- Linux-stable-mirror - lists.linaro.org

FAILED: patch "[PATCH] io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 72bd80252feeb3bef8724230ee15d9f7ab541c6e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021339-flick-facsimile-65c3@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 72bd80252fee ("io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL and buffers") f9ead18c1058 ("io_uring: split network related opcodes into its own file") e0da14def1ee ("io_uring: move statx handling to its own file") a9c210cebe13 ("io_uring: move epoll handler to its own file") 4cf90495281b ("io_uring: add a dummy -EOPNOTSUPP prep handler") 99f15d8d6136 ("io_uring: move uring_cmd handling to its own file") cd40cae29ef8 ("io_uring: split out open/close operations") 453b329be5ea ("io_uring: separate out file table handling code") f4c163dd7d4b ("io_uring: split out fadvise/madvise operations") 0d5847274037 ("io_uring: split out fs related sync/fallocate functions") 531113bbd5bf ("io_uring: split out splice related operations") 11aeb71406dd ("io_uring: split out filesystem related operations") e28683bdfc2f ("io_uring: move nop into its own file") 5e2a18d93fec ("io_uring: move xattr related opcodes to its own file") 97b388d70b53 ("io_uring: handle completions in the core") de23077eda61 ("io_uring: set completion results upfront") e27f928ee1cb ("io_uring: add io_uring_types.h") 4d4c9cff4f70 ("io_uring: define a request type cleanup handler") 890968dc0336 ("io_uring: unify struct io_symlink and io_hardlink") 9a3a11f977f9 ("io_uring: convert iouring_cmd to io_cmd_type") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 72bd80252feeb3bef8724230ee15d9f7ab541c6e Mon Sep 17 00:00:00 2001 From: Jens Axboe <axboe(a)kernel.dk> Date: Thu, 1 Feb 2024 06:42:36 -0700 Subject: [PATCH] io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL and buffers If we use IORING_OP_RECV with provided buffers and pass in '0' as the length of the request, the length is retrieved from the selected buffer. If MSG_WAITALL is also set and we get a short receive, then we may hit the retry path which decrements sr->len and increments the buffer for a retry. However, the length is still zero at this point, which means that sr->len now becomes huge and import_ubuf() will cap it to MAX_RW_COUNT and subsequently return -EFAULT for the range as a whole. Fix this by always assigning sr->len once the buffer has been selected. Cc: stable(a)vger.kernel.org Fixes: 7ba89d2af17a ("io_uring: ensure recv and recvmsg handle MSG_WAITALL correctly") Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/io_uring/net.c b/io_uring/net.c index a12ff69e6843..43bc9a5f96f9 100644 --- a/io_uring/net.c +++ b/io_uring/net.c @@ -923,6 +923,7 @@ int io_recv(struct io_kiocb *req, unsigned int issue_flags) if (!buf) return -ENOBUFS; sr->buf = buf; + sr->len = len; } ret = import_ubuf(ITER_DEST, sr->buf, len, &msg.msg_iter);

1 year, 7 months

3
2
0 0

[PATCH 6.1] f2fs: add helper to check compression level

by Chao Yu

From: Sheng Yong <shengyong(a)oppo.com> commit c571fbb5b59a3741e48014faa92c2f14bc59fe50 upstream. This patch adds a helper function to check if compression level is valid. Meanwhile, this patch fixes a reported issue [1]: The issue is easily reproducible by: 1. dd if=/dev/zero of=test.img count=100 bs=1M 2. mkfs.f2fs -f -O compression,extra_attr ./test.img 3. mount -t f2fs -o compress_algorithm=zstd:6,compress_chksum,atgc,gc_merge,lazytime ./test.img /mnt resulting in [ 60.789982] F2FS-fs (loop0): invalid zstd compress level: 6 A bugzilla report has been submitted in https://bugzilla.kernel.org/show_bug.cgi?id=218471 [1] https://lore.kernel.org/lkml/ZcWDOjKEnPDxZ0Or@google.com/T/ The root cause is commit 00e120b5e4b5 ("f2fs: assign default compression level") tries to check low boundary of compress level w/ zstd_min_clevel(), however, since commit e0c1b49f5b67 ("lib: zstd: Upgrade to latest upstream zstd version 1.4.10"), zstd supports negative compress level, it cast type for negative value returned from zstd_min_clevel() to unsigned int in below check condition, result in repored issue. if (level < zstd_min_clevel() || ... This patch fixes this issue by casting type for level to int before comparison. Fixes: 00e120b5e4b5 ("f2fs: assign default compression level") Signed-off-by: Sheng Yong <shengyong(a)oppo.com> Reviewed-by: Chao Yu <chao(a)kernel.org> Signed-off-by: Jaegeuk Kim <jaegeuk(a)kernel.org> Signed-off-by: Chao Yu <chao(a)kernel.org> --- fs/f2fs/compress.c | 27 +++++++++++++++++++++++++++ fs/f2fs/f2fs.h | 2 ++ fs/f2fs/super.c | 4 ++-- 3 files changed, 31 insertions(+), 2 deletions(-) diff --git a/fs/f2fs/compress.c b/fs/f2fs/compress.c index 4cb58e8d699e..4e83cfa1b073 100644 --- a/fs/f2fs/compress.c +++ b/fs/f2fs/compress.c @@ -55,6 +55,7 @@ struct f2fs_compress_ops { int (*init_decompress_ctx)(struct decompress_io_ctx *dic); void (*destroy_decompress_ctx)(struct decompress_io_ctx *dic); int (*decompress_pages)(struct decompress_io_ctx *dic); + bool (*is_level_valid)(int level); }; static unsigned int offset_in_cluster(struct compress_ctx *cc, pgoff_t index) @@ -322,11 +323,21 @@ static int lz4_decompress_pages(struct decompress_io_ctx *dic) return 0; } +static bool lz4_is_level_valid(int lvl) +{ +#ifdef CONFIG_F2FS_FS_LZ4HC + return !lvl || (lvl >= LZ4HC_MIN_CLEVEL && lvl <= LZ4HC_MAX_CLEVEL); +#else + return lvl == 0; +#endif +} + static const struct f2fs_compress_ops f2fs_lz4_ops = { .init_compress_ctx = lz4_init_compress_ctx, .destroy_compress_ctx = lz4_destroy_compress_ctx, .compress_pages = lz4_compress_pages, .decompress_pages = lz4_decompress_pages, + .is_level_valid = lz4_is_level_valid, }; #endif @@ -490,6 +501,11 @@ static int zstd_decompress_pages(struct decompress_io_ctx *dic) return 0; } +static bool zstd_is_level_valid(int lvl) +{ + return lvl >= zstd_min_clevel() && lvl <= zstd_max_clevel(); +} + static const struct f2fs_compress_ops f2fs_zstd_ops = { .init_compress_ctx = zstd_init_compress_ctx, .destroy_compress_ctx = zstd_destroy_compress_ctx, @@ -497,6 +513,7 @@ static const struct f2fs_compress_ops f2fs_zstd_ops = { .init_decompress_ctx = zstd_init_decompress_ctx, .destroy_decompress_ctx = zstd_destroy_decompress_ctx, .decompress_pages = zstd_decompress_pages, + .is_level_valid = zstd_is_level_valid, }; #endif @@ -555,6 +572,16 @@ bool f2fs_is_compress_backend_ready(struct inode *inode) return f2fs_cops[F2FS_I(inode)->i_compress_algorithm]; } +bool f2fs_is_compress_level_valid(int alg, int lvl) +{ + const struct f2fs_compress_ops *cops = f2fs_cops[alg]; + + if (cops->is_level_valid) + return cops->is_level_valid(lvl); + + return lvl == 0; +} + static mempool_t *compress_page_pool; static int num_compress_pages = 512; module_param(num_compress_pages, uint, 0444); diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h index 5c76ba764b71..e5a9498b89c0 100644 --- a/fs/f2fs/f2fs.h +++ b/fs/f2fs/f2fs.h @@ -4219,6 +4219,7 @@ bool f2fs_compress_write_end(struct inode *inode, void *fsdata, int f2fs_truncate_partial_cluster(struct inode *inode, u64 from, bool lock); void f2fs_compress_write_end_io(struct bio *bio, struct page *page); bool f2fs_is_compress_backend_ready(struct inode *inode); +bool f2fs_is_compress_level_valid(int alg, int lvl); int f2fs_init_compress_mempool(void); void f2fs_destroy_compress_mempool(void); void f2fs_decompress_cluster(struct decompress_io_ctx *dic, bool in_task); @@ -4283,6 +4284,7 @@ static inline bool f2fs_is_compress_backend_ready(struct inode *inode) /* not support compression */ return false; } +static inline bool f2fs_is_compress_level_valid(int alg, int lvl) { return false; } static inline struct page *f2fs_compress_control_page(struct page *page) { WARN_ON_ONCE(1); diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c index 3805162dcef2..0c0d0671febe 100644 --- a/fs/f2fs/super.c +++ b/fs/f2fs/super.c @@ -628,7 +628,7 @@ static int f2fs_set_lz4hc_level(struct f2fs_sb_info *sbi, const char *str) if (kstrtouint(str + 1, 10, &level)) return -EINVAL; - if (level < LZ4HC_MIN_CLEVEL || level > LZ4HC_MAX_CLEVEL) { + if (!f2fs_is_compress_level_valid(COMPRESS_LZ4, level)) { f2fs_info(sbi, "invalid lz4hc compress level: %d", level); return -EINVAL; } @@ -666,7 +666,7 @@ static int f2fs_set_zstd_level(struct f2fs_sb_info *sbi, const char *str) if (kstrtouint(str + 1, 10, &level)) return -EINVAL; - if (level < zstd_min_clevel() || level > zstd_max_clevel()) { + if (!f2fs_is_compress_level_valid(COMPRESS_ZSTD, level)) { f2fs_info(sbi, "invalid zstd compress level: %d", level); return -EINVAL; } -- 2.40.1

1 year, 7 months

2
1
0 0

[PATCH 6.1.y 0/7] ASoC: codecs: es8326: fix support

by kovalev＠altlinux.org

These patches were backported from v6.6 upstream and are intended for 6.1.y stable kernel. Patches have been successfully tested on the latest 6.1.75 kernel. [PATCH 6.1.y 1/7] ASoC: codecs: es8326: Convert to i2c's .probe_new() [PATCH 6.1.y 2/7] ASoC: codecs: ES8326: Add es8326_mute function [PATCH 6.1.y 3/7] ASoC: codecs: ES8326: Change Hp_detect register names [PATCH 6.1.y 4/7] ASoC: codecs: ES8326: Change Volatile Reg function [PATCH 6.1.y 5/7] ASoC: codecs: ES8326: Fix power-up sequence [PATCH 6.1.y 6/7] ASOC: codecs: ES8326: Add calibration support for [PATCH 6.1.y 7/7] ASoC: codecs: ES8326: Update jact detection function

1 year, 7 months

3
10
0 0

[PATCH v6.1.y-v4.19.y] vhost: use kzalloc() instead of kmalloc() followed by memset()

by Ajay Kaher

From: Prathu Baronia <prathubaronia2011(a)gmail.com> From: Prathu Baronia <prathubaronia2011(a)gmail.com> commit 4d8df0f5f79f747d75a7d356d9b9ea40a4e4c8a9 upstream Use kzalloc() to allocate new zeroed out msg node instead of memsetting a node allocated with kmalloc(). Signed-off-by: Prathu Baronia <prathubaronia2011(a)gmail.com> Message-Id: <20230522085019.42914-1-prathubaronia2011(a)gmail.com> Signed-off-by: Michael S. Tsirkin <mst(a)redhat.com> Reviewed-by: Stefano Garzarella <sgarzare(a)redhat.com> [Ajay: This is a security fix as per CVE-2024-0340] Signed-off-by: Ajay Kaher <ajay.kaher(a)broadcom.com> --- drivers/vhost/vhost.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c index 07427302084955..ecb3b397bb3888 100644 --- a/drivers/vhost/vhost.c +++ b/drivers/vhost/vhost.c @@ -2563,12 +2563,11 @@ EXPORT_SYMBOL_GPL(vhost_disable_notify); /* Create a new message. */ struct vhost_msg_node *vhost_new_msg(struct vhost_virtqueue *vq, int type) { - struct vhost_msg_node *node = kmalloc(sizeof *node, GFP_KERNEL); + /* Make sure all padding within the structure is initialized. */ + struct vhost_msg_node *node = kzalloc(sizeof(*node), GFP_KERNEL); if (!node) return NULL; - /* Make sure all padding within the structure is initialized. */ - memset(&node->msg, 0, sizeof node->msg); node->vq = vq; node->msg.type = type; return node;

1 year, 7 months

2
1
0 0

FAILED: patch "[PATCH] io_uring/net: limit inline multishot retries" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 76b367a2d83163cf19173d5cb0b562acbabc8eac # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021331-stool-hash-b0c4@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 76b367a2d831 ("io_uring/net: limit inline multishot retries") 91e5d765a82f ("io_uring/net: un-indent mshot retry path in io_recv_finish()") b6b2bb58a754 ("io_uring: never overflow io_aux_cqe") b2e74db55dd9 ("io_uring/net: don't overflow multishot recv") 1bfed2334971 ("io_uring/net: don't overflow multishot accept") b65db9211ecb ("io_uring/net: use proper value for msg_inq") 0aa69d53ac7c ("Merge tag 'for-6.5/io_uring-2023-06-23' of git://git.kernel.dk/linux") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 76b367a2d83163cf19173d5cb0b562acbabc8eac Mon Sep 17 00:00:00 2001 From: Jens Axboe <axboe(a)kernel.dk> Date: Mon, 29 Jan 2024 12:00:58 -0700 Subject: [PATCH] io_uring/net: limit inline multishot retries If we have multiple clients and some/all are flooding the receives to such an extent that we can retry a LOT handling multishot receives, then we can be starving some clients and hence serving traffic in an imbalanced fashion. Limit multishot retry attempts to some arbitrary value, whose only purpose serves to ensure that we don't keep serving a single connection for way too long. We default to 32 retries, which should be more than enough to provide fairness, yet not so small that we'll spend too much time requeuing rather than handling traffic. Cc: stable(a)vger.kernel.org Depends-on: 704ea888d646 ("io_uring/poll: add requeue return code from poll multishot handling") Depends-on: 1e5d765a82f ("io_uring/net: un-indent mshot retry path in io_recv_finish()") Depends-on: e84b01a880f6 ("io_uring/poll: move poll execution helpers higher up") Fixes: b3fdea6ecb55 ("io_uring: multishot recv") Fixes: 9bb66906f23e ("io_uring: support multishot in recvmsg") Link: https://github.com/axboe/liburing/issues/1043 Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/io_uring/net.c b/io_uring/net.c index 740c6bfa5b59..a12ff69e6843 100644 --- a/io_uring/net.c +++ b/io_uring/net.c @@ -60,6 +60,7 @@ struct io_sr_msg { unsigned len; unsigned done_io; unsigned msg_flags; + unsigned nr_multishot_loops; u16 flags; /* initialised and used only by !msg send variants */ u16 addr_len; @@ -70,6 +71,13 @@ struct io_sr_msg { struct io_kiocb *notif; }; +/* + * Number of times we'll try and do receives if there's more data. If we + * exceed this limit, then add us to the back of the queue and retry from + * there. This helps fairness between flooding clients. + */ +#define MULTISHOT_MAX_RETRY 32 + static inline bool io_check_multishot(struct io_kiocb *req, unsigned int issue_flags) { @@ -611,6 +619,7 @@ int io_recvmsg_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe) sr->msg_flags |= MSG_CMSG_COMPAT; #endif sr->done_io = 0; + sr->nr_multishot_loops = 0; return 0; } @@ -654,12 +663,20 @@ static inline bool io_recv_finish(struct io_kiocb *req, int *ret, */ if (io_fill_cqe_req_aux(req, issue_flags & IO_URING_F_COMPLETE_DEFER, *ret, cflags | IORING_CQE_F_MORE)) { + struct io_sr_msg *sr = io_kiocb_to_cmd(req, struct io_sr_msg); + int mshot_retry_ret = IOU_ISSUE_SKIP_COMPLETE; + io_recv_prep_retry(req); /* Known not-empty or unknown state, retry */ - if (cflags & IORING_CQE_F_SOCK_NONEMPTY || msg->msg_inq == -1) - return false; + if (cflags & IORING_CQE_F_SOCK_NONEMPTY || msg->msg_inq == -1) { + if (sr->nr_multishot_loops++ < MULTISHOT_MAX_RETRY) + return false; + /* mshot retries exceeded, force a requeue */ + sr->nr_multishot_loops = 0; + mshot_retry_ret = IOU_REQUEUE; + } if (issue_flags & IO_URING_F_MULTISHOT) - *ret = IOU_ISSUE_SKIP_COMPLETE; + *ret = mshot_retry_ret; else *ret = -EAGAIN; return true;

1 year, 7 months

2
1
0 0

FAILED: patch "[PATCH] xhci: handle isoc Babble and Buffer Overrun events properly" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 7c4650ded49e5b88929ecbbb631efb8b0838e811 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021308-hardness-undercook-6840@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: 7c4650ded49e ("xhci: handle isoc Babble and Buffer Overrun events properly") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 7c4650ded49e5b88929ecbbb631efb8b0838e811 Mon Sep 17 00:00:00 2001 From: Michal Pecio <michal.pecio(a)gmail.com> Date: Thu, 25 Jan 2024 17:27:37 +0200 Subject: [PATCH] xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet the driver makes such assumption and releases the TD, allowing the remaining TRBs to be freed or overwritten by new TDs. The xHC should also report completion of the final TRB due to its IOC flag being set by us, regardless of prior errors. This event cannot be recognized if the TD has already been freed earlier, resulting in "Transfer event TRB DMA ptr not part of current TD" error message. Fix this by reusing the logic for processing isoc Transaction Errors. This also handles hosts which fail to report the final completion. Fix transfer length reporting on Babble errors. They may be caused by device malfunction, no guarantee that the buffer has been filled. Signed-off-by: Michal Pecio <michal.pecio(a)gmail.com> Cc: stable(a)vger.kernel.org Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> Link: https://lore.kernel.org/r/20240125152737.2983959-5-mathias.nyman@linux.inte… Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c index 41be7d31a36e..f0d8a607ff21 100644 --- a/drivers/usb/host/xhci-ring.c +++ b/drivers/usb/host/xhci-ring.c @@ -2394,9 +2394,13 @@ static int process_isoc_td(struct xhci_hcd *xhci, struct xhci_virt_ep *ep, case COMP_BANDWIDTH_OVERRUN_ERROR: frame->status = -ECOMM; break; - case COMP_ISOCH_BUFFER_OVERRUN: case COMP_BABBLE_DETECTED_ERROR: + sum_trbs_for_length = true; + fallthrough; + case COMP_ISOCH_BUFFER_OVERRUN: frame->status = -EOVERFLOW; + if (ep_trb != td->last_trb) + td->error_mid_td = true; break; case COMP_INCOMPATIBLE_DEVICE_ERROR: case COMP_STALL_ERROR:

1 year, 7 months

3
3
0 0

[PATCH 1/2] drm/buddy: Fix alloc_range() error handling code

by Arunpravin Paneer Selvam

Few users have observed display corruption when they boot the machine to KDE Plasma or playing games. We have root caused the problem that whenever alloc_range() couldn't find the required memory blocks the function was returning SUCCESS in some of the corner cases. The right approach would be if the total allocated size is less than the required size, the function should return -ENOSPC. Cc: <stable(a)vger.kernel.org> # 6.7+ Fixes: 0a1844bf0b53 ("drm/buddy: Improve contiguous memory allocation") Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3097 Tested-by: Mario Limonciello <mario.limonciello(a)amd.com> Link: https://patchwork.kernel.org/project/dri-devel/patch/20240207174456.341121-… Acked-by: Christian König <christian.koenig(a)amd.com> Reviewed-by: Matthew Auld <matthew.auld(a)intel.com> Signed-off-by: Arunpravin Paneer Selvam <Arunpravin.PaneerSelvam(a)amd.com> --- drivers/gpu/drm/drm_buddy.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/gpu/drm/drm_buddy.c b/drivers/gpu/drm/drm_buddy.c index f57e6d74fb0e..c1a99bf4dffd 100644 --- a/drivers/gpu/drm/drm_buddy.c +++ b/drivers/gpu/drm/drm_buddy.c @@ -539,6 +539,12 @@ static int __alloc_range(struct drm_buddy *mm, } while (1); list_splice_tail(&allocated, blocks); + + if (total_allocated < size) { + err = -ENOSPC; + goto err_free; + } + return 0; err_undo: base-commit: 2c80a2b715df75881359d07dbaacff8ad411f40e -- 2.25.1

1 year, 7 months

1
0
0 0

FAILED: patch "[PATCH] PCI/ASPM: Fix deadlock when enabling ASPM" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 1e560864159d002b453da42bd2c13a1805515a20 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021339-undesired-juicy-366a@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 1e560864159d ("PCI/ASPM: Fix deadlock when enabling ASPM") ac865f00af29 ("Merge tag 'pci-v6.7-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 1e560864159d002b453da42bd2c13a1805515a20 Mon Sep 17 00:00:00 2001 From: Johan Hovold <johan+linaro(a)kernel.org> Date: Tue, 30 Jan 2024 11:02:43 +0100 Subject: [PATCH] PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASPM during probe of Qualcomm PCIe controllers as reported by lockdep: ============================================ WARNING: possible recursive locking detected 6.7.0 #40 Not tainted -------------------------------------------- kworker/u16:5/90 is trying to acquire lock: ffffacfa78ced000 (pci_bus_sem){++++}-{3:3}, at: pcie_aspm_pm_state_change+0x58/0xdc but task is already holding lock: ffffacfa78ced000 (pci_bus_sem){++++}-{3:3}, at: pci_walk_bus+0x34/0xbc other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(pci_bus_sem); lock(pci_bus_sem); *** DEADLOCK *** Call trace: print_deadlock_bug+0x25c/0x348 __lock_acquire+0x10a4/0x2064 lock_acquire+0x1e8/0x318 down_read+0x60/0x184 pcie_aspm_pm_state_change+0x58/0xdc pci_set_full_power_state+0xa8/0x114 pci_set_power_state+0xc4/0x120 qcom_pcie_enable_aspm+0x1c/0x3c [pcie_qcom] pci_walk_bus+0x64/0xbc qcom_pcie_host_post_init_2_7_0+0x28/0x34 [pcie_qcom] The deadlock can easily be reproduced on machines like the Lenovo ThinkPad X13s by adding a delay to increase the race window during asynchronous probe where another thread can take a write lock. Add a new pci_set_power_state_locked() and associated helper functions that can be called with the PCI bus semaphore held to avoid taking the read lock twice. Link: https://lore.kernel.org/r/ZZu0qx2cmn7IwTyQ@hovoldconsulting.com Link: https://lore.kernel.org/r/20240130100243.11011-1-johan+linaro@kernel.org Fixes: f93e71aea6c6 ("Revert "PCI/ASPM: Remove pcie_aspm_pm_state_change()"") Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com> Cc: <stable(a)vger.kernel.org> # 6.7 diff --git a/drivers/pci/bus.c b/drivers/pci/bus.c index 9c2137dae429..826b5016a101 100644 --- a/drivers/pci/bus.c +++ b/drivers/pci/bus.c @@ -386,21 +386,8 @@ void pci_bus_add_devices(const struct pci_bus *bus) } EXPORT_SYMBOL(pci_bus_add_devices); -/** pci_walk_bus - walk devices on/under bus, calling callback. - * @top bus whose devices should be walked - * @cb callback to be called for each device found - * @userdata arbitrary pointer to be passed to callback. - * - * Walk the given bus, including any bridged devices - * on buses under this bus. Call the provided callback - * on each device found. - * - * We check the return of @cb each time. If it returns anything - * other than 0, we break out. - * - */ -void pci_walk_bus(struct pci_bus *top, int (*cb)(struct pci_dev *, void *), - void *userdata) +static void __pci_walk_bus(struct pci_bus *top, int (*cb)(struct pci_dev *, void *), + void *userdata, bool locked) { struct pci_dev *dev; struct pci_bus *bus; @@ -408,7 +395,8 @@ void pci_walk_bus(struct pci_bus *top, int (*cb)(struct pci_dev *, void *), int retval; bus = top; - down_read(&pci_bus_sem); + if (!locked) + down_read(&pci_bus_sem); next = top->devices.next; for (;;) { if (next == &bus->devices) { @@ -431,10 +419,37 @@ void pci_walk_bus(struct pci_bus *top, int (*cb)(struct pci_dev *, void *), if (retval) break; } - up_read(&pci_bus_sem); + if (!locked) + up_read(&pci_bus_sem); +} + +/** + * pci_walk_bus - walk devices on/under bus, calling callback. + * @top: bus whose devices should be walked + * @cb: callback to be called for each device found + * @userdata: arbitrary pointer to be passed to callback + * + * Walk the given bus, including any bridged devices + * on buses under this bus. Call the provided callback + * on each device found. + * + * We check the return of @cb each time. If it returns anything + * other than 0, we break out. + */ +void pci_walk_bus(struct pci_bus *top, int (*cb)(struct pci_dev *, void *), void *userdata) +{ + __pci_walk_bus(top, cb, userdata, false); } EXPORT_SYMBOL_GPL(pci_walk_bus); +void pci_walk_bus_locked(struct pci_bus *top, int (*cb)(struct pci_dev *, void *), void *userdata) +{ + lockdep_assert_held(&pci_bus_sem); + + __pci_walk_bus(top, cb, userdata, true); +} +EXPORT_SYMBOL_GPL(pci_walk_bus_locked); + struct pci_bus *pci_bus_get(struct pci_bus *bus) { if (bus) diff --git a/drivers/pci/controller/dwc/pcie-qcom.c b/drivers/pci/controller/dwc/pcie-qcom.c index 10f2d0bb86be..2ce2a3bd932b 100644 --- a/drivers/pci/controller/dwc/pcie-qcom.c +++ b/drivers/pci/controller/dwc/pcie-qcom.c @@ -972,7 +972,7 @@ static int qcom_pcie_enable_aspm(struct pci_dev *pdev, void *userdata) * Downstream devices need to be in D0 state before enabling PCI PM * substates. */ - pci_set_power_state(pdev, PCI_D0); + pci_set_power_state_locked(pdev, PCI_D0); pci_enable_link_state_locked(pdev, PCIE_LINK_STATE_ALL); return 0; diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c index d8f11a078924..9ab9b1008d8b 100644 --- a/drivers/pci/pci.c +++ b/drivers/pci/pci.c @@ -1354,6 +1354,7 @@ int pci_power_up(struct pci_dev *dev) /** * pci_set_full_power_state - Put a PCI device into D0 and update its state * @dev: PCI device to power up + * @locked: whether pci_bus_sem is held * * Call pci_power_up() to put @dev into D0, read from its PCI_PM_CTRL register * to confirm the state change, restore its BARs if they might be lost and @@ -1363,7 +1364,7 @@ int pci_power_up(struct pci_dev *dev) * to D0, it is more efficient to use pci_power_up() directly instead of this * function. */ -static int pci_set_full_power_state(struct pci_dev *dev) +static int pci_set_full_power_state(struct pci_dev *dev, bool locked) { u16 pmcsr; int ret; @@ -1399,7 +1400,7 @@ static int pci_set_full_power_state(struct pci_dev *dev) } if (dev->bus->self) - pcie_aspm_pm_state_change(dev->bus->self); + pcie_aspm_pm_state_change(dev->bus->self, locked); return 0; } @@ -1428,10 +1429,22 @@ void pci_bus_set_current_state(struct pci_bus *bus, pci_power_t state) pci_walk_bus(bus, __pci_dev_set_current_state, &state); } +static void __pci_bus_set_current_state(struct pci_bus *bus, pci_power_t state, bool locked) +{ + if (!bus) + return; + + if (locked) + pci_walk_bus_locked(bus, __pci_dev_set_current_state, &state); + else + pci_walk_bus(bus, __pci_dev_set_current_state, &state); +} + /** * pci_set_low_power_state - Put a PCI device into a low-power state. * @dev: PCI device to handle. * @state: PCI power state (D1, D2, D3hot) to put the device into. + * @locked: whether pci_bus_sem is held * * Use the device's PCI_PM_CTRL register to put it into a low-power state. * @@ -1442,7 +1455,7 @@ void pci_bus_set_current_state(struct pci_bus *bus, pci_power_t state) * 0 if device already is in the requested state. * 0 if device's power state has been successfully changed. */ -static int pci_set_low_power_state(struct pci_dev *dev, pci_power_t state) +static int pci_set_low_power_state(struct pci_dev *dev, pci_power_t state, bool locked) { u16 pmcsr; @@ -1496,29 +1509,12 @@ static int pci_set_low_power_state(struct pci_dev *dev, pci_power_t state) pci_power_name(state)); if (dev->bus->self) - pcie_aspm_pm_state_change(dev->bus->self); + pcie_aspm_pm_state_change(dev->bus->self, locked); return 0; } -/** - * pci_set_power_state - Set the power state of a PCI device - * @dev: PCI device to handle. - * @state: PCI power state (D0, D1, D2, D3hot) to put the device into. - * - * Transition a device to a new power state, using the platform firmware and/or - * the device's PCI PM registers. - * - * RETURN VALUE: - * -EINVAL if the requested state is invalid. - * -EIO if device does not support PCI PM or its PM capabilities register has a - * wrong version, or device doesn't support the requested state. - * 0 if the transition is to D1 or D2 but D1 and D2 are not supported. - * 0 if device already is in the requested state. - * 0 if the transition is to D3 but D3 is not supported. - * 0 if device's power state has been successfully changed. - */ -int pci_set_power_state(struct pci_dev *dev, pci_power_t state) +static int __pci_set_power_state(struct pci_dev *dev, pci_power_t state, bool locked) { int error; @@ -1542,7 +1538,7 @@ int pci_set_power_state(struct pci_dev *dev, pci_power_t state) return 0; if (state == PCI_D0) - return pci_set_full_power_state(dev); + return pci_set_full_power_state(dev, locked); /* * This device is quirked not to be put into D3, so don't put it in @@ -1556,16 +1552,16 @@ int pci_set_power_state(struct pci_dev *dev, pci_power_t state) * To put the device in D3cold, put it into D3hot in the native * way, then put it into D3cold using platform ops. */ - error = pci_set_low_power_state(dev, PCI_D3hot); + error = pci_set_low_power_state(dev, PCI_D3hot, locked); if (pci_platform_power_transition(dev, PCI_D3cold)) return error; /* Powering off a bridge may power off the whole hierarchy */ if (dev->current_state == PCI_D3cold) - pci_bus_set_current_state(dev->subordinate, PCI_D3cold); + __pci_bus_set_current_state(dev->subordinate, PCI_D3cold, locked); } else { - error = pci_set_low_power_state(dev, state); + error = pci_set_low_power_state(dev, state, locked); if (pci_platform_power_transition(dev, state)) return error; @@ -1573,8 +1569,38 @@ int pci_set_power_state(struct pci_dev *dev, pci_power_t state) return 0; } + +/** + * pci_set_power_state - Set the power state of a PCI device + * @dev: PCI device to handle. + * @state: PCI power state (D0, D1, D2, D3hot) to put the device into. + * + * Transition a device to a new power state, using the platform firmware and/or + * the device's PCI PM registers. + * + * RETURN VALUE: + * -EINVAL if the requested state is invalid. + * -EIO if device does not support PCI PM or its PM capabilities register has a + * wrong version, or device doesn't support the requested state. + * 0 if the transition is to D1 or D2 but D1 and D2 are not supported. + * 0 if device already is in the requested state. + * 0 if the transition is to D3 but D3 is not supported. + * 0 if device's power state has been successfully changed. + */ +int pci_set_power_state(struct pci_dev *dev, pci_power_t state) +{ + return __pci_set_power_state(dev, state, false); +} EXPORT_SYMBOL(pci_set_power_state); +int pci_set_power_state_locked(struct pci_dev *dev, pci_power_t state) +{ + lockdep_assert_held(&pci_bus_sem); + + return __pci_set_power_state(dev, state, true); +} +EXPORT_SYMBOL(pci_set_power_state_locked); + #define PCI_EXP_SAVE_REGS 7 static struct pci_cap_saved_state *_pci_find_saved_cap(struct pci_dev *pci_dev, diff --git a/drivers/pci/pci.h b/drivers/pci/pci.h index 2336a8d1edab..e9750b1b19ba 100644 --- a/drivers/pci/pci.h +++ b/drivers/pci/pci.h @@ -571,12 +571,12 @@ int pcie_retrain_link(struct pci_dev *pdev, bool use_lt); #ifdef CONFIG_PCIEASPM void pcie_aspm_init_link_state(struct pci_dev *pdev); void pcie_aspm_exit_link_state(struct pci_dev *pdev); -void pcie_aspm_pm_state_change(struct pci_dev *pdev); +void pcie_aspm_pm_state_change(struct pci_dev *pdev, bool locked); void pcie_aspm_powersave_config_link(struct pci_dev *pdev); #else static inline void pcie_aspm_init_link_state(struct pci_dev *pdev) { } static inline void pcie_aspm_exit_link_state(struct pci_dev *pdev) { } -static inline void pcie_aspm_pm_state_change(struct pci_dev *pdev) { } +static inline void pcie_aspm_pm_state_change(struct pci_dev *pdev, bool locked) { } static inline void pcie_aspm_powersave_config_link(struct pci_dev *pdev) { } #endif diff --git a/drivers/pci/pcie/aspm.c b/drivers/pci/pcie/aspm.c index 5a0066ecc3c5..bc0bd86695ec 100644 --- a/drivers/pci/pcie/aspm.c +++ b/drivers/pci/pcie/aspm.c @@ -1003,8 +1003,11 @@ void pcie_aspm_exit_link_state(struct pci_dev *pdev) up_read(&pci_bus_sem); } -/* @pdev: the root port or switch downstream port */ -void pcie_aspm_pm_state_change(struct pci_dev *pdev) +/* + * @pdev: the root port or switch downstream port + * @locked: whether pci_bus_sem is held + */ +void pcie_aspm_pm_state_change(struct pci_dev *pdev, bool locked) { struct pcie_link_state *link = pdev->link_state; @@ -1014,12 +1017,14 @@ void pcie_aspm_pm_state_change(struct pci_dev *pdev) * Devices changed PM state, we should recheck if latency * meets all functions' requirement */ - down_read(&pci_bus_sem); + if (!locked) + down_read(&pci_bus_sem); mutex_lock(&aspm_lock); pcie_update_aspm_capable(link->root); pcie_config_aspm_path(link); mutex_unlock(&aspm_lock); - up_read(&pci_bus_sem); + if (!locked) + up_read(&pci_bus_sem); } void pcie_aspm_powersave_config_link(struct pci_dev *pdev) diff --git a/include/linux/pci.h b/include/linux/pci.h index add9368e6314..7ab0d13672da 100644 --- a/include/linux/pci.h +++ b/include/linux/pci.h @@ -1422,6 +1422,7 @@ int pci_load_and_free_saved_state(struct pci_dev *dev, struct pci_saved_state **state); int pci_platform_power_transition(struct pci_dev *dev, pci_power_t state); int pci_set_power_state(struct pci_dev *dev, pci_power_t state); +int pci_set_power_state_locked(struct pci_dev *dev, pci_power_t state); pci_power_t pci_choose_state(struct pci_dev *dev, pm_message_t state); bool pci_pme_capable(struct pci_dev *dev, pci_power_t state); void pci_pme_active(struct pci_dev *dev, bool enable); @@ -1625,6 +1626,8 @@ int pci_scan_bridge(struct pci_bus *bus, struct pci_dev *dev, int max, void pci_walk_bus(struct pci_bus *top, int (*cb)(struct pci_dev *, void *), void *userdata); +void pci_walk_bus_locked(struct pci_bus *top, int (*cb)(struct pci_dev *, void *), + void *userdata); int pci_cfg_space_size(struct pci_dev *dev); unsigned char pci_bus_max_busnr(struct pci_bus *bus); void pci_setup_bridge(struct pci_bus *bus); @@ -2025,6 +2028,8 @@ static inline int pci_save_state(struct pci_dev *dev) { return 0; } static inline void pci_restore_state(struct pci_dev *dev) { } static inline int pci_set_power_state(struct pci_dev *dev, pci_power_t state) { return 0; } +static inline int pci_set_power_state_locked(struct pci_dev *dev, pci_power_t state) +{ return 0; } static inline int pci_wake_from_d3(struct pci_dev *dev, bool enable) { return 0; } static inline pci_power_t pci_choose_state(struct pci_dev *dev,

1 year, 7 months

1
0
0 0

FAILED: patch "[PATCH] xhci: handle isoc Babble and Buffer Overrun events properly" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x 7c4650ded49e5b88929ecbbb631efb8b0838e811 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021310-prelaunch-earmark-e533@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: 7c4650ded49e ("xhci: handle isoc Babble and Buffer Overrun events properly") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 7c4650ded49e5b88929ecbbb631efb8b0838e811 Mon Sep 17 00:00:00 2001 From: Michal Pecio <michal.pecio(a)gmail.com> Date: Thu, 25 Jan 2024 17:27:37 +0200 Subject: [PATCH] xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet the driver makes such assumption and releases the TD, allowing the remaining TRBs to be freed or overwritten by new TDs. The xHC should also report completion of the final TRB due to its IOC flag being set by us, regardless of prior errors. This event cannot be recognized if the TD has already been freed earlier, resulting in "Transfer event TRB DMA ptr not part of current TD" error message. Fix this by reusing the logic for processing isoc Transaction Errors. This also handles hosts which fail to report the final completion. Fix transfer length reporting on Babble errors. They may be caused by device malfunction, no guarantee that the buffer has been filled. Signed-off-by: Michal Pecio <michal.pecio(a)gmail.com> Cc: stable(a)vger.kernel.org Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> Link: https://lore.kernel.org/r/20240125152737.2983959-5-mathias.nyman@linux.inte… Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c index 41be7d31a36e..f0d8a607ff21 100644 --- a/drivers/usb/host/xhci-ring.c +++ b/drivers/usb/host/xhci-ring.c @@ -2394,9 +2394,13 @@ static int process_isoc_td(struct xhci_hcd *xhci, struct xhci_virt_ep *ep, case COMP_BANDWIDTH_OVERRUN_ERROR: frame->status = -ECOMM; break; - case COMP_ISOCH_BUFFER_OVERRUN: case COMP_BABBLE_DETECTED_ERROR: + sum_trbs_for_length = true; + fallthrough; + case COMP_ISOCH_BUFFER_OVERRUN: frame->status = -EOVERFLOW; + if (ep_trb != td->last_trb) + td->error_mid_td = true; break; case COMP_INCOMPATIBLE_DEVICE_ERROR: case COMP_STALL_ERROR:

1 year, 7 months

1
0
0 0

FAILED: patch "[PATCH] xhci: handle isoc Babble and Buffer Overrun events properly" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 7c4650ded49e5b88929ecbbb631efb8b0838e811 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021309-hypertext-gush-3da8@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: 7c4650ded49e ("xhci: handle isoc Babble and Buffer Overrun events properly") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 7c4650ded49e5b88929ecbbb631efb8b0838e811 Mon Sep 17 00:00:00 2001 From: Michal Pecio <michal.pecio(a)gmail.com> Date: Thu, 25 Jan 2024 17:27:37 +0200 Subject: [PATCH] xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet the driver makes such assumption and releases the TD, allowing the remaining TRBs to be freed or overwritten by new TDs. The xHC should also report completion of the final TRB due to its IOC flag being set by us, regardless of prior errors. This event cannot be recognized if the TD has already been freed earlier, resulting in "Transfer event TRB DMA ptr not part of current TD" error message. Fix this by reusing the logic for processing isoc Transaction Errors. This also handles hosts which fail to report the final completion. Fix transfer length reporting on Babble errors. They may be caused by device malfunction, no guarantee that the buffer has been filled. Signed-off-by: Michal Pecio <michal.pecio(a)gmail.com> Cc: stable(a)vger.kernel.org Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> Link: https://lore.kernel.org/r/20240125152737.2983959-5-mathias.nyman@linux.inte… Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c index 41be7d31a36e..f0d8a607ff21 100644 --- a/drivers/usb/host/xhci-ring.c +++ b/drivers/usb/host/xhci-ring.c @@ -2394,9 +2394,13 @@ static int process_isoc_td(struct xhci_hcd *xhci, struct xhci_virt_ep *ep, case COMP_BANDWIDTH_OVERRUN_ERROR: frame->status = -ECOMM; break; - case COMP_ISOCH_BUFFER_OVERRUN: case COMP_BABBLE_DETECTED_ERROR: + sum_trbs_for_length = true; + fallthrough; + case COMP_ISOCH_BUFFER_OVERRUN: frame->status = -EOVERFLOW; + if (ep_trb != td->last_trb) + td->error_mid_td = true; break; case COMP_INCOMPATIBLE_DEVICE_ERROR: case COMP_STALL_ERROR:

1 year, 7 months

1
0
0 0

FAILED: patch "[PATCH] io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 72bd80252feeb3bef8724230ee15d9f7ab541c6e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021340-playable-subsiding-a8db@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: 72bd80252fee ("io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL and buffers") f9ead18c1058 ("io_uring: split network related opcodes into its own file") e0da14def1ee ("io_uring: move statx handling to its own file") a9c210cebe13 ("io_uring: move epoll handler to its own file") 4cf90495281b ("io_uring: add a dummy -EOPNOTSUPP prep handler") 99f15d8d6136 ("io_uring: move uring_cmd handling to its own file") cd40cae29ef8 ("io_uring: split out open/close operations") 453b329be5ea ("io_uring: separate out file table handling code") f4c163dd7d4b ("io_uring: split out fadvise/madvise operations") 0d5847274037 ("io_uring: split out fs related sync/fallocate functions") 531113bbd5bf ("io_uring: split out splice related operations") 11aeb71406dd ("io_uring: split out filesystem related operations") e28683bdfc2f ("io_uring: move nop into its own file") 5e2a18d93fec ("io_uring: move xattr related opcodes to its own file") 97b388d70b53 ("io_uring: handle completions in the core") de23077eda61 ("io_uring: set completion results upfront") e27f928ee1cb ("io_uring: add io_uring_types.h") 4d4c9cff4f70 ("io_uring: define a request type cleanup handler") 890968dc0336 ("io_uring: unify struct io_symlink and io_hardlink") 9a3a11f977f9 ("io_uring: convert iouring_cmd to io_cmd_type") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 72bd80252feeb3bef8724230ee15d9f7ab541c6e Mon Sep 17 00:00:00 2001 From: Jens Axboe <axboe(a)kernel.dk> Date: Thu, 1 Feb 2024 06:42:36 -0700 Subject: [PATCH] io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL and buffers If we use IORING_OP_RECV with provided buffers and pass in '0' as the length of the request, the length is retrieved from the selected buffer. If MSG_WAITALL is also set and we get a short receive, then we may hit the retry path which decrements sr->len and increments the buffer for a retry. However, the length is still zero at this point, which means that sr->len now becomes huge and import_ubuf() will cap it to MAX_RW_COUNT and subsequently return -EFAULT for the range as a whole. Fix this by always assigning sr->len once the buffer has been selected. Cc: stable(a)vger.kernel.org Fixes: 7ba89d2af17a ("io_uring: ensure recv and recvmsg handle MSG_WAITALL correctly") Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/io_uring/net.c b/io_uring/net.c index a12ff69e6843..43bc9a5f96f9 100644 --- a/io_uring/net.c +++ b/io_uring/net.c @@ -923,6 +923,7 @@ int io_recv(struct io_kiocb *req, unsigned int issue_flags) if (!buf) return -ENOBUFS; sr->buf = buf; + sr->len = len; } ret = import_ubuf(ITER_DEST, sr->buf, len, &msg.msg_iter);

1 year, 7 months

1
0
0 0

af_iucv kernel module fails to load on bootup / manual start via modprobe

by Leo M

Hello, * update to 5.10.197 included upstream changes from 6.x kernel. * in particular this: * https://lore.kernel.org/all/20230917191101.257176910@linuxfoundation.org/ * this isn't an issue with the upstream state in the 6.x kernel as the problems this change might cause are alleviated by this commit that altered the way the iucv_if symbol was loaded: * https://github.com/torvalds/linux/commit/4eb9eda6ba64114d98827e2870e024d5ab… In the current state the symbol is not loaded correctly and the feature is not working properly. This issue hasn't been resolved still and is in a broken state up to the current 5.10.x version. Is it possible to include this fix in the next 5.10.x version? Sincerely, Leonardo Martinho

1 year, 7 months

2
1
0 0

Regression, i.MX7 boot failure, Linux v6.1.77

by Francesco Dolcini

Hello Sasha, kernel v6.1.77 introduces a regression, with a boot failure, on i.MX7, with commit db30f469ae8b ("ARM: dts: imx7s: Fix nand-controller #size-cells"). The issue is known [1][2], changing `#size-cells = <0>` is formally correct, but do not play well with the firmware that are deployed on those embedded devices, leading to a boot failure. A mitigation was implemented in the Linux kernel, commit 84549c816dc3 ("mtd: parsers: ofpart: add workaround for #size-cells 0") that was merged into v6.3, the firmware was also fixed, however existing device using old firmware will not boot anymore if updating to a newer kernel. I would ask you to drop such a patch from any stable patches queue and not backport it to any older kernel. To fix v6.1.y I see two options: - backport 84549c816dc3 - revert db30f469ae8b What do you prefer? Should I send myself a patch? [1] https://lore.kernel.org/all/Y4dgBTGNWpM6SQXI@francesco-nb.int.toradex.com/ [2] https://lore.kernel.org/all/20221202071900.1143950-1-francesco@dolcini.it/ Francesco

1 year, 7 months

2
1
0 0

[PATCH 1/2] HID: wacom: generic: Avoid reporting a serial of '0' to userspace

by Tobita, Tatsunosuke

From: Tatsunosuke Tobita <tatsunosuke.tobita(a)wacom.com> The xf86-input-wacom driver does not treat '0' as a valid serial number and will drop any input report which contains an MSC_SERIAL = 0 event. The kernel driver already takes care to avoid sending any MSC_SERIAL event if the value of serial[0] == 0 (which is the case for devices that don't actually report a serial number), but this is not quite sufficient. Only the lower 32 bits of the serial get reported to userspace, so if this portion of the serial is zero then there can still be problems. This commit allows the driver to report either the lower 32 bits if they are non-zero or the upper 32 bits otherwise. Signed-off-by: Jason Gerecke <jason.gerecke(a)wacom.com> Signed-off-by: Tatsunosuke Tobita <tatsunosuke.tobita(a)wacom.com> Fixes: f85c9dc678a5 ("HID: wacom: generic: Support tool ID and additional tool types") CC: stable(a)vger.kernel.org # v4.10 --- drivers/hid/wacom_wac.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/hid/wacom_wac.c b/drivers/hid/wacom_wac.c index da8a01fedd39..fbe10fbc5769 100644 --- a/drivers/hid/wacom_wac.c +++ b/drivers/hid/wacom_wac.c @@ -2575,7 +2575,14 @@ static void wacom_wac_pen_report(struct hid_device *hdev, wacom_wac->hid_data.tipswitch); input_report_key(input, wacom_wac->tool[0], sense); if (wacom_wac->serial[0]) { - input_event(input, EV_MSC, MSC_SERIAL, wacom_wac->serial[0]); + /* + * xf86-input-wacom does not accept a serial number + * of '0'. Report the low 32 bits if possible, but + * if they are zero, report the upper ones instead. + */ + __u32 serial_lo = wacom_wac->serial[0] & 0xFFFFFFFFu; + __u32 serial_hi = wacom_wac->serial[0] >> 32; + input_event(input, EV_MSC, MSC_SERIAL, (int)(serial_lo ? serial_lo : serial_hi)); input_report_abs(input, ABS_MISC, sense ? id : 0); } -- 2.34.1

1 year, 7 months

2
1
0 0

[PATCH 2/3] irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems

by Marc Zyngier

While refactoring the way the ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems such as HIP07 lose their GICv4 functionnality, and some other may even fail to boot, unless they are configured to boot with DT. Move the enabling of quirks into its_probe_one(), making it common to all firmware implementations. Fixes: 9585a495ac93 ("irqchip/gic-v3-its: Split allocation from initialisation of its_node") Reviewed-by: Lorenzo Pieralisi <lpieralisi(a)kernel.org> Reviewed-by: Zenghui Yu <yuzenghui(a)huawei.com> Signed-off-by: Marc Zyngier <maz(a)kernel.org> Cc: stable(a)vger.kernel.org --- drivers/irqchip/irq-gic-v3-its.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/irqchip/irq-gic-v3-its.c b/drivers/irqchip/irq-gic-v3-its.c index fec1b58470df..250b4562f308 100644 --- a/drivers/irqchip/irq-gic-v3-its.c +++ b/drivers/irqchip/irq-gic-v3-its.c @@ -5091,6 +5091,8 @@ static int __init its_probe_one(struct its_node *its) u32 ctlr; int err; + its_enable_quirks(its); + if (is_v4(its)) { if (!(its->typer & GITS_TYPER_VMOVP)) { err = its_compute_its_list_map(its); @@ -5442,7 +5444,6 @@ static int __init its_of_probe(struct device_node *node) if (!its) return -ENOMEM; - its_enable_quirks(its); err = its_probe_one(its); if (err) { its_node_destroy(its); -- 2.39.2

1 year, 7 months

2
1
0 0

[PATCH 3/3] irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update

by Marc Zyngier

When updating the affinity of a VPE, we currently skip the VMOVP command if the two CPUs are part of the same VPE affinity. But this is wrong, as the doorbell corresponding to this VPE is still delivered on the 'old' CPU, which screws up the balancing. Furthermore, offlining that 'old' CPU results in doorbell interrupts generated for this VPE being discarded. The harsh reality is that we cannot easily elide VMOVP when a set_affinity request occurs. It needs to be obeyed, and if an optimisation is to be made, it is at the point where the affinity change request is made (such as in KVM). Drop the VMOVP elision altogether, and only use the vpe_table_mask to try and stay within the same ITS affinity group if at all possible. Fixes: dd3f050a216e (irqchip/gic-v4.1: Implement the v4.1 flavour of VMOVP) Reported-by: Kunkun Jiang <jiangkunkun(a)huawei.com> Signed-off-by: Marc Zyngier <maz(a)kernel.org> Cc: stable(a)vger.kernel.org --- drivers/irqchip/irq-gic-v3-its.c | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/drivers/irqchip/irq-gic-v3-its.c b/drivers/irqchip/irq-gic-v3-its.c index 250b4562f308..53abd4779914 100644 --- a/drivers/irqchip/irq-gic-v3-its.c +++ b/drivers/irqchip/irq-gic-v3-its.c @@ -3826,8 +3826,9 @@ static int its_vpe_set_affinity(struct irq_data *d, bool force) { struct its_vpe *vpe = irq_data_get_irq_chip_data(d); - int from, cpu = cpumask_first(mask_val); + struct cpumask common, *table_mask; unsigned long flags; + int from, cpu; /* * Changing affinity is mega expensive, so let's be as lazy as @@ -3843,19 +3844,22 @@ static int its_vpe_set_affinity(struct irq_data *d, * taken on any vLPI handling path that evaluates vpe->col_idx. */ from = vpe_to_cpuid_lock(vpe, &flags); - if (from == cpu) - goto out; - - vpe->col_idx = cpu; + table_mask = gic_data_rdist_cpu(from)->vpe_table_mask; /* - * GICv4.1 allows us to skip VMOVP if moving to a cpu whose RD - * is sharing its VPE table with the current one. + * If we are offered another CPU in the same GICv4.1 ITS + * affinity, pick this one. Otherwise, any CPU will do. */ - if (gic_data_rdist_cpu(cpu)->vpe_table_mask && - cpumask_test_cpu(from, gic_data_rdist_cpu(cpu)->vpe_table_mask)) + if (table_mask && cpumask_and(&common, mask_val, table_mask)) + cpu = cpumask_test_cpu(from, &common) ? from : cpumask_first(&common); + else + cpu = cpumask_first(mask_val); + + if (from == cpu) goto out; + vpe->col_idx = cpu; + its_send_vmovp(vpe); its_vpe_db_proxy_move(vpe, from, cpu); -- 2.39.2

1 year, 7 months

2
1
0 0

[PATCH 5.10/5.15 v2 0/1 RFC] mm/truncate: fix WARNING in ext4_set_page_dirty()

by Roman Smirnov

Syzkaller reports warning in ext4_set_page_dirty() in 5.10 and 5.15 stable releases. It happens because invalidate_inode_page() frees pages that are needed for the system. To fix this we need to add additional checks to the function. page_mapped() checks if a page exists in the page tables, but this is not enough. The page can be used in other places: https://elixir.bootlin.com/linux/v6.8-rc1/source/include/linux/page_ref.h#L… Kernel outputs an error line related to direct I/O: https://syzkaller.appspot.com/text?tag=CrashLog&x=14ab52dac80000 The problem can be fixed in 5.10 and 5.15 stable releases by the following patch. The patch replaces page_mapped() call with check that finds additional references to the page excluding page cache and filesystem private data. If additional references exist, the page cannot be freed. This version does not include the first patch from the first version. The problem can be fixed without it. Found by Linux Verification Center (linuxtesting.org) with Syzkaller. Link: https://syzkaller.appspot.com/bug?extid=02f21431b65c214aa1d6 Matthew Wilcox (Oracle) (1): mm/truncate: Replace page_mapped() call in invalidate_inode_page() mm/truncate.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) -- 2.34.1

1 year, 7 months

4
7
0 0

[PATCH] xen/events: close evtchn after mapping cleanup

by Maximilian Heyne

shutdown_pirq and startup_pirq are not taking the irq_mapping_update_lock because they can't due to lock inversion. Both are called with the irq_desc->lock being taking. The lock order, however, is first irq_mapping_update_lock and then irq_desc->lock. This opens multiple races: - shutdown_pirq can be interrupted by a function that allocates an event channel: CPU0 CPU1 shutdown_pirq { xen_evtchn_close(e) __startup_pirq { EVTCHNOP_bind_pirq -> returns just freed evtchn e set_evtchn_to_irq(e, irq) } xen_irq_info_cleanup() { set_evtchn_to_irq(e, -1) } } Assume here event channel e refers here to the same event channel number. After this race the evtchn_to_irq mapping for e is invalid (-1). - __startup_pirq races with __unbind_from_irq in a similar way. Because __startup_pirq doesn't take irq_mapping_update_lock it can grab the evtchn that __unbind_from_irq is currently freeing and cleaning up. In this case even though the event channel is allocated, its mapping can be unset in evtchn_to_irq. The fix is to first cleanup the mappings and then close the event channel. In this way, when an event channel gets allocated it's potential previous evtchn_to_irq mappings are guaranteed to be unset already. This is also the reverse order of the allocation where first the event channel is allocated and then the mappings are setup. On a 5.10 kernel prior to commit 3fcdaf3d7634 ("xen/events: modify internal [un]bind interfaces"), we hit a BUG like the following during probing of NVMe devices. The issue is that during nvme_setup_io_queues, pci_free_irq is called for every device which results in a call to shutdown_pirq. With many nvme devices it's therefore likely to hit this race during boot because there will be multiple calls to shutdown_pirq and startup_pirq are running potentially in parallel. ------------[ cut here ]------------ blkfront: xvda: barrier or flush: disabled; persistent grants: enabled; indirect descriptors: enabled; bounce buffer: enabled kernel BUG at drivers/xen/events/events_base.c:499! invalid opcode: 0000 [#1] SMP PTI CPU: 44 PID: 375 Comm: kworker/u257:23 Not tainted 5.10.201-191.748.amzn2.x86_64 #1 Hardware name: Xen HVM domU, BIOS 4.11.amazon 08/24/2006 Workqueue: nvme-reset-wq nvme_reset_work RIP: 0010:bind_evtchn_to_cpu+0xdf/0xf0 Code: 5d 41 5e c3 cc cc cc cc 44 89 f7 e8 2b 55 ad ff 49 89 c5 48 85 c0 0f 84 64 ff ff ff 4c 8b 68 30 41 83 fe ff 0f 85 60 ff ff ff <0f> 0b 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 0f 1f 44 00 00 RSP: 0000:ffffc9000d533b08 EFLAGS: 00010046 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000006 RDX: 0000000000000028 RSI: 00000000ffffffff RDI: 00000000ffffffff RBP: ffff888107419680 R08: 0000000000000000 R09: ffffffff82d72b00 R10: 0000000000000000 R11: 0000000000000000 R12: 00000000000001ed R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000002 FS: 0000000000000000(0000) GS:ffff88bc8b500000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000002610001 CR4: 00000000001706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ? show_trace_log_lvl+0x1c1/0x2d9 ? show_trace_log_lvl+0x1c1/0x2d9 ? set_affinity_irq+0xdc/0x1c0 ? __die_body.cold+0x8/0xd ? die+0x2b/0x50 ? do_trap+0x90/0x110 ? bind_evtchn_to_cpu+0xdf/0xf0 ? do_error_trap+0x65/0x80 ? bind_evtchn_to_cpu+0xdf/0xf0 ? exc_invalid_op+0x4e/0x70 ? bind_evtchn_to_cpu+0xdf/0xf0 ? asm_exc_invalid_op+0x12/0x20 ? bind_evtchn_to_cpu+0xdf/0xf0 ? bind_evtchn_to_cpu+0xc5/0xf0 set_affinity_irq+0xdc/0x1c0 irq_do_set_affinity+0x1d7/0x1f0 irq_setup_affinity+0xd6/0x1a0 irq_startup+0x8a/0xf0 __setup_irq+0x639/0x6d0 ? nvme_suspend+0x150/0x150 request_threaded_irq+0x10c/0x180 ? nvme_suspend+0x150/0x150 pci_request_irq+0xa8/0xf0 ? __blk_mq_free_request+0x74/0xa0 queue_request_irq+0x6f/0x80 nvme_create_queue+0x1af/0x200 nvme_create_io_queues+0xbd/0xf0 nvme_setup_io_queues+0x246/0x320 ? nvme_irq_check+0x30/0x30 nvme_reset_work+0x1c8/0x400 process_one_work+0x1b0/0x350 worker_thread+0x49/0x310 ? process_one_work+0x350/0x350 kthread+0x11b/0x140 ? __kthread_bind_mask+0x60/0x60 ret_from_fork+0x22/0x30 Modules linked in: ---[ end trace a11715de1eee1873 ]--- Fixes: d46a78b05c0e ("xen: implement pirq type event channels") Cc: stable(a)vger.kernel.org Co-debugged-by: Andrew Panyakin <apanyaki(a)amazon.com> Signed-off-by: Maximilian Heyne <mheyne(a)amazon.de> --- drivers/xen/events/events_base.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/drivers/xen/events/events_base.c b/drivers/xen/events/events_base.c index b8cfea7812d6..3b9f080109d7 100644 --- a/drivers/xen/events/events_base.c +++ b/drivers/xen/events/events_base.c @@ -923,8 +923,8 @@ static void shutdown_pirq(struct irq_data *data) return; do_mask(info, EVT_MASK_REASON_EXPLICIT); - xen_evtchn_close(evtchn); xen_irq_info_cleanup(info); + xen_evtchn_close(evtchn); } static void enable_pirq(struct irq_data *data) @@ -956,6 +956,7 @@ EXPORT_SYMBOL_GPL(xen_irq_from_gsi); static void __unbind_from_irq(struct irq_info *info, unsigned int irq) { evtchn_port_t evtchn; + bool close_evtchn = false; if (!info) { xen_irq_free_desc(irq); @@ -975,7 +976,7 @@ static void __unbind_from_irq(struct irq_info *info, unsigned int irq) struct xenbus_device *dev; if (!info->is_static) - xen_evtchn_close(evtchn); + close_evtchn = true; switch (info->type) { case IRQT_VIRQ: @@ -995,6 +996,9 @@ static void __unbind_from_irq(struct irq_info *info, unsigned int irq) } xen_irq_info_cleanup(info); + + if (close_evtchn) + xen_evtchn_close(evtchn); } xen_free_irq(info); -- 2.40.1 Amazon Development Center Germany GmbH Krausenstr. 38 10117 Berlin Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B Sitz: Berlin Ust-ID: DE 289 237 879

1 year, 7 months

2
2
0 0

[tip: irq/urgent] irqchip/irq-brcmstb-l2: Add write memory barrier before exit

by tip-bot2 for Doug Berger

The following commit has been merged into the irq/urgent branch of tip: Commit-ID: b0344d6854d25a8b3b901c778b1728885dd99007 Gitweb: https://git.kernel.org/tip/b0344d6854d25a8b3b901c778b1728885dd99007 Author: Doug Berger <opendmb(a)gmail.com> AuthorDate: Fri, 09 Feb 2024 17:24:49 -08:00 Committer: Thomas Gleixner <tglx(a)linutronix.de> CommitterDate: Tue, 13 Feb 2024 09:33:31 +01:00 irqchip/irq-brcmstb-l2: Add write memory barrier before exit It was observed on Broadcom devices that use GIC v3 architecture L1 interrupt controllers as the parent of brcmstb-l2 interrupt controllers that the deactivation of the parent interrupt could happen before the brcmstb-l2 deasserted its output. This would lead the GIC to reactivate the interrupt only to find that no L2 interrupt was pending. The result was a spurious interrupt invoking handle_bad_irq() with its associated messaging. While this did not create a functional problem it is a waste of cycles. The hazard exists because the memory mapped bus writes to the brcmstb-l2 registers are buffered and the GIC v3 architecture uses a very efficient system register write to deactivate the interrupt. Add a write memory barrier prior to invoking chained_irq_exit() to introduce a dsb(st) on those systems to ensure the system register write cannot be executed until the memory mapped writes are visible to the system. [ florian: Added Fixes tag ] Fixes: 7f646e92766e ("irqchip: brcmstb-l2: Add Broadcom Set Top Box Level-2 interrupt controller") Signed-off-by: Doug Berger <opendmb(a)gmail.com> Signed-off-by: Florian Fainelli <florian.fainelli(a)broadcom.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Acked-by: Florian Fainelli <florian.fainelli(a)broadcom.com> Acked-by: Marc Zyngier <maz(a)kernel.org> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/20240210012449.3009125-1-florian.fainelli@broadco… --- drivers/irqchip/irq-brcmstb-l2.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/irqchip/irq-brcmstb-l2.c b/drivers/irqchip/irq-brcmstb-l2.c index 5559c94..2b0b317 100644 --- a/drivers/irqchip/irq-brcmstb-l2.c +++ b/drivers/irqchip/irq-brcmstb-l2.c @@ -2,7 +2,7 @@ /* * Generic Broadcom Set Top Box Level 2 Interrupt controller driver * - * Copyright (C) 2014-2017 Broadcom + * Copyright (C) 2014-2024 Broadcom */ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt @@ -112,6 +112,9 @@ static void brcmstb_l2_intc_irq_handle(struct irq_desc *desc) generic_handle_domain_irq(b->domain, irq); } while (status); out: + /* Don't ack parent before all device writes are done */ + wmb(); + chained_irq_exit(chip, desc); }

1 year, 7 months

1
0
0 0

Re: [PATCH RFC v2 4/8] m68k: Handle arrivals of multiple signals correctly

by Finn Thain

[Cc: stable] On Mon, 12 Feb 2024, Ulrich Hecht wrote: > > > On 02/08/2024 11:51 PM CET Finn Thain <fthain(a)linux-m68k.org> wrote: > > Ulrich, I imagine that you would normally receive fixes via the > > corresponding -stable trees. If Michael's series went into > > stable/linux-4.19.y you could cherry-pick from there for your v4.4.y tree > > and maybe avoid some merge conflicts that way. > > That would work for me. > OK. Here's the relevant commit. It fixes bd6f56a75bb2 which first appeared in v2.6.38-rc1. I believe this can be cherry-picked without any conflicts. 50e43a573344 m68k: Update ->thread.esp0 before calling syscall_trace() in ret_from_signal

1 year, 7 months

1
0
0 0

[PATCH -fixes v2 1/4] riscv: Fix enabling cbo.zero when running in M-mode

by Samuel Holland

When the kernel is running in M-mode, the CBZE bit must be set in the menvcfg CSR, not in senvcfg. Cc: <stable(a)vger.kernel.org> Fixes: 43c16d51a19b ("RISC-V: Enable cbo.zero in usermode") Reviewed-by: Andrew Jones <ajones(a)ventanamicro.com> Signed-off-by: Samuel Holland <samuel.holland(a)sifive.com> --- (no changes since v1) arch/riscv/include/asm/csr.h | 2 ++ arch/riscv/kernel/cpufeature.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/riscv/include/asm/csr.h b/arch/riscv/include/asm/csr.h index 510014051f5d..2468c55933cd 100644 --- a/arch/riscv/include/asm/csr.h +++ b/arch/riscv/include/asm/csr.h @@ -424,6 +424,7 @@ # define CSR_STATUS CSR_MSTATUS # define CSR_IE CSR_MIE # define CSR_TVEC CSR_MTVEC +# define CSR_ENVCFG CSR_MENVCFG # define CSR_SCRATCH CSR_MSCRATCH # define CSR_EPC CSR_MEPC # define CSR_CAUSE CSR_MCAUSE @@ -448,6 +449,7 @@ # define CSR_STATUS CSR_SSTATUS # define CSR_IE CSR_SIE # define CSR_TVEC CSR_STVEC +# define CSR_ENVCFG CSR_SENVCFG # define CSR_SCRATCH CSR_SSCRATCH # define CSR_EPC CSR_SEPC # define CSR_CAUSE CSR_SCAUSE diff --git a/arch/riscv/kernel/cpufeature.c b/arch/riscv/kernel/cpufeature.c index 89920f84d0a3..c5b13f7dd482 100644 --- a/arch/riscv/kernel/cpufeature.c +++ b/arch/riscv/kernel/cpufeature.c @@ -950,7 +950,7 @@ arch_initcall(check_unaligned_access_all_cpus); void riscv_user_isa_enable(void) { if (riscv_cpu_has_extension_unlikely(smp_processor_id(), RISCV_ISA_EXT_ZICBOZ)) - csr_set(CSR_SENVCFG, ENVCFG_CBZE); + csr_set(CSR_ENVCFG, ENVCFG_CBZE); } #ifdef CONFIG_RISCV_ALTERNATIVE -- 2.43.0

1 year, 7 months

1
0
0 0

[PATCH] kbuild: Fix changing ELF file type for output of gen_btf for big endian

by Nathan Chancellor

Commit 90ceddcb4950 ("bpf: Support llvm-objcopy for vmlinux BTF") changed the ELF type of .btf.vmlinux.bin.o from ET_EXEC to ET_REL via dd, which works fine for little endian platforms: 00000000 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 |.ELF............| -00000010 03 00 b7 00 01 00 00 00 00 00 00 80 00 80 ff ff |................| +00000010 01 00 b7 00 01 00 00 00 00 00 00 80 00 80 ff ff |................| However, for big endian platforms, it changes the wrong byte, resulting in an invalid ELF file type, which ld.lld rejects: 00000000 7f 45 4c 46 02 02 01 00 00 00 00 00 00 00 00 00 |.ELF............| -00000010 00 03 00 16 00 00 00 01 00 00 00 00 00 10 00 00 |................| +00000010 01 03 00 16 00 00 00 01 00 00 00 00 00 10 00 00 |................| Type: <unknown>: 103 ld.lld: error: .btf.vmlinux.bin.o: unknown file type Fix this by using a different seek value for dd when targeting big endian, so that the correct byte gets changed and everything works correctly for all linkers. 00000000 7f 45 4c 46 02 02 01 00 00 00 00 00 00 00 00 00 |.ELF............| -00000010 00 03 00 16 00 00 00 01 00 00 00 00 00 10 00 00 |................| +00000010 00 01 00 16 00 00 00 01 00 00 00 00 00 10 00 00 |................| Type: REL (Relocatable file) Cc: stable(a)vger.kernel.org Fixes: 90ceddcb4950 ("bpf: Support llvm-objcopy for vmlinux BTF") Link: https://github.com/llvm/llvm-project/pull/75643 Signed-off-by: Nathan Chancellor <nathan(a)kernel.org> --- scripts/link-vmlinux.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/scripts/link-vmlinux.sh b/scripts/link-vmlinux.sh index a432b171be82..8a9f48b3cb32 100755 --- a/scripts/link-vmlinux.sh +++ b/scripts/link-vmlinux.sh @@ -135,8 +135,15 @@ gen_btf() ${OBJCOPY} --only-section=.BTF --set-section-flags .BTF=alloc,readonly \ --strip-all ${1} ${2} 2>/dev/null # Change e_type to ET_REL so that it can be used to link final vmlinux. - # Unlike GNU ld, lld does not allow an ET_EXEC input. - printf '\1' | dd of=${2} conv=notrunc bs=1 seek=16 status=none + # Unlike GNU ld, lld does not allow an ET_EXEC input. Make sure the correct + # byte gets changed with big endian platforms, otherwise e_type may be an + # invalid value. + if is_enabled CONFIG_CPU_BIG_ENDIAN; then + seek=17 + else + seek=16 + fi + printf '\1' | dd of=${2} conv=notrunc bs=1 seek=${seek} status=none } # Create ${2} .S file with all symbols from the ${1} object file --- base-commit: 54be6c6c5ae8e0d93a6c4641cb7528eb0b6ba478 change-id: 20240208-fix-elf-type-btf-vmlinux-bin-o-big-endian-dbc55a1e1296 Best regards, -- Nathan Chancellor <nathan(a)kernel.org>

1 year, 7 months

6
6
0 0

[PATCH AUTOSEL 4.19 1/3] hwmon: (coretemp) Enlarge per package core count limit

by Sasha Levin

From: Zhang Rui <rui.zhang(a)intel.com> [ Upstream commit 34cf8c657cf0365791cdc658ddbca9cc907726ce ] Currently, coretemp driver supports only 128 cores per package. This loses some core temperature information on systems that have more than 128 cores per package. [ 58.685033] coretemp coretemp.0: Adding Core 128 failed [ 58.692009] coretemp coretemp.0: Adding Core 129 failed ... Enlarge the limitation to 512 because there are platforms with more than 256 cores per package. Signed-off-by: Zhang Rui <rui.zhang(a)intel.com> Link: https://lore.kernel.org/r/20240202092144.71180-4-rui.zhang@intel.com Signed-off-by: Guenter Roeck <linux(a)roeck-us.net> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/hwmon/coretemp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/hwmon/coretemp.c b/drivers/hwmon/coretemp.c index 33371f7a4c0f..e08bb28ec427 100644 --- a/drivers/hwmon/coretemp.c +++ b/drivers/hwmon/coretemp.c @@ -53,7 +53,7 @@ MODULE_PARM_DESC(tjmax, "TjMax value in degrees Celsius"); #define PKG_SYSFS_ATTR_NO 1 /* Sysfs attribute for package temp */ #define BASE_SYSFS_ATTR_NO 2 /* Sysfs Base attr no for coretemp */ -#define NUM_REAL_CORES 128 /* Number of Real cores per cpu */ +#define NUM_REAL_CORES 512 /* Number of Real cores per cpu */ #define CORETEMP_NAME_LENGTH 28 /* String Length of attrs */ #define MAX_CORE_ATTRS 4 /* Maximum no of basic attrs */ #define TOTAL_ATTRS (MAX_CORE_ATTRS + 1) -- 2.43.0

1 year, 7 months

1
2
0 0

[PATCH AUTOSEL 5.4 1/4] hwmon: (coretemp) Enlarge per package core count limit

by Sasha Levin

From: Zhang Rui <rui.zhang(a)intel.com> [ Upstream commit 34cf8c657cf0365791cdc658ddbca9cc907726ce ] Currently, coretemp driver supports only 128 cores per package. This loses some core temperature information on systems that have more than 128 cores per package. [ 58.685033] coretemp coretemp.0: Adding Core 128 failed [ 58.692009] coretemp coretemp.0: Adding Core 129 failed ... Enlarge the limitation to 512 because there are platforms with more than 256 cores per package. Signed-off-by: Zhang Rui <rui.zhang(a)intel.com> Link: https://lore.kernel.org/r/20240202092144.71180-4-rui.zhang@intel.com Signed-off-by: Guenter Roeck <linux(a)roeck-us.net> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/hwmon/coretemp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/hwmon/coretemp.c b/drivers/hwmon/coretemp.c index 0eabad344961..b8d5087da65b 100644 --- a/drivers/hwmon/coretemp.c +++ b/drivers/hwmon/coretemp.c @@ -40,7 +40,7 @@ MODULE_PARM_DESC(tjmax, "TjMax value in degrees Celsius"); #define PKG_SYSFS_ATTR_NO 1 /* Sysfs attribute for package temp */ #define BASE_SYSFS_ATTR_NO 2 /* Sysfs Base attr no for coretemp */ -#define NUM_REAL_CORES 128 /* Number of Real cores per cpu */ +#define NUM_REAL_CORES 512 /* Number of Real cores per cpu */ #define CORETEMP_NAME_LENGTH 28 /* String Length of attrs */ #define MAX_CORE_ATTRS 4 /* Maximum no of basic attrs */ #define TOTAL_ATTRS (MAX_CORE_ATTRS + 1) -- 2.43.0

1 year, 7 months

1
3
0 0

[PATCH AUTOSEL 5.10 1/6] efi: runtime: Fix potential overflow of soft-reserved region size

by Sasha Levin

From: Andrew Bresticker <abrestic(a)rivosinc.com> [ Upstream commit de1034b38a346ef6be25fe8792f5d1e0684d5ff4 ] md_size will have been narrowed if we have >= 4GB worth of pages in a soft-reserved region. Signed-off-by: Andrew Bresticker <abrestic(a)rivosinc.com> Signed-off-by: Ard Biesheuvel <ardb(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/firmware/efi/arm-runtime.c | 2 +- drivers/firmware/efi/riscv-runtime.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/firmware/efi/arm-runtime.c b/drivers/firmware/efi/arm-runtime.c index 3359ae2adf24..9054c2852580 100644 --- a/drivers/firmware/efi/arm-runtime.c +++ b/drivers/firmware/efi/arm-runtime.c @@ -107,7 +107,7 @@ static int __init arm_enable_runtime_services(void) efi_memory_desc_t *md; for_each_efi_memory_desc(md) { - int md_size = md->num_pages << EFI_PAGE_SHIFT; + u64 md_size = md->num_pages << EFI_PAGE_SHIFT; struct resource *res; if (!(md->attribute & EFI_MEMORY_SP)) diff --git a/drivers/firmware/efi/riscv-runtime.c b/drivers/firmware/efi/riscv-runtime.c index d28e715d2bcc..6711e64eb0b1 100644 --- a/drivers/firmware/efi/riscv-runtime.c +++ b/drivers/firmware/efi/riscv-runtime.c @@ -85,7 +85,7 @@ static int __init riscv_enable_runtime_services(void) efi_memory_desc_t *md; for_each_efi_memory_desc(md) { - int md_size = md->num_pages << EFI_PAGE_SHIFT; + u64 md_size = md->num_pages << EFI_PAGE_SHIFT; struct resource *res; if (!(md->attribute & EFI_MEMORY_SP)) -- 2.43.0

1 year, 7 months

1
5
0 0

[PATCH AUTOSEL 5.15 01/22] fs/ntfs3: Modified fix directory element type detection

by Sasha Levin

From: Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> [ Upstream commit 22457c047ed971f2f2e33be593ddfabd9639a409 ] Unfortunately reparse attribute is used for many purposes (several dozens). It is not possible here to know is this name symlink or not. To get exactly the type of name we should to open inode (read mft). getattr for opened file (fstat) correctly returns symlink. Signed-off-by: Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- fs/ntfs3/dir.c | 30 +++++++++++++++++++++++++----- 1 file changed, 25 insertions(+), 5 deletions(-) diff --git a/fs/ntfs3/dir.c b/fs/ntfs3/dir.c index d4d9f4ffb6d9..c2fb76bb28f4 100644 --- a/fs/ntfs3/dir.c +++ b/fs/ntfs3/dir.c @@ -309,11 +309,31 @@ static inline int ntfs_filldir(struct ntfs_sb_info *sbi, struct ntfs_inode *ni, return 0; } - /* NTFS: symlinks are "dir + reparse" or "file + reparse" */ - if (fname->dup.fa & FILE_ATTRIBUTE_REPARSE_POINT) - dt_type = DT_LNK; - else - dt_type = (fname->dup.fa & FILE_ATTRIBUTE_DIRECTORY) ? DT_DIR : DT_REG; + /* + * NTFS: symlinks are "dir + reparse" or "file + reparse" + * Unfortunately reparse attribute is used for many purposes (several dozens). + * It is not possible here to know is this name symlink or not. + * To get exactly the type of name we should to open inode (read mft). + * getattr for opened file (fstat) correctly returns symlink. + */ + dt_type = (fname->dup.fa & FILE_ATTRIBUTE_DIRECTORY) ? DT_DIR : DT_REG; + + /* + * It is not reliable to detect the type of name using duplicated information + * stored in parent directory. + * The only correct way to get the type of name - read MFT record and find ATTR_STD. + * The code below is not good idea. + * It does additional locks/reads just to get the type of name. + * Should we use additional mount option to enable branch below? + */ + if ((fname->dup.fa & FILE_ATTRIBUTE_REPARSE_POINT) && + ino != ni->mi.rno) { + struct inode *inode = ntfs_iget5(sbi->sb, &e->ref, NULL); + if (!IS_ERR_OR_NULL(inode)) { + dt_type = fs_umode_to_dtype(inode->i_mode); + iput(inode); + } + } return !dir_emit(ctx, (s8 *)name, name_len, ino, dt_type); } -- 2.43.0

1 year, 7 months

1
21
0 0

[PATCH AUTOSEL 6.6 01/51] fs/ntfs3: Improve alternative boot processing

by Sasha Levin

From: Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> [ Upstream commit c39de951282df9a60ef70664e4378d88006b2670 ] Signed-off-by: Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- fs/ntfs3/super.c | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/fs/ntfs3/super.c b/fs/ntfs3/super.c index f763e3256ccc..aa3b2c262ab6 100644 --- a/fs/ntfs3/super.c +++ b/fs/ntfs3/super.c @@ -865,6 +865,7 @@ static int ntfs_init_from_boot(struct super_block *sb, u32 sector_size, u16 fn, ao; u8 cluster_bits; u32 boot_off = 0; + sector_t boot_block = 0; const char *hint = "Primary boot"; /* Save original dev_size. Used with alternative boot. */ @@ -872,11 +873,11 @@ static int ntfs_init_from_boot(struct super_block *sb, u32 sector_size, sbi->volume.blocks = dev_size >> PAGE_SHIFT; - bh = ntfs_bread(sb, 0); +read_boot: + bh = ntfs_bread(sb, boot_block); if (!bh) - return -EIO; + return boot_block ? -EINVAL : -EIO; -check_boot: err = -EINVAL; /* Corrupted image; do not read OOB */ @@ -1107,26 +1108,24 @@ static int ntfs_init_from_boot(struct super_block *sb, u32 sector_size, } out: - if (err == -EINVAL && !bh->b_blocknr && dev_size0 > PAGE_SHIFT) { + brelse(bh); + + if (err == -EINVAL && !boot_block && dev_size0 > PAGE_SHIFT) { u32 block_size = min_t(u32, sector_size, PAGE_SIZE); u64 lbo = dev_size0 - sizeof(*boot); - /* - * Try alternative boot (last sector) - */ - brelse(bh); - - sb_set_blocksize(sb, block_size); - bh = ntfs_bread(sb, lbo >> blksize_bits(block_size)); - if (!bh) - return -EINVAL; - + boot_block = lbo >> blksize_bits(block_size); boot_off = lbo & (block_size - 1); - hint = "Alternative boot"; - dev_size = dev_size0; /* restore original size. */ - goto check_boot; + if (boot_block && block_size >= boot_off + sizeof(*boot)) { + /* + * Try alternative boot (last sector) + */ + sb_set_blocksize(sb, block_size); + hint = "Alternative boot"; + dev_size = dev_size0; /* restore original size. */ + goto read_boot; + } } - brelse(bh); return err; } -- 2.43.0

1 year, 7 months

1
50
0 0

[PATCH AUTOSEL 6.7 01/58] fs/ntfs3: Improve alternative boot processing

by Sasha Levin

From: Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> [ Upstream commit c39de951282df9a60ef70664e4378d88006b2670 ] Signed-off-by: Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- fs/ntfs3/super.c | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/fs/ntfs3/super.c b/fs/ntfs3/super.c index 9153dffde950..09d61c6c90aa 100644 --- a/fs/ntfs3/super.c +++ b/fs/ntfs3/super.c @@ -866,6 +866,7 @@ static int ntfs_init_from_boot(struct super_block *sb, u32 sector_size, u16 fn, ao; u8 cluster_bits; u32 boot_off = 0; + sector_t boot_block = 0; const char *hint = "Primary boot"; /* Save original dev_size. Used with alternative boot. */ @@ -873,11 +874,11 @@ static int ntfs_init_from_boot(struct super_block *sb, u32 sector_size, sbi->volume.blocks = dev_size >> PAGE_SHIFT; - bh = ntfs_bread(sb, 0); +read_boot: + bh = ntfs_bread(sb, boot_block); if (!bh) - return -EIO; + return boot_block ? -EINVAL : -EIO; -check_boot: err = -EINVAL; /* Corrupted image; do not read OOB */ @@ -1108,26 +1109,24 @@ static int ntfs_init_from_boot(struct super_block *sb, u32 sector_size, } out: - if (err == -EINVAL && !bh->b_blocknr && dev_size0 > PAGE_SHIFT) { + brelse(bh); + + if (err == -EINVAL && !boot_block && dev_size0 > PAGE_SHIFT) { u32 block_size = min_t(u32, sector_size, PAGE_SIZE); u64 lbo = dev_size0 - sizeof(*boot); - /* - * Try alternative boot (last sector) - */ - brelse(bh); - - sb_set_blocksize(sb, block_size); - bh = ntfs_bread(sb, lbo >> blksize_bits(block_size)); - if (!bh) - return -EINVAL; - + boot_block = lbo >> blksize_bits(block_size); boot_off = lbo & (block_size - 1); - hint = "Alternative boot"; - dev_size = dev_size0; /* restore original size. */ - goto check_boot; + if (boot_block && block_size >= boot_off + sizeof(*boot)) { + /* + * Try alternative boot (last sector) + */ + sb_set_blocksize(sb, block_size); + hint = "Alternative boot"; + dev_size = dev_size0; /* restore original size. */ + goto read_boot; + } } - brelse(bh); return err; } -- 2.43.0

1 year, 7 months

1
57
0 0

[PATCH] tracing: Fix wasted memory in saved_cmdlines logic

by Steven Rostedt

From: "Steven Rostedt (Google)" <rostedt(a)goodmis.org> While looking at improving the saved_cmdlines cache I found a huge amount of wasted memory that should be used for the cmdlines. The tracing data saves pids during the trace. At sched switch, if a trace occurred, it will save the comm of the task that did the trace. This is saved in a "cache" that maps pids to comms and exposed to user space via the /sys/kernel/tracing/saved_cmdlines file. Currently it only caches by default 128 comms. The structure that uses this creates an array to store the pids using PID_MAX_DEFAULT (which is usually set to 32768). This causes the structure to be of the size of 131104 bytes on 64 bit machines. In hex: 131104 = 0x20020, and since the kernel allocates generic memory in powers of two, the kernel would allocate 0x40000 or 262144 bytes to store this structure. That leaves 131040 bytes of wasted space. Worse, the structure points to an allocated array to store the comm names, which is 16 bytes times the amount of names to save (currently 128), which is 2048 bytes. Instead of allocating a separate array, make the structure end with a variable length string and use the extra space for that. This is similar to a recommendation that Linus had made about eventfs_inode names: https://lore.kernel.org/all/20240130190355.11486-5-torvalds@linux-foundatio… Instead of allocating a separate string array to hold the saved comms, have the structure end with: char saved_cmdlines[]; and round up to the next power of two over sizeof(struct saved_cmdline_buffers) + num_cmdlines * TASK_COMM_LEN It will use this extra space for the saved_cmdline portion. Now, instead of saving only 128 comms by default, by using this wasted space at the end of the structure it can save over 8000 comms and even saves space by removing the need for allocating the other array. Cc: stable(a)vger.kernel.org Fixes: 939c7a4f04fcd ("tracing: Introduce saved_cmdlines_size file") Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- kernel/trace/trace.c | 73 +++++++++++++++++++++----------------------- 1 file changed, 34 insertions(+), 39 deletions(-) diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 2a7c6fd934e9..0b3e60b827f7 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -2320,7 +2320,7 @@ struct saved_cmdlines_buffer { unsigned *map_cmdline_to_pid; unsigned cmdline_num; int cmdline_idx; - char *saved_cmdlines; + char saved_cmdlines[]; }; static struct saved_cmdlines_buffer *savedcmd; @@ -2334,47 +2334,54 @@ static inline void set_cmdline(int idx, const char *cmdline) strncpy(get_saved_cmdlines(idx), cmdline, TASK_COMM_LEN); } -static int allocate_cmdlines_buffer(unsigned int val, - struct saved_cmdlines_buffer *s) +static void free_saved_cmdlines_buffer(struct saved_cmdlines_buffer *s) +{ + int order = get_order(sizeof(*s) + s->cmdline_num * TASK_COMM_LEN); + + kfree(s->map_cmdline_to_pid); + free_pages((unsigned long)s, order); +} + +static struct saved_cmdlines_buffer *allocate_cmdlines_buffer(unsigned int val) { + struct saved_cmdlines_buffer *s; + struct page *page; + int orig_size, size; + int order; + + /* Figure out how much is needed to hold the given number of cmdlines */ + orig_size = sizeof(*s) + val * TASK_COMM_LEN; + order = get_order(orig_size); + size = 1 << (order + PAGE_SHIFT); + page = alloc_pages(GFP_KERNEL, order); + if (!page) + return NULL; + + s = page_address(page); + memset(s, 0, sizeof(*s)); + + /* Round up to actual allocation */ + val = (size - sizeof(*s)) / TASK_COMM_LEN; + s->cmdline_num = val; + s->map_cmdline_to_pid = kmalloc_array(val, sizeof(*s->map_cmdline_to_pid), GFP_KERNEL); - if (!s->map_cmdline_to_pid) - return -ENOMEM; - - s->saved_cmdlines = kmalloc_array(TASK_COMM_LEN, val, GFP_KERNEL); - if (!s->saved_cmdlines) { - kfree(s->map_cmdline_to_pid); - return -ENOMEM; - } s->cmdline_idx = 0; - s->cmdline_num = val; memset(&s->map_pid_to_cmdline, NO_CMDLINE_MAP, sizeof(s->map_pid_to_cmdline)); memset(s->map_cmdline_to_pid, NO_CMDLINE_MAP, val * sizeof(*s->map_cmdline_to_pid)); - return 0; + return s; } static int trace_create_savedcmd(void) { - int ret; - - savedcmd = kmalloc(sizeof(*savedcmd), GFP_KERNEL); - if (!savedcmd) - return -ENOMEM; - - ret = allocate_cmdlines_buffer(SAVED_CMDLINES_DEFAULT, savedcmd); - if (ret < 0) { - kfree(savedcmd); - savedcmd = NULL; - return -ENOMEM; - } + savedcmd = allocate_cmdlines_buffer(SAVED_CMDLINES_DEFAULT); - return 0; + return savedcmd ? 0 : -ENOMEM; } int is_tracing_stopped(void) @@ -6056,26 +6063,14 @@ tracing_saved_cmdlines_size_read(struct file *filp, char __user *ubuf, return simple_read_from_buffer(ubuf, cnt, ppos, buf, r); } -static void free_saved_cmdlines_buffer(struct saved_cmdlines_buffer *s) -{ - kfree(s->saved_cmdlines); - kfree(s->map_cmdline_to_pid); - kfree(s); -} - static int tracing_resize_saved_cmdlines(unsigned int val) { struct saved_cmdlines_buffer *s, *savedcmd_temp; - s = kmalloc(sizeof(*s), GFP_KERNEL); + s = allocate_cmdlines_buffer(val); if (!s) return -ENOMEM; - if (allocate_cmdlines_buffer(val, s) < 0) { - kfree(s); - return -ENOMEM; - } - preempt_disable(); arch_spin_lock(&trace_cmdline_lock); savedcmd_temp = savedcmd; -- 2.43.0

1 year, 7 months

2
3
0 0

[withdrawn] fs-proc-task_mmu-add-display-flag-for-vm_mayoverlay.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: fs/proc/task_mmu: add display flag for VM_MAYOVERLAY has been removed from the -mm tree. Its filename was fs-proc-task_mmu-add-display-flag-for-vm_mayoverlay.patch This patch was dropped because it was withdrawn ------------------------------------------------------ From: Anshuman Khandual <anshuman.khandual(a)arm.com> Subject: fs/proc/task_mmu: add display flag for VM_MAYOVERLAY Date: Thu, 8 Feb 2024 14:18:05 +0530 VM_UFFD_MISSING flag is mutually exclussive with VM_MAYOVERLAY flag as they both use the same bit position i.e 0x00000200 in the vm_flags. Let's update show_smap_vma_flags() to display the correct flags depending on CONFIG_MMU. Link: https://lkml.kernel.org/r/20240208084805.1252337-1-anshuman.khandual@arm.com Fixes: b6b7a8faf05c ("mm/nommu: don't use VM_MAYSHARE for MAP_PRIVATE mappings") Signed-off-by: Anshuman Khandual <anshuman.khandual(a)arm.com> Reviewed-by: David Hildenbrand <david(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/proc/task_mmu.c | 4 ++++ 1 file changed, 4 insertions(+) --- a/fs/proc/task_mmu.c~fs-proc-task_mmu-add-display-flag-for-vm_mayoverlay +++ a/fs/proc/task_mmu.c @@ -681,7 +681,11 @@ static void show_smap_vma_flags(struct s [ilog2(VM_HUGEPAGE)] = "hg", [ilog2(VM_NOHUGEPAGE)] = "nh", [ilog2(VM_MERGEABLE)] = "mg", +#ifdef CONFIG_MMU [ilog2(VM_UFFD_MISSING)]= "um", +#else + [ilog2(VM_MAYOVERLAY)] = "ov", +#endif /* CONFIG_MMU */ [ilog2(VM_UFFD_WP)] = "uw", #ifdef CONFIG_ARM64_MTE [ilog2(VM_MTE)] = "mt", _ Patches currently in -mm which might be from anshuman.khandual(a)arm.com are mm-memblock-add-memblock_rsrv_noinit-into-flagname-array.patch mm-cma-dont-treat-bad-input-arguments-for-cma_alloc-as-its-failure.patch mm-cma-drop-config_cma_debug.patch mm-cma-make-max_cma_areas-=-config_cma_areas.patch mm-cma-add-sysfs-file-release_pages_success.patch

1 year, 7 months

1
0
0 0

[tip: x86/urgent] x86/mm/ident_map: Use gbpages only where full GB page should be mapped.

by tip-bot2 for Steve Wahl

The following commit has been merged into the x86/urgent branch of tip: Commit-ID: d794734c9bbfe22f86686dc2909c25f5ffe1a572 Gitweb: https://git.kernel.org/tip/d794734c9bbfe22f86686dc2909c25f5ffe1a572 Author: Steve Wahl <steve.wahl(a)hpe.com> AuthorDate: Fri, 26 Jan 2024 10:48:41 -06:00 Committer: Dave Hansen <dave.hansen(a)linux.intel.com> CommitterDate: Mon, 12 Feb 2024 14:53:42 -08:00 x86/mm/ident_map: Use gbpages only where full GB page should be mapped. When ident_pud_init() uses only gbpages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K request will map a full GB. On UV systems, this ends up including regions that will cause hardware to halt the system if accessed (these are marked "reserved" by BIOS). Even processor speculation into these regions is enough to trigger the system halt. Only use gbpages when map creation requests include the full GB page of space. Fall back to using smaller 2M pages when only portions of a GB page are included in the request. No attempt is made to coalesce mapping requests. If a request requires a map entry at the 2M (pmd) level, subsequent mapping requests within the same 1G region will also be at the pmd level, even if adjacent or overlapping such requests could have been combined to map a full gbpage. Existing usage starts with larger regions and then adds smaller regions, so this should not have any great consequence. [ dhansen: fix up comment formatting, simplifty changelog ] Signed-off-by: Steve Wahl <steve.wahl(a)hpe.com> Signed-off-by: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/all/20240126164841.170866-1-steve.wahl%40hpe.com --- arch/x86/mm/ident_map.c | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/arch/x86/mm/ident_map.c b/arch/x86/mm/ident_map.c index 968d700..f50cc21 100644 --- a/arch/x86/mm/ident_map.c +++ b/arch/x86/mm/ident_map.c @@ -26,18 +26,31 @@ static int ident_pud_init(struct x86_mapping_info *info, pud_t *pud_page, for (; addr < end; addr = next) { pud_t *pud = pud_page + pud_index(addr); pmd_t *pmd; + bool use_gbpage; next = (addr & PUD_MASK) + PUD_SIZE; if (next > end) next = end; - if (info->direct_gbpages) { - pud_t pudval; + /* if this is already a gbpage, this portion is already mapped */ + if (pud_large(*pud)) + continue; + + /* Is using a gbpage allowed? */ + use_gbpage = info->direct_gbpages; - if (pud_present(*pud)) - continue; + /* Don't use gbpage if it maps more than the requested region. */ + /* at the begining: */ + use_gbpage &= ((addr & ~PUD_MASK) == 0); + /* ... or at the end: */ + use_gbpage &= ((next & ~PUD_MASK) == 0); + + /* Never overwrite existing mappings */ + use_gbpage &= !pud_present(*pud); + + if (use_gbpage) { + pud_t pudval; - addr &= PUD_MASK; pudval = __pud((addr - info->offset) | info->page_flag); set_pud(pud, pudval); continue;

1 year, 7 months

1
0
0 0

+ kasan-test-avoid-gcc-warning-for-intentional-overflow.patch added to mm-unstable branch

by Andrew Morton

The patch titled Subject: kasan/test: avoid gcc warning for intentional overflow has been added to the -mm mm-unstable branch. Its filename is kasan-test-avoid-gcc-warning-for-intentional-overflow.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Arnd Bergmann <arnd(a)arndb.de> Subject: kasan/test: avoid gcc warning for intentional overflow Date: Mon, 12 Feb 2024 12:15:52 +0100 The out-of-bounds test allocates an object that is three bytes too short in order to validate the bounds checking. Starting with gcc-14, this causes a compile-time warning as gcc has grown smart enough to understand the sizeof() logic: mm/kasan/kasan_test.c: In function 'kmalloc_oob_16': mm/kasan/kasan_test.c:443:14: error: allocation of insufficient size '13' for type 'struct <anonymous>' with size '16' [-Werror=alloc-size] 443 | ptr1 = kmalloc(sizeof(*ptr1) - 3, GFP_KERNEL); | ^ Hide the actual computation behind a RELOC_HIDE() that ensures the compiler misses the intentional bug. Link: https://lkml.kernel.org/r/20240212111609.869266-1-arnd@kernel.org Fixes: 3f15801cdc23 ("lib: add kasan test module") Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> Cc: Alexander Potapenko <glider(a)google.com> Cc: Andrey Konovalov <andreyknvl(a)gmail.com> Cc: Andrey Ryabinin <ryabinin.a.a(a)gmail.com> Cc: Arnd Bergmann <arnd(a)arndb.de> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Marco Elver <elver(a)google.com> Cc: Vincenzo Frascino <vincenzo.frascino(a)arm.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/kasan/kasan_test.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/mm/kasan/kasan_test.c~kasan-test-avoid-gcc-warning-for-intentional-overflow +++ a/mm/kasan/kasan_test.c @@ -440,7 +440,8 @@ static void kmalloc_oob_16(struct kunit /* This test is specifically crafted for the generic mode. */ KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_GENERIC); - ptr1 = kmalloc(sizeof(*ptr1) - 3, GFP_KERNEL); + /* RELOC_HIDE to prevent gcc from warning about short alloc */ + ptr1 = RELOC_HIDE(kmalloc(sizeof(*ptr1) - 3, GFP_KERNEL), 0); KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr1); ptr2 = kmalloc(sizeof(*ptr2), GFP_KERNEL); _ Patches currently in -mm which might be from arnd(a)arndb.de are mm-damon-dbgfs-implement-deprecation-notice-file-fix.patch kasan-test-avoid-gcc-warning-for-intentional-overflow.patch

1 year, 7 months

1
0
0 0

[PATCH] ASoC: amd: yc: Fix non-functional mic on Lenovo 82UU

by Attila Tőkés

Like many other models, the Lenovo 82UU (Yoga Slim 7 Pro 14ARH7) needs a quirk entry for the internal microphone to function. Cc: stable(a)vger.kernel.org Signed-off-by: Attila Tőkés <attitokes(a)gmail.com> --- sound/soc/amd/yc/acp6x-mach.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/sound/soc/amd/yc/acp6x-mach.c b/sound/soc/amd/yc/acp6x-mach.c index 23d44a50d815..864976a81393 100644 --- a/sound/soc/amd/yc/acp6x-mach.c +++ b/sound/soc/amd/yc/acp6x-mach.c @@ -234,6 +234,13 @@ static const struct dmi_system_id yc_acp_quirk_table[] = { DMI_MATCH(DMI_PRODUCT_NAME, "82UG"), } }, + { + .driver_data = &acp6x_card, + .matches = { + DMI_MATCH(DMI_BOARD_VENDOR, "LENOVO"), + DMI_MATCH(DMI_PRODUCT_NAME, "82UU"), + } + }, { .driver_data = &acp6x_card, .matches = { -- 2.34.1

1 year, 7 months

2
1
0 0

[PATCH 6.1.y] fs: dlm: don't put dlm_local_addrs on heap

by Jordan Rife

From: Alexander Aring <aahringo(a)redhat.com> commit c51c9cd8addcfbdc097dbefd59f022402183644b upstream This patch removes to allocate the dlm_local_addr[] pointers on the heap. Instead we directly store the type of "struct sockaddr_storage". This removes function deinit_local() because it was freeing memory only. Backport e11dea8 ("dlm: use kernel_connect() and kernel_bind()") to Linux stable 6.1 caused a regression. The original patch expected dlm_local_addrs[0] to be of type sockaddr_storage, because c51c9cd ("fs: dlm: don't put dlm_local_addrs on heap") changed its type from sockaddr_storage* to sockaddr_storage in Linux 6.5+ while in older Linux versions this is still the original sockaddr_storage*. Signed-off-by: Alexander Aring <aahringo(a)redhat.com> Signed-off-by: David Teigland <teigland(a)redhat.com> Signed-off-by: Jordan Rife <jrife(a)google.com> Tested-by: Valentin Kleibel <valentin(a)vrvis.at> Fixes: e11dea8f5033 ("dlm: use kernel_connect() and kernel_bind()") Closes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063338 Link: https://lore.kernel.org/stable/20240209162658.70763-2-jrife@google.com/T/#u Cc: <stable(a)vger.kernel.org> # 6.1.x --- fs/dlm/lowcomms.c | 36 +++++++++++------------------------- 1 file changed, 11 insertions(+), 25 deletions(-) diff --git a/fs/dlm/lowcomms.c b/fs/dlm/lowcomms.c index 72f34f96d0155..e26af8c23aa80 100644 --- a/fs/dlm/lowcomms.c +++ b/fs/dlm/lowcomms.c @@ -174,7 +174,7 @@ static LIST_HEAD(dlm_node_addrs); static DEFINE_SPINLOCK(dlm_node_addrs_spin); static struct listen_connection listen_con; -static struct sockaddr_storage *dlm_local_addr[DLM_MAX_ADDR_COUNT]; +static struct sockaddr_storage dlm_local_addr[DLM_MAX_ADDR_COUNT]; static int dlm_local_count; int dlm_allow_conn; @@ -398,7 +398,7 @@ static int nodeid_to_addr(int nodeid, struct sockaddr_storage *sas_out, if (!sa_out) return 0; - if (dlm_local_addr[0]->ss_family == AF_INET) { + if (dlm_local_addr[0].ss_family == AF_INET) { struct sockaddr_in *in4 = (struct sockaddr_in *) &sas; struct sockaddr_in *ret4 = (struct sockaddr_in *) sa_out; ret4->sin_addr.s_addr = in4->sin_addr.s_addr; @@ -727,7 +727,7 @@ static void add_sock(struct socket *sock, struct connection *con) static void make_sockaddr(struct sockaddr_storage *saddr, uint16_t port, int *addr_len) { - saddr->ss_family = dlm_local_addr[0]->ss_family; + saddr->ss_family = dlm_local_addr[0].ss_family; if (saddr->ss_family == AF_INET) { struct sockaddr_in *in4_addr = (struct sockaddr_in *)saddr; in4_addr->sin_port = cpu_to_be16(port); @@ -1167,7 +1167,7 @@ static int sctp_bind_addrs(struct socket *sock, uint16_t port) int i, addr_len, result = 0; for (i = 0; i < dlm_local_count; i++) { - memcpy(&localaddr, dlm_local_addr[i], sizeof(localaddr)); + memcpy(&localaddr, &dlm_local_addr[i], sizeof(localaddr)); make_sockaddr(&localaddr, port, &addr_len); if (!i) @@ -1187,7 +1187,7 @@ static int sctp_bind_addrs(struct socket *sock, uint16_t port) /* Get local addresses */ static void init_local(void) { - struct sockaddr_storage sas, *addr; + struct sockaddr_storage sas; int i; dlm_local_count = 0; @@ -1195,21 +1195,10 @@ static void init_local(void) if (dlm_our_addr(&sas, i)) break; - addr = kmemdup(&sas, sizeof(*addr), GFP_NOFS); - if (!addr) - break; - dlm_local_addr[dlm_local_count++] = addr; + memcpy(&dlm_local_addr[dlm_local_count++], &sas, sizeof(sas)); } } -static void deinit_local(void) -{ - int i; - - for (i = 0; i < dlm_local_count; i++) - kfree(dlm_local_addr[i]); -} - static struct writequeue_entry *new_writequeue_entry(struct connection *con) { struct writequeue_entry *entry; @@ -1575,7 +1564,7 @@ static void dlm_connect(struct connection *con) } /* Create a socket to communicate with */ - result = sock_create_kern(&init_net, dlm_local_addr[0]->ss_family, + result = sock_create_kern(&init_net, dlm_local_addr[0].ss_family, SOCK_STREAM, dlm_proto_ops->proto, &sock); if (result < 0) goto socket_err; @@ -1786,7 +1775,6 @@ void dlm_lowcomms_stop(void) foreach_conn(free_conn); srcu_read_unlock(&connections_srcu, idx); work_stop(); - deinit_local(); dlm_proto_ops = NULL; } @@ -1803,7 +1791,7 @@ static int dlm_listen_for_all(void) if (result < 0) return result; - result = sock_create_kern(&init_net, dlm_local_addr[0]->ss_family, + result = sock_create_kern(&init_net, dlm_local_addr[0].ss_family, SOCK_STREAM, dlm_proto_ops->proto, &sock); if (result < 0) { log_print("Can't create comms socket: %d", result); @@ -1842,7 +1830,7 @@ static int dlm_tcp_bind(struct socket *sock) /* Bind to our cluster-known address connecting to avoid * routing problems. */ - memcpy(&src_addr, dlm_local_addr[0], sizeof(src_addr)); + memcpy(&src_addr, &dlm_local_addr[0], sizeof(src_addr)); make_sockaddr(&src_addr, 0, &addr_len); result = kernel_bind(sock, (struct sockaddr *)&src_addr, @@ -1899,7 +1887,7 @@ static int dlm_tcp_listen_bind(struct socket *sock) int addr_len; /* Bind to our port */ - make_sockaddr(dlm_local_addr[0], dlm_config.ci_tcp_port, &addr_len); + make_sockaddr(&dlm_local_addr[0], dlm_config.ci_tcp_port, &addr_len); return kernel_bind(sock, (struct sockaddr *)&dlm_local_addr[0], addr_len); } @@ -1992,7 +1980,7 @@ int dlm_lowcomms_start(void) error = work_start(); if (error) - goto fail_local; + goto fail; dlm_allow_conn = 1; @@ -2022,8 +2010,6 @@ int dlm_lowcomms_start(void) fail_proto_ops: dlm_allow_conn = 0; work_stop(); -fail_local: - deinit_local(); fail: return error; } -- 2.43.0.687.g38aa6559b0-goog

1 year, 7 months

1
0
0 0

[PATCH 05/10] arm64: dts: qcom: sc8280xp-x13s: limit pcie4 link speed

by Johan Hovold

Limit the WiFi PCIe link speed to Gen2 speed (500 GB/s), which is the speed that the boot firmware has brought up the link at (and that Windows uses). This is specifically needed to avoid a large amount of link errors when restarting the link during boot (but which are currently not reported). This may potentially also help with intermittent failures to download the ath11k firmware during boot which can be seen when there is a longer delay between restarting the link and loading the WiFi driver (e.g. when using full disk encryption). Fixes: 123b30a75623 ("arm64: dts: qcom: sc8280xp-x13s: enable WiFi controller") Cc: stable(a)vger.kernel.org # 6.2 Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts b/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts index 511d53d9c5a1..ff4b896b1bbf 100644 --- a/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts +++ b/arch/arm64/boot/dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts @@ -863,6 +863,8 @@ &pcie3a_phy { }; &pcie4 { + max-link-speed = <2>; + perst-gpios = <&tlmm 141 GPIO_ACTIVE_LOW>; wake-gpios = <&tlmm 139 GPIO_ACTIVE_LOW>; -- 2.43.0

1 year, 7 months

1
0
0 0

[PATCH 03/10] arm64: dts: qcom: sc8280xp: add missing PCIe minimum OPP

by Johan Hovold

Add the missing PCIe CX performance level votes to avoid relying on other drivers (e.g. USB or UFS) to maintain the nominal performance level required for Gen3 speeds. Fixes: 813e83157001 ("arm64: dts: qcom: sc8280xp/sa8540p: add PCIe2-4 nodes") Cc: stable(a)vger.kernel.org # 6.2 Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- arch/arm64/boot/dts/qcom/sc8280xp.dtsi | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/arm64/boot/dts/qcom/sc8280xp.dtsi b/arch/arm64/boot/dts/qcom/sc8280xp.dtsi index ae41b3051819..36382b1bd965 100644 --- a/arch/arm64/boot/dts/qcom/sc8280xp.dtsi +++ b/arch/arm64/boot/dts/qcom/sc8280xp.dtsi @@ -1780,6 +1780,7 @@ pcie4: pcie@1c00000 { reset-names = "pci"; power-domains = <&gcc PCIE_4_GDSC>; + required-opps = <&rpmhpd_opp_nom>; phys = <&pcie4_phy>; phy-names = "pciephy"; @@ -1878,6 +1879,7 @@ pcie3b: pcie@1c08000 { reset-names = "pci"; power-domains = <&gcc PCIE_3B_GDSC>; + required-opps = <&rpmhpd_opp_nom>; phys = <&pcie3b_phy>; phy-names = "pciephy"; @@ -1976,6 +1978,7 @@ pcie3a: pcie@1c10000 { reset-names = "pci"; power-domains = <&gcc PCIE_3A_GDSC>; + required-opps = <&rpmhpd_opp_nom>; phys = <&pcie3a_phy>; phy-names = "pciephy"; @@ -2077,6 +2080,7 @@ pcie2b: pcie@1c18000 { reset-names = "pci"; power-domains = <&gcc PCIE_2B_GDSC>; + required-opps = <&rpmhpd_opp_nom>; phys = <&pcie2b_phy>; phy-names = "pciephy"; @@ -2175,6 +2179,7 @@ pcie2a: pcie@1c20000 { reset-names = "pci"; power-domains = <&gcc PCIE_2A_GDSC>; + required-opps = <&rpmhpd_opp_nom>; phys = <&pcie2a_phy>; phy-names = "pciephy"; -- 2.43.0

1 year, 7 months

1
0
0 0

Re: [syzbot] [ext4?] KASAN: out-of-bounds Read in ext4_ext_remove_space

by syzbot

syzbot suspects this issue was fixed by commit: commit 6f861765464f43a71462d52026fbddfc858239a5 Author: Jan Kara <jack(a)suse.cz> Date: Wed Nov 1 17:43:10 2023 +0000 fs: Block writes to mounted block devices bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=1764f648180000 start commit: e6fda526d9db Merge tag 'arm64-fixes' of git://git.kernel.o.. git tree: upstream kernel config: https://syzkaller.appspot.com/x/.config?x=1e3d5175079af5a4 dashboard link: https://syzkaller.appspot.com/bug?extid=6e5f2db05775244c73b7 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16a56679a80000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14d76b5da80000 If the result looks correct, please mark the issue as fixed by replying with: #syz fix: fs: Block writes to mounted block devices For information about bisection process see: https://goo.gl/tpsmEJ#bisection

1 year, 7 months

2
1
0 0

[PATCH 0/2] Bluetooth: SCO: possible deadlock in sco_conn_del

by oficerovas＠altlinux.org

From: Alexander Ofitserov <oficerovas(a)altlinux.org> Syzkaller hit 'possible deadlock in sco_conn_del' bug. This bug is not a vulnerability and is reproduced only when running with root privileges for stable 6.1 kernel. This series of patches is fix for this particular bug. Both of these patches were taken from upstream and applied clearly without any conflicts. First one is the fix for the problem and another one is for fix first patch. Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 ====================================================== WARNING: possible circular locking dependency detected 6.1.55-un-def-alt1 #1 Not tainted ------------------------------------------------------ syz-executor272/377 is trying to acquire lock: ffff888115b93130 (sk_lock-AF_BLUETOOTH-BTPROTO_SCO){+.+.}-{0:0}, at: sco_conn_del+0x121/0x2c0 [bluetooth] but task is already holding lock: ffffffffc12bce28 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xcc/0x2a0 [bluetooth] which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (hci_cb_list_lock){+.+.}-{3:3}: __mutex_lock_common kernel/locking/mutex.c:603 [inline] __mutex_lock+0x12f/0x18f0 kernel/locking/mutex.c:747 hci_remote_features_evt+0x45b/0x950 [bluetooth] hci_event_packet+0x91e/0xf60 [bluetooth] hci_rx_work+0xa68/0x10f0 [bluetooth] process_one_work+0xa18/0x1570 kernel/workqueue.c:2292 worker_thread+0x63a/0x1260 kernel/workqueue.c:2439 kthread+0x2ec/0x3b0 kernel/kthread.c:376 ret_from_fork+0x22/0x30 arch/x86/entry/entry_64.S:306 -> #1 (&hdev->lock){+.+.}-{3:3}: __mutex_lock_common kernel/locking/mutex.c:603 [inline] __mutex_lock+0x12f/0x18f0 kernel/locking/mutex.c:747 sco_sock_connect+0x1e9/0xa60 [bluetooth] __sys_connect_file+0x15a/0x1a0 net/socket.c:1976 __sys_connect+0x16a/0x1a0 net/socket.c:1993 __do_sys_connect net/socket.c:2003 [inline] __se_sys_connect net/socket.c:2000 [inline] __x64_sys_connect+0x74/0xb0 net/socket.c:2000 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x5c/0x90 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x64/0xce -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_SCO){+.+.}-{0:0}: check_prev_add kernel/locking/lockdep.c:3090 [inline] check_prevs_add kernel/locking/lockdep.c:3209 [inline] validate_chain kernel/locking/lockdep.c:3824 [inline] __lock_acquire+0x28c2/0x5350 kernel/locking/lockdep.c:5048 lock_acquire kernel/locking/lockdep.c:5661 [inline] lock_acquire+0x1fb/0x580 kernel/locking/lockdep.c:5626 lock_sock_nested+0x42/0x100 net/core/sock.c:3475 sco_conn_del+0x121/0x2c0 [bluetooth] sco_disconn_cfm+0x67/0x80 [bluetooth] hci_conn_hash_flush+0x11e/0x2a0 [bluetooth] hci_dev_close_sync+0x51d/0xf70 [bluetooth] hci_rfkill_set_block+0x17c/0x1c0 [bluetooth] rfkill_set_block+0x202/0x550 [rfkill] rfkill_fop_write+0x2b8/0x540 [rfkill] vfs_write+0x2d7/0xdd0 fs/read_write.c:582 ksys_write+0x1f5/0x260 fs/read_write.c:637 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x5c/0x90 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x64/0xce other info that might help us debug this: Chain exists of: sk_lock-AF_BLUETOOTH-BTPROTO_SCO --> &hdev->lock --> hci_cb_list_lock Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(hci_cb_list_lock); lock(&hdev->lock); lock(hci_cb_list_lock); lock(sk_lock-AF_BLUETOOTH-BTPROTO_SCO); *** DEADLOCK *** 4 locks held by syz-executor272/377: #0: ffffffffc0d83688 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x162/0x540 [rfkill] #1: ffff888100de90b8 (&hdev->req_lock){+.+.}-{3:3}, at: hci_rfkill_set_block+0x174/0x1c0 [bluetooth] #2: ffff888100de8078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x2e1/0xf70 [bluetooth] #3: ffffffffc12bce28 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xcc/0x2a0 [bluetooth] stack backtrace: CPU: 1 PID: 377 Comm: syz-executor272 Not tainted 6.1.55-un-def-alt1 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-alt1 04/01/2014 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x14f/0x1be lib/dump_stack.c:106 check_noncircular+0x263/0x2e0 kernel/locking/lockdep.c:2170 check_prev_add kernel/locking/lockdep.c:3090 [inline] check_prevs_add kernel/locking/lockdep.c:3209 [inline] validate_chain kernel/locking/lockdep.c:3824 [inline] __lock_acquire+0x28c2/0x5350 kernel/locking/lockdep.c:5048 lock_acquire kernel/locking/lockdep.c:5661 [inline] lock_acquire+0x1fb/0x580 kernel/locking/lockdep.c:5626 lock_sock_nested+0x42/0x100 net/core/sock.c:3475 sco_conn_del+0x121/0x2c0 [bluetooth] sco_disconn_cfm+0x67/0x80 [bluetooth] hci_conn_hash_flush+0x11e/0x2a0 [bluetooth] hci_dev_close_sync+0x51d/0xf70 [bluetooth] hci_rfkill_set_block+0x17c/0x1c0 [bluetooth] rfkill_set_block+0x202/0x550 [rfkill] rfkill_fop_write+0x2b8/0x540 [rfkill] vfs_write+0x2d7/0xdd0 fs/read_write.c:582 ksys_write+0x1f5/0x260 fs/read_write.c:637 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x5c/0x90 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x64/0xce RIP: 0033:0x7fa908ef7d49 Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d ef 70 0d 00 f7 d8 64 89 01 48 RSP: 002b:00007fa9085f7e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 000055a2e59de080 RCX: 00007fa908ef7d49 RDX: 0000000000000008 RSI: 0000000020000040 RDI: 0000000000000003 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdb3f52d1e R13: 00007ffdb3f52d1f R14: 000055a2e59de088 R15: 00007fa9085f8640 // autogenerated by syzkaller (https://github.com/google/syzkaller) #define _GNU_SOURCE #include <dirent.h> #include <endian.h> #include <errno.h> #include <fcntl.h> #include <pthread.h> #include <sched.h> #include <signal.h> #include <stdarg.h> #include <stdbool.h> #include <stdint.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/epoll.h> #include <sys/ioctl.h> #include <sys/mount.h> #include <sys/prctl.h> #include <sys/resource.h> #include <sys/socket.h> #include <sys/stat.h> #include <sys/syscall.h> #include <sys/time.h> #include <sys/types.h> #include <sys/uio.h> #include <sys/wait.h> #include <time.h> #include <unistd.h> #include <linux/capability.h> #include <linux/futex.h> #include <linux/rfkill.h> static unsigned long long procid; static void sleep_ms(uint64_t ms) { usleep(ms * 1000); } static uint64_t current_time_ms(void) { struct timespec ts; if (clock_gettime(CLOCK_MONOTONIC, &ts)) exit(1); return (uint64_t)ts.tv_sec * 1000 + (uint64_t)ts.tv_nsec / 1000000; } static void thread_start(void* (*fn)(void*), void* arg) { pthread_t th; pthread_attr_t attr; pthread_attr_init(&attr); pthread_attr_setstacksize(&attr, 128 << 10); int i = 0; for (; i < 100; i++) { if (pthread_create(&th, &attr, fn, arg) == 0) { pthread_attr_destroy(&attr); return; } if (errno == EAGAIN) { usleep(50); continue; } break; } exit(1); } typedef struct { int state; } event_t; static void event_init(event_t* ev) { ev->state = 0; } static void event_reset(event_t* ev) { ev->state = 0; } static void event_set(event_t* ev) { if (ev->state) exit(1); __atomic_store_n(&ev->state, 1, __ATOMIC_RELEASE); syscall(SYS_futex, &ev->state, FUTEX_WAKE | FUTEX_PRIVATE_FLAG, 1000000); } static void event_wait(event_t* ev) { while (!__atomic_load_n(&ev->state, __ATOMIC_ACQUIRE)) syscall(SYS_futex, &ev->state, FUTEX_WAIT | FUTEX_PRIVATE_FLAG, 0, 0); } static int event_isset(event_t* ev) { return __atomic_load_n(&ev->state, __ATOMIC_ACQUIRE); } static int event_timedwait(event_t* ev, uint64_t timeout) { uint64_t start = current_time_ms(); uint64_t now = start; for (;;) { uint64_t remain = timeout - (now - start); struct timespec ts; ts.tv_sec = remain / 1000; ts.tv_nsec = (remain % 1000) * 1000 * 1000; syscall(SYS_futex, &ev->state, FUTEX_WAIT | FUTEX_PRIVATE_FLAG, 0, &ts); if (__atomic_load_n(&ev->state, __ATOMIC_ACQUIRE)) return 1; now = current_time_ms(); if (now - start > timeout) return 0; } } static bool write_file(const char* file, const char* what, ...) { char buf[1024]; va_list args; va_start(args, what); vsnprintf(buf, sizeof(buf), what, args); va_end(args); buf[sizeof(buf) - 1] = 0; int len = strlen(buf); int fd = open(file, O_WRONLY | O_CLOEXEC); if (fd == -1) return false; if (write(fd, buf, len) != len) { int err = errno; close(fd); errno = err; return false; } close(fd); return true; } const int kInitNetNsFd = 201; #define MAX_FDS 30 static long syz_init_net_socket(volatile long domain, volatile long type, volatile long proto) { int netns = open("/proc/self/ns/net", O_RDONLY); if (netns == -1) return netns; if (setns(kInitNetNsFd, 0)) return -1; int sock = syscall(__NR_socket, domain, type, proto); int err = errno; if (setns(netns, 0)) exit(1); close(netns); errno = err; return sock; } #define BTPROTO_HCI 1 #define ACL_LINK 1 #define SCAN_PAGE 2 typedef struct { uint8_t b[6]; } __attribute__((packed)) bdaddr_t; #define HCI_COMMAND_PKT 1 #define HCI_EVENT_PKT 4 #define HCI_VENDOR_PKT 0xff struct hci_command_hdr { uint16_t opcode; uint8_t plen; } __attribute__((packed)); struct hci_event_hdr { uint8_t evt; uint8_t plen; } __attribute__((packed)); #define HCI_EV_CONN_COMPLETE 0x03 struct hci_ev_conn_complete { uint8_t status; uint16_t handle; bdaddr_t bdaddr; uint8_t link_type; uint8_t encr_mode; } __attribute__((packed)); #define HCI_EV_CONN_REQUEST 0x04 struct hci_ev_conn_request { bdaddr_t bdaddr; uint8_t dev_class[3]; uint8_t link_type; } __attribute__((packed)); #define HCI_EV_REMOTE_FEATURES 0x0b struct hci_ev_remote_features { uint8_t status; uint16_t handle; uint8_t features[8]; } __attribute__((packed)); #define HCI_EV_CMD_COMPLETE 0x0e struct hci_ev_cmd_complete { uint8_t ncmd; uint16_t opcode; } __attribute__((packed)); #define HCI_OP_WRITE_SCAN_ENABLE 0x0c1a #define HCI_OP_READ_BUFFER_SIZE 0x1005 struct hci_rp_read_buffer_size { uint8_t status; uint16_t acl_mtu; uint8_t sco_mtu; uint16_t acl_max_pkt; uint16_t sco_max_pkt; } __attribute__((packed)); #define HCI_OP_READ_BD_ADDR 0x1009 struct hci_rp_read_bd_addr { uint8_t status; bdaddr_t bdaddr; } __attribute__((packed)); #define HCI_EV_LE_META 0x3e struct hci_ev_le_meta { uint8_t subevent; } __attribute__((packed)); #define HCI_EV_LE_CONN_COMPLETE 0x01 struct hci_ev_le_conn_complete { uint8_t status; uint16_t handle; uint8_t role; uint8_t bdaddr_type; bdaddr_t bdaddr; uint16_t interval; uint16_t latency; uint16_t supervision_timeout; uint8_t clk_accurancy; } __attribute__((packed)); struct hci_dev_req { uint16_t dev_id; uint32_t dev_opt; }; struct vhci_vendor_pkt { uint8_t type; uint8_t opcode; uint16_t id; }; #define HCIDEVUP _IOW('H', 201, int) #define HCISETSCAN _IOW('H', 221, int) static int vhci_fd = -1; static void rfkill_unblock_all() { int fd = open("/dev/rfkill", O_WRONLY); if (fd < 0) exit(1); struct rfkill_event event = {0}; event.idx = 0; event.type = RFKILL_TYPE_ALL; event.op = RFKILL_OP_CHANGE_ALL; event.soft = 0; event.hard = 0; if (write(fd, &event, sizeof(event)) < 0) exit(1); close(fd); } static void hci_send_event_packet(int fd, uint8_t evt, void* data, size_t data_len) { struct iovec iv[3]; struct hci_event_hdr hdr; hdr.evt = evt; hdr.plen = data_len; uint8_t type = HCI_EVENT_PKT; iv[0].iov_base = &type; iv[0].iov_len = sizeof(type); iv[1].iov_base = &hdr; iv[1].iov_len = sizeof(hdr); iv[2].iov_base = data; iv[2].iov_len = data_len; if (writev(fd, iv, sizeof(iv) / sizeof(struct iovec)) < 0) exit(1); } static void hci_send_event_cmd_complete(int fd, uint16_t opcode, void* data, size_t data_len) { struct iovec iv[4]; struct hci_event_hdr hdr; hdr.evt = HCI_EV_CMD_COMPLETE; hdr.plen = sizeof(struct hci_ev_cmd_complete) + data_len; struct hci_ev_cmd_complete evt_hdr; evt_hdr.ncmd = 1; evt_hdr.opcode = opcode; uint8_t type = HCI_EVENT_PKT; iv[0].iov_base = &type; iv[0].iov_len = sizeof(type); iv[1].iov_base = &hdr; iv[1].iov_len = sizeof(hdr); iv[2].iov_base = &evt_hdr; iv[2].iov_len = sizeof(evt_hdr); iv[3].iov_base = data; iv[3].iov_len = data_len; if (writev(fd, iv, sizeof(iv) / sizeof(struct iovec)) < 0) exit(1); } static bool process_command_pkt(int fd, char* buf, ssize_t buf_size) { struct hci_command_hdr* hdr = (struct hci_command_hdr*)buf; if (buf_size < (ssize_t)sizeof(struct hci_command_hdr) || hdr->plen != buf_size - sizeof(struct hci_command_hdr)) exit(1); switch (hdr->opcode) { case HCI_OP_WRITE_SCAN_ENABLE: { uint8_t status = 0; hci_send_event_cmd_complete(fd, hdr->opcode, &status, sizeof(status)); return true; } case HCI_OP_READ_BD_ADDR: { struct hci_rp_read_bd_addr rp = {0}; rp.status = 0; memset(&rp.bdaddr, 0xaa, 6); hci_send_event_cmd_complete(fd, hdr->opcode, &rp, sizeof(rp)); return false; } case HCI_OP_READ_BUFFER_SIZE: { struct hci_rp_read_buffer_size rp = {0}; rp.status = 0; rp.acl_mtu = 1021; rp.sco_mtu = 96; rp.acl_max_pkt = 4; rp.sco_max_pkt = 6; hci_send_event_cmd_complete(fd, hdr->opcode, &rp, sizeof(rp)); return false; } } char dummy[0xf9] = {0}; hci_send_event_cmd_complete(fd, hdr->opcode, dummy, sizeof(dummy)); return false; } static void* event_thread(void* arg) { while (1) { char buf[1024] = {0}; ssize_t buf_size = read(vhci_fd, buf, sizeof(buf)); if (buf_size < 0) exit(1); if (buf_size > 0 && buf[0] == HCI_COMMAND_PKT) { if (process_command_pkt(vhci_fd, buf + 1, buf_size - 1)) break; } } return NULL; } #define HCI_HANDLE_1 200 #define HCI_HANDLE_2 201 static void initialize_vhci() { int hci_sock = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); if (hci_sock < 0) exit(1); vhci_fd = open("/dev/vhci", O_RDWR); if (vhci_fd == -1) exit(1); const int kVhciFd = 202; if (dup2(vhci_fd, kVhciFd) < 0) exit(1); close(vhci_fd); vhci_fd = kVhciFd; struct vhci_vendor_pkt vendor_pkt; if (read(vhci_fd, &vendor_pkt, sizeof(vendor_pkt)) != sizeof(vendor_pkt)) exit(1); if (vendor_pkt.type != HCI_VENDOR_PKT) exit(1); pthread_t th; if (pthread_create(&th, NULL, event_thread, NULL)) exit(1); int ret = ioctl(hci_sock, HCIDEVUP, vendor_pkt.id); if (ret) { if (errno == ERFKILL) { rfkill_unblock_all(); ret = ioctl(hci_sock, HCIDEVUP, vendor_pkt.id); } if (ret && errno != EALREADY) exit(1); } struct hci_dev_req dr = {0}; dr.dev_id = vendor_pkt.id; dr.dev_opt = SCAN_PAGE; if (ioctl(hci_sock, HCISETSCAN, &dr)) exit(1); struct hci_ev_conn_request request; memset(&request, 0, sizeof(request)); memset(&request.bdaddr, 0xaa, 6); *(uint8_t*)&request.bdaddr.b[5] = 0x10; request.link_type = ACL_LINK; hci_send_event_packet(vhci_fd, HCI_EV_CONN_REQUEST, &request, sizeof(request)); struct hci_ev_conn_complete complete; memset(&complete, 0, sizeof(complete)); complete.status = 0; complete.handle = HCI_HANDLE_1; memset(&complete.bdaddr, 0xaa, 6); *(uint8_t*)&complete.bdaddr.b[5] = 0x10; complete.link_type = ACL_LINK; complete.encr_mode = 0; hci_send_event_packet(vhci_fd, HCI_EV_CONN_COMPLETE, &complete, sizeof(complete)); struct hci_ev_remote_features features; memset(&features, 0, sizeof(features)); features.status = 0; features.handle = HCI_HANDLE_1; hci_send_event_packet(vhci_fd, HCI_EV_REMOTE_FEATURES, &features, sizeof(features)); struct { struct hci_ev_le_meta le_meta; struct hci_ev_le_conn_complete le_conn; } le_conn; memset(&le_conn, 0, sizeof(le_conn)); le_conn.le_meta.subevent = HCI_EV_LE_CONN_COMPLETE; memset(&le_conn.le_conn.bdaddr, 0xaa, 6); *(uint8_t*)&le_conn.le_conn.bdaddr.b[5] = 0x11; le_conn.le_conn.role = 1; le_conn.le_conn.handle = HCI_HANDLE_2; hci_send_event_packet(vhci_fd, HCI_EV_LE_META, &le_conn, sizeof(le_conn)); pthread_join(th, NULL); close(hci_sock); } static void setup_common() { if (mount(0, "/sys/fs/fuse/connections", "fusectl", 0, 0)) { } } static void setup_binderfs() { if (mkdir("/dev/binderfs", 0777)) { } if (mount("binder", "/dev/binderfs", "binder", 0, NULL)) { } if (symlink("/dev/binderfs", "./binderfs")) { } } static void loop(); static void sandbox_common() { prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); setsid(); int netns = open("/proc/self/ns/net", O_RDONLY); if (netns == -1) exit(1); if (dup2(netns, kInitNetNsFd) < 0) exit(1); close(netns); struct rlimit rlim; rlim.rlim_cur = rlim.rlim_max = (200 << 20); setrlimit(RLIMIT_AS, &rlim); rlim.rlim_cur = rlim.rlim_max = 32 << 20; setrlimit(RLIMIT_MEMLOCK, &rlim); rlim.rlim_cur = rlim.rlim_max = 136 << 20; setrlimit(RLIMIT_FSIZE, &rlim); rlim.rlim_cur = rlim.rlim_max = 1 << 20; setrlimit(RLIMIT_STACK, &rlim); rlim.rlim_cur = rlim.rlim_max = 0; setrlimit(RLIMIT_CORE, &rlim); rlim.rlim_cur = rlim.rlim_max = 256; setrlimit(RLIMIT_NOFILE, &rlim); if (unshare(CLONE_NEWNS)) { } if (mount(NULL, "/", NULL, MS_REC | MS_PRIVATE, NULL)) { } if (unshare(CLONE_NEWIPC)) { } if (unshare(0x02000000)) { } if (unshare(CLONE_NEWUTS)) { } if (unshare(CLONE_SYSVSEM)) { } typedef struct { const char* name; const char* value; } sysctl_t; static const sysctl_t sysctls[] = { {"/proc/sys/kernel/shmmax", "16777216"}, {"/proc/sys/kernel/shmall", "536870912"}, {"/proc/sys/kernel/shmmni", "1024"}, {"/proc/sys/kernel/msgmax", "8192"}, {"/proc/sys/kernel/msgmni", "1024"}, {"/proc/sys/kernel/msgmnb", "1024"}, {"/proc/sys/kernel/sem", "1024 1048576 500 1024"}, }; unsigned i; for (i = 0; i < sizeof(sysctls) / sizeof(sysctls[0]); i++) write_file(sysctls[i].name, sysctls[i].value); } static int wait_for_loop(int pid) { if (pid < 0) exit(1); int status = 0; while (waitpid(-1, &status, __WALL) != pid) { } return WEXITSTATUS(status); } static void drop_caps(void) { struct __user_cap_header_struct cap_hdr = {}; struct __user_cap_data_struct cap_data[2] = {}; cap_hdr.version = _LINUX_CAPABILITY_VERSION_3; cap_hdr.pid = getpid(); if (syscall(SYS_capget, &cap_hdr, &cap_data)) exit(1); const int drop = (1 << CAP_SYS_PTRACE) | (1 << CAP_SYS_NICE); cap_data[0].effective &= ~drop; cap_data[0].permitted &= ~drop; cap_data[0].inheritable &= ~drop; if (syscall(SYS_capset, &cap_hdr, &cap_data)) exit(1); } static int do_sandbox_none(void) { if (unshare(CLONE_NEWPID)) { } int pid = fork(); if (pid != 0) return wait_for_loop(pid); setup_common(); initialize_vhci(); sandbox_common(); drop_caps(); if (unshare(CLONE_NEWNET)) { } setup_binderfs(); loop(); exit(1); } static void kill_and_wait(int pid, int* status) { kill(-pid, SIGKILL); kill(pid, SIGKILL); for (int i = 0; i < 100; i++) { if (waitpid(-1, status, WNOHANG | __WALL) == pid) return; usleep(1000); } DIR* dir = opendir("/sys/fs/fuse/connections"); if (dir) { for (;;) { struct dirent* ent = readdir(dir); if (!ent) break; if (strcmp(ent->d_name, ".") == 0 || strcmp(ent->d_name, "..") == 0) continue; char abort[300]; snprintf(abort, sizeof(abort), "/sys/fs/fuse/connections/%s/abort", ent->d_name); int fd = open(abort, O_WRONLY); if (fd == -1) { continue; } if (write(fd, abort, 1) < 0) { } close(fd); } closedir(dir); } else { } while (waitpid(-1, status, __WALL) != pid) { } } static void setup_test() { prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); setpgrp(); write_file("/proc/self/oom_score_adj", "1000"); } static void close_fds() { for (int fd = 3; fd < MAX_FDS; fd++) close(fd); } struct thread_t { int created, call; event_t ready, done; }; static struct thread_t threads[16]; static void execute_call(int call); static int running; static void* thr(void* arg) { struct thread_t* th = (struct thread_t*)arg; for (;;) { event_wait(&th->ready); event_reset(&th->ready); execute_call(th->call); __atomic_fetch_sub(&running, 1, __ATOMIC_RELAXED); event_set(&th->done); } return 0; } static void execute_one(void) { int i, call, thread; for (call = 0; call < 4; call++) { for (thread = 0; thread < (int)(sizeof(threads) / sizeof(threads[0])); thread++) { struct thread_t* th = &threads[thread]; if (!th->created) { th->created = 1; event_init(&th->ready); event_init(&th->done); event_set(&th->done); thread_start(thr, th); } if (!event_isset(&th->done)) continue; event_reset(&th->done); th->call = call; __atomic_fetch_add(&running, 1, __ATOMIC_RELAXED); event_set(&th->ready); event_timedwait(&th->done, 50); break; } } for (i = 0; i < 100 && __atomic_load_n(&running, __ATOMIC_RELAXED); i++) sleep_ms(1); close_fds(); } static void execute_one(void); #define WAIT_FLAGS __WALL static void loop(void) { int iter = 0; for (;; iter++) { int pid = fork(); if (pid < 0) exit(1); if (pid == 0) { setup_test(); execute_one(); exit(0); } int status = 0; uint64_t start = current_time_ms(); for (;;) { if (waitpid(-1, &status, WNOHANG | WAIT_FLAGS) == pid) break; sleep_ms(1); if (current_time_ms() - start < 5000) continue; kill_and_wait(pid, &status); break; } } } uint64_t r[2] = {0xffffffffffffffff, 0xffffffffffffffff}; void execute_call(int call) { intptr_t res = 0; switch (call) { case 0: memcpy((void*)0x20000000, "/dev/rfkill\000", 12); res = syscall(__NR_openat, 0xffffffffffffff9cul, 0x20000000ul, 0x100001ul, 0ul); if (res != -1) r[0] = res; break; case 1: *(uint32_t*)0x20000040 = 0; *(uint8_t*)0x20000044 = 0; *(uint8_t*)0x20000045 = 3; *(uint8_t*)0x20000046 = 1; *(uint8_t*)0x20000047 = 0; syscall(__NR_write, r[0], 0x20000040ul, 8ul); break; case 2: res = -1; res = syz_init_net_socket(0x1f, 5, 2); if (res != -1) r[1] = res; break; case 3: *(uint16_t*)0x20000040 = 0x1f; *(uint16_t*)0x20000042 = 0; memset((void*)0x20000044, 255, 6); *(uint16_t*)0x2000004a = 0; *(uint8_t*)0x2000004c = 0; syscall(__NR_connect, r[1], 0x20000040ul, 0xeul); break; } } int main(void) { syscall(__NR_mmap, 0x1ffff000ul, 0x1000ul, 0ul, 0x32ul, -1, 0ul); syscall(__NR_mmap, 0x20000000ul, 0x1000000ul, 7ul, 0x32ul, -1, 0ul); syscall(__NR_mmap, 0x21000000ul, 0x1000ul, 0ul, 0x32ul, -1, 0ul); for (procid = 0; procid < 4; procid++) { if (fork() == 0) { do_sandbox_none(); } } sleep(1000000); return 0; } [PATCH 1/2] Bluetooth: SCO: Fix possible circular locking dependency [PATCH 2/2] Bluetooth: SCO: fix sco_conn related locking and validity -- 2.42.1

1 year, 7 months

2
3
0 0

[PATCH v3] fs, USB gadget: Remove libaio I/O cancellation support

by Bart Van Assche

Originally io_cancel() only supported cancelling USB reads and writes. If I/O was cancelled successfully, information about the cancelled I/O operation was copied to the data structure the io_cancel() 'result' argument points at. Commit 63b05203af57 ("[PATCH] AIO: retry infrastructure fixes and enhancements") changed the io_cancel() behavior from reporting status information via the 'result' argument into reporting status information on the completion ring. Commit 41003a7bcfed ("aio: remove retry-based AIO") accidentally changed the behavior into not reporting a completion event on the completion ring for cancelled requests. This is a bug because successful cancellation leads to an iocb leak in user space. Since this bug was introduced more than ten years ago and since nobody has complained since then, remove support for I/O cancellation. Keep support for cancellation of IOCB_CMD_POLL requests. Calling kiocb_set_cancel_fn() without knowing whether the caller submitted a struct kiocb or a struct aio_kiocb is unsafe. The following call trace illustrates that without this patch an out-of-bounds write happens if I/O is submitted by io_uring (from a phone with an ARM CPU and kernel 6.1): WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8 Call trace: kiocb_set_cancel_fn+0x9c/0xa8 ffs_epfile_read_iter+0x144/0x1d0 io_read+0x19c/0x498 io_issue_sqe+0x118/0x27c io_submit_sqes+0x25c/0x5fc __arm64_sys_io_uring_enter+0x104/0xab0 invoke_syscall+0x58/0x11c el0_svc_common+0xb4/0xf4 do_el0_svc+0x2c/0xb0 el0_svc+0x2c/0xa4 el0t_64_sync_handler+0x68/0xb4 el0t_64_sync+0x1a4/0x1a8 Cc: Christoph Hellwig <hch(a)lst.de> Cc: Avi Kivity <avi(a)scylladb.com> Cc: Sandeep Dhavale <dhavale(a)google.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Fixes: 63b05203af57 ("[PATCH] AIO: retry infrastructure fixes and enhancements") Cc: <stable(a)vger.kernel.org> Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> --- drivers/usb/gadget/function/f_fs.c | 25 ------------------- drivers/usb/gadget/legacy/inode.c | 20 --------------- fs/aio.c | 39 +++++------------------------- include/linux/aio.h | 9 ------- 4 files changed, 6 insertions(+), 87 deletions(-) diff --git a/drivers/usb/gadget/function/f_fs.c b/drivers/usb/gadget/function/f_fs.c index 6bff6cb93789..59789292f4f7 100644 --- a/drivers/usb/gadget/function/f_fs.c +++ b/drivers/usb/gadget/function/f_fs.c @@ -1157,25 +1157,6 @@ ffs_epfile_open(struct inode *inode, struct file *file) return stream_open(inode, file); } -static int ffs_aio_cancel(struct kiocb *kiocb) -{ - struct ffs_io_data *io_data = kiocb->private; - struct ffs_epfile *epfile = kiocb->ki_filp->private_data; - unsigned long flags; - int value; - - spin_lock_irqsave(&epfile->ffs->eps_lock, flags); - - if (io_data && io_data->ep && io_data->req) - value = usb_ep_dequeue(io_data->ep, io_data->req); - else - value = -EINVAL; - - spin_unlock_irqrestore(&epfile->ffs->eps_lock, flags); - - return value; -} - static ssize_t ffs_epfile_write_iter(struct kiocb *kiocb, struct iov_iter *from) { struct ffs_io_data io_data, *p = &io_data; @@ -1198,9 +1179,6 @@ static ssize_t ffs_epfile_write_iter(struct kiocb *kiocb, struct iov_iter *from) kiocb->private = p; - if (p->aio) - kiocb_set_cancel_fn(kiocb, ffs_aio_cancel); - res = ffs_epfile_io(kiocb->ki_filp, p); if (res == -EIOCBQUEUED) return res; @@ -1242,9 +1220,6 @@ static ssize_t ffs_epfile_read_iter(struct kiocb *kiocb, struct iov_iter *to) kiocb->private = p; - if (p->aio) - kiocb_set_cancel_fn(kiocb, ffs_aio_cancel); - res = ffs_epfile_io(kiocb->ki_filp, p); if (res == -EIOCBQUEUED) return res; diff --git a/drivers/usb/gadget/legacy/inode.c b/drivers/usb/gadget/legacy/inode.c index 03179b1880fd..99b7366d77af 100644 --- a/drivers/usb/gadget/legacy/inode.c +++ b/drivers/usb/gadget/legacy/inode.c @@ -446,25 +446,6 @@ struct kiocb_priv { unsigned actual; }; -static int ep_aio_cancel(struct kiocb *iocb) -{ - struct kiocb_priv *priv = iocb->private; - struct ep_data *epdata; - int value; - - local_irq_disable(); - epdata = priv->epdata; - // spin_lock(&epdata->dev->lock); - if (likely(epdata && epdata->ep && priv->req)) - value = usb_ep_dequeue (epdata->ep, priv->req); - else - value = -EINVAL; - // spin_unlock(&epdata->dev->lock); - local_irq_enable(); - - return value; -} - static void ep_user_copy_worker(struct work_struct *work) { struct kiocb_priv *priv = container_of(work, struct kiocb_priv, work); @@ -537,7 +518,6 @@ static ssize_t ep_aio(struct kiocb *iocb, iocb->private = priv; priv->iocb = iocb; - kiocb_set_cancel_fn(iocb, ep_aio_cancel); get_ep(epdata); priv->epdata = epdata; priv->actual = 0; diff --git a/fs/aio.c b/fs/aio.c index bb2ff48991f3..c20946d5fcf3 100644 --- a/fs/aio.c +++ b/fs/aio.c @@ -203,7 +203,7 @@ struct aio_kiocb { }; struct kioctx *ki_ctx; - kiocb_cancel_fn *ki_cancel; + int (*ki_cancel)(struct kiocb *); struct io_event ki_res; @@ -587,22 +587,6 @@ static int aio_setup_ring(struct kioctx *ctx, unsigned int nr_events) #define AIO_EVENTS_FIRST_PAGE ((PAGE_SIZE - sizeof(struct aio_ring)) / sizeof(struct io_event)) #define AIO_EVENTS_OFFSET (AIO_EVENTS_PER_PAGE - AIO_EVENTS_FIRST_PAGE) -void kiocb_set_cancel_fn(struct kiocb *iocb, kiocb_cancel_fn *cancel) -{ - struct aio_kiocb *req = container_of(iocb, struct aio_kiocb, rw); - struct kioctx *ctx = req->ki_ctx; - unsigned long flags; - - if (WARN_ON_ONCE(!list_empty(&req->ki_list))) - return; - - spin_lock_irqsave(&ctx->ctx_lock, flags); - list_add_tail(&req->ki_list, &ctx->active_reqs); - req->ki_cancel = cancel; - spin_unlock_irqrestore(&ctx->ctx_lock, flags); -} -EXPORT_SYMBOL(kiocb_set_cancel_fn); - /* * free_ioctx() should be RCU delayed to synchronize against the RCU * protected lookup_ioctx() and also needs process context to call @@ -2158,13 +2142,11 @@ COMPAT_SYSCALL_DEFINE3(io_submit, compat_aio_context_t, ctx_id, #endif /* sys_io_cancel: - * Attempts to cancel an iocb previously passed to io_submit. If - * the operation is successfully cancelled, the resulting event is - * copied into the memory pointed to by result without being placed - * into the completion queue and 0 is returned. May fail with - * -EFAULT if any of the data structures pointed to are invalid. - * May fail with -EINVAL if aio_context specified by ctx_id is - * invalid. May fail with -EAGAIN if the iocb specified was not + * Attempts to cancel an IOCB_CMD_POLL iocb previously passed to + * io_submit(). If the operation is successfully cancelled 0 is returned. + * May fail with -EFAULT if any of the data structures pointed to are + * invalid. May fail with -EINVAL if aio_context specified by ctx_id is + * invalid. May fail with -EINPROGRESS if the iocb specified was not * cancelled. Will fail with -ENOSYS if not implemented. */ SYSCALL_DEFINE3(io_cancel, aio_context_t, ctx_id, struct iocb __user *, iocb, @@ -2196,15 +2178,6 @@ SYSCALL_DEFINE3(io_cancel, aio_context_t, ctx_id, struct iocb __user *, iocb, } spin_unlock_irq(&ctx->ctx_lock); - if (!ret) { - /* - * The result argument is no longer used - the io_event is - * always delivered via the ring buffer. -EINPROGRESS indicates - * cancellation is progress: - */ - ret = -EINPROGRESS; - } - percpu_ref_put(&ctx->users); return ret; diff --git a/include/linux/aio.h b/include/linux/aio.h index 86892a4fe7c8..9aabca4a0eed 100644 --- a/include/linux/aio.h +++ b/include/linux/aio.h @@ -2,22 +2,13 @@ #ifndef __LINUX__AIO_H #define __LINUX__AIO_H -#include <linux/aio_abi.h> - -struct kioctx; -struct kiocb; struct mm_struct; -typedef int (kiocb_cancel_fn)(struct kiocb *); - /* prototypes */ #ifdef CONFIG_AIO extern void exit_aio(struct mm_struct *mm); -void kiocb_set_cancel_fn(struct kiocb *req, kiocb_cancel_fn *cancel); #else static inline void exit_aio(struct mm_struct *mm) { } -static inline void kiocb_set_cancel_fn(struct kiocb *req, - kiocb_cancel_fn *cancel) { } #endif /* CONFIG_AIO */ #endif /* __LINUX__AIO_H */

1 year, 7 months

4
5
0 0

[PATCH net 0/7] mptcp: locking cleanup & misc. fixes

by Matthieu Baerts (NGI0)

Patches 1-4 are fixes for issues found by Paolo while working on adding TCP_NOTSENT_LOWAT support. The latter will need to track more states under the msk data lock. Since the locking msk locking schema is already quite complex, do a long awaited clean-up step by moving several confusing lockless initialization under the relevant locks. Note that it is unlikely a real race could happen even prior to such patches as the MPTCP-level state machine implicitly ensures proper serialization of the write accesses, even lacking explicit lock. But still, simplification is welcome and this will help for the maintenance. This can be backported up to v5.6. Patch 5 is a fix for the userspace PM, not to add new local address entries if the address is already in the list. This behaviour can be seen since v5.19. Patch 6 fixes an issue when Fastopen is used. The issue can happen since v6.2. A previous fix has already been applied, but not taking care of all cases according to syzbot. Patch 7 updates Geliang's email address in the MAINTAINERS file. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Geliang Tang (2): mptcp: check addrs list in userspace_pm_get_local_id MAINTAINERS: update Geliang's email address Paolo Abeni (5): mptcp: drop the push_pending field mptcp: fix rcv space initialization mptcp: fix more tx path fields initialization mptcp: corner case locking for rx path fields initialization mptcp: really cope with fastopen race .mailmap | 9 +++--- MAINTAINERS | 2 +- net/mptcp/fastopen.c | 6 ++-- net/mptcp/options.c | 9 +++--- net/mptcp/pm_userspace.c | 13 ++++++++- net/mptcp/protocol.c | 31 +++++++++++---------- net/mptcp/protocol.h | 16 ++++++----- net/mptcp/subflow.c | 71 ++++++++++++++++++++++++++++++------------------ 8 files changed, 95 insertions(+), 62 deletions(-) --- base-commit: 335bac1daae3fd9070d0f9f34d7d7ba708729256 change-id: 20240202-upstream-net-20240202-locking-cleanup-misc-5f2ee79d8356 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

1 year, 7 months

2
7
0 0

[PATCH] comedi: comedi_8255: Correct error in subdevice initialization

by Frej Drejhammar

The refactoring done in commit 5c57b1ccecc7 ("comedi: comedi_8255: Rework subdevice initialization functions") to the initialization of the io field of struct subdev_8255_private broke all cards using the drivers/comedi/drivers/comedi_8255.c module. Prior to 5c57b1ccecc7, __subdev_8255_init() initialized the io field in the newly allocated struct subdev_8255_private to the non-NULL callback given to the function, otherwise it used a flag parameter to select between subdev_8255_mmio and subdev_8255_io. The refactoring removed that logic and the flag, as subdev_8255_mm_init() and subdev_8255_io_init() now explicitly pass subdev_8255_mmio and subdev_8255_io respectively to __subdev_8255_init(), only __subdev_8255_init() never sets spriv->io to the supplied callback. That spriv->io is NULL leads to a later BUG: BUG: kernel NULL pointer dereference, address: 0000000000000000 PGD 0 P4D 0 Oops: 0010 [#1] SMP PTI CPU: 1 PID: 1210 Comm: systemd-udevd Not tainted 6.7.3-x86_64 #1 Hardware name: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX RIP: 0010:0x0 Code: Unable to access opcode bytes at 0xffffffffffffffd6. RSP: 0018:ffffa3f1c02d7b78 EFLAGS: 00010202 RAX: 0000000000000000 RBX: ffff91f847aefd00 RCX: 000000000000009b RDX: 0000000000000003 RSI: 0000000000000001 RDI: ffff91f840f6fc00 RBP: ffff91f840f6fc00 R08: 0000000000000000 R09: 0000000000000001 R10: 0000000000000000 R11: 000000000000005f R12: 0000000000000000 R13: 0000000000000000 R14: ffffffffc0102498 R15: ffff91f847ce6ba8 FS: 00007f72f4e8f500(0000) GS:ffff91f8d5c80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 000000010540e000 CR4: 00000000000406f0 Call Trace: <TASK> ? __die_body+0x15/0x57 ? page_fault_oops+0x2ef/0x33c ? insert_vmap_area.constprop.0+0xb6/0xd5 ? alloc_vmap_area+0x529/0x5ee ? exc_page_fault+0x15a/0x489 ? asm_exc_page_fault+0x22/0x30 __subdev_8255_init+0x79/0x8d [comedi_8255] pci_8255_auto_attach+0x11a/0x139 [8255_pci] comedi_auto_config+0xac/0x117 [comedi] ? __pfx___driver_attach+0x10/0x10 pci_device_probe+0x88/0xf9 really_probe+0x101/0x248 __driver_probe_device+0xbb/0xed driver_probe_device+0x1a/0x72 __driver_attach+0xd4/0xed bus_for_each_dev+0x76/0xb8 bus_add_driver+0xbe/0x1be driver_register+0x9a/0xd8 comedi_pci_driver_register+0x28/0x48 [comedi_pci] ? __pfx_pci_8255_driver_init+0x10/0x10 [8255_pci] do_one_initcall+0x72/0x183 do_init_module+0x5b/0x1e8 init_module_from_file+0x86/0xac __do_sys_finit_module+0x151/0x218 do_syscall_64+0x72/0xdb entry_SYSCALL_64_after_hwframe+0x6e/0x76 RIP: 0033:0x7f72f50a0cb9 Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 47 71 0c 00 f7 d8 64 89 01 48 RSP: 002b:00007ffd47e512d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 RAX: ffffffffffffffda RBX: 0000562dd06ae070 RCX: 00007f72f50a0cb9 RDX: 0000000000000000 RSI: 00007f72f52d32df RDI: 000000000000000e RBP: 0000000000000000 R08: 00007f72f5168b20 R09: 0000000000000000 R10: 0000000000000050 R11: 0000000000000246 R12: 00007f72f52d32df R13: 0000000000020000 R14: 0000562dd06785c0 R15: 0000562dcfd0e9a8 </TASK> Modules linked in: 8255_pci(+) comedi_8255 comedi_pci comedi intel_gtt e100(+) acpi_cpufreq rtc_cmos usbhid CR2: 0000000000000000 ---[ end trace 0000000000000000 ]--- RIP: 0010:0x0 Code: Unable to access opcode bytes at 0xffffffffffffffd6. RSP: 0018:ffffa3f1c02d7b78 EFLAGS: 00010202 RAX: 0000000000000000 RBX: ffff91f847aefd00 RCX: 000000000000009b RDX: 0000000000000003 RSI: 0000000000000001 RDI: ffff91f840f6fc00 RBP: ffff91f840f6fc00 R08: 0000000000000000 R09: 0000000000000001 R10: 0000000000000000 R11: 000000000000005f R12: 0000000000000000 R13: 0000000000000000 R14: ffffffffc0102498 R15: ffff91f847ce6ba8 FS: 00007f72f4e8f500(0000) GS:ffff91f8d5c80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 000000010540e000 CR4: 00000000000406f0 This patch simply corrects the above mistake by initializing spriv->io to the given io callback. Fixes: 5c57b1ccecc7 ("comedi: comedi_8255: Rework subdevice initialization functions") Signed-off-by: Frej Drejhammar <frej.drejhammar(a)gmail.com> Cc: <stable(a)vger.kernel.org> --- drivers/comedi/drivers/comedi_8255.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/comedi/drivers/comedi_8255.c b/drivers/comedi/drivers/comedi_8255.c index e4974b508328..a933ef53845a 100644 --- a/drivers/comedi/drivers/comedi_8255.c +++ b/drivers/comedi/drivers/comedi_8255.c @@ -159,6 +159,7 @@ static int __subdev_8255_init(struct comedi_device *dev, return -ENOMEM; spriv->context = context; + spriv->io = io; s->type = COMEDI_SUBD_DIO; s->subdev_flags = SDF_READABLE | SDF_WRITABLE; -- 2.43.0

1 year, 7 months

2
1
0 0

[PATCH] scsi: elx: efct: adjust error handling inside efct_hw_setup_io

by Fedor Pchelkin

IO and WQE buffers are allocated once per HW and can be reused later. If WQE buffers allocation fails then the whole allocation is marked as failed but already created IO array internal objects are not freed. hw->io is freed but not nullified in that specific case - it may become a problem later as efct_hw_setup_io() is supposed to be reusable for the same HW. While at it, use kcalloc instead of kmalloc_array/memset-zero combination and get rid of some needless NULL assignments: nullifying hw->io[i] elements just before freeing hw->io is not really useful. Found by Linux Verification Center (linuxtesting.org). Fixes: 4df84e846624 ("scsi: elx: efct: Driver initialization routines") Cc: stable(a)vger.kernel.org Signed-off-by: Fedor Pchelkin <pchelkin(a)ispras.ru> --- drivers/scsi/elx/efct/efct_hw.c | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/drivers/scsi/elx/efct/efct_hw.c b/drivers/scsi/elx/efct/efct_hw.c index 5a5525054d71..e5486e6949f9 100644 --- a/drivers/scsi/elx/efct/efct_hw.c +++ b/drivers/scsi/elx/efct/efct_hw.c @@ -487,12 +487,10 @@ efct_hw_setup_io(struct efct_hw *hw) struct efct *efct = hw->os; if (!hw->io) { - hw->io = kmalloc_array(hw->config.n_io, sizeof(io), GFP_KERNEL); + hw->io = kcalloc(hw->config.n_io, sizeof(io), GFP_KERNEL); if (!hw->io) return -ENOMEM; - memset(hw->io, 0, hw->config.n_io * sizeof(io)); - for (i = 0; i < hw->config.n_io; i++) { hw->io[i] = kzalloc(sizeof(*io), GFP_KERNEL); if (!hw->io[i]) @@ -502,10 +500,8 @@ efct_hw_setup_io(struct efct_hw *hw) /* Create WQE buffs for IO */ hw->wqe_buffs = kzalloc((hw->config.n_io * hw->sli.wqe_size), GFP_KERNEL); - if (!hw->wqe_buffs) { - kfree(hw->io); - return -ENOMEM; - } + if (!hw->wqe_buffs) + goto error; } else { /* re-use existing IOs, including SGLs */ @@ -586,10 +582,8 @@ efct_hw_setup_io(struct efct_hw *hw) return 0; error: - for (i = 0; i < hw->config.n_io && hw->io[i]; i++) { + for (i = 0; i < hw->config.n_io && hw->io[i]; i++) kfree(hw->io[i]); - hw->io[i] = NULL; - } kfree(hw->io); hw->io = NULL; -- 2.39.2

1 year, 7 months

2
3
0 0

[PATCH stable 5.4 v2] net: bcmgenet: Fix EEE implementation

by Florian Fainelli

commit a9f31047baca57d47440c879cf259b86f900260c upstream We had a number of short comings: - EEE must be re-evaluated whenever the state machine detects a link change as wight be switching from a link partner with EEE enabled/disabled - tx_lpi_enabled controls whether EEE should be enabled/disabled for the transmit path, which applies to the TBUF block - We do not need to forcibly enable EEE upon system resume, as the PHY state machine will trigger a link event that will do that, too Fixes: 6ef398ea60d9 ("net: bcmgenet: add EEE support") Signed-off-by: Florian Fainelli <florian.fainelli(a)broadcom.com> Reviewed-by: Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> Link: https://lore.kernel.org/r/20230606214348.2408018-1-florian.fainelli@broadco… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> Signed-off-by: Florian Fainelli <florian.fainelli(a)broadcom.com> --- Changes in v2: - removed Changed-id .../net/ethernet/broadcom/genet/bcmgenet.c | 22 +++++++------------ .../net/ethernet/broadcom/genet/bcmgenet.h | 3 +++ drivers/net/ethernet/broadcom/genet/bcmmii.c | 6 +++++ 3 files changed, 17 insertions(+), 14 deletions(-) diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.c b/drivers/net/ethernet/broadcom/genet/bcmgenet.c index eeadeeec17ba..380bf7a328ba 100644 --- a/drivers/net/ethernet/broadcom/genet/bcmgenet.c +++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.c @@ -1018,7 +1018,8 @@ static void bcmgenet_get_ethtool_stats(struct net_device *dev, } } -static void bcmgenet_eee_enable_set(struct net_device *dev, bool enable) +void bcmgenet_eee_enable_set(struct net_device *dev, bool enable, + bool tx_lpi_enabled) { struct bcmgenet_priv *priv = netdev_priv(dev); u32 off = priv->hw_params->tbuf_offset + TBUF_ENERGY_CTRL; @@ -1038,7 +1039,7 @@ static void bcmgenet_eee_enable_set(struct net_device *dev, bool enable) /* Enable EEE and switch to a 27Mhz clock automatically */ reg = bcmgenet_readl(priv->base + off); - if (enable) + if (tx_lpi_enabled) reg |= TBUF_EEE_EN | TBUF_PM_EN; else reg &= ~(TBUF_EEE_EN | TBUF_PM_EN); @@ -1059,6 +1060,7 @@ static void bcmgenet_eee_enable_set(struct net_device *dev, bool enable) priv->eee.eee_enabled = enable; priv->eee.eee_active = enable; + priv->eee.tx_lpi_enabled = tx_lpi_enabled; } static int bcmgenet_get_eee(struct net_device *dev, struct ethtool_eee *e) @@ -1074,6 +1076,7 @@ static int bcmgenet_get_eee(struct net_device *dev, struct ethtool_eee *e) e->eee_enabled = p->eee_enabled; e->eee_active = p->eee_active; + e->tx_lpi_enabled = p->tx_lpi_enabled; e->tx_lpi_timer = bcmgenet_umac_readl(priv, UMAC_EEE_LPI_TIMER); return phy_ethtool_get_eee(dev->phydev, e); @@ -1083,7 +1086,6 @@ static int bcmgenet_set_eee(struct net_device *dev, struct ethtool_eee *e) { struct bcmgenet_priv *priv = netdev_priv(dev); struct ethtool_eee *p = &priv->eee; - int ret = 0; if (GENET_IS_V1(priv)) return -EOPNOTSUPP; @@ -1094,16 +1096,11 @@ static int bcmgenet_set_eee(struct net_device *dev, struct ethtool_eee *e) p->eee_enabled = e->eee_enabled; if (!p->eee_enabled) { - bcmgenet_eee_enable_set(dev, false); + bcmgenet_eee_enable_set(dev, false, false); } else { - ret = phy_init_eee(dev->phydev, 0); - if (ret) { - netif_err(priv, hw, dev, "EEE initialization failed\n"); - return ret; - } - + p->eee_active = phy_init_eee(dev->phydev, false) >= 0; bcmgenet_umac_writel(priv, e->tx_lpi_timer, UMAC_EEE_LPI_TIMER); - bcmgenet_eee_enable_set(dev, true); + bcmgenet_eee_enable_set(dev, p->eee_active, e->tx_lpi_enabled); } return phy_ethtool_set_eee(dev->phydev, e); @@ -3688,9 +3685,6 @@ static int bcmgenet_resume(struct device *d) if (!device_may_wakeup(d)) phy_resume(dev->phydev); - if (priv->eee.eee_enabled) - bcmgenet_eee_enable_set(dev, true); - bcmgenet_netif_start(dev); netif_device_attach(dev); diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.h b/drivers/net/ethernet/broadcom/genet/bcmgenet.h index 5b7c2f9241d0..29bf256d13f6 100644 --- a/drivers/net/ethernet/broadcom/genet/bcmgenet.h +++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.h @@ -736,4 +736,7 @@ int bcmgenet_wol_power_down_cfg(struct bcmgenet_priv *priv, void bcmgenet_wol_power_up_cfg(struct bcmgenet_priv *priv, enum bcmgenet_power_mode mode); +void bcmgenet_eee_enable_set(struct net_device *dev, bool enable, + bool tx_lpi_enabled); + #endif /* __BCMGENET_H__ */ diff --git a/drivers/net/ethernet/broadcom/genet/bcmmii.c b/drivers/net/ethernet/broadcom/genet/bcmmii.c index 2fbec2acb606..026f00ccaa0c 100644 --- a/drivers/net/ethernet/broadcom/genet/bcmmii.c +++ b/drivers/net/ethernet/broadcom/genet/bcmmii.c @@ -25,6 +25,7 @@ #include "bcmgenet.h" + /* setup netdev link state when PHY link status change and * update UMAC and RGMII block when link up */ @@ -96,6 +97,11 @@ void bcmgenet_mii_setup(struct net_device *dev) CMD_RX_PAUSE_IGNORE | CMD_TX_PAUSE_IGNORE); reg |= cmd_bits; bcmgenet_umac_writel(priv, reg, UMAC_CMD); + + priv->eee.eee_active = phy_init_eee(phydev, 0) >= 0; + bcmgenet_eee_enable_set(dev, + priv->eee.eee_enabled && priv->eee.eee_active, + priv->eee.tx_lpi_enabled); } else { /* done if nothing has changed */ if (!status_changed) -- 2.34.1

1 year, 7 months

2
3
0 0

[PATCH] power: supply: mm8013: select REGMAP_I2C

by Thomas Weißschuh

The driver uses regmap APIs so it should make sure they are available. Fixes: c75f4bf6800b ("power: supply: Introduce MM8013 fuel gauge driver") Cc: <stable(a)vger.kernel.org> Signed-off-by: Thomas Weißschuh <linux(a)weissschuh.net> --- drivers/power/supply/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/power/supply/Kconfig b/drivers/power/supply/Kconfig index f21cb05815ec..3e31375491d5 100644 --- a/drivers/power/supply/Kconfig +++ b/drivers/power/supply/Kconfig @@ -978,6 +978,7 @@ config CHARGER_QCOM_SMB2 config FUEL_GAUGE_MM8013 tristate "Mitsumi MM8013 fuel gauge driver" depends on I2C + select REGMAP_I2C help Say Y here to enable the Mitsumi MM8013 fuel gauge driver. It enables the monitoring of many battery parameters, including --- base-commit: 54be6c6c5ae8e0d93a6c4641cb7528eb0b6ba478 change-id: 20240204-mm8013-regmap-d8d18ada07c2 Best regards, -- Thomas Weißschuh <linux(a)weissschuh.net>

1 year, 7 months

3
2
0 0

Please apply commit b4909252da9b ("drivers: lkdtm: fix clang -Wformat warning") to v5.15.y

by Guenter Roeck

Hi, please consider applying the following patch to v5.15.y to fix a build error seen with various test builds (m68k:allmodconfig, powerpc:allmodconfig, powerpc:ppc32_allmodconfig, and xtensa:allmodconfig). b4909252da9b ("drivers: lkdtm: fix clang -Wformat warning") Thanks, Guenter

1 year, 7 months

2
1
0 0

[PATCH v2 5.15.y 0/3] Backport Fixes to 5.15.y

by Guruswamy Basavaiah

Correction: The subject line in my previous message erroneously stated "5.10.y" in patch 2/3 and 3/3, instead of the correct "5.15.y." Sending again after correction. Here are the three backported patches aimed at addressing a potential crash and an actual crash. Patch 1 Fix potential OOB access in receive_encrypted_standard() if server returned a large shdr->NextCommand in cifs. Patch 2 fix validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts(). Patch 3 fix issue in patch 2. The original patches were authored by Paulo Alcantara <pc(a)manguebit.com>. Original Patches: 1. eec04ea11969 ("smb: client: fix OOB in receive_encrypted_standard()") 2. af1689a9b770 ("smb: client: fix potential OOBs in smb2_parse_contexts()") 3. 76025cc2285d ("smb: client: fix parsing of SMB3.1.1 POSIX create context") Please review and consider applying these patches. https://lore.kernel.org/all/2023121834-semisoft-snarl-49ad@gregkh/ fs/cifs/smb2ops.c | 4 +++- fs/cifs/smb2pdu.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++------------------------------------- fs/cifs/smb2proto.h | 12 +++++++----- 3 files changed, 66 insertions(+), 43 deletions(-)

1 year, 7 months

1
3
0 0

[PATCH 5.15.y 1/3] smb: client: fix OOB in receive_encrypted_standard()

by Guruswamy Basavaiah

From: Paulo Alcantara <pc(a)manguebit.com> [ Upstream commit eec04ea119691e65227a97ce53c0da6b9b74b0b7 ] Fix potential OOB in receive_encrypted_standard() if server returned a large shdr->NextCommand that would end up writing off the end of @next_buffer. Fixes: b24df3e30cbf ("cifs: update receive_encrypted_standard to handle compounded responses") Cc: stable(a)vger.kernel.org Reported-by: Robert Morris <rtm(a)csail.mit.edu> Signed-off-by: Paulo Alcantara (SUSE) <pc(a)manguebit.com> Signed-off-by: Steve French <stfrench(a)microsoft.com> [Guru: receive_encrypted_standard() is present in file smb2ops.c, smb2ops.c file location is changed, modified patch accordingly.] Signed-off-by: Guruswamy Basavaiah <guruswamy.basavaiah(a)broadcom.com> --- fs/cifs/smb2ops.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c index f31da2647d04..867b32b1393f 100644 --- a/fs/cifs/smb2ops.c +++ b/fs/cifs/smb2ops.c @@ -5153,6 +5153,7 @@ receive_encrypted_standard(struct TCP_Server_Info *server, struct smb2_sync_hdr *shdr; unsigned int pdu_length = server->pdu_size; unsigned int buf_size; + unsigned int next_cmd; struct mid_q_entry *mid_entry; int next_is_large; char *next_buffer = NULL; @@ -5181,14 +5182,15 @@ receive_encrypted_standard(struct TCP_Server_Info *server, next_is_large = server->large_buf; one_more: shdr = (struct smb2_sync_hdr *)buf; - if (shdr->NextCommand) { + next_cmd = le32_to_cpu(shdr->NextCommand); + if (next_cmd) { + if (WARN_ON_ONCE(next_cmd > pdu_length)) + return -1; if (next_is_large) next_buffer = (char *)cifs_buf_get(); else next_buffer = (char *)cifs_small_buf_get(); - memcpy(next_buffer, - buf + le32_to_cpu(shdr->NextCommand), - pdu_length - le32_to_cpu(shdr->NextCommand)); + memcpy(next_buffer, buf + next_cmd, pdu_length - next_cmd); } mid_entry = smb2_find_mid(server, buf); @@ -5212,8 +5214,8 @@ receive_encrypted_standard(struct TCP_Server_Info *server, else ret = cifs_handle_standard(server, mid_entry); - if (ret == 0 && shdr->NextCommand) { - pdu_length -= le32_to_cpu(shdr->NextCommand); + if (ret == 0 && next_cmd) { + pdu_length -= next_cmd; server->large_buf = next_is_large; if (next_is_large) server->bigbuf = buf = next_buffer; -- 2.25.1

1 year, 7 months

1
5
0 0

[PATCH v2] Revert "usb: typec: tcpm: fix cc role at port reset"

by Badhri Jagan Sridharan

This reverts commit 1e35f074399dece73d5df11847d4a0d7a6f49434. Given that ERROR_RECOVERY calls into PORT_RESET for Hi-Zing the CC pins, setting CC pins to default state during PORT_RESET breaks error recovery. 4.5.2.2.2.1 ErrorRecovery State Requirements The port shall not drive VBUS or VCONN, and shall present a high-impedance to ground (above zOPEN) on its CC1 and CC2 pins. Hi-Zing the CC pins is the inteded behavior for PORT_RESET. CC pins are set to default state after tErrorRecovery in PORT_RESET_WAIT_OFF. 4.5.2.2.2.2 Exiting From ErrorRecovery State A Sink shall transition to Unattached.SNK after tErrorRecovery. A Source shall transition to Unattached.SRC after tErrorRecovery. Cc: stable(a)vger.kernel.org Cc: Frank Wang <frank.wang(a)rock-chips.com> Fixes: 1e35f074399d ("usb: typec: tcpm: fix cc role at port reset") Signed-off-by: Badhri Jagan Sridharan <badhri(a)google.com> --- drivers/usb/typec/tcpm/tcpm.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/usb/typec/tcpm/tcpm.c b/drivers/usb/typec/tcpm/tcpm.c index 5945e3a2b0f7..9d410718eaf4 100644 --- a/drivers/usb/typec/tcpm/tcpm.c +++ b/drivers/usb/typec/tcpm/tcpm.c @@ -4876,8 +4876,7 @@ static void run_state_machine(struct tcpm_port *port) break; case PORT_RESET: tcpm_reset_port(port); - tcpm_set_cc(port, tcpm_default_state(port) == SNK_UNATTACHED ? - TYPEC_CC_RD : tcpm_rp_cc(port)); + tcpm_set_cc(port, TYPEC_CC_OPEN); tcpm_set_state(port, PORT_RESET_WAIT_OFF, PD_T_ERROR_RECOVERY); break; base-commit: 933bb7b878ddd0f8c094db45551a7daddf806e00 -- 2.43.0.429.g432eaa2c6b-goog

1 year, 7 months

5
4
0 0

[REGRESSION] 6.7.0: ASoC: SOF: refactoring breaks sof-rt5682 audio on chromebook; successfully bisected

by Mole Shang

I'm relatively new here, first time reporting a regression, so apologies in advance if I'm doing something wrong. I'm using Arch Linux (linux-mainline kernel) on my chromebook Acer Spin 713-2W (Voxel), and after upgrading linux-mainline from 6.7-rc4 to 6.7-rc5 the audio setup isn't working anymore. Firstly I suspected its some changes in the sof- firmware, yet got no luck in upgrading sof-firmware (2023.09.2 -> 2023.12). On certain chromebooks, audio setup needs custom ALSA ucm confs [1], but after contacting the chromebook-linux-audio developer [2], I think it's not a conf problem, but rather a kernel regression. After hours of bisecting, the first bad commit 31ed8da (ASoC: SOF: sof-audio: Modify logic for enabling/disabling topology cores) ensures the regression. demsg log pasted below: // before 31ed8da, working [ 61.572587] sof-audio-pci-intel-tgl 0000:00:1f.3: ipc tx error for 0x60010000 (msg/reply size: 108/20): -22 [ 61.572593] sof-audio-pci-intel-tgl 0000:00:1f.3: HW params ipc failed for stream 1 [ 61.572594] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_hw_params on 0000:00:1f.3: -22 [ 61.573247] sof-audio-pci-intel-tgl 0000:00:1f.3: ipc tx error for 0x60010000 (msg/reply size: 108/20): -22 [ 61.573250] sof-audio-pci-intel-tgl 0000:00:1f.3: HW params ipc failed for stream 1 [ 61.573251] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_hw_params on 0000:00:1f.3: -22 [ 61.573888] sof-audio-pci-intel-tgl 0000:00:1f.3: ipc tx error for 0x60010000 (msg/reply size: 108/20): -22 [ 61.573892] sof-audio-pci-intel-tgl 0000:00:1f.3: HW params ipc failed for stream 1 [ 61.573893] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_hw_params on 0000:00:1f.3: -22 [ 61.574570] sof-audio-pci-intel-tgl 0000:00:1f.3: ipc tx error for 0x60010000 (msg/reply size: 108/20): -22 [ 61.574572] sof-audio-pci-intel-tgl 0000:00:1f.3: HW params ipc failed for stream 1 [ 61.574573] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_hw_params on 0000:00:1f.3: -22 // after 31ed8da, broken [ 48.930740] sof-audio-pci-intel-tgl 0000:00:1f.3: ipc tx error for 0x30020000 (msg/reply size: 12/0): -13 [ 48.930762] sof-audio-pci-intel-tgl 0000:00:1f.3: failed to free widget DMIC0.IN [ 57.235697] sof-audio-pci-intel-tgl 0000:00:1f.3: ipc tx error for 0x30030000 (msg/reply size: 16/0): -22 [ 57.235701] sof-audio-pci-intel-tgl 0000:00:1f.3: sof_ipc3_route_setup: route DMIC0.IN -> BUF4.0 failed [ 57.235703] sof-audio-pci-intel-tgl 0000:00:1f.3: sof_ipc3_set_up_all_pipelines: route set up failed [ 57.235704] sof-audio-pci-intel-tgl 0000:00:1f.3: Failed to restore pipeline after resume -22 [ 57.235706] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_pm_runtime_get on 0000:00:1f.3: -22 [ 57.235926] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_pm_runtime_get on 0000:00:1f.3: -22 [ 57.235966] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_pm_runtime_get on 0000:00:1f.3: -22 [ 57.236006] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_pm_runtime_get on 0000:00:1f.3: -22 [ 57.236041] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_pm_runtime_get on 0000:00:1f.3: -22 [ 57.236074] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_pm_runtime_get on 0000:00:1f.3: -22 [ 57.236107] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_pm_runtime_get on 0000:00:1f.3: -22 [ 57.236141] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_pm_runtime_get on 0000:00:1f.3: -22 [ 57.236173] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_pm_runtime_get on 0000:00:1f.3: -22 [ 57.236205] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_pm_runtime_get on 0000:00:1f.3: -22 [ 57.236239] sof-audio-pci-intel-tgl 0000:00:1f.3: ASoC: error at snd_soc_pcm_component_pm_runtime_get on 0000:00:1f.3: -22 Steps to reproduce: - Run chromebook-linux-audio script [2] (this would install custom sof-rt5682 ucm confs [1] into /usr/share/alsa/ucm2/conf.d/sof-rt5682 and write a line `options snd-intel-dspcfg dsp_driver=3` to /etc/modprobe.d/snd-sof.conf) - Reboot, gets audio working on kernels before 31ed8da - Install latest stable kernel (6.7.3), audio broken - Install latest git kernel (6.8-rc2), audio broken - Revert 31ed8da, build upon latest linux-git (6.8-rc2), audio working Apologies for my busyiness that I should have reported it long before the regression enters stable and lts, but sadly linux-lts (6.6.13) seems to be affected too [3]. Please let me know if there's any other thing that I can help debugging. -- Mole Shang [1]: https://github.com/WeirdTreeThing/chromebook-ucm-conf/tree/main/sof-rt5682 [2]: https://github.com/WeirdTreeThing/chromebook-linux-audio/issues/70 [3]: https://github.com/WeirdTreeThing/chromebook-linux-audio/issues/ 70#issuecomment-1911048309 #regzbot introduced: 31ed8da1c8e5e504710bb36863700e3389f8fc81

1 year, 7 months

2
1
0 0

[char-misc 1/2] mei: me: add arrow lake point S DID

by Tomas Winkler

From: Alexander Usyskin <alexander.usyskin(a)intel.com> Add Arrow Lake S device id. Cc: <stable(a)vger.kernel.org> Signed-off-by: Alexander Usyskin <alexander.usyskin(a)intel.com> Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com> --- drivers/misc/mei/hw-me-regs.h | 1 + drivers/misc/mei/pci-me.c | 1 + 2 files changed, 2 insertions(+) diff --git a/drivers/misc/mei/hw-me-regs.h b/drivers/misc/mei/hw-me-regs.h index 961e5d53a27a8c4221b4b33c..b10536e4974dbdeed046f4f0 100644 --- a/drivers/misc/mei/hw-me-regs.h +++ b/drivers/misc/mei/hw-me-regs.h @@ -112,6 +112,7 @@ #define MEI_DEV_ID_RPL_S 0x7A68 /* Raptor Lake Point S */ #define MEI_DEV_ID_MTL_M 0x7E70 /* Meteor Lake Point M */ +#define MEI_DEV_ID_ARL_S 0x7F68 /* Arrow Lake Point S */ /* * MEI HW Section diff --git a/drivers/misc/mei/pci-me.c b/drivers/misc/mei/pci-me.c index 676d566f38ddfd2cbb5c167f..1a614fb7fdb675e77bcb6be8 100644 --- a/drivers/misc/mei/pci-me.c +++ b/drivers/misc/mei/pci-me.c @@ -119,6 +119,7 @@ static const struct pci_device_id mei_me_pci_tbl[] = { {MEI_PCI_DEVICE(MEI_DEV_ID_RPL_S, MEI_ME_PCH15_CFG)}, {MEI_PCI_DEVICE(MEI_DEV_ID_MTL_M, MEI_ME_PCH15_CFG)}, + {MEI_PCI_DEVICE(MEI_DEV_ID_ARL_S, MEI_ME_PCH15_CFG)}, /* required last entry */ {0, } -- 2.43.0

1 year, 7 months

1
1
0 0

Re: [PATCH v2] btrfs: handle missing chunk mapping more gracefully

by Celeste Liu

On 3/2/23 09:54, Qu Wenruo wrote: > [BUG] > During my scrub rework, I did a stupid thing like this: > > bio->bi_iter.bi_sector = stripe->logical; > btrfs_submit_bio(fs_info, bio, stripe->mirror_num); > > Above bi_sector assignment is using logical address directly, which > lacks ">> SECTOR_SHIFT". > > This results a read on a range which has no chunk mapping. > > This results the following crash: > > BTRFS critical (device dm-1): unable to find logical 11274289152 length 65536 > assertion failed: !IS_ERR(em), in fs/btrfs/volumes.c:6387 > ------------[ cut here ]------------ > > Sure this is all my fault, but this shows a possible problem in real > world, that some bitflip in file extents/tree block can point to > unmapped ranges, and trigger above ASSERT(), or if CONFIG_BTRFS_ASSERT > is not configured, cause invalid pointer. > > [PROBLEMS] > In above call chain, we just don't handle the possible error from > btrfs_get_chunk_map() inside __btrfs_map_block(). > > [FIX] > The fix is pretty straightforward, just replace the ASSERT() with proper > error handling. > > Signed-off-by: Qu Wenruo <wqu(a)suse.com> > --- > Changelog: > v2: > - Rebased to latest misc-next > The error path in bio.c is already fixed, thus only need to replace > the ASSERT() in __btrfs_map_block(). > --- > fs/btrfs/volumes.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c > index 4d479ac233a4..93bc45001e68 100644 > --- a/fs/btrfs/volumes.c > +++ b/fs/btrfs/volumes.c > @@ -6242,7 +6242,8 @@ int __btrfs_map_block(struct btrfs_fs_info *fs_info, enum btrfs_map_op op, > return -EINVAL; > > em = btrfs_get_chunk_map(fs_info, logical, *length); > - ASSERT(!IS_ERR(em)); > + if (IS_ERR(em)) > + return PTR_ERR(em); > > map = em->map_lookup; > data_stripes = nr_data_stripes(map); This bug affects 6.1.y LTS branch but no backport commit of this fix in 6.1.y branch. Please include it. Thanks.

1 year, 7 months

2
3
0 0

+ mm-memblock-add-memblock_rsrv_noinit-into-flagname-array.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/memblock: add MEMBLOCK_RSRV_NOINIT into flagname[] array has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-memblock-add-memblock_rsrv_noinit-into-flagname-array.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Anshuman Khandual <anshuman.khandual(a)arm.com> Subject: mm/memblock: add MEMBLOCK_RSRV_NOINIT into flagname[] array Date: Fri, 9 Feb 2024 08:39:12 +0530 The commit 77e6c43e137c ("memblock: introduce MEMBLOCK_RSRV_NOINIT flag") skipped adding this newly introduced memblock flag into flagname[] array, thus preventing a correct memblock flags output for applicable memblock regions. Link: https://lkml.kernel.org/r/20240209030912.1382251-1-anshuman.khandual@arm.com Fixes: 77e6c43e137c ("memblock: introduce MEMBLOCK_RSRV_NOINIT flag") Signed-off-by: Anshuman Khandual <anshuman.khandual(a)arm.com> Cc: Mike Rapoport <rppt(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/memblock.c | 1 + 1 file changed, 1 insertion(+) --- a/mm/memblock.c~mm-memblock-add-memblock_rsrv_noinit-into-flagname-array +++ a/mm/memblock.c @@ -2249,6 +2249,7 @@ static const char * const flagname[] = { [ilog2(MEMBLOCK_MIRROR)] = "MIRROR", [ilog2(MEMBLOCK_NOMAP)] = "NOMAP", [ilog2(MEMBLOCK_DRIVER_MANAGED)] = "DRV_MNG", + [ilog2(MEMBLOCK_RSRV_NOINIT)] = "RSV_NIT", }; static int memblock_debug_show(struct seq_file *m, void *private) _ Patches currently in -mm which might be from anshuman.khandual(a)arm.com are fs-proc-task_mmu-add-display-flag-for-vm_mayoverlay.patch mm-memblock-add-memblock_rsrv_noinit-into-flagname-array.patch mm-cma-dont-treat-bad-input-arguments-for-cma_alloc-as-its-failure.patch mm-cma-drop-config_cma_debug.patch mm-cma-make-max_cma_areas-=-config_cma_areas.patch mm-cma-add-sysfs-file-release_pages_success.patch

1 year, 7 months

1
0
0 0

[PATCH] drm/buddy: Fix alloc_range() error handling code

by Arunpravin Paneer Selvam

Few users have observed display corruption when they boot the machine to KDE Plasma or playing games. We have root caused the problem that whenever alloc_range() couldn't find the required memory blocks the function was returning SUCCESS in some of the corner cases. The right approach would be if the total allocated size is less than the required size, the function should return -ENOSPC. Cc: <stable(a)vger.kernel.org> # 6.7+ Fixes: 0a1844bf0b53 ("drm/buddy: Improve contiguous memory allocation") Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3097 Tested-by: Mario Limonciello <mario.limonciello(a)amd.com> Link: https://patchwork.kernel.org/project/dri-devel/patch/20240207174456.341121-… Acked-by: Christian König <christian.koenig(a)amd.com> Reviewed-by: Matthew Auld <matthew.auld(a)intel.com> Signed-off-by: Arunpravin Paneer Selvam <Arunpravin.PaneerSelvam(a)amd.com> --- drivers/gpu/drm/drm_buddy.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/gpu/drm/drm_buddy.c b/drivers/gpu/drm/drm_buddy.c index f57e6d74fb0e..c1a99bf4dffd 100644 --- a/drivers/gpu/drm/drm_buddy.c +++ b/drivers/gpu/drm/drm_buddy.c @@ -539,6 +539,12 @@ static int __alloc_range(struct drm_buddy *mm, } while (1); list_splice_tail(&allocated, blocks); + + if (total_allocated < size) { + err = -ENOSPC; + goto err_free; + } + return 0; err_undo: -- 2.25.1

1 year, 7 months

3
3
0 0

[PATCH 6.6 00/21] xfs backports for 6.6.y (from v6.7)

by Catherine Hoang

Hello, This series contains backports for 6.6 from the 6.7 release. This patchset has gone through xfs testing and review. Anthony Iliopoulos (1): xfs: fix again select in kconfig XFS_ONLINE_SCRUB_STATS Catherine Hoang (2): MAINTAINERS: add Catherine as xfs maintainer for 6.6.y xfs: allow read IO and FICLONE to run concurrently Cheng Lin (1): xfs: introduce protection for drop nlink Christoph Hellwig (4): xfs: handle nimaps=0 from xfs_bmapi_write in xfs_alloc_file_space xfs: only remap the written blocks in xfs_reflink_end_cow_extent xfs: clean up FS_XFLAG_REALTIME handling in xfs_ioctl_setattr_xflags xfs: respect the stable writes flag on the RT device Darrick J. Wong (8): xfs: bump max fsgeom struct version xfs: hoist freeing of rt data fork extent mappings xfs: prevent rt growfs when quota is enabled xfs: rt stubs should return negative errnos when rt disabled xfs: fix units conversion error in xfs_bmap_del_extent_delay xfs: make sure maxlen is still congruent with prod when rounding down xfs: clean up dqblk extraction xfs: dquot recovery does not validate the recovered dquot Dave Chinner (1): xfs: inode recovery does not validate the recovered inode Leah Rumancik (1): xfs: up(ic_sema) if flushing data device fails Long Li (2): xfs: factor out xfs_defer_pending_abort xfs: abort intent items when recovery intents fail Omar Sandoval (1): xfs: fix internal error from AGFL exhaustion MAINTAINERS | 1 + fs/xfs/Kconfig | 2 +- fs/xfs/libxfs/xfs_alloc.c | 27 ++++++++++++-- fs/xfs/libxfs/xfs_bmap.c | 21 +++-------- fs/xfs/libxfs/xfs_defer.c | 28 +++++++++------ fs/xfs/libxfs/xfs_defer.h | 2 +- fs/xfs/libxfs/xfs_inode_buf.c | 3 ++ fs/xfs/libxfs/xfs_rtbitmap.c | 33 +++++++++++++++++ fs/xfs/libxfs/xfs_sb.h | 2 +- fs/xfs/xfs_bmap_util.c | 24 +++++++------ fs/xfs/xfs_dquot.c | 5 +-- fs/xfs/xfs_dquot_item_recover.c | 21 +++++++++-- fs/xfs/xfs_file.c | 63 ++++++++++++++++++++++++++------- fs/xfs/xfs_inode.c | 24 +++++++++++++ fs/xfs/xfs_inode.h | 17 +++++++++ fs/xfs/xfs_inode_item_recover.c | 14 +++++++- fs/xfs/xfs_ioctl.c | 30 ++++++++++------ fs/xfs/xfs_iops.c | 7 ++++ fs/xfs/xfs_log.c | 23 ++++++------ fs/xfs/xfs_log_recover.c | 2 +- fs/xfs/xfs_reflink.c | 5 +++ fs/xfs/xfs_rtalloc.c | 33 +++++++++++++---- fs/xfs/xfs_rtalloc.h | 27 ++++++++------ 23 files changed, 312 insertions(+), 102 deletions(-) -- 2.39.3

1 year, 7 months

3
23
0 0

[PATCH v2] arm64/signal: Don't assume that TIF_SVE means we saved SVE state

by Mark Brown

When we are in a syscall we will only save the FPSIMD subset even though the task still has access to the full register set, and on context switch we will only remove TIF_SVE when loading the register state. This means that the signal handling code should not assume that TIF_SVE means that the register state is stored in SVE format, it should instead check the format that was recorded during save. Fixes: 8c845e273104 ("arm64/sve: Leave SVE enabled on syscall if we don't context switch") Signed-off-by: Mark Brown <broonie(a)kernel.org> Cc: stable(a)vger.kernel.org --- Changes in v2: - Rebase onto v6.8-rc2. - Link to v1: https://lore.kernel.org/r/20240119-arm64-sve-signal-regs-v1-1-b9fd61b0289a@… --- arch/arm64/kernel/fpsimd.c | 2 +- arch/arm64/kernel/signal.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/arm64/kernel/fpsimd.c b/arch/arm64/kernel/fpsimd.c index a5dc6f764195..25ceaee6b025 100644 --- a/arch/arm64/kernel/fpsimd.c +++ b/arch/arm64/kernel/fpsimd.c @@ -1635,7 +1635,7 @@ void fpsimd_preserve_current_state(void) void fpsimd_signal_preserve_current_state(void) { fpsimd_preserve_current_state(); - if (test_thread_flag(TIF_SVE)) + if (current->thread.fp_type == FP_STATE_SVE) sve_to_fpsimd(current); } diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c index 0e8beb3349ea..425b1bc17a3f 100644 --- a/arch/arm64/kernel/signal.c +++ b/arch/arm64/kernel/signal.c @@ -242,7 +242,7 @@ static int preserve_sve_context(struct sve_context __user *ctx) vl = task_get_sme_vl(current); vq = sve_vq_from_vl(vl); flags |= SVE_SIG_FLAG_SM; - } else if (test_thread_flag(TIF_SVE)) { + } else if (current->thread.fp_type == FP_STATE_SVE) { vq = sve_vq_from_vl(vl); } @@ -878,7 +878,7 @@ static int setup_sigframe_layout(struct rt_sigframe_user_layout *user, if (system_supports_sve() || system_supports_sme()) { unsigned int vq = 0; - if (add_all || test_thread_flag(TIF_SVE) || + if (add_all || current->thread.fp_type == FP_STATE_SVE || thread_sm_enabled(&current->thread)) { int vl = max(sve_max_vl(), sme_max_vl()); --- base-commit: 41bccc98fb7931d63d03f326a746ac4d429c1dd3 change-id: 20240118-arm64-sve-signal-regs-5711e0d10425 Best regards, -- Mark Brown <broonie(a)kernel.org>

1 year, 7 months

2
1
0 0

[regression 6.1.67] dlm: cannot start dlm midcomms -97 after backport of e9cdebbe23f1 ("dlm: use kernel_connect() and kernel_bind()")

by Salvatore Bonaccorso

Hi Valentin, hi all [This is about a regression reported in Debian for 6.1.67] On Tue, Feb 06, 2024 at 01:00:11PM +0100, Valentin Kleibel wrote: > Package: linux-image-amd64 > Version: 6.1.76+1 > Source: linux > Source-Version: 6.1.76+1 > Severity: important > Control: notfound -1 6.6.15-2 > > Dear Maintainers, > > We discovered a bug affecting dlm that prevents any tcp communications by > dlm when booted with debian kernel 6.1.76-1. > > Dlm startup works (corosync-cpgtool shows the dlm:controld group with all > expected nodes) but as soon as we try to add a lockspace dmesg shows: > ``` > dlm: Using TCP for communications > dlm: cannot start dlm midcomms -97 > ``` > > It seems that commit "dlm: use kernel_connect() and kernel_bind()" > (e9cdebbe) was merged to 6.1. > > Checking the code it seems that the changed function dlm_tcp_listen_bind() > fails with exit code 97 (EAFNOSUPPORT) > It is called from > > dlm/lockspace.c: threads_start() -> dlm_midcomms_start() > dlm/midcomms.c: dlm_midcomms_start() -> dlm_lowcomms_start() > dlm/lowcomms.c: dlm_lowcomms_start() -> dlm_listen_for_all() -> > dlm_proto_ops->listen_bind() = dlm_tcp_listen_bind() > > The error code is returned all the way to threads_start() where the error > message is emmitted. > > Booting with the unsigned kernel from testing (6.6.15-2), which also > contains this commit, works without issues. > > I'm not sure what additional changes are required to get this working or if > rolling back this change is an option. > > We'd be happy to test patches that might fix this issue. Thanks for your report. So we have a 6.1.76 specific regression for the backport of e9cdebbe23f1 ("dlm: use kernel_connect() and kernel_bind()") . Let's loop in the upstream regression list for tracking and people involved for the subsystem to see if the issue can be identified. As it is working for 6.6.15 which includes the commit backport as well it might be very well that a prerequisite is missing. # annotate regression with 6.1.y specific commit #regzbot ^introduced e11dea8f503341507018b60906c4a9e7332f3663 #regzbot link: https://bugs.debian.org/1063338 Any ideas? Regards, Salvatore

1 year, 7 months

4
8
0 0

[PATCH] drm/buddy: Fix alloc_range() error handling code

by Arunpravin Paneer Selvam

Few users have observed display corruption when they boot the machine to KDE Plasma or playing games. We have root caused the problem that whenever alloc_range() couldn't find the required memory blocks the function was returning SUCCESS in some of the corner cases. The right approach would be if the total allocated size is less than the required size, the function should return -ENOSPC. Cc: <stable(a)vger.kernel.org> # 6.7+ Fixes: 0a1844bf0b53 ("drm/buddy: Improve contiguous memory allocation") Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3097 Tested-by: Mario Limonciello <mario.limonciello(a)amd.com> Link: https://patchwork.kernel.org/project/dri-devel/patch/20240207174456.341121-… Reviewed-by: Matthew Auld <matthew.auld(a)intel.com> Signed-off-by: Arunpravin Paneer Selvam <Arunpravin.PaneerSelvam(a)amd.com> --- drivers/gpu/drm/drm_buddy.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/gpu/drm/drm_buddy.c b/drivers/gpu/drm/drm_buddy.c index f57e6d74fb0e..c1a99bf4dffd 100644 --- a/drivers/gpu/drm/drm_buddy.c +++ b/drivers/gpu/drm/drm_buddy.c @@ -539,6 +539,12 @@ static int __alloc_range(struct drm_buddy *mm, } while (1); list_splice_tail(&allocated, blocks); + + if (total_allocated < size) { + err = -ENOSPC; + goto err_free; + } + return 0; err_undo: -- 2.25.1

1 year, 7 months

1
0
0 0

[for-linus][PATCH 2/2] tracing: Fix wasted memory in saved_cmdlines logic

by Steven Rostedt

From: "Steven Rostedt (Google)" <rostedt(a)goodmis.org> While looking at improving the saved_cmdlines cache I found a huge amount of wasted memory that should be used for the cmdlines. The tracing data saves pids during the trace. At sched switch, if a trace occurred, it will save the comm of the task that did the trace. This is saved in a "cache" that maps pids to comms and exposed to user space via the /sys/kernel/tracing/saved_cmdlines file. Currently it only caches by default 128 comms. The structure that uses this creates an array to store the pids using PID_MAX_DEFAULT (which is usually set to 32768). This causes the structure to be of the size of 131104 bytes on 64 bit machines. In hex: 131104 = 0x20020, and since the kernel allocates generic memory in powers of two, the kernel would allocate 0x40000 or 262144 bytes to store this structure. That leaves 131040 bytes of wasted space. Worse, the structure points to an allocated array to store the comm names, which is 16 bytes times the amount of names to save (currently 128), which is 2048 bytes. Instead of allocating a separate array, make the structure end with a variable length string and use the extra space for that. This is similar to a recommendation that Linus had made about eventfs_inode names: https://lore.kernel.org/all/20240130190355.11486-5-torvalds@linux-foundatio… Instead of allocating a separate string array to hold the saved comms, have the structure end with: char saved_cmdlines[]; and round up to the next power of two over sizeof(struct saved_cmdline_buffers) + num_cmdlines * TASK_COMM_LEN It will use this extra space for the saved_cmdline portion. Now, instead of saving only 128 comms by default, by using this wasted space at the end of the structure it can save over 8000 comms and even saves space by removing the need for allocating the other array. Link: https://lore.kernel.org/linux-trace-kernel/20240208105328.7e73f71d@rorschac… Cc: stable(a)vger.kernel.org Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Vincent Donnefort <vdonnefort(a)google.com> Cc: Sven Schnelle <svens(a)linux.ibm.com> Cc: Mete Durlu <meted(a)linux.ibm.com> Fixes: 939c7a4f04fcd ("tracing: Introduce saved_cmdlines_size file") Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- kernel/trace/trace.c | 73 +++++++++++++++++++++----------------------- 1 file changed, 34 insertions(+), 39 deletions(-) diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 2a7c6fd934e9..ea6d13ff256c 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -2320,7 +2320,7 @@ struct saved_cmdlines_buffer { unsigned *map_cmdline_to_pid; unsigned cmdline_num; int cmdline_idx; - char *saved_cmdlines; + char saved_cmdlines[]; }; static struct saved_cmdlines_buffer *savedcmd; @@ -2334,47 +2334,54 @@ static inline void set_cmdline(int idx, const char *cmdline) strncpy(get_saved_cmdlines(idx), cmdline, TASK_COMM_LEN); } -static int allocate_cmdlines_buffer(unsigned int val, - struct saved_cmdlines_buffer *s) +static void free_saved_cmdlines_buffer(struct saved_cmdlines_buffer *s) +{ + int order = get_order(sizeof(*s) + s->cmdline_num * TASK_COMM_LEN); + + kfree(s->map_cmdline_to_pid); + free_pages((unsigned long)s, order); +} + +static struct saved_cmdlines_buffer *allocate_cmdlines_buffer(unsigned int val) { + struct saved_cmdlines_buffer *s; + struct page *page; + int orig_size, size; + int order; + + /* Figure out how much is needed to hold the given number of cmdlines */ + orig_size = sizeof(*s) + val * TASK_COMM_LEN; + order = get_order(orig_size); + size = 1 << (order + PAGE_SHIFT); + page = alloc_pages(GFP_KERNEL, order); + if (!page) + return NULL; + + s = page_address(page); + memset(s, 0, sizeof(*s)); + + /* Round up to actual allocation */ + val = (size - sizeof(*s)) / TASK_COMM_LEN; + s->cmdline_num = val; + s->map_cmdline_to_pid = kmalloc_array(val, sizeof(*s->map_cmdline_to_pid), GFP_KERNEL); - if (!s->map_cmdline_to_pid) - return -ENOMEM; - - s->saved_cmdlines = kmalloc_array(TASK_COMM_LEN, val, GFP_KERNEL); - if (!s->saved_cmdlines) { - kfree(s->map_cmdline_to_pid); - return -ENOMEM; - } s->cmdline_idx = 0; - s->cmdline_num = val; memset(&s->map_pid_to_cmdline, NO_CMDLINE_MAP, sizeof(s->map_pid_to_cmdline)); memset(s->map_cmdline_to_pid, NO_CMDLINE_MAP, val * sizeof(*s->map_cmdline_to_pid)); - return 0; + return s; } static int trace_create_savedcmd(void) { - int ret; - - savedcmd = kmalloc(sizeof(*savedcmd), GFP_KERNEL); - if (!savedcmd) - return -ENOMEM; - - ret = allocate_cmdlines_buffer(SAVED_CMDLINES_DEFAULT, savedcmd); - if (ret < 0) { - kfree(savedcmd); - savedcmd = NULL; - return -ENOMEM; - } + savedcmd = allocate_cmdlines_buffer(SAVED_CMDLINES_DEFAULT); - return 0; + return savedcmd ? 0 : -ENOMEM; } int is_tracing_stopped(void) @@ -6056,26 +6063,14 @@ tracing_saved_cmdlines_size_read(struct file *filp, char __user *ubuf, return simple_read_from_buffer(ubuf, cnt, ppos, buf, r); } -static void free_saved_cmdlines_buffer(struct saved_cmdlines_buffer *s) -{ - kfree(s->saved_cmdlines); - kfree(s->map_cmdline_to_pid); - kfree(s); -} - static int tracing_resize_saved_cmdlines(unsigned int val) { struct saved_cmdlines_buffer *s, *savedcmd_temp; - s = kmalloc(sizeof(*s), GFP_KERNEL); + s = allocate_cmdlines_buffer(val); if (!s) return -ENOMEM; - if (allocate_cmdlines_buffer(val, s) < 0) { - kfree(s); - return -ENOMEM; - } - preempt_disable(); arch_spin_lock(&trace_cmdline_lock); savedcmd_temp = savedcmd; -- 2.43.0

1 year, 7 months

1
1
0 0

[PATCH 1/3] driver core: bus: introduce can_remove()

by Hamza Mahfooz

Currently, drivers have no mechanism to block requests to unbind devices. However, this can cause resource leaks and leave the device in an inconsistent state, such that rebinding the device may cause a hang or otherwise prevent the device from being rebound. So, introduce the can_remove() callback to allow drivers to indicate if it isn't appropriate to remove a device at the given time. Cc: stable(a)vger.kernel.org Signed-off-by: Hamza Mahfooz <hamza.mahfooz(a)amd.com> --- drivers/base/bus.c | 4 ++++ include/linux/device/bus.h | 2 ++ 2 files changed, 6 insertions(+) diff --git a/drivers/base/bus.c b/drivers/base/bus.c index daee55c9b2d9..7c259b01ea99 100644 --- a/drivers/base/bus.c +++ b/drivers/base/bus.c @@ -239,6 +239,10 @@ static ssize_t unbind_store(struct device_driver *drv, const char *buf, dev = bus_find_device_by_name(bus, NULL, buf); if (dev && dev->driver == drv) { + if (dev->bus && dev->bus->can_remove && + !dev->bus->can_remove(dev)) + return -EBUSY; + device_driver_detach(dev); err = count; } diff --git a/include/linux/device/bus.h b/include/linux/device/bus.h index 5ef4ec1c36c3..c9d4af0ed3b8 100644 --- a/include/linux/device/bus.h +++ b/include/linux/device/bus.h @@ -46,6 +46,7 @@ struct fwnode_handle; * be called at late_initcall_sync level. If the device has * consumers that are never bound to a driver, this function * will never get called until they do. + * @can_remove: Called before attempting to remove a device from this bus. * @remove: Called when a device removed from this bus. * @shutdown: Called at shut-down time to quiesce the device. * @@ -85,6 +86,7 @@ struct bus_type { int (*uevent)(const struct device *dev, struct kobj_uevent_env *env); int (*probe)(struct device *dev); void (*sync_state)(struct device *dev); + bool (*can_remove)(struct device *dev); void (*remove)(struct device *dev); void (*shutdown)(struct device *dev); -- 2.43.0

1 year, 7 months

5
11
0 0

[for-linus][PATCH 1/2] ftrace: Fix DIRECT_CALLS to use SAVE_REGS by default

by Steven Rostedt

From: "Masami Hiramatsu (Google)" <mhiramat(a)kernel.org> The commit 60c8971899f3 ("ftrace: Make DIRECT_CALLS work WITH_ARGS and !WITH_REGS") changed DIRECT_CALLS to use SAVE_ARGS when there are multiple ftrace_ops at the same function, but since the x86 only support to jump to direct_call from ftrace_regs_caller, when we set the function tracer on the same target function on x86, ftrace-direct does not work as below (this actually works on arm64.) At first, insmod ftrace-direct.ko to put a direct_call on 'wake_up_process()'. # insmod kernel/samples/ftrace/ftrace-direct.ko # less trace ... <idle>-0 [006] ..s1. 564.686958: my_direct_func: waking up rcu_preempt-17 <idle>-0 [007] ..s1. 564.687836: my_direct_func: waking up kcompactd0-63 <idle>-0 [006] ..s1. 564.690926: my_direct_func: waking up rcu_preempt-17 <idle>-0 [006] ..s1. 564.696872: my_direct_func: waking up rcu_preempt-17 <idle>-0 [007] ..s1. 565.191982: my_direct_func: waking up kcompactd0-63 Setup a function filter to the 'wake_up_process' too, and enable it. # cd /sys/kernel/tracing/ # echo wake_up_process > set_ftrace_filter # echo function > current_tracer # less trace ... <idle>-0 [006] ..s3. 686.180972: wake_up_process <-call_timer_fn <idle>-0 [006] ..s3. 686.186919: wake_up_process <-call_timer_fn <idle>-0 [002] ..s3. 686.264049: wake_up_process <-call_timer_fn <idle>-0 [002] d.h6. 686.515216: wake_up_process <-kick_pool <idle>-0 [002] d.h6. 686.691386: wake_up_process <-kick_pool Then, only function tracer is shown on x86. But if you enable 'kprobe on ftrace' event (which uses SAVE_REGS flag) on the same function, it is shown again. # echo 'p wake_up_process' >> dynamic_events # echo 1 > events/kprobes/p_wake_up_process_0/enable # echo > trace # less trace ... <idle>-0 [006] ..s2. 2710.345919: p_wake_up_process_0: (wake_up_process+0x4/0x20) <idle>-0 [006] ..s3. 2710.345923: wake_up_process <-call_timer_fn <idle>-0 [006] ..s1. 2710.345928: my_direct_func: waking up rcu_preempt-17 <idle>-0 [006] ..s2. 2710.349931: p_wake_up_process_0: (wake_up_process+0x4/0x20) <idle>-0 [006] ..s3. 2710.349934: wake_up_process <-call_timer_fn <idle>-0 [006] ..s1. 2710.349937: my_direct_func: waking up rcu_preempt-17 To fix this issue, use SAVE_REGS flag for multiple ftrace_ops flag of direct_call by default. Link: https://lore.kernel.org/linux-trace-kernel/170484558617.178953.159051694939… Fixes: 60c8971899f3 ("ftrace: Make DIRECT_CALLS work WITH_ARGS and !WITH_REGS") Cc: stable(a)vger.kernel.org Cc: Florent Revest <revest(a)chromium.org> Signed-off-by: Masami Hiramatsu (Google) <mhiramat(a)kernel.org> Reviewed-by: Mark Rutland <mark.rutland(a)arm.com> Tested-by: Mark Rutland <mark.rutland(a)arm.com> [arm64] Acked-by: Jiri Olsa <jolsa(a)kernel.org> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- kernel/trace/ftrace.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c index b01ae7d36021..c060d5b47910 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c @@ -5325,7 +5325,17 @@ static LIST_HEAD(ftrace_direct_funcs); static int register_ftrace_function_nolock(struct ftrace_ops *ops); +/* + * If there are multiple ftrace_ops, use SAVE_REGS by default, so that direct + * call will be jumped from ftrace_regs_caller. Only if the architecture does + * not support ftrace_regs_caller but direct_call, use SAVE_ARGS so that it + * jumps from ftrace_caller for multiple ftrace_ops. + */ +#ifndef HAVE_DYNAMIC_FTRACE_WITH_REGS #define MULTI_FLAGS (FTRACE_OPS_FL_DIRECT | FTRACE_OPS_FL_SAVE_ARGS) +#else +#define MULTI_FLAGS (FTRACE_OPS_FL_DIRECT | FTRACE_OPS_FL_SAVE_REGS) +#endif static int check_direct_multi(struct ftrace_ops *ops) { -- 2.43.0

1 year, 7 months

1
0
0 0

[PATCH v3] soc: qcom: mdt_loader: Add Upperbounds check for program header access

by Auditya Bhattaram

hash_index is evaluated by looping phdrs till QCOM_MDT_TYPE_HASH is found. Add an upperbound check to phdrs to access within elf size. Fixes: 64fb5eb87d58 ("soc: qcom: mdt_loader: Allow hash to reside in any segment") Cc: <stable(a)vger.kernel.org> Signed-off-by: Auditya Bhattaram <quic_audityab(a)quicinc.com> --- Changes in v3: - Corrected wrong patch versioning in the Subject. - Added error prints for Invalid access. Link to v2 https://lore.kernel.org/linux-arm-msm/9773d189-c896-d5c5-804c-e086c24987b4@… Link to v1 https://lore.kernel.org/linux-arm-msm/5d7a3b97-d840-4863-91a0-32c1d8e7532f@… --- drivers/soc/qcom/mdt_loader.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/soc/qcom/mdt_loader.c b/drivers/soc/qcom/mdt_loader.c index 6f177e46fa0f..61e2377cc5c3 100644 --- a/drivers/soc/qcom/mdt_loader.c +++ b/drivers/soc/qcom/mdt_loader.c @@ -145,6 +145,11 @@ void *qcom_mdt_read_metadata(const struct firmware *fw, size_t *data_len, if (phdrs[0].p_type == PT_LOAD) return ERR_PTR(-EINVAL); + if (((size_t)(phdrs + ehdr->e_phnum)) > ((size_t)ehdr + fw->size)) { + dev_err(dev, "Invalid phdrs access: %s\n", fw_name); + return ERR_PTR(-EINVAL); + } + for (i = 1; i < ehdr->e_phnum; i++) { if ((phdrs[i].p_flags & QCOM_MDT_TYPE_MASK) == QCOM_MDT_TYPE_HASH) { hash_segment = i; -- 2.17.1

1 year, 7 months

2
2
0 0

[PATCH v4] mm/zswap: invalidate old entry when store fail or !zswap_enabled

by chengming.zhou＠linux.dev

From: Chengming Zhou <zhouchengming(a)bytedance.com> We may encounter duplicate entry in the zswap_store(): 1. swap slot that freed to per-cpu swap cache, doesn't invalidate the zswap entry, then got reused. This has been fixed. 2. !exclusive load mode, swapin folio will leave its zswap entry on the tree, then swapout again. This has been removed. 3. one folio can be dirtied again after zswap_store(), so need to zswap_store() again. This should be handled correctly. So we must invalidate the old duplicate entry before insert the new one, which actually doesn't have to be done at the beginning of zswap_store(). And this is a normal situation, we shouldn't WARN_ON(1) in this case, so delete it. (The WARN_ON(1) seems want to detect swap entry UAF problem? But not very necessary here.) The good point is that we don't need to lock tree twice in the store success path. Note we still need to invalidate the old duplicate entry in the store failure path, otherwise the new data in swapfile could be overwrite by the old data in zswap pool when lru writeback. We have to do this even when !zswap_enabled since zswap can be disabled anytime. If the folio store success before, then got dirtied again but zswap disabled, we won't invalidate the old duplicate entry in the zswap_store(). So later lru writeback may overwrite the new data in swapfile. Fixes: 42c06a0e8ebe ("mm: kill frontswap") Cc: <stable(a)vger.kernel.org> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Acked-by: Yosry Ahmed <yosryahmed(a)google.com> Acked-by: Chris Li <chrisl(a)kernel.org> Signed-off-by: Chengming Zhou <zhouchengming(a)bytedance.com> --- v4: - VM_WARN_ON generate no code when !CONFIG_DEBUG_VM, change to use WARN_ON. v3: - Fix a few grammatical problems in comments, per Yosry. v2: - Change the duplicate entry invalidation loop to if, since we hold the lock, we won't find it once we invalidate it, per Yosry. - Add Fixes tag. --- mm/zswap.c | 33 ++++++++++++++++----------------- 1 file changed, 16 insertions(+), 17 deletions(-) diff --git a/mm/zswap.c b/mm/zswap.c index cd67f7f6b302..62fe307521c9 100644 --- a/mm/zswap.c +++ b/mm/zswap.c @@ -1518,18 +1518,8 @@ bool zswap_store(struct folio *folio) return false; if (!zswap_enabled) - return false; + goto check_old; - /* - * If this is a duplicate, it must be removed before attempting to store - * it, otherwise, if the store fails the old page won't be removed from - * the tree, and it might be written back overriding the new data. - */ - spin_lock(&tree->lock); - entry = zswap_rb_search(&tree->rbroot, offset); - if (entry) - zswap_invalidate_entry(tree, entry); - spin_unlock(&tree->lock); objcg = get_obj_cgroup_from_folio(folio); if (objcg && !obj_cgroup_may_zswap(objcg)) { memcg = get_mem_cgroup_from_objcg(objcg); @@ -1608,14 +1598,12 @@ bool zswap_store(struct folio *folio) /* map */ spin_lock(&tree->lock); /* - * A duplicate entry should have been removed at the beginning of this - * function. Since the swap entry should be pinned, if a duplicate is - * found again here it means that something went wrong in the swap - * cache. + * The folio may have been dirtied again, invalidate the + * possibly stale entry before inserting the new entry. */ - while (zswap_rb_insert(&tree->rbroot, entry, &dupentry) == -EEXIST) { - WARN_ON(1); + if (zswap_rb_insert(&tree->rbroot, entry, &dupentry) == -EEXIST) { zswap_invalidate_entry(tree, dupentry); + WARN_ON(zswap_rb_insert(&tree->rbroot, entry, &dupentry)); } if (entry->length) { INIT_LIST_HEAD(&entry->lru); @@ -1638,6 +1626,17 @@ bool zswap_store(struct folio *folio) reject: if (objcg) obj_cgroup_put(objcg); +check_old: + /* + * If the zswap store fails or zswap is disabled, we must invalidate the + * possibly stale entry which was previously stored at this offset. + * Otherwise, writeback could overwrite the new data in the swapfile. + */ + spin_lock(&tree->lock); + entry = zswap_rb_search(&tree->rbroot, offset); + if (entry) + zswap_invalidate_entry(tree, entry); + spin_unlock(&tree->lock); return false; shrink: -- 2.40.1

1 year, 7 months

5
8
0 0

+ mm-zswap-invalidate-duplicate-entry-when-zswap_enabled.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/zswap: invalidate duplicate entry when !zswap_enabled has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-zswap-invalidate-duplicate-entry-when-zswap_enabled.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Chengming Zhou <zhouchengming(a)bytedance.com> Subject: mm/zswap: invalidate duplicate entry when !zswap_enabled Date: Thu, 8 Feb 2024 02:32:54 +0000 We have to invalidate any duplicate entry even when !zswap_enabled since zswap can be disabled anytime. If the folio store success before, then got dirtied again but zswap disabled, we won't invalidate the old duplicate entry in the zswap_store(). So later lru writeback may overwrite the new data in swapfile. Link: https://lkml.kernel.org/r/20240208023254.3873823-1-chengming.zhou@linux.dev Fixes: 42c06a0e8ebe ("mm: kill frontswap") Signed-off-by: Chengming Zhou <zhouchengming(a)bytedance.com> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Nhat Pham <nphamcs(a)gmail.com> Cc: Yosry Ahmed <yosryahmed(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/zswap.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) --- a/mm/zswap.c~mm-zswap-invalidate-duplicate-entry-when-zswap_enabled +++ a/mm/zswap.c @@ -1516,7 +1516,7 @@ bool zswap_store(struct folio *folio) if (folio_test_large(folio)) return false; - if (!zswap_enabled || !tree) + if (!tree) return false; /* @@ -1531,6 +1531,10 @@ bool zswap_store(struct folio *folio) zswap_invalidate_entry(tree, dupentry); } spin_unlock(&tree->lock); + + if (!zswap_enabled) + return false; + objcg = get_obj_cgroup_from_folio(folio); if (objcg && !obj_cgroup_may_zswap(objcg)) { memcg = get_mem_cgroup_from_objcg(objcg); _ Patches currently in -mm which might be from zhouchengming(a)bytedance.com are mm-zswap-invalidate-duplicate-entry-when-zswap_enabled.patch mm-zswap-make-sure-each-swapfile-always-have-zswap-rb-tree.patch mm-zswap-split-zswap-rb-tree.patch mm-zswap-fix-race-between-lru-writeback-and-swapoff.patch mm-list_lru-remove-list_lru_putback.patch mm-zswap-add-more-comments-in-shrink_memcg_cb.patch mm-zswap-invalidate-zswap-entry-when-swap-entry-free.patch mm-zswap-stop-lru-list-shrinking-when-encounter-warm-region.patch mm-zswap-remove-duplicate_entry-debug-value.patch mm-zswap-only-support-zswap_exclusive_loads_enabled.patch mm-zswap-zswap-entry-doesnt-need-refcount-anymore.patch

1 year, 7 months

1
0
0 0

+ fs-proc-task_mmu-add-display-flag-for-vm_mayoverlay.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: fs/proc/task_mmu: add display flag for VM_MAYOVERLAY has been added to the -mm mm-hotfixes-unstable branch. Its filename is fs-proc-task_mmu-add-display-flag-for-vm_mayoverlay.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Anshuman Khandual <anshuman.khandual(a)arm.com> Subject: fs/proc/task_mmu: add display flag for VM_MAYOVERLAY Date: Thu, 8 Feb 2024 14:18:05 +0530 VM_UFFD_MISSING flag is mutually exclussive with VM_MAYOVERLAY flag as they both use the same bit position i.e 0x00000200 in the vm_flags. Let's update show_smap_vma_flags() to display the correct flags depending on CONFIG_MMU. Link: https://lkml.kernel.org/r/20240208084805.1252337-1-anshuman.khandual@arm.com Fixes: b6b7a8faf05c ("mm/nommu: don't use VM_MAYSHARE for MAP_PRIVATE mappings") Signed-off-by: Anshuman Khandual <anshuman.khandual(a)arm.com> Reviewed-by: David Hildenbrand <david(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/proc/task_mmu.c | 4 ++++ 1 file changed, 4 insertions(+) --- a/fs/proc/task_mmu.c~fs-proc-task_mmu-add-display-flag-for-vm_mayoverlay +++ a/fs/proc/task_mmu.c @@ -681,7 +681,11 @@ static void show_smap_vma_flags(struct s [ilog2(VM_HUGEPAGE)] = "hg", [ilog2(VM_NOHUGEPAGE)] = "nh", [ilog2(VM_MERGEABLE)] = "mg", +#ifdef CONFIG_MMU [ilog2(VM_UFFD_MISSING)]= "um", +#else + [ilog2(VM_MAYOVERLAY)] = "ov", +#endif /* CONFIG_MMU */ [ilog2(VM_UFFD_WP)] = "uw", #ifdef CONFIG_ARM64_MTE [ilog2(VM_MTE)] = "mt", _ Patches currently in -mm which might be from anshuman.khandual(a)arm.com are fs-proc-task_mmu-add-display-flag-for-vm_mayoverlay.patch mm-cma-dont-treat-bad-input-arguments-for-cma_alloc-as-its-failure.patch mm-cma-drop-config_cma_debug.patch mm-cma-make-max_cma_areas-=-config_cma_areas.patch mm-cma-add-sysfs-file-release_pages_success.patch

1 year, 7 months

1
0
0 0

+ lib-kconfigdebug-test_iov_iter-depends-on-mmu.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: lib/Kconfig.debug: TEST_IOV_ITER depends on MMU has been added to the -mm mm-hotfixes-unstable branch. Its filename is lib-kconfigdebug-test_iov_iter-depends-on-mmu.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Guenter Roeck <linux(a)roeck-us.net> Subject: lib/Kconfig.debug: TEST_IOV_ITER depends on MMU Date: Thu, 8 Feb 2024 07:30:10 -0800 Trying to run the iov_iter unit test on a nommu system such as the qemu kc705-nommu emulation results in a crash. KTAP version 1 # Subtest: iov_iter # module: kunit_iov_iter 1..9 BUG: failure at mm/nommu.c:318/vmap()! Kernel panic - not syncing: BUG! The test calls vmap() directly, but vmap() is not supported on nommu systems, causing the crash. TEST_IOV_ITER therefore needs to depend on MMU. Link: https://lkml.kernel.org/r/20240208153010.1439753-1-linux@roeck-us.net Fixes: 2d71340ff1d4 ("iov_iter: Kunit tests for copying to/from an iterator") Signed-off-by: Guenter Roeck <linux(a)roeck-us.net> Cc: David Howells <dhowells(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- lib/Kconfig.debug | 1 + 1 file changed, 1 insertion(+) --- a/lib/Kconfig.debug~lib-kconfigdebug-test_iov_iter-depends-on-mmu +++ a/lib/Kconfig.debug @@ -2235,6 +2235,7 @@ config TEST_DIV64 config TEST_IOV_ITER tristate "Test iov_iter operation" if !KUNIT_ALL_TESTS depends on KUNIT + depends on MMU default KUNIT_ALL_TESTS help Enable this to turn on testing of the operation of the I/O iterator _ Patches currently in -mm which might be from linux(a)roeck-us.net are lib-kconfigdebug-test_iov_iter-depends-on-mmu.patch

1 year, 7 months

1
0
0 0

[obsolete] xfs-disable-large-folio-support-in-xfile_create.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: xfs: disable large folio support in xfile_create has been removed from the -mm tree. Its filename was xfs-disable-large-folio-support-in-xfile_create.patch This patch was dropped because it is obsolete ------------------------------------------------------ From: Christoph Hellwig <hch(a)lst.de> Subject: xfs: disable large folio support in xfile_create Date: Wed, 10 Jan 2024 10:21:09 +0100 The xfarray code will crash if large folios are force enabled using: echo force > /sys/kernel/mm/transparent_hugepage/shmem_enabled Fixing this will require a bit of an API change, and prefeably sorting out the hwpoison story for pages vs folio and where it is placed in the shmem API. For now use this one liner to disable large folios. Link: https://lkml.kernel.org/r/20240110092109.1950011-3-hch@lst.de Fixes: 3934e8ebb7cc ("xfs: create a big array data structure") Reported-by: Darrick J. Wong <djwong(a)kernel.org> Signed-off-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: Darrick J. Wong <djwong(a)kernel.org> Cc: Chandan Babu R <chandan.babu(a)oracle.com> Cc: Christian K��nig <christian.koenig(a)amd.com> Cc: Daniel Vetter <daniel(a)ffwll.ch> Cc: Dave Airlie <airlied(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: David Howells <dhowells(a)redhat.com> Cc: Huang Rui <ray.huang(a)amd.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Jani Nikula <jani.nikula(a)linux.intel.com> Cc: Jarkko Sakkinen <jarkko(a)kernel.org> Cc: Joonas Lahtinen <joonas.lahtinen(a)linux.intel.com> Cc: Maarten Lankhorst <maarten.lankhorst(a)linux.intel.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Maxime Ripard <mripard(a)kernel.org> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: Thomas Zimmermann <tzimmermann(a)suse.de> Cc: Tvrtko Ursulin <tvrtko.ursulin(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/xfs/scrub/xfile.c | 5 +++++ 1 file changed, 5 insertions(+) --- a/fs/xfs/scrub/xfile.c~xfs-disable-large-folio-support-in-xfile_create +++ a/fs/xfs/scrub/xfile.c @@ -94,6 +94,11 @@ xfile_create( lockdep_set_class(&inode->i_rwsem, &xfile_i_mutex_key); + /* + * We're not quite ready for large folios yet. + */ + mapping_clear_large_folios(inode->i_mapping); + trace_xfile_create(xf); *xfilep = xf; _ Patches currently in -mm which might be from hch(a)lst.de are

1 year, 7 months

1
0
0 0

[obsolete] mm-add-a-mapping_clear_large_folios-helper.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm: add a mapping_clear_large_folios helper has been removed from the -mm tree. Its filename was mm-add-a-mapping_clear_large_folios-helper.patch This patch was dropped because it is obsolete ------------------------------------------------------ From: Christoph Hellwig <hch(a)lst.de> Subject: mm: add a mapping_clear_large_folios helper Date: Wed, 10 Jan 2024 10:21:08 +0100 Patch series "disable large folios for shmem file used by xfs xfile". Darrick reported that the fairly new XFS xfile code blows up when force enabling large folio for shmem. This series fixes this quickly by disabling large folios for this particular shmem file for now until it can be fixed properly, which will be a lot more invasive. This patch (of 2): Users of shmem_kernel_file_setup might not be able to deal with large folios (yet). Give them a way to disable large folio support on their mapping. Link: https://lkml.kernel.org/r/20240110092109.1950011-1-hch@lst.de Link: https://lkml.kernel.org/r/20240110092109.1950011-2-hch@lst.de Fixes: 3934e8ebb7cc ("xfs: create a big array data structure") Signed-off-by: Christoph Hellwig <hch(a)lst.de> Cc: Chandan Babu R <chandan.babu(a)oracle.com> Cc: Christian K��nig <christian.koenig(a)amd.com> Cc: Daniel Vetter <daniel(a)ffwll.ch> Cc: "Darrick J. Wong" <djwong(a)kernel.org> Cc: Dave Airlie <airlied(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: David Howells <dhowells(a)redhat.com> Cc: Huang Rui <ray.huang(a)amd.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Jani Nikula <jani.nikula(a)linux.intel.com> Cc: Jarkko Sakkinen <jarkko(a)kernel.org> Cc: Joonas Lahtinen <joonas.lahtinen(a)linux.intel.com> Cc: Maarten Lankhorst <maarten.lankhorst(a)linux.intel.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Maxime Ripard <mripard(a)kernel.org> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: Thomas Zimmermann <tzimmermann(a)suse.de> Cc: Tvrtko Ursulin <tvrtko.ursulin(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/pagemap.h | 14 ++++++++++++++ 1 file changed, 14 insertions(+) --- a/include/linux/pagemap.h~mm-add-a-mapping_clear_large_folios-helper +++ a/include/linux/pagemap.h @@ -360,6 +360,20 @@ static inline void mapping_set_large_fol __set_bit(AS_LARGE_FOLIO_SUPPORT, &mapping->flags); } +/** + * mapping_clear_large_folios() - Disable large folio support for a mapping + * @mapping: The mapping. + * + * This can be called to undo the effect of mapping_set_large_folios(). + * + * Context: This should not be called while the inode is active as it + * is non-atomic. + */ +static inline void mapping_clear_large_folios(struct address_space *mapping) +{ + __clear_bit(AS_LARGE_FOLIO_SUPPORT, &mapping->flags); +} + /* * Large folio support currently depends on THP. These dependencies are * being worked on but are not yet fixed. _ Patches currently in -mm which might be from hch(a)lst.de are xfs-disable-large-folio-support-in-xfile_create.patch

1 year, 7 months

1
0
0 0

Apply e08ff622c91a to 6.6.y

by Miguel Ojeda

Hi Greg, Sasha, Please consider applying commit e08ff622c91a to 6.6.y. It requires the following chain: 828176d037e2 ("rust: arc: add explicit `drop()` around `Box::from_raw()`") ae6df65dabc3 ("rust: upgrade to Rust 1.72.1") c61bcc278b19 ("rust: task: remove redundant explicit link") a53d8cdd5a0a ("rust: print: use explicit link in documentation") e08ff622c91a ("rust: upgrade to Rust 1.73.0") which applies cleanly to 6.6.y. This upgrades the Rust compiler version from 1.71.1 to 1.73.0 (2 version upgrades + 3 prerequisites for the upgrades), fixing a couple issues with the Rust compiler version currently used in 6.6.y. In particular: - A build error with `CONFIG_RUST_DEBUG_ASSERTIONS` enabled (`.eh_frame` section unexpected generation). This is solved applying up to ae6df65dabc3. - A developer-only Make target error (building `.rsi` single-target files, i.e. the equivalent to requesting a preprocessed file in C). This is solved applying all of them. Thanks! Cheers, Miguel

1 year, 7 months

2
1
0 0

[PATCH stable 5.4] net: bcmgenet: Fix EEE implementation

by Florian Fainelli

commit a9f31047baca57d47440c879cf259b86f900260c upstream We had a number of short comings: - EEE must be re-evaluated whenever the state machine detects a link change as wight be switching from a link partner with EEE enabled/disabled - tx_lpi_enabled controls whether EEE should be enabled/disabled for the transmit path, which applies to the TBUF block - We do not need to forcibly enable EEE upon system resume, as the PHY state machine will trigger a link event that will do that, too Fixes: 6ef398ea60d9 ("net: bcmgenet: add EEE support") Signed-off-by: Florian Fainelli <florian.fainelli(a)broadcom.com> Reviewed-by: Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> Link: https://lore.kernel.org/r/20230606214348.2408018-1-florian.fainelli@broadco… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> Signed-off-by: Florian Fainelli <florian.fainelli(a)broadcom.com> Change-Id: I9e9d9d9e10817c7fcf3d9cde2389a1f6fe42a2ba --- .../net/ethernet/broadcom/genet/bcmgenet.c | 22 +++++++------------ .../net/ethernet/broadcom/genet/bcmgenet.h | 3 +++ drivers/net/ethernet/broadcom/genet/bcmmii.c | 6 +++++ 3 files changed, 17 insertions(+), 14 deletions(-) diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.c b/drivers/net/ethernet/broadcom/genet/bcmgenet.c index eeadeeec17ba..380bf7a328ba 100644 --- a/drivers/net/ethernet/broadcom/genet/bcmgenet.c +++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.c @@ -1018,7 +1018,8 @@ static void bcmgenet_get_ethtool_stats(struct net_device *dev, } } -static void bcmgenet_eee_enable_set(struct net_device *dev, bool enable) +void bcmgenet_eee_enable_set(struct net_device *dev, bool enable, + bool tx_lpi_enabled) { struct bcmgenet_priv *priv = netdev_priv(dev); u32 off = priv->hw_params->tbuf_offset + TBUF_ENERGY_CTRL; @@ -1038,7 +1039,7 @@ static void bcmgenet_eee_enable_set(struct net_device *dev, bool enable) /* Enable EEE and switch to a 27Mhz clock automatically */ reg = bcmgenet_readl(priv->base + off); - if (enable) + if (tx_lpi_enabled) reg |= TBUF_EEE_EN | TBUF_PM_EN; else reg &= ~(TBUF_EEE_EN | TBUF_PM_EN); @@ -1059,6 +1060,7 @@ static void bcmgenet_eee_enable_set(struct net_device *dev, bool enable) priv->eee.eee_enabled = enable; priv->eee.eee_active = enable; + priv->eee.tx_lpi_enabled = tx_lpi_enabled; } static int bcmgenet_get_eee(struct net_device *dev, struct ethtool_eee *e) @@ -1074,6 +1076,7 @@ static int bcmgenet_get_eee(struct net_device *dev, struct ethtool_eee *e) e->eee_enabled = p->eee_enabled; e->eee_active = p->eee_active; + e->tx_lpi_enabled = p->tx_lpi_enabled; e->tx_lpi_timer = bcmgenet_umac_readl(priv, UMAC_EEE_LPI_TIMER); return phy_ethtool_get_eee(dev->phydev, e); @@ -1083,7 +1086,6 @@ static int bcmgenet_set_eee(struct net_device *dev, struct ethtool_eee *e) { struct bcmgenet_priv *priv = netdev_priv(dev); struct ethtool_eee *p = &priv->eee; - int ret = 0; if (GENET_IS_V1(priv)) return -EOPNOTSUPP; @@ -1094,16 +1096,11 @@ static int bcmgenet_set_eee(struct net_device *dev, struct ethtool_eee *e) p->eee_enabled = e->eee_enabled; if (!p->eee_enabled) { - bcmgenet_eee_enable_set(dev, false); + bcmgenet_eee_enable_set(dev, false, false); } else { - ret = phy_init_eee(dev->phydev, 0); - if (ret) { - netif_err(priv, hw, dev, "EEE initialization failed\n"); - return ret; - } - + p->eee_active = phy_init_eee(dev->phydev, false) >= 0; bcmgenet_umac_writel(priv, e->tx_lpi_timer, UMAC_EEE_LPI_TIMER); - bcmgenet_eee_enable_set(dev, true); + bcmgenet_eee_enable_set(dev, p->eee_active, e->tx_lpi_enabled); } return phy_ethtool_set_eee(dev->phydev, e); @@ -3688,9 +3685,6 @@ static int bcmgenet_resume(struct device *d) if (!device_may_wakeup(d)) phy_resume(dev->phydev); - if (priv->eee.eee_enabled) - bcmgenet_eee_enable_set(dev, true); - bcmgenet_netif_start(dev); netif_device_attach(dev); diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.h b/drivers/net/ethernet/broadcom/genet/bcmgenet.h index 5b7c2f9241d0..29bf256d13f6 100644 --- a/drivers/net/ethernet/broadcom/genet/bcmgenet.h +++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.h @@ -736,4 +736,7 @@ int bcmgenet_wol_power_down_cfg(struct bcmgenet_priv *priv, void bcmgenet_wol_power_up_cfg(struct bcmgenet_priv *priv, enum bcmgenet_power_mode mode); +void bcmgenet_eee_enable_set(struct net_device *dev, bool enable, + bool tx_lpi_enabled); + #endif /* __BCMGENET_H__ */ diff --git a/drivers/net/ethernet/broadcom/genet/bcmmii.c b/drivers/net/ethernet/broadcom/genet/bcmmii.c index 2fbec2acb606..026f00ccaa0c 100644 --- a/drivers/net/ethernet/broadcom/genet/bcmmii.c +++ b/drivers/net/ethernet/broadcom/genet/bcmmii.c @@ -25,6 +25,7 @@ #include "bcmgenet.h" + /* setup netdev link state when PHY link status change and * update UMAC and RGMII block when link up */ @@ -96,6 +97,11 @@ void bcmgenet_mii_setup(struct net_device *dev) CMD_RX_PAUSE_IGNORE | CMD_TX_PAUSE_IGNORE); reg |= cmd_bits; bcmgenet_umac_writel(priv, reg, UMAC_CMD); + + priv->eee.eee_active = phy_init_eee(phydev, 0) >= 0; + bcmgenet_eee_enable_set(dev, + priv->eee.eee_enabled && priv->eee.eee_active, + priv->eee.tx_lpi_enabled); } else { /* done if nothing has changed */ if (!status_changed) -- 2.34.1

1 year, 7 months

2
2
0 0

[PATCH 1/8] docs: kernel_feat.py: fix build error for missing files

by Vegard Nossum

If the directory passed to the '.. kernel-feat::' directive does not exist or the get_feat.pl script does not find any files to extract features from, Sphinx will report the following error: Sphinx parallel build error: UnboundLocalError: local variable 'fname' referenced before assignment make[2]: *** [Documentation/Makefile:102: htmldocs] Error 2 This is due to how I changed the script in c48a7c44a1d0 ("docs: kernel_feat.py: fix potential command injection"). Before that, the filename passed along to self.nestedParse() in this case was weirdly just the whole get_feat.pl invocation. We can fix it by doing what kernel_abi.py does -- just pass self.arguments[0] as 'fname'. Fixes: c48a7c44a1d0 ("docs: kernel_feat.py: fix potential command injection") Cc: Justin Forbes <jforbes(a)fedoraproject.org> Cc: Salvatore Bonaccorso <carnil(a)debian.org> Cc: Jani Nikula <jani.nikula(a)intel.com> Cc: Mauro Carvalho Chehab <mchehab(a)kernel.org> Cc: stable(a)vger.kernel.org Signed-off-by: Vegard Nossum <vegard.nossum(a)oracle.com> --- Documentation/sphinx/kernel_feat.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Documentation/sphinx/kernel_feat.py b/Documentation/sphinx/kernel_feat.py index b9df61eb4501..03ace5f01b5c 100644 --- a/Documentation/sphinx/kernel_feat.py +++ b/Documentation/sphinx/kernel_feat.py @@ -109,7 +109,7 @@ class KernelFeat(Directive): else: out_lines += line + "\n" - nodeList = self.nestedParse(out_lines, fname) + nodeList = self.nestedParse(out_lines, self.arguments[0]) return nodeList def nestedParse(self, lines, fname): -- 2.34.1

1 year, 7 months

4
7
0 0

[PATCH] drm/i915/dp: Limit SST link rate to <=8.1Gbps

by Ville Syrjala

From: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Limit the link rate to HBR3 or below (<=8.1Gbps) in SST mode. UHBR (10Gbps+) link rates require 128b/132b channel encoding which we have not yet hooked up into the SST/no-sideband codepaths. Cc: stable(a)vger.kernel.org Signed-off-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> --- drivers/gpu/drm/i915/display/intel_dp.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/gpu/drm/i915/display/intel_dp.c b/drivers/gpu/drm/i915/display/intel_dp.c index ab415f41924d..5045c34a16be 100644 --- a/drivers/gpu/drm/i915/display/intel_dp.c +++ b/drivers/gpu/drm/i915/display/intel_dp.c @@ -2356,6 +2356,9 @@ intel_dp_compute_config_limits(struct intel_dp *intel_dp, limits->min_rate = intel_dp_common_rate(intel_dp, 0); limits->max_rate = intel_dp_max_link_rate(intel_dp); + /* FIXME 128b/132b SST support missing */ + limits->max_rate = min(limits->max_rate, 810000); + limits->min_lane_count = 1; limits->max_lane_count = intel_dp_max_lane_count(intel_dp); -- 2.43.0

1 year, 7 months

2
1
0 0

[PATCH] leds: trigger: netdev: Fix kernel panic on interface rename trig notify

by Christian Marangi

Commit d5e01266e7f5 ("leds: trigger: netdev: add additional specific link speed mode") in the various changes, reworked the way to set the LINKUP mode in commit cee4bd16c319 ("leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename") and moved it to a generic function. This changed the logic where, in the previous implementation the dev from the trigger event was used to check if the carrier was ok, but in the new implementation with the generic function, the dev in trigger_data is used instead. This is problematic and cause a possible kernel panic due to the fact that the dev in the trigger_data still reference the old one as the new one (passed from the trigger event) still has to be hold and saved in the trigger_data struct (done in the NETDEV_REGISTER case). On calling of get_device_state(), an invalid net_dev is used and this cause a kernel panic. To handle this correctly, move the call to get_device_state() after the new net_dev is correctly set in trigger_data (in the NETDEV_REGISTER case) and correctly parse the new dev. Fixes: d5e01266e7f5 ("leds: trigger: netdev: add additional specific link speed mode") Cc: stable(a)vger.kernel.org Signed-off-by: Christian Marangi <ansuelsmth(a)gmail.com> --- drivers/leds/trigger/ledtrig-netdev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/leds/trigger/ledtrig-netdev.c b/drivers/leds/trigger/ledtrig-netdev.c index 8e5475819590..df1b1d8468e6 100644 --- a/drivers/leds/trigger/ledtrig-netdev.c +++ b/drivers/leds/trigger/ledtrig-netdev.c @@ -504,12 +504,12 @@ static int netdev_trig_notify(struct notifier_block *nb, trigger_data->duplex = DUPLEX_UNKNOWN; switch (evt) { case NETDEV_CHANGENAME: - get_device_state(trigger_data); - fallthrough; case NETDEV_REGISTER: dev_put(trigger_data->net_dev); dev_hold(dev); trigger_data->net_dev = dev; + if (evt == NETDEV_CHANGENAME) + get_device_state(trigger_data); break; case NETDEV_UNREGISTER: dev_put(trigger_data->net_dev); -- 2.43.0

1 year, 7 months

3
10
0 0

[PATCH] fs: relax mount_setattr() permission checks

by Christian Brauner

When we added mount_setattr() I added additional checks compared to the legacy do_reconfigure_mnt() and do_change_type() helpers used by regular mount(2). If that mount had a parent then verify that the caller and the mount namespace the mount is attached to match and if not make sure that it's an anonymous mount. The real rootfs falls into neither category. It is neither an anoymous mount because it is obviously attached to the initial mount namespace but it also obviously doesn't have a parent mount. So that means legacy mount(2) allows changing mount properties on the real rootfs but mount_setattr(2) blocks this. I never thought much about this but of course someone on this planet of earth changes properties on the real rootfs as can be seen in [1]. Since util-linux finally switched to the new mount api in 2.39 not so long ago it also relies on mount_setattr() and that surfaced this issue when Fedora 39 finally switched to it. Fix this. Link: https://bugzilla.redhat.com/show_bug.cgi?id=2256843 Reported-by: Karel Zak <kzak(a)redhat.com> Cc: stable(a)vger.kernel.org # v5.12+ Signed-off-by: Christian Brauner <brauner(a)kernel.org> --- fs/namespace.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index 437f60e96d40..fb0286920bce 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -4472,10 +4472,15 @@ static int do_mount_setattr(struct path *path, struct mount_kattr *kattr) /* * If this is an attached mount make sure it's located in the callers * mount namespace. If it's not don't let the caller interact with it. - * If this is a detached mount make sure it has an anonymous mount - * namespace attached to it, i.e. we've created it via OPEN_TREE_CLONE. + * + * If this mount doesn't have a parent it's most often simply a + * detached mount with an anonymous mount namespace. IOW, something + * that's simply not attached yet. But there are apparently also users + * that do change mount properties on the rootfs itself. That obviously + * neither has a parent nor is it a detached mount so we cannot + * unconditionally check for detached mounts. */ - if (!(mnt_has_parent(mnt) ? check_mnt(mnt) : is_anon_ns(mnt->mnt_ns))) + if (mnt_has_parent(mnt) && !check_mnt(mnt)) goto out; /* --- base-commit: 2a42e144dd0b62eaf79148394ab057145afbc3c5 change-id: 20240206-vfs-mount-rootfs-70aff2e3956d

1 year, 7 months

2
3
0 0

[PATCH 5.10 0/2] bpf: cpumap: Fix memory leak in cpu_map_update_elem

by Alexey Panov

Syzkaller reports "memory leak in cpu_map_update_elem" in 5.10 stable release. The problem has been fixed by the following patches which can be cleanly applied to the 5.10 branch. Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

1 year, 7 months

1
2
0 0

[PATCH net] s390/qeth: Fix potential loss of L3-IP@ in case of network issues

by Alexandra Winter

Symptom: In case of a bad cable connection (e.g. dirty optics) a fast sequence of network DOWN-UP-DOWN-UP could happen. UP triggers recovery of the qeth interface. In case of a second DOWN while recovery is still ongoing, it can happen that the IP@ of a Layer3 qeth interface is lost and will not be recovered by the second UP. Problem: When registration of IP addresses with Layer 3 qeth devices fails, (e.g. because of bad address format) the respective IP address is deleted from its hash-table in the driver. If registration fails because of a ENETDOWN condition, the address should stay in the hashtable, so a subsequent recovery can restore it. 3caa4af834df ("qeth: keep ip-address after LAN_OFFLINE failure") fixes this for registration failures during normal operation, but not during recovery. Solution: Keep L3-IP address in case of ENETDOWN in qeth_l3_recover_ip(). For consistency with qeth_l3_add_ip() we also keep it in case of EADDRINUSE, i.e. for some reason the card already/still has this address registered. Fixes: 4a71df50047f ("qeth: new qeth device driver") Cc: stable(a)vger.kernel.org Signed-off-by: Alexandra Winter <wintera(a)linux.ibm.com> --- drivers/s390/net/qeth_l3_main.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/drivers/s390/net/qeth_l3_main.c b/drivers/s390/net/qeth_l3_main.c index b92a32b4b114..04c64ce0a1ca 100644 --- a/drivers/s390/net/qeth_l3_main.c +++ b/drivers/s390/net/qeth_l3_main.c @@ -255,9 +255,10 @@ static void qeth_l3_clear_ip_htable(struct qeth_card *card, int recover) if (!recover) { hash_del(&addr->hnode); kfree(addr); - continue; + } else { + /* prepare for recovery */ + addr->disp_flag = QETH_DISP_ADDR_ADD; } - addr->disp_flag = QETH_DISP_ADDR_ADD; } mutex_unlock(&card->ip_lock); @@ -278,9 +279,11 @@ static void qeth_l3_recover_ip(struct qeth_card *card) if (addr->disp_flag == QETH_DISP_ADDR_ADD) { rc = qeth_l3_register_addr_entry(card, addr); - if (!rc) { + if (!rc || rc == -EADDRINUSE || rc == -ENETDOWN) { + /* keep it in the records */ addr->disp_flag = QETH_DISP_ADDR_DO_NOTHING; } else { + /* bad address */ hash_del(&addr->hnode); kfree(addr); } -- 2.40.1

1 year, 7 months

2
1
0 0

[PATCH 0/6] tools: Fix rtla and rv problems (found) with clang

by Daniel Bristot de Oliveira

RHEL people reported some errors when compiling rtla and rv with clang. The command line used to compile the tools is: $ make HOSTCC=clang CC=clang LLVM_IAS=1 The first problem is two unsupported flags passed to the compiler: -ffat-lto-objects and -Wno-maybe-uninitialized. They will be removed if the compile is clang. Also, the clang linker does not automatically recognize the -flto=auto option used at compilation time, so it is explicitly set. With the compiler working, it starts pointing to some warnings and errors about uninitialized variables, variable size, and an unused function. These problems are also fixed. Daniel Bristot de Oliveira (6): tools/rtla: Fix Makefile compiler options for clang tools/rtla: Fix uninitialized bucket/data->bucket_size warning tools/rtla: Fix clang warning about mount_point var size tools/rtla: Remove unused sched_getattr() function tools/rv: Fix Makefile compiler options for clang tools/rv: Fix curr_reactor uninitialized variable tools/tracing/rtla/Makefile | 7 ++++++- tools/tracing/rtla/src/osnoise_hist.c | 3 +-- tools/tracing/rtla/src/timerlat_hist.c | 3 +-- tools/tracing/rtla/src/utils.c | 8 +------- tools/verification/rv/Makefile | 7 ++++++- tools/verification/rv/src/in_kernel.c | 2 +- 6 files changed, 16 insertions(+), 14 deletions(-) -- 2.43.0

1 year, 7 months

2
8
0 0

[PATCH V3 1/2] net: ethernet: ti: cpsw_new: enable mac_managed_pm to fix mdio

by Sinthu Raja

From: Sinthu Raja <sinthu.raja(a)ti.com> The below commit introduced a WARN when phy state is not in the states: PHY_HALTED, PHY_READY and PHY_UP. commit 744d23c71af3 ("net: phy: Warn about incorrect mdio_bus_phy_resume() state") When cpsw_new resumes, there have port in PHY_NOLINK state, so the below warning comes out. Set mac_managed_pm be true to tell mdio that the phy resume/suspend is managed by the mac, to fix the following warning: WARNING: CPU: 0 PID: 965 at drivers/net/phy/phy_device.c:326 mdio_bus_phy_resume+0x140/0x144 CPU: 0 PID: 965 Comm: sh Tainted: G O 6.1.46-g247b2535b2 #1 Hardware name: Generic AM33XX (Flattened Device Tree) unwind_backtrace from show_stack+0x18/0x1c show_stack from dump_stack_lvl+0x24/0x2c dump_stack_lvl from __warn+0x84/0x15c __warn from warn_slowpath_fmt+0x1a8/0x1c8 warn_slowpath_fmt from mdio_bus_phy_resume+0x140/0x144 mdio_bus_phy_resume from dpm_run_callback+0x3c/0x140 dpm_run_callback from device_resume+0xb8/0x2b8 device_resume from dpm_resume+0x144/0x314 dpm_resume from dpm_resume_end+0x14/0x20 dpm_resume_end from suspend_devices_and_enter+0xd0/0x924 suspend_devices_and_enter from pm_suspend+0x2e0/0x33c pm_suspend from state_store+0x74/0xd0 state_store from kernfs_fop_write_iter+0x104/0x1ec kernfs_fop_write_iter from vfs_write+0x1b8/0x358 vfs_write from ksys_write+0x78/0xf8 ksys_write from ret_fast_syscall+0x0/0x54 Exception stack(0xe094dfa8 to 0xe094dff0) dfa0: 00000004 005c3fb8 00000001 005c3fb8 00000004 00000001 dfc0: 00000004 005c3fb8 b6f6bba0 00000004 00000004 0059edb8 00000000 00000000 dfe0: 00000004 bed918f0 b6f09bd3 b6e89a66 Cc: <stable(a)vger.kernel.org> # v6.0+ Fixes: 744d23c71af3 ("net: phy: Warn about incorrect mdio_bus_phy_resume() state") Signed-off-by: Sinthu Raja <sinthu.raja(a)ti.com> --- Changes in V3: - No Change Changes in V2: - Add fixes tag. drivers/net/ethernet/ti/cpsw_new.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/net/ethernet/ti/cpsw_new.c b/drivers/net/ethernet/ti/cpsw_new.c index 498c50c6d1a7..087dcb67505a 100644 --- a/drivers/net/ethernet/ti/cpsw_new.c +++ b/drivers/net/ethernet/ti/cpsw_new.c @@ -773,6 +773,9 @@ static void cpsw_slave_open(struct cpsw_slave *slave, struct cpsw_priv *priv) slave->slave_num); return; } + + phy->mac_managed_pm = true; + slave->phy = phy; phy_attached_info(slave->phy); -- 2.36.1

1 year, 7 months

4
3
0 0

[PATCH 0/2] ARM: prctl: Reject PR_SET_MDWE where not supported

by Zev Weiss

Hello, I noticed after a recent kernel update that my ARM926 system started segfaulting on any execve() after calling prctl(PR_SET_MDWE). After some investigation it appears that ARMv5 is incapable of providing the appropriate protections for MDWE, since any readable memory is also implicitly executable. (Note that I'm not an expert in either ARM arch details or the mm subsystem, so please bear with me if I've botched something in the above analysis.) The prctl_set_mdwe() function already had some special-case logic added disabling it on PARISC (commit 793838138c15, "prctl: Disable prctl(PR_SET_MDWE) on parisc"); this patch series (1) generalizes that check to use an arch_*() function, and (2) adds a corresponding override for ARM to disable MDWE on pre-ARMv6 CPUs. With the series applied, prctl(PR_SET_MDWE) is rejected on ARMv5 and subsequent execve() calls (as well as mmap(PROT_READ|PROT_WRITE)) can succeed instead of unconditionally failing; on ARMv6 the prctl works as it did previously. Since this was effectively a userspace-breaking change in v6.3 (with newer MDWE-aware userspace on older pre-MDWE kernels the prctl would simply fail safely) I've CCed -stable for v6.3+, though since the patches depend on the PARISC one above it will only apply cleanly on the linux-6.6.y and linux-6.7.y branches, since at least at time of writing the 6.3 through 6.5 branches don't have that patch backported (due to further missing dependencies [0]). Thanks, Zev [0] https://lore.kernel.org/all/2023112456-linked-nape-bf19@gregkh/ Zev Weiss (2): prctl: Generalize PR_SET_MDWE support check to be per-arch ARM: prctl: Reject PR_SET_MDWE on pre-ARMv6 arch/arm/include/asm/mman.h | 14 ++++++++++++++ arch/parisc/include/asm/mman.h | 14 ++++++++++++++ include/linux/mman.h | 8 ++++++++ kernel/sys.c | 7 +++++-- 4 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 arch/arm/include/asm/mman.h create mode 100644 arch/parisc/include/asm/mman.h -- 2.43.0

1 year, 7 months

3
6
0 0

[merged mm-hotfixes-stable] hugetlb-pages-should-not-be-reserved-by-shmat-if-shm_noreserve.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE has been removed from the -mm tree. Its filename was hugetlb-pages-should-not-be-reserved-by-shmat-if-shm_noreserve.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Prakash Sangappa <prakash.sangappa(a)oracle.com> Subject: mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE Date: Tue, 23 Jan 2024 12:04:42 -0800 For shared memory of type SHM_HUGETLB, hugetlb pages are reserved in shmget() call. If SHM_NORESERVE flags is specified then the hugetlb pages are not reserved. However when the shared memory is attached with the shmat() call the hugetlb pages are getting reserved incorrectly for SHM_HUGETLB shared memory created with SHM_NORESERVE which is a bug. ------------------------------- Following test shows the issue. $cat shmhtb.c int main() { int shmflags = 0660 | IPC_CREAT | SHM_HUGETLB | SHM_NORESERVE; int shmid; shmid = shmget(SKEY, SHMSZ, shmflags); if (shmid < 0) { printf("shmat: shmget() failed, %d\n", errno); return 1; } printf("After shmget()\n"); system("cat /proc/meminfo | grep -i hugepages_"); shmat(shmid, NULL, 0); printf("\nAfter shmat()\n"); system("cat /proc/meminfo | grep -i hugepages_"); shmctl(shmid, IPC_RMID, NULL); return 0; } #sysctl -w vm.nr_hugepages=20 #./shmhtb After shmget() HugePages_Total: 20 HugePages_Free: 20 HugePages_Rsvd: 0 HugePages_Surp: 0 After shmat() HugePages_Total: 20 HugePages_Free: 20 HugePages_Rsvd: 5 <-- HugePages_Surp: 0 -------------------------------- Fix is to ensure that hugetlb pages are not reserved for SHM_HUGETLB shared memory in the shmat() call. Link: https://lkml.kernel.org/r/1706040282-12388-1-git-send-email-prakash.sangapp… Signed-off-by: Prakash Sangappa <prakash.sangappa(a)oracle.com> Acked-by: Muchun Song <muchun.song(a)linux.dev> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/hugetlbfs/inode.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) --- a/fs/hugetlbfs/inode.c~hugetlb-pages-should-not-be-reserved-by-shmat-if-shm_noreserve +++ a/fs/hugetlbfs/inode.c @@ -100,6 +100,7 @@ static int hugetlbfs_file_mmap(struct fi loff_t len, vma_len; int ret; struct hstate *h = hstate_file(file); + vm_flags_t vm_flags; /* * vma address alignment (but not the pgoff alignment) has @@ -141,10 +142,20 @@ static int hugetlbfs_file_mmap(struct fi file_accessed(file); ret = -ENOMEM; + + vm_flags = vma->vm_flags; + /* + * for SHM_HUGETLB, the pages are reserved in the shmget() call so skip + * reserving here. Note: only for SHM hugetlbfs file, the inode + * flag S_PRIVATE is set. + */ + if (inode->i_flags & S_PRIVATE) + vm_flags |= VM_NORESERVE; + if (!hugetlb_reserve_pages(inode, vma->vm_pgoff >> huge_page_order(h), len >> huge_page_shift(h), vma, - vma->vm_flags)) + vm_flags)) goto out; ret = 0; _ Patches currently in -mm which might be from prakash.sangappa(a)oracle.com are

1 year, 7 months

1
0
0 0

[merged mm-hotfixes-stable] nilfs2-fix-potential-bug-in-end_buffer_async_write.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: nilfs2: fix potential bug in end_buffer_async_write has been removed from the -mm tree. Its filename was nilfs2-fix-potential-bug-in-end_buffer_async_write.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Subject: nilfs2: fix potential bug in end_buffer_async_write Date: Sun, 4 Feb 2024 01:16:45 +0900 According to a syzbot report, end_buffer_async_write(), which handles the completion of block device writes, may detect abnormal condition of the buffer async_write flag and cause a BUG_ON failure when using nilfs2. Nilfs2 itself does not use end_buffer_async_write(). But, the async_write flag is now used as a marker by commit 7f42ec394156 ("nilfs2: fix issue with race condition of competition between segments for dirty blocks") as a means of resolving double list insertion of dirty blocks in nilfs_lookup_dirty_data_buffers() and nilfs_lookup_node_buffers() and the resulting crash. This modification is safe as long as it is used for file data and b-tree node blocks where the page caches are independent. However, it was irrelevant and redundant to also introduce async_write for segment summary and super root blocks that share buffers with the backing device. This led to the possibility that the BUG_ON check in end_buffer_async_write would fail as described above, if independent writebacks of the backing device occurred in parallel. The use of async_write for segment summary buffers has already been removed in a previous change. Fix this issue by removing the manipulation of the async_write flag for the remaining super root block buffer. Link: https://lkml.kernel.org/r/20240203161645.4992-1-konishi.ryusuke@gmail.com Fixes: 7f42ec394156 ("nilfs2: fix issue with race condition of competition between segments for dirty blocks") Signed-off-by: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Reported-by: syzbot+5c04210f7c7f897c1e7f(a)syzkaller.appspotmail.com Closes: https://lkml.kernel.org/r/00000000000019a97c05fd42f8c8@google.com Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/nilfs2/segment.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) --- a/fs/nilfs2/segment.c~nilfs2-fix-potential-bug-in-end_buffer_async_write +++ a/fs/nilfs2/segment.c @@ -1703,7 +1703,6 @@ static void nilfs_segctor_prepare_write( list_for_each_entry(bh, &segbuf->sb_payload_buffers, b_assoc_buffers) { - set_buffer_async_write(bh); if (bh == segbuf->sb_super_root) { if (bh->b_folio != bd_folio) { folio_lock(bd_folio); @@ -1714,6 +1713,7 @@ static void nilfs_segctor_prepare_write( } break; } + set_buffer_async_write(bh); if (bh->b_folio != fs_folio) { nilfs_begin_folio_io(fs_folio); fs_folio = bh->b_folio; @@ -1800,7 +1800,6 @@ static void nilfs_abort_logs(struct list list_for_each_entry(bh, &segbuf->sb_payload_buffers, b_assoc_buffers) { - clear_buffer_async_write(bh); if (bh == segbuf->sb_super_root) { clear_buffer_uptodate(bh); if (bh->b_folio != bd_folio) { @@ -1809,6 +1808,7 @@ static void nilfs_abort_logs(struct list } break; } + clear_buffer_async_write(bh); if (bh->b_folio != fs_folio) { nilfs_end_folio_io(fs_folio, err); fs_folio = bh->b_folio; @@ -1896,8 +1896,9 @@ static void nilfs_segctor_complete_write BIT(BH_Delay) | BIT(BH_NILFS_Volatile) | BIT(BH_NILFS_Redirected)); - set_mask_bits(&bh->b_state, clear_bits, set_bits); if (bh == segbuf->sb_super_root) { + set_buffer_uptodate(bh); + clear_buffer_dirty(bh); if (bh->b_folio != bd_folio) { folio_end_writeback(bd_folio); bd_folio = bh->b_folio; @@ -1905,6 +1906,7 @@ static void nilfs_segctor_complete_write update_sr = true; break; } + set_mask_bits(&bh->b_state, clear_bits, set_bits); if (bh->b_folio != fs_folio) { nilfs_end_folio_io(fs_folio, 0); fs_folio = bh->b_folio; _ Patches currently in -mm which might be from konishi.ryusuke(a)gmail.com are nilfs2-convert-segment-buffer-to-use-kmap_local.patch nilfs2-convert-nilfs_copy_buffer-to-use-kmap_local.patch nilfs2-convert-metadata-file-common-code-to-use-kmap_local.patch nilfs2-convert-sufile-to-use-kmap_local.patch nilfs2-convert-persistent-object-allocator-to-use-kmap_local.patch nilfs2-convert-dat-to-use-kmap_local.patch nilfs2-move-nilfs_bmap_write-call-out-of-nilfs_write_inode_common.patch nilfs2-do-not-acquire-rwsem-in-nilfs_bmap_write.patch nilfs2-convert-ifile-to-use-kmap_local.patch nilfs2-localize-highmem-mapping-for-checkpoint-creation-within-cpfile.patch nilfs2-localize-highmem-mapping-for-checkpoint-finalization-within-cpfile.patch nilfs2-localize-highmem-mapping-for-checkpoint-reading-within-cpfile.patch nilfs2-remove-nilfs_cpfile_getput_checkpoint.patch nilfs2-convert-cpfile-to-use-kmap_local.patch

1 year, 7 months

1
0
0 0

[merged mm-hotfixes-stable] mm-damon-sysfs-schemes-fix-wrong-damos-tried-regions-update-timeout-setup.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm/damon/sysfs-schemes: fix wrong DAMOS tried regions update timeout setup has been removed from the -mm tree. Its filename was mm-damon-sysfs-schemes-fix-wrong-damos-tried-regions-update-timeout-setup.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: SeongJae Park <sj(a)kernel.org> Subject: mm/damon/sysfs-schemes: fix wrong DAMOS tried regions update timeout setup Date: Fri, 2 Feb 2024 11:19:56 -0800 DAMON sysfs interface's update_schemes_tried_regions command has a timeout of two apply intervals of the DAMOS scheme. Having zero value DAMOS scheme apply interval means it will use the aggregation interval as the value. However, the timeout setup logic is mistakenly using the sampling interval insted of the aggregartion interval for the case. This could cause earlier-than-expected timeout of the command. Fix it. Link: https://lkml.kernel.org/r/20240202191956.88791-1-sj@kernel.org Fixes: 7d6fa31a2fd7 ("mm/damon/sysfs-schemes: add timeout for update_schemes_tried_regions") Signed-off-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> # 6.7.x Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/damon/sysfs-schemes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/damon/sysfs-schemes.c~mm-damon-sysfs-schemes-fix-wrong-damos-tried-regions-update-timeout-setup +++ a/mm/damon/sysfs-schemes.c @@ -2194,7 +2194,7 @@ static void damos_tried_regions_init_upd sysfs_regions->upd_timeout_jiffies = jiffies + 2 * usecs_to_jiffies(scheme->apply_interval_us ? scheme->apply_interval_us : - ctx->attrs.sample_interval); + ctx->attrs.aggr_interval); } } _ Patches currently in -mm which might be from sj(a)kernel.org are mm-damon-core-check-apply-interval-in-damon_do_apply_schemes.patch docs-admin-guide-mm-damon-usage-use-sysfs-interface-for-tracepoints-example.patch mm-damon-rename-config_damon_dbgfs-to-damon_dbgfs_deprecated.patch mm-damon-dbgfs-implement-deprecation-notice-file.patch mm-damon-dbgfs-make-debugfs-interface-deprecation-message-a-macro.patch docs-admin-guide-mm-damon-usage-document-deprecated-file-of-damon-debugfs-interface.patch selftets-damon-prepare-for-monitor_on-file-renaming.patch mm-damon-dbgfs-rename-monitor_on-file-to-monitor_on_deprecated.patch docs-admin-guide-mm-damon-usage-update-for-monitor_on-renaming.patch docs-translations-damon-usage-update-for-monitor_on-renaming.patch mm-damon-sysfs-handle-state-file-inputs-for-every-sampling-interval-if-possible.patch selftests-damon-_damon_sysfs-support-damos-quota.patch selftests-damon-_damon_sysfs-support-damos-stats.patch selftests-damon-_damon_sysfs-support-damos-apply-interval.patch selftests-damon-add-a-test-for-damos-quota.patch selftests-damon-add-a-test-for-damos-apply-intervals.patch selftests-damon-add-a-test-for-a-race-between-target_ids_read-and-dbgfs_before_terminate.patch selftests-damon-add-a-test-for-the-pid-leak-of-dbgfs_target_ids_write.patch selftests-damon-_chk_dependency-get-debugfs-mount-point-from-proc-mounts.patch

1 year, 7 months

1
0
0 0

[merged mm-hotfixes-stable] nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() has been removed from the -mm tree. Its filename was nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Subject: nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() Date: Wed, 31 Jan 2024 23:56:57 +0900 Syzbot reported a hang issue in migrate_pages_batch() called by mbind() and nilfs_lookup_dirty_data_buffers() called in the log writer of nilfs2. While migrate_pages_batch() locks a folio and waits for the writeback to complete, the log writer thread that should bring the writeback to completion picks up the folio being written back in nilfs_lookup_dirty_data_buffers() that it calls for subsequent log creation and was trying to lock the folio. Thus causing a deadlock. In the first place, it is unexpected that folios/pages in the middle of writeback will be updated and become dirty. Nilfs2 adds a checksum to verify the validity of the log being written and uses it for recovery at mount, so data changes during writeback are suppressed. Since this is broken, an unclean shutdown could potentially cause recovery to fail. Investigation revealed that the root cause is that the wait for writeback completion in nilfs_page_mkwrite() is conditional, and if the backing device does not require stable writes, data may be modified without waiting. Fix these issues by making nilfs_page_mkwrite() wait for writeback to finish regardless of the stable write requirement of the backing device. Link: https://lkml.kernel.org/r/20240131145657.4209-1-konishi.ryusuke@gmail.com Fixes: 1d1d1a767206 ("mm: only enforce stable page writes if the backing device requires it") Signed-off-by: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Reported-by: syzbot+ee2ae68da3b22d04cd8d(a)syzkaller.appspotmail.com Closes: https://lkml.kernel.org/r/00000000000047d819061004ad6c@google.com Tested-by: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/nilfs2/file.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) --- a/fs/nilfs2/file.c~nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers +++ a/fs/nilfs2/file.c @@ -107,7 +107,13 @@ static vm_fault_t nilfs_page_mkwrite(str nilfs_transaction_commit(inode->i_sb); mapped: - folio_wait_stable(folio); + /* + * Since checksumming including data blocks is performed to determine + * the validity of the log to be written and used for recovery, it is + * necessary to wait for writeback to finish here, regardless of the + * stable write requirement of the backing device. + */ + folio_wait_writeback(folio); out: sb_end_pagefault(inode->i_sb); return vmf_fs_error(ret); _ Patches currently in -mm which might be from konishi.ryusuke(a)gmail.com are nilfs2-convert-segment-buffer-to-use-kmap_local.patch nilfs2-convert-nilfs_copy_buffer-to-use-kmap_local.patch nilfs2-convert-metadata-file-common-code-to-use-kmap_local.patch nilfs2-convert-sufile-to-use-kmap_local.patch nilfs2-convert-persistent-object-allocator-to-use-kmap_local.patch nilfs2-convert-dat-to-use-kmap_local.patch nilfs2-move-nilfs_bmap_write-call-out-of-nilfs_write_inode_common.patch nilfs2-do-not-acquire-rwsem-in-nilfs_bmap_write.patch nilfs2-convert-ifile-to-use-kmap_local.patch nilfs2-localize-highmem-mapping-for-checkpoint-creation-within-cpfile.patch nilfs2-localize-highmem-mapping-for-checkpoint-finalization-within-cpfile.patch nilfs2-localize-highmem-mapping-for-checkpoint-reading-within-cpfile.patch nilfs2-remove-nilfs_cpfile_getput_checkpoint.patch nilfs2-convert-cpfile-to-use-kmap_local.patch

1 year, 7 months

1
0
0 0

[merged mm-hotfixes-stable] fshugetlb-fix-null-pointer-dereference-in-hugetlbs_fill_super.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super has been removed from the -mm tree. Its filename was fshugetlb-fix-null-pointer-dereference-in-hugetlbs_fill_super.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Oscar Salvador <osalvador(a)suse.de> Subject: fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super Date: Tue, 30 Jan 2024 22:04:18 +0100 When configuring a hugetlb filesystem via the fsconfig() syscall, there is a possible NULL dereference in hugetlbfs_fill_super() caused by assigning NULL to ctx->hstate in hugetlbfs_parse_param() when the requested pagesize is non valid. E.g: Taking the following steps: fd = fsopen("hugetlbfs", FSOPEN_CLOEXEC); fsconfig(fd, FSCONFIG_SET_STRING, "pagesize", "1024", 0); fsconfig(fd, FSCONFIG_CMD_CREATE, NULL, NULL, 0); Given that the requested "pagesize" is invalid, ctxt->hstate will be replaced with NULL, losing its previous value, and we will print an error: ... ... case Opt_pagesize: ps = memparse(param->string, &rest); ctx->hstate = h; if (!ctx->hstate) { pr_err("Unsupported page size %lu MB\n", ps / SZ_1M); return -EINVAL; } return 0; ... ... This is a problem because later on, we will dereference ctxt->hstate in hugetlbfs_fill_super() ... ... sb->s_blocksize = huge_page_size(ctx->hstate); ... ... Causing below Oops. Fix this by replacing cxt->hstate value only when then pagesize is known to be valid. kernel: hugetlbfs: Unsupported page size 0 MB kernel: BUG: kernel NULL pointer dereference, address: 0000000000000028 kernel: #PF: supervisor read access in kernel mode kernel: #PF: error_code(0x0000) - not-present page kernel: PGD 800000010f66c067 P4D 800000010f66c067 PUD 1b22f8067 PMD 0 kernel: Oops: 0000 [#1] PREEMPT SMP PTI kernel: CPU: 4 PID: 5659 Comm: syscall Tainted: G E 6.8.0-rc2-default+ #22 5a47c3fef76212addcc6eb71344aabc35190ae8f kernel: Hardware name: Intel Corp. GROVEPORT/GROVEPORT, BIOS GVPRCRB1.86B.0016.D04.1705030402 05/03/2017 kernel: RIP: 0010:hugetlbfs_fill_super+0xb4/0x1a0 kernel: Code: 48 8b 3b e8 3e c6 ed ff 48 85 c0 48 89 45 20 0f 84 d6 00 00 00 48 b8 ff ff ff ff ff ff ff 7f 4c 89 e7 49 89 44 24 20 48 8b 03 <8b> 48 28 b8 00 10 00 00 48 d3 e0 49 89 44 24 18 48 8b 03 8b 40 28 kernel: RSP: 0018:ffffbe9960fcbd48 EFLAGS: 00010246 kernel: RAX: 0000000000000000 RBX: ffff9af5272ae780 RCX: 0000000000372004 kernel: RDX: ffffffffffffffff RSI: ffffffffffffffff RDI: ffff9af555e9b000 kernel: RBP: ffff9af52ee66b00 R08: 0000000000000040 R09: 0000000000370004 kernel: R10: ffffbe9960fcbd48 R11: 0000000000000040 R12: ffff9af555e9b000 kernel: R13: ffffffffa66b86c0 R14: ffff9af507d2f400 R15: ffff9af507d2f400 kernel: FS: 00007ffbc0ba4740(0000) GS:ffff9b0bd7000000(0000) knlGS:0000000000000000 kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 kernel: CR2: 0000000000000028 CR3: 00000001b1ee0000 CR4: 00000000001506f0 kernel: Call Trace: kernel: <TASK> kernel: ? __die_body+0x1a/0x60 kernel: ? page_fault_oops+0x16f/0x4a0 kernel: ? search_bpf_extables+0x65/0x70 kernel: ? fixup_exception+0x22/0x310 kernel: ? exc_page_fault+0x69/0x150 kernel: ? asm_exc_page_fault+0x22/0x30 kernel: ? __pfx_hugetlbfs_fill_super+0x10/0x10 kernel: ? hugetlbfs_fill_super+0xb4/0x1a0 kernel: ? hugetlbfs_fill_super+0x28/0x1a0 kernel: ? __pfx_hugetlbfs_fill_super+0x10/0x10 kernel: vfs_get_super+0x40/0xa0 kernel: ? __pfx_bpf_lsm_capable+0x10/0x10 kernel: vfs_get_tree+0x25/0xd0 kernel: vfs_cmd_create+0x64/0xe0 kernel: __x64_sys_fsconfig+0x395/0x410 kernel: do_syscall_64+0x80/0x160 kernel: ? syscall_exit_to_user_mode+0x82/0x240 kernel: ? do_syscall_64+0x8d/0x160 kernel: ? syscall_exit_to_user_mode+0x82/0x240 kernel: ? do_syscall_64+0x8d/0x160 kernel: ? exc_page_fault+0x69/0x150 kernel: entry_SYSCALL_64_after_hwframe+0x6e/0x76 kernel: RIP: 0033:0x7ffbc0cb87c9 kernel: Code: 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 97 96 0d 00 f7 d8 64 89 01 48 kernel: RSP: 002b:00007ffc29d2f388 EFLAGS: 00000206 ORIG_RAX: 00000000000001af kernel: RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffbc0cb87c9 kernel: RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003 kernel: RBP: 00007ffc29d2f3b0 R08: 0000000000000000 R09: 0000000000000000 kernel: R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 kernel: R13: 00007ffc29d2f4c0 R14: 0000000000000000 R15: 0000000000000000 kernel: </TASK> kernel: Modules linked in: rpcsec_gss_krb5(E) auth_rpcgss(E) nfsv4(E) dns_resolver(E) nfs(E) lockd(E) grace(E) sunrpc(E) netfs(E) af_packet(E) bridge(E) stp(E) llc(E) iscsi_ibft(E) iscsi_boot_sysfs(E) intel_rapl_msr(E) intel_rapl_common(E) iTCO_wdt(E) intel_pmc_bxt(E) sb_edac(E) iTCO_vendor_support(E) x86_pkg_temp_thermal(E) intel_powerclamp(E) coretemp(E) kvm_intel(E) rfkill(E) ipmi_ssif(E) kvm(E) acpi_ipmi(E) irqbypass(E) pcspkr(E) igb(E) ipmi_si(E) mei_me(E) i2c_i801(E) joydev(E) intel_pch_thermal(E) i2c_smbus(E) dca(E) lpc_ich(E) mei(E) ipmi_devintf(E) ipmi_msghandler(E) acpi_pad(E) tiny_power_button(E) button(E) fuse(E) efi_pstore(E) configfs(E) ip_tables(E) x_tables(E) ext4(E) mbcache(E) jbd2(E) hid_generic(E) usbhid(E) sd_mod(E) t10_pi(E) crct10dif_pclmul(E) crc32_pclmul(E) crc32c_intel(E) polyval_clmulni(E) ahci(E) xhci_pci(E) polyval_generic(E) gf128mul(E) ghash_clmulni_intel(E) sha512_ssse3(E) sha256_ssse3(E) xhci_pci_renesas(E) libahci(E) ehci_pci(E) sha1_ssse3(E) xhci_hc d(E) ehci_hcd(E) libata(E) kernel: mgag200(E) i2c_algo_bit(E) usbcore(E) wmi(E) sg(E) dm_multipath(E) dm_mod(E) scsi_dh_rdac(E) scsi_dh_emc(E) scsi_dh_alua(E) scsi_mod(E) scsi_common(E) aesni_intel(E) crypto_simd(E) cryptd(E) kernel: Unloaded tainted modules: acpi_cpufreq(E):1 fjes(E):1 kernel: CR2: 0000000000000028 kernel: ---[ end trace 0000000000000000 ]--- kernel: RIP: 0010:hugetlbfs_fill_super+0xb4/0x1a0 kernel: Code: 48 8b 3b e8 3e c6 ed ff 48 85 c0 48 89 45 20 0f 84 d6 00 00 00 48 b8 ff ff ff ff ff ff ff 7f 4c 89 e7 49 89 44 24 20 48 8b 03 <8b> 48 28 b8 00 10 00 00 48 d3 e0 49 89 44 24 18 48 8b 03 8b 40 28 kernel: RSP: 0018:ffffbe9960fcbd48 EFLAGS: 00010246 kernel: RAX: 0000000000000000 RBX: ffff9af5272ae780 RCX: 0000000000372004 kernel: RDX: ffffffffffffffff RSI: ffffffffffffffff RDI: ffff9af555e9b000 kernel: RBP: ffff9af52ee66b00 R08: 0000000000000040 R09: 0000000000370004 kernel: R10: ffffbe9960fcbd48 R11: 0000000000000040 R12: ffff9af555e9b000 kernel: R13: ffffffffa66b86c0 R14: ffff9af507d2f400 R15: ffff9af507d2f400 kernel: FS: 00007ffbc0ba4740(0000) GS:ffff9b0bd7000000(0000) knlGS:0000000000000000 kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 kernel: CR2: 0000000000000028 CR3: 00000001b1ee0000 CR4: 00000000001506f0 Link: https://lkml.kernel.org/r/20240130210418.3771-1-osalvador@suse.de Fixes: 32021982a324 ("hugetlbfs: Convert to fs_context") Signed-off-by: Michal Hocko <mhocko(a)suse.com> Signed-off-by: Oscar Salvador <osalvador(a)suse.de> Acked-by: Muchun Song <muchun.song(a)linux.dev> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/hugetlbfs/inode.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) --- a/fs/hugetlbfs/inode.c~fshugetlb-fix-null-pointer-dereference-in-hugetlbs_fill_super +++ a/fs/hugetlbfs/inode.c @@ -1365,6 +1365,7 @@ static int hugetlbfs_parse_param(struct { struct hugetlbfs_fs_context *ctx = fc->fs_private; struct fs_parse_result result; + struct hstate *h; char *rest; unsigned long ps; int opt; @@ -1409,11 +1410,12 @@ static int hugetlbfs_parse_param(struct case Opt_pagesize: ps = memparse(param->string, &rest); - ctx->hstate = size_to_hstate(ps); - if (!ctx->hstate) { + h = size_to_hstate(ps); + if (!h) { pr_err("Unsupported page size %lu MB\n", ps / SZ_1M); return -EINVAL; } + ctx->hstate = h; return 0; case Opt_min_size: _ Patches currently in -mm which might be from osalvador(a)suse.de are

1 year, 7 months

1
0
0 0

[merged mm-hotfixes-stable] arch-arm-mm-fix-major-fault-accounting-when-retrying-under-per-vma-lock.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: arch/arm/mm: fix major fault accounting when retrying under per-VMA lock has been removed from the -mm tree. Its filename was arch-arm-mm-fix-major-fault-accounting-when-retrying-under-per-vma-lock.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Suren Baghdasaryan <surenb(a)google.com> Subject: arch/arm/mm: fix major fault accounting when retrying under per-VMA lock Date: Mon, 22 Jan 2024 22:43:05 -0800 The change [1] missed ARM architecture when fixing major fault accounting for page fault retry under per-VMA lock. The user-visible effects is that it restores correct major fault accounting that was broken after [2] was merged in 6.7 kernel. The more detailed description is in [3] and this patch simply adds the same fix to ARM architecture which I missed in [3]. Add missing code to fix ARM architecture fault accounting. [1] 46e714c729c8 ("arch/mm/fault: fix major fault accounting when retrying under per-VMA lock") [2] https://lore.kernel.org/all/20231006195318.4087158-6-willy@infradead.org/ [3] https://lore.kernel.org/all/20231226214610.109282-1-surenb@google.com/ Link: https://lkml.kernel.org/r/20240123064305.2829244-1-surenb@google.com Fixes: 12214eba1992 ("mm: handle read faults under the VMA lock") Reported-by: Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> Signed-off-by: Suren Baghdasaryan <surenb(a)google.com> Cc: Alexander Gordeev <agordeev(a)linux.ibm.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Catalin Marinas <catalin.marinas(a)arm.com> Cc: Christophe Leroy <christophe.leroy(a)csgroup.eu> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Gerald Schaefer <gerald.schaefer(a)linux.ibm.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Michael Ellerman <mpe(a)ellerman.id.au> Cc: Palmer Dabbelt <palmer(a)dabbelt.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Will Deacon <will(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- arch/arm/mm/fault.c | 2 ++ 1 file changed, 2 insertions(+) --- a/arch/arm/mm/fault.c~arch-arm-mm-fix-major-fault-accounting-when-retrying-under-per-vma-lock +++ a/arch/arm/mm/fault.c @@ -298,6 +298,8 @@ do_page_fault(unsigned long addr, unsign goto done; } count_vm_vma_lock_event(VMA_LOCK_RETRY); + if (fault & VM_FAULT_MAJOR) + flags |= FAULT_FLAG_TRIED; /* Quick path to respond to signals */ if (fault_signal_pending(fault, regs)) { _ Patches currently in -mm which might be from surenb(a)google.com are userfaultfd-handle-zeropage-moves-by-uffdio_move.patch

1 year, 7 months

1
0
0 0

[merged mm-hotfixes-stable] nilfs2-fix-data-corruption-in-dsync-block-recovery-for-small-block-sizes.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: nilfs2: fix data corruption in dsync block recovery for small block sizes has been removed from the -mm tree. Its filename was nilfs2-fix-data-corruption-in-dsync-block-recovery-for-small-block-sizes.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Subject: nilfs2: fix data corruption in dsync block recovery for small block sizes Date: Wed, 24 Jan 2024 21:19:36 +0900 The helper function nilfs_recovery_copy_block() of nilfs_recovery_dsync_blocks(), which recovers data from logs created by data sync writes during a mount after an unclean shutdown, incorrectly calculates the on-page offset when copying repair data to the file's page cache. In environments where the block size is smaller than the page size, this flaw can cause data corruption and leak uninitialized memory bytes during the recovery process. Fix these issues by correcting this byte offset calculation on the page. Link: https://lkml.kernel.org/r/20240124121936.10575-1-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Tested-by: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/nilfs2/recovery.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) --- a/fs/nilfs2/recovery.c~nilfs2-fix-data-corruption-in-dsync-block-recovery-for-small-block-sizes +++ a/fs/nilfs2/recovery.c @@ -472,9 +472,10 @@ static int nilfs_prepare_segment_for_rec static int nilfs_recovery_copy_block(struct the_nilfs *nilfs, struct nilfs_recovery_block *rb, - struct page *page) + loff_t pos, struct page *page) { struct buffer_head *bh_org; + size_t from = pos & ~PAGE_MASK; void *kaddr; bh_org = __bread(nilfs->ns_bdev, rb->blocknr, nilfs->ns_blocksize); @@ -482,7 +483,7 @@ static int nilfs_recovery_copy_block(str return -EIO; kaddr = kmap_atomic(page); - memcpy(kaddr + bh_offset(bh_org), bh_org->b_data, bh_org->b_size); + memcpy(kaddr + from, bh_org->b_data, bh_org->b_size); kunmap_atomic(kaddr); brelse(bh_org); return 0; @@ -521,7 +522,7 @@ static int nilfs_recover_dsync_blocks(st goto failed_inode; } - err = nilfs_recovery_copy_block(nilfs, rb, page); + err = nilfs_recovery_copy_block(nilfs, rb, pos, page); if (unlikely(err)) goto failed_page; _ Patches currently in -mm which might be from konishi.ryusuke(a)gmail.com are nilfs2-convert-segment-buffer-to-use-kmap_local.patch nilfs2-convert-nilfs_copy_buffer-to-use-kmap_local.patch nilfs2-convert-metadata-file-common-code-to-use-kmap_local.patch nilfs2-convert-sufile-to-use-kmap_local.patch nilfs2-convert-persistent-object-allocator-to-use-kmap_local.patch nilfs2-convert-dat-to-use-kmap_local.patch nilfs2-move-nilfs_bmap_write-call-out-of-nilfs_write_inode_common.patch nilfs2-do-not-acquire-rwsem-in-nilfs_bmap_write.patch nilfs2-convert-ifile-to-use-kmap_local.patch nilfs2-localize-highmem-mapping-for-checkpoint-creation-within-cpfile.patch nilfs2-localize-highmem-mapping-for-checkpoint-finalization-within-cpfile.patch nilfs2-localize-highmem-mapping-for-checkpoint-reading-within-cpfile.patch nilfs2-remove-nilfs_cpfile_getput_checkpoint.patch nilfs2-convert-cpfile-to-use-kmap_local.patch

1 year, 7 months

1
0
0 0

[merged mm-hotfixes-stable] exit-wait_task_zombie-kill-the-no-longer-necessary-spin_lock_irqsiglock.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: exit: wait_task_zombie: kill the no longer necessary spin_lock_irq(siglock) has been removed from the -mm tree. Its filename was exit-wait_task_zombie-kill-the-no-longer-necessary-spin_lock_irqsiglock.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Oleg Nesterov <oleg(a)redhat.com> Subject: exit: wait_task_zombie: kill the no longer necessary spin_lock_irq(siglock) Date: Tue, 23 Jan 2024 16:34:00 +0100 After the recent changes nobody use siglock to read the values protected by stats_lock, we can kill spin_lock_irq(&current->sighand->siglock) and update the comment. With this patch only __exit_signal() and thread_group_start_cputime() take stats_lock under siglock. Link: https://lkml.kernel.org/r/20240123153359.GA21866@redhat.com Signed-off-by: Oleg Nesterov <oleg(a)redhat.com> Signed-off-by: Dylan Hatch <dylanbhatch(a)google.com> Cc: Eric W. Biederman <ebiederm(a)xmission.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- kernel/exit.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) --- a/kernel/exit.c~exit-wait_task_zombie-kill-the-no-longer-necessary-spin_lock_irqsiglock +++ a/kernel/exit.c @@ -1127,17 +1127,14 @@ static int wait_task_zombie(struct wait_ * and nobody can change them. * * psig->stats_lock also protects us from our sub-threads - * which can reap other children at the same time. Until - * we change k_getrusage()-like users to rely on this lock - * we have to take ->siglock as well. + * which can reap other children at the same time. * * We use thread_group_cputime_adjusted() to get times for * the thread group, which consolidates times for all threads * in the group including the group leader. */ thread_group_cputime_adjusted(p, &tgutime, &tgstime); - spin_lock_irq(&current->sighand->siglock); - write_seqlock(&psig->stats_lock); + write_seqlock_irq(&psig->stats_lock); psig->cutime += tgutime + sig->cutime; psig->cstime += tgstime + sig->cstime; psig->cgtime += task_gtime(p) + sig->gtime + sig->cgtime; @@ -1160,8 +1157,7 @@ static int wait_task_zombie(struct wait_ psig->cmaxrss = maxrss; task_io_accounting_add(&psig->ioac, &p->ioac); task_io_accounting_add(&psig->ioac, &sig->ioac); - write_sequnlock(&psig->stats_lock); - spin_unlock_irq(&current->sighand->siglock); + write_sequnlock_irq(&psig->stats_lock); } if (wo->wo_rusage) _ Patches currently in -mm which might be from oleg(a)redhat.com are ptrace_attach-shift-sendsigstop-into-ptrace_set_stopped.patch

1 year, 7 months

1
0
0 0

[merged mm-hotfixes-stable] fs-proc-do_task_stat-use-sig-stats_lock-to-gather-the-threads-children-stats.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats has been removed from the -mm tree. Its filename was fs-proc-do_task_stat-use-sig-stats_lock-to-gather-the-threads-children-stats.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Oleg Nesterov <oleg(a)redhat.com> Subject: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats Date: Tue, 23 Jan 2024 16:33:57 +0100 lock_task_sighand() can trigger a hard lockup. If NR_CPUS threads call do_task_stat() at the same time and the process has NR_THREADS, it will spin with irqs disabled O(NR_CPUS * NR_THREADS) time. Change do_task_stat() to use sig->stats_lock to gather the statistics outside of ->siglock protected section, in the likely case this code will run lockless. Link: https://lkml.kernel.org/r/20240123153357.GA21857@redhat.com Signed-off-by: Oleg Nesterov <oleg(a)redhat.com> Signed-off-by: Dylan Hatch <dylanbhatch(a)google.com> Cc: Eric W. Biederman <ebiederm(a)xmission.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/proc/array.c | 58 +++++++++++++++++++++++++--------------------- 1 file changed, 32 insertions(+), 26 deletions(-) --- a/fs/proc/array.c~fs-proc-do_task_stat-use-sig-stats_lock-to-gather-the-threads-children-stats +++ a/fs/proc/array.c @@ -477,13 +477,13 @@ static int do_task_stat(struct seq_file int permitted; struct mm_struct *mm; unsigned long long start_time; - unsigned long cmin_flt = 0, cmaj_flt = 0; - unsigned long min_flt = 0, maj_flt = 0; - u64 cutime, cstime, utime, stime; - u64 cgtime, gtime; + unsigned long cmin_flt, cmaj_flt, min_flt, maj_flt; + u64 cutime, cstime, cgtime, utime, stime, gtime; unsigned long rsslim = 0; unsigned long flags; int exit_code = task->exit_code; + struct signal_struct *sig = task->signal; + unsigned int seq = 1; state = *get_task_state(task); vsize = eip = esp = 0; @@ -511,12 +511,8 @@ static int do_task_stat(struct seq_file sigemptyset(&sigign); sigemptyset(&sigcatch); - cutime = cstime = 0; - cgtime = gtime = 0; if (lock_task_sighand(task, &flags)) { - struct signal_struct *sig = task->signal; - if (sig->tty) { struct pid *pgrp = tty_get_pgrp(sig->tty); tty_pgrp = pid_nr_ns(pgrp, ns); @@ -527,27 +523,9 @@ static int do_task_stat(struct seq_file num_threads = get_nr_threads(task); collect_sigign_sigcatch(task, &sigign, &sigcatch); - cmin_flt = sig->cmin_flt; - cmaj_flt = sig->cmaj_flt; - cutime = sig->cutime; - cstime = sig->cstime; - cgtime = sig->cgtime; rsslim = READ_ONCE(sig->rlim[RLIMIT_RSS].rlim_cur); - /* add up live thread stats at the group level */ if (whole) { - struct task_struct *t; - - __for_each_thread(sig, t) { - min_flt += t->min_flt; - maj_flt += t->maj_flt; - gtime += task_gtime(t); - } - - min_flt += sig->min_flt; - maj_flt += sig->maj_flt; - gtime += sig->gtime; - if (sig->flags & (SIGNAL_GROUP_EXIT | SIGNAL_STOP_STOPPED)) exit_code = sig->group_exit_code; } @@ -562,6 +540,34 @@ static int do_task_stat(struct seq_file if (permitted && (!whole || num_threads < 2)) wchan = !task_is_running(task); + do { + seq++; /* 2 on the 1st/lockless path, otherwise odd */ + flags = read_seqbegin_or_lock_irqsave(&sig->stats_lock, &seq); + + cmin_flt = sig->cmin_flt; + cmaj_flt = sig->cmaj_flt; + cutime = sig->cutime; + cstime = sig->cstime; + cgtime = sig->cgtime; + + if (whole) { + struct task_struct *t; + + min_flt = sig->min_flt; + maj_flt = sig->maj_flt; + gtime = sig->gtime; + + rcu_read_lock(); + __for_each_thread(sig, t) { + min_flt += t->min_flt; + maj_flt += t->maj_flt; + gtime += task_gtime(t); + } + rcu_read_unlock(); + } + } while (need_seqretry(&sig->stats_lock, seq)); + done_seqretry_irqrestore(&sig->stats_lock, seq, flags); + if (whole) { thread_group_cputime_adjusted(task, &utime, &stime); } else { _ Patches currently in -mm which might be from oleg(a)redhat.com are ptrace_attach-shift-sendsigstop-into-ptrace_set_stopped.patch

1 year, 7 months

1
0
0 0

[merged mm-hotfixes-stable] fs-proc-do_task_stat-move-thread_group_cputime_adjusted-outside-of-lock_task_sighand.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: fs/proc: do_task_stat: move thread_group_cputime_adjusted() outside of lock_task_sighand() has been removed from the -mm tree. Its filename was fs-proc-do_task_stat-move-thread_group_cputime_adjusted-outside-of-lock_task_sighand.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Oleg Nesterov <oleg(a)redhat.com> Subject: fs/proc: do_task_stat: move thread_group_cputime_adjusted() outside of lock_task_sighand() Date: Tue, 23 Jan 2024 16:33:55 +0100 Patch series "fs/proc: do_task_stat: use sig->stats_". do_task_stat() has the same problem as getrusage() had before "getrusage: use sig->stats_lock rather than lock_task_sighand()": a hard lockup. If NR_CPUS threads call lock_task_sighand() at the same time and the process has NR_THREADS, spin_lock_irq will spin with irqs disabled O(NR_CPUS * NR_THREADS) time. This patch (of 3): thread_group_cputime() does its own locking, we can safely shift thread_group_cputime_adjusted() which does another for_each_thread loop outside of ->siglock protected section. Not only this removes for_each_thread() from the critical section with irqs disabled, this removes another case when stats_lock is taken with siglock held. We want to remove this dependency, then we can change the users of stats_lock to not disable irqs. Link: https://lkml.kernel.org/r/20240123153313.GA21832@redhat.com Link: https://lkml.kernel.org/r/20240123153355.GA21854@redhat.com Signed-off-by: Oleg Nesterov <oleg(a)redhat.com> Signed-off-by: Dylan Hatch <dylanbhatch(a)google.com> Cc: Eric W. Biederman <ebiederm(a)xmission.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/proc/array.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) --- a/fs/proc/array.c~fs-proc-do_task_stat-move-thread_group_cputime_adjusted-outside-of-lock_task_sighand +++ a/fs/proc/array.c @@ -511,7 +511,7 @@ static int do_task_stat(struct seq_file sigemptyset(&sigign); sigemptyset(&sigcatch); - cutime = cstime = utime = stime = 0; + cutime = cstime = 0; cgtime = gtime = 0; if (lock_task_sighand(task, &flags)) { @@ -546,7 +546,6 @@ static int do_task_stat(struct seq_file min_flt += sig->min_flt; maj_flt += sig->maj_flt; - thread_group_cputime_adjusted(task, &utime, &stime); gtime += sig->gtime; if (sig->flags & (SIGNAL_GROUP_EXIT | SIGNAL_STOP_STOPPED)) @@ -562,10 +561,13 @@ static int do_task_stat(struct seq_file if (permitted && (!whole || num_threads < 2)) wchan = !task_is_running(task); - if (!whole) { + + if (whole) { + thread_group_cputime_adjusted(task, &utime, &stime); + } else { + task_cputime_adjusted(task, &utime, &stime); min_flt = task->min_flt; maj_flt = task->maj_flt; - task_cputime_adjusted(task, &utime, &stime); gtime = task_gtime(task); } _ Patches currently in -mm which might be from oleg(a)redhat.com are ptrace_attach-shift-sendsigstop-into-ptrace_set_stopped.patch

1 year, 7 months

1
0
0 0

[merged mm-hotfixes-stable] getrusage-use-sig-stats_lock-rather-than-lock_task_sighand.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: getrusage: use sig->stats_lock rather than lock_task_sighand() has been removed from the -mm tree. Its filename was getrusage-use-sig-stats_lock-rather-than-lock_task_sighand.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Oleg Nesterov <oleg(a)redhat.com> Subject: getrusage: use sig->stats_lock rather than lock_task_sighand() Date: Mon, 22 Jan 2024 16:50:53 +0100 lock_task_sighand() can trigger a hard lockup. If NR_CPUS threads call getrusage() at the same time and the process has NR_THREADS, spin_lock_irq will spin with irqs disabled O(NR_CPUS * NR_THREADS) time. Change getrusage() to use sig->stats_lock, it was specifically designed for this type of use. This way it runs lockless in the likely case. TODO: - Change do_task_stat() to use sig->stats_lock too, then we can remove spin_lock_irq(siglock) in wait_task_zombie(). - Turn sig->stats_lock into seqcount_rwlock_t, this way the readers in the slow mode won't exclude each other. See https://lore.kernel.org/all/20230913154907.GA26210@redhat.com/ - stats_lock has to disable irqs because ->siglock can be taken in irq context, it would be very nice to change __exit_signal() to avoid the siglock->stats_lock dependency. Link: https://lkml.kernel.org/r/20240122155053.GA26214@redhat.com Signed-off-by: Oleg Nesterov <oleg(a)redhat.com> Reported-by: Dylan Hatch <dylanbhatch(a)google.com> Tested-by: Dylan Hatch <dylanbhatch(a)google.com> Cc: Eric W. Biederman <ebiederm(a)xmission.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- kernel/sys.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) --- a/kernel/sys.c~getrusage-use-sig-stats_lock-rather-than-lock_task_sighand +++ a/kernel/sys.c @@ -1788,7 +1788,9 @@ void getrusage(struct task_struct *p, in unsigned long maxrss; struct mm_struct *mm; struct signal_struct *sig = p->signal; + unsigned int seq = 0; +retry: memset(r, 0, sizeof(*r)); utime = stime = 0; maxrss = 0; @@ -1800,8 +1802,7 @@ void getrusage(struct task_struct *p, in goto out_thread; } - if (!lock_task_sighand(p, &flags)) - return; + flags = read_seqbegin_or_lock_irqsave(&sig->stats_lock, &seq); switch (who) { case RUSAGE_BOTH: @@ -1829,14 +1830,23 @@ void getrusage(struct task_struct *p, in r->ru_oublock += sig->oublock; if (maxrss < sig->maxrss) maxrss = sig->maxrss; + + rcu_read_lock(); __for_each_thread(sig, t) accumulate_thread_rusage(t, r); + rcu_read_unlock(); + break; default: BUG(); } - unlock_task_sighand(p, &flags); + + if (need_seqretry(&sig->stats_lock, seq)) { + seq = 1; + goto retry; + } + done_seqretry_irqrestore(&sig->stats_lock, seq, flags); if (who == RUSAGE_CHILDREN) goto out_children; _ Patches currently in -mm which might be from oleg(a)redhat.com are ptrace_attach-shift-sendsigstop-into-ptrace_set_stopped.patch

1 year, 7 months

1
0
0 0

[merged mm-hotfixes-stable] getrusage-move-thread_group_cputime_adjusted-outside-of-lock_task_sighand.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: getrusage: move thread_group_cputime_adjusted() outside of lock_task_sighand() has been removed from the -mm tree. Its filename was getrusage-move-thread_group_cputime_adjusted-outside-of-lock_task_sighand.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Oleg Nesterov <oleg(a)redhat.com> Subject: getrusage: move thread_group_cputime_adjusted() outside of lock_task_sighand() Date: Mon, 22 Jan 2024 16:50:50 +0100 Patch series "getrusage: use sig->stats_lock", v2. This patch (of 2): thread_group_cputime() does its own locking, we can safely shift thread_group_cputime_adjusted() which does another for_each_thread loop outside of ->siglock protected section. This is also preparation for the next patch which changes getrusage() to use stats_lock instead of siglock, thread_group_cputime() takes the same lock. With the current implementation recursive read_seqbegin_or_lock() is fine, thread_group_cputime() can't enter the slow mode if the caller holds stats_lock, yet this looks more safe and better performance-wise. Link: https://lkml.kernel.org/r/20240122155023.GA26169@redhat.com Link: https://lkml.kernel.org/r/20240122155050.GA26205@redhat.com Signed-off-by: Oleg Nesterov <oleg(a)redhat.com> Reported-by: Dylan Hatch <dylanbhatch(a)google.com> Tested-by: Dylan Hatch <dylanbhatch(a)google.com> Cc: Eric W. Biederman <ebiederm(a)xmission.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- kernel/sys.c | 36 ++++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 16 deletions(-) --- a/kernel/sys.c~getrusage-move-thread_group_cputime_adjusted-outside-of-lock_task_sighand +++ a/kernel/sys.c @@ -1785,17 +1785,19 @@ void getrusage(struct task_struct *p, in struct task_struct *t; unsigned long flags; u64 tgutime, tgstime, utime, stime; - unsigned long maxrss = 0; + unsigned long maxrss; + struct mm_struct *mm; struct signal_struct *sig = p->signal; - memset((char *)r, 0, sizeof (*r)); + memset(r, 0, sizeof(*r)); utime = stime = 0; + maxrss = 0; if (who == RUSAGE_THREAD) { task_cputime_adjusted(current, &utime, &stime); accumulate_thread_rusage(p, r); maxrss = sig->maxrss; - goto out; + goto out_thread; } if (!lock_task_sighand(p, &flags)) @@ -1819,9 +1821,6 @@ void getrusage(struct task_struct *p, in fallthrough; case RUSAGE_SELF: - thread_group_cputime_adjusted(p, &tgutime, &tgstime); - utime += tgutime; - stime += tgstime; r->ru_nvcsw += sig->nvcsw; r->ru_nivcsw += sig->nivcsw; r->ru_minflt += sig->min_flt; @@ -1839,19 +1838,24 @@ void getrusage(struct task_struct *p, in } unlock_task_sighand(p, &flags); -out: - r->ru_utime = ns_to_kernel_old_timeval(utime); - r->ru_stime = ns_to_kernel_old_timeval(stime); - - if (who != RUSAGE_CHILDREN) { - struct mm_struct *mm = get_task_mm(p); + if (who == RUSAGE_CHILDREN) + goto out_children; - if (mm) { - setmax_mm_hiwater_rss(&maxrss, mm); - mmput(mm); - } + thread_group_cputime_adjusted(p, &tgutime, &tgstime); + utime += tgutime; + stime += tgstime; + +out_thread: + mm = get_task_mm(p); + if (mm) { + setmax_mm_hiwater_rss(&maxrss, mm); + mmput(mm); } + +out_children: r->ru_maxrss = maxrss * (PAGE_SIZE / 1024); /* convert pages to KBs */ + r->ru_utime = ns_to_kernel_old_timeval(utime); + r->ru_stime = ns_to_kernel_old_timeval(stime); } SYSCALL_DEFINE2(getrusage, int, who, struct rusage __user *, ru) _ Patches currently in -mm which might be from oleg(a)redhat.com are ptrace_attach-shift-sendsigstop-into-ptrace_set_stopped.patch

1 year, 7 months

1
0
0 0

[PATCH] ASoC: tas2781: remove unused acpi_subysystem_id

by Gergo Koteles

The acpi_subysystem_id is only written and freed, not read, so unnecessary. Fixes: ef3bcde75d06 ("ASoC: tas2781: Add tas2781 driver") CC: stable(a)vger.kernel.org Signed-off-by: Gergo Koteles <soyer(a)irl.hu> --- include/sound/tas2781.h | 1 - sound/pci/hda/tas2781_hda_i2c.c | 10 ---------- sound/soc/codecs/tas2781-comlib.c | 1 - 3 files changed, 12 deletions(-) diff --git a/include/sound/tas2781.h b/include/sound/tas2781.h index 9aff384941de..99ca3e401fd1 100644 --- a/include/sound/tas2781.h +++ b/include/sound/tas2781.h @@ -103,7 +103,6 @@ struct tasdevice_priv { struct tm tm; enum device_catlog_id catlog_id; - const char *acpi_subsystem_id; unsigned char cal_binaryname[TASDEVICE_MAX_CHANNELS][64]; unsigned char crc8_lkp_tbl[CRC8_TABLE_SIZE]; unsigned char coef_binaryname[64]; diff --git a/sound/pci/hda/tas2781_hda_i2c.c b/sound/pci/hda/tas2781_hda_i2c.c index 1bfb00102a77..02c85084aca5 100644 --- a/sound/pci/hda/tas2781_hda_i2c.c +++ b/sound/pci/hda/tas2781_hda_i2c.c @@ -129,18 +129,8 @@ static int tas2781_read_acpi(struct tasdevice_priv *p, const char *hid) acpi_dev_free_resource_list(&resources); strscpy(p->dev_name, hid, sizeof(p->dev_name)); - physdev = get_device(acpi_get_first_physical_node(adev)); acpi_dev_put(adev); - /* No side-effect to the playback even if subsystem_id is NULL*/ - sub = acpi_get_subsystem_id(ACPI_HANDLE(physdev)); - if (IS_ERR(sub)) - sub = NULL; - - p->acpi_subsystem_id = sub; - - put_device(physdev); - return 0; err: diff --git a/sound/soc/codecs/tas2781-comlib.c b/sound/soc/codecs/tas2781-comlib.c index 5d0e5348b361..3aa81514dad7 100644 --- a/sound/soc/codecs/tas2781-comlib.c +++ b/sound/soc/codecs/tas2781-comlib.c @@ -408,7 +408,6 @@ void tasdevice_remove(struct tasdevice_priv *tas_priv) { if (gpio_is_valid(tas_priv->irq_info.irq_gpio)) gpio_free(tas_priv->irq_info.irq_gpio); - kfree(tas_priv->acpi_subsystem_id); mutex_destroy(&tas_priv->codec_lock); } EXPORT_SYMBOL_GPL(tasdevice_remove); base-commit: 610010737f74482a61896596a0116876ecf9e65c -- 2.43.0

1 year, 7 months

3
7
0 0

[PATCH AUTOSEL 4.19 1/3] ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()

by Sasha Levin

From: Baokun Li <libaokun1(a)huawei.com> [ Upstream commit 4530b3660d396a646aad91a787b6ab37cf604b53 ] Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to avoid allocating blocks from a group with a corrupted block bitmap in the following concurrency and making the situation worse. ext4_mb_regular_allocator ext4_lock_group(sb, group) ext4_mb_good_group // check if the group bbitmap is corrupted ext4_mb_complex_scan_group // Scan group gets ac_b_ex but doesn't use it ext4_unlock_group(sb, group) ext4_mark_group_bitmap_corrupted(group) // The block bitmap was corrupted during // the group unlock gap. ext4_mb_try_best_found ext4_lock_group(ac->ac_sb, group) ext4_mb_use_best_found mb_mark_used // Allocating blocks in block bitmap corrupted group Signed-off-by: Baokun Li <libaokun1(a)huawei.com> Reviewed-by: Jan Kara <jack(a)suse.cz> Link: https://lore.kernel.org/r/20240104142040.2835097-7-libaokun1@huawei.com Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- fs/ext4/mballoc.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index 8875fac9f958..cf034a38e8ba 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -1802,6 +1802,9 @@ int ext4_mb_try_best_found(struct ext4_allocation_context *ac, return err; ext4_lock_group(ac->ac_sb, group); + if (unlikely(EXT4_MB_GRP_BBITMAP_CORRUPT(e4b->bd_info))) + goto out; + max = mb_find_extent(e4b, ex.fe_start, ex.fe_len, &ex); if (max > 0) { @@ -1809,6 +1812,7 @@ int ext4_mb_try_best_found(struct ext4_allocation_context *ac, ext4_mb_use_best_found(ac, e4b); } +out: ext4_unlock_group(ac->ac_sb, group); ext4_mb_unload_buddy(e4b); -- 2.43.0

1 year, 7 months

1
2
0 0

[PATCH AUTOSEL 5.4 1/7] ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()

by Sasha Levin

From: Baokun Li <libaokun1(a)huawei.com> [ Upstream commit 4530b3660d396a646aad91a787b6ab37cf604b53 ] Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to avoid allocating blocks from a group with a corrupted block bitmap in the following concurrency and making the situation worse. ext4_mb_regular_allocator ext4_lock_group(sb, group) ext4_mb_good_group // check if the group bbitmap is corrupted ext4_mb_complex_scan_group // Scan group gets ac_b_ex but doesn't use it ext4_unlock_group(sb, group) ext4_mark_group_bitmap_corrupted(group) // The block bitmap was corrupted during // the group unlock gap. ext4_mb_try_best_found ext4_lock_group(ac->ac_sb, group) ext4_mb_use_best_found mb_mark_used // Allocating blocks in block bitmap corrupted group Signed-off-by: Baokun Li <libaokun1(a)huawei.com> Reviewed-by: Jan Kara <jack(a)suse.cz> Link: https://lore.kernel.org/r/20240104142040.2835097-7-libaokun1@huawei.com Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- fs/ext4/mballoc.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index 9e5aa625ab30..c1af95898aa4 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -1802,6 +1802,9 @@ int ext4_mb_try_best_found(struct ext4_allocation_context *ac, return err; ext4_lock_group(ac->ac_sb, group); + if (unlikely(EXT4_MB_GRP_BBITMAP_CORRUPT(e4b->bd_info))) + goto out; + max = mb_find_extent(e4b, ex.fe_start, ex.fe_len, &ex); if (max > 0) { @@ -1809,6 +1812,7 @@ int ext4_mb_try_best_found(struct ext4_allocation_context *ac, ext4_mb_use_best_found(ac, e4b); } +out: ext4_unlock_group(ac->ac_sb, group); ext4_mb_unload_buddy(e4b); -- 2.43.0

1 year, 7 months

1
6
0 0

[PATCH AUTOSEL 5.15 01/23] ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt

by Sasha Levin

From: Baokun Li <libaokun1(a)huawei.com> [ Upstream commit 993bf0f4c393b3667830918f9247438a8f6fdb5b ] Determine if bb_fragments is 0 instead of determining bb_free to eliminate the risk of dividing by zero when the block bitmap is corrupted. Signed-off-by: Baokun Li <libaokun1(a)huawei.com> Reviewed-by: Jan Kara <jack(a)suse.cz> Link: https://lore.kernel.org/r/20240104142040.2835097-6-libaokun1@huawei.com Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- fs/ext4/mballoc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index e44c28ceb9cd..3df3c3894f7b 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -853,7 +853,7 @@ mb_update_avg_fragment_size(struct super_block *sb, struct ext4_group_info *grp) { struct ext4_sb_info *sbi = EXT4_SB(sb); - if (!test_opt2(sb, MB_OPTIMIZE_SCAN) || grp->bb_free == 0) + if (!test_opt2(sb, MB_OPTIMIZE_SCAN) || grp->bb_fragments == 0) return; write_lock(&sbi->s_mb_rb_lock); -- 2.43.0

1 year, 7 months

1
22
0 0

[PATCH AUTOSEL 6.1 01/29] ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt

by Sasha Levin

From: Baokun Li <libaokun1(a)huawei.com> [ Upstream commit 993bf0f4c393b3667830918f9247438a8f6fdb5b ] Determine if bb_fragments is 0 instead of determining bb_free to eliminate the risk of dividing by zero when the block bitmap is corrupted. Signed-off-by: Baokun Li <libaokun1(a)huawei.com> Reviewed-by: Jan Kara <jack(a)suse.cz> Link: https://lore.kernel.org/r/20240104142040.2835097-6-libaokun1@huawei.com Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- fs/ext4/mballoc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index 33be702d6e38..779555925029 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -831,7 +831,7 @@ mb_update_avg_fragment_size(struct super_block *sb, struct ext4_group_info *grp) struct ext4_sb_info *sbi = EXT4_SB(sb); int new_order; - if (!test_opt2(sb, MB_OPTIMIZE_SCAN) || grp->bb_free == 0) + if (!test_opt2(sb, MB_OPTIMIZE_SCAN) || grp->bb_fragments == 0) return; new_order = mb_avg_fragment_size_order(sb, -- 2.43.0

1 year, 7 months

1
28
0 0

[PATCH AUTOSEL 6.6 01/38] ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt

by Sasha Levin

From: Baokun Li <libaokun1(a)huawei.com> [ Upstream commit 993bf0f4c393b3667830918f9247438a8f6fdb5b ] Determine if bb_fragments is 0 instead of determining bb_free to eliminate the risk of dividing by zero when the block bitmap is corrupted. Signed-off-by: Baokun Li <libaokun1(a)huawei.com> Reviewed-by: Jan Kara <jack(a)suse.cz> Link: https://lore.kernel.org/r/20240104142040.2835097-6-libaokun1@huawei.com Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- fs/ext4/mballoc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index 9a4b73485ded..f74a8f144a66 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -841,7 +841,7 @@ mb_update_avg_fragment_size(struct super_block *sb, struct ext4_group_info *grp) struct ext4_sb_info *sbi = EXT4_SB(sb); int new_order; - if (!test_opt2(sb, MB_OPTIMIZE_SCAN) || grp->bb_free == 0) + if (!test_opt2(sb, MB_OPTIMIZE_SCAN) || grp->bb_fragments == 0) return; new_order = mb_avg_fragment_size_order(sb, -- 2.43.0

1 year, 7 months

1
37
0 0

[PATCH v2] clocksource: timer-riscv: Clear timer interrupt on timer initialization

by Ley Foon Tan

In the RISC-V specification, the stimecmp register doesn't have a default value. To prevent the timer interrupt from being triggered during timer initialization, clear the timer interrupt by writing stimecmp with a maximum value. Fixes: 9f7a8ff6391f ("RISC-V: Prefer sstc extension if available") Cc: <stable(a)vger.kernel.org> Signed-off-by: Ley Foon Tan <leyfoon.tan(a)starfivetech.com> --- v2: Resolved comments from Anup. - Moved riscv_clock_event_stop() to riscv_timer_starting_cpu(). - Added Fixes tag --- drivers/clocksource/timer-riscv.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/clocksource/timer-riscv.c b/drivers/clocksource/timer-riscv.c index e66dcbd66566..672669eb7281 100644 --- a/drivers/clocksource/timer-riscv.c +++ b/drivers/clocksource/timer-riscv.c @@ -116,6 +116,9 @@ static int riscv_timer_starting_cpu(unsigned int cpu) ce->rating = 450; clockevents_config_and_register(ce, riscv_timebase, 100, 0x7fffffff); + /* Clear timer interrupt */ + riscv_clock_event_stop(); + enable_percpu_irq(riscv_clock_event_irq, irq_get_trigger_type(riscv_clock_event_irq)); return 0; -- 2.43.0

1 year, 7 months

3
2
0 0

[PATCH 6.7 000/641] 6.7.2-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.7.2 release. There are 641 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 24 Jan 2024 23:56:49 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.7.2-rc1.… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.7.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.7.2-rc1 Marek Szyprowski <m.szyprowski(a)samsung.com> i2c: s3c24xx: fix transferring more than one message in polling mode Marek Szyprowski <m.szyprowski(a)samsung.com> i2c: s3c24xx: fix read transfers in polling mode Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work Amit Cohen <amcohen(a)nvidia.com> selftests: mlxsw: qos_pfc: Adjust the test to support 8 lanes Petr Machata <petrm(a)nvidia.com> mlxsw: spectrum_router: Register netdevice notifier before nexthop Ido Schimmel <idosch(a)nvidia.com> mlxsw: spectrum_acl_tcam: Fix stack corruption Ido Schimmel <idosch(a)nvidia.com> mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path Amit Cohen <amcohen(a)nvidia.com> mlxsw: spectrum_acl_erp: Fix error flow of pool allocation failure Christoph Hellwig <hch(a)lst.de> loop: fix the the direct I/O support check when used on top of block devices Ludvig Pärsson <ludvig.parsson(a)axis.com> ethtool: netlink: Add missing ethnl_ops_begin/complete Mark Brown <broonie(a)kernel.org> arm64/ptrace: Don't flush ZA/ZT storage when writing ZA via ptrace Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> kdb: Fix a potential buffer overflow in kdb_local() Pavel Begunkov <asml.silence(a)gmail.com> io_uring: adjust defer tw counting Fedor Pchelkin <pchelkin(a)ispras.ru> ipvs: avoid stat macros calls from preemptible context Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: reject NFT_SET_CONCAT with not field length description Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: skip dead set elements in netlink dump Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: do not allow mismatch field size and set key length Pavel Tikhomirov <ptikhomirov(a)virtuozzo.com> netfilter: bridge: replace physindev with physinif in nf_bridge_info Pavel Tikhomirov <ptikhomirov(a)virtuozzo.com> netfilter: propagate net to nf_bridge_get_physindev Pavel Tikhomirov <ptikhomirov(a)virtuozzo.com> netfilter: nf_queue: remove excess nf_bridge variable Pavel Tikhomirov <ptikhomirov(a)virtuozzo.com> netfilter: nfnetlink_log: use proper helper for fetching physinif Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_limit: do not ignore unsupported flags Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: reject invalid set policy Jakub Kicinski <kuba(a)kernel.org> net: netdevsim: don't try to destroy PHC on VFs Paolo Abeni <pabeni(a)redhat.com> mptcp: relax check on MPC passive fallback Hengqi Chen <hengqi.chen(a)gmail.com> LoongArch: BPF: Prevent out-of-bounds memory access Kunwu Chan <chentao(a)kylinos.cn> net: dsa: vsc73xx: Add null pointer check to vsc73xx_gpio_probe Hao Sun <sunhao.th(a)gmail.com> bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS Qiang Ma <maqianga(a)uniontech.com> net: stmmac: ethtool: Fixed calltrace caused by unbalanced disable_irq_wake calls Benjamin Poirier <bpoirier(a)nvidia.com> selftests: bonding: Change script interpreter Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: fall back to INPUT power for AVG power via INFO IOCTL Dafna Hirschfeld <dhirschfeld(a)habana.ai> drm/amdkfd: fixes for HMM mem allocation Lukas Wunner <lukas(a)wunner.de> gpiolib: Fix scope-based gpio_device refcounting Kai Vehmanen <kai.vehmanen(a)linux.intel.com> ASoC: SOF: ipc4-loader: remove the CPC check warnings Su Hui <suhui(a)nfschina.com> gpio: mlxbf3: add an error code check in mlxbf3_gpio_probe Michal Simek <michal.simek(a)amd.com> dt-bindings: gpio: xilinx: Fix node address in gpio Nikita Yushchenko <nikita.yoush(a)cogentembedded.com> net: ravb: Fix dma_addr_t truncation in error case John Fastabend <john.fastabend(a)gmail.com> net: tls, fix WARNIING in __sk_msg_free Martin KaFai Lau <martin.lau(a)kernel.org> bpf: Avoid iter->offset making backward progress in bpf_iter_udp Martin KaFai Lau <martin.lau(a)kernel.org> bpf: iter_udp: Retry with a larger batch size without going back to the previous bucket Marc Kleine-Budde <mkl(a)pengutronix.de> net: netdev_queue: netdev_txq_completed_mb(): fix wake condition Eric Dumazet <edumazet(a)google.com> net: add more sanity check in virtio_net_hdr_to_skb() Gao Xiang <xiang(a)kernel.org> erofs: fix inconsistent per-file compression format Eric Dumazet <edumazet(a)google.com> udp: annotate data-races around up->pending Sneh Shah <quic_snehshah(a)quicinc.com> net: stmmac: Fix ethool link settings ops for integrated PCS Jens Axboe <axboe(a)kernel.dk> block: ensure we hold a queue reference when using queue limits Eric Dumazet <edumazet(a)google.com> mptcp: refine opt_mp_capable determination Eric Dumazet <edumazet(a)google.com> mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() Eric Dumazet <edumazet(a)google.com> mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() Eric Dumazet <edumazet(a)google.com> mptcp: strict validation before using mp_opt->hmac Eric Dumazet <edumazet(a)google.com> mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN Amadeusz Sławiński <amadeuszx.slawinski(a)linux.intel.com> ALSA: hda: Properly setup HDMI stream Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> net: phy: micrel: populate .soft_reset for KSZ9131 Horatiu Vultur <horatiu.vultur(a)microchip.com> net: micrel: Fix PTP frame parsing for lan8841 Chancel Liu <chancel.liu(a)nxp.com> ALSA: aloop: Introduce a function to get if access is interleaved mode Taehee Yoo <ap420073(a)gmail.com> amt: do not use overwrapped cb area Sanjuán García, Jorge <Jorge.SanjuanGarcia(a)duagon.com> net: ethernet: ti: am65-cpsw: Fix max mtu to fit ethernet frames Nithin Dabilpuram <ndabilpuram(a)marvell.com> octeontx2-af: CN10KB: Fix FIFO length calculation for RPM2 David Howells <dhowells(a)redhat.com> rxrpc: Fix use of Don't Fragment flag Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events Lin Ma <linma(a)zju.edu.cn> net: qualcomm: rmnet: fix global oob in rmnet_policy Niklas Schnelle <schnelle(a)linux.ibm.com> s390/pci: fix max size calculation in zpci_memcpy_toio() AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> ASoC: mediatek: sof-common: Add NULL check for normal_link string Jianjun Wang <jianjun.wang(a)mediatek.com> PCI: mediatek-gen3: Fix translation window size calculation Gaosheng Cui <cuigaosheng1(a)huawei.com> apparmor: Fix memory leak in unpack_profile() Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: keystone: Fix race condition when initializing PHYs Maurizio Lombardi <mlombard(a)redhat.com> nvmet-tcp: Fix the H2C expected PDU len calculation Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> PCI: xilinx-xdma: Fix error code in xilinx_pl_dma_pcie_init_irq_domain() Krzysztof Wilczyński <kwilczynski(a)kernel.org> PCI: xilinx-xdma: Fix uninitialized symbols in xilinx_pl_dma_pcie_setup_irq() Arnd Bergmann <arnd(a)arndb.de> nvme: trace: avoid memcpy overflow warning Arnd Bergmann <arnd(a)arndb.de> nvmet: re-fix tracing strncpy() warning Shameer Kolothum <shameerali.kolothum.thodi(a)huawei.com> hisi_acc_vfio_pci: Update migration data pointer correctly on saving/resume Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> spi: coldfire-qspi: Remove an erroneous clk_disable_unprepare() from the remove function Dan Williams <dan.j.williams(a)intel.com> cxl/port: Fix missing target list lock Ben Gainey <ben.gainey(a)arm.com> perf db-export: Fix missing reference count get in call_path_from_sample() Dan Carpenter <dan.carpenter(a)linaro.org> cdx: Unlock on error path in rescan_store() Dan Carpenter <dan.carpenter(a)linaro.org> cdx: call of_node_put() on error path Sam Ravnborg <sam(a)ravnborg.org> serial: apbuart: fix console prompt on qemu Christoph Niedermaier <cniedermaier(a)dh-electronics.com> serial: imx: Correct clock error message in function probe() Chunfeng Yun <chunfeng.yun(a)mediatek.com> usb: xhci-mtk: fix a short packet issue of gen1 isoc-in transfer Fedor Pchelkin <pchelkin(a)ispras.ru> apparmor: avoid crash when parsed profile name is empty Fedor Pchelkin <pchelkin(a)ispras.ru> apparmor: fix possible memory leak in unpack_trans_table Jim Harris <jim.harris(a)samsung.com> cxl/region: fix x9 interleave typo Ian Rogers <irogers(a)google.com> perf stat: Fix hard coded LL miss units Ian Rogers <irogers(a)google.com> perf env: Avoid recursively taking env->bpf_progs.lock Fedor Pchelkin <pchelkin(a)ispras.ru> apparmor: free the allocated pdb objects Christoph Hellwig <hch(a)lst.de> nvmet-tcp: fix a missing endianess conversion in nvmet_tcp_try_peek_pdu Maurizio Lombardi <mlombard(a)redhat.com> nvmet-tcp: fix a crash in nvmet_req_complete() Maurizio Lombardi <mlombard(a)redhat.com> nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length John Johansen <john.johansen(a)canonical.com> apparmor: Fix ref count leak in task_kill Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> vdpa: Fix an error handling path in eni_vdpa_probe() Kunwu Chan <chentao(a)kylinos.cn> power: supply: Fix null pointer dereference in smb2_probe Jing Zhang <renyu.zj(a)linux.alibaba.com> perf vendor events: Remove UTF-8 characters from cmn.json Ashish Mhetre <amhetre(a)nvidia.com> iommu: Don't reserve 0-length IOVA region Ayush Singh <ayushdevel1325(a)gmail.com> greybus: gb-beagleplay: Remove use of pad bytes Andrzej Pietrasiewicz <andrzej.p(a)collabora.com> usb: gadget: webcam: Make g_webcam loadable again Nícolas F. R. A. Prado <nfraprado(a)collabora.com> spmi: mtk-pmif: Serialize PMIF status check and command submission Rob Herring <robh(a)kernel.org> cdx: Explicitly include correct DT includes, again Douglas Anderson <dianders(a)chromium.org> usb: core: Fix crash w/ usb_choose_configuration() if no driver Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> arm64: dts: qcom: qrb5165-rb5: use u16 for DP altmode svid Oliver Neukum <oneukum(a)suse.com> usb: cdc-acm: return correct error code on unsupported break Manivannan Sadhasivam <mani(a)kernel.org> PCI: epf-mhi: Fix the DMA data direction of dma_unmap_single() Manivannan Sadhasivam <mani(a)kernel.org> bus: mhi: ep: Pass mhi_ep_buf_info struct to read/write APIs Manivannan Sadhasivam <mani(a)kernel.org> bus: mhi: ep: Use slab allocator where applicable Manivannan Sadhasivam <mani(a)kernel.org> bus: mhi: ep: Do not allocate event ring element on stack Namhyung Kim <namhyung(a)kernel.org> perf unwind-libunwind: Fix base address for .eh_frame Namhyung Kim <namhyung(a)kernel.org> perf unwind-libdw: Handle JIT-generated DSOs properly Namhyung Kim <namhyung(a)kernel.org> perf genelf: Set ELF program header addresses properly Yicong Yang <yangyicong(a)hisilicon.com> perf hisi-ptt: Fix one memory leakage in hisi_ptt_process_auxtrace_event() Yicong Yang <yangyicong(a)hisilicon.com> perf header: Fix one memory leakage in perf_event__fprintf_event_update() Nuno Sa <nuno.sa(a)analog.com> iio: adc: ad9467: fix scale setting Nuno Sa <nuno.sa(a)analog.com> iio: adc: ad9467: add mutex to struct ad9467_state Nuno Sa <nuno.sa(a)analog.com> iio: adc: ad9467: don't ignore error codes Nuno Sa <nuno.sa(a)analog.com> iio: adc: ad9467: fix reset gpio handling Zhao Mengmeng <zhaomengmeng(a)kylinos.cn> selftests/sgx: Skip non X86_64 platform Jo Van Bulck <jo.vanbulck(a)cs.kuleuven.be> selftests/sgx: Include memory clobber for inline asm in test enclave Jo Van Bulck <jo.vanbulck(a)cs.kuleuven.be> selftests/sgx: Fix uninitialized pointer dereferences in encl_get_entry Jo Van Bulck <jo.vanbulck(a)cs.kuleuven.be> selftests/sgx: Fix uninitialized pointer dereference in error path Paul Geurts <paul_geurts(a)live.nl> serial: imx: fix tx statemachine deadlock Sakari Ailus <sakari.ailus(a)linux.intel.com> software node: Let args be NULL in software_node_get_reference_args Sakari Ailus <sakari.ailus(a)linux.intel.com> acpi: property: Let args be NULL in __acpi_node_get_property_reference Gregory Price <gourry.memverge(a)gmail.com> base/node.c: initialize the accessor list before registering Ian Rogers <irogers(a)google.com> perf stat: Exit perf stat if parse groups fails Kan Liang <kan.liang(a)linux.intel.com> perf mem: Fix error on hybrid related to availability of mem event in a PMU Athira Rajeev <atrajeev(a)linux.vnet.ibm.com> perf vendor events powerpc: Update datasource event name to fix duplicate events Ilkka Koskinen <ilkka(a)os.amperecomputing.com> perf vendor events arm64 AmpereOne: Rename BPU_FLUSH_MEM_FAULT to GPC_FLUSH_MEM_FAULT Brett Creeley <brett.creeley(a)amd.com> vfio/pds: Fix calculations in pds_vfio_dirty_sync Veronika Molnarova <vmolnaro(a)redhat.com> perf test record user-regs: Fix mask for vg register Douglas Anderson <dianders(a)chromium.org> r8152: Choose our USB config with choose_configuration() rather than probe() Douglas Anderson <dianders(a)chromium.org> usb: core: Allow subclassed USB drivers to override usb_choose_configuration() Umang Jain <umang.jain(a)ideasonboard.com> staging: vc04_services: Do not pass NULL to vchiq_log_error() Umang Jain <umang.jain(a)ideasonboard.com> staging: vc04_services: vchiq_core: Log through struct vchiq_instance Arnaldo Carvalho de Melo <acme(a)redhat.com> libapi: Add missing linux/types.h header to get the __u64 type on io.h Adrian Hunter <adrian.hunter(a)intel.com> perf header: Fix segfault on build_mem_topology() error path Nick Forrington <nick.forrington(a)arm.com> perf test: Remove atomics from test_loop to avoid test failures Laurentiu Tudor <laurentiu.tudor(a)nxp.com> iommu: Map reserved memory as cacheable if device is coherent Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> PCI: Avoid potential out-of-bounds read in pci_dev_for_each_resource() Su Hui <suhui(a)nfschina.com> power: supply: bq256xx: fix some problem in bq256xx_hw_init Jan Palus <jpalus(a)fastmail.com> power: supply: cw2015: correct time_to_empty units in sysfs Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> MIPS: Alchemy: Fix an out-of-bound access in db1550_dev_setup() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> MIPS: Alchemy: Fix an out-of-bound access in db1200_dev_setup() Ankit Nautiyal <ankit.k.nautiyal(a)intel.com> drm/i915/dp: Fix the max DSC bpc supported by source Frederik Haxel <haxel(a)fzi.de> riscv: Fixed wrong register in XIP_FIXUP_FLASH_OFFSET macro Alexandre Ghiti <alexghiti(a)rivosinc.com> riscv: Fix set_direct_map_default_noflush() to reset _PAGE_EXEC Alexandre Ghiti <alexghiti(a)rivosinc.com> riscv: Fix module_alloc() that did not reset the linear mapping permissions Alexandre Ghiti <alexghiti(a)rivosinc.com> riscv: Fix wrong usage of lm_alias() when splitting a huge linear mapping Alexandre Ghiti <alexghiti(a)rivosinc.com> riscv: Check if the code to patch lies in the exit section Vincent Whitchurch <vincent.whitchurch(a)axis.com> um: virt-pci: fix platform map offset Serge Semin <fancer.lancer(a)gmail.com> mips: Fix incorrect max_low_pfn adjustment Serge Semin <fancer.lancer(a)gmail.com> mips: dmi: Fix early remap on MIPS32 Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> srcu: Use try-lock lockdep annotation for NMI-safe access. Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> mfd: intel-lpss: Fix the fractional clock divider flags Kunwu Chan <chentao(a)kylinos.cn> mfd: tps6594: Add null pointer check to tps6594_device_init() Martin Kurbanov <mmkurbanov(a)salutedevices.com> leds: aw200xx: Fix write to DIM parameter Dang Huynh <danct12(a)riseup.net> leds: aw2013: Select missing dependency REGMAP_I2C Paul E. McKenney <paulmck(a)kernel.org> rcu: Restrict access to RCU CPU stall notifiers Kunwu Chan <chentao(a)kylinos.cn> mfd: syscon: Fix null pointer dereference in of_syscon_register() Charles Keepax <ckeepax(a)opensource.cirrus.com> mfd: cs42l43: Correct SoundWire port list Neil Armstrong <neil.armstrong(a)linaro.org> mfd: rk8xx: fixup devices registration with PLATFORM_DEVID_AUTO Randy Dunlap <rdunlap(a)infradead.org> ARM: 9330/1: davinci: also select PINCTRL Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: set safe default SPI clock frequency Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: add check for unsupported SPI modes during probe Jason Gerecke <jason.gerecke(a)wacom.com> HID: wacom: Correct behavior when processing some confidence == false touches Yauhen Kharuzhy <jekhor(a)gmail.com> HID: sensor-hub: Enable hid core report processing for all devices Marcelo Schmitt <marcelo.schmitt(a)analog.com> iio: adc: ad7091r: Pass iio_dev to event handler Sean Christopherson <seanjc(a)google.com> KVM: x86/pmu: Reset the PMU, i.e. stop counters, before refreshing Sean Christopherson <seanjc(a)google.com> KVM: x86/pmu: Move PMU reset logic to common x86 code Oliver Upton <oliver.upton(a)linux.dev> KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache Marc Zyngier <maz(a)kernel.org> KVM: arm64: vgic-v4: Restore pending state on host userspace write Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> x86/kvm: Do not try to disable kvmclock if it was not enabled Manivannan Sadhasivam <mani(a)kernel.org> ARM: dts: qcom: sdx55: Fix the base address of PCIe PHY qizhong cheng <qizhong.cheng(a)mediatek.com> PCI: mediatek: Clear interrupt status before dispatching handler Niklas Cassel <niklas.cassel(a)wdc.com> PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support Bjorn Helgaas <bhelgaas(a)google.com> x86/pci: Reserve ECAM if BIOS didn't include it in PNP0C02 _CRS Tadeusz Struk <tstruk(a)gigaio.com> PCI/P2PDMA: Remove reference to pci_p2pdma_map_sg() Huang Ying <ying.huang(a)intel.com> cxl/port: Fix decoder initialization when nr_targets > interleave_ways Christian König <christian.koenig(a)amd.com> drm/amdgpu: revert "Adjust removal control flow for smu v13_0_2" Sean Christopherson <seanjc(a)google.com> Revert "nSVM: Check for reserved encodings of TLB_CONTROL in nested VMCB" Nicolas Dichtel <nicolas.dichtel(a)6wind.com> Revert "net: rtnetlink: Enslave device before bringing it up" Romain Gantois <romain.gantois(a)bootlin.com> net: stmmac: Prevent DSA tags from breaking COE Petr Tesarik <petr(a)tesarici.cz> net: stmmac: fix ethtool per-queue statistics David Lin <yu-hao.lin(a)nxp.com> wifi: mwifiex: fix uninitialized firmware_stat David Lin <yu-hao.lin(a)nxp.com> wifi: mwifiex: configure BSSID consistently when starting AP David Lin <yu-hao.lin(a)nxp.com> wifi: mwifiex: add extra delay for firmware ready Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code Christian Marangi <ansuelsmth(a)gmail.com> wifi: mt76: fix broken precal loading from MTD for mt7915 Isaac J. Manjarres <isaacmanjarres(a)google.com> iommu/dma: Trace bounce buffer usage when mapping buffers Rob Clark <robdclark(a)chromium.org> iommu/arm-smmu-qcom: Add missing GMU entry to match table Aurelien Jarno <aurelien(a)aurel32.net> media: solo6x10: replace max(a, min(b, c)) by clamp(b, a, c) Jiri Olsa <olsajiri(a)gmail.com> bpf: Fix re-attachment branch in bpf_tracing_prog_attach Gui-Dong Han <2045gemini(a)gmail.com> Bluetooth: Fix atomicity violation in {min,max}_key_size_set Stefan Berger <stefanb(a)linux.ibm.com> rootfs: Fix support for rootfstype= when root= is given Bart Van Assche <bvanassche(a)acm.org> md/raid1: Use blk_opf_t for read and write operations Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> pwm: Fix out-of-bounds access in of_pwm_single_xlate() Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> pwm: jz4740: Don't use dev_err_probe() in .request() Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: check if catch-all set element is active in next generation Matthew Wilcox (Oracle) <willy(a)infradead.org> block: Fix iterating over an empty bio with bio_for_each_folio_all Matthew Wilcox (Oracle) <willy(a)infradead.org> block: Remove special-casing of compound pages Min Li <min15.li(a)samsung.com> block: add check that partition length needs to be aligned with block size Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Enable PCIe PME from D3 Yu Kuai <yukuai3(a)huawei.com> md: Fix md_seq_ops() regressions Junxiao Bi <junxiao.bi(a)oracle.com> md: bypass block throttle for superblock update Chandrakanth patil <chandrakanth.patil(a)broadcom.com> scsi: mpi3mr: Block PEL Enable Command on Controller Reset and Unrecoverable State Chandrakanth patil <chandrakanth.patil(a)broadcom.com> scsi: mpi3mr: Clean up block devices post controller reset Chandrakanth patil <chandrakanth.patil(a)broadcom.com> scsi: mpi3mr: Refresh sdev queue depth after controller reset Amir Goldstein <amir73il(a)gmail.com> scsi: target: core: add missing file_{start,end}_write() Bart Van Assche <bvanassche(a)acm.org> scsi: ufs: core: Simplify power management during async scan Nam Cao <namcao(a)linutronix.de> fbdev: flush deferred IO before closing Nam Cao <namcao(a)linutronix.de> fbdev: flush deferred work in fb_deferred_io_fsync() Thomas Zimmermann <tzimmermann(a)suse.de> fbdev/acornfb: Fix name of fb_ops initializer macro Jens Axboe <axboe(a)kernel.dk> io_uring: ensure local task_work is run on wait timeout Jens Axboe <axboe(a)kernel.dk> io_uring/rw: ensure io->bytes_done is always initialized Pavel Begunkov <asml.silence(a)gmail.com> io_uring: don't check iopoll if request completes Xi Ruoyao <xry111(a)xry111.site> LoongArch: Fix and simplify fcsr initialization on execve() Eric Biggers <ebiggers(a)google.com> ceph: select FS_ENCRYPTION_ALGS if FS_ENCRYPTION Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: only v2 leases handle the directory Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix UAF issue in ksmbd_tcp_new_connection() Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: validate mech token in session setup Bin Li <bin.li(a)canonical.com> ALSA: hda/realtek: Enable headset mic on Lenovo M70 Gen5 Yo-Jung Lin <leo.lin(a)canonical.com> ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on HP ZBook Çağhan Demir <caghandemir(a)marun.edu.tr> ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx Takashi Iwai <tiwai(a)suse.de> ALSA: oxygen: Fix right channel of capture volume mixer Lino Sanfilippo <l.sanfilippo(a)kunbus.com> serial: omap: do not override settings for RS485 support Lino Sanfilippo <l.sanfilippo(a)kunbus.com> serial: 8250_exar: Set missing rs485_supported flag Christoph Niedermaier <cniedermaier(a)dh-electronics.com> serial: imx: Ensure that imx_uart_rs485_config() is called with enabled clock Lino Sanfilippo <l.sanfilippo(a)kunbus.com> serial: core, imx: do not set RS485 enabled if it is not supported Stefan Wahren <wahrenst(a)gmx.net> serial: 8250_bcm2835aux: Restore clock error handling Lino Sanfilippo <l.sanfilippo(a)kunbus.com> serial: core: set missing supported flag for RX during TX GPIO Lino Sanfilippo <l.sanfilippo(a)kunbus.com> serial: core: make sure RS485 cannot be enabled when it is not supported Lino Sanfilippo <l.sanfilippo(a)kunbus.com> serial: core: fix sanitizing check for RTS settings Lino Sanfilippo <l.sanfilippo(a)kunbus.com> serial: Do not hold the port lock when setting rx-during-tx GPIO Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> dt-bindings: phy: qcom,sc8280xp-qmp-usb43dp-phy: fix path to header Gui-Dong Han <2045gemini(a)gmail.com> usb: mon: Fix atomicity violation in mon_bin_vma_fault RD Babiera <rdbabiera(a)google.com> usb: typec: class: fix typec_altmode_put_partner to put plugs Heikki Krogerus <heikki.krogerus(a)linux.intel.com> Revert "usb: typec: class: fix typec_altmode_put_partner to put plugs" Frank Li <Frank.Li(a)nxp.com> usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg enabled Frank Li <Frank.Li(a)nxp.com> usb: cdns3: fix iso transfer error when mult is not zero Frank Li <Frank.Li(a)nxp.com> usb: cdns3: fix uvc failure work since sg support enabled Xu Yang <xu.yang_2(a)nxp.com> usb: chipidea: wait controller resume finished for wakeup irq Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> Revert "usb: dwc3: don't reset device side if dwc3 was configured as host-only" Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> Revert "usb: dwc3: Soft reset phy on probe for host" Wesley Cheng <quic_wcheng(a)quicinc.com> usb: dwc3: gadget: Queue PM runtime idle on disconnect event Wesley Cheng <quic_wcheng(a)quicinc.com> usb: dwc3: gadget: Handle EP0 request dequeuing properly Uttkarsh Aggarwal <quic_uaggarwa(a)quicinc.com> usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart Xu Yang <xu.yang_2(a)nxp.com> usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host() Richard Acayan <mailingradian(a)gmail.com> usb: gadget: u_ether: Re-attach netif device to mirror detachment Frank Li <Frank.Li(a)nxp.com> Revert "usb: gadget: f_uvc: change endpoint allocation in uvc_function_bind()" Heiko Carstens <hca(a)linux.ibm.com> tick-sched: Fix idle and iowait sleeptime accounting vs CPU hotplug Michael Ellerman <mpe(a)ellerman.id.au> powerpc/64s: Increase default stack size to 32KB Arnd Bergmann <arnd(a)arndb.de> clocksource/drivers/ep93xx: Fix error handling during probe Inochi Amaoto <inochiama(a)outlook.com> dt-bindings: timer: thead,c900-aclint-mtimer: separate mtime and mtimecmp regs Tony Lindgren <tony(a)atomide.com> clocksource/drivers/timer-ti-dm: Fix make W=n kerneldoc warnings Carlos Llamas <cmllamas(a)google.com> binder: fix race between mmput() and do_exit() Jan Beulich <jbeulich(a)suse.com> xen-netback: don't produce zero-size SKB frags Kaibo Ma <ent3rm4n(a)gmail.com> Revert "drm/amdkfd: Relocate TBA/TMA to opposite side of VM hole" Matthew Maurer <mmaurer(a)google.com> rust: Ignore preserve-most functions Hans de Goede <hdegoede(a)redhat.com> Input: atkbd - use ab83 as id when skipping the getid command Carlos Llamas <cmllamas(a)google.com> binder: fix unused alloc->free_async_space Carlos Llamas <cmllamas(a)google.com> binder: fix async space check for 0-sized buffers Jordan Rome <linux(a)jordanrome.com> selftests/bpf: Add assert for user stacks in test_task_stack Tejun Heo <tj(a)kernel.org> Revert "kernfs: convert kernfs_idr_lock to an irq safe raw spinlock" Andrea Righi <andrea.righi(a)canonical.com> kernfs: convert kernfs_idr_lock to an irq safe raw spinlock Jing Xia <jing.xia(a)unisoc.com> class: fix use-after-free in class_register() Geert Uytterhoeven <geert+renesas(a)glider.be> of: unittest: Fix of_count_phandle_with_args() expected value message Dario Binacchi <dario.binacchi(a)amarulasolutions.com> fbdev: imxfb: fix left margin setting Christian A. Ehrhardt <lk(a)c--e.de> of: Fix double free in of_parse_phandle_with_args_map Li Nan <linan122(a)huawei.com> ksmbd: validate the zero field of packet header Mirsad Todorovac <mirsad.todorovac(a)alu.unizg.hr> kselftest/alsa - conf: Stringify the printed errno in sysfs_get() Mirsad Todorovac <mirsad.todorovac(a)alu.unizg.hr> kselftest/alsa - mixer-test: Fix the print format specifier warning Mirsad Todorovac <mirsad.todorovac(a)alu.unizg.hr> kselftest/alsa - mixer-test: fix the number of parameters to ksft_exit_fail_msg() Arnd Bergmann <arnd(a)arndb.de> drm/amd/display: avoid stringop-overflow warnings for dp_decide_lane_settings() Zhipeng Lu <alexious(a)zju.edu.cn> drm/amd/pm/smu7: fix a memleak in smu7_hwmgr_backend_init Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c Sergey Gorenko <sergeygo(a)nvidia.com> IB/iser: Prevent invalidating wrong MR Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdkfd: Fix type of 'dbg_flags' in 'struct kfd_process' Peter Robinson <pbrobinson(a)gmail.com> mmc: sdhci_omap: Fix TI SoC dependencies Peter Robinson <pbrobinson(a)gmail.com> mmc: sdhci_am654: Fix TI SoC dependencies Geoffrey D. Bennett <g(a)b4.vu> ALSA: scarlett2: Add missing mutex lock around get meter levels Geoffrey D. Bennett <g(a)b4.vu> ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() Geoffrey D. Bennett <g(a)b4.vu> ALSA: scarlett2: Add missing error checks to *_ctl_get() Geoffrey D. Bennett <g(a)b4.vu> ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() Geoffrey D. Bennett <g(a)b4.vu> ALSA: scarlett2: Add missing error check to scarlett2_config_save() Hans de Goede <hdegoede(a)redhat.com> ASoC: rt5645: Drop double EF20 entry from dmi_platform_data[] Philipp Zabel <p.zabel(a)pengutronix.de> pwm: stm32: Fix enable count for clk in .probe() Philipp Zabel <p.zabel(a)pengutronix.de> pwm: stm32: Use hweight32 in stm32_pwm_detect_channels Théo Lebrun <theo.lebrun(a)bootlin.com> clk: fixed-rate: fix clk_hw_register_fixed_rate_with_accuracy_parent_hw Konrad Dybcio <konrad.dybcio(a)linaro.org> clk: qcom: dispcc-sm8550: Use the correct PLL configuration function Konrad Dybcio <konrad.dybcio(a)linaro.org> clk: qcom: dispcc-sm8550: Update disp PLL settings Konrad Dybcio <konrad.dybcio(a)linaro.org> clk: qcom: gpucc-sm8550: Update GPU PLL settings Konrad Dybcio <konrad.dybcio(a)linaro.org> clk: qcom: gcc-sm8550: Mark RCGs shared where applicable Konrad Dybcio <konrad.dybcio(a)linaro.org> clk: qcom: gcc-sm8550: use collapse-voting for PCIe GDSCs Konrad Dybcio <konrad.dybcio(a)linaro.org> clk: qcom: gcc-sm8550: Mark the PCIe GDSCs votable Konrad Dybcio <konrad.dybcio(a)linaro.org> clk: qcom: gcc-sm8550: Add the missing RETAIN_FF_ENABLE GDSC flag Xingyuan Mo <hdthky0(a)gmail.com> accel/habanalabs: fix information leak in sec_attest_info() Nícolas F. R. A. Prado <nfraprado(a)collabora.com> drm/mediatek: dp: Add phy_mtk_dp module as pre-dependency Gergo Koteles <soyer(a)irl.hu> ASoC: tas2781: add support for FW version 0x0503 Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: amd: vangogh: Drop conflicting ACPI-based probing Su Hui <suhui(a)nfschina.com> clk: si5341: fix an error code problem in si5341_output_clk_set_rate Marek Vasut <marek.vasut+renesas(a)mailbox.org> clk: rs9: Fix DIF OEn bit placement on 9FGV0241 Vignesh Raghavendra <vigneshr(a)ti.com> watchdog: rti_wdt: Drop runtime pm reference count when watchdog is unused Stefan Wahren <wahrenst(a)gmx.net> watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling Jerry Hoemann <jerry.hoemann(a)hpe.com> watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO Curtis Klein <curtis.klein(a)hpe.com> watchdog: set cdev owner before adding Jay Buddhabhatti <jay.buddhabhatti(a)amd.com> drivers: clk: zynqmp: update divider round rate logic Jay Buddhabhatti <jay.buddhabhatti(a)amd.com> drivers: clk: zynqmp: calculate closest mux rate Yang Yingliang <yangyingliang(a)huawei.com> clk: sp7021: fix return value check in sp7021_clk_probe() Satya Priya Kakitapalli <quic_skakitap(a)quicinc.com> clk: qcom: videocc-sm8150: Add missing PLL config property Zhiguo Niu <zhiguo.niu(a)unisoc.com> f2fs: fix to check return value of f2fs_recover_xattr_data Zhipeng Lu <alexious(a)zju.edu.cn> drm/amd/pm: fix a double-free in amdgpu_parse_extended_power_table Zhipeng Lu <alexious(a)zju.edu.cn> gpu/drm/radeon: fix two memleaks in radeon_vm_init Zhipeng Lu <alexious(a)zju.edu.cn> drivers/amd/pm: fix a use-after-free in kv_parse_power_table Zhipeng Lu <alexious(a)zju.edu.cn> drm/amd/pm: fix a double-free in si_dpm_init Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/debugfs: fix error code when smc register accessors are NULL Hsiao Chien Sung <shawn.sung(a)mediatek.com> drm/mediatek: Fix underrun in VDO1 when switches off the layer Hsiao Chien Sung <shawn.sung(a)mediatek.com> drm/mediatek: Remove the redundant driver data for DPI Hsiao Chien Sung <shawn.sung(a)mediatek.com> drm/mediatek: Return error if MDP RDMA failed to enable the clock Arnd Bergmann <arnd(a)arndb.de> media: i2c: mt9m114: use fsleep() in place of udelay() Jessica Zhang <quic_jesszhan(a)quicinc.com> drm/msm/dpu: Drop enable and frame_count parameters from dpu_hw_setup_misr() Jessica Zhang <quic_jesszhan(a)quicinc.com> drm/msm/dpu: Set input_sel bit for INTF Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> clk: renesas: rzg2l: Check reset monitor registers Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> clk: renesas: rzg2l-cpg: Reuse code in rzg2l_cpg_reset() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: dvb-frontends: m88ds3103: Fix a memory leak in an error handling path of m88ds3103_probe() Dan Carpenter <dan.carpenter(a)linaro.org> media: dvbdev: drop refcount on error path in dvb_device_open() Chao Yu <chao(a)kernel.org> f2fs: fix to update iostat correctly in f2fs_filemap_fault() Chao Yu <chao(a)kernel.org> f2fs: fix to check compress file in f2fs_move_file_range() Chao Yu <chao(a)kernel.org> f2fs: fix to wait on block writeback for post_read case Chris Morgan <macromorgan(a)hotmail.com> drm/panel: st7701: Fix AVCL calculation Bjorn Andersson <quic_bjorande(a)quicinc.com> drm/msm/adreno: Fix A680 chip id Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Fix memory leaks in rkisp1_isp_unregister() Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Fix media device memory leak Mehdi Djait <mehdi.djait(a)bootlin.com> media: dt-bindings: media: rkisp1: Fix the port description for the parallel interface Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: imx-mipi-csis: Drop extra clock enable at probe() Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: imx-mipi-csis: Fix clock handling in remove() Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: videobuf2: request more buffers for vb2_read Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: bttv: add back vbi hack Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: bttv: start_streaming should return a proper error code Daniel Rosenberg <drosen(a)google.com> f2fs: Restrict max filesize for 16K f2fs Satya Priya Kakitapalli <quic_skakitap(a)quicinc.com> clk: qcom: gpucc-sm8150: Update the gpu_cc_pll1 config Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix memory leak in free_mr_init() Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: SOF: Intel: pci-mtl: fix ARL-S definitions Zhipeng Lu <alexious(a)zju.edu.cn> media: cx231xx: fix a memleak in cx231xx_init_isoc Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/bridge: tc358767: Fix return value on error case Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/bridge: cdns-mhdp8546: Fix use of uninitialized variable Zhipeng Lu <alexious(a)zju.edu.cn> drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table Zhipeng Lu <alexious(a)zju.edu.cn> drm/radeon/dpm: fix a memleak in sumo_parse_power_table Yang Yingliang <yangyingliang(a)huawei.com> drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() Alex Hung <alex.hung(a)amd.com> drm/amd/display: Check writeback connectors in create_validate_stream_for_sink Harry Wentland <harry.wentland(a)amd.com> drm/amd/display: Use drm_connector in create_stream_for_sink Harry Wentland <harry.wentland(a)amd.com> drm/amd/display: Return drm_connector from find_first_crtc_matching_connector Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: correct clk bit for WB2 block AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> drm/panfrost: Ignore core_mask for poweroff and disable PWRTRANS irq Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: populate SSPP scaler block version Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: enable SmartDMA on SM8450 Bard Liao <yung-chuan.liao(a)linux.intel.com> ASoC: SOF: topology: Use partial match for disconnecting DAI link and DAI widget Bard Liao <yung-chuan.liao(a)linux.intel.com> ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL Brent Lu <brent.lu(a)intel.com> ASoC: Intel: glk_rt5682_max98357a: fix board id mismatch Sebastian Reichel <sre(a)kernel.org> media: v4l: async: Fix duplicated list deletion Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/drv: propagate errors from drm_modeset_register_all() Konrad Dybcio <konrad.dybcio(a)linaro.org> drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks Bjorn Andersson <quic_bjorande(a)quicinc.com> drm/msm/dpu: Add missing safe_lut_tbl in sc8180x catalog Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/mdp4: flush vblank event on disable Arnd Bergmann <arnd(a)arndb.de> drm/msm/a6xx: add QMP dependency Linus Walleij <linus.walleij(a)linaro.org> ASoC: cs35l34: Fix GPIO name and drop legacy include Linus Walleij <linus.walleij(a)linaro.org> ASoC: cs35l33: Fix GPIO name and drop legacy include Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> drm/imx/lcdc: Fix double-free of driver data Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/tidss: Fix dss reset Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/tidss: Check for K2G in in dispc_softreset() Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/tidss: Return error value from from softreset Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/tidss: Move reset to the end of dispc_init() Mario Limonciello <mario.limonciello(a)amd.com> drm/amd/display: Fix NULL pointer dereference at hibernate Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> drm/radeon: check return value of radeon_ring_lock() Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check() Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg() Arnd Bergmann <arnd(a)arndb.de> ASoC: fsl_rpmsg: update Kconfig dependencies Thomas Zimmermann <tzimmermann(a)suse.de> fbdev/sm712fb: Use correct initializer macros for struct fb_ops Xin Ji <xji(a)analogixsemi.com> Revert "drm/bridge: Add 200ms delay to wait FW HPD status stable" Chao Yu <chao(a)kernel.org> f2fs: fix to avoid dirent corruption Liu Ying <victor.liu(a)nxp.com> drm/bridge: imx93-mipi-dsi: Fix a couple of building warnings Dario Binacchi <dario.binacchi(a)amarulasolutions.com> drm/bridge: Fix typo in post_disable() description Luben Tuikov <ltuikov89(a)gmail.com> drm/sched: Fix bounds limiting when given a malformed entity Alexander Stein <alexander.stein(a)ew.tq-group.com> media: amphion: Fix VPU core alias name Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> media: rkvdec: Hook the (TRY_)DECODER_CMD stateless ioctls Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> media: verisilicon: Hook the (TRY_)DECODER_CMD stateless ioctls Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> media: visl: Hook the (TRY_)DECODER_CMD stateless ioctls Zheng Wang <zyytlz.wz(a)163.com> media: mtk-jpeg: Remove cancel worker in mtk_jpeg_remove to avoid the crash of multi-core JPEG devices Ricardo B. Marliere <ricardo(a)marliere.net> media: pvrusb2: fix use after free on context disconnection Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/tilcdc: Fix irq free on unload Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function Abhinav Singh <singhabhinav9051571833(a)gmail.com> drm/nouveau/fence:: fix warning directly dereferencing a rcu pointer Chris Morgan <macromorgan(a)hotmail.com> drm/panel-elida-kd35t133: hold panel in reset for unprepare Chris Morgan <macromorgan(a)hotmail.com> drm/panel: nv3051d: Hold panel in reset for unprepare Junxian Huang <huangjunxian6(a)hisilicon.com> RDMA/hns: Fix inappropriate err code for unsupported operations Leon Romanovsky <leon(a)kernel.org> RDMA/usnic: Silence uninitialized symbol smatch warnings AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> drm/panfrost: Really power off GPU cores in panfrost_gpu_power_off() Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/dp_mst: Fix fractional DSC bpp handling Jouni Högander <jouni.hogander(a)intel.com> drm/i915/display: Move releasing gem object away from fb tracking Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> Revert "drm/omapdrm: Annotate dma-fence critical section in commit path" Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> Revert "drm/tidss: Annotate dma-fence critical section in commit path" Arnd Bergmann <arnd(a)arndb.de> ARM: davinci: always select CONFIG_CPU_ARM926T Eric Dumazet <edumazet(a)google.com> ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() David Howells <dhowells(a)redhat.com> rxrpc: Fix skbuff cleanup of call's recvmsg_queue and rx_oos_queue Asmaa Mnebhi <asmaa(a)nvidia.com> mlxbf_gige: Enable the GigE port in mlxbf_gige_open Asmaa Mnebhi <asmaa(a)nvidia.com> mlxbf_gige: Fix intermittent no ip issue Tao Liu <taoliu828(a)163.com> net/sched: act_ct: fix skb leak and crash on ooo frags Ming Lei <ming.lei(a)redhat.com> blk-cgroup: fix rcu lockdep warning in blkg_lookup() Ilya Leoshkevich <iii(a)linux.ibm.com> s390/bpf: Fix gotol with large offsets Eric Dumazet <edumazet(a)google.com> sctp: fix busy polling Eric Dumazet <edumazet(a)google.com> sctp: support MSG_ERRQUEUE flag in recvmsg() John Fastabend <john.fastabend(a)gmail.com> bpf: sockmap, fix proto update hook to avoid dup calls Benjamin Berg <benjamin.berg(a)intel.com> wifi: cfg80211: parse all ML elements in an ML probe response Benjamin Berg <benjamin.berg(a)intel.com> wifi: cfg80211: correct comment about MLD ID Kunwu Chan <chentao(a)kylinos.cn> ice: Fix some null pointer dereference issues in ice_ptp.c Andy Yan <andyshrk(a)163.com> arm64: dts: rockchip: Fix led pinctrl of lubancat 1 Christoph Hellwig <hch(a)lst.de> null_blk: don't cap max_hw_sectors to BLK_DEF_MAX_SECTORS Francesco Dolcini <francesco.dolcini(a)toradex.com> Bluetooth: btmtkuart: fix recv_buf() return value Francesco Dolcini <francesco.dolcini(a)toradex.com> Bluetooth: btnxpuart: fix recv_buf() return value Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: Fix bogus check for re-auth no supported with non-ssp Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: validate chain type update if available Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: mark newset as dead on transaction abort Miri Korenblit <miriam.rachel.korenblit(a)intel.com> wifi: iwlwifi: assign phy_ctxt before eSR activation Anjaneyulu <pagadala.yesu.anjaneyulu(a)intel.com> wifi: iwlwifi: fix out of bound copy_from_user Ilan Peer <ilan.peer(a)intel.com> wifi: iwlwifi: mvm: Do not warn if valid link pair was not found Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: mvm: send TX path flush in rfkill Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: mvm: set siso/mimo chains to 1 in FW SMPS request Ayala Beker <ayala.beker(a)intel.com> wifi: mac80211: fix advertised TTLM scheduling Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8192se: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8192ee: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8192de: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8192ce: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8192cu: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8192c: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: add calculate_bit_shift() Hou Tao <houtao1(a)huawei.com> bpf: Use c->unit_size to select target cache during free Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: sc8180x: Fix up PCIe nodes Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: sc8180x: Mark PCIe hosts cache-coherent Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: sm8550: Update idle state time requirements Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: sm8550: Separate out X3 idle state Chukun Pan <amadeus(a)jmu.edu.cn> arm64: dts: qcom: ipq6018: fix clock rates for GCC_USB0_MOCK_UTMI_CLK Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: sc7280: Mark SDHCI hosts as cache-coherent Li Nan <linan122(a)huawei.com> block: add check of 'minors' and 'first_minor' in device_add_disk() Abel Vesa <abel.vesa(a)linaro.org> soc: qcom: llcc: Fix LLCC_TRP_ATTR2_CFGn offset Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> firmware: qcom: qseecom: fix memory leaks in error paths Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> arm64: dts: qcom: sm8150-hdk: fix SS USB regulators Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> arm64: dts: qcom: sm8150: make dispcc cast minimal vote on MMCX Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: sm6375: Hook up MPM Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sm6375: fix USB wakeup interrupt types Atul Dhudase <quic_adhudase(a)quicinc.com> soc: qcom: llcc: Fix dis_cap_alloc and retain_on_pc configuration Nikita Travkin <nikita(a)trvn.ru> arm64: dts: qcom: acer-aspire1: Correct audio codec definition Hou Tao <houtao1(a)huawei.com> bpf: Limit the number of kprobes when attaching program to multiple kprobes Hou Tao <houtao1(a)huawei.com> bpf: Limit the number of uprobes when attaching program to multiple uprobes Joakim Zhang <joakim.zhang(a)cixtech.com> dma-mapping: clear dev->dma_mem to NULL after freeing it Arseniy Krasnov <avkrasnov(a)salutedevices.com> virtio/vsock: send credit update during setting SO_RCVLOWAT Arseniy Krasnov <avkrasnov(a)salutedevices.com> virtio/vsock: fix logic which reduces credit update messages Leone Fernando <leone4fernando(a)gmail.com> ipmr: support IP_PKTINFO on cache report IGMP msg Hangbin Liu <liuhangbin(a)gmail.com> selftests/net: fix grep checking for fib_nexthop_multiprefix Yonghong Song <yonghong.song(a)linux.dev> bpf: Fix a race condition between btf_put() and map_free() Ahmad Fatoum <a.fatoum(a)pengutronix.de> ARM: dts: stm32: don't mix SCMI and non-SCMI board compatibles Tushar Vyavahare <tushar.vyavahare(a)intel.com> selftests/xsk: Fix for SEND_RECEIVE_UNALIGNED test Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Correct the number of global debugfs registers Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Rollback some operations if FLR failed Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Check before using pointer variables Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Replace with standard error code return value Manivannan Sadhasivam <mani(a)kernel.org> scsi: ufs: qcom: Fix the return value when platform_get_resource_byname() fails Manivannan Sadhasivam <mani(a)kernel.org> scsi: ufs: qcom: Fix the return value of ufs_qcom_ice_program_key() Adam Ford <aford173(a)gmail.com> arm64: dts: imx8mm: Reduce GPU to nominal speed Geert Uytterhoeven <geert+renesas(a)glider.be> arm64: dts: renesas: white-hawk-cpu: Fix missing serial console pin control Rob Herring <robh(a)kernel.org> arm64: dts: xilinx: Apply overlays to base dtbs Li Nan <linan122(a)huawei.com> block: Set memalloc_noio to false on device_add_disk() error path YiFei Zhu <zhuyifei(a)google.com> selftests/bpf: Relax time_tai test for equal timestamps in tai_forward Miri Korenblit <miriam.rachel.korenblit(a)intel.com> wifi: iwlwifi: don't support triggered EHT CQI feedback Ming Yen Hsieh <mingyen.hsieh(a)mediatek.com> wifi: mt76: mt7921: fix wrong 6Ghz power type Ming Yen Hsieh <mingyen.hsieh(a)mediatek.com> wifi: mt76: mt7921: fix CLC command timeout when suspend/resume Ming Yen Hsieh <mingyen.hsieh(a)mediatek.com> wifi: mt76: mt7921: fix country count limitation for CLC Eugen Hristev <eugen.hristev(a)collabora.com> arm64: dts: mediatek: mt8186: fix address warning for ADSP mailboxes Chen-Yu Tsai <wenst(a)chromium.org> arm64: dts: mediatek: mt8186: Fix alias prefix for ovl_2l0 Moudy Ho <moudy.ho(a)mediatek.com> arm64: dts: mediatek: mt8195: revise VDOSYS RDMA node name Moudy Ho <moudy.ho(a)mediatek.com> arm64: dts: mediatek: mt8183: correct MDP3 DMA-related nodes Moudy Ho <moudy.ho(a)mediatek.com> dt-bindings: media: mediatek: mdp3: correct RDMA and WROT node with generic names Tiezhu Yang <yangtiezhu(a)loongson.cn> test_bpf: Rename second ALU64_SMOD_X to ALU64_SMOD_K Andrei Matei <andreimatei1(a)gmail.com> bpf: Fix accesses to uninit stack slots Andrei Matei <andreimatei1(a)gmail.com> bpf: Guard stack limits against 32bit overflow Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: hisilicon: hikey970-pmic: fix regulator cells properties Andrei Matei <andreimatei1(a)gmail.com> bpf: Fix verification of indirect var-off stack access Wang Zhao <wang.zhao(a)mediatek.com> wifi: mt76: mt7921s: fix workqueue problem causes STA association fail Arnd Bergmann <arnd(a)arndb.de> wifi: mt76: mt7996: fix mt7996_mcu_all_sta_info_event struct packing StanleyYP Wang <StanleyYP.Wang(a)mediatek.com> wifi: mt76: mt7915: also MT7981 is 3T3R but nss2 on 5 GHz band StanleyYP Wang <StanleyYP.Wang(a)mediatek.com> wifi: mt76: mt7915: fix EEPROM offset of TSSI flag on MT7981 StanleyYP Wang <StanleyYP.Wang(a)mediatek.com> wifi: mt76: mt7996: fix alignment of sta info event MeiChia Chiu <meichia.chiu(a)mediatek.com> wifi: mt76: mt7996: fix rate usage of inband discovery frames Sujuan Chen <sujuan.chen(a)mediatek.com> wifi: mt76: mt7996: fix the size of struct bss_rate_tlv Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7915: fallback to non-wed mode if platform_get_resource fails in mt7915_mmio_wed_init() Christian Marangi <ansuelsmth(a)gmail.com> wifi: mt76: fix typo in mt76_get_of_eeprom_from_nvmem function Yi-Chia Hsieh <yi-chia.hsieh(a)mediatek.com> wifi: mt76: mt7996: fix uninitialized variable in parsing txfree Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sm8550: fix USB wakeup interrupt types Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sc7280: fix usb_2 wakeup interrupt types Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sa8775p: fix USB wakeup interrupt types Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: sc7280: Mark Adreno SMMU as DMA coherent Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: sc7280: Fix up GPU SIDs Nia Espera <nespera(a)igalia.com> arm64: dts: qcom: sm8350: Fix DMA0 address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sm6125: add interrupts to DWC3 USB controller Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sdm845-db845c: correct LED panic indicator Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: qrb5165-rb5: correct LED panic indicator Caleb Connolly <caleb.connolly(a)linaro.org> arm64: dts: qcom: qrb2210-rb1: use USB host mode Artem Chernyshev <artem.chernyshev(a)red-soft.ru> scsi: fnic: Return error if vmalloc() failed Andrii Nakryiko <andrii(a)kernel.org> bpf: fix check for attempt to corrupt spilled pointer Hangbin Liu <liuhangbin(a)gmail.com> selftests/net: specify the interface when do arping Hou Tao <houtao1(a)huawei.com> bpf: Defer the free of inner map when necessary Hou Tao <houtao1(a)huawei.com> bpf: Add map and need_defer parameters to .map_fd_put_ptr() Douglas Anderson <dianders(a)chromium.org> arm64: dts: qcom: sm6350: Make watchdog bark interrupt edge triggered Douglas Anderson <dianders(a)chromium.org> arm64: dts: qcom: sc8280xp: Make watchdog bark interrupt edge triggered Douglas Anderson <dianders(a)chromium.org> arm64: dts: qcom: sa8775p: Make watchdog bark interrupt edge triggered Douglas Anderson <dianders(a)chromium.org> arm64: dts: qcom: sm8250: Make watchdog bark interrupt edge triggered Douglas Anderson <dianders(a)chromium.org> arm64: dts: qcom: sm8150: Make watchdog bark interrupt edge triggered Douglas Anderson <dianders(a)chromium.org> arm64: dts: qcom: sdm845: Make watchdog bark interrupt edge triggered Douglas Anderson <dianders(a)chromium.org> arm64: dts: qcom: sc7280: Make watchdog bark interrupt edge triggered Douglas Anderson <dianders(a)chromium.org> arm64: dts: qcom: sc7180: Make watchdog bark interrupt edge triggered Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sm8550: correct TX Soundwire clock Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sm8450: correct TX Soundwire clock Bjorn Andersson <quic_bjorande(a)quicinc.com> arm64: dts: qcom: sc8180x-primus: Fix HALL_INT polarity Stephen Boyd <swboyd(a)chromium.org> dt-bindings: arm: qcom: Fix html link Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: qcom: sdx65: correct SPMI node name Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: qcom: sdx65: correct PCIe EP phy-names Andrii Nakryiko <andrii(a)kernel.org> bpf: enforce precision of R0 on callback return Yu Kuai <yukuai3(a)huawei.com> md: synchronize flush io with array reconfiguration Jeroen van Ingen Schenau <jeroen.vaningenschenau(a)novoserve.com> selftests/bpf: Fix erroneous bitmask operation Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> wifi: rtw88: sdio: Honor the host max_req_size in the RX path Jan Kiszka <jan.kiszka(a)siemens.com> arm64: dts: ti: iot2050: Re-add aliases Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> arm64: dts: ti: k3-am65-main: Fix DSS irq trigger type Nitin Yadav <n-yadav(a)ti.com> arm64: dts: ti: k3-am62a-main: Fix GPIO pin count in DT nodes Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior Karthikeyan Periyasamy <quic_periyasa(a)quicinc.com> wifi: ath12k: fix the error handler of rfkill config Bart Van Assche <bvanassche(a)acm.org> scsi: bfa: Use the proper data type for BLIST flags Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create() Peter Delevoryas <peter(a)pjd.dev> net/ncsi: Fix netlink major/minor version numbers Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Fix list_entry null check warning in lpfc_cmpl_els_plogi() Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: apq8064: correct XOADC register address Arnd Bergmann <arnd(a)arndb.de> wifi: libertas: stop selecting wext Luca Weiss <luca.weiss(a)fairphone.com> wifi: ath11k: Defer on rproc_get failure Jordan Rome <jordalgo(a)meta.com> bpf: Add crosstask check to __bpf_get_stack Dave Marchevsky <davemarchevsky(a)fb.com> bpf: Add KF_RCU flag to bpf_refcount_acquire_impl Florian Lehner <dev(a)der-flo.net> bpf, lpm: Fix check prefixlen before walking trie Chih-Kang Chang <gary.chang(a)realtek.com> wifi: rtw88: fix RX filter in FIF_ALLMULTI flag Dan Carpenter <dan.carpenter(a)linaro.org> wifi: plfxlc: check for allocation failure in plfxlc_usb_wreq_async() Luca Weiss <luca(a)z3ntu.xyz> ARM: dts: qcom: msm8226: provide dsi phy clocks to mmcc Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sc8280xp-x13s: add missing camera LED pin config Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: sc8280xp-x13s: Use the correct DP PHY compatible Caleb Connolly <caleb.connolly(a)linaro.org> arm64: dts: qcom: qrb4210-rb2: don't force usb peripheral mode David McKay <david.mckay(a)codasip.com> asm-generic: Fix 32 bit __generic_cmpxchg_local Benjamin Coddington <bcodding(a)redhat.com> SUNRPC: Fixup v4.1 backchannel request timeouts Trond Myklebust <trond.myklebust(a)hammerspace.com> pNFS: Fix the pnfs block driver's calculation of layoutget size Olga Kornievskaia <kolga(a)netapp.com> SUNRPC: fix _xprt_switch_find_current_entry logic Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT Scott Mayhew <smayhew(a)redhat.com> NFS: Use parent's objective cred in nfs_access_login_time() Benjamin Coddington <bcodding(a)redhat.com> blocklayoutdriver: Fix reference leak of pnfs_device_node Arnd Bergmann <arnd(a)arndb.de> csky: fix arch_jump_label_transform_static override David Howells <dhowells(a)redhat.com> keys, dns: Fix size check of V1 server-list header Chengming Zhou <zhouchengming(a)bytedance.com> crypto: scomp - fix req->dst buffer overflow Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - do not resize req->src when doing hash operations Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix processing hash requests with req->nbytes < sg->length Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - improve error handling in sahara_sha_process() Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix wait_for_completion_timeout() error handling Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix ahash reqsize Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - handle zero-length aes requests Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - avoid skcipher fallback code duplication wangyangxin <wangyangxin1(a)huawei.com> crypto: virtio - Wait for tasklet to complete on device remove Alexander Aring <aahringo(a)redhat.com> dlm: fix format seq ops type 4 Edward Adam Davis <eadavis(a)qq.com> gfs2: fix kernel BUG in gfs2_quota_cleanup Osama Muhammad <osmtendev(a)gmail.com> gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump Christian Brauner <brauner(a)kernel.org> fs: indicate request originates from old mount API Gao Xiang <xiang(a)kernel.org> erofs: fix memory leak on short-lived bounced pages Sergey Shtylyov <s.shtylyov(a)omp.ru> pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() Zhiqi Song <songzhiqi1(a)huawei.com> crypto: hisilicon/zip - save capability registers in probe process Zhiqi Song <songzhiqi1(a)huawei.com> crypto: hisilicon/sec2 - save capability registers in probe process Zhiqi Song <songzhiqi1(a)huawei.com> crypto: hisilicon/hpre - save capability registers in probe process Wenkai Lin <linwenkai6(a)hisilicon.com> crypto: hisilicon/qm - add a function to set qm algs Chenghai Huang <huangchenghai2(a)huawei.com> crypto: hisilicon/zip - add zip comp high perf mode configuration Zhiqi Song <songzhiqi1(a)huawei.com> crypto: hisilicon/qm - save capability registers in qm init process Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix error handling in sahara_hw_descriptor_create() Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix processing requests with cryptlen < sg->length Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix ahash selftest failure Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix cbc selftest failure Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - remove FLAGS_NEW_KEY logic Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> crypto: safexcel - Add error handling for dma_map_sg() calls Yang Yingliang <yangyingliang(a)huawei.com> hwrng: stm32 - add missing clk_disable_unprepare() in stm32_rng_init() Giovanni Cabiddu <giovanni.cabiddu(a)intel.com> crypto: qat - add NULL pointer check Damian Muszynski <damian.muszynski(a)intel.com> crypto: qat - fix mutex ordering in adf_rl Damian Muszynski <damian.muszynski(a)intel.com> crypto: qat - fix error path in add_update_sla() Herbert Xu <herbert(a)gondor.apana.org.au> crypto: af_alg - Disallow multiple in-flight AIO requests Dinghao Liu <dinghao.liu(a)zju.edu.cn> crypto: ccp - fix memleak in ccp_init_dm_workarea Chen Ni <nichen(a)iscas.ac.cn> crypto: sa2ul - Return crypto_aead_setkey to transfer the error Damian Muszynski <damian.muszynski(a)intel.com> crypto: qat - add sysfs_added flag for rate limiting Damian Muszynski <damian.muszynski(a)intel.com> crypto: qat - add sysfs_added flag for ras Gonglei (Arei) <arei.gonglei(a)huawei.com> crypto: virtio - Handle dataq logic with tasklet Chanho Park <chanho61.park(a)samsung.com> crypto: jh7110 - Correct deferred probe return Dan Carpenter <dan.carpenter(a)linaro.org> crypto: qat - prevent underflow in rp2srv_store() Dan Carpenter <dan.carpenter(a)linaro.org> crypto: rsa - add a check for allocation failure Mickaël Salaün <mic(a)digikod.net> selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket Binbin Zhou <zhoubinbin(a)loongson.cn> drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment Borislav Petkov (AMD) <bp(a)alien8.de> cpuidle: haltpoll: Do not enable interrupts when entering idle ZhaoLong Wang <wangzhaolong1(a)huawei.com> mtd: Fix gluebi NULL pointer dereference caused by ftl notifier Richard Fitzgerald <rf(a)opensource.cirrus.com> kunit: debugfs: Handle errors from alloc_string_stream() Richard Fitzgerald <rf(a)opensource.cirrus.com> kunit: debugfs: Fix unchecked dereference in debugfs_print_results() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> thermal: core: Fix NULL pointer dereference in zone registration error path Tony Luck <tony.luck(a)intel.com> ACPI: extlog: Clear Extended Error Log status when RAS_CEC handled the error Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> ACPI: LPSS: Fix the fractional clock divider flags Wolfram Sang <wsa+renesas(a)sang-engineering.com> spi: sh-msiof: Enforce fixed DTDL for R-Car H3 Ard Biesheuvel <ardb(a)kernel.org> efivarfs: Free s_fs_info on unmount Ilias Apalodimas <ilias.apalodimas(a)linaro.org> efivarfs: force RO when remounting if SetVariable is not supported Gavrilov Ilia <Ilia.Gavrilov(a)infotecs.ru> calipso: fix memory leak in netlbl_calipso_add_pass() Alexandra Diupina <adiupina(a)astralinux.ru> cpufreq: scmi: process the result of devm_of_clk_add_hw_provider() David E. Box <david.e.box(a)linux.intel.com> platform/x86/intel/vsec: Fix xa_alloc memory leak Yang Yingliang <yangyingliang(a)huawei.com> spi: cadence-quadspi: add missing clk_disable_unprepare() in cqspi_probe() Chen Ni <nichen(a)iscas.ac.cn> KEYS: encrypted: Add check for strsep Nikita Kiryushin <kiryushin(a)ancud.ru> ACPI: LPIT: Avoid u32 multiplication overflow Nikita Kiryushin <kiryushin(a)ancud.ru> ACPI: video: check for error while searching for backlight device parent Ronald Monthero <debug.penguin32(a)gmail.com> mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response Amit Kumar Mahapatra <amit.kumar-mahapatra(a)amd.com> spi: spi-zynqmp-gqspi: fix driver kconfig dependencies Alexander Antonov <alexander.antonov(a)linux.intel.com> perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() Yiwei Lin <s921975628(a)gmail.com> sched/fair: Update min_vruntime for reweight_entity() correctly Kunwu Chan <chentao(a)kylinos.cn> powerpc/imc-pmu: Add a null pointer check in update_events_in_group() Kunwu Chan <chentao(a)kylinos.cn> powerpc/powernv: Add a null pointer check in opal_powercap_init() Kunwu Chan <chentao(a)kylinos.cn> powerpc/powernv: Add a null pointer check in opal_event_init() Kunwu Chan <chentao(a)kylinos.cn> powerpc/powernv: Add a null pointer check to scom_debug_init_one() Nathan Lynch <nathanl(a)linux.ibm.com> powerpc/rtas: Avoid warning on invalid token argument to sys_rtas() Kajol Jain <kjain(a)linux.ibm.com> powerpc/hv-gpci: Add return value check in affinity_domain_via_partition_show function Michael Ellerman <mpe(a)ellerman.id.au> selftests/powerpc: Fix error handling in FPU/VMX preemption tests Nicholas Piggin <npiggin(a)gmail.com> KVM: PPC: Book3S HV: Handle pending exceptions on guest entry with MSR_EE Junhao He <hejunhao3(a)huawei.com> drivers/perf: hisi: Fix some event id for HiSilicon UC pmu Robin Murphy <robin.murphy(a)arm.com> perf/arm-cmn: Fix HN-F class_occup_id events Borislav Petkov (AMD) <bp(a)alien8.de> x86/microcode/intel: Set new revision only after a successful update Nathan Lynch <nathanl(a)linux.ibm.com> powerpc/pseries/memhp: Fix access beyond end of drmem array Randy Dunlap <rdunlap(a)infradead.org> powerpc/44x: select I2C for CURRITUCK Peter Zijlstra <peterz(a)infradead.org> x86: Fix CPUIDLE_FLAG_IRQ_ENABLE leaking timer reprogram Jann Horn <jannh(a)google.com> fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() Masahiro Yamada <masahiroy(a)kernel.org> powerpc: add crtsavres.o to always-y instead of extra-y Arnd Bergmann <arnd(a)arndb.de> EDAC/thunderx: Fix possible out-of-bounds string access Yazen Ghannam <yazen.ghannam(a)amd.com> x86/mce/inject: Clear test status value Colin Ian King <colin.i.king(a)gmail.com> x86/lib: Fix overflow when counting digits ------------- Diffstat: Documentation/admin-guide/kernel-parameters.txt | 6 + Documentation/devicetree/bindings/arm/qcom.yaml | 2 +- .../devicetree/bindings/gpio/xlnx,gpio-xilinx.yaml | 2 +- .../bindings/media/mediatek,mdp3-rdma.yaml | 29 +- .../bindings/media/mediatek,mdp3-wrot.yaml | 23 +- .../devicetree/bindings/media/rockchip-isp1.yaml | 11 +- .../phy/qcom,sc8280xp-qmp-usb43dp-phy.yaml | 4 +- .../bindings/timer/thead,c900-aclint-mtimer.yaml | 9 +- Documentation/driver-api/pci/p2pdma.rst | 16 +- Makefile | 4 +- arch/arm/boot/dts/qcom/qcom-apq8064.dtsi | 2 +- arch/arm/boot/dts/qcom/qcom-msm8226.dtsi | 4 +- arch/arm/boot/dts/qcom/qcom-sdx55.dtsi | 4 +- arch/arm/boot/dts/qcom/qcom-sdx65.dtsi | 4 +- arch/arm/boot/dts/st/stm32mp157a-dk1-scmi.dts | 2 +- arch/arm/boot/dts/st/stm32mp157c-dk2-scmi.dts | 2 +- arch/arm/boot/dts/st/stm32mp157c-ed1-scmi.dts | 2 +- arch/arm/boot/dts/st/stm32mp157c-ev1-scmi.dts | 3 +- arch/arm/mach-davinci/Kconfig | 2 + arch/arm64/boot/dts/freescale/imx8mm.dtsi | 4 +- arch/arm64/boot/dts/hisilicon/hikey970-pmic.dtsi | 3 - arch/arm64/boot/dts/mediatek/mt8183.dtsi | 6 +- arch/arm64/boot/dts/mediatek/mt8186.dtsi | 6 +- arch/arm64/boot/dts/mediatek/mt8195.dtsi | 24 +- arch/arm64/boot/dts/qcom/ipq6018.dtsi | 2 +- arch/arm64/boot/dts/qcom/qrb2210-rb1.dts | 4 + arch/arm64/boot/dts/qcom/qrb4210-rb2.dts | 1 - arch/arm64/boot/dts/qcom/qrb5165-rb5.dts | 4 +- arch/arm64/boot/dts/qcom/sa8775p.dtsi | 14 +- arch/arm64/boot/dts/qcom/sc7180-acer-aspire1.dts | 17 +- arch/arm64/boot/dts/qcom/sc7180.dtsi | 2 +- arch/arm64/boot/dts/qcom/sc7280.dtsi | 12 +- arch/arm64/boot/dts/qcom/sc8180x-primus.dts | 2 +- arch/arm64/boot/dts/qcom/sc8180x.dtsi | 10 +- .../dts/qcom/sc8280xp-lenovo-thinkpad-x13s.dts | 11 + arch/arm64/boot/dts/qcom/sc8280xp.dtsi | 2 +- arch/arm64/boot/dts/qcom/sdm845-db845c.dts | 2 +- arch/arm64/boot/dts/qcom/sdm845.dtsi | 2 +- arch/arm64/boot/dts/qcom/sm6125.dtsi | 4 + arch/arm64/boot/dts/qcom/sm6350.dtsi | 2 +- arch/arm64/boot/dts/qcom/sm6375.dtsi | 41 ++- arch/arm64/boot/dts/qcom/sm8150-hdk.dts | 12 +- arch/arm64/boot/dts/qcom/sm8150.dtsi | 3 +- arch/arm64/boot/dts/qcom/sm8250.dtsi | 2 +- arch/arm64/boot/dts/qcom/sm8350.dtsi | 4 +- arch/arm64/boot/dts/qcom/sm8450.dtsi | 2 +- arch/arm64/boot/dts/qcom/sm8550.dtsi | 38 ++- .../boot/dts/renesas/r8a779g0-white-hawk-cpu.dtsi | 3 + arch/arm64/boot/dts/rockchip/rk3566-lubancat-1.dts | 2 +- arch/arm64/boot/dts/ti/k3-am62a-main.dtsi | 4 +- arch/arm64/boot/dts/ti/k3-am65-iot2050-common.dtsi | 10 + arch/arm64/boot/dts/ti/k3-am65-main.dtsi | 2 +- arch/arm64/boot/dts/xilinx/Makefile | 9 +- arch/arm64/kernel/ptrace.c | 13 +- arch/arm64/kvm/vgic/vgic-its.c | 5 + arch/arm64/kvm/vgic/vgic-mmio-v3.c | 27 +- arch/csky/include/asm/jump_label.h | 5 + arch/loongarch/include/asm/elf.h | 5 - arch/loongarch/kernel/elf.c | 5 - arch/loongarch/kernel/process.c | 1 + arch/loongarch/net/bpf_jit.c | 5 +- arch/mips/alchemy/devboards/db1200.c | 2 +- arch/mips/alchemy/devboards/db1550.c | 2 +- arch/mips/include/asm/dmi.h | 2 +- arch/mips/kernel/setup.c | 4 +- arch/powerpc/Kconfig | 1 + arch/powerpc/kernel/rtas.c | 19 +- arch/powerpc/kvm/book3s_hv.c | 18 +- arch/powerpc/lib/Makefile | 2 +- arch/powerpc/perf/hv-gpci.c | 3 + arch/powerpc/perf/imc-pmu.c | 6 + arch/powerpc/platforms/44x/Kconfig | 1 + arch/powerpc/platforms/powernv/opal-irqchip.c | 2 + arch/powerpc/platforms/powernv/opal-powercap.c | 6 + arch/powerpc/platforms/powernv/opal-xscom.c | 5 + arch/powerpc/platforms/pseries/hotplug-memory.c | 9 +- arch/riscv/include/asm/sections.h | 1 + arch/riscv/include/asm/xip_fixup.h | 2 +- arch/riscv/kernel/module.c | 3 +- arch/riscv/kernel/patch.c | 11 +- arch/riscv/kernel/vmlinux-xip.lds.S | 2 + arch/riscv/kernel/vmlinux.lds.S | 2 + arch/riscv/mm/pageattr.c | 11 +- arch/s390/include/asm/pci_io.h | 32 +- arch/s390/net/bpf_jit_comp.c | 2 +- arch/s390/pci/pci_mmio.c | 12 +- arch/um/drivers/virt-pci.c | 2 +- arch/x86/events/intel/uncore_snbep.c | 10 +- arch/x86/include/asm/kvm-x86-pmu-ops.h | 2 +- arch/x86/include/asm/mwait.h | 11 +- arch/x86/kernel/cpu/mce/inject.c | 1 + arch/x86/kernel/cpu/microcode/intel.c | 14 +- arch/x86/kernel/kvmclock.c | 12 +- arch/x86/kvm/pmu.c | 63 +++- arch/x86/kvm/pmu.h | 18 -- arch/x86/kvm/svm/nested.c | 15 - arch/x86/kvm/svm/pmu.c | 16 - arch/x86/kvm/vmx/pmu_intel.c | 20 -- arch/x86/lib/misc.c | 2 +- arch/x86/pci/mmconfig-shared.c | 13 +- block/bio.c | 46 +-- block/blk-cgroup.h | 3 +- block/blk-mq.c | 16 +- block/genhd.c | 5 +- block/ioctl.c | 11 +- crypto/af_alg.c | 14 +- crypto/rsa.c | 2 + crypto/scompress.c | 6 + drivers/accel/habanalabs/common/habanalabs_ioctl.c | 2 +- drivers/acpi/acpi_extlog.c | 7 +- drivers/acpi/acpi_lpit.c | 2 +- drivers/acpi/acpi_lpss.c | 3 +- drivers/acpi/acpi_video.c | 12 +- drivers/acpi/property.c | 4 + drivers/android/binder_alloc.c | 22 +- drivers/base/class.c | 1 + drivers/base/node.c | 9 +- drivers/base/swnode.c | 3 + drivers/block/loop.c | 52 ++-- drivers/block/null_blk/main.c | 12 +- drivers/bluetooth/btmtkuart.c | 11 +- drivers/bluetooth/btnxpuart.c | 7 +- drivers/bus/mhi/ep/main.c | 139 ++++++--- drivers/bus/mhi/ep/ring.c | 41 +-- drivers/cdx/cdx.c | 14 +- drivers/char/hw_random/stm32-rng.c | 1 + drivers/clk/clk-renesas-pcie.c | 2 +- drivers/clk/clk-si5341.c | 4 +- drivers/clk/clk-sp7021.c | 12 +- drivers/clk/qcom/dispcc-sm8550.c | 12 +- drivers/clk/qcom/gcc-sm8550.c | 110 +++---- drivers/clk/qcom/gpucc-sm8150.c | 4 +- drivers/clk/qcom/gpucc-sm8550.c | 6 +- drivers/clk/qcom/videocc-sm8150.c | 1 + drivers/clk/renesas/rzg2l-cpg.c | 91 +++--- drivers/clk/zynqmp/clk-mux-zynqmp.c | 2 +- drivers/clk/zynqmp/divider.c | 66 +--- drivers/clocksource/timer-ep93xx.c | 5 +- drivers/clocksource/timer-ti-dm.c | 4 +- drivers/cpufreq/scmi-cpufreq.c | 7 +- drivers/cpuidle/cpuidle-haltpoll.c | 9 +- drivers/crypto/ccp/ccp-ops.c | 5 +- drivers/crypto/hisilicon/hpre/hpre_main.c | 122 ++++---- drivers/crypto/hisilicon/qm.c | 98 +++++- drivers/crypto/hisilicon/sec2/sec.h | 7 + drivers/crypto/hisilicon/sec2/sec_crypto.c | 10 +- drivers/crypto/hisilicon/sec2/sec_main.c | 70 +++-- drivers/crypto/hisilicon/zip/zip_main.c | 175 ++++++++--- drivers/crypto/inside-secure/safexcel_cipher.c | 19 +- .../intel/qat/qat_common/adf_accel_devices.h | 1 + drivers/crypto/intel/qat/qat_common/adf_rl.c | 7 +- drivers/crypto/intel/qat/qat_common/adf_rl.h | 1 + drivers/crypto/intel/qat/qat_common/adf_sysfs.c | 6 +- .../intel/qat/qat_common/adf_sysfs_ras_counters.c | 7 +- drivers/crypto/intel/qat/qat_common/adf_sysfs_rl.c | 8 + drivers/crypto/sa2ul.c | 3 +- drivers/crypto/sahara.c | 248 +++++++-------- drivers/crypto/starfive/jh7110-cryp.c | 10 +- drivers/crypto/virtio/virtio_crypto_common.h | 2 + drivers/crypto/virtio/virtio_crypto_core.c | 26 +- drivers/cxl/core/port.c | 24 +- drivers/cxl/core/region.c | 2 +- drivers/cxl/cxl.h | 2 - drivers/edac/thunderx_edac.c | 10 +- drivers/firmware/qcom/qcom_qseecom_uefisecapp.c | 20 +- drivers/firmware/ti_sci.c | 10 +- drivers/gpio/gpio-mlxbf3.c | 2 + drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 32 +- drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 34 +-- drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c | 7 +- drivers/gpu/drm/amd/amdgpu/amdgpu_reset.h | 1 - drivers/gpu/drm/amd/amdgpu/amdgpu_xgmi.h | 1 - drivers/gpu/drm/amd/amdkfd/kfd_flat_memory.c | 26 +- drivers/gpu/drm/amd/amdkfd/kfd_migrate.c | 6 +- drivers/gpu/drm/amd/amdkfd/kfd_priv.h | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 21 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 76 +++-- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h | 2 +- .../amd/display/amdgpu_dm/amdgpu_dm_mst_types.c | 6 +- drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 4 +- .../display/dc/link/protocols/link_dp_training.c | 2 +- .../display/dc/link/protocols/link_dp_training.h | 2 +- drivers/gpu/drm/amd/pm/legacy-dpm/kv_dpm.c | 4 +- drivers/gpu/drm/amd/pm/legacy-dpm/legacy_dpm.c | 52 +--- drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c | 5 +- .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 6 +- drivers/gpu/drm/bridge/analogix/anx7625.c | 3 - .../gpu/drm/bridge/cadence/cdns-mhdp8546-hdcp.c | 3 +- drivers/gpu/drm/bridge/imx/imx93-mipi-dsi.c | 4 +- drivers/gpu/drm/bridge/tc358767.c | 2 +- drivers/gpu/drm/bridge/ti-tpd12s015.c | 4 +- drivers/gpu/drm/display/drm_dp_mst_topology.c | 20 +- drivers/gpu/drm/drm_drv.c | 10 +- drivers/gpu/drm/i915/display/intel_dp.c | 2 +- drivers/gpu/drm/i915/display/intel_dp_mst.c | 5 +- drivers/gpu/drm/i915/display/intel_frontbuffer.c | 2 - .../gpu/drm/i915/gem/i915_gem_object_frontbuffer.h | 1 + drivers/gpu/drm/imx/lcdc/imx-lcdc.c | 9 - drivers/gpu/drm/mediatek/mtk_disp_merge.c | 2 +- drivers/gpu/drm/mediatek/mtk_dp.c | 1 + drivers/gpu/drm/mediatek/mtk_dpi.c | 16 +- drivers/gpu/drm/mediatek/mtk_mdp_rdma.c | 3 +- drivers/gpu/drm/msm/Kconfig | 1 + drivers/gpu/drm/msm/adreno/adreno_device.c | 2 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_5_0_sm8150.h | 8 +- .../drm/msm/disp/dpu1/catalog/dpu_5_1_sc8180x.h | 9 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_6_0_sm8250.h | 2 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_6_2_sc7180.h | 2 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_7_2_sc7280.h | 2 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_8_1_sm8450.h | 24 +- drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c | 4 +- drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 4 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_catalog.c | 95 ++++-- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_catalog.h | 3 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_intf.c | 6 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_intf.h | 4 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_lm.c | 6 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_lm.h | 3 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_util.c | 20 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_util.h | 8 +- drivers/gpu/drm/msm/disp/mdp4/mdp4_crtc.c | 9 + drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 +- drivers/gpu/drm/nouveau/dispnv50/disp.c | 3 +- drivers/gpu/drm/nouveau/nv04_fence.c | 2 +- drivers/gpu/drm/omapdrm/omap_drv.c | 9 +- drivers/gpu/drm/panel/panel-elida-kd35t133.c | 2 + drivers/gpu/drm/panel/panel-newvision-nv3051d.c | 2 + drivers/gpu/drm/panel/panel-sitronix-st7701.c | 2 +- drivers/gpu/drm/panfrost/panfrost_gpu.c | 70 +++-- drivers/gpu/drm/radeon/r100.c | 4 +- drivers/gpu/drm/radeon/r600_cs.c | 4 +- drivers/gpu/drm/radeon/radeon_display.c | 7 +- drivers/gpu/drm/radeon/radeon_vm.c | 8 +- drivers/gpu/drm/radeon/si.c | 4 + drivers/gpu/drm/radeon/sumo_dpm.c | 4 +- drivers/gpu/drm/radeon/trinity_dpm.c | 4 +- drivers/gpu/drm/scheduler/sched_entity.c | 13 +- drivers/gpu/drm/tests/drm_dp_mst_helper_test.c | 6 +- drivers/gpu/drm/tidss/tidss_dispc.c | 63 +++- drivers/gpu/drm/tidss/tidss_kms.c | 4 - drivers/gpu/drm/tilcdc/tilcdc_drv.c | 2 +- drivers/greybus/gb-beagleplay.c | 58 +++- drivers/hid/hid-sensor-hub.c | 2 +- drivers/hid/wacom_wac.c | 32 +- drivers/i2c/busses/i2c-s3c2410.c | 40 +-- drivers/idle/intel_idle.c | 19 +- drivers/iio/adc/ad7091r-base.c | 6 +- drivers/iio/adc/ad9467.c | 112 +++++-- drivers/iio/adc/adi-axi-adc.c | 74 +---- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 6 +- drivers/infiniband/hw/hns/hns_roce_pd.c | 2 +- drivers/infiniband/hw/mthca/mthca_cmd.c | 4 +- drivers/infiniband/hw/mthca/mthca_main.c | 2 +- drivers/infiniband/ulp/iser/iscsi_iser.h | 2 - drivers/infiniband/ulp/iser/iser_initiator.c | 5 +- drivers/infiniband/ulp/iser/iser_memory.c | 8 +- drivers/infiniband/ulp/iser/iser_verbs.c | 1 - drivers/input/keyboard/atkbd.c | 12 +- drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 1 + drivers/iommu/dma-iommu.c | 3 + drivers/iommu/of_iommu.c | 7 + drivers/leds/Kconfig | 1 + drivers/leds/leds-aw200xx.c | 7 +- drivers/md/md.c | 69 +++-- drivers/md/raid1.c | 12 +- drivers/media/common/videobuf2/videobuf2-core.c | 9 +- drivers/media/dvb-core/dvbdev.c | 2 + drivers/media/dvb-frontends/m88ds3103.c | 7 +- drivers/media/i2c/mt9m114.c | 2 +- drivers/media/pci/bt8xx/bttv-driver.c | 27 +- drivers/media/pci/bt8xx/bttv-vbi.c | 8 +- drivers/media/pci/solo6x10/solo6x10-offsets.h | 10 +- drivers/media/platform/amphion/vpu_core.c | 2 +- .../media/platform/mediatek/jpeg/mtk_jpeg_core.c | 1 - drivers/media/platform/nxp/imx-mipi-csis.c | 17 +- .../media/platform/rockchip/rkisp1/rkisp1-dev.c | 6 +- .../media/platform/rockchip/rkisp1/rkisp1-isp.c | 1 + drivers/media/platform/verisilicon/hantro_drv.c | 2 + drivers/media/platform/verisilicon/hantro_v4l2.c | 3 + drivers/media/test-drivers/visl/visl-video.c | 3 + drivers/media/usb/cx231xx/cx231xx-core.c | 2 + drivers/media/usb/pvrusb2/pvrusb2-context.c | 3 +- drivers/media/v4l2-core/v4l2-async.c | 1 - drivers/mfd/cs42l43-sdw.c | 74 ++--- drivers/mfd/intel-lpss.c | 2 +- drivers/mfd/rk8xx-core.c | 34 +-- drivers/mfd/syscon.c | 4 + drivers/mfd/tps6594-core.c | 3 + drivers/mmc/host/Kconfig | 10 +- drivers/mtd/mtd_blkdevs.c | 4 +- drivers/mtd/nand/raw/fsl_ifc_nand.c | 2 +- drivers/net/amt.c | 6 +- drivers/net/dsa/vitesse-vsc73xx-core.c | 2 + drivers/net/ethernet/intel/ice/ice_ptp.c | 4 + drivers/net/ethernet/marvell/octeontx2/af/rpm.c | 7 +- .../ethernet/mellanox/mlxbf_gige/mlxbf_gige_main.c | 26 +- .../ethernet/mellanox/mlxbf_gige/mlxbf_gige_rx.c | 6 +- .../net/ethernet/mellanox/mlxsw/spectrum_acl_erp.c | 8 +- .../ethernet/mellanox/mlxsw/spectrum_acl_tcam.c | 6 +- .../net/ethernet/mellanox/mlxsw/spectrum_router.c | 24 +- drivers/net/ethernet/qualcomm/rmnet/rmnet_config.c | 2 +- drivers/net/ethernet/renesas/ravb_main.c | 2 +- drivers/net/ethernet/stmicro/stmmac/stmmac.h | 1 + .../net/ethernet/stmicro/stmmac/stmmac_ethtool.c | 29 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 33 +- drivers/net/ethernet/ti/am65-cpsw-nuss.c | 5 +- drivers/net/netdevsim/netdev.c | 9 +- drivers/net/phy/micrel.c | 9 + drivers/net/usb/r8152.c | 16 +- drivers/net/wireless/ath/ath11k/ahb.c | 4 +- drivers/net/wireless/ath/ath12k/core.c | 6 +- drivers/net/wireless/intel/iwlwifi/iwl-nvm-parse.c | 3 +- drivers/net/wireless/intel/iwlwifi/mvm/debugfs.c | 2 +- .../net/wireless/intel/iwlwifi/mvm/mld-mac80211.c | 8 +- drivers/net/wireless/intel/iwlwifi/mvm/phy-ctxt.c | 11 - drivers/net/wireless/intel/iwlwifi/mvm/tx.c | 2 +- drivers/net/wireless/marvell/libertas/Kconfig | 2 - drivers/net/wireless/marvell/mwifiex/cfg80211.c | 2 + drivers/net/wireless/marvell/mwifiex/fw.h | 1 + drivers/net/wireless/marvell/mwifiex/ioctl.h | 1 + drivers/net/wireless/marvell/mwifiex/sdio.c | 21 +- drivers/net/wireless/marvell/mwifiex/sdio.h | 2 + drivers/net/wireless/marvell/mwifiex/uap_cmd.c | 8 + drivers/net/wireless/mediatek/mt76/eeprom.c | 6 +- drivers/net/wireless/mediatek/mt76/mt76.h | 3 +- drivers/net/wireless/mediatek/mt76/mt7615/sdio.c | 2 +- drivers/net/wireless/mediatek/mt76/mt7915/eeprom.h | 3 +- drivers/net/wireless/mediatek/mt76/mt7915/main.c | 5 +- drivers/net/wireless/mediatek/mt76/mt7915/mmio.c | 2 +- drivers/net/wireless/mediatek/mt76/mt7921/init.c | 23 +- drivers/net/wireless/mediatek/mt76/mt7921/main.c | 38 ++- drivers/net/wireless/mediatek/mt76/mt7921/mcu.c | 11 +- drivers/net/wireless/mediatek/mt76/mt7921/mt7921.h | 1 + drivers/net/wireless/mediatek/mt76/mt7921/pci.c | 3 + drivers/net/wireless/mediatek/mt76/mt7921/sdio.c | 4 +- .../net/wireless/mediatek/mt76/mt7921/sdio_mac.c | 3 +- drivers/net/wireless/mediatek/mt76/mt7996/mac.c | 6 +- drivers/net/wireless/mediatek/mt76/mt7996/mcu.h | 10 +- drivers/net/wireless/mediatek/mt76/sdio.c | 18 +- drivers/net/wireless/purelifi/plfxlc/usb.c | 5 +- drivers/net/wireless/realtek/rtlwifi/pci.c | 79 +---- drivers/net/wireless/realtek/rtlwifi/pci.h | 5 - .../net/wireless/realtek/rtlwifi/rtl8188ee/phy.c | 14 +- .../wireless/realtek/rtlwifi/rtl8192c/phy_common.c | 12 +- .../wireless/realtek/rtlwifi/rtl8192c/phy_common.h | 1 - .../net/wireless/realtek/rtlwifi/rtl8192ce/phy.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8192ce/phy.h | 1 - .../net/wireless/realtek/rtlwifi/rtl8192cu/phy.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8192de/phy.c | 15 +- .../net/wireless/realtek/rtlwifi/rtl8192ee/phy.c | 16 +- .../net/wireless/realtek/rtlwifi/rtl8192se/phy.c | 15 +- .../net/wireless/realtek/rtlwifi/rtl8821ae/phy.c | 5 +- drivers/net/wireless/realtek/rtlwifi/wifi.h | 7 + drivers/net/wireless/realtek/rtw88/mac80211.c | 4 +- drivers/net/wireless/realtek/rtw88/sdio.c | 35 ++- drivers/net/xen-netback/netback.c | 44 ++- drivers/nvme/target/tcp.c | 22 +- drivers/nvme/target/trace.h | 5 +- drivers/of/base.c | 1 + drivers/of/unittest-data/tests-phandle.dtsi | 10 +- drivers/of/unittest.c | 74 +++-- drivers/pci/controller/dwc/pci-keystone.c | 9 + drivers/pci/controller/dwc/pcie-designware-ep.c | 1 + drivers/pci/controller/pcie-mediatek-gen3.c | 85 +++--- drivers/pci/controller/pcie-mediatek.c | 10 +- drivers/pci/controller/pcie-xilinx-dma-pl.c | 6 +- drivers/pci/endpoint/functions/pci-epf-mhi.c | 66 ++-- drivers/perf/arm-cmn.c | 2 +- drivers/perf/hisilicon/hisi_uncore_uc_pmu.c | 4 +- drivers/platform/x86/intel/vsec.c | 25 +- drivers/platform/x86/intel/vsec.h | 1 + drivers/power/supply/bq256xx_charger.c | 5 +- drivers/power/supply/cw2015_battery.c | 2 +- drivers/power/supply/qcom_pmi8998_charger.c | 4 + drivers/pwm/core.c | 2 +- drivers/pwm/pwm-jz4740.c | 7 +- drivers/pwm/pwm-stm32.c | 31 +- drivers/scsi/bfa/bfad_bsg.c | 2 +- drivers/scsi/fnic/fnic_debugfs.c | 3 +- drivers/scsi/hisi_sas/hisi_sas_main.c | 11 +- drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 9 +- drivers/scsi/lpfc/lpfc_els.c | 4 +- drivers/scsi/mpi3mr/mpi3mr_app.c | 16 + drivers/scsi/mpi3mr/mpi3mr_os.c | 19 +- drivers/soc/qcom/llcc-qcom.c | 10 +- drivers/spi/Kconfig | 3 +- drivers/spi/spi-cadence-quadspi.c | 4 +- drivers/spi/spi-coldfire-qspi.c | 1 - drivers/spi/spi-sh-msiof.c | 17 ++ drivers/spmi/spmi-mtk-pmif.c | 20 +- drivers/staging/media/rkvdec/rkvdec.c | 3 + .../interface/vchiq_arm/vchiq_connected.c | 4 +- .../interface/vchiq_arm/vchiq_connected.h | 4 +- .../vc04_services/interface/vchiq_arm/vchiq_core.c | 6 +- drivers/target/target_core_file.c | 10 +- drivers/thermal/loongson2_thermal.c | 2 +- drivers/thermal/thermal_core.c | 1 - drivers/tty/serial/8250/8250_bcm2835aux.c | 2 + drivers/tty/serial/8250/8250_exar.c | 5 +- drivers/tty/serial/8250/8250_omap.c | 2 +- drivers/tty/serial/apbuart.c | 2 +- drivers/tty/serial/imx.c | 40 +-- drivers/tty/serial/omap-serial.c | 27 +- drivers/tty/serial/sc16is7xx.c | 8 +- drivers/tty/serial/serial_core.c | 61 +++- drivers/tty/serial/stm32-usart.c | 8 +- drivers/tty/tty_io.c | 3 + drivers/ufs/core/ufshcd.c | 7 +- drivers/ufs/host/ufs-qcom.c | 4 +- drivers/usb/cdns3/cdns3-gadget.c | 142 ++++++--- drivers/usb/cdns3/cdns3-gadget.h | 3 + drivers/usb/chipidea/core.c | 7 + drivers/usb/class/cdc-acm.c | 3 + drivers/usb/core/generic.c | 16 + drivers/usb/dwc3/core.c | 39 +-- drivers/usb/dwc3/ep0.c | 5 +- drivers/usb/dwc3/gadget.c | 19 +- drivers/usb/gadget/function/f_uvc.c | 63 ++-- drivers/usb/gadget/function/u_ether.c | 2 + drivers/usb/gadget/function/u_uvc.h | 6 + drivers/usb/gadget/legacy/webcam.c | 333 ++++++++++++++++----- drivers/usb/host/xhci-mtk.c | 40 ++- drivers/usb/host/xhci-mtk.h | 2 + drivers/usb/mon/mon_bin.c | 7 +- drivers/usb/phy/phy-mxs-usb.c | 3 +- drivers/usb/typec/class.c | 4 +- drivers/vdpa/alibaba/eni_vdpa.c | 6 +- drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c | 7 +- drivers/vfio/pci/pds/dirty.c | 6 +- drivers/vhost/vsock.c | 1 + drivers/video/fbdev/acornfb.c | 2 +- drivers/video/fbdev/core/fb_defio.c | 8 +- drivers/video/fbdev/imxfb.c | 27 +- drivers/video/fbdev/sm712fb.c | 6 +- drivers/watchdog/bcm2835_wdt.c | 3 +- drivers/watchdog/hpwdt.c | 2 +- drivers/watchdog/rti_wdt.c | 13 +- drivers/watchdog/watchdog_dev.c | 3 +- fs/ceph/Kconfig | 1 + fs/dlm/debug_fs.c | 2 +- fs/efivarfs/super.c | 15 + fs/erofs/decompressor.c | 2 +- fs/erofs/zdata.c | 5 +- fs/erofs/zmap.c | 23 +- fs/f2fs/data.c | 7 +- fs/f2fs/file.c | 7 +- fs/f2fs/namei.c | 2 +- fs/f2fs/node.c | 6 +- fs/f2fs/super.c | 8 + fs/f2fs/xattr.c | 11 +- fs/gfs2/quota.c | 3 +- fs/gfs2/rgrp.c | 2 +- fs/namespace.c | 11 + fs/nfs/blocklayout/blocklayout.c | 7 +- fs/nfs/dir.c | 2 +- fs/nfs/direct.c | 5 +- fs/nfs/internal.h | 2 +- fs/nfs/nfs4proc.c | 3 + fs/nfs/pnfs.c | 3 +- fs/pipe.c | 17 +- fs/pstore/ram_core.c | 2 +- fs/smb/server/asn1.c | 5 + fs/smb/server/connection.c | 6 - fs/smb/server/connection.h | 2 +- fs/smb/server/oplock.c | 6 + fs/smb/server/smb2pdu.c | 22 +- fs/smb/server/smb_common.c | 6 +- fs/smb/server/transport_rdma.c | 11 +- fs/smb/server/transport_tcp.c | 13 +- include/asm-generic/cmpxchg-local.h | 2 +- include/crypto/if_alg.h | 3 + include/drm/display/drm_dp_mst_helper.h | 2 +- include/drm/drm_bridge.h | 2 +- include/linux/bio.h | 9 +- include/linux/bpf.h | 13 +- include/linux/clk-provider.h | 4 +- include/linux/gpio/driver.h | 2 +- include/linux/hisi_acc_qm.h | 20 +- include/linux/iio/adc/adi-axi-adc.h | 4 + include/linux/mhi_ep.h | 19 +- include/linux/netfilter_bridge.h | 6 +- include/linux/pci.h | 12 +- include/linux/rcu_notifier.h | 6 +- include/linux/rcupdate.h | 6 + include/linux/skbuff.h | 2 +- include/linux/srcu.h | 2 +- include/linux/usb.h | 6 + include/linux/virtio_net.h | 9 +- include/linux/virtio_vsock.h | 1 + include/net/af_vsock.h | 2 +- include/net/bluetooth/hci_core.h | 1 - include/net/netdev_queues.h | 2 +- include/uapi/linux/bpf.h | 3 + init/do_mounts.c | 9 +- io_uring/io_uring.c | 22 +- io_uring/rw.c | 10 +- kernel/bpf/arraymap.c | 12 +- kernel/bpf/hashtab.c | 6 +- kernel/bpf/helpers.c | 2 +- kernel/bpf/lpm_trie.c | 3 + kernel/bpf/map_in_map.c | 13 +- kernel/bpf/map_in_map.h | 2 +- kernel/bpf/memalloc.c | 105 +------ kernel/bpf/stackmap.c | 11 +- kernel/bpf/syscall.c | 47 ++- kernel/bpf/verifier.c | 96 +++--- kernel/debug/kdb/kdb_main.c | 2 - kernel/dma/coherent.c | 4 +- kernel/rcu/Kconfig.debug | 25 ++ kernel/rcu/rcu.h | 8 +- kernel/rcu/rcutorture.c | 12 +- kernel/rcu/tree_stall.h | 11 +- kernel/rcu/update.c | 6 + kernel/sched/fair.c | 20 +- kernel/time/tick-sched.c | 5 + kernel/trace/bpf_trace.c | 7 + lib/kunit/debugfs.c | 34 ++- lib/test_bpf.c | 2 +- net/bluetooth/hci_conn.c | 8 +- net/bluetooth/hci_debugfs.c | 12 +- net/bluetooth/hci_event.c | 11 +- net/bridge/br_netfilter_hooks.c | 42 ++- net/bridge/br_netfilter_ipv6.c | 14 +- net/core/rtnetlink.c | 14 +- net/dns_resolver/dns_key.c | 2 +- net/dsa/user.c | 7 +- net/ethtool/features.c | 9 +- net/ipv4/af_inet.c | 1 + net/ipv4/ipmr.c | 13 +- net/ipv4/netfilter/nf_reject_ipv4.c | 9 +- net/ipv4/udp.c | 34 +-- net/ipv6/ip6_tunnel.c | 26 +- net/ipv6/mcast.c | 4 + net/ipv6/netfilter/nf_reject_ipv6.c | 11 +- net/ipv6/udp.c | 16 +- net/mac80211/mlme.c | 49 ++- net/mptcp/options.c | 6 +- net/mptcp/subflow.c | 17 +- net/ncsi/internal.h | 7 +- net/ncsi/ncsi-netlink.c | 4 +- net/ncsi/ncsi-pkt.h | 7 +- net/ncsi/ncsi-rsp.c | 26 +- net/netfilter/ipset/ip_set_hash_netiface.c | 8 +- net/netfilter/ipvs/ip_vs_xmit.c | 4 +- net/netfilter/nf_log_syslog.c | 13 +- net/netfilter/nf_queue.c | 6 +- net/netfilter/nf_tables_api.c | 38 ++- net/netfilter/nfnetlink_log.c | 8 +- net/netfilter/nft_limit.c | 19 +- net/netfilter/xt_physdev.c | 2 +- net/netlabel/netlabel_calipso.c | 49 +-- net/rxrpc/ar-internal.h | 1 + net/rxrpc/call_object.c | 4 +- net/rxrpc/local_object.c | 13 +- net/rxrpc/output.c | 6 +- net/rxrpc/rxkad.c | 2 + net/sched/act_ct.c | 12 +- net/sctp/socket.c | 13 +- net/sunrpc/xprt.c | 23 +- net/sunrpc/xprtmultipath.c | 2 +- net/tls/tls_sw.c | 6 +- net/unix/unix_bpf.c | 21 +- net/vmw_vsock/af_vsock.c | 9 +- net/vmw_vsock/hyperv_transport.c | 4 +- net/vmw_vsock/virtio_transport.c | 1 + net/vmw_vsock/virtio_transport_common.c | 43 ++- net/vmw_vsock/vsock_loopback.c | 1 + net/wireless/scan.c | 47 ++- rust/bindgen_parameters | 4 + security/apparmor/lib.c | 1 + security/apparmor/lsm.c | 1 - security/apparmor/policy.c | 13 +- security/apparmor/policy_unpack.c | 13 +- security/keys/encrypted-keys/encrypted.c | 4 + security/selinux/hooks.c | 7 + sound/drivers/aloop.c | 23 +- sound/pci/hda/patch_hdmi.c | 6 + sound/pci/hda/patch_realtek.c | 3 + sound/pci/oxygen/oxygen_mixer.c | 2 +- sound/soc/amd/vangogh/acp5x-mach.c | 35 +-- sound/soc/codecs/cs35l33.c | 4 +- sound/soc/codecs/cs35l34.c | 4 +- sound/soc/codecs/rt5645.c | 8 - sound/soc/codecs/tas2781-fmwlib.c | 1 + sound/soc/fsl/Kconfig | 1 + .../soc/intel/boards/sof_sdw_rt_sdca_jack_common.c | 1 + sound/soc/intel/common/soc-acpi-intel-glk-match.c | 14 +- sound/soc/mediatek/common/mtk-dsp-sof-common.c | 2 +- sound/soc/sof/intel/hda.h | 1 + sound/soc/sof/intel/mtl.c | 28 ++ sound/soc/sof/intel/pci-mtl.c | 12 +- sound/soc/sof/ipc4-loader.c | 11 +- sound/soc/sof/topology.c | 2 +- sound/usb/mixer_scarlett2.c | 207 +++++++++---- tools/include/uapi/linux/bpf.h | 3 + tools/lib/api/io.h | 1 + tools/perf/builtin-stat.c | 18 +- .../arch/arm64/ampere/ampereone/core-imp-def.json | 2 +- .../pmu-events/arch/arm64/arm/cmn/sys/cmn.json | 2 +- .../arch/powerpc/power10/datasource.json | 18 +- .../attr/test-record-user-regs-no-sve-aarch64 | 2 +- .../tests/attr/test-record-user-regs-sve-aarch64 | 2 +- tools/perf/tests/workloads/thloop.c | 4 +- tools/perf/util/bpf-event.c | 8 +- tools/perf/util/bpf-event.h | 12 +- tools/perf/util/db-export.c | 4 +- tools/perf/util/env.c | 50 ++-- tools/perf/util/env.h | 4 + tools/perf/util/genelf.c | 6 +- tools/perf/util/header.c | 17 +- tools/perf/util/hisi-ptt.c | 1 + tools/perf/util/mem-events.c | 25 +- tools/perf/util/stat-shadow.c | 2 +- tools/perf/util/unwind-libdw.c | 21 +- tools/perf/util/unwind-libunwind-local.c | 2 +- tools/testing/selftests/alsa/conf.c | 2 +- tools/testing/selftests/alsa/mixer-test.c | 4 +- tools/testing/selftests/bpf/prog_tests/bpf_iter.c | 2 + tools/testing/selftests/bpf/prog_tests/time_tai.c | 2 +- .../selftests/bpf/progs/bpf_iter_task_stack.c | 5 + tools/testing/selftests/bpf/progs/iters.c | 2 +- .../selftests/bpf/progs/test_global_func16.c | 2 +- .../selftests/bpf/progs/verifier_basic_stack.c | 8 +- .../testing/selftests/bpf/progs/verifier_int_ptr.c | 5 +- .../selftests/bpf/progs/verifier_raw_stack.c | 5 +- .../testing/selftests/bpf/progs/verifier_var_off.c | 62 +++- .../selftests/bpf/progs/xdp_synproxy_kern.c | 4 +- .../selftests/bpf/verifier/atomic_cmpxchg.c | 11 - tools/testing/selftests/bpf/verifier/calls.c | 4 +- tools/testing/selftests/bpf/xskxceiver.c | 25 +- .../drivers/net/bonding/mode-1-recovery-updelay.sh | 2 +- .../drivers/net/bonding/mode-2-recovery-updelay.sh | 2 +- .../testing/selftests/drivers/net/mlxsw/qos_pfc.sh | 18 +- .../drivers/net/mlxsw/spectrum-2/tc_flower.sh | 106 ++++++- .../selftests/net/arp_ndisc_untracked_subnets.sh | 2 +- .../selftests/net/fib_nexthop_multiprefix.sh | 4 +- tools/testing/selftests/powerpc/math/fpu_preempt.c | 9 +- tools/testing/selftests/powerpc/math/vmx_preempt.c | 10 +- tools/testing/selftests/sgx/Makefile | 2 +- tools/testing/selftests/sgx/load.c | 9 +- tools/testing/selftests/sgx/sigstruct.c | 5 +- tools/testing/selftests/sgx/test_encl.c | 8 +- 643 files changed, 5372 insertions(+), 3267 deletions(-)

1 year, 7 months

13
663
0 0

[PATCH 5.15 0/1] cifs: Fix stack-out-of-bounds in smb2_set_next_command()

by ZhaoLong Wang

Hello, I am sending this patch for inclusion in the stable tree, as it fixes a critical stack-out-of-bounds bug in the cifs module related to the `smb2_set_next_command()` function. Problem Summary: A problem was observed in the `statfs` system call for cifs, where it failed with a "Resource temporarily unavailable" message. Further investigation with KASAN revealed a stack-out-of-bounds error. The root cause was a miscalculation of the size of the `smb2_query_info_req` structure in the `SMB2_query_info_init()` function. This situation arose due to a dependency on a prior commit (`eb3e28c1e89b`) that replaced a 1-element array with a flexible array member in the `smb2_query_info_req` structure. This commit was not backported to the 5.10.y and 5.15.y stable branch, leading to an incorrect size calculation after the backport of commit `33eae65c6f49`. Fix Details: The patch corrects the size calculation to ensure the correct length is used when initializing the `smb2_query_info_req` structure. It has been tested and confirmed to resolve the issue without introducing any regressions. Maybe the prior commit eb3e28c1e89b ("smb3: Replace smb2pdu 1-element arrays with flex-arrays") should be backported to solve this problem directly. The patch does not seem to conflict. Best regards, ZhaoLong Wang ZhaoLong Wang (1): cifs: Fix stack-out-of-bounds in smb2_set_next_command() fs/cifs/smb2pdu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.39.2

1 year, 7 months

2
2
0 0

[PATCH v3] mm/zswap: invalidate old entry when store fail or !zswap_enabled

by chengming.zhou＠linux.dev

From: Chengming Zhou <zhouchengming(a)bytedance.com> We may encounter duplicate entry in the zswap_store(): 1. swap slot that freed to per-cpu swap cache, doesn't invalidate the zswap entry, then got reused. This has been fixed. 2. !exclusive load mode, swapin folio will leave its zswap entry on the tree, then swapout again. This has been removed. 3. one folio can be dirtied again after zswap_store(), so need to zswap_store() again. This should be handled correctly. So we must invalidate the old duplicate entry before insert the new one, which actually doesn't have to be done at the beginning of zswap_store(). And this is a normal situation, we shouldn't WARN_ON(1) in this case, so delete it. (The WARN_ON(1) seems want to detect swap entry UAF problem? But not very necessary here.) The good point is that we don't need to lock tree twice in the store success path. Note we still need to invalidate the old duplicate entry in the store failure path, otherwise the new data in swapfile could be overwrite by the old data in zswap pool when lru writeback. We have to do this even when !zswap_enabled since zswap can be disabled anytime. If the folio store success before, then got dirtied again but zswap disabled, we won't invalidate the old duplicate entry in the zswap_store(). So later lru writeback may overwrite the new data in swapfile. Fixes: 42c06a0e8ebe ("mm: kill frontswap") Cc: <stable(a)vger.kernel.org> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Acked-by: Yosry Ahmed <yosryahmed(a)google.com> Signed-off-by: Chengming Zhou <zhouchengming(a)bytedance.com> --- v3: - Fix a few grammatical problems in comments, per Yosry. v2: - Change the duplicate entry invalidation loop to if, since we hold the lock, we won't find it once we invalidate it, per Yosry. - Add Fixes tag. --- mm/zswap.c | 33 ++++++++++++++++----------------- 1 file changed, 16 insertions(+), 17 deletions(-) diff --git a/mm/zswap.c b/mm/zswap.c index cd67f7f6b302..d9d8947d6761 100644 --- a/mm/zswap.c +++ b/mm/zswap.c @@ -1518,18 +1518,8 @@ bool zswap_store(struct folio *folio) return false; if (!zswap_enabled) - return false; + goto check_old; - /* - * If this is a duplicate, it must be removed before attempting to store - * it, otherwise, if the store fails the old page won't be removed from - * the tree, and it might be written back overriding the new data. - */ - spin_lock(&tree->lock); - entry = zswap_rb_search(&tree->rbroot, offset); - if (entry) - zswap_invalidate_entry(tree, entry); - spin_unlock(&tree->lock); objcg = get_obj_cgroup_from_folio(folio); if (objcg && !obj_cgroup_may_zswap(objcg)) { memcg = get_mem_cgroup_from_objcg(objcg); @@ -1608,14 +1598,12 @@ bool zswap_store(struct folio *folio) /* map */ spin_lock(&tree->lock); /* - * A duplicate entry should have been removed at the beginning of this - * function. Since the swap entry should be pinned, if a duplicate is - * found again here it means that something went wrong in the swap - * cache. + * The folio may have been dirtied again, invalidate the + * possibly stale entry before inserting the new entry. */ - while (zswap_rb_insert(&tree->rbroot, entry, &dupentry) == -EEXIST) { - WARN_ON(1); + if (zswap_rb_insert(&tree->rbroot, entry, &dupentry) == -EEXIST) { zswap_invalidate_entry(tree, dupentry); + VM_WARN_ON(zswap_rb_insert(&tree->rbroot, entry, &dupentry)); } if (entry->length) { INIT_LIST_HEAD(&entry->lru); @@ -1638,6 +1626,17 @@ bool zswap_store(struct folio *folio) reject: if (objcg) obj_cgroup_put(objcg); +check_old: + /* + * If the zswap store fails or zswap is disabled, we must invalidate the + * possibly stale entry which was previously stored at this offset. + * Otherwise, writeback could overwrite the new data in the swapfile. + */ + spin_lock(&tree->lock); + entry = zswap_rb_search(&tree->rbroot, offset); + if (entry) + zswap_invalidate_entry(tree, entry); + spin_unlock(&tree->lock); return false; shrink: -- 2.40.1

1 year, 7 months

4
4
0 0

[PATCH 1/1] netfilter: ipset: Missing gc cancellations fixed

by Jozsef Kadlecsik

The patch fdb8e12cc2cc ("netfilter: ipset: fix performance regression in swap operation") missed to add the calls to gc cancellations at the error path of create operations and at module unload. Also, because the half of the destroy operations now executed by a function registered by call_rcu(), neither NFNL_SUBSYS_IPSET mutex or rcu read lock is held and therefore the checking of them results false warnings. Reported-by: syzbot+52bbc0ad036f6f0d4a25(a)syzkaller.appspotmail.com Reported-by: Brad Spengler <spender(a)grsecurity.net> Reported-by: Стас Ничипорович <stasn77(a)gmail.com> Fixes: fdb8e12cc2cc ("netfilter: ipset: fix performance regression in swap operation") Tested-by: Brad Spengler <spender(a)grsecurity.net> Tested-by: Стас Ничипорович <stasn77(a)gmail.com> Signed-off-by: Jozsef Kadlecsik <kadlec(a)netfilter.org> --- net/netfilter/ipset/ip_set_core.c | 2 ++ net/netfilter/ipset/ip_set_hash_gen.h | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index bcaad9c009fe..3184cc6be4c9 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c @@ -1154,6 +1154,7 @@ static int ip_set_create(struct sk_buff *skb, const struct nfnl_info *info, return ret; cleanup: + set->variant->cancel_gc(set); set->variant->destroy(set); put_out: module_put(set->type->me); @@ -2378,6 +2379,7 @@ ip_set_net_exit(struct net *net) set = ip_set(inst, i); if (set) { ip_set(inst, i) = NULL; + set->variant->cancel_gc(set); ip_set_destroy_set(set); } } diff --git a/net/netfilter/ipset/ip_set_hash_gen.h b/net/netfilter/ipset/ip_set_hash_gen.h index c62998b46f00..7f362cad8e68 100644 --- a/net/netfilter/ipset/ip_set_hash_gen.h +++ b/net/netfilter/ipset/ip_set_hash_gen.h @@ -431,7 +431,7 @@ mtype_ahash_destroy(struct ip_set *set, struct htable *t, bool ext_destroy) u32 i; for (i = 0; i < jhash_size(t->htable_bits); i++) { - n = __ipset_dereference(hbucket(t, i)); + n = hbucket(t, i); if (!n) continue; if (set->extensions & IPSET_EXT_DESTROY && ext_destroy) @@ -451,7 +451,7 @@ mtype_destroy(struct ip_set *set) struct htype *h = set->data; struct list_head *l, *lt; - mtype_ahash_destroy(set, ipset_dereference_nfnl(h->table), true); + mtype_ahash_destroy(set, h->table, true); list_for_each_safe(l, lt, &h->ad) { list_del(l); kfree(l); -- 2.39.2

1 year, 7 months

3
2
0 0

[PATCH] btrfs: always scan a single device when mounted

by David Sterba

There are reports that since version 6.7 update-grub fails to find the device of the root on systems without initrd and on a single device. This looks like the device name changed in the output of /proc/self/mountinfo: 6.5-rc5 working 18 1 0:16 / / rw,noatime - btrfs /dev/sda8 ... 6.7 not working: 17 1 0:15 / / rw,noatime - btrfs /dev/root ... and "update-grub" shows this error: /usr/sbin/grub-probe: error: cannot find a device for / (is /dev mounted?) This looks like it's related to the device name, but grub-probe recognizes the "/dev/root" path and tries to find the underlying device. However there's a special case for some filesystems, for btrfs in particular. The generic root device detection heuristic is not done and it all relies on reading the device infos by a btrfs specific ioctl. This ioctl returns the device name as it was saved at the time of device scan (in this case it's /dev/root). The change in 6.7 for temp_fsid to allow several single device filesystem to exist with the same fsid (and transparently generate a new UUID at mount time) was to skip caching/registering such devices. This also skipped mounted device. One step of scanning is to check if the device name hasn't changed, and if yes then update the cached value. This broke the grub-probe as it always read the device /dev/root and couldn't find it in the system. A temporary workaround is to create a symlink but this does not survive reboot. The right fix is to allow updating the device path of a mounted filesystem even if this is a single device one. This does not affect the temp_fsid feature, the UUID of the mounted filesystem remains the same and the matching is based on device major:minor which is unique per mounted filesystem. As the main part of device scanning and list update is done in device_list_add() that handles all corner cases and locking, it is extended to take a parameter that tells it to do everything as before, except adding a new device entry. This covers the path when the device (that exists for all mounted devices) name changes, updating /dev/root to /dev/sdx. Any other single device with filesystem is skipped. Note that if a system is booted and initial mount is done on the /dev/root device, this will be the cached name of the device. Only after the command "btrfs device rescan" it will change as it triggers the rename. The fix was verified by users whose systems were affected. CC: stable(a)vger.kernel.org # 6.7+ Fixes: bc27d6f0aa0e ("btrfs: scan but don't register device on single device filesystem") Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=218353 Link: https://lore.kernel.org/lkml/CAKLYgeJ1tUuqLcsquwuFqjDXPSJpEiokrWK2gisPKDZLs… Signed-off-by: David Sterba <dsterba(a)suse.com> --- fs/btrfs/volumes.c | 30 ++++++++++++++---------------- 1 file changed, 14 insertions(+), 16 deletions(-) diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c index 474ab7ed65ea..f2c2f7ca5c3d 100644 --- a/fs/btrfs/volumes.c +++ b/fs/btrfs/volumes.c @@ -738,6 +738,7 @@ static noinline struct btrfs_device *device_list_add(const char *path, bool same_fsid_diff_dev = false; bool has_metadata_uuid = (btrfs_super_incompat_flags(disk_super) & BTRFS_FEATURE_INCOMPAT_METADATA_UUID); + bool can_create_new = *new_device_added; if (btrfs_super_flags(disk_super) & BTRFS_SUPER_FLAG_CHANGING_FSID_V2) { btrfs_err(NULL, @@ -753,6 +754,7 @@ static noinline struct btrfs_device *device_list_add(const char *path, return ERR_PTR(error); } + *new_device_added = false; fs_devices = find_fsid_by_device(disk_super, path_devt, &same_fsid_diff_dev); if (!fs_devices) { @@ -804,6 +806,15 @@ static noinline struct btrfs_device *device_list_add(const char *path, return ERR_PTR(-EBUSY); } + if (!can_create_new) { + pr_info( + "BTRFS: device fsid %pU devid %llu transid %llu %s skip registration scanned by %s (%d)\n", + disk_super->fsid, devid, found_transid, path, + current->comm, task_pid_nr(current)); + mutex_unlock(&fs_devices->device_list_mutex); + return NULL; + } + nofs_flag = memalloc_nofs_save(); device = btrfs_alloc_device(NULL, &devid, disk_super->dev_item.uuid, path); @@ -1355,27 +1366,14 @@ struct btrfs_device *btrfs_scan_one_device(const char *path, blk_mode_t flags, goto error_bdev_put; } - if (!mount_arg_dev && btrfs_super_num_devices(disk_super) == 1 && - !(btrfs_super_flags(disk_super) & BTRFS_SUPER_FLAG_SEEDING)) { - dev_t devt; - - ret = lookup_bdev(path, &devt); - if (ret) - btrfs_warn(NULL, "lookup bdev failed for path %s: %d", - path, ret); - else - btrfs_free_stale_devices(devt, NULL); - - pr_debug("BTRFS: skip registering single non-seed device %s\n", path); - device = NULL; - goto free_disk_super; - } + if (mount_arg_dev || btrfs_super_num_devices(disk_super) != 1 || + (btrfs_super_flags(disk_super) & BTRFS_SUPER_FLAG_SEEDING)) + new_device_added = true; device = device_list_add(path, disk_super, &new_device_added); if (!IS_ERR(device) && new_device_added) btrfs_free_stale_devices(device->devt, device); -free_disk_super: btrfs_release_disk_super(disk_super); error_bdev_put: -- 2.42.1

1 year, 7 months

4
4
0 0

[PATCH 1/4] arm64: dts: qcom: sm8550-qrd: correct WCD9385 TX port mapping

by Krzysztof Kozlowski

WCD9385 audio codec TX port mapping was copied form HDK8450, but in fact it is offset by one. Correct it to fix recording via analogue microphones. Cc: <stable(a)vger.kernel.org> Fixes: 83fae950c992 ("arm64: dts: qcom: sm8550-qrd: add WCD9385 audio-codec") Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> --- arch/arm64/boot/dts/qcom/sm8550-qrd.dts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/boot/dts/qcom/sm8550-qrd.dts b/arch/arm64/boot/dts/qcom/sm8550-qrd.dts index 6c8e206080d2..76e9ca954093 100644 --- a/arch/arm64/boot/dts/qcom/sm8550-qrd.dts +++ b/arch/arm64/boot/dts/qcom/sm8550-qrd.dts @@ -842,7 +842,7 @@ &swr2 { wcd_tx: codec@0,3 { compatible = "sdw20217010d00"; reg = <0 3>; - qcom,tx-port-mapping = <1 1 2 3>; + qcom,tx-port-mapping = <2 2 3 4>; }; }; -- 2.34.1

1 year, 7 months

4
9
0 0

[git:media_tree/master] media: tc358743: register v4l2 async device only after successful setup

by Mauro Carvalho Chehab

This is an automatic generated email to let you know that the following patch were queued: Subject: media: tc358743: register v4l2 async device only after successful setup Author: Alexander Stein <alexander.stein(a)ew.tq-group.com> Date: Wed Jan 10 10:01:11 2024 +0100 Ensure the device has been setup correctly before registering the v4l2 async device, thus allowing userspace to access. Signed-off-by: Alexander Stein <alexander.stein(a)ew.tq-group.com> Reviewed-by: Robert Foss <rfoss(a)kernel.org> Fixes: 4c5211a10039 ("[media] tc358743: register v4l2 asynchronous subdevice") Cc: stable(a)vger.kernel.org Signed-off-by: Sakari Ailus <sakari.ailus(a)linux.intel.com> Signed-off-by: Mauro Carvalho Chehab <mchehab(a)kernel.org> drivers/media/i2c/tc358743.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) --- diff --git a/drivers/media/i2c/tc358743.c b/drivers/media/i2c/tc358743.c index 2785935da497..558152575d10 100644 --- a/drivers/media/i2c/tc358743.c +++ b/drivers/media/i2c/tc358743.c @@ -2091,9 +2091,6 @@ static int tc358743_probe(struct i2c_client *client) state->mbus_fmt_code = MEDIA_BUS_FMT_RGB888_1X24; sd->dev = &client->dev; - err = v4l2_async_register_subdev(sd); - if (err < 0) - goto err_hdl; mutex_init(&state->confctl_mutex); @@ -2151,6 +2148,10 @@ static int tc358743_probe(struct i2c_client *client) if (err) goto err_work_queues; + err = v4l2_async_register_subdev(sd); + if (err < 0) + goto err_work_queues; + v4l2_info(sd, "%s found @ 0x%x (%s)\n", client->name, client->addr << 1, client->adapter->name);

1 year, 7 months

1
0
0 0

[PATCH v2] mm/zswap: invalidate old entry when store fail or !zswap_enabled

by chengming.zhou＠linux.dev

From: Chengming Zhou <zhouchengming(a)bytedance.com> We may encounter duplicate entry in the zswap_store(): 1. swap slot that freed to per-cpu swap cache, doesn't invalidate the zswap entry, then got reused. This has been fixed. 2. !exclusive load mode, swapin folio will leave its zswap entry on the tree, then swapout again. This has been removed. 3. one folio can be dirtied again after zswap_store(), so need to zswap_store() again. This should be handled correctly. So we must invalidate the old duplicate entry before insert the new one, which actually doesn't have to be done at the beginning of zswap_store(). And this is a normal situation, we shouldn't WARN_ON(1) in this case, so delete it. (The WARN_ON(1) seems want to detect swap entry UAF problem? But not very necessary here.) The good point is that we don't need to lock tree twice in the store success path. Note we still need to invalidate the old duplicate entry in the store failure path, otherwise the new data in swapfile could be overwrite by the old data in zswap pool when lru writeback. We have to do this even when !zswap_enabled since zswap can be disabled anytime. If the folio store success before, then got dirtied again but zswap disabled, we won't invalidate the old duplicate entry in the zswap_store(). So later lru writeback may overwrite the new data in swapfile. Fixes: 42c06a0e8ebe ("mm: kill frontswap") Cc: <stable(a)vger.kernel.org> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Signed-off-by: Chengming Zhou <zhouchengming(a)bytedance.com> --- v2: - Change the duplicate entry invalidation loop to if, since we hold the lock, we won't find it once we invalidate it, per Yosry. - Add Fixes tag. --- mm/zswap.c | 33 ++++++++++++++++----------------- 1 file changed, 16 insertions(+), 17 deletions(-) diff --git a/mm/zswap.c b/mm/zswap.c index cd67f7f6b302..6c1466633274 100644 --- a/mm/zswap.c +++ b/mm/zswap.c @@ -1518,18 +1518,8 @@ bool zswap_store(struct folio *folio) return false; if (!zswap_enabled) - return false; + goto check_old; - /* - * If this is a duplicate, it must be removed before attempting to store - * it, otherwise, if the store fails the old page won't be removed from - * the tree, and it might be written back overriding the new data. - */ - spin_lock(&tree->lock); - entry = zswap_rb_search(&tree->rbroot, offset); - if (entry) - zswap_invalidate_entry(tree, entry); - spin_unlock(&tree->lock); objcg = get_obj_cgroup_from_folio(folio); if (objcg && !obj_cgroup_may_zswap(objcg)) { memcg = get_mem_cgroup_from_objcg(objcg); @@ -1608,14 +1598,12 @@ bool zswap_store(struct folio *folio) /* map */ spin_lock(&tree->lock); /* - * A duplicate entry should have been removed at the beginning of this - * function. Since the swap entry should be pinned, if a duplicate is - * found again here it means that something went wrong in the swap - * cache. + * The folio could be dirtied again, invalidate the possible old entry + * before insert this new entry. */ - while (zswap_rb_insert(&tree->rbroot, entry, &dupentry) == -EEXIST) { - WARN_ON(1); + if (zswap_rb_insert(&tree->rbroot, entry, &dupentry) == -EEXIST) { zswap_invalidate_entry(tree, dupentry); + VM_WARN_ON(zswap_rb_insert(&tree->rbroot, entry, &dupentry)); } if (entry->length) { INIT_LIST_HEAD(&entry->lru); @@ -1638,6 +1626,17 @@ bool zswap_store(struct folio *folio) reject: if (objcg) obj_cgroup_put(objcg); +check_old: + /* + * If zswap store fail or zswap disabled, we must invalidate possible + * old entry which previously stored by this folio. Otherwise, later + * writeback could overwrite the new data in swapfile. + */ + spin_lock(&tree->lock); + entry = zswap_rb_search(&tree->rbroot, offset); + if (entry) + zswap_invalidate_entry(tree, entry); + spin_unlock(&tree->lock); return false; shrink: -- 2.40.1

1 year, 7 months

2
1
0 0

Requesting 3 patches for Apple Magic Keyboard 2021 to be merged to LTS kernels

by Aseda Aboagye

Dear stable kernel maintainers, I am writing to request that 3 related patches be merged to various LTS kernels. I'm not sure if it would have been preferable for me to send 3 separate emails, so please forgive me if I chose wrongly. (This is my first foray into interacting with the kernel community) :) The patches are as follows: 1. 0cd3be51733f (HID: apple: Add support for the 2021 Magic Keyboard, 2021-10-08) 2. 346338ef00d3 (HID: apple: Swap the Fn and Left Control keys on Apple keyboards, 2020-05-15) 3. 531cb56972f2 (HID: apple: Add 2021 magic keyboard FN key mapping, 2021-11-08) These patches have all been merged to mainline, but I believe when they were submitted, backporting may not have been considered. The Apple Magic Keyboard 2021 (Model # A2450) seems to be a popular keyboard, and without these patches, for users on certain LTS kernels that use this keyboard, the function keys do not behave as expected. e.g. Pressing the brightness down or brightness up key didn't work, and bizarrely pressing the globe/Fn key alone caused the brightness to decrease. None of the top row keys worked as expected. I checked to see where the patches were missing and figured that it would be good to have those patches in those kernels. I would ask that patches 1 & 3 be merged to v4.19, v5.4, v5.10, and v5.15. I would ask that patch 2 be merged to: v5.4 and v4.19. For patch 3 to apply cleanly, it needed patch 2 to be present in the tree. Thanks, -- Aseda Aboagye

1 year, 7 months

2
2
0 0

[PATCH] perf/x86: Fix out of range data

by Namhyung Kim

On x86 each cpu_hw_events maintains a table for counter assignment but it missed to update one for the deleted event in x86_pmu_del(). This can make perf_clear_dirty_counters() reset used counter if it's called before event scheduling or enabling. Then it would return out of range data which doesn't make sense. The following code can reproduce the problem. $ cat repro.c #include <pthread.h> #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <linux/perf_event.h> #include <sys/ioctl.h> #include <sys/mman.h> #include <sys/syscall.h> struct perf_event_attr attr = { .type = PERF_TYPE_HARDWARE, .config = PERF_COUNT_HW_CPU_CYCLES, .disabled = 1, }; void *worker(void *arg) { int cpu = (long)arg; int fd1 = syscall(SYS_perf_event_open, &attr, -1, cpu, -1, 0); int fd2 = syscall(SYS_perf_event_open, &attr, -1, cpu, -1, 0); void *p; do { ioctl(fd1, PERF_EVENT_IOC_ENABLE, 0); p = mmap(NULL, 4096, PROT_READ, MAP_SHARED, fd1, 0); ioctl(fd2, PERF_EVENT_IOC_ENABLE, 0); ioctl(fd2, PERF_EVENT_IOC_DISABLE, 0); munmap(p, 4096); ioctl(fd1, PERF_EVENT_IOC_DISABLE, 0); } while (1); return NULL; } int main(void) { int i; int n = sysconf(_SC_NPROCESSORS_ONLN); pthread_t *th = calloc(n, sizeof(*th)); for (i = 0; i < n; i++) pthread_create(&th[i], NULL, worker, (void *)(long)i); for (i = 0; i < n; i++) pthread_join(th[i], NULL); free(th); return 0; } And you can see the out of range data using perf stat like this. Probably it'd be easier to see on a large machine. $ gcc -o repro repro.c -pthread $ ./repro & $ sudo perf stat -A -I 1000 2>&1 | awk '{ if (length($3) > 15) print }' 1.001028462 CPU6 196,719,295,683,763 cycles # 194290.996 GHz (71.54%) 1.001028462 CPU3 396,077,485,787,730 branch-misses # 15804359784.80% of all branches (71.07%) 1.001028462 CPU17 197,608,350,727,877 branch-misses # 14594186554.56% of all branches (71.22%) 2.020064073 CPU4 198,372,472,612,140 cycles # 194681.113 GHz (70.95%) 2.020064073 CPU6 199,419,277,896,696 cycles # 195720.007 GHz (70.57%) 2.020064073 CPU20 198,147,174,025,639 cycles # 194474.654 GHz (71.03%) 2.020064073 CPU20 198,421,240,580,145 stalled-cycles-frontend # 100.14% frontend cycles idle (70.93%) 3.037443155 CPU4 197,382,689,923,416 cycles # 194043.065 GHz (71.30%) 3.037443155 CPU20 196,324,797,879,414 cycles # 193003.773 GHz (71.69%) 3.037443155 CPU5 197,679,956,608,205 stalled-cycles-backend # 1315606428.66% backend cycles idle (71.19%) 3.037443155 CPU5 198,571,860,474,851 instructions # 13215422.58 insn per cycle It should move the contents in the cpuc->assign as well. Fixes: 5471eea5d3bf ("perf/x86: Reset the dirty counter to prevent the leak for an RDPMC task") Cc: Kan Liang <kan.liang(a)linux.intel.com> Cc: stable(a)vger.kernel.org Signed-off-by: Namhyung Kim <namhyung(a)kernel.org> --- arch/x86/events/core.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/events/core.c b/arch/x86/events/core.c index 09050641ce5d..5b0dd07b1ef1 100644 --- a/arch/x86/events/core.c +++ b/arch/x86/events/core.c @@ -1644,6 +1644,7 @@ static void x86_pmu_del(struct perf_event *event, int flags) while (++i < cpuc->n_events) { cpuc->event_list[i-1] = cpuc->event_list[i]; cpuc->event_constraint[i-1] = cpuc->event_constraint[i]; + cpuc->assign[i-1] = cpuc->assign[i]; } cpuc->event_constraint[i-1] = NULL; --cpuc->n_events; -- 2.43.0.472.g3155946c3a-goog

1 year, 7 months

2
3
0 0

[PATCH v3 8/8] m68k: Move signal frame following exception on 68020/030

by Michael Schmitz

From: Finn Thain <fthain(a)linux-m68k.org> commit b845b574f86dcb6a70dfa698aa87a237b0878d2a upstream. On 68030/020, an instruction such as, moveml %a2-%a3/%a5,%sp@- may cause a stack page fault during instruction execution (i.e. not at an instruction boundary) and produce a format 0xB exception frame. In this situation, the value of USP will be unreliable. If a signal is to be delivered following the exception, this USP value is used to calculate the location for a signal frame. This can result in a corrupted user stack. The corruption was detected in dash (actually in glibc) where it showed up as an intermittent "stack smashing detected" message and crash following signal delivery for SIGCHLD. It was hard to reproduce that failure because delivery of the signal raced with the page fault and because the kernel places an unpredictable gap of up to 7 bytes between the USP and the signal frame. A format 0xB exception frame can be produced by a bus error or an address error. The 68030 Users Manual says that address errors occur immediately upon detection during instruction prefetch. The instruction pipeline allows prefetch to overlap with other instructions, which means an address error can arise during the execution of a different instruction. So it seems likely that this patch may help in the address error case also. Reported-and-tested-by: Stan Johnson <userm57(a)yahoo.com> Link: https://lore.kernel.org/all/CAMuHMdW3yD22_ApemzW_6me3adq6A458u1_F0v-1EYwK_6… Cc: Michael Schmitz <schmitzmic(a)gmail.com> Cc: Andreas Schwab <schwab(a)linux-m68k.org> Cc: stable(a)vger.kernel.org Co-developed-by: Michael Schmitz <schmitzmic(a)gmail.com> Signed-off-by: Michael Schmitz <schmitzmic(a)gmail.com> Signed-off-by: Finn Thain <fthain(a)linux-m68k.org> Reviewed-by: Geert Uytterhoeven <geert(a)linux-m68k.org> Link: https://lore.kernel.org/r/9e66262a754fcba50208aa424188896cc52a1dd1.16833658… Signed-off-by: Geert Uytterhoeven <geert(a)linux-m68k.org> --- arch/m68k/kernel/signal.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/arch/m68k/kernel/signal.c b/arch/m68k/kernel/signal.c index 8fb8ee804b3a..de7c1bde62bc 100644 --- a/arch/m68k/kernel/signal.c +++ b/arch/m68k/kernel/signal.c @@ -808,11 +808,17 @@ static inline int rt_setup_ucontext(struct ucontext __user *uc, struct pt_regs * } static inline void __user * -get_sigframe(struct ksignal *ksig, size_t frame_size) +get_sigframe(struct ksignal *ksig, struct pt_regs *tregs, size_t frame_size) { unsigned long usp = sigsp(rdusp(), ksig); + unsigned long gap = 0; - return (void __user *)((usp - frame_size) & -8UL); + if (CPU_IS_020_OR_030 && tregs->format == 0xb) { + /* USP is unreliable so use worst-case value */ + gap = 256; + } + + return (void __user *)((usp - gap - frame_size) & -8UL); } static int setup_frame(struct ksignal *ksig, sigset_t *set, @@ -830,7 +836,7 @@ static int setup_frame(struct ksignal *ksig, sigset_t *set, return -EFAULT; } - frame = get_sigframe(ksig, sizeof(*frame) + fsize); + frame = get_sigframe(ksig, tregs, sizeof(*frame) + fsize); if (fsize) err |= copy_to_user (frame + 1, regs + 1, fsize); @@ -903,7 +909,7 @@ static int setup_rt_frame(struct ksignal *ksig, sigset_t *set, return -EFAULT; } - frame = get_sigframe(ksig, sizeof(*frame)); + frame = get_sigframe(ksig, tregs, sizeof(*frame)); if (fsize) err |= copy_to_user (&frame->uc.uc_extra, regs + 1, fsize); -- 2.17.1

1 year, 7 months

1
0
0 0

[PATCH v3 1/8] m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap()

by Michael Schmitz

commit 3f90f9ef2dda316d64e420d5d51ba369587ccc55 upstream. If 020/030 support is enabled, get_io_area() leaves an IO_SIZE gap between mappings which is added to the vm_struct representing the mapping. __ioremap() uses the actual requested size (after alignment), while __iounmap() is passed the size from the vm_struct. On 020/030, early termination descriptors are used to set up mappings of extent 'size', which are validated on unmapping. The unmapped gap of size IO_SIZE defeats the sanity check of the pmd tables, causing __iounmap() to loop forever on 030. On 040/060, unmapping of page table entries does not check for a valid mapping, so the umapping loop always completes there. Adjust size to be unmapped by the gap that had been added in the vm_struct prior. This fixes the hang in atari_platform_init() reported a long time ago, and a similar one reported by Finn recently (addressed by removing ioremap() use from the SWIM driver. Tested on my Falcon in 030 mode - untested but should work the same on 040/060 (the extra page tables cleared there would never have been set up anyway). Signed-off-by: Michael Schmitz <schmitzmic(a)gmail.com> [geert: Minor commit description improvements] [geert: This was fixed in 2.4.23, but not in 2.5.x] Signed-off-by: Geert Uytterhoeven <geert(a)linux-m68k.org> Cc: stable(a)vger.kernel.org Cc: <cip-dev(a)lists.cip-project.org> # 4.4 --- arch/m68k/mm/kmap.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/m68k/mm/kmap.c b/arch/m68k/mm/kmap.c index 6e4955bc542b..fcd52cefee29 100644 --- a/arch/m68k/mm/kmap.c +++ b/arch/m68k/mm/kmap.c @@ -88,7 +88,8 @@ static inline void free_io_area(void *addr) for (p = &iolist ; (tmp = *p) ; p = &tmp->next) { if (tmp->addr == addr) { *p = tmp->next; - __iounmap(tmp->addr, tmp->size); + /* remove gap added in get_io_area() */ + __iounmap(tmp->addr, tmp->size - IO_SIZE); kfree(tmp); return; } -- 2.17.1

1 year, 7 months

1
0
0 0

[PATCH 5.10/5.15/6.1 0/1] net: prevent mss overflow in skb_segment()

by Alexey Panov

Syzkaller reports NULL pointer dereference issue at skb_segment() in 5.10/5.15/6.1 stable releases. The problem has been fixed by the following patch which can be cleanly applied to 5.10/5.15/6.1 branches. Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

1 year, 7 months

1
1
0 0

[PATCH] blk-wbt: Fix detection of dirty-throttled tasks

by Jan Kara

The detection of dirty-throttled tasks in blk-wbt has been subtly broken since its beginning in 2016. Namely if we are doing cgroup writeback and the throttled task is not in the root cgroup, balance_dirty_pages() will set dirty_sleep for the non-root bdi_writeback structure. However blk-wbt checks dirty_sleep only in the root cgroup bdi_writeback structure. Thus detection of recently throttled tasks is not working in this case (we noticed this when we switched to cgroup v2 and suddently writeback was slow). Since blk-wbt has no easy way to get to proper bdi_writeback and furthermore its intention has always been to work on the whole device rather than on individual cgroups, just move the dirty_sleep timestamp from bdi_writeback to backing_dev_info. That fixes the checking for recently throttled task and saves memory for everybody as a bonus. CC: stable(a)vger.kernel.org Fixes: b57d74aff9ab ("writeback: track if we're sleeping on progress in balance_dirty_pages()") Signed-off-by: Jan Kara <jack(a)suse.cz> --- block/blk-wbt.c | 4 ++-- include/linux/backing-dev-defs.h | 7 +++++-- mm/backing-dev.c | 2 +- mm/page-writeback.c | 2 +- 4 files changed, 9 insertions(+), 6 deletions(-) diff --git a/block/blk-wbt.c b/block/blk-wbt.c index 5ba3cd574eac..0c0e270a8265 100644 --- a/block/blk-wbt.c +++ b/block/blk-wbt.c @@ -163,9 +163,9 @@ static void wb_timestamp(struct rq_wb *rwb, unsigned long *var) */ static bool wb_recent_wait(struct rq_wb *rwb) { - struct bdi_writeback *wb = &rwb->rqos.disk->bdi->wb; + struct backing_dev_info *bdi = rwb->rqos.disk->bdi; - return time_before(jiffies, wb->dirty_sleep + HZ); + return time_before(jiffies, bdi->last_bdp_sleep + HZ); } static inline struct rq_wait *get_rq_wait(struct rq_wb *rwb, diff --git a/include/linux/backing-dev-defs.h b/include/linux/backing-dev-defs.h index ae12696ec492..ad17739a2e72 100644 --- a/include/linux/backing-dev-defs.h +++ b/include/linux/backing-dev-defs.h @@ -141,8 +141,6 @@ struct bdi_writeback { struct delayed_work dwork; /* work item used for writeback */ struct delayed_work bw_dwork; /* work item used for bandwidth estimate */ - unsigned long dirty_sleep; /* last wait */ - struct list_head bdi_node; /* anchored at bdi->wb_list */ #ifdef CONFIG_CGROUP_WRITEBACK @@ -179,6 +177,11 @@ struct backing_dev_info { * any dirty wbs, which is depended upon by bdi_has_dirty(). */ atomic_long_t tot_write_bandwidth; + /* + * Jiffies when last process was dirty throttled on this bdi. Used by + * blk-wbt. + */ + unsigned long last_bdp_sleep; struct bdi_writeback wb; /* the root writeback info for this bdi */ struct list_head wb_list; /* list of all wbs */ diff --git a/mm/backing-dev.c b/mm/backing-dev.c index 1e3447bccdb1..e039d05304dd 100644 --- a/mm/backing-dev.c +++ b/mm/backing-dev.c @@ -436,7 +436,6 @@ static int wb_init(struct bdi_writeback *wb, struct backing_dev_info *bdi, INIT_LIST_HEAD(&wb->work_list); INIT_DELAYED_WORK(&wb->dwork, wb_workfn); INIT_DELAYED_WORK(&wb->bw_dwork, wb_update_bandwidth_workfn); - wb->dirty_sleep = jiffies; err = fprop_local_init_percpu(&wb->completions, gfp); if (err) @@ -921,6 +920,7 @@ int bdi_init(struct backing_dev_info *bdi) INIT_LIST_HEAD(&bdi->bdi_list); INIT_LIST_HEAD(&bdi->wb_list); init_waitqueue_head(&bdi->wb_waitq); + bdi->last_bdp_sleep = jiffies; return cgwb_bdi_init(bdi); } diff --git a/mm/page-writeback.c b/mm/page-writeback.c index cd4e4ae77c40..cc37fa7f3364 100644 --- a/mm/page-writeback.c +++ b/mm/page-writeback.c @@ -1921,7 +1921,7 @@ static int balance_dirty_pages(struct bdi_writeback *wb, break; } __set_current_state(TASK_KILLABLE); - wb->dirty_sleep = now; + bdi->last_bdp_sleep = jiffies; io_schedule_timeout(pause); current->dirty_paused_when = now + pause; -- 2.35.3

1 year, 7 months

2
2
0 0

[PATCH 5.15.y 0/1] smb: client: fix "df: Resource temporarily unavailable" on 5.15 stable kernel

by kovalev＠altlinux.org

ATTENTION! Before applying this patch a conflict patch in the queue needs to be removed: https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tre… Describe bug: After mounting a remote cifs resource, it becomes unavailable: df: /mnt/sambashare: Resource temporarily unavailable It was tested on the following Linux kernel: Linux altlinux 5.15.148 The error appeared starting from kernel 5.15.147 after adding the commit [1] "smb: client: fix OOB in SMB2_query_info_init()", in which the buffer length increases by 1 as a result of changes: . - iov[0].iov_len = total_len - 1 + input_len; + iov[0].iov_len = len; . [1] https://patchwork.kernel.org/project/cifs-client/patch/20231213152557.6634-… Error fixed by backported commit in next patch adapted for the 5.15 kernel: [PATCH 5.15.y 1/1] smb3: Replace smb2pdu 1-element arrays with flex-arrays P.S. I have already backported similar changes for the 5.10.y kernel [2], but I did not know that there was the same error on 5.15, since I only deal with kernels 5.10 and 6.1. Therefore, this patch is to follow the rules of backport to stable branches. [2] https://lore.kernel.org/all/2024012613-woozy-exhume-7b9d@gregkh/T/

1 year, 7 months

1
1
0 0

[PATCH v6 0/4] Regather scattered PCI-Code

by Philipp Stanner

@Stable-Kernel: You receive this patch series because its first patch fixes a leak in PCI. @Bjorn: I decided that it's now actually possible to just embed the docu updates to the respective patches, instead of a separate patch. Also dropped the ioport_unmap() for now. Changes in v6: - Remove the addition of ioport_unmap() from patch #1, since this is not really a bug, as explained by the comment above pci_iounmap. (Bjorn) - Drop the patch unifying the two versions of pci_iounmap(). (Bjorn) - Make patch #4's style congruent with PCI style. - Drop (in any case empty) ioport_unmap() again from pci_iounmap() - Add forgotten updates to Documentation/ when moving files from lib/ to drivers/pci/ Changes in v5: - Add forgotten update to MAINTAINERS file. Changes in v4: - Apply Arnd's Reviewed-by's - Add ifdef CONFIG_HAS_IOPORT_MAP guard in drivers/pci/iomap.c (build error on openrisc) - Fix typo in patch no.5 Changes in v3: - Create a separate patch for the leaks in lib/iomap.c. Make it the series' first patch. (Arnd) - Turns out the aforementioned bug wasn't just accidentally removing iounmap() with the ifdef, it was also missing ioport_unmap() to begin with. Add it. - Move the ARCH_WANTS_GENERIC_IOMEM_IS_IOPORT-mechanism from asm-generic/io.h to asm-generic/ioport.h. (Arnd) - Adjust the implementation of iomem_is_ioport() in asm-generic/io.h so that it matches exactly what pci_iounmap() previously did in lib/pci_iomap.c. (Arnd) - Move the CONFIG_HAS_IOPORT guard in asm-generic/io.h so that iomem_is_ioport() will always be compiled and just returns false if there are no ports. - Add TODOs to several places informing about the generic iomem_is_ioport() in lib/iomap.c not being generic. - Add TODO about the followup work to make drivers/pci/iomap.c's pci_iounmap() actually generic. Changes in v2: - Replace patch 4, previously extending the comment about pci_iounmap() in lib/iomap.c, with a patch that moves pci_iounmap() from that file to drivers/pci/iomap.c, creating a unified version there. (Arnd) - Implement iomem_is_ioport() as a new helper in asm-generic/io.h and lib/iomap.c. (Arnd) - Move the build rule in drivers/pci/Makefile for iomap.o under the guard of #if PCI. This had to be done because when just checking for GENERIC_PCI_IOMAP being defined, the functions don't disappear, which was the case previously in lib/pci_iomap.c, where the entire file was made empty if PCI was not set by the guard #ifdef PCI. (Intel's Bots) - Rephares all patches' commit messages a little bit. Sooooooooo. I reworked v1. Please review this carefully, the IO-Ranges are obviously a bit tricky, as is the build-system / ifdef-ery. Arnd has suggested that architectures defining a custom inb() need their own iomem_is_ioport(), as well. I've grepped for inb() and found the following list of archs that define their own: - alpha - arm - m68k <-- - parisc - powerpc - sh - sparc - x86 <-- All of those have their own definitons of pci_iounmap(). Therefore, they don't need our generic version in the first place and, thus, also need no iomem_is_ioport(). The two exceptions are x86 and m68k. The former uses lib/iomap.c through CONFIG_GENERIC_IOMAP, as Arnd pointed out in the previous discussion (thus, CONFIG_GENERIC_IOMAP is not really generic in this regard). So as I see it, only m68k WOULD need its own custom definition of iomem_is_ioport(). But as I understand it it doesn't because it uses the one from asm-generic/pci_iomap.h ?? I wasn't entirely sure how to deal with the address ranges for the generic implementation in asm-generic/io.h. It's marked with a TODO. Input appreciated. I removed the guard around define pci_iounmap in asm-generic/io.h. An alternative would be to have it be guarded by CONFIG_GENERIC_IOMAP and CONFIG_GENERIC_PCI_IOMAP, both. Without such a guard, there is no collision however, because generic pci_iounmap() from drivers/pci/iomap.c will only get pulled in when CONFIG_GENERIC_PCI_IOMAP is actually set. I cross-built this for a variety of architectures, including the usual suspects (s390, m68k). So far successfully. But let's see what Intel's robots say :O P. Original cover letter: Hi! So it seems that since ca. 2007 the PCI code has been scattered a bit. PCI's devres code, which is only ever used by users of the entire PCI-subsystem anyways, resides in lib/devres.c and is guarded by an ifdef PCI, just as the content of lib/pci_iomap.c is. It, thus, seems reasonable to move all of that. As I were at it, I moved as much of the devres-specific code from pci.c to devres.c, too. The only exceptions are four functions that are currently difficult to move. More information about that can be read here [1]. I noticed these scattered files while working on (new) PCI-specific devres functions. If we can get this here merged, I'll soon send another patch series that addresses some API-inconsistencies and could move the devres-part of the four remaining functions. I don't want to do that in this series as this here is only about moving code, whereas the next series would have to actually change API behavior. I successfully (cross-)built this for x86, x86_64, AARCH64 and ARM (allyesconfig). I booted a kernel with it on x86_64, with a Fedora desktop environment as payload. The OS came up fine I hope this is OK. If we can get it in, we'd soon have a very consistent PCI API again. Regards, P. Philipp Stanner (4): lib/pci_iomap.c: fix cleanup bug in pci_iounmap() lib: move pci_iomap.c to drivers/pci/ lib: move pci-specific devres code to drivers/pci/ PCI: Move devres code from pci.c to devres.c Documentation/driver-api/device-io.rst | 2 +- Documentation/driver-api/pci/pci.rst | 6 + MAINTAINERS | 1 - drivers/pci/Kconfig | 5 + drivers/pci/Makefile | 3 +- drivers/pci/devres.c | 450 +++++++++++++++++++++++++ lib/pci_iomap.c => drivers/pci/iomap.c | 5 +- drivers/pci/pci.c | 249 -------------- drivers/pci/pci.h | 24 ++ lib/Kconfig | 3 - lib/Makefile | 1 - lib/devres.c | 208 +----------- 12 files changed, 490 insertions(+), 467 deletions(-) create mode 100644 drivers/pci/devres.c rename lib/pci_iomap.c => drivers/pci/iomap.c (99%) -- 2.43.0

1 year, 7 months

3
12
0 0

[PATCH] HID: wacom: Do not register input devices until after hid_hw_start

by Gerecke, Jason

From: Jason Gerecke <killertofu(a)gmail.com> If a input device is opened before hid_hw_start is called, events may not be received from the hardware. In the case of USB-backed devices, for example, the hid_hw_start function is responsible for filling in the URB which is submitted when the input device is opened. If a device is opened prematurely, polling will never start because the device will not have been in the correct state to send the URB. Because the wacom driver registers its input devices before calling hid_hw_start, there is a window of time where a device can be opened and end up in an inoperable state. Some ARM-based Chromebooks in particular reliably trigger this bug. This commit splits the wacom_register_inputs function into two pieces. One which is responsible for setting up the allocated inputs (and runs prior to hid_hw_start so that devices are ready for any input events they may end up receiving) and another which only registers the devices (and runs after hid_hw_start to ensure devices can be immediately opened without issue). Note that the functions to initialize the LEDs and remotes are also moved after hid_hw_start to maintain their own dependency chains. Fixes: 7704ac937345 ("HID: wacom: implement generic HID handling for pen generic devices") Cc: stable(a)vger.kernel.org # v3.18+ Suggested-by: Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Signed-off-by: Jason Gerecke <jason.gerecke(a)wacom.com> --- drivers/hid/wacom_sys.c | 63 ++++++++++++++++++++++++++++------------- 1 file changed, 43 insertions(+), 20 deletions(-) diff --git a/drivers/hid/wacom_sys.c b/drivers/hid/wacom_sys.c index b613f11ed9498..2bc45b24075c3 100644 --- a/drivers/hid/wacom_sys.c +++ b/drivers/hid/wacom_sys.c @@ -2087,7 +2087,7 @@ static int wacom_allocate_inputs(struct wacom *wacom) return 0; } -static int wacom_register_inputs(struct wacom *wacom) +static int wacom_setup_inputs(struct wacom *wacom) { struct input_dev *pen_input_dev, *touch_input_dev, *pad_input_dev; struct wacom_wac *wacom_wac = &(wacom->wacom_wac); @@ -2106,10 +2106,6 @@ static int wacom_register_inputs(struct wacom *wacom) input_free_device(pen_input_dev); wacom_wac->pen_input = NULL; pen_input_dev = NULL; - } else { - error = input_register_device(pen_input_dev); - if (error) - goto fail; } error = wacom_setup_touch_input_capabilities(touch_input_dev, wacom_wac); @@ -2118,10 +2114,6 @@ static int wacom_register_inputs(struct wacom *wacom) input_free_device(touch_input_dev); wacom_wac->touch_input = NULL; touch_input_dev = NULL; - } else { - error = input_register_device(touch_input_dev); - if (error) - goto fail; } error = wacom_setup_pad_input_capabilities(pad_input_dev, wacom_wac); @@ -2130,7 +2122,34 @@ static int wacom_register_inputs(struct wacom *wacom) input_free_device(pad_input_dev); wacom_wac->pad_input = NULL; pad_input_dev = NULL; - } else { + } + + return 0; +} + +static int wacom_register_inputs(struct wacom *wacom) +{ + struct input_dev *pen_input_dev, *touch_input_dev, *pad_input_dev; + struct wacom_wac *wacom_wac = &(wacom->wacom_wac); + int error = 0; + + pen_input_dev = wacom_wac->pen_input; + touch_input_dev = wacom_wac->touch_input; + pad_input_dev = wacom_wac->pad_input; + + if (pen_input_dev) { + error = input_register_device(pen_input_dev); + if (error) + goto fail; + } + + if (touch_input_dev) { + error = input_register_device(touch_input_dev); + if (error) + goto fail; + } + + if (pad_input_dev) { error = input_register_device(pad_input_dev); if (error) goto fail; @@ -2383,6 +2402,20 @@ static int wacom_parse_and_register(struct wacom *wacom, bool wireless) if (error) goto fail; + error = wacom_setup_inputs(wacom); + if (error) + goto fail; + + if (features->type == HID_GENERIC) + connect_mask |= HID_CONNECT_DRIVER; + + /* Regular HID work starts now */ + error = hid_hw_start(hdev, connect_mask); + if (error) { + hid_err(hdev, "hw start failed\n"); + goto fail; + } + error = wacom_register_inputs(wacom); if (error) goto fail; @@ -2397,16 +2430,6 @@ static int wacom_parse_and_register(struct wacom *wacom, bool wireless) goto fail; } - if (features->type == HID_GENERIC) - connect_mask |= HID_CONNECT_DRIVER; - - /* Regular HID work starts now */ - error = hid_hw_start(hdev, connect_mask); - if (error) { - hid_err(hdev, "hw start failed\n"); - goto fail; - } - if (!wireless) { /* Note that if query fails it is not a hard failure */ wacom_query_tablet_data(wacom); -- 2.43.0

1 year, 7 months

3
2
0 0

[PATCH] drm/amd/display: Increase frame-larger-than for all display_mode_vba files

by Nathan Chancellor

After a recent change in LLVM, allmodconfig (which has CONFIG_KCSAN=y and CONFIG_WERROR=y enabled) has a few new instances of -Wframe-larger-than for the mode support and system configuration functions: drivers/gpu/drm/amd/amdgpu/../display/dc/dml/dcn20/display_mode_vba_20v2.c:3393:6: error: stack frame size (2144) exceeds limit (2048) in 'dml20v2_ModeSupportAndSystemConfigurationFull' [-Werror,-Wframe-larger-than] 3393 | void dml20v2_ModeSupportAndSystemConfigurationFull(struct display_mode_lib *mode_lib) | ^ 1 error generated. drivers/gpu/drm/amd/amdgpu/../display/dc/dml/dcn21/display_mode_vba_21.c:3520:6: error: stack frame size (2192) exceeds limit (2048) in 'dml21_ModeSupportAndSystemConfigurationFull' [-Werror,-Wframe-larger-than] 3520 | void dml21_ModeSupportAndSystemConfigurationFull(struct display_mode_lib *mode_lib) | ^ 1 error generated. drivers/gpu/drm/amd/amdgpu/../display/dc/dml/dcn20/display_mode_vba_20.c:3286:6: error: stack frame size (2128) exceeds limit (2048) in 'dml20_ModeSupportAndSystemConfigurationFull' [-Werror,-Wframe-larger-than] 3286 | void dml20_ModeSupportAndSystemConfigurationFull(struct display_mode_lib *mode_lib) | ^ 1 error generated. Without the sanitizers enabled, there are no warnings. This was the catalyst for commit 6740ec97bcdb ("drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml2") and that same change was made to dml in commit 5b750b22530f ("drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml") but the frame_warn_flag variable was not applied to all files. Do so now to clear up the warnings and make all these files consistent. Cc: stable(a)vger.kernel.org Closes: https://github.com/ClangBuiltLinux/linux/issue/1990 Signed-off-by: Nathan Chancellor <nathan(a)kernel.org> --- drivers/gpu/drm/amd/display/dc/dml/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/amd/display/dc/dml/Makefile b/drivers/gpu/drm/amd/display/dc/dml/Makefile index 6042a5a6a44f..59ade76ffb18 100644 --- a/drivers/gpu/drm/amd/display/dc/dml/Makefile +++ b/drivers/gpu/drm/amd/display/dc/dml/Makefile @@ -72,11 +72,11 @@ CFLAGS_$(AMDDALPATH)/dc/dml/display_mode_lib.o := $(dml_ccflags) CFLAGS_$(AMDDALPATH)/dc/dml/display_mode_vba.o := $(dml_ccflags) CFLAGS_$(AMDDALPATH)/dc/dml/dcn10/dcn10_fpu.o := $(dml_ccflags) CFLAGS_$(AMDDALPATH)/dc/dml/dcn20/dcn20_fpu.o := $(dml_ccflags) -CFLAGS_$(AMDDALPATH)/dc/dml/dcn20/display_mode_vba_20.o := $(dml_ccflags) +CFLAGS_$(AMDDALPATH)/dc/dml/dcn20/display_mode_vba_20.o := $(dml_ccflags) $(frame_warn_flag) CFLAGS_$(AMDDALPATH)/dc/dml/dcn20/display_rq_dlg_calc_20.o := $(dml_ccflags) -CFLAGS_$(AMDDALPATH)/dc/dml/dcn20/display_mode_vba_20v2.o := $(dml_ccflags) +CFLAGS_$(AMDDALPATH)/dc/dml/dcn20/display_mode_vba_20v2.o := $(dml_ccflags) $(frame_warn_flag) CFLAGS_$(AMDDALPATH)/dc/dml/dcn20/display_rq_dlg_calc_20v2.o := $(dml_ccflags) -CFLAGS_$(AMDDALPATH)/dc/dml/dcn21/display_mode_vba_21.o := $(dml_ccflags) +CFLAGS_$(AMDDALPATH)/dc/dml/dcn21/display_mode_vba_21.o := $(dml_ccflags) $(frame_warn_flag) CFLAGS_$(AMDDALPATH)/dc/dml/dcn21/display_rq_dlg_calc_21.o := $(dml_ccflags) CFLAGS_$(AMDDALPATH)/dc/dml/dcn30/display_mode_vba_30.o := $(dml_ccflags) $(frame_warn_flag) CFLAGS_$(AMDDALPATH)/dc/dml/dcn30/display_rq_dlg_calc_30.o := $(dml_ccflags) --- base-commit: 6813cdca4ab94a238f8eb0cef3d3f3fcbdfb0ee0 change-id: 20240205-amdgpu-raise-flt-for-dml-vba-files-ee5b5a9c5e43 Best regards, -- Nathan Chancellor <nathan(a)kernel.org>

1 year, 7 months

2
1
0 0

[PATCH] ASoC: amd: yc: Add DMI quirk for Lenovo Ideapad Pro 5 16ARP8

by Mario Limonciello

The laptop requires a quirk ID to enable its internal microphone. Add it to the DMI quirk table. Reported-by: Stanislav Petrov <stanislav.i.petrov(a)gmail.com> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=216925 Cc: stable(a)vger.kernel.org Signed-off-by: Mario Limonciello <mario.limonciello(a)amd.com> --- sound/soc/amd/yc/acp6x-mach.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/sound/soc/amd/yc/acp6x-mach.c b/sound/soc/amd/yc/acp6x-mach.c index 23d44a50d815..80ad60d485ea 100644 --- a/sound/soc/amd/yc/acp6x-mach.c +++ b/sound/soc/amd/yc/acp6x-mach.c @@ -248,6 +248,13 @@ static const struct dmi_system_id yc_acp_quirk_table[] = { DMI_MATCH(DMI_PRODUCT_NAME, "82YM"), } }, + { + .driver_data = &acp6x_card, + .matches = { + DMI_MATCH(DMI_BOARD_VENDOR, "LENOVO"), + DMI_MATCH(DMI_PRODUCT_NAME, "83AS"), + } + }, { .driver_data = &acp6x_card, .matches = { -- 2.34.1

1 year, 7 months

2
1
0 0

Re: [PATCH V3] lockdep: fix deadlock issue between lockdep and rcu

by Carlos Llamas

On Fri, Feb 02, 2024 at 04:14:36PM +0800, Zhiguo Niu wrote: > There is a deadlock scenario between lockdep and rcu when > rcu nocb feature is enabled, just as following call stack: > > rcuop/x > -000|queued_spin_lock_slowpath(lock = 0xFFFFFF817F2A8A80, val = ?) > -001|queued_spin_lock(inline) // try to hold nocb_gp_lock > -001|do_raw_spin_lock(lock = 0xFFFFFF817F2A8A80) > -002|__raw_spin_lock_irqsave(inline) > -002|_raw_spin_lock_irqsave(lock = 0xFFFFFF817F2A8A80) > -003|wake_nocb_gp_defer(inline) > -003|__call_rcu_nocb_wake(rdp = 0xFFFFFF817F30B680) > -004|__call_rcu_common(inline) > -004|call_rcu(head = 0xFFFFFFC082EECC28, func = ?) > -005|call_rcu_zapped(inline) > -005|free_zapped_rcu(ch = ?)// hold graph lock > -006|rcu_do_batch(rdp = 0xFFFFFF817F245680) > -007|nocb_cb_wait(inline) > -007|rcu_nocb_cb_kthread(arg = 0xFFFFFF817F245680) > -008|kthread(_create = 0xFFFFFF80803122C0) > -009|ret_from_fork(asm) > > rcuop/y > -000|queued_spin_lock_slowpath(lock = 0xFFFFFFC08291BBC8, val = 0) > -001|queued_spin_lock() > -001|lockdep_lock() > -001|graph_lock() // try to hold graph lock > -002|lookup_chain_cache_add() > -002|validate_chain() > -003|lock_acquire > -004|_raw_spin_lock_irqsave(lock = 0xFFFFFF817F211D80) > -005|lock_timer_base(inline) > -006|mod_timer(inline) > -006|wake_nocb_gp_defer(inline)// hold nocb_gp_lock > -006|__call_rcu_nocb_wake(rdp = 0xFFFFFF817F2A8680) > -007|__call_rcu_common(inline) > -007|call_rcu(head = 0xFFFFFFC0822E0B58, func = ?) > -008|call_rcu_hurry(inline) > -008|rcu_sync_call(inline) > -008|rcu_sync_func(rhp = 0xFFFFFFC0822E0B58) > -009|rcu_do_batch(rdp = 0xFFFFFF817F266680) > -010|nocb_cb_wait(inline) > -010|rcu_nocb_cb_kthread(arg = 0xFFFFFF817F266680) > -011|kthread(_create = 0xFFFFFF8080363740) > -012|ret_from_fork(asm) > > rcuop/x and rcuop/y are rcu nocb threads with the same nocb gp thread. > This patch release the graph lock before lockdep call_rcu. > > Fixes: a0b0fd53e1e6 ("locking/lockdep: Free lock classes that are no longer in use") > Cc: <stable(a)vger.kernel.org> > Cc: Boqun Feng <boqun.feng(a)gmail.com> > Cc: Waiman Long <longman(a)redhat.com> > Cc: Carlos Llamas <cmllamas(a)google.com> > Cc: Bart Van Assche <bvanassche(a)acm.org> > Signed-off-by: Zhiguo Niu <zhiguo.niu(a)unisoc.com> > Signed-off-by: Xuewen Yan <xuewen.yan(a)unisoc.com> > --- > changes of v3: correct code comments and add Cc tag. > changes of v2: update patch according to Boqun's suggestions. > --- It seems v3 should have collected the review tags from Boqun and Waiman. Also, I'm actually Cc'ing stable here. I hope that is enough. FWIW, this looks fine to me. Reviewed-by: Carlos Llamas <cmllamas(a)google.com> Thanks

1 year, 7 months

3
3
0 0

[PATCH] usb: cdnsp: blocked some cdns3 specific code

by Pawel Laszczak

host.c file has some parts of code that were introduced for CDNS3 driver and should not be used with CDNSP driver. This patch blocks using these parts of codes by CDNSP driver. These elements include: - xhci_plat_cdns3_xhci object - cdns3 specific XECP_PORT_CAP_REG register - cdns3 specific XECP_AUX_CTRL_REG1 register cc: <stable(a)vger.kernel.org> Fixes: 3d82904559f4 ("usb: cdnsp: cdns3 Add main part of Cadence USBSSP DRD Driver") Signed-off-by: Pawel Laszczak <pawell(a)cadence.com> --- drivers/usb/cdns3/host.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/drivers/usb/cdns3/host.c b/drivers/usb/cdns3/host.c index 6164fc4c96a4..ceca4d839dfd 100644 --- a/drivers/usb/cdns3/host.c +++ b/drivers/usb/cdns3/host.c @@ -18,6 +18,11 @@ #include "../host/xhci.h" #include "../host/xhci-plat.h" +/* + * The XECP_PORT_CAP_REG and XECP_AUX_CTRL_REG1 exist only + * in Cadence USB3 dual-role controller, so it can't be used + * with Cadence CDNSP dual-role controller. + */ #define XECP_PORT_CAP_REG 0x8000 #define XECP_AUX_CTRL_REG1 0x8120 @@ -57,6 +62,8 @@ static const struct xhci_plat_priv xhci_plat_cdns3_xhci = { .resume_quirk = xhci_cdns3_resume_quirk, }; +static const struct xhci_plat_priv xhci_plat_cdnsp_xhci; + static int __cdns_host_init(struct cdns *cdns) { struct platform_device *xhci; @@ -81,8 +88,13 @@ static int __cdns_host_init(struct cdns *cdns) goto err1; } - cdns->xhci_plat_data = kmemdup(&xhci_plat_cdns3_xhci, - sizeof(struct xhci_plat_priv), GFP_KERNEL); + if (cdns->version < CDNSP_CONTROLLER_V2) + cdns->xhci_plat_data = kmemdup(&xhci_plat_cdns3_xhci, + sizeof(struct xhci_plat_priv), GFP_KERNEL); + else + cdns->xhci_plat_data = kmemdup(&xhci_plat_cdnsp_xhci, + sizeof(struct xhci_plat_priv), GFP_KERNEL); + if (!cdns->xhci_plat_data) { ret = -ENOMEM; goto err1; -- 2.37.2

1 year, 7 months

1
0
0 0

[tip: timers/urgent] hrtimer: Report offline hrtimer enqueue

by tip-bot2 for Frederic Weisbecker

The following commit has been merged into the timers/urgent branch of tip: Commit-ID: dad6a09f3148257ac1773cd90934d721d68ab595 Gitweb: https://git.kernel.org/tip/dad6a09f3148257ac1773cd90934d721d68ab595 Author: Frederic Weisbecker <frederic(a)kernel.org> AuthorDate: Mon, 29 Jan 2024 15:56:36 -08:00 Committer: Thomas Gleixner <tglx(a)linutronix.de> CommitterDate: Tue, 06 Feb 2024 10:56:35 +01:00 hrtimer: Report offline hrtimer enqueue The hrtimers migration on CPU-down hotplug process has been moved earlier, before the CPU actually goes to die. This leaves a small window of opportunity to queue an hrtimer in a blind spot, leaving it ignored. For example a practical case has been reported with RCU waking up a SCHED_FIFO task right before the CPUHP_AP_IDLE_DEAD stage, queuing that way a sched/rt timer to the local offline CPU. Make sure such situations never go unnoticed and warn when that happens. Fixes: 5c0930ccaad5 ("hrtimers: Push pending hrtimers away from outgoing CPU earlier") Reported-by: Paul E. McKenney <paulmck(a)kernel.org> Signed-off-by: Frederic Weisbecker <frederic(a)kernel.org> Signed-off-by: Paul E. McKenney <paulmck(a)kernel.org> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/20240129235646.3171983-4-boqun.feng@gmail.com --- include/linux/hrtimer.h | 4 +++- kernel/time/hrtimer.c | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/include/linux/hrtimer.h b/include/linux/hrtimer.h index 87e3bed..641c456 100644 --- a/include/linux/hrtimer.h +++ b/include/linux/hrtimer.h @@ -157,6 +157,7 @@ enum hrtimer_base_type { * @max_hang_time: Maximum time spent in hrtimer_interrupt * @softirq_expiry_lock: Lock which is taken while softirq based hrtimer are * expired + * @online: CPU is online from an hrtimers point of view * @timer_waiters: A hrtimer_cancel() invocation waits for the timer * callback to finish. * @expires_next: absolute time of the next event, is required for remote @@ -179,7 +180,8 @@ struct hrtimer_cpu_base { unsigned int hres_active : 1, in_hrtirq : 1, hang_detected : 1, - softirq_activated : 1; + softirq_activated : 1, + online : 1; #ifdef CONFIG_HIGH_RES_TIMERS unsigned int nr_events; unsigned short nr_retries; diff --git a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c index 7607939..edb0f82 100644 --- a/kernel/time/hrtimer.c +++ b/kernel/time/hrtimer.c @@ -1085,6 +1085,7 @@ static int enqueue_hrtimer(struct hrtimer *timer, enum hrtimer_mode mode) { debug_activate(timer, mode); + WARN_ON_ONCE(!base->cpu_base->online); base->cpu_base->active_bases |= 1 << base->index; @@ -2183,6 +2184,7 @@ int hrtimers_prepare_cpu(unsigned int cpu) cpu_base->softirq_next_timer = NULL; cpu_base->expires_next = KTIME_MAX; cpu_base->softirq_expires_next = KTIME_MAX; + cpu_base->online = 1; hrtimer_cpu_base_init_expiry_lock(cpu_base); return 0; } @@ -2250,6 +2252,7 @@ int hrtimers_cpu_dying(unsigned int dying_cpu) smp_call_function_single(ncpu, retrigger_next_event, NULL, 0); raw_spin_unlock(&new_base->lock); + old_base->online = 0; raw_spin_unlock(&old_base->lock); return 0;

1 year, 7 months

1
0
0 0

[PATCH net] s390/qeth: Fix potential loss of L3-IP@ in case of network issues

by Alexandra Winter

Symptom: In case of a bad cable connection (e.g. dirty optics) a fast sequence of network DOWN-UP-DOWN-UP could happen. UP triggers recovery of the qeth interface. In case of a second DOWN while recovery is still ongoing, it can happen that the IP@ of a Layer3 qeth interface is lost and will not be recovered by the second UP. Problem: When registration of IP addresses with Layer 3 qeth devices fails, (e.g. because of bad address format) the respective IP address is deleted from its hash-table in the driver. If registration fails because of a ENETDOWN condition, the address should stay in the hashtable, so a subsequent recovery can restore it. 3caa4af834df ("qeth: keep ip-address after LAN_OFFLINE failure") fixes this for registration failures during normal operation, but not during recovery. Solution: Keep L3-IP address in case of ENETDOWN in qeth_l3_recover_ip(). For consistency with qeth_l3_add_ip() we also keep it in case of EADDRINUSE, i.e. for some reason the card already/still has this address registered. Fixes: 4a71df50047f ("qeth: new qeth device driver") Cc: stable(a)vger.kernel.org Signed-off-by: Alexandra Winter <wintera(a)linux.ibm.com> --- drivers/s390/net/qeth_l3_main.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/drivers/s390/net/qeth_l3_main.c b/drivers/s390/net/qeth_l3_main.c index b92a32b4b114..04c64ce0a1ca 100644 --- a/drivers/s390/net/qeth_l3_main.c +++ b/drivers/s390/net/qeth_l3_main.c @@ -255,9 +255,10 @@ static void qeth_l3_clear_ip_htable(struct qeth_card *card, int recover) if (!recover) { hash_del(&addr->hnode); kfree(addr); - continue; + } else { + /* prepare for recovery */ + addr->disp_flag = QETH_DISP_ADDR_ADD; } - addr->disp_flag = QETH_DISP_ADDR_ADD; } mutex_unlock(&card->ip_lock); @@ -278,9 +279,11 @@ static void qeth_l3_recover_ip(struct qeth_card *card) if (addr->disp_flag == QETH_DISP_ADDR_ADD) { rc = qeth_l3_register_addr_entry(card, addr); - if (!rc) { + if (!rc || rc == -EADDRINUSE || rc == -ENETDOWN) { + /* keep it in the records */ addr->disp_flag = QETH_DISP_ADDR_DO_NOTHING; } else { + /* bad address */ hash_del(&addr->hnode); kfree(addr); } -- 2.40.1

1 year, 7 months

1
0
0 0

[PATCH V3 2/2] net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio

by Sinthu Raja

From: Sinthu Raja <sinthu.raja(a)ti.com> The below commit introduced a WARN when phy state is not in the states: PHY_HALTED, PHY_READY and PHY_UP. commit 744d23c71af3 ("net: phy: Warn about incorrect mdio_bus_phy_resume() state") When cpsw resumes, there have port in PHY_NOLINK state, so the below warning comes out. Set mac_managed_pm be true to tell mdio that the phy resume/suspend is managed by the mac, to fix the following warning: WARNING: CPU: 0 PID: 965 at drivers/net/phy/phy_device.c:326 mdio_bus_phy_resume+0x140/0x144 CPU: 0 PID: 965 Comm: sh Tainted: G O 6.1.46-g247b2535b2 #1 Hardware name: Generic AM33XX (Flattened Device Tree) unwind_backtrace from show_stack+0x18/0x1c show_stack from dump_stack_lvl+0x24/0x2c dump_stack_lvl from __warn+0x84/0x15c __warn from warn_slowpath_fmt+0x1a8/0x1c8 warn_slowpath_fmt from mdio_bus_phy_resume+0x140/0x144 mdio_bus_phy_resume from dpm_run_callback+0x3c/0x140 dpm_run_callback from device_resume+0xb8/0x2b8 device_resume from dpm_resume+0x144/0x314 dpm_resume from dpm_resume_end+0x14/0x20 dpm_resume_end from suspend_devices_and_enter+0xd0/0x924 suspend_devices_and_enter from pm_suspend+0x2e0/0x33c pm_suspend from state_store+0x74/0xd0 state_store from kernfs_fop_write_iter+0x104/0x1ec kernfs_fop_write_iter from vfs_write+0x1b8/0x358 vfs_write from ksys_write+0x78/0xf8 ksys_write from ret_fast_syscall+0x0/0x54 Exception stack(0xe094dfa8 to 0xe094dff0) dfa0: 00000004 005c3fb8 00000001 005c3fb8 00000004 00000001 dfc0: 00000004 005c3fb8 b6f6bba0 00000004 00000004 0059edb8 00000000 00000000 dfe0: 00000004 bed918f0 b6f09bd3 b6e89a66 Cc: <stable(a)vger.kernel.org> # v6.0+ Fixes: 744d23c71af3 ("net: phy: Warn about incorrect mdio_bus_phy_resume() state") Signed-off-by: Sinthu Raja <sinthu.raja(a)ti.com> --- drivers/net/ethernet/ti/cpsw.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/net/ethernet/ti/cpsw.c b/drivers/net/ethernet/ti/cpsw.c index ea85c6dd5484..c0a5abd8d9a8 100644 --- a/drivers/net/ethernet/ti/cpsw.c +++ b/drivers/net/ethernet/ti/cpsw.c @@ -631,6 +631,8 @@ static void cpsw_slave_open(struct cpsw_slave *slave, struct cpsw_priv *priv) } } + phy->mac_managed_pm = true; + slave->phy = phy; phy_attached_info(slave->phy); -- 2.36.1

1 year, 7 months

1
0
0 0

+ fat-fix-uninitialized-field-in-nostale-filehandles.patch added to mm-nonmm-unstable branch

by Andrew Morton

The patch titled Subject: fat: Fix uninitialized field in nostale filehandles has been added to the -mm mm-nonmm-unstable branch. Its filename is fat-fix-uninitialized-field-in-nostale-filehandles.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-nonmm-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Jan Kara <jack(a)suse.cz> Subject: fat: Fix uninitialized field in nostale filehandles Date: Mon, 5 Feb 2024 13:26:26 +0100 When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must be a multiple of 4 so the file handle is actually 12 bytes long and the last two bytes remain uninitialized. This is not great at we potentially leak uninitialized information with the handle to userspace. Properly initialize the full handle length. Link: https://lkml.kernel.org/r/20240205122626.13701-1-jack@suse.cz Reported-by: syzbot+3ce5dea5b1539ff36769(a)syzkaller.appspotmail.com Fixes: ea3983ace6b7 ("fat: restructure export_operations") Signed-off-by: Jan Kara <jack(a)suse.cz> Acked-by: OGAWA Hirofumi <hirofumi(a)mail.parknet.co.jp> Cc: Amir Goldstein <amir73il(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/fat/nfs.c | 6 ++++++ 1 file changed, 6 insertions(+) --- a/fs/fat/nfs.c~fat-fix-uninitialized-field-in-nostale-filehandles +++ a/fs/fat/nfs.c @@ -130,6 +130,12 @@ fat_encode_fh_nostale(struct inode *inod fid->parent_i_gen = parent->i_generation; type = FILEID_FAT_WITH_PARENT; *lenp = FAT_FID_SIZE_WITH_PARENT; + } else { + /* + * We need to initialize this field because the fh is actually + * 12 bytes long + */ + fid->parent_i_pos_hi = 0; } return type; _ Patches currently in -mm which might be from jack(a)suse.cz are fat-fix-uninitialized-field-in-nostale-filehandles.patch

1 year, 7 months

1
0
0 0

+ selftests-mm-uffd-unit-test-check-if-huge-page-size-is-0.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: selftests/mm: uffd-unit-test check if huge page size is 0 has been added to the -mm mm-hotfixes-unstable branch. Its filename is selftests-mm-uffd-unit-test-check-if-huge-page-size-is-0.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Terry Tritton <terry.tritton(a)linaro.org> Subject: selftests/mm: uffd-unit-test check if huge page size is 0 Date: Mon, 5 Feb 2024 14:50:56 +0000 If HUGETLBFS is not enabled then the default_huge_page_size function will return 0 and cause a divide by 0 error. Add a check to see if the huge page size is 0 and skip the hugetlb tests if it is. Link: https://lkml.kernel.org/r/20240205145055.3545806-2-terry.tritton@linaro.org Fixes: 16a45b57cbf2 ("selftests/mm: add framework for uffd-unit-test") Signed-off-by: Terry Tritton <terry.tritton(a)linaro.org> Cc: Peter Griffin <peter.griffin(a)linaro.org> Cc: Shuah Khan <shuah(a)kernel.org> Cc: Peter Xu <peterx(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- tools/testing/selftests/mm/uffd-unit-tests.c | 6 ++++++ 1 file changed, 6 insertions(+) --- a/tools/testing/selftests/mm/uffd-unit-tests.c~selftests-mm-uffd-unit-test-check-if-huge-page-size-is-0 +++ a/tools/testing/selftests/mm/uffd-unit-tests.c @@ -1517,6 +1517,12 @@ int main(int argc, char *argv[]) continue; uffd_test_start("%s on %s", test->name, mem_type->name); + if ((mem_type->mem_flag == MEM_HUGETLB || + mem_type->mem_flag == MEM_HUGETLB_PRIVATE) && + (default_huge_page_size() == 0)) { + uffd_test_skip("huge page size is 0, feature missing?"); + continue; + } if (!uffd_feature_supported(test)) { uffd_test_skip("feature missing"); continue; _ Patches currently in -mm which might be from terry.tritton(a)linaro.org are selftests-mm-uffd-unit-test-check-if-huge-page-size-is-0.patch

1 year, 7 months

1
0
0 0

+ mm-damon-core-check-apply-interval-in-damon_do_apply_schemes.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/damon/core: check apply interval in damon_do_apply_schemes() has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-damon-core-check-apply-interval-in-damon_do_apply_schemes.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: SeongJae Park <sj(a)kernel.org> Subject: mm/damon/core: check apply interval in damon_do_apply_schemes() Date: Mon, 5 Feb 2024 12:13:06 -0800 kdamond_apply_schemes() checks apply intervals of schemes and avoid further applying any schemes if no scheme passed its apply interval. However, the following schemes applying function, damon_do_apply_schemes() iterates all schemes without the apply interval check. As a result, the shortest apply interval is applied to all schemes. Fix the problem by checking the apply interval in damon_do_apply_schemes(). Link: https://lkml.kernel.org/r/20240205201306.88562-1-sj@kernel.org Fixes: 42f994b71404 ("mm/damon/core: implement scheme-specific apply interval") Signed-off-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> [6.7.x] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/damon/core.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) --- a/mm/damon/core.c~mm-damon-core-check-apply-interval-in-damon_do_apply_schemes +++ a/mm/damon/core.c @@ -1026,6 +1026,9 @@ static void damon_do_apply_schemes(struc damon_for_each_scheme(s, c) { struct damos_quota *quota = &s->quota; + if (c->passed_sample_intervals != s->next_apply_sis) + continue; + if (!s->wmarks.activated) continue; @@ -1176,10 +1179,6 @@ static void kdamond_apply_schemes(struct if (c->passed_sample_intervals != s->next_apply_sis) continue; - s->next_apply_sis += - (s->apply_interval_us ? s->apply_interval_us : - c->attrs.aggr_interval) / sample_interval; - if (!s->wmarks.activated) continue; @@ -1195,6 +1194,14 @@ static void kdamond_apply_schemes(struct damon_for_each_region_safe(r, next_r, t) damon_do_apply_schemes(c, t, r); } + + damon_for_each_scheme(s, c) { + if (c->passed_sample_intervals != s->next_apply_sis) + continue; + s->next_apply_sis += + (s->apply_interval_us ? s->apply_interval_us : + c->attrs.aggr_interval) / sample_interval; + } } /* _ Patches currently in -mm which might be from sj(a)kernel.org are mm-damon-sysfs-schemes-fix-wrong-damos-tried-regions-update-timeout-setup.patch mm-damon-core-check-apply-interval-in-damon_do_apply_schemes.patch docs-admin-guide-mm-damon-usage-use-sysfs-interface-for-tracepoints-example.patch mm-damon-rename-config_damon_dbgfs-to-damon_dbgfs_deprecated.patch mm-damon-dbgfs-implement-deprecation-notice-file.patch mm-damon-dbgfs-make-debugfs-interface-deprecation-message-a-macro.patch docs-admin-guide-mm-damon-usage-document-deprecated-file-of-damon-debugfs-interface.patch selftets-damon-prepare-for-monitor_on-file-renaming.patch mm-damon-dbgfs-rename-monitor_on-file-to-monitor_on_deprecated.patch docs-admin-guide-mm-damon-usage-update-for-monitor_on-renaming.patch docs-translations-damon-usage-update-for-monitor_on-renaming.patch

1 year, 7 months

1
0
0 0

Linux 6.7.4

by Greg Kroah-Hartman

I'm announcing the release of the 6.7.4 kernel. All users of the 6.7 kernel series must upgrade. The updated 6.7.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.7.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-class-net-queues | 22 Documentation/sound/soc/dapm.rst | 2 Makefile | 2 arch/alpha/kernel/asm-offsets.c | 2 arch/arm/boot/dts/intel/ixp/intel-ixp42x-usrobotics-usr8200.dts | 22 arch/arm/boot/dts/marvell/armada-370-rd.dts | 24 arch/arm/boot/dts/marvell/armada-381-netgear-gs110emx.dts | 44 - arch/arm/boot/dts/marvell/armada-385-clearfog-gtr-l8.dts | 38 - arch/arm/boot/dts/marvell/armada-385-clearfog-gtr-s4.dts | 22 arch/arm/boot/dts/marvell/armada-385-linksys.dtsi | 18 arch/arm/boot/dts/marvell/armada-385-turris-omnia.dts | 20 arch/arm/boot/dts/marvell/armada-388-clearfog.dts | 20 arch/arm/boot/dts/marvell/armada-xp-linksys-mamba.dts | 18 arch/arm/boot/dts/nxp/imx/imx1-ads.dts | 2 arch/arm/boot/dts/nxp/imx/imx1-apf9328.dts | 2 arch/arm/boot/dts/nxp/imx/imx1.dtsi | 5 arch/arm/boot/dts/nxp/imx/imx25-eukrea-cpuimx25.dtsi | 2 arch/arm/boot/dts/nxp/imx/imx25-eukrea-mbimxsd25-baseboard-cmo-qvga.dts | 2 arch/arm/boot/dts/nxp/imx/imx25-eukrea-mbimxsd25-baseboard-dvi-svga.dts | 2 arch/arm/boot/dts/nxp/imx/imx25-eukrea-mbimxsd25-baseboard-dvi-vga.dts | 2 arch/arm/boot/dts/nxp/imx/imx25-pdk.dts | 2 arch/arm/boot/dts/nxp/imx/imx25.dtsi | 2 arch/arm/boot/dts/nxp/imx/imx27-apf27dev.dts | 4 arch/arm/boot/dts/nxp/imx/imx27-eukrea-cpuimx27.dtsi | 4 arch/arm/boot/dts/nxp/imx/imx27-eukrea-mbimxsd27-baseboard.dts | 2 arch/arm/boot/dts/nxp/imx/imx27-phytec-phycard-s-rdk.dts | 2 arch/arm/boot/dts/nxp/imx/imx27-phytec-phycore-rdk.dts | 2 arch/arm/boot/dts/nxp/imx/imx27-phytec-phycore-som.dtsi | 2 arch/arm/boot/dts/nxp/imx/imx27.dtsi | 3 arch/arm/boot/dts/nxp/imx/imx7d.dtsi | 3 arch/arm/boot/dts/nxp/imx/imx7s.dtsi | 10 arch/arm/boot/dts/nxp/mxs/imx23-sansa.dts | 12 arch/arm/boot/dts/nxp/mxs/imx23.dtsi | 2 arch/arm/boot/dts/nxp/mxs/imx28.dtsi | 2 arch/arm/boot/dts/qcom/pm8226.dtsi | 180 +++++++ arch/arm/boot/dts/qcom/pm8841.dtsi | 68 ++ arch/arm/boot/dts/qcom/pm8941.dtsi | 254 ++++++++++ arch/arm/boot/dts/qcom/pma8084.dtsi | 99 +++ arch/arm/boot/dts/qcom/pmx55.dtsi | 85 +++ arch/arm/boot/dts/qcom/pmx65.dtsi | 33 + arch/arm/boot/dts/qcom/qcom-apq8026-asus-sparrow.dts | 2 arch/arm/boot/dts/qcom/qcom-apq8026-huawei-sturgeon.dts | 2 arch/arm/boot/dts/qcom/qcom-apq8026-lg-lenok.dts | 2 arch/arm/boot/dts/qcom/qcom-apq8026-samsung-matisse-wifi.dts | 2 arch/arm/boot/dts/qcom/qcom-apq8060-dragonboard.dts | 4 arch/arm/boot/dts/qcom/qcom-apq8074-dragonboard.dts | 4 arch/arm/boot/dts/qcom/qcom-apq8084-ifc6540.dts | 2 arch/arm/boot/dts/qcom/qcom-apq8084-mtp.dts | 2 arch/arm/boot/dts/qcom/qcom-mdm9615-wp8548.dtsi | 2 arch/arm/boot/dts/qcom/qcom-mdm9615.dtsi | 14 arch/arm/boot/dts/qcom/qcom-msm8660.dtsi | 16 arch/arm/boot/dts/qcom/qcom-msm8974-lge-nexus5-hammerhead.dts | 4 arch/arm/boot/dts/qcom/qcom-msm8974-sony-xperia-rhine.dtsi | 4 arch/arm/boot/dts/qcom/qcom-msm8974pro-fairphone-fp2.dts | 4 arch/arm/boot/dts/qcom/qcom-msm8974pro-oneplus-bacon.dts | 4 arch/arm/boot/dts/qcom/qcom-msm8974pro-samsung-klte.dts | 2 arch/arm/boot/dts/qcom/qcom-msm8974pro-sony-xperia-shinano-castor.dts | 4 arch/arm/boot/dts/qcom/qcom-pm8226.dtsi | 180 ------- arch/arm/boot/dts/qcom/qcom-pm8841.dtsi | 68 -- arch/arm/boot/dts/qcom/qcom-pm8941.dtsi | 254 ---------- arch/arm/boot/dts/qcom/qcom-pma8084.dtsi | 99 --- arch/arm/boot/dts/qcom/qcom-pmx55.dtsi | 85 --- arch/arm/boot/dts/qcom/qcom-pmx65.dtsi | 33 - arch/arm/boot/dts/qcom/qcom-sdx55-mtp.dts | 2 arch/arm/boot/dts/qcom/qcom-sdx55-t55.dts | 2 arch/arm/boot/dts/qcom/qcom-sdx55-telit-fn980-tlb.dts | 2 arch/arm/boot/dts/qcom/qcom-sdx65-mtp.dts | 2 arch/arm/boot/dts/rockchip/rk3036.dtsi | 14 arch/arm/boot/dts/samsung/exynos4.dtsi | 26 - arch/arm/boot/dts/samsung/exynos4x12.dtsi | 17 arch/arm/boot/dts/samsung/s5pv210.dtsi | 18 arch/arm/include/asm/irq_work.h | 2 arch/arm64/boot/dts/amlogic/meson-s4-s805x2-aq222.dts | 4 arch/arm64/boot/dts/amlogic/meson-s4.dtsi | 4 arch/arm64/boot/dts/marvell/armada-3720-espressobin-ultra.dts | 14 arch/arm64/boot/dts/marvell/armada-3720-espressobin.dtsi | 20 arch/arm64/boot/dts/marvell/armada-3720-gl-mv1000.dts | 20 arch/arm64/boot/dts/marvell/armada-3720-turris-mox.dts | 85 +-- arch/arm64/boot/dts/marvell/armada-7040-mochabin.dts | 24 arch/arm64/boot/dts/marvell/armada-8040-clearfog-gt-8k.dts | 22 arch/arm64/boot/dts/marvell/cn9130-crb.dtsi | 42 - arch/arm64/boot/dts/qcom/msm8996.dtsi | 21 arch/arm64/boot/dts/qcom/msm8998.dtsi | 32 - arch/arm64/boot/dts/qcom/sdm845.dtsi | 5 arch/arm64/boot/dts/qcom/sm8150.dtsi | 5 arch/arm64/boot/dts/qcom/sm8250.dtsi | 24 arch/arm64/boot/dts/qcom/sm8350.dtsi | 8 arch/arm64/boot/dts/qcom/sm8450.dtsi | 8 arch/arm64/boot/dts/qcom/sm8550.dtsi | 8 arch/arm64/boot/dts/sprd/ums512.dtsi | 3 arch/arm64/boot/dts/xilinx/zynqmp-sck-kv-g-revA.dtso | 40 - arch/arm64/boot/dts/xilinx/zynqmp-sck-kv-g-revB.dtso | 42 - arch/arm64/include/asm/irq_work.h | 2 arch/arm64/kernel/irq.c | 7 arch/csky/include/asm/irq_work.h | 2 arch/loongarch/kernel/asm-offsets.c | 26 - arch/powerpc/crypto/aes-gcm-p10-glue.c | 2 arch/powerpc/include/asm/irq_work.h | 1 arch/powerpc/include/asm/mmu.h | 4 arch/powerpc/include/asm/mmzone.h | 8 arch/powerpc/kernel/traps.c | 2 arch/powerpc/lib/sstep.c | 10 arch/powerpc/mm/book3s64/pgtable.c | 2 arch/powerpc/mm/init-common.c | 5 arch/powerpc/mm/mmu_decl.h | 5 arch/riscv/include/asm/irq_work.h | 2 arch/riscv/kernel/head.S | 1 arch/riscv/mm/init.c | 12 arch/s390/boot/ipl_parm.c | 2 arch/s390/boot/startup.c | 3 arch/s390/include/asm/irq_work.h | 2 arch/s390/kernel/ptrace.c | 6 arch/s390/kvm/kvm-s390.c | 5 arch/sparc/kernel/asm-offsets.c | 6 arch/um/drivers/net_kern.c | 2 arch/um/include/shared/kern_util.h | 2 arch/um/kernel/process.c | 2 arch/um/kernel/time.c | 32 + arch/um/os-Linux/helper.c | 6 arch/um/os-Linux/util.c | 19 arch/x86/boot/compressed/ident_map_64.c | 5 arch/x86/boot/compressed/idt_64.c | 1 arch/x86/boot/compressed/idt_handlers_64.S | 1 arch/x86/boot/compressed/misc.h | 1 arch/x86/include/asm/irq_work.h | 1 arch/x86/include/asm/kmsan.h | 17 arch/x86/kernel/cpu/mce/core.c | 16 block/bio.c | 2 block/blk-mq.c | 16 drivers/accel/habanalabs/common/device.c | 17 drivers/accel/habanalabs/common/habanalabs.h | 2 drivers/accel/habanalabs/common/habanalabs_drv.c | 3 drivers/accel/habanalabs/common/mmu/mmu.c | 1 drivers/accel/habanalabs/common/sysfs.c | 3 drivers/accel/habanalabs/gaudi2/gaudi2.c | 14 drivers/accel/habanalabs/include/hw_ip/pci/pci_general.h | 1 drivers/acpi/acpi_extlog.c | 5 drivers/acpi/acpi_video.c | 9 drivers/acpi/apei/ghes.c | 29 - drivers/acpi/numa/srat.c | 4 drivers/acpi/resource.c | 21 drivers/base/arch_numa.c | 2 drivers/block/rnbd/rnbd-srv.c | 19 drivers/bluetooth/hci_qca.c | 1 drivers/char/hw_random/jh7110-trng.c | 2 drivers/clk/hisilicon/clk-hi3620.c | 4 drivers/clk/imx/clk-imx8qxp.c | 24 drivers/clk/imx/clk-scu.c | 4 drivers/clk/mmp/clk-of-pxa168.c | 3 drivers/crypto/caam/caamalg_qi2.c | 7 drivers/crypto/caam/caamhash.c | 7 drivers/crypto/marvell/octeontx2/otx2_cptlf.c | 6 drivers/crypto/marvell/octeontx2/otx2_cptvf_main.c | 3 drivers/crypto/starfive/jh7110-cryp.c | 2 drivers/crypto/stm32/stm32-crc32.c | 2 drivers/devfreq/devfreq.c | 24 drivers/extcon/extcon.c | 3 drivers/gpu/drm/amd/amdgpu/aldebaran.c | 26 - drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c | 21 drivers/gpu/drm/amd/amdgpu/amdgpu_mca.c | 8 drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c | 31 + drivers/gpu/drm/amd/amdgpu/amdgpu_mes.h | 10 drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 13 drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_sync.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.c | 6 drivers/gpu/drm/amd/amdgpu/gfxhub_v1_0.c | 4 drivers/gpu/drm/amd/amdgpu/gfxhub_v1_2.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 5 drivers/gpu/drm/amd/amdgpu/gmc_v6_0.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 8 drivers/gpu/drm/amd/amdgpu/mmhub_v1_0.c | 4 drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 42 - drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 24 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 30 - drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 9 drivers/gpu/drm/amd/display/dc/clk_mgr/dcn314/dcn314_clk_mgr.c | 71 ++ drivers/gpu/drm/amd/display/dc/clk_mgr/dcn314/dcn314_clk_mgr.h | 11 drivers/gpu/drm/amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c | 8 drivers/gpu/drm/amd/display/dc/core/dc.c | 4 drivers/gpu/drm/amd/display/dc/dc_hw_types.h | 2 drivers/gpu/drm/amd/display/dc/dce/dce_audio.c | 2 drivers/gpu/drm/amd/display/dc/dce/dce_clock_source.c | 9 drivers/gpu/drm/amd/display/dc/dcn35/dcn35_dio_link_encoder.c | 5 drivers/gpu/drm/amd/display/dc/dml/dcn32/display_mode_vba_32.c | 3 drivers/gpu/drm/amd/display/dc/dml/dcn32/display_mode_vba_util_32.c | 33 + drivers/gpu/drm/amd/display/dc/dml/dcn32/display_mode_vba_util_32.h | 1 drivers/gpu/drm/amd/display/dc/dml2/display_mode_core.c | 2 drivers/gpu/drm/amd/display/dc/dml2/dml2_utils.c | 8 drivers/gpu/drm/amd/display/dc/hwss/dce110/dce110_hwseq.c | 5 drivers/gpu/drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c | 3 drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c | 23 drivers/gpu/drm/amd/display/dc/hwss/dcn31/dcn31_hwseq.c | 3 drivers/gpu/drm/amd/display/dc/hwss/dcn32/dcn32_hwseq.c | 25 drivers/gpu/drm/amd/display/dc/inc/hw/clk_mgr.h | 1 drivers/gpu/drm/amd/display/dc/inc/hw/dccg.h | 4 drivers/gpu/drm/amd/display/dc/link/link_dpms.c | 40 + drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_dpia_bw.c | 221 +++----- drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_dpia_bw.h | 4 drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_irq_handler.c | 12 drivers/gpu/drm/amd/display/include/audio_types.h | 2 drivers/gpu/drm/amd/display/modules/power/power_helpers.c | 2 drivers/gpu/drm/amd/include/amd_shared.h | 2 drivers/gpu/drm/amd/include/mes_v11_api_def.h | 3 drivers/gpu/drm/amd/pm/powerplay/hwmgr/process_pptables_v1_0.c | 2 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 17 drivers/gpu/drm/bridge/analogix/anx7625.c | 51 +- drivers/gpu/drm/bridge/analogix/anx7625.h | 4 drivers/gpu/drm/drm_file.c | 2 drivers/gpu/drm/drm_framebuffer.c | 2 drivers/gpu/drm/drm_mipi_dsi.c | 17 drivers/gpu/drm/exynos/exynos_drm_drv.c | 11 drivers/gpu/drm/msm/adreno/a6xx_gpu.c | 23 drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_7_0_sm8350.h | 18 drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_8_1_sm8450.h | 18 drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 6 drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys.h | 4 drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys_cmd.c | 32 - drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys_vid.c | 33 - drivers/gpu/drm/msm/disp/dpu1/dpu_hw_wb.c | 3 drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 1 drivers/gpu/drm/msm/dp/dp_display.c | 6 drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 drivers/gpu/drm/msm/msm_mdss.c | 2 drivers/gpu/drm/panel/panel-edp.c | 48 + drivers/hid/hidraw.c | 7 drivers/hwmon/hp-wmi-sensors.c | 127 ++++- drivers/hwmon/nct6775-core.c | 7 drivers/i2c/busses/i2c-rk3x.c | 8 drivers/i3c/master/i3c-master-cdns.c | 7 drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 7 drivers/leds/trigger/ledtrig-panic.c | 5 drivers/mailbox/arm_mhuv2.c | 3 drivers/md/md.c | 54 +- drivers/media/i2c/imx335.c | 4 drivers/media/i2c/ov2740.c | 17 drivers/media/pci/ddbridge/ddbridge-main.c | 2 drivers/media/platform/amphion/vpu.h | 3 drivers/media/platform/amphion/vpu_cmds.c | 28 - drivers/media/platform/amphion/vpu_v4l2.c | 1 drivers/media/platform/rockchip/rga/rga.c | 15 drivers/media/platform/rockchip/rkisp1/rkisp1-common.h | 11 drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c | 14 drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c | 35 + drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c | 20 drivers/media/platform/rockchip/rkisp1/rkisp1-resizer.c | 38 - drivers/media/usb/stk1160/stk1160-video.c | 5 drivers/media/usb/uvc/uvc_driver.c | 18 drivers/mfd/Kconfig | 1 drivers/misc/lis3lv02d/lis3lv02d_i2c.c | 1 drivers/net/bonding/bond_alb.c | 3 drivers/net/dsa/mt7530.c | 3 drivers/net/dsa/mv88e6xxx/chip.h | 4 drivers/net/dsa/mv88e6xxx/serdes.c | 10 drivers/net/dsa/mv88e6xxx/serdes.h | 8 drivers/net/dsa/qca/qca8k-8xxx.c | 24 drivers/net/ethernet/amd/pds_core/adminq.c | 64 +- drivers/net/ethernet/amd/pds_core/core.c | 46 + drivers/net/ethernet/amd/pds_core/core.h | 2 drivers/net/ethernet/amd/pds_core/debugfs.c | 4 drivers/net/ethernet/amd/pds_core/dev.c | 16 drivers/net/ethernet/amd/pds_core/devlink.c | 3 drivers/net/ethernet/amd/pds_core/fw.c | 3 drivers/net/ethernet/amd/pds_core/main.c | 26 - drivers/net/ethernet/aquantia/atlantic/aq_ptp.c | 28 - drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 61 -- drivers/net/ethernet/aquantia/atlantic/aq_ring.h | 22 drivers/net/ethernet/aquantia/atlantic/aq_vec.c | 23 drivers/net/ethernet/google/gve/gve_rx.c | 8 drivers/net/ethernet/intel/e1000/e1000_hw.c | 1 drivers/net/ethernet/intel/e1000e/e1000.h | 20 drivers/net/ethernet/intel/e1000e/ptp.c | 22 drivers/net/ethernet/intel/fm10k/fm10k_pf.c | 1 drivers/net/ethernet/intel/fm10k/fm10k_vf.c | 1 drivers/net/ethernet/intel/i40e/i40e_common.c | 1 drivers/net/ethernet/intel/i40e/i40e_dcb.c | 2 drivers/net/ethernet/intel/i40e/i40e_nvm.c | 1 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 32 + drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 drivers/net/ethernet/intel/iavf/iavf_common.c | 3 drivers/net/ethernet/intel/iavf/iavf_ethtool.c | 5 drivers/net/ethernet/intel/iavf/iavf_fdir.c | 1 drivers/net/ethernet/intel/iavf/iavf_txrx.c | 1 drivers/net/ethernet/intel/ice/ice_adminq_cmd.h | 18 drivers/net/ethernet/intel/ice/ice_lib.c | 7 drivers/net/ethernet/intel/ice/ice_virtchnl.c | 12 drivers/net/ethernet/intel/ice/ice_vsi_vlan_lib.c | 16 drivers/net/ethernet/intel/idpf/virtchnl2.h | 2 drivers/net/ethernet/intel/igb/e1000_i210.c | 4 drivers/net/ethernet/intel/igb/e1000_nvm.c | 4 drivers/net/ethernet/intel/igb/e1000_phy.c | 4 drivers/net/ethernet/intel/igbvf/netdev.c | 28 - drivers/net/ethernet/intel/igc/igc_i225.c | 1 drivers/net/ethernet/intel/igc/igc_phy.c | 1 drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c | 36 - drivers/net/ethernet/intel/ixgbe/ixgbe_82599.c | 61 +- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 145 ++--- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 42 - drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c | 34 - drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 1 drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 105 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_phy.h | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 43 - drivers/net/ethernet/intel/ixgbe/ixgbe_x540.c | 44 - drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 149 +++-- drivers/net/ethernet/marvell/mvmdio.c | 53 -- drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c | 13 drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c | 1 drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c | 3 drivers/net/ethernet/marvell/octeontx2/nic/otx2_txrx.c | 7 drivers/net/ethernet/mediatek/mtk_eth_soc.c | 5 drivers/net/ethernet/microchip/lan966x/lan966x_port.c | 5 drivers/net/ethernet/pensando/ionic/ionic_bus_pci.c | 4 drivers/net/ethernet/pensando/ionic/ionic_dev.c | 1 drivers/net/ethernet/pensando/ionic/ionic_dev.h | 1 drivers/net/ethernet/pensando/ionic/ionic_lif.c | 3 drivers/net/ethernet/pensando/ionic/ionic_main.c | 22 drivers/net/phy/at803x.c | 6 drivers/net/phy/mediatek-ge-soc.c | 147 +++-- drivers/net/phy/micrel.c | 6 drivers/net/usb/ax88179_178a.c | 2 drivers/net/virtio_net.c | 9 drivers/net/wireless/ath/ath11k/pcic.c | 4 drivers/net/wireless/ath/ath12k/hal.c | 4 drivers/net/wireless/ath/ath12k/hw.c | 3 drivers/net/wireless/ath/ath12k/mac.c | 4 drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 5 drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c | 2 drivers/net/wireless/mediatek/mt76/mt7996/pci.c | 8 drivers/net/wireless/ralink/rt2x00/rt2800lib.c | 2 drivers/net/wireless/ralink/rt2x00/rt2x00dev.c | 3 drivers/net/wireless/ralink/rt2x00/rt2x00mac.c | 11 drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 12 drivers/net/wireless/realtek/rtlwifi/rtl8723ae/phy.c | 6 drivers/net/wireless/realtek/rtlwifi/rtl8723be/phy.c | 4 drivers/net/wireless/realtek/rtw89/coex.c | 4 drivers/net/wireless/realtek/rtw89/core.c | 2 drivers/net/wireless/realtek/rtw89/core.h | 12 drivers/net/wireless/realtek/rtw89/fw.c | 17 drivers/net/wireless/realtek/rtw89/mac.c | 100 +++ drivers/net/wireless/realtek/rtw89/mac.h | 1 drivers/net/wireless/realtek/rtw89/mac80211.c | 3 drivers/net/wireless/realtek/rtw89/reg.h | 17 drivers/net/wireless/silabs/wfx/sta.c | 42 - drivers/opp/core.c | 9 drivers/pci/pci.h | 2 drivers/pci/pcie/aer.c | 9 drivers/pci/quirks.c | 24 drivers/pci/switch/switchtec.c | 25 drivers/perf/arm_pmuv3.c | 6 drivers/pinctrl/intel/pinctrl-baytrail.c | 3 drivers/pnp/pnpacpi/rsparser.c | 12 drivers/regulator/core.c | 56 +- drivers/regulator/ti-abb-regulator.c | 22 drivers/s390/crypto/vfio_ap_ops.c | 16 drivers/scsi/arcmsr/arcmsr.h | 4 drivers/scsi/arcmsr/arcmsr_hba.c | 6 drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 10 drivers/scsi/isci/request.c | 2 drivers/scsi/libfc/fc_fcp.c | 18 drivers/scsi/lpfc/lpfc.h | 1 drivers/scsi/lpfc/lpfc_els.c | 14 drivers/scsi/lpfc/lpfc_init.c | 4 drivers/scsi/lpfc/lpfc_vmid.c | 1 drivers/scsi/mpi3mr/mpi3mr_fw.c | 3 drivers/scsi/mpi3mr/mpi3mr_os.c | 13 drivers/scsi/scsi_error.c | 8 drivers/scsi/scsi_lib.c | 2 drivers/scsi/scsi_priv.h | 2 drivers/soc/xilinx/xlnx_event_manager.c | 7 drivers/spmi/spmi-mtk-pmif.c | 7 drivers/staging/vme_user/vme.c | 2 drivers/thermal/thermal_core.c | 30 - drivers/tty/serial/8250/8250_pci.c | 58 ++ drivers/tty/tty_ioctl.c | 4 drivers/usb/core/hub.c | 33 + drivers/usb/host/xhci-plat.c | 23 drivers/watchdog/it87_wdt.c | 14 drivers/watchdog/starfive-wdt.c | 2 drivers/xen/gntdev-dmabuf.c | 50 - fs/9p/v9fs_vfs.h | 1 fs/9p/vfs_inode.c | 6 fs/9p/vfs_inode_dotl.c | 1 fs/afs/callback.c | 3 fs/ceph/caps.c | 9 fs/ceph/mds_client.c | 2 fs/ceph/quota.c | 39 - fs/dcache.c | 7 fs/ecryptfs/inode.c | 8 fs/erofs/zdata.c | 2 fs/erofs/zmap.c | 32 - fs/ext4/extents.c | 6 fs/ext4/mballoc.c | 11 fs/ext4/resize.c | 37 - fs/f2fs/compress.c | 4 fs/f2fs/file.c | 2 fs/f2fs/recovery.c | 25 fs/jfs/jfs_dmap.c | 57 +- fs/jfs/jfs_dtree.c | 7 fs/jfs/jfs_imap.c | 3 fs/jfs/jfs_mount.c | 6 fs/kernfs/dir.c | 12 fs/ocfs2/namei.c | 8 fs/proc/proc_sysctl.c | 9 fs/pstore/ram.c | 1 fs/reiserfs/namei.c | 54 +- fs/smb/client/cifsglob.h | 30 - fs/smb/client/cifsproto.h | 15 fs/smb/client/cifssmb.c | 17 fs/smb/client/inode.c | 3 fs/smb/client/link.c | 4 fs/smb/client/sess.c | 14 fs/smb/client/smb2inode.c | 55 +- fs/smb/client/smb2proto.h | 16 fs/tracefs/event_inode.c | 117 +++- fs/tracefs/inode.c | 198 ++++--- fs/tracefs/internal.h | 4 include/asm-generic/numa.h | 2 include/asm-generic/unaligned.h | 24 include/drm/drm_color_mgmt.h | 1 include/drm/drm_mipi_dsi.h | 2 include/linux/avf/virtchnl.h | 1 include/linux/bpf.h | 2 include/linux/irq_work.h | 3 include/linux/mm_types.h | 3 include/linux/mmzone.h | 6 include/linux/pci_ids.h | 1 include/linux/pm_opp.h | 4 include/linux/thermal.h | 2 include/net/af_unix.h | 20 include/net/ip.h | 2 include/net/netfilter/nf_tables.h | 2 kernel/audit.c | 31 - kernel/bpf/arraymap.c | 23 kernel/bpf/helpers.c | 15 kernel/bpf/syscall.c | 6 kernel/events/core.c | 38 + kernel/sched/fair.c | 56 ++ lib/debugobjects.c | 200 +++---- lib/fw_table.c | 30 - lib/kunit/executor.c | 4 lib/kunit/test.c | 15 net/bluetooth/hci_sync.c | 10 net/bluetooth/iso.c | 51 +- net/bluetooth/l2cap_core.c | 3 net/bpf/test_run.c | 2 net/bridge/br_cfm_netlink.c | 2 net/bridge/br_multicast.c | 20 net/bridge/br_private.h | 4 net/devlink/port.c | 2 net/ipv4/ip_output.c | 12 net/ipv4/ip_sockglue.c | 6 net/ipv4/ipmr.c | 2 net/ipv4/raw.c | 2 net/ipv4/tcp.c | 12 net/ipv4/udp.c | 2 net/ipv6/addrconf_core.c | 21 net/ipv6/ip6_tunnel.c | 21 net/kcm/kcmsock.c | 2 net/llc/af_llc.c | 2 net/netfilter/nf_conntrack_proto_tcp.c | 10 net/netfilter/nf_log.c | 7 net/netfilter/nf_tables_api.c | 14 net/netfilter/nft_ct.c | 24 net/netfilter/nft_tunnel.c | 1 net/rxrpc/conn_service.c | 3 net/smc/smc_clc.c | 14 net/sunrpc/xprtmultipath.c | 17 net/unix/af_unix.c | 14 net/unix/diag.c | 2 net/wireless/scan.c | 4 sound/hda/hdac_stream.c | 9 sound/hda/intel-dsp-config.c | 10 sound/pci/hda/hda_intel.c | 2 sound/pci/hda/patch_conexant.c | 115 ++++ sound/soc/amd/acp-config.c | 15 sound/soc/codecs/lpass-wsa-macro.c | 7 sound/soc/codecs/rtq9128.c | 73 +- sound/soc/codecs/wcd938x.c | 2 sound/soc/codecs/wsa883x.c | 6 sound/soc/qcom/sc8280xp.c | 12 tools/build/feature/test-libopencsd.c | 4 tools/lib/bpf/libbpf.c | 2 tools/lib/bpf/libbpf_common.h | 13 tools/lib/subcmd/help.c | 18 tools/testing/kunit/kunit_parser.py | 4 tools/testing/selftests/bpf/cgroup_helpers.c | 18 tools/testing/selftests/bpf/prog_tests/btf.c | 6 tools/testing/selftests/bpf/prog_tests/tc_opts.c | 6 tools/testing/selftests/bpf/progs/pyperf180.c | 22 tools/testing/selftests/bpf/progs/test_global_func17.c | 1 tools/testing/selftests/bpf/veristat.c | 2 tools/testing/selftests/bpf/xdp_hw_metadata.c | 2 tools/testing/selftests/drivers/net/bonding/lag_lib.sh | 11 tools/testing/selftests/drivers/net/team/config | 4 tools/testing/selftests/net/Makefile | 5 tools/testing/selftests/net/config | 16 tools/testing/selftests/net/pmtu.sh | 18 tools/testing/selftests/net/setup_veth.sh | 2 tools/testing/selftests/net/udpgro.sh | 4 tools/testing/selftests/net/udpgro_bench.sh | 4 tools/testing/selftests/net/udpgro_frglist.sh | 6 tools/testing/selftests/net/udpgro_fwd.sh | 8 tools/testing/selftests/net/veth.sh | 4 tools/testing/selftests/net/xdp_dummy.c | 13 tools/testing/selftests/nolibc/nolibc-test.c | 4 tools/testing/selftests/sgx/test_encl.lds | 6 517 files changed, 5331 insertions(+), 3339 deletions(-) Abhinav Kumar (1): drm/msm/dpu: fix writeback programming for YUV cases Adrian Reber (1): tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE Ahmed Zaki (1): ice: fix ICE_AQ_VSI_Q_OPT_RSS_* register values Al Viro (1): fast_dput(): handle underflows gracefully Alex Deucher (2): drm/amdgpu: apply the RV2 system aperture fix to RN/CZN as well drm/amdgpu: fix avg vs input power reporting on smu7 Alex Lyakas (1): md: Whenassemble the array, consult the superblock of the freshest device Alexander Gordeev (1): s390/boot: always align vmalloc area on segment boundary Alexander Stein (4): ARM: dts: imx7d: Fix coresight funnel ports ARM: dts: imx7s: Fix lcdif compatible ARM: dts: imx7s: Fix nand-controller #size-cells clk: imx: clk-imx8qxp: fix LVDS bypass, pixel and phy clocks Alexandre Ghiti (1): riscv: Fix build error on rv32 + XIP Alexei Starovoitov (1): x86/cfi,bpf: Fix bpf_exception_cb() signature Allen Pan (1): drm/amd/display: fix usb-c connector_type Alvin Lee (3): drm/amd/display: For prefetch mode > 0, extend prefetch if possible drm/amd/display: Force p-state disallow if leaving no plane config drm/amd/display: Only clear symclk otg flag for HDMI Andrii Nakryiko (3): selftests/bpf: fix RELEASE=1 build for tc_opts selftests/bpf: satisfy compiler by having explicit return in btf test selftests/bpf: fix compiler warnings in RELEASE=1 mode Andrii Staikov (1): i40e: Fix VF disable behavior to block all traffic Andrzej Hajda (1): debugobjects: Stop accessing objects after releasing hash bucket lock Andy Shevchenko (1): pinctrl: baytrail: Fix types of config value in byt_pin_config_set() Anna Schumaker (1): SUNRPC: Fix a suspicious RCU usage warning Anton Ivanov (1): um: Fix naming clash between UML and scheduler Arnd Bergmann (2): arch: consolidate arch_irq_work_raise prototypes arch: fix asm-offsets.c building with -Wmissing-prototypes Baochen Qiang (1): wifi: ath11k: fix race due to setting ATH11K_FLAG_EXT_IRQ_ENABLED too early Baokun Li (3): ext4: unify the type of flexbg_size to unsigned int ext4: remove unnecessary check from alloc_flex_gd() ext4: avoid online resizing failures due to oversized flex bg Ben Dooks (1): watchdog: starfive: add lock annotations to fix context imbalances Ben Mayo (1): ACPI: resource: Add DMI quirks for ASUS Vivobook E1504GA and E1504GAB Benjamin Berg (2): wifi: cfg80211: free beacon_ies when overridden from hidden BSS um: Don't use vfprintf() for os_info() Benjamin Poirier (2): selftests: team: Add missing config options selftests: bonding: Check initial state Bharat Bhushan (1): crypto: octeontx2 - Fix cptvf driver cleanup Bjorn Helgaas (1): PCI/AER: Decode Requester ID when no error info found Breno Leitao (1): net: sysfs: Fix /sys/class/net/<iface> path Brett Creeley (6): pds_core: Prevent health thread from running during reset/remove pds_core: Cancel AQ work on teardown pds_core: Use struct pdsc for the pdsc_adminq_isr private data pds_core: Prevent race issues involving the adminq pds_core: Clear BARs on reset pds_core: Rework teardown/setup flow to be more common Chao Yu (2): f2fs: fix to check return value of f2fs_reserve_new_block() f2fs: fix to tag gcing flag on page during block migration ChiYuan Huang (2): ASoC: codecs: rtq9128: Fix PM_RUNTIME usage ASoC: codecs: rtq9128: Fix TDM enable and DAI format control flow Chih-Kang Chang (1): wifi: rtw89: fix misbehavior of TX beacon in concurrent mode Ching-Te Ku (1): wifi: rtw89: coex: Fix wrong Wi-Fi role info and FDDT parameter members Chris Riches (1): audit: Send netlink ACK before setting connection in auditd_set Christian Marangi (1): net: phy: at803x: fix passing the wrong reference for config_intr Christoph Hellwig (1): block: prevent an integer overflow in bvec_try_merge_hw_page Christophe JAILLET (1): ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() Chunyan Zhang (2): arm64: dts: sprd: Add clock reference for pll2 on UMS512 arm64: dts: sprd: Change UMS512 idle-state nodename to match bindings Crescent CY Hsieh (1): tty: serial: 8250: Set RS422 interface by default to fix Moxa RS422/RS485 PCIe boards Cristian Ciocaltea (1): ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Dafna Hirschfeld (1): accel/habanalabs/gaudi2: fix undef opcode reporting Daniel Golle (3): net: ethernet: mtk_eth_soc: set DMA coherent mask to get PPE working net: phy: mediatek-ge-soc: sync driver with MediaTek SDK net: dsa: mt7530: fix 10M/100M speed on MT7988 switch Daniel Miess (1): Revert "drm/amd/display: Fix conversions between bytes and KB" Daniel Stodden (1): PCI: switchtec: Fix stdev_release() crash after surprise hot remove Daniel Vacek (1): IB/ipoib: Fix mcast list locking Danylo Piliaiev (1): drm/msm/a690: Fix reg values for a690 David Howells (1): 9p: Fix initialisation of netfs_inode for 9p Dennis Chan (1): drm/amd/display: Fix Replay Desync Error IRQ handler Dmitry Antipov (3): PNP: ACPI: fix fortify warning wifi: rtw89: fix timeout calculation in rtw89_roc_end() wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() Dmitry Baryshkov (5): ARM: dts: qcom: strip prefix from PMIC files ARM: dts: qcom: mdm9615: fix PMIC node labels ARM: dts: qcom: msm8660: fix PMIC node labels drm/msm/dpu: enable writeback on SM8350 drm/msm/dpu: enable writeback on SM8450 Dmitry Torokhov (1): asm-generic: make sparse happy with odd-sized put_unaligned_*() Douglas Anderson (1): drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time Edward Adam Davis (3): jfs: fix uaf in jfs_evict_inode jfs: fix array-index-out-of-bounds in diNewExt wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Eric Dumazet (4): ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() tcp: add sanity checks to rx zerocopy llc: call sock_orphan() at release time af_unix: fix lockdep positive in sk_diag_dump_icons() Fabio Estevam (9): ARM: dts: imx25/27-eukrea: Fix RTC node name ARM: dts: imx: Use flash@0,0 pattern ARM: dts: imx27: Fix sram node ARM: dts: imx1: Fix sram node ARM: dts: imx25: Fix the iim compatible string ARM: dts: imx25/27: Pass timing0 ARM: dts: imx27-apf27dev: Fix LED name ARM: dts: imx23-sansa: Use preferred i2c-gpios properties ARM: dts: imx23/28: Fix the DMA controller node name Farah Kassabri (1): accel/habanalabs: fix EQ heartbeat mechanism Felix Kuehling (2): drm/amdgpu: Let KFD sync with VM fences drm/amdkfd: Fix lock dependency warning Frederik Haxel (1): riscv: Make XIP bootable again Frédéric Danis (1): Bluetooth: L2CAP: Fix possible multiple reject send Gabriel Krisman Bertazi (1): ecryptfs: Reject casefold directory inodes Gao Xiang (2): erofs: fix up compacted indexes for block size < 4096 erofs: fix ztailpacking for subpage compressed blocks Gaurav Jain (1): crypto: caam - fix asynchronous hash Geetha sowjanya (1): octeontx2-pf: Remove xdp queues on program detach Ghanshyam Agrawal (1): media: stk1160: Fixed high volume of stk1160_dbg messages Greg KH (1): perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file Greg Kroah-Hartman (1): Linux 6.7.4 Guilherme G. Piccoli (1): PCI: Only override AMD USB controller if required Gustavo A. R. Silva (1): crypto: p10-aes-gcm - Avoid -Wstringop-overflow warnings Hannes Reinecke (2): scsi: libfc: Don't schedule abort twice scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hans de Goede (2): media: ov2740: Fix hts value misc: lis3lv02d_i2c: Add missing setting of the reg_ctrl callback Hardik Gajjar (2): usb: hub: Replace hardcoded quirk value with BIT() macro usb: hub: Add quirk to decrease IN-ep poll interval for Microchip USB491x hub HariBabu Gattem (1): soc: xilinx: Fix for call trace due to the usage of smp_processor_id() Harshit Shah (1): i3c: master: cdns: Update maximum prescaler value for i2c clock Heiko Carstens (2): s390/ptrace: handle setting of fpc register correctly KVM: s390: fix setting of fpc register Heiner Kallweit (1): leds: trigger: panic: Don't register panic notifier if creating the trigger failed Helge Deller (1): ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Horatiu Vultur (1): net: lan966x: Fix port configuration when using SGMII interface Hou Tao (3): bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers bpf: Set need_defer as false when clearing fd array during map free bpf: Set uattr->batch.count as zero before batched update or deletion Hsin-Yi Wang (1): drm/panel-edp: Add override_edid_mode quirk for generic edp Huang Shijie (2): arm64: irq: set the correct node for VMAP stack arm64: irq: set the correct node for shadow call stack Ian Rogers (1): libsubcmd: Fix memory leak in uniq() Ido Schimmel (2): PCI: Add no PM reset quirk for NVIDIA Spectrum devices selftests: net: Add missing matchall classifier Igor Russkikh (1): net: atlantic: eliminate double free in error handling logic Ilpo Järvinen (1): PCI: Fix 64GT/s effective data rate calculation Ilya Bakoulin (1): drm/amd/display: Fix MST PBN/X.Y value calculations Iulia Tanasescu (1): Bluetooth: ISO: Avoid creating child socket if PA sync is terminating Ivan Lipski (1): Re-revert "drm/amd/display: Enable Replay for static screen use cases" Jack Wang (1): RDMA/IPoIB: Fix error code return in ipoib_mcast_join Jacob Keller (1): e1000e: correct maximum frequency adjustment values Jaegeuk Kim (1): f2fs: fix write pointers on zoned device after roll forward Jakub Kicinski (2): selftests: net: add missing config for nftables-backed iptables selftests: net: add missing config for NF_TARGET_TTL James Clark (1): perf cs-etm: Bump minimum OpenCSD version to ensure a bugfix is present James Seo (1): hwmon: (hp-wmi-sensors) Fix failure to load on EliteDesk 800 G6 Jan Kara (2): reiserfs: Avoid touching renamed directory if parent does not change ocfs2: Avoid touching renamed directory if parent does not change Jedrzej Jagielski (2): ixgbe: Refactor returning internal error codes ixgbe: Refactor overtemp event handling Jesse Brandeburg (2): intel: add bit macro includes where needed ice: fix pre-shifted bit usage Jia Jie Ho (2): hwrng: starfive - Fix dev_err_probe return error crypto: starfive - Fix dev_err_probe return error Jo Van Bulck (1): selftests/sgx: Fix linker script asserts Joel Granados (1): sysctl: Fix out of bounds access for empty sysctl registers Johan Hovold (4): ASoC: qcom: sc8280xp: limit speaker volumes ASoC: codecs: wcd938x: fix headphones volume controls ASoC: codecs: lpass-wsa-macro: fix compander volume hack ASoC: codecs: wsa883x: fix PA volume control Johan Jonker (1): ARM: dts: rockchip: fix rk3036 hdmi ports node Johannes Berg (1): um: time-travel: fix time corruption Jonathan Gray (1): Revert "drm/amd/display: Disable PSR-SU on Parade 0803 TCON again" Jonathan Kim (2): drm/amdkfd: fix mes set shader debugger process management drm/amdkfd: only flush mes process context if mes support is there Jose Ignacio Tornos Martinez (1): net: usb: ax88179_178a: avoid two consecutive device resets Josip Pavic (1): drm/amd/display: make flip_timestamp_in_us a 64-bit variable Jun'ichi Nomura (1): x86/boot: Ignore NMIs during very early boot Justin Tee (3): scsi: lpfc: Fix possible file string name overflow when updating firmware scsi: lpfc: Reinitialize an NPIV's VMID data structures after FDISC scsi: lpfc: Move determination of vmid_flag after VMID reinitialization completes Kang Yang (1): wifi: ath12k: fix and enable AP mode for WCN7850 Kees Cook (1): block/rnbd-srv: Check for unlikely string overflow Kieran Bingham (1): media: i2c: imx335: Fix hblank min/max values Konrad Dybcio (1): drm/msm/dsi: Enable runtime PM Kory Maincent (1): net: phy: micrel: fix ts_info value in case of no phc Krzysztof Kozlowski (2): ARM: dts: samsung: exynos4: fix camera unit addresses/ranges ARM: dts: samsung: s5pv210: fix camera unit addresses/ranges Kuan-Wei Chiu (3): clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() clk: imx: scu: Fix memory leak in __imx_clk_gpr_scu() Kunwu Chan (1): powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Laurent Pinchart (1): media: rkisp1: resizer: Stop manual allocation of v4l2_subdev_state Lin Ma (1): bridge: cfm: fix enum typo in br_cc_ccm_tx_parse Lingbo Kong (1): wifi: ath12k: fix the issue that the multicast/broadcast indicator is not read correctly for WCN7850 Linus Lüssing (1): bridge: mcast: fix disabled snooping after long uptime Linus Torvalds (1): tracefs: remove stale 'update_gid' code Linus Walleij (3): ARM: dts: marvell: Fix some common switch mistakes ARM64: dts: marvell: Fix some common switch mistakes ARM: dts: usr8200: Fix phy registers Manas Ghandat (2): jfs: fix slab-out-of-bounds Read in dtSearch jfs: fix array-index-out-of-bounds in dbAdjTree Mao Jinlong (3): arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property arm64: dts: qcom: Fix coresight warnings in in-ports and out-ports Marco Elver (1): mm, kmsan: fix infinite recursion due to RCU critical section Marco Pagani (1): kunit: run test suites only after module initialization completes Mark Rutland (1): drivers/perf: pmuv3: don't expose SW_INCR event in sysfs Martin Tsai (1): drm/amd/display: To adjust dprefclk by down spread percentage Matthias May (1): selftests: net: add missing config for GENEVE Max Kellermann (1): fs/kernfs/dir: obey S_ISGID Meenakshikumar Somasundaram (2): drm/amd/display: Fix tiled display misalignment drm/amd/display: Fix minor issues in BW Allocation Phase2 MeiChia Chiu (1): wifi: mt76: connac: fix EHT phy mode check Michael Ellerman (3): powerpc: Fix build error due to is_valid_bugaddr() powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping() Michael Maltsev (1): ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CGA Michael Strauss (1): drm/amd/display: Fix lightup regression with DP2 single display configs Michael Tretter (1): media: rockchip: rga: fix swizzling for RGB formats Michal Simek (2): arm64: zynqmp: Move fixed clock to / for kv260 arm64: zynqmp: Fix clock node name in kv260 cards Michal Vokáč (1): net: dsa: qca8k: fix illegal usage of GPIO Michal Wajdeczko (1): kunit: Reset test->priv after each param iteration Mina Almasry (1): net: kcm: fix direct access to bv_len Ming Lei (2): blk-mq: fix IO hang from sbitmap wakeup race scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler Ming Qian (1): media: amphion: remove mutext lock in condition of wait_event Mingyi Zhang (1): libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos Minsuk Kang (1): wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Mukesh Ojha (1): PM / devfreq: Synchronize devfreq_monitor_[start/stop] Nathan Chancellor (1): um: net: Fix return type of uml_net_start_xmit() Naveen N Rao (1): powerpc/lib: Validate size for vector operations Neil Armstrong (3): arm64: dts: qcom: sm8550: fix soundwire controllers node name arm64: dts: qcom: sm8450: fix soundwire controllers node name drm/msm/dp: Add DisplayPort controller for SM8650 Nia Espera (1): arm64: dts: qcom: sm8350: Fix remoteproc interrupt type Nicholas Susanto (1): drm/amd/display: Fix disable_otg_wa logic Nicolas Dichtel (1): ipmr: fix kernel panic when forwarding mcast packets Oded Gabbay (1): accel/habanalabs: add support for Gaudi2C device Ojaswin Mujoo (1): ext4: treat end of range as exclusive in ext4_zero_range() Oleg Nesterov (2): afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleksandr Tyshchenko (1): xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import Osama Muhammad (2): FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree UBSAN: array-index-out-of-bounds in dtSplitRoot Pablo Neira Ayuso (3): netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations Paloma Arellano (1): drm/msm/dpu: Add mutex lock in control vblank irq Paolo Abeni (9): selftests: net: remove dependency on ebpf tests selftests: net: explicitly wait for listener ready selftests: net: add missing config for big tcp tests selftests: net: add missing required classifier selftests: net: give more time for GRO aggregation selftests: net: add missing config for pmtu.sh tests selftests: net: fix available tunnels detection selftests: net: don't access /dev/stdout in pmtu.sh selftests: net: enable some more knobs Parav Pandit (1): devlink: Fix referring to hw_addr attribute during state validation Paulo Alcantara (2): smb: client: fix renaming of reparse points smb: client: fix hardlinking of reparse points Pavan Kumar Linga (1): idpf: avoid compiler padding in virtchnl2_ptype struct Peter Robinson (1): mfd: ti_am335x_tscadc: Fix TI SoC dependencies Peter Zijlstra (1): perf: Fix the nr_addr_filters fix Philip Yang (1): drm/amdkfd: Fix lock dependency warning with srcu Pierre-Louis Bossart (3): PCI: add INTEL_HDA_ARL to pci_ids.h ALSA: hda: Intel: add HDA_ARL PCI ID support ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL Piro Yang (1): staging: vme_user: Fix the issue of return the wrong error code Po-Hao Huang (1): wifi: rtw89: fix not entering PS mode after AP stops Prarit Bhargava (1): ACPI: extlog: fix NULL pointer dereference check Praveen Kaligineedi (1): gve: Fix skb truesize underestimation Rae Moar (1): kunit: tool: fix parsing of test attributes Rafael J. Wysocki (1): thermal: core: Fix thermal zone suspend-resume synchronization Raghavendra K T (1): sched/numa: Fix mm numa_scan_seq based unconditional scan Ricardo Ribalda (2): media: uvcvideo: Fix power line control for a Chicony camera media: uvcvideo: Fix power line control for SunplusIT camera Rob Clark (2): drm/msm/dpu: Ratelimit framedone timeout msgs drm/msm/dpu: Correct UBWC settings for sc8280xp Romain Naour (1): regulator: ti-abb: don't use devm_platform_ioremap_resource_byname for shared interrupt register Rui Zhang (1): regulator: core: Only increment use_count when enable_count changes Ryan Schaefer (1): netfilter: conntrack: correct window scaling with retransmitted SYN Shannon Nelson (2): ionic: pass opcode to devcmd_wait ionic: bypass firmware cmds when stuck in reset Shiji Yang (2): wifi: rt2x00: restart beacon queue when hardware reset wifi: rt2x00: correct wrong BBP register in RxDCOC calibration Shuai Xue (1): ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events Shyam Prasad N (1): cifs: fix in logging in cifs_chan_update_iface Srinivasan Shanmugam (10): drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()' drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' Stanley.Yang (1): drm/amdgpu: Fix ecc irq enable/disable unpaired StanleyYP Wang (1): wifi: mt76: mt7996: add PCI IDs for mt7992 Stephen Rothwell (2): powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE drm: using mul_u32_u32() requires linux/math64.h Steven Rostedt (Google) (1): tracefs/eventfs: Use root and instance inodes as default ownership Su Hui (4): wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() media: ddbridge: fix an error code problem in ddb_probe scsi: isci: Fix an error code problem in isci_io_request_build() HID: hidraw: fix a problem of memory leak in hidraw_release() Suman Ghosh (1): octeontx2-af: Fix max NPC MCAM entry check while validating ref_entry Sumit Saxena (2): scsi: mpi3mr: Add support for SAS5116 PCI IDs scsi: mpi3mr: Add PCI checks where SAS5116 diverges from SAS4116 Takashi Iwai (1): ALSA: hda: Refer to correct stream index at loops Tanmay Shah (1): soc: xilinx: fix unhandled SGI warning message Thomas Bourgoin (1): crypto: stm32/crc32 - fix parsing list of devices Thomas Weißschuh (1): selftests/nolibc: fix testcase status alignment Tim Lunn (1): i2c: rk3x: Adjust mask/value offset for i2c2 on rv1126 Tobias Waldekranz (2): net: mvmdio: Avoid excessive sleeps in polled mode net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error path Tomi Valkeinen (7): drm/drm_file: fix use of uninitialized variable drm/framebuffer: Fix use of uninitialized variable drm/mipi-dsi: Fix detach call without attach media: rkisp1: Drop IRQF_SHARED media: rkisp1: Fix IRQ handler return values media: rkisp1: Store IRQ lines media: rkisp1: Fix IRQ disable race issue Tony Krowiak (1): s390/vfio-ap: fix sysfs status attribute for AP queue devices Venkata Prasad Potturu (1): ASoC: amd: Add new dmi entries for acp5x platform Venky Shankar (1): ceph: reinitialize mds feature bit even when session in open Vincent Guittot (1): sched/fair: Fix tg->load when offlining a CPU Viresh Kumar (1): OPP: The level field is always of unsigned int type Vladimir Oltean (1): net: dsa: qca8k: put MDIO bus OF node on qca8k_mdio_register() failure Wang, Beyond (1): drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap Weichen Chen (1): pstore/ram: Fix crash when setting number of cpus to an odd number Wen Gu (1): net/smc: disable SEID on non-s390 archs where virtual ISM may be used Wenchao Hao (1): ceph: fix invalid pointer access if get_quota_realm return ERR_PTR Wenjing Liu (1): drm/amd/display: add support for DTO genarated dscclk Werner Fischer (1): watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 Xianwei Zhao (1): arm64: dts: amlogic: fix format for s4 uart node Xiaowu.ding (1): mailbox: arm_mhuv2: Fix a bug for mhuv2_sender_interrupt Xin Ji (1): drm/bridge: anx7625: Fix Set HPD irq detect window to 2ms Xing Tong Wu (1): hwmon: (nct6775) Fix fan speed set failure in automatic mode Xiubo Li (1): ceph: fix deadlock or deadcode of misusing dget() Yafang Shao (1): selftests/bpf: Fix issues in setup_classid_environment() Yaxiong Tian (1): extcon: fix possible name leak in extcon_dev_register() Ye Bin (1): ext4: fix inconsistent between segment fstrim and full fstrim Yihang Li (1): scsi: hisi_sas: Set .phy_attached before notifing phyup event HISI_PHYE_PHY_UP_PM Yinbo Zhu (1): usb: xhci-plat: fix usb disconnect issue after s4 Yonghong Song (4): libbpf: Fix potential uninitialized tail padding with LIBBPF_OPTS_RESET selftests/bpf: Fix pyperf180 compilation failure with clang18 bpf: Fix a few selftest failures due to llvm18 change selftests/bpf: Remove flaky test_btf_id test Yu-Che Cheng (1): spmi: mediatek: Fix UAF on device remove Yuluo Qiu (1): ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Yuntao Wang (2): ACPI: tables: Correct and clean up the logic of acpi_parse_entries_array() ACPI: NUMA: Fix the logic of getting the fake_pxm value Zenm Chen (1): wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Zhengchao Shao (2): bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk bonding: remove print in bond_verify_device_path Zhipeng Lu (1): net: ipv4: fix a memleak in ip_setup_cork Zhiquan Li (1): x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel Zhu Yanjun (1): virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings Zijun Hu (1): Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066 bo liu (1): ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 ching Huang (1): scsi: arcmsr: Support new PCI device IDs 1883 and 1886 clancy shang (1): Bluetooth: hci_sync: fix BR/EDR wakeup bug

1 year, 7 months

1
1
0 0

Linux 6.6.16

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.16 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-class-net-queues | 22 Documentation/sound/soc/dapm.rst | 2 Documentation/sphinx/cdomain.py | 2 Documentation/sphinx/kernel_abi.py | 2 Documentation/sphinx/kernel_feat.py | 2 Documentation/sphinx/kerneldoc.py | 2 Documentation/sphinx/maintainers_include.py | 8 Makefile | 2 arch/arm/boot/dts/nxp/imx/imx1-ads.dts | 2 arch/arm/boot/dts/nxp/imx/imx1-apf9328.dts | 2 arch/arm/boot/dts/nxp/imx/imx1.dtsi | 5 arch/arm/boot/dts/nxp/imx/imx25-eukrea-cpuimx25.dtsi | 2 arch/arm/boot/dts/nxp/imx/imx25-eukrea-mbimxsd25-baseboard-cmo-qvga.dts | 2 arch/arm/boot/dts/nxp/imx/imx25-eukrea-mbimxsd25-baseboard-dvi-svga.dts | 2 arch/arm/boot/dts/nxp/imx/imx25-eukrea-mbimxsd25-baseboard-dvi-vga.dts | 2 arch/arm/boot/dts/nxp/imx/imx25-pdk.dts | 2 arch/arm/boot/dts/nxp/imx/imx25.dtsi | 2 arch/arm/boot/dts/nxp/imx/imx27-apf27dev.dts | 4 arch/arm/boot/dts/nxp/imx/imx27-eukrea-cpuimx27.dtsi | 4 arch/arm/boot/dts/nxp/imx/imx27-eukrea-mbimxsd27-baseboard.dts | 2 arch/arm/boot/dts/nxp/imx/imx27-phytec-phycard-s-rdk.dts | 2 arch/arm/boot/dts/nxp/imx/imx27-phytec-phycore-rdk.dts | 2 arch/arm/boot/dts/nxp/imx/imx27-phytec-phycore-som.dtsi | 2 arch/arm/boot/dts/nxp/imx/imx27.dtsi | 3 arch/arm/boot/dts/nxp/imx/imx7d.dtsi | 3 arch/arm/boot/dts/nxp/imx/imx7s.dtsi | 10 arch/arm/boot/dts/nxp/mxs/imx23-sansa.dts | 12 arch/arm/boot/dts/nxp/mxs/imx23.dtsi | 2 arch/arm/boot/dts/nxp/mxs/imx28.dtsi | 2 arch/arm/boot/dts/qcom/pm8226.dtsi | 180 +++++++ arch/arm/boot/dts/qcom/pm8841.dtsi | 68 ++ arch/arm/boot/dts/qcom/pm8941.dtsi | 254 ++++++++++ arch/arm/boot/dts/qcom/pma8084.dtsi | 99 +++ arch/arm/boot/dts/qcom/pmx55.dtsi | 85 +++ arch/arm/boot/dts/qcom/pmx65.dtsi | 33 + arch/arm/boot/dts/qcom/qcom-apq8026-asus-sparrow.dts | 2 arch/arm/boot/dts/qcom/qcom-apq8026-huawei-sturgeon.dts | 2 arch/arm/boot/dts/qcom/qcom-apq8026-lg-lenok.dts | 2 arch/arm/boot/dts/qcom/qcom-apq8026-samsung-matisse-wifi.dts | 2 arch/arm/boot/dts/qcom/qcom-apq8060-dragonboard.dts | 4 arch/arm/boot/dts/qcom/qcom-apq8074-dragonboard.dts | 4 arch/arm/boot/dts/qcom/qcom-apq8084-ifc6540.dts | 2 arch/arm/boot/dts/qcom/qcom-apq8084-mtp.dts | 2 arch/arm/boot/dts/qcom/qcom-mdm9615-wp8548.dtsi | 2 arch/arm/boot/dts/qcom/qcom-mdm9615.dtsi | 14 arch/arm/boot/dts/qcom/qcom-msm8660.dtsi | 16 arch/arm/boot/dts/qcom/qcom-msm8974-lge-nexus5-hammerhead.dts | 4 arch/arm/boot/dts/qcom/qcom-msm8974-sony-xperia-rhine.dtsi | 4 arch/arm/boot/dts/qcom/qcom-msm8974pro-fairphone-fp2.dts | 4 arch/arm/boot/dts/qcom/qcom-msm8974pro-oneplus-bacon.dts | 4 arch/arm/boot/dts/qcom/qcom-msm8974pro-samsung-klte.dts | 2 arch/arm/boot/dts/qcom/qcom-msm8974pro-sony-xperia-shinano-castor.dts | 4 arch/arm/boot/dts/qcom/qcom-pm8226.dtsi | 180 ------- arch/arm/boot/dts/qcom/qcom-pm8841.dtsi | 68 -- arch/arm/boot/dts/qcom/qcom-pm8941.dtsi | 254 ---------- arch/arm/boot/dts/qcom/qcom-pma8084.dtsi | 99 --- arch/arm/boot/dts/qcom/qcom-pmx55.dtsi | 85 --- arch/arm/boot/dts/qcom/qcom-pmx65.dtsi | 33 - arch/arm/boot/dts/qcom/qcom-sdx55-mtp.dts | 2 arch/arm/boot/dts/qcom/qcom-sdx55-t55.dts | 2 arch/arm/boot/dts/qcom/qcom-sdx55-telit-fn980-tlb.dts | 2 arch/arm/boot/dts/qcom/qcom-sdx65-mtp.dts | 2 arch/arm/boot/dts/rockchip/rk3036.dtsi | 14 arch/arm/boot/dts/samsung/exynos4.dtsi | 26 - arch/arm/boot/dts/samsung/exynos4x12.dtsi | 17 arch/arm/boot/dts/samsung/s5pv210.dtsi | 18 arch/arm/include/asm/irq_work.h | 2 arch/arm64/boot/dts/amlogic/meson-s4-s805x2-aq222.dts | 4 arch/arm64/boot/dts/amlogic/meson-s4.dtsi | 4 arch/arm64/boot/dts/qcom/msm8996.dtsi | 21 arch/arm64/boot/dts/qcom/msm8998.dtsi | 32 - arch/arm64/boot/dts/qcom/sdm845.dtsi | 5 arch/arm64/boot/dts/qcom/sm8150.dtsi | 5 arch/arm64/boot/dts/qcom/sm8250.dtsi | 24 arch/arm64/boot/dts/qcom/sm8350.dtsi | 8 arch/arm64/boot/dts/qcom/sm8450.dtsi | 8 arch/arm64/boot/dts/qcom/sm8550.dtsi | 8 arch/arm64/boot/dts/sprd/ums512.dtsi | 3 arch/arm64/boot/dts/xilinx/zynqmp-sck-kv-g-revA.dtso | 40 - arch/arm64/boot/dts/xilinx/zynqmp-sck-kv-g-revB.dtso | 42 - arch/arm64/include/asm/irq_work.h | 2 arch/arm64/kernel/irq.c | 7 arch/csky/include/asm/irq_work.h | 2 arch/loongarch/kernel/smp.c | 1 arch/loongarch/mm/tlb.c | 16 arch/powerpc/crypto/aes-gcm-p10-glue.c | 2 arch/powerpc/include/asm/irq_work.h | 1 arch/powerpc/include/asm/mmu.h | 4 arch/powerpc/include/asm/mmzone.h | 8 arch/powerpc/kernel/traps.c | 2 arch/powerpc/lib/sstep.c | 10 arch/powerpc/mm/book3s64/pgtable.c | 2 arch/powerpc/mm/init-common.c | 5 arch/powerpc/mm/mmu_decl.h | 5 arch/riscv/include/asm/irq_work.h | 2 arch/riscv/kernel/head.S | 1 arch/riscv/mm/init.c | 12 arch/s390/boot/ipl_parm.c | 2 arch/s390/boot/startup.c | 3 arch/s390/include/asm/irq_work.h | 2 arch/s390/kernel/ptrace.c | 6 arch/s390/kvm/kvm-s390.c | 5 arch/um/drivers/net_kern.c | 2 arch/um/include/shared/kern_util.h | 2 arch/um/kernel/process.c | 2 arch/um/kernel/time.c | 32 + arch/um/os-Linux/helper.c | 6 arch/um/os-Linux/util.c | 19 arch/x86/boot/compressed/ident_map_64.c | 5 arch/x86/boot/compressed/idt_64.c | 1 arch/x86/boot/compressed/idt_handlers_64.S | 1 arch/x86/boot/compressed/misc.h | 1 arch/x86/include/asm/irq_work.h | 1 arch/x86/include/asm/kmsan.h | 17 arch/x86/kernel/cpu/mce/core.c | 16 block/bio.c | 2 block/blk-mq.c | 16 drivers/accel/habanalabs/common/device.c | 3 drivers/accel/habanalabs/common/habanalabs.h | 2 drivers/accel/habanalabs/common/habanalabs_drv.c | 3 drivers/accel/habanalabs/common/mmu/mmu.c | 1 drivers/accel/habanalabs/common/sysfs.c | 3 drivers/accel/habanalabs/include/hw_ip/pci/pci_general.h | 1 drivers/acpi/acpi_extlog.c | 5 drivers/acpi/acpi_video.c | 9 drivers/acpi/apei/ghes.c | 29 - drivers/acpi/numa/srat.c | 4 drivers/base/arch_numa.c | 2 drivers/block/rnbd/rnbd-srv.c | 19 drivers/bluetooth/hci_qca.c | 1 drivers/char/hw_random/jh7110-trng.c | 2 drivers/clk/hisilicon/clk-hi3620.c | 4 drivers/clk/imx/clk-imx8qxp.c | 24 drivers/clk/mmp/clk-of-pxa168.c | 3 drivers/crypto/marvell/octeontx2/otx2_cptlf.c | 6 drivers/crypto/marvell/octeontx2/otx2_cptvf_main.c | 3 drivers/crypto/starfive/jh7110-cryp.c | 2 drivers/crypto/stm32/stm32-crc32.c | 2 drivers/devfreq/devfreq.c | 24 drivers/extcon/extcon.c | 3 drivers/gpu/drm/amd/amdgpu/aldebaran.c | 26 - drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c | 21 drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c | 31 + drivers/gpu/drm/amd/amdgpu/amdgpu_mes.h | 10 drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 13 drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_sync.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.c | 6 drivers/gpu/drm/amd/amdgpu/gfxhub_v1_0.c | 4 drivers/gpu/drm/amd/amdgpu/gfxhub_v1_2.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 5 drivers/gpu/drm/amd/amdgpu/gmc_v6_0.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 8 drivers/gpu/drm/amd/amdgpu/mmhub_v1_0.c | 4 drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 42 - drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 24 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 30 - drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 9 drivers/gpu/drm/amd/display/dc/core/dc.c | 4 drivers/gpu/drm/amd/display/dc/dc_hw_types.h | 2 drivers/gpu/drm/amd/display/dc/dce110/dce110_hw_sequencer.c | 3 drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c | 3 drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 23 drivers/gpu/drm/amd/display/dc/dcn31/dcn31_hwseq.c | 3 drivers/gpu/drm/amd/display/dc/dml/dcn32/display_mode_vba_32.c | 3 drivers/gpu/drm/amd/display/dc/dml/dcn32/display_mode_vba_util_32.c | 33 + drivers/gpu/drm/amd/display/dc/dml/dcn32/display_mode_vba_util_32.h | 1 drivers/gpu/drm/amd/display/dc/link/link_dpms.c | 13 drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_dpia_bw.c | 221 +++----- drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_dpia_bw.h | 4 drivers/gpu/drm/amd/display/modules/power/power_helpers.c | 2 drivers/gpu/drm/amd/include/amd_shared.h | 2 drivers/gpu/drm/amd/include/mes_v11_api_def.h | 3 drivers/gpu/drm/amd/pm/powerplay/hwmgr/process_pptables_v1_0.c | 2 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 17 drivers/gpu/drm/bridge/analogix/anx7625.c | 51 +- drivers/gpu/drm/bridge/analogix/anx7625.h | 4 drivers/gpu/drm/drm_file.c | 2 drivers/gpu/drm/drm_framebuffer.c | 2 drivers/gpu/drm/drm_mipi_dsi.c | 17 drivers/gpu/drm/exynos/exynos_drm_drv.c | 11 drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_7_0_sm8350.h | 18 drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_8_1_sm8450.h | 18 drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 5 drivers/gpu/drm/msm/disp/dpu1/dpu_hw_wb.c | 3 drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 1 drivers/gpu/drm/msm/dp/dp_display.c | 6 drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 drivers/gpu/drm/panel/panel-edp.c | 48 + drivers/hid/hidraw.c | 7 drivers/hwmon/hp-wmi-sensors.c | 127 ++++- drivers/hwmon/nct6775-core.c | 7 drivers/i2c/busses/i2c-rk3x.c | 8 drivers/i3c/master/i3c-master-cdns.c | 7 drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 7 drivers/leds/trigger/ledtrig-panic.c | 5 drivers/mailbox/arm_mhuv2.c | 3 drivers/md/md.c | 54 +- drivers/media/i2c/imx335.c | 4 drivers/media/pci/ddbridge/ddbridge-main.c | 2 drivers/media/platform/amphion/vpu.h | 3 drivers/media/platform/amphion/vpu_cmds.c | 28 - drivers/media/platform/amphion/vpu_v4l2.c | 1 drivers/media/platform/rockchip/rga/rga.c | 15 drivers/media/platform/rockchip/rkisp1/rkisp1-common.h | 11 drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c | 14 drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c | 35 + drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c | 20 drivers/media/platform/rockchip/rkisp1/rkisp1-resizer.c | 38 - drivers/media/usb/stk1160/stk1160-video.c | 5 drivers/media/usb/uvc/uvc_driver.c | 18 drivers/mfd/Kconfig | 1 drivers/misc/lis3lv02d/lis3lv02d_i2c.c | 1 drivers/net/bonding/bond_alb.c | 3 drivers/net/dsa/mt7530.c | 3 drivers/net/dsa/mv88e6xxx/chip.h | 4 drivers/net/dsa/mv88e6xxx/serdes.c | 10 drivers/net/dsa/mv88e6xxx/serdes.h | 8 drivers/net/dsa/qca/qca8k-8xxx.c | 24 drivers/net/ethernet/amd/pds_core/adminq.c | 64 +- drivers/net/ethernet/amd/pds_core/core.c | 52 +- drivers/net/ethernet/amd/pds_core/core.h | 6 drivers/net/ethernet/amd/pds_core/debugfs.c | 4 drivers/net/ethernet/amd/pds_core/dev.c | 16 drivers/net/ethernet/amd/pds_core/devlink.c | 3 drivers/net/ethernet/amd/pds_core/fw.c | 3 drivers/net/ethernet/amd/pds_core/main.c | 74 ++ drivers/net/ethernet/aquantia/atlantic/aq_ptp.c | 28 - drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 61 -- drivers/net/ethernet/aquantia/atlantic/aq_ring.h | 22 drivers/net/ethernet/aquantia/atlantic/aq_vec.c | 23 drivers/net/ethernet/google/gve/gve_rx.c | 8 drivers/net/ethernet/intel/e1000e/e1000.h | 20 drivers/net/ethernet/intel/e1000e/ptp.c | 22 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 32 + drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 drivers/net/ethernet/intel/ice/ice_adminq_cmd.h | 18 drivers/net/ethernet/intel/ice/ice_lib.c | 7 drivers/net/ethernet/intel/ice/ice_virtchnl.c | 12 drivers/net/ethernet/intel/ice/ice_vsi_vlan_lib.c | 16 drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c | 36 - drivers/net/ethernet/intel/ixgbe/ixgbe_82599.c | 61 +- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 145 ++--- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 42 - drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c | 34 - drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 1 drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 105 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_phy.h | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 43 - drivers/net/ethernet/intel/ixgbe/ixgbe_x540.c | 44 - drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 149 +++-- drivers/net/ethernet/marvell/mvmdio.c | 53 -- drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c | 13 drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c | 1 drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c | 3 drivers/net/ethernet/marvell/octeontx2/nic/otx2_txrx.c | 7 drivers/net/ethernet/mediatek/mtk_eth_soc.c | 5 drivers/net/ethernet/microchip/lan966x/lan966x_port.c | 5 drivers/net/ethernet/pensando/ionic/ionic_bus_pci.c | 4 drivers/net/ethernet/pensando/ionic/ionic_dev.c | 1 drivers/net/ethernet/pensando/ionic/ionic_dev.h | 1 drivers/net/ethernet/pensando/ionic/ionic_lif.c | 3 drivers/net/ethernet/pensando/ionic/ionic_main.c | 22 drivers/net/phy/at803x.c | 6 drivers/net/phy/mediatek-ge-soc.c | 147 +++-- drivers/net/phy/micrel.c | 6 drivers/net/usb/ax88179_178a.c | 2 drivers/net/virtio_net.c | 9 drivers/net/wireless/ath/ath11k/pcic.c | 4 drivers/net/wireless/ath/ath12k/hal.c | 4 drivers/net/wireless/ath/ath12k/hw.c | 3 drivers/net/wireless/ath/ath12k/mac.c | 4 drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 5 drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c | 2 drivers/net/wireless/mediatek/mt76/mt7996/pci.c | 8 drivers/net/wireless/ralink/rt2x00/rt2800lib.c | 2 drivers/net/wireless/ralink/rt2x00/rt2x00dev.c | 3 drivers/net/wireless/ralink/rt2x00/rt2x00mac.c | 11 drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 12 drivers/net/wireless/realtek/rtlwifi/rtl8723ae/phy.c | 6 drivers/net/wireless/realtek/rtlwifi/rtl8723be/phy.c | 4 drivers/net/wireless/realtek/rtw89/coex.c | 4 drivers/net/wireless/realtek/rtw89/core.c | 2 drivers/net/wireless/realtek/rtw89/core.h | 12 drivers/net/wireless/realtek/rtw89/fw.c | 17 drivers/net/wireless/realtek/rtw89/mac.c | 29 - drivers/net/wireless/realtek/rtw89/mac.h | 1 drivers/net/wireless/realtek/rtw89/mac80211.c | 3 drivers/net/wireless/silabs/wfx/sta.c | 42 - drivers/pci/pci.h | 2 drivers/pci/pcie/aer.c | 9 drivers/pci/quirks.c | 24 drivers/pci/switch/switchtec.c | 25 drivers/perf/arm_pmuv3.c | 6 drivers/pinctrl/intel/pinctrl-baytrail.c | 3 drivers/pnp/pnpacpi/rsparser.c | 12 drivers/regulator/core.c | 56 +- drivers/regulator/ti-abb-regulator.c | 22 drivers/s390/crypto/vfio_ap_ops.c | 16 drivers/scsi/arcmsr/arcmsr.h | 4 drivers/scsi/arcmsr/arcmsr_hba.c | 6 drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 10 drivers/scsi/isci/request.c | 2 drivers/scsi/libfc/fc_fcp.c | 18 drivers/scsi/lpfc/lpfc.h | 1 drivers/scsi/lpfc/lpfc_els.c | 14 drivers/scsi/lpfc/lpfc_init.c | 4 drivers/scsi/lpfc/lpfc_vmid.c | 1 drivers/scsi/mpi3mr/mpi3mr_fw.c | 3 drivers/scsi/mpi3mr/mpi3mr_os.c | 13 drivers/scsi/scsi_error.c | 8 drivers/scsi/scsi_lib.c | 2 drivers/scsi/scsi_priv.h | 2 drivers/soc/xilinx/xlnx_event_manager.c | 7 drivers/spmi/spmi-mtk-pmif.c | 7 drivers/thermal/thermal_core.c | 30 - drivers/tty/tty_ioctl.c | 4 drivers/usb/core/hub.c | 33 + drivers/usb/host/xhci-plat.c | 23 drivers/watchdog/it87_wdt.c | 14 drivers/watchdog/starfive-wdt.c | 2 drivers/xen/gntdev-dmabuf.c | 50 - fs/9p/v9fs_vfs.h | 1 fs/9p/vfs_inode.c | 6 fs/9p/vfs_inode_dotl.c | 1 fs/afs/callback.c | 3 fs/afs/server.c | 7 fs/ceph/caps.c | 9 fs/ceph/mds_client.c | 2 fs/ceph/quota.c | 39 - fs/dcache.c | 7 fs/ecryptfs/inode.c | 8 fs/erofs/zdata.c | 2 fs/erofs/zmap.c | 32 - fs/ext4/extents.c | 6 fs/ext4/mballoc.c | 11 fs/ext4/resize.c | 37 - fs/f2fs/compress.c | 4 fs/f2fs/file.c | 2 fs/f2fs/recovery.c | 25 fs/jfs/jfs_dmap.c | 57 +- fs/jfs/jfs_dtree.c | 7 fs/jfs/jfs_imap.c | 3 fs/jfs/jfs_mount.c | 6 fs/kernfs/dir.c | 12 fs/proc/proc_sysctl.c | 9 fs/pstore/ram.c | 1 fs/reiserfs/namei.c | 54 +- fs/smb/client/cifsglob.h | 30 - fs/smb/client/cifsproto.h | 15 fs/smb/client/cifssmb.c | 17 fs/smb/client/inode.c | 3 fs/smb/client/link.c | 4 fs/smb/client/smb2inode.c | 55 +- fs/smb/client/smb2proto.h | 16 include/asm-generic/numa.h | 2 include/asm-generic/unaligned.h | 24 include/drm/drm_color_mgmt.h | 1 include/drm/drm_mipi_dsi.h | 2 include/linux/irq_work.h | 3 include/linux/minmax.h | 129 ++--- include/linux/mmzone.h | 6 include/linux/pci_ids.h | 1 include/linux/thermal.h | 2 include/net/af_unix.h | 20 include/net/ip.h | 2 include/net/netfilter/nf_tables.h | 2 kernel/audit.c | 31 - kernel/bpf/arraymap.c | 23 kernel/bpf/helpers.c | 13 kernel/bpf/syscall.c | 6 kernel/events/core.c | 38 + lib/debugobjects.c | 200 +++---- lib/kunit/executor.c | 4 lib/kunit/test.c | 14 net/bluetooth/hci_sync.c | 10 net/bluetooth/iso.c | 51 +- net/bluetooth/l2cap_core.c | 3 net/bpf/test_run.c | 2 net/bridge/br_cfm_netlink.c | 2 net/bridge/br_multicast.c | 20 net/bridge/br_private.h | 4 net/devlink/port.c | 2 net/ipv4/ip_output.c | 12 net/ipv4/ip_sockglue.c | 6 net/ipv4/ipmr.c | 2 net/ipv4/raw.c | 2 net/ipv4/tcp.c | 12 net/ipv4/udp.c | 2 net/ipv6/addrconf_core.c | 21 net/ipv6/ip6_tunnel.c | 21 net/kcm/kcmsock.c | 2 net/llc/af_llc.c | 2 net/netfilter/nf_conntrack_proto_tcp.c | 10 net/netfilter/nf_log.c | 7 net/netfilter/nf_tables_api.c | 14 net/netfilter/nft_ct.c | 24 net/netfilter/nft_tunnel.c | 1 net/rxrpc/conn_service.c | 3 net/smc/smc_clc.c | 14 net/sunrpc/xprtmultipath.c | 17 net/unix/af_unix.c | 14 net/unix/diag.c | 2 net/wireless/scan.c | 4 sound/hda/hdac_stream.c | 9 sound/hda/intel-dsp-config.c | 10 sound/pci/hda/hda_intel.c | 2 sound/pci/hda/patch_conexant.c | 115 ++++ sound/soc/amd/acp-config.c | 15 sound/soc/codecs/lpass-wsa-macro.c | 7 sound/soc/codecs/wcd938x.c | 2 sound/soc/codecs/wsa883x.c | 6 sound/soc/qcom/sc8280xp.c | 12 tools/build/feature/test-libopencsd.c | 4 tools/lib/bpf/libbpf.c | 2 tools/lib/bpf/libbpf_common.h | 13 tools/lib/subcmd/help.c | 18 tools/testing/kunit/kunit_parser.py | 4 tools/testing/selftests/bpf/cgroup_helpers.c | 18 tools/testing/selftests/bpf/prog_tests/btf.c | 6 tools/testing/selftests/bpf/prog_tests/tc_opts.c | 6 tools/testing/selftests/bpf/progs/pyperf180.c | 22 tools/testing/selftests/bpf/progs/test_global_func17.c | 1 tools/testing/selftests/bpf/veristat.c | 2 tools/testing/selftests/bpf/xdp_hw_metadata.c | 2 tools/testing/selftests/drivers/net/bonding/lag_lib.sh | 11 tools/testing/selftests/drivers/net/team/config | 4 tools/testing/selftests/net/Makefile | 5 tools/testing/selftests/net/config | 16 tools/testing/selftests/net/pmtu.sh | 18 tools/testing/selftests/net/setup_veth.sh | 2 tools/testing/selftests/net/udpgro.sh | 4 tools/testing/selftests/net/udpgro_bench.sh | 4 tools/testing/selftests/net/udpgro_frglist.sh | 6 tools/testing/selftests/net/udpgro_fwd.sh | 8 tools/testing/selftests/net/veth.sh | 4 tools/testing/selftests/net/xdp_dummy.c | 13 tools/testing/selftests/nolibc/nolibc-test.c | 4 tools/testing/selftests/sgx/test_encl.lds | 6 448 files changed, 4444 insertions(+), 2856 deletions(-) Abhinav Kumar (1): drm/msm/dpu: fix writeback programming for YUV cases Adrian Reber (1): tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE Ahmed Zaki (1): ice: fix ICE_AQ_VSI_Q_OPT_RSS_* register values Al Viro (1): fast_dput(): handle underflows gracefully Alex Deucher (2): drm/amdgpu: apply the RV2 system aperture fix to RN/CZN as well drm/amdgpu: fix avg vs input power reporting on smu7 Alex Lyakas (1): md: Whenassemble the array, consult the superblock of the freshest device Alexander Gordeev (1): s390/boot: always align vmalloc area on segment boundary Alexander Stein (4): ARM: dts: imx7d: Fix coresight funnel ports ARM: dts: imx7s: Fix lcdif compatible ARM: dts: imx7s: Fix nand-controller #size-cells clk: imx: clk-imx8qxp: fix LVDS bypass, pixel and phy clocks Alexandre Ghiti (1): riscv: Fix build error on rv32 + XIP Alvin Lee (3): drm/amd/display: For prefetch mode > 0, extend prefetch if possible drm/amd/display: Force p-state disallow if leaving no plane config drm/amd/display: Only clear symclk otg flag for HDMI Andrii Nakryiko (3): selftests/bpf: fix RELEASE=1 build for tc_opts selftests/bpf: satisfy compiler by having explicit return in btf test selftests/bpf: fix compiler warnings in RELEASE=1 mode Andrii Staikov (1): i40e: Fix VF disable behavior to block all traffic Andrzej Hajda (1): debugobjects: Stop accessing objects after releasing hash bucket lock Andy Shevchenko (3): minmax: deduplicate __unconst_integer_typeof() minmax: fix header inclusions pinctrl: baytrail: Fix types of config value in byt_pin_config_set() Anna Schumaker (1): SUNRPC: Fix a suspicious RCU usage warning Anton Ivanov (1): um: Fix naming clash between UML and scheduler Arnd Bergmann (1): arch: consolidate arch_irq_work_raise prototypes Baochen Qiang (1): wifi: ath11k: fix race due to setting ATH11K_FLAG_EXT_IRQ_ENABLED too early Baokun Li (3): ext4: unify the type of flexbg_size to unsigned int ext4: remove unnecessary check from alloc_flex_gd() ext4: avoid online resizing failures due to oversized flex bg Ben Dooks (1): watchdog: starfive: add lock annotations to fix context imbalances Benjamin Berg (2): wifi: cfg80211: free beacon_ies when overridden from hidden BSS um: Don't use vfprintf() for os_info() Benjamin Gray (1): Documentation/sphinx: fix Python string escapes Benjamin Poirier (2): selftests: team: Add missing config options selftests: bonding: Check initial state Bharat Bhushan (1): crypto: octeontx2 - Fix cptvf driver cleanup Bjorn Helgaas (1): PCI/AER: Decode Requester ID when no error info found Breno Leitao (1): net: sysfs: Fix /sys/class/net/<iface> path Brett Creeley (6): pds_core: Cancel AQ work on teardown pds_core: Use struct pdsc for the pdsc_adminq_isr private data pds_core: Prevent race issues involving the adminq pds_core: Clear BARs on reset pds_core: Rework teardown/setup flow to be more common pds_core: Prevent health thread from running during reset/remove Chao Yu (2): f2fs: fix to check return value of f2fs_reserve_new_block() f2fs: fix to tag gcing flag on page during block migration Chih-Kang Chang (1): wifi: rtw89: fix misbehavior of TX beacon in concurrent mode Ching-Te Ku (1): wifi: rtw89: coex: Fix wrong Wi-Fi role info and FDDT parameter members Chris Riches (1): audit: Send netlink ACK before setting connection in auditd_set Christian Marangi (1): net: phy: at803x: fix passing the wrong reference for config_intr Christoph Hellwig (1): block: prevent an integer overflow in bvec_try_merge_hw_page Christophe JAILLET (1): ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() Chunyan Zhang (2): arm64: dts: sprd: Add clock reference for pll2 on UMS512 arm64: dts: sprd: Change UMS512 idle-state nodename to match bindings Cristian Ciocaltea (1): ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Daniel Golle (3): net: ethernet: mtk_eth_soc: set DMA coherent mask to get PPE working net: phy: mediatek-ge-soc: sync driver with MediaTek SDK net: dsa: mt7530: fix 10M/100M speed on MT7988 switch Daniel Stodden (1): PCI: switchtec: Fix stdev_release() crash after surprise hot remove Daniel Vacek (1): IB/ipoib: Fix mcast list locking David Howells (1): 9p: Fix initialisation of netfs_inode for 9p David Laight (5): minmax: add umin(a, b) and umax(a, b) minmax: allow min()/max()/clamp() if the arguments have the same signedness. minmax: fix indentation of __cmp_once() and __clamp_once() minmax: allow comparisons of 'int' against 'unsigned char/short' minmax: relax check to allow comparison between unsigned arguments and signed constants Dmitry Antipov (3): PNP: ACPI: fix fortify warning wifi: rtw89: fix timeout calculation in rtw89_roc_end() wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() Dmitry Baryshkov (5): ARM: dts: qcom: strip prefix from PMIC files ARM: dts: qcom: mdm9615: fix PMIC node labels ARM: dts: qcom: msm8660: fix PMIC node labels drm/msm/dpu: enable writeback on SM8350 drm/msm/dpu: enable writeback on SM8450 Dmitry Torokhov (1): asm-generic: make sparse happy with odd-sized put_unaligned_*() Douglas Anderson (1): drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time Edward Adam Davis (3): jfs: fix uaf in jfs_evict_inode jfs: fix array-index-out-of-bounds in diNewExt wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Eric Dumazet (4): ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() tcp: add sanity checks to rx zerocopy llc: call sock_orphan() at release time af_unix: fix lockdep positive in sk_diag_dump_icons() Fabio Estevam (9): ARM: dts: imx25/27-eukrea: Fix RTC node name ARM: dts: imx: Use flash@0,0 pattern ARM: dts: imx27: Fix sram node ARM: dts: imx1: Fix sram node ARM: dts: imx25: Fix the iim compatible string ARM: dts: imx25/27: Pass timing0 ARM: dts: imx27-apf27dev: Fix LED name ARM: dts: imx23-sansa: Use preferred i2c-gpios properties ARM: dts: imx23/28: Fix the DMA controller node name Felix Kuehling (2): drm/amdgpu: Let KFD sync with VM fences drm/amdkfd: Fix lock dependency warning Frederik Haxel (1): riscv: Make XIP bootable again Frédéric Danis (1): Bluetooth: L2CAP: Fix possible multiple reject send Gabriel Krisman Bertazi (1): ecryptfs: Reject casefold directory inodes Gao Xiang (2): erofs: fix up compacted indexes for block size < 4096 erofs: fix ztailpacking for subpage compressed blocks Geetha sowjanya (1): octeontx2-pf: Remove xdp queues on program detach Ghanshyam Agrawal (1): media: stk1160: Fixed high volume of stk1160_dbg messages Greg KH (1): perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file Greg Kroah-Hartman (1): Linux 6.6.16 Guilherme G. Piccoli (1): PCI: Only override AMD USB controller if required Gustavo A. R. Silva (1): crypto: p10-aes-gcm - Avoid -Wstringop-overflow warnings Hannes Reinecke (2): scsi: libfc: Don't schedule abort twice scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hans de Goede (1): misc: lis3lv02d_i2c: Add missing setting of the reg_ctrl callback Hardik Gajjar (2): usb: hub: Replace hardcoded quirk value with BIT() macro usb: hub: Add quirk to decrease IN-ep poll interval for Microchip USB491x hub HariBabu Gattem (1): soc: xilinx: Fix for call trace due to the usage of smp_processor_id() Harshit Shah (1): i3c: master: cdns: Update maximum prescaler value for i2c clock Heiko Carstens (2): s390/ptrace: handle setting of fpc register correctly KVM: s390: fix setting of fpc register Heiner Kallweit (1): leds: trigger: panic: Don't register panic notifier if creating the trigger failed Helge Deller (1): ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Horatiu Vultur (1): net: lan966x: Fix port configuration when using SGMII interface Hou Tao (3): bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers bpf: Set need_defer as false when clearing fd array during map free bpf: Set uattr->batch.count as zero before batched update or deletion Hsin-Yi Wang (1): drm/panel-edp: Add override_edid_mode quirk for generic edp Huacai Chen (1): LoongArch/smp: Call rcutree_report_cpu_starting() at tlb_init() Huang Shijie (2): arm64: irq: set the correct node for VMAP stack arm64: irq: set the correct node for shadow call stack Ian Rogers (1): libsubcmd: Fix memory leak in uniq() Ido Schimmel (2): PCI: Add no PM reset quirk for NVIDIA Spectrum devices selftests: net: Add missing matchall classifier Igor Russkikh (1): net: atlantic: eliminate double free in error handling logic Ilpo Järvinen (1): PCI: Fix 64GT/s effective data rate calculation Ilya Bakoulin (1): drm/amd/display: Fix MST PBN/X.Y value calculations Iulia Tanasescu (1): Bluetooth: ISO: Avoid creating child socket if PA sync is terminating Ivan Lipski (1): Re-revert "drm/amd/display: Enable Replay for static screen use cases" Jack Wang (1): RDMA/IPoIB: Fix error code return in ipoib_mcast_join Jacob Keller (1): e1000e: correct maximum frequency adjustment values Jaegeuk Kim (1): f2fs: fix write pointers on zoned device after roll forward Jakub Kicinski (2): selftests: net: add missing config for nftables-backed iptables selftests: net: add missing config for NF_TARGET_TTL James Clark (1): perf cs-etm: Bump minimum OpenCSD version to ensure a bugfix is present James Seo (1): hwmon: (hp-wmi-sensors) Fix failure to load on EliteDesk 800 G6 Jan Kara (1): reiserfs: Avoid touching renamed directory if parent does not change Jedrzej Jagielski (2): ixgbe: Refactor returning internal error codes ixgbe: Refactor overtemp event handling Jesse Brandeburg (1): ice: fix pre-shifted bit usage Jia Jie Ho (2): hwrng: starfive - Fix dev_err_probe return error crypto: starfive - Fix dev_err_probe return error Jo Van Bulck (1): selftests/sgx: Fix linker script asserts Joel Granados (1): sysctl: Fix out of bounds access for empty sysctl registers Johan Hovold (4): ASoC: qcom: sc8280xp: limit speaker volumes ASoC: codecs: wcd938x: fix headphones volume controls ASoC: codecs: lpass-wsa-macro: fix compander volume hack ASoC: codecs: wsa883x: fix PA volume control Johan Jonker (1): ARM: dts: rockchip: fix rk3036 hdmi ports node Johannes Berg (1): um: time-travel: fix time corruption Jonathan Gray (1): Revert "drm/amd/display: Disable PSR-SU on Parade 0803 TCON again" Jonathan Kim (2): drm/amdkfd: fix mes set shader debugger process management drm/amdkfd: only flush mes process context if mes support is there Jose Ignacio Tornos Martinez (1): net: usb: ax88179_178a: avoid two consecutive device resets Josip Pavic (1): drm/amd/display: make flip_timestamp_in_us a 64-bit variable Jun'ichi Nomura (1): x86/boot: Ignore NMIs during very early boot Justin Tee (3): scsi: lpfc: Fix possible file string name overflow when updating firmware scsi: lpfc: Reinitialize an NPIV's VMID data structures after FDISC scsi: lpfc: Move determination of vmid_flag after VMID reinitialization completes Kang Yang (1): wifi: ath12k: fix and enable AP mode for WCN7850 Kees Cook (1): block/rnbd-srv: Check for unlikely string overflow Kieran Bingham (1): media: i2c: imx335: Fix hblank min/max values Konrad Dybcio (1): drm/msm/dsi: Enable runtime PM Kory Maincent (1): net: phy: micrel: fix ts_info value in case of no phc Krzysztof Kozlowski (2): ARM: dts: samsung: exynos4: fix camera unit addresses/ranges ARM: dts: samsung: s5pv210: fix camera unit addresses/ranges Kuan-Wei Chiu (2): clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() Kunwu Chan (1): powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Laurent Pinchart (1): media: rkisp1: resizer: Stop manual allocation of v4l2_subdev_state Lin Ma (1): bridge: cfm: fix enum typo in br_cc_ccm_tx_parse Lingbo Kong (1): wifi: ath12k: fix the issue that the multicast/broadcast indicator is not read correctly for WCN7850 Linus Lüssing (1): bridge: mcast: fix disabled snooping after long uptime Manas Ghandat (2): jfs: fix slab-out-of-bounds Read in dtSearch jfs: fix array-index-out-of-bounds in dbAdjTree Mao Jinlong (3): arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property arm64: dts: qcom: Fix coresight warnings in in-ports and out-ports Marco Elver (1): mm, kmsan: fix infinite recursion due to RCU critical section Marco Pagani (1): kunit: run test suites only after module initialization completes Mark Rutland (1): drivers/perf: pmuv3: don't expose SW_INCR event in sysfs Matthias May (1): selftests: net: add missing config for GENEVE Max Kellermann (1): fs/kernfs/dir: obey S_ISGID Meenakshikumar Somasundaram (2): drm/amd/display: Fix tiled display misalignment drm/amd/display: Fix minor issues in BW Allocation Phase2 MeiChia Chiu (1): wifi: mt76: connac: fix EHT phy mode check Michael Ellerman (3): powerpc: Fix build error due to is_valid_bugaddr() powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping() Michael Tretter (1): media: rockchip: rga: fix swizzling for RGB formats Michal Simek (2): arm64: zynqmp: Move fixed clock to / for kv260 arm64: zynqmp: Fix clock node name in kv260 cards Michal Vokáč (1): net: dsa: qca8k: fix illegal usage of GPIO Mina Almasry (1): net: kcm: fix direct access to bv_len Ming Lei (2): blk-mq: fix IO hang from sbitmap wakeup race scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler Ming Qian (1): media: amphion: remove mutext lock in condition of wait_event Mingyi Zhang (1): libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos Minsuk Kang (1): wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Mukesh Ojha (1): PM / devfreq: Synchronize devfreq_monitor_[start/stop] Nathan Chancellor (1): um: net: Fix return type of uml_net_start_xmit() Naveen N Rao (1): powerpc/lib: Validate size for vector operations Neil Armstrong (3): arm64: dts: qcom: sm8550: fix soundwire controllers node name arm64: dts: qcom: sm8450: fix soundwire controllers node name drm/msm/dp: Add DisplayPort controller for SM8650 Nia Espera (1): arm64: dts: qcom: sm8350: Fix remoteproc interrupt type Nicolas Dichtel (1): ipmr: fix kernel panic when forwarding mcast packets Oded Gabbay (1): accel/habanalabs: add support for Gaudi2C device Ojaswin Mujoo (1): ext4: treat end of range as exclusive in ext4_zero_range() Oleg Nesterov (3): afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleksandr Tyshchenko (1): xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import Osama Muhammad (2): FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree UBSAN: array-index-out-of-bounds in dtSplitRoot Pablo Neira Ayuso (3): netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations Paolo Abeni (9): selftests: net: remove dependency on ebpf tests selftests: net: explicitly wait for listener ready selftests: net: add missing config for big tcp tests selftests: net: add missing required classifier selftests: net: give more time for GRO aggregation selftests: net: add missing config for pmtu.sh tests selftests: net: fix available tunnels detection selftests: net: don't access /dev/stdout in pmtu.sh selftests: net: enable some more knobs Parav Pandit (1): devlink: Fix referring to hw_addr attribute during state validation Paulo Alcantara (2): smb: client: fix renaming of reparse points smb: client: fix hardlinking of reparse points Peter Robinson (1): mfd: ti_am335x_tscadc: Fix TI SoC dependencies Peter Zijlstra (1): perf: Fix the nr_addr_filters fix Philip Yang (1): drm/amdkfd: Fix lock dependency warning with srcu Pierre-Louis Bossart (3): PCI: add INTEL_HDA_ARL to pci_ids.h ALSA: hda: Intel: add HDA_ARL PCI ID support ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL Prarit Bhargava (1): ACPI: extlog: fix NULL pointer dereference check Praveen Kaligineedi (1): gve: Fix skb truesize underestimation Rae Moar (1): kunit: tool: fix parsing of test attributes Rafael J. Wysocki (1): thermal: core: Fix thermal zone suspend-resume synchronization Ricardo Ribalda (2): media: uvcvideo: Fix power line control for a Chicony camera media: uvcvideo: Fix power line control for SunplusIT camera Rob Clark (1): drm/msm/dpu: Ratelimit framedone timeout msgs Romain Naour (1): regulator: ti-abb: don't use devm_platform_ioremap_resource_byname for shared interrupt register Rui Zhang (1): regulator: core: Only increment use_count when enable_count changes Ryan Schaefer (1): netfilter: conntrack: correct window scaling with retransmitted SYN Shannon Nelson (3): ionic: pass opcode to devcmd_wait ionic: bypass firmware cmds when stuck in reset pds_core: implement pci reset handlers Shiji Yang (2): wifi: rt2x00: restart beacon queue when hardware reset wifi: rt2x00: correct wrong BBP register in RxDCOC calibration Shuai Xue (1): ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events Srinivasan Shanmugam (8): drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' Stanley.Yang (1): drm/amdgpu: Fix ecc irq enable/disable unpaired StanleyYP Wang (1): wifi: mt76: mt7996: add PCI IDs for mt7992 Stephen Rothwell (2): powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE drm: using mul_u32_u32() requires linux/math64.h Su Hui (4): wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() media: ddbridge: fix an error code problem in ddb_probe scsi: isci: Fix an error code problem in isci_io_request_build() HID: hidraw: fix a problem of memory leak in hidraw_release() Suman Ghosh (1): octeontx2-af: Fix max NPC MCAM entry check while validating ref_entry Sumit Saxena (2): scsi: mpi3mr: Add support for SAS5116 PCI IDs scsi: mpi3mr: Add PCI checks where SAS5116 diverges from SAS4116 Takashi Iwai (1): ALSA: hda: Refer to correct stream index at loops Tanmay Shah (1): soc: xilinx: fix unhandled SGI warning message Thomas Bourgoin (1): crypto: stm32/crc32 - fix parsing list of devices Thomas Weißschuh (1): selftests/nolibc: fix testcase status alignment Tim Lunn (1): i2c: rk3x: Adjust mask/value offset for i2c2 on rv1126 Tobias Waldekranz (2): net: mvmdio: Avoid excessive sleeps in polled mode net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error path Tomi Valkeinen (7): drm/drm_file: fix use of uninitialized variable drm/framebuffer: Fix use of uninitialized variable drm/mipi-dsi: Fix detach call without attach media: rkisp1: Drop IRQF_SHARED media: rkisp1: Fix IRQ handler return values media: rkisp1: Store IRQ lines media: rkisp1: Fix IRQ disable race issue Tony Krowiak (1): s390/vfio-ap: fix sysfs status attribute for AP queue devices Venkata Prasad Potturu (1): ASoC: amd: Add new dmi entries for acp5x platform Venky Shankar (1): ceph: reinitialize mds feature bit even when session in open Vladimir Oltean (1): net: dsa: qca8k: put MDIO bus OF node on qca8k_mdio_register() failure Wang, Beyond (1): drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap Weichen Chen (1): pstore/ram: Fix crash when setting number of cpus to an odd number Wen Gu (1): net/smc: disable SEID on non-s390 archs where virtual ISM may be used Wenchao Hao (1): ceph: fix invalid pointer access if get_quota_realm return ERR_PTR Werner Fischer (1): watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 Xianwei Zhao (1): arm64: dts: amlogic: fix format for s4 uart node Xiaowu.ding (1): mailbox: arm_mhuv2: Fix a bug for mhuv2_sender_interrupt Xin Ji (1): drm/bridge: anx7625: Fix Set HPD irq detect window to 2ms Xing Tong Wu (1): hwmon: (nct6775) Fix fan speed set failure in automatic mode Xiubo Li (1): ceph: fix deadlock or deadcode of misusing dget() Yafang Shao (1): selftests/bpf: Fix issues in setup_classid_environment() Yaxiong Tian (1): extcon: fix possible name leak in extcon_dev_register() Ye Bin (1): ext4: fix inconsistent between segment fstrim and full fstrim Yihang Li (1): scsi: hisi_sas: Set .phy_attached before notifing phyup event HISI_PHYE_PHY_UP_PM Yinbo Zhu (1): usb: xhci-plat: fix usb disconnect issue after s4 Yonghong Song (4): libbpf: Fix potential uninitialized tail padding with LIBBPF_OPTS_RESET selftests/bpf: Fix pyperf180 compilation failure with clang18 bpf: Fix a few selftest failures due to llvm18 change selftests/bpf: Remove flaky test_btf_id test Yu-Che Cheng (1): spmi: mediatek: Fix UAF on device remove Yuluo Qiu (1): ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Yuntao Wang (1): ACPI: NUMA: Fix the logic of getting the fake_pxm value Zenm Chen (1): wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Zhengchao Shao (2): bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk bonding: remove print in bond_verify_device_path Zhipeng Lu (1): net: ipv4: fix a memleak in ip_setup_cork Zhiquan Li (1): x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel Zhu Yanjun (1): virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings Zijun Hu (1): Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066 bo liu (1): ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 ching Huang (1): scsi: arcmsr: Support new PCI device IDs 1883 and 1886 clancy shang (1): Bluetooth: hci_sync: fix BR/EDR wakeup bug

1 year, 7 months

1
1
0 0

Linux 6.1.77

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.77 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-class-net-queues | 22 - Documentation/sound/soc/dapm.rst | 2 Makefile | 2 arch/arm/boot/dts/imx1-ads.dts | 2 arch/arm/boot/dts/imx1-apf9328.dts | 2 arch/arm/boot/dts/imx1.dtsi | 5 arch/arm/boot/dts/imx23-sansa.dts | 12 arch/arm/boot/dts/imx23.dtsi | 2 arch/arm/boot/dts/imx25-eukrea-cpuimx25.dtsi | 2 arch/arm/boot/dts/imx25-eukrea-mbimxsd25-baseboard-cmo-qvga.dts | 2 arch/arm/boot/dts/imx25-eukrea-mbimxsd25-baseboard-dvi-svga.dts | 2 arch/arm/boot/dts/imx25-eukrea-mbimxsd25-baseboard-dvi-vga.dts | 2 arch/arm/boot/dts/imx25-pdk.dts | 2 arch/arm/boot/dts/imx25.dtsi | 2 arch/arm/boot/dts/imx27-apf27dev.dts | 4 arch/arm/boot/dts/imx27-eukrea-cpuimx27.dtsi | 4 arch/arm/boot/dts/imx27-eukrea-mbimxsd27-baseboard.dts | 2 arch/arm/boot/dts/imx27-phytec-phycard-s-rdk.dts | 2 arch/arm/boot/dts/imx27-phytec-phycore-rdk.dts | 2 arch/arm/boot/dts/imx27-phytec-phycore-som.dtsi | 2 arch/arm/boot/dts/imx27.dtsi | 3 arch/arm/boot/dts/imx28.dtsi | 2 arch/arm/boot/dts/imx7d.dtsi | 3 arch/arm/boot/dts/imx7s.dtsi | 10 arch/arm/boot/dts/rk3036.dtsi | 14 arch/arm/include/asm/irq_work.h | 2 arch/arm64/boot/dts/amlogic/meson-s4-s805x2-aq222.dts | 4 arch/arm64/boot/dts/amlogic/meson-s4.dtsi | 4 arch/arm64/boot/dts/qcom/msm8996.dtsi | 21 + arch/arm64/boot/dts/qcom/msm8998.dtsi | 32 + arch/arm64/include/asm/irq_work.h | 2 arch/arm64/kernel/irq.c | 7 arch/arm64/kernel/perf_event.c | 6 arch/csky/include/asm/irq_work.h | 2 arch/loongarch/kernel/smp.c | 1 arch/loongarch/mm/tlb.c | 16 arch/powerpc/include/asm/irq_work.h | 1 arch/powerpc/include/asm/mmu.h | 4 arch/powerpc/include/asm/mmzone.h | 8 arch/powerpc/kernel/traps.c | 2 arch/powerpc/lib/sstep.c | 10 arch/powerpc/mm/book3s64/pgtable.c | 2 arch/powerpc/mm/init-common.c | 5 arch/powerpc/mm/mmu_decl.h | 5 arch/riscv/include/asm/irq_work.h | 2 arch/s390/include/asm/irq_work.h | 2 arch/s390/kernel/ptrace.c | 6 arch/s390/kvm/kvm-s390.c | 5 arch/um/drivers/net_kern.c | 2 arch/um/include/shared/kern_util.h | 2 arch/um/kernel/process.c | 2 arch/um/kernel/time.c | 32 + arch/um/os-Linux/helper.c | 6 arch/um/os-Linux/util.c | 19 arch/x86/boot/compressed/ident_map_64.c | 5 arch/x86/boot/compressed/idt_64.c | 1 arch/x86/boot/compressed/idt_handlers_64.S | 1 arch/x86/boot/compressed/misc.h | 1 arch/x86/include/asm/irq_work.h | 1 arch/x86/include/asm/kmsan.h | 17 arch/x86/kernel/cpu/mce/core.c | 16 block/bio.c | 2 block/blk-mq.c | 16 drivers/acpi/acpi_extlog.c | 5 drivers/acpi/acpi_video.c | 9 drivers/acpi/apei/ghes.c | 29 + drivers/acpi/numa/srat.c | 4 drivers/base/arch_numa.c | 2 drivers/block/rnbd/rnbd-srv.c | 19 drivers/bluetooth/hci_qca.c | 1 drivers/clk/hisilicon/clk-hi3620.c | 4 drivers/clk/imx/clk-imx8qxp.c | 24 + drivers/clk/mmp/clk-of-pxa168.c | 3 drivers/crypto/marvell/octeontx2/otx2_cptlf.c | 6 drivers/crypto/marvell/octeontx2/otx2_cptvf_main.c | 3 drivers/crypto/stm32/stm32-crc32.c | 2 drivers/devfreq/devfreq.c | 24 + drivers/gpu/drm/amd/amdgpu/aldebaran.c | 26 + drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c | 21 - drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 13 drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_sync.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.c | 6 drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 5 drivers/gpu/drm/amd/amdgpu/gmc_v6_0.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 4 drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 8 drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 42 -- drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 24 - drivers/gpu/drm/amd/display/dc/core/dc.c | 4 drivers/gpu/drm/amd/display/dc/dc_hw_types.h | 2 drivers/gpu/drm/amd/display/dc/dml/dcn32/display_mode_vba_32.c | 3 drivers/gpu/drm/amd/display/dc/dml/dcn32/display_mode_vba_util_32.c | 33 + drivers/gpu/drm/amd/display/dc/dml/dcn32/display_mode_vba_util_32.h | 1 drivers/gpu/drm/amd/display/modules/power/power_helpers.c | 2 drivers/gpu/drm/amd/pm/powerplay/hwmgr/process_pptables_v1_0.c | 2 drivers/gpu/drm/bridge/analogix/anx7625.c | 51 +- drivers/gpu/drm/bridge/analogix/anx7625.h | 4 drivers/gpu/drm/drm_file.c | 2 drivers/gpu/drm/drm_framebuffer.c | 2 drivers/gpu/drm/drm_mipi_dsi.c | 17 drivers/gpu/drm/exynos/exynos_drm_drv.c | 11 drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 5 drivers/gpu/drm/msm/disp/dpu1/dpu_hw_wb.c | 3 drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 1 drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 drivers/gpu/drm/panel/panel-edp.c | 48 ++ drivers/hid/hidraw.c | 7 drivers/hwmon/nct6775-core.c | 7 drivers/i3c/master/i3c-master-cdns.c | 7 drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 7 drivers/leds/trigger/ledtrig-panic.c | 5 drivers/mailbox/arm_mhuv2.c | 3 drivers/md/md.c | 54 ++ drivers/media/i2c/imx335.c | 4 drivers/media/pci/ddbridge/ddbridge-main.c | 2 drivers/media/platform/amphion/vpu.h | 3 drivers/media/platform/amphion/vpu_cmds.c | 28 - drivers/media/platform/amphion/vpu_v4l2.c | 1 drivers/media/platform/rockchip/rga/rga.c | 15 drivers/media/platform/rockchip/rkisp1/rkisp1-common.h | 11 drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c | 14 drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c | 35 + drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c | 20 - drivers/media/usb/stk1160/stk1160-video.c | 5 drivers/mfd/Kconfig | 1 drivers/misc/lis3lv02d/lis3lv02d_i2c.c | 1 drivers/net/bonding/bond_alb.c | 3 drivers/net/dsa/mv88e6xxx/chip.h | 4 drivers/net/dsa/mv88e6xxx/serdes.c | 10 drivers/net/dsa/mv88e6xxx/serdes.h | 8 drivers/net/dsa/qca/qca8k-8xxx.c | 24 - drivers/net/ethernet/aquantia/atlantic/aq_ptp.c | 28 - drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 61 --- drivers/net/ethernet/aquantia/atlantic/aq_ring.h | 22 - drivers/net/ethernet/aquantia/atlantic/aq_vec.c | 23 - drivers/net/ethernet/google/gve/gve_tx_dqo.c | 5 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 32 + drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 drivers/net/ethernet/intel/ice/ice_adminq_cmd.h | 18 drivers/net/ethernet/intel/ice/ice_lib.c | 7 drivers/net/ethernet/intel/ice/ice_virtchnl.c | 12 drivers/net/ethernet/intel/ice/ice_vsi_vlan_lib.c | 16 drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c | 36 - drivers/net/ethernet/intel/ixgbe/ixgbe_82599.c | 61 +-- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 145 +++---- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 42 -- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c | 34 - drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 1 drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 105 ++--- drivers/net/ethernet/intel/ixgbe/ixgbe_phy.h | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 43 -- drivers/net/ethernet/intel/ixgbe/ixgbe_x540.c | 44 +- drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 149 +++---- drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c | 13 drivers/net/ethernet/microchip/lan966x/lan966x_port.c | 5 drivers/net/ethernet/pensando/ionic/ionic_bus_pci.c | 4 drivers/net/ethernet/pensando/ionic/ionic_dev.c | 1 drivers/net/ethernet/pensando/ionic/ionic_dev.h | 1 drivers/net/ethernet/pensando/ionic/ionic_lif.c | 3 drivers/net/ethernet/pensando/ionic/ionic_main.c | 22 - drivers/net/phy/at803x.c | 6 drivers/net/usb/ax88179_178a.c | 2 drivers/net/virtio_net.c | 9 drivers/net/wireless/ath/ath11k/pcic.c | 4 drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 5 drivers/net/wireless/ralink/rt2x00/rt2800lib.c | 2 drivers/net/wireless/ralink/rt2x00/rt2x00dev.c | 3 drivers/net/wireless/ralink/rt2x00/rt2x00mac.c | 11 drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 12 drivers/net/wireless/realtek/rtlwifi/rtl8723ae/phy.c | 6 drivers/net/wireless/realtek/rtlwifi/rtl8723be/phy.c | 4 drivers/net/wireless/silabs/wfx/sta.c | 42 +- drivers/pci/pci.h | 2 drivers/pci/pcie/aer.c | 9 drivers/pci/quirks.c | 24 + drivers/pci/switch/switchtec.c | 25 - drivers/pnp/pnpacpi/rsparser.c | 12 drivers/regulator/core.c | 56 +- drivers/regulator/ti-abb-regulator.c | 22 - drivers/s390/crypto/vfio_ap_ops.c | 16 drivers/scsi/arcmsr/arcmsr.h | 4 drivers/scsi/arcmsr/arcmsr_hba.c | 6 drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 10 drivers/scsi/isci/request.c | 2 drivers/scsi/libfc/fc_fcp.c | 18 drivers/scsi/lpfc/lpfc.h | 1 drivers/scsi/lpfc/lpfc_init.c | 4 drivers/scsi/mpi3mr/mpi3mr_fw.c | 3 drivers/scsi/mpi3mr/mpi3mr_os.c | 5 drivers/scsi/scsi_error.c | 8 drivers/scsi/scsi_lib.c | 2 drivers/scsi/scsi_priv.h | 2 drivers/soc/xilinx/xlnx_event_manager.c | 7 drivers/spmi/spmi-mtk-pmif.c | 7 drivers/tty/tty_ioctl.c | 4 drivers/usb/core/hub.c | 33 + drivers/watchdog/it87_wdt.c | 14 drivers/xen/gntdev-dmabuf.c | 50 +- fs/9p/v9fs_vfs.h | 1 fs/9p/vfs_inode.c | 6 fs/9p/vfs_inode_dotl.c | 1 fs/afs/callback.c | 3 fs/afs/server.c | 7 fs/ceph/caps.c | 9 fs/ceph/mds_client.c | 2 fs/ceph/quota.c | 39 + fs/dcache.c | 7 fs/ecryptfs/inode.c | 8 fs/erofs/zdata.c | 2 fs/ext4/mballoc.c | 11 fs/ext4/resize.c | 37 + fs/f2fs/compress.c | 4 fs/f2fs/file.c | 2 fs/f2fs/recovery.c | 25 - fs/jfs/jfs_dmap.c | 57 +- fs/jfs/jfs_dtree.c | 7 fs/jfs/jfs_imap.c | 3 fs/jfs/jfs_mount.c | 6 fs/kernfs/dir.c | 12 fs/pstore/ram.c | 1 include/asm-generic/numa.h | 2 include/asm-generic/unaligned.h | 24 - include/drm/drm_color_mgmt.h | 1 include/drm/drm_mipi_dsi.h | 2 include/linux/irq_work.h | 3 include/linux/mmzone.h | 6 include/linux/pci_ids.h | 1 include/net/af_unix.h | 20 - include/net/ip.h | 2 include/net/netfilter/nf_tables.h | 2 kernel/audit.c | 31 + kernel/bpf/helpers.c | 13 kernel/bpf/syscall.c | 6 kernel/events/core.c | 38 + lib/debugobjects.c | 200 +++------- net/bluetooth/hci_sync.c | 10 net/bluetooth/l2cap_core.c | 3 net/bridge/br_cfm_netlink.c | 2 net/bridge/br_multicast.c | 20 - net/bridge/br_private.h | 4 net/ipv4/ip_output.c | 12 net/ipv4/ip_sockglue.c | 6 net/ipv4/ipmr.c | 2 net/ipv4/raw.c | 10 net/ipv4/tcp.c | 12 net/ipv4/udp.c | 2 net/ipv6/addrconf_core.c | 21 - net/ipv6/ip6_tunnel.c | 21 - net/llc/af_llc.c | 2 net/netfilter/nf_conntrack_proto_tcp.c | 10 net/netfilter/nf_log.c | 7 net/netfilter/nf_tables_api.c | 14 net/netfilter/nft_ct.c | 24 + net/netfilter/nft_tunnel.c | 1 net/rxrpc/conn_service.c | 3 net/smc/smc_clc.c | 14 net/sunrpc/xprtmultipath.c | 17 net/unix/af_unix.c | 14 net/unix/diag.c | 2 net/wireless/scan.c | 4 sound/hda/hdac_stream.c | 9 sound/pci/hda/hda_intel.c | 2 sound/pci/hda/patch_conexant.c | 115 +++++ sound/soc/amd/acp-config.c | 15 sound/soc/codecs/lpass-wsa-macro.c | 7 sound/soc/codecs/wsa883x.c | 6 tools/build/feature/test-libopencsd.c | 4 tools/lib/bpf/libbpf.c | 2 tools/lib/subcmd/help.c | 18 tools/testing/selftests/bpf/cgroup_helpers.c | 18 tools/testing/selftests/bpf/prog_tests/btf.c | 1 tools/testing/selftests/bpf/progs/pyperf180.c | 22 + tools/testing/selftests/drivers/net/bonding/lag_lib.sh | 11 tools/testing/selftests/drivers/net/team/config | 4 tools/testing/selftests/net/config | 1 tools/testing/selftests/net/pmtu.sh | 16 tools/testing/selftests/net/setup_veth.sh | 2 tools/testing/selftests/sgx/test_encl.lds | 6 286 files changed, 2318 insertions(+), 1337 deletions(-) Abhinav Kumar (1): drm/msm/dpu: fix writeback programming for YUV cases Adrian Reber (1): tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE Ahmed Zaki (1): ice: fix ICE_AQ_VSI_Q_OPT_RSS_* register values Al Viro (1): fast_dput(): handle underflows gracefully Alex Lyakas (1): md: Whenassemble the array, consult the superblock of the freshest device Alexander Stein (4): ARM: dts: imx7d: Fix coresight funnel ports ARM: dts: imx7s: Fix lcdif compatible ARM: dts: imx7s: Fix nand-controller #size-cells clk: imx: clk-imx8qxp: fix LVDS bypass, pixel and phy clocks Alvin Lee (1): drm/amd/display: For prefetch mode > 0, extend prefetch if possible Andrii Nakryiko (1): selftests/bpf: satisfy compiler by having explicit return in btf test Andrii Staikov (1): i40e: Fix VF disable behavior to block all traffic Andrzej Hajda (1): debugobjects: Stop accessing objects after releasing hash bucket lock Anna Schumaker (1): SUNRPC: Fix a suspicious RCU usage warning Anton Ivanov (1): um: Fix naming clash between UML and scheduler Arnd Bergmann (1): arch: consolidate arch_irq_work_raise prototypes Baochen Qiang (1): wifi: ath11k: fix race due to setting ATH11K_FLAG_EXT_IRQ_ENABLED too early Baokun Li (3): ext4: unify the type of flexbg_size to unsigned int ext4: remove unnecessary check from alloc_flex_gd() ext4: avoid online resizing failures due to oversized flex bg Benjamin Berg (2): wifi: cfg80211: free beacon_ies when overridden from hidden BSS um: Don't use vfprintf() for os_info() Benjamin Poirier (2): selftests: team: Add missing config options selftests: bonding: Check initial state Bharat Bhushan (1): crypto: octeontx2 - Fix cptvf driver cleanup Bjorn Helgaas (1): PCI/AER: Decode Requester ID when no error info found Breno Leitao (1): net: sysfs: Fix /sys/class/net/<iface> path Chao Yu (2): f2fs: fix to check return value of f2fs_reserve_new_block() f2fs: fix to tag gcing flag on page during block migration Chris Riches (1): audit: Send netlink ACK before setting connection in auditd_set Christian Marangi (1): net: phy: at803x: fix passing the wrong reference for config_intr Christoph Hellwig (1): block: prevent an integer overflow in bvec_try_merge_hw_page Christophe JAILLET (1): ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() Cristian Ciocaltea (1): ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Daniel Stodden (1): PCI: switchtec: Fix stdev_release() crash after surprise hot remove Daniel Vacek (1): IB/ipoib: Fix mcast list locking David Howells (1): 9p: Fix initialisation of netfs_inode for 9p Dmitry Antipov (2): PNP: ACPI: fix fortify warning wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() Dmitry Torokhov (1): asm-generic: make sparse happy with odd-sized put_unaligned_*() Douglas Anderson (1): drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time Edward Adam Davis (3): jfs: fix uaf in jfs_evict_inode jfs: fix array-index-out-of-bounds in diNewExt wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Eric Dumazet (5): ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() ipv4: raw: add drop reasons tcp: add sanity checks to rx zerocopy llc: call sock_orphan() at release time af_unix: fix lockdep positive in sk_diag_dump_icons() Fabio Estevam (9): ARM: dts: imx25/27-eukrea: Fix RTC node name ARM: dts: imx: Use flash@0,0 pattern ARM: dts: imx27: Fix sram node ARM: dts: imx1: Fix sram node ARM: dts: imx25: Fix the iim compatible string ARM: dts: imx25/27: Pass timing0 ARM: dts: imx27-apf27dev: Fix LED name ARM: dts: imx23-sansa: Use preferred i2c-gpios properties ARM: dts: imx23/28: Fix the DMA controller node name Felix Kuehling (2): drm/amdgpu: Let KFD sync with VM fences drm/amdkfd: Fix lock dependency warning Frédéric Danis (1): Bluetooth: L2CAP: Fix possible multiple reject send Gabriel Krisman Bertazi (1): ecryptfs: Reject casefold directory inodes Gao Xiang (1): erofs: fix ztailpacking for subpage compressed blocks Ghanshyam Agrawal (1): media: stk1160: Fixed high volume of stk1160_dbg messages Greg KH (1): perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file Greg Kroah-Hartman (1): Linux 6.1.77 Guilherme G. Piccoli (1): PCI: Only override AMD USB controller if required Hannes Reinecke (2): scsi: libfc: Don't schedule abort twice scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hans de Goede (1): misc: lis3lv02d_i2c: Add missing setting of the reg_ctrl callback Hardik Gajjar (2): usb: hub: Replace hardcoded quirk value with BIT() macro usb: hub: Add quirk to decrease IN-ep poll interval for Microchip USB491x hub HariBabu Gattem (1): soc: xilinx: Fix for call trace due to the usage of smp_processor_id() Harshit Shah (1): i3c: master: cdns: Update maximum prescaler value for i2c clock Heiko Carstens (2): s390/ptrace: handle setting of fpc register correctly KVM: s390: fix setting of fpc register Heiner Kallweit (1): leds: trigger: panic: Don't register panic notifier if creating the trigger failed Helge Deller (1): ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Horatiu Vultur (1): net: lan966x: Fix port configuration when using SGMII interface Hou Tao (2): bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers bpf: Set uattr->batch.count as zero before batched update or deletion Hsin-Yi Wang (1): drm/panel-edp: Add override_edid_mode quirk for generic edp Huacai Chen (1): LoongArch/smp: Call rcutree_report_cpu_starting() at tlb_init() Huang Shijie (2): arm64: irq: set the correct node for VMAP stack arm64: irq: set the correct node for shadow call stack Ian Rogers (1): libsubcmd: Fix memory leak in uniq() Ido Schimmel (1): PCI: Add no PM reset quirk for NVIDIA Spectrum devices Igor Russkikh (1): net: atlantic: eliminate double free in error handling logic Ilpo Järvinen (1): PCI: Fix 64GT/s effective data rate calculation Jack Wang (1): RDMA/IPoIB: Fix error code return in ipoib_mcast_join Jaegeuk Kim (1): f2fs: fix write pointers on zoned device after roll forward James Clark (1): perf cs-etm: Bump minimum OpenCSD version to ensure a bugfix is present Jedrzej Jagielski (2): ixgbe: Refactor returning internal error codes ixgbe: Refactor overtemp event handling Jesse Brandeburg (1): ice: fix pre-shifted bit usage Jo Van Bulck (1): selftests/sgx: Fix linker script asserts Johan Hovold (2): ASoC: codecs: lpass-wsa-macro: fix compander volume hack ASoC: codecs: wsa883x: fix PA volume control Johan Jonker (1): ARM: dts: rockchip: fix rk3036 hdmi ports node Johannes Berg (1): um: time-travel: fix time corruption Jonathan Gray (1): Revert "drm/amd/display: Disable PSR-SU on Parade 0803 TCON again" Jose Ignacio Tornos Martinez (1): net: usb: ax88179_178a: avoid two consecutive device resets Josip Pavic (1): drm/amd/display: make flip_timestamp_in_us a 64-bit variable Jun'ichi Nomura (1): x86/boot: Ignore NMIs during very early boot Justin Tee (1): scsi: lpfc: Fix possible file string name overflow when updating firmware Kees Cook (1): block/rnbd-srv: Check for unlikely string overflow Kieran Bingham (1): media: i2c: imx335: Fix hblank min/max values Konrad Dybcio (1): drm/msm/dsi: Enable runtime PM Kuan-Wei Chiu (2): clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() Kunwu Chan (1): powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Lin Ma (1): bridge: cfm: fix enum typo in br_cc_ccm_tx_parse Linus Lüssing (1): bridge: mcast: fix disabled snooping after long uptime Manas Ghandat (2): jfs: fix slab-out-of-bounds Read in dtSearch jfs: fix array-index-out-of-bounds in dbAdjTree Mao Jinlong (2): arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property Marco Elver (1): mm, kmsan: fix infinite recursion due to RCU critical section Mark Rutland (1): drivers/perf: pmuv3: don't expose SW_INCR event in sysfs Matthias May (1): selftests: net: add missing config for GENEVE Max Kellermann (1): fs/kernfs/dir: obey S_ISGID Meenakshikumar Somasundaram (1): drm/amd/display: Fix tiled display misalignment Michael Ellerman (3): powerpc: Fix build error due to is_valid_bugaddr() powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping() Michael Tretter (1): media: rockchip: rga: fix swizzling for RGB formats Michal Vokáč (1): net: dsa: qca8k: fix illegal usage of GPIO Ming Lei (2): blk-mq: fix IO hang from sbitmap wakeup race scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler Ming Qian (1): media: amphion: remove mutext lock in condition of wait_event Mingyi Zhang (1): libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos Minsuk Kang (1): wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Mukesh Ojha (1): PM / devfreq: Synchronize devfreq_monitor_[start/stop] Nathan Chancellor (1): um: net: Fix return type of uml_net_start_xmit() Naveen N Rao (1): powerpc/lib: Validate size for vector operations Nicolas Dichtel (1): ipmr: fix kernel panic when forwarding mcast packets Oleg Nesterov (3): afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleksandr Tyshchenko (1): xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import Osama Muhammad (2): FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree UBSAN: array-index-out-of-bounds in dtSplitRoot Pablo Neira Ayuso (3): netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations Paolo Abeni (2): selftests: net: give more time for GRO aggregation selftests: net: fix available tunnels detection Peter Robinson (1): mfd: ti_am335x_tscadc: Fix TI SoC dependencies Peter Zijlstra (1): perf: Fix the nr_addr_filters fix Philip Yang (1): drm/amdkfd: Fix lock dependency warning with srcu Pierre-Louis Bossart (2): PCI: add INTEL_HDA_ARL to pci_ids.h ALSA: hda: Intel: add HDA_ARL PCI ID support Prarit Bhargava (1): ACPI: extlog: fix NULL pointer dereference check Praveen Kaligineedi (1): gve: Fix use-after-free vulnerability Rob Clark (1): drm/msm/dpu: Ratelimit framedone timeout msgs Romain Naour (1): regulator: ti-abb: don't use devm_platform_ioremap_resource_byname for shared interrupt register Rui Zhang (1): regulator: core: Only increment use_count when enable_count changes Ryan Schaefer (1): netfilter: conntrack: correct window scaling with retransmitted SYN Shannon Nelson (2): ionic: pass opcode to devcmd_wait ionic: bypass firmware cmds when stuck in reset Shiji Yang (2): wifi: rt2x00: restart beacon queue when hardware reset wifi: rt2x00: correct wrong BBP register in RxDCOC calibration Shuai Xue (1): ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events Srinivasan Shanmugam (8): drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' Stanley.Yang (1): drm/amdgpu: Fix ecc irq enable/disable unpaired Stephen Rothwell (2): powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE drm: using mul_u32_u32() requires linux/math64.h Su Hui (4): wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() media: ddbridge: fix an error code problem in ddb_probe scsi: isci: Fix an error code problem in isci_io_request_build() HID: hidraw: fix a problem of memory leak in hidraw_release() Suman Ghosh (1): octeontx2-af: Fix max NPC MCAM entry check while validating ref_entry Sumit Saxena (1): scsi: mpi3mr: Add PCI checks where SAS5116 diverges from SAS4116 Takashi Iwai (1): ALSA: hda: Refer to correct stream index at loops Tanmay Shah (1): soc: xilinx: fix unhandled SGI warning message Thomas Bourgoin (1): crypto: stm32/crc32 - fix parsing list of devices Tobias Waldekranz (1): net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error path Tomi Valkeinen (7): drm/drm_file: fix use of uninitialized variable drm/framebuffer: Fix use of uninitialized variable drm/mipi-dsi: Fix detach call without attach media: rkisp1: Drop IRQF_SHARED media: rkisp1: Fix IRQ handler return values media: rkisp1: Store IRQ lines media: rkisp1: Fix IRQ disable race issue Tony Krowiak (1): s390/vfio-ap: fix sysfs status attribute for AP queue devices Venkata Prasad Potturu (1): ASoC: amd: Add new dmi entries for acp5x platform Venky Shankar (1): ceph: reinitialize mds feature bit even when session in open Vladimir Oltean (1): net: dsa: qca8k: put MDIO bus OF node on qca8k_mdio_register() failure Wang, Beyond (1): drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap Weichen Chen (1): pstore/ram: Fix crash when setting number of cpus to an odd number Wen Gu (1): net/smc: disable SEID on non-s390 archs where virtual ISM may be used Wenchao Hao (1): ceph: fix invalid pointer access if get_quota_realm return ERR_PTR Werner Fischer (1): watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 Xianwei Zhao (1): arm64: dts: amlogic: fix format for s4 uart node Xiaowu.ding (1): mailbox: arm_mhuv2: Fix a bug for mhuv2_sender_interrupt Xin Ji (1): drm/bridge: anx7625: Fix Set HPD irq detect window to 2ms Xing Tong Wu (1): hwmon: (nct6775) Fix fan speed set failure in automatic mode Xiubo Li (1): ceph: fix deadlock or deadcode of misusing dget() Yafang Shao (1): selftests/bpf: Fix issues in setup_classid_environment() Ye Bin (1): ext4: fix inconsistent between segment fstrim and full fstrim Yihang Li (1): scsi: hisi_sas: Set .phy_attached before notifing phyup event HISI_PHYE_PHY_UP_PM Yonghong Song (1): selftests/bpf: Fix pyperf180 compilation failure with clang18 Yu-Che Cheng (1): spmi: mediatek: Fix UAF on device remove Yuluo Qiu (1): ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Yuntao Wang (1): ACPI: NUMA: Fix the logic of getting the fake_pxm value Zenm Chen (1): wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Zhengchao Shao (2): bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk bonding: remove print in bond_verify_device_path Zhipeng Lu (1): net: ipv4: fix a memleak in ip_setup_cork Zhiquan Li (1): x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel Zhu Yanjun (1): virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings Zijun Hu (1): Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066 bo liu (1): ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 ching Huang (1): scsi: arcmsr: Support new PCI device IDs 1883 and 1886 clancy shang (1): Bluetooth: hci_sync: fix BR/EDR wakeup bug

1 year, 7 months

1
1
0 0

[PATCH RESEND] mm/damon/core: check apply interval in damon_do_apply_schemes()

by SeongJae Park

kdamond_apply_schemes() checks apply intervals of schemes and avoid further applying any schemes if no scheme passed its apply interval. However, the following schemes applying function, damon_do_apply_schemes() iterates all schemes without the apply interval check. As a result, the shortest apply interval is applied to all schemes. Fix the problem by checking the apply interval in damon_do_apply_schemes(). Fixes: 42f994b71404 ("mm/damon/core: implement scheme-specific apply interval") Cc: <stable(a)vger.kernel.org> # 6.7.x Signed-off-by: SeongJae Park <sj(a)kernel.org> --- Sending the same patch[1] again because the subject of the patch was broken. [1] https://lore.kernel.org/linux-mm/20240204204946.87265-1-sj@kernel.org/ mm/damon/core.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/mm/damon/core.c b/mm/damon/core.c index 0c144fb466b8..f444734cc613 100644 --- a/mm/damon/core.c +++ b/mm/damon/core.c @@ -1064,6 +1064,9 @@ static void damon_do_apply_schemes(struct damon_ctx *c, damon_for_each_scheme(s, c) { struct damos_quota *quota = &s->quota; + if (c->passed_sample_intervals != s->next_apply_sis) + continue; + if (!s->wmarks.activated) continue; @@ -1216,10 +1219,6 @@ static void kdamond_apply_schemes(struct damon_ctx *c) if (c->passed_sample_intervals != s->next_apply_sis) continue; - s->next_apply_sis += - (s->apply_interval_us ? s->apply_interval_us : - c->attrs.aggr_interval) / sample_interval; - if (!s->wmarks.activated) continue; @@ -1235,6 +1234,14 @@ static void kdamond_apply_schemes(struct damon_ctx *c) damon_for_each_region_safe(r, next_r, t) damon_do_apply_schemes(c, t, r); } + + damon_for_each_scheme(s, c) { + if (c->passed_sample_intervals != s->next_apply_sis) + continue; + s->next_apply_sis += + (s->apply_interval_us ? s->apply_interval_us : + c->attrs.aggr_interval) / sample_interval; + } } /* -- 2.39.2

1 year, 7 months

1
0
0 0

[PATCH] mm/damon/core: check apply interval in

by SeongJae Park

kdamond_apply_schemes() checks apply intervals of schemes and avoid further applying any schemes if no scheme passed its apply interval. However, the following schemes applying function, damon_do_apply_schemes() iterates all schemes without the apply interval check. As a result, the shortest apply interval is applied to all schemes. Fix the problem by checking the apply interval in damon_do_apply_schemes(). Fixes: 42f994b71404 ("mm/damon/core: implement scheme-specific apply interval") Cc: <stable(a)vger.kernel.org> # 6.7.x Signed-off-by: SeongJae Park <sj(a)kernel.org> --- mm/damon/core.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/mm/damon/core.c b/mm/damon/core.c index 0c144fb466b8..f444734cc613 100644 --- a/mm/damon/core.c +++ b/mm/damon/core.c @@ -1064,6 +1064,9 @@ static void damon_do_apply_schemes(struct damon_ctx *c, damon_for_each_scheme(s, c) { struct damos_quota *quota = &s->quota; + if (c->passed_sample_intervals != s->next_apply_sis) + continue; + if (!s->wmarks.activated) continue; @@ -1216,10 +1219,6 @@ static void kdamond_apply_schemes(struct damon_ctx *c) if (c->passed_sample_intervals != s->next_apply_sis) continue; - s->next_apply_sis += - (s->apply_interval_us ? s->apply_interval_us : - c->attrs.aggr_interval) / sample_interval; - if (!s->wmarks.activated) continue; @@ -1235,6 +1234,14 @@ static void kdamond_apply_schemes(struct damon_ctx *c) damon_for_each_region_safe(r, next_r, t) damon_do_apply_schemes(c, t, r); } + + damon_for_each_scheme(s, c) { + if (c->passed_sample_intervals != s->next_apply_sis) + continue; + s->next_apply_sis += + (s->apply_interval_us ? s->apply_interval_us : + c->attrs.aggr_interval) / sample_interval; + } } /* -- 2.39.2

1 year, 7 months

1
1
0 0

[PATCH net 0/3] nfp: a few simple driver fixes

by Louis Peens

This is combining a few unrelated one-liner fixes which have been floating around internally into a single series. I'm not sure what is the least amount of overhead for reviewers, this or a separate submission per-patch? I guess it probably depends on personal preference, but please let me know if there is a strong preference to rather split these in the future. Summary: Patch1: Fixes an old issue which was hidden because 0 just so happens to be the correct value. Patch2: Fixes a corner case for flower offloading with bond ports Patch3: Re-enables the 'NETDEV_XDP_ACT_REDIRECT', which was accidentally disabled after a previous refactor. Daniel Basilio (1): nfp: use correct macro for LengthSelect in BAR config Daniel de Villiers (1): nfp: flower: prevent re-adding mac index for bonded port James Hershaw (1): nfp: enable NETDEV_XDP_ACT_REDIRECT feature flag drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c | 2 +- drivers/net/ethernet/netronome/nfp/nfp_net_common.c | 1 + drivers/net/ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c | 6 ++++-- 3 files changed, 6 insertions(+), 3 deletions(-) -- 2.34.1

1 year, 7 months

3
10
0 0

[PATCH] ASoC: tas2781: add module parameter to tascodec_init()

by Gergo Koteles

The tascodec_init() of the snd-soc-tas2781-comlib module is called from snd-soc-tas2781-i2c and snd-hda-scodec-tas2781-i2c modules. It calls request_firmware_nowait() with parameter THIS_MODULE and a cont/callback from the latter modules. The latter modules can be removed while their callbacks are running, resulting in a general protection failure. Add module parameter to tascodec_init() so request_firmware_nowait() can be called with the module of the callback. Fixes: ef3bcde75d06 ("ASoC: tas2781: Add tas2781 driver") CC: stable(a)vger.kernel.org Signed-off-by: Gergo Koteles <soyer(a)irl.hu> --- include/sound/tas2781.h | 1 + sound/pci/hda/tas2781_hda_i2c.c | 2 +- sound/soc/codecs/tas2781-comlib.c | 3 ++- sound/soc/codecs/tas2781-i2c.c | 2 +- 4 files changed, 5 insertions(+), 3 deletions(-) diff --git a/include/sound/tas2781.h b/include/sound/tas2781.h index b00d65417c31..9aff384941de 100644 --- a/include/sound/tas2781.h +++ b/include/sound/tas2781.h @@ -142,6 +142,7 @@ struct tasdevice_priv { void tas2781_reset(struct tasdevice_priv *tas_dev); int tascodec_init(struct tasdevice_priv *tas_priv, void *codec, + struct module *module, void (*cont)(const struct firmware *fw, void *context)); struct tasdevice_priv *tasdevice_kzalloc(struct i2c_client *i2c); int tasdevice_init(struct tasdevice_priv *tas_priv); diff --git a/sound/pci/hda/tas2781_hda_i2c.c b/sound/pci/hda/tas2781_hda_i2c.c index 2dd809de62e5..1bfb00102a77 100644 --- a/sound/pci/hda/tas2781_hda_i2c.c +++ b/sound/pci/hda/tas2781_hda_i2c.c @@ -710,7 +710,7 @@ static int tas2781_hda_bind(struct device *dev, struct device *master, strscpy(comps->name, dev_name(dev), sizeof(comps->name)); - ret = tascodec_init(tas_hda->priv, codec, tasdev_fw_ready); + ret = tascodec_init(tas_hda->priv, codec, THIS_MODULE, tasdev_fw_ready); if (!ret) comps->playback_hook = tas2781_hda_playback_hook; diff --git a/sound/soc/codecs/tas2781-comlib.c b/sound/soc/codecs/tas2781-comlib.c index b7e56ceb1acf..5d0e5348b361 100644 --- a/sound/soc/codecs/tas2781-comlib.c +++ b/sound/soc/codecs/tas2781-comlib.c @@ -267,6 +267,7 @@ void tas2781_reset(struct tasdevice_priv *tas_dev) EXPORT_SYMBOL_GPL(tas2781_reset); int tascodec_init(struct tasdevice_priv *tas_priv, void *codec, + struct module *module, void (*cont)(const struct firmware *fw, void *context)) { int ret = 0; @@ -280,7 +281,7 @@ int tascodec_init(struct tasdevice_priv *tas_priv, void *codec, tas_priv->dev_name, tas_priv->ndev); crc8_populate_msb(tas_priv->crc8_lkp_tbl, TASDEVICE_CRC8_POLYNOMIAL); tas_priv->codec = codec; - ret = request_firmware_nowait(THIS_MODULE, FW_ACTION_UEVENT, + ret = request_firmware_nowait(module, FW_ACTION_UEVENT, tas_priv->rca_binaryname, tas_priv->dev, GFP_KERNEL, tas_priv, cont); if (ret) diff --git a/sound/soc/codecs/tas2781-i2c.c b/sound/soc/codecs/tas2781-i2c.c index 32913bd1a623..b5abff230e43 100644 --- a/sound/soc/codecs/tas2781-i2c.c +++ b/sound/soc/codecs/tas2781-i2c.c @@ -566,7 +566,7 @@ static int tasdevice_codec_probe(struct snd_soc_component *codec) { struct tasdevice_priv *tas_priv = snd_soc_component_get_drvdata(codec); - return tascodec_init(tas_priv, codec, tasdevice_fw_ready); + return tascodec_init(tas_priv, codec, THIS_MODULE, tasdevice_fw_ready); } static void tasdevice_deinit(void *context) base-commit: d4ea2bd1bb502c54380cc44a4130660494679bb8 -- 2.43.0

1 year, 7 months

2
1
0 0

[PATCH 6.6 000/326] 6.6.16-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.16 release. There are 326 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon, 05 Feb 2024 17:47:20 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.16-rc2… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.16-rc2 Brett Creeley <brett.creeley(a)amd.com> pds_core: Prevent health thread from running during reset/remove Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' Johan Hovold <johan+linaro(a)kernel.org> ASoC: codecs: wsa883x: fix PA volume control Johan Hovold <johan+linaro(a)kernel.org> ASoC: codecs: lpass-wsa-macro: fix compander volume hack Johan Hovold <johan+linaro(a)kernel.org> ASoC: codecs: wcd938x: fix headphones volume controls Johan Hovold <johan+linaro(a)kernel.org> ASoC: qcom: sc8280xp: limit speaker volumes Zhengchao Shao <shaozhengchao(a)huawei.com> bonding: remove print in bond_verify_device_path Yonghong Song <yonghong.song(a)linux.dev> selftests/bpf: Remove flaky test_btf_id test Huacai Chen <chenhuacai(a)kernel.org> LoongArch/smp: Call rcutree_report_cpu_starting() at tlb_init() Konrad Dybcio <konrad.dybcio(a)linaro.org> drm/msm/dsi: Enable runtime PM Jonathan Gray <jsg(a)jsg.id.au> Revert "drm/amd/display: Disable PSR-SU on Parade 0803 TCON again" Marco Elver <elver(a)google.com> mm, kmsan: fix infinite recursion due to RCU critical section Huang Shijie <shijie(a)os.amperecomputing.com> arm64: irq: set the correct node for shadow call stack Paolo Abeni <pabeni(a)redhat.com> selftests: net: enable some more knobs Jakub Kicinski <kuba(a)kernel.org> selftests: net: add missing config for NF_TARGET_TTL Benjamin Poirier <bpoirier(a)nvidia.com> selftests: bonding: Check initial state Benjamin Poirier <bpoirier(a)nvidia.com> selftests: team: Add missing config options Breno Leitao <leitao(a)debian.org> net: sysfs: Fix /sys/class/net/<iface> path Geetha sowjanya <gakula(a)marvell.com> octeontx2-pf: Remove xdp queues on program detach Paolo Abeni <pabeni(a)redhat.com> selftests: net: don't access /dev/stdout in pmtu.sh Paolo Abeni <pabeni(a)redhat.com> selftests: net: fix available tunnels detection Paolo Abeni <pabeni(a)redhat.com> selftests: net: add missing config for pmtu.sh tests Jakub Kicinski <kuba(a)kernel.org> selftests: net: add missing config for nftables-backed iptables Brett Creeley <brett.creeley(a)amd.com> pds_core: Rework teardown/setup flow to be more common Brett Creeley <brett.creeley(a)amd.com> pds_core: Clear BARs on reset Brett Creeley <brett.creeley(a)amd.com> pds_core: Prevent race issues involving the adminq Shannon Nelson <shannon.nelson(a)amd.com> pds_core: implement pci reset handlers Brett Creeley <brett.creeley(a)amd.com> pds_core: Use struct pdsc for the pdsc_adminq_isr private data Brett Creeley <brett.creeley(a)amd.com> pds_core: Cancel AQ work on teardown Eric Dumazet <edumazet(a)google.com> af_unix: fix lockdep positive in sk_diag_dump_icons() Zhipeng Lu <alexious(a)zju.edu.cn> net: ipv4: fix a memleak in ip_setup_cork Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: fix performance regression in swap operation Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV Ryan Schaefer <ryanschf(a)amazon.com> netfilter: conntrack: correct window scaling with retransmitted SYN Matthias May <Matthias.May(a)westermo.com> selftests: net: add missing config for GENEVE Parav Pandit <parav(a)nvidia.com> devlink: Fix referring to hw_addr attribute during state validation Linus Lüssing <linus.luessing(a)c0d3.blue> bridge: mcast: fix disabled snooping after long uptime Ido Schimmel <idosch(a)nvidia.com> selftests: net: Add missing matchall classifier Eric Dumazet <edumazet(a)google.com> llc: call sock_orphan() at release time Helge Deller <deller(a)kernel.org> ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Michal Vokáč <michal.vokac(a)ysoft.com> net: dsa: qca8k: fix illegal usage of GPIO Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbe: Refactor overtemp event handling Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbe: Refactor returning internal error codes Jacob Keller <jacob.e.keller(a)intel.com> e1000e: correct maximum frequency adjustment values Eric Dumazet <edumazet(a)google.com> tcp: add sanity checks to rx zerocopy Horatiu Vultur <horatiu.vultur(a)microchip.com> net: lan966x: Fix port configuration when using SGMII interface Nicolas Dichtel <nicolas.dichtel(a)6wind.com> ipmr: fix kernel panic when forwarding mcast packets Daniel Golle <daniel(a)makrotopia.org> net: dsa: mt7530: fix 10M/100M speed on MT7988 switch Eric Dumazet <edumazet(a)google.com> ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() Paolo Abeni <pabeni(a)redhat.com> selftests: net: give more time for GRO aggregation Paolo Abeni <pabeni(a)redhat.com> selftests: net: add missing required classifier Paolo Abeni <pabeni(a)redhat.com> selftests: net: add missing config for big tcp tests Daniel Golle <daniel(a)makrotopia.org> net: phy: mediatek-ge-soc: sync driver with MediaTek SDK Daniel Golle <daniel(a)makrotopia.org> net: ethernet: mtk_eth_soc: set DMA coherent mask to get PPE working Praveen Kaligineedi <pkaligineedi(a)google.com> gve: Fix skb truesize underestimation Paolo Abeni <pabeni(a)redhat.com> selftests: net: explicitly wait for listener ready Paolo Abeni <pabeni(a)redhat.com> selftests: net: remove dependency on ebpf tests Su Hui <suhui(a)nfschina.com> HID: hidraw: fix a problem of memory leak in hidraw_release() Ming Lei <ming.lei(a)redhat.com> scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler Romain Naour <romain.naour(a)skf.com> regulator: ti-abb: don't use devm_platform_ioremap_resource_byname for shared interrupt register Marco Pagani <marpagan(a)redhat.com> kunit: run test suites only after module initialization completes Su Hui <suhui(a)nfschina.com> scsi: isci: Fix an error code problem in isci_io_request_build() Alexandre Ghiti <alexghiti(a)rivosinc.com> riscv: Fix build error on rv32 + XIP Jonathan Kim <jonathan.kim(a)amd.com> drm/amdkfd: only flush mes process context if mes support is there Stephen Rothwell <sfr(a)canb.auug.org.au> drm: using mul_u32_u32() requires linux/math64.h Edward Adam Davis <eadavis(a)qq.com> wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Peter Zijlstra <peterz(a)infradead.org> perf: Fix the nr_addr_filters fix Tim Lunn <tim(a)feathertop.org> i2c: rk3x: Adjust mask/value offset for i2c2 on rv1126 Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: fix avg vs input power reporting on smu7 Wenchao Hao <haowenchao2(a)huawei.com> ceph: fix invalid pointer access if get_quota_realm return ERR_PTR Xiubo Li <xiubli(a)redhat.com> ceph: fix deadlock or deadcode of misusing dget() Venky Shankar <vshankar(a)redhat.com> ceph: reinitialize mds feature bit even when session in open Ming Lei <ming.lei(a)redhat.com> blk-mq: fix IO hang from sbitmap wakeup race Zhu Yanjun <yanjun.zhu(a)linux.dev> virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings Philip Yang <Philip.Yang(a)amd.com> drm/amdkfd: Fix lock dependency warning with srcu Felix Kuehling <felix.kuehling(a)amd.com> drm/amdkfd: Fix lock dependency warning Ian Rogers <irogers(a)google.com> libsubcmd: Fix memory leak in uniq() Hans de Goede <hdegoede(a)redhat.com> misc: lis3lv02d_i2c: Add missing setting of the reg_ctrl callback Yinbo Zhu <zhuyinbo(a)loongson.cn> usb: xhci-plat: fix usb disconnect issue after s4 David Howells <dhowells(a)redhat.com> 9p: Fix initialisation of netfs_inode for 9p Bjorn Helgaas <bhelgaas(a)google.com> PCI/AER: Decode Requester ID when no error info found Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> PCI: Fix 64GT/s effective data rate calculation Yu-Che Cheng <giver(a)chromium.org> spmi: mediatek: Fix UAF on device remove Max Kellermann <max.kellermann(a)ionos.com> fs/kernfs/dir: obey S_ISGID Adrian Reber <areber(a)redhat.com> tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE Jo Van Bulck <jo.vanbulck(a)cs.kuleuven.be> selftests/sgx: Fix linker script asserts Hardik Gajjar <hgajjar(a)de.adit-jv.com> usb: hub: Add quirk to decrease IN-ep poll interval for Microchip USB491x hub Hardik Gajjar <hgajjar(a)de.adit-jv.com> usb: hub: Replace hardcoded quirk value with BIT() macro Yaxiong Tian <tianyaxiong(a)kylinos.cn> extcon: fix possible name leak in extcon_dev_register() James Clark <james.clark(a)arm.com> perf cs-etm: Bump minimum OpenCSD version to ensure a bugfix is present Daniel Stodden <dns(a)arista.com> PCI: switchtec: Fix stdev_release() crash after surprise hot remove Guilherme G. Piccoli <gpiccoli(a)igalia.com> PCI: Only override AMD USB controller if required Xiaowu.ding <xiaowu.ding(a)jaguarmicro.com> mailbox: arm_mhuv2: Fix a bug for mhuv2_sender_interrupt Peter Robinson <pbrobinson(a)gmail.com> mfd: ti_am335x_tscadc: Fix TI SoC dependencies Oleksandr Tyshchenko <oleksandr_tyshchenko(a)epam.com> xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import Frederik Haxel <haxel(a)fzi.de> riscv: Make XIP bootable again Harshit Shah <harshitshah.opendev(a)gmail.com> i3c: master: cdns: Update maximum prescaler value for i2c clock Johannes Berg <johannes.berg(a)intel.com> um: time-travel: fix time corruption Nathan Chancellor <nathan(a)kernel.org> um: net: Fix return type of uml_net_start_xmit() Benjamin Berg <benjamin(a)sipsolutions.net> um: Don't use vfprintf() for os_info() Anton Ivanov <anton.ivanov(a)cambridgegreys.com> um: Fix naming clash between UML and scheduler Heiner Kallweit <hkallweit1(a)gmail.com> leds: trigger: panic: Don't register panic notifier if creating the trigger failed Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> pinctrl: baytrail: Fix types of config value in byt_pin_config_set() bo liu <bo.liu(a)senarytech.com> ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: apply the RV2 system aperture fix to RN/CZN as well Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' Ivan Lipski <ivlipski(a)amd.com> Re-revert "drm/amd/display: Enable Replay for static screen use cases" Felix Kuehling <Felix.Kuehling(a)amd.com> drm/amdgpu: Let KFD sync with VM fences Meenakshikumar Somasundaram <meenakshikumar.somasundaram(a)amd.com> drm/amd/display: Fix minor issues in BW Allocation Phase2 Stanley.Yang <Stanley.Yang(a)amd.com> drm/amdgpu: Fix ecc irq enable/disable unpaired Alexander Stein <alexander.stein(a)ew.tq-group.com> clk: imx: clk-imx8qxp: fix LVDS bypass, pixel and phy clocks Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: Only clear symclk otg flag for HDMI Josip Pavic <josip.pavic(a)amd.com> drm/amd/display: make flip_timestamp_in_us a 64-bit variable Oded Gabbay <ogabbay(a)kernel.org> accel/habanalabs: add support for Gaudi2C device Werner Fischer <devlists(a)wefi.net> watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 Ben Dooks <ben.dooks(a)codethink.co.uk> watchdog: starfive: add lock annotations to fix context imbalances Kuan-Wei Chiu <visitorckw(a)gmail.com> clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() Kuan-Wei Chiu <visitorckw(a)gmail.com> clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() Wang, Beyond <Wang.Beyond(a)amd.com> drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap Abhinav Kumar <quic_abhinavk(a)quicinc.com> drm/msm/dpu: fix writeback programming for YUV cases Rob Clark <robdclark(a)chromium.org> drm/msm/dpu: Ratelimit framedone timeout msgs Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: enable writeback on SM8450 Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: enable writeback on SM8350 Jonathan Kim <jonathan.kim(a)amd.com> drm/amdkfd: fix mes set shader debugger process management Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: Force p-state disallow if leaving no plane config Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: For prefetch mode > 0, extend prefetch if possible Kieran Bingham <kieran.bingham(a)ideasonboard.com> media: i2c: imx335: Fix hblank min/max values Su Hui <suhui(a)nfschina.com> media: ddbridge: fix an error code problem in ddb_probe Ming Qian <ming.qian(a)nxp.com> media: amphion: remove mutext lock in condition of wait_event Daniel Vacek <neelx(a)redhat.com> IB/ipoib: Fix mcast list locking Douglas Anderson <dianders(a)chromium.org> drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time Chao Yu <chao(a)kernel.org> f2fs: fix to tag gcing flag on page during block migration James Seo <james(a)equiv.tech> hwmon: (hp-wmi-sensors) Fix failure to load on EliteDesk 800 G6 Xing Tong Wu <xingtong.wu(a)siemens.com> hwmon: (nct6775) Fix fan speed set failure in automatic mode Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: resizer: Stop manual allocation of v4l2_subdev_state Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Fix IRQ disable race issue Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Store IRQ lines Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Fix IRQ handler return values Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Drop IRQF_SHARED Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Fix power line control for SunplusIT camera Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Fix power line control for a Chicony camera Neil Armstrong <neil.armstrong(a)linaro.org> drm/msm/dp: Add DisplayPort controller for SM8650 Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ALSA: hda: Intel: add HDA_ARL PCI ID support Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> PCI: add INTEL_HDA_ARL to pci_ids.h Michael Tretter <m.tretter(a)pengutronix.de> media: rockchip: rga: fix swizzling for RGB formats Ghanshyam Agrawal <ghanshyam1898(a)gmail.com> media: stk1160: Fixed high volume of stk1160_dbg messages Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/mipi-dsi: Fix detach call without attach Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/framebuffer: Fix use of uninitialized variable Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/drm_file: fix use of uninitialized variable Ilya Bakoulin <ilya.bakoulin(a)amd.com> drm/amd/display: Fix MST PBN/X.Y value calculations Venkata Prasad Potturu <venkataprasad.potturu(a)amd.com> ASoC: amd: Add new dmi entries for acp5x platform Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix write pointers on zoned device after roll forward Meenakshikumar Somasundaram <meenakshikumar.somasundaram(a)amd.com> drm/amd/display: Fix tiled display misalignment Xin Ji <xji(a)analogixsemi.com> drm/bridge: anx7625: Fix Set HPD irq detect window to 2ms Hsin-Yi Wang <hsinyi(a)chromium.org> drm/panel-edp: Add override_edid_mode quirk for generic edp Jack Wang <jinpu.wang(a)ionos.com> RDMA/IPoIB: Fix error code return in ipoib_mcast_join Jan Kara <jack(a)suse.cz> reiserfs: Avoid touching renamed directory if parent does not change Al Viro <viro(a)zeniv.linux.org.uk> fast_dput(): handle underflows gracefully Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Takashi Iwai <tiwai(a)suse.de> ALSA: hda: Refer to correct stream index at loops Chao Yu <chao(a)kernel.org> f2fs: fix to check return value of f2fs_reserve_new_block() Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: qca8k: put MDIO bus OF node on qca8k_mdio_register() failure Mina Almasry <almasrymina(a)google.com> net: kcm: fix direct access to bv_len Suman Ghosh <sumang(a)marvell.com> octeontx2-af: Fix max NPC MCAM entry check while validating ref_entry Andrii Staikov <andrii.staikov(a)intel.com> i40e: Fix VF disable behavior to block all traffic Chunyan Zhang <chunyan.zhang(a)unisoc.com> arm64: dts: sprd: Change UMS512 idle-state nodename to match bindings Chunyan Zhang <chunyan.zhang(a)unisoc.com> arm64: dts: sprd: Add clock reference for pll2 on UMS512 Lin Ma <linma(a)zju.edu.cn> bridge: cfm: fix enum typo in br_cc_ccm_tx_parse Wen Gu <guwen(a)linux.alibaba.com> net/smc: disable SEID on non-s390 archs where virtual ISM may be used Frédéric Danis <frederic.danis(a)collabora.com> Bluetooth: L2CAP: Fix possible multiple reject send clancy shang <clancy.shang(a)quectel.com> Bluetooth: hci_sync: fix BR/EDR wakeup bug Iulia Tanasescu <iulia.tanasescu(a)nxp.com> Bluetooth: ISO: Avoid creating child socket if PA sync is terminating Zijun Hu <quic_zijuhu(a)quicinc.com> Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066 Benjamin Berg <benjamin.berg(a)intel.com> wifi: cfg80211: free beacon_ies when overridden from hidden BSS Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() Mingyi Zhang <zhangmingyi5(a)huawei.com> libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos Ching-Te Ku <ku920601(a)realtek.com> wifi: rtw89: coex: Fix wrong Wi-Fi role info and FDDT parameter members Zenm Chen <zenmchen(a)gmail.com> wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Xianwei Zhao <xianwei.zhao(a)amlogic.com> arm64: dts: amlogic: fix format for s4 uart node Jesse Brandeburg <jesse.brandeburg(a)intel.com> ice: fix pre-shifted bit usage Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: Fix coresight warnings in in-ports and out-ports Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property Alex Lyakas <alex.lyakas(a)zadara.com> md: Whenassemble the array, consult the superblock of the freshest device Christoph Hellwig <hch(a)lst.de> block: prevent an integer overflow in bvec_try_merge_hw_page Tobias Waldekranz <tobias(a)waldekranz.com> net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error path Igor Russkikh <irusskikh(a)marvell.com> net: atlantic: eliminate double free in error handling logic Ahmed Zaki <ahmed.zaki(a)intel.com> ice: fix ICE_AQ_VSI_Q_OPT_RSS_* register values Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Set .phy_attached before notifing phyup event HISI_PHYE_PHY_UP_PM Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Move determination of vmid_flag after VMID reinitialization completes Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Reinitialize an NPIV's VMID data structures after FDISC Fabio Estevam <festevam(a)denx.de> ARM: dts: imx23/28: Fix the DMA controller node name Fabio Estevam <festevam(a)denx.de> ARM: dts: imx23-sansa: Use preferred i2c-gpios properties Fabio Estevam <festevam(a)denx.de> ARM: dts: imx27-apf27dev: Fix LED name Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25/27: Pass timing0 Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25: Fix the iim compatible string Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: fix compiler warnings in RELEASE=1 mode Michal Simek <michal.simek(a)amd.com> arm64: zynqmp: Fix clock node name in kv260 cards Michal Simek <michal.simek(a)amd.com> arm64: zynqmp: Move fixed clock to / for kv260 Kees Cook <keescook(a)chromium.org> block/rnbd-srv: Check for unlikely string overflow Shannon Nelson <shannon.nelson(a)amd.com> ionic: bypass firmware cmds when stuck in reset Shannon Nelson <shannon.nelson(a)amd.com> ionic: pass opcode to devcmd_wait Christian Marangi <ansuelsmth(a)gmail.com> net: phy: at803x: fix passing the wrong reference for config_intr Fabio Estevam <festevam(a)denx.de> ARM: dts: imx1: Fix sram node Fabio Estevam <festevam(a)denx.de> ARM: dts: imx27: Fix sram node Fabio Estevam <festevam(a)denx.de> ARM: dts: imx: Use flash@0,0 pattern Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25/27-eukrea: Fix RTC node name Johan Jonker <jbx6244(a)gmail.com> ARM: dts: rockchip: fix rk3036 hdmi ports node Lingbo Kong <quic_lingbok(a)quicinc.com> wifi: ath12k: fix the issue that the multicast/broadcast indicator is not read correctly for WCN7850 Dmitry Antipov <dmantipov(a)yandex.ru> wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() Hou Tao <houtao1(a)huawei.com> bpf: Set uattr->batch.count as zero before batched update or deletion StanleyYP Wang <StanleyYP.Wang(a)mediatek.com> wifi: mt76: mt7996: add PCI IDs for mt7992 MeiChia Chiu <meichia.chiu(a)mediatek.com> wifi: mt76: connac: fix EHT phy mode check Nia Espera <nespera(a)igalia.com> arm64: dts: qcom: sm8350: Fix remoteproc interrupt type Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: qcom: sm8450: fix soundwire controllers node name Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: qcom: sm8550: fix soundwire controllers node name Tobias Waldekranz <tobias(a)waldekranz.com> net: mvmdio: Avoid excessive sleeps in polled mode David Laight <David.Laight(a)ACULAB.COM> minmax: relax check to allow comparison between unsigned arguments and signed constants David Laight <David.Laight(a)ACULAB.COM> minmax: allow comparisons of 'int' against 'unsigned char/short' David Laight <David.Laight(a)ACULAB.COM> minmax: fix indentation of __cmp_once() and __clamp_once() David Laight <David.Laight(a)ACULAB.COM> minmax: allow min()/max()/clamp() if the arguments have the same signedness. David Laight <David.Laight(a)ACULAB.COM> minmax: add umin(a, b) and umax(a, b) Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> minmax: fix header inclusions Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> minmax: deduplicate __unconst_integer_typeof() Hannes Reinecke <hare(a)suse.de> scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hannes Reinecke <hare(a)suse.de> scsi: libfc: Don't schedule abort twice Kang Yang <quic_kangyang(a)quicinc.com> wifi: ath12k: fix and enable AP mode for WCN7850 Hou Tao <houtao1(a)huawei.com> bpf: Set need_defer as false when clearing fd array during map free Hou Tao <houtao1(a)huawei.com> bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers Chih-Kang Chang <gary.chang(a)realtek.com> wifi: rtw89: fix misbehavior of TX beacon in concurrent mode Baochen Qiang <quic_bqiang(a)quicinc.com> wifi: ath11k: fix race due to setting ATH11K_FLAG_EXT_IRQ_ENABLED too early Minsuk Kang <linuxlovemin(a)yonsei.ac.kr> wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Yonghong Song <yonghong.song(a)linux.dev> bpf: Fix a few selftest failures due to llvm18 change Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7s: Fix nand-controller #size-cells Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7s: Fix lcdif compatible Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7d: Fix coresight funnel ports ching Huang <ching2048(a)areca.com.tw> scsi: arcmsr: Support new PCI device IDs 1883 and 1886 Sumit Saxena <sumit.saxena(a)broadcom.com> scsi: mpi3mr: Add PCI checks where SAS5116 diverges from SAS4116 Sumit Saxena <sumit.saxena(a)broadcom.com> scsi: mpi3mr: Add support for SAS5116 PCI IDs Jose Ignacio Tornos Martinez <jtornosm(a)redhat.com> net: usb: ax88179_178a: avoid two consecutive device resets Zhengchao Shao <shaozhengchao(a)huawei.com> bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk Ido Schimmel <idosch(a)nvidia.com> PCI: Add no PM reset quirk for NVIDIA Spectrum devices Kory Maincent <kory.maincent(a)bootlin.com> net: phy: micrel: fix ts_info value in case of no phc Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: samsung: s5pv210: fix camera unit addresses/ranges Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: samsung: exynos4: fix camera unit addresses/ranges Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Fix possible file string name overflow when updating firmware Tanmay Shah <tanmay.shah(a)xilinx.com> soc: xilinx: fix unhandled SGI warning message HariBabu Gattem <haribabu.gattem(a)xilinx.com> soc: xilinx: Fix for call trace due to the usage of smp_processor_id() Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: msm8660: fix PMIC node labels Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: mdm9615: fix PMIC node labels Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: strip prefix from PMIC files Yafang Shao <laoar.shao(a)gmail.com> selftests/bpf: Fix issues in setup_classid_environment() Shiji Yang <yangshiji66(a)outlook.com> wifi: rt2x00: correct wrong BBP register in RxDCOC calibration Yonghong Song <yonghong.song(a)linux.dev> selftests/bpf: Fix pyperf180 compilation failure with clang18 Yonghong Song <yonghong.song(a)linux.dev> libbpf: Fix potential uninitialized tail padding with LIBBPF_OPTS_RESET Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: satisfy compiler by having explicit return in btf test Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: fix RELEASE=1 build for tc_opts Shiji Yang <yangshiji66(a)outlook.com> wifi: rt2x00: restart beacon queue when hardware reset Dmitry Antipov <dmantipov(a)yandex.ru> wifi: rtw89: fix timeout calculation in rtw89_roc_end() Baokun Li <libaokun1(a)huawei.com> ext4: avoid online resizing failures due to oversized flex bg Baokun Li <libaokun1(a)huawei.com> ext4: remove unnecessary check from alloc_flex_gd() Baokun Li <libaokun1(a)huawei.com> ext4: unify the type of flexbg_size to unsigned int Ye Bin <yebin10(a)huawei.com> ext4: fix inconsistent between segment fstrim and full fstrim Gabriel Krisman Bertazi <krisman(a)suse.de> ecryptfs: Reject casefold directory inodes Paulo Alcantara <pc(a)manguebit.com> smb: client: fix hardlinking of reparse points Paulo Alcantara <pc(a)manguebit.com> smb: client: fix renaming of reparse points Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: treat end of range as exclusive in ext4_zero_range() Anna Schumaker <Anna.Schumaker(a)Netapp.com> SUNRPC: Fix a suspicious RCU usage warning Joel Granados <j.granados(a)samsung.com> sysctl: Fix out of bounds access for empty sysctl registers Heiko Carstens <hca(a)linux.ibm.com> KVM: s390: fix setting of fpc register Heiko Carstens <hca(a)linux.ibm.com> s390/ptrace: handle setting of fpc register correctly Tony Krowiak <akrowiak(a)linux.ibm.com> s390/vfio-ap: fix sysfs status attribute for AP queue devices Arnd Bergmann <arnd(a)arndb.de> arch: consolidate arch_irq_work_raise prototypes Alexander Gordeev <agordeev(a)linux.ibm.com> s390/boot: always align vmalloc area on segment boundary Edward Adam Davis <eadavis(a)qq.com> jfs: fix array-index-out-of-bounds in diNewExt Oleg Nesterov <oleg(a)redhat.com> rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleg Nesterov <oleg(a)redhat.com> afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() Oleg Nesterov <oleg(a)redhat.com> afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> crypto: stm32/crc32 - fix parsing list of devices Gao Xiang <xiang(a)kernel.org> erofs: fix ztailpacking for subpage compressed blocks Bharat Bhushan <bbhushan2(a)marvell.com> crypto: octeontx2 - Fix cptvf driver cleanup Jia Jie Ho <jiajie.ho(a)starfivetech.com> crypto: starfive - Fix dev_err_probe return error Gao Xiang <xiang(a)kernel.org> erofs: fix up compacted indexes for block size < 4096 Weichen Chen <weichen.chen(a)mediatek.com> pstore/ram: Fix crash when setting number of cpus to an odd number Gustavo A. R. Silva <gustavoars(a)kernel.org> crypto: p10-aes-gcm - Avoid -Wstringop-overflow warnings Jia Jie Ho <jiajie.ho(a)starfivetech.com> hwrng: starfive - Fix dev_err_probe return error Edward Adam Davis <eadavis(a)qq.com> jfs: fix uaf in jfs_evict_inode Manas Ghandat <ghandatmanas(a)gmail.com> jfs: fix array-index-out-of-bounds in dbAdjTree Manas Ghandat <ghandatmanas(a)gmail.com> jfs: fix slab-out-of-bounds Read in dtSearch Osama Muhammad <osmtendev(a)gmail.com> UBSAN: array-index-out-of-bounds in dtSplitRoot Osama Muhammad <osmtendev(a)gmail.com> FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> thermal: core: Fix thermal zone suspend-resume synchronization Shuai Xue <xueshuai(a)linux.alibaba.com> ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events Mukesh Ojha <quic_mojha(a)quicinc.com> PM / devfreq: Synchronize devfreq_monitor_[start/stop] Rae Moar <rmoar(a)google.com> kunit: tool: fix parsing of test attributes Yuntao Wang <ytcoode(a)gmail.com> ACPI: NUMA: Fix the logic of getting the fake_pxm value Thomas Weißschuh <linux(a)weissschuh.net> selftests/nolibc: fix testcase status alignment Prarit Bhargava <prarit(a)redhat.com> ACPI: extlog: fix NULL pointer dereference check Dmitry Antipov <dmantipov(a)yandex.ru> PNP: ACPI: fix fortify warning Yuluo Qiu <qyl27(a)outlook.com> ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Chris Riches <chris.riches(a)nutanix.com> audit: Send netlink ACK before setting connection in auditd_set Rui Zhang <zr.zhang(a)vivo.com> regulator: core: Only increment use_count when enable_count changes Andrzej Hajda <andrzej.hajda(a)intel.com> debugobjects: Stop accessing objects after releasing hash bucket lock Greg KH <gregkh(a)linuxfoundation.org> perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file Zhiquan Li <zhiquan1.li(a)intel.com> x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel Naveen N Rao <naveen(a)kernel.org> powerpc/lib: Validate size for vector operations Stephen Rothwell <sfr(a)canb.auug.org.au> powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE Jun'ichi Nomura <junichi.nomura(a)nec.com> x86/boot: Ignore NMIs during very early boot Michael Ellerman <mpe(a)ellerman.id.au> powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping() Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() Michael Ellerman <mpe(a)ellerman.id.au> powerpc: Fix build error due to is_valid_bugaddr() Mark Rutland <mark.rutland(a)arm.com> drivers/perf: pmuv3: don't expose SW_INCR event in sysfs Huang Shijie <shijie(a)os.amperecomputing.com> arm64: irq: set the correct node for VMAP stack Kunwu Chan <chentao(a)kylinos.cn> powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Dmitry Torokhov <dmitry.torokhov(a)gmail.com> asm-generic: make sparse happy with odd-sized put_unaligned_*() Benjamin Gray <bgray(a)linux.ibm.com> Documentation/sphinx: fix Python string escapes ------------- Diffstat: Documentation/ABI/testing/sysfs-class-net-queues | 22 +- Documentation/sound/soc/dapm.rst | 2 +- Documentation/sphinx/cdomain.py | 2 +- Documentation/sphinx/kernel_abi.py | 2 +- Documentation/sphinx/kernel_feat.py | 2 +- Documentation/sphinx/kerneldoc.py | 2 +- Documentation/sphinx/maintainers_include.py | 8 +- Makefile | 4 +- arch/arm/boot/dts/nxp/imx/imx1-ads.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx1-apf9328.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx1.dtsi | 5 +- .../boot/dts/nxp/imx/imx25-eukrea-cpuimx25.dtsi | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-cmo-qvga.dts | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-dvi-svga.dts | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-dvi-vga.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx25-pdk.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx25.dtsi | 2 +- arch/arm/boot/dts/nxp/imx/imx27-apf27dev.dts | 4 +- .../boot/dts/nxp/imx/imx27-eukrea-cpuimx27.dtsi | 4 +- .../nxp/imx/imx27-eukrea-mbimxsd27-baseboard.dts | 2 +- .../dts/nxp/imx/imx27-phytec-phycard-s-rdk.dts | 2 +- .../boot/dts/nxp/imx/imx27-phytec-phycore-rdk.dts | 2 +- .../boot/dts/nxp/imx/imx27-phytec-phycore-som.dtsi | 2 +- arch/arm/boot/dts/nxp/imx/imx27.dtsi | 3 + arch/arm/boot/dts/nxp/imx/imx7d.dtsi | 3 - arch/arm/boot/dts/nxp/imx/imx7s.dtsi | 10 +- arch/arm/boot/dts/nxp/mxs/imx23-sansa.dts | 12 +- arch/arm/boot/dts/nxp/mxs/imx23.dtsi | 2 +- arch/arm/boot/dts/nxp/mxs/imx28.dtsi | 2 +- .../dts/qcom/{qcom-pm8226.dtsi => pm8226.dtsi} | 0 .../dts/qcom/{qcom-pm8841.dtsi => pm8841.dtsi} | 0 .../dts/qcom/{qcom-pm8941.dtsi => pm8941.dtsi} | 0 .../dts/qcom/{qcom-pma8084.dtsi => pma8084.dtsi} | 0 .../boot/dts/qcom/{qcom-pmx55.dtsi => pmx55.dtsi} | 0 .../boot/dts/qcom/{qcom-pmx65.dtsi => pmx65.dtsi} | 0 .../boot/dts/qcom/qcom-apq8026-asus-sparrow.dts | 2 +- .../boot/dts/qcom/qcom-apq8026-huawei-sturgeon.dts | 2 +- arch/arm/boot/dts/qcom/qcom-apq8026-lg-lenok.dts | 2 +- .../dts/qcom/qcom-apq8026-samsung-matisse-wifi.dts | 2 +- .../arm/boot/dts/qcom/qcom-apq8060-dragonboard.dts | 4 +- .../arm/boot/dts/qcom/qcom-apq8074-dragonboard.dts | 4 +- arch/arm/boot/dts/qcom/qcom-apq8084-ifc6540.dts | 2 +- arch/arm/boot/dts/qcom/qcom-apq8084-mtp.dts | 2 +- arch/arm/boot/dts/qcom/qcom-mdm9615-wp8548.dtsi | 2 +- arch/arm/boot/dts/qcom/qcom-mdm9615.dtsi | 14 +- arch/arm/boot/dts/qcom/qcom-msm8660.dtsi | 16 +- .../qcom/qcom-msm8974-lge-nexus5-hammerhead.dts | 4 +- .../dts/qcom/qcom-msm8974-sony-xperia-rhine.dtsi | 4 +- .../dts/qcom/qcom-msm8974pro-fairphone-fp2.dts | 4 +- .../dts/qcom/qcom-msm8974pro-oneplus-bacon.dts | 4 +- .../boot/dts/qcom/qcom-msm8974pro-samsung-klte.dts | 2 +- .../qcom-msm8974pro-sony-xperia-shinano-castor.dts | 4 +- arch/arm/boot/dts/qcom/qcom-sdx55-mtp.dts | 2 +- arch/arm/boot/dts/qcom/qcom-sdx55-t55.dts | 2 +- .../boot/dts/qcom/qcom-sdx55-telit-fn980-tlb.dts | 2 +- arch/arm/boot/dts/qcom/qcom-sdx65-mtp.dts | 2 +- arch/arm/boot/dts/rockchip/rk3036.dtsi | 14 +- arch/arm/boot/dts/samsung/exynos4.dtsi | 26 +-- arch/arm/boot/dts/samsung/exynos4x12.dtsi | 17 +- arch/arm/boot/dts/samsung/s5pv210.dtsi | 18 +- arch/arm/include/asm/irq_work.h | 2 - .../boot/dts/amlogic/meson-s4-s805x2-aq222.dts | 4 +- arch/arm64/boot/dts/amlogic/meson-s4.dtsi | 4 +- arch/arm64/boot/dts/qcom/msm8996.dtsi | 21 ++ arch/arm64/boot/dts/qcom/msm8998.dtsi | 32 +-- arch/arm64/boot/dts/qcom/sdm845.dtsi | 5 +- arch/arm64/boot/dts/qcom/sm8150.dtsi | 5 +- arch/arm64/boot/dts/qcom/sm8250.dtsi | 24 +-- arch/arm64/boot/dts/qcom/sm8350.dtsi | 8 +- arch/arm64/boot/dts/qcom/sm8450.dtsi | 8 +- arch/arm64/boot/dts/qcom/sm8550.dtsi | 8 +- arch/arm64/boot/dts/sprd/ums512.dtsi | 3 +- .../boot/dts/xilinx/zynqmp-sck-kv-g-revA.dtso | 40 ++-- .../boot/dts/xilinx/zynqmp-sck-kv-g-revB.dtso | 42 ++-- arch/arm64/include/asm/irq_work.h | 2 - arch/arm64/kernel/irq.c | 7 +- arch/csky/include/asm/irq_work.h | 2 +- arch/loongarch/kernel/smp.c | 1 - arch/loongarch/mm/tlb.c | 16 +- arch/powerpc/crypto/aes-gcm-p10-glue.c | 2 +- arch/powerpc/include/asm/irq_work.h | 1 - arch/powerpc/include/asm/mmu.h | 4 + arch/powerpc/include/asm/mmzone.h | 8 - arch/powerpc/kernel/traps.c | 2 + arch/powerpc/lib/sstep.c | 10 + arch/powerpc/mm/book3s64/pgtable.c | 2 + arch/powerpc/mm/init-common.c | 5 +- arch/powerpc/mm/mmu_decl.h | 5 + arch/riscv/include/asm/irq_work.h | 2 +- arch/riscv/kernel/head.S | 1 + arch/riscv/mm/init.c | 12 +- arch/s390/boot/ipl_parm.c | 2 +- arch/s390/boot/startup.c | 3 +- arch/s390/include/asm/irq_work.h | 2 - arch/s390/kernel/ptrace.c | 6 +- arch/s390/kvm/kvm-s390.c | 5 - arch/um/drivers/net_kern.c | 2 +- arch/um/include/shared/kern_util.h | 2 +- arch/um/kernel/process.c | 2 +- arch/um/kernel/time.c | 32 ++- arch/um/os-Linux/helper.c | 6 +- arch/um/os-Linux/util.c | 19 +- arch/x86/boot/compressed/ident_map_64.c | 5 + arch/x86/boot/compressed/idt_64.c | 1 + arch/x86/boot/compressed/idt_handlers_64.S | 1 + arch/x86/boot/compressed/misc.h | 1 + arch/x86/include/asm/irq_work.h | 1 - arch/x86/include/asm/kmsan.h | 17 +- arch/x86/kernel/cpu/mce/core.c | 16 ++ block/bio.c | 2 +- block/blk-mq.c | 16 ++ drivers/accel/habanalabs/common/device.c | 3 + drivers/accel/habanalabs/common/habanalabs.h | 2 + drivers/accel/habanalabs/common/habanalabs_drv.c | 3 + drivers/accel/habanalabs/common/mmu/mmu.c | 1 + drivers/accel/habanalabs/common/sysfs.c | 3 + .../habanalabs/include/hw_ip/pci/pci_general.h | 1 + drivers/acpi/acpi_extlog.c | 5 +- drivers/acpi/acpi_video.c | 9 + drivers/acpi/apei/ghes.c | 29 ++- drivers/acpi/numa/srat.c | 4 +- drivers/base/arch_numa.c | 2 +- drivers/block/rnbd/rnbd-srv.c | 19 +- drivers/bluetooth/hci_qca.c | 1 + drivers/char/hw_random/jh7110-trng.c | 2 +- drivers/clk/hisilicon/clk-hi3620.c | 4 +- drivers/clk/imx/clk-imx8qxp.c | 24 ++- drivers/clk/mmp/clk-of-pxa168.c | 3 + drivers/crypto/marvell/octeontx2/otx2_cptlf.c | 6 +- drivers/crypto/marvell/octeontx2/otx2_cptvf_main.c | 3 + drivers/crypto/starfive/jh7110-cryp.c | 2 +- drivers/crypto/stm32/stm32-crc32.c | 2 +- drivers/devfreq/devfreq.c | 24 ++- drivers/extcon/extcon.c | 3 +- drivers/gpu/drm/amd/amdgpu/aldebaran.c | 26 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c | 21 +- drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c | 31 +++ drivers/gpu/drm/amd/amdgpu/amdgpu_mes.h | 10 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 13 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_sync.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.c | 6 +- drivers/gpu/drm/amd/amdgpu/gfxhub_v1_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gfxhub_v1_2.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c | 4 + drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 5 + drivers/gpu/drm/amd/amdgpu/gmc_v6_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 8 +- drivers/gpu/drm/amd/amdgpu/mmhub_v1_0.c | 4 +- .../gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 2 + drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 42 ++-- drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 24 ++- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 30 +-- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 9 +- drivers/gpu/drm/amd/display/dc/core/dc.c | 4 + drivers/gpu/drm/amd/display/dc/dc_hw_types.h | 2 +- .../amd/display/dc/dce110/dce110_hw_sequencer.c | 3 +- .../drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c | 3 +- drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 23 ++- drivers/gpu/drm/amd/display/dc/dcn31/dcn31_hwseq.c | 3 +- .../amd/display/dc/dml/dcn32/display_mode_vba_32.c | 3 + .../dc/dml/dcn32/display_mode_vba_util_32.c | 33 ++- .../dc/dml/dcn32/display_mode_vba_util_32.h | 1 + drivers/gpu/drm/amd/display/dc/link/link_dpms.c | 13 +- .../display/dc/link/protocols/link_dp_dpia_bw.c | 221 +++++++++------------ .../display/dc/link/protocols/link_dp_dpia_bw.h | 4 +- .../drm/amd/display/modules/power/power_helpers.c | 2 - drivers/gpu/drm/amd/include/amd_shared.h | 2 - drivers/gpu/drm/amd/include/mes_v11_api_def.h | 3 +- .../amd/pm/powerplay/hwmgr/process_pptables_v1_0.c | 2 +- .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 17 +- drivers/gpu/drm/bridge/analogix/anx7625.c | 51 +++-- drivers/gpu/drm/bridge/analogix/anx7625.h | 4 + drivers/gpu/drm/drm_file.c | 2 +- drivers/gpu/drm/drm_framebuffer.c | 2 +- drivers/gpu/drm/drm_mipi_dsi.c | 17 +- drivers/gpu/drm/exynos/exynos_drm_drv.c | 11 + .../gpu/drm/msm/disp/dpu1/catalog/dpu_7_0_sm8350.h | 18 ++ .../gpu/drm/msm/disp/dpu1/catalog/dpu_8_1_sm8450.h | 18 ++ drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 5 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_wb.c | 3 + drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 1 + drivers/gpu/drm/msm/dp/dp_display.c | 6 + drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 + drivers/gpu/drm/panel/panel-edp.c | 48 ++++- drivers/hid/hidraw.c | 7 +- drivers/hwmon/hp-wmi-sensors.c | 127 ++++++++++-- drivers/hwmon/nct6775-core.c | 7 + drivers/i2c/busses/i2c-rk3x.c | 8 +- drivers/i3c/master/i3c-master-cdns.c | 7 +- drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 7 +- drivers/leds/trigger/ledtrig-panic.c | 5 +- drivers/mailbox/arm_mhuv2.c | 3 +- drivers/md/md.c | 54 ++++- drivers/media/i2c/imx335.c | 4 +- drivers/media/pci/ddbridge/ddbridge-main.c | 2 +- drivers/media/platform/amphion/vpu.h | 3 +- drivers/media/platform/amphion/vpu_cmds.c | 28 +-- drivers/media/platform/amphion/vpu_v4l2.c | 1 + drivers/media/platform/rockchip/rga/rga.c | 15 +- .../media/platform/rockchip/rkisp1/rkisp1-common.h | 11 +- .../media/platform/rockchip/rkisp1/rkisp1-csi.c | 14 +- .../media/platform/rockchip/rkisp1/rkisp1-dev.c | 35 +++- .../media/platform/rockchip/rkisp1/rkisp1-isp.c | 20 +- .../platform/rockchip/rkisp1/rkisp1-resizer.c | 38 ++-- drivers/media/usb/stk1160/stk1160-video.c | 5 +- drivers/media/usb/uvc/uvc_driver.c | 18 ++ drivers/mfd/Kconfig | 1 + drivers/misc/lis3lv02d/lis3lv02d_i2c.c | 1 + drivers/net/bonding/bond_alb.c | 3 +- drivers/net/dsa/mt7530.c | 3 +- drivers/net/dsa/mv88e6xxx/chip.h | 4 +- drivers/net/dsa/mv88e6xxx/serdes.c | 10 +- drivers/net/dsa/mv88e6xxx/serdes.h | 8 +- drivers/net/dsa/qca/qca8k-8xxx.c | 24 ++- drivers/net/ethernet/amd/pds_core/adminq.c | 64 ++++-- drivers/net/ethernet/amd/pds_core/core.c | 52 +++-- drivers/net/ethernet/amd/pds_core/core.h | 6 +- drivers/net/ethernet/amd/pds_core/debugfs.c | 4 + drivers/net/ethernet/amd/pds_core/dev.c | 16 +- drivers/net/ethernet/amd/pds_core/devlink.c | 3 +- drivers/net/ethernet/amd/pds_core/fw.c | 3 + drivers/net/ethernet/amd/pds_core/main.c | 74 ++++++- drivers/net/ethernet/aquantia/atlantic/aq_ptp.c | 28 +-- drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 61 ++---- drivers/net/ethernet/aquantia/atlantic/aq_ring.h | 22 +- drivers/net/ethernet/aquantia/atlantic/aq_vec.c | 23 +-- drivers/net/ethernet/google/gve/gve_rx.c | 8 +- drivers/net/ethernet/intel/e1000e/e1000.h | 20 ++ drivers/net/ethernet/intel/e1000e/ptp.c | 22 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 32 +++ drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 + drivers/net/ethernet/intel/ice/ice_adminq_cmd.h | 18 +- drivers/net/ethernet/intel/ice/ice_lib.c | 7 +- drivers/net/ethernet/intel/ice/ice_virtchnl.c | 12 +- drivers/net/ethernet/intel/ice/ice_vsi_vlan_lib.c | 16 +- drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c | 36 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_82599.c | 61 +++--- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 145 +++++++------- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 42 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c | 34 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 1 - drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 105 +++++----- drivers/net/ethernet/intel/ixgbe/ixgbe_phy.h | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 43 +--- drivers/net/ethernet/intel/ixgbe/ixgbe_x540.c | 44 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 149 +++++++------- drivers/net/ethernet/marvell/mvmdio.c | 53 ++--- .../net/ethernet/marvell/octeontx2/af/rvu_npc.c | 13 +- .../ethernet/marvell/octeontx2/nic/otx2_ethtool.c | 1 - .../net/ethernet/marvell/octeontx2/nic/otx2_pf.c | 3 +- .../net/ethernet/marvell/octeontx2/nic/otx2_txrx.c | 7 +- drivers/net/ethernet/mediatek/mtk_eth_soc.c | 5 +- .../net/ethernet/microchip/lan966x/lan966x_port.c | 5 +- .../net/ethernet/pensando/ionic/ionic_bus_pci.c | 4 + drivers/net/ethernet/pensando/ionic/ionic_dev.c | 1 + drivers/net/ethernet/pensando/ionic/ionic_dev.h | 1 + drivers/net/ethernet/pensando/ionic/ionic_lif.c | 3 + drivers/net/ethernet/pensando/ionic/ionic_main.c | 22 +- drivers/net/phy/at803x.c | 6 +- drivers/net/phy/mediatek-ge-soc.c | 147 ++++++++------ drivers/net/phy/micrel.c | 6 +- drivers/net/usb/ax88179_178a.c | 2 - drivers/net/virtio_net.c | 9 +- drivers/net/wireless/ath/ath11k/pcic.c | 4 +- drivers/net/wireless/ath/ath12k/hal.c | 4 +- drivers/net/wireless/ath/ath12k/hw.c | 3 +- drivers/net/wireless/ath/ath12k/mac.c | 4 +- drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 5 +- .../net/wireless/mediatek/mt76/mt76_connac_mcu.c | 2 +- drivers/net/wireless/mediatek/mt76/mt7996/pci.c | 8 +- drivers/net/wireless/ralink/rt2x00/rt2800lib.c | 2 +- drivers/net/wireless/ralink/rt2x00/rt2x00dev.c | 3 + drivers/net/wireless/ralink/rt2x00/rt2x00mac.c | 11 + .../net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 12 ++ .../net/wireless/realtek/rtlwifi/rtl8723ae/phy.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8723be/phy.c | 4 +- drivers/net/wireless/realtek/rtw89/coex.c | 4 +- drivers/net/wireless/realtek/rtw89/core.c | 2 +- drivers/net/wireless/realtek/rtw89/core.h | 12 +- drivers/net/wireless/realtek/rtw89/fw.c | 17 +- drivers/net/wireless/realtek/rtw89/mac.c | 29 ++- drivers/net/wireless/realtek/rtw89/mac.h | 1 + drivers/net/wireless/realtek/rtw89/mac80211.c | 3 + drivers/net/wireless/silabs/wfx/sta.c | 42 ++-- drivers/pci/pci.h | 2 +- drivers/pci/pcie/aer.c | 9 +- drivers/pci/quirks.c | 24 ++- drivers/pci/switch/switchtec.c | 25 ++- drivers/perf/arm_pmuv3.c | 6 +- drivers/pinctrl/intel/pinctrl-baytrail.c | 3 +- drivers/pnp/pnpacpi/rsparser.c | 12 +- drivers/regulator/core.c | 56 +++--- drivers/regulator/ti-abb-regulator.c | 22 +- drivers/s390/crypto/vfio_ap_ops.c | 16 +- drivers/scsi/arcmsr/arcmsr.h | 4 + drivers/scsi/arcmsr/arcmsr_hba.c | 6 + drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 10 +- drivers/scsi/isci/request.c | 2 +- drivers/scsi/libfc/fc_fcp.c | 18 +- drivers/scsi/lpfc/lpfc.h | 1 + drivers/scsi/lpfc/lpfc_els.c | 14 +- drivers/scsi/lpfc/lpfc_init.c | 4 +- drivers/scsi/lpfc/lpfc_vmid.c | 1 + drivers/scsi/mpi3mr/mpi3mr_fw.c | 3 +- drivers/scsi/mpi3mr/mpi3mr_os.c | 13 +- drivers/scsi/scsi_error.c | 8 +- drivers/scsi/scsi_lib.c | 2 +- drivers/scsi/scsi_priv.h | 2 +- drivers/soc/xilinx/xlnx_event_manager.c | 7 +- drivers/spmi/spmi-mtk-pmif.c | 7 +- drivers/thermal/thermal_core.c | 30 ++- drivers/tty/tty_ioctl.c | 4 +- drivers/usb/core/hub.c | 33 ++- drivers/usb/host/xhci-plat.c | 23 ++- drivers/watchdog/it87_wdt.c | 14 +- drivers/watchdog/starfive-wdt.c | 2 + drivers/xen/gntdev-dmabuf.c | 50 ++--- fs/9p/v9fs_vfs.h | 1 + fs/9p/vfs_inode.c | 6 +- fs/9p/vfs_inode_dotl.c | 1 + fs/afs/callback.c | 3 +- fs/afs/server.c | 7 +- fs/ceph/caps.c | 9 +- fs/ceph/mds_client.c | 2 +- fs/ceph/quota.c | 39 ++-- fs/dcache.c | 7 +- fs/ecryptfs/inode.c | 8 + fs/erofs/zdata.c | 2 +- fs/erofs/zmap.c | 32 ++- fs/ext4/extents.c | 6 +- fs/ext4/mballoc.c | 11 +- fs/ext4/resize.c | 37 ++-- fs/f2fs/compress.c | 4 +- fs/f2fs/file.c | 2 + fs/f2fs/recovery.c | 25 ++- fs/jfs/jfs_dmap.c | 57 +++--- fs/jfs/jfs_dtree.c | 7 +- fs/jfs/jfs_imap.c | 3 + fs/jfs/jfs_mount.c | 6 +- fs/kernfs/dir.c | 12 ++ fs/proc/proc_sysctl.c | 9 +- fs/pstore/ram.c | 1 + fs/reiserfs/namei.c | 54 ++--- fs/smb/client/cifsglob.h | 30 ++- fs/smb/client/cifsproto.h | 15 +- fs/smb/client/cifssmb.c | 17 +- fs/smb/client/inode.c | 3 +- fs/smb/client/link.c | 4 +- fs/smb/client/smb2inode.c | 55 +++-- fs/smb/client/smb2proto.h | 16 +- include/asm-generic/numa.h | 2 + include/asm-generic/unaligned.h | 24 +-- include/drm/drm_color_mgmt.h | 1 + include/drm/drm_mipi_dsi.h | 2 + include/linux/irq_work.h | 3 + include/linux/minmax.h | 129 ++++++------ include/linux/mmzone.h | 6 +- include/linux/netfilter/ipset/ip_set.h | 4 + include/linux/pci_ids.h | 1 + include/linux/thermal.h | 2 + include/net/af_unix.h | 20 +- include/net/ip.h | 2 +- include/net/netfilter/nf_tables.h | 2 + kernel/audit.c | 31 ++- kernel/bpf/arraymap.c | 23 ++- kernel/bpf/helpers.c | 13 +- kernel/bpf/syscall.c | 6 + kernel/events/core.c | 38 ++-- lib/debugobjects.c | 200 ++++++++----------- lib/kunit/executor.c | 4 + lib/kunit/test.c | 14 +- net/bluetooth/hci_sync.c | 10 +- net/bluetooth/iso.c | 51 ++++- net/bluetooth/l2cap_core.c | 3 +- net/bpf/test_run.c | 2 +- net/bridge/br_cfm_netlink.c | 2 +- net/bridge/br_multicast.c | 20 +- net/bridge/br_private.h | 4 +- net/devlink/port.c | 2 +- net/ipv4/ip_output.c | 12 +- net/ipv4/ip_sockglue.c | 6 +- net/ipv4/ipmr.c | 2 +- net/ipv4/raw.c | 2 +- net/ipv4/tcp.c | 12 +- net/ipv4/udp.c | 2 +- net/ipv6/addrconf_core.c | 21 +- net/ipv6/ip6_tunnel.c | 21 +- net/kcm/kcmsock.c | 2 +- net/llc/af_llc.c | 2 + net/netfilter/ipset/ip_set_bitmap_gen.h | 14 +- net/netfilter/ipset/ip_set_core.c | 37 +++- net/netfilter/ipset/ip_set_hash_gen.h | 15 +- net/netfilter/ipset/ip_set_list_set.c | 13 +- net/netfilter/nf_conntrack_proto_tcp.c | 10 +- net/netfilter/nf_log.c | 7 +- net/netfilter/nf_tables_api.c | 14 +- net/netfilter/nft_ct.c | 24 +++ net/netfilter/nft_tunnel.c | 1 + net/rxrpc/conn_service.c | 3 +- net/smc/smc_clc.c | 14 ++ net/sunrpc/xprtmultipath.c | 17 +- net/unix/af_unix.c | 14 +- net/unix/diag.c | 2 +- net/wireless/scan.c | 4 + sound/hda/hdac_stream.c | 9 +- sound/hda/intel-dsp-config.c | 10 + sound/pci/hda/hda_intel.c | 2 + sound/pci/hda/patch_conexant.c | 115 ++++++++++- sound/soc/amd/acp-config.c | 15 +- sound/soc/codecs/lpass-wsa-macro.c | 7 - sound/soc/codecs/wcd938x.c | 2 +- sound/soc/codecs/wsa883x.c | 6 +- sound/soc/qcom/sc8280xp.c | 12 +- tools/build/feature/test-libopencsd.c | 4 +- tools/lib/bpf/libbpf.c | 2 + tools/lib/bpf/libbpf_common.h | 13 +- tools/lib/subcmd/help.c | 18 +- tools/testing/kunit/kunit_parser.py | 4 +- tools/testing/selftests/bpf/cgroup_helpers.c | 18 +- tools/testing/selftests/bpf/prog_tests/btf.c | 6 +- tools/testing/selftests/bpf/prog_tests/tc_opts.c | 6 +- tools/testing/selftests/bpf/progs/pyperf180.c | 22 ++ .../selftests/bpf/progs/test_global_func17.c | 1 + tools/testing/selftests/bpf/veristat.c | 2 +- tools/testing/selftests/bpf/xdp_hw_metadata.c | 2 +- .../selftests/drivers/net/bonding/lag_lib.sh | 11 + tools/testing/selftests/drivers/net/team/config | 4 +- tools/testing/selftests/net/Makefile | 5 +- tools/testing/selftests/net/config | 16 ++ tools/testing/selftests/net/pmtu.sh | 18 +- tools/testing/selftests/net/setup_veth.sh | 2 +- tools/testing/selftests/net/udpgro.sh | 4 +- tools/testing/selftests/net/udpgro_bench.sh | 4 +- tools/testing/selftests/net/udpgro_frglist.sh | 6 +- tools/testing/selftests/net/udpgro_fwd.sh | 8 +- tools/testing/selftests/net/veth.sh | 4 +- tools/testing/selftests/net/xdp_dummy.c | 13 ++ tools/testing/selftests/nolibc/nolibc-test.c | 4 +- tools/testing/selftests/sgx/test_encl.lds | 6 +- 447 files changed, 3791 insertions(+), 2156 deletions(-)

1 year, 7 months

11
10
0 0

[PATCH v2] mtd: rawnand: marvell: fix layouts

by Elad Nachman

From: Elad Nachman <enachman(a)marvell.com> The check in nand_base.c, nand_scan_tail() : has the following code: (ecc->steps * ecc->size != mtd->writesize) which fails for some NAND chips. Remove ECC entries in this driver which are not integral multiplications, and adjust the number of chunks for entries which fails the above calculation so it will calculate correctly (this was previously done automatically before the check and was removed in a later commit). Fixes: 68c18dae6888 ("mtd: rawnand: marvell: add missing layouts") Cc: stable(a)vger.kernel.org Signed-off-by: Elad Nachman <enachman(a)marvell.com> --- drivers/mtd/nand/raw/marvell_nand.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/drivers/mtd/nand/raw/marvell_nand.c b/drivers/mtd/nand/raw/marvell_nand.c index a46698744850..5b0f5a9cef81 100644 --- a/drivers/mtd/nand/raw/marvell_nand.c +++ b/drivers/mtd/nand/raw/marvell_nand.c @@ -290,16 +290,13 @@ static const struct marvell_hw_ecc_layout marvell_nfc_layouts[] = { MARVELL_LAYOUT( 2048, 512, 4, 1, 1, 2048, 32, 30, 0, 0, 0), MARVELL_LAYOUT( 2048, 512, 8, 2, 1, 1024, 0, 30,1024,32, 30), MARVELL_LAYOUT( 2048, 512, 8, 2, 1, 1024, 0, 30,1024,64, 30), - MARVELL_LAYOUT( 2048, 512, 12, 3, 2, 704, 0, 30,640, 0, 30), - MARVELL_LAYOUT( 2048, 512, 16, 5, 4, 512, 0, 30, 0, 32, 30), + MARVELL_LAYOUT( 2048, 512, 16, 4, 4, 512, 0, 30, 0, 32, 30), MARVELL_LAYOUT( 4096, 512, 4, 2, 2, 2048, 32, 30, 0, 0, 0), - MARVELL_LAYOUT( 4096, 512, 8, 5, 4, 1024, 0, 30, 0, 64, 30), - MARVELL_LAYOUT( 4096, 512, 12, 6, 5, 704, 0, 30,576, 32, 30), - MARVELL_LAYOUT( 4096, 512, 16, 9, 8, 512, 0, 30, 0, 32, 30), + MARVELL_LAYOUT( 4096, 512, 8, 4, 4, 1024, 0, 30, 0, 64, 30), + MARVELL_LAYOUT( 4096, 512, 16, 8, 8, 512, 0, 30, 0, 32, 30), MARVELL_LAYOUT( 8192, 512, 4, 4, 4, 2048, 0, 30, 0, 0, 0), - MARVELL_LAYOUT( 8192, 512, 8, 9, 8, 1024, 0, 30, 0, 160, 30), - MARVELL_LAYOUT( 8192, 512, 12, 12, 11, 704, 0, 30,448, 64, 30), - MARVELL_LAYOUT( 8192, 512, 16, 17, 16, 512, 0, 30, 0, 32, 30), + MARVELL_LAYOUT( 8192, 512, 8, 8, 8, 1024, 0, 30, 0, 160, 30), + MARVELL_LAYOUT( 8192, 512, 16, 16, 16, 512, 0, 30, 0, 32, 30), }; /** -- 2.25.1

1 year, 7 months

2
1
0 0

[git:media_stage/master] media: nxp: imx8-isi: Mark all crossbar sink pads as MUST_CONNECT

by Hans Verkuil

This is an automatic generated email to let you know that the following patch were queued: Subject: media: nxp: imx8-isi: Mark all crossbar sink pads as MUST_CONNECT Author: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Date: Mon Jan 15 04:16:29 2024 +0200 All the sink pads of the crossbar switch require an active link if they're part of the pipeline. Mark them with the MEDIA_PAD_FL_MUST_CONNECT flag to fail pipeline validation if they're not connected. This allows removing a manual check when translating streams. Cc: stable(a)vger.kernel.org # 6.1 Signed-off-by: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Acked-by: Sakari Ailus <sakari.ailus(a)linux.intel.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> drivers/media/platform/nxp/imx8-isi/imx8-isi-crossbar.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) --- diff --git a/drivers/media/platform/nxp/imx8-isi/imx8-isi-crossbar.c b/drivers/media/platform/nxp/imx8-isi/imx8-isi-crossbar.c index 1bb1334ec6f2..93a55c97cd17 100644 --- a/drivers/media/platform/nxp/imx8-isi/imx8-isi-crossbar.c +++ b/drivers/media/platform/nxp/imx8-isi/imx8-isi-crossbar.c @@ -160,13 +160,6 @@ mxc_isi_crossbar_xlate_streams(struct mxc_isi_crossbar *xbar, } pad = media_pad_remote_pad_first(&xbar->pads[sink_pad]); - if (!pad) { - dev_dbg(xbar->isi->dev, - "no pad connected to crossbar input %u\n", - sink_pad); - return ERR_PTR(-EPIPE); - } - sd = media_entity_to_v4l2_subdev(pad->entity); if (!sd) { dev_dbg(xbar->isi->dev, @@ -475,7 +468,8 @@ int mxc_isi_crossbar_init(struct mxc_isi_dev *isi) } for (i = 0; i < xbar->num_sinks; ++i) - xbar->pads[i].flags = MEDIA_PAD_FL_SINK; + xbar->pads[i].flags = MEDIA_PAD_FL_SINK + | MEDIA_PAD_FL_MUST_CONNECT; for (i = 0; i < xbar->num_sources; ++i) xbar->pads[i + xbar->num_sinks].flags = MEDIA_PAD_FL_SOURCE;

1 year, 7 months

1
0
0 0

[git:media_stage/master] media: mc: Add local pad to pipeline regardless of the link state

by Hans Verkuil

This is an automatic generated email to let you know that the following patch were queued: Subject: media: mc: Add local pad to pipeline regardless of the link state Author: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Date: Sun Jan 14 15:55:40 2024 +0200 When building pipelines by following links, the media_pipeline_explore_next_link() function only traverses enabled links. The remote pad of a disabled link is not added to the pipeline, and neither is the local pad. While the former is correct as disabled links should not be followed, not adding the local pad breaks processing of the MEDIA_PAD_FL_MUST_CONNECT flag. The MEDIA_PAD_FL_MUST_CONNECT flag is checked in the __media_pipeline_start() function that iterates over all pads after populating the pipeline. If the pad is not present, the check gets skipped, rendering it useless. Fix this by adding the local pad of all links regardless of their state, only skipping the remote pad for disabled links. Cc: stable(a)vger.kernel.org # 6.1 Fixes: ae219872834a ("media: mc: entity: Rewrite media_pipeline_start()") Reported-by: Frieder Schrempf <frieder.schrempf(a)kontron.de> Closes: https://lore.kernel.org/linux-media/7658a15a-80c5-219f-2477-2a94ba6c6ba1@ko… Signed-off-by: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Acked-by: Sakari Ailus <sakari.ailus(a)linux.intel.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> drivers/media/mc/mc-entity.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) --- diff --git a/drivers/media/mc/mc-entity.c b/drivers/media/mc/mc-entity.c index 543a392f8635..a6f28366106f 100644 --- a/drivers/media/mc/mc-entity.c +++ b/drivers/media/mc/mc-entity.c @@ -620,13 +620,6 @@ static int media_pipeline_explore_next_link(struct media_pipeline *pipe, link->source->entity->name, link->source->index, link->sink->entity->name, link->sink->index); - /* Skip links that are not enabled. */ - if (!(link->flags & MEDIA_LNK_FL_ENABLED)) { - dev_dbg(walk->mdev->dev, - "media pipeline: skipping link (disabled)\n"); - return 0; - } - /* Get the local pad and remote pad. */ if (link->source->entity == pad->entity) { local = link->source; @@ -648,13 +641,20 @@ static int media_pipeline_explore_next_link(struct media_pipeline *pipe, } /* - * Add the local and remote pads of the link to the pipeline and push - * them to the stack, if they're not already present. + * Add the local pad of the link to the pipeline and push it to the + * stack, if not already present. */ ret = media_pipeline_add_pad(pipe, walk, local); if (ret) return ret; + /* Similarly, add the remote pad, but only if the link is enabled. */ + if (!(link->flags & MEDIA_LNK_FL_ENABLED)) { + dev_dbg(walk->mdev->dev, + "media pipeline: skipping link (disabled)\n"); + return 0; + } + ret = media_pipeline_add_pad(pipe, walk, remote); if (ret) return ret;

1 year, 7 months

1
0
0 0

[git:media_stage/master] media: mc: Fix flags handling when creating pad links

by Hans Verkuil

This is an automatic generated email to let you know that the following patch were queued: Subject: media: mc: Fix flags handling when creating pad links Author: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Date: Mon Jan 15 00:24:12 2024 +0200 The media_create_pad_link() function doesn't correctly clear reject link type flags, nor does it set the DATA_LINK flag. It only works because the MEDIA_LNK_FL_DATA_LINK flag's value is 0. Fix it by returning an error if any link type flag is set. This doesn't introduce any regression, as nobody calls the media_create_pad_link() function with link type flags (easily checked by grepping for the flag in the source code, there are very few hits). Set the MEDIA_LNK_FL_DATA_LINK explicitly, which is a no-op that the compiler will optimize out, but is still useful to make the code more explicit and easier to understand. Cc: stable(a)vger.kernel.org # 6.1 Signed-off-by: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Acked-by: Sakari Ailus <sakari.ailus(a)linux.intel.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> drivers/media/mc/mc-entity.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) --- diff --git a/drivers/media/mc/mc-entity.c b/drivers/media/mc/mc-entity.c index a6f28366106f..7839e3f68efa 100644 --- a/drivers/media/mc/mc-entity.c +++ b/drivers/media/mc/mc-entity.c @@ -1092,6 +1092,11 @@ media_create_pad_link(struct media_entity *source, u16 source_pad, struct media_link *link; struct media_link *backlink; + if (flags & MEDIA_LNK_FL_LINK_TYPE) + return -EINVAL; + + flags |= MEDIA_LNK_FL_DATA_LINK; + if (WARN_ON(!source || !sink) || WARN_ON(source_pad >= source->num_pads) || WARN_ON(sink_pad >= sink->num_pads)) @@ -1107,7 +1112,7 @@ media_create_pad_link(struct media_entity *source, u16 source_pad, link->source = &source->pads[source_pad]; link->sink = &sink->pads[sink_pad]; - link->flags = flags & ~MEDIA_LNK_FL_INTERFACE_LINK; + link->flags = flags; /* Initialize graph object embedded at the new link */ media_gobj_create(source->graph_obj.mdev, MEDIA_GRAPH_LINK,

1 year, 7 months

1
0
0 0

[git:media_stage/master] media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access

by Hans Verkuil

This is an automatic generated email to let you know that the following patch were queued: Subject: media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access Author: Marek Vasut <marex(a)denx.de> Date: Fri Dec 1 16:06:04 2023 +0100 When translating source to sink streams in the crossbar subdev, the driver tries to locate the remote subdev connected to the sink pad. The remote pad may be NULL, if userspace tries to enable a stream that ends at an unconnected crossbar sink. When that occurs, the driver dereferences the NULL pad, leading to a crash. Prevent the crash by checking if the pad is NULL before using it, and return an error if it is. Cc: stable(a)vger.kernel.org # 6.1 Fixes: cf21f328fcaf ("media: nxp: Add i.MX8 ISI driver") Signed-off-by: Marek Vasut <marex(a)denx.de> Reviewed-by: Kieran Bingham <kieran.bingham(a)ideasonboard.com> Reviewed-by: Fabio Estevam <festevam(a)gmail.com> Reviewed-by: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Link: https://lore.kernel.org/r/20231201150614.63300-1-marex@denx.de Signed-off-by: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Acked-by: Sakari Ailus <sakari.ailus(a)linux.intel.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> drivers/media/platform/nxp/imx8-isi/imx8-isi-crossbar.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) --- diff --git a/drivers/media/platform/nxp/imx8-isi/imx8-isi-crossbar.c b/drivers/media/platform/nxp/imx8-isi/imx8-isi-crossbar.c index 575f17337388..1bb1334ec6f2 100644 --- a/drivers/media/platform/nxp/imx8-isi/imx8-isi-crossbar.c +++ b/drivers/media/platform/nxp/imx8-isi/imx8-isi-crossbar.c @@ -160,8 +160,14 @@ mxc_isi_crossbar_xlate_streams(struct mxc_isi_crossbar *xbar, } pad = media_pad_remote_pad_first(&xbar->pads[sink_pad]); - sd = media_entity_to_v4l2_subdev(pad->entity); + if (!pad) { + dev_dbg(xbar->isi->dev, + "no pad connected to crossbar input %u\n", + sink_pad); + return ERR_PTR(-EPIPE); + } + sd = media_entity_to_v4l2_subdev(pad->entity); if (!sd) { dev_dbg(xbar->isi->dev, "no entity connected to crossbar input %u\n",

1 year, 7 months

1
0
0 0

[git:media_stage/master] media: mc: Expand MUST_CONNECT flag to always require an enabled link

by Hans Verkuil

This is an automatic generated email to let you know that the following patch were queued: Subject: media: mc: Expand MUST_CONNECT flag to always require an enabled link Author: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Date: Mon Jan 15 01:04:52 2024 +0200 The MEDIA_PAD_FL_MUST_CONNECT flag indicates that the pad requires an enabled link to stream, but only if it has any link at all. This makes little sense, as if a pad is part of a pipeline, there are very few use cases for an active link to be mandatory only if links exist at all. A review of in-tree drivers confirms they all need an enabled link for pads marked with the MEDIA_PAD_FL_MUST_CONNECT flag. Expand the scope of the flag by rejecting pads that have no links at all. This requires modifying the pipeline build code to add those pads to the pipeline. Cc: stable(a)vger.kernel.org # 6.1 Signed-off-by: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Acked-by: Sakari Ailus <sakari.ailus(a)linux.intel.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> .../userspace-api/media/mediactl/media-types.rst | 11 ++--- drivers/media/mc/mc-entity.c | 53 ++++++++++++++++++---- 2 files changed, 48 insertions(+), 16 deletions(-) --- diff --git a/Documentation/userspace-api/media/mediactl/media-types.rst b/Documentation/userspace-api/media/mediactl/media-types.rst index 0ffeece1e0c8..6332e8395263 100644 --- a/Documentation/userspace-api/media/mediactl/media-types.rst +++ b/Documentation/userspace-api/media/mediactl/media-types.rst @@ -375,12 +375,11 @@ Types and flags used to represent the media graph elements are origins of links. * - ``MEDIA_PAD_FL_MUST_CONNECT`` - - If this flag is set and the pad is linked to any other pad, then - at least one of those links must be enabled for the entity to be - able to stream. There could be temporary reasons (e.g. device - configuration dependent) for the pad to need enabled links even - when this flag isn't set; the absence of the flag doesn't imply - there is none. + - If this flag is set, then for this pad to be able to stream, it must + be connected by at least one enabled link. There could be temporary + reasons (e.g. device configuration dependent) for the pad to need + enabled links even when this flag isn't set; the absence of the flag + doesn't imply there is none. One and only one of ``MEDIA_PAD_FL_SINK`` and ``MEDIA_PAD_FL_SOURCE`` diff --git a/drivers/media/mc/mc-entity.c b/drivers/media/mc/mc-entity.c index 5907925ffd89..0e28b9a7936e 100644 --- a/drivers/media/mc/mc-entity.c +++ b/drivers/media/mc/mc-entity.c @@ -535,14 +535,15 @@ static int media_pipeline_walk_push(struct media_pipeline_walk *walk, /* * Move the top entry link cursor to the next link. If all links of the entry - * have been visited, pop the entry itself. + * have been visited, pop the entry itself. Return true if the entry has been + * popped. */ -static void media_pipeline_walk_pop(struct media_pipeline_walk *walk) +static bool media_pipeline_walk_pop(struct media_pipeline_walk *walk) { struct media_pipeline_walk_entry *entry; if (WARN_ON(walk->stack.top < 0)) - return; + return false; entry = media_pipeline_walk_top(walk); @@ -552,7 +553,7 @@ static void media_pipeline_walk_pop(struct media_pipeline_walk *walk) walk->stack.top); walk->stack.top--; - return; + return true; } entry->links = entry->links->next; @@ -560,6 +561,8 @@ static void media_pipeline_walk_pop(struct media_pipeline_walk *walk) dev_dbg(walk->mdev->dev, "media pipeline: moved entry %u to next link\n", walk->stack.top); + + return false; } /* Free all memory allocated while walking the pipeline. */ @@ -609,11 +612,12 @@ static int media_pipeline_explore_next_link(struct media_pipeline *pipe, struct media_link *link; struct media_pad *local; struct media_pad *remote; + bool last_link; int ret; origin = entry->pad; link = list_entry(entry->links, typeof(*link), list); - media_pipeline_walk_pop(walk); + last_link = media_pipeline_walk_pop(walk); dev_dbg(walk->mdev->dev, "media pipeline: exploring link '%s':%u -> '%s':%u\n", @@ -638,7 +642,7 @@ static int media_pipeline_explore_next_link(struct media_pipeline *pipe, local->index)) { dev_dbg(walk->mdev->dev, "media pipeline: skipping link (no route)\n"); - return 0; + goto done; } /* @@ -653,13 +657,44 @@ static int media_pipeline_explore_next_link(struct media_pipeline *pipe, if (!(link->flags & MEDIA_LNK_FL_ENABLED)) { dev_dbg(walk->mdev->dev, "media pipeline: skipping link (disabled)\n"); - return 0; + goto done; } ret = media_pipeline_add_pad(pipe, walk, remote); if (ret) return ret; +done: + /* + * If we're done iterating over links, iterate over pads of the entity. + * This is necessary to discover pads that are not connected with any + * link. Those are dead ends from a pipeline exploration point of view, + * but are still part of the pipeline and need to be added to enable + * proper validation. + */ + if (!last_link) + return 0; + + dev_dbg(walk->mdev->dev, + "media pipeline: adding unconnected pads of '%s'\n", + local->entity->name); + + media_entity_for_each_pad(origin->entity, local) { + /* + * Skip the origin pad (already handled), pad that have links + * (already discovered through iterating over links) and pads + * not internally connected. + */ + if (origin == local || !local->num_links || + !media_entity_has_pad_interdep(origin->entity, origin->index, + local->index)) + continue; + + ret = media_pipeline_add_pad(pipe, walk, local); + if (ret) + return ret; + } + return 0; } @@ -771,7 +806,6 @@ __must_check int __media_pipeline_start(struct media_pad *pad, struct media_pad *pad = ppad->pad; struct media_entity *entity = pad->entity; bool has_enabled_link = false; - bool has_link = false; struct media_link *link; dev_dbg(mdev->dev, "Validating pad '%s':%u\n", pad->entity->name, @@ -801,7 +835,6 @@ __must_check int __media_pipeline_start(struct media_pad *pad, /* Record if the pad has links and enabled links. */ if (link->flags & MEDIA_LNK_FL_ENABLED) has_enabled_link = true; - has_link = true; /* * Validate the link if it's enabled and has the @@ -839,7 +872,7 @@ __must_check int __media_pipeline_start(struct media_pad *pad, * 3. If the pad has the MEDIA_PAD_FL_MUST_CONNECT flag set, * ensure that it has either no link or an enabled link. */ - if ((pad->flags & MEDIA_PAD_FL_MUST_CONNECT) && has_link && + if ((pad->flags & MEDIA_PAD_FL_MUST_CONNECT) && !has_enabled_link) { dev_dbg(mdev->dev, "Pad '%s':%u must be connected by an enabled link\n",

1 year, 7 months

1
0
0 0

[git:media_stage/master] media: mc: Add num_links flag to media_pad

by Hans Verkuil

This is an automatic generated email to let you know that the following patch were queued: Subject: media: mc: Add num_links flag to media_pad Author: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Date: Mon Jan 15 00:30:02 2024 +0200 Maintain a counter of the links connected to a pad in the media_pad structure. This helps checking if a pad is connected to anything, which will be used in the pipeline building code. Cc: stable(a)vger.kernel.org # 6.1 Signed-off-by: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Acked-by: Sakari Ailus <sakari.ailus(a)linux.intel.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> drivers/media/mc/mc-entity.c | 6 ++++++ include/media/media-entity.h | 2 ++ 2 files changed, 8 insertions(+) --- diff --git a/drivers/media/mc/mc-entity.c b/drivers/media/mc/mc-entity.c index 7839e3f68efa..c2d8f59b62c1 100644 --- a/drivers/media/mc/mc-entity.c +++ b/drivers/media/mc/mc-entity.c @@ -1038,6 +1038,9 @@ static void __media_entity_remove_link(struct media_entity *entity, /* Remove the reverse links for a data link. */ if ((link->flags & MEDIA_LNK_FL_LINK_TYPE) == MEDIA_LNK_FL_DATA_LINK) { + link->source->num_links--; + link->sink->num_links--; + if (link->source->entity == entity) remote = link->sink->entity; else @@ -1143,6 +1146,9 @@ media_create_pad_link(struct media_entity *source, u16 source_pad, sink->num_links++; source->num_links++; + link->source->num_links++; + link->sink->num_links++; + return 0; } EXPORT_SYMBOL_GPL(media_create_pad_link); diff --git a/include/media/media-entity.h b/include/media/media-entity.h index c79176ed6299..0393b23129eb 100644 --- a/include/media/media-entity.h +++ b/include/media/media-entity.h @@ -225,6 +225,7 @@ enum media_pad_signal_type { * @graph_obj: Embedded structure containing the media object common data * @entity: Entity this pad belongs to * @index: Pad index in the entity pads array, numbered from 0 to n + * @num_links: Number of links connected to this pad * @sig_type: Type of the signal inside a media pad * @flags: Pad flags, as defined in * :ref:`include/uapi/linux/media.h <media_header>` @@ -236,6 +237,7 @@ struct media_pad { struct media_gobj graph_obj; /* must be first field in struct */ struct media_entity *entity; u16 index; + u16 num_links; enum media_pad_signal_type sig_type; unsigned long flags;

1 year, 7 months

1
0
0 0

[git:media_stage/master] media: mc: Rename pad variable to clarify intent

by Hans Verkuil

This is an automatic generated email to let you know that the following patch were queued: Subject: media: mc: Rename pad variable to clarify intent Author: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Date: Mon Jan 15 00:30:02 2024 +0200 The pad local variable in the media_pipeline_explore_next_link() function is used to store the pad through which the entity has been reached. Rename it to origin to reflect that and make the code easier to read. This will be even more important in subsequent commits when expanding the function with additional logic. Cc: stable(a)vger.kernel.org # 6.1 Signed-off-by: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Acked-by: Sakari Ailus <sakari.ailus(a)linux.intel.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> drivers/media/mc/mc-entity.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) --- diff --git a/drivers/media/mc/mc-entity.c b/drivers/media/mc/mc-entity.c index c2d8f59b62c1..5907925ffd89 100644 --- a/drivers/media/mc/mc-entity.c +++ b/drivers/media/mc/mc-entity.c @@ -605,13 +605,13 @@ static int media_pipeline_explore_next_link(struct media_pipeline *pipe, struct media_pipeline_walk *walk) { struct media_pipeline_walk_entry *entry = media_pipeline_walk_top(walk); - struct media_pad *pad; + struct media_pad *origin; struct media_link *link; struct media_pad *local; struct media_pad *remote; int ret; - pad = entry->pad; + origin = entry->pad; link = list_entry(entry->links, typeof(*link), list); media_pipeline_walk_pop(walk); @@ -621,7 +621,7 @@ static int media_pipeline_explore_next_link(struct media_pipeline *pipe, link->sink->entity->name, link->sink->index); /* Get the local pad and remote pad. */ - if (link->source->entity == pad->entity) { + if (link->source->entity == origin->entity) { local = link->source; remote = link->sink; } else { @@ -633,8 +633,9 @@ static int media_pipeline_explore_next_link(struct media_pipeline *pipe, * Skip links that originate from a different pad than the incoming pad * that is not connected internally in the entity to the incoming pad. */ - if (pad != local && - !media_entity_has_pad_interdep(pad->entity, pad->index, local->index)) { + if (origin != local && + !media_entity_has_pad_interdep(origin->entity, origin->index, + local->index)) { dev_dbg(walk->mdev->dev, "media pipeline: skipping link (no route)\n"); return 0;

1 year, 7 months

1
0
0 0

[PATCH 6.1 000/221] 6.1.77-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.1.77 release. There are 221 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon, 05 Feb 2024 17:47:20 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.77-rc2… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.1.77-rc2 Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' Johan Hovold <johan+linaro(a)kernel.org> ASoC: codecs: wsa883x: fix PA volume control Johan Hovold <johan+linaro(a)kernel.org> ASoC: codecs: lpass-wsa-macro: fix compander volume hack Zhengchao Shao <shaozhengchao(a)huawei.com> bonding: remove print in bond_verify_device_path Praveen Kaligineedi <pkaligineedi(a)google.com> gve: Fix use-after-free vulnerability Huacai Chen <chenhuacai(a)kernel.org> LoongArch/smp: Call rcutree_report_cpu_starting() at tlb_init() Konrad Dybcio <konrad.dybcio(a)linaro.org> drm/msm/dsi: Enable runtime PM Jonathan Gray <jsg(a)jsg.id.au> Revert "drm/amd/display: Disable PSR-SU on Parade 0803 TCON again" Marco Elver <elver(a)google.com> mm, kmsan: fix infinite recursion due to RCU critical section Huang Shijie <shijie(a)os.amperecomputing.com> arm64: irq: set the correct node for shadow call stack Benjamin Poirier <bpoirier(a)nvidia.com> selftests: bonding: Check initial state Benjamin Poirier <bpoirier(a)nvidia.com> selftests: team: Add missing config options Breno Leitao <leitao(a)debian.org> net: sysfs: Fix /sys/class/net/<iface> path Paolo Abeni <pabeni(a)redhat.com> selftests: net: fix available tunnels detection Eric Dumazet <edumazet(a)google.com> af_unix: fix lockdep positive in sk_diag_dump_icons() Zhipeng Lu <alexious(a)zju.edu.cn> net: ipv4: fix a memleak in ip_setup_cork Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV Ryan Schaefer <ryanschf(a)amazon.com> netfilter: conntrack: correct window scaling with retransmitted SYN Matthias May <Matthias.May(a)westermo.com> selftests: net: add missing config for GENEVE Linus Lüssing <linus.luessing(a)c0d3.blue> bridge: mcast: fix disabled snooping after long uptime Eric Dumazet <edumazet(a)google.com> llc: call sock_orphan() at release time Helge Deller <deller(a)kernel.org> ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Michal Vokáč <michal.vokac(a)ysoft.com> net: dsa: qca8k: fix illegal usage of GPIO Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbe: Refactor overtemp event handling Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbe: Refactor returning internal error codes Eric Dumazet <edumazet(a)google.com> tcp: add sanity checks to rx zerocopy Horatiu Vultur <horatiu.vultur(a)microchip.com> net: lan966x: Fix port configuration when using SGMII interface Nicolas Dichtel <nicolas.dichtel(a)6wind.com> ipmr: fix kernel panic when forwarding mcast packets Eric Dumazet <edumazet(a)google.com> ipv4: raw: add drop reasons Eric Dumazet <edumazet(a)google.com> ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() Paolo Abeni <pabeni(a)redhat.com> selftests: net: give more time for GRO aggregation Su Hui <suhui(a)nfschina.com> HID: hidraw: fix a problem of memory leak in hidraw_release() Ming Lei <ming.lei(a)redhat.com> scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler Romain Naour <romain.naour(a)skf.com> regulator: ti-abb: don't use devm_platform_ioremap_resource_byname for shared interrupt register Su Hui <suhui(a)nfschina.com> scsi: isci: Fix an error code problem in isci_io_request_build() Stephen Rothwell <sfr(a)canb.auug.org.au> drm: using mul_u32_u32() requires linux/math64.h Edward Adam Davis <eadavis(a)qq.com> wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Peter Zijlstra <peterz(a)infradead.org> perf: Fix the nr_addr_filters fix Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' Wenchao Hao <haowenchao2(a)huawei.com> ceph: fix invalid pointer access if get_quota_realm return ERR_PTR Xiubo Li <xiubli(a)redhat.com> ceph: fix deadlock or deadcode of misusing dget() Venky Shankar <vshankar(a)redhat.com> ceph: reinitialize mds feature bit even when session in open Ming Lei <ming.lei(a)redhat.com> blk-mq: fix IO hang from sbitmap wakeup race Zhu Yanjun <yanjun.zhu(a)linux.dev> virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings Philip Yang <Philip.Yang(a)amd.com> drm/amdkfd: Fix lock dependency warning with srcu Felix Kuehling <felix.kuehling(a)amd.com> drm/amdkfd: Fix lock dependency warning Ian Rogers <irogers(a)google.com> libsubcmd: Fix memory leak in uniq() Hans de Goede <hdegoede(a)redhat.com> misc: lis3lv02d_i2c: Add missing setting of the reg_ctrl callback David Howells <dhowells(a)redhat.com> 9p: Fix initialisation of netfs_inode for 9p Bjorn Helgaas <bhelgaas(a)google.com> PCI/AER: Decode Requester ID when no error info found Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> PCI: Fix 64GT/s effective data rate calculation Yu-Che Cheng <giver(a)chromium.org> spmi: mediatek: Fix UAF on device remove Max Kellermann <max.kellermann(a)ionos.com> fs/kernfs/dir: obey S_ISGID Adrian Reber <areber(a)redhat.com> tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE Jo Van Bulck <jo.vanbulck(a)cs.kuleuven.be> selftests/sgx: Fix linker script asserts Hardik Gajjar <hgajjar(a)de.adit-jv.com> usb: hub: Add quirk to decrease IN-ep poll interval for Microchip USB491x hub Hardik Gajjar <hgajjar(a)de.adit-jv.com> usb: hub: Replace hardcoded quirk value with BIT() macro James Clark <james.clark(a)arm.com> perf cs-etm: Bump minimum OpenCSD version to ensure a bugfix is present Daniel Stodden <dns(a)arista.com> PCI: switchtec: Fix stdev_release() crash after surprise hot remove Guilherme G. Piccoli <gpiccoli(a)igalia.com> PCI: Only override AMD USB controller if required Xiaowu.ding <xiaowu.ding(a)jaguarmicro.com> mailbox: arm_mhuv2: Fix a bug for mhuv2_sender_interrupt Peter Robinson <pbrobinson(a)gmail.com> mfd: ti_am335x_tscadc: Fix TI SoC dependencies Oleksandr Tyshchenko <oleksandr_tyshchenko(a)epam.com> xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import Harshit Shah <harshitshah.opendev(a)gmail.com> i3c: master: cdns: Update maximum prescaler value for i2c clock Johannes Berg <johannes.berg(a)intel.com> um: time-travel: fix time corruption Nathan Chancellor <nathan(a)kernel.org> um: net: Fix return type of uml_net_start_xmit() Benjamin Berg <benjamin(a)sipsolutions.net> um: Don't use vfprintf() for os_info() Anton Ivanov <anton.ivanov(a)cambridgegreys.com> um: Fix naming clash between UML and scheduler Heiner Kallweit <hkallweit1(a)gmail.com> leds: trigger: panic: Don't register panic notifier if creating the trigger failed bo liu <bo.liu(a)senarytech.com> ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' Felix Kuehling <Felix.Kuehling(a)amd.com> drm/amdgpu: Let KFD sync with VM fences Stanley.Yang <Stanley.Yang(a)amd.com> drm/amdgpu: Fix ecc irq enable/disable unpaired Alexander Stein <alexander.stein(a)ew.tq-group.com> clk: imx: clk-imx8qxp: fix LVDS bypass, pixel and phy clocks Josip Pavic <josip.pavic(a)amd.com> drm/amd/display: make flip_timestamp_in_us a 64-bit variable Werner Fischer <devlists(a)wefi.net> watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 Kuan-Wei Chiu <visitorckw(a)gmail.com> clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() Kuan-Wei Chiu <visitorckw(a)gmail.com> clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() Wang, Beyond <Wang.Beyond(a)amd.com> drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap Abhinav Kumar <quic_abhinavk(a)quicinc.com> drm/msm/dpu: fix writeback programming for YUV cases Rob Clark <robdclark(a)chromium.org> drm/msm/dpu: Ratelimit framedone timeout msgs Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: For prefetch mode > 0, extend prefetch if possible Kieran Bingham <kieran.bingham(a)ideasonboard.com> media: i2c: imx335: Fix hblank min/max values Su Hui <suhui(a)nfschina.com> media: ddbridge: fix an error code problem in ddb_probe Ming Qian <ming.qian(a)nxp.com> media: amphion: remove mutext lock in condition of wait_event Daniel Vacek <neelx(a)redhat.com> IB/ipoib: Fix mcast list locking Douglas Anderson <dianders(a)chromium.org> drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time Chao Yu <chao(a)kernel.org> f2fs: fix to tag gcing flag on page during block migration Xing Tong Wu <xingtong.wu(a)siemens.com> hwmon: (nct6775) Fix fan speed set failure in automatic mode Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Fix IRQ disable race issue Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Store IRQ lines Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Fix IRQ handler return values Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Drop IRQF_SHARED Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ALSA: hda: Intel: add HDA_ARL PCI ID support Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> PCI: add INTEL_HDA_ARL to pci_ids.h Michael Tretter <m.tretter(a)pengutronix.de> media: rockchip: rga: fix swizzling for RGB formats Ghanshyam Agrawal <ghanshyam1898(a)gmail.com> media: stk1160: Fixed high volume of stk1160_dbg messages Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/mipi-dsi: Fix detach call without attach Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/framebuffer: Fix use of uninitialized variable Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/drm_file: fix use of uninitialized variable Venkata Prasad Potturu <venkataprasad.potturu(a)amd.com> ASoC: amd: Add new dmi entries for acp5x platform Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix write pointers on zoned device after roll forward Meenakshikumar Somasundaram <meenakshikumar.somasundaram(a)amd.com> drm/amd/display: Fix tiled display misalignment Xin Ji <xji(a)analogixsemi.com> drm/bridge: anx7625: Fix Set HPD irq detect window to 2ms Hsin-Yi Wang <hsinyi(a)chromium.org> drm/panel-edp: Add override_edid_mode quirk for generic edp Jack Wang <jinpu.wang(a)ionos.com> RDMA/IPoIB: Fix error code return in ipoib_mcast_join Al Viro <viro(a)zeniv.linux.org.uk> fast_dput(): handle underflows gracefully Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Takashi Iwai <tiwai(a)suse.de> ALSA: hda: Refer to correct stream index at loops Chao Yu <chao(a)kernel.org> f2fs: fix to check return value of f2fs_reserve_new_block() Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: qca8k: put MDIO bus OF node on qca8k_mdio_register() failure Suman Ghosh <sumang(a)marvell.com> octeontx2-af: Fix max NPC MCAM entry check while validating ref_entry Andrii Staikov <andrii.staikov(a)intel.com> i40e: Fix VF disable behavior to block all traffic Lin Ma <linma(a)zju.edu.cn> bridge: cfm: fix enum typo in br_cc_ccm_tx_parse Wen Gu <guwen(a)linux.alibaba.com> net/smc: disable SEID on non-s390 archs where virtual ISM may be used Frédéric Danis <frederic.danis(a)collabora.com> Bluetooth: L2CAP: Fix possible multiple reject send clancy shang <clancy.shang(a)quectel.com> Bluetooth: hci_sync: fix BR/EDR wakeup bug Zijun Hu <quic_zijuhu(a)quicinc.com> Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066 Benjamin Berg <benjamin.berg(a)intel.com> wifi: cfg80211: free beacon_ies when overridden from hidden BSS Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() Mingyi Zhang <zhangmingyi5(a)huawei.com> libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos Zenm Chen <zenmchen(a)gmail.com> wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Xianwei Zhao <xianwei.zhao(a)amlogic.com> arm64: dts: amlogic: fix format for s4 uart node Jesse Brandeburg <jesse.brandeburg(a)intel.com> ice: fix pre-shifted bit usage Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property Alex Lyakas <alex.lyakas(a)zadara.com> md: Whenassemble the array, consult the superblock of the freshest device Christoph Hellwig <hch(a)lst.de> block: prevent an integer overflow in bvec_try_merge_hw_page Tobias Waldekranz <tobias(a)waldekranz.com> net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error path Igor Russkikh <irusskikh(a)marvell.com> net: atlantic: eliminate double free in error handling logic Ahmed Zaki <ahmed.zaki(a)intel.com> ice: fix ICE_AQ_VSI_Q_OPT_RSS_* register values Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Set .phy_attached before notifing phyup event HISI_PHYE_PHY_UP_PM Fabio Estevam <festevam(a)denx.de> ARM: dts: imx23/28: Fix the DMA controller node name Fabio Estevam <festevam(a)denx.de> ARM: dts: imx23-sansa: Use preferred i2c-gpios properties Fabio Estevam <festevam(a)denx.de> ARM: dts: imx27-apf27dev: Fix LED name Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25/27: Pass timing0 Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25: Fix the iim compatible string Kees Cook <keescook(a)chromium.org> block/rnbd-srv: Check for unlikely string overflow Shannon Nelson <shannon.nelson(a)amd.com> ionic: bypass firmware cmds when stuck in reset Shannon Nelson <shannon.nelson(a)amd.com> ionic: pass opcode to devcmd_wait Christian Marangi <ansuelsmth(a)gmail.com> net: phy: at803x: fix passing the wrong reference for config_intr Fabio Estevam <festevam(a)denx.de> ARM: dts: imx1: Fix sram node Fabio Estevam <festevam(a)denx.de> ARM: dts: imx27: Fix sram node Fabio Estevam <festevam(a)denx.de> ARM: dts: imx: Use flash@0,0 pattern Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25/27-eukrea: Fix RTC node name Johan Jonker <jbx6244(a)gmail.com> ARM: dts: rockchip: fix rk3036 hdmi ports node Dmitry Antipov <dmantipov(a)yandex.ru> wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() Hou Tao <houtao1(a)huawei.com> bpf: Set uattr->batch.count as zero before batched update or deletion Hannes Reinecke <hare(a)suse.de> scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hannes Reinecke <hare(a)suse.de> scsi: libfc: Don't schedule abort twice Hou Tao <houtao1(a)huawei.com> bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers Baochen Qiang <quic_bqiang(a)quicinc.com> wifi: ath11k: fix race due to setting ATH11K_FLAG_EXT_IRQ_ENABLED too early Minsuk Kang <linuxlovemin(a)yonsei.ac.kr> wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7s: Fix nand-controller #size-cells Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7s: Fix lcdif compatible Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7d: Fix coresight funnel ports ching Huang <ching2048(a)areca.com.tw> scsi: arcmsr: Support new PCI device IDs 1883 and 1886 Sumit Saxena <sumit.saxena(a)broadcom.com> scsi: mpi3mr: Add PCI checks where SAS5116 diverges from SAS4116 Jose Ignacio Tornos Martinez <jtornosm(a)redhat.com> net: usb: ax88179_178a: avoid two consecutive device resets Zhengchao Shao <shaozhengchao(a)huawei.com> bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk Ido Schimmel <idosch(a)nvidia.com> PCI: Add no PM reset quirk for NVIDIA Spectrum devices Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Fix possible file string name overflow when updating firmware Tanmay Shah <tanmay.shah(a)xilinx.com> soc: xilinx: fix unhandled SGI warning message HariBabu Gattem <haribabu.gattem(a)xilinx.com> soc: xilinx: Fix for call trace due to the usage of smp_processor_id() Yafang Shao <laoar.shao(a)gmail.com> selftests/bpf: Fix issues in setup_classid_environment() Shiji Yang <yangshiji66(a)outlook.com> wifi: rt2x00: correct wrong BBP register in RxDCOC calibration Yonghong Song <yonghong.song(a)linux.dev> selftests/bpf: Fix pyperf180 compilation failure with clang18 Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: satisfy compiler by having explicit return in btf test Shiji Yang <yangshiji66(a)outlook.com> wifi: rt2x00: restart beacon queue when hardware reset Baokun Li <libaokun1(a)huawei.com> ext4: avoid online resizing failures due to oversized flex bg Baokun Li <libaokun1(a)huawei.com> ext4: remove unnecessary check from alloc_flex_gd() Baokun Li <libaokun1(a)huawei.com> ext4: unify the type of flexbg_size to unsigned int Ye Bin <yebin10(a)huawei.com> ext4: fix inconsistent between segment fstrim and full fstrim Gabriel Krisman Bertazi <krisman(a)suse.de> ecryptfs: Reject casefold directory inodes Anna Schumaker <Anna.Schumaker(a)Netapp.com> SUNRPC: Fix a suspicious RCU usage warning Heiko Carstens <hca(a)linux.ibm.com> KVM: s390: fix setting of fpc register Heiko Carstens <hca(a)linux.ibm.com> s390/ptrace: handle setting of fpc register correctly Tony Krowiak <akrowiak(a)linux.ibm.com> s390/vfio-ap: fix sysfs status attribute for AP queue devices Arnd Bergmann <arnd(a)arndb.de> arch: consolidate arch_irq_work_raise prototypes Edward Adam Davis <eadavis(a)qq.com> jfs: fix array-index-out-of-bounds in diNewExt Oleg Nesterov <oleg(a)redhat.com> rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleg Nesterov <oleg(a)redhat.com> afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() Oleg Nesterov <oleg(a)redhat.com> afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> crypto: stm32/crc32 - fix parsing list of devices Gao Xiang <xiang(a)kernel.org> erofs: fix ztailpacking for subpage compressed blocks Bharat Bhushan <bbhushan2(a)marvell.com> crypto: octeontx2 - Fix cptvf driver cleanup Weichen Chen <weichen.chen(a)mediatek.com> pstore/ram: Fix crash when setting number of cpus to an odd number Edward Adam Davis <eadavis(a)qq.com> jfs: fix uaf in jfs_evict_inode Manas Ghandat <ghandatmanas(a)gmail.com> jfs: fix array-index-out-of-bounds in dbAdjTree Manas Ghandat <ghandatmanas(a)gmail.com> jfs: fix slab-out-of-bounds Read in dtSearch Osama Muhammad <osmtendev(a)gmail.com> UBSAN: array-index-out-of-bounds in dtSplitRoot Osama Muhammad <osmtendev(a)gmail.com> FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree Shuai Xue <xueshuai(a)linux.alibaba.com> ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events Mukesh Ojha <quic_mojha(a)quicinc.com> PM / devfreq: Synchronize devfreq_monitor_[start/stop] Yuntao Wang <ytcoode(a)gmail.com> ACPI: NUMA: Fix the logic of getting the fake_pxm value Prarit Bhargava <prarit(a)redhat.com> ACPI: extlog: fix NULL pointer dereference check Dmitry Antipov <dmantipov(a)yandex.ru> PNP: ACPI: fix fortify warning Yuluo Qiu <qyl27(a)outlook.com> ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Chris Riches <chris.riches(a)nutanix.com> audit: Send netlink ACK before setting connection in auditd_set Rui Zhang <zr.zhang(a)vivo.com> regulator: core: Only increment use_count when enable_count changes Andrzej Hajda <andrzej.hajda(a)intel.com> debugobjects: Stop accessing objects after releasing hash bucket lock Greg KH <gregkh(a)linuxfoundation.org> perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file Zhiquan Li <zhiquan1.li(a)intel.com> x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel Naveen N Rao <naveen(a)kernel.org> powerpc/lib: Validate size for vector operations Stephen Rothwell <sfr(a)canb.auug.org.au> powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE Jun'ichi Nomura <junichi.nomura(a)nec.com> x86/boot: Ignore NMIs during very early boot Michael Ellerman <mpe(a)ellerman.id.au> powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping() Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() Michael Ellerman <mpe(a)ellerman.id.au> powerpc: Fix build error due to is_valid_bugaddr() Mark Rutland <mark.rutland(a)arm.com> drivers/perf: pmuv3: don't expose SW_INCR event in sysfs Huang Shijie <shijie(a)os.amperecomputing.com> arm64: irq: set the correct node for VMAP stack Kunwu Chan <chentao(a)kylinos.cn> powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Dmitry Torokhov <dmitry.torokhov(a)gmail.com> asm-generic: make sparse happy with odd-sized put_unaligned_*() ------------- Diffstat: Documentation/ABI/testing/sysfs-class-net-queues | 22 +-- Documentation/sound/soc/dapm.rst | 2 +- Makefile | 4 +- arch/arm/boot/dts/imx1-ads.dts | 2 +- arch/arm/boot/dts/imx1-apf9328.dts | 2 +- arch/arm/boot/dts/imx1.dtsi | 5 +- arch/arm/boot/dts/imx23-sansa.dts | 12 +- arch/arm/boot/dts/imx23.dtsi | 2 +- arch/arm/boot/dts/imx25-eukrea-cpuimx25.dtsi | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-cmo-qvga.dts | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-dvi-svga.dts | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-dvi-vga.dts | 2 +- arch/arm/boot/dts/imx25-pdk.dts | 2 +- arch/arm/boot/dts/imx25.dtsi | 2 +- arch/arm/boot/dts/imx27-apf27dev.dts | 4 +- arch/arm/boot/dts/imx27-eukrea-cpuimx27.dtsi | 4 +- .../boot/dts/imx27-eukrea-mbimxsd27-baseboard.dts | 2 +- arch/arm/boot/dts/imx27-phytec-phycard-s-rdk.dts | 2 +- arch/arm/boot/dts/imx27-phytec-phycore-rdk.dts | 2 +- arch/arm/boot/dts/imx27-phytec-phycore-som.dtsi | 2 +- arch/arm/boot/dts/imx27.dtsi | 3 + arch/arm/boot/dts/imx28.dtsi | 2 +- arch/arm/boot/dts/imx7d.dtsi | 3 - arch/arm/boot/dts/imx7s.dtsi | 10 +- arch/arm/boot/dts/rk3036.dtsi | 14 +- arch/arm/include/asm/irq_work.h | 2 - .../boot/dts/amlogic/meson-s4-s805x2-aq222.dts | 4 +- arch/arm64/boot/dts/amlogic/meson-s4.dtsi | 4 +- arch/arm64/boot/dts/qcom/msm8996.dtsi | 21 +++ arch/arm64/boot/dts/qcom/msm8998.dtsi | 32 ++-- arch/arm64/include/asm/irq_work.h | 2 - arch/arm64/kernel/irq.c | 7 +- arch/arm64/kernel/perf_event.c | 6 +- arch/csky/include/asm/irq_work.h | 2 +- arch/loongarch/kernel/smp.c | 1 - arch/loongarch/mm/tlb.c | 16 +- arch/powerpc/include/asm/irq_work.h | 1 - arch/powerpc/include/asm/mmu.h | 4 + arch/powerpc/include/asm/mmzone.h | 8 - arch/powerpc/kernel/traps.c | 2 + arch/powerpc/lib/sstep.c | 10 ++ arch/powerpc/mm/book3s64/pgtable.c | 2 + arch/powerpc/mm/init-common.c | 5 +- arch/powerpc/mm/mmu_decl.h | 5 + arch/riscv/include/asm/irq_work.h | 2 +- arch/s390/include/asm/irq_work.h | 2 - arch/s390/kernel/ptrace.c | 6 +- arch/s390/kvm/kvm-s390.c | 5 - arch/um/drivers/net_kern.c | 2 +- arch/um/include/shared/kern_util.h | 2 +- arch/um/kernel/process.c | 2 +- arch/um/kernel/time.c | 32 +++- arch/um/os-Linux/helper.c | 6 +- arch/um/os-Linux/util.c | 19 +- arch/x86/boot/compressed/ident_map_64.c | 5 + arch/x86/boot/compressed/idt_64.c | 1 + arch/x86/boot/compressed/idt_handlers_64.S | 1 + arch/x86/boot/compressed/misc.h | 1 + arch/x86/include/asm/irq_work.h | 1 - arch/x86/include/asm/kmsan.h | 17 +- arch/x86/kernel/cpu/mce/core.c | 16 ++ block/bio.c | 2 +- block/blk-mq.c | 16 ++ drivers/acpi/acpi_extlog.c | 5 +- drivers/acpi/acpi_video.c | 9 + drivers/acpi/apei/ghes.c | 29 ++- drivers/acpi/numa/srat.c | 4 +- drivers/base/arch_numa.c | 2 +- drivers/block/rnbd/rnbd-srv.c | 19 +- drivers/bluetooth/hci_qca.c | 1 + drivers/clk/hisilicon/clk-hi3620.c | 4 +- drivers/clk/imx/clk-imx8qxp.c | 24 ++- drivers/clk/mmp/clk-of-pxa168.c | 3 + drivers/crypto/marvell/octeontx2/otx2_cptlf.c | 6 +- drivers/crypto/marvell/octeontx2/otx2_cptvf_main.c | 3 + drivers/crypto/stm32/stm32-crc32.c | 2 +- drivers/devfreq/devfreq.c | 24 ++- drivers/gpu/drm/amd/amdgpu/aldebaran.c | 26 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c | 21 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 13 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_sync.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.c | 6 +- drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c | 4 + drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 5 + drivers/gpu/drm/amd/amdgpu/gmc_v6_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 8 +- drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 42 ++--- drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 24 +-- drivers/gpu/drm/amd/display/dc/core/dc.c | 4 + drivers/gpu/drm/amd/display/dc/dc_hw_types.h | 2 +- .../amd/display/dc/dml/dcn32/display_mode_vba_32.c | 3 + .../dc/dml/dcn32/display_mode_vba_util_32.c | 33 +++- .../dc/dml/dcn32/display_mode_vba_util_32.h | 1 + .../drm/amd/display/modules/power/power_helpers.c | 2 - .../amd/pm/powerplay/hwmgr/process_pptables_v1_0.c | 2 +- drivers/gpu/drm/bridge/analogix/anx7625.c | 51 ++++-- drivers/gpu/drm/bridge/analogix/anx7625.h | 4 + drivers/gpu/drm/drm_file.c | 2 +- drivers/gpu/drm/drm_framebuffer.c | 2 +- drivers/gpu/drm/drm_mipi_dsi.c | 17 +- drivers/gpu/drm/exynos/exynos_drm_drv.c | 11 ++ drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 5 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_wb.c | 3 + drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 1 + drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 + drivers/gpu/drm/panel/panel-edp.c | 48 ++++- drivers/hid/hidraw.c | 7 +- drivers/hwmon/nct6775-core.c | 7 + drivers/i3c/master/i3c-master-cdns.c | 7 +- drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 7 +- drivers/leds/trigger/ledtrig-panic.c | 5 +- drivers/mailbox/arm_mhuv2.c | 3 +- drivers/md/md.c | 54 ++++-- drivers/media/i2c/imx335.c | 4 +- drivers/media/pci/ddbridge/ddbridge-main.c | 2 +- drivers/media/platform/amphion/vpu.h | 3 +- drivers/media/platform/amphion/vpu_cmds.c | 28 +-- drivers/media/platform/amphion/vpu_v4l2.c | 1 + drivers/media/platform/rockchip/rga/rga.c | 15 +- .../media/platform/rockchip/rkisp1/rkisp1-common.h | 11 +- .../media/platform/rockchip/rkisp1/rkisp1-csi.c | 14 +- .../media/platform/rockchip/rkisp1/rkisp1-dev.c | 35 +++- .../media/platform/rockchip/rkisp1/rkisp1-isp.c | 20 ++- drivers/media/usb/stk1160/stk1160-video.c | 5 +- drivers/mfd/Kconfig | 1 + drivers/misc/lis3lv02d/lis3lv02d_i2c.c | 1 + drivers/net/bonding/bond_alb.c | 3 +- drivers/net/dsa/mv88e6xxx/chip.h | 4 +- drivers/net/dsa/mv88e6xxx/serdes.c | 10 +- drivers/net/dsa/mv88e6xxx/serdes.h | 8 +- drivers/net/dsa/qca/qca8k-8xxx.c | 24 ++- drivers/net/ethernet/aquantia/atlantic/aq_ptp.c | 28 ++- drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 61 ++----- drivers/net/ethernet/aquantia/atlantic/aq_ring.h | 22 +-- drivers/net/ethernet/aquantia/atlantic/aq_vec.c | 23 ++- drivers/net/ethernet/google/gve/gve_tx_dqo.c | 5 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 32 ++++ drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 + drivers/net/ethernet/intel/ice/ice_adminq_cmd.h | 18 +- drivers/net/ethernet/intel/ice/ice_lib.c | 7 +- drivers/net/ethernet/intel/ice/ice_virtchnl.c | 12 +- drivers/net/ethernet/intel/ice/ice_vsi_vlan_lib.c | 16 +- drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c | 36 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_82599.c | 61 ++++--- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 145 +++++++-------- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 42 ++--- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c | 34 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 1 - drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 105 +++++------ drivers/net/ethernet/intel/ixgbe/ixgbe_phy.h | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 43 +---- drivers/net/ethernet/intel/ixgbe/ixgbe_x540.c | 44 ++--- drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 149 +++++++-------- .../net/ethernet/marvell/octeontx2/af/rvu_npc.c | 13 +- .../net/ethernet/microchip/lan966x/lan966x_port.c | 5 +- .../net/ethernet/pensando/ionic/ionic_bus_pci.c | 4 + drivers/net/ethernet/pensando/ionic/ionic_dev.c | 1 + drivers/net/ethernet/pensando/ionic/ionic_dev.h | 1 + drivers/net/ethernet/pensando/ionic/ionic_lif.c | 3 + drivers/net/ethernet/pensando/ionic/ionic_main.c | 22 ++- drivers/net/phy/at803x.c | 6 +- drivers/net/usb/ax88179_178a.c | 2 - drivers/net/virtio_net.c | 9 +- drivers/net/wireless/ath/ath11k/pcic.c | 4 +- drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 5 +- drivers/net/wireless/ralink/rt2x00/rt2800lib.c | 2 +- drivers/net/wireless/ralink/rt2x00/rt2x00dev.c | 3 + drivers/net/wireless/ralink/rt2x00/rt2x00mac.c | 11 ++ .../net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 12 ++ .../net/wireless/realtek/rtlwifi/rtl8723ae/phy.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8723be/phy.c | 4 +- drivers/net/wireless/silabs/wfx/sta.c | 42 +++-- drivers/pci/pci.h | 2 +- drivers/pci/pcie/aer.c | 9 +- drivers/pci/quirks.c | 24 ++- drivers/pci/switch/switchtec.c | 25 ++- drivers/pnp/pnpacpi/rsparser.c | 12 +- drivers/regulator/core.c | 56 +++--- drivers/regulator/ti-abb-regulator.c | 22 ++- drivers/s390/crypto/vfio_ap_ops.c | 16 +- drivers/scsi/arcmsr/arcmsr.h | 4 + drivers/scsi/arcmsr/arcmsr_hba.c | 6 + drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 10 +- drivers/scsi/isci/request.c | 2 +- drivers/scsi/libfc/fc_fcp.c | 18 +- drivers/scsi/lpfc/lpfc.h | 1 + drivers/scsi/lpfc/lpfc_init.c | 4 +- drivers/scsi/mpi3mr/mpi3mr_fw.c | 3 +- drivers/scsi/mpi3mr/mpi3mr_os.c | 5 +- drivers/scsi/scsi_error.c | 8 +- drivers/scsi/scsi_lib.c | 2 +- drivers/scsi/scsi_priv.h | 2 +- drivers/soc/xilinx/xlnx_event_manager.c | 7 +- drivers/spmi/spmi-mtk-pmif.c | 7 +- drivers/tty/tty_ioctl.c | 4 +- drivers/usb/core/hub.c | 33 +++- drivers/watchdog/it87_wdt.c | 14 +- drivers/xen/gntdev-dmabuf.c | 50 +++--- fs/9p/v9fs_vfs.h | 1 + fs/9p/vfs_inode.c | 6 +- fs/9p/vfs_inode_dotl.c | 1 + fs/afs/callback.c | 3 +- fs/afs/server.c | 7 +- fs/ceph/caps.c | 9 +- fs/ceph/mds_client.c | 2 +- fs/ceph/quota.c | 39 ++-- fs/dcache.c | 7 +- fs/ecryptfs/inode.c | 8 + fs/erofs/zdata.c | 2 +- fs/ext4/mballoc.c | 11 +- fs/ext4/resize.c | 37 ++-- fs/f2fs/compress.c | 4 +- fs/f2fs/file.c | 2 + fs/f2fs/recovery.c | 25 ++- fs/jfs/jfs_dmap.c | 57 +++--- fs/jfs/jfs_dtree.c | 7 +- fs/jfs/jfs_imap.c | 3 + fs/jfs/jfs_mount.c | 6 +- fs/kernfs/dir.c | 12 ++ fs/pstore/ram.c | 1 + include/asm-generic/numa.h | 2 + include/asm-generic/unaligned.h | 24 +-- include/drm/drm_color_mgmt.h | 1 + include/drm/drm_mipi_dsi.h | 2 + include/linux/irq_work.h | 3 + include/linux/mmzone.h | 6 +- include/linux/pci_ids.h | 1 + include/net/af_unix.h | 20 ++- include/net/ip.h | 2 +- include/net/netfilter/nf_tables.h | 2 + kernel/audit.c | 31 +++- kernel/bpf/helpers.c | 13 +- kernel/bpf/syscall.c | 6 + kernel/events/core.c | 38 ++-- lib/debugobjects.c | 200 ++++++++------------- net/bluetooth/hci_sync.c | 10 +- net/bluetooth/l2cap_core.c | 3 +- net/bridge/br_cfm_netlink.c | 2 +- net/bridge/br_multicast.c | 20 ++- net/bridge/br_private.h | 4 +- net/ipv4/ip_output.c | 12 +- net/ipv4/ip_sockglue.c | 6 +- net/ipv4/ipmr.c | 2 +- net/ipv4/raw.c | 10 +- net/ipv4/tcp.c | 12 +- net/ipv4/udp.c | 2 +- net/ipv6/addrconf_core.c | 21 ++- net/ipv6/ip6_tunnel.c | 21 ++- net/llc/af_llc.c | 2 + net/netfilter/nf_conntrack_proto_tcp.c | 10 +- net/netfilter/nf_log.c | 7 +- net/netfilter/nf_tables_api.c | 14 +- net/netfilter/nft_ct.c | 24 +++ net/netfilter/nft_tunnel.c | 1 + net/rxrpc/conn_service.c | 3 +- net/smc/smc_clc.c | 14 ++ net/sunrpc/xprtmultipath.c | 17 +- net/unix/af_unix.c | 14 +- net/unix/diag.c | 2 +- net/wireless/scan.c | 4 + sound/hda/hdac_stream.c | 9 +- sound/pci/hda/hda_intel.c | 2 + sound/pci/hda/patch_conexant.c | 115 +++++++++++- sound/soc/amd/acp-config.c | 15 +- sound/soc/codecs/lpass-wsa-macro.c | 7 - sound/soc/codecs/wsa883x.c | 6 +- tools/build/feature/test-libopencsd.c | 4 +- tools/lib/bpf/libbpf.c | 2 + tools/lib/subcmd/help.c | 18 +- tools/testing/selftests/bpf/cgroup_helpers.c | 18 +- tools/testing/selftests/bpf/prog_tests/btf.c | 1 + tools/testing/selftests/bpf/progs/pyperf180.c | 22 +++ .../selftests/drivers/net/bonding/lag_lib.sh | 11 ++ tools/testing/selftests/drivers/net/team/config | 4 +- tools/testing/selftests/net/config | 1 + tools/testing/selftests/net/pmtu.sh | 16 +- tools/testing/selftests/net/setup_veth.sh | 2 +- tools/testing/selftests/sgx/test_encl.lds | 6 +- 286 files changed, 2319 insertions(+), 1338 deletions(-)

1 year, 7 months

10
11
0 0

[v6.7][PATCH 00/23] eventfs: Linus's updates for 6.7

by Steven Rostedt

This is a backport of all the work that lead up to the work that Linus made on eventfs. I trust Linus's version more so than the versions in 6.6 and 6.7. There may be plenty of hidden issues due to the design. This is the update for 6.7. It includes Linus's updates as well as all the patches leading up to them. I ran these through my full test suite that I use before sending anyting to Linus, althouh I did not run my "bisect" test that walks through the patches. The tests were just run on the end result. I'm currently running my 6.6 version through my tests. Erick Archer (1): eventfs: Use kcalloc() instead of kzalloc() Linus Torvalds (7): tracefs: remove stale 'update_gid' code eventfs: Initialize the tracefs inode properly tracefs: Avoid using the ei->dentry pointer unnecessarily tracefs: dentry lookup crapectomy eventfs: Remove unused d_parent pointer field eventfs: Clean up dentry ops and add revalidate function eventfs: Get rid of dentry pointers without refcounts Steven Rostedt (Google) (15): eventfs: Remove "lookup" parameter from create_dir/file_dentry() eventfs: Stop using dcache_readdir() for getdents() tracefs/eventfs: Use root and instance inodes as default ownership eventfs: Have eventfs_iterate() stop immediately if ei->is_freed is set eventfs: Do ctx->pos update for all iterations in eventfs_iterate() eventfs: Read ei->entries before ei->children in eventfs_iterate() eventfs: Shortcut eventfs_iterate() by skipping entries already read eventfs: Have the inodes all for files and directories all be the same eventfs: Do not create dentries nor inodes in iterate_shared eventfs: Save directory inodes in the eventfs_inode structure tracefs: Zero out the tracefs_inode when allocating it eventfs: Warn if an eventfs_inode is freed without is_freed being set eventfs: Restructure eventfs_inode structure to be more condensed eventfs: Remove fsnotify*() functions from lookup() eventfs: Keep all directory links at 1 ---- fs/tracefs/event_inode.c | 905 ++++++++++++++++------------------------------- fs/tracefs/inode.c | 286 +++++++-------- fs/tracefs/internal.h | 48 ++- 3 files changed, 451 insertions(+), 788 deletions(-)

1 year, 7 months

3
26
0 0

[PATCH v2] mtd: rawnand: marvell: fix layouts

by Elad Nachman

From: Elad Nachman <enachman(a)marvell.com> The check in nand_base.c, nand_scan_tail() : has the following code: (ecc->steps * ecc->size != mtd->writesize) which fails for some NAND chips. Remove ECC entries in this driver which are not integral multiplications, and adjust the number of chunks for entries which fails the above calculation so it will calculate correctly (this was previously done automatically before the check and was removed in a later commit). Fixes: 68c18dae6888 ("mtd: rawnand: marvell: add missing layouts") Cc: stable(a)vger.kernel.org Signed-off-by: Elad Nachman <enachman(a)marvell.com> --- drivers/mtd/nand/raw/marvell_nand.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/drivers/mtd/nand/raw/marvell_nand.c b/drivers/mtd/nand/raw/marvell_nand.c index a46698744850..5b0f5a9cef81 100644 --- a/drivers/mtd/nand/raw/marvell_nand.c +++ b/drivers/mtd/nand/raw/marvell_nand.c @@ -290,16 +290,13 @@ static const struct marvell_hw_ecc_layout marvell_nfc_layouts[] = { MARVELL_LAYOUT( 2048, 512, 4, 1, 1, 2048, 32, 30, 0, 0, 0), MARVELL_LAYOUT( 2048, 512, 8, 2, 1, 1024, 0, 30,1024,32, 30), MARVELL_LAYOUT( 2048, 512, 8, 2, 1, 1024, 0, 30,1024,64, 30), - MARVELL_LAYOUT( 2048, 512, 12, 3, 2, 704, 0, 30,640, 0, 30), - MARVELL_LAYOUT( 2048, 512, 16, 5, 4, 512, 0, 30, 0, 32, 30), + MARVELL_LAYOUT( 2048, 512, 16, 4, 4, 512, 0, 30, 0, 32, 30), MARVELL_LAYOUT( 4096, 512, 4, 2, 2, 2048, 32, 30, 0, 0, 0), - MARVELL_LAYOUT( 4096, 512, 8, 5, 4, 1024, 0, 30, 0, 64, 30), - MARVELL_LAYOUT( 4096, 512, 12, 6, 5, 704, 0, 30,576, 32, 30), - MARVELL_LAYOUT( 4096, 512, 16, 9, 8, 512, 0, 30, 0, 32, 30), + MARVELL_LAYOUT( 4096, 512, 8, 4, 4, 1024, 0, 30, 0, 64, 30), + MARVELL_LAYOUT( 4096, 512, 16, 8, 8, 512, 0, 30, 0, 32, 30), MARVELL_LAYOUT( 8192, 512, 4, 4, 4, 2048, 0, 30, 0, 0, 0), - MARVELL_LAYOUT( 8192, 512, 8, 9, 8, 1024, 0, 30, 0, 160, 30), - MARVELL_LAYOUT( 8192, 512, 12, 12, 11, 704, 0, 30,448, 64, 30), - MARVELL_LAYOUT( 8192, 512, 16, 17, 16, 512, 0, 30, 0, 32, 30), + MARVELL_LAYOUT( 8192, 512, 8, 8, 8, 1024, 0, 30, 0, 160, 30), + MARVELL_LAYOUT( 8192, 512, 16, 16, 16, 512, 0, 30, 0, 32, 30), }; /** -- 2.25.1

1 year, 7 months

2
1
0 0

[git:media_stage/master] media: xc4000: Fix atomicity violation in xc4000_get_frequency

by Hans Verkuil

This is an automatic generated email to let you know that the following patch were queued: Subject: media: xc4000: Fix atomicity violation in xc4000_get_frequency Author: Gui-Dong Han <2045gemini(a)gmail.com> Date: Fri Dec 22 13:50:30 2023 +0800 In xc4000_get_frequency(): *freq = priv->freq_hz + priv->freq_offset; The code accesses priv->freq_hz and priv->freq_offset without holding any lock. In xc4000_set_params(): // Code that updates priv->freq_hz and priv->freq_offset ... xc4000_get_frequency() and xc4000_set_params() may execute concurrently, risking inconsistent reads of priv->freq_hz and priv->freq_offset. Since these related data may update during reading, it can result in incorrect frequency calculation, leading to atomicity violations. This possible bug is found by an experimental static analysis tool developed by our team, BassCheck[1]. This tool analyzes the locking APIs to extract function pairs that can be concurrently executed, and then analyzes the instructions in the paired functions to identify possible concurrency bugs including data races and atomicity violations. The above possible bug is reported when our tool analyzes the source code of Linux 6.2. To address this issue, it is proposed to add a mutex lock pair in xc4000_get_frequency() to ensure atomicity. With this patch applied, our tool no longer reports the possible bug, with the kernel configuration allyesconfig for x86_64. Due to the lack of associated hardware, we cannot test the patch in runtime testing, and just verify it according to the code logic. [1] https://sites.google.com/view/basscheck/ Fixes: 4c07e32884ab ("[media] xc4000: Fix get_frequency()") Cc: stable(a)vger.kernel.org Reported-by: BassCheck <bass(a)buaa.edu.cn> Signed-off-by: Gui-Dong Han <2045gemini(a)gmail.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> drivers/media/tuners/xc4000.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- diff --git a/drivers/media/tuners/xc4000.c b/drivers/media/tuners/xc4000.c index 57ded9ff3f04..29bc63021c5a 100644 --- a/drivers/media/tuners/xc4000.c +++ b/drivers/media/tuners/xc4000.c @@ -1515,10 +1515,10 @@ static int xc4000_get_frequency(struct dvb_frontend *fe, u32 *freq) { struct xc4000_priv *priv = fe->tuner_priv; + mutex_lock(&priv->lock); *freq = priv->freq_hz + priv->freq_offset; if (debug) { - mutex_lock(&priv->lock); if ((priv->cur_fw.type & (BASE | FM | DTV6 | DTV7 | DTV78 | DTV8)) == BASE) { u16 snr = 0; @@ -1529,8 +1529,8 @@ static int xc4000_get_frequency(struct dvb_frontend *fe, u32 *freq) return 0; } } - mutex_unlock(&priv->lock); } + mutex_unlock(&priv->lock); dprintk(1, "%s()\n", __func__);

1 year, 7 months

1
0
0 0

[PATCH] ksmbd: free aux buffer if ksmbd_iov_pin_rsp_read fails

by Fedor Pchelkin

ksmbd_iov_pin_rsp_read() doesn't free the provided aux buffer if it fails. Seems to be the caller's responsibility to clear the buffer in error case. Found by Linux Verification Center (linuxtesting.org). Fixes: e2b76ab8b5c9 ("ksmbd: add support for read compound") Cc: stable(a)vger.kernel.org Signed-off-by: Fedor Pchelkin <pchelkin(a)ispras.ru> --- fs/smb/server/smb2pdu.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/fs/smb/server/smb2pdu.c b/fs/smb/server/smb2pdu.c index ba7a72a6a4f4..0c97d3c86072 100644 --- a/fs/smb/server/smb2pdu.c +++ b/fs/smb/server/smb2pdu.c @@ -6173,8 +6173,10 @@ static noinline int smb2_read_pipe(struct ksmbd_work *work) err = ksmbd_iov_pin_rsp_read(work, (void *)rsp, offsetof(struct smb2_read_rsp, Buffer), aux_payload_buf, nbytes); - if (err) + if (err) { + kvfree(aux_payload_buf); goto out; + } kvfree(rpc_resp); } else { err = ksmbd_iov_pin_rsp(work, (void *)rsp, @@ -6384,8 +6386,10 @@ int smb2_read(struct ksmbd_work *work) err = ksmbd_iov_pin_rsp_read(work, (void *)rsp, offsetof(struct smb2_read_rsp, Buffer), aux_payload_buf, nbytes); - if (err) + if (err) { + kvfree(aux_payload_buf); goto out; + } ksmbd_fd_put(work, fp); return 0; -- 2.39.2

1 year, 7 months

2
1
0 0

[PATCH] ARM: ep93xx: Add terminator to gpiod_lookup_table

by Alexander Sverdlin

From: Nikita Shubin <nikita.shubin(a)maquefel.me> Without the terminator, if a con_id is passed to gpio_find() that does not exist in the lookup table the function will not stop looping correctly, and eventually cause an oops. Cc: stable(a)vger.kernel.org Fixes: b2e63555592f ("i2c: gpio: Convert to use descriptors") Reported-by: Andy Shevchenko <andriy.shevchenko(a)intel.com> Signed-off-by: Nikita Shubin <nikita.shubin(a)maquefel.me> Reviewed-by: Linus Walleij <linus.walleij(a)linaro.org> Acked-by: Alexander Sverdlin <alexander.sverdlin(a)gmail.com> Signed-off-by: Alexander Sverdlin <alexander.sverdlin(a)gmail.com> --- arch/arm/mach-ep93xx/core.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm/mach-ep93xx/core.c b/arch/arm/mach-ep93xx/core.c index 71b113976420..8b1ec60a9a46 100644 --- a/arch/arm/mach-ep93xx/core.c +++ b/arch/arm/mach-ep93xx/core.c @@ -339,6 +339,7 @@ static struct gpiod_lookup_table ep93xx_i2c_gpiod_table = { GPIO_ACTIVE_HIGH | GPIO_OPEN_DRAIN), GPIO_LOOKUP_IDX("G", 0, NULL, 1, GPIO_ACTIVE_HIGH | GPIO_OPEN_DRAIN), + { } }, }; -- 2.42.0

1 year, 7 months

1
0
0 0

S/PDIF not detected anymore / regression on recent kernel 6.7 ?

by Serge SIMON

Dear Kernel maintainers, I think i'm encountering (for the first time in years !) a regression with the "6.7.arch3-1" kernel (whereas no issues with "6.6.10.arch1-1", on which i reverted). I'm running a (up-to-date, and non-LTS) ARCHLINUX desktop, on a ASUS B560-I motherboard, with 3 monitors (attached to a 4-HDMI outputs card), plus an audio S/PDIF optic output at motherboard level. With the latest kernel, the S/PIDF optic output of the motherboard is NOT detected anymore (and i haven't been able to see / find anything in the logs at quick glance, neither journalctl -xe nor dmesg). Once reverted to 6.6.10, everything is fine again. For example, in a working situation (6.6.10), i have : cat /proc/asound/pcm 00-00: ALC1220 Analog : ALC1220 Analog : playback 1 : capture 1 00-01: ALC1220 Digital : ALC1220 Digital : playback 1 00-02: ALC1220 Alt Analog : ALC1220 Alt Analog : capture 1 01-03: HDMI 0 : HDMI 0 : playback 1 01-07: HDMI 1 : HDMI 1 : playback 1 01-08: HDMI 2 : HDMI 2 : playback 1 01-09: HDMI 3 : HDMI 3 : playback 1 Whereas while on the latest 6.7 kernel, i only had the 4 HDMI lines (linked to a NVIDIA T600 card, with 4 HDMI outputs) and not the three first ones (attached to the motherboard). (of course i did several tests with 6.7, reboot, ... without any changes) Any idea ? Best regards -- Serge.

1 year, 7 months

3
3
0 0

[PATCH RFC v2 8/8] m68k: Move signal frame following exception on 68020/030

by Michael Schmitz

From: Finn Thain <fthain(a)linux-m68k.org> On 68030/020, an instruction such as, moveml %a2-%a3/%a5,%sp@- may cause a stack page fault during instruction execution (i.e. not at an instruction boundary) and produce a format 0xB exception frame. In this situation, the value of USP will be unreliable. If a signal is to be delivered following the exception, this USP value is used to calculate the location for a signal frame. This can result in a corrupted user stack. The corruption was detected in dash (actually in glibc) where it showed up as an intermittent "stack smashing detected" message and crash following signal delivery for SIGCHLD. It was hard to reproduce that failure because delivery of the signal raced with the page fault and because the kernel places an unpredictable gap of up to 7 bytes between the USP and the signal frame. A format 0xB exception frame can be produced by a bus error or an address error. The 68030 Users Manual says that address errors occur immediately upon detection during instruction prefetch. The instruction pipeline allows prefetch to overlap with other instructions, which means an address error can arise during the execution of a different instruction. So it seems likely that this patch may help in the address error case also. Reported-and-tested-by: Stan Johnson <userm57(a)yahoo.com> Link: https://lore.kernel.org/all/CAMuHMdW3yD22_ApemzW_6me3adq6A458u1_F0v-1EYwK_6… Cc: Michael Schmitz <schmitzmic(a)gmail.com> Cc: Andreas Schwab <schwab(a)linux-m68k.org> Cc: stable(a)vger.kernel.org Co-developed-by: Michael Schmitz <schmitzmic(a)gmail.com> Signed-off-by: Michael Schmitz <schmitzmic(a)gmail.com> Signed-off-by: Finn Thain <fthain(a)linux-m68k.org> Reviewed-by: Geert Uytterhoeven <geert(a)linux-m68k.org> Link: https://lore.kernel.org/r/9e66262a754fcba50208aa424188896cc52a1dd1.16833658… Signed-off-by: Geert Uytterhoeven <geert(a)linux-m68k.org> --- arch/m68k/kernel/signal.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/arch/m68k/kernel/signal.c b/arch/m68k/kernel/signal.c index 8fb8ee804b3a..de7c1bde62bc 100644 --- a/arch/m68k/kernel/signal.c +++ b/arch/m68k/kernel/signal.c @@ -808,11 +808,17 @@ static inline int rt_setup_ucontext(struct ucontext __user *uc, struct pt_regs * } static inline void __user * -get_sigframe(struct ksignal *ksig, size_t frame_size) +get_sigframe(struct ksignal *ksig, struct pt_regs *tregs, size_t frame_size) { unsigned long usp = sigsp(rdusp(), ksig); + unsigned long gap = 0; - return (void __user *)((usp - frame_size) & -8UL); + if (CPU_IS_020_OR_030 && tregs->format == 0xb) { + /* USP is unreliable so use worst-case value */ + gap = 256; + } + + return (void __user *)((usp - gap - frame_size) & -8UL); } static int setup_frame(struct ksignal *ksig, sigset_t *set, @@ -830,7 +836,7 @@ static int setup_frame(struct ksignal *ksig, sigset_t *set, return -EFAULT; } - frame = get_sigframe(ksig, sizeof(*frame) + fsize); + frame = get_sigframe(ksig, tregs, sizeof(*frame) + fsize); if (fsize) err |= copy_to_user (frame + 1, regs + 1, fsize); @@ -903,7 +909,7 @@ static int setup_rt_frame(struct ksignal *ksig, sigset_t *set, return -EFAULT; } - frame = get_sigframe(ksig, sizeof(*frame)); + frame = get_sigframe(ksig, tregs, sizeof(*frame)); if (fsize) err |= copy_to_user (&frame->uc.uc_extra, regs + 1, fsize); -- 2.17.1

1 year, 7 months

1
0
0 0

[PATCH RFC v2 1/8] m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap()

by Michael Schmitz

If 020/030 support is enabled, get_io_area() leaves an IO_SIZE gap between mappings which is added to the vm_struct representing the mapping. __ioremap() uses the actual requested size (after alignment), while __iounmap() is passed the size from the vm_struct. On 020/030, early termination descriptors are used to set up mappings of extent 'size', which are validated on unmapping. The unmapped gap of size IO_SIZE defeats the sanity check of the pmd tables, causing __iounmap() to loop forever on 030. On 040/060, unmapping of page table entries does not check for a valid mapping, so the umapping loop always completes there. Adjust size to be unmapped by the gap that had been added in the vm_struct prior. This fixes the hang in atari_platform_init() reported a long time ago, and a similar one reported by Finn recently (addressed by removing ioremap() use from the SWIM driver. Tested on my Falcon in 030 mode - untested but should work the same on 040/060 (the extra page tables cleared there would never have been set up anyway). Signed-off-by: Michael Schmitz <schmitzmic(a)gmail.com> [geert: Minor commit description improvements] [geert: This was fixed in 2.4.23, but not in 2.5.x] Signed-off-by: Geert Uytterhoeven <geert(a)linux-m68k.org> Cc: stable(a)vger.kernel.org --- arch/m68k/mm/kmap.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/m68k/mm/kmap.c b/arch/m68k/mm/kmap.c index 6e4955bc542b..fcd52cefee29 100644 --- a/arch/m68k/mm/kmap.c +++ b/arch/m68k/mm/kmap.c @@ -88,7 +88,8 @@ static inline void free_io_area(void *addr) for (p = &iolist ; (tmp = *p) ; p = &tmp->next) { if (tmp->addr == addr) { *p = tmp->next; - __iounmap(tmp->addr, tmp->size); + /* remove gap added in get_io_area() */ + __iounmap(tmp->addr, tmp->size - IO_SIZE); kfree(tmp); return; } -- 2.17.1

1 year, 7 months

1
0
0 0

Re: [PATCH 6.6 000/326] 6.6.16-rc2 review

by Стас Ничипорович

After trying again to create the ipset with timeout option I get a kernel panic # ipset create throttled-ips hash:ip family inet hashsize 1024 maxelem 100000 timeout 600 bucketsize 12 initval 0x22b96e3a ipset v7.20: Set cannot be created: set with the same name already exists [Sat Feb 3 21:51:43 2024] Kernel 6.6.16- started... [Sat Feb 3 21:51:44 2024] ------------[ cut here ]------------ [Sat Feb 3 21:51:44 2024] WARNING: CPU: 0 PID: 0 at __run_timers.part.0+0x45d/0x570 [Sat Feb 3 21:51:44 2024] Modules linked in: netconsole configfs xt_multiport xt_HL xt_TCPMSS xt_tcpudp xt_comment xt_mark iptable_mangle iptable_raw iptable_filter xt_MASQUERADE xt_set iptable_nat nfnetlink_cttimeout nfnetlink_log ip_set_list_set ip_set_hash_ipport ip_set_hash_ip ip_set_hash_netiface ip_set_hash_net ip_set nf_nat_sip nf_nat_ftp nf_nat_tftp nf_nat_irc nf_nat_amanda nf_nat_h323 nf_nat_snmp_basic asn1_decoder nf_nat_pptp nf_nat nf_conntrack_irc nf_conntrack_snmp nf_conntrack_netbios_ns nf_conntrack_broadcast nf_conntrack_sip nf_conntrack_tftp nf_conntrack_pptp ts_kmp nf_conntrack_amanda nf_conntrack_sane nf_conntrack_h323 xt_conntrack nf_conntrack_ftp xt_dns(O) nf_conntrack_netlink nfnetlink ipt_NETFLOW(O) ip6_tables ip_tables xt_ndpi(O) xt_RATELIMIT(O) nf_conntrack_rtcache nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c crc32c_generic crc32c_intel x_tables vrf sha1_ssse3 sha1_generic hmac ipv6 ixgbevf ixgbe mdio mdio_devres libphy ifb virtio_rng rng_core button [Sat Feb 3 21:51:44 2024] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G O 6.6.16- #12 [Sat Feb 3 21:51:44 2024] RIP: 0010:__run_timers.part.0+0x45d/0x570 [Sat Feb 3 21:51:44 2024] Code: 21 0d f5 7e 89 ca 89 c8 81 e2 00 00 00 80 44 09 f2 65 0f b1 15 0c 0d f5 7e 39 c1 75 e0 48 89 df e8 38 b0 48 00 e9 53 ff ff ff <0f> 0b e9 4c ff ff ff 44 89 f2 4c 89 fe 48 c7 c7 e0 9a 8f 81 c6 05 [Sat Feb 3 21:51:44 2024] RSP: 0018:ffff88807d805f20 EFLAGS: 00010046 [Sat Feb 3 21:51:44 2024] RAX: 0000000000000000 RBX: ffff88807d81c9c0 RCX: ffff88807d805f20 [Sat Feb 3 21:51:44 2024] RDX: ffff888003207768 RSI: 00000000000000a5 RDI: ffff88807d81c9e8 [Sat Feb 3 21:51:44 2024] RBP: ffff88807d805f20 R08: 0000000003ffeee2 R09: 7fffffffffffffff [Sat Feb 3 21:51:44 2024] R10: ffffffff81a050c0 R11: 0000000000000082 R12: dead000000000122 [Sat Feb 3 21:51:44 2024] R13: 0000000000000000 R14: ffffffff81a050c8 R15: 0000000000000000 [Sat Feb 3 21:51:44 2024] FS: 0000000000000000(0000) GS:ffff88807d800000(0000) knlGS:0000000000000000 [Sat Feb 3 21:51:44 2024] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [Sat Feb 3 21:51:44 2024] CR2: 00007fb98e5e95b0 CR3: 0000000001a12003 CR4: 00000000001706b0 [Sat Feb 3 21:51:44 2024] Call Trace: [Sat Feb 3 21:51:44 2024] <IRQ> [Sat Feb 3 21:51:44 2024] ? __warn+0x6c/0x130 [Sat Feb 3 21:51:44 2024] ? report_bug+0x136/0x1b0 [Sat Feb 3 21:51:44 2024] ? handle_bug+0x36/0x70 [Sat Feb 3 21:51:44 2024] ? exc_invalid_op+0x17/0x1a0 [Sat Feb 3 21:51:44 2024] ? asm_exc_invalid_op+0x16/0x20 [Sat Feb 3 21:51:44 2024] ? __run_timers.part.0+0x45d/0x570 [Sat Feb 3 21:51:44 2024] ? ktime_get+0x30/0x90 [Sat Feb 3 21:51:44 2024] ? clockevents_program_event+0x76/0xd0 [Sat Feb 3 21:51:44 2024] __do_softirq+0xb4/0x1e8 [Sat Feb 3 21:51:44 2024] irq_exit_rcu+0x5d/0x80 [Sat Feb 3 21:51:44 2024] sysvec_apic_timer_interrupt+0x66/0x80 [Sat Feb 3 21:51:44 2024] </IRQ> [Sat Feb 3 21:51:44 2024] <TASK> [Sat Feb 3 21:51:44 2024] asm_sysvec_apic_timer_interrupt+0x16/0x20 [Sat Feb 3 21:51:44 2024] RIP: 0010:default_idle+0xb/0x10 [Sat Feb 3 21:51:44 2024] Code: 07 76 e7 48 89 07 49 c7 c0 08 00 00 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 72 ff ff ff cc cc cc cc eb 07 0f 00 2d 47 27 2b 00 fb f4 <fa> c3 0f 1f 00 65 48 8b 04 25 c0 10 02 00 f0 80 48 02 20 48 8b 10 [Sat Feb 3 21:51:44 2024] RSP: 0018:ffffffff81a03eb0 EFLAGS: 00000206 [Sat Feb 3 21:51:44 2024] RAX: ffff88807d81fa80 RBX: 0000000000000000 RCX: 4000000000000000 [Sat Feb 3 21:51:44 2024] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000d8494 [Sat Feb 3 21:51:44 2024] RBP: ffffffff81a08a40 R08: 0000000000000001 R09: 0000000000000000 [Sat Feb 3 21:51:44 2024] R10: 0000000000100000 R11: 000000000122662f R12: ffffffff81a08a40 [Sat Feb 3 21:51:44 2024] R13: ffff88807ffda040 R14: ffffffff81a085e0 R15: 0000000000013c70 [Sat Feb 3 21:51:44 2024] default_idle_call+0x1f/0x26 [Sat Feb 3 21:51:44 2024] do_idle+0x92/0xf0 [Sat Feb 3 21:51:44 2024] cpu_startup_entry+0x21/0x30 [Sat Feb 3 21:51:44 2024] rest_init+0x9e/0xa0 [Sat Feb 3 21:51:44 2024] arch_call_rest_init+0x5/0x20 [Sat Feb 3 21:51:44 2024] start_kernel+0x3f3/0x460 [Sat Feb 3 21:51:44 2024] x86_64_start_reservations+0x14/0x30 [Sat Feb 3 21:51:44 2024] x86_64_start_kernel+0xa9/0xc0 [Sat Feb 3 21:51:44 2024] secondary_startup_64_no_verify+0x174/0x17b [Sat Feb 3 21:51:44 2024] </TASK> [Sat Feb 3 21:51:44 2024] ---[ end trace 0000000000000000 ]--- reverting netfilter-ipset-fix-performance-regression-in-swap-o.patch fixes panic.

1 year, 7 months

2
6
0 0

[PATCH 6.7 000/353] 6.7.4-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.7.4 release. There are 353 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon, 05 Feb 2024 03:51:47 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.7.4-rc1.… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.7.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.7.4-rc1 Zhengchao Shao <shaozhengchao(a)huawei.com> bonding: remove print in bond_verify_device_path Yonghong Song <yonghong.song(a)linux.dev> selftests/bpf: Remove flaky test_btf_id test Konrad Dybcio <konrad.dybcio(a)linaro.org> drm/msm/dsi: Enable runtime PM Jonathan Gray <jsg(a)jsg.id.au> Revert "drm/amd/display: Disable PSR-SU on Parade 0803 TCON again" Marco Elver <elver(a)google.com> mm, kmsan: fix infinite recursion due to RCU critical section Huang Shijie <shijie(a)os.amperecomputing.com> arm64: irq: set the correct node for shadow call stack Pavan Kumar Linga <pavan.kumar.linga(a)intel.com> idpf: avoid compiler padding in virtchnl2_ptype struct Paolo Abeni <pabeni(a)redhat.com> selftests: net: enable some more knobs Jakub Kicinski <kuba(a)kernel.org> selftests: net: add missing config for NF_TARGET_TTL Benjamin Poirier <bpoirier(a)nvidia.com> selftests: bonding: Check initial state Benjamin Poirier <bpoirier(a)nvidia.com> selftests: team: Add missing config options Breno Leitao <leitao(a)debian.org> net: sysfs: Fix /sys/class/net/<iface> path Geetha sowjanya <gakula(a)marvell.com> octeontx2-pf: Remove xdp queues on program detach Paolo Abeni <pabeni(a)redhat.com> selftests: net: don't access /dev/stdout in pmtu.sh Paolo Abeni <pabeni(a)redhat.com> selftests: net: fix available tunnels detection Paolo Abeni <pabeni(a)redhat.com> selftests: net: add missing config for pmtu.sh tests Jakub Kicinski <kuba(a)kernel.org> selftests: net: add missing config for nftables-backed iptables Brett Creeley <brett.creeley(a)amd.com> pds_core: Rework teardown/setup flow to be more common Brett Creeley <brett.creeley(a)amd.com> pds_core: Clear BARs on reset Brett Creeley <brett.creeley(a)amd.com> pds_core: Prevent race issues involving the adminq Brett Creeley <brett.creeley(a)amd.com> pds_core: Use struct pdsc for the pdsc_adminq_isr private data Brett Creeley <brett.creeley(a)amd.com> pds_core: Cancel AQ work on teardown Brett Creeley <brett.creeley(a)amd.com> pds_core: Prevent health thread from running during reset/remove Eric Dumazet <edumazet(a)google.com> af_unix: fix lockdep positive in sk_diag_dump_icons() Zhipeng Lu <alexious(a)zju.edu.cn> net: ipv4: fix a memleak in ip_setup_cork Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: fix performance regression in swap operation Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV Ryan Schaefer <ryanschf(a)amazon.com> netfilter: conntrack: correct window scaling with retransmitted SYN Matthias May <Matthias.May(a)westermo.com> selftests: net: add missing config for GENEVE Parav Pandit <parav(a)nvidia.com> devlink: Fix referring to hw_addr attribute during state validation Linus Lüssing <linus.luessing(a)c0d3.blue> bridge: mcast: fix disabled snooping after long uptime Ido Schimmel <idosch(a)nvidia.com> selftests: net: Add missing matchall classifier Eric Dumazet <edumazet(a)google.com> llc: call sock_orphan() at release time Helge Deller <deller(a)kernel.org> ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Michal Vokáč <michal.vokac(a)ysoft.com> net: dsa: qca8k: fix illegal usage of GPIO Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbe: Refactor overtemp event handling Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbe: Refactor returning internal error codes Jacob Keller <jacob.e.keller(a)intel.com> e1000e: correct maximum frequency adjustment values Eric Dumazet <edumazet(a)google.com> tcp: add sanity checks to rx zerocopy Linus Torvalds <torvalds(a)linux-foundation.org> tracefs: remove stale 'update_gid' code Horatiu Vultur <horatiu.vultur(a)microchip.com> net: lan966x: Fix port configuration when using SGMII interface Nicolas Dichtel <nicolas.dichtel(a)6wind.com> ipmr: fix kernel panic when forwarding mcast packets Daniel Golle <daniel(a)makrotopia.org> net: dsa: mt7530: fix 10M/100M speed on MT7988 switch Eric Dumazet <edumazet(a)google.com> ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() Paolo Abeni <pabeni(a)redhat.com> selftests: net: give more time for GRO aggregation Paolo Abeni <pabeni(a)redhat.com> selftests: net: add missing required classifier Paolo Abeni <pabeni(a)redhat.com> selftests: net: add missing config for big tcp tests Gaurav Jain <gaurav.jain(a)nxp.com> crypto: caam - fix asynchronous hash Daniel Golle <daniel(a)makrotopia.org> net: phy: mediatek-ge-soc: sync driver with MediaTek SDK Daniel Golle <daniel(a)makrotopia.org> net: ethernet: mtk_eth_soc: set DMA coherent mask to get PPE working Praveen Kaligineedi <pkaligineedi(a)google.com> gve: Fix skb truesize underestimation Paolo Abeni <pabeni(a)redhat.com> selftests: net: explicitly wait for listener ready Paolo Abeni <pabeni(a)redhat.com> selftests: net: remove dependency on ebpf tests Su Hui <suhui(a)nfschina.com> HID: hidraw: fix a problem of memory leak in hidraw_release() Ming Lei <ming.lei(a)redhat.com> scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler Romain Naour <romain.naour(a)skf.com> regulator: ti-abb: don't use devm_platform_ioremap_resource_byname for shared interrupt register Marco Pagani <marpagan(a)redhat.com> kunit: run test suites only after module initialization completes Su Hui <suhui(a)nfschina.com> scsi: isci: Fix an error code problem in isci_io_request_build() Alexandre Ghiti <alexghiti(a)rivosinc.com> riscv: Fix build error on rv32 + XIP Jonathan Kim <jonathan.kim(a)amd.com> drm/amdkfd: only flush mes process context if mes support is there Rob Clark <robdclark(a)chromium.org> drm/msm/dpu: Correct UBWC settings for sc8280xp Stephen Rothwell <sfr(a)canb.auug.org.au> drm: using mul_u32_u32() requires linux/math64.h Edward Adam Davis <eadavis(a)qq.com> wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Peter Zijlstra <peterz(a)infradead.org> perf: Fix the nr_addr_filters fix Tim Lunn <tim(a)feathertop.org> i2c: rk3x: Adjust mask/value offset for i2c2 on rv1126 Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: fix avg vs input power reporting on smu7 Wenchao Hao <haowenchao2(a)huawei.com> ceph: fix invalid pointer access if get_quota_realm return ERR_PTR Xiubo Li <xiubli(a)redhat.com> ceph: fix deadlock or deadcode of misusing dget() Venky Shankar <vshankar(a)redhat.com> ceph: reinitialize mds feature bit even when session in open Ming Lei <ming.lei(a)redhat.com> blk-mq: fix IO hang from sbitmap wakeup race Zhu Yanjun <yanjun.zhu(a)linux.dev> virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings Philip Yang <Philip.Yang(a)amd.com> drm/amdkfd: Fix lock dependency warning with srcu Daniel Miess <daniel.miess(a)amd.com> Revert "drm/amd/display: Fix conversions between bytes and KB" Martin Tsai <martin.tsai(a)amd.com> drm/amd/display: To adjust dprefclk by down spread percentage Felix Kuehling <felix.kuehling(a)amd.com> drm/amdkfd: Fix lock dependency warning ChiYuan Huang <cy_huang(a)richtek.com> ASoC: codecs: rtq9128: Fix TDM enable and DAI format control flow ChiYuan Huang <cy_huang(a)richtek.com> ASoC: codecs: rtq9128: Fix PM_RUNTIME usage Ian Rogers <irogers(a)google.com> libsubcmd: Fix memory leak in uniq() Hans de Goede <hdegoede(a)redhat.com> misc: lis3lv02d_i2c: Add missing setting of the reg_ctrl callback Yinbo Zhu <zhuyinbo(a)loongson.cn> usb: xhci-plat: fix usb disconnect issue after s4 Steven Rostedt (Google) <rostedt(a)goodmis.org> tracefs/eventfs: Use root and instance inodes as default ownership David Howells <dhowells(a)redhat.com> 9p: Fix initialisation of netfs_inode for 9p Bjorn Helgaas <bhelgaas(a)google.com> PCI/AER: Decode Requester ID when no error info found Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> PCI: Fix 64GT/s effective data rate calculation Piro Yang <piroyangg(a)gmail.com> staging: vme_user: Fix the issue of return the wrong error code Yu-Che Cheng <giver(a)chromium.org> spmi: mediatek: Fix UAF on device remove Max Kellermann <max.kellermann(a)ionos.com> fs/kernfs/dir: obey S_ISGID Crescent CY Hsieh <crescentcy.hsieh(a)moxa.com> tty: serial: 8250: Set RS422 interface by default to fix Moxa RS422/RS485 PCIe boards Adrian Reber <areber(a)redhat.com> tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE Jo Van Bulck <jo.vanbulck(a)cs.kuleuven.be> selftests/sgx: Fix linker script asserts Hardik Gajjar <hgajjar(a)de.adit-jv.com> usb: hub: Add quirk to decrease IN-ep poll interval for Microchip USB491x hub Hardik Gajjar <hgajjar(a)de.adit-jv.com> usb: hub: Replace hardcoded quirk value with BIT() macro Yaxiong Tian <tianyaxiong(a)kylinos.cn> extcon: fix possible name leak in extcon_dev_register() Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: fix possible null pointer deref during xhci urb enqueue James Clark <james.clark(a)arm.com> perf cs-etm: Bump minimum OpenCSD version to ensure a bugfix is present Daniel Stodden <dns(a)arista.com> PCI: switchtec: Fix stdev_release() crash after surprise hot remove Guilherme G. Piccoli <gpiccoli(a)igalia.com> PCI: Only override AMD USB controller if required Xiaowu.ding <xiaowu.ding(a)jaguarmicro.com> mailbox: arm_mhuv2: Fix a bug for mhuv2_sender_interrupt Peter Robinson <pbrobinson(a)gmail.com> mfd: ti_am335x_tscadc: Fix TI SoC dependencies Oleksandr Tyshchenko <oleksandr_tyshchenko(a)epam.com> xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import Frederik Haxel <haxel(a)fzi.de> riscv: Make XIP bootable again Michael Maltsev <mekosko(a)projectyo.network> ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CGA Ben Mayo <benny1091(a)gmail.com> ACPI: resource: Add DMI quirks for ASUS Vivobook E1504GA and E1504GAB Harshit Shah <harshitshah.opendev(a)gmail.com> i3c: master: cdns: Update maximum prescaler value for i2c clock Johannes Berg <johannes.berg(a)intel.com> um: time-travel: fix time corruption Nathan Chancellor <nathan(a)kernel.org> um: net: Fix return type of uml_net_start_xmit() Benjamin Berg <benjamin(a)sipsolutions.net> um: Don't use vfprintf() for os_info() Anton Ivanov <anton.ivanov(a)cambridgegreys.com> um: Fix naming clash between UML and scheduler Heiner Kallweit <hkallweit1(a)gmail.com> leds: trigger: panic: Don't register panic notifier if creating the trigger failed Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> pinctrl: baytrail: Fix types of config value in byt_pin_config_set() bo liu <bo.liu(a)senarytech.com> ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: apply the RV2 system aperture fix to RN/CZN as well Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Ivan Lipski <ivlipski(a)amd.com> Re-revert "drm/amd/display: Enable Replay for static screen use cases" Felix Kuehling <Felix.Kuehling(a)amd.com> drm/amdgpu: Let KFD sync with VM fences Meenakshikumar Somasundaram <meenakshikumar.somasundaram(a)amd.com> drm/amd/display: Fix minor issues in BW Allocation Phase2 Stanley.Yang <Stanley.Yang(a)amd.com> drm/amdgpu: Fix ecc irq enable/disable unpaired Alexander Stein <alexander.stein(a)ew.tq-group.com> clk: imx: clk-imx8qxp: fix LVDS bypass, pixel and phy clocks Kuan-Wei Chiu <visitorckw(a)gmail.com> clk: imx: scu: Fix memory leak in __imx_clk_gpr_scu() Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: Only clear symclk otg flag for HDMI Michael Strauss <michael.strauss(a)amd.com> drm/amd/display: Fix lightup regression with DP2 single display configs Allen Pan <allen.pan(a)amd.com> drm/amd/display: fix usb-c connector_type Josip Pavic <josip.pavic(a)amd.com> drm/amd/display: make flip_timestamp_in_us a 64-bit variable Dafna Hirschfeld <dhirschfeld(a)habana.ai> accel/habanalabs/gaudi2: fix undef opcode reporting Farah Kassabri <fkassabri(a)habana.ai> accel/habanalabs: fix EQ heartbeat mechanism Oded Gabbay <ogabbay(a)kernel.org> accel/habanalabs: add support for Gaudi2C device Werner Fischer <devlists(a)wefi.net> watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 Ben Dooks <ben.dooks(a)codethink.co.uk> watchdog: starfive: add lock annotations to fix context imbalances Kuan-Wei Chiu <visitorckw(a)gmail.com> clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() Kuan-Wei Chiu <visitorckw(a)gmail.com> clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() Wang, Beyond <Wang.Beyond(a)amd.com> drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap Paloma Arellano <quic_parellan(a)quicinc.com> drm/msm/dpu: Add mutex lock in control vblank irq Abhinav Kumar <quic_abhinavk(a)quicinc.com> drm/msm/dpu: fix writeback programming for YUV cases Rob Clark <robdclark(a)chromium.org> drm/msm/dpu: Ratelimit framedone timeout msgs Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: enable writeback on SM8450 Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: enable writeback on SM8350 Jonathan Kim <jonathan.kim(a)amd.com> drm/amdkfd: fix mes set shader debugger process management Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: Force p-state disallow if leaving no plane config Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: For prefetch mode > 0, extend prefetch if possible Kieran Bingham <kieran.bingham(a)ideasonboard.com> media: i2c: imx335: Fix hblank min/max values Hans de Goede <hdegoede(a)redhat.com> media: ov2740: Fix hts value Su Hui <suhui(a)nfschina.com> media: ddbridge: fix an error code problem in ddb_probe Ming Qian <ming.qian(a)nxp.com> media: amphion: remove mutext lock in condition of wait_event Daniel Vacek <neelx(a)redhat.com> IB/ipoib: Fix mcast list locking Douglas Anderson <dianders(a)chromium.org> drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time Chao Yu <chao(a)kernel.org> f2fs: fix to tag gcing flag on page during block migration James Seo <james(a)equiv.tech> hwmon: (hp-wmi-sensors) Fix failure to load on EliteDesk 800 G6 Xing Tong Wu <xingtong.wu(a)siemens.com> hwmon: (nct6775) Fix fan speed set failure in automatic mode Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: resizer: Stop manual allocation of v4l2_subdev_state Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Fix IRQ disable race issue Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Store IRQ lines Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Fix IRQ handler return values Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Drop IRQF_SHARED Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Fix power line control for SunplusIT camera Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Fix power line control for a Chicony camera Neil Armstrong <neil.armstrong(a)linaro.org> drm/msm/dp: Add DisplayPort controller for SM8650 Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ALSA: hda: Intel: add HDA_ARL PCI ID support Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> PCI: add INTEL_HDA_ARL to pci_ids.h Michael Tretter <m.tretter(a)pengutronix.de> media: rockchip: rga: fix swizzling for RGB formats Ghanshyam Agrawal <ghanshyam1898(a)gmail.com> media: stk1160: Fixed high volume of stk1160_dbg messages Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/mipi-dsi: Fix detach call without attach Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/framebuffer: Fix use of uninitialized variable Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/drm_file: fix use of uninitialized variable Wenjing Liu <wenjing.liu(a)amd.com> drm/amd/display: add support for DTO genarated dscclk Dennis Chan <dennis.chan(a)amd.com> drm/amd/display: Fix Replay Desync Error IRQ handler Nicholas Susanto <nicholas.susanto(a)amd.com> drm/amd/display: Fix disable_otg_wa logic Ilya Bakoulin <ilya.bakoulin(a)amd.com> drm/amd/display: Fix MST PBN/X.Y value calculations Charlene Liu <charlene.liu(a)amd.com> drm/amd/display: initialize all the dpm level's stutter latency Venkata Prasad Potturu <venkataprasad.potturu(a)amd.com> ASoC: amd: Add new dmi entries for acp5x platform Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix write pointers on zoned device after roll forward Meenakshikumar Somasundaram <meenakshikumar.somasundaram(a)amd.com> drm/amd/display: Fix tiled display misalignment Xin Ji <xji(a)analogixsemi.com> drm/bridge: anx7625: Fix Set HPD irq detect window to 2ms Hsin-Yi Wang <hsinyi(a)chromium.org> drm/panel-edp: Add override_edid_mode quirk for generic edp Jack Wang <jinpu.wang(a)ionos.com> RDMA/IPoIB: Fix error code return in ipoib_mcast_join Danylo Piliaiev <dpiliaiev(a)igalia.com> drm/msm/a690: Fix reg values for a690 Jan Kara <jack(a)suse.cz> ocfs2: Avoid touching renamed directory if parent does not change Jan Kara <jack(a)suse.cz> reiserfs: Avoid touching renamed directory if parent does not change Al Viro <viro(a)zeniv.linux.org.uk> fast_dput(): handle underflows gracefully Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Takashi Iwai <tiwai(a)suse.de> ALSA: hda: Refer to correct stream index at loops Chao Yu <chao(a)kernel.org> f2fs: fix to check return value of f2fs_reserve_new_block() Linus Walleij <linus.walleij(a)linaro.org> ARM: dts: usr8200: Fix phy registers Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: qca8k: put MDIO bus OF node on qca8k_mdio_register() failure Mina Almasry <almasrymina(a)google.com> net: kcm: fix direct access to bv_len Suman Ghosh <sumang(a)marvell.com> octeontx2-af: Fix max NPC MCAM entry check while validating ref_entry Andrii Staikov <andrii.staikov(a)intel.com> i40e: Fix VF disable behavior to block all traffic Chunyan Zhang <chunyan.zhang(a)unisoc.com> arm64: dts: sprd: Change UMS512 idle-state nodename to match bindings Chunyan Zhang <chunyan.zhang(a)unisoc.com> arm64: dts: sprd: Add clock reference for pll2 on UMS512 Lin Ma <linma(a)zju.edu.cn> bridge: cfm: fix enum typo in br_cc_ccm_tx_parse Wen Gu <guwen(a)linux.alibaba.com> net/smc: disable SEID on non-s390 archs where virtual ISM may be used Frédéric Danis <frederic.danis(a)collabora.com> Bluetooth: L2CAP: Fix possible multiple reject send clancy shang <clancy.shang(a)quectel.com> Bluetooth: hci_sync: fix BR/EDR wakeup bug Iulia Tanasescu <iulia.tanasescu(a)nxp.com> Bluetooth: ISO: Avoid creating child socket if PA sync is terminating Zijun Hu <quic_zijuhu(a)quicinc.com> Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066 Benjamin Berg <benjamin.berg(a)intel.com> wifi: cfg80211: free beacon_ies when overridden from hidden BSS Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() Mingyi Zhang <zhangmingyi5(a)huawei.com> libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos Ching-Te Ku <ku920601(a)realtek.com> wifi: rtw89: coex: Fix wrong Wi-Fi role info and FDDT parameter members Zenm Chen <zenmchen(a)gmail.com> wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Xianwei Zhao <xianwei.zhao(a)amlogic.com> arm64: dts: amlogic: fix format for s4 uart node Jesse Brandeburg <jesse.brandeburg(a)intel.com> ice: fix pre-shifted bit usage Jesse Brandeburg <jesse.brandeburg(a)intel.com> intel: add bit macro includes where needed Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: Fix coresight warnings in in-ports and out-ports Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property Alexei Starovoitov <ast(a)kernel.org> x86/cfi,bpf: Fix bpf_exception_cb() signature Alex Lyakas <alex.lyakas(a)zadara.com> md: Whenassemble the array, consult the superblock of the freshest device Christoph Hellwig <hch(a)lst.de> block: prevent an integer overflow in bvec_try_merge_hw_page Linus Walleij <linus.walleij(a)linaro.org> ARM64: dts: marvell: Fix some common switch mistakes Linus Walleij <linus.walleij(a)linaro.org> ARM: dts: marvell: Fix some common switch mistakes Tobias Waldekranz <tobias(a)waldekranz.com> net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error path Igor Russkikh <irusskikh(a)marvell.com> net: atlantic: eliminate double free in error handling logic Ahmed Zaki <ahmed.zaki(a)intel.com> ice: fix ICE_AQ_VSI_Q_OPT_RSS_* register values Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Set .phy_attached before notifing phyup event HISI_PHYE_PHY_UP_PM Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Move determination of vmid_flag after VMID reinitialization completes Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Reinitialize an NPIV's VMID data structures after FDISC Fabio Estevam <festevam(a)denx.de> ARM: dts: imx23/28: Fix the DMA controller node name Fabio Estevam <festevam(a)denx.de> ARM: dts: imx23-sansa: Use preferred i2c-gpios properties Fabio Estevam <festevam(a)denx.de> ARM: dts: imx27-apf27dev: Fix LED name Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25/27: Pass timing0 Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25: Fix the iim compatible string Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: fix compiler warnings in RELEASE=1 mode Michal Simek <michal.simek(a)amd.com> arm64: zynqmp: Fix clock node name in kv260 cards Michal Simek <michal.simek(a)amd.com> arm64: zynqmp: Move fixed clock to / for kv260 Kees Cook <keescook(a)chromium.org> block/rnbd-srv: Check for unlikely string overflow Shannon Nelson <shannon.nelson(a)amd.com> ionic: bypass firmware cmds when stuck in reset Shannon Nelson <shannon.nelson(a)amd.com> ionic: pass opcode to devcmd_wait Christian Marangi <ansuelsmth(a)gmail.com> net: phy: at803x: fix passing the wrong reference for config_intr Fabio Estevam <festevam(a)denx.de> ARM: dts: imx1: Fix sram node Fabio Estevam <festevam(a)denx.de> ARM: dts: imx27: Fix sram node Fabio Estevam <festevam(a)denx.de> ARM: dts: imx: Use flash@0,0 pattern Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25/27-eukrea: Fix RTC node name Johan Jonker <jbx6244(a)gmail.com> ARM: dts: rockchip: fix rk3036 hdmi ports node Lingbo Kong <quic_lingbok(a)quicinc.com> wifi: ath12k: fix the issue that the multicast/broadcast indicator is not read correctly for WCN7850 Dmitry Antipov <dmantipov(a)yandex.ru> wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() Hou Tao <houtao1(a)huawei.com> bpf: Set uattr->batch.count as zero before batched update or deletion StanleyYP Wang <StanleyYP.Wang(a)mediatek.com> wifi: mt76: mt7996: add PCI IDs for mt7992 MeiChia Chiu <meichia.chiu(a)mediatek.com> wifi: mt76: connac: fix EHT phy mode check Nia Espera <nespera(a)igalia.com> arm64: dts: qcom: sm8350: Fix remoteproc interrupt type Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: qcom: sm8450: fix soundwire controllers node name Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: qcom: sm8550: fix soundwire controllers node name Tobias Waldekranz <tobias(a)waldekranz.com> net: mvmdio: Avoid excessive sleeps in polled mode Hannes Reinecke <hare(a)suse.de> scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hannes Reinecke <hare(a)suse.de> scsi: libfc: Don't schedule abort twice Kang Yang <quic_kangyang(a)quicinc.com> wifi: ath12k: fix and enable AP mode for WCN7850 Hou Tao <houtao1(a)huawei.com> bpf: Set need_defer as false when clearing fd array during map free Hou Tao <houtao1(a)huawei.com> bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers Chih-Kang Chang <gary.chang(a)realtek.com> wifi: rtw89: fix misbehavior of TX beacon in concurrent mode Po-Hao Huang <phhuang(a)realtek.com> wifi: rtw89: fix not entering PS mode after AP stops Baochen Qiang <quic_bqiang(a)quicinc.com> wifi: ath11k: fix race due to setting ATH11K_FLAG_EXT_IRQ_ENABLED too early Minsuk Kang <linuxlovemin(a)yonsei.ac.kr> wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Yonghong Song <yonghong.song(a)linux.dev> bpf: Fix a few selftest failures due to llvm18 change Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7s: Fix nand-controller #size-cells Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7s: Fix lcdif compatible Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7d: Fix coresight funnel ports ching Huang <ching2048(a)areca.com.tw> scsi: arcmsr: Support new PCI device IDs 1883 and 1886 Sumit Saxena <sumit.saxena(a)broadcom.com> scsi: mpi3mr: Add PCI checks where SAS5116 diverges from SAS4116 Sumit Saxena <sumit.saxena(a)broadcom.com> scsi: mpi3mr: Add support for SAS5116 PCI IDs Jose Ignacio Tornos Martinez <jtornosm(a)redhat.com> net: usb: ax88179_178a: avoid two consecutive device resets Zhengchao Shao <shaozhengchao(a)huawei.com> bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk Ido Schimmel <idosch(a)nvidia.com> PCI: Add no PM reset quirk for NVIDIA Spectrum devices Kory Maincent <kory.maincent(a)bootlin.com> net: phy: micrel: fix ts_info value in case of no phc Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: samsung: s5pv210: fix camera unit addresses/ranges Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: samsung: exynos4: fix camera unit addresses/ranges Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Fix possible file string name overflow when updating firmware Tanmay Shah <tanmay.shah(a)xilinx.com> soc: xilinx: fix unhandled SGI warning message HariBabu Gattem <haribabu.gattem(a)xilinx.com> soc: xilinx: Fix for call trace due to the usage of smp_processor_id() Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: msm8960: fix PMIC node labels Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: msm8660: fix PMIC node labels Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: mdm9615: fix PMIC node labels Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: strip prefix from PMIC files Yafang Shao <laoar.shao(a)gmail.com> selftests/bpf: Fix issues in setup_classid_environment() Shiji Yang <yangshiji66(a)outlook.com> wifi: rt2x00: correct wrong BBP register in RxDCOC calibration Yonghong Song <yonghong.song(a)linux.dev> selftests/bpf: Fix pyperf180 compilation failure with clang18 Yonghong Song <yonghong.song(a)linux.dev> libbpf: Fix potential uninitialized tail padding with LIBBPF_OPTS_RESET Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: satisfy compiler by having explicit return in btf test Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: fix RELEASE=1 build for tc_opts Shiji Yang <yangshiji66(a)outlook.com> wifi: rt2x00: restart beacon queue when hardware reset Dmitry Antipov <dmantipov(a)yandex.ru> wifi: rtw89: fix timeout calculation in rtw89_roc_end() Baokun Li <libaokun1(a)huawei.com> ext4: avoid online resizing failures due to oversized flex bg Baokun Li <libaokun1(a)huawei.com> ext4: remove unnecessary check from alloc_flex_gd() Baokun Li <libaokun1(a)huawei.com> ext4: unify the type of flexbg_size to unsigned int Ye Bin <yebin10(a)huawei.com> ext4: fix inconsistent between segment fstrim and full fstrim Gabriel Krisman Bertazi <krisman(a)suse.de> ecryptfs: Reject casefold directory inodes Shyam Prasad N <sprasad(a)microsoft.com> cifs: fix in logging in cifs_chan_update_iface Paulo Alcantara <pc(a)manguebit.com> smb: client: fix hardlinking of reparse points Paulo Alcantara <pc(a)manguebit.com> smb: client: fix renaming of reparse points Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: treat end of range as exclusive in ext4_zero_range() Anna Schumaker <Anna.Schumaker(a)Netapp.com> SUNRPC: Fix a suspicious RCU usage warning Joel Granados <j.granados(a)samsung.com> sysctl: Fix out of bounds access for empty sysctl registers Heiko Carstens <hca(a)linux.ibm.com> KVM: s390: fix setting of fpc register Heiko Carstens <hca(a)linux.ibm.com> s390/ptrace: handle setting of fpc register correctly Tony Krowiak <akrowiak(a)linux.ibm.com> s390/vfio-ap: fix sysfs status attribute for AP queue devices Arnd Bergmann <arnd(a)arndb.de> arch: fix asm-offsets.c building with -Wmissing-prototypes Arnd Bergmann <arnd(a)arndb.de> arch: consolidate arch_irq_work_raise prototypes Alexander Gordeev <agordeev(a)linux.ibm.com> s390/boot: always align vmalloc area on segment boundary Edward Adam Davis <eadavis(a)qq.com> jfs: fix array-index-out-of-bounds in diNewExt Oleg Nesterov <oleg(a)redhat.com> rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleg Nesterov <oleg(a)redhat.com> afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> crypto: stm32/crc32 - fix parsing list of devices Gao Xiang <xiang(a)kernel.org> erofs: fix ztailpacking for subpage compressed blocks Bharat Bhushan <bbhushan2(a)marvell.com> crypto: octeontx2 - Fix cptvf driver cleanup Jia Jie Ho <jiajie.ho(a)starfivetech.com> crypto: starfive - Fix dev_err_probe return error Gao Xiang <xiang(a)kernel.org> erofs: fix up compacted indexes for block size < 4096 Weichen Chen <weichen.chen(a)mediatek.com> pstore/ram: Fix crash when setting number of cpus to an odd number Gustavo A. R. Silva <gustavoars(a)kernel.org> crypto: p10-aes-gcm - Avoid -Wstringop-overflow warnings Jia Jie Ho <jiajie.ho(a)starfivetech.com> hwrng: starfive - Fix dev_err_probe return error Edward Adam Davis <eadavis(a)qq.com> jfs: fix uaf in jfs_evict_inode Manas Ghandat <ghandatmanas(a)gmail.com> jfs: fix array-index-out-of-bounds in dbAdjTree Manas Ghandat <ghandatmanas(a)gmail.com> jfs: fix slab-out-of-bounds Read in dtSearch Osama Muhammad <osmtendev(a)gmail.com> UBSAN: array-index-out-of-bounds in dtSplitRoot Osama Muhammad <osmtendev(a)gmail.com> FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> thermal: core: Fix thermal zone suspend-resume synchronization Viresh Kumar <viresh.kumar(a)linaro.org> OPP: The level field is always of unsigned int type Shuai Xue <xueshuai(a)linux.alibaba.com> ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events Mukesh Ojha <quic_mojha(a)quicinc.com> PM / devfreq: Synchronize devfreq_monitor_[start/stop] Michal Wajdeczko <michal.wajdeczko(a)intel.com> kunit: Reset test->priv after each param iteration Rae Moar <rmoar(a)google.com> kunit: tool: fix parsing of test attributes Yuntao Wang <ytcoode(a)gmail.com> ACPI: NUMA: Fix the logic of getting the fake_pxm value Thomas Weißschuh <linux(a)weissschuh.net> selftests/nolibc: fix testcase status alignment Prarit Bhargava <prarit(a)redhat.com> ACPI: extlog: fix NULL pointer dereference check Dmitry Antipov <dmantipov(a)yandex.ru> PNP: ACPI: fix fortify warning Yuluo Qiu <qyl27(a)outlook.com> ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Yuntao Wang <ytcoode(a)gmail.com> ACPI: tables: Correct and clean up the logic of acpi_parse_entries_array() Chris Riches <chris.riches(a)nutanix.com> audit: Send netlink ACK before setting connection in auditd_set Rui Zhang <zr.zhang(a)vivo.com> regulator: core: Only increment use_count when enable_count changes Vincent Guittot <vincent.guittot(a)linaro.org> sched/fair: Fix tg->load when offlining a CPU Andrzej Hajda <andrzej.hajda(a)intel.com> debugobjects: Stop accessing objects after releasing hash bucket lock Greg KH <gregkh(a)linuxfoundation.org> perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file Raghavendra K T <raghavendra.kt(a)amd.com> sched/numa: Fix mm numa_scan_seq based unconditional scan Zhiquan Li <zhiquan1.li(a)intel.com> x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel Naveen N Rao <naveen(a)kernel.org> powerpc/lib: Validate size for vector operations Stephen Rothwell <sfr(a)canb.auug.org.au> powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE Jun'ichi Nomura <junichi.nomura(a)nec.com> x86/boot: Ignore NMIs during very early boot Michael Ellerman <mpe(a)ellerman.id.au> powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping() Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() Michael Ellerman <mpe(a)ellerman.id.au> powerpc: Fix build error due to is_valid_bugaddr() Mark Rutland <mark.rutland(a)arm.com> drivers/perf: pmuv3: don't expose SW_INCR event in sysfs Huang Shijie <shijie(a)os.amperecomputing.com> arm64: irq: set the correct node for VMAP stack Kunwu Chan <chentao(a)kylinos.cn> powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Dmitry Torokhov <dmitry.torokhov(a)gmail.com> asm-generic: make sparse happy with odd-sized put_unaligned_*() ------------- Diffstat: Documentation/ABI/testing/sysfs-class-net-queues | 22 +- Documentation/sound/soc/dapm.rst | 2 +- Makefile | 4 +- arch/alpha/kernel/asm-offsets.c | 2 +- .../intel/ixp/intel-ixp42x-usrobotics-usr8200.dts | 22 ++ arch/arm/boot/dts/marvell/armada-370-rd.dts | 24 +-- .../dts/marvell/armada-381-netgear-gs110emx.dts | 44 ++-- .../dts/marvell/armada-385-clearfog-gtr-l8.dts | 38 ++-- .../dts/marvell/armada-385-clearfog-gtr-s4.dts | 22 +- arch/arm/boot/dts/marvell/armada-385-linksys.dtsi | 18 +- .../boot/dts/marvell/armada-385-turris-omnia.dts | 20 +- arch/arm/boot/dts/marvell/armada-388-clearfog.dts | 20 +- .../boot/dts/marvell/armada-xp-linksys-mamba.dts | 18 +- arch/arm/boot/dts/nxp/imx/imx1-ads.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx1-apf9328.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx1.dtsi | 5 +- .../boot/dts/nxp/imx/imx25-eukrea-cpuimx25.dtsi | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-cmo-qvga.dts | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-dvi-svga.dts | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-dvi-vga.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx25-pdk.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx25.dtsi | 2 +- arch/arm/boot/dts/nxp/imx/imx27-apf27dev.dts | 4 +- .../boot/dts/nxp/imx/imx27-eukrea-cpuimx27.dtsi | 4 +- .../nxp/imx/imx27-eukrea-mbimxsd27-baseboard.dts | 2 +- .../dts/nxp/imx/imx27-phytec-phycard-s-rdk.dts | 2 +- .../boot/dts/nxp/imx/imx27-phytec-phycore-rdk.dts | 2 +- .../boot/dts/nxp/imx/imx27-phytec-phycore-som.dtsi | 2 +- arch/arm/boot/dts/nxp/imx/imx27.dtsi | 3 + arch/arm/boot/dts/nxp/imx/imx7d.dtsi | 3 - arch/arm/boot/dts/nxp/imx/imx7s.dtsi | 10 +- arch/arm/boot/dts/nxp/mxs/imx23-sansa.dts | 12 +- arch/arm/boot/dts/nxp/mxs/imx23.dtsi | 2 +- arch/arm/boot/dts/nxp/mxs/imx28.dtsi | 2 +- .../dts/qcom/{qcom-pm8226.dtsi => pm8226.dtsi} | 0 .../dts/qcom/{qcom-pm8841.dtsi => pm8841.dtsi} | 0 .../dts/qcom/{qcom-pm8941.dtsi => pm8941.dtsi} | 0 .../dts/qcom/{qcom-pma8084.dtsi => pma8084.dtsi} | 0 .../boot/dts/qcom/{qcom-pmx55.dtsi => pmx55.dtsi} | 0 .../boot/dts/qcom/{qcom-pmx65.dtsi => pmx65.dtsi} | 0 .../boot/dts/qcom/qcom-apq8026-asus-sparrow.dts | 2 +- .../boot/dts/qcom/qcom-apq8026-huawei-sturgeon.dts | 2 +- arch/arm/boot/dts/qcom/qcom-apq8026-lg-lenok.dts | 2 +- .../dts/qcom/qcom-apq8026-samsung-matisse-wifi.dts | 2 +- .../arm/boot/dts/qcom/qcom-apq8060-dragonboard.dts | 4 +- .../arm/boot/dts/qcom/qcom-apq8074-dragonboard.dts | 4 +- arch/arm/boot/dts/qcom/qcom-apq8084-ifc6540.dts | 2 +- arch/arm/boot/dts/qcom/qcom-apq8084-mtp.dts | 2 +- arch/arm/boot/dts/qcom/qcom-mdm9615-wp8548.dtsi | 2 +- arch/arm/boot/dts/qcom/qcom-mdm9615.dtsi | 14 +- arch/arm/boot/dts/qcom/qcom-msm8660.dtsi | 16 +- arch/arm/boot/dts/qcom/qcom-msm8960.dtsi | 8 +- .../qcom/qcom-msm8974-lge-nexus5-hammerhead.dts | 4 +- .../dts/qcom/qcom-msm8974-sony-xperia-rhine.dtsi | 4 +- .../dts/qcom/qcom-msm8974pro-fairphone-fp2.dts | 4 +- .../dts/qcom/qcom-msm8974pro-oneplus-bacon.dts | 4 +- .../boot/dts/qcom/qcom-msm8974pro-samsung-klte.dts | 2 +- .../qcom-msm8974pro-sony-xperia-shinano-castor.dts | 4 +- arch/arm/boot/dts/qcom/qcom-sdx55-mtp.dts | 2 +- arch/arm/boot/dts/qcom/qcom-sdx55-t55.dts | 2 +- .../boot/dts/qcom/qcom-sdx55-telit-fn980-tlb.dts | 2 +- arch/arm/boot/dts/qcom/qcom-sdx65-mtp.dts | 2 +- arch/arm/boot/dts/rockchip/rk3036.dtsi | 14 +- arch/arm/boot/dts/samsung/exynos4.dtsi | 26 +-- arch/arm/boot/dts/samsung/exynos4x12.dtsi | 17 +- arch/arm/boot/dts/samsung/s5pv210.dtsi | 18 +- arch/arm/include/asm/irq_work.h | 2 - .../boot/dts/amlogic/meson-s4-s805x2-aq222.dts | 4 +- arch/arm64/boot/dts/amlogic/meson-s4.dtsi | 4 +- .../dts/marvell/armada-3720-espressobin-ultra.dts | 14 +- .../boot/dts/marvell/armada-3720-espressobin.dtsi | 20 +- .../boot/dts/marvell/armada-3720-gl-mv1000.dts | 20 +- .../boot/dts/marvell/armada-3720-turris-mox.dts | 85 ++++---- .../boot/dts/marvell/armada-7040-mochabin.dts | 24 +-- .../dts/marvell/armada-8040-clearfog-gt-8k.dts | 22 +- arch/arm64/boot/dts/marvell/cn9130-crb.dtsi | 42 ++-- arch/arm64/boot/dts/qcom/msm8996.dtsi | 21 ++ arch/arm64/boot/dts/qcom/msm8998.dtsi | 32 +-- arch/arm64/boot/dts/qcom/sdm845.dtsi | 5 +- arch/arm64/boot/dts/qcom/sm8150.dtsi | 5 +- arch/arm64/boot/dts/qcom/sm8250.dtsi | 24 +-- arch/arm64/boot/dts/qcom/sm8350.dtsi | 8 +- arch/arm64/boot/dts/qcom/sm8450.dtsi | 8 +- arch/arm64/boot/dts/qcom/sm8550.dtsi | 8 +- arch/arm64/boot/dts/sprd/ums512.dtsi | 3 +- .../boot/dts/xilinx/zynqmp-sck-kv-g-revA.dtso | 40 ++-- .../boot/dts/xilinx/zynqmp-sck-kv-g-revB.dtso | 42 ++-- arch/arm64/include/asm/irq_work.h | 2 - arch/arm64/kernel/irq.c | 7 +- arch/csky/include/asm/irq_work.h | 2 +- arch/loongarch/kernel/asm-offsets.c | 26 +-- arch/powerpc/crypto/aes-gcm-p10-glue.c | 2 +- arch/powerpc/include/asm/irq_work.h | 1 - arch/powerpc/include/asm/mmu.h | 4 + arch/powerpc/include/asm/mmzone.h | 8 - arch/powerpc/kernel/traps.c | 2 + arch/powerpc/lib/sstep.c | 10 + arch/powerpc/mm/book3s64/pgtable.c | 2 + arch/powerpc/mm/init-common.c | 5 +- arch/powerpc/mm/mmu_decl.h | 5 + arch/riscv/include/asm/irq_work.h | 2 +- arch/riscv/kernel/head.S | 1 + arch/riscv/mm/init.c | 12 +- arch/s390/boot/ipl_parm.c | 2 +- arch/s390/boot/startup.c | 3 +- arch/s390/include/asm/irq_work.h | 2 - arch/s390/kernel/ptrace.c | 6 +- arch/s390/kvm/kvm-s390.c | 5 - arch/sparc/kernel/asm-offsets.c | 6 +- arch/um/drivers/net_kern.c | 2 +- arch/um/include/shared/kern_util.h | 2 +- arch/um/kernel/process.c | 2 +- arch/um/kernel/time.c | 32 ++- arch/um/os-Linux/helper.c | 6 +- arch/um/os-Linux/util.c | 19 +- arch/x86/boot/compressed/ident_map_64.c | 5 + arch/x86/boot/compressed/idt_64.c | 1 + arch/x86/boot/compressed/idt_handlers_64.S | 1 + arch/x86/boot/compressed/misc.h | 1 + arch/x86/include/asm/irq_work.h | 1 - arch/x86/include/asm/kmsan.h | 17 +- arch/x86/kernel/cpu/mce/core.c | 16 ++ block/bio.c | 2 +- block/blk-mq.c | 16 ++ drivers/accel/habanalabs/common/device.c | 17 +- drivers/accel/habanalabs/common/habanalabs.h | 2 + drivers/accel/habanalabs/common/habanalabs_drv.c | 3 + drivers/accel/habanalabs/common/mmu/mmu.c | 1 + drivers/accel/habanalabs/common/sysfs.c | 3 + drivers/accel/habanalabs/gaudi2/gaudi2.c | 14 +- .../habanalabs/include/hw_ip/pci/pci_general.h | 1 + drivers/acpi/acpi_extlog.c | 5 +- drivers/acpi/acpi_video.c | 9 + drivers/acpi/apei/ghes.c | 29 ++- drivers/acpi/numa/srat.c | 4 +- drivers/acpi/resource.c | 21 ++ drivers/base/arch_numa.c | 2 +- drivers/block/rnbd/rnbd-srv.c | 19 +- drivers/bluetooth/hci_qca.c | 1 + drivers/char/hw_random/jh7110-trng.c | 2 +- drivers/clk/hisilicon/clk-hi3620.c | 4 +- drivers/clk/imx/clk-imx8qxp.c | 24 ++- drivers/clk/imx/clk-scu.c | 4 +- drivers/clk/mmp/clk-of-pxa168.c | 3 + drivers/crypto/caam/caamalg_qi2.c | 7 +- drivers/crypto/caam/caamhash.c | 7 +- drivers/crypto/marvell/octeontx2/otx2_cptlf.c | 6 +- drivers/crypto/marvell/octeontx2/otx2_cptvf_main.c | 3 + drivers/crypto/starfive/jh7110-cryp.c | 2 +- drivers/crypto/stm32/stm32-crc32.c | 2 +- drivers/devfreq/devfreq.c | 24 ++- drivers/extcon/extcon.c | 3 +- drivers/gpu/drm/amd/amdgpu/aldebaran.c | 26 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c | 21 +- drivers/gpu/drm/amd/amdgpu/amdgpu_mca.c | 8 +- drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c | 31 +++ drivers/gpu/drm/amd/amdgpu/amdgpu_mes.h | 10 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 13 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c | 3 + drivers/gpu/drm/amd/amdgpu/amdgpu_sync.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.c | 6 +- drivers/gpu/drm/amd/amdgpu/gfxhub_v1_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gfxhub_v1_2.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c | 4 + drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 5 + drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 4 + drivers/gpu/drm/amd/amdgpu/mmhub_v1_0.c | 4 +- .../gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 2 + drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 42 ++-- drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 24 ++- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 30 +-- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 9 +- .../amd/display/dc/clk_mgr/dcn314/dcn314_clk_mgr.c | 71 ++++++- .../amd/display/dc/clk_mgr/dcn314/dcn314_clk_mgr.h | 11 + .../amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c | 8 - drivers/gpu/drm/amd/display/dc/core/dc.c | 4 + drivers/gpu/drm/amd/display/dc/dc_hw_types.h | 2 +- drivers/gpu/drm/amd/display/dc/dce/dce_audio.c | 2 +- .../gpu/drm/amd/display/dc/dce/dce_clock_source.c | 9 +- .../amd/display/dc/dcn35/dcn35_dio_link_encoder.c | 5 + .../amd/display/dc/dml/dcn32/display_mode_vba_32.c | 3 + .../dc/dml/dcn32/display_mode_vba_util_32.c | 33 ++- .../dc/dml/dcn32/display_mode_vba_util_32.h | 1 + .../drm/amd/display/dc/dml2/display_mode_core.c | 2 +- .../amd/display/dc/dml2/dml2_translation_helper.c | 4 +- drivers/gpu/drm/amd/display/dc/dml2/dml2_utils.c | 8 + .../drm/amd/display/dc/hwss/dce110/dce110_hwseq.c | 5 +- .../drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c | 3 +- .../drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c | 23 ++- .../drm/amd/display/dc/hwss/dcn31/dcn31_hwseq.c | 3 +- .../drm/amd/display/dc/hwss/dcn32/dcn32_hwseq.c | 25 +++ drivers/gpu/drm/amd/display/dc/inc/hw/clk_mgr.h | 1 + drivers/gpu/drm/amd/display/dc/inc/hw/dccg.h | 4 + drivers/gpu/drm/amd/display/dc/link/link_dpms.c | 40 +++- .../display/dc/link/protocols/link_dp_dpia_bw.c | 221 +++++++++------------ .../display/dc/link/protocols/link_dp_dpia_bw.h | 4 +- .../dc/link/protocols/link_dp_irq_handler.c | 12 +- drivers/gpu/drm/amd/display/include/audio_types.h | 2 +- .../drm/amd/display/modules/power/power_helpers.c | 2 - drivers/gpu/drm/amd/include/amd_shared.h | 2 - drivers/gpu/drm/amd/include/mes_v11_api_def.h | 3 +- .../amd/pm/powerplay/hwmgr/process_pptables_v1_0.c | 2 +- .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 17 +- drivers/gpu/drm/bridge/analogix/anx7625.c | 51 +++-- drivers/gpu/drm/bridge/analogix/anx7625.h | 4 + drivers/gpu/drm/drm_file.c | 2 +- drivers/gpu/drm/drm_framebuffer.c | 2 +- drivers/gpu/drm/drm_mipi_dsi.c | 17 +- drivers/gpu/drm/exynos/exynos_drm_drv.c | 11 + drivers/gpu/drm/msm/adreno/a6xx_gpu.c | 23 ++- .../gpu/drm/msm/disp/dpu1/catalog/dpu_7_0_sm8350.h | 18 ++ .../gpu/drm/msm/disp/dpu1/catalog/dpu_8_1_sm8450.h | 18 ++ drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 6 +- drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys.h | 4 +- .../gpu/drm/msm/disp/dpu1/dpu_encoder_phys_cmd.c | 32 ++- .../gpu/drm/msm/disp/dpu1/dpu_encoder_phys_vid.c | 33 ++- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_wb.c | 3 + drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 1 + drivers/gpu/drm/msm/dp/dp_display.c | 6 + drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 + drivers/gpu/drm/msm/msm_mdss.c | 2 +- drivers/gpu/drm/panel/panel-edp.c | 48 ++++- drivers/hid/hidraw.c | 7 +- drivers/hwmon/hp-wmi-sensors.c | 127 ++++++++++-- drivers/hwmon/nct6775-core.c | 7 + drivers/i2c/busses/i2c-rk3x.c | 8 +- drivers/i3c/master/i3c-master-cdns.c | 7 +- drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 7 +- drivers/leds/trigger/ledtrig-panic.c | 5 +- drivers/mailbox/arm_mhuv2.c | 3 +- drivers/md/md.c | 54 ++++- drivers/media/i2c/imx335.c | 4 +- drivers/media/i2c/ov2740.c | 17 +- drivers/media/pci/ddbridge/ddbridge-main.c | 2 +- drivers/media/platform/amphion/vpu.h | 3 +- drivers/media/platform/amphion/vpu_cmds.c | 28 +-- drivers/media/platform/amphion/vpu_v4l2.c | 1 + drivers/media/platform/rockchip/rga/rga.c | 15 +- .../media/platform/rockchip/rkisp1/rkisp1-common.h | 11 +- .../media/platform/rockchip/rkisp1/rkisp1-csi.c | 14 +- .../media/platform/rockchip/rkisp1/rkisp1-dev.c | 35 +++- .../media/platform/rockchip/rkisp1/rkisp1-isp.c | 20 +- .../platform/rockchip/rkisp1/rkisp1-resizer.c | 38 ++-- drivers/media/usb/stk1160/stk1160-video.c | 5 +- drivers/media/usb/uvc/uvc_driver.c | 18 ++ drivers/mfd/Kconfig | 1 + drivers/misc/lis3lv02d/lis3lv02d_i2c.c | 1 + drivers/net/bonding/bond_alb.c | 3 +- drivers/net/dsa/mt7530.c | 3 +- drivers/net/dsa/mv88e6xxx/chip.h | 4 +- drivers/net/dsa/mv88e6xxx/serdes.c | 10 +- drivers/net/dsa/mv88e6xxx/serdes.h | 8 +- drivers/net/dsa/qca/qca8k-8xxx.c | 24 ++- drivers/net/ethernet/amd/pds_core/adminq.c | 64 ++++-- drivers/net/ethernet/amd/pds_core/core.c | 46 ++++- drivers/net/ethernet/amd/pds_core/core.h | 2 +- drivers/net/ethernet/amd/pds_core/debugfs.c | 4 + drivers/net/ethernet/amd/pds_core/dev.c | 16 +- drivers/net/ethernet/amd/pds_core/devlink.c | 3 +- drivers/net/ethernet/amd/pds_core/fw.c | 3 + drivers/net/ethernet/amd/pds_core/main.c | 26 ++- drivers/net/ethernet/aquantia/atlantic/aq_ptp.c | 28 +-- drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 61 ++---- drivers/net/ethernet/aquantia/atlantic/aq_ring.h | 22 +- drivers/net/ethernet/aquantia/atlantic/aq_vec.c | 23 +-- drivers/net/ethernet/google/gve/gve_rx.c | 8 +- drivers/net/ethernet/intel/e1000/e1000_hw.c | 1 + drivers/net/ethernet/intel/e1000e/e1000.h | 20 ++ drivers/net/ethernet/intel/e1000e/ptp.c | 22 +- drivers/net/ethernet/intel/fm10k/fm10k_pf.c | 1 + drivers/net/ethernet/intel/fm10k/fm10k_vf.c | 1 + drivers/net/ethernet/intel/i40e/i40e_common.c | 1 + drivers/net/ethernet/intel/i40e/i40e_dcb.c | 2 + drivers/net/ethernet/intel/i40e/i40e_nvm.c | 1 + drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 32 +++ drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 + drivers/net/ethernet/intel/iavf/iavf_common.c | 3 +- drivers/net/ethernet/intel/iavf/iavf_ethtool.c | 5 +- drivers/net/ethernet/intel/iavf/iavf_fdir.c | 1 + drivers/net/ethernet/intel/iavf/iavf_txrx.c | 1 + drivers/net/ethernet/intel/ice/ice_adminq_cmd.h | 18 +- drivers/net/ethernet/intel/ice/ice_lib.c | 7 +- drivers/net/ethernet/intel/ice/ice_virtchnl.c | 12 +- drivers/net/ethernet/intel/ice/ice_vsi_vlan_lib.c | 16 +- drivers/net/ethernet/intel/idpf/virtchnl2.h | 2 +- drivers/net/ethernet/intel/igb/e1000_i210.c | 4 +- drivers/net/ethernet/intel/igb/e1000_nvm.c | 4 +- drivers/net/ethernet/intel/igb/e1000_phy.c | 4 +- drivers/net/ethernet/intel/igbvf/netdev.c | 28 +-- drivers/net/ethernet/intel/igc/igc_i225.c | 1 + drivers/net/ethernet/intel/igc/igc_phy.c | 1 + drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c | 36 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_82599.c | 61 +++--- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 145 +++++++------- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 42 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c | 34 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 1 - drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 105 +++++----- drivers/net/ethernet/intel/ixgbe/ixgbe_phy.h | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 43 +--- drivers/net/ethernet/intel/ixgbe/ixgbe_x540.c | 44 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 149 +++++++------- drivers/net/ethernet/marvell/mvmdio.c | 53 ++--- .../net/ethernet/marvell/octeontx2/af/rvu_npc.c | 13 +- .../ethernet/marvell/octeontx2/nic/otx2_ethtool.c | 1 - .../net/ethernet/marvell/octeontx2/nic/otx2_pf.c | 3 +- .../net/ethernet/marvell/octeontx2/nic/otx2_txrx.c | 7 +- drivers/net/ethernet/mediatek/mtk_eth_soc.c | 5 +- .../net/ethernet/microchip/lan966x/lan966x_port.c | 5 +- .../net/ethernet/pensando/ionic/ionic_bus_pci.c | 4 + drivers/net/ethernet/pensando/ionic/ionic_dev.c | 1 + drivers/net/ethernet/pensando/ionic/ionic_dev.h | 1 + drivers/net/ethernet/pensando/ionic/ionic_lif.c | 3 + drivers/net/ethernet/pensando/ionic/ionic_main.c | 22 +- drivers/net/phy/at803x.c | 6 +- drivers/net/phy/mediatek-ge-soc.c | 147 ++++++++------ drivers/net/phy/micrel.c | 6 +- drivers/net/usb/ax88179_178a.c | 2 - drivers/net/virtio_net.c | 9 +- drivers/net/wireless/ath/ath11k/pcic.c | 4 +- drivers/net/wireless/ath/ath12k/hal.c | 4 +- drivers/net/wireless/ath/ath12k/hw.c | 3 +- drivers/net/wireless/ath/ath12k/mac.c | 4 +- drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 5 +- .../net/wireless/mediatek/mt76/mt76_connac_mcu.c | 2 +- drivers/net/wireless/mediatek/mt76/mt7996/pci.c | 8 +- drivers/net/wireless/ralink/rt2x00/rt2800lib.c | 2 +- drivers/net/wireless/ralink/rt2x00/rt2x00dev.c | 3 + drivers/net/wireless/ralink/rt2x00/rt2x00mac.c | 11 + .../net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 12 ++ .../net/wireless/realtek/rtlwifi/rtl8723ae/phy.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8723be/phy.c | 4 +- drivers/net/wireless/realtek/rtw89/coex.c | 4 +- drivers/net/wireless/realtek/rtw89/core.c | 2 +- drivers/net/wireless/realtek/rtw89/core.h | 12 +- drivers/net/wireless/realtek/rtw89/fw.c | 17 +- drivers/net/wireless/realtek/rtw89/mac.c | 100 +++++++++- drivers/net/wireless/realtek/rtw89/mac.h | 1 + drivers/net/wireless/realtek/rtw89/mac80211.c | 3 + drivers/net/wireless/realtek/rtw89/reg.h | 17 ++ drivers/net/wireless/silabs/wfx/sta.c | 42 ++-- drivers/opp/core.c | 9 +- drivers/pci/pci.h | 2 +- drivers/pci/pcie/aer.c | 9 +- drivers/pci/quirks.c | 24 ++- drivers/pci/switch/switchtec.c | 25 ++- drivers/perf/arm_pmuv3.c | 6 +- drivers/pinctrl/intel/pinctrl-baytrail.c | 3 +- drivers/pnp/pnpacpi/rsparser.c | 12 +- drivers/regulator/core.c | 56 +++--- drivers/regulator/ti-abb-regulator.c | 22 +- drivers/s390/crypto/vfio_ap_ops.c | 16 +- drivers/scsi/arcmsr/arcmsr.h | 4 + drivers/scsi/arcmsr/arcmsr_hba.c | 6 + drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 10 +- drivers/scsi/isci/request.c | 2 +- drivers/scsi/libfc/fc_fcp.c | 18 +- drivers/scsi/lpfc/lpfc.h | 1 + drivers/scsi/lpfc/lpfc_els.c | 14 +- drivers/scsi/lpfc/lpfc_init.c | 4 +- drivers/scsi/lpfc/lpfc_vmid.c | 1 + drivers/scsi/mpi3mr/mpi3mr_fw.c | 3 +- drivers/scsi/mpi3mr/mpi3mr_os.c | 13 +- drivers/scsi/scsi_error.c | 8 +- drivers/scsi/scsi_lib.c | 2 +- drivers/scsi/scsi_priv.h | 2 +- drivers/soc/xilinx/xlnx_event_manager.c | 7 +- drivers/spmi/spmi-mtk-pmif.c | 7 +- drivers/staging/vme_user/vme.c | 2 +- drivers/thermal/thermal_core.c | 30 ++- drivers/tty/serial/8250/8250_pci.c | 58 +++++- drivers/tty/tty_ioctl.c | 4 +- drivers/usb/core/hub.c | 33 ++- drivers/usb/host/xhci-plat.c | 23 ++- drivers/usb/host/xhci.c | 40 ++-- drivers/watchdog/it87_wdt.c | 14 +- drivers/watchdog/starfive-wdt.c | 2 + drivers/xen/gntdev-dmabuf.c | 50 ++--- fs/9p/v9fs_vfs.h | 1 + fs/9p/vfs_inode.c | 6 +- fs/9p/vfs_inode_dotl.c | 1 + fs/afs/callback.c | 3 +- fs/ceph/caps.c | 9 +- fs/ceph/mds_client.c | 2 +- fs/ceph/quota.c | 39 ++-- fs/dcache.c | 7 +- fs/ecryptfs/inode.c | 8 + fs/erofs/zdata.c | 2 +- fs/erofs/zmap.c | 32 ++- fs/ext4/extents.c | 6 +- fs/ext4/mballoc.c | 11 +- fs/ext4/resize.c | 37 ++-- fs/f2fs/compress.c | 4 +- fs/f2fs/file.c | 2 + fs/f2fs/recovery.c | 25 ++- fs/jfs/jfs_dmap.c | 57 +++--- fs/jfs/jfs_dtree.c | 7 +- fs/jfs/jfs_imap.c | 3 + fs/jfs/jfs_mount.c | 6 +- fs/kernfs/dir.c | 12 ++ fs/ocfs2/namei.c | 8 +- fs/proc/proc_sysctl.c | 9 +- fs/pstore/ram.c | 1 + fs/reiserfs/namei.c | 54 ++--- fs/smb/client/cifsglob.h | 30 ++- fs/smb/client/cifsproto.h | 15 +- fs/smb/client/cifssmb.c | 17 +- fs/smb/client/inode.c | 3 +- fs/smb/client/link.c | 4 +- fs/smb/client/sess.c | 14 +- fs/smb/client/smb2inode.c | 55 +++-- fs/smb/client/smb2proto.h | 16 +- fs/tracefs/event_inode.c | 117 +++++++---- fs/tracefs/inode.c | 198 ++++++++++-------- fs/tracefs/internal.h | 4 +- include/asm-generic/numa.h | 2 + include/asm-generic/unaligned.h | 24 +-- include/drm/drm_color_mgmt.h | 1 + include/drm/drm_mipi_dsi.h | 2 + include/linux/avf/virtchnl.h | 1 + include/linux/bpf.h | 2 +- include/linux/irq_work.h | 3 + include/linux/mm_types.h | 3 + include/linux/mmzone.h | 6 +- include/linux/netfilter/ipset/ip_set.h | 4 + include/linux/pci_ids.h | 1 + include/linux/pm_opp.h | 4 +- include/linux/thermal.h | 2 + include/net/af_unix.h | 20 +- include/net/ip.h | 2 +- include/net/netfilter/nf_tables.h | 2 + kernel/audit.c | 31 ++- kernel/bpf/arraymap.c | 23 ++- kernel/bpf/helpers.c | 15 +- kernel/bpf/syscall.c | 6 + kernel/events/core.c | 38 ++-- kernel/sched/fair.c | 56 +++++- lib/debugobjects.c | 200 ++++++++----------- lib/fw_table.c | 30 +-- lib/kunit/executor.c | 4 + lib/kunit/test.c | 15 +- net/bluetooth/hci_sync.c | 10 +- net/bluetooth/iso.c | 51 ++++- net/bluetooth/l2cap_core.c | 3 +- net/bpf/test_run.c | 2 +- net/bridge/br_cfm_netlink.c | 2 +- net/bridge/br_multicast.c | 20 +- net/bridge/br_private.h | 4 +- net/devlink/port.c | 2 +- net/ipv4/ip_output.c | 12 +- net/ipv4/ip_sockglue.c | 6 +- net/ipv4/ipmr.c | 2 +- net/ipv4/raw.c | 2 +- net/ipv4/tcp.c | 12 +- net/ipv4/udp.c | 2 +- net/ipv6/addrconf_core.c | 21 +- net/ipv6/ip6_tunnel.c | 21 +- net/kcm/kcmsock.c | 2 +- net/llc/af_llc.c | 2 + net/netfilter/ipset/ip_set_bitmap_gen.h | 14 +- net/netfilter/ipset/ip_set_core.c | 37 +++- net/netfilter/ipset/ip_set_hash_gen.h | 15 +- net/netfilter/ipset/ip_set_list_set.c | 13 +- net/netfilter/nf_conntrack_proto_tcp.c | 10 +- net/netfilter/nf_log.c | 7 +- net/netfilter/nf_tables_api.c | 14 +- net/netfilter/nft_ct.c | 24 +++ net/netfilter/nft_tunnel.c | 1 + net/rxrpc/conn_service.c | 3 +- net/smc/smc_clc.c | 14 ++ net/sunrpc/xprtmultipath.c | 17 +- net/unix/af_unix.c | 14 +- net/unix/diag.c | 2 +- net/wireless/scan.c | 4 + sound/hda/hdac_stream.c | 9 +- sound/hda/intel-dsp-config.c | 10 + sound/pci/hda/hda_intel.c | 2 + sound/pci/hda/patch_conexant.c | 115 ++++++++++- sound/soc/amd/acp-config.c | 15 +- sound/soc/codecs/rtq9128.c | 73 ++++--- tools/build/feature/test-libopencsd.c | 4 +- tools/lib/bpf/libbpf.c | 2 + tools/lib/bpf/libbpf_common.h | 13 +- tools/lib/subcmd/help.c | 18 +- tools/testing/kunit/kunit_parser.py | 4 +- tools/testing/selftests/bpf/cgroup_helpers.c | 18 +- tools/testing/selftests/bpf/prog_tests/btf.c | 6 +- tools/testing/selftests/bpf/prog_tests/tc_opts.c | 6 +- tools/testing/selftests/bpf/progs/pyperf180.c | 22 ++ .../selftests/bpf/progs/test_global_func17.c | 1 + tools/testing/selftests/bpf/veristat.c | 2 +- tools/testing/selftests/bpf/xdp_hw_metadata.c | 2 +- .../selftests/drivers/net/bonding/lag_lib.sh | 11 + tools/testing/selftests/drivers/net/team/config | 4 +- tools/testing/selftests/net/Makefile | 5 +- tools/testing/selftests/net/config | 16 ++ tools/testing/selftests/net/pmtu.sh | 18 +- tools/testing/selftests/net/setup_veth.sh | 2 +- tools/testing/selftests/net/udpgro.sh | 4 +- tools/testing/selftests/net/udpgro_bench.sh | 4 +- tools/testing/selftests/net/udpgro_frglist.sh | 6 +- tools/testing/selftests/net/udpgro_fwd.sh | 8 +- tools/testing/selftests/net/veth.sh | 4 +- tools/testing/selftests/net/xdp_dummy.c | 13 ++ tools/testing/selftests/nolibc/nolibc-test.c | 4 +- tools/testing/selftests/sgx/test_encl.lds | 6 +- 512 files changed, 4687 insertions(+), 2639 deletions(-)

1 year, 7 months

5
360
0 0

[PATCH 6.7 000/355] 6.7.4-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.7.4 release. There are 355 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon, 05 Feb 2024 17:47:20 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.7.4-rc2.… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.7.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.7.4-rc2 Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' Johan Hovold <johan+linaro(a)kernel.org> ASoC: codecs: wsa883x: fix PA volume control Johan Hovold <johan+linaro(a)kernel.org> ASoC: codecs: lpass-wsa-macro: fix compander volume hack Johan Hovold <johan+linaro(a)kernel.org> ASoC: codecs: wcd938x: fix headphones volume controls Johan Hovold <johan+linaro(a)kernel.org> ASoC: qcom: sc8280xp: limit speaker volumes Zhengchao Shao <shaozhengchao(a)huawei.com> bonding: remove print in bond_verify_device_path Yonghong Song <yonghong.song(a)linux.dev> selftests/bpf: Remove flaky test_btf_id test Konrad Dybcio <konrad.dybcio(a)linaro.org> drm/msm/dsi: Enable runtime PM Jonathan Gray <jsg(a)jsg.id.au> Revert "drm/amd/display: Disable PSR-SU on Parade 0803 TCON again" Marco Elver <elver(a)google.com> mm, kmsan: fix infinite recursion due to RCU critical section Huang Shijie <shijie(a)os.amperecomputing.com> arm64: irq: set the correct node for shadow call stack Pavan Kumar Linga <pavan.kumar.linga(a)intel.com> idpf: avoid compiler padding in virtchnl2_ptype struct Paolo Abeni <pabeni(a)redhat.com> selftests: net: enable some more knobs Jakub Kicinski <kuba(a)kernel.org> selftests: net: add missing config for NF_TARGET_TTL Benjamin Poirier <bpoirier(a)nvidia.com> selftests: bonding: Check initial state Benjamin Poirier <bpoirier(a)nvidia.com> selftests: team: Add missing config options Breno Leitao <leitao(a)debian.org> net: sysfs: Fix /sys/class/net/<iface> path Geetha sowjanya <gakula(a)marvell.com> octeontx2-pf: Remove xdp queues on program detach Paolo Abeni <pabeni(a)redhat.com> selftests: net: don't access /dev/stdout in pmtu.sh Paolo Abeni <pabeni(a)redhat.com> selftests: net: fix available tunnels detection Paolo Abeni <pabeni(a)redhat.com> selftests: net: add missing config for pmtu.sh tests Jakub Kicinski <kuba(a)kernel.org> selftests: net: add missing config for nftables-backed iptables Brett Creeley <brett.creeley(a)amd.com> pds_core: Rework teardown/setup flow to be more common Brett Creeley <brett.creeley(a)amd.com> pds_core: Clear BARs on reset Brett Creeley <brett.creeley(a)amd.com> pds_core: Prevent race issues involving the adminq Brett Creeley <brett.creeley(a)amd.com> pds_core: Use struct pdsc for the pdsc_adminq_isr private data Brett Creeley <brett.creeley(a)amd.com> pds_core: Cancel AQ work on teardown Brett Creeley <brett.creeley(a)amd.com> pds_core: Prevent health thread from running during reset/remove Eric Dumazet <edumazet(a)google.com> af_unix: fix lockdep positive in sk_diag_dump_icons() Zhipeng Lu <alexious(a)zju.edu.cn> net: ipv4: fix a memleak in ip_setup_cork Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: fix performance regression in swap operation Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV Ryan Schaefer <ryanschf(a)amazon.com> netfilter: conntrack: correct window scaling with retransmitted SYN Matthias May <Matthias.May(a)westermo.com> selftests: net: add missing config for GENEVE Parav Pandit <parav(a)nvidia.com> devlink: Fix referring to hw_addr attribute during state validation Linus Lüssing <linus.luessing(a)c0d3.blue> bridge: mcast: fix disabled snooping after long uptime Ido Schimmel <idosch(a)nvidia.com> selftests: net: Add missing matchall classifier Eric Dumazet <edumazet(a)google.com> llc: call sock_orphan() at release time Helge Deller <deller(a)kernel.org> ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Michal Vokáč <michal.vokac(a)ysoft.com> net: dsa: qca8k: fix illegal usage of GPIO Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbe: Refactor overtemp event handling Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbe: Refactor returning internal error codes Jacob Keller <jacob.e.keller(a)intel.com> e1000e: correct maximum frequency adjustment values Eric Dumazet <edumazet(a)google.com> tcp: add sanity checks to rx zerocopy Linus Torvalds <torvalds(a)linux-foundation.org> tracefs: remove stale 'update_gid' code Horatiu Vultur <horatiu.vultur(a)microchip.com> net: lan966x: Fix port configuration when using SGMII interface Nicolas Dichtel <nicolas.dichtel(a)6wind.com> ipmr: fix kernel panic when forwarding mcast packets Daniel Golle <daniel(a)makrotopia.org> net: dsa: mt7530: fix 10M/100M speed on MT7988 switch Eric Dumazet <edumazet(a)google.com> ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() Paolo Abeni <pabeni(a)redhat.com> selftests: net: give more time for GRO aggregation Paolo Abeni <pabeni(a)redhat.com> selftests: net: add missing required classifier Paolo Abeni <pabeni(a)redhat.com> selftests: net: add missing config for big tcp tests Gaurav Jain <gaurav.jain(a)nxp.com> crypto: caam - fix asynchronous hash Daniel Golle <daniel(a)makrotopia.org> net: phy: mediatek-ge-soc: sync driver with MediaTek SDK Daniel Golle <daniel(a)makrotopia.org> net: ethernet: mtk_eth_soc: set DMA coherent mask to get PPE working Praveen Kaligineedi <pkaligineedi(a)google.com> gve: Fix skb truesize underestimation Paolo Abeni <pabeni(a)redhat.com> selftests: net: explicitly wait for listener ready Paolo Abeni <pabeni(a)redhat.com> selftests: net: remove dependency on ebpf tests Su Hui <suhui(a)nfschina.com> HID: hidraw: fix a problem of memory leak in hidraw_release() Ming Lei <ming.lei(a)redhat.com> scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler Romain Naour <romain.naour(a)skf.com> regulator: ti-abb: don't use devm_platform_ioremap_resource_byname for shared interrupt register Marco Pagani <marpagan(a)redhat.com> kunit: run test suites only after module initialization completes Su Hui <suhui(a)nfschina.com> scsi: isci: Fix an error code problem in isci_io_request_build() Alexandre Ghiti <alexghiti(a)rivosinc.com> riscv: Fix build error on rv32 + XIP Jonathan Kim <jonathan.kim(a)amd.com> drm/amdkfd: only flush mes process context if mes support is there Rob Clark <robdclark(a)chromium.org> drm/msm/dpu: Correct UBWC settings for sc8280xp Stephen Rothwell <sfr(a)canb.auug.org.au> drm: using mul_u32_u32() requires linux/math64.h Edward Adam Davis <eadavis(a)qq.com> wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Peter Zijlstra <peterz(a)infradead.org> perf: Fix the nr_addr_filters fix Tim Lunn <tim(a)feathertop.org> i2c: rk3x: Adjust mask/value offset for i2c2 on rv1126 Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: fix avg vs input power reporting on smu7 Wenchao Hao <haowenchao2(a)huawei.com> ceph: fix invalid pointer access if get_quota_realm return ERR_PTR Xiubo Li <xiubli(a)redhat.com> ceph: fix deadlock or deadcode of misusing dget() Venky Shankar <vshankar(a)redhat.com> ceph: reinitialize mds feature bit even when session in open Ming Lei <ming.lei(a)redhat.com> blk-mq: fix IO hang from sbitmap wakeup race Zhu Yanjun <yanjun.zhu(a)linux.dev> virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings Philip Yang <Philip.Yang(a)amd.com> drm/amdkfd: Fix lock dependency warning with srcu Daniel Miess <daniel.miess(a)amd.com> Revert "drm/amd/display: Fix conversions between bytes and KB" Martin Tsai <martin.tsai(a)amd.com> drm/amd/display: To adjust dprefclk by down spread percentage Felix Kuehling <felix.kuehling(a)amd.com> drm/amdkfd: Fix lock dependency warning ChiYuan Huang <cy_huang(a)richtek.com> ASoC: codecs: rtq9128: Fix TDM enable and DAI format control flow ChiYuan Huang <cy_huang(a)richtek.com> ASoC: codecs: rtq9128: Fix PM_RUNTIME usage Ian Rogers <irogers(a)google.com> libsubcmd: Fix memory leak in uniq() Hans de Goede <hdegoede(a)redhat.com> misc: lis3lv02d_i2c: Add missing setting of the reg_ctrl callback Yinbo Zhu <zhuyinbo(a)loongson.cn> usb: xhci-plat: fix usb disconnect issue after s4 Steven Rostedt (Google) <rostedt(a)goodmis.org> tracefs/eventfs: Use root and instance inodes as default ownership David Howells <dhowells(a)redhat.com> 9p: Fix initialisation of netfs_inode for 9p Bjorn Helgaas <bhelgaas(a)google.com> PCI/AER: Decode Requester ID when no error info found Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> PCI: Fix 64GT/s effective data rate calculation Piro Yang <piroyangg(a)gmail.com> staging: vme_user: Fix the issue of return the wrong error code Yu-Che Cheng <giver(a)chromium.org> spmi: mediatek: Fix UAF on device remove Max Kellermann <max.kellermann(a)ionos.com> fs/kernfs/dir: obey S_ISGID Crescent CY Hsieh <crescentcy.hsieh(a)moxa.com> tty: serial: 8250: Set RS422 interface by default to fix Moxa RS422/RS485 PCIe boards Adrian Reber <areber(a)redhat.com> tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE Jo Van Bulck <jo.vanbulck(a)cs.kuleuven.be> selftests/sgx: Fix linker script asserts Hardik Gajjar <hgajjar(a)de.adit-jv.com> usb: hub: Add quirk to decrease IN-ep poll interval for Microchip USB491x hub Hardik Gajjar <hgajjar(a)de.adit-jv.com> usb: hub: Replace hardcoded quirk value with BIT() macro Yaxiong Tian <tianyaxiong(a)kylinos.cn> extcon: fix possible name leak in extcon_dev_register() James Clark <james.clark(a)arm.com> perf cs-etm: Bump minimum OpenCSD version to ensure a bugfix is present Daniel Stodden <dns(a)arista.com> PCI: switchtec: Fix stdev_release() crash after surprise hot remove Guilherme G. Piccoli <gpiccoli(a)igalia.com> PCI: Only override AMD USB controller if required Xiaowu.ding <xiaowu.ding(a)jaguarmicro.com> mailbox: arm_mhuv2: Fix a bug for mhuv2_sender_interrupt Peter Robinson <pbrobinson(a)gmail.com> mfd: ti_am335x_tscadc: Fix TI SoC dependencies Oleksandr Tyshchenko <oleksandr_tyshchenko(a)epam.com> xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import Frederik Haxel <haxel(a)fzi.de> riscv: Make XIP bootable again Michael Maltsev <mekosko(a)projectyo.network> ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CGA Ben Mayo <benny1091(a)gmail.com> ACPI: resource: Add DMI quirks for ASUS Vivobook E1504GA and E1504GAB Harshit Shah <harshitshah.opendev(a)gmail.com> i3c: master: cdns: Update maximum prescaler value for i2c clock Johannes Berg <johannes.berg(a)intel.com> um: time-travel: fix time corruption Nathan Chancellor <nathan(a)kernel.org> um: net: Fix return type of uml_net_start_xmit() Benjamin Berg <benjamin(a)sipsolutions.net> um: Don't use vfprintf() for os_info() Anton Ivanov <anton.ivanov(a)cambridgegreys.com> um: Fix naming clash between UML and scheduler Heiner Kallweit <hkallweit1(a)gmail.com> leds: trigger: panic: Don't register panic notifier if creating the trigger failed Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> pinctrl: baytrail: Fix types of config value in byt_pin_config_set() bo liu <bo.liu(a)senarytech.com> ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: apply the RV2 system aperture fix to RN/CZN as well Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Ivan Lipski <ivlipski(a)amd.com> Re-revert "drm/amd/display: Enable Replay for static screen use cases" Felix Kuehling <Felix.Kuehling(a)amd.com> drm/amdgpu: Let KFD sync with VM fences Meenakshikumar Somasundaram <meenakshikumar.somasundaram(a)amd.com> drm/amd/display: Fix minor issues in BW Allocation Phase2 Stanley.Yang <Stanley.Yang(a)amd.com> drm/amdgpu: Fix ecc irq enable/disable unpaired Alexander Stein <alexander.stein(a)ew.tq-group.com> clk: imx: clk-imx8qxp: fix LVDS bypass, pixel and phy clocks Kuan-Wei Chiu <visitorckw(a)gmail.com> clk: imx: scu: Fix memory leak in __imx_clk_gpr_scu() Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: Only clear symclk otg flag for HDMI Michael Strauss <michael.strauss(a)amd.com> drm/amd/display: Fix lightup regression with DP2 single display configs Allen Pan <allen.pan(a)amd.com> drm/amd/display: fix usb-c connector_type Josip Pavic <josip.pavic(a)amd.com> drm/amd/display: make flip_timestamp_in_us a 64-bit variable Dafna Hirschfeld <dhirschfeld(a)habana.ai> accel/habanalabs/gaudi2: fix undef opcode reporting Farah Kassabri <fkassabri(a)habana.ai> accel/habanalabs: fix EQ heartbeat mechanism Oded Gabbay <ogabbay(a)kernel.org> accel/habanalabs: add support for Gaudi2C device Werner Fischer <devlists(a)wefi.net> watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 Ben Dooks <ben.dooks(a)codethink.co.uk> watchdog: starfive: add lock annotations to fix context imbalances Kuan-Wei Chiu <visitorckw(a)gmail.com> clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() Kuan-Wei Chiu <visitorckw(a)gmail.com> clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() Wang, Beyond <Wang.Beyond(a)amd.com> drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap Paloma Arellano <quic_parellan(a)quicinc.com> drm/msm/dpu: Add mutex lock in control vblank irq Abhinav Kumar <quic_abhinavk(a)quicinc.com> drm/msm/dpu: fix writeback programming for YUV cases Rob Clark <robdclark(a)chromium.org> drm/msm/dpu: Ratelimit framedone timeout msgs Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: enable writeback on SM8450 Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: enable writeback on SM8350 Jonathan Kim <jonathan.kim(a)amd.com> drm/amdkfd: fix mes set shader debugger process management Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: Force p-state disallow if leaving no plane config Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: For prefetch mode > 0, extend prefetch if possible Kieran Bingham <kieran.bingham(a)ideasonboard.com> media: i2c: imx335: Fix hblank min/max values Hans de Goede <hdegoede(a)redhat.com> media: ov2740: Fix hts value Su Hui <suhui(a)nfschina.com> media: ddbridge: fix an error code problem in ddb_probe Ming Qian <ming.qian(a)nxp.com> media: amphion: remove mutext lock in condition of wait_event Daniel Vacek <neelx(a)redhat.com> IB/ipoib: Fix mcast list locking Douglas Anderson <dianders(a)chromium.org> drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time Chao Yu <chao(a)kernel.org> f2fs: fix to tag gcing flag on page during block migration James Seo <james(a)equiv.tech> hwmon: (hp-wmi-sensors) Fix failure to load on EliteDesk 800 G6 Xing Tong Wu <xingtong.wu(a)siemens.com> hwmon: (nct6775) Fix fan speed set failure in automatic mode Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: resizer: Stop manual allocation of v4l2_subdev_state Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Fix IRQ disable race issue Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Store IRQ lines Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Fix IRQ handler return values Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Drop IRQF_SHARED Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Fix power line control for SunplusIT camera Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Fix power line control for a Chicony camera Neil Armstrong <neil.armstrong(a)linaro.org> drm/msm/dp: Add DisplayPort controller for SM8650 Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ALSA: hda: Intel: add HDA_ARL PCI ID support Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> PCI: add INTEL_HDA_ARL to pci_ids.h Michael Tretter <m.tretter(a)pengutronix.de> media: rockchip: rga: fix swizzling for RGB formats Ghanshyam Agrawal <ghanshyam1898(a)gmail.com> media: stk1160: Fixed high volume of stk1160_dbg messages Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/mipi-dsi: Fix detach call without attach Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/framebuffer: Fix use of uninitialized variable Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/drm_file: fix use of uninitialized variable Wenjing Liu <wenjing.liu(a)amd.com> drm/amd/display: add support for DTO genarated dscclk Dennis Chan <dennis.chan(a)amd.com> drm/amd/display: Fix Replay Desync Error IRQ handler Nicholas Susanto <nicholas.susanto(a)amd.com> drm/amd/display: Fix disable_otg_wa logic Ilya Bakoulin <ilya.bakoulin(a)amd.com> drm/amd/display: Fix MST PBN/X.Y value calculations Venkata Prasad Potturu <venkataprasad.potturu(a)amd.com> ASoC: amd: Add new dmi entries for acp5x platform Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix write pointers on zoned device after roll forward Meenakshikumar Somasundaram <meenakshikumar.somasundaram(a)amd.com> drm/amd/display: Fix tiled display misalignment Xin Ji <xji(a)analogixsemi.com> drm/bridge: anx7625: Fix Set HPD irq detect window to 2ms Hsin-Yi Wang <hsinyi(a)chromium.org> drm/panel-edp: Add override_edid_mode quirk for generic edp Jack Wang <jinpu.wang(a)ionos.com> RDMA/IPoIB: Fix error code return in ipoib_mcast_join Danylo Piliaiev <dpiliaiev(a)igalia.com> drm/msm/a690: Fix reg values for a690 Jan Kara <jack(a)suse.cz> ocfs2: Avoid touching renamed directory if parent does not change Jan Kara <jack(a)suse.cz> reiserfs: Avoid touching renamed directory if parent does not change Al Viro <viro(a)zeniv.linux.org.uk> fast_dput(): handle underflows gracefully Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Takashi Iwai <tiwai(a)suse.de> ALSA: hda: Refer to correct stream index at loops Chao Yu <chao(a)kernel.org> f2fs: fix to check return value of f2fs_reserve_new_block() Linus Walleij <linus.walleij(a)linaro.org> ARM: dts: usr8200: Fix phy registers Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: qca8k: put MDIO bus OF node on qca8k_mdio_register() failure Mina Almasry <almasrymina(a)google.com> net: kcm: fix direct access to bv_len Suman Ghosh <sumang(a)marvell.com> octeontx2-af: Fix max NPC MCAM entry check while validating ref_entry Andrii Staikov <andrii.staikov(a)intel.com> i40e: Fix VF disable behavior to block all traffic Chunyan Zhang <chunyan.zhang(a)unisoc.com> arm64: dts: sprd: Change UMS512 idle-state nodename to match bindings Chunyan Zhang <chunyan.zhang(a)unisoc.com> arm64: dts: sprd: Add clock reference for pll2 on UMS512 Lin Ma <linma(a)zju.edu.cn> bridge: cfm: fix enum typo in br_cc_ccm_tx_parse Wen Gu <guwen(a)linux.alibaba.com> net/smc: disable SEID on non-s390 archs where virtual ISM may be used Frédéric Danis <frederic.danis(a)collabora.com> Bluetooth: L2CAP: Fix possible multiple reject send clancy shang <clancy.shang(a)quectel.com> Bluetooth: hci_sync: fix BR/EDR wakeup bug Iulia Tanasescu <iulia.tanasescu(a)nxp.com> Bluetooth: ISO: Avoid creating child socket if PA sync is terminating Zijun Hu <quic_zijuhu(a)quicinc.com> Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066 Benjamin Berg <benjamin.berg(a)intel.com> wifi: cfg80211: free beacon_ies when overridden from hidden BSS Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() Mingyi Zhang <zhangmingyi5(a)huawei.com> libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos Ching-Te Ku <ku920601(a)realtek.com> wifi: rtw89: coex: Fix wrong Wi-Fi role info and FDDT parameter members Zenm Chen <zenmchen(a)gmail.com> wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Xianwei Zhao <xianwei.zhao(a)amlogic.com> arm64: dts: amlogic: fix format for s4 uart node Jesse Brandeburg <jesse.brandeburg(a)intel.com> ice: fix pre-shifted bit usage Jesse Brandeburg <jesse.brandeburg(a)intel.com> intel: add bit macro includes where needed Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: Fix coresight warnings in in-ports and out-ports Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property Alexei Starovoitov <ast(a)kernel.org> x86/cfi,bpf: Fix bpf_exception_cb() signature Alex Lyakas <alex.lyakas(a)zadara.com> md: Whenassemble the array, consult the superblock of the freshest device Christoph Hellwig <hch(a)lst.de> block: prevent an integer overflow in bvec_try_merge_hw_page Linus Walleij <linus.walleij(a)linaro.org> ARM64: dts: marvell: Fix some common switch mistakes Linus Walleij <linus.walleij(a)linaro.org> ARM: dts: marvell: Fix some common switch mistakes Tobias Waldekranz <tobias(a)waldekranz.com> net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error path Igor Russkikh <irusskikh(a)marvell.com> net: atlantic: eliminate double free in error handling logic Ahmed Zaki <ahmed.zaki(a)intel.com> ice: fix ICE_AQ_VSI_Q_OPT_RSS_* register values Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Set .phy_attached before notifing phyup event HISI_PHYE_PHY_UP_PM Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Move determination of vmid_flag after VMID reinitialization completes Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Reinitialize an NPIV's VMID data structures after FDISC Fabio Estevam <festevam(a)denx.de> ARM: dts: imx23/28: Fix the DMA controller node name Fabio Estevam <festevam(a)denx.de> ARM: dts: imx23-sansa: Use preferred i2c-gpios properties Fabio Estevam <festevam(a)denx.de> ARM: dts: imx27-apf27dev: Fix LED name Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25/27: Pass timing0 Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25: Fix the iim compatible string Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: fix compiler warnings in RELEASE=1 mode Michal Simek <michal.simek(a)amd.com> arm64: zynqmp: Fix clock node name in kv260 cards Michal Simek <michal.simek(a)amd.com> arm64: zynqmp: Move fixed clock to / for kv260 Kees Cook <keescook(a)chromium.org> block/rnbd-srv: Check for unlikely string overflow Shannon Nelson <shannon.nelson(a)amd.com> ionic: bypass firmware cmds when stuck in reset Shannon Nelson <shannon.nelson(a)amd.com> ionic: pass opcode to devcmd_wait Christian Marangi <ansuelsmth(a)gmail.com> net: phy: at803x: fix passing the wrong reference for config_intr Fabio Estevam <festevam(a)denx.de> ARM: dts: imx1: Fix sram node Fabio Estevam <festevam(a)denx.de> ARM: dts: imx27: Fix sram node Fabio Estevam <festevam(a)denx.de> ARM: dts: imx: Use flash@0,0 pattern Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25/27-eukrea: Fix RTC node name Johan Jonker <jbx6244(a)gmail.com> ARM: dts: rockchip: fix rk3036 hdmi ports node Lingbo Kong <quic_lingbok(a)quicinc.com> wifi: ath12k: fix the issue that the multicast/broadcast indicator is not read correctly for WCN7850 Dmitry Antipov <dmantipov(a)yandex.ru> wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() Hou Tao <houtao1(a)huawei.com> bpf: Set uattr->batch.count as zero before batched update or deletion StanleyYP Wang <StanleyYP.Wang(a)mediatek.com> wifi: mt76: mt7996: add PCI IDs for mt7992 MeiChia Chiu <meichia.chiu(a)mediatek.com> wifi: mt76: connac: fix EHT phy mode check Nia Espera <nespera(a)igalia.com> arm64: dts: qcom: sm8350: Fix remoteproc interrupt type Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: qcom: sm8450: fix soundwire controllers node name Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: qcom: sm8550: fix soundwire controllers node name Tobias Waldekranz <tobias(a)waldekranz.com> net: mvmdio: Avoid excessive sleeps in polled mode Hannes Reinecke <hare(a)suse.de> scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hannes Reinecke <hare(a)suse.de> scsi: libfc: Don't schedule abort twice Kang Yang <quic_kangyang(a)quicinc.com> wifi: ath12k: fix and enable AP mode for WCN7850 Hou Tao <houtao1(a)huawei.com> bpf: Set need_defer as false when clearing fd array during map free Hou Tao <houtao1(a)huawei.com> bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers Chih-Kang Chang <gary.chang(a)realtek.com> wifi: rtw89: fix misbehavior of TX beacon in concurrent mode Po-Hao Huang <phhuang(a)realtek.com> wifi: rtw89: fix not entering PS mode after AP stops Baochen Qiang <quic_bqiang(a)quicinc.com> wifi: ath11k: fix race due to setting ATH11K_FLAG_EXT_IRQ_ENABLED too early Minsuk Kang <linuxlovemin(a)yonsei.ac.kr> wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Yonghong Song <yonghong.song(a)linux.dev> bpf: Fix a few selftest failures due to llvm18 change Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7s: Fix nand-controller #size-cells Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7s: Fix lcdif compatible Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7d: Fix coresight funnel ports ching Huang <ching2048(a)areca.com.tw> scsi: arcmsr: Support new PCI device IDs 1883 and 1886 Sumit Saxena <sumit.saxena(a)broadcom.com> scsi: mpi3mr: Add PCI checks where SAS5116 diverges from SAS4116 Sumit Saxena <sumit.saxena(a)broadcom.com> scsi: mpi3mr: Add support for SAS5116 PCI IDs Jose Ignacio Tornos Martinez <jtornosm(a)redhat.com> net: usb: ax88179_178a: avoid two consecutive device resets Zhengchao Shao <shaozhengchao(a)huawei.com> bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk Ido Schimmel <idosch(a)nvidia.com> PCI: Add no PM reset quirk for NVIDIA Spectrum devices Kory Maincent <kory.maincent(a)bootlin.com> net: phy: micrel: fix ts_info value in case of no phc Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: samsung: s5pv210: fix camera unit addresses/ranges Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: samsung: exynos4: fix camera unit addresses/ranges Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Fix possible file string name overflow when updating firmware Tanmay Shah <tanmay.shah(a)xilinx.com> soc: xilinx: fix unhandled SGI warning message HariBabu Gattem <haribabu.gattem(a)xilinx.com> soc: xilinx: Fix for call trace due to the usage of smp_processor_id() Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: msm8660: fix PMIC node labels Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: mdm9615: fix PMIC node labels Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: strip prefix from PMIC files Yafang Shao <laoar.shao(a)gmail.com> selftests/bpf: Fix issues in setup_classid_environment() Shiji Yang <yangshiji66(a)outlook.com> wifi: rt2x00: correct wrong BBP register in RxDCOC calibration Yonghong Song <yonghong.song(a)linux.dev> selftests/bpf: Fix pyperf180 compilation failure with clang18 Yonghong Song <yonghong.song(a)linux.dev> libbpf: Fix potential uninitialized tail padding with LIBBPF_OPTS_RESET Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: satisfy compiler by having explicit return in btf test Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: fix RELEASE=1 build for tc_opts Shiji Yang <yangshiji66(a)outlook.com> wifi: rt2x00: restart beacon queue when hardware reset Dmitry Antipov <dmantipov(a)yandex.ru> wifi: rtw89: fix timeout calculation in rtw89_roc_end() Baokun Li <libaokun1(a)huawei.com> ext4: avoid online resizing failures due to oversized flex bg Baokun Li <libaokun1(a)huawei.com> ext4: remove unnecessary check from alloc_flex_gd() Baokun Li <libaokun1(a)huawei.com> ext4: unify the type of flexbg_size to unsigned int Ye Bin <yebin10(a)huawei.com> ext4: fix inconsistent between segment fstrim and full fstrim Gabriel Krisman Bertazi <krisman(a)suse.de> ecryptfs: Reject casefold directory inodes Shyam Prasad N <sprasad(a)microsoft.com> cifs: fix in logging in cifs_chan_update_iface Paulo Alcantara <pc(a)manguebit.com> smb: client: fix hardlinking of reparse points Paulo Alcantara <pc(a)manguebit.com> smb: client: fix renaming of reparse points Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: treat end of range as exclusive in ext4_zero_range() Anna Schumaker <Anna.Schumaker(a)Netapp.com> SUNRPC: Fix a suspicious RCU usage warning Joel Granados <j.granados(a)samsung.com> sysctl: Fix out of bounds access for empty sysctl registers Heiko Carstens <hca(a)linux.ibm.com> KVM: s390: fix setting of fpc register Heiko Carstens <hca(a)linux.ibm.com> s390/ptrace: handle setting of fpc register correctly Tony Krowiak <akrowiak(a)linux.ibm.com> s390/vfio-ap: fix sysfs status attribute for AP queue devices Arnd Bergmann <arnd(a)arndb.de> arch: fix asm-offsets.c building with -Wmissing-prototypes Arnd Bergmann <arnd(a)arndb.de> arch: consolidate arch_irq_work_raise prototypes Alexander Gordeev <agordeev(a)linux.ibm.com> s390/boot: always align vmalloc area on segment boundary Edward Adam Davis <eadavis(a)qq.com> jfs: fix array-index-out-of-bounds in diNewExt Oleg Nesterov <oleg(a)redhat.com> rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleg Nesterov <oleg(a)redhat.com> afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> crypto: stm32/crc32 - fix parsing list of devices Gao Xiang <xiang(a)kernel.org> erofs: fix ztailpacking for subpage compressed blocks Bharat Bhushan <bbhushan2(a)marvell.com> crypto: octeontx2 - Fix cptvf driver cleanup Jia Jie Ho <jiajie.ho(a)starfivetech.com> crypto: starfive - Fix dev_err_probe return error Gao Xiang <xiang(a)kernel.org> erofs: fix up compacted indexes for block size < 4096 Weichen Chen <weichen.chen(a)mediatek.com> pstore/ram: Fix crash when setting number of cpus to an odd number Gustavo A. R. Silva <gustavoars(a)kernel.org> crypto: p10-aes-gcm - Avoid -Wstringop-overflow warnings Jia Jie Ho <jiajie.ho(a)starfivetech.com> hwrng: starfive - Fix dev_err_probe return error Edward Adam Davis <eadavis(a)qq.com> jfs: fix uaf in jfs_evict_inode Manas Ghandat <ghandatmanas(a)gmail.com> jfs: fix array-index-out-of-bounds in dbAdjTree Manas Ghandat <ghandatmanas(a)gmail.com> jfs: fix slab-out-of-bounds Read in dtSearch Osama Muhammad <osmtendev(a)gmail.com> UBSAN: array-index-out-of-bounds in dtSplitRoot Osama Muhammad <osmtendev(a)gmail.com> FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> thermal: core: Fix thermal zone suspend-resume synchronization Viresh Kumar <viresh.kumar(a)linaro.org> OPP: The level field is always of unsigned int type Shuai Xue <xueshuai(a)linux.alibaba.com> ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events Mukesh Ojha <quic_mojha(a)quicinc.com> PM / devfreq: Synchronize devfreq_monitor_[start/stop] Michal Wajdeczko <michal.wajdeczko(a)intel.com> kunit: Reset test->priv after each param iteration Rae Moar <rmoar(a)google.com> kunit: tool: fix parsing of test attributes Yuntao Wang <ytcoode(a)gmail.com> ACPI: NUMA: Fix the logic of getting the fake_pxm value Thomas Weißschuh <linux(a)weissschuh.net> selftests/nolibc: fix testcase status alignment Prarit Bhargava <prarit(a)redhat.com> ACPI: extlog: fix NULL pointer dereference check Dmitry Antipov <dmantipov(a)yandex.ru> PNP: ACPI: fix fortify warning Yuluo Qiu <qyl27(a)outlook.com> ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Yuntao Wang <ytcoode(a)gmail.com> ACPI: tables: Correct and clean up the logic of acpi_parse_entries_array() Chris Riches <chris.riches(a)nutanix.com> audit: Send netlink ACK before setting connection in auditd_set Rui Zhang <zr.zhang(a)vivo.com> regulator: core: Only increment use_count when enable_count changes Vincent Guittot <vincent.guittot(a)linaro.org> sched/fair: Fix tg->load when offlining a CPU Andrzej Hajda <andrzej.hajda(a)intel.com> debugobjects: Stop accessing objects after releasing hash bucket lock Greg KH <gregkh(a)linuxfoundation.org> perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file Raghavendra K T <raghavendra.kt(a)amd.com> sched/numa: Fix mm numa_scan_seq based unconditional scan Zhiquan Li <zhiquan1.li(a)intel.com> x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel Naveen N Rao <naveen(a)kernel.org> powerpc/lib: Validate size for vector operations Stephen Rothwell <sfr(a)canb.auug.org.au> powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE Jun'ichi Nomura <junichi.nomura(a)nec.com> x86/boot: Ignore NMIs during very early boot Michael Ellerman <mpe(a)ellerman.id.au> powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping() Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() Michael Ellerman <mpe(a)ellerman.id.au> powerpc: Fix build error due to is_valid_bugaddr() Mark Rutland <mark.rutland(a)arm.com> drivers/perf: pmuv3: don't expose SW_INCR event in sysfs Huang Shijie <shijie(a)os.amperecomputing.com> arm64: irq: set the correct node for VMAP stack Kunwu Chan <chentao(a)kylinos.cn> powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Dmitry Torokhov <dmitry.torokhov(a)gmail.com> asm-generic: make sparse happy with odd-sized put_unaligned_*() ------------- Diffstat: Documentation/ABI/testing/sysfs-class-net-queues | 22 +- Documentation/sound/soc/dapm.rst | 2 +- Makefile | 4 +- arch/alpha/kernel/asm-offsets.c | 2 +- .../intel/ixp/intel-ixp42x-usrobotics-usr8200.dts | 22 ++ arch/arm/boot/dts/marvell/armada-370-rd.dts | 24 +-- .../dts/marvell/armada-381-netgear-gs110emx.dts | 44 ++-- .../dts/marvell/armada-385-clearfog-gtr-l8.dts | 38 ++-- .../dts/marvell/armada-385-clearfog-gtr-s4.dts | 22 +- arch/arm/boot/dts/marvell/armada-385-linksys.dtsi | 18 +- .../boot/dts/marvell/armada-385-turris-omnia.dts | 20 +- arch/arm/boot/dts/marvell/armada-388-clearfog.dts | 20 +- .../boot/dts/marvell/armada-xp-linksys-mamba.dts | 18 +- arch/arm/boot/dts/nxp/imx/imx1-ads.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx1-apf9328.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx1.dtsi | 5 +- .../boot/dts/nxp/imx/imx25-eukrea-cpuimx25.dtsi | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-cmo-qvga.dts | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-dvi-svga.dts | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-dvi-vga.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx25-pdk.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx25.dtsi | 2 +- arch/arm/boot/dts/nxp/imx/imx27-apf27dev.dts | 4 +- .../boot/dts/nxp/imx/imx27-eukrea-cpuimx27.dtsi | 4 +- .../nxp/imx/imx27-eukrea-mbimxsd27-baseboard.dts | 2 +- .../dts/nxp/imx/imx27-phytec-phycard-s-rdk.dts | 2 +- .../boot/dts/nxp/imx/imx27-phytec-phycore-rdk.dts | 2 +- .../boot/dts/nxp/imx/imx27-phytec-phycore-som.dtsi | 2 +- arch/arm/boot/dts/nxp/imx/imx27.dtsi | 3 + arch/arm/boot/dts/nxp/imx/imx7d.dtsi | 3 - arch/arm/boot/dts/nxp/imx/imx7s.dtsi | 10 +- arch/arm/boot/dts/nxp/mxs/imx23-sansa.dts | 12 +- arch/arm/boot/dts/nxp/mxs/imx23.dtsi | 2 +- arch/arm/boot/dts/nxp/mxs/imx28.dtsi | 2 +- .../dts/qcom/{qcom-pm8226.dtsi => pm8226.dtsi} | 0 .../dts/qcom/{qcom-pm8841.dtsi => pm8841.dtsi} | 0 .../dts/qcom/{qcom-pm8941.dtsi => pm8941.dtsi} | 0 .../dts/qcom/{qcom-pma8084.dtsi => pma8084.dtsi} | 0 .../boot/dts/qcom/{qcom-pmx55.dtsi => pmx55.dtsi} | 0 .../boot/dts/qcom/{qcom-pmx65.dtsi => pmx65.dtsi} | 0 .../boot/dts/qcom/qcom-apq8026-asus-sparrow.dts | 2 +- .../boot/dts/qcom/qcom-apq8026-huawei-sturgeon.dts | 2 +- arch/arm/boot/dts/qcom/qcom-apq8026-lg-lenok.dts | 2 +- .../dts/qcom/qcom-apq8026-samsung-matisse-wifi.dts | 2 +- .../arm/boot/dts/qcom/qcom-apq8060-dragonboard.dts | 4 +- .../arm/boot/dts/qcom/qcom-apq8074-dragonboard.dts | 4 +- arch/arm/boot/dts/qcom/qcom-apq8084-ifc6540.dts | 2 +- arch/arm/boot/dts/qcom/qcom-apq8084-mtp.dts | 2 +- arch/arm/boot/dts/qcom/qcom-mdm9615-wp8548.dtsi | 2 +- arch/arm/boot/dts/qcom/qcom-mdm9615.dtsi | 14 +- arch/arm/boot/dts/qcom/qcom-msm8660.dtsi | 16 +- .../qcom/qcom-msm8974-lge-nexus5-hammerhead.dts | 4 +- .../dts/qcom/qcom-msm8974-sony-xperia-rhine.dtsi | 4 +- .../dts/qcom/qcom-msm8974pro-fairphone-fp2.dts | 4 +- .../dts/qcom/qcom-msm8974pro-oneplus-bacon.dts | 4 +- .../boot/dts/qcom/qcom-msm8974pro-samsung-klte.dts | 2 +- .../qcom-msm8974pro-sony-xperia-shinano-castor.dts | 4 +- arch/arm/boot/dts/qcom/qcom-sdx55-mtp.dts | 2 +- arch/arm/boot/dts/qcom/qcom-sdx55-t55.dts | 2 +- .../boot/dts/qcom/qcom-sdx55-telit-fn980-tlb.dts | 2 +- arch/arm/boot/dts/qcom/qcom-sdx65-mtp.dts | 2 +- arch/arm/boot/dts/rockchip/rk3036.dtsi | 14 +- arch/arm/boot/dts/samsung/exynos4.dtsi | 26 +-- arch/arm/boot/dts/samsung/exynos4x12.dtsi | 17 +- arch/arm/boot/dts/samsung/s5pv210.dtsi | 18 +- arch/arm/include/asm/irq_work.h | 2 - .../boot/dts/amlogic/meson-s4-s805x2-aq222.dts | 4 +- arch/arm64/boot/dts/amlogic/meson-s4.dtsi | 4 +- .../dts/marvell/armada-3720-espressobin-ultra.dts | 14 +- .../boot/dts/marvell/armada-3720-espressobin.dtsi | 20 +- .../boot/dts/marvell/armada-3720-gl-mv1000.dts | 20 +- .../boot/dts/marvell/armada-3720-turris-mox.dts | 85 ++++---- .../boot/dts/marvell/armada-7040-mochabin.dts | 24 +-- .../dts/marvell/armada-8040-clearfog-gt-8k.dts | 22 +- arch/arm64/boot/dts/marvell/cn9130-crb.dtsi | 42 ++-- arch/arm64/boot/dts/qcom/msm8996.dtsi | 21 ++ arch/arm64/boot/dts/qcom/msm8998.dtsi | 32 +-- arch/arm64/boot/dts/qcom/sdm845.dtsi | 5 +- arch/arm64/boot/dts/qcom/sm8150.dtsi | 5 +- arch/arm64/boot/dts/qcom/sm8250.dtsi | 24 +-- arch/arm64/boot/dts/qcom/sm8350.dtsi | 8 +- arch/arm64/boot/dts/qcom/sm8450.dtsi | 8 +- arch/arm64/boot/dts/qcom/sm8550.dtsi | 8 +- arch/arm64/boot/dts/sprd/ums512.dtsi | 3 +- .../boot/dts/xilinx/zynqmp-sck-kv-g-revA.dtso | 40 ++-- .../boot/dts/xilinx/zynqmp-sck-kv-g-revB.dtso | 42 ++-- arch/arm64/include/asm/irq_work.h | 2 - arch/arm64/kernel/irq.c | 7 +- arch/csky/include/asm/irq_work.h | 2 +- arch/loongarch/kernel/asm-offsets.c | 26 +-- arch/powerpc/crypto/aes-gcm-p10-glue.c | 2 +- arch/powerpc/include/asm/irq_work.h | 1 - arch/powerpc/include/asm/mmu.h | 4 + arch/powerpc/include/asm/mmzone.h | 8 - arch/powerpc/kernel/traps.c | 2 + arch/powerpc/lib/sstep.c | 10 + arch/powerpc/mm/book3s64/pgtable.c | 2 + arch/powerpc/mm/init-common.c | 5 +- arch/powerpc/mm/mmu_decl.h | 5 + arch/riscv/include/asm/irq_work.h | 2 +- arch/riscv/kernel/head.S | 1 + arch/riscv/mm/init.c | 12 +- arch/s390/boot/ipl_parm.c | 2 +- arch/s390/boot/startup.c | 3 +- arch/s390/include/asm/irq_work.h | 2 - arch/s390/kernel/ptrace.c | 6 +- arch/s390/kvm/kvm-s390.c | 5 - arch/sparc/kernel/asm-offsets.c | 6 +- arch/um/drivers/net_kern.c | 2 +- arch/um/include/shared/kern_util.h | 2 +- arch/um/kernel/process.c | 2 +- arch/um/kernel/time.c | 32 ++- arch/um/os-Linux/helper.c | 6 +- arch/um/os-Linux/util.c | 19 +- arch/x86/boot/compressed/ident_map_64.c | 5 + arch/x86/boot/compressed/idt_64.c | 1 + arch/x86/boot/compressed/idt_handlers_64.S | 1 + arch/x86/boot/compressed/misc.h | 1 + arch/x86/include/asm/irq_work.h | 1 - arch/x86/include/asm/kmsan.h | 17 +- arch/x86/kernel/cpu/mce/core.c | 16 ++ block/bio.c | 2 +- block/blk-mq.c | 16 ++ drivers/accel/habanalabs/common/device.c | 17 +- drivers/accel/habanalabs/common/habanalabs.h | 2 + drivers/accel/habanalabs/common/habanalabs_drv.c | 3 + drivers/accel/habanalabs/common/mmu/mmu.c | 1 + drivers/accel/habanalabs/common/sysfs.c | 3 + drivers/accel/habanalabs/gaudi2/gaudi2.c | 14 +- .../habanalabs/include/hw_ip/pci/pci_general.h | 1 + drivers/acpi/acpi_extlog.c | 5 +- drivers/acpi/acpi_video.c | 9 + drivers/acpi/apei/ghes.c | 29 ++- drivers/acpi/numa/srat.c | 4 +- drivers/acpi/resource.c | 21 ++ drivers/base/arch_numa.c | 2 +- drivers/block/rnbd/rnbd-srv.c | 19 +- drivers/bluetooth/hci_qca.c | 1 + drivers/char/hw_random/jh7110-trng.c | 2 +- drivers/clk/hisilicon/clk-hi3620.c | 4 +- drivers/clk/imx/clk-imx8qxp.c | 24 ++- drivers/clk/imx/clk-scu.c | 4 +- drivers/clk/mmp/clk-of-pxa168.c | 3 + drivers/crypto/caam/caamalg_qi2.c | 7 +- drivers/crypto/caam/caamhash.c | 7 +- drivers/crypto/marvell/octeontx2/otx2_cptlf.c | 6 +- drivers/crypto/marvell/octeontx2/otx2_cptvf_main.c | 3 + drivers/crypto/starfive/jh7110-cryp.c | 2 +- drivers/crypto/stm32/stm32-crc32.c | 2 +- drivers/devfreq/devfreq.c | 24 ++- drivers/extcon/extcon.c | 3 +- drivers/gpu/drm/amd/amdgpu/aldebaran.c | 26 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c | 21 +- drivers/gpu/drm/amd/amdgpu/amdgpu_mca.c | 8 +- drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c | 31 +++ drivers/gpu/drm/amd/amdgpu/amdgpu_mes.h | 10 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 13 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c | 3 + drivers/gpu/drm/amd/amdgpu/amdgpu_sync.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.c | 6 +- drivers/gpu/drm/amd/amdgpu/gfxhub_v1_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gfxhub_v1_2.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c | 4 + drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 5 + drivers/gpu/drm/amd/amdgpu/gmc_v6_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 8 +- drivers/gpu/drm/amd/amdgpu/mmhub_v1_0.c | 4 +- .../gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 2 + drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 42 ++-- drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 24 ++- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 30 +-- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 9 +- .../amd/display/dc/clk_mgr/dcn314/dcn314_clk_mgr.c | 71 ++++++- .../amd/display/dc/clk_mgr/dcn314/dcn314_clk_mgr.h | 11 + .../amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c | 8 - drivers/gpu/drm/amd/display/dc/core/dc.c | 4 + drivers/gpu/drm/amd/display/dc/dc_hw_types.h | 2 +- drivers/gpu/drm/amd/display/dc/dce/dce_audio.c | 2 +- .../gpu/drm/amd/display/dc/dce/dce_clock_source.c | 9 +- .../amd/display/dc/dcn35/dcn35_dio_link_encoder.c | 5 + .../amd/display/dc/dml/dcn32/display_mode_vba_32.c | 3 + .../dc/dml/dcn32/display_mode_vba_util_32.c | 33 ++- .../dc/dml/dcn32/display_mode_vba_util_32.h | 1 + .../drm/amd/display/dc/dml2/display_mode_core.c | 2 +- drivers/gpu/drm/amd/display/dc/dml2/dml2_utils.c | 8 + .../drm/amd/display/dc/hwss/dce110/dce110_hwseq.c | 5 +- .../drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c | 3 +- .../drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c | 23 ++- .../drm/amd/display/dc/hwss/dcn31/dcn31_hwseq.c | 3 +- .../drm/amd/display/dc/hwss/dcn32/dcn32_hwseq.c | 25 +++ drivers/gpu/drm/amd/display/dc/inc/hw/clk_mgr.h | 1 + drivers/gpu/drm/amd/display/dc/inc/hw/dccg.h | 4 + drivers/gpu/drm/amd/display/dc/link/link_dpms.c | 40 +++- .../display/dc/link/protocols/link_dp_dpia_bw.c | 221 +++++++++------------ .../display/dc/link/protocols/link_dp_dpia_bw.h | 4 +- .../dc/link/protocols/link_dp_irq_handler.c | 12 +- drivers/gpu/drm/amd/display/include/audio_types.h | 2 +- .../drm/amd/display/modules/power/power_helpers.c | 2 - drivers/gpu/drm/amd/include/amd_shared.h | 2 - drivers/gpu/drm/amd/include/mes_v11_api_def.h | 3 +- .../amd/pm/powerplay/hwmgr/process_pptables_v1_0.c | 2 +- .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 17 +- drivers/gpu/drm/bridge/analogix/anx7625.c | 51 +++-- drivers/gpu/drm/bridge/analogix/anx7625.h | 4 + drivers/gpu/drm/drm_file.c | 2 +- drivers/gpu/drm/drm_framebuffer.c | 2 +- drivers/gpu/drm/drm_mipi_dsi.c | 17 +- drivers/gpu/drm/exynos/exynos_drm_drv.c | 11 + drivers/gpu/drm/msm/adreno/a6xx_gpu.c | 23 ++- .../gpu/drm/msm/disp/dpu1/catalog/dpu_7_0_sm8350.h | 18 ++ .../gpu/drm/msm/disp/dpu1/catalog/dpu_8_1_sm8450.h | 18 ++ drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 6 +- drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys.h | 4 +- .../gpu/drm/msm/disp/dpu1/dpu_encoder_phys_cmd.c | 32 ++- .../gpu/drm/msm/disp/dpu1/dpu_encoder_phys_vid.c | 33 ++- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_wb.c | 3 + drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 1 + drivers/gpu/drm/msm/dp/dp_display.c | 6 + drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 + drivers/gpu/drm/msm/msm_mdss.c | 2 +- drivers/gpu/drm/panel/panel-edp.c | 48 ++++- drivers/hid/hidraw.c | 7 +- drivers/hwmon/hp-wmi-sensors.c | 127 ++++++++++-- drivers/hwmon/nct6775-core.c | 7 + drivers/i2c/busses/i2c-rk3x.c | 8 +- drivers/i3c/master/i3c-master-cdns.c | 7 +- drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 7 +- drivers/leds/trigger/ledtrig-panic.c | 5 +- drivers/mailbox/arm_mhuv2.c | 3 +- drivers/md/md.c | 54 ++++- drivers/media/i2c/imx335.c | 4 +- drivers/media/i2c/ov2740.c | 17 +- drivers/media/pci/ddbridge/ddbridge-main.c | 2 +- drivers/media/platform/amphion/vpu.h | 3 +- drivers/media/platform/amphion/vpu_cmds.c | 28 +-- drivers/media/platform/amphion/vpu_v4l2.c | 1 + drivers/media/platform/rockchip/rga/rga.c | 15 +- .../media/platform/rockchip/rkisp1/rkisp1-common.h | 11 +- .../media/platform/rockchip/rkisp1/rkisp1-csi.c | 14 +- .../media/platform/rockchip/rkisp1/rkisp1-dev.c | 35 +++- .../media/platform/rockchip/rkisp1/rkisp1-isp.c | 20 +- .../platform/rockchip/rkisp1/rkisp1-resizer.c | 38 ++-- drivers/media/usb/stk1160/stk1160-video.c | 5 +- drivers/media/usb/uvc/uvc_driver.c | 18 ++ drivers/mfd/Kconfig | 1 + drivers/misc/lis3lv02d/lis3lv02d_i2c.c | 1 + drivers/net/bonding/bond_alb.c | 3 +- drivers/net/dsa/mt7530.c | 3 +- drivers/net/dsa/mv88e6xxx/chip.h | 4 +- drivers/net/dsa/mv88e6xxx/serdes.c | 10 +- drivers/net/dsa/mv88e6xxx/serdes.h | 8 +- drivers/net/dsa/qca/qca8k-8xxx.c | 24 ++- drivers/net/ethernet/amd/pds_core/adminq.c | 64 ++++-- drivers/net/ethernet/amd/pds_core/core.c | 46 ++++- drivers/net/ethernet/amd/pds_core/core.h | 2 +- drivers/net/ethernet/amd/pds_core/debugfs.c | 4 + drivers/net/ethernet/amd/pds_core/dev.c | 16 +- drivers/net/ethernet/amd/pds_core/devlink.c | 3 +- drivers/net/ethernet/amd/pds_core/fw.c | 3 + drivers/net/ethernet/amd/pds_core/main.c | 26 ++- drivers/net/ethernet/aquantia/atlantic/aq_ptp.c | 28 +-- drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 61 ++---- drivers/net/ethernet/aquantia/atlantic/aq_ring.h | 22 +- drivers/net/ethernet/aquantia/atlantic/aq_vec.c | 23 +-- drivers/net/ethernet/google/gve/gve_rx.c | 8 +- drivers/net/ethernet/intel/e1000/e1000_hw.c | 1 + drivers/net/ethernet/intel/e1000e/e1000.h | 20 ++ drivers/net/ethernet/intel/e1000e/ptp.c | 22 +- drivers/net/ethernet/intel/fm10k/fm10k_pf.c | 1 + drivers/net/ethernet/intel/fm10k/fm10k_vf.c | 1 + drivers/net/ethernet/intel/i40e/i40e_common.c | 1 + drivers/net/ethernet/intel/i40e/i40e_dcb.c | 2 + drivers/net/ethernet/intel/i40e/i40e_nvm.c | 1 + drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 32 +++ drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 + drivers/net/ethernet/intel/iavf/iavf_common.c | 3 +- drivers/net/ethernet/intel/iavf/iavf_ethtool.c | 5 +- drivers/net/ethernet/intel/iavf/iavf_fdir.c | 1 + drivers/net/ethernet/intel/iavf/iavf_txrx.c | 1 + drivers/net/ethernet/intel/ice/ice_adminq_cmd.h | 18 +- drivers/net/ethernet/intel/ice/ice_lib.c | 7 +- drivers/net/ethernet/intel/ice/ice_virtchnl.c | 12 +- drivers/net/ethernet/intel/ice/ice_vsi_vlan_lib.c | 16 +- drivers/net/ethernet/intel/idpf/virtchnl2.h | 2 +- drivers/net/ethernet/intel/igb/e1000_i210.c | 4 +- drivers/net/ethernet/intel/igb/e1000_nvm.c | 4 +- drivers/net/ethernet/intel/igb/e1000_phy.c | 4 +- drivers/net/ethernet/intel/igbvf/netdev.c | 28 +-- drivers/net/ethernet/intel/igc/igc_i225.c | 1 + drivers/net/ethernet/intel/igc/igc_phy.c | 1 + drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c | 36 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_82599.c | 61 +++--- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 145 +++++++------- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 42 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c | 34 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 1 - drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 105 +++++----- drivers/net/ethernet/intel/ixgbe/ixgbe_phy.h | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 43 +--- drivers/net/ethernet/intel/ixgbe/ixgbe_x540.c | 44 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 149 +++++++------- drivers/net/ethernet/marvell/mvmdio.c | 53 ++--- .../net/ethernet/marvell/octeontx2/af/rvu_npc.c | 13 +- .../ethernet/marvell/octeontx2/nic/otx2_ethtool.c | 1 - .../net/ethernet/marvell/octeontx2/nic/otx2_pf.c | 3 +- .../net/ethernet/marvell/octeontx2/nic/otx2_txrx.c | 7 +- drivers/net/ethernet/mediatek/mtk_eth_soc.c | 5 +- .../net/ethernet/microchip/lan966x/lan966x_port.c | 5 +- .../net/ethernet/pensando/ionic/ionic_bus_pci.c | 4 + drivers/net/ethernet/pensando/ionic/ionic_dev.c | 1 + drivers/net/ethernet/pensando/ionic/ionic_dev.h | 1 + drivers/net/ethernet/pensando/ionic/ionic_lif.c | 3 + drivers/net/ethernet/pensando/ionic/ionic_main.c | 22 +- drivers/net/phy/at803x.c | 6 +- drivers/net/phy/mediatek-ge-soc.c | 147 ++++++++------ drivers/net/phy/micrel.c | 6 +- drivers/net/usb/ax88179_178a.c | 2 - drivers/net/virtio_net.c | 9 +- drivers/net/wireless/ath/ath11k/pcic.c | 4 +- drivers/net/wireless/ath/ath12k/hal.c | 4 +- drivers/net/wireless/ath/ath12k/hw.c | 3 +- drivers/net/wireless/ath/ath12k/mac.c | 4 +- drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 5 +- .../net/wireless/mediatek/mt76/mt76_connac_mcu.c | 2 +- drivers/net/wireless/mediatek/mt76/mt7996/pci.c | 8 +- drivers/net/wireless/ralink/rt2x00/rt2800lib.c | 2 +- drivers/net/wireless/ralink/rt2x00/rt2x00dev.c | 3 + drivers/net/wireless/ralink/rt2x00/rt2x00mac.c | 11 + .../net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 12 ++ .../net/wireless/realtek/rtlwifi/rtl8723ae/phy.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8723be/phy.c | 4 +- drivers/net/wireless/realtek/rtw89/coex.c | 4 +- drivers/net/wireless/realtek/rtw89/core.c | 2 +- drivers/net/wireless/realtek/rtw89/core.h | 12 +- drivers/net/wireless/realtek/rtw89/fw.c | 17 +- drivers/net/wireless/realtek/rtw89/mac.c | 100 +++++++++- drivers/net/wireless/realtek/rtw89/mac.h | 1 + drivers/net/wireless/realtek/rtw89/mac80211.c | 3 + drivers/net/wireless/realtek/rtw89/reg.h | 17 ++ drivers/net/wireless/silabs/wfx/sta.c | 42 ++-- drivers/opp/core.c | 9 +- drivers/pci/pci.h | 2 +- drivers/pci/pcie/aer.c | 9 +- drivers/pci/quirks.c | 24 ++- drivers/pci/switch/switchtec.c | 25 ++- drivers/perf/arm_pmuv3.c | 6 +- drivers/pinctrl/intel/pinctrl-baytrail.c | 3 +- drivers/pnp/pnpacpi/rsparser.c | 12 +- drivers/regulator/core.c | 56 +++--- drivers/regulator/ti-abb-regulator.c | 22 +- drivers/s390/crypto/vfio_ap_ops.c | 16 +- drivers/scsi/arcmsr/arcmsr.h | 4 + drivers/scsi/arcmsr/arcmsr_hba.c | 6 + drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 10 +- drivers/scsi/isci/request.c | 2 +- drivers/scsi/libfc/fc_fcp.c | 18 +- drivers/scsi/lpfc/lpfc.h | 1 + drivers/scsi/lpfc/lpfc_els.c | 14 +- drivers/scsi/lpfc/lpfc_init.c | 4 +- drivers/scsi/lpfc/lpfc_vmid.c | 1 + drivers/scsi/mpi3mr/mpi3mr_fw.c | 3 +- drivers/scsi/mpi3mr/mpi3mr_os.c | 13 +- drivers/scsi/scsi_error.c | 8 +- drivers/scsi/scsi_lib.c | 2 +- drivers/scsi/scsi_priv.h | 2 +- drivers/soc/xilinx/xlnx_event_manager.c | 7 +- drivers/spmi/spmi-mtk-pmif.c | 7 +- drivers/staging/vme_user/vme.c | 2 +- drivers/thermal/thermal_core.c | 30 ++- drivers/tty/serial/8250/8250_pci.c | 58 +++++- drivers/tty/tty_ioctl.c | 4 +- drivers/usb/core/hub.c | 33 ++- drivers/usb/host/xhci-plat.c | 23 ++- drivers/watchdog/it87_wdt.c | 14 +- drivers/watchdog/starfive-wdt.c | 2 + drivers/xen/gntdev-dmabuf.c | 50 ++--- fs/9p/v9fs_vfs.h | 1 + fs/9p/vfs_inode.c | 6 +- fs/9p/vfs_inode_dotl.c | 1 + fs/afs/callback.c | 3 +- fs/ceph/caps.c | 9 +- fs/ceph/mds_client.c | 2 +- fs/ceph/quota.c | 39 ++-- fs/dcache.c | 7 +- fs/ecryptfs/inode.c | 8 + fs/erofs/zdata.c | 2 +- fs/erofs/zmap.c | 32 ++- fs/ext4/extents.c | 6 +- fs/ext4/mballoc.c | 11 +- fs/ext4/resize.c | 37 ++-- fs/f2fs/compress.c | 4 +- fs/f2fs/file.c | 2 + fs/f2fs/recovery.c | 25 ++- fs/jfs/jfs_dmap.c | 57 +++--- fs/jfs/jfs_dtree.c | 7 +- fs/jfs/jfs_imap.c | 3 + fs/jfs/jfs_mount.c | 6 +- fs/kernfs/dir.c | 12 ++ fs/ocfs2/namei.c | 8 +- fs/proc/proc_sysctl.c | 9 +- fs/pstore/ram.c | 1 + fs/reiserfs/namei.c | 54 ++--- fs/smb/client/cifsglob.h | 30 ++- fs/smb/client/cifsproto.h | 15 +- fs/smb/client/cifssmb.c | 17 +- fs/smb/client/inode.c | 3 +- fs/smb/client/link.c | 4 +- fs/smb/client/sess.c | 14 +- fs/smb/client/smb2inode.c | 55 +++-- fs/smb/client/smb2proto.h | 16 +- fs/tracefs/event_inode.c | 117 +++++++---- fs/tracefs/inode.c | 198 ++++++++++-------- fs/tracefs/internal.h | 4 +- include/asm-generic/numa.h | 2 + include/asm-generic/unaligned.h | 24 +-- include/drm/drm_color_mgmt.h | 1 + include/drm/drm_mipi_dsi.h | 2 + include/linux/avf/virtchnl.h | 1 + include/linux/bpf.h | 2 +- include/linux/irq_work.h | 3 + include/linux/mm_types.h | 3 + include/linux/mmzone.h | 6 +- include/linux/netfilter/ipset/ip_set.h | 4 + include/linux/pci_ids.h | 1 + include/linux/pm_opp.h | 4 +- include/linux/thermal.h | 2 + include/net/af_unix.h | 20 +- include/net/ip.h | 2 +- include/net/netfilter/nf_tables.h | 2 + kernel/audit.c | 31 ++- kernel/bpf/arraymap.c | 23 ++- kernel/bpf/helpers.c | 15 +- kernel/bpf/syscall.c | 6 + kernel/events/core.c | 38 ++-- kernel/sched/fair.c | 56 +++++- lib/debugobjects.c | 200 ++++++++----------- lib/fw_table.c | 30 +-- lib/kunit/executor.c | 4 + lib/kunit/test.c | 15 +- net/bluetooth/hci_sync.c | 10 +- net/bluetooth/iso.c | 51 ++++- net/bluetooth/l2cap_core.c | 3 +- net/bpf/test_run.c | 2 +- net/bridge/br_cfm_netlink.c | 2 +- net/bridge/br_multicast.c | 20 +- net/bridge/br_private.h | 4 +- net/devlink/port.c | 2 +- net/ipv4/ip_output.c | 12 +- net/ipv4/ip_sockglue.c | 6 +- net/ipv4/ipmr.c | 2 +- net/ipv4/raw.c | 2 +- net/ipv4/tcp.c | 12 +- net/ipv4/udp.c | 2 +- net/ipv6/addrconf_core.c | 21 +- net/ipv6/ip6_tunnel.c | 21 +- net/kcm/kcmsock.c | 2 +- net/llc/af_llc.c | 2 + net/netfilter/ipset/ip_set_bitmap_gen.h | 14 +- net/netfilter/ipset/ip_set_core.c | 37 +++- net/netfilter/ipset/ip_set_hash_gen.h | 15 +- net/netfilter/ipset/ip_set_list_set.c | 13 +- net/netfilter/nf_conntrack_proto_tcp.c | 10 +- net/netfilter/nf_log.c | 7 +- net/netfilter/nf_tables_api.c | 14 +- net/netfilter/nft_ct.c | 24 +++ net/netfilter/nft_tunnel.c | 1 + net/rxrpc/conn_service.c | 3 +- net/smc/smc_clc.c | 14 ++ net/sunrpc/xprtmultipath.c | 17 +- net/unix/af_unix.c | 14 +- net/unix/diag.c | 2 +- net/wireless/scan.c | 4 + sound/hda/hdac_stream.c | 9 +- sound/hda/intel-dsp-config.c | 10 + sound/pci/hda/hda_intel.c | 2 + sound/pci/hda/patch_conexant.c | 115 ++++++++++- sound/soc/amd/acp-config.c | 15 +- sound/soc/codecs/lpass-wsa-macro.c | 7 - sound/soc/codecs/rtq9128.c | 73 ++++--- sound/soc/codecs/wcd938x.c | 2 +- sound/soc/codecs/wsa883x.c | 6 +- sound/soc/qcom/sc8280xp.c | 12 +- tools/build/feature/test-libopencsd.c | 4 +- tools/lib/bpf/libbpf.c | 2 + tools/lib/bpf/libbpf_common.h | 13 +- tools/lib/subcmd/help.c | 18 +- tools/testing/kunit/kunit_parser.py | 4 +- tools/testing/selftests/bpf/cgroup_helpers.c | 18 +- tools/testing/selftests/bpf/prog_tests/btf.c | 6 +- tools/testing/selftests/bpf/prog_tests/tc_opts.c | 6 +- tools/testing/selftests/bpf/progs/pyperf180.c | 22 ++ .../selftests/bpf/progs/test_global_func17.c | 1 + tools/testing/selftests/bpf/veristat.c | 2 +- tools/testing/selftests/bpf/xdp_hw_metadata.c | 2 +- .../selftests/drivers/net/bonding/lag_lib.sh | 11 + tools/testing/selftests/drivers/net/team/config | 4 +- tools/testing/selftests/net/Makefile | 5 +- tools/testing/selftests/net/config | 16 ++ tools/testing/selftests/net/pmtu.sh | 18 +- tools/testing/selftests/net/setup_veth.sh | 2 +- tools/testing/selftests/net/udpgro.sh | 4 +- tools/testing/selftests/net/udpgro_bench.sh | 4 +- tools/testing/selftests/net/udpgro_frglist.sh | 6 +- tools/testing/selftests/net/udpgro_fwd.sh | 8 +- tools/testing/selftests/net/veth.sh | 4 +- tools/testing/selftests/net/xdp_dummy.c | 13 ++ tools/testing/selftests/nolibc/nolibc-test.c | 4 +- tools/testing/selftests/sgx/test_encl.lds | 6 +- 516 files changed, 4678 insertions(+), 2639 deletions(-)

1 year, 7 months

9
8
0 0

[PATCH 6.6 000/322] 6.6.16-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.16 release. There are 322 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon, 05 Feb 2024 03:51:47 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.16-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.16-rc1 Zhengchao Shao <shaozhengchao(a)huawei.com> bonding: remove print in bond_verify_device_path Yonghong Song <yonghong.song(a)linux.dev> selftests/bpf: Remove flaky test_btf_id test Huacai Chen <chenhuacai(a)kernel.org> LoongArch/smp: Call rcutree_report_cpu_starting() at tlb_init() Konrad Dybcio <konrad.dybcio(a)linaro.org> drm/msm/dsi: Enable runtime PM Jonathan Gray <jsg(a)jsg.id.au> Revert "drm/amd/display: Disable PSR-SU on Parade 0803 TCON again" Marco Elver <elver(a)google.com> mm, kmsan: fix infinite recursion due to RCU critical section Huang Shijie <shijie(a)os.amperecomputing.com> arm64: irq: set the correct node for shadow call stack Paolo Abeni <pabeni(a)redhat.com> selftests: net: enable some more knobs Jakub Kicinski <kuba(a)kernel.org> selftests: net: add missing config for NF_TARGET_TTL Benjamin Poirier <bpoirier(a)nvidia.com> selftests: bonding: Check initial state Benjamin Poirier <bpoirier(a)nvidia.com> selftests: team: Add missing config options Breno Leitao <leitao(a)debian.org> net: sysfs: Fix /sys/class/net/<iface> path Geetha sowjanya <gakula(a)marvell.com> octeontx2-pf: Remove xdp queues on program detach Paolo Abeni <pabeni(a)redhat.com> selftests: net: don't access /dev/stdout in pmtu.sh Paolo Abeni <pabeni(a)redhat.com> selftests: net: fix available tunnels detection Paolo Abeni <pabeni(a)redhat.com> selftests: net: add missing config for pmtu.sh tests Jakub Kicinski <kuba(a)kernel.org> selftests: net: add missing config for nftables-backed iptables Brett Creeley <brett.creeley(a)amd.com> pds_core: Rework teardown/setup flow to be more common Brett Creeley <brett.creeley(a)amd.com> pds_core: Clear BARs on reset Brett Creeley <brett.creeley(a)amd.com> pds_core: Prevent race issues involving the adminq Shannon Nelson <shannon.nelson(a)amd.com> pds_core: implement pci reset handlers Brett Creeley <brett.creeley(a)amd.com> pds_core: Use struct pdsc for the pdsc_adminq_isr private data Brett Creeley <brett.creeley(a)amd.com> pds_core: Cancel AQ work on teardown Eric Dumazet <edumazet(a)google.com> af_unix: fix lockdep positive in sk_diag_dump_icons() Zhipeng Lu <alexious(a)zju.edu.cn> net: ipv4: fix a memleak in ip_setup_cork Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: fix performance regression in swap operation Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV Ryan Schaefer <ryanschf(a)amazon.com> netfilter: conntrack: correct window scaling with retransmitted SYN Matthias May <Matthias.May(a)westermo.com> selftests: net: add missing config for GENEVE Parav Pandit <parav(a)nvidia.com> devlink: Fix referring to hw_addr attribute during state validation Linus Lüssing <linus.luessing(a)c0d3.blue> bridge: mcast: fix disabled snooping after long uptime Ido Schimmel <idosch(a)nvidia.com> selftests: net: Add missing matchall classifier Eric Dumazet <edumazet(a)google.com> llc: call sock_orphan() at release time Helge Deller <deller(a)kernel.org> ipv6: Ensure natural alignment of const ipv6 loopback and router addresses Michal Vokáč <michal.vokac(a)ysoft.com> net: dsa: qca8k: fix illegal usage of GPIO Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbe: Refactor overtemp event handling Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbe: Refactor returning internal error codes Jacob Keller <jacob.e.keller(a)intel.com> e1000e: correct maximum frequency adjustment values Eric Dumazet <edumazet(a)google.com> tcp: add sanity checks to rx zerocopy Horatiu Vultur <horatiu.vultur(a)microchip.com> net: lan966x: Fix port configuration when using SGMII interface Nicolas Dichtel <nicolas.dichtel(a)6wind.com> ipmr: fix kernel panic when forwarding mcast packets Daniel Golle <daniel(a)makrotopia.org> net: dsa: mt7530: fix 10M/100M speed on MT7988 switch Eric Dumazet <edumazet(a)google.com> ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() Paolo Abeni <pabeni(a)redhat.com> selftests: net: give more time for GRO aggregation Paolo Abeni <pabeni(a)redhat.com> selftests: net: add missing required classifier Paolo Abeni <pabeni(a)redhat.com> selftests: net: add missing config for big tcp tests Daniel Golle <daniel(a)makrotopia.org> net: phy: mediatek-ge-soc: sync driver with MediaTek SDK Daniel Golle <daniel(a)makrotopia.org> net: ethernet: mtk_eth_soc: set DMA coherent mask to get PPE working Praveen Kaligineedi <pkaligineedi(a)google.com> gve: Fix skb truesize underestimation Paolo Abeni <pabeni(a)redhat.com> selftests: net: explicitly wait for listener ready Paolo Abeni <pabeni(a)redhat.com> selftests: net: remove dependency on ebpf tests Su Hui <suhui(a)nfschina.com> HID: hidraw: fix a problem of memory leak in hidraw_release() Ming Lei <ming.lei(a)redhat.com> scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler Romain Naour <romain.naour(a)skf.com> regulator: ti-abb: don't use devm_platform_ioremap_resource_byname for shared interrupt register Marco Pagani <marpagan(a)redhat.com> kunit: run test suites only after module initialization completes Su Hui <suhui(a)nfschina.com> scsi: isci: Fix an error code problem in isci_io_request_build() Alexandre Ghiti <alexghiti(a)rivosinc.com> riscv: Fix build error on rv32 + XIP Jonathan Kim <jonathan.kim(a)amd.com> drm/amdkfd: only flush mes process context if mes support is there Stephen Rothwell <sfr(a)canb.auug.org.au> drm: using mul_u32_u32() requires linux/math64.h Edward Adam Davis <eadavis(a)qq.com> wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update Peter Zijlstra <peterz(a)infradead.org> perf: Fix the nr_addr_filters fix Tim Lunn <tim(a)feathertop.org> i2c: rk3x: Adjust mask/value offset for i2c2 on rv1126 Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: fix avg vs input power reporting on smu7 Wenchao Hao <haowenchao2(a)huawei.com> ceph: fix invalid pointer access if get_quota_realm return ERR_PTR Xiubo Li <xiubli(a)redhat.com> ceph: fix deadlock or deadcode of misusing dget() Venky Shankar <vshankar(a)redhat.com> ceph: reinitialize mds feature bit even when session in open Ming Lei <ming.lei(a)redhat.com> blk-mq: fix IO hang from sbitmap wakeup race Zhu Yanjun <yanjun.zhu(a)linux.dev> virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings Philip Yang <Philip.Yang(a)amd.com> drm/amdkfd: Fix lock dependency warning with srcu Felix Kuehling <felix.kuehling(a)amd.com> drm/amdkfd: Fix lock dependency warning Ian Rogers <irogers(a)google.com> libsubcmd: Fix memory leak in uniq() Hans de Goede <hdegoede(a)redhat.com> misc: lis3lv02d_i2c: Add missing setting of the reg_ctrl callback Yinbo Zhu <zhuyinbo(a)loongson.cn> usb: xhci-plat: fix usb disconnect issue after s4 David Howells <dhowells(a)redhat.com> 9p: Fix initialisation of netfs_inode for 9p Bjorn Helgaas <bhelgaas(a)google.com> PCI/AER: Decode Requester ID when no error info found Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> PCI: Fix 64GT/s effective data rate calculation Yu-Che Cheng <giver(a)chromium.org> spmi: mediatek: Fix UAF on device remove Max Kellermann <max.kellermann(a)ionos.com> fs/kernfs/dir: obey S_ISGID Adrian Reber <areber(a)redhat.com> tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE Jo Van Bulck <jo.vanbulck(a)cs.kuleuven.be> selftests/sgx: Fix linker script asserts Hardik Gajjar <hgajjar(a)de.adit-jv.com> usb: hub: Add quirk to decrease IN-ep poll interval for Microchip USB491x hub Hardik Gajjar <hgajjar(a)de.adit-jv.com> usb: hub: Replace hardcoded quirk value with BIT() macro Yaxiong Tian <tianyaxiong(a)kylinos.cn> extcon: fix possible name leak in extcon_dev_register() Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: fix possible null pointer deref during xhci urb enqueue James Clark <james.clark(a)arm.com> perf cs-etm: Bump minimum OpenCSD version to ensure a bugfix is present Daniel Stodden <dns(a)arista.com> PCI: switchtec: Fix stdev_release() crash after surprise hot remove Guilherme G. Piccoli <gpiccoli(a)igalia.com> PCI: Only override AMD USB controller if required Xiaowu.ding <xiaowu.ding(a)jaguarmicro.com> mailbox: arm_mhuv2: Fix a bug for mhuv2_sender_interrupt Peter Robinson <pbrobinson(a)gmail.com> mfd: ti_am335x_tscadc: Fix TI SoC dependencies Oleksandr Tyshchenko <oleksandr_tyshchenko(a)epam.com> xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import Frederik Haxel <haxel(a)fzi.de> riscv: Make XIP bootable again Harshit Shah <harshitshah.opendev(a)gmail.com> i3c: master: cdns: Update maximum prescaler value for i2c clock Johannes Berg <johannes.berg(a)intel.com> um: time-travel: fix time corruption Nathan Chancellor <nathan(a)kernel.org> um: net: Fix return type of uml_net_start_xmit() Benjamin Berg <benjamin(a)sipsolutions.net> um: Don't use vfprintf() for os_info() Anton Ivanov <anton.ivanov(a)cambridgegreys.com> um: Fix naming clash between UML and scheduler Heiner Kallweit <hkallweit1(a)gmail.com> leds: trigger: panic: Don't register panic notifier if creating the trigger failed Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> pinctrl: baytrail: Fix types of config value in byt_pin_config_set() bo liu <bo.liu(a)senarytech.com> ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: apply the RV2 system aperture fix to RN/CZN as well Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' Ivan Lipski <ivlipski(a)amd.com> Re-revert "drm/amd/display: Enable Replay for static screen use cases" Felix Kuehling <Felix.Kuehling(a)amd.com> drm/amdgpu: Let KFD sync with VM fences Meenakshikumar Somasundaram <meenakshikumar.somasundaram(a)amd.com> drm/amd/display: Fix minor issues in BW Allocation Phase2 Stanley.Yang <Stanley.Yang(a)amd.com> drm/amdgpu: Fix ecc irq enable/disable unpaired Alexander Stein <alexander.stein(a)ew.tq-group.com> clk: imx: clk-imx8qxp: fix LVDS bypass, pixel and phy clocks Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: Only clear symclk otg flag for HDMI Josip Pavic <josip.pavic(a)amd.com> drm/amd/display: make flip_timestamp_in_us a 64-bit variable Oded Gabbay <ogabbay(a)kernel.org> accel/habanalabs: add support for Gaudi2C device Werner Fischer <devlists(a)wefi.net> watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 Ben Dooks <ben.dooks(a)codethink.co.uk> watchdog: starfive: add lock annotations to fix context imbalances Kuan-Wei Chiu <visitorckw(a)gmail.com> clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() Kuan-Wei Chiu <visitorckw(a)gmail.com> clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() Wang, Beyond <Wang.Beyond(a)amd.com> drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap Abhinav Kumar <quic_abhinavk(a)quicinc.com> drm/msm/dpu: fix writeback programming for YUV cases Rob Clark <robdclark(a)chromium.org> drm/msm/dpu: Ratelimit framedone timeout msgs Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: enable writeback on SM8450 Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: enable writeback on SM8350 Jonathan Kim <jonathan.kim(a)amd.com> drm/amdkfd: fix mes set shader debugger process management Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: Force p-state disallow if leaving no plane config Alvin Lee <alvin.lee2(a)amd.com> drm/amd/display: For prefetch mode > 0, extend prefetch if possible Kieran Bingham <kieran.bingham(a)ideasonboard.com> media: i2c: imx335: Fix hblank min/max values Su Hui <suhui(a)nfschina.com> media: ddbridge: fix an error code problem in ddb_probe Ming Qian <ming.qian(a)nxp.com> media: amphion: remove mutext lock in condition of wait_event Daniel Vacek <neelx(a)redhat.com> IB/ipoib: Fix mcast list locking Douglas Anderson <dianders(a)chromium.org> drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time Chao Yu <chao(a)kernel.org> f2fs: fix to tag gcing flag on page during block migration James Seo <james(a)equiv.tech> hwmon: (hp-wmi-sensors) Fix failure to load on EliteDesk 800 G6 Xing Tong Wu <xingtong.wu(a)siemens.com> hwmon: (nct6775) Fix fan speed set failure in automatic mode Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: resizer: Stop manual allocation of v4l2_subdev_state Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Fix IRQ disable race issue Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Store IRQ lines Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Fix IRQ handler return values Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: rkisp1: Drop IRQF_SHARED Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Fix power line control for SunplusIT camera Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Fix power line control for a Chicony camera Neil Armstrong <neil.armstrong(a)linaro.org> drm/msm/dp: Add DisplayPort controller for SM8650 Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ALSA: hda: Intel: add HDA_ARL PCI ID support Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> PCI: add INTEL_HDA_ARL to pci_ids.h Michael Tretter <m.tretter(a)pengutronix.de> media: rockchip: rga: fix swizzling for RGB formats Ghanshyam Agrawal <ghanshyam1898(a)gmail.com> media: stk1160: Fixed high volume of stk1160_dbg messages Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/mipi-dsi: Fix detach call without attach Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/framebuffer: Fix use of uninitialized variable Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/drm_file: fix use of uninitialized variable Ilya Bakoulin <ilya.bakoulin(a)amd.com> drm/amd/display: Fix MST PBN/X.Y value calculations Venkata Prasad Potturu <venkataprasad.potturu(a)amd.com> ASoC: amd: Add new dmi entries for acp5x platform Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix write pointers on zoned device after roll forward Meenakshikumar Somasundaram <meenakshikumar.somasundaram(a)amd.com> drm/amd/display: Fix tiled display misalignment Xin Ji <xji(a)analogixsemi.com> drm/bridge: anx7625: Fix Set HPD irq detect window to 2ms Hsin-Yi Wang <hsinyi(a)chromium.org> drm/panel-edp: Add override_edid_mode quirk for generic edp Jack Wang <jinpu.wang(a)ionos.com> RDMA/IPoIB: Fix error code return in ipoib_mcast_join Jan Kara <jack(a)suse.cz> reiserfs: Avoid touching renamed directory if parent does not change Al Viro <viro(a)zeniv.linux.org.uk> fast_dput(): handle underflows gracefully Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument Takashi Iwai <tiwai(a)suse.de> ALSA: hda: Refer to correct stream index at loops Chao Yu <chao(a)kernel.org> f2fs: fix to check return value of f2fs_reserve_new_block() Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: qca8k: put MDIO bus OF node on qca8k_mdio_register() failure Mina Almasry <almasrymina(a)google.com> net: kcm: fix direct access to bv_len Suman Ghosh <sumang(a)marvell.com> octeontx2-af: Fix max NPC MCAM entry check while validating ref_entry Andrii Staikov <andrii.staikov(a)intel.com> i40e: Fix VF disable behavior to block all traffic Chunyan Zhang <chunyan.zhang(a)unisoc.com> arm64: dts: sprd: Change UMS512 idle-state nodename to match bindings Chunyan Zhang <chunyan.zhang(a)unisoc.com> arm64: dts: sprd: Add clock reference for pll2 on UMS512 Lin Ma <linma(a)zju.edu.cn> bridge: cfm: fix enum typo in br_cc_ccm_tx_parse Wen Gu <guwen(a)linux.alibaba.com> net/smc: disable SEID on non-s390 archs where virtual ISM may be used Frédéric Danis <frederic.danis(a)collabora.com> Bluetooth: L2CAP: Fix possible multiple reject send clancy shang <clancy.shang(a)quectel.com> Bluetooth: hci_sync: fix BR/EDR wakeup bug Iulia Tanasescu <iulia.tanasescu(a)nxp.com> Bluetooth: ISO: Avoid creating child socket if PA sync is terminating Zijun Hu <quic_zijuhu(a)quicinc.com> Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066 Benjamin Berg <benjamin.berg(a)intel.com> wifi: cfg80211: free beacon_ies when overridden from hidden BSS Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() Mingyi Zhang <zhangmingyi5(a)huawei.com> libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos Ching-Te Ku <ku920601(a)realtek.com> wifi: rtw89: coex: Fix wrong Wi-Fi role info and FDDT parameter members Zenm Chen <zenmchen(a)gmail.com> wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices Xianwei Zhao <xianwei.zhao(a)amlogic.com> arm64: dts: amlogic: fix format for s4 uart node Jesse Brandeburg <jesse.brandeburg(a)intel.com> ice: fix pre-shifted bit usage Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: Fix coresight warnings in in-ports and out-ports Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property Mao Jinlong <quic_jinlmao(a)quicinc.com> arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property Alex Lyakas <alex.lyakas(a)zadara.com> md: Whenassemble the array, consult the superblock of the freshest device Christoph Hellwig <hch(a)lst.de> block: prevent an integer overflow in bvec_try_merge_hw_page Tobias Waldekranz <tobias(a)waldekranz.com> net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error path Igor Russkikh <irusskikh(a)marvell.com> net: atlantic: eliminate double free in error handling logic Ahmed Zaki <ahmed.zaki(a)intel.com> ice: fix ICE_AQ_VSI_Q_OPT_RSS_* register values Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Set .phy_attached before notifing phyup event HISI_PHYE_PHY_UP_PM Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Move determination of vmid_flag after VMID reinitialization completes Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Reinitialize an NPIV's VMID data structures after FDISC Fabio Estevam <festevam(a)denx.de> ARM: dts: imx23/28: Fix the DMA controller node name Fabio Estevam <festevam(a)denx.de> ARM: dts: imx23-sansa: Use preferred i2c-gpios properties Fabio Estevam <festevam(a)denx.de> ARM: dts: imx27-apf27dev: Fix LED name Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25/27: Pass timing0 Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25: Fix the iim compatible string Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: fix compiler warnings in RELEASE=1 mode Michal Simek <michal.simek(a)amd.com> arm64: zynqmp: Fix clock node name in kv260 cards Michal Simek <michal.simek(a)amd.com> arm64: zynqmp: Move fixed clock to / for kv260 Kees Cook <keescook(a)chromium.org> block/rnbd-srv: Check for unlikely string overflow Shannon Nelson <shannon.nelson(a)amd.com> ionic: bypass firmware cmds when stuck in reset Shannon Nelson <shannon.nelson(a)amd.com> ionic: pass opcode to devcmd_wait Christian Marangi <ansuelsmth(a)gmail.com> net: phy: at803x: fix passing the wrong reference for config_intr Fabio Estevam <festevam(a)denx.de> ARM: dts: imx1: Fix sram node Fabio Estevam <festevam(a)denx.de> ARM: dts: imx27: Fix sram node Fabio Estevam <festevam(a)denx.de> ARM: dts: imx: Use flash@0,0 pattern Fabio Estevam <festevam(a)denx.de> ARM: dts: imx25/27-eukrea: Fix RTC node name Johan Jonker <jbx6244(a)gmail.com> ARM: dts: rockchip: fix rk3036 hdmi ports node Lingbo Kong <quic_lingbok(a)quicinc.com> wifi: ath12k: fix the issue that the multicast/broadcast indicator is not read correctly for WCN7850 Dmitry Antipov <dmantipov(a)yandex.ru> wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() Hou Tao <houtao1(a)huawei.com> bpf: Set uattr->batch.count as zero before batched update or deletion StanleyYP Wang <StanleyYP.Wang(a)mediatek.com> wifi: mt76: mt7996: add PCI IDs for mt7992 MeiChia Chiu <meichia.chiu(a)mediatek.com> wifi: mt76: connac: fix EHT phy mode check Nia Espera <nespera(a)igalia.com> arm64: dts: qcom: sm8350: Fix remoteproc interrupt type Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: qcom: sm8450: fix soundwire controllers node name Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: qcom: sm8550: fix soundwire controllers node name Tobias Waldekranz <tobias(a)waldekranz.com> net: mvmdio: Avoid excessive sleeps in polled mode David Laight <David.Laight(a)ACULAB.COM> minmax: relax check to allow comparison between unsigned arguments and signed constants David Laight <David.Laight(a)ACULAB.COM> minmax: allow comparisons of 'int' against 'unsigned char/short' David Laight <David.Laight(a)ACULAB.COM> minmax: fix indentation of __cmp_once() and __clamp_once() David Laight <David.Laight(a)ACULAB.COM> minmax: allow min()/max()/clamp() if the arguments have the same signedness. David Laight <David.Laight(a)ACULAB.COM> minmax: add umin(a, b) and umax(a, b) Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> minmax: fix header inclusions Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> minmax: deduplicate __unconst_integer_typeof() Hannes Reinecke <hare(a)suse.de> scsi: libfc: Fix up timeout error in fc_fcp_rec_error() Hannes Reinecke <hare(a)suse.de> scsi: libfc: Don't schedule abort twice Kang Yang <quic_kangyang(a)quicinc.com> wifi: ath12k: fix and enable AP mode for WCN7850 Hou Tao <houtao1(a)huawei.com> bpf: Set need_defer as false when clearing fd array during map free Hou Tao <houtao1(a)huawei.com> bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers Chih-Kang Chang <gary.chang(a)realtek.com> wifi: rtw89: fix misbehavior of TX beacon in concurrent mode Baochen Qiang <quic_bqiang(a)quicinc.com> wifi: ath11k: fix race due to setting ATH11K_FLAG_EXT_IRQ_ENABLED too early Minsuk Kang <linuxlovemin(a)yonsei.ac.kr> wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Yonghong Song <yonghong.song(a)linux.dev> bpf: Fix a few selftest failures due to llvm18 change Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7s: Fix nand-controller #size-cells Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7s: Fix lcdif compatible Alexander Stein <alexander.stein(a)ew.tq-group.com> ARM: dts: imx7d: Fix coresight funnel ports ching Huang <ching2048(a)areca.com.tw> scsi: arcmsr: Support new PCI device IDs 1883 and 1886 Sumit Saxena <sumit.saxena(a)broadcom.com> scsi: mpi3mr: Add PCI checks where SAS5116 diverges from SAS4116 Sumit Saxena <sumit.saxena(a)broadcom.com> scsi: mpi3mr: Add support for SAS5116 PCI IDs Jose Ignacio Tornos Martinez <jtornosm(a)redhat.com> net: usb: ax88179_178a: avoid two consecutive device resets Zhengchao Shao <shaozhengchao(a)huawei.com> bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk Ido Schimmel <idosch(a)nvidia.com> PCI: Add no PM reset quirk for NVIDIA Spectrum devices Kory Maincent <kory.maincent(a)bootlin.com> net: phy: micrel: fix ts_info value in case of no phc Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: samsung: s5pv210: fix camera unit addresses/ranges Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: samsung: exynos4: fix camera unit addresses/ranges Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Fix possible file string name overflow when updating firmware Tanmay Shah <tanmay.shah(a)xilinx.com> soc: xilinx: fix unhandled SGI warning message HariBabu Gattem <haribabu.gattem(a)xilinx.com> soc: xilinx: Fix for call trace due to the usage of smp_processor_id() Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: msm8960: fix PMIC node labels Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: msm8660: fix PMIC node labels Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: mdm9615: fix PMIC node labels Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: strip prefix from PMIC files Yafang Shao <laoar.shao(a)gmail.com> selftests/bpf: Fix issues in setup_classid_environment() Shiji Yang <yangshiji66(a)outlook.com> wifi: rt2x00: correct wrong BBP register in RxDCOC calibration Yonghong Song <yonghong.song(a)linux.dev> selftests/bpf: Fix pyperf180 compilation failure with clang18 Yonghong Song <yonghong.song(a)linux.dev> libbpf: Fix potential uninitialized tail padding with LIBBPF_OPTS_RESET Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: satisfy compiler by having explicit return in btf test Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: fix RELEASE=1 build for tc_opts Shiji Yang <yangshiji66(a)outlook.com> wifi: rt2x00: restart beacon queue when hardware reset Dmitry Antipov <dmantipov(a)yandex.ru> wifi: rtw89: fix timeout calculation in rtw89_roc_end() Baokun Li <libaokun1(a)huawei.com> ext4: avoid online resizing failures due to oversized flex bg Baokun Li <libaokun1(a)huawei.com> ext4: remove unnecessary check from alloc_flex_gd() Baokun Li <libaokun1(a)huawei.com> ext4: unify the type of flexbg_size to unsigned int Ye Bin <yebin10(a)huawei.com> ext4: fix inconsistent between segment fstrim and full fstrim Gabriel Krisman Bertazi <krisman(a)suse.de> ecryptfs: Reject casefold directory inodes Paulo Alcantara <pc(a)manguebit.com> smb: client: fix hardlinking of reparse points Paulo Alcantara <pc(a)manguebit.com> smb: client: fix renaming of reparse points Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: treat end of range as exclusive in ext4_zero_range() Anna Schumaker <Anna.Schumaker(a)Netapp.com> SUNRPC: Fix a suspicious RCU usage warning Joel Granados <j.granados(a)samsung.com> sysctl: Fix out of bounds access for empty sysctl registers Heiko Carstens <hca(a)linux.ibm.com> KVM: s390: fix setting of fpc register Heiko Carstens <hca(a)linux.ibm.com> s390/ptrace: handle setting of fpc register correctly Tony Krowiak <akrowiak(a)linux.ibm.com> s390/vfio-ap: fix sysfs status attribute for AP queue devices Arnd Bergmann <arnd(a)arndb.de> arch: consolidate arch_irq_work_raise prototypes Alexander Gordeev <agordeev(a)linux.ibm.com> s390/boot: always align vmalloc area on segment boundary Edward Adam Davis <eadavis(a)qq.com> jfs: fix array-index-out-of-bounds in diNewExt Oleg Nesterov <oleg(a)redhat.com> rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() Oleg Nesterov <oleg(a)redhat.com> afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() Oleg Nesterov <oleg(a)redhat.com> afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> crypto: stm32/crc32 - fix parsing list of devices Gao Xiang <xiang(a)kernel.org> erofs: fix ztailpacking for subpage compressed blocks Bharat Bhushan <bbhushan2(a)marvell.com> crypto: octeontx2 - Fix cptvf driver cleanup Jia Jie Ho <jiajie.ho(a)starfivetech.com> crypto: starfive - Fix dev_err_probe return error Gao Xiang <xiang(a)kernel.org> erofs: fix up compacted indexes for block size < 4096 Weichen Chen <weichen.chen(a)mediatek.com> pstore/ram: Fix crash when setting number of cpus to an odd number Gustavo A. R. Silva <gustavoars(a)kernel.org> crypto: p10-aes-gcm - Avoid -Wstringop-overflow warnings Jia Jie Ho <jiajie.ho(a)starfivetech.com> hwrng: starfive - Fix dev_err_probe return error Edward Adam Davis <eadavis(a)qq.com> jfs: fix uaf in jfs_evict_inode Manas Ghandat <ghandatmanas(a)gmail.com> jfs: fix array-index-out-of-bounds in dbAdjTree Manas Ghandat <ghandatmanas(a)gmail.com> jfs: fix slab-out-of-bounds Read in dtSearch Osama Muhammad <osmtendev(a)gmail.com> UBSAN: array-index-out-of-bounds in dtSplitRoot Osama Muhammad <osmtendev(a)gmail.com> FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> thermal: core: Fix thermal zone suspend-resume synchronization Shuai Xue <xueshuai(a)linux.alibaba.com> ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events Mukesh Ojha <quic_mojha(a)quicinc.com> PM / devfreq: Synchronize devfreq_monitor_[start/stop] Rae Moar <rmoar(a)google.com> kunit: tool: fix parsing of test attributes Yuntao Wang <ytcoode(a)gmail.com> ACPI: NUMA: Fix the logic of getting the fake_pxm value Thomas Weißschuh <linux(a)weissschuh.net> selftests/nolibc: fix testcase status alignment Prarit Bhargava <prarit(a)redhat.com> ACPI: extlog: fix NULL pointer dereference check Dmitry Antipov <dmantipov(a)yandex.ru> PNP: ACPI: fix fortify warning Yuluo Qiu <qyl27(a)outlook.com> ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop Chris Riches <chris.riches(a)nutanix.com> audit: Send netlink ACK before setting connection in auditd_set Rui Zhang <zr.zhang(a)vivo.com> regulator: core: Only increment use_count when enable_count changes Andrzej Hajda <andrzej.hajda(a)intel.com> debugobjects: Stop accessing objects after releasing hash bucket lock Greg KH <gregkh(a)linuxfoundation.org> perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file Zhiquan Li <zhiquan1.li(a)intel.com> x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel Naveen N Rao <naveen(a)kernel.org> powerpc/lib: Validate size for vector operations Stephen Rothwell <sfr(a)canb.auug.org.au> powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE Jun'ichi Nomura <junichi.nomura(a)nec.com> x86/boot: Ignore NMIs during very early boot Michael Ellerman <mpe(a)ellerman.id.au> powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping() Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() Michael Ellerman <mpe(a)ellerman.id.au> powerpc: Fix build error due to is_valid_bugaddr() Mark Rutland <mark.rutland(a)arm.com> drivers/perf: pmuv3: don't expose SW_INCR event in sysfs Huang Shijie <shijie(a)os.amperecomputing.com> arm64: irq: set the correct node for VMAP stack Kunwu Chan <chentao(a)kylinos.cn> powerpc/mm: Fix null-pointer dereference in pgtable_cache_add Dmitry Torokhov <dmitry.torokhov(a)gmail.com> asm-generic: make sparse happy with odd-sized put_unaligned_*() Benjamin Gray <bgray(a)linux.ibm.com> Documentation/sphinx: fix Python string escapes ------------- Diffstat: Documentation/ABI/testing/sysfs-class-net-queues | 22 +- Documentation/sound/soc/dapm.rst | 2 +- Documentation/sphinx/cdomain.py | 2 +- Documentation/sphinx/kernel_abi.py | 2 +- Documentation/sphinx/kernel_feat.py | 2 +- Documentation/sphinx/kerneldoc.py | 2 +- Documentation/sphinx/maintainers_include.py | 8 +- Makefile | 4 +- arch/arm/boot/dts/nxp/imx/imx1-ads.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx1-apf9328.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx1.dtsi | 5 +- .../boot/dts/nxp/imx/imx25-eukrea-cpuimx25.dtsi | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-cmo-qvga.dts | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-dvi-svga.dts | 2 +- .../imx25-eukrea-mbimxsd25-baseboard-dvi-vga.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx25-pdk.dts | 2 +- arch/arm/boot/dts/nxp/imx/imx25.dtsi | 2 +- arch/arm/boot/dts/nxp/imx/imx27-apf27dev.dts | 4 +- .../boot/dts/nxp/imx/imx27-eukrea-cpuimx27.dtsi | 4 +- .../nxp/imx/imx27-eukrea-mbimxsd27-baseboard.dts | 2 +- .../dts/nxp/imx/imx27-phytec-phycard-s-rdk.dts | 2 +- .../boot/dts/nxp/imx/imx27-phytec-phycore-rdk.dts | 2 +- .../boot/dts/nxp/imx/imx27-phytec-phycore-som.dtsi | 2 +- arch/arm/boot/dts/nxp/imx/imx27.dtsi | 3 + arch/arm/boot/dts/nxp/imx/imx7d.dtsi | 3 - arch/arm/boot/dts/nxp/imx/imx7s.dtsi | 10 +- arch/arm/boot/dts/nxp/mxs/imx23-sansa.dts | 12 +- arch/arm/boot/dts/nxp/mxs/imx23.dtsi | 2 +- arch/arm/boot/dts/nxp/mxs/imx28.dtsi | 2 +- .../dts/qcom/{qcom-pm8226.dtsi => pm8226.dtsi} | 0 .../dts/qcom/{qcom-pm8841.dtsi => pm8841.dtsi} | 0 .../dts/qcom/{qcom-pm8941.dtsi => pm8941.dtsi} | 0 .../dts/qcom/{qcom-pma8084.dtsi => pma8084.dtsi} | 0 .../boot/dts/qcom/{qcom-pmx55.dtsi => pmx55.dtsi} | 0 .../boot/dts/qcom/{qcom-pmx65.dtsi => pmx65.dtsi} | 0 .../boot/dts/qcom/qcom-apq8026-asus-sparrow.dts | 2 +- .../boot/dts/qcom/qcom-apq8026-huawei-sturgeon.dts | 2 +- arch/arm/boot/dts/qcom/qcom-apq8026-lg-lenok.dts | 2 +- .../dts/qcom/qcom-apq8026-samsung-matisse-wifi.dts | 2 +- .../arm/boot/dts/qcom/qcom-apq8060-dragonboard.dts | 4 +- .../arm/boot/dts/qcom/qcom-apq8074-dragonboard.dts | 4 +- arch/arm/boot/dts/qcom/qcom-apq8084-ifc6540.dts | 2 +- arch/arm/boot/dts/qcom/qcom-apq8084-mtp.dts | 2 +- arch/arm/boot/dts/qcom/qcom-mdm9615-wp8548.dtsi | 2 +- arch/arm/boot/dts/qcom/qcom-mdm9615.dtsi | 14 +- arch/arm/boot/dts/qcom/qcom-msm8660.dtsi | 16 +- arch/arm/boot/dts/qcom/qcom-msm8960.dtsi | 8 +- .../qcom/qcom-msm8974-lge-nexus5-hammerhead.dts | 4 +- .../dts/qcom/qcom-msm8974-sony-xperia-rhine.dtsi | 4 +- .../dts/qcom/qcom-msm8974pro-fairphone-fp2.dts | 4 +- .../dts/qcom/qcom-msm8974pro-oneplus-bacon.dts | 4 +- .../boot/dts/qcom/qcom-msm8974pro-samsung-klte.dts | 2 +- .../qcom-msm8974pro-sony-xperia-shinano-castor.dts | 4 +- arch/arm/boot/dts/qcom/qcom-sdx55-mtp.dts | 2 +- arch/arm/boot/dts/qcom/qcom-sdx55-t55.dts | 2 +- .../boot/dts/qcom/qcom-sdx55-telit-fn980-tlb.dts | 2 +- arch/arm/boot/dts/qcom/qcom-sdx65-mtp.dts | 2 +- arch/arm/boot/dts/rockchip/rk3036.dtsi | 14 +- arch/arm/boot/dts/samsung/exynos4.dtsi | 26 +-- arch/arm/boot/dts/samsung/exynos4x12.dtsi | 17 +- arch/arm/boot/dts/samsung/s5pv210.dtsi | 18 +- arch/arm/include/asm/irq_work.h | 2 - .../boot/dts/amlogic/meson-s4-s805x2-aq222.dts | 4 +- arch/arm64/boot/dts/amlogic/meson-s4.dtsi | 4 +- arch/arm64/boot/dts/qcom/msm8996.dtsi | 21 ++ arch/arm64/boot/dts/qcom/msm8998.dtsi | 32 +-- arch/arm64/boot/dts/qcom/sdm845.dtsi | 5 +- arch/arm64/boot/dts/qcom/sm8150.dtsi | 5 +- arch/arm64/boot/dts/qcom/sm8250.dtsi | 24 +-- arch/arm64/boot/dts/qcom/sm8350.dtsi | 8 +- arch/arm64/boot/dts/qcom/sm8450.dtsi | 8 +- arch/arm64/boot/dts/qcom/sm8550.dtsi | 8 +- arch/arm64/boot/dts/sprd/ums512.dtsi | 3 +- .../boot/dts/xilinx/zynqmp-sck-kv-g-revA.dtso | 40 ++-- .../boot/dts/xilinx/zynqmp-sck-kv-g-revB.dtso | 42 ++-- arch/arm64/include/asm/irq_work.h | 2 - arch/arm64/kernel/irq.c | 7 +- arch/csky/include/asm/irq_work.h | 2 +- arch/loongarch/kernel/smp.c | 1 - arch/loongarch/mm/tlb.c | 16 +- arch/powerpc/crypto/aes-gcm-p10-glue.c | 2 +- arch/powerpc/include/asm/irq_work.h | 1 - arch/powerpc/include/asm/mmu.h | 4 + arch/powerpc/include/asm/mmzone.h | 8 - arch/powerpc/kernel/traps.c | 2 + arch/powerpc/lib/sstep.c | 10 + arch/powerpc/mm/book3s64/pgtable.c | 2 + arch/powerpc/mm/init-common.c | 5 +- arch/powerpc/mm/mmu_decl.h | 5 + arch/riscv/include/asm/irq_work.h | 2 +- arch/riscv/kernel/head.S | 1 + arch/riscv/mm/init.c | 12 +- arch/s390/boot/ipl_parm.c | 2 +- arch/s390/boot/startup.c | 3 +- arch/s390/include/asm/irq_work.h | 2 - arch/s390/kernel/ptrace.c | 6 +- arch/s390/kvm/kvm-s390.c | 5 - arch/um/drivers/net_kern.c | 2 +- arch/um/include/shared/kern_util.h | 2 +- arch/um/kernel/process.c | 2 +- arch/um/kernel/time.c | 32 ++- arch/um/os-Linux/helper.c | 6 +- arch/um/os-Linux/util.c | 19 +- arch/x86/boot/compressed/ident_map_64.c | 5 + arch/x86/boot/compressed/idt_64.c | 1 + arch/x86/boot/compressed/idt_handlers_64.S | 1 + arch/x86/boot/compressed/misc.h | 1 + arch/x86/include/asm/irq_work.h | 1 - arch/x86/include/asm/kmsan.h | 17 +- arch/x86/kernel/cpu/mce/core.c | 16 ++ block/bio.c | 2 +- block/blk-mq.c | 16 ++ drivers/accel/habanalabs/common/device.c | 3 + drivers/accel/habanalabs/common/habanalabs.h | 2 + drivers/accel/habanalabs/common/habanalabs_drv.c | 3 + drivers/accel/habanalabs/common/mmu/mmu.c | 1 + drivers/accel/habanalabs/common/sysfs.c | 3 + .../habanalabs/include/hw_ip/pci/pci_general.h | 1 + drivers/acpi/acpi_extlog.c | 5 +- drivers/acpi/acpi_video.c | 9 + drivers/acpi/apei/ghes.c | 29 ++- drivers/acpi/numa/srat.c | 4 +- drivers/base/arch_numa.c | 2 +- drivers/block/rnbd/rnbd-srv.c | 19 +- drivers/bluetooth/hci_qca.c | 1 + drivers/char/hw_random/jh7110-trng.c | 2 +- drivers/clk/hisilicon/clk-hi3620.c | 4 +- drivers/clk/imx/clk-imx8qxp.c | 24 ++- drivers/clk/mmp/clk-of-pxa168.c | 3 + drivers/crypto/marvell/octeontx2/otx2_cptlf.c | 6 +- drivers/crypto/marvell/octeontx2/otx2_cptvf_main.c | 3 + drivers/crypto/starfive/jh7110-cryp.c | 2 +- drivers/crypto/stm32/stm32-crc32.c | 2 +- drivers/devfreq/devfreq.c | 24 ++- drivers/extcon/extcon.c | 3 +- drivers/gpu/drm/amd/amdgpu/aldebaran.c | 26 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c | 21 +- drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c | 31 +++ drivers/gpu/drm/amd/amdgpu/amdgpu_mes.h | 10 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 13 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_sync.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.c | 6 +- drivers/gpu/drm/amd/amdgpu/gfxhub_v1_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/gfxhub_v1_2.c | 4 +- drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c | 4 + drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 5 + drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 4 + drivers/gpu/drm/amd/amdgpu/mmhub_v1_0.c | 4 +- .../gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 2 + drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 42 ++-- drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 24 ++- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 30 +-- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 9 +- drivers/gpu/drm/amd/display/dc/core/dc.c | 4 + drivers/gpu/drm/amd/display/dc/dc_hw_types.h | 2 +- .../amd/display/dc/dce110/dce110_hw_sequencer.c | 3 +- .../drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c | 3 +- drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 23 ++- drivers/gpu/drm/amd/display/dc/dcn31/dcn31_hwseq.c | 3 +- .../amd/display/dc/dml/dcn32/display_mode_vba_32.c | 3 + .../dc/dml/dcn32/display_mode_vba_util_32.c | 33 ++- .../dc/dml/dcn32/display_mode_vba_util_32.h | 1 + drivers/gpu/drm/amd/display/dc/link/link_dpms.c | 13 +- .../display/dc/link/protocols/link_dp_dpia_bw.c | 221 +++++++++------------ .../display/dc/link/protocols/link_dp_dpia_bw.h | 4 +- .../drm/amd/display/modules/power/power_helpers.c | 2 - drivers/gpu/drm/amd/include/amd_shared.h | 2 - drivers/gpu/drm/amd/include/mes_v11_api_def.h | 3 +- .../amd/pm/powerplay/hwmgr/process_pptables_v1_0.c | 2 +- .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 17 +- drivers/gpu/drm/bridge/analogix/anx7625.c | 51 +++-- drivers/gpu/drm/bridge/analogix/anx7625.h | 4 + drivers/gpu/drm/drm_file.c | 2 +- drivers/gpu/drm/drm_framebuffer.c | 2 +- drivers/gpu/drm/drm_mipi_dsi.c | 17 +- drivers/gpu/drm/exynos/exynos_drm_drv.c | 11 + .../gpu/drm/msm/disp/dpu1/catalog/dpu_7_0_sm8350.h | 18 ++ .../gpu/drm/msm/disp/dpu1/catalog/dpu_8_1_sm8450.h | 18 ++ drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 5 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_wb.c | 3 + drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 1 + drivers/gpu/drm/msm/dp/dp_display.c | 6 + drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 + drivers/gpu/drm/panel/panel-edp.c | 48 ++++- drivers/hid/hidraw.c | 7 +- drivers/hwmon/hp-wmi-sensors.c | 127 ++++++++++-- drivers/hwmon/nct6775-core.c | 7 + drivers/i2c/busses/i2c-rk3x.c | 8 +- drivers/i3c/master/i3c-master-cdns.c | 7 +- drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 7 +- drivers/leds/trigger/ledtrig-panic.c | 5 +- drivers/mailbox/arm_mhuv2.c | 3 +- drivers/md/md.c | 54 ++++- drivers/media/i2c/imx335.c | 4 +- drivers/media/pci/ddbridge/ddbridge-main.c | 2 +- drivers/media/platform/amphion/vpu.h | 3 +- drivers/media/platform/amphion/vpu_cmds.c | 28 +-- drivers/media/platform/amphion/vpu_v4l2.c | 1 + drivers/media/platform/rockchip/rga/rga.c | 15 +- .../media/platform/rockchip/rkisp1/rkisp1-common.h | 11 +- .../media/platform/rockchip/rkisp1/rkisp1-csi.c | 14 +- .../media/platform/rockchip/rkisp1/rkisp1-dev.c | 35 +++- .../media/platform/rockchip/rkisp1/rkisp1-isp.c | 20 +- .../platform/rockchip/rkisp1/rkisp1-resizer.c | 38 ++-- drivers/media/usb/stk1160/stk1160-video.c | 5 +- drivers/media/usb/uvc/uvc_driver.c | 18 ++ drivers/mfd/Kconfig | 1 + drivers/misc/lis3lv02d/lis3lv02d_i2c.c | 1 + drivers/net/bonding/bond_alb.c | 3 +- drivers/net/dsa/mt7530.c | 3 +- drivers/net/dsa/mv88e6xxx/chip.h | 4 +- drivers/net/dsa/mv88e6xxx/serdes.c | 10 +- drivers/net/dsa/mv88e6xxx/serdes.h | 8 +- drivers/net/dsa/qca/qca8k-8xxx.c | 24 ++- drivers/net/ethernet/amd/pds_core/adminq.c | 64 ++++-- drivers/net/ethernet/amd/pds_core/core.c | 52 +++-- drivers/net/ethernet/amd/pds_core/core.h | 6 +- drivers/net/ethernet/amd/pds_core/debugfs.c | 4 + drivers/net/ethernet/amd/pds_core/dev.c | 16 +- drivers/net/ethernet/amd/pds_core/devlink.c | 3 +- drivers/net/ethernet/amd/pds_core/fw.c | 3 + drivers/net/ethernet/amd/pds_core/main.c | 55 ++++- drivers/net/ethernet/aquantia/atlantic/aq_ptp.c | 28 +-- drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 61 ++---- drivers/net/ethernet/aquantia/atlantic/aq_ring.h | 22 +- drivers/net/ethernet/aquantia/atlantic/aq_vec.c | 23 +-- drivers/net/ethernet/google/gve/gve_rx.c | 8 +- drivers/net/ethernet/intel/e1000e/e1000.h | 20 ++ drivers/net/ethernet/intel/e1000e/ptp.c | 22 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 32 +++ drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 1 + drivers/net/ethernet/intel/ice/ice_adminq_cmd.h | 18 +- drivers/net/ethernet/intel/ice/ice_lib.c | 7 +- drivers/net/ethernet/intel/ice/ice_virtchnl.c | 12 +- drivers/net/ethernet/intel/ice/ice_vsi_vlan_lib.c | 16 +- drivers/net/ethernet/intel/ixgbe/ixgbe_82598.c | 36 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_82599.c | 61 +++--- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 145 +++++++------- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 42 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.c | 34 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 1 - drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 105 +++++----- drivers/net/ethernet/intel/ixgbe/ixgbe_phy.h | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 43 +--- drivers/net/ethernet/intel/ixgbe/ixgbe_x540.c | 44 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 149 +++++++------- drivers/net/ethernet/marvell/mvmdio.c | 53 ++--- .../net/ethernet/marvell/octeontx2/af/rvu_npc.c | 13 +- .../ethernet/marvell/octeontx2/nic/otx2_ethtool.c | 1 - .../net/ethernet/marvell/octeontx2/nic/otx2_pf.c | 3 +- .../net/ethernet/marvell/octeontx2/nic/otx2_txrx.c | 7 +- drivers/net/ethernet/mediatek/mtk_eth_soc.c | 5 +- .../net/ethernet/microchip/lan966x/lan966x_port.c | 5 +- .../net/ethernet/pensando/ionic/ionic_bus_pci.c | 4 + drivers/net/ethernet/pensando/ionic/ionic_dev.c | 1 + drivers/net/ethernet/pensando/ionic/ionic_dev.h | 1 + drivers/net/ethernet/pensando/ionic/ionic_lif.c | 3 + drivers/net/ethernet/pensando/ionic/ionic_main.c | 22 +- drivers/net/phy/at803x.c | 6 +- drivers/net/phy/mediatek-ge-soc.c | 147 ++++++++------ drivers/net/phy/micrel.c | 6 +- drivers/net/usb/ax88179_178a.c | 2 - drivers/net/virtio_net.c | 9 +- drivers/net/wireless/ath/ath11k/pcic.c | 4 +- drivers/net/wireless/ath/ath12k/hal.c | 4 +- drivers/net/wireless/ath/ath12k/hw.c | 3 +- drivers/net/wireless/ath/ath12k/mac.c | 4 +- drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 5 +- .../net/wireless/mediatek/mt76/mt76_connac_mcu.c | 2 +- drivers/net/wireless/mediatek/mt76/mt7996/pci.c | 8 +- drivers/net/wireless/ralink/rt2x00/rt2800lib.c | 2 +- drivers/net/wireless/ralink/rt2x00/rt2x00dev.c | 3 + drivers/net/wireless/ralink/rt2x00/rt2x00mac.c | 11 + .../net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 12 ++ .../net/wireless/realtek/rtlwifi/rtl8723ae/phy.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8723be/phy.c | 4 +- drivers/net/wireless/realtek/rtw89/coex.c | 4 +- drivers/net/wireless/realtek/rtw89/core.c | 2 +- drivers/net/wireless/realtek/rtw89/core.h | 12 +- drivers/net/wireless/realtek/rtw89/fw.c | 17 +- drivers/net/wireless/realtek/rtw89/mac.c | 29 ++- drivers/net/wireless/realtek/rtw89/mac.h | 1 + drivers/net/wireless/realtek/rtw89/mac80211.c | 3 + drivers/net/wireless/silabs/wfx/sta.c | 42 ++-- drivers/pci/pci.h | 2 +- drivers/pci/pcie/aer.c | 9 +- drivers/pci/quirks.c | 24 ++- drivers/pci/switch/switchtec.c | 25 ++- drivers/perf/arm_pmuv3.c | 6 +- drivers/pinctrl/intel/pinctrl-baytrail.c | 3 +- drivers/pnp/pnpacpi/rsparser.c | 12 +- drivers/regulator/core.c | 56 +++--- drivers/regulator/ti-abb-regulator.c | 22 +- drivers/s390/crypto/vfio_ap_ops.c | 16 +- drivers/scsi/arcmsr/arcmsr.h | 4 + drivers/scsi/arcmsr/arcmsr_hba.c | 6 + drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 10 +- drivers/scsi/isci/request.c | 2 +- drivers/scsi/libfc/fc_fcp.c | 18 +- drivers/scsi/lpfc/lpfc.h | 1 + drivers/scsi/lpfc/lpfc_els.c | 14 +- drivers/scsi/lpfc/lpfc_init.c | 4 +- drivers/scsi/lpfc/lpfc_vmid.c | 1 + drivers/scsi/mpi3mr/mpi3mr_fw.c | 3 +- drivers/scsi/mpi3mr/mpi3mr_os.c | 13 +- drivers/scsi/scsi_error.c | 8 +- drivers/scsi/scsi_lib.c | 2 +- drivers/scsi/scsi_priv.h | 2 +- drivers/soc/xilinx/xlnx_event_manager.c | 7 +- drivers/spmi/spmi-mtk-pmif.c | 7 +- drivers/thermal/thermal_core.c | 30 ++- drivers/tty/tty_ioctl.c | 4 +- drivers/usb/core/hub.c | 33 ++- drivers/usb/host/xhci-plat.c | 23 ++- drivers/usb/host/xhci.c | 40 ++-- drivers/watchdog/it87_wdt.c | 14 +- drivers/watchdog/starfive-wdt.c | 2 + drivers/xen/gntdev-dmabuf.c | 50 ++--- fs/9p/v9fs_vfs.h | 1 + fs/9p/vfs_inode.c | 6 +- fs/9p/vfs_inode_dotl.c | 1 + fs/afs/callback.c | 3 +- fs/afs/server.c | 7 +- fs/ceph/caps.c | 9 +- fs/ceph/mds_client.c | 2 +- fs/ceph/quota.c | 39 ++-- fs/dcache.c | 7 +- fs/ecryptfs/inode.c | 8 + fs/erofs/zdata.c | 2 +- fs/erofs/zmap.c | 32 ++- fs/ext4/extents.c | 6 +- fs/ext4/mballoc.c | 11 +- fs/ext4/resize.c | 37 ++-- fs/f2fs/compress.c | 4 +- fs/f2fs/file.c | 2 + fs/f2fs/recovery.c | 25 ++- fs/jfs/jfs_dmap.c | 57 +++--- fs/jfs/jfs_dtree.c | 7 +- fs/jfs/jfs_imap.c | 3 + fs/jfs/jfs_mount.c | 6 +- fs/kernfs/dir.c | 12 ++ fs/proc/proc_sysctl.c | 9 +- fs/pstore/ram.c | 1 + fs/reiserfs/namei.c | 54 ++--- fs/smb/client/cifsglob.h | 30 ++- fs/smb/client/cifsproto.h | 15 +- fs/smb/client/cifssmb.c | 17 +- fs/smb/client/inode.c | 3 +- fs/smb/client/link.c | 4 +- fs/smb/client/smb2inode.c | 55 +++-- fs/smb/client/smb2proto.h | 16 +- include/asm-generic/numa.h | 2 + include/asm-generic/unaligned.h | 24 +-- include/drm/drm_color_mgmt.h | 1 + include/drm/drm_mipi_dsi.h | 2 + include/linux/irq_work.h | 3 + include/linux/minmax.h | 129 ++++++------ include/linux/mmzone.h | 6 +- include/linux/netfilter/ipset/ip_set.h | 4 + include/linux/pci_ids.h | 1 + include/linux/thermal.h | 2 + include/net/af_unix.h | 20 +- include/net/ip.h | 2 +- include/net/netfilter/nf_tables.h | 2 + kernel/audit.c | 31 ++- kernel/bpf/arraymap.c | 23 ++- kernel/bpf/helpers.c | 13 +- kernel/bpf/syscall.c | 6 + kernel/events/core.c | 38 ++-- lib/debugobjects.c | 200 ++++++++----------- lib/kunit/executor.c | 4 + lib/kunit/test.c | 14 +- net/bluetooth/hci_sync.c | 10 +- net/bluetooth/iso.c | 51 ++++- net/bluetooth/l2cap_core.c | 3 +- net/bpf/test_run.c | 2 +- net/bridge/br_cfm_netlink.c | 2 +- net/bridge/br_multicast.c | 20 +- net/bridge/br_private.h | 4 +- net/devlink/port.c | 2 +- net/ipv4/ip_output.c | 12 +- net/ipv4/ip_sockglue.c | 6 +- net/ipv4/ipmr.c | 2 +- net/ipv4/raw.c | 2 +- net/ipv4/tcp.c | 12 +- net/ipv4/udp.c | 2 +- net/ipv6/addrconf_core.c | 21 +- net/ipv6/ip6_tunnel.c | 21 +- net/kcm/kcmsock.c | 2 +- net/llc/af_llc.c | 2 + net/netfilter/ipset/ip_set_bitmap_gen.h | 14 +- net/netfilter/ipset/ip_set_core.c | 37 +++- net/netfilter/ipset/ip_set_hash_gen.h | 15 +- net/netfilter/ipset/ip_set_list_set.c | 13 +- net/netfilter/nf_conntrack_proto_tcp.c | 10 +- net/netfilter/nf_log.c | 7 +- net/netfilter/nf_tables_api.c | 14 +- net/netfilter/nft_ct.c | 24 +++ net/netfilter/nft_tunnel.c | 1 + net/rxrpc/conn_service.c | 3 +- net/smc/smc_clc.c | 14 ++ net/sunrpc/xprtmultipath.c | 17 +- net/unix/af_unix.c | 14 +- net/unix/diag.c | 2 +- net/wireless/scan.c | 4 + sound/hda/hdac_stream.c | 9 +- sound/hda/intel-dsp-config.c | 10 + sound/pci/hda/hda_intel.c | 2 + sound/pci/hda/patch_conexant.c | 115 ++++++++++- sound/soc/amd/acp-config.c | 15 +- tools/build/feature/test-libopencsd.c | 4 +- tools/lib/bpf/libbpf.c | 2 + tools/lib/bpf/libbpf_common.h | 13 +- tools/lib/subcmd/help.c | 18 +- tools/testing/kunit/kunit_parser.py | 4 +- tools/testing/selftests/bpf/cgroup_helpers.c | 18 +- tools/testing/selftests/bpf/prog_tests/btf.c | 6 +- tools/testing/selftests/bpf/prog_tests/tc_opts.c | 6 +- tools/testing/selftests/bpf/progs/pyperf180.c | 22 ++ .../selftests/bpf/progs/test_global_func17.c | 1 + tools/testing/selftests/bpf/veristat.c | 2 +- tools/testing/selftests/bpf/xdp_hw_metadata.c | 2 +- .../selftests/drivers/net/bonding/lag_lib.sh | 11 + tools/testing/selftests/drivers/net/team/config | 4 +- tools/testing/selftests/net/Makefile | 5 +- tools/testing/selftests/net/config | 16 ++ tools/testing/selftests/net/pmtu.sh | 18 +- tools/testing/selftests/net/setup_veth.sh | 2 +- tools/testing/selftests/net/udpgro.sh | 4 +- tools/testing/selftests/net/udpgro_bench.sh | 4 +- tools/testing/selftests/net/udpgro_frglist.sh | 6 +- tools/testing/selftests/net/udpgro_fwd.sh | 8 +- tools/testing/selftests/net/veth.sh | 4 +- tools/testing/selftests/net/xdp_dummy.c | 13 ++ tools/testing/selftests/nolibc/nolibc-test.c | 4 +- tools/testing/selftests/sgx/test_encl.lds | 6 +- 442 files changed, 3780 insertions(+), 2153 deletions(-)

1 year, 7 months

7
333
0 0

[PATCH net,v2] hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed

by Shradha Gupta

If hv_netvsc driver is unloaded and reloaded, the NET_DEVICE_REGISTER handler cannot perform VF register successfully as the register call is received before netvsc_probe is finished. This is because we register register_netdevice_notifier() very early( even before vmbus_driver_register()). To fix this, we try to register each such matching VF( if it is visible as a netdevice) at the end of netvsc_probe. Cc: stable(a)vger.kernel.org Fixes: 85520856466e ("hv_netvsc: Fix race of register_netdevice_notifier and VF register") Suggested-by: Dexuan Cui <decui(a)microsoft.com> Signed-off-by: Shradha Gupta <shradhagupta(a)linux.microsoft.com> --- Changes in v2: * Fixed the subject line of patch with branch details(net) * Added the logic to attach just the one right vf during register * Corrected comment messages * Renamed the context marco with a more appropriate name * Created a new function to avoid code repetition. --- drivers/net/hyperv/netvsc_drv.c | 82 +++++++++++++++++++++++++-------- 1 file changed, 62 insertions(+), 20 deletions(-) diff --git a/drivers/net/hyperv/netvsc_drv.c b/drivers/net/hyperv/netvsc_drv.c index 273bd8a20122..11831a1c9762 100644 --- a/drivers/net/hyperv/netvsc_drv.c +++ b/drivers/net/hyperv/netvsc_drv.c @@ -42,6 +42,10 @@ #define LINKCHANGE_INT (2 * HZ) #define VF_TAKEOVER_INT (HZ / 10) +/* Macros to define the context of vf registration */ +#define VF_REG_IN_PROBE 1 +#define VF_REG_IN_NOTIFIER 2 + static unsigned int ring_size __ro_after_init = 128; module_param(ring_size, uint, 0444); MODULE_PARM_DESC(ring_size, "Ring buffer size (# of 4K pages)"); @@ -2185,7 +2189,7 @@ static rx_handler_result_t netvsc_vf_handle_frame(struct sk_buff **pskb) } static int netvsc_vf_join(struct net_device *vf_netdev, - struct net_device *ndev) + struct net_device *ndev, int context) { struct net_device_context *ndev_ctx = netdev_priv(ndev); int ret; @@ -2208,7 +2212,11 @@ static int netvsc_vf_join(struct net_device *vf_netdev, goto upper_link_failed; } - schedule_delayed_work(&ndev_ctx->vf_takeover, VF_TAKEOVER_INT); + /* If this registration is called from probe context vf_takeover + * is taken care of later in probe itself. + */ + if (context == VF_REG_IN_NOTIFIER) + schedule_delayed_work(&ndev_ctx->vf_takeover, VF_TAKEOVER_INT); call_netdevice_notifiers(NETDEV_JOIN, vf_netdev); @@ -2346,7 +2354,7 @@ static int netvsc_prepare_bonding(struct net_device *vf_netdev) return NOTIFY_DONE; } -static int netvsc_register_vf(struct net_device *vf_netdev) +static int netvsc_register_vf(struct net_device *vf_netdev, int context) { struct net_device_context *net_device_ctx; struct netvsc_device *netvsc_dev; @@ -2386,7 +2394,7 @@ static int netvsc_register_vf(struct net_device *vf_netdev) netdev_info(ndev, "VF registering: %s\n", vf_netdev->name); - if (netvsc_vf_join(vf_netdev, ndev) != 0) + if (netvsc_vf_join(vf_netdev, ndev, context) != 0) return NOTIFY_DONE; dev_hold(vf_netdev); @@ -2484,10 +2492,31 @@ static int netvsc_unregister_vf(struct net_device *vf_netdev) return NOTIFY_OK; } +static int check_dev_is_matching_vf(struct net_device *event_ndev) +{ + /* Skip NetVSC interfaces */ + if (event_ndev->netdev_ops == &device_ops) + return -ENODEV; + + /* Avoid non-Ethernet type devices */ + if (event_ndev->type != ARPHRD_ETHER) + return -ENODEV; + + /* Avoid Vlan dev with same MAC registering as VF */ + if (is_vlan_dev(event_ndev)) + return -ENODEV; + + /* Avoid Bonding master dev with same MAC registering as VF */ + if (netif_is_bond_master(event_ndev)) + return -ENODEV; + + return 0; +} + static int netvsc_probe(struct hv_device *dev, const struct hv_vmbus_device_id *dev_id) { - struct net_device *net = NULL; + struct net_device *net = NULL, *vf_netdev; struct net_device_context *net_device_ctx; struct netvsc_device_info *device_info = NULL; struct netvsc_device *nvdev; @@ -2599,6 +2628,30 @@ static int netvsc_probe(struct hv_device *dev, } list_add(&net_device_ctx->list, &netvsc_dev_list); + + /* When the hv_netvsc driver is unloaded and reloaded, the + * NET_DEVICE_REGISTER for the vf device is replayed before probe + * is complete. This is because register_netdevice_notifier() gets + * registered before vmbus_driver_register() so that callback func + * is set before probe and we don't miss events like NETDEV_POST_INIT + * So, in this section we try to register the matching vf device that + * is present as a netdevice, knowing that its register call is not + * processed in the netvsc_netdev_notifier(as probing is progress and + * get_netvsc_byslot fails). + */ + for_each_netdev(dev_net(net), vf_netdev) { + ret = check_dev_is_matching_vf(vf_netdev); + if (ret != 0) + continue; + + if (net != get_netvsc_byslot(vf_netdev)) + continue; + + netvsc_prepare_bonding(vf_netdev); + netvsc_register_vf(vf_netdev, VF_REG_IN_PROBE); + __netvsc_vf_setup(net, vf_netdev); + break; + } rtnl_unlock(); netvsc_devinfo_put(device_info); @@ -2754,28 +2807,17 @@ static int netvsc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr) { struct net_device *event_dev = netdev_notifier_info_to_dev(ptr); + int ret = 0; - /* Skip our own events */ - if (event_dev->netdev_ops == &device_ops) - return NOTIFY_DONE; - - /* Avoid non-Ethernet type devices */ - if (event_dev->type != ARPHRD_ETHER) - return NOTIFY_DONE; - - /* Avoid Vlan dev with same MAC registering as VF */ - if (is_vlan_dev(event_dev)) - return NOTIFY_DONE; - - /* Avoid Bonding master dev with same MAC registering as VF */ - if (netif_is_bond_master(event_dev)) + ret = check_dev_is_matching_vf(event_dev); + if (ret != 0) return NOTIFY_DONE; switch (event) { case NETDEV_POST_INIT: return netvsc_prepare_bonding(event_dev); case NETDEV_REGISTER: - return netvsc_register_vf(event_dev); + return netvsc_register_vf(event_dev, VF_REG_IN_NOTIFIER); case NETDEV_UNREGISTER: return netvsc_unregister_vf(event_dev); case NETDEV_UP: -- 2.34.1

1 year, 7 months

4
3
0 0

[PATCH] IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (take two)

by Daniel Vacek

Unfortunately the commit `fd8958efe877` introduced another error causing the `descs` array to overflow. This reults in further crashes easily reproducible by `sendmsg` system call. [ 1080.836473] general protection fault, probably for non-canonical address 0x400300015528b00a: 0000 [#1] PREEMPT SMP PTI [ 1080.869326] RIP: 0010:hfi1_ipoib_build_ib_tx_headers.constprop.0+0xe1/0x2b0 [hfi1] -- [ 1080.974535] Call Trace: [ 1080.976990] <TASK> [ 1081.021929] hfi1_ipoib_send_dma_common+0x7a/0x2e0 [hfi1] [ 1081.027364] hfi1_ipoib_send_dma_list+0x62/0x270 [hfi1] [ 1081.032633] hfi1_ipoib_send+0x112/0x300 [hfi1] [ 1081.042001] ipoib_start_xmit+0x2a9/0x2d0 [ib_ipoib] [ 1081.046978] dev_hard_start_xmit+0xc4/0x210 -- [ 1081.148347] __sys_sendmsg+0x59/0xa0 crash> ipoib_txreq 0xffff9cfeba229f00 struct ipoib_txreq { txreq = { list = { next = 0xffff9cfeba229f00, prev = 0xffff9cfeba229f00 }, descp = 0xffff9cfeba229f40, coalesce_buf = 0x0, wait = 0xffff9cfea4e69a48, complete = 0xffffffffc0fe0760 <hfi1_ipoib_sdma_complete>, packet_len = 0x46d, tlen = 0x0, num_desc = 0x0, desc_limit = 0x6, next_descq_idx = 0x45c, coalesce_idx = 0x0, flags = 0x0, descs = {{ qw = {0x8024000120dffb00, 0x4} # SDMA_DESC0_FIRST_DESC_FLAG (bit 63) }, { qw = { 0x3800014231b108, 0x4} }, { qw = { 0x310000e4ee0fcf0, 0x8} }, { qw = { 0x3000012e9f8000, 0x8} }, { qw = { 0x59000dfb9d0000, 0x8} }, { qw = { 0x78000e02e40000, 0x8} }} }, sdma_hdr = 0x400300015528b000, <<< invalid pointer in the tx request structure sdma_status = 0x0, SDMA_DESC0_LAST_DESC_FLAG (bit 62) complete = 0x0, priv = 0x0, txq = 0xffff9cfea4e69880, skb = 0xffff9d099809f400 } With this patch the crashes are no longer reproducible and the machine is stable. Note, the header file changes are just an unrelated clean-up while I was looking around trying to find the bug. Fixes: fd8958efe877 ("IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors") Cc: stable(a)vger.kernel.org Reported-by: Mats Kronberg <kronberg(a)nsc.liu.se> Tested-by: Mats Kronberg <kronberg(a)nsc.liu.se> Signed-off-by: Daniel Vacek <neelx(a)redhat.com> --- drivers/infiniband/hw/hfi1/sdma.c | 2 +- drivers/infiniband/hw/hfi1/sdma.h | 17 +++++++---------- 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/drivers/infiniband/hw/hfi1/sdma.c b/drivers/infiniband/hw/hfi1/sdma.c index 6e5ac2023328a..b67d23b1f2862 100644 --- a/drivers/infiniband/hw/hfi1/sdma.c +++ b/drivers/infiniband/hw/hfi1/sdma.c @@ -3158,7 +3158,7 @@ int _pad_sdma_tx_descs(struct hfi1_devdata *dd, struct sdma_txreq *tx) { int rval = 0; - if ((unlikely(tx->num_desc + 1 == tx->desc_limit))) { + if ((unlikely(tx->num_desc == tx->desc_limit))) { rval = _extend_sdma_tx_descs(dd, tx); if (rval) { __sdma_txclean(dd, tx); diff --git a/drivers/infiniband/hw/hfi1/sdma.h b/drivers/infiniband/hw/hfi1/sdma.h index d77246b48434f..362815a8da267 100644 --- a/drivers/infiniband/hw/hfi1/sdma.h +++ b/drivers/infiniband/hw/hfi1/sdma.h @@ -639,13 +639,13 @@ static inline void sdma_txclean(struct hfi1_devdata *dd, struct sdma_txreq *tx) static inline void _sdma_close_tx(struct hfi1_devdata *dd, struct sdma_txreq *tx) { - u16 last_desc = tx->num_desc - 1; + struct sdma_desc *desc = &tx->descp[tx->num_desc - 1]; - tx->descp[last_desc].qw[0] |= SDMA_DESC0_LAST_DESC_FLAG; - tx->descp[last_desc].qw[1] |= dd->default_desc1; + desc->qw[0] |= SDMA_DESC0_LAST_DESC_FLAG; + desc->qw[1] |= dd->default_desc1; if (tx->flags & SDMA_TXREQ_F_URGENT) - tx->descp[last_desc].qw[1] |= (SDMA_DESC1_HEAD_TO_HOST_FLAG | - SDMA_DESC1_INT_REQ_FLAG); + desc->qw[1] |= (SDMA_DESC1_HEAD_TO_HOST_FLAG | + SDMA_DESC1_INT_REQ_FLAG); } static inline int _sdma_txadd_daddr( @@ -670,13 +670,10 @@ static inline int _sdma_txadd_daddr( tx->tlen -= len; /* special cases for last */ if (!tx->tlen) { - if (tx->packet_len & (sizeof(u32) - 1)) { + if (tx->packet_len & (sizeof(u32) - 1)) rval = _pad_sdma_tx_descs(dd, tx); - if (rval) - return rval; - } else { + else _sdma_close_tx(dd, tx); - } } return rval; } -- 2.43.0

1 year, 7 months

3
4
0 0

+ nilfs2-fix-potential-bug-in-end_buffer_async_write.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: nilfs2: fix potential bug in end_buffer_async_write has been added to the -mm mm-hotfixes-unstable branch. Its filename is nilfs2-fix-potential-bug-in-end_buffer_async_write.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Subject: nilfs2: fix potential bug in end_buffer_async_write Date: Sun, 4 Feb 2024 01:16:45 +0900 According to a syzbot report, end_buffer_async_write(), which handles the completion of block device writes, may detect abnormal condition of the buffer async_write flag and cause a BUG_ON failure when using nilfs2. Nilfs2 itself does not use end_buffer_async_write(). But, the async_write flag is now used as a marker by commit 7f42ec394156 ("nilfs2: fix issue with race condition of competition between segments for dirty blocks") as a means of resolving double list insertion of dirty blocks in nilfs_lookup_dirty_data_buffers() and nilfs_lookup_node_buffers() and the resulting crash. This modification is safe as long as it is used for file data and b-tree node blocks where the page caches are independent. However, it was irrelevant and redundant to also introduce async_write for segment summary and super root blocks that share buffers with the backing device. This led to the possibility that the BUG_ON check in end_buffer_async_write would fail as described above, if independent writebacks of the backing device occurred in parallel. The use of async_write for segment summary buffers has already been removed in a previous change. Fix this issue by removing the manipulation of the async_write flag for the remaining super root block buffer. Link: https://lkml.kernel.org/r/20240203161645.4992-1-konishi.ryusuke@gmail.com Fixes: 7f42ec394156 ("nilfs2: fix issue with race condition of competition between segments for dirty blocks") Signed-off-by: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Reported-by: syzbot+5c04210f7c7f897c1e7f(a)syzkaller.appspotmail.com Closes: https://lkml.kernel.org/r/00000000000019a97c05fd42f8c8@google.com Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/nilfs2/segment.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) --- a/fs/nilfs2/segment.c~nilfs2-fix-potential-bug-in-end_buffer_async_write +++ a/fs/nilfs2/segment.c @@ -1703,7 +1703,6 @@ static void nilfs_segctor_prepare_write( list_for_each_entry(bh, &segbuf->sb_payload_buffers, b_assoc_buffers) { - set_buffer_async_write(bh); if (bh == segbuf->sb_super_root) { if (bh->b_folio != bd_folio) { folio_lock(bd_folio); @@ -1714,6 +1713,7 @@ static void nilfs_segctor_prepare_write( } break; } + set_buffer_async_write(bh); if (bh->b_folio != fs_folio) { nilfs_begin_folio_io(fs_folio); fs_folio = bh->b_folio; @@ -1800,7 +1800,6 @@ static void nilfs_abort_logs(struct list list_for_each_entry(bh, &segbuf->sb_payload_buffers, b_assoc_buffers) { - clear_buffer_async_write(bh); if (bh == segbuf->sb_super_root) { clear_buffer_uptodate(bh); if (bh->b_folio != bd_folio) { @@ -1809,6 +1808,7 @@ static void nilfs_abort_logs(struct list } break; } + clear_buffer_async_write(bh); if (bh->b_folio != fs_folio) { nilfs_end_folio_io(fs_folio, err); fs_folio = bh->b_folio; @@ -1896,8 +1896,9 @@ static void nilfs_segctor_complete_write BIT(BH_Delay) | BIT(BH_NILFS_Volatile) | BIT(BH_NILFS_Redirected)); - set_mask_bits(&bh->b_state, clear_bits, set_bits); if (bh == segbuf->sb_super_root) { + set_buffer_uptodate(bh); + clear_buffer_dirty(bh); if (bh->b_folio != bd_folio) { folio_end_writeback(bd_folio); bd_folio = bh->b_folio; @@ -1905,6 +1906,7 @@ static void nilfs_segctor_complete_write update_sr = true; break; } + set_mask_bits(&bh->b_state, clear_bits, set_bits); if (bh->b_folio != fs_folio) { nilfs_end_folio_io(fs_folio, 0); fs_folio = bh->b_folio; _ Patches currently in -mm which might be from konishi.ryusuke(a)gmail.com are nilfs2-fix-data-corruption-in-dsync-block-recovery-for-small-block-sizes.patch nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch nilfs2-fix-potential-bug-in-end_buffer_async_write.patch nilfs2-convert-segment-buffer-to-use-kmap_local.patch nilfs2-convert-nilfs_copy_buffer-to-use-kmap_local.patch nilfs2-convert-metadata-file-common-code-to-use-kmap_local.patch nilfs2-convert-sufile-to-use-kmap_local.patch nilfs2-convert-persistent-object-allocator-to-use-kmap_local.patch nilfs2-convert-dat-to-use-kmap_local.patch nilfs2-move-nilfs_bmap_write-call-out-of-nilfs_write_inode_common.patch nilfs2-do-not-acquire-rwsem-in-nilfs_bmap_write.patch nilfs2-convert-ifile-to-use-kmap_local.patch nilfs2-localize-highmem-mapping-for-checkpoint-creation-within-cpfile.patch nilfs2-localize-highmem-mapping-for-checkpoint-finalization-within-cpfile.patch nilfs2-localize-highmem-mapping-for-checkpoint-reading-within-cpfile.patch nilfs2-remove-nilfs_cpfile_getput_checkpoint.patch nilfs2-convert-cpfile-to-use-kmap_local.patch

1 year, 7 months

1
0
0 0

+ mm-damon-sysfs-schemes-fix-wrong-damos-tried-regions-update-timeout-setup.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/damon/sysfs-schemes: fix wrong DAMOS tried regions update timeout setup has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-damon-sysfs-schemes-fix-wrong-damos-tried-regions-update-timeout-setup.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: SeongJae Park <sj(a)kernel.org> Subject: mm/damon/sysfs-schemes: fix wrong DAMOS tried regions update timeout setup Date: Fri, 2 Feb 2024 11:19:56 -0800 DAMON sysfs interface's update_schemes_tried_regions command has a timeout of two apply intervals of the DAMOS scheme. Having zero value DAMOS scheme apply interval means it will use the aggregation interval as the value. However, the timeout setup logic is mistakenly using the sampling interval insted of the aggregartion interval for the case. This could cause earlier-than-expected timeout of the command. Fix it. Link: https://lkml.kernel.org/r/20240202191956.88791-1-sj@kernel.org Fixes: 7d6fa31a2fd7 ("mm/damon/sysfs-schemes: add timeout for update_schemes_tried_regions") Signed-off-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> # 6.7.x Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/damon/sysfs-schemes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/damon/sysfs-schemes.c~mm-damon-sysfs-schemes-fix-wrong-damos-tried-regions-update-timeout-setup +++ a/mm/damon/sysfs-schemes.c @@ -2194,7 +2194,7 @@ static void damos_tried_regions_init_upd sysfs_regions->upd_timeout_jiffies = jiffies + 2 * usecs_to_jiffies(scheme->apply_interval_us ? scheme->apply_interval_us : - ctx->attrs.sample_interval); + ctx->attrs.aggr_interval); } } _ Patches currently in -mm which might be from sj(a)kernel.org are mm-damon-sysfs-schemes-fix-wrong-damos-tried-regions-update-timeout-setup.patch docs-admin-guide-mm-damon-usage-use-sysfs-interface-for-tracepoints-example.patch mm-damon-rename-config_damon_dbgfs-to-damon_dbgfs_deprecated.patch mm-damon-dbgfs-implement-deprecation-notice-file.patch mm-damon-dbgfs-make-debugfs-interface-deprecation-message-a-macro.patch docs-admin-guide-mm-damon-usage-document-deprecated-file-of-damon-debugfs-interface.patch selftets-damon-prepare-for-monitor_on-file-renaming.patch mm-damon-dbgfs-rename-monitor_on-file-to-monitor_on_deprecated.patch docs-admin-guide-mm-damon-usage-update-for-monitor_on-renaming.patch docs-translations-damon-usage-update-for-monitor_on-renaming.patch

1 year, 7 months

1
0
0 0

Re: [PATCH 6.7 000/355] 6.7.4-rc2 review

by Ronald Warsow

Hi Greg *no* regressions here on x86_64 (Intel Rocket Lake: i5-11400) Thanks Tested-by: Ronald Warsow <rwarsow(a)gmx.de>

1 year, 7 months

2
1
0 0

Stable backport request (was: [PATCH v5 0/4] ASoC: qcom: volume fixes and codec cleanups)

by Johan Hovold

Hi Greg and Sasha, On Tue, Jan 30, 2024 at 01:53:37PM +0100, Johan Hovold wrote: > On Mon, Jan 22, 2024 at 09:54:15PM +0000, Mark Brown wrote: > > On Mon, 22 Jan 2024 19:18:15 +0100, Johan Hovold wrote: > > > To reduce the risk of speaker damage the PA gain needs to be limited on > > > machines like the Lenovo Thinkpad X13s until we have active speaker > > > protection in place. > > > > > > Limit the gain to the current default setting provided by the UCM > > > configuration which most user have so far been using (due to a bug in > > > the configuration files which prevented hardware volume control [1]). > > > > > > [...] > > > > Applied to > > > > https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound.git for-next > > alsa-ucm-conf 1.2.11 was released yesterday, which means that it is now > very urgent to get the speaker volume limitation backported to the > stable trees. > > Could you please try to make sure that these fixes get to Linus this > week? This series (and a related headphone codec fix) were merged into Linus's tree yesterday. I saw that the 6.7.4 stable patches were sent out for review over night, but could it be possible to squeeze in also the following four fixes in 6.7.4 (and 6.6.16)? c481016bb4f8 ASoC: qcom: sc8280xp: limit speaker volumes 4d0e8bdfa4a5 ASoC: codecs: wcd938x: fix headphones volume controls 46188db080bd ASoC: codecs: lpass-wsa-macro: fix compander volume hack b53cc6144a3f ASoC: codecs: wsa883x: fix PA volume control These are needed for proper volume control and, importantly, to prevent users of the Lenovo ThinkPad X13s from potentially damaging their speakers when the distros ship the latest UCM configuration files which were released on Monday. Johan

1 year, 7 months

2
2
0 0

Re: [PATCH 6.7 000/353] 6.7.4-rc1 review

by Ronald Warsow

Hi Greg Kernel does *NOT* boot here on x86_64 (Intel Rocket Lake: i5-11400) and Fedora 39 just after grub the box is dead; not pingable, etc ... Thanks Tested-by: Ronald Warsow <rwarsow(a)gmx.de>

1 year, 7 months

2
3
0 0

[PATCH 0/3] Fix RELEASE_LOCKOWNER

by Chuck Lever

Passes pynfs, fstests, and the git regression suite. Please apply these to origin/linux-5.4.y. --- Chuck Lever (2): NFSD: Modernize nfsd4_release_lockowner() NFSD: Add documenting comment for nfsd4_release_lockowner() NeilBrown (1): nfsd: fix RELEASE_LOCKOWNER fs/nfsd/nfs4state.c | 65 +++++++++++++++++++++++++-------------------- 1 file changed, 36 insertions(+), 29 deletions(-) -- Chuck Lever

1 year, 7 months

4
8
0 0

[PATCH 6.6.y] selftests/bpf: Remove flaky test_btf_id test

by Samasth Norway Ananda

From: Yonghong Song <yonghong.song(a)linux.dev> [ Upstream commit 56925f389e152dcb8d093435d43b78a310539c23 ] With previous patch, one of subtests in test_btf_id becomes flaky and may fail. The following is a failing example: Error: #26 btf Error: #26/174 btf/BTF ID Error: #26/174 btf/BTF ID btf_raw_create:PASS:check 0 nsec btf_raw_create:PASS:check 0 nsec test_btf_id:PASS:check 0 nsec ... test_btf_id:PASS:check 0 nsec test_btf_id:FAIL:check BTF lingersdo_test_get_info:FAIL:check failed: -1 The test tries to prove a btf_id not available after the map is closed. But btf_id is freed only after workqueue and a rcu grace period, compared to previous case just after a rcu grade period. Depending on system workload, workqueue could take quite some time to execute function bpf_map_free_deferred() which may cause the test failure. Instead of adding arbitrary delays, let us remove the logic to check btf_id availability after map is closed. Signed-off-by: Yonghong Song <yonghong.song(a)linux.dev> Link: https://lore.kernel.org/r/20231214203820.1469402-1-yonghong.song@linux.dev Signed-off-by: Alexei Starovoitov <ast(a)kernel.org> [Samasth: backport for 6.6.y] Signed-off-by: Samasth Norway Ananda <samasth.norway.ananda(a)oracle.com> --- Above patch is a fix for 59e5791f59dd ("bpf: Fix a race condition between btf_put() and map_free()"). While the commit causing the error is present in 6.6.y the fix is not present. --- tools/testing/selftests/bpf/prog_tests/btf.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/tools/testing/selftests/bpf/prog_tests/btf.c b/tools/testing/selftests/bpf/prog_tests/btf.c index 92d51f377fe5..0c0881c7eb1a 100644 --- a/tools/testing/selftests/bpf/prog_tests/btf.c +++ b/tools/testing/selftests/bpf/prog_tests/btf.c @@ -4630,11 +4630,6 @@ static int test_btf_id(unsigned int test_num) /* The map holds the last ref to BTF and its btf_id */ close(map_fd); map_fd = -1; - btf_fd[0] = bpf_btf_get_fd_by_id(map_info.btf_id); - if (CHECK(btf_fd[0] >= 0, "BTF lingers")) { - err = -1; - goto done; - } fprintf(stderr, "OK"); -- 2.42.0

1 year, 7 months

3
3
0 0

[PATCH 5.15 6.1] gve: Fix use-after-free vulnerability

by Praveen Kaligineedi

From: Bailey Forrest <bcf(a)google.com> Call skb_shinfo() after gve_prep_tso() on DQO TX path. gve_prep_tso() calls skb_cow_head(), which may reallocate shinfo causing a use after free. This bug was unintentionally fixed by 'a6fb8d5a8b69 ("gve: Tx path for DQO-QPL")' while adding DQO-QPL format support in 6.6. That patch is not appropriate for stable releases. Fixes: a57e5de476be ("gve: DQO: Add TX path") Signed-off-by: Praveen Kaligineedi <pkaligineedi(a)google.com> Signed-off-by: Bailey Forrest <bcf(a)google.com> Reviewed-by: Eric Dumazet <edumazet(a)google.com> Reviewed-by: Jeroen de Borst <jeroendb(a)google.com> Reviewed-by: Kevin DeCabooter <decabooter(a)google.com> --- drivers/net/ethernet/google/gve/gve_tx_dqo.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/net/ethernet/google/gve/gve_tx_dqo.c b/drivers/net/ethernet/google/gve/gve_tx_dqo.c index ec394d991668..94e3b74a10f2 100644 --- a/drivers/net/ethernet/google/gve/gve_tx_dqo.c +++ b/drivers/net/ethernet/google/gve/gve_tx_dqo.c @@ -350,6 +350,7 @@ static void gve_tx_fill_pkt_desc_dqo(struct gve_tx_ring *tx, u32 *desc_idx, /* Validates and prepares `skb` for TSO. * * Returns header length, or < 0 if invalid. + * Warning : Might change skb->head (and thus skb_shinfo). */ static int gve_prep_tso(struct sk_buff *skb) { @@ -451,8 +452,8 @@ gve_tx_fill_general_ctx_desc(struct gve_tx_general_context_desc_dqo *desc, static int gve_tx_add_skb_no_copy_dqo(struct gve_tx_ring *tx, struct sk_buff *skb) { - const struct skb_shared_info *shinfo = skb_shinfo(skb); const bool is_gso = skb_is_gso(skb); + struct skb_shared_info *shinfo; u32 desc_idx = tx->dqo_tx.tail; struct gve_tx_pending_packet_dqo *pkt; @@ -477,6 +478,8 @@ static int gve_tx_add_skb_no_copy_dqo(struct gve_tx_ring *tx, desc_idx = (desc_idx + 1) & tx->mask; } + /* Must get after gve_prep_tso(), which can change shinfo. */ + shinfo = skb_shinfo(skb); gve_tx_fill_general_ctx_desc(&tx->dqo.tx_ring[desc_idx].general_ctx, &metadata); desc_idx = (desc_idx + 1) & tx->mask; -- 2.43.0.429.g432eaa2c6b-goog

1 year, 7 months

2
1
0 0

[PATCH 6.1.y and 6.6.y] LoongArch/smp: Call rcutree_report_cpu_starting() at tlb_init()

by Huacai Chen

Machines which have more than 8 nodes fail to boot SMP after commit a2ccf46333d7b2cf96 ("LoongArch/smp: Call rcutree_report_cpu_starting() earlier"). Because such machines use tlb-based per-cpu base address rather than dmw-based per-cpu base address, resulting per-cpu variables can only be accessed after tlb_init(). But rcutree_report_cpu_starting() is now called before tlb_init() and accesses per-cpu variables indeed. Since the original patch want to avoid the lockdep warning caused by page allocation in tlb_init(), we can move rcutree_report_cpu_starting() to tlb_init() where after tlb exception configuration but before page allocation. Signed-off-by: Huacai Chen <chenhuacai(a)loongson.cn> --- arch/loongarch/kernel/smp.c | 1 - arch/loongarch/mm/tlb.c | 16 ++++++++++------ 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/arch/loongarch/kernel/smp.c b/arch/loongarch/kernel/smp.c index 3f3cdc7ffe7a..4b4ba3f9335d 100644 --- a/arch/loongarch/kernel/smp.c +++ b/arch/loongarch/kernel/smp.c @@ -506,7 +506,6 @@ asmlinkage void start_secondary(void) sync_counter(); cpu = raw_smp_processor_id(); set_my_cpu_offset(per_cpu_offset(cpu)); - rcu_cpu_starting(cpu); cpu_probe(); constant_clockevent_init(); diff --git a/arch/loongarch/mm/tlb.c b/arch/loongarch/mm/tlb.c index 2c51d755fbbc..e71150dd7f4b 100644 --- a/arch/loongarch/mm/tlb.c +++ b/arch/loongarch/mm/tlb.c @@ -284,12 +284,16 @@ static void setup_tlb_handler(int cpu) set_handler(EXCCODE_TLBNR * VECSIZE, handle_tlb_protect, VECSIZE); set_handler(EXCCODE_TLBNX * VECSIZE, handle_tlb_protect, VECSIZE); set_handler(EXCCODE_TLBPE * VECSIZE, handle_tlb_protect, VECSIZE); - } + } else { + int vec_sz __maybe_unused; + void *addr __maybe_unused; + struct page *page __maybe_unused; + + /* Avoid lockdep warning */ + rcu_cpu_starting(cpu); + #ifdef CONFIG_NUMA - else { - void *addr; - struct page *page; - const int vec_sz = sizeof(exception_handlers); + vec_sz = sizeof(exception_handlers); if (pcpu_handlers[cpu]) return; @@ -305,8 +309,8 @@ static void setup_tlb_handler(int cpu) csr_write64(pcpu_handlers[cpu], LOONGARCH_CSR_EENTRY); csr_write64(pcpu_handlers[cpu], LOONGARCH_CSR_MERRENTRY); csr_write64(pcpu_handlers[cpu] + 80*VECSIZE, LOONGARCH_CSR_TLBRENTRY); - } #endif + } } void tlb_init(int cpu) -- 2.39.3

1 year, 7 months

2
1
0 0

[PATCH for-v6.1.y+] drm/msm/dsi: Enable runtime PM

by Amit Pundir

From: Konrad Dybcio <konrad.dybcio(a)linaro.org> [ Upstream commit 6ab502bc1cf3147ea1d8540d04b83a7a4cb6d1f1 ] Some devices power the DSI PHY/PLL through a power rail that we model as a GENPD. Enable runtime PM to make it suspendable. Signed-off-by: Konrad Dybcio <konrad.dybcio(a)linaro.org> Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> Patchwork: https://patchwork.freedesktop.org/patch/543352/ Link: https://lore.kernel.org/r/20230620-topic-dsiphy_rpm-v2-2-a11a751f34f0@linar… Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> Stable-dep-of: 3d07a411b4fa ("drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks") Signed-off-by: Amit Pundir <amit.pundir(a)linaro.org> --- Fixes display regression on DB845c running v6.1.75, v6.6.14 and v6.7.2. drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/gpu/drm/msm/dsi/phy/dsi_phy.c b/drivers/gpu/drm/msm/dsi/phy/dsi_phy.c index 62bc3756f2e2..c0bcf020ef66 100644 --- a/drivers/gpu/drm/msm/dsi/phy/dsi_phy.c +++ b/drivers/gpu/drm/msm/dsi/phy/dsi_phy.c @@ -673,6 +673,10 @@ static int dsi_phy_driver_probe(struct platform_device *pdev) return dev_err_probe(dev, PTR_ERR(phy->ahb_clk), "Unable to get ahb clk\n"); + ret = devm_pm_runtime_enable(&pdev->dev); + if (ret) + return ret; + /* PLL init will call into clk_register which requires * register access, so we need to enable power and ahb clock. */ -- 2.25.1

1 year, 7 months

3
2
0 0

[PATCH 6.1.y] Revert "drm/amd/display: Disable PSR-SU on Parade 0803 TCON again"

by Jonathan Gray

This reverts commit 85d16c03ddd3f9b10212674e16ee8662b185bd14. duplicated a change made in 6.1.69 20907717918f0487258424631b704c7248a72da2 Cc: stable(a)vger.kernel.org # 6.1 Signed-off-by: Jonathan Gray <jsg(a)jsg.id.au> --- drivers/gpu/drm/amd/display/modules/power/power_helpers.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/drivers/gpu/drm/amd/display/modules/power/power_helpers.c b/drivers/gpu/drm/amd/display/modules/power/power_helpers.c index e2f436dea565..67287ad07226 100644 --- a/drivers/gpu/drm/amd/display/modules/power/power_helpers.c +++ b/drivers/gpu/drm/amd/display/modules/power/power_helpers.c @@ -818,8 +818,6 @@ bool is_psr_su_specific_panel(struct dc_link *link) isPSRSUSupported = false; else if (dpcd_caps->sink_dev_id_str[1] == 0x08 && dpcd_caps->sink_dev_id_str[0] == 0x03) isPSRSUSupported = false; - else if (dpcd_caps->sink_dev_id_str[1] == 0x08 && dpcd_caps->sink_dev_id_str[0] == 0x03) - isPSRSUSupported = false; else if (dpcd_caps->psr_info.force_psrsu_cap == 0x1) isPSRSUSupported = true; } -- 2.43.0

1 year, 7 months

2
1
0 0

[PATCH 6.7 000/346] 6.7.3-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.7.3 release. There are 346 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 31 Jan 2024 16:59:28 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.7.3-rc1.… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.7.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.7.3-rc1 Richard Palethorpe <rpalethorpe(a)suse.com> x86/entry/ia32: Ensure s32 is sign extended to s64 Tim Chen <tim.c.chen(a)linux.intel.com> tick/sched: Preserve number of idle sleeps across CPU hotplug events Jiri Wiesner <jwiesner(a)suse.de> clocksource: Skip watchdog check for large watchdog intervals Dawei Li <dawei.li(a)shingroup.cn> genirq: Initialize resend_node hlist for all interrupt descriptors Xi Ruoyao <xry111(a)xry111.site> mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan Quanquan Cao <caoqq(a)fujitsu.com> cxl/region：Fix overflow issue in alloc_hpa() Jithu Joseph <jithu.joseph(a)intel.com> platform/x86/intel/ifs: Call release_firmware() when handling errors. Michael Walle <mwalle(a)kernel.org> drm: bridge: samsung-dsim: Don't use FORCE_STOP_STATE Inochi Amaoto <inochiama(a)outlook.com> riscv: dts: sophgo: separate sg2042 mtime and mtimecmp to fit aclint format Aleksander Jan Bajkowski <olek2(a)wp.pl> MIPS: lantiq: register smp_ops on non-smp platforms Huacai Chen <chenhuacai(a)kernel.org> LoongArch/smp: Call rcutree_report_cpu_starting() at tlb_init() David Lechner <dlechner(a)baylibre.com> spi: fix finalize message on error return Shyam Prasad N <sprasad(a)microsoft.com> cifs: fix stray unlock in cifs_chan_skip_or_disable Amit Kumar Mahapatra <amit.kumar-mahapatra(a)amd.com> spi: spi-cadence: Reverse the order of interleaved write and read operations Kamal Dasu <kamal.dasu(a)broadcom.com> spi: bcm-qspi: fix SFDP BFPT read by usig mspi read Mario Limonciello <mario.limonciello(a)amd.com> cpufreq/amd-pstate: Fix setting scaling max/min freq values Hsin-Yi Wang <hsinyi(a)chromium.org> drm/bridge: anx7625: Ensure bridge is suspended in disable() Li Lingfeng <lilingfeng3(a)huawei.com> block: Move checking GENHD_FL_NO_PART to bdev_add_partition() Mika Westerberg <mika.westerberg(a)linux.intel.com> spi: intel-pci: Remove Meteor Lake-S SoC PCI ID from the list Shravan Kumar Ramani <shravankr(a)nvidia.com> platform/mellanox: mlxbf-pmc: Fix offset calculation for crspace events Artur Weber <aweber.kernel(a)gmail.com> ARM: dts: exynos4212-tab3: add samsung,invert-vclk flag to fimd Wenhua Lin <Wenhua.Lin(a)unisoc.com> gpio: eic-sprd: Clear interrupt after set the interrupt type Armin Wolf <W_Armin(a)gmx.de> platform/x86: wmi: Fix error handling in legacy WMI notify handler functions Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_ffa: Check xa_load() return value Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_ffa: Add missing rwlock_init() for the driver partition Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_ffa: Add missing rwlock_init() in ffa_setup_partitions() Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Fix the clock protocol version for v3.2 Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Use xa_insert() when saving raw queues Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Use xa_insert() to store opps Fedor Pchelkin <pchelkin(a)ispras.ru> drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume Arnd Bergmann <arnd(a)arndb.de> drm/exynos: fix accidental on-stack copy of exynos_drm_plane Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> futex: Prevent the reuse of stale pi_state Yajun Deng <yajun.deng(a)linux.dev> memblock: fix crash when reserved memory is not added to memory Douglas Anderson <dianders(a)chromium.org> drm/bridge: parade-ps8640: Make sure we drop the AUX mutex in the error case Pin-yen Lin <treapking(a)chromium.org> drm/bridge: parade-ps8640: Ensure bridge is suspended in .post_disable() Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/bridge: sii902x: Fix audio codec unregistration Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/bridge: sii902x: Fix probing race issue Arnd Bergmann <arnd(a)arndb.de> drm/panel/raydium-rm692e5: select CONFIG_DRM_DISPLAY_DP_HELPER Artur Weber <aweber.kernel(a)gmail.com> drm/panel: samsung-s6d7aa0: drop DRM_BUS_FLAG_DE_HIGH for lsl080al02 Markus Niebel <Markus.Niebel(a)ew.tq-group.com> drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33] Douglas Anderson <dianders(a)chromium.org> drm/bridge: parade-ps8640: Wait for HPD when doing an AUX transfer Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/gfx11: set UNORD_DISPATCH in compute MQDs Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/gfx10: set UNORD_DISPATCH in compute MQDs Friedrich Vock <friedrich.vock(a)gmx.de> drm/amdgpu: Enable tunneling on high-priority compute queues Dillon Varone <dillon.varone(a)amd.com> drm/amd/display: Init link enc resources in dc_state only if res_pool presents Wenjing Liu <wenjing.liu(a)amd.com> drm/amd/display: update pixel clock params after stream slice count change in context Charlene Liu <charlene.liu(a)amd.com> drm/amd/display: Add logging resource checks Ilya Bakoulin <ilya.bakoulin(a)amd.com> drm/amd/display: Clear OPTC mem select on disable George Shen <george.shen(a)amd.com> drm/amd/display: Disconnect phantom pipe OPP from OPTC being disabled Ilya Bakoulin <ilya.bakoulin(a)amd.com> drm/amd/display: Fix hang/underflow when transitioning to ODM4:1 Hsin-Yi Wang <hsinyi(a)chromium.org> drm/panel-edp: drm/panel-edp: Fix AUO B116XTN02 name Hsin-Yi Wang <hsinyi(a)chromium.org> drm/panel-edp: drm/panel-edp: Fix AUO B116XAK01 name and timing Sheng-Liang Pan <sheng-liang.pan(a)quanta.corp-partner.google.com> drm/panel-edp: Add AUO B116XTN02, BOE NT116WHM-N21,836X2, NV116WHM-N49 V8.0 Taimur Hassan <syed.hassan(a)amd.com> drm/amd/display: Fix conversions between bytes and KB Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> drm/amd/display: Wake DMCUB before executing GPINT commands Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> drm/amd/display: Wake DMCUB before sending a command Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> drm/amd/display: Refactor DMCUB enter/exit idle interface Samson Tam <samson.tam(a)amd.com> drm/amd/display: do not send commands to DMUB if DMUB is inactive from S3 Naohiro Aota <naohiro.aota(a)wdc.com> btrfs: zoned: optimize hint byte for zoned allocator Naohiro Aota <naohiro.aota(a)wdc.com> btrfs: zoned: factor out prepare_allocation_zoned() Alexander Stein <alexander.stein(a)ew.tq-group.com> media: i2c: imx290: Properly encode registers as little-endian Alexander Stein <alexander.stein(a)ew.tq-group.com> media: v4l2-cci: Add support for little-endian encoded registers Sakari Ailus <sakari.ailus(a)linux.intel.com> media: v4l: cci: Add macros to obtain register width and address Sakari Ailus <sakari.ailus(a)linux.intel.com> media: v4l: cci: Include linux/bits.h Ricardo Neri <ricardo.neri-calderon(a)linux.intel.com> thermal: intel: hfi: Add syscore callbacks for system-wide PM Ricardo Neri <ricardo.neri-calderon(a)linux.intel.com> thermal: intel: hfi: Disable an HFI instance when all its CPUs go offline Ricardo Neri <ricardo.neri-calderon(a)linux.intel.com> thermal: intel: hfi: Refactor enabling code into helper functions Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/display: Fix uninitialized variable usage in core_link_ 'read_dpcd() & write_dpcd()' functions Ma Jun <Jun.Ma2(a)amd.com> drm/amdgpu/pm: Fix the power source flag error Kenneth Feng <kenneth.feng(a)amd.com> drm/amd/pm: update the power cap setting Lijo Lazar <lijo.lazar(a)amd.com> drm/amdgpu: Show vram vendor only if available Lijo Lazar <lijo.lazar(a)amd.com> drm/amdgpu: Avoid fetching vram vendor information Lijo Lazar <lijo.lazar(a)amd.com> drm/amd/pm: Fetch current power limit from FW Tom St Denis <tom.stdenis(a)amd.com> drm/amd/amdgpu: Assign GART pages to AMD device mapping Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> drm/amd/display: Fix a switch statement in populate_dml_output_cfg_from_stream_state() Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()' Wayne Lin <Wayne.Lin(a)amd.com> drm/amd/display: Align the returned error code with legacy DP Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> drm/amd/display: Port DENTIST hang and TDR fixes to OTG disable W/A Ovidiu Bunea <ovidiu.bunea(a)amd.com> drm/amd/display: Fix DML2 watermark calculation Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay() Lijo Lazar <lijo.lazar(a)amd.com> drm/amd/pm: Add error log for smu v13.0.6 reset Lijo Lazar <lijo.lazar(a)amd.com> drm/amd/pm: Fix smuv13.0.6 current clock reporting Likun Gao <Likun.Gao(a)amd.com> drm/amdgpu: correct the cu count for gfx v11 Yifan Zhang <yifan1.zhang(a)amd.com> drm/amdgpu: update regGL2C_CTRL4 value in golden setting Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: drop exp hw support check for GC 9.4.3 Ori Messinger <Ori.Messinger(a)amd.com> drm/amdgpu: Enable GFXOFF for Compute on GFX11 Aurabindo Pillai <aurabindo.pillai(a)amd.com> drm/amd/display: Fix a debugfs null pointer error Dan Carpenter <dan.carpenter(a)linaro.org> drm/bridge: nxp-ptn3460: simplify some error checking Ivan Lipski <ivlipski(a)amd.com> Revert "drm/amd/display: fix bandwidth validation failure on DCN 2.1" Mario Limonciello <mario.limonciello(a)amd.com> drm/amd/display: Disable PSR-SU on Parade 0803 TCON again Melissa Wen <mwen(a)igalia.com> drm/amd/display: fix bandwidth validation failure on DCN 2.1 Javier Martinez Canillas <javierm(a)redhat.com> drm: Allow drivers to indicate the damage helpers to ignore damage clips Javier Martinez Canillas <javierm(a)redhat.com> drm/virtio: Disable damage clipping if FB changed since last page-flip Zack Rusin <zack.rusin(a)broadcom.com> drm: Disable the cursor plane on atomic contexts with virtualized drivers Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/tidss: Fix atomic_flush check Thomas Zimmermann <tzimmermann(a)suse.de> drm: Fix TODO list mentioning non-KMS drivers Dan Carpenter <dan.carpenter(a)linaro.org> drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/psr: Only allow PSR in LPSP mode on HSW non-ULT Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm: Don't unref the same fb many times by mistake due to deadlock handling Ville Syrjälä <ville.syrjala(a)linux.intel.com> Revert "drm/i915/dsi: Do display on sequence later on icl+" Dave Airlie <airlied(a)redhat.com> Revert "nouveau: push event block/allowing out of the fence context" Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: intel_pstate: Refine computation of P-state for given frequency Mario Limonciello <mario.limonciello(a)amd.com> gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 Dave Chinner <dchinner(a)redhat.com> xfs: read only mounts with fsopen mount API are busted Ma Jun <Jun.Ma2(a)amd.com> drm/amdgpu: Fix the null pointer when load rlc firmware Thomas Zimmermann <tzimmermann(a)suse.de> Revert "drivers/firmware: Move sysfb_init() from device_initcall to subsys_initcall_sync" Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Check mailbox/SMT channel for consistency Lin Ma <linma(a)zju.edu.cn> ksmbd: fix global oob in ksmbd_nl_policy Shin'ichiro Kawasaki <shinichiro.kawasaki(a)wdc.com> platform/x86: p2sb: Allow p2sb_bar() calls during PCI device probe Nathan Chancellor <nathan(a)kernel.org> platform/x86: intel-uncore-freq: Fix types in sysfs callbacks Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: reject QUEUE/DROP verdict parameters Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Michael Kelley <mhklinux(a)outlook.com> hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes Amir Goldstein <amir73il(a)gmail.com> ovl: mark xwhiteouts directory with overlay.opaque='x' NeilBrown <neilb(a)suse.de> nfsd: fix RELEASE_LOCKOWNER Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: iwlwifi: fix a memory corruption Bernd Edlinger <bernd.edlinger(a)hotmail.de> exec: Fix error handling in begin_new_exec() Ilya Dryomov <idryomov(a)gmail.com> rbd: don't move requests to the running list on errors Omar Sandoval <osandov(a)fb.com> btrfs: don't abort filesystem when attempting to snapshot deleted subvolume Qu Wenruo <wqu(a)suse.com> btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args David Sterba <dsterba(a)suse.com> btrfs: don't warn if discard range is not aligned to sector Chung-Chiang Cheng <cccheng(a)synology.com> btrfs: tree-checker: fix inline ref size in error messages Fedor Pchelkin <pchelkin(a)ispras.ru> btrfs: ref-verify: free ref cache before clearing mount opt Omar Sandoval <osandov(a)fb.com> btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted Naohiro Aota <naohiro.aota(a)wdc.com> btrfs: zoned: fix lock ordering in btrfs_zone_activate() Gerhard Engleder <gerhard(a)engleder-embedded.com> tsnep: Fix XDP_RING_NEED_WAKEUP for empty fill ring Gerhard Engleder <gerhard(a)engleder-embedded.com> tsnep: Remove FCS for XDP data path Shenwei Wang <shenwei.wang(a)nxp.com> net: fec: fix the unhandled context fault from smmu Hangbin Liu <liuhangbin(a)gmail.com> selftests: bonding: do not test arp/ns target with mode balance-alb/tlb Zhipeng Lu <alexious(a)zju.edu.cn> fjes: fix memleaks in fjes_hw_setup Maciej Fijalkowski <maciej.fijalkowski(a)intel.com> i40e: update xdp_rxq_info::frag_size for ZC enabled Rx queue Maciej Fijalkowski <maciej.fijalkowski(a)intel.com> i40e: set xdp_rxq_info::frag_size Maciej Fijalkowski <maciej.fijalkowski(a)intel.com> xdp: reflect tail increase for MEM_TYPE_XSK_BUFF_POOL Maciej Fijalkowski <maciej.fijalkowski(a)intel.com> ice: update xdp_rxq_info::frag_size for ZC enabled Rx queue Maciej Fijalkowski <maciej.fijalkowski(a)intel.com> intel: xsk: initialize skb_frag_t::bv_offset in ZC drivers Maciej Fijalkowski <maciej.fijalkowski(a)intel.com> ice: remove redundant xdp_rxq_info registration Tirthendu Sarkar <tirthendu.sarkar(a)intel.com> i40e: handle multi-buffer packets that are shrunk by xdp prog Maciej Fijalkowski <maciej.fijalkowski(a)intel.com> ice: work on pre-XDP prog frag count Maciej Fijalkowski <maciej.fijalkowski(a)intel.com> xsk: fix usage of multi-buffer BPF helpers for ZC XDP Maciej Fijalkowski <maciej.fijalkowski(a)intel.com> xsk: make xsk_buff_pool responsible for clearing xdp_buff::flags Maciej Fijalkowski <maciej.fijalkowski(a)intel.com> xsk: recycle buffer in case Rx queue was full Jakub Kicinski <kuba(a)kernel.org> selftests: netdevsim: fix the udp_tunnel_nic test Jakub Kicinski <kuba(a)kernel.org> selftests: net: fix rps_default_mask with >32 CPUs Jenishkumar Maheshbhai Patel <jpatel2(a)marvell.com> net: mvpp2: clear BM pool before initialization Bernd Edlinger <bernd.edlinger(a)hotmail.de> net: stmmac: Wait a bit for the reset to take effect Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: validate NFPROTO_* family Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: restrict anonymous set and map names to 16 bytes Florian Westphal <fw(a)strlen.de> netfilter: nft_limit: reject configurations that cause integer overflow Frederic Weisbecker <frederic(a)kernel.org> rcu: Defer RCU kthreads wakeup when CPU is dying Dinghao Liu <dinghao.liu(a)zju.edu.cn> net/mlx5e: fix a potential double-free in fs_any_create_groups Zhipeng Lu <alexious(a)zju.edu.cn> net/mlx5e: fix a double-free in arfs_create_groups Leon Romanovsky <leon(a)kernel.org> net/mlx5e: Ignore IPsec replay window values on sender side Leon Romanovsky <leon(a)kernel.org> net/mlx5e: Allow software parsing when IPsec crypto is enabled Rahul Rameshbabu <rrameshbabu(a)nvidia.com> net/mlx5: Use mlx5 device constant for selecting CQ period mode for ASO Yevgeny Kliteynik <kliteyn(a)nvidia.com> net/mlx5: DR, Can't go to uplink vport on RX rule Yevgeny Kliteynik <kliteyn(a)nvidia.com> net/mlx5: DR, Use the right GVMI number for drop action Moshe Shemesh <moshe(a)nvidia.com> net/mlx5: Bridge, fix multicast packets sent to uplink Yishai Hadas <yishaih(a)nvidia.com> net/mlx5: Fix a WARN upon a callback command failure Vlad Buslov <vladbu(a)nvidia.com> net/mlx5e: Fix peer flow lists handling Tariq Toukan <tariqt(a)nvidia.com> net/mlx5e: Fix inconsistent hairpin RQT sizes Rahul Rameshbabu <rrameshbabu(a)nvidia.com> net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context Ido Schimmel <idosch(a)nvidia.com> net/sched: flower: Fix chain template offload Jakub Kicinski <kuba(a)kernel.org> selftests: fill in some missing configs for net Zhengchao Shao <shaozhengchao(a)huawei.com> ipv6: init the accept_queue's spinlocks in inet6_create Zhengchao Shao <shaozhengchao(a)huawei.com> netlink: fix potential sleeping issue in mqueue_flush_file Kuniyuki Iwashima <kuniyu(a)amazon.com> selftest: Don't reuse port for SO_INCOMING_CPU test. Salvatore Dipietro <dipiets(a)amazon.com> tcp: Add memory barrier to tcp_push() David Howells <dhowells(a)redhat.com> afs: Fix error handling with lookup via FS.InlineBulkStatus David Howells <dhowells(a)redhat.com> afs: Simplify error handling David Howells <dhowells(a)redhat.com> afs: Don't put afs_call in afs_wait_for_call_to_complete() David Howells <dhowells(a)redhat.com> afs: Wrap most op->error accesses with inline funcs David Howells <dhowells(a)redhat.com> afs: Use op->nr_iterations=-1 to indicate to begin fileserver iteration David Howells <dhowells(a)redhat.com> afs: Handle the VIO and UAEIO aborts explicitly David Howells <dhowells(a)redhat.com> rxrpc, afs: Allow afs to pin rxrpc_peer objects David Howells <dhowells(a)redhat.com> afs: Turn the afs_addr_list address array into an array of structs David Howells <dhowells(a)redhat.com> afs: Add comments on abort handling Oleg Nesterov <oleg(a)redhat.com> afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() David Howells <dhowells(a)redhat.com> afs: Hide silly-rename files from userspace Petr Pavlu <petr.pavlu(a)suse.com> tracing: Ensure visibility when inserting an element into tracing_map Dan Carpenter <dan.carpenter(a)linaro.org> netfs, fscache: Prevent Oops in fscache_put_cache() Sharath Srinivasan <sharath.srinivasan(a)oracle.com> net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv Horatiu Vultur <horatiu.vultur(a)microchip.com> net: micrel: Fix PTP frame parsing for lan8814 Arkadiusz Kubalewski <arkadiusz.kubalewski(a)intel.com> dpll: fix register pin with unregistered parent pin Arkadiusz Kubalewski <arkadiusz.kubalewski(a)intel.com> dpll: fix userspace availability of pins Arkadiusz Kubalewski <arkadiusz.kubalewski(a)intel.com> dpll: fix pin dump crash for rebound module Arkadiusz Kubalewski <arkadiusz.kubalewski(a)intel.com> dpll: fix broken error path in dpll_pin_alloc(..) Yunjian Wang <wangyunjian(a)huawei.com> tun: add missing rx stats accounting in tun_xdp_act Yunjian Wang <wangyunjian(a)huawei.com> tun: fix missing dropped counter in tun_xdp_act Jakub Kicinski <kuba(a)kernel.org> net: fix removing a namespace with conflicting altnames Michal Schmidt <mschmidt(a)redhat.com> idpf: distinguish vports by the dev_port attribute Eric Dumazet <edumazet(a)google.com> udp: fix busy polling Kuniyuki Iwashima <kuniyu(a)amazon.com> llc: Drop support for ETH_P_TR_802_2. Eric Dumazet <edumazet(a)google.com> llc: make llc_ui_sendmsg() more robust against bonding changes Lin Ma <linma(a)zju.edu.cn> vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Prevent kernel warning when running offline self test Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Wait for FLR to complete during probe Zhengchao Shao <shaozhengchao(a)huawei.com> tcp: make sure init the accept_queue's spinlocks once Benjamin Poirier <bpoirier(a)nvidia.com> selftests: bonding: Increase timeout to 1200s Wen Gu <guwen(a)linux.alibaba.com> net/smc: fix illegal rmb_desc access in SMC-D connection dump Qu Wenruo <wqu(a)suse.com> btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned Johannes Berg <johannes.berg(a)intel.com> wifi: mac80211: fix potential sta-link leak Lucas Stach <l.stach(a)pengutronix.de> SUNRPC: use request size to initialize bio_vec in svc_udp_sendto() Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: Add missing set_freezable() for freezable kthread Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: send lease break notification on FILE_RENAME_INFORMATION Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: don't increment epoch if current state and request state are same Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix potential circular locking issue in smb2_set_ea() Jonathan Gray <jsg(a)jsg.id.au> Revert "drm/amd: Enable PCIe PME from D3" Benjamin Berg <benjamin.berg(a)intel.com> wifi: ath11k: rely on mac80211 debugfs handling for vif Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: set v2 lease version on lease upgrade Charan Teja Kalla <quic_charante(a)quicinc.com> mm: page_alloc: unreserve highatomic page blocks before oom Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: improve do/while loop in sc16is7xx_irq() Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: remove obsolete loop in sc16is7xx_port_irq() Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: fix invalid sc16is7xx_lines bitfield in case of probe error Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: fix unconditional activation of THRI interrupt Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: change EFR lock to operate on each channels Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: remove unused line structure member Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: remove global regmap from struct sc16is7xx_port Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: remove wasteful static buffer in sc16is7xx_regmap_name() Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: improve regmap debugfs by using one regmap per port Al Viro <viro(a)zeniv.linux.org.uk> rename(): fix the locking of subdirectories Charan Teja Kalla <quic_charante(a)quicinc.com> mm/sparsemem: fix race in accessing memory_section->usage Baolin Wang <baolin.wang(a)linux.alibaba.com> mm: migrate: fix getting incorrect page mapping during page migration Steven Rostedt (Google) <rostedt(a)goodmis.org> mm/rmap: fix misplaced parenthesis of a likely() Donet Tom <donettom(a)linux.vnet.ibm.com> selftests: mm: hugepage-vmemmap fails on 64K page size systems James Gowans <jgowans(a)amazon.com> kexec: do syscore_shutdown() in kernel_kexec Muhammad Usama Anjum <usama.anjum(a)collabora.com> fs/proc/task_mmu: move mmu notification mechanism inside mm lock Di Shen <di.shen(a)unisoc.com> thermal: gov_power_allocator: avoid inability to reset a cdev Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path Huacai Chen <chenhuacai(a)kernel.org> kdump: defer the insertion of crashkernel resources Ma Wupeng <mawupeng1(a)huawei.com> efi: disable mirror feature during crashkernel Dave Airlie <airlied(a)redhat.com> nouveau/gsp: handle engines in runl without nonstall interrupts. Dave Airlie <airlied(a)redhat.com> nouveau/vmm: don't set addr on the fail path to avoid warning Mario Limonciello <mario.limonciello(a)amd.com> rtc: Extend timeout for waiting for UIP to clear to 1s Mario Limonciello <mario.limonciello(a)amd.com> rtc: Add support for configuring the UIP timeout for RTC reads Mario Limonciello <mario.limonciello(a)amd.com> rtc: mc146818-lib: Adjust failure return code for mc146818_get_time() Mario Limonciello <mario.limonciello(a)amd.com> rtc: Adjust failure return code for cmos_set_alarm() Mario Limonciello <mario.limonciello(a)amd.com> rtc: cmos: Use ACPI alarm for non-Intel x86 systems too Mark Rutland <mark.rutland(a)arm.com> arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD Mark Brown <broonie(a)kernel.org> arm64/sme: Always exit sme_alloc() early with existing storage Rob Herring <robh(a)kernel.org> arm64: errata: Add Cortex-A510 speculative unprivileged load workaround Rob Herring <robh(a)kernel.org> arm64: Rename ARM64_WORKAROUND_2966298 Andrew Jones <ajones(a)ventanamicro.com> RISC-V: selftests: cbo: Ensure asm operands match constraints Guo Ren <guoren(a)kernel.org> riscv: mm: Fixup compat mode boot failure Guo Ren <guoren(a)kernel.org> riscv: mm: Fixup compat arch_get_mmap_end Zheng Wang <zyytlz.wz(a)163.com> media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run Zheng Wang <zyytlz.wz(a)163.com> media: mtk-jpeg: Fix timeout schedule error in mtk_jpegdec_worker. Alain Volmat <alain.volmat(a)foss.st.com> media: i2c: st-mipid02: correct format propagation Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> mmc: mmc_spi: remove custom DMA mapped buffers Avri Altman <avri.altman(a)wdc.com> mmc: core: Use mrq.sbc in close-ended ffu Michael Grzeschik <m.grzeschik(a)pengutronix.de> media: videobuf2-dma-sg: fix vmap callback Vegard Nossum <vegard.nossum(a)oracle.com> scripts/get_abi: fix source path leak Vegard Nossum <vegard.nossum(a)oracle.com> docs: kernel_abi.py: fix command injection Jordan Rife <jrife(a)google.com> dlm: use kernel_connect() and kernel_bind() Alfred Piccioni <alpic(a)google.com> lsm: new security_file_ioctl_compat() hook Johan Hovold <johan+linaro(a)kernel.org> ARM: dts: qcom: sdx55: fix USB SS wakeup Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sdm670: fix USB SS wakeup Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sdm670: fix USB DP/DM HS PHY interrupts Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sc8180x: fix USB SS wakeup Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sc8180x: fix USB DP/DM HS PHY interrupts Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sm8150: fix USB SS wakeup Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sm8150: fix USB DP/DM HS PHY interrupts Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sdm845: fix USB SS wakeup Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts Johan Hovold <johan+linaro(a)kernel.org> ARM: dts: qcom: sdx55: fix USB DP/DM HS PHY interrupts Stephan Gerhold <stephan(a)gerhold.net> arm64: dts: qcom: Add missing vio-supply for AW2013 Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sc7280: fix usb_1 wakeup interrupt types Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sc8180x: fix USB wakeup interrupt types Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sm8150: fix USB wakeup interrupt types Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sdm670: fix USB wakeup interrupt types Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sdm845: fix USB wakeup interrupt types Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sc7180: fix USB wakeup interrupt types Stephan Gerhold <stephan(a)gerhold.net> arm64: dts: qcom: msm8939: Make blsp_dma controlled-remotely Stephan Gerhold <stephan(a)gerhold.net> arm64: dts: qcom: msm8916: Make blsp_dma controlled-remotely Sam Edwards <cfsworks(a)gmail.com> arm64: dts: rockchip: Fix rk3588 USB power-domain clocks Tianling Shen <cnsztl(a)gmail.com> arm64: dts: rockchip: configure eth pad driver strength for orangepi r1 plus lts Cixi Geng <cixi.geng1(a)unisoc.com> arm64: dts: sprd: fix the cpu node for UMS512 Johan Hovold <johan+linaro(a)kernel.org> ARM: dts: qcom: sdx55: fix pdc '#interrupt-cells' Paul Cercueil <paul(a)crapouillou.net> ARM: dts: samsung: exynos4210-i9100: Unconditionally enable LDO12 Johan Hovold <johan+linaro(a)kernel.org> ARM: dts: qcom: sdx55: fix USB wakeup interrupt types Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sc8280xp-crd: fix eDP phy compatible Andrejs Cainikovs <andrejs.cainikovs(a)toradex.com> ARM: dts: imx6q-apalis: add can power-up delay on ixora board Shyam Prasad N <sprasad(a)microsoft.com> cifs: update iface_last_update on each query-and-update Shyam Prasad N <sprasad(a)microsoft.com> cifs: handle servers that still advertise multichannel after disabling Paulo Alcantara <pc(a)manguebit.com> smb: client: fix parsing of SMB3.1.1 POSIX create context Geert Uytterhoeven <geert+renesas(a)glider.be> sh: ecovec24: Rename missed backlight field from fbdev to dev Niklas Cassel <cassel(a)kernel.org> scsi: core: Kick the requeue list after inserting when flushing Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> riscv: Fix an off-by-one in get_early_cmdline() Charlie Jenkins <charlie(a)rivosinc.com> riscv: Fix relocation_hashtable size Charlie Jenkins <charlie(a)rivosinc.com> riscv: Correctly free relocation hashtable on error Charlie Jenkins <charlie(a)rivosinc.com> riscv: Fix module loading free order Bart Van Assche <bvanassche(a)acm.org> scsi: ufs: core: Remove the ufshcd_hba_exit() call from ufshcd_async_scan() Miquel Raynal <miquel.raynal(a)bootlin.com> dmaengine: xilinx: xdma: Fix the count of elapsed periods in cyclic mode Rex Zhang <rex.zhang(a)intel.com> dmaengine: idxd: Move dma_free_coherent() out of spinlocked context Amelie Delaunay <amelie.delaunay(a)foss.st.com> dmaengine: fix NULL pointer in channel unregistration function Frank Li <Frank.Li(a)nxp.com> dmaengine: fsl-edma: fix eDMAv4 channel allocation issue Marcelo Schmitt <marcelo.schmitt(a)analog.com> iio: adc: ad7091r: Enable internal vref if external vref is not supplied Helge Deller <deller(a)gmx.de> parisc/power: Fix power soft-off button emulation on qemu Helge Deller <deller(a)gmx.de> parisc/firmware: Fix F-extend for PDC addresses Bhaumik Bhatt <bbhatt(a)codeaurora.org> bus: mhi: host: Add spinlock to protect WP access when queueing TREs Qiang Yu <quic_qianyu(a)quicinc.com> bus: mhi: host: Drop chan lock before queuing buffers Krishna chaitanya chundru <quic_krichai(a)quicinc.com> bus: mhi: host: Add alignment check for event ring read pointer Serge Semin <fancer.lancer(a)gmail.com> mips: Fix max_mapnr being uninitialized on early stages Eric Dumazet <edumazet(a)google.com> nbd: always initialize struct msghdr completely Nathan Lynch <nathanl(a)linux.ibm.com> seq_buf: Make DECLARE_SEQ_BUF() usable Tony Krowiak <akrowiak(a)linux.ibm.com> s390/vfio-ap: do not reset queue removed from host config Tony Krowiak <akrowiak(a)linux.ibm.com> s390/vfio-ap: reset queues associated with adapter for queue unbound from driver Tony Krowiak <akrowiak(a)linux.ibm.com> s390/vfio-ap: reset queues filtered from the guest's AP config Tony Krowiak <akrowiak(a)linux.ibm.com> s390/vfio-ap: let on_scan_complete() callback filter matrix and update guest's APCB Tony Krowiak <akrowiak(a)linux.ibm.com> s390/vfio-ap: loop over the shadow APCB when filtering guest's AP configuration Tony Krowiak <akrowiak(a)linux.ibm.com> s390/vfio-ap: always filter entire AP matrix Herve Codina <herve.codina(a)bootlin.com> soc: fsl: cpm1: qmc: Fix rx channel reset Herve Codina <herve.codina(a)bootlin.com> soc: fsl: cpm1: qmc: Fix __iomem addresses declaration Herve Codina <herve.codina(a)bootlin.com> soc: fsl: cpm1: tsa: Fix __iomem addresses declaration Bingbu Cao <bingbu.cao(a)intel.com> media: ov01a10: Enable runtime PM before registering async sub-device Bingbu Cao <bingbu.cao(a)intel.com> media: ov13b10: Enable runtime PM before registering async sub-device Bingbu Cao <bingbu.cao(a)intel.com> media: ov9734: Enable runtime PM before registering async sub-device Xiaolei Wang <xiaolei.wang(a)windriver.com> rpmsg: virtio: Free driver_override when rpmsg_remove() Bingbu Cao <bingbu.cao(a)intel.com> media: imx355: Enable runtime PM before registering async sub-device Johan Hovold <johan+linaro(a)kernel.org> soc: qcom: pmic_glink_altmode: fix port sanity check Miquel Raynal <miquel.raynal(a)bootlin.com> mtd: rawnand: Clarify conditions to enable continuous reads Miquel Raynal <miquel.raynal(a)bootlin.com> mtd: rawnand: Prevent sequential reads with on-die ECC engines Miquel Raynal <miquel.raynal(a)bootlin.com> mtd: rawnand: Fix core interference with sequential reads Miquel Raynal <miquel.raynal(a)bootlin.com> mtd: rawnand: Prevent crossing LUN boundaries during sequential reads Miquel Raynal <miquel.raynal(a)bootlin.com> mtd: maps: vmu-flash: Fix the (mtd core) switch to ref counters Christian Marangi <ansuelsmth(a)gmail.com> PM / devfreq: Fix buffer overflow in trans_stat_show Anthony Krowiak <akrowiak(a)linux.ibm.com> s390/vfio-ap: unpin pages on gisc registration failure Herbert Xu <herbert(a)gondor.apana.org.au> crypto: s390/aes - Fix buffer overread in CTR mode Herbert Xu <herbert(a)gondor.apana.org.au> hwrng: core - Fix page fault dead lock on mmap-ed hwrng Hongchen Zhang <zhanghongchen(a)loongson.cn> PM: hibernate: Enforce ordering during image compression/decompression Herbert Xu <herbert(a)gondor.apana.org.au> crypto: api - Disallow identical driver names Gao Xiang <xiang(a)kernel.org> erofs: fix lz4 inplace decompression Tianjia Zhang <tianjia.zhang(a)linux.alibaba.com> crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init David Disseldorp <ddiss(a)suse.de> btrfs: sysfs: validate scrub_speed_max value Viresh Kumar <viresh.kumar(a)linaro.org> OPP: Pass rounded rate to _set_opp() Josef Bacik <josef(a)toxicpanda.com> arm64: properly install vmlinuz.efi Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PM: sleep: Fix possible deadlocks in core system-wide PM code Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> async: Introduce async_schedule_dev_nocall() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> async: Split async_schedule_node_domain() Suraj Jitindar Singh <surajjs(a)amazon.com> ext4: allow for the last group to be marked as trimmed Geoff Levand <geoff(a)infradead.org> powerpc/ps3_defconfig: Disable PPC64_BIG_ENDIAN_ELF_ABI_V2 Lukas Schauer <lukas(a)schauer.dev> pipe: wakeup wr_wait after setting max_usage Marcelo Schmitt <marcelo.schmitt(a)analog.com> iio: adc: ad7091r: Allow users to configure device events Marcelo Schmitt <marcelo.schmitt(a)analog.com> iio: adc: ad7091r: Set alert bit in config register Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> soundwire: fix initializing sysfs for same devices on different buses Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> soundwire: bus: introduce controller_id ------------- Diffstat: Documentation/ABI/testing/sysfs-class-devfreq | 3 + Documentation/admin-guide/abi-obsolete.rst | 2 +- Documentation/admin-guide/abi-removed.rst | 2 +- Documentation/admin-guide/abi-stable.rst | 2 +- Documentation/admin-guide/abi-testing.rst | 2 +- Documentation/arch/arm64/silicon-errata.rst | 2 + Documentation/filesystems/directory-locking.rst | 29 +- Documentation/filesystems/locking.rst | 5 +- Documentation/filesystems/overlayfs.rst | 16 +- Documentation/filesystems/porting.rst | 18 ++ Documentation/gpu/drm-kms.rst | 2 + Documentation/gpu/todo.rst | 7 +- Documentation/sphinx/kernel_abi.py | 56 +--- Makefile | 4 +- arch/alpha/kernel/rtc.c | 2 +- .../boot/dts/nxp/imx/imx6q-apalis-ixora-v1.2.dts | 2 + arch/arm/boot/dts/qcom/qcom-sdx55.dtsi | 10 +- arch/arm/boot/dts/samsung/exynos4210-i9100.dts | 8 + arch/arm/boot/dts/samsung/exynos4212-tab3.dtsi | 1 + arch/arm64/Kconfig | 18 ++ .../boot/dts/qcom/msm8916-longcheer-l8150.dts | 1 + .../boot/dts/qcom/msm8916-wingtech-wt88047.dts | 1 + arch/arm64/boot/dts/qcom/msm8916.dtsi | 1 + arch/arm64/boot/dts/qcom/msm8939.dtsi | 1 + arch/arm64/boot/dts/qcom/msm8953-xiaomi-mido.dts | 1 + arch/arm64/boot/dts/qcom/msm8953-xiaomi-tissot.dts | 1 + arch/arm64/boot/dts/qcom/msm8953-xiaomi-vince.dts | 1 + arch/arm64/boot/dts/qcom/sc7180.dtsi | 4 +- arch/arm64/boot/dts/qcom/sc7280.dtsi | 4 +- arch/arm64/boot/dts/qcom/sc8180x.dtsi | 16 +- arch/arm64/boot/dts/qcom/sc8280xp-crd.dts | 2 + arch/arm64/boot/dts/qcom/sdm670.dtsi | 8 +- arch/arm64/boot/dts/qcom/sdm845.dtsi | 16 +- arch/arm64/boot/dts/qcom/sm8150.dtsi | 16 +- .../dts/rockchip/rk3328-orangepi-r1-plus-lts.dts | 4 +- arch/arm64/boot/dts/rockchip/rk3588s.dtsi | 1 + arch/arm64/boot/dts/sprd/ums512.dtsi | 4 +- arch/arm64/boot/install.sh | 3 +- arch/arm64/kernel/cpu_errata.c | 21 +- arch/arm64/kernel/entry.S | 22 +- arch/arm64/kernel/fpsimd.c | 6 +- arch/arm64/tools/cpucaps | 2 +- arch/loongarch/kernel/smp.c | 1 - arch/loongarch/mm/tlb.c | 16 +- arch/mips/kernel/elf.c | 6 + arch/mips/lantiq/prom.c | 7 +- arch/mips/mm/init.c | 12 +- arch/parisc/kernel/firmware.c | 4 +- arch/powerpc/configs/ps3_defconfig | 1 + arch/riscv/boot/dts/sophgo/sg2042.dtsi | 80 +++-- arch/riscv/include/asm/pgtable.h | 2 +- arch/riscv/include/asm/processor.h | 2 +- arch/riscv/kernel/module.c | 14 +- arch/riscv/kernel/pi/cmdline_early.c | 3 +- arch/s390/crypto/aes_s390.c | 4 +- arch/s390/crypto/paes_s390.c | 4 +- arch/sh/boards/mach-ecovec24/setup.c | 2 +- arch/x86/include/asm/syscall_wrapper.h | 25 +- arch/x86/kernel/hpet.c | 2 +- arch/x86/kernel/rtc.c | 2 +- block/ioctl.c | 2 - block/partitions/core.c | 5 + crypto/algapi.c | 1 + drivers/base/power/main.c | 148 ++++----- drivers/base/power/trace.c | 2 +- drivers/block/nbd.c | 6 +- drivers/block/rbd.c | 22 +- drivers/bus/mhi/host/main.c | 29 +- drivers/char/hw_random/core.c | 34 +- drivers/cpufreq/amd-pstate.c | 7 +- drivers/cpufreq/intel_pstate.c | 55 ++-- drivers/cxl/core/region.c | 4 +- drivers/devfreq/devfreq.c | 57 ++-- drivers/dma/dmaengine.c | 3 + drivers/dma/fsl-edma-main.c | 8 + drivers/dma/idxd/device.c | 9 +- drivers/dma/xilinx/xdma.c | 6 +- drivers/dpll/dpll_core.c | 68 +++- drivers/dpll/dpll_core.h | 4 +- drivers/dpll/dpll_netlink.c | 57 +++- drivers/firmware/arm_ffa/driver.c | 12 + drivers/firmware/arm_scmi/clock.c | 3 +- drivers/firmware/arm_scmi/common.h | 1 + drivers/firmware/arm_scmi/mailbox.c | 14 + drivers/firmware/arm_scmi/perf.c | 23 +- drivers/firmware/arm_scmi/raw_mode.c | 12 +- drivers/firmware/arm_scmi/shmem.c | 6 + drivers/firmware/sysfb.c | 2 +- drivers/gpio/gpio-eic-sprd.c | 32 +- drivers/gpio/gpiolib-acpi.c | 14 + drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c | 6 +- drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 2 - drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_gart.c | 8 + drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 10 +- drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c | 17 +- drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 20 +- drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 10 +- drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 3 +- drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v10.c | 1 + drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v11.c | 1 + drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 9 +- .../drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c | 6 +- .../drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c | 5 + .../gpu/drm/amd/display/dc/bios/command_table2.c | 12 +- .../amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c | 2 +- .../amd/display/dc/clk_mgr/dcn314/dcn314_clk_mgr.c | 23 +- .../amd/display/dc/clk_mgr/dcn315/dcn315_clk_mgr.c | 2 +- .../amd/display/dc/clk_mgr/dcn316/dcn316_clk_mgr.c | 2 +- .../amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c | 2 +- drivers/gpu/drm/amd/display/dc/core/dc.c | 16 +- .../gpu/drm/amd/display/dc/core/dc_hw_sequencer.c | 2 +- drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 19 +- drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c | 176 ++++++++-- drivers/gpu/drm/amd/display/dc/dc_dmub_srv.h | 59 +++- drivers/gpu/drm/amd/display/dc/dc_helper.c | 6 +- drivers/gpu/drm/amd/display/dc/dce/dmub_abm_lcd.c | 14 +- .../gpu/drm/amd/display/dc/dce/dmub_hw_lock_mgr.c | 2 +- drivers/gpu/drm/amd/display/dc/dce/dmub_outbox.c | 2 +- drivers/gpu/drm/amd/display/dc/dce/dmub_psr.c | 33 +- .../gpu/drm/amd/display/dc/dcn20/dcn20_resource.c | 16 +- .../gpu/drm/amd/display/dc/dcn20/dcn20_resource.h | 1 + drivers/gpu/drm/amd/display/dc/dcn21/dcn21_hubp.c | 2 +- .../amd/display/dc/dcn31/dcn31_dio_link_encoder.c | 4 +- .../drm/amd/display/dc/dcn31/dcn31_panel_cntl.c | 4 +- drivers/gpu/drm/amd/display/dc/dcn32/dcn32_optc.c | 17 + .../gpu/drm/amd/display/dc/dcn32/dcn32_resource.c | 1 + .../drm/amd/display/dc/dcn321/dcn321_resource.c | 1 + drivers/gpu/drm/amd/display/dc/dcn35/dcn35_optc.c | 10 + .../gpu/drm/amd/display/dc/dml/dcn32/dcn32_fpu.c | 6 +- .../drm/amd/display/dc/dml2/display_mode_core.c | 30 +- .../amd/display/dc/dml2/dml2_translation_helper.c | 2 +- .../drm/amd/display/dc/hwss/dcn21/dcn21_hwseq.c | 4 +- .../drm/amd/display/dc/hwss/dcn30/dcn30_hwseq.c | 8 +- .../drm/amd/display/dc/hwss/dcn31/dcn31_hwseq.c | 4 +- .../drm/amd/display/dc/hwss/dcn32/dcn32_hwseq.c | 6 +- .../drm/amd/display/dc/hwss/dcn35/dcn35_hwseq.c | 8 +- drivers/gpu/drm/amd/display/dc/inc/core_types.h | 1 + drivers/gpu/drm/amd/display/dc/link/link_dpms.c | 8 +- .../display/dc/link/protocols/link_dp_capability.c | 2 +- .../amd/display/dc/link/protocols/link_dp_dpia.c | 3 +- .../drm/amd/display/dc/link/protocols/link_dpcd.c | 4 +- .../dc/link/protocols/link_edp_panel_control.c | 11 +- drivers/gpu/drm/amd/display/dmub/dmub_srv.h | 21 ++ drivers/gpu/drm/amd/display/dmub/src/dmub_srv.c | 15 + .../drm/amd/display/modules/power/power_helpers.c | 2 + drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 14 +- drivers/gpu/drm/amd/pm/swsmu/smu11/smu_v11_0.c | 2 + drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c | 2 + .../gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c | 54 +++- .../gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_6_ppt.c | 15 +- .../gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c | 54 +++- drivers/gpu/drm/bridge/analogix/anx7625.c | 7 +- drivers/gpu/drm/bridge/analogix/anx7625.h | 2 + drivers/gpu/drm/bridge/nxp-ptn3460.c | 6 +- drivers/gpu/drm/bridge/parade-ps8640.c | 23 ++ drivers/gpu/drm/bridge/samsung-dsim.c | 32 +- drivers/gpu/drm/bridge/sii902x.c | 42 ++- drivers/gpu/drm/drm_damage_helper.c | 3 +- drivers/gpu/drm/drm_plane.c | 14 + drivers/gpu/drm/exynos/exynos5433_drm_decon.c | 4 +- drivers/gpu/drm/exynos/exynos_drm_fimd.c | 4 +- drivers/gpu/drm/exynos/exynos_drm_gsc.c | 2 +- drivers/gpu/drm/i915/display/icl_dsi.c | 3 +- drivers/gpu/drm/i915/display/intel_psr.c | 14 +- drivers/gpu/drm/nouveau/nouveau_fence.c | 28 +- drivers/gpu/drm/nouveau/nouveau_fence.h | 5 +- drivers/gpu/drm/nouveau/nouveau_vmm.c | 3 + drivers/gpu/drm/nouveau/nvkm/engine/fifo/ga100.c | 4 + drivers/gpu/drm/nouveau/nvkm/engine/fifo/r535.c | 2 +- drivers/gpu/drm/nouveau/nvkm/subdev/gsp/base.c | 8 +- drivers/gpu/drm/panel/Kconfig | 2 + drivers/gpu/drm/panel/panel-edp.c | 7 +- drivers/gpu/drm/panel/panel-samsung-s6d7aa0.c | 2 +- drivers/gpu/drm/panel/panel-simple.c | 2 + drivers/gpu/drm/qxl/qxl_drv.c | 2 +- drivers/gpu/drm/tidss/tidss_crtc.c | 10 +- drivers/gpu/drm/vboxvideo/vbox_drv.c | 2 +- drivers/gpu/drm/virtio/virtgpu_drv.c | 2 +- drivers/gpu/drm/virtio/virtgpu_plane.c | 10 + drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 2 +- drivers/iio/adc/ad7091r-base.c | 169 ++++++++++ drivers/iio/adc/ad7091r-base.h | 8 + drivers/iio/adc/ad7091r5.c | 28 +- drivers/media/common/videobuf2/videobuf2-dma-sg.c | 10 +- drivers/media/i2c/imx290.c | 42 +-- drivers/media/i2c/imx355.c | 12 +- drivers/media/i2c/ov01a10.c | 18 +- drivers/media/i2c/ov13b10.c | 14 +- drivers/media/i2c/ov9734.c | 19 +- drivers/media/i2c/st-mipid02.c | 9 +- .../media/platform/mediatek/jpeg/mtk_jpeg_core.c | 12 +- drivers/media/v4l2-core/v4l2-cci.c | 52 ++- drivers/mmc/core/block.c | 46 ++- drivers/mmc/host/mmc_spi.c | 186 +---------- drivers/mtd/maps/vmu-flash.c | 2 +- drivers/mtd/nand/raw/nand_base.c | 87 ++++- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 8 + drivers/net/ethernet/engleder/tsnep_main.c | 17 +- drivers/net/ethernet/freescale/fec_main.c | 2 + drivers/net/ethernet/intel/i40e/i40e_main.c | 47 ++- drivers/net/ethernet/intel/i40e/i40e_txrx.c | 49 ++- drivers/net/ethernet/intel/i40e/i40e_xsk.c | 4 +- drivers/net/ethernet/intel/ice/ice_base.c | 37 ++- drivers/net/ethernet/intel/ice/ice_txrx.c | 19 +- drivers/net/ethernet/intel/ice/ice_txrx.h | 1 + drivers/net/ethernet/intel/ice/ice_txrx_lib.h | 31 +- drivers/net/ethernet/intel/ice/ice_xsk.c | 4 +- drivers/net/ethernet/intel/idpf/idpf_lib.c | 2 + drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c | 27 +- drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 5 +- .../mellanox/mlx5/core/en/fs_tt_redirect.c | 1 + .../net/ethernet/mellanox/mlx5/core/en/params.c | 4 +- drivers/net/ethernet/mellanox/mlx5/core/en/ptp.c | 2 +- .../ethernet/mellanox/mlx5/core/en_accel/ipsec.c | 10 +- drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c | 26 +- drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 5 +- .../ethernet/mellanox/mlx5/core/esw/bridge_mcast.c | 3 + drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.c | 2 + drivers/net/ethernet/mellanox/mlx5/core/lib/aso.c | 2 +- .../mellanox/mlx5/core/steering/dr_action.c | 17 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 3 + drivers/net/fjes/fjes_hw.c | 37 ++- drivers/net/hyperv/netvsc_drv.c | 4 +- drivers/net/phy/micrel.c | 11 + drivers/net/tun.c | 10 +- drivers/net/wireless/ath/ath11k/core.h | 4 - drivers/net/wireless/ath/ath11k/debugfs.c | 25 +- drivers/net/wireless/ath/ath11k/debugfs.h | 12 +- drivers/net/wireless/ath/ath11k/mac.c | 12 +- drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c | 4 +- drivers/opp/core.c | 6 +- drivers/parisc/power.c | 2 +- drivers/platform/mellanox/mlxbf-pmc.c | 4 +- drivers/platform/x86/intel/ifs/load.c | 3 +- .../uncore-frequency/uncore-frequency-common.c | 82 ++--- .../uncore-frequency/uncore-frequency-common.h | 32 +- drivers/platform/x86/p2sb.c | 180 ++++++++--- drivers/platform/x86/wmi.c | 16 +- drivers/rpmsg/virtio_rpmsg_bus.c | 1 + drivers/rtc/rtc-cmos.c | 28 +- drivers/rtc/rtc-mc146818-lib.c | 39 ++- drivers/s390/crypto/vfio_ap_ops.c | 269 ++++++++++------ drivers/s390/crypto/vfio_ap_private.h | 3 + drivers/scsi/scsi_error.c | 9 +- drivers/soc/fsl/qe/qmc.c | 35 +- drivers/soc/fsl/qe/tsa.c | 22 +- drivers/soc/qcom/pmic_glink_altmode.c | 4 +- drivers/soundwire/amd_manager.c | 8 + drivers/soundwire/bus.c | 4 + drivers/soundwire/debugfs.c | 2 +- drivers/soundwire/intel_auxdevice.c | 3 + drivers/soundwire/master.c | 2 +- drivers/soundwire/qcom.c | 3 + drivers/soundwire/slave.c | 12 +- drivers/spi/spi-bcm-qspi.c | 4 +- drivers/spi/spi-cadence.c | 17 +- drivers/spi/spi-intel-pci.c | 1 - drivers/spi/spi.c | 4 + drivers/thermal/gov_power_allocator.c | 2 +- drivers/thermal/intel/intel_hfi.c | 106 +++++-- drivers/tty/serial/sc16is7xx.c | 353 +++++++++++---------- drivers/ufs/core/ufshcd.c | 7 +- fs/afs/addr_list.c | 133 ++++---- fs/afs/cmservice.c | 5 +- fs/afs/dir.c | 70 ++-- fs/afs/dir_silly.c | 2 +- fs/afs/file.c | 7 +- fs/afs/fs_operation.c | 54 ++-- fs/afs/fs_probe.c | 11 +- fs/afs/fsclient.c | 8 +- fs/afs/inode.c | 2 +- fs/afs/internal.h | 88 +++-- fs/afs/misc.c | 10 +- fs/afs/proc.c | 9 +- fs/afs/rotate.c | 224 +++++++++---- fs/afs/rxrpc.c | 100 +++--- fs/afs/server.c | 53 +--- fs/afs/vl_alias.c | 57 +--- fs/afs/vl_list.c | 15 +- fs/afs/vl_probe.c | 19 +- fs/afs/vl_rotate.c | 98 +++--- fs/afs/vlclient.c | 98 ++++-- fs/afs/write.c | 6 +- fs/btrfs/extent-tree.c | 53 +++- fs/btrfs/inode.c | 22 +- fs/btrfs/ioctl.c | 7 + fs/btrfs/ref-verify.c | 6 +- fs/btrfs/scrub.c | 29 +- fs/btrfs/sysfs.c | 4 + fs/btrfs/tree-checker.c | 2 +- fs/btrfs/zoned.c | 8 +- fs/dlm/lowcomms.c | 14 +- fs/erofs/decompressor.c | 31 +- fs/exec.c | 3 + fs/ext4/mballoc.c | 15 +- fs/fscache/cache.c | 3 +- fs/ioctl.c | 3 +- fs/namei.c | 60 ++-- fs/nfsd/nfs4state.c | 26 +- fs/overlayfs/namei.c | 43 ++- fs/overlayfs/overlayfs.h | 23 +- fs/overlayfs/ovl_entry.h | 4 +- fs/overlayfs/readdir.c | 7 +- fs/overlayfs/super.c | 15 + fs/overlayfs/util.c | 53 ++-- fs/pipe.c | 7 +- fs/proc/task_mmu.c | 24 +- fs/smb/client/smb2ops.c | 10 +- fs/smb/client/smb2pdu.c | 108 ++++--- fs/smb/server/connection.c | 1 + fs/smb/server/ksmbd_netlink.h | 3 +- fs/smb/server/oplock.c | 16 +- fs/smb/server/smb2pdu.c | 8 +- fs/smb/server/transport_ipc.c | 4 +- fs/ubifs/dir.c | 2 + fs/xfs/xfs_super.c | 27 +- include/drm/drm_drv.h | 9 + include/drm/drm_file.h | 12 + include/drm/drm_plane.h | 10 + include/linux/async.h | 2 + include/linux/lsm_hook_defs.h | 2 + include/linux/mc146818rtc.h | 3 +- include/linux/mlx5/fs.h | 1 + include/linux/mlx5/mlx5_ifc.h | 2 +- include/linux/mmzone.h | 14 +- include/linux/mtd/rawnand.h | 2 + include/linux/rmap.h | 4 +- include/linux/security.h | 9 + include/linux/seq_buf.h | 3 +- include/linux/skmsg.h | 6 - include/linux/soundwire/sdw.h | 4 +- include/linux/syscalls.h | 1 + include/media/v4l2-cci.h | 11 + include/net/af_rxrpc.h | 15 +- include/net/inet_connection_sock.h | 8 + include/net/inet_sock.h | 5 - include/net/llc_pdu.h | 6 +- include/net/sch_generic.h | 4 + include/net/sock.h | 18 +- include/net/xdp_sock_drv.h | 27 ++ include/trace/events/afs.h | 25 ++ include/trace/events/rxrpc.h | 3 + include/uapi/linux/btrfs.h | 3 + kernel/async.c | 85 +++-- kernel/crash_core.c | 14 +- kernel/futex/core.c | 15 +- kernel/futex/pi.c | 11 +- kernel/irq/irqdesc.c | 2 +- kernel/kexec_core.c | 1 + kernel/power/swap.c | 38 +-- kernel/rcu/tree.c | 34 +- kernel/rcu/tree_exp.h | 3 +- kernel/time/clocksource.c | 25 +- kernel/time/tick-sched.c | 5 + kernel/trace/tracing_map.c | 7 +- lib/crypto/mpi/ec.c | 3 + mm/memblock.c | 3 + mm/migrate.c | 27 +- mm/mm_init.c | 6 + mm/page_alloc.c | 16 +- mm/sparse.c | 17 +- net/8021q/vlan_netlink.c | 4 + net/core/dev.c | 9 + net/core/dev.h | 3 + net/core/filter.c | 44 ++- net/core/request_sock.c | 3 - net/core/sock.c | 11 +- net/ipv4/af_inet.c | 3 + net/ipv4/inet_connection_sock.c | 4 + net/ipv4/tcp.c | 1 + net/ipv6/af_inet6.c | 3 + net/llc/af_llc.c | 24 +- net/llc/llc_core.c | 7 - net/mac80211/sta_info.c | 5 +- net/netfilter/nf_tables_api.c | 20 +- net/netfilter/nft_chain_filter.c | 11 +- net/netfilter/nft_compat.c | 12 + net/netfilter/nft_flow_offload.c | 5 + net/netfilter/nft_limit.c | 23 +- net/netfilter/nft_nat.c | 5 + net/netfilter/nft_rt.c | 5 + net/netfilter/nft_socket.c | 5 + net/netfilter/nft_synproxy.c | 7 +- net/netfilter/nft_tproxy.c | 5 + net/netfilter/nft_xfrm.c | 5 + net/netlink/af_netlink.c | 2 +- net/rds/af_rds.c | 2 +- net/rxrpc/af_rxrpc.c | 62 +++- net/rxrpc/ar-internal.h | 2 +- net/rxrpc/call_object.c | 17 +- net/rxrpc/peer_object.c | 58 ++-- net/rxrpc/sendmsg.c | 11 +- net/sched/cls_api.c | 9 +- net/sched/cls_flower.c | 23 ++ net/smc/smc_diag.c | 2 +- net/sunrpc/svcsock.c | 4 +- net/xdp/xsk.c | 12 +- net/xdp/xsk_buff_pool.c | 1 + scripts/get_abi.pl | 2 +- security/security.c | 18 ++ security/selinux/hooks.c | 28 ++ security/smack/smack_lsm.c | 1 + security/tomoyo/tomoyo.c | 1 + sound/soc/intel/boards/sof_sdw.c | 4 +- .../selftests/drivers/net/bonding/bond_options.sh | 8 +- .../testing/selftests/drivers/net/bonding/settings | 2 +- .../drivers/net/netdevsim/udp_tunnel_nic.sh | 9 + tools/testing/selftests/mm/hugepage-vmemmap.c | 29 +- tools/testing/selftests/net/config | 28 ++ tools/testing/selftests/net/rps_default_mask.sh | 6 +- tools/testing/selftests/net/so_incoming_cpu.c | 68 ++-- tools/testing/selftests/riscv/hwprobe/cbo.c | 18 +- 414 files changed, 4903 insertions(+), 2618 deletions(-)

1 year, 7 months

14
361
0 0

Re: Patch "i2c: rk3x: Adjust mask/value offset for i2c2 on rv1126" has been added to the 6.1-stable tree

by Tim Lunn

Hi, This patch should not be added to 6.1 stable since support for the Rockchip rv1126 SoC was only added later around 6.3. Regards Tim On 2/2/24 04:27, Sasha Levin wrote: > This is a note to let you know that I've just added the patch titled > > i2c: rk3x: Adjust mask/value offset for i2c2 on rv1126 > > to the 6.1-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > i2c-rk3x-adjust-mask-value-offset-for-i2c2-on-rv1126.patch > and it can be found in the queue-6.1 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > > commit 415eb64a74fe97dc85bcad99deaecfe57dce6b6a > Author: Tim Lunn <tim(a)feathertop.org> > Date: Sun Dec 3 23:39:59 2023 +1100 > > i2c: rk3x: Adjust mask/value offset for i2c2 on rv1126 > > [ Upstream commit 92a85b7c6262f19c65a1c115cf15f411ba65a57c ] > > Rockchip RV1126 is using old style i2c controller, the i2c2 > bus uses a non-sequential offset in the grf register for the > mask/value bits for this bus. > > This patch fixes i2c2 bus on rv1126 SoCs. > > Signed-off-by: Tim Lunn <tim(a)feathertop.org> > Acked-by: Heiko Stuebner <heiko(a)sntech.de> > Reviewed-by: Andi Shyti <andi.shyti(a)kernel.org> > Signed-off-by: Wolfram Sang <wsa(a)kernel.org> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > > diff --git a/drivers/i2c/busses/i2c-rk3x.c b/drivers/i2c/busses/i2c-rk3x.c > index 6aa4f1f06240..c8cd5cadcf56 100644 > --- a/drivers/i2c/busses/i2c-rk3x.c > +++ b/drivers/i2c/busses/i2c-rk3x.c > @@ -1295,8 +1295,12 @@ static int rk3x_i2c_probe(struct platform_device *pdev) > return -EINVAL; > } > > - /* 27+i: write mask, 11+i: value */ > - value = BIT(27 + bus_nr) | BIT(11 + bus_nr); > + /* rv1126 i2c2 uses non-sequential write mask 20, value 4 */ > + if (i2c->soc_data == &rv1126_soc_data && bus_nr == 2) > + value = BIT(20) | BIT(4); > + else > + /* 27+i: write mask, 11+i: value */ > + value = BIT(27 + bus_nr) | BIT(11 + bus_nr); > > ret = regmap_write(grf, i2c->soc_data->grf_offset, value); > if (ret != 0) {

1 year, 7 months

2
1
0 0

[PATCH ] mm/damon/sysfs-schemes: fix wrong DAMOS tried regions update timeout setup

by SeongJae Park

DAMON sysfs interface's update_schemes_tried_regions command has a timeout of two apply intervals of the DAMOS scheme. Having zero value DAMOS scheme apply interval means it will use the aggregation interval as the value. However, the timeout setup logic is mistakenly using the sampling interval insted of the aggregartion interval for the case. This could cause earlier-than-expected timeout of the command. Fix it. Fixes: 7d6fa31a2fd7 ("mm/damon/sysfs-schemes: add timeout for update_schemes_tried_regions") Cc: <stable(a)vger.kernel.org> # 6.7.x Signed-off-by: SeongJae Park <sj(a)kernel.org> --- mm/damon/sysfs-schemes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/damon/sysfs-schemes.c b/mm/damon/sysfs-schemes.c index 8dbaac6e5c2d..dd2fb5127009 100644 --- a/mm/damon/sysfs-schemes.c +++ b/mm/damon/sysfs-schemes.c @@ -2194,7 +2194,7 @@ static void damos_tried_regions_init_upd_status( sysfs_regions->upd_timeout_jiffies = jiffies + 2 * usecs_to_jiffies(scheme->apply_interval_us ? scheme->apply_interval_us : - ctx->attrs.sample_interval); + ctx->attrs.aggr_interval); } } -- 2.39.2

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 4.19 1/5] wifi: cfg80211: fix missing interfaces when dumping

by Sasha Levin

From: Michal Kazior <michal(a)plume.com> [ Upstream commit a6e4f85d3820d00694ed10f581f4c650445dbcda ] The nl80211_dump_interface() supports resumption in case nl80211_send_iface() doesn't have the resources to complete its work. The logic would store the progress as iteration offsets for rdev and wdev loops. However the logic did not properly handle resumption for non-last rdev. Assuming a system with 2 rdevs, with 2 wdevs each, this could happen: dump(cb=[0, 0]): if_start=cb[1] (=0) send rdev0.wdev0 -> ok send rdev0.wdev1 -> yield cb[1] = 1 dump(cb=[0, 1]): if_start=cb[1] (=1) send rdev0.wdev1 -> ok // since if_start=1 the rdev0.wdev0 got skipped // through if_idx < if_start send rdev1.wdev1 -> ok The if_start needs to be reset back to 0 upon wdev loop end. The problem is actually hard to hit on a desktop, and even on most routers. The prerequisites for this manifesting was: - more than 1 wiphy - a few handful of interfaces - dump without rdev or wdev filter I was seeing this with 4 wiphys 9 interfaces each. It'd miss 6 interfaces from the last wiphy reported to userspace. Signed-off-by: Michal Kazior <michal(a)plume.com> Link: https://msgid.link/20240116142340.89678-1-kazikcz@gmail.com Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- net/wireless/nl80211.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index e33c1175b158..f79700e5d801 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -2994,6 +2994,7 @@ static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback * if_idx++; } + if_start = 0; wp_idx++; } out: -- 2.43.0

1 year, 7 months

1
4
0 0

[PATCH AUTOSEL 5.4 1/6] wifi: cfg80211: fix missing interfaces when dumping

by Sasha Levin

From: Michal Kazior <michal(a)plume.com> [ Upstream commit a6e4f85d3820d00694ed10f581f4c650445dbcda ] The nl80211_dump_interface() supports resumption in case nl80211_send_iface() doesn't have the resources to complete its work. The logic would store the progress as iteration offsets for rdev and wdev loops. However the logic did not properly handle resumption for non-last rdev. Assuming a system with 2 rdevs, with 2 wdevs each, this could happen: dump(cb=[0, 0]): if_start=cb[1] (=0) send rdev0.wdev0 -> ok send rdev0.wdev1 -> yield cb[1] = 1 dump(cb=[0, 1]): if_start=cb[1] (=1) send rdev0.wdev1 -> ok // since if_start=1 the rdev0.wdev0 got skipped // through if_idx < if_start send rdev1.wdev1 -> ok The if_start needs to be reset back to 0 upon wdev loop end. The problem is actually hard to hit on a desktop, and even on most routers. The prerequisites for this manifesting was: - more than 1 wiphy - a few handful of interfaces - dump without rdev or wdev filter I was seeing this with 4 wiphys 9 interfaces each. It'd miss 6 interfaces from the last wiphy reported to userspace. Signed-off-by: Michal Kazior <michal(a)plume.com> Link: https://msgid.link/20240116142340.89678-1-kazikcz@gmail.com Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- net/wireless/nl80211.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index 0926a30bc739..494de0161d2f 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -3350,6 +3350,7 @@ static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback * if_idx++; } + if_start = 0; wp_idx++; } out: -- 2.43.0

1 year, 7 months

1
5
0 0

[PATCH AUTOSEL 5.15 01/11] wifi: cfg80211: fix missing interfaces when dumping

by Sasha Levin

From: Michal Kazior <michal(a)plume.com> [ Upstream commit a6e4f85d3820d00694ed10f581f4c650445dbcda ] The nl80211_dump_interface() supports resumption in case nl80211_send_iface() doesn't have the resources to complete its work. The logic would store the progress as iteration offsets for rdev and wdev loops. However the logic did not properly handle resumption for non-last rdev. Assuming a system with 2 rdevs, with 2 wdevs each, this could happen: dump(cb=[0, 0]): if_start=cb[1] (=0) send rdev0.wdev0 -> ok send rdev0.wdev1 -> yield cb[1] = 1 dump(cb=[0, 1]): if_start=cb[1] (=1) send rdev0.wdev1 -> ok // since if_start=1 the rdev0.wdev0 got skipped // through if_idx < if_start send rdev1.wdev1 -> ok The if_start needs to be reset back to 0 upon wdev loop end. The problem is actually hard to hit on a desktop, and even on most routers. The prerequisites for this manifesting was: - more than 1 wiphy - a few handful of interfaces - dump without rdev or wdev filter I was seeing this with 4 wiphys 9 interfaces each. It'd miss 6 interfaces from the last wiphy reported to userspace. Signed-off-by: Michal Kazior <michal(a)plume.com> Link: https://msgid.link/20240116142340.89678-1-kazikcz@gmail.com Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- net/wireless/nl80211.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index 82b93380afec..4a8b701440eb 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -3737,6 +3737,7 @@ static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback * if_idx++; } + if_start = 0; wp_idx++; } out: -- 2.43.0

1 year, 7 months

1
10
0 0

[PATCH AUTOSEL 6.6 01/21] wifi: cfg80211: fix missing interfaces when dumping

by Sasha Levin

From: Michal Kazior <michal(a)plume.com> [ Upstream commit a6e4f85d3820d00694ed10f581f4c650445dbcda ] The nl80211_dump_interface() supports resumption in case nl80211_send_iface() doesn't have the resources to complete its work. The logic would store the progress as iteration offsets for rdev and wdev loops. However the logic did not properly handle resumption for non-last rdev. Assuming a system with 2 rdevs, with 2 wdevs each, this could happen: dump(cb=[0, 0]): if_start=cb[1] (=0) send rdev0.wdev0 -> ok send rdev0.wdev1 -> yield cb[1] = 1 dump(cb=[0, 1]): if_start=cb[1] (=1) send rdev0.wdev1 -> ok // since if_start=1 the rdev0.wdev0 got skipped // through if_idx < if_start send rdev1.wdev1 -> ok The if_start needs to be reset back to 0 upon wdev loop end. The problem is actually hard to hit on a desktop, and even on most routers. The prerequisites for this manifesting was: - more than 1 wiphy - a few handful of interfaces - dump without rdev or wdev filter I was seeing this with 4 wiphys 9 interfaces each. It'd miss 6 interfaces from the last wiphy reported to userspace. Signed-off-by: Michal Kazior <michal(a)plume.com> Link: https://msgid.link/20240116142340.89678-1-kazikcz@gmail.com Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- net/wireless/nl80211.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index 0b0dfecedc50..c8bfacd5c8f3 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -4012,6 +4012,7 @@ static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback * if_idx++; } + if_start = 0; wp_idx++; } out: -- 2.43.0

1 year, 7 months

1
20
0 0

[PATCH v2 1/5] fuse: Fix VM_MAYSHARE and direct_io_allow_mmap

by Bernd Schubert

There were multiple issues with direct_io_allow_mmap: - fuse_link_write_file() was missing, resulting in warnings in fuse_write_file_get() and EIO from msync() - "vma->vm_ops = &fuse_file_vm_ops" was not set, but especially fuse_page_mkwrite is needed. The semantics of invalidate_inode_pages2() is so far not clearly defined in fuse_file_mmap. It dates back to commit 3121bfe76311 ("fuse: fix "direct_io" private mmap") Though, as direct_io_allow_mmap is a new feature, that was for MAP_PRIVATE only. As invalidate_inode_pages2() is calling into fuse_launder_folio() and writes out dirty pages, it should be safe to call invalidate_inode_pages2 for MAP_PRIVATE and MAP_SHARED as well. Cc: Hao Xu <howeyxu(a)tencent.com> Cc: stable(a)vger.kernel.org Fixes: e78662e818f9 ("fuse: add a new fuse init flag to relax restrictions in no cache mode") Signed-off-by: Bernd Schubert <bschubert(a)ddn.com> Reviewed-by: Amir Goldstein <amir73il(a)gmail.com> --- fs/fuse/file.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/fs/fuse/file.c b/fs/fuse/file.c index 148a71b8b4d0..243f469cac07 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c @@ -2476,7 +2476,10 @@ static int fuse_file_mmap(struct file *file, struct vm_area_struct *vma) invalidate_inode_pages2(file->f_mapping); - return generic_file_mmap(file, vma); + if (!(vma->vm_flags & VM_MAYSHARE)) { + /* MAP_PRIVATE */ + return generic_file_mmap(file, vma); + } } if ((vma->vm_flags & VM_SHARED) && (vma->vm_flags & VM_MAYWRITE)) -- 2.40.1

1 year, 7 months

4
8
0 0

+ nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() has been added to the -mm mm-hotfixes-unstable branch. Its filename is nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Subject: nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() Date: Wed, 31 Jan 2024 23:56:57 +0900 Syzbot reported a hang issue in migrate_pages_batch() called by mbind() and nilfs_lookup_dirty_data_buffers() called in the log writer of nilfs2. While migrate_pages_batch() locks a folio and waits for the writeback to complete, the log writer thread that should bring the writeback to completion picks up the folio being written back in nilfs_lookup_dirty_data_buffers() that it calls for subsequent log creation and was trying to lock the folio. Thus causing a deadlock. In the first place, it is unexpected that folios/pages in the middle of writeback will be updated and become dirty. Nilfs2 adds a checksum to verify the validity of the log being written and uses it for recovery at mount, so data changes during writeback are suppressed. Since this is broken, an unclean shutdown could potentially cause recovery to fail. Investigation revealed that the root cause is that the wait for writeback completion in nilfs_page_mkwrite() is conditional, and if the backing device does not require stable writes, data may be modified without waiting. Fix these issues by making nilfs_page_mkwrite() wait for writeback to finish regardless of the stable write requirement of the backing device. Link: https://lkml.kernel.org/r/20240131145657.4209-1-konishi.ryusuke@gmail.com Fixes: 1d1d1a767206 ("mm: only enforce stable page writes if the backing device requires it") Signed-off-by: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Reported-by: syzbot+ee2ae68da3b22d04cd8d(a)syzkaller.appspotmail.com Closes: https://lkml.kernel.org/r/00000000000047d819061004ad6c@google.com Tested-by: Ryusuke Konishi <konishi.ryusuke(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/nilfs2/file.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) --- a/fs/nilfs2/file.c~nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers +++ a/fs/nilfs2/file.c @@ -107,7 +107,13 @@ static vm_fault_t nilfs_page_mkwrite(str nilfs_transaction_commit(inode->i_sb); mapped: - folio_wait_stable(folio); + /* + * Since checksumming including data blocks is performed to determine + * the validity of the log to be written and used for recovery, it is + * necessary to wait for writeback to finish here, regardless of the + * stable write requirement of the backing device. + */ + folio_wait_writeback(folio); out: sb_end_pagefault(inode->i_sb); return vmf_fs_error(ret); _ Patches currently in -mm which might be from konishi.ryusuke(a)gmail.com are nilfs2-fix-data-corruption-in-dsync-block-recovery-for-small-block-sizes.patch nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch nilfs2-convert-segment-buffer-to-use-kmap_local.patch nilfs2-convert-nilfs_copy_buffer-to-use-kmap_local.patch nilfs2-convert-metadata-file-common-code-to-use-kmap_local.patch nilfs2-convert-sufile-to-use-kmap_local.patch nilfs2-convert-persistent-object-allocator-to-use-kmap_local.patch nilfs2-convert-dat-to-use-kmap_local.patch nilfs2-move-nilfs_bmap_write-call-out-of-nilfs_write_inode_common.patch nilfs2-do-not-acquire-rwsem-in-nilfs_bmap_write.patch nilfs2-convert-ifile-to-use-kmap_local.patch nilfs2-localize-highmem-mapping-for-checkpoint-creation-within-cpfile.patch nilfs2-localize-highmem-mapping-for-checkpoint-finalization-within-cpfile.patch nilfs2-localize-highmem-mapping-for-checkpoint-reading-within-cpfile.patch nilfs2-remove-nilfs_cpfile_getput_checkpoint.patch nilfs2-convert-cpfile-to-use-kmap_local.patch

1 year, 7 months

1
0
0 0

[PATCH] crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked

by Kim Phillips

The SEV platform device can be shutdown with a null psp_master, e.g., using DEBUG_TEST_DRIVER_REMOVE. Found using KASAN: [ 137.148210] ccp 0000:23:00.1: enabling device (0000 -> 0002) [ 137.162647] ccp 0000:23:00.1: no command queues available [ 137.170598] ccp 0000:23:00.1: sev enabled [ 137.174645] ccp 0000:23:00.1: psp enabled [ 137.178890] general protection fault, probably for non-canonical address 0xdffffc000000001e: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC KASAN NOPTI [ 137.182693] KASAN: null-ptr-deref in range [0x00000000000000f0-0x00000000000000f7] [ 137.182693] CPU: 93 PID: 1 Comm: swapper/0 Not tainted 6.8.0-rc1+ #311 [ 137.182693] RIP: 0010:__sev_platform_shutdown_locked+0x51/0x180 [ 137.182693] Code: 08 80 3c 08 00 0f 85 0e 01 00 00 48 8b 1d 67 b6 01 08 48 b8 00 00 00 00 00 fc ff df 48 8d bb f0 00 00 00 48 89 f9 48 c1 e9 03 <80> 3c 01 00 0f 85 fe 00 00 00 48 8b 9b f0 00 00 00 48 85 db 74 2c [ 137.182693] RSP: 0018:ffffc900000cf9b0 EFLAGS: 00010216 [ 137.182693] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 000000000000001e [ 137.182693] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 00000000000000f0 [ 137.182693] RBP: ffffc900000cf9c8 R08: 0000000000000000 R09: fffffbfff58f5a66 [ 137.182693] R10: ffffc900000cf9c8 R11: ffffffffac7ad32f R12: ffff8881e5052c28 [ 137.182693] R13: ffff8881e5052c28 R14: ffff8881758e43e8 R15: ffffffffac64abf8 [ 137.182693] FS: 0000000000000000(0000) GS:ffff889de7000000(0000) knlGS:0000000000000000 [ 137.182693] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.182693] CR2: 0000000000000000 CR3: 0000001cf7c7e000 CR4: 0000000000350ef0 [ 137.182693] Call Trace: [ 137.182693] <TASK> [ 137.182693] ? show_regs+0x6c/0x80 [ 137.182693] ? __die_body+0x24/0x70 [ 137.182693] ? die_addr+0x4b/0x80 [ 137.182693] ? exc_general_protection+0x126/0x230 [ 137.182693] ? asm_exc_general_protection+0x2b/0x30 [ 137.182693] ? __sev_platform_shutdown_locked+0x51/0x180 [ 137.182693] sev_firmware_shutdown.isra.0+0x1e/0x80 [ 137.182693] sev_dev_destroy+0x49/0x100 [ 137.182693] psp_dev_destroy+0x47/0xb0 [ 137.182693] sp_destroy+0xbb/0x240 [ 137.182693] sp_pci_remove+0x45/0x60 [ 137.182693] pci_device_remove+0xaa/0x1d0 [ 137.182693] device_remove+0xc7/0x170 [ 137.182693] really_probe+0x374/0xbe0 [ 137.182693] ? srso_return_thunk+0x5/0x5f [ 137.182693] __driver_probe_device+0x199/0x460 [ 137.182693] driver_probe_device+0x4e/0xd0 [ 137.182693] __driver_attach+0x191/0x3d0 [ 137.182693] ? __pfx___driver_attach+0x10/0x10 [ 137.182693] bus_for_each_dev+0x100/0x190 [ 137.182693] ? __pfx_bus_for_each_dev+0x10/0x10 [ 137.182693] ? __kasan_check_read+0x15/0x20 [ 137.182693] ? srso_return_thunk+0x5/0x5f [ 137.182693] ? _raw_spin_unlock+0x27/0x50 [ 137.182693] driver_attach+0x41/0x60 [ 137.182693] bus_add_driver+0x2a8/0x580 [ 137.182693] driver_register+0x141/0x480 [ 137.182693] __pci_register_driver+0x1d6/0x2a0 [ 137.182693] ? srso_return_thunk+0x5/0x5f [ 137.182693] ? esrt_sysfs_init+0x1cd/0x5d0 [ 137.182693] ? __pfx_sp_mod_init+0x10/0x10 [ 137.182693] sp_pci_init+0x22/0x30 [ 137.182693] sp_mod_init+0x14/0x30 [ 137.182693] ? __pfx_sp_mod_init+0x10/0x10 [ 137.182693] do_one_initcall+0xd1/0x470 [ 137.182693] ? __pfx_do_one_initcall+0x10/0x10 [ 137.182693] ? parameq+0x80/0xf0 [ 137.182693] ? srso_return_thunk+0x5/0x5f [ 137.182693] ? __kmalloc+0x3b0/0x4e0 [ 137.182693] ? kernel_init_freeable+0x92d/0x1050 [ 137.182693] ? kasan_populate_vmalloc_pte+0x171/0x190 [ 137.182693] ? srso_return_thunk+0x5/0x5f [ 137.182693] kernel_init_freeable+0xa64/0x1050 [ 137.182693] ? __pfx_kernel_init+0x10/0x10 [ 137.182693] kernel_init+0x24/0x160 [ 137.182693] ? __switch_to_asm+0x3e/0x70 [ 137.182693] ret_from_fork+0x40/0x80 [ 137.182693] ? __pfx_kernel_init+0x10/0x10 [ 137.182693] ret_from_fork_asm+0x1b/0x30 [ 137.182693] </TASK> [ 137.182693] Modules linked in: [ 137.538483] ---[ end trace 0000000000000000 ]--- Fixes: 1b05ece0c9315 ("crypto: ccp - During shutdown, check SEV data pointer before using") Cc: stable(a)vger.kernel.org Reviewed-by: Mario Limonciello <mario.limonciello(a)amd.com> Signed-off-by: Kim Phillips <kim.phillips(a)amd.com> --- drivers/crypto/ccp/sev-dev.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index fcaccd0b5a65..53b217a62104 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -534,10 +534,16 @@ EXPORT_SYMBOL_GPL(sev_platform_init); static int __sev_platform_shutdown_locked(int *error) { - struct sev_device *sev = psp_master->sev_data; + struct psp_device *psp = psp_master; + struct sev_device *sev; int ret; - if (!sev || sev->state == SEV_STATE_UNINIT) + if (!psp || !psp->sev_data) + return 0; + + sev = psp->sev_data; + + if (sev->state == SEV_STATE_UNINIT) return 0; ret = __sev_do_cmd_locked(SEV_CMD_SHUTDOWN, NULL, error); -- 2.34.1

1 year, 7 months

4
4
0 0

[PATCH regression fix 0/2] Input: atkbd - Fix Dell XPS 13 line suspend/resume regression

by Hans de Goede

Hi Dmitry, There have been multiple reports that the keyboard on Dell XPS 13 9350 / 9360 / 9370 models has stopped working after a suspend/resume after the merging of commit 936e4d49ecbc ("Input: atkbd - skip ATKBD_CMD_GETID in translated mode"). See the 4 closes tags in the first patch for 4 reports of this. I have been working with the first reporter on resolving this and testing on his Dell XPS 13 9360 confirms that these patches fix things. Unfortunately the commit causing the issue has also been picked up by multiple stable kernel series now. Can you please send these fixes to Linus ASAP, so that they can also be backported to the stable series ASAP ? Alternatively we could revert the commit causing this, but that commit is know to fix issues on a whole bunch of other laptops so I would rather not revert it. Regards, Hans Hans de Goede (2): Input: atkbd - Skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID Input: atkbd - Do not skip atkbd_deactivate() when skipping ATKBD_CMD_GETID drivers/input/keyboard/atkbd.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) -- 2.43.0

1 year, 7 months

3
8
0 0

[PATCH v5.10.y] netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()

by Ajay Kaher

From: Dan Carpenter <dan.carpenter(a)linaro.org> commit c301f0981fdd3fd1ffac6836b423c4d7a8e0eb63 upstream. The problem is in nft_byteorder_eval() where we are iterating through a loop and writing to dst[0], dst[1], dst[2] and so on... On each iteration we are writing 8 bytes. But dst[] is an array of u32 so each element only has space for 4 bytes. That means that every iteration overwrites part of the previous element. I spotted this bug while reviewing commit caf3ef7468f7 ("netfilter: nf_tables: prevent OOB access in nft_byteorder_eval") which is a related issue. I think that the reason we have not detected this bug in testing is that most of time we only write one element. Fixes: ce1e7989d989 ("netfilter: nft_byteorder: provide 64bit le/be conversion") Signed-off-by: Dan Carpenter <dan.carpenter(a)linaro.org> Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> [Ajay: Modified to apply on v5.10.y] Signed-off-by: Ajay Kaher <ajay.kaher(a)broadcom.com> --- include/net/netfilter/nf_tables.h | 4 ++-- net/netfilter/nft_byteorder.c | 5 +++-- net/netfilter/nft_meta.c | 2 +- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h index 2237657..2da11d8 100644 --- a/include/net/netfilter/nf_tables.h +++ b/include/net/netfilter/nf_tables.h @@ -142,9 +142,9 @@ static inline u16 nft_reg_load16(const u32 *sreg) return *(u16 *)sreg; } -static inline void nft_reg_store64(u32 *dreg, u64 val) +static inline void nft_reg_store64(u64 *dreg, u64 val) { - put_unaligned(val, (u64 *)dreg); + put_unaligned(val, dreg); } static inline u64 nft_reg_load64(const u32 *sreg) diff --git a/net/netfilter/nft_byteorder.c b/net/netfilter/nft_byteorder.c index 7b0b8fe..9d250bd 100644 --- a/net/netfilter/nft_byteorder.c +++ b/net/netfilter/nft_byteorder.c @@ -38,20 +38,21 @@ void nft_byteorder_eval(const struct nft_expr *expr, switch (priv->size) { case 8: { + u64 *dst64 = (void *)dst; u64 src64; switch (priv->op) { case NFT_BYTEORDER_NTOH: for (i = 0; i < priv->len / 8; i++) { src64 = nft_reg_load64(&src[i]); - nft_reg_store64(&dst[i], be64_to_cpu(src64)); + nft_reg_store64(&dst64[i], be64_to_cpu(src64)); } break; case NFT_BYTEORDER_HTON: for (i = 0; i < priv->len / 8; i++) { src64 = (__force __u64) cpu_to_be64(nft_reg_load64(&src[i])); - nft_reg_store64(&dst[i], src64); + nft_reg_store64(&dst64[i], src64); } break; } diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c index 44d9b38..cb5bb0e 100644 --- a/net/netfilter/nft_meta.c +++ b/net/netfilter/nft_meta.c @@ -63,7 +63,7 @@ nft_meta_get_eval_time(enum nft_meta_keys key, { switch (key) { case NFT_META_TIME_NS: - nft_reg_store64(dest, ktime_get_real_ns()); + nft_reg_store64((u64 *)dest, ktime_get_real_ns()); break; case NFT_META_TIME_DAY: nft_reg_store8(dest, nft_meta_weekday()); -- 2.7.4

1 year, 7 months

1
0
0 0

[for-linus][PATCH 13/13] eventfs: Keep all directory links at 1

by Steven Rostedt

From: "Steven Rostedt (Google)" <rostedt(a)goodmis.org> The directory link count in eventfs was somewhat bogus. It was only being updated when a directory child was being looked up and not on creation. One solution would be to update in get_attr() the link count by iterating the ei->children list and then adding 2. But that could slow down simple stat() calls, especially if it's done on all directories in eventfs. Another solution would be to add a parent pointer to the eventfs_inode and keep track of the number of sub directories it has on creation. But this adds overhead for something not really worthwhile. The solution decided upon is to keep all directory links in eventfs as 1. This tells user space not to rely on the hard links of directories. Which in this case it shouldn't. Link: https://lore.kernel.org/linux-trace-kernel/20240201002719.GS2087318@ZenIV/ Link: https://lore.kernel.org/linux-trace-kernel/20240201161617.339968298@goodmis… Cc: stable(a)vger.kernel.org Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Christian Brauner <brauner(a)kernel.org> Cc: Al Viro <viro(a)ZenIV.linux.org.uk> Cc: Ajay Kaher <ajay.kaher(a)broadcom.com> Fixes: c1504e510238 ("eventfs: Implement eventfs dir creation functions") Suggested-by: Al Viro <viro(a)zeniv.linux.org.uk> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- fs/tracefs/event_inode.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c index 9e031e5a2713..110e8a272189 100644 --- a/fs/tracefs/event_inode.c +++ b/fs/tracefs/event_inode.c @@ -404,9 +404,7 @@ static struct dentry *lookup_dir_entry(struct dentry *dentry, dentry->d_fsdata = get_ei(ei); - inc_nlink(inode); d_add(dentry, inode); - inc_nlink(dentry->d_parent->d_inode); return NULL; } @@ -769,9 +767,17 @@ struct eventfs_inode *eventfs_create_events_dir(const char *name, struct dentry dentry->d_fsdata = get_ei(ei); - /* directory inodes start off with i_nlink == 2 (for "." entry) */ - inc_nlink(inode); + /* + * Keep all eventfs directories with i_nlink == 1. + * Due to the dynamic nature of the dentry creations and not + * wanting to add a pointer to the parent eventfs_inode in the + * eventfs_inode structure, keeping the i_nlink in sync with the + * number of directories would cause too much complexity for + * something not worth much. Keeping directory links at 1 + * tells userspace not to trust the link number. + */ d_instantiate(dentry, inode); + /* The dentry of the "events" parent does keep track though */ inc_nlink(dentry->d_parent->d_inode); fsnotify_mkdir(dentry->d_parent->d_inode, dentry); tracefs_end_creating(dentry); -- 2.43.0

1 year, 7 months

1
0
0 0

[for-linus][PATCH 12/13] eventfs: Remove fsnotify*() functions from lookup()

by Steven Rostedt

From: "Steven Rostedt (Google)" <rostedt(a)goodmis.org> The dentries and inodes are created when referenced in the lookup code. There's no reason to call fsnotify_*() functions when they are created by a reference. It doesn't make any sense. Link: https://lore.kernel.org/linux-trace-kernel/20240201002719.GS2087318@ZenIV/ Link: https://lore.kernel.org/linux-trace-kernel/20240201161617.166973329@goodmis… Cc: stable(a)vger.kernel.org Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Christian Brauner <brauner(a)kernel.org> Cc: Al Viro <viro(a)ZenIV.linux.org.uk> Cc: Ajay Kaher <ajay.kaher(a)broadcom.com> Fixes: a376007917776 ("eventfs: Implement functions to create files and dirs when accessed"); Suggested-by: Al Viro <viro(a)zeniv.linux.org.uk> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- fs/tracefs/event_inode.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c index ca7daee7c811..9e031e5a2713 100644 --- a/fs/tracefs/event_inode.c +++ b/fs/tracefs/event_inode.c @@ -366,7 +366,6 @@ static struct dentry *lookup_file(struct eventfs_inode *parent_ei, dentry->d_fsdata = get_ei(parent_ei); d_add(dentry, inode); - fsnotify_create(dentry->d_parent->d_inode, dentry); return NULL; }; @@ -408,7 +407,6 @@ static struct dentry *lookup_dir_entry(struct dentry *dentry, inc_nlink(inode); d_add(dentry, inode); inc_nlink(dentry->d_parent->d_inode); - fsnotify_mkdir(dentry->d_parent->d_inode, dentry); return NULL; } -- 2.43.0

1 year, 7 months

1
0
0 0

[for-linus][PATCH 09/13] tracing/timerlat: Move hrtimer_init to timerlat_fd open()

by Steven Rostedt

From: Daniel Bristot de Oliveira <bristot(a)kernel.org> Currently, the timerlat's hrtimer is initialized at the first read of timerlat_fd, and destroyed at close(). It works, but it causes an error if the user program open() and close() the file without reading. Here's an example: # echo NO_OSNOISE_WORKLOAD > /sys/kernel/debug/tracing/osnoise/options # echo timerlat > /sys/kernel/debug/tracing/current_tracer # cat <<EOF > ./timerlat_load.py # !/usr/bin/env python3 timerlat_fd = open("/sys/kernel/tracing/osnoise/per_cpu/cpu0/timerlat_fd", 'r') timerlat_fd.close(); EOF # ./taskset -c 0 ./timerlat_load.py <BOOM> BUG: kernel NULL pointer dereference, address: 0000000000000010 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 1 PID: 2673 Comm: python3 Not tainted 6.6.13-200.fc39.x86_64 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39 04/01/2014 RIP: 0010:hrtimer_active+0xd/0x50 Code: 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 48 8b 57 30 <8b> 42 10 a8 01 74 09 f3 90 8b 42 10 a8 01 75 f7 80 7f 38 00 75 1d RSP: 0018:ffffb031009b7e10 EFLAGS: 00010286 RAX: 000000000002db00 RBX: ffff9118f786db08 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff9117a0e64400 RDI: ffff9118f786db08 RBP: ffff9118f786db80 R08: ffff9117a0ddd420 R09: ffff9117804d4f70 R10: 0000000000000000 R11: 0000000000000000 R12: ffff9118f786db08 R13: ffff91178fdd5e20 R14: ffff9117840978c0 R15: 0000000000000000 FS: 00007f2ffbab1740(0000) GS:ffff9118f7840000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000010 CR3: 00000001b402e000 CR4: 0000000000750ee0 PKRU: 55555554 Call Trace: <TASK> ? __die+0x23/0x70 ? page_fault_oops+0x171/0x4e0 ? srso_alias_return_thunk+0x5/0x7f ? avc_has_extended_perms+0x237/0x520 ? exc_page_fault+0x7f/0x180 ? asm_exc_page_fault+0x26/0x30 ? hrtimer_active+0xd/0x50 hrtimer_cancel+0x15/0x40 timerlat_fd_release+0x48/0xe0 __fput+0xf5/0x290 __x64_sys_close+0x3d/0x80 do_syscall_64+0x60/0x90 ? srso_alias_return_thunk+0x5/0x7f ? __x64_sys_ioctl+0x72/0xd0 ? srso_alias_return_thunk+0x5/0x7f ? syscall_exit_to_user_mode+0x2b/0x40 ? srso_alias_return_thunk+0x5/0x7f ? do_syscall_64+0x6c/0x90 ? srso_alias_return_thunk+0x5/0x7f ? exit_to_user_mode_prepare+0x142/0x1f0 ? srso_alias_return_thunk+0x5/0x7f ? syscall_exit_to_user_mode+0x2b/0x40 ? srso_alias_return_thunk+0x5/0x7f ? do_syscall_64+0x6c/0x90 entry_SYSCALL_64_after_hwframe+0x6e/0xd8 RIP: 0033:0x7f2ffb321594 Code: 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 80 3d d5 cd 0d 00 00 74 13 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3c c3 0f 1f 00 55 48 89 e5 48 83 ec 10 89 7d RSP: 002b:00007ffe8d8eef18 EFLAGS: 00000202 ORIG_RAX: 0000000000000003 RAX: ffffffffffffffda RBX: 00007f2ffba4e668 RCX: 00007f2ffb321594 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00007ffe8d8eef40 R08: 0000000000000000 R09: 0000000000000000 R10: 55c926e3167eae79 R11: 0000000000000202 R12: 0000000000000003 R13: 00007ffe8d8ef030 R14: 0000000000000000 R15: 00007f2ffba4e668 </TASK> CR2: 0000000000000010 ---[ end trace 0000000000000000 ]--- Move hrtimer_init to timerlat_fd open() to avoid this problem. Link: https://lore.kernel.org/linux-trace-kernel/7324dd3fc0035658c99b825204a66049… Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: stable(a)vger.kernel.org Fixes: e88ed227f639 ("tracing/timerlat: Add user-space interface") Signed-off-by: Daniel Bristot de Oliveira <bristot(a)kernel.org> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- kernel/trace/trace_osnoise.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/kernel/trace/trace_osnoise.c b/kernel/trace/trace_osnoise.c index bd0d01d00fb9..a8e28f9b9271 100644 --- a/kernel/trace/trace_osnoise.c +++ b/kernel/trace/trace_osnoise.c @@ -2444,6 +2444,9 @@ static int timerlat_fd_open(struct inode *inode, struct file *file) tlat = this_cpu_tmr_var(); tlat->count = 0; + hrtimer_init(&tlat->timer, CLOCK_MONOTONIC, HRTIMER_MODE_ABS_PINNED_HARD); + tlat->timer.function = timerlat_irq; + migrate_enable(); return 0; }; @@ -2526,9 +2529,6 @@ timerlat_fd_read(struct file *file, char __user *ubuf, size_t count, tlat->tracing_thread = false; tlat->kthread = current; - hrtimer_init(&tlat->timer, CLOCK_MONOTONIC, HRTIMER_MODE_ABS_PINNED_HARD); - tlat->timer.function = timerlat_irq; - /* Annotate now to drift new period */ tlat->abs_period = hrtimer_cb_get_time(&tlat->timer); -- 2.43.0

1 year, 7 months

1
0
0 0

[for-linus][PATCH 08/13] eventfs: Get rid of dentry pointers without refcounts

by Steven Rostedt

From: Linus Torvalds <torvalds(a)linux-foundation.org> The eventfs inode had pointers to dentries (and child dentries) without actually holding a refcount on said pointer. That is fundamentally broken, and while eventfs tried to then maintain coherence with dentries going away by hooking into the '.d_iput' callback, that doesn't actually work since it's not ordered wrt lookups. There were two reasonms why eventfs tried to keep a pointer to a dentry: - the creation of a 'events' directory would actually have a stable dentry pointer that it created with tracefs_start_creating(). And it needed that dentry when tearing it all down again in eventfs_remove_events_dir(). This use is actually ok, because the special top-level events directory dentries are actually stable, not just a temporary cache of the eventfs data structures. - the 'eventfs_inode' (aka ei) needs to stay around as long as there are dentries that refer to it. It then used these dentry pointers as a replacement for doing reference counting: it would try to make sure that there was only ever one dentry associated with an event_inode, and keep a child dentry array around to see which dentries might still refer to the parent ei. This gets rid of the invalid dentry pointer use, and renames the one valid case to a different name to make it clear that it's not just any random dentry. The magic child dentry array that is kind of a "reverse reference list" is simply replaced by having child dentries take a ref to the ei. As does the directory dentries. That makes the broken use case go away. Link: https://lore.kernel.org/linux-trace-kernel/202401291043.e62e89dc-oliver.san… Link: https://lore.kernel.org/linux-trace-kernel/20240131185513.280463000@goodmis… Cc: stable(a)vger.kernel.org Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Christian Brauner <brauner(a)kernel.org> Cc: Al Viro <viro(a)ZenIV.linux.org.uk> Cc: Ajay Kaher <ajay.kaher(a)broadcom.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Fixes: c1504e510238 ("eventfs: Implement eventfs dir creation functions") Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- fs/tracefs/event_inode.c | 248 ++++++++++++--------------------------- fs/tracefs/internal.h | 7 +- 2 files changed, 78 insertions(+), 177 deletions(-) diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c index b2285d5f3fed..515fdace1eea 100644 --- a/fs/tracefs/event_inode.c +++ b/fs/tracefs/event_inode.c @@ -62,6 +62,35 @@ enum { #define EVENTFS_MODE_MASK (EVENTFS_SAVE_MODE - 1) +/* + * eventfs_inode reference count management. + * + * NOTE! We count only references from dentries, in the + * form 'dentry->d_fsdata'. There are also references from + * directory inodes ('ti->private'), but the dentry reference + * count is always a superset of the inode reference count. + */ +static void release_ei(struct kref *ref) +{ + struct eventfs_inode *ei = container_of(ref, struct eventfs_inode, kref); + kfree(ei->entry_attrs); + kfree_const(ei->name); + kfree_rcu(ei, rcu); +} + +static inline void put_ei(struct eventfs_inode *ei) +{ + if (ei) + kref_put(&ei->kref, release_ei); +} + +static inline struct eventfs_inode *get_ei(struct eventfs_inode *ei) +{ + if (ei) + kref_get(&ei->kref); + return ei; +} + static struct dentry *eventfs_root_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags); @@ -289,7 +318,8 @@ static void update_inode_attr(struct dentry *dentry, struct inode *inode, * directory. The inode.i_private pointer will point to @data in the open() * call. */ -static struct dentry *lookup_file(struct dentry *dentry, +static struct dentry *lookup_file(struct eventfs_inode *parent_ei, + struct dentry *dentry, umode_t mode, struct eventfs_attr *attr, void *data, @@ -302,7 +332,7 @@ static struct dentry *lookup_file(struct dentry *dentry, mode |= S_IFREG; if (WARN_ON_ONCE(!S_ISREG(mode))) - return NULL; + return ERR_PTR(-EIO); inode = tracefs_get_inode(dentry->d_sb); if (unlikely(!inode)) @@ -321,9 +351,12 @@ static struct dentry *lookup_file(struct dentry *dentry, ti = get_tracefs(inode); ti->flags |= TRACEFS_EVENT_INODE; + // Files have their parent's ei as their fsdata + dentry->d_fsdata = get_ei(parent_ei); + d_add(dentry, inode); fsnotify_create(dentry->d_parent->d_inode, dentry); - return dentry; + return NULL; }; /** @@ -359,22 +392,29 @@ static struct dentry *lookup_dir_entry(struct dentry *dentry, /* Only directories have ti->private set to an ei, not files */ ti->private = ei; - dentry->d_fsdata = ei; - ei->dentry = dentry; // Remove me! + dentry->d_fsdata = get_ei(ei); inc_nlink(inode); d_add(dentry, inode); inc_nlink(dentry->d_parent->d_inode); fsnotify_mkdir(dentry->d_parent->d_inode, dentry); - return dentry; + return NULL; } -static void free_ei(struct eventfs_inode *ei) +static inline struct eventfs_inode *alloc_ei(const char *name) { - kfree_const(ei->name); - kfree(ei->d_children); - kfree(ei->entry_attrs); - kfree(ei); + struct eventfs_inode *ei = kzalloc(sizeof(*ei), GFP_KERNEL); + + if (!ei) + return NULL; + + ei->name = kstrdup_const(name, GFP_KERNEL); + if (!ei->name) { + kfree(ei); + return NULL; + } + kref_init(&ei->kref); + return ei; } /** @@ -385,39 +425,13 @@ static void free_ei(struct eventfs_inode *ei) */ void eventfs_d_release(struct dentry *dentry) { - struct eventfs_inode *ei; - int i; - - mutex_lock(&eventfs_mutex); - - ei = dentry->d_fsdata; - if (!ei) - goto out; - - /* This could belong to one of the files of the ei */ - if (ei->dentry != dentry) { - for (i = 0; i < ei->nr_entries; i++) { - if (ei->d_children[i] == dentry) - break; - } - if (WARN_ON_ONCE(i == ei->nr_entries)) - goto out; - ei->d_children[i] = NULL; - } else if (ei->is_freed) { - free_ei(ei); - } else { - ei->dentry = NULL; - } - - dentry->d_fsdata = NULL; - out: - mutex_unlock(&eventfs_mutex); + put_ei(dentry->d_fsdata); } /** * lookup_file_dentry - create a dentry for a file of an eventfs_inode * @ei: the eventfs_inode that the file will be created under - * @idx: the index into the d_children[] of the @ei + * @idx: the index into the entry_attrs[] of the @ei * @parent: The parent dentry of the created file. * @name: The name of the file to create * @mode: The mode of the file. @@ -434,17 +448,11 @@ lookup_file_dentry(struct dentry *dentry, const struct file_operations *fops) { struct eventfs_attr *attr = NULL; - struct dentry **e_dentry = &ei->d_children[idx]; if (ei->entry_attrs) attr = &ei->entry_attrs[idx]; - dentry->d_fsdata = ei; // NOTE: ei of _parent_ - lookup_file(dentry, mode, attr, data, fops); - - *e_dentry = dentry; // Remove me - - return dentry; + return lookup_file(ei, dentry, mode, attr, data, fops); } /** @@ -465,6 +473,7 @@ static struct dentry *eventfs_root_lookup(struct inode *dir, struct tracefs_inode *ti; struct eventfs_inode *ei; const char *name = dentry->d_name.name; + struct dentry *result = NULL; ti = get_tracefs(dir); if (!(ti->flags & TRACEFS_EVENT_INODE)) @@ -481,7 +490,7 @@ static struct dentry *eventfs_root_lookup(struct inode *dir, continue; if (ei_child->is_freed) goto out; - lookup_dir_entry(dentry, ei, ei_child); + result = lookup_dir_entry(dentry, ei, ei_child); goto out; } @@ -498,12 +507,12 @@ static struct dentry *eventfs_root_lookup(struct inode *dir, if (entry->callback(name, &mode, &data, &fops) <= 0) goto out; - lookup_file_dentry(dentry, ei, i, mode, data, fops); + result = lookup_file_dentry(dentry, ei, i, mode, data, fops); goto out; } out: mutex_unlock(&eventfs_mutex); - return NULL; + return result; } /* @@ -653,25 +662,10 @@ struct eventfs_inode *eventfs_create_dir(const char *name, struct eventfs_inode if (!parent) return ERR_PTR(-EINVAL); - ei = kzalloc(sizeof(*ei), GFP_KERNEL); + ei = alloc_ei(name); if (!ei) return ERR_PTR(-ENOMEM); - ei->name = kstrdup_const(name, GFP_KERNEL); - if (!ei->name) { - kfree(ei); - return ERR_PTR(-ENOMEM); - } - - if (size) { - ei->d_children = kcalloc(size, sizeof(*ei->d_children), GFP_KERNEL); - if (!ei->d_children) { - kfree_const(ei->name); - kfree(ei); - return ERR_PTR(-ENOMEM); - } - } - ei->entries = entries; ei->nr_entries = size; ei->data = data; @@ -685,7 +679,7 @@ struct eventfs_inode *eventfs_create_dir(const char *name, struct eventfs_inode /* Was the parent freed? */ if (list_empty(&ei->list)) { - free_ei(ei); + put_ei(ei); ei = NULL; } return ei; @@ -720,28 +714,20 @@ struct eventfs_inode *eventfs_create_events_dir(const char *name, struct dentry if (IS_ERR(dentry)) return ERR_CAST(dentry); - ei = kzalloc(sizeof(*ei), GFP_KERNEL); + ei = alloc_ei(name); if (!ei) - goto fail_ei; + goto fail; inode = tracefs_get_inode(dentry->d_sb); if (unlikely(!inode)) goto fail; - if (size) { - ei->d_children = kcalloc(size, sizeof(*ei->d_children), GFP_KERNEL); - if (!ei->d_children) - goto fail; - } - - ei->dentry = dentry; + // Note: we have a ref to the dentry from tracefs_start_creating() + ei->events_dir = dentry; ei->entries = entries; ei->nr_entries = size; ei->is_events = 1; ei->data = data; - ei->name = kstrdup_const(name, GFP_KERNEL); - if (!ei->name) - goto fail; /* Save the ownership of this directory */ uid = d_inode(dentry->d_parent)->i_uid; @@ -772,7 +758,7 @@ struct eventfs_inode *eventfs_create_events_dir(const char *name, struct dentry inode->i_op = &eventfs_root_dir_inode_operations; inode->i_fop = &eventfs_file_operations; - dentry->d_fsdata = ei; + dentry->d_fsdata = get_ei(ei); /* directory inodes start off with i_nlink == 2 (for "." entry) */ inc_nlink(inode); @@ -784,72 +770,11 @@ struct eventfs_inode *eventfs_create_events_dir(const char *name, struct dentry return ei; fail: - kfree(ei->d_children); - kfree(ei); - fail_ei: + put_ei(ei); tracefs_failed_creating(dentry); return ERR_PTR(-ENOMEM); } -static LLIST_HEAD(free_list); - -static void eventfs_workfn(struct work_struct *work) -{ - struct eventfs_inode *ei, *tmp; - struct llist_node *llnode; - - llnode = llist_del_all(&free_list); - llist_for_each_entry_safe(ei, tmp, llnode, llist) { - /* This dput() matches the dget() from unhook_dentry() */ - for (int i = 0; i < ei->nr_entries; i++) { - if (ei->d_children[i]) - dput(ei->d_children[i]); - } - /* This should only get here if it had a dentry */ - if (!WARN_ON_ONCE(!ei->dentry)) - dput(ei->dentry); - } -} - -static DECLARE_WORK(eventfs_work, eventfs_workfn); - -static void free_rcu_ei(struct rcu_head *head) -{ - struct eventfs_inode *ei = container_of(head, struct eventfs_inode, rcu); - - if (ei->dentry) { - /* Do not free the ei until all references of dentry are gone */ - if (llist_add(&ei->llist, &free_list)) - queue_work(system_unbound_wq, &eventfs_work); - return; - } - - /* If the ei doesn't have a dentry, neither should its children */ - for (int i = 0; i < ei->nr_entries; i++) { - WARN_ON_ONCE(ei->d_children[i]); - } - - free_ei(ei); -} - -static void unhook_dentry(struct dentry *dentry) -{ - if (!dentry) - return; - /* - * Need to add a reference to the dentry that is expected by - * simple_recursive_removal(), which will include a dput(). - */ - dget(dentry); - - /* - * Also add a reference for the dput() in eventfs_workfn(). - * That is required as that dput() will free the ei after - * the SRCU grace period is over. - */ - dget(dentry); -} - /** * eventfs_remove_rec - remove eventfs dir or file from list * @ei: eventfs_inode to be removed. @@ -862,8 +787,6 @@ static void eventfs_remove_rec(struct eventfs_inode *ei, int level) { struct eventfs_inode *ei_child; - if (!ei) - return; /* * Check recursion depth. It should never be greater than 3: * 0 - events/ @@ -875,28 +798,12 @@ static void eventfs_remove_rec(struct eventfs_inode *ei, int level) return; /* search for nested folders or files */ - list_for_each_entry_srcu(ei_child, &ei->children, list, - lockdep_is_held(&eventfs_mutex)) { - /* Children only have dentry if parent does */ - WARN_ON_ONCE(ei_child->dentry && !ei->dentry); + list_for_each_entry(ei_child, &ei->children, list) eventfs_remove_rec(ei_child, level + 1); - } - ei->is_freed = 1; - - for (int i = 0; i < ei->nr_entries; i++) { - if (ei->d_children[i]) { - /* Children only have dentry if parent does */ - WARN_ON_ONCE(!ei->dentry); - unhook_dentry(ei->d_children[i]); - } - } - - unhook_dentry(ei->dentry); - - list_del_rcu(&ei->list); - call_srcu(&eventfs_srcu, &ei->rcu, free_rcu_ei); + list_del(&ei->list); + put_ei(ei); } /** @@ -907,22 +814,12 @@ static void eventfs_remove_rec(struct eventfs_inode *ei, int level) */ void eventfs_remove_dir(struct eventfs_inode *ei) { - struct dentry *dentry; - if (!ei) return; mutex_lock(&eventfs_mutex); - dentry = ei->dentry; eventfs_remove_rec(ei, 0); mutex_unlock(&eventfs_mutex); - - /* - * If any of the ei children has a dentry, then the ei itself - * must have a dentry. - */ - if (dentry) - simple_recursive_removal(dentry, NULL); } /** @@ -935,7 +832,11 @@ void eventfs_remove_events_dir(struct eventfs_inode *ei) { struct dentry *dentry; - dentry = ei->dentry; + dentry = ei->events_dir; + if (!dentry) + return; + + ei->events_dir = NULL; eventfs_remove_dir(ei); /* @@ -945,5 +846,6 @@ void eventfs_remove_events_dir(struct eventfs_inode *ei) * sticks around while the other ei->dentry are created * and destroyed dynamically. */ + d_invalidate(dentry); dput(dentry); } diff --git a/fs/tracefs/internal.h b/fs/tracefs/internal.h index 4b50a0668055..1886f1826cd8 100644 --- a/fs/tracefs/internal.h +++ b/fs/tracefs/internal.h @@ -35,8 +35,7 @@ struct eventfs_attr { * @entries: the array of entries representing the files in the directory * @name: the name of the directory to create * @children: link list into the child eventfs_inode - * @dentry: the dentry of the directory - * @d_children: The array of dentries to represent the files when created + * @events_dir: the dentry of the events directory * @entry_attrs: Saved mode and ownership of the @d_children * @attr: Saved mode and ownership of eventfs_inode itself * @data: The private data to pass to the callbacks @@ -45,12 +44,12 @@ struct eventfs_attr { * @nr_entries: The number of items in @entries */ struct eventfs_inode { + struct kref kref; struct list_head list; const struct eventfs_entry *entries; const char *name; struct list_head children; - struct dentry *dentry; /* Check is_freed to access */ - struct dentry **d_children; + struct dentry *events_dir; struct eventfs_attr *entry_attrs; struct eventfs_attr attr; void *data; -- 2.43.0

1 year, 7 months

1
0
0 0

[for-linus][PATCH 07/13] eventfs: Clean up dentry ops and add revalidate function

by Steven Rostedt

From: Linus Torvalds <torvalds(a)linux-foundation.org> In order for the dentries to stay up-to-date with the eventfs changes, just add a 'd_revalidate' function that checks the 'is_freed' bit. Also, clean up the dentry release to actually use d_release() rather than the slightly odd d_iput() function. We don't care about the inode, all we want to do is to get rid of the refcount to the eventfs data added by dentry->d_fsdata. It would probably be cleaner to make eventfs its own filesystem, or at least set its own dentry ops when looking up eventfs files. But as it is, only eventfs dentries use d_fsdata, so we don't really need to split these things up by use. Another thing that might be worth doing is to make all eventfs lookups mark their dentries as not worth caching. We could do that with d_delete(), but the DCACHE_DONTCACHE flag would likely be even better. As it is, the dentries are all freeable, but they only tend to get freed at memory pressure rather than more proactively. But that's a separate issue. Link: https://lore.kernel.org/linux-trace-kernel/202401291043.e62e89dc-oliver.san… Link: https://lore.kernel.org/linux-trace-kernel/20240131185513.124644253@goodmis… Cc: stable(a)vger.kernel.org Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Christian Brauner <brauner(a)kernel.org> Cc: Al Viro <viro(a)ZenIV.linux.org.uk> Cc: Ajay Kaher <ajay.kaher(a)broadcom.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Fixes: c1504e510238 ("eventfs: Implement eventfs dir creation functions") Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- fs/tracefs/event_inode.c | 5 ++--- fs/tracefs/inode.c | 27 ++++++++++++++++++--------- fs/tracefs/internal.h | 3 ++- 3 files changed, 22 insertions(+), 13 deletions(-) diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c index 16ca8d9759b1..b2285d5f3fed 100644 --- a/fs/tracefs/event_inode.c +++ b/fs/tracefs/event_inode.c @@ -378,13 +378,12 @@ static void free_ei(struct eventfs_inode *ei) } /** - * eventfs_set_ei_status_free - remove the dentry reference from an eventfs_inode - * @ti: the tracefs_inode of the dentry + * eventfs_d_release - dentry is going away * @dentry: dentry which has the reference to remove. * * Remove the association between a dentry from an eventfs_inode. */ -void eventfs_set_ei_status_free(struct tracefs_inode *ti, struct dentry *dentry) +void eventfs_d_release(struct dentry *dentry) { struct eventfs_inode *ei; int i; diff --git a/fs/tracefs/inode.c b/fs/tracefs/inode.c index 5c84460feeeb..d65ffad4c327 100644 --- a/fs/tracefs/inode.c +++ b/fs/tracefs/inode.c @@ -377,21 +377,30 @@ static const struct super_operations tracefs_super_operations = { .show_options = tracefs_show_options, }; -static void tracefs_dentry_iput(struct dentry *dentry, struct inode *inode) +/* + * It would be cleaner if eventfs had its own dentry ops. + * + * Note that d_revalidate is called potentially under RCU, + * so it can't take the eventfs mutex etc. It's fine - if + * we open a file just as it's marked dead, things will + * still work just fine, and just see the old stale case. + */ +static void tracefs_d_release(struct dentry *dentry) { - struct tracefs_inode *ti; + if (dentry->d_fsdata) + eventfs_d_release(dentry); +} - if (!dentry || !inode) - return; +static int tracefs_d_revalidate(struct dentry *dentry, unsigned int flags) +{ + struct eventfs_inode *ei = dentry->d_fsdata; - ti = get_tracefs(inode); - if (ti && ti->flags & TRACEFS_EVENT_INODE) - eventfs_set_ei_status_free(ti, dentry); - iput(inode); + return !(ei && ei->is_freed); } static const struct dentry_operations tracefs_dentry_operations = { - .d_iput = tracefs_dentry_iput, + .d_revalidate = tracefs_d_revalidate, + .d_release = tracefs_d_release, }; static int trace_fill_super(struct super_block *sb, void *data, int silent) diff --git a/fs/tracefs/internal.h b/fs/tracefs/internal.h index 932733a2696a..4b50a0668055 100644 --- a/fs/tracefs/internal.h +++ b/fs/tracefs/internal.h @@ -78,6 +78,7 @@ struct dentry *tracefs_start_creating(const char *name, struct dentry *parent); struct dentry *tracefs_end_creating(struct dentry *dentry); struct dentry *tracefs_failed_creating(struct dentry *dentry); struct inode *tracefs_get_inode(struct super_block *sb); -void eventfs_set_ei_status_free(struct tracefs_inode *ti, struct dentry *dentry); + +void eventfs_d_release(struct dentry *dentry); #endif /* _TRACEFS_INTERNAL_H */ -- 2.43.0

1 year, 7 months

1
0
0 0

[for-linus][PATCH 06/13] eventfs: Remove unused d_parent pointer field

by Steven Rostedt

From: Linus Torvalds <torvalds(a)linux-foundation.org> It's never used Link: https://lore.kernel.org/linux-trace-kernel/202401291043.e62e89dc-oliver.san… Link: https://lore.kernel.org/linux-trace-kernel/20240131185512.961772428@goodmis… Cc: stable(a)vger.kernel.org Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Christian Brauner <brauner(a)kernel.org> Cc: Al Viro <viro(a)ZenIV.linux.org.uk> Cc: Ajay Kaher <ajay.kaher(a)broadcom.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Fixes: c1504e510238 ("eventfs: Implement eventfs dir creation functions") Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- fs/tracefs/event_inode.c | 4 +--- fs/tracefs/internal.h | 2 -- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c index 04c2ab90f93e..16ca8d9759b1 100644 --- a/fs/tracefs/event_inode.c +++ b/fs/tracefs/event_inode.c @@ -680,10 +680,8 @@ struct eventfs_inode *eventfs_create_dir(const char *name, struct eventfs_inode INIT_LIST_HEAD(&ei->list); mutex_lock(&eventfs_mutex); - if (!parent->is_freed) { + if (!parent->is_freed) list_add_tail(&ei->list, &parent->children); - ei->d_parent = parent->dentry; - } mutex_unlock(&eventfs_mutex); /* Was the parent freed? */ diff --git a/fs/tracefs/internal.h b/fs/tracefs/internal.h index 09037e2c173d..932733a2696a 100644 --- a/fs/tracefs/internal.h +++ b/fs/tracefs/internal.h @@ -36,7 +36,6 @@ struct eventfs_attr { * @name: the name of the directory to create * @children: link list into the child eventfs_inode * @dentry: the dentry of the directory - * @d_parent: pointer to the parent's dentry * @d_children: The array of dentries to represent the files when created * @entry_attrs: Saved mode and ownership of the @d_children * @attr: Saved mode and ownership of eventfs_inode itself @@ -51,7 +50,6 @@ struct eventfs_inode { const char *name; struct list_head children; struct dentry *dentry; /* Check is_freed to access */ - struct dentry *d_parent; struct dentry **d_children; struct eventfs_attr *entry_attrs; struct eventfs_attr attr; -- 2.43.0

1 year, 7 months

1
0
0 0

[for-linus][PATCH 05/13] tracefs: dentry lookup crapectomy

by Steven Rostedt

From: Linus Torvalds <torvalds(a)linux-foundation.org> The dentry lookup for eventfs files was very broken, and had lots of signs of the old situation where the filesystem names were all created statically in the dentry tree, rather than being looked up dynamically based on the eventfs data structures. You could see it in the naming - how it claimed to "create" dentries rather than just look up the dentries that were given it. You could see it in various nonsensical and very incorrect operations, like using "simple_lookup()" on the dentries that were passed in, which only results in those dentries becoming negative dentries. Which meant that any other lookup would possibly return ENOENT if it saw that negative dentry before the data was then later filled in. You could see it in the immense amount of nonsensical code that didn't actually just do lookups. Link: https://lore.kernel.org/linux-trace-kernel/202401291043.e62e89dc-oliver.san… Link: https://lore.kernel.org/linux-trace-kernel/20240131233227.73db55e1@gandalf.… Cc: stable(a)vger.kernel.org Cc: Al Viro <viro(a)ZenIV.linux.org.uk> Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Christian Brauner <brauner(a)kernel.org> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Ajay Kaher <ajay.kaher(a)broadcom.com> Cc: Mark Rutland <mark.rutland(a)arm.com> Fixes: c1504e510238 ("eventfs: Implement eventfs dir creation functions") Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- fs/tracefs/event_inode.c | 275 +++++++-------------------------------- fs/tracefs/inode.c | 69 ---------- fs/tracefs/internal.h | 3 - 3 files changed, 50 insertions(+), 297 deletions(-) diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c index e9819d719d2a..04c2ab90f93e 100644 --- a/fs/tracefs/event_inode.c +++ b/fs/tracefs/event_inode.c @@ -230,7 +230,6 @@ static struct eventfs_inode *eventfs_find_events(struct dentry *dentry) { struct eventfs_inode *ei; - mutex_lock(&eventfs_mutex); do { // The parent is stable because we do not do renames dentry = dentry->d_parent; @@ -247,7 +246,6 @@ static struct eventfs_inode *eventfs_find_events(struct dentry *dentry) } // Walk upwards until you find the events inode } while (!ei->is_events); - mutex_unlock(&eventfs_mutex); update_top_events_attr(ei, dentry->d_sb); @@ -280,11 +278,10 @@ static void update_inode_attr(struct dentry *dentry, struct inode *inode, } /** - * create_file - create a file in the tracefs filesystem - * @name: the name of the file to create. + * lookup_file - look up a file in the tracefs filesystem + * @dentry: the dentry to look up * @mode: the permission that the file should have. * @attr: saved attributes changed by user - * @parent: parent dentry for this file. * @data: something that the caller will want to get to later on. * @fop: struct file_operations that should be used for this file. * @@ -292,13 +289,13 @@ static void update_inode_attr(struct dentry *dentry, struct inode *inode, * directory. The inode.i_private pointer will point to @data in the open() * call. */ -static struct dentry *create_file(const char *name, umode_t mode, +static struct dentry *lookup_file(struct dentry *dentry, + umode_t mode, struct eventfs_attr *attr, - struct dentry *parent, void *data, + void *data, const struct file_operations *fop) { struct tracefs_inode *ti; - struct dentry *dentry; struct inode *inode; if (!(mode & S_IFMT)) @@ -307,15 +304,9 @@ static struct dentry *create_file(const char *name, umode_t mode, if (WARN_ON_ONCE(!S_ISREG(mode))) return NULL; - WARN_ON_ONCE(!parent); - dentry = eventfs_start_creating(name, parent); - - if (IS_ERR(dentry)) - return dentry; - inode = tracefs_get_inode(dentry->d_sb); if (unlikely(!inode)) - return eventfs_failed_creating(dentry); + return ERR_PTR(-ENOMEM); /* If the user updated the directory's attributes, use them */ update_inode_attr(dentry, inode, attr, mode); @@ -329,32 +320,29 @@ static struct dentry *create_file(const char *name, umode_t mode, ti = get_tracefs(inode); ti->flags |= TRACEFS_EVENT_INODE; - d_instantiate(dentry, inode); + + d_add(dentry, inode); fsnotify_create(dentry->d_parent->d_inode, dentry); - return eventfs_end_creating(dentry); + return dentry; }; /** - * create_dir - create a dir in the tracefs filesystem + * lookup_dir_entry - look up a dir in the tracefs filesystem + * @dentry: the directory to look up * @ei: the eventfs_inode that represents the directory to create - * @parent: parent dentry for this file. * - * This function will create a dentry for a directory represented by + * This function will look up a dentry for a directory represented by * a eventfs_inode. */ -static struct dentry *create_dir(struct eventfs_inode *ei, struct dentry *parent) +static struct dentry *lookup_dir_entry(struct dentry *dentry, + struct eventfs_inode *pei, struct eventfs_inode *ei) { struct tracefs_inode *ti; - struct dentry *dentry; struct inode *inode; - dentry = eventfs_start_creating(ei->name, parent); - if (IS_ERR(dentry)) - return dentry; - inode = tracefs_get_inode(dentry->d_sb); if (unlikely(!inode)) - return eventfs_failed_creating(dentry); + return ERR_PTR(-ENOMEM); /* If the user updated the directory's attributes, use them */ update_inode_attr(dentry, inode, &ei->attr, @@ -371,11 +359,14 @@ static struct dentry *create_dir(struct eventfs_inode *ei, struct dentry *parent /* Only directories have ti->private set to an ei, not files */ ti->private = ei; + dentry->d_fsdata = ei; + ei->dentry = dentry; // Remove me! + inc_nlink(inode); - d_instantiate(dentry, inode); + d_add(dentry, inode); inc_nlink(dentry->d_parent->d_inode); fsnotify_mkdir(dentry->d_parent->d_inode, dentry); - return eventfs_end_creating(dentry); + return dentry; } static void free_ei(struct eventfs_inode *ei) @@ -425,7 +416,7 @@ void eventfs_set_ei_status_free(struct tracefs_inode *ti, struct dentry *dentry) } /** - * create_file_dentry - create a dentry for a file of an eventfs_inode + * lookup_file_dentry - create a dentry for a file of an eventfs_inode * @ei: the eventfs_inode that the file will be created under * @idx: the index into the d_children[] of the @ei * @parent: The parent dentry of the created file. @@ -438,157 +429,21 @@ void eventfs_set_ei_status_free(struct tracefs_inode *ti, struct dentry *dentry) * address located at @e_dentry. */ static struct dentry * -create_file_dentry(struct eventfs_inode *ei, int idx, - struct dentry *parent, const char *name, umode_t mode, void *data, +lookup_file_dentry(struct dentry *dentry, + struct eventfs_inode *ei, int idx, + umode_t mode, void *data, const struct file_operations *fops) { struct eventfs_attr *attr = NULL; struct dentry **e_dentry = &ei->d_children[idx]; - struct dentry *dentry; - - WARN_ON_ONCE(!inode_is_locked(parent->d_inode)); - mutex_lock(&eventfs_mutex); - if (ei->is_freed) { - mutex_unlock(&eventfs_mutex); - return NULL; - } - /* If the e_dentry already has a dentry, use it */ - if (*e_dentry) { - dget(*e_dentry); - mutex_unlock(&eventfs_mutex); - return *e_dentry; - } - - /* ei->entry_attrs are protected by SRCU */ if (ei->entry_attrs) attr = &ei->entry_attrs[idx]; - mutex_unlock(&eventfs_mutex); - - dentry = create_file(name, mode, attr, parent, data, fops); + dentry->d_fsdata = ei; // NOTE: ei of _parent_ + lookup_file(dentry, mode, attr, data, fops); - mutex_lock(&eventfs_mutex); - - if (IS_ERR_OR_NULL(dentry)) { - /* - * When the mutex was released, something else could have - * created the dentry for this e_dentry. In which case - * use that one. - * - * If ei->is_freed is set, the e_dentry is currently on its - * way to being freed, don't return it. If e_dentry is NULL - * it means it was already freed. - */ - if (ei->is_freed) { - dentry = NULL; - } else { - dentry = *e_dentry; - dget(dentry); - } - mutex_unlock(&eventfs_mutex); - return dentry; - } - - if (!*e_dentry && !ei->is_freed) { - *e_dentry = dentry; - dentry->d_fsdata = ei; - } else { - /* - * Should never happen unless we get here due to being freed. - * Otherwise it means two dentries exist with the same name. - */ - WARN_ON_ONCE(!ei->is_freed); - dentry = NULL; - } - mutex_unlock(&eventfs_mutex); - - return dentry; -} - -/** - * eventfs_post_create_dir - post create dir routine - * @ei: eventfs_inode of recently created dir - * - * Map the meta-data of files within an eventfs dir to their parent dentry - */ -static void eventfs_post_create_dir(struct eventfs_inode *ei) -{ - struct eventfs_inode *ei_child; - - lockdep_assert_held(&eventfs_mutex); - - /* srcu lock already held */ - /* fill parent-child relation */ - list_for_each_entry_srcu(ei_child, &ei->children, list, - srcu_read_lock_held(&eventfs_srcu)) { - ei_child->d_parent = ei->dentry; - } -} - -/** - * create_dir_dentry - Create a directory dentry for the eventfs_inode - * @pei: The eventfs_inode parent of ei. - * @ei: The eventfs_inode to create the directory for - * @parent: The dentry of the parent of this directory - * - * This creates and attaches a directory dentry to the eventfs_inode @ei. - */ -static struct dentry * -create_dir_dentry(struct eventfs_inode *pei, struct eventfs_inode *ei, - struct dentry *parent) -{ - struct dentry *dentry = NULL; - - WARN_ON_ONCE(!inode_is_locked(parent->d_inode)); - - mutex_lock(&eventfs_mutex); - if (pei->is_freed || ei->is_freed) { - mutex_unlock(&eventfs_mutex); - return NULL; - } - if (ei->dentry) { - /* If the eventfs_inode already has a dentry, use it */ - dentry = ei->dentry; - dget(dentry); - mutex_unlock(&eventfs_mutex); - return dentry; - } - mutex_unlock(&eventfs_mutex); - - dentry = create_dir(ei, parent); - - mutex_lock(&eventfs_mutex); - - if (IS_ERR_OR_NULL(dentry) && !ei->is_freed) { - /* - * When the mutex was released, something else could have - * created the dentry for this e_dentry. In which case - * use that one. - * - * If ei->is_freed is set, the e_dentry is currently on its - * way to being freed. - */ - dentry = ei->dentry; - if (dentry) - dget(dentry); - mutex_unlock(&eventfs_mutex); - return dentry; - } - - if (!ei->dentry && !ei->is_freed) { - ei->dentry = dentry; - eventfs_post_create_dir(ei); - dentry->d_fsdata = ei; - } else { - /* - * Should never happen unless we get here due to being freed. - * Otherwise it means two dentries exist with the same name. - */ - WARN_ON_ONCE(!ei->is_freed); - dentry = NULL; - } - mutex_unlock(&eventfs_mutex); + *e_dentry = dentry; // Remove me return dentry; } @@ -607,79 +462,49 @@ static struct dentry *eventfs_root_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags) { - const struct file_operations *fops; - const struct eventfs_entry *entry; struct eventfs_inode *ei_child; struct tracefs_inode *ti; struct eventfs_inode *ei; - struct dentry *ei_dentry = NULL; - struct dentry *ret = NULL; - struct dentry *d; const char *name = dentry->d_name.name; - umode_t mode; - void *data; - int idx; - int i; - int r; ti = get_tracefs(dir); if (!(ti->flags & TRACEFS_EVENT_INODE)) - return NULL; - - /* Grab srcu to prevent the ei from going away */ - idx = srcu_read_lock(&eventfs_srcu); + return ERR_PTR(-EIO); - /* - * Grab the eventfs_mutex to consistent value from ti->private. - * This s - */ mutex_lock(&eventfs_mutex); - ei = READ_ONCE(ti->private); - if (ei && !ei->is_freed) - ei_dentry = READ_ONCE(ei->dentry); - mutex_unlock(&eventfs_mutex); - if (!ei || !ei_dentry) + ei = ti->private; + if (!ei || ei->is_freed) goto out; - data = ei->data; - - list_for_each_entry_srcu(ei_child, &ei->children, list, - srcu_read_lock_held(&eventfs_srcu)) { + list_for_each_entry(ei_child, &ei->children, list) { if (strcmp(ei_child->name, name) != 0) continue; - ret = simple_lookup(dir, dentry, flags); - if (IS_ERR(ret)) + if (ei_child->is_freed) goto out; - d = create_dir_dentry(ei, ei_child, ei_dentry); - dput(d); + lookup_dir_entry(dentry, ei, ei_child); goto out; } - for (i = 0; i < ei->nr_entries; i++) { - entry = &ei->entries[i]; - if (strcmp(name, entry->name) == 0) { - void *cdata = data; - mutex_lock(&eventfs_mutex); - /* If ei->is_freed, then the event itself may be too */ - if (!ei->is_freed) - r = entry->callback(name, &mode, &cdata, &fops); - else - r = -1; - mutex_unlock(&eventfs_mutex); - if (r <= 0) - continue; - ret = simple_lookup(dir, dentry, flags); - if (IS_ERR(ret)) - goto out; - d = create_file_dentry(ei, i, ei_dentry, name, mode, cdata, fops); - dput(d); - break; - } + for (int i = 0; i < ei->nr_entries; i++) { + void *data; + umode_t mode; + const struct file_operations *fops; + const struct eventfs_entry *entry = &ei->entries[i]; + + if (strcmp(name, entry->name) != 0) + continue; + + data = ei->data; + if (entry->callback(name, &mode, &data, &fops) <= 0) + goto out; + + lookup_file_dentry(dentry, ei, i, mode, data, fops); + goto out; } out: - srcu_read_unlock(&eventfs_srcu, idx); - return ret; + mutex_unlock(&eventfs_mutex); + return NULL; } /* diff --git a/fs/tracefs/inode.c b/fs/tracefs/inode.c index 888e42087847..5c84460feeeb 100644 --- a/fs/tracefs/inode.c +++ b/fs/tracefs/inode.c @@ -495,75 +495,6 @@ struct dentry *tracefs_end_creating(struct dentry *dentry) return dentry; } -/** - * eventfs_start_creating - start the process of creating a dentry - * @name: Name of the file created for the dentry - * @parent: The parent dentry where this dentry will be created - * - * This is a simple helper function for the dynamically created eventfs - * files. When the directory of the eventfs files are accessed, their - * dentries are created on the fly. This function is used to start that - * process. - */ -struct dentry *eventfs_start_creating(const char *name, struct dentry *parent) -{ - struct dentry *dentry; - int error; - - /* Must always have a parent. */ - if (WARN_ON_ONCE(!parent)) - return ERR_PTR(-EINVAL); - - error = simple_pin_fs(&trace_fs_type, &tracefs_mount, - &tracefs_mount_count); - if (error) - return ERR_PTR(error); - - if (unlikely(IS_DEADDIR(parent->d_inode))) - dentry = ERR_PTR(-ENOENT); - else - dentry = lookup_one_len(name, parent, strlen(name)); - - if (!IS_ERR(dentry) && dentry->d_inode) { - dput(dentry); - dentry = ERR_PTR(-EEXIST); - } - - if (IS_ERR(dentry)) - simple_release_fs(&tracefs_mount, &tracefs_mount_count); - - return dentry; -} - -/** - * eventfs_failed_creating - clean up a failed eventfs dentry creation - * @dentry: The dentry to clean up - * - * If after calling eventfs_start_creating(), a failure is detected, the - * resources created by eventfs_start_creating() needs to be cleaned up. In - * that case, this function should be called to perform that clean up. - */ -struct dentry *eventfs_failed_creating(struct dentry *dentry) -{ - dput(dentry); - simple_release_fs(&tracefs_mount, &tracefs_mount_count); - return NULL; -} - -/** - * eventfs_end_creating - Finish the process of creating a eventfs dentry - * @dentry: The dentry that has successfully been created. - * - * This function is currently just a place holder to match - * eventfs_start_creating(). In case any synchronization needs to be added, - * this function will be used to implement that without having to modify - * the callers of eventfs_start_creating(). - */ -struct dentry *eventfs_end_creating(struct dentry *dentry) -{ - return dentry; -} - /* Find the inode that this will use for default */ static struct inode *instance_inode(struct dentry *parent, struct inode *inode) { diff --git a/fs/tracefs/internal.h b/fs/tracefs/internal.h index 7d84349ade87..09037e2c173d 100644 --- a/fs/tracefs/internal.h +++ b/fs/tracefs/internal.h @@ -80,9 +80,6 @@ struct dentry *tracefs_start_creating(const char *name, struct dentry *parent); struct dentry *tracefs_end_creating(struct dentry *dentry); struct dentry *tracefs_failed_creating(struct dentry *dentry); struct inode *tracefs_get_inode(struct super_block *sb); -struct dentry *eventfs_start_creating(const char *name, struct dentry *parent); -struct dentry *eventfs_failed_creating(struct dentry *dentry); -struct dentry *eventfs_end_creating(struct dentry *dentry); void eventfs_set_ei_status_free(struct tracefs_inode *ti, struct dentry *dentry); #endif /* _TRACEFS_INTERNAL_H */ -- 2.43.0

1 year, 7 months

1
0
0 0

[for-linus][PATCH 04/13] tracefs: Avoid using the ei->dentry pointer unnecessarily

by Steven Rostedt

From: Linus Torvalds <torvalds(a)linux-foundation.org> The eventfs_find_events() code tries to walk up the tree to find the event directory that a dentry belongs to, in order to then find the eventfs inode that is associated with that event directory. However, it uses an odd combination of walking the dentry parent, looking up the eventfs inode associated with that, and then looking up the dentry from there. Repeat. But the code shouldn't have back-pointers to dentries in the first place, and it should just walk the dentry parenthood chain directly. Similarly, 'set_top_events_ownership()' looks up the dentry from the eventfs inode, but the only reason it wants a dentry is to look up the superblock in order to look up the root dentry. But it already has the real filesystem inode, which has that same superblock pointer. So just pass in the superblock pointer using the information that's already there, instead of looking up extraneous data that is irrelevant. Link: https://lore.kernel.org/linux-trace-kernel/202401291043.e62e89dc-oliver.san… Link: https://lore.kernel.org/linux-trace-kernel/20240131185512.638645365@goodmis… Cc: stable(a)vger.kernel.org Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Christian Brauner <brauner(a)kernel.org> Cc: Al Viro <viro(a)ZenIV.linux.org.uk> Cc: Ajay Kaher <ajay.kaher(a)broadcom.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Fixes: c1504e510238 ("eventfs: Implement eventfs dir creation functions") Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- fs/tracefs/event_inode.c | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c index 824b1811e342..e9819d719d2a 100644 --- a/fs/tracefs/event_inode.c +++ b/fs/tracefs/event_inode.c @@ -156,33 +156,30 @@ static int eventfs_set_attr(struct mnt_idmap *idmap, struct dentry *dentry, return ret; } -static void update_top_events_attr(struct eventfs_inode *ei, struct dentry *dentry) +static void update_top_events_attr(struct eventfs_inode *ei, struct super_block *sb) { - struct inode *inode; + struct inode *root; /* Only update if the "events" was on the top level */ if (!ei || !(ei->attr.mode & EVENTFS_TOPLEVEL)) return; /* Get the tracefs root inode. */ - inode = d_inode(dentry->d_sb->s_root); - ei->attr.uid = inode->i_uid; - ei->attr.gid = inode->i_gid; + root = d_inode(sb->s_root); + ei->attr.uid = root->i_uid; + ei->attr.gid = root->i_gid; } static void set_top_events_ownership(struct inode *inode) { struct tracefs_inode *ti = get_tracefs(inode); struct eventfs_inode *ei = ti->private; - struct dentry *dentry; /* The top events directory doesn't get automatically updated */ if (!ei || !ei->is_events || !(ei->attr.mode & EVENTFS_TOPLEVEL)) return; - dentry = ei->dentry; - - update_top_events_attr(ei, dentry); + update_top_events_attr(ei, inode->i_sb); if (!(ei->attr.mode & EVENTFS_SAVE_UID)) inode->i_uid = ei->attr.uid; @@ -235,8 +232,10 @@ static struct eventfs_inode *eventfs_find_events(struct dentry *dentry) mutex_lock(&eventfs_mutex); do { - /* The parent always has an ei, except for events itself */ - ei = dentry->d_parent->d_fsdata; + // The parent is stable because we do not do renames + dentry = dentry->d_parent; + // ... and directories always have d_fsdata + ei = dentry->d_fsdata; /* * If the ei is being freed, the ownership of the children @@ -246,12 +245,11 @@ static struct eventfs_inode *eventfs_find_events(struct dentry *dentry) ei = NULL; break; } - - dentry = ei->dentry; + // Walk upwards until you find the events inode } while (!ei->is_events); mutex_unlock(&eventfs_mutex); - update_top_events_attr(ei, dentry); + update_top_events_attr(ei, dentry->d_sb); return ei; } -- 2.43.0

1 year, 7 months

1
0
0 0

[for-linus][PATCH 03/13] eventfs: Initialize the tracefs inode properly

by Steven Rostedt

From: Linus Torvalds <torvalds(a)linux-foundation.org> The tracefs-specific fields in the inode were not initialized before the inode was exposed to others through the dentry with 'd_instantiate()'. Move the field initializations up to before the d_instantiate. Link: https://lore.kernel.org/linux-trace-kernel/20240131185512.478449628@goodmis… Cc: stable(a)vger.kernel.org Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Christian Brauner <brauner(a)kernel.org> Cc: Al Viro <viro(a)ZenIV.linux.org.uk> Cc: Ajay Kaher <ajay.kaher(a)broadcom.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Fixes: 5790b1fb3d672 ("eventfs: Remove eventfs_file and just use eventfs_inode") Reported-by: kernel test robot <oliver.sang(a)intel.com> Closes: https://lore.kernel.org/oe-lkp/202401291043.e62e89dc-oliver.sang@intel.com Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- fs/tracefs/event_inode.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c index 1c3dd0ad4660..824b1811e342 100644 --- a/fs/tracefs/event_inode.c +++ b/fs/tracefs/event_inode.c @@ -370,6 +370,8 @@ static struct dentry *create_dir(struct eventfs_inode *ei, struct dentry *parent ti = get_tracefs(inode); ti->flags |= TRACEFS_EVENT_INODE; + /* Only directories have ti->private set to an ei, not files */ + ti->private = ei; inc_nlink(inode); d_instantiate(dentry, inode); @@ -515,7 +517,6 @@ create_file_dentry(struct eventfs_inode *ei, int idx, static void eventfs_post_create_dir(struct eventfs_inode *ei) { struct eventfs_inode *ei_child; - struct tracefs_inode *ti; lockdep_assert_held(&eventfs_mutex); @@ -525,9 +526,6 @@ static void eventfs_post_create_dir(struct eventfs_inode *ei) srcu_read_lock_held(&eventfs_srcu)) { ei_child->d_parent = ei->dentry; } - - ti = get_tracefs(ei->dentry->d_inode); - ti->private = ei; } /** -- 2.43.0

1 year, 7 months

1
0
0 0

[for-linus][PATCH 02/13] tracefs: Zero out the tracefs_inode when allocating it

by Steven Rostedt

From: "Steven Rostedt (Google)" <rostedt(a)goodmis.org> eventfs uses the tracefs_inode and assumes that it's already initialized to zero. That is, it doesn't set fields to zero (like ti->private) after getting its tracefs_inode. This causes bugs due to stale values. Just initialize the entire structure to zero on allocation so there isn't any more surprises. This is a partial fix to access to ti->private. The assignment still needs to be made before the dentry is instantiated. Link: https://lore.kernel.org/linux-trace-kernel/20240131185512.315825944@goodmis… Cc: stable(a)vger.kernel.org Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Christian Brauner <brauner(a)kernel.org> Cc: Al Viro <viro(a)ZenIV.linux.org.uk> Cc: Ajay Kaher <ajay.kaher(a)broadcom.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Fixes: 5790b1fb3d672 ("eventfs: Remove eventfs_file and just use eventfs_inode") Reported-by: kernel test robot <oliver.sang(a)intel.com> Closes: https://lore.kernel.org/oe-lkp/202401291043.e62e89dc-oliver.sang@intel.com Suggested-by: Linus Torvalds <torvalds(a)linux-foundation.org> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- fs/tracefs/inode.c | 6 ++++-- fs/tracefs/internal.h | 3 ++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/fs/tracefs/inode.c b/fs/tracefs/inode.c index e1b172c0e091..888e42087847 100644 --- a/fs/tracefs/inode.c +++ b/fs/tracefs/inode.c @@ -38,8 +38,6 @@ static struct inode *tracefs_alloc_inode(struct super_block *sb) if (!ti) return NULL; - ti->flags = 0; - return &ti->vfs_inode; } @@ -779,7 +777,11 @@ static void init_once(void *foo) { struct tracefs_inode *ti = (struct tracefs_inode *) foo; + /* inode_init_once() calls memset() on the vfs_inode portion */ inode_init_once(&ti->vfs_inode); + + /* Zero out the rest */ + memset_after(ti, 0, vfs_inode); } static int __init tracefs_init(void) diff --git a/fs/tracefs/internal.h b/fs/tracefs/internal.h index 91c2bf0b91d9..7d84349ade87 100644 --- a/fs/tracefs/internal.h +++ b/fs/tracefs/internal.h @@ -11,9 +11,10 @@ enum { }; struct tracefs_inode { + struct inode vfs_inode; + /* The below gets initialized with memset_after(ti, 0, vfs_inode) */ unsigned long flags; void *private; - struct inode vfs_inode; }; /* -- 2.43.0

1 year, 7 months

1
0
0 0

[for-linus][PATCH 01/13] ring-buffer: Clean ring_buffer_poll_wait() error return

by Steven Rostedt

From: Vincent Donnefort <vdonnefort(a)google.com> The return type for ring_buffer_poll_wait() is __poll_t. This is behind the scenes an unsigned where we can set event bits. In case of a non-allocated CPU, we do return instead -EINVAL (0xffffffea). Lucky us, this ends up setting few error bits (EPOLLERR | EPOLLHUP | EPOLLNVAL), so user-space at least is aware something went wrong. Nonetheless, this is an incorrect code. Replace that -EINVAL with a proper EPOLLERR to clean that output. As this doesn't change the behaviour, there's no need to treat this change as a bug fix. Link: https://lore.kernel.org/linux-trace-kernel/20240131140955.3322792-1-vdonnef… Cc: stable(a)vger.kernel.org Fixes: 6721cb6002262 ("ring-buffer: Do not poll non allocated cpu buffers") Signed-off-by: Vincent Donnefort <vdonnefort(a)google.com> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- kernel/trace/ring_buffer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c index 13aaf5e85b81..fd4bfe3ecf01 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -944,7 +944,7 @@ __poll_t ring_buffer_poll_wait(struct trace_buffer *buffer, int cpu, full = 0; } else { if (!cpumask_test_cpu(cpu, buffer->cpumask)) - return -EINVAL; + return EPOLLERR; cpu_buffer = buffer->buffers[cpu]; work = &cpu_buffer->irq_work; -- 2.43.0

1 year, 7 months

1
0
0 0

[PATCH 6.7.y] Revert "drm/amd/display: Disable PSR-SU on Parade 0803 TCON again"

by Jonathan Gray

This reverts commit f015d8b6405d950f30826b4d8d9e1084dd9ea2a4. duplicated a change made in 6.7 e7ab758741672acb21c5d841a9f0309d30e48a06 Cc: stable(a)vger.kernel.org # 6.7 Signed-off-by: Jonathan Gray <jsg(a)jsg.id.au> --- drivers/gpu/drm/amd/display/modules/power/power_helpers.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/drivers/gpu/drm/amd/display/modules/power/power_helpers.c b/drivers/gpu/drm/amd/display/modules/power/power_helpers.c index 7806056ca1dd..1675314a3ff2 100644 --- a/drivers/gpu/drm/amd/display/modules/power/power_helpers.c +++ b/drivers/gpu/drm/amd/display/modules/power/power_helpers.c @@ -841,8 +841,6 @@ bool is_psr_su_specific_panel(struct dc_link *link) isPSRSUSupported = false; else if (dpcd_caps->sink_dev_id_str[1] == 0x08 && dpcd_caps->sink_dev_id_str[0] == 0x03) isPSRSUSupported = false; - else if (dpcd_caps->sink_dev_id_str[1] == 0x08 && dpcd_caps->sink_dev_id_str[0] == 0x03) - isPSRSUSupported = false; else if (dpcd_caps->psr_info.force_psrsu_cap == 0x1) isPSRSUSupported = true; } -- 2.43.0

1 year, 7 months

1
0
0 0

[PATCH 6.6.y] Revert "drm/amd/display: Disable PSR-SU on Parade 0803 TCON again"

by Jonathan Gray

This reverts commit 107a11637f43e7cdcca96c09525481e38b004455. duplicated a change made in 6.6.8 a8f922ad2f76a53383982132ee44d123b72533c5 Cc: stable(a)vger.kernel.org # 6.6 Signed-off-by: Jonathan Gray <jsg(a)jsg.id.au> --- drivers/gpu/drm/amd/display/modules/power/power_helpers.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/drivers/gpu/drm/amd/display/modules/power/power_helpers.c b/drivers/gpu/drm/amd/display/modules/power/power_helpers.c index 3af67b729f6c..2b3d5183818a 100644 --- a/drivers/gpu/drm/amd/display/modules/power/power_helpers.c +++ b/drivers/gpu/drm/amd/display/modules/power/power_helpers.c @@ -841,8 +841,6 @@ bool is_psr_su_specific_panel(struct dc_link *link) isPSRSUSupported = false; else if (dpcd_caps->sink_dev_id_str[1] == 0x08 && dpcd_caps->sink_dev_id_str[0] == 0x03) isPSRSUSupported = false; - else if (dpcd_caps->sink_dev_id_str[1] == 0x08 && dpcd_caps->sink_dev_id_str[0] == 0x03) - isPSRSUSupported = false; else if (dpcd_caps->psr_info.force_psrsu_cap == 0x1) isPSRSUSupported = true; } -- 2.43.0

1 year, 7 months

1
0
0 0

Re: Patch "Hexagon: Make pfn accessors statics inlines" has been added to the 6.1-stable tree

by Linus Walleij

On Thu, Feb 1, 2024 at 6:21 PM Sasha Levin <sashal(a)kernel.org> wrote: > This is a note to let you know that I've just added the patch titled > > Hexagon: Make pfn accessors statics inlines > > to the 6.1-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > hexagon-make-pfn-accessors-statics-inlines.patch > and it can be found in the queue-6.1 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. Please drop this patch from the stable trees, it is not a regression and there are bugs in the patch. Yours, Linus Walleij

1 year, 7 months

2
1
0 0

Re: Patch "Hexagon: Make pfn accessors statics inlines" has been added to the 5.15-stable tree

by Linus Walleij

On Thu, Feb 1, 2024 at 6:29 PM Sasha Levin <sashal(a)kernel.org> wrote: > This is a note to let you know that I've just added the patch titled > > Hexagon: Make pfn accessors statics inlines > > to the 5.15-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > hexagon-make-pfn-accessors-statics-inlines.patch > and it can be found in the queue-5.15 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. Please drop this patch from the stable trees, it is not a regression and there are bugs in the patch. Yours, Linus Walleij

1 year, 7 months

1
0
0 0

[PATCH] tracing/timerlat: Move hrtimer_init to timerlat_fd open()

by Daniel Bristot de Oliveira

Currently, the timerlat's hrtimer is initialized at the first read of timerlat_fd, and destroyed at close(). It works, but it causes an error if the user program open() and close() the file without reading. Move hrtimer_init to timerlat_fd open() to avoid this problem. No functional changes. Fixes: e88ed227f639 ("tracing/timerlat: Add user-space interface") Signed-off-by: Daniel Bristot de Oliveira <bristot(a)kernel.org> --- kernel/trace/trace_osnoise.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/kernel/trace/trace_osnoise.c b/kernel/trace/trace_osnoise.c index bd0d01d00fb9..a8e28f9b9271 100644 --- a/kernel/trace/trace_osnoise.c +++ b/kernel/trace/trace_osnoise.c @@ -2444,6 +2444,9 @@ static int timerlat_fd_open(struct inode *inode, struct file *file) tlat = this_cpu_tmr_var(); tlat->count = 0; + hrtimer_init(&tlat->timer, CLOCK_MONOTONIC, HRTIMER_MODE_ABS_PINNED_HARD); + tlat->timer.function = timerlat_irq; + migrate_enable(); return 0; }; @@ -2526,9 +2529,6 @@ timerlat_fd_read(struct file *file, char __user *ubuf, size_t count, tlat->tracing_thread = false; tlat->kthread = current; - hrtimer_init(&tlat->timer, CLOCK_MONOTONIC, HRTIMER_MODE_ABS_PINNED_HARD); - tlat->timer.function = timerlat_irq; - /* Annotate now to drift new period */ tlat->abs_period = hrtimer_cb_get_time(&tlat->timer); -- 2.43.0

1 year, 7 months

4
10
0 0

Re: Patch "Hexagon: Make pfn accessors statics inlines" has been added to the 6.7-stable tree

by Linus Walleij

Hi Sasha, On Thu, Feb 1, 2024 at 5:58 PM Sasha Levin <sashal(a)kernel.org> wrote: > This is a note to let you know that I've just added the patch titled > > Hexagon: Make pfn accessors statics inlines > > to the 6.7-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > hexagon-make-pfn-accessors-statics-inlines.patch > and it can be found in the queue-6.7 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. Please drop this patch from the stable queue, it is not a regression and we found bugs in the patch as well. Yours, Linus Walleij

1 year, 7 months

2
1
0 0

[PATCH net 0/9] mptcp: fixes for recent issues reported by CI's

by Matthieu Baerts (NGI0)

This series of 9 patches fixes issues mostly identified by CI's not managed by the MPTCP maintainers. Thank you Linero (LKFT) and Netdev maintainers (NIPA) for running our kunit and selftests tests! For the first patch, it took a bit of time to identify the root cause. Some MPTCP Join selftest subtests have been "flaky", mostly in slow environments. It appears to be due to the use of a TCP-specific helper on an MPTCP socket. A fix for kernels >= v5.15. Patches 2 to 4 add missing kernel config to support NetFilter tables needed for IPTables commands. These kconfigs are usually enabled in default configurations, but apparently not for all architectures. Patches 2 and 3 can be backported up to v5.11 and the 4th one up to v5.19. Patch 5 increases the time limit for MPTCP selftests. It appears that many CI's execute tests in a VM without acceleration supports, e.g. QEmu without KVM. As a result, the tests take longer. Plus, there are more and more tests. This patch modifies the timeout added in v5.18. Patch 6 reduces the maximum rate and delay of the different links in some Simult Flows selftest subtests. The goal is to let slow VMs reach the maximum speed. The original rate was introduced in v5.11. Patch 7 lets CI changing the prefix of the subtests titles, to be able to run the same selftest multiple times with different parameters. With different titles, tests will be considered as different and not override previous results as it is the case with some CI envs. Subtests have been introduced in v6.6. Patch 8 and 9 make some MPTCP Join selftest subtests quicker by stopping the transfer when the expected events have been seen. Patch 8 can be backported up to v6.5. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Matthieu Baerts (NGI0) (8): selftests: mptcp: add missing kconfig for NF Filter selftests: mptcp: add missing kconfig for NF Filter in v6 selftests: mptcp: add missing kconfig for NF Mangle selftests: mptcp: increase timeout to 30 min selftests: mptcp: decrease BW in simult flows selftests: mptcp: allow changing subtests prefix selftests: mptcp: join: stop transfer when check is done (part 1) selftests: mptcp: join: stop transfer when check is done (part 2) Paolo Abeni (1): mptcp: fix data re-injection from stale subflow net/mptcp/protocol.c | 3 --- tools/testing/selftests/net/mptcp/config | 3 +++ tools/testing/selftests/net/mptcp/mptcp_join.sh | 27 +++++++++-------------- tools/testing/selftests/net/mptcp/mptcp_lib.sh | 2 +- tools/testing/selftests/net/mptcp/settings | 2 +- tools/testing/selftests/net/mptcp/simult_flows.sh | 8 +++---- 6 files changed, 20 insertions(+), 25 deletions(-) --- base-commit: c9ec85153fea6873c52ed4f5055c87263f1b54f9 change-id: 20240131-upstream-net-20240131-mptcp-ci-issues-9d68b5601e74 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

1 year, 7 months

2
10
0 0

Re: Patch "Hexagon: Make pfn accessors statics inlines" has been added to the 6.6-stable tree

by Linus Walleij

On Thu, Feb 1, 2024 at 6:10 PM Sasha Levin <sashal(a)kernel.org> wrote: > This is a note to let you know that I've just added the patch titled > > Hexagon: Make pfn accessors statics inlines > > to the 6.6-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > hexagon-make-pfn-accessors-statics-inlines.patch > and it can be found in the queue-6.6 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. Please drop this patch from the stable queue. Yours, Linus Walleij

1 year, 7 months

1
0
0 0

[PATCH V2 net] hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove

by Souradeep Chakrabarti

In commit ac5047671758 ("hv_netvsc: Disable NAPI before closing the VMBus channel"), napi_disable was getting called for all channels, including all subchannels without confirming if they are enabled or not. This caused hv_netvsc getting hung at napi_disable, when netvsc_probe() has finished running but nvdev->subchan_work has not started yet. netvsc_subchan_work() -> rndis_set_subchannel() has not created the sub-channels and because of that netvsc_sc_open() is not running. netvsc_remove() calls cancel_work_sync(&nvdev->subchan_work), for which netvsc_subchan_work did not run. netif_napi_add() sets the bit NAPI_STATE_SCHED because it ensures NAPI cannot be scheduled. Then netvsc_sc_open() -> napi_enable will clear the NAPIF_STATE_SCHED bit, so it can be scheduled. napi_disable() does the opposite. Now during netvsc_device_remove(), when napi_disable is called for those subchannels, napi_disable gets stuck on infinite msleep. This fix addresses this problem by ensuring that napi_disable() is not getting called for non-enabled NAPI struct. But netif_napi_del() is still necessary for these non-enabled NAPI struct for cleanup purpose. Call trace: [ 654.559417] task:modprobe state:D stack: 0 pid: 2321 ppid: 1091 flags:0x00004002 [ 654.568030] Call Trace: [ 654.571221] <TASK> [ 654.573790] __schedule+0x2d6/0x960 [ 654.577733] schedule+0x69/0xf0 [ 654.581214] schedule_timeout+0x87/0x140 [ 654.585463] ? __bpf_trace_tick_stop+0x20/0x20 [ 654.590291] msleep+0x2d/0x40 [ 654.593625] napi_disable+0x2b/0x80 [ 654.597437] netvsc_device_remove+0x8a/0x1f0 [hv_netvsc] [ 654.603935] rndis_filter_device_remove+0x194/0x1c0 [hv_netvsc] [ 654.611101] ? do_wait_intr+0xb0/0xb0 [ 654.615753] netvsc_remove+0x7c/0x120 [hv_netvsc] [ 654.621675] vmbus_remove+0x27/0x40 [hv_vmbus] Cc: stable(a)vger.kernel.org Fixes: ac5047671758 ("hv_netvsc: Disable NAPI before closing the VMBus channel") Signed-off-by: Souradeep Chakrabarti <schakrabarti(a)linux.microsoft.com> Reviewed-by: Dexuan Cui <decui(a)microsoft.com> Reviewed-by: Haiyang Zhang <haiyangz(a)microsoft.com> --- V1 -> V2: Changed commit message, added some more details on napi NAPIF_STATE_SCHED bit set and reset. --- drivers/net/hyperv/netvsc.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/net/hyperv/netvsc.c b/drivers/net/hyperv/netvsc.c index 1dafa44155d0..a6fcbda64ecc 100644 --- a/drivers/net/hyperv/netvsc.c +++ b/drivers/net/hyperv/netvsc.c @@ -708,7 +708,10 @@ void netvsc_device_remove(struct hv_device *device) /* Disable NAPI and disassociate its context from the device. */ for (i = 0; i < net_device->num_chn; i++) { /* See also vmbus_reset_channel_cb(). */ - napi_disable(&net_device->chan_table[i].napi); + /* only disable enabled NAPI channel */ + if (i < ndev->real_num_rx_queues) + napi_disable(&net_device->chan_table[i].napi); + netif_napi_del(&net_device->chan_table[i].napi); } -- 2.34.1

1 year, 7 months

3
2
0 0

[PATCH 4/6] eventfs: Keep all directory links at 1

by Steven Rostedt

From: "Steven Rostedt (Google)" <rostedt(a)goodmis.org> The directory link count in eventfs was somewhat bogus. It was only being updated when a directory child was being looked up and not on creation. One solution would be to update in get_attr() the link count by iterating the ei->children list and then adding 2. But that could slow down simple stat() calls, especially if it's done on all directories in eventfs. Another solution would be to add a parent pointer to the eventfs_inode and keep track of the number of sub directories it has on creation. But this adds overhead for something not really worthwhile. The solution decided upon is to keep all directory links in eventfs as 1. This tells user space not to rely on the hard links of directories. Which in this case it shouldn't. Link: https://lore.kernel.org/linux-trace-kernel/20240201002719.GS2087318@ZenIV/ Cc: stable(a)vger.kernel.org Fixes: c1504e510238 ("eventfs: Implement eventfs dir creation functions") Suggested-by: Al Viro <viro(a)zeniv.linux.org.uk> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- fs/tracefs/event_inode.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c index 9e031e5a2713..110e8a272189 100644 --- a/fs/tracefs/event_inode.c +++ b/fs/tracefs/event_inode.c @@ -404,9 +404,7 @@ static struct dentry *lookup_dir_entry(struct dentry *dentry, dentry->d_fsdata = get_ei(ei); - inc_nlink(inode); d_add(dentry, inode); - inc_nlink(dentry->d_parent->d_inode); return NULL; } @@ -769,9 +767,17 @@ struct eventfs_inode *eventfs_create_events_dir(const char *name, struct dentry dentry->d_fsdata = get_ei(ei); - /* directory inodes start off with i_nlink == 2 (for "." entry) */ - inc_nlink(inode); + /* + * Keep all eventfs directories with i_nlink == 1. + * Due to the dynamic nature of the dentry creations and not + * wanting to add a pointer to the parent eventfs_inode in the + * eventfs_inode structure, keeping the i_nlink in sync with the + * number of directories would cause too much complexity for + * something not worth much. Keeping directory links at 1 + * tells userspace not to trust the link number. + */ d_instantiate(dentry, inode); + /* The dentry of the "events" parent does keep track though */ inc_nlink(dentry->d_parent->d_inode); fsnotify_mkdir(dentry->d_parent->d_inode, dentry); tracefs_end_creating(dentry); -- 2.43.0

1 year, 7 months

1
0
0 0

[PATCH 3/6] eventfs: Remove fsnotify*() functions from lookup()

by Steven Rostedt

From: "Steven Rostedt (Google)" <rostedt(a)goodmis.org> The dentries and inodes are created when referenced in the lookup code. There's no reason to call fsnotify_*() functions when they are created by a reference. It doesn't make any sense. Link: https://lore.kernel.org/linux-trace-kernel/20240201002719.GS2087318@ZenIV/ Cc: stable(a)vger.kernel.org Fixes: a376007917776 ("eventfs: Implement functions to create files and dirs when accessed"); Suggested-by: Al Viro <viro(a)zeniv.linux.org.uk> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- fs/tracefs/event_inode.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c index ca7daee7c811..9e031e5a2713 100644 --- a/fs/tracefs/event_inode.c +++ b/fs/tracefs/event_inode.c @@ -366,7 +366,6 @@ static struct dentry *lookup_file(struct eventfs_inode *parent_ei, dentry->d_fsdata = get_ei(parent_ei); d_add(dentry, inode); - fsnotify_create(dentry->d_parent->d_inode, dentry); return NULL; }; @@ -408,7 +407,6 @@ static struct dentry *lookup_dir_entry(struct dentry *dentry, inc_nlink(inode); d_add(dentry, inode); inc_nlink(dentry->d_parent->d_inode); - fsnotify_mkdir(dentry->d_parent->d_inode, dentry); return NULL; } -- 2.43.0

1 year, 7 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror