhold (2): arm64: dts: qcom: msm8916: Enable blsp_dma by default arm64: dts: qcom: msm8916: Make blsp_dma controlled-remotely Steve Wahl (1): x86/mm/ident_map: Use gbpages only where full GB page should be mapped. Steven Rostedt (Google) (2): tracing: Fix wasted memory in saved_cmdlines logic tracing: Inform kmemleak of saved_cmdlines allocation Takashi Sakamoto (1): firewire: core: correct documentation of fw_csr_string() kernel API Tatsunosuke Tobita (1): HID: wacom: generic: Avoid reporting a serial of '0' to userspace Techno Mooney (1): ASoC: amd: yc: Add DMI quirk for MSI Bravo 15 C7VF Tianjia Zhang (1): crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init Tom Chung (1): drm/amd/display: Preserve original aspect ratio in create stream Tomi Valkeinen (1): media: Revert "media: rkisp1: Drop IRQF_SHARED" Uttkarsh Aggarwal (1): usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend Uwe Kleine-König (2): spi: ppc4xx: Drop write-only variable modpost: Don't let "driver"s reference .exit.* Viken Dadhaniya (1): i2c: qcom-geni: Correct I2C TRE sequence Vincent Donnefort (1): ring-buffer: Clean ring_buffer_poll_wait() error return Vitaly Rodionov (1): ALSA: hda/cs8409: Suppress vmaster control for Dolphin models Zach O'Keefe (1): mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again Zhipeng Lu (1): media: ir_toy: fix a memleak in irtoy_tx Ziqi Zhao (1): can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock bo liu (1): ALSA: hda/conexant: Add quirk for SWS JS201D limingming3 (1): tools/rtla: Replace setting prio with nice for SCHED_OTHER yuan linyu (1): usb: f_mass_storage: forbid async queue when shutdown happen zhili.liu (1): iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC

1 year, 6 months

1
1
0 0

Linux 5.15.149

by Greg Kroah-Hartman

I'm announcing the release of the 5.15.149 kernel. All users of the 5.15 kernel series must upgrade. The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-class-devfreq | 3 Documentation/ABI/testing/sysfs-class-net-queues | 22 - Documentation/ABI/testing/sysfs-class-net-statistics | 48 +- Documentation/arm64/silicon-errata.rst | 7 Documentation/filesystems/directory-locking.rst | 29 - Documentation/filesystems/locking.rst | 5 Documentation/filesystems/porting.rst | 18 Documentation/sound/soc/dapm.rst | 2 Makefile | 2 arch/Kconfig | 1 arch/arm/boot/dts/exynos4210-i9100.dts | 8 arch/arm/boot/dts/imx1-ads.dts | 2 arch/arm/boot/dts/imx1-apf9328.dts | 2 arch/arm/boot/dts/imx1.dtsi | 5 arch/arm/boot/dts/imx23-sansa.dts | 12 arch/arm/boot/dts/imx23.dtsi | 2 arch/arm/boot/dts/imx25-eukrea-cpuimx25.dtsi | 2 arch/arm/boot/dts/imx25-eukrea-mbimxsd25-baseboard-cmo-qvga.dts | 2 arch/arm/boot/dts/imx25-eukrea-mbimxsd25-baseboard-dvi-svga.dts | 2 arch/arm/boot/dts/imx25-eukrea-mbimxsd25-baseboard-dvi-vga.dts | 2 arch/arm/boot/dts/imx25-pdk.dts | 2 arch/arm/boot/dts/imx25.dtsi | 2 arch/arm/boot/dts/imx27-apf27dev.dts | 4 arch/arm/boot/dts/imx27-eukrea-cpuimx27.dtsi | 4 arch/arm/boot/dts/imx27-eukrea-mbimxsd27-baseboard.dts | 2 arch/arm/boot/dts/imx27-phytec-phycard-s-rdk.dts | 2 arch/arm/boot/dts/imx27-phytec-phycore-rdk.dts | 2 arch/arm/boot/dts/imx27-phytec-phycore-som.dtsi | 2 arch/arm/boot/dts/imx27.dtsi | 3 arch/arm/boot/dts/imx28.dtsi | 2 arch/arm/boot/dts/imx7d.dtsi | 3 arch/arm/boot/dts/imx7s.dtsi | 10 arch/arm/boot/dts/qcom-sdx55.dtsi | 10 arch/arm/boot/dts/rk3036.dtsi | 14 arch/arm64/boot/dts/qcom/msm8996.dtsi | 21 + arch/arm64/boot/dts/qcom/msm8998.dtsi | 32 + arch/arm64/boot/dts/qcom/sc7180.dtsi | 4 arch/arm64/boot/dts/qcom/sdm845.dtsi | 16 arch/arm64/boot/dts/qcom/sm8150.dtsi | 8 arch/arm64/include/asm/cputype.h | 4 arch/arm64/include/asm/irq_work.h | 2 arch/arm64/kernel/cpu_errata.c | 3 arch/arm64/kernel/irq.c | 7 arch/arm64/kernel/perf_event.c | 6 arch/csky/include/asm/irq_work.h | 2 arch/mips/include/asm/checksum.h | 3 arch/mips/kernel/elf.c | 6 arch/mips/mm/init.c | 12 arch/parisc/kernel/firmware.c | 4 arch/powerpc/include/asm/irq_work.h | 1 arch/powerpc/include/asm/mmu.h | 4 arch/powerpc/include/asm/mmzone.h | 8 arch/powerpc/kernel/interrupt_64.S | 4 arch/powerpc/kernel/traps.c | 2 arch/powerpc/lib/sstep.c | 10 arch/powerpc/mm/book3s64/pgtable.c | 2 arch/powerpc/mm/init-common.c | 5 arch/powerpc/mm/kasan/kasan_init_32.c | 1 arch/powerpc/mm/mmu_decl.h | 5 arch/riscv/include/asm/irq_work.h | 2 arch/s390/crypto/aes_s390.c | 4 arch/s390/crypto/paes_s390.c | 4 arch/s390/include/asm/irq_work.h | 2 arch/s390/kernel/ptrace.c | 6 arch/s390/kvm/kvm-s390.c | 5 arch/um/drivers/net_kern.c | 2 arch/um/include/shared/kern_util.h | 2 arch/um/kernel/process.c | 2 arch/um/kernel/time.c | 32 + arch/um/os-Linux/helper.c | 6 arch/um/os-Linux/util.c | 19 arch/x86/Kconfig.cpu | 2 arch/x86/boot/compressed/ident_map_64.c | 5 arch/x86/boot/compressed/idt_64.c | 1 arch/x86/boot/compressed/idt_handlers_64.S | 1 arch/x86/boot/compressed/misc.h | 1 arch/x86/include/asm/irq_work.h | 1 arch/x86/include/asm/syscall_wrapper.h | 25 + arch/x86/kernel/cpu/mce/core.c | 16 arch/x86/mm/ident_map.c | 23 - block/bio.c | 2 block/blk-iocost.c | 7 block/blk-mq.c | 16 block/ioctl.c | 2 block/partitions/core.c | 5 crypto/algapi.c | 1 drivers/acpi/acpi_extlog.c | 5 drivers/acpi/acpi_video.c | 9 drivers/acpi/apei/ghes.c | 29 + drivers/android/binder.c | 10 drivers/atm/idt77252.c | 2 drivers/base/arch_numa.c | 2 drivers/base/power/domain.c | 2 drivers/base/power/main.c | 160 +++----- drivers/base/power/runtime.c | 5 drivers/block/rbd.c | 22 - drivers/block/rnbd/rnbd-srv.c | 19 drivers/bluetooth/hci_qca.c | 1 drivers/bus/mhi/host/init.c | 6 drivers/bus/mhi/host/internal.h | 2 drivers/bus/mhi/host/main.c | 49 +- drivers/bus/moxtet.c | 7 drivers/char/hw_random/core.c | 34 + drivers/clk/hisilicon/clk-hi3620.c | 4 drivers/clk/imx/clk-imx8qxp.c | 24 + drivers/clk/imx/clk-scu.c | 4 drivers/clk/mmp/clk-of-pxa168.c | 3 drivers/cpufreq/intel_pstate.c | 67 +-- drivers/crypto/ccp/sev-dev.c | 10 drivers/crypto/marvell/octeontx2/otx2_cptlf.c | 6 drivers/crypto/marvell/octeontx2/otx2_cptvf_main.c | 3 drivers/crypto/stm32/stm32-crc32.c | 2 drivers/devfreq/devfreq.c | 83 +++- drivers/dma-buf/dma-fence-unwrap.c | 176 ++++++++ drivers/dma-buf/sync_file.c | 9 drivers/dma/dmaengine.c | 3 drivers/dma/fsl-dpaa2-qdma/dpaa2-qdma.c | 10 drivers/dma/fsl-qdma.c | 27 - drivers/dma/ti/k3-udma.c | 10 drivers/firewire/core-device.c | 7 drivers/firmware/arm_scmi/common.h | 1 drivers/firmware/arm_scmi/mailbox.c | 14 drivers/firmware/arm_scmi/shmem.c | 6 drivers/gpio/gpio-eic-sprd.c | 32 + drivers/gpio/gpiolib-acpi.c | 14 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 9 drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 13 drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_sync.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 5 drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 36 - drivers/gpu/drm/amd/display/dc/core/dc.c | 4 drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c | 6 drivers/gpu/drm/amd/display/dc/dcn301/dcn301_resource.c | 6 drivers/gpu/drm/amd/display/dc/dcn302/dcn302_resource.c | 6 drivers/gpu/drm/amd/display/dc/dcn31/dcn31_resource.c | 6 drivers/gpu/drm/amd/pm/powerplay/hwmgr/process_pptables_v1_0.c | 2 drivers/gpu/drm/bridge/nxp-ptn3460.c | 6 drivers/gpu/drm/drm_fb_helper.c | 11 drivers/gpu/drm/drm_file.c | 2 drivers/gpu/drm/drm_framebuffer.c | 2 drivers/gpu/drm/drm_mipi_dsi.c | 17 drivers/gpu/drm/drm_plane.c | 1 drivers/gpu/drm/drm_prime.c | 2 drivers/gpu/drm/exynos/exynos5433_drm_decon.c | 4 drivers/gpu/drm/exynos/exynos_drm_drv.c | 11 drivers/gpu/drm/exynos/exynos_drm_fimd.c | 4 drivers/gpu/drm/exynos/exynos_drm_gsc.c | 2 drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 5 drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 1 drivers/gpu/drm/msm/dp/dp_link.c | 12 drivers/gpu/drm/msm/dp/dp_reg.h | 3 drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 drivers/gpu/drm/nouveau/nouveau_vmm.c | 3 drivers/gpu/drm/panel/panel-simple.c | 2 drivers/gpu/drm/scheduler/sched_main.c | 3 drivers/gpu/drm/tidss/tidss_crtc.c | 10 drivers/gpu/drm/vmwgfx/vmwgfx_fb.c | 8 drivers/hid/hid-apple.c | 33 + drivers/hid/hid-ids.h | 1 drivers/hid/hid-picolcd_fb.c | 2 drivers/hid/hid-quirks.c | 1 drivers/hid/i2c-hid/i2c-hid-of.c | 1 drivers/hid/wacom_sys.c | 63 ++- drivers/hid/wacom_wac.c | 9 drivers/hwmon/aspeed-pwm-tacho.c | 7 drivers/hwmon/coretemp.c | 40 +- drivers/i2c/busses/i2c-i801.c | 19 drivers/i3c/master/i3c-master-cdns.c | 7 drivers/iio/accel/Kconfig | 2 drivers/iio/adc/ad7091r-base.c | 173 ++++++++ drivers/iio/adc/ad7091r-base.h | 8 drivers/iio/adc/ad7091r5.c | 29 - drivers/iio/industrialio-core.c | 5 drivers/iio/light/hid-sensor-als.c | 1 drivers/iio/magnetometer/rm3100-core.c | 10 drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 7 drivers/input/keyboard/atkbd.c | 13 drivers/input/serio/i8042-acpipnpio.h | 6 drivers/irqchip/irq-brcmstb-l2.c | 5 drivers/irqchip/irq-gic-v3-its.c | 22 - drivers/leds/trigger/ledtrig-panic.c | 5 drivers/mailbox/arm_mhuv2.c | 3 drivers/md/dm-core.h | 2 drivers/md/dm-ioctl.c | 3 drivers/md/dm-table.c | 9 drivers/md/md.c | 54 ++ drivers/media/i2c/imx335.c | 4 drivers/media/i2c/imx355.c | 12 drivers/media/i2c/ov9734.c | 19 drivers/media/pci/ddbridge/ddbridge-main.c | 2 drivers/media/platform/mtk-jpeg/mtk_jpeg_core.c | 6 drivers/media/platform/rockchip/rga/rga.c | 15 drivers/media/rc/bpf-lirc.c | 6 drivers/media/rc/ir_toy.c | 2 drivers/media/rc/lirc_dev.c | 5 drivers/media/rc/rc-core-priv.h | 2 drivers/media/usb/stk1160/stk1160-video.c | 5 drivers/mfd/Kconfig | 1 drivers/misc/fastrpc.c | 2 drivers/misc/lkdtm/bugs.c | 2 drivers/mmc/core/block.c | 46 ++ drivers/mmc/core/slot-gpio.c | 6 drivers/mmc/host/mmc_spi.c | 186 --------- drivers/net/bonding/bond_alb.c | 3 drivers/net/dsa/mv88e6xxx/chip.h | 4 drivers/net/dsa/mv88e6xxx/serdes.c | 8 drivers/net/dsa/mv88e6xxx/serdes.h | 8 drivers/net/ethernet/broadcom/bnxt/bnxt.c | 5 drivers/net/ethernet/broadcom/genet/bcmgenet.c | 22 - drivers/net/ethernet/broadcom/genet/bcmgenet.h | 3 drivers/net/ethernet/broadcom/genet/bcmmii.c | 6 drivers/net/ethernet/freescale/fec_main.c | 2 drivers/net/ethernet/google/gve/gve_tx_dqo.c | 5 drivers/net/ethernet/intel/i40e/i40e_main.c | 2 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 32 + drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c | 36 - drivers/net/ethernet/intel/ixgbe/ixgbe_82599.c | 61 +-- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 177 ++++---- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 44 +- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c | 34 - drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 1 drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 105 ++--- drivers/net/ethernet/intel/ixgbe/ixgbe_phy.h | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 51 -- drivers/net/ethernet/intel/ixgbe/ixgbe_x540.c | 44 +- drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 149 +++---- drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c | 27 + drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c | 13 drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.c | 14 drivers/net/ethernet/mellanox/mlx5/core/en/fs_tt_redirect.c | 1 drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c | 26 - drivers/net/ethernet/mellanox/mlx5/core/steering/dr_action.c | 19 drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c | 2 drivers/net/ethernet/mellanox/mlx5/core/steering/dr_rule.c | 4 drivers/net/ethernet/mellanox/mlx5/core/steering/dr_types.h | 7 drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c | 2 drivers/net/ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c | 6 drivers/net/ethernet/pensando/ionic/ionic_dev.c | 1 drivers/net/ethernet/pensando/ionic/ionic_dev.h | 1 drivers/net/ethernet/pensando/ionic/ionic_main.c | 2 drivers/net/ethernet/stmicro/stmmac/common.h | 1 drivers/net/ethernet/stmicro/stmmac/dwxgmac2.h | 3 drivers/net/ethernet/stmicro/stmmac/dwxgmac2_core.c | 58 ++ drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 3 drivers/net/ethernet/ti/cpsw.c | 2 drivers/net/ethernet/ti/cpsw_new.c | 3 drivers/net/fjes/fjes_hw.c | 37 + drivers/net/hyperv/netvsc.c | 5 drivers/net/hyperv/netvsc_drv.c | 4 drivers/net/ppp/ppp_async.c | 4 drivers/net/virtio_net.c | 9 drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 5 drivers/net/wireless/intel/iwlwifi/fw/acpi.c | 12 drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c | 2 drivers/net/wireless/ralink/rt2x00/rt2x00dev.c | 3 drivers/net/wireless/ralink/rt2x00/rt2x00mac.c | 11 drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 12 drivers/net/wireless/realtek/rtlwifi/rtl8723ae/phy.c | 6 drivers/net/wireless/realtek/rtlwifi/rtl8723be/phy.c | 4 drivers/net/xen-netback/netback.c | 84 ++-- drivers/of/property.c | 2 drivers/of/unittest.c | 12 drivers/pci/pci.h | 2 drivers/pci/pcie/aer.c | 9 drivers/pci/quirks.c | 24 + drivers/pci/switch/switchtec.c | 25 - drivers/phy/renesas/phy-rcar-gen3-usb2.c | 4 drivers/phy/ti/phy-omap-usb2.c | 4 drivers/pnp/pnpacpi/rsparser.c | 12 drivers/regulator/core.c | 56 +- drivers/rpmsg/virtio_rpmsg_bus.c | 1 drivers/rtc/rtc-cmos.c | 4 drivers/s390/net/qeth_l3_main.c | 9 drivers/scsi/arcmsr/arcmsr.h | 4 drivers/scsi/arcmsr/arcmsr_hba.c | 6 drivers/scsi/fcoe/fcoe_ctlr.c | 20 - drivers/scsi/isci/request.c | 2 drivers/scsi/libfc/fc_fcp.c | 18 drivers/scsi/lpfc/lpfc.h | 1 drivers/scsi/lpfc/lpfc_init.c | 4 drivers/scsi/scsi_error.c | 9 drivers/scsi/scsi_lib.c | 4 drivers/scsi/scsi_priv.h | 2 drivers/scsi/storvsc_drv.c | 12 drivers/scsi/ufs/ufshcd.c | 14 drivers/spi/spi-bcm-qspi.c | 4 drivers/spi/spi-ppc4xx.c | 5 drivers/staging/fbtft/fbtft-core.c | 14 drivers/staging/iio/impedance-analyzer/ad5933.c | 2 drivers/tty/serial/8250/8250_exar.c | 13 drivers/tty/serial/max310x.c | 33 + drivers/tty/tty_ioctl.c | 4 drivers/usb/core/hub.c | 34 + drivers/usb/dwc3/core.h | 1 drivers/usb/dwc3/ep0.c | 27 + drivers/usb/dwc3/gadget.c | 162 ++++++-- drivers/usb/dwc3/gadget.h | 3 drivers/usb/dwc3/host.c | 4 drivers/usb/gadget/function/f_mass_storage.c | 20 - drivers/usb/host/xhci-plat.c | 3 drivers/usb/serial/cp210x.c | 1 drivers/usb/serial/option.c | 1 drivers/usb/serial/qcserial.c | 2 drivers/usb/typec/ucsi/ucsi_acpi.c | 17 drivers/vhost/vhost.c | 5 drivers/video/fbdev/broadsheetfb.c | 14 drivers/video/fbdev/core/fb_defio.c | 168 ++++++-- drivers/video/fbdev/core/fbmem.c | 4 drivers/video/fbdev/hecubafb.c | 3 drivers/video/fbdev/hyperv_fb.c | 8 drivers/video/fbdev/metronomefb.c | 14 drivers/video/fbdev/sh_mobile_lcdcfb.c | 20 - drivers/video/fbdev/smscufx.c | 9 drivers/video/fbdev/ssd1307fb.c | 3 drivers/video/fbdev/udlfb.c | 10 drivers/video/fbdev/xen-fbfront.c | 8 drivers/watchdog/it87_wdt.c | 14 drivers/xen/gntdev-dmabuf.c | 50 +- fs/afs/callback.c | 3 fs/afs/dir.c | 8 fs/afs/server.c | 7 fs/btrfs/ctree.h | 22 + fs/btrfs/delayed-inode.c | 5 fs/btrfs/delayed-inode.h | 1 fs/btrfs/disk-io.c | 13 fs/btrfs/extent-tree.c | 3 fs/btrfs/inode.c | 172 +++++--- fs/btrfs/ioctl.c | 12 fs/btrfs/qgroup.c | 14 fs/btrfs/ref-verify.c | 6 fs/btrfs/send.c | 2 fs/btrfs/sysfs.c | 9 fs/btrfs/tree-checker.c | 2 fs/ceph/caps.c | 12 fs/cifs/smb2misc.c | 2 fs/cifs/smb2ops.c | 14 fs/cifs/smb2pdu.c | 13 fs/cifs/smb2pdu.h | 42 +- fs/dcache.c | 7 fs/ecryptfs/inode.c | 8 fs/exec.c | 3 fs/ext4/mballoc.c | 26 - fs/ext4/move_extent.c | 6 fs/ext4/resize.c | 37 + fs/f2fs/compress.c | 4 fs/f2fs/file.c | 2 fs/f2fs/recovery.c | 25 - fs/hugetlbfs/inode.c | 13 fs/ioctl.c | 3 fs/jfs/jfs_dmap.c | 57 +- fs/jfs/jfs_dtree.c | 7 fs/jfs/jfs_imap.c | 3 fs/jfs/jfs_mount.c | 6 fs/kernfs/dir.c | 12 fs/ksmbd/asn1.c | 5 fs/ksmbd/connection.c | 7 fs/ksmbd/connection.h | 2 fs/ksmbd/ksmbd_netlink.h | 3 fs/ksmbd/oplock.c | 22 - fs/ksmbd/smb2pdu.c | 53 +- fs/ksmbd/smbacl.c | 11 fs/ksmbd/transport_ipc.c | 4 fs/ksmbd/transport_rdma.c | 11 fs/ksmbd/transport_tcp.c | 13 fs/namei.c | 60 +-- fs/nilfs2/dat.c | 27 - fs/nilfs2/file.c | 8 fs/nilfs2/recovery.c | 7 fs/nilfs2/segment.c | 8 fs/ntfs3/fsntfs.c | 16 fs/ntfs3/index.c | 3 fs/ntfs3/ntfs_fs.h | 2 fs/pipe.c | 19 fs/pstore/ram.c | 1 fs/ubifs/dir.c | 2 fs/xfs/xfs_super.c | 27 - include/asm-generic/numa.h | 2 include/drm/drm_color_mgmt.h | 1 include/drm/drm_fb_helper.h | 3 include/drm/drm_mipi_dsi.h | 2 include/linux/async.h | 2 include/linux/bpf.h | 6 include/linux/dma-fence.h | 19 include/linux/dmaengine.h | 3 include/linux/fb.h | 18 include/linux/hrtimer.h | 4 include/linux/irq_work.h | 3 include/linux/lsm_hook_defs.h | 2 include/linux/mmzone.h | 18 include/linux/netfilter/ipset/ip_set.h | 4 include/linux/overflow.h | 72 ++- include/linux/pci_ids.h | 1 include/linux/pipe_fs_i.h | 16 include/linux/pm_runtime.h | 4 include/linux/security.h | 9 include/linux/syscalls.h | 1 include/net/af_unix.h | 20 - include/net/inet_connection_sock.h | 8 include/net/llc_pdu.h | 6 include/net/netfilter/nf_tables.h | 2 include/uapi/linux/btrfs.h | 4 include/uapi/linux/netfilter/nf_tables.h | 2 kernel/async.c | 85 +++- kernel/audit.c | 31 + kernel/bpf/arraymap.c | 12 kernel/bpf/hashtab.c | 6 kernel/bpf/map_in_map.c | 2 kernel/bpf/map_in_map.h | 2 kernel/bpf/syscall.c | 6 kernel/events/core.c | 38 + kernel/power/swap.c | 38 - kernel/sched/membarrier.c | 9 kernel/time/clocksource.c | 25 + kernel/time/hrtimer.c | 17 kernel/time/tick-sched.c | 5 kernel/trace/ring_buffer.c | 2 kernel/trace/trace.c | 78 ++- kernel/trace/trace_events_trigger.c | 6 kernel/trace/tracing_map.c | 7 lib/debugobjects.c | 200 +++------- lib/mpi/ec.c | 3 mm/page-writeback.c | 2 mm/sparse.c | 17 net/8021q/vlan_netlink.c | 4 net/bluetooth/l2cap_core.c | 3 net/bridge/br_cfm_netlink.c | 2 net/bridge/br_multicast.c | 20 - net/bridge/br_private.h | 4 net/can/j1939/j1939-priv.h | 3 net/can/j1939/main.c | 2 net/can/j1939/socket.c | 46 +- net/core/request_sock.c | 3 net/core/skbuff.c | 3 net/hsr/hsr_device.c | 4 net/ipv4/af_inet.c | 9 net/ipv4/inet_connection_sock.c | 4 net/ipv4/ip_output.c | 12 net/ipv4/ip_tunnel_core.c | 2 net/ipv4/tcp.c | 13 net/ipv6/addrconf_core.c | 21 - net/ipv6/af_inet6.c | 3 net/ipv6/ip6_tunnel.c | 28 - net/llc/af_llc.c | 26 - net/llc/llc_core.c | 7 net/mac80211/tx.c | 3 net/mptcp/protocol.c | 3 net/netfilter/ipset/ip_set_bitmap_gen.h | 14 net/netfilter/ipset/ip_set_core.c | 39 + net/netfilter/ipset/ip_set_hash_gen.h | 19 net/netfilter/ipset/ip_set_list_set.c | 13 net/netfilter/nf_log.c | 7 net/netfilter/nf_tables_api.c | 34 - net/netfilter/nft_chain_filter.c | 11 net/netfilter/nft_compat.c | 23 + net/netfilter/nft_ct.c | 27 + net/netfilter/nft_flow_offload.c | 5 net/netfilter/nft_limit.c | 23 - net/netfilter/nft_nat.c | 5 net/netfilter/nft_rt.c | 5 net/netfilter/nft_set_pipapo.c | 108 ++--- net/netfilter/nft_set_pipapo.h | 18 net/netfilter/nft_set_pipapo_avx2.c | 17 net/netfilter/nft_set_rbtree.c | 6 net/netfilter/nft_socket.c | 5 net/netfilter/nft_synproxy.c | 7 net/netfilter/nft_tproxy.c | 5 net/netfilter/nft_tunnel.c | 1 net/netfilter/nft_xfrm.c | 5 net/netlink/af_netlink.c | 2 net/nfc/nci/core.c | 4 net/openvswitch/flow_netlink.c | 49 +- net/rds/af_rds.c | 2 net/rxrpc/conn_event.c | 8 net/rxrpc/conn_service.c | 3 net/smc/smc_diag.c | 2 net/sunrpc/xprtmultipath.c | 17 net/tipc/bearer.c | 6 net/unix/af_unix.c | 14 net/unix/diag.c | 2 net/unix/garbage.c | 12 net/wireless/scan.c | 4 scripts/decode_stacktrace.sh | 60 ++- scripts/get_abi.pl | 2 scripts/link-vmlinux.sh | 9 scripts/mod/sumversion.c | 7 security/security.c | 32 + security/selinux/hooks.c | 28 + security/smack/smack_lsm.c | 1 security/tomoyo/tomoyo.c | 1 sound/hda/hdac_stream.c | 9 sound/hda/intel-dsp-config.c | 10 sound/pci/hda/hda_intel.c | 2 sound/pci/hda/patch_conexant.c | 133 ++++++ sound/pci/hda/patch_cs8409.c | 1 sound/pci/hda/patch_realtek.c | 3 sound/soc/codecs/lpass-wsa-macro.c | 7 sound/soc/codecs/rt5645.c | 1 sound/soc/codecs/wcd938x.c | 2 sound/usb/quirks.c | 4 tools/build/feature/test-libopencsd.c | 4 tools/lib/bpf/libbpf.c | 2 tools/lib/subcmd/help.c | 18 tools/testing/selftests/bpf/cgroup_helpers.c | 18 tools/testing/selftests/bpf/prog_tests/btf.c | 1 tools/testing/selftests/bpf/prog_tests/tailcalls.c | 55 -- tools/testing/selftests/bpf/progs/pyperf180.c | 22 + tools/testing/selftests/bpf/progs/tailcall_bpf2bpf6.c | 42 -- tools/testing/selftests/drivers/net/netdevsim/udp_tunnel_nic.sh | 9 tools/testing/selftests/net/pmtu.sh | 34 + tools/testing/selftests/net/setup_veth.sh | 2 tools/testing/selftests/net/udpgro_fwd.sh | 14 tools/testing/selftests/net/udpgso_bench_rx.c | 2 tools/testing/selftests/sgx/test_encl.lds | 6 519 files changed, 5029 insertions(+), 2677 deletions(-) Aaron Conole (1): net: openvswitch: limit the number of recursions from action sets Adrian Reber (1): tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE Al Viro (2): rename(): fix the locking of subdirectories fast_dput(): handle underflows gracefully Aleksander Mazur (1): x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 Alex Henrie (1): HID: apple: Add support for the 2021 Magic Keyboard Alex Lyakas (1): md: Whenassemble the array, consult the superblock of the freshest device Alexander Stein (5): ARM: dts: imx7d: Fix coresight funnel ports ARM: dts: imx7s: Fix lcdif compatible ARM: dts: imx7s: Fix nand-controller #size-cells clk: imx: clk-imx8qxp: fix LVDS bypass, pixel and phy clocks mmc: slot-gpio: Allow non-sleeping GPIO ro Alexander Tsoy (1): ALSA: usb-audio: Add delay quirk for MOTU M Series 2nd revision Alexandra Winter (1): s390/qeth: Fix potential loss of L3-IP@ in case of network issues Alexey Khoroshilov (1): ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() Alfred Piccioni (1): lsm: new security_file_ioctl_compat() hook Amelie Delaunay (1): dmaengine: fix NULL pointer in channel unregistration function Andrii Nakryiko (1): selftests/bpf: satisfy compiler by having explicit return in btf test Andrii Staikov (1): i40e: Fix VF disable behavior to block all traffic Andrzej Hajda (1): debugobjects: Stop accessing objects after releasing hash bucket lock Andy Shevchenko (1): mmc: mmc_spi: remove custom DMA mapped buffers Anna Schumaker (1): SUNRPC: Fix a suspicious RCU usage warning Anson Jacob (1): drm/amd/display: Fix multiple memory leaks reported by coverity Antoine Tenart (1): tunnels: fix out of bounds access when building IPv6 PMTU error Anton Ivanov (1): um: Fix naming clash between UML and scheduler Arnd Bergmann (2): drm/exynos: fix accidental on-stack copy of exynos_drm_plane arch: consolidate arch_irq_work_raise prototypes Avri Altman (1): mmc: core: Use mrq.sbc in close-ended ffu Baokun Li (4): ext4: unify the type of flexbg_size to unsigned int ext4: remove unnecessary check from alloc_flex_gd() ext4: avoid online resizing failures due to oversized flex bg ext4: fix double-free of blocks due to wrong extents moved_len Bart Van Assche (2): scsi: ufs: core: Simplify power management during async scan scsi: ufs: core: Remove the ufshcd_hba_exit() call from ufshcd_async_scan() Benjamin Berg (3): wifi: cfg80211: free beacon_ies when overridden from hidden BSS um: Don't use vfprintf() for os_info() HID: apple: Add 2021 magic keyboard FN key mapping Bernd Edlinger (2): net: stmmac: Wait a bit for the reset to take effect exec: Fix error handling in begin_new_exec() Bharat Bhushan (1): crypto: octeontx2 - Fix cptvf driver cleanup Bhaumik Bhatt (1): bus: mhi: host: Add spinlock to protect WP access when queueing TREs Bingbu Cao (2): media: imx355: Enable runtime PM before registering async sub-device media: ov9734: Enable runtime PM before registering async sub-device Bjorn Helgaas (1): PCI/AER: Decode Requester ID when no error info found Boris Burkov (2): btrfs: forbid creating subvol qgroups btrfs: forbid deleting live subvol qgroup Breno Leitao (2): net: sysfs: Fix /sys/class/net/<iface> path net: sysfs: Fix /sys/class/net/<iface> path for statistics Carlos Llamas (2): binder: signal epoll threads of self-work scripts/decode_stacktrace.sh: optionally use LLVM utilities Chao Yu (2): f2fs: fix to check return value of f2fs_reserve_new_block() f2fs: fix to tag gcing flag on page during block migration Charan Teja Kalla (1): mm/sparsemem: fix race in accessing memory_section->usage Chris Riches (1): audit: Send netlink ACK before setting connection in auditd_set Christian A. Ehrhardt (2): of: unittest: Fix compile in the non-dynamic case usb: ucsi_acpi: Fix command completion handling Christian König (1): dma-buf: add dma_fence_timestamp helper Christian Marangi (1): PM / devfreq: Fix buffer overflow in trans_stat_show Christoph Hellwig (1): block: prevent an integer overflow in bvec_try_merge_hw_page Christophe JAILLET (3): ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA Chuansheng Liu (1): fbdev: defio: fix the pagelist corruption Chung-Chiang Cheng (1): btrfs: tree-checker: fix inline ref size in error messages Cristian Ciocaltea (1): ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Cristian Marussi (1): firmware: arm_scmi: Check mailbox/SMT channel for consistency Dan Carpenter (4): drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking drm/bridge: nxp-ptn3460: simplify some error checking fs/ntfs3: Fix an NULL dereference bug wifi: iwlwifi: Fix some error codes Daniel Basilio (1): nfp: use correct macro for LengthSelect in BAR config Daniel Stodden (1): PCI: switchtec: Fix stdev_release() crash after surprise hot remove Daniel Vacek (1): IB/ipoib: Fix mcast list locking Daniel de Villiers (1): nfp: flower: prevent re-adding mac index for bonded port Dave Airlie (1): nouveau/vmm: don't set addr on the fail path to avoid warning Dave Chinner (1): xfs: read only mounts with fsopen mount API are busted David Disseldorp (1): btrfs: sysfs: validate scrub_speed_max value David Howells (2): afs: Hide silly-rename files from userspace rxrpc: Fix response to PING RESPONSE ACKs to a dead call David Schiller (1): staging: iio: ad5933: fix type mismatch regression David Senoner (1): ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 David Sterba (2): btrfs: don't warn if discard range is not aligned to sector btrfs: send: return EOPNOTSUPP on unknown flags Davidlohr Bueso (1): hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range() Dinghao Liu (2): net/mlx5e: fix a potential double-free in fs_any_create_groups iio: core: fix memleak in iio_device_register_sysfs Dmitry Antipov (1): PNP: ACPI: fix fortify warning Doug Berger (1): irqchip/irq-brcmstb-l2: Add write memory barrier before exit Douglas Anderson (2): drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time PM: runtime: Have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() Easwar Hariharan (1): arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL Edward Adam Davis (3): jfs: fix uaf in jfs_evict_inode jfs: fix array-index-out-of-bounds in diNewExt wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Ekansh Gupta (1): misc: fastrpc: Mark all sessions as invalid in cb_remove Emmanuel Grumbach (1): wifi: iwlwifi: fix a memory corruption Eric Dumazet (9): llc: make llc_ui_sendmsg() more robust against bonding changes ip6_tunnel: use dev_sw_netstats_rx_add() ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() tcp: add sanity checks to rx zerocopy llc: call sock_orphan() at release time af_unix: fix lockdep positive in sk_diag_dump_icons() inet: read sk->sk_family once in inet_recv_error() ppp_async: limit MRU to 64K net: prevent mss overflow in skb_segment() Fabio Estevam (9): ARM: dts: imx25/27-eukrea: Fix RTC node name ARM: dts: imx: Use flash@0,0 pattern ARM: dts: imx27: Fix sram node ARM: dts: imx1: Fix sram node ARM: dts: imx25: Fix the iim compatible string ARM: dts: imx25/27: Pass timing0 ARM: dts: imx27-apf27dev: Fix LED name ARM: dts: imx23-sansa: Use preferred i2c-gpios properties ARM: dts: imx23/28: Fix the DMA controller node name Fedor Pchelkin (4): ksmbd: free ppace array on error in parse_dacl btrfs: ref-verify: free ref cache before clearing mount opt drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume nfc: nci: free rx_data_reassembly skb on NCI device cleanup Felix Kuehling (2): drm/amdgpu: Let KFD sync with VM fences drm/amdkfd: Fix lock dependency warning Filipe Manana (4): btrfs: fix infinite directory reads btrfs: set last dir index to the current last index when opening dir btrfs: refresh dir last index during a rewinddir(3) call btrfs: fix race between reading a directory and adding entries to it Florian Fainelli (1): net: bcmgenet: Fix EEE implementation Florian Westphal (6): netfilter: nft_limit: reject configurations that cause integer overflow netfilter: nf_tables: restrict anonymous set and map names to 16 bytes netfilter: nf_tables: reject QUEUE/DROP verdict parameters netfilter: nft_set_pipapo: store index in scratch maps netfilter: nft_set_pipapo: add helper to release pcpu scratch area netfilter: nft_set_pipapo: remove scratch_aligned pointer Frank Li (1): dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV Frederic Weisbecker (1): hrtimer: Report offline hrtimer enqueue Frédéric Danis (1): Bluetooth: L2CAP: Fix possible multiple reject send Furong Xu (2): net: stmmac: xgmac: fix handling of DPP safety error for DMA channels net: stmmac: xgmac: fix a typo of register name in DPP safety handling Gabriel Krisman Bertazi (1): ecryptfs: Reject casefold directory inodes Ghanshyam Agrawal (1): media: stk1160: Fixed high volume of stk1160_dbg messages Greg KH (1): perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file Greg Kroah-Hartman (1): Linux 5.15.149 Guanhua Gao (1): dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools Guenter Roeck (1): MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler Guilherme G. Piccoli (1): PCI: Only override AMD USB controller if required Hannes Reinecke (2): scsi: libfc: Don't schedule abort twice scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hans de Goede (1): Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID Hardik Gajjar (1): usb: hub: Replace hardcoded quirk value with BIT() macro Harshit Shah (1): i3c: master: cdns: Update maximum prescaler value for i2c clock Heiko Carstens (2): s390/ptrace: handle setting of fpc register correctly KVM: s390: fix setting of fpc register Heiner Kallweit (2): leds: trigger: panic: Don't register panic notifier if creating the trigger failed i2c: i801: Remove i801_set_block_buffer_mode Helge Deller (2): parisc/firmware: Fix F-extend for PDC addresses ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Herbert Xu (3): crypto: api - Disallow identical driver names hwrng: core - Fix page fault dead lock on mmap-ed hwrng crypto: s390/aes - Fix buffer overread in CTR mode Hongchen Zhang (1): PM: hibernate: Enforce ordering during image compression/decompression Hou Tao (2): bpf: Add map and need_defer parameters to .map_fd_put_ptr() bpf: Set uattr->batch.count as zero before batched update or deletion Huang Shijie (2): arm64: irq: set the correct node for VMAP stack arm64: irq: set the correct node for shadow call stack Hugo Villeneuve (3): serial: max310x: set default value when reading clock ready bit serial: max310x: improve crystal stable clock detection serial: max310x: fail probe if clock crystal is unstable Ian Rogers (1): libsubcmd: Fix memory leak in uniq() Ido Schimmel (1): PCI: Add no PM reset quirk for NVIDIA Spectrum devices Ilpo Järvinen (2): PCI: Fix 64GT/s effective data rate calculation serial: 8250_exar: Fill in rs485_supported Ilya Dryomov (1): rbd: don't move requests to the running list on errors Ivan Vecera (1): i40e: Fix waiting for queues of all VSIs to be disabled Jack Wang (1): RDMA/IPoIB: Fix error code return in ipoib_mcast_join JackBB Wu (1): USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e Jaegeuk Kim (1): f2fs: fix write pointers on zoned device after roll forward Jai Luthra (1): dmaengine: ti: k3-udma: Report short packet errors Jakub Kicinski (1): selftests: netdevsim: fix the udp_tunnel_nic test James Clark (1): perf cs-etm: Bump minimum OpenCSD version to ensure a bugfix is present Jan Beulich (1): xen-netback: properly sync TX responses Jason Gerecke (1): HID: wacom: Do not register input devices until after hid_hw_start Jean Delvare (1): i2c: i801: Fix block process call transactions Jedrzej Jagielski (2): ixgbe: Refactor returning internal error codes ixgbe: Refactor overtemp event handling Jenishkumar Maheshbhai Patel (1): net: mvpp2: clear BM pool before initialization Jiangfeng Xiao (1): powerpc/kasan: Fix addr error caused by page alignment Jiri Wiesner (1): clocksource: Skip watchdog check for large watchdog intervals Jo Van Bulck (1): selftests/sgx: Fix linker script asserts Johan Hovold (10): arm64: dts: qcom: sc7180: fix USB wakeup interrupt types arm64: dts: qcom: sdm845: fix USB wakeup interrupt types arm64: dts: qcom: sm8150: fix USB wakeup interrupt types arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts ARM: dts: qcom: sdx55: fix USB wakeup interrupt types ARM: dts: qcom: sdx55: fix pdc '#interrupt-cells' ARM: dts: qcom: sdx55: fix USB DP/DM HS PHY interrupts ARM: dts: qcom: sdx55: fix USB SS wakeup ASoC: codecs: lpass-wsa-macro: fix compander volume hack HID: i2c-hid-of: fix NULL-deref on failed power up Johan Jonker (1): ARM: dts: rockchip: fix rk3036 hdmi ports node Johannes Berg (2): um: time-travel: fix time corruption wifi: mac80211: reload info pointer in ieee80211_tx_dequeue() Jonathan Cameron (1): iio:adc:ad7091r: Move exports into IIO_AD7091R namespace. Josef Bacik (1): btrfs: add definition for EXTENT_TREE_V2 Jozsef Kadlecsik (2): netfilter: ipset: fix performance regression in swap operation netfilter: ipset: Missing gc cancellations fixed Julian Sikorski (1): ALSA: usb-audio: Add a quirk for Yamaha YIT-W12TX transmitter Jun'ichi Nomura (1): x86/boot: Ignore NMIs during very early boot Justin Stitt (1): drivers: lkdtm: fix clang -Wformat warning Justin Tee (1): scsi: lpfc: Fix possible file string name overflow when updating firmware Kamal Dasu (1): spi: bcm-qspi: fix SFDP BFPT read by usig mspi read Kees Cook (3): overflow: Allow mixed type arguments block/rnbd-srv: Check for unlikely string overflow smb3: Replace smb2pdu 1-element arrays with flex-arrays Kieran Bingham (1): media: i2c: imx335: Fix hblank min/max values Kim Phillips (1): crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked Konrad Dybcio (2): pmdomain: core: Move the unused cleanup to a _sync initcall drm/msm/dsi: Enable runtime PM Konstantin Komarov (1): fs/ntfs3: Add null pointer checks Krishna chaitanya chundru (1): bus: mhi: host: Add alignment check for event ring read pointer Krzysztof Kozlowski (1): ASoC: codecs: wcd938x: handle deferred probe Kuan-Wei Chiu (3): clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() clk: imx: scu: Fix memory leak in __imx_clk_gpr_scu() Kuniyuki Iwashima (3): llc: Drop support for ETH_P_TR_802_2. af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC. af_unix: Fix task hung while purging oob_skb in GC. Kunwu Chan (1): powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Kuogee Hsieh (1): drm/msm/dp: return correct Colorimetry for DP_TEST_DYNAMIC_RANGE_CEA case Lee Duncan (1): scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" Leonard Dallmayr (1): USB: serial: cp210x: add ID for IMST iM871A-USB Li Lingfeng (1): block: Move checking GENHD_FL_NO_PART to bdev_add_partition() Li zeming (1): PM: core: Remove unnecessary (void *) conversions Lin Ma (3): vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING ksmbd: fix global oob in ksmbd_nl_policy bridge: cfm: fix enum typo in br_cc_ccm_tx_parse Lino Sanfilippo (1): serial: 8250_exar: Set missing rs485_supported flag Linus Lüssing (1): bridge: mcast: fix disabled snooping after long uptime Linus Torvalds (1): sched/membarrier: reduce the ability to hammer on sys_membarrier Loic Prylli (1): hwmon: (aspeed-pwm-tacho) mutex for tach reading Luka Guzenko (1): ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx Lukas Schauer (1): pipe: wakeup wr_wait after setting max_usage Manas Ghandat (2): jfs: fix slab-out-of-bounds Read in dtSearch jfs: fix array-index-out-of-bounds in dbAdjTree Manivannan Sadhasivam (1): bus: mhi: host: Rename "struct mhi_tre" to "struct mhi_ring_element" Mao Jinlong (2): arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property Marc Zyngier (1): irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update Marcelo Schmitt (3): iio: adc: ad7091r: Set alert bit in config register iio: adc: ad7091r: Allow users to configure device events iio: adc: ad7091r: Enable internal vref if external vref is not supplied Mario Limonciello (4): rtc: Adjust failure return code for cmos_set_alarm() gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 Revert "drm/amd: flush any delayed gfxoff on suspend entry" iio: accel: bma400: Fix a compilation problem Mark Rutland (1): drivers/perf: pmuv3: don't expose SW_INCR event in sysfs Markus Niebel (1): drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33] Masami Hiramatsu (Google) (1): tracing/trigger: Fix to return error if failed to alloc snapshot Max Kellermann (2): fs/pipe: move check to pipe_has_watch_queue() fs/kernfs/dir: obey S_ISGID Mayank Rana (1): usb: dwc3: Fix ep0 handling when getting reset while doing control transfer Meenakshikumar Somasundaram (1): drm/amd/display: Fix tiled display misalignment Michael Chan (1): bnxt_en: Wait for FLR to complete during probe Michael Ellerman (3): powerpc: Fix build error due to is_valid_bugaddr() powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping() Michael Kelley (2): hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes scsi: storvsc: Fix ring buffer size calculation Michael Tretter (1): media: rockchip: rga: fix swizzling for RGB formats Miguel Ojeda (1): scripts: decode_stacktrace: demangle Rust symbols Mikulas Patocka (1): dm: limit the number of targets and parameter size area Ming Lei (3): blk-mq: fix IO hang from sbitmap wakeup race scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler scsi: core: Move scsi_host_busy() out of host lock if it is for per-command Mingyi Zhang (1): libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos Minsuk Kang (1): wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Mukesh Ojha (1): PM / devfreq: Synchronize devfreq_monitor_[start/stop] Nam Cao (1): fbdev: flush deferred IO before closing Namjae Jeon (9): ksmbd: don't allow O_TRUNC open on read-only share ksmbd: validate mech token in session setup ksmbd: fix UAF issue in ksmbd_tcp_new_connection() ksmbd: only v2 leases handle the directory ksmbd: set v2 lease version on lease upgrade ksmbd: fix potential circular locking issue in smb2_set_ea() ksmbd: don't increment epoch if current state and request state are same ksmbd: send lease break notification on FILE_RENAME_INFORMATION ksmbd: Add missing set_freezable() for freezable kthread Nathan Chancellor (2): um: net: Fix return type of uml_net_start_xmit() kbuild: Fix changing ELF file type for output of gen_btf for big endian Naveen N Rao (2): powerpc/lib: Validate size for vector operations powerpc/64: Set task pt_regs->link to the LR value on scv entry Nikita Zhandarovich (1): net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Nuno Sa (1): of: property: fix typo in io-channels Oleg Nesterov (3): afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleksandr Tyshchenko (1): xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import Oleksij Rempel (1): can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Oliver Neukum (1): USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT Omar Sandoval (2): btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted btrfs: don't abort filesystem when attempting to snapshot deleted subvolume Ondrej Mosnacek (1): lsm: fix the logic in security_inode_getsecctx() Osama Muhammad (2): FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree UBSAN: array-index-out-of-bounds in dtSplitRoot Pablo Neira Ayuso (9): netfilter: nf_tables: validate NFPROTO_* family netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations netfilter: nft_compat: reject unused compat flag netfilter: nft_compat: restrict match/target protocol to u16 netfilter: nft_ct: reject direction for ct id netfilter: nft_set_rbtree: skip end interval element from gc Paolo Abeni (5): selftests: net: give more time for GRO aggregation selftests: net: fix available tunnels detection selftests: net: cut more slack for gro fwd tests. selftests: net: avoid just another constant wait mptcp: fix data re-injection from stale subflow Paul Cercueil (1): ARM: dts: samsung: exynos4210-i9100: Unconditionally enable LDO12 Peter Robinson (1): mfd: ti_am335x_tscadc: Fix TI SoC dependencies Peter Suti (1): staging: fbtft: core: set smem_len before fb_deferred_io_init call Peter Zijlstra (1): perf: Fix the nr_addr_filters fix Petr Pavlu (1): tracing: Ensure visibility when inserting an element into tracing_map Philip Yang (1): drm/prime: Support page array >= 4GB Pierre-Louis Bossart (3): PCI: add INTEL_HDA_ARL to pci_ids.h ALSA: hda: Intel: add HDA_ARL PCI ID support ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL Piotr Skajewski (1): ixgbe: Remove non-inclusive language Prakash Sangappa (1): mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE Prarit Bhargava (1): ACPI: extlog: fix NULL pointer dereference check Prashanth K (2): usb: dwc3: host: Set XHCI_SG_TRB_CACHE_SIZE_QUIRK usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK Prathu Baronia (1): vhost: use kzalloc() instead of kmalloc() followed by memset() Praveen Kaligineedi (1): gve: Fix use-after-free vulnerability Puliang Lu (1): USB: serial: option: add Fibocom FM101-GL variant Qiang Yu (1): bus: mhi: host: Drop chan lock before queuing buffers Qu Wenruo (2): btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args btrfs: do not ASSERT() if the newly created subvolume already got read Radek Krejci (1): modpost: trim leading spaces when processing source files list Rafael J. Wysocki (5): async: Split async_schedule_node_domain() async: Introduce async_schedule_dev_nocall() PM: sleep: Fix possible deadlocks in core system-wide PM code cpufreq: intel_pstate: Drop redundant intel_pstate_get_hwp_cap() call cpufreq: intel_pstate: Refine computation of P-state for given frequency Richard Palethorpe (1): x86/entry/ia32: Ensure s32 is sign extended to s64 Rishabh Dave (1): ceph: prevent use-after-free in encode_cap_msg() Rob Clark (1): drm/msm/dpu: Ratelimit framedone timeout msgs Rolf Eike Beer (1): mm: use __pfn_to_section() instead of open coding it Rui Zhang (1): regulator: core: Only increment use_count when enable_count changes Ryusuke Konishi (4): nilfs2: fix data corruption in dsync block recovery for small block sizes nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() nilfs2: fix potential bug in end_buffer_async_write nilfs2: replace WARN_ONs for invalid DAT metadata block requests Salvatore Dipietro (1): tcp: Add memory barrier to tcp_push() Samasth Norway Ananda (1): Revert "selftests/bpf: Test tail call counting with bpf2bpf and data on stack" Samuel Holland (1): scs: add CONFIG_MMU dependency for vfree_atomic() Schspa Shi (1): scripts/decode_stacktrace.sh: support old bash version Sean Young (1): media: rc: bpf attach/detach requires write permission Serge Semin (1): mips: Fix max_mapnr being uninitialized on early stages Shannon Nelson (1): ionic: pass opcode to devcmd_wait Sharath Srinivasan (1): net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv Shenwei Wang (1): net: fec: fix the unhandled context fault from smmu Shigeru Yoshida (1): tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() Shiji Yang (1): wifi: rt2x00: restart beacon queue when hardware reset Shuai Xue (1): ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events Shun Hao (1): net/mlx5: DR, Align mlx5dv_dr API vport action with FW behavior Simon Horman (1): net: stmmac: xgmac: use #define for string constants Sinthu Raja (2): net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio net: ethernet: ti: cpsw_new: enable mac_managed_pm to fix mdio Sjoerd Simons (1): bus: moxtet: Add spi device table Souradeep Chakrabarti (1): hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove Srinivas Pandruvada (1): iio: hid-sensor-als: Return 0 for HID_USAGE_SENSOR_TIME_TIMESTAMP Srinivasan Shanmugam (5): drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' drm/amd/display: Implement bounds check for stream encoder creation in DCN301 Stephen Rothwell (2): powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE drm: using mul_u32_u32() requires linux/math64.h Steve Wahl (1): x86/mm/ident_map: Use gbpages only where full GB page should be mapped. Steven Rostedt (Google) (2): tracing: Fix wasted memory in saved_cmdlines logic tracing: Inform kmemleak of saved_cmdlines allocation Su Hui (3): wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() media: ddbridge: fix an error code problem in ddb_probe scsi: isci: Fix an error code problem in isci_io_request_build() Suman Ghosh (1): octeontx2-af: Fix max NPC MCAM entry check while validating ref_entry Suraj Jitindar Singh (1): ext4: allow for the last group to be marked as trimmed Takashi Iwai (3): ALSA: hda: Refer to correct stream index at loops fbdev: Fix invalid page access after closing deferred I/O devices fbdev: Fix incorrect page mapping clearance at fb_deferred_io_release() Takashi Sakamoto (1): firewire: core: correct documentation of fw_csr_string() kernel API Tatsunosuke Tobita (1): HID: wacom: generic: Avoid reporting a serial of '0' to userspace Tejun Heo (1): blk-iocost: Fix an UBSAN shift-out-of-bounds warning Thinh Nguyen (6): usb: dwc3: gadget: Wait for ep0 xfers to complete during dequeue usb: dwc3: ep0: Don't prepare beyond Setup stage usb: dwc3: gadget: Only End Transfer for ep0 data phase usb: dwc3: gadget: Delay issuing End Transfer usb: dwc3: gadget: Don't delay End Transfer on delayed_status usb: dwc3: gadget: Ignore End Transfer delay on teardown Thomas Bourgoin (1): crypto: stm32/crc32 - fix parsing list of devices Thomas Zimmermann (4): fbdev/defio: Early-out if page is already enlisted fbdev: Don't sort deferred-I/O pages by default fbdev: Track deferred-I/O pages in pageref struct fbdev: Rename pagelist to pagereflist for deferred I/O Tianjia Zhang (1): crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init Tim Chen (1): tick/sched: Preserve number of idle sleeps across CPU hotplug events Tobias Waldekranz (1): net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error path Tomi Valkeinen (6): drm/tidss: Fix atomic_flush check drm/drm_file: fix use of uninitialized variable drm/framebuffer: Fix use of uninitialized variable drm/mipi-dsi: Fix detach call without attach media: rkisp1: Drop IRQF_SHARED media: Revert "media: rkisp1: Drop IRQF_SHARED" Tony Lindgren (1): phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP Uttkarsh Aggarwal (1): usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend Uwe Kleine-König (1): spi: ppc4xx: Drop write-only variable Vegard Nossum (1): scripts/get_abi: fix source path leak Ville Syrjälä (1): drm: Don't unref the same fb many times by mistake due to deadlock handling Vincent Donnefort (1): ring-buffer: Clean ring_buffer_poll_wait() error return Vitaly Rodionov (1): ALSA: hda/cs8409: Suppress vmaster control for Dolphin models Wang, Beyond (1): drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap Weichen Chen (1): pstore/ram: Fix crash when setting number of cpus to an odd number Wen Gu (1): net/smc: fix illegal rmb_desc access in SMC-D connection dump Wenhua Lin (1): gpio: eic-sprd: Clear interrupt after set the interrupt type Werner Fischer (1): watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 Werner Sembach (1): Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU Wesley Cheng (7): usb: dwc3: gadget: Force sending delayed status during soft disconnect usb: dwc3: gadget: Submit endxfer command if delayed during disconnect usb: dwc3: gadget: Stall and restart EP0 if host is unresponsive usb: dwc3: gadget: Refactor EP0 forced stall/restart into a separate API usb: dwc3: gadget: Handle EP0 request dequeuing properly usb: dwc3: gadget: Queue PM runtime idle on disconnect event usb: dwc3: gadget: Execute gadget stop after halting the controller Xi Ruoyao (1): mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan Xiaolei Wang (1): rpmsg: virtio: Free driver_override when rpmsg_remove() Xiaowu.ding (1): mailbox: arm_mhuv2: Fix a bug for mhuv2_sender_interrupt Xiubo Li (1): ceph: fix deadlock or deadcode of misusing dget() Yafang Shao (1): selftests/bpf: Fix issues in setup_classid_environment() Ye Bin (1): ext4: fix inconsistent between segment fstrim and full fstrim Yevgeny Kliteynik (3): net/mlx5: DR, Use the right GVMI number for drop action net/mlx5: DR, Replace local WIRE_PORT macro with the existing MLX5_VPORT_UPLINK net/mlx5: DR, Can't go to uplink vport on RX rule Yonghong Song (1): selftests/bpf: Fix pyperf180 compilation failure with clang18 Yoshihiro Shimoda (1): phy: renesas: rcar-gen3-usb2: Fix returning wrong error code Yuluo Qiu (1): ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Zach O'Keefe (1): mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again Zenm Chen (1): wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Zhang Rui (2): hwmon: (coretemp) Fix out-of-bounds memory access hwmon: (coretemp) Fix bogus core_id to attr name mapping Zheng Wang (1): media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run Zhengchao Shao (5): tcp: make sure init the accept_queue's spinlocks once netlink: fix potential sleeping issue in mqueue_flush_file ipv6: init the accept_queue's spinlocks in inet6_create bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk bonding: remove print in bond_verify_device_path Zhihao Cheng (1): ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path Zhipeng Lu (6): net/mlx5e: fix a double-free in arfs_create_groups fjes: fix memleaks in fjes_hw_setup net: ipv4: fix a memleak in ip_setup_cork atm: idt77252: fix a memleak in open_card_ubr0 octeontx2-pf: Fix a memleak otx2_sq_init media: ir_toy: fix a memleak in irtoy_tx Zhiquan Li (1): x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel Zhu Yanjun (1): virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings Zijun Hu (1): Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066 Ziqi Zhao (1): can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock bo liu (2): ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 ALSA: hda/conexant: Add quirk for SWS JS201D ching Huang (1): scsi: arcmsr: Support new PCI device IDs 1883 and 1886 yuan linyu (1): usb: f_mass_storage: forbid async queue when shutdown happen zhili.liu (1): iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC

1 year, 6 months

1
1
0 0

[PATCH] LoongArch: Update cpu_sibling_map when disabling nonboot CPUs

by Huacai Chen

Update cpu_sibling_map when disabling nonboot CPUs by defining & calling clear_cpu_sibling_map(), otherwise we get such errors on SMT systems: jump label: negative count! WARNING: CPU: 6 PID: 45 at kernel/jump_label.c:263 __static_key_slow_dec_cpuslocked+0xec/0x100 CPU: 6 PID: 45 Comm: cpuhp/6 Not tainted 6.8.0-rc5+ #1340 pc 90000000004c302c ra 90000000004c302c tp 90000001005bc000 sp 90000001005bfd20 a0 000000000000001b a1 900000000224c278 a2 90000001005bfb58 a3 900000000224c280 a4 900000000224c278 a5 90000001005bfb50 a6 0000000000000001 a7 0000000000000001 t0 ce87a4763eb5234a t1 ce87a4763eb5234a t2 0000000000000000 t3 0000000000000000 t4 0000000000000006 t5 0000000000000000 t6 0000000000000064 t7 0000000000001964 t8 000000000009ebf6 u0 9000000001f2a068 s9 0000000000000000 s0 900000000246a2d8 s1 ffffffffffffffff s2 ffffffffffffffff s3 90000000021518c0 s4 0000000000000040 s5 9000000002151058 s6 9000000009828e40 s7 00000000000000b4 s8 0000000000000006 ra: 90000000004c302c __static_key_slow_dec_cpuslocked+0xec/0x100 ERA: 90000000004c302c __static_key_slow_dec_cpuslocked+0xec/0x100 CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE) PRMD: 00000004 (PPLV0 +PIE -PWE) EUEN: 00000000 (-FPE -SXE -ASXE -BTE) ECFG: 00071c1c (LIE=2-4,10-12 VS=7) ESTAT: 000c0000 [BRK] (IS= ECode=12 EsubCode=0) PRID: 0014d000 (Loongson-64bit, Loongson-3A6000-HV) CPU: 6 PID: 45 Comm: cpuhp/6 Not tainted 6.8.0-rc5+ #1340 Stack : 0000000000000000 900000000203f258 900000000179afc8 90000001005bc000 90000001005bf980 0000000000000000 90000001005bf988 9000000001fe0be0 900000000224c280 900000000224c278 90000001005bf8c0 0000000000000001 0000000000000001 ce87a4763eb5234a 0000000007f38000 90000001003f8cc0 0000000000000000 0000000000000006 0000000000000000 4c206e6f73676e6f 6f4c203a656d616e 000000000009ec99 0000000007f38000 0000000000000000 900000000214b000 9000000001fe0be0 0000000000000004 0000000000000000 0000000000000107 0000000000000009 ffffffffffafdabe 00000000000000b4 0000000000000006 90000000004c302c 9000000000224528 00005555939a0c7c 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1c ... Call Trace: [<9000000000224528>] show_stack+0x48/0x1a0 [<900000000179afc8>] dump_stack_lvl+0x78/0xa0 [<9000000000263ed0>] __warn+0x90/0x1a0 [<90000000017419b8>] report_bug+0x1b8/0x280 [<900000000179c564>] do_bp+0x264/0x420 [<90000000004c302c>] __static_key_slow_dec_cpuslocked+0xec/0x100 [<90000000002b4d7c>] sched_cpu_deactivate+0x2fc/0x300 [<9000000000266498>] cpuhp_invoke_callback+0x178/0x8a0 [<9000000000267f70>] cpuhp_thread_fun+0xf0/0x240 [<90000000002a117c>] smpboot_thread_fn+0x1dc/0x2e0 [<900000000029a720>] kthread+0x140/0x160 [<9000000000222288>] ret_from_kernel_thread+0xc/0xa4 Cc: stable(a)vger.kernel.org Signed-off-by: Huacai Chen <chenhuacai(a)loongson.cn> --- arch/loongarch/kernel/smp.c | 121 ++++++++++++++++++++---------------- 1 file changed, 68 insertions(+), 53 deletions(-) diff --git a/arch/loongarch/kernel/smp.c b/arch/loongarch/kernel/smp.c index 87b7190fe48e..aabee0b280fe 100644 --- a/arch/loongarch/kernel/smp.c +++ b/arch/loongarch/kernel/smp.c @@ -88,6 +88,73 @@ void show_ipi_list(struct seq_file *p, int prec) } } +static inline void set_cpu_core_map(int cpu) +{ + int i; + + cpumask_set_cpu(cpu, &cpu_core_setup_map); + + for_each_cpu(i, &cpu_core_setup_map) { + if (cpu_data[cpu].package == cpu_data[i].package) { + cpumask_set_cpu(i, &cpu_core_map[cpu]); + cpumask_set_cpu(cpu, &cpu_core_map[i]); + } + } +} + +static inline void set_cpu_sibling_map(int cpu) +{ + int i; + + cpumask_set_cpu(cpu, &cpu_sibling_setup_map); + + for_each_cpu(i, &cpu_sibling_setup_map) { + if (cpus_are_siblings(cpu, i)) { + cpumask_set_cpu(i, &cpu_sibling_map[cpu]); + cpumask_set_cpu(cpu, &cpu_sibling_map[i]); + } + } +} + +static inline void clear_cpu_sibling_map(int cpu) +{ + int i; + + for_each_cpu(i, &cpu_sibling_setup_map) { + if (cpus_are_siblings(cpu, i)) { + cpumask_clear_cpu(i, &cpu_sibling_map[cpu]); + cpumask_clear_cpu(cpu, &cpu_sibling_map[i]); + } + } + + cpumask_clear_cpu(cpu, &cpu_sibling_setup_map); +} + +/* + * Calculate a new cpu_foreign_map mask whenever a + * new cpu appears or disappears. + */ +void calculate_cpu_foreign_map(void) +{ + int i, k, core_present; + cpumask_t temp_foreign_map; + + /* Re-calculate the mask */ + cpumask_clear(&temp_foreign_map); + for_each_online_cpu(i) { + core_present = 0; + for_each_cpu(k, &temp_foreign_map) + if (cpus_are_siblings(i, k)) + core_present = 1; + if (!core_present) + cpumask_set_cpu(i, &temp_foreign_map); + } + + for_each_online_cpu(i) + cpumask_andnot(&cpu_foreign_map[i], + &temp_foreign_map, &cpu_sibling_map[i]); +} + /* Send mailbox buffer via Mail_Send */ static void csr_mail_send(uint64_t data, int cpu, int mailbox) { @@ -303,6 +370,7 @@ int loongson_cpu_disable(void) numa_remove_cpu(cpu); #endif set_cpu_online(cpu, false); + clear_cpu_sibling_map(cpu); calculate_cpu_foreign_map(); local_irq_save(flags); irq_migrate_all_off_this_cpu(); @@ -380,59 +448,6 @@ static int __init ipi_pm_init(void) core_initcall(ipi_pm_init); #endif -static inline void set_cpu_sibling_map(int cpu) -{ - int i; - - cpumask_set_cpu(cpu, &cpu_sibling_setup_map); - - for_each_cpu(i, &cpu_sibling_setup_map) { - if (cpus_are_siblings(cpu, i)) { - cpumask_set_cpu(i, &cpu_sibling_map[cpu]); - cpumask_set_cpu(cpu, &cpu_sibling_map[i]); - } - } -} - -static inline void set_cpu_core_map(int cpu) -{ - int i; - - cpumask_set_cpu(cpu, &cpu_core_setup_map); - - for_each_cpu(i, &cpu_core_setup_map) { - if (cpu_data[cpu].package == cpu_data[i].package) { - cpumask_set_cpu(i, &cpu_core_map[cpu]); - cpumask_set_cpu(cpu, &cpu_core_map[i]); - } - } -} - -/* - * Calculate a new cpu_foreign_map mask whenever a - * new cpu appears or disappears. - */ -void calculate_cpu_foreign_map(void) -{ - int i, k, core_present; - cpumask_t temp_foreign_map; - - /* Re-calculate the mask */ - cpumask_clear(&temp_foreign_map); - for_each_online_cpu(i) { - core_present = 0; - for_each_cpu(k, &temp_foreign_map) - if (cpus_are_siblings(i, k)) - core_present = 1; - if (!core_present) - cpumask_set_cpu(i, &temp_foreign_map); - } - - for_each_online_cpu(i) - cpumask_andnot(&cpu_foreign_map[i], - &temp_foreign_map, &cpu_sibling_map[i]); -} - /* Preload SMP state for boot cpu */ void smp_prepare_boot_cpu(void) { -- 2.43.0

1 year, 6 months

1
0
0 0

Linux 5.4.269

by Greg Kroah-Hartman

I'm announcing the release of the 5.4.269 kernel. All users of the 5.4 kernel series must upgrade. The updated 5.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-class-net-queues | 22 Documentation/filesystems/directory-locking.rst | 25 Documentation/filesystems/locking.rst | 5 Documentation/filesystems/porting.rst | 18 Documentation/sound/soc/dapm.rst | 2 Makefile | 2 arch/arm/boot/dts/imx1-ads.dts | 2 arch/arm/boot/dts/imx1-apf9328.dts | 2 arch/arm/boot/dts/imx1.dtsi | 5 arch/arm/boot/dts/imx23-sansa.dts | 12 arch/arm/boot/dts/imx23.dtsi | 2 arch/arm/boot/dts/imx25-eukrea-cpuimx25.dtsi | 2 arch/arm/boot/dts/imx25-eukrea-mbimxsd25-baseboard-cmo-qvga.dts | 2 arch/arm/boot/dts/imx25-eukrea-mbimxsd25-baseboard-dvi-svga.dts | 2 arch/arm/boot/dts/imx25-eukrea-mbimxsd25-baseboard-dvi-vga.dts | 2 arch/arm/boot/dts/imx25-pdk.dts | 2 arch/arm/boot/dts/imx27-apf27dev.dts | 4 arch/arm/boot/dts/imx27-eukrea-cpuimx27.dtsi | 4 arch/arm/boot/dts/imx27-eukrea-mbimxsd27-baseboard.dts | 2 arch/arm/boot/dts/imx27-phytec-phycard-s-rdk.dts | 2 arch/arm/boot/dts/imx27-phytec-phycore-rdk.dts | 2 arch/arm/boot/dts/imx27-phytec-phycore-som.dtsi | 2 arch/arm/boot/dts/imx27.dtsi | 3 arch/arm/boot/dts/imx28.dtsi | 2 arch/arm/boot/dts/imx7d.dtsi | 3 arch/arm/boot/dts/imx7s.dtsi | 10 arch/arm/boot/dts/rk3036.dtsi | 14 arch/arm64/boot/dts/qcom/msm8996.dtsi | 21 arch/arm64/boot/dts/qcom/msm8998.dtsi | 32 - arch/arm64/boot/dts/qcom/sdm845.dtsi | 8 arch/ia64/kernel/topology.c | 5 arch/ia64/mm/numa.c | 5 arch/mips/include/asm/checksum.h | 3 arch/mips/include/asm/mmzone.h | 6 arch/mips/kernel/elf.c | 6 arch/mips/mm/init.c | 15 arch/nds32/include/asm/memory.h | 6 arch/parisc/kernel/firmware.c | 4 arch/powerpc/include/asm/mmu.h | 4 arch/powerpc/include/asm/mmzone.h | 3 arch/powerpc/kernel/traps.c | 2 arch/powerpc/lib/Makefile | 4 arch/powerpc/lib/sstep.c | 10 arch/powerpc/mm/book3s64/pgtable.c | 2 arch/powerpc/mm/init-common.c | 5 arch/s390/kernel/ptrace.c | 6 arch/s390/kvm/kvm-s390.c | 5 arch/um/drivers/net_kern.c | 2 arch/um/include/shared/kern_util.h | 2 arch/um/kernel/process.c | 2 arch/um/os-Linux/helper.c | 6 arch/um/os-Linux/util.c | 19 arch/x86/Kconfig.cpu | 2 arch/x86/include/asm/syscall_wrapper.h | 25 arch/x86/kernel/cpu/amd.c | 20 arch/x86/kernel/cpu/mce/core.c | 16 arch/x86/mm/ident_map.c | 23 arch/xtensa/include/asm/page.h | 4 block/bio.c | 9 block/blk-mq.c | 16 crypto/algapi.c | 1 drivers/acpi/acpi_extlog.c | 5 drivers/acpi/acpi_video.c | 9 drivers/android/binder.c | 10 drivers/atm/idt77252.c | 2 drivers/base/power/domain.c | 2 drivers/base/power/runtime.c | 22 drivers/block/rbd.c | 22 drivers/bus/moxtet.c | 7 drivers/char/hw_random/core.c | 34 - drivers/clk/hisilicon/clk-hi3620.c | 4 drivers/clk/mmp/clk-of-pxa168.c | 3 drivers/crypto/stm32/stm32-crc32.c | 2 drivers/dma/fsl-qdma.c | 27 - drivers/firewire/core-device.c | 7 drivers/gpio/gpio-eic-sprd.c | 32 + drivers/gpio/gpiolib-acpi.c | 14 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_sync.c | 3 drivers/gpu/drm/bridge/nxp-ptn3460.c | 6 drivers/gpu/drm/drm_file.c | 2 drivers/gpu/drm/drm_framebuffer.c | 2 drivers/gpu/drm/drm_mipi_dsi.c | 17 drivers/gpu/drm/drm_plane.c | 1 drivers/gpu/drm/exynos/exynos5433_drm_decon.c | 4 drivers/gpu/drm/exynos/exynos_drm_drv.c | 11 drivers/gpu/drm/exynos/exynos_drm_fimd.c | 4 drivers/gpu/drm/exynos/exynos_drm_gsc.c | 2 drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 5 drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 1 drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 drivers/gpu/drm/nouveau/nouveau_vmm.c | 3 drivers/hid/hid-apple.c | 63 ++ drivers/hid/hid-ids.h | 1 drivers/hid/hid-quirks.c | 1 drivers/hid/wacom_sys.c | 63 +- drivers/hid/wacom_wac.c | 9 drivers/hwmon/aspeed-pwm-tacho.c | 7 drivers/hwmon/coretemp.c | 40 - drivers/i2c/busses/i2c-i801.c | 19 drivers/i3c/master/i3c-master-cdns.c | 7 drivers/iio/magnetometer/rm3100-core.c | 10 drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 7 drivers/input/keyboard/atkbd.c | 13 drivers/irqchip/irq-brcmstb-l2.c | 5 drivers/leds/trigger/ledtrig-panic.c | 5 drivers/md/md.c | 54 +- drivers/md/raid5.c | 12 drivers/media/pci/ddbridge/ddbridge-main.c | 2 drivers/media/platform/rockchip/rga/rga.c | 15 drivers/media/usb/stk1160/stk1160-video.c | 5 drivers/mfd/Kconfig | 1 drivers/misc/fastrpc.c | 2 drivers/mmc/core/block.c | 46 + drivers/mmc/core/slot-gpio.c | 6 drivers/mtd/nand/raw/gpmi-nand/gpmi-nand.c | 2 drivers/mtd/nand/spi/macronix.c | 2 drivers/net/bonding/bond_alb.c | 3 drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 1 drivers/net/ethernet/broadcom/genet/bcmgenet.c | 22 drivers/net/ethernet/broadcom/genet/bcmgenet.h | 3 drivers/net/ethernet/broadcom/genet/bcmmii.c | 6 drivers/net/ethernet/cisco/enic/enic_ethtool.c | 1 drivers/net/ethernet/freescale/fec_main.c | 2 drivers/net/ethernet/intel/i40e/i40e_main.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c | 36 - drivers/net/ethernet/intel/ixgbe/ixgbe_82599.c | 61 +- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 177 +++--- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 44 - drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c | 34 - drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 1 drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 105 ++- drivers/net/ethernet/intel/ixgbe/ixgbe_phy.h | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 51 - drivers/net/ethernet/intel/ixgbe/ixgbe_x540.c | 45 - drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 149 ++--- drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c | 26 drivers/net/ethernet/mellanox/mlx5/core/steering/dr_action.c | 1 drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c | 2 drivers/net/ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c | 6 drivers/net/ethernet/stmicro/stmmac/common.h | 1 drivers/net/ethernet/stmicro/stmmac/dwxgmac2.h | 3 drivers/net/ethernet/stmicro/stmmac/dwxgmac2_core.c | 58 ++ drivers/net/fjes/fjes_hw.c | 37 + drivers/net/ppp/ppp_async.c | 4 drivers/net/virtio_net.c | 9 drivers/net/wan/lmc/lmc_proto.c | 4 drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 5 drivers/net/wireless/ralink/rt2x00/rt2x00dev.c | 3 drivers/net/wireless/ralink/rt2x00/rt2x00mac.c | 11 drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 12 drivers/net/wireless/realtek/rtlwifi/rtl8723ae/phy.c | 6 drivers/net/wireless/realtek/rtlwifi/rtl8723be/phy.c | 4 drivers/net/xen-netback/netback.c | 84 +-- drivers/of/unittest-data/Makefile | 8 drivers/of/unittest-data/overlay_gpio_01.dts | 23 drivers/of/unittest-data/overlay_gpio_02a.dts | 16 drivers/of/unittest-data/overlay_gpio_02b.dts | 16 drivers/of/unittest-data/overlay_gpio_03.dts | 23 drivers/of/unittest-data/overlay_gpio_04a.dts | 16 drivers/of/unittest-data/overlay_gpio_04b.dts | 16 drivers/of/unittest.c | 265 +++++++++- drivers/pci/controller/pcie-mediatek.c | 10 drivers/pci/pcie/aer.c | 9 drivers/pci/quirks.c | 24 drivers/pci/switch/switchtec.c | 25 drivers/phy/renesas/phy-rcar-gen3-usb2.c | 4 drivers/phy/ti/phy-omap-usb2.c | 4 drivers/pnp/pnpacpi/rsparser.c | 12 drivers/regulator/core.c | 56 +- drivers/rpmsg/virtio_rpmsg_bus.c | 1 drivers/scsi/fcoe/fcoe_ctlr.c | 20 drivers/scsi/isci/request.c | 2 drivers/scsi/libfc/fc_fcp.c | 18 drivers/scsi/lpfc/lpfc.h | 1 drivers/scsi/lpfc/lpfc_init.c | 4 drivers/spi/spi-bcm-qspi.c | 4 drivers/spi/spi-ppc4xx.c | 5 drivers/staging/iio/impedance-analyzer/ad5933.c | 2 drivers/tty/serial/max310x.c | 21 drivers/tty/serial/sc16is7xx.c | 8 drivers/usb/core/hub.c | 34 - drivers/usb/gadget/function/f_mass_storage.c | 20 drivers/usb/serial/cp210x.c | 1 drivers/usb/serial/option.c | 1 drivers/usb/serial/qcserial.c | 2 drivers/vhost/vhost.c | 5 fs/afs/dir.c | 8 fs/afs/server.c | 7 fs/btrfs/extent-tree.c | 3 fs/btrfs/ioctl.c | 9 fs/btrfs/qgroup.c | 14 fs/btrfs/ref-verify.c | 6 fs/btrfs/send.c | 2 fs/btrfs/tree-checker.c | 2 fs/ceph/caps.c | 9 fs/compat_ioctl.c | 3 fs/dcache.c | 7 fs/ecryptfs/inode.c | 8 fs/ext4/mballoc.c | 26 fs/ext4/move_extent.c | 6 fs/ext4/resize.c | 37 - fs/f2fs/recovery.c | 23 fs/inode.c | 32 + fs/jfs/jfs_dmap.c | 57 +- fs/jfs/jfs_dtree.c | 7 fs/jfs/jfs_imap.c | 3 fs/jfs/jfs_mount.c | 6 fs/kernfs/dir.c | 12 fs/namei.c | 144 ++++- fs/nilfs2/file.c | 8 fs/nilfs2/recovery.c | 7 fs/nilfs2/segment.c | 8 fs/ocfs2/namei.c | 1 fs/pstore/ram.c | 1 fs/ubifs/dir.c | 2 include/drm/drm_mipi_dsi.h | 2 include/linux/bpf.h | 6 include/linux/dmaengine.h | 3 include/linux/fs.h | 1 include/linux/gfp.h | 4 include/linux/hrtimer.h | 4 include/linux/lsm_hooks.h | 9 include/linux/netfilter/ipset/ip_set.h | 4 include/linux/pci_ids.h | 1 include/linux/pm_runtime.h | 9 include/linux/security.h | 9 include/linux/spi/spi.h | 1 include/linux/syscalls.h | 1 include/linux/units.h | 92 +++ include/net/af_unix.h | 20 include/net/llc_pdu.h | 6 include/net/netfilter/nf_tables.h | 4 include/uapi/linux/btrfs.h | 3 include/uapi/linux/netfilter/nf_tables.h | 2 kernel/audit.c | 31 - kernel/bpf/arraymap.c | 12 kernel/bpf/hashtab.c | 6 kernel/bpf/map_in_map.c | 2 kernel/bpf/map_in_map.h | 2 kernel/events/core.c | 38 - kernel/power/swap.c | 38 - kernel/sched/membarrier.c | 9 kernel/time/hrtimer.c | 3 kernel/time/tick-sched.c | 5 kernel/trace/ring_buffer.c | 2 kernel/trace/trace.c | 78 +- kernel/trace/trace_events_trigger.c | 6 kernel/trace/tracing_map.c | 7 mm/page-writeback.c | 2 net/8021q/vlan_netlink.c | 4 net/can/j1939/j1939-priv.h | 1 net/can/j1939/socket.c | 22 net/core/skbuff.c | 3 net/ipv4/af_inet.c | 6 net/ipv4/ip_output.c | 12 net/ipv4/tcp.c | 1 net/ipv6/addrconf_core.c | 21 net/iucv/af_iucv.c | 14 net/llc/af_llc.c | 26 net/llc/llc_core.c | 7 net/netfilter/ipset/ip_set_bitmap_gen.h | 14 net/netfilter/ipset/ip_set_core.c | 39 + net/netfilter/ipset/ip_set_hash_gen.h | 19 net/netfilter/ipset/ip_set_list_set.c | 13 net/netfilter/nf_log.c | 7 net/netfilter/nf_tables_api.c | 20 net/netfilter/nft_byteorder.c | 5 net/netfilter/nft_compat.c | 23 net/netfilter/nft_ct.c | 27 + net/netfilter/nft_flow_offload.c | 5 net/netfilter/nft_meta.c | 2 net/netfilter/nft_nat.c | 5 net/netfilter/nft_rt.c | 5 net/netfilter/nft_set_rbtree.c | 7 net/netfilter/nft_socket.c | 5 net/netfilter/nft_synproxy.c | 7 net/netfilter/nft_tproxy.c | 5 net/netfilter/nft_xfrm.c | 5 net/netlink/af_netlink.c | 2 net/nfc/nci/core.c | 4 net/rds/af_rds.c | 2 net/rxrpc/conn_event.c | 8 net/rxrpc/conn_service.c | 3 net/smc/smc_diag.c | 2 net/sunrpc/xprtmultipath.c | 17 net/tipc/bearer.c | 6 net/unix/af_unix.c | 14 net/unix/diag.c | 2 net/wireless/scan.c | 4 scripts/link-vmlinux.sh | 9 security/security.c | 17 security/selinux/hooks.c | 28 + security/smack/smack_lsm.c | 1 security/tomoyo/tomoyo.c | 1 sound/pci/hda/hda_intel.c | 2 sound/pci/hda/patch_conexant.c | 18 sound/pci/hda/patch_realtek.c | 1 sound/soc/codecs/rt5645.c | 1 tools/lib/subcmd/help.c | 18 tools/testing/selftests/bpf/progs/pyperf180.c | 22 tools/testing/selftests/bpf/test_btf.c | 1 tools/testing/selftests/net/pmtu.sh | 18 virt/kvm/arm/vgic/vgic-its.c | 5 307 files changed, 2951 insertions(+), 1287 deletions(-) Akinobu Mita (1): include/linux/units.h: add helpers for kelvin to/from Celsius conversion Al Viro (2): rename(): fix the locking of subdirectories fast_dput(): handle underflows gracefully Aleksander Mazur (1): x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 Alex Henrie (1): HID: apple: Add support for the 2021 Magic Keyboard Alex Lyakas (1): md: Whenassemble the array, consult the superblock of the freshest device Alexander Stein (4): ARM: dts: imx7d: Fix coresight funnel ports ARM: dts: imx7s: Fix lcdif compatible ARM: dts: imx7s: Fix nand-controller #size-cells mmc: slot-gpio: Allow non-sleeping GPIO ro Alexey Khoroshilov (1): ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() Alfred Piccioni (1): lsm: new security_file_ioctl_compat() hook Andrii Nakryiko (1): selftests/bpf: satisfy compiler by having explicit return in btf test Anna Schumaker (1): SUNRPC: Fix a suspicious RCU usage warning Anton Ivanov (1): um: Fix naming clash between UML and scheduler Arnd Bergmann (1): drm/exynos: fix accidental on-stack copy of exynos_drm_plane Avri Altman (1): mmc: core: Use mrq.sbc in close-ended ffu Baokun Li (4): ext4: unify the type of flexbg_size to unsigned int ext4: remove unnecessary check from alloc_flex_gd() ext4: avoid online resizing failures due to oversized flex bg ext4: fix double-free of blocks due to wrong extents moved_len Benjamin Berg (3): wifi: cfg80211: free beacon_ies when overridden from hidden BSS um: Don't use vfprintf() for os_info() HID: apple: Add 2021 magic keyboard FN key mapping Bjorn Helgaas (1): PCI/AER: Decode Requester ID when no error info found Boris Burkov (2): btrfs: forbid creating subvol qgroups btrfs: forbid deleting live subvol qgroup Breno Leitao (1): net: sysfs: Fix /sys/class/net/<iface> path Carlos Llamas (1): binder: signal epoll threads of self-work Chao Yu (1): f2fs: fix to check return value of f2fs_reserve_new_block() Chris Riches (1): audit: Send netlink ACK before setting connection in auditd_set Christian A. Ehrhardt (1): of: unittest: Fix compile in the non-dynamic case Christoph Hellwig (1): block: prevent an integer overflow in bvec_try_merge_hw_page Christophe JAILLET (3): ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA Chung-Chiang Cheng (1): btrfs: tree-checker: fix inline ref size in error messages Cristian Ciocaltea (1): ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Dan Carpenter (3): drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking drm/bridge: nxp-ptn3460: simplify some error checking netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() Daniel Basilio (1): nfp: use correct macro for LengthSelect in BAR config Daniel Lezcano (3): units: Add Watt units units: change from 'L' to 'UL' units: add the HZ macros Daniel Stodden (1): PCI: switchtec: Fix stdev_release() crash after surprise hot remove Daniel Vacek (1): IB/ipoib: Fix mcast list locking Daniel de Villiers (1): nfp: flower: prevent re-adding mac index for bonded port Dave Airlie (1): nouveau/vmm: don't set addr on the fail path to avoid warning David Howells (2): afs: Hide silly-rename files from userspace rxrpc: Fix response to PING RESPONSE ACKs to a dead call David Schiller (1): staging: iio: ad5933: fix type mismatch regression David Sterba (2): btrfs: don't warn if discard range is not aligned to sector btrfs: send: return EOPNOTSUPP on unknown flags Denis Efremov (1): net/mlx5: Use kfree(ft->g) in arfs_create_groups() Dmitry Antipov (1): PNP: ACPI: fix fortify warning Dmitry Baryshkov (1): PM: runtime: add devm_pm_runtime_enable helper Doug Berger (1): irqchip/irq-brcmstb-l2: Add write memory barrier before exit Douglas Anderson (2): drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time PM: runtime: Have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL Edward Adam Davis (3): jfs: fix uaf in jfs_evict_inode jfs: fix array-index-out-of-bounds in diNewExt wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Ekansh Gupta (1): misc: fastrpc: Mark all sessions as invalid in cb_remove Eric Dumazet (6): llc: make llc_ui_sendmsg() more robust against bonding changes llc: call sock_orphan() at release time af_unix: fix lockdep positive in sk_diag_dump_icons() inet: read sk->sk_family once in inet_recv_error() ppp_async: limit MRU to 64K net: prevent mss overflow in skb_segment() Fabio Estevam (8): ARM: dts: imx25/27-eukrea: Fix RTC node name ARM: dts: imx: Use flash@0,0 pattern ARM: dts: imx27: Fix sram node ARM: dts: imx1: Fix sram node ARM: dts: imx25/27: Pass timing0 ARM: dts: imx27-apf27dev: Fix LED name ARM: dts: imx23-sansa: Use preferred i2c-gpios properties ARM: dts: imx23/28: Fix the DMA controller node name Fedor Pchelkin (3): btrfs: ref-verify: free ref cache before clearing mount opt drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume nfc: nci: free rx_data_reassembly skb on NCI device cleanup Felix Kuehling (1): drm/amdgpu: Let KFD sync with VM fences Florian Fainelli (1): net: bcmgenet: Fix EEE implementation Florian Westphal (2): netfilter: nf_tables: restrict anonymous set and map names to 16 bytes netfilter: nf_tables: reject QUEUE/DROP verdict parameters Frank Li (1): dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV Frank Rowand (3): of: unittest: add overlay gpio test to catch gpio hog problem of: unittest: fix EXPECT text for gpio hog errors of: gpio unittest kfree() wrong object Frederic Weisbecker (1): hrtimer: Report offline hrtimer enqueue Furong Xu (2): net: stmmac: xgmac: fix handling of DPP safety error for DMA channels net: stmmac: xgmac: fix a typo of register name in DPP safety handling Gabriel Krisman Bertazi (1): ecryptfs: Reject casefold directory inodes Ghanshyam Agrawal (1): media: stk1160: Fixed high volume of stk1160_dbg messages Greg KH (1): perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file Greg Kroah-Hartman (1): Linux 5.4.269 Guenter Roeck (1): MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler Guilherme G. Piccoli (1): PCI: Only override AMD USB controller if required Hannes Reinecke (2): scsi: libfc: Don't schedule abort twice scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hans de Goede (1): Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID Hardik Gajjar (1): usb: hub: Replace hardcoded quirk value with BIT() macro Harshit Shah (1): i3c: master: cdns: Update maximum prescaler value for i2c clock Heiko Carstens (2): s390/ptrace: handle setting of fpc register correctly KVM: s390: fix setting of fpc register Heiner Kallweit (2): leds: trigger: panic: Don't register panic notifier if creating the trigger failed i2c: i801: Remove i801_set_block_buffer_mode Helge Deller (2): parisc/firmware: Fix F-extend for PDC addresses ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Herbert Xu (2): crypto: api - Disallow identical driver names hwrng: core - Fix page fault dead lock on mmap-ed hwrng Hongchen Zhang (1): PM: hibernate: Enforce ordering during image compression/decompression Hou Tao (1): bpf: Add map and need_defer parameters to .map_fd_put_ptr() Hugo Villeneuve (4): serial: sc16is7xx: set safe default SPI clock frequency serial: sc16is7xx: add check for unsupported SPI modes during probe serial: max310x: set default value when reading clock ready bit serial: max310x: improve crystal stable clock detection Ian Rogers (1): libsubcmd: Fix memory leak in uniq() Ido Schimmel (1): PCI: Add no PM reset quirk for NVIDIA Spectrum devices Ilya Dryomov (1): rbd: don't move requests to the running list on errors Ivan Vecera (1): i40e: Fix waiting for queues of all VSIs to be disabled Jack Wang (1): RDMA/IPoIB: Fix error code return in ipoib_mcast_join JackBB Wu (1): USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e JaimeLiao (1): mtd: spinand: macronix: Fix MX35LFxGE4AD page size Jan Beulich (1): xen-netback: properly sync TX responses Jason Gerecke (1): HID: wacom: Do not register input devices until after hid_hw_start Jean Delvare (1): i2c: i801: Fix block process call transactions Jedrzej Jagielski (2): ixgbe: Refactor returning internal error codes ixgbe: Refactor overtemp event handling Johan Hovold (1): arm64: dts: qcom: sdm845: fix USB wakeup interrupt types Johan Jonker (1): ARM: dts: rockchip: fix rk3036 hdmi ports node Jozsef Kadlecsik (2): netfilter: ipset: fix performance regression in swap operation netfilter: ipset: Missing gc cancellations fixed Julian Wiedmann (1): net/af_iucv: clean up a try_then_request_module() Junxiao Bi (1): Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" Justin Tee (1): scsi: lpfc: Fix possible file string name overflow when updating firmware Kamal Dasu (1): spi: bcm-qspi: fix SFDP BFPT read by usig mspi read Konrad Dybcio (2): pmdomain: core: Move the unused cleanup to a _sync initcall drm/msm/dsi: Enable runtime PM Kuan-Wei Chiu (2): clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() Kuniyuki Iwashima (1): llc: Drop support for ETH_P_TR_802_2. Kunwu Chan (1): powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Lee Duncan (1): scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" Leonard Dallmayr (1): USB: serial: cp210x: add ID for IMST iM871A-USB Lin Ma (1): vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING Linus Torvalds (1): sched/membarrier: reduce the ability to hammer on sys_membarrier Loic Prylli (1): hwmon: (aspeed-pwm-tacho) mutex for tach reading Maciej S. Szmigiero (1): x86/CPU/AMD: Fix disabling XSAVES on AMD family 0x17 due to erratum Manas Ghandat (2): jfs: fix slab-out-of-bounds Read in dtSearch jfs: fix array-index-out-of-bounds in dbAdjTree Mao Jinlong (2): arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property Mario Limonciello (1): gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 Masami Hiramatsu (Google) (1): tracing/trigger: Fix to return error if failed to alloc snapshot Matthew Wilcox (Oracle) (1): block: Remove special-casing of compound pages Max Kellermann (1): fs/kernfs/dir: obey S_ISGID Max Krummenacher (1): Revert "Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting"" Michael Ellerman (2): powerpc: Fix build error due to is_valid_bugaddr() powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() Michael Tretter (1): media: rockchip: rga: fix swizzling for RGB formats Mike Rapoport (1): arch, mm: remove stale mentions of DISCONIGMEM Ming Lei (1): blk-mq: fix IO hang from sbitmap wakeup race Minsuk Kang (1): wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Nathan Chancellor (3): powerpc: Use always instead of always-y in for crtsavres.o um: net: Fix return type of uml_net_start_xmit() kbuild: Fix changing ELF file type for output of gen_btf for big endian Naveen N Rao (1): powerpc/lib: Validate size for vector operations Oleg Nesterov (2): afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleksij Rempel (2): spi: introduce SPI_MODE_X_MASK macro can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Oliver Neukum (1): USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT Oliver Upton (1): KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache Osama Muhammad (2): FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree UBSAN: array-index-out-of-bounds in dtSplitRoot Pablo Neira Ayuso (7): netfilter: nf_tables: validate NFPROTO_* family netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations netfilter: nft_compat: reject unused compat flag netfilter: nft_compat: restrict match/target protocol to u16 netfilter: nft_ct: reject direction for ct id netfilter: nft_set_rbtree: skip end interval element from gc Paolo Abeni (1): selftests: net: avoid just another constant wait Peter Robinson (1): mfd: ti_am335x_tscadc: Fix TI SoC dependencies Peter Zijlstra (1): perf: Fix the nr_addr_filters fix Petr Pavlu (1): tracing: Ensure visibility when inserting an element into tracing_map Pierre-Louis Bossart (2): PCI: add INTEL_HDA_ARL to pci_ids.h ALSA: hda: Intel: add HDA_ARL PCI ID support Piotr Skajewski (1): ixgbe: Remove non-inclusive language Prarit Bhargava (1): ACPI: extlog: fix NULL pointer dereference check Prathu Baronia (1): vhost: use kzalloc() instead of kmalloc() followed by memset() Puliang Lu (1): USB: serial: option: add Fibocom FM101-GL variant Qu Wenruo (1): btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args Richard Palethorpe (1): x86/entry/ia32: Ensure s32 is sign extended to s64 Rob Clark (1): drm/msm/dpu: Ratelimit framedone timeout msgs Rui Zhang (1): regulator: core: Only increment use_count when enable_count changes Ryusuke Konishi (3): nilfs2: fix data corruption in dsync block recovery for small block sizes nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() nilfs2: fix potential bug in end_buffer_async_write Salvatore Dipietro (1): tcp: Add memory barrier to tcp_push() Serge Semin (1): mips: Fix max_mapnr being uninitialized on early stages Sharath Srinivasan (1): net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv Shenwei Wang (1): net: fec: fix the unhandled context fault from smmu Shigeru Yoshida (1): tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() Shiji Yang (1): wifi: rt2x00: restart beacon queue when hardware reset Simon Horman (1): net: stmmac: xgmac: use #define for string constants Sjoerd Simons (1): bus: moxtet: Add spi device table Srinivasan Shanmugam (2): drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' Stephen Rothwell (1): powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE Steve Wahl (1): x86/mm/ident_map: Use gbpages only where full GB page should be mapped. Steven Rostedt (Google) (2): tracing: Fix wasted memory in saved_cmdlines logic tracing: Inform kmemleak of saved_cmdlines allocation Su Hui (3): wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() media: ddbridge: fix an error code problem in ddb_probe scsi: isci: Fix an error code problem in isci_io_request_build() Suraj Jitindar Singh (1): ext4: allow for the last group to be marked as trimmed Takashi Sakamoto (1): firewire: core: correct documentation of fw_csr_string() kernel API Tatsunosuke Tobita (1): HID: wacom: generic: Avoid reporting a serial of '0' to userspace Thomas Bourgoin (1): crypto: stm32/crc32 - fix parsing list of devices Tim Chen (1): tick/sched: Preserve number of idle sleeps across CPU hotplug events Tom Rix (1): net: remove unneeded break Tomi Valkeinen (3): drm/drm_file: fix use of uninitialized variable drm/framebuffer: Fix use of uninitialized variable drm/mipi-dsi: Fix detach call without attach Tony Lindgren (1): phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP Uwe Kleine-König (1): spi: ppc4xx: Drop write-only variable Ville Syrjälä (1): drm: Don't unref the same fb many times by mistake due to deadlock handling Vincent Donnefort (1): ring-buffer: Clean ring_buffer_poll_wait() error return Weichen Chen (1): pstore/ram: Fix crash when setting number of cpus to an odd number Wen Gu (1): net/smc: fix illegal rmb_desc access in SMC-D connection dump Wenhua Lin (1): gpio: eic-sprd: Clear interrupt after set the interrupt type Xi Ruoyao (1): mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan Xiaolei Wang (1): rpmsg: virtio: Free driver_override when rpmsg_remove() Xiubo Li (1): ceph: fix deadlock or deadcode of misusing dget() Yang Xu (2): fs: add mode_strip_sgid() helper fs: move S_ISGID stripping into the vfs_*() helpers Ye Bin (1): ext4: fix inconsistent between segment fstrim and full fstrim Yevgeny Kliteynik (1): net/mlx5: DR, Use the right GVMI number for drop action Yonghong Song (1): selftests/bpf: Fix pyperf180 compilation failure with clang18 Yoshihiro Shimoda (1): phy: renesas: rcar-gen3-usb2: Fix returning wrong error code Yuluo Qiu (1): ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Zach O'Keefe (1): mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again Zenm Chen (1): wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Zhang Rui (2): hwmon: (coretemp) Fix out-of-bounds memory access hwmon: (coretemp) Fix bogus core_id to attr name mapping Zhengchao Shao (3): netlink: fix potential sleeping issue in mqueue_flush_file bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk bonding: remove print in bond_verify_device_path Zhihao Cheng (1): ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path Zhipeng Lu (4): net/mlx5e: fix a double-free in arfs_create_groups fjes: fix memleaks in fjes_hw_setup net: ipv4: fix a memleak in ip_setup_cork atm: idt77252: fix a memleak in open_card_ubr0 Zhiquan Li (1): x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel Zhu Yanjun (1): virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings bo liu (1): ALSA: hda/conexant: Add quirk for SWS JS201D free5lot (1): HID: apple: Swap the Fn and Left Control keys on Apple keyboards qizhong cheng (1): PCI: mediatek: Clear interrupt status before dispatching handler yuan linyu (1): usb: f_mass_storage: forbid async queue when shutdown happen zhili.liu (1): iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC

1 year, 6 months

1
1
0 0

Linux 4.19.307

by Greg Kroah-Hartman

I'm announcing the release of the 4.19.307 kernel. All users of the 4.19 kernel series must upgrade. The updated 4.19.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.19.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-class-net-queues | 22 - Documentation/ABI/testing/sysfs-class-net-statistics | 60 +++- Documentation/sound/soc/dapm.rst | 2 Makefile | 2 arch/arm/boot/dts/imx1-ads.dts | 2 arch/arm/boot/dts/imx1-apf9328.dts | 2 arch/arm/boot/dts/imx1.dtsi | 5 arch/arm/boot/dts/imx23-sansa.dts | 12 arch/arm/boot/dts/imx23.dtsi | 2 arch/arm/boot/dts/imx25-eukrea-cpuimx25.dtsi | 2 arch/arm/boot/dts/imx27-apf27dev.dts | 2 arch/arm/boot/dts/imx27-eukrea-cpuimx27.dtsi | 4 arch/arm/boot/dts/imx27-phytec-phycore-som.dtsi | 2 arch/arm/boot/dts/imx27.dtsi | 3 arch/arm/boot/dts/imx28.dtsi | 2 arch/arm/boot/dts/imx7s.dtsi | 4 arch/arm/boot/dts/rk3036.dtsi | 14 - arch/mips/include/asm/checksum.h | 3 arch/mips/kernel/elf.c | 6 arch/parisc/kernel/firmware.c | 4 arch/powerpc/include/asm/mmu.h | 4 arch/powerpc/include/asm/mmzone.h | 3 arch/powerpc/kernel/traps.c | 2 arch/powerpc/lib/Makefile | 4 arch/powerpc/lib/sstep.c | 10 arch/powerpc/mm/init-common.c | 5 arch/s390/kernel/ptrace.c | 6 arch/s390/kvm/kvm-s390.c | 5 arch/um/drivers/net_kern.c | 2 arch/um/include/shared/kern_util.h | 2 arch/um/kernel/process.c | 2 arch/um/os-Linux/helper.c | 6 arch/um/os-Linux/util.c | 19 + arch/x86/Kconfig.cpu | 2 arch/x86/include/asm/syscall_wrapper.h | 25 + arch/x86/kernel/cpu/amd.c | 20 - arch/x86/mm/ident_map.c | 23 + block/bio.c | 5 block/blk-mq.c | 16 + crypto/algapi.c | 1 drivers/acpi/acpi_extlog.c | 5 drivers/acpi/acpi_video.c | 9 drivers/android/binder.c | 10 drivers/atm/idt77252.c | 2 drivers/base/core.c | 44 +++ drivers/base/power/domain.c | 2 drivers/char/hw_random/core.c | 34 +- drivers/clk/hisilicon/clk-hi3620.c | 4 drivers/clk/mmp/clk-of-pxa168.c | 3 drivers/crypto/stm32/stm32_crc32.c | 2 drivers/firewire/core-device.c | 7 drivers/gpio/gpio-eic-sprd.c | 32 ++ drivers/gpio/gpiolib-acpi.c | 14 + drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_sync.c | 3 drivers/gpu/drm/bridge/nxp-ptn3460.c | 6 drivers/gpu/drm/drm_file.c | 2 drivers/gpu/drm/drm_framebuffer.c | 2 drivers/gpu/drm/drm_mipi_dsi.c | 17 + drivers/gpu/drm/drm_plane.c | 1 drivers/gpu/drm/exynos/exynos_drm_drv.c | 11 drivers/gpu/drm/exynos/exynos_drm_gsc.c | 2 drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 5 drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 1 drivers/gpu/drm/nouveau/nouveau_vmm.c | 3 drivers/hid/hid-apple.c | 63 ++++ drivers/hid/hid-ids.h | 1 drivers/hid/hid-quirks.c | 1 drivers/hid/wacom_sys.c | 63 +++- drivers/hid/wacom_wac.c | 9 drivers/hwmon/aspeed-pwm-tacho.c | 7 drivers/hwmon/coretemp.c | 40 +-- drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 7 drivers/input/keyboard/atkbd.c | 13 - drivers/irqchip/irq-brcmstb-l2.c | 3 drivers/leds/trigger/ledtrig-panic.c | 5 drivers/md/md.c | 54 +++- drivers/md/raid5.c | 12 drivers/media/pci/ddbridge/ddbridge-main.c | 2 drivers/media/platform/rockchip/rga/rga.c | 15 - drivers/media/usb/stk1160/stk1160-video.c | 5 drivers/mfd/Kconfig | 1 drivers/net/bonding/bond_alb.c | 3 drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 1 drivers/net/ethernet/cisco/enic/enic_ethtool.c | 1 drivers/net/ethernet/freescale/fec_main.c | 2 drivers/net/ethernet/intel/i40e/i40e_main.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c | 36 +- drivers/net/ethernet/intel/ixgbe/ixgbe_82599.c | 61 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 177 ++++++-------- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 44 +-- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c | 34 +- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 1 drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 105 ++++---- drivers/net/ethernet/intel/ixgbe/ixgbe_phy.h | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 51 ---- drivers/net/ethernet/intel/ixgbe/ixgbe_x540.c | 45 +-- drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 149 ++++++----- drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c | 26 +- drivers/net/ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c | 6 drivers/net/fjes/fjes_hw.c | 37 ++ drivers/net/ppp/ppp_async.c | 4 drivers/net/virtio_net.c | 9 drivers/net/wan/lmc/lmc_proto.c | 4 drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 5 drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 12 drivers/net/wireless/realtek/rtlwifi/rtl8723ae/phy.c | 6 drivers/net/wireless/realtek/rtlwifi/rtl8723be/phy.c | 4 drivers/net/xen-netback/netback.c | 84 +++--- drivers/pci/controller/pcie-mediatek.c | 10 drivers/pci/quirks.c | 24 + drivers/phy/ti/phy-omap-usb2.c | 4 drivers/pnp/pnpacpi/rsparser.c | 12 drivers/rpmsg/virtio_rpmsg_bus.c | 1 drivers/scsi/fcoe/fcoe_ctlr.c | 20 - drivers/scsi/isci/request.c | 2 drivers/scsi/libfc/fc_fcp.c | 18 - drivers/scsi/lpfc/lpfc.h | 1 drivers/scsi/lpfc/lpfc_init.c | 4 drivers/spi/spi-ppc4xx.c | 5 drivers/staging/iio/impedance-analyzer/ad5933.c | 2 drivers/tty/serial/max310x.c | 21 + drivers/tty/serial/sc16is7xx.c | 8 drivers/usb/core/hub.c | 34 +- drivers/usb/gadget/function/f_mass_storage.c | 20 + drivers/usb/serial/cp210x.c | 1 drivers/usb/serial/option.c | 1 drivers/usb/serial/qcserial.c | 2 drivers/vhost/vhost.c | 5 fs/afs/server.c | 7 fs/btrfs/extent-tree.c | 3 fs/btrfs/ioctl.c | 9 fs/btrfs/send.c | 2 fs/ceph/caps.c | 9 fs/compat_ioctl.c | 3 fs/dcache.c | 7 fs/ext4/mballoc.c | 26 +- fs/ext4/move_extent.c | 6 fs/ext4/resize.c | 37 +- fs/f2fs/recovery.c | 23 + fs/jfs/jfs_dmap.c | 57 ++-- fs/jfs/jfs_dtree.c | 7 fs/jfs/jfs_imap.c | 3 fs/jfs/jfs_mount.c | 6 fs/nilfs2/file.c | 8 fs/nilfs2/recovery.c | 7 fs/nilfs2/segment.c | 8 fs/pstore/ram.c | 1 include/drm/drm_mipi_dsi.h | 2 include/linux/bpf.h | 6 include/linux/device.h | 3 include/linux/dmaengine.h | 3 include/linux/hrtimer.h | 4 include/linux/lsm_hooks.h | 9 include/linux/pci_ids.h | 1 include/linux/security.h | 9 include/linux/spi/spi.h | 1 include/linux/syscalls.h | 1 include/linux/units.h | 92 +++++++ include/net/af_unix.h | 20 + include/net/llc_pdu.h | 6 include/uapi/linux/btrfs.h | 3 include/uapi/linux/netfilter/nf_tables.h | 2 kernel/audit.c | 31 +- kernel/bpf/arraymap.c | 12 kernel/bpf/hashtab.c | 6 kernel/bpf/map_in_map.c | 2 kernel/bpf/map_in_map.h | 2 kernel/power/swap.c | 38 +-- kernel/sched/membarrier.c | 6 kernel/time/hrtimer.c | 3 kernel/time/tick-sched.c | 5 kernel/trace/ring_buffer.c | 2 kernel/trace/trace_events_trigger.c | 6 kernel/trace/tracing_map.c | 7 mm/page-writeback.c | 2 net/8021q/vlan_netlink.c | 4 net/ipv4/af_inet.c | 6 net/ipv4/ip_output.c | 12 net/ipv4/tcp.c | 1 net/ipv6/addrconf_core.c | 21 + net/iucv/af_iucv.c | 14 - net/llc/af_llc.c | 26 +- net/llc/llc_core.c | 7 net/netfilter/nf_log.c | 7 net/netfilter/nf_tables_api.c | 20 - net/netfilter/nft_byteorder.c | 5 net/netfilter/nft_compat.c | 11 net/netlink/af_netlink.c | 2 net/nfc/nci/core.c | 4 net/rds/af_rds.c | 2 net/rxrpc/conn_event.c | 8 net/rxrpc/conn_service.c | 3 net/sched/sch_cbs.c | 30 +- net/smc/smc_diag.c | 2 net/sunrpc/xprtmultipath.c | 17 + net/tipc/bearer.c | 6 net/unix/af_unix.c | 14 - net/unix/diag.c | 2 net/wireless/scan.c | 4 security/security.c | 17 + security/selinux/hooks.c | 28 ++ security/smack/smack_lsm.c | 1 security/tomoyo/tomoyo.c | 1 sound/pci/hda/hda_intel.c | 2 sound/pci/hda/patch_conexant.c | 18 + sound/soc/codecs/rt5645.c | 1 tools/lib/subcmd/help.c | 18 + 211 files changed, 1781 insertions(+), 998 deletions(-) Akinobu Mita (1): include/linux/units.h: add helpers for kelvin to/from Celsius conversion Al Viro (1): fast_dput(): handle underflows gracefully Aleksander Mazur (1): x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 Alex Henrie (1): HID: apple: Add support for the 2021 Magic Keyboard Alex Lyakas (1): md: Whenassemble the array, consult the superblock of the freshest device Alexander Stein (2): ARM: dts: imx7s: Fix lcdif compatible ARM: dts: imx7s: Fix nand-controller #size-cells Alexey Khoroshilov (1): ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() Alfred Piccioni (1): lsm: new security_file_ioctl_compat() hook Andrzej Hajda (1): driver core: add device probe log helper Andy Shevchenko (1): driver core: Annotate dev_err_probe() with __must_check Anna Schumaker (1): SUNRPC: Fix a suspicious RCU usage warning Anton Ivanov (1): um: Fix naming clash between UML and scheduler Baokun Li (4): ext4: unify the type of flexbg_size to unsigned int ext4: remove unnecessary check from alloc_flex_gd() ext4: avoid online resizing failures due to oversized flex bg ext4: fix double-free of blocks due to wrong extents moved_len Benjamin Berg (3): wifi: cfg80211: free beacon_ies when overridden from hidden BSS um: Don't use vfprintf() for os_info() HID: apple: Add 2021 magic keyboard FN key mapping Boris Burkov (1): btrfs: forbid creating subvol qgroups Breno Leitao (2): net: sysfs: Fix /sys/class/net/<iface> path net: sysfs: Fix /sys/class/net/<iface> path for statistics Carlos Llamas (1): binder: signal epoll threads of self-work Chao Yu (1): f2fs: fix to check return value of f2fs_reserve_new_block() Chris Riches (1): audit: Send netlink ACK before setting connection in auditd_set Christophe JAILLET (1): ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() Cristian Ciocaltea (1): ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Dan Carpenter (3): drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking drm/bridge: nxp-ptn3460: simplify some error checking netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() Daniel Basilio (1): nfp: use correct macro for LengthSelect in BAR config Daniel Lezcano (3): units: Add Watt units units: change from 'L' to 'UL' units: add the HZ macros Daniel Vacek (1): IB/ipoib: Fix mcast list locking Dave Airlie (1): nouveau/vmm: don't set addr on the fail path to avoid warning David Howells (1): rxrpc: Fix response to PING RESPONSE ACKs to a dead call David Schiller (1): staging: iio: ad5933: fix type mismatch regression David Sterba (2): btrfs: don't warn if discard range is not aligned to sector btrfs: send: return EOPNOTSUPP on unknown flags Denis Efremov (1): net/mlx5: Use kfree(ft->g) in arfs_create_groups() Dmitry Antipov (1): PNP: ACPI: fix fortify warning Doug Berger (1): irqchip/irq-brcmstb-l2: Add write memory barrier before exit Douglas Anderson (1): drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time Edward Adam Davis (3): jfs: fix uaf in jfs_evict_inode jfs: fix array-index-out-of-bounds in diNewExt wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Eric Dumazet (5): llc: make llc_ui_sendmsg() more robust against bonding changes llc: call sock_orphan() at release time af_unix: fix lockdep positive in sk_diag_dump_icons() inet: read sk->sk_family once in inet_recv_error() ppp_async: limit MRU to 64K Fabio Estevam (7): ARM: dts: imx25/27-eukrea: Fix RTC node name ARM: dts: imx: Use flash@0,0 pattern ARM: dts: imx27: Fix sram node ARM: dts: imx1: Fix sram node ARM: dts: imx27-apf27dev: Fix LED name ARM: dts: imx23-sansa: Use preferred i2c-gpios properties ARM: dts: imx23/28: Fix the DMA controller node name Fedor Pchelkin (2): drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume nfc: nci: free rx_data_reassembly skb on NCI device cleanup Felix Kuehling (1): drm/amdgpu: Let KFD sync with VM fences Florian Westphal (2): netfilter: nf_tables: restrict anonymous set and map names to 16 bytes netfilter: nf_tables: reject QUEUE/DROP verdict parameters Frank Li (1): dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV Frederic Weisbecker (1): hrtimer: Report offline hrtimer enqueue Ghanshyam Agrawal (1): media: stk1160: Fixed high volume of stk1160_dbg messages Greg Kroah-Hartman (2): Revert "driver core: Annotate dev_err_probe() with __must_check" Linux 4.19.307 Guenter Roeck (1): MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler Guilherme G. Piccoli (1): PCI: Only override AMD USB controller if required Hannes Reinecke (2): scsi: libfc: Don't schedule abort twice scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hans de Goede (1): Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID Hardik Gajjar (1): usb: hub: Replace hardcoded quirk value with BIT() macro Heiko Carstens (2): s390/ptrace: handle setting of fpc register correctly KVM: s390: fix setting of fpc register Heiner Kallweit (1): leds: trigger: panic: Don't register panic notifier if creating the trigger failed Helge Deller (2): parisc/firmware: Fix F-extend for PDC addresses ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Herbert Xu (2): crypto: api - Disallow identical driver names hwrng: core - Fix page fault dead lock on mmap-ed hwrng Hongchen Zhang (1): PM: hibernate: Enforce ordering during image compression/decompression Hou Tao (1): bpf: Add map and need_defer parameters to .map_fd_put_ptr() Hugo Villeneuve (4): serial: sc16is7xx: set safe default SPI clock frequency serial: sc16is7xx: add check for unsupported SPI modes during probe serial: max310x: set default value when reading clock ready bit serial: max310x: improve crystal stable clock detection Ian Rogers (1): libsubcmd: Fix memory leak in uniq() Ido Schimmel (1): PCI: Add no PM reset quirk for NVIDIA Spectrum devices Ivan Vecera (1): i40e: Fix waiting for queues of all VSIs to be disabled Jack Wang (1): RDMA/IPoIB: Fix error code return in ipoib_mcast_join JackBB Wu (1): USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e Jan Beulich (1): xen-netback: properly sync TX responses Jason Gerecke (1): HID: wacom: Do not register input devices until after hid_hw_start Jedrzej Jagielski (2): ixgbe: Refactor returning internal error codes ixgbe: Refactor overtemp event handling Johan Jonker (1): ARM: dts: rockchip: fix rk3036 hdmi ports node Julian Wiedmann (2): net/af_iucv: clean up a try_then_request_module() Documentation: net-sysfs: describe missing statistics Junxiao Bi (1): Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" Justin Tee (1): scsi: lpfc: Fix possible file string name overflow when updating firmware Konrad Dybcio (1): pmdomain: core: Move the unused cleanup to a _sync initcall Kuan-Wei Chiu (2): clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() Kuniyuki Iwashima (1): llc: Drop support for ETH_P_TR_802_2. Kunwu Chan (1): powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Lee Duncan (1): scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" Leonard Dallmayr (1): USB: serial: cp210x: add ID for IMST iM871A-USB Lin Ma (1): vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING Linus Torvalds (1): sched/membarrier: reduce the ability to hammer on sys_membarrier Loic Prylli (1): hwmon: (aspeed-pwm-tacho) mutex for tach reading Maciej S. Szmigiero (1): x86/CPU/AMD: Fix disabling XSAVES on AMD family 0x17 due to erratum Manas Ghandat (2): jfs: fix slab-out-of-bounds Read in dtSearch jfs: fix array-index-out-of-bounds in dbAdjTree Mario Limonciello (1): gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 Masami Hiramatsu (Google) (1): tracing/trigger: Fix to return error if failed to alloc snapshot Matthew Wilcox (Oracle) (1): block: Remove special-casing of compound pages Mauro Carvalho Chehab (1): drivers: core: fix kernel-doc markup for dev_err_probe() Michael Ellerman (2): powerpc: Fix build error due to is_valid_bugaddr() powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() Michael Tretter (1): media: rockchip: rga: fix swizzling for RGB formats Michał Mirosław (1): driver code: print symbolic error code Ming Lei (1): blk-mq: fix IO hang from sbitmap wakeup race Minsuk Kang (1): wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Nathan Chancellor (2): powerpc: Use always instead of always-y in for crtsavres.o um: net: Fix return type of uml_net_start_xmit() Naveen N Rao (1): powerpc/lib: Validate size for vector operations Oleg Nesterov (2): afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleksij Rempel (1): spi: introduce SPI_MODE_X_MASK macro Oliver Neukum (1): USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT Osama Muhammad (2): FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree UBSAN: array-index-out-of-bounds in dtSplitRoot Pablo Neira Ayuso (3): netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger netfilter: nft_compat: reject unused compat flag netfilter: nft_compat: restrict match/target protocol to u16 Peter Robinson (1): mfd: ti_am335x_tscadc: Fix TI SoC dependencies Petr Pavlu (1): tracing: Ensure visibility when inserting an element into tracing_map Pierre-Louis Bossart (2): PCI: add INTEL_HDA_ARL to pci_ids.h ALSA: hda: Intel: add HDA_ARL PCI ID support Piotr Skajewski (1): ixgbe: Remove non-inclusive language Prarit Bhargava (1): ACPI: extlog: fix NULL pointer dereference check Prathu Baronia (1): vhost: use kzalloc() instead of kmalloc() followed by memset() Puliang Lu (1): USB: serial: option: add Fibocom FM101-GL variant Qu Wenruo (1): btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args Richard Palethorpe (1): x86/entry/ia32: Ensure s32 is sign extended to s64 Rob Clark (1): drm/msm/dpu: Ratelimit framedone timeout msgs Ryusuke Konishi (3): nilfs2: fix data corruption in dsync block recovery for small block sizes nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() nilfs2: fix potential bug in end_buffer_async_write Salvatore Dipietro (1): tcp: Add memory barrier to tcp_push() Sharath Srinivasan (1): net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv Shenwei Wang (1): net: fec: fix the unhandled context fault from smmu Shigeru Yoshida (1): tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() Srinivasan Shanmugam (2): drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' Steve Wahl (1): x86/mm/ident_map: Use gbpages only where full GB page should be mapped. Su Hui (3): wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() media: ddbridge: fix an error code problem in ddb_probe scsi: isci: Fix an error code problem in isci_io_request_build() Suraj Jitindar Singh (1): ext4: allow for the last group to be marked as trimmed Takashi Sakamoto (1): firewire: core: correct documentation of fw_csr_string() kernel API Tatsunosuke Tobita (1): HID: wacom: generic: Avoid reporting a serial of '0' to userspace Thomas Bourgoin (1): crypto: stm32/crc32 - fix parsing list of devices Tim Chen (1): tick/sched: Preserve number of idle sleeps across CPU hotplug events Tom Rix (1): net: remove unneeded break Tomi Valkeinen (3): drm/drm_file: fix use of uninitialized variable drm/framebuffer: Fix use of uninitialized variable drm/mipi-dsi: Fix detach call without attach Tony Lindgren (1): phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP Uwe Kleine-König (1): spi: ppc4xx: Drop write-only variable Ville Syrjälä (1): drm: Don't unref the same fb many times by mistake due to deadlock handling Vincent Donnefort (1): ring-buffer: Clean ring_buffer_poll_wait() error return Vinicius Costa Gomes (1): net/sched: cbs: Fix not adding cbs instance to list Weichen Chen (1): pstore/ram: Fix crash when setting number of cpus to an odd number Wen Gu (1): net/smc: fix illegal rmb_desc access in SMC-D connection dump Wenhua Lin (1): gpio: eic-sprd: Clear interrupt after set the interrupt type Xi Ruoyao (1): mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan Xiaolei Wang (1): rpmsg: virtio: Free driver_override when rpmsg_remove() Xiubo Li (1): ceph: fix deadlock or deadcode of misusing dget() Ye Bin (1): ext4: fix inconsistent between segment fstrim and full fstrim Yuluo Qiu (1): ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Zach O'Keefe (1): mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again Zenm Chen (1): wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Zhang Rui (2): hwmon: (coretemp) Fix out-of-bounds memory access hwmon: (coretemp) Fix bogus core_id to attr name mapping Zhengchao Shao (3): netlink: fix potential sleeping issue in mqueue_flush_file bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk bonding: remove print in bond_verify_device_path Zhipeng Lu (4): net/mlx5e: fix a double-free in arfs_create_groups fjes: fix memleaks in fjes_hw_setup net: ipv4: fix a memleak in ip_setup_cork atm: idt77252: fix a memleak in open_card_ubr0 Zhu Yanjun (1): virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings bo liu (1): ALSA: hda/conexant: Add quirk for SWS JS201D free5lot (1): HID: apple: Swap the Fn and Left Control keys on Apple keyboards qizhong cheng (1): PCI: mediatek: Clear interrupt status before dispatching handler yuan linyu (1): usb: f_mass_storage: forbid async queue when shutdown happen

1 year, 6 months

1
1
0 0

[REGRESSION 6.1.70] system calls with CIFS mounts failing with "Resource temporarily unavailable"

by Leonardo Brondani Schenkel

I'm new here, first time reporting a regression, apologies in advance if I'm doing something wrong of if this was already reported (I found some CIFS issues but not exactly this one). I'm using x86-64 Arch Linux and LTS kernel (6.1.71 as I write this) and I noticed a regression that I could reproduce in other boxes with other architectures as well (aarch64 with 6.1.70). # mount.cifs //server/share /mnt # mount //server/share on /mnt type cifs (rw,relatime,vers=3.1.1...) # cd /mnt # df . df: .: Resource temporarily unavailable # ls -al ls: .: Resource temporarily unavailable ls: file1: Resource temporarily unavailable ls: file2: Resource temporarily unavailable [...then ls shows the listing...] If I use strace with df, the problem is: statfs(".", 0x.....) = -1 EAGAIN (Resource temporarily unavailable) And with ls: listxattr(".", 0x..., 152): -1 EAGAIN (Resource temporarily unavailable) listxattr("file1", ..., 152): -1 EAGAIN (same as above) ... Initially I thought the problem was with the Samba server and/or the client mount flags, but I've spent a day trying a *lot* of different combinations and nothing worked. This happens with any share that I try, and I've tried mounting shares from multiple Linux boxes running different Samba and kernel versions. Then I tried changing kernel versions at my client box. I booted latest 6.6.9 and the problem simply disappeared. My Debian server with 6.5.11 also doesn't have it. I then started a VM and tried a "bisection" of 6.1.x versions, leading to kernel 6.1.70 when this started to happen. 6.1.69 and older look fine. I hope that this is enough information to reproduce this issue. I will be glad to provide more info if necessary. // Leonardo.

1 year, 6 months

6
14
0 0

[PATCH v2] mm, mmap: fix vma_merge() case 7 with vma_ops->close

by Vlastimil Babka

When debugging issues with a workload using SysV shmem, Michal Hocko has come up with a reproducer that shows how a series of mprotect() operations can result in an elevated shm_nattch and thus leak of the resource. The problem is caused by wrong assumptions in vma_merge() commit 714965ca8252 ("mm/mmap: start distinguishing if vma can be removed in mergeability test"). The shmem vmas have a vma_ops->close callback that decrements shm_nattch, and we remove the vma without calling it. vma_merge() has thus historically avoided merging vma's with vma_ops->close and commit 714965ca8252 was supposed to keep it that way. It relaxed the checks for vma_ops->close in can_vma_merge_after() assuming that it is never called on a vma that would be a candidate for removal. However, the vma_merge() code does also use the result of this check in the decision to remove a different vma in the merge case 7. A robust solution would be to refactor vma_merge() code in a way that the vma_ops->close check is only done for vma's that are actually going to be removed, and not as part of the preliminary checks. That would both solve the existing bug, and also allow additional merges that the checks currently prevent unnecessarily in some cases. However to fix the existing bug first with a minimized risk, and for easier stable backports, this patch only adds a vma_ops->close check to the buggy case 7 specifically. All other cases of vma removal are covered by the can_vma_merge_before() check that includes the test for vma_ops->close. The reproducer code, adapted from Michal Hocko's code: int main(int argc, char *argv[]) { int segment_id; size_t segment_size = 20 * PAGE_SIZE; char * sh_mem; struct shmid_ds shmid_ds; key_t key = 0x1234; segment_id = shmget(key, segment_size, IPC_CREAT | IPC_EXCL | S_IRUSR | S_IWUSR); sh_mem = (char *)shmat(segment_id, NULL, 0); mprotect(sh_mem + 2*PAGE_SIZE, PAGE_SIZE, PROT_NONE); mprotect(sh_mem + PAGE_SIZE, PAGE_SIZE, PROT_WRITE); mprotect(sh_mem + 2*PAGE_SIZE, PAGE_SIZE, PROT_WRITE); shmdt(sh_mem); shmctl(segment_id, IPC_STAT, &shmid_ds); printf("nattch after shmdt(): %lu (expected: 0)\n", shmid_ds.shm_nattch); if (shmctl(segment_id, IPC_RMID, 0)) printf("IPCRM failed %d\n", errno); return (shmid_ds.shm_nattch) ? 1 : 0; } Fixes: 714965ca8252 ("mm/mmap: start distinguishing if vma can be removed in mergeability test") Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> Reported-by: Michal Hocko <mhocko(a)suse.com> Cc: Liam R. Howlett <Liam.Howlett(a)oracle.com> Cc: Lorenzo Stoakes <lstoakes(a)gmail.com> Cc: <stable(a)vger.kernel.org> --- v2: deduplicate code, per Lorenzo mm/mmap.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/mm/mmap.c b/mm/mmap.c index d89770eaab6b..3281287771c9 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -954,13 +954,21 @@ static struct vm_area_struct } else if (merge_prev) { /* case 2 */ if (curr) { vma_start_write(curr); - err = dup_anon_vma(prev, curr, &anon_dup); if (end == curr->vm_end) { /* case 7 */ + /* + * can_vma_merge_after() assumed we would not be + * removing prev vma, so it skipped the check + * for vm_ops->close, but we are removing curr + */ + if (curr->vm_ops && curr->vm_ops->close) + err = -EINVAL; remove = curr; } else { /* case 5 */ adjust = curr; adj_start = (end - curr->vm_start); } + if (!err) + err = dup_anon_vma(prev, curr, &anon_dup); } } else { /* merge_next */ vma_start_write(next); -- 2.43.1

1 year, 6 months

3
2
0 0

[PATCH] ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE

by Fabio Estevam

From: Fabio Estevam <festevam(a)denx.de> Since commit bfac19e239a7 ("fbdev: mx3fb: Remove the driver") backlight is no longer functional. The fbdev mx3fb driver used to automatically select CONFIG_BACKLIGHT_CLASS_DEVICE. Now that the mx3fb driver has been removed, enable the CONFIG_BACKLIGHT_CLASS_DEVICE option so that backlight can still work by default. Tested on a imx6dl-sabresd board. Cc: stable(a)vger.kernel.org Fixes: bfac19e239a7 ("fbdev: mx3fb: Remove the driver") Signed-off-by: Fabio Estevam <festevam(a)denx.de> --- arch/arm/configs/imx_v6_v7_defconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm/configs/imx_v6_v7_defconfig b/arch/arm/configs/imx_v6_v7_defconfig index 0a90583f9f01..8f9dbe8d9029 100644 --- a/arch/arm/configs/imx_v6_v7_defconfig +++ b/arch/arm/configs/imx_v6_v7_defconfig @@ -297,6 +297,7 @@ CONFIG_FB_MODE_HELPERS=y CONFIG_LCD_CLASS_DEVICE=y CONFIG_LCD_L4F00242T03=y CONFIG_LCD_PLATFORM=y +CONFIG_BACKLIGHT_CLASS_DEVICE=y CONFIG_BACKLIGHT_PWM=y CONFIG_BACKLIGHT_GPIO=y CONFIG_FRAMEBUFFER_CONSOLE=y -- 2.34.1

1 year, 6 months

3
2
0 0

[merged mm-hotfixes-stable] fat-fix-uninitialized-field-in-nostale-filehandles.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: fat: fix uninitialized field in nostale filehandles has been removed from the -mm tree. Its filename was fat-fix-uninitialized-field-in-nostale-filehandles.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Jan Kara <jack(a)suse.cz> Subject: fat: fix uninitialized field in nostale filehandles Date: Mon, 5 Feb 2024 13:26:26 +0100 When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must be a multiple of 4 so the file handle is actually 12 bytes long and the last two bytes remain uninitialized. This is not great at we potentially leak uninitialized information with the handle to userspace. Properly initialize the full handle length. Link: https://lkml.kernel.org/r/20240205122626.13701-1-jack@suse.cz Reported-by: syzbot+3ce5dea5b1539ff36769(a)syzkaller.appspotmail.com Fixes: ea3983ace6b7 ("fat: restructure export_operations") Signed-off-by: Jan Kara <jack(a)suse.cz> Acked-by: OGAWA Hirofumi <hirofumi(a)mail.parknet.co.jp> Cc: Amir Goldstein <amir73il(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/fat/nfs.c | 6 ++++++ 1 file changed, 6 insertions(+) --- a/fs/fat/nfs.c~fat-fix-uninitialized-field-in-nostale-filehandles +++ a/fs/fat/nfs.c @@ -130,6 +130,12 @@ fat_encode_fh_nostale(struct inode *inod fid->parent_i_gen = parent->i_generation; type = FILEID_FAT_WITH_PARENT; *lenp = FAT_FID_SIZE_WITH_PARENT; + } else { + /* + * We need to initialize this field because the fh is actually + * 12 bytes long + */ + fid->parent_i_pos_hi = 0; } return type; _ Patches currently in -mm which might be from jack(a)suse.cz are shmem-properly-report-quota-mount-options.patch

1 year, 6 months

1
0
0 0

[merged mm-hotfixes-stable] bounds-support-non-power-of-two-config_nr_cpus.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: bounds: support non-power-of-two CONFIG_NR_CPUS has been removed from the -mm tree. Its filename was bounds-support-non-power-of-two-config_nr_cpus.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: "Matthew Wilcox (Oracle)" <willy(a)infradead.org> Subject: bounds: support non-power-of-two CONFIG_NR_CPUS Date: Tue, 10 Oct 2023 15:55:49 +0100 ilog2() rounds down, so for example when PowerPC 85xx sets CONFIG_NR_CPUS to 24, we will only allocate 4 bits to store the number of CPUs instead of 5. Use bits_per() instead, which rounds up. Found by code inspection. The effect of this would probably be a misaccounting when doing NUMA balancing, so to a user, it would only be a performance penalty. The effects may be more wide-spread; it's hard to tell. Link: https://lkml.kernel.org/r/20231010145549.1244748-1-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) <willy(a)infradead.org> Fixes: 90572890d202 ("mm: numa: Change page last {nid,pid} into {cpu,pid}") Reviewed-by: Rik van Riel <riel(a)surriel.com> Acked-by: Mel Gorman <mgorman(a)techsingularity.net> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Ingo Molnar <mingo(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- kernel/bounds.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/kernel/bounds.c~bounds-support-non-power-of-two-config_nr_cpus +++ a/kernel/bounds.c @@ -19,7 +19,7 @@ int main(void) DEFINE(NR_PAGEFLAGS, __NR_PAGEFLAGS); DEFINE(MAX_NR_ZONES, __MAX_NR_ZONES); #ifdef CONFIG_SMP - DEFINE(NR_CPUS_BITS, ilog2(CONFIG_NR_CPUS)); + DEFINE(NR_CPUS_BITS, bits_per(CONFIG_NR_CPUS)); #endif DEFINE(SPINLOCK_SIZE, sizeof(spinlock_t)); #ifdef CONFIG_LRU_GEN _ Patches currently in -mm which might be from willy(a)infradead.org are writeback-remove-a-duplicate-prototype-for-tag_pages_for_writeback.patch writeback-factor-folio_prepare_writeback-out-of-write_cache_pages.patch writeback-factor-writeback_get_batch-out-of-write_cache_pages.patch writeback-simplify-the-loops-in-write_cache_pages.patch pagevec-add-ability-to-iterate-a-queue.patch writeback-use-the-folio_batch-queue-iterator.patch writeback-move-the-folio_prepare_writeback-loop-out-of-write_cache_pages.patch writeback-remove-a-use-of-write_cache_pages-from-do_writepages.patch

1 year, 6 months

1
0
0 0

[PATCH 0/2] Disable automatic load CCS load balancing

by Andi Shyti

Hi, this series does basically two things: 1. Disables automatic load balancing as adviced by the hardware workaround. 2. Assigns all the CCS slices to one single user engine. The user will then be able to query only one CCS engine Changelog ========= - In Patch 1 use the correct workaround number (thanks Matt). - In Patch 2 do not add the extra CCS engines to the exposed UABI engine list and adapt the engine counting accordingly (thanks Tvrtko). - Reword the commit of Patch 2 (thanks John). Andi Shyti (2): drm/i915/gt: Disable HW load balancing for CCS drm/i915/gt: Enable only one CCS for compute workload drivers/gpu/drm/i915/gt/intel_engine_user.c | 9 +++++++++ drivers/gpu/drm/i915/gt/intel_gt.c | 11 +++++++++++ drivers/gpu/drm/i915/gt/intel_gt_regs.h | 3 +++ drivers/gpu/drm/i915/gt/intel_workarounds.c | 6 ++++++ drivers/gpu/drm/i915/i915_query.c | 1 + 5 files changed, 30 insertions(+) -- 2.43.0

1 year, 6 months

3
15
0 0

+ mm-mmap-fix-vma_merge-case-7-with-vma_ops-close.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm, mmap: fix vma_merge() case 7 with vma_ops->close has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-mmap-fix-vma_merge-case-7-with-vma_ops-close.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Vlastimil Babka <vbabka(a)suse.cz> Subject: mm, mmap: fix vma_merge() case 7 with vma_ops->close Date: Thu, 22 Feb 2024 22:59:31 +0100 When debugging issues with a workload using SysV shmem, Michal Hocko has come up with a reproducer that shows how a series of mprotect() operations can result in an elevated shm_nattch and thus leak of the resource. The problem is caused by wrong assumptions in vma_merge() commit 714965ca8252 ("mm/mmap: start distinguishing if vma can be removed in mergeability test"). The shmem vmas have a vma_ops->close callback that decrements shm_nattch, and we remove the vma without calling it. vma_merge() has thus historically avoided merging vma's with vma_ops->close and commit 714965ca8252 was supposed to keep it that way. It relaxed the checks for vma_ops->close in can_vma_merge_after() assuming that it is never called on a vma that would be a candidate for removal. However, the vma_merge() code does also use the result of this check in the decision to remove a different vma in the merge case 7. A robust solution would be to refactor vma_merge() code in a way that the vma_ops->close check is only done for vma's that are actually going to be removed, and not as part of the preliminary checks. That would both solve the existing bug, and also allow additional merges that the checks currently prevent unnecessarily in some cases. However to fix the existing bug first with a minimized risk, and for easier stable backports, this patch only adds a vma_ops->close check to the buggy case 7 specifically. All other cases of vma removal are covered by the can_vma_merge_before() check that includes the test for vma_ops->close. The reproducer code, adapted from Michal Hocko's code: int main(int argc, char *argv[]) { int segment_id; size_t segment_size = 20 * PAGE_SIZE; char * sh_mem; struct shmid_ds shmid_ds; key_t key = 0x1234; segment_id = shmget(key, segment_size, IPC_CREAT | IPC_EXCL | S_IRUSR | S_IWUSR); sh_mem = (char *)shmat(segment_id, NULL, 0); mprotect(sh_mem + 2*PAGE_SIZE, PAGE_SIZE, PROT_NONE); mprotect(sh_mem + PAGE_SIZE, PAGE_SIZE, PROT_WRITE); mprotect(sh_mem + 2*PAGE_SIZE, PAGE_SIZE, PROT_WRITE); shmdt(sh_mem); shmctl(segment_id, IPC_STAT, &shmid_ds); printf("nattch after shmdt(): %lu (expected: 0)\n", shmid_ds.shm_nattch); if (shmctl(segment_id, IPC_RMID, 0)) printf("IPCRM failed %d\n", errno); return (shmid_ds.shm_nattch) ? 1 : 0; } Link: https://lkml.kernel.org/r/20240222215930.14637-2-vbabka@suse.cz Fixes: 714965ca8252 ("mm/mmap: start distinguishing if vma can be removed in mergeability test") Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> Reported-by: Michal Hocko <mhocko(a)suse.com> Reviewed-by: Lorenzo Stoakes <lstoakes(a)gmail.com> Cc: Liam R. Howlett <Liam.Howlett(a)oracle.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/mmap.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) --- a/mm/mmap.c~mm-mmap-fix-vma_merge-case-7-with-vma_ops-close +++ a/mm/mmap.c @@ -954,13 +954,21 @@ static struct vm_area_struct } else if (merge_prev) { /* case 2 */ if (curr) { vma_start_write(curr); - err = dup_anon_vma(prev, curr, &anon_dup); if (end == curr->vm_end) { /* case 7 */ + /* + * can_vma_merge_after() assumed we would not be + * removing prev vma, so it skipped the check + * for vm_ops->close, but we are removing curr + */ + if (curr->vm_ops && curr->vm_ops->close) + err = -EINVAL; remove = curr; } else { /* case 5 */ adjust = curr; adj_start = (end - curr->vm_start); } + if (!err) + err = dup_anon_vma(prev, curr, &anon_dup); } } else { /* merge_next */ vma_start_write(next); _ Patches currently in -mm which might be from vbabka(a)suse.cz are mm-vmscan-prevent-infinite-loop-for-costly-gfp_noio-__gfp_retry_mayfail-allocations.patch mm-mmap-fix-vma_merge-case-7-with-vma_ops-close.patch

1 year, 6 months

1
0
0 0

[PATCH] mm, mmap: fix vma_merge() case 7 with vma_ops->close

by Vlastimil Babka

When debugging issues with a workload using SysV shmem, Michal Hocko has come up with a reproducer that shows how a series of mprotect() operations can result in an elevated shm_nattch and thus leak of the resource. The problem is caused by wrong assumptions in vma_merge() commit 714965ca8252 ("mm/mmap: start distinguishing if vma can be removed in mergeability test"). The shmem vmas have a vma_ops->close callback that decrements shm_nattch, and we remove the vma without calling it. vma_merge() has thus historically avoided merging vma's with vma_ops->close and commit 714965ca8252 was supposed to keep it that way. It relaxed the checks for vma_ops->close in can_vma_merge_after() assuming that it is never called on a vma that would be a candidate for removal. However, the vma_merge() code does also use the result of this check in the decision to remove a different vma in the merge case 7. A robust solution would be to refactor vma_merge() code in a way that the vma_ops->close check is only done for vma's that are actually going to be removed, and not as part of the preliminary checks. That would both solve the existing bug, and also allow additional merges that the checks currently prevent unnecessarily in some cases. However to fix the existing bug first with a minimized risk, and for easier stable backports, this patch only adds a vma_ops->close check to the buggy case 7 specifically. All other cases of vma removal are covered by the can_vma_merge_before() check that includes the test for vma_ops->close. The reproducer code, adapted from Michal Hocko's code: int main(int argc, char *argv[]) { int segment_id; size_t segment_size = 20 * PAGE_SIZE; char * sh_mem; struct shmid_ds shmid_ds; key_t key = 0x1234; segment_id = shmget(key, segment_size, IPC_CREAT | IPC_EXCL | S_IRUSR | S_IWUSR); sh_mem = (char *)shmat(segment_id, NULL, 0); mprotect(sh_mem + 2*PAGE_SIZE, PAGE_SIZE, PROT_NONE); mprotect(sh_mem + PAGE_SIZE, PAGE_SIZE, PROT_WRITE); mprotect(sh_mem + 2*PAGE_SIZE, PAGE_SIZE, PROT_WRITE); shmdt(sh_mem); shmctl(segment_id, IPC_STAT, &shmid_ds); printf("nattch after shmdt(): %lu (expected: 0)\n", shmid_ds.shm_nattch); if (shmctl(segment_id, IPC_RMID, 0)) printf("IPCRM failed %d\n", errno); return (shmid_ds.shm_nattch) ? 1 : 0; } Fixes: 714965ca8252 ("mm/mmap: start distinguishing if vma can be removed in mergeability test") Reported-by: Michal Hocko <mhocko(a)suse.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> --- mm/mmap.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/mm/mmap.c b/mm/mmap.c index d89770eaab6b..a4238373ee9b 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -954,10 +954,19 @@ static struct vm_area_struct } else if (merge_prev) { /* case 2 */ if (curr) { vma_start_write(curr); - err = dup_anon_vma(prev, curr, &anon_dup); if (end == curr->vm_end) { /* case 7 */ + /* + * can_vma_merge_after() assumed we would not be + * removing prev vma, so it skipped the check + * for vm_ops->close, but we are removing curr + */ + if (curr->vm_ops && curr->vm_ops->close) + err = -EINVAL; + else + err = dup_anon_vma(prev, curr, &anon_dup); remove = curr; } else { /* case 5 */ + err = dup_anon_vma(prev, curr, &anon_dup); adjust = curr; adj_start = (end - curr->vm_start); } -- 2.43.1

1 year, 6 months

3
5
0 0

[PATCH 6.7 000/313] 6.7.6-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.7.6 release. There are 313 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 23 Feb 2024 12:59:02 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.7.6-rc2.… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.7.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.7.6-rc2 Borislav Petkov (AMD) <bp(a)alien8.de> x86/barrier: Do not serialize MSR accesses on AMD Mikulas Patocka <mpatocka(a)redhat.com> dm: limit the number of targets and parameter size area Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix potential bug in end_buffer_async_write Saravana Kannan <saravanak(a)google.com> of: property: Add in-ports/out-ports support to of_graph_get_port_parent() Linus Torvalds <torvalds(a)linuxfoundation.org> sched/membarrier: reduce the ability to hammer on sys_membarrier NeilBrown <neilb(a)suse.de> nfsd: don't take fi_lock in nfsd_break_deleg_cb() Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: Missing gc cancellations fixed Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: fix performance regression in swap operation Mark Brown <broonie(a)kernel.org> usb: typec: tpcm: Fix issues with power being removed during reset Damien Le Moal <dlemoal(a)kernel.org> block: fix partial zone append completion handling in req_bio_endio() Junxiao Bi <junxiao.bi(a)oracle.com> md: bypass block throttle for superblock update Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Inform kmemleak of saved_cmdlines allocation Petr Pavlu <petr.pavlu(a)suse.com> tracing: Fix HAVE_DYNAMIC_FTRACE_WITH_REGS ifdef Oleg Nesterov <oleg(a)redhat.com> fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats Oleg Nesterov <oleg(a)redhat.com> fs/proc: do_task_stat: move thread_group_cputime_adjusted() outside of lock_task_sighand() Konrad Dybcio <konrad.dybcio(a)linaro.org> pmdomain: core: Move the unused cleanup to a _sync initcall Oleksij Rempel <o.rempel(a)pengutronix.de> can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Ziqi Zhao <astrajoan(a)yahoo.com> can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock Maxime Jayat <maxime.jayat(a)mobile-devices.fr> can: netlink: Fix TDCO calculation using the old data bittiming Maximilian Heyne <mheyne(a)amazon.de> xen/events: close evtchn after mapping cleanup Nuno Sa <nuno.sa(a)analog.com> of: property: fix typo in io-channels Vegard Nossum <vegard.nossum(a)oracle.com> docs: kernel_feat.py: fix build error for missing files Jan Kara <jack(a)suse.cz> blk-wbt: Fix detection of dirty-throttled tasks Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Fix earlycon parameter if KASAN enabled Prakash Sangappa <prakash.sangappa(a)oracle.com> mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE Oscar Salvador <osalvador(a)suse.de> fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super Dave Airlie <airlied(a)redhat.com> nouveau/gsp: use correct size for registry rpc. Rishabh Dave <ridave(a)redhat.com> ceph: prevent use-after-free in encode_cap_msg() Shradha Gupta <shradhagupta(a)linux.microsoft.com> hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed Petr Tesarik <petr(a)tesarici.cz> net: stmmac: protect updates of 64-bit statistics counters Jan Kiszka <jan.kiszka(a)siemens.com> riscv/efistub: Ensure GP-relative addressing is not used Geert Uytterhoeven <geert+renesas(a)glider.be> pmdomain: renesas: r8a77980-sysc: CR7 must be always on Sinthu Raja <sinthu.raja(a)ti.com> net: ethernet: ti: cpsw_new: enable mac_managed_pm to fix mdio SeongJae Park <sj(a)kernel.org> mm/damon/sysfs-schemes: fix wrong DAMOS tried regions update timeout setup Alexandra Winter <wintera(a)linux.ibm.com> s390/qeth: Fix potential loss of L3-IP@ in case of network issues Sinthu Raja <sinthu.raja(a)ti.com> net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio Christian Brauner <brauner(a)kernel.org> fs: relax mount_setattr() permission checks Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rtla: Fix Makefile compiler options for clang Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rtla: Fix uninitialized bucket/data->bucket_size warning John Kacur <jkacur(a)redhat.com> tools/rtla: Exit with EXIT_SUCCESS when help is invoked Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rtla: Fix clang warning about mount_point var size limingming3 <limingming890315(a)gmail.com> tools/rtla: Replace setting prio with nice for SCHED_OTHER Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rtla: Remove unused sched_getattr() function Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rv: Fix Makefile compiler options for clang Daniel Bristot de Oliveira <bristot(a)kernel.org> tools/rv: Fix curr_reactor uninitialized variable Mario Limonciello <mario.limonciello(a)amd.com> ASoC: amd: yc: Add DMI quirk for Lenovo Ideapad Pro 5 16ARP8 Gergo Koteles <soyer(a)irl.hu> ASoC: tas2781: add module parameter to tascodec_init() Curtis Malainey <cujomalainey(a)chromium.org> ASoC: SOF: IPC3: fix message bounds on ipc ops Easwar Hariharan <eahariha(a)linux.microsoft.com> arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata Mark Brown <broonie(a)kernel.org> arm64/signal: Don't assume that TIF_SVE means we saved SVE state Fred Ai <fred.ai(a)bayhubtech.com> mmc: sdhci-pci-o2micro: Fix a warm reboot issue that disk can't be detected by BIOS Damien Le Moal <dlemoal(a)kernel.org> zonefs: Improve error handling Sebastian Ene <sebastianene(a)google.com> KVM: arm64: Fix circular locking dependency Christian Borntraeger <borntraeger(a)linux.ibm.com> KVM: s390: vsie: fix race during shadow creation Steve French <stfrench(a)microsoft.com> smb: Fix regression in writes when non-standard maximum write size negotiated Paulo Alcantara <pc(a)manguebit.com> smb: client: set correct id, uid and cruid for multiuser automounts Mohammad Rahimi <rahimi.mhmmd(a)gmail.com> thunderbolt: Fix setting the CNS bit in ROUTER_CS_5 Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems Doug Berger <opendmb(a)gmail.com> irqchip/irq-brcmstb-l2: Add write memory barrier before exit Dan Carpenter <dan.carpenter(a)linaro.org> PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: iwlwifi: mvm: fix a crash when we run out of stations Johannes Berg <johannes.berg(a)intel.com> wifi: mac80211: reload info pointer in ieee80211_tx_dequeue() Johannes Berg <johannes.berg(a)intel.com> wifi: cfg80211: fix wiphy delayed work queueing Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: fix double-free bug Daniel de Villiers <daniel.devilliers(a)corigine.com> nfp: flower: prevent re-adding mac index for bonded port James Hershaw <james.hershaw(a)corigine.com> nfp: enable NETDEV_XDP_ACT_REDIRECT feature flag Daniel Basilio <daniel.basilio(a)corigine.com> nfp: use correct macro for LengthSelect in BAR config Herbert Xu <herbert(a)gondor.apana.org.au> crypto: algif_hash - Remove bogus SGL free on zero-length error path Kim Phillips <kim.phillips(a)amd.com> crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix data corruption in dsync block recovery for small block sizes Shuming Fan <shumingf(a)realtek.com> ALSA: hda/realtek: add IDs for Dell dual spk platform bo liu <bo.liu(a)senarytech.com> ALSA: hda/conexant: Add quirk for SWS JS201D Eniac Zhang <eniac-xw.zhang(a)hp.com> ALSA: hda/realtek: fix mute/micmute LED For HP mt645 Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> gpiolib: add gpiod_to_gpio_device() stub for !GPIOLIB Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> gpiolib: add gpio_device_get_base() stub for !GPIOLIB Alexander Stein <alexander.stein(a)ew.tq-group.com> mmc: slot-gpio: Allow non-sleeping GPIO ro Jens Axboe <axboe(a)kernel.dk> io_uring/net: fix multishot accept overflow handling Steve Wahl <steve.wahl(a)hpe.com> x86/mm/ident_map: Use gbpages only where full GB page should be mapped. Mingwei Zhang <mizhang(a)google.com> KVM: x86/pmu: Fix type length error when reading pmu->fixed_ctr_ctrl Prasad Pandit <pjp(a)fedoraproject.org> KVM: x86: make KVM_REQ_NMI request iff NMI pending for vcpu Andrei Vagin <avagin(a)google.com> x86/fpu: Stop relying on userspace for info to fault in xsave buffer Aleksander Mazur <deweloper(a)wp.pl> x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 Jiri Slaby (SUSE) <jirislaby(a)kernel.org> serial: mxs-auart: fix tx Jiri Slaby (SUSE) <jirislaby(a)kernel.org> serial: core: introduce uart_port_tx_flags() Shrikanth Hegde <sshegde(a)linux.ibm.com> powerpc/pseries: fix accuracy of stolen time David Engraf <david.engraf(a)sysgo.com> powerpc/cputable: Add missing PPC_FEATURE_BOOKE on PPC64 Book-E Naveen N Rao <naveen(a)kernel.org> powerpc/64: Set task pt_regs->link to the LR value on scv entry Masami Hiramatsu (Google) <mhiramat(a)kernel.org> ftrace: Fix DIRECT_CALLS to use SAVE_REGS by default Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: max310x: prevent infinite while() loop in port startup Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: max310x: fail probe if clock crystal is unstable Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: max310x: improve crystal stable clock detection Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: max310x: set default value when reading clock ready bit Gui-Dong Han <2045gemini(a)gmail.com> serial: core: Fix atomicity violation in uart_tiocmget Hui Zhou <hui.zhou(a)corigine.com> nfp: flower: fix hardware offload for the transfer layer port Hui Zhou <hui.zhou(a)corigine.com> nfp: flower: add hardware offload check for post ct entry Andrew Lunn <andrew(a)lunn.ch> net: dsa: mv88e6xxx: Fix failed probe due to unsupported C45 reads Vincent Donnefort <vdonnefort(a)google.com> ring-buffer: Clean ring_buffer_poll_wait() error return Souradeep Chakrabarti <schakrabarti(a)linux.microsoft.com> hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove Lijo Lazar <lijo.lazar(a)amd.com> drm/amdgpu: Avoid fetching VRAM vendor info Tom Chung <chiahsuan.chung(a)amd.com> drm/amd/display: Preserve original aspect ratio in create stream Roman Li <roman.li(a)amd.com> drm/amd/display: Fix array-index-out-of-bounds in dcn35_clkmgr Nathan Chancellor <nathan(a)kernel.org> drm/amd/display: Increase frame-larger-than for all display_mode_vba files Fangzhi Zuo <jerry.zuo(a)amd.com> drm/amd/display: Fix MST Null Ptr for RV Thong <thong.thai(a)amd.com> drm/amdgpu/soc21: update VCN 4 max HEVC encoding resolution Philip Yang <Philip.Yang(a)amd.com> drm/prime: Support page array >= 4GB Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/dp: Limit SST link rate to <=8.1Gbps Zhikai Zhai <zhikai.zhai(a)amd.com> drm/amd/display: Add align done check Rob Clark <robdclark(a)chromium.org> drm/msm: Wire up tlb ops Arunpravin Paneer Selvam <Arunpravin.PaneerSelvam(a)amd.com> drm/buddy: Fix alloc_range() error handling code Timur Tabi <ttabi(a)nvidia.com> drm/nouveau: fix several DMA buffer leaks Fedor Pchelkin <pchelkin(a)ispras.ru> ksmbd: free aux buffer if ksmbd_iov_pin_rsp_read fails Oleg Nesterov <oleg(a)redhat.com> getrusage: use sig->stats_lock rather than lock_task_sighand() Oleg Nesterov <oleg(a)redhat.com> getrusage: move thread_group_cputime_adjusted() outside of lock_task_sighand() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Keep all directory links at 1 Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Remove fsnotify*() functions from lookup() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Restructure eventfs_inode structure to be more condensed Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Warn if an eventfs_inode is freed without is_freed being set Linus Torvalds <torvalds(a)linux-foundation.org> eventfs: Get rid of dentry pointers without refcounts Linus Torvalds <torvalds(a)linux-foundation.org> eventfs: Clean up dentry ops and add revalidate function Linus Torvalds <torvalds(a)linux-foundation.org> eventfs: Remove unused d_parent pointer field Linus Torvalds <torvalds(a)linux-foundation.org> tracefs: dentry lookup crapectomy Linus Torvalds <torvalds(a)linux-foundation.org> tracefs: Avoid using the ei->dentry pointer unnecessarily Linus Torvalds <torvalds(a)linux-foundation.org> eventfs: Initialize the tracefs inode properly Steven Rostedt (Google) <rostedt(a)goodmis.org> tracefs: Zero out the tracefs_inode when allocating it Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Save directory inodes in the eventfs_inode structure Erick Archer <erick.archer(a)gmx.com> eventfs: Use kcalloc() instead of kzalloc() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Do not create dentries nor inodes in iterate_shared Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Have the inodes all for files and directories all be the same Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Shortcut eventfs_iterate() by skipping entries already read Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Read ei->entries before ei->children in eventfs_iterate() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Do ctx->pos update for all iterations in eventfs_iterate() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Have eventfs_iterate() stop immediately if ei->is_freed is set Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Stop using dcache_readdir() for getdents() Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Remove "lookup" parameter from create_dir/file_dentry() Sean Young <sean(a)mess.org> media: rc: bpf attach/detach requires write permission Eugen Hristev <eugen.hristev(a)collabora.com> pmdomain: mediatek: fix race conditions with genpd Sam Protsenko <semen.protsenko(a)linaro.org> iio: pressure: bmp280: Add missing bmp085 to SPI id table Randy Dunlap <rdunlap(a)infradead.org> iio: imu: bno055: serdev requires REGMAP Nuno Sa <nuno.sa(a)analog.com> iio: imu: adis: ensure proper DMA alignment Nuno Sa <nuno.sa(a)analog.com> iio: adc: ad_sigma_delta: ensure proper DMA alignment Mario Limonciello <mario.limonciello(a)amd.com> iio: accel: bma400: Fix a compilation problem Nuno Sa <nuno.sa(a)analog.com> iio: commom: st_sensors: ensure proper DMA alignment Dinghao Liu <dinghao.liu(a)zju.edu.cn> iio: core: fix memleak in iio_device_register_sysfs zhili.liu <zhili.liu(a)ucas.com.cn> iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC David Schiller <david.schiller(a)jku.at> staging: iio: ad5933: fix type mismatch regression Tejun Heo <tj(a)kernel.org> Revert "workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask()" Masami Hiramatsu (Google) <mhiramat(a)kernel.org> tracing/probes: Fix to search structure fields correctly Masami Hiramatsu (Google) <mhiramat(a)kernel.org> tracing/probes: Fix to set arg size and fmt after setting type from BTF Masami Hiramatsu (Google) <mhiramat(a)kernel.org> tracing/probes: Fix to show a parse error for bad type for $comm Thorsten Blum <thorsten.blum(a)toblux.com> tracing/synthetic: Fix trace_string() return value Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Fix wasted memory in saved_cmdlines logic Daniel Bristot de Oliveira <bristot(a)kernel.org> tracing/timerlat: Move hrtimer_init to timerlat_fd open() Baokun Li <libaokun1(a)huawei.com> ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks() Baokun Li <libaokun1(a)huawei.com> ext4: fix double-free of blocks due to wrong extents moved_len Ekansh Gupta <quic_ekangupt(a)quicinc.com> misc: fastrpc: Mark all sessions as invalid in cb_remove Carlos Llamas <cmllamas(a)google.com> binder: signal epoll threads of self-work Andy Chi <andy.chi(a)canonical.com> ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power Vitaly Rodionov <vitalyr(a)opensource.cirrus.com> ALSA: hda/cs8409: Suppress vmaster control for Dolphin models Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ASoC: codecs: wcd938x: handle deferred probe Kailang Yang <kailang(a)realtek.com> ALSA: hda/realtek - Add speaker pin verbtable for Dell dual speaker platform Edson Juliano Drosdeck <edson.drosdeck(a)gmail.com> ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL Nathan Chancellor <nathan(a)kernel.org> modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS Nathan Chancellor <nathan(a)kernel.org> um: Fix adding '-no-pie' for clang Jan Beulich <jbeulich(a)suse.com> xen-netback: properly sync TX responses Helge Deller <deller(a)gmx.de> parisc: BTLB: Fix crash when setting up BTLB at CPU bringup Helge Deller <deller(a)gmx.de> parisc: Fix random data corruption from exception handler Esben Haabendal <esben(a)geanix.com> net: stmmac: do not clear TBS enable bit on link up/down Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Fedor Pchelkin <pchelkin(a)ispras.ru> nfc: nci: free rx_data_reassembly skb on NCI device cleanup Nathan Chancellor <nathan(a)kernel.org> kbuild: Fix changing ELF file type for output of gen_btf for big endian José Relvas <josemonsantorelvas(a)gmail.com> ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287 thinkpads Takashi Sakamoto <o-takashi(a)sakamocchi.jp> firewire: core: correct documentation of fw_csr_string() kernel API Ondrej Mosnacek <omosnace(a)redhat.com> lsm: fix the logic in security_inode_getsecctx() Ondrej Mosnacek <omosnace(a)redhat.com> lsm: fix default return value of the socket_getpeersec_*() hooks Fangzhi Zuo <jerry.zuo(a)amd.com> drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue Wenjing Liu <wenjing.liu(a)amd.com> drm/amd/display: fix incorrect mpc_combine array size David McFarland <corngood(a)gmail.com> drm/amd: Don't init MEC2 firmware when it fails to load Friedrich Vock <friedrich.vock(a)gmx.de> drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Sebastian Ott <sebott(a)redhat.com> drm/virtio: Set segment size for virtio_gpu device Vaishnav Achath <vaishnav.a(a)ti.com> spi: omap2-mcspi: Revert FIFO support without DMA Keqi Wang <wangkeqi_chris(a)163.com> connector/cn_proc: revert "connector: Fix proc_event_num_listeners count not cleared" Rob Clark <robdclark(a)chromium.org> Revert "drm/msm/gpu: Push gpu lock down past runpm" Mario Limonciello <mario.limonciello(a)amd.com> Revert "drm/amd: flush any delayed gfxoff on suspend entry" Lee Duncan <lduncan(a)suse.com> scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: Revert "media: rkisp1: Drop IRQF_SHARED" Michael Ellerman <mpe(a)ellerman.id.au> Revert "powerpc/pseries/iommu: Fix iommu initialisation during DLPAR add" Paolo Abeni <pabeni(a)redhat.com> mptcp: really cope with fastopen race Geliang Tang <geliang(a)kernel.org> mptcp: check addrs list in userspace_pm_get_local_id Paolo Abeni <pabeni(a)redhat.com> mptcp: fix rcv space initialization Paolo Abeni <pabeni(a)redhat.com> mptcp: drop the push_pending field Geliang Tang <geliang.tang(a)linux.dev> selftests: mptcp: add mptcp_lib_kill_wait Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: allow changing subtests prefix Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: increase timeout to 30 min Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: add missing kconfig for NF Mangle Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: add missing kconfig for NF Filter in v6 Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: add missing kconfig for NF Filter Paolo Abeni <pabeni(a)redhat.com> mptcp: fix data re-injection from stale subflow Arnd Bergmann <arnd(a)arndb.de> kallsyms: ignore ARMv4 thunks along with others Radek Krejci <radek.krejci(a)oracle.com> modpost: trim leading spaces when processing source files list Jean Delvare <jdelvare(a)suse.de> i2c: i801: Fix block process call transactions Arnd Bergmann <arnd(a)arndb.de> i2c: pasemi: split driver into two separate modules Shivaprasad G Bhat <sbhat(a)linux.ibm.com> powerpc/iommu: Fix the missing iommu_group_put() during platform domain attach Michael Ellerman <mpe(a)ellerman.id.au> powerpc/kasan: Limit KASAN thread size increase to 32KB Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3-its: Handle non-coherent GICv4 redistributors Bibo Mao <maobibo(a)loongson.cn> irqchip/loongson-eiointc: Use correct struct type in eiointc_domain_alloc() Viken Dadhaniya <quic_vdadhani(a)quicinc.com> i2c: qcom-geni: Correct I2C TRE sequence Dan Carpenter <dan.carpenter(a)linaro.org> cifs: fix underflow in parse_server_interfaces() Cosmin Tanislav <demonsingur(a)gmail.com> iio: adc: ad4130: only set GPIO_CTRL if pin is unused Cosmin Tanislav <demonsingur(a)gmail.com> iio: adc: ad4130: zero-initialize clock init data Alex Williamson <alex.williamson(a)redhat.com> PCI: Fix active state requirement in PME polling Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "kobject: Remove redundant checks for whether ktype is NULL" Jiangfeng Xiao <xiaojiangfeng(a)huawei.com> powerpc/kasan: Fix addr error caused by page alignment Matthias Schiffer <matthias.schiffer(a)ew.tq-group.com> powerpc/6xx: set High BAT Enable flag on G2_LE cores Gaurav Batra <gbatra(a)linux.ibm.com> powerpc/pseries/iommu: Fix iommu initialisation during DLPAR add Saravana Kannan <saravanak(a)google.com> driver core: fw_devlink: Improve detection of overlapping cycles Zhipeng Lu <alexious(a)zju.edu.cn> media: ir_toy: fix a memleak in irtoy_tx Konrad Dybcio <konrad.dybcio(a)linaro.org> interconnect: qcom: sm8550: Enable sync_state Konrad Dybcio <konrad.dybcio(a)linaro.org> interconnect: qcom: sc8180x: Mark CO0 BCM keepalive Uttkarsh Aggarwal <quic_uaggarwa(a)quicinc.com> usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend Udipto Goswami <quic_ugoswami(a)quicinc.com> usb: core: Prevent null pointer dereference in update_port_device_state Xu Yang <xu.yang_2(a)nxp.com> usb: chipidea: core: handle power lost in workqueue yuan linyu <yuanlinyu(a)hihonor.com> usb: f_mass_storage: forbid async queue when shutdown happen Oliver Neukum <oneukum(a)suse.com> USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT Christian A. Ehrhardt <lk(a)c--e.de> usb: ucsi_acpi: Fix command completion handling Sean Anderson <sean.anderson(a)seco.com> usb: ulpi: Fix debugfs directory leak Christian A. Ehrhardt <lk(a)c--e.de> usb: ucsi: Add missing ppm_lock Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> iio: hid-sensor-als: Return 0 for HID_USAGE_SENSOR_TIME_TIMESTAMP Jason Gerecke <killertofu(a)gmail.com> HID: wacom: Do not register input devices until after hid_hw_start Tatsunosuke Tobita <tatsunosuke.tobita(a)wacom.com> HID: wacom: generic: Avoid reporting a serial of '0' to userspace Johan Hovold <johan+linaro(a)kernel.org> HID: i2c-hid-of: fix NULL-deref on failed power up Benjamin Tissoires <bentiss(a)kernel.org> HID: bpf: actually free hdev memory after attaching a HID-BPF program Benjamin Tissoires <bentiss(a)kernel.org> HID: bpf: remove double fdget() Luka Guzenko <l.guzenko(a)web.de> ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx David Senoner <seda18(a)rolmail.net> ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 Helge Deller <deller(a)gmx.de> parisc: Prevent hung tasks when printing inventory on serial console Techno Mooney <techno.mooney(a)gmail.com> ASoC: amd: yc: Add DMI quirk for MSI Bravo 15 C7VF Mikulas Patocka <mpatocka(a)redhat.com> dm-crypt, dm-verity: disable tasklets Dave Airlie <airlied(a)redhat.com> nouveau: offload fence uevents work to workqueue Michael Kelley <mhklinux(a)outlook.com> scsi: storvsc: Fix ring buffer size calculation Nico Pache <npache(a)redhat.com> selftests: mm: fix map_hugetlb failure on 64K page size systems Audra Mitchell <audra(a)redhat.com> selftests/mm: Update va_high_addr_switch.sh to check CPU for la57 flag Zach O'Keefe <zokeefe(a)google.com> mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again Muhammad Usama Anjum <usama.anjum(a)collabora.com> selftests/mm: switch to bash from sh Sidhartha Kumar <sidhartha.kumar(a)oracle.com> fs/hugetlbfs/inode.c: mm/memory-failure.c: fix hugetlbfs hwpoison handling Masami Hiramatsu (Google) <mhiramat(a)kernel.org> tracing/trigger: Fix to return error if failed to alloc snapshot Samuel Holland <samuel.holland(a)sifive.com> scs: add CONFIG_MMU dependency for vfree_atomic() Ryan Roberts <ryan.roberts(a)arm.com> selftests/mm: ksm_tests should only MADV_HUGEPAGE valid memory Lokesh Gidra <lokeshgidra(a)google.com> userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb Ryan Roberts <ryan.roberts(a)arm.com> mm: thp_get_unmapped_area must honour topdown preference Ivan Vecera <ivecera(a)redhat.com> i40e: Fix waiting for queues of all VSIs to be disabled Ivan Vecera <ivecera(a)redhat.com> i40e: Do not allow untrusted VF to remove administratively set MAC Jiaxun Yang <jiaxun.yang(a)flygoat.com> mm/memory: Use exception ip to search exception tables Jiaxun Yang <jiaxun.yang(a)flygoat.com> ptrace: Introduce exception_ip arch hook Guenter Roeck <linux(a)roeck-us.net> MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler Arnd Bergmann <arnd(a)arndb.de> nouveau/svm: fix kvcalloc() argument order Breno Leitao <leitao(a)debian.org> net: sysfs: Fix /sys/class/net/<iface> path for statistics Manasi Navare <navaremanasi(a)chromium.org> drm/i915/dsc: Fix the macro that calculates DSCC_/DSCA_ PPS reg address Alexey Khoroshilov <khoroshilov(a)ispras.ru> ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> spi: ppc4xx: Drop write-only variable Jakub Kicinski <kuba(a)kernel.org> net: tls: fix returned read length with async decrypt Sabrina Dubroca <sd(a)queasysnail.net> net: tls: fix use-after-free with partial reads and async decrypt Jakub Kicinski <kuba(a)kernel.org> net: tls: handle backlogging of crypto requests Jakub Kicinski <kuba(a)kernel.org> tls: fix race between tx work scheduling and socket close Jakub Kicinski <kuba(a)kernel.org> tls: fix race between async notify and socket close Jakub Kicinski <kuba(a)kernel.org> net: tls: factor out tls_*crypt_async_wait() Horatiu Vultur <horatiu.vultur(a)microchip.com> lan966x: Fix crash when adding interface under a lag Aaron Conole <aconole(a)redhat.com> net: openvswitch: limit the number of recursions from action sets Ido Schimmel <idosch(a)nvidia.com> selftests: forwarding: Fix bridge locked port test flakiness Ido Schimmel <idosch(a)nvidia.com> selftests: forwarding: Suppress grep warnings Ido Schimmel <idosch(a)nvidia.com> selftests: forwarding: Fix bridge MDB test flakiness Ido Schimmel <idosch(a)nvidia.com> selftests: forwarding: Fix layer 2 miss test flakiness Ido Schimmel <idosch(a)nvidia.com> selftests: net: Fix bridge backup port test flakiness Hangbin Liu <liuhangbin(a)gmail.com> selftests/net: convert test_bridge_backup_port.sh to run it in unique namespace Hojin Nam <hj96.nam(a)samsung.com> perf: CXL: fix mismatched cpmu event opcode Lukas Bulwahn <lukas.bulwahn(a)gmail.com> ALSA: hda/cs35l56: select intended config FW_CS_DSP Saravana Kannan <saravanak(a)google.com> of: property: Improve finding the supplier of a remote-endpoint property Saravana Kannan <saravanak(a)google.com> of: property: Improve finding the consumer of a remote-endpoint property Parav Pandit <parav(a)nvidia.com> devlink: Fix command annotation documentation Magnus Karlsson <magnus.karlsson(a)intel.com> bonding: do not report NETDEV_XDP_ACT_XSK_ZEROCOPY Chuck Lever <chuck.lever(a)oracle.com> net/handshake: Fix handshake_req_destroy_test1 Jiri Pirko <jiri(a)resnulli.us> net/mlx5: DPLL, Fix possible use after free after delayed work timer triggers Jiri Pirko <jiri(a)resnulli.us> dpll: fix possible deadlock during netlink dump operation Ranjani Sridharan <ranjani.sridharan(a)linux.intel.com> ASoC: SOF: ipc3-topology: Fix pipeline tear down logic Dan Carpenter <dan.carpenter(a)linaro.org> wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() Dan Carpenter <dan.carpenter(a)linaro.org> wifi: iwlwifi: Fix some error codes Miri Korenblit <miriam.rachel.korenblit(a)intel.com> wifi: iwlwifi: clear link_id in time_event Amadeusz Sławiński <amadeuszx.slawinski(a)linux.intel.com> ASoC: Intel: avs: Fix dynamic port assignment when TDM is set Carlos Song <carlos.song(a)nxp.com> spi: imx: fix the burst length at DMA mode and CPU mode Cezary Rojewski <cezary.rojewski(a)intel.com> ASoC: Intel: avs: Fix pci_probe() error path Mickaël Salaün <mic(a)digikod.net> selftests/landlock: Fix capability for net_test Rob Clark <robdclark(a)chromium.org> drm/msm/gem: Fix double resv lock aquire Christian A. Ehrhardt <lk(a)c--e.de> of: unittest: Fix compile in the non-dynamic case Hu Yadi <hu.yadi(a)h3c.com> selftests/landlock: Fix fs_test build with old libc Hu Yadi <hu.yadi(a)h3c.com> selftests/landlock: Fix net_test build with old libc Nícolas F. R. A. Prado <nfraprado(a)collabora.com> kselftest: dt: Stop relying on dirname to improve performance Saravana Kannan <saravanak(a)google.com> driver core: Fix device_link_flag_is_sync_state_only() Josef Bacik <josef(a)toxicpanda.com> btrfs: don't drop extent_map for free space inode on write error Filipe Manana <fdmanana(a)suse.com> btrfs: reject encoded write if inode has nodatasum flag set Filipe Manana <fdmanana(a)suse.com> btrfs: don't reserve space for checksums when writing to nocow files David Sterba <dsterba(a)suse.com> btrfs: send: return EOPNOTSUPP on unknown flags Boris Burkov <boris(a)bur.io> btrfs: forbid deleting live subvol qgroup Qu Wenruo <wqu(a)suse.com> btrfs: do not ASSERT() if the newly created subvolume already got read Boris Burkov <boris(a)bur.io> btrfs: forbid creating subvol qgroups Filipe Manana <fdmanana(a)suse.com> btrfs: don't refill whole delayed refs block reserve when starting transaction Filipe Manana <fdmanana(a)suse.com> btrfs: add new unused block groups to the list of unused block groups Filipe Manana <fdmanana(a)suse.com> btrfs: do not delete unused block group if it may be used soon Filipe Manana <fdmanana(a)suse.com> btrfs: add and use helper to check if block group is used Yang Shi <yang(a)os.amperecomputing.com> mm: mmap: map MAP_STACK to VM_NOHUGEPAGE Yang Shi <yang(a)os.amperecomputing.com> mm: huge_memory: don't force huge page alignment on 32 bit Linus Torvalds <torvalds(a)linux-foundation.org> update workarounds for gcc "asm goto" issue Linus Torvalds <torvalds(a)linux-foundation.org> work around gcc bugs with 'asm goto' with outputs ------------- Diffstat: .../ABI/testing/sysfs-class-net-statistics | 48 +- Documentation/arch/arm64/silicon-errata.rst | 7 + Documentation/netlink/specs/dpll.yaml | 4 - Documentation/networking/devlink/devlink-port.rst | 2 +- Documentation/sphinx/kernel_feat.py | 2 +- Makefile | 4 +- arch/Kconfig | 1 + arch/arc/include/asm/jump_label.h | 4 +- arch/arm/include/asm/jump_label.h | 4 +- arch/arm64/include/asm/alternative-macros.h | 4 +- arch/arm64/include/asm/cputype.h | 4 + arch/arm64/include/asm/jump_label.h | 4 +- arch/arm64/kernel/cpu_errata.c | 3 + arch/arm64/kernel/fpsimd.c | 2 +- arch/arm64/kernel/signal.c | 4 +- arch/arm64/kvm/pkvm.c | 27 +- arch/csky/include/asm/jump_label.h | 4 +- arch/loongarch/include/asm/jump_label.h | 4 +- arch/loongarch/mm/kasan_init.c | 3 + arch/mips/include/asm/checksum.h | 3 +- arch/mips/include/asm/jump_label.h | 4 +- arch/mips/include/asm/ptrace.h | 2 + arch/mips/kernel/ptrace.c | 7 + arch/parisc/Kconfig | 1 - arch/parisc/include/asm/assembly.h | 1 + arch/parisc/include/asm/extable.h | 64 ++ arch/parisc/include/asm/jump_label.h | 4 +- arch/parisc/include/asm/special_insns.h | 6 +- arch/parisc/include/asm/uaccess.h | 48 +- arch/parisc/kernel/cache.c | 6 +- arch/parisc/kernel/drivers.c | 3 + arch/parisc/kernel/unaligned.c | 44 +- arch/parisc/mm/fault.c | 11 +- arch/powerpc/include/asm/jump_label.h | 4 +- arch/powerpc/include/asm/reg.h | 2 + arch/powerpc/include/asm/thread_info.h | 2 +- arch/powerpc/include/asm/uaccess.h | 12 +- arch/powerpc/kernel/cpu_setup_6xx.S | 20 +- arch/powerpc/kernel/cpu_specs_e500mc.h | 3 +- arch/powerpc/kernel/interrupt_64.S | 4 +- arch/powerpc/kernel/iommu.c | 4 +- arch/powerpc/kernel/irq_64.c | 2 +- arch/powerpc/mm/kasan/init_32.c | 1 + arch/powerpc/platforms/pseries/lpar.c | 8 +- arch/riscv/include/asm/bitops.h | 8 +- arch/riscv/include/asm/cpufeature.h | 4 +- arch/riscv/include/asm/jump_label.h | 4 +- arch/s390/include/asm/jump_label.h | 4 +- arch/s390/kvm/vsie.c | 1 - arch/s390/mm/gmap.c | 1 + arch/sparc/include/asm/jump_label.h | 4 +- arch/um/Makefile | 4 +- arch/um/include/asm/cpufeature.h | 2 +- arch/x86/Kconfig.cpu | 2 +- arch/x86/include/asm/barrier.h | 18 - arch/x86/include/asm/cpufeature.h | 2 +- arch/x86/include/asm/cpufeatures.h | 2 +- arch/x86/include/asm/jump_label.h | 6 +- arch/x86/include/asm/processor.h | 18 + arch/x86/include/asm/rmwcc.h | 2 +- arch/x86/include/asm/special_insns.h | 2 +- arch/x86/include/asm/uaccess.h | 10 +- arch/x86/kernel/cpu/amd.c | 3 + arch/x86/kernel/cpu/common.c | 7 + arch/x86/kernel/cpu/hygon.c | 3 + arch/x86/kernel/fpu/signal.c | 13 +- arch/x86/kvm/svm/svm_ops.h | 6 +- arch/x86/kvm/vmx/pmu_intel.c | 2 +- arch/x86/kvm/vmx/vmx.c | 4 +- arch/x86/kvm/vmx/vmx_ops.h | 6 +- arch/x86/kvm/x86.c | 3 +- arch/x86/mm/ident_map.c | 23 +- arch/xtensa/include/asm/jump_label.h | 4 +- block/blk-mq.c | 9 +- block/blk-wbt.c | 4 +- crypto/algif_hash.c | 5 +- drivers/android/binder.c | 10 + drivers/base/core.c | 15 +- drivers/base/power/domain.c | 2 +- drivers/connector/cn_proc.c | 5 +- drivers/crypto/ccp/sev-dev.c | 10 +- drivers/dpll/dpll_netlink.c | 20 +- drivers/dpll/dpll_nl.c | 4 - drivers/dpll/dpll_nl.h | 2 - drivers/firewire/core-device.c | 7 +- drivers/firmware/efi/libstub/Makefile | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 - drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 9 +- drivers/gpu/drm/amd/amdgpu/cik_ih.c | 6 + drivers/gpu/drm/amd/amdgpu/cz_ih.c | 5 + drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 2 - drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 8 - drivers/gpu/drm/amd/amdgpu/iceland_ih.c | 5 + drivers/gpu/drm/amd/amdgpu/ih_v6_0.c | 6 + drivers/gpu/drm/amd/amdgpu/ih_v6_1.c | 7 + drivers/gpu/drm/amd/amdgpu/navi10_ih.c | 6 + drivers/gpu/drm/amd/amdgpu/si_ih.c | 6 + drivers/gpu/drm/amd/amdgpu/soc21.c | 4 +- drivers/gpu/drm/amd/amdgpu/tonga_ih.c | 6 + drivers/gpu/drm/amd/amdgpu/vega10_ih.c | 6 + drivers/gpu/drm/amd/amdgpu/vega20_ih.c | 6 + drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 14 +- .../amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c | 15 +- drivers/gpu/drm/amd/display/dc/dml/Makefile | 6 +- .../gpu/drm/amd/display/dc/dml/dcn32/dcn32_fpu.c | 2 +- .../amd/display/dc/dml2/dml2_translation_helper.c | 27 +- drivers/gpu/drm/amd/display/dc/inc/core_types.h | 2 + .../display/dc/link/protocols/link_dp_training.c | 5 +- drivers/gpu/drm/drm_buddy.c | 6 + drivers/gpu/drm/drm_prime.c | 2 +- drivers/gpu/drm/i915/display/intel_dp.c | 3 + drivers/gpu/drm/i915/display/intel_vdsc_regs.h | 4 +- drivers/gpu/drm/msm/msm_gem_prime.c | 4 +- drivers/gpu/drm/msm/msm_gpu.c | 11 +- drivers/gpu/drm/msm/msm_iommu.c | 32 +- drivers/gpu/drm/msm/msm_ringbuffer.c | 7 +- drivers/gpu/drm/nouveau/include/nvkm/subdev/gsp.h | 2 +- drivers/gpu/drm/nouveau/nouveau_fence.c | 26 +- drivers/gpu/drm/nouveau/nouveau_fence.h | 1 + drivers/gpu/drm/nouveau/nouveau_svm.c | 2 +- drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c | 61 +- drivers/gpu/drm/virtio/virtgpu_drv.c | 1 + drivers/hid/bpf/hid_bpf_dispatch.c | 83 ++- drivers/hid/bpf/hid_bpf_dispatch.h | 4 +- drivers/hid/bpf/hid_bpf_jmp_table.c | 40 +- drivers/hid/i2c-hid/i2c-hid-of.c | 1 + drivers/hid/wacom_sys.c | 63 +- drivers/hid/wacom_wac.c | 9 +- drivers/i2c/busses/Makefile | 6 +- drivers/i2c/busses/i2c-i801.c | 4 +- drivers/i2c/busses/i2c-pasemi-core.c | 6 + drivers/i2c/busses/i2c-qcom-geni.c | 16 +- drivers/iio/accel/Kconfig | 2 + drivers/iio/adc/ad4130.c | 12 +- drivers/iio/imu/bno055/Kconfig | 1 + drivers/iio/industrialio-core.c | 5 +- drivers/iio/light/hid-sensor-als.c | 1 + drivers/iio/magnetometer/rm3100-core.c | 10 +- drivers/iio/pressure/bmp280-spi.c | 1 + drivers/interconnect/qcom/sc8180x.c | 1 + drivers/interconnect/qcom/sm8550.c | 1 + drivers/irqchip/irq-brcmstb-l2.c | 5 +- drivers/irqchip/irq-gic-v3-its.c | 62 +- drivers/irqchip/irq-loongson-eiointc.c | 2 +- drivers/md/dm-core.h | 2 + drivers/md/dm-crypt.c | 38 +- drivers/md/dm-ioctl.c | 3 +- drivers/md/dm-table.c | 9 +- drivers/md/dm-verity-target.c | 26 +- drivers/md/dm-verity.h | 1 - drivers/md/md.c | 7 +- .../media/platform/rockchip/rkisp1/rkisp1-dev.c | 2 +- drivers/media/rc/bpf-lirc.c | 6 +- drivers/media/rc/ir_toy.c | 2 + drivers/media/rc/lirc_dev.c | 5 +- drivers/media/rc/rc-core-priv.h | 2 +- drivers/misc/fastrpc.c | 2 +- drivers/mmc/core/slot-gpio.c | 6 +- drivers/mmc/host/sdhci-pci-o2micro.c | 30 + drivers/net/bonding/bond_main.c | 5 +- drivers/net/can/dev/netlink.c | 2 +- drivers/net/dsa/mv88e6xxx/chip.c | 2 +- drivers/net/ethernet/intel/i40e/i40e_main.c | 2 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 38 +- drivers/net/ethernet/mellanox/mlx5/core/dpll.c | 2 +- .../net/ethernet/microchip/lan966x/lan966x_lag.c | 9 +- .../net/ethernet/netronome/nfp/flower/conntrack.c | 46 +- .../ethernet/netronome/nfp/flower/tunnel_conf.c | 2 +- .../net/ethernet/netronome/nfp/nfp_net_common.c | 1 + .../ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c | 6 +- drivers/net/ethernet/stmicro/stmmac/common.h | 56 +- drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c | 15 +- drivers/net/ethernet/stmicro/stmmac/dwmac4_lib.c | 15 +- drivers/net/ethernet/stmicro/stmmac/dwmac_lib.c | 15 +- drivers/net/ethernet/stmicro/stmmac/dwxgmac2_dma.c | 15 +- .../net/ethernet/stmicro/stmmac/stmmac_ethtool.c | 125 +++- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 136 ++-- drivers/net/ethernet/ti/cpsw.c | 2 + drivers/net/ethernet/ti/cpsw_new.c | 3 + drivers/net/hyperv/netvsc.c | 5 +- drivers/net/hyperv/netvsc_drv.c | 82 ++- drivers/net/wireless/intel/iwlwifi/fw/acpi.c | 15 +- drivers/net/wireless/intel/iwlwifi/iwl-drv.c | 1 + drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 3 + drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c | 4 + .../net/wireless/intel/iwlwifi/mvm/time-event.c | 3 +- drivers/net/xen-netback/netback.c | 100 ++- drivers/of/property.c | 65 +- drivers/of/unittest.c | 12 +- drivers/pci/controller/dwc/pcie-designware-ep.c | 3 +- drivers/pci/pci.c | 37 +- drivers/perf/cxl_pmu.c | 2 +- drivers/pmdomain/mediatek/mtk-pm-domains.c | 15 +- drivers/pmdomain/renesas/r8a77980-sysc.c | 3 +- drivers/s390/net/qeth_l3_main.c | 9 +- drivers/scsi/fcoe/fcoe_ctlr.c | 20 +- drivers/scsi/storvsc_drv.c | 12 +- drivers/spi/spi-imx.c | 9 +- drivers/spi/spi-omap2-mcspi.c | 137 +--- drivers/spi/spi-ppc4xx.c | 5 - drivers/staging/iio/impedance-analyzer/ad5933.c | 2 +- drivers/thunderbolt/tb_regs.h | 2 +- drivers/thunderbolt/usb4.c | 2 +- drivers/tty/serial/max310x.c | 53 +- drivers/tty/serial/mxs-auart.c | 5 +- drivers/tty/serial/serial_core.c | 2 +- drivers/usb/chipidea/ci.h | 2 + drivers/usb/chipidea/core.c | 44 +- drivers/usb/common/ulpi.c | 2 +- drivers/usb/core/hub.c | 46 +- drivers/usb/dwc3/gadget.c | 6 +- drivers/usb/gadget/function/f_mass_storage.c | 20 +- drivers/usb/typec/tcpm/tcpm.c | 3 +- drivers/usb/typec/ucsi/ucsi.c | 2 + drivers/usb/typec/ucsi/ucsi_acpi.c | 17 +- drivers/xen/events/events_base.c | 8 +- fs/btrfs/block-group.c | 80 +- fs/btrfs/block-group.h | 7 + fs/btrfs/delalloc-space.c | 29 +- fs/btrfs/disk-io.c | 13 +- fs/btrfs/inode.c | 26 +- fs/btrfs/ioctl.c | 5 + fs/btrfs/qgroup.c | 14 + fs/btrfs/send.c | 2 +- fs/btrfs/transaction.c | 38 +- fs/ceph/caps.c | 3 +- fs/ext4/mballoc.c | 39 +- fs/ext4/move_extent.c | 6 +- fs/hugetlbfs/inode.c | 21 +- fs/namespace.c | 11 +- fs/nfsd/nfs4state.c | 11 +- fs/nilfs2/file.c | 8 +- fs/nilfs2/recovery.c | 7 +- fs/nilfs2/segment.c | 8 +- fs/proc/array.c | 66 +- fs/smb/client/connect.c | 14 +- fs/smb/client/fs_context.c | 11 + fs/smb/client/namespace.c | 16 + fs/smb/client/smb2ops.c | 2 +- fs/smb/server/smb2pdu.c | 8 +- fs/tracefs/event_inode.c | 814 ++++++--------------- fs/tracefs/inode.c | 102 +-- fs/tracefs/internal.h | 46 +- fs/zonefs/file.c | 42 +- fs/zonefs/super.c | 66 +- include/linux/backing-dev-defs.h | 7 +- include/linux/compiler-gcc.h | 20 + include/linux/compiler_types.h | 11 +- include/linux/gpio/driver.h | 12 + include/linux/iio/adc/ad_sigma_delta.h | 4 +- include/linux/iio/common/st_sensors.h | 4 +- include/linux/iio/imu/adis.h | 3 +- include/linux/lsm_hook_defs.h | 4 +- include/linux/mman.h | 1 + include/linux/netfilter/ipset/ip_set.h | 4 + include/linux/ptrace.h | 4 + include/linux/serial_core.h | 32 +- include/net/tls.h | 5 - include/sound/tas2781.h | 1 + init/Kconfig | 9 + io_uring/net.c | 5 +- kernel/sched/membarrier.c | 6 + kernel/sys.c | 54 +- kernel/trace/ftrace.c | 10 + kernel/trace/ring_buffer.c | 2 +- kernel/trace/trace.c | 78 +- kernel/trace/trace_btf.c | 4 +- kernel/trace/trace_events_synth.c | 3 +- kernel/trace/trace_events_trigger.c | 6 +- kernel/trace/trace_osnoise.c | 6 +- kernel/trace/trace_probe.c | 32 +- kernel/trace/trace_probe.h | 3 +- kernel/workqueue.c | 8 +- lib/kobject.c | 24 +- mm/backing-dev.c | 2 +- mm/damon/sysfs-schemes.c | 2 +- mm/huge_memory.c | 14 +- mm/memory-failure.c | 2 +- mm/memory.c | 4 +- mm/mmap.c | 6 +- mm/page-writeback.c | 4 +- mm/userfaultfd.c | 15 +- net/can/j1939/j1939-priv.h | 3 +- net/can/j1939/main.c | 2 +- net/can/j1939/socket.c | 46 +- net/handshake/handshake-test.c | 5 +- net/hsr/hsr_device.c | 4 +- net/mac80211/tx.c | 5 +- net/mptcp/pm_userspace.c | 13 +- net/mptcp/protocol.c | 25 +- net/mptcp/protocol.h | 7 +- net/mptcp/subflow.c | 4 +- net/netfilter/ipset/ip_set_bitmap_gen.h | 14 +- net/netfilter/ipset/ip_set_core.c | 39 +- net/netfilter/ipset/ip_set_hash_gen.h | 19 +- net/netfilter/ipset/ip_set_list_set.c | 13 +- net/netfilter/nft_set_pipapo_avx2.c | 2 +- net/nfc/nci/core.c | 4 + net/openvswitch/flow_netlink.c | 49 +- net/tls/tls_sw.c | 135 ++-- net/wireless/core.c | 3 +- samples/bpf/asm_goto_workaround.h | 8 +- scripts/link-vmlinux.sh | 9 +- scripts/mksysmap | 13 +- scripts/mod/modpost.c | 3 +- scripts/mod/sumversion.c | 7 +- security/security.c | 45 +- sound/pci/hda/Kconfig | 4 +- sound/pci/hda/patch_conexant.c | 18 + sound/pci/hda/patch_cs8409.c | 1 + sound/pci/hda/patch_realtek.c | 20 +- sound/pci/hda/tas2781_hda_i2c.c | 2 +- sound/soc/amd/yc/acp6x-mach.c | 14 + sound/soc/codecs/rt5645.c | 1 + sound/soc/codecs/tas2781-comlib.c | 3 +- sound/soc/codecs/tas2781-i2c.c | 2 +- sound/soc/codecs/wcd938x.c | 2 +- sound/soc/intel/avs/core.c | 3 + sound/soc/intel/avs/topology.c | 2 +- sound/soc/sof/ipc3-topology.c | 69 +- sound/soc/sof/ipc3.c | 2 +- tools/arch/x86/include/asm/rmwcc.h | 2 +- tools/include/linux/compiler_types.h | 4 +- .../testing/selftests/dt/test_unprobed_devices.sh | 13 +- tools/testing/selftests/landlock/common.h | 48 +- tools/testing/selftests/landlock/fs_test.c | 11 +- tools/testing/selftests/landlock/net_test.c | 13 +- .../selftests/mm/charge_reserved_hugetlb.sh | 2 +- tools/testing/selftests/mm/ksm_tests.c | 2 +- tools/testing/selftests/mm/map_hugetlb.c | 7 + tools/testing/selftests/mm/va_high_addr_switch.sh | 6 + tools/testing/selftests/mm/write_hugetlb_memory.sh | 2 +- .../selftests/net/forwarding/bridge_locked_port.sh | 4 +- .../testing/selftests/net/forwarding/bridge_mdb.sh | 14 +- .../selftests/net/forwarding/tc_flower_l2_miss.sh | 8 +- tools/testing/selftests/net/mptcp/config | 3 + tools/testing/selftests/net/mptcp/mptcp_join.sh | 10 +- tools/testing/selftests/net/mptcp/mptcp_lib.sh | 11 +- tools/testing/selftests/net/mptcp/settings | 2 +- tools/testing/selftests/net/mptcp/userspace_pm.sh | 31 +- .../selftests/net/test_bridge_backup_port.sh | 394 +++++----- tools/tracing/rtla/Makefile | 7 +- tools/tracing/rtla/src/osnoise_hist.c | 9 +- tools/tracing/rtla/src/osnoise_top.c | 6 +- tools/tracing/rtla/src/timerlat_hist.c | 9 +- tools/tracing/rtla/src/timerlat_top.c | 6 +- tools/tracing/rtla/src/utils.c | 14 +- tools/tracing/rtla/src/utils.h | 2 + tools/verification/rv/Makefile | 7 +- tools/verification/rv/src/in_kernel.c | 2 +- 350 files changed, 3352 insertions(+), 2554 deletions(-)

1 year, 6 months

9
8
0 0

[PATCH 3/6] soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free

by Johan Hovold

A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issue on pmic_glink_altmode probe deferral. This has manifested itself as the display subsystem occasionally failing to initialise and NULL-pointer dereferences during boot of machines like the Lenovo ThinkPad X13s. Specifically, the dp-hpd bridge is currently registered before all resources have been acquired which means that it can also be deregistered on probe deferrals. In the meantime there is a race window where the new aux bridge driver (or PHY driver previously) may have looked up the dp-hpd bridge and stored a (non-reference-counted) pointer to the bridge which is about to be deallocated. When the display controller is later initialised, this triggers a use-after-free when attaching the bridges: dp -> aux -> dp-hpd (freed) which may, for example, result in the freed bridge failing to attach: [drm:drm_bridge_attach [drm]] *ERROR* failed to attach bridge /soc@0/phy@88eb000 to encoder TMDS-31: -16 or a NULL-pointer dereference: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 ... Call trace: drm_bridge_attach+0x70/0x1a8 [drm] drm_aux_bridge_attach+0x24/0x38 [aux_bridge] drm_bridge_attach+0x80/0x1a8 [drm] dp_bridge_init+0xa8/0x15c [msm] msm_dp_modeset_init+0x28/0xc4 [msm] The DRM bridge implementation is clearly fragile and implicitly built on the assumption that bridges may never go away. In this case, the fix is to move the bridge registration in the pmic_glink_altmode driver to after all resources have been looked up. Incidentally, with the new dp-hpd bridge implementation, which registers child devices, this is also a requirement due to a long-standing issue in driver core that can otherwise lead to a probe deferral loop (see fbc35b45f9f6 ("Add documentation on meaning of -EPROBE_DEFER")). Fixes: 080b4e24852b ("soc: qcom: pmic_glink: Introduce altmode support") Fixes: 2bcca96abfbf ("soc: qcom: pmic-glink: switch to DRM_AUX_HPD_BRIDGE") Cc: stable(a)vger.kernel.org # 6.3 Cc: Bjorn Andersson <andersson(a)kernel.org> Cc: Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- drivers/soc/qcom/pmic_glink_altmode.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/drivers/soc/qcom/pmic_glink_altmode.c b/drivers/soc/qcom/pmic_glink_altmode.c index 5fcd0fdd2faa..b3808fc24c69 100644 --- a/drivers/soc/qcom/pmic_glink_altmode.c +++ b/drivers/soc/qcom/pmic_glink_altmode.c @@ -76,7 +76,7 @@ struct pmic_glink_altmode_port { struct work_struct work; - struct device *bridge; + struct auxiliary_device *bridge; enum typec_orientation orientation; u16 svid; @@ -230,7 +230,7 @@ static void pmic_glink_altmode_worker(struct work_struct *work) else pmic_glink_altmode_enable_usb(altmode, alt_port); - drm_aux_hpd_bridge_notify(alt_port->bridge, + drm_aux_hpd_bridge_notify(&alt_port->bridge->dev, alt_port->hpd_state ? connector_status_connected : connector_status_disconnected); @@ -454,7 +454,7 @@ static int pmic_glink_altmode_probe(struct auxiliary_device *adev, alt_port->index = port; INIT_WORK(&alt_port->work, pmic_glink_altmode_worker); - alt_port->bridge = drm_dp_hpd_bridge_register(dev, to_of_node(fwnode)); + alt_port->bridge = devm_drm_dp_hpd_bridge_alloc(dev, to_of_node(fwnode)); if (IS_ERR(alt_port->bridge)) { fwnode_handle_put(fwnode); return PTR_ERR(alt_port->bridge); @@ -510,6 +510,16 @@ static int pmic_glink_altmode_probe(struct auxiliary_device *adev, } } + for (port = 0; port < ARRAY_SIZE(altmode->ports); port++) { + alt_port = &altmode->ports[port]; + if (!alt_port->bridge) + continue; + + ret = devm_drm_dp_hpd_bridge_add(dev, alt_port->bridge); + if (ret) + return ret; + } + altmode->client = devm_pmic_glink_register_client(dev, altmode->owner_id, pmic_glink_altmode_callback, -- 2.43.0

1 year, 6 months

5
6
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror