- Linux-stable-mirror - lists.linaro.org

[tip: perf/urgent] perf/core: Fix cpuctx refcounting

by tip-bot2 for Peter Zijlstra

The following commit has been merged into the perf/urgent branch of tip: Commit-ID: 889c58b3155ff4c8e8671c95daef63d6fabbb6b1 Gitweb: https://git.kernel.org/tip/889c58b3155ff4c8e8671c95daef63d6fabbb6b1 Author: Peter Zijlstra <peterz(a)infradead.org> AuthorDate: Fri, 09 Jun 2023 12:34:46 +02:00 Committer: Ingo Molnar <mingo(a)kernel.org> CommitterDate: Wed, 15 Nov 2023 04:18:31 +01:00 perf/core: Fix cpuctx refcounting Audit of the refcounting turned up that perf_pmu_migrate_context() fails to migrate the ctx refcount. Fixes: bd2756811766 ("perf: Rewrite core context handling") Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Link: https://lkml.kernel.org/r/20230612093539.085862001@infradead.org Cc: <stable(a)vger.kernel.org> --- include/linux/perf_event.h | 13 ++++++++----- kernel/events/core.c | 17 +++++++++++++++++ 2 files changed, 25 insertions(+), 5 deletions(-) diff --git a/include/linux/perf_event.h b/include/linux/perf_event.h index afb028c..5547ba6 100644 --- a/include/linux/perf_event.h +++ b/include/linux/perf_event.h @@ -843,11 +843,11 @@ struct perf_event { }; /* - * ,-----------------------[1:n]----------------------. - * V V - * perf_event_context <-[1:n]-> perf_event_pmu_context <--- perf_event - * ^ ^ | | - * `--------[1:n]---------' `-[n:1]-> pmu <-[1:n]-' + * ,-----------------------[1:n]------------------------. + * V V + * perf_event_context <-[1:n]-> perf_event_pmu_context <-[1:n]- perf_event + * | | + * `--[n:1]-> pmu <-[1:n]--' * * * struct perf_event_pmu_context lifetime is refcount based and RCU freed @@ -865,6 +865,9 @@ struct perf_event { * ctx->mutex pinning the configuration. Since we hold a reference on * group_leader (through the filedesc) it can't go away, therefore it's * associated pmu_ctx must exist and cannot change due to ctx->mutex. + * + * perf_event holds a refcount on perf_event_context + * perf_event holds a refcount on perf_event_pmu_context */ struct perf_event_pmu_context { struct pmu *pmu; diff --git a/kernel/events/core.c b/kernel/events/core.c index 683dc08..b704d83 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -4828,6 +4828,11 @@ find_get_pmu_context(struct pmu *pmu, struct perf_event_context *ctx, void *task_ctx_data = NULL; if (!ctx->task) { + /* + * perf_pmu_migrate_context() / __perf_pmu_install_event() + * relies on the fact that find_get_pmu_context() cannot fail + * for CPU contexts. + */ struct perf_cpu_pmu_context *cpc; cpc = per_cpu_ptr(pmu->cpu_pmu_context, event->cpu); @@ -12889,6 +12894,9 @@ static void __perf_pmu_install_event(struct pmu *pmu, int cpu, struct perf_event *event) { struct perf_event_pmu_context *epc; + struct perf_event_context *old_ctx = event->ctx; + + get_ctx(ctx); /* normally find_get_context() */ event->cpu = cpu; epc = find_get_pmu_context(pmu, ctx, event); @@ -12897,6 +12905,11 @@ static void __perf_pmu_install_event(struct pmu *pmu, if (event->state >= PERF_EVENT_STATE_OFF) event->state = PERF_EVENT_STATE_INACTIVE; perf_install_in_context(ctx, event, cpu); + + /* + * Now that event->ctx is updated and visible, put the old ctx. + */ + put_ctx(old_ctx); } static void __perf_pmu_install(struct perf_event_context *ctx, @@ -12935,6 +12948,10 @@ void perf_pmu_migrate_context(struct pmu *pmu, int src_cpu, int dst_cpu) struct perf_event_context *src_ctx, *dst_ctx; LIST_HEAD(events); + /* + * Since per-cpu context is persistent, no need to grab an extra + * reference. + */ src_ctx = &per_cpu_ptr(&perf_cpu_context, src_cpu)->ctx; dst_ctx = &per_cpu_ptr(&perf_cpu_context, dst_cpu)->ctx;

1 year, 7 months

1
0
0 0

[tip: locking/urgent] futex: Fix hardcoded flags

by tip-bot2 for Peter Zijlstra

The following commit has been merged into the locking/urgent branch of tip: Commit-ID: c9bd1568d5462f4108417518ce1af7b924acfb6f Gitweb: https://git.kernel.org/tip/c9bd1568d5462f4108417518ce1af7b924acfb6f Author: Peter Zijlstra <peterz(a)infradead.org> AuthorDate: Tue, 14 Nov 2023 21:36:13 +01:00 Committer: Ingo Molnar <mingo(a)kernel.org> CommitterDate: Wed, 15 Nov 2023 04:02:25 +01:00 futex: Fix hardcoded flags Xi reported that commit 5694289ce183 ("futex: Flag conversion") broke glibc's robust futex tests. This was narrowed down to the change of FLAGS_SHARED from 0x01 to 0x10, at which point Florian noted that handle_futex_death() has a hardcoded flags argument of 1. Change this to: FLAGS_SIZE_32 | FLAGS_SHARED, matching how futex_to_flags() unconditionally sets FLAGS_SIZE_32 for all legacy futex ops. Reported-by: Xi Ruoyao <xry111(a)xry111.site> Reported-by: Florian Weimer <fweimer(a)redhat.com> Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Link: https://lkml.kernel.org/r/20231114201402.GA25315@noisy.programming.kicks-as… Fixes: 5694289ce183 ("futex: Flag conversion") Cc: <stable(a)vger.kernel.org> --- kernel/futex/core.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/kernel/futex/core.c b/kernel/futex/core.c index 52695c5..dad981a 100644 --- a/kernel/futex/core.c +++ b/kernel/futex/core.c @@ -700,7 +700,8 @@ retry: owner = uval & FUTEX_TID_MASK; if (pending_op && !pi && !owner) { - futex_wake(uaddr, 1, 1, FUTEX_BITSET_MATCH_ANY); + futex_wake(uaddr, FLAGS_SIZE_32 | FLAGS_SHARED, 1, + FUTEX_BITSET_MATCH_ANY); return 0; } @@ -752,8 +753,10 @@ retry: * Wake robust non-PI futexes here. The wakeup of * PI futexes happens in exit_pi_state(): */ - if (!pi && (uval & FUTEX_WAITERS)) - futex_wake(uaddr, 1, 1, FUTEX_BITSET_MATCH_ANY); + if (!pi && (uval & FUTEX_WAITERS)) { + futex_wake(uaddr, FLAGS_SIZE_32 | FLAGS_SHARED, 1, + FUTEX_BITSET_MATCH_ANY); + } return 0; }

1 year, 7 months

1
0
0 0

[PATCH] pinctrl: avoid reload of p state in interation

by Maria Yu

When in the list_for_each_entry interation, reload of p->state->settings with a local setting from old_state will makes the list interation in a infite loop. Signed-off-by: Maria Yu <quic_aiquny(a)quicinc.com> --- drivers/pinctrl/core.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/pinctrl/core.c b/drivers/pinctrl/core.c index 1fa89be29b8f..f2977eb65522 100644 --- a/drivers/pinctrl/core.c +++ b/drivers/pinctrl/core.c @@ -1262,17 +1262,17 @@ static void pinctrl_link_add(struct pinctrl_dev *pctldev, static int pinctrl_commit_state(struct pinctrl *p, struct pinctrl_state *state) { struct pinctrl_setting *setting, *setting2; - struct pinctrl_state *old_state = p->state; + struct pinctrl_state *old_state = READ_ONCE(p->state); int ret; - if (p->state) { + if (old_state) { /* * For each pinmux setting in the old state, forget SW's record * of mux owner for that pingroup. Any pingroups which are * still owned by the new state will be re-acquired by the call * to pinmux_enable_setting() in the loop below. */ - list_for_each_entry(setting, &p->state->settings, node) { + list_for_each_entry(setting, &old_state->settings, node) { if (setting->type != PIN_MAP_TYPE_MUX_GROUP) continue; pinmux_disable_setting(setting); base-commit: 9bacdd8996c77c42ca004440be610692275ff9d0 -- 2.17.1

1 year, 7 months

5
5
0 0

+ hugetlb-fix-null-ptr-deref-in-hugetlb_vma_lock_write.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: hugetlb: fix null-ptr-deref in hugetlb_vma_lock_write has been added to the -mm mm-hotfixes-unstable branch. Its filename is hugetlb-fix-null-ptr-deref-in-hugetlb_vma_lock_write.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Mike Kravetz <mike.kravetz(a)oracle.com> Subject: hugetlb: fix null-ptr-deref in hugetlb_vma_lock_write Date: Mon, 13 Nov 2023 17:20:33 -0800 The routine __vma_private_lock tests for the existence of a reserve map associated with a private hugetlb mapping. A pointer to the reserve map is in vma->vm_private_data. __vma_private_lock was checking the pointer for NULL. However, it is possible that the low bits of the pointer could be used as flags. In such instances, vm_private_data is not NULL and not a valid pointer. This results in the null-ptr-deref reported by syzbot: general protection fault, probably for non-canonical address 0xdffffc000000001d: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x00000000000000e8-0x00000000000000ef] CPU: 0 PID: 5048 Comm: syz-executor139 Not tainted 6.6.0-rc7-syzkaller-00142-g88 8cf78c29e2 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 1 0/09/2023 RIP: 0010:__lock_acquire+0x109/0x5de0 kernel/locking/lockdep.c:5004 ... Call Trace: <TASK> lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 down_write+0x93/0x200 kernel/locking/rwsem.c:1573 hugetlb_vma_lock_write mm/hugetlb.c:300 [inline] hugetlb_vma_lock_write+0xae/0x100 mm/hugetlb.c:291 __hugetlb_zap_begin+0x1e9/0x2b0 mm/hugetlb.c:5447 hugetlb_zap_begin include/linux/hugetlb.h:258 [inline] unmap_vmas+0x2f4/0x470 mm/memory.c:1733 exit_mmap+0x1ad/0xa60 mm/mmap.c:3230 __mmput+0x12a/0x4d0 kernel/fork.c:1349 mmput+0x62/0x70 kernel/fork.c:1371 exit_mm kernel/exit.c:567 [inline] do_exit+0x9ad/0x2a20 kernel/exit.c:861 __do_sys_exit kernel/exit.c:991 [inline] __se_sys_exit kernel/exit.c:989 [inline] __x64_sys_exit+0x42/0x50 kernel/exit.c:989 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x38/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd Mask off low bit flags before checking for NULL pointer. In addition, the reserve map only 'belongs' to the OWNER (parent in parent/child relationships) so also check for the OWNER flag. Link: https://lkml.kernel.org/r/20231114012033.259600-1-mike.kravetz@oracle.com Reported-by: syzbot+6ada951e7c0f7bc8a71e(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/linux-mm/00000000000078d1e00608d7878b@google.com/ Fixes: bf4916922c60 ("hugetlbfs: extend hugetlb_vma_lock to private VMAs") Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> Reviewed-by: Rik van Riel <riel(a)surriel.com> Cc: Edward Adam Davis <eadavis(a)qq.com> Cc: Muchun Song <muchun.song(a)linux.dev> Cc: Nathan Chancellor <nathan(a)kernel.org> Cc: Nick Desaulniers <ndesaulniers(a)google.com> Cc: Tom Rix <trix(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/hugetlb.h | 5 +---- mm/hugetlb.c | 7 +++++++ 2 files changed, 8 insertions(+), 4 deletions(-) --- a/include/linux/hugetlb.h~hugetlb-fix-null-ptr-deref-in-hugetlb_vma_lock_write +++ a/include/linux/hugetlb.h @@ -1268,10 +1268,7 @@ static inline bool __vma_shareable_lock( return (vma->vm_flags & VM_MAYSHARE) && vma->vm_private_data; } -static inline bool __vma_private_lock(struct vm_area_struct *vma) -{ - return (!(vma->vm_flags & VM_MAYSHARE)) && vma->vm_private_data; -} +bool __vma_private_lock(struct vm_area_struct *vma); /* * Safe version of huge_pte_offset() to check the locks. See comments --- a/mm/hugetlb.c~hugetlb-fix-null-ptr-deref-in-hugetlb_vma_lock_write +++ a/mm/hugetlb.c @@ -1182,6 +1182,13 @@ static int is_vma_resv_set(struct vm_are return (get_vma_private_data(vma) & flag) != 0; } +bool __vma_private_lock(struct vm_area_struct *vma) +{ + return !(vma->vm_flags & VM_MAYSHARE) && + get_vma_private_data(vma) & ~HPAGE_RESV_MASK && + is_vma_resv_set(vma, HPAGE_RESV_OWNER); +} + void hugetlb_dup_vma_private(struct vm_area_struct *vma) { VM_BUG_ON_VMA(!is_vm_hugetlb_page(vma), vma); _ Patches currently in -mm which might be from mike.kravetz(a)oracle.com are hugetlb-fix-null-ptr-deref-in-hugetlb_vma_lock_write.patch

1 year, 7 months

1
0
0 0

[PATCH] sched: psi: fix unprivileged polling against cgroups

by Johannes Weiner

519fabc7aaba ("psi: remove 500ms min window size limitation for triggers") breaks unprivileged psi polling on cgroups. Historically, we had a privilege check for polling in the open() of a pressure file in /proc, but were erroneously missing it for the open() of cgroup pressure files. When unprivileged polling was introduced in d82caa273565 ("sched/psi: Allow unprivileged polling of N*2s period"), it needed to filter privileges depending on the exact polling parameters, and as such moved the CAP_SYS_RESOURCE check from the proc open() callback to psi_trigger_create(). Both the proc files as well as cgroup files go through this during write(). This implicitly added the missing check for privileges required for HT polling for cgroups. When 519fabc7aaba ("psi: remove 500ms min window size limitation for triggers") followed right after to remove further restrictions on the RT polling window, it incorrectly assumed the cgroup privilege check was still missing and added it to the cgroup open(), mirroring what we used to do for proc files in the past. As a result, unprivileged poll requests that would be supported now get rejected when opening the cgroup pressure file for writing. Remove the cgroup open() check. psi_trigger_create() handles it. Fixes: 519fabc7aaba ("psi: remove 500ms min window size limitation for triggers") Cc: stable(a)vger.kernel.org # 6.5+ Reported-by: Luca Boccassi <bluca(a)debian.org> Signed-off-by: Johannes Weiner <hannes(a)cmpxchg.org> --- kernel/cgroup/cgroup.c | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index f11488b18ceb..2069ee98da60 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -3879,14 +3879,6 @@ static __poll_t cgroup_pressure_poll(struct kernfs_open_file *of, return psi_trigger_poll(&ctx->psi.trigger, of->file, pt); } -static int cgroup_pressure_open(struct kernfs_open_file *of) -{ - if (of->file->f_mode & FMODE_WRITE && !capable(CAP_SYS_RESOURCE)) - return -EPERM; - - return 0; -} - static void cgroup_pressure_release(struct kernfs_open_file *of) { struct cgroup_file_ctx *ctx = of->priv; @@ -5287,7 +5279,6 @@ static struct cftype cgroup_psi_files[] = { { .name = "io.pressure", .file_offset = offsetof(struct cgroup, psi_files[PSI_IO]), - .open = cgroup_pressure_open, .seq_show = cgroup_io_pressure_show, .write = cgroup_io_pressure_write, .poll = cgroup_pressure_poll, @@ -5296,7 +5287,6 @@ static struct cftype cgroup_psi_files[] = { { .name = "memory.pressure", .file_offset = offsetof(struct cgroup, psi_files[PSI_MEM]), - .open = cgroup_pressure_open, .seq_show = cgroup_memory_pressure_show, .write = cgroup_memory_pressure_write, .poll = cgroup_pressure_poll, @@ -5305,7 +5295,6 @@ static struct cftype cgroup_psi_files[] = { { .name = "cpu.pressure", .file_offset = offsetof(struct cgroup, psi_files[PSI_CPU]), - .open = cgroup_pressure_open, .seq_show = cgroup_cpu_pressure_show, .write = cgroup_cpu_pressure_write, .poll = cgroup_pressure_poll, @@ -5315,7 +5304,6 @@ static struct cftype cgroup_psi_files[] = { { .name = "irq.pressure", .file_offset = offsetof(struct cgroup, psi_files[PSI_IRQ]), - .open = cgroup_pressure_open, .seq_show = cgroup_irq_pressure_show, .write = cgroup_irq_pressure_write, .poll = cgroup_pressure_poll, -- 2.42.0

1 year, 7 months

5
5
0 0

[PATCH 1/1] docs: Fix the docs build with Sphinx 6.0

by Heinrich Schuchardt

From: Jonathan Corbet <corbet(a)lwn.net> Sphinx 6.0 removed the execfile_() function, which we use as part of the configuration process. They *did* warn us... Just open-code the functionality as is done in Sphinx itself. Tested (using SPHINX_CONF, since this code is only executed with an alternative config file) on various Sphinx versions from 2.5 through 6.0. Reported-by: Martin Liška <mliska(a)suse.cz> Cc: stable(a)vger.kernel.org Signed-off-by: Jonathan Corbet <corbet(a)lwn.net> Rebased for U-Boot Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt(a)canonical.com> --- doc/sphinx/load_config.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/doc/sphinx/load_config.py b/doc/sphinx/load_config.py index eeb394b39e..8b416bfd75 100644 --- a/doc/sphinx/load_config.py +++ b/doc/sphinx/load_config.py @@ -3,7 +3,7 @@ import os import sys -from sphinx.util.pycompat import execfile_ +from sphinx.util.osutil import fs_encoding # ------------------------------------------------------------------------------ def loadConfig(namespace): @@ -48,7 +48,9 @@ def loadConfig(namespace): sys.stdout.write("load additional sphinx-config: %s\n" % config_file) config = namespace.copy() config['__file__'] = config_file - execfile_(config_file, config) + with open(config_file, 'rb') as f: + code = compile(f.read(), fs_encoding, 'exec') + exec(code, config) del config['__file__'] namespace.update(config) else: -- 2.40.1

1 year, 7 months

1
0
0 0

[PATCH] media: i2c: st-mipid02: correct format propagation

by Alain Volmat

Use a copy of the struct v4l2_subdev_format when propagating format from the sink to source pad in order to avoid impacting the sink format returned to the application. Thanks to Jacopo Mondi for pointing the issue. Fixes: 6c01e6f3f27b ("media: st-mipid02: Propagate format from sink to source pad") Signed-off-by: Alain Volmat <alain.volmat(a)foss.st.com> Cc: stable(a)vger.kernel.org --- drivers/media/i2c/st-mipid02.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/drivers/media/i2c/st-mipid02.c b/drivers/media/i2c/st-mipid02.c index fa27638edc07..dab14787116b 100644 --- a/drivers/media/i2c/st-mipid02.c +++ b/drivers/media/i2c/st-mipid02.c @@ -770,6 +770,7 @@ static void mipid02_set_fmt_sink(struct v4l2_subdev *sd, struct v4l2_subdev_format *format) { struct mipid02_dev *bridge = to_mipid02_dev(sd); + struct v4l2_subdev_format source_fmt; struct v4l2_mbus_framefmt *fmt; format->format.code = get_fmt_code(format->format.code); @@ -781,8 +782,12 @@ static void mipid02_set_fmt_sink(struct v4l2_subdev *sd, *fmt = format->format; - /* Propagate the format change to the source pad */ - mipid02_set_fmt_source(sd, sd_state, format); + /* + * Propagate the format change to the source pad, taking + * care not to update the format pointer given back to user + */ + source_fmt = *format; + mipid02_set_fmt_source(sd, sd_state, &source_fmt); } static int mipid02_set_fmt(struct v4l2_subdev *sd, -- 2.25.1

1 year, 7 months

4
3
0 0

[PATCH] Bluetooth: hci_bcm4377: Fix msgid release

by Hector Martin

We are releasing a single msgid, so the order argument to bitmap_release_region must be zero. In practice this was probably harmlessly masked to 0 anyway, which is why it worked, but it trips ubsan. Fixes: 8a06127602de ("Bluetooth: hci_bcm4377: Add new driver for BCM4377 PCIe boards") Reported-by: Aditya Garg <gargaditya08(a)live.com> Cc: stable(a)vger.kernel.org Signed-off-by: Hector Martin <marcan(a)marcan.st> --- drivers/bluetooth/hci_bcm4377.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/bluetooth/hci_bcm4377.c b/drivers/bluetooth/hci_bcm4377.c index 19ad0e788646..5e9f79235cde 100644 --- a/drivers/bluetooth/hci_bcm4377.c +++ b/drivers/bluetooth/hci_bcm4377.c @@ -715,7 +715,7 @@ static void bcm4377_handle_ack(struct bcm4377_data *bcm4377, ring->events[msgid] = NULL; } - bitmap_release_region(ring->msgids, msgid, ring->n_entries); + bitmap_release_region(ring->msgids, msgid, 0); unlock: spin_unlock_irqrestore(&ring->lock, flags); --- base-commit: ffc253263a1375a65fa6c9f62a893e9767fbebfa change-id: 20231114-bluetooth-msgid-fix-29769be7e45b Best regards, -- Hector Martin <marcan(a)marcan.st>

1 year, 7 months

2
1
0 0

[PATCH v2 1/1] lib/vsprintf: Fix %pfwf when current node refcount == 0

by Herve Codina

A refcount issue can appeared in __fwnode_link_del() due to the pr_debug() call: WARNING: CPU: 0 PID: 901 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110 Call Trace: <TASK> ... of_node_get+0x1e/0x30 of_fwnode_get+0x28/0x40 fwnode_full_name_string+0x34/0x90 fwnode_string+0xdb/0x140 ... vsnprintf+0x17b/0x630 ... __fwnode_link_del+0x25/0xa0 fwnode_links_purge+0x39/0xb0 of_node_release+0xd9/0x180 ... Indeed, an fwnode (of_node) is being destroyed and so, of_node_release() is called because the of_node refcount reached 0. From of_node_release() several function calls are done and lead to a pr_debug() calls with %pfwf to print the fwnode full name. The issue is not present if we change %pfwf to %pfwP. To print the full name, %pfwf iterates over the current node and its parents and obtain/drop a reference to all nodes involved. In order to allow to print the full name (%pfwf) of a node while it is being destroyed, do not obtain/drop a reference to this current node. Fixes: a92eb7621b9f ("lib/vsprintf: Make use of fwnode API to obtain node names and separators") Cc: stable(a)vger.kernel.org Signed-off-by: Herve Codina <herve.codina(a)bootlin.com> --- Changes v1 -> v2 - Avoid handling current node out of the loop. Instead obtain/drop references in the loop based on the depth value. - Remove some of the backtrace lines in the commit log. lib/vsprintf.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/lib/vsprintf.c b/lib/vsprintf.c index afb88b24fa74..633f5481ac17 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -2110,15 +2110,20 @@ char *fwnode_full_name_string(struct fwnode_handle *fwnode, char *buf, /* Loop starting from the root node to the current node. */ for (depth = fwnode_count_parents(fwnode); depth >= 0; depth--) { - struct fwnode_handle *__fwnode = - fwnode_get_nth_parent(fwnode, depth); + /* + * Only get a reference for other nodes (ie parents node). + * fwnode refcount may be 0 here. + */ + struct fwnode_handle *__fwnode = depth ? + fwnode_get_nth_parent(fwnode, depth) : fwnode; buf = string(buf, end, fwnode_get_name_prefix(__fwnode), default_str_spec); buf = string(buf, end, fwnode_get_name(__fwnode), default_str_spec); - fwnode_handle_put(__fwnode); + if (depth) + fwnode_handle_put(__fwnode); } return buf; -- 2.41.0

1 year, 7 months

3
4
0 0

[PATCH 1/1] lib/vsprintf: Fix %pfwf when current node refcount == 0

by Herve Codina

A refcount issue can appeared in __fwnode_link_del() due to the pr_debug() call: WARNING: CPU: 0 PID: 901 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110 Call Trace: <TASK> ? refcount_warn_saturate+0xe5/0x110 ? __warn+0x81/0x130 ? refcount_warn_saturate+0xe5/0x110 ? report_bug+0x191/0x1c0 ? srso_alias_return_thunk+0x5/0x7f ? prb_read_valid+0x1b/0x30 ? handle_bug+0x3c/0x80 ? exc_invalid_op+0x17/0x70 ? asm_exc_invalid_op+0x1a/0x20 ? refcount_warn_saturate+0xe5/0x110 kobject_get+0x68/0x70 of_node_get+0x1e/0x30 of_fwnode_get+0x28/0x40 fwnode_full_name_string+0x34/0x90 fwnode_string+0xdb/0x140 vsnprintf+0x17b/0x630 va_format.isra.0+0x71/0x130 vsnprintf+0x17b/0x630 vprintk_store+0x162/0x4d0 ? srso_alias_return_thunk+0x5/0x7f ? srso_alias_return_thunk+0x5/0x7f ? srso_alias_return_thunk+0x5/0x7f ? try_to_wake_up+0x9c/0x620 ? rwsem_mark_wake+0x1b2/0x310 vprintk_emit+0xe4/0x2b0 _printk+0x5c/0x80 __dynamic_pr_debug+0x131/0x160 ? srso_alias_return_thunk+0x5/0x7f __fwnode_link_del+0x25/0xa0 fwnode_links_purge+0x39/0xb0 of_node_release+0xd9/0x180 kobject_put+0x7b/0x190 ... Indeed, an fwnode (of_node) is being destroyed and so, of_node_release() is called because the of_node refcount reached 0. From of_node_release() several function calls are done and lead to a pr_debug() calls with %pfwf to print the fwnode full name. The issue is not present if we change %pfwf to %pfwP. To print the full name, %pfwf iterates over the current node and its parents and obtain/drop a reference to all nodes involved. In order to allow to print the full name (%pfwf) of a node while it is being destroyed, do not obtain/drop a reference to this current node. Fixes: a92eb7621b9f ("lib/vsprintf: Make use of fwnode API to obtain node names and separators") Cc: stable(a)vger.kernel.org Signed-off-by: Herve Codina <herve.codina(a)bootlin.com> --- lib/vsprintf.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/lib/vsprintf.c b/lib/vsprintf.c index afb88b24fa74..74ef229c2783 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -2108,8 +2108,8 @@ char *fwnode_full_name_string(struct fwnode_handle *fwnode, char *buf, { int depth; - /* Loop starting from the root node to the current node. */ - for (depth = fwnode_count_parents(fwnode); depth >= 0; depth--) { + /* Loop starting from the root node to the parent of current node. */ + for (depth = fwnode_count_parents(fwnode); depth > 0; depth--) { struct fwnode_handle *__fwnode = fwnode_get_nth_parent(fwnode, depth); @@ -2121,6 +2121,16 @@ char *fwnode_full_name_string(struct fwnode_handle *fwnode, char *buf, fwnode_handle_put(__fwnode); } + /* Handle current node without calling fwnode_handle_{get,put}(). + * This allows to print the full node name while the current node is + * being destroyed (ie print from a function called because of + * refcount == 0) without any refcount issues. + */ + buf = string(buf, end, fwnode_get_name_prefix(fwnode), + default_str_spec); + buf = string(buf, end, fwnode_get_name(fwnode), + default_str_spec); + return buf; } -- 2.41.0

1 year, 7 months

3
7
0 0

[PATCH] mmc: sdhci-pci-gli: Disable LPM during initialization

by Kornel Dulęba

To address IO performance commit f9e5b33934ce ("mmc: host: Improve I/O read/write performance for GL9763E") limited LPM negotiation to runtime suspend state. The problem is that it only flips the switch in the runtime PM resume/suspend logic. Disable LPM negotiation in gl9763e_add_host. This helps in two ways: 1. It was found that the LPM switch stays in the same position after warm reboot. Having it set in init helps with consistency. 2. Disabling LPM during the first runtime resume leaves us susceptible to the performance issue in the time window between boot and the first runtime suspend. Fixes: f9e5b33934ce ("mmc: host: Improve I/O read/write performance for GL9763E") Cc: stable(a)vger.kernel.org Signed-off-by: Kornel Dulęba <korneld(a)chromium.org> --- drivers/mmc/host/sdhci-pci-gli.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/mmc/host/sdhci-pci-gli.c b/drivers/mmc/host/sdhci-pci-gli.c index d83261e857a5..ce91d1e63a8e 100644 --- a/drivers/mmc/host/sdhci-pci-gli.c +++ b/drivers/mmc/host/sdhci-pci-gli.c @@ -220,6 +220,9 @@ #define GLI_MAX_TUNING_LOOP 40 +static void gl9763e_set_low_power_negotiation(struct sdhci_pci_slot *slot, + bool enable); + /* Genesys Logic chipset */ static inline void gl9750_wt_on(struct sdhci_host *host) { @@ -1281,6 +1284,9 @@ static int gl9763e_add_host(struct sdhci_pci_slot *slot) if (ret) goto cleanup; + /* Disable LPM negotiation to avoid entering L1 state. */ + gl9763e_set_low_power_negotiation(slot, false); + return 0; cleanup: @@ -1323,7 +1329,6 @@ static void gli_set_gl9763e(struct sdhci_pci_slot *slot) pci_write_config_dword(pdev, PCIE_GLI_9763E_VHS, value); } -#ifdef CONFIG_PM static void gl9763e_set_low_power_negotiation(struct sdhci_pci_slot *slot, bool enable) { struct pci_dev *pdev = slot->chip->pdev; @@ -1349,6 +1354,7 @@ static void gl9763e_set_low_power_negotiation(struct sdhci_pci_slot *slot, bool pci_write_config_dword(pdev, PCIE_GLI_9763E_VHS, value); } +#ifdef CONFIG_PM static int gl9763e_runtime_suspend(struct sdhci_pci_chip *chip) { struct sdhci_pci_slot *slot = chip->slots[0]; -- 2.42.0.869.gea05f2083d-goog

1 year, 7 months

3
6
0 0

[PATCH AUTOSEL 6.6 01/11] media: gspca: cpia1: shift-out-of-bounds in set_flicker

by Sasha Levin

From: Rajeshwar R Shinde <coolrrsh(a)gmail.com> [ Upstream commit 099be1822d1f095433f4b08af9cc9d6308ec1953 ] Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the value of the variable "sd->params.exposure.gain" exceeds the number of bits in an integer, a shift-out-of-bounds error is reported. It is triggered because the variable "currentexp" cannot be left-shifted by more than the number of bits in an integer. In order to avoid invalid range during left-shift, the conditional expression is added. Reported-by: syzbot+e27f3dbdab04e43b9f73(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/20230818164522.12806-1-coolrrsh@gmail.com Link: https://syzkaller.appspot.com/bug?extid=e27f3dbdab04e43b9f73 Signed-off-by: Rajeshwar R Shinde <coolrrsh(a)gmail.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/media/usb/gspca/cpia1.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/media/usb/gspca/cpia1.c b/drivers/media/usb/gspca/cpia1.c index 46ed95483e222..5f5fa851ca640 100644 --- a/drivers/media/usb/gspca/cpia1.c +++ b/drivers/media/usb/gspca/cpia1.c @@ -18,6 +18,7 @@ #include <linux/input.h> #include <linux/sched/signal.h> +#include <linux/bitops.h> #include "gspca.h" @@ -1028,6 +1029,8 @@ static int set_flicker(struct gspca_dev *gspca_dev, int on, int apply) sd->params.exposure.expMode = 2; sd->exposure_status = EXPOSURE_NORMAL; } + if (sd->params.exposure.gain >= BITS_PER_TYPE(currentexp)) + return -EINVAL; currentexp = currentexp << sd->params.exposure.gain; sd->params.exposure.gain = 0; /* round down current exposure to nearest value */ -- 2.42.0

1 year, 7 months

3
13
0 0

Incomplete stable drm/ast backport - screen freeze on boot

by Keno Fischer

Greetings, When connected to a remote machine via the BMC KVM functionality, I am experiencing screen freezes on boot when using 6.5 stable, but not master. The BMC on the machine in question is an ASpeed AST2600. A quick bisect shows the problematic commit to be 2fb9667 ("drm/ast: report connection status on Display Port."). This is commit f81bb0ac upstream. I believe the problem is that the previous commit in the series e329cb5 ("drm/ast: Add BMC virtual connector") was not backported to the stable branch. As a consequence, it appears that the more accurate DP state detection is causing the kernel to believe that no display is connected, even when the BMC's virtual display is in fact in use. A cherry-pick of e329cb5 onto the stable branch resolves the issue. Cheers, Keno

1 year, 7 months

4
4
0 0

[PATCH v2] mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response

by Ronald Monthero

Under heavy load it is likely that the controller is done with its own task but the thread unlocking the wait is not scheduled in time. Increasing IFC_TIMEOUT_MSECS allows the controller to respond within allowable timeslice of 1 sec fsl,ifc-nand 7e800000.nand: Controller is not responding main/smp_fsm.c:1884 <inrcu: rcu_preempt detected stalls on CPUs/tasks: rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P116/2:b..l (detected by 1, t=2102 jiffies, g=7729, q=754) task:irq/31-arm-irq1 state:D stack: 0 pid: 116 ppid: 2 flags:0x00000000 [<8064b97f>] (__schedule) from [<8064bb01>] (schedule+0x8d/0xc2) [<8064bb01>] (schedule) from [<8064dacd>] [<8064dacd>] (rt_mutex_slowlock_block.constprop.0) from [<8064db57>] [<8064db57>] (__rt_mutex_slowlock.constprop.0) from [<8064dbf7>] [<8064dbf7>] (rt_mutex_slowlock.constprop.0) from [<804b2047>] [<804b2047>] (nand_get_device) from [<804b5335>] (nand_write_oob+0x1b/0x4a) [<804b5335>] (nand_write_oob) from [<804a3585>] (mtd_write+0x41/0x5c) [<804a3585>] (mtd_write) from [<804c1d47>] (ubi_io_write+0x17f/0x22c) [<804c1d47>] (ubi_io_write) from [<804c047b>] (ubi_eba_write_leb+0x5b/0x1d0) Signed-off-by: Ronald Monthero <debug.penguin32(a)gmail.com> --- drivers/mtd/nand/raw/fsl_ifc_nand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/mtd/nand/raw/fsl_ifc_nand.c b/drivers/mtd/nand/raw/fsl_ifc_nand.c index 20bb1e0cb5eb..42f8ea46b6a8 100644 --- a/drivers/mtd/nand/raw/fsl_ifc_nand.c +++ b/drivers/mtd/nand/raw/fsl_ifc_nand.c @@ -21,7 +21,7 @@ #define ERR_BYTE 0xFF /* Value returned for read bytes when read failed */ -#define IFC_TIMEOUT_MSECS 500 /* Maximum number of mSecs to wait +#define IFC_TIMEOUT_MSECS 1000 /* Maximum number of mSecs to wait for IFC NAND Machine */ struct fsl_ifc_ctrl; -- 2.34.1

1 year, 7 months

4
5
0 0

[PATCH v2 1/1] driver core: Keep the supplier fwnode consistent with the device

by Herve Codina

The commit 3a2dbc510c43 ("driver core: fw_devlink: Don't purge child fwnode's consumer links") introduces the possibility to use the supplier's parent device instead of the supplier itself. In that case the supplier fwnode used is not updated and is no more consistent with the supplier device used. Update the fwnode used to be consistent with the supplier device used. Fixes: 3a2dbc510c43 ("driver core: fw_devlink: Don't purge child fwnode's consumer links") Cc: stable(a)vger.kernel.org Signed-off-by: Herve Codina <herve.codina(a)bootlin.com> --- Changes v1 -> v2: Remove sup_handle check and related pr_debug() call as sup_handle cannot be invalid if sup_dev is valid. drivers/base/core.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/base/core.c b/drivers/base/core.c index 4d8b315c48a1..2f6a21b908ec 100644 --- a/drivers/base/core.c +++ b/drivers/base/core.c @@ -2076,6 +2076,13 @@ static int fw_devlink_create_devlink(struct device *con, sup_dev = get_dev_from_fwnode(sup_handle); if (sup_dev) { + /* + * The supplier device may have changed and so, the supplier + * fwnode maybe inconsistent. + * Update the supplier fwnode + */ + sup_handle = sup_dev->fwnode; + /* * If it's one of those drivers that don't actually bind to * their device using driver core, then don't wait on this -- 2.41.0

1 year, 7 months

2
2
0 0

[PATCH] usb: cdnsp: Fix deadlock issue during using NCM gadget

by Pawel Laszczak

The interrupt service routine registered for the gadget is a primary handler which mask the interrupt source and a threaded handler which handles the source of the interrupt. Since the threaded handler is voluntary threaded, the IRQ-core does not disable bottom halves before invoke the handler like it does for the forced-threaded handler. Due to changes in networking it became visible that a network gadget's completions handler may schedule a softirq which remains unprocessed. The gadget's completion handler is usually invoked either in hard-IRQ or soft-IRQ context. In this context it is enough to just raise the softirq because the softirq itself will be handled once that context is left. In the case of the voluntary threaded handler, there is nothing that will process pending softirqs. Which means it remain queued until another random interrupt (on this CPU) fires and handles it on its exit path or another thread locks and unlocks a lock with the bh suffix. Worst case is that the CPU goes idle and the NOHZ complains about unhandled softirqs. Disable bottom halves before acquiring the lock (and disabling interrupts) and enable them after dropping the lock. This ensures that any pending softirqs will handled right away. cc: <stable(a)vger.kernel.org> Fixes: 3d82904559f4 ("usb: cdnsp: cdns3 Add main part of Cadence USBSSP DRD Driver") Signed-off-by: Pawel Laszczak <pawell(a)cadence.com> --- drivers/usb/cdns3/cdnsp-ring.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/usb/cdns3/cdnsp-ring.c b/drivers/usb/cdns3/cdnsp-ring.c index 07f6068342d4..275a6a2fa671 100644 --- a/drivers/usb/cdns3/cdnsp-ring.c +++ b/drivers/usb/cdns3/cdnsp-ring.c @@ -1529,6 +1529,7 @@ irqreturn_t cdnsp_thread_irq_handler(int irq, void *data) unsigned long flags; int counter = 0; + local_bh_disable(); spin_lock_irqsave(&pdev->lock, flags); if (pdev->cdnsp_state & (CDNSP_STATE_HALTED | CDNSP_STATE_DYING)) { @@ -1541,6 +1542,7 @@ irqreturn_t cdnsp_thread_irq_handler(int irq, void *data) cdnsp_died(pdev); spin_unlock_irqrestore(&pdev->lock, flags); + local_bh_enable(); return IRQ_HANDLED; } @@ -1557,6 +1559,7 @@ irqreturn_t cdnsp_thread_irq_handler(int irq, void *data) cdnsp_update_erst_dequeue(pdev, event_ring_deq, 1); spin_unlock_irqrestore(&pdev->lock, flags); + local_bh_enable(); return IRQ_HANDLED; } -- 2.37.2

1 year, 7 months

2
3
0 0

[PATCH] PM: hibernate: use acquire/release ordering when compress/decompress image

by Hongchen Zhang

When we test S4(suspend to disk) on LoongArch 3A6000 platform, the test case sometimes fails. The dmesg log shows the following error: Invalid LZO compressed length After we dig into the code, we find out that: When compress/decompress the image, the synchronization operation between the control thread and the compress/decompress/crc thread uses relaxed ordering interface, which is unreliable, and the following situation may occur: CPU 0 CPU 1 save_image_lzo lzo_compress_threadfn atomic_set(&d->stop, 1); atomic_read(&data[thr].stop) data[thr].cmp = data[thr].cmp_len; WRITE data[thr].cmp_len Then CPU0 get a old cmp_len and write to disk. When cpu resume from S4, wrong cmp_len is loaded. To maintain data consistency between two threads, we should use the acquire/release ordering interface. So we change atomic_read/atomic_set to atomic_read_acquire/atomic_set_release. Signed-off-by: Hongchen Zhang <zhanghongchen(a)loongson.cn> Signed-off-by: Weihao Li <liweihao(a)loongson.cn> --- kernel/power/swap.c | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/kernel/power/swap.c b/kernel/power/swap.c index a2cb0babb5ec..d44f5937f1e5 100644 --- a/kernel/power/swap.c +++ b/kernel/power/swap.c @@ -606,11 +606,11 @@ static int crc32_threadfn(void *data) unsigned i; while (1) { - wait_event(d->go, atomic_read(&d->ready) || + wait_event(d->go, atomic_read_acquire(&d->ready) || kthread_should_stop()); if (kthread_should_stop()) { d->thr = NULL; - atomic_set(&d->stop, 1); + atomic_set_release(&d->stop, 1); wake_up(&d->done); break; } @@ -619,7 +619,7 @@ static int crc32_threadfn(void *data) for (i = 0; i < d->run_threads; i++) *d->crc32 = crc32_le(*d->crc32, d->unc[i], *d->unc_len[i]); - atomic_set(&d->stop, 1); + atomic_set_release(&d->stop, 1); wake_up(&d->done); } return 0; @@ -649,12 +649,12 @@ static int lzo_compress_threadfn(void *data) struct cmp_data *d = data; while (1) { - wait_event(d->go, atomic_read(&d->ready) || + wait_event(d->go, atomic_read_acquire(&d->ready) || kthread_should_stop()); if (kthread_should_stop()) { d->thr = NULL; d->ret = -1; - atomic_set(&d->stop, 1); + atomic_set_release(&d->stop, 1); wake_up(&d->done); break; } @@ -663,7 +663,7 @@ static int lzo_compress_threadfn(void *data) d->ret = lzo1x_1_compress(d->unc, d->unc_len, d->cmp + LZO_HEADER, &d->cmp_len, d->wrk); - atomic_set(&d->stop, 1); + atomic_set_release(&d->stop, 1); wake_up(&d->done); } return 0; @@ -798,7 +798,7 @@ static int save_image_lzo(struct swap_map_handle *handle, data[thr].unc_len = off; - atomic_set(&data[thr].ready, 1); + atomic_set_release(&data[thr].ready, 1); wake_up(&data[thr].go); } @@ -806,12 +806,12 @@ static int save_image_lzo(struct swap_map_handle *handle, break; crc->run_threads = thr; - atomic_set(&crc->ready, 1); + atomic_set_release(&crc->ready, 1); wake_up(&crc->go); for (run_threads = thr, thr = 0; thr < run_threads; thr++) { wait_event(data[thr].done, - atomic_read(&data[thr].stop)); + atomic_read_acquire(&data[thr].stop)); atomic_set(&data[thr].stop, 0); ret = data[thr].ret; @@ -850,7 +850,7 @@ static int save_image_lzo(struct swap_map_handle *handle, } } - wait_event(crc->done, atomic_read(&crc->stop)); + wait_event(crc->done, atomic_read_acquire(&crc->stop)); atomic_set(&crc->stop, 0); } @@ -1132,12 +1132,12 @@ static int lzo_decompress_threadfn(void *data) struct dec_data *d = data; while (1) { - wait_event(d->go, atomic_read(&d->ready) || + wait_event(d->go, atomic_read_acquire(&d->ready) || kthread_should_stop()); if (kthread_should_stop()) { d->thr = NULL; d->ret = -1; - atomic_set(&d->stop, 1); + atomic_set_release(&d->stop, 1); wake_up(&d->done); break; } @@ -1150,7 +1150,7 @@ static int lzo_decompress_threadfn(void *data) flush_icache_range((unsigned long)d->unc, (unsigned long)d->unc + d->unc_len); - atomic_set(&d->stop, 1); + atomic_set_release(&d->stop, 1); wake_up(&d->done); } return 0; @@ -1335,7 +1335,7 @@ static int load_image_lzo(struct swap_map_handle *handle, } if (crc->run_threads) { - wait_event(crc->done, atomic_read(&crc->stop)); + wait_event(crc->done, atomic_read_acquire(&crc->stop)); atomic_set(&crc->stop, 0); crc->run_threads = 0; } @@ -1371,7 +1371,7 @@ static int load_image_lzo(struct swap_map_handle *handle, pg = 0; } - atomic_set(&data[thr].ready, 1); + atomic_set_release(&data[thr].ready, 1); wake_up(&data[thr].go); } @@ -1390,7 +1390,7 @@ static int load_image_lzo(struct swap_map_handle *handle, for (run_threads = thr, thr = 0; thr < run_threads; thr++) { wait_event(data[thr].done, - atomic_read(&data[thr].stop)); + atomic_read_acquire(&data[thr].stop)); atomic_set(&data[thr].stop, 0); ret = data[thr].ret; @@ -1421,7 +1421,7 @@ static int load_image_lzo(struct swap_map_handle *handle, ret = snapshot_write_next(snapshot); if (ret <= 0) { crc->run_threads = thr + 1; - atomic_set(&crc->ready, 1); + atomic_set_release(&crc->ready, 1); wake_up(&crc->go); goto out_finish; } @@ -1429,13 +1429,13 @@ static int load_image_lzo(struct swap_map_handle *handle, } crc->run_threads = thr; - atomic_set(&crc->ready, 1); + atomic_set_release(&crc->ready, 1); wake_up(&crc->go); } out_finish: if (crc->run_threads) { - wait_event(crc->done, atomic_read(&crc->stop)); + wait_event(crc->done, atomic_read_acquire(&crc->stop)); atomic_set(&crc->stop, 0); } stop = ktime_get(); -- 2.33.0

1 year, 7 months

2
1
0 0

[PATCH v4 1/4] bus: mhi: host: Add spinlock to protect WP access when queueing TREs

by Qiang Yu

From: Bhaumik Bhatt <bbhatt(a)codeaurora.org> Protect WP accesses such that multiple threads queueing buffers for incoming data do not race. Cc: <stable(a)vger.kernel.org> Fixes: 189ff97cca53 ("bus: mhi: core: Add support for data transfer") Signed-off-by: Bhaumik Bhatt <bbhatt(a)codeaurora.org> Signed-off-by: Qiang Yu <quic_qianyu(a)quicinc.com> Reviewed-by: Manivannan Sadhasivam <manivannan.sadhasivam(a)linaro.org> --- drivers/bus/mhi/host/main.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/bus/mhi/host/main.c b/drivers/bus/mhi/host/main.c index dcf627b..6c6d253 100644 --- a/drivers/bus/mhi/host/main.c +++ b/drivers/bus/mhi/host/main.c @@ -1204,6 +1204,9 @@ int mhi_gen_tre(struct mhi_controller *mhi_cntrl, struct mhi_chan *mhi_chan, int eot, eob, chain, bei; int ret; + /* Protect accesses for reading and incrementing WP */ + write_lock_bh(&mhi_chan->lock); + buf_ring = &mhi_chan->buf_ring; tre_ring = &mhi_chan->tre_ring; @@ -1221,8 +1224,10 @@ int mhi_gen_tre(struct mhi_controller *mhi_cntrl, struct mhi_chan *mhi_chan, if (!info->pre_mapped) { ret = mhi_cntrl->map_single(mhi_cntrl, buf_info); - if (ret) + if (ret) { + write_unlock_bh(&mhi_chan->lock); return ret; + } } eob = !!(flags & MHI_EOB); @@ -1239,6 +1244,8 @@ int mhi_gen_tre(struct mhi_controller *mhi_cntrl, struct mhi_chan *mhi_chan, mhi_add_ring_element(mhi_cntrl, tre_ring); mhi_add_ring_element(mhi_cntrl, buf_ring); + write_unlock_bh(&mhi_chan->lock); + return 0; } -- 2.7.4

1 year, 7 months

1
0
0 0

[PATCH v3] mm: Fix for negative counter: nr_file_hugepages

by Stefan Roesch

While qualifiying the 6.4 release, the following warning was detected in messages: vmstat_refresh: nr_file_hugepages -15664 The warning is caused by the incorrect updating of the NR_FILE_THPS counter in the function split_huge_page_to_list. The if case is checking for folio_test_swapbacked, but the else case is missing the check for folio_test_pmd_mappable. The other functions that manipulate the counter like __filemap_add_folio and filemap_unaccount_folio have the corresponding check. I have a test case, which reproduces the problem. It can be found here: https://github.com/sroeschus/testcase/blob/main/vmstat_refresh/madv.c The test case reproduces on an XFS filesystem. Running the same test case on a BTRFS filesystem does not reproduce the problem. AFAIK version 6.1 until 6.6 are affected by this problem. Signed-off-by: Stefan Roesch <shr(a)devkernel.io> Co-debugged-by: Johannes Weiner <hannes(a)cmpxchg.org> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Cc: stable(a)vger.kernel.org --- mm/huge_memory.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/mm/huge_memory.c b/mm/huge_memory.c index 064fbd90822b4..874000f97bfc1 100644 --- a/mm/huge_memory.c +++ b/mm/huge_memory.c @@ -2737,13 +2737,15 @@ int split_huge_page_to_list(struct page *page, struct list_head *list) int nr = folio_nr_pages(folio); xas_split(&xas, folio, folio_order(folio)); - if (folio_test_swapbacked(folio)) { - __lruvec_stat_mod_folio(folio, NR_SHMEM_THPS, - -nr); - } else { - __lruvec_stat_mod_folio(folio, NR_FILE_THPS, - -nr); - filemap_nr_thps_dec(mapping); + if (folio_test_pmd_mappable(folio)) { + if (folio_test_swapbacked(folio)) { + __lruvec_stat_mod_folio(folio, + NR_SHMEM_THPS, -nr); + } else { + __lruvec_stat_mod_folio(folio, + NR_FILE_THPS, -nr); + filemap_nr_thps_dec(mapping); + } } } base-commit: ffc253263a1375a65fa6c9f62a893e9767fbebfa -- 2.39.3

1 year, 7 months

4
3
0 0

[PATCH 5.10] Backport the fix for CVE-2023-25012 to kernel v5.10

by He Gao

This is the fix of CVE-2023-25012 for kernel v5.10. Upstream commit: https://github.com/torvalds/linux/commit/7644b1a1c9a7ae8ab99175989bfc867605… The affected code is in io_uring/io_uring.c instead of io_uring/fdinfo.c for v5.10. So the patch applies the same change to io_uring/io_uring.c. Thanks! He Jens Axboe (1): io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid io_uring/io_uring.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) -- 2.42.0.869.gea05f2083d-goog

1 year, 7 months

1
1
0 0

[v6.6][PATCH] eventfs: Check for NULL ef in eventfs_set_attr()

by Steven Rostedt

From: "Steven Rostedt (Google)" <rostedt(a)goodmis.org> The top level events directory dentry does not have a d_fsdata set to a eventfs_file pointer. This dentry is still passed to eventfs_set_attr(). It can not assume that the d_fsdata is set. Check for that. Link: https://lore.kernel.org/all/20231112104158.6638-1-milian.wolff@kdab.com/ Fixes: 9aaee3eebc91 ("eventfs: Save ownership and mode") Reported-by: Milian Wolff <milian.wolff(a)kdab.com> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- Note: This only affects 6.6 as the code in 6.7 here was rewritten. I tested 6.7 and it does not have this bug. fs/tracefs/event_inode.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c index 5fcfb634fec2..efbdc47c74dc 100644 --- a/fs/tracefs/event_inode.c +++ b/fs/tracefs/event_inode.c @@ -113,14 +113,14 @@ static int eventfs_set_attr(struct mnt_idmap *idmap, struct dentry *dentry, mutex_lock(&eventfs_mutex); ef = dentry->d_fsdata; - if (ef->is_freed) { + if (ef && ef->is_freed) { /* Do not allow changes if the event is about to be removed. */ mutex_unlock(&eventfs_mutex); return -ENODEV; } ret = simple_setattr(idmap, dentry, iattr); - if (!ret) + if (!ret && ef) update_attr(ef, iattr); mutex_unlock(&eventfs_mutex); return ret; -- 2.42.0

1 year, 7 months

3
3
0 0

[PATCH 1/1] driver core: Remove warning on driver unbinding

by Herve Codina

During driver unbinding, __device_links_no_driver() can raise the following warning: --- 8< --- WARNING: CPU: 0 PID: 166 at drivers/base/core.c:1426 __device_links_no_driver+0xac/0xb4 ... Call trace: __device_links_no_driver+0xac/0xb4 device_links_driver_cleanup+0xa8/0xf0 device_release_driver_internal+0x204/0x240 device_release_driver+0x18/0x24 bus_remove_device+0xcc/0x10c device_del+0x158/0x414 platform_device_del.part.0+0x1c/0x88 platform_device_unregister+0x24/0x40 of_platform_device_destroy+0xfc/0x10c device_for_each_child_reverse+0x64/0xb4 devm_of_platform_populate_release+0x4c/0x84 release_nodes+0x5c/0x90 devres_release_all+0x8c/0xdc device_unbind_cleanup+0x18/0x68 device_release_driver_internal+0x20c/0x240 device_links_unbind_consumers+0xe0/0x108 device_release_driver_internal+0xf0/0x240 driver_detach+0x50/0x9c bus_remove_driver+0x6c/0xbc driver_unregister+0x30/0x60 ... --- 8< --- This warning is raised because, during device removal, we unlink a consumer while its supplier links.status is DL_DEV_UNBINDING. Even if the link is not a SYNC_STATE_ONLY, the warning should not appear in that case. Filter out this warning in case of the supplier driver is unbinding. Fixes: 8c3e315d4296 ("driver core: Update device link status correctly for SYNC_STATE_ONLY links") Cc: stable(a)vger.kernel.org Signed-off-by: Herve Codina <herve.codina(a)bootlin.com> --- drivers/base/core.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/base/core.c b/drivers/base/core.c index 17f2568e0a79..f4b09691998e 100644 --- a/drivers/base/core.c +++ b/drivers/base/core.c @@ -1423,7 +1423,8 @@ static void __device_links_no_driver(struct device *dev) if (link->supplier->links.status == DL_DEV_DRIVER_BOUND) { WRITE_ONCE(link->status, DL_STATE_AVAILABLE); } else { - WARN_ON(!(link->flags & DL_FLAG_SYNC_STATE_ONLY)); + WARN_ON(!(link->flags & DL_FLAG_SYNC_STATE_ONLY) && + link->supplier->links.status != DL_DEV_UNBINDING); WRITE_ONCE(link->status, DL_STATE_DORMANT); } } -- 2.41.0

1 year, 7 months

2
2
0 0

[PATCH 1/1] driver core: Avoid using fwnode in __fwnode_link_del()

by Herve Codina

A refcount issue can appeared in __fwnode_link_del() due to the pr_debug() call: WARNING: CPU: 0 PID: 901 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110 Call Trace: <TASK> ? refcount_warn_saturate+0xe5/0x110 ? __warn+0x81/0x130 ? refcount_warn_saturate+0xe5/0x110 ? report_bug+0x191/0x1c0 ? srso_alias_return_thunk+0x5/0x7f ? prb_read_valid+0x1b/0x30 ? handle_bug+0x3c/0x80 ? exc_invalid_op+0x17/0x70 ? asm_exc_invalid_op+0x1a/0x20 ? refcount_warn_saturate+0xe5/0x110 kobject_get+0x68/0x70 of_node_get+0x1e/0x30 of_fwnode_get+0x28/0x40 fwnode_full_name_string+0x34/0x90 fwnode_string+0xdb/0x140 vsnprintf+0x17b/0x630 va_format.isra.0+0x71/0x130 vsnprintf+0x17b/0x630 vprintk_store+0x162/0x4d0 ? srso_alias_return_thunk+0x5/0x7f ? srso_alias_return_thunk+0x5/0x7f ? srso_alias_return_thunk+0x5/0x7f ? try_to_wake_up+0x9c/0x620 ? rwsem_mark_wake+0x1b2/0x310 vprintk_emit+0xe4/0x2b0 _printk+0x5c/0x80 __dynamic_pr_debug+0x131/0x160 ? srso_alias_return_thunk+0x5/0x7f __fwnode_link_del+0x25/0xa0 fwnode_links_purge+0x39/0xb0 of_node_release+0xd9/0x180 kobject_put+0x7b/0x190 ... Indeed, an of_node is destroyed and so, of_node_release() is called because the of_node refcount reached 0. of_node_release() calls fwnode_links_purge() to purge the links and ended with __fwnode_link_del() calls. __fwnode_link_del calls pr_debug() to print the fwnodes (of_nodes) involved in the link and so this call is done while one of them is no more available (ie the one related to the of_node_release() call) Remove the pr_debug() call to avoid the use of the links fwnode while destroying the fwnode itself. Fixes: ebd6823af378 ("driver core: Add debug logs when fwnode links are added/deleted") Cc: stable(a)vger.kernel.org Signed-off-by: Herve Codina <herve.codina(a)bootlin.com> --- drivers/base/core.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/drivers/base/core.c b/drivers/base/core.c index f4b09691998e..62088c663014 100644 --- a/drivers/base/core.c +++ b/drivers/base/core.c @@ -109,8 +109,6 @@ int fwnode_link_add(struct fwnode_handle *con, struct fwnode_handle *sup) */ static void __fwnode_link_del(struct fwnode_link *link) { - pr_debug("%pfwf Dropping the fwnode link to %pfwf\n", - link->consumer, link->supplier); list_del(&link->s_hook); list_del(&link->c_hook); kfree(link); -- 2.41.0

1 year, 7 months

2
2
0 0

+ parisc-fix-mmap_base-calculation-when-stack-grows-upwards.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: parisc: fix mmap_base calculation when stack grows upwards has been added to the -mm mm-hotfixes-unstable branch. Its filename is parisc-fix-mmap_base-calculation-when-stack-grows-upwards.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Helge Deller <deller(a)gmx.de> Subject: parisc: fix mmap_base calculation when stack grows upwards Date: Mon, 13 Nov 2023 11:12:57 +0100 Matoro reported various userspace crashes on the parisc platform with kernel 6.6 and bisected it to commit 3033cd430768 ("parisc: Use generic mmap top-down layout and brk randomization"). That commit switched parisc to use the common infrastructure to calculate mmap_base, but missed that the mmap_base() function takes care for architectures where the stack grows downwards only. Fix the mmap_base() calculation to include the stack-grows-upwards case and thus fix the userspace crashes on parisc. Link: https://lkml.kernel.org/r/ZVH2qeS1bG7/1J/l@p100 Fixes: 3033cd430768 ("parisc: Use generic mmap top-down layout and brk randomization") Signed-off-by: Helge Deller <deller(a)gmx.de> Reported-by: matoro <matoro_mailinglist_kernel(a)matoro.tk> Tested-by: matoro <matoro_mailinglist_kernel(a)matoro.tk> Cc: <stable(a)vger.kernel.org> [6.6+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- arch/parisc/Kconfig | 6 +++--- arch/parisc/include/asm/elf.h | 10 +--------- arch/parisc/include/asm/processor.h | 2 ++ arch/parisc/kernel/sys_parisc.c | 2 +- mm/util.c | 10 ++++++++++ 5 files changed, 17 insertions(+), 13 deletions(-) --- a/arch/parisc/include/asm/elf.h~parisc-fix-mmap_base-calculation-when-stack-grows-upwards +++ a/arch/parisc/include/asm/elf.h @@ -349,15 +349,7 @@ struct pt_regs; /* forward declaration.. #define ELF_HWCAP 0 -/* Masks for stack and mmap randomization */ -#define BRK_RND_MASK (is_32bit_task() ? 0x07ffUL : 0x3ffffUL) -#define MMAP_RND_MASK (is_32bit_task() ? 0x1fffUL : 0x3ffffUL) -#define STACK_RND_MASK MMAP_RND_MASK - -struct mm_struct; -extern unsigned long arch_randomize_brk(struct mm_struct *); -#define arch_randomize_brk arch_randomize_brk - +#define STACK_RND_MASK 0x7ff /* 8MB of VA */ #define ARCH_HAS_SETUP_ADDITIONAL_PAGES 1 struct linux_binprm; --- a/arch/parisc/include/asm/processor.h~parisc-fix-mmap_base-calculation-when-stack-grows-upwards +++ a/arch/parisc/include/asm/processor.h @@ -47,6 +47,8 @@ #ifndef __ASSEMBLY__ +struct rlimit; +unsigned long mmap_upper_limit(struct rlimit *rlim_stack); unsigned long calc_max_stack_size(unsigned long stack_max); /* --- a/arch/parisc/Kconfig~parisc-fix-mmap_base-calculation-when-stack-grows-upwards +++ a/arch/parisc/Kconfig @@ -140,11 +140,11 @@ config ARCH_MMAP_RND_COMPAT_BITS_MIN default 8 config ARCH_MMAP_RND_BITS_MAX - default 24 if 64BIT - default 17 + default 18 if 64BIT + default 13 config ARCH_MMAP_RND_COMPAT_BITS_MAX - default 17 + default 13 # unless you want to implement ACPI on PA-RISC ... ;-) config PM --- a/arch/parisc/kernel/sys_parisc.c~parisc-fix-mmap_base-calculation-when-stack-grows-upwards +++ a/arch/parisc/kernel/sys_parisc.c @@ -77,7 +77,7 @@ unsigned long calc_max_stack_size(unsign * indicating that "current" should be used instead of a passed-in * value from the exec bprm as done with arch_pick_mmap_layout(). */ -static unsigned long mmap_upper_limit(struct rlimit *rlim_stack) +unsigned long mmap_upper_limit(struct rlimit *rlim_stack) { unsigned long stack_base; --- a/mm/util.c~parisc-fix-mmap_base-calculation-when-stack-grows-upwards +++ a/mm/util.c @@ -414,6 +414,15 @@ static int mmap_is_legacy(struct rlimit static unsigned long mmap_base(unsigned long rnd, struct rlimit *rlim_stack) { +#ifdef CONFIG_STACK_GROWSUP + /* + * For an upwards growing stack the calculation is much simpler. + * Memory for the maximum stack size is reserved at the top of the + * task. mmap_base starts directly below the stack and grows + * downwards. + */ + return PAGE_ALIGN_DOWN(mmap_upper_limit(rlim_stack) - rnd); +#else unsigned long gap = rlim_stack->rlim_cur; unsigned long pad = stack_guard_gap; @@ -431,6 +440,7 @@ static unsigned long mmap_base(unsigned gap = MAX_GAP; return PAGE_ALIGN(STACK_TOP - gap - rnd); +#endif } void arch_pick_mmap_layout(struct mm_struct *mm, struct rlimit *rlim_stack) _ Patches currently in -mm which might be from deller(a)gmx.de are parisc-fix-mmap_base-calculation-when-stack-grows-upwards.patch

1 year, 7 months

1
0
0 0

[PATCH v2] mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response

by Ronald Monthero

Under heavy load it is likely that the controller is done with its own task but the thread unlocking the wait is not scheduled in time. Increasing IFC_TIMEOUT_MSECS allows the controller to respond within allowable timeslice of 1 sec fsl,ifc-nand 7e800000.nand: Controller is not responding main/smp_fsm.c:1884 <inrcu: rcu_preempt detected stalls on CPUs/tasks: rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P116/2:b..l (detected by 1, t=2102 jiffies, g=7729, q=754) task:irq/31-arm-irq1 state:D stack: 0 pid: 116 ppid: 2 flags:0x00000000 [<8064b97f>] (__schedule) from [<8064bb01>] (schedule+0x8d/0xc2) [<8064bb01>] (schedule) from [<8064dacd>] [<8064dacd>] (rt_mutex_slowlock_block.constprop.0) from [<8064db57>] [<8064db57>] (__rt_mutex_slowlock.constprop.0) from [<8064dbf7>] [<8064dbf7>] (rt_mutex_slowlock.constprop.0) from [<804b2047>] [<804b2047>] (nand_get_device) from [<804b5335>] (nand_write_oob+0x1b/0x4a) [<804b5335>] (nand_write_oob) from [<804a3585>] (mtd_write+0x41/0x5c) [<804a3585>] (mtd_write) from [<804c1d47>] (ubi_io_write+0x17f/0x22c) [<804c1d47>] (ubi_io_write) from [<804c047b>] (ubi_eba_write_leb+0x5b/0x1d0) Cc: stable(a)vger.kernel.org Signed-off-by: Ronald Monthero <debug.penguin32(a)gmail.com> --- drivers/mtd/nand/raw/fsl_ifc_nand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/mtd/nand/raw/fsl_ifc_nand.c b/drivers/mtd/nand/raw/fsl_ifc_nand.c index 20bb1e0cb5eb..42f8ea46b6a8 100644 --- a/drivers/mtd/nand/raw/fsl_ifc_nand.c +++ b/drivers/mtd/nand/raw/fsl_ifc_nand.c @@ -21,7 +21,7 @@ #define ERR_BYTE 0xFF /* Value returned for read bytes when read failed */ -#define IFC_TIMEOUT_MSECS 500 /* Maximum number of mSecs to wait +#define IFC_TIMEOUT_MSECS 1000 /* Maximum number of mSecs to wait for IFC NAND Machine */ struct fsl_ifc_ctrl; -- 2.34.1

1 year, 7 months

2
2
0 0

[PATCH net,v4, 2/3] hv_netvsc: Fix race of register_netdevice_notifier and VF register

by Haiyang Zhang

If VF NIC is registered earlier, NETDEV_REGISTER event is replayed, but NETDEV_POST_INIT is not. Move register_netdevice_notifier() earlier, so the call back function is set before probing. Cc: stable(a)vger.kernel.org Fixes: e04e7a7bbd4b ("hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe()") Reported-by: Dexuan Cui <decui(a)microsoft.com> Signed-off-by: Haiyang Zhang <haiyangz(a)microsoft.com> Reviewed-by: Wojciech Drewek <wojciech.drewek(a)intel.com> --- v3: Divide it into two patches, suggested by Jakub Kicinski. v2: Fix rtnl_unlock() in error handling as found by Wojciech Drewek. --- drivers/net/hyperv/netvsc_drv.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/net/hyperv/netvsc_drv.c b/drivers/net/hyperv/netvsc_drv.c index 5e528a76f5f5..1d1491da303b 100644 --- a/drivers/net/hyperv/netvsc_drv.c +++ b/drivers/net/hyperv/netvsc_drv.c @@ -2793,11 +2793,14 @@ static int __init netvsc_drv_init(void) } netvsc_ring_bytes = ring_size * PAGE_SIZE; + register_netdevice_notifier(&netvsc_netdev_notifier); + ret = vmbus_driver_register(&netvsc_drv); - if (ret) + if (ret) { + unregister_netdevice_notifier(&netvsc_netdev_notifier); return ret; + } - register_netdevice_notifier(&netvsc_netdev_notifier); return 0; } -- 2.25.1

1 year, 7 months

3
3
0 0

Re: Patch "fbdev: omapfb: Drop unused remove function" has been added to the 6.6-stable tree

by Uwe Kleine-König

On Sun, Nov 12, 2023 at 11:36:02PM -0500, Sasha Levin wrote: > This is a note to let you know that I've just added the patch titled > > fbdev: omapfb: Drop unused remove function > > to the 6.6-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > fbdev-omapfb-drop-unused-remove-function.patch > and it can be found in the queue-6.6 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > > commit a772de6bea2f5a9b5dad8afe0d9145fd8ee62564 > Author: Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> > Date: Fri Nov 3 18:35:58 2023 +0100 > > fbdev: omapfb: Drop unused remove function > > [ Upstream commit fc6699d62f5f4facc3e934efd25892fc36050b70 ] > > OMAP2_VRFB is a bool, so the vrfb driver can never be compiled as a > module. With that __exit_p(vrfb_remove) always evaluates to NULL and > vrfb_remove() is unused. > > If the driver was compilable as a module, it would fail to build because > the type of vrfb_remove() isn't compatible with struct > platform_driver::remove(). (The former returns void, the latter int.) > > Fixes: aa1e49a3752f ("OMAPDSS: VRFB: add omap_vrfb_supported()") > Signed-off-by: Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> > Signed-off-by: Helge Deller <deller(a)gmx.de> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> While it doesn't hurt to backport this patch, I guess it also doesn't give any benefit (apart from increasing my patch count in stable :-). This commit just removes code that was thrown away by the compiler before. So I'd not backport it. Best regards Uwe -- Pengutronix e.K. | Uwe Kleine-König | Industrial Linux Solutions | https://www.pengutronix.de/ |

1 year, 7 months

2
1
0 0

[git:media_stage/master] media: subdev: Don't report V4L2_SUBDEV_CAP_STREAMS when the streams API is disabled

by Hans Verkuil

This is an automatic generated email to let you know that the following patch were queued: Subject: media: subdev: Don't report V4L2_SUBDEV_CAP_STREAMS when the streams API is disabled Author: Hans de Goede <hdegoede(a)redhat.com> Date: Tue Oct 10 12:24:58 2023 +0200 Since the stream API is still experimental it is currently locked away behind the internal, default disabled, v4l2_subdev_enable_streams_api flag. Advertising V4L2_SUBDEV_CAP_STREAMS when the streams API is disabled confuses userspace. E.g. it causes the following libcamera error: ERROR SimplePipeline simple.cpp:1497 Failed to reset routes for /dev/v4l-subdev1: Inappropriate ioctl for device Don't report V4L2_SUBDEV_CAP_STREAMS when the streams API is disabled to avoid problems like this. Reported-by: Dennis Bonke <admin(a)dennisbonke.com> Fixes: 9a6b5bf4c1bb ("media: add V4L2_SUBDEV_CAP_STREAMS") Cc: stable(a)vger.kernel.org # for >= 6.3 Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> Acked-by: Sakari Ailus <sakari.ailus(a)linux.intel.com> Reviewed-by: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Signed-off-by: Mauro Carvalho Chehab <mchehab(a)kernel.org> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> drivers/media/v4l2-core/v4l2-subdev.c | 7 +++++++ 1 file changed, 7 insertions(+) --- diff --git a/drivers/media/v4l2-core/v4l2-subdev.c b/drivers/media/v4l2-core/v4l2-subdev.c index b92348ad61f6..31752c06d1f0 100644 --- a/drivers/media/v4l2-core/v4l2-subdev.c +++ b/drivers/media/v4l2-core/v4l2-subdev.c @@ -502,6 +502,13 @@ static long subdev_do_ioctl(struct file *file, unsigned int cmd, void *arg, V4L2_SUBDEV_CLIENT_CAP_STREAMS; int rval; + /* + * If the streams API is not enabled, remove V4L2_SUBDEV_CAP_STREAMS. + * Remove this when the API is no longer experimental. + */ + if (!v4l2_subdev_enable_streams_api) + streams_subdev = false; + switch (cmd) { case VIDIOC_SUBDEV_QUERYCAP: { struct v4l2_subdev_capability *cap = arg;

1 year, 7 months

1
0
0 0

[PATCH net] ppp: limit MRU to 64K

by Willem de Bruijn

From: Willem de Bruijn <willemb(a)google.com> ppp_sync_ioctl allows setting device MRU, but does not sanity check this input. Limit to a sane upper bound of 64KB. No implementation I could find generates larger than 64KB frames. RFC 2823 mentions an upper bound of PPP over SDL of 64KB based on the 16-bit length field. Other protocols will be smaller, such as PPPoE (9KB jumbo frame) and PPPoA (18190 maximum CPCS-SDU size, RFC 2364). PPTP and L2TP encapsulate in IP. Syzbot managed to trigger alloc warning in __alloc_pages: if (WARN_ON_ONCE_GFP(order > MAX_ORDER, gfp)) WARNING: CPU: 1 PID: 37 at mm/page_alloc.c:4544 __alloc_pages+0x3ab/0x4a0 mm/page_alloc.c:4544 __alloc_skb+0x12b/0x330 net/core/skbuff.c:651 __netdev_alloc_skb+0x72/0x3f0 net/core/skbuff.c:715 netdev_alloc_skb include/linux/skbuff.h:3225 [inline] dev_alloc_skb include/linux/skbuff.h:3238 [inline] ppp_sync_input drivers/net/ppp/ppp_synctty.c:669 [inline] ppp_sync_receive+0xff/0x680 drivers/net/ppp/ppp_synctty.c:334 tty_ldisc_receive_buf+0x14c/0x180 drivers/tty/tty_buffer.c:390 tty_port_default_receive_buf+0x70/0xb0 drivers/tty/tty_port.c:37 receive_buf drivers/tty/tty_buffer.c:444 [inline] flush_to_ldisc+0x261/0x780 drivers/tty/tty_buffer.c:494 process_one_work+0x884/0x15c0 kernel/workqueue.c:2630 With call ioctl$PPPIOCSMRU1(r1, 0x40047452, &(0x7f0000000100)=0x5e6417a8) Similar code exists in other drivers that implement ppp_channel_ops ioctl PPPIOCSMRU. Those might also be in scope. Notably excluded from this are pppol2tp_ioctl and pppoe_ioctl. This code goes back to the start of git history. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Reported-by: syzbot+6177e1f90d92583bcc58(a)syzkaller.appspotmail.com Signed-off-by: Willem de Bruijn <willemb(a)google.com> --- drivers/net/ppp/ppp_synctty.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/net/ppp/ppp_synctty.c b/drivers/net/ppp/ppp_synctty.c index ea261a628786..52d05ce4a281 100644 --- a/drivers/net/ppp/ppp_synctty.c +++ b/drivers/net/ppp/ppp_synctty.c @@ -453,6 +453,10 @@ ppp_sync_ioctl(struct ppp_channel *chan, unsigned int cmd, unsigned long arg) case PPPIOCSMRU: if (get_user(val, (int __user *) argp)) break; + if (val > U16_MAX) { + err = -EINVAL; + break; + } if (val < PPP_MRU) val = PPP_MRU; ap->mru = val; -- 2.43.0.rc0.421.g78406f8d94-goog

1 year, 7 months

4
3
0 0

[PATCH 1/1] driver core: Keep the supplier fwnode consistent with the device

by Herve Codina

The commit 3a2dbc510c43 ("driver core: fw_devlink: Don't purge child fwnode's consumer links") introduces the possibility to use the supplier's parent device instead of the supplier itself. In that case the supplier fwnode used is not updated and is no more consistent with the supplier device used. Update the fwnode used to be consistent with the supplier device used. Fixes: 3a2dbc510c43 ("driver core: fw_devlink: Don't purge child fwnode's consumer links") Cc: stable(a)vger.kernel.org Signed-off-by: Herve Codina <herve.codina(a)bootlin.com> --- drivers/base/core.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/drivers/base/core.c b/drivers/base/core.c index 4d8b315c48a1..17f2568e0a79 100644 --- a/drivers/base/core.c +++ b/drivers/base/core.c @@ -2076,6 +2076,18 @@ static int fw_devlink_create_devlink(struct device *con, sup_dev = get_dev_from_fwnode(sup_handle); if (sup_dev) { + /* + * The supplier device may have changed and so, the supplier + * fwnode maybe inconsistent. + * Update the supplier fwnode + */ + sup_handle = sup_dev->fwnode; + if (!sup_handle) { + dev_dbg(con, "Not linking %s - fwnode NULL\n", + dev_name(sup_dev)); + goto out; + } + /* * If it's one of those drivers that don't actually bind to * their device using driver core, then don't wait on this -- 2.41.0

1 year, 7 months

2
2
0 0

[PATCH v2] iio: cros_ec: fix an use-after-free in cros_ec_sensors_push_data()

by Tzung-Bi Shih

cros_ec_sensors_push_data() reads `indio_dev->active_scan_mask` and calls iio_push_to_buffers_with_timestamp() without making sure the `indio_dev` stays in buffer mode. There is a race if `indio_dev` exits buffer mode right before cros_ec_sensors_push_data() accesses them. An use-after-free on `indio_dev->active_scan_mask` was observed. The call trace: [...] _find_next_bit cros_ec_sensors_push_data cros_ec_sensorhub_event blocking_notifier_call_chain cros_ec_irq_thread It was caused by a race condition: one thread just freed `active_scan_mask` at [1]; while another thread tried to access the memory at [2]. Fix it by calling iio_device_claim_buffer_mode() to ensure the `indio_dev` can't exit buffer mode during cros_ec_sensors_push_data(). [1]: https://elixir.bootlin.com/linux/v6.5/source/drivers/iio/industrialio-buffe… [2]: https://elixir.bootlin.com/linux/v6.5/source/drivers/iio/common/cros_ec_sen… Cc: stable(a)vger.kernel.org Fixes: aa984f1ba4a4 ("iio: cros_ec: Register to cros_ec_sensorhub when EC supports FIFO") Signed-off-by: Tzung-Bi Shih <tzungbi(a)kernel.org> --- Changes from v1(https://patchwork.kernel.org/project/linux-iio/patch/20230828094339.1248…: - Use iio_device_{claim|release}_buffer_mode() instead of accessing `mlock`. drivers/iio/common/cros_ec_sensors/cros_ec_sensors_core.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/iio/common/cros_ec_sensors/cros_ec_sensors_core.c b/drivers/iio/common/cros_ec_sensors/cros_ec_sensors_core.c index b72d39fc2434..6bfe5d6847e7 100644 --- a/drivers/iio/common/cros_ec_sensors/cros_ec_sensors_core.c +++ b/drivers/iio/common/cros_ec_sensors/cros_ec_sensors_core.c @@ -190,8 +190,11 @@ int cros_ec_sensors_push_data(struct iio_dev *indio_dev, /* * Ignore samples if the buffer is not set: it is needed if the ODR is * set but the buffer is not enabled yet. + * + * Note: iio_device_claim_buffer_mode() returns -EBUSY if the buffer + * is not enabled. */ - if (!iio_buffer_enabled(indio_dev)) + if (iio_device_claim_buffer_mode(indio_dev) < 0) return 0; out = (s16 *)st->samples; @@ -210,6 +213,7 @@ int cros_ec_sensors_push_data(struct iio_dev *indio_dev, iio_push_to_buffers_with_timestamp(indio_dev, st->samples, timestamp + delta); + iio_device_release_buffer_mode(indio_dev); return 0; } EXPORT_SYMBOL_GPL(cros_ec_sensors_push_data); -- 2.42.0.rc2.253.gd59a3bf2b4-goog

1 year, 7 months

5
5
0 0

[PATCH net,v4, 1/3] hv_netvsc: fix race of netvsc and VF register_netdevice

by Haiyang Zhang

The rtnl lock also needs to be held before rndis_filter_device_add() which advertises nvsp_2_vsc_capability / sriov bit, and triggers VF NIC offering and registering. If VF NIC finished register_netdev() earlier it may cause name based config failure. To fix this issue, move the call to rtnl_lock() before rndis_filter_device_add(), so VF will be registered later than netvsc / synthetic NIC, and gets a name numbered (ethX) after netvsc. Cc: stable(a)vger.kernel.org Fixes: e04e7a7bbd4b ("hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe()") Reported-by: Dexuan Cui <decui(a)microsoft.com> Signed-off-by: Haiyang Zhang <haiyangz(a)microsoft.com> Reviewed-by: Wojciech Drewek <wojciech.drewek(a)intel.com> --- v3: Divide it into two patches, suggested by Jakub Kicinski. v2: Fix rtnl_unlock() in error handling as found by Wojciech Drewek. --- drivers/net/hyperv/netvsc_drv.c | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/drivers/net/hyperv/netvsc_drv.c b/drivers/net/hyperv/netvsc_drv.c index 3ba3c8fb28a5..5e528a76f5f5 100644 --- a/drivers/net/hyperv/netvsc_drv.c +++ b/drivers/net/hyperv/netvsc_drv.c @@ -2531,15 +2531,6 @@ static int netvsc_probe(struct hv_device *dev, goto devinfo_failed; } - nvdev = rndis_filter_device_add(dev, device_info); - if (IS_ERR(nvdev)) { - ret = PTR_ERR(nvdev); - netdev_err(net, "unable to add netvsc device (ret %d)\n", ret); - goto rndis_failed; - } - - eth_hw_addr_set(net, device_info->mac_adr); - /* We must get rtnl lock before scheduling nvdev->subchan_work, * otherwise netvsc_subchan_work() can get rtnl lock first and wait * all subchannels to show up, but that may not happen because @@ -2547,9 +2538,23 @@ static int netvsc_probe(struct hv_device *dev, * -> ... -> device_add() -> ... -> __device_attach() can't get * the device lock, so all the subchannels can't be processed -- * finally netvsc_subchan_work() hangs forever. + * + * The rtnl lock also needs to be held before rndis_filter_device_add() + * which advertises nvsp_2_vsc_capability / sriov bit, and triggers + * VF NIC offering and registering. If VF NIC finished register_netdev() + * earlier it may cause name based config failure. */ rtnl_lock(); + nvdev = rndis_filter_device_add(dev, device_info); + if (IS_ERR(nvdev)) { + ret = PTR_ERR(nvdev); + netdev_err(net, "unable to add netvsc device (ret %d)\n", ret); + goto rndis_failed; + } + + eth_hw_addr_set(net, device_info->mac_adr); + if (nvdev->num_chn > 1) schedule_work(&nvdev->subchan_work); @@ -2586,9 +2591,9 @@ static int netvsc_probe(struct hv_device *dev, return 0; register_failed: - rtnl_unlock(); rndis_filter_device_remove(dev, nvdev); rndis_failed: + rtnl_unlock(); netvsc_devinfo_put(device_info); devinfo_failed: free_percpu(net_device_ctx->vf_stats); -- 2.25.1

1 year, 7 months

3
2
0 0

[PATCH] Revert "i2c: pxa: move to generic GPIO recovery"

by Robert Marko

This reverts commit 0b01392c18b9993a584f36ace1d61118772ad0ca. Conversion of PXA to generic I2C recovery, makes the I2C bus completely lock up if recovery pinctrl is present in the DT and I2C recovery is enabled. So, until the generic I2C recovery can also work with PXA lets revert to have working I2C and I2C recovery again. Signed-off-by: Robert Marko <robert.marko(a)sartura.hr> Cc: stable(a)vger.kernel.org # 5.11+ --- drivers/i2c/busses/i2c-pxa.c | 76 ++++++++++++++++++++++++++++++++---- 1 file changed, 68 insertions(+), 8 deletions(-) diff --git a/drivers/i2c/busses/i2c-pxa.c b/drivers/i2c/busses/i2c-pxa.c index 1d7648242749..76f79b68cef8 100644 --- a/drivers/i2c/busses/i2c-pxa.c +++ b/drivers/i2c/busses/i2c-pxa.c @@ -265,6 +265,9 @@ struct pxa_i2c { u32 hs_mask; struct i2c_bus_recovery_info recovery; + struct pinctrl *pinctrl; + struct pinctrl_state *pinctrl_default; + struct pinctrl_state *pinctrl_recovery; }; #define _IBMR(i2c) ((i2c)->reg_ibmr) @@ -1299,12 +1302,13 @@ static void i2c_pxa_prepare_recovery(struct i2c_adapter *adap) */ gpiod_set_value(i2c->recovery.scl_gpiod, ibmr & IBMR_SCLS); gpiod_set_value(i2c->recovery.sda_gpiod, ibmr & IBMR_SDAS); + + WARN_ON(pinctrl_select_state(i2c->pinctrl, i2c->pinctrl_recovery)); } static void i2c_pxa_unprepare_recovery(struct i2c_adapter *adap) { struct pxa_i2c *i2c = adap->algo_data; - struct i2c_bus_recovery_info *bri = adap->bus_recovery_info; u32 isr; /* @@ -1318,7 +1322,7 @@ static void i2c_pxa_unprepare_recovery(struct i2c_adapter *adap) i2c_pxa_do_reset(i2c); } - WARN_ON(pinctrl_select_state(bri->pinctrl, bri->pins_default)); + WARN_ON(pinctrl_select_state(i2c->pinctrl, i2c->pinctrl_default)); dev_dbg(&i2c->adap.dev, "recovery: IBMR 0x%08x ISR 0x%08x\n", readl(_IBMR(i2c)), readl(_ISR(i2c))); @@ -1340,20 +1344,76 @@ static int i2c_pxa_init_recovery(struct pxa_i2c *i2c) if (IS_ENABLED(CONFIG_I2C_PXA_SLAVE)) return 0; - bri->pinctrl = devm_pinctrl_get(dev); - if (PTR_ERR(bri->pinctrl) == -ENODEV) { - bri->pinctrl = NULL; + i2c->pinctrl = devm_pinctrl_get(dev); + if (PTR_ERR(i2c->pinctrl) == -ENODEV) + i2c->pinctrl = NULL; + if (IS_ERR(i2c->pinctrl)) + return PTR_ERR(i2c->pinctrl); + + if (!i2c->pinctrl) + return 0; + + i2c->pinctrl_default = pinctrl_lookup_state(i2c->pinctrl, + PINCTRL_STATE_DEFAULT); + i2c->pinctrl_recovery = pinctrl_lookup_state(i2c->pinctrl, "recovery"); + + if (IS_ERR(i2c->pinctrl_default) || IS_ERR(i2c->pinctrl_recovery)) { + dev_info(dev, "missing pinmux recovery information: %ld %ld\n", + PTR_ERR(i2c->pinctrl_default), + PTR_ERR(i2c->pinctrl_recovery)); + return 0; + } + + /* + * Claiming GPIOs can influence the pinmux state, and may glitch the + * I2C bus. Do this carefully. + */ + bri->scl_gpiod = devm_gpiod_get(dev, "scl", GPIOD_OUT_HIGH_OPEN_DRAIN); + if (bri->scl_gpiod == ERR_PTR(-EPROBE_DEFER)) + return -EPROBE_DEFER; + if (IS_ERR(bri->scl_gpiod)) { + dev_info(dev, "missing scl gpio recovery information: %pe\n", + bri->scl_gpiod); + return 0; + } + + /* + * We have SCL. Pull SCL low and wait a bit so that SDA glitches + * have no effect. + */ + gpiod_direction_output(bri->scl_gpiod, 0); + udelay(10); + bri->sda_gpiod = devm_gpiod_get(dev, "sda", GPIOD_OUT_HIGH_OPEN_DRAIN); + + /* Wait a bit in case of a SDA glitch, and then release SCL. */ + udelay(10); + gpiod_direction_output(bri->scl_gpiod, 1); + + if (bri->sda_gpiod == ERR_PTR(-EPROBE_DEFER)) + return -EPROBE_DEFER; + + if (IS_ERR(bri->sda_gpiod)) { + dev_info(dev, "missing sda gpio recovery information: %pe\n", + bri->sda_gpiod); return 0; } - if (IS_ERR(bri->pinctrl)) - return PTR_ERR(bri->pinctrl); bri->prepare_recovery = i2c_pxa_prepare_recovery; bri->unprepare_recovery = i2c_pxa_unprepare_recovery; + bri->recover_bus = i2c_generic_scl_recovery; i2c->adap.bus_recovery_info = bri; - return 0; + /* + * Claiming GPIOs can change the pinmux state, which confuses the + * pinctrl since pinctrl's idea of the current setting is unaffected + * by the pinmux change caused by claiming the GPIO. Work around that + * by switching pinctrl to the GPIO state here. We do it this way to + * avoid glitching the I2C bus. + */ + pinctrl_select_state(i2c->pinctrl, i2c->pinctrl_recovery); + + return pinctrl_select_state(i2c->pinctrl, i2c->pinctrl_default); } static int i2c_pxa_probe(struct platform_device *dev) -- 2.41.0

1 year, 7 months

5
4
0 0

Backport f79936545fb12 ("x86/sev-es: Allow copy_from_kernel_nofault() in earlier boot")

by Adam Dunlap

commit f79936545fb122856bd78b189d3c7ee59928c751 upstream. This patch fixes a boot failure that happens with VMs running with SEV-ES or SEV-SNP when the guest kernel is compiled with a gcc version past 12.3 (or possibly earlier) due to undefined behavior. As far as I know, the UB has existed ever since SEV-ES guest support was merged in (I believe 5.9), but only started causing boot failures with the updated compiler. Thus, I propose backporting this patch to stable branches since 5.9.

1 year, 7 months

2
1
0 0

[PATCH AUTOSEL 4.19] i2c: dev: copy userspace array safely

by Sasha Levin

From: Philipp Stanner <pstanner(a)redhat.com> [ Upstream commit cc9c54232f04aef3a5d7f64a0ece7df00f1aaa3d ] i2c-dev.c utilizes memdup_user() to copy a userspace array. This is done without an overflow check. Use the new wrapper memdup_array_user() to copy the array more safely. Suggested-by: Dave Airlie <airlied(a)redhat.com> Signed-off-by: Philipp Stanner <pstanner(a)redhat.com> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i2c/i2c-dev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/i2c/i2c-dev.c b/drivers/i2c/i2c-dev.c index 140dd074fdee5..e4c8d029d73c0 100644 --- a/drivers/i2c/i2c-dev.c +++ b/drivers/i2c/i2c-dev.c @@ -459,8 +459,8 @@ static long i2cdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg) if (rdwr_arg.nmsgs > I2C_RDWR_IOCTL_MAX_MSGS) return -EINVAL; - rdwr_pa = memdup_user(rdwr_arg.msgs, - rdwr_arg.nmsgs * sizeof(struct i2c_msg)); + rdwr_pa = memdup_array_user(rdwr_arg.msgs, + rdwr_arg.nmsgs, sizeof(struct i2c_msg)); if (IS_ERR(rdwr_pa)) return PTR_ERR(rdwr_pa); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 5.4] i2c: dev: copy userspace array safely

by Sasha Levin

From: Philipp Stanner <pstanner(a)redhat.com> [ Upstream commit cc9c54232f04aef3a5d7f64a0ece7df00f1aaa3d ] i2c-dev.c utilizes memdup_user() to copy a userspace array. This is done without an overflow check. Use the new wrapper memdup_array_user() to copy the array more safely. Suggested-by: Dave Airlie <airlied(a)redhat.com> Signed-off-by: Philipp Stanner <pstanner(a)redhat.com> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i2c/i2c-dev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/i2c/i2c-dev.c b/drivers/i2c/i2c-dev.c index 7da6ca26a5f56..5669c8b56b264 100644 --- a/drivers/i2c/i2c-dev.c +++ b/drivers/i2c/i2c-dev.c @@ -451,8 +451,8 @@ static long i2cdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg) if (rdwr_arg.nmsgs > I2C_RDWR_IOCTL_MAX_MSGS) return -EINVAL; - rdwr_pa = memdup_user(rdwr_arg.msgs, - rdwr_arg.nmsgs * sizeof(struct i2c_msg)); + rdwr_pa = memdup_array_user(rdwr_arg.msgs, + rdwr_arg.nmsgs, sizeof(struct i2c_msg)); if (IS_ERR(rdwr_pa)) return PTR_ERR(rdwr_pa); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 5.10] i2c: dev: copy userspace array safely

by Sasha Levin

From: Philipp Stanner <pstanner(a)redhat.com> [ Upstream commit cc9c54232f04aef3a5d7f64a0ece7df00f1aaa3d ] i2c-dev.c utilizes memdup_user() to copy a userspace array. This is done without an overflow check. Use the new wrapper memdup_array_user() to copy the array more safely. Suggested-by: Dave Airlie <airlied(a)redhat.com> Signed-off-by: Philipp Stanner <pstanner(a)redhat.com> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i2c/i2c-dev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/i2c/i2c-dev.c b/drivers/i2c/i2c-dev.c index dafad891998ec..eef58daf1f013 100644 --- a/drivers/i2c/i2c-dev.c +++ b/drivers/i2c/i2c-dev.c @@ -451,8 +451,8 @@ static long i2cdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg) if (rdwr_arg.nmsgs > I2C_RDWR_IOCTL_MAX_MSGS) return -EINVAL; - rdwr_pa = memdup_user(rdwr_arg.msgs, - rdwr_arg.nmsgs * sizeof(struct i2c_msg)); + rdwr_pa = memdup_array_user(rdwr_arg.msgs, + rdwr_arg.nmsgs, sizeof(struct i2c_msg)); if (IS_ERR(rdwr_pa)) return PTR_ERR(rdwr_pa); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 5.15] i2c: dev: copy userspace array safely

by Sasha Levin

From: Philipp Stanner <pstanner(a)redhat.com> [ Upstream commit cc9c54232f04aef3a5d7f64a0ece7df00f1aaa3d ] i2c-dev.c utilizes memdup_user() to copy a userspace array. This is done without an overflow check. Use the new wrapper memdup_array_user() to copy the array more safely. Suggested-by: Dave Airlie <airlied(a)redhat.com> Signed-off-by: Philipp Stanner <pstanner(a)redhat.com> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i2c/i2c-dev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/i2c/i2c-dev.c b/drivers/i2c/i2c-dev.c index 6fd2b6718b086..9fefceb3a95d4 100644 --- a/drivers/i2c/i2c-dev.c +++ b/drivers/i2c/i2c-dev.c @@ -450,8 +450,8 @@ static long i2cdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg) if (rdwr_arg.nmsgs > I2C_RDWR_IOCTL_MAX_MSGS) return -EINVAL; - rdwr_pa = memdup_user(rdwr_arg.msgs, - rdwr_arg.nmsgs * sizeof(struct i2c_msg)); + rdwr_pa = memdup_array_user(rdwr_arg.msgs, + rdwr_arg.nmsgs, sizeof(struct i2c_msg)); if (IS_ERR(rdwr_pa)) return PTR_ERR(rdwr_pa); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 6.1] i2c: dev: copy userspace array safely

by Sasha Levin

From: Philipp Stanner <pstanner(a)redhat.com> [ Upstream commit cc9c54232f04aef3a5d7f64a0ece7df00f1aaa3d ] i2c-dev.c utilizes memdup_user() to copy a userspace array. This is done without an overflow check. Use the new wrapper memdup_array_user() to copy the array more safely. Suggested-by: Dave Airlie <airlied(a)redhat.com> Signed-off-by: Philipp Stanner <pstanner(a)redhat.com> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i2c/i2c-dev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/i2c/i2c-dev.c b/drivers/i2c/i2c-dev.c index ab0adaa130dae..dd35f341b16fd 100644 --- a/drivers/i2c/i2c-dev.c +++ b/drivers/i2c/i2c-dev.c @@ -450,8 +450,8 @@ static long i2cdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg) if (rdwr_arg.nmsgs > I2C_RDWR_IOCTL_MAX_MSGS) return -EINVAL; - rdwr_pa = memdup_user(rdwr_arg.msgs, - rdwr_arg.nmsgs * sizeof(struct i2c_msg)); + rdwr_pa = memdup_array_user(rdwr_arg.msgs, + rdwr_arg.nmsgs, sizeof(struct i2c_msg)); if (IS_ERR(rdwr_pa)) return PTR_ERR(rdwr_pa); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 6.5] i2c: dev: copy userspace array safely

by Sasha Levin

From: Philipp Stanner <pstanner(a)redhat.com> [ Upstream commit cc9c54232f04aef3a5d7f64a0ece7df00f1aaa3d ] i2c-dev.c utilizes memdup_user() to copy a userspace array. This is done without an overflow check. Use the new wrapper memdup_array_user() to copy the array more safely. Suggested-by: Dave Airlie <airlied(a)redhat.com> Signed-off-by: Philipp Stanner <pstanner(a)redhat.com> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i2c/i2c-dev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/i2c/i2c-dev.c b/drivers/i2c/i2c-dev.c index a01b59e3599b5..7d337380a05d9 100644 --- a/drivers/i2c/i2c-dev.c +++ b/drivers/i2c/i2c-dev.c @@ -450,8 +450,8 @@ static long i2cdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg) if (rdwr_arg.nmsgs > I2C_RDWR_IOCTL_MAX_MSGS) return -EINVAL; - rdwr_pa = memdup_user(rdwr_arg.msgs, - rdwr_arg.nmsgs * sizeof(struct i2c_msg)); + rdwr_pa = memdup_array_user(rdwr_arg.msgs, + rdwr_arg.nmsgs, sizeof(struct i2c_msg)); if (IS_ERR(rdwr_pa)) return PTR_ERR(rdwr_pa); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 6.6] i2c: dev: copy userspace array safely

by Sasha Levin

From: Philipp Stanner <pstanner(a)redhat.com> [ Upstream commit cc9c54232f04aef3a5d7f64a0ece7df00f1aaa3d ] i2c-dev.c utilizes memdup_user() to copy a userspace array. This is done without an overflow check. Use the new wrapper memdup_array_user() to copy the array more safely. Suggested-by: Dave Airlie <airlied(a)redhat.com> Signed-off-by: Philipp Stanner <pstanner(a)redhat.com> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i2c/i2c-dev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/i2c/i2c-dev.c b/drivers/i2c/i2c-dev.c index a01b59e3599b5..7d337380a05d9 100644 --- a/drivers/i2c/i2c-dev.c +++ b/drivers/i2c/i2c-dev.c @@ -450,8 +450,8 @@ static long i2cdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg) if (rdwr_arg.nmsgs > I2C_RDWR_IOCTL_MAX_MSGS) return -EINVAL; - rdwr_pa = memdup_user(rdwr_arg.msgs, - rdwr_arg.nmsgs * sizeof(struct i2c_msg)); + rdwr_pa = memdup_array_user(rdwr_arg.msgs, + rdwr_arg.nmsgs, sizeof(struct i2c_msg)); if (IS_ERR(rdwr_pa)) return PTR_ERR(rdwr_pa); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 5.4] kgdb: Flush console before entering kgdb on panic

by Sasha Levin

From: Douglas Anderson <dianders(a)chromium.org> [ Upstream commit dd712d3d45807db9fcae28a522deee85c1f2fde6 ] When entering kdb/kgdb on a kernel panic, it was be observed that the console isn't flushed before the `kdb` prompt came up. Specifically, when using the buddy lockup detector on arm64 and running: echo HARDLOCKUP > /sys/kernel/debug/provoke-crash/DIRECT I could see: [ 26.161099] lkdtm: Performing direct entry HARDLOCKUP [ 32.499881] watchdog: Watchdog detected hard LOCKUP on cpu 6 [ 32.552865] Sending NMI from CPU 5 to CPUs 6: [ 32.557359] NMI backtrace for cpu 6 ... [backtrace for cpu 6] ... [ 32.558353] NMI backtrace for cpu 5 ... [backtrace for cpu 5] ... [ 32.867471] Sending NMI from CPU 5 to CPUs 0-4,7: [ 32.872321] NMI backtrace forP cpuANC: Hard LOCKUP Entering kdb (current=..., pid 0) on processor 5 due to Keyboard Entry [5]kdb> As you can see, backtraces for the other CPUs start printing and get interleaved with the kdb PANIC print. Let's replicate the commands to flush the console in the kdb panic entry point to avoid this. Signed-off-by: Douglas Anderson <dianders(a)chromium.org> Link: https://lore.kernel.org/r/20230822131945.1.I5b460ae8f954e4c4f628a373d6e7471… Signed-off-by: Daniel Thompson <daniel.thompson(a)linaro.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- kernel/debug/debug_core.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/debug/debug_core.c b/kernel/debug/debug_core.c index f88611fadb195..1ab2e97034868 100644 --- a/kernel/debug/debug_core.c +++ b/kernel/debug/debug_core.c @@ -945,6 +945,9 @@ void kgdb_panic(const char *msg) if (panic_timeout) return; + debug_locks_off(); + console_flush_on_panic(CONSOLE_FLUSH_PENDING); + if (dbg_kdb_mode) kdb_printf("PANIC: %s\n", msg); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 5.10] kgdb: Flush console before entering kgdb on panic

by Sasha Levin

From: Douglas Anderson <dianders(a)chromium.org> [ Upstream commit dd712d3d45807db9fcae28a522deee85c1f2fde6 ] When entering kdb/kgdb on a kernel panic, it was be observed that the console isn't flushed before the `kdb` prompt came up. Specifically, when using the buddy lockup detector on arm64 and running: echo HARDLOCKUP > /sys/kernel/debug/provoke-crash/DIRECT I could see: [ 26.161099] lkdtm: Performing direct entry HARDLOCKUP [ 32.499881] watchdog: Watchdog detected hard LOCKUP on cpu 6 [ 32.552865] Sending NMI from CPU 5 to CPUs 6: [ 32.557359] NMI backtrace for cpu 6 ... [backtrace for cpu 6] ... [ 32.558353] NMI backtrace for cpu 5 ... [backtrace for cpu 5] ... [ 32.867471] Sending NMI from CPU 5 to CPUs 0-4,7: [ 32.872321] NMI backtrace forP cpuANC: Hard LOCKUP Entering kdb (current=..., pid 0) on processor 5 due to Keyboard Entry [5]kdb> As you can see, backtraces for the other CPUs start printing and get interleaved with the kdb PANIC print. Let's replicate the commands to flush the console in the kdb panic entry point to avoid this. Signed-off-by: Douglas Anderson <dianders(a)chromium.org> Link: https://lore.kernel.org/r/20230822131945.1.I5b460ae8f954e4c4f628a373d6e7471… Signed-off-by: Daniel Thompson <daniel.thompson(a)linaro.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- kernel/debug/debug_core.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/debug/debug_core.c b/kernel/debug/debug_core.c index 0f31b22abe8d9..ef54254a5dd13 100644 --- a/kernel/debug/debug_core.c +++ b/kernel/debug/debug_core.c @@ -1022,6 +1022,9 @@ void kgdb_panic(const char *msg) if (panic_timeout) return; + debug_locks_off(); + console_flush_on_panic(CONSOLE_FLUSH_PENDING); + if (dbg_kdb_mode) kdb_printf("PANIC: %s\n", msg); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 5.15] kgdb: Flush console before entering kgdb on panic

by Sasha Levin

From: Douglas Anderson <dianders(a)chromium.org> [ Upstream commit dd712d3d45807db9fcae28a522deee85c1f2fde6 ] When entering kdb/kgdb on a kernel panic, it was be observed that the console isn't flushed before the `kdb` prompt came up. Specifically, when using the buddy lockup detector on arm64 and running: echo HARDLOCKUP > /sys/kernel/debug/provoke-crash/DIRECT I could see: [ 26.161099] lkdtm: Performing direct entry HARDLOCKUP [ 32.499881] watchdog: Watchdog detected hard LOCKUP on cpu 6 [ 32.552865] Sending NMI from CPU 5 to CPUs 6: [ 32.557359] NMI backtrace for cpu 6 ... [backtrace for cpu 6] ... [ 32.558353] NMI backtrace for cpu 5 ... [backtrace for cpu 5] ... [ 32.867471] Sending NMI from CPU 5 to CPUs 0-4,7: [ 32.872321] NMI backtrace forP cpuANC: Hard LOCKUP Entering kdb (current=..., pid 0) on processor 5 due to Keyboard Entry [5]kdb> As you can see, backtraces for the other CPUs start printing and get interleaved with the kdb PANIC print. Let's replicate the commands to flush the console in the kdb panic entry point to avoid this. Signed-off-by: Douglas Anderson <dianders(a)chromium.org> Link: https://lore.kernel.org/r/20230822131945.1.I5b460ae8f954e4c4f628a373d6e7471… Signed-off-by: Daniel Thompson <daniel.thompson(a)linaro.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- kernel/debug/debug_core.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/debug/debug_core.c b/kernel/debug/debug_core.c index 7beceb447211d..f40ca4f09afce 100644 --- a/kernel/debug/debug_core.c +++ b/kernel/debug/debug_core.c @@ -1018,6 +1018,9 @@ void kgdb_panic(const char *msg) if (panic_timeout) return; + debug_locks_off(); + console_flush_on_panic(CONSOLE_FLUSH_PENDING); + if (dbg_kdb_mode) kdb_printf("PANIC: %s\n", msg); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 6.1] kgdb: Flush console before entering kgdb on panic

by Sasha Levin

From: Douglas Anderson <dianders(a)chromium.org> [ Upstream commit dd712d3d45807db9fcae28a522deee85c1f2fde6 ] When entering kdb/kgdb on a kernel panic, it was be observed that the console isn't flushed before the `kdb` prompt came up. Specifically, when using the buddy lockup detector on arm64 and running: echo HARDLOCKUP > /sys/kernel/debug/provoke-crash/DIRECT I could see: [ 26.161099] lkdtm: Performing direct entry HARDLOCKUP [ 32.499881] watchdog: Watchdog detected hard LOCKUP on cpu 6 [ 32.552865] Sending NMI from CPU 5 to CPUs 6: [ 32.557359] NMI backtrace for cpu 6 ... [backtrace for cpu 6] ... [ 32.558353] NMI backtrace for cpu 5 ... [backtrace for cpu 5] ... [ 32.867471] Sending NMI from CPU 5 to CPUs 0-4,7: [ 32.872321] NMI backtrace forP cpuANC: Hard LOCKUP Entering kdb (current=..., pid 0) on processor 5 due to Keyboard Entry [5]kdb> As you can see, backtraces for the other CPUs start printing and get interleaved with the kdb PANIC print. Let's replicate the commands to flush the console in the kdb panic entry point to avoid this. Signed-off-by: Douglas Anderson <dianders(a)chromium.org> Link: https://lore.kernel.org/r/20230822131945.1.I5b460ae8f954e4c4f628a373d6e7471… Signed-off-by: Daniel Thompson <daniel.thompson(a)linaro.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- kernel/debug/debug_core.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/debug/debug_core.c b/kernel/debug/debug_core.c index d5e9ccde3ab8e..3a904d8697c8f 100644 --- a/kernel/debug/debug_core.c +++ b/kernel/debug/debug_core.c @@ -1006,6 +1006,9 @@ void kgdb_panic(const char *msg) if (panic_timeout) return; + debug_locks_off(); + console_flush_on_panic(CONSOLE_FLUSH_PENDING); + if (dbg_kdb_mode) kdb_printf("PANIC: %s\n", msg); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 6.5 1/2] kgdb: Flush console before entering kgdb on panic

by Sasha Levin

From: Douglas Anderson <dianders(a)chromium.org> [ Upstream commit dd712d3d45807db9fcae28a522deee85c1f2fde6 ] When entering kdb/kgdb on a kernel panic, it was be observed that the console isn't flushed before the `kdb` prompt came up. Specifically, when using the buddy lockup detector on arm64 and running: echo HARDLOCKUP > /sys/kernel/debug/provoke-crash/DIRECT I could see: [ 26.161099] lkdtm: Performing direct entry HARDLOCKUP [ 32.499881] watchdog: Watchdog detected hard LOCKUP on cpu 6 [ 32.552865] Sending NMI from CPU 5 to CPUs 6: [ 32.557359] NMI backtrace for cpu 6 ... [backtrace for cpu 6] ... [ 32.558353] NMI backtrace for cpu 5 ... [backtrace for cpu 5] ... [ 32.867471] Sending NMI from CPU 5 to CPUs 0-4,7: [ 32.872321] NMI backtrace forP cpuANC: Hard LOCKUP Entering kdb (current=..., pid 0) on processor 5 due to Keyboard Entry [5]kdb> As you can see, backtraces for the other CPUs start printing and get interleaved with the kdb PANIC print. Let's replicate the commands to flush the console in the kdb panic entry point to avoid this. Signed-off-by: Douglas Anderson <dianders(a)chromium.org> Link: https://lore.kernel.org/r/20230822131945.1.I5b460ae8f954e4c4f628a373d6e7471… Signed-off-by: Daniel Thompson <daniel.thompson(a)linaro.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- kernel/debug/debug_core.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/debug/debug_core.c b/kernel/debug/debug_core.c index d5e9ccde3ab8e..3a904d8697c8f 100644 --- a/kernel/debug/debug_core.c +++ b/kernel/debug/debug_core.c @@ -1006,6 +1006,9 @@ void kgdb_panic(const char *msg) if (panic_timeout) return; + debug_locks_off(); + console_flush_on_panic(CONSOLE_FLUSH_PENDING); + if (dbg_kdb_mode) kdb_printf("PANIC: %s\n", msg); -- 2.42.0

1 year, 7 months

1
1
0 0

[PATCH AUTOSEL 6.6 1/2] kgdb: Flush console before entering kgdb on panic

by Sasha Levin

From: Douglas Anderson <dianders(a)chromium.org> [ Upstream commit dd712d3d45807db9fcae28a522deee85c1f2fde6 ] When entering kdb/kgdb on a kernel panic, it was be observed that the console isn't flushed before the `kdb` prompt came up. Specifically, when using the buddy lockup detector on arm64 and running: echo HARDLOCKUP > /sys/kernel/debug/provoke-crash/DIRECT I could see: [ 26.161099] lkdtm: Performing direct entry HARDLOCKUP [ 32.499881] watchdog: Watchdog detected hard LOCKUP on cpu 6 [ 32.552865] Sending NMI from CPU 5 to CPUs 6: [ 32.557359] NMI backtrace for cpu 6 ... [backtrace for cpu 6] ... [ 32.558353] NMI backtrace for cpu 5 ... [backtrace for cpu 5] ... [ 32.867471] Sending NMI from CPU 5 to CPUs 0-4,7: [ 32.872321] NMI backtrace forP cpuANC: Hard LOCKUP Entering kdb (current=..., pid 0) on processor 5 due to Keyboard Entry [5]kdb> As you can see, backtraces for the other CPUs start printing and get interleaved with the kdb PANIC print. Let's replicate the commands to flush the console in the kdb panic entry point to avoid this. Signed-off-by: Douglas Anderson <dianders(a)chromium.org> Link: https://lore.kernel.org/r/20230822131945.1.I5b460ae8f954e4c4f628a373d6e7471… Signed-off-by: Daniel Thompson <daniel.thompson(a)linaro.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- kernel/debug/debug_core.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/debug/debug_core.c b/kernel/debug/debug_core.c index 621037a0aa870..ce1bb2301c061 100644 --- a/kernel/debug/debug_core.c +++ b/kernel/debug/debug_core.c @@ -1006,6 +1006,9 @@ void kgdb_panic(const char *msg) if (panic_timeout) return; + debug_locks_off(); + console_flush_on_panic(CONSOLE_FLUSH_PENDING); + if (dbg_kdb_mode) kdb_printf("PANIC: %s\n", msg); -- 2.42.0

1 year, 7 months

1
1
0 0

[PATCH AUTOSEL 4.14 1/4] media: gspca: cpia1: shift-out-of-bounds in set_flicker

by Sasha Levin

From: Rajeshwar R Shinde <coolrrsh(a)gmail.com> [ Upstream commit 099be1822d1f095433f4b08af9cc9d6308ec1953 ] Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the value of the variable "sd->params.exposure.gain" exceeds the number of bits in an integer, a shift-out-of-bounds error is reported. It is triggered because the variable "currentexp" cannot be left-shifted by more than the number of bits in an integer. In order to avoid invalid range during left-shift, the conditional expression is added. Reported-by: syzbot+e27f3dbdab04e43b9f73(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/20230818164522.12806-1-coolrrsh@gmail.com Link: https://syzkaller.appspot.com/bug?extid=e27f3dbdab04e43b9f73 Signed-off-by: Rajeshwar R Shinde <coolrrsh(a)gmail.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/media/usb/gspca/cpia1.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/media/usb/gspca/cpia1.c b/drivers/media/usb/gspca/cpia1.c index e91d00762e94b..bf34479a87cc5 100644 --- a/drivers/media/usb/gspca/cpia1.c +++ b/drivers/media/usb/gspca/cpia1.c @@ -28,6 +28,7 @@ #include <linux/input.h> #include <linux/sched/signal.h> +#include <linux/bitops.h> #include "gspca.h" @@ -1032,6 +1033,8 @@ static int set_flicker(struct gspca_dev *gspca_dev, int on, int apply) sd->params.exposure.expMode = 2; sd->exposure_status = EXPOSURE_NORMAL; } + if (sd->params.exposure.gain >= BITS_PER_TYPE(currentexp)) + return -EINVAL; currentexp = currentexp << sd->params.exposure.gain; sd->params.exposure.gain = 0; /* round down current exposure to nearest value */ -- 2.42.0

1 year, 7 months

1
3
0 0

[PATCH AUTOSEL 4.19 1/5] media: gspca: cpia1: shift-out-of-bounds in set_flicker

by Sasha Levin

From: Rajeshwar R Shinde <coolrrsh(a)gmail.com> [ Upstream commit 099be1822d1f095433f4b08af9cc9d6308ec1953 ] Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the value of the variable "sd->params.exposure.gain" exceeds the number of bits in an integer, a shift-out-of-bounds error is reported. It is triggered because the variable "currentexp" cannot be left-shifted by more than the number of bits in an integer. In order to avoid invalid range during left-shift, the conditional expression is added. Reported-by: syzbot+e27f3dbdab04e43b9f73(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/20230818164522.12806-1-coolrrsh@gmail.com Link: https://syzkaller.appspot.com/bug?extid=e27f3dbdab04e43b9f73 Signed-off-by: Rajeshwar R Shinde <coolrrsh(a)gmail.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/media/usb/gspca/cpia1.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/media/usb/gspca/cpia1.c b/drivers/media/usb/gspca/cpia1.c index 2b09af8865f40..5e785343528cc 100644 --- a/drivers/media/usb/gspca/cpia1.c +++ b/drivers/media/usb/gspca/cpia1.c @@ -28,6 +28,7 @@ #include <linux/input.h> #include <linux/sched/signal.h> +#include <linux/bitops.h> #include "gspca.h" @@ -1033,6 +1034,8 @@ static int set_flicker(struct gspca_dev *gspca_dev, int on, int apply) sd->params.exposure.expMode = 2; sd->exposure_status = EXPOSURE_NORMAL; } + if (sd->params.exposure.gain >= BITS_PER_TYPE(currentexp)) + return -EINVAL; currentexp = currentexp << sd->params.exposure.gain; sd->params.exposure.gain = 0; /* round down current exposure to nearest value */ -- 2.42.0

1 year, 7 months

1
4
0 0

[PATCH AUTOSEL 5.4 1/6] media: gspca: cpia1: shift-out-of-bounds in set_flicker

by Sasha Levin

From: Rajeshwar R Shinde <coolrrsh(a)gmail.com> [ Upstream commit 099be1822d1f095433f4b08af9cc9d6308ec1953 ] Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the value of the variable "sd->params.exposure.gain" exceeds the number of bits in an integer, a shift-out-of-bounds error is reported. It is triggered because the variable "currentexp" cannot be left-shifted by more than the number of bits in an integer. In order to avoid invalid range during left-shift, the conditional expression is added. Reported-by: syzbot+e27f3dbdab04e43b9f73(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/20230818164522.12806-1-coolrrsh@gmail.com Link: https://syzkaller.appspot.com/bug?extid=e27f3dbdab04e43b9f73 Signed-off-by: Rajeshwar R Shinde <coolrrsh(a)gmail.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/media/usb/gspca/cpia1.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/media/usb/gspca/cpia1.c b/drivers/media/usb/gspca/cpia1.c index d93d384286c16..de945e13c7c6b 100644 --- a/drivers/media/usb/gspca/cpia1.c +++ b/drivers/media/usb/gspca/cpia1.c @@ -18,6 +18,7 @@ #include <linux/input.h> #include <linux/sched/signal.h> +#include <linux/bitops.h> #include "gspca.h" @@ -1027,6 +1028,8 @@ static int set_flicker(struct gspca_dev *gspca_dev, int on, int apply) sd->params.exposure.expMode = 2; sd->exposure_status = EXPOSURE_NORMAL; } + if (sd->params.exposure.gain >= BITS_PER_TYPE(currentexp)) + return -EINVAL; currentexp = currentexp << sd->params.exposure.gain; sd->params.exposure.gain = 0; /* round down current exposure to nearest value */ -- 2.42.0

1 year, 7 months

1
5
0 0

[PATCH AUTOSEL 5.10 1/8] media: gspca: cpia1: shift-out-of-bounds in set_flicker

by Sasha Levin

From: Rajeshwar R Shinde <coolrrsh(a)gmail.com> [ Upstream commit 099be1822d1f095433f4b08af9cc9d6308ec1953 ] Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the value of the variable "sd->params.exposure.gain" exceeds the number of bits in an integer, a shift-out-of-bounds error is reported. It is triggered because the variable "currentexp" cannot be left-shifted by more than the number of bits in an integer. In order to avoid invalid range during left-shift, the conditional expression is added. Reported-by: syzbot+e27f3dbdab04e43b9f73(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/20230818164522.12806-1-coolrrsh@gmail.com Link: https://syzkaller.appspot.com/bug?extid=e27f3dbdab04e43b9f73 Signed-off-by: Rajeshwar R Shinde <coolrrsh(a)gmail.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/media/usb/gspca/cpia1.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/media/usb/gspca/cpia1.c b/drivers/media/usb/gspca/cpia1.c index d93d384286c16..de945e13c7c6b 100644 --- a/drivers/media/usb/gspca/cpia1.c +++ b/drivers/media/usb/gspca/cpia1.c @@ -18,6 +18,7 @@ #include <linux/input.h> #include <linux/sched/signal.h> +#include <linux/bitops.h> #include "gspca.h" @@ -1027,6 +1028,8 @@ static int set_flicker(struct gspca_dev *gspca_dev, int on, int apply) sd->params.exposure.expMode = 2; sd->exposure_status = EXPOSURE_NORMAL; } + if (sd->params.exposure.gain >= BITS_PER_TYPE(currentexp)) + return -EINVAL; currentexp = currentexp << sd->params.exposure.gain; sd->params.exposure.gain = 0; /* round down current exposure to nearest value */ -- 2.42.0

1 year, 7 months

1
7
0 0

[PATCH AUTOSEL 5.15 1/9] media: gspca: cpia1: shift-out-of-bounds in set_flicker

by Sasha Levin

From: Rajeshwar R Shinde <coolrrsh(a)gmail.com> [ Upstream commit 099be1822d1f095433f4b08af9cc9d6308ec1953 ] Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the value of the variable "sd->params.exposure.gain" exceeds the number of bits in an integer, a shift-out-of-bounds error is reported. It is triggered because the variable "currentexp" cannot be left-shifted by more than the number of bits in an integer. In order to avoid invalid range during left-shift, the conditional expression is added. Reported-by: syzbot+e27f3dbdab04e43b9f73(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/20230818164522.12806-1-coolrrsh@gmail.com Link: https://syzkaller.appspot.com/bug?extid=e27f3dbdab04e43b9f73 Signed-off-by: Rajeshwar R Shinde <coolrrsh(a)gmail.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/media/usb/gspca/cpia1.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/media/usb/gspca/cpia1.c b/drivers/media/usb/gspca/cpia1.c index 46ed95483e222..5f5fa851ca640 100644 --- a/drivers/media/usb/gspca/cpia1.c +++ b/drivers/media/usb/gspca/cpia1.c @@ -18,6 +18,7 @@ #include <linux/input.h> #include <linux/sched/signal.h> +#include <linux/bitops.h> #include "gspca.h" @@ -1028,6 +1029,8 @@ static int set_flicker(struct gspca_dev *gspca_dev, int on, int apply) sd->params.exposure.expMode = 2; sd->exposure_status = EXPOSURE_NORMAL; } + if (sd->params.exposure.gain >= BITS_PER_TYPE(currentexp)) + return -EINVAL; currentexp = currentexp << sd->params.exposure.gain; sd->params.exposure.gain = 0; /* round down current exposure to nearest value */ -- 2.42.0

1 year, 7 months

1
8
0 0

[PATCH AUTOSEL 6.1 1/9] media: gspca: cpia1: shift-out-of-bounds in set_flicker

by Sasha Levin

From: Rajeshwar R Shinde <coolrrsh(a)gmail.com> [ Upstream commit 099be1822d1f095433f4b08af9cc9d6308ec1953 ] Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the value of the variable "sd->params.exposure.gain" exceeds the number of bits in an integer, a shift-out-of-bounds error is reported. It is triggered because the variable "currentexp" cannot be left-shifted by more than the number of bits in an integer. In order to avoid invalid range during left-shift, the conditional expression is added. Reported-by: syzbot+e27f3dbdab04e43b9f73(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/20230818164522.12806-1-coolrrsh@gmail.com Link: https://syzkaller.appspot.com/bug?extid=e27f3dbdab04e43b9f73 Signed-off-by: Rajeshwar R Shinde <coolrrsh(a)gmail.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/media/usb/gspca/cpia1.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/media/usb/gspca/cpia1.c b/drivers/media/usb/gspca/cpia1.c index 46ed95483e222..5f5fa851ca640 100644 --- a/drivers/media/usb/gspca/cpia1.c +++ b/drivers/media/usb/gspca/cpia1.c @@ -18,6 +18,7 @@ #include <linux/input.h> #include <linux/sched/signal.h> +#include <linux/bitops.h> #include "gspca.h" @@ -1028,6 +1029,8 @@ static int set_flicker(struct gspca_dev *gspca_dev, int on, int apply) sd->params.exposure.expMode = 2; sd->exposure_status = EXPOSURE_NORMAL; } + if (sd->params.exposure.gain >= BITS_PER_TYPE(currentexp)) + return -EINVAL; currentexp = currentexp << sd->params.exposure.gain; sd->params.exposure.gain = 0; /* round down current exposure to nearest value */ -- 2.42.0

1 year, 7 months

1
8
0 0

[PATCH AUTOSEL 6.5 01/10] media: gspca: cpia1: shift-out-of-bounds in set_flicker

by Sasha Levin

From: Rajeshwar R Shinde <coolrrsh(a)gmail.com> [ Upstream commit 099be1822d1f095433f4b08af9cc9d6308ec1953 ] Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the value of the variable "sd->params.exposure.gain" exceeds the number of bits in an integer, a shift-out-of-bounds error is reported. It is triggered because the variable "currentexp" cannot be left-shifted by more than the number of bits in an integer. In order to avoid invalid range during left-shift, the conditional expression is added. Reported-by: syzbot+e27f3dbdab04e43b9f73(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/20230818164522.12806-1-coolrrsh@gmail.com Link: https://syzkaller.appspot.com/bug?extid=e27f3dbdab04e43b9f73 Signed-off-by: Rajeshwar R Shinde <coolrrsh(a)gmail.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/media/usb/gspca/cpia1.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/media/usb/gspca/cpia1.c b/drivers/media/usb/gspca/cpia1.c index 46ed95483e222..5f5fa851ca640 100644 --- a/drivers/media/usb/gspca/cpia1.c +++ b/drivers/media/usb/gspca/cpia1.c @@ -18,6 +18,7 @@ #include <linux/input.h> #include <linux/sched/signal.h> +#include <linux/bitops.h> #include "gspca.h" @@ -1028,6 +1029,8 @@ static int set_flicker(struct gspca_dev *gspca_dev, int on, int apply) sd->params.exposure.expMode = 2; sd->exposure_status = EXPOSURE_NORMAL; } + if (sd->params.exposure.gain >= BITS_PER_TYPE(currentexp)) + return -EINVAL; currentexp = currentexp << sd->params.exposure.gain; sd->params.exposure.gain = 0; /* round down current exposure to nearest value */ -- 2.42.0

1 year, 7 months

1
9
0 0

[PATCH AUTOSEL 4.14] i2c: sun6i-p2wi: Prevent potential division by zero

by Sasha Levin

From: Axel Lin <axel.lin(a)ingics.com> [ Upstream commit 5ac61d26b8baff5b2e5a9f3dc1ef63297e4b53e7 ] Make sure we don't OOPS in case clock-frequency is set to 0 in a DT. The variable set here is later used as a divisor. Signed-off-by: Axel Lin <axel.lin(a)ingics.com> Acked-by: Boris Brezillon <boris.brezillon(a)free-electrons.com> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i2c/busses/i2c-sun6i-p2wi.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/i2c/busses/i2c-sun6i-p2wi.c b/drivers/i2c/busses/i2c-sun6i-p2wi.c index 7c07ce116e384..540c33f4e3500 100644 --- a/drivers/i2c/busses/i2c-sun6i-p2wi.c +++ b/drivers/i2c/busses/i2c-sun6i-p2wi.c @@ -202,6 +202,11 @@ static int p2wi_probe(struct platform_device *pdev) return -EINVAL; } + if (clk_freq == 0) { + dev_err(dev, "clock-frequency is set to 0 in DT\n"); + return -EINVAL; + } + if (of_get_child_count(np) > 1) { dev_err(dev, "P2WI only supports one slave device\n"); return -EINVAL; -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 4.19] i2c: sun6i-p2wi: Prevent potential division by zero

by Sasha Levin

From: Axel Lin <axel.lin(a)ingics.com> [ Upstream commit 5ac61d26b8baff5b2e5a9f3dc1ef63297e4b53e7 ] Make sure we don't OOPS in case clock-frequency is set to 0 in a DT. The variable set here is later used as a divisor. Signed-off-by: Axel Lin <axel.lin(a)ingics.com> Acked-by: Boris Brezillon <boris.brezillon(a)free-electrons.com> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i2c/busses/i2c-sun6i-p2wi.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/i2c/busses/i2c-sun6i-p2wi.c b/drivers/i2c/busses/i2c-sun6i-p2wi.c index 7c07ce116e384..540c33f4e3500 100644 --- a/drivers/i2c/busses/i2c-sun6i-p2wi.c +++ b/drivers/i2c/busses/i2c-sun6i-p2wi.c @@ -202,6 +202,11 @@ static int p2wi_probe(struct platform_device *pdev) return -EINVAL; } + if (clk_freq == 0) { + dev_err(dev, "clock-frequency is set to 0 in DT\n"); + return -EINVAL; + } + if (of_get_child_count(np) > 1) { dev_err(dev, "P2WI only supports one slave device\n"); return -EINVAL; -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 5.4] i2c: sun6i-p2wi: Prevent potential division by zero

by Sasha Levin

From: Axel Lin <axel.lin(a)ingics.com> [ Upstream commit 5ac61d26b8baff5b2e5a9f3dc1ef63297e4b53e7 ] Make sure we don't OOPS in case clock-frequency is set to 0 in a DT. The variable set here is later used as a divisor. Signed-off-by: Axel Lin <axel.lin(a)ingics.com> Acked-by: Boris Brezillon <boris.brezillon(a)free-electrons.com> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i2c/busses/i2c-sun6i-p2wi.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/i2c/busses/i2c-sun6i-p2wi.c b/drivers/i2c/busses/i2c-sun6i-p2wi.c index 7c07ce116e384..540c33f4e3500 100644 --- a/drivers/i2c/busses/i2c-sun6i-p2wi.c +++ b/drivers/i2c/busses/i2c-sun6i-p2wi.c @@ -202,6 +202,11 @@ static int p2wi_probe(struct platform_device *pdev) return -EINVAL; } + if (clk_freq == 0) { + dev_err(dev, "clock-frequency is set to 0 in DT\n"); + return -EINVAL; + } + if (of_get_child_count(np) > 1) { dev_err(dev, "P2WI only supports one slave device\n"); return -EINVAL; -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 5.10] i2c: sun6i-p2wi: Prevent potential division by zero

by Sasha Levin

From: Axel Lin <axel.lin(a)ingics.com> [ Upstream commit 5ac61d26b8baff5b2e5a9f3dc1ef63297e4b53e7 ] Make sure we don't OOPS in case clock-frequency is set to 0 in a DT. The variable set here is later used as a divisor. Signed-off-by: Axel Lin <axel.lin(a)ingics.com> Acked-by: Boris Brezillon <boris.brezillon(a)free-electrons.com> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i2c/busses/i2c-sun6i-p2wi.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/i2c/busses/i2c-sun6i-p2wi.c b/drivers/i2c/busses/i2c-sun6i-p2wi.c index 2f6f6468214dd..4f7a4f5a1150a 100644 --- a/drivers/i2c/busses/i2c-sun6i-p2wi.c +++ b/drivers/i2c/busses/i2c-sun6i-p2wi.c @@ -201,6 +201,11 @@ static int p2wi_probe(struct platform_device *pdev) return -EINVAL; } + if (clk_freq == 0) { + dev_err(dev, "clock-frequency is set to 0 in DT\n"); + return -EINVAL; + } + if (of_get_child_count(np) > 1) { dev_err(dev, "P2WI only supports one slave device\n"); return -EINVAL; -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH AUTOSEL 5.15 1/4] i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler

by Sasha Levin

From: Jarkko Nikula <jarkko.nikula(a)linux.intel.com> [ Upstream commit 45a832f989e520095429589d5b01b0c65da9b574 ] Do not loop over ring headers in hci_dma_irq_handler() that are not allocated and enabled in hci_dma_init(). Otherwise out of bounds access will occur from rings->headers[i] access when i >= number of allocated ring headers. Signed-off-by: Jarkko Nikula <jarkko.nikula(a)linux.intel.com> Link: https://lore.kernel.org/r/20230921055704.1087277-5-jarkko.nikula@linux.inte… Signed-off-by: Alexandre Belloni <alexandre.belloni(a)bootlin.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i3c/master/mipi-i3c-hci/dma.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/i3c/master/mipi-i3c-hci/dma.c b/drivers/i3c/master/mipi-i3c-hci/dma.c index af873a9be0507..dd2dc00399600 100644 --- a/drivers/i3c/master/mipi-i3c-hci/dma.c +++ b/drivers/i3c/master/mipi-i3c-hci/dma.c @@ -734,7 +734,7 @@ static bool hci_dma_irq_handler(struct i3c_hci *hci, unsigned int mask) unsigned int i; bool handled = false; - for (i = 0; mask && i < 8; i++) { + for (i = 0; mask && i < rings->total; i++) { struct hci_rh_data *rh; u32 status; -- 2.42.0

1 year, 7 months

1
3
0 0

[PATCH AUTOSEL 6.1 1/6] i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler

by Sasha Levin

From: Jarkko Nikula <jarkko.nikula(a)linux.intel.com> [ Upstream commit 45a832f989e520095429589d5b01b0c65da9b574 ] Do not loop over ring headers in hci_dma_irq_handler() that are not allocated and enabled in hci_dma_init(). Otherwise out of bounds access will occur from rings->headers[i] access when i >= number of allocated ring headers. Signed-off-by: Jarkko Nikula <jarkko.nikula(a)linux.intel.com> Link: https://lore.kernel.org/r/20230921055704.1087277-5-jarkko.nikula@linux.inte… Signed-off-by: Alexandre Belloni <alexandre.belloni(a)bootlin.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i3c/master/mipi-i3c-hci/dma.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/i3c/master/mipi-i3c-hci/dma.c b/drivers/i3c/master/mipi-i3c-hci/dma.c index 2990ac9eaade7..71b5dbe45c45c 100644 --- a/drivers/i3c/master/mipi-i3c-hci/dma.c +++ b/drivers/i3c/master/mipi-i3c-hci/dma.c @@ -734,7 +734,7 @@ static bool hci_dma_irq_handler(struct i3c_hci *hci, unsigned int mask) unsigned int i; bool handled = false; - for (i = 0; mask && i < 8; i++) { + for (i = 0; mask && i < rings->total; i++) { struct hci_rh_data *rh; u32 status; -- 2.42.0

1 year, 7 months

1
5
0 0

[PATCH AUTOSEL 6.5 1/7] i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler

by Sasha Levin

From: Jarkko Nikula <jarkko.nikula(a)linux.intel.com> [ Upstream commit 45a832f989e520095429589d5b01b0c65da9b574 ] Do not loop over ring headers in hci_dma_irq_handler() that are not allocated and enabled in hci_dma_init(). Otherwise out of bounds access will occur from rings->headers[i] access when i >= number of allocated ring headers. Signed-off-by: Jarkko Nikula <jarkko.nikula(a)linux.intel.com> Link: https://lore.kernel.org/r/20230921055704.1087277-5-jarkko.nikula@linux.inte… Signed-off-by: Alexandre Belloni <alexandre.belloni(a)bootlin.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i3c/master/mipi-i3c-hci/dma.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/i3c/master/mipi-i3c-hci/dma.c b/drivers/i3c/master/mipi-i3c-hci/dma.c index 2990ac9eaade7..71b5dbe45c45c 100644 --- a/drivers/i3c/master/mipi-i3c-hci/dma.c +++ b/drivers/i3c/master/mipi-i3c-hci/dma.c @@ -734,7 +734,7 @@ static bool hci_dma_irq_handler(struct i3c_hci *hci, unsigned int mask) unsigned int i; bool handled = false; - for (i = 0; mask && i < 8; i++) { + for (i = 0; mask && i < rings->total; i++) { struct hci_rh_data *rh; u32 status; -- 2.42.0

1 year, 7 months

1
6
0 0

[PATCH AUTOSEL 6.6 1/7] i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler

by Sasha Levin

From: Jarkko Nikula <jarkko.nikula(a)linux.intel.com> [ Upstream commit 45a832f989e520095429589d5b01b0c65da9b574 ] Do not loop over ring headers in hci_dma_irq_handler() that are not allocated and enabled in hci_dma_init(). Otherwise out of bounds access will occur from rings->headers[i] access when i >= number of allocated ring headers. Signed-off-by: Jarkko Nikula <jarkko.nikula(a)linux.intel.com> Link: https://lore.kernel.org/r/20230921055704.1087277-5-jarkko.nikula@linux.inte… Signed-off-by: Alexandre Belloni <alexandre.belloni(a)bootlin.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/i3c/master/mipi-i3c-hci/dma.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/i3c/master/mipi-i3c-hci/dma.c b/drivers/i3c/master/mipi-i3c-hci/dma.c index 2990ac9eaade7..71b5dbe45c45c 100644 --- a/drivers/i3c/master/mipi-i3c-hci/dma.c +++ b/drivers/i3c/master/mipi-i3c-hci/dma.c @@ -734,7 +734,7 @@ static bool hci_dma_irq_handler(struct i3c_hci *hci, unsigned int mask) unsigned int i; bool handled = false; - for (i = 0; mask && i < 8; i++) { + for (i = 0; mask && i < rings->total; i++) { struct hci_rh_data *rh; u32 status; -- 2.42.0

1 year, 7 months

1
6
0 0

VENDORS EOI

by Abu Dhabi National Oil Company

Greetings of the day, We are inviting your esteemed company for vendor registration and intending partners for Abu Dhabi National Oil Company (ADNOC) 2023/2024 projects. These projects are open for all companies around the world, if you have intention to participate in the process, please confirm your interest by asking for Vendor Questionnaire and EOI. We appreciate your interest in this invitation, and look forward to your early response. Kind Regards, Mr. Mohamed Ghazi B. Senior Project Manager projects(a)adnoc-suppplier.com

1 year, 7 months

1
0
0 0

Your Order Update383776264

by Thank You#8663747916

We are always looking for ways to bring joy into people's lives, and we are thrilled to share these special offers and updates with you.

1 year, 7 months

1
0
0 0

€ 100.000.000?

by gvalencia＠maprial.com

Goededag, Ik ben mevrouw Joanna Liu en een medewerker van Citi Bank Hong Kong. Kan ik € 100.000.000 aan u overmaken? Kan ik je vertrouwen Ik wacht op jullie reacties Met vriendelijke groeten mevrouw Joanna Liu

1 year, 7 months

1
0
0 0

+ mm-damon-corec-avoid-unintentional-filtering-out-of-schemes.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/damon/core.c: avoid unintentional filtering out of schemes has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-damon-corec-avoid-unintentional-filtering-out-of-schemes.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Hyeongtak Ji <hyeongtak.ji(a)gmail.com> Subject: mm/damon/core.c: avoid unintentional filtering out of schemes Date: Fri, 10 Nov 2023 14:37:09 +0900 The function '__damos_filter_out()' causes DAMON to always filter out schemes whose filter type is anon or memcg if its matching value is set to false. This commit addresses the issue by ensuring that '__damos_filter_out()' no longer applies to filters whose type is 'anon' or 'memcg'. Link: https://lkml.kernel.org/r/1699594629-3816-1-git-send-email-hyeongtak.ji@gma… Fixes: ab9bda001b681 ("mm/damon/core: introduce address range type damos filter") Signed-off-by: Hyeongtak Ji <hyeongtak.ji(a)sk.com> Reviewed-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/damon/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/damon/core.c~mm-damon-corec-avoid-unintentional-filtering-out-of-schemes +++ a/mm/damon/core.c @@ -924,7 +924,7 @@ static bool __damos_filter_out(struct da matched = true; break; default: - break; + return false; } return matched == filter->matching; _ Patches currently in -mm which might be from hyeongtak.ji(a)gmail.com are mm-damon-corec-avoid-unintentional-filtering-out-of-schemes.patch

1 year, 7 months

1
0
0 0

Re: [PATCH] mm/damon/core.c: avoid unintentional filtering out of schemes

by SeongJae Park

On Fri, 10 Nov 2023 18:22:40 +0000 SeongJae Park <sj(a)kernel.org> wrote: > Hello Hyueongtak, > > On Fri, 10 Nov 2023 14:37:09 +0900 Hyeongtak Ji <hyeongtak.ji(a)gmail.com> wrote: > > > The function '__damos_filter_out()' causes DAMON to always filter out > > schemes whose filter type is anon or memcg if its matching value is set > > to false. > > > > This commit addresses the issue by ensuring that '__damos_filter_out()' > > no longer applies to filters whose type is 'anon' or 'memcg'. > > Nice catch, thank you! > > checkpatch.pl shows one warning, though: > > WARNING: From:/Signed-off-by: email address mismatch: 'From: Hyeongtak Ji <hyeongtak.ji(a)gmail.com>' != 'Signed-off-by: Hyeongtak Ji <hyeongtak.ji(a)sk.com>' > Also, I think we need to add below? Fixes: ab9bda001b68 ("mm/damon/core: introduce address range type damos filter") Cc: <stable(a)vger.kernel.org> # 6.6.y > > > > Signed-off-by: Hyeongtak Ji <hyeongtak.ji(a)sk.com> > > Reviewed-by: SeongJae Park <sj(a)kernel.org> Thanks, SJ [...]

1 year, 7 months

1
0
0 0

[PATCH v6 0/5] Add a few panels and use correct modes

by Hsin-Yi Wang

This series contains following patches: 1-2. Fix 2 panel naming and timing. 3. Add a few new generic edp panels. 4. Support a new quirk to override the mode read from edid 5. Only add hard-coded mode if both edid and hard-coded modes presents. v1: https://patchwork.kernel.org/project/dri-devel/cover/20231101212604.1636517… v2: https://patchwork.kernel.org/project/dri-devel/cover/20231102221309.1971910… v3: https://patchwork.kernel.org/project/dri-devel/cover/20231106202718.2770821… v4: https://patchwork.kernel.org/project/dri-devel/cover/20231106210337.2900034… v5: https://patchwork.kernel.org/project/dri-devel/cover/20231107000023.2928195… Hsin-Yi Wang (5): drm/panel-edp: drm/panel-edp: Fix AUO B116XAK01 name and timing drm/panel-edp: drm/panel-edp: Fix AUO B116XTN02 name drm/panel-edp: drm/panel-edp: Add several generic edp panels drm/panel-edp: Add override_edid_mode quirk for generic edp drm/panel-edp: Avoid adding multiple preferred modes drivers/gpu/drm/panel/panel-edp.c | 134 +++++++++++++++++++++++++++--- 1 file changed, 122 insertions(+), 12 deletions(-) -- 2.42.0.869.gea05f2083d-goog

1 year, 7 months

5
16
0 0

Proposal to Partner with You

by Mr. Jim

Hello Friend, My name is Jim Jones, I am a Laboratory Scientist in a leading multinational Pharmaceutical company and I have a business proposal for you. You do not need experience or expertise to participate and make good returns. Kindly respond if interested and I will provide details. Jim

1 year, 7 months

1
0
0 0

[PATCH net v4 1/2] r8169: add handling DASH when DASH is disabled

by ChunHao Lin

For devices that support DASH, even DASH is disabled, there may still exist a default firmware that will influence device behavior. So driver needs to handle DASH for devices that support DASH, no matter the DASH status is. This patch also prepares for "fix network lost after resume on DASH systems". Fixes: ee7a1beb9759 ("r8169:call "rtl8168_driver_start" "rtl8168_driver_stop" only when hardware dash function is enabled") Cc: stable(a)vger.kernel.org Signed-off-by: ChunHao Lin <hau(a)realtek.com> --- drivers/net/ethernet/realtek/r8169_main.c | 36 ++++++++++++++++------- 1 file changed, 25 insertions(+), 11 deletions(-) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index 0c76c162b8a9..cfcb40d90920 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -624,6 +624,7 @@ struct rtl8169_private { unsigned supports_gmii:1; unsigned aspm_manageable:1; + unsigned dash_enabled:1; dma_addr_t counters_phys_addr; struct rtl8169_counters *counters; struct rtl8169_tc_offsets tc_offset; @@ -1253,14 +1254,26 @@ static bool r8168ep_check_dash(struct rtl8169_private *tp) return r8168ep_ocp_read(tp, 0x128) & BIT(0); } -static enum rtl_dash_type rtl_check_dash(struct rtl8169_private *tp) +static bool rtl_dash_is_enabled(struct rtl8169_private *tp) +{ + switch (tp->dash_type) { + case RTL_DASH_DP: + return r8168dp_check_dash(tp); + case RTL_DASH_EP: + return r8168ep_check_dash(tp); + default: + return false; + } +} + +static enum rtl_dash_type rtl_get_dash_type(struct rtl8169_private *tp) { switch (tp->mac_version) { case RTL_GIGA_MAC_VER_28: case RTL_GIGA_MAC_VER_31: - return r8168dp_check_dash(tp) ? RTL_DASH_DP : RTL_DASH_NONE; + return RTL_DASH_DP; case RTL_GIGA_MAC_VER_51 ... RTL_GIGA_MAC_VER_53: - return r8168ep_check_dash(tp) ? RTL_DASH_EP : RTL_DASH_NONE; + return RTL_DASH_EP; default: return RTL_DASH_NONE; } @@ -1453,7 +1466,7 @@ static void __rtl8169_set_wol(struct rtl8169_private *tp, u32 wolopts) device_set_wakeup_enable(tp_to_dev(tp), wolopts); - if (tp->dash_type == RTL_DASH_NONE) { + if (!tp->dash_enabled) { rtl_set_d3_pll_down(tp, !wolopts); tp->dev->wol_enabled = wolopts ? 1 : 0; } @@ -2512,7 +2525,7 @@ static void rtl_wol_enable_rx(struct rtl8169_private *tp) static void rtl_prepare_power_down(struct rtl8169_private *tp) { - if (tp->dash_type != RTL_DASH_NONE) + if (tp->dash_enabled) return; if (tp->mac_version == RTL_GIGA_MAC_VER_32 || @@ -4869,7 +4882,7 @@ static int rtl8169_runtime_idle(struct device *device) { struct rtl8169_private *tp = dev_get_drvdata(device); - if (tp->dash_type != RTL_DASH_NONE) + if (tp->dash_enabled) return -EBUSY; if (!netif_running(tp->dev) || !netif_carrier_ok(tp->dev)) @@ -4895,8 +4908,7 @@ static void rtl_shutdown(struct pci_dev *pdev) /* Restore original MAC address */ rtl_rar_set(tp, tp->dev->perm_addr); - if (system_state == SYSTEM_POWER_OFF && - tp->dash_type == RTL_DASH_NONE) { + if (system_state == SYSTEM_POWER_OFF && !tp->dash_enabled) { pci_wake_from_d3(pdev, tp->saved_wolopts); pci_set_power_state(pdev, PCI_D3hot); } @@ -5254,7 +5266,8 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) rc = pci_disable_link_state(pdev, PCIE_LINK_STATE_L1); tp->aspm_manageable = !rc; - tp->dash_type = rtl_check_dash(tp); + tp->dash_type = rtl_get_dash_type(tp); + tp->dash_enabled = rtl_dash_is_enabled(tp); tp->cp_cmd = RTL_R16(tp, CPlusCmd) & CPCMD_MASK; @@ -5325,7 +5338,7 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) /* configure chip for default features */ rtl8169_set_features(dev, dev->features); - if (tp->dash_type == RTL_DASH_NONE) { + if (!tp->dash_enabled) { rtl_set_d3_pll_down(tp, true); } else { rtl_set_d3_pll_down(tp, false); @@ -5365,7 +5378,8 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) "ok" : "ko"); if (tp->dash_type != RTL_DASH_NONE) { - netdev_info(dev, "DASH enabled\n"); + netdev_info(dev, "DASH %s\n", + tp->dash_enabled ? "enabled" : "disabled"); rtl8168_driver_start(tp); } -- 2.39.2

1 year, 7 months

2
1
0 0

[PATCH net v4 2/2] r8169: fix network lost after resume on DASH systems

by ChunHao Lin

Device that support DASH may be reseted or powered off during suspend. So driver needs to handle DASH during system suspend and resume. Or DASH firmware will influence device behavior and causes network lost. Fixes: b646d90053f8 ("r8169: magic.") Cc: stable(a)vger.kernel.org Reviewed-by: Heiner Kallweit <hkallweit1(a)gmail.com> Signed-off-by: ChunHao Lin <hau(a)realtek.com> --- drivers/net/ethernet/realtek/r8169_main.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index cfcb40d90920..b9bb1d2f0237 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -4661,10 +4661,16 @@ static void rtl8169_down(struct rtl8169_private *tp) rtl8169_cleanup(tp); rtl_disable_exit_l1(tp); rtl_prepare_power_down(tp); + + if (tp->dash_type != RTL_DASH_NONE) + rtl8168_driver_stop(tp); } static void rtl8169_up(struct rtl8169_private *tp) { + if (tp->dash_type != RTL_DASH_NONE) + rtl8168_driver_start(tp); + pci_set_master(tp->pci_dev); phy_init_hw(tp->phydev); phy_resume(tp->phydev); -- 2.39.2

1 year, 7 months

1
0
0 0

[PATCH net v3 1/2] r8169: add handling DASH when DASH is disabled

by ChunHao Lin

For devices that support DASH, even DASH is disabled, there may still exist a default firmware that will influence device behavior. So driver needs to handle DASH for devices that support DASH, no matter the DASH status is. This patch also prepares for "fix network lost after resume on DASH systems". Fixes: ee7a1beb9759 ("r8169:call "rtl8168_driver_start" "rtl8168_driver_stop" only when hardware dash function is enabled") Cc: stable(a)vger.kernel.org Signed-off-by: ChunHao Lin <hau(a)realtek.com> --- drivers/net/ethernet/realtek/r8169_main.c | 35 ++++++++++++++++------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index 0c76c162b8a9..4954ff0f72b1 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -624,6 +624,7 @@ struct rtl8169_private { unsigned supports_gmii:1; unsigned aspm_manageable:1; + unsigned dash_enabled:1; dma_addr_t counters_phys_addr; struct rtl8169_counters *counters; struct rtl8169_tc_offsets tc_offset; @@ -1253,14 +1254,26 @@ static bool r8168ep_check_dash(struct rtl8169_private *tp) return r8168ep_ocp_read(tp, 0x128) & BIT(0); } -static enum rtl_dash_type rtl_check_dash(struct rtl8169_private *tp) +static bool rtl_dash_is_enabled(struct rtl8169_private *tp) +{ + switch (tp->dash_type) { + case RTL_DASH_DP: + return r8168dp_check_dash(tp); + case RTL_DASH_EP: + return r8168ep_check_dash(tp); + default: + return false; + } +} + +static enum rtl_dash_type rtl_get_dash_type(struct rtl8169_private *tp) { switch (tp->mac_version) { case RTL_GIGA_MAC_VER_28: case RTL_GIGA_MAC_VER_31: - return r8168dp_check_dash(tp) ? RTL_DASH_DP : RTL_DASH_NONE; + return RTL_DASH_DP; case RTL_GIGA_MAC_VER_51 ... RTL_GIGA_MAC_VER_53: - return r8168ep_check_dash(tp) ? RTL_DASH_EP : RTL_DASH_NONE; + return RTL_DASH_EP; default: return RTL_DASH_NONE; } @@ -1453,7 +1466,7 @@ static void __rtl8169_set_wol(struct rtl8169_private *tp, u32 wolopts) device_set_wakeup_enable(tp_to_dev(tp), wolopts); - if (tp->dash_type == RTL_DASH_NONE) { + if (!tp->dash_enabled) { rtl_set_d3_pll_down(tp, !wolopts); tp->dev->wol_enabled = wolopts ? 1 : 0; } @@ -2512,7 +2525,7 @@ static void rtl_wol_enable_rx(struct rtl8169_private *tp) static void rtl_prepare_power_down(struct rtl8169_private *tp) { - if (tp->dash_type != RTL_DASH_NONE) + if (tp->dash_enabled) return; if (tp->mac_version == RTL_GIGA_MAC_VER_32 || @@ -4869,7 +4882,7 @@ static int rtl8169_runtime_idle(struct device *device) { struct rtl8169_private *tp = dev_get_drvdata(device); - if (tp->dash_type != RTL_DASH_NONE) + if (tp->dash_enabled) return -EBUSY; if (!netif_running(tp->dev) || !netif_carrier_ok(tp->dev)) @@ -4896,7 +4909,7 @@ static void rtl_shutdown(struct pci_dev *pdev) rtl_rar_set(tp, tp->dev->perm_addr); if (system_state == SYSTEM_POWER_OFF && - tp->dash_type == RTL_DASH_NONE) { + !tp->dash_enabled) { pci_wake_from_d3(pdev, tp->saved_wolopts); pci_set_power_state(pdev, PCI_D3hot); } @@ -5254,7 +5267,8 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) rc = pci_disable_link_state(pdev, PCIE_LINK_STATE_L1); tp->aspm_manageable = !rc; - tp->dash_type = rtl_check_dash(tp); + tp->dash_type = rtl_get_dash_type(tp); + tp->dash_enabled = rtl_dash_is_enabled(tp); tp->cp_cmd = RTL_R16(tp, CPlusCmd) & CPCMD_MASK; @@ -5325,7 +5339,7 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) /* configure chip for default features */ rtl8169_set_features(dev, dev->features); - if (tp->dash_type == RTL_DASH_NONE) { + if (!tp->dash_enabled) { rtl_set_d3_pll_down(tp, true); } else { rtl_set_d3_pll_down(tp, false); @@ -5365,7 +5379,8 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) "ok" : "ko"); if (tp->dash_type != RTL_DASH_NONE) { - netdev_info(dev, "DASH enabled\n"); + netdev_info(dev, "DASH %s\n", + tp->dash_enabled ? "enabled" : "disabled"); rtl8168_driver_start(tp); } -- 2.39.2

1 year, 7 months

3
2
0 0

[PATCH 3/6] drm/virtio: Use drm_atomic_helper_buffer_damage_merged() for buffer damage

by Javier Martinez Canillas

The driver does per-buffer uploads. It needs to use the damage helper that handles buffer damages, rather than the helper that handles frame damages. Fixes: 01f05940a9a7 ("drm/virtio: Enable fb damage clips property for the primary plane") Cc: <stable(a)vger.kernel.org> # v6.4+ Reported-by: nerdopolis <bluescreen_avenger(a)verizon.net> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=218115 Suggested-by: Sima Vetter <daniel.vetter(a)ffwll.ch> Signed-off-by: Javier Martinez Canillas <javierm(a)redhat.com> --- drivers/gpu/drm/virtio/virtgpu_plane.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/virtio/virtgpu_plane.c b/drivers/gpu/drm/virtio/virtgpu_plane.c index a2e045f3a000..1adfd9813cde 100644 --- a/drivers/gpu/drm/virtio/virtgpu_plane.c +++ b/drivers/gpu/drm/virtio/virtgpu_plane.c @@ -183,7 +183,7 @@ static void virtio_gpu_primary_plane_update(struct drm_plane *plane, return; } - if (!drm_atomic_helper_damage_merged(old_state, plane->state, &rect)) + if (!drm_atomic_helper_buffer_damage_merged(old_state, plane->state, &rect)) return; bo = gem_to_virtio_gpu_obj(plane->state->fb->obj[0]); -- 2.41.0

1 year, 7 months

1
0
0 0

[PATCH 1/6] drm: Move drm_atomic_helper_damage_{iter_init,merged}() to helpers

by Javier Martinez Canillas

We need a similar drm_atomic_helper_buffer_damage_merged() helper function that takes into account if a framebuffer attached to the plane has changed since the last plane update (page-flip). Since both damage helpers will share most of the current logic, move it to an internal helper. The drm_atomic_helper_buffer_damage_merged() will have to use a different drm_atomic_helper_buffer_damage_iter_init() function so move that logic also to an internal helper. Fixes: 01f05940a9a7 ("drm/virtio: Enable fb damage clips property for the primary plane") Cc: <stable(a)vger.kernel.org> # v6.4+ Reported-by: nerdopolis <bluescreen_avenger(a)verizon.net> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=218115 Suggested-by: Sima Vetter <daniel.vetter(a)ffwll.ch> Signed-off-by: Javier Martinez Canillas <javierm(a)redhat.com> --- drivers/gpu/drm/drm_damage_helper.c | 95 +++++++++++++++++------------ 1 file changed, 55 insertions(+), 40 deletions(-) diff --git a/drivers/gpu/drm/drm_damage_helper.c b/drivers/gpu/drm/drm_damage_helper.c index d8b2955e88fd..aa2325567918 100644 --- a/drivers/gpu/drm/drm_damage_helper.c +++ b/drivers/gpu/drm/drm_damage_helper.c @@ -201,28 +201,10 @@ int drm_atomic_helper_dirtyfb(struct drm_framebuffer *fb, } EXPORT_SYMBOL(drm_atomic_helper_dirtyfb); -/** - * drm_atomic_helper_damage_iter_init - Initialize the damage iterator. - * @iter: The iterator to initialize. - * @old_state: Old plane state for validation. - * @state: Plane state from which to iterate the damage clips. - * - * Initialize an iterator, which clips plane damage - * &drm_plane_state.fb_damage_clips to plane &drm_plane_state.src. This iterator - * returns full plane src in case damage is not present because either - * user-space didn't sent or driver discarded it (it want to do full plane - * update). Currently this iterator returns full plane src in case plane src - * changed but that can be changed in future to return damage. - * - * For the case when plane is not visible or plane update should not happen the - * first call to iter_next will return false. Note that this helper use clipped - * &drm_plane_state.src, so driver calling this helper should have called - * drm_atomic_helper_check_plane_state() earlier. - */ -void -drm_atomic_helper_damage_iter_init(struct drm_atomic_helper_damage_iter *iter, - const struct drm_plane_state *old_state, - const struct drm_plane_state *state) +static void +__drm_atomic_helper_damage_iter_init(struct drm_atomic_helper_damage_iter *iter, + const struct drm_plane_state *old_state, + const struct drm_plane_state *state) { struct drm_rect src; memset(iter, 0, sizeof(*iter)); @@ -247,6 +229,32 @@ drm_atomic_helper_damage_iter_init(struct drm_atomic_helper_damage_iter *iter, iter->full_update = true; } } + +/** + * drm_atomic_helper_damage_iter_init - Initialize the damage iterator. + * @iter: The iterator to initialize. + * @old_state: Old plane state for validation. + * @state: Plane state from which to iterate the damage clips. + * + * Initialize an iterator, which clips plane damage + * &drm_plane_state.fb_damage_clips to plane &drm_plane_state.src. This iterator + * returns full plane src in case damage is not present because either + * user-space didn't sent or driver discarded it (it want to do full plane + * update). Currently this iterator returns full plane src in case plane src + * changed but that can be changed in future to return damage. + * + * For the case when plane is not visible or plane update should not happen the + * first call to iter_next will return false. Note that this helper use clipped + * &drm_plane_state.src, so driver calling this helper should have called + * drm_atomic_helper_check_plane_state() earlier. + */ +void +drm_atomic_helper_damage_iter_init(struct drm_atomic_helper_damage_iter *iter, + const struct drm_plane_state *old_state, + const struct drm_plane_state *state) +{ + __drm_atomic_helper_damage_iter_init(iter, old_state, state); +} EXPORT_SYMBOL(drm_atomic_helper_damage_iter_init); /** @@ -291,24 +299,9 @@ drm_atomic_helper_damage_iter_next(struct drm_atomic_helper_damage_iter *iter, } EXPORT_SYMBOL(drm_atomic_helper_damage_iter_next); -/** - * drm_atomic_helper_damage_merged - Merged plane damage - * @old_state: Old plane state for validation. - * @state: Plane state from which to iterate the damage clips. - * @rect: Returns the merged damage rectangle - * - * This function merges any valid plane damage clips into one rectangle and - * returns it in @rect. - * - * For details see: drm_atomic_helper_damage_iter_init() and - * drm_atomic_helper_damage_iter_next(). - * - * Returns: - * True if there is valid plane damage otherwise false. - */ -bool drm_atomic_helper_damage_merged(const struct drm_plane_state *old_state, - struct drm_plane_state *state, - struct drm_rect *rect) +static bool __drm_atomic_helper_damage_merged(const struct drm_plane_state *old_state, + struct drm_plane_state *state, + struct drm_rect *rect) { struct drm_atomic_helper_damage_iter iter; struct drm_rect clip; @@ -330,4 +323,26 @@ bool drm_atomic_helper_damage_merged(const struct drm_plane_state *old_state, return valid; } + +/** + * drm_atomic_helper_damage_merged - Merged plane damage + * @old_state: Old plane state for validation. + * @state: Plane state from which to iterate the damage clips. + * @rect: Returns the merged damage rectangle + * + * This function merges any valid plane damage clips into one rectangle and + * returns it in @rect. + * + * For details see: drm_atomic_helper_damage_iter_init() and + * drm_atomic_helper_damage_iter_next(). + * + * Returns: + * True if there is valid plane damage otherwise false. + */ +bool drm_atomic_helper_damage_merged(const struct drm_plane_state *old_state, + struct drm_plane_state *state, + struct drm_rect *rect) +{ + return __drm_atomic_helper_damage_merged(old_state, state, rect); +} EXPORT_SYMBOL(drm_atomic_helper_damage_merged); -- 2.41.0

1 year, 7 months

1
0
0 0

[PATCH net v3 2/2] r8169: fix network lost after resume on DASH systems

by ChunHao Lin

Device that support DASH may be reseted or powered off during suspend. So driver needs to handle DASH during system suspend and resume. Or DASH firmware will influence device behavior and causes network lost. Fixes: b646d90053f8 ("r8169: magic.") Cc: stable(a)vger.kernel.org Signed-off-by: ChunHao Lin <hau(a)realtek.com> --- drivers/net/ethernet/realtek/r8169_main.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index 4954ff0f72b1..7e90dac2d97d 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -4661,10 +4661,16 @@ static void rtl8169_down(struct rtl8169_private *tp) rtl8169_cleanup(tp); rtl_disable_exit_l1(tp); rtl_prepare_power_down(tp); + + if (tp->dash_type != RTL_DASH_NONE) + rtl8168_driver_stop(tp); } static void rtl8169_up(struct rtl8169_private *tp) { + if (tp->dash_type != RTL_DASH_NONE) + rtl8168_driver_start(tp); + pci_set_master(tp->pci_dev); phy_init_hw(tp->phydev); phy_resume(tp->phydev); -- 2.39.2

1 year, 7 months

2
1
0 0

[PATCH v3 1/3] s390/vfio-ap: unpin pages on gisc registration failure

by Tony Krowiak

From: Anthony Krowiak <akrowiak(a)linux.ibm.com> In the vfio_ap_irq_enable function, after the page containing the notification indicator byte (NIB) is pinned, the function attempts to register the guest ISC. If registration fails, the function sets the status response code and returns without unpinning the page containing the NIB. In order to avoid a memory leak, the NIB should be unpinned before returning from the vfio_ap_irq_enable function. Co-developed-by: Janosch Frank <frankja(a)linux.ibm.com> Signed-off-by: Janosch Frank <frankja(a)linux.ibm.com> Signed-off-by: Anthony Krowiak <akrowiak(a)linux.ibm.com> Reviewed-by: Matthew Rosato <mjrosato(a)linux.ibm.com> Fixes: 783f0a3ccd79 ("s390/vfio-ap: add s390dbf logging to the vfio_ap_irq_enable function") Cc: <stable(a)vger.kernel.org> --- drivers/s390/crypto/vfio_ap_ops.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/s390/crypto/vfio_ap_ops.c b/drivers/s390/crypto/vfio_ap_ops.c index 4db538a55192..9cb28978c186 100644 --- a/drivers/s390/crypto/vfio_ap_ops.c +++ b/drivers/s390/crypto/vfio_ap_ops.c @@ -457,6 +457,7 @@ static struct ap_queue_status vfio_ap_irq_enable(struct vfio_ap_queue *q, VFIO_AP_DBF_WARN("%s: gisc registration failed: nisc=%d, isc=%d, apqn=%#04x\n", __func__, nisc, isc, q->apqn); + vfio_unpin_pages(&q->matrix_mdev->vdev, nib, 1); status.response_code = AP_RESPONSE_INVALID_GISA; return status; } -- 2.41.0

1 year, 7 months

1
0
0 0

[PATCH net v2 1/2] r8169: add handling DASH when DASH is disabled

by ChunHao Lin

For devices that support DASH, even DASH is disabled, there may still exist a default firmware that will influence device behavior. So driver needs to handle DASH for devices that support DASH, no matter the DASH status is. This patch also prepare for "fix DASH deviceis network lost issue". Signed-off-by: ChunHao Lin <hau(a)realtek.com> Reviewed-by: Heiner Kallweit <hkallweit1(a)gmail.com> Cc: stable(a)vger.kernel.org --- drivers/net/ethernet/realtek/r8169_main.c | 35 ++++++++++++++++------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index 0c76c162b8a9..108dc75050ba 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -624,6 +624,7 @@ struct rtl8169_private { unsigned supports_gmii:1; unsigned aspm_manageable:1; + unsigned dash_enabled:1; dma_addr_t counters_phys_addr; struct rtl8169_counters *counters; struct rtl8169_tc_offsets tc_offset; @@ -1253,14 +1254,26 @@ static bool r8168ep_check_dash(struct rtl8169_private *tp) return r8168ep_ocp_read(tp, 0x128) & BIT(0); } -static enum rtl_dash_type rtl_check_dash(struct rtl8169_private *tp) +static bool rtl_dash_is_enabled(struct rtl8169_private *tp) +{ + switch (tp->dash_type) { + case RTL_DASH_DP: + return r8168dp_check_dash(tp); + case RTL_DASH_EP: + return r8168ep_check_dash(tp); + default: + return false; + } +} + +static enum rtl_dash_type rtl_get_dash_type(struct rtl8169_private *tp) { switch (tp->mac_version) { case RTL_GIGA_MAC_VER_28: case RTL_GIGA_MAC_VER_31: - return r8168dp_check_dash(tp) ? RTL_DASH_DP : RTL_DASH_NONE; + return RTL_DASH_DP; case RTL_GIGA_MAC_VER_51 ... RTL_GIGA_MAC_VER_53: - return r8168ep_check_dash(tp) ? RTL_DASH_EP : RTL_DASH_NONE; + return RTL_DASH_EP; default: return RTL_DASH_NONE; } @@ -1453,7 +1466,7 @@ static void __rtl8169_set_wol(struct rtl8169_private *tp, u32 wolopts) device_set_wakeup_enable(tp_to_dev(tp), wolopts); - if (tp->dash_type == RTL_DASH_NONE) { + if (!tp->dash_enabled) { rtl_set_d3_pll_down(tp, !wolopts); tp->dev->wol_enabled = wolopts ? 1 : 0; } @@ -2512,7 +2525,7 @@ static void rtl_wol_enable_rx(struct rtl8169_private *tp) static void rtl_prepare_power_down(struct rtl8169_private *tp) { - if (tp->dash_type != RTL_DASH_NONE) + if (tp->dash_enabled) return; if (tp->mac_version == RTL_GIGA_MAC_VER_32 || @@ -4869,7 +4882,7 @@ static int rtl8169_runtime_idle(struct device *device) { struct rtl8169_private *tp = dev_get_drvdata(device); - if (tp->dash_type != RTL_DASH_NONE) + if (tp->dash_enabled) return -EBUSY; if (!netif_running(tp->dev) || !netif_carrier_ok(tp->dev)) @@ -4896,7 +4909,7 @@ static void rtl_shutdown(struct pci_dev *pdev) rtl_rar_set(tp, tp->dev->perm_addr); if (system_state == SYSTEM_POWER_OFF && - tp->dash_type == RTL_DASH_NONE) { + !tp->dash_enabled) { pci_wake_from_d3(pdev, tp->saved_wolopts); pci_set_power_state(pdev, PCI_D3hot); } @@ -5254,7 +5267,8 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) rc = pci_disable_link_state(pdev, PCIE_LINK_STATE_L1); tp->aspm_manageable = !rc; - tp->dash_type = rtl_check_dash(tp); + tp->dash_type = rtl_get_dash_type(tp); + tp->dash_enabled = rtl_dash_is_enabled(tp); tp->cp_cmd = RTL_R16(tp, CPlusCmd) & CPCMD_MASK; @@ -5325,7 +5339,7 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) /* configure chip for default features */ rtl8169_set_features(dev, dev->features); - if (tp->dash_type == RTL_DASH_NONE) { + if (!tp->dash_enabled) { rtl_set_d3_pll_down(tp, true); } else { rtl_set_d3_pll_down(tp, false); @@ -5365,7 +5379,8 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) "ok" : "ko"); if (tp->dash_type != RTL_DASH_NONE) { - netdev_info(dev, "DASH enabled\n"); + netdev_info(dev, "DASH %s\n", + tp->dash_enabled ? "enabled" : "disabled"); rtl8168_driver_start(tp); } -- 2.39.2

1 year, 7 months

4
3
0 0

[PATCH v2] bus: mhi: host: Add alignment check for event ring read pointer

by Krishna chaitanya chundru

Though we do check the event ring read pointer by "is_valid_ring_ptr" to make sure it is in the buffer range, but there is another risk the pointer may be not aligned. Since we are expecting event ring elements are 128 bits(struct mhi_ring_element) aligned, an unaligned read pointer could lead to multiple issues like DoS or ring buffer memory corruption. So add a alignment check for event ring read pointer. Fixes: ec32332df764 ("bus: mhi: core: Sanity check values from remote device before use") cc: stable(a)vger.kernel.org Signed-off-by: Krishna chaitanya chundru <quic_krichai(a)quicinc.com> --- Changes in v2: - Change the modulus operation to bit-wise & operation as suggested by Jeff. - Link to v1: https://lore.kernel.org/r/20231023-alignment_check-v1-1-2ca5716d5c15@quicin… --- drivers/bus/mhi/host/main.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/bus/mhi/host/main.c b/drivers/bus/mhi/host/main.c index 499590437e9b..e765c16a99d1 100644 --- a/drivers/bus/mhi/host/main.c +++ b/drivers/bus/mhi/host/main.c @@ -268,7 +268,8 @@ static void mhi_del_ring_element(struct mhi_controller *mhi_cntrl, static bool is_valid_ring_ptr(struct mhi_ring *ring, dma_addr_t addr) { - return addr >= ring->iommu_base && addr < ring->iommu_base + ring->len; + return addr >= ring->iommu_base && addr < ring->iommu_base + ring->len && + !(addr & (sizeof(struct mhi_ring_element) - 1)); } int mhi_destroy_device(struct device *dev, void *data) --- base-commit: 71e68e182e382e951d6248bccc3c960dcec5a718 change-id: 20231013-alignment_check-c013f509d24a Best regards, -- Krishna chaitanya chundru <quic_krichai(a)quicinc.com>

1 year, 7 months

4
5
0 0

[PATCH v3 1/4] bus: mhi: host: Add spinlock to protect WP access when queueing TREs

by Qiang Yu

From: Bhaumik Bhatt <bbhatt(a)codeaurora.org> Protect WP accesses such that multiple threads queueing buffers for incoming data do not race. Cc: <stable(a)vger.kernel.org> Fixes: 189ff97cca53 ("bus: mhi: core: Add support for data transfer") Signed-off-by: Bhaumik Bhatt <bbhatt(a)codeaurora.org> Signed-off-by: Qiang Yu <quic_qianyu(a)quicinc.com> --- drivers/bus/mhi/host/main.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/bus/mhi/host/main.c b/drivers/bus/mhi/host/main.c index 6cf1145..c9415b0 100644 --- a/drivers/bus/mhi/host/main.c +++ b/drivers/bus/mhi/host/main.c @@ -1205,6 +1205,9 @@ int mhi_gen_tre(struct mhi_controller *mhi_cntrl, struct mhi_chan *mhi_chan, int eot, eob, chain, bei; int ret; + /* Protect accesses for reading and incrementing WP */ + write_lock_bh(&mhi_chan->lock); + buf_ring = &mhi_chan->buf_ring; tre_ring = &mhi_chan->tre_ring; @@ -1222,8 +1225,10 @@ int mhi_gen_tre(struct mhi_controller *mhi_cntrl, struct mhi_chan *mhi_chan, if (!info->pre_mapped) { ret = mhi_cntrl->map_single(mhi_cntrl, buf_info); - if (ret) + if (ret) { + write_unlock_bh(&mhi_chan->lock); return ret; + } } eob = !!(flags & MHI_EOB); @@ -1240,6 +1245,8 @@ int mhi_gen_tre(struct mhi_controller *mhi_cntrl, struct mhi_chan *mhi_chan, mhi_add_ring_element(mhi_cntrl, tre_ring); mhi_add_ring_element(mhi_cntrl, buf_ring); + write_unlock_bh(&mhi_chan->lock); + return 0; } -- 2.7.4

1 year, 7 months

2
1
0 0

stable-rc/linux-5.4.y baseline: 109 runs, 1 regressions (v5.4.260)

by kernelci.org bot

stable-rc/linux-5.4.y baseline: 109 runs, 1 regressions (v5.4.260) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ---------------+-------+--------------+----------+-----------+------------ meson-gxm-q200 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/linux-5.4.y/kernel/v5.4.260/… Test: baseline Tree: stable-rc Branch: linux-5.4.y Describe: v5.4.260 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: 87e8e7a7aa1f96276252a90373de1d56add31918 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ---------------+-------+--------------+----------+-----------+------------ meson-gxm-q200 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/654cd60ff2c48c3ceeefcf16 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.260/arm64/defconfi… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.260/arm64/defconfi… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/654cd60ff2c48c3ceeefcf17 new failure (last pass: v5.4.259-75-gca21f12ba7d85)

1 year, 7 months

1
0
0 0

stable-rc/linux-4.19.y baseline: 92 runs, 1 regressions (v4.19.298)

by kernelci.org bot

stable-rc/linux-4.19.y baseline: 92 runs, 1 regressions (v4.19.298) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ---------------+-------+--------------+----------+-----------+------------ meson-gxm-q200 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/linux-4.19.y/kernel/v4.19.29… Test: baseline Tree: stable-rc Branch: linux-4.19.y Describe: v4.19.298 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: aa8663e85da65e4b92ac82208059c173cb42c3bd Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ---------------+-------+--------------+----------+-----------+------------ meson-gxm-q200 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/654cd2641e8f8a2d94efcf3e Results: 5 PASS, 1 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.298/arm64/defcon… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.298/arm64/defcon… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.dmesg.emerg: https://kernelci.org/test/case/id/654cd2641e8f8a2d94efcf41 failing since 24 days (last pass: v4.19.288, first fail: v4.19.296-42-gb3c2ae79aa73) 1 lines 2023-11-09T12:36:39.025246 <4>[ 46.417587] ------------[ cut here ]------------ 2023-11-09T12:36:39.025769 <4>[ 46.417679] WARNING: CPU: 0 PID: 0 at drivers/mmc/host/meson-gx-mmc.c:1040 meson_mmc_irq+0x1c8/0x1dc 2023-11-09T12:36:39.029249 <4>[ 46.426151] Modules linked in: ipv6 dwmac_generic realtek meson_gxl meson_dw_hdmi meson_drm dw_hdmi dwmac_meson8b drm_kms_helper stmmac_platform meson_ir crc32_ce drm rc_core meson_gxbb_wdt meson_rng adc_keys crct10dif_ce stmmac pwm_meson rng_core drm_panel_orientation_quirks nvmem_meson_efuse input_polldev 2023-11-09T12:36:39.068554 <4>[ 46.453410] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 4.19.298 #1 2023-11-09T12:36:39.068775 <4>[ 46.461080] Hardware name: Amlogic Meson GXM (S912) Q200 Development Board (DT) 2023-11-09T12:36:39.068978 <4>[ 46.468586] pstate: 60000085 (nZCv daIf -PAN -UAO) 2023-11-09T12:36:39.069175 <4>[ 46.473590] pc : meson_mmc_irq+0x1c8/0x1dc 2023-11-09T12:36:39.069368 <4>[ 46.477901] lr : meson_mmc_irq+0x1c8/0x1dc 2023-11-09T12:36:39.069781 <8>[ 46.479472] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=emerg RESULT=fail UNITS=lines MEASUREMENT=1>

1 year, 7 months

1
0
0 0

stable-rc/linux-5.15.y baseline: 116 runs, 1 regressions (v5.15.138)

by kernelci.org bot

stable-rc/linux-5.15.y baseline: 116 runs, 1 regressions (v5.15.138) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ---------------------+-------+--------------+----------+-----------+------------ meson-gxl-s905d-p230 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/linux-5.15.y/kernel/v5.15.13… Test: baseline Tree: stable-rc Branch: linux-5.15.y Describe: v5.15.138 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: 80529b4968a8052f894d00021a576d8a2d89aa08 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ---------------------+-------+--------------+----------+-----------+------------ meson-gxl-s905d-p230 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/654ccf7b8c3d5f6b54efcf1a Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.138/arm64/defcon… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.138/arm64/defcon… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/654ccf7b8c3d5f6b54efcf1b new failure (last pass: v5.15.137-129-gec134bfabca01)

1 year, 7 months

1
0
0 0

stable-rc/linux-6.1.y baseline: 118 runs, 2 regressions (v6.1.62)

by kernelci.org bot

stable-rc/linux-6.1.y baseline: 118 runs, 2 regressions (v6.1.62) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ------------------------+-------+--------------+----------+-----------+------------ meson-gxl-s905d-p230 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 sun50i-a64-bananapi-m64 | arm64 | lab-clabbe | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/linux-6.1.y/kernel/v6.1.62/p… Test: baseline Tree: stable-rc Branch: linux-6.1.y Describe: v6.1.62 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: fb2635ac69abac0060cc2be2873dc4f524f12e66 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ------------------------+-------+--------------+----------+-----------+------------ meson-gxl-s905d-p230 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/654ccca260da9b2af0efcef4 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.62/arm64/defconfig… HTML log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.62/arm64/defconfig… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/654ccca260da9b2af0efcef5 new failure (last pass: v6.1.61-63-gf2e7db5bff466) platform | arch | lab | compiler | defconfig | regressions ------------------------+-------+--------------+----------+-----------+------------ sun50i-a64-bananapi-m64 | arm64 | lab-clabbe | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/654ccca660da9b2af0efcef9 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.62/arm64/defconfig… HTML log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.62/arm64/defconfig… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/654ccca660da9b2af0efcefa new failure (last pass: v6.1.18-146-g7887563347ee)

1 year, 7 months

1
0
0 0

stable-rc/linux-5.10.y baseline: 117 runs, 2 regressions (v5.10.200)

by kernelci.org bot

stable-rc/linux-5.10.y baseline: 117 runs, 2 regressions (v5.10.200) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions -------------------+-------+---------------+----------+-----------+------------ sun50i-h6-pine-h64 | arm64 | lab-clabbe | gcc-10 | defconfig | 1 sun50i-h6-pine-h64 | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/linux-5.10.y/kernel/v5.10.20… Test: baseline Tree: stable-rc Branch: linux-5.10.y Describe: v5.10.200 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: 3e55583405ac3f8651966dcd23590adb3db1d8c2 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions -------------------+-------+---------------+----------+-----------+------------ sun50i-h6-pine-h64 | arm64 | lab-clabbe | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/654cc449bfa4627347efcefe Results: 5 PASS, 1 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.200/arm64/defcon… HTML log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.200/arm64/defcon… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/654cc449bfa4627347efcf07 failing since 29 days (last pass: v5.10.176-224-g10e9fd53dc59, first fail: v5.10.198) 2023-11-09T11:36:35.139369 <8>[ 16.956522] <LAVA_SIGNAL_ENDRUN 0_dmesg 443359_1.5.2.4.1> 2023-11-09T11:36:35.244455 / # # 2023-11-09T11:36:35.346076 export SHELL=/bin/sh 2023-11-09T11:36:35.346676 # 2023-11-09T11:36:35.447629 / # export SHELL=/bin/sh. /lava-443359/environment 2023-11-09T11:36:35.448220 2023-11-09T11:36:35.549232 / # . /lava-443359/environment/lava-443359/bin/lava-test-runner /lava-443359/1 2023-11-09T11:36:35.550078 2023-11-09T11:36:35.554813 / # /lava-443359/bin/lava-test-runner /lava-443359/1 2023-11-09T11:36:35.620868 + export 'TESTRUN_ID=1_bootrr' ... (11 line(s) more) platform | arch | lab | compiler | defconfig | regressions -------------------+-------+---------------+----------+-----------+------------ sun50i-h6-pine-h64 | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/654cc478cd70464151efcf0d Results: 5 PASS, 1 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.200/arm64/defcon… HTML log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.200/arm64/defcon… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/654cc478cd70464151efcf16 failing since 29 days (last pass: v5.10.176-224-g10e9fd53dc59, first fail: v5.10.198) 2023-11-09T11:43:44.954327 / # # 2023-11-09T11:43:45.056384 export SHELL=/bin/sh 2023-11-09T11:43:45.057095 # 2023-11-09T11:43:45.158550 / # export SHELL=/bin/sh. /lava-11974949/environment 2023-11-09T11:43:45.159243 2023-11-09T11:43:45.260697 / # . /lava-11974949/environment/lava-11974949/bin/lava-test-runner /lava-11974949/1 2023-11-09T11:43:45.261827 2023-11-09T11:43:45.278910 / # /lava-11974949/bin/lava-test-runner /lava-11974949/1 2023-11-09T11:43:45.321592 + export 'TESTRUN_ID=1_bootrr' 2023-11-09T11:43:45.336918 + cd /lava-1197494<8>[ 18.197280] <LAVA_SIGNAL_STARTRUN 1_bootrr 11974949_1.5.2.4.5> ... (10 line(s) more)

1 year, 7 months

1
0
0 0

[PATCH 1/1] swiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC

by Petr Tesarik

From: Petr Tesarik <petr.tesarik1(a)huawei-partners.com> Limit the free list length to the size of the IO TLB. Transient pool can be smaller than IO_TLB_SEGSIZE, but the free list is initialized with the assumption that the total number of slots is a multiple of IO_TLB_SEGSIZE. As a result, swiotlb_area_find_slots() may allocate slots past the end of a transient IO TLB buffer. Reported-by: Niklas Schnelle <schnelle(a)linux.ibm.com> Closes: https://lore.kernel.org/linux-iommu/104a8c8fedffd1ff8a2890983e2ec1c26bff681… Fixes: 79636caad361 ("swiotlb: if swiotlb is full, fall back to a transient memory pool") Cc: Halil Pasic <pasic(a)linux.ibm.com> Cc: stable(a)vger.kernel.org Signed-off-by: Petr Tesarik <petr.tesarik1(a)huawei-partners.com> --- kernel/dma/swiotlb.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kernel/dma/swiotlb.c b/kernel/dma/swiotlb.c index 26202274784f..ec82524ba902 100644 --- a/kernel/dma/swiotlb.c +++ b/kernel/dma/swiotlb.c @@ -283,7 +283,8 @@ static void swiotlb_init_io_tlb_pool(struct io_tlb_pool *mem, phys_addr_t start, } for (i = 0; i < mem->nslabs; i++) { - mem->slots[i].list = IO_TLB_SEGSIZE - io_tlb_offset(i); + mem->slots[i].list = min(IO_TLB_SEGSIZE - io_tlb_offset(i), + mem->nslabs - i); mem->slots[i].orig_addr = INVALID_PHYS_ADDR; mem->slots[i].alloc_size = 0; } -- 2.42.1

1 year, 7 months

5
5
0 0

[PATCH 12/20] dma-buf: add dma_fence_timestamp helper

by Rodrigo Vivi

From: Christian König <christian.koenig(a)amd.com> When a fence signals there is a very small race window where the timestamp isn't updated yet. sync_file solves this by busy waiting for the timestamp to appear, but on other ocassions didn't handled this correctly. Provide a dma_fence_timestamp() helper function for this and use it in all appropriate cases. Another alternative would be to grab the spinlock when that happens. v2 by teddy: add a wait parameter to wait for the timestamp to show up, in case the accurate timestamp is needed and/or the timestamp is not based on ktime (e.g. hw timestamp) v3 chk: drop the parameter again for unified handling Signed-off-by: Yunxiang Li <Yunxiang.Li(a)amd.com> Signed-off-by: Christian König <christian.koenig(a)amd.com> Fixes: 1774baa64f93 ("drm/scheduler: Change scheduled fence track v2") Reviewed-by: Alex Deucher <alexander.deucher(a)amd.com> CC: stable(a)vger.kernel.org Link: https://patchwork.freedesktop.org/patch/msgid/20230929104725.2358-1-christi… (cherry picked from commit 0da611a8702101814257a7c03f6caf0574c83b98) Signed-off-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> --- drivers/dma-buf/dma-fence-unwrap.c | 13 ++++--------- drivers/dma-buf/sync_file.c | 9 +++------ drivers/gpu/drm/scheduler/sched_main.c | 2 +- include/linux/dma-fence.h | 19 +++++++++++++++++++ 4 files changed, 27 insertions(+), 16 deletions(-) diff --git a/drivers/dma-buf/dma-fence-unwrap.c b/drivers/dma-buf/dma-fence-unwrap.c index c625bb2b5d56..628af51c81af 100644 --- a/drivers/dma-buf/dma-fence-unwrap.c +++ b/drivers/dma-buf/dma-fence-unwrap.c @@ -76,16 +76,11 @@ struct dma_fence *__dma_fence_unwrap_merge(unsigned int num_fences, dma_fence_unwrap_for_each(tmp, &iter[i], fences[i]) { if (!dma_fence_is_signaled(tmp)) { ++count; - } else if (test_bit(DMA_FENCE_FLAG_TIMESTAMP_BIT, - &tmp->flags)) { - if (ktime_after(tmp->timestamp, timestamp)) - timestamp = tmp->timestamp; } else { - /* - * Use the current time if the fence is - * currently signaling. - */ - timestamp = ktime_get(); + ktime_t t = dma_fence_timestamp(tmp); + + if (ktime_after(t, timestamp)) + timestamp = t; } } } diff --git a/drivers/dma-buf/sync_file.c b/drivers/dma-buf/sync_file.c index af57799c86ce..2e9a316c596a 100644 --- a/drivers/dma-buf/sync_file.c +++ b/drivers/dma-buf/sync_file.c @@ -268,13 +268,10 @@ static int sync_fill_fence_info(struct dma_fence *fence, sizeof(info->driver_name)); info->status = dma_fence_get_status(fence); - while (test_bit(DMA_FENCE_FLAG_SIGNALED_BIT, &fence->flags) && - !test_bit(DMA_FENCE_FLAG_TIMESTAMP_BIT, &fence->flags)) - cpu_relax(); info->timestamp_ns = - test_bit(DMA_FENCE_FLAG_TIMESTAMP_BIT, &fence->flags) ? - ktime_to_ns(fence->timestamp) : - ktime_set(0, 0); + dma_fence_is_signaled(fence) ? + ktime_to_ns(dma_fence_timestamp(fence)) : + ktime_set(0, 0); return info->status; } diff --git a/drivers/gpu/drm/scheduler/sched_main.c b/drivers/gpu/drm/scheduler/sched_main.c index fd755e953487..99797a8c836a 100644 --- a/drivers/gpu/drm/scheduler/sched_main.c +++ b/drivers/gpu/drm/scheduler/sched_main.c @@ -935,7 +935,7 @@ drm_sched_get_cleanup_job(struct drm_gpu_scheduler *sched) if (next) { next->s_fence->scheduled.timestamp = - job->s_fence->finished.timestamp; + dma_fence_timestamp(&job->s_fence->finished); /* start TO timer for next job */ drm_sched_start_timeout(sched); } diff --git a/include/linux/dma-fence.h b/include/linux/dma-fence.h index 0d678e9a7b24..ebe78bd3d121 100644 --- a/include/linux/dma-fence.h +++ b/include/linux/dma-fence.h @@ -568,6 +568,25 @@ static inline void dma_fence_set_error(struct dma_fence *fence, fence->error = error; } +/** + * dma_fence_timestamp - helper to get the completion timestamp of a fence + * @fence: fence to get the timestamp from. + * + * After a fence is signaled the timestamp is updated with the signaling time, + * but setting the timestamp can race with tasks waiting for the signaling. This + * helper busy waits for the correct timestamp to appear. + */ +static inline ktime_t dma_fence_timestamp(struct dma_fence *fence) +{ + if (WARN_ON(!test_bit(DMA_FENCE_FLAG_SIGNALED_BIT, &fence->flags))) + return ktime_get(); + + while (!test_bit(DMA_FENCE_FLAG_TIMESTAMP_BIT, &fence->flags)) + cpu_relax(); + + return fence->timestamp; +} + signed long dma_fence_wait_timeout(struct dma_fence *, bool intr, signed long timeout); signed long dma_fence_wait_any_timeout(struct dma_fence **fences, -- 2.41.0

1 year, 7 months

1
0
0 0

[PATCH net,v3, 2/2] hv_netvsc: Fix race of register_netdevice_notifier and VF register

by Haiyang Zhang

If VF NIC is registered earlier, NETDEV_REGISTER event is replayed, but NETDEV_POST_INIT is not. Move register_netdevice_notifier() earlier, so the call back function is set before probing. Cc: stable(a)vger.kernel.org Fixes: e04e7a7bbd4b ("hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe()") Signed-off-by: Haiyang Zhang <haiyangz(a)microsoft.com> Reviewed-by: Wojciech Drewek <wojciech.drewek(a)intel.com> --- v3: Divide it into two patches, suggested by Jakub Kicinski. v2: Fix rtnl_unlock() in error handling as found by Wojciech Drewek. --- drivers/net/hyperv/netvsc_drv.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/net/hyperv/netvsc_drv.c b/drivers/net/hyperv/netvsc_drv.c index 5e528a76f5f5..1d1491da303b 100644 --- a/drivers/net/hyperv/netvsc_drv.c +++ b/drivers/net/hyperv/netvsc_drv.c @@ -2793,11 +2793,14 @@ static int __init netvsc_drv_init(void) } netvsc_ring_bytes = ring_size * PAGE_SIZE; + register_netdevice_notifier(&netvsc_netdev_notifier); + ret = vmbus_driver_register(&netvsc_drv); - if (ret) + if (ret) { + unregister_netdevice_notifier(&netvsc_netdev_notifier); return ret; + } - register_netdevice_notifier(&netvsc_netdev_notifier); return 0; } -- 2.25.1

1 year, 7 months

2
2
0 0

[stable-4.14 PATCH] scsi: virtio_scsi: limit number of hw queues by nr_cpu_ids

by Kunkun Jiang

From: Dongli Zhang <dongli.zhang(a)oracle.com> [ Upstream commit 1978f30a87732d4d9072a20abeded9fe17884f1b ] When tag_set->nr_maps is 1, the block layer limits the number of hw queues by nr_cpu_ids. No matter how many hw queues are used by virtio-scsi, as it has (tag_set->nr_maps == 1), it can use at most nr_cpu_ids hw queues. In addition, specifically for pci scenario, when the 'num_queues' specified by qemu is more than maxcpus, virtio-scsi would not be able to allocate more than maxcpus vectors in order to have a vector for each queue. As a result, it falls back into MSI-X with one vector for config and one shared for queues. Considering above reasons, this patch limits the number of hw queues used by virtio-scsi by nr_cpu_ids. Reviewed-by: Stefan Hajnoczi <stefanha(a)redhat.com> Signed-off-by: Dongli Zhang <dongli.zhang(a)oracle.com> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> Signed-off-by: Kunkun Jiang <jiangkunkun(a)huawei.com> --- drivers/scsi/virtio_scsi.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/scsi/virtio_scsi.c b/drivers/scsi/virtio_scsi.c index 2839701ffab5..427bd88c1647 100644 --- a/drivers/scsi/virtio_scsi.c +++ b/drivers/scsi/virtio_scsi.c @@ -891,6 +891,7 @@ static int virtscsi_probe(struct virtio_device *vdev) /* We need to know how many queues before we allocate. */ num_queues = virtscsi_config_get(vdev, num_queues) ? : 1; + num_queues = min_t(unsigned int, nr_cpu_ids, num_queues); num_targets = virtscsi_config_get(vdev, max_target) + 1; -- 2.33.0

1 year, 7 months

1
0
0 0

stable-rc/linux-5.4.y build: 17 builds: 2 failed, 15 passed, 24 warnings (v5.4.260)

by kernelci.org bot

stable-rc/linux-5.4.y build: 17 builds: 2 failed, 15 passed, 24 warnings (v5.4.260) Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-5.4.y/kernel/v5.4.260/ Tree: stable-rc Branch: linux-5.4.y Git Describe: v5.4.260 Git Commit: 87e8e7a7aa1f96276252a90373de1d56add31918 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Built: 7 unique architectures Build Failures Detected: arm64: defconfig+arm64-chromebook: (gcc-10) FAIL x86_64: x86_64_defconfig+x86-board: (gcc-10) FAIL Warnings Detected: arc: arm64: defconfig (gcc-10): 2 warnings defconfig+arm64-chromebook (gcc-10): 2 warnings arm: i386: allnoconfig (gcc-10): 2 warnings i386_defconfig (gcc-10): 2 warnings tinyconfig (gcc-10): 2 warnings mips: riscv: x86_64: allnoconfig (gcc-10): 4 warnings tinyconfig (gcc-10): 4 warnings x86_64_defconfig (gcc-10): 4 warnings x86_64_defconfig+x86-board (gcc-10): 2 warnings Warnings summary: 6 ld: warning: creating DT_TEXTREL in a PIE 4 arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] 3 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' 3 ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' 2 arch/x86/entry/entry_64.o: warning: objtool: If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE. 2 arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x1c1: unsupported intra-function call 2 arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x151: unsupported intra-function call 2 arch/x86/entry/entry_64.S:1756: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret' Section mismatches summary: 1 WARNING: vmlinux.o(___ksymtab_gpl+vic_init_cascaded+0x0): Section mismatch in reference from the variable __ksymtab_vic_init_cascaded to the function .init.text:vic_init_cascaded() ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_64.S:1756: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret' arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x151: unsupported intra-function call ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — FAIL, 0 errors, 2 warnings, 0 section mismatches Warnings: arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: vmlinux.o(___ksymtab_gpl+vic_init_cascaded+0x0): Section mismatch in reference from the variable __ksymtab_vic_init_cascaded to the function .init.text:vic_init_cascaded() -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_64.S:1756: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret' arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x151: unsupported intra-function call ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x1c1: unsupported intra-function call arch/x86/entry/entry_64.o: warning: objtool: If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE. ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- x86_64_defconfig+x86-board (x86_64, gcc-10) — FAIL, 0 errors, 2 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x1c1: unsupported intra-function call arch/x86/entry/entry_64.o: warning: objtool: If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE. --- For more info write to <info(a)kernelci.org>

1 year, 7 months

1
0
0 0

stable-rc/linux-4.19.y build: 19 builds: 5 failed, 14 passed, 15 warnings (v4.19.298)

by kernelci.org bot

stable-rc/linux-4.19.y build: 19 builds: 5 failed, 14 passed, 15 warnings (v4.19.298) Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-4.19.y/kernel/v4.19.298/ Tree: stable-rc Branch: linux-4.19.y Git Describe: v4.19.298 Git Commit: aa8663e85da65e4b92ac82208059c173cb42c3bd Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Built: 7 unique architectures Build Failures Detected: arm64: defconfig+arm64-chromebook: (gcc-10) FAIL riscv: allnoconfig: (gcc-10) FAIL defconfig: (gcc-10) FAIL tinyconfig: (gcc-10) FAIL x86_64: x86_64_defconfig+x86-board: (gcc-10) FAIL Warnings Detected: arc: arm64: defconfig (gcc-10): 3 warnings arm: i386: allnoconfig (gcc-10): 2 warnings i386_defconfig (gcc-10): 2 warnings tinyconfig (gcc-10): 2 warnings mips: riscv: x86_64: allnoconfig (gcc-10): 2 warnings tinyconfig (gcc-10): 2 warnings x86_64_defconfig (gcc-10): 2 warnings Warnings summary: 6 ld: warning: creating DT_TEXTREL in a PIE 3 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' 3 ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' 3 aarch64-linux-gnu-ld: warning: -z norelro ignored Section mismatches summary: 2 WARNING: modpost: Found 1 section mismatch(es). ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (riscv, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: aarch64-linux-gnu-ld: warning: -z norelro ignored aarch64-linux-gnu-ld: warning: -z norelro ignored aarch64-linux-gnu-ld: warning: -z norelro ignored Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (riscv, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- x86_64_defconfig+x86-board (x86_64, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

1 year, 7 months

1
0
0 0

stable/linux-5.15.y baseline: 184 runs, 4 regressions (v5.15.138)

by kernelci.org bot

stable/linux-5.15.y baseline: 184 runs, 4 regressions (v5.15.138) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ----------------------------+------+------------+----------+------------------------------+------------ sun7i-a20-cubieboard2 | arm | lab-clabbe | gcc-10 | multi_v7_defconfig+kselftest | 1 sun8i-a33-olinuxino | arm | lab-clabbe | gcc-10 | multi_v7_defconfig+kselftest | 1 sun8i-h3-orangepi-pc | arm | lab-clabbe | gcc-10 | multi_v7_defconfig+kselftest | 1 sun8i-r40-bananapi-m2-ultra | arm | lab-clabbe | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/job/stable/branch/linux-5.15.y/kernel/v5.15.138/p… Test: baseline Tree: stable Branch: linux-5.15.y Describe: v5.15.138 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git SHA: 80529b4968a8052f894d00021a576d8a2d89aa08 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ----------------------------+------+------------+----------+------------------------------+------------ sun7i-a20-cubieboard2 | arm | lab-clabbe | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/plan/id/654c9be3f7a8cbe148efcf1c Results: 0 PASS, 1 FAIL, 0 SKIP Full config: multi_v7_defconfig+kselftest Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-5.15.y/v5.15.138/arm/multi_v7_de… HTML log: https://storage.kernelci.org//stable/linux-5.15.y/v5.15.138/arm/multi_v7_de… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/654c9be3f7a8cbe148efcf1d new failure (last pass: v5.15.137) platform | arch | lab | compiler | defconfig | regressions ----------------------------+------+------------+----------+------------------------------+------------ sun8i-a33-olinuxino | arm | lab-clabbe | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/plan/id/654c9be1d2d9693132efcf0f Results: 0 PASS, 1 FAIL, 0 SKIP Full config: multi_v7_defconfig+kselftest Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-5.15.y/v5.15.138/arm/multi_v7_de… HTML log: https://storage.kernelci.org//stable/linux-5.15.y/v5.15.138/arm/multi_v7_de… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/654c9be1d2d9693132efcf10 new failure (last pass: v5.15.137) platform | arch | lab | compiler | defconfig | regressions ----------------------------+------+------------+----------+------------------------------+------------ sun8i-h3-orangepi-pc | arm | lab-clabbe | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/plan/id/654c9d865d01aa532befcef6 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: multi_v7_defconfig+kselftest Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-5.15.y/v5.15.138/arm/multi_v7_de… HTML log: https://storage.kernelci.org//stable/linux-5.15.y/v5.15.138/arm/multi_v7_de… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/654c9d865d01aa532befcef7 new failure (last pass: v5.15.137) platform | arch | lab | compiler | defconfig | regressions ----------------------------+------+------------+----------+------------------------------+------------ sun8i-r40-bananapi-m2-ultra | arm | lab-clabbe | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/plan/id/654c9d9afed9c16a32efcef7 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: multi_v7_defconfig+kselftest Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-5.15.y/v5.15.138/arm/multi_v7_de… HTML log: https://storage.kernelci.org//stable/linux-5.15.y/v5.15.138/arm/multi_v7_de… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/654c9d9afed9c16a32efcef8 new failure (last pass: v5.15.137)

1 year, 7 months

1
0
0 0

stable-rc/linux-4.14.y build: 16 builds: 2 failed, 14 passed, 19 warnings (v4.14.329)

by kernelci.org bot

stable-rc/linux-4.14.y build: 16 builds: 2 failed, 14 passed, 19 warnings (v4.14.329) Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-4.14.y/kernel/v4.14.329/ Tree: stable-rc Branch: linux-4.14.y Git Describe: v4.14.329 Git Commit: 3b717ad0e90f88642da05bdea585d5ee98c287cb Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Built: 6 unique architectures Build Failures Detected: arm64: defconfig+arm64-chromebook: (gcc-10) FAIL x86_64: x86_64_defconfig+x86-board: (gcc-10) FAIL Warnings Detected: arc: arm64: arm: i386: allnoconfig (gcc-10): 3 warnings i386_defconfig (gcc-10): 3 warnings tinyconfig (gcc-10): 3 warnings mips: x86_64: allnoconfig (gcc-10): 3 warnings tinyconfig (gcc-10): 3 warnings x86_64_defconfig (gcc-10): 3 warnings x86_64_defconfig+x86-board (gcc-10): 1 warning Warnings summary: 6 ld: warning: creating DT_TEXTREL in a PIE 4 Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' 3 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' 3 ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' 3 arch/x86/entry/entry_32.S:480: Warning: no instruction mnemonic suffix given and no register operands; using default for `btr' Section mismatches summary: 2 WARNING: modpost: Found 1 section mismatch(es). ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_32.S:480: Warning: no instruction mnemonic suffix given and no register operands; using default for `btr' ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_32.S:480: Warning: no instruction mnemonic suffix given and no register operands; using default for `btr' ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_32.S:480: Warning: no instruction mnemonic suffix given and no register operands; using default for `btr' ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- x86_64_defconfig+x86-board (x86_64, gcc-10) — FAIL, 0 errors, 1 warning, 0 section mismatches Warnings: Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' --- For more info write to <info(a)kernelci.org>

1 year, 7 months

1
0
0 0

stable-rc/linux-5.15.y build: 20 builds: 2 failed, 18 passed, 3 warnings (v5.15.138)

by kernelci.org bot

stable-rc/linux-5.15.y build: 20 builds: 2 failed, 18 passed, 3 warnings (v5.15.138) Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-5.15.y/kernel/v5.15.138/ Tree: stable-rc Branch: linux-5.15.y Git Describe: v5.15.138 Git Commit: 80529b4968a8052f894d00021a576d8a2d89aa08 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Built: 7 unique architectures Build Failures Detected: arm64: defconfig+arm64-chromebook: (gcc-10) FAIL x86_64: x86_64_defconfig+x86-board: (gcc-10) FAIL Warnings Detected: arc: arm64: arm: i386: mips: 32r2el_defconfig (gcc-10): 1 warning riscv: x86_64: x86_64_defconfig (gcc-10): 1 warning x86_64_defconfig+x86-board (gcc-10): 1 warning Warnings summary: 2 arch/x86/kernel/smp.o: warning: objtool: sysvec_reboot()+0x45: unreachable instruction 1 arch/mips/boot/dts/img/boston.dts:128.19-178.5: Warning (pci_device_reg): /pci@14000000/pci2_root@0,0,0: PCI unit address format error, expected "0,0" ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: arch/mips/boot/dts/img/boston.dts:128.19-178.5: Warning (pci_device_reg): /pci@14000000/pci2_root@0,0,0: PCI unit address format error, expected "0,0" -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_sdcard_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rv32_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: arch/x86/kernel/smp.o: warning: objtool: sysvec_reboot()+0x45: unreachable instruction -------------------------------------------------------------------------------- x86_64_defconfig+x86-board (x86_64, gcc-10) — FAIL, 0 errors, 1 warning, 0 section mismatches Warnings: arch/x86/kernel/smp.o: warning: objtool: sysvec_reboot()+0x45: unreachable instruction --- For more info write to <info(a)kernelci.org>

1 year, 7 months

1
0
0 0

stable-rc/linux-6.1.y build: 20 builds: 2 failed, 18 passed, 1 warning (v6.1.62)

by kernelci.org bot

stable-rc/linux-6.1.y build: 20 builds: 2 failed, 18 passed, 1 warning (v6.1.62) Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-6.1.y/kernel/v6.1.62/ Tree: stable-rc Branch: linux-6.1.y Git Describe: v6.1.62 Git Commit: fb2635ac69abac0060cc2be2873dc4f524f12e66 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Built: 7 unique architectures Build Failures Detected: arm64: defconfig+arm64-chromebook: (gcc-10) FAIL x86_64: x86_64_defconfig+x86-board: (gcc-10) FAIL Warnings Detected: arc: arm64: arm: i386: mips: 32r2el_defconfig (gcc-10): 1 warning riscv: x86_64: Warnings summary: 1 arch/mips/boot/dts/img/boston.dts:128.19-178.5: Warning (pci_device_reg): /pci@14000000/pci2_root@0,0,0: PCI unit address format error, expected "0,0" ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: arch/mips/boot/dts/img/boston.dts:128.19-178.5: Warning (pci_device_reg): /pci@14000000/pci2_root@0,0,0: PCI unit address format error, expected "0,0" -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_sdcard_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rv32_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+x86-board (x86_64, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

1 year, 7 months

1
0
0 0

stable-rc/linux-5.10.y build: 19 builds: 2 failed, 17 passed, 5 warnings (v5.10.200)

by kernelci.org bot

stable-rc/linux-5.10.y build: 19 builds: 2 failed, 17 passed, 5 warnings (v5.10.200) Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-5.10.y/kernel/v5.10.200/ Tree: stable-rc Branch: linux-5.10.y Git Describe: v5.10.200 Git Commit: 3e55583405ac3f8651966dcd23590adb3db1d8c2 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Built: 7 unique architectures Build Failures Detected: arm64: defconfig+arm64-chromebook: (gcc-10) FAIL x86_64: x86_64_defconfig+x86-board: (gcc-10) FAIL Warnings Detected: arc: arm64: arm: i386: mips: 32r2el_defconfig (gcc-10): 1 warning riscv: rv32_defconfig (gcc-10): 4 warnings x86_64: Warnings summary: 2 <stdin>:830:2: warning: #warning syscall fstat64 not implemented [-Wcpp] 2 <stdin>:1127:2: warning: #warning syscall fstatat64 not implemented [-Wcpp] 1 WARNING: modpost: Symbol info of vmlinux is missing. Unresolved symbol check will be entirely skipped. ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: WARNING: modpost: Symbol info of vmlinux is missing. Unresolved symbol check will be entirely skipped. -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rv32_defconfig (riscv, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: <stdin>:830:2: warning: #warning syscall fstat64 not implemented [-Wcpp] <stdin>:1127:2: warning: #warning syscall fstatat64 not implemented [-Wcpp] <stdin>:830:2: warning: #warning syscall fstat64 not implemented [-Wcpp] <stdin>:1127:2: warning: #warning syscall fstatat64 not implemented [-Wcpp] -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+x86-board (x86_64, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

1 year, 7 months

1
0
0 0

stable/linux-5.10.y build: 19 builds: 2 failed, 17 passed, 5 warnings (v5.10.200)

by kernelci.org bot

stable/linux-5.10.y build: 19 builds: 2 failed, 17 passed, 5 warnings (v5.10.200) Full Build Summary: https://kernelci.org/build/stable/branch/linux-5.10.y/kernel/v5.10.200/ Tree: stable Branch: linux-5.10.y Git Describe: v5.10.200 Git Commit: 3e55583405ac3f8651966dcd23590adb3db1d8c2 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git Built: 7 unique architectures Build Failures Detected: arm64: defconfig+arm64-chromebook: (gcc-10) FAIL x86_64: x86_64_defconfig+x86-board: (gcc-10) FAIL Warnings Detected: arc: arm64: arm: i386: mips: 32r2el_defconfig (gcc-10): 1 warning riscv: rv32_defconfig (gcc-10): 4 warnings x86_64: Warnings summary: 2 <stdin>:830:2: warning: #warning syscall fstat64 not implemented [-Wcpp] 2 <stdin>:1127:2: warning: #warning syscall fstatat64 not implemented [-Wcpp] 1 WARNING: modpost: Symbol info of vmlinux is missing. Unresolved symbol check will be entirely skipped. ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: WARNING: modpost: Symbol info of vmlinux is missing. Unresolved symbol check will be entirely skipped. -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rv32_defconfig (riscv, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: <stdin>:830:2: warning: #warning syscall fstat64 not implemented [-Wcpp] <stdin>:1127:2: warning: #warning syscall fstatat64 not implemented [-Wcpp] <stdin>:830:2: warning: #warning syscall fstat64 not implemented [-Wcpp] <stdin>:1127:2: warning: #warning syscall fstatat64 not implemented [-Wcpp] -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+x86-board (x86_64, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

1 year, 7 months

1
0
0 0

[PATCH 1/1] drm/mediatek: Fix access violation in mtk_drm_crtc_dma_dev_get

by Stuart Lee

Add error handling to check NULL input in mtk_drm_crtc_dma_dev_get function. While display path is not configured correctly, none of crtc is established. So the caller of mtk_drm_crtc_dma_dev_get may pass input parameter *crtc as NULL, Which may cause coredump when we try to get the container of NULL pointer. Fixes: cb1d6bcca542 ("drm/mediatek: Add dma dev get function") Signed-off-by: Stuart Lee <stuart.lee(a)mediatek.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/mediatek/mtk_drm_crtc.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/mediatek/mtk_drm_crtc.c b/drivers/gpu/drm/mediatek/mtk_drm_crtc.c index c277b9fae950..047c9a31d306 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_crtc.c +++ b/drivers/gpu/drm/mediatek/mtk_drm_crtc.c @@ -921,7 +921,14 @@ static int mtk_drm_crtc_init_comp_planes(struct drm_device *drm_dev, struct device *mtk_drm_crtc_dma_dev_get(struct drm_crtc *crtc) { - struct mtk_drm_crtc *mtk_crtc = to_mtk_crtc(crtc); + struct mtk_drm_crtc *mtk_crtc = NULL; + + if (!crtc) + return NULL; + + mtk_crtc = to_mtk_crtc(crtc); + if (!mtk_crtc) + return NULL; return mtk_crtc->dma_dev; } -- 2.18.0

1 year, 7 months

1
0
0 0

stable/linux-5.15.y build: 116 builds: 5 failed, 111 passed, 4 errors, 5 warnings (v5.15.138)

by kernelci.org bot

stable/linux-5.15.y build: 116 builds: 5 failed, 111 passed, 4 errors, 5 warnings (v5.15.138) Full Build Summary: https://kernelci.org/build/stable/branch/linux-5.15.y/kernel/v5.15.138/ Tree: stable Branch: linux-5.15.y Git Describe: v5.15.138 Git Commit: 80529b4968a8052f894d00021a576d8a2d89aa08 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git Built: 7 unique architectures Build Failures Detected: arm64: defconfig+arm64-chromebook: (gcc-10) FAIL defconfig+arm64-chromebook+kselftest: (gcc-10) FAIL arm: rpc_defconfig: (gcc-10) FAIL x86_64: x86_64_defconfig+x86-board: (gcc-10) FAIL x86_64_defconfig+x86-board+kselftest: (gcc-10) FAIL Errors and Warnings Detected: arc: arm64: arm: rpc_defconfig (gcc-10): 4 errors i386: mips: 32r2el_defconfig (gcc-10): 1 warning riscv: x86_64: x86_64_defconfig (gcc-10): 1 warning x86_64_defconfig+kselftest (gcc-10): 1 warning x86_64_defconfig+x86-board (gcc-10): 1 warning x86_64_defconfig+x86-board+kselftest (gcc-10): 1 warning Errors summary: 2 arm-linux-gnueabihf-gcc: error: unrecognized -march target: armv3m 2 arm-linux-gnueabihf-gcc: error: missing argument to ‘-march=’ Warnings summary: 2 arch/x86/kernel/smp.o: warning: objtool: sysvec_reboot()+0x4d: unreachable instruction 2 arch/x86/kernel/smp.o: warning: objtool: sysvec_reboot()+0x45: unreachable instruction 1 arch/mips/boot/dts/img/boston.dts:128.19-178.5: Warning (pci_device_reg): /pci@14000000/pci2_root@0,0,0: PCI unit address format error, expected "0,0" Section mismatches summary: 1 WARNING: modpost: vmlinux.o(___ksymtab_gpl+ixp4xx_irq_init+0x0): Section mismatch in reference from the variable __ksymtab_ixp4xx_irq_init to the function .init.text:ixp4xx_irq_init() ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: arch/mips/boot/dts/img/boston.dts:128.19-178.5: Warning (pci_device_reg): /pci@14000000/pci2_root@0,0,0: PCI unit address format error, expected "0,0" -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- am200epdkit_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- aspeed_g4_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- aspeed_g5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- assabet_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- at91_dt_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- axm55xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- badge4_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- bcm2835_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- cerfcube_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- cm_x300_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- colibri_pxa270_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- colibri_pxa300_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- collie_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- corgi_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- davinci_all_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+arm64-chromebook+kselftest (arm64, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- dove_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ep93xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- eseries_pxa_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- exynos_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ezx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- footbridge_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- gemini_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- h3600_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- h5000_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- hackkit_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- hisi_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imote2_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v4_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- integrator_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- iop32x_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ixp4xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: modpost: vmlinux.o(___ksymtab_gpl+ixp4xx_irq_init+0x0): Section mismatch in reference from the variable __ksymtab_ixp4xx_irq_init to the function .init.text:ixp4xx_irq_init() -------------------------------------------------------------------------------- jornada720_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- keystone_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lart_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lpc18xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lpc32xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lpd270_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lubbock_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- magician_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mainstone_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- milbeaut_m10v_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mini2440_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mmp2_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- moxart_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mps2_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v4t_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig+kselftest (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mvebu_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mvebu_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mxs_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- neponset_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- netwinder_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nhk8815_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_sdcard_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap1_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- orion5x_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- oxnas_v6_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- palmz72_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pcm027_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pleb_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pxa168_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pxa255-idp_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pxa3xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pxa910_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pxa_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- qcom_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- realview_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rpc_defconfig (arm, gcc-10) — FAIL, 4 errors, 0 warnings, 0 section mismatches Errors: arm-linux-gnueabihf-gcc: error: unrecognized -march target: armv3m arm-linux-gnueabihf-gcc: error: missing argument to ‘-march=’ arm-linux-gnueabihf-gcc: error: unrecognized -march target: armv3m arm-linux-gnueabihf-gcc: error: missing argument to ‘-march=’ -------------------------------------------------------------------------------- rv32_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- s3c2410_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- s3c6400_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- s5pv210_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- sama5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- sama7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- shannon_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- shmobile_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- simpad_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- socfpga_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- spear13xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- spear3xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- spear6xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- spitz_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- stm32_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- sunxi_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tct_hammer_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tegra_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- trizeps4_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- u8500_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- versatile_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vf610m4_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- viper_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vt8500_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: arch/x86/kernel/smp.o: warning: objtool: sysvec_reboot()+0x45: unreachable instruction -------------------------------------------------------------------------------- x86_64_defconfig+kselftest (x86_64, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: arch/x86/kernel/smp.o: warning: objtool: sysvec_reboot()+0x4d: unreachable instruction -------------------------------------------------------------------------------- x86_64_defconfig+x86-board (x86_64, gcc-10) — FAIL, 0 errors, 1 warning, 0 section mismatches Warnings: arch/x86/kernel/smp.o: warning: objtool: sysvec_reboot()+0x45: unreachable instruction -------------------------------------------------------------------------------- x86_64_defconfig+x86-board+kselftest (x86_64, gcc-10) — FAIL, 0 errors, 1 warning, 0 section mismatches Warnings: arch/x86/kernel/smp.o: warning: objtool: sysvec_reboot()+0x4d: unreachable instruction -------------------------------------------------------------------------------- xcep_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- zeus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

1 year, 7 months

1
0
0 0

[PATCH 2/6] mm: Convert __do_fault() to use a folio

by Matthew Wilcox (Oracle)

Convert vmf->page to a folio as soon as we're going to use it. This fixes a bug if the fault handler returns a tail page with hardware poison; tail pages have an invalid page->index, so we would fail to unmap the page from the page tables. We actually have to unmap the entire folio (or mapping_evict_folio() will fail), so use unmap_mapping_folio() instead. This also saves various calls to compound_head() hidden in lock_page(), put_page(), etc. Signed-off-by: Matthew Wilcox (Oracle) <willy(a)infradead.org> Fixes: 793917d997df ("mm/readahead: Add large folio readahead") Cc: stable(a)vger.kernel.org --- mm/memory.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/mm/memory.c b/mm/memory.c index 1f18ed4a5497..c2ee303ba6b3 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -4239,6 +4239,7 @@ static vm_fault_t do_anonymous_page(struct vm_fault *vmf) static vm_fault_t __do_fault(struct vm_fault *vmf) { struct vm_area_struct *vma = vmf->vma; + struct folio *folio; vm_fault_t ret; /* @@ -4267,27 +4268,26 @@ static vm_fault_t __do_fault(struct vm_fault *vmf) VM_FAULT_DONE_COW))) return ret; + folio = page_folio(vmf->page); if (unlikely(PageHWPoison(vmf->page))) { - struct page *page = vmf->page; vm_fault_t poisonret = VM_FAULT_HWPOISON; if (ret & VM_FAULT_LOCKED) { - if (page_mapped(page)) - unmap_mapping_pages(page_mapping(page), - page->index, 1, false); - /* Retry if a clean page was removed from the cache. */ - if (invalidate_inode_page(page)) + if (page_mapped(vmf->page)) + unmap_mapping_folio(folio); + /* Retry if a clean folio was removed from the cache. */ + if (mapping_evict_folio(folio->mapping, folio)) poisonret = VM_FAULT_NOPAGE; - unlock_page(page); + folio_unlock(folio); } - put_page(page); + folio_put(folio); vmf->page = NULL; return poisonret; } if (unlikely(!(ret & VM_FAULT_LOCKED))) - lock_page(vmf->page); + folio_lock(folio); else - VM_BUG_ON_PAGE(!PageLocked(vmf->page), vmf->page); + VM_BUG_ON_PAGE(!folio_test_locked(folio), vmf->page); return ret; } -- 2.42.0

1 year, 7 months

3
2
0 0

+ mm-fix-for-negative-counter-nr_file_hugepages-v3.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm-fix-for-negative-counter-nr_file_hugepages-v3 has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-fix-for-negative-counter-nr_file_hugepages-v3.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Stefan Roesch <shr(a)devkernel.io> Subject: mm-fix-for-negative-counter-nr_file_hugepages-v3 Date: Wed, 8 Nov 2023 09:15:17 -0800 test for folio_test_pmd_mappable() Link: https://lkml.kernel.org/r/20231108171517.2436103-1-shr@devkernel.io Signed-off-by: Stefan Roesch <shr(a)devkernel.io> Co-debugged-by: Johannes Weiner <hannes(a)cmpxchg.org> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Matthew Wilcox <willy(a)infradead.org> Cc: Rik van Riel <riel(a)surriel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/huge_memory.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) --- a/mm/huge_memory.c~mm-fix-for-negative-counter-nr_file_hugepages-v3 +++ a/mm/huge_memory.c @@ -2769,13 +2769,15 @@ int split_huge_page_to_list(struct page int nr = folio_nr_pages(folio); xas_split(&xas, folio, folio_order(folio)); - if (folio_test_swapbacked(folio)) { - __lruvec_stat_mod_folio(folio, NR_SHMEM_THPS, - -nr); - } else if (folio_test_pmd_mappable(folio)) { - __lruvec_stat_mod_folio(folio, NR_FILE_THPS, - -nr); - filemap_nr_thps_dec(mapping); + if (folio_test_pmd_mappable(folio)) { + if (folio_test_swapbacked(folio)) { + __lruvec_stat_mod_folio(folio, + NR_SHMEM_THPS, -nr); + } else { + __lruvec_stat_mod_folio(folio, + NR_FILE_THPS, -nr); + filemap_nr_thps_dec(mapping); + } } } _ Patches currently in -mm which might be from shr(a)devkernel.io are mm-fix-for-negative-counter-nr_file_hugepages.patch mm-fix-for-negative-counter-nr_file_hugepages-v3.patch

1 year, 7 months

1
0
0 0

[PATCH v5] acpi/processor: sanitize _OSC/_PDC capabilities for Xen dom0

by Jason Andryuk

From: Roger Pau Monne <roger.pau(a)citrix.com> The Processor capability bits notify ACPI of the OS capabilities, and so ACPI can adjust the return of other Processor methods taking the OS capabilities into account. When Linux is running as a Xen dom0, the hypervisor is the entity in charge of processor power management, and hence Xen needs to make sure the capabilities reported by _OSC/_PDC match the capabilities of the driver in Xen. Introduce a small helper to sanitize the buffer when running as Xen dom0. When Xen supports HWP, this serves as the equivalent of commit a21211672c9a ("ACPI / processor: Request native thermal interrupt handling via _OSC") to avoid SMM crashes. Xen will set bit ACPI_PROC_CAP_COLLAB_PROC_PERF (bit 12) in the capability bits and the _OSC/_PDC call will apply it. [ jandryuk: Mention Xen HWP's need. Support _OSC & _PDC ] Signed-off-by: Roger Pau Monné <roger.pau(a)citrix.com> Cc: stable(a)vger.kernel.org Signed-off-by: Jason Andryuk <jandryuk(a)gmail.com> Reviewed-by: Michal Wilczynski <michal.wilczynski(a)intel.com> Reviewed-by: Juergen Gross <jgross(a)suse.com> --- v5: Only update caps on hypercall success - Roger Add Juergen & Michal Reviewed-by: - hopefully okay with above change v4: Use xen_santize_proc_cap_bits() name - Michal Rephrase comment - Michal v3: Move xen_sanitize_pdc() call to arch_acpi_set_proc_cap_bits() to cover _OSC and _PDC. drivers/xen/pcpu.c is CONFIG_DOM0 && CONFIG_X86 v2: Move local variables in acpi_processor_eval_pdc() to reuse in both conditions. --- arch/x86/include/asm/acpi.h | 14 ++++++++++++++ arch/x86/include/asm/xen/hypervisor.h | 9 +++++++++ drivers/xen/pcpu.c | 22 ++++++++++++++++++++++ 3 files changed, 45 insertions(+) diff --git a/arch/x86/include/asm/acpi.h b/arch/x86/include/asm/acpi.h index c8a7fc23f63c..f896eed4516c 100644 --- a/arch/x86/include/asm/acpi.h +++ b/arch/x86/include/asm/acpi.h @@ -16,6 +16,9 @@ #include <asm/x86_init.h> #include <asm/cpufeature.h> #include <asm/irq_vectors.h> +#include <asm/xen/hypervisor.h> + +#include <xen/xen.h> #ifdef CONFIG_ACPI_APEI # include <asm/pgtable_types.h> @@ -127,6 +130,17 @@ static inline void arch_acpi_set_proc_cap_bits(u32 *cap) if (!cpu_has(c, X86_FEATURE_MWAIT) || boot_option_idle_override == IDLE_NOMWAIT) *cap &= ~(ACPI_PROC_CAP_C_C1_FFH | ACPI_PROC_CAP_C_C2C3_FFH); + + if (xen_initial_domain()) { + /* + * When Linux is running as Xen dom0, the hypervisor is the + * entity in charge of the processor power management, and so + * Xen needs to check the OS capabilities reported in the + * processor capabilities buffer matches what the hypervisor + * driver supports. + */ + xen_sanitize_proc_cap_bits(cap); + } } static inline bool acpi_has_cpu_in_madt(void) diff --git a/arch/x86/include/asm/xen/hypervisor.h b/arch/x86/include/asm/xen/hypervisor.h index 7048dfacc04b..a9088250770f 100644 --- a/arch/x86/include/asm/xen/hypervisor.h +++ b/arch/x86/include/asm/xen/hypervisor.h @@ -100,4 +100,13 @@ static inline void leave_lazy(enum xen_lazy_mode mode) enum xen_lazy_mode xen_get_lazy_mode(void); +#if defined(CONFIG_XEN_DOM0) && defined(CONFIG_ACPI) +void xen_sanitize_proc_cap_bits(uint32_t *buf); +#else +static inline void xen_sanitize_proc_cap_bits(uint32_t *buf) +{ + BUG(); +} +#endif + #endif /* _ASM_X86_XEN_HYPERVISOR_H */ diff --git a/drivers/xen/pcpu.c b/drivers/xen/pcpu.c index b3e3d1bb37f3..508655273145 100644 --- a/drivers/xen/pcpu.c +++ b/drivers/xen/pcpu.c @@ -47,6 +47,9 @@ #include <asm/xen/hypervisor.h> #include <asm/xen/hypercall.h> +#ifdef CONFIG_ACPI +#include <acpi/processor.h> +#endif /* * @cpu_id: Xen physical cpu logic number @@ -400,4 +403,23 @@ bool __init xen_processor_present(uint32_t acpi_id) return online; } + +void xen_sanitize_proc_cap_bits(uint32_t *cap) +{ + struct xen_platform_op op = { + .cmd = XENPF_set_processor_pminfo, + .u.set_pminfo.id = -1, + .u.set_pminfo.type = XEN_PM_PDC, + }; + u32 buf[3] = { ACPI_PDC_REVISION_ID, 1, *cap }; + int ret; + + set_xen_guest_handle(op.u.set_pminfo.pdc, buf); + ret = HYPERVISOR_platform_op(&op); + if (ret) + pr_err("sanitize of _PDC buffer bits from Xen failed: %d\n", + ret); + else + *cap = buf[2]; +} #endif -- 2.41.0

1 year, 7 months

1
0
0 0

+ mm-remove-invalidate_inode_page.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm: remove invalidate_inode_page() has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-remove-invalidate_inode_page.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: "Matthew Wilcox (Oracle)" <willy(a)infradead.org> Subject: mm: remove invalidate_inode_page() Date: Wed, 8 Nov 2023 18:28:09 +0000 All callers are now converted to call mapping_evict_folio(). Link: https://lkml.kernel.org/r/20231108182809.602073-7-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: <stable(a)vger.kernel.org> Cc: Naoya Horiguchi <naoya.horiguchi(a)nec.com> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/internal.h | 1 - mm/truncate.c | 11 ++--------- 2 files changed, 2 insertions(+), 10 deletions(-) --- a/mm/internal.h~mm-remove-invalidate_inode_page +++ a/mm/internal.h @@ -139,7 +139,6 @@ int truncate_inode_folio(struct address_ bool truncate_inode_partial_folio(struct folio *folio, loff_t start, loff_t end); long mapping_evict_folio(struct address_space *mapping, struct folio *folio); -long invalidate_inode_page(struct page *page); unsigned long mapping_try_invalidate(struct address_space *mapping, pgoff_t start, pgoff_t end, unsigned long *nr_failed); --- a/mm/truncate.c~mm-remove-invalidate_inode_page +++ a/mm/truncate.c @@ -294,13 +294,6 @@ long mapping_evict_folio(struct address_ return remove_mapping(mapping, folio); } -long invalidate_inode_page(struct page *page) -{ - struct folio *folio = page_folio(page); - - return mapping_evict_folio(folio_mapping(folio), folio); -} - /** * truncate_inode_pages_range - truncate range of pages specified by start & end byte offsets * @mapping: mapping to truncate @@ -559,9 +552,9 @@ unsigned long invalidate_mapping_pages(s EXPORT_SYMBOL(invalidate_mapping_pages); /* - * This is like invalidate_inode_page(), except it ignores the page's + * This is like mapping_evict_folio(), except it ignores the folio's * refcount. We do this because invalidate_inode_pages2() needs stronger - * invalidation guarantees, and cannot afford to leave pages behind because + * invalidation guarantees, and cannot afford to leave folios behind because * shrink_page_list() has a temp ref on them, or because they're transiently * sitting in the folio_add_lru() caches. */ _ Patches currently in -mm which might be from willy(a)infradead.org are mm-make-mapping_evict_folio-the-preferred-way-to-evict-clean-folios.patch mm-convert-__do_fault-to-use-a-folio.patch mm-use-mapping_evict_folio-in-truncate_error_page.patch mm-convert-soft_offline_in_use_page-to-use-a-folio.patch mm-convert-isolate_page-to-mf_isolate_folio.patch mm-remove-invalidate_inode_page.patch

1 year, 7 months

1
0
0 0

+ mm-convert-isolate_page-to-mf_isolate_folio.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm: convert isolate_page() to mf_isolate_folio() has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-convert-isolate_page-to-mf_isolate_folio.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: "Matthew Wilcox (Oracle)" <willy(a)infradead.org> Subject: mm: convert isolate_page() to mf_isolate_folio() Date: Wed, 8 Nov 2023 18:28:08 +0000 The only caller now has a folio, so pass it in and operate on it. Saves many page->folio conversions and introduces only one folio->page conversion when calling isolate_movable_page(). Link: https://lkml.kernel.org/r/20231108182809.602073-6-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: <stable(a)vger.kernel.org> Cc: Naoya Horiguchi <naoya.horiguchi(a)nec.com> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/memory-failure.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) --- a/mm/memory-failure.c~mm-convert-isolate_page-to-mf_isolate_folio +++ a/mm/memory-failure.c @@ -2602,37 +2602,37 @@ unlock_mutex: } EXPORT_SYMBOL(unpoison_memory); -static bool isolate_page(struct page *page, struct list_head *pagelist) +static bool mf_isolate_folio(struct folio *folio, struct list_head *pagelist) { bool isolated = false; - if (PageHuge(page)) { - isolated = isolate_hugetlb(page_folio(page), pagelist); + if (folio_test_hugetlb(folio)) { + isolated = isolate_hugetlb(folio, pagelist); } else { - bool lru = !__PageMovable(page); + bool lru = !__folio_test_movable(folio); if (lru) - isolated = isolate_lru_page(page); + isolated = folio_isolate_lru(folio); else - isolated = isolate_movable_page(page, + isolated = isolate_movable_page(&folio->page, ISOLATE_UNEVICTABLE); if (isolated) { - list_add(&page->lru, pagelist); + list_add(&folio->lru, pagelist); if (lru) - inc_node_page_state(page, NR_ISOLATED_ANON + - page_is_file_lru(page)); + node_stat_add_folio(folio, NR_ISOLATED_ANON + + folio_is_file_lru(folio)); } } /* - * If we succeed to isolate the page, we grabbed another refcount on - * the page, so we can safely drop the one we got from get_any_page(). - * If we failed to isolate the page, it means that we cannot go further + * If we succeed to isolate the folio, we grabbed another refcount on + * the folio, so we can safely drop the one we got from get_any_page(). + * If we failed to isolate the folio, it means that we cannot go further * and we will return an error, so drop the reference we got from * get_any_page() as well. */ - put_page(page); + folio_put(folio); return isolated; } @@ -2686,7 +2686,7 @@ static int soft_offline_in_use_page(stru return 0; } - if (isolate_page(&folio->page, &pagelist)) { + if (mf_isolate_folio(folio, &pagelist)) { ret = migrate_pages(&pagelist, alloc_migration_target, NULL, (unsigned long)&mtc, MIGRATE_SYNC, MR_MEMORY_FAILURE, NULL); if (!ret) { _ Patches currently in -mm which might be from willy(a)infradead.org are mm-make-mapping_evict_folio-the-preferred-way-to-evict-clean-folios.patch mm-convert-__do_fault-to-use-a-folio.patch mm-use-mapping_evict_folio-in-truncate_error_page.patch mm-convert-soft_offline_in_use_page-to-use-a-folio.patch mm-convert-isolate_page-to-mf_isolate_folio.patch mm-remove-invalidate_inode_page.patch

1 year, 7 months

1
0
0 0

+ mm-convert-soft_offline_in_use_page-to-use-a-folio.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm: convert soft_offline_in_use_page() to use a folio has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-convert-soft_offline_in_use_page-to-use-a-folio.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: "Matthew Wilcox (Oracle)" <willy(a)infradead.org> Subject: mm: convert soft_offline_in_use_page() to use a folio Date: Wed, 8 Nov 2023 18:28:07 +0000 Replace the existing head-page logic with folio logic. Link: https://lkml.kernel.org/r/20231108182809.602073-5-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: <stable(a)vger.kernel.org> Cc: Naoya Horiguchi <naoya.horiguchi(a)nec.com> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/memory-failure.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) --- a/mm/memory-failure.c~mm-convert-soft_offline_in_use_page-to-use-a-folio +++ a/mm/memory-failure.c @@ -2645,40 +2645,40 @@ static int soft_offline_in_use_page(stru { long ret = 0; unsigned long pfn = page_to_pfn(page); - struct page *hpage = compound_head(page); + struct folio *folio = page_folio(page); char const *msg_page[] = {"page", "hugepage"}; - bool huge = PageHuge(page); + bool huge = folio_test_hugetlb(folio); LIST_HEAD(pagelist); struct migration_target_control mtc = { .nid = NUMA_NO_NODE, .gfp_mask = GFP_USER | __GFP_MOVABLE | __GFP_RETRY_MAYFAIL, }; - if (!huge && PageTransHuge(hpage)) { + if (!huge && folio_test_large(folio)) { if (try_to_split_thp_page(page)) { pr_info("soft offline: %#lx: thp split failed\n", pfn); return -EBUSY; } - hpage = page; + folio = page_folio(page); } - lock_page(page); + folio_lock(folio); if (!huge) - wait_on_page_writeback(page); + folio_wait_writeback(folio); if (PageHWPoison(page)) { - unlock_page(page); - put_page(page); + folio_unlock(folio); + folio_put(folio); pr_info("soft offline: %#lx page already poisoned\n", pfn); return 0; } - if (!huge && PageLRU(page) && !PageSwapCache(page)) + if (!huge && folio_test_lru(folio) && !folio_test_swapcache(folio)) /* * Try to invalidate first. This should work for * non dirty unmapped page cache pages. */ - ret = invalidate_inode_page(page); - unlock_page(page); + ret = mapping_evict_folio(folio_mapping(folio), folio); + folio_unlock(folio); if (ret) { pr_info("soft_offline: %#lx: invalidated\n", pfn); @@ -2686,7 +2686,7 @@ static int soft_offline_in_use_page(stru return 0; } - if (isolate_page(hpage, &pagelist)) { + if (isolate_page(&folio->page, &pagelist)) { ret = migrate_pages(&pagelist, alloc_migration_target, NULL, (unsigned long)&mtc, MIGRATE_SYNC, MR_MEMORY_FAILURE, NULL); if (!ret) { _ Patches currently in -mm which might be from willy(a)infradead.org are mm-make-mapping_evict_folio-the-preferred-way-to-evict-clean-folios.patch mm-convert-__do_fault-to-use-a-folio.patch mm-use-mapping_evict_folio-in-truncate_error_page.patch mm-convert-soft_offline_in_use_page-to-use-a-folio.patch mm-convert-isolate_page-to-mf_isolate_folio.patch mm-remove-invalidate_inode_page.patch

1 year, 7 months

1
0
0 0

+ mm-use-mapping_evict_folio-in-truncate_error_page.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm: use mapping_evict_folio() in truncate_error_page() has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-use-mapping_evict_folio-in-truncate_error_page.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: "Matthew Wilcox (Oracle)" <willy(a)infradead.org> Subject: mm: use mapping_evict_folio() in truncate_error_page() Date: Wed, 8 Nov 2023 18:28:06 +0000 We already have the folio and the mapping, so replace the call to invalidate_inode_page() with mapping_evict_folio(). Link: https://lkml.kernel.org/r/20231108182809.602073-4-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: <stable(a)vger.kernel.org> Cc: Naoya Horiguchi <naoya.horiguchi(a)nec.com> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/memory-failure.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/mm/memory-failure.c~mm-use-mapping_evict_folio-in-truncate_error_page +++ a/mm/memory-failure.c @@ -930,10 +930,10 @@ static int delete_from_lru_cache(struct static int truncate_error_page(struct page *p, unsigned long pfn, struct address_space *mapping) { + struct folio *folio = page_folio(p); int ret = MF_FAILED; if (mapping->a_ops->error_remove_page) { - struct folio *folio = page_folio(p); int err = mapping->a_ops->error_remove_page(mapping, p); if (err != 0) @@ -947,7 +947,7 @@ static int truncate_error_page(struct pa * If the file system doesn't support it just invalidate * This fails on dirty or anything with private pages */ - if (invalidate_inode_page(p)) + if (mapping_evict_folio(mapping, folio)) ret = MF_RECOVERED; else pr_info("%#lx: Failed to invalidate\n", pfn); _ Patches currently in -mm which might be from willy(a)infradead.org are mm-make-mapping_evict_folio-the-preferred-way-to-evict-clean-folios.patch mm-convert-__do_fault-to-use-a-folio.patch mm-use-mapping_evict_folio-in-truncate_error_page.patch mm-convert-soft_offline_in_use_page-to-use-a-folio.patch mm-convert-isolate_page-to-mf_isolate_folio.patch mm-remove-invalidate_inode_page.patch

1 year, 7 months

1
0
0 0

+ mm-convert-__do_fault-to-use-a-folio.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm: convert __do_fault() to use a folio has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-convert-__do_fault-to-use-a-folio.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: "Matthew Wilcox (Oracle)" <willy(a)infradead.org> Subject: mm: convert __do_fault() to use a folio Date: Wed, 8 Nov 2023 18:28:05 +0000 Convert vmf->page to a folio as soon as we're going to use it. This fixes a bug if the fault handler returns a tail page with hardware poison; tail pages have an invalid page->index, so we would fail to unmap the page from the page tables. We actually have to unmap the entire folio (or mapping_evict_folio() will fail), so use unmap_mapping_folio() instead. This also saves various calls to compound_head() hidden in lock_page(), put_page(), etc. Link: https://lkml.kernel.org/r/20231108182809.602073-3-willy@infradead.org Fixes: 793917d997df ("mm/readahead: Add large folio readahead") Signed-off-by: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: <stable(a)vger.kernel.org> Cc: Naoya Horiguchi <naoya.horiguchi(a)nec.com> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/memory.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) --- a/mm/memory.c~mm-convert-__do_fault-to-use-a-folio +++ a/mm/memory.c @@ -4239,6 +4239,7 @@ oom: static vm_fault_t __do_fault(struct vm_fault *vmf) { struct vm_area_struct *vma = vmf->vma; + struct folio *folio; vm_fault_t ret; /* @@ -4267,27 +4268,26 @@ static vm_fault_t __do_fault(struct vm_f VM_FAULT_DONE_COW))) return ret; + folio = page_folio(vmf->page); if (unlikely(PageHWPoison(vmf->page))) { - struct page *page = vmf->page; vm_fault_t poisonret = VM_FAULT_HWPOISON; if (ret & VM_FAULT_LOCKED) { - if (page_mapped(page)) - unmap_mapping_pages(page_mapping(page), - page->index, 1, false); - /* Retry if a clean page was removed from the cache. */ - if (invalidate_inode_page(page)) + if (page_mapped(vmf->page)) + unmap_mapping_folio(folio); + /* Retry if a clean folio was removed from the cache. */ + if (mapping_evict_folio(folio->mapping, folio)) poisonret = VM_FAULT_NOPAGE; - unlock_page(page); + folio_unlock(folio); } - put_page(page); + folio_put(folio); vmf->page = NULL; return poisonret; } if (unlikely(!(ret & VM_FAULT_LOCKED))) - lock_page(vmf->page); + folio_lock(folio); else - VM_BUG_ON_PAGE(!PageLocked(vmf->page), vmf->page); + VM_BUG_ON_PAGE(!folio_test_locked(folio), vmf->page); return ret; } _ Patches currently in -mm which might be from willy(a)infradead.org are mm-make-mapping_evict_folio-the-preferred-way-to-evict-clean-folios.patch mm-convert-__do_fault-to-use-a-folio.patch mm-use-mapping_evict_folio-in-truncate_error_page.patch mm-convert-soft_offline_in_use_page-to-use-a-folio.patch mm-convert-isolate_page-to-mf_isolate_folio.patch mm-remove-invalidate_inode_page.patch

1 year, 7 months

1
0
0 0

+ mm-make-mapping_evict_folio-the-preferred-way-to-evict-clean-folios.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm: make mapping_evict_folio() the preferred way to evict clean folios has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-make-mapping_evict_folio-the-preferred-way-to-evict-clean-folios.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: "Matthew Wilcox (Oracle)" <willy(a)infradead.org> Subject: mm: make mapping_evict_folio() the preferred way to evict clean folios Date: Wed, 8 Nov 2023 18:28:04 +0000 Patch series "Fix fault handler's handling of poisoned tail pages". Since introducing the ability to have large folios in the page cache, it's been possible to have a hwpoisoned tail page returned from the fault handler. We handle this situation poorly; failing to remove the affected page from use. This isn't a minimal patch to fix it, it's a full conversion of all the code surrounding it. This patch (of 6): invalidate_inode_page() does very little beyond calling mapping_evict_folio(). Move the check for mapping being NULL into mapping_evict_folio() and make it available to the rest of the MM for use in the next few patches. Link: https://lkml.kernel.org/r/20231108182809.602073-1-willy@infradead.org Link: https://lkml.kernel.org/r/20231108182809.602073-2-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Naoya Horiguchi <naoya.horiguchi(a)nec.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/internal.h | 1 + mm/truncate.c | 33 ++++++++++++++++----------------- 2 files changed, 17 insertions(+), 17 deletions(-) --- a/mm/internal.h~mm-make-mapping_evict_folio-the-preferred-way-to-evict-clean-folios +++ a/mm/internal.h @@ -138,6 +138,7 @@ void filemap_free_folio(struct address_s int truncate_inode_folio(struct address_space *mapping, struct folio *folio); bool truncate_inode_partial_folio(struct folio *folio, loff_t start, loff_t end); +long mapping_evict_folio(struct address_space *mapping, struct folio *folio); long invalidate_inode_page(struct page *page); unsigned long mapping_try_invalidate(struct address_space *mapping, pgoff_t start, pgoff_t end, unsigned long *nr_failed); --- a/mm/truncate.c~mm-make-mapping_evict_folio-the-preferred-way-to-evict-clean-folios +++ a/mm/truncate.c @@ -266,9 +266,22 @@ int generic_error_remove_page(struct add } EXPORT_SYMBOL(generic_error_remove_page); -static long mapping_evict_folio(struct address_space *mapping, - struct folio *folio) +/** + * mapping_evict_folio() - Remove an unused folio from the page-cache. + * @mapping: The mapping this folio belongs to. + * @folio: The folio to remove. + * + * Safely remove one folio from the page cache. + * It only drops clean, unused folios. + * + * Context: Folio must be locked. + * Return: The number of pages successfully removed. + */ +long mapping_evict_folio(struct address_space *mapping, struct folio *folio) { + /* The page may have been truncated before it was locked */ + if (!mapping) + return 0; if (folio_test_dirty(folio) || folio_test_writeback(folio)) return 0; /* The refcount will be elevated if any page in the folio is mapped */ @@ -281,25 +294,11 @@ static long mapping_evict_folio(struct a return remove_mapping(mapping, folio); } -/** - * invalidate_inode_page() - Remove an unused page from the pagecache. - * @page: The page to remove. - * - * Safely invalidate one page from its pagecache mapping. - * It only drops clean, unused pages. - * - * Context: Page must be locked. - * Return: The number of pages successfully removed. - */ long invalidate_inode_page(struct page *page) { struct folio *folio = page_folio(page); - struct address_space *mapping = folio_mapping(folio); - /* The page may have been truncated before it was locked */ - if (!mapping) - return 0; - return mapping_evict_folio(mapping, folio); + return mapping_evict_folio(folio_mapping(folio), folio); } /** _ Patches currently in -mm which might be from willy(a)infradead.org are mm-make-mapping_evict_folio-the-preferred-way-to-evict-clean-folios.patch mm-convert-__do_fault-to-use-a-folio.patch mm-use-mapping_evict_folio-in-truncate_error_page.patch mm-convert-soft_offline_in_use_page-to-use-a-folio.patch mm-convert-isolate_page-to-mf_isolate_folio.patch mm-remove-invalidate_inode_page.patch

1 year, 7 months

1
0
0 0

[PATCH net v2 2/2] r8169: fix network lost after resume on DASH systems

by ChunHao Lin

Device that support DASH may be reseted or powered off during suspend. So driver needs to handle DASH during system suspend and resume. Or DASH firmware will influence device behavior and causes network lost. Signed-off-by: ChunHao Lin <hau(a)realtek.com> Reviewed-by: Heiner Kallweit <hkallweit1(a)gmail.com> Cc: stable(a)vger.kernel.org --- drivers/net/ethernet/realtek/r8169_main.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index 108dc75050ba..5027cd595fe6 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -4661,10 +4661,16 @@ static void rtl8169_down(struct rtl8169_private *tp) rtl8169_cleanup(tp); rtl_disable_exit_l1(tp); rtl_prepare_power_down(tp); + + if (tp->dash_type != RTL_DASH_NONE) + rtl8168_driver_stop(tp); } static void rtl8169_up(struct rtl8169_private *tp) { + if (tp->dash_type != RTL_DASH_NONE) + rtl8168_driver_start(tp); + pci_set_master(tp->pci_dev); phy_init_hw(tp->phydev); phy_resume(tp->phydev); -- 2.39.2

1 year, 7 months

1
0
0 0

[PATCH net v2 2/2] r8169: fix network lost after resume on DASH systems

by ChunHao Lin

Device that support DASH may be reseted or powered off during suspend. So driver needs to handle DASH during system suspend and resume. Or DASH firmware will influence device behavior and causes network lost. Signed-off-by: ChunHao Lin <hau(a)realtek.com> Reviewed-by: Heiner Kallweit <hkallweit1(a)gmail.com> Cc: stable(a)vger.kernel.org --- drivers/net/ethernet/realtek/r8169_main.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index 108dc75050ba..5027cd595fe6 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -4661,10 +4661,16 @@ static void rtl8169_down(struct rtl8169_private *tp) rtl8169_cleanup(tp); rtl_disable_exit_l1(tp); rtl_prepare_power_down(tp); + + if (tp->dash_type != RTL_DASH_NONE) + rtl8168_driver_stop(tp); } static void rtl8169_up(struct rtl8169_private *tp) { + if (tp->dash_type != RTL_DASH_NONE) + rtl8168_driver_start(tp); + pci_set_master(tp->pci_dev); phy_init_hw(tp->phydev); phy_resume(tp->phydev); -- 2.39.2

1 year, 7 months

1
0
0 0

[PATCH net v2 1/2] r8169: add handling DASH when DASH is disabled

by ChunHao Lin

For devices that support DASH, even DASH is disabled, there may still exist a default firmware that will influence device behavior. So driver needs to handle DASH for devices that support DASH, no matter the DASH status is. This patch also prepare for "fix DASH deviceis network lost issue". Signed-off-by: ChunHao Lin <hau(a)realtek.com> Reviewed-by: Heiner Kallweit <hkallweit1(a)gmail.com> Cc: stable(a)vger.kernel.org --- drivers/net/ethernet/realtek/r8169_main.c | 35 ++++++++++++++++------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index 0c76c162b8a9..108dc75050ba 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -624,6 +624,7 @@ struct rtl8169_private { unsigned supports_gmii:1; unsigned aspm_manageable:1; + unsigned dash_enabled:1; dma_addr_t counters_phys_addr; struct rtl8169_counters *counters; struct rtl8169_tc_offsets tc_offset; @@ -1253,14 +1254,26 @@ static bool r8168ep_check_dash(struct rtl8169_private *tp) return r8168ep_ocp_read(tp, 0x128) & BIT(0); } -static enum rtl_dash_type rtl_check_dash(struct rtl8169_private *tp) +static bool rtl_dash_is_enabled(struct rtl8169_private *tp) +{ + switch (tp->dash_type) { + case RTL_DASH_DP: + return r8168dp_check_dash(tp); + case RTL_DASH_EP: + return r8168ep_check_dash(tp); + default: + return false; + } +} + +static enum rtl_dash_type rtl_get_dash_type(struct rtl8169_private *tp) { switch (tp->mac_version) { case RTL_GIGA_MAC_VER_28: case RTL_GIGA_MAC_VER_31: - return r8168dp_check_dash(tp) ? RTL_DASH_DP : RTL_DASH_NONE; + return RTL_DASH_DP; case RTL_GIGA_MAC_VER_51 ... RTL_GIGA_MAC_VER_53: - return r8168ep_check_dash(tp) ? RTL_DASH_EP : RTL_DASH_NONE; + return RTL_DASH_EP; default: return RTL_DASH_NONE; } @@ -1453,7 +1466,7 @@ static void __rtl8169_set_wol(struct rtl8169_private *tp, u32 wolopts) device_set_wakeup_enable(tp_to_dev(tp), wolopts); - if (tp->dash_type == RTL_DASH_NONE) { + if (!tp->dash_enabled) { rtl_set_d3_pll_down(tp, !wolopts); tp->dev->wol_enabled = wolopts ? 1 : 0; } @@ -2512,7 +2525,7 @@ static void rtl_wol_enable_rx(struct rtl8169_private *tp) static void rtl_prepare_power_down(struct rtl8169_private *tp) { - if (tp->dash_type != RTL_DASH_NONE) + if (tp->dash_enabled) return; if (tp->mac_version == RTL_GIGA_MAC_VER_32 || @@ -4869,7 +4882,7 @@ static int rtl8169_runtime_idle(struct device *device) { struct rtl8169_private *tp = dev_get_drvdata(device); - if (tp->dash_type != RTL_DASH_NONE) + if (tp->dash_enabled) return -EBUSY; if (!netif_running(tp->dev) || !netif_carrier_ok(tp->dev)) @@ -4896,7 +4909,7 @@ static void rtl_shutdown(struct pci_dev *pdev) rtl_rar_set(tp, tp->dev->perm_addr); if (system_state == SYSTEM_POWER_OFF && - tp->dash_type == RTL_DASH_NONE) { + !tp->dash_enabled) { pci_wake_from_d3(pdev, tp->saved_wolopts); pci_set_power_state(pdev, PCI_D3hot); } @@ -5254,7 +5267,8 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) rc = pci_disable_link_state(pdev, PCIE_LINK_STATE_L1); tp->aspm_manageable = !rc; - tp->dash_type = rtl_check_dash(tp); + tp->dash_type = rtl_get_dash_type(tp); + tp->dash_enabled = rtl_dash_is_enabled(tp); tp->cp_cmd = RTL_R16(tp, CPlusCmd) & CPCMD_MASK; @@ -5325,7 +5339,7 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) /* configure chip for default features */ rtl8169_set_features(dev, dev->features); - if (tp->dash_type == RTL_DASH_NONE) { + if (!tp->dash_enabled) { rtl_set_d3_pll_down(tp, true); } else { rtl_set_d3_pll_down(tp, false); @@ -5365,7 +5379,8 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) "ok" : "ko"); if (tp->dash_type != RTL_DASH_NONE) { - netdev_info(dev, "DASH enabled\n"); + netdev_info(dev, "DASH %s\n", + tp->dash_enabled ? "enabled" : "disabled"); rtl8168_driver_start(tp); } -- 2.39.2

1 year, 7 months

1
0
0 0

[PATCH 16/20] drm/amd/display: Fix encoder disable logic

by Alex Hung

From: Nicholas Susanto <nicholas.susanto(a)amd.com> [WHY] DENTIST hangs when OTG is off and encoder is on. We were not disabling the encoder properly when switching from extended mode to external monitor only. [HOW] Disable the encoder using an existing enable/disable fifo helper instead of enc35_stream_encoder_enable. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> Acked-by: Alex Hung <alex.hung(a)amd.com> Signed-off-by: Nicholas Susanto <nicholas.susanto(a)amd.com> --- .../amd/display/dc/dcn35/dcn35_dio_stream_encoder.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/drivers/gpu/drm/amd/display/dc/dcn35/dcn35_dio_stream_encoder.c b/drivers/gpu/drm/amd/display/dc/dcn35/dcn35_dio_stream_encoder.c index 001f9eb66920..62a8f0b56006 100644 --- a/drivers/gpu/drm/amd/display/dc/dcn35/dcn35_dio_stream_encoder.c +++ b/drivers/gpu/drm/amd/display/dc/dcn35/dcn35_dio_stream_encoder.c @@ -261,12 +261,6 @@ static void enc35_stream_encoder_enable( /* invalid mode ! */ ASSERT_CRITICAL(false); } - - REG_UPDATE(DIG_FE_CLK_CNTL, DIG_FE_CLK_EN, 1); - REG_UPDATE(DIG_FE_EN_CNTL, DIG_FE_ENABLE, 1); - } else { - REG_UPDATE(DIG_FE_EN_CNTL, DIG_FE_ENABLE, 0); - REG_UPDATE(DIG_FE_CLK_CNTL, DIG_FE_CLK_EN, 0); } } @@ -436,6 +430,8 @@ static void enc35_disable_fifo(struct stream_encoder *enc) struct dcn10_stream_encoder *enc1 = DCN10STRENC_FROM_STRENC(enc); REG_UPDATE(DIG_FIFO_CTRL0, DIG_FIFO_ENABLE, 0); + REG_UPDATE(DIG_FE_EN_CNTL, DIG_FE_ENABLE, 0); + REG_UPDATE(DIG_FE_CLK_CNTL, DIG_FE_CLK_EN, 0); } static void enc35_enable_fifo(struct stream_encoder *enc) @@ -443,6 +439,8 @@ static void enc35_enable_fifo(struct stream_encoder *enc) struct dcn10_stream_encoder *enc1 = DCN10STRENC_FROM_STRENC(enc); REG_UPDATE(DIG_FIFO_CTRL0, DIG_FIFO_READ_START_LEVEL, 0x7); + REG_UPDATE(DIG_FE_CLK_CNTL, DIG_FE_CLK_EN, 1); + REG_UPDATE(DIG_FE_EN_CNTL, DIG_FE_ENABLE, 1); enc35_reset_fifo(enc, true); enc35_reset_fifo(enc, false); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH 14/20] drm/amd/display: Change the DMCUB mailbox memory location from FB to inbox

by Alex Hung

From: Lewis Huang <lewis.huang(a)amd.com> [WHY] Flush command sent to DMCUB spends more time for execution on a dGPU than on an APU. This causes cursor lag when using high refresh rate mouses. [HOW] 1. Change the DMCUB mailbox memory location from FB to inbox. 2. Only change windows memory to inbox. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> Acked-by: Alex Hung <alex.hung(a)amd.com> Signed-off-by: Lewis Huang <lewis.huang(a)amd.com> --- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 13 ++++---- drivers/gpu/drm/amd/display/dmub/dmub_srv.h | 22 ++++++++----- .../gpu/drm/amd/display/dmub/src/dmub_srv.c | 32 ++++++++++++++----- 3 files changed, 45 insertions(+), 22 deletions(-) diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c index 8ebdbfbbb691..6199440a9da8 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c @@ -2078,7 +2078,7 @@ static int dm_dmub_sw_init(struct amdgpu_device *adev) struct dmub_srv_create_params create_params; struct dmub_srv_region_params region_params; struct dmub_srv_region_info region_info; - struct dmub_srv_fb_params fb_params; + struct dmub_srv_memory_params memory_params; struct dmub_srv_fb_info *fb_info; struct dmub_srv *dmub_srv; const struct dmcub_firmware_header_v1_0 *hdr; @@ -2181,6 +2181,7 @@ static int dm_dmub_sw_init(struct amdgpu_device *adev) adev->dm.dmub_fw->data + le32_to_cpu(hdr->header.ucode_array_offset_bytes) + PSP_HEADER_BYTES; + region_params.is_mailbox_in_inbox = false; status = dmub_srv_calc_region_info(dmub_srv, &region_params, &region_info); @@ -2204,10 +2205,10 @@ static int dm_dmub_sw_init(struct amdgpu_device *adev) return r; /* Rebase the regions on the framebuffer address. */ - memset(&fb_params, 0, sizeof(fb_params)); - fb_params.cpu_addr = adev->dm.dmub_bo_cpu_addr; - fb_params.gpu_addr = adev->dm.dmub_bo_gpu_addr; - fb_params.region_info = &region_info; + memset(&memory_params, 0, sizeof(memory_params)); + memory_params.cpu_fb_addr = adev->dm.dmub_bo_cpu_addr; + memory_params.gpu_fb_addr = adev->dm.dmub_bo_gpu_addr; + memory_params.region_info = &region_info; adev->dm.dmub_fb_info = kzalloc(sizeof(*adev->dm.dmub_fb_info), GFP_KERNEL); @@ -2219,7 +2220,7 @@ static int dm_dmub_sw_init(struct amdgpu_device *adev) return -ENOMEM; } - status = dmub_srv_calc_fb_info(dmub_srv, &fb_params, fb_info); + status = dmub_srv_calc_mem_info(dmub_srv, &memory_params, fb_info); if (status != DMUB_STATUS_OK) { DRM_ERROR("Error calculating DMUB FB info: %d\n", status); return -EINVAL; diff --git a/drivers/gpu/drm/amd/display/dmub/dmub_srv.h b/drivers/gpu/drm/amd/display/dmub/dmub_srv.h index 9665ada0f894..df63aa8f01e9 100644 --- a/drivers/gpu/drm/amd/display/dmub/dmub_srv.h +++ b/drivers/gpu/drm/amd/display/dmub/dmub_srv.h @@ -195,6 +195,7 @@ struct dmub_srv_region_params { uint32_t vbios_size; const uint8_t *fw_inst_const; const uint8_t *fw_bss_data; + bool is_mailbox_in_inbox; }; /** @@ -214,20 +215,25 @@ struct dmub_srv_region_params { */ struct dmub_srv_region_info { uint32_t fb_size; + uint32_t inbox_size; uint8_t num_regions; struct dmub_region regions[DMUB_WINDOW_TOTAL]; }; /** - * struct dmub_srv_fb_params - parameters used for driver fb setup + * struct dmub_srv_memory_params - parameters used for driver fb setup * @region_info: region info calculated by dmub service - * @cpu_addr: base cpu address for the framebuffer - * @gpu_addr: base gpu virtual address for the framebuffer + * @cpu_fb_addr: base cpu address for the framebuffer + * @cpu_inbox_addr: base cpu address for the gart + * @gpu_fb_addr: base gpu virtual address for the framebuffer + * @gpu_inbox_addr: base gpu virtual address for the gart */ -struct dmub_srv_fb_params { +struct dmub_srv_memory_params { const struct dmub_srv_region_info *region_info; - void *cpu_addr; - uint64_t gpu_addr; + void *cpu_fb_addr; + void *cpu_inbox_addr; + uint64_t gpu_fb_addr; + uint64_t gpu_inbox_addr; }; /** @@ -563,8 +569,8 @@ dmub_srv_calc_region_info(struct dmub_srv *dmub, * DMUB_STATUS_OK - success * DMUB_STATUS_INVALID - unspecified error */ -enum dmub_status dmub_srv_calc_fb_info(struct dmub_srv *dmub, - const struct dmub_srv_fb_params *params, +enum dmub_status dmub_srv_calc_mem_info(struct dmub_srv *dmub, + const struct dmub_srv_memory_params *params, struct dmub_srv_fb_info *out); /** diff --git a/drivers/gpu/drm/amd/display/dmub/src/dmub_srv.c b/drivers/gpu/drm/amd/display/dmub/src/dmub_srv.c index 5d36f3e5dc2b..22fc4ba96def 100644 --- a/drivers/gpu/drm/amd/display/dmub/src/dmub_srv.c +++ b/drivers/gpu/drm/amd/display/dmub/src/dmub_srv.c @@ -434,7 +434,7 @@ dmub_srv_calc_region_info(struct dmub_srv *dmub, uint32_t fw_state_size = DMUB_FW_STATE_SIZE; uint32_t trace_buffer_size = DMUB_TRACE_BUFFER_SIZE; uint32_t scratch_mem_size = DMUB_SCRATCH_MEM_SIZE; - + uint32_t previous_top = 0; if (!dmub->sw_init) return DMUB_STATUS_INVALID; @@ -459,8 +459,15 @@ dmub_srv_calc_region_info(struct dmub_srv *dmub, bios->base = dmub_align(stack->top, 256); bios->top = bios->base + params->vbios_size; - mail->base = dmub_align(bios->top, 256); - mail->top = mail->base + DMUB_MAILBOX_SIZE; + if (params->is_mailbox_in_inbox) { + mail->base = 0; + mail->top = mail->base + DMUB_MAILBOX_SIZE; + previous_top = bios->top; + } else { + mail->base = dmub_align(bios->top, 256); + mail->top = mail->base + DMUB_MAILBOX_SIZE; + previous_top = mail->top; + } fw_info = dmub_get_fw_meta_info(params); @@ -479,7 +486,7 @@ dmub_srv_calc_region_info(struct dmub_srv *dmub, dmub->fw_version = fw_info->fw_version; } - trace_buff->base = dmub_align(mail->top, 256); + trace_buff->base = dmub_align(previous_top, 256); trace_buff->top = trace_buff->base + dmub_align(trace_buffer_size, 64); fw_state->base = dmub_align(trace_buff->top, 256); @@ -490,11 +497,14 @@ dmub_srv_calc_region_info(struct dmub_srv *dmub, out->fb_size = dmub_align(scratch_mem->top, 4096); + if (params->is_mailbox_in_inbox) + out->inbox_size = dmub_align(mail->top, 4096); + return DMUB_STATUS_OK; } -enum dmub_status dmub_srv_calc_fb_info(struct dmub_srv *dmub, - const struct dmub_srv_fb_params *params, +enum dmub_status dmub_srv_calc_mem_info(struct dmub_srv *dmub, + const struct dmub_srv_memory_params *params, struct dmub_srv_fb_info *out) { uint8_t *cpu_base; @@ -509,8 +519,8 @@ enum dmub_status dmub_srv_calc_fb_info(struct dmub_srv *dmub, if (params->region_info->num_regions != DMUB_NUM_WINDOWS) return DMUB_STATUS_INVALID; - cpu_base = (uint8_t *)params->cpu_addr; - gpu_base = params->gpu_addr; + cpu_base = (uint8_t *)params->cpu_fb_addr; + gpu_base = params->gpu_fb_addr; for (i = 0; i < DMUB_NUM_WINDOWS; ++i) { const struct dmub_region *reg = @@ -518,6 +528,12 @@ enum dmub_status dmub_srv_calc_fb_info(struct dmub_srv *dmub, out->fb[i].cpu_addr = cpu_base + reg->base; out->fb[i].gpu_addr = gpu_base + reg->base; + + if (i == DMUB_WINDOW_4_MAILBOX && params->cpu_inbox_addr != 0) { + out->fb[i].cpu_addr = (uint8_t *)params->cpu_inbox_addr + reg->base; + out->fb[i].gpu_addr = params->gpu_inbox_addr + reg->base; + } + out->fb[i].size = reg->top - reg->base; } -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH 12/20] drm/amd/display: Negate IPS allow and commit bits

by Alex Hung

From: Duncan Ma <duncan.ma(a)amd.com> [WHY] On s0i3, IPS mask isn't saved and restored. It is reset to zero on exit. If it is cleared unexpectedly, driver will proceed operations while DCN is in IPS2 and cause a hang. [HOW] Negate the bit logic. Default value of zero indicates it is still in IPS2. Driver must poll for the bit to assert. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Charlene Liu <charlene.liu(a)amd.com> Acked-by: Alex Hung <alex.hung(a)amd.com> Signed-off-by: Duncan Ma <duncan.ma(a)amd.com> --- .../display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c | 18 +++++++++--------- drivers/gpu/drm/amd/display/dc/core/dc.c | 4 ++-- drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c | 10 +++++----- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c b/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c index 0fa4fcd00de2..507a7cf56711 100644 --- a/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c +++ b/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c @@ -820,22 +820,22 @@ static void dcn35_set_idle_state(struct clk_mgr *clk_mgr_base, bool allow_idle) if (dc->config.disable_ips == DMUB_IPS_ENABLE || dc->config.disable_ips == DMUB_IPS_DISABLE_DYNAMIC) { - val |= DMUB_IPS1_ALLOW_MASK; - val |= DMUB_IPS2_ALLOW_MASK; - } else if (dc->config.disable_ips == DMUB_IPS_DISABLE_IPS1) { val = val & ~DMUB_IPS1_ALLOW_MASK; val = val & ~DMUB_IPS2_ALLOW_MASK; - } else if (dc->config.disable_ips == DMUB_IPS_DISABLE_IPS2) { - val |= DMUB_IPS1_ALLOW_MASK; - val = val & ~DMUB_IPS2_ALLOW_MASK; - } else if (dc->config.disable_ips == DMUB_IPS_DISABLE_IPS2_Z10) { + } else if (dc->config.disable_ips == DMUB_IPS_DISABLE_IPS1) { val |= DMUB_IPS1_ALLOW_MASK; val |= DMUB_IPS2_ALLOW_MASK; + } else if (dc->config.disable_ips == DMUB_IPS_DISABLE_IPS2) { + val = val & ~DMUB_IPS1_ALLOW_MASK; + val |= DMUB_IPS2_ALLOW_MASK; + } else if (dc->config.disable_ips == DMUB_IPS_DISABLE_IPS2_Z10) { + val = val & ~DMUB_IPS1_ALLOW_MASK; + val = val & ~DMUB_IPS2_ALLOW_MASK; } if (!allow_idle) { - val = val & ~DMUB_IPS1_ALLOW_MASK; - val = val & ~DMUB_IPS2_ALLOW_MASK; + val |= DMUB_IPS1_ALLOW_MASK; + val |= DMUB_IPS2_ALLOW_MASK; } dcn35_smu_write_ips_scratch(clk_mgr, val); diff --git a/drivers/gpu/drm/amd/display/dc/core/dc.c b/drivers/gpu/drm/amd/display/dc/core/dc.c index d8f434738212..76b47f178127 100644 --- a/drivers/gpu/drm/amd/display/dc/core/dc.c +++ b/drivers/gpu/drm/amd/display/dc/core/dc.c @@ -4934,8 +4934,8 @@ bool dc_dmub_is_ips_idle_state(struct dc *dc) if (dc->hwss.get_idle_state) idle_state = dc->hwss.get_idle_state(dc); - if ((idle_state & DMUB_IPS1_ALLOW_MASK) || - (idle_state & DMUB_IPS2_ALLOW_MASK)) + if (!(idle_state & DMUB_IPS1_ALLOW_MASK) || + !(idle_state & DMUB_IPS2_ALLOW_MASK)) return true; return false; diff --git a/drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c b/drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c index e4c007203318..0e07699c1e83 100644 --- a/drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c +++ b/drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c @@ -1202,11 +1202,11 @@ void dc_dmub_srv_exit_low_power_state(const struct dc *dc) allow_state = dc->hwss.get_idle_state(dc); dc->hwss.set_idle_state(dc, false); - if (allow_state & DMUB_IPS2_ALLOW_MASK) { + if (!(allow_state & DMUB_IPS2_ALLOW_MASK)) { // Wait for evaluation time udelay(dc->debug.ips2_eval_delay_us); commit_state = dc->hwss.get_idle_state(dc); - if (commit_state & DMUB_IPS2_COMMIT_MASK) { + if (!(commit_state & DMUB_IPS2_COMMIT_MASK)) { // Tell PMFW to exit low power state dc->clk_mgr->funcs->exit_low_power_state(dc->clk_mgr); @@ -1216,7 +1216,7 @@ void dc_dmub_srv_exit_low_power_state(const struct dc *dc) for (i = 0; i < max_num_polls; ++i) { commit_state = dc->hwss.get_idle_state(dc); - if (!(commit_state & DMUB_IPS2_COMMIT_MASK)) + if (commit_state & DMUB_IPS2_COMMIT_MASK) break; udelay(1); @@ -1235,10 +1235,10 @@ void dc_dmub_srv_exit_low_power_state(const struct dc *dc) } dc_dmub_srv_notify_idle(dc, false); - if (allow_state & DMUB_IPS1_ALLOW_MASK) { + if (!(allow_state & DMUB_IPS1_ALLOW_MASK)) { for (i = 0; i < max_num_polls; ++i) { commit_state = dc->hwss.get_idle_state(dc); - if (!(commit_state & DMUB_IPS1_COMMIT_MASK)) + if (commit_state & DMUB_IPS1_COMMIT_MASK) break; udelay(1); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH net v2 2/2] r8169: fix network lost after resume on DASH systems

by ChunHao Lin

Device that support DASH may be reseted or powered off during suspend. So driver needs to handle DASH during system suspend and resume. Or DASH firmware will influence device behavior and causes network lost. Signed-off-by: ChunHao Lin <hau(a)realtek.com> Reviewed-by: Heiner Kallweit <hkallweit1(a)gmail.com> Cc: stable(a)vger.kernel.org --- drivers/net/ethernet/realtek/r8169_main.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index 108dc75050ba..5027cd595fe6 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -4661,10 +4661,16 @@ static void rtl8169_down(struct rtl8169_private *tp) rtl8169_cleanup(tp); rtl_disable_exit_l1(tp); rtl_prepare_power_down(tp); + + if (tp->dash_type != RTL_DASH_NONE) + rtl8168_driver_stop(tp); } static void rtl8169_up(struct rtl8169_private *tp) { + if (tp->dash_type != RTL_DASH_NONE) + rtl8168_driver_start(tp); + pci_set_master(tp->pci_dev); phy_init_hw(tp->phydev); phy_resume(tp->phydev); -- 2.39.2

1 year, 7 months

1
0
0 0

[PATCH net v2 1/2] r8169: add handling DASH when DASH is disabled

by ChunHao Lin

For devices that support DASH, even DASH is disabled, there may still exist a default firmware that will influence device behavior. So driver needs to handle DASH for devices that support DASH, no matter the DASH status is. This patch also prepare for "fix DASH deviceis network lost issue". Signed-off-by: ChunHao Lin <hau(a)realtek.com> Reviewed-by: Heiner Kallweit <hkallweit1(a)gmail.com> Cc: stable(a)vger.kernel.org --- drivers/net/ethernet/realtek/r8169_main.c | 35 ++++++++++++++++------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index 0c76c162b8a9..108dc75050ba 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -624,6 +624,7 @@ struct rtl8169_private { unsigned supports_gmii:1; unsigned aspm_manageable:1; + unsigned dash_enabled:1; dma_addr_t counters_phys_addr; struct rtl8169_counters *counters; struct rtl8169_tc_offsets tc_offset; @@ -1253,14 +1254,26 @@ static bool r8168ep_check_dash(struct rtl8169_private *tp) return r8168ep_ocp_read(tp, 0x128) & BIT(0); } -static enum rtl_dash_type rtl_check_dash(struct rtl8169_private *tp) +static bool rtl_dash_is_enabled(struct rtl8169_private *tp) +{ + switch (tp->dash_type) { + case RTL_DASH_DP: + return r8168dp_check_dash(tp); + case RTL_DASH_EP: + return r8168ep_check_dash(tp); + default: + return false; + } +} + +static enum rtl_dash_type rtl_get_dash_type(struct rtl8169_private *tp) { switch (tp->mac_version) { case RTL_GIGA_MAC_VER_28: case RTL_GIGA_MAC_VER_31: - return r8168dp_check_dash(tp) ? RTL_DASH_DP : RTL_DASH_NONE; + return RTL_DASH_DP; case RTL_GIGA_MAC_VER_51 ... RTL_GIGA_MAC_VER_53: - return r8168ep_check_dash(tp) ? RTL_DASH_EP : RTL_DASH_NONE; + return RTL_DASH_EP; default: return RTL_DASH_NONE; } @@ -1453,7 +1466,7 @@ static void __rtl8169_set_wol(struct rtl8169_private *tp, u32 wolopts) device_set_wakeup_enable(tp_to_dev(tp), wolopts); - if (tp->dash_type == RTL_DASH_NONE) { + if (!tp->dash_enabled) { rtl_set_d3_pll_down(tp, !wolopts); tp->dev->wol_enabled = wolopts ? 1 : 0; } @@ -2512,7 +2525,7 @@ static void rtl_wol_enable_rx(struct rtl8169_private *tp) static void rtl_prepare_power_down(struct rtl8169_private *tp) { - if (tp->dash_type != RTL_DASH_NONE) + if (tp->dash_enabled) return; if (tp->mac_version == RTL_GIGA_MAC_VER_32 || @@ -4869,7 +4882,7 @@ static int rtl8169_runtime_idle(struct device *device) { struct rtl8169_private *tp = dev_get_drvdata(device); - if (tp->dash_type != RTL_DASH_NONE) + if (tp->dash_enabled) return -EBUSY; if (!netif_running(tp->dev) || !netif_carrier_ok(tp->dev)) @@ -4896,7 +4909,7 @@ static void rtl_shutdown(struct pci_dev *pdev) rtl_rar_set(tp, tp->dev->perm_addr); if (system_state == SYSTEM_POWER_OFF && - tp->dash_type == RTL_DASH_NONE) { + !tp->dash_enabled) { pci_wake_from_d3(pdev, tp->saved_wolopts); pci_set_power_state(pdev, PCI_D3hot); } @@ -5254,7 +5267,8 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) rc = pci_disable_link_state(pdev, PCIE_LINK_STATE_L1); tp->aspm_manageable = !rc; - tp->dash_type = rtl_check_dash(tp); + tp->dash_type = rtl_get_dash_type(tp); + tp->dash_enabled = rtl_dash_is_enabled(tp); tp->cp_cmd = RTL_R16(tp, CPlusCmd) & CPCMD_MASK; @@ -5325,7 +5339,7 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) /* configure chip for default features */ rtl8169_set_features(dev, dev->features); - if (tp->dash_type == RTL_DASH_NONE) { + if (!tp->dash_enabled) { rtl_set_d3_pll_down(tp, true); } else { rtl_set_d3_pll_down(tp, false); @@ -5365,7 +5379,8 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) "ok" : "ko"); if (tp->dash_type != RTL_DASH_NONE) { - netdev_info(dev, "DASH enabled\n"); + netdev_info(dev, "DASH %s\n", + tp->dash_enabled ? "enabled" : "disabled"); rtl8168_driver_start(tp); } -- 2.39.2

1 year, 7 months

1
0
0 0

[PATCH 08/20] drm/amd/display: Clear dpcd_sink_ext_caps if not set

by Alex Hung

From: Paul Hsieh <paul.hsieh(a)amd.com> [WHY] Some eDP panels' ext caps don't set initial values and the value of dpcd_addr (0x317) is random. It means that sometimes the eDP can be OLED, miniLED and etc, and cause incorrect backlight control interface. [HOW] Add remove_sink_ext_caps to remove sink ext caps (HDR, OLED and etc) Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Anthony Koo <anthony.koo(a)amd.com> Acked-by: Alex Hung <alex.hung(a)amd.com> Signed-off-by: Paul Hsieh <paul.hsieh(a)amd.com> --- drivers/gpu/drm/amd/display/dc/dc_types.h | 1 + drivers/gpu/drm/amd/display/dc/link/link_detection.c | 3 +++ 2 files changed, 4 insertions(+) diff --git a/drivers/gpu/drm/amd/display/dc/dc_types.h b/drivers/gpu/drm/amd/display/dc/dc_types.h index cea666ea66c6..fcb825e4f1bb 100644 --- a/drivers/gpu/drm/amd/display/dc/dc_types.h +++ b/drivers/gpu/drm/amd/display/dc/dc_types.h @@ -177,6 +177,7 @@ struct dc_panel_patch { unsigned int disable_fams; unsigned int skip_avmute; unsigned int mst_start_top_delay; + unsigned int remove_sink_ext_caps; }; struct dc_edid_caps { diff --git a/drivers/gpu/drm/amd/display/dc/link/link_detection.c b/drivers/gpu/drm/amd/display/dc/link/link_detection.c index d6f0f857c05a..f2fe523f914f 100644 --- a/drivers/gpu/drm/amd/display/dc/link/link_detection.c +++ b/drivers/gpu/drm/amd/display/dc/link/link_detection.c @@ -1088,6 +1088,9 @@ static bool detect_link_and_local_sink(struct dc_link *link, if (sink->edid_caps.panel_patch.skip_scdc_overwrite) link->ctx->dc->debug.hdmi20_disable = true; + if (sink->edid_caps.panel_patch.remove_sink_ext_caps) + link->dpcd_sink_ext_caps.raw = 0; + if (dc_is_hdmi_signal(link->connector_signal)) read_scdc_caps(link->ddc, link->local_sink); -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH 07/20] drm/amd/display: Enable fast plane updates on DCN3.2 and above

by Alex Hung

From: Tianci Yin <tianci.yin(a)amd.com> [WHY] When cursor moves across screen boarder, lag cursor observed, since subvp settings need to sync up with vblank that causes cursor updates being delayed. [HOW] Enable fast plane updates on DCN3.2 to fix it. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Aurabindo Pillai <aurabindo.pillai(a)amd.com> Acked-by: Alex Hung <alex.hung(a)amd.com> Signed-off-by: Tianci Yin <tianci.yin(a)amd.com> --- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c index adbeb2c897b5..8ebdbfbbb691 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c @@ -9585,14 +9585,14 @@ static bool should_reset_plane(struct drm_atomic_state *state, struct drm_plane *other; struct drm_plane_state *old_other_state, *new_other_state; struct drm_crtc_state *new_crtc_state; + struct amdgpu_device *adev = drm_to_adev(plane->dev); int i; /* - * TODO: Remove this hack once the checks below are sufficient - * enough to determine when we need to reset all the planes on - * the stream. + * TODO: Remove this hack for all asics once it proves that the + * fast updates works fine on DCN3.2+. */ - if (state->allow_modeset) + if (adev->ip_versions[DCE_HWIP][0] < IP_VERSION(3, 2, 0) && state->allow_modeset) return true; /* Exit early if we know that we're adding or removing the plane. */ -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH 06/20] drm/amd/display: Add null checks for 8K60 lightup

by Alex Hung

From: Muhammad Ahmed <ahmed.ahmed(a)amd.com> [WHY & HOW] Add some null checks to fix an issue where 8k60 tiled display fails to light up. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Charlene Liu <charlene.liu(a)amd.com> Acked-by: Alex Hung <alex.hung(a)amd.com> Signed-off-by: Muhammad Ahmed <ahmed.ahmed(a)amd.com> --- drivers/gpu/drm/amd/display/dc/core/dc.c | 2 +- drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/amd/display/dc/core/dc.c b/drivers/gpu/drm/amd/display/dc/core/dc.c index 7b9bf5cb4529..d8f434738212 100644 --- a/drivers/gpu/drm/amd/display/dc/core/dc.c +++ b/drivers/gpu/drm/amd/display/dc/core/dc.c @@ -3178,7 +3178,7 @@ static bool update_planes_and_stream_state(struct dc *dc, struct pipe_ctx *otg_master = resource_get_otg_master_for_stream(&context->res_ctx, context->streams[i]); - if (otg_master->stream->test_pattern.type != DP_TEST_PATTERN_VIDEO_MODE) + if (otg_master && otg_master->stream->test_pattern.type != DP_TEST_PATTERN_VIDEO_MODE) resource_build_test_pattern_params(&context->res_ctx, otg_master); } } diff --git a/drivers/gpu/drm/amd/display/dc/core/dc_resource.c b/drivers/gpu/drm/amd/display/dc/core/dc_resource.c index 06fc4c5a3b69..6159d819c5c5 100644 --- a/drivers/gpu/drm/amd/display/dc/core/dc_resource.c +++ b/drivers/gpu/drm/amd/display/dc/core/dc_resource.c @@ -5190,6 +5190,9 @@ bool dc_resource_acquire_secondary_pipe_for_mpc_odm_legacy( sec_next = sec_pipe->next_odm_pipe; sec_prev = sec_pipe->prev_odm_pipe; + if (pri_pipe == NULL) + return false; + *sec_pipe = *pri_pipe; sec_pipe->top_pipe = sec_top; -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH 04/20] drm/amd/display: Fix DSC not Enabled on Direct MST Sink

by Alex Hung

From: Fangzhi Zuo <jerry.zuo(a)amd.com> [WHY & HOW] For the scenario when a dsc capable MST sink device is directly connected, it needs to use max dsc compression as the link bw constraint. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Roman Li <roman.li(a)amd.com> Acked-by: Alex Hung <alex.hung(a)amd.com> Signed-off-by: Fangzhi Zuo <jerry.zuo(a)amd.com> --- .../display/amdgpu_dm/amdgpu_dm_mst_types.c | 29 +++++++++---------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c index d3b13d362eda..11da0eebee6c 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c @@ -1604,31 +1604,31 @@ enum dc_status dm_dp_mst_is_port_support_mode( unsigned int upper_link_bw_in_kbps = 0, down_link_bw_in_kbps = 0; unsigned int max_compressed_bw_in_kbps = 0; struct dc_dsc_bw_range bw_range = {0}; - struct drm_dp_mst_topology_mgr *mst_mgr; + uint16_t full_pbn = aconnector->mst_output_port->full_pbn; /* - * check if the mode could be supported if DSC pass-through is supported - * AND check if there enough bandwidth available to support the mode - * with DSC enabled. + * Consider the case with the depth of the mst topology tree is equal or less than 2 + * A. When dsc bitstream can be transmitted along the entire path + * 1. dsc is possible between source and branch/leaf device (common dsc params is possible), AND + * 2. dsc passthrough supported at MST branch, or + * 3. dsc decoding supported at leaf MST device + * Use maximum dsc compression as bw constraint + * B. When dsc bitstream cannot be transmitted along the entire path + * Use native bw as bw constraint */ if (is_dsc_common_config_possible(stream, &bw_range) && - aconnector->mst_output_port->passthrough_aux) { - mst_mgr = aconnector->mst_output_port->mgr; - mutex_lock(&mst_mgr->lock); - + (aconnector->mst_output_port->passthrough_aux || + aconnector->dsc_aux == &aconnector->mst_output_port->aux)) { cur_link_settings = stream->link->verified_link_cap; upper_link_bw_in_kbps = dc_link_bandwidth_kbps(aconnector->dc_link, - &cur_link_settings - ); - down_link_bw_in_kbps = kbps_from_pbn(aconnector->mst_output_port->full_pbn); + &cur_link_settings); + down_link_bw_in_kbps = kbps_from_pbn(full_pbn); /* pick the bottleneck */ end_to_end_bw_in_kbps = min(upper_link_bw_in_kbps, down_link_bw_in_kbps); - mutex_unlock(&mst_mgr->lock); - /* * use the maximum dsc compression bandwidth as the required * bandwidth for the mode @@ -1643,8 +1643,7 @@ enum dc_status dm_dp_mst_is_port_support_mode( /* check if mode could be supported within full_pbn */ bpp = convert_dc_color_depth_into_bpc(stream->timing.display_color_depth) * 3; pbn = drm_dp_calc_pbn_mode(stream->timing.pix_clk_100hz / 10, bpp, false); - - if (pbn > aconnector->mst_output_port->full_pbn) + if (pbn > full_pbn) return DC_FAIL_BANDWIDTH_VALIDATE; } -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH 03/20] drm/amd/display: Guard against invalid RPTR/WPTR being set

by Alex Hung

From: Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> [WHY] HW can return invalid values on register read, guard against these being set and causing us to access memory out of range and page fault. [HOW] Guard at sync_inbox1 and guard at pushing commands. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Hansen Dsouza <hansen.dsouza(a)amd.com> Acked-by: Alex Hung <alex.hung(a)amd.com> Signed-off-by: Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> --- .../gpu/drm/amd/display/dmub/src/dmub_srv.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/amd/display/dmub/src/dmub_srv.c b/drivers/gpu/drm/amd/display/dmub/src/dmub_srv.c index e43e8d4bfe37..5d36f3e5dc2b 100644 --- a/drivers/gpu/drm/amd/display/dmub/src/dmub_srv.c +++ b/drivers/gpu/drm/amd/display/dmub/src/dmub_srv.c @@ -707,9 +707,16 @@ enum dmub_status dmub_srv_sync_inbox1(struct dmub_srv *dmub) return DMUB_STATUS_INVALID; if (dmub->hw_funcs.get_inbox1_rptr && dmub->hw_funcs.get_inbox1_wptr) { - dmub->inbox1_rb.rptr = dmub->hw_funcs.get_inbox1_rptr(dmub); - dmub->inbox1_rb.wrpt = dmub->hw_funcs.get_inbox1_wptr(dmub); - dmub->inbox1_last_wptr = dmub->inbox1_rb.wrpt; + uint32_t rptr = dmub->hw_funcs.get_inbox1_rptr(dmub); + uint32_t wptr = dmub->hw_funcs.get_inbox1_wptr(dmub); + + if (rptr > dmub->inbox1_rb.capacity || wptr > dmub->inbox1_rb.capacity) { + return DMUB_STATUS_HW_FAILURE; + } else { + dmub->inbox1_rb.rptr = rptr; + dmub->inbox1_rb.wrpt = wptr; + dmub->inbox1_last_wptr = dmub->inbox1_rb.wrpt; + } } return DMUB_STATUS_OK; @@ -743,6 +750,11 @@ enum dmub_status dmub_srv_cmd_queue(struct dmub_srv *dmub, if (!dmub->hw_init) return DMUB_STATUS_INVALID; + if (dmub->inbox1_rb.rptr > dmub->inbox1_rb.capacity || + dmub->inbox1_rb.wrpt > dmub->inbox1_rb.capacity) { + return DMUB_STATUS_HW_FAILURE; + } + if (dmub_rb_push_front(&dmub->inbox1_rb, cmd)) return DMUB_STATUS_OK; -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH 01/20] drm/amd/display: Fix a debugfs null pointer error

by Alex Hung

From: Aurabindo Pillai <aurabindo.pillai(a)amd.com> [WHY & HOW] Check whether get_subvp_en() callback exists before calling it. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Alex Hung <alex.hung(a)amd.com> Acked-by: Alex Hung <alex.hung(a)amd.com> Signed-off-by: Aurabindo Pillai <aurabindo.pillai(a)amd.com> --- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c index 13a177d34376..45c972f2630d 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c @@ -3647,12 +3647,16 @@ static int capabilities_show(struct seq_file *m, void *unused) bool mall_supported = dc->caps.mall_size_total; bool subvp_supported = dc->caps.subvp_fw_processing_delay_us; unsigned int mall_in_use = false; - unsigned int subvp_in_use = dc->cap_funcs.get_subvp_en(dc, dc->current_state); + unsigned int subvp_in_use = false; + struct hubbub *hubbub = dc->res_pool->hubbub; if (hubbub->funcs->get_mall_en) hubbub->funcs->get_mall_en(hubbub, &mall_in_use); + if (dc->cap_funcs.get_subvp_en) + subvp_in_use = dc->cap_funcs.get_subvp_en(dc, dc->current_state); + seq_printf(m, "mall supported: %s, enabled: %s\n", mall_supported ? "yes" : "no", mall_in_use ? "yes" : "no"); seq_printf(m, "sub-viewport supported: %s, enabled: %s\n", -- 2.42.0

1 year, 7 months

1
0
0 0

[PATCH v1] usb: typec: tcpm: Skip hard reset when in error recovery

by Badhri Jagan Sridharan

Hard reset queued prior to error recovery (or) received during error recovery will make TCPM to prematurely exit error recovery sequence. Ignore hard resets received during error recovery (or) port reset sequence. ``` [46505.459688] state change SNK_READY -> ERROR_RECOVERY [rev3 NONE_AMS] [46505.459706] state change ERROR_RECOVERY -> PORT_RESET [rev3 NONE_AMS] [46505.460433] disable vbus discharge ret:0 [46505.461226] Setting usb_comm capable false [46505.467244] Setting voltage/current limit 0 mV 0 mA [46505.467262] polarity 0 [46505.470695] Requesting mux state 0, usb-role 0, orientation 0 [46505.475621] cc:=0 [46505.476012] pending state change PORT_RESET -> PORT_RESET_WAIT_OFF @ 100 ms [rev3 NONE_AMS] [46505.476020] Received hard reset [46505.476024] state change PORT_RESET -> HARD_RESET_START [rev3 HARD_RESET] ``` Cc: stable(a)vger.kernel.org Fixes: f0690a25a140 ("staging: typec: USB Type-C Port Manager (tcpm)") Signed-off-by: Badhri Jagan Sridharan <badhri(a)google.com> --- drivers/usb/typec/tcpm/tcpm.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/drivers/usb/typec/tcpm/tcpm.c b/drivers/usb/typec/tcpm/tcpm.c index 058d5b853b57..b386102f7a3a 100644 --- a/drivers/usb/typec/tcpm/tcpm.c +++ b/drivers/usb/typec/tcpm/tcpm.c @@ -5391,6 +5391,15 @@ static void _tcpm_pd_hard_reset(struct tcpm_port *port) if (port->bist_request == BDO_MODE_TESTDATA && port->tcpc->set_bist_data) port->tcpc->set_bist_data(port->tcpc, false); + switch (port->state) { + case ERROR_RECOVERY: + case PORT_RESET: + case PORT_RESET_WAIT_OFF: + return; + default: + break; + } + if (port->ams != NONE_AMS) port->ams = NONE_AMS; if (port->hard_reset_count < PD_N_HARD_RESET_COUNT) base-commit: c70793fb7632a153862ee9060e6d48131469a29c -- 2.42.0.820.g83a721a137-goog

1 year, 7 months

3
2
0 0

[tip: x86/urgent] x86/shstk: Delay signal entry SSP write until after user accesses

by tip-bot2 for Rick Edgecombe

The following commit has been merged into the x86/urgent branch of tip: Commit-ID: 31255e072b2e91f97645d792d25b2db744186dd1 Gitweb: https://git.kernel.org/tip/31255e072b2e91f97645d792d25b2db744186dd1 Author: Rick Edgecombe <rick.p.edgecombe(a)intel.com> AuthorDate: Tue, 07 Nov 2023 10:22:51 -08:00 Committer: Dave Hansen <dave.hansen(a)linux.intel.com> CommitterDate: Wed, 08 Nov 2023 08:55:37 -08:00 x86/shstk: Delay signal entry SSP write until after user accesses When a signal is being delivered, the kernel needs to make accesses to userspace. These accesses could encounter an access error, in which case the signal delivery itself will trigger a segfault. Usually this would result in the kernel killing the process. But in the case of a SEGV signal handler being configured, the failure of the first signal delivery will result in *another* signal getting delivered. The second signal may succeed if another thread has resolved the issue that triggered the segfault (i.e. a well timed mprotect()/mmap()), or the second signal is being delivered to another stack (i.e. an alt stack). On x86, in the non-shadow stack case, all the accesses to userspace are done before changes to the registers (in pt_regs). The operation is aborted when an access error occurs, so although there may be writes done for the first signal, control flow changes for the signal (regs->ip, regs->sp, etc) are not committed until all the accesses have already completed successfully. This means that the second signal will be delivered as if it happened at the time of the first signal. It will effectively replace the first aborted signal, overwriting the half-written frame of the aborted signal. So on sigreturn from the second signal, control flow will resume happily from the point of control flow where the original signal was delivered. The problem is, when shadow stack is active, the shadow stack SSP register/MSR is updated *before* some of the userspace accesses. This means if the earlier accesses succeed and the later ones fail, the second signal will not be delivered at the same spot on the shadow stack as the first one. So on sigreturn from the second signal, the SSP will be pointing to the wrong location on the shadow stack (off by a frame). Pengfei privately reported that while using a shadow stack enabled glibc, the “signal06” test in the LTP test-suite hung. It turns out it is testing the above described double signal scenario. When this test was compiled with shadow stack, the first signal pushed a shadow stack sigframe, then the second pushed another. When the second signal was handled, the SSP was at the first shadow stack signal frame instead of the original location. The test then got stuck as the #CP from the twice incremented SSP was incorrect and generated segfaults in a loop. Fix this by adjusting the SSP register only after any userspace accesses, such that there can be no failures after the SSP is adjusted. Do this by moving the shadow stack sigframe push logic to happen after all other userspace accesses. Note, sigreturn (as opposed to the signal delivery dealt with in this patch) has ordering behavior that could lead to similar failures. The ordering issues there extend beyond shadow stack to include the alt stack restoration. Fixing that would require cross-arch changes, and the ordering today does not cause any known test or apps breakages. So leave it as is, for now. [ dhansen: minor changelog/subject tweak ] Fixes: 05e36022c054 ("x86/shstk: Handle signals for shadow stack") Reported-by: Pengfei Xu <pengfei.xu(a)intel.com> Signed-off-by: Rick Edgecombe <rick.p.edgecombe(a)intel.com> Signed-off-by: Dave Hansen <dave.hansen(a)linux.intel.com> Tested-by: Pengfei Xu <pengfei.xu(a)intel.com> Cc:stable@vger.kernel.org Link: https://lore.kernel.org/all/20231107182251.91276-1-rick.p.edgecombe%40intel… Link: https://github.com/linux-test-project/ltp/blob/master/testcases/kernel/sysc… --- arch/x86/kernel/signal_64.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/x86/kernel/signal_64.c b/arch/x86/kernel/signal_64.c index cacf2ed..23d8aaf 100644 --- a/arch/x86/kernel/signal_64.c +++ b/arch/x86/kernel/signal_64.c @@ -175,9 +175,6 @@ int x64_setup_rt_frame(struct ksignal *ksig, struct pt_regs *regs) frame = get_sigframe(ksig, regs, sizeof(struct rt_sigframe), &fp); uc_flags = frame_uc_flags(regs); - if (setup_signal_shadow_stack(ksig)) - return -EFAULT; - if (!user_access_begin(frame, sizeof(*frame))) return -EFAULT; @@ -198,6 +195,9 @@ int x64_setup_rt_frame(struct ksignal *ksig, struct pt_regs *regs) return -EFAULT; } + if (setup_signal_shadow_stack(ksig)) + return -EFAULT; + /* Set up registers for signal handler */ regs->di = ksig->sig; /* In case the signal handler was declared without prototypes */

1 year, 7 months

1
0
0 0

[PATCH v2] mm: Fix for negative counter: nr_file_hugepages

by Stefan Roesch

While qualifiying the 6.4 release, the following warning was detected in messages: vmstat_refresh: nr_file_hugepages -15664 The warning is caused by the incorrect updating of the NR_FILE_THPS counter in the function split_huge_page_to_list. The if case is checking for folio_test_swapbacked, but the else case is missing the check for folio_test_pmd_mappable. The other functions that manipulate the counter like __filemap_add_folio and filemap_unaccount_folio have the corresponding check. I have a test case, which reproduces the problem. It can be found here: https://github.com/sroeschus/testcase/blob/main/vmstat_refresh/madv.c The test case reproduces on an XFS filesystem. Running the same test case on a BTRFS filesystem does not reproduce the problem. AFAIK version 6.1 until 6.6 are affected by this problem. Signed-off-by: Stefan Roesch <shr(a)devkernel.io> Co-debugged-by: Johannes Weiner <hannes(a)cmpxchg.org> Acked-by: Johannes Weiner <hannes(a)cmpxchg.org> --- mm/huge_memory.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/huge_memory.c b/mm/huge_memory.c index 064fbd90822b4..9dbd5ef5a3902 100644 --- a/mm/huge_memory.c +++ b/mm/huge_memory.c @@ -2740,7 +2740,7 @@ int split_huge_page_to_list(struct page *page, struct list_head *list) if (folio_test_swapbacked(folio)) { __lruvec_stat_mod_folio(folio, NR_SHMEM_THPS, -nr); - } else { + } else if (folio_test_pmd_mappable(folio)) { __lruvec_stat_mod_folio(folio, NR_FILE_THPS, -nr); filemap_nr_thps_dec(mapping); base-commit: ffc253263a1375a65fa6c9f62a893e9767fbebfa -- 2.39.3

1 year, 7 months

4
6
0 0

[PATCH v4] acpi/processor: sanitize _OSC/_PDC capabilities for Xen dom0

by Jason Andryuk

From: Roger Pau Monne <roger.pau(a)citrix.com> The Processor capability bits notify ACPI of the OS capabilities, and so ACPI can adjust the return of other Processor methods taking the OS capabilities into account. When Linux is running as a Xen dom0, the hypervisor is the entity in charge of processor power management, and hence Xen needs to make sure the capabilities reported by _OSC/_PDC match the capabilities of the driver in Xen. Introduce a small helper to sanitize the buffer when running as Xen dom0. When Xen supports HWP, this serves as the equivalent of commit a21211672c9a ("ACPI / processor: Request native thermal interrupt handling via _OSC") to avoid SMM crashes. Xen will set bit ACPI_PROC_CAP_COLLAB_PROC_PERF (bit 12) in the capability bits and the _OSC/_PDC call will apply it. [ jandryuk: Mention Xen HWP's need. Support _OSC & _PDC ] Signed-off-by: Roger Pau Monné <roger.pau(a)citrix.com> Cc: stable(a)vger.kernel.org Signed-off-by: Jason Andryuk <jandryuk(a)gmail.com> --- v4: Use xen_santize_proc_cap_bits() name - Michal Rephrase comment - Michal v3: Move xen_sanitize_pdc() call to arch_acpi_set_proc_cap_bits() to cover _OSC and _PDC. drivers/xen/pcpu.c is CONFIG_DOM0 && CONFIG_X86 v2: Move local variables in acpi_processor_eval_pdc() to reuse in both conditions. --- arch/x86/include/asm/acpi.h | 14 ++++++++++++++ arch/x86/include/asm/xen/hypervisor.h | 9 +++++++++ drivers/xen/pcpu.c | 21 +++++++++++++++++++++ 3 files changed, 44 insertions(+) diff --git a/arch/x86/include/asm/acpi.h b/arch/x86/include/asm/acpi.h index c8a7fc23f63c..f896eed4516c 100644 --- a/arch/x86/include/asm/acpi.h +++ b/arch/x86/include/asm/acpi.h @@ -16,6 +16,9 @@ #include <asm/x86_init.h> #include <asm/cpufeature.h> #include <asm/irq_vectors.h> +#include <asm/xen/hypervisor.h> + +#include <xen/xen.h> #ifdef CONFIG_ACPI_APEI # include <asm/pgtable_types.h> @@ -127,6 +130,17 @@ static inline void arch_acpi_set_proc_cap_bits(u32 *cap) if (!cpu_has(c, X86_FEATURE_MWAIT) || boot_option_idle_override == IDLE_NOMWAIT) *cap &= ~(ACPI_PROC_CAP_C_C1_FFH | ACPI_PROC_CAP_C_C2C3_FFH); + + if (xen_initial_domain()) { + /* + * When Linux is running as Xen dom0, the hypervisor is the + * entity in charge of the processor power management, and so + * Xen needs to check the OS capabilities reported in the + * processor capabilities buffer matches what the hypervisor + * driver supports. + */ + xen_sanitize_proc_cap_bits(cap); + } } static inline bool acpi_has_cpu_in_madt(void) diff --git a/arch/x86/include/asm/xen/hypervisor.h b/arch/x86/include/asm/xen/hypervisor.h index 7048dfacc04b..a9088250770f 100644 --- a/arch/x86/include/asm/xen/hypervisor.h +++ b/arch/x86/include/asm/xen/hypervisor.h @@ -100,4 +100,13 @@ static inline void leave_lazy(enum xen_lazy_mode mode) enum xen_lazy_mode xen_get_lazy_mode(void); +#if defined(CONFIG_XEN_DOM0) && defined(CONFIG_ACPI) +void xen_sanitize_proc_cap_bits(uint32_t *buf); +#else +static inline void xen_sanitize_proc_cap_bits(uint32_t *buf) +{ + BUG(); +} +#endif + #endif /* _ASM_X86_XEN_HYPERVISOR_H */ diff --git a/drivers/xen/pcpu.c b/drivers/xen/pcpu.c index b3e3d1bb37f3..7000701dff8f 100644 --- a/drivers/xen/pcpu.c +++ b/drivers/xen/pcpu.c @@ -47,6 +47,9 @@ #include <asm/xen/hypervisor.h> #include <asm/xen/hypercall.h> +#ifdef CONFIG_ACPI +#include <acpi/processor.h> +#endif /* * @cpu_id: Xen physical cpu logic number @@ -400,4 +403,22 @@ bool __init xen_processor_present(uint32_t acpi_id) return online; } + +void xen_sanitize_proc_cap_bits(uint32_t *cap) +{ + struct xen_platform_op op = { + .cmd = XENPF_set_processor_pminfo, + .u.set_pminfo.id = -1, + .u.set_pminfo.type = XEN_PM_PDC, + }; + u32 buf[3] = { ACPI_PDC_REVISION_ID, 1, *cap }; + int ret; + + set_xen_guest_handle(op.u.set_pminfo.pdc, buf); + ret = HYPERVISOR_platform_op(&op); + if (ret) + pr_err("sanitize of _PDC buffer bits from Xen failed: %d\n", + ret); + *cap = buf[2]; +} #endif -- 2.41.0

1 year, 7 months

4
3
0 0

[PATCH 5.4 000/131] 5.4.258-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.4.258 release. There are 131 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 11 Oct 2023 13:00:55 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.258-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.4.258-rc1 Arnd Bergmann <arnd(a)arndb.de> ima: rework CONFIG_IMA dependency block Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix a race in __nfs_list_for_each_server() John David Anglin <dave(a)parisc-linux.org> parisc: Restore __ldcw_align for PA-RISC 2.0 processors Shay Drory <shayd(a)nvidia.com> RDMA/mlx5: Fix NULL string error Bernard Metzler <bmt(a)zurich.ibm.com> RDMA/siw: Fix connection failure handling Konstantin Meskhidze <konstantin.meskhidze(a)huawei.com> RDMA/uverbs: Fix typo of sizeof argument Leon Romanovsky <leonro(a)nvidia.com> RDMA/cma: Fix truncation compilation warning in make_cma_ports Duje Mihanović <duje.mihanovic(a)skole.hr> gpio: pxa: disable pinctrl calls for MMP_GPIO Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpio: aspeed: fix the GPIO number passed to pinctrl_gpio_set_config() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> IB/mlx4: Fix the size of a buffer in add_port_entries() Leon Romanovsky <leonro(a)nvidia.com> RDMA/core: Require admin capabilities to set system parameters Ivan Babrou <ivan(a)cloudflare.com> cpupower: add Makefile dependencies for install targets Xin Long <lucien.xin(a)gmail.com> sctp: update hb timer immediately after users change hb_interval Xin Long <lucien.xin(a)gmail.com> sctp: update transport state when processing a dupcook packet Neal Cardwell <ncardwell(a)google.com> tcp: fix delayed ACKs for MSS boundary condition Neal Cardwell <ncardwell(a)google.com> tcp: fix quick-ack counting to count actual ACKs of new data Ben Wolsieffer <ben.wolsieffer(a)hefring.com> net: stmmac: dwmac-stm32: fix resume on STM32 MCU Xin Long <lucien.xin(a)gmail.com> netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp Jeremy Cline <jeremy(a)jcline.org> net: nfc: llcp: Add lock when modifying device list Shigeru Yoshida <syoshida(a)redhat.com> net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg Fabio Estevam <festevam(a)denx.de> net: dsa: mv88e6xxx: Avoid EEPROM timeout when EEPROM is absent David Howells <dhowells(a)redhat.com> ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() Eric Dumazet <edumazet(a)google.com> net: fix possible store tearing in neigh_periodic_work() Mauricio Faria de Oliveira <mfo(a)canonical.com> modpost: add missing else to the "of" check Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Fix a nfs4_state_manager() race Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Add a helper nfs_client_for_each_server() Chuck Lever <chuck.lever(a)oracle.com> NFS4: Trace state recovery operation Junxiao Bi <junxiao.bi(a)oracle.com> scsi: target: core: Fix deadlock due to recursive locking Oleksandr Tymoshenko <ovt(a)google.com> ima: Finish deprecation of IMA_TRUSTED_KEYRING Kconfig Richard Fitzgerald <rf(a)opensource.cirrus.com> regmap: rbtree: Fix wrong register marked as in-cache when creating new node Felix Fietkau <nbd(a)nbd.name> wifi: mt76: mt76x02: fix MT76x0 external LNA gain handling Alexandra Diupina <adiupina(a)astralinux.ru> drivers/net: process the result of hdlc_open() and add call of hdlc_close() in uhdlc_close() Pin-yen Lin <treapking(a)chromium.org> wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet Arnd Bergmann <arnd(a)arndb.de> wifi: iwlwifi: dbg_ini: fix structure packing Zhihao Cheng <chengzhihao1(a)huawei.com> ubi: Refuse attaching if mtd's erasesize is 0 Jordan Rife <jrife(a)google.com> net: prevent rewrite of msg_name in sock_sendmsg() Qu Wenruo <wqu(a)suse.com> btrfs: reject unknown mount options early Jordan Rife <jrife(a)google.com> net: replace calls to sock->ops->connect() with kernel_connect() Gustavo A. R. Silva <gustavoars(a)kernel.org> wifi: mwifiex: Fix tlv_buf_left calculation Gustavo A. R. Silva <gustavoars(a)kernel.org> qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info Dinghao Liu <dinghao.liu(a)zju.edu.cn> scsi: zfcp: Fix a double put in zfcp_port_enqueue() Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "PCI: qcom: Disable write access to read only registers for IP v2.3.3" Ilya Dryomov <idryomov(a)gmail.com> rbd: take header_rwsem in rbd_dev_refresh() only when updating Ilya Dryomov <idryomov(a)gmail.com> rbd: decouple parent info read-in from updating rbd_dev Ilya Dryomov <idryomov(a)gmail.com> rbd: decouple header read-in from updating rbd_dev->header Ilya Dryomov <idryomov(a)gmail.com> rbd: move rbd_dev_refresh() definition Greg Ungerer <gerg(a)kernel.org> fs: binfmt_elf_efpic: fix personality for ELF-FDPIC Matthias Schiffer <mschiffer(a)universe-factory.net> ata: libata-sata: increase PMP SRST timeout to 10s Damien Le Moal <dlemoal(a)kernel.org> ata: libata-core: Do not register PM operations for SAS ports Damien Le Moal <dlemoal(a)kernel.org> ata: libata-core: Fix port and device removal Damien Le Moal <dlemoal(a)kernel.org> ata: libata-core: Fix ata_port_request_pm() locking Mika Westerberg <mika.westerberg(a)linux.intel.com> net: thunderbolt: Fix TCPv6 GSO checksum calculation Josef Bacik <josef(a)toxicpanda.com> btrfs: properly report 0 avail for very full file systems Steven Rostedt (Google) <rostedt(a)goodmis.org> ring-buffer: Update "shortest_full" in polling Heiner Kallweit <hkallweit1(a)gmail.com> i2c: i801: unregister tco_pdev in i801_probe() error path Niklas Cassel <niklas.cassel(a)wdc.com> ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION CODES Kailang Yang <kailang(a)realtek.com> ALSA: hda: Disable power save for solving pop issue on Lenovo ThinkCentre M70q Pan Bian <bianpan2016(a)163.com> nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> serial: 8250_port: Check IRQ data before use Vishal Goel <vishal.goel(a)samsung.com> Smack:- Use overlay inode label in smack_inode_copy_up() Roberto Sassu <roberto.sassu(a)huawei.com> smack: Retrieve transmuting information in smack_inode_getsecurity() Roberto Sassu <roberto.sassu(a)huawei.com> smack: Record transmuting in smk_transmuted Stefan Assmann <sassmann(a)kpanic.de> i40e: fix return of uninitialized aq_ret in i40e_set_vsi_promisc Stefan Assmann <sassmann(a)kpanic.de> i40e: always propagate error value in i40e_set_vsi_promisc() Stefan Assmann <sassmann(a)kpanic.de> i40e: improve locking of mac_filter_hash Mika Westerberg <mika.westerberg(a)linux.intel.com> watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running Mika Westerberg <mika.westerberg(a)linux.intel.com> watchdog: iTCO_wdt: No need to stop the timer in probe Pratyush Yadav <ptyadav(a)amazon.de> nvme-pci: do not set the NUMA node of device if it has none Thomas Zimmermann <tzimmermann(a)suse.de> fbdev/sh7760fb: Depend on FB=y Johnathan Mantey <johnathanx.mantey(a)intel.com> ncsi: Propagate carrier gain/loss events to the NCSI controller Benjamin Gray <bgray(a)linux.ibm.com> powerpc/watchpoints: Annotate atomic context in more places Stanislav Fomichev <sdf(a)google.com> bpf: Clarify error expectations from bpf_clone_redirect Han Xu <han.xu(a)nxp.com> spi: nxp-fspi: reset the FLSHxCR1 registers Niklas Cassel <niklas.cassel(a)wdc.com> ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset() Zheng Yejian <zhengyejian1(a)huawei.com> ring-buffer: Avoid softlockup in ring_buffer_resize() Zheng Yejian <zhengyejian1(a)huawei.com> selftests/ftrace: Correctly enable event in instance-event.tc Helge Deller <deller(a)gmx.de> parisc: irq: Make irq_stack_union static to avoid sparse warning Helge Deller <deller(a)gmx.de> parisc: drivers: Fix sparse warning Helge Deller <deller(a)gmx.de> parisc: iosapic.c: Fix sparse warnings Helge Deller <deller(a)gmx.de> parisc: sba: Fix compile warning wrt list of SBA devices Wenhua Lin <Wenhua.Lin(a)unisoc.com> gpio: pmic-eic-sprd: Add can_sleep flag for PMIC EIC chip Max Filippov <jcmvbkbc(a)gmail.com> xtensa: boot/lib: fix function prototypes Randy Dunlap <rdunlap(a)infradead.org> xtensa: boot: don't add include-dirs Randy Dunlap <rdunlap(a)infradead.org> xtensa: iss/network: make functions static Max Filippov <jcmvbkbc(a)gmail.com> xtensa: add default definition for XCHAL_HAVE_DIV32 Tony Lindgren <tony(a)atomide.com> bus: ti-sysc: Fix SYSC_QUIRK_SWSUP_SIDLE_ACT handling for uart wake-up Tony Lindgren <tony(a)atomide.com> ARM: dts: ti: omap: motorola-mapphone: Fix abe_clkctrl warning on boot Timo Alho <talho(a)nvidia.com> clk: tegra: fix error return case for recalc_rate Christoph Hellwig <hch(a)lst.de> MIPS: Alchemy: only build mmc support helpers if au1xmmc is enabled Niklas Cassel <niklas.cassel(a)wdc.com> ata: libata: disallow dev-initiated LPM transitions to unsupported states Hamza Mahfooz <hamza.mahfooz(a)amd.com> drm/amd/display: prevent potential division by zero errors Anthony Koo <Anthony.Koo(a)amd.com> drm/amd/display: Fix LFC multiplier changing erratically Amanda Liu <amanda.liu(a)amd.com> drm/amd/display: Reinstate LFC optimization Ahmad Fatoum <a.fatoum(a)pengutronix.de> clk: imx: pll14xx: dynamically configure PLL for 393216000/361267200Hz Anson Huang <Anson.Huang(a)nxp.com> clk: imx: pll14xx: Add new frequency entries for pll1443x table YueHaibing <yuehaibing(a)huawei.com> clk: imx: clk-pll14xx: Make two variables static Quinn Tran <qutran(a)marvell.com> scsi: qla2xxx: Fix deletion race condition Himanshu Madhani <hmadhani(a)marvell.com> scsi: qla2xxx: Fix update_fcport for current_topology Werner Sembach <wse(a)tuxedocomputers.com> Input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN Xiaoke Wang <xkernel.wang(a)foxmail.com> i2c: mux: demux-pinctrl: check the return value of devm_kstrdup() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> gpio: tb10x: Fix an error handling path in tb10x_gpio_probe() Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP Artem Chernyshev <artem.chernyshev(a)red-soft.ru> net: rds: Fix possible NULL-pointer dereference Ziyang Xuan <william.xuanziyang(a)huawei.com> team: fix null-ptr-deref when team device type is changed Eric Dumazet <edumazet(a)google.com> net: bridge: use DEV_STATS_INC() Jie Wang <wangjie125(a)huawei.com> net: hns3: add 5ms delay before clear firmware reset irq source Eric Dumazet <edumazet(a)google.com> dccp: fix dccp_v4_err()/dccp_v6_err() again Kajol Jain <kjain(a)linux.ibm.com> powerpc/perf/hv-24x7: Update domain value check Kyle Zeng <zengyhkyle(a)gmail.com> ipv4: fix null-deref in ipv4_link_failure Ivan Vecera <ivecera(a)redhat.com> i40e: Fix VF VLAN offloading when port VLAN is configured Karen Sornek <karen.sornek(a)intel.com> i40e: Fix warning message and call stack during rmmod i40e driver Aleksandr Loktionov <aleksandr.loktionov(a)intel.com> i40e: Remove scheduling while atomic possibility Sylwia Wnuczko <sylwia.wnuczko(a)intel.com> i40e: Fix for persistent lldp support Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: imx-audmix: Fix return error with devm_clk_get() Sabrina Dubroca <sd(a)queasysnail.net> selftests: tls: swap the TX and RX sockets in some tests Kees Cook <keescook(a)chromium.org> selftests/tls: Add {} to avoid static checker warning Toke Høiland-Jørgensen <toke(a)redhat.com> bpf: Avoid deadlock when using queue and stack maps from NMI Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: disallow element removal on anonymous sets Jerome Brunet <jbrunet(a)baylibre.com> ASoC: meson: spdifin: start hw on dai probe Jan Kara <jack(a)suse.cz> ext4: do not let fstrim block system suspend Jan Kara <jack(a)suse.cz> ext4: move setting of trimmed bit into ext4_try_to_trim_range() Kemeng Shi <shikemeng(a)huaweicloud.com> ext4: replace the traditional ternary conditional operator with with max()/min() Dmitry Monakhov <dmtrmonakhov(a)yandex-team.ru> ext4: mark group as trimmed only if it was fully scanned Lukas Czerner <lczerner(a)redhat.com> ext4: change s_last_trim_minblks type to unsigned long Lukas Bulwahn <lukas.bulwahn(a)gmail.com> ext4: scope ret locally in ext4_try_to_trim_range() Wang Jianchao <wangjianchao(a)kuaishou.com> ext4: add new helper interface ext4_try_to_trim_range() Wang Jianchao <wangjianchao(a)kuaishou.com> ext4: remove the 'group' parameter of ext4_trim_extent Szuying Chen <chensiying21(a)gmail.com> ata: libahci: clear pending interrupt status Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Increase trace array ref count on enable and filter files Trond Myklebust <trond.myklebust(a)hammerspace.com> SUNRPC: Mark the cred for revalidation if the server rejects it Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS/pNFS: Report EINVAL errors from connect() to the server ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/omap4-droid4-xt894.dts | 4 +- arch/mips/alchemy/devboards/db1000.c | 4 + arch/mips/alchemy/devboards/db1200.c | 6 + arch/mips/alchemy/devboards/db1300.c | 4 + arch/parisc/include/asm/ldcw.h | 36 +- arch/parisc/include/asm/ropes.h | 3 + arch/parisc/include/asm/spinlock_types.h | 5 - arch/parisc/kernel/drivers.c | 2 +- arch/parisc/kernel/irq.c | 2 +- arch/powerpc/kernel/hw_breakpoint.c | 9 + arch/powerpc/perf/hv-24x7.c | 2 +- arch/xtensa/boot/Makefile | 3 +- arch/xtensa/boot/lib/zmem.c | 5 +- arch/xtensa/include/asm/core.h | 4 + arch/xtensa/platforms/iss/network.c | 4 +- drivers/ata/ahci.c | 9 + drivers/ata/libahci.c | 35 +- drivers/ata/libata-core.c | 60 ++- drivers/ata/libata-eh.c | 13 +- drivers/ata/libata-scsi.c | 2 +- drivers/ata/libata-transport.c | 9 +- drivers/ata/libata.h | 2 + drivers/base/regmap/regcache-rbtree.c | 3 +- drivers/block/rbd.c | 420 +++++++++++---------- drivers/bus/ti-sysc.c | 22 +- drivers/char/agp/parisc-agp.c | 2 - drivers/clk/imx/clk-pll14xx.c | 8 +- drivers/clk/tegra/clk-bpmp.c | 2 +- drivers/gpio/gpio-aspeed.c | 2 +- drivers/gpio/gpio-pmic-eic-sprd.c | 1 + drivers/gpio/gpio-pxa.c | 1 + drivers/gpio/gpio-tb10x.c | 6 +- .../drm/amd/display/modules/freesync/freesync.c | 69 +++- .../gpu/drm/amd/display/modules/inc/mod_freesync.h | 1 + drivers/i2c/busses/i2c-i801.c | 1 + drivers/i2c/muxes/i2c-demux-pinctrl.c | 4 + drivers/infiniband/core/cma_configfs.c | 2 +- drivers/infiniband/core/nldev.c | 1 + drivers/infiniband/core/uverbs_main.c | 2 +- drivers/infiniband/hw/mlx4/sysfs.c | 2 +- drivers/infiniband/hw/mlx5/main.c | 2 +- drivers/infiniband/sw/siw/siw_cm.c | 16 +- drivers/input/serio/i8042-x86ia64io.h | 7 + drivers/mtd/ubi/build.c | 7 + drivers/net/dsa/mv88e6xxx/chip.c | 6 +- drivers/net/dsa/mv88e6xxx/global1.c | 31 -- drivers/net/dsa/mv88e6xxx/global1.h | 1 - drivers/net/dsa/mv88e6xxx/global2.c | 2 +- drivers/net/dsa/mv88e6xxx/global2.h | 1 + .../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 5 + drivers/net/ethernet/intel/i40e/i40e_dcb.c | 4 +- drivers/net/ethernet/intel/i40e/i40e_dcb.h | 3 + drivers/net/ethernet/intel/i40e/i40e_nvm.c | 61 +-- drivers/net/ethernet/intel/i40e/i40e_prototype.h | 10 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 319 +++++++++------- drivers/net/ethernet/qlogic/qed/qed_ll2.h | 2 +- drivers/net/ethernet/stmicro/stmmac/dwmac-stm32.c | 7 +- drivers/net/team/team.c | 10 +- drivers/net/thunderbolt.c | 3 +- drivers/net/usb/smsc75xx.c | 4 +- drivers/net/wan/fsl_ucc_hdlc.c | 12 +- drivers/net/wireless/intel/iwlwifi/fw/error-dump.h | 6 +- .../net/wireless/marvell/mwifiex/11n_rxreorder.c | 4 +- drivers/net/wireless/marvell/mwifiex/sta_rx.c | 16 +- .../net/wireless/mediatek/mt76/mt76x02_eeprom.c | 7 - drivers/net/wireless/mediatek/mt76/mt76x2/eeprom.c | 13 +- drivers/nvme/host/pci.c | 2 - drivers/parisc/iosapic.c | 4 +- drivers/parisc/iosapic_private.h | 4 +- drivers/pci/controller/dwc/pcie-qcom.c | 2 - drivers/s390/scsi/zfcp_aux.c | 9 +- drivers/scsi/qla2xxx/qla_init.c | 21 +- drivers/scsi/qla2xxx/qla_target.c | 12 +- drivers/spi/spi-nxp-fspi.c | 7 + drivers/target/target_core_device.c | 11 +- drivers/tty/serial/8250/8250_port.c | 5 +- drivers/video/fbdev/Kconfig | 2 +- drivers/watchdog/iTCO_wdt.c | 26 +- fs/binfmt_elf_fdpic.c | 5 +- fs/btrfs/super.c | 6 +- fs/ext4/ext4.h | 2 +- fs/ext4/mballoc.c | 138 ++++--- fs/nfs/flexfilelayout/flexfilelayout.c | 1 + fs/nfs/internal.h | 4 +- fs/nfs/nfs4state.c | 10 + fs/nfs/nfs4trace.h | 93 +++++ fs/nfs/super.c | 35 ++ fs/nilfs2/gcinode.c | 6 +- include/linux/if_team.h | 2 + include/linux/libata.h | 6 +- include/linux/netfilter/nf_conntrack_sctp.h | 1 + include/net/tcp.h | 6 +- include/uapi/linux/bpf.h | 4 +- kernel/bpf/queue_stack_maps.c | 21 +- kernel/trace/ring_buffer.c | 5 + kernel/trace/trace.c | 27 ++ kernel/trace/trace.h | 2 + kernel/trace/trace_events.c | 6 +- net/bridge/br_forward.c | 4 +- net/bridge/br_input.c | 4 +- net/core/neighbour.c | 4 +- net/dccp/ipv4.c | 9 +- net/dccp/ipv6.c | 9 +- net/ipv4/route.c | 4 +- net/ipv4/tcp_input.c | 13 + net/ipv4/tcp_output.c | 7 +- net/l2tp/l2tp_ip6.c | 2 +- net/ncsi/ncsi-aen.c | 5 + net/netfilter/ipset/ip_set_core.c | 12 +- net/netfilter/ipvs/ip_vs_sync.c | 4 +- net/netfilter/nf_conntrack_proto_sctp.c | 43 ++- net/netfilter/nf_tables_api.c | 9 +- net/nfc/llcp_core.c | 2 + net/rds/rdma_transport.c | 8 +- net/rds/tcp_connect.c | 2 +- net/sctp/associola.c | 3 +- net/sctp/socket.c | 1 + net/socket.c | 29 +- net/sunrpc/clnt.c | 1 + scripts/mod/file2alias.c | 2 +- security/integrity/ima/Kconfig | 20 +- security/smack/smack.h | 1 + security/smack/smack_lsm.c | 65 +++- sound/pci/hda/hda_intel.c | 1 + sound/soc/fsl/imx-audmix.c | 2 +- sound/soc/meson/axg-spdifin.c | 49 +-- tools/include/uapi/linux/bpf.h | 4 +- tools/power/cpupower/Makefile | 8 +- tools/power/cpupower/bench/Makefile | 2 +- .../ftrace/test.d/instances/instance-event.tc | 2 +- tools/testing/selftests/net/tls.c | 11 +- 132 files changed, 1389 insertions(+), 773 deletions(-)

1 year, 7 months

9
142
0 0

Linux 5.15.138

by Greg Kroah-Hartman

I'm announcing the release of the 5.15.138 kernel. All users of the 5.15 kernel series must upgrade. The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/powerpc/kernel/head_fsl_booke.S | 2 arch/powerpc/kernel/setup-common.c | 2 arch/powerpc/mm/mem.c | 1 arch/sparc/lib/checksum_32.S | 2 arch/x86/include/asm/i8259.h | 2 arch/x86/include/asm/setup.h | 46 +- arch/x86/kernel/acpi/boot.c | 3 arch/x86/kernel/i8259.c | 38 + arch/x86/kernel/setup.c | 5 arch/x86/kernel/vmlinux.lds.S | 2 drivers/base/driver.c | 69 +++ drivers/base/platform.c | 28 - drivers/clk/clk.c | 21 - drivers/dma/ste_dma40.c | 1 drivers/firmware/imx/imx-dsp.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 19 drivers/gpu/drm/amd/amdgpu/vi.c | 2 drivers/gpu/drm/drm_dp_mst_topology.c | 6 drivers/gpu/drm/i915/i915_pmu.c | 9 drivers/gpu/drm/ttm/ttm_device.c | 8 drivers/i2c/busses/i2c-aspeed.c | 3 drivers/i2c/busses/i2c-stm32f7.c | 9 drivers/i2c/muxes/i2c-demux-pinctrl.c | 2 drivers/i2c/muxes/i2c-mux-gpmux.c | 2 drivers/i2c/muxes/i2c-mux-pinctrl.c | 2 drivers/iio/adc/exynos_adc.c | 24 - drivers/iio/adc/xilinx-xadc-core.c | 39 -- drivers/iio/adc/xilinx-xadc.h | 2 drivers/iio/afe/iio-rescale.c | 162 ++++++-- drivers/input/mouse/synaptics.c | 1 drivers/input/rmi4/rmi_smbus.c | 50 +- drivers/irqchip/irq-riscv-intc.c | 10 drivers/irqchip/irq-stm32-exti.c | 1 drivers/mcb/mcb-lpc.c | 35 + drivers/mcb/mcb-parse.c | 15 drivers/misc/fastrpc.c | 10 drivers/misc/pci_endpoint_test.c | 4 drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 drivers/net/ethernet/google/gve/gve_rx_dqo.c | 2 drivers/net/ethernet/intel/i40e/i40e.h | 2 drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 drivers/net/ethernet/intel/igb/igb_ethtool.c | 6 drivers/net/ethernet/intel/igc/igc_ethtool.c | 35 + drivers/net/ethernet/realtek/r8169_main.c | 6 drivers/net/ethernet/toshiba/ps3_gelic_wireless.c | 2 drivers/net/gtp.c | 5 drivers/net/ieee802154/adf7242.c | 5 drivers/net/usb/r8152.c | 18 drivers/net/usb/smsc95xx.c | 4 drivers/nvmem/imx-ocotp.c | 6 drivers/pci/quirks.c | 8 drivers/pinctrl/qcom/pinctrl-lpass-lpi.c | 17 drivers/platform/mellanox/mlxbf-tmfifo.c | 21 - drivers/rpmsg/qcom_glink_native.c | 2 drivers/rpmsg/rpmsg_core.c | 37 + drivers/rpmsg/rpmsg_internal.h | 5 drivers/rpmsg/rpmsg_ns.c | 4 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 drivers/spi/spi-npcm-fiu.c | 5 drivers/tty/n_gsm.c | 2 drivers/tty/serial/8250/8250_pci.c | 327 ++++++++++++++++ drivers/usb/gadget/legacy/raw_gadget.c | 26 - drivers/usb/storage/unusual_cypress.h | 2 drivers/usb/typec/tcpm/tcpm.c | 3 drivers/vhost/vhost.c | 4 drivers/video/fbdev/aty/atyfb_base.c | 4 drivers/video/fbdev/uvesafb.c | 2 drivers/virtio/virtio_balloon.c | 6 drivers/virtio/virtio_mmio.c | 19 fs/ext4/mballoc.c | 51 +- fs/ext4/mballoc.h | 14 fs/nfsd/vfs.c | 12 fs/ntfs3/attrib.c | 6 fs/ntfs3/attrlist.c | 15 fs/ntfs3/bitmap.c | 3 fs/ntfs3/dir.c | 6 fs/ntfs3/frecord.c | 8 fs/ntfs3/fslog.c | 6 fs/ntfs3/fsntfs.c | 13 fs/ntfs3/super.c | 2 include/linux/device/driver.h | 2 include/linux/iio/afe/rescale.h | 36 + include/linux/kasan.h | 6 include/linux/pci_ids.h | 1 include/linux/platform_device.h | 6 include/linux/rpmsg.h | 14 include/net/tcp.h | 2 include/uapi/linux/can/isotp.h | 25 - include/uapi/linux/gtp.h | 2 kernel/events/core.c | 3 kernel/trace/trace_kprobe.c | 4 mm/kasan/report.c | 4 mm/migrate.c | 14 mm/page_alloc.c | 2 net/can/isotp.c | 426 ++++++++++++++-------- net/core/neighbour.c | 67 +-- net/ipv4/tcp.c | 19 net/ipv4/tcp_input.c | 9 net/mptcp/protocol.c | 12 net/netfilter/nfnetlink_log.c | 2 net/sched/cls_u32.c | 2 net/vmw_vsock/virtio_transport.c | 215 +++++++---- sound/hda/intel-dsp-config.c | 6 sound/soc/codecs/rt5645.c | 2 sound/soc/codecs/wcd938x.c | 52 ++ sound/soc/generic/simple-card.c | 6 tools/objtool/check.c | 2 109 files changed, 1641 insertions(+), 671 deletions(-) Al Viro (2): nfsd: lock_rename() needs both directories to live on the same fs sparc32: fix a braino in fault handling in csum_and_copy_..._user() Alain Volmat (1): i2c: stm32f7: Fix PEC handling in case of SMBUS transfers Alessandro Carminati (1): clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name Alexandru Matei (1): vsock/virtio: initialize the_virtio_vsock before using VQs Andrey Konovalov (1): usb: raw-gadget: properly handle interrupted requests Anup Patel (1): irqchip/riscv-intc: Mark all INTC nodes as initialized Arnd Bergmann (1): fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Baokun Li (3): ext4: add two helper functions extent_logical_end() and pa_logical_end() ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow ext4: avoid overlapping preallocations due to overflow Ben Wolsieffer (1): irqchip/stm32-exti: add missing DT IRQ flag translation Bjorn Andersson (1): rpmsg: glink: Release driver_override Cameron Williams (9): tty: 8250: Remove UC-257 and UC-431 tty: 8250: Add support for additional Brainboxes UC cards tty: 8250: Add support for Brainboxes UP cards tty: 8250: Add support for Intashield IS-100 tty: 8250: Fix port count of PX-257 tty: 8250: Fix up PX-803/PX-857 tty: 8250: Add support for additional Brainboxes PX cards tty: 8250: Add support for Intashield IX cards tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks Christophe JAILLET (1): net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() Christophe Leroy (1): powerpc/85xx: Fix math emulation exception Daniel Starke (1): tty: n_gsm: fix race condition in status line change on dead connections Dmitry Torokhov (1): Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Douglas Anderson (6): r8152: Increase USB control msg timeout to 5000ms as per spec r8152: Run the unload routine if we have errors during probe r8152: Cancel hw_phy_work if we have an error in probe r8152: Release firmware if we have an error in probe r8152: Check for unplug in rtl_phy_patch_request() r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en() Ekansh Gupta (1): misc: fastrpc: Clean buffers on remote invocation failures Eric Auger (1): vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE Eric Dumazet (3): tcp: remove dead code from tcp_sendmsg_locked() tcp: cleanup tcp_remove_empty_skb() use neighbour: fix various data-races Florian Westphal (1): netfilter: nfnetlink_log: silence bogus compiler warning Fred Chen (1): tcp: fix wrong RTO timeout when received SACK reneging Gabriel Marcano (1): fs/ntfs3: Fix directory element type detection Gavin Shan (1): virtio_balloon: Fix endless deflation and inflation on arm64 Greg Kroah-Hartman (1): Linux 5.15.138 Gregory Price (1): mm/migrate: fix do_pages_move for compat pointers Gustavo A. R. Silva (1): net: sched: cls_u32: Fix allocation size in u32_init() Haibo Li (1): kasan: print the original fault addr when access invalid shadow Hangyu Hua (1): rpmsg: Fix possible refcount leak in rpmsg_register_device_override() Hao Ge (1): firmware/imx-dsp: Fix use_after_free in imx_dsp_setup_channels() Herve Codina (3): i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() Ivan Vecera (2): i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR Jian Zhang (1): i2c: aspeed: Fix i2c bus hang in slave read Jimmy Hu (1): usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() Johan Hovold (2): ASoC: codecs: wcd938x: fix resource leaks on bind errors ASoC: codecs: wcd938x: fix runtime PM imbalance on remove John Sperbeck (1): objtool/x86: add missing embedded_insn check Jorge Maidana (1): fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Josh Poimboeuf (2): x86/mm: Simplify RESERVE_BRK() x86/mm: Fix RESERVE_BRK() for older binutils Juergen Gross (1): x86: Fix .brk attribute in linker script Karolina Stolarek (1): drm/ttm: Reorder sys manager cleanup step Kemeng Shi (1): mm/page_alloc: correct start page when guard page debug is enabled Konstantin Komarov (5): fs/ntfs3: Add ckeck in ni_update_parent() fs/ntfs3: Write immediately updated ntfs state fs/ntfs3: Use kvmalloc instead of kmalloc(... __GFP_NOWARN) fs/ntfs3: Fix possible NULL-ptr-deref in ni_readpage_cmpr() fs/ntfs3: Fix NULL pointer dereference on error in attr_allocate_frame() Krzysztof Kozlowski (5): pinctrl: qcom: lpass-lpi: fix concurrent register updates driver: platform: Add helper for safer setting of driver_override rpmsg: Constify local variable in field store macro rpmsg: Fix kfree() of static memory on setting driver_override rpmsg: Fix calling device_lock() on non-initialized device Kuninori Morimoto (1): ASoC: simple-card: fixup asoc_simple_probe() error handling Kunwu Chan (1): treewide: Spelling fix in comment Liam Beguin (3): iio: afe: rescale: reorder includes iio: afe: rescale: expose scale processing function iio: afe: rescale: add offset support LihaSika (1): usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Liming Sun (1): platform/mellanox: mlxbf-tmfifo: Fix a warning message Linus Walleij (1): iio: afe: rescale: Accept only offset channels Lukasz Majczak (1): drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() Marek Szyprowski (1): iio: exynos-adc: request second interupt only when touchscreen mode is used Mario Limonciello (2): drm/amd: Move helper for dynamic speed switch check out of smu13 drm/amd: Disable ASPM for VI w/ all Intel systems Mark Hasemeyer (1): ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection Mateusz Palczewski (1): igb: Fix potential memory leak in igb_add_ethtool_nfc_entry Maximilian Heyne (1): virtio-mmio: fix memory leak of vm_dev Michael Ellerman (1): powerpc/mm: Fix boot crash with FLATMEM Mirsad Goran Todorovac (3): r8169: fix the KCSAN reported data-race in rtl_tx() while reading tp->cur_tx r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 Oliver Hartkopp (7): can: isotp: set max PDU size to 64 kByte can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting can: isotp: check CAN address family in isotp_bind() can: isotp: handle wait_event_interruptible() return values can: isotp: add local echo tx processing and tx without FC can: isotp: isotp_bind(): do not validate unused address information can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior Pablo Neira Ayuso (2): gtp: uapi: fix GTPA_MAX gtp: fix fragmentation needed check with gso Paolo Abeni (1): mptcp: more conservative check for zero probes Peng Fan (3): nvmem: imx: correct nregs for i.MX6ULL nvmem: imx: correct nregs for i.MX6SLL nvmem: imx: correct nregs for i.MX6UL Peter Zijlstra (1): perf/core: Fix potential NULL deref Robert Hancock (2): iio: adc: xilinx-xadc: Don't clobber preset voltage/temperature thresholds iio: adc: xilinx-xadc: Correct temperature offset/scale for UltraScale Rodríguez Barbarin, José Javier (2): mcb: Return actual parsed size when reading chameleon table mcb-lpc: Reallocate memory region to avoid memory overlapping Sasha Neftin (1): igc: Fix ambiguity in the ethtool advertising Shailend Chand (1): gve: Fix GFP flags when allocing pages Shigeru Yoshida (1): net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg Shuming Fan (1): ASoC: rt5650: fix the wrong result of key button Siddharth Vadapalli (1): misc: pci_endpoint_test: Add deviceID for J721S2 PCIe EP device support Stefano Garzarella (2): vsock/virtio: factor our the code to initialize and delete VQs vsock/virtio: add support for device suspend/resume Su Hui (2): fs/ntfs3: Avoid possible memory leak net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Thomas Gleixner (1): x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility Tomas Henzl (1): scsi: mpt3sas: Fix in error path Umesh Nerlige Ramappa (1): drm/i915/pmu: Check if pmu is closed before stopping event Vicki Pfau (1): PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device William A. Kennington III (1): spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 Yujie Liu (1): tracing/kprobes: Fix the description of variable length arguments Zhang Shurong (1): dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe

1 year, 7 months

1
1
0 0

Linux 5.10.200

by Greg Kroah-Hartman

I'm announcing the release of the 5.10.200 kernel. All users of the 5.10 kernel series must upgrade. The updated 5.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/powerpc/kernel/setup-common.c | 2 arch/powerpc/mm/mem.c | 1 arch/sparc/lib/checksum_32.S | 2 arch/x86/include/asm/i8259.h | 2 arch/x86/include/asm/setup.h | 46 - arch/x86/kernel/acpi/boot.c | 3 arch/x86/kernel/i8259.c | 38 arch/x86/kernel/setup.c | 5 arch/x86/kernel/vmlinux.lds.S | 2 drivers/base/driver.c | 69 + drivers/base/platform.c | 28 drivers/clk/clk.c | 21 drivers/dma/ste_dma40.c | 1 drivers/gpu/drm/drm_dp_mst_topology.c | 6 drivers/i2c/busses/i2c-aspeed.c | 3 drivers/i2c/busses/i2c-stm32f7.c | 9 drivers/i2c/muxes/i2c-demux-pinctrl.c | 2 drivers/i2c/muxes/i2c-mux-gpmux.c | 2 drivers/i2c/muxes/i2c-mux-pinctrl.c | 2 drivers/iio/adc/exynos_adc.c | 24 drivers/iio/adc/xilinx-xadc-core.c | 179 +--- drivers/input/mouse/synaptics.c | 1 drivers/input/rmi4/rmi_smbus.c | 50 - drivers/irqchip/irq-stm32-exti.c | 1 drivers/mcb/mcb-lpc.c | 35 drivers/mcb/mcb-parse.c | 15 drivers/misc/fastrpc.c | 10 drivers/mmc/host/renesas_sdhi_core.c | 3 drivers/mmc/host/tmio_mmc.h | 2 drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 drivers/net/ethernet/intel/igb/igb_ethtool.c | 6 drivers/net/ethernet/intel/igc/igc_ethtool.c | 35 drivers/net/ethernet/realtek/r8169_main.c | 4 drivers/net/ethernet/toshiba/ps3_gelic_wireless.c | 2 drivers/net/gtp.c | 5 drivers/net/ieee802154/adf7242.c | 5 drivers/net/usb/r8152.c | 11 drivers/net/usb/smsc95xx.c | 4 drivers/nvmem/imx-ocotp.c | 6 drivers/pci/quirks.c | 8 drivers/platform/mellanox/mlxbf-tmfifo.c | 21 drivers/rpmsg/qcom_glink_native.c | 2 drivers/rpmsg/rpmsg_core.c | 37 drivers/rpmsg/rpmsg_internal.h | 5 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 drivers/spi/spi-npcm-fiu.c | 5 drivers/tty/serial/8250/8250_pci.c | 122 ++ drivers/usb/gadget/legacy/raw_gadget.c | 26 drivers/usb/storage/unusual_cypress.h | 2 drivers/video/fbdev/aty/atyfb_base.c | 4 drivers/video/fbdev/uvesafb.c | 2 drivers/virtio/virtio_balloon.c | 6 drivers/virtio/virtio_mmio.c | 19 fs/cifs/smbdirect.c | 14 fs/ext4/mballoc.c | 51 - fs/ext4/mballoc.h | 14 fs/f2fs/gc.c | 3 include/linux/device/driver.h | 2 include/linux/kasan.h | 6 include/linux/pci_ids.h | 1 include/linux/platform_device.h | 6 include/linux/rpmsg.h | 14 include/uapi/linux/can/isotp.h | 25 include/uapi/linux/gtp.h | 2 kernel/events/core.c | 3 kernel/trace/trace_kprobe.c | 4 lib/kobject.c | 12 mm/kasan/report.c | 4 mm/page_alloc.c | 2 net/can/isotp.c | 434 ++++++---- net/core/neighbour.c | 67 - net/ipv4/tcp_input.c | 9 net/netfilter/nfnetlink_log.c | 2 net/sched/cls_u32.c | 2 sound/hda/intel-dsp-config.c | 6 sound/soc/codecs/rt5645.c | 2 tools/objtool/check.c | 2 tools/testing/selftests/ftrace/test.d/kprobe/kprobe_non_uniq_symbol.tc | 13 80 files changed, 1046 insertions(+), 565 deletions(-) Al Viro (1): sparc32: fix a braino in fault handling in csum_and_copy_..._user() Alain Volmat (1): i2c: stm32f7: Fix PEC handling in case of SMBUS transfers Alessandro Carminati (1): clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name Andrey Konovalov (1): usb: raw-gadget: properly handle interrupted requests Arnd Bergmann (1): fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Baokun Li (3): ext4: add two helper functions extent_logical_end() and pa_logical_end() ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow ext4: avoid overlapping preallocations due to overflow Bartosz Golaszewski (3): iio: adc: xilinx: use helper variable for &pdev->dev iio: adc: xilinx: use devm_krealloc() instead of kfree() + kcalloc() iio: adc: xilinx: use more devres helpers and remove remove() Ben Wolsieffer (1): irqchip/stm32-exti: add missing DT IRQ flag translation Bjorn Andersson (1): rpmsg: glink: Release driver_override Cameron Williams (4): tty: 8250: Remove UC-257 and UC-431 tty: 8250: Add support for additional Brainboxes UC cards tty: 8250: Add support for Brainboxes UP cards tty: 8250: Add support for Intashield IS-100 Chao Yu (1): f2fs: fix to do sanity check on inode type during garbage collection Christophe JAILLET (1): net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() Dmitry Torokhov (1): Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Douglas Anderson (4): r8152: Increase USB control msg timeout to 5000ms as per spec r8152: Run the unload routine if we have errors during probe r8152: Cancel hw_phy_work if we have an error in probe r8152: Release firmware if we have an error in probe Ekansh Gupta (1): misc: fastrpc: Clean buffers on remote invocation failures Eric Dumazet (1): neighbour: fix various data-races Florian Westphal (1): netfilter: nfnetlink_log: silence bogus compiler warning Francis Laniel (1): selftests/ftrace: Add new test case which checks non unique symbol Fred Chen (1): tcp: fix wrong RTO timeout when received SACK reneging Gavin Shan (1): virtio_balloon: Fix endless deflation and inflation on arm64 Greg Kroah-Hartman (1): Linux 5.10.200 Gustavo A. R. Silva (1): net: sched: cls_u32: Fix allocation size in u32_init() Haibo Li (1): kasan: print the original fault addr when access invalid shadow Hangyu Hua (1): rpmsg: Fix possible refcount leak in rpmsg_register_device_override() Herve Codina (3): i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() Ivan Vecera (1): i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR Jian Zhang (1): i2c: aspeed: Fix i2c bus hang in slave read John Sperbeck (1): objtool/x86: add missing embedded_insn check Jorge Maidana (1): fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Josh Poimboeuf (2): x86/mm: Simplify RESERVE_BRK() x86/mm: Fix RESERVE_BRK() for older binutils Juergen Gross (1): x86: Fix .brk attribute in linker script Kemeng Shi (1): mm/page_alloc: correct start page when guard page debug is enabled Krzysztof Kozlowski (4): driver: platform: Add helper for safer setting of driver_override rpmsg: Constify local variable in field store macro rpmsg: Fix kfree() of static memory on setting driver_override rpmsg: Fix calling device_lock() on non-initialized device Kunwu Chan (1): treewide: Spelling fix in comment LihaSika (1): usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Liming Sun (1): platform/mellanox: mlxbf-tmfifo: Fix a warning message Lukas Magel (1): can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior Lukasz Majczak (1): drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() Marek Szyprowski (1): iio: exynos-adc: request second interupt only when touchscreen mode is used Mark Hasemeyer (1): ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection Mateusz Palczewski (1): igb: Fix potential memory leak in igb_add_ethtool_nfc_entry Maximilian Heyne (1): virtio-mmio: fix memory leak of vm_dev Michael Ellerman (1): powerpc/mm: Fix boot crash with FLATMEM Mirsad Goran Todorovac (2): r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 Oliver Hartkopp (6): can: isotp: set max PDU size to 64 kByte can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting can: isotp: check CAN address family in isotp_bind() can: isotp: handle wait_event_interruptible() return values can: isotp: add local echo tx processing and tx without FC can: isotp: isotp_bind(): do not validate unused address information Pablo Neira Ayuso (2): gtp: uapi: fix GTPA_MAX gtp: fix fragmentation needed check with gso Patrick Menschel (3): can: isotp: change error format from decimal to symbolic error names can: isotp: add symbolic error message to isotp_module_init() can: isotp: Add error message if txqueuelen is too small Peng Fan (3): nvmem: imx: correct nregs for i.MX6ULL nvmem: imx: correct nregs for i.MX6SLL nvmem: imx: correct nregs for i.MX6UL Peter Zijlstra (1): perf/core: Fix potential NULL deref Robert Hancock (1): iio: adc: xilinx-xadc: Don't clobber preset voltage/temperature thresholds Rodríguez Barbarin, José Javier (2): mcb: Return actual parsed size when reading chameleon table mcb-lpc: Reallocate memory region to avoid memory overlapping Sasha Neftin (1): igc: Fix ambiguity in the ethtool advertising Shigeru Yoshida (1): net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg Shuming Fan (1): ASoC: rt5650: fix the wrong result of key button Steve French (1): smbdirect: missing rc checks while waiting for rdma events Su Hui (1): net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Thomas Gleixner (1): x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility Tomas Henzl (1): scsi: mpt3sas: Fix in error path Vicki Pfau (1): PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Wang Hai (1): kobject: Fix slab-out-of-bounds in fill_kobj_path() William A. Kennington III (1): spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 Wolfram Sang (1): mmc: renesas_sdhi: use custom mask for TMIO_MASK_ALL Yujie Liu (1): tracing/kprobes: Fix the description of variable length arguments Zhang Shurong (1): dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe

1 year, 7 months

1
1
0 0

[PATCH] s390/vfio-ap: fix sysfs status attribute for AP queue devices

by Tony Krowiak

The 'status' attribute for AP queue devices bound to the vfio_ap device driver displays incorrect status when the mediated device is attached to a guest, but the queue device is not passed through. In the current implementation, the status displayed is 'in_use' which is not correct; it should be 'assigned'. This can happen if one of the queue devices associated with a given adapter is not bound to the vfio_ap device driver. For example: Queues listed in /sys/bus/ap/drivers/vfio_ap: 14.0005 14.0006 14.000d 16.0006 16.000d Queues listed in /sys/devices/vfio_ap/matrix/$UUID/matrix 14.0005 14.0006 14.000d 16.0005 16.0006 16.000d Queues listed in /sys/devices/vfio_ap/matrix/$UUID/guest_matrix 14.0005 14.0006 14.000d The reason no queues for adapter 0x16 are listed in the guest_matrix is because queue 16.0005 is not bound to the vfio_ap device driver, so no queue associated with the adapter is passed through to the guest; therefore, each queue device for adapter 0x16 should display 'assigned' instead of 'in_use', because those queues are not in use by a guest, but only assigned to the mediated device. Let's check the AP configuration for the guest to determine whether a queue device is passed through before displaying a status of 'in_use'. Signed-off-by: Tony Krowiak <akrowiak(a)linux.ibm.com> Fixes: f139862b92cf ("s390/vfio-ap: add status attribute to AP queue device's sysfs dir") Cc: stable(a)vger.kernel.org --- drivers/s390/crypto/vfio_ap_ops.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/drivers/s390/crypto/vfio_ap_ops.c b/drivers/s390/crypto/vfio_ap_ops.c index 4db538a55192..871c14a6921f 100644 --- a/drivers/s390/crypto/vfio_ap_ops.c +++ b/drivers/s390/crypto/vfio_ap_ops.c @@ -1976,6 +1976,7 @@ static ssize_t status_show(struct device *dev, { ssize_t nchars = 0; struct vfio_ap_queue *q; + unsigned long apid, apqi; struct ap_matrix_mdev *matrix_mdev; struct ap_device *apdev = to_ap_dev(dev); @@ -1984,7 +1985,11 @@ static ssize_t status_show(struct device *dev, matrix_mdev = vfio_ap_mdev_for_queue(q); if (matrix_mdev) { - if (matrix_mdev->kvm) + apid = AP_QID_CARD(q->apqn); + apqi = AP_QID_QUEUE(q->apqn); + if (matrix_mdev->kvm && + test_bit_inv(apid, matrix_mdev->shadow_apcb.apm) && + test_bit_inv(apqi, matrix_mdev->shadow_apcb.aqm)) nchars = scnprintf(buf, PAGE_SIZE, "%s\n", AP_QUEUE_IN_USE); else -- 2.41.0

1 year, 7 months

3
4
0 0

[PATCH 5.15 000/125] 5.15.138-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.138 release. There are 125 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 09 Nov 2023 20:22:58 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.138-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.138-rc2 Mark Hasemeyer <markhas(a)chromium.org> ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection Siddharth Vadapalli <s-vadapalli(a)ti.com> misc: pci_endpoint_test: Add deviceID for J721S2 PCIe EP device support Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IX cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes PX cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Fix up PX-803/PX-857 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Fix port count of PX-257 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IS-100 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Brainboxes UP cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes UC cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Remove UC-257 and UC-431 Daniel Starke <daniel.starke(a)siemens.com> tty: n_gsm: fix race condition in status line change on dead connections Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: properly handle interrupted requests Jimmy Hu <hhhuuu(a)google.com> usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() LihaSika <lihasika(a)gmail.com> usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Vicki Pfau <vi(a)endrift.com> PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Disable ASPM for VI w/ all Intel systems Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Move helper for dynamic speed switch check out of smu13 Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: isotp_bind(): do not validate unused address information Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: add local echo tx processing and tx without FC Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: handle wait_event_interruptible() return values Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: check CAN address family in isotp_bind() Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: set max PDU size to 64 kByte Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mm: Fix boot crash with FLATMEM Douglas Anderson <dianders(a)chromium.org> r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en() Douglas Anderson <dianders(a)chromium.org> r8152: Check for unplug in rtl_phy_patch_request() Su Hui <suhui(a)nfschina.com> net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Liming Sun <limings(a)nvidia.com> platform/mellanox: mlxbf-tmfifo: Fix a warning message Tomas Henzl <thenzl(a)redhat.com> scsi: mpt3sas: Fix in error path Jorge Maidana <jorgem.linux(a)gmail.com> fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Karolina Stolarek <karolina.stolarek(a)intel.com> drm/ttm: Reorder sys manager cleanup step Shuming Fan <shumingf(a)realtek.com> ASoC: rt5650: fix the wrong result of key button Florian Westphal <fw(a)strlen.de> netfilter: nfnetlink_log: silence bogus compiler warning William A. Kennington III <william(a)wkennington.com> spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 Su Hui <suhui(a)nfschina.com> fs/ntfs3: Avoid possible memory leak Gabriel Marcano <gabemarcano(a)yahoo.com> fs/ntfs3: Fix directory element type detection Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix NULL pointer dereference on error in attr_allocate_frame() Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix possible NULL-ptr-deref in ni_readpage_cmpr() Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Use kvmalloc instead of kmalloc(... __GFP_NOWARN) Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Write immediately updated ntfs state Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Add ckeck in ni_update_parent() Arnd Bergmann <arnd(a)arndb.de> fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/85xx: Fix math emulation exception Zhang Shurong <zhang_shurong(a)foxmail.com> dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe Ben Wolsieffer <ben.wolsieffer(a)hefring.com> irqchip/stm32-exti: add missing DT IRQ flag translation Anup Patel <apatel(a)ventanamicro.com> irqchip/riscv-intc: Mark all INTC nodes as initialized Gustavo A. R. Silva <gustavoars(a)kernel.org> net: sched: cls_u32: Fix allocation size in u32_init() Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: simple-card: fixup asoc_simple_probe() error handling Juergen Gross <jgross(a)suse.com> x86: Fix .brk attribute in linker script Hangyu Hua <hbh25y(a)gmail.com> rpmsg: Fix possible refcount leak in rpmsg_register_device_override() Bjorn Andersson <quic_bjorande(a)quicinc.com> rpmsg: glink: Release driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix calling device_lock() on non-initialized device Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix kfree() of static memory on setting driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Constify local variable in field store macro Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> driver: platform: Add helper for safer setting of driver_override John Sperbeck <jsperbeck(a)google.com> objtool/x86: add missing embedded_insn check Baokun Li <libaokun1(a)huawei.com> ext4: avoid overlapping preallocations due to overflow Baokun Li <libaokun1(a)huawei.com> ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow Baokun Li <libaokun1(a)huawei.com> ext4: add two helper functions extent_logical_end() and pa_logical_end() Josh Poimboeuf <jpoimboe(a)kernel.org> x86/mm: Fix RESERVE_BRK() for older binutils Josh Poimboeuf <jpoimboe(a)redhat.com> x86/mm: Simplify RESERVE_BRK() Thomas Gleixner <tglx(a)linutronix.de> x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility Shailend Chand <shailend(a)google.com> gve: Fix GFP flags when allocing pages Linus Walleij <linus.walleij(a)linaro.org> iio: afe: rescale: Accept only offset channels Liam Beguin <liambeguin(a)gmail.com> iio: afe: rescale: add offset support Liam Beguin <liambeguin(a)gmail.com> iio: afe: rescale: expose scale processing function Liam Beguin <liambeguin(a)gmail.com> iio: afe: rescale: reorder includes Alessandro Carminati <alessandro.carminati(a)gmail.com> clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name Al Viro <viro(a)zeniv.linux.org.uk> sparc32: fix a braino in fault handling in csum_and_copy_..._user() Peter Zijlstra <peterz(a)infradead.org> perf/core: Fix potential NULL deref Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6UL Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6SLL Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6ULL Ekansh Gupta <quic_ekangupt(a)quicinc.com> misc: fastrpc: Clean buffers on remote invocation failures Yujie Liu <yujie.liu(a)intel.com> tracing/kprobes: Fix the description of variable length arguments Jian Zhang <zhangjian.3032(a)bytedance.com> i2c: aspeed: Fix i2c bus hang in slave read Alain Volmat <alain.volmat(a)foss.st.com> i2c: stm32f7: Fix PEC handling in case of SMBUS transfers Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() Robert Hancock <robert.hancock(a)calian.com> iio: adc: xilinx-xadc: Correct temperature offset/scale for UltraScale Robert Hancock <robert.hancock(a)calian.com> iio: adc: xilinx-xadc: Don't clobber preset voltage/temperature thresholds Marek Szyprowski <m.szyprowski(a)samsung.com> iio: exynos-adc: request second interupt only when touchscreen mode is used Haibo Li <haibo.li(a)mediatek.com> kasan: print the original fault addr when access invalid shadow Ivan Vecera <ivecera(a)redhat.com> i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: fix fragmentation needed check with gso Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: uapi: fix GTPA_MAX Fred Chen <fred.chenchen03(a)gmail.com> tcp: fix wrong RTO timeout when received SACK reneging Douglas Anderson <dianders(a)chromium.org> r8152: Release firmware if we have an error in probe Douglas Anderson <dianders(a)chromium.org> r8152: Cancel hw_phy_work if we have an error in probe Douglas Anderson <dianders(a)chromium.org> r8152: Run the unload routine if we have errors during probe Douglas Anderson <dianders(a)chromium.org> r8152: Increase USB control msg timeout to 5000ms as per spec Shigeru Yoshida <syoshida(a)redhat.com> net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() Sasha Neftin <sasha.neftin(a)intel.com> igc: Fix ambiguity in the ethtool advertising Eric Dumazet <edumazet(a)google.com> neighbour: fix various data-races Mateusz Palczewski <mateusz.palczewski(a)intel.com> igb: Fix potential memory leak in igb_add_ethtool_nfc_entry Kunwu Chan <chentao(a)kylinos.cn> treewide: Spelling fix in comment Ivan Vecera <ivecera(a)redhat.com> i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data-race in rtl_tx() while reading tp->cur_tx Hao Ge <gehao(a)kylinos.cn> firmware/imx-dsp: Fix use_after_free in imx_dsp_setup_channels() Lukasz Majczak <lma(a)semihalf.com> drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() Alexandru Matei <alexandru.matei(a)uipath.com> vsock/virtio: initialize the_virtio_vsock before using VQs Stefano Garzarella <sgarzare(a)redhat.com> vsock/virtio: add support for device suspend/resume Stefano Garzarella <sgarzare(a)redhat.com> vsock/virtio: factor our the code to initialize and delete VQs Umesh Nerlige Ramappa <umesh.nerlige.ramappa(a)intel.com> drm/i915/pmu: Check if pmu is closed before stopping event Al Viro <viro(a)zeniv.linux.org.uk> nfsd: lock_rename() needs both directories to live on the same fs Gregory Price <gourry.memverge(a)gmail.com> mm/migrate: fix do_pages_move for compat pointers Kemeng Shi <shikemeng(a)huaweicloud.com> mm/page_alloc: correct start page when guard page debug is enabled Eric Auger <eric.auger(a)redhat.com> vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE Maximilian Heyne <mheyne(a)amazon.de> virtio-mmio: fix memory leak of vm_dev Gavin Shan <gshan(a)redhat.com> virtio_balloon: Fix endless deflation and inflation on arm64 Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb-lpc: Reallocate memory region to avoid memory overlapping Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb: Return actual parsed size when reading chameleon table Paolo Abeni <pabeni(a)redhat.com> mptcp: more conservative check for zero probes Eric Dumazet <edumazet(a)google.com> tcp: cleanup tcp_remove_empty_skb() use Eric Dumazet <edumazet(a)google.com> tcp: remove dead code from tcp_sendmsg_locked() Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> pinctrl: qcom: lpass-lpi: fix concurrent register updates Johan Hovold <johan+linaro(a)kernel.org> ASoC: codecs: wcd938x: fix runtime PM imbalance on remove Johan Hovold <johan+linaro(a)kernel.org> ASoC: codecs: wcd938x: fix resource leaks on bind errors ------------- Diffstat: Makefile | 4 +- arch/powerpc/kernel/head_fsl_booke.S | 2 +- arch/powerpc/kernel/setup-common.c | 2 + arch/powerpc/mm/mem.c | 1 - arch/sparc/lib/checksum_32.S | 2 +- arch/x86/include/asm/i8259.h | 2 + arch/x86/include/asm/setup.h | 46 ++- arch/x86/kernel/acpi/boot.c | 3 + arch/x86/kernel/i8259.c | 38 +- arch/x86/kernel/setup.c | 5 - arch/x86/kernel/vmlinux.lds.S | 2 +- drivers/base/driver.c | 69 ++++ drivers/base/platform.c | 28 +- drivers/clk/clk.c | 21 +- drivers/dma/ste_dma40.c | 1 + drivers/firmware/imx/imx-dsp.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 19 + drivers/gpu/drm/amd/amdgpu/vi.c | 2 +- drivers/gpu/drm/drm_dp_mst_topology.c | 6 +- drivers/gpu/drm/i915/i915_pmu.c | 9 + drivers/gpu/drm/ttm/ttm_device.c | 8 +- drivers/i2c/busses/i2c-aspeed.c | 3 +- drivers/i2c/busses/i2c-stm32f7.c | 9 +- drivers/i2c/muxes/i2c-demux-pinctrl.c | 2 +- drivers/i2c/muxes/i2c-mux-gpmux.c | 2 +- drivers/i2c/muxes/i2c-mux-pinctrl.c | 2 +- drivers/iio/adc/exynos_adc.c | 24 +- drivers/iio/adc/xilinx-xadc-core.c | 39 +- drivers/iio/adc/xilinx-xadc.h | 2 + drivers/iio/afe/iio-rescale.c | 162 ++++++-- drivers/input/mouse/synaptics.c | 1 + drivers/input/rmi4/rmi_smbus.c | 50 +-- drivers/irqchip/irq-riscv-intc.c | 10 +- drivers/irqchip/irq-stm32-exti.c | 1 + drivers/mcb/mcb-lpc.c | 35 +- drivers/mcb/mcb-parse.c | 15 +- drivers/misc/fastrpc.c | 10 +- drivers/misc/pci_endpoint_test.c | 4 + drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 + drivers/net/ethernet/google/gve/gve_rx_dqo.c | 2 +- drivers/net/ethernet/intel/i40e/i40e.h | 2 +- drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 +- drivers/net/ethernet/intel/igb/igb_ethtool.c | 6 +- drivers/net/ethernet/intel/igc/igc_ethtool.c | 35 +- drivers/net/ethernet/realtek/r8169_main.c | 6 +- drivers/net/ethernet/toshiba/ps3_gelic_wireless.c | 2 +- drivers/net/gtp.c | 5 +- drivers/net/ieee802154/adf7242.c | 5 +- drivers/net/usb/r8152.c | 18 +- drivers/net/usb/smsc95xx.c | 4 +- drivers/nvmem/imx-ocotp.c | 6 +- drivers/pci/quirks.c | 8 +- drivers/pinctrl/qcom/pinctrl-lpass-lpi.c | 17 +- drivers/platform/mellanox/mlxbf-tmfifo.c | 21 +- drivers/rpmsg/qcom_glink_native.c | 2 + drivers/rpmsg/rpmsg_core.c | 37 +- drivers/rpmsg/rpmsg_internal.h | 5 +- drivers/rpmsg/rpmsg_ns.c | 4 +- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 +- drivers/spi/spi-npcm-fiu.c | 5 +- drivers/tty/n_gsm.c | 2 + drivers/tty/serial/8250/8250_pci.c | 327 +++++++++++++++- drivers/usb/gadget/legacy/raw_gadget.c | 26 +- drivers/usb/storage/unusual_cypress.h | 2 +- drivers/usb/typec/tcpm/tcpm.c | 3 + drivers/vhost/vhost.c | 4 +- drivers/video/fbdev/aty/atyfb_base.c | 4 + drivers/video/fbdev/uvesafb.c | 2 +- drivers/virtio/virtio_balloon.c | 6 +- drivers/virtio/virtio_mmio.c | 19 +- fs/ext4/mballoc.c | 51 ++- fs/ext4/mballoc.h | 14 + fs/nfsd/vfs.c | 12 +- fs/ntfs3/attrib.c | 6 +- fs/ntfs3/attrlist.c | 15 +- fs/ntfs3/bitmap.c | 3 +- fs/ntfs3/dir.c | 6 +- fs/ntfs3/frecord.c | 8 +- fs/ntfs3/fslog.c | 6 +- fs/ntfs3/fsntfs.c | 13 +- fs/ntfs3/super.c | 2 +- include/linux/device/driver.h | 2 + include/linux/iio/afe/rescale.h | 36 ++ include/linux/kasan.h | 6 +- include/linux/pci_ids.h | 1 + include/linux/platform_device.h | 6 +- include/linux/rpmsg.h | 14 +- include/net/tcp.h | 2 +- include/uapi/linux/can/isotp.h | 25 +- include/uapi/linux/gtp.h | 2 +- kernel/events/core.c | 3 +- kernel/trace/trace_kprobe.c | 4 +- mm/kasan/report.c | 4 +- mm/migrate.c | 14 +- mm/page_alloc.c | 2 +- net/can/isotp.c | 438 ++++++++++++++-------- net/core/neighbour.c | 67 ++-- net/ipv4/tcp.c | 19 +- net/ipv4/tcp_input.c | 9 +- net/mptcp/protocol.c | 12 +- net/netfilter/nfnetlink_log.c | 2 +- net/sched/cls_u32.c | 2 +- net/vmw_vsock/virtio_transport.c | 215 +++++++---- sound/hda/intel-dsp-config.c | 6 + sound/soc/codecs/rt5645.c | 2 + sound/soc/codecs/wcd938x.c | 52 ++- sound/soc/generic/simple-card.c | 6 +- tools/objtool/check.c | 2 +- 109 files changed, 1648 insertions(+), 678 deletions(-)

1 year, 7 months

7
6
0 0

[PATCH 5.10 00/91] 5.10.200-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.10.200 release. There are 91 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 09 Nov 2023 20:24:28 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.200-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.10.200-rc2 Mark Hasemeyer <markhas(a)chromium.org> ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IS-100 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Brainboxes UP cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes UC cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Remove UC-257 and UC-431 Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: properly handle interrupted requests LihaSika <lihasika(a)gmail.com> usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Vicki Pfau <vi(a)endrift.com> PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Lukas Magel <lukas.magel(a)posteo.net> can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: isotp_bind(): do not validate unused address information Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: add local echo tx processing and tx without FC Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: handle wait_event_interruptible() return values Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: check CAN address family in isotp_bind() Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: set max PDU size to 64 kByte Patrick Menschel <menschel.p(a)posteo.de> can: isotp: Add error message if txqueuelen is too small Patrick Menschel <menschel.p(a)posteo.de> can: isotp: add symbolic error message to isotp_module_init() Patrick Menschel <menschel.p(a)posteo.de> can: isotp: change error format from decimal to symbolic error names Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mm: Fix boot crash with FLATMEM Su Hui <suhui(a)nfschina.com> net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Liming Sun <limings(a)nvidia.com> platform/mellanox: mlxbf-tmfifo: Fix a warning message Tomas Henzl <thenzl(a)redhat.com> scsi: mpt3sas: Fix in error path Jorge Maidana <jorgem.linux(a)gmail.com> fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Shuming Fan <shumingf(a)realtek.com> ASoC: rt5650: fix the wrong result of key button Florian Westphal <fw(a)strlen.de> netfilter: nfnetlink_log: silence bogus compiler warning William A. Kennington III <william(a)wkennington.com> spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 Arnd Bergmann <arnd(a)arndb.de> fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Zhang Shurong <zhang_shurong(a)foxmail.com> dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe Ben Wolsieffer <ben.wolsieffer(a)hefring.com> irqchip/stm32-exti: add missing DT IRQ flag translation Gustavo A. R. Silva <gustavoars(a)kernel.org> net: sched: cls_u32: Fix allocation size in u32_init() Juergen Gross <jgross(a)suse.com> x86: Fix .brk attribute in linker script Hangyu Hua <hbh25y(a)gmail.com> rpmsg: Fix possible refcount leak in rpmsg_register_device_override() Bjorn Andersson <quic_bjorande(a)quicinc.com> rpmsg: glink: Release driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix calling device_lock() on non-initialized device Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix kfree() of static memory on setting driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Constify local variable in field store macro Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> driver: platform: Add helper for safer setting of driver_override John Sperbeck <jsperbeck(a)google.com> objtool/x86: add missing embedded_insn check Baokun Li <libaokun1(a)huawei.com> ext4: avoid overlapping preallocations due to overflow Baokun Li <libaokun1(a)huawei.com> ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow Baokun Li <libaokun1(a)huawei.com> ext4: add two helper functions extent_logical_end() and pa_logical_end() Josh Poimboeuf <jpoimboe(a)kernel.org> x86/mm: Fix RESERVE_BRK() for older binutils Josh Poimboeuf <jpoimboe(a)redhat.com> x86/mm: Simplify RESERVE_BRK() Chao Yu <chao(a)kernel.org> f2fs: fix to do sanity check on inode type during garbage collection Steve French <stfrench(a)microsoft.com> smbdirect: missing rc checks while waiting for rdma events Wang Hai <wanghai38(a)huawei.com> kobject: Fix slab-out-of-bounds in fill_kobj_path() Thomas Gleixner <tglx(a)linutronix.de> x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility Robert Hancock <robert.hancock(a)calian.com> iio: adc: xilinx-xadc: Don't clobber preset voltage/temperature thresholds Bartosz Golaszewski <bgolaszewski(a)baylibre.com> iio: adc: xilinx: use more devres helpers and remove remove() Bartosz Golaszewski <bgolaszewski(a)baylibre.com> iio: adc: xilinx: use devm_krealloc() instead of kfree() + kcalloc() Bartosz Golaszewski <bgolaszewski(a)baylibre.com> iio: adc: xilinx: use helper variable for &pdev->dev Alessandro Carminati <alessandro.carminati(a)gmail.com> clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name Al Viro <viro(a)zeniv.linux.org.uk> sparc32: fix a braino in fault handling in csum_and_copy_..._user() Peter Zijlstra <peterz(a)infradead.org> perf/core: Fix potential NULL deref Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6UL Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6SLL Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6ULL Ekansh Gupta <quic_ekangupt(a)quicinc.com> misc: fastrpc: Clean buffers on remote invocation failures Yujie Liu <yujie.liu(a)intel.com> tracing/kprobes: Fix the description of variable length arguments Jian Zhang <zhangjian.3032(a)bytedance.com> i2c: aspeed: Fix i2c bus hang in slave read Alain Volmat <alain.volmat(a)foss.st.com> i2c: stm32f7: Fix PEC handling in case of SMBUS transfers Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() Marek Szyprowski <m.szyprowski(a)samsung.com> iio: exynos-adc: request second interupt only when touchscreen mode is used Haibo Li <haibo.li(a)mediatek.com> kasan: print the original fault addr when access invalid shadow Ivan Vecera <ivecera(a)redhat.com> i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: fix fragmentation needed check with gso Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: uapi: fix GTPA_MAX Fred Chen <fred.chenchen03(a)gmail.com> tcp: fix wrong RTO timeout when received SACK reneging Douglas Anderson <dianders(a)chromium.org> r8152: Release firmware if we have an error in probe Douglas Anderson <dianders(a)chromium.org> r8152: Cancel hw_phy_work if we have an error in probe Douglas Anderson <dianders(a)chromium.org> r8152: Run the unload routine if we have errors during probe Douglas Anderson <dianders(a)chromium.org> r8152: Increase USB control msg timeout to 5000ms as per spec Shigeru Yoshida <syoshida(a)redhat.com> net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() Sasha Neftin <sasha.neftin(a)intel.com> igc: Fix ambiguity in the ethtool advertising Eric Dumazet <edumazet(a)google.com> neighbour: fix various data-races Mateusz Palczewski <mateusz.palczewski(a)intel.com> igb: Fix potential memory leak in igb_add_ethtool_nfc_entry Kunwu Chan <chentao(a)kylinos.cn> treewide: Spelling fix in comment Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 Lukasz Majczak <lma(a)semihalf.com> drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() Wolfram Sang <wsa+renesas(a)sang-engineering.com> mmc: renesas_sdhi: use custom mask for TMIO_MASK_ALL Kemeng Shi <shikemeng(a)huaweicloud.com> mm/page_alloc: correct start page when guard page debug is enabled Maximilian Heyne <mheyne(a)amazon.de> virtio-mmio: fix memory leak of vm_dev Gavin Shan <gshan(a)redhat.com> virtio_balloon: Fix endless deflation and inflation on arm64 Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb-lpc: Reallocate memory region to avoid memory overlapping Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb: Return actual parsed size when reading chameleon table Francis Laniel <flaniel(a)linux.microsoft.com> selftests/ftrace: Add new test case which checks non unique symbol ------------- Diffstat: Makefile | 4 +- arch/powerpc/kernel/setup-common.c | 2 + arch/powerpc/mm/mem.c | 1 - arch/sparc/lib/checksum_32.S | 2 +- arch/x86/include/asm/i8259.h | 2 + arch/x86/include/asm/setup.h | 46 +-- arch/x86/kernel/acpi/boot.c | 3 + arch/x86/kernel/i8259.c | 38 +- arch/x86/kernel/setup.c | 5 - arch/x86/kernel/vmlinux.lds.S | 2 +- drivers/base/driver.c | 69 ++++ drivers/base/platform.c | 28 +- drivers/clk/clk.c | 21 +- drivers/dma/ste_dma40.c | 1 + drivers/gpu/drm/drm_dp_mst_topology.c | 6 +- drivers/i2c/busses/i2c-aspeed.c | 3 +- drivers/i2c/busses/i2c-stm32f7.c | 9 +- drivers/i2c/muxes/i2c-demux-pinctrl.c | 2 +- drivers/i2c/muxes/i2c-mux-gpmux.c | 2 +- drivers/i2c/muxes/i2c-mux-pinctrl.c | 2 +- drivers/iio/adc/exynos_adc.c | 24 +- drivers/iio/adc/xilinx-xadc-core.c | 179 ++++----- drivers/input/mouse/synaptics.c | 1 + drivers/input/rmi4/rmi_smbus.c | 50 ++- drivers/irqchip/irq-stm32-exti.c | 1 + drivers/mcb/mcb-lpc.c | 35 +- drivers/mcb/mcb-parse.c | 15 +- drivers/misc/fastrpc.c | 10 +- drivers/mmc/host/renesas_sdhi_core.c | 3 +- drivers/mmc/host/tmio_mmc.h | 2 +- drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 + drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 +- drivers/net/ethernet/intel/igb/igb_ethtool.c | 6 +- drivers/net/ethernet/intel/igc/igc_ethtool.c | 35 +- drivers/net/ethernet/realtek/r8169_main.c | 4 +- drivers/net/ethernet/toshiba/ps3_gelic_wireless.c | 2 +- drivers/net/gtp.c | 5 +- drivers/net/ieee802154/adf7242.c | 5 +- drivers/net/usb/r8152.c | 11 +- drivers/net/usb/smsc95xx.c | 4 +- drivers/nvmem/imx-ocotp.c | 6 +- drivers/pci/quirks.c | 8 +- drivers/platform/mellanox/mlxbf-tmfifo.c | 21 +- drivers/rpmsg/qcom_glink_native.c | 2 + drivers/rpmsg/rpmsg_core.c | 37 +- drivers/rpmsg/rpmsg_internal.h | 5 +- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 +- drivers/spi/spi-npcm-fiu.c | 5 +- drivers/tty/serial/8250/8250_pci.c | 122 +++++- drivers/usb/gadget/legacy/raw_gadget.c | 26 +- drivers/usb/storage/unusual_cypress.h | 2 +- drivers/video/fbdev/aty/atyfb_base.c | 4 + drivers/video/fbdev/uvesafb.c | 2 +- drivers/virtio/virtio_balloon.c | 6 +- drivers/virtio/virtio_mmio.c | 19 +- fs/cifs/smbdirect.c | 14 +- fs/ext4/mballoc.c | 51 +-- fs/ext4/mballoc.h | 14 + fs/f2fs/gc.c | 3 +- include/linux/device/driver.h | 2 + include/linux/kasan.h | 6 +- include/linux/pci_ids.h | 1 + include/linux/platform_device.h | 6 +- include/linux/rpmsg.h | 14 +- include/uapi/linux/can/isotp.h | 25 +- include/uapi/linux/gtp.h | 2 +- kernel/events/core.c | 3 +- kernel/trace/trace_kprobe.c | 4 +- lib/kobject.c | 12 +- mm/kasan/report.c | 4 +- mm/page_alloc.c | 2 +- net/can/isotp.c | 446 +++++++++++++-------- net/core/neighbour.c | 67 ++-- net/ipv4/tcp_input.c | 9 +- net/netfilter/nfnetlink_log.c | 2 +- net/sched/cls_u32.c | 2 +- sound/hda/intel-dsp-config.c | 6 + sound/soc/codecs/rt5645.c | 2 + tools/objtool/check.c | 2 +- .../ftrace/test.d/kprobe/kprobe_non_uniq_symbol.tc | 13 + 80 files changed, 1053 insertions(+), 572 deletions(-)

1 year, 7 months

6
5
0 0

stable/linux-4.19.y baseline: 123 runs, 7 regressions (v4.19.298)

by kernelci.org bot

stable/linux-4.19.y baseline: 123 runs, 7 regressions (v4.19.298) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ------------------------+-------+--------------+----------+---------------------+------------ beaglebone-black | arm | lab-broonie | gcc-10 | omap2plus_defconfig | 1 beaglebone-black | arm | lab-cip | gcc-10 | omap2plus_defconfig | 1 meson-gxl-s905d-p230 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 meson-gxm-q200 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 sun50i-a64-bananapi-m64 | arm64 | lab-clabbe | gcc-10 | defconfig | 1 sun50i-a64-pine64-plus | arm64 | lab-baylibre | gcc-10 | defconfig | 1 sun50i-a64-pine64-plus | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/job/stable/branch/linux-4.19.y/kernel/v4.19.298/p… Test: baseline Tree: stable Branch: linux-4.19.y Describe: v4.19.298 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git SHA: aa8663e85da65e4b92ac82208059c173cb42c3bd Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ------------------------+-------+--------------+----------+---------------------+------------ beaglebone-black | arm | lab-broonie | gcc-10 | omap2plus_defconfig | 1 Details: https://kernelci.org/test/plan/id/654b68bc1f8293d26befcf02 Results: 41 PASS, 10 FAIL, 1 SKIP Full config: omap2plus_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm/omap2plus_d… HTML log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm/omap2plus_d… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/654b68bc1f8293d26befcf38 new failure (last pass: v4.19.296) 2023-11-08T10:53:11.611055 + set +x<8>[ 17.633632] <LAVA_SIGNAL_ENDRUN 0_dmesg 225911_1.5.2.4.1> 2023-11-08T10:53:11.611372 2023-11-08T10:53:11.721847 / # # 2023-11-08T10:53:11.823841 export SHELL=/bin/sh 2023-11-08T10:53:11.824346 # 2023-11-08T10:53:11.925654 / # export SHELL=/bin/sh. /lava-225911/environment 2023-11-08T10:53:11.926263 2023-11-08T10:53:12.027953 / # . /lava-225911/environment/lava-225911/bin/lava-test-runner /lava-225911/1 2023-11-08T10:53:12.028824 2023-11-08T10:53:12.033438 / # /lava-225911/bin/lava-test-runner /lava-225911/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions ------------------------+-------+--------------+----------+---------------------+------------ beaglebone-black | arm | lab-cip | gcc-10 | omap2plus_defconfig | 1 Details: https://kernelci.org/test/plan/id/654b68b9ca167c2d34efcefd Results: 41 PASS, 10 FAIL, 1 SKIP Full config: omap2plus_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm/omap2plus_d… HTML log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm/omap2plus_d… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/654b68b9ca167c2d34efcf26 new failure (last pass: v4.19.296) 2023-11-08T10:53:05.652906 + set +x<8>[ 10.583490] <LAVA_SIGNAL_ENDRUN 0_dmesg 1034998_1.5.2.4.1> 2023-11-08T10:53:05.653335 2023-11-08T10:53:05.767374 / # # 2023-11-08T10:53:05.869475 export SHELL=/bin/sh 2023-11-08T10:53:05.870123 # 2023-11-08T10:53:05.971440 / # export SHELL=/bin/sh. /lava-1034998/environment 2023-11-08T10:53:05.972096 2023-11-08T10:53:06.073399 / # . /lava-1034998/environment/lava-1034998/bin/lava-test-runner /lava-1034998/1 2023-11-08T10:53:06.074481 2023-11-08T10:53:06.081378 / # /lava-1034998/bin/lava-test-runner /lava-1034998/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions ------------------------+-------+--------------+----------+---------------------+------------ meson-gxl-s905d-p230 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/654b685f802936aa97efcef4 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm64/defconfig… HTML log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm64/defconfig… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/654b685f802936aa97efcefd new failure (last pass: v4.19.297) 2023-11-08T10:51:55.809523 + set +x<8>[ 68.460772] <LAVA_SIGNAL_ENDRUN 0_dmesg 3827259_1.5.2.4.1> 2023-11-08T10:51:55.809693 2023-11-08T10:51:55.914901 / # # 2023-11-08T10:51:56.017216 export SHELL=/bin/sh 2023-11-08T10:51:56.017566 # 2023-11-08T10:51:56.017711 / # <4>[ 68.590924] ------------[ cut here ]------------ 2023-11-08T10:51:56.017818 <4>[ 68.590995] WARNING: CPU: 0 PID: 0 at drivers/mmc/host/meson-gx-mmc.c:1040 meson_mmc_irq+0x1c8/0x1dc 2023-11-08T10:51:56.017933 <4>[ 68.599484] Modules linked in: ipv6 dwmac_generic realtek meson_gxl meson_dw_hdmi dw_hdmi meson_rng meson_drm drm_kms_helper crc32_ce crct10dif_ce rng_core meson_ir drm rc_core dwmac_meson8b stmmac_platform stmmac pwm_meson meson_gxbb_wdt drm_panel_orientation_quirks adc_keys nvmem_meson_efuse input_polldev 2023-11-08T10:51:56.018043 <4>[ 68.626743] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 4.19.298 #1 2023-11-08T10:51:56.018142 <4>[ 68.634415] Hardware name: Amlogic Meson GXL (S905D) P230 Development Board (DT) ... (239 line(s) more) platform | arch | lab | compiler | defconfig | regressions ------------------------+-------+--------------+----------+---------------------+------------ meson-gxm-q200 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/654b680dfee4ff488eefcf1e Results: 5 PASS, 1 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm64/defconfig… HTML log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm64/defconfig… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.dmesg.emerg: https://kernelci.org/test/case/id/654b680dfee4ff488eefcf21 new failure (last pass: v4.19.288) 1 lines 2023-11-08T10:50:29.382229 <4>[ 49.606920] WARNING: CPU: 0 PID: 0 at drivers/mmc/host/meson-gx-mmc.c:1040 meson_mmc_irq+0x1c8/0x1dc 2023-11-08T10:50:29.422411 <4>[ 49.615392] Modules linked in: ipv6 realtek meson_gxl dwmac_generic meson_dw_hdmi meson_drm dw_hdmi drm_kms_helper drm meson_gxbb_wdt meson_ir crc32_ce dwmac_meson8b stmmac_platform adc_keys meson_rng input_polldev rc_core rng_core crct10dif_ce pwm_meson stmmac drm_panel_orientation_quirks nvmem_meson_efuse 2023-11-08T10:50:29.423836 <4>[ 49.642651] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 4.19.298 #1 2023-11-08T10:50:29.424473 <4>[ 49.650323] Hardware name: Amlogic Meson GXM (S912) Q200 Development Board (DT) 2023-11-08T10:50:29.424773 <4>[ 49.657828] pstate: 60000085 (nZCv daIf -PAN -UAO) 2023-11-08T10:50:29.425285 <4>[ 49.662830] pc : meson_mmc_irq+0x1c8/0x1dc 2023-11-08T10:50:29.425575 <4>[ 49.667142] lr : meson_mmc_irq+0x1c8/0x1dc 2023-11-08T10:50:29.425844 <4>[ 49.671453] sp : ffff000008003cc0 2023-11-08T10:50:29.464936 <4>[ 49.674989] x29: ffff000008003cc0 x28: 0000000000000080 2023-11-08T10:50:29.465715 <4>[ 49.680509] x27: 0000000000000001 x26: ffff000008ee7e88 ... (35 line(s) more) platform | arch | lab | compiler | defconfig | regressions ------------------------+-------+--------------+----------+---------------------+------------ sun50i-a64-bananapi-m64 | arm64 | lab-clabbe | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/654b67b9c7c551cab8efcf5f Results: 7 PASS, 11 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm64/defconfig… HTML log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm64/defconfig… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/654b67b9c7c551cab8efcf74 failing since 293 days (last pass: v4.19.268, first fail: v4.19.270) 2023-11-08T10:49:04.104119 + set +x 2023-11-08T10:49:04.106122 <8>[ 17.151504] <LAVA_SIGNAL_ENDRUN 0_dmesg 443196_1.5.2.4.1> 2023-11-08T10:49:04.213137 / # # 2023-11-08T10:49:04.314901 export SHELL=/bin/sh 2023-11-08T10:49:04.315525 # 2023-11-08T10:49:04.416593 / # export SHELL=/bin/sh. /lava-443196/environment 2023-11-08T10:49:04.417211 2023-11-08T10:49:04.417501 / # <3>[ 17.369743] brcmfmac: brcmf_sdio_htclk: HT Avail timeout (1000000): clkctl 0x50 2023-11-08T10:49:04.518524 . /lava-443196/environment/lava-443196/bin/lava-test-runner /lava-443196/1 2023-11-08T10:49:04.519958 ... (13 line(s) more) platform | arch | lab | compiler | defconfig | regressions ------------------------+-------+--------------+----------+---------------------+------------ sun50i-a64-pine64-plus | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/654b6902e1eb52bc6eefcefb Results: 23 PASS, 16 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm64/defconfig… HTML log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm64/defconfig… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/654b6902e1eb52bc6eefcf15 failing since 275 days (last pass: v4.19.268, first fail: v4.19.272) 2023-11-08T10:53:29.618277 <8>[ 15.950879] <LAVA_SIGNAL_ENDRUN 0_dmesg 3827250_1.5.2.4.1> 2023-11-08T10:53:29.727512 / # # 2023-11-08T10:53:29.830914 export SHELL=/bin/sh 2023-11-08T10:53:29.832128 # 2023-11-08T10:53:29.934108 / # export SHELL=/bin/sh. /lava-3827250/environment 2023-11-08T10:53:29.935299 2023-11-08T10:53:30.037293 / # . /lava-3827250/environment/lava-3827250/bin/lava-test-runner /lava-3827250/1 2023-11-08T10:53:30.038958 2023-11-08T10:53:30.043873 / # /lava-3827250/bin/lava-test-runner /lava-3827250/1 2023-11-08T10:53:30.087582 + export 'TESTRUN_ID=1_bootrr' ... (11 line(s) more) platform | arch | lab | compiler | defconfig | regressions ------------------------+-------+--------------+----------+---------------------+------------ sun50i-a64-pine64-plus | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/654b67dfd67c14dfb1efcf17 Results: 23 PASS, 16 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm64/defconfig… HTML log: https://storage.kernelci.org//stable/linux-4.19.y/v4.19.298/arm64/defconfig… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/654b67dfd67c14dfb1efcf40 failing since 275 days (last pass: v4.19.268, first fail: v4.19.272) 2023-11-08T10:49:25.222159 <8>[ 15.955116] <LAVA_SIGNAL_ENDRUN 0_dmesg 225900_1.5.2.4.1> 2023-11-08T10:49:25.327743 / # # 2023-11-08T10:49:25.429722 export SHELL=/bin/sh 2023-11-08T10:49:25.430297 # 2023-11-08T10:49:25.531943 / # export SHELL=/bin/sh. /lava-225900/environment 2023-11-08T10:49:25.532475 2023-11-08T10:49:25.634111 / # . /lava-225900/environment/lava-225900/bin/lava-test-runner /lava-225900/1 2023-11-08T10:49:25.634825 2023-11-08T10:49:25.638933 / # /lava-225900/bin/lava-test-runner /lava-225900/1 2023-11-08T10:49:25.670355 + export 'TESTRUN_ID=1_bootrr' ... (11 line(s) more)

1 year, 7 months

1
0
0 0

stable/linux-6.1.y build: 20 builds: 0 failed, 20 passed, 1 warning (v6.1.62)

by kernelci.org bot

stable/linux-6.1.y build: 20 builds: 0 failed, 20 passed, 1 warning (v6.1.62) Full Build Summary: https://kernelci.org/build/stable/branch/linux-6.1.y/kernel/v6.1.62/ Tree: stable Branch: linux-6.1.y Git Describe: v6.1.62 Git Commit: fb2635ac69abac0060cc2be2873dc4f524f12e66 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git Built: 7 unique architectures Warnings Detected: arc: arm64: arm: i386: mips: 32r2el_defconfig (gcc-10): 1 warning riscv: x86_64: Warnings summary: 1 arch/mips/boot/dts/img/boston.dts:128.19-178.5: Warning (pci_device_reg): /pci@14000000/pci2_root@0,0,0: PCI unit address format error, expected "0,0" ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: arch/mips/boot/dts/img/boston.dts:128.19-178.5: Warning (pci_device_reg): /pci@14000000/pci2_root@0,0,0: PCI unit address format error, expected "0,0" -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_sdcard_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rv32_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+x86-board (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

1 year, 7 months

1
0
0 0

Linux 6.1.62

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.62 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/loongarch/mm/init.c | 9 arch/powerpc/kernel/head_85xx.S | 2 arch/powerpc/kernel/setup-common.c | 2 arch/powerpc/mm/mem.c | 1 arch/x86/kvm/svm/svm.c | 3 drivers/dma/ste_dma40.c | 1 drivers/firmware/efi/efi.c | 8 drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c | 5 drivers/gpu/drm/ttm/ttm_device.c | 8 drivers/hwtracing/coresight/coresight-tmc-etr.c | 3 drivers/input/mouse/synaptics.c | 1 drivers/input/rmi4/rmi_smbus.c | 50 ++- drivers/irqchip/irq-riscv-intc.c | 10 drivers/irqchip/irq-stm32-exti.c | 1 drivers/misc/pci_endpoint_test.c | 4 drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 drivers/net/usb/r8152.c | 7 drivers/pci/quirks.c | 8 drivers/platform/mellanox/mlxbf-tmfifo.c | 21 - drivers/power/supply/power_supply_core.c | 8 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 drivers/spi/spi-npcm-fiu.c | 5 drivers/tty/n_gsm.c | 2 drivers/tty/serial/8250/8250_pci.c | 327 +++++++++++++++++++++++- drivers/usb/gadget/legacy/raw_gadget.c | 26 + drivers/usb/storage/unusual_cypress.h | 2 drivers/usb/typec/tcpm/tcpm.c | 3 drivers/video/fbdev/aty/atyfb_base.c | 4 drivers/video/fbdev/omap/omapfb_main.c | 4 drivers/video/fbdev/uvesafb.c | 2 fs/ceph/mds_client.c | 2 fs/ntfs3/attrib.c | 6 fs/ntfs3/attrlist.c | 15 - fs/ntfs3/bitmap.c | 3 fs/ntfs3/dir.c | 6 fs/ntfs3/frecord.c | 8 fs/ntfs3/fslog.c | 6 fs/ntfs3/fsntfs.c | 13 fs/ntfs3/super.c | 2 include/drm/gpu_scheduler.h | 3 include/linux/pci_ids.h | 1 include/linux/power_supply.h | 2 io_uring/rw.c | 2 mm/mempolicy.c | 4 mm/mmap.c | 15 + net/netfilter/nf_tables_api.c | 50 ++- net/netfilter/nfnetlink_log.c | 2 net/sched/cls_u32.c | 2 sound/hda/intel-dsp-config.c | 6 sound/soc/codecs/rt5645.c | 2 sound/soc/codecs/tas2780.c | 2 sound/soc/codecs/tlv320adc3xxx.c | 4 sound/soc/generic/simple-card.c | 6 sound/soc/sof/sof-pci-dev.c | 7 sound/usb/quirks.c | 2 tools/perf/util/evlist.c | 5 tools/testing/selftests/netfilter/nft_audit.sh | 46 +++ 59 files changed, 619 insertions(+), 143 deletions(-) Al Viro (2): io_uring: kiocb_done() should *not* trust ->ki_pos if ->{read,write}_iter() failed ceph_wait_on_conflict_unlink(): grab reference before dropping ->d_lock Andrey Konovalov (1): usb: raw-gadget: properly handle interrupted requests Antoine Gennart (1): ASoC: tlv320adc3xxx: BUG: Correct micbias setting Anup Patel (1): irqchip/riscv-intc: Mark all INTC nodes as initialized Arnd Bergmann (1): fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Ben Wolsieffer (1): irqchip/stm32-exti: add missing DT IRQ flag translation Cameron Williams (9): tty: 8250: Remove UC-257 and UC-431 tty: 8250: Add support for additional Brainboxes UC cards tty: 8250: Add support for Brainboxes UP cards tty: 8250: Add support for Intashield IS-100 tty: 8250: Fix port count of PX-257 tty: 8250: Fix up PX-803/PX-857 tty: 8250: Add support for additional Brainboxes PX cards tty: 8250: Add support for Intashield IX cards tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks Christophe Leroy (1): powerpc/85xx: Fix math emulation exception Dan Carpenter (1): fbdev: omapfb: fix some error codes Daniel Starke (1): tty: n_gsm: fix race condition in status line change on dead connections Dmitry Torokhov (1): Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Douglas Anderson (2): r8152: Check for unplug in rtl_phy_patch_request() r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en() Felix Kuehling (1): drm/amdgpu: Reserve fences for VM update Florian Westphal (1): netfilter: nfnetlink_log: silence bogus compiler warning Gabriel Marcano (1): fs/ntfs3: Fix directory element type detection Greg Kroah-Hartman (1): Linux 6.1.62 Gustavo A. R. Silva (1): net: sched: cls_u32: Fix allocation size in u32_init() Huacai Chen (2): LoongArch: Export symbol invalid_pud_table for modules building LoongArch: Replace kmap_atomic() with kmap_local_page() in copy_user_highpage() Ian Rogers (1): perf evlist: Avoid frequency mode for the dummy event Jimmy Hu (1): usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() Jorge Maidana (1): fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Kai-Heng Feng (1): power: supply: core: Use blocking_notifier_call_chain to avoid RCU complaint Karolina Stolarek (1): drm/ttm: Reorder sys manager cleanup step Konstantin Komarov (5): fs/ntfs3: Add ckeck in ni_update_parent() fs/ntfs3: Write immediately updated ntfs state fs/ntfs3: Use kvmalloc instead of kmalloc(... __GFP_NOWARN) fs/ntfs3: Fix possible NULL-ptr-deref in ni_readpage_cmpr() fs/ntfs3: Fix NULL pointer dereference on error in attr_allocate_frame() Kuan-Wei Chiu (1): efi: fix memory leak in krealloc failure handling Kuninori Morimoto (1): ASoC: simple-card: fixup asoc_simple_probe() error handling Liam R. Howlett (2): mm/mempolicy: fix set_mempolicy_home_node() previous VMA pointer mmap: fix error paths with dup_anon_vma() LihaSika (1): usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Liming Sun (1): platform/mellanox: mlxbf-tmfifo: Fix a warning message Luben Tuikov (2): drm/amdgpu: Unset context priority is now invalid gpu/drm: Eliminate DRM_SCHED_PRIORITY_UNSET Mark Hasemeyer (2): ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection ASoC: SOF: sof-pci-dev: Fix community key quirk detection Max McCarthy (1): ALSA: usb-audio: add quirk flag to enable native DSD for McIntosh devices Maxim Levitsky (1): x86: KVM: SVM: always update the x2avic msr interception Michael Ellerman (1): powerpc/mm: Fix boot crash with FLATMEM Phil Sutter (1): netfilter: nf_tables: audit log object reset once per table Roy Chateau (1): ASoC: codecs: tas2780: Fix log of failed reset via I2C. Shuming Fan (1): ASoC: rt5650: fix the wrong result of key button Siddharth Vadapalli (1): misc: pci_endpoint_test: Add deviceID for J721S2 PCIe EP device support Su Hui (2): fs/ntfs3: Avoid possible memory leak net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Suzuki K Poulose (1): coresight: tmc-etr: Disable warnings for allocation failures Tomas Henzl (1): scsi: mpt3sas: Fix in error path Vicki Pfau (1): PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device William A. Kennington III (1): spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 Zhang Shurong (1): dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe

1 year, 7 months

1
1
0 0

Linux 6.5.11

by Greg Kroah-Hartman

I'm announcing the release of the 6.5.11 kernel. All users of the 6.5 kernel series must upgrade. The updated 6.5.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.5.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/serial/rs485.yaml | 4 Makefile | 2 arch/arm64/boot/dts/freescale/imx93.dtsi | 4 arch/loongarch/include/asm/io.h | 5 arch/loongarch/include/asm/linkage.h | 8 arch/loongarch/include/asm/pgtable-bits.h | 4 arch/loongarch/kernel/entry.S | 4 arch/loongarch/kernel/genex.S | 16 arch/loongarch/kernel/setup.c | 10 arch/loongarch/mm/init.c | 9 arch/loongarch/mm/tlbex.S | 36 - arch/powerpc/kernel/head_85xx.S | 2 arch/powerpc/kernel/setup-common.c | 2 arch/powerpc/mm/mem.c | 1 arch/riscv/boot/dts/thead/th1520.dtsi | 1 arch/s390/boot/vmem.c | 7 drivers/ata/pata_parport/fit3.c | 14 drivers/ata/pata_parport/pata_parport.c | 68 ++ drivers/bluetooth/hci_bcm4377.c | 5 drivers/dma/ste_dma40.c | 1 drivers/firmware/efi/efi.c | 8 drivers/firmware/efi/libstub/x86-stub.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c | 5 drivers/gpu/drm/amd/display/dc/dce/dce_dmcu.c | 3 drivers/gpu/drm/amd/display/dc/dce/dmub_psr.c | 3 drivers/gpu/drm/ttm/ttm_device.c | 8 drivers/hwtracing/coresight/coresight-tmc-etr.c | 3 drivers/input/mouse/synaptics.c | 1 drivers/input/rmi4/rmi_smbus.c | 50 +- drivers/irqchip/irq-riscv-intc.c | 10 drivers/irqchip/irq-stm32-exti.c | 1 drivers/media/i2c/ov8858.c | 10 drivers/misc/pci_endpoint_test.c | 4 drivers/net/can/flexcan/flexcan-core.c | 46 - drivers/net/can/flexcan/flexcan.h | 2 drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en/rep/bridge.c | 11 drivers/net/ethernet/mellanox/mlx5/core/esw/bridge.c | 25 + drivers/net/ethernet/mellanox/mlx5/core/esw/bridge.h | 3 drivers/net/ethernet/mellanox/mlx5/core/esw/bridge_priv.h | 1 drivers/net/usb/r8152.c | 7 drivers/pci/quirks.c | 8 drivers/platform/mellanox/mlxbf-tmfifo.c | 21 drivers/power/supply/power_supply_core.c | 8 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 drivers/spi/spi-npcm-fiu.c | 5 drivers/tty/n_gsm.c | 2 drivers/tty/serial/8250/8250_pci.c | 327 +++++++++++++- drivers/tty/serial/serial_core.c | 2 drivers/usb/gadget/legacy/raw_gadget.c | 26 - drivers/usb/storage/unusual_cypress.h | 2 drivers/usb/typec/tcpm/tcpm.c | 5 drivers/video/fbdev/aty/atyfb_base.c | 4 drivers/video/fbdev/omap/omapfb_main.c | 4 drivers/video/fbdev/uvesafb.c | 2 fs/ceph/mds_client.c | 2 fs/ntfs3/attrib.c | 6 fs/ntfs3/attrlist.c | 15 fs/ntfs3/bitmap.c | 3 fs/ntfs3/dir.c | 6 fs/ntfs3/frecord.c | 8 fs/ntfs3/fslog.c | 6 fs/ntfs3/fsntfs.c | 13 fs/ntfs3/record.c | 68 ++ fs/ntfs3/super.c | 33 + include/drm/gpu_scheduler.h | 3 include/linux/pci_ids.h | 1 include/linux/power_supply.h | 2 include/sound/soc-dapm.h | 1 include/sound/soc.h | 2 io_uring/rw.c | 2 mm/mmap.c | 40 + net/netfilter/nf_tables_api.c | 50 +- net/netfilter/nfnetlink_log.c | 2 net/sched/cls_u32.c | 2 rust/kernel/types.rs | 21 sound/hda/intel-dsp-config.c | 6 sound/soc/codecs/da7219-aad.c | 11 sound/soc/codecs/rt5645.c | 2 sound/soc/codecs/tas2780.c | 2 sound/soc/codecs/tlv320adc3xxx.c | 4 sound/soc/fsl/fsl-asoc-card.c | 12 sound/soc/generic/simple-card.c | 6 sound/soc/intel/boards/sof_sdw.c | 10 sound/soc/soc-component.c | 1 sound/soc/soc-core.c | 20 sound/soc/soc-dapm.c | 12 sound/soc/sof/sof-pci-dev.c | 7 sound/usb/quirks.c | 2 tools/perf/util/evlist.c | 5 tools/testing/selftests/netfilter/nft_audit.sh | 46 + 92 files changed, 972 insertions(+), 296 deletions(-) Al Viro (2): io_uring: kiocb_done() should *not* trust ->ki_pos if ->{read,write}_iter() failed ceph_wait_on_conflict_unlink(): grab reference before dropping ->d_lock Alice Ryhl (1): rust: make `UnsafeCell` the outer type in `Opaque` Amadeusz Sławiński (1): ASoC: core: Do not call link_exit() on uninitialized rtd objects Andrey Konovalov (1): usb: raw-gadget: properly handle interrupted requests Antoine Gennart (1): ASoC: tlv320adc3xxx: BUG: Correct micbias setting Anup Patel (1): irqchip/riscv-intc: Mark all INTC nodes as initialized Arnd Bergmann (1): fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Badhri Jagan Sridharan (1): usb: typec: tcpm: Add additional checks for contaminant Ben Wolsieffer (1): irqchip/stm32-exti: add missing DT IRQ flag translation Benno Lossin (1): rust: types: make `Opaque` be `!Unpin` Cameron Williams (9): tty: 8250: Remove UC-257 and UC-431 tty: 8250: Add support for additional Brainboxes UC cards tty: 8250: Add support for Brainboxes UP cards tty: 8250: Add support for Intashield IS-100 tty: 8250: Fix port count of PX-257 tty: 8250: Fix up PX-803/PX-857 tty: 8250: Add support for additional Brainboxes PX cards tty: 8250: Add support for Intashield IX cards tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks Christophe Leroy (1): powerpc/85xx: Fix math emulation exception Dan Carpenter (1): fbdev: omapfb: fix some error codes Daniel Starke (1): tty: n_gsm: fix race condition in status line change on dead connections David Rau (1): ASoC: da7219: Correct the process of setting up Gnd switch in AAD Dmitry Torokhov (1): Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Douglas Anderson (2): r8152: Check for unplug in rtl_phy_patch_request() r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en() Felix Kuehling (1): drm/amdgpu: Reserve fences for VM update Florian Westphal (1): netfilter: nfnetlink_log: silence bogus compiler warning Francesco Dolcini (1): dt-bindings: serial: rs485: Add rs485-rts-active-high Gabriel Marcano (1): fs/ntfs3: Fix directory element type detection Greg Kroah-Hartman (1): Linux 6.5.11 Gustavo A. R. Silva (1): net: sched: cls_u32: Fix allocation size in u32_init() Haibo Chen (2): arm64: dts: imx93: add the Flex-CAN stop mode by GPR can: flexcan: remove the auto stop mode for IMX93 Huacai Chen (2): LoongArch: Export symbol invalid_pud_table for modules building LoongArch: Replace kmap_atomic() with kmap_local_page() in copy_user_highpage() Ian Rogers (1): perf evlist: Avoid frequency mode for the dummy event Icenowy Zheng (1): LoongArch: Disable WUC for pgprot_writecombine() like ioremap_wc() Janne Grunau (1): Bluetooth: hci_bcm4377: Mark bcm4378/bcm4387 as BROKEN_LE_CODED Jimmy Hu (1): usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() Jisheng Zhang (1): riscv: dts: thead: set dma-noncoherent to soc bus Jorge Maidana (1): fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Kai-Heng Feng (1): power: supply: core: Use blocking_notifier_call_chain to avoid RCU complaint Karolina Stolarek (1): drm/ttm: Reorder sys manager cleanup step Konstantin Komarov (9): fs/ntfs3: Add ckeck in ni_update_parent() fs/ntfs3: Write immediately updated ntfs state fs/ntfs3: Use kvmalloc instead of kmalloc(... __GFP_NOWARN) fs/ntfs3: Add more attributes checks in mi_enum_attr() fs/ntfs3: Fix alternative boot searching fs/ntfs3: Add more info into /proc/fs/ntfs3/<dev>/volinfo fs/ntfs3: Do not allow to change label if volume is read-only fs/ntfs3: Fix possible NULL-ptr-deref in ni_readpage_cmpr() fs/ntfs3: Fix NULL pointer dereference on error in attr_allocate_frame() Krzysztof Kozlowski (1): ASoC: soc-dapm: Add helper for comparing widget name Kuan-Wei Chiu (1): efi: fix memory leak in krealloc failure handling Kuninori Morimoto (1): ASoC: simple-card: fixup asoc_simple_probe() error handling Liam R. Howlett (2): mmap: fix vma_iterator in error path of vma_merge() mmap: fix error paths with dup_anon_vma() LihaSika (1): usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Liming Sun (1): platform/mellanox: mlxbf-tmfifo: Fix a warning message Luben Tuikov (2): drm/amdgpu: Unset context priority is now invalid gpu/drm: Eliminate DRM_SCHED_PRIORITY_UNSET Mark Hasemeyer (2): ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection ASoC: SOF: sof-pci-dev: Fix community key quirk detection Max McCarthy (1): ALSA: usb-audio: add quirk flag to enable native DSD for McIntosh devices Michael Ellerman (1): powerpc/mm: Fix boot crash with FLATMEM Nicholas Kazlauskas (1): drm/amd/display: Don't use fsleep for PSR exit waits Nikolay Borisov (1): x86/efistub: Don't try to print after ExitBootService() Ondrej Jirman (1): media: i2c: ov8858: Don't set fwnode in the driver Ondrej Zary (2): ata: pata_parport: add custom version of wait_after_reset ata: pata_parport: fit3: implement IDE command set registers Phil Sutter (1): netfilter: nf_tables: audit log object reset once per table Pierre-Louis Bossart (1): ASoC: Intel: sof_sdw: add support for SKU 0B14 Roy Chateau (1): ASoC: codecs: tas2780: Fix log of failed reset via I2C. Shengjiu Wang (1): ASoC: fsl-asoc-card: use integer type for fll_id and pll_id Shuming Fan (1): ASoC: rt5650: fix the wrong result of key button Siddharth Vadapalli (1): misc: pci_endpoint_test: Add deviceID for J721S2 PCIe EP device support Su Hui (2): fs/ntfs3: Avoid possible memory leak net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Suzuki K Poulose (1): coresight: tmc-etr: Disable warnings for allocation failures Tiezhu Yang (1): LoongArch: Use SYM_CODE_* to annotate exception handlers Tomas Henzl (1): scsi: mpt3sas: Fix in error path Tony Lindgren (1): serial: core: Fix runtime PM handling for pending tx Vasily Gorbik (1): s390/kasan: handle DCSS mapping in memory holes Vicki Pfau (1): PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Vlad Buslov (1): net/mlx5: Bridge, fix peer entry ageing in LAG mode William A. Kennington III (1): spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 Zhang Shurong (1): dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe

1 year, 7 months

1
1
0 0

Linux 6.6.1

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.1 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/serial/rs485.yaml | 4 Makefile | 2 drivers/bluetooth/hci_bcm4377.c | 5 drivers/gpu/drm/amd/display/dc/dce/dce_dmcu.c | 3 drivers/gpu/drm/amd/display/dc/dce/dmub_psr.c | 3 drivers/misc/pci_endpoint_test.c | 4 drivers/pci/quirks.c | 8 drivers/power/supply/power_supply_core.c | 8 drivers/tty/n_gsm.c | 2 drivers/tty/serial/8250/8250_pci.c | 327 +++++++++++++++++++- drivers/tty/serial/serial_core.c | 2 drivers/usb/gadget/legacy/raw_gadget.c | 26 - drivers/usb/storage/unusual_cypress.h | 2 drivers/usb/typec/tcpm/tcpm.c | 5 fs/tracefs/event_inode.c | 288 ++++++++++------- include/linux/pci_ids.h | 1 include/linux/power_supply.h | 2 include/linux/trace_events.h | 4 kernel/trace/trace.c | 15 kernel/trace/trace.h | 3 kernel/trace/trace_events.c | 31 + kernel/trace/trace_events_filter.c | 3 sound/hda/intel-dsp-config.c | 6 sound/soc/sof/sof-pci-dev.c | 7 sound/usb/quirks.c | 2 tools/perf/util/evlist.c | 5 26 files changed, 623 insertions(+), 145 deletions(-) Andrey Konovalov (1): usb: raw-gadget: properly handle interrupted requests Badhri Jagan Sridharan (1): usb: typec: tcpm: Add additional checks for contaminant Cameron Williams (9): tty: 8250: Remove UC-257 and UC-431 tty: 8250: Add support for additional Brainboxes UC cards tty: 8250: Add support for Brainboxes UP cards tty: 8250: Add support for Intashield IS-100 tty: 8250: Fix port count of PX-257 tty: 8250: Fix up PX-803/PX-857 tty: 8250: Add support for additional Brainboxes PX cards tty: 8250: Add support for Intashield IX cards tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks Daniel Starke (1): tty: n_gsm: fix race condition in status line change on dead connections Francesco Dolcini (1): dt-bindings: serial: rs485: Add rs485-rts-active-high Greg Kroah-Hartman (1): Linux 6.6.1 Ian Rogers (1): perf evlist: Avoid frequency mode for the dummy event Janne Grunau (1): Bluetooth: hci_bcm4377: Mark bcm4378/bcm4387 as BROKEN_LE_CODED Jimmy Hu (1): usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() Kai-Heng Feng (1): power: supply: core: Use blocking_notifier_call_chain to avoid RCU complaint LihaSika (1): usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Mark Hasemeyer (2): ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection ASoC: SOF: sof-pci-dev: Fix community key quirk detection Max McCarthy (1): ALSA: usb-audio: add quirk flag to enable native DSD for McIntosh devices Nicholas Kazlauskas (1): drm/amd/display: Don't use fsleep for PSR exit waits Siddharth Vadapalli (1): misc: pci_endpoint_test: Add deviceID for J721S2 PCIe EP device support Steven Rostedt (Google) (5): tracing: Have trace_event_file have ref counters eventfs: Remove "is_freed" union with rcu head eventfs: Save ownership and mode eventfs: Delete eventfs_inode when the last dentry is freed eventfs: Use simple_recursive_removal() to clean up dentries Tony Lindgren (1): serial: core: Fix runtime PM handling for pending tx Vicki Pfau (1): PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device

1 year, 7 months

1
1
0 0

stable/linux-5.4.y build: 16 builds: 0 failed, 16 passed, 26 warnings (v5.4.260)

by kernelci.org bot

stable/linux-5.4.y build: 16 builds: 0 failed, 16 passed, 26 warnings (v5.4.260) Full Build Summary: https://kernelci.org/build/stable/branch/linux-5.4.y/kernel/v5.4.260/ Tree: stable Branch: linux-5.4.y Git Describe: v5.4.260 Git Commit: 87e8e7a7aa1f96276252a90373de1d56add31918 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git Built: 6 unique architectures Warnings Detected: arm64: defconfig (gcc-10): 2 warnings defconfig+arm64-chromebook (gcc-10): 2 warnings arm: i386: allnoconfig (gcc-10): 2 warnings i386_defconfig (gcc-10): 2 warnings tinyconfig (gcc-10): 2 warnings mips: x86_64: allnoconfig (gcc-10): 4 warnings tinyconfig (gcc-10): 4 warnings x86_64_defconfig (gcc-10): 4 warnings x86_64_defconfig+x86-board (gcc-10): 4 warnings Warnings summary: 5 ld: warning: creating DT_TEXTREL in a PIE 4 arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] 3 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' 2 ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' 2 arch/x86/entry/entry_64.o: warning: objtool: If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE. 2 arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x1c1: unsupported intra-function call 1 arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x151: unsupported intra-function call 1 arch/x86/entry/entry_64.S:1756: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret' Section mismatches summary: 1 WARNING: vmlinux.o(___ksymtab_gpl+vic_init_cascaded+0x0): Section mismatch in reference from the variable __ksymtab_vic_init_cascaded to the function .init.text:vic_init_cascaded() ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_64.S:1756: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret' arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x151: unsupported intra-function call ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: vmlinux.o(___ksymtab_gpl+vic_init_cascaded+0x0): Section mismatch in reference from the variable __ksymtab_vic_init_cascaded to the function .init.text:vic_init_cascaded() -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_64.S:1756: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret' arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x151: unsupported intra-function call ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x1c1: unsupported intra-function call arch/x86/entry/entry_64.o: warning: objtool: If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE. ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- x86_64_defconfig+x86-board (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x1c1: unsupported intra-function call arch/x86/entry/entry_64.o: warning: objtool: If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE. ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE --- For more info write to <info(a)kernelci.org>

1 year, 7 months

1
0
0 0

stable/linux-4.19.y build: 19 builds: 3 failed, 16 passed, 20 warnings (v4.19.298)

by kernelci.org bot

stable/linux-4.19.y build: 19 builds: 3 failed, 16 passed, 20 warnings (v4.19.298) Full Build Summary: https://kernelci.org/build/stable/branch/linux-4.19.y/kernel/v4.19.298/ Tree: stable Branch: linux-4.19.y Git Describe: v4.19.298 Git Commit: aa8663e85da65e4b92ac82208059c173cb42c3bd Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git Built: 7 unique architectures Build Failures Detected: riscv: allnoconfig: (gcc-10) FAIL defconfig: (gcc-10) FAIL tinyconfig: (gcc-10) FAIL Warnings Detected: arc: arm64: defconfig (gcc-10): 3 warnings defconfig+arm64-chromebook (gcc-10): 3 warnings arm: i386: allnoconfig (gcc-10): 2 warnings i386_defconfig (gcc-10): 2 warnings tinyconfig (gcc-10): 2 warnings mips: riscv: x86_64: allnoconfig (gcc-10): 2 warnings tinyconfig (gcc-10): 2 warnings x86_64_defconfig (gcc-10): 2 warnings x86_64_defconfig+x86-board (gcc-10): 2 warnings Warnings summary: 7 ld: warning: creating DT_TEXTREL in a PIE 6 aarch64-linux-gnu-ld: warning: -z norelro ignored 4 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' 3 ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' Section mismatches summary: 3 WARNING: modpost: Found 1 section mismatch(es). ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- allnoconfig (riscv, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: aarch64-linux-gnu-ld: warning: -z norelro ignored aarch64-linux-gnu-ld: warning: -z norelro ignored aarch64-linux-gnu-ld: warning: -z norelro ignored Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: aarch64-linux-gnu-ld: warning: -z norelro ignored aarch64-linux-gnu-ld: warning: -z norelro ignored aarch64-linux-gnu-ld: warning: -z norelro ignored Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- tinyconfig (riscv, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- x86_64_defconfig+x86-board (x86_64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE --- For more info write to <info(a)kernelci.org>

1 year, 7 months

1
0
0 0

stable/linux-4.14.y build: 16 builds: 0 failed, 16 passed, 21 warnings (v4.14.329)

by kernelci.org bot

stable/linux-4.14.y build: 16 builds: 0 failed, 16 passed, 21 warnings (v4.14.329) Full Build Summary: https://kernelci.org/build/stable/branch/linux-4.14.y/kernel/v4.14.329/ Tree: stable Branch: linux-4.14.y Git Describe: v4.14.329 Git Commit: 3b717ad0e90f88642da05bdea585d5ee98c287cb Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git Built: 6 unique architectures Warnings Detected: arc: arm64: arm: i386: allnoconfig (gcc-10): 3 warnings i386_defconfig (gcc-10): 3 warnings tinyconfig (gcc-10): 3 warnings mips: x86_64: allnoconfig (gcc-10): 3 warnings tinyconfig (gcc-10): 3 warnings x86_64_defconfig (gcc-10): 3 warnings x86_64_defconfig+x86-board (gcc-10): 3 warnings Warnings summary: 7 ld: warning: creating DT_TEXTREL in a PIE 4 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' 4 Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' 3 ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' 3 arch/x86/entry/entry_32.S:480: Warning: no instruction mnemonic suffix given and no register operands; using default for `btr' Section mismatches summary: 3 WARNING: modpost: Found 1 section mismatch(es). ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_32.S:480: Warning: no instruction mnemonic suffix given and no register operands; using default for `btr' ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_32.S:480: Warning: no instruction mnemonic suffix given and no register operands; using default for `btr' ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_32.S:480: Warning: no instruction mnemonic suffix given and no register operands; using default for `btr' ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- x86_64_defconfig+x86-board (x86_64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE --- For more info write to <info(a)kernelci.org>

1 year, 7 months

1
0
0 0

Linux 5.4.260

by Greg Kroah-Hartman

I'm announcing the release of the 5.4.260 kernel. All users of the 5.4 kernel series must upgrade. The updated 5.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/boot/dts/am335x-baltos.dtsi | 2 arch/arm/boot/dts/am335x-boneblack-common.dtsi | 1 arch/arm/boot/dts/am335x-boneblack-wireless.dts | 1 arch/arm/boot/dts/am335x-boneblue.dts | 1 arch/arm/boot/dts/am335x-bonegreen-wireless.dts | 1 arch/arm/boot/dts/am335x-evm.dts | 3 arch/arm/boot/dts/am335x-evmsk.dts | 2 arch/arm/boot/dts/am335x-lxm.dts | 2 arch/arm/boot/dts/am335x-moxa-uc-2100-common.dtsi | 2 arch/arm/boot/dts/am335x-moxa-uc-8100-me-t.dts | 2 arch/arm/boot/dts/am335x-pepper.dts | 4 arch/arm/boot/dts/am335x-phycore-som.dtsi | 2 arch/arm/boot/dts/am33xx-l4.dtsi | 6 arch/arm/boot/dts/am33xx.dtsi | 3 arch/arm/boot/dts/am4372.dtsi | 3 arch/arm/boot/dts/am437x-cm-t43.dts | 2 arch/arm/boot/dts/am437x-gp-evm.dts | 4 arch/arm/boot/dts/am437x-l4.dtsi | 5 arch/arm/boot/dts/am437x-sk-evm.dts | 2 arch/arm64/kernel/armv8_deprecated.c | 6 arch/x86/include/asm/i8259.h | 2 arch/x86/include/asm/setup.h | 46 arch/x86/kernel/acpi/boot.c | 3 arch/x86/kernel/i8259.c | 38 arch/x86/kernel/vmlinux.lds.S | 2 drivers/ata/ahci.h | 245 - drivers/base/driver.c | 69 drivers/base/platform.c | 28 drivers/block/Kconfig | 9 drivers/block/Makefile | 2 drivers/block/sx8.c | 1586 ---------- drivers/clk/clk.c | 21 drivers/dma/ste_dma40.c | 1 drivers/gpu/drm/drm_dp_mst_topology.c | 6 drivers/i2c/busses/i2c-aspeed.c | 3 drivers/i2c/busses/i2c-stm32f7.c | 9 drivers/i2c/muxes/i2c-demux-pinctrl.c | 2 drivers/i2c/muxes/i2c-mux-gpmux.c | 2 drivers/i2c/muxes/i2c-mux-pinctrl.c | 2 drivers/iio/adc/exynos_adc.c | 24 drivers/input/mouse/synaptics.c | 1 drivers/input/rmi4/rmi_smbus.c | 50 drivers/input/serio/i8042-x86ia64io.h | 8 drivers/irqchip/irq-stm32-exti.c | 1 drivers/mcb/mcb-lpc.c | 35 drivers/mcb/mcb-parse.c | 15 drivers/mtd/nand/raw/marvell_nand.c | 23 drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 drivers/net/ethernet/intel/igb/igb_ethtool.c | 6 drivers/net/ethernet/intel/igc/igc_ethtool.c | 35 drivers/net/ethernet/realtek/r8169_main.c | 4 drivers/net/ethernet/toshiba/ps3_gelic_wireless.c | 2 drivers/net/gtp.c | 5 drivers/net/ieee802154/adf7242.c | 5 drivers/net/usb/r8152.c | 10 drivers/nvme/target/tcp.c | 50 drivers/nvmem/imx-ocotp.c | 6 drivers/pci/quirks.c | 8 drivers/platform/mellanox/mlxbf-tmfifo.c | 21 drivers/platform/x86/asus-wmi.h | 2 drivers/rpmsg/qcom_glink_native.c | 1 drivers/rpmsg/rpmsg_core.c | 37 drivers/rpmsg/rpmsg_internal.h | 5 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 drivers/spi/spi-npcm-fiu.c | 5 drivers/tty/serial/8250/8250_pci.c | 122 drivers/usb/storage/unusual_cypress.h | 2 drivers/video/fbdev/aty/atyfb_base.c | 4 drivers/video/fbdev/uvesafb.c | 2 drivers/virtio/virtio_balloon.c | 6 drivers/virtio/virtio_mmio.c | 19 fs/cifs/smbdirect.c | 14 fs/ext4/mballoc.c | 51 fs/ext4/mballoc.h | 14 fs/f2fs/gc.c | 3 fs/nfsd/vfs.c | 12 include/linux/device.h | 2 include/linux/pci_ids.h | 1 include/linux/platform_device.h | 6 include/linux/rpmsg.h | 14 include/uapi/linux/gtp.h | 2 kernel/events/core.c | 3 lib/kobject.c | 12 net/core/neighbour.c | 67 net/ipv4/tcp_input.c | 9 net/netfilter/nfnetlink_log.c | 2 sound/soc/codecs/rt5645.c | 2 tools/testing/selftests/ftrace/test.d/kprobe/kprobe_non_uniq_symbol.tc | 13 90 files changed, 851 insertions(+), 2030 deletions(-) Al Viro (1): nfsd: lock_rename() needs both directories to live on the same fs Alain Volmat (1): i2c: stm32f7: Fix PEC handling in case of SMBUS transfers Alessandro Carminati (1): clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name Arnd Bergmann (2): fbdev: atyfb: only use ioremap_uc() on i386 and ia64 ata: ahci: fix enum constants for gcc-13 Baokun Li (3): ext4: add two helper functions extent_logical_end() and pa_logical_end() ext4: avoid overlapping preallocations due to overflow ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow Ben Wolsieffer (1): irqchip/stm32-exti: add missing DT IRQ flag translation Bjorn Andersson (1): rpmsg: glink: Release driver_override Cameron Williams (4): tty: 8250: Remove UC-257 and UC-431 tty: 8250: Add support for additional Brainboxes UC cards tty: 8250: Add support for Brainboxes UP cards tty: 8250: Add support for Intashield IS-100 Chao Yu (1): f2fs: fix to do sanity check on inode type during garbage collection Christoph Hellwig (1): remove the sx8 block driver Christophe JAILLET (1): net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() Dmitry Torokhov (1): Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Douglas Anderson (3): r8152: Increase USB control msg timeout to 5000ms as per spec r8152: Run the unload routine if we have errors during probe r8152: Cancel hw_phy_work if we have an error in probe Eric Dumazet (1): neighbour: fix various data-races Florian Westphal (1): netfilter: nfnetlink_log: silence bogus compiler warning Francis Laniel (1): selftests/ftrace: Add new test case which checks non unique symbol Fred Chen (1): tcp: fix wrong RTO timeout when received SACK reneging Gavin Shan (1): virtio_balloon: Fix endless deflation and inflation on arm64 Greg Kroah-Hartman (1): Linux 5.4.260 Hangyu Hua (1): rpmsg: Fix possible refcount leak in rpmsg_register_device_override() Hans de Goede (1): platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e Herve Codina (3): i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() Ivan Vecera (1): i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR Jian Zhang (1): i2c: aspeed: Fix i2c bus hang in slave read Jinjie Ruan (1): arm64: fix a concurrency issue in emulation_proc_handler() Jorge Maidana (1): fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Josh Poimboeuf (2): x86/mm: Simplify RESERVE_BRK() x86/mm: Fix RESERVE_BRK() for older binutils Juergen Gross (1): x86: Fix .brk attribute in linker script Krzysztof Kozlowski (4): driver: platform: Add helper for safer setting of driver_override rpmsg: Constify local variable in field store macro rpmsg: Fix kfree() of static memory on setting driver_override rpmsg: Fix calling device_lock() on non-initialized device Kunwu Chan (1): treewide: Spelling fix in comment LihaSika (1): usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Liming Sun (1): platform/mellanox: mlxbf-tmfifo: Fix a warning message Lukasz Majczak (1): drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() Marek Szyprowski (1): iio: exynos-adc: request second interupt only when touchscreen mode is used Mateusz Palczewski (1): igb: Fix potential memory leak in igb_add_ethtool_nfc_entry Matthias Schiffer (1): Revert "ARM: dts: Move am33xx and am43xx mmc nodes to sdhci-omap driver" Maximilian Heyne (1): virtio-mmio: fix memory leak of vm_dev Miquel Raynal (1): mtd: rawnand: marvell: Ensure program page operations are successful Mirsad Goran Todorovac (2): r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 Pablo Neira Ayuso (2): gtp: uapi: fix GTPA_MAX gtp: fix fragmentation needed check with gso Peng Fan (3): nvmem: imx: correct nregs for i.MX6ULL nvmem: imx: correct nregs for i.MX6SLL nvmem: imx: correct nregs for i.MX6UL Peter Zijlstra (1): perf/core: Fix potential NULL deref Rodríguez Barbarin, José Javier (2): mcb: Return actual parsed size when reading chameleon table mcb-lpc: Reallocate memory region to avoid memory overlapping Sagi Grimberg (2): nvmet-tcp: move send/recv error handling in the send/recv methods instead of call-sites nvmet-tcp: Fix a possible UAF in queue intialization setup Sasha Neftin (1): igc: Fix ambiguity in the ethtool advertising Shuming Fan (1): ASoC: rt5650: fix the wrong result of key button Steve French (1): smbdirect: missing rc checks while waiting for rdma events Su Hui (1): net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Szilard Fabian (1): Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table Thomas Gleixner (1): x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility Tomas Henzl (1): scsi: mpt3sas: Fix in error path Vicki Pfau (1): PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Wang Hai (1): kobject: Fix slab-out-of-bounds in fill_kobj_path() William A. Kennington III (1): spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 Zhang Shurong (1): dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe

1 year, 7 months

1
1
0 0

Linux 4.19.298

by Greg Kroah-Hartman

I'm announcing the release of the 4.19.298 kernel. All users of the 4.19 kernel series must upgrade. The updated 4.19.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.19.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ MAINTAINERS | 2 Makefile | 2 arch/arm/boot/bootp/init.S | 2 arch/arm/boot/compressed/big-endian.S | 2 arch/arm/boot/compressed/head.S | 2 arch/arm/boot/compressed/piggy.S | 2 arch/arm/mm/proc-arm1020.S | 2 arch/arm/mm/proc-arm1020e.S | 2 arch/arm/mm/proc-arm1022.S | 2 arch/arm/mm/proc-arm1026.S | 2 arch/arm/mm/proc-arm720.S | 2 arch/arm/mm/proc-arm740.S | 2 arch/arm/mm/proc-arm7tdmi.S | 2 arch/arm/mm/proc-arm920.S | 2 arch/arm/mm/proc-arm922.S | 2 arch/arm/mm/proc-arm925.S | 2 arch/arm/mm/proc-arm926.S | 2 arch/arm/mm/proc-arm940.S | 2 arch/arm/mm/proc-arm946.S | 2 arch/arm/mm/proc-arm9tdmi.S | 2 arch/arm/mm/proc-fa526.S | 2 arch/arm/mm/proc-feroceon.S | 2 arch/arm/mm/proc-mohawk.S | 2 arch/arm/mm/proc-sa110.S | 2 arch/arm/mm/proc-sa1100.S | 2 arch/arm/mm/proc-v6.S | 2 arch/arm/mm/proc-v7.S | 2 arch/arm/mm/proc-v7m.S | 4 arch/arm/mm/proc-xsc3.S | 2 arch/arm/mm/proc-xscale.S | 2 arch/arm64/kernel/armv8_deprecated.c | 6 arch/x86/include/asm/i8259.h | 2 arch/x86/include/asm/setup.h | 46 arch/x86/kernel/acpi/boot.c | 3 arch/x86/kernel/i8259.c | 38 arch/x86/kernel/vmlinux.lds.S | 2 drivers/ata/ahci.h | 232 drivers/base/driver.c | 69 drivers/base/platform.c | 28 drivers/block/Kconfig | 9 drivers/block/Makefile | 2 drivers/block/sx8.c | 1746 -- drivers/dma/ste_dma40.c | 1 drivers/gpu/drm/drm_dp_mst_topology.c | 6 drivers/i2c/busses/i2c-stm32f7.c | 9 drivers/i2c/muxes/i2c-demux-pinctrl.c | 2 drivers/i2c/muxes/i2c-mux-gpmux.c | 2 drivers/i2c/muxes/i2c-mux-pinctrl.c | 2 drivers/iio/adc/exynos_adc.c | 24 drivers/input/mouse/synaptics.c | 1 drivers/input/rmi4/rmi_smbus.c | 50 drivers/input/serio/i8042-x86ia64io.h | 8 drivers/irqchip/irq-stm32-exti.c | 1 drivers/mcb/mcb-lpc.c | 35 drivers/mcb/mcb-parse.c | 15 drivers/mmc/core/sdio.c | 22 drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 drivers/net/ethernet/intel/igb/igb_ethtool.c | 6 drivers/net/ethernet/realtek/Makefile | 1 drivers/net/ethernet/realtek/r8169.c | 7698 ---------- drivers/net/ethernet/realtek/r8169_main.c | 7698 ++++++++++ drivers/net/ethernet/toshiba/ps3_gelic_wireless.c | 2 drivers/net/gtp.c | 5 drivers/nvmem/imx-ocotp.c | 4 drivers/pci/quirks.c | 8 drivers/platform/x86/asus-wmi.h | 2 drivers/rpmsg/qcom_glink_native.c | 1 drivers/rpmsg/rpmsg_core.c | 37 drivers/rpmsg/rpmsg_internal.h | 5 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 drivers/tty/serial/8250/8250_pci.c | 122 drivers/usb/storage/unusual_cypress.h | 2 drivers/video/fbdev/aty/atyfb_base.c | 4 drivers/video/fbdev/uvesafb.c | 2 drivers/virtio/virtio_balloon.c | 6 drivers/virtio/virtio_mmio.c | 19 fs/cifs/smbdirect.c | 14 fs/f2fs/gc.c | 3 fs/nfs/write.c | 3 fs/nfsd/vfs.c | 12 include/linux/device.h | 2 include/linux/pci_ids.h | 1 include/linux/platform_device.h | 6 include/linux/rpmsg.h | 14 kernel/events/core.c | 3 lib/kobject.c | 12 net/netfilter/nfnetlink_log.c | 2 sound/soc/codecs/rt5645.c | 2 sound/soc/generic/simple-card.c | 6 tools/testing/selftests/ftrace/test.d/kprobe/kprobe_non_uniq_symbol.tc | 13 91 files changed, 8376 insertions(+), 9770 deletions(-) Al Viro (1): nfsd: lock_rename() needs both directories to live on the same fs Alain Volmat (1): i2c: stm32f7: Fix PEC handling in case of SMBUS transfers Arnd Bergmann (2): fbdev: atyfb: only use ioremap_uc() on i386 and ia64 ata: ahci: fix enum constants for gcc-13 Ben Wolsieffer (1): irqchip/stm32-exti: add missing DT IRQ flag translation Bjorn Andersson (1): rpmsg: glink: Release driver_override Cameron Williams (4): tty: 8250: Remove UC-257 and UC-431 tty: 8250: Add support for additional Brainboxes UC cards tty: 8250: Add support for Brainboxes UP cards tty: 8250: Add support for Intashield IS-100 Chao Yu (1): f2fs: fix to do sanity check on inode type during garbage collection Christoph Hellwig (1): remove the sx8 block driver Denis Efremov (1): MAINTAINERS: r8169: Update path to the driver Dmitry Torokhov (1): Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Florian Westphal (1): netfilter: nfnetlink_log: silence bogus compiler warning Francis Laniel (1): selftests/ftrace: Add new test case which checks non unique symbol Gavin Shan (1): virtio_balloon: Fix endless deflation and inflation on arm64 Greg Kroah-Hartman (1): Linux 4.19.298 Haibo Chen (1): mmc: core: sdio: hold retuning if sdio in 1-bit mode Hangyu Hua (1): rpmsg: Fix possible refcount leak in rpmsg_register_device_override() Hans de Goede (1): platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e Heiner Kallweit (1): r8169: rename r8169.c to r8169_main.c Herve Codina (3): i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() Ivan Vecera (1): i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR Jinjie Ruan (1): arm64: fix a concurrency issue in emulation_proc_handler() Jorge Maidana (1): fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Josh Poimboeuf (2): x86/mm: Simplify RESERVE_BRK() x86/mm: Fix RESERVE_BRK() for older binutils Juergen Gross (1): x86: Fix .brk attribute in linker script Krzysztof Kozlowski (4): driver: platform: Add helper for safer setting of driver_override rpmsg: Constify local variable in field store macro rpmsg: Fix kfree() of static memory on setting driver_override rpmsg: Fix calling device_lock() on non-initialized device Kuninori Morimoto (1): ASoC: simple-card: fixup asoc_simple_probe() error handling Kunwu Chan (1): treewide: Spelling fix in comment LihaSika (1): usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Lukasz Majczak (1): drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() Marek Szyprowski (1): iio: exynos-adc: request second interupt only when touchscreen mode is used Mateusz Palczewski (1): igb: Fix potential memory leak in igb_add_ethtool_nfc_entry Maximilian Heyne (1): virtio-mmio: fix memory leak of vm_dev Mirsad Goran Todorovac (2): r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 Nick Desaulniers (1): ARM: 8933/1: replace Sun/Solaris style flag on section directive Pablo Neira Ayuso (1): gtp: fix fragmentation needed check with gso Peng Fan (2): nvmem: imx: correct nregs for i.MX6SLL nvmem: imx: correct nregs for i.MX6UL Peter Zijlstra (1): perf/core: Fix potential NULL deref Rodríguez Barbarin, José Javier (2): mcb: Return actual parsed size when reading chameleon table mcb-lpc: Reallocate memory region to avoid memory overlapping Shuming Fan (1): ASoC: rt5650: fix the wrong result of key button Steve French (1): smbdirect: missing rc checks while waiting for rdma events Su Hui (1): net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Szilard Fabian (1): Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table Thomas Gleixner (1): x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility Tomas Henzl (1): scsi: mpt3sas: Fix in error path Trond Myklebust (1): NFS: Don't call generic_error_remove_page() while holding locks Ulf Hansson (1): mmc: sdio: Don't re-initialize powered-on removable SDIO cards at resume Vicki Pfau (1): PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Wang Hai (1): kobject: Fix slab-out-of-bounds in fill_kobj_path() Zhang Shurong (1): dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe

1 year, 7 months

1
1
0 0

Linux 4.14.329

by Greg Kroah-Hartman

I'm announcing the release of the 4.14.329 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/boot/bootp/init.S | 2 arch/arm/boot/compressed/big-endian.S | 2 arch/arm/boot/compressed/head.S | 2 arch/arm/boot/compressed/piggy.S | 2 arch/arm/mm/proc-arm1020.S | 2 arch/arm/mm/proc-arm1020e.S | 2 arch/arm/mm/proc-arm1022.S | 2 arch/arm/mm/proc-arm1026.S | 2 arch/arm/mm/proc-arm720.S | 2 arch/arm/mm/proc-arm740.S | 2 arch/arm/mm/proc-arm7tdmi.S | 2 arch/arm/mm/proc-arm920.S | 2 arch/arm/mm/proc-arm922.S | 2 arch/arm/mm/proc-arm925.S | 2 arch/arm/mm/proc-arm926.S | 2 arch/arm/mm/proc-arm940.S | 2 arch/arm/mm/proc-arm946.S | 2 arch/arm/mm/proc-arm9tdmi.S | 2 arch/arm/mm/proc-fa526.S | 2 arch/arm/mm/proc-feroceon.S | 2 arch/arm/mm/proc-mohawk.S | 2 arch/arm/mm/proc-sa110.S | 2 arch/arm/mm/proc-sa1100.S | 2 arch/arm/mm/proc-v6.S | 2 arch/arm/mm/proc-v7.S | 2 arch/arm/mm/proc-v7m.S | 4 arch/arm/mm/proc-xsc3.S | 2 arch/arm/mm/proc-xscale.S | 2 arch/x86/include/asm/i8259.h | 2 arch/x86/include/asm/setup.h | 46 arch/x86/kernel/acpi/boot.c | 3 arch/x86/kernel/i8259.c | 38 arch/x86/kernel/vmlinux.lds.S | 2 drivers/ata/ahci.h | 230 +- drivers/base/driver.c | 69 drivers/base/platform.c | 28 drivers/block/Kconfig | 9 drivers/block/Makefile | 2 drivers/block/sx8.c | 1746 ---------------------- drivers/dma/ste_dma40.c | 1 drivers/gpu/drm/drm_dp_mst_topology.c | 6 drivers/i2c/muxes/i2c-demux-pinctrl.c | 2 drivers/i2c/muxes/i2c-mux-gpmux.c | 2 drivers/i2c/muxes/i2c-mux-pinctrl.c | 2 drivers/input/mouse/synaptics.c | 1 drivers/input/rmi4/rmi_smbus.c | 50 drivers/irqchip/irq-stm32-exti.c | 1 drivers/mcb/mcb-lpc.c | 35 drivers/mcb/mcb-parse.c | 15 drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 drivers/net/ethernet/intel/igb/igb_ethtool.c | 6 drivers/net/ethernet/toshiba/ps3_gelic_wireless.c | 2 drivers/net/usb/r8152.c | 7 drivers/pci/quirks.c | 9 drivers/platform/x86/asus-wmi.h | 2 drivers/rpmsg/qcom_glink_native.c | 1 drivers/rpmsg/rpmsg_core.c | 34 drivers/rpmsg/rpmsg_internal.h | 5 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 drivers/tty/serial/8250/8250_pci.c | 122 + drivers/tty/vt/vc_screen.c | 9 drivers/usb/storage/unusual_cypress.h | 2 drivers/video/fbdev/aty/atyfb_base.c | 4 drivers/video/fbdev/uvesafb.c | 2 drivers/virtio/virtio_balloon.c | 6 fs/f2fs/gc.c | 3 fs/nfs/write.c | 3 fs/nfsd/vfs.c | 12 include/linux/device.h | 2 include/linux/pci_ids.h | 1 include/linux/platform_device.h | 6 include/linux/rpmsg.h | 14 include/uapi/linux/gtp.h | 2 kernel/events/core.c | 3 lib/kobject.c | 12 net/ipv4/tcp_input.c | 9 net/netfilter/nfnetlink_log.c | 2 sound/soc/codecs/rt5645.c | 2 sound/soc/generic/simple-card.c | 6 81 files changed, 599 insertions(+), 2047 deletions(-) Al Viro (1): nfsd: lock_rename() needs both directories to live on the same fs Arnd Bergmann (2): fbdev: atyfb: only use ioremap_uc() on i386 and ia64 ata: ahci: fix enum constants for gcc-13 Ben Wolsieffer (1): irqchip/stm32-exti: add missing DT IRQ flag translation Bjorn Andersson (1): rpmsg: glink: Release driver_override Cameron Williams (4): tty: 8250: Remove UC-257 and UC-431 tty: 8250: Add support for additional Brainboxes UC cards tty: 8250: Add support for Brainboxes UP cards tty: 8250: Add support for Intashield IS-100 Chao Yu (1): f2fs: fix to do sanity check on inode type during garbage collection Christoph Hellwig (1): remove the sx8 block driver Dmitry Torokhov (1): Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Douglas Anderson (1): r8152: Increase USB control msg timeout to 5000ms as per spec Florian Westphal (1): netfilter: nfnetlink_log: silence bogus compiler warning Fred Chen (1): tcp: fix wrong RTO timeout when received SACK reneging Gavin Shan (1): virtio_balloon: Fix endless deflation and inflation on arm64 George Kennedy (1): vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF Greg Kroah-Hartman (1): Linux 4.14.329 Hangyu Hua (1): rpmsg: Fix possible refcount leak in rpmsg_register_device_override() Hans de Goede (1): platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e Herve Codina (3): i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() Ivan Vecera (1): i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR Jorge Maidana (1): fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Josh Poimboeuf (2): x86/mm: Simplify RESERVE_BRK() x86/mm: Fix RESERVE_BRK() for older binutils Juergen Gross (1): x86: Fix .brk attribute in linker script Krzysztof Kozlowski (3): driver: platform: Add helper for safer setting of driver_override rpmsg: Fix kfree() of static memory on setting driver_override rpmsg: Fix calling device_lock() on non-initialized device Kuninori Morimoto (1): ASoC: simple-card: fixup asoc_simple_probe() error handling Kunwu Chan (1): treewide: Spelling fix in comment LihaSika (1): usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Lukasz Majczak (1): drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() Mateusz Palczewski (1): igb: Fix potential memory leak in igb_add_ethtool_nfc_entry Nick Desaulniers (1): ARM: 8933/1: replace Sun/Solaris style flag on section directive Pablo Neira Ayuso (1): gtp: uapi: fix GTPA_MAX Peter Zijlstra (1): perf/core: Fix potential NULL deref Rodríguez Barbarin, José Javier (2): mcb: Return actual parsed size when reading chameleon table mcb-lpc: Reallocate memory region to avoid memory overlapping Shuming Fan (1): ASoC: rt5650: fix the wrong result of key button Su Hui (1): net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Thomas Gleixner (1): x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility Tomas Henzl (1): scsi: mpt3sas: Fix in error path Trond Myklebust (1): NFS: Don't call generic_error_remove_page() while holding locks Vicki Pfau (1): PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Wang Hai (1): kobject: Fix slab-out-of-bounds in fill_kobj_path() Zhang Shurong (1): dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe

1 year, 7 months

1
1
0 0

[PATCH 6.6 00/30] 6.6.1-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.1 release. There are 30 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Nov 2023 13:02:46 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.1-rc1.… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.1-rc1 Mark Hasemeyer <markhas(a)chromium.org> ASoC: SOF: sof-pci-dev: Fix community key quirk detection Mark Hasemeyer <markhas(a)chromium.org> ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection Tony Lindgren <tony(a)atomide.com> serial: core: Fix runtime PM handling for pending tx Siddharth Vadapalli <s-vadapalli(a)ti.com> misc: pci_endpoint_test: Add deviceID for J721S2 PCIe EP device support Francesco Dolcini <francesco.dolcini(a)toradex.com> dt-bindings: serial: rs485: Add rs485-rts-active-high Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IX cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes PX cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Fix up PX-803/PX-857 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Fix port count of PX-257 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IS-100 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Brainboxes UP cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes UC cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Remove UC-257 and UC-431 Daniel Starke <daniel.starke(a)siemens.com> tty: n_gsm: fix race condition in status line change on dead connections Janne Grunau <j(a)jannau.net> Bluetooth: hci_bcm4377: Mark bcm4378/bcm4387 as BROKEN_LE_CODED Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: properly handle interrupted requests Jimmy Hu <hhhuuu(a)google.com> usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() Badhri Jagan Sridharan <badhri(a)google.com> usb: typec: tcpm: Add additional checks for contaminant LihaSika <lihasika(a)gmail.com> usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Vicki Pfau <vi(a)endrift.com> PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Max McCarthy <mmccarthy(a)mcintoshlabs.com> ALSA: usb-audio: add quirk flag to enable native DSD for McIntosh devices Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Use simple_recursive_removal() to clean up dentries Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Delete eventfs_inode when the last dentry is freed Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Save ownership and mode Steven Rostedt (Google) <rostedt(a)goodmis.org> eventfs: Remove "is_freed" union with rcu head Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Have trace_event_file have ref counters Ian Rogers <irogers(a)google.com> perf evlist: Avoid frequency mode for the dummy event Kai-Heng Feng <kai.heng.feng(a)canonical.com> power: supply: core: Use blocking_notifier_call_chain to avoid RCU complaint Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> drm/amd/display: Don't use fsleep for PSR exit waits ------------- Diffstat: .../devicetree/bindings/serial/rs485.yaml | 4 + Makefile | 4 +- drivers/bluetooth/hci_bcm4377.c | 5 + drivers/gpu/drm/amd/display/dc/dce/dce_dmcu.c | 3 +- drivers/gpu/drm/amd/display/dc/dce/dmub_psr.c | 3 +- drivers/misc/pci_endpoint_test.c | 4 + drivers/pci/quirks.c | 8 +- drivers/power/supply/power_supply_core.c | 8 +- drivers/tty/n_gsm.c | 2 + drivers/tty/serial/8250/8250_pci.c | 327 ++++++++++++++++++++- drivers/tty/serial/serial_core.c | 2 +- drivers/usb/gadget/legacy/raw_gadget.c | 26 +- drivers/usb/storage/unusual_cypress.h | 2 +- drivers/usb/typec/tcpm/tcpm.c | 5 + fs/tracefs/event_inode.c | 288 +++++++++++------- include/linux/pci_ids.h | 1 + include/linux/power_supply.h | 2 +- include/linux/trace_events.h | 4 + kernel/trace/trace.c | 15 + kernel/trace/trace.h | 3 + kernel/trace/trace_events.c | 31 +- kernel/trace/trace_events_filter.c | 3 + sound/hda/intel-dsp-config.c | 6 + sound/soc/sof/sof-pci-dev.c | 7 + sound/usb/quirks.c | 2 + tools/perf/util/evlist.c | 5 +- 26 files changed, 624 insertions(+), 146 deletions(-)

1 year, 7 months

13
42
0 0

[PATCH v2] i2c: designware: Disable TX_EMPTY irq while waiting for block length byte

by Tam Nguyen

During SMBus block data read process, we have seen high interrupt rate because of TX_EMPTY irq status while waiting for block length byte (the first data byte after the address phase). The interrupt handler does not do anything because the internal state is kept as STATUS_WRITE_IN_PROGRESS. Hence, we should disable TX_EMPTY IRQ until I2C DesignWare receives first data byte from I2C device, then re-enable it to resume SMBus transaction. It takes 0.789 ms for host to receive data length from slave. Without the patch, i2c_dw_isr() is called 99 times by TX_EMPTY interrupt. And it is none after applying the patch. Cc: stable(a)vger.kernel.org Co-developed-by: Chuong Tran <chuong(a)os.amperecomputing.com> Signed-off-by: Chuong Tran <chuong(a)os.amperecomputing.com> Signed-off-by: Tam Nguyen <tamnguyenchi(a)os.amperecomputing.com> --- v2: + Reduce the indentations level + Use regmap_update_bits for bitfield update + Rewrite comment statement [Serge] + Update commit message + Add Co-developed-by tag for co-authors [Andy] v1: https://lore.kernel.org/lkml/avd7jhwexehgbvi6euzdwvf5zvqqgjx4ozo6uxu2qpmlar… --- drivers/i2c/busses/i2c-designware-master.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/drivers/i2c/busses/i2c-designware-master.c b/drivers/i2c/busses/i2c-designware-master.c index 55ea91a63382..ae76620ef35e 100644 --- a/drivers/i2c/busses/i2c-designware-master.c +++ b/drivers/i2c/busses/i2c-designware-master.c @@ -456,10 +456,16 @@ i2c_dw_xfer_msg(struct dw_i2c_dev *dev) /* * Because we don't know the buffer length in the - * I2C_FUNC_SMBUS_BLOCK_DATA case, we can't stop - * the transaction here. + * I2C_FUNC_SMBUS_BLOCK_DATA case, we can't stop the + * transaction here. Also disable the TX_EMPTY IRQ + * while waiting for the data length byte to avoid the + * bogus interrupts flood. */ - if (buf_len > 0 || flags & I2C_M_RECV_LEN) { + if (flags & I2C_M_RECV_LEN) { + dev->status |= STATUS_WRITE_IN_PROGRESS; + intr_mask &= ~DW_IC_INTR_TX_EMPTY; + break; + } else if (buf_len > 0) { /* more bytes to be written */ dev->status |= STATUS_WRITE_IN_PROGRESS; break; @@ -495,6 +501,13 @@ i2c_dw_recv_len(struct dw_i2c_dev *dev, u8 len) msgs[dev->msg_read_idx].len = len; msgs[dev->msg_read_idx].flags &= ~I2C_M_RECV_LEN; + /* + * Received buffer length, re-enable TX_EMPTY interrupt + * to resume the SMBUS transaction. + */ + regmap_update_bits(dev->map, DW_IC_INTR_MASK, DW_IC_INTR_TX_EMPTY, + DW_IC_INTR_TX_EMPTY); + return len; } -- 2.25.1

1 year, 7 months

4
3
0 0

[PATCH] r8169: fix ASPM-related issues on a number of systems with NIC version from RTL8168h

by Li Ma

From: Heiner Kallweit <hkallweit1(a)gmail.com> This effectively reverts 4b5f82f6aaef. On a number of systems ASPM L1 causes tx timeouts with RTL8168h, see referenced bug report. Fixes: 4b5f82f6aaef ("r8169: enable ASPM L1/L1.1 from RTL8168h") Cc: stable(a)vger.kernel.org Closes: https://bugzilla.kernel.org/show_bug.cgi?id=217814 Signed-off-by: Heiner Kallweit <hkallweit1(a)gmail.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> (cherry picked from commit 90ca51e8c654699b672ba61aeaa418dfb3252e5e) --- drivers/net/ethernet/realtek/r8169_main.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index 45147a1016be..27efd07f09ef 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -5224,13 +5224,9 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) /* Disable ASPM L1 as that cause random device stop working * problems as well as full system hangs for some PCIe devices users. - * Chips from RTL8168h partially have issues with L1.2, but seem - * to work fine with L1 and L1.1. */ if (rtl_aspm_is_safe(tp)) rc = 0; - else if (tp->mac_version >= RTL_GIGA_MAC_VER_46) - rc = pci_disable_link_state(pdev, PCIE_LINK_STATE_L1_2); else rc = pci_disable_link_state(pdev, PCIE_LINK_STATE_L1); tp->aspm_manageable = !rc; -- 2.25.1

1 year, 7 months

4
4
0 0

[PATCH v3] usb: typec: tcpm: Fix sink caps op current check

by Badhri Jagan Sridharan

TCPM checks for sink caps operational current even when PD is disabled. This incorrectly sets tcpm_set_charge() when PD is disabled. Check for sink caps only when PD is enabled. [ 97.572342] Start toggling [ 97.578949] CC1: 0 -> 0, CC2: 0 -> 0 [state TOGGLING, polarity 0, disconnected] [ 99.571648] CC1: 0 -> 0, CC2: 0 -> 4 [state TOGGLING, polarity 0, connected] [ 99.571658] state change TOGGLING -> SNK_ATTACH_WAIT [rev3 NONE_AMS] [ 99.571673] pending state change SNK_ATTACH_WAIT -> SNK_DEBOUNCED @ 170 ms [rev3 NONE_AMS] [ 99.741778] state change SNK_ATTACH_WAIT -> SNK_DEBOUNCED [delayed 170 ms] [ 99.789283] CC1: 0 -> 0, CC2: 4 -> 5 [state SNK_DEBOUNCED, polarity 0, connected] [ 99.789306] state change SNK_DEBOUNCED -> SNK_DEBOUNCED [rev3 NONE_AMS] [ 99.903584] VBUS on [ 99.903591] state change SNK_DEBOUNCED -> SNK_ATTACHED [rev3 NONE_AMS] [ 99.903600] polarity 1 [ 99.910155] enable vbus discharge ret:0 [ 99.910160] Requesting mux state 1, usb-role 2, orientation 2 [ 99.946791] state change SNK_ATTACHED -> SNK_STARTUP [rev3 NONE_AMS] [ 99.946798] state change SNK_STARTUP -> SNK_DISCOVERY [rev3 NONE_AMS] [ 99.946800] Setting voltage/current limit 5000 mV 500 mA [ 99.946803] vbus=0 charge:=1 [ 100.027139] state change SNK_DISCOVERY -> SNK_READY [rev3 NONE_AMS] [ 100.027145] Setting voltage/current limit 5000 mV 3000 mA [ 100.466830] VBUS on Cc: stable(a)vger.kernel.org Fixes: 803b1c8a0cea ("usb: typec: tcpm: not sink vbus if operational current is 0mA") Signed-off-by: Badhri Jagan Sridharan <badhri(a)google.com> --- Changes since v2: * Fix the "Fixes" tag * Refactor code based on Guenter Roeck's suggestion. Changes since v1: * Fix commit title and description to address comments from Guenter Roeck --- drivers/usb/typec/tcpm/tcpm.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/usb/typec/tcpm/tcpm.c b/drivers/usb/typec/tcpm/tcpm.c index 058d5b853b57..afc791ab6d4f 100644 --- a/drivers/usb/typec/tcpm/tcpm.c +++ b/drivers/usb/typec/tcpm/tcpm.c @@ -4273,7 +4273,8 @@ static void run_state_machine(struct tcpm_port *port) current_lim = PD_P_SNK_STDBY_MW / 5; tcpm_set_current_limit(port, current_lim, 5000); /* Not sink vbus if operational current is 0mA */ - tcpm_set_charge(port, !!pdo_max_current(port->snk_pdo[0])); + tcpm_set_charge(port, !port->pd_supported || + pdo_max_current(port->snk_pdo[0])); if (!port->pd_supported) tcpm_set_state(port, SNK_READY, 0); base-commit: c70793fb7632a153862ee9060e6d48131469a29c -- 2.42.0.820.g83a721a137-goog

1 year, 7 months

4
3
0 0

Intermittent storage (dm-crypt?) freeze - regression 6.4->6.5

by Marek Marczykowski-Górecki

Hi, Since updating from 6.4.13 to 6.5.5 occasionally I hit a storage subsystem freeze - any I/O ends up frozen. I'm not sure what exactly triggers the issue, but often it happens when doing some LVM operations (lvremove, lvrename etc) on a dm-thin volume together with bulk data copy to/from another LVM thin volume with ext4 fs. The storage stack I use is: nvme -> dm-crypt (LUKS) -> dm-thin (LVM thin pool) -> ext4 And this whole thing running in a (PV) dom0 under Xen, on Qubes OS 4.2 to be specific. I can reproduce the issue on at least 3 different machines. I did tried also 6.5.6 and the issue is still there. I haven't checked newer versions, but briefly reviewed git log and haven't found anything suggesting a fix to similar issue. I managed to bisect it down to this commit: commit 5054e778fcd9cd29ddaa8109077cd235527e4f94 Author: Mikulas Patocka <mpatocka(a)redhat.com> Date: Mon May 1 09:19:17 2023 -0400 dm crypt: allocate compound pages if possible It was reported that allocating pages for the write buffer in dm-crypt causes measurable overhead [1]. Change dm-crypt to allocate compound pages if they are available. If not, fall back to the mempool. [1] https://listman.redhat.com/archives/dm-devel/2023-February/053284.html Suggested-by: Matthew Wilcox <willy(a)infradead.org> Signed-off-by: Mikulas Patocka <mpatocka(a)redhat.com> Signed-off-by: Mike Snitzer <snitzer(a)kernel.org> TBH, I'm not sure if the bug is in this commit, or maybe in some functions it uses (I don't see dm-crypt functions directly involved in the stack traces I collected). But reverting this commit on top of 6.5.6 seems to fix the issue. I tried also CONFIG_PROVE_LOCKING, but it didn't show any issue. I managed to collect "blocked tasks" dump via sysrq below. Few more can be found at https://github.com/QubesOS/qubes-issues/issues/8575 [ 4246.558313] sysrq: Show Blocked State [ 4246.558388] task:journal-offline state:D stack:0 pid:8098 ppid:1 flags:0x00000002 [ 4246.558407] Call Trace: [ 4246.558414] <TASK> [ 4246.558422] __schedule+0x23d/0x670 [ 4246.558440] schedule+0x5e/0xd0 [ 4246.558450] io_schedule+0x46/0x70 [ 4246.558461] folio_wait_bit_common+0x13d/0x350 [ 4246.558475] ? __pfx_wake_page_function+0x10/0x10 [ 4246.558488] folio_wait_writeback+0x2c/0x90 [ 4246.558498] mpage_prepare_extent_to_map+0x15c/0x4d0 [ 4246.558512] ext4_do_writepages+0x25f/0x770 [ 4246.558523] ext4_writepages+0xad/0x180 [ 4246.558533] do_writepages+0xcf/0x1e0 [ 4246.558543] ? __seccomp_filter+0x32a/0x4f0 [ 4246.558554] filemap_fdatawrite_wbc+0x63/0x90 [ 4246.558567] __filemap_fdatawrite_range+0x5c/0x80 [ 4246.558578] file_write_and_wait_range+0x4a/0xb0 [ 4246.558588] ext4_sync_file+0x88/0x380 [ 4246.558598] __x64_sys_fsync+0x3b/0x70 [ 4246.558609] do_syscall_64+0x5c/0x90 [ 4246.558621] ? exit_to_user_mode_prepare+0xb2/0xd0 [ 4246.558632] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 4246.558644] RIP: 0033:0x7710cf124d0a [ 4246.558654] RSP: 002b:00007710ccdfda40 EFLAGS: 00000293 ORIG_RAX: 000000000000004a [ 4246.558668] RAX: ffffffffffffffda RBX: 000064bb92f67e60 RCX: 00007710cf124d0a [ 4246.558679] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000028 [ 4246.558691] RBP: 000064bb92f72670 R08: 0000000000000000 R09: 00007710ccdfe6c0 [ 4246.558702] R10: 00007710cf0adfee R11: 0000000000000293 R12: 000064bb92505940 [ 4246.558713] R13: 0000000000000002 R14: 00007ffc05649500 R15: 00007710cc5fe000 [ 4246.558728] </TASK> [ 4246.558836] task:lvm state:D stack:0 pid:7835 ppid:5665 flags:0x00004006 [ 4246.558852] Call Trace: [ 4246.558857] <TASK> [ 4246.558863] __schedule+0x23d/0x670 [ 4246.558874] schedule+0x5e/0xd0 [ 4246.558884] io_schedule+0x46/0x70 [ 4246.558894] dm_wait_for_bios_completion+0xfc/0x110 [ 4246.558909] ? __pfx_autoremove_wake_function+0x10/0x10 [ 4246.558922] __dm_suspend+0x7e/0x1b0 [ 4246.558932] dm_internal_suspend_noflush+0x5c/0x80 [ 4246.558946] pool_presuspend+0xcc/0x130 [dm_thin_pool] [ 4246.558968] dm_table_presuspend_targets+0x3f/0x60 [ 4246.558980] __dm_suspend+0x41/0x1b0 [ 4246.558991] dm_suspend+0xc0/0xe0 [ 4246.559001] dev_suspend+0xa5/0xd0 [ 4246.559011] ctl_ioctl+0x26e/0x350 [ 4246.559020] ? __pfx_dev_suspend+0x10/0x10 [ 4246.559032] dm_ctl_ioctl+0xe/0x20 [ 4246.559041] __x64_sys_ioctl+0x94/0xd0 [ 4246.559052] do_syscall_64+0x5c/0x90 [ 4246.559062] ? do_syscall_64+0x6b/0x90 [ 4246.559072] ? do_syscall_64+0x6b/0x90 [ 4246.559081] ? xen_pv_evtchn_do_upcall+0x54/0xb0 [ 4246.559093] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 4246.559104] RIP: 0033:0x7f1cb77cfe0f [ 4246.559112] RSP: 002b:00007fff870f2560 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 4246.559141] RAX: ffffffffffffffda RBX: 00005b8d13c16580 RCX: 00007f1cb77cfe0f [ 4246.559152] RDX: 00005b8d144a2180 RSI: 00000000c138fd06 RDI: 0000000000000003 [ 4246.559164] RBP: 00005b8d144a2180 R08: 00005b8d132b1190 R09: 00007fff870f2420 [ 4246.559175] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c [ 4246.559186] R13: 00005b8d132aacf0 R14: 00005b8d1324414d R15: 00005b8d144a21b0 [ 4246.559199] </TASK> [ 4246.559207] task:kworker/u8:3 state:D stack:0 pid:8033 ppid:2 flags:0x00004000 [ 4246.559222] Workqueue: writeback wb_workfn (flush-253:4) [ 4246.559238] Call Trace: [ 4246.559244] <TASK> [ 4246.559249] __schedule+0x23d/0x670 [ 4246.559260] schedule+0x5e/0xd0 [ 4246.559270] io_schedule+0x46/0x70 [ 4246.559280] folio_wait_bit_common+0x13d/0x350 [ 4246.559290] ? __pfx_wake_page_function+0x10/0x10 [ 4246.559302] mpage_prepare_extent_to_map+0x309/0x4d0 [ 4246.559314] ext4_do_writepages+0x25f/0x770 [ 4246.559324] ext4_writepages+0xad/0x180 [ 4246.559334] do_writepages+0xcf/0x1e0 [ 4246.559344] ? find_busiest_group+0x42/0x1a0 [ 4246.559354] __writeback_single_inode+0x3d/0x280 [ 4246.559368] writeback_sb_inodes+0x1ed/0x4a0 [ 4246.559381] __writeback_inodes_wb+0x4c/0xf0 [ 4246.559393] wb_writeback+0x298/0x310 [ 4246.559403] wb_do_writeback+0x230/0x2b0 [ 4246.559414] wb_workfn+0x5f/0x260 [ 4246.559424] ? _raw_spin_unlock+0xe/0x30 [ 4246.559434] ? finish_task_switch.isra.0+0x95/0x2b0 [ 4246.559447] ? __schedule+0x245/0x670 [ 4246.559457] process_one_work+0x1df/0x3e0 [ 4246.559466] worker_thread+0x51/0x390 [ 4246.559475] ? __pfx_worker_thread+0x10/0x10 [ 4246.559484] kthread+0xe5/0x120 [ 4246.559495] ? __pfx_kthread+0x10/0x10 [ 4246.559504] ret_from_fork+0x31/0x50 [ 4246.559514] ? __pfx_kthread+0x10/0x10 [ 4246.559523] ret_from_fork_asm+0x1b/0x30 [ 4246.559536] </TASK> -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab

1 year, 7 months

15
61
0 0

[PATCH v2] LoongArch: Mark __percpu functions as always inline

by Nathan Chancellor

A recent change to the optimization pipeline in LLVM reveals some fragility around the inlining of LoongArch's __percpu functions, which manifests as a BUILD_BUG() failure: In file included from kernel/sched/build_policy.c:17: In file included from include/linux/sched/cputime.h:5: In file included from include/linux/sched/signal.h:5: In file included from include/linux/rculist.h:11: In file included from include/linux/rcupdate.h:26: In file included from include/linux/irqflags.h:18: arch/loongarch/include/asm/percpu.h:97:3: error: call to '__compiletime_assert_51' declared with 'error' attribute: BUILD_BUG failed 97 | BUILD_BUG(); | ^ include/linux/build_bug.h:59:21: note: expanded from macro 'BUILD_BUG' 59 | #define BUILD_BUG() BUILD_BUG_ON_MSG(1, "BUILD_BUG failed") | ^ include/linux/build_bug.h:39:37: note: expanded from macro 'BUILD_BUG_ON_MSG' 39 | #define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg) | ^ include/linux/compiler_types.h:425:2: note: expanded from macro 'compiletime_assert' 425 | _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__) | ^ include/linux/compiler_types.h:413:2: note: expanded from macro '_compiletime_assert' 413 | __compiletime_assert(condition, msg, prefix, suffix) | ^ include/linux/compiler_types.h:406:4: note: expanded from macro '__compiletime_assert' 406 | prefix ## suffix(); \ | ^ <scratch space>:86:1: note: expanded from here 86 | __compiletime_assert_51 | ^ 1 error generated. If these functions are not inlined (which the compiler is free to do even with functions marked with the standard 'inline' keyword), the BUILD_BUG() in the default case cannot be eliminated since the compiler cannot prove it is never used, resulting in a build failure due to the error attribute. Mark these functions as __always_inline to guarantee inlining so that the BUILD_BUG() only triggers when the default case genuinely cannot be eliminated due to an unexpected size. Cc: <stable(a)vger.kernel.org> Closes: https://github.com/ClangBuiltLinux/linux/issues/1955 Fixes: 46859ac8af52 ("LoongArch: Add multi-processor (SMP) support") Link: https://github.com/llvm/llvm-project/commit/1a2e77cf9e11dbf56b5720c607313a5… Suggested-by: Nick Desaulniers <ndesaulniers(a)google.com> Signed-off-by: Nathan Chancellor <nathan(a)kernel.org> --- Changes in v2: - Change 'inline' to __always_inline for all functions that contain BUILD_BUG() (Huacai) - Notate that 'inline' does not guarantee inlining in the commit message to further clarify the change to __always_inline. - Link to v1: https://lore.kernel.org/r/20231101-loongarch-always-inline-percpu-ops-v1-1-… --- arch/loongarch/include/asm/percpu.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/arch/loongarch/include/asm/percpu.h b/arch/loongarch/include/asm/percpu.h index b9f567e66016..313852fba845 100644 --- a/arch/loongarch/include/asm/percpu.h +++ b/arch/loongarch/include/asm/percpu.h @@ -32,7 +32,7 @@ static inline void set_my_cpu_offset(unsigned long off) #define __my_cpu_offset __my_cpu_offset #define PERCPU_OP(op, asm_op, c_op) \ -static inline unsigned long __percpu_##op(void *ptr, \ +static __always_inline unsigned long __percpu_##op(void *ptr, \ unsigned long val, int size) \ { \ unsigned long ret; \ @@ -63,7 +63,7 @@ PERCPU_OP(and, and, &) PERCPU_OP(or, or, |) #undef PERCPU_OP -static inline unsigned long __percpu_read(void *ptr, int size) +static __always_inline unsigned long __percpu_read(void *ptr, int size) { unsigned long ret; @@ -100,7 +100,8 @@ static inline unsigned long __percpu_read(void *ptr, int size) return ret; } -static inline void __percpu_write(void *ptr, unsigned long val, int size) +static __always_inline void __percpu_write(void *ptr, unsigned long val, + int size) { switch (size) { case 1: @@ -132,8 +133,8 @@ static inline void __percpu_write(void *ptr, unsigned long val, int size) } } -static inline unsigned long __percpu_xchg(void *ptr, unsigned long val, - int size) +static __always_inline unsigned long __percpu_xchg(void *ptr, unsigned long val, + int size) { switch (size) { case 1: --- base-commit: 278be83601dd1725d4732241f066d528e160a39d change-id: 20231101-loongarch-always-inline-percpu-ops-cf77c161871f Best regards, -- Nathan Chancellor <nathan(a)kernel.org>

1 year, 7 months

2
1
0 0

[RESEND PATCH v2 0/3] Fix use-after-free bug in mtk_jpeg_dec_device_run and fix schedule error in mtk_jpegdec_worker

by Zheng Wang

Hello, This v2 series fixes the use-after-free bug in mtk_jpeg_dec_device_run. This patch fixes the security bug in chrome-os. It inclues reverting the incomplete fix before and make the right fix. Also,it fixes the error of timeout-worker-schedule in multiple-core devices. 1. Remove cancel worker in mtk_jpeg_remove for the worker is only registered in single-core device but we try to cacnel it in both single-core and multiple-core devices. 2. Fix use-after-free bug by delay the schedule_delayed_work only if mtk_jpeg_set_dec_dst runs successfully. 3. Delay the schedule_delayed_work in mtk_jpegdec_worker as it has same code logic in mtk_jpeg_dec_device_run. version 2 changes -put the patches into on series suggested by Dmitry Zheng Wang (3): media: mtk-jpeg: Remove cancel worker in mtk_jpeg_remove to avoid the crash of multi-core JPEG devices media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run media: mtk-jpeg: Fix timeout schedule error in mtk_jpegdec_worker. .../media/platform/mediatek/jpeg/mtk_jpeg_core.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) -- 2.25.1

1 year, 7 months

4
6
0 0

[PATCH] r8169: fix ASPM-related issues on a number of systems with NIC version from RTL8168h

by Li Ma

From: Heiner Kallweit <hkallweit1(a)gmail.com> [Backport: commit 90ca51e8c654699b672ba61aeaa418dfb3252e5e] This backport to avoid the bug caused by r8169. This effectively reverts 4b5f82f6aaef. On a number of systems ASPM L1 causes tx timeouts with RTL8168h, see referenced bug report. Fixes: 4b5f82f6aaef ("r8169: enable ASPM L1/L1.1 from RTL8168h") Cc: stable(a)vger.kernel.org Closes: https://bugzilla.kernel.org/show_bug.cgi?id=217814 Signed-off-by: Heiner Kallweit <hkallweit1(a)gmail.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> --- drivers/net/ethernet/realtek/r8169_main.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index 45147a1016be..27efd07f09ef 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -5224,13 +5224,9 @@ static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) /* Disable ASPM L1 as that cause random device stop working * problems as well as full system hangs for some PCIe devices users. - * Chips from RTL8168h partially have issues with L1.2, but seem - * to work fine with L1 and L1.1. */ if (rtl_aspm_is_safe(tp)) rc = 0; - else if (tp->mac_version >= RTL_GIGA_MAC_VER_46) - rc = pci_disable_link_state(pdev, PCIE_LINK_STATE_L1_2); else rc = pci_disable_link_state(pdev, PCIE_LINK_STATE_L1); tp->aspm_manageable = !rc; -- 2.25.1

1 year, 7 months

3
2
0 0

[PATCH AUTOSEL 4.14 1/2] tty: vcc: Add check for kstrdup() in vcc_probe()

by Sasha Levin

From: Yi Yang <yiyang13(a)huawei.com> [ Upstream commit d81ffb87aaa75f842cd7aa57091810353755b3e6 ] Add check for the return value of kstrdup() and return the error, if it fails in order to avoid NULL pointer dereference. Signed-off-by: Yi Yang <yiyang13(a)huawei.com> Reviewed-by: Jiri Slaby <jirislaby(a)kernel.org> Link: https://lore.kernel.org/r/20230904035220.48164-1-yiyang13@huawei.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/tty/vcc.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/drivers/tty/vcc.c b/drivers/tty/vcc.c index 4e795353192bc..67f528cf1056d 100644 --- a/drivers/tty/vcc.c +++ b/drivers/tty/vcc.c @@ -594,18 +594,22 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) return -ENOMEM; name = kstrdup(dev_name(&vdev->dev), GFP_KERNEL); + if (!name) { + rv = -ENOMEM; + goto free_port; + } rv = vio_driver_init(&port->vio, vdev, VDEV_CONSOLE_CON, vcc_versions, ARRAY_SIZE(vcc_versions), NULL, name); if (rv) - goto free_port; + goto free_name; port->vio.debug = vcc_dbg_vio; vcc_ldc_cfg.debug = vcc_dbg_ldc; rv = vio_ldc_alloc(&port->vio, &vcc_ldc_cfg, port); if (rv) - goto free_port; + goto free_name; spin_lock_init(&port->lock); @@ -639,6 +643,11 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) goto unreg_tty; } port->domain = kstrdup(domain, GFP_KERNEL); + if (!port->domain) { + rv = -ENOMEM; + goto unreg_tty; + } + mdesc_release(hp); @@ -673,8 +682,9 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) vcc_table_remove(port->index); free_ldc: vio_ldc_free(&port->vio); -free_port: +free_name: kfree(name); +free_port: kfree(port); return rv; -- 2.42.0

1 year, 7 months

1
1
0 0

[PATCH AUTOSEL 4.19 1/3] tty: vcc: Add check for kstrdup() in vcc_probe()

by Sasha Levin

From: Yi Yang <yiyang13(a)huawei.com> [ Upstream commit d81ffb87aaa75f842cd7aa57091810353755b3e6 ] Add check for the return value of kstrdup() and return the error, if it fails in order to avoid NULL pointer dereference. Signed-off-by: Yi Yang <yiyang13(a)huawei.com> Reviewed-by: Jiri Slaby <jirislaby(a)kernel.org> Link: https://lore.kernel.org/r/20230904035220.48164-1-yiyang13@huawei.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/tty/vcc.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/drivers/tty/vcc.c b/drivers/tty/vcc.c index 10a832a2135e2..31ecba1133159 100644 --- a/drivers/tty/vcc.c +++ b/drivers/tty/vcc.c @@ -586,18 +586,22 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) return -ENOMEM; name = kstrdup(dev_name(&vdev->dev), GFP_KERNEL); + if (!name) { + rv = -ENOMEM; + goto free_port; + } rv = vio_driver_init(&port->vio, vdev, VDEV_CONSOLE_CON, vcc_versions, ARRAY_SIZE(vcc_versions), NULL, name); if (rv) - goto free_port; + goto free_name; port->vio.debug = vcc_dbg_vio; vcc_ldc_cfg.debug = vcc_dbg_ldc; rv = vio_ldc_alloc(&port->vio, &vcc_ldc_cfg, port); if (rv) - goto free_port; + goto free_name; spin_lock_init(&port->lock); @@ -631,6 +635,11 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) goto unreg_tty; } port->domain = kstrdup(domain, GFP_KERNEL); + if (!port->domain) { + rv = -ENOMEM; + goto unreg_tty; + } + mdesc_release(hp); @@ -660,8 +669,9 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) vcc_table_remove(port->index); free_ldc: vio_ldc_free(&port->vio); -free_port: +free_name: kfree(name); +free_port: kfree(port); return rv; -- 2.42.0

1 year, 7 months

1
2
0 0

[PATCH AUTOSEL 5.4 1/4] tty: vcc: Add check for kstrdup() in vcc_probe()

by Sasha Levin

From: Yi Yang <yiyang13(a)huawei.com> [ Upstream commit d81ffb87aaa75f842cd7aa57091810353755b3e6 ] Add check for the return value of kstrdup() and return the error, if it fails in order to avoid NULL pointer dereference. Signed-off-by: Yi Yang <yiyang13(a)huawei.com> Reviewed-by: Jiri Slaby <jirislaby(a)kernel.org> Link: https://lore.kernel.org/r/20230904035220.48164-1-yiyang13@huawei.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/tty/vcc.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/drivers/tty/vcc.c b/drivers/tty/vcc.c index 9ffd42e333b83..6b2d35ac6e3b3 100644 --- a/drivers/tty/vcc.c +++ b/drivers/tty/vcc.c @@ -587,18 +587,22 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) return -ENOMEM; name = kstrdup(dev_name(&vdev->dev), GFP_KERNEL); + if (!name) { + rv = -ENOMEM; + goto free_port; + } rv = vio_driver_init(&port->vio, vdev, VDEV_CONSOLE_CON, vcc_versions, ARRAY_SIZE(vcc_versions), NULL, name); if (rv) - goto free_port; + goto free_name; port->vio.debug = vcc_dbg_vio; vcc_ldc_cfg.debug = vcc_dbg_ldc; rv = vio_ldc_alloc(&port->vio, &vcc_ldc_cfg, port); if (rv) - goto free_port; + goto free_name; spin_lock_init(&port->lock); @@ -632,6 +636,11 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) goto unreg_tty; } port->domain = kstrdup(domain, GFP_KERNEL); + if (!port->domain) { + rv = -ENOMEM; + goto unreg_tty; + } + mdesc_release(hp); @@ -661,8 +670,9 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) vcc_table_remove(port->index); free_ldc: vio_ldc_free(&port->vio); -free_port: +free_name: kfree(name); +free_port: kfree(port); return rv; -- 2.42.0

1 year, 7 months

1
3
0 0

[PATCH AUTOSEL 5.10 1/5] tty: vcc: Add check for kstrdup() in vcc_probe()

by Sasha Levin

From: Yi Yang <yiyang13(a)huawei.com> [ Upstream commit d81ffb87aaa75f842cd7aa57091810353755b3e6 ] Add check for the return value of kstrdup() and return the error, if it fails in order to avoid NULL pointer dereference. Signed-off-by: Yi Yang <yiyang13(a)huawei.com> Reviewed-by: Jiri Slaby <jirislaby(a)kernel.org> Link: https://lore.kernel.org/r/20230904035220.48164-1-yiyang13@huawei.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/tty/vcc.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/drivers/tty/vcc.c b/drivers/tty/vcc.c index 9ffd42e333b83..6b2d35ac6e3b3 100644 --- a/drivers/tty/vcc.c +++ b/drivers/tty/vcc.c @@ -587,18 +587,22 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) return -ENOMEM; name = kstrdup(dev_name(&vdev->dev), GFP_KERNEL); + if (!name) { + rv = -ENOMEM; + goto free_port; + } rv = vio_driver_init(&port->vio, vdev, VDEV_CONSOLE_CON, vcc_versions, ARRAY_SIZE(vcc_versions), NULL, name); if (rv) - goto free_port; + goto free_name; port->vio.debug = vcc_dbg_vio; vcc_ldc_cfg.debug = vcc_dbg_ldc; rv = vio_ldc_alloc(&port->vio, &vcc_ldc_cfg, port); if (rv) - goto free_port; + goto free_name; spin_lock_init(&port->lock); @@ -632,6 +636,11 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) goto unreg_tty; } port->domain = kstrdup(domain, GFP_KERNEL); + if (!port->domain) { + rv = -ENOMEM; + goto unreg_tty; + } + mdesc_release(hp); @@ -661,8 +670,9 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) vcc_table_remove(port->index); free_ldc: vio_ldc_free(&port->vio); -free_port: +free_name: kfree(name); +free_port: kfree(port); return rv; -- 2.42.0

1 year, 7 months

1
4
0 0

[PATCH AUTOSEL 5.15 1/6] tty: vcc: Add check for kstrdup() in vcc_probe()

by Sasha Levin

From: Yi Yang <yiyang13(a)huawei.com> [ Upstream commit d81ffb87aaa75f842cd7aa57091810353755b3e6 ] Add check for the return value of kstrdup() and return the error, if it fails in order to avoid NULL pointer dereference. Signed-off-by: Yi Yang <yiyang13(a)huawei.com> Reviewed-by: Jiri Slaby <jirislaby(a)kernel.org> Link: https://lore.kernel.org/r/20230904035220.48164-1-yiyang13@huawei.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/tty/vcc.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/drivers/tty/vcc.c b/drivers/tty/vcc.c index e11383ae1e7e3..71356d9684bac 100644 --- a/drivers/tty/vcc.c +++ b/drivers/tty/vcc.c @@ -578,18 +578,22 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) return -ENOMEM; name = kstrdup(dev_name(&vdev->dev), GFP_KERNEL); + if (!name) { + rv = -ENOMEM; + goto free_port; + } rv = vio_driver_init(&port->vio, vdev, VDEV_CONSOLE_CON, vcc_versions, ARRAY_SIZE(vcc_versions), NULL, name); if (rv) - goto free_port; + goto free_name; port->vio.debug = vcc_dbg_vio; vcc_ldc_cfg.debug = vcc_dbg_ldc; rv = vio_ldc_alloc(&port->vio, &vcc_ldc_cfg, port); if (rv) - goto free_port; + goto free_name; spin_lock_init(&port->lock); @@ -623,6 +627,11 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) goto unreg_tty; } port->domain = kstrdup(domain, GFP_KERNEL); + if (!port->domain) { + rv = -ENOMEM; + goto unreg_tty; + } + mdesc_release(hp); @@ -652,8 +661,9 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) vcc_table_remove(port->index); free_ldc: vio_ldc_free(&port->vio); -free_port: +free_name: kfree(name); +free_port: kfree(port); return rv; -- 2.42.0

1 year, 7 months

1
5
0 0

[PATCH AUTOSEL 6.1 01/11] iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()

by Sasha Levin

From: Zhang Shurong <zhang_shurong(a)foxmail.com> [ Upstream commit 3a23b384e7e3d64d5587ad10729a34d4f761517e ] of_match_device() may fail and returns a NULL pointer. In practice there is no known reasonable way to trigger this, but in case one is added in future, harden the code by adding the check Signed-off-by: Zhang Shurong <zhang_shurong(a)foxmail.com> Link: https://lore.kernel.org/r/tencent_994DA85912C937E3B5405BA960B31ED90A08@qq.c… Signed-off-by: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/iio/adc/stm32-adc-core.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/drivers/iio/adc/stm32-adc-core.c b/drivers/iio/adc/stm32-adc-core.c index 81d5db91c67bf..dee47b899e5df 100644 --- a/drivers/iio/adc/stm32-adc-core.c +++ b/drivers/iio/adc/stm32-adc-core.c @@ -695,6 +695,8 @@ static int stm32_adc_probe(struct platform_device *pdev) struct stm32_adc_priv *priv; struct device *dev = &pdev->dev; struct device_node *np = pdev->dev.of_node; + const struct of_device_id *of_id; + struct resource *res; u32 max_rate; int ret; @@ -707,8 +709,11 @@ static int stm32_adc_probe(struct platform_device *pdev) return -ENOMEM; platform_set_drvdata(pdev, &priv->common); - priv->cfg = (const struct stm32_adc_priv_cfg *) - of_match_device(dev->driver->of_match_table, dev)->data; + of_id = of_match_device(dev->driver->of_match_table, dev); + if (!of_id) + return -ENODEV; + + priv->cfg = (const struct stm32_adc_priv_cfg *)of_id->data; priv->nb_adc_max = priv->cfg->num_adcs; spin_lock_init(&priv->common.lock); -- 2.42.0

1 year, 7 months

1
10
0 0

[PATCH AUTOSEL 6.5 01/18] iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()

by Sasha Levin

From: Zhang Shurong <zhang_shurong(a)foxmail.com> [ Upstream commit 3a23b384e7e3d64d5587ad10729a34d4f761517e ] of_match_device() may fail and returns a NULL pointer. In practice there is no known reasonable way to trigger this, but in case one is added in future, harden the code by adding the check Signed-off-by: Zhang Shurong <zhang_shurong(a)foxmail.com> Link: https://lore.kernel.org/r/tencent_994DA85912C937E3B5405BA960B31ED90A08@qq.c… Signed-off-by: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/iio/adc/stm32-adc-core.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/drivers/iio/adc/stm32-adc-core.c b/drivers/iio/adc/stm32-adc-core.c index 48f02dcc81c1b..70011fdbf5f63 100644 --- a/drivers/iio/adc/stm32-adc-core.c +++ b/drivers/iio/adc/stm32-adc-core.c @@ -706,6 +706,8 @@ static int stm32_adc_probe(struct platform_device *pdev) struct stm32_adc_priv *priv; struct device *dev = &pdev->dev; struct device_node *np = pdev->dev.of_node; + const struct of_device_id *of_id; + struct resource *res; u32 max_rate; int ret; @@ -718,8 +720,11 @@ static int stm32_adc_probe(struct platform_device *pdev) return -ENOMEM; platform_set_drvdata(pdev, &priv->common); - priv->cfg = (const struct stm32_adc_priv_cfg *) - of_match_device(dev->driver->of_match_table, dev)->data; + of_id = of_match_device(dev->driver->of_match_table, dev); + if (!of_id) + return -ENODEV; + + priv->cfg = (const struct stm32_adc_priv_cfg *)of_id->data; priv->nb_adc_max = priv->cfg->num_adcs; spin_lock_init(&priv->common.lock); -- 2.42.0

1 year, 7 months

1
17
0 0

[PATCH AUTOSEL 6.6 01/18] iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()

by Sasha Levin

From: Zhang Shurong <zhang_shurong(a)foxmail.com> [ Upstream commit 3a23b384e7e3d64d5587ad10729a34d4f761517e ] of_match_device() may fail and returns a NULL pointer. In practice there is no known reasonable way to trigger this, but in case one is added in future, harden the code by adding the check Signed-off-by: Zhang Shurong <zhang_shurong(a)foxmail.com> Link: https://lore.kernel.org/r/tencent_994DA85912C937E3B5405BA960B31ED90A08@qq.c… Signed-off-by: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/iio/adc/stm32-adc-core.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/drivers/iio/adc/stm32-adc-core.c b/drivers/iio/adc/stm32-adc-core.c index 2f082006550fd..bbd5bdd732f01 100644 --- a/drivers/iio/adc/stm32-adc-core.c +++ b/drivers/iio/adc/stm32-adc-core.c @@ -708,6 +708,8 @@ static int stm32_adc_probe(struct platform_device *pdev) struct stm32_adc_priv *priv; struct device *dev = &pdev->dev; struct device_node *np = pdev->dev.of_node; + const struct of_device_id *of_id; + struct resource *res; u32 max_rate; int ret; @@ -720,8 +722,11 @@ static int stm32_adc_probe(struct platform_device *pdev) return -ENOMEM; platform_set_drvdata(pdev, &priv->common); - priv->cfg = (const struct stm32_adc_priv_cfg *) - of_match_device(dev->driver->of_match_table, dev)->data; + of_id = of_match_device(dev->driver->of_match_table, dev); + if (!of_id) + return -ENODEV; + + priv->cfg = (const struct stm32_adc_priv_cfg *)of_id->data; priv->nb_adc_max = priv->cfg->num_adcs; spin_lock_init(&priv->common.lock); -- 2.42.0

1 year, 7 months

1
17
0 0

[PATCH net v2] net: phylink: initialize carrier state at creation

by Klaus Kudielka

Background: Turris Omnia (Armada 385); eth2 (mvneta) connected to SFP bus; SFP module is present, but no fiber connected, so definitely no carrier. After booting, eth2 is down, but netdev LED trigger surprisingly reports link active. Then, after "ip link set eth2 up", the link indicator goes away - as I would have expected it from the beginning. It turns out, that the default carrier state after netdev creation is "carrier ok". Some ethernet drivers explicitly call netif_carrier_off during probing, others (like mvneta) don't - which explains the current behaviour: only when the device is brought up, phylink_start calls netif_carrier_off. Fix this for all drivers using phylink, by calling netif_carrier_off in phylink_create. Fixes: 089381b27abe ("leds: initial support for Turris Omnia LEDs") Cc: stable(a)vger.kernel.org Suggested-by: Andrew Lunn <andrew(a)lunn.ch> Signed-off-by: Klaus Kudielka <klaus.kudielka(a)gmail.com> Reviewed-by: Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> Reviewed-by: Andrew Lunn <andrew(a)lunn.ch> --- v2: clarified fixed drivers; added fixes tag & cc stable drivers/net/phy/phylink.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/net/phy/phylink.c b/drivers/net/phy/phylink.c index 6712883498..a28da80bde 100644 --- a/drivers/net/phy/phylink.c +++ b/drivers/net/phy/phylink.c @@ -1616,6 +1616,7 @@ struct phylink *phylink_create(struct phylink_config *config, pl->config = config; if (config->type == PHYLINK_NETDEV) { pl->netdev = to_net_dev(config->dev); + netif_carrier_off(pl->netdev); } else if (config->type == PHYLINK_DEV) { pl->dev = config->dev; } else { -- 2.42.0

1 year, 7 months

2
1
0 0

[PATCH net,v3, 1/2] hv_netvsc: Fix race of netvsc and VF register_netdevice

by Haiyang Zhang

The rtnl lock also needs to be held before rndis_filter_device_add() which advertises nvsp_2_vsc_capability / sriov bit, and triggers VF NIC offering and registering. If VF NIC finished register_netdev() earlier it may cause name based config failure. To fix this issue, move the call to rtnl_lock() before rndis_filter_device_add(), so VF will be registered later than netvsc / synthetic NIC, and gets a name numbered (ethX) after netvsc. Cc: stable(a)vger.kernel.org Fixes: e04e7a7bbd4b ("hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe()") Signed-off-by: Haiyang Zhang <haiyangz(a)microsoft.com> Reviewed-by: Wojciech Drewek <wojciech.drewek(a)intel.com> --- v3: Divide it into two patches, suggested by Jakub Kicinski. v2: Fix rtnl_unlock() in error handling as found by Wojciech Drewek. --- drivers/net/hyperv/netvsc_drv.c | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/drivers/net/hyperv/netvsc_drv.c b/drivers/net/hyperv/netvsc_drv.c index 3ba3c8fb28a5..5e528a76f5f5 100644 --- a/drivers/net/hyperv/netvsc_drv.c +++ b/drivers/net/hyperv/netvsc_drv.c @@ -2531,15 +2531,6 @@ static int netvsc_probe(struct hv_device *dev, goto devinfo_failed; } - nvdev = rndis_filter_device_add(dev, device_info); - if (IS_ERR(nvdev)) { - ret = PTR_ERR(nvdev); - netdev_err(net, "unable to add netvsc device (ret %d)\n", ret); - goto rndis_failed; - } - - eth_hw_addr_set(net, device_info->mac_adr); - /* We must get rtnl lock before scheduling nvdev->subchan_work, * otherwise netvsc_subchan_work() can get rtnl lock first and wait * all subchannels to show up, but that may not happen because @@ -2547,9 +2538,23 @@ static int netvsc_probe(struct hv_device *dev, * -> ... -> device_add() -> ... -> __device_attach() can't get * the device lock, so all the subchannels can't be processed -- * finally netvsc_subchan_work() hangs forever. + * + * The rtnl lock also needs to be held before rndis_filter_device_add() + * which advertises nvsp_2_vsc_capability / sriov bit, and triggers + * VF NIC offering and registering. If VF NIC finished register_netdev() + * earlier it may cause name based config failure. */ rtnl_lock(); + nvdev = rndis_filter_device_add(dev, device_info); + if (IS_ERR(nvdev)) { + ret = PTR_ERR(nvdev); + netdev_err(net, "unable to add netvsc device (ret %d)\n", ret); + goto rndis_failed; + } + + eth_hw_addr_set(net, device_info->mac_adr); + if (nvdev->num_chn > 1) schedule_work(&nvdev->subchan_work); @@ -2586,9 +2591,9 @@ static int netvsc_probe(struct hv_device *dev, return 0; register_failed: - rtnl_unlock(); rndis_filter_device_remove(dev, nvdev); rndis_failed: + rtnl_unlock(); netvsc_devinfo_put(device_info); devinfo_failed: free_percpu(net_device_ctx->vf_stats); -- 2.25.1

1 year, 7 months

1
0
0 0

[PATCH 5.10 00/95] 5.10.200-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.10.200 release. There are 95 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Nov 2023 13:02:46 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.200-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.10.200-rc1 Mark Hasemeyer <markhas(a)chromium.org> ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IS-100 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Brainboxes UP cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes UC cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Remove UC-257 and UC-431 Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: properly handle interrupted requests LihaSika <lihasika(a)gmail.com> usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Vicki Pfau <vi(a)endrift.com> PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Lukas Magel <lukas.magel(a)posteo.net> can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: isotp_bind(): do not validate unused address information Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: add local echo tx processing and tx without FC Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: handle wait_event_interruptible() return values Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: check CAN address family in isotp_bind() Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: set max PDU size to 64 kByte Patrick Menschel <menschel.p(a)posteo.de> can: isotp: Add error message if txqueuelen is too small Patrick Menschel <menschel.p(a)posteo.de> can: isotp: add symbolic error message to isotp_module_init() Patrick Menschel <menschel.p(a)posteo.de> can: isotp: change error format from decimal to symbolic error names Ian Rogers <irogers(a)google.com> perf evlist: Avoid frequency mode for the dummy event Namhyung Kim <namhyung(a)kernel.org> perf tools: Get rid of evlist__add_on_all_cpus() Adrian Hunter <adrian.hunter(a)intel.com> perf evlist: Add evlist__add_dummy_on_all_cpus() Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mm: Fix boot crash with FLATMEM Su Hui <suhui(a)nfschina.com> net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Liming Sun <limings(a)nvidia.com> platform/mellanox: mlxbf-tmfifo: Fix a warning message Tomas Henzl <thenzl(a)redhat.com> scsi: mpt3sas: Fix in error path Jorge Maidana <jorgem.linux(a)gmail.com> fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Shuming Fan <shumingf(a)realtek.com> ASoC: rt5650: fix the wrong result of key button Florian Westphal <fw(a)strlen.de> netfilter: nfnetlink_log: silence bogus compiler warning William A. Kennington III <william(a)wkennington.com> spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 Arnd Bergmann <arnd(a)arndb.de> fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Zhang Shurong <zhang_shurong(a)foxmail.com> dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe Ben Wolsieffer <ben.wolsieffer(a)hefring.com> irqchip/stm32-exti: add missing DT IRQ flag translation Anup Patel <apatel(a)ventanamicro.com> irqchip/riscv-intc: Mark all INTC nodes as initialized Gustavo A. R. Silva <gustavoars(a)kernel.org> net: sched: cls_u32: Fix allocation size in u32_init() Juergen Gross <jgross(a)suse.com> x86: Fix .brk attribute in linker script Hangyu Hua <hbh25y(a)gmail.com> rpmsg: Fix possible refcount leak in rpmsg_register_device_override() Bjorn Andersson <quic_bjorande(a)quicinc.com> rpmsg: glink: Release driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix calling device_lock() on non-initialized device Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix kfree() of static memory on setting driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Constify local variable in field store macro Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> driver: platform: Add helper for safer setting of driver_override John Sperbeck <jsperbeck(a)google.com> objtool/x86: add missing embedded_insn check Baokun Li <libaokun1(a)huawei.com> ext4: avoid overlapping preallocations due to overflow Baokun Li <libaokun1(a)huawei.com> ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow Baokun Li <libaokun1(a)huawei.com> ext4: add two helper functions extent_logical_end() and pa_logical_end() Josh Poimboeuf <jpoimboe(a)kernel.org> x86/mm: Fix RESERVE_BRK() for older binutils Josh Poimboeuf <jpoimboe(a)redhat.com> x86/mm: Simplify RESERVE_BRK() Chao Yu <chao(a)kernel.org> f2fs: fix to do sanity check on inode type during garbage collection Steve French <stfrench(a)microsoft.com> smbdirect: missing rc checks while waiting for rdma events Wang Hai <wanghai38(a)huawei.com> kobject: Fix slab-out-of-bounds in fill_kobj_path() Thomas Gleixner <tglx(a)linutronix.de> x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility Robert Hancock <robert.hancock(a)calian.com> iio: adc: xilinx-xadc: Don't clobber preset voltage/temperature thresholds Bartosz Golaszewski <bgolaszewski(a)baylibre.com> iio: adc: xilinx: use more devres helpers and remove remove() Bartosz Golaszewski <bgolaszewski(a)baylibre.com> iio: adc: xilinx: use devm_krealloc() instead of kfree() + kcalloc() Bartosz Golaszewski <bgolaszewski(a)baylibre.com> iio: adc: xilinx: use helper variable for &pdev->dev Alessandro Carminati <alessandro.carminati(a)gmail.com> clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name Al Viro <viro(a)zeniv.linux.org.uk> sparc32: fix a braino in fault handling in csum_and_copy_..._user() Peter Zijlstra <peterz(a)infradead.org> perf/core: Fix potential NULL deref Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6UL Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6SLL Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6ULL Ekansh Gupta <quic_ekangupt(a)quicinc.com> misc: fastrpc: Clean buffers on remote invocation failures Yujie Liu <yujie.liu(a)intel.com> tracing/kprobes: Fix the description of variable length arguments Jian Zhang <zhangjian.3032(a)bytedance.com> i2c: aspeed: Fix i2c bus hang in slave read Alain Volmat <alain.volmat(a)foss.st.com> i2c: stm32f7: Fix PEC handling in case of SMBUS transfers Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() Marek Szyprowski <m.szyprowski(a)samsung.com> iio: exynos-adc: request second interupt only when touchscreen mode is used Haibo Li <haibo.li(a)mediatek.com> kasan: print the original fault addr when access invalid shadow Ivan Vecera <ivecera(a)redhat.com> i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: fix fragmentation needed check with gso Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: uapi: fix GTPA_MAX Fred Chen <fred.chenchen03(a)gmail.com> tcp: fix wrong RTO timeout when received SACK reneging Douglas Anderson <dianders(a)chromium.org> r8152: Release firmware if we have an error in probe Douglas Anderson <dianders(a)chromium.org> r8152: Cancel hw_phy_work if we have an error in probe Douglas Anderson <dianders(a)chromium.org> r8152: Run the unload routine if we have errors during probe Douglas Anderson <dianders(a)chromium.org> r8152: Increase USB control msg timeout to 5000ms as per spec Shigeru Yoshida <syoshida(a)redhat.com> net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() Sasha Neftin <sasha.neftin(a)intel.com> igc: Fix ambiguity in the ethtool advertising Eric Dumazet <edumazet(a)google.com> neighbour: fix various data-races Mateusz Palczewski <mateusz.palczewski(a)intel.com> igb: Fix potential memory leak in igb_add_ethtool_nfc_entry Kunwu Chan <chentao(a)kylinos.cn> treewide: Spelling fix in comment Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 Lukasz Majczak <lma(a)semihalf.com> drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() Wolfram Sang <wsa+renesas(a)sang-engineering.com> mmc: renesas_sdhi: use custom mask for TMIO_MASK_ALL Kemeng Shi <shikemeng(a)huaweicloud.com> mm/page_alloc: correct start page when guard page debug is enabled Maximilian Heyne <mheyne(a)amazon.de> virtio-mmio: fix memory leak of vm_dev Gavin Shan <gshan(a)redhat.com> virtio_balloon: Fix endless deflation and inflation on arm64 Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb-lpc: Reallocate memory region to avoid memory overlapping Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb: Return actual parsed size when reading chameleon table Francis Laniel <flaniel(a)linux.microsoft.com> selftests/ftrace: Add new test case which checks non unique symbol ------------- Diffstat: Makefile | 4 +- arch/powerpc/kernel/setup-common.c | 2 + arch/powerpc/mm/mem.c | 1 - arch/sparc/lib/checksum_32.S | 2 +- arch/x86/include/asm/i8259.h | 2 + arch/x86/include/asm/setup.h | 46 +-- arch/x86/kernel/acpi/boot.c | 3 + arch/x86/kernel/i8259.c | 38 +- arch/x86/kernel/setup.c | 5 - arch/x86/kernel/vmlinux.lds.S | 2 +- drivers/base/driver.c | 69 ++++ drivers/base/platform.c | 28 +- drivers/clk/clk.c | 21 +- drivers/dma/ste_dma40.c | 1 + drivers/gpu/drm/drm_dp_mst_topology.c | 6 +- drivers/i2c/busses/i2c-aspeed.c | 3 +- drivers/i2c/busses/i2c-stm32f7.c | 9 +- drivers/i2c/muxes/i2c-demux-pinctrl.c | 2 +- drivers/i2c/muxes/i2c-mux-gpmux.c | 2 +- drivers/i2c/muxes/i2c-mux-pinctrl.c | 2 +- drivers/iio/adc/exynos_adc.c | 24 +- drivers/iio/adc/xilinx-xadc-core.c | 179 ++++----- drivers/input/mouse/synaptics.c | 1 + drivers/input/rmi4/rmi_smbus.c | 50 ++- drivers/irqchip/irq-riscv-intc.c | 10 +- drivers/irqchip/irq-stm32-exti.c | 1 + drivers/mcb/mcb-lpc.c | 35 +- drivers/mcb/mcb-parse.c | 15 +- drivers/misc/fastrpc.c | 10 +- drivers/mmc/host/renesas_sdhi_core.c | 3 +- drivers/mmc/host/tmio_mmc.h | 2 +- drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 + drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 +- drivers/net/ethernet/intel/igb/igb_ethtool.c | 6 +- drivers/net/ethernet/intel/igc/igc_ethtool.c | 35 +- drivers/net/ethernet/realtek/r8169_main.c | 4 +- drivers/net/ethernet/toshiba/ps3_gelic_wireless.c | 2 +- drivers/net/gtp.c | 5 +- drivers/net/ieee802154/adf7242.c | 5 +- drivers/net/usb/r8152.c | 11 +- drivers/net/usb/smsc95xx.c | 4 +- drivers/nvmem/imx-ocotp.c | 6 +- drivers/pci/quirks.c | 8 +- drivers/platform/mellanox/mlxbf-tmfifo.c | 21 +- drivers/rpmsg/qcom_glink_native.c | 2 + drivers/rpmsg/rpmsg_core.c | 37 +- drivers/rpmsg/rpmsg_internal.h | 5 +- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 +- drivers/spi/spi-npcm-fiu.c | 5 +- drivers/tty/serial/8250/8250_pci.c | 122 +++++- drivers/usb/gadget/legacy/raw_gadget.c | 26 +- drivers/usb/storage/unusual_cypress.h | 2 +- drivers/video/fbdev/aty/atyfb_base.c | 4 + drivers/video/fbdev/uvesafb.c | 2 +- drivers/virtio/virtio_balloon.c | 6 +- drivers/virtio/virtio_mmio.c | 19 +- fs/cifs/smbdirect.c | 14 +- fs/ext4/mballoc.c | 51 +-- fs/ext4/mballoc.h | 14 + fs/f2fs/gc.c | 3 +- include/linux/device/driver.h | 2 + include/linux/kasan.h | 6 +- include/linux/pci_ids.h | 1 + include/linux/platform_device.h | 6 +- include/linux/rpmsg.h | 14 +- include/uapi/linux/can/isotp.h | 25 +- include/uapi/linux/gtp.h | 2 +- kernel/events/core.c | 3 +- kernel/trace/trace_kprobe.c | 4 +- lib/kobject.c | 12 +- mm/kasan/report.c | 4 +- mm/page_alloc.c | 2 +- net/can/isotp.c | 446 +++++++++++++-------- net/core/neighbour.c | 67 ++-- net/ipv4/tcp_input.c | 9 +- net/netfilter/nfnetlink_log.c | 2 +- net/sched/cls_u32.c | 2 +- sound/hda/intel-dsp-config.c | 6 + sound/soc/codecs/rt5645.c | 2 + tools/objtool/check.c | 2 +- tools/perf/util/evlist.c | 21 + tools/perf/util/evlist.h | 5 + .../ftrace/test.d/kprobe/kprobe_non_uniq_symbol.tc | 13 + 83 files changed, 1088 insertions(+), 573 deletions(-)

1 year, 7 months

9
108
0 0

[PATCH 5.15 000/128] 5.15.138-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.138 release. There are 128 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Nov 2023 13:02:46 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.138-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.138-rc1 Mark Hasemeyer <markhas(a)chromium.org> ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection Siddharth Vadapalli <s-vadapalli(a)ti.com> misc: pci_endpoint_test: Add deviceID for J721S2 PCIe EP device support Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IX cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes PX cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Fix up PX-803/PX-857 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Fix port count of PX-257 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IS-100 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Brainboxes UP cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes UC cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Remove UC-257 and UC-431 Daniel Starke <daniel.starke(a)siemens.com> tty: n_gsm: fix race condition in status line change on dead connections Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: properly handle interrupted requests Jimmy Hu <hhhuuu(a)google.com> usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() LihaSika <lihasika(a)gmail.com> usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Vicki Pfau <vi(a)endrift.com> PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Disable ASPM for VI w/ all Intel systems Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Move helper for dynamic speed switch check out of smu13 Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: isotp_bind(): do not validate unused address information Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: add local echo tx processing and tx without FC Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: handle wait_event_interruptible() return values Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: check CAN address family in isotp_bind() Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting Oliver Hartkopp <socketcan(a)hartkopp.net> can: isotp: set max PDU size to 64 kByte Ian Rogers <irogers(a)google.com> perf evlist: Avoid frequency mode for the dummy event Namhyung Kim <namhyung(a)kernel.org> perf tools: Get rid of evlist__add_on_all_cpus() Adrian Hunter <adrian.hunter(a)intel.com> perf evlist: Add evlist__add_dummy_on_all_cpus() Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mm: Fix boot crash with FLATMEM Douglas Anderson <dianders(a)chromium.org> r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en() Douglas Anderson <dianders(a)chromium.org> r8152: Check for unplug in rtl_phy_patch_request() Su Hui <suhui(a)nfschina.com> net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Liming Sun <limings(a)nvidia.com> platform/mellanox: mlxbf-tmfifo: Fix a warning message Tomas Henzl <thenzl(a)redhat.com> scsi: mpt3sas: Fix in error path Jorge Maidana <jorgem.linux(a)gmail.com> fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Karolina Stolarek <karolina.stolarek(a)intel.com> drm/ttm: Reorder sys manager cleanup step Shuming Fan <shumingf(a)realtek.com> ASoC: rt5650: fix the wrong result of key button Florian Westphal <fw(a)strlen.de> netfilter: nfnetlink_log: silence bogus compiler warning William A. Kennington III <william(a)wkennington.com> spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 Su Hui <suhui(a)nfschina.com> fs/ntfs3: Avoid possible memory leak Gabriel Marcano <gabemarcano(a)yahoo.com> fs/ntfs3: Fix directory element type detection Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix NULL pointer dereference on error in attr_allocate_frame() Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix possible NULL-ptr-deref in ni_readpage_cmpr() Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Use kvmalloc instead of kmalloc(... __GFP_NOWARN) Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Write immediately updated ntfs state Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Add ckeck in ni_update_parent() Arnd Bergmann <arnd(a)arndb.de> fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/85xx: Fix math emulation exception Zhang Shurong <zhang_shurong(a)foxmail.com> dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe Ben Wolsieffer <ben.wolsieffer(a)hefring.com> irqchip/stm32-exti: add missing DT IRQ flag translation Anup Patel <apatel(a)ventanamicro.com> irqchip/riscv-intc: Mark all INTC nodes as initialized Gustavo A. R. Silva <gustavoars(a)kernel.org> net: sched: cls_u32: Fix allocation size in u32_init() Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: simple-card: fixup asoc_simple_probe() error handling Juergen Gross <jgross(a)suse.com> x86: Fix .brk attribute in linker script Hangyu Hua <hbh25y(a)gmail.com> rpmsg: Fix possible refcount leak in rpmsg_register_device_override() Bjorn Andersson <quic_bjorande(a)quicinc.com> rpmsg: glink: Release driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix calling device_lock() on non-initialized device Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix kfree() of static memory on setting driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Constify local variable in field store macro Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> driver: platform: Add helper for safer setting of driver_override John Sperbeck <jsperbeck(a)google.com> objtool/x86: add missing embedded_insn check Baokun Li <libaokun1(a)huawei.com> ext4: avoid overlapping preallocations due to overflow Baokun Li <libaokun1(a)huawei.com> ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow Baokun Li <libaokun1(a)huawei.com> ext4: add two helper functions extent_logical_end() and pa_logical_end() Josh Poimboeuf <jpoimboe(a)kernel.org> x86/mm: Fix RESERVE_BRK() for older binutils Josh Poimboeuf <jpoimboe(a)redhat.com> x86/mm: Simplify RESERVE_BRK() Thomas Gleixner <tglx(a)linutronix.de> x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility Shailend Chand <shailend(a)google.com> gve: Fix GFP flags when allocing pages Linus Walleij <linus.walleij(a)linaro.org> iio: afe: rescale: Accept only offset channels Liam Beguin <liambeguin(a)gmail.com> iio: afe: rescale: add offset support Liam Beguin <liambeguin(a)gmail.com> iio: afe: rescale: expose scale processing function Liam Beguin <liambeguin(a)gmail.com> iio: afe: rescale: reorder includes Alessandro Carminati <alessandro.carminati(a)gmail.com> clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name Al Viro <viro(a)zeniv.linux.org.uk> sparc32: fix a braino in fault handling in csum_and_copy_..._user() Peter Zijlstra <peterz(a)infradead.org> perf/core: Fix potential NULL deref Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6UL Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6SLL Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6ULL Ekansh Gupta <quic_ekangupt(a)quicinc.com> misc: fastrpc: Clean buffers on remote invocation failures Yujie Liu <yujie.liu(a)intel.com> tracing/kprobes: Fix the description of variable length arguments Jian Zhang <zhangjian.3032(a)bytedance.com> i2c: aspeed: Fix i2c bus hang in slave read Alain Volmat <alain.volmat(a)foss.st.com> i2c: stm32f7: Fix PEC handling in case of SMBUS transfers Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() Robert Hancock <robert.hancock(a)calian.com> iio: adc: xilinx-xadc: Correct temperature offset/scale for UltraScale Robert Hancock <robert.hancock(a)calian.com> iio: adc: xilinx-xadc: Don't clobber preset voltage/temperature thresholds Marek Szyprowski <m.szyprowski(a)samsung.com> iio: exynos-adc: request second interupt only when touchscreen mode is used Haibo Li <haibo.li(a)mediatek.com> kasan: print the original fault addr when access invalid shadow Ivan Vecera <ivecera(a)redhat.com> i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: fix fragmentation needed check with gso Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: uapi: fix GTPA_MAX Fred Chen <fred.chenchen03(a)gmail.com> tcp: fix wrong RTO timeout when received SACK reneging Douglas Anderson <dianders(a)chromium.org> r8152: Release firmware if we have an error in probe Douglas Anderson <dianders(a)chromium.org> r8152: Cancel hw_phy_work if we have an error in probe Douglas Anderson <dianders(a)chromium.org> r8152: Run the unload routine if we have errors during probe Douglas Anderson <dianders(a)chromium.org> r8152: Increase USB control msg timeout to 5000ms as per spec Shigeru Yoshida <syoshida(a)redhat.com> net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() Sasha Neftin <sasha.neftin(a)intel.com> igc: Fix ambiguity in the ethtool advertising Eric Dumazet <edumazet(a)google.com> neighbour: fix various data-races Mateusz Palczewski <mateusz.palczewski(a)intel.com> igb: Fix potential memory leak in igb_add_ethtool_nfc_entry Kunwu Chan <chentao(a)kylinos.cn> treewide: Spelling fix in comment Ivan Vecera <ivecera(a)redhat.com> i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data-race in rtl_tx() while reading tp->cur_tx Hao Ge <gehao(a)kylinos.cn> firmware/imx-dsp: Fix use_after_free in imx_dsp_setup_channels() Lukasz Majczak <lma(a)semihalf.com> drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() Alexandru Matei <alexandru.matei(a)uipath.com> vsock/virtio: initialize the_virtio_vsock before using VQs Stefano Garzarella <sgarzare(a)redhat.com> vsock/virtio: add support for device suspend/resume Stefano Garzarella <sgarzare(a)redhat.com> vsock/virtio: factor our the code to initialize and delete VQs Umesh Nerlige Ramappa <umesh.nerlige.ramappa(a)intel.com> drm/i915/pmu: Check if pmu is closed before stopping event Al Viro <viro(a)zeniv.linux.org.uk> nfsd: lock_rename() needs both directories to live on the same fs Gregory Price <gourry.memverge(a)gmail.com> mm/migrate: fix do_pages_move for compat pointers Kemeng Shi <shikemeng(a)huaweicloud.com> mm/page_alloc: correct start page when guard page debug is enabled Eric Auger <eric.auger(a)redhat.com> vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE Maximilian Heyne <mheyne(a)amazon.de> virtio-mmio: fix memory leak of vm_dev Gavin Shan <gshan(a)redhat.com> virtio_balloon: Fix endless deflation and inflation on arm64 Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb-lpc: Reallocate memory region to avoid memory overlapping Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb: Return actual parsed size when reading chameleon table Paolo Abeni <pabeni(a)redhat.com> mptcp: more conservative check for zero probes Eric Dumazet <edumazet(a)google.com> tcp: cleanup tcp_remove_empty_skb() use Eric Dumazet <edumazet(a)google.com> tcp: remove dead code from tcp_sendmsg_locked() Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> pinctrl: qcom: lpass-lpi: fix concurrent register updates Johan Hovold <johan+linaro(a)kernel.org> ASoC: codecs: wcd938x: fix runtime PM imbalance on remove Johan Hovold <johan+linaro(a)kernel.org> ASoC: codecs: wcd938x: fix resource leaks on bind errors ------------- Diffstat: Makefile | 4 +- arch/powerpc/kernel/head_fsl_booke.S | 2 +- arch/powerpc/kernel/setup-common.c | 2 + arch/powerpc/mm/mem.c | 1 - arch/sparc/lib/checksum_32.S | 2 +- arch/x86/include/asm/i8259.h | 2 + arch/x86/include/asm/setup.h | 46 ++- arch/x86/kernel/acpi/boot.c | 3 + arch/x86/kernel/i8259.c | 38 +- arch/x86/kernel/setup.c | 5 - arch/x86/kernel/vmlinux.lds.S | 2 +- drivers/base/driver.c | 69 ++++ drivers/base/platform.c | 28 +- drivers/clk/clk.c | 21 +- drivers/dma/ste_dma40.c | 1 + drivers/firmware/imx/imx-dsp.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 19 + drivers/gpu/drm/amd/amdgpu/vi.c | 2 +- drivers/gpu/drm/drm_dp_mst_topology.c | 6 +- drivers/gpu/drm/i915/i915_pmu.c | 9 + drivers/gpu/drm/ttm/ttm_device.c | 8 +- drivers/i2c/busses/i2c-aspeed.c | 3 +- drivers/i2c/busses/i2c-stm32f7.c | 9 +- drivers/i2c/muxes/i2c-demux-pinctrl.c | 2 +- drivers/i2c/muxes/i2c-mux-gpmux.c | 2 +- drivers/i2c/muxes/i2c-mux-pinctrl.c | 2 +- drivers/iio/adc/exynos_adc.c | 24 +- drivers/iio/adc/xilinx-xadc-core.c | 39 +- drivers/iio/adc/xilinx-xadc.h | 2 + drivers/iio/afe/iio-rescale.c | 162 ++++++-- drivers/input/mouse/synaptics.c | 1 + drivers/input/rmi4/rmi_smbus.c | 50 +-- drivers/irqchip/irq-riscv-intc.c | 10 +- drivers/irqchip/irq-stm32-exti.c | 1 + drivers/mcb/mcb-lpc.c | 35 +- drivers/mcb/mcb-parse.c | 15 +- drivers/misc/fastrpc.c | 10 +- drivers/misc/pci_endpoint_test.c | 4 + drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 + drivers/net/ethernet/google/gve/gve_rx_dqo.c | 2 +- drivers/net/ethernet/intel/i40e/i40e.h | 2 +- drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 +- drivers/net/ethernet/intel/igb/igb_ethtool.c | 6 +- drivers/net/ethernet/intel/igc/igc_ethtool.c | 35 +- drivers/net/ethernet/realtek/r8169_main.c | 6 +- drivers/net/ethernet/toshiba/ps3_gelic_wireless.c | 2 +- drivers/net/gtp.c | 5 +- drivers/net/ieee802154/adf7242.c | 5 +- drivers/net/usb/r8152.c | 18 +- drivers/net/usb/smsc95xx.c | 4 +- drivers/nvmem/imx-ocotp.c | 6 +- drivers/pci/quirks.c | 8 +- drivers/pinctrl/qcom/pinctrl-lpass-lpi.c | 17 +- drivers/platform/mellanox/mlxbf-tmfifo.c | 21 +- drivers/rpmsg/qcom_glink_native.c | 2 + drivers/rpmsg/rpmsg_core.c | 37 +- drivers/rpmsg/rpmsg_internal.h | 5 +- drivers/rpmsg/rpmsg_ns.c | 4 +- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 +- drivers/spi/spi-npcm-fiu.c | 5 +- drivers/tty/n_gsm.c | 2 + drivers/tty/serial/8250/8250_pci.c | 327 +++++++++++++++- drivers/usb/gadget/legacy/raw_gadget.c | 26 +- drivers/usb/storage/unusual_cypress.h | 2 +- drivers/usb/typec/tcpm/tcpm.c | 3 + drivers/vhost/vhost.c | 4 +- drivers/video/fbdev/aty/atyfb_base.c | 4 + drivers/video/fbdev/uvesafb.c | 2 +- drivers/virtio/virtio_balloon.c | 6 +- drivers/virtio/virtio_mmio.c | 19 +- fs/ext4/mballoc.c | 51 ++- fs/ext4/mballoc.h | 14 + fs/nfsd/vfs.c | 12 +- fs/ntfs3/attrib.c | 6 +- fs/ntfs3/attrlist.c | 15 +- fs/ntfs3/bitmap.c | 3 +- fs/ntfs3/dir.c | 6 +- fs/ntfs3/frecord.c | 8 +- fs/ntfs3/fslog.c | 6 +- fs/ntfs3/fsntfs.c | 13 +- fs/ntfs3/super.c | 2 +- include/linux/device/driver.h | 2 + include/linux/iio/afe/rescale.h | 36 ++ include/linux/kasan.h | 6 +- include/linux/pci_ids.h | 1 + include/linux/platform_device.h | 6 +- include/linux/rpmsg.h | 14 +- include/net/tcp.h | 2 +- include/uapi/linux/can/isotp.h | 25 +- include/uapi/linux/gtp.h | 2 +- kernel/events/core.c | 3 +- kernel/trace/trace_kprobe.c | 4 +- mm/kasan/report.c | 4 +- mm/migrate.c | 14 +- mm/page_alloc.c | 2 +- net/can/isotp.c | 438 ++++++++++++++-------- net/core/neighbour.c | 67 ++-- net/ipv4/tcp.c | 19 +- net/ipv4/tcp_input.c | 9 +- net/mptcp/protocol.c | 12 +- net/netfilter/nfnetlink_log.c | 2 +- net/sched/cls_u32.c | 2 +- net/vmw_vsock/virtio_transport.c | 215 +++++++---- sound/hda/intel-dsp-config.c | 6 + sound/soc/codecs/rt5645.c | 2 + sound/soc/codecs/wcd938x.c | 52 ++- sound/soc/generic/simple-card.c | 6 +- tools/objtool/check.c | 2 +- tools/perf/util/evlist.c | 21 ++ tools/perf/util/evlist.h | 5 + 111 files changed, 1674 insertions(+), 678 deletions(-)

1 year, 7 months

11
140
0 0

[PATCH 4.14 00/48] 4.14.329-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.329 release. There are 48 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Nov 2023 13:02:46 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.329-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.329-rc1 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IS-100 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Brainboxes UP cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes UC cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Remove UC-257 and UC-431 LihaSika <lihasika(a)gmail.com> usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Vicki Pfau <vi(a)endrift.com> PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device George Kennedy <george.kennedy(a)oracle.com> vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF Christoph Hellwig <hch(a)lst.de> remove the sx8 block driver Arnd Bergmann <arnd(a)arndb.de> ata: ahci: fix enum constants for gcc-13 Su Hui <suhui(a)nfschina.com> net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Hans de Goede <hdegoede(a)redhat.com> platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e Tomas Henzl <thenzl(a)redhat.com> scsi: mpt3sas: Fix in error path Jorge Maidana <jorgem.linux(a)gmail.com> fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Shuming Fan <shumingf(a)realtek.com> ASoC: rt5650: fix the wrong result of key button Florian Westphal <fw(a)strlen.de> netfilter: nfnetlink_log: silence bogus compiler warning Arnd Bergmann <arnd(a)arndb.de> fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Zhang Shurong <zhang_shurong(a)foxmail.com> dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe Ben Wolsieffer <ben.wolsieffer(a)hefring.com> irqchip/stm32-exti: add missing DT IRQ flag translation Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: simple-card: fixup asoc_simple_probe() error handling Juergen Gross <jgross(a)suse.com> x86: Fix .brk attribute in linker script Hangyu Hua <hbh25y(a)gmail.com> rpmsg: Fix possible refcount leak in rpmsg_register_device_override() Bjorn Andersson <quic_bjorande(a)quicinc.com> rpmsg: glink: Release driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix calling device_lock() on non-initialized device Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix kfree() of static memory on setting driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> driver: platform: Add helper for safer setting of driver_override Josh Poimboeuf <jpoimboe(a)kernel.org> x86/mm: Fix RESERVE_BRK() for older binutils Josh Poimboeuf <jpoimboe(a)redhat.com> x86/mm: Simplify RESERVE_BRK() Thomas Gleixner <tglx(a)linutronix.de> x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility Al Viro <viro(a)zeniv.linux.org.uk> nfsd: lock_rename() needs both directories to live on the same fs Chao Yu <chao(a)kernel.org> f2fs: fix to do sanity check on inode type during garbage collection Wang Hai <wanghai38(a)huawei.com> kobject: Fix slab-out-of-bounds in fill_kobj_path() Lukasz Majczak <lma(a)semihalf.com> drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() Nick Desaulniers <ndesaulniers(a)google.com> ARM: 8933/1: replace Sun/Solaris style flag on section directive Trond Myklebust <trondmy(a)gmail.com> NFS: Don't call generic_error_remove_page() while holding locks Peter Zijlstra <peterz(a)infradead.org> perf/core: Fix potential NULL deref Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() Ivan Vecera <ivecera(a)redhat.com> i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: uapi: fix GTPA_MAX Fred Chen <fred.chenchen03(a)gmail.com> tcp: fix wrong RTO timeout when received SACK reneging Douglas Anderson <dianders(a)chromium.org> r8152: Increase USB control msg timeout to 5000ms as per spec Mateusz Palczewski <mateusz.palczewski(a)intel.com> igb: Fix potential memory leak in igb_add_ethtool_nfc_entry Kunwu Chan <chentao(a)kylinos.cn> treewide: Spelling fix in comment Gavin Shan <gshan(a)redhat.com> virtio_balloon: Fix endless deflation and inflation on arm64 Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb-lpc: Reallocate memory region to avoid memory overlapping Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb: Return actual parsed size when reading chameleon table ------------- Diffstat: Makefile | 4 +- arch/arm/boot/bootp/init.S | 2 +- arch/arm/boot/compressed/big-endian.S | 2 +- arch/arm/boot/compressed/head.S | 2 +- arch/arm/boot/compressed/piggy.S | 2 +- arch/arm/mm/proc-arm1020.S | 2 +- arch/arm/mm/proc-arm1020e.S | 2 +- arch/arm/mm/proc-arm1022.S | 2 +- arch/arm/mm/proc-arm1026.S | 2 +- arch/arm/mm/proc-arm720.S | 2 +- arch/arm/mm/proc-arm740.S | 2 +- arch/arm/mm/proc-arm7tdmi.S | 2 +- arch/arm/mm/proc-arm920.S | 2 +- arch/arm/mm/proc-arm922.S | 2 +- arch/arm/mm/proc-arm925.S | 2 +- arch/arm/mm/proc-arm926.S | 2 +- arch/arm/mm/proc-arm940.S | 2 +- arch/arm/mm/proc-arm946.S | 2 +- arch/arm/mm/proc-arm9tdmi.S | 2 +- arch/arm/mm/proc-fa526.S | 2 +- arch/arm/mm/proc-feroceon.S | 2 +- arch/arm/mm/proc-mohawk.S | 2 +- arch/arm/mm/proc-sa110.S | 2 +- arch/arm/mm/proc-sa1100.S | 2 +- arch/arm/mm/proc-v6.S | 2 +- arch/arm/mm/proc-v7.S | 2 +- arch/arm/mm/proc-v7m.S | 4 +- arch/arm/mm/proc-xsc3.S | 2 +- arch/arm/mm/proc-xscale.S | 2 +- arch/x86/include/asm/i8259.h | 2 + arch/x86/include/asm/setup.h | 46 +- arch/x86/kernel/acpi/boot.c | 3 + arch/x86/kernel/i8259.c | 38 +- arch/x86/kernel/vmlinux.lds.S | 2 +- drivers/ata/ahci.h | 226 +-- drivers/base/driver.c | 69 + drivers/base/platform.c | 28 +- drivers/block/Kconfig | 9 - drivers/block/Makefile | 2 - drivers/block/sx8.c | 1746 --------------------- drivers/dma/ste_dma40.c | 1 + drivers/gpu/drm/drm_dp_mst_topology.c | 6 +- drivers/i2c/muxes/i2c-demux-pinctrl.c | 2 +- drivers/i2c/muxes/i2c-mux-gpmux.c | 2 +- drivers/i2c/muxes/i2c-mux-pinctrl.c | 2 +- drivers/input/mouse/synaptics.c | 1 + drivers/input/rmi4/rmi_smbus.c | 50 +- drivers/irqchip/irq-stm32-exti.c | 1 + drivers/mcb/mcb-lpc.c | 35 +- drivers/mcb/mcb-parse.c | 15 +- drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 + drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 +- drivers/net/ethernet/intel/igb/igb_ethtool.c | 6 +- drivers/net/ethernet/toshiba/ps3_gelic_wireless.c | 2 +- drivers/net/usb/r8152.c | 7 +- drivers/pci/quirks.c | 9 +- drivers/platform/x86/asus-wmi.h | 2 +- drivers/rpmsg/qcom_glink_native.c | 1 + drivers/rpmsg/rpmsg_core.c | 34 +- drivers/rpmsg/rpmsg_internal.h | 5 +- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 +- drivers/tty/serial/8250/8250_pci.c | 122 +- drivers/tty/vt/vc_screen.c | 9 +- drivers/usb/storage/unusual_cypress.h | 2 +- drivers/video/fbdev/aty/atyfb_base.c | 4 + drivers/video/fbdev/uvesafb.c | 2 +- drivers/virtio/virtio_balloon.c | 6 +- fs/f2fs/gc.c | 3 +- fs/nfs/write.c | 3 +- fs/nfsd/vfs.c | 12 +- include/linux/device.h | 2 + include/linux/pci_ids.h | 1 + include/linux/platform_device.h | 6 +- include/linux/rpmsg.h | 14 +- include/uapi/linux/gtp.h | 2 +- kernel/events/core.c | 3 +- lib/kobject.c | 12 +- net/ipv4/tcp_input.c | 9 +- net/netfilter/nfnetlink_log.c | 2 +- sound/soc/codecs/rt5645.c | 2 + sound/soc/generic/simple-card.c | 6 +- 81 files changed, 598 insertions(+), 2046 deletions(-)

1 year, 7 months

6
53
0 0

[PATCH 6.5 00/88] 6.5.11-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.5.11 release. There are 88 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Nov 2023 13:02:46 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.5.11-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.5.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.5.11-rc1 Mark Hasemeyer <markhas(a)chromium.org> ASoC: SOF: sof-pci-dev: Fix community key quirk detection Mark Hasemeyer <markhas(a)chromium.org> ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection Tony Lindgren <tony(a)atomide.com> serial: core: Fix runtime PM handling for pending tx Siddharth Vadapalli <s-vadapalli(a)ti.com> misc: pci_endpoint_test: Add deviceID for J721S2 PCIe EP device support Francesco Dolcini <francesco.dolcini(a)toradex.com> dt-bindings: serial: rs485: Add rs485-rts-active-high Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IX cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes PX cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Fix up PX-803/PX-857 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Fix port count of PX-257 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IS-100 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Brainboxes UP cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes UC cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Remove UC-257 and UC-431 Daniel Starke <daniel.starke(a)siemens.com> tty: n_gsm: fix race condition in status line change on dead connections Janne Grunau <j(a)jannau.net> Bluetooth: hci_bcm4377: Mark bcm4378/bcm4387 as BROKEN_LE_CODED Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: properly handle interrupted requests Jimmy Hu <hhhuuu(a)google.com> usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() Badhri Jagan Sridharan <badhri(a)google.com> usb: typec: tcpm: Add additional checks for contaminant LihaSika <lihasika(a)gmail.com> usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Vicki Pfau <vi(a)endrift.com> PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Max McCarthy <mmccarthy(a)mcintoshlabs.com> ALSA: usb-audio: add quirk flag to enable native DSD for McIntosh devices Liam R. Howlett <Liam.Howlett(a)oracle.com> mmap: fix error paths with dup_anon_vma() Liam R. Howlett <Liam.Howlett(a)oracle.com> mmap: fix vma_iterator in error path of vma_merge() Ian Rogers <irogers(a)google.com> perf evlist: Avoid frequency mode for the dummy event Kai-Heng Feng <kai.heng.feng(a)canonical.com> power: supply: core: Use blocking_notifier_call_chain to avoid RCU complaint Benno Lossin <benno.lossin(a)proton.me> rust: types: make `Opaque` be `!Unpin` Alice Ryhl <aliceryhl(a)google.com> rust: make `UnsafeCell` the outer type in `Opaque` Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> drm/amd/display: Don't use fsleep for PSR exit waits Al Viro <viro(a)zeniv.linux.org.uk> ceph_wait_on_conflict_unlink(): grab reference before dropping ->d_lock Al Viro <viro(a)zeniv.linux.org.uk> io_uring: kiocb_done() should *not* trust ->ki_pos if ->{read,write}_iter() failed Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mm: Fix boot crash with FLATMEM Douglas Anderson <dianders(a)chromium.org> r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en() Douglas Anderson <dianders(a)chromium.org> r8152: Check for unplug in rtl_phy_patch_request() Su Hui <suhui(a)nfschina.com> net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Jisheng Zhang <jszhang(a)kernel.org> riscv: dts: thead: set dma-noncoherent to soc bus Felix Kuehling <Felix.Kuehling(a)amd.com> drm/amdgpu: Reserve fences for VM update Liming Sun <limings(a)nvidia.com> platform/mellanox: mlxbf-tmfifo: Fix a warning message Phil Sutter <phil(a)nwl.cc> netfilter: nf_tables: audit log object reset once per table Icenowy Zheng <uwu(a)icenowy.me> LoongArch: Disable WUC for pgprot_writecombine() like ioremap_wc() Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Replace kmap_atomic() with kmap_local_page() in copy_user_highpage() Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Export symbol invalid_pud_table for modules building Tiezhu Yang <yangtiezhu(a)loongson.cn> LoongArch: Use SYM_CODE_* to annotate exception handlers Luben Tuikov <luben.tuikov(a)amd.com> gpu/drm: Eliminate DRM_SCHED_PRIORITY_UNSET Luben Tuikov <luben.tuikov(a)amd.com> drm/amdgpu: Unset context priority is now invalid David Rau <David.Rau.opensource(a)dm.renesas.com> ASoC: da7219: Correct the process of setting up Gnd switch in AAD Tomas Henzl <thenzl(a)redhat.com> scsi: mpt3sas: Fix in error path Jorge Maidana <jorgem.linux(a)gmail.com> fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Dan Carpenter <dan.carpenter(a)linaro.org> fbdev: omapfb: fix some error codes Karolina Stolarek <karolina.stolarek(a)intel.com> drm/ttm: Reorder sys manager cleanup step Vasily Gorbik <gor(a)linux.ibm.com> s390/kasan: handle DCSS mapping in memory holes Roy Chateau <roy.chateau(a)mep-info.com> ASoC: codecs: tas2780: Fix log of failed reset via I2C. Shuming Fan <shumingf(a)realtek.com> ASoC: rt5650: fix the wrong result of key button Kuan-Wei Chiu <visitorckw(a)gmail.com> efi: fix memory leak in krealloc failure handling Nikolay Borisov <nik.borisov(a)suse.com> x86/efistub: Don't try to print after ExitBootService() Vlad Buslov <vladbu(a)nvidia.com> net/mlx5: Bridge, fix peer entry ageing in LAG mode Florian Westphal <fw(a)strlen.de> netfilter: nfnetlink_log: silence bogus compiler warning Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ASoC: soc-dapm: Add helper for comparing widget name William A. Kennington III <william(a)wkennington.com> spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 Su Hui <suhui(a)nfschina.com> fs/ntfs3: Avoid possible memory leak Gabriel Marcano <gabemarcano(a)yahoo.com> fs/ntfs3: Fix directory element type detection Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix NULL pointer dereference on error in attr_allocate_frame() Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix possible NULL-ptr-deref in ni_readpage_cmpr() Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Do not allow to change label if volume is read-only Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Add more info into /proc/fs/ntfs3/<dev>/volinfo Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix alternative boot searching Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Add more attributes checks in mi_enum_attr() Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Use kvmalloc instead of kmalloc(... __GFP_NOWARN) Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Write immediately updated ntfs state Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Add ckeck in ni_update_parent() Arnd Bergmann <arnd(a)arndb.de> fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Ondrej Jirman <megi(a)xff.cz> media: i2c: ov8858: Don't set fwnode in the driver Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/85xx: Fix math emulation exception Ondrej Zary <linux(a)zary.sk> ata: pata_parport: fit3: implement IDE command set registers Ondrej Zary <linux(a)zary.sk> ata: pata_parport: add custom version of wait_after_reset Zhang Shurong <zhang_shurong(a)foxmail.com> dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe Ben Wolsieffer <ben.wolsieffer(a)hefring.com> irqchip/stm32-exti: add missing DT IRQ flag translation Anup Patel <apatel(a)ventanamicro.com> irqchip/riscv-intc: Mark all INTC nodes as initialized Haibo Chen <haibo.chen(a)nxp.com> can: flexcan: remove the auto stop mode for IMX93 Haibo Chen <haibo.chen(a)nxp.com> arm64: dts: imx93: add the Flex-CAN stop mode by GPR Gustavo A. R. Silva <gustavoars(a)kernel.org> net: sched: cls_u32: Fix allocation size in u32_init() Antoine Gennart <gennartan(a)disroot.org> ASoC: tlv320adc3xxx: BUG: Correct micbias setting Amadeusz Sławiński <amadeuszx.slawinski(a)linux.intel.com> ASoC: core: Do not call link_exit() on uninitialized rtd objects Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: fsl-asoc-card: use integer type for fll_id and pll_id Suzuki K Poulose <suzuki.poulose(a)arm.com> coresight: tmc-etr: Disable warnings for allocation failures Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: simple-card: fixup asoc_simple_probe() error handling Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: Intel: sof_sdw: add support for SKU 0B14 ------------- Diffstat: .../devicetree/bindings/serial/rs485.yaml | 4 + Makefile | 4 +- arch/arm64/boot/dts/freescale/imx93.dtsi | 4 +- arch/loongarch/include/asm/io.h | 5 +- arch/loongarch/include/asm/linkage.h | 8 + arch/loongarch/include/asm/pgtable-bits.h | 4 +- arch/loongarch/kernel/entry.S | 4 +- arch/loongarch/kernel/genex.S | 16 +- arch/loongarch/kernel/setup.c | 10 +- arch/loongarch/mm/init.c | 9 +- arch/loongarch/mm/tlbex.S | 36 +-- arch/powerpc/kernel/head_85xx.S | 2 +- arch/powerpc/kernel/setup-common.c | 2 + arch/powerpc/mm/mem.c | 1 - arch/riscv/boot/dts/thead/th1520.dtsi | 1 + arch/s390/boot/vmem.c | 7 +- drivers/ata/pata_parport/fit3.c | 14 +- drivers/ata/pata_parport/pata_parport.c | 68 ++++- drivers/bluetooth/hci_bcm4377.c | 5 + drivers/dma/ste_dma40.c | 1 + drivers/firmware/efi/efi.c | 8 +- drivers/firmware/efi/libstub/x86-stub.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c | 5 +- drivers/gpu/drm/amd/display/dc/dce/dce_dmcu.c | 3 +- drivers/gpu/drm/amd/display/dc/dce/dmub_psr.c | 3 +- drivers/gpu/drm/ttm/ttm_device.c | 8 +- drivers/hwtracing/coresight/coresight-tmc-etr.c | 3 +- drivers/input/mouse/synaptics.c | 1 + drivers/input/rmi4/rmi_smbus.c | 50 ++-- drivers/irqchip/irq-riscv-intc.c | 10 +- drivers/irqchip/irq-stm32-exti.c | 1 + drivers/media/i2c/ov8858.c | 10 +- drivers/misc/pci_endpoint_test.c | 4 + drivers/net/can/flexcan/flexcan-core.c | 46 +-- drivers/net/can/flexcan/flexcan.h | 2 - drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 + .../ethernet/mellanox/mlx5/core/en/rep/bridge.c | 11 + .../net/ethernet/mellanox/mlx5/core/esw/bridge.c | 25 +- .../net/ethernet/mellanox/mlx5/core/esw/bridge.h | 3 + .../ethernet/mellanox/mlx5/core/esw/bridge_priv.h | 1 + drivers/net/usb/r8152.c | 7 + drivers/pci/quirks.c | 8 +- drivers/platform/mellanox/mlxbf-tmfifo.c | 21 +- drivers/power/supply/power_supply_core.c | 8 +- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 +- drivers/spi/spi-npcm-fiu.c | 5 +- drivers/tty/n_gsm.c | 2 + drivers/tty/serial/8250/8250_pci.c | 327 ++++++++++++++++++++- drivers/tty/serial/serial_core.c | 2 +- drivers/usb/gadget/legacy/raw_gadget.c | 26 +- drivers/usb/storage/unusual_cypress.h | 2 +- drivers/usb/typec/tcpm/tcpm.c | 5 + drivers/video/fbdev/aty/atyfb_base.c | 4 + drivers/video/fbdev/omap/omapfb_main.c | 4 +- drivers/video/fbdev/uvesafb.c | 2 +- fs/ceph/mds_client.c | 2 +- fs/ntfs3/attrib.c | 6 +- fs/ntfs3/attrlist.c | 15 +- fs/ntfs3/bitmap.c | 3 +- fs/ntfs3/dir.c | 6 +- fs/ntfs3/frecord.c | 8 +- fs/ntfs3/fslog.c | 6 +- fs/ntfs3/fsntfs.c | 13 +- fs/ntfs3/record.c | 68 ++++- fs/ntfs3/super.c | 33 ++- include/drm/gpu_scheduler.h | 3 +- include/linux/pci_ids.h | 1 + include/linux/power_supply.h | 2 +- include/sound/soc-dapm.h | 1 + include/sound/soc.h | 2 + io_uring/rw.c | 2 +- mm/mmap.c | 40 ++- net/netfilter/nf_tables_api.c | 50 ++-- net/netfilter/nfnetlink_log.c | 2 +- net/sched/cls_u32.c | 2 +- rust/kernel/types.rs | 21 +- sound/hda/intel-dsp-config.c | 6 + sound/soc/codecs/da7219-aad.c | 11 +- sound/soc/codecs/rt5645.c | 2 + sound/soc/codecs/tas2780.c | 2 +- sound/soc/codecs/tlv320adc3xxx.c | 4 +- sound/soc/fsl/fsl-asoc-card.c | 12 +- sound/soc/generic/simple-card.c | 6 +- sound/soc/intel/boards/sof_sdw.c | 10 + sound/soc/soc-component.c | 1 + sound/soc/soc-core.c | 20 +- sound/soc/soc-dapm.c | 12 + sound/soc/sof/sof-pci-dev.c | 7 + sound/usb/quirks.c | 2 + tools/perf/util/evlist.c | 5 +- tools/testing/selftests/netfilter/nft_audit.sh | 46 +++ 92 files changed, 973 insertions(+), 297 deletions(-)

1 year, 7 months

12
99
0 0

[PATCH 6.1 00/62] 6.1.62-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.1.62 release. There are 62 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Nov 2023 13:02:46 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.62-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.1.62-rc1 Mark Hasemeyer <markhas(a)chromium.org> ASoC: SOF: sof-pci-dev: Fix community key quirk detection Mark Hasemeyer <markhas(a)chromium.org> ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection Siddharth Vadapalli <s-vadapalli(a)ti.com> misc: pci_endpoint_test: Add deviceID for J721S2 PCIe EP device support Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IX cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes PX cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Fix up PX-803/PX-857 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Fix port count of PX-257 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IS-100 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Brainboxes UP cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes UC cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Remove UC-257 and UC-431 Daniel Starke <daniel.starke(a)siemens.com> tty: n_gsm: fix race condition in status line change on dead connections Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: properly handle interrupted requests Jimmy Hu <hhhuuu(a)google.com> usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() LihaSika <lihasika(a)gmail.com> usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Vicki Pfau <vi(a)endrift.com> PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Max McCarthy <mmccarthy(a)mcintoshlabs.com> ALSA: usb-audio: add quirk flag to enable native DSD for McIntosh devices Liam R. Howlett <Liam.Howlett(a)oracle.com> mmap: fix error paths with dup_anon_vma() Liam R. Howlett <Liam.Howlett(a)oracle.com> mm/mempolicy: fix set_mempolicy_home_node() previous VMA pointer Maxim Levitsky <mlevitsk(a)redhat.com> x86: KVM: SVM: always update the x2avic msr interception Ian Rogers <irogers(a)google.com> perf evlist: Avoid frequency mode for the dummy event Kai-Heng Feng <kai.heng.feng(a)canonical.com> power: supply: core: Use blocking_notifier_call_chain to avoid RCU complaint Al Viro <viro(a)zeniv.linux.org.uk> ceph_wait_on_conflict_unlink(): grab reference before dropping ->d_lock Al Viro <viro(a)zeniv.linux.org.uk> io_uring: kiocb_done() should *not* trust ->ki_pos if ->{read,write}_iter() failed Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mm: Fix boot crash with FLATMEM Douglas Anderson <dianders(a)chromium.org> r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en() Douglas Anderson <dianders(a)chromium.org> r8152: Check for unplug in rtl_phy_patch_request() Su Hui <suhui(a)nfschina.com> net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Felix Kuehling <Felix.Kuehling(a)amd.com> drm/amdgpu: Reserve fences for VM update Liming Sun <limings(a)nvidia.com> platform/mellanox: mlxbf-tmfifo: Fix a warning message Phil Sutter <phil(a)nwl.cc> netfilter: nf_tables: audit log object reset once per table Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Replace kmap_atomic() with kmap_local_page() in copy_user_highpage() Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Export symbol invalid_pud_table for modules building Luben Tuikov <luben.tuikov(a)amd.com> gpu/drm: Eliminate DRM_SCHED_PRIORITY_UNSET Luben Tuikov <luben.tuikov(a)amd.com> drm/amdgpu: Unset context priority is now invalid Tomas Henzl <thenzl(a)redhat.com> scsi: mpt3sas: Fix in error path Jorge Maidana <jorgem.linux(a)gmail.com> fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Dan Carpenter <dan.carpenter(a)linaro.org> fbdev: omapfb: fix some error codes Karolina Stolarek <karolina.stolarek(a)intel.com> drm/ttm: Reorder sys manager cleanup step Roy Chateau <roy.chateau(a)mep-info.com> ASoC: codecs: tas2780: Fix log of failed reset via I2C. Shuming Fan <shumingf(a)realtek.com> ASoC: rt5650: fix the wrong result of key button Kuan-Wei Chiu <visitorckw(a)gmail.com> efi: fix memory leak in krealloc failure handling Florian Westphal <fw(a)strlen.de> netfilter: nfnetlink_log: silence bogus compiler warning William A. Kennington III <william(a)wkennington.com> spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 Su Hui <suhui(a)nfschina.com> fs/ntfs3: Avoid possible memory leak Gabriel Marcano <gabemarcano(a)yahoo.com> fs/ntfs3: Fix directory element type detection Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix NULL pointer dereference on error in attr_allocate_frame() Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix possible NULL-ptr-deref in ni_readpage_cmpr() Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Use kvmalloc instead of kmalloc(... __GFP_NOWARN) Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Write immediately updated ntfs state Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Add ckeck in ni_update_parent() Arnd Bergmann <arnd(a)arndb.de> fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/85xx: Fix math emulation exception Zhang Shurong <zhang_shurong(a)foxmail.com> dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe Ben Wolsieffer <ben.wolsieffer(a)hefring.com> irqchip/stm32-exti: add missing DT IRQ flag translation Anup Patel <apatel(a)ventanamicro.com> irqchip/riscv-intc: Mark all INTC nodes as initialized Gustavo A. R. Silva <gustavoars(a)kernel.org> net: sched: cls_u32: Fix allocation size in u32_init() Antoine Gennart <gennartan(a)disroot.org> ASoC: tlv320adc3xxx: BUG: Correct micbias setting Suzuki K Poulose <suzuki.poulose(a)arm.com> coresight: tmc-etr: Disable warnings for allocation failures Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: simple-card: fixup asoc_simple_probe() error handling ------------- Diffstat: Makefile | 4 +- arch/loongarch/mm/init.c | 9 +- arch/powerpc/kernel/head_85xx.S | 2 +- arch/powerpc/kernel/setup-common.c | 2 + arch/powerpc/mm/mem.c | 1 - arch/x86/kvm/svm/svm.c | 3 +- drivers/dma/ste_dma40.c | 1 + drivers/firmware/efi/efi.c | 8 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c | 5 +- drivers/gpu/drm/ttm/ttm_device.c | 8 +- drivers/hwtracing/coresight/coresight-tmc-etr.c | 3 +- drivers/input/mouse/synaptics.c | 1 + drivers/input/rmi4/rmi_smbus.c | 50 ++-- drivers/irqchip/irq-riscv-intc.c | 10 +- drivers/irqchip/irq-stm32-exti.c | 1 + drivers/misc/pci_endpoint_test.c | 4 + drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 + drivers/net/usb/r8152.c | 7 + drivers/pci/quirks.c | 8 +- drivers/platform/mellanox/mlxbf-tmfifo.c | 21 +- drivers/power/supply/power_supply_core.c | 8 +- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 +- drivers/spi/spi-npcm-fiu.c | 5 +- drivers/tty/n_gsm.c | 2 + drivers/tty/serial/8250/8250_pci.c | 327 +++++++++++++++++++++++- drivers/usb/gadget/legacy/raw_gadget.c | 26 +- drivers/usb/storage/unusual_cypress.h | 2 +- drivers/usb/typec/tcpm/tcpm.c | 3 + drivers/video/fbdev/aty/atyfb_base.c | 4 + drivers/video/fbdev/omap/omapfb_main.c | 4 +- drivers/video/fbdev/uvesafb.c | 2 +- fs/ceph/mds_client.c | 2 +- fs/ntfs3/attrib.c | 6 +- fs/ntfs3/attrlist.c | 15 +- fs/ntfs3/bitmap.c | 3 +- fs/ntfs3/dir.c | 6 +- fs/ntfs3/frecord.c | 8 +- fs/ntfs3/fslog.c | 6 +- fs/ntfs3/fsntfs.c | 13 +- fs/ntfs3/super.c | 2 +- include/drm/gpu_scheduler.h | 3 +- include/linux/pci_ids.h | 1 + include/linux/power_supply.h | 2 +- io_uring/rw.c | 2 +- mm/mempolicy.c | 4 +- mm/mmap.c | 15 +- net/netfilter/nf_tables_api.c | 50 ++-- net/netfilter/nfnetlink_log.c | 2 +- net/sched/cls_u32.c | 2 +- sound/hda/intel-dsp-config.c | 6 + sound/soc/codecs/rt5645.c | 2 + sound/soc/codecs/tas2780.c | 2 +- sound/soc/codecs/tlv320adc3xxx.c | 4 +- sound/soc/generic/simple-card.c | 6 +- sound/soc/sof/sof-pci-dev.c | 7 + sound/usb/quirks.c | 2 + tools/perf/util/evlist.c | 5 +- tools/testing/selftests/netfilter/nft_audit.sh | 46 ++++ 59 files changed, 620 insertions(+), 144 deletions(-)

1 year, 7 months

13
74
0 0

[PATCH 5.4 00/74] 5.4.260-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.4.260 release. There are 74 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Nov 2023 13:02:46 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.260-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.4.260-rc1 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IS-100 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Brainboxes UP cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes UC cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Remove UC-257 and UC-431 LihaSika <lihasika(a)gmail.com> usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Vicki Pfau <vi(a)endrift.com> PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Matthias Schiffer <matthias.schiffer(a)ew.tq-group.com> Revert "ARM: dts: Move am33xx and am43xx mmc nodes to sdhci-omap driver" Sagi Grimberg <sagi(a)grimberg.me> nvmet-tcp: Fix a possible UAF in queue intialization setup Sagi Grimberg <sagi(a)grimberg.me> nvmet-tcp: move send/recv error handling in the send/recv methods instead of call-sites Christoph Hellwig <hch(a)lst.de> remove the sx8 block driver Arnd Bergmann <arnd(a)arndb.de> ata: ahci: fix enum constants for gcc-13 Su Hui <suhui(a)nfschina.com> net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Liming Sun <limings(a)nvidia.com> platform/mellanox: mlxbf-tmfifo: Fix a warning message Hans de Goede <hdegoede(a)redhat.com> platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e Tomas Henzl <thenzl(a)redhat.com> scsi: mpt3sas: Fix in error path Jorge Maidana <jorgem.linux(a)gmail.com> fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Shuming Fan <shumingf(a)realtek.com> ASoC: rt5650: fix the wrong result of key button Florian Westphal <fw(a)strlen.de> netfilter: nfnetlink_log: silence bogus compiler warning William A. Kennington III <william(a)wkennington.com> spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 Arnd Bergmann <arnd(a)arndb.de> fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Zhang Shurong <zhang_shurong(a)foxmail.com> dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe Ben Wolsieffer <ben.wolsieffer(a)hefring.com> irqchip/stm32-exti: add missing DT IRQ flag translation Szilard Fabian <szfabian(a)bluemarch.art> Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table Juergen Gross <jgross(a)suse.com> x86: Fix .brk attribute in linker script Hangyu Hua <hbh25y(a)gmail.com> rpmsg: Fix possible refcount leak in rpmsg_register_device_override() Bjorn Andersson <quic_bjorande(a)quicinc.com> rpmsg: glink: Release driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix calling device_lock() on non-initialized device Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix kfree() of static memory on setting driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Constify local variable in field store macro Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> driver: platform: Add helper for safer setting of driver_override Baokun Li <libaokun1(a)huawei.com> ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow Baokun Li <libaokun1(a)huawei.com> ext4: avoid overlapping preallocations due to overflow Baokun Li <libaokun1(a)huawei.com> ext4: add two helper functions extent_logical_end() and pa_logical_end() Josh Poimboeuf <jpoimboe(a)kernel.org> x86/mm: Fix RESERVE_BRK() for older binutils Josh Poimboeuf <jpoimboe(a)redhat.com> x86/mm: Simplify RESERVE_BRK() Al Viro <viro(a)zeniv.linux.org.uk> nfsd: lock_rename() needs both directories to live on the same fs Chao Yu <chao(a)kernel.org> f2fs: fix to do sanity check on inode type during garbage collection Steve French <stfrench(a)microsoft.com> smbdirect: missing rc checks while waiting for rdma events Wang Hai <wanghai38(a)huawei.com> kobject: Fix slab-out-of-bounds in fill_kobj_path() Jinjie Ruan <ruanjinjie(a)huawei.com> arm64: fix a concurrency issue in emulation_proc_handler() Lukasz Majczak <lma(a)semihalf.com> drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() Thomas Gleixner <tglx(a)linutronix.de> x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility Ivan Vecera <ivecera(a)redhat.com> i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR Alessandro Carminati <alessandro.carminati(a)gmail.com> clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name Peter Zijlstra <peterz(a)infradead.org> perf/core: Fix potential NULL deref Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6UL Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6SLL Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6ULL Jian Zhang <zhangjian.3032(a)bytedance.com> i2c: aspeed: Fix i2c bus hang in slave read Alain Volmat <alain.volmat(a)foss.st.com> i2c: stm32f7: Fix PEC handling in case of SMBUS transfers Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() Marek Szyprowski <m.szyprowski(a)samsung.com> iio: exynos-adc: request second interupt only when touchscreen mode is used Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: fix fragmentation needed check with gso Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: uapi: fix GTPA_MAX Fred Chen <fred.chenchen03(a)gmail.com> tcp: fix wrong RTO timeout when received SACK reneging Douglas Anderson <dianders(a)chromium.org> r8152: Cancel hw_phy_work if we have an error in probe Douglas Anderson <dianders(a)chromium.org> r8152: Run the unload routine if we have errors during probe Douglas Anderson <dianders(a)chromium.org> r8152: Increase USB control msg timeout to 5000ms as per spec Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() Sasha Neftin <sasha.neftin(a)intel.com> igc: Fix ambiguity in the ethtool advertising Eric Dumazet <edumazet(a)google.com> neighbour: fix various data-races Mateusz Palczewski <mateusz.palczewski(a)intel.com> igb: Fix potential memory leak in igb_add_ethtool_nfc_entry Kunwu Chan <chentao(a)kylinos.cn> treewide: Spelling fix in comment Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 Maximilian Heyne <mheyne(a)amazon.de> virtio-mmio: fix memory leak of vm_dev Gavin Shan <gshan(a)redhat.com> virtio_balloon: Fix endless deflation and inflation on arm64 Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb-lpc: Reallocate memory region to avoid memory overlapping Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb: Return actual parsed size when reading chameleon table Francis Laniel <flaniel(a)linux.microsoft.com> selftests/ftrace: Add new test case which checks non unique symbol Miquel Raynal <miquel.raynal(a)bootlin.com> mtd: rawnand: marvell: Ensure program page operations are successful ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/am335x-baltos.dtsi | 2 +- arch/arm/boot/dts/am335x-boneblack-common.dtsi | 1 - arch/arm/boot/dts/am335x-boneblack-wireless.dts | 1 + arch/arm/boot/dts/am335x-boneblue.dts | 1 + arch/arm/boot/dts/am335x-bonegreen-wireless.dts | 1 + arch/arm/boot/dts/am335x-evm.dts | 3 +- arch/arm/boot/dts/am335x-evmsk.dts | 2 +- arch/arm/boot/dts/am335x-lxm.dts | 2 +- arch/arm/boot/dts/am335x-moxa-uc-2100-common.dtsi | 2 +- arch/arm/boot/dts/am335x-moxa-uc-8100-me-t.dts | 2 +- arch/arm/boot/dts/am335x-pepper.dts | 4 +- arch/arm/boot/dts/am335x-phycore-som.dtsi | 2 +- arch/arm/boot/dts/am33xx-l4.dtsi | 6 +- arch/arm/boot/dts/am33xx.dtsi | 3 +- arch/arm/boot/dts/am4372.dtsi | 3 +- arch/arm/boot/dts/am437x-cm-t43.dts | 2 +- arch/arm/boot/dts/am437x-gp-evm.dts | 4 +- arch/arm/boot/dts/am437x-l4.dtsi | 5 +- arch/arm/boot/dts/am437x-sk-evm.dts | 2 +- arch/arm64/kernel/armv8_deprecated.c | 6 +- arch/x86/include/asm/i8259.h | 2 + arch/x86/include/asm/setup.h | 46 +- arch/x86/kernel/acpi/boot.c | 3 + arch/x86/kernel/i8259.c | 38 +- arch/x86/kernel/vmlinux.lds.S | 2 +- drivers/ata/ahci.h | 241 +-- drivers/base/driver.c | 69 + drivers/base/platform.c | 28 +- drivers/block/Kconfig | 9 - drivers/block/Makefile | 2 - drivers/block/sx8.c | 1586 -------------------- drivers/clk/clk.c | 21 +- drivers/dma/ste_dma40.c | 1 + drivers/gpu/drm/drm_dp_mst_topology.c | 6 +- drivers/i2c/busses/i2c-aspeed.c | 3 +- drivers/i2c/busses/i2c-stm32f7.c | 9 +- drivers/i2c/muxes/i2c-demux-pinctrl.c | 2 +- drivers/i2c/muxes/i2c-mux-gpmux.c | 2 +- drivers/i2c/muxes/i2c-mux-pinctrl.c | 2 +- drivers/iio/adc/exynos_adc.c | 24 +- drivers/input/mouse/synaptics.c | 1 + drivers/input/rmi4/rmi_smbus.c | 50 +- drivers/input/serio/i8042-x86ia64io.h | 8 + drivers/irqchip/irq-stm32-exti.c | 1 + drivers/mcb/mcb-lpc.c | 35 +- drivers/mcb/mcb-parse.c | 15 +- drivers/mtd/nand/raw/marvell_nand.c | 23 +- drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 + drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 +- drivers/net/ethernet/intel/igb/igb_ethtool.c | 6 +- drivers/net/ethernet/intel/igc/igc_ethtool.c | 35 +- drivers/net/ethernet/realtek/r8169_main.c | 4 +- drivers/net/ethernet/toshiba/ps3_gelic_wireless.c | 2 +- drivers/net/gtp.c | 5 +- drivers/net/ieee802154/adf7242.c | 5 +- drivers/net/usb/r8152.c | 10 +- drivers/nvme/target/tcp.c | 50 +- drivers/nvmem/imx-ocotp.c | 6 +- drivers/pci/quirks.c | 8 +- drivers/platform/mellanox/mlxbf-tmfifo.c | 21 +- drivers/platform/x86/asus-wmi.h | 2 +- drivers/rpmsg/qcom_glink_native.c | 1 + drivers/rpmsg/rpmsg_core.c | 37 +- drivers/rpmsg/rpmsg_internal.h | 5 +- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 +- drivers/spi/spi-npcm-fiu.c | 5 +- drivers/tty/serial/8250/8250_pci.c | 122 +- drivers/usb/storage/unusual_cypress.h | 2 +- drivers/video/fbdev/aty/atyfb_base.c | 4 + drivers/video/fbdev/uvesafb.c | 2 +- drivers/virtio/virtio_balloon.c | 6 +- drivers/virtio/virtio_mmio.c | 19 +- fs/cifs/smbdirect.c | 14 +- fs/ext4/mballoc.c | 51 +- fs/ext4/mballoc.h | 14 + fs/f2fs/gc.c | 3 +- fs/nfsd/vfs.c | 12 +- include/linux/device.h | 2 + include/linux/pci_ids.h | 1 + include/linux/platform_device.h | 6 +- include/linux/rpmsg.h | 14 +- include/uapi/linux/gtp.h | 2 +- kernel/events/core.c | 3 +- lib/kobject.c | 12 +- net/core/neighbour.c | 67 +- net/ipv4/tcp_input.c | 9 +- net/netfilter/nfnetlink_log.c | 2 +- sound/soc/codecs/rt5645.c | 2 + .../ftrace/test.d/kprobe/kprobe_non_uniq_symbol.tc | 13 + 90 files changed, 850 insertions(+), 2029 deletions(-)

1 year, 7 months

7
80
0 0

[PATCH 4.19 00/61] 4.19.298-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.19.298 release. There are 61 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Nov 2023 13:02:46 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.298-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.19.298-rc1 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Intashield IS-100 Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for Brainboxes UP cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Add support for additional Brainboxes UC cards Cameron Williams <cang1(a)live.co.uk> tty: 8250: Remove UC-257 and UC-431 LihaSika <lihasika(a)gmail.com> usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility Vicki Pfau <vi(a)endrift.com> PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device Christoph Hellwig <hch(a)lst.de> remove the sx8 block driver Arnd Bergmann <arnd(a)arndb.de> ata: ahci: fix enum constants for gcc-13 Su Hui <suhui(a)nfschina.com> net: chelsio: cxgb4: add an error code check in t4_load_phy_fw Hans de Goede <hdegoede(a)redhat.com> platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e Tomas Henzl <thenzl(a)redhat.com> scsi: mpt3sas: Fix in error path Jorge Maidana <jorgem.linux(a)gmail.com> fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() Shuming Fan <shumingf(a)realtek.com> ASoC: rt5650: fix the wrong result of key button Florian Westphal <fw(a)strlen.de> netfilter: nfnetlink_log: silence bogus compiler warning Arnd Bergmann <arnd(a)arndb.de> fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport Zhang Shurong <zhang_shurong(a)foxmail.com> dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe Ben Wolsieffer <ben.wolsieffer(a)hefring.com> irqchip/stm32-exti: add missing DT IRQ flag translation Szilard Fabian <szfabian(a)bluemarch.art> Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: simple-card: fixup asoc_simple_probe() error handling Denis Efremov <efremov(a)linux.com> MAINTAINERS: r8169: Update path to the driver Juergen Gross <jgross(a)suse.com> x86: Fix .brk attribute in linker script Hangyu Hua <hbh25y(a)gmail.com> rpmsg: Fix possible refcount leak in rpmsg_register_device_override() Bjorn Andersson <quic_bjorande(a)quicinc.com> rpmsg: glink: Release driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix calling device_lock() on non-initialized device Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Fix kfree() of static memory on setting driver_override Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rpmsg: Constify local variable in field store macro Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> driver: platform: Add helper for safer setting of driver_override Josh Poimboeuf <jpoimboe(a)kernel.org> x86/mm: Fix RESERVE_BRK() for older binutils Josh Poimboeuf <jpoimboe(a)redhat.com> x86/mm: Simplify RESERVE_BRK() Al Viro <viro(a)zeniv.linux.org.uk> nfsd: lock_rename() needs both directories to live on the same fs Chao Yu <chao(a)kernel.org> f2fs: fix to do sanity check on inode type during garbage collection Steve French <stfrench(a)microsoft.com> smbdirect: missing rc checks while waiting for rdma events Wang Hai <wanghai38(a)huawei.com> kobject: Fix slab-out-of-bounds in fill_kobj_path() Jinjie Ruan <ruanjinjie(a)huawei.com> arm64: fix a concurrency issue in emulation_proc_handler() Lukasz Majczak <lma(a)semihalf.com> drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() Nick Desaulniers <ndesaulniers(a)google.com> ARM: 8933/1: replace Sun/Solaris style flag on section directive Trond Myklebust <trondmy(a)gmail.com> NFS: Don't call generic_error_remove_page() while holding locks Thomas Gleixner <tglx(a)linutronix.de> x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility Marek Szyprowski <m.szyprowski(a)samsung.com> iio: exynos-adc: request second interupt only when touchscreen mode is used Peter Zijlstra <peterz(a)infradead.org> perf/core: Fix potential NULL deref Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6UL Peng Fan <peng.fan(a)nxp.com> nvmem: imx: correct nregs for i.MX6SLL Alain Volmat <alain.volmat(a)foss.st.com> i2c: stm32f7: Fix PEC handling in case of SMBUS transfers Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() Herve Codina <herve.codina(a)bootlin.com> i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() Ivan Vecera <ivecera(a)redhat.com> i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: fix fragmentation needed check with gso Mateusz Palczewski <mateusz.palczewski(a)intel.com> igb: Fix potential memory leak in igb_add_ethtool_nfc_entry Kunwu Chan <chentao(a)kylinos.cn> treewide: Spelling fix in comment Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 Heiner Kallweit <hkallweit1(a)gmail.com> r8169: rename r8169.c to r8169_main.c Maximilian Heyne <mheyne(a)amazon.de> virtio-mmio: fix memory leak of vm_dev Gavin Shan <gshan(a)redhat.com> virtio_balloon: Fix endless deflation and inflation on arm64 Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb-lpc: Reallocate memory region to avoid memory overlapping Rodríguez Barbarin, José Javier <JoseJavier.Rodriguez(a)duagon.com> mcb: Return actual parsed size when reading chameleon table Francis Laniel <flaniel(a)linux.microsoft.com> selftests/ftrace: Add new test case which checks non unique symbol Haibo Chen <haibo.chen(a)nxp.com> mmc: core: sdio: hold retuning if sdio in 1-bit mode Ulf Hansson <ulf.hansson(a)linaro.org> mmc: sdio: Don't re-initialize powered-on removable SDIO cards at resume ------------- Diffstat: MAINTAINERS | 2 +- Makefile | 4 +- arch/arm/boot/bootp/init.S | 2 +- arch/arm/boot/compressed/big-endian.S | 2 +- arch/arm/boot/compressed/head.S | 2 +- arch/arm/boot/compressed/piggy.S | 2 +- arch/arm/mm/proc-arm1020.S | 2 +- arch/arm/mm/proc-arm1020e.S | 2 +- arch/arm/mm/proc-arm1022.S | 2 +- arch/arm/mm/proc-arm1026.S | 2 +- arch/arm/mm/proc-arm720.S | 2 +- arch/arm/mm/proc-arm740.S | 2 +- arch/arm/mm/proc-arm7tdmi.S | 2 +- arch/arm/mm/proc-arm920.S | 2 +- arch/arm/mm/proc-arm922.S | 2 +- arch/arm/mm/proc-arm925.S | 2 +- arch/arm/mm/proc-arm926.S | 2 +- arch/arm/mm/proc-arm940.S | 2 +- arch/arm/mm/proc-arm946.S | 2 +- arch/arm/mm/proc-arm9tdmi.S | 2 +- arch/arm/mm/proc-fa526.S | 2 +- arch/arm/mm/proc-feroceon.S | 2 +- arch/arm/mm/proc-mohawk.S | 2 +- arch/arm/mm/proc-sa110.S | 2 +- arch/arm/mm/proc-sa1100.S | 2 +- arch/arm/mm/proc-v6.S | 2 +- arch/arm/mm/proc-v7.S | 2 +- arch/arm/mm/proc-v7m.S | 4 +- arch/arm/mm/proc-xsc3.S | 2 +- arch/arm/mm/proc-xscale.S | 2 +- arch/arm64/kernel/armv8_deprecated.c | 6 +- arch/x86/include/asm/i8259.h | 2 + arch/x86/include/asm/setup.h | 46 +- arch/x86/kernel/acpi/boot.c | 3 + arch/x86/kernel/i8259.c | 38 +- arch/x86/kernel/vmlinux.lds.S | 2 +- drivers/ata/ahci.h | 228 +-- drivers/base/driver.c | 69 + drivers/base/platform.c | 28 +- drivers/block/Kconfig | 9 - drivers/block/Makefile | 2 - drivers/block/sx8.c | 1746 -------------------- drivers/dma/ste_dma40.c | 1 + drivers/gpu/drm/drm_dp_mst_topology.c | 6 +- drivers/i2c/busses/i2c-stm32f7.c | 9 +- drivers/i2c/muxes/i2c-demux-pinctrl.c | 2 +- drivers/i2c/muxes/i2c-mux-gpmux.c | 2 +- drivers/i2c/muxes/i2c-mux-pinctrl.c | 2 +- drivers/iio/adc/exynos_adc.c | 24 +- drivers/input/mouse/synaptics.c | 1 + drivers/input/rmi4/rmi_smbus.c | 50 +- drivers/input/serio/i8042-x86ia64io.h | 8 + drivers/irqchip/irq-stm32-exti.c | 1 + drivers/mcb/mcb-lpc.c | 35 +- drivers/mcb/mcb-parse.c | 15 +- drivers/mmc/core/sdio.c | 22 +- drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 + drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 +- drivers/net/ethernet/intel/igb/igb_ethtool.c | 6 +- drivers/net/ethernet/realtek/Makefile | 1 + .../net/ethernet/realtek/{r8169.c => r8169_main.c} | 4 +- drivers/net/ethernet/toshiba/ps3_gelic_wireless.c | 2 +- drivers/net/gtp.c | 5 +- drivers/nvmem/imx-ocotp.c | 4 +- drivers/pci/quirks.c | 8 +- drivers/platform/x86/asus-wmi.h | 2 +- drivers/rpmsg/qcom_glink_native.c | 1 + drivers/rpmsg/rpmsg_core.c | 37 +- drivers/rpmsg/rpmsg_internal.h | 5 +- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 +- drivers/tty/serial/8250/8250_pci.c | 122 +- drivers/usb/storage/unusual_cypress.h | 2 +- drivers/video/fbdev/aty/atyfb_base.c | 4 + drivers/video/fbdev/uvesafb.c | 2 +- drivers/virtio/virtio_balloon.c | 6 +- drivers/virtio/virtio_mmio.c | 19 +- fs/cifs/smbdirect.c | 14 +- fs/f2fs/gc.c | 3 +- fs/nfs/write.c | 3 +- fs/nfsd/vfs.c | 12 +- include/linux/device.h | 2 + include/linux/pci_ids.h | 1 + include/linux/platform_device.h | 6 +- include/linux/rpmsg.h | 14 +- kernel/events/core.c | 3 +- lib/kobject.c | 12 +- net/netfilter/nfnetlink_log.c | 2 +- sound/soc/codecs/rt5645.c | 2 + sound/soc/generic/simple-card.c | 6 +- .../ftrace/test.d/kprobe/kprobe_non_uniq_symbol.tc | 13 + 90 files changed, 679 insertions(+), 2073 deletions(-)

1 year, 7 months

6
67
0 0

+ cgroups-warning-for-metadata-allocation-with-gfp_nofail-was-re-folio_alloc_buffers-doing-allocations-order-1-with-gfp_nofail.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors has been added to the -mm mm-hotfixes-unstable branch. Its filename is cgroups-warning-for-metadata-allocation-with-gfp_nofail-was-re-folio_alloc_buffers-doing-allocations-order-1-with-gfp_nofail.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Roman Gushchin <roman.gushchin(a)linux.dev> Subject: mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors Date: Tue, 7 Nov 2023 09:18:02 -0800 Objcg vectors attached to slab pages to store slab object ownership information are allocated using gfp flags for the original slab allocation. Depending on slab page order and the size of slab objects, objcg vector can take several pages. If the original allocation was done with the __GFP_NOFAIL flag, it triggered a warning in the page allocation code. Indeed, order > 1 pages should not been allocated with the __GFP_NOFAIL flag. Fix this by simply dropping the __GFP_NOFAIL flag when allocating the objcg vector. It effectively allows to skip the accounting of a single slab object under a heavy memory pressure. An alternative would be to implement the mechanism to fallback to order-0 allocations for accounting metadata, which is also not perfect because it will increase performance penalty and memory footprint of the kernel memory accounting under memory pressure. Link: https://lkml.kernel.org/r/ZUp8ZFGxwmCx4ZFr@P9FQF9L96D.corp.robot.car Signed-off-by: Roman Gushchin <roman.gushchin(a)linux.dev> Reported-by: Christoph Lameter <cl(a)linux.com> Closes: https://lkml.kernel.org/r/6b42243e-f197-600a-5d22-56bd728a5ad8@gentwo.org Acked-by: Shakeel Butt <shakeelb(a)google.com> Cc: Matthew Wilcox <willy(a)infradead.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/memcontrol.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/mm/memcontrol.c~cgroups-warning-for-metadata-allocation-with-gfp_nofail-was-re-folio_alloc_buffers-doing-allocations-order-1-with-gfp_nofail +++ a/mm/memcontrol.c @@ -2936,7 +2936,8 @@ void mem_cgroup_commit_charge(struct fol * Moreover, it should not come from DMA buffer and is not readily * reclaimable. So those GFP bits should be masked off. */ -#define OBJCGS_CLEAR_MASK (__GFP_DMA | __GFP_RECLAIMABLE | __GFP_ACCOUNT) +#define OBJCGS_CLEAR_MASK (__GFP_DMA | __GFP_RECLAIMABLE | \ + __GFP_ACCOUNT | __GFP_NOFAIL) /* * mod_objcg_mlstate() may be called with irq enabled, so _ Patches currently in -mm which might be from roman.gushchin(a)linux.dev are cgroups-warning-for-metadata-allocation-with-gfp_nofail-was-re-folio_alloc_buffers-doing-allocations-order-1-with-gfp_nofail.patch

1 year, 7 months

1
0
0 0

[PATCH v5 0/4] Add a few panels and use correct modes

by Hsin-Yi Wang

This series contains 3 patches: 1. Add a few new generic edp panels. 2. Support a new quirk to override the mode read from edid 3. Only add hard-coded mode if both edid and hard-coded modes presents. v1: https://patchwork.kernel.org/project/dri-devel/cover/20231101212604.1636517… v2: https://patchwork.kernel.org/project/dri-devel/cover/20231102221309.1971910… v3: https://patchwork.kernel.org/project/dri-devel/cover/20231106202718.2770821… v4: https://patchwork.kernel.org/project/dri-devel/cover/20231106210337.2900034… Hsin-Yi Wang (4): drm/panel-edp: drm/panel-edp: Fix AUO B116XTN02, B116XAK01 name and timing drm/panel-edp: drm/panel-edp: Add several generic edp panels drm/panel-edp: Add override_edid_mode quirk for generic edp drm/panel-edp: Avoid adding multiple preferred modes drivers/gpu/drm/panel/panel-edp.c | 134 +++++++++++++++++++++++++++--- 1 file changed, 122 insertions(+), 12 deletions(-) -- 2.42.0.869.gea05f2083d-goog

1 year, 7 months

3
8
0 0

selftests: arm64: fp-stress: Unable to handle kernel paging request at virtual address

by Naresh Kamboju

Following kernel oops noticed while running kselftests arm64 on qemu-arm64 on stable-rc linux-6.6.y branch. I have re-built vmlinux with the same config and ran decode stackdump. Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> Logs: ==== # selftests: arm64: fp-stress # TAP version 13 # 1..32 # # 2 CPUs, 5 SVE VLs, 5 SME VLs, SME2 absent # # Will run for 10s # # Started FPSIMD-0-0 <> # # SVE-VL-64-0: Expected [3904000039044000390480003904c0003904000139044001390480013904c0013904000239044002390480023904c0023904000339044003390480033904c003] <> # # Finishing up... # # SSVE-VL-16-0: Terminated by signal 15, no error, iterations=50467, signals=9 # # SVE-VL-16-0: Terminated by signal 15, no error, iterations=56669, signals=9 # # FPSIMD-1-0: Terminated by signal 15, no error, iterations=20632, signals=10 # # FPSIMD-0-0: Terminated by signal 15, no error, iterations=21549, signals=9 # # SSVE-VL-16-1: Terminated by signal 15, no error, iterations=49077, signals=10 # # ZA-VL-16-0: Terminated by signal 15, no error, iterations=24878, signals=9 # # ZA-VL-16-1: Terminated by signal 15, no error, iterations=22452, signals=10 # # SVE-VL-16-1: Terminated by signal 15, no error, iterations=49039, signals=10 # ok 1 FPSIMD-0-0 # # SVE-VL-256-<1>[ 88.160313] Unable to handle kernel paging request at virtual address 00550f0344550f02 <1>[ 88.161949] Mem abort info: <1>[ 88.162574] ESR = 0x0000000096000004 <1>[ 88.163283] EC = 0x25: DABT (current EL), IL = 32 bits <1>[ 88.164330] SET = 0, FnV = 0 <1>[ 88.164930] EA = 0, S1PTW = 0 <1>[ 88.165854] FSC = 0x04: level 0 translation fault <1>[ 88.166852] Data abort info: <1>[ 88.167463] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 <1>[ 88.168566] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 <1>[ 88.169558] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 <1>[ 88.170580] [00550f0344550f02] address between user and kernel address ranges <0>[ 88.172317] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP <4>[ 88.173833] Modules linked in: crct10dif_ce sm3_ce sm3 sha3_ce sha512_ce sha512_arm64 fuse drm backlight dm_mod ip_tables x_tables <4>[ 88.177601] CPU: 1 PID: 1 Comm: systemd Not tainted 6.6.1-rc1 #1 0<4>[ 88.178992] Hardware name: linux,dummy-virt (DT) <4>[ 88.180334] pstate: 224000c9 (nzCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) <4>[ 88.181149] pc : percpu_ref_get_many (include/linux/percpu-refcount.h:174 (discriminator 2) include/linux/percpu-refcount.h:204 (discriminator 2)) <4>[ 88.182885] lr : percpu_ref_get_many (include/linux/percpu-refcount.h:174 (discriminator 2) include/linux/percpu-refcount.h:204 (discriminator 2)) <4>[ 88.183621] sp : ffff80008000bd80 <4>[ 88.184039] x29: ffff80008000bd80 x28: ffff0000c02c8000 x27: 000000000000000a <4>[ 88.185245] x26: 0000000000000000 x25: 0000000000000002 x24: 0000000000000000 <4>[ 88.187718] x23: ffff0000c2306f40 x22: 0000000000000000 x21: 44550f0344550f02 <4>[ 88.188696] x20: 44550f0344550f02 x19: 0000000000000001 x18: 0000000000000000 <4>[ 88.189556] x17: ffff436cf77c7000 x16: ffff800080008000 x15: 0000000000000000 <4>[ 88.190568] x14: 0000000000000000 x13: ffff0000c2290026 x12: ffff80008002bcb4 <4>[ 88.191589] x11: 0000000000000040 x10: ffff0000c00ea0a8 x9 : ffffbc9405d93864 <4>[ 88.192573] x8 : ffff80008000bcd8 x7 : ffff0000c09fe000 x6 : ffff436cf77c7000 <4>[ 88.193523] x5 : ffff80008000bd40 x4 : fffffffffffffef8 x3 : 0000000000000040 <4>[ 88.194472] x2 : 0000000000000002 x1 : ffff0000c02c8000 x0 : 0000000000000001 <4>[ 88.195706] Call trace: <4>[ 88.196098] percpu_ref_get_many (include/linux/percpu-refcount.h:174 (discriminator 2) include/linux/percpu-refcount.h:204 (discriminator 2)) <4>[ 88.196815] refill_obj_stock (mm/memcontrol.c:3339 (discriminator 2)) <4>[ 88.197367] obj_cgroup_uncharge (mm/memcontrol.c:3406) <4>[ 88.197835] kmem_cache_free (include/linux/mm.h:1630 include/linux/mm.h:1849 include/linux/mm.h:1859 mm/slab.h:208 mm/slab.h:572 mm/slub.c:3804 mm/slub.c:3831) <4>[ 88.198407] put_pid.part.0 (kernel/pid.c:118) <4>[ 88.198870] delayed_put_pid (kernel/pid.c:127) <4>[ 88.200527] rcu_core (arch/arm64/include/asm/preempt.h:13 (discriminator 1) kernel/rcu/tree.c:2146 (discriminator 1) kernel/rcu/tree.c:2403 (discriminator 1)) <4>[ 88.200978] rcu_core_si (kernel/rcu/tree.c:2421) <4>[ 88.201972] __do_softirq (arch/arm64/include/asm/jump_label.h:21 include/linux/jump_label.h:207 include/trace/events/irq.h:142 kernel/softirq.c:554) <4>[ 88.202587] ____do_softirq (arch/arm64/kernel/irq.c:81) <4>[ 88.203049] call_on_irq_stack (arch/arm64/kernel/entry.S:892) <4>[ 88.203544] do_softirq_own_stack (arch/arm64/kernel/irq.c:86) <4>[ 88.204008] irq_exit_rcu (arch/arm64/include/asm/percpu.h:44 kernel/softirq.c:612 kernel/softirq.c:634 kernel/softirq.c:644) <4>[ 88.204401] el1_interrupt (arch/arm64/include/asm/current.h:19 arch/arm64/kernel/entry-common.c:246 arch/arm64/kernel/entry-common.c:505 arch/arm64/kernel/entry-common.c:517) <4>[ 88.205751] el1h_64_irq_handler (arch/arm64/kernel/entry-common.c:523) <4>[ 88.206672] el1h_64_irq (arch/arm64/kernel/entry.S:591) <4>[ 88.207329] map_id_range_down (kernel/user_namespace.c:299 kernel/user_namespace.c:319) <4>[ 88.208250] make_kuid (kernel/user_namespace.c:412) <4>[ 88.208826] inode_init_always (include/linux/fs.h:1343 (discriminator 1) fs/inode.c:174 (discriminator 1)) <4>[ 88.209678] alloc_inode (fs/inode.c:266 (discriminator 2)) <4>[ 88.210105] new_inode (fs/inode.c:1004 fs/inode.c:1030) <4>[ 88.210542] proc_pid_make_inode (fs/proc/base.c:1898) <4>[ 88.210963] proc_pid_instantiate (fs/proc/base.c:1949 fs/proc/base.c:3420) <4>[ 88.211361] proc_pid_lookup (fs/proc/base.c:3464) <4>[ 88.211762] proc_root_lookup (fs/proc/root.c:325 (discriminator 1)) <4>[ 88.212299] __lookup_slow (fs/namei.c:1694) <4>[ 88.212739] walk_component (fs/namei.c:1711 fs/namei.c:2002) <4>[ 88.213244] link_path_walk.part.0.constprop.0 (fs/namei.c:2331 (discriminator 1)) <4>[ 88.213803] path_openat (fs/namei.c:2254 (discriminator 1) fs/namei.c:3793 (discriminator 1)) <4>[ 88.214264] do_filp_open (fs/namei.c:3824) <4>[ 88.214550] do_sys_openat2 (fs/open.c:1422) <4>[ 88.215080] __arm64_sys_openat (fs/open.c:1448) <4>[ 88.215495] invoke_syscall (arch/arm64/include/asm/current.h:19 arch/arm64/kernel/syscall.c:56) <4>[ 88.215986] el0_svc_common.constprop.0 (include/linux/thread_info.h:127 (discriminator 2) arch/arm64/kernel/syscall.c:144 (discriminator 2)) <4>[ 88.216476] do_el0_svc (arch/arm64/kernel/syscall.c:156) <4>[ 88.216910] el0_svc (arch/arm64/include/asm/daifflags.h:28 arch/arm64/kernel/entry-common.c:133 arch/arm64/kernel/entry-common.c:144 arch/arm64/kernel/entry-common.c:679) <4>[ 88.217246] el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:697) <4>[ 88.217766] el0t_64_sync (arch/arm64/kernel/entry.S:595) <0>[ 88.218477] Code: a90153f3 aa0003f4 aa0103f3 97f6f396 (f9400280) All code ======== 0: a90153f3 stp x19, x20, [sp, #16] 4: aa0003f4 mov x20, x0 8: aa0103f3 mov x19, x1 c: 97f6f396 bl 0xffffffffffdbce64 10:* f9400280 ldr x0, [x20] <-- trapping instruction Code starting with the faulting instruction =========================================== 0: f9400280 ldr x0, [x20] <4>[ 88.219947] ---[ end trace 0000000000000000 ]--- <0>[ 88.220779] Kernel panic - not syncing: Oops: Fatal exception in interrupt <2>[ 88.221715] SMP: stopping secondary CPUs <0>[ 88.226328] Kernel Offset: 0x3c9385a00000 from 0xffff800080000000 <0>[ 88.226953] PHYS_OFFSET: 0x40000000 <0>[ 88.227382] CPU features: 0x0,00000000,d1e2cf43,99e6773f <0>[ 88.228141] Memory Limit: none <0>[ 88.228905] ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]--- Links: - https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.6.y/build/v6.6-3… - https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.6.y/build/v6.6-3… - https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2XntnCQFUy… -- Linaro LKFT https://lkft.linaro.org

1 year, 7 months

2
4
0 0

[PATCH AUTOSEL 4.14 1/9] crypto: pcrypt - Fix hungtask for PADATA_RESET

by Sasha Levin

From: Lu Jialin <lujialin4(a)huawei.com> [ Upstream commit 8f4f68e788c3a7a696546291258bfa5fdb215523 ] We found a hungtask bug in test_aead_vec_cfg as follows: INFO: task cryptomgr_test:391009 blocked for more than 120 seconds. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Call trace: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 schedule+0xd8/0x1b4 schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20/0x30 test_aead_vec_cfg+0xab4/0xd50 test_aead+0x144/0x1f0 alg_test_aead+0xd8/0x1e0 alg_test+0x634/0x890 cryptomgr_test+0x40/0x70 kthread+0x1e0/0x220 ret_from_fork+0x10/0x18 Kernel panic - not syncing: hung_task: blocked tasks For padata_do_parallel, when the return err is 0 or -EBUSY, it will call wait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal case, aead_request_complete() will be called in pcrypt_aead_serial and the return err is 0 for padata_do_parallel. But, when pinst->flags is PADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it won't call aead_request_complete(). Therefore, test_aead_vec_cfg will hung at wait_for_completion(&wait->completion), which will cause hungtask. The problem comes as following: (padata_do_parallel) | rcu_read_lock_bh(); | err = -EINVAL; | (padata_replace) | pinst->flags |= PADATA_RESET; err = -EBUSY | if (pinst->flags & PADATA_RESET) | rcu_read_unlock_bh() | return err In order to resolve the problem, we replace the return err -EBUSY with -EAGAIN, which means parallel_data is changing, and the caller should call it again. v3: remove retry and just change the return err. v2: introduce padata_try_do_parallel() in pcrypt_aead_encrypt and pcrypt_aead_decrypt to solve the hungtask. Signed-off-by: Lu Jialin <lujialin4(a)huawei.com> Signed-off-by: Guo Zihua <guozihua(a)huawei.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- crypto/pcrypt.c | 4 ++++ kernel/padata.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/crypto/pcrypt.c b/crypto/pcrypt.c index 62e11835f220e..1e9de81ef84fa 100644 --- a/crypto/pcrypt.c +++ b/crypto/pcrypt.c @@ -174,6 +174,8 @@ static int pcrypt_aead_encrypt(struct aead_request *req) err = pcrypt_do_parallel(padata, &ctx->cb_cpu, &pencrypt); if (!err) return -EINPROGRESS; + if (err == -EBUSY) + return -EAGAIN; return err; } @@ -218,6 +220,8 @@ static int pcrypt_aead_decrypt(struct aead_request *req) err = pcrypt_do_parallel(padata, &ctx->cb_cpu, &pdecrypt); if (!err) return -EINPROGRESS; + if (err == -EBUSY) + return -EAGAIN; return err; } diff --git a/kernel/padata.c b/kernel/padata.c index f56ec63f60ba8..82f6d5bf5cb45 100644 --- a/kernel/padata.c +++ b/kernel/padata.c @@ -120,7 +120,7 @@ int padata_do_parallel(struct padata_instance *pinst, if (!cpumask_test_cpu(cb_cpu, pd->cpumask.cbcpu)) goto out; - err = -EBUSY; + err = -EBUSY; if ((pinst->flags & PADATA_RESET)) goto out; -- 2.42.0

1 year, 7 months

1
8
0 0

[PATCH AUTOSEL 4.19 01/11] crypto: pcrypt - Fix hungtask for PADATA_RESET

by Sasha Levin

From: Lu Jialin <lujialin4(a)huawei.com> [ Upstream commit 8f4f68e788c3a7a696546291258bfa5fdb215523 ] We found a hungtask bug in test_aead_vec_cfg as follows: INFO: task cryptomgr_test:391009 blocked for more than 120 seconds. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Call trace: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 schedule+0xd8/0x1b4 schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20/0x30 test_aead_vec_cfg+0xab4/0xd50 test_aead+0x144/0x1f0 alg_test_aead+0xd8/0x1e0 alg_test+0x634/0x890 cryptomgr_test+0x40/0x70 kthread+0x1e0/0x220 ret_from_fork+0x10/0x18 Kernel panic - not syncing: hung_task: blocked tasks For padata_do_parallel, when the return err is 0 or -EBUSY, it will call wait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal case, aead_request_complete() will be called in pcrypt_aead_serial and the return err is 0 for padata_do_parallel. But, when pinst->flags is PADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it won't call aead_request_complete(). Therefore, test_aead_vec_cfg will hung at wait_for_completion(&wait->completion), which will cause hungtask. The problem comes as following: (padata_do_parallel) | rcu_read_lock_bh(); | err = -EINVAL; | (padata_replace) | pinst->flags |= PADATA_RESET; err = -EBUSY | if (pinst->flags & PADATA_RESET) | rcu_read_unlock_bh() | return err In order to resolve the problem, we replace the return err -EBUSY with -EAGAIN, which means parallel_data is changing, and the caller should call it again. v3: remove retry and just change the return err. v2: introduce padata_try_do_parallel() in pcrypt_aead_encrypt and pcrypt_aead_decrypt to solve the hungtask. Signed-off-by: Lu Jialin <lujialin4(a)huawei.com> Signed-off-by: Guo Zihua <guozihua(a)huawei.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- crypto/pcrypt.c | 4 ++++ kernel/padata.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/crypto/pcrypt.c b/crypto/pcrypt.c index 62e11835f220e..1e9de81ef84fa 100644 --- a/crypto/pcrypt.c +++ b/crypto/pcrypt.c @@ -174,6 +174,8 @@ static int pcrypt_aead_encrypt(struct aead_request *req) err = pcrypt_do_parallel(padata, &ctx->cb_cpu, &pencrypt); if (!err) return -EINPROGRESS; + if (err == -EBUSY) + return -EAGAIN; return err; } @@ -218,6 +220,8 @@ static int pcrypt_aead_decrypt(struct aead_request *req) err = pcrypt_do_parallel(padata, &ctx->cb_cpu, &pdecrypt); if (!err) return -EINPROGRESS; + if (err == -EBUSY) + return -EAGAIN; return err; } diff --git a/kernel/padata.c b/kernel/padata.c index 7f2b6d369fd47..a9e14183e1884 100644 --- a/kernel/padata.c +++ b/kernel/padata.c @@ -121,7 +121,7 @@ int padata_do_parallel(struct padata_instance *pinst, if (!cpumask_test_cpu(cb_cpu, pd->cpumask.cbcpu)) goto out; - err = -EBUSY; + err = -EBUSY; if ((pinst->flags & PADATA_RESET)) goto out; -- 2.42.0

1 year, 7 months

1
10
0 0

[PATCH AUTOSEL 5.4 01/12] crypto: pcrypt - Fix hungtask for PADATA_RESET

by Sasha Levin

From: Lu Jialin <lujialin4(a)huawei.com> [ Upstream commit 8f4f68e788c3a7a696546291258bfa5fdb215523 ] We found a hungtask bug in test_aead_vec_cfg as follows: INFO: task cryptomgr_test:391009 blocked for more than 120 seconds. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Call trace: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 schedule+0xd8/0x1b4 schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20/0x30 test_aead_vec_cfg+0xab4/0xd50 test_aead+0x144/0x1f0 alg_test_aead+0xd8/0x1e0 alg_test+0x634/0x890 cryptomgr_test+0x40/0x70 kthread+0x1e0/0x220 ret_from_fork+0x10/0x18 Kernel panic - not syncing: hung_task: blocked tasks For padata_do_parallel, when the return err is 0 or -EBUSY, it will call wait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal case, aead_request_complete() will be called in pcrypt_aead_serial and the return err is 0 for padata_do_parallel. But, when pinst->flags is PADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it won't call aead_request_complete(). Therefore, test_aead_vec_cfg will hung at wait_for_completion(&wait->completion), which will cause hungtask. The problem comes as following: (padata_do_parallel) | rcu_read_lock_bh(); | err = -EINVAL; | (padata_replace) | pinst->flags |= PADATA_RESET; err = -EBUSY | if (pinst->flags & PADATA_RESET) | rcu_read_unlock_bh() | return err In order to resolve the problem, we replace the return err -EBUSY with -EAGAIN, which means parallel_data is changing, and the caller should call it again. v3: remove retry and just change the return err. v2: introduce padata_try_do_parallel() in pcrypt_aead_encrypt and pcrypt_aead_decrypt to solve the hungtask. Signed-off-by: Lu Jialin <lujialin4(a)huawei.com> Signed-off-by: Guo Zihua <guozihua(a)huawei.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- crypto/pcrypt.c | 4 ++++ kernel/padata.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/crypto/pcrypt.c b/crypto/pcrypt.c index 276d2fd9e911c..63e64164900e8 100644 --- a/crypto/pcrypt.c +++ b/crypto/pcrypt.c @@ -118,6 +118,8 @@ static int pcrypt_aead_encrypt(struct aead_request *req) err = padata_do_parallel(ictx->psenc, padata, &ctx->cb_cpu); if (!err) return -EINPROGRESS; + if (err == -EBUSY) + return -EAGAIN; return err; } @@ -165,6 +167,8 @@ static int pcrypt_aead_decrypt(struct aead_request *req) err = padata_do_parallel(ictx->psdec, padata, &ctx->cb_cpu); if (!err) return -EINPROGRESS; + if (err == -EBUSY) + return -EAGAIN; return err; } diff --git a/kernel/padata.c b/kernel/padata.c index 92a4867e8adc7..a544da60014c0 100644 --- a/kernel/padata.c +++ b/kernel/padata.c @@ -130,7 +130,7 @@ int padata_do_parallel(struct padata_shell *ps, *cb_cpu = cpu; } - err = -EBUSY; + err = -EBUSY; if ((pinst->flags & PADATA_RESET)) goto out; -- 2.42.0

1 year, 7 months

1
11
0 0

[PATCH AUTOSEL 5.10 01/16] ASoC: soc-card: Add storage for PCI SSID

by Sasha Levin

From: Richard Fitzgerald <rf(a)opensource.cirrus.com> [ Upstream commit 47f56e38a199bd45514b8e0142399cba4feeaf1a ] Add members to struct snd_soc_card to store the PCI subsystem ID (SSID) of the soundcard. The PCI specification provides two registers to store a vendor-specific SSID that can be read by drivers to uniquely identify a particular "soundcard". This is defined in the PCI specification to distinguish products that use the same silicon (and therefore have the same silicon ID) so that product-specific differences can be applied. PCI only defines 0xFFFF as an invalid value. 0x0000 is not defined as invalid. So the usual pattern of zero-filling the struct and then assuming a zero value unset will not work. A flag is included to indicate when the SSID information has been filled in. Unlike DMI information, which has a free-format entirely up to the vendor, the PCI SSID has a strictly defined format and a registry of vendor IDs. It is usual in Windows drivers that the SSID is used as the sole identifier of the specific end-product and the Windows driver contains tables mapping that to information about the hardware setup, rather than using ACPI properties. This SSID is important information for ASoC components that need to apply hardware-specific configuration on PCI-based systems. As the SSID is a generic part of the PCI specification and is treated as identifying the "soundcard", it is reasonable to include this information in struct snd_soc_card, instead of components inventing their own custom ways to pass this information around. Signed-off-by: Richard Fitzgerald <rf(a)opensource.cirrus.com> Reviewed-by: Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> Link: https://lore.kernel.org/r/20230912163207.3498161-2-rf@opensource.cirrus.com Signed-off-by: Mark Brown <broonie(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- include/sound/soc-card.h | 37 +++++++++++++++++++++++++++++++++++++ include/sound/soc.h | 11 +++++++++++ 2 files changed, 48 insertions(+) diff --git a/include/sound/soc-card.h b/include/sound/soc-card.h index 4f2cc4fb56b7f..9a5429260ece5 100644 --- a/include/sound/soc-card.h +++ b/include/sound/soc-card.h @@ -40,6 +40,43 @@ int snd_soc_card_add_dai_link(struct snd_soc_card *card, void snd_soc_card_remove_dai_link(struct snd_soc_card *card, struct snd_soc_dai_link *dai_link); +#ifdef CONFIG_PCI +static inline void snd_soc_card_set_pci_ssid(struct snd_soc_card *card, + unsigned short vendor, + unsigned short device) +{ + card->pci_subsystem_vendor = vendor; + card->pci_subsystem_device = device; + card->pci_subsystem_set = true; +} + +static inline int snd_soc_card_get_pci_ssid(struct snd_soc_card *card, + unsigned short *vendor, + unsigned short *device) +{ + if (!card->pci_subsystem_set) + return -ENOENT; + + *vendor = card->pci_subsystem_vendor; + *device = card->pci_subsystem_device; + + return 0; +} +#else /* !CONFIG_PCI */ +static inline void snd_soc_card_set_pci_ssid(struct snd_soc_card *card, + unsigned short vendor, + unsigned short device) +{ +} + +static inline int snd_soc_card_get_pci_ssid(struct snd_soc_card *card, + unsigned short *vendor, + unsigned short *device) +{ + return -ENOENT; +} +#endif /* CONFIG_PCI */ + /* device driver data */ static inline void snd_soc_card_set_drvdata(struct snd_soc_card *card, void *data) diff --git a/include/sound/soc.h b/include/sound/soc.h index 3b038c563ae14..e973044143bc9 100644 --- a/include/sound/soc.h +++ b/include/sound/soc.h @@ -977,6 +977,17 @@ struct snd_soc_card { #ifdef CONFIG_DMI char dmi_longname[80]; #endif /* CONFIG_DMI */ + +#ifdef CONFIG_PCI + /* + * PCI does not define 0 as invalid, so pci_subsystem_set indicates + * whether a value has been written to these fields. + */ + unsigned short pci_subsystem_vendor; + unsigned short pci_subsystem_device; + bool pci_subsystem_set; +#endif /* CONFIG_PCI */ + char topology_shortname[32]; struct device *dev; -- 2.42.0

1 year, 7 months

1
15
0 0

[PATCH AUTOSEL 5.15 01/22] ASoC: soc-card: Add storage for PCI SSID

by Sasha Levin

From: Richard Fitzgerald <rf(a)opensource.cirrus.com> [ Upstream commit 47f56e38a199bd45514b8e0142399cba4feeaf1a ] Add members to struct snd_soc_card to store the PCI subsystem ID (SSID) of the soundcard. The PCI specification provides two registers to store a vendor-specific SSID that can be read by drivers to uniquely identify a particular "soundcard". This is defined in the PCI specification to distinguish products that use the same silicon (and therefore have the same silicon ID) so that product-specific differences can be applied. PCI only defines 0xFFFF as an invalid value. 0x0000 is not defined as invalid. So the usual pattern of zero-filling the struct and then assuming a zero value unset will not work. A flag is included to indicate when the SSID information has been filled in. Unlike DMI information, which has a free-format entirely up to the vendor, the PCI SSID has a strictly defined format and a registry of vendor IDs. It is usual in Windows drivers that the SSID is used as the sole identifier of the specific end-product and the Windows driver contains tables mapping that to information about the hardware setup, rather than using ACPI properties. This SSID is important information for ASoC components that need to apply hardware-specific configuration on PCI-based systems. As the SSID is a generic part of the PCI specification and is treated as identifying the "soundcard", it is reasonable to include this information in struct snd_soc_card, instead of components inventing their own custom ways to pass this information around. Signed-off-by: Richard Fitzgerald <rf(a)opensource.cirrus.com> Reviewed-by: Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> Link: https://lore.kernel.org/r/20230912163207.3498161-2-rf@opensource.cirrus.com Signed-off-by: Mark Brown <broonie(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- include/sound/soc-card.h | 37 +++++++++++++++++++++++++++++++++++++ include/sound/soc.h | 11 +++++++++++ 2 files changed, 48 insertions(+) diff --git a/include/sound/soc-card.h b/include/sound/soc-card.h index 4f2cc4fb56b7f..9a5429260ece5 100644 --- a/include/sound/soc-card.h +++ b/include/sound/soc-card.h @@ -40,6 +40,43 @@ int snd_soc_card_add_dai_link(struct snd_soc_card *card, void snd_soc_card_remove_dai_link(struct snd_soc_card *card, struct snd_soc_dai_link *dai_link); +#ifdef CONFIG_PCI +static inline void snd_soc_card_set_pci_ssid(struct snd_soc_card *card, + unsigned short vendor, + unsigned short device) +{ + card->pci_subsystem_vendor = vendor; + card->pci_subsystem_device = device; + card->pci_subsystem_set = true; +} + +static inline int snd_soc_card_get_pci_ssid(struct snd_soc_card *card, + unsigned short *vendor, + unsigned short *device) +{ + if (!card->pci_subsystem_set) + return -ENOENT; + + *vendor = card->pci_subsystem_vendor; + *device = card->pci_subsystem_device; + + return 0; +} +#else /* !CONFIG_PCI */ +static inline void snd_soc_card_set_pci_ssid(struct snd_soc_card *card, + unsigned short vendor, + unsigned short device) +{ +} + +static inline int snd_soc_card_get_pci_ssid(struct snd_soc_card *card, + unsigned short *vendor, + unsigned short *device) +{ + return -ENOENT; +} +#endif /* CONFIG_PCI */ + /* device driver data */ static inline void snd_soc_card_set_drvdata(struct snd_soc_card *card, void *data) diff --git a/include/sound/soc.h b/include/sound/soc.h index 5872a8864f3b6..3f0369aae2faf 100644 --- a/include/sound/soc.h +++ b/include/sound/soc.h @@ -880,6 +880,17 @@ struct snd_soc_card { #ifdef CONFIG_DMI char dmi_longname[80]; #endif /* CONFIG_DMI */ + +#ifdef CONFIG_PCI + /* + * PCI does not define 0 as invalid, so pci_subsystem_set indicates + * whether a value has been written to these fields. + */ + unsigned short pci_subsystem_vendor; + unsigned short pci_subsystem_device; + bool pci_subsystem_set; +#endif /* CONFIG_PCI */ + char topology_shortname[32]; struct device *dev; -- 2.42.0

1 year, 7 months

1
21
0 0

[PATCH AUTOSEL 6.1 01/30] ASoC: soc-card: Add storage for PCI SSID

by Sasha Levin

From: Richard Fitzgerald <rf(a)opensource.cirrus.com> [ Upstream commit 47f56e38a199bd45514b8e0142399cba4feeaf1a ] Add members to struct snd_soc_card to store the PCI subsystem ID (SSID) of the soundcard. The PCI specification provides two registers to store a vendor-specific SSID that can be read by drivers to uniquely identify a particular "soundcard". This is defined in the PCI specification to distinguish products that use the same silicon (and therefore have the same silicon ID) so that product-specific differences can be applied. PCI only defines 0xFFFF as an invalid value. 0x0000 is not defined as invalid. So the usual pattern of zero-filling the struct and then assuming a zero value unset will not work. A flag is included to indicate when the SSID information has been filled in. Unlike DMI information, which has a free-format entirely up to the vendor, the PCI SSID has a strictly defined format and a registry of vendor IDs. It is usual in Windows drivers that the SSID is used as the sole identifier of the specific end-product and the Windows driver contains tables mapping that to information about the hardware setup, rather than using ACPI properties. This SSID is important information for ASoC components that need to apply hardware-specific configuration on PCI-based systems. As the SSID is a generic part of the PCI specification and is treated as identifying the "soundcard", it is reasonable to include this information in struct snd_soc_card, instead of components inventing their own custom ways to pass this information around. Signed-off-by: Richard Fitzgerald <rf(a)opensource.cirrus.com> Reviewed-by: Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> Link: https://lore.kernel.org/r/20230912163207.3498161-2-rf@opensource.cirrus.com Signed-off-by: Mark Brown <broonie(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- include/sound/soc-card.h | 37 +++++++++++++++++++++++++++++++++++++ include/sound/soc.h | 11 +++++++++++ 2 files changed, 48 insertions(+) diff --git a/include/sound/soc-card.h b/include/sound/soc-card.h index 9d31a5c0db33c..40d3023cf0d16 100644 --- a/include/sound/soc-card.h +++ b/include/sound/soc-card.h @@ -44,6 +44,43 @@ int snd_soc_card_add_dai_link(struct snd_soc_card *card, void snd_soc_card_remove_dai_link(struct snd_soc_card *card, struct snd_soc_dai_link *dai_link); +#ifdef CONFIG_PCI +static inline void snd_soc_card_set_pci_ssid(struct snd_soc_card *card, + unsigned short vendor, + unsigned short device) +{ + card->pci_subsystem_vendor = vendor; + card->pci_subsystem_device = device; + card->pci_subsystem_set = true; +} + +static inline int snd_soc_card_get_pci_ssid(struct snd_soc_card *card, + unsigned short *vendor, + unsigned short *device) +{ + if (!card->pci_subsystem_set) + return -ENOENT; + + *vendor = card->pci_subsystem_vendor; + *device = card->pci_subsystem_device; + + return 0; +} +#else /* !CONFIG_PCI */ +static inline void snd_soc_card_set_pci_ssid(struct snd_soc_card *card, + unsigned short vendor, + unsigned short device) +{ +} + +static inline int snd_soc_card_get_pci_ssid(struct snd_soc_card *card, + unsigned short *vendor, + unsigned short *device) +{ + return -ENOENT; +} +#endif /* CONFIG_PCI */ + /* device driver data */ static inline void snd_soc_card_set_drvdata(struct snd_soc_card *card, void *data) diff --git a/include/sound/soc.h b/include/sound/soc.h index 37bbfc8b45cb2..108617cea9c67 100644 --- a/include/sound/soc.h +++ b/include/sound/soc.h @@ -911,6 +911,17 @@ struct snd_soc_card { #ifdef CONFIG_DMI char dmi_longname[80]; #endif /* CONFIG_DMI */ + +#ifdef CONFIG_PCI + /* + * PCI does not define 0 as invalid, so pci_subsystem_set indicates + * whether a value has been written to these fields. + */ + unsigned short pci_subsystem_vendor; + unsigned short pci_subsystem_device; + bool pci_subsystem_set; +#endif /* CONFIG_PCI */ + char topology_shortname[32]; struct device *dev; -- 2.42.0

1 year, 7 months

1
29
0 0

[PATCH AUTOSEL 6.5 01/34] ASoC: mediatek: mt8188-mt6359: support dynamic pinctrl

by Sasha Levin

From: Trevor Wu <trevor.wu(a)mediatek.com> [ Upstream commit d601bb78f06b9e3cbb52e6b87b88add9920a11b6 ] To avoid power leakage, it is recommended to replace the default pinctrl state with dynamic pinctrl since certain audio pinmux functions can remain in a HIGH state even when audio is disabled. Linking pinctrl with DAPM using SND_SOC_DAPM_PINCTRL will ensure that audio pins remain in GPIO mode by default and only switch to an audio function when necessary. Signed-off-by: Trevor Wu <trevor.wu(a)mediatek.com> Reviewed-by: AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> Link: https://lore.kernel.org/r/20230825024935.10878-2-trevor.wu@mediatek.com Signed-off-by: Mark Brown <broonie(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- sound/soc/mediatek/mt8188/mt8188-mt6359.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/sound/soc/mediatek/mt8188/mt8188-mt6359.c b/sound/soc/mediatek/mt8188/mt8188-mt6359.c index ac69c23e0da1c..7048ff52ab86a 100644 --- a/sound/soc/mediatek/mt8188/mt8188-mt6359.c +++ b/sound/soc/mediatek/mt8188/mt8188-mt6359.c @@ -246,6 +246,11 @@ static const struct snd_soc_dapm_widget mt8188_mt6359_widgets[] = { SND_SOC_DAPM_MIC("Headset Mic", NULL), SND_SOC_DAPM_SINK("HDMI"), SND_SOC_DAPM_SINK("DP"), + + /* dynamic pinctrl */ + SND_SOC_DAPM_PINCTRL("ETDM_SPK_PIN", "aud_etdm_spk_on", "aud_etdm_spk_off"), + SND_SOC_DAPM_PINCTRL("ETDM_HP_PIN", "aud_etdm_hp_on", "aud_etdm_hp_off"), + SND_SOC_DAPM_PINCTRL("MTKAIF_PIN", "aud_mtkaif_on", "aud_mtkaif_off"), }; static const struct snd_kcontrol_new mt8188_mt6359_controls[] = { @@ -267,6 +272,7 @@ static int mt8188_mt6359_mtkaif_calibration(struct snd_soc_pcm_runtime *rtd) snd_soc_rtdcom_lookup(rtd, AFE_PCM_NAME); struct snd_soc_component *cmpnt_codec = asoc_rtd_to_codec(rtd, 0)->component; + struct snd_soc_dapm_widget *pin_w = NULL, *w; struct mtk_base_afe *afe; struct mt8188_afe_private *afe_priv; struct mtkaif_param *param; @@ -306,6 +312,18 @@ static int mt8188_mt6359_mtkaif_calibration(struct snd_soc_pcm_runtime *rtd) return 0; } + for_each_card_widgets(rtd->card, w) { + if (!strcmp(w->name, "MTKAIF_PIN")) { + pin_w = w; + break; + } + } + + if (pin_w) + dapm_pinctrl_event(pin_w, NULL, SND_SOC_DAPM_PRE_PMU); + else + dev_dbg(afe->dev, "%s(), no pinmux widget, please check if default on\n", __func__); + pm_runtime_get_sync(afe->dev); mt6359_mtkaif_calibration_enable(cmpnt_codec); @@ -403,6 +421,9 @@ static int mt8188_mt6359_mtkaif_calibration(struct snd_soc_pcm_runtime *rtd) for (i = 0; i < MT8188_MTKAIF_MISO_NUM; i++) param->mtkaif_phase_cycle[i] = mtkaif_phase_cycle[i]; + if (pin_w) + dapm_pinctrl_event(pin_w, NULL, SND_SOC_DAPM_POST_PMD); + dev_dbg(afe->dev, "%s(), end, calibration ok %d\n", __func__, param->mtkaif_calibration_ok); -- 2.42.0

1 year, 7 months

1
33
0 0

[PATCH AUTOSEL 6.6 01/36] ASoC: mediatek: mt8188-mt6359: support dynamic pinctrl

by Sasha Levin

From: Trevor Wu <trevor.wu(a)mediatek.com> [ Upstream commit d601bb78f06b9e3cbb52e6b87b88add9920a11b6 ] To avoid power leakage, it is recommended to replace the default pinctrl state with dynamic pinctrl since certain audio pinmux functions can remain in a HIGH state even when audio is disabled. Linking pinctrl with DAPM using SND_SOC_DAPM_PINCTRL will ensure that audio pins remain in GPIO mode by default and only switch to an audio function when necessary. Signed-off-by: Trevor Wu <trevor.wu(a)mediatek.com> Reviewed-by: AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> Link: https://lore.kernel.org/r/20230825024935.10878-2-trevor.wu@mediatek.com Signed-off-by: Mark Brown <broonie(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- sound/soc/mediatek/mt8188/mt8188-mt6359.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/sound/soc/mediatek/mt8188/mt8188-mt6359.c b/sound/soc/mediatek/mt8188/mt8188-mt6359.c index 9017f48b6272b..f7e22abb75846 100644 --- a/sound/soc/mediatek/mt8188/mt8188-mt6359.c +++ b/sound/soc/mediatek/mt8188/mt8188-mt6359.c @@ -246,6 +246,11 @@ static const struct snd_soc_dapm_widget mt8188_mt6359_widgets[] = { SND_SOC_DAPM_MIC("Headset Mic", NULL), SND_SOC_DAPM_SINK("HDMI"), SND_SOC_DAPM_SINK("DP"), + + /* dynamic pinctrl */ + SND_SOC_DAPM_PINCTRL("ETDM_SPK_PIN", "aud_etdm_spk_on", "aud_etdm_spk_off"), + SND_SOC_DAPM_PINCTRL("ETDM_HP_PIN", "aud_etdm_hp_on", "aud_etdm_hp_off"), + SND_SOC_DAPM_PINCTRL("MTKAIF_PIN", "aud_mtkaif_on", "aud_mtkaif_off"), }; static const struct snd_kcontrol_new mt8188_mt6359_controls[] = { @@ -267,6 +272,7 @@ static int mt8188_mt6359_mtkaif_calibration(struct snd_soc_pcm_runtime *rtd) snd_soc_rtdcom_lookup(rtd, AFE_PCM_NAME); struct snd_soc_component *cmpnt_codec = asoc_rtd_to_codec(rtd, 0)->component; + struct snd_soc_dapm_widget *pin_w = NULL, *w; struct mtk_base_afe *afe; struct mt8188_afe_private *afe_priv; struct mtkaif_param *param; @@ -306,6 +312,18 @@ static int mt8188_mt6359_mtkaif_calibration(struct snd_soc_pcm_runtime *rtd) return 0; } + for_each_card_widgets(rtd->card, w) { + if (!strcmp(w->name, "MTKAIF_PIN")) { + pin_w = w; + break; + } + } + + if (pin_w) + dapm_pinctrl_event(pin_w, NULL, SND_SOC_DAPM_PRE_PMU); + else + dev_dbg(afe->dev, "%s(), no pinmux widget, please check if default on\n", __func__); + pm_runtime_get_sync(afe->dev); mt6359_mtkaif_calibration_enable(cmpnt_codec); @@ -403,6 +421,9 @@ static int mt8188_mt6359_mtkaif_calibration(struct snd_soc_pcm_runtime *rtd) for (i = 0; i < MT8188_MTKAIF_MISO_NUM; i++) param->mtkaif_phase_cycle[i] = mtkaif_phase_cycle[i]; + if (pin_w) + dapm_pinctrl_event(pin_w, NULL, SND_SOC_DAPM_POST_PMD); + dev_dbg(afe->dev, "%s(), end, calibration ok %d\n", __func__, param->mtkaif_calibration_ok); -- 2.42.0

1 year, 7 months

1
35
0 0

+ mm-damon-sysfs-schemes-handle-tried-region-directory-allocation-failure.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/damon/sysfs-schemes: handle tried region directory allocation failure has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-damon-sysfs-schemes-handle-tried-region-directory-allocation-failure.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: SeongJae Park <sj(a)kernel.org> Subject: mm/damon/sysfs-schemes: handle tried region directory allocation failure Date: Mon, 6 Nov 2023 23:34:08 +0000 DAMON sysfs interface's before_damos_apply callback (damon_sysfs_before_damos_apply()), which creates the DAMOS tried regions for each DAMOS action applied region, is not handling the allocation failure for the sysfs directory data. As a result, NULL pointer derefeence is possible. Fix it by handling the case. Link: https://lkml.kernel.org/r/20231106233408.51159-4-sj@kernel.org Fixes: f1d13cacabe1 ("mm/damon/sysfs: implement DAMOS tried regions update command") Signed-off-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> [6.2+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/damon/sysfs-schemes.c | 2 ++ 1 file changed, 2 insertions(+) --- a/mm/damon/sysfs-schemes.c~mm-damon-sysfs-schemes-handle-tried-region-directory-allocation-failure +++ a/mm/damon/sysfs-schemes.c @@ -1826,6 +1826,8 @@ static int damon_sysfs_before_damos_appl return 0; region = damon_sysfs_scheme_region_alloc(r); + if (!region) + return 0; list_add_tail(&region->list, &sysfs_regions->regions_list); sysfs_regions->nr_regions++; if (kobject_init_and_add(&region->kobj, _ Patches currently in -mm which might be from sj(a)kernel.org are mm-damon-sysfs-check-error-from-damon_sysfs_update_target.patch mm-damon-sysfs-schemes-handle-tried-regions-sysfs-directory-allocation-failure.patch mm-damon-sysfs-schemes-handle-tried-region-directory-allocation-failure.patch

1 year, 7 months

1
0
0 0

+ mm-damon-sysfs-schemes-handle-tried-regions-sysfs-directory-allocation-failure.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/damon/sysfs-schemes: handle tried regions sysfs directory allocation failure has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-damon-sysfs-schemes-handle-tried-regions-sysfs-directory-allocation-failure.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: SeongJae Park <sj(a)kernel.org> Subject: mm/damon/sysfs-schemes: handle tried regions sysfs directory allocation failure Date: Mon, 6 Nov 2023 23:34:07 +0000 DAMOS tried regions sysfs directory allocation function (damon_sysfs_scheme_regions_alloc()) is not handling the memory allocation failure. In the case, the code will dereference NULL pointer. Handle the failure to avoid such invalid access. Link: https://lkml.kernel.org/r/20231106233408.51159-3-sj@kernel.org Fixes: 9277d0367ba1 ("mm/damon/sysfs-schemes: implement scheme region directory") Signed-off-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> [6.2+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/damon/sysfs-schemes.c | 3 +++ 1 file changed, 3 insertions(+) --- a/mm/damon/sysfs-schemes.c~mm-damon-sysfs-schemes-handle-tried-regions-sysfs-directory-allocation-failure +++ a/mm/damon/sysfs-schemes.c @@ -162,6 +162,9 @@ damon_sysfs_scheme_regions_alloc(void) struct damon_sysfs_scheme_regions *regions = kmalloc(sizeof(*regions), GFP_KERNEL); + if (!regions) + return NULL; + regions->kobj = (struct kobject){}; INIT_LIST_HEAD(&regions->regions_list); regions->nr_regions = 0; _ Patches currently in -mm which might be from sj(a)kernel.org are mm-damon-sysfs-check-error-from-damon_sysfs_update_target.patch mm-damon-sysfs-schemes-handle-tried-regions-sysfs-directory-allocation-failure.patch mm-damon-sysfs-schemes-handle-tried-region-directory-allocation-failure.patch

1 year, 7 months

1
0
0 0

+ mm-damon-sysfs-check-error-from-damon_sysfs_update_target.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/damon/sysfs: check error from damon_sysfs_update_target() has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-damon-sysfs-check-error-from-damon_sysfs_update_target.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: SeongJae Park <sj(a)kernel.org> Subject: mm/damon/sysfs: check error from damon_sysfs_update_target() Date: Mon, 6 Nov 2023 23:34:06 +0000 Patch series "mm/damon/sysfs: fix unhandled return values". Some of DAMON sysfs interface code is not handling return values from some functions. As a result, confusing user input handling or NULL-dereference is possible. Check those properly. This patch (of 3): damon_sysfs_update_target() returns error code for failures, but its caller, damon_sysfs_set_targets() is ignoring that. The update function seems making no critical change in case of such failures, but the behavior will look like DAMON sysfs is silently ignoring or only partially accepting the user input. Fix it. Link: https://lkml.kernel.org/r/20231106233408.51159-1-sj@kernel.org Link: https://lkml.kernel.org/r/20231106233408.51159-2-sj@kernel.org Fixes: 19467a950b49 ("mm/damon/sysfs: remove requested targets when online-commit inputs") Signed-off-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> [5.19+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/damon/sysfs.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/mm/damon/sysfs.c~mm-damon-sysfs-check-error-from-damon_sysfs_update_target +++ a/mm/damon/sysfs.c @@ -1203,8 +1203,10 @@ static int damon_sysfs_set_targets(struc damon_for_each_target_safe(t, next, ctx) { if (i < sysfs_targets->nr) { - damon_sysfs_update_target(t, ctx, + err = damon_sysfs_update_target(t, ctx, sysfs_targets->targets_arr[i]); + if (err) + return err; } else { if (damon_target_has_pid(ctx)) put_pid(t->pid); _ Patches currently in -mm which might be from sj(a)kernel.org are mm-damon-sysfs-check-error-from-damon_sysfs_update_target.patch mm-damon-sysfs-schemes-handle-tried-regions-sysfs-directory-allocation-failure.patch mm-damon-sysfs-schemes-handle-tried-region-directory-allocation-failure.patch

1 year, 7 months

1
0
0 0

selftests: arm64: fp-stress: Unable to handle kernel paging request at virtual address

by Naresh Kamboju

Following kernel oops noticed while running kselftests arm64 on qemu-arm64 on stable-rc linux-6.6.y branch. I have re-built vmlinux with the same config and ran decode stackdump. Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> Logs: ==== # selftests: arm64: fp-stress # TAP version 13 # 1..32 # # 2 CPUs, 5 SVE VLs, 5 SME VLs, SME2 absent # # Will run for 10s # # Started FPSIMD-0-0 <> # # SVE-VL-64-0: Expected [3904000039044000390480003904c0003904000139044001390480013904c0013904000239044002390480023904c0023904000339044003390480033904c003] <> # # Finishing up... # # SSVE-VL-16-0: Terminated by signal 15, no error, iterations=50467, signals=9 # # SVE-VL-16-0: Terminated by signal 15, no error, iterations=56669, signals=9 # # FPSIMD-1-0: Terminated by signal 15, no error, iterations=20632, signals=10 # # FPSIMD-0-0: Terminated by signal 15, no error, iterations=21549, signals=9 # # SSVE-VL-16-1: Terminated by signal 15, no error, iterations=49077, signals=10 # # ZA-VL-16-0: Terminated by signal 15, no error, iterations=24878, signals=9 # # ZA-VL-16-1: Terminated by signal 15, no error, iterations=22452, signals=10 # # SVE-VL-16-1: Terminated by signal 15, no error, iterations=49039, signals=10 # ok 1 FPSIMD-0-0 # # SVE-VL-256-<1>[ 88.160313] Unable to handle kernel paging request at virtual address 00550f0344550f02 <1>[ 88.161949] Mem abort info: <1>[ 88.162574] ESR = 0x0000000096000004 <1>[ 88.163283] EC = 0x25: DABT (current EL), IL = 32 bits <1>[ 88.164330] SET = 0, FnV = 0 <1>[ 88.164930] EA = 0, S1PTW = 0 <1>[ 88.165854] FSC = 0x04: level 0 translation fault <1>[ 88.166852] Data abort info: <1>[ 88.167463] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 <1>[ 88.168566] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 <1>[ 88.169558] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 <1>[ 88.170580] [00550f0344550f02] address between user and kernel address ranges <0>[ 88.172317] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP <4>[ 88.173833] Modules linked in: crct10dif_ce sm3_ce sm3 sha3_ce sha512_ce sha512_arm64 fuse drm backlight dm_mod ip_tables x_tables <4>[ 88.177601] CPU: 1 PID: 1 Comm: systemd Not tainted 6.6.1-rc1 #1 0<4>[ 88.178992] Hardware name: linux,dummy-virt (DT) <4>[ 88.180334] pstate: 224000c9 (nzCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) <4>[ 88.181149] pc : percpu_ref_get_many (include/linux/percpu-refcount.h:174 (discriminator 2) include/linux/percpu-refcount.h:204 (discriminator 2)) <4>[ 88.182885] lr : percpu_ref_get_many (include/linux/percpu-refcount.h:174 (discriminator 2) include/linux/percpu-refcount.h:204 (discriminator 2)) <4>[ 88.183621] sp : ffff80008000bd80 <4>[ 88.184039] x29: ffff80008000bd80 x28: ffff0000c02c8000 x27: 000000000000000a <4>[ 88.185245] x26: 0000000000000000 x25: 0000000000000002 x24: 0000000000000000 <4>[ 88.187718] x23: ffff0000c2306f40 x22: 0000000000000000 x21: 44550f0344550f02 <4>[ 88.188696] x20: 44550f0344550f02 x19: 0000000000000001 x18: 0000000000000000 <4>[ 88.189556] x17: ffff436cf77c7000 x16: ffff800080008000 x15: 0000000000000000 <4>[ 88.190568] x14: 0000000000000000 x13: ffff0000c2290026 x12: ffff80008002bcb4 <4>[ 88.191589] x11: 0000000000000040 x10: ffff0000c00ea0a8 x9 : ffffbc9405d93864 <4>[ 88.192573] x8 : ffff80008000bcd8 x7 : ffff0000c09fe000 x6 : ffff436cf77c7000 <4>[ 88.193523] x5 : ffff80008000bd40 x4 : fffffffffffffef8 x3 : 0000000000000040 <4>[ 88.194472] x2 : 0000000000000002 x1 : ffff0000c02c8000 x0 : 0000000000000001 <4>[ 88.195706] Call trace: <4>[ 88.196098] percpu_ref_get_many (include/linux/percpu-refcount.h:174 (discriminator 2) include/linux/percpu-refcount.h:204 (discriminator 2)) <4>[ 88.196815] refill_obj_stock (mm/memcontrol.c:3339 (discriminator 2)) <4>[ 88.197367] obj_cgroup_uncharge (mm/memcontrol.c:3406) <4>[ 88.197835] kmem_cache_free (include/linux/mm.h:1630 include/linux/mm.h:1849 include/linux/mm.h:1859 mm/slab.h:208 mm/slab.h:572 mm/slub.c:3804 mm/slub.c:3831) <4>[ 88.198407] put_pid.part.0 (kernel/pid.c:118) <4>[ 88.198870] delayed_put_pid (kernel/pid.c:127) <4>[ 88.200527] rcu_core (arch/arm64/include/asm/preempt.h:13 (discriminator 1) kernel/rcu/tree.c:2146 (discriminator 1) kernel/rcu/tree.c:2403 (discriminator 1)) <4>[ 88.200978] rcu_core_si (kernel/rcu/tree.c:2421) <4>[ 88.201972] __do_softirq (arch/arm64/include/asm/jump_label.h:21 include/linux/jump_label.h:207 include/trace/events/irq.h:142 kernel/softirq.c:554) <4>[ 88.202587] ____do_softirq (arch/arm64/kernel/irq.c:81) <4>[ 88.203049] call_on_irq_stack (arch/arm64/kernel/entry.S:892) <4>[ 88.203544] do_softirq_own_stack (arch/arm64/kernel/irq.c:86) <4>[ 88.204008] irq_exit_rcu (arch/arm64/include/asm/percpu.h:44 kernel/softirq.c:612 kernel/softirq.c:634 kernel/softirq.c:644) <4>[ 88.204401] el1_interrupt (arch/arm64/include/asm/current.h:19 arch/arm64/kernel/entry-common.c:246 arch/arm64/kernel/entry-common.c:505 arch/arm64/kernel/entry-common.c:517) <4>[ 88.205751] el1h_64_irq_handler (arch/arm64/kernel/entry-common.c:523) <4>[ 88.206672] el1h_64_irq (arch/arm64/kernel/entry.S:591) <4>[ 88.207329] map_id_range_down (kernel/user_namespace.c:299 kernel/user_namespace.c:319) <4>[ 88.208250] make_kuid (kernel/user_namespace.c:412) <4>[ 88.208826] inode_init_always (include/linux/fs.h:1343 (discriminator 1) fs/inode.c:174 (discriminator 1)) <4>[ 88.209678] alloc_inode (fs/inode.c:266 (discriminator 2)) <4>[ 88.210105] new_inode (fs/inode.c:1004 fs/inode.c:1030) <4>[ 88.210542] proc_pid_make_inode (fs/proc/base.c:1898) <4>[ 88.210963] proc_pid_instantiate (fs/proc/base.c:1949 fs/proc/base.c:3420) <4>[ 88.211361] proc_pid_lookup (fs/proc/base.c:3464) <4>[ 88.211762] proc_root_lookup (fs/proc/root.c:325 (discriminator 1)) <4>[ 88.212299] __lookup_slow (fs/namei.c:1694) <4>[ 88.212739] walk_component (fs/namei.c:1711 fs/namei.c:2002) <4>[ 88.213244] link_path_walk.part.0.constprop.0 (fs/namei.c:2331 (discriminator 1)) <4>[ 88.213803] path_openat (fs/namei.c:2254 (discriminator 1) fs/namei.c:3793 (discriminator 1)) <4>[ 88.214264] do_filp_open (fs/namei.c:3824) <4>[ 88.214550] do_sys_openat2 (fs/open.c:1422) <4>[ 88.215080] __arm64_sys_openat (fs/open.c:1448) <4>[ 88.215495] invoke_syscall (arch/arm64/include/asm/current.h:19 arch/arm64/kernel/syscall.c:56) <4>[ 88.215986] el0_svc_common.constprop.0 (include/linux/thread_info.h:127 (discriminator 2) arch/arm64/kernel/syscall.c:144 (discriminator 2)) <4>[ 88.216476] do_el0_svc (arch/arm64/kernel/syscall.c:156) <4>[ 88.216910] el0_svc (arch/arm64/include/asm/daifflags.h:28 arch/arm64/kernel/entry-common.c:133 arch/arm64/kernel/entry-common.c:144 arch/arm64/kernel/entry-common.c:679) <4>[ 88.217246] el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:697) <4>[ 88.217766] el0t_64_sync (arch/arm64/kernel/entry.S:595) <0>[ 88.218477] Code: a90153f3 aa0003f4 aa0103f3 97f6f396 (f9400280) All code ======== 0:* f3 53 repz push %rbx <-- trapping instruction 2: 01 a9 f4 03 00 aa add %ebp,-0x55fffc0c(%rcx) 8: f3 03 01 repz add (%rcx),%eax b: aa stos %al,%es:(%rdi) c: 96 xchg %eax,%esi d: f3 f6 97 80 02 40 f9 repz notb -0x6bffd80(%rdi) Code starting with the faulting instruction =========================================== 0: 80 02 40 addb $0x40,(%rdx) 3: f9 stc <4>[ 88.219947] ---[ end trace 0000000000000000 ]--- <0>[ 88.220779] Kernel panic - not syncing: Oops: Fatal exception in interrupt <2>[ 88.221715] SMP: stopping secondary CPUs <0>[ 88.226328] Kernel Offset: 0x3c9385a00000 from 0xffff800080000000 <0>[ 88.226953] PHYS_OFFSET: 0x40000000 <0>[ 88.227382] CPU features: 0x0,00000000,d1e2cf43,99e6773f <0>[ 88.228141] Memory Limit: none <0>[ 88.228905] ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]--- Links: - https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.6.y/build/v6.6-3… - https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.6.y/build/v6.6-3… - https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2XntnCQFUy… Re-built image: - https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/naresh/builds/2XqQotM… -- Linaro LKFT https://lkft.linaro.org

1 year, 7 months

2
2
0 0

[PATCH AUTOSEL 4.14 1/4] drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7

by Sasha Levin

From: Mario Limonciello <mario.limonciello(a)amd.com> [ Upstream commit 760efbca74a405dc439a013a5efaa9fadc95a8c3 ] For pptable structs that use flexible array sizes, use flexible arrays. Suggested-by: Felix Held <felix.held(a)amd.com> Link: https://gitlab.freedesktop.org/drm/amd/-/issues/2874 Signed-off-by: Mario Limonciello <mario.limonciello(a)amd.com> Acked-by: Alex Deucher <alexander.deucher(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/gpu/drm/amd/include/pptable.h | 4 ++-- drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/gpu/drm/amd/include/pptable.h b/drivers/gpu/drm/amd/include/pptable.h index 0b6a057e0a4c4..5aac8d545bdc6 100644 --- a/drivers/gpu/drm/amd/include/pptable.h +++ b/drivers/gpu/drm/amd/include/pptable.h @@ -78,7 +78,7 @@ typedef struct _ATOM_PPLIB_THERMALCONTROLLER typedef struct _ATOM_PPLIB_STATE { UCHAR ucNonClockStateIndex; - UCHAR ucClockStateIndices[1]; // variable-sized + UCHAR ucClockStateIndices[]; // variable-sized } ATOM_PPLIB_STATE; @@ -473,7 +473,7 @@ typedef struct _ATOM_PPLIB_STATE_V2 /** * Driver will read the first ucNumDPMLevels in this array */ - UCHAR clockInfoIndex[1]; + UCHAR clockInfoIndex[]; } ATOM_PPLIB_STATE_V2; typedef struct _StateArray{ diff --git a/drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h b/drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h index 1e870f58dd12a..d5a4a08c6d392 100644 --- a/drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h +++ b/drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h @@ -179,7 +179,7 @@ typedef struct _ATOM_Tonga_MCLK_Dependency_Record { typedef struct _ATOM_Tonga_MCLK_Dependency_Table { UCHAR ucRevId; UCHAR ucNumEntries; /* Number of entries. */ - ATOM_Tonga_MCLK_Dependency_Record entries[1]; /* Dynamically allocate entries. */ + ATOM_Tonga_MCLK_Dependency_Record entries[]; /* Dynamically allocate entries. */ } ATOM_Tonga_MCLK_Dependency_Table; typedef struct _ATOM_Tonga_SCLK_Dependency_Record { @@ -194,7 +194,7 @@ typedef struct _ATOM_Tonga_SCLK_Dependency_Record { typedef struct _ATOM_Tonga_SCLK_Dependency_Table { UCHAR ucRevId; UCHAR ucNumEntries; /* Number of entries. */ - ATOM_Tonga_SCLK_Dependency_Record entries[1]; /* Dynamically allocate entries. */ + ATOM_Tonga_SCLK_Dependency_Record entries[]; /* Dynamically allocate entries. */ } ATOM_Tonga_SCLK_Dependency_Table; typedef struct _ATOM_Polaris_SCLK_Dependency_Record { -- 2.42.0

1 year, 7 months

1
3
0 0

[PATCH AUTOSEL 4.19 1/5] drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7

by Sasha Levin

From: Mario Limonciello <mario.limonciello(a)amd.com> [ Upstream commit 760efbca74a405dc439a013a5efaa9fadc95a8c3 ] For pptable structs that use flexible array sizes, use flexible arrays. Suggested-by: Felix Held <felix.held(a)amd.com> Link: https://gitlab.freedesktop.org/drm/amd/-/issues/2874 Signed-off-by: Mario Limonciello <mario.limonciello(a)amd.com> Acked-by: Alex Deucher <alexander.deucher(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/gpu/drm/amd/include/pptable.h | 4 ++-- drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/gpu/drm/amd/include/pptable.h b/drivers/gpu/drm/amd/include/pptable.h index 0b6a057e0a4c4..5aac8d545bdc6 100644 --- a/drivers/gpu/drm/amd/include/pptable.h +++ b/drivers/gpu/drm/amd/include/pptable.h @@ -78,7 +78,7 @@ typedef struct _ATOM_PPLIB_THERMALCONTROLLER typedef struct _ATOM_PPLIB_STATE { UCHAR ucNonClockStateIndex; - UCHAR ucClockStateIndices[1]; // variable-sized + UCHAR ucClockStateIndices[]; // variable-sized } ATOM_PPLIB_STATE; @@ -473,7 +473,7 @@ typedef struct _ATOM_PPLIB_STATE_V2 /** * Driver will read the first ucNumDPMLevels in this array */ - UCHAR clockInfoIndex[1]; + UCHAR clockInfoIndex[]; } ATOM_PPLIB_STATE_V2; typedef struct _StateArray{ diff --git a/drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h b/drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h index 1e870f58dd12a..d5a4a08c6d392 100644 --- a/drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h +++ b/drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h @@ -179,7 +179,7 @@ typedef struct _ATOM_Tonga_MCLK_Dependency_Record { typedef struct _ATOM_Tonga_MCLK_Dependency_Table { UCHAR ucRevId; UCHAR ucNumEntries; /* Number of entries. */ - ATOM_Tonga_MCLK_Dependency_Record entries[1]; /* Dynamically allocate entries. */ + ATOM_Tonga_MCLK_Dependency_Record entries[]; /* Dynamically allocate entries. */ } ATOM_Tonga_MCLK_Dependency_Table; typedef struct _ATOM_Tonga_SCLK_Dependency_Record { @@ -194,7 +194,7 @@ typedef struct _ATOM_Tonga_SCLK_Dependency_Record { typedef struct _ATOM_Tonga_SCLK_Dependency_Table { UCHAR ucRevId; UCHAR ucNumEntries; /* Number of entries. */ - ATOM_Tonga_SCLK_Dependency_Record entries[1]; /* Dynamically allocate entries. */ + ATOM_Tonga_SCLK_Dependency_Record entries[]; /* Dynamically allocate entries. */ } ATOM_Tonga_SCLK_Dependency_Table; typedef struct _ATOM_Polaris_SCLK_Dependency_Record { -- 2.42.0

1 year, 7 months

1
4
0 0

[PATCH AUTOSEL 5.4 1/6] drm/komeda: drop all currently held locks if deadlock happens

by Sasha Levin

From: "baozhu.liu" <lucas.liu(a)siengine.com> [ Upstream commit 19ecbe8325a2a7ffda5ff4790955b84eaccba49f ] If komeda_pipeline_unbound_components() returns -EDEADLK, it means that a deadlock happened in the locking context. Currently, komeda is not dealing with the deadlock properly,producing the following output when CONFIG_DEBUG_WW_MUTEX_SLOWPATH is enabled: ------------[ cut here ]------------ [ 26.103984] WARNING: CPU: 2 PID: 345 at drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c:1248 komeda_release_unclaimed_resources+0x13c/0x170 [ 26.117453] Modules linked in: [ 26.120511] CPU: 2 PID: 345 Comm: composer(a)2.1-se Kdump: loaded Tainted: G W 5.10.110-SE-SDK1.8-dirty #16 [ 26.131374] Hardware name: Siengine Se1000 Evaluation board (DT) [ 26.137379] pstate: 20400009 (nzCv daif +PAN -UAO -TCO BTYPE=--) [ 26.143385] pc : komeda_release_unclaimed_resources+0x13c/0x170 [ 26.149301] lr : komeda_release_unclaimed_resources+0xbc/0x170 [ 26.155130] sp : ffff800017b8b8d0 [ 26.158442] pmr_save: 000000e0 [ 26.161493] x29: ffff800017b8b8d0 x28: ffff000cf2f96200 [ 26.166805] x27: ffff000c8f5a8800 x26: 0000000000000000 [ 26.172116] x25: 0000000000000038 x24: ffff8000116a0140 [ 26.177428] x23: 0000000000000038 x22: ffff000cf2f96200 [ 26.182739] x21: ffff000cfc300300 x20: ffff000c8ab77080 [ 26.188051] x19: 0000000000000003 x18: 0000000000000000 [ 26.193362] x17: 0000000000000000 x16: 0000000000000000 [ 26.198672] x15: b400e638f738ba38 x14: 0000000000000000 [ 26.203983] x13: 0000000106400a00 x12: 0000000000000000 [ 26.209294] x11: 0000000000000000 x10: 0000000000000000 [ 26.214604] x9 : ffff800012f80000 x8 : ffff000ca3308000 [ 26.219915] x7 : 0000000ff3000000 x6 : ffff80001084034c [ 26.225226] x5 : ffff800017b8bc40 x4 : 000000000000000f [ 26.230536] x3 : ffff000ca3308000 x2 : 0000000000000000 [ 26.235847] x1 : 0000000000000000 x0 : ffffffffffffffdd [ 26.241158] Call trace: [ 26.243604] komeda_release_unclaimed_resources+0x13c/0x170 [ 26.249175] komeda_crtc_atomic_check+0x68/0xf0 [ 26.253706] drm_atomic_helper_check_planes+0x138/0x1f4 [ 26.258929] komeda_kms_check+0x284/0x36c [ 26.262939] drm_atomic_check_only+0x40c/0x714 [ 26.267381] drm_atomic_nonblocking_commit+0x1c/0x60 [ 26.272344] drm_mode_atomic_ioctl+0xa3c/0xb8c [ 26.276787] drm_ioctl_kernel+0xc4/0x120 [ 26.280708] drm_ioctl+0x268/0x534 [ 26.284109] __arm64_sys_ioctl+0xa8/0xf0 [ 26.288030] el0_svc_common.constprop.0+0x80/0x240 [ 26.292817] do_el0_svc+0x24/0x90 [ 26.296132] el0_svc+0x20/0x30 [ 26.299185] el0_sync_handler+0xe8/0xf0 [ 26.303018] el0_sync+0x1a4/0x1c0 [ 26.306330] irq event stamp: 0 [ 26.309384] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 26.315650] hardirqs last disabled at (0): [<ffff800010056d34>] copy_process+0x5d0/0x183c [ 26.323825] softirqs last enabled at (0): [<ffff800010056d34>] copy_process+0x5d0/0x183c [ 26.331997] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 26.338261] ---[ end trace 20ae984fa860184a ]--- [ 26.343021] ------------[ cut here ]------------ [ 26.347646] WARNING: CPU: 3 PID: 345 at drivers/gpu/drm/drm_modeset_lock.c:228 drm_modeset_drop_locks+0x84/0x90 [ 26.357727] Modules linked in: [ 26.360783] CPU: 3 PID: 345 Comm: composer(a)2.1-se Kdump: loaded Tainted: G W 5.10.110-SE-SDK1.8-dirty #16 [ 26.371645] Hardware name: Siengine Se1000 Evaluation board (DT) [ 26.377647] pstate: 20400009 (nzCv daif +PAN -UAO -TCO BTYPE=--) [ 26.383649] pc : drm_modeset_drop_locks+0x84/0x90 [ 26.388351] lr : drm_mode_atomic_ioctl+0x860/0xb8c [ 26.393137] sp : ffff800017b8bb10 [ 26.396447] pmr_save: 000000e0 [ 26.399497] x29: ffff800017b8bb10 x28: 0000000000000001 [ 26.404807] x27: 0000000000000038 x26: 0000000000000002 [ 26.410115] x25: ffff000cecbefa00 x24: ffff000cf2f96200 [ 26.415423] x23: 0000000000000001 x22: 0000000000000018 [ 26.420731] x21: 0000000000000001 x20: ffff800017b8bc10 [ 26.426039] x19: 0000000000000000 x18: 0000000000000000 [ 26.431347] x17: 0000000002e8bf2c x16: 0000000002e94c6b [ 26.436655] x15: 0000000002ea48b9 x14: ffff8000121f0300 [ 26.441963] x13: 0000000002ee2ca8 x12: ffff80001129cae0 [ 26.447272] x11: ffff800012435000 x10: ffff000ed46b5e88 [ 26.452580] x9 : ffff000c9935e600 x8 : 0000000000000000 [ 26.457888] x7 : 000000008020001e x6 : 000000008020001f [ 26.463196] x5 : ffff80001085fbe0 x4 : fffffe0033a59f20 [ 26.468504] x3 : 000000008020001e x2 : 0000000000000000 [ 26.473813] x1 : 0000000000000000 x0 : ffff000c8f596090 [ 26.479122] Call trace: [ 26.481566] drm_modeset_drop_locks+0x84/0x90 [ 26.485918] drm_mode_atomic_ioctl+0x860/0xb8c [ 26.490359] drm_ioctl_kernel+0xc4/0x120 [ 26.494278] drm_ioctl+0x268/0x534 [ 26.497677] __arm64_sys_ioctl+0xa8/0xf0 [ 26.501598] el0_svc_common.constprop.0+0x80/0x240 [ 26.506384] do_el0_svc+0x24/0x90 [ 26.509697] el0_svc+0x20/0x30 [ 26.512748] el0_sync_handler+0xe8/0xf0 [ 26.516580] el0_sync+0x1a4/0x1c0 [ 26.519891] irq event stamp: 0 [ 26.522943] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 26.529207] hardirqs last disabled at (0): [<ffff800010056d34>] copy_process+0x5d0/0x183c [ 26.537379] softirqs last enabled at (0): [<ffff800010056d34>] copy_process+0x5d0/0x183c [ 26.545550] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 26.551812] ---[ end trace 20ae984fa860184b ]--- According to the call trace information,it can be located to be WARN_ON(IS_ERR(c_st)) in the komeda_pipeline_unbound_components function; Then follow the function. komeda_pipeline_unbound_components -> komeda_component_get_state_and_set_user -> komeda_pipeline_get_state_and_set_crtc -> komeda_pipeline_get_state ->drm_atomic_get_private_obj_state -> drm_atomic_get_private_obj_state -> drm_modeset_lock komeda_pipeline_unbound_components -> komeda_component_get_state_and_set_user -> komeda_component_get_state -> drm_atomic_get_private_obj_state -> drm_modeset_lock ret = drm_modeset_lock(&obj->lock, state->acquire_ctx); if (ret) return ERR_PTR(ret); Here it return -EDEADLK. deal with the deadlock as suggested by [1], using the function drm_modeset_backoff(). [1] https://docs.kernel.org/gpu/drm-kms.html?highlight=kms#kms-locking Therefore, handling this problem can be solved by adding return -EDEADLK back to the drm_modeset_backoff processing flow in the drm_mode_atomic_ioctl function. Signed-off-by: baozhu.liu <lucas.liu(a)siengine.com> Signed-off-by: menghui.huang <menghui.huang(a)siengine.com> Reviewed-by: Liviu Dudau <liviu.dudau(a)arm.com> Signed-off-by: Liviu Dudau <liviu.dudau(a)arm.com> Link: https://patchwork.freedesktop.org/patch/msgid/20230804013117.6870-1-menghui… Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- .../gpu/drm/arm/display/komeda/komeda_pipeline_state.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c index b848270e0a1f4..31527fb66b5c5 100644 --- a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c +++ b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c @@ -1171,7 +1171,7 @@ int komeda_build_display_data_flow(struct komeda_crtc *kcrtc, return 0; } -static void +static int komeda_pipeline_unbound_components(struct komeda_pipeline *pipe, struct komeda_pipeline_state *new) { @@ -1190,8 +1190,12 @@ komeda_pipeline_unbound_components(struct komeda_pipeline *pipe, c = komeda_pipeline_get_component(pipe, id); c_st = komeda_component_get_state_and_set_user(c, drm_st, NULL, new->crtc); + if (PTR_ERR(c_st) == -EDEADLK) + return -EDEADLK; WARN_ON(IS_ERR(c_st)); } + + return 0; } /* release unclaimed pipeline resource */ @@ -1213,9 +1217,8 @@ int komeda_release_unclaimed_resources(struct komeda_pipeline *pipe, if (WARN_ON(IS_ERR_OR_NULL(st))) return -EINVAL; - komeda_pipeline_unbound_components(pipe, st); + return komeda_pipeline_unbound_components(pipe, st); - return 0; } void komeda_pipeline_disable(struct komeda_pipeline *pipe, -- 2.42.0

1 year, 7 months

1
5
0 0

[PATCH AUTOSEL 5.10 01/11] drm/komeda: drop all currently held locks if deadlock happens

by Sasha Levin

From: "baozhu.liu" <lucas.liu(a)siengine.com> [ Upstream commit 19ecbe8325a2a7ffda5ff4790955b84eaccba49f ] If komeda_pipeline_unbound_components() returns -EDEADLK, it means that a deadlock happened in the locking context. Currently, komeda is not dealing with the deadlock properly,producing the following output when CONFIG_DEBUG_WW_MUTEX_SLOWPATH is enabled: ------------[ cut here ]------------ [ 26.103984] WARNING: CPU: 2 PID: 345 at drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c:1248 komeda_release_unclaimed_resources+0x13c/0x170 [ 26.117453] Modules linked in: [ 26.120511] CPU: 2 PID: 345 Comm: composer(a)2.1-se Kdump: loaded Tainted: G W 5.10.110-SE-SDK1.8-dirty #16 [ 26.131374] Hardware name: Siengine Se1000 Evaluation board (DT) [ 26.137379] pstate: 20400009 (nzCv daif +PAN -UAO -TCO BTYPE=--) [ 26.143385] pc : komeda_release_unclaimed_resources+0x13c/0x170 [ 26.149301] lr : komeda_release_unclaimed_resources+0xbc/0x170 [ 26.155130] sp : ffff800017b8b8d0 [ 26.158442] pmr_save: 000000e0 [ 26.161493] x29: ffff800017b8b8d0 x28: ffff000cf2f96200 [ 26.166805] x27: ffff000c8f5a8800 x26: 0000000000000000 [ 26.172116] x25: 0000000000000038 x24: ffff8000116a0140 [ 26.177428] x23: 0000000000000038 x22: ffff000cf2f96200 [ 26.182739] x21: ffff000cfc300300 x20: ffff000c8ab77080 [ 26.188051] x19: 0000000000000003 x18: 0000000000000000 [ 26.193362] x17: 0000000000000000 x16: 0000000000000000 [ 26.198672] x15: b400e638f738ba38 x14: 0000000000000000 [ 26.203983] x13: 0000000106400a00 x12: 0000000000000000 [ 26.209294] x11: 0000000000000000 x10: 0000000000000000 [ 26.214604] x9 : ffff800012f80000 x8 : ffff000ca3308000 [ 26.219915] x7 : 0000000ff3000000 x6 : ffff80001084034c [ 26.225226] x5 : ffff800017b8bc40 x4 : 000000000000000f [ 26.230536] x3 : ffff000ca3308000 x2 : 0000000000000000 [ 26.235847] x1 : 0000000000000000 x0 : ffffffffffffffdd [ 26.241158] Call trace: [ 26.243604] komeda_release_unclaimed_resources+0x13c/0x170 [ 26.249175] komeda_crtc_atomic_check+0x68/0xf0 [ 26.253706] drm_atomic_helper_check_planes+0x138/0x1f4 [ 26.258929] komeda_kms_check+0x284/0x36c [ 26.262939] drm_atomic_check_only+0x40c/0x714 [ 26.267381] drm_atomic_nonblocking_commit+0x1c/0x60 [ 26.272344] drm_mode_atomic_ioctl+0xa3c/0xb8c [ 26.276787] drm_ioctl_kernel+0xc4/0x120 [ 26.280708] drm_ioctl+0x268/0x534 [ 26.284109] __arm64_sys_ioctl+0xa8/0xf0 [ 26.288030] el0_svc_common.constprop.0+0x80/0x240 [ 26.292817] do_el0_svc+0x24/0x90 [ 26.296132] el0_svc+0x20/0x30 [ 26.299185] el0_sync_handler+0xe8/0xf0 [ 26.303018] el0_sync+0x1a4/0x1c0 [ 26.306330] irq event stamp: 0 [ 26.309384] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 26.315650] hardirqs last disabled at (0): [<ffff800010056d34>] copy_process+0x5d0/0x183c [ 26.323825] softirqs last enabled at (0): [<ffff800010056d34>] copy_process+0x5d0/0x183c [ 26.331997] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 26.338261] ---[ end trace 20ae984fa860184a ]--- [ 26.343021] ------------[ cut here ]------------ [ 26.347646] WARNING: CPU: 3 PID: 345 at drivers/gpu/drm/drm_modeset_lock.c:228 drm_modeset_drop_locks+0x84/0x90 [ 26.357727] Modules linked in: [ 26.360783] CPU: 3 PID: 345 Comm: composer(a)2.1-se Kdump: loaded Tainted: G W 5.10.110-SE-SDK1.8-dirty #16 [ 26.371645] Hardware name: Siengine Se1000 Evaluation board (DT) [ 26.377647] pstate: 20400009 (nzCv daif +PAN -UAO -TCO BTYPE=--) [ 26.383649] pc : drm_modeset_drop_locks+0x84/0x90 [ 26.388351] lr : drm_mode_atomic_ioctl+0x860/0xb8c [ 26.393137] sp : ffff800017b8bb10 [ 26.396447] pmr_save: 000000e0 [ 26.399497] x29: ffff800017b8bb10 x28: 0000000000000001 [ 26.404807] x27: 0000000000000038 x26: 0000000000000002 [ 26.410115] x25: ffff000cecbefa00 x24: ffff000cf2f96200 [ 26.415423] x23: 0000000000000001 x22: 0000000000000018 [ 26.420731] x21: 0000000000000001 x20: ffff800017b8bc10 [ 26.426039] x19: 0000000000000000 x18: 0000000000000000 [ 26.431347] x17: 0000000002e8bf2c x16: 0000000002e94c6b [ 26.436655] x15: 0000000002ea48b9 x14: ffff8000121f0300 [ 26.441963] x13: 0000000002ee2ca8 x12: ffff80001129cae0 [ 26.447272] x11: ffff800012435000 x10: ffff000ed46b5e88 [ 26.452580] x9 : ffff000c9935e600 x8 : 0000000000000000 [ 26.457888] x7 : 000000008020001e x6 : 000000008020001f [ 26.463196] x5 : ffff80001085fbe0 x4 : fffffe0033a59f20 [ 26.468504] x3 : 000000008020001e x2 : 0000000000000000 [ 26.473813] x1 : 0000000000000000 x0 : ffff000c8f596090 [ 26.479122] Call trace: [ 26.481566] drm_modeset_drop_locks+0x84/0x90 [ 26.485918] drm_mode_atomic_ioctl+0x860/0xb8c [ 26.490359] drm_ioctl_kernel+0xc4/0x120 [ 26.494278] drm_ioctl+0x268/0x534 [ 26.497677] __arm64_sys_ioctl+0xa8/0xf0 [ 26.501598] el0_svc_common.constprop.0+0x80/0x240 [ 26.506384] do_el0_svc+0x24/0x90 [ 26.509697] el0_svc+0x20/0x30 [ 26.512748] el0_sync_handler+0xe8/0xf0 [ 26.516580] el0_sync+0x1a4/0x1c0 [ 26.519891] irq event stamp: 0 [ 26.522943] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 26.529207] hardirqs last disabled at (0): [<ffff800010056d34>] copy_process+0x5d0/0x183c [ 26.537379] softirqs last enabled at (0): [<ffff800010056d34>] copy_process+0x5d0/0x183c [ 26.545550] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 26.551812] ---[ end trace 20ae984fa860184b ]--- According to the call trace information,it can be located to be WARN_ON(IS_ERR(c_st)) in the komeda_pipeline_unbound_components function; Then follow the function. komeda_pipeline_unbound_components -> komeda_component_get_state_and_set_user -> komeda_pipeline_get_state_and_set_crtc -> komeda_pipeline_get_state ->drm_atomic_get_private_obj_state -> drm_atomic_get_private_obj_state -> drm_modeset_lock komeda_pipeline_unbound_components -> komeda_component_get_state_and_set_user -> komeda_component_get_state -> drm_atomic_get_private_obj_state -> drm_modeset_lock ret = drm_modeset_lock(&obj->lock, state->acquire_ctx); if (ret) return ERR_PTR(ret); Here it return -EDEADLK. deal with the deadlock as suggested by [1], using the function drm_modeset_backoff(). [1] https://docs.kernel.org/gpu/drm-kms.html?highlight=kms#kms-locking Therefore, handling this problem can be solved by adding return -EDEADLK back to the drm_modeset_backoff processing flow in the drm_mode_atomic_ioctl function. Signed-off-by: baozhu.liu <lucas.liu(a)siengine.com> Signed-off-by: menghui.huang <menghui.huang(a)siengine.com> Reviewed-by: Liviu Dudau <liviu.dudau(a)arm.com> Signed-off-by: Liviu Dudau <liviu.dudau(a)arm.com> Link: https://patchwork.freedesktop.org/patch/msgid/20230804013117.6870-1-menghui… Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- .../gpu/drm/arm/display/komeda/komeda_pipeline_state.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c index c3cdf283ecefa..1e922703e26b2 100644 --- a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c +++ b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c @@ -1223,7 +1223,7 @@ int komeda_build_display_data_flow(struct komeda_crtc *kcrtc, return 0; } -static void +static int komeda_pipeline_unbound_components(struct komeda_pipeline *pipe, struct komeda_pipeline_state *new) { @@ -1243,8 +1243,12 @@ komeda_pipeline_unbound_components(struct komeda_pipeline *pipe, c = komeda_pipeline_get_component(pipe, id); c_st = komeda_component_get_state_and_set_user(c, drm_st, NULL, new->crtc); + if (PTR_ERR(c_st) == -EDEADLK) + return -EDEADLK; WARN_ON(IS_ERR(c_st)); } + + return 0; } /* release unclaimed pipeline resource */ @@ -1266,9 +1270,8 @@ int komeda_release_unclaimed_resources(struct komeda_pipeline *pipe, if (WARN_ON(IS_ERR_OR_NULL(st))) return -EINVAL; - komeda_pipeline_unbound_components(pipe, st); + return komeda_pipeline_unbound_components(pipe, st); - return 0; } /* Since standalong disabled components must be disabled separately and in the -- 2.42.0

1 year, 7 months

1
10
0 0

[PATCH AUTOSEL 5.15 01/20] drm/komeda: drop all currently held locks if deadlock happens

by Sasha Levin

From: "baozhu.liu" <lucas.liu(a)siengine.com> [ Upstream commit 19ecbe8325a2a7ffda5ff4790955b84eaccba49f ] If komeda_pipeline_unbound_components() returns -EDEADLK, it means that a deadlock happened in the locking context. Currently, komeda is not dealing with the deadlock properly,producing the following output when CONFIG_DEBUG_WW_MUTEX_SLOWPATH is enabled: ------------[ cut here ]------------ [ 26.103984] WARNING: CPU: 2 PID: 345 at drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c:1248 komeda_release_unclaimed_resources+0x13c/0x170 [ 26.117453] Modules linked in: [ 26.120511] CPU: 2 PID: 345 Comm: composer(a)2.1-se Kdump: loaded Tainted: G W 5.10.110-SE-SDK1.8-dirty #16 [ 26.131374] Hardware name: Siengine Se1000 Evaluation board (DT) [ 26.137379] pstate: 20400009 (nzCv daif +PAN -UAO -TCO BTYPE=--) [ 26.143385] pc : komeda_release_unclaimed_resources+0x13c/0x170 [ 26.149301] lr : komeda_release_unclaimed_resources+0xbc/0x170 [ 26.155130] sp : ffff800017b8b8d0 [ 26.158442] pmr_save: 000000e0 [ 26.161493] x29: ffff800017b8b8d0 x28: ffff000cf2f96200 [ 26.166805] x27: ffff000c8f5a8800 x26: 0000000000000000 [ 26.172116] x25: 0000000000000038 x24: ffff8000116a0140 [ 26.177428] x23: 0000000000000038 x22: ffff000cf2f96200 [ 26.182739] x21: ffff000cfc300300 x20: ffff000c8ab77080 [ 26.188051] x19: 0000000000000003 x18: 0000000000000000 [ 26.193362] x17: 0000000000000000 x16: 0000000000000000 [ 26.198672] x15: b400e638f738ba38 x14: 0000000000000000 [ 26.203983] x13: 0000000106400a00 x12: 0000000000000000 [ 26.209294] x11: 0000000000000000 x10: 0000000000000000 [ 26.214604] x9 : ffff800012f80000 x8 : ffff000ca3308000 [ 26.219915] x7 : 0000000ff3000000 x6 : ffff80001084034c [ 26.225226] x5 : ffff800017b8bc40 x4 : 000000000000000f [ 26.230536] x3 : ffff000ca3308000 x2 : 0000000000000000 [ 26.235847] x1 : 0000000000000000 x0 : ffffffffffffffdd [ 26.241158] Call trace: [ 26.243604] komeda_release_unclaimed_resources+0x13c/0x170 [ 26.249175] komeda_crtc_atomic_check+0x68/0xf0 [ 26.253706] drm_atomic_helper_check_planes+0x138/0x1f4 [ 26.258929] komeda_kms_check+0x284/0x36c [ 26.262939] drm_atomic_check_only+0x40c/0x714 [ 26.267381] drm_atomic_nonblocking_commit+0x1c/0x60 [ 26.272344] drm_mode_atomic_ioctl+0xa3c/0xb8c [ 26.276787] drm_ioctl_kernel+0xc4/0x120 [ 26.280708] drm_ioctl+0x268/0x534 [ 26.284109] __arm64_sys_ioctl+0xa8/0xf0 [ 26.288030] el0_svc_common.constprop.0+0x80/0x240 [ 26.292817] do_el0_svc+0x24/0x90 [ 26.296132] el0_svc+0x20/0x30 [ 26.299185] el0_sync_handler+0xe8/0xf0 [ 26.303018] el0_sync+0x1a4/0x1c0 [ 26.306330] irq event stamp: 0 [ 26.309384] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 26.315650] hardirqs last disabled at (0): [<ffff800010056d34>] copy_process+0x5d0/0x183c [ 26.323825] softirqs last enabled at (0): [<ffff800010056d34>] copy_process+0x5d0/0x183c [ 26.331997] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 26.338261] ---[ end trace 20ae984fa860184a ]--- [ 26.343021] ------------[ cut here ]------------ [ 26.347646] WARNING: CPU: 3 PID: 345 at drivers/gpu/drm/drm_modeset_lock.c:228 drm_modeset_drop_locks+0x84/0x90 [ 26.357727] Modules linked in: [ 26.360783] CPU: 3 PID: 345 Comm: composer(a)2.1-se Kdump: loaded Tainted: G W 5.10.110-SE-SDK1.8-dirty #16 [ 26.371645] Hardware name: Siengine Se1000 Evaluation board (DT) [ 26.377647] pstate: 20400009 (nzCv daif +PAN -UAO -TCO BTYPE=--) [ 26.383649] pc : drm_modeset_drop_locks+0x84/0x90 [ 26.388351] lr : drm_mode_atomic_ioctl+0x860/0xb8c [ 26.393137] sp : ffff800017b8bb10 [ 26.396447] pmr_save: 000000e0 [ 26.399497] x29: ffff800017b8bb10 x28: 0000000000000001 [ 26.404807] x27: 0000000000000038 x26: 0000000000000002 [ 26.410115] x25: ffff000cecbefa00 x24: ffff000cf2f96200 [ 26.415423] x23: 0000000000000001 x22: 0000000000000018 [ 26.420731] x21: 0000000000000001 x20: ffff800017b8bc10 [ 26.426039] x19: 0000000000000000 x18: 0000000000000000 [ 26.431347] x17: 0000000002e8bf2c x16: 0000000002e94c6b [ 26.436655] x15: 0000000002ea48b9 x14: ffff8000121f0300 [ 26.441963] x13: 0000000002ee2ca8 x12: ffff80001129cae0 [ 26.447272] x11: ffff800012435000 x10: ffff000ed46b5e88 [ 26.452580] x9 : ffff000c9935e600 x8 : 0000000000000000 [ 26.457888] x7 : 000000008020001e x6 : 000000008020001f [ 26.463196] x5 : ffff80001085fbe0 x4 : fffffe0033a59f20 [ 26.468504] x3 : 000000008020001e x2 : 0000000000000000 [ 26.473813] x1 : 0000000000000000 x0 : ffff000c8f596090 [ 26.479122] Call trace: [ 26.481566] drm_modeset_drop_locks+0x84/0x90 [ 26.485918] drm_mode_atomic_ioctl+0x860/0xb8c [ 26.490359] drm_ioctl_kernel+0xc4/0x120 [ 26.494278] drm_ioctl+0x268/0x534 [ 26.497677] __arm64_sys_ioctl+0xa8/0xf0 [ 26.501598] el0_svc_common.constprop.0+0x80/0x240 [ 26.506384] do_el0_svc+0x24/0x90 [ 26.509697] el0_svc+0x20/0x30 [ 26.512748] el0_sync_handler+0xe8/0xf0 [ 26.516580] el0_sync+0x1a4/0x1c0 [ 26.519891] irq event stamp: 0 [ 26.522943] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 26.529207] hardirqs last disabled at (0): [<ffff800010056d34>] copy_process+0x5d0/0x183c [ 26.537379] softirqs last enabled at (0): [<ffff800010056d34>] copy_process+0x5d0/0x183c [ 26.545550] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 26.551812] ---[ end trace 20ae984fa860184b ]--- According to the call trace information,it can be located to be WARN_ON(IS_ERR(c_st)) in the komeda_pipeline_unbound_components function; Then follow the function. komeda_pipeline_unbound_components -> komeda_component_get_state_and_set_user -> komeda_pipeline_get_state_and_set_crtc -> komeda_pipeline_get_state ->drm_atomic_get_private_obj_state -> drm_atomic_get_private_obj_state -> drm_modeset_lock komeda_pipeline_unbound_components -> komeda_component_get_state_and_set_user -> komeda_component_get_state -> drm_atomic_get_private_obj_state -> drm_modeset_lock ret = drm_modeset_lock(&obj->lock, state->acquire_ctx); if (ret) return ERR_PTR(ret); Here it return -EDEADLK. deal with the deadlock as suggested by [1], using the function drm_modeset_backoff(). [1] https://docs.kernel.org/gpu/drm-kms.html?highlight=kms#kms-locking Therefore, handling this problem can be solved by adding return -EDEADLK back to the drm_modeset_backoff processing flow in the drm_mode_atomic_ioctl function. Signed-off-by: baozhu.liu <lucas.liu(a)siengine.com> Signed-off-by: menghui.huang <menghui.huang(a)siengine.com> Reviewed-by: Liviu Dudau <liviu.dudau(a)arm.com> Signed-off-by: Liviu Dudau <liviu.dudau(a)arm.com> Link: https://patchwork.freedesktop.org/patch/msgid/20230804013117.6870-1-menghui… Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- .../gpu/drm/arm/display/komeda/komeda_pipeline_state.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c index e672b9cffee3c..88b58153f9d66 100644 --- a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c +++ b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c @@ -1223,7 +1223,7 @@ int komeda_build_display_data_flow(struct komeda_crtc *kcrtc, return 0; } -static void +static int komeda_pipeline_unbound_components(struct komeda_pipeline *pipe, struct komeda_pipeline_state *new) { @@ -1243,8 +1243,12 @@ komeda_pipeline_unbound_components(struct komeda_pipeline *pipe, c = komeda_pipeline_get_component(pipe, id); c_st = komeda_component_get_state_and_set_user(c, drm_st, NULL, new->crtc); + if (PTR_ERR(c_st) == -EDEADLK) + return -EDEADLK; WARN_ON(IS_ERR(c_st)); } + + return 0; } /* release unclaimed pipeline resource */ @@ -1266,9 +1270,8 @@ int komeda_release_unclaimed_resources(struct komeda_pipeline *pipe, if (WARN_ON(IS_ERR_OR_NULL(st))) return -EINVAL; - komeda_pipeline_unbound_components(pipe, st); + return komeda_pipeline_unbound_components(pipe, st); - return 0; } /* Since standalong disabled components must be disabled separately and in the -- 2.42.0

1 year, 7 months

1
19
0 0

[PATCH AUTOSEL 6.1 01/25] drm/gma500: Fix call trace when psb_gem_mm_init() fails

by Sasha Levin

From: Sui Jingfeng <suijingfeng(a)loongson.cn> [ Upstream commit da596080b2b400c50fe9f8f237bcaf09fed06af8 ] Because the gma_irq_install() is call after psb_gem_mm_init() function, when psb_gem_mm_init() fails, the interrupt line haven't been allocated. Yet the gma_irq_uninstall() is called in the psb_driver_unload() function without checking if checking the irq is registered or not. The calltrace is appended as following: [ 20.539253] ioremap memtype_reserve failed -16 [ 20.543895] gma500 0000:00:02.0: Failure to map stolen base. [ 20.565049] ------------[ cut here ]------------ [ 20.565066] Trying to free already-free IRQ 16 [ 20.565087] WARNING: CPU: 1 PID: 381 at kernel/irq/manage.c:1893 free_irq+0x209/0x370 [ 20.565316] CPU: 1 PID: 381 Comm: systemd-udevd Tainted: G C 6.5.0-rc1+ #368 [ 20.565329] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./IMB-140D Plus, BIOS P1.10 11/18/2013 [ 20.565338] RIP: 0010:free_irq+0x209/0x370 [ 20.565357] Code: 41 5d 41 5e 41 5f 5d 31 d2 89 d1 89 d6 89 d7 41 89 d1 c3 cc cc cc cc 8b 75 d0 48 c7 c7 e0 77 12 9f 4c 89 4d c8 e8 57 fe f4 ff <0f> 0b 48 8b 75 c8 4c 89 f7 e8 29 f3 f1 00 49 8b 47 40 48 8b 40 78 [ 20.565369] RSP: 0018:ffffae3b40733808 EFLAGS: 00010046 [ 20.565382] RAX: 0000000000000000 RBX: ffff9f8082bfe000 RCX: 0000000000000000 [ 20.565390] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 20.565397] RBP: ffffae3b40733840 R08: 0000000000000000 R09: 0000000000000000 [ 20.565405] R10: 0000000000000000 R11: 0000000000000000 R12: ffff9f80871c3100 [ 20.565413] R13: ffff9f80835d3360 R14: ffff9f80835d32a4 R15: ffff9f80835d3200 [ 20.565424] FS: 00007f13d36458c0(0000) GS:ffff9f8138880000(0000) knlGS:0000000000000000 [ 20.565434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.565441] CR2: 00007f0d046f3f20 CR3: 0000000006c8c000 CR4: 00000000000006e0 [ 20.565450] Call Trace: [ 20.565458] <TASK> [ 20.565470] ? show_regs+0x72/0x90 [ 20.565488] ? free_irq+0x209/0x370 [ 20.565504] ? __warn+0x8d/0x160 [ 20.565520] ? free_irq+0x209/0x370 [ 20.565536] ? report_bug+0x1bb/0x1d0 [ 20.565555] ? handle_bug+0x46/0x90 [ 20.565572] ? exc_invalid_op+0x19/0x80 [ 20.565587] ? asm_exc_invalid_op+0x1b/0x20 [ 20.565607] ? free_irq+0x209/0x370 [ 20.565625] ? free_irq+0x209/0x370 [ 20.565644] gma_irq_uninstall+0x15b/0x1e0 [gma500_gfx] [ 20.565728] psb_driver_unload+0x27/0x190 [gma500_gfx] [ 20.565800] psb_pci_probe+0x5d2/0x790 [gma500_gfx] [ 20.565873] local_pci_probe+0x48/0xb0 [ 20.565892] pci_device_probe+0xc8/0x280 [ 20.565912] really_probe+0x1d2/0x440 [ 20.565929] __driver_probe_device+0x8a/0x190 [ 20.565944] driver_probe_device+0x23/0xd0 [ 20.565957] __driver_attach+0x10f/0x220 [ 20.565971] ? __pfx___driver_attach+0x10/0x10 [ 20.565984] bus_for_each_dev+0x7a/0xe0 [ 20.566002] driver_attach+0x1e/0x30 [ 20.566014] bus_add_driver+0x127/0x240 [ 20.566029] driver_register+0x64/0x140 [ 20.566043] ? __pfx_psb_init+0x10/0x10 [gma500_gfx] [ 20.566111] __pci_register_driver+0x68/0x80 [ 20.566128] psb_init+0x2c/0xff0 [gma500_gfx] [ 20.566194] do_one_initcall+0x46/0x330 [ 20.566214] ? kmalloc_trace+0x2a/0xb0 [ 20.566233] do_init_module+0x6a/0x270 [ 20.566250] load_module+0x207f/0x23a0 [ 20.566278] init_module_from_file+0x9c/0xf0 [ 20.566293] ? init_module_from_file+0x9c/0xf0 [ 20.566315] idempotent_init_module+0x184/0x240 [ 20.566335] __x64_sys_finit_module+0x64/0xd0 [ 20.566352] do_syscall_64+0x59/0x90 [ 20.566366] ? ksys_mmap_pgoff+0x123/0x270 [ 20.566378] ? __secure_computing+0x9b/0x110 [ 20.566392] ? exit_to_user_mode_prepare+0x39/0x190 [ 20.566406] ? syscall_exit_to_user_mode+0x2a/0x50 [ 20.566420] ? do_syscall_64+0x69/0x90 [ 20.566433] ? do_syscall_64+0x69/0x90 [ 20.566445] ? do_syscall_64+0x69/0x90 [ 20.566458] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 20.566472] RIP: 0033:0x7f13d351ea3d [ 20.566485] Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c3 a3 0f 00 f7 d8 64 89 01 48 [ 20.566496] RSP: 002b:00007ffe566c1fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 [ 20.566510] RAX: ffffffffffffffda RBX: 000055e66806eec0 RCX: 00007f13d351ea3d [ 20.566519] RDX: 0000000000000000 RSI: 00007f13d36d9441 RDI: 0000000000000010 [ 20.566527] RBP: 0000000000020000 R08: 0000000000000000 R09: 0000000000000002 [ 20.566535] R10: 0000000000000010 R11: 0000000000000246 R12: 00007f13d36d9441 [ 20.566543] R13: 000055e6681108c0 R14: 000055e66805ba70 R15: 000055e66819a9c0 [ 20.566559] </TASK> [ 20.566566] ---[ end trace 0000000000000000 ]--- Signed-off-by: Sui Jingfeng <suijingfeng(a)loongson.cn> Signed-off-by: Patrik Jakobsson <patrik.r.jakobsson(a)gmail.com> Link: https://patchwork.freedesktop.org/patch/msgid/20230727185855.713318-1-suiji… Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/gpu/drm/gma500/psb_drv.h | 1 + drivers/gpu/drm/gma500/psb_irq.c | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/drivers/gpu/drm/gma500/psb_drv.h b/drivers/gpu/drm/gma500/psb_drv.h index ae544b69fc475..52f9ed3c24b8e 100644 --- a/drivers/gpu/drm/gma500/psb_drv.h +++ b/drivers/gpu/drm/gma500/psb_drv.h @@ -426,6 +426,7 @@ struct drm_psb_private { uint32_t pipestat[PSB_NUM_PIPE]; spinlock_t irqmask_lock; + bool irq_enabled; /* Power */ bool pm_initialized; diff --git a/drivers/gpu/drm/gma500/psb_irq.c b/drivers/gpu/drm/gma500/psb_irq.c index d421031462df6..ab2d49dab35a0 100644 --- a/drivers/gpu/drm/gma500/psb_irq.c +++ b/drivers/gpu/drm/gma500/psb_irq.c @@ -338,6 +338,8 @@ int gma_irq_install(struct drm_device *dev) gma_irq_postinstall(dev); + dev_priv->irq_enabled = true; + return 0; } @@ -348,6 +350,9 @@ void gma_irq_uninstall(struct drm_device *dev) unsigned long irqflags; unsigned int i; + if (!dev_priv->irq_enabled) + return; + spin_lock_irqsave(&dev_priv->irqmask_lock, irqflags); if (dev_priv->ops->hotplug_enable) -- 2.42.0

1 year, 7 months

1
24
0 0

[PATCH AUTOSEL 6.5 01/37] drm/gma500: Fix call trace when psb_gem_mm_init() fails

by Sasha Levin

From: Sui Jingfeng <suijingfeng(a)loongson.cn> [ Upstream commit da596080b2b400c50fe9f8f237bcaf09fed06af8 ] Because the gma_irq_install() is call after psb_gem_mm_init() function, when psb_gem_mm_init() fails, the interrupt line haven't been allocated. Yet the gma_irq_uninstall() is called in the psb_driver_unload() function without checking if checking the irq is registered or not. The calltrace is appended as following: [ 20.539253] ioremap memtype_reserve failed -16 [ 20.543895] gma500 0000:00:02.0: Failure to map stolen base. [ 20.565049] ------------[ cut here ]------------ [ 20.565066] Trying to free already-free IRQ 16 [ 20.565087] WARNING: CPU: 1 PID: 381 at kernel/irq/manage.c:1893 free_irq+0x209/0x370 [ 20.565316] CPU: 1 PID: 381 Comm: systemd-udevd Tainted: G C 6.5.0-rc1+ #368 [ 20.565329] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./IMB-140D Plus, BIOS P1.10 11/18/2013 [ 20.565338] RIP: 0010:free_irq+0x209/0x370 [ 20.565357] Code: 41 5d 41 5e 41 5f 5d 31 d2 89 d1 89 d6 89 d7 41 89 d1 c3 cc cc cc cc 8b 75 d0 48 c7 c7 e0 77 12 9f 4c 89 4d c8 e8 57 fe f4 ff <0f> 0b 48 8b 75 c8 4c 89 f7 e8 29 f3 f1 00 49 8b 47 40 48 8b 40 78 [ 20.565369] RSP: 0018:ffffae3b40733808 EFLAGS: 00010046 [ 20.565382] RAX: 0000000000000000 RBX: ffff9f8082bfe000 RCX: 0000000000000000 [ 20.565390] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 20.565397] RBP: ffffae3b40733840 R08: 0000000000000000 R09: 0000000000000000 [ 20.565405] R10: 0000000000000000 R11: 0000000000000000 R12: ffff9f80871c3100 [ 20.565413] R13: ffff9f80835d3360 R14: ffff9f80835d32a4 R15: ffff9f80835d3200 [ 20.565424] FS: 00007f13d36458c0(0000) GS:ffff9f8138880000(0000) knlGS:0000000000000000 [ 20.565434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.565441] CR2: 00007f0d046f3f20 CR3: 0000000006c8c000 CR4: 00000000000006e0 [ 20.565450] Call Trace: [ 20.565458] <TASK> [ 20.565470] ? show_regs+0x72/0x90 [ 20.565488] ? free_irq+0x209/0x370 [ 20.565504] ? __warn+0x8d/0x160 [ 20.565520] ? free_irq+0x209/0x370 [ 20.565536] ? report_bug+0x1bb/0x1d0 [ 20.565555] ? handle_bug+0x46/0x90 [ 20.565572] ? exc_invalid_op+0x19/0x80 [ 20.565587] ? asm_exc_invalid_op+0x1b/0x20 [ 20.565607] ? free_irq+0x209/0x370 [ 20.565625] ? free_irq+0x209/0x370 [ 20.565644] gma_irq_uninstall+0x15b/0x1e0 [gma500_gfx] [ 20.565728] psb_driver_unload+0x27/0x190 [gma500_gfx] [ 20.565800] psb_pci_probe+0x5d2/0x790 [gma500_gfx] [ 20.565873] local_pci_probe+0x48/0xb0 [ 20.565892] pci_device_probe+0xc8/0x280 [ 20.565912] really_probe+0x1d2/0x440 [ 20.565929] __driver_probe_device+0x8a/0x190 [ 20.565944] driver_probe_device+0x23/0xd0 [ 20.565957] __driver_attach+0x10f/0x220 [ 20.565971] ? __pfx___driver_attach+0x10/0x10 [ 20.565984] bus_for_each_dev+0x7a/0xe0 [ 20.566002] driver_attach+0x1e/0x30 [ 20.566014] bus_add_driver+0x127/0x240 [ 20.566029] driver_register+0x64/0x140 [ 20.566043] ? __pfx_psb_init+0x10/0x10 [gma500_gfx] [ 20.566111] __pci_register_driver+0x68/0x80 [ 20.566128] psb_init+0x2c/0xff0 [gma500_gfx] [ 20.566194] do_one_initcall+0x46/0x330 [ 20.566214] ? kmalloc_trace+0x2a/0xb0 [ 20.566233] do_init_module+0x6a/0x270 [ 20.566250] load_module+0x207f/0x23a0 [ 20.566278] init_module_from_file+0x9c/0xf0 [ 20.566293] ? init_module_from_file+0x9c/0xf0 [ 20.566315] idempotent_init_module+0x184/0x240 [ 20.566335] __x64_sys_finit_module+0x64/0xd0 [ 20.566352] do_syscall_64+0x59/0x90 [ 20.566366] ? ksys_mmap_pgoff+0x123/0x270 [ 20.566378] ? __secure_computing+0x9b/0x110 [ 20.566392] ? exit_to_user_mode_prepare+0x39/0x190 [ 20.566406] ? syscall_exit_to_user_mode+0x2a/0x50 [ 20.566420] ? do_syscall_64+0x69/0x90 [ 20.566433] ? do_syscall_64+0x69/0x90 [ 20.566445] ? do_syscall_64+0x69/0x90 [ 20.566458] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 20.566472] RIP: 0033:0x7f13d351ea3d [ 20.566485] Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c3 a3 0f 00 f7 d8 64 89 01 48 [ 20.566496] RSP: 002b:00007ffe566c1fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 [ 20.566510] RAX: ffffffffffffffda RBX: 000055e66806eec0 RCX: 00007f13d351ea3d [ 20.566519] RDX: 0000000000000000 RSI: 00007f13d36d9441 RDI: 0000000000000010 [ 20.566527] RBP: 0000000000020000 R08: 0000000000000000 R09: 0000000000000002 [ 20.566535] R10: 0000000000000010 R11: 0000000000000246 R12: 00007f13d36d9441 [ 20.566543] R13: 000055e6681108c0 R14: 000055e66805ba70 R15: 000055e66819a9c0 [ 20.566559] </TASK> [ 20.566566] ---[ end trace 0000000000000000 ]--- Signed-off-by: Sui Jingfeng <suijingfeng(a)loongson.cn> Signed-off-by: Patrik Jakobsson <patrik.r.jakobsson(a)gmail.com> Link: https://patchwork.freedesktop.org/patch/msgid/20230727185855.713318-1-suiji… Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/gpu/drm/gma500/psb_drv.h | 1 + drivers/gpu/drm/gma500/psb_irq.c | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/drivers/gpu/drm/gma500/psb_drv.h b/drivers/gpu/drm/gma500/psb_drv.h index f7f709df99b49..70d9adafa2333 100644 --- a/drivers/gpu/drm/gma500/psb_drv.h +++ b/drivers/gpu/drm/gma500/psb_drv.h @@ -424,6 +424,7 @@ struct drm_psb_private { uint32_t pipestat[PSB_NUM_PIPE]; spinlock_t irqmask_lock; + bool irq_enabled; /* Power */ bool pm_initialized; diff --git a/drivers/gpu/drm/gma500/psb_irq.c b/drivers/gpu/drm/gma500/psb_irq.c index 343c51250207d..7bbb79b0497d8 100644 --- a/drivers/gpu/drm/gma500/psb_irq.c +++ b/drivers/gpu/drm/gma500/psb_irq.c @@ -327,6 +327,8 @@ int gma_irq_install(struct drm_device *dev) gma_irq_postinstall(dev); + dev_priv->irq_enabled = true; + return 0; } @@ -337,6 +339,9 @@ void gma_irq_uninstall(struct drm_device *dev) unsigned long irqflags; unsigned int i; + if (!dev_priv->irq_enabled) + return; + spin_lock_irqsave(&dev_priv->irqmask_lock, irqflags); if (dev_priv->ops->hotplug_enable) -- 2.42.0

1 year, 7 months

1
36
0 0

[PATCH AUTOSEL 4.14 1/4] wifi: mac80211: don't return unset power in ieee80211_get_tx_power()

by Sasha Levin

From: Ping-Ke Shih <pkshih(a)realtek.com> [ Upstream commit e160ab85166e77347d0cbe5149045cb25e83937f ] We can get a UBSAN warning if ieee80211_get_tx_power() returns the INT_MIN value mac80211 internally uses for "unset power level". UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5 -2147483648 * 100 cannot be represented in type 'int' CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE Call Trace: dump_stack+0x74/0x92 ubsan_epilogue+0x9/0x50 handle_overflow+0x8d/0xd0 __ubsan_handle_mul_overflow+0xe/0x10 nl80211_send_iface+0x688/0x6b0 [cfg80211] [...] cfg80211_register_wdev+0x78/0xb0 [cfg80211] cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211] [...] ieee80211_if_add+0x60e/0x8f0 [mac80211] ieee80211_register_hw+0xda5/0x1170 [mac80211] In this case, simply return an error instead, to indicate that no data is available. Cc: Zong-Zhe Yang <kevin_yang(a)realtek.com> Signed-off-by: Ping-Ke Shih <pkshih(a)realtek.com> Link: https://lore.kernel.org/r/20230203023636.4418-1-pkshih@realtek.com Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- net/mac80211/cfg.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index 94293b57f1b23..05e74004376fb 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c @@ -2428,6 +2428,10 @@ static int ieee80211_get_tx_power(struct wiphy *wiphy, else *dbm = sdata->vif.bss_conf.txpower; + /* INT_MIN indicates no power level was set yet */ + if (*dbm == INT_MIN) + return -EINVAL; + return 0; } -- 2.42.0

1 year, 7 months

1
3
0 0

[PATCH AUTOSEL 4.19 1/7] wifi: mac80211: don't return unset power in ieee80211_get_tx_power()

by Sasha Levin

From: Ping-Ke Shih <pkshih(a)realtek.com> [ Upstream commit e160ab85166e77347d0cbe5149045cb25e83937f ] We can get a UBSAN warning if ieee80211_get_tx_power() returns the INT_MIN value mac80211 internally uses for "unset power level". UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5 -2147483648 * 100 cannot be represented in type 'int' CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE Call Trace: dump_stack+0x74/0x92 ubsan_epilogue+0x9/0x50 handle_overflow+0x8d/0xd0 __ubsan_handle_mul_overflow+0xe/0x10 nl80211_send_iface+0x688/0x6b0 [cfg80211] [...] cfg80211_register_wdev+0x78/0xb0 [cfg80211] cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211] [...] ieee80211_if_add+0x60e/0x8f0 [mac80211] ieee80211_register_hw+0xda5/0x1170 [mac80211] In this case, simply return an error instead, to indicate that no data is available. Cc: Zong-Zhe Yang <kevin_yang(a)realtek.com> Signed-off-by: Ping-Ke Shih <pkshih(a)realtek.com> Link: https://lore.kernel.org/r/20230203023636.4418-1-pkshih@realtek.com Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- net/mac80211/cfg.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index 5659af1bec179..77d8ed184c1c4 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c @@ -2452,6 +2452,10 @@ static int ieee80211_get_tx_power(struct wiphy *wiphy, else *dbm = sdata->vif.bss_conf.txpower; + /* INT_MIN indicates no power level was set yet */ + if (*dbm == INT_MIN) + return -EINVAL; + return 0; } -- 2.42.0

1 year, 7 months

1
6
0 0

[PATCH AUTOSEL 5.4 1/9] wifi: mac80211_hwsim: fix clang-specific fortify warning

by Sasha Levin

From: Dmitry Antipov <dmantipov(a)yandex.ru> [ Upstream commit cbaccdc42483c65016f1bae89128c08dc17cfb2a ] When compiling with clang 16.0.6 and CONFIG_FORTIFY_SOURCE=y, I've noticed the following (somewhat confusing due to absence of an actual source code location): In file included from drivers/net/wireless/virtual/mac80211_hwsim.c:18: In file included from ./include/linux/slab.h:16: In file included from ./include/linux/gfp.h:7: In file included from ./include/linux/mmzone.h:8: In file included from ./include/linux/spinlock.h:56: In file included from ./include/linux/preempt.h:79: In file included from ./arch/x86/include/asm/preempt.h:9: In file included from ./include/linux/thread_info.h:60: In file included from ./arch/x86/include/asm/thread_info.h:53: In file included from ./arch/x86/include/asm/cpufeature.h:5: In file included from ./arch/x86/include/asm/processor.h:23: In file included from ./arch/x86/include/asm/msr.h:11: In file included from ./arch/x86/include/asm/cpumask.h:5: In file included from ./include/linux/cpumask.h:12: In file included from ./include/linux/bitmap.h:11: In file included from ./include/linux/string.h:254: ./include/linux/fortify-string.h:592:4: warning: call to '__read_overflow2_field' declared with 'warning' attribute: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Wattribute-warning] __read_overflow2_field(q_size_field, size); The compiler actually complains on 'mac80211_hwsim_get_et_strings()' where fortification logic inteprets call to 'memcpy()' as an attempt to copy the whole 'mac80211_hwsim_gstrings_stats' array from its first member and so issues an overread warning. This warning may be silenced by passing an address of the whole array and not the first member to 'memcpy()'. Signed-off-by: Dmitry Antipov <dmantipov(a)yandex.ru> Link: https://lore.kernel.org/r/20230829094140.234636-1-dmantipov@yandex.ru Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/net/wireless/mac80211_hwsim.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c index a21739b2f44e6..634e8c1e71cca 100644 --- a/drivers/net/wireless/mac80211_hwsim.c +++ b/drivers/net/wireless/mac80211_hwsim.c @@ -2323,7 +2323,7 @@ static void mac80211_hwsim_get_et_strings(struct ieee80211_hw *hw, u32 sset, u8 *data) { if (sset == ETH_SS_STATS) - memcpy(data, *mac80211_hwsim_gstrings_stats, + memcpy(data, mac80211_hwsim_gstrings_stats, sizeof(mac80211_hwsim_gstrings_stats)); } -- 2.42.0

1 year, 7 months

1
8
0 0

[PATCH AUTOSEL 5.10 01/11] wifi: mac80211_hwsim: fix clang-specific fortify warning

by Sasha Levin

From: Dmitry Antipov <dmantipov(a)yandex.ru> [ Upstream commit cbaccdc42483c65016f1bae89128c08dc17cfb2a ] When compiling with clang 16.0.6 and CONFIG_FORTIFY_SOURCE=y, I've noticed the following (somewhat confusing due to absence of an actual source code location): In file included from drivers/net/wireless/virtual/mac80211_hwsim.c:18: In file included from ./include/linux/slab.h:16: In file included from ./include/linux/gfp.h:7: In file included from ./include/linux/mmzone.h:8: In file included from ./include/linux/spinlock.h:56: In file included from ./include/linux/preempt.h:79: In file included from ./arch/x86/include/asm/preempt.h:9: In file included from ./include/linux/thread_info.h:60: In file included from ./arch/x86/include/asm/thread_info.h:53: In file included from ./arch/x86/include/asm/cpufeature.h:5: In file included from ./arch/x86/include/asm/processor.h:23: In file included from ./arch/x86/include/asm/msr.h:11: In file included from ./arch/x86/include/asm/cpumask.h:5: In file included from ./include/linux/cpumask.h:12: In file included from ./include/linux/bitmap.h:11: In file included from ./include/linux/string.h:254: ./include/linux/fortify-string.h:592:4: warning: call to '__read_overflow2_field' declared with 'warning' attribute: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Wattribute-warning] __read_overflow2_field(q_size_field, size); The compiler actually complains on 'mac80211_hwsim_get_et_strings()' where fortification logic inteprets call to 'memcpy()' as an attempt to copy the whole 'mac80211_hwsim_gstrings_stats' array from its first member and so issues an overread warning. This warning may be silenced by passing an address of the whole array and not the first member to 'memcpy()'. Signed-off-by: Dmitry Antipov <dmantipov(a)yandex.ru> Link: https://lore.kernel.org/r/20230829094140.234636-1-dmantipov@yandex.ru Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/net/wireless/mac80211_hwsim.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c index 0d41f172a1dc2..037358606a51a 100644 --- a/drivers/net/wireless/mac80211_hwsim.c +++ b/drivers/net/wireless/mac80211_hwsim.c @@ -2543,7 +2543,7 @@ static void mac80211_hwsim_get_et_strings(struct ieee80211_hw *hw, u32 sset, u8 *data) { if (sset == ETH_SS_STATS) - memcpy(data, *mac80211_hwsim_gstrings_stats, + memcpy(data, mac80211_hwsim_gstrings_stats, sizeof(mac80211_hwsim_gstrings_stats)); } -- 2.42.0

1 year, 7 months

1
10
0 0

[PATCH AUTOSEL 5.15 01/12] wifi: mac80211_hwsim: fix clang-specific fortify warning

by Sasha Levin

From: Dmitry Antipov <dmantipov(a)yandex.ru> [ Upstream commit cbaccdc42483c65016f1bae89128c08dc17cfb2a ] When compiling with clang 16.0.6 and CONFIG_FORTIFY_SOURCE=y, I've noticed the following (somewhat confusing due to absence of an actual source code location): In file included from drivers/net/wireless/virtual/mac80211_hwsim.c:18: In file included from ./include/linux/slab.h:16: In file included from ./include/linux/gfp.h:7: In file included from ./include/linux/mmzone.h:8: In file included from ./include/linux/spinlock.h:56: In file included from ./include/linux/preempt.h:79: In file included from ./arch/x86/include/asm/preempt.h:9: In file included from ./include/linux/thread_info.h:60: In file included from ./arch/x86/include/asm/thread_info.h:53: In file included from ./arch/x86/include/asm/cpufeature.h:5: In file included from ./arch/x86/include/asm/processor.h:23: In file included from ./arch/x86/include/asm/msr.h:11: In file included from ./arch/x86/include/asm/cpumask.h:5: In file included from ./include/linux/cpumask.h:12: In file included from ./include/linux/bitmap.h:11: In file included from ./include/linux/string.h:254: ./include/linux/fortify-string.h:592:4: warning: call to '__read_overflow2_field' declared with 'warning' attribute: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Wattribute-warning] __read_overflow2_field(q_size_field, size); The compiler actually complains on 'mac80211_hwsim_get_et_strings()' where fortification logic inteprets call to 'memcpy()' as an attempt to copy the whole 'mac80211_hwsim_gstrings_stats' array from its first member and so issues an overread warning. This warning may be silenced by passing an address of the whole array and not the first member to 'memcpy()'. Signed-off-by: Dmitry Antipov <dmantipov(a)yandex.ru> Link: https://lore.kernel.org/r/20230829094140.234636-1-dmantipov@yandex.ru Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/net/wireless/mac80211_hwsim.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c index 6eb3c845640bd..7d73502586839 100644 --- a/drivers/net/wireless/mac80211_hwsim.c +++ b/drivers/net/wireless/mac80211_hwsim.c @@ -2615,7 +2615,7 @@ static void mac80211_hwsim_get_et_strings(struct ieee80211_hw *hw, u32 sset, u8 *data) { if (sset == ETH_SS_STATS) - memcpy(data, *mac80211_hwsim_gstrings_stats, + memcpy(data, mac80211_hwsim_gstrings_stats, sizeof(mac80211_hwsim_gstrings_stats)); } -- 2.42.0

1 year, 7 months

1
11
0 0

[PATCH AUTOSEL 6.1 01/18] wifi: plfxlc: fix clang-specific fortify warning

by Sasha Levin

From: Dmitry Antipov <dmantipov(a)yandex.ru> [ Upstream commit a763e92c78615ea838f5b9a841398b1d4adb968e ] When compiling with clang 16.0.6 and CONFIG_FORTIFY_SOURCE=y, I've noticed the following (somewhat confusing due to absence of an actual source code location): In file included from drivers/net/wireless/purelifi/plfxlc/mac.c:6: In file included from ./include/linux/netdevice.h:24: In file included from ./include/linux/timer.h:6: In file included from ./include/linux/ktime.h:24: In file included from ./include/linux/time.h:60: In file included from ./include/linux/time32.h:13: In file included from ./include/linux/timex.h:67: In file included from ./arch/x86/include/asm/timex.h:5: In file included from ./arch/x86/include/asm/processor.h:23: In file included from ./arch/x86/include/asm/msr.h:11: In file included from ./arch/x86/include/asm/cpumask.h:5: In file included from ./include/linux/cpumask.h:12: In file included from ./include/linux/bitmap.h:11: In file included from ./include/linux/string.h:254: ./include/linux/fortify-string.h:592:4: warning: call to '__read_overflow2_field' declared with 'warning' attribute: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Wattribute-warning] __read_overflow2_field(q_size_field, size); The compiler actually complains on 'plfxlc_get_et_strings()' where fortification logic inteprets call to 'memcpy()' as an attempt to copy the whole 'et_strings' array from its first member and so issues an overread warning. This warning may be silenced by passing an address of the whole array and not the first member to 'memcpy()'. Signed-off-by: Dmitry Antipov <dmantipov(a)yandex.ru> Signed-off-by: Kalle Valo <kvalo(a)kernel.org> Link: https://lore.kernel.org/r/20230829094541.234751-1-dmantipov@yandex.ru Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/net/wireless/purelifi/plfxlc/mac.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/purelifi/plfxlc/mac.c b/drivers/net/wireless/purelifi/plfxlc/mac.c index d3cdffbded693..87a4ff888ddd4 100644 --- a/drivers/net/wireless/purelifi/plfxlc/mac.c +++ b/drivers/net/wireless/purelifi/plfxlc/mac.c @@ -666,7 +666,7 @@ static void plfxlc_get_et_strings(struct ieee80211_hw *hw, u32 sset, u8 *data) { if (sset == ETH_SS_STATS) - memcpy(data, *et_strings, sizeof(et_strings)); + memcpy(data, et_strings, sizeof(et_strings)); } static void plfxlc_get_et_stats(struct ieee80211_hw *hw, -- 2.42.0

1 year, 7 months

1
17
0 0

[PATCH AUTOSEL 6.5 01/30] wifi: plfxlc: fix clang-specific fortify warning

by Sasha Levin

From: Dmitry Antipov <dmantipov(a)yandex.ru> [ Upstream commit a763e92c78615ea838f5b9a841398b1d4adb968e ] When compiling with clang 16.0.6 and CONFIG_FORTIFY_SOURCE=y, I've noticed the following (somewhat confusing due to absence of an actual source code location): In file included from drivers/net/wireless/purelifi/plfxlc/mac.c:6: In file included from ./include/linux/netdevice.h:24: In file included from ./include/linux/timer.h:6: In file included from ./include/linux/ktime.h:24: In file included from ./include/linux/time.h:60: In file included from ./include/linux/time32.h:13: In file included from ./include/linux/timex.h:67: In file included from ./arch/x86/include/asm/timex.h:5: In file included from ./arch/x86/include/asm/processor.h:23: In file included from ./arch/x86/include/asm/msr.h:11: In file included from ./arch/x86/include/asm/cpumask.h:5: In file included from ./include/linux/cpumask.h:12: In file included from ./include/linux/bitmap.h:11: In file included from ./include/linux/string.h:254: ./include/linux/fortify-string.h:592:4: warning: call to '__read_overflow2_field' declared with 'warning' attribute: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Wattribute-warning] __read_overflow2_field(q_size_field, size); The compiler actually complains on 'plfxlc_get_et_strings()' where fortification logic inteprets call to 'memcpy()' as an attempt to copy the whole 'et_strings' array from its first member and so issues an overread warning. This warning may be silenced by passing an address of the whole array and not the first member to 'memcpy()'. Signed-off-by: Dmitry Antipov <dmantipov(a)yandex.ru> Signed-off-by: Kalle Valo <kvalo(a)kernel.org> Link: https://lore.kernel.org/r/20230829094541.234751-1-dmantipov@yandex.ru Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/net/wireless/purelifi/plfxlc/mac.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/purelifi/plfxlc/mac.c b/drivers/net/wireless/purelifi/plfxlc/mac.c index 94ee831b5de35..506d2f31efb5a 100644 --- a/drivers/net/wireless/purelifi/plfxlc/mac.c +++ b/drivers/net/wireless/purelifi/plfxlc/mac.c @@ -666,7 +666,7 @@ static void plfxlc_get_et_strings(struct ieee80211_hw *hw, u32 sset, u8 *data) { if (sset == ETH_SS_STATS) - memcpy(data, *et_strings, sizeof(et_strings)); + memcpy(data, et_strings, sizeof(et_strings)); } static void plfxlc_get_et_stats(struct ieee80211_hw *hw, -- 2.42.0

1 year, 7 months

1
29
0 0

[PATCH AUTOSEL 6.6 01/31] wifi: plfxlc: fix clang-specific fortify warning

by Sasha Levin

From: Dmitry Antipov <dmantipov(a)yandex.ru> [ Upstream commit a763e92c78615ea838f5b9a841398b1d4adb968e ] When compiling with clang 16.0.6 and CONFIG_FORTIFY_SOURCE=y, I've noticed the following (somewhat confusing due to absence of an actual source code location): In file included from drivers/net/wireless/purelifi/plfxlc/mac.c:6: In file included from ./include/linux/netdevice.h:24: In file included from ./include/linux/timer.h:6: In file included from ./include/linux/ktime.h:24: In file included from ./include/linux/time.h:60: In file included from ./include/linux/time32.h:13: In file included from ./include/linux/timex.h:67: In file included from ./arch/x86/include/asm/timex.h:5: In file included from ./arch/x86/include/asm/processor.h:23: In file included from ./arch/x86/include/asm/msr.h:11: In file included from ./arch/x86/include/asm/cpumask.h:5: In file included from ./include/linux/cpumask.h:12: In file included from ./include/linux/bitmap.h:11: In file included from ./include/linux/string.h:254: ./include/linux/fortify-string.h:592:4: warning: call to '__read_overflow2_field' declared with 'warning' attribute: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Wattribute-warning] __read_overflow2_field(q_size_field, size); The compiler actually complains on 'plfxlc_get_et_strings()' where fortification logic inteprets call to 'memcpy()' as an attempt to copy the whole 'et_strings' array from its first member and so issues an overread warning. This warning may be silenced by passing an address of the whole array and not the first member to 'memcpy()'. Signed-off-by: Dmitry Antipov <dmantipov(a)yandex.ru> Signed-off-by: Kalle Valo <kvalo(a)kernel.org> Link: https://lore.kernel.org/r/20230829094541.234751-1-dmantipov@yandex.ru Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/net/wireless/purelifi/plfxlc/mac.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/purelifi/plfxlc/mac.c b/drivers/net/wireless/purelifi/plfxlc/mac.c index 94ee831b5de35..506d2f31efb5a 100644 --- a/drivers/net/wireless/purelifi/plfxlc/mac.c +++ b/drivers/net/wireless/purelifi/plfxlc/mac.c @@ -666,7 +666,7 @@ static void plfxlc_get_et_strings(struct ieee80211_hw *hw, u32 sset, u8 *data) { if (sset == ETH_SS_STATS) - memcpy(data, *et_strings, sizeof(et_strings)); + memcpy(data, et_strings, sizeof(et_strings)); } static void plfxlc_get_et_stats(struct ieee80211_hw *hw, -- 2.42.0

1 year, 7 months

1
30
0 0

[PATCH 06/21] binder: fix comment on binder_alloc_new_buf() return value

by Carlos Llamas

Update the comments of binder_alloc_new_buf() to reflect that the return value of the function is now ERR_PTR(-errno) on failure. No functional changes in this patch. Cc: stable(a)vger.kernel.org Fixes: 57ada2fb2250 ("binder: add log information for binder transaction failures") Signed-off-by: Carlos Llamas <cmllamas(a)google.com> --- drivers/android/binder_alloc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c index cd720bb5c9ce..0e8312f4b771 100644 --- a/drivers/android/binder_alloc.c +++ b/drivers/android/binder_alloc.c @@ -558,7 +558,7 @@ static struct binder_buffer *binder_alloc_new_buf_locked( * is the sum of the three given sizes (each rounded up to * pointer-sized boundary) * - * Return: The allocated buffer or %NULL if error + * Return: The allocated buffer or %ERR_PTR(-errno) if error */ struct binder_buffer *binder_alloc_new_buf(struct binder_alloc *alloc, size_t data_size, -- 2.42.0.869.gea05f2083d-goog

1 year, 7 months

2
1
0 0

[PATCH 02/21] binder: fix use-after-free in shinker's callback

by Carlos Llamas

The mmap read lock is used during the shrinker's callback, which means that using alloc->vma pointer isn't safe as it can race with munmap(). As of commit dd2283f2605e ("mm: mmap: zap pages with read mmap_sem in munmap") the mmap lock is downgraded after the vma has been isolated. I was able to reproduce this issue by manually adding some delays and triggering page reclaiming through the shrinker's debug sysfs. The following KASAN report confirms the UAF: ================================================================== BUG: KASAN: slab-use-after-free in zap_page_range_single+0x470/0x4b8 Read of size 8 at addr ffff356ed50e50f0 by task bash/478 CPU: 1 PID: 478 Comm: bash Not tainted 6.6.0-rc5-00055-g1c8b86a3799f-dirty #70 Hardware name: linux,dummy-virt (DT) Call trace: zap_page_range_single+0x470/0x4b8 binder_alloc_free_page+0x608/0xadc __list_lru_walk_one+0x130/0x3b0 list_lru_walk_node+0xc4/0x22c binder_shrink_scan+0x108/0x1dc shrinker_debugfs_scan_write+0x2b4/0x500 full_proxy_write+0xd4/0x140 vfs_write+0x1ac/0x758 ksys_write+0xf0/0x1dc __arm64_sys_write+0x6c/0x9c Allocated by task 492: kmem_cache_alloc+0x130/0x368 vm_area_alloc+0x2c/0x190 mmap_region+0x258/0x18bc do_mmap+0x694/0xa60 vm_mmap_pgoff+0x170/0x29c ksys_mmap_pgoff+0x290/0x3a0 __arm64_sys_mmap+0xcc/0x144 Freed by task 491: kmem_cache_free+0x17c/0x3c8 vm_area_free_rcu_cb+0x74/0x98 rcu_core+0xa38/0x26d4 rcu_core_si+0x10/0x1c __do_softirq+0x2fc/0xd24 Last potentially related work creation: __call_rcu_common.constprop.0+0x6c/0xba0 call_rcu+0x10/0x1c vm_area_free+0x18/0x24 remove_vma+0xe4/0x118 do_vmi_align_munmap.isra.0+0x718/0xb5c do_vmi_munmap+0xdc/0x1fc __vm_munmap+0x10c/0x278 __arm64_sys_munmap+0x58/0x7c Fix this issue by performing instead a vma_lookup() which will fail to find the vma that was isolated before the mmap lock downgrade. Note that this option has better performance than upgrading to a mmap write lock which would increase contention. Plus, mmap_write_trylock() has been recently removed anyway. Fixes: dd2283f2605e ("mm: mmap: zap pages with read mmap_sem in munmap") Cc: stable(a)vger.kernel.org Cc: Liam Howlett <liam.howlett(a)oracle.com> Cc: Minchan Kim <minchan(a)kernel.org> Signed-off-by: Carlos Llamas <cmllamas(a)google.com> --- drivers/android/binder_alloc.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c index e3db8297095a..c4d60d81221b 100644 --- a/drivers/android/binder_alloc.c +++ b/drivers/android/binder_alloc.c @@ -1005,7 +1005,9 @@ enum lru_status binder_alloc_free_page(struct list_head *item, goto err_mmget; if (!mmap_read_trylock(mm)) goto err_mmap_read_lock_failed; - vma = binder_alloc_get_vma(alloc); + vma = vma_lookup(mm, page_addr); + if (vma && vma != binder_alloc_get_vma(alloc)) + goto err_invalid_vma; list_lru_isolate(lru, item); spin_unlock(lock); @@ -1031,6 +1033,8 @@ enum lru_status binder_alloc_free_page(struct list_head *item, mutex_unlock(&alloc->mutex); return LRU_REMOVED_RETRY; +err_invalid_vma: + mmap_read_unlock(mm); err_mmap_read_lock_failed: mmput_async(mm); err_mmget: -- 2.42.0.869.gea05f2083d-goog

1 year, 7 months

3
4
0 0

[PATCH 01/21] binder: use EPOLLERR from eventpoll.h

by Carlos Llamas

Use EPOLLERR instead of POLLERR to make sure it is cast to the correct __poll_t type. This fixes the following sparse issue: drivers/android/binder.c:5030:24: warning: incorrect type in return expression (different base types) drivers/android/binder.c:5030:24: expected restricted __poll_t drivers/android/binder.c:5030:24: got int Fixes: f88982679f54 ("binder: check for binder_thread allocation failure in binder_poll()") Cc: stable(a)vger.kernel.org Cc: Eric Biggers <ebiggers(a)google.com> Signed-off-by: Carlos Llamas <cmllamas(a)google.com> --- drivers/android/binder.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/android/binder.c b/drivers/android/binder.c index 92128aae2d06..71a40a4c546f 100644 --- a/drivers/android/binder.c +++ b/drivers/android/binder.c @@ -5030,7 +5030,7 @@ static __poll_t binder_poll(struct file *filp, thread = binder_get_thread(proc); if (!thread) - return POLLERR; + return EPOLLERR; binder_inner_proc_lock(thread->proc); thread->looper |= BINDER_LOOPER_STATE_POLL; -- 2.42.0.869.gea05f2083d-goog

1 year, 7 months

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror