- Linux-stable-mirror - lists.linaro.org

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.115 release. There are 84 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 29 Oct 2025 18:34:15 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.115-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.115-rc1 Haoyu Li <lihaoyu499(a)gmail.com> gpio: ljca: Initialize num before accessing item in ljca_gpio_config Darrick J. Wong <djwong(a)kernel.org> fuse: fix livelock in synchronous file put from fuseblk workers Amir Goldstein <amir73il(a)gmail.com> fuse: allocate ff->release_args only if release is needed Vineeth Vijayan <vneethv(a)linux.ibm.com> s390/cio: Update purge function to unregister the unused subchannels Babu Moger <babu.moger(a)amd.com> x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Jakub Acs <acsjakub(a)amazon.de> fs/notify: call exportfs_encode_fid with s_umount Darrick J. Wong <djwong(a)kernel.org> xfs: always warn about deprecated mount options Maarten Lankhorst <dev(a)lankhorst.se> devcoredump: Fix circular locking dependency with devcd->mutex. Daniel Golle <daniel(a)makrotopia.org> serial: 8250_mtk: Enable baud clock and manage in runtime PM Florian Eckert <fe(a)dev.tdt.de> serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 Artem Shimko <a.shimko.dev(a)gmail.com> serial: 8250_dw: handle reset control deassert error Xu Yang <xu.yang_2(a)nxp.com> dt-bindings: usb: dwc3-imx8mp: dma-range is required only for imx8mp Michael Grzeschik <m.grzeschik(a)pengutronix.de> tcpm: switch check for role_sw device with fw_node Victoria Votokina <Victoria.Votokina(a)kaspersky.com> most: usb: hdm_probe: Fix calling put_device() before device initialization Victoria Votokina <Victoria.Votokina(a)kaspersky.com> most: usb: Fix use-after-free in hdm_disconnect Junhao Xie <bigfoot(a)radxa.com> misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup Alexander Usyskin <alexander.usyskin(a)intel.com> mei: me: add wildcat lake P DID Deepanshu Kartikey <kartikey406(a)gmail.com> comedi: fix divide-by-zero in comedi_buf_munge() Alice Ryhl <aliceryhl(a)google.com> binder: remove "invalid inc weak" check Andrew Cooper <andrew.cooper3(a)citrix.com> x86/microcode: Fix Entrysign revision check for Zen1/Naples Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: dbc: enable back DbC in resume if it was enabled before suspend Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: do not limit transfer length Tim Guttzeit <t.guttzeit(a)tuxedocomputers.com> usb/core/quirks: Add Huawei ME906S to wakeup quirk LI Qingwu <Qing-wu.Li(a)leica-geosystems.com.cn> USB: serial: option: add Telit FN920C04 ECM compositions Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add Quectel RG255C Renjun Wang <renjunw0(a)foxmail.com> USB: serial: option: add UNISOC UIS7720 Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> sched: Remove never used code in mm_cid_get() Alok Tiwari <alok.a.tiwari(a)oracle.com> io_uring: correct __must_hold annotation in io_install_fixed_file Haotian Zhang <vulab(a)iscas.ac.cn> gpio: ljca: Fix duplicated IRQ mapping Wentong Wu <wentong.wu(a)intel.com> gpio: update Intel LJCA USB GPIO driver Guenter Roeck <linux(a)roeck-us.net> hwmon: (sht3x) Fix error handling Anup Patel <apatel(a)ventanamicro.com> RISC-V: Don't print details of CPUs disabled in DT Anup Patel <apatel(a)ventanamicro.com> RISC-V: Define pgprot_dmacoherent() for non-coherent devices Artem Shimko <a.shimko.dev(a)gmail.com> firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Account for failed debug initialization Han Xu <han.xu(a)nxp.com> spi: spi-nxp-fspi: add extra delay after dll locked Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: join: mark implicit tests as skipped if not supported Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: join: mark 'flush re-add' as skipped if not supported Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> net: ravb: Ensure memory write completes before ringing TX doorbell Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> net: ravb: Enforce descriptor type ordering Michal Pecio <michal.pecio(a)gmail.com> net: usb: rtl8150: Fix frame padding Sebastian Reichel <sebastian.reichel(a)collabora.com> net: stmmac: dwmac-rk: Fix disabling set_clock_selection Stefano Garzarella <sgarzare(a)redhat.com> vsock: fix lock inversion in vsock_assign_transport() Deepanshu Kartikey <kartikey406(a)gmail.com> ocfs2: clear extent cache after moving/defragmenting extents Maciej W. Rozycki <macro(a)orcam.me.uk> MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering David Howells <dhowells(a)redhat.com> cifs: Fix TCP_Server_Info::credits to be signed Marc Kleine-Budde <mkl(a)pengutronix.de> can: netlink: can_changelink(): allow disabling of automatic restart Xi Ruoyao <xry111(a)xry111.site> ACPICA: Work around bogus -Wstringop-overread warning since GCC 11 Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Revert "cpuidle: menu: Avoid discarding useful information" William Breathitt Gray <wbg(a)kernel.org> gpio: 104-idio-16: Define maximum valid register address offset William Breathitt Gray <wbg(a)kernel.org> gpio: pci-idio-16: Define maximum valid register address offset Kaushlendra Kumar <kaushlendra.kumar(a)intel.com> arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Marek Szyprowski <m.szyprowski(a)samsung.com> dma-debug: don't report false positives with DMA_BOUNCE_UNALIGNED_KMALLOC Tonghao Zhang <tonghao(a)bamaicloud.com> net: bonding: fix possible peer notify event loss or dup issue Alexey Simakov <bigalex934(a)gmail.com> sctp: avoid NULL dereference when chunk data buffer is missing Huang Ying <ying.huang(a)linux.alibaba.com> arm64, mm: avoid always making PTE dirty in pte_mkwrite() Amery Hung <ameryhung(a)gmail.com> net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ Amery Hung <ameryhung(a)gmail.com> net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for legacy RQ Carolina Jubran <cjubran(a)nvidia.com> net/mlx5e: Reuse per-RQ XDP buffer to avoid stack zeroing overhead Xin Long <lucien.xin(a)gmail.com> selftests: net: fix server bind failure in sctp_vrf.sh Hangbin Liu <liuhangbin(a)gmail.com> selftests/net: convert sctp_vrf.sh to run it in unique namespace Marc Kleine-Budde <mkl(a)pengutronix.de> can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() Ioana Ciornei <ioana.ciornei(a)nxp.com> dpaa2-eth: fix the pointer passed to PTR_ALIGN on Tx path Wei Fang <wei.fang(a)nxp.com> net: enetc: correct the value of ENETC_RXB_TRUESIZE Jianpeng Chang <jianpeng.chang.cn(a)windriver.com> net: enetc: fix the deadlock of enetc_mdio_lock Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> net: Tree wide: Replace xdp_do_flush_map() with xdp_do_flush(). Johannes Wiesböck <johannes.wiesboeck(a)aisec.fraunhofer.de> rtnetlink: Allow deleting FDB entries in user namespace Nathan Chancellor <nathan(a)kernel.org> net/mlx5e: Return 1 instead of 0 in invalid case in mlx5e_mpwrq_umr_entry_size() Linus Torvalds <torvalds(a)linux-foundation.org> Unbreak 'make tools/*' for user-space targets Stefan Metzmacher <metze(a)samba.org> smb: server: let smb_direct_flush_send_list() invalidate a remote key first Yicong Yang <yangyicong(a)hisilicon.com> drivers/perf: hisi: Relax the event ID check in the framework Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/32: Remove PAGE_KERNEL_TEXT to fix startup failure Geert Uytterhoeven <geert(a)linux-m68k.org> m68k: bitops: Fix find_*_bit() signatures Junjie Cao <junjie.cao(a)intel.com> lkdtm: fortify: Fix potential NULL dereference on kmalloc failure Yangtao Li <frank.li(a)vivo.com> hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Alexander Aring <aahringo(a)redhat.com> dlm: check for defined force value in dlm_lockspace_release Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() Yang Chenzhi <yang.chenzhi(a)vivo.com> hfs: validate record offset in hfsplus_bmap_alloc Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: make proper initalization of struct hfs_find_data Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: clear offset and space out of valid records in b-tree node Simon Schuster <schuster.simon(a)siemens-energy.com> nios2: ensure that memblock.current_limit is set when setting pfn limits Xichao Zhao <zhao.xichao(a)vivo.com> exec: Fix incorrect type for ret ------------- Diffstat: .../devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml | 10 +- Makefile | 8 +- arch/arm64/include/asm/pgtable.h | 3 +- arch/m68k/include/asm/bitops.h | 25 ++- arch/mips/mti-malta/malta-setup.c | 2 +- arch/nios2/kernel/setup.c | 15 ++ arch/powerpc/include/asm/pgtable.h | 12 - arch/powerpc/mm/book3s32/mmu.c | 4 +- arch/powerpc/mm/pgtable_32.c | 2 +- arch/riscv/include/asm/pgtable.h | 2 + arch/riscv/kernel/cpu.c | 4 +- arch/x86/kernel/cpu/microcode/amd.c | 2 +- arch/x86/kernel/cpu/resctrl/monitor.c | 12 +- drivers/acpi/acpica/tbprint.c | 6 + drivers/android/binder.c | 11 +- drivers/base/arch_topology.c | 2 +- drivers/base/devcoredump.c | 138 +++++++----- drivers/comedi/comedi_buf.c | 2 +- drivers/cpuidle/governors/menu.c | 21 +- drivers/firmware/arm_scmi/common.h | 24 +- drivers/firmware/arm_scmi/driver.c | 47 ++-- drivers/gpio/Kconfig | 4 +- drivers/gpio/gpio-104-idio-16.c | 1 + drivers/gpio/gpio-ljca.c | 248 ++++++++++++--------- drivers/gpio/gpio-pci-idio-16.c | 1 + drivers/hwmon/sht3x.c | 27 ++- drivers/misc/fastrpc.c | 2 + drivers/misc/lkdtm/fortify.c | 6 + drivers/misc/mei/hw-me-regs.h | 2 + drivers/misc/mei/pci-me.c | 2 + drivers/most/most_usb.c | 13 +- drivers/net/bonding/bond_main.c | 40 ++-- drivers/net/can/bxcan.c | 2 +- drivers/net/can/dev/netlink.c | 6 +- drivers/net/ethernet/amazon/ena/ena_netdev.c | 2 +- drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 3 +- drivers/net/ethernet/freescale/enetc/enetc.c | 27 ++- drivers/net/ethernet/freescale/enetc/enetc.h | 2 +- drivers/net/ethernet/freescale/fec_main.c | 2 +- drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 +- drivers/net/ethernet/intel/ice/ice_txrx_lib.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 2 +- drivers/net/ethernet/marvell/mvneta.c | 2 +- drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c | 2 +- drivers/net/ethernet/mediatek/mtk_eth_soc.c | 2 +- drivers/net/ethernet/mellanox/mlx5/core/en.h | 7 + .../net/ethernet/mellanox/mlx5/core/en/params.c | 2 +- drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c | 2 +- drivers/net/ethernet/mellanox/mlx5/core/en/xdp.h | 6 - drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 128 +++++++---- drivers/net/ethernet/netronome/nfp/nfd3/xsk.c | 2 +- drivers/net/ethernet/renesas/ravb_main.c | 24 +- drivers/net/ethernet/sfc/efx_channels.c | 2 +- drivers/net/ethernet/sfc/siena/efx_channels.c | 2 +- drivers/net/ethernet/socionext/netsec.c | 2 +- drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c | 9 +- drivers/net/ethernet/ti/cpsw_priv.c | 2 +- drivers/net/usb/rtl8150.c | 11 +- drivers/perf/hisilicon/hisi_uncore_pmu.c | 2 +- drivers/perf/hisilicon/hisi_uncore_pmu.h | 3 +- drivers/s390/cio/device.c | 37 +-- drivers/spi/spi-nxp-fspi.c | 6 + drivers/tty/serial/8250/8250_dw.c | 4 +- drivers/tty/serial/8250/8250_exar.c | 11 + drivers/tty/serial/8250/8250_mtk.c | 6 +- drivers/usb/core/quirks.c | 2 + drivers/usb/gadget/legacy/raw_gadget.c | 2 - drivers/usb/host/xhci-dbgcap.c | 9 +- drivers/usb/serial/option.c | 10 + drivers/usb/typec/tcpm/tcpm.c | 4 +- fs/dlm/lockspace.c | 2 +- fs/exec.c | 2 +- fs/fuse/dir.c | 2 +- fs/fuse/file.c | 75 ++++--- fs/fuse/fuse_i.h | 2 +- fs/hfs/bfind.c | 8 +- fs/hfs/brec.c | 27 ++- fs/hfs/mdb.c | 2 +- fs/hfsplus/bfind.c | 8 +- fs/hfsplus/bnode.c | 41 ---- fs/hfsplus/btree.c | 6 + fs/hfsplus/hfsplus_fs.h | 42 ++++ fs/hfsplus/super.c | 25 ++- fs/notify/fdinfo.c | 6 + fs/ocfs2/move_extents.c | 5 + fs/smb/client/cifsglob.h | 2 +- fs/smb/server/transport_rdma.c | 11 +- fs/xfs/xfs_super.c | 33 ++- io_uring/filetable.c | 2 +- kernel/dma/debug.c | 5 +- kernel/sched/sched.h | 2 - net/core/rtnetlink.c | 3 - net/sctp/inqueue.c | 13 +- net/vmw_vsock/af_vsock.c | 38 ++-- tools/testing/selftests/net/mptcp/mptcp_join.sh | 6 +- tools/testing/selftests/net/sctp_hello.c | 17 +- tools/testing/selftests/net/sctp_vrf.sh | 85 ++++--- 98 files changed, 917 insertions(+), 604 deletions(-)

2 weeks

11
94
0 0

[PATCH v2 2/4] ASoC: cs4271: Disable regulators in component_probe() error path

by Herve Codina

The commit 9a397f473657 ("ASoC: cs4271: add regulator consumer support") has introduced regulators in the driver. Regulators are enabled at the beginning of component_probe() but they are not disabled on errors. This can lead to unbalanced enable/disable. Fix the error path to disable regulators on errors. Fixes: 9a397f473657 ("ASoC: cs4271: add regulator consumer support") Cc: stable(a)vger.kernel.org Signed-off-by: Herve Codina <herve.codina(a)bootlin.com> --- sound/soc/codecs/cs4271.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/sound/soc/codecs/cs4271.c b/sound/soc/codecs/cs4271.c index ff9c6628224c..a9d333e6c723 100644 --- a/sound/soc/codecs/cs4271.c +++ b/sound/soc/codecs/cs4271.c @@ -572,17 +572,17 @@ static int cs4271_component_probe(struct snd_soc_component *component) ret = regcache_sync(cs4271->regmap); if (ret < 0) - return ret; + goto err_disable_regulators; ret = regmap_update_bits(cs4271->regmap, CS4271_MODE2, CS4271_MODE2_PDN | CS4271_MODE2_CPEN, CS4271_MODE2_PDN | CS4271_MODE2_CPEN); if (ret < 0) - return ret; + goto err_disable_regulators; ret = regmap_update_bits(cs4271->regmap, CS4271_MODE2, CS4271_MODE2_PDN, 0); if (ret < 0) - return ret; + goto err_disable_regulators; /* Power-up sequence requires 85 uS */ udelay(85); @@ -592,6 +592,10 @@ static int cs4271_component_probe(struct snd_soc_component *component) CS4271_MODE2_MUTECAEQUB); return 0; + +err_disable_regulators: + regulator_bulk_disable(ARRAY_SIZE(cs4271->supplies), cs4271->supplies); + return ret; } static void cs4271_component_remove(struct snd_soc_component *component) -- 2.51.0

2 weeks

2
1
0 0

[PATCH 5.15 000/117] 5.15.196-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.196 release. There are 117 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 30 Oct 2025 09:28:07 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.196-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.196-rc2 Marek Vasut <marek.vasut+renesas(a)mailbox.org> PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() Zhengchao Shao <shaozhengchao(a)huawei.com> net: rtnetlink: fix module reference count leak issue in rtnetlink_rcv_msg Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_acm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_ncm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Introduce free_usb_request helper Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Store endpoint pointer in usb_request Kaushlendra Kumar <kaushlendra.kumar(a)intel.com> arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Darrick J. Wong <djwong(a)kernel.org> xfs: always warn about deprecated mount options Maarten Lankhorst <dev(a)lankhorst.se> devcoredump: Fix circular locking dependency with devcd->mutex. Niklas Cassel <cassel(a)kernel.org> PCI: tegra194: Reset BARs when running in PCIe endpoint mode Marek Vasut <marek.vasut+renesas(a)mailbox.org> PCI: rcar-host: Drop PMSR spinlock Marek Vasut <marek.vasut+renesas(a)gmail.com> PCI: rcar: Finish transition to L1 state in rcar_pcie_config_access() Vidya Sagar <vidyas(a)nvidia.com> PCI: tegra194: Handle errors in BPMP response Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix wrong block mapping for multi-devices Chuck Lever <chuck.lever(a)oracle.com> NFSD: Define a proc_layoutcommit for the FlexFiles layout type Jan Kara <jack(a)suse.cz> vfs: Don't leak disconnected dentries on umount Gui-Dong Han <hanguidong02(a)gmail.com> drm/amdgpu: use atomic functions with memory barriers for vm fault info Marek Vasut <marek.vasut+renesas(a)mailbox.org> PCI: rcar-host: Convert struct rcar_msi mask_lock into raw spinlock Muhammad Usama Anjum <usama.anjum(a)collabora.com> wifi: ath11k: HAL SRNG: don't deinitialize and re-initialize again Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: j721e: Fix programming sequence of "strap" settings Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists Darrick J. Wong <djwong(a)kernel.org> fuse: fix livelock in synchronous file put from fuseblk workers Amir Goldstein <amir73il(a)gmail.com> fuse: allocate ff->release_args only if release is needed Xiao Liang <shaw.leon(a)gmail.com> padata: Reset next CPU when reorder sequence wraps around Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Simplify pm_runtime setup Bence Csókás <csokas.bence(a)prolan.hu> PM: runtime: Add new devm functions Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Avoid configuring if already pm_runtime suspended David Lechner <dlechner(a)baylibre.com> iio: imu: inv_icm42600: use = { } instead of memset() Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Fix last write offset handling in layoutcommit Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Minor cleanup in layoutcommit processing Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Rework encoding and decoding of nfsd4_deviceid Christoph Hellwig <hch(a)lst.de> xfs: fix log CRC mismatches between i386 and other architectures Christoph Hellwig <hch(a)lst.de> xfs: rename the old_crc variable in xlog_recover_process Vineeth Vijayan <vneethv(a)linux.ibm.com> s390/cio: Update purge function to unregister the unused subchannels Mark Rutland <mark.rutland(a)arm.com> arm64: errata: Apply workarounds for Neoverse-V3AE Mark Rutland <mark.rutland(a)arm.com> arm64: cputype: Add Neoverse-V3AE definitions Florian Eckert <fe(a)dev.tdt.de> serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 Victoria Votokina <Victoria.Votokina(a)kaspersky.com> most: usb: hdm_probe: Fix calling put_device() before device initialization Victoria Votokina <Victoria.Votokina(a)kaspersky.com> most: usb: Fix use-after-free in hdm_disconnect Alexander Usyskin <alexander.usyskin(a)intel.com> mei: me: add wildcat lake P DID Deepanshu Kartikey <kartikey406(a)gmail.com> comedi: fix divide-by-zero in comedi_buf_munge() Alice Ryhl <aliceryhl(a)google.com> binder: remove "invalid inc weak" check Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: dbc: enable back DbC in resume if it was enabled before suspend Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: do not limit transfer length Tim Guttzeit <t.guttzeit(a)tuxedocomputers.com> usb/core/quirks: Add Huawei ME906S to wakeup quirk LI Qingwu <Qing-wu.Li(a)leica-geosystems.com.cn> USB: serial: option: add Telit FN920C04 ECM compositions Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add Quectel RG255C Renjun Wang <renjunw0(a)foxmail.com> USB: serial: option: add UNISOC UIS7720 Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> net: ravb: Ensure memory write completes before ringing TX doorbell Michal Pecio <michal.pecio(a)gmail.com> net: usb: rtl8150: Fix frame padding Stefano Garzarella <sgarzare(a)redhat.com> vsock: fix lock inversion in vsock_assign_transport() Deepanshu Kartikey <kartikey406(a)gmail.com> ocfs2: clear extent cache after moving/defragmenting extents Maciej W. Rozycki <macro(a)orcam.me.uk> MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Revert "cpuidle: menu: Avoid discarding useful information" Tonghao Zhang <tonghao(a)bamaicloud.com> net: bonding: fix possible peer notify event loss or dup issue Alexey Simakov <bigalex934(a)gmail.com> sctp: avoid NULL dereference when chunk data buffer is missing Huang Ying <ying.huang(a)linux.alibaba.com> arm64, mm: avoid always making PTE dirty in pte_mkwrite() Ioana Ciornei <ioana.ciornei(a)nxp.com> dpaa2-eth: fix the pointer passed to PTR_ALIGN on Tx path Wei Fang <wei.fang(a)nxp.com> net: enetc: correct the value of ENETC_RXB_TRUESIZE Johannes Wiesböck <johannes.wiesboeck(a)aisec.fraunhofer.de> rtnetlink: Allow deleting FDB entries in user namespace Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add NLM_F_BULK support to rtnl_fdb_del Nikolay Aleksandrov <razor(a)blackwall.org> net: add ndo_fdb_del_bulk Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add bulk delete support flag Nikolay Aleksandrov <razor(a)blackwall.org> net: netlink: add NLM_F_BULK delete request modifier Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: use BIT for flag values Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add helper to extract msg type's kind Geert Uytterhoeven <geert(a)linux-m68k.org> m68k: bitops: Fix find_*_bit() signatures Yangtao Li <frank.li(a)vivo.com> hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Alexander Aring <aahringo(a)redhat.com> dlm: check for defined force value in dlm_lockspace_release Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() Yang Chenzhi <yang.chenzhi(a)vivo.com> hfs: validate record offset in hfsplus_bmap_alloc Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: make proper initalization of struct hfs_find_data Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: clear offset and space out of valid records in b-tree node Simon Schuster <schuster.simon(a)siemens-energy.com> nios2: ensure that memblock.current_limit is set when setting pfn limits Xichao Zhao <zhao.xichao(a)vivo.com> exec: Fix incorrect type for ret Niko Mauno <niko.mauno(a)vaisala.com> Revert "perf test: Don't leak workload gopipe in PERF_RECORD_*" Brian Norris <briannorris(a)google.com> PCI/sysfs: Ensure devices are powered for config reads (part 2) Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Jiaming Zhang <r772577952(a)gmail.com> ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card Randy Dunlap <rdunlap(a)infradead.org> ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Vincent Guittot <vincent.guittot(a)linaro.org> sched/fair: Fix pelt lost idle time detection Ingo Molnar <mingo(a)kernel.org> sched/balancing: Rename newidle_balance() => sched_balance_newidle() Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/powerplay: Fix CIK shutdown temperature Fabian Vogt <fvogt(a)suse.de> riscv: kprobes: Fix probe address validation I Viswanath <viswanathiyyappan(a)gmail.com> net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Oleksij Rempel <linux(a)rempel-privat.de> net: usb: lan78xx: Add error handling to lan78xx_init_mac_address Jakub Kicinski <kuba(a)kernel.org> net: usb: use eth_hw_addr_set() instead of ether_addr_copy() Sabrina Dubroca <sd(a)queasysnail.net> tls: don't rely on tx_work during send() Sabrina Dubroca <sd(a)queasysnail.net> tls: always set record_type in tls_process_cmsg Sabrina Dubroca <sd(a)queasysnail.net> tls: wait for async encrypt in case of error during latter iterations of sendmsg Sascha Hauer <s.hauer(a)pengutronix.de> net: tls: wait for async completion on last message David Howells <dhowells(a)redhat.com> splice, net: Add a splice_eof op to file-ops and socket-ops Alexey Simakov <bigalex934(a)gmail.com> tg3: prevent use of uninitialized remote_adv and local_adv variables Eric Dumazet <edumazet(a)google.com> tcp: fix tcp_tso_should_defer() vs large RTT Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: Avoid spurious link down messages during interface toggle Dmitry Safonov <0x7f454c46(a)gmail.com> net/ip6_tunnel: Prevent perpetual tunnel growth Linmao Li <lilinmao(a)kylinos.cn> r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Nicolas Dichtel <nicolas.dichtel(a)6wind.com> doc: fix seg6_flowlabel path Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: handle dma_map_single() failure properly Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() Yuezhang Mo <Yuezhang.Mo(a)sony.com> dax: skip read lock assertion for read-only filesystems Benjamin Tissoires <bentiss(a)kernel.org> HID: multitouch: fix sticky fingers Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay Thomas Fourier <fourier.thomas(a)gmail.com> crypto: rockchip - Fix dma_unmap_sg() nents value Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: remove ctx->suspended Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: properly clear channels during bind Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions Yu Kuai <yukuai3(a)huawei.com> blk-crypto: fix missing blktrace bio split events Ma Ke <make24(a)iscas.ac.cn> media: lirc: Fix error handling in lirc_register() keliu <liuke94(a)huawei.com> media: rc: Directly use ida_free() Arnd Bergmann <arnd(a)arndb.de> media: s5p-mfc: remove an unused/uninitialized variable Filipe Manana <fdmanana(a)suse.com> btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running Deepanshu Kartikey <kartikey406(a)gmail.com> ext4: detect invalid INLINE_DATA + EXTENTS flag combination Zhang Yi <yi.zhang(a)huawei.com> jbd2: ensure that all ongoing I/O complete before freeing blocks Yi Cong <yicong(a)kylinos.cn> r8152: add error handling in rtl8152_driver_init ------------- Diffstat: Documentation/arm64/silicon-errata.rst | 2 + Documentation/networking/seg6-sysctl.rst | 3 + Makefile | 4 +- arch/arm64/Kconfig | 1 + arch/arm64/include/asm/cputype.h | 2 + arch/arm64/include/asm/pgtable.h | 3 +- arch/arm64/kernel/cpu_errata.c | 1 + arch/m68k/include/asm/bitops.h | 25 ++-- arch/mips/mti-malta/malta-setup.c | 2 +- arch/nios2/kernel/setup.c | 15 +++ arch/riscv/kernel/probes/kprobes.c | 13 +- block/blk-crypto-fallback.c | 3 + drivers/android/binder.c | 11 +- drivers/base/arch_topology.c | 2 +- drivers/base/devcoredump.c | 138 +++++++++++++-------- drivers/base/power/runtime.c | 44 +++++++ drivers/comedi/comedi_buf.c | 2 +- drivers/cpufreq/cppc_cpufreq.c | 14 ++- drivers/cpuidle/governors/menu.c | 21 ++-- drivers/crypto/rockchip/rk3288_crypto_ahash.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 +- drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 +- .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 +- drivers/gpu/drm/exynos/exynos7_drm_decon.c | 98 +++++---------- drivers/hid/hid-multitouch.c | 27 ++-- drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 5 +- drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 35 ++---- drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 5 +- drivers/media/platform/s5p-mfc/s5p_mfc_cmd_v6.c | 35 ++---- drivers/media/rc/lirc_dev.c | 15 +-- drivers/media/rc/rc-main.c | 6 +- drivers/misc/mei/hw-me-regs.h | 2 + drivers/misc/mei/pci-me.c | 2 + drivers/most/most_usb.c | 13 +- drivers/net/bonding/bond_main.c | 40 +++--- drivers/net/can/m_can/m_can_platform.c | 2 +- drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 - drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 + drivers/net/ethernet/broadcom/tg3.c | 5 +- drivers/net/ethernet/dlink/dl2k.c | 23 ++-- drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 3 +- drivers/net/ethernet/freescale/enetc/enetc.h | 2 +- drivers/net/ethernet/realtek/r8169_main.c | 5 +- drivers/net/ethernet/renesas/ravb_main.c | 8 ++ drivers/net/usb/aqc111.c | 2 +- drivers/net/usb/lan78xx.c | 42 +++++-- drivers/net/usb/r8152.c | 9 +- drivers/net/usb/rndis_host.c | 2 +- drivers/net/usb/rtl8150.c | 13 +- drivers/net/wireless/ath/ath11k/core.c | 6 +- drivers/net/wireless/ath/ath11k/hal.c | 16 +++ drivers/net/wireless/ath/ath11k/hal.h | 1 + drivers/pci/controller/cadence/pci-j721e.c | 64 +++++++++- drivers/pci/controller/dwc/pcie-designware-ep.c | 1 + drivers/pci/controller/dwc/pcie-tegra194.c | 28 ++++- drivers/pci/controller/pcie-rcar-host.c | 83 +++++++------ drivers/pci/pci-sysfs.c | 10 +- drivers/s390/cio/device.c | 37 ++++-- drivers/tty/serial/8250/8250_exar.c | 11 ++ drivers/usb/core/quirks.c | 2 + drivers/usb/gadget/function/f_acm.c | 42 +++---- drivers/usb/gadget/function/f_ncm.c | 78 +++++------- drivers/usb/gadget/legacy/raw_gadget.c | 2 - drivers/usb/gadget/udc/core.c | 3 + drivers/usb/host/xhci-dbgcap.c | 9 +- drivers/usb/serial/option.c | 10 ++ fs/btrfs/relocation.c | 13 +- fs/dax.c | 2 +- fs/dcache.c | 2 + fs/dlm/lockspace.c | 2 +- fs/exec.c | 2 +- fs/ext4/inode.c | 8 ++ fs/f2fs/data.c | 2 +- fs/fuse/dir.c | 2 +- fs/fuse/file.c | 75 ++++++----- fs/fuse/fuse_i.h | 2 +- fs/hfs/bfind.c | 8 +- fs/hfs/brec.c | 27 +++- fs/hfs/mdb.c | 2 +- fs/hfsplus/bfind.c | 8 +- fs/hfsplus/bnode.c | 41 ------ fs/hfsplus/btree.c | 6 + fs/hfsplus/hfsplus_fs.h | 42 +++++++ fs/hfsplus/super.c | 25 +++- fs/hfsplus/unicode.c | 24 ++++ fs/jbd2/transaction.c | 13 +- fs/nfsd/blocklayout.c | 5 +- fs/nfsd/blocklayoutxdr.c | 7 +- fs/nfsd/flexfilelayout.c | 8 ++ fs/nfsd/flexfilelayoutxdr.c | 3 +- fs/nfsd/nfs4layouts.c | 1 - fs/nfsd/nfs4proc.c | 34 +++-- fs/nfsd/nfs4xdr.c | 14 +-- fs/nfsd/xdr4.h | 36 +++++- fs/ocfs2/move_extents.c | 5 + fs/splice.c | 31 ++++- fs/xfs/libxfs/xfs_log_format.h | 30 ++++- fs/xfs/xfs_log.c | 8 +- fs/xfs/xfs_log_priv.h | 4 +- fs/xfs/xfs_log_recover.c | 34 +++-- fs/xfs/xfs_ondisk.h | 2 + fs/xfs/xfs_super.c | 33 +++-- include/linux/cpufreq.h | 3 + include/linux/fs.h | 1 + include/linux/net.h | 1 + include/linux/netdevice.h | 9 ++ include/linux/pm_runtime.h | 4 + include/linux/splice.h | 1 + include/linux/usb/gadget.h | 25 ++++ include/net/ip_tunnels.h | 15 +++ include/net/rtnetlink.h | 9 +- include/net/sock.h | 1 + include/uapi/linux/netlink.h | 1 + kernel/padata.c | 6 +- kernel/sched/fair.c | 38 +++--- net/core/rtnetlink.c | 81 ++++++++---- net/ipv4/ip_tunnel.c | 14 --- net/ipv4/tcp_output.c | 19 ++- net/ipv6/ip6_tunnel.c | 3 +- net/sctp/inqueue.c | 13 +- net/socket.c | 10 ++ net/tls/tls_main.c | 7 +- net/tls/tls_sw.c | 22 +++- net/vmw_vsock/af_vsock.c | 38 +++--- sound/firewire/amdtp-stream.h | 2 +- sound/usb/card.c | 10 +- tools/perf/tests/perf-record.c | 4 - 128 files changed, 1305 insertions(+), 728 deletions(-)

2 weeks

9
8
0 0

[Patch v2] perf/x86/intel: Fix KASAN global-out-of-bounds warning

by Dapeng Mi

When running "perf mem record" command on CWF, the below KASAN global-out-of-bounds warning is seen. 196.273657] ================================================================== [ 196.273662] BUG: KASAN: global-out-of-bounds in cmt_latency_data+0x176/0x1b0 [ 196.273669] Read of size 4 at addr ffffffffb721d000 by task dtlb/9850 [ 196.273676] CPU: 126 UID: 0 PID: 9850 Comm: dtlb Kdump: loaded Not tainted 6.17.0-rc3-2025-08-29-intel-next-34160-g316938187eb0 #1 PREEMPT(none) [ 196.273680] Hardware name: Intel Corporation AvenueCity/AvenueCity, BIOS BHSDCRB1.IPC.3544.P83.2507110208 07/11/2025 [ 196.273682] Call Trace: [ 196.273683] <NMI> [ 196.273684] dump_stack_lvl+0x55/0x70 [ 196.273689] print_address_description.constprop.0+0x2c/0x3d0 [ 196.273694] ? cmt_latency_data+0x176/0x1b0 [ 196.273696] print_report+0xb4/0x270 [ 196.273699] ? kasan_addr_to_slab+0xd/0xa0 [ 196.273702] kasan_report+0xb8/0xf0 [ 196.273705] ? cmt_latency_data+0x176/0x1b0 [ 196.273707] cmt_latency_data+0x176/0x1b0 [ 196.273710] setup_arch_pebs_sample_data+0xf49/0x2560 [ 196.273713] intel_pmu_drain_arch_pebs+0x577/0xb00 [ 196.273716] ? __pfx_intel_pmu_drain_arch_pebs+0x10/0x10 [ 196.273719] ? perf_output_begin+0x3e4/0xa10 [ 196.273724] ? intel_pmu_drain_bts_buffer+0xc2/0x6a0 [ 196.273727] ? __pfx_intel_pmu_drain_bts_buffer+0x10/0x10 [ 196.273730] handle_pmi_common+0x6c4/0xc80 [ 196.273734] ? __pfx_handle_pmi_common+0x10/0x10 [ 196.273738] ? intel_bts_interrupt+0xd3/0x4d0 [ 196.273740] ? __pfx_intel_bts_interrupt+0x10/0x10 [ 196.273742] ? intel_pmu_lbr_enable_all+0x25/0x150 [ 196.273745] intel_pmu_handle_irq+0x388/0x700 [ 196.273748] perf_event_nmi_handler+0xff/0x150 [ 196.273751] nmi_handle.part.0+0xa8/0x2d0 [ 196.273755] ? perf_output_begin+0x3e9/0xa10 [ 196.273757] default_do_nmi+0x79/0x1a0 [ 196.273760] fred_exc_nmi+0x40/0x90 [ 196.273762] asm_fred_entrypoint_kernel+0x45/0x60 [ 196.273765] RIP: 0010:perf_output_begin+0x3e9/0xa10 [ 196.273768] Code: 54 24 1c 85 d2 0f 85 19 03 00 00 48 8b 44 24 18 48 c1 e8 03 42 0f b6 04 28 84 c0 74 08 3c 03 0f 8e 25 05 00 00 41 8b 44 24 18 <c1> e0 0c 48 98 48 83 e8 01 80 7c 24 2a 00 0f 85 f9 02 00 00 4c 29 [ 196.273770] RSP: 0018:ffffc9001cf575e8 EFLAGS: 00000246 [ 196.273774] RAX: 0000000000000080 RBX: ffff88c1a0f95028 RCX: 0000000000000004 [ 196.273775] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88c08c8f9408 [ 196.273777] RBP: 0000000000000028 R08: 0000000000000000 R09: ffffed18341f2a05 [ 196.273778] R10: ffff88c1a0f9502f R11: ffff88c1a0dbe1b8 R12: ffff88c1a0f95000 [ 196.273779] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc9001cf577e0 [ 196.273782] </NMI> The issue is caused by below code in __grt_latency_data(). The code tries to access x86_hybrid_pmu structure which doesn't exist on non-hybrid platform like CWF. WARN_ON_ONCE(hybrid_pmu(event->pmu)->pmu_type == hybrid_big) So add is_hybrid() check before calling this WARN_ON_ONCE to fix the global-out-of-bounds access issue. Reported-by: Xudong Hao <xudong.hao(a)intel.com> Cc: stable(a)vger.kernel.org Fixes: 090262439f66 ("perf/x86/intel: Rename model-specific pebs_latency_data functions") Signed-off-by: Dapeng Mi <dapeng1.mi(a)linux.intel.com> Reviewed-by: Zide Chen <zide.chen(a)intel.com> --- Changes: v2: Wrap the line that exceeds 80 characters (Zide) arch/x86/events/intel/ds.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/events/intel/ds.c b/arch/x86/events/intel/ds.c index c0b7ac1c7594..01bc59e9286c 100644 --- a/arch/x86/events/intel/ds.c +++ b/arch/x86/events/intel/ds.c @@ -317,7 +317,8 @@ static u64 __grt_latency_data(struct perf_event *event, u64 status, { u64 val; - WARN_ON_ONCE(hybrid_pmu(event->pmu)->pmu_type == hybrid_big); + WARN_ON_ONCE(is_hybrid() && + hybrid_pmu(event->pmu)->pmu_type == hybrid_big); dse &= PERF_PEBS_DATA_SOURCE_GRT_MASK; val = hybrid_var(event->pmu, pebs_data_source)[dse]; base-commit: 45e1dccc0653c50e377dae57ef086a8d0f71061d -- 2.34.1

2 weeks

2
1
0 0

[PATCH] most: usb: fix double free on late probe failure

by Johan Hovold

The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads to bugs in the MOST drivers, and a couple of recent changes turned a reference underflow and use-after-free in the USB driver into several double free and a use-after-free on late probe failures. Fixes: 723de0f9171e ("staging: most: remove device from interface structure") Fixes: 4b1270902609 ("most: usb: Fix use-after-free in hdm_disconnect") Fixes: a8cc9e5fcb0e ("most: usb: hdm_probe: Fix calling put_device() before device initialization") Cc: stable(a)vger.kernel.org Cc: Christian Gromm <christian.gromm(a)microchip.com> Cc: Victoria Votokina <Victoria.Votokina(a)kaspersky.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/most/most_usb.c | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/drivers/most/most_usb.c b/drivers/most/most_usb.c index 10064d7b7249..41ee169f80c5 100644 --- a/drivers/most/most_usb.c +++ b/drivers/most/most_usb.c @@ -1058,7 +1058,7 @@ hdm_probe(struct usb_interface *interface, const struct usb_device_id *id) ret = most_register_interface(&mdev->iface); if (ret) - goto err_free_busy_urbs; + return ret; mutex_lock(&mdev->io_mutex); if (le16_to_cpu(usb_dev->descriptor.idProduct) == USB_DEV_ID_OS81118 || @@ -1068,8 +1068,7 @@ hdm_probe(struct usb_interface *interface, const struct usb_device_id *id) if (!mdev->dci) { mutex_unlock(&mdev->io_mutex); most_deregister_interface(&mdev->iface); - ret = -ENOMEM; - goto err_free_busy_urbs; + return -ENOMEM; } mdev->dci->dev.init_name = "dci"; @@ -1078,18 +1077,15 @@ hdm_probe(struct usb_interface *interface, const struct usb_device_id *id) mdev->dci->dev.release = release_dci; if (device_register(&mdev->dci->dev)) { mutex_unlock(&mdev->io_mutex); + put_device(&mdev->dci->dev); most_deregister_interface(&mdev->iface); - ret = -ENOMEM; - goto err_free_dci; + return -ENOMEM; } mdev->dci->usb_device = mdev->usb_device; } mutex_unlock(&mdev->io_mutex); return 0; -err_free_dci: - put_device(&mdev->dci->dev); -err_free_busy_urbs: - kfree(mdev->busy_urbs); + err_free_ep_address: kfree(mdev->ep_address); err_free_cap: -- 2.51.0

2 weeks

1
0
0 0

[PATCH v5 1/2] dma-mapping: benchmark: Restore padding to ensure uABI remained consistent

by Qinxin Xia

The padding field in the structure was previously reserved to maintain a stable interface for potential new fields, ensuring compatibility with user-space shared data structures. However,it was accidentally removed by tiantao in a prior commit, which may lead to incompatibility between user space and the kernel. This patch reinstates the padding to restore the original structure layout and preserve compatibility. Fixes: 8ddde07a3d28 ("dma-mapping: benchmark: extract a common header file for map_benchmark definition") Cc: stable(a)vger.kernel.org Acked-by: Barry Song <baohua(a)kernel.org> Signed-off-by: Qinxin Xia <xiaqinxin(a)huawei.com> --- include/linux/map_benchmark.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/linux/map_benchmark.h b/include/linux/map_benchmark.h index 62674c83bde4..48e2ff95332f 100644 --- a/include/linux/map_benchmark.h +++ b/include/linux/map_benchmark.h @@ -27,5 +27,6 @@ struct map_benchmark { __u32 dma_dir; /* DMA data direction */ __u32 dma_trans_ns; /* time for DMA transmission in ns */ __u32 granule; /* how many PAGE_SIZE will do map/unmap once a time */ + __u8 expansion[76]; /* For future use */ }; #endif /* _KERNEL_DMA_BENCHMARK_H */ -- 2.33.0

2 weeks, 1 day

3
2
0 0

[PATCH v2 1/2] PCI: Allow per function PCI slots

by Farhan Ali

On s390 systems, which use a machine level hypervisor, PCI devices are always accessed through a form of PCI pass-through which fundamentally operates on a per PCI function granularity. This is also reflected in the s390 PCI hotplug driver which creates hotplug slots for individual PCI functions. Its reset_slot() function, which is a wrapper for zpci_hot_reset_device(), thus also resets individual functions. Currently, the kernel's PCI_SLOT() macro assigns the same pci_slot object to multifunction devices. This approach worked fine on s390 systems that only exposed virtual functions as individual PCI domains to the operating system. Since commit 44510d6fa0c0 ("s390/pci: Handling multifunctions") s390 supports exposing the topology of multifunction PCI devices by grouping them in a shared PCI domain. When attempting to reset a function through the hotplug driver, the shared slot assignment causes the wrong function to be reset instead of the intended one. It also leaks memory as we do create a pci_slot object for the function, but don't correctly free it in pci_slot_release(). Add a flag for struct pci_slot to allow per function PCI slots for functions managed through a hypervisor, which exposes individual PCI functions while retaining the topology. Fixes: 44510d6fa0c0 ("s390/pci: Handling multifunctions") Cc: stable(a)vger.kernel.org Suggested-by: Niklas Schnelle <schnelle(a)linux.ibm.com> Signed-off-by: Farhan Ali <alifm(a)linux.ibm.com> --- drivers/pci/pci.c | 5 +++-- drivers/pci/slot.c | 25 ++++++++++++++++++++++--- include/linux/pci.h | 1 + 3 files changed, 26 insertions(+), 5 deletions(-) diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c index b14dd064006c..36ee38e0d817 100644 --- a/drivers/pci/pci.c +++ b/drivers/pci/pci.c @@ -4980,8 +4980,9 @@ static int pci_reset_hotplug_slot(struct hotplug_slot *hotplug, bool probe) static int pci_dev_reset_slot_function(struct pci_dev *dev, bool probe) { - if (dev->multifunction || dev->subordinate || !dev->slot || - dev->dev_flags & PCI_DEV_FLAGS_NO_BUS_RESET) + if (dev->subordinate || !dev->slot || + dev->dev_flags & PCI_DEV_FLAGS_NO_BUS_RESET || + (dev->multifunction && !dev->slot->per_func_slot)) return -ENOTTY; return pci_reset_hotplug_slot(dev->slot->hotplug, probe); diff --git a/drivers/pci/slot.c b/drivers/pci/slot.c index 50fb3eb595fe..ed10fa3ae727 100644 --- a/drivers/pci/slot.c +++ b/drivers/pci/slot.c @@ -63,6 +63,22 @@ static ssize_t cur_speed_read_file(struct pci_slot *slot, char *buf) return bus_speed_read(slot->bus->cur_bus_speed, buf); } +static bool pci_dev_matches_slot(struct pci_dev *dev, struct pci_slot *slot) +{ + if (slot->per_func_slot) + return dev->devfn == slot->number; + + return PCI_SLOT(dev->devfn) == slot->number; +} + +static bool pci_slot_enabled_per_func(void) +{ + if (IS_ENABLED(CONFIG_S390)) + return true; + + return false; +} + static void pci_slot_release(struct kobject *kobj) { struct pci_dev *dev; @@ -73,7 +89,7 @@ static void pci_slot_release(struct kobject *kobj) down_read(&pci_bus_sem); list_for_each_entry(dev, &slot->bus->devices, bus_list) - if (PCI_SLOT(dev->devfn) == slot->number) + if (pci_dev_matches_slot(dev, slot)) dev->slot = NULL; up_read(&pci_bus_sem); @@ -166,7 +182,7 @@ void pci_dev_assign_slot(struct pci_dev *dev) mutex_lock(&pci_slot_mutex); list_for_each_entry(slot, &dev->bus->slots, list) - if (PCI_SLOT(dev->devfn) == slot->number) + if (pci_dev_matches_slot(dev, slot)) dev->slot = slot; mutex_unlock(&pci_slot_mutex); } @@ -265,6 +281,9 @@ struct pci_slot *pci_create_slot(struct pci_bus *parent, int slot_nr, slot->bus = pci_bus_get(parent); slot->number = slot_nr; + if (pci_slot_enabled_per_func()) + slot->per_func_slot = 1; + slot->kobj.kset = pci_slots_kset; slot_name = make_slot_name(name); @@ -285,7 +304,7 @@ struct pci_slot *pci_create_slot(struct pci_bus *parent, int slot_nr, down_read(&pci_bus_sem); list_for_each_entry(dev, &parent->devices, bus_list) - if (PCI_SLOT(dev->devfn) == slot_nr) + if (pci_dev_matches_slot(dev, slot)) dev->slot = slot; up_read(&pci_bus_sem); diff --git a/include/linux/pci.h b/include/linux/pci.h index d1fdf81fbe1e..6ad194597ab5 100644 --- a/include/linux/pci.h +++ b/include/linux/pci.h @@ -78,6 +78,7 @@ struct pci_slot { struct list_head list; /* Node in list of slots */ struct hotplug_slot *hotplug; /* Hotplug info (move here) */ unsigned char number; /* PCI_SLOT(pci_dev->devfn) */ + unsigned int per_func_slot:1; /* Allow per function slot */ struct kobject kobj; }; -- 2.43.0

2 weeks, 1 day

3
3
0 0

[PATCH net] virtio-net: calculate header alignment mask based on features

by Jason Wang

Commit 56a06bd40fab ("virtio_net: enable gso over UDP tunnel support.") switches to check the alignment of the virtio_net_hdr_v1_hash_tunnel even when doing the transmission even if the feature is not negotiated. This will cause a series performance degradation of pktgen as the skb->data can't satisfy the alignment requirement due to the increase of the header size then virtio-net must prepare at least 2 sgs with indirect descriptors which will introduce overheads in the device. Fixing this by calculate the header alignment during probe so when tunnel gso is not negotiated, we can less strict. Pktgen in guest + XDP_DROP on TAP + vhost_net shows the TX PPS is recovered from 2.4Mpps to 4.45Mpps. Note that we still need a way to recover the performance when tunnel gso is enabled, probably a new vnet header format. Fixes: 56a06bd40fab ("virtio_net: enable gso over UDP tunnel support.") Cc: stable(a)vger.kernel.org Signed-off-by: Jason Wang <jasowang(a)redhat.com> --- drivers/net/virtio_net.c | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index 31bd32bdecaf..5b851df749c0 100644 --- a/drivers/net/virtio_net.c +++ b/drivers/net/virtio_net.c @@ -441,6 +441,9 @@ struct virtnet_info { /* Packet virtio header size */ u8 hdr_len; + /* header alignment */ + size_t hdr_align; + /* Work struct for delayed refilling if we run low on memory. */ struct delayed_work refill; @@ -3308,8 +3311,9 @@ static int xmit_skb(struct send_queue *sq, struct sk_buff *skb, bool orphan) pr_debug("%s: xmit %p %pM\n", vi->dev->name, skb, dest); can_push = vi->any_header_sg && - !((unsigned long)skb->data & (__alignof__(*hdr) - 1)) && + !((unsigned long)skb->data & (vi->hdr_align - 1)) && !skb_header_cloned(skb) && skb_headroom(skb) >= hdr_len; + /* Even if we can, don't push here yet as this would skew * csum_start offset below. */ if (can_push) @@ -6926,15 +6930,20 @@ static int virtnet_probe(struct virtio_device *vdev) } if (virtio_has_feature(vdev, VIRTIO_NET_F_GUEST_UDP_TUNNEL_GSO) || - virtio_has_feature(vdev, VIRTIO_NET_F_HOST_UDP_TUNNEL_GSO)) + virtio_has_feature(vdev, VIRTIO_NET_F_HOST_UDP_TUNNEL_GSO)) { vi->hdr_len = sizeof(struct virtio_net_hdr_v1_hash_tunnel); - else if (vi->has_rss_hash_report) + vi->hdr_align = __alignof__(struct virtio_net_hdr_v1_hash_tunnel); + } else if (vi->has_rss_hash_report) { vi->hdr_len = sizeof(struct virtio_net_hdr_v1_hash); - else if (virtio_has_feature(vdev, VIRTIO_NET_F_MRG_RXBUF) || - virtio_has_feature(vdev, VIRTIO_F_VERSION_1)) + vi->hdr_align = __alignof__(struct virtio_net_hdr_v1_hash); + } else if (virtio_has_feature(vdev, VIRTIO_NET_F_MRG_RXBUF) || + virtio_has_feature(vdev, VIRTIO_F_VERSION_1)) { vi->hdr_len = sizeof(struct virtio_net_hdr_mrg_rxbuf); - else + vi->hdr_align = __alignof__(struct virtio_net_hdr_mrg_rxbuf); + } else { vi->hdr_len = sizeof(struct virtio_net_hdr); + vi->hdr_align = __alignof__(struct virtio_net_hdr); + } if (virtio_has_feature(vdev, VIRTIO_NET_F_GUEST_UDP_TUNNEL_GSO_CSUM)) vi->rx_tnl_csum = true; -- 2.31.1

2 weeks, 1 day

3
3
0 0

[PATCH] drm/mediatek: Fix device node reference leak in mtk_dp_dt_parse()

by Miaoqian Lin

The function mtk_dp_dt_parse() calls of_graph_get_endpoint_by_regs() to get the endpoint device node, but fails to call of_node_put() to release the reference when the function returns. This results in a device node reference leak. Fix this by adding the missing of_node_put() call before returning from the function. Found via static analysis and code review. Fixes: f70ac097a2cf ("drm/mediatek: Add MT8195 Embedded DisplayPort driver") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/gpu/drm/mediatek/mtk_dp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/gpu/drm/mediatek/mtk_dp.c b/drivers/gpu/drm/mediatek/mtk_dp.c index bef6eeb30d3e..b0b1e158600f 100644 --- a/drivers/gpu/drm/mediatek/mtk_dp.c +++ b/drivers/gpu/drm/mediatek/mtk_dp.c @@ -2087,6 +2087,7 @@ static int mtk_dp_dt_parse(struct mtk_dp *mtk_dp, endpoint = of_graph_get_endpoint_by_regs(pdev->dev.of_node, 1, -1); len = of_property_count_elems_of_size(endpoint, "data-lanes", sizeof(u32)); + of_node_put(endpoint); if (len < 0 || len > 4 || len == 3) { dev_err(dev, "invalid data lane size: %d\n", len); return -EINVAL; -- 2.39.5 (Apple Git-154)

2 weeks, 1 day

2
1
0 0

[PATCH] drm/bridge: sii902x: Fix device node reference leak sii902x_probe

by Miaoqian Lin

of_graph_get_endpoint_by_regs() gets a reference to the endpoint node to read the "bus-width" property but fails to call of_node_put() to release the reference, causing a reference count leak. Add the missing of_node_put() call to fix this. Found via static analysis and code review. Fixes: d284ccd8588c ("drm/bridge: sii902x: Set input bus format based on bus-width") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/gpu/drm/bridge/sii902x.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/bridge/sii902x.c b/drivers/gpu/drm/bridge/sii902x.c index d537b1d036fb..3a247ac3c7dd 100644 --- a/drivers/gpu/drm/bridge/sii902x.c +++ b/drivers/gpu/drm/bridge/sii902x.c @@ -1189,8 +1189,10 @@ static int sii902x_probe(struct i2c_client *client) sii902x->bus_width = 24; endpoint = of_graph_get_endpoint_by_regs(dev->of_node, 0, -1); - if (endpoint) + if (endpoint) { of_property_read_u32(endpoint, "bus-width", &sii902x->bus_width); + of_node_put(endpoint); + } endpoint = of_graph_get_endpoint_by_regs(dev->of_node, 1, -1); if (endpoint) { -- 2.39.5 (Apple Git-154)

2 weeks, 1 day

1
0
0 0

[PATCH] drm/bridge: samsung-dsim: Fix device node reference leak in samsung_dsim_parse_dt

by Miaoqian Lin

The function samsung_dsim_parse_dt() calls of_graph_get_endpoint_by_regs() to get the endpoint device node, but fails to call of_node_put() to release the reference when the function returns. This results in a device node reference leak. Fix this by adding the missing of_node_put() call before returning from the function. Found via static analysis and code review. Fixes: 77169a11d4e9 ("drm/bridge: samsung-dsim: add driver support for exynos7870 DSIM bridge") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/gpu/drm/bridge/samsung-dsim.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/gpu/drm/bridge/samsung-dsim.c b/drivers/gpu/drm/bridge/samsung-dsim.c index eabc4c32f6ab..1a5acd5077ad 100644 --- a/drivers/gpu/drm/bridge/samsung-dsim.c +++ b/drivers/gpu/drm/bridge/samsung-dsim.c @@ -2086,6 +2086,7 @@ static int samsung_dsim_parse_dt(struct samsung_dsim *dsi) if (lane_polarities[1]) dsi->swap_dn_dp_data = true; } + of_node_put(endpoint); return 0; } -- 2.39.5 (Apple Git-154)

2 weeks, 1 day

1
0
0 0

[PATCH 5.4 000/224] 5.4.301-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.4.301 release. There are 224 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 29 Oct 2025 18:34:15 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.301-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.4.301-rc1 Zhengchao Shao <shaozhengchao(a)huawei.com> net: rtnetlink: fix module reference count leak issue in rtnetlink_rcv_msg Arnd Bergmann <arnd(a)arndb.de> media: s5p-mfc: remove an unused/uninitialized variable Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Fix last write offset handling in layoutcommit Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Minor cleanup in layoutcommit processing Xiao Liang <shaw.leon(a)gmail.com> padata: Reset next CPU when reorder sequence wraps around Eric Biggers <ebiggers(a)kernel.org> KEYS: trusted_tpm1: Compare HMAC values in constant time Chuck Lever <chuck.lever(a)oracle.com> NFSD: Define a proc_layoutcommit for the FlexFiles layout type Jan Kara <jack(a)suse.cz> vfs: Don't leak disconnected dentries on umount Zhang Yi <yi.zhang(a)huawei.com> jbd2: ensure that all ongoing I/O complete before freeing blocks Deepanshu Kartikey <kartikey406(a)gmail.com> ext4: detect invalid INLINE_DATA + EXTENTS flag combination Gui-Dong Han <hanguidong02(a)gmail.com> drm/amdgpu: use atomic functions with memory barriers for vm fault info Theodore Ts'o <tytso(a)mit.edu> ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() Pratyush Yadav <pratyush(a)kernel.org> spi: cadence-quadspi: Flush posted register writes before DAC access Pratyush Yadav <pratyush(a)kernel.org> spi: cadence-quadspi: Flush posted register writes before INDAC access Zhen Ni <zhen.ni(a)easystack.cn> memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe Krzysztof Kozlowski <krzk(a)kernel.org> memory: samsung: exynos-srom: Correct alignment Mark Rutland <mark.rutland(a)arm.com> arm64: errata: Apply workarounds for Neoverse-V3AE Mark Rutland <mark.rutland(a)arm.com> arm64: cputype: Add Neoverse-V3AE definitions Deepanshu Kartikey <kartikey406(a)gmail.com> comedi: fix divide-by-zero in comedi_buf_munge() Alice Ryhl <aliceryhl(a)google.com> binder: remove "invalid inc weak" check Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: dbc: enable back DbC in resume if it was enabled before suspend Tim Guttzeit <t.guttzeit(a)tuxedocomputers.com> usb/core/quirks: Add Huawei ME906S to wakeup quirk LI Qingwu <Qing-wu.Li(a)leica-geosystems.com.cn> USB: serial: option: add Telit FN920C04 ECM compositions Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add Quectel RG255C Renjun Wang <renjunw0(a)foxmail.com> USB: serial: option: add UNISOC UIS7720 Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> net: ravb: Ensure memory write completes before ringing TX doorbell Michal Pecio <michal.pecio(a)gmail.com> net: usb: rtl8150: Fix frame padding Deepanshu Kartikey <kartikey406(a)gmail.com> ocfs2: clear extent cache after moving/defragmenting extents Maciej W. Rozycki <macro(a)orcam.me.uk> MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Revert "cpuidle: menu: Avoid discarding useful information" Tonghao Zhang <tonghao(a)bamaicloud.com> net: bonding: fix possible peer notify event loss or dup issue Alexey Simakov <bigalex934(a)gmail.com> sctp: avoid NULL dereference when chunk data buffer is missing Huang Ying <ying.huang(a)linux.alibaba.com> arm64, mm: avoid always making PTE dirty in pte_mkwrite() Wei Fang <wei.fang(a)nxp.com> net: enetc: correct the value of ENETC_RXB_TRUESIZE Johannes Wiesböck <johannes.wiesboeck(a)aisec.fraunhofer.de> rtnetlink: Allow deleting FDB entries in user namespace Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add NLM_F_BULK support to rtnl_fdb_del Nikolay Aleksandrov <razor(a)blackwall.org> net: add ndo_fdb_del_bulk Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add bulk delete support flag Nikolay Aleksandrov <razor(a)blackwall.org> net: netlink: add NLM_F_BULK delete request modifier Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: use BIT for flag values Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add helper to extract msg type's kind Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add msg kind names Colin Ian King <colin.king(a)canonical.com> net: rtnetlink: remove redundant assignment to variable err Geert Uytterhoeven <geert(a)linux-m68k.org> m68k: bitops: Fix find_*_bit() signatures Yangtao Li <frank.li(a)vivo.com> hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Alexander Aring <aahringo(a)redhat.com> dlm: check for defined force value in dlm_lockspace_release Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() Yang Chenzhi <yang.chenzhi(a)vivo.com> hfs: validate record offset in hfsplus_bmap_alloc Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: make proper initalization of struct hfs_find_data Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: clear offset and space out of valid records in b-tree node Xichao Zhao <zhao.xichao(a)vivo.com> exec: Fix incorrect type for ret Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Randy Dunlap <rdunlap(a)infradead.org> ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Vincent Guittot <vincent.guittot(a)linaro.org> sched/fair: Fix pelt lost idle time detection Ingo Molnar <mingo(a)kernel.org> sched/balancing: Rename newidle_balance() => sched_balance_newidle() Barry Song <song.bao.hua(a)hisilicon.com> sched/fair: Trivial correction of the newidle_balance() comment Chen Yu <yu.c.chen(a)intel.com> sched: Make newidle_balance() static again Sabrina Dubroca <sd(a)queasysnail.net> tls: don't rely on tx_work during send() Sabrina Dubroca <sd(a)queasysnail.net> tls: always set record_type in tls_process_cmsg Alexey Simakov <bigalex934(a)gmail.com> tg3: prevent use of uninitialized remote_adv and local_adv variables Eric Dumazet <edumazet(a)google.com> tcp: fix tcp_tso_should_defer() vs large RTT Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: Avoid spurious link down messages during interface toggle Dmitry Safonov <0x7f454c46(a)gmail.com> net/ip6_tunnel: Prevent perpetual tunnel growth Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: handle dma_map_single() failure properly Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> net: dl2k: switch from 'pci_' to 'dma_' API Thomas Fourier <fourier.thomas(a)gmail.com> media: pci: ivtv: Add missing check after DMA map Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: pci/ivtv: switch from 'pci_' to 'dma_' API Jason Andryuk <jason.andryuk(a)amd.com> xen/events: Update virq_to_irq on migration Ma Ke <make24(a)iscas.ac.cn> media: lirc: Fix error handling in lirc_register() keliu <liuke94(a)huawei.com> media: rc: Directly use ida_free() Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: remove ctx->suspended Anderson Nascimento <anderson(a)allelesecurity.com> btrfs: avoid potential out-of-bounds in btrfs_encode_fh() Jisheng Zhang <jszhang(a)kernel.org> pwm: berlin: Fix wrong register in suspend/resume Thomas Fourier <fourier.thomas(a)gmail.com> media: cx18: Add missing check after DMA map Jason Andryuk <jason.andryuk(a)amd.com> xen/events: Cleanup find_virq() return codes Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> cramfs: Verify inode mode when loading from disk Lichen Liu <lichliu(a)redhat.com> fs: Add 'initramfs_options' to set initramfs mount options gaoxiang17 <gaoxiang17(a)xiaomi.com> pid: Add a judgment for ns null in pid_nr_ns Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> minixfs: Verify inode mode when loading from disk Yuan Chen <chenyuan(a)kylinos.cn> tracing: Fix race condition in kprobe initialization causing NULL pointer dereference Zheng Qixing <zhengqixing(a)huawei.com> dm: fix NULL pointer dereference in __dm_suspend() Hans de Goede <hansg(a)kernel.org> mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type Hans de Goede <hdegoede(a)redhat.com> mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value Phillip Lougher <phillip(a)squashfs.org.uk> Squashfs: reject negative file sizes in squashfs_read_inode() Phillip Lougher <phillip(a)squashfs.org.uk> Squashfs: add additional inode sanity checking Edward Adam Davis <eadavis(a)qq.com> media: mc: Clear minor number before put device Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() Larshin Sergey <Sergey.Larshin(a)kaspersky.com> fs: udf: fix OOB read in lengthAllocDescs handling Sean Christopherson <seanjc(a)google.com> KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O Nalivayko Sergey <Sergey.Nalivayko(a)kaspersky.com> net/9p: fix double req put in p9_fd_cancelled Ahmet Eray Karadag <eraykrdg1(a)gmail.com> ext4: guard against EA inode refcount underflow in xattr update Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: correctly handle queries for metadata mappings Yongjian Sun <sunyongjian1(a)huawei.com> ext4: increase i_disksize to offset + len in ext4_update_disksize_before_punch() Olga Kornievskaia <okorniev(a)redhat.com> nfsd: nfserr_jukebox in nlm_fopen should lead to a retry Sean Christopherson <seanjc(a)google.com> x86/umip: Fix decoding of register forms of 0F 01 (SGDT and SIDT aliases) Sean Christopherson <seanjc(a)google.com> x86/umip: Check that the instruction opcode is at least two bytes Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit Niklas Schnelle <schnelle(a)linux.ibm.com> PCI/AER: Fix missing uevent on recovery when a reset is requested Niklas Schnelle <schnelle(a)linux.ibm.com> PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Sean Christopherson <seanjc(a)google.com> rseq/selftests: Use weak symbol reference, not definition, to link with glibc Esben Haabendal <esben(a)geanix.com> rtc: interface: Fix long-standing race when setting alarm Esben Haabendal <esben(a)geanix.com> rtc: interface: Ensure alarm irq is enabled when UIE is enabled Rex Chen <rex.chen_1(a)nxp.com> mmc: core: SPI mode remove cmd7 Linus Walleij <linus.walleij(a)linaro.org> mtd: rawnand: fsmc: Default to autodetect buswidth Ma Ke <make24(a)iscas.ac.cn> sparc: fix error handling in scan_one_device() Anthony Yznaga <anthony.yznaga(a)oracle.com> sparc64: fix hugetlb for sun4u Eric Biggers <ebiggers(a)kernel.org> sctp: Fix MAC comparison to be constant-time Thorsten Blum <thorsten.blum(a)linux.dev> scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() Sam James <sam(a)gentoo.org> parisc: don't reference obsolete termio struct for TC* constants Johan Hovold <johan(a)kernel.org> lib/genalloc: fix device leak in of_gen_pool_get() Michael Hennerich <michael.hennerich(a)analog.com> iio: frequency: adf4350: Fix prescaler usage. Qianfeng Rong <rongqianfeng(a)vivo.com> iio: dac: ad5421: use int type to store negative error codes Qianfeng Rong <rongqianfeng(a)vivo.com> iio: dac: ad5360: use int type to store negative error codes Thomas Fourier <fourier.thomas(a)gmail.com> crypto: atmel - Fix dma_unmap_sg() direction Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() Shuhao Fu <sfual(a)cse.ust.hk> drm/nouveau: fix bad ret code in nouveau_bo_move_prep Qianfeng Rong <rongqianfeng(a)vivo.com> media: i2c: mt9v111: fix incorrect type for ret Johan Hovold <johan(a)kernel.org> firmware: meson_sm: fix device leak at probe Lukas Wunner <lukas(a)wunner.de> xen/manage: Fix suspend error path Stephan Gerhold <stephan.gerhold(a)linaro.org> arm64: dts: qcom: msm8916: Add missing MDSS reset Amir Mohammad Jahangirzad <a.jahangirzad(a)gmail.com> ACPI: debug: fix signedness issues in read/write helpers Daniel Tang <danielzgtg.opensource(a)gmail.com> ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT Gunnar Kudrjavets <gunnarku(a)amazon.com> tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single Lino Sanfilippo <l.sanfilippo(a)kunbus.com> tpm, tpm_tis: Claim locality before writing interrupt registers Herbert Xu <herbert(a)gondor.apana.org.au> crypto: essiv - Check ssize for decryption and in-place encryption Harini T <harini.t(a)amd.com> mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes Harini T <harini.t(a)amd.com> mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call Leo Yan <leo.yan(a)arm.com> tools build: Align warning options with perf Erick Karanja <karanja99erick(a)gmail.com> net: fsl_pq_mdio: Fix device node reference leak in fsl_pq_mdio_probe Kuniyuki Iwashima <kuniyu(a)google.com> tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). Alexandr Sapozhnikov <alsp705(a)gmail.com> net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Fix Use-after-free in validation Dan Carpenter <dan.carpenter(a)linaro.org> net/mlx4: prevent potential use after free in mlx4_en_do_uc_filter() Duoming Zhou <duoming(a)zju.edu.cn> scsi: mvsas: Fix use-after-free bugs in mvs_work_queue John Garry <john.garry(a)huawei.com> scsi: mvsas: Use sas_task_find_rq() for tagging John Garry <john.garry(a)huawei.com> scsi: mvsas: Delete mvs_tag_init() John Garry <john.garry(a)huawei.com> scsi: libsas: Add sas_task_find_rq() Alok Tiwari <alok.a.tiwari(a)oracle.com> clk: nxp: Fix pll0 rate check condition in LPC18xx CGU driver Brian Masney <bmasney(a)redhat.com> clk: nxp: lpc18xx-cgu: convert from round_rate() to determine_rate() Leo Yan <leo.yan(a)arm.com> perf session: Fix handling when buffer exceeds 2 GiB Rob Herring (Arm) <robh(a)kernel.org> rtc: x1205: Fix Xicor X1205 vendor prefix Yunseong Kim <ysk(a)kzalloc.com> perf util: Fix compression checks returning -1 as bool Michael Hennerich <michael.hennerich(a)analog.com> iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE Zhen Ni <zhen.ni(a)easystack.cn> clocksource/drivers/clps711x: Fix resource leaks in error paths Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> pinctrl: check the return value of pinmux_ops::get_function_name() Zhen Ni <zhen.ni(a)easystack.cn> Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak Yang Shi <yang(a)os.amperecomputing.com> mm: hugetlb: avoid soft lockup when mprotect to large memory area Naman Jain <namjain(a)linux.microsoft.com> uio_hv_generic: Let userspace take care of interrupt mask Phillip Lougher <phillip(a)squashfs.org.uk> Squashfs: fix uninit-value in squashfs_get_parent Jakub Kicinski <kuba(a)kernel.org> Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set" Kohei Enju <enjuk(a)amazon.com> net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable Kohei Enju <enjuk(a)amazon.com> nfp: fix RSS hash key size when RSS is not supported Donet Tom <donettom(a)linux.ibm.com> drivers/base/node: fix double free in register_one_node() Dan Carpenter <dan.carpenter(a)linaro.org> ocfs2: fix double free in user_cluster_connect() I Viswanath <viswanathiyyappan(a)gmail.com> net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast Bernard Metzler <bernard.metzler(a)linux.dev> RDMA/siw: Always report immediate post SQ errors Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> usb: vhci-hcd: Prevent suspending virtually attached devices Ranjan Kumar <ranjan.kumar(a)broadcom.com> scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() Slavin Liu <slavin452(a)gmail.com> ipvs: Defer ip_vs_ftp unregister during netns cleanup Anthony Iliopoulos <ailiop(a)suse.com> NFSv4.1: fix backchannel max_resp_sz verification check Stephan Gerhold <stephan.gerhold(a)linaro.org> remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from,to}_user for M7 Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_to_user for Niagara 4 Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC Baochen Qiang <baochen.qiang(a)oss.qualcomm.com> wifi: ath10k: avoid unnecessary wait for service ready message Vlad Dumitrescu <vdumitrescu(a)nvidia.com> IB/sa: Fix sa_local_svc_timeout_ms read race Parav Pandit <parav(a)nvidia.com> RDMA/core: Resolve MAC of next-hop device without ARP support Abdun Nihaal <abdun.nihaal(a)gmail.com> wifi: mt76: fix potential memory leak in mt76_wmac_probe() Donet Tom <donettom(a)linux.ibm.com> drivers/base/node: handle error properly in register_one_node() Christophe Leroy <christophe.leroy(a)csgroup.eu> watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog Zhen Ni <zhen.ni(a)easystack.cn> netfilter: ipset: Remove unused htable_bits in macro ahash_region Hans de Goede <hansg(a)kernel.org> iio: consumers: Fix offset handling in iio_convert_raw_to_processed() Takashi Iwai <tiwai(a)suse.de> ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping Takashi Iwai <tiwai(a)suse.de> ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping Takashi Iwai <tiwai(a)suse.de> ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping Wang Liang <wangliang74(a)huawei.com> pps: fix warning in pps_register_cdev when register device fail Colin Ian King <colin.i.king(a)gmail.com> misc: genwqe: Fix incorrect cmd field being reported in error William Wu <william.wu(a)rock-chips.com> usb: gadget: configfs: Correctly set use_os_string at bind Xichao Zhao <zhao.xichao(a)vivo.com> usb: phy: twl6030: Fix incorrect type for ret Eric Dumazet <edumazet(a)google.com> tcp: fix __tcp_close() to only send RST when required Alok Tiwari <alok.a.tiwari(a)oracle.com> PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation Stefan Kerkmann <s.kerkmann(a)pengutronix.de> wifi: mwifiex: send world regulatory domain to driver Qianfeng Rong <rongqianfeng(a)vivo.com> ALSA: lx_core: use int type to store negative error codes Zhang Shurong <zhang_shurong(a)foxmail.com> media: rj54n1cb0c: Fix memleak in rj54n1_probe() Thomas Fourier <fourier.thomas(a)gmail.com> scsi: myrs: Fix dma_alloc_coherent() error check Niklas Cassel <cassel(a)kernel.org> scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Dan Carpenter <dan.carpenter(a)linaro.org> serial: max310x: Add error checking in probe() Dan Carpenter <dan.carpenter(a)linaro.org> usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup Brahmajit Das <listout(a)listout.xyz> drm/radeon/r600_cs: clean up of dead code in r600_cs Kunihiko Hayashi <hayashi.kunihiko(a)socionext.com> i2c: designware: Add disabling clocks when probe fails Leilk.Liu <leilk.liu(a)mediatek.com> i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD Paul Chaignon <paul.chaignon(a)gmail.com> bpf: Explicitly check accesses to bpf_sock_addr Akhilesh Patil <akhilesh(a)ee.iitb.ac.in> selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: tiehrpwm: Fix corner case in clock divisor calculation Qianfeng Rong <rongqianfeng(a)vivo.com> block: use int to store blk_stack_limits() return value Li Nan <linan122(a)huawei.com> blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx Da Xue <da(a)libre.computer> pinctrl: meson-gxl: add missing i2c_d pinmux Sneh Mankad <sneh.mankad(a)oss.qualcomm.com> soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS Huisong Li <lihuisong(a)huawei.com> ACPI: processor: idle: Fix memory leak when register cpuidle device failed Geert Uytterhoeven <geert+renesas(a)glider.be> regmap: Remove superfluous check for !config in __regmap_init() Uros Bizjak <ubizjak(a)gmail.com> x86/vdso: Fix output operand size of RDPID Leo Yan <leo.yan(a)arm.com> perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> driver core/PM: Set power.no_callbacks along with power.no_pm Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: flush RX FIFO on read errors Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: fix maximum TX packet length check hupu <hupu.gm(a)gmail.com> perf subcmd: avoid crash in exclude_cmds when excludes is empty Mikulas Patocka <mpatocka(a)redhat.com> dm-integrity: limit MAX_TAG_SIZE to 255 Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 Xiaowei Li <xiaowei.li(a)simcom.com> USB: serial: option: add SIMCom 8230C compositions Larshin Sergey <Sergey.Larshin(a)kaspersky.com> media: rc: fix races with imon_disconnect() Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> media: imon: grab lock earlier in imon_ir_change_protocol() Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> media: imon: reorganize serialization Flavius Georgescu <pretoriano.mp(a)gmail.com> media: rc: Add support for another iMON 0xffdc device Duoming Zhou <duoming(a)zju.edu.cn> media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe Duoming Zhou <duoming(a)zju.edu.cn> media: tuner: xc5000: Fix use-after-free in xc5000_release Ricardo Ribalda <ribalda(a)chromium.org> media: tunner: xc5000: Refactor firmware load Kuniyuki Iwashima <kuniyu(a)amazon.com> udp: Fix memory accounting leak. Duoming Zhou <duoming(a)zju.edu.cn> media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove Wang Haoran <haoranwangsec(a)gmail.com> scsi: target: target_core_configfs: Add length check to avoid buffer overflow ------------- Diffstat: Documentation/admin-guide/kernel-parameters.txt | 3 + Documentation/arm64/silicon-errata.rst | 2 + Makefile | 4 +- arch/arm64/Kconfig | 1 + arch/arm64/boot/dts/qcom/msm8916.dtsi | 2 + arch/arm64/include/asm/cputype.h | 2 + arch/arm64/include/asm/pgtable.h | 3 +- arch/arm64/kernel/cpu_errata.c | 1 + arch/m68k/include/asm/bitops.h | 25 +-- arch/mips/mti-malta/malta-setup.c | 2 +- arch/parisc/include/uapi/asm/ioctls.h | 8 +- arch/sparc/kernel/of_device_32.c | 1 + arch/sparc/kernel/of_device_64.c | 1 + arch/sparc/lib/M7memcpy.S | 20 +-- arch/sparc/lib/Memcpy_utils.S | 9 + arch/sparc/lib/NG4memcpy.S | 2 +- arch/sparc/lib/NGmemcpy.S | 29 ++-- arch/sparc/lib/U1memcpy.S | 19 ++- arch/sparc/lib/U3memcpy.S | 2 +- arch/sparc/mm/hugetlbpage.c | 20 +++ arch/x86/include/asm/kvm_emulate.h | 2 +- arch/x86/include/asm/segment.h | 8 +- arch/x86/kernel/umip.c | 15 +- arch/x86/kvm/emulate.c | 10 +- arch/x86/kvm/x86.c | 9 +- block/blk-mq-sysfs.c | 6 +- block/blk-settings.c | 3 +- crypto/essiv.c | 14 +- drivers/acpi/acpi_dbg.c | 26 +-- drivers/acpi/acpi_tad.c | 3 + drivers/acpi/processor_idle.c | 3 + drivers/android/binder.c | 11 +- drivers/base/node.c | 4 + drivers/base/regmap/regmap.c | 2 +- drivers/char/tpm/tpm_tis_core.c | 26 +-- drivers/clk/nxp/clk-lpc18xx-cgu.c | 20 ++- drivers/clocksource/clps711x-timer.c | 23 ++- drivers/cpufreq/intel_pstate.c | 8 +- drivers/cpuidle/governors/menu.c | 21 +-- drivers/crypto/atmel-tdes.c | 2 +- drivers/firmware/meson/meson_sm.c | 7 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 +- drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 +- drivers/gpu/drm/exynos/exynos7_drm_decon.c | 36 ---- drivers/gpu/drm/nouveau/nouveau_bo.c | 2 +- drivers/gpu/drm/radeon/r600_cs.c | 4 +- drivers/gpu/drm/vmwgfx/vmwgfx_validation.c | 4 +- drivers/i2c/busses/i2c-designware-platdrv.c | 1 + drivers/i2c/busses/i2c-mt65xx.c | 17 +- drivers/iio/dac/ad5360.c | 2 +- drivers/iio/dac/ad5421.c | 2 +- drivers/iio/frequency/adf4350.c | 20 ++- drivers/iio/inkern.c | 2 +- drivers/infiniband/core/addr.c | 10 +- drivers/infiniband/core/sa_query.c | 6 +- drivers/infiniband/sw/siw/siw_verbs.c | 25 +-- drivers/input/misc/uinput.c | 1 + drivers/mailbox/zynqmp-ipi-mailbox.c | 7 +- drivers/md/dm-integrity.c | 2 +- drivers/md/dm.c | 7 +- drivers/media/i2c/mt9v111.c | 2 +- drivers/media/i2c/rj54n1cb0c.c | 9 +- drivers/media/i2c/tc358743.c | 4 +- drivers/media/mc/mc-devnode.c | 6 +- drivers/media/pci/b2c2/flexcop-pci.c | 2 +- drivers/media/pci/cx18/cx18-queue.c | 12 +- drivers/media/pci/ivtv/ivtv-driver.c | 2 +- drivers/media/pci/ivtv/ivtv-irq.c | 2 +- drivers/media/pci/ivtv/ivtv-queue.c | 18 +- drivers/media/pci/ivtv/ivtv-streams.c | 22 +-- drivers/media/pci/ivtv/ivtv-udma.c | 19 ++- drivers/media/pci/ivtv/ivtv-yuv.c | 18 +- drivers/media/platform/s5p-mfc/s5p_mfc_cmd_v6.c | 35 ++-- drivers/media/rc/imon.c | 189 +++++++++++++-------- drivers/media/rc/lirc_dev.c | 15 +- drivers/media/rc/rc-main.c | 6 +- drivers/media/tuners/xc5000.c | 41 ++--- drivers/memory/samsung/exynos-srom.c | 32 ++-- drivers/mfd/intel_soc_pmic_chtdc_ti.c | 5 +- drivers/mfd/vexpress-sysreg.c | 6 +- drivers/misc/genwqe/card_ddcb.c | 2 +- drivers/mmc/core/sdio.c | 6 +- drivers/mtd/nand/raw/fsmc_nand.c | 6 +- drivers/mtd/spi-nor/cadence-quadspi.c | 5 + drivers/net/bonding/bond_main.c | 40 ++--- drivers/net/ethernet/amazon/ena/ena_ethtool.c | 5 +- drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 - drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 + drivers/net/ethernet/broadcom/tg3.c | 5 +- drivers/net/ethernet/dlink/dl2k.c | 99 ++++++----- drivers/net/ethernet/freescale/enetc/enetc.h | 2 +- drivers/net/ethernet/freescale/fsl_pq_mdio.c | 2 + drivers/net/ethernet/mellanox/mlx4/en_netdev.c | 2 +- .../ethernet/mellanox/mlx5/core/en/port_buffer.h | 12 -- drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 17 +- .../net/ethernet/netronome/nfp/nfp_net_ethtool.c | 2 +- drivers/net/ethernet/renesas/ravb_main.c | 8 + drivers/net/usb/rtl8150.c | 13 +- drivers/net/wireless/ath/ath10k/wmi.c | 39 +++-- drivers/net/wireless/marvell/mwifiex/cfg80211.c | 7 +- drivers/net/wireless/mediatek/mt76/mt7603/soc.c | 2 +- .../net/wireless/realtek/rtlwifi/rtl8192cu/sw.c | 1 - drivers/pci/controller/dwc/pci-keystone.c | 4 +- drivers/pci/controller/pci-tegra.c | 2 +- drivers/pci/iov.c | 5 + drivers/pci/pci-driver.c | 1 + drivers/perf/arm_spe_pmu.c | 3 +- drivers/pinctrl/meson/pinctrl-meson-gxl.c | 10 ++ drivers/pinctrl/pinmux.c | 2 +- drivers/pps/kapi.c | 5 +- drivers/pps/pps.c | 5 +- drivers/pwm/pwm-berlin.c | 4 +- drivers/pwm/pwm-tiehrpwm.c | 4 +- drivers/remoteproc/qcom_q6v5.c | 3 - drivers/rtc/interface.c | 27 +++ drivers/rtc/rtc-x1205.c | 2 +- drivers/scsi/hpsa.c | 21 ++- drivers/scsi/mpt3sas/mpt3sas_transport.c | 8 +- drivers/scsi/mvsas/mv_defs.h | 1 + drivers/scsi/mvsas/mv_init.c | 13 +- drivers/scsi/mvsas/mv_sas.c | 42 ++--- drivers/scsi/mvsas/mv_sas.h | 8 +- drivers/scsi/myrs.c | 8 +- drivers/scsi/pm8001/pm8001_sas.c | 9 +- drivers/soc/qcom/rpmh-rsc.c | 7 +- drivers/staging/axis-fifo/axis-fifo.c | 32 ++-- drivers/staging/comedi/comedi_buf.c | 2 +- drivers/target/target_core_configfs.c | 2 +- drivers/tty/serial/max310x.c | 2 + drivers/uio/uio_hv_generic.c | 7 +- drivers/usb/core/quirks.c | 2 + drivers/usb/gadget/configfs.c | 2 + drivers/usb/host/max3421-hcd.c | 2 +- drivers/usb/host/xhci-dbgcap.c | 9 +- drivers/usb/phy/phy-twl6030-usb.c | 3 +- drivers/usb/serial/option.c | 16 ++ drivers/usb/usbip/vhci_hcd.c | 22 +++ drivers/watchdog/mpc8xxx_wdt.c | 2 + drivers/xen/events/events_base.c | 25 ++- drivers/xen/manage.c | 3 +- fs/btrfs/export.c | 8 +- fs/cramfs/inode.c | 11 +- fs/dcache.c | 2 + fs/dlm/lockspace.c | 2 +- fs/exec.c | 2 +- fs/ext4/fsmap.c | 14 +- fs/ext4/inode.c | 18 +- fs/ext4/super.c | 10 +- fs/ext4/xattr.c | 15 +- fs/hfs/bfind.c | 8 +- fs/hfs/brec.c | 27 ++- fs/hfs/mdb.c | 2 +- fs/hfsplus/bfind.c | 8 +- fs/hfsplus/bnode.c | 41 ----- fs/hfsplus/btree.c | 6 + fs/hfsplus/hfsplus_fs.h | 42 +++++ fs/hfsplus/super.c | 25 ++- fs/hfsplus/unicode.c | 24 +++ fs/jbd2/transaction.c | 13 +- fs/minix/inode.c | 8 +- fs/namespace.c | 11 +- fs/nfs/nfs4proc.c | 2 +- fs/nfsd/blocklayout.c | 5 +- fs/nfsd/flexfilelayout.c | 8 + fs/nfsd/lockd.c | 15 ++ fs/nfsd/nfs4proc.c | 34 ++-- fs/ocfs2/move_extents.c | 5 + fs/ocfs2/stack_user.c | 1 + fs/squashfs/inode.c | 31 +++- fs/squashfs/squashfs_fs_i.h | 2 +- fs/udf/inode.c | 3 + include/linux/device.h | 3 + include/linux/iio/frequency/adf4350.h | 2 +- include/linux/netdevice.h | 9 + include/net/ip_tunnels.h | 15 ++ include/net/rtnetlink.h | 16 +- include/scsi/libsas.h | 18 ++ include/uapi/linux/netlink.h | 1 + kernel/padata.c | 6 +- kernel/pid.c | 2 +- kernel/sched/fair.c | 38 +++-- kernel/sched/sched.h | 4 - kernel/trace/trace_kprobe.c | 11 +- kernel/trace/trace_probe.h | 9 +- kernel/trace/trace_uprobe.c | 12 +- lib/genalloc.c | 5 +- mm/hugetlb.c | 2 + net/9p/trans_fd.c | 8 +- net/core/filter.c | 16 +- net/core/rtnetlink.c | 89 +++++++--- net/ipv4/ip_tunnel.c | 14 -- net/ipv4/tcp.c | 9 +- net/ipv4/tcp_input.c | 1 - net/ipv4/tcp_output.c | 19 ++- net/ipv4/udp.c | 16 +- net/ipv6/ip6_tunnel.c | 3 +- net/netfilter/ipset/ip_set_hash_gen.h | 8 +- net/netfilter/ipvs/ip_vs_ftp.c | 4 +- net/sctp/inqueue.c | 13 +- net/sctp/sm_make_chunk.c | 3 +- net/sctp/sm_statefuns.c | 6 +- net/tls/tls_main.c | 7 +- net/tls/tls_sw.c | 13 ++ security/keys/trusted.c | 7 +- sound/firewire/amdtp-stream.h | 2 +- sound/pci/lx6464es/lx_core.c | 4 +- sound/soc/intel/boards/bytcht_es8316.c | 20 ++- sound/soc/intel/boards/bytcr_rt5640.c | 7 +- sound/soc/intel/boards/bytcr_rt5651.c | 26 ++- tools/build/feature/Makefile | 4 +- tools/lib/subcmd/help.c | 3 + tools/perf/util/lzma.c | 2 +- tools/perf/util/session.c | 2 +- tools/perf/util/zlib.c | 2 +- tools/testing/selftests/rseq/rseq.c | 8 +- tools/testing/selftests/watchdog/watchdog-test.c | 6 + 217 files changed, 1530 insertions(+), 941 deletions(-)

2 weeks, 1 day

9
233
0 0

[PATCH 5.10 000/325] 5.10.246-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.10.246 release. There are 325 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 30 Oct 2025 09:28:09 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.246-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.10.246-rc2 Li Jinlin <lijinlin3(a)huawei.com> fsdax: Fix infinite loop in dax_iomap_rw() Zhengchao Shao <shaozhengchao(a)huawei.com> net: rtnetlink: fix module reference count leak issue in rtnetlink_rcv_msg Kaushlendra Kumar <kaushlendra.kumar(a)intel.com> arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Darrick J. Wong <djwong(a)kernel.org> fuse: fix livelock in synchronous file put from fuseblk workers Chuck Lever <chuck.lever(a)oracle.com> NFSD: Define a proc_layoutcommit for the FlexFiles layout type Jan Kara <jack(a)suse.cz> vfs: Don't leak disconnected dentries on umount Gui-Dong Han <hanguidong02(a)gmail.com> drm/amdgpu: use atomic functions with memory barriers for vm fault info Pratyush Yadav <pratyush(a)kernel.org> spi: cadence-quadspi: Flush posted register writes before DAC access Theodore Ts'o <tytso(a)mit.edu> ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() Brian Norris <briannorris(a)google.com> PCI/sysfs: Ensure devices are powered for config reads Krzysztof Wilczyński <kw(a)linux.com> PCI/sysfs: Use sysfs_emit() and sysfs_emit_at() in "show" functions Maximilian Luz <luzmaximilian(a)gmail.com> PCI: Add sysfs attribute for device power state Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: j721e: Fix programming sequence of "strap" settings Muhammad Usama Anjum <usama.anjum(a)collabora.com> wifi: ath11k: HAL SRNG: don't deinitialize and re-initialize again Vidya Sagar <vidyas(a)nvidia.com> PCI: tegra194: Handle errors in BPMP response Thomas Fourier <fourier.thomas(a)gmail.com> crypto: rockchip - Fix dma_unmap_sg() nents value Eric Biggers <ebiggers(a)kernel.org> KEYS: trusted_tpm1: Compare HMAC values in constant time Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Fix last write offset handling in layoutcommit Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Minor cleanup in layoutcommit processing Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Rework encoding and decoding of nfsd4_deviceid Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Simplify pm_runtime setup Bence Csókás <csokas.bence(a)prolan.hu> PM: runtime: Add new devm functions Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Avoid configuring if already pm_runtime suspended David Lechner <dlechner(a)baylibre.com> iio: imu: inv_icm42600: use = { } instead of memset() Xiao Liang <shaw.leon(a)gmail.com> padata: Reset next CPU when reorder sequence wraps around Arnd Bergmann <arnd(a)arndb.de> media: s5p-mfc: remove an unused/uninitialized variable Stefano Garzarella <sgarzare(a)redhat.com> vsock: fix lock inversion in vsock_assign_transport() Mark Rutland <mark.rutland(a)arm.com> arm64: errata: Apply workarounds for Neoverse-V3AE Mark Rutland <mark.rutland(a)arm.com> arm64: cputype: Add Neoverse-V3AE definitions Florian Eckert <fe(a)dev.tdt.de> serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 Victoria Votokina <Victoria.Votokina(a)kaspersky.com> most: usb: hdm_probe: Fix calling put_device() before device initialization Victoria Votokina <Victoria.Votokina(a)kaspersky.com> most: usb: Fix use-after-free in hdm_disconnect Alexander Usyskin <alexander.usyskin(a)intel.com> mei: me: add wildcat lake P DID Deepanshu Kartikey <kartikey406(a)gmail.com> comedi: fix divide-by-zero in comedi_buf_munge() Alice Ryhl <aliceryhl(a)google.com> binder: remove "invalid inc weak" check Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: dbc: enable back DbC in resume if it was enabled before suspend Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: do not limit transfer length Tim Guttzeit <t.guttzeit(a)tuxedocomputers.com> usb/core/quirks: Add Huawei ME906S to wakeup quirk LI Qingwu <Qing-wu.Li(a)leica-geosystems.com.cn> USB: serial: option: add Telit FN920C04 ECM compositions Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add Quectel RG255C Renjun Wang <renjunw0(a)foxmail.com> USB: serial: option: add UNISOC UIS7720 Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> net: ravb: Ensure memory write completes before ringing TX doorbell Michal Pecio <michal.pecio(a)gmail.com> net: usb: rtl8150: Fix frame padding Deepanshu Kartikey <kartikey406(a)gmail.com> ocfs2: clear extent cache after moving/defragmenting extents Maciej W. Rozycki <macro(a)orcam.me.uk> MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Revert "cpuidle: menu: Avoid discarding useful information" Tonghao Zhang <tonghao(a)bamaicloud.com> net: bonding: fix possible peer notify event loss or dup issue Alexey Simakov <bigalex934(a)gmail.com> sctp: avoid NULL dereference when chunk data buffer is missing Huang Ying <ying.huang(a)linux.alibaba.com> arm64, mm: avoid always making PTE dirty in pte_mkwrite() Ioana Ciornei <ioana.ciornei(a)nxp.com> dpaa2-eth: fix the pointer passed to PTR_ALIGN on Tx path Wei Fang <wei.fang(a)nxp.com> net: enetc: correct the value of ENETC_RXB_TRUESIZE Johannes Wiesböck <johannes.wiesboeck(a)aisec.fraunhofer.de> rtnetlink: Allow deleting FDB entries in user namespace Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add NLM_F_BULK support to rtnl_fdb_del Nikolay Aleksandrov <razor(a)blackwall.org> net: add ndo_fdb_del_bulk Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add bulk delete support flag Nikolay Aleksandrov <razor(a)blackwall.org> net: netlink: add NLM_F_BULK delete request modifier Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: use BIT for flag values Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add helper to extract msg type's kind Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add msg kind names Geert Uytterhoeven <geert(a)linux-m68k.org> m68k: bitops: Fix find_*_bit() signatures Yangtao Li <frank.li(a)vivo.com> hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Alexander Aring <aahringo(a)redhat.com> dlm: check for defined force value in dlm_lockspace_release Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() Yang Chenzhi <yang.chenzhi(a)vivo.com> hfs: validate record offset in hfsplus_bmap_alloc Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: make proper initalization of struct hfs_find_data Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: clear offset and space out of valid records in b-tree node Xichao Zhao <zhao.xichao(a)vivo.com> exec: Fix incorrect type for ret Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Randy Dunlap <rdunlap(a)infradead.org> ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Vincent Guittot <vincent.guittot(a)linaro.org> sched/fair: Fix pelt lost idle time detection Ingo Molnar <mingo(a)kernel.org> sched/balancing: Rename newidle_balance() => sched_balance_newidle() Barry Song <song.bao.hua(a)hisilicon.com> sched/fair: Trivial correction of the newidle_balance() comment Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/powerplay: Fix CIK shutdown temperature I Viswanath <viswanathiyyappan(a)gmail.com> net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Oleksij Rempel <linux(a)rempel-privat.de> net: usb: lan78xx: Add error handling to lan78xx_init_mac_address Jakub Kicinski <kuba(a)kernel.org> net: usb: use eth_hw_addr_set() instead of ether_addr_copy() Sabrina Dubroca <sd(a)queasysnail.net> tls: don't rely on tx_work during send() Sabrina Dubroca <sd(a)queasysnail.net> tls: always set record_type in tls_process_cmsg Alexey Simakov <bigalex934(a)gmail.com> tg3: prevent use of uninitialized remote_adv and local_adv variables Eric Dumazet <edumazet(a)google.com> tcp: fix tcp_tso_should_defer() vs large RTT Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: Avoid spurious link down messages during interface toggle Dmitry Safonov <0x7f454c46(a)gmail.com> net/ip6_tunnel: Prevent perpetual tunnel growth Linmao Li <lilinmao(a)kylinos.cn> r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: handle dma_map_single() failure properly Yuezhang Mo <Yuezhang.Mo(a)sony.com> dax: skip read lock assertion for read-only filesystems Christoph Hellwig <hch(a)lst.de> fsdax: switch dax_iomap_rw to use iomap_iter Christoph Hellwig <hch(a)lst.de> iomap: add the new iomap_iter model Benjamin Tissoires <bentiss(a)kernel.org> HID: multitouch: fix sticky fingers Jason Andryuk <jason.andryuk(a)amd.com> xen/events: Update virq_to_irq on migration Ma Ke <make24(a)iscas.ac.cn> media: lirc: Fix error handling in lirc_register() keliu <liuke94(a)huawei.com> media: rc: Directly use ida_free() Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: remove ctx->suspended Adam Xue <zxue(a)semtech.com> bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() Anderson Nascimento <anderson(a)allelesecurity.com> btrfs: avoid potential out-of-bounds in btrfs_encode_fh() Yu Kuai <yukuai3(a)huawei.com> blk-crypto: fix missing blktrace bio split events Jisheng Zhang <jszhang(a)kernel.org> pwm: berlin: Fix wrong register in suspend/resume Deepanshu Kartikey <kartikey406(a)gmail.com> ext4: detect invalid INLINE_DATA + EXTENTS flag combination Zhang Yi <yi.zhang(a)huawei.com> jbd2: ensure that all ongoing I/O complete before freeing blocks Jason A. Donenfeld <Jason(a)zx2c4.com> wifi: rt2x00: use explicitly signed or unsigned types Dan Carpenter <dan.carpenter(a)linaro.org> mm/slab: make __free(kfree) accept error pointers Mikhail Kobuk <m.kobuk(a)ispras.ru> media: pci: ivtv: Add check for DMA map result Thomas Fourier <fourier.thomas(a)gmail.com> media: cx18: Add missing check after DMA map Thomas Fourier <fourier.thomas(a)gmail.com> media: pci: ivtv: Add missing check after DMA map Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: pci/ivtv: switch from 'pci_' to 'dma_' API David Laight <David.Laight(a)ACULAB.COM> minmax.h: remove some #defines that are only expanded once David Laight <David.Laight(a)ACULAB.COM> minmax.h: simplify the variants of clamp() David Laight <David.Laight(a)ACULAB.COM> minmax.h: move all the clamp() definitions after the min/max() ones David Laight <David.Laight(a)ACULAB.COM> minmax.h: use BUILD_BUG_ON_MSG() for the lo < hi test in clamp() David Laight <David.Laight(a)ACULAB.COM> minmax.h: reduce the #define expansion of min(), max() and clamp() David Laight <David.Laight(a)ACULAB.COM> minmax.h: update some comments David Laight <David.Laight(a)ACULAB.COM> minmax.h: add whitespace around operators and after commas Linus Torvalds <torvalds(a)linux-foundation.org> minmax: fix up min3() and max3() too Linus Torvalds <torvalds(a)linux-foundation.org> minmax: improve macro expansion and type checking Linus Torvalds <torvalds(a)linux-foundation.org> minmax: simplify min()/max()/clamp() implementation Linus Torvalds <torvalds(a)linux-foundation.org> minmax: don't use max() in situations that want a C constant expression Linus Torvalds <torvalds(a)linux-foundation.org> minmax: make generic MIN() and MAX() macros available everywhere Linus Torvalds <torvalds(a)linux-foundation.org> minmax: simplify and clarify min_t()/max_t() implementation Linus Torvalds <torvalds(a)linux-foundation.org> minmax: add a few more MIN_T/MAX_T users Linus Torvalds <torvalds(a)linux-foundation.org> minmax: avoid overly complicated constant expressions in VM code David Laight <David.Laight(a)ACULAB.COM> minmax: relax check to allow comparison between unsigned arguments and signed constants David Laight <David.Laight(a)ACULAB.COM> minmax: allow comparisons of 'int' against 'unsigned char/short' David Laight <David.Laight(a)ACULAB.COM> minmax: fix indentation of __cmp_once() and __clamp_once() David Laight <David.Laight(a)ACULAB.COM> minmax: allow min()/max()/clamp() if the arguments have the same signedness. Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> minmax: fix header inclusions Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> minmax: deduplicate __unconst_integer_typeof() Herve Codina <herve.codina(a)bootlin.com> minmax: Introduce {min,max}_array() Matthew Wilcox (Oracle) <willy(a)infradead.org> minmax: add in_range() macro Jason A. Donenfeld <Jason(a)zx2c4.com> minmax: clamp more efficiently by avoiding extra comparison Jason A. Donenfeld <Jason(a)zx2c4.com> minmax: sanity check constant bounds when clamping Johannes Thumshirn <johannes.thumshirn(a)wdc.com> btrfs: remove duplicated in_range() macro Bart Van Assche <bvanassche(a)acm.org> overflow, tracing: Define the is_signed_type() macro once Catalin Marinas <catalin.marinas(a)arm.com> arm64: mte: Do not flag the zero page as PG_mte_tagged Aleksa Sarai <cyphar(a)cyphar.com> fscontext: do not consume log entries when returning -EMSGSIZE Peter Zijlstra <peterz(a)infradead.org> locking: Introduce __cleanup() based infrastructure Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> cramfs: Verify inode mode when loading from disk Lichen Liu <lichliu(a)redhat.com> fs: Add 'initramfs_options' to set initramfs mount options gaoxiang17 <gaoxiang17(a)xiaomi.com> pid: Add a judgment for ns null in pid_nr_ns Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> minixfs: Verify inode mode when loading from disk Nalivayko Sergey <Sergey.Nalivayko(a)kaspersky.com> net/9p: fix double req put in p9_fd_cancelled Sean Christopherson <seanjc(a)google.com> KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O Ma Ke <make24(a)iscas.ac.cn> ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ASoC: codecs: wcd934x: Simplify with dev_err_probe Larshin Sergey <Sergey.Larshin(a)kaspersky.com> fs: udf: fix OOB read in lengthAllocDescs handling Gianfranco Trad <gianf.trad(a)gmail.com> udf: fix uninit-value use in udf_get_fileshortad Phillip Lougher <phillip(a)squashfs.org.uk> Squashfs: reject negative file sizes in squashfs_read_inode() Phillip Lougher <phillip(a)squashfs.org.uk> Squashfs: add additional inode sanity checking Edward Adam Davis <eadavis(a)qq.com> media: mc: Clear minor number before put device Hans de Goede <hansg(a)kernel.org> mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type Hans de Goede <hdegoede(a)redhat.com> mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value Zheng Qixing <zhengqixing(a)huawei.com> dm: fix NULL pointer dereference in __dm_suspend() Yuan Chen <chenyuan(a)kylinos.cn> tracing: Fix race condition in kprobe initialization causing NULL pointer dereference Stephan Gerhold <stephan.gerhold(a)linaro.org> arm64: dts: qcom: sdm845: Fix slimbam num-channels/ees Nathan Chancellor <nathan(a)kernel.org> lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and older Ahmet Eray Karadag <eraykrdg1(a)gmail.com> ext4: guard against EA inode refcount underflow in xattr update Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: correctly handle queries for metadata mappings Yongjian Sun <sunyongjian1(a)huawei.com> ext4: increase i_disksize to offset + len in ext4_update_disksize_before_punch() Olga Kornievskaia <okorniev(a)redhat.com> nfsd: nfserr_jukebox in nlm_fopen should lead to a retry Thorsten Blum <thorsten.blum(a)linux.dev> NFSD: Fix destination buffer size in nfsd4_ssc_setup_dul() Sean Christopherson <seanjc(a)google.com> x86/umip: Fix decoding of register forms of 0F 01 (SGDT and SIDT aliases) Sean Christopherson <seanjc(a)google.com> x86/umip: Check that the instruction opcode is at least two bytes Pratyush Yadav <pratyush(a)kernel.org> spi: cadence-quadspi: Flush posted register writes before INDAC access Niklas Cassel <cassel(a)kernel.org> PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit Lukas Wunner <lukas(a)wunner.de> PCI/AER: Support errors introduced by PCIe r6.0 Niklas Schnelle <schnelle(a)linux.ibm.com> PCI/AER: Fix missing uevent on recovery when a reset is requested Lukas Wunner <lukas(a)wunner.de> PCI/ERR: Fix uevent on failure to recover Niklas Schnelle <schnelle(a)linux.ibm.com> PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Sean Christopherson <seanjc(a)google.com> rseq/selftests: Use weak symbol reference, not definition, to link with glibc Esben Haabendal <esben(a)geanix.com> rtc: interface: Fix long-standing race when setting alarm Esben Haabendal <esben(a)geanix.com> rtc: interface: Ensure alarm irq is enabled when UIE is enabled Zhen Ni <zhen.ni(a)easystack.cn> memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe Rex Chen <rex.chen_1(a)nxp.com> mmc: core: SPI mode remove cmd7 Linus Walleij <linus.walleij(a)linaro.org> mtd: rawnand: fsmc: Default to autodetect buswidth Ma Ke <make24(a)iscas.ac.cn> sparc: fix error handling in scan_one_device() Anthony Yznaga <anthony.yznaga(a)oracle.com> sparc64: fix hugetlb for sun4u Eric Biggers <ebiggers(a)kernel.org> sctp: Fix MAC comparison to be constant-time Thorsten Blum <thorsten.blum(a)linux.dev> scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() Sam James <sam(a)gentoo.org> parisc: don't reference obsolete termio struct for TC* constants Askar Safin <safinaskar(a)zohomail.com> openat2: don't trigger automounts with RESOLVE_NO_XDEV Johan Hovold <johan(a)kernel.org> lib/genalloc: fix device leak in of_gen_pool_get() Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume Huacai Chen <chenhuacai(a)loongson.cn> init: handle bootloader identifier in kernel parameters Michael Hennerich <michael.hennerich(a)analog.com> iio: frequency: adf4350: Fix prescaler usage. Qianfeng Rong <rongqianfeng(a)vivo.com> iio: dac: ad5421: use int type to store negative error codes Qianfeng Rong <rongqianfeng(a)vivo.com> iio: dac: ad5360: use int type to store negative error codes Thomas Fourier <fourier.thomas(a)gmail.com> crypto: atmel - Fix dma_unmap_sg() direction Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() Simon Schuster <schuster.simon(a)siemens-energy.com> copy_sighand: Handle architectures where sizeof(unsigned long) < sizeof(u64) Shuhao Fu <sfual(a)cse.ust.hk> drm/nouveau: fix bad ret code in nouveau_bo_move_prep Qianfeng Rong <rongqianfeng(a)vivo.com> media: i2c: mt9v111: fix incorrect type for ret Johan Hovold <johan(a)kernel.org> firmware: meson_sm: fix device leak at probe Lukas Wunner <lukas(a)wunner.de> xen/manage: Fix suspend error path Jason Andryuk <jason.andryuk(a)amd.com> xen/events: Cleanup find_virq() return codes Miaoqian Lin <linmq006(a)gmail.com> ARM: OMAP2+: pm33xx-core: ix device node reference leaks in amx3_idle_init Stephan Gerhold <stephan.gerhold(a)linaro.org> arm64: dts: qcom: msm8916: Add missing MDSS reset Amir Mohammad Jahangirzad <a.jahangirzad(a)gmail.com> ACPI: debug: fix signedness issues in read/write helpers Daniel Tang <danielzgtg.opensource(a)gmail.com> ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpio: wcd934x: mark the GPIO controller as sleeping Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> gpio: wcd934x: Remove duplicate assignment of of_gpio_n_cells Gunnar Kudrjavets <gunnarku(a)amazon.com> tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single Herbert Xu <herbert(a)gondor.apana.org.au> crypto: essiv - Check ssize for decryption and in-place encryption Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Properly disable scaling on DCE6 Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Properly clear SCL_*_FILTER_CONTROL on DCE6 Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Add missing DCE6 SCL_HORZ_FILTER_INIT* SRIs Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: Add additional DCE6 SCL registers Daniel Borkmann <daniel(a)iogearbox.net> bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} Harini T <harini.t(a)amd.com> mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes Harini T <harini.t(a)amd.com> mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call Leo Yan <leo.yan(a)arm.com> tools build: Align warning options with perf Erick Karanja <karanja99erick(a)gmail.com> net: fsl_pq_mdio: Fix device node reference leak in fsl_pq_mdio_probe Kuniyuki Iwashima <kuniyu(a)google.com> tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). Alexandr Sapozhnikov <alsp705(a)gmail.com> net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Fix Use-after-free in validation Dan Carpenter <dan.carpenter(a)linaro.org> net/mlx4: prevent potential use after free in mlx4_en_do_uc_filter() Duoming Zhou <duoming(a)zju.edu.cn> scsi: mvsas: Fix use-after-free bugs in mvs_work_queue John Garry <john.garry(a)huawei.com> scsi: mvsas: Use sas_task_find_rq() for tagging John Garry <john.garry(a)huawei.com> scsi: mvsas: Delete mvs_tag_init() John Garry <john.garry(a)huawei.com> scsi: libsas: Add sas_task_find_rq() Alok Tiwari <alok.a.tiwari(a)oracle.com> clk: nxp: Fix pll0 rate check condition in LPC18xx CGU driver Brian Masney <bmasney(a)redhat.com> clk: nxp: lpc18xx-cgu: convert from round_rate() to determine_rate() Leo Yan <leo.yan(a)arm.com> perf session: Fix handling when buffer exceeds 2 GiB Rob Herring (Arm) <robh(a)kernel.org> rtc: x1205: Fix Xicor X1205 vendor prefix Yunseong Kim <ysk(a)kzalloc.com> perf util: Fix compression checks returning -1 as bool Brian Masney <bmasney(a)redhat.com> clk: at91: peripheral: fix return value Ian Rogers <irogers(a)google.com> libperf event: Ensure tracing data is multiple of 8 sized Michael Hennerich <michael.hennerich(a)analog.com> iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE Zhen Ni <zhen.ni(a)easystack.cn> clocksource/drivers/clps711x: Fix resource leaks in error paths Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> fs: always return zero on success from replace_fd() Salah Triki <salah.triki(a)gmail.com> bus: fsl-mc: Check return value of platform_get_resource() Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> pinctrl: check the return value of pinmux_ops::get_function_name() Zhen Ni <zhen.ni(a)easystack.cn> Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak Marek Vasut <marek.vasut(a)mailbox.org> Input: atmel_mxt_ts - allow reset GPIO to sleep Yang Shi <yang(a)os.amperecomputing.com> mm: hugetlb: avoid soft lockup when mprotect to large memory area Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() Naman Jain <namjain(a)linux.microsoft.com> uio_hv_generic: Let userspace take care of interrupt mask Phillip Lougher <phillip(a)squashfs.org.uk> Squashfs: fix uninit-value in squashfs_get_parent Jakub Kicinski <kuba(a)kernel.org> Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set" Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: handle copy_thresh allocation failure Kohei Enju <enjuk(a)amazon.com> net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable Kohei Enju <enjuk(a)amazon.com> nfp: fix RSS hash key size when RSS is not supported Donet Tom <donettom(a)linux.ibm.com> drivers/base/node: fix double free in register_one_node() Dan Carpenter <dan.carpenter(a)linaro.org> ocfs2: fix double free in user_cluster_connect() Nishanth Menon <nm(a)ti.com> hwrng: ks-sa - fix division by zero in ks_sa_rng_init Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO I Viswanath <viswanathiyyappan(a)gmail.com> net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast Bernard Metzler <bernard.metzler(a)linux.dev> RDMA/siw: Always report immediate post SQ errors Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> usb: vhci-hcd: Prevent suspending virtually attached devices Ranjan Kumar <ranjan.kumar(a)broadcom.com> scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() Slavin Liu <slavin452(a)gmail.com> ipvs: Defer ip_vs_ftp unregister during netns cleanup Anthony Iliopoulos <ailiop(a)suse.com> NFSv4.1: fix backchannel max_resp_sz verification check Stephan Gerhold <stephan.gerhold(a)linaro.org> remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from,to}_user for M7 Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_to_user for Niagara 4 Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC Bagas Sanjaya <bagasdotme(a)gmail.com> Documentation: trace: historgram-design: Separate sched_waking histogram section heading and the following diagram Vlad Dumitrescu <vdumitrescu(a)nvidia.com> IB/sa: Fix sa_local_svc_timeout_ms read race Parav Pandit <parav(a)nvidia.com> RDMA/core: Resolve MAC of next-hop device without ARP support Colin Ian King <colin.i.king(a)gmail.com> ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message Abdun Nihaal <abdun.nihaal(a)gmail.com> wifi: mt76: fix potential memory leak in mt76_wmac_probe() Håkon Bugge <haakon.bugge(a)oracle.com> RDMA/cm: Rate limit destroy CM ID timeout error message Donet Tom <donettom(a)linux.ibm.com> drivers/base/node: handle error properly in register_one_node() Christophe Leroy <christophe.leroy(a)csgroup.eu> watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog Zhen Ni <zhen.ni(a)easystack.cn> netfilter: ipset: Remove unused htable_bits in macro ahash_region Hans de Goede <hansg(a)kernel.org> iio: consumers: Fix offset handling in iio_convert_raw_to_processed() Takashi Iwai <tiwai(a)suse.de> ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping Takashi Iwai <tiwai(a)suse.de> ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping Takashi Iwai <tiwai(a)suse.de> ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping Wang Liang <wangliang74(a)huawei.com> pps: fix warning in pps_register_cdev when register device fail Colin Ian King <colin.i.king(a)gmail.com> misc: genwqe: Fix incorrect cmd field being reported in error William Wu <william.wu(a)rock-chips.com> usb: gadget: configfs: Correctly set use_os_string at bind Xichao Zhao <zhao.xichao(a)vivo.com> usb: phy: twl6030: Fix incorrect type for ret Eric Dumazet <edumazet(a)google.com> tcp: fix __tcp_close() to only send RST when required Alok Tiwari <alok.a.tiwari(a)oracle.com> PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation Stefan Kerkmann <s.kerkmann(a)pengutronix.de> wifi: mwifiex: send world regulatory domain to driver Timur Kristóf <timur.kristof(a)gmail.com> drm/amdgpu: Power up UVD 3 for FW validation (v2) Qianfeng Rong <rongqianfeng(a)vivo.com> ALSA: lx_core: use int type to store negative error codes Zhang Shurong <zhang_shurong(a)foxmail.com> media: rj54n1cb0c: Fix memleak in rj54n1_probe() Thomas Fourier <fourier.thomas(a)gmail.com> scsi: myrs: Fix dma_alloc_coherent() error check Niklas Cassel <cassel(a)kernel.org> scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Dan Carpenter <dan.carpenter(a)linaro.org> serial: max310x: Add error checking in probe() Dan Carpenter <dan.carpenter(a)linaro.org> usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup Brahmajit Das <listout(a)listout.xyz> drm/radeon/r600_cs: clean up of dead code in r600_cs Kunihiko Hayashi <hayashi.kunihiko(a)socionext.com> i2c: designware: Add disabling clocks when probe fails Leilk.Liu <leilk.liu(a)mediatek.com> i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD Paul Chaignon <paul.chaignon(a)gmail.com> bpf: Explicitly check accesses to bpf_sock_addr Akhilesh Patil <akhilesh(a)ee.iitb.ac.in> selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: tiehrpwm: Fix corner case in clock divisor calculation AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mediatek: mt8516-pumpkin: Fix machine compatible Qianfeng Rong <rongqianfeng(a)vivo.com> pinctrl: renesas: Use int type to store negative error codes Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PM: sleep: core: Clear power.must_resume in noirq suspend error path Qianfeng Rong <rongqianfeng(a)vivo.com> block: use int to store blk_stack_limits() return value Li Nan <linan122(a)huawei.com> blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx Da Xue <da(a)libre.computer> pinctrl: meson-gxl: add missing i2c_d pinmux Sneh Mankad <sneh.mankad(a)oss.qualcomm.com> soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS Huisong Li <lihuisong(a)huawei.com> ACPI: processor: idle: Fix memory leak when register cpuidle device failed Yureka Lilian <yuka(a)yuka.dev> libbpf: Fix reuse of DEVMAP Geert Uytterhoeven <geert+renesas(a)glider.be> regmap: Remove superfluous check for !config in __regmap_init() Uros Bizjak <ubizjak(a)gmail.com> x86/vdso: Fix output operand size of RDPID Leo Yan <leo.yan(a)arm.com> perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Bala-Vignesh-Reddy <reddybalavignesh9979(a)gmail.com> selftests: arm64: Check fread return value in exec_target Jeff Layton <jlayton(a)kernel.org> filelock: add FL_RECLAIM to show_fl_flags() macro Herbert Xu <herbert(a)gondor.apana.org.au> crypto: rng - Ensure set_ent is always present Igor Artemiev <Igor.A.Artemiev(a)mcst.ru> drm/amd/display: Fix potential null dereference Roman Li <roman.li(a)amd.com> drm/amd/display: Remove redundant safeguards for dmub-srv destroy() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> driver core/PM: Set power.no_callbacks along with power.no_pm Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: flush RX FIFO on read errors Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: fix maximum TX packet length check Raphael Gallais-Pou <raphael.gallais-pou(a)foss.st.com> serial: stm32: allow selecting console when the driver is module Arnaud Lecomte <contact(a)arnaud-lcm.com> hid: fix I2C read buffer overflow in raw_event() for mcp2221 hupu <hupu.gm(a)gmail.com> perf subcmd: avoid crash in exclude_cmds when excludes is empty Mikulas Patocka <mpatocka(a)redhat.com> dm-integrity: limit MAX_TAG_SIZE to 255 Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 Xiaowei Li <xiaowei.li(a)simcom.com> USB: serial: option: add SIMCom 8230C compositions Duoming Zhou <duoming(a)zju.edu.cn> media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe Duoming Zhou <duoming(a)zju.edu.cn> media: tuner: xc5000: Fix use-after-free in xc5000_release Ricardo Ribalda <ribalda(a)chromium.org> media: tunner: xc5000: Refactor firmware load Kuniyuki Iwashima <kuniyu(a)amazon.com> udp: Fix memory accounting leak. Larshin Sergey <Sergey.Larshin(a)kaspersky.com> media: rc: fix races with imon_disconnect() Duoming Zhou <duoming(a)zju.edu.cn> media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove Wang Haoran <haoranwangsec(a)gmail.com> scsi: target: target_core_configfs: Add length check to avoid buffer overflow ------------- Diffstat: Documentation/ABI/testing/sysfs-bus-pci | 9 + Documentation/admin-guide/kernel-parameters.txt | 3 + Documentation/arm64/silicon-errata.rst | 2 + Documentation/trace/histogram-design.rst | 4 +- Makefile | 4 +- arch/arm/mach-omap2/pm33xx-core.c | 6 +- arch/arm/mm/pageattr.c | 6 +- arch/arm64/Kconfig | 1 + arch/arm64/boot/dts/mediatek/mt8516-pumpkin.dts | 2 +- arch/arm64/boot/dts/qcom/msm8916.dtsi | 2 + arch/arm64/boot/dts/qcom/sdm845.dtsi | 4 +- arch/arm64/include/asm/cputype.h | 2 + arch/arm64/include/asm/pgtable.h | 3 +- arch/arm64/kernel/cpu_errata.c | 1 + arch/arm64/kernel/cpufeature.c | 10 +- arch/arm64/kernel/mte.c | 3 +- arch/m68k/include/asm/bitops.h | 25 +- arch/mips/mti-malta/malta-setup.c | 2 +- arch/parisc/include/uapi/asm/ioctls.h | 8 +- arch/sparc/kernel/of_device_32.c | 1 + arch/sparc/kernel/of_device_64.c | 1 + arch/sparc/lib/M7memcpy.S | 20 +- arch/sparc/lib/Memcpy_utils.S | 9 + arch/sparc/lib/NG4memcpy.S | 2 +- arch/sparc/lib/NGmemcpy.S | 29 ++- arch/sparc/lib/U1memcpy.S | 19 +- arch/sparc/lib/U3memcpy.S | 2 +- arch/sparc/mm/hugetlbpage.c | 20 ++ arch/um/drivers/mconsole_user.c | 2 + arch/x86/include/asm/segment.h | 8 +- arch/x86/kernel/umip.c | 15 +- arch/x86/kvm/emulate.c | 11 +- arch/x86/kvm/kvm_emulate.h | 2 +- arch/x86/kvm/x86.c | 9 +- arch/x86/mm/pgtable.c | 2 +- block/blk-crypto-fallback.c | 3 + block/blk-mq-sysfs.c | 6 +- block/blk-settings.c | 3 +- crypto/essiv.c | 14 +- crypto/rng.c | 8 + drivers/acpi/acpi_dbg.c | 26 +- drivers/acpi/acpi_tad.c | 3 + drivers/acpi/nfit/core.c | 2 +- drivers/acpi/processor_idle.c | 3 + drivers/android/binder.c | 11 +- drivers/base/arch_topology.c | 2 +- drivers/base/node.c | 4 + drivers/base/power/main.c | 14 +- drivers/base/power/runtime.c | 44 ++++ drivers/base/regmap/regmap.c | 2 +- drivers/bus/fsl-mc/fsl-mc-bus.c | 3 + drivers/bus/mhi/host/init.c | 5 +- drivers/char/hw_random/ks-sa-rng.c | 4 + drivers/char/tpm/tpm_tis_core.c | 4 +- drivers/clk/at91/clk-peripheral.c | 7 +- drivers/clk/nxp/clk-lpc18xx-cgu.c | 20 +- drivers/clocksource/clps711x-timer.c | 23 +- drivers/cpufreq/intel_pstate.c | 8 +- drivers/cpuidle/governors/menu.c | 21 +- drivers/crypto/atmel-tdes.c | 2 +- drivers/crypto/rockchip/rk3288_crypto_ahash.c | 3 +- drivers/dma/ioat/dma.c | 12 +- drivers/edac/sb_edac.c | 4 +- drivers/edac/skx_common.h | 1 - drivers/firmware/meson/meson_sm.c | 7 +- drivers/gpio/gpio-wcd934x.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 +- drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/uvd_v3_1.c | 29 ++- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 5 +- drivers/gpu/drm/amd/display/dc/dce/dce_transform.c | 21 +- drivers/gpu/drm/amd/display/dc/dce/dce_transform.h | 4 + .../gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c | 2 + .../gpu/drm/amd/include/asic_reg/dce/dce_6_0_d.h | 7 + .../drm/amd/include/asic_reg/dce/dce_6_0_sh_mask.h | 2 + drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppevvmath.h | 14 +- .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 +- drivers/gpu/drm/arm/display/include/malidp_utils.h | 2 +- .../drm/arm/display/komeda/komeda_pipeline_state.c | 24 +- drivers/gpu/drm/drm_color_mgmt.c | 2 +- drivers/gpu/drm/exynos/exynos7_drm_decon.c | 36 --- drivers/gpu/drm/msm/adreno/a6xx_gmu.c | 6 - drivers/gpu/drm/nouveau/nouveau_bo.c | 2 +- drivers/gpu/drm/radeon/evergreen_cs.c | 2 + drivers/gpu/drm/radeon/r600_cs.c | 4 +- drivers/gpu/drm/vmwgfx/vmwgfx_validation.c | 4 +- drivers/hid/hid-mcp2221.c | 4 + drivers/hid/hid-multitouch.c | 27 ++- drivers/hwmon/adt7475.c | 24 +- drivers/i2c/busses/i2c-designware-platdrv.c | 1 + drivers/i2c/busses/i2c-mt65xx.c | 17 +- drivers/iio/dac/ad5360.c | 2 +- drivers/iio/dac/ad5421.c | 2 +- drivers/iio/frequency/adf4350.c | 20 +- drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 5 +- drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 39 +-- drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 5 +- drivers/iio/inkern.c | 2 +- drivers/infiniband/core/addr.c | 10 +- drivers/infiniband/core/cm.c | 4 +- drivers/infiniband/core/sa_query.c | 6 +- drivers/infiniband/sw/siw/siw_verbs.c | 25 +- drivers/input/misc/uinput.c | 1 + drivers/input/touchscreen/atmel_mxt_ts.c | 2 +- drivers/input/touchscreen/cyttsp4_core.c | 2 +- drivers/mailbox/zynqmp-ipi-mailbox.c | 7 +- drivers/md/dm-integrity.c | 8 +- drivers/md/dm.c | 7 +- drivers/media/dvb-frontends/stv0367_priv.h | 3 + drivers/media/i2c/mt9v111.c | 2 +- drivers/media/i2c/rj54n1cb0c.c | 9 +- drivers/media/i2c/tc358743.c | 4 +- drivers/media/mc/mc-devnode.c | 6 +- drivers/media/pci/b2c2/flexcop-pci.c | 2 +- drivers/media/pci/cx18/cx18-queue.c | 12 +- drivers/media/pci/ivtv/ivtv-driver.c | 2 +- drivers/media/pci/ivtv/ivtv-irq.c | 2 +- drivers/media/pci/ivtv/ivtv-queue.c | 18 +- drivers/media/pci/ivtv/ivtv-streams.c | 22 +- drivers/media/pci/ivtv/ivtv-udma.c | 27 ++- drivers/media/pci/ivtv/ivtv-yuv.c | 24 +- drivers/media/pci/ivtv/ivtvfb.c | 6 +- drivers/media/platform/s5p-mfc/s5p_mfc_cmd_v6.c | 35 +-- drivers/media/rc/imon.c | 27 ++- drivers/media/rc/lirc_dev.c | 15 +- drivers/media/rc/rc-main.c | 6 +- drivers/media/tuners/xc5000.c | 41 ++-- drivers/memory/samsung/exynos-srom.c | 10 +- drivers/mfd/intel_soc_pmic_chtdc_ti.c | 5 +- drivers/mfd/vexpress-sysreg.c | 6 +- drivers/misc/genwqe/card_ddcb.c | 2 +- drivers/misc/mei/hw-me-regs.h | 2 + drivers/misc/mei/pci-me.c | 2 + drivers/mmc/core/sdio.c | 6 +- drivers/most/most_usb.c | 13 +- drivers/mtd/nand/raw/fsmc_nand.c | 6 +- drivers/net/bonding/bond_main.c | 40 ++- drivers/net/ethernet/amazon/ena/ena_ethtool.c | 5 +- drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 - drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 + drivers/net/ethernet/broadcom/tg3.c | 5 +- drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c | 18 +- drivers/net/ethernet/dlink/dl2k.c | 30 ++- drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 3 +- drivers/net/ethernet/freescale/enetc/enetc.h | 2 +- drivers/net/ethernet/freescale/fsl_pq_mdio.c | 2 + drivers/net/ethernet/mellanox/mlx4/en_netdev.c | 2 +- .../ethernet/mellanox/mlx5/core/en/port_buffer.h | 12 - drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 17 +- .../net/ethernet/netronome/nfp/nfp_net_ethtool.c | 2 +- drivers/net/ethernet/realtek/r8169_main.c | 5 +- drivers/net/ethernet/renesas/ravb_main.c | 8 + drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +- drivers/net/fjes/fjes_main.c | 4 +- drivers/net/usb/aqc111.c | 2 +- drivers/net/usb/lan78xx.c | 42 +++- drivers/net/usb/r8152.c | 2 +- drivers/net/usb/rndis_host.c | 2 +- drivers/net/usb/rtl8150.c | 15 +- drivers/net/wireless/ath/ath11k/core.c | 6 +- drivers/net/wireless/ath/ath11k/hal.c | 16 ++ drivers/net/wireless/ath/ath11k/hal.h | 1 + drivers/net/wireless/marvell/mwifiex/cfg80211.c | 7 +- drivers/net/wireless/mediatek/mt76/mt7603/soc.c | 2 +- drivers/net/wireless/ralink/rt2x00/rt2400pci.c | 8 +- drivers/net/wireless/ralink/rt2x00/rt2400pci.h | 2 +- drivers/net/wireless/ralink/rt2x00/rt2500pci.c | 8 +- drivers/net/wireless/ralink/rt2x00/rt2500pci.h | 2 +- drivers/net/wireless/ralink/rt2x00/rt2500usb.c | 8 +- drivers/net/wireless/ralink/rt2x00/rt2500usb.h | 2 +- drivers/net/wireless/ralink/rt2x00/rt2800lib.c | 36 +-- drivers/net/wireless/ralink/rt2x00/rt2800lib.h | 8 +- drivers/net/wireless/ralink/rt2x00/rt2x00usb.c | 6 +- drivers/net/wireless/ralink/rt2x00/rt61pci.c | 4 +- drivers/net/wireless/ralink/rt2x00/rt61pci.h | 2 +- drivers/net/wireless/ralink/rt2x00/rt73usb.c | 4 +- drivers/net/wireless/ralink/rt2x00/rt73usb.h | 2 +- .../net/wireless/realtek/rtlwifi/rtl8192cu/sw.c | 1 - drivers/nfc/pn544/i2c.c | 2 - drivers/pci/controller/cadence/pci-j721e.c | 25 ++ drivers/pci/controller/dwc/pci-keystone.c | 4 +- drivers/pci/controller/dwc/pcie-tegra194.c | 22 +- drivers/pci/controller/pci-tegra.c | 2 +- drivers/pci/iov.c | 5 + drivers/pci/pci-driver.c | 1 + drivers/pci/pci-label.c | 10 +- drivers/pci/pci-sysfs.c | 98 +++++--- drivers/pci/pcie/aer.c | 12 +- drivers/pci/pcie/err.c | 8 +- drivers/perf/arm_spe_pmu.c | 3 +- drivers/pinctrl/meson/pinctrl-meson-gxl.c | 10 + drivers/pinctrl/pinmux.c | 2 +- drivers/pinctrl/renesas/pinctrl.c | 3 +- drivers/platform/x86/sony-laptop.c | 1 - drivers/pps/kapi.c | 5 +- drivers/pps/pps.c | 5 +- drivers/pwm/pwm-berlin.c | 4 +- drivers/pwm/pwm-tiehrpwm.c | 4 +- drivers/remoteproc/qcom_q6v5.c | 3 - drivers/rtc/interface.c | 27 +++ drivers/rtc/rtc-x1205.c | 2 +- drivers/scsi/hpsa.c | 21 +- drivers/scsi/isci/init.c | 6 +- drivers/scsi/mpt3sas/mpt3sas_transport.c | 8 +- drivers/scsi/mvsas/mv_defs.h | 1 + drivers/scsi/mvsas/mv_init.c | 13 +- drivers/scsi/mvsas/mv_sas.c | 42 ++-- drivers/scsi/mvsas/mv_sas.h | 8 +- drivers/scsi/myrs.c | 8 +- drivers/scsi/pm8001/pm8001_sas.c | 9 +- drivers/soc/qcom/rpmh-rsc.c | 7 +- drivers/spi/spi-cadence-quadspi.c | 5 + drivers/staging/axis-fifo/axis-fifo.c | 32 ++- drivers/staging/comedi/comedi_buf.c | 2 +- .../pci/hive_isp_css_include/math_support.h | 5 - drivers/target/target_core_configfs.c | 2 +- drivers/tty/serial/8250/8250_exar.c | 11 + drivers/tty/serial/Kconfig | 2 +- drivers/tty/serial/max310x.c | 2 + drivers/uio/uio_hv_generic.c | 7 +- drivers/usb/core/quirks.c | 2 + drivers/usb/gadget/configfs.c | 2 + drivers/usb/gadget/legacy/raw_gadget.c | 2 - drivers/usb/host/max3421-hcd.c | 2 +- drivers/usb/host/xhci-dbgcap.c | 9 +- drivers/usb/phy/phy-twl6030-usb.c | 3 +- drivers/usb/serial/option.c | 16 ++ drivers/usb/usbip/vhci_hcd.c | 22 ++ drivers/watchdog/mpc8xxx_wdt.c | 2 + drivers/xen/events/events_base.c | 20 +- drivers/xen/manage.c | 3 +- fs/btrfs/ctree.h | 2 - fs/btrfs/export.c | 8 +- fs/btrfs/extent_io.c | 1 + fs/btrfs/file-item.c | 1 + fs/btrfs/misc.h | 2 - fs/btrfs/raid56.c | 1 + fs/btrfs/tree-checker.c | 2 +- fs/cramfs/inode.c | 11 +- fs/dax.c | 54 +++-- fs/dcache.c | 2 + fs/dlm/lockspace.c | 2 +- fs/erofs/zdata.h | 2 +- fs/exec.c | 2 +- fs/ext2/balloc.c | 2 - fs/ext4/ext4.h | 2 - fs/ext4/fsmap.c | 14 +- fs/ext4/inode.c | 18 +- fs/ext4/super.c | 10 +- fs/ext4/xattr.c | 15 +- fs/file.c | 5 +- fs/fsopen.c | 70 +++--- fs/fuse/file.c | 8 +- fs/hfs/bfind.c | 8 +- fs/hfs/brec.c | 27 ++- fs/hfs/mdb.c | 2 +- fs/hfsplus/bfind.c | 8 +- fs/hfsplus/bnode.c | 41 ---- fs/hfsplus/btree.c | 6 + fs/hfsplus/hfsplus_fs.h | 42 ++++ fs/hfsplus/super.c | 25 +- fs/hfsplus/unicode.c | 24 ++ fs/iomap/apply.c | 74 +++++- fs/iomap/trace.h | 37 ++- fs/jbd2/transaction.c | 13 +- fs/minix/inode.c | 8 +- fs/namei.c | 8 + fs/namespace.c | 11 +- fs/nfs/nfs4proc.c | 2 +- fs/nfsd/blocklayout.c | 5 +- fs/nfsd/blocklayoutxdr.c | 7 +- fs/nfsd/flexfilelayout.c | 8 + fs/nfsd/flexfilelayoutxdr.c | 3 +- fs/nfsd/lockd.c | 15 ++ fs/nfsd/nfs4layouts.c | 1 - fs/nfsd/nfs4proc.c | 36 ++- fs/nfsd/nfs4xdr.c | 14 +- fs/nfsd/xdr4.h | 36 ++- fs/ocfs2/move_extents.c | 5 + fs/ocfs2/stack_user.c | 1 + fs/squashfs/inode.c | 31 ++- fs/squashfs/squashfs_fs_i.h | 2 +- fs/udf/inode.c | 12 +- fs/ufs/util.h | 6 - include/linux/cleanup.h | 171 +++++++++++++ include/linux/compiler-clang.h | 9 + include/linux/compiler.h | 15 ++ include/linux/compiler_attributes.h | 6 + include/linux/device.h | 10 + include/linux/file.h | 6 + include/linux/iio/frequency/adf4350.h | 2 +- include/linux/iomap.h | 56 +++++ include/linux/irqflags.h | 7 + include/linux/minmax.h | 267 ++++++++++++++++----- include/linux/mutex.h | 4 + include/linux/netdevice.h | 9 + include/linux/overflow.h | 1 - include/linux/percpu.h | 4 + include/linux/pm_runtime.h | 4 + include/linux/preempt.h | 5 + include/linux/rcupdate.h | 3 + include/linux/rwsem.h | 9 + include/linux/sched/task.h | 2 + include/linux/slab.h | 3 + include/linux/spinlock.h | 32 +++ include/linux/srcu.h | 5 + include/linux/trace_events.h | 2 - include/net/ip_tunnels.h | 15 ++ include/net/rtnetlink.h | 16 +- include/scsi/libsas.h | 18 ++ include/trace/events/filelock.h | 3 +- include/uapi/linux/netlink.h | 1 + init/main.c | 14 ++ kernel/fork.c | 2 +- kernel/padata.c | 6 +- kernel/pid.c | 2 +- kernel/sched/fair.c | 38 +-- kernel/trace/preemptirq_delay_test.c | 2 - kernel/trace/trace_kprobe.c | 11 +- kernel/trace/trace_probe.h | 9 +- kernel/trace/trace_uprobe.c | 12 +- lib/btree.c | 1 - lib/crypto/Makefile | 4 + lib/decompress_unlzma.c | 2 + lib/genalloc.c | 5 +- lib/logic_pio.c | 3 - lib/vsprintf.c | 2 +- lib/zstd/zstd_internal.h | 2 - mm/hugetlb.c | 2 + mm/zsmalloc.c | 1 - net/9p/trans_fd.c | 8 +- net/bluetooth/mgmt.c | 10 +- net/core/filter.c | 18 +- net/core/rtnetlink.c | 87 +++++-- net/ipv4/ip_tunnel.c | 14 -- net/ipv4/proc.c | 2 +- net/ipv4/tcp.c | 9 +- net/ipv4/tcp_input.c | 1 - net/ipv4/tcp_output.c | 19 +- net/ipv4/udp.c | 16 +- net/ipv6/ip6_tunnel.c | 3 +- net/ipv6/proc.c | 2 +- net/netfilter/ipset/ip_set_hash_gen.h | 8 +- net/netfilter/ipvs/ip_vs_ftp.c | 4 +- net/netfilter/nf_nat_core.c | 6 +- net/sctp/inqueue.c | 13 +- net/sctp/sm_make_chunk.c | 3 +- net/sctp/sm_statefuns.c | 6 +- net/tipc/core.h | 2 +- net/tipc/link.c | 10 +- net/tls/tls_main.c | 7 +- net/tls/tls_sw.c | 13 + net/vmw_vsock/af_vsock.c | 38 +-- scripts/checkpatch.pl | 2 +- security/keys/trusted-keys/trusted_tpm1.c | 7 +- sound/firewire/amdtp-stream.h | 2 +- sound/pci/lx6464es/lx_core.c | 4 +- sound/soc/codecs/wcd934x.c | 30 ++- sound/soc/intel/boards/bytcht_es8316.c | 20 +- sound/soc/intel/boards/bytcr_rt5640.c | 7 +- sound/soc/intel/boards/bytcr_rt5651.c | 26 +- tools/build/feature/Makefile | 4 +- tools/lib/bpf/libbpf.c | 10 + tools/lib/perf/include/perf/event.h | 1 + tools/lib/subcmd/help.c | 3 + tools/perf/util/lzma.c | 2 +- tools/perf/util/session.c | 2 +- tools/perf/util/zlib.c | 2 +- tools/testing/selftests/arm64/pauth/exec_target.c | 7 +- tools/testing/selftests/rseq/rseq.c | 8 +- tools/testing/selftests/watchdog/watchdog-test.c | 6 + 372 files changed, 2799 insertions(+), 1321 deletions(-)

2 weeks, 1 day

6
5
0 0

[PATCH] powerpc/kexec: Enable SMT before waking offline CPUs

by Nysal Jan K.A.

If SMT is disabled or a partial SMT state is enabled, when a new kernel image is loaded for kexec, on reboot the following warning is observed: kexec: Waking offline cpu 228. WARNING: CPU: 0 PID: 9062 at arch/powerpc/kexec/core_64.c:223 kexec_prepare_cpus+0x1b0/0x1bc [snip] NIP kexec_prepare_cpus+0x1b0/0x1bc LR kexec_prepare_cpus+0x1a0/0x1bc Call Trace: kexec_prepare_cpus+0x1a0/0x1bc (unreliable) default_machine_kexec+0x160/0x19c machine_kexec+0x80/0x88 kernel_kexec+0xd0/0x118 __do_sys_reboot+0x210/0x2c4 system_call_exception+0x124/0x320 system_call_vectored_common+0x15c/0x2ec This occurs as add_cpu() fails due to cpu_bootable() returning false for CPUs that fail the cpu_smt_thread_allowed() check or non primary threads if SMT is disabled. Fix the issue by enabling SMT and resetting the number of SMT threads to the number of threads per core, before attempting to wake up all present CPUs. Fixes: 38253464bc82 ("cpu/SMT: Create topology_smt_thread_allowed()") Reported-by: Sachin P Bappalige <sachinpb(a)linux.ibm.com> Cc: stable(a)vger.kernel.org # v6.6+ Signed-off-by: Nysal Jan K.A. <nysal(a)linux.ibm.com> --- arch/powerpc/kexec/core_64.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/powerpc/kexec/core_64.c b/arch/powerpc/kexec/core_64.c index 222aa326dace..ff6df43720c4 100644 --- a/arch/powerpc/kexec/core_64.c +++ b/arch/powerpc/kexec/core_64.c @@ -216,6 +216,11 @@ static void wake_offline_cpus(void) { int cpu = 0; + lock_device_hotplug(); + cpu_smt_num_threads = threads_per_core; + cpu_smt_control = CPU_SMT_ENABLED; + unlock_device_hotplug(); + for_each_present_cpu(cpu) { if (!cpu_online(cpu)) { printk(KERN_INFO "kexec: Waking offline cpu %d.\n", -- 2.51.0

2 weeks, 1 day

5
6
0 0

[PATCH v2] codetag: debug: handle existing CODETAG_EMPTY in mark_objexts_empty for slabobj_ext

by Hao Ge

From: Hao Ge <gehao(a)kylinos.cn> When alloc_slab_obj_exts() fails and then later succeeds in allocating a slab extension vector, it calls handle_failed_objexts_alloc() to mark all objects in the vector as empty. As a result all objects in this slab (slabA) will have their extensions set to CODETAG_EMPTY. Later on if this slabA is used to allocate a slabobj_ext vector for another slab (slabB), we end up with the slabB->obj_exts pointing to a slabobj_ext vector that itself has a non-NULL slabobj_ext equal to CODETAG_EMPTY. When slabB gets freed, free_slab_obj_exts() is called to free slabB->obj_exts vector. free_slab_obj_exts() calls mark_objexts_empty(slabB->obj_exts) which will generate a warning because it expects slabobj_ext vectors to have a NULL obj_ext, not CODETAG_EMPTY. Modify mark_objexts_empty() to skip the warning and setting the obj_ext value if it's already set to CODETAG_EMPTY. Fixes: 09c46563ff6d ("codetag: debug: introduce OBJEXTS_ALLOC_FAIL to mark failed slab_ext allocations") Cc: <stable(a)vger.kernel.org> Signed-off-by: Hao Ge <gehao(a)kylinos.cn> --- v2: Update the commit message and code comments for greater accuracy, incorporating Suren's suggestions. Thanks for Suren's help. --- mm/slub.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/mm/slub.c b/mm/slub.c index d4367f25b20d..589c596163c4 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -2046,7 +2046,11 @@ static inline void mark_objexts_empty(struct slabobj_ext *obj_exts) if (slab_exts) { unsigned int offs = obj_to_index(obj_exts_slab->slab_cache, obj_exts_slab, obj_exts); - /* codetag should be NULL */ + + if (unlikely(is_codetag_empty(&slab_exts[offs].ref))) + return; + + /* codetag should be NULL here */ WARN_ON(slab_exts[offs].ref.ct); set_codetag_empty(&slab_exts[offs].ref); } -- 2.25.1

2 weeks, 1 day

2
1
0 0

+ codetag-debug-handle-existing-codetag_empty-in-mark_objexts_empty-for-slabobj_ext.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: codetag: debug: handle existing CODETAG_EMPTY in mark_objexts_empty for slabobj_ext has been added to the -mm mm-hotfixes-unstable branch. Its filename is codetag-debug-handle-existing-codetag_empty-in-mark_objexts_empty-for-slabobj_ext.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Hao Ge <gehao(a)kylinos.cn> Subject: codetag: debug: handle existing CODETAG_EMPTY in mark_objexts_empty for slabobj_ext Date: Wed, 29 Oct 2025 09:43:17 +0800 When alloc_slab_obj_exts() fails and then later succeeds in allocating a slab extension vector, it calls handle_failed_objexts_alloc() to mark all objects in the vector as empty. As a result all objects in this slab (slabA) will have their extensions set to CODETAG_EMPTY. Later on if this slabA is used to allocate a slabobj_ext vector for another slab (slabB), we end up with the slabB->obj_exts pointing to a slabobj_ext vector that itself has a non-NULL slabobj_ext equal to CODETAG_EMPTY. When slabB gets freed, free_slab_obj_exts() is called to free slabB->obj_exts vector. free_slab_obj_exts() calls mark_objexts_empty(slabB->obj_exts) which will generate a warning because it expects slabobj_ext vectors to have a NULL obj_ext, not CODETAG_EMPTY. Modify mark_objexts_empty() to skip the warning and setting the obj_ext value if it's already set to CODETAG_EMPTY. To quickly detect this WARN, I modified the code from:WARN_ON(slab_exts[offs].ref.ct) to WARN_ON(slab_exts[offs].ref.ct == 1); We then obtained this message: [21630.898561] ------------[ cut here ]------------ [21630.898596] kernel BUG at mm/slub.c:2050! [21630.898611] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP [21630.900372] Modules linked in: squashfs isofs vfio_iommu_type1 vhost_vsock vfio vhost_net vmw_vsock_virtio_transport_common vhost tap vhost_iotlb iommufd vsock binfmt_misc nfsv3 nfs_acl nfs lockd grace netfs tls rds dns_resolver tun brd overlay ntfs3 exfat btrfs blake2b_generic xor xor_neon raid6_pq loop sctp ip6_udp_tunnel udp_tunnel nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables rfkill ip_set sunrpc vfat fat joydev sg sch_fq_codel nfnetlink virtio_gpu sr_mod cdrom drm_client_lib virtio_dma_buf drm_shmem_helper drm_kms_helper drm ghash_ce backlight virtio_net virtio_blk virtio_scsi net_failover virtio_console failover virtio_mmio dm_mirror dm_region_hash dm_log dm_multipath dm_mod fuse i2c_dev virtio_pci virtio_pci_legacy_dev virtio_pci_modern_dev virtio virtio_ring autofs4 aes_neon_bs aes_ce_blk [last unloaded: hwpoison_inject] [21630.909177] CPU: 3 UID: 0 PID: 3787 Comm: kylin-process-m Kdump: loaded Tainted: G�� W�� 6.18.0-rc1+ #74 PREEMPT(voluntary) [21630.910495] Tainted: [W]=WARN [21630.910867] Hardware name: QEMU KVM Virtual Machine, BIOS unknown 2/2/2022 [21630.911625] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [21630.912392] pc : __free_slab+0x228/0x250 [21630.912868] lr : __free_slab+0x18c/0x250[21630.913334] sp : ffff8000a02f73e0 [21630.913830] x29: ffff8000a02f73e0 x28: fffffdffc43fc800 x27: ffff0000c0011c40 [21630.914677] x26: ffff0000c000cac0 x25: ffff00010fe5e5f0 x24: ffff000102199b40 [21630.915469] x23: 0000000000000003 x22: 0000000000000003 x21: ffff0000c0011c40 [21630.916259] x20: fffffdffc4086600 x19: fffffdffc43fc800 x18: 0000000000000000 [21630.917048] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 [21630.917837] x14: 0000000000000000 x13: 0000000000000000 x12: ffff70001405ee66 [21630.918640] x11: 1ffff0001405ee65 x10: ffff70001405ee65 x9 : ffff800080a295dc [21630.919442] x8 : ffff8000a02f7330 x7 : 0000000000000000 x6 : 0000000000003000 [21630.920232] x5 : 0000000024924925 x4 : 0000000000000001 x3 : 0000000000000007 [21630.921021] x2 : 0000000000001b40 x1 : 000000000000001f x0 : 0000000000000001 [21630.921810] Call trace: [21630.922130]�� __free_slab+0x228/0x250 (P) [21630.922669]�� free_slab+0x38/0x118 [21630.923079]�� free_to_partial_list+0x1d4/0x340 [21630.923591]�� __slab_free+0x24c/0x348 [21630.924024]�� ___cache_free+0xf0/0x110 [21630.924468]�� qlist_free_all+0x78/0x130 [21630.924922]�� kasan_quarantine_reduce+0x114/0x148 [21630.925525]�� __kasan_slab_alloc+0x7c/0xb0 [21630.926006]�� kmem_cache_alloc_noprof+0x164/0x5c8 [21630.926699]�� __alloc_object+0x44/0x1f8 [21630.927153]�� __create_object+0x34/0xc8 [21630.927604]�� kmemleak_alloc+0xb8/0xd8 [21630.928052]�� kmem_cache_alloc_noprof+0x368/0x5c8 [21630.928606]�� getname_flags.part.0+0xa4/0x610 [21630.929112]�� getname_flags+0x80/0xd8 [21630.929557]�� vfs_fstatat+0xc8/0xe0 [21630.929975]�� __do_sys_newfstatat+0xa0/0x100 [21630.930469]�� __arm64_sys_newfstatat+0x90/0xd8 [21630.931046]�� invoke_syscall+0xd4/0x258 [21630.931685]�� el0_svc_common.constprop.0+0xb4/0x240 [21630.932467]�� do_el0_svc+0x48/0x68 [21630.932972]�� el0_svc+0x40/0xe0 [21630.933472]�� el0t_64_sync_handler+0xa0/0xe8 [21630.934151]�� el0t_64_sync+0x1ac/0x1b0 [21630.934923] Code: aa1803e0 97ffef2b a9446bf9 17ffff9c (d4210000) [21630.936461] SMP: stopping secondary CPUs [21630.939550] Starting crashdump kernel... [21630.940108] Bye! Link: https://lkml.kernel.org/r/20251029014317.1533488-1-hao.ge@linux.dev Fixes: 09c46563ff6d ("codetag: debug: introduce OBJEXTS_ALLOC_FAIL to mark failed slab_ext allocations") Signed-off-by: Hao Ge <gehao(a)kylinos.cn> Cc: Christoph Lameter (Ampere) <cl(a)gentwo.org> Cc: David Rientjes <rientjes(a)google.com> Cc: gehao <gehao(a)kylinos.cn> Cc: Roman Gushchin <roman.gushchin(a)linux.dev> Cc: Shakeel Butt <shakeel.butt(a)linux.dev> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/slub.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) --- a/mm/slub.c~codetag-debug-handle-existing-codetag_empty-in-mark_objexts_empty-for-slabobj_ext +++ a/mm/slub.c @@ -2046,7 +2046,11 @@ static inline void mark_objexts_empty(st if (slab_exts) { unsigned int offs = obj_to_index(obj_exts_slab->slab_cache, obj_exts_slab, obj_exts); - /* codetag should be NULL */ + + if (unlikely(is_codetag_empty(&slab_exts[offs].ref))) + return; + + /* codetag should be NULL here */ WARN_ON(slab_exts[offs].ref.ct); set_codetag_empty(&slab_exts[offs].ref); } _ Patches currently in -mm which might be from gehao(a)kylinos.cn are codetag-debug-handle-existing-codetag_empty-in-mark_objexts_empty-for-slabobj_ext.patch

2 weeks, 1 day

1
0
0 0

Re: [PATCH] drm/mediatek: Disable AFBC support on Mediatek DRM driver

by Macpaul Lin (林智斌)

On Fri, 2025-10-24 at 17:27 -0300, Ariel D'Alessandro wrote: > > External email : Please do not click links or open attachments until > you have verified the sender or the content. > > > Commit c410fa9b07c32 ("drm/mediatek: Add AFBC support to Mediatek DRM > driver") added AFBC support to Mediatek DRM and enabled the > 32x8/split/sparse modifier. > > However, this is currently broken on Mediatek MT8188 (Genio 700 EVK > platform); tested using upstream Kernel and Mesa (v25.2.1), AFBC is > used by > default since Mesa v25.0. > > Kernel trace reports vblank timeouts constantly, and the render is > garbled: > > ``` > [CRTC:62:crtc-0] vblank wait timed out > WARNING: CPU: 7 PID: 70 at drivers/gpu/drm/drm_atomic_helper.c:1835 > drm_atomic_helper_wait_for_vblanks.part.0+0x24c/0x27c > [...] > Hardware name: MediaTek Genio-700 EVK (DT) > Workqueue: events_unbound commit_work > pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) > pc : drm_atomic_helper_wait_for_vblanks.part.0+0x24c/0x27c > lr : drm_atomic_helper_wait_for_vblanks.part.0+0x24c/0x27c > sp : ffff80008337bca0 > x29: ffff80008337bcd0 x28: 0000000000000061 x27: 0000000000000000 > x26: 0000000000000001 x25: 0000000000000000 x24: ffff0000c9dcc000 > x23: 0000000000000001 x22: 0000000000000000 x21: ffff0000c66f2f80 > x20: ffff0000c0d7d880 x19: 0000000000000000 x18: 000000000000000a > x17: 000000040044ffff x16: 005000f2b5503510 x15: 0000000000000000 > x14: 0000000000000000 x13: 74756f2064656d69 x12: 742074696177206b > x11: 0000000000000058 x10: 0000000000000018 x9 : ffff800082396a70 > x8 : 0000000000057fa8 x7 : 0000000000000cce x6 : ffff8000823eea70 > x5 : ffff0001fef5f408 x4 : ffff80017ccee000 x3 : ffff0000c12cb480 > x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000c12cb480 > Call trace: > drm_atomic_helper_wait_for_vblanks.part.0+0x24c/0x27c (P) > drm_atomic_helper_commit_tail_rpm+0x64/0x80 > commit_tail+0xa4/0x1a4 > commit_work+0x14/0x20 > process_one_work+0x150/0x290 > worker_thread+0x2d0/0x3ec > kthread+0x12c/0x210 > ret_from_fork+0x10/0x20 > ---[ end trace 0000000000000000 ]--- > ``` > > Until this gets fixed upstream, disable AFBC support on this > platform, as > it's currently broken with upstream Mesa. > > Signed-off-by: Ariel D'Alessandro <ariel.dalessandro(a)collabora.com> > --- > drivers/gpu/drm/mediatek/mtk_plane.c | 24 +----------------------- > 1 file changed, 1 insertion(+), 23 deletions(-) > > diff --git a/drivers/gpu/drm/mediatek/mtk_plane.c > b/drivers/gpu/drm/mediatek/mtk_plane.c > index 02349bd440017..788b52c1d10c5 100644 > --- a/drivers/gpu/drm/mediatek/mtk_plane.c > +++ b/drivers/gpu/drm/mediatek/mtk_plane.c > @@ -21,9 +21,6 @@ > > static const u64 modifiers[] = { > DRM_FORMAT_MOD_LINEAR, > - DRM_FORMAT_MOD_ARM_AFBC(AFBC_FORMAT_MOD_BLOCK_SIZE_32x8 | > - AFBC_FORMAT_MOD_SPLIT | > - AFBC_FORMAT_MOD_SPARSE), > DRM_FORMAT_MOD_INVALID, > }; > > @@ -71,26 +68,7 @@ static bool mtk_plane_format_mod_supported(struct > drm_plane *plane, > uint32_t format, > uint64_t modifier) > { > - if (modifier == DRM_FORMAT_MOD_LINEAR) > - return true; > - > - if (modifier != DRM_FORMAT_MOD_ARM_AFBC( > - AFBC_FORMAT_MOD_BLOCK_SIZE_32x8 | > - AFBC_FORMAT_MOD_SPLIT | > - AFBC_FORMAT_MOD_SPARSE)) > - return false; > - > - if (format != DRM_FORMAT_XRGB8888 && > - format != DRM_FORMAT_ARGB8888 && > - format != DRM_FORMAT_BGRX8888 && > - format != DRM_FORMAT_BGRA8888 && > - format != DRM_FORMAT_ABGR8888 && > - format != DRM_FORMAT_XBGR8888 && > - format != DRM_FORMAT_RGB888 && > - format != DRM_FORMAT_BGR888) > - return false; > - > - return true; > + return modifier == DRM_FORMAT_MOD_LINEAR; > } > > static void mtk_plane_destroy_state(struct drm_plane *plane, > Great! Thanks for this patch. I've tested this patch against k6.17.5 on mt8395-genio-1200-evk board, and it is working. I've also tested this patch with 'modetest -M mediatek -s 34@59:1200x1290' is working as well. I'm not sure if it is possible to add a "Fixes:" tag to this patch? Maybe add this patch with 'Cc: stable(a)vger.kernel.org #6.17' at least? Some Linux distros are currently using 6.17 for testing. Reviewed-by: Macpaul Lin <macpaul.lin(a)mediatek.com> Regards, Macpaul Lin

2 weeks, 1 day

2
1
0 0

[PATCH v2 1/1] Bluetooth: btusb: add default nvm file

by Shuai Zhang

If no NVM file matches the board_id, load the default NVM file. Signed-off-by: Shuai Zhang <quic_shuaz(a)quicinc.com> Cc: stable(a)vger.kernel.org --- drivers/bluetooth/btusb.c | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c index dcbff7641..6903606d3 100644 --- a/drivers/bluetooth/btusb.c +++ b/drivers/bluetooth/btusb.c @@ -3482,15 +3482,14 @@ static int btusb_setup_qca_load_rampatch(struct hci_dev *hdev, } static void btusb_generate_qca_nvm_name(char *fwname, size_t max_size, - const struct qca_version *ver) + const struct qca_version *ver, + u16 board_id) { u32 rom_version = le32_to_cpu(ver->rom_version); const char *variant, *fw_subdir; int len; - u16 board_id; fw_subdir = qca_get_fw_subdirectory(ver); - board_id = qca_extract_board_id(ver); switch (le32_to_cpu(ver->ram_version)) { case WCN6855_2_0_RAM_VERSION_GF: @@ -3522,14 +3521,28 @@ static int btusb_setup_qca_load_nvm(struct hci_dev *hdev, const struct firmware *fw; char fwname[80]; int err; + u16 board_id = 0; - btusb_generate_qca_nvm_name(fwname, sizeof(fwname), ver); + board_id = qca_extract_board_id(ver); +retry: + btusb_generate_qca_nvm_name(fwname, sizeof(fwname), ver, board_id); err = request_firmware(&fw, fwname, &hdev->dev); if (err) { + if (err == -EINVAL) { + bt_dev_err(hdev, "QCOM BT firmware file request failed (%d)", err); + return err; + } + bt_dev_err(hdev, "failed to request NVM file: %s (%d)", fwname, err); - return err; + if (err == -ENOENT && board_id != 0) { + board_id = 0; + goto retry; + } else { + bt_dev_err(hdev, "QCOM BT firmware file request failed (%d)", err); + return err; + } } bt_dev_info(hdev, "using NVM file: %s", fwname); -- 2.34.1

2 weeks, 1 day

1
0
0 0

[PATCH v1] Bluetooth: btusb: add default nvm file

by Shuai Zhang

If no NVM file matches the board_id, load the default NVM file. Signed-off-by: Shuai Zhang <quic_shuaz(a)quicinc.com> --- drivers/bluetooth/btusb.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c index dcbff7641..998dfd455 100644 --- a/drivers/bluetooth/btusb.c +++ b/drivers/bluetooth/btusb.c @@ -3482,15 +3482,14 @@ static int btusb_setup_qca_load_rampatch(struct hci_dev *hdev, } static void btusb_generate_qca_nvm_name(char *fwname, size_t max_size, - const struct qca_version *ver) + const struct qca_version *ver, + u16 board_id) { u32 rom_version = le32_to_cpu(ver->rom_version); const char *variant, *fw_subdir; int len; - u16 board_id; fw_subdir = qca_get_fw_subdirectory(ver); - board_id = qca_extract_board_id(ver); switch (le32_to_cpu(ver->ram_version)) { case WCN6855_2_0_RAM_VERSION_GF: @@ -3522,13 +3521,25 @@ static int btusb_setup_qca_load_nvm(struct hci_dev *hdev, const struct firmware *fw; char fwname[80]; int err; + u16 board_id = 0; - btusb_generate_qca_nvm_name(fwname, sizeof(fwname), ver); + board_id = qca_extract_board_id(ver); +retry: + btusb_generate_qca_nvm_name(fwname, sizeof(fwname), ver, board_id); err = request_firmware(&fw, fwname, &hdev->dev); if (err) { + if (err == -EINVAL) { + bt_dev_err(hdev, "QCOM BT firmware file request failed (%d)", err); + return err; + } + bt_dev_err(hdev, "failed to request NVM file: %s (%d)", fwname, err); + if (err == -ENOENT && board_id != 0) { + board_id = 0; + goto retry; + } return err; } -- 2.34.1

2 weeks, 1 day

3
3
0 0

Inquiry about purchasing your products

by PERDIS SUPER U

-- Hi, PERDIS SUPER U is a leading retail group in France with numerous outlets across the country. After reviewing your company profile and products, we’re very interested in establishing a long-term partnership. Kindly share your product catalog or website so we can review your offerings and pricing. We are ready to place orders and begin cooperation.Please note: Our payment terms are SWIFT, 14 days after delivery. Looking forward to your response. Best regards, Dominique Schelcher Director, PERDIS SUPER U RUE DE SAVOIE, 45600 SAINT-PÈRE-SUR-LOIRE VAT: FR65380071464 www.magasins-u.com

2 weeks, 1 day

1
0
0 0

+ mm-mremap-honour-writable-bit-in-mremap-pte-batching.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/mremap: honour writable bit in mremap pte batching has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-mremap-honour-writable-bit-in-mremap-pte-batching.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Dev Jain <dev.jain(a)arm.com> Subject: mm/mremap: honour writable bit in mremap pte batching Date: Tue, 28 Oct 2025 12:09:52 +0530 Currently mremap folio pte batch ignores the writable bit during figuring out a set of similar ptes mapping the same folio. Suppose that the first pte of the batch is writable while the others are not - set_ptes will end up setting the writable bit on the other ptes, which is a violation of mremap semantics. Therefore, use FPB_RESPECT_WRITE to check the writable bit while determining the pte batch. Link: https://lkml.kernel.org/r/20251028063952.90313-1-dev.jain@arm.com Signed-off-by: Dev Jain <dev.jain(a)arm.com> Fixes: f822a9a81a31 ("mm: optimize mremap() by PTE batching") Reported-by: David Hildenbrand <david(a)redhat.com> Debugged-by: David Hildenbrand <david(a)redhat.com> Acked-by: David Hildenbrand <david(a)redhat.com> Acked-by: Pedro Falcato <pfalcato(a)suse.de> Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Barry Song <baohua(a)kernel.org> Cc: Jann Horn <jannh(a)google.com> Cc: Liam Howlett <liam.howlett(a)oracle.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> [6.17+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/mremap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/mremap.c~mm-mremap-honour-writable-bit-in-mremap-pte-batching +++ a/mm/mremap.c @@ -187,7 +187,7 @@ static int mremap_folio_pte_batch(struct if (!folio || !folio_test_large(folio)) return 1; - return folio_pte_batch(folio, ptep, pte, max_nr); + return folio_pte_batch_flags(folio, NULL, ptep, &pte, max_nr, FPB_RESPECT_WRITE); } static int move_ptes(struct pagetable_move_control *pmc, _ Patches currently in -mm which might be from dev.jain(a)arm.com are mm-mremap-honour-writable-bit-in-mremap-pte-batching.patch

2 weeks, 1 day

1
0
0 0

+ gcov-add-support-for-gcc-15.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: gcov: add support for GCC 15 has been added to the -mm mm-hotfixes-unstable branch. Its filename is gcov-add-support-for-gcc-15.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Peter Oberparleiter <oberpar(a)linux.ibm.com> Subject: gcov: add support for GCC 15 Date: Tue, 28 Oct 2025 12:51:25 +0100 Using gcov on kernels compiled with GCC 15 results in truncated 16-byte long .gcda files with no usable data. To fix this, update GCOV_COUNTERS to match the value defined by GCC 15. Tested with GCC 14.3.0 and GCC 15.2.0. Link: https://lkml.kernel.org/r/20251028115125.1319410-1-oberpar@linux.ibm.com Signed-off-by: Peter Oberparleiter <oberpar(a)linux.ibm.com> Reported-by: Matthieu Baerts <matttbe(a)kernel.org> Closes: https://github.com/linux-test-project/lcov/issues/445 Tested-by: Matthieu Baerts <matttbe(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- kernel/gcov/gcc_4_7.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/kernel/gcov/gcc_4_7.c~gcov-add-support-for-gcc-15 +++ a/kernel/gcov/gcc_4_7.c @@ -18,7 +18,9 @@ #include <linux/mm.h> #include "gcov.h" -#if (__GNUC__ >= 14) +#if (__GNUC__ >= 15) +#define GCOV_COUNTERS 10 +#elif (__GNUC__ >= 14) #define GCOV_COUNTERS 9 #elif (__GNUC__ >= 10) #define GCOV_COUNTERS 8 _ Patches currently in -mm which might be from oberpar(a)linux.ibm.com are gcov-add-support-for-gcc-15.patch

2 weeks, 1 day

1
0
0 0

+ s390-fix-hugetlb-vmemmap-optimization-crash.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: s390: fix HugeTLB vmemmap optimization crash has been added to the -mm mm-hotfixes-unstable branch. Its filename is s390-fix-hugetlb-vmemmap-optimization-crash.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Luiz Capitulino <luizcap(a)redhat.com> Subject: s390: fix HugeTLB vmemmap optimization crash Date: Tue, 28 Oct 2025 17:15:33 -0400 A reproducible crash occurs when enabling HugeTLB vmemmap optimization (HVO) on s390. The crash and the proposed fix were worked on an s390 KVM guest running on an older hypervisor, as I don't have access to an LPAR. However, the same issue should occur on bare-metal. Reproducer (it may take a few runs to trigger): # sysctl vm.hugetlb_optimize_vmemmap=1 # echo 1 > /proc/sys/vm/nr_hugepages # echo 0 > /proc/sys/vm/nr_hugepages Crash log: [ 52.340369] list_del corruption. prev->next should be 000000d382110008, but was 000000d7116d3880. (prev=000000d7116d3910) [ 52.340420] ------------[ cut here ]------------ [ 52.340424] kernel BUG at lib/list_debug.c:62! [ 52.340566] monitor event: 0040 ilc:2 [#1]SMP [ 52.340573] Modules linked in: ctcm fsm qeth ccwgroup zfcp scsi_transport_fc qdio dasd_fba_mod dasd_eckd_mod dasd_mod xfs ghash_s390 prng des_s390 libdes sha3_512_s390 sha3_256_s390 virtio_net virtio_blk net_failover sha_common failover dm_mirror dm_region_hash dm_log dm_mod paes_s390 crypto_engine pkey_cca pkey_ep11 zcrypt pkey_pckmo pkey aes_s390 [ 52.340606] CPU: 1 UID: 0 PID: 1672 Comm: root-rep2 Kdump: loaded Not tainted 6.18.0-rc3 #1 NONE [ 52.340610] Hardware name: IBM 3931 LA1 400 (KVM/Linux) [ 52.340611] Krnl PSW : 0704c00180000000 0000015710cda7fe (__list_del_entry_valid_or_report+0xfe/0x128) [ 52.340619] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:0 PM:0 RI:0 EA:3 [ 52.340622] Krnl GPRS: c0000000ffffefff 0000000100000027 000000000000006d 0000000000000000 [ 52.340623] 000000d7116d35d8 000000d7116d35d0 0000000000000002 000000d7116d39b0 [ 52.340625] 000000d7116d3880 000000d7116d3910 000000d7116d3910 000000d382110008 [ 52.340626] 000003ffac1ccd08 000000d7116d39b0 0000015710cda7fa 000000d7116d37d0 [ 52.340632] Krnl Code: 0000015710cda7ee: c020003e496f larl %r2,00000157114a3acc 0000015710cda7f4: c0e5ffd5280e brasl %r14,000001571077f810 #0000015710cda7fa: af000000 mc 0,0 >0000015710cda7fe: b9040029 lgr %r2,%r9 0000015710cda802: c0e5ffe5e193 brasl %r14,0000015710996b28 0000015710cda808: e34090080004 lg %r4,8(%r9) 0000015710cda80e: b9040059 lgr %r5,%r9 0000015710cda812: b9040038 lgr %r3,%r8 [ 52.340643] Call Trace: [ 52.340645] [<0000015710cda7fe>] __list_del_entry_valid_or_report+0xfe/0x128 [ 52.340649] ([<0000015710cda7fa>] __list_del_entry_valid_or_report+0xfa/0x128) [ 52.340652] [<0000015710a30b2e>] hugetlb_vmemmap_restore_folios+0x96/0x138 [ 52.340655] [<0000015710a268ac>] update_and_free_pages_bulk+0x64/0x150 [ 52.340659] [<0000015710a26f8a>] set_max_huge_pages+0x4ca/0x6f0 [ 52.340662] [<0000015710a273ba>] hugetlb_sysctl_handler_common+0xea/0x120 [ 52.340665] [<0000015710a27484>] hugetlb_sysctl_handler+0x44/0x50 [ 52.340667] [<0000015710b53ffa>] proc_sys_call_handler+0x17a/0x280 [ 52.340672] [<0000015710a90968>] vfs_write+0x2c8/0x3a0 [ 52.340676] [<0000015710a90bd2>] ksys_write+0x72/0x100 [ 52.340679] [<00000157111483a8>] __do_syscall+0x150/0x318 [ 52.340682] [<0000015711153a5e>] system_call+0x6e/0x90 [ 52.340684] Last Breaking-Event-Address: [ 52.340684] [<000001571077f85c>] _printk+0x4c/0x58 [ 52.340690] Kernel panic - not syncing: Fatal exception: panic_on_oops This issue was introduced by commit f13b83fdd996 ("hugetlb: batch TLB flushes when freeing vmemmap"). Before that change, the HVO implementation called flush_tlb_kernel_range() each time a vmemmap PMD split and remapping was performed. The mentioned commit changed this to issue a few flush_tlb_all() calls after performing all remappings. However, on s390, flush_tlb_kernel_range() expands to __tlb_flush_kernel() while flush_tlb_all() is not implemented. As a result, we went from flushing the TLB for every remapping to no flushing at all. This commit fixes this by implementing flush_tlb_all() on s390 as an alias to __tlb_flush_global(). This should cause a flush on all TLB entries on all CPUs as expected by the flush_tlb_all() semantics. Link: https://lkml.kernel.org/r/20251028211533.47694-1-luizcap@redhat.com Fixes: f13b83fdd996 ("hugetlb: batch TLB flushes when freeing vmemmap") Signed-off-by: Luiz Capitulino <luizcap(a)redhat.com> Cc: Alexander Gordeev <agordeev(a)linux.ibm.com> Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)kernel.org> Cc: Christian Borntraeger <borntraeger(a)linux.ibm.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: Gerald Schaefer <gerald.schaefer(a)linux.ibm.com> Cc: Heiko Carstens <hca(a)linux.ibm.com> Cc: Joao Martins <joao.m.martins(a)oracle.com> Cc: Mike Kravetz <mike.kravetz(a)oracle.com> Cc: Oscar Salvador <osalvador(a)suse.de> Cc: Vasily Gorbik <gor(a)linux.ibm.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- arch/s390/include/asm/tlbflush.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) --- a/arch/s390/include/asm/tlbflush.h~s390-fix-hugetlb-vmemmap-optimization-crash +++ a/arch/s390/include/asm/tlbflush.h @@ -103,9 +103,13 @@ static inline void __tlb_flush_mm_lazy(s * flush_tlb_range functions need to do the flush. */ #define flush_tlb() do { } while (0) -#define flush_tlb_all() do { } while (0) #define flush_tlb_page(vma, addr) do { } while (0) +static inline void flush_tlb_all(void) +{ + __tlb_flush_global(); +} + static inline void flush_tlb_mm(struct mm_struct *mm) { __tlb_flush_mm_lazy(mm); _ Patches currently in -mm which might be from luizcap(a)redhat.com are s390-fix-hugetlb-vmemmap-optimization-crash.patch

2 weeks, 1 day

1
0
0 0

[PATCH] video: valkyriefb: Fix reference count leak in valkyriefb_init

by Miaoqian Lin

The of_find_node_by_name() function returns a device tree node with its reference count incremented. The caller is responsible for calling of_node_put() to release this reference when done. Found via static analysis. Fixes: cc5d0189b9ba ("[PATCH] powerpc: Remove device_node addrs/n_addr") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/video/fbdev/valkyriefb.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/video/fbdev/valkyriefb.c b/drivers/video/fbdev/valkyriefb.c index 91d070ef6989..6ff059ee1694 100644 --- a/drivers/video/fbdev/valkyriefb.c +++ b/drivers/video/fbdev/valkyriefb.c @@ -329,11 +329,13 @@ static int __init valkyriefb_init(void) if (of_address_to_resource(dp, 0, &r)) { printk(KERN_ERR "can't find address for valkyrie\n"); + of_node_put(dp); return 0; } frame_buffer_phys = r.start; cmap_regs_phys = r.start + 0x304000; + of_node_put(dp); } #endif /* ppc (!CONFIG_MAC) */ -- 2.39.5 (Apple Git-154)

2 weeks, 1 day

2
1
0 0

+ codetag-debug-handle-existing-codetag_empty-in-mark_objexts_empty-for-slabobj_ext.patch added to mm-new branch

by Andrew Morton

The patch titled Subject: codetag: debug: handle existing CODETAG_EMPTY in mark_objexts_empty for slabobj_ext has been added to the -mm mm-new branch. Its filename is codetag-debug-handle-existing-codetag_empty-in-mark_objexts_empty-for-slabobj_ext.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-new branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Note, mm-new is a provisional staging ground for work-in-progress patches, and acceptance into mm-new is a notification for others take notice and to finish up reviews. Please do not hesitate to respond to review feedback and post updated versions to replace or incrementally fixup patches in mm-new. Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Hao Ge <gehao(a)kylinos.cn> Subject: codetag: debug: handle existing CODETAG_EMPTY in mark_objexts_empty for slabobj_ext Date: Mon, 27 Oct 2025 16:52:14 +0800 Even though obj_exts was created with the __GFP_NO_OBJ_EXT flag, objects in the same slab may have their extensions allocated via alloc_slab_obj_exts, and handle_failed_objexts_alloc may be called within alloc_slab_obj_exts to set their codetag to CODETAG_EMPTY. Therefore, both NULL and CODETAG_EMPTY are valid for the codetag of slabobj_ext, as we do not need to re-set it to CODETAG_EMPTY if it is already CODETAG_EMPTY. It also resolves the warning triggered when the codetag is CODETAG_EMPTY during slab freeing. This issue also occurred during our memory stress testing. The possibility of its occurrence should be as follows: When a slab allocates a slabobj_ext, the slab to which this slabobj_ext belongs may have already allocated its own slabobj_ext and called handle_failed_objexts_alloc. That is to say, the codetag of this slabobj_ext has been set to CODETAG_EMPTY. To quickly detect this WARN, I modified the code from:WARN_ON(slab_exts[offs].ref.ct) to WARN_ON(slab_exts[offs].ref.ct == 1); We then obtained this message: [21630.898561] ------------[ cut here ]------------ [21630.898596] kernel BUG at mm/slub.c:2050! [21630.898611] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP [21630.900372] Modules linked in: squashfs isofs vfio_iommu_type1 vhost_vsock vfio vhost_net vmw_vsock_virtio_transport_common vhost tap vhost_iotlb iommufd vsock binfmt_misc nfsv3 nfs_acl nfs lockd grace netfs tls rds dns_resolver tun brd overlay ntfs3 exfat btrfs blake2b_generic xor xor_neon raid6_pq loop sctp ip6_udp_tunnel udp_tunnel nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables rfkill ip_set sunrpc vfat fat joydev sg sch_fq_codel nfnetlink virtio_gpu sr_mod cdrom drm_client_lib virtio_dma_buf drm_shmem_helper drm_kms_helper drm ghash_ce backlight virtio_net virtio_blk virtio_scsi net_failover virtio_console failover virtio_mmio dm_mirror dm_region_hash dm_log dm_multipath dm_mod fuse i2c_dev virtio_pci virtio_pci_legacy_dev virtio_pci_modern_dev virtio virtio_ring autofs4 aes_neon_bs aes_ce_blk [last unloaded: hwpoison_inject] [21630.909177] CPU: 3 UID: 0 PID: 3787 Comm: kylin-process-m Kdump: loaded Tainted: G�� W�� 6.18.0-rc1+ #74 PREEMPT(voluntary) [21630.910495] Tainted: [W]=WARN [21630.910867] Hardware name: QEMU KVM Virtual Machine, BIOS unknown 2/2/2022 [21630.911625] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [21630.912392] pc : __free_slab+0x228/0x250 [21630.912868] lr : __free_slab+0x18c/0x250[21630.913334] sp : ffff8000a02f73e0 [21630.913830] x29: ffff8000a02f73e0 x28: fffffdffc43fc800 x27: ffff0000c0011c40 [21630.914677] x26: ffff0000c000cac0 x25: ffff00010fe5e5f0 x24: ffff000102199b40 [21630.915469] x23: 0000000000000003 x22: 0000000000000003 x21: ffff0000c0011c40 [21630.916259] x20: fffffdffc4086600 x19: fffffdffc43fc800 x18: 0000000000000000 [21630.917048] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 [21630.917837] x14: 0000000000000000 x13: 0000000000000000 x12: ffff70001405ee66 [21630.918640] x11: 1ffff0001405ee65 x10: ffff70001405ee65 x9 : ffff800080a295dc [21630.919442] x8 : ffff8000a02f7330 x7 : 0000000000000000 x6 : 0000000000003000 [21630.920232] x5 : 0000000024924925 x4 : 0000000000000001 x3 : 0000000000000007 [21630.921021] x2 : 0000000000001b40 x1 : 000000000000001f x0 : 0000000000000001 [21630.921810] Call trace: [21630.922130]�� __free_slab+0x228/0x250 (P) [21630.922669]�� free_slab+0x38/0x118 [21630.923079]�� free_to_partial_list+0x1d4/0x340 [21630.923591]�� __slab_free+0x24c/0x348 [21630.924024]�� ___cache_free+0xf0/0x110 [21630.924468]�� qlist_free_all+0x78/0x130 [21630.924922]�� kasan_quarantine_reduce+0x114/0x148 [21630.925525]�� __kasan_slab_alloc+0x7c/0xb0 [21630.926006]�� kmem_cache_alloc_noprof+0x164/0x5c8 [21630.926699]�� __alloc_object+0x44/0x1f8 [21630.927153]�� __create_object+0x34/0xc8 [21630.927604]�� kmemleak_alloc+0xb8/0xd8 [21630.928052]�� kmem_cache_alloc_noprof+0x368/0x5c8 [21630.928606]�� getname_flags.part.0+0xa4/0x610 [21630.929112]�� getname_flags+0x80/0xd8 [21630.929557]�� vfs_fstatat+0xc8/0xe0 [21630.929975]�� __do_sys_newfstatat+0xa0/0x100 [21630.930469]�� __arm64_sys_newfstatat+0x90/0xd8 [21630.931046]�� invoke_syscall+0xd4/0x258 [21630.931685]�� el0_svc_common.constprop.0+0xb4/0x240 [21630.932467]�� do_el0_svc+0x48/0x68 [21630.932972]�� el0_svc+0x40/0xe0 [21630.933472]�� el0t_64_sync_handler+0xa0/0xe8 [21630.934151]�� el0t_64_sync+0x1ac/0x1b0 [21630.934923] Code: aa1803e0 97ffef2b a9446bf9 17ffff9c (d4210000) [21630.936461] SMP: stopping secondary CPUs [21630.939550] Starting crashdump kernel... [21630.940108] Bye! Link: https://lkml.kernel.org/r/20251027085214.184672-1-hao.ge@linux.dev Fixes: 09c46563ff6d ("codetag: debug: introduce OBJEXTS_ALLOC_FAIL to mark failed slab_ext allocations") Signed-off-by: Hao Ge <gehao(a)kylinos.cn> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Christoph Lameter (Ampere) <cl(a)gentwo.org> Cc: David Rientjes <rientjes(a)google.com> Cc: Roman Gushchin <roman.gushchin(a)linux.dev> Cc: Shakeel Butt <shakeel.butt(a)linux.dev> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/slub.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) --- a/mm/slub.c~codetag-debug-handle-existing-codetag_empty-in-mark_objexts_empty-for-slabobj_ext +++ a/mm/slub.c @@ -2046,7 +2046,17 @@ static inline void mark_objexts_empty(st if (slab_exts) { unsigned int offs = obj_to_index(obj_exts_slab->slab_cache, obj_exts_slab, obj_exts); - /* codetag should be NULL */ + + /* + * codetag should be either NULL or CODETAG_EMPTY. + * When the same slab calls handle_failed_objexts_alloc, + * it will set us to CODETAG_EMPTY. + * + * If codetag is already CODETAG_EMPTY, no action is needed here. + */ + if (unlikely(is_codetag_empty(&slab_exts[offs].ref))) + return; + WARN_ON(slab_exts[offs].ref.ct); set_codetag_empty(&slab_exts[offs].ref); } _ Patches currently in -mm which might be from gehao(a)kylinos.cn are codetag-debug-handle-existing-codetag_empty-in-mark_objexts_empty-for-slabobj_ext.patch

2 weeks, 1 day

1
0
0 0

+ mm-mm_init-fix-hash-table-order-logging-in-alloc_large_system_hash.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/mm_init: fix hash table order logging in alloc_large_system_hash() has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-mm_init-fix-hash-table-order-logging-in-alloc_large_system_hash.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: "Isaac J. Manjarres" <isaacmanjarres(a)google.com> Subject: mm/mm_init: fix hash table order logging in alloc_large_system_hash() Date: Tue, 28 Oct 2025 12:10:12 -0700 When emitting the order of the allocation for a hash table, alloc_large_system_hash() unconditionally subtracts PAGE_SHIFT from log base 2 of the allocation size. This is not correct if the allocation size is smaller than a page, and yields a negative value for the order as seen below: TCP established hash table entries: 32 (order: -4, 256 bytes, linear) TCP bind hash table entries: 32 (order: -2, 1024 bytes, linear) Use get_order() to compute the order when emitting the hash table information to correctly handle cases where the allocation size is smaller than a page: TCP established hash table entries: 32 (order: 0, 256 bytes, linear) TCP bind hash table entries: 32 (order: 0, 1024 bytes, linear) Link: https://lkml.kernel.org/r/20251028191020.413002-1-isaacmanjarres@google.com Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Isaac J. Manjarres <isaacmanjarres(a)google.com> Cc: Mike Rapoport <rppt(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/mm_init.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/mm_init.c~mm-mm_init-fix-hash-table-order-logging-in-alloc_large_system_hash +++ a/mm/mm_init.c @@ -2469,7 +2469,7 @@ void *__init alloc_large_system_hash(con panic("Failed to allocate %s hash table\n", tablename); pr_info("%s hash table entries: %ld (order: %d, %lu bytes, %s)\n", - tablename, 1UL << log2qty, ilog2(size) - PAGE_SHIFT, size, + tablename, 1UL << log2qty, get_order(size), size, virt ? (huge ? "vmalloc hugepage" : "vmalloc") : "linear"); if (_hash_shift) _ Patches currently in -mm which might be from isaacmanjarres(a)google.com are mm-mm_init-fix-hash-table-order-logging-in-alloc_large_system_hash.patch

2 weeks, 1 day

1
0
0 0

FAILED: patch "[PATCH] x86/resctrl: Fix miscount of bandwidth event when" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 15292f1b4c55a3a7c940dbcb6cb8793871ed3d92 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102058-citadel-crinkly-125f@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 15292f1b4c55a3a7c940dbcb6cb8793871ed3d92 Mon Sep 17 00:00:00 2001 From: Babu Moger <babu.moger(a)amd.com> Date: Fri, 10 Oct 2025 12:08:35 -0500 Subject: [PATCH] x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Users can create as many monitoring groups as the number of RMIDs supported by the hardware. However, on AMD systems, only a limited number of RMIDs are guaranteed to be actively tracked by the hardware. RMIDs that exceed this limit are placed in an "Unavailable" state. When a bandwidth counter is read for such an RMID, the hardware sets MSR_IA32_QM_CTR.Unavailable (bit 62). When such an RMID starts being tracked again the hardware counter is reset to zero. MSR_IA32_QM_CTR.Unavailable remains set on first read after tracking re-starts and is clear on all subsequent reads as long as the RMID is tracked. resctrl miscounts the bandwidth events after an RMID transitions from the "Unavailable" state back to being tracked. This happens because when the hardware starts counting again after resetting the counter to zero, resctrl in turn compares the new count against the counter value stored from the previous time the RMID was tracked. This results in resctrl computing an event value that is either undercounting (when new counter is more than stored counter) or a mistaken overflow (when new counter is less than stored counter). Reset the stored value (arch_mbm_state::prev_msr) of MSR_IA32_QM_CTR to zero whenever the RMID is in the "Unavailable" state to ensure accurate counting after the RMID resets to zero when it starts to be tracked again. Example scenario that results in mistaken overflow ================================================== 1. The resctrl filesystem is mounted, and a task is assigned to a monitoring group. $mount -t resctrl resctrl /sys/fs/resctrl $mkdir /sys/fs/resctrl/mon_groups/test1/ $echo 1234 > /sys/fs/resctrl/mon_groups/test1/tasks $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes 21323 <- Total bytes on domain 0 "Unavailable" <- Total bytes on domain 1 Task is running on domain 0. Counter on domain 1 is "Unavailable". 2. The task runs on domain 0 for a while and then moves to domain 1. The counter starts incrementing on domain 1. $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes 7345357 <- Total bytes on domain 0 4545 <- Total bytes on domain 1 3. At some point, the RMID in domain 0 transitions to the "Unavailable" state because the task is no longer executing in that domain. $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes "Unavailable" <- Total bytes on domain 0 434341 <- Total bytes on domain 1 4. Since the task continues to migrate between domains, it may eventually return to domain 0. $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes 17592178699059 <- Overflow on domain 0 3232332 <- Total bytes on domain 1 In this case, the RMID on domain 0 transitions from "Unavailable" state to active state. The hardware sets MSR_IA32_QM_CTR.Unavailable (bit 62) when the counter is read and begins tracking the RMID counting from 0. Subsequent reads succeed but return a value smaller than the previously saved MSR value (7345357). Consequently, the resctrl's overflow logic is triggered, it compares the previous value (7345357) with the new, smaller value and incorrectly interprets this as a counter overflow, adding a large delta. In reality, this is a false positive: the counter did not overflow but was simply reset when the RMID transitioned from "Unavailable" back to active state. Here is the text from APM [1] available from [2]. "In PQOS Version 2.0 or higher, the MBM hardware will set the U bit on the first QM_CTR read when it begins tracking an RMID that it was not previously tracking. The U bit will be zero for all subsequent reads from that RMID while it is still tracked by the hardware. Therefore, a QM_CTR read with the U bit set when that RMID is in use by a processor can be considered 0 when calculating the difference with a subsequent read." [1] AMD64 Architecture Programmer's Manual Volume 2: System Programming Publication # 24593 Revision 3.41 section 19.3.3 Monitoring L3 Memory Bandwidth (MBM). [ bp: Split commit message into smaller paragraph chunks for better consumption. ] Fixes: 4d05bf71f157d ("x86/resctrl: Introduce AMD QOS feature") Signed-off-by: Babu Moger <babu.moger(a)amd.com> Signed-off-by: Borislav Petkov (AMD) <bp(a)alien8.de> Reviewed-by: Reinette Chatre <reinette.chatre(a)intel.com> Tested-by: Reinette Chatre <reinette.chatre(a)intel.com> Cc: stable(a)vger.kernel.org # needs adjustments for <= v6.17 Link: https://bugzilla.kernel.org/show_bug.cgi?id=206537 # [2] diff --git a/arch/x86/kernel/cpu/resctrl/monitor.c b/arch/x86/kernel/cpu/resctrl/monitor.c index c8945610d455..2cd25a0d4637 100644 --- a/arch/x86/kernel/cpu/resctrl/monitor.c +++ b/arch/x86/kernel/cpu/resctrl/monitor.c @@ -242,7 +242,9 @@ int resctrl_arch_rmid_read(struct rdt_resource *r, struct rdt_mon_domain *d, u32 unused, u32 rmid, enum resctrl_event_id eventid, u64 *val, void *ignored) { + struct rdt_hw_mon_domain *hw_dom = resctrl_to_arch_mon_dom(d); int cpu = cpumask_any(&d->hdr.cpu_mask); + struct arch_mbm_state *am; u64 msr_val; u32 prmid; int ret; @@ -251,12 +253,16 @@ int resctrl_arch_rmid_read(struct rdt_resource *r, struct rdt_mon_domain *d, prmid = logical_rmid_to_physical_rmid(cpu, rmid); ret = __rmid_read_phys(prmid, eventid, &msr_val); - if (ret) - return ret; - *val = get_corrected_val(r, d, rmid, eventid, msr_val); + if (!ret) { + *val = get_corrected_val(r, d, rmid, eventid, msr_val); + } else if (ret == -EINVAL) { + am = get_arch_mbm_state(hw_dom, rmid, eventid); + if (am) + am->prev_msr = 0; + } - return 0; + return ret; } static int __cntr_id_read(u32 cntr_id, u64 *val)

2 weeks, 1 day

2
1
0 0

[tip: x86/urgent] x86/fpu: Ensure XFD state on signal delivery

by tip-bot2 for Chang S. Bae

The following commit has been merged into the x86/urgent branch of tip: Commit-ID: 388eff894d6bc5f921e9bfff0e4b0ab2684a96e9 Gitweb: https://git.kernel.org/tip/388eff894d6bc5f921e9bfff0e4b0ab2684a96e9 Author: Chang S. Bae <chang.seok.bae(a)intel.com> AuthorDate: Mon, 09 Jun 2025 17:16:59 -07:00 Committer: Dave Hansen <dave.hansen(a)linux.intel.com> CommitterDate: Tue, 28 Oct 2025 12:10:59 -07:00 x86/fpu: Ensure XFD state on signal delivery Sean reported [1] the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70 Call Trace: <TASK> fpu__clear_user_states+0x9c/0x100 arch_do_signal_or_restart+0x142/0x210 exit_to_user_mode_loop+0x55/0x100 do_syscall_64+0x205/0x2c0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 Chao further identified [2] a reproducible scenario involving signal delivery: a non-AMX task is preempted by an AMX-enabled task which modifies the XFD MSR. When the non-AMX task resumes and reloads XSTATE with init values, a warning is triggered due to a mismatch between fpstate::xfd and the CPU's current XFD state. fpu__clear_user_states() does not currently re-synchronize the XFD state after such preemption. Invoke xfd_update_state() which detects and corrects the mismatch if there is a dynamic feature. This also benefits the sigreturn path, as fpu__restore_sig() may call fpu__clear_user_states() when the sigframe is inaccessible. [ dhansen: minor changelog munging ] Closes: https://lore.kernel.org/lkml/aDCo_SczQOUaB2rS@google.com [1] Fixes: 672365477ae8a ("x86/fpu: Update XFD state where required") Reported-by: Sean Christopherson <seanjc(a)google.com> Signed-off-by: Chang S. Bae <chang.seok.bae(a)intel.com> Signed-off-by: Dave Hansen <dave.hansen(a)linux.intel.com> Reviewed-by: Chao Gao <chao.gao(a)intel.com> Tested-by: Chao Gao <chao.gao(a)intel.com> Link: https://lore.kernel.org/all/aDWbctO%2FRfTGiCg3@intel.com [2] Cc:stable@vger.kernel.org Link: https://patch.msgid.link/20250610001700.4097-1-chang.seok.bae%40intel.com --- arch/x86/kernel/fpu/core.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c index 1f71cc1..e88eacb 100644 --- a/arch/x86/kernel/fpu/core.c +++ b/arch/x86/kernel/fpu/core.c @@ -825,6 +825,9 @@ void fpu__clear_user_states(struct fpu *fpu) !fpregs_state_valid(fpu, smp_processor_id())) os_xrstor_supervisor(fpu->fpstate); + /* Ensure XFD state is in sync before reloading XSTATE */ + xfd_update_state(fpu->fpstate); + /* Reset user states in registers. */ restore_fpregs_from_init_fpstate(XFEATURE_MASK_USER_RESTORE);

2 weeks, 1 day

1
0
0 0

FAILED: patch "[PATCH] x86/resctrl: Fix miscount of bandwidth event when" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 15292f1b4c55a3a7c940dbcb6cb8793871ed3d92 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102056-qualify-unopposed-be08@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 15292f1b4c55a3a7c940dbcb6cb8793871ed3d92 Mon Sep 17 00:00:00 2001 From: Babu Moger <babu.moger(a)amd.com> Date: Fri, 10 Oct 2025 12:08:35 -0500 Subject: [PATCH] x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Users can create as many monitoring groups as the number of RMIDs supported by the hardware. However, on AMD systems, only a limited number of RMIDs are guaranteed to be actively tracked by the hardware. RMIDs that exceed this limit are placed in an "Unavailable" state. When a bandwidth counter is read for such an RMID, the hardware sets MSR_IA32_QM_CTR.Unavailable (bit 62). When such an RMID starts being tracked again the hardware counter is reset to zero. MSR_IA32_QM_CTR.Unavailable remains set on first read after tracking re-starts and is clear on all subsequent reads as long as the RMID is tracked. resctrl miscounts the bandwidth events after an RMID transitions from the "Unavailable" state back to being tracked. This happens because when the hardware starts counting again after resetting the counter to zero, resctrl in turn compares the new count against the counter value stored from the previous time the RMID was tracked. This results in resctrl computing an event value that is either undercounting (when new counter is more than stored counter) or a mistaken overflow (when new counter is less than stored counter). Reset the stored value (arch_mbm_state::prev_msr) of MSR_IA32_QM_CTR to zero whenever the RMID is in the "Unavailable" state to ensure accurate counting after the RMID resets to zero when it starts to be tracked again. Example scenario that results in mistaken overflow ================================================== 1. The resctrl filesystem is mounted, and a task is assigned to a monitoring group. $mount -t resctrl resctrl /sys/fs/resctrl $mkdir /sys/fs/resctrl/mon_groups/test1/ $echo 1234 > /sys/fs/resctrl/mon_groups/test1/tasks $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes 21323 <- Total bytes on domain 0 "Unavailable" <- Total bytes on domain 1 Task is running on domain 0. Counter on domain 1 is "Unavailable". 2. The task runs on domain 0 for a while and then moves to domain 1. The counter starts incrementing on domain 1. $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes 7345357 <- Total bytes on domain 0 4545 <- Total bytes on domain 1 3. At some point, the RMID in domain 0 transitions to the "Unavailable" state because the task is no longer executing in that domain. $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes "Unavailable" <- Total bytes on domain 0 434341 <- Total bytes on domain 1 4. Since the task continues to migrate between domains, it may eventually return to domain 0. $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes 17592178699059 <- Overflow on domain 0 3232332 <- Total bytes on domain 1 In this case, the RMID on domain 0 transitions from "Unavailable" state to active state. The hardware sets MSR_IA32_QM_CTR.Unavailable (bit 62) when the counter is read and begins tracking the RMID counting from 0. Subsequent reads succeed but return a value smaller than the previously saved MSR value (7345357). Consequently, the resctrl's overflow logic is triggered, it compares the previous value (7345357) with the new, smaller value and incorrectly interprets this as a counter overflow, adding a large delta. In reality, this is a false positive: the counter did not overflow but was simply reset when the RMID transitioned from "Unavailable" back to active state. Here is the text from APM [1] available from [2]. "In PQOS Version 2.0 or higher, the MBM hardware will set the U bit on the first QM_CTR read when it begins tracking an RMID that it was not previously tracking. The U bit will be zero for all subsequent reads from that RMID while it is still tracked by the hardware. Therefore, a QM_CTR read with the U bit set when that RMID is in use by a processor can be considered 0 when calculating the difference with a subsequent read." [1] AMD64 Architecture Programmer's Manual Volume 2: System Programming Publication # 24593 Revision 3.41 section 19.3.3 Monitoring L3 Memory Bandwidth (MBM). [ bp: Split commit message into smaller paragraph chunks for better consumption. ] Fixes: 4d05bf71f157d ("x86/resctrl: Introduce AMD QOS feature") Signed-off-by: Babu Moger <babu.moger(a)amd.com> Signed-off-by: Borislav Petkov (AMD) <bp(a)alien8.de> Reviewed-by: Reinette Chatre <reinette.chatre(a)intel.com> Tested-by: Reinette Chatre <reinette.chatre(a)intel.com> Cc: stable(a)vger.kernel.org # needs adjustments for <= v6.17 Link: https://bugzilla.kernel.org/show_bug.cgi?id=206537 # [2] diff --git a/arch/x86/kernel/cpu/resctrl/monitor.c b/arch/x86/kernel/cpu/resctrl/monitor.c index c8945610d455..2cd25a0d4637 100644 --- a/arch/x86/kernel/cpu/resctrl/monitor.c +++ b/arch/x86/kernel/cpu/resctrl/monitor.c @@ -242,7 +242,9 @@ int resctrl_arch_rmid_read(struct rdt_resource *r, struct rdt_mon_domain *d, u32 unused, u32 rmid, enum resctrl_event_id eventid, u64 *val, void *ignored) { + struct rdt_hw_mon_domain *hw_dom = resctrl_to_arch_mon_dom(d); int cpu = cpumask_any(&d->hdr.cpu_mask); + struct arch_mbm_state *am; u64 msr_val; u32 prmid; int ret; @@ -251,12 +253,16 @@ int resctrl_arch_rmid_read(struct rdt_resource *r, struct rdt_mon_domain *d, prmid = logical_rmid_to_physical_rmid(cpu, rmid); ret = __rmid_read_phys(prmid, eventid, &msr_val); - if (ret) - return ret; - *val = get_corrected_val(r, d, rmid, eventid, msr_val); + if (!ret) { + *val = get_corrected_val(r, d, rmid, eventid, msr_val); + } else if (ret == -EINVAL) { + am = get_arch_mbm_state(hw_dom, rmid, eventid); + if (am) + am->prev_msr = 0; + } - return 0; + return ret; } static int __cntr_id_read(u32 cntr_id, u64 *val)

2 weeks, 1 day

2
1
0 0

[PATCH] media: uvcvideo: Fix support for V4L2_CTRL_FLAG_HAS_WHICH_MIN_MAX

by Ricardo Ribalda

The VIDIOC_G_EXT_CTRLS with which V4L2_CTRL_WHICH_(MIN|MAX)_VAL can only work for controls that have previously announced support for it. This patch fixes the following v4l2-compliance error: info: checking extended control 'User Controls' (0x00980001) fail: v4l2-test-controls.cpp(980): ret != EINVAL (got 13) test VIDIOC_G/S/TRY_EXT_CTRLS: FAIL Fixes: 39d2c891c96e ("media: uvcvideo: support V4L2_CTRL_WHICH_MIN/MAX_VAL") Cc: stable(a)vger.kernel.org Signed-off-by: Ricardo Ribalda <ribalda(a)chromium.org> --- drivers/media/usb/uvc/uvc_ctrl.c | 11 +++++++++-- drivers/media/usb/uvc/uvc_v4l2.c | 9 ++++++--- drivers/media/usb/uvc/uvcvideo.h | 2 +- 3 files changed, 16 insertions(+), 6 deletions(-) diff --git a/drivers/media/usb/uvc/uvc_ctrl.c b/drivers/media/usb/uvc/uvc_ctrl.c index 2905505c240c060e5034ea12d33b59d5702f2e1f..2f7d5cdd18e072a47fb5906da0f847dd449911b4 100644 --- a/drivers/media/usb/uvc/uvc_ctrl.c +++ b/drivers/media/usb/uvc/uvc_ctrl.c @@ -1432,7 +1432,7 @@ static bool uvc_ctrl_is_readable(u32 which, struct uvc_control *ctrl, * auto_exposure=1, exposure_time_absolute=251. */ int uvc_ctrl_is_accessible(struct uvc_video_chain *chain, u32 v4l2_id, - const struct v4l2_ext_controls *ctrls, + const struct v4l2_ext_controls *ctrls, u32 which, unsigned long ioctl) { struct uvc_control_mapping *master_map = NULL; @@ -1442,14 +1442,21 @@ int uvc_ctrl_is_accessible(struct uvc_video_chain *chain, u32 v4l2_id, s32 val; int ret; int i; + bool is_which_min_max = (ioctl == VIDIOC_G_EXT_CTRLS && + (which == V4L2_CTRL_WHICH_MIN_VAL || + which == V4L2_CTRL_WHICH_MAX_VAL)); if (__uvc_query_v4l2_class(chain, v4l2_id, 0) >= 0) - return -EACCES; + return is_which_min_max ? -EINVAL : -EACCES; ctrl = uvc_find_control(chain, v4l2_id, &mapping); if (!ctrl) return -EINVAL; + if ((!(ctrl->info.flags & UVC_CTRL_FLAG_GET_MAX) || + !(ctrl->info.flags & UVC_CTRL_FLAG_GET_MIN)) && is_which_min_max) + return -EINVAL; + if (ioctl == VIDIOC_G_EXT_CTRLS) return uvc_ctrl_is_readable(ctrls->which, ctrl, mapping); diff --git a/drivers/media/usb/uvc/uvc_v4l2.c b/drivers/media/usb/uvc/uvc_v4l2.c index 9e4a251eca88085a1b4e0e854370015855be92ee..d5274dc94da3c60f1f4566b307dd445f30c4f45f 100644 --- a/drivers/media/usb/uvc/uvc_v4l2.c +++ b/drivers/media/usb/uvc/uvc_v4l2.c @@ -765,6 +765,7 @@ static int uvc_ioctl_query_ext_ctrl(struct file *file, void *priv, static int uvc_ctrl_check_access(struct uvc_video_chain *chain, struct v4l2_ext_controls *ctrls, + u32 which, unsigned long ioctl) { struct v4l2_ext_control *ctrl = ctrls->controls; @@ -772,7 +773,8 @@ static int uvc_ctrl_check_access(struct uvc_video_chain *chain, int ret = 0; for (i = 0; i < ctrls->count; ++ctrl, ++i) { - ret = uvc_ctrl_is_accessible(chain, ctrl->id, ctrls, ioctl); + ret = uvc_ctrl_is_accessible(chain, ctrl->id, ctrls, which, + ioctl); if (ret) break; } @@ -806,7 +808,7 @@ static int uvc_ioctl_g_ext_ctrls(struct file *file, void *priv, which = V4L2_CTRL_WHICH_CUR_VAL; } - ret = uvc_ctrl_check_access(chain, ctrls, VIDIOC_G_EXT_CTRLS); + ret = uvc_ctrl_check_access(chain, ctrls, which, VIDIOC_G_EXT_CTRLS); if (ret < 0) return ret; @@ -840,7 +842,8 @@ static int uvc_ioctl_s_try_ext_ctrls(struct uvc_fh *handle, if (!ctrls->count) return 0; - ret = uvc_ctrl_check_access(chain, ctrls, ioctl); + ret = uvc_ctrl_check_access(chain, ctrls, V4L2_CTRL_WHICH_CUR_VAL, + ioctl); if (ret < 0) return ret; diff --git a/drivers/media/usb/uvc/uvcvideo.h b/drivers/media/usb/uvc/uvcvideo.h index ed7bad31f75ca474c1037d666d5310c78dd764df..d583425893a5f716185153a07aae9bfe20182964 100644 --- a/drivers/media/usb/uvc/uvcvideo.h +++ b/drivers/media/usb/uvc/uvcvideo.h @@ -786,7 +786,7 @@ int uvc_ctrl_get(struct uvc_video_chain *chain, u32 which, struct v4l2_ext_control *xctrl); int uvc_ctrl_set(struct uvc_fh *handle, struct v4l2_ext_control *xctrl); int uvc_ctrl_is_accessible(struct uvc_video_chain *chain, u32 v4l2_id, - const struct v4l2_ext_controls *ctrls, + const struct v4l2_ext_controls *ctrls, u32 which, unsigned long ioctl); int uvc_xu_ctrl_query(struct uvc_video_chain *chain, --- base-commit: c218ce4f98eccf5a40de64c559c52d61e9cc78ee change-id: 20251028-uvc-fix-which-c3ba1fb68ed5 Best regards, -- Ricardo Ribalda <ribalda(a)chromium.org>

2 weeks, 1 day

1
0
0 0

[PATCH AUTOSEL 6.17-5.4] ACPI: property: Return present device nodes only on fwnode interface

by Sasha Levin

From: Sakari Ailus <sakari.ailus(a)linux.intel.com> [ Upstream commit d9f866b2bb3eec38b3734f1fed325ec7c55ccdfa ] fwnode_graph_get_next_subnode() may return fwnode backed by ACPI device nodes and there has been no check these devices are present in the system, unlike there has been on fwnode OF backend. In order to provide consistent behaviour towards callers, add a check for device presence by introducing a new function acpi_get_next_present_subnode(), used as the get_next_child_node() fwnode operation that also checks device node presence. Signed-off-by: Sakari Ailus <sakari.ailus(a)linux.intel.com> Reviewed-by: Laurent Pinchart <laurent.pinchart+renesas(a)ideasonboard.com> Reviewed-by: Jonathan Cameron <jonathan.cameron(a)huawei.com> Link: https://patch.msgid.link/20251001102636.1272722-2-sakari.ailus@linux.intel.… [ rjw: Kerneldoc comment and changelog edits ] Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- LLM Generated explanations, may be completely bogus: YES – this change fixes a real behavioural bug in the ACPI fwnode backend and should go to stable. - `drivers/acpi/property.c:1375` adds `acpi_get_next_present_subnode()` so `.get_next_child_node` skips ACPI child devices whose `_STA` says they are absent (`acpi_device_is_present()`), while still returning data subnodes unchanged. - The new helper is now wired into the ACPI fwnode ops (`drivers/acpi/property.c:1731`), making generic helpers such as `fwnode_get_next_child_node()` and macros like `fwnode_for_each_child_node` (`include/linux/property.h:167`) behave the same as the OF backend, which already filtered unavailable children via `of_get_next_available_child()` (`drivers/of/property.c:1070`). - Several core helpers assume disabled endpoints never surface: e.g. `fwnode_graph_get_endpoint_by_id()` in `drivers/base/property.c:1286` promises to hide endpoints on disabled devices, and higher layers such as `v4l2_fwnode_reference_get_int_prop()` (`drivers/media/v4l2-core/v4l2-fwnode.c:1064`) iterate child nodes without rechecking availability. On ACPI systems today they still see powered-off devices, leading to asynchronous notifiers that wait forever for hardware that can’t appear, or to bogus graph enumerations. This patch closes that gap. Risk is low: it only suppresses ACPI device nodes already known to be absent, aligns behaviour with DT userspace expectations, and leaves data nodes untouched. No extra dependencies are required, so the fix is self- contained and appropriate for stable backporting. Suggest running existing ACPI graph users (media/typec drivers) after backport to confirm no regressions. drivers/acpi/property.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/drivers/acpi/property.c b/drivers/acpi/property.c index c086786fe84cb..d74678f0ba4af 100644 --- a/drivers/acpi/property.c +++ b/drivers/acpi/property.c @@ -1357,6 +1357,28 @@ struct fwnode_handle *acpi_get_next_subnode(const struct fwnode_handle *fwnode, return NULL; } +/* + * acpi_get_next_present_subnode - Return the next present child node handle + * @fwnode: Firmware node to find the next child node for. + * @child: Handle to one of the device's child nodes or a null handle. + * + * Like acpi_get_next_subnode(), but the device nodes returned by + * acpi_get_next_present_subnode() are guaranteed to be present. + * + * Returns: The fwnode handle of the next present sub-node. + */ +static struct fwnode_handle * +acpi_get_next_present_subnode(const struct fwnode_handle *fwnode, + struct fwnode_handle *child) +{ + do { + child = acpi_get_next_subnode(fwnode, child); + } while (is_acpi_device_node(child) && + !acpi_device_is_present(to_acpi_device_node(child))); + + return child; +} + /** * acpi_node_get_parent - Return parent fwnode of this fwnode * @fwnode: Firmware node whose parent to get @@ -1701,7 +1723,7 @@ static int acpi_fwnode_irq_get(const struct fwnode_handle *fwnode, .property_read_string_array = \ acpi_fwnode_property_read_string_array, \ .get_parent = acpi_node_get_parent, \ - .get_next_child_node = acpi_get_next_subnode, \ + .get_next_child_node = acpi_get_next_present_subnode, \ .get_named_child_node = acpi_fwnode_get_named_child_node, \ .get_name = acpi_fwnode_get_name, \ .get_name_prefix = acpi_fwnode_get_name_prefix, \ -- 2.51.0

2 weeks, 1 day

2
46
0 0

[PATCH] x86/fpu: Ensure XFD state on signal delivery

by Chang S. Bae

Sean reported [1] the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70 Call Trace: <TASK> fpu__clear_user_states+0x9c/0x100 arch_do_signal_or_restart+0x142/0x210 exit_to_user_mode_loop+0x55/0x100 do_syscall_64+0x205/0x2c0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 Chao further identified [2] a reproducible scenarios involving signal delivery: a non-AMX task is preempted by an AMX-enabled task which modifies the XFD MSR. When the non-AMX task resumes and reloads XSTATE with init values, a warning is triggered due to a mismatch between fpstate::xfd and the CPU's current XFD state. fpu__clear_user_states() does not currently re-synchronize the XFD state after such preemption. Invoke xfd_update_state() which detects and corrects the mismatch if the dynamic feature is enabled. This also benefits the sigreturn path, as fpu__restore_sig() may call fpu__clear_user_states() when the sigframe is inaccessible. Fixes: 672365477ae8a ("x86/fpu: Update XFD state where required") Reported-by: Sean Christopherson <seanjc(a)google.com> Closes: https://lore.kernel.org/lkml/aDCo_SczQOUaB2rS@google.com [1] Tested-by: Chao Gao <chao.gao(a)intel.com> Signed-off-by: Chang S. Bae <chang.seok.bae(a)intel.com> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/all/aDWbctO%2FRfTGiCg3@intel.com [2] --- arch/x86/kernel/fpu/core.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c index ea138583dd92..5fa782a2ae7c 100644 --- a/arch/x86/kernel/fpu/core.c +++ b/arch/x86/kernel/fpu/core.c @@ -800,6 +800,9 @@ void fpu__clear_user_states(struct fpu *fpu) !fpregs_state_valid(fpu, smp_processor_id())) os_xrstor_supervisor(fpu->fpstate); + /* Ensure XFD state is in sync before reloading XSTATE */ + xfd_update_state(fpu->fpstate); + /* Reset user states in registers. */ restore_fpregs_from_init_fpstate(XFEATURE_MASK_USER_RESTORE); -- 2.48.1

2 weeks, 1 day

3
2
0 0

[PATCH] regmap: irq: Correct documentation of wake_invert flag

by Shawn Guo

From: Shawn Guo <shawnguo(a)kernel.org> Per commit 9442490a0286 ("regmap: irq: Support wake IRQ mask inversion") the wake_invert flag is to support enable register, so cleared bits are wake disabled. Fixes: 68622bdfefb9 ("regmap: irq: document mask/wake_invert flags") Cc: stable(a)vger.kernel.org Signed-off-by: Shawn Guo <shawnguo(a)kernel.org> --- include/linux/regmap.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/regmap.h b/include/linux/regmap.h index 4e1ac1fbcec4..55343795644b 100644 --- a/include/linux/regmap.h +++ b/include/linux/regmap.h @@ -1643,7 +1643,7 @@ struct regmap_irq_chip_data; * @status_invert: Inverted status register: cleared bits are active interrupts. * @status_is_level: Status register is actuall signal level: Xor status * register with previous value to get active interrupts. - * @wake_invert: Inverted wake register: cleared bits are wake enabled. + * @wake_invert: Inverted wake register: cleared bits are wake disabled. * @type_in_mask: Use the mask registers for controlling irq type. Use this if * the hardware provides separate bits for rising/falling edge * or low/high level interrupts and they should be combined into -- 2.43.0

2 weeks, 1 day

2
3
0 0

[PATCH] ALSA: wavefront: fix buffer overflow in longname construction

by moonafterrain＠outlook.com

From: Junrui Luo <moonafterrain(a)outlook.com> The snd_wavefront_probe() function constructs the card->longname string using unsafe sprintf() calls that can overflow the 80-byte buffer when module parameters contain large values. The vulnerability exists at wavefront.c where multiple sprintf() operations append to card->longname without length checking. Fix by replacing all sprintf() calls with scnprintf() and proper length tracking to ensure writes never exceed sizeof(card->longname). Reported-by: Yuhao Jiang <danisjiang(a)gmail.com> Reported-by: Junrui Luo <moonafterrain(a)outlook.com> Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable(a)vger.kernel.org Signed-off-by: Junrui Luo <moonafterrain(a)outlook.com> --- sound/isa/wavefront/wavefront.c | 40 ++++++++++++++++++++------------- 1 file changed, 25 insertions(+), 15 deletions(-) diff --git a/sound/isa/wavefront/wavefront.c b/sound/isa/wavefront/wavefront.c index 07c68568091d..74ea3a67620c 100644 --- a/sound/isa/wavefront/wavefront.c +++ b/sound/isa/wavefront/wavefront.c @@ -343,6 +343,7 @@ snd_wavefront_probe (struct snd_card *card, int dev) struct snd_rawmidi *ics2115_external_rmidi = NULL; struct snd_hwdep *fx_processor; int hw_dev = 0, midi_dev = 0, err; + size_t len, rem; /* --------- PCM --------------- */ @@ -492,26 +493,35 @@ snd_wavefront_probe (struct snd_card *card, int dev) length restrictions */ - sprintf(card->longname, "%s PCM 0x%lx irq %d dma %d", - card->driver, - chip->port, - cs4232_pcm_irq[dev], - dma1[dev]); + len = scnprintf(card->longname, sizeof(card->longname), + "%s PCM 0x%lx irq %d dma %d", + card->driver, + chip->port, + cs4232_pcm_irq[dev], + dma1[dev]); - if (dma2[dev] >= 0 && dma2[dev] < 8) - sprintf(card->longname + strlen(card->longname), "&%d", dma2[dev]); + if (dma2[dev] >= 0 && dma2[dev] < 8 && len < sizeof(card->longname)) { + rem = sizeof(card->longname) - len; + len += scnprintf(card->longname + len, rem, "&%d", dma2[dev]); + } if (cs4232_mpu_port[dev] > 0 && cs4232_mpu_port[dev] != SNDRV_AUTO_PORT) { - sprintf (card->longname + strlen (card->longname), - " MPU-401 0x%lx irq %d", - cs4232_mpu_port[dev], - cs4232_mpu_irq[dev]); + if (len < sizeof(card->longname)) { + rem = sizeof(card->longname) - len; + len += scnprintf(card->longname + len, rem, + " MPU-401 0x%lx irq %d", + cs4232_mpu_port[dev], + cs4232_mpu_irq[dev]); + } } - sprintf (card->longname + strlen (card->longname), - " SYNTH 0x%lx irq %d", - ics2115_port[dev], - ics2115_irq[dev]); + if (len < sizeof(card->longname)) { + rem = sizeof(card->longname) - len; + scnprintf(card->longname + len, rem, + " SYNTH 0x%lx irq %d", + ics2115_port[dev], + ics2115_irq[dev]); + } return snd_card_register(card); } -- 2.51.1.dirty

2 weeks, 1 day

2
1
0 0

[PATCH] mm/mremap: Honour writable bit in mremap pte batching

by Dev Jain

Currently mremap folio pte batch ignores the writable bit during figuring out a set of similar ptes mapping the same folio. Suppose that the first pte of the batch is writable while the others are not - set_ptes will end up setting the writable bit on the other ptes, which is a violation of mremap semantics. Therefore, use FPB_RESPECT_WRITE to check the writable bit while determining the pte batch. Cc: stable(a)vger.kernel.org #6.17 Fixes: f822a9a81a31 ("mm: optimize mremap() by PTE batching") Reported-by: David Hildenbrand <david(a)redhat.com> Debugged-by: David Hildenbrand <david(a)redhat.com> Signed-off-by: Dev Jain <dev.jain(a)arm.com> --- mm-selftests pass. Based on mm-new. Need David H. to confirm whether the repro passes. mm/mremap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/mremap.c b/mm/mremap.c index a7f531c17b79..8ad06cf50783 100644 --- a/mm/mremap.c +++ b/mm/mremap.c @@ -187,7 +187,7 @@ static int mremap_folio_pte_batch(struct vm_area_struct *vma, unsigned long addr if (!folio || !folio_test_large(folio)) return 1; - return folio_pte_batch(folio, ptep, pte, max_nr); + return folio_pte_batch_flags(folio, NULL, ptep, &pte, max_nr, FPB_RESPECT_WRITE); } static int move_ptes(struct pagetable_move_control *pmc, -- 2.30.2

2 weeks, 1 day

4
3
0 0

, conoce mejor a tu candidato antes de contratar

by Valeria Pérez

Evaluaciones Psicométricas para RR.HH. body { margin: 0; padding: 0; font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #333; background-color: #ffffff; } table { border-spacing: 0; width: 100%; max-width: 600px; margin: auto; } td { padding: 12px 20px; } a { color: #1a73e8; text-decoration: none; } .footer { font-size: 12px; color: #888888; text-align: center; } Mejora tus procesos de selección con evaluaciones psicométricas fáciles y confiables. Hola, , Sabemos que encontrar al candidato ideal va más allá del currículum. Por eso quiero contarte brevemente sobre PsicoSmart, una plataforma que ayuda a equipos de RR.HH. a evaluar talento con pruebas psicométricas rápidas, confiables y fáciles de aplicar. Con PsicoSmart puedes: Aplicar evaluaciones psicométricas 100% en línea. Elegir entre más de 31 pruebas psicométricas Generar reportes automáticos, visuales y fáciles de interpretar. Comparar resultados entre candidatos en segundos. Ahorrar horas valiosas del proceso de selección. Si estás buscando mejorar tus contrataciones, te lo recomiendo muchísimo. Si quieres conocer más puedes responder este correo o simplemente contactarme, mis datos están abajo. Saludos, ----------------------------- Atte.: Valeria Pérez Ciudad de México: (55) 5018 0565 WhatsApp: +52 33 1607 2089 Si no deseas recibir más correos, haz clic aquí para darte de baja. Para remover su dirección de esta lista haga <a href="https://s1.arrobamail.com/unsuscribe.php?id=yiwtsrewisppiseup">click aquí</a>

2 weeks, 1 day

1
0
0 0

[PATCH] scsi: aic94xx: fix use-after-free in device removal path

by moonafterrain＠outlook.com

From: Junrui Luo <moonafterrain(a)outlook.com> The asd_pci_remove() function fails to synchronize with pending tasklets before freeing the asd_ha structure, leading to a potential use-after-free vulnerability. When a device removal is triggered (via hot-unplug or module unload), race condition can occur. The fix adds tasklet_kill() before freeing the asd_ha structure, ensuring all scheduled tasklets complete before cleanup proceeds. Reported-by: Yuhao Jiang <danisjiang(a)gmail.com> Reported-by: Junrui Luo <moonafterrain(a)outlook.com> Fixes: 2908d778ab3e ("[SCSI] aic94xx: new driver") Cc: stable(a)vger.kernel.org Signed-off-by: Junrui Luo <moonafterrain(a)outlook.com> --- drivers/scsi/aic94xx/aic94xx_init.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/scsi/aic94xx/aic94xx_init.c b/drivers/scsi/aic94xx/aic94xx_init.c index adf3d9145606..95f3620059f7 100644 --- a/drivers/scsi/aic94xx/aic94xx_init.c +++ b/drivers/scsi/aic94xx/aic94xx_init.c @@ -882,6 +882,9 @@ static void asd_pci_remove(struct pci_dev *dev) asd_disable_ints(asd_ha); + /* Ensure all scheduled tasklets complete before freeing resources */ + tasklet_kill(&asd_ha->seq.dl_tasklet); + asd_remove_dev_attrs(asd_ha); /* XXX more here as needed */ -- 2.51.1.dirty

2 weeks, 1 day

1
0
0 0

[PATCH] agp/uninorth: fix out-of-bounds access with negative pg_start

by moonafterrain＠outlook.com

From: Junrui Luo <moonafterrain(a)outlook.com> The uninorth_insert_memory and uninorth_remove_memory functions lack proper validation of the pg_start parameter before using it as an array index into the GATT (Graphics Address Translation Table). The current bounds check fails to reject negative pg_start values and potentially causes out-of-bounds writes. Fix by explicitly checking that pg_start is non-negative before performing bounds checking. This makes the security requirement clear and does not rely on implicit type conversion behavior. The uninorth_remove_memory function has no bounds checking at all, so add the same validation there. Reported-by: Yuhao Jiang <danisjiang(a)gmail.com> Reported-by: Junrui Luo <moonafterrain(a)outlook.com> Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable(a)vger.kernel.org Signed-off-by: Junrui Luo <moonafterrain(a)outlook.com> --- drivers/char/agp/uninorth-agp.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/drivers/char/agp/uninorth-agp.c b/drivers/char/agp/uninorth-agp.c index b8d7115b8c9e..4e0b949016f7 100644 --- a/drivers/char/agp/uninorth-agp.c +++ b/drivers/char/agp/uninorth-agp.c @@ -169,7 +169,9 @@ static int uninorth_insert_memory(struct agp_memory *mem, off_t pg_start, int ty temp = agp_bridge->current_size; num_entries = A_SIZE_32(temp)->num_entries; - if ((pg_start + mem->page_count) > num_entries) + if (pg_start < 0 || + (pg_start + mem->page_count) > num_entries || + (pg_start + mem->page_count) < pg_start) return -EINVAL; gp = (u32 *) &agp_bridge->gatt_table[pg_start]; @@ -200,6 +202,9 @@ static int uninorth_insert_memory(struct agp_memory *mem, off_t pg_start, int ty static int uninorth_remove_memory(struct agp_memory *mem, off_t pg_start, int type) { size_t i; + int num_entries; + void *temp; + u32 *gp; int mask_type; @@ -215,6 +220,14 @@ static int uninorth_remove_memory(struct agp_memory *mem, off_t pg_start, int ty if (mem->page_count == 0) return 0; + temp = agp_bridge->current_size; + num_entries = A_SIZE_32(temp)->num_entries; + + if (pg_start < 0 || + (pg_start + mem->page_count) > num_entries || + (pg_start + mem->page_count) < pg_start) + return -EINVAL; + gp = (u32 *) &agp_bridge->gatt_table[pg_start]; for (i = 0; i < mem->page_count; ++i) { gp[i] = scratch_value; -- 2.51.1.dirty

2 weeks, 1 day

1
0
0 0

FAILED: patch "[PATCH] x86/resctrl: Fix miscount of bandwidth event when" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 15292f1b4c55a3a7c940dbcb6cb8793871ed3d92 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102054-slacks-ambush-f774@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 15292f1b4c55a3a7c940dbcb6cb8793871ed3d92 Mon Sep 17 00:00:00 2001 From: Babu Moger <babu.moger(a)amd.com> Date: Fri, 10 Oct 2025 12:08:35 -0500 Subject: [PATCH] x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Users can create as many monitoring groups as the number of RMIDs supported by the hardware. However, on AMD systems, only a limited number of RMIDs are guaranteed to be actively tracked by the hardware. RMIDs that exceed this limit are placed in an "Unavailable" state. When a bandwidth counter is read for such an RMID, the hardware sets MSR_IA32_QM_CTR.Unavailable (bit 62). When such an RMID starts being tracked again the hardware counter is reset to zero. MSR_IA32_QM_CTR.Unavailable remains set on first read after tracking re-starts and is clear on all subsequent reads as long as the RMID is tracked. resctrl miscounts the bandwidth events after an RMID transitions from the "Unavailable" state back to being tracked. This happens because when the hardware starts counting again after resetting the counter to zero, resctrl in turn compares the new count against the counter value stored from the previous time the RMID was tracked. This results in resctrl computing an event value that is either undercounting (when new counter is more than stored counter) or a mistaken overflow (when new counter is less than stored counter). Reset the stored value (arch_mbm_state::prev_msr) of MSR_IA32_QM_CTR to zero whenever the RMID is in the "Unavailable" state to ensure accurate counting after the RMID resets to zero when it starts to be tracked again. Example scenario that results in mistaken overflow ================================================== 1. The resctrl filesystem is mounted, and a task is assigned to a monitoring group. $mount -t resctrl resctrl /sys/fs/resctrl $mkdir /sys/fs/resctrl/mon_groups/test1/ $echo 1234 > /sys/fs/resctrl/mon_groups/test1/tasks $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes 21323 <- Total bytes on domain 0 "Unavailable" <- Total bytes on domain 1 Task is running on domain 0. Counter on domain 1 is "Unavailable". 2. The task runs on domain 0 for a while and then moves to domain 1. The counter starts incrementing on domain 1. $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes 7345357 <- Total bytes on domain 0 4545 <- Total bytes on domain 1 3. At some point, the RMID in domain 0 transitions to the "Unavailable" state because the task is no longer executing in that domain. $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes "Unavailable" <- Total bytes on domain 0 434341 <- Total bytes on domain 1 4. Since the task continues to migrate between domains, it may eventually return to domain 0. $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes 17592178699059 <- Overflow on domain 0 3232332 <- Total bytes on domain 1 In this case, the RMID on domain 0 transitions from "Unavailable" state to active state. The hardware sets MSR_IA32_QM_CTR.Unavailable (bit 62) when the counter is read and begins tracking the RMID counting from 0. Subsequent reads succeed but return a value smaller than the previously saved MSR value (7345357). Consequently, the resctrl's overflow logic is triggered, it compares the previous value (7345357) with the new, smaller value and incorrectly interprets this as a counter overflow, adding a large delta. In reality, this is a false positive: the counter did not overflow but was simply reset when the RMID transitioned from "Unavailable" back to active state. Here is the text from APM [1] available from [2]. "In PQOS Version 2.0 or higher, the MBM hardware will set the U bit on the first QM_CTR read when it begins tracking an RMID that it was not previously tracking. The U bit will be zero for all subsequent reads from that RMID while it is still tracked by the hardware. Therefore, a QM_CTR read with the U bit set when that RMID is in use by a processor can be considered 0 when calculating the difference with a subsequent read." [1] AMD64 Architecture Programmer's Manual Volume 2: System Programming Publication # 24593 Revision 3.41 section 19.3.3 Monitoring L3 Memory Bandwidth (MBM). [ bp: Split commit message into smaller paragraph chunks for better consumption. ] Fixes: 4d05bf71f157d ("x86/resctrl: Introduce AMD QOS feature") Signed-off-by: Babu Moger <babu.moger(a)amd.com> Signed-off-by: Borislav Petkov (AMD) <bp(a)alien8.de> Reviewed-by: Reinette Chatre <reinette.chatre(a)intel.com> Tested-by: Reinette Chatre <reinette.chatre(a)intel.com> Cc: stable(a)vger.kernel.org # needs adjustments for <= v6.17 Link: https://bugzilla.kernel.org/show_bug.cgi?id=206537 # [2] diff --git a/arch/x86/kernel/cpu/resctrl/monitor.c b/arch/x86/kernel/cpu/resctrl/monitor.c index c8945610d455..2cd25a0d4637 100644 --- a/arch/x86/kernel/cpu/resctrl/monitor.c +++ b/arch/x86/kernel/cpu/resctrl/monitor.c @@ -242,7 +242,9 @@ int resctrl_arch_rmid_read(struct rdt_resource *r, struct rdt_mon_domain *d, u32 unused, u32 rmid, enum resctrl_event_id eventid, u64 *val, void *ignored) { + struct rdt_hw_mon_domain *hw_dom = resctrl_to_arch_mon_dom(d); int cpu = cpumask_any(&d->hdr.cpu_mask); + struct arch_mbm_state *am; u64 msr_val; u32 prmid; int ret; @@ -251,12 +253,16 @@ int resctrl_arch_rmid_read(struct rdt_resource *r, struct rdt_mon_domain *d, prmid = logical_rmid_to_physical_rmid(cpu, rmid); ret = __rmid_read_phys(prmid, eventid, &msr_val); - if (ret) - return ret; - *val = get_corrected_val(r, d, rmid, eventid, msr_val); + if (!ret) { + *val = get_corrected_val(r, d, rmid, eventid, msr_val); + } else if (ret == -EINVAL) { + am = get_arch_mbm_state(hw_dom, rmid, eventid); + if (am) + am->prev_msr = 0; + } - return 0; + return ret; } static int __cntr_id_read(u32 cntr_id, u64 *val)

2 weeks, 1 day

2
1
0 0

[PATCH v2] leds: leds-lp50xx: enable chip before any communication

by Christian Hitz

From: Christian Hitz <christian.hitz(a)bbv.ch> If a GPIO is used to control the chip's enable pin, it needs to be pulled high before any i2c communication is attempted. Currently, the enable GPIO handling is not correct. Assume the enable GPIO is low when the probe function is entered. In this case the device is in SHUTDOWN mode and does not react to i2c commands. During probe the following sequence happens: 1. The call to lp50xx_reset() on line 548 has no effect as i2c is not possible yet. 2. Then - on line 552 - lp50xx_enable_disable() is called. As "priv->enable_gpio“ has not yet been initialized, setting the GPIO has no effect. Also the i2c enable command is not executed as the device is still in SHUTDOWN. 3. On line 556 the call to lp50xx_probe_dt() finally parses the rest of the DT and the configured priv->enable_gpio is set up. As a result the device is still in SHUTDOWN mode and not ready for operation. Split lp50xx_enable_disable() into distinct enable and disable functions to enforce correct ordering between enable_gpio manipulations and i2c commands. Read enable_gpio configuration from DT before attempting to manipulate enable_gpio. Add delays to observe correct wait timing after manipulating enable_gpio and before any i2c communication. Fixes: 242b81170fb8 ("leds: lp50xx: Add the LP50XX family of the RGB LED driver") Cc: stable(a)vger.kernel.org Signed-off-by: Christian Hitz <christian.hitz(a)bbv.ch> --- Changes in v2: - Unconditionally reset in lp50xx_enable - Define magic numbers - Improve log message --- drivers/leds/leds-lp50xx.c | 55 +++++++++++++++++++++++++++----------- 1 file changed, 40 insertions(+), 15 deletions(-) diff --git a/drivers/leds/leds-lp50xx.c b/drivers/leds/leds-lp50xx.c index 94f8ef6b482c..d3485d814cf4 100644 --- a/drivers/leds/leds-lp50xx.c +++ b/drivers/leds/leds-lp50xx.c @@ -50,6 +50,12 @@ #define LP50XX_SW_RESET 0xff #define LP50XX_CHIP_EN BIT(6) +#define LP50XX_CHIP_DISABLE 0x00 +#define LP50XX_START_TIME_US 500 +#define LP50XX_RESET_TIME_US 3 + +#define LP50XX_EN_GPIO_LOW 0 +#define LP50XX_EN_GPIO_HIGH 1 /* There are 3 LED outputs per bank */ #define LP50XX_LEDS_PER_MODULE 3 @@ -371,19 +377,42 @@ static int lp50xx_reset(struct lp50xx *priv) return regmap_write(priv->regmap, priv->chip_info->reset_reg, LP50XX_SW_RESET); } -static int lp50xx_enable_disable(struct lp50xx *priv, int enable_disable) +static int lp50xx_enable(struct lp50xx *priv) { int ret; - ret = gpiod_direction_output(priv->enable_gpio, enable_disable); + if (priv->enable_gpio) { + ret = gpiod_direction_output(priv->enable_gpio, LP50XX_EN_GPIO_HIGH); + if (ret) + return ret; + + udelay(LP50XX_START_TIME_US); + } + + ret = lp50xx_reset(priv); if (ret) return ret; - if (enable_disable) - return regmap_write(priv->regmap, LP50XX_DEV_CFG0, LP50XX_CHIP_EN); - else - return regmap_write(priv->regmap, LP50XX_DEV_CFG0, 0); + return regmap_write(priv->regmap, LP50XX_DEV_CFG0, LP50XX_CHIP_EN); +} +static int lp50xx_disable(struct lp50xx *priv) +{ + int ret; + + ret = regmap_write(priv->regmap, LP50XX_DEV_CFG0, LP50XX_CHIP_DISABLE); + if (ret) + return ret; + + if (priv->enable_gpio) { + ret = gpiod_direction_output(priv->enable_gpio, LP50XX_EN_GPIO_LOW); + if (ret) + return ret; + + udelay(LP50XX_RESET_TIME_US); + } + + return 0; } static int lp50xx_probe_leds(struct fwnode_handle *child, struct lp50xx *priv, @@ -447,6 +476,10 @@ static int lp50xx_probe_dt(struct lp50xx *priv) return dev_err_probe(priv->dev, PTR_ERR(priv->enable_gpio), "Failed to get enable GPIO\n"); + ret = lp50xx_enable(priv); + if (ret) + return ret; + priv->regulator = devm_regulator_get(priv->dev, "vled"); if (IS_ERR(priv->regulator)) priv->regulator = NULL; @@ -547,14 +580,6 @@ static int lp50xx_probe(struct i2c_client *client) return ret; } - ret = lp50xx_reset(led); - if (ret) - return ret; - - ret = lp50xx_enable_disable(led, 1); - if (ret) - return ret; - return lp50xx_probe_dt(led); } @@ -563,7 +588,7 @@ static void lp50xx_remove(struct i2c_client *client) struct lp50xx *led = i2c_get_clientdata(client); int ret; - ret = lp50xx_enable_disable(led, 0); + ret = lp50xx_disable(led); if (ret) dev_err(led->dev, "Failed to disable chip\n"); -- 2.51.1

2 weeks, 1 day

1
0
0 0

[PATCH] iio: dac: ad3552r-hs: fix out-of-bound write in ad3552r_hs_write_data_source

by Miaoqian Lin

When simple_write_to_buffer() succeeds, it returns the number of bytes actually copied to the buffer, which may be less than the requested 'count' if the buffer size is insufficient. However, the current code incorrectly uses 'count' as the index for null termination instead of the actual bytes copied, leading to out-of-bound write. Add a check for the count and use the return value as the index. Found via static analysis. This is similar to the commit da9374819eb3 ("iio: backend: fix out-of-bound write") Fixes: b1c5d68ea66e ("iio: dac: ad3552r-hs: add support for internal ramp") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/iio/dac/ad3552r-hs.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/iio/dac/ad3552r-hs.c b/drivers/iio/dac/ad3552r-hs.c index 41b96b48ba98..a9578afa7015 100644 --- a/drivers/iio/dac/ad3552r-hs.c +++ b/drivers/iio/dac/ad3552r-hs.c @@ -549,12 +549,15 @@ static ssize_t ad3552r_hs_write_data_source(struct file *f, guard(mutex)(&st->lock); + if (count >= sizeof(buf)) + return -ENOSPC; + ret = simple_write_to_buffer(buf, sizeof(buf) - 1, ppos, userbuf, count); if (ret < 0) return ret; - buf[count] = '\0'; + buf[ret] = '\0'; ret = match_string(dbgfs_attr_source, ARRAY_SIZE(dbgfs_attr_source), buf); -- 2.39.5 (Apple Git-154)

2 weeks, 1 day

5
12
0 0

[PATCH] drm/mediatek: fix device use-after-free on unbind

by Johan Hovold

A recent change fixed device reference leaks when looking up drm platform device driver data during bind() but failed to remove a partial fix which had been added by commit 80805b62ea5b ("drm/mediatek: Fix kobject put for component sub-drivers"). This results in a reference imbalance on component bind() failures and on unbind() which could lead to a user-after-free. Make sure to only drop the references after retrieving the driver data by effectively reverting the previous partial fix. Note that holding a reference to a device does not prevent its driver data from going away so there is no point in keeping the reference. Fixes: 1f403699c40f ("drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv") Reported-by: Sjoerd Simons <sjoerd(a)collabora.com> Link: https://lore.kernel.org/r/20251003-mtk-drm-refcount-v1-1-3b3f2813b0db@colla… Cc: stable(a)vger.kernel.org Cc: Ma Ke <make24(a)iscas.ac.cn> Cc: AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/gpu/drm/mediatek/mtk_drm_drv.c | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/drivers/gpu/drm/mediatek/mtk_drm_drv.c b/drivers/gpu/drm/mediatek/mtk_drm_drv.c index 384b0510272c..a94c51a83261 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_drv.c +++ b/drivers/gpu/drm/mediatek/mtk_drm_drv.c @@ -686,10 +686,6 @@ static int mtk_drm_bind(struct device *dev) for (i = 0; i < private->data->mmsys_dev_num; i++) private->all_drm_private[i]->drm = NULL; err_put_dev: - for (i = 0; i < private->data->mmsys_dev_num; i++) { - /* For device_find_child in mtk_drm_get_all_priv() */ - put_device(private->all_drm_private[i]->dev); - } put_device(private->mutex_dev); return ret; } @@ -697,18 +693,12 @@ static int mtk_drm_bind(struct device *dev) static void mtk_drm_unbind(struct device *dev) { struct mtk_drm_private *private = dev_get_drvdata(dev); - int i; /* for multi mmsys dev, unregister drm dev in mmsys master */ if (private->drm_master) { drm_dev_unregister(private->drm); mtk_drm_kms_deinit(private->drm); drm_dev_put(private->drm); - - for (i = 0; i < private->data->mmsys_dev_num; i++) { - /* For device_find_child in mtk_drm_get_all_priv() */ - put_device(private->all_drm_private[i]->dev); - } put_device(private->mutex_dev); } private->mtk_drm_bound = false; -- 2.49.1

2 weeks, 1 day

6
6
0 0

[PATCH] drm/of: Fix device node reference leak in drm_of_panel_bridge_remove

by Miaoqian Lin

of_graph_get_remote_node() returns a device node with its reference count incremented. The caller is responsible for releasing this reference when the node is no longer needed. Add of_node_put(remote) to fix the reference leak. Found via static analysis. Fixes: c70087e8f16f ("drm/drm_of: add drm_of_panel_bridge_remove function") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- include/drm/drm_of.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/drm/drm_of.h b/include/drm/drm_of.h index 7f0256dae3f1..5940b1cd542b 100644 --- a/include/drm/drm_of.h +++ b/include/drm/drm_of.h @@ -171,6 +171,7 @@ static inline int drm_of_panel_bridge_remove(const struct device_node *np, return -ENODEV; bridge = of_drm_find_bridge(remote); + of_node_put(remote); drm_panel_bridge_remove(bridge); return 0; -- 2.39.5 (Apple Git-154)

2 weeks, 1 day

2
3
0 0

[PATCH] iio: accel: bmc150: Fix irq assumption regression

by Linus Walleij

The code in bmc150-accel-core.c unconditionally calls bmc150_accel_set_interrupt() in the iio_buffer_setup_ops, such as on the runtime PM resume path giving a kernel splat like this if the device has no interrupts: Unable to handle kernel NULL pointer dereference at virtual address 00000001 when read CPU: 0 UID: 0 PID: 393 Comm: iio-sensor-prox Not tainted 6.18.0-rc1-postmarketos-stericsson-00001-g6b43386e3737 #73 PREEMPT Hardware name: ST-Ericsson Ux5x0 platform (Device Tree Support) PC is at bmc150_accel_set_interrupt+0x98/0x194 LR is at __pm_runtime_resume+0x5c/0x64 (...) Call trace: bmc150_accel_set_interrupt from bmc150_accel_buffer_postenable+0x40/0x108 bmc150_accel_buffer_postenable from __iio_update_buffers+0xbe0/0xcbc __iio_update_buffers from enable_store+0x84/0xc8 enable_store from kernfs_fop_write_iter+0x154/0x1b4 kernfs_fop_write_iter from do_iter_readv_writev+0x178/0x1e4 do_iter_readv_writev from vfs_writev+0x158/0x3f4 vfs_writev from do_writev+0x74/0xe4 do_writev from __sys_trace_return+0x0/0x10 This bug seems to have been in the driver since the beginning, but it only manifests recently, I do not know why. Cc: stable(a)vger.kernel.org Signed-off-by: Linus Walleij <linus.walleij(a)linaro.org> --- drivers/iio/accel/bmc150-accel-core.c | 5 +++++ drivers/iio/accel/bmc150-accel.h | 1 + 2 files changed, 6 insertions(+) diff --git a/drivers/iio/accel/bmc150-accel-core.c b/drivers/iio/accel/bmc150-accel-core.c index 3c5d1560b163..f4421a3b0ef2 100644 --- a/drivers/iio/accel/bmc150-accel-core.c +++ b/drivers/iio/accel/bmc150-accel-core.c @@ -523,6 +523,10 @@ static int bmc150_accel_set_interrupt(struct bmc150_accel_data *data, int i, const struct bmc150_accel_interrupt_info *info = intr->info; int ret; + /* We do not always have an IRQ */ + if (!data->has_irq) + return 0; + if (state) { if (atomic_inc_return(&intr->users) > 1) return 0; @@ -1696,6 +1700,7 @@ int bmc150_accel_core_probe(struct device *dev, struct regmap *regmap, int irq, } if (irq > 0) { + data->has_irq = true; ret = devm_request_threaded_irq(dev, irq, bmc150_accel_irq_handler, bmc150_accel_irq_thread_handler, diff --git a/drivers/iio/accel/bmc150-accel.h b/drivers/iio/accel/bmc150-accel.h index 7a7baf52e595..6e9bb69a1fd4 100644 --- a/drivers/iio/accel/bmc150-accel.h +++ b/drivers/iio/accel/bmc150-accel.h @@ -59,6 +59,7 @@ enum bmc150_accel_trigger_id { struct bmc150_accel_data { struct regmap *regmap; struct regulator_bulk_data regulators[2]; + bool has_irq; struct bmc150_accel_interrupt interrupts[BMC150_ACCEL_INTERRUPTS]; struct bmc150_accel_trigger triggers[BMC150_ACCEL_TRIGGERS]; struct mutex mutex; --- base-commit: 3a8660878839faadb4f1a6dd72c3179c1df56787 change-id: 20251027-fix-bmc150-7e568122b265 Best regards, -- Linus Walleij <linus.walleij(a)linaro.org>

2 weeks, 1 day

2
4
0 0

[PATCH 5.10] ipv6: sr: Fix MAC comparison to be constant-time

by Andrey Troshin

From: Eric Biggers <ebiggers(a)kernel.org> commit a458b2902115b26a25d67393b12ddd57d1216aaa upstream. To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this. Fixes: bf355b8d2c30 ("ipv6: sr: add core files for SR HMAC support") Cc: stable(a)vger.kernel.org Signed-off-by: Eric Biggers <ebiggers(a)kernel.org> Reviewed-by: Andrea Mayer <andrea.mayer(a)uniroma2.it> Link: https://patch.msgid.link/20250818202724.15713-1-ebiggers@kernel.org Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> [Andrey Troshin: backport fix for 5.10] Signed-off-by: Andrey Troshin <drtrosh(a)yandex-team.ru> --- Backport fix for CVE-2025-39702 Link: https://nvd.nist.gov/vuln/detail/CVE-2025-39702 --- net/ipv6/seg6_hmac.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/ipv6/seg6_hmac.c b/net/ipv6/seg6_hmac.c index 4a3f7bb027ed..8bb7f94cba1e 100644 --- a/net/ipv6/seg6_hmac.c +++ b/net/ipv6/seg6_hmac.c @@ -35,6 +35,7 @@ #include <net/xfrm.h> #include <crypto/hash.h> +#include <crypto/algapi.h> #include <crypto/sha.h> #include <net/seg6.h> #include <net/genetlink.h> @@ -270,7 +271,7 @@ bool seg6_hmac_validate_skb(struct sk_buff *skb) if (seg6_hmac_compute(hinfo, srh, &ipv6_hdr(skb)->saddr, hmac_output)) return false; - if (memcmp(hmac_output, tlv->hmac, SEG6_HMAC_FIELD_LEN) != 0) + if (crypto_memneq(hmac_output, tlv->hmac, SEG6_HMAC_FIELD_LEN)) return false; return true; -- 2.34.1

2 weeks, 1 day

1
0
0 0

[PATCH 2/2] ext4: fix string copying in parse_apply_sb_mount_options()

by Fedor Pchelkin

strscpy_pad() can't be used to copy a possibly non-NUL-term string into a NUL-term string. Commit 0efc5990bca5 ("string.h: Introduce memtostr() and memtostr_pad()") provides additional information in that regard. So if this happens, the following warning is observed: strnlen: detected buffer overflow: 65 byte read of buffer size 64 WARNING: CPU: 0 PID: 28655 at lib/string_helpers.c:1032 __fortify_report+0x96/0xc0 lib/string_helpers.c:1032 Modules linked in: CPU: 0 UID: 0 PID: 28655 Comm: syz-executor.3 Not tainted 6.12.54-syzkaller-00144-g5f0270f1ba00 #0 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:__fortify_report+0x96/0xc0 lib/string_helpers.c:1032 Call Trace: <TASK> __fortify_panic+0x1f/0x30 lib/string_helpers.c:1039 strnlen include/linux/fortify-string.h:235 [inline] sized_strscpy include/linux/fortify-string.h:309 [inline] parse_apply_sb_mount_options fs/ext4/super.c:2504 [inline] __ext4_fill_super fs/ext4/super.c:5261 [inline] ext4_fill_super+0x3c35/0xad00 fs/ext4/super.c:5706 get_tree_bdev_flags+0x387/0x620 fs/super.c:1636 vfs_get_tree+0x93/0x380 fs/super.c:1814 do_new_mount fs/namespace.c:3553 [inline] path_mount+0x6ae/0x1f70 fs/namespace.c:3880 do_mount fs/namespace.c:3893 [inline] __do_sys_mount fs/namespace.c:4103 [inline] __se_sys_mount fs/namespace.c:4080 [inline] __x64_sys_mount+0x280/0x300 fs/namespace.c:4080 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x64/0x140 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x76/0x7e Since s_es->s_mount_opts might be non-NUL-term, annotate it with __nonstring and use the proper memtostr_pad() routine to get its NULL-term copy. Found by Linux Verification Center (linuxtesting.org) with Syzkaller. Fixes: 8ecb790ea8c3 ("ext4: avoid potential buffer over-read in parse_apply_sb_mount_options()") Cc: stable(a)vger.kernel.org Signed-off-by: Fedor Pchelkin <pchelkin(a)ispras.ru> --- fs/ext4/ext4.h | 2 +- fs/ext4/super.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index 57087da6c7be..4c8698316457 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -1429,7 +1429,7 @@ struct ext4_super_block { __le64 s_last_error_block; /* block involved of last error */ __u8 s_last_error_func[32] __nonstring; /* function where the error happened */ #define EXT4_S_ERR_END offsetof(struct ext4_super_block, s_mount_opts) - __u8 s_mount_opts[64]; + __u8 s_mount_opts[64] __nonstring; __le32 s_usr_quota_inum; /* inode for tracking user quota */ __le32 s_grp_quota_inum; /* inode for tracking group quota */ __le32 s_overhead_clusters; /* overhead blocks/clusters in fs */ diff --git a/fs/ext4/super.c b/fs/ext4/super.c index 33e7c08c9529..57df129873e3 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -2483,7 +2483,7 @@ static int parse_apply_sb_mount_options(struct super_block *sb, if (!sbi->s_es->s_mount_opts[0]) return 0; - strscpy_pad(s_mount_opts, sbi->s_es->s_mount_opts); + memtostr_pad(s_mount_opts, sbi->s_es->s_mount_opts); fc = kzalloc(sizeof(struct fs_context), GFP_KERNEL); if (!fc) -- 2.51.0

2 weeks, 1 day

1
1
0 0

[PATCH] iommu/of: Fix device node reference leak in of_iommu_get_resv_regions

by Miaoqian Lin

In of_iommu_get_resv_regions(), of_find_node_by_phandle() returns a device node with its reference count incremented. The caller is responsible for releasing this reference when the node is no longer needed. Add a call to of_node_put() to release the reference after the usage. Found via static analysis. Fixes: a5bf3cfce8cb ("iommu: Implement of_iommu_get_resv_regions()") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/iommu/of_iommu.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/iommu/of_iommu.c b/drivers/iommu/of_iommu.c index 6b989a62def2..02448da8ff90 100644 --- a/drivers/iommu/of_iommu.c +++ b/drivers/iommu/of_iommu.c @@ -256,6 +256,7 @@ void of_iommu_get_resv_regions(struct device *dev, struct list_head *list) maps = of_translate_dma_region(np, maps, &iova, &length); if (length == 0) { dev_warn(dev, "Cannot reserve IOVA region of 0 size\n"); + of_node_put(np); continue; } type = iommu_resv_region_get_type(dev, &phys, iova, length); @@ -265,6 +266,7 @@ void of_iommu_get_resv_regions(struct device *dev, struct list_head *list) if (region) list_add_tail(&region->list, list); } + of_node_put(np); } } #endif -- 2.39.5 (Apple Git-154)

2 weeks, 1 day

3
2
0 0

[PATCH AUTOSEL 6.17-6.1] spi: intel-pci: Add support for Intel Wildcat Lake SPI serial flash

by Sasha Levin

From: Mika Westerberg <mika.westerberg(a)linux.intel.com> [ Upstream commit f7e37affbc9085f2b77ccb6596521a44eabf7505 ] Add Intel Wildcat Lake SPI serial flash PCI ID to the list of supported devices. Signed-off-by: Mika Westerberg <mika.westerberg(a)linux.intel.com> Link: https://patch.msgid.link/20251020145415.3377022-4-mika.westerberg@linux.int… Signed-off-by: Mark Brown <broonie(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- LLM Generated explanations, may be completely bogus: ## BACKPORT ANALYSIS COMPLETE **Backport Status: YES** --- ## DETAILED ANALYSIS ### 1. COMMIT CHARACTERIZATION **Type**: Hardware enablement (PCI device ID addition) **Code Changes**: - Single line addition to `drivers/spi/spi-intel-pci.c` - Adds PCI device ID `0x4d23` (Intel Wildcat Lake SPI serial flash) - Maps to existing `cnl_info` configuration structure - No behavioral changes to existing code paths ### 2. SEMANTIC CODE ANALYSIS FINDINGS #### Tools Used: - **Read**: Examined the complete file structure (drivers/spi/spi-intel- pci.c:68-99) - **Grep**: Located PCI device table usage and MODULE_DEVICE_TABLE macro - **Git analysis**: Reviewed commit history and backport precedents #### Impact Scope Analysis: - **Direct impact**: Only affects systems with PCI ID 0x4d23 (Wildcat Lake hardware) - **Caller analysis**: The PCI device table is used by the kernel's PCI subsystem for automatic device-driver matching - **Dependency analysis**: Uses `cnl_info` structure (drivers/spi/spi- intel-pci.c:38-41), which has existed since 2022 - **Risk assessment**: Zero risk to existing hardware - new entry only triggers on matching PCI ID ### 3. BACKPORT PRECEDENT (Strong Evidence) I found multiple similar commits that **WERE backported** to stable trees: **Example 1 - Lunar Lake-M** (commit ec33549be99fe): ``` commit ec33549be99fe25c6927c8b3d6ed13918b27656e Author: Mika Westerberg <mika.westerberg(a)linux.intel.com> Commit: Sasha Levin <sashal(a)kernel.org> [STABLE MAINTAINER] spi: intel-pci: Add support for Lunar Lake-M SPI serial flash [ Upstream commit 8f44e3808200c1434c26ef459722f88f48b306df ] ``` **Example 2 - Granite Rapids** (commit 60446b5e74865): ``` commit 60446b5e74865acff1af5f2d89d99551c8e6e2c1 Author: Mika Westerberg <mika.westerberg(a)linux.intel.com> Commit: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> [STABLE MAINTAINER] spi: intel-pci: Add support for Granite Rapids SPI serial flash [ Upstream commit 9855d60cfc720ff32355484c119acafd3c4dc806 ] ``` **Key Finding**: Both commits were backported to stable trees by stable maintainers (Sasha Levin, Greg Kroah-Hartman) **despite having NO explicit stable tags** in the original commits. ### 4. STABLE TREE COMPLIANCE **Positive Factors**: - ✅ Fixes a real user problem (Wildcat Lake users cannot access SPI flash on stable kernels) - ✅ Extremely low risk (single line, static table entry) - ✅ No architectural changes - ✅ No dependencies on unreleased features - ✅ Follows established backporting pattern for PCI ID additions - ✅ "Obviously correct" - uses tested configuration from 20+ other Intel platforms **Considerations**: - ⚠️ Technically a "new feature" (new hardware support) - ✅ However, PCI ID additions are a **special exception** routinely accepted by stable maintainers - ✅ Hardware enablement is considered "fixing" missing support for existing hardware ### 5. DEPENDENCY VERIFICATION - **cnl_info structure**: Present since 2022, exists in all stable kernels that would receive this backport - **PCI_VDEVICE macro**: Standard kernel infrastructure - **intel_spi_probe()**: Core function, no recent changes that would conflict - **Clean backport**: No conflicts expected with any stable kernel version ### 6. RISK ANALYSIS **Regression Risk**: **MINIMAL** - Only triggered when PCI ID 0x4d23 is detected - No effect on systems without Wildcat Lake hardware - Uses well-tested code path (cnl_info shared with 20+ other platforms) - No user-space API changes **Testing Coverage**: - Same code path used by numerous Intel platforms (Ice Lake, Tiger Lake, Alder Lake, etc.) - Configuration structure (cnl_info) battle-tested across multiple generations ### 7. COMMIT MESSAGE ANALYSIS The commit message is: - ✅ Clear and descriptive - ✅ Identifies specific hardware (Intel Wildcat Lake) - ✅ Consistent with previous similar commits - ❌ No "Fixes:" tag (not applicable - this is new hardware support) - ❌ No "Cc: stable(a)vger.kernel.org" tag (but precedent shows this doesn't prevent backporting) --- ## RECOMMENDATION **YES - This commit SHOULD be backported to stable kernel trees** ### Rationale: 1. **Strong precedent**: Multiple similar PCI ID additions for Intel platforms (Lunar Lake, Granite Rapids, Arrow Lake) have been backported to stable trees by stable maintainers 2. **User benefit**: Enables critical SPI flash functionality for Wildcat Lake hardware owners running stable kernels 3. **Minimal risk**: Single-line change to static table with no impact on existing hardware 4. **Well-established pattern**: PCI ID additions for hardware enablement are routinely accepted for stable backports as they "fix" missing hardware support 5. **Clean backport**: No dependencies or conflicts expected ### Target Stable Trees: - All currently maintained stable kernels (6.17.x, 6.16.x, 6.15.x, etc.) - The commit is from v6.18-rc3, so it would benefit users on any stable kernel before 6.18 drivers/spi/spi-intel-pci.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/spi/spi-intel-pci.c b/drivers/spi/spi-intel-pci.c index 4b63cb98df9cc..4bb158a23349e 100644 --- a/drivers/spi/spi-intel-pci.c +++ b/drivers/spi/spi-intel-pci.c @@ -75,6 +75,7 @@ static const struct pci_device_id intel_spi_pci_ids[] = { { PCI_VDEVICE(INTEL, 0x38a4), (unsigned long)&bxt_info }, { PCI_VDEVICE(INTEL, 0x43a4), (unsigned long)&cnl_info }, { PCI_VDEVICE(INTEL, 0x4b24), (unsigned long)&bxt_info }, + { PCI_VDEVICE(INTEL, 0x4d23), (unsigned long)&cnl_info }, { PCI_VDEVICE(INTEL, 0x4da4), (unsigned long)&bxt_info }, { PCI_VDEVICE(INTEL, 0x51a4), (unsigned long)&cnl_info }, { PCI_VDEVICE(INTEL, 0x54a4), (unsigned long)&cnl_info }, -- 2.51.0

2 weeks, 1 day

1
8
0 0

[PATCH] net: phy: motorcomm: Fix the issue in the code regarding the incorrect use of time units

by Yi Cong

From: Yi Cong <yicong(a)kylinos.cn> Currently, NS (nanoseconds) is being used, but according to the datasheet, the correct unit should be PS (picoseconds). Fixes: 4869a146cd60 ("net: phy: Add BIT macro for Motorcomm yt8521/yt8531 gigabit ethernet phy") Cc: stable(a)vger.kernel.org Signed-off-by: Yi Cong <yicong(a)kylinos.cn> --- drivers/net/phy/motorcomm.c | 102 ++++++++++++++++++------------------ 1 file changed, 51 insertions(+), 51 deletions(-) diff --git a/drivers/net/phy/motorcomm.c b/drivers/net/phy/motorcomm.c index a3593e663059..81491c71e75b 100644 --- a/drivers/net/phy/motorcomm.c +++ b/drivers/net/phy/motorcomm.c @@ -171,7 +171,7 @@ * 1b1 enable 1.9ns rxc clock delay */ #define YT8521_CCR_RXC_DLY_EN BIT(8) -#define YT8521_CCR_RXC_DLY_1_900_NS 1900 +#define YT8521_CCR_RXC_DLY_1_900_PS 1900 #define YT8521_CCR_MODE_SEL_MASK (BIT(2) | BIT(1) | BIT(0)) #define YT8521_CCR_MODE_UTP_TO_RGMII 0 @@ -196,22 +196,22 @@ #define YT8521_RC1R_RX_DELAY_MASK GENMASK(13, 10) #define YT8521_RC1R_FE_TX_DELAY_MASK GENMASK(7, 4) #define YT8521_RC1R_GE_TX_DELAY_MASK GENMASK(3, 0) -#define YT8521_RC1R_RGMII_0_000_NS 0 -#define YT8521_RC1R_RGMII_0_150_NS 1 -#define YT8521_RC1R_RGMII_0_300_NS 2 -#define YT8521_RC1R_RGMII_0_450_NS 3 -#define YT8521_RC1R_RGMII_0_600_NS 4 -#define YT8521_RC1R_RGMII_0_750_NS 5 -#define YT8521_RC1R_RGMII_0_900_NS 6 -#define YT8521_RC1R_RGMII_1_050_NS 7 -#define YT8521_RC1R_RGMII_1_200_NS 8 -#define YT8521_RC1R_RGMII_1_350_NS 9 -#define YT8521_RC1R_RGMII_1_500_NS 10 -#define YT8521_RC1R_RGMII_1_650_NS 11 -#define YT8521_RC1R_RGMII_1_800_NS 12 -#define YT8521_RC1R_RGMII_1_950_NS 13 -#define YT8521_RC1R_RGMII_2_100_NS 14 -#define YT8521_RC1R_RGMII_2_250_NS 15 +#define YT8521_RC1R_RGMII_0_000_PS 0 +#define YT8521_RC1R_RGMII_0_150_PS 1 +#define YT8521_RC1R_RGMII_0_300_PS 2 +#define YT8521_RC1R_RGMII_0_450_PS 3 +#define YT8521_RC1R_RGMII_0_600_PS 4 +#define YT8521_RC1R_RGMII_0_750_PS 5 +#define YT8521_RC1R_RGMII_0_900_PS 6 +#define YT8521_RC1R_RGMII_1_050_PS 7 +#define YT8521_RC1R_RGMII_1_200_PS 8 +#define YT8521_RC1R_RGMII_1_350_PS 9 +#define YT8521_RC1R_RGMII_1_500_PS 10 +#define YT8521_RC1R_RGMII_1_650_PS 11 +#define YT8521_RC1R_RGMII_1_800_PS 12 +#define YT8521_RC1R_RGMII_1_950_PS 13 +#define YT8521_RC1R_RGMII_2_100_PS 14 +#define YT8521_RC1R_RGMII_2_250_PS 15 /* LED CONFIG */ #define YT8521_MAX_LEDS 3 @@ -800,40 +800,40 @@ struct ytphy_cfg_reg_map { static const struct ytphy_cfg_reg_map ytphy_rgmii_delays[] = { /* for tx delay / rx delay with YT8521_CCR_RXC_DLY_EN is not set. */ - { 0, YT8521_RC1R_RGMII_0_000_NS }, - { 150, YT8521_RC1R_RGMII_0_150_NS }, - { 300, YT8521_RC1R_RGMII_0_300_NS }, - { 450, YT8521_RC1R_RGMII_0_450_NS }, - { 600, YT8521_RC1R_RGMII_0_600_NS }, - { 750, YT8521_RC1R_RGMII_0_750_NS }, - { 900, YT8521_RC1R_RGMII_0_900_NS }, - { 1050, YT8521_RC1R_RGMII_1_050_NS }, - { 1200, YT8521_RC1R_RGMII_1_200_NS }, - { 1350, YT8521_RC1R_RGMII_1_350_NS }, - { 1500, YT8521_RC1R_RGMII_1_500_NS }, - { 1650, YT8521_RC1R_RGMII_1_650_NS }, - { 1800, YT8521_RC1R_RGMII_1_800_NS }, - { 1950, YT8521_RC1R_RGMII_1_950_NS }, /* default tx/rx delay */ - { 2100, YT8521_RC1R_RGMII_2_100_NS }, - { 2250, YT8521_RC1R_RGMII_2_250_NS }, + { 0, YT8521_RC1R_RGMII_0_000_PS }, + { 150, YT8521_RC1R_RGMII_0_150_PS }, + { 300, YT8521_RC1R_RGMII_0_300_PS }, + { 450, YT8521_RC1R_RGMII_0_450_PS }, + { 600, YT8521_RC1R_RGMII_0_600_PS }, + { 750, YT8521_RC1R_RGMII_0_750_PS }, + { 900, YT8521_RC1R_RGMII_0_900_PS }, + { 1050, YT8521_RC1R_RGMII_1_050_PS }, + { 1200, YT8521_RC1R_RGMII_1_200_PS }, + { 1350, YT8521_RC1R_RGMII_1_350_PS }, + { 1500, YT8521_RC1R_RGMII_1_500_PS }, + { 1650, YT8521_RC1R_RGMII_1_650_PS }, + { 1800, YT8521_RC1R_RGMII_1_800_PS }, + { 1950, YT8521_RC1R_RGMII_1_950_PS }, /* default tx/rx delay */ + { 2100, YT8521_RC1R_RGMII_2_100_PS }, + { 2250, YT8521_RC1R_RGMII_2_250_PS }, /* only for rx delay with YT8521_CCR_RXC_DLY_EN is set. */ - { 0 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_000_NS }, - { 150 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_150_NS }, - { 300 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_300_NS }, - { 450 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_450_NS }, - { 600 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_600_NS }, - { 750 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_750_NS }, - { 900 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_900_NS }, - { 1050 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_050_NS }, - { 1200 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_200_NS }, - { 1350 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_350_NS }, - { 1500 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_500_NS }, - { 1650 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_650_NS }, - { 1800 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_800_NS }, - { 1950 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_950_NS }, - { 2100 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_2_100_NS }, - { 2250 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_2_250_NS } + { 0 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_000_PS }, + { 150 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_150_PS }, + { 300 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_300_PS }, + { 450 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_450_PS }, + { 600 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_600_PS }, + { 750 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_750_PS }, + { 900 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_900_PS }, + { 1050 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_050_PS }, + { 1200 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_200_PS }, + { 1350 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_350_PS }, + { 1500 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_500_PS }, + { 1650 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_650_PS }, + { 1800 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_800_PS }, + { 1950 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_950_PS }, + { 2100 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_2_100_PS }, + { 2250 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_2_250_PS } }; static u32 ytphy_get_delay_reg_value(struct phy_device *phydev, @@ -890,10 +890,10 @@ static int ytphy_rgmii_clk_delay_config(struct phy_device *phydev) rx_reg = ytphy_get_delay_reg_value(phydev, "rx-internal-delay-ps", ytphy_rgmii_delays, tb_size, &rxc_dly_en, - YT8521_RC1R_RGMII_1_950_NS); + YT8521_RC1R_RGMII_1_950_PS); tx_reg = ytphy_get_delay_reg_value(phydev, "tx-internal-delay-ps", ytphy_rgmii_delays, tb_size, NULL, - YT8521_RC1R_RGMII_1_950_NS); + YT8521_RC1R_RGMII_1_950_PS); switch (phydev->interface) { case PHY_INTERFACE_MODE_RGMII: -- 2.25.1

2 weeks, 1 day

3
5
0 0

[PATCH] thermal: thermal_of: Fix device node reference leak in thermal_of_cm_lookup

by Miaoqian Lin

In thermal_of_cm_lookup(), of_parse_phandle() returns a device node with its reference count incremented. The caller is responsible for releasing this reference when the node is no longer needed. Add of_node_put(tr_np) to fix the reference leaks. Found via static analysis. Fixes: 3fd6d6e2b4e8 ("thermal/of: Rework the thermal device tree initialization") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/thermal/thermal_of.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/thermal/thermal_of.c b/drivers/thermal/thermal_of.c index 1a51a4d240ff..2bb1b8e471cf 100644 --- a/drivers/thermal/thermal_of.c +++ b/drivers/thermal/thermal_of.c @@ -284,8 +284,11 @@ static bool thermal_of_cm_lookup(struct device_node *cm_np, int count, i; tr_np = of_parse_phandle(child, "trip", 0); - if (tr_np != trip->priv) + if (tr_np != trip->priv) { + of_node_put(tr_np); continue; + } + of_node_put(tr_np); /* The trip has been found, look up the cdev. */ count = of_count_phandle_with_args(child, "cooling-device", -- 2.39.5 (Apple Git-154)

2 weeks, 1 day

2
1
0 0

[PATCH] gcov: Add support for GCC 15

by Peter Oberparleiter

Using gcov on kernels compiled with GCC 15 results in truncated 16-byte long .gcda files with no usable data. To fix this, update GCOV_COUNTERS to match the value defined by GCC 15. Tested with GCC 14.3.0 and GCC 15.2.0. Reported-by: Matthieu Baerts <matttbe(a)kernel.org> Closes: https://github.com/linux-test-project/lcov/issues/445 Tested-by: Matthieu Baerts <matttbe(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Peter Oberparleiter <oberpar(a)linux.ibm.com> --- kernel/gcov/gcc_4_7.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/kernel/gcov/gcc_4_7.c b/kernel/gcov/gcc_4_7.c index a08cc076f332..ffde93d051a4 100644 --- a/kernel/gcov/gcc_4_7.c +++ b/kernel/gcov/gcc_4_7.c @@ -18,7 +18,9 @@ #include <linux/mm.h> #include "gcov.h" -#if (__GNUC__ >= 14) +#if (__GNUC__ >= 15) +#define GCOV_COUNTERS 10 +#elif (__GNUC__ >= 14) #define GCOV_COUNTERS 9 #elif (__GNUC__ >= 10) #define GCOV_COUNTERS 8 -- 2.48.1

2 weeks, 1 day

1
0
0 0

[PATCH 05/25] media: i2c: ov01a10: Fix passing stream instead of pad to v4l2_subdev_state_get_format()

by Hans de Goede

The 2 argument version of v4l2_subdev_state_get_format() takes the pad as second argument, not the stream. Fixes: bc0e8d91feec ("media: v4l: subdev: Switch to stream-aware state functions") Cc: stable(a)vger.kernel.org Signed-off-by: Hans de Goede <hansg(a)kernel.org> --- Note the problem pre-exists the Fixes: commit but backporting further will require manual backports and seems unnecessary. --- drivers/media/i2c/ov01a10.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/media/i2c/ov01a10.c b/drivers/media/i2c/ov01a10.c index f92867f542f0..0405ec7c75fd 100644 --- a/drivers/media/i2c/ov01a10.c +++ b/drivers/media/i2c/ov01a10.c @@ -731,7 +731,7 @@ static int ov01a10_set_format(struct v4l2_subdev *sd, h_blank); } - format = v4l2_subdev_state_get_format(sd_state, fmt->stream); + format = v4l2_subdev_state_get_format(sd_state, fmt->pad); *format = fmt->format; return 0; -- 2.51.0

2 weeks, 1 day

2
1
0 0

[PATCH 04/25] media: i2c: ov01a10: Add missing v4l2_subdev_cleanup() calls

by Hans de Goede

Add missing v4l2_subdev_cleanup() calls to cleanup after v4l2_subdev_init_finalize(). Fixes: 0827b58dabff ("media: i2c: add ov01a10 image sensor driver") Cc: stable(a)vger.kernel.org Signed-off-by: Hans de Goede <hansg(a)kernel.org> --- drivers/media/i2c/ov01a10.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/media/i2c/ov01a10.c b/drivers/media/i2c/ov01a10.c index 95d6a0f046a0..f92867f542f0 100644 --- a/drivers/media/i2c/ov01a10.c +++ b/drivers/media/i2c/ov01a10.c @@ -864,6 +864,7 @@ static void ov01a10_remove(struct i2c_client *client) struct v4l2_subdev *sd = i2c_get_clientdata(client); v4l2_async_unregister_subdev(sd); + v4l2_subdev_cleanup(sd); media_entity_cleanup(&sd->entity); v4l2_ctrl_handler_free(sd->ctrl_handler); @@ -934,6 +935,7 @@ static int ov01a10_probe(struct i2c_client *client) err_pm_disable: pm_runtime_disable(dev); pm_runtime_set_suspended(&client->dev); + v4l2_subdev_cleanup(&ov01a10->sd); err_media_entity_cleanup: media_entity_cleanup(&ov01a10->sd.entity); -- 2.51.0

2 weeks, 1 day

3
3
0 0

[PATCH wireless v4 1/4] wifi: cfg80211: add an hrtimer based delayed work item

by Miri Korenblit

From: Benjamin Berg <benjamin.berg(a)intel.com> The normal timer mechanism assume that timeout further in the future need a lower accuracy. As an example, the granularity for a timer scheduled 4096 ms in the future on a 1000 Hz system is already 512 ms. This granularity is perfectly sufficient for e.g. timeouts, but there are other types of events that will happen at a future point in time and require a higher accuracy. Add a new wiphy_hrtimer_work type that uses an hrtimer internally. The API is almost identical to the existing wiphy_delayed_work and it can be used as a drop-in replacement after minor adjustments. The work will be scheduled relative to the current time with a slack of 1 millisecond. CC: stable(a)vger.kernel.org # 6.4+ Signed-off-by: Benjamin Berg <benjamin.berg(a)intel.com> Reviewed-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Miri Korenblit <miriam.rachel.korenblit(a)intel.com> --- include/net/cfg80211.h | 78 ++++++++++++++++++++++++++++++++++++++++++ net/wireless/core.c | 56 ++++++++++++++++++++++++++++++ net/wireless/trace.h | 21 ++++++++++++ 3 files changed, 155 insertions(+) diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index 781624f5913a..820e299f06b5 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -6435,6 +6435,11 @@ static inline void wiphy_delayed_work_init(struct wiphy_delayed_work *dwork, * after wiphy_lock() was called. Therefore, wiphy_cancel_work() can * use just cancel_work() instead of cancel_work_sync(), it requires * being in a section protected by wiphy_lock(). + * + * Note that these are scheduled with a timer where the accuracy + * becomes less the longer in the future the scheduled timer is. Use + * wiphy_hrtimer_work_queue() if the timer must be not be late by more + * than approximately 10 percent. */ void wiphy_delayed_work_queue(struct wiphy *wiphy, struct wiphy_delayed_work *dwork, @@ -6506,6 +6511,79 @@ void wiphy_delayed_work_flush(struct wiphy *wiphy, bool wiphy_delayed_work_pending(struct wiphy *wiphy, struct wiphy_delayed_work *dwork); +struct wiphy_hrtimer_work { + struct wiphy_work work; + struct wiphy *wiphy; + struct hrtimer timer; +}; + +enum hrtimer_restart wiphy_hrtimer_work_timer(struct hrtimer *t); + +static inline void wiphy_hrtimer_work_init(struct wiphy_hrtimer_work *hrwork, + wiphy_work_func_t func) +{ + hrtimer_setup(&hrwork->timer, wiphy_hrtimer_work_timer, + CLOCK_BOOTTIME, HRTIMER_MODE_REL); + wiphy_work_init(&hrwork->work, func); +} + +/** + * wiphy_hrtimer_work_queue - queue hrtimer work for the wiphy + * @wiphy: the wiphy to queue for + * @hrwork: the high resolution timer worker + * @delay: the delay given as a ktime_t + * + * Please refer to wiphy_delayed_work_queue(). The difference is that + * the hrtimer work uses a high resolution timer for scheduling. This + * may be needed if timeouts might be scheduled further in the future + * and the accuracy of the normal timer is not sufficient. + * + * Expect a delay of a few milliseconds as the timer is scheduled + * with some slack and some more time may pass between queueing the + * work and its start. + */ +void wiphy_hrtimer_work_queue(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork, + ktime_t delay); + +/** + * wiphy_hrtimer_work_cancel - cancel previously queued hrtimer work + * @wiphy: the wiphy, for debug purposes + * @hrtimer: the hrtimer work to cancel + * + * Cancel the work *without* waiting for it, this assumes being + * called under the wiphy mutex acquired by wiphy_lock(). + */ +void wiphy_hrtimer_work_cancel(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrtimer); + +/** + * wiphy_hrtimer_work_flush - flush previously queued hrtimer work + * @wiphy: the wiphy, for debug purposes + * @hrwork: the hrtimer work to flush + * + * Flush the work (i.e. run it if pending). This must be called + * under the wiphy mutex acquired by wiphy_lock(). + */ +void wiphy_hrtimer_work_flush(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork); + +/** + * wiphy_hrtimer_work_pending - Find out whether a wiphy hrtimer + * work item is currently pending. + * + * @wiphy: the wiphy, for debug purposes + * @hrwork: the hrtimer work in question + * + * Return: true if timer is pending, false otherwise + * + * Please refer to the wiphy_delayed_work_pending() documentation as + * this is the equivalent function for hrtimer based delayed work + * items. + */ +bool wiphy_hrtimer_work_pending(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork); + /** * enum ieee80211_ap_reg_power - regulatory power for an Access Point * diff --git a/net/wireless/core.c b/net/wireless/core.c index 797f9f2004a6..54a34d8d356e 100644 --- a/net/wireless/core.c +++ b/net/wireless/core.c @@ -1787,6 +1787,62 @@ bool wiphy_delayed_work_pending(struct wiphy *wiphy, } EXPORT_SYMBOL_GPL(wiphy_delayed_work_pending); +enum hrtimer_restart wiphy_hrtimer_work_timer(struct hrtimer *t) +{ + struct wiphy_hrtimer_work *hrwork = + container_of(t, struct wiphy_hrtimer_work, timer); + + wiphy_work_queue(hrwork->wiphy, &hrwork->work); + + return HRTIMER_NORESTART; +} +EXPORT_SYMBOL_GPL(wiphy_hrtimer_work_timer); + +void wiphy_hrtimer_work_queue(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork, + ktime_t delay) +{ + trace_wiphy_hrtimer_work_queue(wiphy, &hrwork->work, delay); + + if (!delay) { + hrtimer_cancel(&hrwork->timer); + wiphy_work_queue(wiphy, &hrwork->work); + return; + } + + hrwork->wiphy = wiphy; + hrtimer_start_range_ns(&hrwork->timer, delay, + 1000 * NSEC_PER_USEC, HRTIMER_MODE_REL); +} +EXPORT_SYMBOL_GPL(wiphy_hrtimer_work_queue); + +void wiphy_hrtimer_work_cancel(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork) +{ + lockdep_assert_held(&wiphy->mtx); + + hrtimer_cancel(&hrwork->timer); + wiphy_work_cancel(wiphy, &hrwork->work); +} +EXPORT_SYMBOL_GPL(wiphy_hrtimer_work_cancel); + +void wiphy_hrtimer_work_flush(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork) +{ + lockdep_assert_held(&wiphy->mtx); + + hrtimer_cancel(&hrwork->timer); + wiphy_work_flush(wiphy, &hrwork->work); +} +EXPORT_SYMBOL_GPL(wiphy_hrtimer_work_flush); + +bool wiphy_hrtimer_work_pending(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork) +{ + return hrtimer_is_queued(&hrwork->timer); +} +EXPORT_SYMBOL_GPL(wiphy_hrtimer_work_pending); + static int __init cfg80211_init(void) { int err; diff --git a/net/wireless/trace.h b/net/wireless/trace.h index 8a4c34112eb5..2b71f1d867a0 100644 --- a/net/wireless/trace.h +++ b/net/wireless/trace.h @@ -304,6 +304,27 @@ TRACE_EVENT(wiphy_delayed_work_queue, __entry->delay) ); +TRACE_EVENT(wiphy_hrtimer_work_queue, + TP_PROTO(struct wiphy *wiphy, struct wiphy_work *work, + ktime_t delay), + TP_ARGS(wiphy, work, delay), + TP_STRUCT__entry( + WIPHY_ENTRY + __field(void *, instance) + __field(void *, func) + __field(ktime_t, delay) + ), + TP_fast_assign( + WIPHY_ASSIGN; + __entry->instance = work; + __entry->func = work->func; + __entry->delay = delay; + ), + TP_printk(WIPHY_PR_FMT " instance=%p func=%pS delay=%llu", + WIPHY_PR_ARG, __entry->instance, __entry->func, + __entry->delay) +); + TRACE_EVENT(wiphy_work_worker_start, TP_PROTO(struct wiphy *wiphy), TP_ARGS(wiphy), -- 2.34.1

2 weeks, 1 day

1
0
0 0

[PATCH] phy: ti: omap-usb2: Fix device node reference leak in omap_usb2_probe

by Miaoqian Lin

In omap_usb2_probe(), of_parse_phandle() returns a device node with its reference count incremented. The caller is responsible for releasing this reference when the node is no longer needed. Add of_node_put(control_node) after usage to fix the reference leak. Found via static analysis. Fixes: 478b6c7436c2 ("usb: phy: omap-usb2: Don't use omap_get_control_dev()") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/phy/ti/phy-omap-usb2.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/phy/ti/phy-omap-usb2.c b/drivers/phy/ti/phy-omap-usb2.c index 1eb252604441..660df3181e4f 100644 --- a/drivers/phy/ti/phy-omap-usb2.c +++ b/drivers/phy/ti/phy-omap-usb2.c @@ -426,6 +426,7 @@ static int omap_usb2_probe(struct platform_device *pdev) } control_pdev = of_find_device_by_node(control_node); + of_node_put(control_node); if (!control_pdev) { dev_err(&pdev->dev, "Failed to get control device\n"); return -EINVAL; -- 2.39.5 (Apple Git-154)

2 weeks, 1 day

2
1
0 0

[PATCH v2 1/2] media: mediatek: mdp: fix device leak on probe

by Johan Hovold

Make sure to drop the reference taken when looking up the VPU firmware device during probe on probe failure (e.g. probe deferral) and on driver unbind. Fixes: c8eb2d7e8202 ("[media] media: Add Mediatek MDP Driver") Cc: stable(a)vger.kernel.org # 4.10 Cc: Minghsiu Tsai <minghsiu.tsai(a)mediatek.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/media/platform/mediatek/mdp/mtk_mdp_core.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/media/platform/mediatek/mdp/mtk_mdp_core.c b/drivers/media/platform/mediatek/mdp/mtk_mdp_core.c index 80fdc6ff57e0..5c7dcf4090f4 100644 --- a/drivers/media/platform/mediatek/mdp/mtk_mdp_core.c +++ b/drivers/media/platform/mediatek/mdp/mtk_mdp_core.c @@ -198,7 +198,7 @@ static int mtk_mdp_probe(struct platform_device *pdev) VPU_RST_MDP); if (ret) { dev_err(&pdev->dev, "Failed to register reset handler\n"); - goto err_m2m_register; + goto err_put_vpu; } platform_set_drvdata(pdev, mdp); @@ -206,7 +206,7 @@ static int mtk_mdp_probe(struct platform_device *pdev) ret = vb2_dma_contig_set_max_seg_size(&pdev->dev, DMA_BIT_MASK(32)); if (ret) { dev_err(&pdev->dev, "Failed to set vb2 dma mag seg size\n"); - goto err_m2m_register; + goto err_put_vpu; } pm_runtime_enable(dev); @@ -214,6 +214,8 @@ static int mtk_mdp_probe(struct platform_device *pdev) return 0; +err_put_vpu: + put_device(&mdp->vpu_dev->dev); err_m2m_register: v4l2_device_unregister(&mdp->v4l2_dev); @@ -241,6 +243,7 @@ static void mtk_mdp_remove(struct platform_device *pdev) struct mtk_mdp_comp *comp, *comp_temp; pm_runtime_disable(&pdev->dev); + put_device(&mdp->vpu_dev->dev); vb2_dma_contig_clear_max_seg_size(&pdev->dev); mtk_mdp_unregister_m2m_device(mdp); v4l2_device_unregister(&mdp->v4l2_dev); -- 2.51.0

2 weeks, 1 day

1
0
0 0

[PATCH] drm/meson: Fix reference count leak in meson_encoder_dsi_probe

by Miaoqian Lin

The of_graph_get_remote_node() function returns a device node with its reference count incremented. The caller is responsible for calling of_node_put() to release this reference when done. Fixes: 42dcf15f901c ("drm/meson: add DSI encoder") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/gpu/drm/meson/meson_encoder_dsi.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/gpu/drm/meson/meson_encoder_dsi.c b/drivers/gpu/drm/meson/meson_encoder_dsi.c index 6c6624f9ba24..01edf46e30d0 100644 --- a/drivers/gpu/drm/meson/meson_encoder_dsi.c +++ b/drivers/gpu/drm/meson/meson_encoder_dsi.c @@ -121,6 +121,7 @@ int meson_encoder_dsi_probe(struct meson_drm *priv) } meson_encoder_dsi->next_bridge = of_drm_find_bridge(remote); + of_node_put(remote); if (!meson_encoder_dsi->next_bridge) return dev_err_probe(priv->dev, -EPROBE_DEFER, "Failed to find DSI transceiver bridge\n"); -- 2.39.5 (Apple Git-154)

2 weeks, 1 day

2
1
0 0

[PATCH] soc: samsung: exynos-pmu: fix reference count leak in exynos_get_pmu_regmap_by_phandle

by Miaoqian Lin

The driver_find_device_by_of_node() function calls driver_find_device and returns a device with its reference count incremented. Add the missing put_device() call to release this reference after the device is used. Found via static analysis. Fixes: 0b7c6075022c ("soc: samsung: exynos-pmu: Add regmap support for SoCs that protect PMU regs") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/soc/samsung/exynos-pmu.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/soc/samsung/exynos-pmu.c b/drivers/soc/samsung/exynos-pmu.c index 22c50ca2aa79..a53c1f882e1a 100644 --- a/drivers/soc/samsung/exynos-pmu.c +++ b/drivers/soc/samsung/exynos-pmu.c @@ -346,6 +346,7 @@ struct regmap *exynos_get_pmu_regmap_by_phandle(struct device_node *np, if (!dev) return ERR_PTR(-EPROBE_DEFER); + put_device(dev); return syscon_node_to_regmap(pmu_np); } EXPORT_SYMBOL_GPL(exynos_get_pmu_regmap_by_phandle); -- 2.39.5 (Apple Git-154)

2 weeks, 1 day

3
2
0 0

Hello

by Eric

2 weeks, 2 days

1
0
0 0

[PATCH] cpufreq: nforce2: fix reference count leak in nforce2

by Miaoqian Lin

There are two reference count leaks in this driver: 1. In nforce2_fsb_read(): pci_get_subsys() increases the reference count of the PCI device, but pci_dev_put() is never called to release it, thus leaking the reference. 2. In nforce2_detect_chipset(): pci_get_subsys() gets a reference to the nforce2_dev which is stored in a global variable, but the reference is never released when the module is unloaded. Fix both by: - Adding pci_dev_put(nforce2_sub5) in nforce2_fsb_read() after reading the configuration. - Adding pci_dev_put(nforce2_dev) in nforce2_exit() to release the global device reference. Found via static analysis. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/cpufreq/cpufreq-nforce2.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/cpufreq/cpufreq-nforce2.c b/drivers/cpufreq/cpufreq-nforce2.c index fedad1081973..fbbbe501cf2d 100644 --- a/drivers/cpufreq/cpufreq-nforce2.c +++ b/drivers/cpufreq/cpufreq-nforce2.c @@ -145,6 +145,8 @@ static unsigned int nforce2_fsb_read(int bootfsb) pci_read_config_dword(nforce2_sub5, NFORCE2_BOOTFSB, &fsb); fsb /= 1000000; + pci_dev_put(nforce2_sub5); + /* Check if PLL register is already set */ pci_read_config_byte(nforce2_dev, NFORCE2_PLLENABLE, (u8 *)&temp); @@ -426,6 +428,7 @@ static int __init nforce2_init(void) static void __exit nforce2_exit(void) { cpufreq_unregister_driver(&nforce2_driver); + pci_dev_put(nforce2_dev); } module_init(nforce2_init); -- 2.39.5 (Apple Git-154)

2 weeks, 2 days

2
1
0 0

[PATCH] net: phy: motorcomm: Fix the issue in the code regarding the incorrect use of time units

by Yi Cong

From: Yi Cong <yicong(a)kylinos.cn> Currently, NS (nanoseconds) is being used, but according to the datasheet, the correct unit should be PS (picoseconds). Fixes: 4869a146cd60 ("net: phy: Add BIT macro for Motorcomm yt8521/yt8531 gigabit ethernet phy") Cc: stable(a)vger.kernel.org Signed-off-by: Yi Cong <yicong(a)kylinos.cn> --- drivers/net/phy/motorcomm.c | 102 ++++++++++++++++++------------------ 1 file changed, 51 insertions(+), 51 deletions(-) diff --git a/drivers/net/phy/motorcomm.c b/drivers/net/phy/motorcomm.c index a3593e663059..81491c71e75b 100644 --- a/drivers/net/phy/motorcomm.c +++ b/drivers/net/phy/motorcomm.c @@ -171,7 +171,7 @@ * 1b1 enable 1.9ns rxc clock delay */ #define YT8521_CCR_RXC_DLY_EN BIT(8) -#define YT8521_CCR_RXC_DLY_1_900_NS 1900 +#define YT8521_CCR_RXC_DLY_1_900_PS 1900 #define YT8521_CCR_MODE_SEL_MASK (BIT(2) | BIT(1) | BIT(0)) #define YT8521_CCR_MODE_UTP_TO_RGMII 0 @@ -196,22 +196,22 @@ #define YT8521_RC1R_RX_DELAY_MASK GENMASK(13, 10) #define YT8521_RC1R_FE_TX_DELAY_MASK GENMASK(7, 4) #define YT8521_RC1R_GE_TX_DELAY_MASK GENMASK(3, 0) -#define YT8521_RC1R_RGMII_0_000_NS 0 -#define YT8521_RC1R_RGMII_0_150_NS 1 -#define YT8521_RC1R_RGMII_0_300_NS 2 -#define YT8521_RC1R_RGMII_0_450_NS 3 -#define YT8521_RC1R_RGMII_0_600_NS 4 -#define YT8521_RC1R_RGMII_0_750_NS 5 -#define YT8521_RC1R_RGMII_0_900_NS 6 -#define YT8521_RC1R_RGMII_1_050_NS 7 -#define YT8521_RC1R_RGMII_1_200_NS 8 -#define YT8521_RC1R_RGMII_1_350_NS 9 -#define YT8521_RC1R_RGMII_1_500_NS 10 -#define YT8521_RC1R_RGMII_1_650_NS 11 -#define YT8521_RC1R_RGMII_1_800_NS 12 -#define YT8521_RC1R_RGMII_1_950_NS 13 -#define YT8521_RC1R_RGMII_2_100_NS 14 -#define YT8521_RC1R_RGMII_2_250_NS 15 +#define YT8521_RC1R_RGMII_0_000_PS 0 +#define YT8521_RC1R_RGMII_0_150_PS 1 +#define YT8521_RC1R_RGMII_0_300_PS 2 +#define YT8521_RC1R_RGMII_0_450_PS 3 +#define YT8521_RC1R_RGMII_0_600_PS 4 +#define YT8521_RC1R_RGMII_0_750_PS 5 +#define YT8521_RC1R_RGMII_0_900_PS 6 +#define YT8521_RC1R_RGMII_1_050_PS 7 +#define YT8521_RC1R_RGMII_1_200_PS 8 +#define YT8521_RC1R_RGMII_1_350_PS 9 +#define YT8521_RC1R_RGMII_1_500_PS 10 +#define YT8521_RC1R_RGMII_1_650_PS 11 +#define YT8521_RC1R_RGMII_1_800_PS 12 +#define YT8521_RC1R_RGMII_1_950_PS 13 +#define YT8521_RC1R_RGMII_2_100_PS 14 +#define YT8521_RC1R_RGMII_2_250_PS 15 /* LED CONFIG */ #define YT8521_MAX_LEDS 3 @@ -800,40 +800,40 @@ struct ytphy_cfg_reg_map { static const struct ytphy_cfg_reg_map ytphy_rgmii_delays[] = { /* for tx delay / rx delay with YT8521_CCR_RXC_DLY_EN is not set. */ - { 0, YT8521_RC1R_RGMII_0_000_NS }, - { 150, YT8521_RC1R_RGMII_0_150_NS }, - { 300, YT8521_RC1R_RGMII_0_300_NS }, - { 450, YT8521_RC1R_RGMII_0_450_NS }, - { 600, YT8521_RC1R_RGMII_0_600_NS }, - { 750, YT8521_RC1R_RGMII_0_750_NS }, - { 900, YT8521_RC1R_RGMII_0_900_NS }, - { 1050, YT8521_RC1R_RGMII_1_050_NS }, - { 1200, YT8521_RC1R_RGMII_1_200_NS }, - { 1350, YT8521_RC1R_RGMII_1_350_NS }, - { 1500, YT8521_RC1R_RGMII_1_500_NS }, - { 1650, YT8521_RC1R_RGMII_1_650_NS }, - { 1800, YT8521_RC1R_RGMII_1_800_NS }, - { 1950, YT8521_RC1R_RGMII_1_950_NS }, /* default tx/rx delay */ - { 2100, YT8521_RC1R_RGMII_2_100_NS }, - { 2250, YT8521_RC1R_RGMII_2_250_NS }, + { 0, YT8521_RC1R_RGMII_0_000_PS }, + { 150, YT8521_RC1R_RGMII_0_150_PS }, + { 300, YT8521_RC1R_RGMII_0_300_PS }, + { 450, YT8521_RC1R_RGMII_0_450_PS }, + { 600, YT8521_RC1R_RGMII_0_600_PS }, + { 750, YT8521_RC1R_RGMII_0_750_PS }, + { 900, YT8521_RC1R_RGMII_0_900_PS }, + { 1050, YT8521_RC1R_RGMII_1_050_PS }, + { 1200, YT8521_RC1R_RGMII_1_200_PS }, + { 1350, YT8521_RC1R_RGMII_1_350_PS }, + { 1500, YT8521_RC1R_RGMII_1_500_PS }, + { 1650, YT8521_RC1R_RGMII_1_650_PS }, + { 1800, YT8521_RC1R_RGMII_1_800_PS }, + { 1950, YT8521_RC1R_RGMII_1_950_PS }, /* default tx/rx delay */ + { 2100, YT8521_RC1R_RGMII_2_100_PS }, + { 2250, YT8521_RC1R_RGMII_2_250_PS }, /* only for rx delay with YT8521_CCR_RXC_DLY_EN is set. */ - { 0 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_000_NS }, - { 150 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_150_NS }, - { 300 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_300_NS }, - { 450 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_450_NS }, - { 600 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_600_NS }, - { 750 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_750_NS }, - { 900 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_0_900_NS }, - { 1050 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_050_NS }, - { 1200 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_200_NS }, - { 1350 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_350_NS }, - { 1500 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_500_NS }, - { 1650 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_650_NS }, - { 1800 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_800_NS }, - { 1950 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_1_950_NS }, - { 2100 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_2_100_NS }, - { 2250 + YT8521_CCR_RXC_DLY_1_900_NS, YT8521_RC1R_RGMII_2_250_NS } + { 0 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_000_PS }, + { 150 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_150_PS }, + { 300 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_300_PS }, + { 450 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_450_PS }, + { 600 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_600_PS }, + { 750 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_750_PS }, + { 900 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_0_900_PS }, + { 1050 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_050_PS }, + { 1200 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_200_PS }, + { 1350 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_350_PS }, + { 1500 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_500_PS }, + { 1650 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_650_PS }, + { 1800 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_800_PS }, + { 1950 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_1_950_PS }, + { 2100 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_2_100_PS }, + { 2250 + YT8521_CCR_RXC_DLY_1_900_PS, YT8521_RC1R_RGMII_2_250_PS } }; static u32 ytphy_get_delay_reg_value(struct phy_device *phydev, @@ -890,10 +890,10 @@ static int ytphy_rgmii_clk_delay_config(struct phy_device *phydev) rx_reg = ytphy_get_delay_reg_value(phydev, "rx-internal-delay-ps", ytphy_rgmii_delays, tb_size, &rxc_dly_en, - YT8521_RC1R_RGMII_1_950_NS); + YT8521_RC1R_RGMII_1_950_PS); tx_reg = ytphy_get_delay_reg_value(phydev, "tx-internal-delay-ps", ytphy_rgmii_delays, tb_size, NULL, - YT8521_RC1R_RGMII_1_950_NS); + YT8521_RC1R_RGMII_1_950_PS); switch (phydev->interface) { case PHY_INTERFACE_MODE_RGMII: -- 2.25.1

2 weeks, 2 days

1
0
0 0

[PATCH] clk: rockchip: rk3588: Don't change PLL rates when setting dclk_vop2_src

by Heiko Stuebner

dclk_vop2_src currently has CLK_SET_RATE_PARENT | CLK_SET_RATE_NO_REPARENT flags set, which is vastly different than dclk_vop0_src or dclk_vop1_src, which have none of those. With these flags in dclk_vop2_src, actually setting the clock then results in a lot of other peripherals breaking, because setting the rate results in the PLL source getting changed: [ 14.898718] clk_core_set_rate_nolock: setting rate for dclk_vop2 to 152840000 [ 15.155017] clk_change_rate: setting rate for pll_gpll to 1680000000 [ clk adjusting every gpll user ] This includes possibly the other vops, i2s, spdif and even the uarts. Among other possible things, this breaks the uart console on a board I use. Sometimes it recovers later on, but there will be a big block of garbled output for a while at least. Shared PLLs should not be changed by individual users, so drop these flags from dclk_vop2_src and make the flags the same as on dclk_vop0 and dclk_vop1. Fixes: f1c506d152ff ("clk: rockchip: add clock controller for the RK3588") Cc: stable(a)vger.kernel.org Signed-off-by: Heiko Stuebner <heiko(a)sntech.de> --- drivers/clk/rockchip/clk-rk3588.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/clk/rockchip/clk-rk3588.c b/drivers/clk/rockchip/clk-rk3588.c index 1694223f4f84..cf83242d1726 100644 --- a/drivers/clk/rockchip/clk-rk3588.c +++ b/drivers/clk/rockchip/clk-rk3588.c @@ -2094,7 +2094,7 @@ static struct rockchip_clk_branch rk3588_early_clk_branches[] __initdata = { COMPOSITE(DCLK_VOP1_SRC, "dclk_vop1_src", gpll_cpll_v0pll_aupll_p, 0, RK3588_CLKSEL_CON(111), 14, 2, MFLAGS, 9, 5, DFLAGS, RK3588_CLKGATE_CON(52), 11, GFLAGS), - COMPOSITE(DCLK_VOP2_SRC, "dclk_vop2_src", gpll_cpll_v0pll_aupll_p, CLK_SET_RATE_PARENT | CLK_SET_RATE_NO_REPARENT, + COMPOSITE(DCLK_VOP2_SRC, "dclk_vop2_src", gpll_cpll_v0pll_aupll_p, 0, RK3588_CLKSEL_CON(112), 5, 2, MFLAGS, 0, 5, DFLAGS, RK3588_CLKGATE_CON(52), 12, GFLAGS), COMPOSITE_NODIV(DCLK_VOP0, "dclk_vop0", dclk_vop0_p, -- 2.47.2

2 weeks, 2 days

5
8
0 0

[PATCH net 1/1] batman-adv: Release references to inactive interfaces

by Simon Wunderlich

From: Sven Eckelmann <sven(a)narfation.org> Trying to dump the originators or the neighbors via netlink for a meshif with an inactive primary interface is not allowed. The dump functions were checking this correctly but they didn't handle non-existing primary interfaces and existing _inactive_ interfaces differently. (Primary) batadv_hard_ifaces hold a references to a net_device. And accessing them is only allowed when either being in a RCU/spinlock protected section or when holding a valid reference to them. The netlink dump functions use the latter. But because the missing specific error handling for inactive primary interfaces, the reference was never dropped. This reference counting error was only detected when the interface should have been removed from the system: unregister_netdevice: waiting for batadv_slave_0 to become free. Usage count = 2 Cc: stable(a)vger.kernel.org Fixes: 6ecc4fd6c2f4 ("batman-adv: netlink: reduce duplicate code by returning interfaces") Reported-by: syzbot+881d65229ca4f9ae8c84(a)syzkaller.appspotmail.com Reported-by: Tetsuo Handa <penguin-kernel(a)i-love.sakura.ne.jp> Signed-off-by: Sven Eckelmann <sven(a)narfation.org> Signed-off-by: Simon Wunderlich <sw(a)simonwunderlich.de> --- net/batman-adv/originator.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/net/batman-adv/originator.c b/net/batman-adv/originator.c index a464ff96b9291..ed89d7fd1e7f4 100644 --- a/net/batman-adv/originator.c +++ b/net/batman-adv/originator.c @@ -764,11 +764,16 @@ int batadv_hardif_neigh_dump(struct sk_buff *msg, struct netlink_callback *cb) bat_priv = netdev_priv(mesh_iface); primary_if = batadv_primary_if_get_selected(bat_priv); - if (!primary_if || primary_if->if_status != BATADV_IF_ACTIVE) { + if (!primary_if) { ret = -ENOENT; goto out_put_mesh_iface; } + if (primary_if->if_status != BATADV_IF_ACTIVE) { + ret = -ENOENT; + goto out_put_primary_if; + } + hard_iface = batadv_netlink_get_hardif(bat_priv, cb); if (IS_ERR(hard_iface) && PTR_ERR(hard_iface) != -ENONET) { ret = PTR_ERR(hard_iface); @@ -1333,11 +1338,16 @@ int batadv_orig_dump(struct sk_buff *msg, struct netlink_callback *cb) bat_priv = netdev_priv(mesh_iface); primary_if = batadv_primary_if_get_selected(bat_priv); - if (!primary_if || primary_if->if_status != BATADV_IF_ACTIVE) { + if (!primary_if) { ret = -ENOENT; goto out_put_mesh_iface; } + if (primary_if->if_status != BATADV_IF_ACTIVE) { + ret = -ENOENT; + goto out_put_primary_if; + } + hard_iface = batadv_netlink_get_hardif(bat_priv, cb); if (IS_ERR(hard_iface) && PTR_ERR(hard_iface) != -ENONET) { ret = PTR_ERR(hard_iface); -- 2.47.3

2 weeks, 2 days

2
1
0 0

[PATCH] riscv: Fix memory leak in module_frob_arch_sections()

by Miaoqian Lin

The current code directly overwrites the scratch pointer with the return value of kvrealloc(). If kvrealloc() fails and returns NULL, the original buffer becomes unreachable, causing a memory leak. Fix this by using a temporary variable to store kvrealloc()'s return value and only update the scratch pointer on success. Found via static anlaysis and this is similar to commit 42378a9ca553 ("bpf, verifier: Fix memory leak in array reallocation for stack state") Fixes: be17c0df6795 ("riscv: module: Optimize PLT/GOT entry counting") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- arch/riscv/kernel/module-sections.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/arch/riscv/kernel/module-sections.c b/arch/riscv/kernel/module-sections.c index 75551ac6504c..1675cbad8619 100644 --- a/arch/riscv/kernel/module-sections.c +++ b/arch/riscv/kernel/module-sections.c @@ -119,6 +119,7 @@ int module_frob_arch_sections(Elf_Ehdr *ehdr, Elf_Shdr *sechdrs, unsigned int num_plts = 0; unsigned int num_gots = 0; Elf_Rela *scratch = NULL; + Elf_Rela *new_scratch; size_t scratch_size = 0; int i; @@ -168,9 +169,12 @@ int module_frob_arch_sections(Elf_Ehdr *ehdr, Elf_Shdr *sechdrs, scratch_size_needed = (num_scratch_relas + num_relas) * sizeof(*scratch); if (scratch_size_needed > scratch_size) { scratch_size = scratch_size_needed; - scratch = kvrealloc(scratch, scratch_size, GFP_KERNEL); - if (!scratch) + new_scratch = kvrealloc(scratch, scratch_size, GFP_KERNEL); + if (!new_scratch) { + kvfree(scratch); return -ENOMEM; + } + scratch = new_scratch; } for (size_t j = 0; j < num_relas; j++) -- 2.39.5 (Apple Git-154)

2 weeks, 2 days

2
1
0 0

[PATCH AUTOSEL 6.17-6.1] smb/server: fix possible memory leak in smb2_read()

by Sasha Levin

From: ZhangGuoDong <zhangguodong(a)kylinos.cn> [ Upstream commit 6fced056d2cc8d01b326e6fcfabaacb9850b71a4 ] Memory leak occurs when ksmbd_vfs_read() fails. Fix this by adding the missing kvfree(). Co-developed-by: ChenXiaoSong <chenxiaosong(a)kylinos.cn> Signed-off-by: ChenXiaoSong <chenxiaosong(a)kylinos.cn> Signed-off-by: ZhangGuoDong <zhangguodong(a)kylinos.cn> Acked-by: Namjae Jeon <linkinjeon(a)kernel.org> Signed-off-by: Steve French <stfrench(a)microsoft.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- LLM Generated explanations, may be completely bogus: ## **Backport Status: YES** ### **Extensive Analysis** Based on comprehensive semantic code analysis and repository examination, this commit **should be backported** to stable kernel trees. --- ## **1. Code Change Analysis** The commit adds a single line to fix a memory leak in `fs/smb/server/smb2pdu.c`: ```c nbytes = ksmbd_vfs_read(work, fp, length, &offset, aux_payload_buf); if (nbytes < 0) { + kvfree(aux_payload_buf); // <-- Added line err = nbytes; goto out; } ``` **What was wrong:** Memory allocated at line 6821 (`aux_payload_buf = kvzalloc(ALIGN(length, 8), KSMBD_DEFAULT_GFP)`) was not freed when `ksmbd_vfs_read()` fails, while all other error paths properly call `kvfree()`. --- ## **2. Semantic Analysis Tools Used** ### **Tool 1: mcp__semcode__find_function** - Located `smb2_read()` in `fs/smb/server/smb2pdu.c:6727-6895` - Confirmed it's an SMB2 protocol handler (169 lines, 24 function calls) - Return type: `int` (returns error codes) ### **Tool 2: mcp__semcode__find_callers** - Result: No direct function callers - However, cross-referenced with `smb2ops.c:183` showing `smb2_read` is registered as a handler: `[SMB2_READ_HE] = { .proc = smb2_read }` - **Conclusion:** This is a protocol handler invoked by the SMB2 message dispatcher, meaning it's **directly user-triggerable** via network requests ### **Tool 3: mcp__semcode__find_calls** - Analyzed `ksmbd_vfs_read()` dependencies - Found it can fail with multiple error codes: `-EISDIR`, `-EACCES`, `-EAGAIN`, plus any errors from `kernel_read()` - **All of these failure paths trigger the memory leak** ### **Tool 4: git blame & git log** - Bug introduced: commit `e2f34481b24db2` (2021-03-16) - **4 years old!** - Recent modification: commit `06a025448b572c` (2024-11-30) changed allocation to `ALIGN(length, 8)` but didn't fix the leak - Found 15+ similar "memory leak" fixes in ksmbd history, indicating active maintenance --- ## **3. Impact Scope Analysis** ### **User Exposure: CRITICAL** - **Protocol Handler:** Any SMB client can trigger this by sending SMB2 READ requests - **Network-facing:** ksmbd is a kernel SMB server exposed to network clients - **No authentication required to trigger:** The error path can be reached even with permission errors ### **Trigger Conditions (from VFS analysis):** 1. **-EISDIR**: Client tries to read a directory 2. **-EACCES**: Permission denied (no FILE_READ_DATA or FILE_EXECUTE access) 3. **-EAGAIN**: File is locked by another process 4. **kernel_read() failures**: Various VFS/filesystem errors All of these are **easily triggerable** by malicious or misbehaving clients. ### **Memory Leak Severity: HIGH** - **Allocation size:** `ALIGN(length, 8)` where `length` is client- controlled - **Maximum per leak:** Up to `SMB3_MAX_IOSIZE` = **8 MB** (from smb2pdu.h:28) - **Default size:** `SMB21_DEFAULT_IOSIZE` = **1 MB** (from smb2pdu.h:25) - **Attack scenario:** An attacker could repeatedly: 1. Send READ requests for locked files (triggers -EAGAIN) 2. Each failed request leaks up to 8MB 3. 100 requests = 800MB leaked 4. Can exhaust server memory leading to **DoS** --- ## **4. Regression Risk Analysis** ### **Risk Level: VERY LOW** - **Change size:** Single line addition - **Operation:** Adding missing cleanup (defensive programming) - **No behavior change:** Only affects error path that already returns failure - **Idempotent:** `kvfree()` is safe to call and simply frees allocated memory - **No dependencies:** No API changes or external impact --- ## **5. Stable Tree Compliance** | Criterion | Status | Evidence | |-----------|--------|----------| | Fixes important bug | ✅ YES | Memory leak leading to potential DoS | | Small and contained | ✅ YES | 1 line change, single function | | No new features | ✅ YES | Pure bug fix | | No architectural changes | ✅ YES | No structural modifications | | Low regression risk | ✅ YES | Minimal, defensive change | | Confined to subsystem | ✅ YES | Only affects ksmbd | | User-facing impact | ✅ YES | Affects all ksmbd users | --- ## **6. Comparison with Similar Commits** Recent ksmbd fixes in the repository show similar patterns: - `379510a815cb2`: "fix possible refcount leak in smb2_sess_setup()" - `5929e98f3bb76`: "fix potential double free on smb2_read_pipe() error path" - `e523a26c05672`: "fix passing freed memory 'aux_payload_buf'" - `809d50d36e71b`: "fix memory leak in smb2_lock()" **All these are typical stable tree backport candidates** with similar characteristics (small resource leak fixes). --- ## **7. Missing Stable Tags** **Notable:** The commit lacks explicit stable tree tags: - ❌ No `Cc: stable(a)vger.kernel.org` - ❌ No `Fixes:` tag pointing to the original buggy commit However, this doesn't diminish backport worthiness - the technical merits clearly justify backporting. --- ## **Conclusion** This commit is an **excellent candidate for backporting** because: 1. **Security concern:** Remote memory exhaustion DoS vector 2. **Long-standing bug:** Present since ksmbd's introduction (4+ years) 3. **Wide impact:** Affects all ksmbd deployments 4. **Minimal risk:** Single-line defensive fix 5. **Clear bug fix:** Unambiguous resource leak on error path 6. **Pattern consistency:** Matches other successfully backported ksmbd fixes **Recommendation:** Backport to all active stable trees where ksmbd exists (5.15+). fs/smb/server/smb2pdu.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/smb/server/smb2pdu.c b/fs/smb/server/smb2pdu.c index 287200d7c0764..409b85af82e1c 100644 --- a/fs/smb/server/smb2pdu.c +++ b/fs/smb/server/smb2pdu.c @@ -6826,6 +6826,7 @@ int smb2_read(struct ksmbd_work *work) nbytes = ksmbd_vfs_read(work, fp, length, &offset, aux_payload_buf); if (nbytes < 0) { + kvfree(aux_payload_buf); err = nbytes; goto out; } -- 2.51.0

2 weeks, 2 days

1
25
0 0

[PATCH v2] PCI: xilinx-xdma: Enable INTx interrupts

by Ravi Kumar Bandi

The pcie-xilinx-dma-pl driver does not enable INTx interrupts after initializing the port, preventing INTx interrupts from PCIe endpoints from flowing through the Xilinx XDMA root port bridge. This issue affects kernel 6.6.0 and later versions. This patch allows INTx interrupts generated by PCIe endpoints to flow through the root port. Tested the fix on a board with two endpoints generating INTx interrupts. Interrupts are properly detected and serviced. The /proc/interrupts output shows: [...] 32: 320 0 pl_dma:RC-Event 16 Level 400000000.axi-pcie, azdrv 52: 470 0 pl_dma:RC-Event 16 Level 500000000.axi-pcie, azdrv [...] Changes since v1:: - Fixed commit message per reviewer's comments Fixes: 8d786149d78c ("PCI: xilinx-xdma: Add Xilinx XDMA Root Port driver") Cc: stable(a)vger.kernel.org Signed-off-by: Ravi Kumar Bandi <ravib(a)amazon.com> --- drivers/pci/controller/pcie-xilinx-dma-pl.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/pci/controller/pcie-xilinx-dma-pl.c b/drivers/pci/controller/pcie-xilinx-dma-pl.c index b037c8f315e4..cc539292d10a 100644 --- a/drivers/pci/controller/pcie-xilinx-dma-pl.c +++ b/drivers/pci/controller/pcie-xilinx-dma-pl.c @@ -659,6 +659,12 @@ static int xilinx_pl_dma_pcie_setup_irq(struct pl_dma_pcie *port) return err; } + /* Enable interrupts */ + pcie_write(port, XILINX_PCIE_DMA_IMR_ALL_MASK, + XILINX_PCIE_DMA_REG_IMR); + pcie_write(port, XILINX_PCIE_DMA_IDRN_MASK, + XILINX_PCIE_DMA_REG_IDRN_MASK); + return 0; } -- 2.47.3

2 weeks, 2 days

8
31
0 0

[PATCH v3 0/3] Fixes/improvements for SM6350 UFS

by Luca Weiss

Fix the order of the freq-table-hz property, then convert to OPP tables and add interconnect support for UFS for the SM6350 SoC. Signed-off-by: Luca Weiss <luca.weiss(a)fairphone.com> --- Changes in v3: - Actually pick up tags, sorry about that - Link to v2: https://lore.kernel.org/r/20251023-sm6350-ufs-things-v2-0-799d59178713@fair… Changes in v2: - Resend, pick up tags - Link to v1: https://lore.kernel.org/r/20250314-sm6350-ufs-things-v1-0-3600362cc52c@fair… --- Luca Weiss (3): arm64: dts: qcom: sm6350: Fix wrong order of freq-table-hz for UFS arm64: dts: qcom: sm6350: Add OPP table support to UFSHC arm64: dts: qcom: sm6350: Add interconnect support to UFS arch/arm64/boot/dts/qcom/sm6350.dtsi | 49 ++++++++++++++++++++++++++++-------- 1 file changed, 39 insertions(+), 10 deletions(-) --- base-commit: a92c761bcac3d5042559107fa7679470727a4bcb change-id: 20250314-sm6350-ufs-things-53c5de9fec5e Best regards, -- Luca Weiss <luca.weiss(a)fairphone.com>

2 weeks, 2 days

2
2
0 0

+ mm-truncate-unmap-large-folio-on-split-failure.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/truncate: unmap large folio on split failure has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-truncate-unmap-large-folio-on-split-failure.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Kiryl Shutsemau <kas(a)kernel.org> Subject: mm/truncate: unmap large folio on split failure Date: Mon, 27 Oct 2025 11:56:36 +0000 Accesses within VMA, but beyond i_size rounded up to PAGE_SIZE are supposed to generate SIGBUS. This behavior might not be respected on truncation. During truncation, the kernel splits a large folio in order to reclaim memory. As a side effect, it unmaps the folio and destroys PMD mappings of the folio. The folio will be refaulted as PTEs and SIGBUS semantics are preserved. However, if the split fails, PMD mappings are preserved and the user will not receive SIGBUS on any accesses within the PMD. Unmap the folio on split failure. It will lead to refault as PTEs and preserve SIGBUS semantics. Make an exception for shmem/tmpfs that for long time intentionally mapped with PMDs across i_size. Link: https://lkml.kernel.org/r/20251027115636.82382-3-kirill@shutemov.name Signed-off-by: Kiryl Shutsemau <kas(a)kernel.org> Cc: Al Viro <viro(a)zeniv.linux.org.uk> Cc: Baolin Wang <baolin.wang(a)linux.alibaba.com> Cc: Christian Brauner <brauner(a)kernel.org> Cc: "Darrick J. Wong" <djwong(a)kernel.org> Cc: Dave Chinner <david(a)fromorbit.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Liam Howlett <liam.howlett(a)oracle.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Mike Rapoport <rppt(a)kernel.org> Cc: Rik van Riel <riel(a)surriel.com> Cc: Shakeel Butt <shakeel.butt(a)linux.dev> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/truncate.c | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) --- a/mm/truncate.c~mm-truncate-unmap-large-folio-on-split-failure +++ a/mm/truncate.c @@ -177,6 +177,32 @@ int truncate_inode_folio(struct address_ return 0; } +static int try_folio_split_or_unmap(struct folio *folio, struct page *split_at, + unsigned long min_order) +{ + enum ttu_flags ttu_flags = + TTU_SYNC | + TTU_SPLIT_HUGE_PMD | + TTU_IGNORE_MLOCK; + int ret; + + ret = try_folio_split_to_order(folio, split_at, min_order); + + /* + * If the split fails, unmap the folio, so it will be refaulted + * with PTEs to respect SIGBUS semantics. + * + * Make an exception for shmem/tmpfs that for long time + * intentionally mapped with PMDs across i_size. + */ + if (ret && !shmem_mapping(folio->mapping)) { + try_to_unmap(folio, ttu_flags); + WARN_ON(folio_mapped(folio)); + } + + return ret; +} + /* * Handle partial folios. The folio may be entirely within the * range if a split has raced with us. If not, we zero the part of the @@ -226,7 +252,7 @@ bool truncate_inode_partial_folio(struct min_order = mapping_min_folio_order(folio->mapping); split_at = folio_page(folio, PAGE_ALIGN_DOWN(offset) / PAGE_SIZE); - if (!try_folio_split_to_order(folio, split_at, min_order)) { + if (!try_folio_split_or_unmap(folio, split_at, min_order)) { /* * try to split at offset + length to make sure folios within * the range can be dropped, especially to avoid memory waste @@ -250,13 +276,10 @@ bool truncate_inode_partial_folio(struct if (!folio_trylock(folio2)) goto out; - /* - * make sure folio2 is large and does not change its mapping. - * Its split result does not matter here. - */ + /* make sure folio2 is large and does not change its mapping */ if (folio_test_large(folio2) && folio2->mapping == folio->mapping) - try_folio_split_to_order(folio2, split_at2, min_order); + try_folio_split_or_unmap(folio2, split_at2, min_order); folio_unlock(folio2); out: _ Patches currently in -mm which might be from kas(a)kernel.org are mm-memory-do-not-populate-page-table-entries-beyond-i_size.patch mm-truncate-unmap-large-folio-on-split-failure.patch

2 weeks, 2 days

1
0
0 0

+ mm-memory-do-not-populate-page-table-entries-beyond-i_size.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/memory: do not populate page table entries beyond i_size has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-memory-do-not-populate-page-table-entries-beyond-i_size.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Kiryl Shutsemau <kas(a)kernel.org> Subject: mm/memory: do not populate page table entries beyond i_size Date: Mon, 27 Oct 2025 11:56:35 +0000 Patch series "Fix SIGBUS semantics with large folios", v3. Accessing memory within a VMA, but beyond i_size rounded up to the next page size, is supposed to generate SIGBUS. Darrick reported[1] an xfstests regression in v6.18-rc1. generic/749 failed due to missing SIGBUS. This was caused by my recent changes that try to fault in the whole folio where possible: 19773df031bc ("mm/fault: try to map the entire file folio in finish_fault()") 357b92761d94 ("mm/filemap: map entire large folio faultaround") These changes did not consider i_size when setting up PTEs, leading to xfstest breakage. However, the problem has been present in the kernel for a long time - since huge tmpfs was introduced in 2016. The kernel happily maps PMD-sized folios as PMD without checking i_size. And huge=always tmpfs allocates PMD-size folios on any writes. I considered this corner case when I implemented a large tmpfs, and my conclusion was that no one in their right mind should rely on receiving a SIGBUS signal when accessing beyond i_size. I cannot imagine how it could be useful for the workload. But apparently filesystem folks care a lot about preserving strict SIGBUS semantics. Generic/749 was introduced last year with reference to POSIX, but no real workloads were mentioned. It also acknowledged the tmpfs deviation from the test case. POSIX indeed says[3]: References within the address range starting at pa and continuing for len bytes to whole pages following the end of an object shall result in delivery of a SIGBUS signal. The patchset fixes the regression introduced by recent changes as well as more subtle SIGBUS breakage due to split failure on truncation. This patch (of 2): Accesses within VMA, but beyond i_size rounded up to PAGE_SIZE are supposed to generate SIGBUS. Recent changes attempted to fault in full folio where possible. They did not respect i_size, which led to populating PTEs beyond i_size and breaking SIGBUS semantics. Darrick reported generic/749 breakage because of this. However, the problem existed before the recent changes. With huge=always tmpfs, any write to a file leads to PMD-size allocation. Following the fault-in of the folio will install PMD mapping regardless of i_size. Fix filemap_map_pages() and finish_fault() to not install: - PTEs beyond i_size; - PMD mappings across i_size; Make an exception for shmem/tmpfs that for long time intentionally mapped with PMDs across i_size. Link: https://lkml.kernel.org/r/20251027115636.82382-1-kirill@shutemov.name Link: https://lkml.kernel.org/r/20251027115636.82382-2-kirill@shutemov.name Signed-off-by: Kiryl Shutsemau <kas(a)kernel.org> Fixes: 19773df031bc ("mm/fault: try to map the entire file folio in finish_fault()") Fixes: 357b92761d94 ("mm/filemap: map entire large folio faultaround") Fixes: 01c70267053d ("fs: add a filesystem flag for THPs") Reported-by: "Darrick J. Wong" <djwong(a)kernel.org> Cc: Al Viro <viro(a)zeniv.linux.org.uk> Cc: Baolin Wang <baolin.wang(a)linux.alibaba.com> Cc: Christian Brauner <brauner(a)kernel.org> Cc: Dave Chinner <david(a)fromorbit.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Liam Howlett <liam.howlett(a)oracle.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Mike Rapoport <rppt(a)kernel.org> Cc: Rik van Riel <riel(a)surriel.com> Cc: Shakeel Butt <shakeel.butt(a)linux.dev> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/filemap.c | 28 ++++++++++++++++++++-------- mm/memory.c | 20 +++++++++++++++++++- 2 files changed, 39 insertions(+), 9 deletions(-) --- a/mm/filemap.c~mm-memory-do-not-populate-page-table-entries-beyond-i_size +++ a/mm/filemap.c @@ -3681,7 +3681,8 @@ skip: static vm_fault_t filemap_map_folio_range(struct vm_fault *vmf, struct folio *folio, unsigned long start, unsigned long addr, unsigned int nr_pages, - unsigned long *rss, unsigned short *mmap_miss) + unsigned long *rss, unsigned short *mmap_miss, + bool can_map_large) { unsigned int ref_from_caller = 1; vm_fault_t ret = 0; @@ -3696,7 +3697,7 @@ static vm_fault_t filemap_map_folio_rang * The folio must not cross VMA or page table boundary. */ addr0 = addr - start * PAGE_SIZE; - if (folio_within_vma(folio, vmf->vma) && + if (can_map_large && folio_within_vma(folio, vmf->vma) && (addr0 & PMD_MASK) == ((addr0 + folio_size(folio) - 1) & PMD_MASK)) { vmf->pte -= start; page -= start; @@ -3811,13 +3812,27 @@ vm_fault_t filemap_map_pages(struct vm_f unsigned long rss = 0; unsigned int nr_pages = 0, folio_type; unsigned short mmap_miss = 0, mmap_miss_saved; + bool can_map_large; rcu_read_lock(); folio = next_uptodate_folio(&xas, mapping, end_pgoff); if (!folio) goto out; - if (filemap_map_pmd(vmf, folio, start_pgoff)) { + file_end = DIV_ROUND_UP(i_size_read(mapping->host), PAGE_SIZE) - 1; + end_pgoff = min(end_pgoff, file_end); + + /* + * Do not allow to map with PTEs beyond i_size and with PMD + * across i_size to preserve SIGBUS semantics. + * + * Make an exception for shmem/tmpfs that for long time + * intentionally mapped with PMDs across i_size. + */ + can_map_large = shmem_mapping(mapping) || + file_end >= folio_next_index(folio); + + if (can_map_large && filemap_map_pmd(vmf, folio, start_pgoff)) { ret = VM_FAULT_NOPAGE; goto out; } @@ -3830,10 +3845,6 @@ vm_fault_t filemap_map_pages(struct vm_f goto out; } - file_end = DIV_ROUND_UP(i_size_read(mapping->host), PAGE_SIZE) - 1; - if (end_pgoff > file_end) - end_pgoff = file_end; - folio_type = mm_counter_file(folio); do { unsigned long end; @@ -3850,7 +3861,8 @@ vm_fault_t filemap_map_pages(struct vm_f else ret |= filemap_map_folio_range(vmf, folio, xas.xa_index - folio->index, addr, - nr_pages, &rss, &mmap_miss); + nr_pages, &rss, &mmap_miss, + can_map_large); folio_unlock(folio); } while ((folio = next_uptodate_folio(&xas, mapping, end_pgoff)) != NULL); --- a/mm/memory.c~mm-memory-do-not-populate-page-table-entries-beyond-i_size +++ a/mm/memory.c @@ -65,6 +65,7 @@ #include <linux/gfp.h> #include <linux/migrate.h> #include <linux/string.h> +#include <linux/shmem_fs.h> #include <linux/memory-tiers.h> #include <linux/debugfs.h> #include <linux/userfaultfd_k.h> @@ -5501,8 +5502,25 @@ fallback: return ret; } + if (!needs_fallback && vma->vm_file) { + struct address_space *mapping = vma->vm_file->f_mapping; + pgoff_t file_end; + + file_end = DIV_ROUND_UP(i_size_read(mapping->host), PAGE_SIZE); + + /* + * Do not allow to map with PTEs beyond i_size and with PMD + * across i_size to preserve SIGBUS semantics. + * + * Make an exception for shmem/tmpfs that for long time + * intentionally mapped with PMDs across i_size. + */ + needs_fallback = !shmem_mapping(mapping) && + file_end < folio_next_index(folio); + } + if (pmd_none(*vmf->pmd)) { - if (folio_test_pmd_mappable(folio)) { + if (!needs_fallback && folio_test_pmd_mappable(folio)) { ret = do_set_pmd(vmf, folio, page); if (ret != VM_FAULT_FALLBACK) return ret; _ Patches currently in -mm which might be from kas(a)kernel.org are mm-memory-do-not-populate-page-table-entries-beyond-i_size.patch mm-truncate-unmap-large-folio-on-split-failure.patch

2 weeks, 2 days

1
0
0 0

[PATCH] thermal/of: Fix reference count leak in thermal_of_cm_lookup

by Miaoqian Lin

The function calls of_parse_phandle() to get a device node, which increments the reference count of the node. However, the function fails to call of_node_put() to decrement the reference. This leads to a reference count leak. This is found by static analysis and similar to the commit a508e33956b5 ("ipmi:ipmb: Fix refcount leak in ipmi_ipmb_probe") Fixes: 423de5b5bc5b ("thermal/of: Fix cdev lookup in thermal_of_should_bind()") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/thermal/thermal_of.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/thermal/thermal_of.c b/drivers/thermal/thermal_of.c index 1a51a4d240ff..932291648683 100644 --- a/drivers/thermal/thermal_of.c +++ b/drivers/thermal/thermal_of.c @@ -284,8 +284,12 @@ static bool thermal_of_cm_lookup(struct device_node *cm_np, int count, i; tr_np = of_parse_phandle(child, "trip", 0); - if (tr_np != trip->priv) + if (tr_np != trip->priv) { + of_node_put(tr_np); continue; + } + + of_node_put(tr_np); /* The trip has been found, look up the cdev. */ count = of_count_phandle_with_args(child, "cooling-device", -- 2.39.5 (Apple Git-154)

2 weeks, 2 days

2
1
0 0

[PATCH v1] net: phy: dp83867: Disable EEE support as not implemented

by Emanuele Ghidoli

From: Emanuele Ghidoli <emanuele.ghidoli(a)toradex.com> While the DP83867 PHYs report EEE capability through their feature registers, the actual hardware does not support EEE (see Links). When the connected MAC enables EEE, it causes link instability and communication failures. The issue is reproducible with a iMX8MP and relevant stmmac ethernet port. Since the introduction of phylink-managed EEE support in the stmmac driver, EEE is now enabled by default, leading to issues on systems using the DP83867 PHY. Call phy_disable_eee during phy initialization to prevent EEE from being enabled on DP83867 PHYs. Link: https://e2e.ti.com/support/interface-group/interface/f/interface-forum/1445… Link: https://e2e.ti.com/support/interface-group/interface/f/interface-forum/6586… Fixes: 2a10154abcb7 ("net: phy: dp83867: Add TI dp83867 phy") Cc: stable(a)vger.kernel.org Signed-off-by: Emanuele Ghidoli <emanuele.ghidoli(a)toradex.com> --- drivers/net/phy/dp83867.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/net/phy/dp83867.c b/drivers/net/phy/dp83867.c index deeefb962566..36a0c1b7f59c 100644 --- a/drivers/net/phy/dp83867.c +++ b/drivers/net/phy/dp83867.c @@ -738,6 +738,12 @@ static int dp83867_config_init(struct phy_device *phydev) return ret; } + /* Although the DP83867 reports EEE capability through the + * MDIO_PCS_EEE_ABLE and MDIO_AN_EEE_ADV registers, the feature + * is not actually implemented in hardware. + */ + phy_disable_eee(phydev); + if (phy_interface_is_rgmii(phydev) || phydev->interface == PHY_INTERFACE_MODE_SGMII) { val = phy_read(phydev, MII_DP83867_PHYCTRL); -- 2.43.0

2 weeks, 2 days

6
16
0 0

FAILED: patch "[PATCH] serial: 8250_dw: handle reset control deassert error" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x daeb4037adf7d3349b4a1fb792f4bc9824686a4b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102701-scabby-entrust-a162@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From daeb4037adf7d3349b4a1fb792f4bc9824686a4b Mon Sep 17 00:00:00 2001 From: Artem Shimko <a.shimko.dev(a)gmail.com> Date: Sun, 19 Oct 2025 12:51:31 +0300 Subject: [PATCH] serial: 8250_dw: handle reset control deassert error Check the return value of reset_control_deassert() in the probe function to prevent continuing probe when reset deassertion fails. Previously, reset_control_deassert() was called without checking its return value, which could lead to probe continuing even when the device reset wasn't properly deasserted. The fix checks the return value and returns an error with dev_err_probe() if reset deassertion fails, providing better error handling and diagnostics. Fixes: acbdad8dd1ab ("serial: 8250_dw: simplify optional reset handling") Cc: stable <stable(a)kernel.org> Signed-off-by: Artem Shimko <a.shimko.dev(a)gmail.com> Link: https://patch.msgid.link/20251019095131.252848-1-a.shimko.dev@gmail.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/tty/serial/8250/8250_dw.c b/drivers/tty/serial/8250/8250_dw.c index a53ba04d9770..710ae4d40aec 100644 --- a/drivers/tty/serial/8250/8250_dw.c +++ b/drivers/tty/serial/8250/8250_dw.c @@ -635,7 +635,9 @@ static int dw8250_probe(struct platform_device *pdev) if (IS_ERR(data->rst)) return PTR_ERR(data->rst); - reset_control_deassert(data->rst); + err = reset_control_deassert(data->rst); + if (err) + return dev_err_probe(dev, err, "failed to deassert resets\n"); err = devm_add_action_or_reset(dev, dw8250_reset_control_assert, data->rst); if (err)

2 weeks, 2 days

2
3
0 0

[PATCH 03/25] media: i2c: ov01a10: Fix gain range

by Hans de Goede

A maximum gain of 0xffff / 65525 seems unlikely and testing indeed shows that the gain control wraps-around at 4096, so set the maximum gain to 0xfff / 4095. The minimum gain of 0x100 is correct. Setting bits 8-11 to 0x0 results in the same gain values as setting these bits to 0x1, with bits 0-7 still increasing the gain when going from 0x000 - 0x0ff in the exact same range as when going from 0x100 - 0x1ff. Fixes: 0827b58dabff ("media: i2c: add ov01a10 image sensor driver") Cc: stable(a)vger.kernel.org Signed-off-by: Hans de Goede <hansg(a)kernel.org> --- drivers/media/i2c/ov01a10.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/media/i2c/ov01a10.c b/drivers/media/i2c/ov01a10.c index 0b1a1ecfffd0..95d6a0f046a0 100644 --- a/drivers/media/i2c/ov01a10.c +++ b/drivers/media/i2c/ov01a10.c @@ -48,7 +48,7 @@ /* analog gain controls */ #define OV01A10_REG_ANALOG_GAIN 0x3508 #define OV01A10_ANAL_GAIN_MIN 0x100 -#define OV01A10_ANAL_GAIN_MAX 0xffff +#define OV01A10_ANAL_GAIN_MAX 0xfff #define OV01A10_ANAL_GAIN_STEP 1 /* digital gain controls */ -- 2.51.0

2 weeks, 2 days

2
1
0 0

[PATCH 02/25] media: i2c: ov01a10: Fix reported pixel-rate value

by Hans de Goede

CSI lanes are double-clocked so with a single lane at 400MHZ the resulting pixel-rate for 10-bits pixels is 400 MHz * 2 / 10 = 80 MHz, not 40 MHz. This also matches with the observed frame-rate of 60 fps with the default vblank setting: 80000000 / (1488 * 896) = 60. Fixes: 0827b58dabff ("media: i2c: add ov01a10 image sensor driver") Cc: stable(a)vger.kernel.org Signed-off-by: Hans de Goede <hansg(a)kernel.org> --- drivers/media/i2c/ov01a10.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/media/i2c/ov01a10.c b/drivers/media/i2c/ov01a10.c index e5df01f97978..0b1a1ecfffd0 100644 --- a/drivers/media/i2c/ov01a10.c +++ b/drivers/media/i2c/ov01a10.c @@ -16,7 +16,7 @@ #include <media/v4l2-fwnode.h> #define OV01A10_LINK_FREQ_400MHZ 400000000ULL -#define OV01A10_SCLK 40000000LL +#define OV01A10_SCLK 80000000LL #define OV01A10_DATA_LANES 1 #define OV01A10_REG_CHIP_ID 0x300a -- 2.51.0

2 weeks, 2 days

2
1
0 0

[PATCH 01/25] media: i2c: ov01a10: Fix the horizontal flip control

by Hans de Goede

During sensor calibration I noticed that with the hflip control set to false/disabled the image was mirrored. So it seems that the horizontal flip control is inverted and needs to be set to 1 to not flip (just like the similar problem recently fixed on the ov08x40 sensor). Invert the hflip control to fix the sensor mirroring by default. As the comment above the newly added OV01A10_MEDIA_BUS_FMT define explains the control being inverted also means that the native Bayer-order of the sensor actually is GBRG not BGGR, but so as to not break userspace the Bayer-order is kept at BGGR. Fixes: 0827b58dabff ("media: i2c: add ov01a10 image sensor driver") Cc: stable(a)vger.kernel.org Signed-off-by: Hans de Goede <hansg(a)kernel.org> --- drivers/media/i2c/ov01a10.c | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/drivers/media/i2c/ov01a10.c b/drivers/media/i2c/ov01a10.c index 141cb6f75b55..e5df01f97978 100644 --- a/drivers/media/i2c/ov01a10.c +++ b/drivers/media/i2c/ov01a10.c @@ -75,6 +75,15 @@ #define OV01A10_REG_X_WIN 0x3811 #define OV01A10_REG_Y_WIN 0x3813 +/* + * The native ov01a10 bayer-pattern is GBRG, but there was a driver bug enabling + * hflip/mirroring by default resulting in BGGR. Because of this bug Intel's + * proprietary IPU6 userspace stack expects BGGR. So we report BGGR to not break + * userspace and fix things up by shifting the crop window-x coordinate by 1 + * when hflip is *disabled*. + */ +#define OV01A10_MEDIA_BUS_FMT MEDIA_BUS_FMT_SBGGR10_1X10 + struct ov01a10_reg { u16 address; u8 val; @@ -185,14 +194,14 @@ static const struct ov01a10_reg sensor_1280x800_setting[] = { {0x380e, 0x03}, {0x380f, 0x80}, {0x3810, 0x00}, - {0x3811, 0x08}, + {0x3811, 0x09}, {0x3812, 0x00}, {0x3813, 0x08}, {0x3814, 0x01}, {0x3815, 0x01}, {0x3816, 0x01}, {0x3817, 0x01}, - {0x3820, 0xa0}, + {0x3820, 0xa8}, {0x3822, 0x13}, {0x3832, 0x28}, {0x3833, 0x10}, @@ -411,7 +420,7 @@ static int ov01a10_set_hflip(struct ov01a10 *ov01a10, u32 hflip) int ret; u32 val, offset; - offset = hflip ? 0x9 : 0x8; + offset = hflip ? 0x8 : 0x9; ret = ov01a10_write_reg(ov01a10, OV01A10_REG_X_WIN, 1, offset); if (ret) return ret; @@ -420,8 +429,8 @@ static int ov01a10_set_hflip(struct ov01a10 *ov01a10, u32 hflip) if (ret) return ret; - val = hflip ? val | FIELD_PREP(OV01A10_HFLIP_MASK, 0x1) : - val & ~OV01A10_HFLIP_MASK; + val = hflip ? val & ~OV01A10_HFLIP_MASK : + val | FIELD_PREP(OV01A10_HFLIP_MASK, 0x1); return ov01a10_write_reg(ov01a10, OV01A10_REG_FORMAT1, 1, val); } @@ -610,7 +619,7 @@ static void ov01a10_update_pad_format(const struct ov01a10_mode *mode, { fmt->width = mode->width; fmt->height = mode->height; - fmt->code = MEDIA_BUS_FMT_SBGGR10_1X10; + fmt->code = OV01A10_MEDIA_BUS_FMT; fmt->field = V4L2_FIELD_NONE; fmt->colorspace = V4L2_COLORSPACE_RAW; } @@ -751,7 +760,7 @@ static int ov01a10_enum_mbus_code(struct v4l2_subdev *sd, if (code->index > 0) return -EINVAL; - code->code = MEDIA_BUS_FMT_SBGGR10_1X10; + code->code = OV01A10_MEDIA_BUS_FMT; return 0; } @@ -761,7 +770,7 @@ static int ov01a10_enum_frame_size(struct v4l2_subdev *sd, struct v4l2_subdev_frame_size_enum *fse) { if (fse->index >= ARRAY_SIZE(supported_modes) || - fse->code != MEDIA_BUS_FMT_SBGGR10_1X10) + fse->code != OV01A10_MEDIA_BUS_FMT) return -EINVAL; fse->min_width = supported_modes[fse->index].width; -- 2.51.0

2 weeks, 2 days

2
1
0 0

FAILED: patch "[PATCH] serial: sc16is7xx: remove useless enable of enhanced features" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 1c05bf6c0262f946571a37678250193e46b1ff0f # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102739-fable-reroute-e6a6@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 1c05bf6c0262f946571a37678250193e46b1ff0f Mon Sep 17 00:00:00 2001 From: Hugo Villeneuve <hvilleneuve(a)dimonoff.com> Date: Mon, 6 Oct 2025 10:20:02 -0400 Subject: [PATCH] serial: sc16is7xx: remove useless enable of enhanced features Commit 43c51bb573aa ("sc16is7xx: make sure device is in suspend once probed") permanently enabled access to the enhanced features in sc16is7xx_probe(), and it is never disabled after that. Therefore, remove re-enable of enhanced features in sc16is7xx_set_baud(). This eliminates a potential useless read + write cycle each time the baud rate is reconfigured. Fixes: 43c51bb573aa ("sc16is7xx: make sure device is in suspend once probed") Cc: stable <stable(a)kernel.org> Signed-off-by: Hugo Villeneuve <hvilleneuve(a)dimonoff.com> Link: https://patch.msgid.link/20251006142002.177475-1-hugo@hugovil.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/tty/serial/sc16is7xx.c b/drivers/tty/serial/sc16is7xx.c index 1a2c4c14f6aa..c7435595dce1 100644 --- a/drivers/tty/serial/sc16is7xx.c +++ b/drivers/tty/serial/sc16is7xx.c @@ -588,13 +588,6 @@ static int sc16is7xx_set_baud(struct uart_port *port, int baud) div /= prescaler; } - /* Enable enhanced features */ - sc16is7xx_efr_lock(port); - sc16is7xx_port_update(port, SC16IS7XX_EFR_REG, - SC16IS7XX_EFR_ENABLE_BIT, - SC16IS7XX_EFR_ENABLE_BIT); - sc16is7xx_efr_unlock(port); - /* If bit MCR_CLKSEL is set, the divide by 4 prescaler is activated. */ sc16is7xx_port_update(port, SC16IS7XX_MCR_REG, SC16IS7XX_MCR_CLKSEL_BIT,

2 weeks, 2 days

2
4
0 0

FAILED: patch "[PATCH] xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x f3d12ec847b945d5d65846c85f062d07d5e73164 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102714-patriot-eel-32c8@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f3d12ec847b945d5d65846c85f062d07d5e73164 Mon Sep 17 00:00:00 2001 From: Mathias Nyman <mathias.nyman(a)linux.intel.com> Date: Tue, 14 Oct 2025 01:55:41 +0300 Subject: [PATCH] xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit DbC may add 1024 bogus bytes to the beginneing of the receiving endpoint if DbC hw triggers a STALL event before any Transfer Blocks (TRBs) for incoming data are queued, but driver handles the event after it queued the TRBs. This is possible as xHCI DbC hardware may trigger spurious STALL transfer events even if endpoint is empty. The STALL event contains a pointer to the stalled TRB, and "remaining" untransferred data length. As there are no TRBs queued yet the STALL event will just point to first TRB position of the empty ring, with '0' bytes remaining untransferred. DbC driver is polling for events, and may not handle the STALL event before /dev/ttyDBC0 is opened and incoming data TRBs are queued. The DbC event handler will now assume the first queued TRB (length 1024) has stalled with '0' bytes remaining untransferred, and copies the data This race situation can be practically mitigated by making sure the event handler handles all pending transfer events when DbC reaches configured state, and only then create dev/ttyDbC0, and start queueing transfers. The event handler can this way detect the STALL events on empty rings and discard them before any transfers are queued. This does in practice solve the issue, but still leaves a small possible gap for the race to trigger. We still need a way to distinguish spurious STALLs on empty rings with '0' bytes remaing, from actual STALL events with all bytes transmitted. Cc: stable <stable(a)kernel.org> Fixes: dfba2174dc42 ("usb: xhci: Add DbC support in xHCI driver") Tested-by: Łukasz Bartosik <ukaszb(a)chromium.org> Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/usb/host/xhci-dbgcap.c b/drivers/usb/host/xhci-dbgcap.c index 63edf2d8f245..023a8ec6f305 100644 --- a/drivers/usb/host/xhci-dbgcap.c +++ b/drivers/usb/host/xhci-dbgcap.c @@ -892,7 +892,8 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) dev_info(dbc->dev, "DbC configured\n"); portsc = readl(&dbc->regs->portsc); writel(portsc, &dbc->regs->portsc); - return EVT_GSER; + ret = EVT_GSER; + break; } return EVT_DONE; @@ -954,7 +955,8 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) break; case TRB_TYPE(TRB_TRANSFER): dbc_handle_xfer_event(dbc, evt); - ret = EVT_XFER_DONE; + if (ret != EVT_GSER) + ret = EVT_XFER_DONE; break; default: break;

2 weeks, 2 days

2
6
0 0

FAILED: patch "[PATCH] serial: 8250_dw: handle reset control deassert error" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x daeb4037adf7d3349b4a1fb792f4bc9824686a4b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102700-sleep-robotics-c9e3@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From daeb4037adf7d3349b4a1fb792f4bc9824686a4b Mon Sep 17 00:00:00 2001 From: Artem Shimko <a.shimko.dev(a)gmail.com> Date: Sun, 19 Oct 2025 12:51:31 +0300 Subject: [PATCH] serial: 8250_dw: handle reset control deassert error Check the return value of reset_control_deassert() in the probe function to prevent continuing probe when reset deassertion fails. Previously, reset_control_deassert() was called without checking its return value, which could lead to probe continuing even when the device reset wasn't properly deasserted. The fix checks the return value and returns an error with dev_err_probe() if reset deassertion fails, providing better error handling and diagnostics. Fixes: acbdad8dd1ab ("serial: 8250_dw: simplify optional reset handling") Cc: stable <stable(a)kernel.org> Signed-off-by: Artem Shimko <a.shimko.dev(a)gmail.com> Link: https://patch.msgid.link/20251019095131.252848-1-a.shimko.dev@gmail.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/tty/serial/8250/8250_dw.c b/drivers/tty/serial/8250/8250_dw.c index a53ba04d9770..710ae4d40aec 100644 --- a/drivers/tty/serial/8250/8250_dw.c +++ b/drivers/tty/serial/8250/8250_dw.c @@ -635,7 +635,9 @@ static int dw8250_probe(struct platform_device *pdev) if (IS_ERR(data->rst)) return PTR_ERR(data->rst); - reset_control_deassert(data->rst); + err = reset_control_deassert(data->rst); + if (err) + return dev_err_probe(dev, err, "failed to deassert resets\n"); err = devm_add_action_or_reset(dev, dw8250_reset_control_assert, data->rst); if (err)

2 weeks, 2 days

2
2
0 0

FAILED: patch "[PATCH] serial: sc16is7xx: remove useless enable of enhanced features" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 1c05bf6c0262f946571a37678250193e46b1ff0f # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102739-casualty-hankering-f9ab@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 1c05bf6c0262f946571a37678250193e46b1ff0f Mon Sep 17 00:00:00 2001 From: Hugo Villeneuve <hvilleneuve(a)dimonoff.com> Date: Mon, 6 Oct 2025 10:20:02 -0400 Subject: [PATCH] serial: sc16is7xx: remove useless enable of enhanced features Commit 43c51bb573aa ("sc16is7xx: make sure device is in suspend once probed") permanently enabled access to the enhanced features in sc16is7xx_probe(), and it is never disabled after that. Therefore, remove re-enable of enhanced features in sc16is7xx_set_baud(). This eliminates a potential useless read + write cycle each time the baud rate is reconfigured. Fixes: 43c51bb573aa ("sc16is7xx: make sure device is in suspend once probed") Cc: stable <stable(a)kernel.org> Signed-off-by: Hugo Villeneuve <hvilleneuve(a)dimonoff.com> Link: https://patch.msgid.link/20251006142002.177475-1-hugo@hugovil.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/tty/serial/sc16is7xx.c b/drivers/tty/serial/sc16is7xx.c index 1a2c4c14f6aa..c7435595dce1 100644 --- a/drivers/tty/serial/sc16is7xx.c +++ b/drivers/tty/serial/sc16is7xx.c @@ -588,13 +588,6 @@ static int sc16is7xx_set_baud(struct uart_port *port, int baud) div /= prescaler; } - /* Enable enhanced features */ - sc16is7xx_efr_lock(port); - sc16is7xx_port_update(port, SC16IS7XX_EFR_REG, - SC16IS7XX_EFR_ENABLE_BIT, - SC16IS7XX_EFR_ENABLE_BIT); - sc16is7xx_efr_unlock(port); - /* If bit MCR_CLKSEL is set, the divide by 4 prescaler is activated. */ sc16is7xx_port_update(port, SC16IS7XX_MCR_REG, SC16IS7XX_MCR_CLKSEL_BIT,

2 weeks, 2 days

2
4
0 0

[[Name]]Alliance Ad

by Almus

2 weeks, 2 days

1
0
0 0

[PATCH 0/4] drm/tidss: Fixes data edge sampling

by Louis Chauvet

Currently the driver only configure the data edge sampling partially. The AM62 require it to be configured in two distincts registers: one in tidss and one in the general device registers. Introduce a new dt property to link the proper syscon node from the main device registers into the tidss driver. Fixes: 32a1795f57ee ("drm/tidss: New driver for TI Keystone platform Display SubSystem") --- Cc: stable(a)vger.kernel.org Signed-off-by: Louis Chauvet <louis.chauvet(a)bootlin.com> --- Louis Chauvet (4): dt-bindings: display: ti,am65x-dss: Add clk property for data edge synchronization dt-bindings: mfd: syscon: Add ti,am625-dss-clk-ctrl arm64: dts: ti: k3-am62-main: Add tidss clk-ctrl property drm/tidss: Fix sampling edge configuration .../devicetree/bindings/display/ti/ti,am65x-dss.yaml | 6 ++++++ Documentation/devicetree/bindings/mfd/syscon.yaml | 3 ++- arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 6 ++++++ drivers/gpu/drm/tidss/tidss_dispc.c | 14 ++++++++++++++ 4 files changed, 28 insertions(+), 1 deletion(-) --- base-commit: 85c23f28905cf20a86ceec3cfd7a0a5572c9eb13 change-id: 20250730-fix-edge-handling-9123f7438910 Best regards, -- Louis Chauvet <louis.chauvet(a)bootlin.com>

2 weeks, 2 days

6
23
0 0

[PATCH v4 bpf 1/3] ftrace: Fix BPF fexit with livepatch

by Song Liu

When livepatch is attached to the same function as bpf trampoline with a fexit program, bpf trampoline code calls register_ftrace_direct() twice. The first time will fail with -EAGAIN, and the second time it will succeed. This requires register_ftrace_direct() to unregister the address on the first attempt. Otherwise, the bpf trampoline cannot attach. Here is an easy way to reproduce this issue: insmod samples/livepatch/livepatch-sample.ko bpftrace -e 'fexit:cmdline_proc_show {}' ERROR: Unable to attach probe: fexit:vmlinux:cmdline_proc_show... Fix this by cleaning up the hash when register_ftrace_function_nolock hits errors. Also, move the code that resets ops->func and ops->trampoline to the error path of register_ftrace_direct(); and add a helper function reset_direct() in register_ftrace_direct() and unregister_ftrace_direct(). Fixes: d05cb470663a ("ftrace: Fix modification of direct_function hash while in use") Cc: stable(a)vger.kernel.org # v6.6+ Reported-by: Andrey Grodzovsky <andrey.grodzovsky(a)crowdstrike.com> Closes: https://lore.kernel.org/live-patching/c5058315a39d4615b333e485893345be@crow… Cc: Steven Rostedt (Google) <rostedt(a)goodmis.org> Cc: Masami Hiramatsu (Google) <mhiramat(a)kernel.org> Acked-and-tested-by: Andrey Grodzovsky <andrey.grodzovsky(a)crowdstrike.com> Signed-off-by: Song Liu <song(a)kernel.org> Reviewed-by: Jiri Olsa <jolsa(a)kernel.org> --- kernel/bpf/trampoline.c | 5 ----- kernel/trace/ftrace.c | 20 ++++++++++++++------ 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/kernel/bpf/trampoline.c b/kernel/bpf/trampoline.c index 5949095e51c3..f2cb0b097093 100644 --- a/kernel/bpf/trampoline.c +++ b/kernel/bpf/trampoline.c @@ -479,11 +479,6 @@ static int bpf_trampoline_update(struct bpf_trampoline *tr, bool lock_direct_mut * BPF_TRAMP_F_SHARE_IPMODIFY is set, we can generate the * trampoline again, and retry register. */ - /* reset fops->func and fops->trampoline for re-register */ - tr->fops->func = NULL; - tr->fops->trampoline = 0; - - /* free im memory and reallocate later */ bpf_tramp_image_free(im); goto again; } diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c index 42bd2ba68a82..cbeb7e833131 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c @@ -5953,6 +5953,17 @@ static void register_ftrace_direct_cb(struct rcu_head *rhp) free_ftrace_hash(fhp); } +static void reset_direct(struct ftrace_ops *ops, unsigned long addr) +{ + struct ftrace_hash *hash = ops->func_hash->filter_hash; + + remove_direct_functions_hash(hash, addr); + + /* cleanup for possible another register call */ + ops->func = NULL; + ops->trampoline = 0; +} + /** * register_ftrace_direct - Call a custom trampoline directly * for multiple functions registered in @ops @@ -6048,6 +6059,8 @@ int register_ftrace_direct(struct ftrace_ops *ops, unsigned long addr) ops->direct_call = addr; err = register_ftrace_function_nolock(ops); + if (err) + reset_direct(ops, addr); out_unlock: mutex_unlock(&direct_mutex); @@ -6080,7 +6093,6 @@ EXPORT_SYMBOL_GPL(register_ftrace_direct); int unregister_ftrace_direct(struct ftrace_ops *ops, unsigned long addr, bool free_filters) { - struct ftrace_hash *hash = ops->func_hash->filter_hash; int err; if (check_direct_multi(ops)) @@ -6090,13 +6102,9 @@ int unregister_ftrace_direct(struct ftrace_ops *ops, unsigned long addr, mutex_lock(&direct_mutex); err = unregister_ftrace_function(ops); - remove_direct_functions_hash(hash, addr); + reset_direct(ops, addr); mutex_unlock(&direct_mutex); - /* cleanup for possible another register call */ - ops->func = NULL; - ops->trampoline = 0; - if (free_filters) ftrace_free_filter(ops); return err; -- 2.47.3

2 weeks, 2 days

1
0
0 0

FAILED: patch "[PATCH] xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x f3d12ec847b945d5d65846c85f062d07d5e73164 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102713-cucumber-persevere-aa50@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f3d12ec847b945d5d65846c85f062d07d5e73164 Mon Sep 17 00:00:00 2001 From: Mathias Nyman <mathias.nyman(a)linux.intel.com> Date: Tue, 14 Oct 2025 01:55:41 +0300 Subject: [PATCH] xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit DbC may add 1024 bogus bytes to the beginneing of the receiving endpoint if DbC hw triggers a STALL event before any Transfer Blocks (TRBs) for incoming data are queued, but driver handles the event after it queued the TRBs. This is possible as xHCI DbC hardware may trigger spurious STALL transfer events even if endpoint is empty. The STALL event contains a pointer to the stalled TRB, and "remaining" untransferred data length. As there are no TRBs queued yet the STALL event will just point to first TRB position of the empty ring, with '0' bytes remaining untransferred. DbC driver is polling for events, and may not handle the STALL event before /dev/ttyDBC0 is opened and incoming data TRBs are queued. The DbC event handler will now assume the first queued TRB (length 1024) has stalled with '0' bytes remaining untransferred, and copies the data This race situation can be practically mitigated by making sure the event handler handles all pending transfer events when DbC reaches configured state, and only then create dev/ttyDbC0, and start queueing transfers. The event handler can this way detect the STALL events on empty rings and discard them before any transfers are queued. This does in practice solve the issue, but still leaves a small possible gap for the race to trigger. We still need a way to distinguish spurious STALLs on empty rings with '0' bytes remaing, from actual STALL events with all bytes transmitted. Cc: stable <stable(a)kernel.org> Fixes: dfba2174dc42 ("usb: xhci: Add DbC support in xHCI driver") Tested-by: Łukasz Bartosik <ukaszb(a)chromium.org> Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/usb/host/xhci-dbgcap.c b/drivers/usb/host/xhci-dbgcap.c index 63edf2d8f245..023a8ec6f305 100644 --- a/drivers/usb/host/xhci-dbgcap.c +++ b/drivers/usb/host/xhci-dbgcap.c @@ -892,7 +892,8 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) dev_info(dbc->dev, "DbC configured\n"); portsc = readl(&dbc->regs->portsc); writel(portsc, &dbc->regs->portsc); - return EVT_GSER; + ret = EVT_GSER; + break; } return EVT_DONE; @@ -954,7 +955,8 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) break; case TRB_TYPE(TRB_TRANSFER): dbc_handle_xfer_event(dbc, evt); - ret = EVT_XFER_DONE; + if (ret != EVT_GSER) + ret = EVT_XFER_DONE; break; default: break;

2 weeks, 2 days

2
6
0 0

FAILED: patch "[PATCH] serial: 8250_dw: handle reset control deassert error" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x daeb4037adf7d3349b4a1fb792f4bc9824686a4b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102700-impish-precook-5377@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From daeb4037adf7d3349b4a1fb792f4bc9824686a4b Mon Sep 17 00:00:00 2001 From: Artem Shimko <a.shimko.dev(a)gmail.com> Date: Sun, 19 Oct 2025 12:51:31 +0300 Subject: [PATCH] serial: 8250_dw: handle reset control deassert error Check the return value of reset_control_deassert() in the probe function to prevent continuing probe when reset deassertion fails. Previously, reset_control_deassert() was called without checking its return value, which could lead to probe continuing even when the device reset wasn't properly deasserted. The fix checks the return value and returns an error with dev_err_probe() if reset deassertion fails, providing better error handling and diagnostics. Fixes: acbdad8dd1ab ("serial: 8250_dw: simplify optional reset handling") Cc: stable <stable(a)kernel.org> Signed-off-by: Artem Shimko <a.shimko.dev(a)gmail.com> Link: https://patch.msgid.link/20251019095131.252848-1-a.shimko.dev@gmail.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/tty/serial/8250/8250_dw.c b/drivers/tty/serial/8250/8250_dw.c index a53ba04d9770..710ae4d40aec 100644 --- a/drivers/tty/serial/8250/8250_dw.c +++ b/drivers/tty/serial/8250/8250_dw.c @@ -635,7 +635,9 @@ static int dw8250_probe(struct platform_device *pdev) if (IS_ERR(data->rst)) return PTR_ERR(data->rst); - reset_control_deassert(data->rst); + err = reset_control_deassert(data->rst); + if (err) + return dev_err_probe(dev, err, "failed to deassert resets\n"); err = devm_add_action_or_reset(dev, dw8250_reset_control_assert, data->rst); if (err)

2 weeks, 2 days

2
2
0 0

[PATCH] PCI/sysfs: enforce single creation of sysfs entry for pdev

by Christian Marangi

In some specific scenario it's possible that the pci_create_resource_files() gets called multiple times and the created entry actually gets wrongly deleted with extreme case of having a NULL pointer dereference when the PCI is removed. This mainly happen due to bad timing where the PCI bus is adding PCI devices and at the same time the sysfs code is adding the entry causing double execution of the pci_create_resource_files function and kernel WARNING. To be more precise there is a race between the late_initcall of pci-sysfs with pci_sysfs_init and PCI bus.c pci_bus_add_device that also call pci_create_sysfs_dev_files. With correct amount of ""luck"" (or better say bad luck) pci_create_sysfs_dev_files in bus.c might be called with pci_sysfs_init is executing the loop. This has been reported multiple times and on multiple system, like imx6 system, ipq806x systems... To address this, imlement multiple improvement to the implementation: 1. Add a bool to pci_dev to flag when sysfs entry are created (sysfs_init) 2. Implement a simple completion to wait pci_sysfs_init execution. 3. Permit additional call of pci_create_sysfs_dev_files only after pci_sysfs_init has finished. With such logic in place, we address al kind of timing problem with minimal change to any driver. A notice worth to mention is that the remove function are not affected by this as the pci_remove_resource_files have enough check in place to always work and it's always called by pci_stop_dev. Cc: stable(a)vger.kernel.org Reported-by: Krzysztof Hałasa <khalasa(a)piap.pl> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=215515 Signed-off-by: Christian Marangi <ansuelsmth(a)gmail.com> --- drivers/pci/pci-sysfs.c | 34 +++++++++++++++++++++++++++++----- include/linux/pci.h | 1 + 2 files changed, 30 insertions(+), 5 deletions(-) diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c index 71a36f57ef57..cab3aa27f947 100644 --- a/drivers/pci/pci-sysfs.c +++ b/drivers/pci/pci-sysfs.c @@ -14,6 +14,7 @@ */ #include <linux/bitfield.h> +#include <linux/completion.h> #include <linux/kernel.h> #include <linux/sched.h> #include <linux/pci.h> @@ -37,6 +38,7 @@ #endif static int sysfs_initialized; /* = 0 */ +static DECLARE_COMPLETION(sysfs_init_completion); /* show configuration fields */ #define pci_config_attr(field, format_string) \ @@ -1652,12 +1654,32 @@ static const struct attribute_group pci_dev_resource_resize_group = { .is_visible = resource_resize_is_visible, }; +static int __pci_create_sysfs_dev_files(struct pci_dev *pdev) +{ + int ret; + + ret = pci_create_resource_files(pdev); + if (ret) + return ret; + + /* on success set sysfs correctly created */ + pdev->sysfs_init = true; + return 0; +} + int __must_check pci_create_sysfs_dev_files(struct pci_dev *pdev) { if (!sysfs_initialized) return -EACCES; - return pci_create_resource_files(pdev); + /* sysfs entry already created */ + if (pdev->sysfs_init) + return 0; + + /* wait for pci_sysfs_init */ + wait_for_completion(&sysfs_init_completion); + + return __pci_create_sysfs_dev_files(pdev); } /** @@ -1678,21 +1700,23 @@ static int __init pci_sysfs_init(void) { struct pci_dev *pdev = NULL; struct pci_bus *pbus = NULL; - int retval; + int retval = 0; sysfs_initialized = 1; for_each_pci_dev(pdev) { - retval = pci_create_sysfs_dev_files(pdev); + retval = __pci_create_sysfs_dev_files(pdev); if (retval) { pci_dev_put(pdev); - return retval; + goto exit; } } while ((pbus = pci_find_next_bus(pbus))) pci_create_legacy_files(pbus); - return 0; +exit: + complete_all(&sysfs_init_completion); + return retval; } late_initcall(pci_sysfs_init); diff --git a/include/linux/pci.h b/include/linux/pci.h index f3f6d6dee3ae..f417a0528f01 100644 --- a/include/linux/pci.h +++ b/include/linux/pci.h @@ -480,6 +480,7 @@ struct pci_dev { unsigned int non_mappable_bars:1; /* BARs can't be mapped to user-space */ pci_dev_flags_t dev_flags; atomic_t enable_cnt; /* pci_enable_device has been called */ + bool sysfs_init; /* sysfs entry has been created */ spinlock_t pcie_cap_lock; /* Protects RMW ops in capability accessors */ u32 saved_config_space[16]; /* Config space saved at suspend time */ -- 2.51.0

2 weeks, 2 days

2
1
0 0

[PATCH v3 bpf 1/3] ftrace: Fix BPF fexit with livepatch

by Song Liu

When livepatch is attached to the same function as bpf trampoline with a fexit program, bpf trampoline code calls register_ftrace_direct() twice. The first time will fail with -EAGAIN, and the second time it will succeed. This requires register_ftrace_direct() to unregister the address on the first attempt. Otherwise, the bpf trampoline cannot attach. Here is an easy way to reproduce this issue: insmod samples/livepatch/livepatch-sample.ko bpftrace -e 'fexit:cmdline_proc_show {}' ERROR: Unable to attach probe: fexit:vmlinux:cmdline_proc_show... Fix this by cleaning up the hash when register_ftrace_function_nolock hits errors. Also, move the code that resets ops->func and ops->trampoline to the error path of register_ftrace_direct(). Fixes: d05cb470663a ("ftrace: Fix modification of direct_function hash while in use") Cc: stable(a)vger.kernel.org # v6.6+ Reported-by: Andrey Grodzovsky <andrey.grodzovsky(a)crowdstrike.com> Closes: https://lore.kernel.org/live-patching/c5058315a39d4615b333e485893345be@crow… Cc: Steven Rostedt (Google) <rostedt(a)goodmis.org> Cc: Masami Hiramatsu (Google) <mhiramat(a)kernel.org> Acked-and-tested-by: Andrey Grodzovsky <andrey.grodzovsky(a)crowdstrike.com> Signed-off-by: Song Liu <song(a)kernel.org> --- kernel/bpf/trampoline.c | 5 ----- kernel/trace/ftrace.c | 6 ++++++ 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/kernel/bpf/trampoline.c b/kernel/bpf/trampoline.c index 5949095e51c3..f2cb0b097093 100644 --- a/kernel/bpf/trampoline.c +++ b/kernel/bpf/trampoline.c @@ -479,11 +479,6 @@ static int bpf_trampoline_update(struct bpf_trampoline *tr, bool lock_direct_mut * BPF_TRAMP_F_SHARE_IPMODIFY is set, we can generate the * trampoline again, and retry register. */ - /* reset fops->func and fops->trampoline for re-register */ - tr->fops->func = NULL; - tr->fops->trampoline = 0; - - /* free im memory and reallocate later */ bpf_tramp_image_free(im); goto again; } diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c index 42bd2ba68a82..725c224fb4e6 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c @@ -6048,6 +6048,12 @@ int register_ftrace_direct(struct ftrace_ops *ops, unsigned long addr) ops->direct_call = addr; err = register_ftrace_function_nolock(ops); + if (err) { + /* cleanup for possible another register call */ + ops->func = NULL; + ops->trampoline = 0; + remove_direct_functions_hash(hash, addr); + } out_unlock: mutex_unlock(&direct_mutex); -- 2.47.3

2 weeks, 2 days

4
4
0 0

[PATCH] iommu/amd: Fix pci_segment memleak in alloc_pci_segment()

by Jinhui Guo

Fix a memory leak of struct amd_iommu_pci_segment in alloc_pci_segment() when system memory (or contiguous memory) is insufficient. Fixes: 04230c119930 ("iommu/amd: Introduce per PCI segment device table") Fixes: eda797a27795 ("iommu/amd: Introduce per PCI segment rlookup table") Fixes: 99fc4ac3d297 ("iommu/amd: Introduce per PCI segment alias_table") Cc: stable(a)vger.kernel.org Signed-off-by: Jinhui Guo <guojinhui.liam(a)bytedance.com> --- drivers/iommu/amd/init.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/drivers/iommu/amd/init.c b/drivers/iommu/amd/init.c index ba9e582a8bbe..77afd5884984 100644 --- a/drivers/iommu/amd/init.c +++ b/drivers/iommu/amd/init.c @@ -1608,13 +1608,22 @@ static struct amd_iommu_pci_seg *__init alloc_pci_segment(u16 id, list_add_tail(&pci_seg->list, &amd_iommu_pci_seg_list); if (alloc_dev_table(pci_seg)) - return NULL; + goto err_free_pci_seg; if (alloc_alias_table(pci_seg)) - return NULL; + goto err_free_dev_table; if (alloc_rlookup_table(pci_seg)) - return NULL; + goto err_free_alias_table; return pci_seg; + +err_free_alias_table: + free_alias_table(pci_seg); +err_free_dev_table: + free_dev_table(pci_seg); +err_free_pci_seg: + list_del(&pci_seg->list); + kfree(pci_seg); + return NULL; } static struct amd_iommu_pci_seg *__init get_pci_segment(u16 id, -- 2.20.1

2 weeks, 2 days

1
1
0 0

FAILED: patch "[PATCH] mptcp: pm: in-kernel: C-flag: handle late ADD_ADDR" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x e84cb860ac3ce67ec6ecc364433fd5b412c448bc # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102642-improper-revered-93ac@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e84cb860ac3ce67ec6ecc364433fd5b412c448bc Mon Sep 17 00:00:00 2001 From: "Matthieu Baerts (NGI0)" <matttbe(a)kernel.org> Date: Mon, 20 Oct 2025 22:53:26 +0200 Subject: [PATCH] mptcp: pm: in-kernel: C-flag: handle late ADD_ADDR The special C-flag case expects the ADD_ADDR to be received when switching to 'fully-established'. But for various reasons, the ADD_ADDR could be sent after the "4th ACK", and the special case doesn't work. On NIPA, the new test validating this special case for the C-flag failed a few times, e.g. 102 default limits, server deny join id 0 syn rx [FAIL] got 0 JOIN[s] syn rx expected 2 Server ns stats (...) MPTcpExtAddAddrTx 1 MPTcpExtEchoAdd 1 Client ns stats (...) MPTcpExtAddAddr 1 MPTcpExtEchoAddTx 1 synack rx [FAIL] got 0 JOIN[s] synack rx expected 2 ack rx [FAIL] got 0 JOIN[s] ack rx expected 2 join Rx [FAIL] see above syn tx [FAIL] got 0 JOIN[s] syn tx expected 2 join Tx [FAIL] see above I had a suspicion about what the issue could be: the ADD_ADDR might have been received after the switch to the 'fully-established' state. The issue was not easy to reproduce. The packet capture shown that the ADD_ADDR can indeed be sent with a delay, and the client would not try to establish subflows to it as expected. A simple fix is not to mark the endpoints as 'used' in the C-flag case, when looking at creating subflows to the remote initial IP address and port. In this case, there is no need to try. Note: newly added fullmesh endpoints will still continue to be used as expected, thanks to the conditions behind mptcp_pm_add_addr_c_flag_case. Fixes: 4b1ff850e0c1 ("mptcp: pm: in-kernel: usable client side with C-flag") Cc: stable(a)vger.kernel.org Reviewed-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/20251020-net-mptcp-c-flag-late-add-addr-v1-1-82070… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/net/mptcp/pm_kernel.c b/net/mptcp/pm_kernel.c index e0f44dc232aa..2ae95476dba3 100644 --- a/net/mptcp/pm_kernel.c +++ b/net/mptcp/pm_kernel.c @@ -370,6 +370,10 @@ static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk) } subflow: + /* No need to try establishing subflows to remote id0 if not allowed */ + if (mptcp_pm_add_addr_c_flag_case(msk)) + goto exit; + /* check if should create a new subflow */ while (msk->pm.local_addr_used < endp_subflow_max && msk->pm.extra_subflows < limit_extra_subflows) { @@ -401,6 +405,8 @@ static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk) __mptcp_subflow_connect(sk, &local, &addrs[i]); spin_lock_bh(&msk->pm.lock); } + +exit: mptcp_pm_nl_check_work_pending(msk); }

2 weeks, 2 days

2
1
0 0

FAILED: patch "[PATCH] xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x f3d12ec847b945d5d65846c85f062d07d5e73164 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102712-unearned-duplicate-8c3b@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f3d12ec847b945d5d65846c85f062d07d5e73164 Mon Sep 17 00:00:00 2001 From: Mathias Nyman <mathias.nyman(a)linux.intel.com> Date: Tue, 14 Oct 2025 01:55:41 +0300 Subject: [PATCH] xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit DbC may add 1024 bogus bytes to the beginneing of the receiving endpoint if DbC hw triggers a STALL event before any Transfer Blocks (TRBs) for incoming data are queued, but driver handles the event after it queued the TRBs. This is possible as xHCI DbC hardware may trigger spurious STALL transfer events even if endpoint is empty. The STALL event contains a pointer to the stalled TRB, and "remaining" untransferred data length. As there are no TRBs queued yet the STALL event will just point to first TRB position of the empty ring, with '0' bytes remaining untransferred. DbC driver is polling for events, and may not handle the STALL event before /dev/ttyDBC0 is opened and incoming data TRBs are queued. The DbC event handler will now assume the first queued TRB (length 1024) has stalled with '0' bytes remaining untransferred, and copies the data This race situation can be practically mitigated by making sure the event handler handles all pending transfer events when DbC reaches configured state, and only then create dev/ttyDbC0, and start queueing transfers. The event handler can this way detect the STALL events on empty rings and discard them before any transfers are queued. This does in practice solve the issue, but still leaves a small possible gap for the race to trigger. We still need a way to distinguish spurious STALLs on empty rings with '0' bytes remaing, from actual STALL events with all bytes transmitted. Cc: stable <stable(a)kernel.org> Fixes: dfba2174dc42 ("usb: xhci: Add DbC support in xHCI driver") Tested-by: Łukasz Bartosik <ukaszb(a)chromium.org> Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/usb/host/xhci-dbgcap.c b/drivers/usb/host/xhci-dbgcap.c index 63edf2d8f245..023a8ec6f305 100644 --- a/drivers/usb/host/xhci-dbgcap.c +++ b/drivers/usb/host/xhci-dbgcap.c @@ -892,7 +892,8 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) dev_info(dbc->dev, "DbC configured\n"); portsc = readl(&dbc->regs->portsc); writel(portsc, &dbc->regs->portsc); - return EVT_GSER; + ret = EVT_GSER; + break; } return EVT_DONE; @@ -954,7 +955,8 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) break; case TRB_TYPE(TRB_TRANSFER): dbc_handle_xfer_event(dbc, evt); - ret = EVT_XFER_DONE; + if (ret != EVT_GSER) + ret = EVT_XFER_DONE; break; default: break;

2 weeks, 2 days

2
5
0 0

FAILED: patch "[PATCH] dt-bindings: usb: dwc3-imx8mp: dma-range is required only for" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 268eb6fb908bc82ce479e4dba9a2cad11f536c9c # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102701-congrats-attire-807b@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 268eb6fb908bc82ce479e4dba9a2cad11f536c9c Mon Sep 17 00:00:00 2001 From: Xu Yang <xu.yang_2(a)nxp.com> Date: Fri, 19 Sep 2025 14:25:34 +0800 Subject: [PATCH] dt-bindings: usb: dwc3-imx8mp: dma-range is required only for imx8mp Only i.MX8MP need dma-range property to let USB controller work properly. Remove dma-range from required list and add limitation for imx8mp. Fixes: d2a704e29711 ("dt-bindings: usb: dwc3-imx8mp: add imx8mp dwc3 glue bindings") Cc: stable <stable(a)kernel.org> Reviewed-by: Jun Li <jun.li(a)nxp.com> Signed-off-by: Xu Yang <xu.yang_2(a)nxp.com> Reviewed-by: Frank Li <Frank.Li(a)nxp.com> Acked-by: Conor Dooley <conor.dooley(a)microchip.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/Documentation/devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml b/Documentation/devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml index baf130669c38..73e7a60a0060 100644 --- a/Documentation/devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml +++ b/Documentation/devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml @@ -89,13 +89,21 @@ required: - reg - "#address-cells" - "#size-cells" - - dma-ranges - ranges - clocks - clock-names - interrupts - power-domains +allOf: + - if: + properties: + compatible: + const: fsl,imx8mp-dwc3 + then: + required: + - dma-ranges + additionalProperties: false examples:

2 weeks, 2 days

2
1
0 0

FAILED: patch "[PATCH] mptcp: pm: in-kernel: C-flag: handle late ADD_ADDR" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x e84cb860ac3ce67ec6ecc364433fd5b412c448bc # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102638-brewery-wanting-8089@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e84cb860ac3ce67ec6ecc364433fd5b412c448bc Mon Sep 17 00:00:00 2001 From: "Matthieu Baerts (NGI0)" <matttbe(a)kernel.org> Date: Mon, 20 Oct 2025 22:53:26 +0200 Subject: [PATCH] mptcp: pm: in-kernel: C-flag: handle late ADD_ADDR The special C-flag case expects the ADD_ADDR to be received when switching to 'fully-established'. But for various reasons, the ADD_ADDR could be sent after the "4th ACK", and the special case doesn't work. On NIPA, the new test validating this special case for the C-flag failed a few times, e.g. 102 default limits, server deny join id 0 syn rx [FAIL] got 0 JOIN[s] syn rx expected 2 Server ns stats (...) MPTcpExtAddAddrTx 1 MPTcpExtEchoAdd 1 Client ns stats (...) MPTcpExtAddAddr 1 MPTcpExtEchoAddTx 1 synack rx [FAIL] got 0 JOIN[s] synack rx expected 2 ack rx [FAIL] got 0 JOIN[s] ack rx expected 2 join Rx [FAIL] see above syn tx [FAIL] got 0 JOIN[s] syn tx expected 2 join Tx [FAIL] see above I had a suspicion about what the issue could be: the ADD_ADDR might have been received after the switch to the 'fully-established' state. The issue was not easy to reproduce. The packet capture shown that the ADD_ADDR can indeed be sent with a delay, and the client would not try to establish subflows to it as expected. A simple fix is not to mark the endpoints as 'used' in the C-flag case, when looking at creating subflows to the remote initial IP address and port. In this case, there is no need to try. Note: newly added fullmesh endpoints will still continue to be used as expected, thanks to the conditions behind mptcp_pm_add_addr_c_flag_case. Fixes: 4b1ff850e0c1 ("mptcp: pm: in-kernel: usable client side with C-flag") Cc: stable(a)vger.kernel.org Reviewed-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/20251020-net-mptcp-c-flag-late-add-addr-v1-1-82070… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/net/mptcp/pm_kernel.c b/net/mptcp/pm_kernel.c index e0f44dc232aa..2ae95476dba3 100644 --- a/net/mptcp/pm_kernel.c +++ b/net/mptcp/pm_kernel.c @@ -370,6 +370,10 @@ static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk) } subflow: + /* No need to try establishing subflows to remote id0 if not allowed */ + if (mptcp_pm_add_addr_c_flag_case(msk)) + goto exit; + /* check if should create a new subflow */ while (msk->pm.local_addr_used < endp_subflow_max && msk->pm.extra_subflows < limit_extra_subflows) { @@ -401,6 +405,8 @@ static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk) __mptcp_subflow_connect(sk, &local, &addrs[i]); spin_lock_bh(&msk->pm.lock); } + +exit: mptcp_pm_nl_check_work_pending(msk); }

2 weeks, 2 days

2
1
0 0

FAILED: patch "[PATCH] xfs: always warn about deprecated mount options" failed to apply to 6.12-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.12-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y git checkout FETCH_HEAD git cherry-pick -x 630785bfbe12c3ee3ebccd8b530a98d632b7e39d # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102645-oblivion-whoopee-576c@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 630785bfbe12c3ee3ebccd8b530a98d632b7e39d Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" <djwong(a)kernel.org> Date: Tue, 21 Oct 2025 11:30:12 -0700 Subject: [PATCH] xfs: always warn about deprecated mount options The deprecation of the 'attr2' mount option in 6.18 wasn't entirely successful because nobody noticed that the kernel never printed a warning about attr2 being set in fstab if the only xfs filesystem is the root fs; the initramfs mounts the root fs with no mount options; and the init scripts only conveyed the fstab options by remounting the root fs. Fix this by making it complain all the time. Cc: stable(a)vger.kernel.org # v5.13 Fixes: 92cf7d36384b99 ("xfs: Skip repetitive warnings about mount options") Signed-off-by: Darrick J. Wong <djwong(a)kernel.org> Reviewed-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: Carlos Maiolino <cmaiolino(a)redhat.com> Signed-off-by: Carlos Maiolino <cem(a)kernel.org> diff --git a/fs/xfs/xfs_super.c b/fs/xfs/xfs_super.c index 9d51186b24dd..c53f2edf92e7 100644 --- a/fs/xfs/xfs_super.c +++ b/fs/xfs/xfs_super.c @@ -1379,16 +1379,25 @@ suffix_kstrtoull( static inline void xfs_fs_warn_deprecated( struct fs_context *fc, - struct fs_parameter *param, - uint64_t flag, - bool value) + struct fs_parameter *param) { - /* Don't print the warning if reconfiguring and current mount point - * already had the flag set + /* + * Always warn about someone passing in a deprecated mount option. + * Previously we wouldn't print the warning if we were reconfiguring + * and current mount point already had the flag set, but that was not + * the right thing to do. + * + * Many distributions mount the root filesystem with no options in the + * initramfs and rely on mount -a to remount the root fs with the + * options in fstab. However, the old behavior meant that there would + * never be a warning about deprecated mount options for the root fs in + * /etc/fstab. On a single-fs system, that means no warning at all. + * + * Compounding this problem are distribution scripts that copy + * /proc/mounts to fstab, which means that we can't remove mount + * options unless we're 100% sure they have only ever been advertised + * in /proc/mounts in response to explicitly provided mount options. */ - if ((fc->purpose & FS_CONTEXT_FOR_RECONFIGURE) && - !!(XFS_M(fc->root->d_sb)->m_features & flag) == value) - return; xfs_warn(fc->s_fs_info, "%s mount option is deprecated.", param->key); }

2 weeks, 2 days

3
2
0 0

, conoce mejor a tu candidato antes de contratar

by Valeria Pérez

Evaluaciones Psicométricas para RR.HH. body { margin: 0; padding: 0; font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #333; background-color: #ffffff; } table { border-spacing: 0; width: 100%; max-width: 600px; margin: auto; } td { padding: 12px 20px; } a { color: #1a73e8; text-decoration: none; } .footer { font-size: 12px; color: #888888; text-align: center; } Mejora tus procesos de selección con evaluaciones psicométricas fáciles y confiables. Hola, , Sabemos que encontrar al candidato ideal va más allá del currículum. Por eso quiero contarte brevemente sobre PsicoSmart, una plataforma que ayuda a equipos de RR.HH. a evaluar talento con pruebas psicométricas rápidas, confiables y fáciles de aplicar. Con PsicoSmart puedes: Aplicar evaluaciones psicométricas 100% en línea. Elegir entre más de 31 pruebas psicométricas Generar reportes automáticos, visuales y fáciles de interpretar. Comparar resultados entre candidatos en segundos. Ahorrar horas valiosas del proceso de selección. Si estás buscando mejorar tus contrataciones, te lo recomiendo muchísimo. Si quieres conocer más puedes responder este correo o simplemente contactarme, mis datos están abajo. Saludos, ----------------------------- Atte.: Valeria Pérez Ciudad de México: (55) 5018 0565 WhatsApp: +52 33 1607 2089 Si no deseas recibir más correos, haz clic aquí para darte de baja. Para remover su dirección de esta lista haga <a href="https://s1.arrobamail.com/unsuscribe.php?id=yiwtsrewisppyseup">click aquí</a>

2 weeks, 2 days

1
0
0 0

, el clima laboral también se gestiona

by Daniel Rodríguez

Mejora el clima organizacional body { margin: 0; padding: 0; font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #333; background-color: #ffffff; } table { border-spacing: 0; width: 100%; max-width: 600px; margin: auto; } td { padding: 12px 20px; } a { color: #1a73e8; text-decoration: none; } .footer { font-size: 12px; color: #888888; text-align: center; } Diagnostica el clima y cultura de tu organización con Vorecol Work Environment. Hola, , El desempeño de un equipo no solo depende del talento individual, también del entorno en el que trabaja. Muchas veces, los problemas de rotación o bajo compromiso tienen raíces invisibles... hasta que se miden. Por eso quiero presentarte Vorecol Work Environment, una herramienta diseñada para ayudarte a comprender mejor cómo se vive la cultura y el clima dentro de tu organización. Con Vorecol puedes: Aplicar evaluaciones periódicas de clima y cultura organizacional, personalizadas a tu contexto. Obtener resultados organizados por áreas, con alertas sobre temas críticos como liderazgo, carga laboral o reconocimiento. Acceder a paneles dinámicos que te permiten visualizar tendencias, puntos de mejora y fortalezas de forma clara. Ideal para organizaciones que quieren escuchar más, reaccionar mejor y construir un entorno donde las personas quieran quedarse. Si estás buscando mejorar tu ambiente laboral, vale la pena considerarlo. Si quieres conocer más puedes responder este correo o simplemente contactarme, mis datos están abajo. Saludos, -------------- Atte.: Daniel Rodríguez Ciudad de México: (55) 5018 0565 WhatsApp: +52 33 1607 2089 Si no deseas recibir más correos, haz clic aquí para darte de baja. Para remover su dirección de esta lista haga <a href="https://s1.arrobamail.com/unsuscribe.php?id=yiwtsrewisppuseup">click aquí</a>

2 weeks, 2 days

1
0
0 0

[PATCH] media: c8sectpfe: fix probe device leaks

by Johan Hovold

Make sure to drop the references taken to the I2C adapters during probe on probe failure (e.g. probe deferral) and on driver unbind. Fixes: c5f5d0f99794 ("[media] c8sectpfe: STiH407/10 Linux DVB demux support") Cc: stable(a)vger.kernel.org # 4.3 Cc: Peter Griffin <peter.griffin(a)linaro.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- .../media/platform/st/sti/c8sectpfe/c8sectpfe-core.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/drivers/media/platform/st/sti/c8sectpfe/c8sectpfe-core.c b/drivers/media/platform/st/sti/c8sectpfe/c8sectpfe-core.c index 89bd15a4d26a..3f94d9b4ef1e 100644 --- a/drivers/media/platform/st/sti/c8sectpfe/c8sectpfe-core.c +++ b/drivers/media/platform/st/sti/c8sectpfe/c8sectpfe-core.c @@ -655,6 +655,13 @@ static irqreturn_t c8sectpfe_error_irq_handler(int irq, void *priv) return IRQ_HANDLED; } +static void c8sectpfe_put_device(void *_dev) +{ + struct device *dev = _dev; + + put_device(dev); +} + static int c8sectpfe_probe(struct platform_device *pdev) { struct device *dev = &pdev->dev; @@ -799,6 +806,11 @@ static int c8sectpfe_probe(struct platform_device *pdev) return -ENODEV; } + ret = devm_add_action_or_reset(dev, c8sectpfe_put_device, + &tsin->i2c_adapter->dev); + if (ret) + return ret; + /* Acquire reset GPIO and activate it */ tsin->rst_gpio = devm_fwnode_gpiod_get(dev, of_fwnode_handle(child), -- 2.49.1

2 weeks, 2 days

3
4
0 0

FAILED: patch "[PATCH] mptcp: pm: in-kernel: C-flag: handle late ADD_ADDR" failed to apply to 6.12-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.12-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y git checkout FETCH_HEAD git cherry-pick -x e84cb860ac3ce67ec6ecc364433fd5b412c448bc # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102634-cache-seventeen-becb@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e84cb860ac3ce67ec6ecc364433fd5b412c448bc Mon Sep 17 00:00:00 2001 From: "Matthieu Baerts (NGI0)" <matttbe(a)kernel.org> Date: Mon, 20 Oct 2025 22:53:26 +0200 Subject: [PATCH] mptcp: pm: in-kernel: C-flag: handle late ADD_ADDR The special C-flag case expects the ADD_ADDR to be received when switching to 'fully-established'. But for various reasons, the ADD_ADDR could be sent after the "4th ACK", and the special case doesn't work. On NIPA, the new test validating this special case for the C-flag failed a few times, e.g. 102 default limits, server deny join id 0 syn rx [FAIL] got 0 JOIN[s] syn rx expected 2 Server ns stats (...) MPTcpExtAddAddrTx 1 MPTcpExtEchoAdd 1 Client ns stats (...) MPTcpExtAddAddr 1 MPTcpExtEchoAddTx 1 synack rx [FAIL] got 0 JOIN[s] synack rx expected 2 ack rx [FAIL] got 0 JOIN[s] ack rx expected 2 join Rx [FAIL] see above syn tx [FAIL] got 0 JOIN[s] syn tx expected 2 join Tx [FAIL] see above I had a suspicion about what the issue could be: the ADD_ADDR might have been received after the switch to the 'fully-established' state. The issue was not easy to reproduce. The packet capture shown that the ADD_ADDR can indeed be sent with a delay, and the client would not try to establish subflows to it as expected. A simple fix is not to mark the endpoints as 'used' in the C-flag case, when looking at creating subflows to the remote initial IP address and port. In this case, there is no need to try. Note: newly added fullmesh endpoints will still continue to be used as expected, thanks to the conditions behind mptcp_pm_add_addr_c_flag_case. Fixes: 4b1ff850e0c1 ("mptcp: pm: in-kernel: usable client side with C-flag") Cc: stable(a)vger.kernel.org Reviewed-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/20251020-net-mptcp-c-flag-late-add-addr-v1-1-82070… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/net/mptcp/pm_kernel.c b/net/mptcp/pm_kernel.c index e0f44dc232aa..2ae95476dba3 100644 --- a/net/mptcp/pm_kernel.c +++ b/net/mptcp/pm_kernel.c @@ -370,6 +370,10 @@ static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk) } subflow: + /* No need to try establishing subflows to remote id0 if not allowed */ + if (mptcp_pm_add_addr_c_flag_case(msk)) + goto exit; + /* check if should create a new subflow */ while (msk->pm.local_addr_used < endp_subflow_max && msk->pm.extra_subflows < limit_extra_subflows) { @@ -401,6 +405,8 @@ static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk) __mptcp_subflow_connect(sk, &local, &addrs[i]); spin_lock_bh(&msk->pm.lock); } + +exit: mptcp_pm_nl_check_work_pending(msk); }

2 weeks, 2 days

2
1
0 0

FAILED: patch "[PATCH] dt-bindings: usb: dwc3-imx8mp: dma-range is required only for" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 268eb6fb908bc82ce479e4dba9a2cad11f536c9c # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102701-refinish-carrot-c75e@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 268eb6fb908bc82ce479e4dba9a2cad11f536c9c Mon Sep 17 00:00:00 2001 From: Xu Yang <xu.yang_2(a)nxp.com> Date: Fri, 19 Sep 2025 14:25:34 +0800 Subject: [PATCH] dt-bindings: usb: dwc3-imx8mp: dma-range is required only for imx8mp Only i.MX8MP need dma-range property to let USB controller work properly. Remove dma-range from required list and add limitation for imx8mp. Fixes: d2a704e29711 ("dt-bindings: usb: dwc3-imx8mp: add imx8mp dwc3 glue bindings") Cc: stable <stable(a)kernel.org> Reviewed-by: Jun Li <jun.li(a)nxp.com> Signed-off-by: Xu Yang <xu.yang_2(a)nxp.com> Reviewed-by: Frank Li <Frank.Li(a)nxp.com> Acked-by: Conor Dooley <conor.dooley(a)microchip.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/Documentation/devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml b/Documentation/devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml index baf130669c38..73e7a60a0060 100644 --- a/Documentation/devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml +++ b/Documentation/devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml @@ -89,13 +89,21 @@ required: - reg - "#address-cells" - "#size-cells" - - dma-ranges - ranges - clocks - clock-names - interrupts - power-domains +allOf: + - if: + properties: + compatible: + const: fsl,imx8mp-dwc3 + then: + required: + - dma-ranges + additionalProperties: false examples:

2 weeks, 2 days

2
1
0 0

[PATCH] amba: tegra-ahb: fix reference count leak in tegra_ahb_enable_smmu

by Miaoqian Lin

The driver_find_device_by_of_node() function returns a device with its reference count incremented. driver_find_device_by_of_node() is an inline wrapper that calls driver_find_device(), which calls get_device(dev) and returns the found device with an incremented reference count. Fix this by adding the missing put_device() call after the device operations are completed. Found via static analysis. Fixes: 89c788bab1f0 ("ARM: tegra: Add SMMU enabler in AHB") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/amba/tegra-ahb.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/amba/tegra-ahb.c b/drivers/amba/tegra-ahb.c index c0e8b765522d..6c306d017b67 100644 --- a/drivers/amba/tegra-ahb.c +++ b/drivers/amba/tegra-ahb.c @@ -147,6 +147,7 @@ int tegra_ahb_enable_smmu(struct device_node *dn) val = gizmo_readl(ahb, AHB_ARBITRATION_XBAR_CTRL); val |= AHB_ARBITRATION_XBAR_CTRL_SMMU_INIT_DONE; gizmo_writel(ahb, val, AHB_ARBITRATION_XBAR_CTRL); + put_device(dev); return 0; } EXPORT_SYMBOL(tegra_ahb_enable_smmu); -- 2.39.5 (Apple Git-154)

2 weeks, 2 days

1
0
0 0

[PATCH v2] s390/mm: Fix memory leak in add_marker() when kvrealloc fails

by Miaoqian Lin

The function has a memory leak when kvrealloc() fails. The function directly assigns NULL to the markers pointer, losing the reference to the previously allocated memory. This causes kvfree() in pt_dump_init() to free NULL instead of the leaked memory. Fix by: 1. Using kvrealloc() uniformly for all allocations 2. Using a temporary variable to preserve the original pointer until allocation succeeds 3. Removing the error path that sets markers_cnt=0 to keep consistency between markers and markers_cnt Found via static analysis and this is similar to commit 42378a9ca553 ("bpf, verifier: Fix memory leak in array reallocation for stack state") Fixes: d0e7915d2ad3 ("s390/mm/ptdump: Generate address marker array dynamically") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- changes in v2: - update the fixing logic to prevent memory leak in v1 v1 link: https://lore.kernel.org/all/20251026091351.36275-1-linmq006@gmail.com/ --- arch/s390/mm/dump_pagetables.c | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/arch/s390/mm/dump_pagetables.c b/arch/s390/mm/dump_pagetables.c index 9af2aae0a515..ab0c1fcf2782 100644 --- a/arch/s390/mm/dump_pagetables.c +++ b/arch/s390/mm/dump_pagetables.c @@ -291,16 +291,15 @@ static int ptdump_cmp(const void *a, const void *b) static int add_marker(unsigned long start, unsigned long end, const char *name) { - size_t oldsize, newsize; - - oldsize = markers_cnt * sizeof(*markers); - newsize = oldsize + 2 * sizeof(*markers); - if (!oldsize) - markers = kvmalloc(newsize, GFP_KERNEL); - else - markers = kvrealloc(markers, newsize, GFP_KERNEL); - if (!markers) - goto error; + struct addr_marker *new_markers; + size_t newsize; + + newsize = (markers_cnt + 2) * sizeof(*markers); + new_markers = kvrealloc(markers, newsize, GFP_KERNEL); + if (!new_markers) + return -ENOMEM; + + markers = new_markers; markers[markers_cnt].is_start = 1; markers[markers_cnt].start_address = start; markers[markers_cnt].size = end - start; @@ -312,9 +311,6 @@ static int add_marker(unsigned long start, unsigned long end, const char *name) markers[markers_cnt].name = name; markers_cnt++; return 0; -error: - markers_cnt = 0; - return -ENOMEM; } static int pt_dump_init(void) -- 2.39.5 (Apple Git-154)

2 weeks, 2 days

2
1
0 0

[PATCH net v5] virtio-net: fix received length check in big packets

by Bui Quang Minh

Since commit 4959aebba8c0 ("virtio-net: use mtu size as buffer length for big packets"), when guest gso is off, the allocated size for big packets is not MAX_SKB_FRAGS * PAGE_SIZE anymore but depends on negotiated MTU. The number of allocated frags for big packets is stored in vi->big_packets_num_skbfrags. Because the host announced buffer length can be malicious (e.g. the host vhost_net driver's get_rx_bufs is modified to announce incorrect length), we need a check in virtio_net receive path. Currently, the check is not adapted to the new change which can lead to NULL page pointer dereference in the below while loop when receiving length that is larger than the allocated one. This commit fixes the received length check corresponding to the new change. Fixes: 4959aebba8c0 ("virtio-net: use mtu size as buffer length for big packets") Cc: stable(a)vger.kernel.org Signed-off-by: Bui Quang Minh <minhquangbui99(a)gmail.com> --- Changes in v5: - Move the length check to receive_big - Link to v4: https://lore.kernel.org/netdev/20251022160623.51191-1-minhquangbui99@gmail.… Changes in v4: - Remove unrelated changes, add more comments - Link to v3: https://lore.kernel.org/netdev/20251021154534.53045-1-minhquangbui99@gmail.… Changes in v3: - Convert BUG_ON to WARN_ON_ONCE - Link to v2: https://lore.kernel.org/netdev/20250708144206.95091-1-minhquangbui99@gmail.… Changes in v2: - Remove incorrect give_pages call - Link to v1: https://lore.kernel.org/netdev/20250706141150.25344-1-minhquangbui99@gmail.… --- drivers/net/virtio_net.c | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index a757cbcab87f..2c3f544add5e 100644 --- a/drivers/net/virtio_net.c +++ b/drivers/net/virtio_net.c @@ -910,17 +910,6 @@ static struct sk_buff *page_to_skb(struct virtnet_info *vi, goto ok; } - /* - * Verify that we can indeed put this data into a skb. - * This is here to handle cases when the device erroneously - * tries to receive more than is possible. This is usually - * the case of a broken device. - */ - if (unlikely(len > MAX_SKB_FRAGS * PAGE_SIZE)) { - net_dbg_ratelimited("%s: too much data\n", skb->dev->name); - dev_kfree_skb(skb); - return NULL; - } BUG_ON(offset >= PAGE_SIZE); while (len) { unsigned int frag_size = min((unsigned)PAGE_SIZE - offset, len); @@ -2107,9 +2096,19 @@ static struct sk_buff *receive_big(struct net_device *dev, struct virtnet_rq_stats *stats) { struct page *page = buf; - struct sk_buff *skb = - page_to_skb(vi, rq, page, 0, len, PAGE_SIZE, 0); + struct sk_buff *skb; + + /* Make sure that len does not exceed the allocated size in + * add_recvbuf_big. + */ + if (unlikely(len > vi->big_packets_num_skbfrags * PAGE_SIZE)) { + pr_debug("%s: rx error: len %u exceeds allocate size %lu\n", + dev->name, len, + vi->big_packets_num_skbfrags * PAGE_SIZE); + goto err; + } + skb = page_to_skb(vi, rq, page, 0, len, PAGE_SIZE, 0); u64_stats_add(&stats->bytes, len - vi->hdr_len); if (unlikely(!skb)) goto err; -- 2.43.0

2 weeks, 2 days

3
7
0 0

[PATCH] serial: amba-pl011: prefer dma_mapping_error() over explicit address checking

by Miaoqian Lin

Check for returned DMA addresses using specialized dma_mapping_error() helper which is generally recommended for this purpose by Documentation/core-api/dma-api.rst: "In some circumstances dma_map_single(), ... will fail to create a mapping. A driver can check for these errors by testing the returned DMA address with dma_mapping_error()." Found via static analysis and this is similar to commit fa0308134d26 ("ALSA: memalloc: prefer dma_mapping_error() over explicit address checking") Fixes: 58ac1b379979 ("ARM: PL011: Fix DMA support") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/tty/serial/amba-pl011.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/tty/serial/amba-pl011.c b/drivers/tty/serial/amba-pl011.c index 22939841b1de..7f17d288c807 100644 --- a/drivers/tty/serial/amba-pl011.c +++ b/drivers/tty/serial/amba-pl011.c @@ -628,7 +628,7 @@ static int pl011_dma_tx_refill(struct uart_amba_port *uap) dmatx->len = count; dmatx->dma = dma_map_single(dma_dev->dev, dmatx->buf, count, DMA_TO_DEVICE); - if (dmatx->dma == DMA_MAPPING_ERROR) { + if (dma_mapping_error(dma_dev->dev, dmatx->dma)) { uap->dmatx.queued = false; dev_dbg(uap->port.dev, "unable to map TX DMA\n"); return -EBUSY; -- 2.39.5 (Apple Git-154)

2 weeks, 2 days

2
1
0 0

[PATCH 0/2] drm/xe: Fix some rebar issues

by Lucas De Marchi

Our implementation for BAR2 (lmembar) resize works at the xe_vram layer and only releases that BAR before resizing. That is not always sufficient. If the parent bridge needs to move, the BAR0 also needs to be released, otherwise the resize fails. This is the case of not having enough space allocated from the beginning. Also, there's a BAR0 in the upstream port of the pcie switch in BMG preventing the resize to propagate to the bridge as previously discussed in https://lore.kernel.org/intel-xe/20250721173057.867829-1-uwu@icenowy.me/ and https://lore.kernel.org/intel-xe/wqukxnxni2dbpdhri3cbvlrzsefgdanesgskzmxi5s… I'm bringing that commit from Ilpo here so this can be tested with the xe changes and propagate to stable. Note that the use of a pci fixup is not ideal, but without intrusive changes on resource fitting it's possibly the best alternative. I also have confirmation from HW folks that the BAR in the upstream port has no production use. I have more cleanups on top on the xe side, but those conflict with some refactors Ilpo is working on as prep for the resource fitting, so I will wait things settle to submit again. I propose to take this through the drm tree. With this I could resize the lmembar on some problematic hosts and after doing an SBR, with one caveat: the audio device also prevents the BAR from moving and it needs to be manually removed before resizing. With the PCI refactors and BAR fitting logic that Ilpo is working on, it's expected that it won't be needed for a long time. Signed-off-by: Lucas De Marchi <lucas.demarchi(a)intel.com> --- Ilpo Järvinen (1): PCI: Release BAR0 of an integrated bridge to allow GPU BAR resize Lucas De Marchi (1): drm/xe: Move rebar to be done earlier drivers/gpu/drm/xe/xe_pci.c | 2 ++ drivers/gpu/drm/xe/xe_vram.c | 34 ++++++++++++++++++++++++++-------- drivers/gpu/drm/xe/xe_vram.h | 1 + drivers/pci/quirks.c | 23 +++++++++++++++++++++++ 4 files changed, 52 insertions(+), 8 deletions(-) base-commit: 8031d70dbb4201841897de480cec1f9750d4a5dc change-id: 20250917-xe-pci-rebar-2-c0fe2f04c879 Lucas De Marchi

2 weeks, 2 days

3
9
0 0

FAILED: patch "[PATCH] net: ravb: Enforce descriptor type ordering" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 5370c31e84b0e0999c7b5ff949f4e104def35584 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102624-direness-catalyze-d721@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5370c31e84b0e0999c7b5ff949f4e104def35584 Mon Sep 17 00:00:00 2001 From: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Date: Fri, 17 Oct 2025 16:18:29 +0100 Subject: [PATCH] net: ravb: Enforce descriptor type ordering MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ensure the TX descriptor type fields are published in a safe order so the DMA engine never begins processing a descriptor chain before all descriptor fields are fully initialised. For multi-descriptor transmits the driver writes DT_FEND into the last descriptor and DT_FSTART into the first. The DMA engine begins processing when it observes DT_FSTART. Move the dma_wmb() barrier so it executes immediately after DT_FEND and immediately before writing DT_FSTART (and before DT_FSINGLE in the single-descriptor case). This guarantees that all prior CPU writes to the descriptor memory are visible to the device before DT_FSTART is seen. This avoids a situation where compiler/CPU reordering could publish DT_FSTART ahead of DT_FEND or other descriptor fields, allowing the DMA to start on a partially initialised chain and causing corrupted transmissions or TX timeouts. Such a failure was observed on RZ/G2L with an RT kernel as transmit queue timeouts and device resets. Fixes: 2f45d1902acf ("ravb: minimize TX data copying") Cc: stable(a)vger.kernel.org Co-developed-by: Fabrizio Castro <fabrizio.castro.jz(a)renesas.com> Signed-off-by: Fabrizio Castro <fabrizio.castro.jz(a)renesas.com> Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Reviewed-by: Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> Link: https://patch.msgid.link/20251017151830.171062-4-prabhakar.mahadev-lad.rj@b… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/drivers/net/ethernet/renesas/ravb_main.c b/drivers/net/ethernet/renesas/ravb_main.c index 9d3bd65b85ff..044ee83c63bb 100644 --- a/drivers/net/ethernet/renesas/ravb_main.c +++ b/drivers/net/ethernet/renesas/ravb_main.c @@ -2211,13 +2211,25 @@ static netdev_tx_t ravb_start_xmit(struct sk_buff *skb, struct net_device *ndev) skb_tx_timestamp(skb); } - /* Descriptor type must be set after all the above writes */ - dma_wmb(); + if (num_tx_desc > 1) { desc->die_dt = DT_FEND; desc--; + /* When using multi-descriptors, DT_FEND needs to get written + * before DT_FSTART, but the compiler may reorder the memory + * writes in an attempt to optimize the code. + * Use a dma_wmb() barrier to make sure DT_FEND and DT_FSTART + * are written exactly in the order shown in the code. + * This is particularly important for cases where the DMA engine + * is already running when we are running this code. If the DMA + * sees DT_FSTART without the corresponding DT_FEND it will enter + * an error condition. + */ + dma_wmb(); desc->die_dt = DT_FSTART; } else { + /* Descriptor type must be set after all the above writes */ + dma_wmb(); desc->die_dt = DT_FSINGLE; } ravb_modify(ndev, TCCR, TCCR_TSRQ0 << q, TCCR_TSRQ0 << q);

2 weeks, 2 days

2
1
0 0

FAILED: patch "[PATCH] selftests: mptcp: join: mark 'delete re-add signal' as" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x c3496c052ac36ea98ec4f8e95ae6285a425a2457 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102628-overrun-runny-87fb@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From c3496c052ac36ea98ec4f8e95ae6285a425a2457 Mon Sep 17 00:00:00 2001 From: "Matthieu Baerts (NGI0)" <matttbe(a)kernel.org> Date: Mon, 20 Oct 2025 22:53:29 +0200 Subject: [PATCH] selftests: mptcp: join: mark 'delete re-add signal' as skipped if not supported The call to 'continue_if' was missing: it properly marks a subtest as 'skipped' if the attached condition is not valid. Without that, the test is wrongly marked as passed on older kernels. Fixes: b5e2fb832f48 ("selftests: mptcp: add explicit test case for remove/readd") Cc: stable(a)vger.kernel.org Reviewed-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/20251020-net-mptcp-c-flag-late-add-addr-v1-4-82070… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index d98f8f8905b9..b2a8c51a3969 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -4040,7 +4040,7 @@ endpoint_tests() # remove and re-add if reset_with_events "delete re-add signal" && - mptcp_lib_kallsyms_has "subflow_rebuild_header$"; then + continue_if mptcp_lib_kallsyms_has "subflow_rebuild_header$"; then ip netns exec $ns1 sysctl -q net.mptcp.add_addr_timeout=0 pm_nl_set_limits $ns1 0 3 pm_nl_set_limits $ns2 3 3

2 weeks, 2 days

2
2
0 0

FAILED: patch "[PATCH] net: ravb: Enforce descriptor type ordering" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 5370c31e84b0e0999c7b5ff949f4e104def35584 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102624-thirsty-otter-d285@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5370c31e84b0e0999c7b5ff949f4e104def35584 Mon Sep 17 00:00:00 2001 From: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Date: Fri, 17 Oct 2025 16:18:29 +0100 Subject: [PATCH] net: ravb: Enforce descriptor type ordering MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ensure the TX descriptor type fields are published in a safe order so the DMA engine never begins processing a descriptor chain before all descriptor fields are fully initialised. For multi-descriptor transmits the driver writes DT_FEND into the last descriptor and DT_FSTART into the first. The DMA engine begins processing when it observes DT_FSTART. Move the dma_wmb() barrier so it executes immediately after DT_FEND and immediately before writing DT_FSTART (and before DT_FSINGLE in the single-descriptor case). This guarantees that all prior CPU writes to the descriptor memory are visible to the device before DT_FSTART is seen. This avoids a situation where compiler/CPU reordering could publish DT_FSTART ahead of DT_FEND or other descriptor fields, allowing the DMA to start on a partially initialised chain and causing corrupted transmissions or TX timeouts. Such a failure was observed on RZ/G2L with an RT kernel as transmit queue timeouts and device resets. Fixes: 2f45d1902acf ("ravb: minimize TX data copying") Cc: stable(a)vger.kernel.org Co-developed-by: Fabrizio Castro <fabrizio.castro.jz(a)renesas.com> Signed-off-by: Fabrizio Castro <fabrizio.castro.jz(a)renesas.com> Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Reviewed-by: Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> Link: https://patch.msgid.link/20251017151830.171062-4-prabhakar.mahadev-lad.rj@b… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/drivers/net/ethernet/renesas/ravb_main.c b/drivers/net/ethernet/renesas/ravb_main.c index 9d3bd65b85ff..044ee83c63bb 100644 --- a/drivers/net/ethernet/renesas/ravb_main.c +++ b/drivers/net/ethernet/renesas/ravb_main.c @@ -2211,13 +2211,25 @@ static netdev_tx_t ravb_start_xmit(struct sk_buff *skb, struct net_device *ndev) skb_tx_timestamp(skb); } - /* Descriptor type must be set after all the above writes */ - dma_wmb(); + if (num_tx_desc > 1) { desc->die_dt = DT_FEND; desc--; + /* When using multi-descriptors, DT_FEND needs to get written + * before DT_FSTART, but the compiler may reorder the memory + * writes in an attempt to optimize the code. + * Use a dma_wmb() barrier to make sure DT_FEND and DT_FSTART + * are written exactly in the order shown in the code. + * This is particularly important for cases where the DMA engine + * is already running when we are running this code. If the DMA + * sees DT_FSTART without the corresponding DT_FEND it will enter + * an error condition. + */ + dma_wmb(); desc->die_dt = DT_FSTART; } else { + /* Descriptor type must be set after all the above writes */ + dma_wmb(); desc->die_dt = DT_FSINGLE; } ravb_modify(ndev, TCCR, TCCR_TSRQ0 << q, TCCR_TSRQ0 << q);

2 weeks, 2 days

2
1
0 0

FAILED: patch "[PATCH] selftests: mptcp: join: mark 'delete re-add signal' as" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x c3496c052ac36ea98ec4f8e95ae6285a425a2457 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102627-tug-sabbath-3edb@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From c3496c052ac36ea98ec4f8e95ae6285a425a2457 Mon Sep 17 00:00:00 2001 From: "Matthieu Baerts (NGI0)" <matttbe(a)kernel.org> Date: Mon, 20 Oct 2025 22:53:29 +0200 Subject: [PATCH] selftests: mptcp: join: mark 'delete re-add signal' as skipped if not supported The call to 'continue_if' was missing: it properly marks a subtest as 'skipped' if the attached condition is not valid. Without that, the test is wrongly marked as passed on older kernels. Fixes: b5e2fb832f48 ("selftests: mptcp: add explicit test case for remove/readd") Cc: stable(a)vger.kernel.org Reviewed-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/20251020-net-mptcp-c-flag-late-add-addr-v1-4-82070… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index d98f8f8905b9..b2a8c51a3969 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -4040,7 +4040,7 @@ endpoint_tests() # remove and re-add if reset_with_events "delete re-add signal" && - mptcp_lib_kallsyms_has "subflow_rebuild_header$"; then + continue_if mptcp_lib_kallsyms_has "subflow_rebuild_header$"; then ip netns exec $ns1 sysctl -q net.mptcp.add_addr_timeout=0 pm_nl_set_limits $ns1 0 3 pm_nl_set_limits $ns2 3 3

2 weeks, 2 days

2
2
0 0

FAILED: patch "[PATCH] selftests: mptcp: join: mark 'delete re-add signal' as" failed to apply to 6.12-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.12-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y git checkout FETCH_HEAD git cherry-pick -x c3496c052ac36ea98ec4f8e95ae6285a425a2457 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102627-enclosure-issue-a264@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From c3496c052ac36ea98ec4f8e95ae6285a425a2457 Mon Sep 17 00:00:00 2001 From: "Matthieu Baerts (NGI0)" <matttbe(a)kernel.org> Date: Mon, 20 Oct 2025 22:53:29 +0200 Subject: [PATCH] selftests: mptcp: join: mark 'delete re-add signal' as skipped if not supported The call to 'continue_if' was missing: it properly marks a subtest as 'skipped' if the attached condition is not valid. Without that, the test is wrongly marked as passed on older kernels. Fixes: b5e2fb832f48 ("selftests: mptcp: add explicit test case for remove/readd") Cc: stable(a)vger.kernel.org Reviewed-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/20251020-net-mptcp-c-flag-late-add-addr-v1-4-82070… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index d98f8f8905b9..b2a8c51a3969 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -4040,7 +4040,7 @@ endpoint_tests() # remove and re-add if reset_with_events "delete re-add signal" && - mptcp_lib_kallsyms_has "subflow_rebuild_header$"; then + continue_if mptcp_lib_kallsyms_has "subflow_rebuild_header$"; then ip netns exec $ns1 sysctl -q net.mptcp.add_addr_timeout=0 pm_nl_set_limits $ns1 0 3 pm_nl_set_limits $ns2 3 3

2 weeks, 2 days

2
2
0 0

[PATCH] soc: qcom: gsbi: fix double disable caused by devm

by Haotian Zhang

In the commit referenced by the Fixes tag, devm_clk_get_enabled() was introduced to replace devm_clk_get() and clk_prepare_enable(). While the clk_disable_unprepare() call in the error path was correctly removed, the one in the remove function was overlooked, leading to a double disable issue. Remove the redundant clk_disable_unprepare() call from gsbi_remove() to fix this issue. Since all resources are now managed by devres and will be automatically released, the remove function serves no purpose and can be deleted entirely. Fixes: 489d7a8cc286 ("soc: qcom: use devm_clk_get_enabled() in gsbi_probe()") Signed-off-by: Haotian Zhang <vulab(a)iscas.ac.cn> --- drivers/soc/qcom/qcom_gsbi.c | 8 -------- 1 file changed, 8 deletions(-) diff --git a/drivers/soc/qcom/qcom_gsbi.c b/drivers/soc/qcom/qcom_gsbi.c index 8f1158e0c631..a25d1de592f0 100644 --- a/drivers/soc/qcom/qcom_gsbi.c +++ b/drivers/soc/qcom/qcom_gsbi.c @@ -212,13 +212,6 @@ static int gsbi_probe(struct platform_device *pdev) return of_platform_populate(node, NULL, NULL, &pdev->dev); } -static void gsbi_remove(struct platform_device *pdev) -{ - struct gsbi_info *gsbi = platform_get_drvdata(pdev); - - clk_disable_unprepare(gsbi->hclk); -} - static const struct of_device_id gsbi_dt_match[] = { { .compatible = "qcom,gsbi-v1.0.0", }, { }, @@ -232,7 +225,6 @@ static struct platform_driver gsbi_driver = { .of_match_table = gsbi_dt_match, }, .probe = gsbi_probe, - .remove = gsbi_remove, }; module_platform_driver(gsbi_driver); -- 2.25.1

2 weeks, 2 days

4
3
0 0

[PATCH 0/2] Kconfig fixes for QCOM clk drivers when targeting ARCH=arm

by Nathan Chancellor

Hi all, This series resolves two new Kconfig warnings that I see in my test framework from an ARM configuration getting bumped to 6.17 and enabling these configurations in the process. --- Nathan Chancellor (2): clk: qcom: Fix SM_VIDEOCC_6350 dependencies clk: qcom: Fix dependencies of QCS_{DISP,GPU,VIDEO}CC_615 drivers/clk/qcom/Kconfig | 4 ++++ 1 file changed, 4 insertions(+) --- base-commit: 30bf3ec8cb6b2d2e2f8715388395cbd27cbe4fc9 change-id: 20250930-clk-qcom-kconfig-fixes-arm-3611dec03c3e Best regards, -- Nathan Chancellor <nathan(a)kernel.org>

2 weeks, 2 days

4
7
0 0

[PATCH v2] usb: renesas_usbhs: Fix synchronous external abort on unbind

by Claudiu

From: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> A synchronous external abort occurs on the Renesas RZ/G3S SoC if unbind is executed after the configuration sequence described above: modprobe usb_f_ecm modprobe libcomposite modprobe configfs cd /sys/kernel/config/usb_gadget mkdir -p g1 cd g1 echo "0x1d6b" > idVendor echo "0x0104" > idProduct mkdir -p strings/0x409 echo "0123456789" > strings/0x409/serialnumber echo "Renesas." > strings/0x409/manufacturer echo "Ethernet Gadget" > strings/0x409/product mkdir -p functions/ecm.usb0 mkdir -p configs/c.1 mkdir -p configs/c.1/strings/0x409 echo "ECM" > configs/c.1/strings/0x409/configuration if [ ! -L configs/c.1/ecm.usb0 ]; then ln -s functions/ecm.usb0 configs/c.1 fi echo 11e20000.usb > UDC echo 11e20000.usb > /sys/bus/platform/drivers/renesas_usbhs/unbind The displayed trace is as follows: Internal error: synchronous external abort: 0000000096000010 [#1] SMP CPU: 0 UID: 0 PID: 188 Comm: sh Tainted: G M 6.17.0-rc7-next-20250922-00010-g41050493b2bd #55 PREEMPT Tainted: [M]=MACHINE_CHECK Hardware name: Renesas SMARC EVK version 2 based on r9a08g045s33 (DT) pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : usbhs_sys_function_pullup+0x10/0x40 [renesas_usbhs] lr : usbhsg_update_pullup+0x3c/0x68 [renesas_usbhs] sp : ffff8000838b3920 x29: ffff8000838b3920 x28: ffff00000d585780 x27: 0000000000000000 x26: 0000000000000000 x25: 0000000000000000 x24: ffff00000c3e3810 x23: ffff00000d5e5c80 x22: ffff00000d5e5d40 x21: 0000000000000000 x20: 0000000000000000 x19: ffff00000d5e5c80 x18: 0000000000000020 x17: 2e30303230316531 x16: 312d7968703a7968 x15: 3d454d414e5f4344 x14: 000000000000002c x13: 0000000000000000 x12: 0000000000000000 x11: ffff00000f358f38 x10: ffff00000f358db0 x9 : ffff00000b41f418 x8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d x5 : 8080808000000000 x4 : 000000004b5ccb9d x3 : 0000000000000000 x2 : 0000000000000000 x1 : ffff800083790000 x0 : ffff00000d5e5c80 Call trace: usbhs_sys_function_pullup+0x10/0x40 [renesas_usbhs] (P) usbhsg_pullup+0x4c/0x7c [renesas_usbhs] usb_gadget_disconnect_locked+0x48/0xd4 gadget_unbind_driver+0x44/0x114 device_remove+0x4c/0x80 device_release_driver_internal+0x1c8/0x224 device_release_driver+0x18/0x24 bus_remove_device+0xcc/0x10c device_del+0x14c/0x404 usb_del_gadget+0x88/0xc0 usb_del_gadget_udc+0x18/0x30 usbhs_mod_gadget_remove+0x24/0x44 [renesas_usbhs] usbhs_mod_remove+0x20/0x30 [renesas_usbhs] usbhs_remove+0x98/0xdc [renesas_usbhs] platform_remove+0x20/0x30 device_remove+0x4c/0x80 device_release_driver_internal+0x1c8/0x224 device_driver_detach+0x18/0x24 unbind_store+0xb4/0xb8 drv_attr_store+0x24/0x38 sysfs_kf_write+0x7c/0x94 kernfs_fop_write_iter+0x128/0x1b8 vfs_write+0x2ac/0x350 ksys_write+0x68/0xfc __arm64_sys_write+0x1c/0x28 invoke_syscall+0x48/0x110 el0_svc_common.constprop.0+0xc0/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x34/0xf0 el0t_64_sync_handler+0xa0/0xe4 el0t_64_sync+0x198/0x19c Code: 7100003f 1a9f07e1 531c6c22 f9400001 (79400021) ---[ end trace 0000000000000000 ]--- note: sh[188] exited with irqs disabled note: sh[188] exited with preempt_count 1 The issue occurs because usbhs_sys_function_pullup(), which accesses the IP registers, is executed after the USBHS clocks have been disabled. The problem is reproducible on the Renesas RZ/G3S SoC starting with the addition of module stop in the clock enable/disable APIs. With module stop functionality enabled, a bus error is expected if a master accesses a module whose clock has been stopped and module stop activated. Disable the IP clocks at the end of remove. Cc: stable(a)vger.kernel.org Fixes: f1407d5c6624 ("usb: renesas_usbhs: Add Renesas USBHS common code") Signed-off-by: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> --- Changes in v2: - moved usbhsc_clk_put() before pm_runtime_disable() Patch was tested with continuous unbind/bind and the configuration sequence described above on the boards with the following device trees: - r8a774a1-hihope-rzg2m-ex.dts - r8a774b1-hihope-rzg2n-ex.dts - r8a774e1-hihope-rzg2h-ex.dts - r9a07g043u11-smarc.dts - r9a07g044c2-smarc.dts - r9a07g044l2-smarc.dts - r9a07g054l2-smarc.dts drivers/usb/renesas_usbhs/common.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/usb/renesas_usbhs/common.c b/drivers/usb/renesas_usbhs/common.c index 8f536f2c500f..dc2fec9168b7 100644 --- a/drivers/usb/renesas_usbhs/common.c +++ b/drivers/usb/renesas_usbhs/common.c @@ -813,18 +813,18 @@ static void usbhs_remove(struct platform_device *pdev) flush_delayed_work(&priv->notify_hotplug_work); - /* power off */ - if (!usbhs_get_dparam(priv, runtime_pwctrl)) - usbhsc_power_ctrl(priv, 0); - - pm_runtime_disable(&pdev->dev); - usbhs_platform_call(priv, hardware_exit, pdev); - usbhsc_clk_put(priv); reset_control_assert(priv->rsts); usbhs_mod_remove(priv); usbhs_fifo_remove(priv); usbhs_pipe_remove(priv); + + /* power off */ + if (!usbhs_get_dparam(priv, runtime_pwctrl)) + usbhsc_power_ctrl(priv, 0); + + usbhsc_clk_put(priv); + pm_runtime_disable(&pdev->dev); } static int usbhsc_suspend(struct device *dev) -- 2.43.0

2 weeks, 2 days

1
0
0 0

[REGRESSION] stable-rc/linux-5.10.y: (build) implicit declaration of function ‘of_get_cpu_hwid’; did you mean ‘...

by KernelCI bot

Hello, New build issue found on stable-rc/linux-5.10.y: --- implicit declaration of function ‘of_get_cpu_hwid’; did you mean ‘of_get_cpu_node’? [-Werror=implicit-function-declaration] in arch/riscv/kernel/cpu.o (arch/riscv/kernel/cpu.c) [logspec:kbuild,kbuild.compiler.error] --- - dashboard: https://d.kernelci.org/i/maestro:aa2fc1f4fdbcaf13e029f04263806fde636d74fd - giturl: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git - commit HEAD: 7288ed51fe2777d083b6cb13bd2d18f368fa425d Log excerpt: ===================================================== arch/riscv/kernel/cpu.c:24:33: error: implicit declaration of function ‘of_get_cpu_hwid’; did you mean ‘of_get_cpu_node’? [-Werror=implicit-function-declaration] 24 | *hart = (unsigned long) of_get_cpu_hwid(node, 0); | ^~~~~~~~~~~~~~~ | of_get_cpu_node AR init/built-in.a CC kernel/locking/mutex.o CC arch/riscv/mm/fault.o cc1: some warnings being treated as errors ===================================================== # Builds where the incident occurred: ## defconfig on (riscv): - compiler: gcc-12 - config: https://files.kernelci.org/kbuild-gcc-12-riscv-68ff66e51198e7d4c92ca056/.co… - dashboard: https://d.kernelci.org/build/maestro:68ff66e51198e7d4c92ca056 #kernelci issue maestro:aa2fc1f4fdbcaf13e029f04263806fde636d74fd Reported-by: kernelci.org bot <bot(a)kernelci.org> -- This is an experimental report format. Please send feedback in! Talk to us at kernelci(a)lists.linux.dev Made with love by the KernelCI team - https://kernelci.org

2 weeks, 2 days

1
0
0 0

[REGRESSION] stable-rc/linux-5.15.y: (build) unused variable ‘ext_end’ [-Wunused-variable] in arch/riscv/kernel...

by KernelCI bot

Hello, New build issue found on stable-rc/linux-5.15.y: --- unused variable ‘ext_end’ [-Wunused-variable] in arch/riscv/kernel/cpu.o (arch/riscv/kernel/cpufeature.c) [logspec:kbuild,kbuild.compiler.warning] --- - dashboard: https://d.kernelci.org/i/maestro:5135288c90855e0205f0a76b012c159c9f2e4f97 - giturl: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git - commit HEAD: 2e86ed6526626d22b225d03a7faf8bd09dca2a5b Log excerpt: ===================================================== arch/riscv/kernel/cpufeature.c:107:37: warning: unused variable ‘ext_end’ [-Wunused-variable] 107 | const char *ext_end = isa; | ^~~~~~~ arch/riscv/kernel/cpu.c: In function ‘riscv_of_processor_hartid’: arch/riscv/kernel/cpu.c:24:33: error: implicit declaration of function ‘of_get_cpu_hwid’; did you mean ‘of_get_cpu_node’? [-Werror=implicit-function-declaration] 24 | *hart = (unsigned long) of_get_cpu_hwid(node, 0); | ^~~~~~~~~~~~~~~ | of_get_cpu_node cc1: some warnings being treated as errors ===================================================== # Builds where the incident occurred: ## defconfig on (riscv): - compiler: gcc-12 - config: https://files.kernelci.org/kbuild-gcc-12-riscv-68ff67651198e7d4c92ca10f/.co… - dashboard: https://d.kernelci.org/build/maestro:68ff67651198e7d4c92ca10f ## nommu_k210_defconfig on (riscv): - compiler: gcc-12 - config: https://files.kernelci.org/kbuild-gcc-12-riscv-nommu_k210_defconfig-68ff66e… - dashboard: https://d.kernelci.org/build/maestro:68ff66e91198e7d4c92ca077 #kernelci issue maestro:5135288c90855e0205f0a76b012c159c9f2e4f97 Reported-by: kernelci.org bot <bot(a)kernelci.org> -- This is an experimental report format. Please send feedback in! Talk to us at kernelci(a)lists.linux.dev Made with love by the KernelCI team - https://kernelci.org

2 weeks, 2 days

1
0
0 0

FAILED: patch "[PATCH] devcoredump: Fix circular locking dependency with" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x a91c8096590bd7801a26454789f2992094fe36da # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102625-cringing-unstuck-790a@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From a91c8096590bd7801a26454789f2992094fe36da Mon Sep 17 00:00:00 2001 From: Maarten Lankhorst <dev(a)lankhorst.se> Date: Wed, 23 Jul 2025 16:24:16 +0200 Subject: [PATCH] devcoredump: Fix circular locking dependency with devcd->mutex. The original code causes a circular locking dependency found by lockdep. ====================================================== WARNING: possible circular locking dependency detected 6.16.0-rc6-lgci-xe-xe-pw-151626v3+ #1 Tainted: G S U ------------------------------------------------------ xe_fault_inject/5091 is trying to acquire lock: ffff888156815688 ((work_completion)(&(&devcd->del_wk)->work)){+.+.}-{0:0}, at: __flush_work+0x25d/0x660 but task is already holding lock: ffff888156815620 (&devcd->mutex){+.+.}-{3:3}, at: dev_coredump_put+0x3f/0xa0 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&devcd->mutex){+.+.}-{3:3}: mutex_lock_nested+0x4e/0xc0 devcd_data_write+0x27/0x90 sysfs_kf_bin_write+0x80/0xf0 kernfs_fop_write_iter+0x169/0x220 vfs_write+0x293/0x560 ksys_write+0x72/0xf0 __x64_sys_write+0x19/0x30 x64_sys_call+0x2bf/0x2660 do_syscall_64+0x93/0xb60 entry_SYSCALL_64_after_hwframe+0x76/0x7e -> #1 (kn->active#236){++++}-{0:0}: kernfs_drain+0x1e2/0x200 __kernfs_remove+0xae/0x400 kernfs_remove_by_name_ns+0x5d/0xc0 remove_files+0x54/0x70 sysfs_remove_group+0x3d/0xa0 sysfs_remove_groups+0x2e/0x60 device_remove_attrs+0xc7/0x100 device_del+0x15d/0x3b0 devcd_del+0x19/0x30 process_one_work+0x22b/0x6f0 worker_thread+0x1e8/0x3d0 kthread+0x11c/0x250 ret_from_fork+0x26c/0x2e0 ret_from_fork_asm+0x1a/0x30 -> #0 ((work_completion)(&(&devcd->del_wk)->work)){+.+.}-{0:0}: __lock_acquire+0x1661/0x2860 lock_acquire+0xc4/0x2f0 __flush_work+0x27a/0x660 flush_delayed_work+0x5d/0xa0 dev_coredump_put+0x63/0xa0 xe_driver_devcoredump_fini+0x12/0x20 [xe] devm_action_release+0x12/0x30 release_nodes+0x3a/0x120 devres_release_all+0x8a/0xd0 device_unbind_cleanup+0x12/0x80 device_release_driver_internal+0x23a/0x280 device_driver_detach+0x14/0x20 unbind_store+0xaf/0xc0 drv_attr_store+0x21/0x50 sysfs_kf_write+0x4a/0x80 kernfs_fop_write_iter+0x169/0x220 vfs_write+0x293/0x560 ksys_write+0x72/0xf0 __x64_sys_write+0x19/0x30 x64_sys_call+0x2bf/0x2660 do_syscall_64+0x93/0xb60 entry_SYSCALL_64_after_hwframe+0x76/0x7e other info that might help us debug this: Chain exists of: (work_completion)(&(&devcd->del_wk)->work) --> kn->active#236 --> &devcd->mutex Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&devcd->mutex); lock(kn->active#236); lock(&devcd->mutex); lock((work_completion)(&(&devcd->del_wk)->work)); *** DEADLOCK *** 5 locks held by xe_fault_inject/5091: #0: ffff8881129f9488 (sb_writers#5){.+.+}-{0:0}, at: ksys_write+0x72/0xf0 #1: ffff88810c755078 (&of->mutex#2){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x123/0x220 #2: ffff8881054811a0 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0x55/0x280 #3: ffff888156815620 (&devcd->mutex){+.+.}-{3:3}, at: dev_coredump_put+0x3f/0xa0 #4: ffffffff8359e020 (rcu_read_lock){....}-{1:2}, at: __flush_work+0x72/0x660 stack backtrace: CPU: 14 UID: 0 PID: 5091 Comm: xe_fault_inject Tainted: G S U 6.16.0-rc6-lgci-xe-xe-pw-151626v3+ #1 PREEMPT_{RT,(lazy)} Tainted: [S]=CPU_OUT_OF_SPEC, [U]=USER Hardware name: Micro-Star International Co., Ltd. MS-7D25/PRO Z690-A DDR4(MS-7D25), BIOS 1.10 12/13/2021 Call Trace: <TASK> dump_stack_lvl+0x91/0xf0 dump_stack+0x10/0x20 print_circular_bug+0x285/0x360 check_noncircular+0x135/0x150 ? register_lock_class+0x48/0x4a0 __lock_acquire+0x1661/0x2860 lock_acquire+0xc4/0x2f0 ? __flush_work+0x25d/0x660 ? mark_held_locks+0x46/0x90 ? __flush_work+0x25d/0x660 __flush_work+0x27a/0x660 ? __flush_work+0x25d/0x660 ? trace_hardirqs_on+0x1e/0xd0 ? __pfx_wq_barrier_func+0x10/0x10 flush_delayed_work+0x5d/0xa0 dev_coredump_put+0x63/0xa0 xe_driver_devcoredump_fini+0x12/0x20 [xe] devm_action_release+0x12/0x30 release_nodes+0x3a/0x120 devres_release_all+0x8a/0xd0 device_unbind_cleanup+0x12/0x80 device_release_driver_internal+0x23a/0x280 ? bus_find_device+0xa8/0xe0 device_driver_detach+0x14/0x20 unbind_store+0xaf/0xc0 drv_attr_store+0x21/0x50 sysfs_kf_write+0x4a/0x80 kernfs_fop_write_iter+0x169/0x220 vfs_write+0x293/0x560 ksys_write+0x72/0xf0 __x64_sys_write+0x19/0x30 x64_sys_call+0x2bf/0x2660 do_syscall_64+0x93/0xb60 ? __f_unlock_pos+0x15/0x20 ? __x64_sys_getdents64+0x9b/0x130 ? __pfx_filldir64+0x10/0x10 ? do_syscall_64+0x1a2/0xb60 ? clear_bhb_loop+0x30/0x80 ? clear_bhb_loop+0x30/0x80 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x76e292edd574 Code: c7 00 16 00 00 00 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 80 3d d5 ea 0e 00 00 74 13 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 55 48 89 e5 48 83 ec 20 48 89 RSP: 002b:00007fffe247a828 EFLAGS: 00000202 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000076e292edd574 RDX: 000000000000000c RSI: 00006267f6306063 RDI: 000000000000000b RBP: 000000000000000c R08: 000076e292fc4b20 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000202 R12: 00006267f6306063 R13: 000000000000000b R14: 00006267e6859c00 R15: 000076e29322a000 </TASK> xe 0000:03:00.0: [drm] Xe device coredump has been deleted. Fixes: 01daccf74832 ("devcoredump : Serialize devcd_del work") Cc: Mukesh Ojha <quic_mojha(a)quicinc.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Johannes Berg <johannes(a)sipsolutions.net> Cc: Rafael J. Wysocki <rafael(a)kernel.org> Cc: Danilo Krummrich <dakr(a)kernel.org> Cc: linux-kernel(a)vger.kernel.org Cc: stable(a)vger.kernel.org # v6.1+ Signed-off-by: Maarten Lankhorst <dev(a)lankhorst.se> Cc: Matthew Brost <matthew.brost(a)intel.com> Acked-by: Mukesh Ojha <mukesh.ojha(a)oss.qualcomm.com> Link: https://lore.kernel.org/r/20250723142416.1020423-1-dev@lankhorst.se Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/base/devcoredump.c b/drivers/base/devcoredump.c index 37faf6156d7c..55bdc7f5e59d 100644 --- a/drivers/base/devcoredump.c +++ b/drivers/base/devcoredump.c @@ -23,50 +23,46 @@ struct devcd_entry { void *data; size_t datalen; /* - * Here, mutex is required to serialize the calls to del_wk work between - * user/kernel space which happens when devcd is added with device_add() - * and that sends uevent to user space. User space reads the uevents, - * and calls to devcd_data_write() which try to modify the work which is - * not even initialized/queued from devcoredump. + * There are 2 races for which mutex is required. * + * The first race is between device creation and userspace writing to + * schedule immediately destruction. * + * This race is handled by arming the timer before device creation, but + * when device creation fails the timer still exists. * - * cpu0(X) cpu1(Y) + * To solve this, hold the mutex during device_add(), and set + * init_completed on success before releasing the mutex. * - * dev_coredump() uevent sent to user space - * device_add() ======================> user space process Y reads the - * uevents writes to devcd fd - * which results into writes to + * That way the timer will never fire until device_add() is called, + * it will do nothing if init_completed is not set. The timer is also + * cancelled in that case. * - * devcd_data_write() - * mod_delayed_work() - * try_to_grab_pending() - * timer_delete() - * debug_assert_init() - * INIT_DELAYED_WORK() - * schedule_delayed_work() - * - * - * Also, mutex alone would not be enough to avoid scheduling of - * del_wk work after it get flush from a call to devcd_free() - * mentioned as below. - * - * disabled_store() - * devcd_free() - * mutex_lock() devcd_data_write() - * flush_delayed_work() - * mutex_unlock() - * mutex_lock() - * mod_delayed_work() - * mutex_unlock() - * So, delete_work flag is required. + * The second race involves multiple parallel invocations of devcd_free(), + * add a deleted flag so only 1 can call the destructor. */ struct mutex mutex; - bool delete_work; + bool init_completed, deleted; struct module *owner; ssize_t (*read)(char *buffer, loff_t offset, size_t count, void *data, size_t datalen); void (*free)(void *data); + /* + * If nothing interferes and device_add() was returns success, + * del_wk will destroy the device after the timer fires. + * + * Multiple userspace processes can interfere in the working of the timer: + * - Writing to the coredump will reschedule the timer to run immediately, + * if still armed. + * + * This is handled by using "if (cancel_delayed_work()) { + * schedule_delayed_work() }", to prevent re-arming after having + * been previously fired. + * - Writing to /sys/class/devcoredump/disabled will destroy the + * coredump synchronously. + * This is handled by using disable_delayed_work_sync(), and then + * checking if deleted flag is set with &devcd->mutex held. + */ struct delayed_work del_wk; struct device *failing_dev; }; @@ -95,14 +91,27 @@ static void devcd_dev_release(struct device *dev) kfree(devcd); } +static void __devcd_del(struct devcd_entry *devcd) +{ + devcd->deleted = true; + device_del(&devcd->devcd_dev); + put_device(&devcd->devcd_dev); +} + static void devcd_del(struct work_struct *wk) { struct devcd_entry *devcd; + bool init_completed; devcd = container_of(wk, struct devcd_entry, del_wk.work); - device_del(&devcd->devcd_dev); - put_device(&devcd->devcd_dev); + /* devcd->mutex serializes against dev_coredumpm_timeout */ + mutex_lock(&devcd->mutex); + init_completed = devcd->init_completed; + mutex_unlock(&devcd->mutex); + + if (init_completed) + __devcd_del(devcd); } static ssize_t devcd_data_read(struct file *filp, struct kobject *kobj, @@ -122,12 +131,12 @@ static ssize_t devcd_data_write(struct file *filp, struct kobject *kobj, struct device *dev = kobj_to_dev(kobj); struct devcd_entry *devcd = dev_to_devcd(dev); - mutex_lock(&devcd->mutex); - if (!devcd->delete_work) { - devcd->delete_work = true; - mod_delayed_work(system_wq, &devcd->del_wk, 0); - } - mutex_unlock(&devcd->mutex); + /* + * Although it's tempting to use mod_delayed work here, + * that will cause a reschedule if the timer already fired. + */ + if (cancel_delayed_work(&devcd->del_wk)) + schedule_delayed_work(&devcd->del_wk, 0); return count; } @@ -151,11 +160,21 @@ static int devcd_free(struct device *dev, void *data) { struct devcd_entry *devcd = dev_to_devcd(dev); + /* + * To prevent a race with devcd_data_write(), disable work and + * complete manually instead. + * + * We cannot rely on the return value of + * disable_delayed_work_sync() here, because it might be in the + * middle of a cancel_delayed_work + schedule_delayed_work pair. + * + * devcd->mutex here guards against multiple parallel invocations + * of devcd_free(). + */ + disable_delayed_work_sync(&devcd->del_wk); mutex_lock(&devcd->mutex); - if (!devcd->delete_work) - devcd->delete_work = true; - - flush_delayed_work(&devcd->del_wk); + if (!devcd->deleted) + __devcd_del(devcd); mutex_unlock(&devcd->mutex); return 0; } @@ -179,12 +198,10 @@ static ssize_t disabled_show(const struct class *class, const struct class_attri * put_device() <- last reference * error = fn(dev, data) devcd_dev_release() * devcd_free(dev, data) kfree(devcd) - * mutex_lock(&devcd->mutex); * * * In the above diagram, it looks like disabled_store() would be racing with parallelly - * running devcd_del() and result in memory abort while acquiring devcd->mutex which - * is called after kfree of devcd memory after dropping its last reference with + * running devcd_del() and result in memory abort after dropping its last reference with * put_device(). However, this will not happens as fn(dev, data) runs * with its own reference to device via klist_node so it is not its last reference. * so, above situation would not occur. @@ -374,7 +391,7 @@ void dev_coredumpm_timeout(struct device *dev, struct module *owner, devcd->read = read; devcd->free = free; devcd->failing_dev = get_device(dev); - devcd->delete_work = false; + devcd->deleted = false; mutex_init(&devcd->mutex); device_initialize(&devcd->devcd_dev); @@ -383,8 +400,14 @@ void dev_coredumpm_timeout(struct device *dev, struct module *owner, atomic_inc_return(&devcd_count)); devcd->devcd_dev.class = &devcd_class; - mutex_lock(&devcd->mutex); dev_set_uevent_suppress(&devcd->devcd_dev, true); + + /* devcd->mutex prevents devcd_del() completing until init finishes */ + mutex_lock(&devcd->mutex); + devcd->init_completed = false; + INIT_DELAYED_WORK(&devcd->del_wk, devcd_del); + schedule_delayed_work(&devcd->del_wk, timeout); + if (device_add(&devcd->devcd_dev)) goto put_device; @@ -401,13 +424,20 @@ void dev_coredumpm_timeout(struct device *dev, struct module *owner, dev_set_uevent_suppress(&devcd->devcd_dev, false); kobject_uevent(&devcd->devcd_dev.kobj, KOBJ_ADD); - INIT_DELAYED_WORK(&devcd->del_wk, devcd_del); - schedule_delayed_work(&devcd->del_wk, timeout); + + /* + * Safe to run devcd_del() now that we are done with devcd_dev. + * Alternatively we could have taken a ref on devcd_dev before + * dropping the lock. + */ + devcd->init_completed = true; mutex_unlock(&devcd->mutex); return; put_device: - put_device(&devcd->devcd_dev); mutex_unlock(&devcd->mutex); + cancel_delayed_work_sync(&devcd->del_wk); + put_device(&devcd->devcd_dev); + put_module: module_put(owner); free:

2 weeks, 2 days

2
1
0 0

FAILED: patch "[PATCH] xfs: always warn about deprecated mount options" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 630785bfbe12c3ee3ebccd8b530a98d632b7e39d # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102617-untrimmed-ideally-b80b@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 630785bfbe12c3ee3ebccd8b530a98d632b7e39d Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" <djwong(a)kernel.org> Date: Tue, 21 Oct 2025 11:30:12 -0700 Subject: [PATCH] xfs: always warn about deprecated mount options The deprecation of the 'attr2' mount option in 6.18 wasn't entirely successful because nobody noticed that the kernel never printed a warning about attr2 being set in fstab if the only xfs filesystem is the root fs; the initramfs mounts the root fs with no mount options; and the init scripts only conveyed the fstab options by remounting the root fs. Fix this by making it complain all the time. Cc: stable(a)vger.kernel.org # v5.13 Fixes: 92cf7d36384b99 ("xfs: Skip repetitive warnings about mount options") Signed-off-by: Darrick J. Wong <djwong(a)kernel.org> Reviewed-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: Carlos Maiolino <cmaiolino(a)redhat.com> Signed-off-by: Carlos Maiolino <cem(a)kernel.org> diff --git a/fs/xfs/xfs_super.c b/fs/xfs/xfs_super.c index 9d51186b24dd..c53f2edf92e7 100644 --- a/fs/xfs/xfs_super.c +++ b/fs/xfs/xfs_super.c @@ -1379,16 +1379,25 @@ suffix_kstrtoull( static inline void xfs_fs_warn_deprecated( struct fs_context *fc, - struct fs_parameter *param, - uint64_t flag, - bool value) + struct fs_parameter *param) { - /* Don't print the warning if reconfiguring and current mount point - * already had the flag set + /* + * Always warn about someone passing in a deprecated mount option. + * Previously we wouldn't print the warning if we were reconfiguring + * and current mount point already had the flag set, but that was not + * the right thing to do. + * + * Many distributions mount the root filesystem with no options in the + * initramfs and rely on mount -a to remount the root fs with the + * options in fstab. However, the old behavior meant that there would + * never be a warning about deprecated mount options for the root fs in + * /etc/fstab. On a single-fs system, that means no warning at all. + * + * Compounding this problem are distribution scripts that copy + * /proc/mounts to fstab, which means that we can't remove mount + * options unless we're 100% sure they have only ever been advertised + * in /proc/mounts in response to explicitly provided mount options. */ - if ((fc->purpose & FS_CONTEXT_FOR_RECONFIGURE) && - !!(XFS_M(fc->root->d_sb)->m_features & flag) == value) - return; xfs_warn(fc->s_fs_info, "%s mount option is deprecated.", param->key); }

2 weeks, 2 days

2
1
0 0

FAILED: patch "[PATCH] net: ravb: Enforce descriptor type ordering" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 5370c31e84b0e0999c7b5ff949f4e104def35584 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102623-footless-outcast-b793@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5370c31e84b0e0999c7b5ff949f4e104def35584 Mon Sep 17 00:00:00 2001 From: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Date: Fri, 17 Oct 2025 16:18:29 +0100 Subject: [PATCH] net: ravb: Enforce descriptor type ordering MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ensure the TX descriptor type fields are published in a safe order so the DMA engine never begins processing a descriptor chain before all descriptor fields are fully initialised. For multi-descriptor transmits the driver writes DT_FEND into the last descriptor and DT_FSTART into the first. The DMA engine begins processing when it observes DT_FSTART. Move the dma_wmb() barrier so it executes immediately after DT_FEND and immediately before writing DT_FSTART (and before DT_FSINGLE in the single-descriptor case). This guarantees that all prior CPU writes to the descriptor memory are visible to the device before DT_FSTART is seen. This avoids a situation where compiler/CPU reordering could publish DT_FSTART ahead of DT_FEND or other descriptor fields, allowing the DMA to start on a partially initialised chain and causing corrupted transmissions or TX timeouts. Such a failure was observed on RZ/G2L with an RT kernel as transmit queue timeouts and device resets. Fixes: 2f45d1902acf ("ravb: minimize TX data copying") Cc: stable(a)vger.kernel.org Co-developed-by: Fabrizio Castro <fabrizio.castro.jz(a)renesas.com> Signed-off-by: Fabrizio Castro <fabrizio.castro.jz(a)renesas.com> Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Reviewed-by: Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> Link: https://patch.msgid.link/20251017151830.171062-4-prabhakar.mahadev-lad.rj@b… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/drivers/net/ethernet/renesas/ravb_main.c b/drivers/net/ethernet/renesas/ravb_main.c index 9d3bd65b85ff..044ee83c63bb 100644 --- a/drivers/net/ethernet/renesas/ravb_main.c +++ b/drivers/net/ethernet/renesas/ravb_main.c @@ -2211,13 +2211,25 @@ static netdev_tx_t ravb_start_xmit(struct sk_buff *skb, struct net_device *ndev) skb_tx_timestamp(skb); } - /* Descriptor type must be set after all the above writes */ - dma_wmb(); + if (num_tx_desc > 1) { desc->die_dt = DT_FEND; desc--; + /* When using multi-descriptors, DT_FEND needs to get written + * before DT_FSTART, but the compiler may reorder the memory + * writes in an attempt to optimize the code. + * Use a dma_wmb() barrier to make sure DT_FEND and DT_FSTART + * are written exactly in the order shown in the code. + * This is particularly important for cases where the DMA engine + * is already running when we are running this code. If the DMA + * sees DT_FSTART without the corresponding DT_FEND it will enter + * an error condition. + */ + dma_wmb(); desc->die_dt = DT_FSTART; } else { + /* Descriptor type must be set after all the above writes */ + dma_wmb(); desc->die_dt = DT_FSINGLE; } ravb_modify(ndev, TCCR, TCCR_TSRQ0 << q, TCCR_TSRQ0 << q);

2 weeks, 2 days

2
2
0 0

FAILED: patch "[PATCH] devcoredump: Fix circular locking dependency with" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x a91c8096590bd7801a26454789f2992094fe36da # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102624-aspect-stumble-aea9@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From a91c8096590bd7801a26454789f2992094fe36da Mon Sep 17 00:00:00 2001 From: Maarten Lankhorst <dev(a)lankhorst.se> Date: Wed, 23 Jul 2025 16:24:16 +0200 Subject: [PATCH] devcoredump: Fix circular locking dependency with devcd->mutex. The original code causes a circular locking dependency found by lockdep. ====================================================== WARNING: possible circular locking dependency detected 6.16.0-rc6-lgci-xe-xe-pw-151626v3+ #1 Tainted: G S U ------------------------------------------------------ xe_fault_inject/5091 is trying to acquire lock: ffff888156815688 ((work_completion)(&(&devcd->del_wk)->work)){+.+.}-{0:0}, at: __flush_work+0x25d/0x660 but task is already holding lock: ffff888156815620 (&devcd->mutex){+.+.}-{3:3}, at: dev_coredump_put+0x3f/0xa0 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&devcd->mutex){+.+.}-{3:3}: mutex_lock_nested+0x4e/0xc0 devcd_data_write+0x27/0x90 sysfs_kf_bin_write+0x80/0xf0 kernfs_fop_write_iter+0x169/0x220 vfs_write+0x293/0x560 ksys_write+0x72/0xf0 __x64_sys_write+0x19/0x30 x64_sys_call+0x2bf/0x2660 do_syscall_64+0x93/0xb60 entry_SYSCALL_64_after_hwframe+0x76/0x7e -> #1 (kn->active#236){++++}-{0:0}: kernfs_drain+0x1e2/0x200 __kernfs_remove+0xae/0x400 kernfs_remove_by_name_ns+0x5d/0xc0 remove_files+0x54/0x70 sysfs_remove_group+0x3d/0xa0 sysfs_remove_groups+0x2e/0x60 device_remove_attrs+0xc7/0x100 device_del+0x15d/0x3b0 devcd_del+0x19/0x30 process_one_work+0x22b/0x6f0 worker_thread+0x1e8/0x3d0 kthread+0x11c/0x250 ret_from_fork+0x26c/0x2e0 ret_from_fork_asm+0x1a/0x30 -> #0 ((work_completion)(&(&devcd->del_wk)->work)){+.+.}-{0:0}: __lock_acquire+0x1661/0x2860 lock_acquire+0xc4/0x2f0 __flush_work+0x27a/0x660 flush_delayed_work+0x5d/0xa0 dev_coredump_put+0x63/0xa0 xe_driver_devcoredump_fini+0x12/0x20 [xe] devm_action_release+0x12/0x30 release_nodes+0x3a/0x120 devres_release_all+0x8a/0xd0 device_unbind_cleanup+0x12/0x80 device_release_driver_internal+0x23a/0x280 device_driver_detach+0x14/0x20 unbind_store+0xaf/0xc0 drv_attr_store+0x21/0x50 sysfs_kf_write+0x4a/0x80 kernfs_fop_write_iter+0x169/0x220 vfs_write+0x293/0x560 ksys_write+0x72/0xf0 __x64_sys_write+0x19/0x30 x64_sys_call+0x2bf/0x2660 do_syscall_64+0x93/0xb60 entry_SYSCALL_64_after_hwframe+0x76/0x7e other info that might help us debug this: Chain exists of: (work_completion)(&(&devcd->del_wk)->work) --> kn->active#236 --> &devcd->mutex Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&devcd->mutex); lock(kn->active#236); lock(&devcd->mutex); lock((work_completion)(&(&devcd->del_wk)->work)); *** DEADLOCK *** 5 locks held by xe_fault_inject/5091: #0: ffff8881129f9488 (sb_writers#5){.+.+}-{0:0}, at: ksys_write+0x72/0xf0 #1: ffff88810c755078 (&of->mutex#2){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x123/0x220 #2: ffff8881054811a0 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0x55/0x280 #3: ffff888156815620 (&devcd->mutex){+.+.}-{3:3}, at: dev_coredump_put+0x3f/0xa0 #4: ffffffff8359e020 (rcu_read_lock){....}-{1:2}, at: __flush_work+0x72/0x660 stack backtrace: CPU: 14 UID: 0 PID: 5091 Comm: xe_fault_inject Tainted: G S U 6.16.0-rc6-lgci-xe-xe-pw-151626v3+ #1 PREEMPT_{RT,(lazy)} Tainted: [S]=CPU_OUT_OF_SPEC, [U]=USER Hardware name: Micro-Star International Co., Ltd. MS-7D25/PRO Z690-A DDR4(MS-7D25), BIOS 1.10 12/13/2021 Call Trace: <TASK> dump_stack_lvl+0x91/0xf0 dump_stack+0x10/0x20 print_circular_bug+0x285/0x360 check_noncircular+0x135/0x150 ? register_lock_class+0x48/0x4a0 __lock_acquire+0x1661/0x2860 lock_acquire+0xc4/0x2f0 ? __flush_work+0x25d/0x660 ? mark_held_locks+0x46/0x90 ? __flush_work+0x25d/0x660 __flush_work+0x27a/0x660 ? __flush_work+0x25d/0x660 ? trace_hardirqs_on+0x1e/0xd0 ? __pfx_wq_barrier_func+0x10/0x10 flush_delayed_work+0x5d/0xa0 dev_coredump_put+0x63/0xa0 xe_driver_devcoredump_fini+0x12/0x20 [xe] devm_action_release+0x12/0x30 release_nodes+0x3a/0x120 devres_release_all+0x8a/0xd0 device_unbind_cleanup+0x12/0x80 device_release_driver_internal+0x23a/0x280 ? bus_find_device+0xa8/0xe0 device_driver_detach+0x14/0x20 unbind_store+0xaf/0xc0 drv_attr_store+0x21/0x50 sysfs_kf_write+0x4a/0x80 kernfs_fop_write_iter+0x169/0x220 vfs_write+0x293/0x560 ksys_write+0x72/0xf0 __x64_sys_write+0x19/0x30 x64_sys_call+0x2bf/0x2660 do_syscall_64+0x93/0xb60 ? __f_unlock_pos+0x15/0x20 ? __x64_sys_getdents64+0x9b/0x130 ? __pfx_filldir64+0x10/0x10 ? do_syscall_64+0x1a2/0xb60 ? clear_bhb_loop+0x30/0x80 ? clear_bhb_loop+0x30/0x80 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x76e292edd574 Code: c7 00 16 00 00 00 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 80 3d d5 ea 0e 00 00 74 13 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 55 48 89 e5 48 83 ec 20 48 89 RSP: 002b:00007fffe247a828 EFLAGS: 00000202 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000076e292edd574 RDX: 000000000000000c RSI: 00006267f6306063 RDI: 000000000000000b RBP: 000000000000000c R08: 000076e292fc4b20 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000202 R12: 00006267f6306063 R13: 000000000000000b R14: 00006267e6859c00 R15: 000076e29322a000 </TASK> xe 0000:03:00.0: [drm] Xe device coredump has been deleted. Fixes: 01daccf74832 ("devcoredump : Serialize devcd_del work") Cc: Mukesh Ojha <quic_mojha(a)quicinc.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Johannes Berg <johannes(a)sipsolutions.net> Cc: Rafael J. Wysocki <rafael(a)kernel.org> Cc: Danilo Krummrich <dakr(a)kernel.org> Cc: linux-kernel(a)vger.kernel.org Cc: stable(a)vger.kernel.org # v6.1+ Signed-off-by: Maarten Lankhorst <dev(a)lankhorst.se> Cc: Matthew Brost <matthew.brost(a)intel.com> Acked-by: Mukesh Ojha <mukesh.ojha(a)oss.qualcomm.com> Link: https://lore.kernel.org/r/20250723142416.1020423-1-dev@lankhorst.se Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/base/devcoredump.c b/drivers/base/devcoredump.c index 37faf6156d7c..55bdc7f5e59d 100644 --- a/drivers/base/devcoredump.c +++ b/drivers/base/devcoredump.c @@ -23,50 +23,46 @@ struct devcd_entry { void *data; size_t datalen; /* - * Here, mutex is required to serialize the calls to del_wk work between - * user/kernel space which happens when devcd is added with device_add() - * and that sends uevent to user space. User space reads the uevents, - * and calls to devcd_data_write() which try to modify the work which is - * not even initialized/queued from devcoredump. + * There are 2 races for which mutex is required. * + * The first race is between device creation and userspace writing to + * schedule immediately destruction. * + * This race is handled by arming the timer before device creation, but + * when device creation fails the timer still exists. * - * cpu0(X) cpu1(Y) + * To solve this, hold the mutex during device_add(), and set + * init_completed on success before releasing the mutex. * - * dev_coredump() uevent sent to user space - * device_add() ======================> user space process Y reads the - * uevents writes to devcd fd - * which results into writes to + * That way the timer will never fire until device_add() is called, + * it will do nothing if init_completed is not set. The timer is also + * cancelled in that case. * - * devcd_data_write() - * mod_delayed_work() - * try_to_grab_pending() - * timer_delete() - * debug_assert_init() - * INIT_DELAYED_WORK() - * schedule_delayed_work() - * - * - * Also, mutex alone would not be enough to avoid scheduling of - * del_wk work after it get flush from a call to devcd_free() - * mentioned as below. - * - * disabled_store() - * devcd_free() - * mutex_lock() devcd_data_write() - * flush_delayed_work() - * mutex_unlock() - * mutex_lock() - * mod_delayed_work() - * mutex_unlock() - * So, delete_work flag is required. + * The second race involves multiple parallel invocations of devcd_free(), + * add a deleted flag so only 1 can call the destructor. */ struct mutex mutex; - bool delete_work; + bool init_completed, deleted; struct module *owner; ssize_t (*read)(char *buffer, loff_t offset, size_t count, void *data, size_t datalen); void (*free)(void *data); + /* + * If nothing interferes and device_add() was returns success, + * del_wk will destroy the device after the timer fires. + * + * Multiple userspace processes can interfere in the working of the timer: + * - Writing to the coredump will reschedule the timer to run immediately, + * if still armed. + * + * This is handled by using "if (cancel_delayed_work()) { + * schedule_delayed_work() }", to prevent re-arming after having + * been previously fired. + * - Writing to /sys/class/devcoredump/disabled will destroy the + * coredump synchronously. + * This is handled by using disable_delayed_work_sync(), and then + * checking if deleted flag is set with &devcd->mutex held. + */ struct delayed_work del_wk; struct device *failing_dev; }; @@ -95,14 +91,27 @@ static void devcd_dev_release(struct device *dev) kfree(devcd); } +static void __devcd_del(struct devcd_entry *devcd) +{ + devcd->deleted = true; + device_del(&devcd->devcd_dev); + put_device(&devcd->devcd_dev); +} + static void devcd_del(struct work_struct *wk) { struct devcd_entry *devcd; + bool init_completed; devcd = container_of(wk, struct devcd_entry, del_wk.work); - device_del(&devcd->devcd_dev); - put_device(&devcd->devcd_dev); + /* devcd->mutex serializes against dev_coredumpm_timeout */ + mutex_lock(&devcd->mutex); + init_completed = devcd->init_completed; + mutex_unlock(&devcd->mutex); + + if (init_completed) + __devcd_del(devcd); } static ssize_t devcd_data_read(struct file *filp, struct kobject *kobj, @@ -122,12 +131,12 @@ static ssize_t devcd_data_write(struct file *filp, struct kobject *kobj, struct device *dev = kobj_to_dev(kobj); struct devcd_entry *devcd = dev_to_devcd(dev); - mutex_lock(&devcd->mutex); - if (!devcd->delete_work) { - devcd->delete_work = true; - mod_delayed_work(system_wq, &devcd->del_wk, 0); - } - mutex_unlock(&devcd->mutex); + /* + * Although it's tempting to use mod_delayed work here, + * that will cause a reschedule if the timer already fired. + */ + if (cancel_delayed_work(&devcd->del_wk)) + schedule_delayed_work(&devcd->del_wk, 0); return count; } @@ -151,11 +160,21 @@ static int devcd_free(struct device *dev, void *data) { struct devcd_entry *devcd = dev_to_devcd(dev); + /* + * To prevent a race with devcd_data_write(), disable work and + * complete manually instead. + * + * We cannot rely on the return value of + * disable_delayed_work_sync() here, because it might be in the + * middle of a cancel_delayed_work + schedule_delayed_work pair. + * + * devcd->mutex here guards against multiple parallel invocations + * of devcd_free(). + */ + disable_delayed_work_sync(&devcd->del_wk); mutex_lock(&devcd->mutex); - if (!devcd->delete_work) - devcd->delete_work = true; - - flush_delayed_work(&devcd->del_wk); + if (!devcd->deleted) + __devcd_del(devcd); mutex_unlock(&devcd->mutex); return 0; } @@ -179,12 +198,10 @@ static ssize_t disabled_show(const struct class *class, const struct class_attri * put_device() <- last reference * error = fn(dev, data) devcd_dev_release() * devcd_free(dev, data) kfree(devcd) - * mutex_lock(&devcd->mutex); * * * In the above diagram, it looks like disabled_store() would be racing with parallelly - * running devcd_del() and result in memory abort while acquiring devcd->mutex which - * is called after kfree of devcd memory after dropping its last reference with + * running devcd_del() and result in memory abort after dropping its last reference with * put_device(). However, this will not happens as fn(dev, data) runs * with its own reference to device via klist_node so it is not its last reference. * so, above situation would not occur. @@ -374,7 +391,7 @@ void dev_coredumpm_timeout(struct device *dev, struct module *owner, devcd->read = read; devcd->free = free; devcd->failing_dev = get_device(dev); - devcd->delete_work = false; + devcd->deleted = false; mutex_init(&devcd->mutex); device_initialize(&devcd->devcd_dev); @@ -383,8 +400,14 @@ void dev_coredumpm_timeout(struct device *dev, struct module *owner, atomic_inc_return(&devcd_count)); devcd->devcd_dev.class = &devcd_class; - mutex_lock(&devcd->mutex); dev_set_uevent_suppress(&devcd->devcd_dev, true); + + /* devcd->mutex prevents devcd_del() completing until init finishes */ + mutex_lock(&devcd->mutex); + devcd->init_completed = false; + INIT_DELAYED_WORK(&devcd->del_wk, devcd_del); + schedule_delayed_work(&devcd->del_wk, timeout); + if (device_add(&devcd->devcd_dev)) goto put_device; @@ -401,13 +424,20 @@ void dev_coredumpm_timeout(struct device *dev, struct module *owner, dev_set_uevent_suppress(&devcd->devcd_dev, false); kobject_uevent(&devcd->devcd_dev.kobj, KOBJ_ADD); - INIT_DELAYED_WORK(&devcd->del_wk, devcd_del); - schedule_delayed_work(&devcd->del_wk, timeout); + + /* + * Safe to run devcd_del() now that we are done with devcd_dev. + * Alternatively we could have taken a ref on devcd_dev before + * dropping the lock. + */ + devcd->init_completed = true; mutex_unlock(&devcd->mutex); return; put_device: - put_device(&devcd->devcd_dev); mutex_unlock(&devcd->mutex); + cancel_delayed_work_sync(&devcd->del_wk); + put_device(&devcd->devcd_dev); + put_module: module_put(owner); free:

2 weeks, 2 days

2
1
0 0

FAILED: patch "[PATCH] can: gs_usb: increase max interface to U8_MAX" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 2a27f6a8fb5722223d526843040f747e9b0e8060 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102041-mounting-pursuit-e9d3@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 2a27f6a8fb5722223d526843040f747e9b0e8060 Mon Sep 17 00:00:00 2001 From: Celeste Liu <uwu(a)coelacanthus.name> Date: Tue, 30 Sep 2025 19:34:28 +0800 Subject: [PATCH] can: gs_usb: increase max interface to U8_MAX This issue was found by Runcheng Lu when develop HSCanT USB to CAN FD converter[1]. The original developers may have only 3 interfaces device to test so they write 3 here and wait for future change. During the HSCanT development, we actually used 4 interfaces, so the limitation of 3 is not enough now. But just increase one is not future-proofed. Since the channel index type in gs_host_frame is u8, just make canch[] become a flexible array with a u8 index, so it naturally constraint by U8_MAX and avoid statically allocate 256 pointer for every gs_usb device. [1]: https://github.com/cherry-embedded/HSCanT-hardware Fixes: d08e973a77d1 ("can: gs_usb: Added support for the GS_USB CAN devices") Reported-by: Runcheng Lu <runcheng.lu(a)hpmicro.com> Cc: stable(a)vger.kernel.org Reviewed-by: Vincent Mailhol <mailhol(a)kernel.org> Signed-off-by: Celeste Liu <uwu(a)coelacanthus.name> Link: https://patch.msgid.link/20250930-gs-usb-max-if-v5-1-863330bf6666@coelacant… Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> diff --git a/drivers/net/can/usb/gs_usb.c b/drivers/net/can/usb/gs_usb.c index c9482d6e947b..9fb4cbbd6d6d 100644 --- a/drivers/net/can/usb/gs_usb.c +++ b/drivers/net/can/usb/gs_usb.c @@ -289,11 +289,6 @@ struct gs_host_frame { #define GS_MAX_RX_URBS 30 #define GS_NAPI_WEIGHT 32 -/* Maximum number of interfaces the driver supports per device. - * Current hardware only supports 3 interfaces. The future may vary. - */ -#define GS_MAX_INTF 3 - struct gs_tx_context { struct gs_can *dev; unsigned int echo_id; @@ -324,7 +319,6 @@ struct gs_can { /* usb interface struct */ struct gs_usb { - struct gs_can *canch[GS_MAX_INTF]; struct usb_anchor rx_submitted; struct usb_device *udev; @@ -336,9 +330,11 @@ struct gs_usb { unsigned int hf_size_rx; u8 active_channels; + u8 channel_cnt; unsigned int pipe_in; unsigned int pipe_out; + struct gs_can *canch[] __counted_by(channel_cnt); }; /* 'allocate' a tx context. @@ -599,7 +595,7 @@ static void gs_usb_receive_bulk_callback(struct urb *urb) } /* device reports out of range channel id */ - if (hf->channel >= GS_MAX_INTF) + if (hf->channel >= parent->channel_cnt) goto device_detach; dev = parent->canch[hf->channel]; @@ -699,7 +695,7 @@ static void gs_usb_receive_bulk_callback(struct urb *urb) /* USB failure take down all interfaces */ if (rc == -ENODEV) { device_detach: - for (rc = 0; rc < GS_MAX_INTF; rc++) { + for (rc = 0; rc < parent->channel_cnt; rc++) { if (parent->canch[rc]) netif_device_detach(parent->canch[rc]->netdev); } @@ -1460,17 +1456,19 @@ static int gs_usb_probe(struct usb_interface *intf, icount = dconf.icount + 1; dev_info(&intf->dev, "Configuring for %u interfaces\n", icount); - if (icount > GS_MAX_INTF) { + if (icount > type_max(parent->channel_cnt)) { dev_err(&intf->dev, "Driver cannot handle more that %u CAN interfaces\n", - GS_MAX_INTF); + type_max(parent->channel_cnt)); return -EINVAL; } - parent = kzalloc(sizeof(*parent), GFP_KERNEL); + parent = kzalloc(struct_size(parent, canch, icount), GFP_KERNEL); if (!parent) return -ENOMEM; + parent->channel_cnt = icount; + init_usb_anchor(&parent->rx_submitted); usb_set_intfdata(intf, parent); @@ -1531,7 +1529,7 @@ static void gs_usb_disconnect(struct usb_interface *intf) return; } - for (i = 0; i < GS_MAX_INTF; i++) + for (i = 0; i < parent->channel_cnt; i++) if (parent->canch[i]) gs_destroy_candev(parent->canch[i]);

2 weeks, 2 days

3
4
0 0

[PATCH] drm/nouveau: Fix race in nouveau_sched_fini()

by Philipp Stanner

nouveau_sched_fini() uses a memory barrier before wait_event(). wait_event(), however, is a macro which expands to a loop which might check the passed condition several times. The barrier would only take effect for the first check. Replace the barrier with a function which takes the spinlock. Cc: stable(a)vger.kernel.org # v6.8+ Fixes: 5f03a507b29e ("drm/nouveau: implement 1:1 scheduler - entity relationship") Signed-off-by: Philipp Stanner <phasta(a)kernel.org> --- drivers/gpu/drm/nouveau/nouveau_sched.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_sched.c b/drivers/gpu/drm/nouveau/nouveau_sched.c index e60f7892f5ce..a7bf539e5d86 100644 --- a/drivers/gpu/drm/nouveau/nouveau_sched.c +++ b/drivers/gpu/drm/nouveau/nouveau_sched.c @@ -482,6 +482,17 @@ nouveau_sched_create(struct nouveau_sched **psched, struct nouveau_drm *drm, return 0; } +static bool +nouveau_sched_job_list_empty(struct nouveau_sched *sched) +{ + bool empty; + + spin_lock(&sched->job.list.lock); + empty = list_empty(&sched->job.list.head); + spin_unlock(&sched->job.list.lock); + + return empty; +} static void nouveau_sched_fini(struct nouveau_sched *sched) @@ -489,8 +500,7 @@ nouveau_sched_fini(struct nouveau_sched *sched) struct drm_gpu_scheduler *drm_sched = &sched->base; struct drm_sched_entity *entity = &sched->entity; - rmb(); /* for list_empty to work without lock */ - wait_event(sched->job.wq, list_empty(&sched->job.list.head)); + wait_event(sched->job.wq, nouveau_sched_job_list_empty(sched)); drm_sched_entity_fini(entity); drm_sched_fini(drm_sched); -- 2.49.0

2 weeks, 2 days

3
2
0 0

FAILED: patch "[PATCH] can: gs_usb: increase max interface to U8_MAX" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 2a27f6a8fb5722223d526843040f747e9b0e8060 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102040-unusual-concur-90e9@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 2a27f6a8fb5722223d526843040f747e9b0e8060 Mon Sep 17 00:00:00 2001 From: Celeste Liu <uwu(a)coelacanthus.name> Date: Tue, 30 Sep 2025 19:34:28 +0800 Subject: [PATCH] can: gs_usb: increase max interface to U8_MAX This issue was found by Runcheng Lu when develop HSCanT USB to CAN FD converter[1]. The original developers may have only 3 interfaces device to test so they write 3 here and wait for future change. During the HSCanT development, we actually used 4 interfaces, so the limitation of 3 is not enough now. But just increase one is not future-proofed. Since the channel index type in gs_host_frame is u8, just make canch[] become a flexible array with a u8 index, so it naturally constraint by U8_MAX and avoid statically allocate 256 pointer for every gs_usb device. [1]: https://github.com/cherry-embedded/HSCanT-hardware Fixes: d08e973a77d1 ("can: gs_usb: Added support for the GS_USB CAN devices") Reported-by: Runcheng Lu <runcheng.lu(a)hpmicro.com> Cc: stable(a)vger.kernel.org Reviewed-by: Vincent Mailhol <mailhol(a)kernel.org> Signed-off-by: Celeste Liu <uwu(a)coelacanthus.name> Link: https://patch.msgid.link/20250930-gs-usb-max-if-v5-1-863330bf6666@coelacant… Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> diff --git a/drivers/net/can/usb/gs_usb.c b/drivers/net/can/usb/gs_usb.c index c9482d6e947b..9fb4cbbd6d6d 100644 --- a/drivers/net/can/usb/gs_usb.c +++ b/drivers/net/can/usb/gs_usb.c @@ -289,11 +289,6 @@ struct gs_host_frame { #define GS_MAX_RX_URBS 30 #define GS_NAPI_WEIGHT 32 -/* Maximum number of interfaces the driver supports per device. - * Current hardware only supports 3 interfaces. The future may vary. - */ -#define GS_MAX_INTF 3 - struct gs_tx_context { struct gs_can *dev; unsigned int echo_id; @@ -324,7 +319,6 @@ struct gs_can { /* usb interface struct */ struct gs_usb { - struct gs_can *canch[GS_MAX_INTF]; struct usb_anchor rx_submitted; struct usb_device *udev; @@ -336,9 +330,11 @@ struct gs_usb { unsigned int hf_size_rx; u8 active_channels; + u8 channel_cnt; unsigned int pipe_in; unsigned int pipe_out; + struct gs_can *canch[] __counted_by(channel_cnt); }; /* 'allocate' a tx context. @@ -599,7 +595,7 @@ static void gs_usb_receive_bulk_callback(struct urb *urb) } /* device reports out of range channel id */ - if (hf->channel >= GS_MAX_INTF) + if (hf->channel >= parent->channel_cnt) goto device_detach; dev = parent->canch[hf->channel]; @@ -699,7 +695,7 @@ static void gs_usb_receive_bulk_callback(struct urb *urb) /* USB failure take down all interfaces */ if (rc == -ENODEV) { device_detach: - for (rc = 0; rc < GS_MAX_INTF; rc++) { + for (rc = 0; rc < parent->channel_cnt; rc++) { if (parent->canch[rc]) netif_device_detach(parent->canch[rc]->netdev); } @@ -1460,17 +1456,19 @@ static int gs_usb_probe(struct usb_interface *intf, icount = dconf.icount + 1; dev_info(&intf->dev, "Configuring for %u interfaces\n", icount); - if (icount > GS_MAX_INTF) { + if (icount > type_max(parent->channel_cnt)) { dev_err(&intf->dev, "Driver cannot handle more that %u CAN interfaces\n", - GS_MAX_INTF); + type_max(parent->channel_cnt)); return -EINVAL; } - parent = kzalloc(sizeof(*parent), GFP_KERNEL); + parent = kzalloc(struct_size(parent, canch, icount), GFP_KERNEL); if (!parent) return -ENOMEM; + parent->channel_cnt = icount; + init_usb_anchor(&parent->rx_submitted); usb_set_intfdata(intf, parent); @@ -1531,7 +1529,7 @@ static void gs_usb_disconnect(struct usb_interface *intf) return; } - for (i = 0; i < GS_MAX_INTF; i++) + for (i = 0; i < parent->channel_cnt; i++) if (parent->canch[i]) gs_destroy_candev(parent->canch[i]);

2 weeks, 2 days

3
6
0 0

[PATCH] drm/sched: Fix race in drm_sched_entity_select_rq()

by Philipp Stanner

In a past bug fix it was forgotten that entity access must be protected by the entity lock. That's a data race and potentially UB. Move the spin_unlock() to the appropriate position. Cc: stable(a)vger.kernel.org # v5.13+ Fixes: ac4eb83ab255 ("drm/sched: select new rq even if there is only one v3") Signed-off-by: Philipp Stanner <phasta(a)kernel.org> --- drivers/gpu/drm/scheduler/sched_entity.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/scheduler/sched_entity.c b/drivers/gpu/drm/scheduler/sched_entity.c index 5a4697f636f2..aa222166de58 100644 --- a/drivers/gpu/drm/scheduler/sched_entity.c +++ b/drivers/gpu/drm/scheduler/sched_entity.c @@ -552,10 +552,11 @@ void drm_sched_entity_select_rq(struct drm_sched_entity *entity) drm_sched_rq_remove_entity(entity->rq, entity); entity->rq = rq; } - spin_unlock(&entity->lock); if (entity->num_sched_list == 1) entity->sched_list = NULL; + + spin_unlock(&entity->lock); } /** -- 2.49.0

2 weeks, 2 days

3
2
0 0

[PATCH] scripts/quilt-mail: add my new email address

by Slade Watkins

My old email address is no longer valid and was bouncing. Add my new one instead. Signed-off-by: Slade Watkins <sr(a)sladewatkins.com> --- scripts/quilt-mail | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/quilt-mail b/scripts/quilt-mail index 9790b65f0f..7ef3f2fdbc 100755 --- a/scripts/quilt-mail +++ b/scripts/quilt-mail @@ -181,7 +181,8 @@ CC_NAMES=("linux-kernel(a)vger\.kernel\.org" "conor(a)kernel\.org" "hargar(a)microsoft\.com" "broonie(a)kernel\.org" - "achill(a)achill\.org") + "achill(a)achill\.org" + "sr(a)sladewatkins\.com") #CC_LIST="stable(a)vger\.kernel\.org" CC_LIST="patches(a)lists.linux.dev" -- 2.50.1 (Apple Git-155)

2 weeks, 2 days

2
1
0 0

FAILED: patch "[PATCH] can: gs_usb: increase max interface to U8_MAX" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 2a27f6a8fb5722223d526843040f747e9b0e8060 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102039-detoxify-trustee-aa22@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 2a27f6a8fb5722223d526843040f747e9b0e8060 Mon Sep 17 00:00:00 2001 From: Celeste Liu <uwu(a)coelacanthus.name> Date: Tue, 30 Sep 2025 19:34:28 +0800 Subject: [PATCH] can: gs_usb: increase max interface to U8_MAX This issue was found by Runcheng Lu when develop HSCanT USB to CAN FD converter[1]. The original developers may have only 3 interfaces device to test so they write 3 here and wait for future change. During the HSCanT development, we actually used 4 interfaces, so the limitation of 3 is not enough now. But just increase one is not future-proofed. Since the channel index type in gs_host_frame is u8, just make canch[] become a flexible array with a u8 index, so it naturally constraint by U8_MAX and avoid statically allocate 256 pointer for every gs_usb device. [1]: https://github.com/cherry-embedded/HSCanT-hardware Fixes: d08e973a77d1 ("can: gs_usb: Added support for the GS_USB CAN devices") Reported-by: Runcheng Lu <runcheng.lu(a)hpmicro.com> Cc: stable(a)vger.kernel.org Reviewed-by: Vincent Mailhol <mailhol(a)kernel.org> Signed-off-by: Celeste Liu <uwu(a)coelacanthus.name> Link: https://patch.msgid.link/20250930-gs-usb-max-if-v5-1-863330bf6666@coelacant… Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> diff --git a/drivers/net/can/usb/gs_usb.c b/drivers/net/can/usb/gs_usb.c index c9482d6e947b..9fb4cbbd6d6d 100644 --- a/drivers/net/can/usb/gs_usb.c +++ b/drivers/net/can/usb/gs_usb.c @@ -289,11 +289,6 @@ struct gs_host_frame { #define GS_MAX_RX_URBS 30 #define GS_NAPI_WEIGHT 32 -/* Maximum number of interfaces the driver supports per device. - * Current hardware only supports 3 interfaces. The future may vary. - */ -#define GS_MAX_INTF 3 - struct gs_tx_context { struct gs_can *dev; unsigned int echo_id; @@ -324,7 +319,6 @@ struct gs_can { /* usb interface struct */ struct gs_usb { - struct gs_can *canch[GS_MAX_INTF]; struct usb_anchor rx_submitted; struct usb_device *udev; @@ -336,9 +330,11 @@ struct gs_usb { unsigned int hf_size_rx; u8 active_channels; + u8 channel_cnt; unsigned int pipe_in; unsigned int pipe_out; + struct gs_can *canch[] __counted_by(channel_cnt); }; /* 'allocate' a tx context. @@ -599,7 +595,7 @@ static void gs_usb_receive_bulk_callback(struct urb *urb) } /* device reports out of range channel id */ - if (hf->channel >= GS_MAX_INTF) + if (hf->channel >= parent->channel_cnt) goto device_detach; dev = parent->canch[hf->channel]; @@ -699,7 +695,7 @@ static void gs_usb_receive_bulk_callback(struct urb *urb) /* USB failure take down all interfaces */ if (rc == -ENODEV) { device_detach: - for (rc = 0; rc < GS_MAX_INTF; rc++) { + for (rc = 0; rc < parent->channel_cnt; rc++) { if (parent->canch[rc]) netif_device_detach(parent->canch[rc]->netdev); } @@ -1460,17 +1456,19 @@ static int gs_usb_probe(struct usb_interface *intf, icount = dconf.icount + 1; dev_info(&intf->dev, "Configuring for %u interfaces\n", icount); - if (icount > GS_MAX_INTF) { + if (icount > type_max(parent->channel_cnt)) { dev_err(&intf->dev, "Driver cannot handle more that %u CAN interfaces\n", - GS_MAX_INTF); + type_max(parent->channel_cnt)); return -EINVAL; } - parent = kzalloc(sizeof(*parent), GFP_KERNEL); + parent = kzalloc(struct_size(parent, canch, icount), GFP_KERNEL); if (!parent) return -ENOMEM; + parent->channel_cnt = icount; + init_usb_anchor(&parent->rx_submitted); usb_set_intfdata(intf, parent); @@ -1531,7 +1529,7 @@ static void gs_usb_disconnect(struct usb_interface *intf) return; } - for (i = 0; i < GS_MAX_INTF; i++) + for (i = 0; i < parent->channel_cnt; i++) if (parent->canch[i]) gs_destroy_candev(parent->canch[i]);

2 weeks, 2 days

3
4
0 0

FAILED: patch "[PATCH] can: gs_usb: increase max interface to U8_MAX" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 2a27f6a8fb5722223d526843040f747e9b0e8060 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102038-outsource-awhile-6150@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 2a27f6a8fb5722223d526843040f747e9b0e8060 Mon Sep 17 00:00:00 2001 From: Celeste Liu <uwu(a)coelacanthus.name> Date: Tue, 30 Sep 2025 19:34:28 +0800 Subject: [PATCH] can: gs_usb: increase max interface to U8_MAX This issue was found by Runcheng Lu when develop HSCanT USB to CAN FD converter[1]. The original developers may have only 3 interfaces device to test so they write 3 here and wait for future change. During the HSCanT development, we actually used 4 interfaces, so the limitation of 3 is not enough now. But just increase one is not future-proofed. Since the channel index type in gs_host_frame is u8, just make canch[] become a flexible array with a u8 index, so it naturally constraint by U8_MAX and avoid statically allocate 256 pointer for every gs_usb device. [1]: https://github.com/cherry-embedded/HSCanT-hardware Fixes: d08e973a77d1 ("can: gs_usb: Added support for the GS_USB CAN devices") Reported-by: Runcheng Lu <runcheng.lu(a)hpmicro.com> Cc: stable(a)vger.kernel.org Reviewed-by: Vincent Mailhol <mailhol(a)kernel.org> Signed-off-by: Celeste Liu <uwu(a)coelacanthus.name> Link: https://patch.msgid.link/20250930-gs-usb-max-if-v5-1-863330bf6666@coelacant… Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> diff --git a/drivers/net/can/usb/gs_usb.c b/drivers/net/can/usb/gs_usb.c index c9482d6e947b..9fb4cbbd6d6d 100644 --- a/drivers/net/can/usb/gs_usb.c +++ b/drivers/net/can/usb/gs_usb.c @@ -289,11 +289,6 @@ struct gs_host_frame { #define GS_MAX_RX_URBS 30 #define GS_NAPI_WEIGHT 32 -/* Maximum number of interfaces the driver supports per device. - * Current hardware only supports 3 interfaces. The future may vary. - */ -#define GS_MAX_INTF 3 - struct gs_tx_context { struct gs_can *dev; unsigned int echo_id; @@ -324,7 +319,6 @@ struct gs_can { /* usb interface struct */ struct gs_usb { - struct gs_can *canch[GS_MAX_INTF]; struct usb_anchor rx_submitted; struct usb_device *udev; @@ -336,9 +330,11 @@ struct gs_usb { unsigned int hf_size_rx; u8 active_channels; + u8 channel_cnt; unsigned int pipe_in; unsigned int pipe_out; + struct gs_can *canch[] __counted_by(channel_cnt); }; /* 'allocate' a tx context. @@ -599,7 +595,7 @@ static void gs_usb_receive_bulk_callback(struct urb *urb) } /* device reports out of range channel id */ - if (hf->channel >= GS_MAX_INTF) + if (hf->channel >= parent->channel_cnt) goto device_detach; dev = parent->canch[hf->channel]; @@ -699,7 +695,7 @@ static void gs_usb_receive_bulk_callback(struct urb *urb) /* USB failure take down all interfaces */ if (rc == -ENODEV) { device_detach: - for (rc = 0; rc < GS_MAX_INTF; rc++) { + for (rc = 0; rc < parent->channel_cnt; rc++) { if (parent->canch[rc]) netif_device_detach(parent->canch[rc]->netdev); } @@ -1460,17 +1456,19 @@ static int gs_usb_probe(struct usb_interface *intf, icount = dconf.icount + 1; dev_info(&intf->dev, "Configuring for %u interfaces\n", icount); - if (icount > GS_MAX_INTF) { + if (icount > type_max(parent->channel_cnt)) { dev_err(&intf->dev, "Driver cannot handle more that %u CAN interfaces\n", - GS_MAX_INTF); + type_max(parent->channel_cnt)); return -EINVAL; } - parent = kzalloc(sizeof(*parent), GFP_KERNEL); + parent = kzalloc(struct_size(parent, canch, icount), GFP_KERNEL); if (!parent) return -ENOMEM; + parent->channel_cnt = icount; + init_usb_anchor(&parent->rx_submitted); usb_set_intfdata(intf, parent); @@ -1531,7 +1529,7 @@ static void gs_usb_disconnect(struct usb_interface *intf) return; } - for (i = 0; i < GS_MAX_INTF; i++) + for (i = 0; i < parent->channel_cnt; i++) if (parent->canch[i]) gs_destroy_candev(parent->canch[i]);

2 weeks, 2 days

3
4
0 0

[PATCH wireless-next v3 1/4] wifi: cfg80211: add an hrtimer based delayed work item

by Miri Korenblit

From: Benjamin Berg <benjamin.berg(a)intel.com> The normal timer mechanism assume that timeout further in the future need a lower accuracy. As an example, the granularity for a timer scheduled 4096 ms in the future on a 1000 Hz system is already 512 ms. This granularity is perfectly sufficient for e.g. timeouts, but there are other types of events that will happen at a future point in time and require a higher accuracy. Add a new wiphy_hrtimer_work type that uses an hrtimer internally. The API is almost identical to the existing wiphy_delayed_work and it can be used as a drop-in replacement after minor adjustments. The work will be scheduled relative to the current time with a slack of 1 millisecond. CC: stable(a)vger.kernel.org # 6.4+ Signed-off-by: Benjamin Berg <benjamin.berg(a)intel.com> Reviewed-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Miri Korenblit <miriam.rachel.korenblit(a)intel.com> --- include/net/cfg80211.h | 78 ++++++++++++++++++++++++++++++++++++++++++ net/wireless/core.c | 56 ++++++++++++++++++++++++++++++ net/wireless/trace.h | 21 ++++++++++++ 3 files changed, 155 insertions(+) diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index 53490eb04e87..f2e8963cfaac 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -6440,6 +6440,11 @@ static inline void wiphy_delayed_work_init(struct wiphy_delayed_work *dwork, * after wiphy_lock() was called. Therefore, wiphy_cancel_work() can * use just cancel_work() instead of cancel_work_sync(), it requires * being in a section protected by wiphy_lock(). + * + * Note that these are scheduled with a timer where the accuracy + * becomes less the longer in the future the scheduled timer is. Use + * wiphy_hrtimer_work_queue() if the timer must be not be late by more + * than approximately 10 percent. */ void wiphy_delayed_work_queue(struct wiphy *wiphy, struct wiphy_delayed_work *dwork, @@ -6511,6 +6516,79 @@ void wiphy_delayed_work_flush(struct wiphy *wiphy, bool wiphy_delayed_work_pending(struct wiphy *wiphy, struct wiphy_delayed_work *dwork); +struct wiphy_hrtimer_work { + struct wiphy_work work; + struct wiphy *wiphy; + struct hrtimer timer; +}; + +enum hrtimer_restart wiphy_hrtimer_work_timer(struct hrtimer *t); + +static inline void wiphy_hrtimer_work_init(struct wiphy_hrtimer_work *hrwork, + wiphy_work_func_t func) +{ + hrtimer_setup(&hrwork->timer, wiphy_hrtimer_work_timer, + CLOCK_BOOTTIME, HRTIMER_MODE_REL); + wiphy_work_init(&hrwork->work, func); +} + +/** + * wiphy_hrtimer_work_queue - queue hrtimer work for the wiphy + * @wiphy: the wiphy to queue for + * @hrwork: the high resolution timer worker + * @delay: the delay given as a ktime_t + * + * Please refer to wiphy_delayed_work_queue(). The difference is that + * the hrtimer work uses a high resolution timer for scheduling. This + * may be needed if timeouts might be scheduled further in the future + * and the accuracy of the normal timer is not sufficient. + * + * Expect a delay of a few milliseconds as the timer is scheduled + * with some slack and some more time may pass between queueing the + * work and its start. + */ +void wiphy_hrtimer_work_queue(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork, + ktime_t delay); + +/** + * wiphy_hrtimer_work_cancel - cancel previously queued hrtimer work + * @wiphy: the wiphy, for debug purposes + * @hrtimer: the hrtimer work to cancel + * + * Cancel the work *without* waiting for it, this assumes being + * called under the wiphy mutex acquired by wiphy_lock(). + */ +void wiphy_hrtimer_work_cancel(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrtimer); + +/** + * wiphy_hrtimer_work_flush - flush previously queued hrtimer work + * @wiphy: the wiphy, for debug purposes + * @hrwork: the hrtimer work to flush + * + * Flush the work (i.e. run it if pending). This must be called + * under the wiphy mutex acquired by wiphy_lock(). + */ +void wiphy_hrtimer_work_flush(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork); + +/** + * wiphy_hrtimer_work_pending - Find out whether a wiphy hrtimer + * work item is currently pending. + * + * @wiphy: the wiphy, for debug purposes + * @hrwork: the hrtimer work in question + * + * Return: true if timer is pending, false otherwise + * + * Please refer to the wiphy_delayed_work_pending() documentation as + * this is the equivalent function for hrtimer based delayed work + * items. + */ +bool wiphy_hrtimer_work_pending(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork); + /** * enum ieee80211_ap_reg_power - regulatory power for an Access Point * diff --git a/net/wireless/core.c b/net/wireless/core.c index f3568eb5e592..9f858a83e912 100644 --- a/net/wireless/core.c +++ b/net/wireless/core.c @@ -1802,6 +1802,62 @@ bool wiphy_delayed_work_pending(struct wiphy *wiphy, } EXPORT_SYMBOL_GPL(wiphy_delayed_work_pending); +enum hrtimer_restart wiphy_hrtimer_work_timer(struct hrtimer *t) +{ + struct wiphy_hrtimer_work *hrwork = + container_of(t, struct wiphy_hrtimer_work, timer); + + wiphy_work_queue(hrwork->wiphy, &hrwork->work); + + return HRTIMER_NORESTART; +} +EXPORT_SYMBOL_GPL(wiphy_hrtimer_work_timer); + +void wiphy_hrtimer_work_queue(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork, + ktime_t delay) +{ + trace_wiphy_hrtimer_work_queue(wiphy, &hrwork->work, delay); + + if (!delay) { + hrtimer_cancel(&hrwork->timer); + wiphy_work_queue(wiphy, &hrwork->work); + return; + } + + hrwork->wiphy = wiphy; + hrtimer_start_range_ns(&hrwork->timer, delay, + 1000 * NSEC_PER_USEC, HRTIMER_MODE_REL); +} +EXPORT_SYMBOL_GPL(wiphy_hrtimer_work_queue); + +void wiphy_hrtimer_work_cancel(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork) +{ + lockdep_assert_held(&wiphy->mtx); + + hrtimer_cancel(&hrwork->timer); + wiphy_work_cancel(wiphy, &hrwork->work); +} +EXPORT_SYMBOL_GPL(wiphy_hrtimer_work_cancel); + +void wiphy_hrtimer_work_flush(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork) +{ + lockdep_assert_held(&wiphy->mtx); + + hrtimer_cancel(&hrwork->timer); + wiphy_work_flush(wiphy, &hrwork->work); +} +EXPORT_SYMBOL_GPL(wiphy_hrtimer_work_flush); + +bool wiphy_hrtimer_work_pending(struct wiphy *wiphy, + struct wiphy_hrtimer_work *hrwork) +{ + return hrtimer_is_queued(&hrwork->timer); +} +EXPORT_SYMBOL_GPL(wiphy_hrtimer_work_pending); + static int __init cfg80211_init(void) { int err; diff --git a/net/wireless/trace.h b/net/wireless/trace.h index 8a4c34112eb5..2b71f1d867a0 100644 --- a/net/wireless/trace.h +++ b/net/wireless/trace.h @@ -304,6 +304,27 @@ TRACE_EVENT(wiphy_delayed_work_queue, __entry->delay) ); +TRACE_EVENT(wiphy_hrtimer_work_queue, + TP_PROTO(struct wiphy *wiphy, struct wiphy_work *work, + ktime_t delay), + TP_ARGS(wiphy, work, delay), + TP_STRUCT__entry( + WIPHY_ENTRY + __field(void *, instance) + __field(void *, func) + __field(ktime_t, delay) + ), + TP_fast_assign( + WIPHY_ASSIGN; + __entry->instance = work; + __entry->func = work->func; + __entry->delay = delay; + ), + TP_printk(WIPHY_PR_FMT " instance=%p func=%pS delay=%llu", + WIPHY_PR_ARG, __entry->instance, __entry->func, + __entry->delay) +); + TRACE_EVENT(wiphy_work_worker_start, TP_PROTO(struct wiphy *wiphy), TP_ARGS(wiphy), -- 2.34.1

2 weeks, 2 days

1
0
0 0

[PATCH] s390/mm: Fix memory leak in add_marker() when kvrealloc fails

by Miaoqian Lin

When kvrealloc() fails, the original markers memory is leaked because the function directly assigns the NULL to the markers pointer, losing the reference to the original memory. As a result, the kvfree() in pt_dump_init() ends up freeing NULL instead of the previously allocated memory. Fix this by using a temporary variable to store kvrealloc()'s return value and only update the markers pointer on success. Found via static anlaysis and this is similar to commit 42378a9ca553 ("bpf, verifier: Fix memory leak in array reallocation for stack state") Fixes: d0e7915d2ad3 ("s390/mm/ptdump: Generate address marker array dynamically") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- arch/s390/mm/dump_pagetables.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/arch/s390/mm/dump_pagetables.c b/arch/s390/mm/dump_pagetables.c index 9af2aae0a515..0f2e0c93a1e0 100644 --- a/arch/s390/mm/dump_pagetables.c +++ b/arch/s390/mm/dump_pagetables.c @@ -291,16 +291,19 @@ static int ptdump_cmp(const void *a, const void *b) static int add_marker(unsigned long start, unsigned long end, const char *name) { + struct addr_marker *new_markers; size_t oldsize, newsize; oldsize = markers_cnt * sizeof(*markers); newsize = oldsize + 2 * sizeof(*markers); if (!oldsize) - markers = kvmalloc(newsize, GFP_KERNEL); + new_markers = kvmalloc(newsize, GFP_KERNEL); else - markers = kvrealloc(markers, newsize, GFP_KERNEL); - if (!markers) + new_markers = kvrealloc(markers, newsize, GFP_KERNEL); + if (!new_markers) goto error; + + markers = new_markers; markers[markers_cnt].is_start = 1; markers[markers_cnt].start_address = start; markers[markers_cnt].size = end - start; -- 2.39.5 (Apple Git-154)

2 weeks, 2 days

3
3
0 0

[PATCH] dma-fence: Fix safe access wrapper to call timeline name method

by Akash Goel

This commit fixes the wrapper function dma_fence_timeline_name(), that was added for safe access, to actually call the timeline name method of dma_fence_ops. Cc: <stable(a)vger.kernel.org> # v6.17+ Signed-off-by: Akash Goel <akash.goel(a)arm.com> --- drivers/dma-buf/dma-fence.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/dma-buf/dma-fence.c b/drivers/dma-buf/dma-fence.c index 3f78c56b58dc..39e6f93dc310 100644 --- a/drivers/dma-buf/dma-fence.c +++ b/drivers/dma-buf/dma-fence.c @@ -1141,7 +1141,7 @@ const char __rcu *dma_fence_timeline_name(struct dma_fence *fence) "RCU protection is required for safe access to returned string"); if (!test_bit(DMA_FENCE_FLAG_SIGNALED_BIT, &fence->flags)) - return fence->ops->get_driver_name(fence); + return fence->ops->get_timeline_name(fence); else return "signaled-timeline"; } -- 2.25.1

2 weeks, 2 days

3
2
0 0

FAILED: patch "[PATCH] vsock: fix lock inversion in vsock_assign_transport()" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x f7c877e7535260cc7a21484c994e8ce7e8cb6780 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102616-navy-creatable-7fad@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f7c877e7535260cc7a21484c994e8ce7e8cb6780 Mon Sep 17 00:00:00 2001 From: Stefano Garzarella <sgarzare(a)redhat.com> Date: Tue, 21 Oct 2025 14:17:18 +0200 Subject: [PATCH] vsock: fix lock inversion in vsock_assign_transport() Syzbot reported a potential lock inversion deadlock between vsock_register_mutex and sk_lock-AF_VSOCK when vsock_linger() is called. The issue was introduced by commit 687aa0c5581b ("vsock: Fix transport_* TOCTOU") which added vsock_register_mutex locking in vsock_assign_transport() around the transport->release() call, that can call vsock_linger(). vsock_assign_transport() can be called with sk_lock held. vsock_linger() calls sk_wait_event() that temporarily releases and re-acquires sk_lock. During this window, if another thread hold vsock_register_mutex while trying to acquire sk_lock, a circular dependency is created. Fix this by releasing vsock_register_mutex before calling transport->release() and vsock_deassign_transport(). This is safe because we don't need to hold vsock_register_mutex while releasing the old transport, and we ensure the new transport won't disappear by obtaining a module reference first via try_module_get(). Reported-by: syzbot+10e35716f8e4929681fa(a)syzkaller.appspotmail.com Tested-by: syzbot+10e35716f8e4929681fa(a)syzkaller.appspotmail.com Fixes: 687aa0c5581b ("vsock: Fix transport_* TOCTOU") Cc: mhal(a)rbox.co Cc: stable(a)vger.kernel.org Signed-off-by: Stefano Garzarella <sgarzare(a)redhat.com> Link: https://patch.msgid.link/20251021121718.137668-1-sgarzare@redhat.com Signed-off-by: Paolo Abeni <pabeni(a)redhat.com> diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c index 4c2db6cca557..76763247a377 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -487,12 +487,26 @@ int vsock_assign_transport(struct vsock_sock *vsk, struct vsock_sock *psk) goto err; } - if (vsk->transport) { - if (vsk->transport == new_transport) { - ret = 0; - goto err; - } + if (vsk->transport && vsk->transport == new_transport) { + ret = 0; + goto err; + } + /* We increase the module refcnt to prevent the transport unloading + * while there are open sockets assigned to it. + */ + if (!new_transport || !try_module_get(new_transport->module)) { + ret = -ENODEV; + goto err; + } + + /* It's safe to release the mutex after a successful try_module_get(). + * Whichever transport `new_transport` points at, it won't go away until + * the last module_put() below or in vsock_deassign_transport(). + */ + mutex_unlock(&vsock_register_mutex); + + if (vsk->transport) { /* transport->release() must be called with sock lock acquired. * This path can only be taken during vsock_connect(), where we * have already held the sock lock. In the other cases, this @@ -512,20 +526,6 @@ int vsock_assign_transport(struct vsock_sock *vsk, struct vsock_sock *psk) vsk->peer_shutdown = 0; } - /* We increase the module refcnt to prevent the transport unloading - * while there are open sockets assigned to it. - */ - if (!new_transport || !try_module_get(new_transport->module)) { - ret = -ENODEV; - goto err; - } - - /* It's safe to release the mutex after a successful try_module_get(). - * Whichever transport `new_transport` points at, it won't go away until - * the last module_put() below or in vsock_deassign_transport(). - */ - mutex_unlock(&vsock_register_mutex); - if (sk->sk_type == SOCK_SEQPACKET) { if (!new_transport->seqpacket_allow || !new_transport->seqpacket_allow(remote_cid)) {

2 weeks, 2 days

2
1
0 0

[REGRESSION] 6.16 fae58d0155 prevents boot of google-tomato (mt8195)

by ninelore

Hi, starting with the bisected commit fae58d0155a979a8c414bbc12db09dd4b2f910d0 ("[v2] drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv") on 6.16.y my chromebook codenamed google-tomato with the SoC MT8195 seems to hang while initializing drm. Kernel messages over serial show CPU stalls some minutes later. I am attaching the full kernel logs below. This issue is present in 6.16.7, however not in v6.17-rc6 This is my first time reporting a bug here. Please let me know if you need additional information. Thanks and kind regards Ingo Reitz -------- Booting Linux on physical CPU 0x0000000000 [0x412fd050] Linux version 6.16.4 (nixbld@localhost) (aarch64-unknown-linux-gnu-gcc (GCC) 14.3.0, GNU ld (GNU Binutils) 2.44) #1-NixOS SMP Tue Jan 1 00:00:00 UTC 1980 Machine model: Acer Tomato (rev3 - 4) board Reserved memory: created DMA memory pool at 0x0000000050000000, size 41 MiB OF: reserved mem: initialized node memory@50000000, compatible id shared-dma-pool OF: reserved mem: 0x0000000050000000..0x00000000528fffff (41984 KiB) nomap non-reusable memory@50000000 Reserved memory: created DMA memory pool at 0x0000000060000000, size 13 MiB OF: reserved mem: initialized node memory@60000000, compatible id shared-dma-pool OF: reserved mem: 0x0000000060000000..0x0000000060d7ffff (13824 KiB) nomap non-reusable memory@60000000 Reserved memory: created DMA memory pool at 0x0000000060d80000, size 1 MiB OF: reserved mem: initialized node memory@60d80000, compatible id shared-dma-pool OF: reserved mem: 0x0000000060d80000..0x0000000060e7ffff (1024 KiB) nomap non-reusable memory@60d80000 Reserved memory: created DMA memory pool at 0x0000000060e80000, size 2 MiB OF: reserved mem: initialized node memory@60e80000, compatible id shared-dma-pool OF: reserved mem: 0x0000000060e80000..0x00000000610fffff (2560 KiB) nomap non-reusable memory@60e80000 Zone ranges: Normal [mem 0x0000000040000000-0x000000023fffffff] Movable zone start for each node Early memory node ranges node 0: [mem 0x0000000040000000-0x000000004fffffff] node 0: [mem 0x0000000050000000-0x00000000528fffff] node 0: [mem 0x0000000052900000-0x00000000545fffff] node 0: [mem 0x0000000054660000-0x000000005fffffff] node 0: [mem 0x0000000060000000-0x00000000610fffff] node 0: [mem 0x0000000061100000-0x00000000fffdafff] node 0: [mem 0x0000000100000000-0x000000023fffffff] Initmem setup node 0 [mem 0x0000000040000000-0x000000023fffffff] On node 0, zone Normal: 96 pages in unavailable ranges On node 0, zone Normal: 37 pages in unavailable ranges psci: probing for conduit method from DT. psci: PSCIv1.1 detected in firmware. psci: Using standard PSCI v0.2 function IDs psci: MIGRATE_INFO_TYPE not supported. psci: SMC Calling Convention v1.5 percpu: Embedded 17 pages/cpu s40608 r0 d29024 u69632 pcpu-alloc: s40608 r0 d29024 u69632 alloc=17*4096 pcpu-alloc: [0] 0 [0] 1 [0] 2 [0] 3 [0] 4 [0] 5 [0] 6 [0] 7 Detected VIPT I-cache on CPU0 CPU features: detected: GIC system register CPU interface CPU features: detected: Virtualization Host Extensions CPU features: kernel page table isolation disabled by kernel configuration alternatives: applying boot alternatives Kernel command line: console=tty0 console=ttyS0,115200n8 loglevel=15 printk: log buffer data + meta data: 131072 + 458752 = 589824 bytes Dentry cache hash table entries: 1048576 (order: 11, 8388608 bytes, linear) Inode-cache hash table entries: 524288 (order: 10, 4194304 bytes, linear) software IO TLB: SWIOTLB bounce buffer size adjusted to 8MB software IO TLB: area num 8. software IO TLB: mapped [mem 0x0000000236a00000-0x0000000237200000] (8MB) Built 1 zonelists, mobility grouping on. Total pages: 2097019 mem auto-init: stack:all(zero), heap alloc:off, heap free:off SLUB: HWalign=64, Order=0-1, MinObjects=0, CPUs=8, Nodes=1 rcu: Hierarchical RCU implementation. rcu: RCU restricting CPUs from NR_CPUS=512 to nr_cpu_ids=8. rcu: RCU calculated value of scheduler-enlistment delay is 25 jiffies. rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=8 NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0 GICv3: GIC: Using split EOI/Deactivate mode GICv3: 864 SPIs implemented GICv3: 0 Extended SPIs implemented Root IRQ handler: 0xffff80008001007c GICv3: GICv3 features: 16 PPIs GICv3: GICD_CTRL.DS=0, SCR_EL3.FIQ=0 GICv3: CPU0: found redistributor 0 region 0:0x000000000c040000 GICv3: GIC: PPI partition interrupt-partition-0[0] { /cpus/cpu@0[0] /cpus/cpu@100[1] /cpus/cpu@200[2] /cpus/cpu@300[3] } GICv3: GIC: PPI partition interrupt-partition-1[1] { /cpus/cpu@400[4] /cpus/cpu@500[5] /cpus/cpu@600[6] /cpus/cpu@700[7] } rcu: srcu_init: Setting srcu_struct sizes based on contention. arch_timer: cp15 timer(s) running at 13.00MHz (phys). clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x2ff89eacb, max_idle_ns: 440795202429 ns sched_clock: 56 bits at 13MHz, resolution 76ns, wraps every 4398046511101ns Console: colour dummy device 80x25 printk: legacy console [tty0] enabled Calibrating delay loop (skipped), value calculated using timer frequency.. 26.00 BogoMIPS (lpj=52000) pid_max: default: 32768 minimum: 301 Mount-cache hash table entries: 16384 (order: 5, 131072 bytes, linear) Mountpoint-cache hash table entries: 16384 (order: 5, 131072 bytes, linear) rcu: Hierarchical SRCU implementation. rcu: Max phase no-delay instances is 1000. smp: Bringing up secondary CPUs ... Detected VIPT I-cache on CPU1 GICv3: CPU1: found redistributor 100 region 0:0x000000000c060000 CPU1: Booted secondary processor 0x0000000100 [0x412fd050] Detected VIPT I-cache on CPU2 GICv3: CPU2: found redistributor 200 region 0:0x000000000c080000 CPU2: Booted secondary processor 0x0000000200 [0x412fd050] Detected VIPT I-cache on CPU3 GICv3: CPU3: found redistributor 300 region 0:0x000000000c0a0000 CPU3: Booted secondary processor 0x0000000300 [0x412fd050] CPU features: detected: Spectre-v4 CPU features: detected: Spectre-BHB Detected PIPT I-cache on CPU4 GICv3: CPU4: found redistributor 400 region 0:0x000000000c0c0000 CPU4: Booted secondary processor 0x0000000400 [0x411fd410] Detected PIPT I-cache on CPU5 GICv3: CPU5: found redistributor 500 region 0:0x000000000c0e0000 CPU5: Booted secondary processor 0x0000000500 [0x411fd410] Detected PIPT I-cache on CPU6 GICv3: CPU6: found redistributor 600 region 0:0x000000000c100000 CPU6: Booted secondary processor 0x0000000600 [0x411fd410] Detected PIPT I-cache on CPU7 GICv3: CPU7: found redistributor 700 region 0:0x000000000c120000 CPU7: Booted secondary processor 0x0000000700 [0x411fd410] smp: Brought up 1 node, 8 CPUs SMP: Total of 8 processors activated. CPU: All CPU(s) started at EL2 CPU features: detected: 32-bit EL0 Support CPU features: detected: Data cache clean to the PoU not required for I/D coherence CPU features: detected: Common not Private translations CPU features: detected: CRC32 instructions CPU features: detected: Data cache clean to Point of Persistence CPU features: detected: RCpc load-acquire (LDAPR) CPU features: detected: LSE atomic instructions CPU features: detected: PMUv3 CPU features: detected: RAS Extension Support CPU features: detected: Speculative Store Bypassing Safe (SSBS) spectre-bhb mitigation disabled by compile time option spectre-bhb mitigation disabled by compile time option alternatives: applying system-wide alternatives CPU features: detected: Hardware dirty bit management on CPU0-7 Memory: 8159184K/8388076K available (4928K kernel code, 924K rwdata, 1800K rodata, 896K init, 479K bss, 224752K reserved, 0K cma-reserved) devtmpfs: initialized clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041785100000 ns futex hash table entries: 2048 (131072 bytes on 1 NUMA nodes, total 128 KiB, linear). pinctrl core: initialized pinctrl subsystem DMA: preallocated 1024 KiB GFP_KERNEL pool for atomic allocations thermal_sys: Registered thermal governor 'step_wise' thermal_sys: Registered thermal governor 'power_allocator' hw-breakpoint: found 6 breakpoint and 4 watchpoint registers. ASID allocator initialised with 65536 entries Serial: AMBA PL011 UART driver /soc/interrupt-controller@c000000: Fixed dependency cycle(s) with /soc/interrupt-controller@c000000 /soc/syscon@1c01a000: Fixed dependency cycle(s) with /soc/ovl@1c000000 /soc/ovl@1c000000: Fixed dependency cycle(s) with /soc/rdma@1c002000 /soc/ovl@1c000000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/rdma@1c002000: Fixed dependency cycle(s) with /soc/color@1c003000 /soc/rdma@1c002000: Fixed dependency cycle(s) with /soc/ovl@1c000000 /soc/rdma@1c002000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/color@1c003000: Fixed dependency cycle(s) with /soc/ccorr@1c004000 /soc/color@1c003000: Fixed dependency cycle(s) with /soc/rdma@1c002000 /soc/color@1c003000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/ccorr@1c004000: Fixed dependency cycle(s) with /soc/aal@1c005000 /soc/ccorr@1c004000: Fixed dependency cycle(s) with /soc/color@1c003000 /soc/ccorr@1c004000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/aal@1c005000: Fixed dependency cycle(s) with /soc/gamma@1c006000 /soc/aal@1c005000: Fixed dependency cycle(s) with /soc/ccorr@1c004000 /soc/aal@1c005000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/gamma@1c006000: Fixed dependency cycle(s) with /soc/dither@1c007000 /soc/gamma@1c006000: Fixed dependency cycle(s) with /soc/aal@1c005000 /soc/gamma@1c006000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/dither@1c007000: Fixed dependency cycle(s) with /soc/dsc@1c009000 /soc/dither@1c007000: Fixed dependency cycle(s) with /soc/gamma@1c006000 /soc/dither@1c007000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/dsc@1c009000: Fixed dependency cycle(s) with /soc/merge@1c014000 /soc/dsc@1c009000: Fixed dependency cycle(s) with /soc/dither@1c007000 /soc/dsc@1c009000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/merge@1c014000: Fixed dependency cycle(s) with /soc/dp-intf@1c015000 /soc/merge@1c014000: Fixed dependency cycle(s) with /soc/dsc@1c009000 /soc/merge@1c014000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/dp-intf@1c015000: Fixed dependency cycle(s) with /soc/edp-tx@1c500000 /soc/dp-intf@1c015000: Fixed dependency cycle(s) with /soc/merge@1c014000 /soc/dp-intf@1c015000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/syscon@1c100000: Fixed dependency cycle(s) with /soc/hdr-engine@1c114000 /soc/vpp-merge@1c110000: Fixed dependency cycle(s) with /soc/dp-intf@1c113000 /soc/vpp-merge@1c110000: Fixed dependency cycle(s) with /soc/hdr-engine@1c114000 /soc/vpp-merge@1c110000: Fixed dependency cycle(s) with /soc/syscon@1c100000 /soc/dp-intf@1c113000: Fixed dependency cycle(s) with /soc/dp-tx@1c600000 /soc/dp-intf@1c113000: Fixed dependency cycle(s) with /soc/vpp-merge@1c110000 /soc/dp-intf@1c113000: Fixed dependency cycle(s) with /soc/syscon@1c100000 /soc/hdr-engine@1c114000: Fixed dependency cycle(s) with /soc/vpp-merge@1c110000 /soc/hdr-engine@1c114000: Fixed dependency cycle(s) with /soc/syscon@1c100000 /soc/edp-tx@1c500000: Fixed dependency cycle(s) with /soc/edp-tx@1c500000/aux-bus/panel /soc/edp-tx@1c500000: Fixed dependency cycle(s) with /soc/dp-intf@1c015000 /soc/edp-tx@1c500000/aux-bus/panel: Fixed dependency cycle(s) with /soc/edp-tx@1c500000 /soc/dp-tx@1c600000: Fixed dependency cycle(s) with /soc/dp-intf@1c113000 /soc/pinctrl@10005000: Fixed dependency cycle(s) with /soc/pinctrl@10005000/pio-default-pins /soc/pcie@112f8000: Fixed dependency cycle(s) with /soc/pcie@112f8000/interrupt-controller /soc/syscon@1c01a000: Fixed dependency cycle(s) with /soc/ovl@1c000000 /soc/syscon@1c01a000: Fixed dependency cycle(s) with /soc/ovl@1c000000 /soc/ovl@1c000000: Fixed dependency cycle(s) with /soc/rdma@1c002000 /soc/ovl@1c000000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/ovl@1c000000: Fixed dependency cycle(s) with /soc/rdma@1c002000 /soc/rdma@1c002000: Fixed dependency cycle(s) with /soc/color@1c003000 /soc/rdma@1c002000: Fixed dependency cycle(s) with /soc/ovl@1c000000 /soc/rdma@1c002000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/rdma@1c002000: Fixed dependency cycle(s) with /soc/color@1c003000 /soc/color@1c003000: Fixed dependency cycle(s) with /soc/ccorr@1c004000 /soc/color@1c003000: Fixed dependency cycle(s) with /soc/rdma@1c002000 /soc/color@1c003000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/color@1c003000: Fixed dependency cycle(s) with /soc/ccorr@1c004000 /soc/ccorr@1c004000: Fixed dependency cycle(s) with /soc/aal@1c005000 /soc/ccorr@1c004000: Fixed dependency cycle(s) with /soc/color@1c003000 /soc/ccorr@1c004000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/ccorr@1c004000: Fixed dependency cycle(s) with /soc/aal@1c005000 /soc/aal@1c005000: Fixed dependency cycle(s) with /soc/gamma@1c006000 /soc/aal@1c005000: Fixed dependency cycle(s) with /soc/ccorr@1c004000 /soc/aal@1c005000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/aal@1c005000: Fixed dependency cycle(s) with /soc/gamma@1c006000 /soc/gamma@1c006000: Fixed dependency cycle(s) with /soc/dither@1c007000 /soc/gamma@1c006000: Fixed dependency cycle(s) with /soc/aal@1c005000 /soc/gamma@1c006000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/gamma@1c006000: Fixed dependency cycle(s) with /soc/dither@1c007000 /soc/dither@1c007000: Fixed dependency cycle(s) with /soc/dsc@1c009000 /soc/dither@1c007000: Fixed dependency cycle(s) with /soc/gamma@1c006000 /soc/dither@1c007000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/dither@1c007000: Fixed dependency cycle(s) with /soc/dsc@1c009000 /soc/dsc@1c009000: Fixed dependency cycle(s) with /soc/merge@1c014000 /soc/dsc@1c009000: Fixed dependency cycle(s) with /soc/dither@1c007000 /soc/dsc@1c009000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/dsc@1c009000: Fixed dependency cycle(s) with /soc/merge@1c014000 /soc/merge@1c014000: Fixed dependency cycle(s) with /soc/dp-intf@1c015000 /soc/merge@1c014000: Fixed dependency cycle(s) with /soc/dsc@1c009000 /soc/merge@1c014000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/merge@1c014000: Fixed dependency cycle(s) with /soc/dp-intf@1c015000 /soc/dp-intf@1c015000: Fixed dependency cycle(s) with /soc/edp-tx@1c500000 /soc/dp-intf@1c015000: Fixed dependency cycle(s) with /soc/merge@1c014000 /soc/dp-intf@1c015000: Fixed dependency cycle(s) with /soc/syscon@1c01a000 /soc/syscon@1c100000: Fixed dependency cycle(s) with /soc/hdr-engine@1c114000 /soc/vpp-merge@1c110000: Fixed dependency cycle(s) with /soc/dp-intf@1c113000 /soc/vpp-merge@1c110000: Fixed dependency cycle(s) with /soc/hdr-engine@1c114000 /soc/vpp-merge@1c110000: Fixed dependency cycle(s) with /soc/syscon@1c100000 /soc/vpp-merge@1c110000: Fixed dependency cycle(s) with /soc/dp-intf@1c113000 /soc/dp-intf@1c113000: Fixed dependency cycle(s) with /soc/dp-tx@1c600000 /soc/dp-intf@1c113000: Fixed dependency cycle(s) with /soc/vpp-merge@1c110000 /soc/dp-intf@1c113000: Fixed dependency cycle(s) with /soc/syscon@1c100000 /soc/vpp-merge@1c110000: Fixed dependency cycle(s) with /soc/hdr-engine@1c114000 /soc/syscon@1c100000: Fixed dependency cycle(s) with /soc/hdr-engine@1c114000 /soc/hdr-engine@1c114000: Fixed dependency cycle(s) with /soc/vpp-merge@1c110000 /soc/hdr-engine@1c114000: Fixed dependency cycle(s) with /soc/syscon@1c100000 /soc/dp-intf@1c015000: Fixed dependency cycle(s) with /soc/edp-tx@1c500000 /soc/edp-tx@1c500000: Fixed dependency cycle(s) with /soc/edp-tx@1c500000/aux-bus/panel /soc/edp-tx@1c500000: Fixed dependency cycle(s) with /soc/dp-intf@1c015000 /soc/edp-tx@1c500000/aux-bus/panel: Fixed dependency cycle(s) with /soc/edp-tx@1c500000 /soc/dp-intf@1c113000: Fixed dependency cycle(s) with /soc/dp-tx@1c600000 /soc/dp-tx@1c600000: Fixed dependency cycle(s) with /soc/dp-intf@1c113000 HugeTLB: allocation took 0ms with hugepage_allocation_threads=2 HugeTLB: allocation took 0ms with hugepage_allocation_threads=2 HugeTLB: registered 1.00 GiB page size, pre-allocated 0 pages HugeTLB: 0 KiB vmemmap can be freed for a 1.00 GiB page HugeTLB: registered 32.0 MiB page size, pre-allocated 0 pages HugeTLB: 0 KiB vmemmap can be freed for a 32.0 MiB page HugeTLB: registered 2.00 MiB page size, pre-allocated 0 pages HugeTLB: 0 KiB vmemmap can be freed for a 2.00 MiB page HugeTLB: registered 64.0 KiB page size, pre-allocated 0 pages HugeTLB: 0 KiB vmemmap can be freed for a 64.0 KiB page iommu: Default domain type: Translated iommu: DMA domain TLB invalidation policy: strict mode SCSI subsystem initialized libata version 3.00 loaded. usbcore: registered new interface driver usbfs usbcore: registered new interface driver hub usbcore: registered new device driver usb vgaarb: loaded clocksource: Switched to clocksource arch_sys_counter PCI: CLS 0 bytes, default 64 Unpacking initramfs... workingset: timestamp_bits=62 max_order=21 bucket_order=0 squashfs: version 4.0 (2009/01/31) Phillip Lougher Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251) io scheduler mq-deadline registered io scheduler kyber registered io scheduler bfq registered Freeing initrd memory: 2996K cannot find "mediatek,mt8195-fhctl" mtk-socinfo mtk-socinfo.0.auto: MediaTek Kompanio 1380 (MT8195) SoC detected. Serial: 8250/16550 driver, 32 ports, IRQ sharing disabled printk: legacy console [ttyS0] disabled 11001100.serial: ttyS0 at MMIO 0x11001100 (irq = 253, base_baud = 1625000) is a ST16650V2 printk: legacy console [ttyS0] enabled Serial: AMBA driver loop: module loaded mt6359-keys: Failed to locate of_node [id: -1] mt6359-accdet: Failed to locate of_node [id: -1] mtk-spi-nor 1132c000.spi: spi frequency: 52000000 Hz usbcore: registered new interface driver usb-storage mt6397-rtc mt6359-rtc: registered as rtc0 mt6397-rtc mt6359-rtc: setting system clock to 2025-09-15T22:15:30 UTC (1757974530) mtk-lvts-thermal 1100b000.thermal-sensor: golden temp=60 vgpu11_sshub: Bringing 400000uV into 550000-550000uV thermal thermal_zone0: power_allocator: sustainable_power will be estimated thermal thermal_zone1: power_allocator: sustainable_power will be estimated thermal thermal_zone2: power_allocator: sustainable_power will be estimated thermal thermal_zone3: power_allocator: sustainable_power will be estimated thermal thermal_zone4: power_allocator: sustainable_power will be estimated thermal thermal_zone5: power_allocator: sustainable_power will be estimated thermal thermal_zone6: power_allocator: sustainable_power will be estimated thermal thermal_zone7: power_allocator: sustainable_power will be estimated thermal thermal_zone8: power_allocator: sustainable_power will be estimated mtk-lvts-thermal 11278000.thermal-sensor: golden temp=60 thermal thermal_zone9: power_allocator: sustainable_power will be estimated thermal thermal_zone10: power_allocator: sustainable_power will be estimated thermal thermal_zone11: power_allocator: sustainable_power will be estimated thermal thermal_zone12: power_allocator: sustainable_power will be estimated thermal thermal_zone13: power_allocator: sustainable_power will be estimated thermal thermal_zone14: power_allocator: sustainable_power will be estimated thermal thermal_zone15: power_allocator: sustainable_power will be estimated thermal thermal_zone16: power_allocator: sustainable_power will be estimated cpu cpu0: EM: created perf domain cpu cpu4: EM: created perf domain coreboot_table firmware:coreboot: probe with driver coreboot_table failed with error -22 hid: raw HID events driver (C) Jiri Kosina usbcore: registered new interface driver usbhid usbhid: USB HID core driver spi_master spi0: will run message pump with realtime priority hw perfevents: enabled with armv8_cortex_a55 PMU driver, 7 (0,8000003f) counters available hw perfevents: enabled with armv8_cortex_a78 PMU driver, 7 (0,8000003f) counters available mediatek-drm mediatek-drm.12.auto: Adding component match for /soc/ovl@1c000000 mediatek-drm mediatek-drm.12.auto: Adding component match for /soc/rdma@1c002000 mediatek-drm mediatek-drm.12.auto: Adding component match for /soc/color@1c003000 mediatek-drm mediatek-drm.12.auto: Adding component match for /soc/ccorr@1c004000 mediatek-drm mediatek-drm.12.auto: Adding component match for /soc/aal@1c005000 mediatek-drm mediatek-drm.12.auto: Adding component match for /soc/gamma@1c006000 mediatek-drm mediatek-drm.12.auto: Adding component match for /soc/merge@1c014000 mediatek-drm mediatek-drm.12.auto: Adding component match for /soc/dp-intf@1c015000 mediatek-disp-ovl-adaptor mediatek-disp-ovl-adaptor.15.auto: Failed to get id. type: 2, alias: -19 mediatek-disp-ovl-adaptor mediatek-disp-ovl-adaptor.15.auto: Skipping unknown component /soc/merge@1c014000 mediatek-disp-ovl-adaptor mediatek-disp-ovl-adaptor.15.auto: Failed to get id. type: 2, alias: 5 mediatek-disp-ovl-adaptor mediatek-disp-ovl-adaptor.15.auto: Skipping unknown component /soc/vpp-merge@1c110000 mediatek-drm mediatek-drm.14.auto: Adding component match for /soc/vpp-merge@1c110000 mediatek-drm mediatek-drm.14.auto: Adding component match for /soc/dp-intf@1c113000 mtk-msdc 11230000.mmc: Final PAD_DS_TUNE: 0x15011 mtk-power-controller 10006000.syscon:power-controller: /soc/syscon@10006000/power-controller/power-domain@15/power-domain@16/power-domain@18/power-domain@20: A default off power domain has been ON input: cros_ec as /devices/platform/soc/1100a000.spi/spi_master/spi0/spi0.0/1100a000.spi:ec@0:keyboard-controller/input/input0 mmc0: Host Software Queue enabled mmc0: new HS400 MMC card at address 0001 mmcblk0: mmc0:0001 DA4128 116 GiB mmcblk0: p1 p2 p3 mmcblk0boot0: mmc0:0001 DA4128 4.00 MiB mmcblk0boot1: mmc0:0001 DA4128 4.00 MiB mmcblk0rpmb: mmc0:0001 DA4128 16.0 MiB, chardev (249:0) input: cros_ec_buttons as /devices/platform/soc/1100a000.spi/spi_master/spi0/spi0.0/1100a000.spi:ec@0:keyboard-controller/input/input1 /soc/edp-tx@1c500000: Fixed dependency cycle(s) with /soc/edp-tx@1c500000/aux-bus/panel /soc/edp-tx@1c500000/aux-bus/panel: Fixed dependency cycle(s) with /soc/edp-tx@1c500000 cros-ec-spi spi0.0: Chrome EC device registered mtu3 11201000.usb: uwk - reg:0x400, version:103 mtu3 11201000.usb: dr_mode: 1, drd: auto mtu3 11201000.usb: u2p_dis_msk: 0, u3p_dis_msk: 0 mtu3 11201000.usb: usb3-drd: 1 xhci-mtk 11200000.usb: supply vusb33 not found, using dummy regulator xhci-mtk 11200000.usb: xHCI Host Controller xhci-mtk 11200000.usb: new USB bus registered, assigned bus number 1 xhci-mtk 11200000.usb: hcc params 0x01400f99 hci version 0x110 quirks 0x0000000000200010 xhci-mtk 11200000.usb: irq 287, io mem 0x11200000 xhci-mtk 11200000.usb: xHCI Host Controller xhci-mtk 11200000.usb: new USB bus registered, assigned bus number 2 xhci-mtk 11200000.usb: Host supports USB 3.2 Enhanced SuperSpeed usb usb1: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 6.16 usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1 usb usb1: Product: xHCI Host Controller usb usb1: Manufacturer: Linux 6.16.4 xhci-hcd usb usb1: SerialNumber: 11200000.usb hub 1-0:1.0: USB hub found hub 1-0:1.0: 1 port detected usb usb2: We don't know the algorithms for LPM for this host, disabling LPM. usb usb2: New USB device found, idVendor=1d6b, idProduct=0003, bcdDevice= 6.16 usb usb2: New USB device strings: Mfr=3, Product=2, SerialNumber=1 usb usb2: Product: xHCI Host Controller usb usb2: Manufacturer: Linux 6.16.4 xhci-hcd usb usb2: SerialNumber: 11200000.usb hub 2-0:1.0: USB hub found hub 2-0:1.0: 1 port detected mtu3 11201000.usb: xHCI platform device register success... mtu3 112a1000.usb: uwk - reg:0x400, version:105 mtu3 112a1000.usb: dr_mode: 1, drd: auto mtu3 112a1000.usb: u2p_dis_msk: 0, u3p_dis_msk: 0 mtu3 112a1000.usb: usb3-drd: 0 xhci-mtk 112a0000.usb: supply vusb33 not found, using dummy regulator xhci-mtk 112a0000.usb: xHCI Host Controller xhci-mtk 112a0000.usb: new USB bus registered, assigned bus number 3 xhci-mtk 112a0000.usb: USB3 root hub has no ports xhci-mtk 112a0000.usb: hcc params 0x01400f99 hci version 0x110 quirks 0x0000000000200010 xhci-mtk 112a0000.usb: irq 288, io mem 0x112a0000 usb usb3: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 6.16 usb usb3: New USB device strings: Mfr=3, Product=2, SerialNumber=1 usb usb3: Product: xHCI Host Controller usb usb3: Manufacturer: Linux 6.16.4 xhci-hcd usb usb3: SerialNumber: 112a0000.usb hub 3-0:1.0: USB hub found hub 3-0:1.0: 1 port detected mtu3 112a1000.usb: xHCI platform device register success... mtu3 112b1000.usb: uwk - reg:0x400, version:106 mtu3 112b1000.usb: dr_mode: 1, drd: auto mtu3 112b1000.usb: u2p_dis_msk: 0, u3p_dis_msk: 0 mtu3 112b1000.usb: usb3-drd: 0 xhci-mtk 112b0000.usb: supply vusb33 not found, using dummy regulator xhci-mtk 112b0000.usb: xHCI Host Controller xhci-mtk 112b0000.usb: new USB bus registered, assigned bus number 4 xhci-mtk 112b0000.usb: USB3 root hub has no ports xhci-mtk 112b0000.usb: hcc params 0x01400f99 hci version 0x110 quirks 0x0000000020200010 xhci-mtk 112b0000.usb: irq 289, io mem 0x112b0000 usb usb4: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 6.16 usb usb4: New USB device strings: Mfr=3, Product=2, SerialNumber=1 usb usb4: Product: xHCI Host Controller usb usb4: Manufacturer: Linux 6.16.4 xhci-hcd usb usb4: SerialNumber: 112b0000.usb hub 4-0:1.0: USB hub found hub 4-0:1.0: 1 port detected mtu3 112b1000.usb: xHCI platform device register success... thermal thermal_zone17: power_allocator: sustainable_power will be estimated thermal thermal_zone18: power_allocator: sustainable_power will be estimated mtk-msdc 11240000.mmc: Got CD GPIO usb 1-1: new high-speed USB device number 2 using xhci-mtk usb 3-1: new high-speed USB device number 2 using xhci-mtk usb 1-1: New USB device found, idVendor=05e3, idProduct=0610, bcdDevice=65.02 usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=0 usb 1-1: Product: USB2.1 Hub usb 1-1: Manufacturer: GenesysLogic hub 1-1:1.0: USB hub found hub 1-1:1.0: 3 ports detected usb 4-1: new high-speed USB device number 2 using xhci-mtk usb 2-1: new SuperSpeed USB device number 2 using xhci-mtk usb 2-1: New USB device found, idVendor=05e3, idProduct=0620, bcdDevice=65.02 usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=0 usb 2-1: Product: USB3.2 Hub usb 2-1: Manufacturer: GenesysLogic hub 2-1:1.0: USB hub found hub 2-1:1.0: 3 ports detected usb 3-1: New USB device found, idVendor=0408, idProduct=4034, bcdDevice= 0.02 usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 usb 3-1: Product: ACER HD User Facing usb 3-1: Manufacturer: Quanta usb 3-1: SerialNumber: 01.00.00 usb 4-1: New USB device found, idVendor=04ca, idProduct=3802, bcdDevice= 1.00 usb 4-1: New USB device strings: Mfr=5, Product=6, SerialNumber=7 usb 4-1: Product: Wireless_Device usb 4-1: Manufacturer: MediaTek Inc. usb 4-1: SerialNumber: 000000000 panel-simple-dp-aux aux-1c500000.edp-tx: Detected BOE NE135FBM-N41 v8.1 (0x095f) xhci-mtk 11290000.usb: uwk - reg:0x400, version:104 xhci-mtk 11290000.usb: xHCI Host Controller xhci-mtk 11290000.usb: new USB bus registered, assigned bus number 5 xhci-mtk 11290000.usb: hcc params 0x01400f99 hci version 0x110 quirks 0x0000000000200010 xhci-mtk 11290000.usb: irq 291, io mem 0x11290000 xhci-mtk 11290000.usb: xHCI Host Controller xhci-mtk 11290000.usb: new USB bus registered, assigned bus number 6 xhci-mtk 11290000.usb: Host supports USB 3.2 Enhanced SuperSpeed usb usb5: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 6.16 usb usb5: New USB device strings: Mfr=3, Product=2, SerialNumber=1 usb usb5: Product: xHCI Host Controller usb usb5: Manufacturer: Linux 6.16.4 xhci-hcd usb usb5: SerialNumber: 11290000.usb hub 5-0:1.0: USB hub found hub 5-0:1.0: 1 port detected usb usb6: We don't know the algorithms for LPM for this host, disabling LPM. usb usb6: New USB device found, idVendor=1d6b, idProduct=0003, bcdDevice= 6.16 usb usb6: New USB device strings: Mfr=3, Product=2, SerialNumber=1 usb usb6: Product: xHCI Host Controller usb usb6: Manufacturer: Linux 6.16.4 xhci-hcd usb usb6: SerialNumber: 11290000.usb hub 6-0:1.0: USB hub found hub 6-0:1.0: 1 port detected i2c_hid_of 4-0010: supply vddl not found, using dummy regulator platform 14001000.dma-controller: Adding to iommu group 0 platform 14009000.display: Adding to iommu group 0 platform 1400c000.dma-controller: Adding to iommu group 0 platform 14f0a000.dma-controller: Adding to iommu group 0 platform 14f25000.dma-controller: Adding to iommu group 0 platform soc:jpgenc-master: Adding to iommu group 1 i2c_hid_of 4-0010: i2c_hid_get_input: IRQ triggered but there's no data platform 1c105000.dma-controller: Adding to iommu group 2 input: hid-over-i2c 04F3:4040 Touchscreen as /devices/platform/soc/11e04000.i2c/i2c-4/4-0010/0018:04F3:4040.0001/input/input2 platform 1c107000.dma-controller: Adding to iommu group 2 input: hid-over-i2c 04F3:4040 as /devices/platform/soc/11e04000.i2c/i2c-4/4-0010/0018:04F3:4040.0001/input/input3 platform 1c109000.dma-controller: Adding to iommu group 2 input: hid-over-i2c 04F3:4040 as /devices/platform/soc/11e04000.i2c/i2c-4/4-0010/0018:04F3:4040.0001/input/input4 platform 1c10b000.dma-controller: Adding to iommu group 2 input: hid-over-i2c 04F3:4040 Stylus as /devices/platform/soc/11e04000.i2c/i2c-4/4-0010/0018:04F3:4040.0001/input/input5 platform 1c114000.hdr-engine: Adding to iommu group 2 hid-generic 0018:04F3:4040.0001: input,hidraw0: I2C HID v1.00 Device [hid-over-i2c 04F3:4040] on 4-0010 mtk-iommu 14018000.iommu: bound 1c019000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 1c103000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 14013000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 14f03000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 14e05000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 15340000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 16002000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 16012000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 17201000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 1b010000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 1803e000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 1800e000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 16142000.larb (ops 0xffff800080611fb8) mtk-iommu 14018000.iommu: bound 16014000.larb (ops 0xffff800080611fb8) platform 14f08000.dma-controller: Adding to iommu group 0 platform 14f09000.dma-controller: Adding to iommu group 0 platform 14f1f000.display: Adding to iommu group 0 platform 14f23000.dma-controller: Adding to iommu group 0 platform 14f24000.dma-controller: Adding to iommu group 0 platform 18000000.video-codec: Adding to iommu group 1 platform 1a020000.video-codec: Adding to iommu group 1 platform soc:jpgdec-master: Adding to iommu group 1 platform 1c000000.ovl: Adding to iommu group 2 platform 1c002000.rdma: Adding to iommu group 2 platform 1c104000.dma-controller: Adding to iommu group 2 platform 1c106000.dma-controller: Adding to iommu group 2 platform 1c108000.dma-controller: Adding to iommu group 2 platform 1c10a000.dma-controller: Adding to iommu group 2 mtk-iommu 1c01f000.iommu: bound 1c018000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 1c102000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 14f02000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 14e04000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 15001000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 15120000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 15230000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 16001000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 16013000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 1a010000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 1802e000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 1800d000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 16141000.larb (ops 0xffff800080611fb8) mtk-iommu 1c01f000.iommu: bound 16015000.larb (ops 0xffff800080611fb8) rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=1751 rcu: (detected by 0, t=5252 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=6170 rcu: (detected by 0, t=21007 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=10589 rcu: (detected by 0, t=36762 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=15008 rcu: (detected by 0, t=52517 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=19427 rcu: (detected by 0, t=68272 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=23846 rcu: (detected by 0, t=84027 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=28265 rcu: (detected by 0, t=99782 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=32684 rcu: (detected by 0, t=115537 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=37103 rcu: (detected by 0, t=131292 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=41522 rcu: (detected by 0, t=147047 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=45941 rcu: (detected by 0, t=162802 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=50360 rcu: (detected by 0, t=178557 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=54779 rcu: (detected by 0, t=194312 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: random: crng init done rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=59198 rcu: (detected by 0, t=210067 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=63617 rcu: (detected by 0, t=225822 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=68036 rcu: (detected by 0, t=241577 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=72455 rcu: (detected by 0, t=257332 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=76874 rcu: (detected by 0, t=273087 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=81293 rcu: (detected by 0, t=288842 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=85712 rcu: (detected by 0, t=304597 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=90131 rcu: (detected by 0, t=320352 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=94550 rcu: (detected by 0, t=336107 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=98969 rcu: (detected by 0, t=351862 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=103388 rcu: (detected by 0, t=367617 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=107807 rcu: (detected by 0, t=383372 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=112226 rcu: (detected by 0, t=399127 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=116645 rcu: (detected by 0, t=414882 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=121064 rcu: (detected by 0, t=430637 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=125483 rcu: (detected by 0, t=446392 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=129902 rcu: (detected by 0, t=462147 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=134321 rcu: (detected by 0, t=477902 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=138740 rcu: (detected by 0, t=493657 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: rcu: 5-...0: (37 ticks this GP) idle=39b4/1/0x4000000000000000 softirq=263/265 fqs=143159 rcu: (detected by 0, t=509412 jiffies, g=-919, q=73 ncpus=8) Sending NMI from CPU 0 to CPUs 5:

2 weeks, 3 days

3
2
0 0

[PATCH] powerpc/powermac: Fix reference count leak in i2c probe functions

by Miaoqian Lin

The of_find_node_by_name() function returns a device tree node with its reference count incremented. The caller is responsible for calling of_node_put() to release this reference when done. Fixes: 730745a5c450 ("[PATCH] 1/5 powerpc: Rework PowerMac i2c part 1") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- arch/powerpc/platforms/powermac/low_i2c.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/arch/powerpc/platforms/powermac/low_i2c.c b/arch/powerpc/platforms/powermac/low_i2c.c index 02474e27df9b..f04dbb93bbfa 100644 --- a/arch/powerpc/platforms/powermac/low_i2c.c +++ b/arch/powerpc/platforms/powermac/low_i2c.c @@ -802,8 +802,10 @@ static void __init pmu_i2c_probe(void) for (channel = 1; channel <= 2; channel++) { sz = sizeof(struct pmac_i2c_bus) + sizeof(struct adb_request); bus = kzalloc(sz, GFP_KERNEL); - if (bus == NULL) + if (bus == NULL) { + of_node_put(busnode); return; + } bus->controller = busnode; bus->busnode = busnode; @@ -928,6 +930,7 @@ static void __init smu_i2c_probe(void) bus = kzalloc(sz, GFP_KERNEL); if (bus == NULL) { of_node_put(busnode); + of_node_put(controller); return; } -- 2.39.5 (Apple Git-154)

2 weeks, 3 days

1
0
0 0

[PATCH] drm/tegra: Fix reference count leak in tegra_dc_couple

by Miaoqian Lin

The driver_find_device() function returns a device with its reference count incremented. The caller is responsible for calling put_device() to release this reference when done. Fix this leak by adding the missing put_device() call. Found via static analysis. Fixes: f68ba6912bd2 ("drm/tegra: dc: Link DC1 to DC0 on Tegra20") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> --- drivers/gpu/drm/tegra/dc.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/gpu/drm/tegra/dc.c b/drivers/gpu/drm/tegra/dc.c index 59d5c1ba145a..6c84bd69b11f 100644 --- a/drivers/gpu/drm/tegra/dc.c +++ b/drivers/gpu/drm/tegra/dc.c @@ -3148,6 +3148,7 @@ static int tegra_dc_couple(struct tegra_dc *dc) dc->client.parent = &parent->client; dev_dbg(dc->dev, "coupled to %s\n", dev_name(companion)); + put_device(companion); } return 0; -- 2.39.5 (Apple Git-154)

2 weeks, 3 days

1
0
0 0

[PATCH 5.10] scsi: target: target_core_configfs: Add length check to avoid buffer overflow

by Andrey Troshin

From: Wang Haoran <haoranwangsec(a)gmail.com> commit 27e06650a5eafe832a90fd2604f0c5e920857fae upstream. A buffer overflow arises from the usage of snprintf to write into the buffer "buf" in target_lu_gp_members_show function located in /drivers/target/target_core_configfs.c. This buffer is allocated with size LU_GROUP_NAME_BUF (256 bytes). snprintf(...) formats multiple strings into buf with the HBA name (hba->hba_group.cg_item), a slash character, a devicename (dev-> dev_group.cg_item) and a newline character, the total formatted string length may exceed the buffer size of 256 bytes. Since snprintf() returns the total number of bytes that would have been written (the length of %s/%sn ), this value may exceed the buffer length (256 bytes) passed to memcpy(), this will ultimately cause function memcpy reporting a buffer overflow error. An additional check of the return value of snprintf() can avoid this buffer overflow. Reported-by: Wang Haoran <haoranwangsec(a)gmail.com> Reported-by: ziiiro <yuanmingbuaa(a)gmail.com> Signed-off-by: Wang Haoran <haoranwangsec(a)gmail.com> Signed-off-by: Martin K. Petersen <martin.petersen(a)oracle.com> [Andrey Troshin: patch adaptation for linux-5.10] Signed-off-by: Andrey Troshin <drtrosh(a)yandex-team.ru> --- Backport fix for CVE-2025-39998 Link: https://nvd.nist.gov/vuln/detail/CVE-2025-39998 --- drivers/target/target_core_configfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/target/target_core_configfs.c b/drivers/target/target_core_configfs.c index 4d2fbe1429b6..e6996428c07d 100644 --- a/drivers/target/target_core_configfs.c +++ b/drivers/target/target_core_configfs.c @@ -2637,7 +2637,7 @@ static ssize_t target_lu_gp_members_show(struct config_item *item, char *page) config_item_name(&dev->dev_group.cg_item)); cur_len++; /* Extra byte for NULL terminator */ - if ((cur_len + len) > PAGE_SIZE) { + if ((cur_len + len) > PAGE_SIZE || cur_len > LU_GROUP_NAME_BUF) { pr_warn("Ran out of lu_gp_show_attr" "_members buffer\n"); break; -- 2.34.1

2 weeks, 3 days

1
0
0 0

Fixing Mistakes: How to Change Your Name on a Play Airlines Reservation

by 8j42c2cspn＠mrotzis.com

📞 For the fastest help, call Play Airlines customer support at 1-866-284-3022. Their agents are trained to assist with name corrections. ✍️ Did you book a flight with Play Airlines and realize your name is misspelled or needs updating? Whether it is a minor typo or a legal name change, it is essential to correct your flight details before travel to avoid problems at check-in. Fortunately, Play Airlines offers options for name changes or corrections — and we are here to guide you through the process, step by step. 📌 Why Name Corrections Matter Airlines require that the name on your ticket exactly matches the name on your government-issued ID or passport. Even a small typo can result in: ❌ Denied boarding ❌ TSA security issues ❌ Non-refundable tickets going to waste That is why it is important to act quickly if you notice an error. 👉 Pro Tip: As soon as you spot an issue with your name, call 1-866-284-3022 to fix it directly with Play Airlines. 📋 Play Airlines Name Correction Policy: The Basics Play Airlines does allow name corrections and changes, but there are specific rules based on the type and extent of the correction. ✏️ Minor Name Corrections If your correction is minor (e.g., spelling mistake, missing middle name, or nickname to legal name), it is usually easy to fix. Examples: • “Jonh” to “John” • “Liz” to “Elizabeth” • Missing middle name or incorrect initials 🟢 These are typically allowed once per passenger. Call 📞 1-866-284-3022 to request a minor correction. You may need to provide identification or legal documentation. 🔄 Major Name Changes For legal name changes due to: • Marriage 👰 • Divorce 💔 • Legal court order 📄 You will likely be required to submit legal documents (e.g., marriage certificate, divorce decree, or court papers). Important: Name changes are different from transferring your ticket to someone else — Sun Country does not allow name transfers. The passenger must remain the same person. 📞 For clarity and assistance, it is best to speak to a representative at 1-866-284-3022. 💰 Are There Any Fees for Name Changes? Yes, in most cases, Sun Country charges a name change or correction fee, which may vary depending on: • The type of fare you purchased • How close it is to your departure date • Whether the change is made online or via customer service Fees can range from $75 to $150, though minor corrections may be less, especially if made within 24 hours of booking. 🎯 To get an accurate quote and understand your options, call 1-866-284-3022 and speak with a Sun Country agent. 🌐 How to Request a Name Correction There are two main ways to request a name correction on your Play Airlines ticket: ✅ 1. Call Customer Support (Recommended) 📞 Dial 1-866-284-3022 📄 Provide your confirmation number, full incorrect name, and the correct name 🧾 Have a valid ID or legal document ready, if needed 🎟️ The agent will process the change and send you an updated itinerary Calling ensures faster processing and personalized help. 💻 2. Manage Booking Online While not all name changes can be made online, you can attempt to: 1. Visit official Sun Country website 2. Click on "My Trips" 3. Enter your last name and confirmation code 4. Look for an option to edit passenger details 📌 If you cannot make changes online, revert to calling 📞 1-866-284-3022. ⏱️ Time-Sensitive Corrections: Act Fast! If your flight is within 24 to 48 hours, do not delay. Last-minute changes can be harder to process and may result in additional fees or denied boarding. 🚨 Urgent situations? Call 📞 1-866-284-3022 immediately. Sun Country's support team can walk you through your options quickly. ✍️ Final Checklist Before You Travel ✅ Name on your ticket matches your ID ✅ You've received an updated confirmation email ✅ You've saved all receipts and documents related to the name correction ✅ You have confirmed there are no other errors in your booking (dates, destinations, etc.) 📞 Need Help? Call Play Airlines Anytime Whether you are unsure if your change qualifies or you just want confirmation, don’t hesitate to call Play Airlines at 1-866-284-3022. Their support agents are available to: • Handle name corrections • Answer policy questions • Assist with legal document submissions • Avoid unnecessary delays or cancellations 🧳 In Summary Mistakes happen — but with Play Airlines, correcting a name on your flight reservation does not have to be stressful. The key is to act fast, follow the policy, and use the right contact channels. 🛑 Do NOT ignore a misspelled name 📞 ALWAYS call 1-866-284-3022 for support 📧 Double-check your confirmation email 📅 Fix issues well before your travel date Safe travels — and smooth corrections!

2 weeks, 3 days

1
0
0 0

How to Make a Name Change on Aer Lingus: A Quick and Easy Guide

by 8j42c2cspn＠mrotzis.com

📞 For the fastest help, call Aer Lingus customer support at 1-866-284-3022. Their agents are trained to assist with name corrections. ✍️ Did you book a flight with Aer Lingus and realize your name is misspelled or needs updating? Whether it is a minor typo or a legal name change, it is essential to correct your flight details before travel to avoid problems at check-in. Fortunately, Aer Lingus offers options for name changes or corrections — and we are here to guide you through the process, step by step. 📌 Why Name Corrections Matter Airlines require that the name on your ticket exactly matches the name on your government-issued ID or passport. Even a small typo can result in: ❌ Denied boarding ❌ TSA security issues ❌ Non-refundable tickets going to waste That is why it is important to act quickly if you notice an error. 👉 Pro Tip: As soon as you spot an issue with your name, call 1-866-284-3022 to fix it directly with Aer Lingus. 📋 Aer Lingus Name Correction Policy: The Basics Aer Lingus does allow name corrections and changes, but there are specific rules based on the type and extent of the correction. ✏️ Minor Name Corrections If your correction is minor (e.g., spelling mistake, missing middle name, or nickname to legal name), it is usually easy to fix. Examples: • “Jonh” to “John” • “Liz” to “Elizabeth” • Missing middle name or incorrect initials 🟢 These are typically allowed once per passenger. Call 📞 1-866-284-3022 to request a minor correction. You may need to provide identification or legal documentation. 🔄 Major Name Changes For legal name changes due to: • Marriage 👰 • Divorce 💔 • Legal court order 📄 You will likely be required to submit legal documents (e.g., marriage certificate, divorce decree, or court papers). Important: Name changes are different from transferring your ticket to someone else — Sun Country does not allow name transfers. The passenger must remain the same person. 📞 For clarity and assistance, it is best to speak to a representative at 1-866-284-3022. 💰 Are There Any Fees for Name Changes? Yes, in most cases, Sun Country charges a name change or correction fee, which may vary depending on: • The type of fare you purchased • How close it is to your departure date • Whether the change is made online or via customer service Fees can range from $75 to $150, though minor corrections may be less, especially if made within 24 hours of booking. 🎯 To get an accurate quote and understand your options, call 1-866-284-3022 and speak with a Sun Country agent. 🌐 How to Request a Name Correction There are two main ways to request a name correction on your Aer Lingus ticket: ✅ 1. Call Customer Support (Recommended) 📞 Dial 1-866-284-3022 📄 Provide your confirmation number, full incorrect name, and the correct name 🧾 Have a valid ID or legal document ready, if needed 🎟️ The agent will process the change and send you an updated itinerary Calling ensures faster processing and personalized help. 💻 2. Manage Booking Online While not all name changes can be made online, you can attempt to: 1. Visit official Sun Country website 2. Click on "My Trips" 3. Enter your last name and confirmation code 4. Look for an option to edit passenger details 📌 If you cannot make changes online, revert to calling 📞 1-866-284-3022. ⏱️ Time-Sensitive Corrections: Act Fast! If your flight is within 24 to 48 hours, do not delay. Last-minute changes can be harder to process and may result in additional fees or denied boarding. 🚨 Urgent situations? Call 📞 1-866-284-3022 immediately. Sun Country's support team can walk you through your options quickly. ✍️ Final Checklist Before You Travel ✅ Name on your ticket matches your ID ✅ You've received an updated confirmation email ✅ You've saved all receipts and documents related to the name correction ✅ You have confirmed there are no other errors in your booking (dates, destinations, etc.) 📞 Need Help? Call Aer Lingus Anytime Whether you are unsure if your change qualifies or you just want confirmation, don’t hesitate to call Aer Lingus at 1-866-284-3022. Their support agents are available to: • Handle name corrections • Answer policy questions • Assist with legal document submissions • Avoid unnecessary delays or cancellations 🧳 In Summary Mistakes happen — but with Aer Lingus, correcting a name on your flight reservation does not have to be stressful. The key is to act fast, follow the policy, and use the right contact channels. 🛑 Do NOT ignore a misspelled name 📞 ALWAYS call 1-866-284-3022 for support 📧 Double-check your confirmation email 📅 Fix issues well before your travel date Safe travels — and smooth corrections!

2 weeks, 3 days

1
0
0 0

FAILED: patch "[PATCH] serial: sc16is7xx: remove useless enable of enhanced features" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 1c05bf6c0262f946571a37678250193e46b1ff0f # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102740-stiffly-recolor-e335@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 1c05bf6c0262f946571a37678250193e46b1ff0f Mon Sep 17 00:00:00 2001 From: Hugo Villeneuve <hvilleneuve(a)dimonoff.com> Date: Mon, 6 Oct 2025 10:20:02 -0400 Subject: [PATCH] serial: sc16is7xx: remove useless enable of enhanced features Commit 43c51bb573aa ("sc16is7xx: make sure device is in suspend once probed") permanently enabled access to the enhanced features in sc16is7xx_probe(), and it is never disabled after that. Therefore, remove re-enable of enhanced features in sc16is7xx_set_baud(). This eliminates a potential useless read + write cycle each time the baud rate is reconfigured. Fixes: 43c51bb573aa ("sc16is7xx: make sure device is in suspend once probed") Cc: stable <stable(a)kernel.org> Signed-off-by: Hugo Villeneuve <hvilleneuve(a)dimonoff.com> Link: https://patch.msgid.link/20251006142002.177475-1-hugo@hugovil.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/tty/serial/sc16is7xx.c b/drivers/tty/serial/sc16is7xx.c index 1a2c4c14f6aa..c7435595dce1 100644 --- a/drivers/tty/serial/sc16is7xx.c +++ b/drivers/tty/serial/sc16is7xx.c @@ -588,13 +588,6 @@ static int sc16is7xx_set_baud(struct uart_port *port, int baud) div /= prescaler; } - /* Enable enhanced features */ - sc16is7xx_efr_lock(port); - sc16is7xx_port_update(port, SC16IS7XX_EFR_REG, - SC16IS7XX_EFR_ENABLE_BIT, - SC16IS7XX_EFR_ENABLE_BIT); - sc16is7xx_efr_unlock(port); - /* If bit MCR_CLKSEL is set, the divide by 4 prescaler is activated. */ sc16is7xx_port_update(port, SC16IS7XX_MCR_REG, SC16IS7XX_MCR_CLKSEL_BIT,

2 weeks, 3 days

1
0
0 0

FAILED: patch "[PATCH] serial: sc16is7xx: remove useless enable of enhanced features" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 1c05bf6c0262f946571a37678250193e46b1ff0f # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102740-umpire-tactile-9042@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 1c05bf6c0262f946571a37678250193e46b1ff0f Mon Sep 17 00:00:00 2001 From: Hugo Villeneuve <hvilleneuve(a)dimonoff.com> Date: Mon, 6 Oct 2025 10:20:02 -0400 Subject: [PATCH] serial: sc16is7xx: remove useless enable of enhanced features Commit 43c51bb573aa ("sc16is7xx: make sure device is in suspend once probed") permanently enabled access to the enhanced features in sc16is7xx_probe(), and it is never disabled after that. Therefore, remove re-enable of enhanced features in sc16is7xx_set_baud(). This eliminates a potential useless read + write cycle each time the baud rate is reconfigured. Fixes: 43c51bb573aa ("sc16is7xx: make sure device is in suspend once probed") Cc: stable <stable(a)kernel.org> Signed-off-by: Hugo Villeneuve <hvilleneuve(a)dimonoff.com> Link: https://patch.msgid.link/20251006142002.177475-1-hugo@hugovil.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/tty/serial/sc16is7xx.c b/drivers/tty/serial/sc16is7xx.c index 1a2c4c14f6aa..c7435595dce1 100644 --- a/drivers/tty/serial/sc16is7xx.c +++ b/drivers/tty/serial/sc16is7xx.c @@ -588,13 +588,6 @@ static int sc16is7xx_set_baud(struct uart_port *port, int baud) div /= prescaler; } - /* Enable enhanced features */ - sc16is7xx_efr_lock(port); - sc16is7xx_port_update(port, SC16IS7XX_EFR_REG, - SC16IS7XX_EFR_ENABLE_BIT, - SC16IS7XX_EFR_ENABLE_BIT); - sc16is7xx_efr_unlock(port); - /* If bit MCR_CLKSEL is set, the divide by 4 prescaler is activated. */ sc16is7xx_port_update(port, SC16IS7XX_MCR_REG, SC16IS7XX_MCR_CLKSEL_BIT,

2 weeks, 3 days

1
0
0 0

FAILED: patch "[PATCH] serial: sc16is7xx: remove useless enable of enhanced features" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 1c05bf6c0262f946571a37678250193e46b1ff0f # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102740-dumpster-clapper-519c@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 1c05bf6c0262f946571a37678250193e46b1ff0f Mon Sep 17 00:00:00 2001 From: Hugo Villeneuve <hvilleneuve(a)dimonoff.com> Date: Mon, 6 Oct 2025 10:20:02 -0400 Subject: [PATCH] serial: sc16is7xx: remove useless enable of enhanced features Commit 43c51bb573aa ("sc16is7xx: make sure device is in suspend once probed") permanently enabled access to the enhanced features in sc16is7xx_probe(), and it is never disabled after that. Therefore, remove re-enable of enhanced features in sc16is7xx_set_baud(). This eliminates a potential useless read + write cycle each time the baud rate is reconfigured. Fixes: 43c51bb573aa ("sc16is7xx: make sure device is in suspend once probed") Cc: stable <stable(a)kernel.org> Signed-off-by: Hugo Villeneuve <hvilleneuve(a)dimonoff.com> Link: https://patch.msgid.link/20251006142002.177475-1-hugo@hugovil.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/tty/serial/sc16is7xx.c b/drivers/tty/serial/sc16is7xx.c index 1a2c4c14f6aa..c7435595dce1 100644 --- a/drivers/tty/serial/sc16is7xx.c +++ b/drivers/tty/serial/sc16is7xx.c @@ -588,13 +588,6 @@ static int sc16is7xx_set_baud(struct uart_port *port, int baud) div /= prescaler; } - /* Enable enhanced features */ - sc16is7xx_efr_lock(port); - sc16is7xx_port_update(port, SC16IS7XX_EFR_REG, - SC16IS7XX_EFR_ENABLE_BIT, - SC16IS7XX_EFR_ENABLE_BIT); - sc16is7xx_efr_unlock(port); - /* If bit MCR_CLKSEL is set, the divide by 4 prescaler is activated. */ sc16is7xx_port_update(port, SC16IS7XX_MCR_REG, SC16IS7XX_MCR_CLKSEL_BIT,

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person Malaysia Airlines: Tips and Tricks

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person Malaysia Airlines? Calling Malaysia Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Malaysia Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Malaysia Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Malaysia Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Malaysia Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Malaysia Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Vietnam Airlines Name Change: How to Update Your Flight Details with Ease

by 8j42c2cspn＠mrotzis.com

📞 For the fastest help, call Vietnam Airlines customer support at 1-866-284-3022. Their agents are trained to assist with name corrections. ✍️ Did you book a flight with Vietnam Airlines and realize your name is misspelled or needs updating? Whether it is a minor typo or a legal name change, it is essential to correct your flight details before travel to avoid problems at check-in. Fortunately, Vietnam Airlines offers options for name changes or corrections — and we are here to guide you through the process, step by step. 📌 Why Name Corrections Matter Airlines require that the name on your ticket exactly matches the name on your government-issued ID or passport. Even a small typo can result in: ❌ Denied boarding ❌ TSA security issues ❌ Non-refundable tickets going to waste That is why it is important to act quickly if you notice an error. 👉 Pro Tip: As soon as you spot an issue with your name, call 1-866-284-3022 to fix it directly with Vietnam Airlines. 📋 Vietnam Airlines Name Correction Policy: The Basics Vietnam Airlines does allow name corrections and changes, but there are specific rules based on the type and extent of the correction. ✏️ Minor Name Corrections If your correction is minor (e.g., spelling mistake, missing middle name, or nickname to legal name), it is usually easy to fix. Examples: • “Jonh” to “John” • “Liz” to “Elizabeth” • Missing middle name or incorrect initials 🟢 These are typically allowed once per passenger. Call 📞 1-866-284-3022 to request a minor correction. You may need to provide identification or legal documentation. 🔄 Major Name Changes For legal name changes due to: • Marriage 👰 • Divorce 💔 • Legal court order 📄 You will likely be required to submit legal documents (e.g., marriage certificate, divorce decree, or court papers). Important: Name changes are different from transferring your ticket to someone else — Sun Country does not allow name transfers. The passenger must remain the same person. 📞 For clarity and assistance, it is best to speak to a representative at 1-866-284-3022. 💰 Are There Any Fees for Name Changes? Yes, in most cases, Sun Country charges a name change or correction fee, which may vary depending on: • The type of fare you purchased • How close it is to your departure date • Whether the change is made online or via customer service Fees can range from $75 to $150, though minor corrections may be less, especially if made within 24 hours of booking. 🎯 To get an accurate quote and understand your options, call 1-866-284-3022 and speak with a Sun Country agent. 🌐 How to Request a Name Correction There are two main ways to request a name correction on your Vietnam Airlines ticket: ✅ 1. Call Customer Support (Recommended) 📞 Dial 1-866-284-3022 📄 Provide your confirmation number, full incorrect name, and the correct name 🧾 Have a valid ID or legal document ready, if needed 🎟️ The agent will process the change and send you an updated itinerary Calling ensures faster processing and personalized help. 💻 2. Manage Booking Online While not all name changes can be made online, you can attempt to: 1. Visit official Sun Country website 2. Click on "My Trips" 3. Enter your last name and confirmation code 4. Look for an option to edit passenger details 📌 If you cannot make changes online, revert to calling 📞 1-866-284-3022. ⏱️ Time-Sensitive Corrections: Act Fast! If your flight is within 24 to 48 hours, do not delay. Last-minute changes can be harder to process and may result in additional fees or denied boarding. 🚨 Urgent situations? Call 📞 1-866-284-3022 immediately. Sun Country's support team can walk you through your options quickly. ✍️ Final Checklist Before You Travel ✅ Name on your ticket matches your ID ✅ You've received an updated confirmation email ✅ You've saved all receipts and documents related to the name correction ✅ You have confirmed there are no other errors in your booking (dates, destinations, etc.) 📞 Need Help? Call Vietnam Airlines Anytime Whether you are unsure if your change qualifies or you just want confirmation, don’t hesitate to call Vietnam Airlines at 1-866-284-3022. Their support agents are available to: • Handle name corrections • Answer policy questions • Assist with legal document submissions • Avoid unnecessary delays or cancellations 🧳 In Summary Mistakes happen — but with Vietnam Airlines, correcting a name on your flight reservation does not have to be stressful. The key is to act fast, follow the policy, and use the right contact channels. 🛑 Do NOT ignore a misspelled name 📞 ALWAYS call 1-866-284-3022 for support 📧 Double-check your confirmation email 📅 Fix issues well before your travel date Safe travels — and smooth corrections!

2 weeks, 3 days

1
0
0 0

Updating Your Flight Details with Etihad Airways: A Simple Name Change Guide

by 8j42c2cspn＠mrotzis.com

📞 For the fastest help, call Etihad Airways customer support at 1-866-284-3022. Their agents are trained to assist with name corrections. ✍️ Did you book a flight with Etihad Airways and realize your name is misspelled or needs updating? Whether it is a minor typo or a legal name change, it is essential to correct your flight details before travel to avoid problems at check-in. Fortunately, Etihad Airways offers options for name changes or corrections — and we are here to guide you through the process, step by step. 📌 Why Name Corrections Matter Airlines require that the name on your ticket exactly matches the name on your government-issued ID or passport. Even a small typo can result in: ❌ Denied boarding ❌ TSA security issues ❌ Non-refundable tickets going to waste That is why it is important to act quickly if you notice an error. 👉 Pro Tip: As soon as you spot an issue with your name, call 1-866-284-3022 to fix it directly with Etihad Airways. 📋 Etihad Airways Name Correction Policy: The Basics Etihad Airways does allow name corrections and changes, but there are specific rules based on the type and extent of the correction. ✏️ Minor Name Corrections If your correction is minor (e.g., spelling mistake, missing middle name, or nickname to legal name), it is usually easy to fix. Examples: • “Jonh” to “John” • “Liz” to “Elizabeth” • Missing middle name or incorrect initials 🟢 These are typically allowed once per passenger. Call 📞 1-866-284-3022 to request a minor correction. You may need to provide identification or legal documentation. 🔄 Major Name Changes For legal name changes due to: • Marriage 👰 • Divorce 💔 • Legal court order 📄 You will likely be required to submit legal documents (e.g., marriage certificate, divorce decree, or court papers). Important: Name changes are different from transferring your ticket to someone else — Sun Country does not allow name transfers. The passenger must remain the same person. 📞 For clarity and assistance, it is best to speak to a representative at 1-866-284-3022. 💰 Are There Any Fees for Name Changes? Yes, in most cases, Sun Country charges a name change or correction fee, which may vary depending on: • The type of fare you purchased • How close it is to your departure date • Whether the change is made online or via customer service Fees can range from $75 to $150, though minor corrections may be less, especially if made within 24 hours of booking. 🎯 To get an accurate quote and understand your options, call 1-866-284-3022 and speak with a Sun Country agent. 🌐 How to Request a Name Correction There are two main ways to request a name correction on your Etihad Airways ticket: ✅ 1. Call Customer Support (Recommended) 📞 Dial 1-866-284-3022 📄 Provide your confirmation number, full incorrect name, and the correct name 🧾 Have a valid ID or legal document ready, if needed 🎟️ The agent will process the change and send you an updated itinerary Calling ensures faster processing and personalized help. 💻 2. Manage Booking Online While not all name changes can be made online, you can attempt to: 1. Visit official Sun Country website 2. Click on "My Trips" 3. Enter your last name and confirmation code 4. Look for an option to edit passenger details 📌 If you cannot make changes online, revert to calling 📞 1-866-284-3022. ⏱️ Time-Sensitive Corrections: Act Fast! If your flight is within 24 to 48 hours, do not delay. Last-minute changes can be harder to process and may result in additional fees or denied boarding. 🚨 Urgent situations? Call 📞 1-866-284-3022 immediately. Sun Country's support team can walk you through your options quickly. ✍️ Final Checklist Before You Travel ✅ Name on your ticket matches your ID ✅ You've received an updated confirmation email ✅ You've saved all receipts and documents related to the name correction ✅ You have confirmed there are no other errors in your booking (dates, destinations, etc.) 📞 Need Help? Call Etihad Airways Anytime Whether you are unsure if your change qualifies or you just want confirmation, don’t hesitate to call Etihad Airways at 1-866-284-3022. Their support agents are available to: • Handle name corrections • Answer policy questions • Assist with legal document submissions • Avoid unnecessary delays or cancellations 🧳 In Summary Mistakes happen — but with Etihad Airways, correcting a name on your flight reservation does not have to be stressful. The key is to act fast, follow the policy, and use the right contact channels. 🛑 Do NOT ignore a misspelled name 📞 ALWAYS call 1-866-284-3022 for support 📧 Double-check your confirmation email 📅 Fix issues well before your travel date Safe travels — and smooth corrections!

2 weeks, 3 days

1
0
0 0

Need Customer Service? Here’s How to Talk to a Live Agent LATAM Airlines

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person LATAM Airlines? Calling LATAM Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real LATAM Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach LATAM Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM LATAM Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the LATAM Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to LATAM Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person Frontier Airlines: Tips and Tricks

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person Frontier Airlines? Calling Frontier Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Frontier Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Frontier Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Frontier Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Frontier Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Frontier Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Get in Touch with a Live Representative ExpressJet Airlines

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person ExpressJet Airlines? Calling ExpressJet Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real ExpressJet Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach ExpressJet Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM ExpressJet Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the ExpressJet Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to ExpressJet Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Easily Contact a Live Agent Copa Airlines for Help

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person Copa Airlines? Calling Copa Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Copa Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Copa Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Copa Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Copa Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Copa Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Quickly Reach a Live Agent for Assistance Contour Airlines

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person Contour Airlines? Calling Contour Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Contour Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Contour Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Contour Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Contour Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Contour Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Step-by-Step Guide: How to Speak with a Live Agent Condor Airlines

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person Condor Airlines? Calling Condor Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Condor Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Condor Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Condor Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Condor Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Condor Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

FAILED: patch "[PATCH] xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x f3d12ec847b945d5d65846c85f062d07d5e73164 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102716-flop-splendor-1e95@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f3d12ec847b945d5d65846c85f062d07d5e73164 Mon Sep 17 00:00:00 2001 From: Mathias Nyman <mathias.nyman(a)linux.intel.com> Date: Tue, 14 Oct 2025 01:55:41 +0300 Subject: [PATCH] xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit DbC may add 1024 bogus bytes to the beginneing of the receiving endpoint if DbC hw triggers a STALL event before any Transfer Blocks (TRBs) for incoming data are queued, but driver handles the event after it queued the TRBs. This is possible as xHCI DbC hardware may trigger spurious STALL transfer events even if endpoint is empty. The STALL event contains a pointer to the stalled TRB, and "remaining" untransferred data length. As there are no TRBs queued yet the STALL event will just point to first TRB position of the empty ring, with '0' bytes remaining untransferred. DbC driver is polling for events, and may not handle the STALL event before /dev/ttyDBC0 is opened and incoming data TRBs are queued. The DbC event handler will now assume the first queued TRB (length 1024) has stalled with '0' bytes remaining untransferred, and copies the data This race situation can be practically mitigated by making sure the event handler handles all pending transfer events when DbC reaches configured state, and only then create dev/ttyDbC0, and start queueing transfers. The event handler can this way detect the STALL events on empty rings and discard them before any transfers are queued. This does in practice solve the issue, but still leaves a small possible gap for the race to trigger. We still need a way to distinguish spurious STALLs on empty rings with '0' bytes remaing, from actual STALL events with all bytes transmitted. Cc: stable <stable(a)kernel.org> Fixes: dfba2174dc42 ("usb: xhci: Add DbC support in xHCI driver") Tested-by: Łukasz Bartosik <ukaszb(a)chromium.org> Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/usb/host/xhci-dbgcap.c b/drivers/usb/host/xhci-dbgcap.c index 63edf2d8f245..023a8ec6f305 100644 --- a/drivers/usb/host/xhci-dbgcap.c +++ b/drivers/usb/host/xhci-dbgcap.c @@ -892,7 +892,8 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) dev_info(dbc->dev, "DbC configured\n"); portsc = readl(&dbc->regs->portsc); writel(portsc, &dbc->regs->portsc); - return EVT_GSER; + ret = EVT_GSER; + break; } return EVT_DONE; @@ -954,7 +955,8 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) break; case TRB_TYPE(TRB_TRANSFER): dbc_handle_xfer_event(dbc, evt); - ret = EVT_XFER_DONE; + if (ret != EVT_GSER) + ret = EVT_XFER_DONE; break; default: break;

2 weeks, 3 days

1
0
0 0

FAILED: patch "[PATCH] xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x f3d12ec847b945d5d65846c85f062d07d5e73164 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102715-bagginess-civic-022b@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f3d12ec847b945d5d65846c85f062d07d5e73164 Mon Sep 17 00:00:00 2001 From: Mathias Nyman <mathias.nyman(a)linux.intel.com> Date: Tue, 14 Oct 2025 01:55:41 +0300 Subject: [PATCH] xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit DbC may add 1024 bogus bytes to the beginneing of the receiving endpoint if DbC hw triggers a STALL event before any Transfer Blocks (TRBs) for incoming data are queued, but driver handles the event after it queued the TRBs. This is possible as xHCI DbC hardware may trigger spurious STALL transfer events even if endpoint is empty. The STALL event contains a pointer to the stalled TRB, and "remaining" untransferred data length. As there are no TRBs queued yet the STALL event will just point to first TRB position of the empty ring, with '0' bytes remaining untransferred. DbC driver is polling for events, and may not handle the STALL event before /dev/ttyDBC0 is opened and incoming data TRBs are queued. The DbC event handler will now assume the first queued TRB (length 1024) has stalled with '0' bytes remaining untransferred, and copies the data This race situation can be practically mitigated by making sure the event handler handles all pending transfer events when DbC reaches configured state, and only then create dev/ttyDbC0, and start queueing transfers. The event handler can this way detect the STALL events on empty rings and discard them before any transfers are queued. This does in practice solve the issue, but still leaves a small possible gap for the race to trigger. We still need a way to distinguish spurious STALLs on empty rings with '0' bytes remaing, from actual STALL events with all bytes transmitted. Cc: stable <stable(a)kernel.org> Fixes: dfba2174dc42 ("usb: xhci: Add DbC support in xHCI driver") Tested-by: Łukasz Bartosik <ukaszb(a)chromium.org> Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/usb/host/xhci-dbgcap.c b/drivers/usb/host/xhci-dbgcap.c index 63edf2d8f245..023a8ec6f305 100644 --- a/drivers/usb/host/xhci-dbgcap.c +++ b/drivers/usb/host/xhci-dbgcap.c @@ -892,7 +892,8 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) dev_info(dbc->dev, "DbC configured\n"); portsc = readl(&dbc->regs->portsc); writel(portsc, &dbc->regs->portsc); - return EVT_GSER; + ret = EVT_GSER; + break; } return EVT_DONE; @@ -954,7 +955,8 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) break; case TRB_TYPE(TRB_TRANSFER): dbc_handle_xfer_event(dbc, evt); - ret = EVT_XFER_DONE; + if (ret != EVT_GSER) + ret = EVT_XFER_DONE; break; default: break;

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person China Eastern Airlines: Tips and Tricks

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person China Eastern Airlines? Calling China Eastern Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real China Eastern Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach China Eastern Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM China Eastern Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the China Eastern Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to China Eastern Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Get in Touch with a Live Representative Caribbean Airlines

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person Caribbean Airlines? Calling Caribbean Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Caribbean Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Caribbean Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Caribbean Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Caribbean Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Caribbean Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person Avelo Airlines: Tips and Tricks

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person Avelo Airlines? Calling Avelo Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Avelo Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Avelo Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Avelo Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Avelo Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Avelo Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Connect with a Live Customer Service Agent Alaska Airlines

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person Alaska Airlines? Calling Alaska Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Alaska Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Alaska Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Alaska Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Alaska Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Alaska Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Need Customer Service? Here’s How to Talk to a Live Agent Aeroméxico Airlines

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person Aeroméxico Airlines? Calling Aeroméxico Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Aeroméxico Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Aeroméxico Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Aeroméxico Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Aeroméxico Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Aeroméxico Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Easily Contact a Live Agent Air Transat for Help

by scottgar.cia.727.69＠gmail.com

Need to talk to a real person Air Transat? Calling Air Transat directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Air Transat representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Air Transat (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Air Transat on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Air Transat App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Air Transat, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Scandinavian Airlines Name Change: A Simple Guide to Correcting Your Flight Details

by 8j42c2cspn＠mrotzis.com

📞 For the fastest help, call Scandinavian Airlines customer support at 1-866-284-3022. Their agents are trained to assist with name corrections. ✍️ Did you book a flight with Scandinavian Airlines and realize your name is misspelled or needs updating? Whether it is a minor typo or a legal name change, it is essential to correct your flight details before travel to avoid problems at check-in. Fortunately, Scandinavian Airlines offers options for name changes or corrections — and we are here to guide you through the process, step by step. 📌 Why Name Corrections Matter Airlines require that the name on your ticket exactly matches the name on your government-issued ID or passport. Even a small typo can result in: ❌ Denied boarding ❌ TSA security issues ❌ Non-refundable tickets going to waste That is why it is important to act quickly if you notice an error. 👉 Pro Tip: As soon as you spot an issue with your name, call 1-866-284-3022 to fix it directly with Scandinavian Airlines. 📋 Scandinavian Airlines Name Correction Policy: The Basics Scandinavian Airlines does allow name corrections and changes, but there are specific rules based on the type and extent of the correction. ✏️ Minor Name Corrections If your correction is minor (e.g., spelling mistake, missing middle name, or nickname to legal name), it is usually easy to fix. Examples: • “Jonh” to “John” • “Liz” to “Elizabeth” • Missing middle name or incorrect initials 🟢 These are typically allowed once per passenger. Call 📞 1-866-284-3022 to request a minor correction. You may need to provide identification or legal documentation. 🔄 Major Name Changes For legal name changes due to: • Marriage 👰 • Divorce 💔 • Legal court order 📄 You will likely be required to submit legal documents (e.g., marriage certificate, divorce decree, or court papers). Important: Name changes are different from transferring your ticket to someone else — Sun Country does not allow name transfers. The passenger must remain the same person. 📞 For clarity and assistance, it is best to speak to a representative at 1-866-284-3022. 💰 Are There Any Fees for Name Changes? Yes, in most cases, Sun Country charges a name change or correction fee, which may vary depending on: • The type of fare you purchased • How close it is to your departure date • Whether the change is made online or via customer service Fees can range from $75 to $150, though minor corrections may be less, especially if made within 24 hours of booking. 🎯 To get an accurate quote and understand your options, call 1-866-284-3022 and speak with a Sun Country agent. 🌐 How to Request a Name Correction There are two main ways to request a name correction on your Scandinavian Airlines ticket: ✅ 1. Call Customer Support (Recommended) 📞 Dial 1-866-284-3022 📄 Provide your confirmation number, full incorrect name, and the correct name 🧾 Have a valid ID or legal document ready, if needed 🎟️ The agent will process the change and send you an updated itinerary Calling ensures faster processing and personalized help. 💻 2. Manage Booking Online While not all name changes can be made online, you can attempt to: 1. Visit official Sun Country website 2. Click on "My Trips" 3. Enter your last name and confirmation code 4. Look for an option to edit passenger details 📌 If you cannot make changes online, revert to calling 📞 1-866-284-3022. ⏱️ Time-Sensitive Corrections: Act Fast! If your flight is within 24 to 48 hours, do not delay. Last-minute changes can be harder to process and may result in additional fees or denied boarding. 🚨 Urgent situations? Call 📞 1-866-284-3022 immediately. Sun Country's support team can walk you through your options quickly. ✍️ Final Checklist Before You Travel ✅ Name on your ticket matches your ID ✅ You've received an updated confirmation email ✅ You've saved all receipts and documents related to the name correction ✅ You have confirmed there are no other errors in your booking (dates, destinations, etc.) 📞 Need Help? Call Scandinavian Airlines Anytime Whether you are unsure if your change qualifies or you just want confirmation, don’t hesitate to call Scandinavian Airlines at 1-866-284-3022. Their support agents are available to: • Handle name corrections • Answer policy questions • Assist with legal document submissions • Avoid unnecessary delays or cancellations 🧳 In Summary Mistakes happen — but with Scandinavian Airlines, correcting a name on your flight reservation does not have to be stressful. The key is to act fast, follow the policy, and use the right contact channels. 🛑 Do NOT ignore a misspelled name 📞 ALWAYS call 1-866-284-3022 for support 📧 Double-check your confirmation email 📅 Fix issues well before your travel date Safe travels — and smooth corrections!

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person Air Canada: Tips and Tricks

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person Air Canada? Calling Air Canada directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Air Canada representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Air Canada (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Air Canada on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Air Canada App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Air Canada, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Get Customer Support from a Live Agent Air Algérie

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person Air Algérie? Calling Air Algérie directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Air Algérie representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Air Algérie (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Air Algérie on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Air Algérie App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Air Algérie, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person Finnair: Tips and Tricks

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person Finnair? Calling Finnair directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Finnair representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Finnair (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Finnair on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Finnair App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Finnair, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Mistaken Name on Your Cape Air Ticket? Here’s How to Fix It

by 8j42c2cspn＠mrotzis.com

📞 For the fastest help, call Cape Air customer support at 1-866-284-3022. Their agents are trained to assist with name corrections. ✍️ Did you book a flight with Cape Air and realize your name is misspelled or needs updating? Whether it is a minor typo or a legal name change, it is essential to correct your flight details before travel to avoid problems at check-in. Fortunately, Cape Air offers options for name changes or corrections — and we are here to guide you through the process, step by step. 📌 Why Name Corrections Matter Airlines require that the name on your ticket exactly matches the name on your government-issued ID or passport. Even a small typo can result in: ❌ Denied boarding ❌ TSA security issues ❌ Non-refundable tickets going to waste That is why it is important to act quickly if you notice an error. 👉 Pro Tip: As soon as you spot an issue with your name, call 1-866-284-3022 to fix it directly with Cape Air. 📋 Cape Air Name Correction Policy: The Basics Cape Air does allow name corrections and changes, but there are specific rules based on the type and extent of the correction. ✏️ Minor Name Corrections If your correction is minor (e.g., spelling mistake, missing middle name, or nickname to legal name), it is usually easy to fix. Examples: • “Jonh” to “John” • “Liz” to “Elizabeth” • Missing middle name or incorrect initials 🟢 These are typically allowed once per passenger. Call 📞 1-866-284-3022 to request a minor correction. You may need to provide identification or legal documentation. 🔄 Major Name Changes For legal name changes due to: • Marriage 👰 • Divorce 💔 • Legal court order 📄 You will likely be required to submit legal documents (e.g., marriage certificate, divorce decree, or court papers). Important: Name changes are different from transferring your ticket to someone else — Sun Country does not allow name transfers. The passenger must remain the same person. 📞 For clarity and assistance, it is best to speak to a representative at 1-866-284-3022. 💰 Are There Any Fees for Name Changes? Yes, in most cases, Sun Country charges a name change or correction fee, which may vary depending on: • The type of fare you purchased • How close it is to your departure date • Whether the change is made online or via customer service Fees can range from $75 to $150, though minor corrections may be less, especially if made within 24 hours of booking. 🎯 To get an accurate quote and understand your options, call 1-866-284-3022 and speak with a Sun Country agent. 🌐 How to Request a Name Correction There are two main ways to request a name correction on your Cape Air ticket: ✅ 1. Call Customer Support (Recommended) 📞 Dial 1-866-284-3022 📄 Provide your confirmation number, full incorrect name, and the correct name 🧾 Have a valid ID or legal document ready, if needed 🎟️ The agent will process the change and send you an updated itinerary Calling ensures faster processing and personalized help. 💻 2. Manage Booking Online While not all name changes can be made online, you can attempt to: 1. Visit official Sun Country website 2. Click on "My Trips" 3. Enter your last name and confirmation code 4. Look for an option to edit passenger details 📌 If you cannot make changes online, revert to calling 📞 1-866-284-3022. ⏱️ Time-Sensitive Corrections: Act Fast! If your flight is within 24 to 48 hours, do not delay. Last-minute changes can be harder to process and may result in additional fees or denied boarding. 🚨 Urgent situations? Call 📞 1-866-284-3022 immediately. Sun Country's support team can walk you through your options quickly. ✍️ Final Checklist Before You Travel ✅ Name on your ticket matches your ID ✅ You've received an updated confirmation email ✅ You've saved all receipts and documents related to the name correction ✅ You have confirmed there are no other errors in your booking (dates, destinations, etc.) 📞 Need Help? Call Cape Air Anytime Whether you are unsure if your change qualifies or you just want confirmation, don’t hesitate to call Cape Air at 1-866-284-3022. Their support agents are available to: • Handle name corrections • Answer policy questions • Assist with legal document submissions • Avoid unnecessary delays or cancellations 🧳 In Summary Mistakes happen — but with Cape Air, correcting a name on your flight reservation does not have to be stressful. The key is to act fast, follow the policy, and use the right contact channels. 🛑 Do NOT ignore a misspelled name 📞 ALWAYS call 1-866-284-3022 for support 📧 Double-check your confirmation email 📅 Fix issues well before your travel date Safe travels — and smooth corrections!

2 weeks, 3 days

1
0
0 0

How to Easily Contact a Live Agent Scoot for Help

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person Scoot? Calling Scoot directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Scoot representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Scoot (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Scoot on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Scoot App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Scoot, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Easily Contact a Live Agent Horizon Air for Help

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person Horizon Air? Calling Horizon Air directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Horizon Air representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Horizon Air (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Horizon Air on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Horizon Air App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Horizon Air, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

The Easiest Way to Talk to a Live Agent Flydubai

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person Flydubai? Calling Flydubai directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Flydubai representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Flydubai (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Flydubai on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Flydubai App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Flydubai, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Need Customer Service? Here’s How to Talk to a Live Agent Envoy Air

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person Envoy Air? Calling Envoy Air directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Envoy Air representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Envoy Air (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Envoy Air on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Envoy Air App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Envoy Air, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Easily Contact a Live Agent Envoy Air for Help

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person Envoy Air? Calling Envoy Air directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Envoy Air representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Envoy Air (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Envoy Air on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Envoy Air App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Envoy Air, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person Endeavor Air: Tips and Tricks

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person Endeavor Air? Calling Endeavor Air directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Endeavor Air representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Endeavor Air (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Endeavor Air on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Endeavor Air App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Endeavor Air, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Get Customer Support from a Live Agent CommuteAir

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person CommuteAir? Calling CommuteAir directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real CommuteAir representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach CommuteAir (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM CommuteAir on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the CommuteAir App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to CommuteAir, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person Batik Air: Tips and Tricks

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person Batik Air? Calling Batik Air directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Batik Air representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Batik Air (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Batik Air on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Batik Air App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Batik Air, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person Breeze Airways: Tips and Tricks

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person Breeze Airways? Calling Breeze Airways directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Breeze Airways representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Breeze Airways (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Breeze Airways on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Breeze Airways App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Breeze Airways, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Your Inbox linux-stable-mirror@lists.linaro.org have 27 pending messages

by lists.linaro.org Server Administrator

2 weeks, 3 days

1
0
0 0

How to Get Customer Support from a Live Agent Flair Airlines

by laurasan.ms.311.9.8.9＠gmail.com

Need to talk to a real person Flair Airlines? Calling Flair Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Flair Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Flair Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Flair Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Flair Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Flair Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Mistaken Name on Your Cape Air Ticket? Here’s How to Fix It

by 8j42c2cspn＠mrotzis.com

📞 For the fastest help, call Cape Air customer support at 1-866-284-3022. Their agents are trained to assist with name corrections. ✍️ Did you book a flight with Cape Air and realize your name is misspelled or needs updating? Whether it is a minor typo or a legal name change, it is essential to correct your flight details before travel to avoid problems at check-in. Fortunately, Cape Air offers options for name changes or corrections — and we are here to guide you through the process, step by step. 📌 Why Name Corrections Matter Airlines require that the name on your ticket exactly matches the name on your government-issued ID or passport. Even a small typo can result in: ❌ Denied boarding ❌ TSA security issues ❌ Non-refundable tickets going to waste That is why it is important to act quickly if you notice an error. 👉 Pro Tip: As soon as you spot an issue with your name, call 1-866-284-3022 to fix it directly with Cape Air. 📋 Cape Air Name Correction Policy: The Basics Cape Air does allow name corrections and changes, but there are specific rules based on the type and extent of the correction. ✏️ Minor Name Corrections If your correction is minor (e.g., spelling mistake, missing middle name, or nickname to legal name), it is usually easy to fix. Examples: • “Jonh” to “John” • “Liz” to “Elizabeth” • Missing middle name or incorrect initials 🟢 These are typically allowed once per passenger. Call 📞 1-866-284-3022 to request a minor correction. You may need to provide identification or legal documentation. 🔄 Major Name Changes For legal name changes due to: • Marriage 👰 • Divorce 💔 • Legal court order 📄 You will likely be required to submit legal documents (e.g., marriage certificate, divorce decree, or court papers). Important: Name changes are different from transferring your ticket to someone else — Sun Country does not allow name transfers. The passenger must remain the same person. 📞 For clarity and assistance, it is best to speak to a representative at 1-866-284-3022. 💰 Are There Any Fees for Name Changes? Yes, in most cases, Sun Country charges a name change or correction fee, which may vary depending on: • The type of fare you purchased • How close it is to your departure date • Whether the change is made online or via customer service Fees can range from $75 to $150, though minor corrections may be less, especially if made within 24 hours of booking. 🎯 To get an accurate quote and understand your options, call 1-866-284-3022 and speak with a Sun Country agent. 🌐 How to Request a Name Correction There are two main ways to request a name correction on your Cape Air ticket: ✅ 1. Call Customer Support (Recommended) 📞 Dial 1-866-284-3022 📄 Provide your confirmation number, full incorrect name, and the correct name 🧾 Have a valid ID or legal document ready, if needed 🎟️ The agent will process the change and send you an updated itinerary Calling ensures faster processing and personalized help. 💻 2. Manage Booking Online While not all name changes can be made online, you can attempt to: 1. Visit official Sun Country website 2. Click on "My Trips" 3. Enter your last name and confirmation code 4. Look for an option to edit passenger details 📌 If you cannot make changes online, revert to calling 📞 1-866-284-3022. ⏱️ Time-Sensitive Corrections: Act Fast! If your flight is within 24 to 48 hours, do not delay. Last-minute changes can be harder to process and may result in additional fees or denied boarding. 🚨 Urgent situations? Call 📞 1-866-284-3022 immediately. Sun Country's support team can walk you through your options quickly. ✍️ Final Checklist Before You Travel ✅ Name on your ticket matches your ID ✅ You've received an updated confirmation email ✅ You've saved all receipts and documents related to the name correction ✅ You have confirmed there are no other errors in your booking (dates, destinations, etc.) 📞 Need Help? Call Cape Air Anytime Whether you are unsure if your change qualifies or you just want confirmation, don’t hesitate to call Cape Air at 1-866-284-3022. Their support agents are available to: • Handle name corrections • Answer policy questions • Assist with legal document submissions • Avoid unnecessary delays or cancellations 🧳 In Summary Mistakes happen — but with Cape Air, correcting a name on your flight reservation does not have to be stressful. The key is to act fast, follow the policy, and use the right contact channels. 🛑 Do NOT ignore a misspelled name 📞 ALWAYS call 1-866-284-3022 for support 📧 Double-check your confirmation email 📅 Fix issues well before your travel date Safe travels — and smooth corrections!

2 weeks, 3 days

1
0
0 0

+ headers-add-check-for-c-standard-version.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: headers: add check for C standard version has been added to the -mm mm-hotfixes-unstable branch. Its filename is headers-add-check-for-c-standard-version.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Hanne-Lotta M��enp�� <hannelotta(a)gmail.com> Subject: headers: add check for C standard version Date: Sun, 26 Oct 2025 21:58:46 +0200 Compiling the kernel with GCC 15 results in errors, as with GCC 15 the default language version for C compilation has been changed from -std=gnu17 to -std=gnu23 - unless the language version has been changed using KBUILD_CFLAGS += -std=gnu17 or earlier. C23 includes new keywords 'bool', 'true' and 'false', which cause compilation errors in Linux headers: ./include/linux/types.h:30:33: error: `bool' cannot be defined via `typedef' ./include/linux/stddef.h:11:9: error: cannot use keyword `false' as enumeration constant Add check for C Standard's version in the header files to be able to compile the kernel with C23. Link: https://lkml.kernel.org/r/20251026195846.69740-1-hannelotta@gmail.com Signed-off-by: Hanne-Lotta M��enp�� <hannelotta(a)gmail.com> Cc: David Hunter <david.hunter.linux(a)gmail.com> Cc: "Gustavo A. R. Silva" <gustavoars(a)kernel.org> Cc: Kees Cook <kees(a)kernel.org> Cc: Arnd Bergmann <arnd(a)arndb.de> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/stddef.h | 2 ++ include/linux/types.h | 2 ++ 2 files changed, 4 insertions(+) --- a/include/linux/stddef.h~headers-add-check-for-c-standard-version +++ a/include/linux/stddef.h @@ -7,10 +7,12 @@ #undef NULL #define NULL ((void *)0) +#if !defined(__STDC_VERSION__) || __STDC_VERSION__ < 202311L enum { false = 0, true = 1 }; +#endif #undef offsetof #define offsetof(TYPE, MEMBER) __builtin_offsetof(TYPE, MEMBER) --- a/include/linux/types.h~headers-add-check-for-c-standard-version +++ a/include/linux/types.h @@ -32,7 +32,9 @@ typedef __kernel_timer_t timer_t; typedef __kernel_clockid_t clockid_t; typedef __kernel_mqd_t mqd_t; +#if !defined(__STDC_VERSION__) || __STDC_VERSION__ < 202311L typedef _Bool bool; +#endif typedef __kernel_uid32_t uid_t; typedef __kernel_gid32_t gid_t; _ Patches currently in -mm which might be from hannelotta(a)gmail.com are headers-add-check-for-c-standard-version.patch

2 weeks, 3 days

3
2
0 0

Need Customer Service? Here’s How to Talk to a Live Agent Eurowings

by phillipstep.hens.7.823＠gmail.com

Need to talk to a real person Eurowings? Calling Eurowings directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Eurowings representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Eurowings (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Eurowings on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Eurowings App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Eurowings, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Need Customer Service? Here’s How to Talk to a Live Agent XiamenAir

by phillipstep.hens.7.823＠gmail.com

Need to talk to a real person XiamenAir? Calling XiamenAir directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real XiamenAir representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach XiamenAir (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM XiamenAir on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the XiamenAir App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to XiamenAir, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Connecting with a Western Air Live Agent: A Step-by-Step Guide

by phillipstep.hens.7.823＠gmail.com

Need to talk to a real person Western Air? Calling Western Air directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Western Air representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Western Air (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Western Air on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Western Air App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Western Air, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Need Customer Service? Here’s How to Talk to a Live Agent Viva Aerobus

by phillipstep.hens.7.823＠gmail.com

Need to talk to a real person Viva Aerobus? Calling Viva Aerobus directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Viva Aerobus representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Viva Aerobus (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Viva Aerobus on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Viva Aerobus App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Viva Aerobus, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Step-by-Step Guide: How to Speak with a Live Agent VietJet Air

by phillipstep.hens.7.823＠gmail.com

Need to talk to a real person VietJet Air? Calling VietJet Air directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real VietJet Air representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach VietJet Air (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM VietJet Air on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the VietJet Air App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to VietJet Air, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Copa Airlines Name Change: How to Update Your Flight Details with Ease

by 8j42c2cspn＠mrotzis.com

📞 For the fastest help, call Copa Airlines customer support at 1-866-284-3022. Their agents are trained to assist with name corrections. ✍️ Did you book a flight with Copa Airlines and realize your name is misspelled or needs updating? Whether it is a minor typo or a legal name change, it is essential to correct your flight details before travel to avoid problems at check-in. Fortunately, Copa Airlines offers options for name changes or corrections — and we are here to guide you through the process, step by step. 📌 Why Name Corrections Matter Airlines require that the name on your ticket exactly matches the name on your government-issued ID or passport. Even a small typo can result in: ❌ Denied boarding ❌ TSA security issues ❌ Non-refundable tickets going to waste That is why it is important to act quickly if you notice an error. 👉 Pro Tip: As soon as you spot an issue with your name, call 1-866-284-3022 to fix it directly with Copa Airlines. 📋 Copa Airlines Name Correction Policy: The Basics Copa Airlines does allow name corrections and changes, but there are specific rules based on the type and extent of the correction. ✏️ Minor Name Corrections If your correction is minor (e.g., spelling mistake, missing middle name, or nickname to legal name), it is usually easy to fix. Examples: • “Jonh” to “John” • “Liz” to “Elizabeth” • Missing middle name or incorrect initials 🟢 These are typically allowed once per passenger. Call 📞 1-866-284-3022 to request a minor correction. You may need to provide identification or legal documentation. 🔄 Major Name Changes For legal name changes due to: • Marriage 👰 • Divorce 💔 • Legal court order 📄 You will likely be required to submit legal documents (e.g., marriage certificate, divorce decree, or court papers). Important: Name changes are different from transferring your ticket to someone else — Sun Country does not allow name transfers. The passenger must remain the same person. 📞 For clarity and assistance, it is best to speak to a representative at 1-866-284-3022. 💰 Are There Any Fees for Name Changes? Yes, in most cases, Sun Country charges a name change or correction fee, which may vary depending on: • The type of fare you purchased • How close it is to your departure date • Whether the change is made online or via customer service Fees can range from $75 to $150, though minor corrections may be less, especially if made within 24 hours of booking. 🎯 To get an accurate quote and understand your options, call 1-866-284-3022 and speak with a Sun Country agent. 🌐 How to Request a Name Correction There are two main ways to request a name correction on your Copa Airlines ticket: ✅ 1. Call Customer Support (Recommended) 📞 Dial 1-866-284-3022 📄 Provide your confirmation number, full incorrect name, and the correct name 🧾 Have a valid ID or legal document ready, if needed 🎟️ The agent will process the change and send you an updated itinerary Calling ensures faster processing and personalized help. 💻 2. Manage Booking Online While not all name changes can be made online, you can attempt to: 1. Visit official Sun Country website 2. Click on "My Trips" 3. Enter your last name and confirmation code 4. Look for an option to edit passenger details 📌 If you cannot make changes online, revert to calling 📞 1-866-284-3022. ⏱️ Time-Sensitive Corrections: Act Fast! If your flight is within 24 to 48 hours, do not delay. Last-minute changes can be harder to process and may result in additional fees or denied boarding. 🚨 Urgent situations? Call 📞 1-866-284-3022 immediately. Sun Country's support team can walk you through your options quickly. ✍️ Final Checklist Before You Travel ✅ Name on your ticket matches your ID ✅ You've received an updated confirmation email ✅ You've saved all receipts and documents related to the name correction ✅ You have confirmed there are no other errors in your booking (dates, destinations, etc.) 📞 Need Help? Call Copa Airlines Anytime Whether you are unsure if your change qualifies or you just want confirmation, don’t hesitate to call Copa Airlines at 1-866-284-3022. Their support agents are available to: • Handle name corrections • Answer policy questions • Assist with legal document submissions • Avoid unnecessary delays or cancellations 🧳 In Summary Mistakes happen — but with Copa Airlines, correcting a name on your flight reservation does not have to be stressful. The key is to act fast, follow the policy, and use the right contact channels. 🛑 Do NOT ignore a misspelled name 📞 ALWAYS call 1-866-284-3022 for support 📧 Double-check your confirmation email 📅 Fix issues well before your travel date Safe travels — and smooth corrections!

2 weeks, 3 days

1
0
0 0

How to Contact a Live Agent Korean Air for Assistance

by phillipstep.hens.7.823＠gmail.com

Need to talk to a real person Korean Air? Calling Korean Air directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Korean Air representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Korean Air (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Korean Air on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Korean Air App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Korean Air, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Get in Touch with a Live Representative Transavia France

by phillipstep.hens.7.823＠gmail.com

Need to talk to a real person Transavia France? Calling Transavia France directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Transavia France representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Transavia France (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Transavia France on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Transavia France App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Transavia France, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Tap Air Name Change Made Easy: A Quick Guide to Updating Your Booking

by 8j42c2cspn＠mrotzis.com

📞 For the fastest help, call Tap Air customer support at 1-866-284-3022. Their agents are trained to assist with name corrections. ✍️ Did you book a flight with Tap Air and realize your name is misspelled or needs updating? Whether it is a minor typo or a legal name change, it is essential to correct your flight details before travel to avoid problems at check-in. Fortunately, Tap Air offers options for name changes or corrections — and we are here to guide you through the process, step by step. 📌 Why Name Corrections Matter Airlines require that the name on your ticket exactly matches the name on your government-issued ID or passport. Even a small typo can result in: ❌ Denied boarding ❌ TSA security issues ❌ Non-refundable tickets going to waste That is why it is important to act quickly if you notice an error. 👉 Pro Tip: As soon as you spot an issue with your name, call 1-866-284-3022 to fix it directly with Tap Air. 📋 Tap Air Name Correction Policy: The Basics Tap Air does allow name corrections and changes, but there are specific rules based on the type and extent of the correction. ✏️ Minor Name Corrections If your correction is minor (e.g., spelling mistake, missing middle name, or nickname to legal name), it is usually easy to fix. Examples: • “Jonh” to “John” • “Liz” to “Elizabeth” • Missing middle name or incorrect initials 🟢 These are typically allowed once per passenger. Call 📞 1-866-284-3022 to request a minor correction. You may need to provide identification or legal documentation. 🔄 Major Name Changes For legal name changes due to: • Marriage 👰 • Divorce 💔 • Legal court order 📄 You will likely be required to submit legal documents (e.g., marriage certificate, divorce decree, or court papers). Important: Name changes are different from transferring your ticket to someone else — Sun Country does not allow name transfers. The passenger must remain the same person. 📞 For clarity and assistance, it is best to speak to a representative at 1-866-284-3022. 💰 Are There Any Fees for Name Changes? Yes, in most cases, Sun Country charges a name change or correction fee, which may vary depending on: • The type of fare you purchased • How close it is to your departure date • Whether the change is made online or via customer service Fees can range from $75 to $150, though minor corrections may be less, especially if made within 24 hours of booking. 🎯 To get an accurate quote and understand your options, call 1-866-284-3022 and speak with a Sun Country agent. 🌐 How to Request a Name Correction There are two main ways to request a name correction on your Tap Air ticket: ✅ 1. Call Customer Support (Recommended) 📞 Dial 1-866-284-3022 📄 Provide your confirmation number, full incorrect name, and the correct name 🧾 Have a valid ID or legal document ready, if needed 🎟️ The agent will process the change and send you an updated itinerary Calling ensures faster processing and personalized help. 💻 2. Manage Booking Online While not all name changes can be made online, you can attempt to: 1. Visit official Sun Country website 2. Click on "My Trips" 3. Enter your last name and confirmation code 4. Look for an option to edit passenger details 📌 If you cannot make changes online, revert to calling 📞 1-866-284-3022. ⏱️ Time-Sensitive Corrections: Act Fast! If your flight is within 24 to 48 hours, do not delay. Last-minute changes can be harder to process and may result in additional fees or denied boarding. 🚨 Urgent situations? Call 📞 1-866-284-3022 immediately. Sun Country's support team can walk you through your options quickly. ✍️ Final Checklist Before You Travel ✅ Name on your ticket matches your ID ✅ You've received an updated confirmation email ✅ You've saved all receipts and documents related to the name correction ✅ You have confirmed there are no other errors in your booking (dates, destinations, etc.) 📞 Need Help? Call Tap Air Anytime Whether you are unsure if your change qualifies or you just want confirmation, don’t hesitate to call Tap Air at 1-866-284-3022. Their support agents are available to: • Handle name corrections • Answer policy questions • Assist with legal document submissions • Avoid unnecessary delays or cancellations 🧳 In Summary Mistakes happen — but with Tap Air, correcting a name on your flight reservation does not have to be stressful. The key is to act fast, follow the policy, and use the right contact channels. 🛑 Do NOT ignore a misspelled name 📞 ALWAYS call 1-866-284-3022 for support 📧 Double-check your confirmation email 📅 Fix issues well before your travel date Safe travels — and smooth corrections!

2 weeks, 3 days

1
0
0 0

How to Easily Contact a Live Agent PSA Airlines for Help

by phillipstep.hens.7.823＠gmail.com

Need to talk to a real person PSA Airlines? Calling PSA Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real PSA Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach PSA Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM PSA Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the PSA Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to PSA Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Need Help with Piedmont Airlines? Here’s How to Speak to a Live Agent

by phillipstep.hens.7.823＠gmail.com

Need to talk to a real person Piedmont Airlines? Calling Piedmont Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Piedmont Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Piedmont Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Piedmont Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Piedmont Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Piedmont Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Contact a Live Agent Norse Atlantic Airways for Assistance

by phillipstep.hens.7.823＠gmail.com

Need to talk to a real person Norse Atlantic Airways? Calling Norse Atlantic Airways directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Norse Atlantic Airways representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Norse Atlantic Airways (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Norse Atlantic Airways on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Norse Atlantic Airways App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Norse Atlantic Airways, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person New Pacific Airlines: Tips and Tricks

by phillipstep.hens.7.823＠gmail.com

Need to talk to a real person New Pacific Airlines? Calling New Pacific Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real New Pacific Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach New Pacific Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM New Pacific Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the New Pacific Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to New Pacific Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Step-by-Step Guide: How to Speak with a Live Agent Kuwait Airways

by phillipstep.hens.7.823＠gmail.com

Need to talk to a real person Kuwait Airways? Calling Kuwait Airways directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Kuwait Airways representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Kuwait Airways (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Kuwait Airways on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Kuwait Airways App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Kuwait Airways, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Thai Airways Name Change: A Simple Guide to Correcting Your Flight Details

by 8j42c2cspn＠mrotzis.com

📞 For the fastest help, call Thai Airways customer support at 1-866-284-3022. Their agents are trained to assist with name corrections. ✍️ Did you book a flight with Thai Airways and realize your name is misspelled or needs updating? Whether it is a minor typo or a legal name change, it is essential to correct your flight details before travel to avoid problems at check-in. Fortunately, Thai Airways offers options for name changes or corrections — and we are here to guide you through the process, step by step. 📌 Why Name Corrections Matter Airlines require that the name on your ticket exactly matches the name on your government-issued ID or passport. Even a small typo can result in: ❌ Denied boarding ❌ TSA security issues ❌ Non-refundable tickets going to waste That is why it is important to act quickly if you notice an error. 👉 Pro Tip: As soon as you spot an issue with your name, call 1-866-284-3022 to fix it directly with Thai Airways. 📋 Thai Airways Name Correction Policy: The Basics Thai Airways does allow name corrections and changes, but there are specific rules based on the type and extent of the correction. ✏️ Minor Name Corrections If your correction is minor (e.g., spelling mistake, missing middle name, or nickname to legal name), it is usually easy to fix. Examples: • “Jonh” to “John” • “Liz” to “Elizabeth” • Missing middle name or incorrect initials 🟢 These are typically allowed once per passenger. Call 📞 1-866-284-3022 to request a minor correction. You may need to provide identification or legal documentation. 🔄 Major Name Changes For legal name changes due to: • Marriage 👰 • Divorce 💔 • Legal court order 📄 You will likely be required to submit legal documents (e.g., marriage certificate, divorce decree, or court papers). Important: Name changes are different from transferring your ticket to someone else — Sun Country does not allow name transfers. The passenger must remain the same person. 📞 For clarity and assistance, it is best to speak to a representative at 1-866-284-3022. 💰 Are There Any Fees for Name Changes? Yes, in most cases, Sun Country charges a name change or correction fee, which may vary depending on: • The type of fare you purchased • How close it is to your departure date • Whether the change is made online or via customer service Fees can range from $75 to $150, though minor corrections may be less, especially if made within 24 hours of booking. 🎯 To get an accurate quote and understand your options, call 1-866-284-3022 and speak with a Sun Country agent. 🌐 How to Request a Name Correction There are two main ways to request a name correction on your Thai Airways ticket: ✅ 1. Call Customer Support (Recommended) 📞 Dial 1-866-284-3022 📄 Provide your confirmation number, full incorrect name, and the correct name 🧾 Have a valid ID or legal document ready, if needed 🎟️ The agent will process the change and send you an updated itinerary Calling ensures faster processing and personalized help. 💻 2. Manage Booking Online While not all name changes can be made online, you can attempt to: 1. Visit official Sun Country website 2. Click on "My Trips" 3. Enter your last name and confirmation code 4. Look for an option to edit passenger details 📌 If you cannot make changes online, revert to calling 📞 1-866-284-3022. ⏱️ Time-Sensitive Corrections: Act Fast! If your flight is within 24 to 48 hours, do not delay. Last-minute changes can be harder to process and may result in additional fees or denied boarding. 🚨 Urgent situations? Call 📞 1-866-284-3022 immediately. Sun Country's support team can walk you through your options quickly. ✍️ Final Checklist Before You Travel ✅ Name on your ticket matches your ID ✅ You've received an updated confirmation email ✅ You've saved all receipts and documents related to the name correction ✅ You have confirmed there are no other errors in your booking (dates, destinations, etc.) 📞 Need Help? Call Thai Airways Anytime Whether you are unsure if your change qualifies or you just want confirmation, don’t hesitate to call Thai Airways at 1-866-284-3022. Their support agents are available to: • Handle name corrections • Answer policy questions • Assist with legal document submissions • Avoid unnecessary delays or cancellations 🧳 In Summary Mistakes happen — but with Thai Airways, correcting a name on your flight reservation does not have to be stressful. The key is to act fast, follow the policy, and use the right contact channels. 🛑 Do NOT ignore a misspelled name 📞 ALWAYS call 1-866-284-3022 for support 📧 Double-check your confirmation email 📅 Fix issues well before your travel date Safe travels — and smooth corrections!

2 weeks, 3 days

1
0
0 0

[PATCH 5.10] scsi: target: target_core_configfs: Add length check to avoid buffer overflow

by Andrey Troshin

scsi: target: target_core_configfs: Add length check to avoid buffer overflow A buffer overflow arises from the usage of snprintf to write into the buffer "buf" in target_lu_gp_members_show function located in /drivers/target/target_core_configfs.c. This buffer is allocated with size LU_GROUP_NAME_BUF (256 bytes). snprintf(...) formats multiple strings into buf with the HBA name (hba->hba_group.cg_item), a slash character, a devicename (dev-> dev_group.cg_item) and a newline character, the total formatted string length may exceed the buffer size of 256 bytes. Since snprintf() returns the total number of bytes that would have been written (the length of %s/%sn ), this value may exceed the buffer length (256 bytes) passed to memcpy(), this will ultimately cause function memcpy reporting a buffer overflow error. An additional check of the return value of snprintf() can avoid this buffer overflow. Reported-by: Wang Haoran <haoranwangsec(a)gmail.com> Reported-by: ziiiro <yuanmingbuaa(a)gmail.com> Signed-off-by: Wang Haoran <haoranwangsec(a)gmail.com> Signed-off-by: Martin K. Petersen <martin.petersen(a)oracle.com> [Andrey Troshin: patch adaptation for linux-5.10] Signed-off-by: Andrey Troshin <drtrosh(a)yandex-team.ru> --- Backport fix for CVE-2025-39998 Link: https://nvd.nist.gov/vuln/detail/CVE-2025-39998 --- drivers/target/target_core_configfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/target/target_core_configfs.c b/drivers/target/target_core_configfs.c index 4d2fbe1429b6..e6996428c07d 100644 --- a/drivers/target/target_core_configfs.c +++ b/drivers/target/target_core_configfs.c @@ -2637,7 +2637,7 @@ static ssize_t target_lu_gp_members_show(struct config_item *item, char *page) config_item_name(&dev->dev_group.cg_item)); cur_len++; /* Extra byte for NULL terminator */ - if ((cur_len + len) > PAGE_SIZE) { + if ((cur_len + len) > PAGE_SIZE || cur_len > LU_GROUP_NAME_BUF) { pr_warn("Ran out of lu_gp_show_attr" "_members buffer\n"); break; -- 2.34.1

2 weeks, 3 days

2
1
0 0

Vueling Airlines Name Change Made Easy: A Quick Guide to Updating Your Booking

by 8j42c2cspn＠mrotzis.com

📞 For the fastest help, call Vueling Airlines customer support at 1-866-284-3022. Their agents are trained to assist with name corrections. ✍️ Did you book a flight with Vueling Airlines and realize your name is misspelled or needs updating? Whether it is a minor typo or a legal name change, it is essential to correct your flight details before travel to avoid problems at check-in. Fortunately, Vueling Airlines offers options for name changes or corrections — and we are here to guide you through the process, step by step. 📌 Why Name Corrections Matter Airlines require that the name on your ticket exactly matches the name on your government-issued ID or passport. Even a small typo can result in: ❌ Denied boarding ❌ TSA security issues ❌ Non-refundable tickets going to waste That is why it is important to act quickly if you notice an error. 👉 Pro Tip: As soon as you spot an issue with your name, call 1-866-284-3022 to fix it directly with Vueling Airlines. 📋 Vueling Airlines Name Correction Policy: The Basics Vueling Airlines does allow name corrections and changes, but there are specific rules based on the type and extent of the correction. ✏️ Minor Name Corrections If your correction is minor (e.g., spelling mistake, missing middle name, or nickname to legal name), it is usually easy to fix. Examples: • “Jonh” to “John” • “Liz” to “Elizabeth” • Missing middle name or incorrect initials 🟢 These are typically allowed once per passenger. Call 📞 1-866-284-3022 to request a minor correction. You may need to provide identification or legal documentation. 🔄 Major Name Changes For legal name changes due to: • Marriage 👰 • Divorce 💔 • Legal court order 📄 You will likely be required to submit legal documents (e.g., marriage certificate, divorce decree, or court papers). Important: Name changes are different from transferring your ticket to someone else — Sun Country does not allow name transfers. The passenger must remain the same person. 📞 For clarity and assistance, it is best to speak to a representative at 1-866-284-3022. 💰 Are There Any Fees for Name Changes? Yes, in most cases, Sun Country charges a name change or correction fee, which may vary depending on: • The type of fare you purchased • How close it is to your departure date • Whether the change is made online or via customer service Fees can range from $75 to $150, though minor corrections may be less, especially if made within 24 hours of booking. 🎯 To get an accurate quote and understand your options, call 1-866-284-3022 and speak with a Sun Country agent. 🌐 How to Request a Name Correction There are two main ways to request a name correction on your Vueling Airlines ticket: ✅ 1. Call Customer Support (Recommended) 📞 Dial 1-866-284-3022 📄 Provide your confirmation number, full incorrect name, and the correct name 🧾 Have a valid ID or legal document ready, if needed 🎟️ The agent will process the change and send you an updated itinerary Calling ensures faster processing and personalized help. 💻 2. Manage Booking Online While not all name changes can be made online, you can attempt to: 1. Visit official Sun Country website 2. Click on "My Trips" 3. Enter your last name and confirmation code 4. Look for an option to edit passenger details 📌 If you cannot make changes online, revert to calling 📞 1-866-284-3022. ⏱️ Time-Sensitive Corrections: Act Fast! If your flight is within 24 to 48 hours, do not delay. Last-minute changes can be harder to process and may result in additional fees or denied boarding. 🚨 Urgent situations? Call 📞 1-866-284-3022 immediately. Sun Country's support team can walk you through your options quickly. ✍️ Final Checklist Before You Travel ✅ Name on your ticket matches your ID ✅ You've received an updated confirmation email ✅ You've saved all receipts and documents related to the name correction ✅ You have confirmed there are no other errors in your booking (dates, destinations, etc.) 📞 Need Help? Call Vueling Airlines Anytime Whether you are unsure if your change qualifies or you just want confirmation, don’t hesitate to call Vueling Airlines at 1-866-284-3022. Their support agents are available to: • Handle name corrections • Answer policy questions • Assist with legal document submissions • Avoid unnecessary delays or cancellations 🧳 In Summary Mistakes happen — but with Vueling Airlines, correcting a name on your flight reservation does not have to be stressful. The key is to act fast, follow the policy, and use the right contact channels. 🛑 Do NOT ignore a misspelled name 📞 ALWAYS call 1-866-284-3022 for support 📧 Double-check your confirmation email 📅 Fix issues well before your travel date Safe travels — and smooth corrections!

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person Jazz Aviation: Tips and Tricks

by jacquelinegonza.lez3316.1＠gmail.com

Need to talk to a real person Jazz Aviation? Calling Jazz Aviation directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Jazz Aviation representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Jazz Aviation (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Jazz Aviation on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Jazz Aviation App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Jazz Aviation, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person ITA Airways: Tips and Tricks

by jacquelinegonza.lez3316.1＠gmail.com

Need to talk to a real person ITA Airways? Calling ITA Airways directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real ITA Airways representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach ITA Airways (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM ITA Airways on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the ITA Airways App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to ITA Airways, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Connect with a Live Customer Service Agent Hainan Airlines

by jacquelinegonza.lez3316.1＠gmail.com

Need to talk to a real person Hainan Airlines? Calling Hainan Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Hainan Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Hainan Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Hainan Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Hainan Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Hainan Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person GoJet Airlines: Tips and Tricks

by jacquelinegonza.lez3316.1＠gmail.com

Need to talk to a real person GoJet Airlines? Calling GoJet Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real GoJet Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach GoJet Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM GoJet Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the GoJet Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to GoJet Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Get Customer Support from a Live Agent EL AL Israel Airlines

by jacquelinegonza.lez3316.1＠gmail.com

Need to talk to a real person EL AL Israel Airlines? Calling EL AL Israel Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real EL AL Israel Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach EL AL Israel Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM EL AL Israel Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the EL AL Israel Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to EL AL Israel Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person Cayman Airways: Tips and Tricks

by jacquelinegonza.lez3316.1＠gmail.com

Need to talk to a real person Cayman Airways? Calling Cayman Airways directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Cayman Airways representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Cayman Airways (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Cayman Airways on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Cayman Airways App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Cayman Airways, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

The Easiest Way to Talk to a Live Agent Azul Brazilian Airlines

by jacquelinegonza.lez3316.1＠gmail.com

Need to talk to a real person Azul Brazilian Airlines? Calling Azul Brazilian Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Azul Brazilian Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Azul Brazilian Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Azul Brazilian Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Azul Brazilian Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Azul Brazilian Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Need Customer Service? Here’s How to Talk to a Live Agent Austrian Airlines

by jacquelinegonza.lez3316.1＠gmail.com

Need to talk to a real person Austrian Airlines? Calling Austrian Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Austrian Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Austrian Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Austrian Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Austrian Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Austrian Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Speak to a Live Person Asiana Airlines: Tips and Tricks

by jacquelinegonza.lez3316.1＠gmail.com

Need to talk to a real person Asiana Airlines? Calling Asiana Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Asiana Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Asiana Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Asiana Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Asiana Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Asiana Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

Need Customer Service? Here’s How to Talk to a Live Agent Air Mauritius

by jacquelinegonza.lez3316.1＠gmail.com

Need to talk to a real person Air Mauritius? Calling Air Mauritius directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Air Mauritius representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Air Mauritius (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Air Mauritius on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Air Mauritius App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Air Mauritius, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Contact a Live Agent Air Wisconsin for Assistance

by jacquelinegonza.lez3316.1＠gmail.com

Need to talk to a real person Air Wisconsin? Calling Air Wisconsin directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Air Wisconsin representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Air Wisconsin (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Air Wisconsin on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Air Wisconsin App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Air Wisconsin, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

How to Easily Contact a Live Agent Air Seychelles for Help

by jacquelinegonza.lez3316.1＠gmail.com

Need to talk to a real person Air Seychelles? Calling Air Seychelles directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Air Seychelles representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Air Seychelles (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Air Seychelles on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Air Seychelles App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Air Seychelles, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

2 weeks, 3 days

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror