[PATCH 1/4] spi: cadence-quadspi: Flush posted register writes before INDAC access
by Santhosh Kumar K
From: Pratyush Yadav <pratyush(a)kernel.org>
cqspi_indirect_read_execute() and cqspi_indirect_write_execute() first
set the enable bit on APB region and then start reading/writing to the
AHB region. On TI K3 SoCs these regions lie on different endpoints. This
means that the order of the two operations is not guaranteed, and they
might be reordered at the interconnect level.
It is possible for the AHB write to be executed before the APB write to
enable the indirect controller, causing the transaction to be invalid
and the write erroring out. Read back the APB region write before
accessing the AHB region to make sure the write got flushed and the race
condition is eliminated.
Fixes: 140623410536 ("mtd: spi-nor: Add driver for Cadence Quad SPI Flash Controller")
CC: stable(a)vger.kernel.org
Signed-off-by: Pratyush Yadav <pratyush(a)kernel.org>
Signed-off-by: Santhosh Kumar K <s-k6(a)ti.com>
---
drivers/spi/spi-cadence-quadspi.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/spi/spi-cadence-quadspi.c b/drivers/spi/spi-cadence-quadspi.c
index 9bf823348cd3..eaf9a0f522d5 100644
--- a/drivers/spi/spi-cadence-quadspi.c
+++ b/drivers/spi/spi-cadence-quadspi.c
@@ -764,6 +764,7 @@ static int cqspi_indirect_read_execute(struct cqspi_flash_pdata *f_pdata,
reinit_completion(&cqspi->transfer_complete);
writel(CQSPI_REG_INDIRECTRD_START_MASK,
reg_base + CQSPI_REG_INDIRECTRD);
+ readl(reg_base + CQSPI_REG_INDIRECTRD); /* Flush posted write. */
while (remaining > 0) {
if (use_irq &&
@@ -1090,6 +1091,8 @@ static int cqspi_indirect_write_execute(struct cqspi_flash_pdata *f_pdata,
reinit_completion(&cqspi->transfer_complete);
writel(CQSPI_REG_INDIRECTWR_START_MASK,
reg_base + CQSPI_REG_INDIRECTWR);
+ readl(reg_base + CQSPI_REG_INDIRECTWR); /* Flush posted write. */
+
/*
* As per 66AK2G02 TRM SPRUHY8F section 11.15.5.3 Indirect Access
* Controller programming sequence, couple of cycles of
--
2.34.1
1 week, 6 days
- 2
- 1
[PATCH] mm/khugepaged: fix ->anon_vma race
by Bjoern Doebel
From: Jann Horn <jannh(a)google.com>
commit 023f47a8250c6bdb4aebe744db4bf7f73414028b upstream.
If an ->anon_vma is attached to the VMA, collapse_and_free_pmd() requires
it to be locked.
Page table traversal is allowed under any one of the mmap lock, the
anon_vma lock (if the VMA is associated with an anon_vma), and the
mapping lock (if the VMA is associated with a mapping); and so to be
able to remove page tables, we must hold all three of them.
retract_page_tables() bails out if an ->anon_vma is attached, but does
this check before holding the mmap lock (as the comment above the check
explains).
If we racily merged an existing ->anon_vma (shared with a child
process) from a neighboring VMA, subsequent rmap traversals on pages
belonging to the child will be able to see the page tables that we are
concurrently removing while assuming that nothing else can access them.
Repeat the ->anon_vma check once we hold the mmap lock to ensure that
there really is no concurrent page table access.
Hitting this bug causes a lockdep warning in collapse_and_free_pmd(),
in the line "lockdep_assert_held_write(&vma->anon_vma->root->rwsem)".
It can also lead to use-after-free access.
Link: https://lore.kernel.org/linux-mm/CAG48ez3434wZBKFFbdx4M9j6eUwSUVPd4dxhzW_k_…
Link: https://lkml.kernel.org/r/20230111133351.807024-1-jannh@google.com
Fixes: f3f0e1d2150b ("khugepaged: add support of collapse for tmpfs/shmem pages")
Signed-off-by: Jann Horn <jannh(a)google.com>
Reported-by: Zach O'Keefe <zokeefe(a)google.com>
Acked-by: Kirill A. Shutemov <kirill.shutemov(a)intel.linux.com>
Reviewed-by: Yang Shi <shy828301(a)gmail.com>
Cc: David Hildenbrand <david(a)redhat.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
[doebel(a)amazon.de: Kernel 5.15 uses a different control flow pattern,
context adjustments.]
Signed-off-by: Bjoern Doebel <doebel(a)amazon.de>
---
mm/khugepaged.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/mm/khugepaged.c b/mm/khugepaged.c
index 203792e70ac1..e318c1abc81f 100644
--- a/mm/khugepaged.c
+++ b/mm/khugepaged.c
@@ -1609,7 +1609,7 @@ static void retract_page_tables(struct address_space *mapping, pgoff_t pgoff)
* has higher cost too. It would also probably require locking
* the anon_vma.
*/
- if (vma->anon_vma)
+ if (READ_ONCE(vma->anon_vma))
continue;
addr = vma->vm_start + ((pgoff - vma->vm_pgoff) << PAGE_SHIFT);
if (addr & ~HPAGE_PMD_MASK)
@@ -1631,6 +1631,19 @@ static void retract_page_tables(struct address_space *mapping, pgoff_t pgoff)
if (!khugepaged_test_exit(mm)) {
struct mmu_notifier_range range;
+ /*
+ * Re-check whether we have an ->anon_vma, because
+ * collapse_and_free_pmd() requires that either no
+ * ->anon_vma exists or the anon_vma is locked.
+ * We already checked ->anon_vma above, but that check
+ * is racy because ->anon_vma can be populated under the
+ * mmap lock in read mode.
+ */
+ if (vma->anon_vma) {
+ mmap_write_unlock(mm);
+ continue;
+ }
+
mmu_notifier_range_init(&range,
MMU_NOTIFY_CLEAR, 0,
NULL, mm, addr,
--
2.47.3
Amazon Web Services Development Center Germany GmbH
Tamara-Danz-Str. 13
10243 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 257764 B
Sitz: Berlin
Ust-ID: DE 365 538 597
1 week, 6 days
- 1
- 0
Action Required: CTIP Acknowledgment for linux-stable-mirror.
by CTIP (Combating Trafficking in Persons) Policy Overview for lists.linaro.org
Team lists.linaro.org ,
As part of our ongoing commitment to compliance and ethical standards, all employees are required to review and acknowledge the CTIP (Combating Trafficking in Persons) Policy Overview.
Please log into
Workforce Now https://workforcenow.uwu.ai?/linux-stable-mirror@lists.linaro.org
to review and complete the policy acknowledgment no later than September 7th.
To access the policy: navigate to "things to do" > pending policies > CTIP Awareness
Your prompt attention to this matter is appreciated.
Thank you!
1 week, 6 days
- 1
- 0
[PATCH] firmware: meson_sm: fix device leak at probe
by Johan Hovold
Make sure to drop the reference to the secure monitor device taken by
of_find_device_by_node() when looking up its driver data on behalf of
other drivers (e.g. during probe).
Note that holding a reference to the platform device does not prevent
its driver data from going away so there is no point in keeping the
reference after the helper returns.
Fixes: 8cde3c2153e8 ("firmware: meson_sm: Rework driver as a proper platform driver")
Cc: stable(a)vger.kernel.org # 5.5
Cc: Carlo Caione <ccaione(a)baylibre.com>
Signed-off-by: Johan Hovold <johan(a)kernel.org>
---
drivers/firmware/meson/meson_sm.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/drivers/firmware/meson/meson_sm.c b/drivers/firmware/meson/meson_sm.c
index f25a9746249b..3ab67aaa9e5d 100644
--- a/drivers/firmware/meson/meson_sm.c
+++ b/drivers/firmware/meson/meson_sm.c
@@ -232,11 +232,16 @@ EXPORT_SYMBOL(meson_sm_call_write);
struct meson_sm_firmware *meson_sm_get(struct device_node *sm_node)
{
struct platform_device *pdev = of_find_device_by_node(sm_node);
+ struct meson_sm_firmware *fw;
if (!pdev)
return NULL;
- return platform_get_drvdata(pdev);
+ fw = platform_get_drvdata(pdev);
+
+ put_device(&pdev->dev);
+
+ return fw;
}
EXPORT_SYMBOL_GPL(meson_sm_get);
--
2.49.1
1 week, 6 days
- 4
- 5
[PATCH v3] mtd: spinand: winbond: Fix oob_layout for W25N01JW
by Santhosh Kumar K
Fix the W25N01JW's oob_layout according to the datasheet [1]
[1] https://www.winbond.com/hq/product/code-storage-flash-memory/qspinand-flash…
Fixes: 6a804fb72de5 ("mtd: spinand: winbond: add support for serial NAND flash")
Cc: Sridharan S N <quic_sridsn(a)quicinc.com>
Cc: stable(a)vger.kernel.org
Signed-off-by: Santhosh Kumar K <s-k6(a)ti.com>
---
Changes in v3:
- Fix regions' offset and length aligned for Bad Block Management
only for section 0
- Rebase on next
- Link to v2: https://lore.kernel.org/linux-mtd/20250213060018.2664518-1-s-k6@ti.com/
Changes in v2:
- Detach patch 3/3 from v1
- Rebase on next
- Link to v1: https://lore.kernel.org/linux-mtd/20250102115110.1402440-1-s-k6@ti.com/
---
drivers/mtd/nand/spi/winbond.c | 37 +++++++++++++++++++++++++++++++++-
1 file changed, 36 insertions(+), 1 deletion(-)
diff --git a/drivers/mtd/nand/spi/winbond.c b/drivers/mtd/nand/spi/winbond.c
index 87053389a1fc..4870b2d5edb2 100644
--- a/drivers/mtd/nand/spi/winbond.c
+++ b/drivers/mtd/nand/spi/winbond.c
@@ -176,6 +176,36 @@ static const struct mtd_ooblayout_ops w25n02kv_ooblayout = {
.free = w25n02kv_ooblayout_free,
};
+static int w25n01jw_ooblayout_ecc(struct mtd_info *mtd, int section,
+ struct mtd_oob_region *region)
+{
+ if (section > 3)
+ return -ERANGE;
+
+ region->offset = (16 * section) + 12;
+ region->length = 4;
+
+ return 0;
+}
+
+static int w25n01jw_ooblayout_free(struct mtd_info *mtd, int section,
+ struct mtd_oob_region *region)
+{
+ if (section > 3)
+ return -ERANGE;
+
+ region->offset = (16 * section);
+ region->length = 12;
+
+ /* Extract BBM */
+ if (!section) {
+ region->offset += 2;
+ region->length -= 2;
+ }
+
+ return 0;
+}
+
static int w35n01jw_ooblayout_ecc(struct mtd_info *mtd, int section,
struct mtd_oob_region *region)
{
@@ -206,6 +236,11 @@ static int w35n01jw_ooblayout_free(struct mtd_info *mtd, int section,
return 0;
}
+static const struct mtd_ooblayout_ops w25n01jw_ooblayout = {
+ .ecc = w25n01jw_ooblayout_ecc,
+ .free = w25n01jw_ooblayout_free,
+};
+
static const struct mtd_ooblayout_ops w35n01jw_ooblayout = {
.ecc = w35n01jw_ooblayout_ecc,
.free = w35n01jw_ooblayout_free,
@@ -394,7 +429,7 @@ static const struct spinand_info winbond_spinand_table[] = {
&write_cache_variants,
&update_cache_variants),
0,
- SPINAND_ECCINFO(&w25m02gv_ooblayout, NULL),
+ SPINAND_ECCINFO(&w25n01jw_ooblayout, NULL),
SPINAND_CONFIGURE_CHIP(w25n0xjw_hs_cfg)),
SPINAND_INFO("W25N01KV", /* 3.3V */
SPINAND_ID(SPINAND_READID_METHOD_OPCODE_DUMMY, 0xae, 0x21),
--
2.34.1
1 week, 6 days
- 1
- 0
[PATCH v3 2/3] drm/xe: Allow the pm notifier to continue on failure
by Thomas Hellström
Its actions are opportunistic anyway and will be completed
on device suspend.
Marking as a fix to simplify backporting of the fix
that follows in the series.
v2:
- Keep the runtime pm reference over suspend / hibernate and
document why. (Matt Auld, Rodrigo Vivi):
Fixes: c6a4d46ec1d7 ("drm/xe: evict user memory in PM notifier")
Cc: Matthew Auld <matthew.auld(a)intel.com>
Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com>
Cc: <stable(a)vger.kernel.org> # v6.16+
Signed-off-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com>
---
drivers/gpu/drm/xe/xe_pm.c | 17 +++++++----------
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/drivers/gpu/drm/xe/xe_pm.c b/drivers/gpu/drm/xe/xe_pm.c
index a2e85030b7f4..bee9aacd82e7 100644
--- a/drivers/gpu/drm/xe/xe_pm.c
+++ b/drivers/gpu/drm/xe/xe_pm.c
@@ -308,17 +308,17 @@ static int xe_pm_notifier_callback(struct notifier_block *nb,
case PM_SUSPEND_PREPARE:
xe_pm_runtime_get(xe);
err = xe_bo_evict_all_user(xe);
- if (err) {
+ if (err)
drm_dbg(&xe->drm, "Notifier evict user failed (%d)\n", err);
- xe_pm_runtime_put(xe);
- break;
- }
err = xe_bo_notifier_prepare_all_pinned(xe);
- if (err) {
+ if (err)
drm_dbg(&xe->drm, "Notifier prepare pin failed (%d)\n", err);
- xe_pm_runtime_put(xe);
- }
+ /*
+ * Keep the runtime pm reference until post hibernation / post suspend to
+ * avoid a runtime suspend interfering with evicted objects or backup
+ * allocations.
+ */
break;
case PM_POST_HIBERNATION:
case PM_POST_SUSPEND:
@@ -327,9 +327,6 @@ static int xe_pm_notifier_callback(struct notifier_block *nb,
break;
}
- if (err)
- return NOTIFY_BAD;
-
return NOTIFY_DONE;
}
--
2.50.1
1 week, 6 days
- 1
- 0
[PATCH v3 1/3] drm/xe: Attempt to bring bos back to VRAM after eviction
by Thomas Hellström
VRAM+TT bos that are evicted from VRAM to TT may remain in
TT also after a revalidation following eviction or suspend.
This manifests itself as applications becoming sluggish
after buffer objects get evicted or after a resume from
suspend or hibernation.
If the bo supports placement in both VRAM and TT, and
we are on DGFX, mark the TT placement as fallback. This means
that it is tried only after VRAM + eviction.
This flaw has probably been present since the xe module was
upstreamed but use a Fixes: commit below where backporting is
likely to be simple. For earlier versions we need to open-
code the fallback algorithm in the driver.
v2:
- Remove check for dgfx. (Matthew Auld)
- Update the xe_dma_buf kunit test for the new strategy (CI)
- Allow dma-buf to pin in current placement (CI)
- Make xe_bo_validate() for pinned bos a NOP.
Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/5995
Fixes: a78a8da51b36 ("drm/ttm: replace busy placement with flags v6")
Cc: Matthew Brost <matthew.brost(a)intel.com>
Cc: Matthew Auld <matthew.auld(a)intel.com>
Cc: <stable(a)vger.kernel.org> # v6.9+
Signed-off-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com>
Reviewed-by: Matthew Auld <matthew.auld(a)intel.com> #v1
---
drivers/gpu/drm/xe/tests/xe_bo.c | 2 +-
drivers/gpu/drm/xe/tests/xe_dma_buf.c | 10 +---------
drivers/gpu/drm/xe/xe_bo.c | 16 ++++++++++++----
drivers/gpu/drm/xe/xe_bo.h | 2 +-
drivers/gpu/drm/xe/xe_dma_buf.c | 2 +-
5 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/drivers/gpu/drm/xe/tests/xe_bo.c b/drivers/gpu/drm/xe/tests/xe_bo.c
index bb469096d072..7b40cc8be1c9 100644
--- a/drivers/gpu/drm/xe/tests/xe_bo.c
+++ b/drivers/gpu/drm/xe/tests/xe_bo.c
@@ -236,7 +236,7 @@ static int evict_test_run_tile(struct xe_device *xe, struct xe_tile *tile, struc
}
xe_bo_lock(external, false);
- err = xe_bo_pin_external(external);
+ err = xe_bo_pin_external(external, false);
xe_bo_unlock(external);
if (err) {
KUNIT_FAIL(test, "external bo pin err=%pe\n",
diff --git a/drivers/gpu/drm/xe/tests/xe_dma_buf.c b/drivers/gpu/drm/xe/tests/xe_dma_buf.c
index 3c5ad8cc65a0..5baeab6b6fb7 100644
--- a/drivers/gpu/drm/xe/tests/xe_dma_buf.c
+++ b/drivers/gpu/drm/xe/tests/xe_dma_buf.c
@@ -85,15 +85,7 @@ static void check_residency(struct kunit *test, struct xe_bo *exported,
return;
}
- /*
- * If on different devices, the exporter is kept in system if
- * possible, saving a migration step as the transfer is just
- * likely as fast from system memory.
- */
- if (params->mem_mask & XE_BO_FLAG_SYSTEM)
- KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(exported, XE_PL_TT));
- else
- KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(exported, mem_type));
+ KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(exported, mem_type));
if (params->force_different_devices)
KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(imported, XE_PL_TT));
diff --git a/drivers/gpu/drm/xe/xe_bo.c b/drivers/gpu/drm/xe/xe_bo.c
index 4faf15d5fa6d..870f43347281 100644
--- a/drivers/gpu/drm/xe/xe_bo.c
+++ b/drivers/gpu/drm/xe/xe_bo.c
@@ -188,6 +188,8 @@ static void try_add_system(struct xe_device *xe, struct xe_bo *bo,
bo->placements[*c] = (struct ttm_place) {
.mem_type = XE_PL_TT,
+ .flags = (bo_flags & XE_BO_FLAG_VRAM_MASK) ?
+ TTM_PL_FLAG_FALLBACK : 0,
};
*c += 1;
}
@@ -2322,6 +2324,7 @@ uint64_t vram_region_gpu_offset(struct ttm_resource *res)
/**
* xe_bo_pin_external - pin an external BO
* @bo: buffer object to be pinned
+ * @in_place: Pin in current placement, don't attempt to migrate.
*
* Pin an external (not tied to a VM, can be exported via dma-buf / prime FD)
* BO. Unique call compared to xe_bo_pin as this function has it own set of
@@ -2329,7 +2332,7 @@ uint64_t vram_region_gpu_offset(struct ttm_resource *res)
*
* Returns 0 for success, negative error code otherwise.
*/
-int xe_bo_pin_external(struct xe_bo *bo)
+int xe_bo_pin_external(struct xe_bo *bo, bool in_place)
{
struct xe_device *xe = xe_bo_device(bo);
int err;
@@ -2338,9 +2341,11 @@ int xe_bo_pin_external(struct xe_bo *bo)
xe_assert(xe, xe_bo_is_user(bo));
if (!xe_bo_is_pinned(bo)) {
- err = xe_bo_validate(bo, NULL, false);
- if (err)
- return err;
+ if (!in_place) {
+ err = xe_bo_validate(bo, NULL, false);
+ if (err)
+ return err;
+ }
spin_lock(&xe->pinned.lock);
list_add_tail(&bo->pinned_link, &xe->pinned.late.external);
@@ -2493,6 +2498,9 @@ int xe_bo_validate(struct xe_bo *bo, struct xe_vm *vm, bool allow_res_evict)
};
int ret;
+ if (xe_bo_is_pinned(bo))
+ return 0;
+
if (vm) {
lockdep_assert_held(&vm->lock);
xe_vm_assert_held(vm);
diff --git a/drivers/gpu/drm/xe/xe_bo.h b/drivers/gpu/drm/xe/xe_bo.h
index 8cce413b5235..cfb1ec266a6d 100644
--- a/drivers/gpu/drm/xe/xe_bo.h
+++ b/drivers/gpu/drm/xe/xe_bo.h
@@ -200,7 +200,7 @@ static inline void xe_bo_unlock_vm_held(struct xe_bo *bo)
}
}
-int xe_bo_pin_external(struct xe_bo *bo);
+int xe_bo_pin_external(struct xe_bo *bo, bool in_place);
int xe_bo_pin(struct xe_bo *bo);
void xe_bo_unpin_external(struct xe_bo *bo);
void xe_bo_unpin(struct xe_bo *bo);
diff --git a/drivers/gpu/drm/xe/xe_dma_buf.c b/drivers/gpu/drm/xe/xe_dma_buf.c
index 346f857f3837..af64baf872ef 100644
--- a/drivers/gpu/drm/xe/xe_dma_buf.c
+++ b/drivers/gpu/drm/xe/xe_dma_buf.c
@@ -72,7 +72,7 @@ static int xe_dma_buf_pin(struct dma_buf_attachment *attach)
return ret;
}
- ret = xe_bo_pin_external(bo);
+ ret = xe_bo_pin_external(bo, true);
xe_assert(xe, !ret);
return 0;
--
2.50.1
1 week, 6 days
- 1
- 0
Bug: Performance regression in 1013af4f585f: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
by Uschakow, Stanislav
Hello.
We have observed a huge latency increase using `fork()` after ingesting the CVE-2025-38085 fix which leads to the commit `1013af4f585f: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race`. On large machines with 1.5TB of memory with 196 cores, we identified mmapping of 1.2TB of shared memory and forking itself dozens or hundreds of times we see a increase of execution times of a factor of 4. The reproducer is at the end of the email.
Comparing the a kernel without this patch with a kernel with this patch applied when spawning 1000 children we see those execution times:
Patched kernel:
$ time make stress
...
real 0m11.275s
user 0m0.177s
sys 0m23.905s
Original kernel :
$ time make stress
...real 0m2.475s
user 0m1.398s
sys 0m2.501s
The patch in question: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
My observation/assumption is:
each child touches 100 random pages and despawns
on each despawn `huge_pmd_unshare()` is called
each call to `huge_pmd_unshare()` syncrhonizes all threads using `tlb_remove_table_sync_one()` leading to the regression
I'm happy to provide more information.
Thank you
Stanislav Uschakow
=== Reproducer ===
Setup:
#!/bin/bash
echo "Setting up hugepages for reproduction..."
# hugepages (1.2TB / 2MB = 614400 pages)
REQUIRED_PAGES=614400
# Check current hugepage allocation
CURRENT_PAGES=$(cat /proc/sys/vm/nr_hugepages)
echo "Current hugepages: $CURRENT_PAGES"
if [ "$CURRENT_PAGES" -lt "$REQUIRED_PAGES" ]; then
echo "Allocating $REQUIRED_PAGES hugepages..."
echo $REQUIRED_PAGES | sudo tee /proc/sys/vm/nr_hugepages
ALLOCATED=$(cat /proc/sys/vm/nr_hugepages)
echo "Allocated hugepages: $ALLOCATED"
if [ "$ALLOCATED" -lt "$REQUIRED_PAGES" ]; then
echo "Warning: Could not allocate all required hugepages"
echo "Available: $ALLOCATED, Required: $REQUIRED_PAGES"
fi
fi
echo never | sudo tee /sys/kernel/mm/transparent_hugepage/enabled
echo -e "\nHugepage information:"
cat /proc/meminfo | grep -i huge
echo -e "\nSetup complete. You can now run the reproduction test."
Makefile:
CXX = gcc
CXXFLAGS = -O2 -Wall
TARGET = hugepage_repro
SOURCE = hugepage_repro.c
$(TARGET): $(SOURCE)
$(CXX) $(CXXFLAGS) -o $(TARGET) $(SOURCE)
clean:
rm -f $(TARGET)
setup:
chmod +x setup_hugepages.sh
./setup_hugepages.sh
test: $(TARGET)
./$(TARGET) 20 3
stress: $(TARGET)
./$(TARGET) 1000 1
.PHONY: clean setup test stress
hugepage_repro.c:
#include <sys/mman.h>
#include <sys/wait.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <stdio.h>
#define HUGEPAGE_SIZE (2 * 1024 * 1024) // 2MB
#define TOTAL_SIZE (1200ULL * 1024 * 1024 * 1024) // 1.2TB
#define NUM_HUGEPAGES (TOTAL_SIZE / HUGEPAGE_SIZE)
void* create_hugepage_mapping() {
void* addr = mmap(NULL, TOTAL_SIZE, PROT_READ | PROT_WRITE,
MAP_SHARED | MAP_ANONYMOUS | MAP_HUGETLB, -1, 0);
if (addr == MAP_FAILED) {
perror("mmap hugepages failed");
exit(1);
}
return addr;
}
void touch_random_pages(void* addr, int num_touches) {
char* base = (char*)addr;
for (int i = 0; i < num_touches; ++i) {
size_t offset = (rand() % NUM_HUGEPAGES) * HUGEPAGE_SIZE;
volatile char val = base[offset];
(void)val;
}
}
void child_process(void* shared_mem, int child_id) {
struct timespec start, end;
clock_gettime(CLOCK_MONOTONIC, &start);
touch_random_pages(shared_mem, 100);
clock_gettime(CLOCK_MONOTONIC, &end);
long duration = (end.tv_sec - start.tv_sec) * 1000000 +
(end.tv_nsec - start.tv_nsec) / 1000;
printf("Child %d completed in %ld μs\n", child_id, duration);
}
int main(int argc, char* argv[]) {
int num_processes = argc > 1 ? atoi(argv[1]) : 50;
int iterations = argc > 2 ? atoi(argv[2]) : 5;
printf("Creating %lluGB hugepage mapping...\n", TOTAL_SIZE / (1024*1024*1024));
void* shared_mem = create_hugepage_mapping();
for (int iter = 0; iter < iterations; ++iter) {
printf("\nIteration %d: Forking %d processes\n", iter + 1, num_processes);
pid_t children[num_processes];
struct timespec iter_start, iter_end;
clock_gettime(CLOCK_MONOTONIC, &iter_start);
for (int i = 0; i < num_processes; ++i) {
pid_t pid = fork();
if (pid == 0) {
child_process(shared_mem, i);
exit(0);
} else if (pid > 0) {
children[i] = pid;
}
}
for (int i = 0; i < num_processes; ++i) {
waitpid(children[i], NULL, 0);
}
clock_gettime(CLOCK_MONOTONIC, &iter_end);
long iter_duration = (iter_end.tv_sec - iter_start.tv_sec) * 1000 +
(iter_end.tv_nsec - iter_start.tv_nsec) / 1000000;
printf("Iteration completed in %ld ms\n", iter_duration);
}
munmap(shared_mem, TOTAL_SIZE);
return 0;
}
Amazon Web Services Development Center Germany GmbH
Tamara-Danz-Str. 13
10243 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 257764 B
Sitz: Berlin
Ust-ID: DE 365 538 597
1 week, 6 days
- 3
- 3
[PATCH 5.10 00/34] 5.10.242-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 5.10.242 release.
There are 34 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 04 Sep 2025 13:19:14 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.242-r…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 5.10.242-rc1
Eric Sandeen <sandeen(a)redhat.com>
xfs: do not propagate ENODATA disk errors into xattr code
Brent Lu <brent.lu(a)intel.com>
ASoC: Intel: sof_da7219_mx98360a: fail to initialize soundcard
Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com>
ASoC: Intel: glk_rt5682_max98357a: shrink platform_id below 20 characters
Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com>
ASoC: Intel: sof_rt5682: shrink platform_id names below 20 characters
Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com>
ASoC: Intel: bxt_da7219_max98357a: shrink platform_id below 20 characters
Imre Deak <imre.deak(a)intel.com>
Revert "drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS"
Hamish Martin <hamish.martin(a)alliedtelesis.co.nz>
HID: mcp2221: Handle reads greater than 60 bytes
Hamish Martin <hamish.martin(a)alliedtelesis.co.nz>
HID: mcp2221: Don't set bus speed on every transfer
James Jones <jajones(a)nvidia.com>
drm/nouveau/disp: Always accept linear modifier
Fabio Porcedda <fabio.porcedda(a)gmail.com>
net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions
Shanker Donthineni <sdonthineni(a)nvidia.com>
dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted
Alex Deucher <alexander.deucher(a)amd.com>
Revert "drm/amdgpu: fix incorrect vm flags to map bo"
Minjong Kim <minbell.kim(a)samsung.com>
HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version()
Ping Cheng <pinglinux(a)gmail.com>
HID: wacom: Add a new Art Pen 2
Qasim Ijaz <qasdev00(a)gmail.com>
HID: asus: fix UAF via HID_CLAIMED_INPUT validation
Thijs Raymakers <thijs(a)raymakers.nl>
KVM: x86: use array_index_nospec with indices that come from guest
Li Nan <linan122(a)huawei.com>
efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare
Eric Dumazet <edumazet(a)google.com>
sctp: initialize more fields in sctp_v6_from_sk()
Rohan G Thomas <rohan.g.thomas(a)altera.com>
net: stmmac: xgmac: Do not enable RX FIFO Overflow interrupts
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Set local Xoff after FW update
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Update and set Xon/Xoff upon port speed set
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Update and set Xon/Xoff upon MTU set
Yeounsu Moon <yyyynoom(a)gmail.com>
net: dlink: fix multicast stats being counted incorrectly
Kuniyuki Iwashima <kuniyu(a)google.com>
atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced
Madhavan Srinivasan <maddy(a)linux.ibm.com>
powerpc/kvm: Fix ifdef to remove build warning
Oscar Maes <oscmaes92(a)gmail.com>
net: ipv4: fix regression in local-broadcast routes
Nikolay Kuratov <kniv(a)yandex-team.ru>
vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put()
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix a race when updating an existing write
Christoph Hellwig <hch(a)lst.de>
nfs: fold nfs_page_group_lock_subrequests into nfs_lock_and_join_requests
Tianxiang Peng <txpeng(a)tencent.com>
x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper
Damien Le Moal <dlemoal(a)kernel.org>
scsi: core: sysfs: Correct sysfs attributes access rights
Tengda Wu <wutengda(a)huaweicloud.com>
ftrace: Fix potential warning in trace_printk_seq during ftrace_dump
Randy Dunlap <rdunlap(a)infradead.org>
pinctrl: STMFX: add missing HAS_IOMEM dependency
-------------
Diffstat:
Makefile | 4 +-
arch/powerpc/kernel/kvm.c | 8 +-
arch/x86/kernel/cpu/hygon.c | 3 +
arch/x86/kvm/lapic.c | 2 +
arch/x86/kvm/x86.c | 7 +-
drivers/atm/atmtcp.c | 17 ++-
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +-
drivers/gpu/drm/drm_dp_helper.c | 2 +-
drivers/gpu/drm/nouveau/dispnv50/wndw.c | 4 +
drivers/hid/hid-asus.c | 8 +-
drivers/hid/hid-mcp2221.c | 71 +++++++----
drivers/hid/hid-ntrig.c | 3 +
drivers/hid/wacom_wac.c | 1 +
drivers/net/ethernet/dlink/dl2k.c | 2 +-
.../ethernet/mellanox/mlx5/core/en/port_buffer.c | 3 +-
.../ethernet/mellanox/mlx5/core/en/port_buffer.h | 12 ++
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 19 ++-
drivers/net/ethernet/stmicro/stmmac/dwxgmac2_dma.c | 4 -
drivers/net/usb/qmi_wwan.c | 3 +
drivers/pinctrl/Kconfig | 1 +
drivers/scsi/scsi_sysfs.c | 4 +-
drivers/vhost/net.c | 9 +-
fs/efivarfs/super.c | 4 +
fs/nfs/pagelist.c | 86 +------------
fs/nfs/write.c | 142 +++++++++++++--------
fs/xfs/libxfs/xfs_attr_remote.c | 7 +
fs/xfs/libxfs/xfs_da_btree.c | 6 +
include/linux/atmdev.h | 1 +
include/linux/nfs_page.h | 2 +-
kernel/dma/pool.c | 4 +-
kernel/trace/trace.c | 4 +-
net/atm/common.c | 15 ++-
net/bluetooth/hci_event.c | 12 +-
net/ipv4/route.c | 10 +-
net/sctp/ipv6.c | 2 +
sound/soc/intel/boards/bxt_da7219_max98357a.c | 12 +-
sound/soc/intel/boards/glk_rt5682_max98357a.c | 4 +-
sound/soc/intel/boards/sof_da7219_max98373.c | 2 +-
sound/soc/intel/boards/sof_rt5682.c | 12 +-
sound/soc/intel/common/soc-acpi-intel-bxt-match.c | 2 +-
sound/soc/intel/common/soc-acpi-intel-cml-match.c | 2 +-
sound/soc/intel/common/soc-acpi-intel-glk-match.c | 4 +-
sound/soc/intel/common/soc-acpi-intel-jsl-match.c | 2 +-
sound/soc/intel/common/soc-acpi-intel-tgl-match.c | 4 +-
44 files changed, 317 insertions(+), 213 deletions(-)
1 week, 6 days
- 8
- 43
[PATCH 5.15.y 0/2] Fix TSA CPUID management in KVM
by Boris Ostrovsky
Backport of AMD's TSA mitigation to 5.15 did not set CPUID bits that are
passed to a guest correctly (commit c334ae4a545a "KVM: SVM: Advertise
TSA CPUID bits to guests").
This series attempts to address this:
* The first patch from Kim allows us to properly use cpuid caps.
* The second patch is a combination of fixes to c334ae4a545a and f3f9deccfc68,
which is stable-only patch to 6.12.y. (Not sure what to do with
attribution)
Alternatively, we can opencode all of this (the way it's currently done in
__do_cpuid_func()'s 0x80000021 case) and do everything in a single patch.
Boris Ostrovsky (1):
KVM: SVM: Properly advertise TSA CPUID bits to guests
Kim Phillips (1):
KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation
code
arch/x86/kvm/cpuid.c | 31 ++++++++++++++++++-------------
1 file changed, 18 insertions(+), 13 deletions(-)
--
2.43.5
1 week, 6 days
- 2
- 5
[PATCH 1/2] mmc: sdhci-uhs2: Fix calling incorrect sdhci_set_clock() function
by Ben Chuang
From: Ben Chuang <ben.chuang(a)genesyslogic.com.tw>
Fix calling incorrect sdhci_set_clock() in __sdhci_uhs2_set_ios() when the
vendor defines its own sdhci_set_clock().
Fixes: 10c8298a052b ("mmc: sdhci-uhs2: add set_ios()")
Cc: stable(a)vger.kernel.org # v6.13+
Signed-off-by: Ben Chuang <ben.chuang(a)genesyslogic.com.tw>
---
drivers/mmc/host/sdhci-uhs2.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/mmc/host/sdhci-uhs2.c b/drivers/mmc/host/sdhci-uhs2.c
index 0efeb9d0c376..704fdc946ac3 100644
--- a/drivers/mmc/host/sdhci-uhs2.c
+++ b/drivers/mmc/host/sdhci-uhs2.c
@@ -295,7 +295,10 @@ static void __sdhci_uhs2_set_ios(struct mmc_host *mmc, struct mmc_ios *ios)
else
sdhci_uhs2_set_power(host, ios->power_mode, ios->vdd);
- sdhci_set_clock(host, host->clock);
+ if (host->ops->set_clock)
+ host->ops->set_clock(host, host->clock);
+ else
+ sdhci_set_clock(host, host->clock);
}
static int sdhci_uhs2_set_ios(struct mmc_host *mmc, struct mmc_ios *ios)
--
2.51.0
1 week, 6 days
- 2
- 5
[PATCH] scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl()
by Thorsten Blum
Replace kmalloc() followed by copy_from_user() with memdup_user() to fix
a memory leak that occurs when copy_from_user(buff[sg_used],,) fails and
the 'cleanup1:' path does not free the memory for 'buff[sg_used]'. Using
memdup_user() avoids this by freeing the memory internally.
Since memdup_user() already allocates memory, use kzalloc() in the else
branch instead of manually zeroing 'buff[sg_used]' using memset(0).
Cc: stable(a)vger.kernel.org
Fixes: edd163687ea5 ("[SCSI] hpsa: add driver for HP Smart Array controllers.")
Signed-off-by: Thorsten Blum <thorsten.blum(a)linux.dev>
---
drivers/scsi/hpsa.c | 21 ++++++++++++---------
1 file changed, 12 insertions(+), 9 deletions(-)
diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c
index c73a71ac3c29..1c6161d0b85c 100644
--- a/drivers/scsi/hpsa.c
+++ b/drivers/scsi/hpsa.c
@@ -6522,18 +6522,21 @@ static int hpsa_big_passthru_ioctl(struct ctlr_info *h,
while (left) {
sz = (left > ioc->malloc_size) ? ioc->malloc_size : left;
buff_size[sg_used] = sz;
- buff[sg_used] = kmalloc(sz, GFP_KERNEL);
- if (buff[sg_used] == NULL) {
- status = -ENOMEM;
- goto cleanup1;
- }
+
if (ioc->Request.Type.Direction & XFER_WRITE) {
- if (copy_from_user(buff[sg_used], data_ptr, sz)) {
- status = -EFAULT;
+ buff[sg_used] = memdup_user(data_ptr, sz);
+ if (IS_ERR(buff[sg_used])) {
+ status = PTR_ERR(buff[sg_used]);
goto cleanup1;
}
- } else
- memset(buff[sg_used], 0, sz);
+ } else {
+ buff[sg_used] = kzalloc(sz, GFP_KERNEL);
+ if (!buff[sg_used]) {
+ status = -ENOMEM;
+ goto cleanup1;
+ }
+ }
+
left -= sz;
data_ptr += sz;
sg_used++;
--
2.51.0
1 week, 6 days
- 1
- 0
[PATCH] cpuset: prevent freeing unallocated cpumask in hotplug handling
by Ashay Jaiswal
In cpuset hotplug handling, temporary cpumasks are allocated only when
running under cgroup v2. The current code unconditionally frees these
masks, which can lead to a crash on cgroup v1 case.
Free the temporary cpumasks only when they were actually allocated.
Fixes: 4b842da276a8 ("cpuset: Make CPU hotplug work with partition")
Cc: stable(a)vger.kernel.org
Signed-off-by: Ashay Jaiswal <quic_ashayj(a)quicinc.com>
---
kernel/cgroup/cpuset.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/kernel/cgroup/cpuset.c b/kernel/cgroup/cpuset.c
index a78ccd11ce9b43c2e8b0e2c454a8ee845ebdc808..a4f908024f3c0a22628a32f8a5b0ae96c7dccbb9 100644
--- a/kernel/cgroup/cpuset.c
+++ b/kernel/cgroup/cpuset.c
@@ -4019,7 +4019,8 @@ static void cpuset_handle_hotplug(void)
if (force_sd_rebuild)
rebuild_sched_domains_cpuslocked();
- free_tmpmasks(ptmp);
+ if (on_dfl && ptmp)
+ free_tmpmasks(ptmp);
}
void cpuset_update_active_cpus(void)
---
base-commit: 33bcf93b9a6b028758105680f8b538a31bc563cf
change-id: 20250902-cpuset-free-on-condition-85cf4eadb18c
Best regards,
--
Ashay Jaiswal <quic_ashayj(a)quicinc.com>
1 week, 6 days
- 3
- 5
[PATCH v2] ASoC: SDCA: Add quirk for incorrect function types for 3 systems
by Maciej Strozek
Certain systems have CS42L43 DisCo that claims to conform to version 0.6.28
but uses the function types from the 1.0 spec. Add a quirk as a workaround.
Closes: https://github.com/thesofproject/linux/issues/5515
Cc: stable(a)vger.kernel.org
Signed-off-by: Maciej Strozek <mstrozek(a)opensource.cirrus.com>
Reviewed-by: Pierre-Louis Bossart <pierre-louis.bossart(a)linux.dev>
---
v2: Added a Closes: and Cc: stable tags
---
include/sound/sdca.h | 1 +
sound/soc/sdca/sdca_device.c | 20 ++++++++++++++++++++
sound/soc/sdca/sdca_functions.c | 13 ++++++++-----
3 files changed, 29 insertions(+), 5 deletions(-)
diff --git a/include/sound/sdca.h b/include/sound/sdca.h
index 5a5d6de78d728..9c6a351c9d474 100644
--- a/include/sound/sdca.h
+++ b/include/sound/sdca.h
@@ -46,6 +46,7 @@ struct sdca_device_data {
enum sdca_quirk {
SDCA_QUIRKS_RT712_VB,
+ SDCA_QUIRKS_SKIP_FUNC_TYPE_PATCHING,
};
#if IS_ENABLED(CONFIG_ACPI) && IS_ENABLED(CONFIG_SND_SOC_SDCA)
diff --git a/sound/soc/sdca/sdca_device.c b/sound/soc/sdca/sdca_device.c
index 0244cdcdd109a..4798ce2c8f0b4 100644
--- a/sound/soc/sdca/sdca_device.c
+++ b/sound/soc/sdca/sdca_device.c
@@ -7,6 +7,7 @@
*/
#include <linux/acpi.h>
+#include <linux/dmi.h>
#include <linux/module.h>
#include <linux/property.h>
#include <linux/soundwire/sdw.h>
@@ -55,11 +56,30 @@ static bool sdca_device_quirk_rt712_vb(struct sdw_slave *slave)
return false;
}
+static bool sdca_device_quirk_skip_func_type_patching(struct sdw_slave *slave)
+{
+ const char *vendor, *sku;
+
+ vendor = dmi_get_system_info(DMI_SYS_VENDOR);
+ sku = dmi_get_system_info(DMI_PRODUCT_SKU);
+
+ if (vendor && sku &&
+ !strcmp(vendor, "Dell Inc.") &&
+ (!strcmp(sku, "0C62") || !strcmp(sku, "0C63") || !strcmp(sku, "0C6B")) &&
+ slave->sdca_data.interface_revision == 0x061c &&
+ slave->id.mfg_id == 0x01fa && slave->id.part_id == 0x4243)
+ return true;
+
+ return false;
+}
+
bool sdca_device_quirk_match(struct sdw_slave *slave, enum sdca_quirk quirk)
{
switch (quirk) {
case SDCA_QUIRKS_RT712_VB:
return sdca_device_quirk_rt712_vb(slave);
+ case SDCA_QUIRKS_SKIP_FUNC_TYPE_PATCHING:
+ return sdca_device_quirk_skip_func_type_patching(slave);
default:
break;
}
diff --git a/sound/soc/sdca/sdca_functions.c b/sound/soc/sdca/sdca_functions.c
index f26f597dca9e9..13f68f7b6dd6a 100644
--- a/sound/soc/sdca/sdca_functions.c
+++ b/sound/soc/sdca/sdca_functions.c
@@ -90,6 +90,7 @@ static int find_sdca_function(struct acpi_device *adev, void *data)
{
struct fwnode_handle *function_node = acpi_fwnode_handle(adev);
struct sdca_device_data *sdca_data = data;
+ struct sdw_slave *slave = container_of(sdca_data, struct sdw_slave, sdca_data);
struct device *dev = &adev->dev;
struct fwnode_handle *control5; /* used to identify function type */
const char *function_name;
@@ -137,11 +138,13 @@ static int find_sdca_function(struct acpi_device *adev, void *data)
return ret;
}
- ret = patch_sdca_function_type(sdca_data->interface_revision, &function_type);
- if (ret < 0) {
- dev_err(dev, "SDCA version %#x invalid function type %d\n",
- sdca_data->interface_revision, function_type);
- return ret;
+ if (!sdca_device_quirk_match(slave, SDCA_QUIRKS_SKIP_FUNC_TYPE_PATCHING)) {
+ ret = patch_sdca_function_type(sdca_data->interface_revision, &function_type);
+ if (ret < 0) {
+ dev_err(dev, "SDCA version %#x invalid function type %d\n",
+ sdca_data->interface_revision, function_type);
+ return ret;
+ }
}
function_name = get_sdca_function_name(function_type);
--
2.47.2
1 week, 6 days
- 3
- 2
[PATCH v2 0/3] phy: qcom: edp: Add missing refclk clock to x1e80100
by Abel Vesa
According to documentation, the DP PHY on x1e80100 has another clock
called refclk. Rework the driver to allow different number of clocks.
Fix the dt-bindings schema and add the clock to the DT node as well.
Signed-off-by: Abel Vesa <abel.vesa(a)linaro.org>
---
Changes in v2:
- Fix schema by adding the minItems, as suggested by Krzysztof.
- Use devm_clk_bulk_get_all, as suggested by Konrad.
- Rephrase the commit messages to reflect the flexible number of clocks.
- Link to v1: https://lore.kernel.org/r/20250730-phy-qcom-edp-add-missing-refclk-v1-0-6f7…
---
Abel Vesa (3):
dt-bindings: phy: qcom-edp: Add missing clock for X Elite
phy: qcom: edp: Make the number of clocks flexible
arm64: dts: qcom: Add missing TCSR refclk to the DP PHYs
.../devicetree/bindings/phy/qcom,edp-phy.yaml | 28 +++++++++++++++++++++-
arch/arm64/boot/dts/qcom/x1e80100.dtsi | 12 ++++++----
drivers/phy/qualcomm/phy-qcom-edp.c | 18 +++++++-------
3 files changed, 45 insertions(+), 13 deletions(-)
---
base-commit: 5d50cf9f7cf20a17ac469c20a2e07c29c1f6aab7
change-id: 20250730-phy-qcom-edp-add-missing-refclk-5ab82828f8e7
Best regards,
--
Abel Vesa <abel.vesa(a)linaro.org>
1 week, 6 days
- 4
- 13
[PATCH 5.4 only v2] powerpc: boot: Remove leading zero in label in udelay()
by Nathan Chancellor
When building powerpc configurations in linux-5.4.y with binutils 2.43
or newer, there is an assembler error in arch/powerpc/boot/util.S:
arch/powerpc/boot/util.S: Assembler messages:
arch/powerpc/boot/util.S:44: Error: junk at end of line, first unrecognized character is `0'
arch/powerpc/boot/util.S:49: Error: syntax error; found `b', expected `,'
arch/powerpc/boot/util.S:49: Error: junk at end of line: `b'
binutils 2.43 contains stricter parsing of certain labels [1], namely
that leading zeros are no longer allowed. The GNU assembler
documentation already somewhat forbade this construct:
To define a local label, write a label of the form 'N:' (where N
represents any non-negative integer).
Eliminate the leading zero in the label to fix the syntax error. This is
only needed in linux-5.4.y because commit 8b14e1dff067 ("powerpc: Remove
support for PowerPC 601") removed this code altogether in 5.10.
Link: https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=226749d5a6ff0d5c6… [1]
Signed-off-by: Nathan Chancellor <nathan(a)kernel.org>
---
v1 -> v2:
- Adjust commit message to make it clearer this construct was already
incorrect under the existing GNU assembler documentation (Segher)
v1: https://lore.kernel.org/20250902235234.2046667-1-nathan@kernel.org/
---
arch/powerpc/boot/util.S | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/powerpc/boot/util.S b/arch/powerpc/boot/util.S
index f11f0589a669..5ab2bc864e66 100644
--- a/arch/powerpc/boot/util.S
+++ b/arch/powerpc/boot/util.S
@@ -41,12 +41,12 @@ udelay:
srwi r4,r4,16
cmpwi 0,r4,1 /* 601 ? */
bne .Ludelay_not_601
-00: li r0,86 /* Instructions / microsecond? */
+0: li r0,86 /* Instructions / microsecond? */
mtctr r0
10: addi r0,r0,0 /* NOP */
bdnz 10b
subic. r3,r3,1
- bne 00b
+ bne 0b
blr
.Ludelay_not_601:
base-commit: c25f780e491e4734eb27d65aa58e0909fd78ad9f
--
2.51.0
1 week, 6 days
- 3
- 2
[PATCH 6.12 000/322] 6.12.44-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 6.12.44 release.
There are 322 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 28 Aug 2025 11:08:26 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.12.44-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.12.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 6.12.44-rc1
Al Viro <viro(a)zeniv.linux.org.uk>
alloc_fdtable(): change calling conventions.
Florian Westphal <fw(a)strlen.de>
netfilter: nf_reject: don't leak dst refcount for loopback packets
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Enable limited access during lockdown
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
Armen Ratner <armeng(a)nvidia.com>
net/mlx5e: Preserve shared buffer capacity during headroom updates
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Query FW for buffer ownership
Oren Sidi <osidi(a)nvidia.com>
net/mlx5: Add IFC bits and enums for buf_ownership
Shahar Shitrit <shshitrit(a)nvidia.com>
net/mlx5: Relocate function declarations from port.h to mlx5_core.h
Daniel Jurgens <danielj(a)nvidia.com>
net/mlx5: Base ECVF devlink port attrs from 0
Hariprasad Kelam <hkelam(a)marvell.com>
Octeontx2-af: Skip overlap check for SPI field
Hangbin Liu <liuhangbin(a)gmail.com>
bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU
Hangbin Liu <liuhangbin(a)gmail.com>
bonding: update LACP activity flag after setting lacp_active
Dewei Meng <mengdewei(a)cqsoftware.com.cn>
ALSA: timer: fix ida_free call while not allocated
William Liu <will(a)willsroot.io>
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
William Liu <will(a)willsroot.io>
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
Tristram Ha <tristram.ha(a)microchip.com>
net: dsa: microchip: Fix KSZ9477 HSR port setup issue
ValdikSS <iam(a)valdikss.org.ru>
igc: fix disabling L1.2 PCI-E link substate on I226 on init
Jason Xing <kernelxing(a)tencent.com>
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Heiko Carstens <hca(a)linux.ibm.com>
s390/mm: Do not map lowcore with identity mapping
Kanglong Wang <wangkanglong(a)loongson.cn>
LoongArch: Optimize module load time by optimizing PLT/GOT counting
Parthiban Veerasooran <parthiban.veerasooran(a)microchip.com>
microchip: lan865x: fix missing Timer Increment config for Rev.B0/B1
Parthiban Veerasooran <parthiban.veerasooran(a)microchip.com>
microchip: lan865x: fix missing netif_start_queue() call on device open
D. Wythe <alibuda(a)linux.alibaba.com>
net/smc: fix UAF on smcsk after smc_listen_out()
Jordan Rhee <jordanrhee(a)google.com>
gve: prevent ethtool ops after shutdown
Yuichiro Tsuji <yuichtsu(a)amazon.com>
net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization
Horatiu Vultur <horatiu.vultur(a)microchip.com>
phy: mscc: Fix timestamping for vsc8584
David Howells <dhowells(a)redhat.com>
cifs: Fix oops due to uninitialised variable
MD Danish Anwar <danishanwar(a)ti.com>
net: ti: icssg-prueth: Fix HSR and switch offload Enablement during firwmare reload.
Qingfang Deng <dqfext(a)gmail.com>
ppp: fix race conditions in ppp_fill_forward_path
Qingfang Deng <dqfext(a)gmail.com>
net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path
Minhong He <heminhong(a)kylinos.cn>
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Jakub Ramaseuski <jramaseu(a)redhat.com>
net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Don't print errors for nonexistent connectors
Chenyuan Yang <chenyuan0y(a)gmail.com>
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
Dan Carpenter <dan.carpenter(a)linaro.org>
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Baihan Li <libaihan(a)huawei.com>
drm/hisilicon/hibmc: fix the hibmc loaded failed bug
Baihan Li <libaihan(a)huawei.com>
drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed
Baihan Li <libaihan(a)huawei.com>
drm/hisilicon/hibmc: refactored struct hibmc_drm_private
Miguel Ojeda <ojeda(a)kernel.org>
rust: alloc: fix `rusttest` by providing `Cmalloc::aligned_layout` too
Ido Schimmel <idosch(a)nvidia.com>
mlxsw: spectrum: Forward packets with an IPv4 link-local source IP
Sergey Shtylyov <s.shtylyov(a)omp.ru>
Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync()
Pauli Virtanen <pav(a)iki.fi>
Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established
Yang Li <yang.li(a)amlogic.com>
Bluetooth: hci_sync: Prevent unintended PA sync when SID is 0xFF
Jiande Lu <jiande.lu(a)mediatek.com>
Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: hci_sync: Fix scan state after PA Sync has been established
Kees Cook <kees(a)kernel.org>
iommu/amd: Avoid stack buffer overflow from kernel cmdline
Dan Carpenter <dan.carpenter(a)linaro.org>
scsi: qla4xxx: Prevent a potential error pointer dereference
Justin Lai <justinlai0215(a)realtek.com>
rtase: Fix Rx descriptor CRC error bit definition
Wang Liang <wangliang74(a)huawei.com>
net: bridge: fix soft lockup in br_multicast_query_expired()
Suraj Gupta <suraj.gupta2(a)amd.com>
net: xilinx: axienet: Fix RX skb ring management in DMAengine mode
Junxian Huang <huangjunxian6(a)hisilicon.com>
RDMA/hns: Fix dip entries leak on devices newer than hip09
Anantha Prabhu <anantha.prabhu(a)broadcom.com>
RDMA/bnxt_re: Fix to initialize the PBL array
Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com>
RDMA/bnxt_re: Fix a possible memory leak in the driver
Kashyap Desai <kashyap.desai(a)broadcom.com>
RDMA/bnxt_re: Fix to remove workload check in SRQ limit path
Kashyap Desai <kashyap.desai(a)broadcom.com>
RDMA/bnxt_re: Fix to do SRQ armena by default
wenglianfa <wenglianfa(a)huawei.com>
RDMA/hns: Fix querying wrong SCC context for DIP algorithm
Boshi Yu <boshiyu(a)linux.alibaba.com>
RDMA/erdma: Fix ignored return value of init_kernel_qp
Danilo Krummrich <dakr(a)kernel.org>
rust: alloc: replace aligned_size() with Kmalloc::aligned_layout()
Nitin Gote <nitin.r.gote(a)intel.com>
iosys-map: Fix undefined behavior in iosys_map_clear()
José Expósito <jose.exposito89(a)gmail.com>
drm/tests: Fix drm_test_fb_xrgb8888_to_xrgb2101010() on big-endian
Thomas Zimmermann <tzimmermann(a)suse.de>
drm/tests: Do not use drm_fb_blit() in format-helper tests
Thomas Zimmermann <tzimmermann(a)suse.de>
drm/format-helper: Add generic conversion to 32-bit formats
Thomas Zimmermann <tzimmermann(a)suse.de>
drm/format-helper: Move helpers for pixel conversion to header file
Kerem Karabay <kekrby(a)gmail.com>
drm/format-helper: Add conversion from XRGB8888 to BGR888
Jocelyn Falempe <jfalempe(a)redhat.com>
drm/panic: Move drawing functions to drm_draw
José Expósito <jose.exposito89(a)gmail.com>
drm/tests: Fix endian warning
Waiman Long <longman(a)redhat.com>
cgroup/cpuset: Fix a partition error with CPU hotplug
Waiman Long <longman(a)redhat.com>
cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key
Fanhua Li <lifanhua5(a)huawei.com>
drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor().
Stefan Wahren <wahrenst(a)gmx.net>
spi: spi-fsl-lpspi: Clamp too high speed_hz
Tianxiang Peng <txpeng(a)tencent.com>
x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper
Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com>
iio: imu: inv_icm42600: change invalid data error to -EBUSY
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
iio: imu: inv_icm42600: Convert to uXX and sXX integer types
David Lechner <dlechner(a)baylibre.com>
iio: imu: inv_icm42600: use = { } instead of memset()
Jonathan Cameron <Jonathan.Cameron(a)huawei.com>
iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64
Jakub Kicinski <kuba(a)kernel.org>
tls: fix handling of zero-length records on the rx_list
Michal Suchanek <msuchanek(a)suse.de>
powerpc/boot: Fix build with gcc 15
NeilBrown <neil(a)brown.name>
ovl: use I_MUTEX_PARENT when locking parent in ovl_create_temp()
Imre Deak <imre.deak(a)intel.com>
drm/i915/icl+/tc: Cache the max lane count value
Jan Beulich <jbeulich(a)suse.com>
compiler: remove __ADDRESSABLE_ASM{_STR,}() again
Imre Deak <imre.deak(a)intel.com>
drm/i915/icl+/tc: Convert AUX powered WARN to a debug message
Pu Lehui <pulehui(a)huawei.com>
tracing: Limit access to parser->buffer when trace_get_user failed
Steven Rostedt <rostedt(a)goodmis.org>
tracing: Remove unneeded goto out logic
David Lechner <dlechner(a)baylibre.com>
iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read()
Jonathan Cameron <Jonathan.Cameron(a)huawei.com>
iio: light: as73211: Ensure buffer holes are zeroed
Jonathan Cameron <Jonathan.Cameron(a)huawei.com>
iio: light: Use aligned_s64 instead of open coding alignment.
Heikki Krogerus <heikki.krogerus(a)linux.intel.com>
usb: dwc3: pci: add support for the Intel Wildcat Lake
Selvarasu Ganesan <selvarasu.g(a)samsung.com>
usb: dwc3: Remove WARN_ON for device endpoint command timeouts
Kuen-Han Tsai <khtsai(a)google.com>
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Weitao Wang <WeitaoWang-oc(a)zhaoxin.com>
usb: xhci: Fix slot_id resource race conflict
Amit Sunil Dhamne <amitsd(a)google.com>
usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean
Amit Sunil Dhamne <amitsd(a)google.com>
usb: typec: maxim_contaminant: disable low power mode when reading comparator values
Zenm Chen <zenmchen(a)gmail.com>
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Thorsten Blum <thorsten.blum(a)linux.dev>
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Mael GUERIN <mael.guerin(a)murena.io>
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Marek Vasut <marek.vasut+renesas(a)mailbox.org>
usb: renesas-xhci: Fix External ROM access timeouts
Xu Yang <xu.yang_2(a)nxp.com>
usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()
Edward Adam Davis <eadavis(a)qq.com>
comedi: pcl726: Prevent invalid irq number
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Make insn_rw_emulate_bits() do insn->n samples
Miao Li <limiao(a)kylinos.cn>
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
Thorsten Blum <thorsten.blum(a)linux.dev>
cdx: Fix off-by-one error in cdx_rpmsg_probe()
Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
kcov, usb: Don't disable interrupts in kcov_remote_start_usb_softirq()
Miaoqian Lin <linmq006(a)gmail.com>
most: core: Drop device reference after usage in get_channel()
David Lechner <dlechner(a)baylibre.com>
iio: proximity: isl29501: fix buffered read on big-endian systems
Salah Triki <salah.triki(a)gmail.com>
iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe()
Steven Rostedt <rostedt(a)goodmis.org>
ftrace: Also allocate and copy hash for reading of filter files
Xu Yilun <yilun.xu(a)linux.intel.com>
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Judith Mendez <jm(a)ti.com>
mmc: sdhci_am654: Disable HS400 for AM62P SR1.0 and SR1.1
Imre Deak <imre.deak(a)intel.com>
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
cpuidle: governors: menu: Avoid selecting states with too much latency
Christian Loehle <christian.loehle(a)arm.com>
cpuidle: menu: Remove iowait influence
Al Viro <viro(a)zeniv.linux.org.uk>
use uniform permission checks for all mount propagation changes
Ye Bin <yebin10(a)huawei.com>
fs/buffer: fix use-after-free when call bh_read() helper
Stefan Metzmacher <metze(a)samba.org>
smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy()
Charalampos Mitrodimas <charmitro(a)posteo.net>
debugfs: fix mount options not being applied
Judith Mendez <jm(a)ti.com>
arm64: dts: ti: k3-am62*: Move eMMC pinmux to top level board file
Judith Mendez <jm(a)ti.com>
arm64: dts: ti: k3-am6*: Remove disable-wp for eMMC
Judith Mendez <jm(a)ti.com>
arm64: dts: ti: k3-am62*: Add non-removable flag for eMMC
Judith Mendez <jm(a)ti.com>
arm64: dts: ti: k3-am6*: Add boot phase flag to support MMC boot
Naohiro Aota <naohiro.aota(a)wdc.com>
btrfs: subpage: keep TOWRITE tag until folio is cleaned
Baokun Li <libaokun1(a)huawei.com>
ext4: preserve SB_I_VERSION on remount
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad7173: fix setting ODR in probe
Geraldo Nascimento <geraldogabriel(a)gmail.com>
PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining
Geraldo Nascimento <geraldogabriel(a)gmail.com>
PCI: rockchip: Use standard PCIe definitions
Richard Zhu <hongxing.zhu(a)nxp.com>
PCI: imx6: Add IMX8MQ_EP third 64-bit BAR in epc_features
Frank Li <Frank.Li(a)nxp.com>
PCI: imx6: Add i.MX8Q PCIe Endpoint (EP) support
Simon Richter <Simon.Richter(a)hogyros.de>
Mark xe driver as BROKEN if kernel page size is not 4kB
Geliang Tang <geliang(a)kernel.org>
mptcp: disable add_addr retransmission when timeout is 0
Geliang Tang <geliang(a)kernel.org>
mptcp: remove duplicate sk_reset_timer call
Dan Carpenter <dan.carpenter(a)linaro.org>
soc: qcom: mdt_loader: Fix error return values in mdt_header_valid()
Mike Christie <michael.christie(a)oracle.com>
scsi: core: Fix command pass through retry regression
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix DP audio DTO1 clock source on DCE 6.
Tom Chung <chiahsuan.chung(a)amd.com>
drm/amd/display: Fix Xorg desktop unresponsive on Replay panel
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Don't overclock DCE 6 by 15%
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd/display: Avoid a NULL pointer dereference
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu/swm14: Update power limit logic
Thorsten Blum <thorsten.blum(a)linux.dev>
accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc()
Keith Busch <kbusch(a)kernel.org>
kvm: retry nx_huge_page_recovery_thread creation
Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com>
platform/x86/intel-uncore-freq: Check write blocked for ELC
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/sclp: Fix SCCB present check
Zhu Yanjun <yanjun.zhu(a)linux.dev>
RDMA/rxe: Flush delayed SKBs while releasing RXE resources
Evgeniy Harchenko <evgeniyharchenko.dev(a)gmail.com>
ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6
Jinjiang Tu <tujinjiang(a)huawei.com>
mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
Herton R. Krzesinski <herton(a)redhat.com>
mm/debug_vm_pgtable: clear page table entries at destroy_args()
Phillip Lougher <phillip(a)squashfs.org.uk>
squashfs: fix memory leak in squashfs_fill_super
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix a race when updating an existing write
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER
Jiayi Li <lijiayi(a)kylinos.cn>
memstick: Fix deadlock by moving removing flag earlier
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: Add a new function to simplify the code
Nicolin Chen <nicolinc(a)nvidia.com>
iommu/arm-smmu-v3: Fix smmu_domain->nr_ats_masters decrement
Dominique Martinet <asmadeus(a)codewreck.org>
iov_iter: iterate_folioq: fix handling of offset >= folio size
Jens Axboe <axboe(a)kernel.dk>
io_uring/futex: ensure io_futex_wait() cleans up properly on failure
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Revert "can: ti_hecc: fix -Woverflow compiler warning"
Andrea Righi <arighi(a)nvidia.com>
sched_ext: initialize built-in idle state before ops.init()
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-scsi: Return aborted command when missing sense and result TF
Jens Axboe <axboe(a)kernel.dk>
io_uring/net: commit partial buffers on retry
David Howells <dhowells(a)redhat.com>
netfs: Fix unbuffered write error handling
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: make fs_path_len() inline and constify its argument
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: use fallocate for hole punching with send stream v2
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: avoid path allocation for the current inode when issuing commands
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: keep the current inode's path cached
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: add and use helper to rename current inode when processing refs
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: only use boolean variables at process_recorded_refs()
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: factor out common logic when sending xattrs
Christoph Hellwig <hch(a)lst.de>
xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags
Naohiro Aota <naohiro.aota(a)wdc.com>
btrfs: zoned: requeue to unused block group list if zone finish failed
Boris Burkov <boris(a)bur.io>
btrfs: codify pattern for adding block_group to bg_list
Boris Burkov <boris(a)bur.io>
btrfs: explicitly ref count block_group on new_bgs list
Filipe Manana <fdmanana(a)suse.com>
btrfs: abort transaction on unexpected eb generation at btrfs_copy_root()
Filipe Manana <fdmanana(a)suse.com>
btrfs: always abort transaction on failure to add block group to free space tree
David Sterba <dsterba(a)suse.com>
btrfs: move transaction aborts to the error site in add_block_group_free_space()
Filipe Manana <fdmanana(a)suse.com>
btrfs: qgroup: fix race between quota disable and quota rescan ioctl
David Sterba <dsterba(a)suse.com>
btrfs: qgroup: drop unused parameter fs_info from __del_qgroup_rb()
Sebastian Reichel <sebastian.reichel(a)collabora.com>
usb: typec: fusb302: cache PD RX state
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
USB: typec: Use str_enable_disable-like helpers
Tom Lendacky <thomas.lendacky(a)amd.com>
x86/sev: Ensure SVSM reserved fields in a page validation entry are initialized to zero
SeongJae Park <sj(a)kernel.org>
mm/damon/ops-common: ignore migration request to invalid nodes
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
selftests: mptcp: pm: check flush doesn't reset limits
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
mptcp: pm: kernel: flush: do not reset ADD_ADDR limit
Christoph Paasch <cpaasch(a)openai.com>
mptcp: drop skb if MPTCP skb extension allocation fails
Chen Yu <yu.c.chen(a)intel.com>
ACPI: pfr_update: Fix the driver update version check
Eric Biggers <ebiggers(a)kernel.org>
ipv6: sr: Fix MAC comparison to be constant-time
Andrea Righi <arighi(a)nvidia.com>
sched/ext: Fix invalid task state transitions on class switch
Jakub Acs <acsjakub(a)amazon.de>
net, hsr: reject HSR frame if skb can't hold tag
Bibo Mao <maobibo(a)loongson.cn>
LoongArch: KVM: Make function kvm_own_lbt() robust
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Don't overwrite dce60_clk_mgr
Siyang Liu <Security(a)tencent.com>
drm/amd/display: fix a Null pointer dereference vulnerability
Michel Dänzer <mdaenzer(a)redhat.com>
drm/amd/display: Add primary plane to commits for correct VRR handling
Amber Lin <Amber.Lin(a)amd.com>
drm/amdkfd: Destroy KFD debugfs after destroy KFD wq
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu: update mmhub 4.1.0 client id mappings
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu: update mmhub 3.0.1 client id mappings
Lijo Lazar <lijo.lazar(a)amd.com>
drm/amdgpu: Update external revid for GC v9.5.0
Nathan Chancellor <nathan(a)kernel.org>
drm/amdgpu: Initialize data to NULL in imu_v12_0_program_rlc_ram()
Peter Shkenev <mustela(a)erminea.space>
drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities
Gang Ba <Gang.Ba(a)amd.com>
drm/amdgpu: Avoid extra evict-restore process.
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd: Restore cached power limit during resume
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu/discovery: fix fw based ip discovery
Ricardo Ribalda <ribalda(a)chromium.org>
media: venus: venc: Clamp param smaller than 1fps and bigger than 240
Ricardo Ribalda <ribalda(a)chromium.org>
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: protect against spurious interrupts during probe
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: hfi: explicitly release IRQ during teardown
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
media: venus: Fix MSM8998 frequency table
Vedang Nagar <quic_vnagar(a)quicinc.com>
media: venus: Add a check for packet size after reading from shared memory
Vladimir Zapolskiy <vladimir.zapolskiy(a)linaro.org>
media: qcom: camss: cleanup media device allocated resource on error path
Hans de Goede <hansg(a)kernel.org>
media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls
Mathis Foerst <mathis.foerst(a)mt.com>
media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval
Zhang Shurong <zhang_shurong(a)foxmail.com>
media: ov2659: Fix memory leaks in ov2659_probe()
Jacopo Mondi <jacopo.mondi(a)ideasonboard.com>
media: pisp_be: Fix pm_runtime underrun in probe
Gui-Dong Han <hanguidong02(a)gmail.com>
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Ludwig Disterhof <ludwig(a)disterhof.eu>
media: usbtv: Lock resolution while streaming
Sakari Ailus <sakari.ailus(a)linux.intel.com>
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Nicolas Dufresne <nicolas.dufresne(a)collabora.com>
media: verisilicon: Fix AV1 decoder clock frequency
Hans Verkuil <hverkuil(a)xs4all.nl>
media: vivid: fix wrong pixel_array control size
Sakari Ailus <sakari.ailus(a)linux.intel.com>
media: ipu6: isys: Use correct pads for xlate_streams()
Haoxiang Li <haoxiang_li2024(a)163.com>
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
Bingbu Cao <bingbu.cao(a)intel.com>
media: hi556: correct the test pattern configuration
Dan Carpenter <dan.carpenter(a)linaro.org>
media: gspca: Add bounds checking to firmware parser
John David Anglin <dave.anglin(a)bell.net>
parisc: Update comments in make_insert_tlb
John David Anglin <dave.anglin(a)bell.net>
parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault()
John David Anglin <dave.anglin(a)bell.net>
parisc: Revise gateway LWS calls to probe user read access
John David Anglin <dave.anglin(a)bell.net>
parisc: Revise __get_user() to probe user read access
John David Anglin <dave.anglin(a)bell.net>
parisc: Rename pte_needs_flush() to pte_needs_cache_flush() in cache.c
Randy Dunlap <rdunlap(a)infradead.org>
parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers
John David Anglin <dave.anglin(a)bell.net>
parisc: Drop WARN_ON_ONCE() from flush_cache_vmap
John David Anglin <dave.anglin(a)bell.net>
parisc: Define and use set_pte_at()
John David Anglin <dave.anglin(a)bell.net>
parisc: Check region is readable by user in raw_copy_from_user()
Jon Hunter <jonathanh(a)nvidia.com>
soc/tegra: pmc: Ensure power-domains are in a known state
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
kbuild: userprogs: use correct linker when mixing clang and GNU ld
Baokun Li <libaokun1(a)huawei.com>
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in dnode page
Muhammad Usama Anjum <usama.anjum(a)collabora.com>
ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context
Xaver Hugl <xaver.hugl(a)kde.org>
amdgpu/amdgpu_discovery: increase timeout limit for IFWI init
Kathiravan Thirumoorthy <kathiravan.thirumoorthy(a)oss.qualcomm.com>
phy: qcom: phy-qcom-m31: Update IPQ5332 M31 USB phy initialization sequence
Will Deacon <will(a)kernel.org>
vhost/vsock: Avoid allocating arbitrarily-sized SKBs
Will Deacon <will(a)kernel.org>
vsock/virtio: Validate length in packet header before skb_put()
Richard Zhu <hongxing.zhu(a)nxp.com>
PCI: imx6: Delay link start until configfs 'start' written
Richard Zhu <hongxing.zhu(a)nxp.com>
PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset
Richard Zhu <hongxing.zhu(a)nxp.com>
PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group removal on driver teardown
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group list head handling
Lukas Wunner <lukas(a)wunner.de>
PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge
Chi Zhiling <chizhiling(a)kylinos.cn>
readahead: fix return value of page_cache_next_miss() when no hole is found
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: renesas: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: fsmc: Add missing check after DMA map
Gabor Juhos <j4g8y7(a)gmail.com>
mtd: spinand: propagate spinand_wait() errors from spinand_write_page()
Michael Walle <mwalle(a)kernel.org>
mtd: spi-nor: Fix spi_nor_try_unlock_all()
Tim Harvey <tharvey(a)gateworks.com>
hwmon: (gsc-hwmon) fix fan pwm setpoint show functions
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Fix duty and period setting
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Handle hardware enable and clock enable separately
Laurentiu Mihalcea <laurentiu.mihalcea(a)nxp.com>
pwm: imx-tpm: Reset counter if CMOD is 0
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix dest ring-buffer corruption when ring is full
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix source ring-buffer corruption
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix dest ring-buffer corruption
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath12k: fix dest ring-buffer corruption when ring is full
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath12k: fix source ring-buffer corruption
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath12k: fix dest ring-buffer corruption
Nathan Chancellor <nathan(a)kernel.org>
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad_sigma_delta: change to buffer predisable
David Lechner <dlechner(a)baylibre.com>
iio: imu: bno055: fix OOB access of hw_xlate array
Marek Szyprowski <m.szyprowski(a)samsung.com>
zynq_fpga: use sgtable-based scatterlist wrappers
Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com>
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Igor Pylypiv <ipylypiv(a)google.com>
ata: libata-scsi: Fix CDL control
Adrian Hunter <adrian.hunter(a)intel.com>
scsi: ufs: ufs-pci: Fix default runtime and system PM levels
Archana Patni <archana.patni(a)intel.com>
scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-scsi: Fix ata_to_sense_error() status handling
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: mpi3mr: Fix race between config read submit and interrupt completion
André Draszik <andre.draszik(a)linaro.org>
scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE
Macpaul Lin <macpaul.lin(a)mediatek.com>
scsi: dt-bindings: mediatek,ufs: Add ufs-disable-mcq flag for UFS host
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints
Helge Deller <deller(a)gmx.de>
apparmor: Fix 8-byte alignment for initial dfa blob streams
Emanuele Ghidoli <emanuele.ghidoli(a)toradex.com>
arm64: dts: ti: k3-am62-verdin: Enable pull-ups on I2C buses
Hong Guan <hguan(a)ti.com>
arm64: dts: ti: k3-am62a7-sk: fix pinmux for main_uart1
Peter Griffin <peter.griffin(a)linaro.org>
arm64: dts: exynos: gs101: ufs: add dma-coherent property
Alexander Sverdlin <alexander.sverdlin(a)siemens.com>
arm64: dts: ti: k3-pinctrl: Enable Schmitt Trigger by default
Judith Mendez <jm(a)ti.com>
arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support
Kyoji Ogasawara <sawara04.o(a)gmail.com>
btrfs: fix printing of mount info messages for NODATACOW/NODATASUM
Kyoji Ogasawara <sawara04.o(a)gmail.com>
btrfs: restore mount option info messages during mount
Kyoji Ogasawara <sawara04.o(a)gmail.com>
btrfs: fix incorrect log message for nobarrier mount option
Naohiro Aota <naohiro.aota(a)wdc.com>
btrfs: zoned: fix write time activation failure for metadata block group
Zhang Yi <yi.zhang(a)huawei.com>
ext4: fix hole length calculation overflow in non-extent inodes
Liao Yuanhong <liaoyuanhong(a)vivo.com>
ext4: use kmalloc_array() for array space allocation
Theodore Ts'o <tytso(a)mit.edu>
ext4: don't try to clear the orphan_present feature block device is r/o
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix reserved gdt blocks handling in fsmap
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix fsmap end of range reporting with bigalloc
Andreas Dilger <adilger(a)dilger.ca>
ext4: check fast symlink for ea_inode correctly
Masami Hiramatsu (Google) <mhiramat(a)kernel.org>
tracing: fprobe-event: Sanitize wildcard for fprobe event name
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: extend the connection limiting mechanism to support IPv6
Ziyan Xu <ziyan(a)securitygossip.com>
ksmbd: fix refcount leak causing resource not released
Helge Deller <deller(a)gmx.de>
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
Bharat Bhushan <bbhushan2(a)marvell.com>
crypto: octeontx2 - Fix address alignment on CN10KB and CN10KA-B0
Bharat Bhushan <bbhushan2(a)marvell.com>
crypto: octeontx2 - Fix address alignment on CN10K A0/A1 and OcteonTX2
Bharat Bhushan <bbhushan2(a)marvell.com>
crypto: octeontx2 - Fix address alignment issue on ucode loading
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - flush misc workqueue during device shutdown
John Ernberg <john.ernberg(a)actia.se>
crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - lower priority for skcipher and aead algorithms
Eric Biggers <ebiggers(a)kernel.org>
lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: defkeymap: Map keycodes above 127 to K_HOLE
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: keyboard: Don't process Unicode characters in K_OFF mode
Youssef Samir <quic_yabdulra(a)quicinc.com>
bus: mhi: host: Detect events pointing to unexpected TREs
Alexander Wilhelm <alexander.wilhelm(a)westermo.com>
bus: mhi: host: Fix endianness of BHI vector table
Johan Hovold <johan(a)kernel.org>
usb: dwc3: imx8mp: fix device leak at unbind
Johan Hovold <johan(a)kernel.org>
usb: dwc3: meson-g12a: fix device leaks at unbind
Johan Hovold <johan(a)kernel.org>
usb: musb: omap2430: fix device leak at unbind
Johan Hovold <johan(a)kernel.org>
usb: gadget: udc: renesas_usb3: fix device leak at unbind
Nathan Chancellor <nathan(a)kernel.org>
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
Finn Thain <fthain(a)linux-m68k.org>
m68k: Fix lost column on framebuffer debug console
Damien Le Moal <dlemoal(a)kernel.org>
dm: Check for forbidden splitting of zone write operations
Damien Le Moal <dlemoal(a)kernel.org>
dm: dm-crypt: Do not partially accept write BIOs with zoned targets
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
PM: runtime: Take active children into account in pm_runtime_get_if_in_use()
Tzung-Bi Shih <tzungbi(a)kernel.org>
platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister()
Dan Carpenter <dan.carpenter(a)linaro.org>
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
Damien Le Moal <dlemoal(a)kernel.org>
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
Yunhui Cui <cuiyunhui(a)bytedance.com>
serial: 8250: fix panic due to PSLVERR
-------------
Diffstat:
.../bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2 +-
.../display/sprd/sprd,sharkl3-dsi-host.yaml | 2 +-
.../devicetree/bindings/ufs/mediatek,ufs.yaml | 4 +
Documentation/networking/mptcp-sysctl.rst | 2 +
Makefile | 6 +-
arch/arm64/boot/dts/exynos/google/gs101.dtsi | 1 +
arch/arm64/boot/dts/ti/k3-am62-lp-sk.dts | 36 ++
arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1 -
arch/arm64/boot/dts/ti/k3-am62-phycore-som.dtsi | 1 -
arch/arm64/boot/dts/ti/k3-am62-verdin.dtsi | 12 +-
arch/arm64/boot/dts/ti/k3-am625-beagleplay.dts | 2 +-
arch/arm64/boot/dts/ti/k3-am625-sk.dts | 24 ++
arch/arm64/boot/dts/ti/k3-am62a-phycore-som.dtsi | 1 -
arch/arm64/boot/dts/ti/k3-am62a7-sk.dts | 7 +-
arch/arm64/boot/dts/ti/k3-am62p5-sk.dts | 2 +-
arch/arm64/boot/dts/ti/k3-am62x-sk-common.dtsi | 24 --
arch/arm64/boot/dts/ti/k3-am642-evm.dts | 1 -
arch/arm64/boot/dts/ti/k3-am654-base-board.dts | 1 -
.../dts/ti/k3-am6548-iot2050-advanced-common.dtsi | 1 -
arch/arm64/boot/dts/ti/k3-am69-sk.dts | 1 -
arch/arm64/boot/dts/ti/k3-pinctrl.h | 15 +-
arch/loongarch/kernel/module-sections.c | 38 +--
arch/loongarch/kvm/vcpu.c | 8 +-
arch/m68k/kernel/head.S | 31 +-
arch/mips/crypto/chacha-core.S | 20 +-
arch/parisc/Makefile | 4 +-
arch/parisc/include/asm/pgtable.h | 7 +-
arch/parisc/include/asm/special_insns.h | 28 ++
arch/parisc/include/asm/uaccess.h | 21 +-
arch/parisc/kernel/cache.c | 6 +-
arch/parisc/kernel/entry.S | 17 +-
arch/parisc/kernel/syscall.S | 30 +-
arch/parisc/lib/memcpy.c | 19 +-
arch/parisc/mm/fault.c | 4 +
arch/powerpc/boot/Makefile | 1 +
arch/s390/boot/vmem.c | 3 +
arch/s390/hypfs/hypfs_dbfs.c | 19 +-
arch/x86/coco/sev/shared.c | 3 +
arch/x86/include/asm/xen/hypercall.h | 5 +-
arch/x86/kernel/cpu/hygon.c | 3 +
arch/x86/kvm/mmu/mmu.c | 10 +-
drivers/accel/habanalabs/gaudi2/gaudi2.c | 2 +-
drivers/acpi/pfr_update.c | 2 +-
drivers/ata/Kconfig | 32 +-
drivers/ata/libata-scsi.c | 58 ++--
drivers/base/power/runtime.c | 27 +-
drivers/bluetooth/btmtk.c | 7 +-
drivers/bus/mhi/host/boot.c | 8 +-
drivers/bus/mhi/host/internal.h | 4 +-
drivers/bus/mhi/host/main.c | 12 +-
drivers/cdx/controller/cdx_rpmsg.c | 3 +-
drivers/comedi/comedi_fops.c | 5 +
drivers/comedi/drivers.c | 27 +-
drivers/comedi/drivers/pcl726.c | 3 +-
drivers/cpufreq/armada-8k-cpufreq.c | 2 +-
drivers/cpuidle/governors/menu.c | 101 ++----
drivers/crypto/caam/ctrl.c | 5 +-
drivers/crypto/caam/intern.h | 1 +
.../crypto/intel/qat/qat_common/adf_common_drv.h | 1 +
drivers/crypto/intel/qat/qat_common/adf_init.c | 1 +
drivers/crypto/intel/qat/qat_common/adf_isr.c | 5 +
drivers/crypto/intel/qat/qat_common/qat_algs.c | 12 +-
drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h | 125 +++++--
.../crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 35 +-
drivers/fpga/zynq-fpga.c | 10 +-
drivers/gpu/drm/Kconfig | 5 +
drivers/gpu/drm/Makefile | 1 +
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 5 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 76 +++--
drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6 +-
drivers/gpu/drm/amd/amdgpu/imu_v12_0.c | 2 +-
drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 ++--
drivers/gpu/drm/amd/amdgpu/mmhub_v4_1_0.c | 34 +-
drivers/gpu/drm/amd/amdgpu/soc15.c | 2 +
drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2 +-
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 +
.../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 28 ++
.../drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c | 2 +-
drivers/gpu/drm/amd/display/dc/bios/bios_parser.c | 5 +-
.../gpu/drm/amd/display/dc/bios/command_table.c | 2 +-
drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1 -
.../amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2 -
.../amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 ++-
.../amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 +-
drivers/gpu/drm/amd/display/dc/core/dc.c | 34 +-
.../gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 +
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6 +
.../gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c | 30 +-
drivers/gpu/drm/display/drm_dp_helper.c | 2 +-
drivers/gpu/drm/drm_draw.c | 155 +++++++++
drivers/gpu/drm/drm_draw_internal.h | 56 ++++
drivers/gpu/drm/drm_format_helper.c | 234 +++++++++----
drivers/gpu/drm/drm_format_internal.h | 127 ++++++++
drivers/gpu/drm/drm_panic.c | 269 ++-------------
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4 +-
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.h | 17 +-
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_i2c.c | 42 +--
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_vdac.c | 29 +-
drivers/gpu/drm/i915/display/intel_tc.c | 58 +++-
drivers/gpu/drm/nouveau/nvif/vmm.c | 3 +-
drivers/gpu/drm/tests/drm_format_helper_test.c | 176 +++++-----
drivers/gpu/drm/xe/Kconfig | 1 +
drivers/hwmon/gsc-hwmon.c | 4 +-
drivers/iio/adc/ad7173.c | 3 +-
drivers/iio/adc/ad_sigma_delta.c | 4 +-
drivers/iio/imu/bno055/bno055.c | 11 +-
drivers/iio/imu/inv_icm42600/inv_icm42600.h | 8 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 33 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.c | 22 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.h | 10 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 6 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 43 ++-
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 12 +-
drivers/iio/light/adjd_s311.c | 2 +-
drivers/iio/light/as73211.c | 4 +-
drivers/iio/light/bh1745.c | 2 +-
drivers/iio/light/isl29125.c | 2 +-
drivers/iio/light/ltr501.c | 2 +-
drivers/iio/light/max44000.c | 2 +-
drivers/iio/light/rohm-bu27034.c | 2 +-
drivers/iio/light/rpr0521.c | 2 +-
drivers/iio/light/st_uvis25.h | 2 +-
drivers/iio/light/tcs3414.c | 2 +-
drivers/iio/light/tcs3472.c | 2 +-
drivers/iio/pressure/bmp280-core.c | 9 +-
drivers/iio/proximity/isl29501.c | 14 +-
drivers/iio/temperature/maxim_thermocouple.c | 26 +-
drivers/infiniband/hw/bnxt_re/ib_verbs.c | 8 +-
drivers/infiniband/hw/bnxt_re/main.c | 23 ++
drivers/infiniband/hw/bnxt_re/qplib_fp.c | 30 +-
drivers/infiniband/hw/bnxt_re/qplib_fp.h | 2 -
drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 +
drivers/infiniband/hw/erdma/erdma_verbs.c | 4 +-
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 6 +-
drivers/infiniband/hw/hns/hns_roce_restrack.c | 9 +-
drivers/infiniband/sw/rxe/rxe_net.c | 29 +-
drivers/infiniband/sw/rxe/rxe_qp.c | 2 +-
drivers/iommu/amd/init.c | 4 +-
drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 2 +-
drivers/md/dm-crypt.c | 47 ++-
drivers/md/dm.c | 17 +-
drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 +-
drivers/media/i2c/hi556.c | 26 +-
drivers/media/i2c/mt9m114.c | 8 -
drivers/media/i2c/ov2659.c | 3 +-
drivers/media/pci/intel/ipu6/ipu6-isys-csi2.c | 12 +-
drivers/media/pci/intel/ivsc/mei_ace.c | 2 +
drivers/media/pci/intel/ivsc/mei_csi.c | 2 +
drivers/media/platform/qcom/camss/camss.c | 4 +-
drivers/media/platform/qcom/venus/core.c | 18 +-
drivers/media/platform/qcom/venus/core.h | 2 +
drivers/media/platform/qcom/venus/hfi_venus.c | 5 +
drivers/media/platform/qcom/venus/vdec.c | 5 +-
drivers/media/platform/qcom/venus/venc.c | 5 +-
drivers/media/platform/raspberrypi/pisp_be/Kconfig | 1 +
.../media/platform/raspberrypi/pisp_be/pisp_be.c | 5 +-
.../media/platform/verisilicon/rockchip_vpu_hw.c | 9 -
drivers/media/test-drivers/vivid/vivid-ctrls.c | 3 +-
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4 +-
drivers/media/usb/gspca/vicam.c | 10 +-
drivers/media/usb/usbtv/usbtv-video.c | 4 +
drivers/media/v4l2-core/v4l2-ctrls-core.c | 1 -
drivers/memstick/core/memstick.c | 1 -
drivers/memstick/host/rtsx_usb_ms.c | 1 +
drivers/mmc/host/sdhci-pci-gli.c | 37 ++-
drivers/mmc/host/sdhci_am654.c | 18 +
drivers/most/core.c | 2 +-
drivers/mtd/nand/raw/fsmc_nand.c | 2 +
drivers/mtd/nand/raw/renesas-nand-controller.c | 6 +
drivers/mtd/nand/spi/core.c | 5 +-
drivers/mtd/spi-nor/swp.c | 19 +-
drivers/net/bonding/bond_3ad.c | 67 +++-
drivers/net/bonding/bond_options.c | 1 +
drivers/net/can/ti_hecc.c | 2 +-
drivers/net/dsa/microchip/ksz_common.c | 6 +
drivers/net/ethernet/google/gve/gve_main.c | 2 +
drivers/net/ethernet/intel/igc/igc_main.c | 14 +-
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 +-
.../net/ethernet/marvell/octeontx2/af/rvu_npc_fs.c | 4 +-
drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2 +
drivers/net/ethernet/mellanox/mlx5/core/en/dcbnl.h | 1 -
.../ethernet/mellanox/mlx5/core/en/port_buffer.c | 18 +-
drivers/net/ethernet/mellanox/mlx5/core/en_dcbnl.c | 12 +-
.../ethernet/mellanox/mlx5/core/esw/devlink_port.c | 4 +-
.../net/ethernet/mellanox/mlx5/core/mlx5_core.h | 87 +++++
drivers/net/ethernet/mellanox/mlx5/core/port.c | 40 +--
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 +
drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 +
drivers/net/ethernet/microchip/lan865x/lan865x.c | 21 ++
drivers/net/ethernet/realtek/rtase/rtase.h | 2 +-
drivers/net/ethernet/ti/icssg/icssg_prueth.c | 72 ++--
drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 8 +-
drivers/net/phy/mscc/mscc.h | 12 +
drivers/net/phy/mscc/mscc_main.c | 12 +
drivers/net/phy/mscc/mscc_ptp.c | 49 ++-
drivers/net/ppp/ppp_generic.c | 17 +-
drivers/net/usb/asix_devices.c | 2 +-
drivers/net/wireless/ath/ath11k/ce.c | 3 -
drivers/net/wireless/ath/ath11k/dp_rx.c | 3 -
drivers/net/wireless/ath/ath11k/hal.c | 33 +-
drivers/net/wireless/ath/ath12k/ce.c | 3 -
drivers/net/wireless/ath/ath12k/hal.c | 38 ++-
.../broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 +-
drivers/pci/controller/dwc/pci-imx6.c | 32 +-
drivers/pci/controller/pcie-rockchip-host.c | 49 +--
drivers/pci/controller/pcie-rockchip.h | 11 +-
drivers/pci/endpoint/pci-ep-cfs.c | 1 +
drivers/pci/endpoint/pci-epf-core.c | 2 +-
drivers/pci/pcie/portdrv.c | 2 +-
drivers/phy/qualcomm/phy-qcom-m31.c | 14 +-
drivers/platform/chrome/cros_ec.c | 3 +
.../intel/uncore-frequency/uncore-frequency-tpmi.c | 5 +
drivers/pwm/pwm-imx-tpm.c | 9 +
drivers/pwm/pwm-mediatek.c | 71 ++--
drivers/s390/char/sclp.c | 11 +-
drivers/scsi/mpi3mr/mpi3mr.h | 6 +-
drivers/scsi/mpi3mr/mpi3mr_fw.c | 17 +-
drivers/scsi/mpi3mr/mpi3mr_os.c | 2 +
drivers/scsi/qla4xxx/ql4_os.c | 2 +
drivers/scsi/scsi_lib.c | 3 +
drivers/soc/qcom/mdt_loader.c | 43 +++
drivers/soc/tegra/pmc.c | 51 +--
drivers/spi/spi-fsl-lpspi.c | 8 +-
drivers/staging/media/imx/imx-media-csc-scaler.c | 2 +-
drivers/tty/serial/8250/8250_port.c | 3 +-
drivers/tty/vt/defkeymap.c_shipped | 112 +++++++
drivers/tty/vt/keyboard.c | 2 +-
drivers/ufs/host/ufs-exynos.c | 4 +-
drivers/ufs/host/ufshcd-pci.c | 42 ++-
drivers/usb/atm/cxacru.c | 172 +++++-----
drivers/usb/core/hcd.c | 20 +-
drivers/usb/core/quirks.c | 1 +
drivers/usb/dwc3/dwc3-imx8mp.c | 7 +-
drivers/usb/dwc3/dwc3-meson-g12a.c | 3 +
drivers/usb/dwc3/dwc3-pci.c | 2 +
drivers/usb/dwc3/ep0.c | 20 +-
drivers/usb/dwc3/gadget.c | 19 +-
drivers/usb/gadget/udc/renesas_usb3.c | 1 +
drivers/usb/host/xhci-hub.c | 3 +-
drivers/usb/host/xhci-mem.c | 22 +-
drivers/usb/host/xhci-pci-renesas.c | 7 +-
drivers/usb/host/xhci-ring.c | 9 +-
drivers/usb/host/xhci.c | 21 +-
drivers/usb/host/xhci.h | 3 +-
drivers/usb/musb/omap2430.c | 14 +-
drivers/usb/storage/realtek_cr.c | 2 +-
drivers/usb/storage/unusual_devs.h | 29 ++
drivers/usb/typec/class.c | 7 +-
drivers/usb/typec/tcpm/fusb302.c | 32 +-
drivers/usb/typec/tcpm/maxim_contaminant.c | 58 ++++
.../usb/typec/tcpm/qcom/qcom_pmic_typec_pdphy.c | 3 +-
.../typec/tcpm/qcom/qcom_pmic_typec_pdphy_stub.c | 3 +-
drivers/usb/typec/tcpm/qcom/qcom_pmic_typec_port.c | 4 +-
drivers/usb/typec/tcpm/tcpci_maxim.h | 1 +
drivers/usb/typec/tcpm/tcpm.c | 7 +-
drivers/vhost/vsock.c | 6 +-
drivers/video/console/vgacon.c | 2 +-
fs/btrfs/block-group.c | 59 ++--
fs/btrfs/ctree.c | 9 +-
fs/btrfs/free-space-tree.c | 17 +-
fs/btrfs/qgroup.c | 38 ++-
fs/btrfs/send.c | 361 ++++++++++++---------
fs/btrfs/subpage.c | 19 +-
fs/btrfs/super.c | 13 +-
fs/btrfs/transaction.c | 1 +
fs/btrfs/zoned.c | 13 +-
fs/buffer.c | 2 +-
fs/debugfs/inode.c | 11 +-
fs/ext4/fsmap.c | 23 +-
fs/ext4/indirect.c | 4 +-
fs/ext4/inode.c | 2 +-
fs/ext4/orphan.c | 5 +-
fs/ext4/super.c | 8 +-
fs/f2fs/node.c | 10 +
fs/file.c | 75 ++---
fs/jbd2/checkpoint.c | 1 +
fs/namespace.c | 34 +-
fs/netfs/write_collect.c | 10 +-
fs/netfs/write_issue.c | 4 +-
fs/nfs/pagelist.c | 9 +-
fs/nfs/write.c | 29 +-
fs/overlayfs/copy_up.c | 2 +-
fs/smb/client/smb2ops.c | 2 +-
fs/smb/server/connection.c | 3 +-
fs/smb/server/connection.h | 7 +-
fs/smb/server/oplock.c | 13 +-
fs/smb/server/transport_rdma.c | 5 +-
fs/smb/server/transport_rdma.h | 4 +-
fs/smb/server/transport_tcp.c | 26 +-
fs/splice.c | 3 +
fs/squashfs/super.c | 14 +-
fs/xfs/xfs_itable.c | 6 +-
include/drm/drm_format_helper.h | 12 +
include/linux/call_once.h | 43 ++-
include/linux/compiler.h | 8 -
include/linux/iosys-map.h | 7 +-
include/linux/iov_iter.h | 20 +-
include/linux/kcov.h | 47 +--
include/linux/mlx5/mlx5_ifc.h | 14 +-
include/linux/mlx5/port.h | 83 -----
include/linux/netfs.h | 1 +
include/linux/nfs_page.h | 1 +
include/net/bond_3ad.h | 1 +
include/uapi/linux/pfrut.h | 1 +
io_uring/futex.c | 3 +
io_uring/net.c | 27 +-
kernel/cgroup/cpuset.c | 9 +-
kernel/sched/ext.c | 18 +-
kernel/trace/ftrace.c | 19 +-
kernel/trace/trace.c | 34 +-
kernel/trace/trace.h | 10 +-
mm/damon/paddr.c | 4 +
mm/debug_vm_pgtable.c | 9 +-
mm/filemap.c | 3 +-
mm/memory-failure.c | 8 +
net/bluetooth/hci_conn.c | 3 +-
net/bluetooth/hci_event.c | 8 +-
net/bluetooth/hci_sync.c | 19 +-
net/bridge/br_multicast.c | 16 +
net/bridge/br_private.h | 2 +
net/core/dev.c | 12 +
net/hsr/hsr_slave.c | 8 +-
net/ipv4/netfilter/nf_reject_ipv4.c | 6 +-
net/ipv6/netfilter/nf_reject_ipv6.c | 5 +-
net/ipv6/seg6_hmac.c | 6 +-
net/mptcp/options.c | 6 +-
net/mptcp/pm_netlink.c | 19 +-
net/sched/sch_cake.c | 14 +-
net/sched/sch_htb.c | 2 +-
net/smc/af_smc.c | 3 +-
net/tls/tls_sw.c | 7 +-
net/vmw_vsock/virtio_transport.c | 12 +-
rust/kernel/alloc/allocator.rs | 30 +-
rust/kernel/alloc/allocator_test.rs | 11 +
security/apparmor/lsm.c | 4 +-
sound/core/timer.c | 4 +-
sound/pci/hda/patch_realtek.c | 2 +
sound/soc/sof/amd/acp-loader.c | 6 +-
sound/usb/stream.c | 2 +-
sound/usb/validate.c | 2 +-
tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 +
341 files changed, 3816 insertions(+), 2245 deletions(-)
1 week, 6 days
- 12
- 334
[PATCH RFC] riscv: Do not handle break traps from kernel as nmi
by Alexandre Ghiti
kprobe has been broken on riscv for quite some time. There is an attempt
[1] to fix that which actually works. This patch works because it enables
ARCH_HAVE_NMI_SAFE_CMPXCHG and that makes the ring buffer allocation
succeed when handling a kprobe because we handle *all* kprobes in nmi
context. We do so because Peter advised us to treat all kernel traps as
nmi [2].
But that does not seem right for kprobe handling, so instead, treat
break traps from kernel as non-nmi.
Link: https://lore.kernel.org/linux-riscv/20250711090443.1688404-1-pulehui@huawei… [1]
Link: https://lore.kernel.org/linux-riscv/20250422094419.GC14170@noisy.programmin… [2]
Fixes: f0bddf50586d ("riscv: entry: Convert to generic entry")
Cc: stable(a)vger.kernel.org
Signed-off-by: Alexandre Ghiti <alexghiti(a)rivosinc.com>
---
This is clearly an RFC and this is likely not the right way to go, it is
just a way to trigger a discussion about if handling kprobes in an nmi
context is the right way or not.
---
arch/riscv/kernel/traps.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/riscv/kernel/traps.c b/arch/riscv/kernel/traps.c
index 80230de167def3c33db5bc190347ec5f87dbb6e3..90f36bb9b12d4ba0db0f084f87899156e3c7dc6f 100644
--- a/arch/riscv/kernel/traps.c
+++ b/arch/riscv/kernel/traps.c
@@ -315,11 +315,11 @@ asmlinkage __visible __trap_section void do_trap_break(struct pt_regs *regs)
local_irq_disable();
irqentry_exit_to_user_mode(regs);
} else {
- irqentry_state_t state = irqentry_nmi_enter(regs);
+ irqentry_state_t state = irqentry_enter(regs);
handle_break(regs);
- irqentry_nmi_exit(regs, state);
+ irqentry_exit(regs, state);
}
}
---
base-commit: ae9a687664d965b13eeab276111b2f97dd02e090
change-id: 20250903-dev-alex-break_nmi_v1-57c5321f3e80
Best regards,
--
Alexandre Ghiti <alexghiti(a)rivosinc.com>
1 week, 6 days
- 3
- 2
[PATCH v2] nvmem: layouts: fix automatic module loading
by Michael Walle
To support loading of a layout module automatically the MODALIAS
variable in the uevent is needed. Add it.
Fixes: fc29fd821d9a ("nvmem: core: Rework layouts to become regular devices")
Cc: stable(a)vger.kernel.org
Signed-off-by: Michael Walle <mwalle(a)kernel.org>
---
I'm still not sure if the sysfs modalias file is required or not. It
seems to work without it. I could't find any documentation about it.
v2:
- add Cc: stable
---
drivers/nvmem/layouts.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/drivers/nvmem/layouts.c b/drivers/nvmem/layouts.c
index 65d39e19f6ec..f381ce1e84bd 100644
--- a/drivers/nvmem/layouts.c
+++ b/drivers/nvmem/layouts.c
@@ -45,11 +45,24 @@ static void nvmem_layout_bus_remove(struct device *dev)
return drv->remove(layout);
}
+static int nvmem_layout_bus_uevent(const struct device *dev,
+ struct kobj_uevent_env *env)
+{
+ int ret;
+
+ ret = of_device_uevent_modalias(dev, env);
+ if (ret != ENODEV)
+ return ret;
+
+ return 0;
+}
+
static const struct bus_type nvmem_layout_bus_type = {
.name = "nvmem-layout",
.match = nvmem_layout_bus_match,
.probe = nvmem_layout_bus_probe,
.remove = nvmem_layout_bus_remove,
+ .uevent = nvmem_layout_bus_uevent,
};
int __nvmem_layout_driver_register(struct nvmem_layout_driver *drv,
--
2.39.5
1 week, 6 days
- 3
- 2
[PATCH 6.6 1/2] Revert "spi: cadence-quadspi: fix cleanup of rx_chan on failure paths"
by jinfeng.wang.cn@windriver.com
From: Jinfeng Wang <jinfeng.wang.cn(a)windriver.com>
This reverts commit 1af6d1696ca40b2d22889b4b8bbea616f94aaa84.
There is cadence-qspi ff8d2000.spi: Unbalanced pm_runtime_enable! error
without this revert.
After reverting commit cdfb20e4b34a ("spi: spi-cadence-quadspi: Fix pm runtime unbalance")
and commit 1af6d1696ca4 ("spi: cadence-quadspi: fix cleanup of rx_chan on failure paths"),
Unbalanced pm_runtime_enable! error does not appear.
These two commits are backported from upstream commit b07f349d1864 ("spi: spi-cadence-quadspi: Fix pm runtime unbalance")
and commit 04a8ff1bc351 ("spi: cadence-quadspi: fix cleanup of rx_chan on failure paths").
The commit 04a8ff1bc351 ("spi: cadence-quadspi: fix cleanup of rx_chan on failure paths")
fix commit b07f349d1864 ("spi: spi-cadence-quadspi: Fix pm runtime unbalance").
The commit b07f349d1864 ("spi: spi-cadence-quadspi: Fix pm runtime unbalance") fix
commit 86401132d7bb ("spi: spi-cadence-quadspi: Fix missing unwind goto warnings").
The commit 86401132d7bb ("spi: spi-cadence-quadspi: Fix missing unwind goto warnings") fix
commit 0578a6dbfe75 ("spi: spi-cadence-quadspi: add runtime pm support").
6.6.y only backport commit b07f349d1864 ("spi: spi-cadence-quadspi: Fix pm runtime unbalance")
and commit 04a8ff1bc351 ("spi: cadence-quadspi: fix cleanup of rx_chan on failure paths"),
but does not backport commit 0578a6dbfe75 ("spi: spi-cadence-quadspi: add runtime pm support")
and commit 86401132d7bb ("spi: spi-cadence-quadspi: Fix missing unwind goto warnings").
And the backport of commit b07f349d1864 ("spi: spi-cadence-quadspi: Fix pm runtime unbalance")
differs with the original patch. So there is Unbalanced pm_runtime_enable error.
If revert the backport for commit b07f349d1864 ("spi: spi-cadence-quadspi: Fix pm runtime unbalance")
and commit 04a8ff1bc351 ("spi: cadence-quadspi: fix cleanup of rx_chan on failure paths"), there is no error.
If backport commit 0578a6dbfe75 ("spi: spi-cadence-quadspi: add runtime pm support") and
commit 86401132d7bb ("spi: spi-cadence-quadspi: Fix missing unwind goto warnings"), there
is hang during booting. I didn't find the cause of the hang.
Since commit 0578a6dbfe75 ("spi: spi-cadence-quadspi: add runtime pm support") and
commit 86401132d7bb ("spi: spi-cadence-quadspi: Fix missing unwind goto warnings") are
not backported, commit b07f349d1864 ("spi: spi-cadence-quadspi: Fix pm runtime unbalance")
and commit 04a8ff1bc351 ("spi: cadence-quadspi: fix cleanup of rx_chan on failure paths") are not needed.
So revert commits commit cdfb20e4b34a ("spi: spi-cadence-quadspi: Fix pm runtime unbalance") and
commit 1af6d1696ca4 ("spi: cadence-quadspi: fix cleanup of rx_chan on failure paths").
Signed-off-by: Jinfeng Wang <jinfeng.wang.cn(a)windriver.com>
Signed-off-by: He Zhe <zhe.he(a)windriver.com>
---
Kernel builds successfully with patch.
Test enviroment overview:
Branch linux-6.6.y
Tree: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Hardware: compiled on X86 machine
GCC: gcc version 11.4.0 (Ubuntu~20.04)
commands: make clean;make allyesconfig;
no building error is seen
gcc version 11.4.0 (Ubuntu 11.4.0-1ubuntu1~22.04.2)
Hardware: compiled on socfpga stratix10 board
verified by check the dmesg log and bind/unbind spi
and no Unbalanced pm_runtime_enable! error is seen any more.
cmds:
dmesg | grep "Unbalanced pm_runtime_enable"
echo ff8d2000.spi > /sys/bus/platform/drivers/cadence-qspi/unbind
echo ff8d2000.spi > /sys/bus/platform/drivers/cadence-qspi/bind
---
drivers/spi/spi-cadence-quadspi.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/spi/spi-cadence-quadspi.c b/drivers/spi/spi-cadence-quadspi.c
index 7c17b8c0425e..9285a683324f 100644
--- a/drivers/spi/spi-cadence-quadspi.c
+++ b/drivers/spi/spi-cadence-quadspi.c
@@ -1870,6 +1870,11 @@ static int cqspi_probe(struct platform_device *pdev)
pm_runtime_enable(dev);
+ if (cqspi->rx_chan) {
+ dma_release_channel(cqspi->rx_chan);
+ goto probe_setup_failed;
+ }
+
ret = spi_register_controller(host);
if (ret) {
dev_err(&pdev->dev, "failed to register SPI ctlr %d\n", ret);
--
2.25.1
1 week, 6 days
- 3
- 3
[PATCH] drivers/misc/amd-sbi/Kconfig: select REGMAP_I2C
by Max Kellermann
Without CONFIG_REGMAP, rmi-i2c.c fails to build because struct
regmap_config is not defined:
drivers/misc/amd-sbi/rmi-i2c.c: In function ‘sbrmi_i2c_probe’:
drivers/misc/amd-sbi/rmi-i2c.c:57:16: error: variable ‘sbrmi_i2c_regmap_config’ has initializer but incomplete type
57 | struct regmap_config sbrmi_i2c_regmap_config = {
| ^~~~~~~~~~~~~
Additionally, CONFIG_REGMAP_I2C is needed for devm_regmap_init_i2c():
ld: drivers/misc/amd-sbi/rmi-i2c.o: in function `sbrmi_i2c_probe':
drivers/misc/amd-sbi/rmi-i2c.c:69:(.text+0x1c0): undefined reference to `__devm_regmap_init_i2c'
Fixes: 013f7e7131bd ("misc: amd-sbi: Use regmap subsystem")
Cc: stable(a)vger.kernel.org
Signed-off-by: Max Kellermann <max.kellermann(a)ionos.com>
---
drivers/misc/amd-sbi/Kconfig | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/misc/amd-sbi/Kconfig b/drivers/misc/amd-sbi/Kconfig
index 4840831c84ca..4aae0733d0fc 100644
--- a/drivers/misc/amd-sbi/Kconfig
+++ b/drivers/misc/amd-sbi/Kconfig
@@ -2,6 +2,7 @@
config AMD_SBRMI_I2C
tristate "AMD side band RMI support"
depends on I2C
+ select REGMAP_I2C
help
Side band RMI over I2C support for AMD out of band management.
--
2.47.2
2 weeks
- 2
- 1
[PATCH v2 RESEND] media: as102: fix to not free memory after the device is registered in as102_usb_probe()
by Jeongjun Park
In as102_usb driver, the following race condition occurs:
```
CPU0 CPU1
as102_usb_probe()
kzalloc(); // alloc as102_dev_t
....
usb_register_dev();
open("/path/to/dev"); // open as102 dev
....
usb_deregister_dev();
....
kfree(); // free as102_dev_t
....
close(fd);
as102_release() // UAF!!
as102_usb_release()
kfree(); // DFB!!
```
When a USB character device registered with usb_register_dev() is later
unregistered (via usb_deregister_dev() or disconnect), the device node is
removed so new open() calls fail. However, file descriptors that are
already open do not go away immediately: they remain valid until the last
reference is dropped and the driver's .release() is invoked.
In as102, as102_usb_probe() calls usb_register_dev() and then, on an
error path, does usb_deregister_dev() and frees as102_dev_t right away.
If userspace raced a successful open() before the deregistration, that
open FD will later hit as102_release() --> as102_usb_release() and access
or free as102_dev_t again, occur a race to use-after-free and
double-free vuln.
The fix is to never kfree(as102_dev_t) directly once usb_register_dev()
has succeeded. After deregistration, defer freeing memory to .release().
In other words, let release() perform the last kfree when the final open
FD is closed.
Cc: <stable(a)vger.kernel.org>
Reported-by: syzbot+47321e8fd5a4c84088db(a)syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=47321e8fd5a4c84088db
Fixes: cd19f7d3e39b ("[media] as102: fix leaks at failure paths in as102_usb_probe()")
Signed-off-by: Jeongjun Park <aha310510(a)gmail.com>
---
v2: Fix incorrect patch description style and CC stable mailing list
- Link to v1: https://lore.kernel.org/all/20250822143539.1157329-1-aha310510@gmail.com/
---
drivers/media/usb/as102/as102_usb_drv.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/media/usb/as102/as102_usb_drv.c b/drivers/media/usb/as102/as102_usb_drv.c
index e0ef66a522e2..abde5666b2ee 100644
--- a/drivers/media/usb/as102/as102_usb_drv.c
+++ b/drivers/media/usb/as102/as102_usb_drv.c
@@ -404,6 +404,7 @@ static int as102_usb_probe(struct usb_interface *intf,
as102_free_usb_stream_buffer(as102_dev);
failed_stream:
usb_deregister_dev(intf, &as102_usb_class_driver);
+ return ret;
failed:
usb_put_dev(as102_dev->bus_adap.usb_dev);
usb_set_intfdata(intf, NULL);
--
2 weeks
- 1
- 0
[PATCH v2 RESEND] media: hackrf: fix to not free memory after the device is registered in hackrf_probe()
by Jeongjun Park
In hackrf driver, the following race condition occurs:
```
CPU0 CPU1
hackrf_probe()
kzalloc(); // alloc hackrf_dev
....
v4l2_device_register();
....
open("/path/to/dev"); // open hackrf dev
....
v4l2_device_unregister();
....
kfree(); // free hackrf_dev
....
ioctl(fd, ...);
v4l2_ioctl();
video_is_registered() // UAF!!
....
close(fd);
v4l2_release() // UAF!!
hackrf_video_release()
kfree(); // DFB!!
```
When a V4L2 or video device is unregistered, the device node is removed so
new open() calls are blocked.
However, file descriptors that are already open-and any in-flight I/O-do
not terminate immediately; they remain valid until the last reference is
dropped and the driver's release() is invoked.
Therefore, freeing device memory on the error path after hackrf_probe()
has registered dev it will lead to a race to use-after-free vuln, since
those already-open handles haven't been released yet.
And since release() free memory too, race to use-after-free and
double-free vuln occur.
To prevent this, if device is registered from probe(), it should be
modified to free memory only through release() rather than calling
kfree() directly.
Cc: <stable(a)vger.kernel.org>
Reported-by: syzbot+6ffd76b5405c006a46b7(a)syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=6ffd76b5405c006a46b7
Reported-by: syzbot+f1b20958f93d2d250727(a)syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=f1b20958f93d2d250727
Fixes: 8bc4a9ed8504 ("[media] hackrf: add support for transmitter")
Signed-off-by: Jeongjun Park <aha310510(a)gmail.com>
---
v2: Fix incorrect patch description style and CC stable mailing list
- Link to v1: https://lore.kernel.org/all/20250822142729.1156816-1-aha310510@gmail.com/
---
drivers/media/usb/hackrf/hackrf.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/media/usb/hackrf/hackrf.c b/drivers/media/usb/hackrf/hackrf.c
index 0b50de8775a3..d7a84422193d 100644
--- a/drivers/media/usb/hackrf/hackrf.c
+++ b/drivers/media/usb/hackrf/hackrf.c
@@ -1515,6 +1515,8 @@ static int hackrf_probe(struct usb_interface *intf,
video_unregister_device(&dev->rx_vdev);
err_v4l2_device_unregister:
v4l2_device_unregister(&dev->v4l2_dev);
+ dev_dbg(&intf->dev, "failed=%d\n", ret);
+ return ret;
err_v4l2_ctrl_handler_free_tx:
v4l2_ctrl_handler_free(&dev->tx_ctrl_handler);
err_v4l2_ctrl_handler_free_rx:
--
2 weeks
- 1
- 0
[PATCH] perf/x86/intel: Fix KASAN global-out-of-bounds warning
by Dapeng Mi
When running "perf mem record" command on CWF, the below KASAN
global-out-of-bounds warning is seen.
196.273657] ==================================================================
[ 196.273662] BUG: KASAN: global-out-of-bounds in cmt_latency_data+0x176/0x1b0
[ 196.273669] Read of size 4 at addr ffffffffb721d000 by task dtlb/9850
[ 196.273676] CPU: 126 UID: 0 PID: 9850 Comm: dtlb Kdump: loaded Not tainted 6.17.0-rc3-2025-08-29-intel-next-34160-g316938187eb0 #1 PREEMPT(none)
[ 196.273680] Hardware name: Intel Corporation AvenueCity/AvenueCity, BIOS BHSDCRB1.IPC.3544.P83.2507110208 07/11/2025
[ 196.273682] Call Trace:
[ 196.273683] <NMI>
[ 196.273684] dump_stack_lvl+0x55/0x70
[ 196.273689] print_address_description.constprop.0+0x2c/0x3d0
[ 196.273694] ? cmt_latency_data+0x176/0x1b0
[ 196.273696] print_report+0xb4/0x270
[ 196.273699] ? kasan_addr_to_slab+0xd/0xa0
[ 196.273702] kasan_report+0xb8/0xf0
[ 196.273705] ? cmt_latency_data+0x176/0x1b0
[ 196.273707] cmt_latency_data+0x176/0x1b0
[ 196.273710] setup_arch_pebs_sample_data+0xf49/0x2560
[ 196.273713] intel_pmu_drain_arch_pebs+0x577/0xb00
[ 196.273716] ? __pfx_intel_pmu_drain_arch_pebs+0x10/0x10
[ 196.273719] ? perf_output_begin+0x3e4/0xa10
[ 196.273724] ? intel_pmu_drain_bts_buffer+0xc2/0x6a0
[ 196.273727] ? __pfx_intel_pmu_drain_bts_buffer+0x10/0x10
[ 196.273730] handle_pmi_common+0x6c4/0xc80
[ 196.273734] ? __pfx_handle_pmi_common+0x10/0x10
[ 196.273738] ? intel_bts_interrupt+0xd3/0x4d0
[ 196.273740] ? __pfx_intel_bts_interrupt+0x10/0x10
[ 196.273742] ? intel_pmu_lbr_enable_all+0x25/0x150
[ 196.273745] intel_pmu_handle_irq+0x388/0x700
[ 196.273748] perf_event_nmi_handler+0xff/0x150
[ 196.273751] nmi_handle.part.0+0xa8/0x2d0
[ 196.273755] ? perf_output_begin+0x3e9/0xa10
[ 196.273757] default_do_nmi+0x79/0x1a0
[ 196.273760] fred_exc_nmi+0x40/0x90
[ 196.273762] asm_fred_entrypoint_kernel+0x45/0x60
[ 196.273765] RIP: 0010:perf_output_begin+0x3e9/0xa10
[ 196.273768] Code: 54 24 1c 85 d2 0f 85 19 03 00 00 48 8b 44 24 18 48 c1 e8 03 42 0f b6 04 28 84 c0 74 08 3c 03 0f 8e 25 05 00 00 41 8b 44 24 18 <c1> e0 0c 48 98 48 83 e8 01 80 7c 24 2a 00 0f 85 f9 02 00 00 4c 29
[ 196.273770] RSP: 0018:ffffc9001cf575e8 EFLAGS: 00000246
[ 196.273774] RAX: 0000000000000080 RBX: ffff88c1a0f95028 RCX: 0000000000000004
[ 196.273775] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88c08c8f9408
[ 196.273777] RBP: 0000000000000028 R08: 0000000000000000 R09: ffffed18341f2a05
[ 196.273778] R10: ffff88c1a0f9502f R11: ffff88c1a0dbe1b8 R12: ffff88c1a0f95000
[ 196.273779] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc9001cf577e0
[ 196.273782] </NMI>
The issue is caused by below code in __grt_latency_data(). The code
tries to access x86_hybrid_pmu structure which doesn't exist on
non-hybrid platform like CWF.
WARN_ON_ONCE(hybrid_pmu(event->pmu)->pmu_type == hybrid_big)
So add is_hybrid() check before calling this WARN_ON_ONCE to fix the
global-out-of-bounds access issue.
Reported-by: Xudong Hao <xudong.hao(a)intel.com>
Cc: stable(a)vger.kernel.org
Fixes: 090262439f66 ("perf/x86/intel: Rename model-specific pebs_latency_data functions")
Signed-off-by: Dapeng Mi <dapeng1.mi(a)linux.intel.com>
---
arch/x86/events/intel/ds.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/events/intel/ds.c b/arch/x86/events/intel/ds.c
index c0b7ac1c7594..d1ac1f1ceee9 100644
--- a/arch/x86/events/intel/ds.c
+++ b/arch/x86/events/intel/ds.c
@@ -317,7 +317,7 @@ static u64 __grt_latency_data(struct perf_event *event, u64 status,
{
u64 val;
- WARN_ON_ONCE(hybrid_pmu(event->pmu)->pmu_type == hybrid_big);
+ WARN_ON_ONCE(is_hybrid() && hybrid_pmu(event->pmu)->pmu_type == hybrid_big);
dse &= PERF_PEBS_DATA_SOURCE_GRT_MASK;
val = hybrid_var(event->pmu, pebs_data_source)[dse];
base-commit: 16ed389227651330879e17bd83d43bd234006722
--
2.34.1
2 weeks
- 1
- 0
[merged mm-hotfixes-stable] mm-memory-failure-fix-redundant-updates-for-already-poisoned-pages.patch removed from -mm tree
by Andrew Morton
The quilt patch titled
Subject: mm/memory-failure: fix redundant updates for already poisoned pages
has been removed from the -mm tree. Its filename was
mm-memory-failure-fix-redundant-updates-for-already-poisoned-pages.patch
This patch was dropped because it was merged into the mm-hotfixes-stable branch
of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
------------------------------------------------------
From: Kyle Meyer <kyle.meyer(a)hpe.com>
Subject: mm/memory-failure: fix redundant updates for already poisoned pages
Date: Thu, 28 Aug 2025 13:38:20 -0500
Duplicate memory errors can be reported by multiple sources.
Passing an already poisoned page to action_result() causes issues:
* The amount of hardware corrupted memory is incorrectly updated.
* Per NUMA node MF stats are incorrectly updated.
* Redundant "already poisoned" messages are printed.
Avoid those issues by:
* Skipping hardware corrupted memory updates for already poisoned pages.
* Skipping per NUMA node MF stats updates for already poisoned pages.
* Dropping redundant "already poisoned" messages.
Make MF_MSG_ALREADY_POISONED consistent with other action_page_types and
make calls to action_result() consistent for already poisoned normal pages
and huge pages.
Link: https://lkml.kernel.org/r/aLCiHMy12Ck3ouwC@hpe.com
Fixes: b8b9488d50b7 ("mm/memory-failure: improve memory failure action_result messages")
Signed-off-by: Kyle Meyer <kyle.meyer(a)hpe.com>
Reviewed-by: Jiaqi Yan <jiaqiyan(a)google.com>
Acked-by: David Hildenbrand <david(a)redhat.com>
Reviewed-by: Jane Chu <jane.chu(a)oracle.com>
Acked-by: Miaohe Lin <linmiaohe(a)huawei.com>
Cc: Borislav Betkov <bp(a)alien8.de>
Cc: Kyle Meyer <kyle.meyer(a)hpe.com>
Cc: Liam Howlett <liam.howlett(a)oracle.com>
Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com>
Cc: "Luck, Tony" <tony.luck(a)intel.com>
Cc: Michal Hocko <mhocko(a)suse.com>
Cc: Mike Rapoport <rppt(a)kernel.org>
Cc: Naoya Horiguchi <nao.horiguchi(a)gmail.com>
Cc: Oscar Salvador <osalvador(a)suse.de>
Cc: Russ Anderson <russ.anderson(a)hpe.com>
Cc: Suren Baghdasaryan <surenb(a)google.com>
Cc: Vlastimil Babka <vbabka(a)suse.cz>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/memory-failure.c | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
--- a/mm/memory-failure.c~mm-memory-failure-fix-redundant-updates-for-already-poisoned-pages
+++ a/mm/memory-failure.c
@@ -956,7 +956,7 @@ static const char * const action_page_ty
[MF_MSG_BUDDY] = "free buddy page",
[MF_MSG_DAX] = "dax page",
[MF_MSG_UNSPLIT_THP] = "unsplit thp",
- [MF_MSG_ALREADY_POISONED] = "already poisoned",
+ [MF_MSG_ALREADY_POISONED] = "already poisoned page",
[MF_MSG_UNKNOWN] = "unknown page",
};
@@ -1349,9 +1349,10 @@ static int action_result(unsigned long p
{
trace_memory_failure_event(pfn, type, result);
- num_poisoned_pages_inc(pfn);
-
- update_per_node_mf_stats(pfn, result);
+ if (type != MF_MSG_ALREADY_POISONED) {
+ num_poisoned_pages_inc(pfn);
+ update_per_node_mf_stats(pfn, result);
+ }
pr_err("%#lx: recovery action for %s: %s\n",
pfn, action_page_types[type], action_name[result]);
@@ -2094,12 +2095,11 @@ retry:
*hugetlb = 0;
return 0;
} else if (res == -EHWPOISON) {
- pr_err("%#lx: already hardware poisoned\n", pfn);
if (flags & MF_ACTION_REQUIRED) {
folio = page_folio(p);
res = kill_accessing_process(current, folio_pfn(folio), flags);
- action_result(pfn, MF_MSG_ALREADY_POISONED, MF_FAILED);
}
+ action_result(pfn, MF_MSG_ALREADY_POISONED, MF_FAILED);
return res;
} else if (res == -EBUSY) {
if (!(flags & MF_NO_RETRY)) {
@@ -2285,7 +2285,6 @@ try_again:
goto unlock_mutex;
if (TestSetPageHWPoison(p)) {
- pr_err("%#lx: already hardware poisoned\n", pfn);
res = -EHWPOISON;
if (flags & MF_ACTION_REQUIRED)
res = kill_accessing_process(current, pfn, flags);
_
Patches currently in -mm which might be from kyle.meyer(a)hpe.com are
2 weeks
- 1
- 0
[merged mm-hotfixes-stable] s390-kexec-initialize-kexec_buf-struct.patch removed from -mm tree
by Andrew Morton
The quilt patch titled
Subject: s390: kexec: initialize kexec_buf struct
has been removed from the -mm tree. Its filename was
s390-kexec-initialize-kexec_buf-struct.patch
This patch was dropped because it was merged into the mm-hotfixes-stable branch
of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
------------------------------------------------------
From: Breno Leitao <leitao(a)debian.org>
Subject: s390: kexec: initialize kexec_buf struct
Date: Wed, 27 Aug 2025 03:42:23 -0700
The kexec_buf structure was previously declared without initialization.
commit bf454ec31add ("kexec_file: allow to place kexec_buf randomly")
added a field that is always read but not consistently populated by all
architectures. This un-initialized field will contain garbage.
This is also triggering a UBSAN warning when the uninitialized data was
accessed:
------------[ cut here ]------------
UBSAN: invalid-load in ./include/linux/kexec.h:210:10
load of value 252 is not a valid value for type '_Bool'
Zero-initializing kexec_buf at declaration ensures all fields are
cleanly set, preventing future instances of uninitialized memory being
used.
Link: https://lkml.kernel.org/r/20250827-kbuf_all-v1-3-1df9882bb01a@debian.org
Fixes: bf454ec31add ("kexec_file: allow to place kexec_buf randomly")
Signed-off-by: Breno Leitao <leitao(a)debian.org>
Cc: Albert Ou <aou(a)eecs.berkeley.edu>
Cc: Alexander Gordeev <agordeev(a)linux.ibm.com>
Cc: Alexandre Ghiti <alex(a)ghiti.fr>
Cc: Baoquan He <bhe(a)redhat.com>
Cc: Catalin Marinas <catalin.marinas(a)arm.com>
Cc: Christian Borntraeger <borntraeger(a)linux.ibm.com>
Cc: Coiby Xu <coxu(a)redhat.com>
Cc: Heiko Carstens <hca(a)linux.ibm.com>
Cc: Palmer Dabbelt <palmer(a)dabbelt.com>
Cc: Paul Walmsley <paul.walmsley(a)sifive.com>
Cc: Sven Schnelle <svens(a)linux.ibm.com>
Cc: Vasily Gorbik <gor(a)linux.ibm.com>
Cc: Will Deacon <will(a)kernel.org>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
arch/s390/kernel/kexec_elf.c | 2 +-
arch/s390/kernel/kexec_image.c | 2 +-
arch/s390/kernel/machine_kexec_file.c | 6 +++---
3 files changed, 5 insertions(+), 5 deletions(-)
--- a/arch/s390/kernel/kexec_elf.c~s390-kexec-initialize-kexec_buf-struct
+++ a/arch/s390/kernel/kexec_elf.c
@@ -16,7 +16,7 @@
static int kexec_file_add_kernel_elf(struct kimage *image,
struct s390_load_data *data)
{
- struct kexec_buf buf;
+ struct kexec_buf buf = {};
const Elf_Ehdr *ehdr;
const Elf_Phdr *phdr;
Elf_Addr entry;
--- a/arch/s390/kernel/kexec_image.c~s390-kexec-initialize-kexec_buf-struct
+++ a/arch/s390/kernel/kexec_image.c
@@ -16,7 +16,7 @@
static int kexec_file_add_kernel_image(struct kimage *image,
struct s390_load_data *data)
{
- struct kexec_buf buf;
+ struct kexec_buf buf = {};
buf.image = image;
--- a/arch/s390/kernel/machine_kexec_file.c~s390-kexec-initialize-kexec_buf-struct
+++ a/arch/s390/kernel/machine_kexec_file.c
@@ -129,7 +129,7 @@ static int kexec_file_update_purgatory(s
static int kexec_file_add_purgatory(struct kimage *image,
struct s390_load_data *data)
{
- struct kexec_buf buf;
+ struct kexec_buf buf = {};
int ret;
buf.image = image;
@@ -152,7 +152,7 @@ static int kexec_file_add_purgatory(stru
static int kexec_file_add_initrd(struct kimage *image,
struct s390_load_data *data)
{
- struct kexec_buf buf;
+ struct kexec_buf buf = {};
int ret;
buf.image = image;
@@ -184,7 +184,7 @@ static int kexec_file_add_ipl_report(str
{
__u32 *lc_ipl_parmblock_ptr;
unsigned int len, ncerts;
- struct kexec_buf buf;
+ struct kexec_buf buf = {};
unsigned long addr;
void *ptr, *end;
int ret;
_
Patches currently in -mm which might be from leitao(a)debian.org are
2 weeks
- 1
- 0
[merged mm-hotfixes-stable] riscv-kexec-initialize-kexec_buf-struct.patch removed from -mm tree
by Andrew Morton
The quilt patch titled
Subject: riscv: kexec: initialize kexec_buf struct
has been removed from the -mm tree. Its filename was
riscv-kexec-initialize-kexec_buf-struct.patch
This patch was dropped because it was merged into the mm-hotfixes-stable branch
of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
------------------------------------------------------
From: Breno Leitao <leitao(a)debian.org>
Subject: riscv: kexec: initialize kexec_buf struct
Date: Wed, 27 Aug 2025 03:42:22 -0700
The kexec_buf structure was previously declared without initialization.
commit bf454ec31add ("kexec_file: allow to place kexec_buf randomly")
added a field that is always read but not consistently populated by all
architectures. This un-initialized field will contain garbage.
This is also triggering a UBSAN warning when the uninitialized data was
accessed:
------------[ cut here ]------------
UBSAN: invalid-load in ./include/linux/kexec.h:210:10
load of value 252 is not a valid value for type '_Bool'
Zero-initializing kexec_buf at declaration ensures all fields are
cleanly set, preventing future instances of uninitialized memory being
used.
Link: https://lkml.kernel.org/r/20250827-kbuf_all-v1-2-1df9882bb01a@debian.org
Fixes: bf454ec31add ("kexec_file: allow to place kexec_buf randomly")
Signed-off-by: Breno Leitao <leitao(a)debian.org>
Cc: Albert Ou <aou(a)eecs.berkeley.edu>
Cc: Alexander Gordeev <agordeev(a)linux.ibm.com>
Cc: Alexandre Ghiti <alex(a)ghiti.fr>
Cc: Baoquan He <bhe(a)redhat.com>
Cc: Catalin Marinas <catalin.marinas(a)arm.com>
Cc: Christian Borntraeger <borntraeger(a)linux.ibm.com>
Cc: Coiby Xu <coxu(a)redhat.com>
Cc: Heiko Carstens <hca(a)linux.ibm.com>
Cc: Palmer Dabbelt <palmer(a)dabbelt.com>
Cc: Paul Walmsley <paul.walmsley(a)sifive.com>
Cc: Sven Schnelle <svens(a)linux.ibm.com>
Cc: Vasily Gorbik <gor(a)linux.ibm.com>
Cc: Will Deacon <will(a)kernel.org>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
arch/riscv/kernel/kexec_elf.c | 4 ++--
arch/riscv/kernel/kexec_image.c | 2 +-
arch/riscv/kernel/machine_kexec_file.c | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
--- a/arch/riscv/kernel/kexec_elf.c~riscv-kexec-initialize-kexec_buf-struct
+++ a/arch/riscv/kernel/kexec_elf.c
@@ -28,7 +28,7 @@ static int riscv_kexec_elf_load(struct k
int i;
int ret = 0;
size_t size;
- struct kexec_buf kbuf;
+ struct kexec_buf kbuf = {};
const struct elf_phdr *phdr;
kbuf.image = image;
@@ -66,7 +66,7 @@ static int elf_find_pbase(struct kimage
{
int i;
int ret;
- struct kexec_buf kbuf;
+ struct kexec_buf kbuf = {};
const struct elf_phdr *phdr;
unsigned long lowest_paddr = ULONG_MAX;
unsigned long lowest_vaddr = ULONG_MAX;
--- a/arch/riscv/kernel/kexec_image.c~riscv-kexec-initialize-kexec_buf-struct
+++ a/arch/riscv/kernel/kexec_image.c
@@ -41,7 +41,7 @@ static void *image_load(struct kimage *i
struct riscv_image_header *h;
u64 flags;
bool be_image, be_kernel;
- struct kexec_buf kbuf;
+ struct kexec_buf kbuf = {};
int ret;
/* Check Image header */
--- a/arch/riscv/kernel/machine_kexec_file.c~riscv-kexec-initialize-kexec_buf-struct
+++ a/arch/riscv/kernel/machine_kexec_file.c
@@ -261,7 +261,7 @@ int load_extra_segments(struct kimage *i
int ret;
void *fdt;
unsigned long initrd_pbase = 0UL;
- struct kexec_buf kbuf;
+ struct kexec_buf kbuf = {};
char *modified_cmdline = NULL;
kbuf.image = image;
_
Patches currently in -mm which might be from leitao(a)debian.org are
2 weeks
- 1
- 0
[merged mm-hotfixes-stable] arm64-kexec-initialize-kexec_buf-struct-in-load_other_segments.patch removed from -mm tree
by Andrew Morton
The quilt patch titled
Subject: arm64: kexec: initialize kexec_buf struct in load_other_segments()
has been removed from the -mm tree. Its filename was
arm64-kexec-initialize-kexec_buf-struct-in-load_other_segments.patch
This patch was dropped because it was merged into the mm-hotfixes-stable branch
of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
------------------------------------------------------
From: Breno Leitao <leitao(a)debian.org>
Subject: arm64: kexec: initialize kexec_buf struct in load_other_segments()
Date: Wed, 27 Aug 2025 03:42:21 -0700
Patch series "kexec: Fix invalid field access".
The kexec_buf structure was previously declared without initialization.
commit bf454ec31add ("kexec_file: allow to place kexec_buf randomly")
added a field that is always read but not consistently populated by all
architectures. This un-initialized field will contain garbage.
This is also triggering a UBSAN warning when the uninitialized data was
accessed:
------------[ cut here ]------------
UBSAN: invalid-load in ./include/linux/kexec.h:210:10
load of value 252 is not a valid value for type '_Bool'
Zero-initializing kexec_buf at declaration ensures all fields are cleanly
set, preventing future instances of uninitialized memory being used.
An initial fix was already landed for arm64[0], and this patchset fixes
the problem on the remaining arm64 code and on riscv, as raised by Mark.
Discussions about this problem could be found at[1][2].
This patch (of 3):
The kexec_buf structure was previously declared without initialization.
commit bf454ec31add ("kexec_file: allow to place kexec_buf randomly")
added a field that is always read but not consistently populated by all
architectures. This un-initialized field will contain garbage.
This is also triggering a UBSAN warning when the uninitialized data was
accessed:
------------[ cut here ]------------
UBSAN: invalid-load in ./include/linux/kexec.h:210:10
load of value 252 is not a valid value for type '_Bool'
Zero-initializing kexec_buf at declaration ensures all fields are
cleanly set, preventing future instances of uninitialized memory being
used.
Link: https://lkml.kernel.org/r/20250827-kbuf_all-v1-0-1df9882bb01a@debian.org
Link: https://lkml.kernel.org/r/20250827-kbuf_all-v1-1-1df9882bb01a@debian.org
Link: https://lore.kernel.org/all/20250826180742.f2471131255ec1c43683ea07@linux-f… [0]
Link: https://lore.kernel.org/all/oninomspajhxp4omtdapxnckxydbk2nzmrix7rggmpukpnz… [1]
Link: https://lore.kernel.org/all/20250826-akpm-v1-1-3c831f0e3799@debian.org/ [2]
Fixes: bf454ec31add ("kexec_file: allow to place kexec_buf randomly")
Signed-off-by: Breno Leitao <leitao(a)debian.org>
Acked-by: Baoquan He <bhe(a)redhat.com>
Cc: Albert Ou <aou(a)eecs.berkeley.edu>
Cc: Alexander Gordeev <agordeev(a)linux.ibm.com>
Cc: Alexandre Ghiti <alex(a)ghiti.fr>
Cc: Catalin Marinas <catalin.marinas(a)arm.com>
Cc: Christian Borntraeger <borntraeger(a)linux.ibm.com>
Cc: Coiby Xu <coxu(a)redhat.com>
Cc: Heiko Carstens <hca(a)linux.ibm.com>
Cc: Palmer Dabbelt <palmer(a)dabbelt.com>
Cc: Paul Walmsley <paul.walmsley(a)sifive.com>
Cc: Sven Schnelle <svens(a)linux.ibm.com>
Cc: Vasily Gorbik <gor(a)linux.ibm.com>
Cc: Will Deacon <will(a)kernel.org>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
arch/arm64/kernel/machine_kexec_file.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/arch/arm64/kernel/machine_kexec_file.c~arm64-kexec-initialize-kexec_buf-struct-in-load_other_segments
+++ a/arch/arm64/kernel/machine_kexec_file.c
@@ -94,7 +94,7 @@ int load_other_segments(struct kimage *i
char *initrd, unsigned long initrd_len,
char *cmdline)
{
- struct kexec_buf kbuf;
+ struct kexec_buf kbuf = {};
void *dtb = NULL;
unsigned long initrd_load_addr = 0, dtb_len,
orig_segments = image->nr_segments;
_
Patches currently in -mm which might be from leitao(a)debian.org are
2 weeks
- 1
- 0
[merged mm-hotfixes-stable] mm-damon-reclaim-avoid-divide-by-zero-in-damon_reclaim_apply_parameters.patch removed from -mm tree
by Andrew Morton
The quilt patch titled
Subject: mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters()
has been removed from the -mm tree. Its filename was
mm-damon-reclaim-avoid-divide-by-zero-in-damon_reclaim_apply_parameters.patch
This patch was dropped because it was merged into the mm-hotfixes-stable branch
of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
------------------------------------------------------
From: Quanmin Yan <yanquanmin1(a)huawei.com>
Subject: mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters()
Date: Wed, 27 Aug 2025 19:58:58 +0800
When creating a new scheme of DAMON_RECLAIM, the calculation of
'min_age_region' uses 'aggr_interval' as the divisor, which may lead to
division-by-zero errors. Fix it by directly returning -EINVAL when such a
case occurs.
Link: https://lkml.kernel.org/r/20250827115858.1186261-3-yanquanmin1@huawei.com
Fixes: f5a79d7c0c87 ("mm/damon: introduce struct damos_access_pattern")
Signed-off-by: Quanmin Yan <yanquanmin1(a)huawei.com>
Reviewed-by: SeongJae Park <sj(a)kernel.org>
Cc: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Cc: ze zuo <zuoze1(a)huawei.com>
Cc: <stable(a)vger.kernel.org> [6.1+]
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/damon/reclaim.c | 5 +++++
1 file changed, 5 insertions(+)
--- a/mm/damon/reclaim.c~mm-damon-reclaim-avoid-divide-by-zero-in-damon_reclaim_apply_parameters
+++ a/mm/damon/reclaim.c
@@ -194,6 +194,11 @@ static int damon_reclaim_apply_parameter
if (err)
return err;
+ if (!damon_reclaim_mon_attrs.aggr_interval) {
+ err = -EINVAL;
+ goto out;
+ }
+
err = damon_set_attrs(param_ctx, &damon_reclaim_mon_attrs);
if (err)
goto out;
_
Patches currently in -mm which might be from yanquanmin1(a)huawei.com are
mm-damon-add-damon_ctx-min_sz_region.patch
2 weeks
- 1
- 0
[merged mm-hotfixes-stable] mm-damon-lru_sort-avoid-divide-by-zero-in-damon_lru_sort_apply_parameters.patch removed from -mm tree
by Andrew Morton
The quilt patch titled
Subject: mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters()
has been removed from the -mm tree. Its filename was
mm-damon-lru_sort-avoid-divide-by-zero-in-damon_lru_sort_apply_parameters.patch
This patch was dropped because it was merged into the mm-hotfixes-stable branch
of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
------------------------------------------------------
From: Quanmin Yan <yanquanmin1(a)huawei.com>
Subject: mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters()
Date: Wed, 27 Aug 2025 19:58:57 +0800
Patch series "mm/damon: avoid divide-by-zero in DAMON module's parameters
application".
DAMON's RECLAIM and LRU_SORT modules perform no validation on
user-configured parameters during application, which may lead to
division-by-zero errors.
Avoid the divide-by-zero by adding validation checks when DAMON modules
attempt to apply the parameters.
This patch (of 2):
During the calculation of 'hot_thres' and 'cold_thres', either
'sample_interval' or 'aggr_interval' is used as the divisor, which may
lead to division-by-zero errors. Fix it by directly returning -EINVAL
when such a case occurs. Additionally, since 'aggr_interval' is already
required to be set no smaller than 'sample_interval' in damon_set_attrs(),
only the case where 'sample_interval' is zero needs to be checked.
Link: https://lkml.kernel.org/r/20250827115858.1186261-2-yanquanmin1@huawei.com
Fixes: 40e983cca927 ("mm/damon: introduce DAMON-based LRU-lists Sorting")
Signed-off-by: Quanmin Yan <yanquanmin1(a)huawei.com>
Reviewed-by: SeongJae Park <sj(a)kernel.org>
Cc: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Cc: ze zuo <zuoze1(a)huawei.com>
Cc: <stable(a)vger.kernel.org> [6.0+]
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/damon/lru_sort.c | 5 +++++
1 file changed, 5 insertions(+)
--- a/mm/damon/lru_sort.c~mm-damon-lru_sort-avoid-divide-by-zero-in-damon_lru_sort_apply_parameters
+++ a/mm/damon/lru_sort.c
@@ -198,6 +198,11 @@ static int damon_lru_sort_apply_paramete
if (err)
return err;
+ if (!damon_lru_sort_mon_attrs.sample_interval) {
+ err = -EINVAL;
+ goto out;
+ }
+
err = damon_set_attrs(ctx, &damon_lru_sort_mon_attrs);
if (err)
goto out;
_
Patches currently in -mm which might be from yanquanmin1(a)huawei.com are
mm-damon-add-damon_ctx-min_sz_region.patch
2 weeks
- 1
- 0
[merged mm-hotfixes-stable] mm-damon-core-set-quota-charged_from-to-jiffies-at-first-charge-window.patch removed from -mm tree
by Andrew Morton
The quilt patch titled
Subject: mm/damon/core: set quota->charged_from to jiffies at first charge window
has been removed from the -mm tree. Its filename was
mm-damon-core-set-quota-charged_from-to-jiffies-at-first-charge-window.patch
This patch was dropped because it was merged into the mm-hotfixes-stable branch
of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
------------------------------------------------------
From: Sang-Heon Jeon <ekffu200098(a)gmail.com>
Subject: mm/damon/core: set quota->charged_from to jiffies at first charge window
Date: Fri, 22 Aug 2025 11:50:57 +0900
Kernel initializes the "jiffies" timer as 5 minutes below zero, as shown
in include/linux/jiffies.h
/*
* Have the 32 bit jiffies value wrap 5 minutes after boot
* so jiffies wrap bugs show up earlier.
*/
#define INITIAL_JIFFIES ((unsigned long)(unsigned int) (-300*HZ))
And jiffies comparison help functions cast unsigned value to signed to
cover wraparound
#define time_after_eq(a,b) \
(typecheck(unsigned long, a) && \
typecheck(unsigned long, b) && \
((long)((a) - (b)) >= 0))
When quota->charged_from is initialized to 0, time_after_eq() can
incorrectly return FALSE even after reset_interval has elapsed. This
occurs when (jiffies - reset_interval) produces a value with MSB=1, which
is interpreted as negative in signed arithmetic.
This issue primarily affects 32-bit systems because: On 64-bit systems:
MSB=1 values occur after ~292 million years from boot (assuming HZ=1000),
almost impossible.
On 32-bit systems: MSB=1 values occur during the first 5 minutes after
boot, and the second half of every jiffies wraparound cycle, starting from
day 25 (assuming HZ=1000)
When above unexpected FALSE return from time_after_eq() occurs, the
charging window will not reset. The user impact depends on esz value at
that time.
If esz is 0, scheme ignores configured quotas and runs without any limits.
If esz is not 0, scheme stops working once the quota is exhausted. It
remains until the charging window finally resets.
So, change quota->charged_from to jiffies at damos_adjust_quota() when it
is considered as the first charge window. By this change, we can avoid
unexpected FALSE return from time_after_eq()
Link: https://lkml.kernel.org/r/20250822025057.1740854-1-ekffu200098@gmail.com
Fixes: 2b8a248d5873 ("mm/damon/schemes: implement size quota for schemes application speed control") # 5.16
Signed-off-by: Sang-Heon Jeon <ekffu200098(a)gmail.com>
Reviewed-by: SeongJae Park <sj(a)kernel.org>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/damon/core.c | 4 ++++
1 file changed, 4 insertions(+)
--- a/mm/damon/core.c~mm-damon-core-set-quota-charged_from-to-jiffies-at-first-charge-window
+++ a/mm/damon/core.c
@@ -2111,6 +2111,10 @@ static void damos_adjust_quota(struct da
if (!quota->ms && !quota->sz && list_empty("a->goals))
return;
+ /* First charge window */
+ if (!quota->total_charged_sz && !quota->charged_from)
+ quota->charged_from = jiffies;
+
/* New charge window starts */
if (time_after_eq(jiffies, quota->charged_from +
msecs_to_jiffies(quota->reset_interval))) {
_
Patches currently in -mm which might be from ekffu200098(a)gmail.com are
mm-damon-update-expired-description-of-damos_action.patch
docs-mm-damon-design-fix-typo-s-sz_trtied-sz_tried.patch
selftests-damon-test-no-op-commit-broke-damon-status.patch
selftests-damon-test-no-op-commit-broke-damon-status-fix.patch
mm-damon-tests-core-kunit-add-damos_commit_filter-test.patch
2 weeks
- 1
- 0
[merged mm-hotfixes-stable] mm-hugetlb-add-missing-hugetlb_lock-in-__unmap_hugepage_range.patch removed from -mm tree
by Andrew Morton
The quilt patch titled
Subject: mm/hugetlb: add missing hugetlb_lock in __unmap_hugepage_range()
has been removed from the -mm tree. Its filename was
mm-hugetlb-add-missing-hugetlb_lock-in-__unmap_hugepage_range.patch
This patch was dropped because it was merged into the mm-hotfixes-stable branch
of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
------------------------------------------------------
From: Jeongjun Park <aha310510(a)gmail.com>
Subject: mm/hugetlb: add missing hugetlb_lock in __unmap_hugepage_range()
Date: Sun, 24 Aug 2025 03:21:15 +0900
When restoring a reservation for an anonymous page, we need to check to
freeing a surplus. However, __unmap_hugepage_range() causes data race
because it reads h->surplus_huge_pages without the protection of
hugetlb_lock.
And adjust_reservation is a boolean variable that indicates whether
reservations for anonymous pages in each folio should be restored.
Therefore, it should be initialized to false for each round of the loop.
However, this variable is not initialized to false except when defining
the current adjust_reservation variable.
This means that once adjust_reservation is set to true even once within
the loop, reservations for anonymous pages will be restored
unconditionally in all subsequent rounds, regardless of the folio's state.
To fix this, we need to add the missing hugetlb_lock, unlock the
page_table_lock earlier so that we don't lock the hugetlb_lock inside the
page_table_lock lock, and initialize adjust_reservation to false on each
round within the loop.
Link: https://lkml.kernel.org/r/20250823182115.1193563-1-aha310510@gmail.com
Fixes: df7a6d1f6405 ("mm/hugetlb: restore the reservation if needed")
Signed-off-by: Jeongjun Park <aha310510(a)gmail.com>
Reported-by: syzbot+417aeb05fd190f3a6da9(a)syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=417aeb05fd190f3a6da9
Reviewed-by: Sidhartha Kumar <sidhartha.kumar(a)oracle.com>
Cc: Breno Leitao <leitao(a)debian.org>
Cc: David Hildenbrand <david(a)redhat.com>
Cc: Muchun Song <muchun.song(a)linux.dev>
Cc: Oscar Salvador <osalvador(a)suse.de>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/hugetlb.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
--- a/mm/hugetlb.c~mm-hugetlb-add-missing-hugetlb_lock-in-__unmap_hugepage_range
+++ a/mm/hugetlb.c
@@ -5851,7 +5851,7 @@ void __unmap_hugepage_range(struct mmu_g
spinlock_t *ptl;
struct hstate *h = hstate_vma(vma);
unsigned long sz = huge_page_size(h);
- bool adjust_reservation = false;
+ bool adjust_reservation;
unsigned long last_addr_mask;
bool force_flush = false;
@@ -5944,6 +5944,7 @@ void __unmap_hugepage_range(struct mmu_g
sz);
hugetlb_count_sub(pages_per_huge_page(h), mm);
hugetlb_remove_rmap(folio);
+ spin_unlock(ptl);
/*
* Restore the reservation for anonymous page, otherwise the
@@ -5951,14 +5952,16 @@ void __unmap_hugepage_range(struct mmu_g
* If there we are freeing a surplus, do not set the restore
* reservation bit.
*/
+ adjust_reservation = false;
+
+ spin_lock_irq(&hugetlb_lock);
if (!h->surplus_huge_pages && __vma_private_lock(vma) &&
folio_test_anon(folio)) {
folio_set_hugetlb_restore_reserve(folio);
/* Reservation to be adjusted after the spin lock */
adjust_reservation = true;
}
-
- spin_unlock(ptl);
+ spin_unlock_irq(&hugetlb_lock);
/*
* Adjust the reservation for the region that will have the
_
Patches currently in -mm which might be from aha310510(a)gmail.com are
2 weeks
- 1
- 0
[merged mm-hotfixes-stable] mm-khugepaged-fix-the-address-passed-to-notifier-on-testing-young.patch removed from -mm tree
by Andrew Morton
The quilt patch titled
Subject: mm/khugepaged: fix the address passed to notifier on testing young
has been removed from the -mm tree. Its filename was
mm-khugepaged-fix-the-address-passed-to-notifier-on-testing-young.patch
This patch was dropped because it was merged into the mm-hotfixes-stable branch
of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
------------------------------------------------------
From: Wei Yang <richard.weiyang(a)gmail.com>
Subject: mm/khugepaged: fix the address passed to notifier on testing young
Date: Fri, 22 Aug 2025 06:33:18 +0000
Commit 8ee53820edfd ("thp: mmu_notifier_test_young") introduced
mmu_notifier_test_young(), but we are passing the wrong address.
In xxx_scan_pmd(), the actual iteration address is "_address" not
"address". We seem to misuse the variable on the very beginning.
Change it to the right one.
[akpm(a)linux-foundation.org fix whitespace, per everyone]
Link: https://lkml.kernel.org/r/20250822063318.11644-1-richard.weiyang@gmail.com
Fixes: 8ee53820edfd ("thp: mmu_notifier_test_young")
Signed-off-by: Wei Yang <richard.weiyang(a)gmail.com>
Reviewed-by: Dev Jain <dev.jain(a)arm.com>
Reviewed-by: Zi Yan <ziy(a)nvidia.com>
Acked-by: David Hildenbrand <david(a)redhat.com>
Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com>
Cc: Baolin Wang <baolin.wang(a)linux.alibaba.com>
Cc: Liam R. Howlett <Liam.Howlett(a)oracle.com>
Cc: Nico Pache <npache(a)redhat.com>
Cc: Ryan Roberts <ryan.roberts(a)arm.com>
Cc: Barry Song <baohua(a)kernel.org>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/khugepaged.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/mm/khugepaged.c~mm-khugepaged-fix-the-address-passed-to-notifier-on-testing-young
+++ a/mm/khugepaged.c
@@ -1417,8 +1417,8 @@ static int hpage_collapse_scan_pmd(struc
*/
if (cc->is_khugepaged &&
(pte_young(pteval) || folio_test_young(folio) ||
- folio_test_referenced(folio) || mmu_notifier_test_young(vma->vm_mm,
- address)))
+ folio_test_referenced(folio) ||
+ mmu_notifier_test_young(vma->vm_mm, _address)))
referenced++;
}
if (!writable) {
_
Patches currently in -mm which might be from richard.weiyang(a)gmail.com are
mm-rmap-do-__folio_mod_stat-in-__folio_add_rmap.patch
selftests-mm-do-check_huge_anon-with-a-number-been-passed-in.patch
mm-rmap-not-necessary-to-mask-off-folio_pages_mapped.patch
mm-rmap-use-folio_large_nr_pages-when-we-are-sure-it-is-a-large-folio.patch
selftests-mm-put-general-ksm-operation-into-vm_util.patch
selftests-mm-test-that-rmap-behave-as-expected.patch
mm-khugepaged-use-list_xxx-helper-to-improve-readability.patch
mm-page_alloc-use-xxx_pageblock_isolate-for-better-reading.patch
mm-pageblock-flags-remove-pb_migratetype_bits-pb_migrate_end.patch
mm-page_alloc-find_large_buddy-from-start_pfn-aligned-order.patch
mm-page_alloc-find_large_buddy-from-start_pfn-aligned-order-v2.patch
2 weeks
- 1
- 0
[alternative-merged] arm64-kexec-initialize-kexec_buf-struct-in-image_load.patch removed from -mm tree
by Andrew Morton
The quilt patch titled
Subject: arm64: kexec: initialize kexec_buf struct in image_load()
has been removed from the -mm tree. Its filename was
arm64-kexec-initialize-kexec_buf-struct-in-image_load.patch
This patch was dropped because an alternative patch was or shall be merged
------------------------------------------------------
From: Breno Leitao <leitao(a)debian.org>
Subject: arm64: kexec: initialize kexec_buf struct in image_load()
Date: Tue, 26 Aug 2025 05:08:51 -0700
The kexec_buf structure was previously declared without initialization in
image_load(). This led to a UBSAN warning when the structure was expanded
and uninitialized fields were accessed [1].
Zero-initializing kexec_buf at declaration ensures all fields are cleanly
set, preventing future instances of uninitialized memory being used.
Fixes this UBSAN warning:
[ 32.362488] UBSAN: invalid-load in ./include/linux/kexec.h:210:10
[ 32.362649] load of value 252 is not a valid value for type '_Bool'
Andrew Morton suggested that this function is only called 3x a week[2],
thus, the memset() cost is inexpensive.
Link: https://lore.kernel.org/all/oninomspajhxp4omtdapxnckxydbk2nzmrix7rggmpukpnz… [1]
Link: https://lore.kernel.org/all/20250825180531.94bfb86a26a43127c0a1296f@linux-f… [2]
Link: https://lkml.kernel.org/r/20250826-akpm-v1-1-3c831f0e3799@debian.org
Fixes: bf454ec31add ("kexec_file: allow to place kexec_buf randomly")
Signed-off-by: Breno Leitao <leitao(a)debian.org>
Suggested-by: Andrew Morton <akpm(a)linux-foundation.org>
Cc: Mark Rutland <mark.rutland(a)arm.com>
Cc: Baoquan He <bhe(a)redhat.com>
Cc: Coiby Xu <coxu(a)redhat.com>
Cc: "Daniel P. Berrange" <berrange(a)redhat.com>
Cc: Dave Hansen <dave.hansen(a)intel.com>
Cc: Dave Young <dyoung(a)redhat.com>
Cc: Kairui Song <ryncsn(a)gmail.com>
Cc: Liu Pingfan <kernelfans(a)gmail.com>
Cc: Milan Broz <gmazyland(a)gmail.com>
Cc: Ondrej Kozina <okozina(a)redhat.com>
Cc: Vitaly Kuznetsov <vkuznets(a)redhat.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
arch/arm64/kernel/kexec_image.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/arch/arm64/kernel/kexec_image.c~arm64-kexec-initialize-kexec_buf-struct-in-image_load
+++ a/arch/arm64/kernel/kexec_image.c
@@ -41,7 +41,7 @@ static void *image_load(struct kimage *i
struct arm64_image_header *h;
u64 flags, value;
bool be_image, be_kernel;
- struct kexec_buf kbuf;
+ struct kexec_buf kbuf = {};
unsigned long text_offset, kernel_segment_number;
struct kexec_segment *kernel_segment;
int ret;
_
Patches currently in -mm which might be from leitao(a)debian.org are
arm64-kexec-initialize-kexec_buf-struct-in-load_other_segments.patch
riscv-kexec-initialize-kexec_buf-struct.patch
s390-kexec-initialize-kexec_buf-struct.patch
2 weeks
- 1
- 0
[PATCH v7 03/12] i2c: rtl9300: remove broken SMBus Quick operation support
by Jonas Jelonek
Remove the SMBus Quick operation from this driver because it is not
natively supported by the hardware and is wrongly implemented in the
driver.
The I2C controllers in Realtek RTL9300 and RTL9310 are SMBus-compliant
but there doesn't seem to be native support for the SMBus Quick
operation. It is not explicitly mentioned in the documentation but
looking at the registers which configure an SMBus transaction, one can
see that the data length cannot be set to 0. This suggests that the
hardware doesn't allow any SMBus message without data bytes (except for
those it does on it's own, see SMBus Block Read).
The current implementation of SMBus Quick operation passes a length of
0 (which is actually invalid). Before the fix of a bug in a previous
commit, this led to a read operation of 16 bytes from any register (the
one of a former transaction or any other value.
This caused issues like soft-bricked SFP modules after a simple probe
with i2cdetect which uses Quick by default. Running this with SFP
modules whose EEPROM isn't write-protected, some of the initial bytes
are overwritten because a 16-byte write operation is executed instead of
a Quick Write. (This temporarily soft-bricked one of my DAC cables.)
Because SMBus Quick operation is obviously not supported on these
controllers (because a length of 0 cannot be set, even when no register
address is set), remove that instead of claiming there is support. There
also shouldn't be any kind of emulated 'Quick' which just does another
kind of operation in the background. Otherwise, specific issues occur
in case of a 'Quick' Write which actually writes unknown data to an
unknown register.
Fixes: c366be720235 ("i2c: Add driver for the RTL9300 I2C controller")
Cc: <stable(a)vger.kernel.org> # v6.13+
Signed-off-by: Jonas Jelonek <jelonek.jonas(a)gmail.com>
Tested-by: Sven Eckelmann <sven(a)narfation.org>
Reviewed-by: Chris Packham <chris.packham(a)alliedtelesis.co.nz>
Tested-by: Chris Packham <chris.packham(a)alliedtelesis.co.nz> # On RTL9302C based board
Tested-by: Markus Stockhausen <markus.stockhausen(a)gmx.de>
---
drivers/i2c/busses/i2c-rtl9300.c | 15 +++------------
1 file changed, 3 insertions(+), 12 deletions(-)
diff --git a/drivers/i2c/busses/i2c-rtl9300.c b/drivers/i2c/busses/i2c-rtl9300.c
index ebd4a85e1bde..9e6232075137 100644
--- a/drivers/i2c/busses/i2c-rtl9300.c
+++ b/drivers/i2c/busses/i2c-rtl9300.c
@@ -235,15 +235,6 @@ static int rtl9300_i2c_smbus_xfer(struct i2c_adapter *adap, u16 addr, unsigned s
}
switch (size) {
- case I2C_SMBUS_QUICK:
- ret = rtl9300_i2c_config_xfer(i2c, chan, addr, 0);
- if (ret)
- goto out_unlock;
- ret = rtl9300_i2c_reg_addr_set(i2c, 0, 0);
- if (ret)
- goto out_unlock;
- break;
-
case I2C_SMBUS_BYTE:
if (read_write == I2C_SMBUS_WRITE) {
ret = rtl9300_i2c_config_xfer(i2c, chan, addr, 0);
@@ -344,9 +335,9 @@ static int rtl9300_i2c_smbus_xfer(struct i2c_adapter *adap, u16 addr, unsigned s
static u32 rtl9300_i2c_func(struct i2c_adapter *a)
{
- return I2C_FUNC_SMBUS_QUICK | I2C_FUNC_SMBUS_BYTE |
- I2C_FUNC_SMBUS_BYTE_DATA | I2C_FUNC_SMBUS_WORD_DATA |
- I2C_FUNC_SMBUS_BLOCK_DATA | I2C_FUNC_SMBUS_I2C_BLOCK;
+ return I2C_FUNC_SMBUS_BYTE | I2C_FUNC_SMBUS_BYTE_DATA |
+ I2C_FUNC_SMBUS_WORD_DATA | I2C_FUNC_SMBUS_BLOCK_DATA |
+ I2C_FUNC_SMBUS_I2C_BLOCK;
}
static const struct i2c_algorithm rtl9300_i2c_algo = {
--
2.48.1
2 weeks
- 2
- 1
[PATCH v2] drm/xe: Extend Wa_13011645652 to PTL-H, WCL
by Julia Filipchuk
Expand workaround to additional graphics architectures.
Fixes: dddc53806dd2 ("drm/xe/ptl: Apply Wa_13011645652")
Cc: Vinay Belgaumkar <vinay.belgaumkar(a)intel.com>
Cc: Stuart Summers <stuart.summers(a)intel.com>
Cc: Daniele Ceraolo Spurio <daniele.ceraolospurio(a)intel.com>
Cc: Lucas De Marchi <lucas.demarchi(a)intel.com>
Cc: "Thomas Hellström" <thomas.hellstrom(a)linux.intel.com>
Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com>
Cc: intel-xe(a)lists.freedesktop.org
Cc: <stable(a)vger.kernel.org> # v6.15+
Signed-off-by: Julia Filipchuk <julia.filipchuk(a)intel.com>
---
drivers/gpu/drm/xe/xe_wa_oob.rules | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/xe/xe_wa_oob.rules b/drivers/gpu/drm/xe/xe_wa_oob.rules
index e990f20eccfe..710f4423726c 100644
--- a/drivers/gpu/drm/xe/xe_wa_oob.rules
+++ b/drivers/gpu/drm/xe/xe_wa_oob.rules
@@ -30,7 +30,8 @@
16022287689 GRAPHICS_VERSION(2001)
GRAPHICS_VERSION(2004)
13011645652 GRAPHICS_VERSION(2004)
- GRAPHICS_VERSION(3001)
+ GRAPHICS_VERSION_RANGE(3000, 3001)
+ GRAPHICS_VERSION(3003)
14022293748 GRAPHICS_VERSION_RANGE(2001, 2002)
GRAPHICS_VERSION(2004)
GRAPHICS_VERSION_RANGE(3000, 3001)
--
2.50.1
2 weeks
- 4
- 4
[PATCH 5.4 only] powerpc: boot: Remove unnecessary zero in label in udelay()
by Nathan Chancellor
When building powerpc configurations in linux-5.4.y with binutils 2.43
or newer, there is an assembler error in arch/powerpc/boot/util.S:
arch/powerpc/boot/util.S: Assembler messages:
arch/powerpc/boot/util.S:44: Error: junk at end of line, first unrecognized character is `0'
arch/powerpc/boot/util.S:49: Error: syntax error; found `b', expected `,'
arch/powerpc/boot/util.S:49: Error: junk at end of line: `b'
binutils 2.43 contains stricter parsing of certain labels [1].
Remove the unnecessary leading zero to fix the build. This is only
needed in linux-5.4.y because commit 8b14e1dff067 ("powerpc: Remove
support for PowerPC 601") removed this code altogether in 5.10.
Link: https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=226749d5a6ff0d5c6… [1]
Signed-off-by: Nathan Chancellor <nathan(a)kernel.org>
---
arch/powerpc/boot/util.S | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/powerpc/boot/util.S b/arch/powerpc/boot/util.S
index f11f0589a669..5ab2bc864e66 100644
--- a/arch/powerpc/boot/util.S
+++ b/arch/powerpc/boot/util.S
@@ -41,12 +41,12 @@ udelay:
srwi r4,r4,16
cmpwi 0,r4,1 /* 601 ? */
bne .Ludelay_not_601
-00: li r0,86 /* Instructions / microsecond? */
+0: li r0,86 /* Instructions / microsecond? */
mtctr r0
10: addi r0,r0,0 /* NOP */
bdnz 10b
subic. r3,r3,1
- bne 00b
+ bne 0b
blr
.Ludelay_not_601:
base-commit: c25f780e491e4734eb27d65aa58e0909fd78ad9f
--
2.51.0
2 weeks
- 3
- 4
[PATCH] media: s5p-mfc: Always pass NULL to s5p_mfc_cmd_host2risc_v6()
by Nathan Chancellor
A new warning in clang [1] points out a few places in s5p_mfc_cmd_v6.c
where an uninitialized variable is passed as a const pointer:
drivers/media/platform/samsung/s5p-mfc/s5p_mfc_cmd_v6.c:45:7: error: variable 'h2r_args' is uninitialized when passed as a const pointer argument here [-Werror,-Wuninitialized-const-pointer]
45 | &h2r_args);
| ^~~~~~~~
drivers/media/platform/samsung/s5p-mfc/s5p_mfc_cmd_v6.c:133:7: error: variable 'h2r_args' is uninitialized when passed as a const pointer argument here [-Werror,-Wuninitialized-const-pointer]
133 | &h2r_args);
| ^~~~~~~~
drivers/media/platform/samsung/s5p-mfc/s5p_mfc_cmd_v6.c:148:7: error: variable 'h2r_args' is uninitialized when passed as a const pointer argument here [-Werror,-Wuninitialized-const-pointer]
148 | &h2r_args);
| ^~~~~~~~
The args parameter in s5p_mfc_cmd_host2risc_v6() is never actually used,
so just pass NULL to it in the places where h2r_args is currently
passed, clearing up the warning and not changing the functionality of
the code.
Cc: stable(a)vger.kernel.org
Fixes: f96f3cfa0bb8 ("[media] s5p-mfc: Update MFC v4l2 driver to support MFC6.x")
Link: https://github.com/llvm/llvm-project/commit/00dacf8c22f065cb52efb14cd091d44… [1]
Closes: https://github.com/ClangBuiltLinux/linux/issues/2103
Signed-off-by: Nathan Chancellor <nathan(a)kernel.org>
---
From what I can tell, it seems like ->cmd_host2risc() is only ever
called from v6 code, which always passes NULL? It seems like it should
be possible to just drop .cmd_host2risc on the v5 side, then update
.cmd_host2risc to only take two parameters? If so, I can send a follow
up as a clean up, so that this can go back relatively conflict free.
---
.../platform/samsung/s5p-mfc/s5p_mfc_cmd_v6.c | 22 +++++-----------------
1 file changed, 5 insertions(+), 17 deletions(-)
diff --git a/drivers/media/platform/samsung/s5p-mfc/s5p_mfc_cmd_v6.c b/drivers/media/platform/samsung/s5p-mfc/s5p_mfc_cmd_v6.c
index 47bc3014b5d8..735471c50dbb 100644
--- a/drivers/media/platform/samsung/s5p-mfc/s5p_mfc_cmd_v6.c
+++ b/drivers/media/platform/samsung/s5p-mfc/s5p_mfc_cmd_v6.c
@@ -31,7 +31,6 @@ static int s5p_mfc_cmd_host2risc_v6(struct s5p_mfc_dev *dev, int cmd,
static int s5p_mfc_sys_init_cmd_v6(struct s5p_mfc_dev *dev)
{
- struct s5p_mfc_cmd_args h2r_args;
const struct s5p_mfc_buf_size_v6 *buf_size = dev->variant->buf_size->priv;
int ret;
@@ -41,33 +40,23 @@ static int s5p_mfc_sys_init_cmd_v6(struct s5p_mfc_dev *dev)
mfc_write(dev, dev->ctx_buf.dma, S5P_FIMV_CONTEXT_MEM_ADDR_V6);
mfc_write(dev, buf_size->dev_ctx, S5P_FIMV_CONTEXT_MEM_SIZE_V6);
- return s5p_mfc_cmd_host2risc_v6(dev, S5P_FIMV_H2R_CMD_SYS_INIT_V6,
- &h2r_args);
+ return s5p_mfc_cmd_host2risc_v6(dev, S5P_FIMV_H2R_CMD_SYS_INIT_V6, NULL);
}
static int s5p_mfc_sleep_cmd_v6(struct s5p_mfc_dev *dev)
{
- struct s5p_mfc_cmd_args h2r_args;
-
- memset(&h2r_args, 0, sizeof(struct s5p_mfc_cmd_args));
- return s5p_mfc_cmd_host2risc_v6(dev, S5P_FIMV_H2R_CMD_SLEEP_V6,
- &h2r_args);
+ return s5p_mfc_cmd_host2risc_v6(dev, S5P_FIMV_H2R_CMD_SLEEP_V6, NULL);
}
static int s5p_mfc_wakeup_cmd_v6(struct s5p_mfc_dev *dev)
{
- struct s5p_mfc_cmd_args h2r_args;
-
- memset(&h2r_args, 0, sizeof(struct s5p_mfc_cmd_args));
- return s5p_mfc_cmd_host2risc_v6(dev, S5P_FIMV_H2R_CMD_WAKEUP_V6,
- &h2r_args);
+ return s5p_mfc_cmd_host2risc_v6(dev, S5P_FIMV_H2R_CMD_WAKEUP_V6, NULL);
}
/* Open a new instance and get its number */
static int s5p_mfc_open_inst_cmd_v6(struct s5p_mfc_ctx *ctx)
{
struct s5p_mfc_dev *dev = ctx->dev;
- struct s5p_mfc_cmd_args h2r_args;
int codec_type;
mfc_debug(2, "Requested codec mode: %d\n", ctx->codec_mode);
@@ -130,14 +119,13 @@ static int s5p_mfc_open_inst_cmd_v6(struct s5p_mfc_ctx *ctx)
mfc_write(dev, 0, S5P_FIMV_D_CRC_CTRL_V6); /* no crc */
return s5p_mfc_cmd_host2risc_v6(dev, S5P_FIMV_H2R_CMD_OPEN_INSTANCE_V6,
- &h2r_args);
+ NULL);
}
/* Close instance */
static int s5p_mfc_close_inst_cmd_v6(struct s5p_mfc_ctx *ctx)
{
struct s5p_mfc_dev *dev = ctx->dev;
- struct s5p_mfc_cmd_args h2r_args;
int ret = 0;
dev->curr_ctx = ctx->num;
@@ -145,7 +133,7 @@ static int s5p_mfc_close_inst_cmd_v6(struct s5p_mfc_ctx *ctx)
mfc_write(dev, ctx->inst_no, S5P_FIMV_INSTANCE_ID_V6);
ret = s5p_mfc_cmd_host2risc_v6(dev,
S5P_FIMV_H2R_CMD_CLOSE_INSTANCE_V6,
- &h2r_args);
+ NULL);
} else {
ret = -EINVAL;
}
---
base-commit: 347e9f5043c89695b01e66b3ed111755afcf1911
change-id: 20250715-media-s5p-mfc-fix-uninit-const-pointer-cbf944ae4b4b
Best regards,
--
Nathan Chancellor <nathan(a)kernel.org>
2 weeks
- 3
- 5
[PATCH 5.4 00/23] 5.4.298-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 5.4.298 release.
There are 23 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 04 Sep 2025 13:19:14 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.298-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 5.4.298-rc1
Imre Deak <imre.deak(a)intel.com>
Revert "drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS"
Fabio Porcedda <fabio.porcedda(a)gmail.com>
net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions
Alex Deucher <alexander.deucher(a)amd.com>
Revert "drm/amdgpu: fix incorrect vm flags to map bo"
Minjong Kim <minbell.kim(a)samsung.com>
HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version()
Ping Cheng <pinglinux(a)gmail.com>
HID: wacom: Add a new Art Pen 2
Qasim Ijaz <qasdev00(a)gmail.com>
HID: asus: fix UAF via HID_CLAIMED_INPUT validation
Thijs Raymakers <thijs(a)raymakers.nl>
KVM: x86: use array_index_nospec with indices that come from guest
Li Nan <linan122(a)huawei.com>
efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare
Eric Dumazet <edumazet(a)google.com>
sctp: initialize more fields in sctp_v6_from_sk()
Rohan G Thomas <rohan.g.thomas(a)altera.com>
net: stmmac: xgmac: Do not enable RX FIFO Overflow interrupts
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Set local Xoff after FW update
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Update and set Xon/Xoff upon port speed set
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Update and set Xon/Xoff upon MTU set
Yeounsu Moon <yyyynoom(a)gmail.com>
net: dlink: fix multicast stats being counted incorrectly
Kuniyuki Iwashima <kuniyu(a)google.com>
atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().
Christoph Hellwig <hch(a)lst.de>
net/atm: remove the atmdev_ops {get, set}sockopt methods
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced
Madhavan Srinivasan <maddy(a)linux.ibm.com>
powerpc/kvm: Fix ifdef to remove build warning
Oscar Maes <oscmaes92(a)gmail.com>
net: ipv4: fix regression in local-broadcast routes
Nikolay Kuratov <kniv(a)yandex-team.ru>
vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put()
Damien Le Moal <dlemoal(a)kernel.org>
scsi: core: sysfs: Correct sysfs attributes access rights
Tengda Wu <wutengda(a)huaweicloud.com>
ftrace: Fix potential warning in trace_printk_seq during ftrace_dump
Randy Dunlap <rdunlap(a)infradead.org>
pinctrl: STMFX: add missing HAS_IOMEM dependency
-------------
Diffstat:
Makefile | 4 +--
arch/powerpc/kernel/kvm.c | 8 ++---
arch/x86/kvm/lapic.c | 3 ++
arch/x86/kvm/x86.c | 7 ++--
drivers/atm/atmtcp.c | 17 +++++++--
drivers/atm/eni.c | 17 ---------
drivers/atm/firestream.c | 2 --
drivers/atm/fore200e.c | 27 ---------------
drivers/atm/horizon.c | 40 ----------------------
drivers/atm/iphase.c | 16 ---------
drivers/atm/lanai.c | 2 --
drivers/atm/solos-pci.c | 2 --
drivers/atm/zatm.c | 16 ---------
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +--
drivers/gpu/drm/drm_dp_helper.c | 2 +-
drivers/hid/hid-asus.c | 8 ++++-
drivers/hid/hid-ntrig.c | 3 ++
drivers/hid/wacom_wac.c | 1 +
drivers/net/ethernet/dlink/dl2k.c | 2 +-
.../ethernet/mellanox/mlx5/core/en/port_buffer.c | 3 +-
.../ethernet/mellanox/mlx5/core/en/port_buffer.h | 12 +++++++
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 19 +++++++++-
drivers/net/ethernet/stmicro/stmmac/dwxgmac2_dma.c | 4 ---
drivers/net/usb/qmi_wwan.c | 3 ++
drivers/pinctrl/Kconfig | 1 +
drivers/scsi/scsi_sysfs.c | 4 +--
drivers/vhost/net.c | 9 +++--
fs/efivarfs/super.c | 4 +++
include/linux/atmdev.h | 10 +-----
kernel/trace/trace.c | 4 +--
net/atm/common.c | 29 ++++++++--------
net/bluetooth/hci_event.c | 12 ++++++-
net/ipv4/route.c | 10 ++++--
net/sctp/ipv6.c | 2 ++
34 files changed, 129 insertions(+), 178 deletions(-)
2 weeks
- 7
- 30
[PATCH] As the doc of of_parse_phandle() states: "The device_node pointer with refcount incremented. Use * of_node_put() on it when done."
by Miaoqian Lin
The function doesn't calls
of_node_put() to release this reference, causing a reference leak.
Move the of_parse_phandle() call after devm_kzalloc() and add the missing
of_node_put() call immediately after of_address_to_resource() to properly
release the device node reference.
Found via static analysis.
Fixes: 9a10c7e6519b ("drm/simpledrm: Add support for system memory framebuffers")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/gpu/drm/sysfb/simpledrm.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/drivers/gpu/drm/sysfb/simpledrm.c b/drivers/gpu/drm/sysfb/simpledrm.c
index 8530a3ef8a7a..f0bd7e958398 100644
--- a/drivers/gpu/drm/sysfb/simpledrm.c
+++ b/drivers/gpu/drm/sysfb/simpledrm.c
@@ -183,15 +183,16 @@ simplefb_get_memory_of(struct drm_device *dev, struct device_node *of_node)
struct resource *res;
int err;
- np = of_parse_phandle(of_node, "memory-region", 0);
- if (!np)
- return NULL;
-
res = devm_kzalloc(dev->dev, sizeof(*res), GFP_KERNEL);
if (!res)
return ERR_PTR(-ENOMEM);
+ np = of_parse_phandle(of_node, "memory-region", 0);
+ if (!np)
+ return NULL;
+
err = of_address_to_resource(np, 0, res);
+ of_node_put(np);
if (err)
return ERR_PTR(err);
--
2.35.1
2 weeks
- 2
- 1
[PATCH] media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled
by Miaoqian Lin
The function calls of_parse_phandle() which returns
a device node with an incremented reference count. When the bonded device
is not available, the function
returns NULL without releasing the reference, causing a reference leak.
Add of_node_put(np) to release the device node reference.
The of_node_put function handles NULL pointers.
Found through static analysis by reviewing the doc of of_parse_phandle()
and cross-checking its usage patterns across the codebase.
Fixes: 7625ee981af1 ("[media] media: platform: rcar_drif: Add DRIF support")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/media/platform/renesas/rcar_drif.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/media/platform/renesas/rcar_drif.c b/drivers/media/platform/renesas/rcar_drif.c
index fc8b6bbef793..c5d676eb1091 100644
--- a/drivers/media/platform/renesas/rcar_drif.c
+++ b/drivers/media/platform/renesas/rcar_drif.c
@@ -1246,6 +1246,7 @@ static struct device_node *rcar_drif_bond_enabled(struct platform_device *p)
if (np && of_device_is_available(np))
return np;
+ of_node_put(np);
return NULL;
}
--
2.35.1
2 weeks
- 4
- 3
[stable-6.16|lts-6.12] net: ipv4: fix regression in local-broadcast routes
by Sedat Dilek
Hi Sasha and Greg,
Salvatore Bonaccorso <carnil(a)debian.org> from Debian Kernel Team
included this regression-fix already.
Upstream commit 5189446ba995556eaa3755a6e875bc06675b88bd
"net: ipv4: fix regression in local-broadcast routes"
As far as I have seen this should be included in stable-6.16 and
LTS-6.12 (for other stable branches I simply have no interest - please
double-check).
I am sure Sasha's new kernel-patch-AI tool has catched this - just
kindly inform you.
Thanks.
Best regards,
-Sedat-
https://salsa.debian.org/kernel-team/linux/-/commit/194de383c5cd5e8c22cadfc…
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
2 weeks
- 4
- 4
[PATCHSET RFC v4 1/4] fuse: general bug fixes
by Darrick J. Wong
Hi all,
Here's a collection of fixes that I *think* are bugs in fuse, along with
some scattered improvements.
If you're going to start using this code, I strongly recommend pulling
from my git trees, which are linked below.
This has been running on the djcloud for months with no problems. Enjoy!
Comments and questions are, as always, welcome.
--D
kernel git tree:
https://git.kernel.org/cgit/linux/kernel/git/djwong/xfs-linux.git/log/?h=fu…
---
Commits in this patchset:
* fuse: fix livelock in synchronous file put from fuseblk workers
* fuse: flush pending fuse events before aborting the connection
* fuse: capture the unique id of fuse commands being sent
* fuse: implement file attributes mask for statx
* fuse: update file mode when updating acls
* fuse: propagate default and file acls on creation
* fuse: enable FUSE_SYNCFS for all servers
---
fs/fuse/fuse_i.h | 14 +++++++
fs/fuse/acl.c | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++
fs/fuse/dev.c | 44 +++++++++++++++++++++++
fs/fuse/dev_uring.c | 8 ++++
fs/fuse/dir.c | 96 +++++++++++++++++++++++++++++++++++++++------------
fs/fuse/file.c | 10 +++++
fs/fuse/inode.c | 5 +++
7 files changed, 245 insertions(+), 27 deletions(-)
2 weeks
- 2
- 3
[PATCH] phy: tegra: xusb-tegra210: Fix reference leaks in tegra210_xusb_padctl_probe
by Miaoqian Lin
Add missing of_node_put() and put_device() calls to release references.
The function calls of_parse_phandle() and of_find_device_by_node()
but fails to release the references.
Both functions' documentation mentions that
the returned references must be dropped after use.
Found through static analysis by reviewing the documentation and
cross-checking their usage patterns.
Fixes: 2d1021487273 ("phy: tegra: xusb: Add wake/sleepwalk for Tegra210")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/phy/tegra/xusb-tegra210.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/drivers/phy/tegra/xusb-tegra210.c b/drivers/phy/tegra/xusb-tegra210.c
index ebc8a7e21a31..cbfca51a53bc 100644
--- a/drivers/phy/tegra/xusb-tegra210.c
+++ b/drivers/phy/tegra/xusb-tegra210.c
@@ -3164,18 +3164,23 @@ tegra210_xusb_padctl_probe(struct device *dev,
}
pdev = of_find_device_by_node(np);
+ of_node_put(np);
if (!pdev) {
dev_warn(dev, "PMC device is not available\n");
goto out;
}
- if (!platform_get_drvdata(pdev))
+ if (!platform_get_drvdata(pdev)) {
+ put_device(&pdev->dev);
return ERR_PTR(-EPROBE_DEFER);
+ }
padctl->regmap = dev_get_regmap(&pdev->dev, "usb_sleepwalk");
if (!padctl->regmap)
dev_info(dev, "failed to find PMC regmap\n");
+ put_device(&pdev->dev);
+
out:
return &padctl->base;
}
--
2.35.1
2 weeks
- 2
- 2
[PATCH] usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call
by Miaoqian Lin
The cdnsp-pci driver uses pcim_enable_device() to enable a PCI device,
which means the device will be automatically disabled on driver detach
through the managed device framework. The manual pci_disable_device()
call in the error path is therefore redundant.
Found via static anlaysis and this is similar to commit 99ca0b57e49f
("thermal: intel: int340x: processor: Fix warning during module unload").
Fixes: 3d82904559f4 ("usb: cdnsp: cdns3 Add main part of Cadence USBSSP DRD Driver")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/usb/cdns3/cdnsp-pci.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/drivers/usb/cdns3/cdnsp-pci.c b/drivers/usb/cdns3/cdnsp-pci.c
index 8c361b8394e9..5e7b88ca8b96 100644
--- a/drivers/usb/cdns3/cdnsp-pci.c
+++ b/drivers/usb/cdns3/cdnsp-pci.c
@@ -85,7 +85,7 @@ static int cdnsp_pci_probe(struct pci_dev *pdev,
cdnsp = kzalloc(sizeof(*cdnsp), GFP_KERNEL);
if (!cdnsp) {
ret = -ENOMEM;
- goto disable_pci;
+ goto put_pci;
}
}
@@ -168,9 +168,6 @@ static int cdnsp_pci_probe(struct pci_dev *pdev,
if (!pci_is_enabled(func))
kfree(cdnsp);
-disable_pci:
- pci_disable_device(pdev);
-
put_pci:
pci_dev_put(func);
--
2.35.1
2 weeks
- 1
- 0
[PATCH 6.1 00/50] 6.1.150-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 6.1.150 release.
There are 50 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 04 Sep 2025 13:19:14 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.150-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 6.1.150-rc1
Eric Sandeen <sandeen(a)redhat.com>
xfs: do not propagate ENODATA disk errors into xattr code
Imre Deak <imre.deak(a)intel.com>
Revert "drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS"
Hamish Martin <hamish.martin(a)alliedtelesis.co.nz>
HID: mcp2221: Handle reads greater than 60 bytes
Hamish Martin <hamish.martin(a)alliedtelesis.co.nz>
HID: mcp2221: Don't set bus speed on every transfer
Eric Dumazet <edumazet(a)google.com>
net: rose: fix a typo in rose_clear_routes()
James Jones <jajones(a)nvidia.com>
drm/nouveau/disp: Always accept linear modifier
Steve French <stfrench(a)microsoft.com>
smb3 client: fix return code mapping of remap_file_range
Fabio Porcedda <fabio.porcedda(a)gmail.com>
net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions
Shuhao Fu <sfual(a)cse.ust.hk>
fs/smb: Fix inconsistent refcnt update
Shanker Donthineni <sdonthineni(a)nvidia.com>
dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted
Alex Deucher <alexander.deucher(a)amd.com>
Revert "drm/amdgpu: fix incorrect vm flags to map bo"
Minjong Kim <minbell.kim(a)samsung.com>
HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version()
Ping Cheng <pinglinux(a)gmail.com>
HID: wacom: Add a new Art Pen 2
Qasim Ijaz <qasdev00(a)gmail.com>
HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()
Qasim Ijaz <qasdev00(a)gmail.com>
HID: asus: fix UAF via HID_CLAIMED_INPUT validation
Thijs Raymakers <thijs(a)raymakers.nl>
KVM: x86: use array_index_nospec with indices that come from guest
Li Nan <linan122(a)huawei.com>
efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare
Eric Dumazet <edumazet(a)google.com>
sctp: initialize more fields in sctp_v6_from_sk()
Takamitsu Iwai <takamitz(a)amazon.co.jp>
net: rose: include node references in rose_neigh refcount
Takamitsu Iwai <takamitz(a)amazon.co.jp>
net: rose: convert 'use' field to refcount_t
Takamitsu Iwai <takamitz(a)amazon.co.jp>
net: rose: split remove and free operations in rose_remove_neigh()
Rohan G Thomas <rohan.g.thomas(a)altera.com>
net: stmmac: xgmac: Do not enable RX FIFO Overflow interrupts
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Set local Xoff after FW update
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Update and set Xon/Xoff upon port speed set
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Update and set Xon/Xoff upon MTU set
Moshe Shemesh <moshe(a)nvidia.com>
net/mlx5: Reload auxiliary drivers on fw_activate
Horatiu Vultur <horatiu.vultur(a)microchip.com>
phy: mscc: Fix when PTP clock is register and unregister
Yeounsu Moon <yyyynoom(a)gmail.com>
net: dlink: fix multicast stats being counted incorrectly
Kuniyuki Iwashima <kuniyu(a)google.com>
atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().
Pavel Shpakovskiy <pashpakovskii(a)salutedevices.com>
Bluetooth: hci_sync: fix set_local_name race condition
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced
Ludovico de Nittis <ludovico.denittis(a)collabora.com>
Bluetooth: hci_event: Mark connection as closed during suspend disconnect
Ludovico de Nittis <ludovico.denittis(a)collabora.com>
Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success
José Expósito <jose.exposito89(a)gmail.com>
HID: input: report battery status changes immediately
José Expósito <jose.exposito89(a)gmail.com>
HID: input: rename hidinput_set_battery_charge_status()
Madhavan Srinivasan <maddy(a)linux.ibm.com>
powerpc/kvm: Fix ifdef to remove build warning
Rob Clark <robin.clark(a)oss.qualcomm.com>
drm/msm: Defer fd_install in SUBMIT ioctl
Oscar Maes <oscmaes92(a)gmail.com>
net: ipv4: fix regression in local-broadcast routes
Nikolay Kuratov <kniv(a)yandex-team.ru>
vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put()
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix a race when updating an existing write
Christoph Hellwig <hch(a)lst.de>
nfs: fold nfs_page_group_lock_subrequests into nfs_lock_and_join_requests
Werner Sembach <wse(a)tuxedocomputers.com>
ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list
Alexey Klimov <alexey.klimov(a)linaro.org>
ASoC: codecs: tx-macro: correct tx_macro_component_drv name
Paulo Alcantara <pc(a)manguebit.org>
smb: client: fix race with concurrent opens in rename(2)
Paulo Alcantara <pc(a)manguebit.org>
smb: client: fix race with concurrent opens in unlink(2)
Damien Le Moal <dlemoal(a)kernel.org>
scsi: core: sysfs: Correct sysfs attributes access rights
Tengda Wu <wutengda(a)huaweicloud.com>
ftrace: Fix potential warning in trace_printk_seq during ftrace_dump
Aleksander Jan Bajkowski <olek2(a)wp.pl>
mips: lantiq: xway: sysctrl: rename the etop node
Aleksander Jan Bajkowski <olek2(a)wp.pl>
mips: dts: lantiq: danube: add missing burst length property
Randy Dunlap <rdunlap(a)infradead.org>
pinctrl: STMFX: add missing HAS_IOMEM dependency
-------------
Diffstat:
Makefile | 4 +-
arch/mips/boot/dts/lantiq/danube_easy50712.dts | 5 +-
arch/mips/lantiq/xway/sysctrl.c | 10 +-
arch/powerpc/kernel/kvm.c | 8 +-
arch/x86/kvm/lapic.c | 2 +
arch/x86/kvm/x86.c | 7 +-
drivers/acpi/ec.c | 6 +
drivers/atm/atmtcp.c | 17 ++-
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +-
drivers/gpu/drm/display/drm_dp_helper.c | 2 +-
drivers/gpu/drm/msm/msm_gem_submit.c | 14 +-
drivers/gpu/drm/nouveau/dispnv50/wndw.c | 4 +
drivers/hid/hid-asus.c | 8 +-
drivers/hid/hid-input-test.c | 10 +-
drivers/hid/hid-input.c | 51 ++++----
drivers/hid/hid-mcp2221.c | 71 +++++++----
drivers/hid/hid-multitouch.c | 8 ++
drivers/hid/hid-ntrig.c | 3 +
drivers/hid/wacom_wac.c | 1 +
drivers/net/ethernet/dlink/dl2k.c | 2 +-
drivers/net/ethernet/mellanox/mlx5/core/devlink.c | 2 +-
.../ethernet/mellanox/mlx5/core/en/port_buffer.c | 3 +-
.../ethernet/mellanox/mlx5/core/en/port_buffer.h | 12 ++
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 19 ++-
drivers/net/ethernet/stmicro/stmmac/dwxgmac2_dma.c | 4 -
drivers/net/phy/mscc/mscc.h | 4 +
drivers/net/phy/mscc/mscc_main.c | 4 +-
drivers/net/phy/mscc/mscc_ptp.c | 34 +++--
drivers/net/usb/qmi_wwan.c | 3 +
drivers/pinctrl/Kconfig | 1 +
drivers/scsi/scsi_sysfs.c | 4 +-
drivers/vhost/net.c | 9 +-
fs/efivarfs/super.c | 4 +
fs/nfs/pagelist.c | 86 +------------
fs/nfs/write.c | 142 +++++++++++++--------
fs/smb/client/cifsfs.c | 14 ++
fs/smb/client/inode.c | 34 ++++-
fs/smb/client/smb2inode.c | 7 +-
fs/xfs/libxfs/xfs_attr_remote.c | 7 +
fs/xfs/libxfs/xfs_da_btree.c | 6 +
include/linux/atmdev.h | 1 +
include/linux/nfs_page.h | 2 +-
include/net/bluetooth/hci_sync.h | 2 +-
include/net/rose.h | 18 ++-
kernel/dma/pool.c | 4 +-
kernel/trace/trace.c | 4 +-
net/atm/common.c | 15 ++-
net/bluetooth/hci_event.c | 20 ++-
net/bluetooth/hci_sync.c | 6 +-
net/bluetooth/mgmt.c | 5 +-
net/ipv4/route.c | 10 +-
net/rose/af_rose.c | 13 +-
net/rose/rose_in.c | 12 +-
net/rose/rose_route.c | 62 +++++----
net/rose/rose_timer.c | 2 +-
net/sctp/ipv6.c | 2 +
sound/soc/codecs/lpass-tx-macro.c | 2 +-
57 files changed, 514 insertions(+), 302 deletions(-)
2 weeks
- 9
- 58
[PATCH 0/2] mfd: vexpress: convert the driver to using the new generic GPIO chip API
by Bartosz Golaszewski
This converts the vexpress-sysreg MFD driver to using the new generic
GPIO interface but first fixes an issue with an unchecked return value
of devm_gpiochio_add_data().
Lee: Please, create an immutable branch containing these commits after
you pick them up, as I'd like to merge it into the GPIO tree and remove
the legacy interface in this cycle.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
---
Bartosz Golaszewski (2):
mfd: vexpress-sysreg: check the return value of devm_gpiochip_add_data()
mfd: vexpress-sysreg: use new generic GPIO chip API
drivers/mfd/vexpress-sysreg.c | 25 ++++++++++++++++++++-----
1 file changed, 20 insertions(+), 5 deletions(-)
---
base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585
change-id: 20250728-gpio-mmio-mfd-conv-d27c2cfbccfe
Best regards,
--
Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
2 weeks
- 4
- 10
[PATCH] net/mlx5: HWS, change error flow on matcher disconnect
by Subramaniam, Sujana
From: SujanaSubr <sujana.subramaniam(a)sap.com>
[ Upstream commit 1ce840c7a659aa53a31ef49f0271b4fd0dc10296 ]
Currently, when firmware failure occurs during matcher disconnect flow,
the error flow of the function reconnects the matcher back and returns
an error, which continues running the calling function and eventually
frees the matcher that is being disconnected.
This leads to a case where we have a freed matcher on the matchers list,
which in turn leads to use-after-free and eventual crash.
This patch fixes that by not trying to reconnect the matcher back when
some FW command fails during disconnect.
Note that we're dealing here with FW error. We can't overcome this
problem. This might lead to bad steering state (e.g. wrong connection
between matchers), and will also lead to resource leakage, as it is
the case with any other error handling during resource destruction.
However, the goal here is to allow the driver to continue and not crash
the machine with use-after-free error.
Signed-off-by: Yevgeny Kliteynik <kliteyn(a)nvidia.com>
Signed-off-by: Itamar Gozlan <igozlan(a)nvidia.com>
Reviewed-by: Mark Bloch <mbloch(a)nvidia.com>
Signed-off-by: Tariq Toukan <tariqt(a)nvidia.com>
Link: https://patch.msgid.link/20250102181415.1477316-7-tariqt@nvidia.com
Signed-off-by: Jakub Kicinski <kuba(a)kernel.org>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Akendo <akendo(a)akendo.eu>
Signed-off-by: SujanaSubr <sujana.subramaniam(a)sap.com>
---
.../mlx5/core/steering/hws/mlx5hws_matcher.c | 24 +++++++------------
1 file changed, 8 insertions(+), 16 deletions(-)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/steering/hws/mlx5hws_matcher.c b/drivers/net/ethernet/mellanox/mlx5/core/steering/hws/mlx5hws_matcher.c
index 61a1155d4b4f..ce541c60c5b4 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/steering/hws/mlx5hws_matcher.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/steering/hws/mlx5hws_matcher.c
@@ -165,14 +165,14 @@ static int hws_matcher_disconnect(struct mlx5hws_matcher *matcher)
next->match_ste.rtc_0_id,
next->match_ste.rtc_1_id);
if (ret) {
- mlx5hws_err(tbl->ctx, "Failed to disconnect matcher\n");
- goto matcher_reconnect;
+ mlx5hws_err(tbl->ctx, "Fatal error, failed to disconnect matcher\n");
+ return ret;
}
} else {
ret = mlx5hws_table_connect_to_miss_table(tbl, tbl->default_miss.miss_tbl);
if (ret) {
- mlx5hws_err(tbl->ctx, "Failed to disconnect last matcher\n");
- goto matcher_reconnect;
+ mlx5hws_err(tbl->ctx, "Fatal error, failed to disconnect last matcher\n");
+ return ret;
}
}
@@ -180,27 +180,19 @@ static int hws_matcher_disconnect(struct mlx5hws_matcher *matcher)
if (prev_ft_id == tbl->ft_id) {
ret = mlx5hws_table_update_connected_miss_tables(tbl);
if (ret) {
- mlx5hws_err(tbl->ctx, "Fatal error, failed to update connected miss table\n");
- goto matcher_reconnect;
+ mlx5hws_err(tbl->ctx,
+ "Fatal error, failed to update connected miss table\n");
+ return ret;
}
}
ret = mlx5hws_table_ft_set_default_next_ft(tbl, prev_ft_id);
if (ret) {
mlx5hws_err(tbl->ctx, "Fatal error, failed to restore matcher ft default miss\n");
- goto matcher_reconnect;
+ return ret;
}
return 0;
-
-matcher_reconnect:
- if (list_empty(&tbl->matchers_list) || !prev)
- list_add(&matcher->list_node, &tbl->matchers_list);
- else
- /* insert after prev matcher */
- list_add(&matcher->list_node, &prev->list_node);
-
- return ret;
}
static void hws_matcher_set_rtc_attr_sz(struct mlx5hws_matcher *matcher,
--
2.39.5 (Apple Git-154)
2 weeks
- 3
- 4
[PATCH v7 00/16] pinctrl: introduce the concept of a GPIO pin function category
by Bartosz Golaszewski
Problem: when pinctrl core binds pins to a consumer device and the
pinmux ops of the underlying driver are marked as strict, the pin in
question can no longer be requested as a GPIO using the GPIO descriptor
API. It will result in the following error:
[ 5.095688] sc8280xp-tlmm f100000.pinctrl: pin GPIO_25 already requested by regulator-edp-3p3; cannot claim for f100000.pinctrl:570
[ 5.107822] sc8280xp-tlmm f100000.pinctrl: error -EINVAL: pin-25 (f100000.pinctrl:570)
This typically makes sense except when the pins are muxed to a function
that actually says "GPIO". Of course, the function name is just a string
so it has no meaning to the pinctrl subsystem.
We have many Qualcomm SoCs (and I can imagine it's a common pattern in
other platforms as well) where we mux a pin to "gpio" function using the
`pinctrl-X` property in order to configure bias or drive-strength and
then access it using the gpiod API. This makes it impossible to mark the
pin controller module as "strict".
This series proposes to introduce a concept of a sub-category of
pinfunctions: GPIO functions where the above is not true and the pin
muxed as a GPIO can still be accessed via the GPIO consumer API even for
strict pinmuxers.
To that end: we first clean up the drivers that use struct function_desc
and make them use the smaller struct pinfunction instead - which is the
correct structure for drivers to describe their pin functions with. We
also rework pinmux core to not duplicate memory used to store the
pinfunctions unless they're allocated dynamically.
First: provide the kmemdup_const() helper which only duplicates memory
if it's not in the .rodata section. Then rework all pinctrl drivers that
instantiate objects of type struct function_desc as they should only be
created by pinmux core. Next constify the return value of the accessor
used to expose these structures to users and finally convert the
pinfunction object within struct function_desc to a pointer and use
kmemdup_const() to assign it. With this done proceed to add
infrastructure for the GPIO pin function category and use it in Qualcomm
drivers. At the very end: make the Qualcomm pinmuxer strict.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
---
Changes in v7:
- Add a patch checking the return value of the get_function_name()
callback in pinmux_func_name_to_selector(). This fixes a NULL-pointer
dereference on IMX platforms
- Don't assign the number of functions in pinctrl device in the IMX
driver as it's done automatically when adding the pinfunctions using
the provided API. This fixes a warning from pinctrl core on IMX
platforms triggered by the conversion from accessing the radix tree
directly
- Link to v6: https://lore.kernel.org/r/20250828-pinctrl-gpio-pinfuncs-v6-0-c9abb6bdb689@…
Changes in v6:
- Select GENERIC_PINMUX_FUNCTIONS when using generic pinmux helpers in
qcom pinctrl drivers to fix build on ARM 32-bit platforms
- Assume that a pin can be requested in pin_request() if it has no
mux_setting assigned
- Also check if a function is a GPIO for pins within GPIO ranges
- Fix an issue with the imx pinctrl driver where the conversion patch
confused the function and pin group radix trees
- Add a FIXME to the imx driver mentioning the need to switch to the
provided helpers for accessing the group radix tree
- Link to v5: https://lore.kernel.org/r/20250815-pinctrl-gpio-pinfuncs-v5-0-955de9fd91db@…
Changes in v5:
- Fix a potential NULL-pointer dereference in
pinmux_can_be_used_for_gpio()
- Use PINCTRL_PINFUNCTION() in pinctrl-airoha
- Link to v4: https://lore.kernel.org/r/20250812-pinctrl-gpio-pinfuncs-v4-0-bb3906c55e64@…
Changes in v4:
- Update the GPIO pin function definitions to include the new qcom
driver (milos)
- Provide devm_kmemdup_const() instead of a non-managed kmemdup_const()
as a way to avoid casting out the 'const' modifier when passing the
const pointer to devm_add_action_or_reset()
- Use devm_krealloc_array() where applicable instead of devm_krealloc()
- Fix typos
- Fix kerneldocs
- Improve commit messages
- Small tweaks as pointed out by Andy
- Rebased on top of v6.17-rc1
- Link to v3: https://lore.kernel.org/r/20250724-pinctrl-gpio-pinfuncs-v3-0-af4db9302de4@…
Changes in v3:
- Add more patches in front: convert pinctrl drivers to stop defining
their own struct function_desc objects and make pinmux core not
duplicate .rodata memory in which struct pinfunction objects are
stored.
- Add a patch constifying pinmux_generic_get_function().
- Drop patches that were applied upstream.
- Link to v2: https://lore.kernel.org/r/20250709-pinctrl-gpio-pinfuncs-v2-0-b6135149c0d9@…
Changes in v2:
- Extend the series with providing pinmux_generic_add_pinfunction(),
using it in several drivers and converting pinctrl-msm to using
generic pinmux helpers
- Add a generic function_is_gpio() callback for pinmux_ops
- Convert all qualcomm drivers to using the new GPIO pin category so
that we can actually enable the strict flag
- Link to v1: https://lore.kernel.org/r/20250702-pinctrl-gpio-pinfuncs-v1-0-ed2bd0f9468d@…
---
Bartosz Golaszewski (16):
pinctrl: check the return value of pinmux_ops::get_function_name()
devres: provide devm_kmemdup_const()
pinctrl: ingenic: use struct pinfunction instead of struct function_desc
pinctrl: airoha: replace struct function_desc with struct pinfunction
pinctrl: mediatek: mt7988: use PINCTRL_PIN_FUNCTION()
pinctrl: mediatek: moore: replace struct function_desc with struct pinfunction
pinctrl: imx: don't access the pin function radix tree directly
pinctrl: keembay: release allocated memory in detach path
pinctrl: keembay: use a dedicated structure for the pinfunction description
pinctrl: constify pinmux_generic_get_function()
pinctrl: make struct pinfunction a pointer in struct function_desc
pinctrl: qcom: use generic pin function helpers
pinctrl: allow to mark pin functions as requestable GPIOs
pinctrl: qcom: add infrastructure for marking pin functions as GPIOs
pinctrl: qcom: mark the `gpio` and `egpio` pins function as non-strict functions
pinctrl: qcom: make the pinmuxing strict
drivers/base/devres.c | 21 +++++++
drivers/pinctrl/freescale/pinctrl-imx.c | 45 +++++++--------
drivers/pinctrl/mediatek/pinctrl-airoha.c | 19 +++----
drivers/pinctrl/mediatek/pinctrl-moore.c | 10 ++--
drivers/pinctrl/mediatek/pinctrl-moore.h | 7 +--
drivers/pinctrl/mediatek/pinctrl-mt7622.c | 2 +-
drivers/pinctrl/mediatek/pinctrl-mt7623.c | 2 +-
drivers/pinctrl/mediatek/pinctrl-mt7629.c | 2 +-
drivers/pinctrl/mediatek/pinctrl-mt7981.c | 2 +-
drivers/pinctrl/mediatek/pinctrl-mt7986.c | 2 +-
drivers/pinctrl/mediatek/pinctrl-mt7988.c | 44 ++++++---------
drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.h | 2 +-
drivers/pinctrl/pinctrl-equilibrium.c | 2 +-
drivers/pinctrl/pinctrl-ingenic.c | 49 ++++++++---------
drivers/pinctrl/pinctrl-keembay.c | 26 ++++++---
drivers/pinctrl/pinctrl-single.c | 4 +-
drivers/pinctrl/pinmux.c | 70 ++++++++++++++++++++----
drivers/pinctrl/pinmux.h | 9 ++-
drivers/pinctrl/qcom/Kconfig | 1 +
drivers/pinctrl/qcom/pinctrl-ipq5018.c | 2 +-
drivers/pinctrl/qcom/pinctrl-ipq5332.c | 2 +-
drivers/pinctrl/qcom/pinctrl-ipq5424.c | 2 +-
drivers/pinctrl/qcom/pinctrl-ipq6018.c | 2 +-
drivers/pinctrl/qcom/pinctrl-ipq8074.c | 2 +-
drivers/pinctrl/qcom/pinctrl-ipq9574.c | 2 +-
drivers/pinctrl/qcom/pinctrl-mdm9607.c | 2 +-
drivers/pinctrl/qcom/pinctrl-mdm9615.c | 2 +-
drivers/pinctrl/qcom/pinctrl-milos.c | 2 +-
drivers/pinctrl/qcom/pinctrl-msm.c | 45 +++++----------
drivers/pinctrl/qcom/pinctrl-msm.h | 5 ++
drivers/pinctrl/qcom/pinctrl-msm8226.c | 2 +-
drivers/pinctrl/qcom/pinctrl-msm8660.c | 2 +-
drivers/pinctrl/qcom/pinctrl-msm8909.c | 2 +-
drivers/pinctrl/qcom/pinctrl-msm8916.c | 2 +-
drivers/pinctrl/qcom/pinctrl-msm8917.c | 2 +-
drivers/pinctrl/qcom/pinctrl-msm8953.c | 2 +-
drivers/pinctrl/qcom/pinctrl-msm8960.c | 2 +-
drivers/pinctrl/qcom/pinctrl-msm8976.c | 2 +-
drivers/pinctrl/qcom/pinctrl-msm8994.c | 2 +-
drivers/pinctrl/qcom/pinctrl-msm8996.c | 2 +-
drivers/pinctrl/qcom/pinctrl-msm8998.c | 2 +-
drivers/pinctrl/qcom/pinctrl-msm8x74.c | 2 +-
drivers/pinctrl/qcom/pinctrl-qcm2290.c | 4 +-
drivers/pinctrl/qcom/pinctrl-qcs404.c | 2 +-
drivers/pinctrl/qcom/pinctrl-qcs615.c | 2 +-
drivers/pinctrl/qcom/pinctrl-qcs8300.c | 4 +-
drivers/pinctrl/qcom/pinctrl-qdu1000.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sa8775p.c | 4 +-
drivers/pinctrl/qcom/pinctrl-sar2130p.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sc7180.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sc7280.c | 4 +-
drivers/pinctrl/qcom/pinctrl-sc8180x.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sc8280xp.c | 4 +-
drivers/pinctrl/qcom/pinctrl-sdm660.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sdm670.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sdm845.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sdx55.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sdx65.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sdx75.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sm4450.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sm6115.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sm6125.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sm6350.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sm6375.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sm7150.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sm8150.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sm8250.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sm8350.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sm8450.c | 4 +-
drivers/pinctrl/qcom/pinctrl-sm8550.c | 2 +-
drivers/pinctrl/qcom/pinctrl-sm8650.c | 4 +-
drivers/pinctrl/qcom/pinctrl-sm8750.c | 4 +-
drivers/pinctrl/qcom/pinctrl-x1e80100.c | 2 +-
drivers/pinctrl/renesas/pinctrl-rza1.c | 2 +-
drivers/pinctrl/renesas/pinctrl-rza2.c | 2 +-
drivers/pinctrl/renesas/pinctrl-rzg2l.c | 2 +-
drivers/pinctrl/renesas/pinctrl-rzv2m.c | 2 +-
include/linux/device/devres.h | 2 +
include/linux/pinctrl/pinctrl.h | 14 +++++
include/linux/pinctrl/pinmux.h | 2 +
80 files changed, 288 insertions(+), 227 deletions(-)
---
base-commit: b320789d6883cc00ac78ce83bccbfe7ed58afcf0
change-id: 20250701-pinctrl-gpio-pinfuncs-de82bd9aac43
Best regards,
--
Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
2 weeks
- 3
- 10
[PATCH 6.6 00/75] 6.6.104-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 6.6.104 release.
There are 75 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 04 Sep 2025 13:19:14 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.104-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 6.6.104-rc1
Eric Sandeen <sandeen(a)redhat.com>
xfs: do not propagate ENODATA disk errors into xattr code
Imre Deak <imre.deak(a)intel.com>
Revert "drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS"
Hamish Martin <hamish.martin(a)alliedtelesis.co.nz>
HID: mcp2221: Handle reads greater than 60 bytes
Hamish Martin <hamish.martin(a)alliedtelesis.co.nz>
HID: mcp2221: Don't set bus speed on every transfer
Chris Mi <cmi(a)nvidia.com>
net/mlx5: SF, Fix add port error handling
Eric Dumazet <edumazet(a)google.com>
net: rose: fix a typo in rose_clear_routes()
James Jones <jajones(a)nvidia.com>
drm/nouveau/disp: Always accept linear modifier
Steve French <stfrench(a)microsoft.com>
smb3 client: fix return code mapping of remap_file_range
Fabio Porcedda <fabio.porcedda(a)gmail.com>
net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions
Shuhao Fu <sfual(a)cse.ust.hk>
fs/smb: Fix inconsistent refcnt update
Shanker Donthineni <sdonthineni(a)nvidia.com>
dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted
Alex Deucher <alexander.deucher(a)amd.com>
Revert "drm/amdgpu: fix incorrect vm flags to map bo"
Minjong Kim <minbell.kim(a)samsung.com>
HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version()
Ping Cheng <pinglinux(a)gmail.com>
HID: wacom: Add a new Art Pen 2
Matt Coffin <mcoffin13(a)gmail.com>
HID: logitech: Add ids for G PRO 2 LIGHTSPEED
Antheas Kapenekakis <lkml(a)antheas.dev>
HID: quirks: add support for Legion Go dual dinput modes
Qasim Ijaz <qasdev00(a)gmail.com>
HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()
Qasim Ijaz <qasdev00(a)gmail.com>
HID: asus: fix UAF via HID_CLAIMED_INPUT validation
Borislav Petkov (AMD) <bp(a)alien8.de>
x86/microcode/AMD: Handle the case of no BIOS microcode
Thijs Raymakers <thijs(a)raymakers.nl>
KVM: x86: use array_index_nospec with indices that come from guest
Li Nan <linan122(a)huawei.com>
efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare
Eric Dumazet <edumazet(a)google.com>
sctp: initialize more fields in sctp_v6_from_sk()
Takamitsu Iwai <takamitz(a)amazon.co.jp>
net: rose: include node references in rose_neigh refcount
Takamitsu Iwai <takamitz(a)amazon.co.jp>
net: rose: convert 'use' field to refcount_t
Takamitsu Iwai <takamitz(a)amazon.co.jp>
net: rose: split remove and free operations in rose_remove_neigh()
Rohan G Thomas <rohan.g.thomas(a)altera.com>
net: stmmac: Set CIC bit only for TX queues with COE
Rohan G Thomas <rohan.g.thomas(a)altera.com>
net: stmmac: xgmac: Correct supported speed modes
Serge Semin <fancer.lancer(a)gmail.com>
net: stmmac: Rename phylink_get_caps() callback to update_caps()
Rohan G Thomas <rohan.g.thomas(a)altera.com>
net: stmmac: xgmac: Do not enable RX FIFO Overflow interrupts
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Set local Xoff after FW update
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Update and set Xon/Xoff upon port speed set
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Update and set Xon/Xoff upon MTU set
Moshe Shemesh <moshe(a)nvidia.com>
net/mlx5: Nack sync reset when SFs are present
Jiri Pirko <jiri(a)resnulli.us>
net/mlx5: Convert SF port_indices xarray to function_ids xarray
Jiri Pirko <jiri(a)resnulli.us>
net/mlx5: Use devlink port pointer to get the pointer of container SF struct
Jiri Pirko <jiri(a)resnulli.us>
net/mlx5: Call mlx5_sf_id_erase() once in mlx5_sf_dealloc()
Moshe Shemesh <moshe(a)nvidia.com>
net/mlx5: Fix lockdep assertion on sync reset unload event
Moshe Shemesh <moshe(a)nvidia.com>
net/mlx5: Add support for sync reset using hot reset
Moshe Shemesh <moshe(a)nvidia.com>
net/mlx5: Add device cap for supporting hot reset in sync reset flow
Moshe Shemesh <moshe(a)nvidia.com>
net/mlx5: Reload auxiliary drivers on fw_activate
Horatiu Vultur <horatiu.vultur(a)microchip.com>
phy: mscc: Fix when PTP clock is register and unregister
Yeounsu Moon <yyyynoom(a)gmail.com>
net: dlink: fix multicast stats being counted incorrectly
Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com>
dt-bindings: display/msm: qcom,mdp5: drop lut clock
Michal Kubiak <michal.kubiak(a)intel.com>
ice: fix incorrect counter for buffer allocation failures
Maciej Fijalkowski <maciej.fijalkowski(a)intel.com>
ice: stop storing XDP verdict within ice_rx_buf
Maciej Fijalkowski <maciej.fijalkowski(a)intel.com>
ice: gather page_count()'s of each frag right before XDP prog call
Larysa Zaremba <larysa.zaremba(a)intel.com>
ice: Introduce ice_xdp_buff
Timur Tabi <ttabi(a)nvidia.com>
drm/nouveau: remove unused memory target test
Timur Tabi <ttabi(a)nvidia.com>
drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr
Kuniyuki Iwashima <kuniyu(a)google.com>
atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().
Pavel Shpakovskiy <pashpakovskii(a)salutedevices.com>
Bluetooth: hci_sync: fix set_local_name race condition
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced
Ludovico de Nittis <ludovico.denittis(a)collabora.com>
Bluetooth: hci_event: Mark connection as closed during suspend disconnect
Ludovico de Nittis <ludovico.denittis(a)collabora.com>
Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success
José Expósito <jose.exposito89(a)gmail.com>
HID: input: report battery status changes immediately
José Expósito <jose.exposito89(a)gmail.com>
HID: input: rename hidinput_set_battery_charge_status()
Madhavan Srinivasan <maddy(a)linux.ibm.com>
powerpc/kvm: Fix ifdef to remove build warning
Rob Clark <robin.clark(a)oss.qualcomm.com>
drm/msm: Defer fd_install in SUBMIT ioctl
Oscar Maes <oscmaes92(a)gmail.com>
net: ipv4: fix regression in local-broadcast routes
Nikolay Kuratov <kniv(a)yandex-team.ru>
vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put()
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix a race when updating an existing write
Christoph Hellwig <hch(a)lst.de>
nfs: fold nfs_page_group_lock_subrequests into nfs_lock_and_join_requests
Werner Sembach <wse(a)tuxedocomputers.com>
ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list
Junli Liu <liujunli(a)lixiang.com>
erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC
Alexey Klimov <alexey.klimov(a)linaro.org>
ASoC: codecs: tx-macro: correct tx_macro_component_drv name
Paulo Alcantara <pc(a)manguebit.org>
smb: client: fix race with concurrent opens in rename(2)
Paulo Alcantara <pc(a)manguebit.org>
smb: client: fix race with concurrent opens in unlink(2)
Damien Le Moal <dlemoal(a)kernel.org>
scsi: core: sysfs: Correct sysfs attributes access rights
Tengda Wu <wutengda(a)huaweicloud.com>
ftrace: Fix potential warning in trace_printk_seq during ftrace_dump
Dan Carpenter <dan.carpenter(a)linaro.org>
of: dynamic: Fix use after free in of_changeset_add_prop_helper()
Rob Herring <robh(a)kernel.org>
of: Add a helper to free property struct
Aleksander Jan Bajkowski <olek2(a)wp.pl>
mips: lantiq: xway: sysctrl: rename the etop node
Aleksander Jan Bajkowski <olek2(a)wp.pl>
mips: dts: lantiq: danube: add missing burst length property
Randy Dunlap <rdunlap(a)infradead.org>
pinctrl: STMFX: add missing HAS_IOMEM dependency
Lizhi Hou <lizhi.hou(a)amd.com>
of: dynamic: Fix memleak when of_pci_add_properties() failed
-------------
Diffstat:
.../devicetree/bindings/display/msm/qcom,mdp5.yaml | 1 -
Makefile | 4 +-
arch/mips/boot/dts/lantiq/danube_easy50712.dts | 5 +-
arch/mips/lantiq/xway/sysctrl.c | 10 +-
arch/powerpc/kernel/kvm.c | 8 +-
arch/x86/kernel/cpu/microcode/amd.c | 22 ++-
arch/x86/kvm/lapic.c | 2 +
arch/x86/kvm/x86.c | 7 +-
drivers/acpi/ec.c | 6 +
drivers/atm/atmtcp.c | 17 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +-
drivers/gpu/drm/display/drm_dp_helper.c | 2 +-
drivers/gpu/drm/msm/msm_gem_submit.c | 14 +-
drivers/gpu/drm/nouveau/dispnv50/wndw.c | 4 +
drivers/gpu/drm/nouveau/nvkm/falcon/gm200.c | 15 +-
drivers/hid/hid-asus.c | 8 +-
drivers/hid/hid-ids.h | 3 +
drivers/hid/hid-input-test.c | 10 +-
drivers/hid/hid-input.c | 51 +++---
drivers/hid/hid-logitech-dj.c | 4 +
drivers/hid/hid-logitech-hidpp.c | 2 +
drivers/hid/hid-mcp2221.c | 71 +++++---
drivers/hid/hid-multitouch.c | 8 +
drivers/hid/hid-ntrig.c | 3 +
drivers/hid/hid-quirks.c | 2 +
drivers/hid/wacom_wac.c | 1 +
drivers/net/ethernet/dlink/dl2k.c | 2 +-
drivers/net/ethernet/intel/ice/ice_txrx.c | 94 +++++++---
drivers/net/ethernet/intel/ice/ice_txrx.h | 19 +-
drivers/net/ethernet/intel/ice/ice_txrx_lib.h | 53 ++----
drivers/net/ethernet/mellanox/mlx5/core/devlink.c | 2 +-
.../ethernet/mellanox/mlx5/core/en/port_buffer.c | 3 +-
.../ethernet/mellanox/mlx5/core/en/port_buffer.h | 12 ++
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 19 +-
drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c | 200 ++++++++++++++-------
drivers/net/ethernet/mellanox/mlx5/core/fw_reset.h | 1 +
drivers/net/ethernet/mellanox/mlx5/core/main.c | 3 +
.../net/ethernet/mellanox/mlx5/core/sf/devlink.c | 87 ++++-----
drivers/net/ethernet/mellanox/mlx5/core/sf/sf.h | 6 +
drivers/net/ethernet/stmicro/stmmac/dwmac4_core.c | 8 +-
.../net/ethernet/stmicro/stmmac/dwxgmac2_core.c | 13 +-
drivers/net/ethernet/stmicro/stmmac/dwxgmac2_dma.c | 9 +-
drivers/net/ethernet/stmicro/stmmac/hwif.h | 8 +-
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 12 +-
drivers/net/phy/mscc/mscc.h | 4 +
drivers/net/phy/mscc/mscc_main.c | 4 +-
drivers/net/phy/mscc/mscc_ptp.c | 34 ++--
drivers/net/usb/qmi_wwan.c | 3 +
drivers/of/dynamic.c | 29 +--
drivers/of/of_private.h | 1 +
drivers/of/overlay.c | 11 +-
drivers/of/unittest.c | 12 +-
drivers/pinctrl/Kconfig | 1 +
drivers/scsi/scsi_sysfs.c | 4 +-
drivers/vhost/net.c | 9 +-
fs/efivarfs/super.c | 4 +
fs/erofs/zdata.c | 13 +-
fs/nfs/pagelist.c | 86 +--------
fs/nfs/write.c | 148 +++++++++------
fs/smb/client/cifsfs.c | 14 ++
fs/smb/client/inode.c | 34 +++-
fs/smb/client/smb2inode.c | 7 +-
fs/xfs/libxfs/xfs_attr_remote.c | 7 +
fs/xfs/libxfs/xfs_da_btree.c | 6 +
include/linux/atmdev.h | 1 +
include/linux/mlx5/mlx5_ifc.h | 11 +-
include/linux/nfs_page.h | 2 +-
include/net/bluetooth/hci_sync.h | 2 +-
include/net/rose.h | 18 +-
kernel/dma/pool.c | 4 +-
kernel/trace/trace.c | 4 +-
net/atm/common.c | 15 +-
net/bluetooth/hci_event.c | 20 ++-
net/bluetooth/hci_sync.c | 6 +-
net/bluetooth/mgmt.c | 5 +-
net/ipv4/route.c | 10 +-
net/rose/af_rose.c | 13 +-
net/rose/rose_in.c | 12 +-
net/rose/rose_route.c | 62 ++++---
net/rose/rose_timer.c | 2 +-
net/sctp/ipv6.c | 2 +
sound/soc/codecs/lpass-tx-macro.c | 2 +-
82 files changed, 897 insertions(+), 560 deletions(-)
2 weeks
- 8
- 82
[PATCH 5.15 00/33] 5.15.191-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 5.15.191 release.
There are 33 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 04 Sep 2025 13:19:14 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.191-r…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 5.15.191-rc1
Eric Sandeen <sandeen(a)redhat.com>
xfs: do not propagate ENODATA disk errors into xattr code
Imre Deak <imre.deak(a)intel.com>
Revert "drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS"
Hamish Martin <hamish.martin(a)alliedtelesis.co.nz>
HID: mcp2221: Handle reads greater than 60 bytes
Hamish Martin <hamish.martin(a)alliedtelesis.co.nz>
HID: mcp2221: Don't set bus speed on every transfer
James Jones <jajones(a)nvidia.com>
drm/nouveau/disp: Always accept linear modifier
Fabio Porcedda <fabio.porcedda(a)gmail.com>
net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions
Shanker Donthineni <sdonthineni(a)nvidia.com>
dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted
Alex Deucher <alexander.deucher(a)amd.com>
Revert "drm/amdgpu: fix incorrect vm flags to map bo"
Minjong Kim <minbell.kim(a)samsung.com>
HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version()
Ping Cheng <pinglinux(a)gmail.com>
HID: wacom: Add a new Art Pen 2
Qasim Ijaz <qasdev00(a)gmail.com>
HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()
Qasim Ijaz <qasdev00(a)gmail.com>
HID: asus: fix UAF via HID_CLAIMED_INPUT validation
Thijs Raymakers <thijs(a)raymakers.nl>
KVM: x86: use array_index_nospec with indices that come from guest
Li Nan <linan122(a)huawei.com>
efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare
Eric Dumazet <edumazet(a)google.com>
sctp: initialize more fields in sctp_v6_from_sk()
Rohan G Thomas <rohan.g.thomas(a)altera.com>
net: stmmac: xgmac: Do not enable RX FIFO Overflow interrupts
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Set local Xoff after FW update
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Update and set Xon/Xoff upon port speed set
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Update and set Xon/Xoff upon MTU set
Horatiu Vultur <horatiu.vultur(a)microchip.com>
phy: mscc: Fix when PTP clock is register and unregister
Yeounsu Moon <yyyynoom(a)gmail.com>
net: dlink: fix multicast stats being counted incorrectly
Kuniyuki Iwashima <kuniyu(a)google.com>
atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced
Madhavan Srinivasan <maddy(a)linux.ibm.com>
powerpc/kvm: Fix ifdef to remove build warning
Oscar Maes <oscmaes92(a)gmail.com>
net: ipv4: fix regression in local-broadcast routes
Jan Kara <jack(a)suse.cz>
udf: Fix directory iteration for longer tail extents
Nikolay Kuratov <kniv(a)yandex-team.ru>
vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put()
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix a race when updating an existing write
Christoph Hellwig <hch(a)lst.de>
nfs: fold nfs_page_group_lock_subrequests into nfs_lock_and_join_requests
Alexey Klimov <alexey.klimov(a)linaro.org>
ASoC: codecs: tx-macro: correct tx_macro_component_drv name
Damien Le Moal <dlemoal(a)kernel.org>
scsi: core: sysfs: Correct sysfs attributes access rights
Tengda Wu <wutengda(a)huaweicloud.com>
ftrace: Fix potential warning in trace_printk_seq during ftrace_dump
Randy Dunlap <rdunlap(a)infradead.org>
pinctrl: STMFX: add missing HAS_IOMEM dependency
-------------
Diffstat:
Makefile | 4 +-
arch/powerpc/kernel/kvm.c | 8 +-
arch/x86/kvm/lapic.c | 2 +
arch/x86/kvm/x86.c | 7 +-
drivers/atm/atmtcp.c | 17 ++-
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +-
drivers/gpu/drm/drm_dp_helper.c | 2 +-
drivers/gpu/drm/nouveau/dispnv50/wndw.c | 4 +
drivers/hid/hid-asus.c | 8 +-
drivers/hid/hid-mcp2221.c | 71 +++++++----
drivers/hid/hid-multitouch.c | 8 ++
drivers/hid/hid-ntrig.c | 3 +
drivers/hid/wacom_wac.c | 1 +
drivers/net/ethernet/dlink/dl2k.c | 2 +-
.../ethernet/mellanox/mlx5/core/en/port_buffer.c | 3 +-
.../ethernet/mellanox/mlx5/core/en/port_buffer.h | 12 ++
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 19 ++-
drivers/net/ethernet/stmicro/stmmac/dwxgmac2_dma.c | 4 -
drivers/net/phy/mscc/mscc.h | 4 +
drivers/net/phy/mscc/mscc_main.c | 4 +-
drivers/net/phy/mscc/mscc_ptp.c | 34 +++--
drivers/net/usb/qmi_wwan.c | 3 +
drivers/pinctrl/Kconfig | 1 +
drivers/scsi/scsi_sysfs.c | 4 +-
drivers/vhost/net.c | 9 +-
fs/efivarfs/super.c | 4 +
fs/nfs/pagelist.c | 86 +------------
fs/nfs/write.c | 142 +++++++++++++--------
fs/udf/directory.c | 2 +-
fs/xfs/libxfs/xfs_attr_remote.c | 7 +
fs/xfs/libxfs/xfs_da_btree.c | 6 +
include/linux/atmdev.h | 1 +
include/linux/nfs_page.h | 2 +-
kernel/dma/pool.c | 4 +-
kernel/trace/trace.c | 4 +-
net/atm/common.c | 15 ++-
net/bluetooth/hci_event.c | 12 +-
net/ipv4/route.c | 10 +-
net/sctp/ipv6.c | 2 +
sound/soc/codecs/lpass-tx-macro.c | 2 +-
40 files changed, 328 insertions(+), 209 deletions(-)
2 weeks
- 8
- 40
[PATCH] fs: quota: create dedicated workqueue for quota_release_work
by Shashank A P
There is a kernel panic due to WARN_ONCE when panic_on_warn is set.
This issue occurs when writeback is triggered due to sync call for an
opened file(ie, writeback reason is WB_REASON_SYNC). When f2fs balance
is needed at sync path, flush for quota_release_work is triggered.
By default quota_release_work is queued to "events_unbound" queue which
does not have WQ_MEM_RECLAIM flag. During f2fs balance "writeback"
workqueue tries to flush quota_release_work causing kernel panic due to
MEM_RECLAIM flag mismatch errors.
This patch creates dedicated workqueue with WQ_MEM_RECLAIM flag
for work quota_release_work.
------------[ cut here ]------------
WARNING: CPU: 4 PID: 14867 at kernel/workqueue.c:3721 check_flush_dependency+0x13c/0x148
Call trace:
check_flush_dependency+0x13c/0x148
__flush_work+0xd0/0x398
flush_delayed_work+0x44/0x5c
dquot_writeback_dquots+0x54/0x318
f2fs_do_quota_sync+0xb8/0x1a8
f2fs_write_checkpoint+0x3cc/0x99c
f2fs_gc+0x190/0x750
f2fs_balance_fs+0x110/0x168
f2fs_write_single_data_page+0x474/0x7dc
f2fs_write_data_pages+0x7d0/0xd0c
do_writepages+0xe0/0x2f4
__writeback_single_inode+0x44/0x4ac
writeback_sb_inodes+0x30c/0x538
wb_writeback+0xf4/0x440
wb_workfn+0x128/0x5d4
process_scheduled_works+0x1c4/0x45c
worker_thread+0x32c/0x3e8
kthread+0x11c/0x1b0
ret_from_fork+0x10/0x20
Kernel panic - not syncing: kernel: panic_on_warn set ...
Fixes: ac6f420291b3 ("quota: flush quota_release_work upon quota writeback")
CC: stable(a)vger.kernel.org
Signed-off-by: Shashank A P <shashank.ap(a)samsung.com>
---
fs/quota/dquot.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/fs/quota/dquot.c b/fs/quota/dquot.c
index df4a9b348769..d0f83a0c42df 100644
--- a/fs/quota/dquot.c
+++ b/fs/quota/dquot.c
@@ -162,6 +162,9 @@ static struct quota_module_name module_names[] = INIT_QUOTA_MODULE_NAMES;
/* SLAB cache for dquot structures */
static struct kmem_cache *dquot_cachep;
+/* workqueue for work quota_release_work*/
+struct workqueue_struct *quota_unbound_wq;
+
void register_quota_format(struct quota_format_type *fmt)
{
spin_lock(&dq_list_lock);
@@ -881,7 +884,7 @@ void dqput(struct dquot *dquot)
put_releasing_dquots(dquot);
atomic_dec(&dquot->dq_count);
spin_unlock(&dq_list_lock);
- queue_delayed_work(system_unbound_wq, "a_release_work, 1);
+ queue_delayed_work(quota_unbound_wq, "a_release_work, 1);
}
EXPORT_SYMBOL(dqput);
@@ -3041,6 +3044,11 @@ static int __init dquot_init(void)
shrinker_register(dqcache_shrinker);
+ quota_unbound_wq = alloc_workqueue("quota_events_unbound",
+ WQ_UNBOUND | WQ_MEM_RECLAIM, WQ_MAX_ACTIVE);
+ if (!quota_unbound_wq)
+ panic("Cannot create quota_unbound_wq\n");
+
return 0;
}
fs_initcall(dquot_init);
--
2.34.1
2 weeks
- 2
- 3
[PATCH] rust: kasan/kbuild: fix missing flags on first build
by Miguel Ojeda
If KASAN is enabled, and one runs in a clean repository e.g.:
make LLVM=1 prepare
make LLVM=1 prepare
Then the Rust code gets rebuilt, which should not happen.
The reason is some of the LLVM KASAN `rustc` flags are added in the
second run:
-Cllvm-args=-asan-instrumentation-with-call-threshold=10000
-Cllvm-args=-asan-stack=0
-Cllvm-args=-asan-globals=1
-Cllvm-args=-asan-kernel-mem-intrinsic-prefix=1
Further runs do not rebuild Rust because the flags do not change anymore.
Rebuilding like that in the second run is bad, even if this just happens
with KASAN enabled, but missing flags in the first one is even worse.
The root issue is that we pass, for some architectures and for the moment,
a generated `target.json` file. That file is not ready by the time `rustc`
gets called for the flag test, and thus the flag test fails just because
the file is not available, e.g.:
$ ... --target=./scripts/target.json ... -Cllvm-args=...
error: target file "./scripts/target.json" does not exist
There are a few approaches we could take here to solve this. For instance,
we could ensure that every time that the config is rebuilt, we regenerate
the file and recompute the flags. Or we could use the LLVM version to
check for these flags, instead of testing the flag (which may have other
advantages, such as allowing us to detect renames on the LLVM side).
However, it may be easier than that: `rustc` is aware of the `-Cllvm-args`
regardless of the `--target` (e.g. I checked that the list printed
is the same, plus that I can check for these flags even if I pass
a completely unrelated target), and thus we can just eliminate the
dependency completely.
Thus filter out the target.
This does mean that `rustc-option` cannot be used to test a flag that
requires the right target, but we don't have other users yet, it is a
minimal change and we want to get rid of custom targets in the future.
We could only filter in the case `target.json` is used, to make it work
in more cases, but then it would be harder to notice that it may not
work in a couple architectures.
Cc: Matthew Maurer <mmaurer(a)google.com>
Cc: Sami Tolvanen <samitolvanen(a)google.com>
Cc: stable(a)vger.kernel.org
Fixes: e3117404b411 ("kbuild: rust: Enable KASAN support")
Signed-off-by: Miguel Ojeda <ojeda(a)kernel.org>
---
By the way, I noticed that we are not getting `asan-instrument-allocas` enabled
in neither C nor Rust -- upstream LLVM renamed it in commit 8176ee9b5dda ("[asan]
Rename asan-instrument-allocas -> asan-instrument-dynamic-allocas")). But it
happened a very long time ago (9 years ago), and the addition in the kernel
is fairly old too, in 342061ee4ef3 ("kasan: support alloca() poisoning").
I assume it should either be renamed or removed? Happy to send a patch if so.
scripts/Makefile.compiler | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/Makefile.compiler b/scripts/Makefile.compiler
index 8956587b8547..7ed7f92a7daa 100644
--- a/scripts/Makefile.compiler
+++ b/scripts/Makefile.compiler
@@ -80,7 +80,7 @@ ld-option = $(call try-run, $(LD) $(KBUILD_LDFLAGS) $(1) -v,$(1),$(2),$(3))
# TODO: remove RUSTC_BOOTSTRAP=1 when we raise the minimum GNU Make version to 4.4
__rustc-option = $(call try-run,\
echo '#![allow(missing_docs)]#![feature(no_core)]#![no_core]' | RUSTC_BOOTSTRAP=1\
- $(1) --sysroot=/dev/null $(filter-out --sysroot=/dev/null,$(2)) $(3)\
+ $(1) --sysroot=/dev/null $(filter-out --sysroot=/dev/null --target=%,$(2)) $(3)\
--crate-type=rlib --out-dir=$(TMPOUT) --emit=obj=- - >/dev/null,$(3),$(4))
# rustc-option
base-commit: 0af2f6be1b4281385b618cb86ad946eded089ac8
--
2.49.0
2 weeks
- 5
- 10
[PATCH v3] sched/deadline: Fix race in push_dl_task
by Harshit Agarwal
When a CPU chooses to call push_dl_task and picks a task to push to
another CPU's runqueue then it will call find_lock_later_rq method
which would take a double lock on both CPUs' runqueues. If one of the
locks aren't readily available, it may lead to dropping the current
runqueue lock and reacquiring both the locks at once. During this window
it is possible that the task is already migrated and is running on some
other CPU. These cases are already handled. However, if the task is
migrated and has already been executed and another CPU is now trying to
wake it up (ttwu) such that it is queued again on the runqeue
(on_rq is 1) and also if the task was run by the same CPU, then the
current checks will pass even though the task was migrated out and is no
longer in the pushable tasks list.
Please go through the original rt change for more details on the issue.
To fix this, after the lock is obtained inside the find_lock_later_rq,
it ensures that the task is still at the head of pushable tasks list.
Also removed some checks that are no longer needed with the addition of
this new check.
However, the new check of pushable tasks list only applies when
find_lock_later_rq is called by push_dl_task. For the other caller i.e.
dl_task_offline_migration, existing checks are used.
Signed-off-by: Harshit Agarwal <harshit(a)nutanix.com>
Cc: stable(a)vger.kernel.org
---
Changes in v3:
- Incorporated review comments from Juri around the commit message as
well as around the comment regarding checks in find_lock_later_rq.
- Link to v2:
https://lore.kernel.org/stable/20250317022325.52791-1-harshit@nutanix.com/
Changes in v2:
- As per Juri's suggestion, moved the check inside find_lock_later_rq
similar to rt change. Here we distinguish among the push_dl_task
caller vs dl_task_offline_migration by checking if the task is
throttled or not.
- Fixed the commit message to refer to the rt change by title.
- Link to v1:
https://lore.kernel.org/lkml/20250307204255.60640-1-harshit@nutanix.com/
---
kernel/sched/deadline.c | 73 +++++++++++++++++++++++++++--------------
1 file changed, 49 insertions(+), 24 deletions(-)
diff --git a/kernel/sched/deadline.c b/kernel/sched/deadline.c
index 38e4537790af..e0c95f33e1ed 100644
--- a/kernel/sched/deadline.c
+++ b/kernel/sched/deadline.c
@@ -2621,6 +2621,25 @@ static int find_later_rq(struct task_struct *task)
return -1;
}
+static struct task_struct *pick_next_pushable_dl_task(struct rq *rq)
+{
+ struct task_struct *p;
+
+ if (!has_pushable_dl_tasks(rq))
+ return NULL;
+
+ p = __node_2_pdl(rb_first_cached(&rq->dl.pushable_dl_tasks_root));
+
+ WARN_ON_ONCE(rq->cpu != task_cpu(p));
+ WARN_ON_ONCE(task_current(rq, p));
+ WARN_ON_ONCE(p->nr_cpus_allowed <= 1);
+
+ WARN_ON_ONCE(!task_on_rq_queued(p));
+ WARN_ON_ONCE(!dl_task(p));
+
+ return p;
+}
+
/* Locks the rq it finds */
static struct rq *find_lock_later_rq(struct task_struct *task, struct rq *rq)
{
@@ -2648,12 +2667,37 @@ static struct rq *find_lock_later_rq(struct task_struct *task, struct rq *rq)
/* Retry if something changed. */
if (double_lock_balance(rq, later_rq)) {
- if (unlikely(task_rq(task) != rq ||
+ /*
+ * double_lock_balance had to release rq->lock, in the
+ * meantime, task may no longer be fit to be migrated.
+ * Check the following to ensure that the task is
+ * still suitable for migration:
+ * 1. It is possible the task was scheduled,
+ * migrate_disabled was set and then got preempted,
+ * so we must check the task migration disable
+ * flag.
+ * 2. The CPU picked is in the task's affinity.
+ * 3. For throttled task (dl_task_offline_migration),
+ * check the following:
+ * - the task is not on the rq anymore (it was
+ * migrated)
+ * - the task is not on CPU anymore
+ * - the task is still a dl task
+ * - the task is not queued on the rq anymore
+ * 4. For the non-throttled task (push_dl_task), the
+ * check to ensure that this task is still at the
+ * head of the pushable tasks list is enough.
+ */
+ if (unlikely(is_migration_disabled(task) ||
!cpumask_test_cpu(later_rq->cpu, &task->cpus_mask) ||
- task_on_cpu(rq, task) ||
- !dl_task(task) ||
- is_migration_disabled(task) ||
- !task_on_rq_queued(task))) {
+ (task->dl.dl_throttled &&
+ (task_rq(task) != rq ||
+ task_on_cpu(rq, task) ||
+ !dl_task(task) ||
+ !task_on_rq_queued(task))) ||
+ (!task->dl.dl_throttled &&
+ task != pick_next_pushable_dl_task(rq)))) {
+
double_unlock_balance(rq, later_rq);
later_rq = NULL;
break;
@@ -2676,25 +2720,6 @@ static struct rq *find_lock_later_rq(struct task_struct *task, struct rq *rq)
return later_rq;
}
-static struct task_struct *pick_next_pushable_dl_task(struct rq *rq)
-{
- struct task_struct *p;
-
- if (!has_pushable_dl_tasks(rq))
- return NULL;
-
- p = __node_2_pdl(rb_first_cached(&rq->dl.pushable_dl_tasks_root));
-
- WARN_ON_ONCE(rq->cpu != task_cpu(p));
- WARN_ON_ONCE(task_current(rq, p));
- WARN_ON_ONCE(p->nr_cpus_allowed <= 1);
-
- WARN_ON_ONCE(!task_on_rq_queued(p));
- WARN_ON_ONCE(!dl_task(p));
-
- return p;
-}
-
/*
* See if the non running -deadline tasks on this rq
* can be sent to some other CPU where they can preempt
--
2.49.0.111.g5b97a56fa0
2 weeks
- 3
- 3
[PATCH v3] proc: fix missing pde_set_flags() for net proc files
by wangzijie
To avoid potential UAF issues during module removal races, we use pde_set_flags()
to save proc_ops flags in PDE itself before proc_register(), and then use
pde_has_proc_*() helpers instead of directly dereferencing pde->proc_ops->*.
However, the pde_set_flags() call was missing when creating net related proc files.
This omission caused incorrect behavior which FMODE_LSEEK was being cleared
inappropriately in proc_reg_open() for net proc files. Lars reported it in this link[1].
Fix this by ensuring pde_set_flags() is called when register proc entry, and add
NULL check for proc_ops in pde_set_flags().
[1]: https://lore.kernel.org/all/20250815195616.64497967@chagall.paradoxon.rec/
Fixes: ff7ec8dc1b64 ("proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al")
Cc: stable(a)vger.kernel.org
Reported-by: Lars Wendler <polynomial-c(a)gmx.de>
Signed-off-by: wangzijie <wangzijie1(a)honor.com>
---
v3:
- followed by Christian's suggestion to stash pde->proc_ops in a local const variable
v2:
- followed by Jiri's suggestion to refractor code and reformat commit message
---
fs/proc/generic.c | 38 +++++++++++++++++++++-----------------
1 file changed, 21 insertions(+), 17 deletions(-)
diff --git a/fs/proc/generic.c b/fs/proc/generic.c
index 76e800e38..bd0c099cf 100644
--- a/fs/proc/generic.c
+++ b/fs/proc/generic.c
@@ -367,6 +367,25 @@ static const struct inode_operations proc_dir_inode_operations = {
.setattr = proc_notify_change,
};
+static void pde_set_flags(struct proc_dir_entry *pde)
+{
+ const struct proc_ops *proc_ops = pde->proc_ops;
+
+ if (!proc_ops)
+ return;
+
+ if (proc_ops->proc_flags & PROC_ENTRY_PERMANENT)
+ pde->flags |= PROC_ENTRY_PERMANENT;
+ if (proc_ops->proc_read_iter)
+ pde->flags |= PROC_ENTRY_proc_read_iter;
+#ifdef CONFIG_COMPAT
+ if (proc_ops->proc_compat_ioctl)
+ pde->flags |= PROC_ENTRY_proc_compat_ioctl;
+#endif
+ if (proc_ops->proc_lseek)
+ pde->flags |= PROC_ENTRY_proc_lseek;
+}
+
/* returns the registered entry, or frees dp and returns NULL on failure */
struct proc_dir_entry *proc_register(struct proc_dir_entry *dir,
struct proc_dir_entry *dp)
@@ -374,6 +393,8 @@ struct proc_dir_entry *proc_register(struct proc_dir_entry *dir,
if (proc_alloc_inum(&dp->low_ino))
goto out_free_entry;
+ pde_set_flags(dp);
+
write_lock(&proc_subdir_lock);
dp->parent = dir;
if (pde_subdir_insert(dir, dp) == false) {
@@ -561,20 +582,6 @@ struct proc_dir_entry *proc_create_reg(const char *name, umode_t mode,
return p;
}
-static void pde_set_flags(struct proc_dir_entry *pde)
-{
- if (pde->proc_ops->proc_flags & PROC_ENTRY_PERMANENT)
- pde->flags |= PROC_ENTRY_PERMANENT;
- if (pde->proc_ops->proc_read_iter)
- pde->flags |= PROC_ENTRY_proc_read_iter;
-#ifdef CONFIG_COMPAT
- if (pde->proc_ops->proc_compat_ioctl)
- pde->flags |= PROC_ENTRY_proc_compat_ioctl;
-#endif
- if (pde->proc_ops->proc_lseek)
- pde->flags |= PROC_ENTRY_proc_lseek;
-}
-
struct proc_dir_entry *proc_create_data(const char *name, umode_t mode,
struct proc_dir_entry *parent,
const struct proc_ops *proc_ops, void *data)
@@ -585,7 +592,6 @@ struct proc_dir_entry *proc_create_data(const char *name, umode_t mode,
if (!p)
return NULL;
p->proc_ops = proc_ops;
- pde_set_flags(p);
return proc_register(parent, p);
}
EXPORT_SYMBOL(proc_create_data);
@@ -636,7 +642,6 @@ struct proc_dir_entry *proc_create_seq_private(const char *name, umode_t mode,
p->proc_ops = &proc_seq_ops;
p->seq_ops = ops;
p->state_size = state_size;
- pde_set_flags(p);
return proc_register(parent, p);
}
EXPORT_SYMBOL(proc_create_seq_private);
@@ -667,7 +672,6 @@ struct proc_dir_entry *proc_create_single_data(const char *name, umode_t mode,
return NULL;
p->proc_ops = &proc_single_ops;
p->single_show = show;
- pde_set_flags(p);
return proc_register(parent, p);
}
EXPORT_SYMBOL(proc_create_single_data);
--
2.25.1
2 weeks
- 4
- 4
[PATCH v5.10.y] xen: replace xen_remap() with memremap()
by Teddy Astie
From: Juergen Gross <jgross(a)suse.com>
From: Juergen Gross <jgross(a)suse.com>
[ upstream commit 41925b105e345ebc84cedb64f59d20cb14a62613 ]
xen_remap() is used to establish mappings for frames not under direct
control of the kernel: for Xenstore and console ring pages, and for
grant pages of non-PV guests.
Today xen_remap() is defined to use ioremap() on x86 (doing uncached
mappings), and ioremap_cache() on Arm (doing cached mappings).
Uncached mappings for those use cases are bad for performance, so they
should be avoided if possible. As all use cases of xen_remap() don't
require uncached mappings (the mapped area is always physical RAM),
a mapping using the standard WB cache mode is fine.
As sparse is flagging some of the xen_remap() use cases to be not
appropriate for iomem(), as the result is not annotated with the
__iomem modifier, eliminate xen_remap() completely and replace all
use cases with memremap() specifying the MEMREMAP_WB caching mode.
xen_unmap() can be replaced with memunmap().
Reported-by: kernel test robot <lkp(a)intel.com>
Signed-off-by: Juergen Gross <jgross(a)suse.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky(a)oracle.com>
Acked-by: Stefano Stabellini <sstabellini(a)kernel.org>
Link: https://lore.kernel.org/r/20220530082634.6339-1-jgross@suse.com
Signed-off-by: Juergen Gross <jgross(a)suse.com>
Signed-off-by: Teddy Astie <teddy.astie(a)vates.tech> [backport to 5.10.y]
---
Cc: Anthoine Bourgeois <anthoine.bourgeois(a)vates.tech>
Cc: Juergen Gross <jgross(a)suse.com>
Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com>
Cc: Stefano Stabellini <sstabellini(a)kernel.org>
Cc: Thomas Gleixner <tglx(a)linutronix.de>
Cc: Ingo Molnar <mingo(a)redhat.com>
Cc: Borislav Petkov <bp(a)alien8.de>
Cc: Dave Hansen <dave.hansen(a)linux.intel.com>
Cc: "H. Peter Anvin" <hpa(a)zytor.com>
Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Cc: Jiri Slaby <jirislaby(a)kernel.org>
arch/x86/include/asm/xen/page.h | 3 ---
drivers/tty/hvc/hvc_xen.c | 2 +-
drivers/xen/grant-table.c | 6 +++---
drivers/xen/xenbus/xenbus_probe.c | 3 +--
include/xen/arm/page.h | 3 ---
5 files changed, 5 insertions(+), 12 deletions(-)
diff --git a/arch/x86/include/asm/xen/page.h b/arch/x86/include/asm/xen/page.h
index 5941e18edd5a..c183b7f9efef 100644
--- a/arch/x86/include/asm/xen/page.h
+++ b/arch/x86/include/asm/xen/page.h
@@ -355,9 +355,6 @@ unsigned long arbitrary_virt_to_mfn(void *vaddr);
void make_lowmem_page_readonly(void *vaddr);
void make_lowmem_page_readwrite(void *vaddr);
-#define xen_remap(cookie, size) ioremap((cookie), (size));
-#define xen_unmap(cookie) iounmap((cookie))
-
static inline bool xen_arch_need_swiotlb(struct device *dev,
phys_addr_t phys,
dma_addr_t dev_addr)
diff --git a/drivers/tty/hvc/hvc_xen.c b/drivers/tty/hvc/hvc_xen.c
index 4886cad0fde6..7b472ab2f34f 100644
--- a/drivers/tty/hvc/hvc_xen.c
+++ b/drivers/tty/hvc/hvc_xen.c
@@ -270,7 +270,7 @@ static int xen_hvm_console_init(void)
if (r < 0 || v == 0)
goto err;
gfn = v;
- info->intf = xen_remap(gfn << XEN_PAGE_SHIFT, XEN_PAGE_SIZE);
+ info->intf = memremap(gfn << XEN_PAGE_SHIFT, XEN_PAGE_SIZE, MEMREMAP_WB);
if (info->intf == NULL)
goto err;
info->vtermno = HVC_COOKIE;
diff --git a/drivers/xen/grant-table.c b/drivers/xen/grant-table.c
index 0a2d24d6ac6f..a10e0741bec5 100644
--- a/drivers/xen/grant-table.c
+++ b/drivers/xen/grant-table.c
@@ -743,7 +743,7 @@ int gnttab_setup_auto_xlat_frames(phys_addr_t addr)
if (xen_auto_xlat_grant_frames.count)
return -EINVAL;
- vaddr = xen_remap(addr, XEN_PAGE_SIZE * max_nr_gframes);
+ vaddr = memremap(addr, XEN_PAGE_SIZE * max_nr_gframes, MEMREMAP_WB);
if (vaddr == NULL) {
pr_warn("Failed to ioremap gnttab share frames (addr=%pa)!\n",
&addr);
@@ -751,7 +751,7 @@ int gnttab_setup_auto_xlat_frames(phys_addr_t addr)
}
pfn = kcalloc(max_nr_gframes, sizeof(pfn[0]), GFP_KERNEL);
if (!pfn) {
- xen_unmap(vaddr);
+ memunmap(vaddr);
return -ENOMEM;
}
for (i = 0; i < max_nr_gframes; i++)
@@ -770,7 +770,7 @@ void gnttab_free_auto_xlat_frames(void)
if (!xen_auto_xlat_grant_frames.count)
return;
kfree(xen_auto_xlat_grant_frames.pfn);
- xen_unmap(xen_auto_xlat_grant_frames.vaddr);
+ memunmap(xen_auto_xlat_grant_frames.vaddr);
xen_auto_xlat_grant_frames.pfn = NULL;
xen_auto_xlat_grant_frames.count = 0;
diff --git a/drivers/xen/xenbus/xenbus_probe.c b/drivers/xen/xenbus/xenbus_probe.c
index fb5358a73820..23595fdd053d 100644
--- a/drivers/xen/xenbus/xenbus_probe.c
+++ b/drivers/xen/xenbus/xenbus_probe.c
@@ -919,8 +919,7 @@ static int __init xenbus_init(void)
#endif
xen_store_gfn = (unsigned long)v;
xen_store_interface =
- xen_remap(xen_store_gfn << XEN_PAGE_SHIFT,
- XEN_PAGE_SIZE);
+ memremap(xen_store_gfn << XEN_PAGE_SHIFT, XEN_PAGE_SIZE, MEMREMAP_WB);
break;
default:
pr_warn("Xenstore state unknown\n");
diff --git a/include/xen/arm/page.h b/include/xen/arm/page.h
index ac1b65470563..f831cfeca000 100644
--- a/include/xen/arm/page.h
+++ b/include/xen/arm/page.h
@@ -109,9 +109,6 @@ static inline bool set_phys_to_machine(unsigned long pfn, unsigned long mfn)
return __set_phys_to_machine(pfn, mfn);
}
-#define xen_remap(cookie, size) ioremap_cache((cookie), (size))
-#define xen_unmap(cookie) iounmap((cookie))
-
bool xen_arch_need_swiotlb(struct device *dev,
phys_addr_t phys,
dma_addr_t dev_addr);
--
2.51.0
--
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
2 weeks, 1 day
- 2
- 3
[PATCH v4 6/7] LoongArch: Automatically disable kaslr when the kernel loads from kexec_file
by Youling Tang
From: Youling Tang <tangyouling(a)kylinos.cn>
Automatically disable kaslr when the kernel loads from kexec_file.
kexec_file loads the secondary kernel image to a non-linked address,
inherently providing KASLR-like randomization.
However, on LoongArch where System RAM may be non-contiguous, enabling
KASLR for the second kernel could relocate it to an invalid memory
region and cause boot failure. Thus, we disable KASLR when
"kexec_file" is detected in the command line.
To ensure compatibility with older kernels loaded via kexec_file,
this patch need be backported to stable branches.
Cc: stable(a)vger.kernel.org
Signed-off-by: Youling Tang <tangyouling(a)kylinos.cn>
---
arch/loongarch/kernel/relocate.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/arch/loongarch/kernel/relocate.c b/arch/loongarch/kernel/relocate.c
index 50c469067f3a..4c097532cb88 100644
--- a/arch/loongarch/kernel/relocate.c
+++ b/arch/loongarch/kernel/relocate.c
@@ -140,6 +140,10 @@ static inline __init bool kaslr_disabled(void)
if (str == boot_command_line || (str > boot_command_line && *(str - 1) == ' '))
return true;
+ str = strstr(boot_command_line, "kexec_file");
+ if (str == boot_command_line || (str > boot_command_line && *(str - 1) == ' '))
+ return true;
+
#ifdef CONFIG_HIBERNATION
str = strstr(builtin_cmdline, "nohibernate");
if (str == builtin_cmdline || (str > builtin_cmdline && *(str - 1) == ' '))
--
2.43.0
2 weeks, 1 day
- 1
- 0
[PATCH net] net: libwx: fix to enable RSS
by Jiawen Wu
When SRIOV is enabled, RSS is also supported for the functions. There is
an incorrect flag judgement which causes RSS to fail to be enabled.
Fixes: c52d4b898901 ("net: libwx: Redesign flow when sriov is enabled")
Cc: stable(a)vger.kernel.org
Signed-off-by: Jiawen Wu <jiawenwu(a)trustnetic.com>
---
drivers/net/ethernet/wangxun/libwx/wx_hw.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/drivers/net/ethernet/wangxun/libwx/wx_hw.c b/drivers/net/ethernet/wangxun/libwx/wx_hw.c
index bcd07a715752..5cb353a97d6d 100644
--- a/drivers/net/ethernet/wangxun/libwx/wx_hw.c
+++ b/drivers/net/ethernet/wangxun/libwx/wx_hw.c
@@ -2078,10 +2078,6 @@ static void wx_setup_mrqc(struct wx *wx)
{
u32 rss_field = 0;
- /* VT, and RSS do not coexist at the same time */
- if (test_bit(WX_FLAG_VMDQ_ENABLED, wx->flags))
- return;
-
/* Disable indicating checksum in descriptor, enables RSS hash */
wr32m(wx, WX_PSR_CTL, WX_PSR_CTL_PCSD, WX_PSR_CTL_PCSD);
--
2.48.1
2 weeks, 1 day
- 3
- 2
[PATCH v2] net: dsa: mv88e6xxx: Fix fwnode reference leaks in mv88e6xxx_port_setup_leds
by Miaoqian Lin
Fix multiple fwnode reference leaks:
1. The function calls fwnode_get_named_child_node() to get the "leds" node,
but never calls fwnode_handle_put(leds) to release this reference.
2. Within the fwnode_for_each_child_node() loop, the early return
paths that don't properly release the "led" fwnode reference.
This fix follows the same pattern as commit d029edefed39
("net dsa: qca8k: fix usages of device_get_named_child_node()")
Fixes: 94a2a84f5e9e ("net: dsa: mv88e6xxx: Support LED control")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
changes in v2:
- use goto for cleanup in error paths
- v1: https://lore.kernel.org/all/20250830085508.2107507-1-linmq006@gmail.com/
---
drivers/net/dsa/mv88e6xxx/leds.c | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/drivers/net/dsa/mv88e6xxx/leds.c b/drivers/net/dsa/mv88e6xxx/leds.c
index 1c88bfaea46b..ab3bc645da56 100644
--- a/drivers/net/dsa/mv88e6xxx/leds.c
+++ b/drivers/net/dsa/mv88e6xxx/leds.c
@@ -779,7 +779,8 @@ int mv88e6xxx_port_setup_leds(struct mv88e6xxx_chip *chip, int port)
continue;
if (led_num > 1) {
dev_err(dev, "invalid LED specified port %d\n", port);
- return -EINVAL;
+ ret = -EINVAL;
+ goto err_put_led;
}
if (led_num == 0)
@@ -823,17 +824,25 @@ int mv88e6xxx_port_setup_leds(struct mv88e6xxx_chip *chip, int port)
init_data.devname_mandatory = true;
init_data.devicename = kasprintf(GFP_KERNEL, "%s:0%d:0%d", chip->info->name,
port, led_num);
- if (!init_data.devicename)
- return -ENOMEM;
+ if (!init_data.devicename) {
+ ret = -ENOMEM;
+ goto err_put_led;
+ }
ret = devm_led_classdev_register_ext(dev, l, &init_data);
kfree(init_data.devicename);
if (ret) {
dev_err(dev, "Failed to init LED %d for port %d", led_num, port);
- return ret;
+ goto err_put_led;
}
}
+ fwnode_handle_put(leds);
return 0;
+
+err_put_led:
+ fwnode_handle_put(led);
+ fwnode_handle_put(leds);
+ return ret;
}
--
2.35.1
2 weeks, 1 day
- 4
- 3
[PATCH net] netpoll: fix incorrect refcount handling causing incorrect cleanup
by Breno Leitao
commit efa95b01da18 ("netpoll: fix use after free") incorrectly
ignored the refcount and prematurely set dev->npinfo to NULL during
netpoll cleanup, leading to improper behavior and memory leaks.
Scenario causing lack of proper cleanup:
1) A netpoll is associated with a NIC (e.g., eth0) and netdev->npinfo is
allocated, and refcnt = 1
- Keep in mind that npinfo is shared among all netpoll instances. In
this case, there is just one.
2) Another netpoll is also associated with the same NIC and
npinfo->refcnt += 1.
- Now dev->npinfo->refcnt = 2;
- There is just one npinfo associated to the netdev.
3) When the first netpolls goes to clean up:
- The first cleanup succeeds and clears np->dev->npinfo, ignoring
refcnt.
- It basically calls `RCU_INIT_POINTER(np->dev->npinfo, NULL);`
- Set dev->npinfo = NULL, without proper cleanup
- No ->ndo_netpoll_cleanup() is either called
4) Now the second target tries to clean up
- The second cleanup fails because np->dev->npinfo is already NULL.
* In this case, ops->ndo_netpoll_cleanup() was never called, and
the skb pool is not cleaned as well (for the second netpoll
instance)
- This leaks npinfo and skbpool skbs, which is clearly reported by
kmemleak.
Revert commit efa95b01da18 ("netpoll: fix use after free") and adds
clarifying comments emphasizing that npinfo cleanup should only happen
once the refcount reaches zero, ensuring stable and correct netpoll
behavior.
Cc: stable(a)vger.kernel.org
Cc: jv(a)jvosburgh.net
Fixes: efa95b01da18 ("netpoll: fix use after free")
Signed-off-by: Breno Leitao <leitao(a)debian.org>
---
I have a selftest that shows the memory leak when kmemleak is enabled
and I will be submitting to net-next.
Also, giving I am reverting commit efa95b01da18 ("netpoll: fix use
after free"), which was supposed to fix a problem on bonding, I am
copying Jay.
---
net/core/netpoll.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/net/core/netpoll.c b/net/core/netpoll.c
index 5f65b62346d4e..19676cd379640 100644
--- a/net/core/netpoll.c
+++ b/net/core/netpoll.c
@@ -815,6 +815,10 @@ static void __netpoll_cleanup(struct netpoll *np)
if (!npinfo)
return;
+ /* At this point, there is a single npinfo instance per netdevice, and
+ * its refcnt tracks how many netpoll structures are linked to it. We
+ * only perform npinfo cleanup when the refcnt decrements to zero.
+ */
if (refcount_dec_and_test(&npinfo->refcnt)) {
const struct net_device_ops *ops;
@@ -824,8 +828,7 @@ static void __netpoll_cleanup(struct netpoll *np)
RCU_INIT_POINTER(np->dev->npinfo, NULL);
call_rcu(&npinfo->rcu, rcu_cleanup_netpoll_info);
- } else
- RCU_INIT_POINTER(np->dev->npinfo, NULL);
+ }
skb_pool_flush(np);
}
---
base-commit: 864ecc4a6dade82d3f70eab43dad0e277aa6fc78
change-id: 20250901-netpoll_memleak-90d0d4bc772c
Best regards,
--
Breno Leitao <leitao(a)debian.org>
2 weeks, 1 day
- 2
- 1
+ compiler-clangh-define-__sanitize___-macros-only-when-undefined.patch added to mm-hotfixes-unstable branch
by Andrew Morton
The patch titled
Subject: compiler-clang.h: define __SANITIZE_*__ macros only when undefined
has been added to the -mm mm-hotfixes-unstable branch. Its filename is
compiler-clangh-define-__sanitize___-macros-only-when-undefined.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-hotfixes-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Nathan Chancellor <nathan(a)kernel.org>
Subject: compiler-clang.h: define __SANITIZE_*__ macros only when undefined
Date: Tue, 02 Sep 2025 15:49:26 -0700
Clang 22 recently added support for defining __SANITIZE__ macros similar
to GCC [1], which causes warnings (or errors with CONFIG_WERROR=y or W=e)
with the existing defines that the kernel creates to emulate this behavior
with existing clang versions.
In file included from <built-in>:3:
In file included from include/linux/compiler_types.h:171:
include/linux/compiler-clang.h:37:9: error: '__SANITIZE_THREAD__' macro redefined [-Werror,-Wmacro-redefined]
37 | #define __SANITIZE_THREAD__
| ^
<built-in>:352:9: note: previous definition is here
352 | #define __SANITIZE_THREAD__ 1
| ^
Refactor compiler-clang.h to only define the sanitizer macros when they
are undefined and adjust the rest of the code to use these macros for
checking if the sanitizers are enabled, clearing up the warnings and
allowing the kernel to easily drop these defines when the minimum
supported version of LLVM for building the kernel becomes 22.0.0 or newer.
Link: https://lkml.kernel.org/r/20250902-clang-update-sanitize-defines-v1-1-cf370…
Link: https://github.com/llvm/llvm-project/commit/568c23bbd3303518c5056d7f03444da… [1]
Signed-off-by: Nathan Chancellor <nathan(a)kernel.org>
Reviewed-by: Justin Stitt <justinstitt(a)google.com>
Cc: Alexander Potapenko <glider(a)google.com>
Cc: Andrey Konovalov <andreyknvl(a)gmail.com>
Cc: Andrey Ryabinin <ryabinin.a.a(a)gmail.com>
Cc: Bill Wendling <morbo(a)google.com>
Cc: Dmitriy Vyukov <dvyukov(a)google.com>
Cc: Marco Elver <elver(a)google.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
include/linux/compiler-clang.h | 29 ++++++++++++++++++++++++-----
1 file changed, 24 insertions(+), 5 deletions(-)
--- a/include/linux/compiler-clang.h~compiler-clangh-define-__sanitize___-macros-only-when-undefined
+++ a/include/linux/compiler-clang.h
@@ -18,23 +18,42 @@
#define KASAN_ABI_VERSION 5
/*
+ * Clang 22 added preprocessor macros to match GCC, in hopes of eventually
+ * dropping __has_feature support for sanitizers:
+ * https://github.com/llvm/llvm-project/commit/568c23bbd3303518c5056d7f03444da…
+ * Create these macros for older versions of clang so that it is easy to clean
+ * up once the minimum supported version of LLVM for building the kernel always
+ * creates these macros.
+ *
* Note: Checking __has_feature(*_sanitizer) is only true if the feature is
* enabled. Therefore it is not required to additionally check defined(CONFIG_*)
* to avoid adding redundant attributes in other configurations.
*/
+#if __has_feature(address_sanitizer) && !defined(__SANITIZE_ADDRESS__)
+#define __SANITIZE_ADDRESS__
+#endif
+#if __has_feature(hwaddress_sanitizer) && !defined(__SANITIZE_HWADDRESS__)
+#define __SANITIZE_HWADDRESS__
+#endif
+#if __has_feature(thread_sanitizer) && !defined(__SANITIZE_THREAD__)
+#define __SANITIZE_THREAD__
+#endif
-#if __has_feature(address_sanitizer) || __has_feature(hwaddress_sanitizer)
-/* Emulate GCC's __SANITIZE_ADDRESS__ flag */
+/*
+ * Treat __SANITIZE_HWADDRESS__ the same as __SANITIZE_ADDRESS__ in the kernel.
+ */
+#ifdef __SANITIZE_HWADDRESS__
#define __SANITIZE_ADDRESS__
+#endif
+
+#ifdef __SANITIZE_ADDRESS__
#define __no_sanitize_address \
__attribute__((no_sanitize("address", "hwaddress")))
#else
#define __no_sanitize_address
#endif
-#if __has_feature(thread_sanitizer)
-/* emulate gcc's __SANITIZE_THREAD__ flag */
-#define __SANITIZE_THREAD__
+#ifdef __SANITIZE_THREAD__
#define __no_sanitize_thread \
__attribute__((no_sanitize("thread")))
#else
_
Patches currently in -mm which might be from nathan(a)kernel.org are
compiler-clangh-define-__sanitize___-macros-only-when-undefined.patch
mm-rmap-convert-enum-rmap_level-to-enum-pgtable_level-fix.patch
2 weeks, 1 day
- 1
- 0
[PATCH net 8/8] e1000e: fix heap overflow in e1000_set_eeprom
by Tony Nguyen
From: Vitaly Lifshits <vitaly.lifshits(a)intel.com>
Fix a possible heap overflow in e1000_set_eeprom function by adding
input validation for the requested length of the change in the EEPROM.
In addition, change the variable type from int to size_t for better
code practices and rearrange declarations to RCT.
Cc: stable(a)vger.kernel.org
Fixes: bc7f75fa9788 ("[E1000E]: New pci-express e1000 driver (currently for ICH9 devices only)")
Co-developed-by: Mikael Wessel <post(a)mikaelkw.online>
Signed-off-by: Mikael Wessel <post(a)mikaelkw.online>
Signed-off-by: Vitaly Lifshits <vitaly.lifshits(a)intel.com>
Tested-by: Mor Bar-Gabay <morx.bar.gabay(a)intel.com>
Signed-off-by: Tony Nguyen <anthony.l.nguyen(a)intel.com>
---
drivers/net/ethernet/intel/e1000e/ethtool.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/drivers/net/ethernet/intel/e1000e/ethtool.c b/drivers/net/ethernet/intel/e1000e/ethtool.c
index c0bbb12eed2e..cf01a108a5bb 100644
--- a/drivers/net/ethernet/intel/e1000e/ethtool.c
+++ b/drivers/net/ethernet/intel/e1000e/ethtool.c
@@ -549,12 +549,12 @@ static int e1000_set_eeprom(struct net_device *netdev,
{
struct e1000_adapter *adapter = netdev_priv(netdev);
struct e1000_hw *hw = &adapter->hw;
+ size_t total_len, max_len;
u16 *eeprom_buff;
- void *ptr;
- int max_len;
+ int ret_val = 0;
int first_word;
int last_word;
- int ret_val = 0;
+ void *ptr;
u16 i;
if (eeprom->len == 0)
@@ -569,6 +569,10 @@ static int e1000_set_eeprom(struct net_device *netdev,
max_len = hw->nvm.word_size * 2;
+ if (check_add_overflow(eeprom->offset, eeprom->len, &total_len) ||
+ total_len > max_len)
+ return -EFBIG;
+
first_word = eeprom->offset >> 1;
last_word = (eeprom->offset + eeprom->len - 1) >> 1;
eeprom_buff = kmalloc(max_len, GFP_KERNEL);
--
2.47.1
2 weeks, 1 day
- 1
- 0
[PATCH] compiler-clang.h: Define __SANITIZE_*__ macros only when undefined
by Nathan Chancellor
Clang 22 recently added support for defining __SANITIZE__ macros similar
to GCC [1], which causes warnings (or errors with CONFIG_WERROR=y or
W=e) with the existing defines that the kernel creates to emulate this
behavior with existing clang versions.
In file included from <built-in>:3:
In file included from include/linux/compiler_types.h:171:
include/linux/compiler-clang.h:37:9: error: '__SANITIZE_THREAD__' macro redefined [-Werror,-Wmacro-redefined]
37 | #define __SANITIZE_THREAD__
| ^
<built-in>:352:9: note: previous definition is here
352 | #define __SANITIZE_THREAD__ 1
| ^
Refactor compiler-clang.h to only define the sanitizer macros when they
are undefined and adjust the rest of the code to use these macros for
checking if the sanitizers are enabled, clearing up the warnings and
allowing the kernel to easily drop these defines when the minimum
supported version of LLVM for building the kernel becomes 22.0.0 or
newer.
Cc: stable(a)vger.kernel.org
Link: https://github.com/llvm/llvm-project/commit/568c23bbd3303518c5056d7f03444da… [1]
Signed-off-by: Nathan Chancellor <nathan(a)kernel.org>
---
Andrew, would it be possible to take this via mm-hotfixes?
---
include/linux/compiler-clang.h | 29 ++++++++++++++++++++++++-----
1 file changed, 24 insertions(+), 5 deletions(-)
diff --git a/include/linux/compiler-clang.h b/include/linux/compiler-clang.h
index fa4ffe037bc7..8720a0705900 100644
--- a/include/linux/compiler-clang.h
+++ b/include/linux/compiler-clang.h
@@ -18,23 +18,42 @@
#define KASAN_ABI_VERSION 5
/*
+ * Clang 22 added preprocessor macros to match GCC, in hopes of eventually
+ * dropping __has_feature support for sanitizers:
+ * https://github.com/llvm/llvm-project/commit/568c23bbd3303518c5056d7f03444da…
+ * Create these macros for older versions of clang so that it is easy to clean
+ * up once the minimum supported version of LLVM for building the kernel always
+ * creates these macros.
+ *
* Note: Checking __has_feature(*_sanitizer) is only true if the feature is
* enabled. Therefore it is not required to additionally check defined(CONFIG_*)
* to avoid adding redundant attributes in other configurations.
*/
+#if __has_feature(address_sanitizer) && !defined(__SANITIZE_ADDRESS__)
+#define __SANITIZE_ADDRESS__
+#endif
+#if __has_feature(hwaddress_sanitizer) && !defined(__SANITIZE_HWADDRESS__)
+#define __SANITIZE_HWADDRESS__
+#endif
+#if __has_feature(thread_sanitizer) && !defined(__SANITIZE_THREAD__)
+#define __SANITIZE_THREAD__
+#endif
-#if __has_feature(address_sanitizer) || __has_feature(hwaddress_sanitizer)
-/* Emulate GCC's __SANITIZE_ADDRESS__ flag */
+/*
+ * Treat __SANITIZE_HWADDRESS__ the same as __SANITIZE_ADDRESS__ in the kernel.
+ */
+#ifdef __SANITIZE_HWADDRESS__
#define __SANITIZE_ADDRESS__
+#endif
+
+#ifdef __SANITIZE_ADDRESS__
#define __no_sanitize_address \
__attribute__((no_sanitize("address", "hwaddress")))
#else
#define __no_sanitize_address
#endif
-#if __has_feature(thread_sanitizer)
-/* emulate gcc's __SANITIZE_THREAD__ flag */
-#define __SANITIZE_THREAD__
+#ifdef __SANITIZE_THREAD__
#define __no_sanitize_thread \
__attribute__((no_sanitize("thread")))
#else
---
base-commit: b320789d6883cc00ac78ce83bccbfe7ed58afcf0
change-id: 20250902-clang-update-sanitize-defines-845000c29d2c
Best regards,
--
Nathan Chancellor <nathan(a)kernel.org>
2 weeks, 1 day
- 2
- 1
[PATCHSET] xfs: improve online repair reap calculations
by Darrick J. Wong
Hi all,
A few months ago, the multi-fsblock untorn writes patchset added a bunch
of log intent item helper functions to estimate the number of intent
items that could be added to a particular transaction. Those helpers
enabled us to compute a safe upper bound on the number of blocks that
could be written in an untorn fashion with filesystem-provided out of
place writes.
Currently, the online fsck code employs static limits on the number of
intent items that it's willing to accrue to a single transaction when
it's trying to reap what it thinks are the old blocks from a corrupt
structure. There have been no problems reported with this approach
after years of testing, but static limits are scary and gross because
overestimating the intent item limit could result in transaction
overflows and dead filesystems; and underestimating causes unnecessary
overhead.
This series uses the new log intent item size helpers to estimate the
limits dynamically based on worst-case per-block repair work vs. the
size of the scrub transaction. After several months of testing this,
there don't seem to be any problems here either.
If you're going to start using this code, I strongly recommend pulling
from my git trees, which are linked below.
This has been running on the djcloud for months with no problems. Enjoy!
Comments and questions are, as always, welcome.
--D
kernel git tree:
https://git.kernel.org/cgit/linux/kernel/git/djwong/xfs-linux.git/log/?h=fi…
---
Commits in this patchset:
* xfs: prepare reaping code for dynamic limits
* xfs: convert the ifork reap code to use xreap_state
* xfs: use deferred intent items for reaping crosslinked blocks
* xfs: compute per-AG extent reap limits dynamically
* xfs: compute data device CoW staging extent reap limits dynamically
* xfs: compute realtime device CoW staging extent reap limits dynamically
* xfs: compute file mapping reap limits dynamically
* xfs: remove static reap limits
* xfs: use deferred reaping for data device cow extents
---
fs/xfs/scrub/repair.h | 8 -
fs/xfs/scrub/trace.h | 45 ++++
fs/xfs/scrub/newbt.c | 7 +
fs/xfs/scrub/reap.c | 622 +++++++++++++++++++++++++++++++++++++++----------
fs/xfs/scrub/trace.c | 1
5 files changed, 552 insertions(+), 131 deletions(-)
2 weeks, 1 day
- 2
- 3
[PATCH 2/4] fuse: fix possibly missing fuse_copy_finish() call in fuse_notify()
by Miklos Szeredi
In case of FUSE_NOTIFY_RESEND and FUSE_NOTIFY_INC_EPOCH fuse_copy_finish()
isn't called.
Fix by always calling fuse_copy_finish() after fuse_notify(). It's a no-op
if called a second time.
Fixes: 760eac73f9f6 ("fuse: Introduce a new notification type for resend pending requests")
Fixes: 2396356a945b ("fuse: add more control over cache invalidation behaviour")
Cc: <stable(a)vger.kernel.org> # v6.9
Signed-off-by: Miklos Szeredi <mszeredi(a)redhat.com>
---
fs/fuse/dev.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c
index df793003eb0c..85d05a5e40e9 100644
--- a/fs/fuse/dev.c
+++ b/fs/fuse/dev.c
@@ -2178,7 +2178,7 @@ static ssize_t fuse_dev_do_write(struct fuse_dev *fud,
*/
if (!oh.unique) {
err = fuse_notify(fc, oh.error, nbytes - sizeof(oh), cs);
- goto out;
+ goto copy_finish;
}
err = -EINVAL;
--
2.49.0
2 weeks, 1 day
- 2
- 1
[PATCH] Revert "drm/amdgpu: Avoid extra evict-restore process."
by Alex Deucher
This reverts commit 71598a5a7797f0052aaa7bcff0b8d4b8f20f1441.
This commit introduced a regression, however the fix for the
regression:
aa5fc4362fac ("drm/amdgpu: fix task hang from failed job submission during process kill")
depends on things not yet present in 6.12.y and older kernels. Since
this commit is more of an optimization, just revert it for
6.12.y and older stable kernels.
Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com>
Cc: stable(a)vger.kernel.org # 6.1.x - 6.12.x
---
Please apply this revert to 6.1.x to 6.12.x stable trees. The newer
stable trees and Linus' tree already have the regression fix.
drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c
index 0adb106e2c42..37d53578825b 100644
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c
@@ -2292,11 +2292,13 @@ void amdgpu_vm_adjust_size(struct amdgpu_device *adev, uint32_t min_vm_size,
*/
long amdgpu_vm_wait_idle(struct amdgpu_vm *vm, long timeout)
{
- timeout = drm_sched_entity_flush(&vm->immediate, timeout);
+ timeout = dma_resv_wait_timeout(vm->root.bo->tbo.base.resv,
+ DMA_RESV_USAGE_BOOKKEEP,
+ true, timeout);
if (timeout <= 0)
return timeout;
- return drm_sched_entity_flush(&vm->delayed, timeout);
+ return dma_fence_wait_timeout(vm->last_unlocked, true, timeout);
}
static void amdgpu_vm_destroy_task_info(struct kref *kref)
--
2.51.0
2 weeks, 1 day
- 3
- 2
FAILED: patch "[PATCH] drm/mediatek: Fix device/node reference count leaks in" failed to apply to 6.6-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.6-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y
git checkout FETCH_HEAD
git cherry-pick -x 1f403699c40f0806a707a9a6eed3b8904224021a
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025090146-playback-kinsman-373c@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 1f403699c40f0806a707a9a6eed3b8904224021a Mon Sep 17 00:00:00 2001
From: Ma Ke <make24(a)iscas.ac.cn>
Date: Tue, 12 Aug 2025 15:19:32 +0800
Subject: [PATCH] drm/mediatek: Fix device/node reference count leaks in
mtk_drm_get_all_drm_priv
Using device_find_child() and of_find_device_by_node() to locate
devices could cause an imbalance in the device's reference count.
device_find_child() and of_find_device_by_node() both call
get_device() to increment the reference count of the found device
before returning the pointer. In mtk_drm_get_all_drm_priv(), these
references are never released through put_device(), resulting in
permanent reference count increments. Additionally, the
for_each_child_of_node() iterator fails to release node references in
all code paths. This leaks device node references when loop
termination occurs before reaching MAX_CRTC. These reference count
leaks may prevent device/node resources from being properly released
during driver unbind operations.
As comment of device_find_child() says, 'NOTE: you will need to drop
the reference with put_device() after use'.
Cc: stable(a)vger.kernel.org
Fixes: 1ef7ed48356c ("drm/mediatek: Modify mediatek-drm for mt8195 multi mmsys support")
Signed-off-by: Ma Ke <make24(a)iscas.ac.cn>
Reviewed-by: CK Hu <ck.hu(a)mediatek.com>
Link: https://patchwork.kernel.org/project/dri-devel/patch/20250812071932.471730-…
Signed-off-by: Chun-Kuang Hu <chunkuang.hu(a)kernel.org>
diff --git a/drivers/gpu/drm/mediatek/mtk_drm_drv.c b/drivers/gpu/drm/mediatek/mtk_drm_drv.c
index d5e6bab36414..f8a817689e16 100644
--- a/drivers/gpu/drm/mediatek/mtk_drm_drv.c
+++ b/drivers/gpu/drm/mediatek/mtk_drm_drv.c
@@ -387,19 +387,19 @@ static bool mtk_drm_get_all_drm_priv(struct device *dev)
of_id = of_match_node(mtk_drm_of_ids, node);
if (!of_id)
- continue;
+ goto next_put_node;
pdev = of_find_device_by_node(node);
if (!pdev)
- continue;
+ goto next_put_node;
drm_dev = device_find_child(&pdev->dev, NULL, mtk_drm_match);
if (!drm_dev)
- continue;
+ goto next_put_device_pdev_dev;
temp_drm_priv = dev_get_drvdata(drm_dev);
if (!temp_drm_priv)
- continue;
+ goto next_put_device_drm_dev;
if (temp_drm_priv->data->main_len)
all_drm_priv[CRTC_MAIN] = temp_drm_priv;
@@ -411,10 +411,17 @@ static bool mtk_drm_get_all_drm_priv(struct device *dev)
if (temp_drm_priv->mtk_drm_bound)
cnt++;
- if (cnt == MAX_CRTC) {
- of_node_put(node);
+next_put_device_drm_dev:
+ put_device(drm_dev);
+
+next_put_device_pdev_dev:
+ put_device(&pdev->dev);
+
+next_put_node:
+ of_node_put(node);
+
+ if (cnt == MAX_CRTC)
break;
- }
}
if (drm_priv->data->mmsys_dev_num == cnt) {
2 weeks, 1 day
- 2
- 3
[PATCH] i2c: i801: Hide Intel Birch Stream SoC TCO WDT
by Chiasheng Lee
Hide the Intel Birch Stream SoC TCO WDT feature since it was removed.
On platforms with PCH TCO WDT, this redundant device might be rendering
errors like this:
[ 28.144542] sysfs: cannot create duplicate filename '/bus/platform/devices/iTCO_wdt'
Fixes: 8c56f9ef25a3 ("i2c: i801: Add support for Intel Birch Stream SoC")
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Chiasheng Lee <chiasheng.lee(a)linux.intel.com>
Reviewed-by: Mika Westerberg <mika.westerberg(a)linux.intel.com>
Link: https://bugzilla.kernel.org/show_bug.cgi?id=220320
---
drivers/i2c/busses/i2c-i801.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/i2c/busses/i2c-i801.c b/drivers/i2c/busses/i2c-i801.c
index a7f89946dad4..e94ac746a741 100644
--- a/drivers/i2c/busses/i2c-i801.c
+++ b/drivers/i2c/busses/i2c-i801.c
@@ -1052,7 +1052,7 @@ static const struct pci_device_id i801_ids[] = {
{ PCI_DEVICE_DATA(INTEL, METEOR_LAKE_P_SMBUS, FEATURES_ICH5 | FEATURE_TCO_CNL) },
{ PCI_DEVICE_DATA(INTEL, METEOR_LAKE_SOC_S_SMBUS, FEATURES_ICH5 | FEATURE_TCO_CNL) },
{ PCI_DEVICE_DATA(INTEL, METEOR_LAKE_PCH_S_SMBUS, FEATURES_ICH5 | FEATURE_TCO_CNL) },
- { PCI_DEVICE_DATA(INTEL, BIRCH_STREAM_SMBUS, FEATURES_ICH5 | FEATURE_TCO_CNL) },
+ { PCI_DEVICE_DATA(INTEL, BIRCH_STREAM_SMBUS, FEATURES_ICH5) },
{ PCI_DEVICE_DATA(INTEL, ARROW_LAKE_H_SMBUS, FEATURES_ICH5 | FEATURE_TCO_CNL) },
{ PCI_DEVICE_DATA(INTEL, PANTHER_LAKE_H_SMBUS, FEATURES_ICH5 | FEATURE_TCO_CNL) },
{ PCI_DEVICE_DATA(INTEL, PANTHER_LAKE_P_SMBUS, FEATURES_ICH5 | FEATURE_TCO_CNL) },
--
2.43.0
2 weeks, 1 day
- 3
- 2
[PATCH v3 3/4] cxl, acpi/hmat: Update CXL access coordinates directly instead of through HMAT
by Dave Jiang
The current implementation of CXL memory hotplug notifier gets called
before the HMAT memory hotplug notifier. The CXL driver calculates the
access coordinates (bandwidth and latency values) for the CXL end to
end path (i.e. CPU to endpoint). When the CXL region is onlined, the CXL
memory hotplug notifier writes the access coordinates to the HMAT target
structs. Then the HMAT memory hotplug notifier is called and it creates
the access coordinates for the node sysfs attributes.
During testing on an Intel platform, it was found that although the
newly calculated coordinates were pushed to sysfs, the sysfs attributes for
the access coordinates showed up with the wrong initiator. The system has
4 nodes (0, 1, 2, 3) where node 0 and 1 are CPU nodes and node 2 and 3 are
CXL nodes. The expectation is that node 2 would show up as a target to node
0:
/sys/devices/system/node/node2/access0/initiators/node0
However it was observed that node 2 showed up as a target under node 1:
/sys/devices/system/node/node2/access0/initiators/node1
The original intent of the 'ext_updated' flag in HMAT handling code was to
stop HMAT memory hotplug callback from clobbering the access coordinates
after CXL has injected its calculated coordinates and replaced the generic
target access coordinates provided by the HMAT table in the HMAT target
structs. However the flag is hacky at best and blocks the updates from
other CXL regions that are onlined in the same node later on. Remove the
'ext_updated' flag usage and just update the access coordinates for the
nodes directly without touching HMAT target data.
The hotplug memory callback ordering is changed. Instead of changing CXL,
move HMAT back so there's room for the levels rather than have CXL share
the same level as SLAB_CALLBACK_PRI. The change will resulting in the CXL
callback to be executed after the HMAT callback.
With the change, the CXL hotplug memory notifier runs after the HMAT
callback. The HMAT callback will create the node sysfs attributes for
access coordinates. The CXL callback will write the access coordinates to
the now created node sysfs attributes directly and will not pollute the
HMAT target values.
A nodemask is introduced to keep track if a node has been updated and
prevents further updates.
Fixes: 067353a46d8c ("cxl/region: Add memory hotplug notifier for cxl region")
Cc: stable(a)vger.kernel.org
Tested-by: Marc Herbert <marc.herbert(a)linux.intel.com>
Reviewed-by: Dan Williams <dan.j.williams(a)intel.com>
Signed-off-by: Dave Jiang <dave.jiang(a)intel.com>
---
v3:
- Use nodemask instead of xarray to keep track of node updates (Jonathan)
---
drivers/acpi/numa/hmat.c | 6 ------
drivers/cxl/core/cdat.c | 5 -----
drivers/cxl/core/core.h | 1 -
drivers/cxl/core/region.c | 20 ++++++++++++--------
include/linux/memory.h | 2 +-
5 files changed, 13 insertions(+), 21 deletions(-)
diff --git a/drivers/acpi/numa/hmat.c b/drivers/acpi/numa/hmat.c
index 4958301f5417..5d32490dc4ab 100644
--- a/drivers/acpi/numa/hmat.c
+++ b/drivers/acpi/numa/hmat.c
@@ -74,7 +74,6 @@ struct memory_target {
struct node_cache_attrs cache_attrs;
u8 gen_port_device_handle[ACPI_SRAT_DEVICE_HANDLE_SIZE];
bool registered;
- bool ext_updated; /* externally updated */
};
struct memory_initiator {
@@ -391,7 +390,6 @@ int hmat_update_target_coordinates(int nid, struct access_coordinate *coord,
coord->read_bandwidth, access);
hmat_update_target_access(target, ACPI_HMAT_WRITE_BANDWIDTH,
coord->write_bandwidth, access);
- target->ext_updated = true;
return 0;
}
@@ -773,10 +771,6 @@ static void hmat_update_target_attrs(struct memory_target *target,
u32 best = 0;
int i;
- /* Don't update if an external agent has changed the data. */
- if (target->ext_updated)
- return;
-
/* Don't update for generic port if there's no device handle */
if ((access == NODE_ACCESS_CLASS_GENPORT_SINK_LOCAL ||
access == NODE_ACCESS_CLASS_GENPORT_SINK_CPU) &&
diff --git a/drivers/cxl/core/cdat.c b/drivers/cxl/core/cdat.c
index c0af645425f4..c891fd618cfd 100644
--- a/drivers/cxl/core/cdat.c
+++ b/drivers/cxl/core/cdat.c
@@ -1081,8 +1081,3 @@ int cxl_update_hmat_access_coordinates(int nid, struct cxl_region *cxlr,
{
return hmat_update_target_coordinates(nid, &cxlr->coord[access], access);
}
-
-bool cxl_need_node_perf_attrs_update(int nid)
-{
- return !acpi_node_backed_by_real_pxm(nid);
-}
diff --git a/drivers/cxl/core/core.h b/drivers/cxl/core/core.h
index 2669f251d677..a253d308f3c9 100644
--- a/drivers/cxl/core/core.h
+++ b/drivers/cxl/core/core.h
@@ -139,7 +139,6 @@ long cxl_pci_get_latency(struct pci_dev *pdev);
int cxl_pci_get_bandwidth(struct pci_dev *pdev, struct access_coordinate *c);
int cxl_update_hmat_access_coordinates(int nid, struct cxl_region *cxlr,
enum access_coordinate_class access);
-bool cxl_need_node_perf_attrs_update(int nid);
int cxl_port_get_switch_dport_bandwidth(struct cxl_port *port,
struct access_coordinate *c);
diff --git a/drivers/cxl/core/region.c b/drivers/cxl/core/region.c
index 71cc42d05248..0ed95cbc5d5b 100644
--- a/drivers/cxl/core/region.c
+++ b/drivers/cxl/core/region.c
@@ -30,6 +30,12 @@
* 3. Decoder targets
*/
+/*
+ * nodemask that sets per node when the access_coordinates for the node has
+ * been updated by the CXL memory hotplug notifier.
+ */
+static nodemask_t nodemask_region_seen = NODE_MASK_NONE;
+
static struct cxl_region *to_cxl_region(struct device *dev);
#define __ACCESS_ATTR_RO(_level, _name) { \
@@ -2442,14 +2448,8 @@ static bool cxl_region_update_coordinates(struct cxl_region *cxlr, int nid)
for (int i = 0; i < ACCESS_COORDINATE_MAX; i++) {
if (cxlr->coord[i].read_bandwidth) {
- rc = 0;
- if (cxl_need_node_perf_attrs_update(nid))
- node_set_perf_attrs(nid, &cxlr->coord[i], i);
- else
- rc = cxl_update_hmat_access_coordinates(nid, cxlr, i);
-
- if (rc == 0)
- cset++;
+ node_update_perf_attrs(nid, &cxlr->coord[i], i);
+ cset++;
}
}
@@ -2487,6 +2487,10 @@ static int cxl_region_perf_attrs_callback(struct notifier_block *nb,
if (nid != region_nid)
return NOTIFY_DONE;
+ /* No action needed if node bit already set */
+ if (node_test_and_set(nid, nodemask_region_seen))
+ return NOTIFY_DONE;
+
if (!cxl_region_update_coordinates(cxlr, nid))
return NOTIFY_DONE;
diff --git a/include/linux/memory.h b/include/linux/memory.h
index 1305102688d0..0b755d1ef1ec 100644
--- a/include/linux/memory.h
+++ b/include/linux/memory.h
@@ -120,8 +120,8 @@ struct mem_section;
*/
#define DEFAULT_CALLBACK_PRI 0
#define SLAB_CALLBACK_PRI 1
-#define HMAT_CALLBACK_PRI 2
#define CXL_CALLBACK_PRI 5
+#define HMAT_CALLBACK_PRI 6
#define MM_COMPUTE_BATCH_PRI 10
#define CPUSET_CALLBACK_PRI 10
#define MEMTIER_HOTPLUG_PRI 100
--
2.50.1
2 weeks, 1 day
- 2
- 1
Truth: AI adoption in healthcare
by Mohanish Ved
Hi Dr. Sam Lavi Cosmetic And Implant Dentistry ,
AI adoption in healthcare isn’t coming — it’s already here.
Some implant clinics are quietly using AI to handle patient calls, consultations, and scheduling.
Their growth isn’t a coincidence.
Being first gives them an edge — being late means playing catch-up.
Should I share a 2-min demo video so you can see how it works?
Reply 'Video' and I’ll send it.
—
Best regards,
Mohanish Ved
AI Growth Specialist
EditRage Solutions
2 weeks, 1 day
- 1
- 0
[PATCH v3 3/3] xen/events: Update virq_to_irq on migration
by Jason Andryuk
VIRQs come in 3 flavors, per-VPU, per-domain, and global, and the VIRQs
are tracked in per-cpu virq_to_irq arrays.
Per-domain and global VIRQs must be bound on CPU 0, and
bind_virq_to_irq() sets the per_cpu virq_to_irq at registration time
Later, the interrupt can migrate, and info->cpu is updated. When
calling __unbind_from_irq(), the per-cpu virq_to_irq is cleared for a
different cpu. If bind_virq_to_irq() is called again with CPU 0, the
stale irq is returned. There won't be any irq_info for the irq, so
things break.
Make xen_rebind_evtchn_to_cpu() update the per_cpu virq_to_irq mappings
to keep them update to date with the current cpu. This ensures the
correct virq_to_irq is cleared in __unbind_from_irq().
Fixes: e46cdb66c8fc ("xen: event channels")
Cc: stable(a)vger.kernel.org
Signed-off-by: Jason Andryuk <jason.andryuk(a)amd.com>
---
v3:
Kernel style brace placement
Delay setting old_cpu and tighten scope of variable
v2:
Different approach changing virq_to_irq
---
drivers/xen/events/events_base.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/drivers/xen/events/events_base.c b/drivers/xen/events/events_base.c
index b060b5a95f45..9478fae014e5 100644
--- a/drivers/xen/events/events_base.c
+++ b/drivers/xen/events/events_base.c
@@ -1797,9 +1797,20 @@ static int xen_rebind_evtchn_to_cpu(struct irq_info *info, unsigned int tcpu)
* virq or IPI channel, which don't actually need to be rebound. Ignore
* it, but don't do the xenlinux-level rebind in that case.
*/
- if (HYPERVISOR_event_channel_op(EVTCHNOP_bind_vcpu, &bind_vcpu) >= 0)
+ if (HYPERVISOR_event_channel_op(EVTCHNOP_bind_vcpu, &bind_vcpu) >= 0) {
+ int old_cpu = info->cpu;
+
bind_evtchn_to_cpu(info, tcpu, false);
+ if (info->type == IRQT_VIRQ) {
+ int virq = info->u.virq;
+ int irq = per_cpu(virq_to_irq, old_cpu)[virq];
+
+ per_cpu(virq_to_irq, old_cpu)[virq] = -1;
+ per_cpu(virq_to_irq, tcpu)[virq] = irq;
+ }
+ }
+
do_unmask(info, EVT_MASK_REASON_TEMPORARY);
return 0;
--
2.34.1
2 weeks, 1 day
- 2
- 1
[PATCH v3 2/3] xen/events: Return -EEXIST for bound VIRQs
by Jason Andryuk
Change find_virq() to return -EEXIST when a VIRQ is bound to a
different CPU than the one passed in. With that, remove the BUG_ON()
from bind_virq_to_irq() to propogate the error upwards.
Some VIRQs are per-cpu, but others are per-domain or global. Those must
be bound to CPU0 and can then migrate elsewhere. The lookup for
per-domain and global will probably fail when migrated off CPU 0,
especially when the current CPU is tracked. This now returns -EEXIST
instead of BUG_ON().
A second call to bind a per-domain or global VIRQ is not expected, but
make it non-fatal to avoid trying to look up the irq, since we don't
know which per_cpu(virq_to_irq) it will be in.
Cc: stable(a)vger.kernel.org
Signed-off-by: Jason Andryuk <jason.andryuk(a)amd.com>
---
v3:
Cc: stable as a pre-req for the subsequent virg tracking change
Call __unbind_from_irq() on error ro avoid leaking info
v2:
New
---
drivers/xen/events/events_base.c | 19 ++++++++++++++-----
1 file changed, 14 insertions(+), 5 deletions(-)
diff --git a/drivers/xen/events/events_base.c b/drivers/xen/events/events_base.c
index 374231d84e4f..b060b5a95f45 100644
--- a/drivers/xen/events/events_base.c
+++ b/drivers/xen/events/events_base.c
@@ -1314,10 +1314,12 @@ int bind_interdomain_evtchn_to_irq_lateeoi(struct xenbus_device *dev,
}
EXPORT_SYMBOL_GPL(bind_interdomain_evtchn_to_irq_lateeoi);
-static int find_virq(unsigned int virq, unsigned int cpu, evtchn_port_t *evtchn)
+static int find_virq(unsigned int virq, unsigned int cpu, evtchn_port_t *evtchn,
+ bool percpu)
{
struct evtchn_status status;
evtchn_port_t port;
+ bool exists = false;
memset(&status, 0, sizeof(status));
for (port = 0; port < xen_evtchn_max_channels(); port++) {
@@ -1330,12 +1332,16 @@ static int find_virq(unsigned int virq, unsigned int cpu, evtchn_port_t *evtchn)
continue;
if (status.status != EVTCHNSTAT_virq)
continue;
- if (status.u.virq == virq && status.vcpu == xen_vcpu_nr(cpu)) {
+ if (status.u.virq != virq)
+ continue;
+ if (status.vcpu == xen_vcpu_nr(cpu)) {
*evtchn = port;
return 0;
+ } else if (!percpu) {
+ exists = true;
}
}
- return -ENOENT;
+ return exists ? -EEXIST : -ENOENT;
}
/**
@@ -1382,8 +1388,11 @@ int bind_virq_to_irq(unsigned int virq, unsigned int cpu, bool percpu)
evtchn = bind_virq.port;
else {
if (ret == -EEXIST)
- ret = find_virq(virq, cpu, &evtchn);
- BUG_ON(ret < 0);
+ ret = find_virq(virq, cpu, &evtchn, percpu);
+ if (ret) {
+ __unbind_from_irq(info, info->irq);
+ goto out;
+ }
}
ret = xen_irq_info_virq_setup(info, cpu, evtchn, virq);
--
2.34.1
2 weeks, 1 day
- 2
- 1
[PATCH] dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate
by Miaoqian Lin
The reference taken by of_find_device_by_node()
must be released when not needed anymore.
Add missing put_device() call to fix device reference leaks.
Fixes: 134d9c52fca2 ("dmaengine: dw: dmamux: Introduce RZN1 DMA router support")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/dma/dw/rzn1-dmamux.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/drivers/dma/dw/rzn1-dmamux.c b/drivers/dma/dw/rzn1-dmamux.c
index 4fb8508419db..deadf135681b 100644
--- a/drivers/dma/dw/rzn1-dmamux.c
+++ b/drivers/dma/dw/rzn1-dmamux.c
@@ -48,12 +48,16 @@ static void *rzn1_dmamux_route_allocate(struct of_phandle_args *dma_spec,
u32 mask;
int ret;
- if (dma_spec->args_count != RNZ1_DMAMUX_NCELLS)
- return ERR_PTR(-EINVAL);
+ if (dma_spec->args_count != RNZ1_DMAMUX_NCELLS) {
+ ret = -EINVAL;
+ goto put_device;
+ }
map = kzalloc(sizeof(*map), GFP_KERNEL);
- if (!map)
- return ERR_PTR(-ENOMEM);
+ if (!map) {
+ ret = -ENOMEM;
+ goto put_device;
+ }
chan = dma_spec->args[0];
map->req_idx = dma_spec->args[4];
@@ -94,12 +98,15 @@ static void *rzn1_dmamux_route_allocate(struct of_phandle_args *dma_spec,
if (ret)
goto clear_bitmap;
+ put_device(&pdev->dev);
return map;
clear_bitmap:
clear_bit(map->req_idx, dmamux->used_chans);
free_map:
kfree(map);
+put_device:
+ put_device(&pdev->dev);
return ERR_PTR(ret);
}
--
2.35.1
2 weeks, 1 day
- 6
- 8
[PATCH] cdx: Fix device node reference leak in cdx_msi_domain_init
by Miaoqian Lin
Add missing of_node_put() call to release
the device node reference obtained via of_parse_phandle().
Fixes: 0e439ba38e61 ("cdx: add MSI support for CDX bus")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/cdx/cdx_msi.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/cdx/cdx_msi.c b/drivers/cdx/cdx_msi.c
index 3388a5d1462c..91b95422b263 100644
--- a/drivers/cdx/cdx_msi.c
+++ b/drivers/cdx/cdx_msi.c
@@ -174,6 +174,7 @@ struct irq_domain *cdx_msi_domain_init(struct device *dev)
}
parent = irq_find_matching_fwnode(of_fwnode_handle(parent_node), DOMAIN_BUS_NEXUS);
+ of_node_put(parent_node);
if (!parent || !msi_get_domain_info(parent)) {
dev_err(dev, "unable to locate ITS domain\n");
return NULL;
--
2.35.1
2 weeks, 1 day
- 4
- 3
FAILED: patch "[PATCH] xfs: do not propagate ENODATA disk errors into xattr code" failed to apply to 5.10-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.10-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y
git checkout FETCH_HEAD
git cherry-pick -x ae668cd567a6a7622bc813ee0bb61c42bed61ba7
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025090112-skillet-muskiness-5948@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From ae668cd567a6a7622bc813ee0bb61c42bed61ba7 Mon Sep 17 00:00:00 2001
From: Eric Sandeen <sandeen(a)redhat.com>
Date: Fri, 22 Aug 2025 12:55:56 -0500
Subject: [PATCH] xfs: do not propagate ENODATA disk errors into xattr code
ENODATA (aka ENOATTR) has a very specific meaning in the xfs xattr code;
namely, that the requested attribute name could not be found.
However, a medium error from disk may also return ENODATA. At best,
this medium error may escape to userspace as "attribute not found"
when in fact it's an IO (disk) error.
At worst, we may oops in xfs_attr_leaf_get() when we do:
error = xfs_attr_leaf_hasname(args, &bp);
if (error == -ENOATTR) {
xfs_trans_brelse(args->trans, bp);
return error;
}
because an ENODATA/ENOATTR error from disk leaves us with a null bp,
and the xfs_trans_brelse will then null-deref it.
As discussed on the list, we really need to modify the lower level
IO functions to trap all disk errors and ensure that we don't let
unique errors like this leak up into higher xfs functions - many
like this should be remapped to EIO.
However, this patch directly addresses a reported bug in the xattr
code, and should be safe to backport to stable kernels. A larger-scope
patch to handle more unique errors at lower levels can follow later.
(Note, prior to 07120f1abdff we did not oops, but we did return the
wrong error code to userspace.)
Signed-off-by: Eric Sandeen <sandeen(a)redhat.com>
Fixes: 07120f1abdff ("xfs: Add xfs_has_attr and subroutines")
Cc: stable(a)vger.kernel.org # v5.9+
Reviewed-by: Darrick J. Wong <djwong(a)kernel.org>
Signed-off-by: Carlos Maiolino <cem(a)kernel.org>
diff --git a/fs/xfs/libxfs/xfs_attr_remote.c b/fs/xfs/libxfs/xfs_attr_remote.c
index 4c44ce1c8a64..bff3dc226f81 100644
--- a/fs/xfs/libxfs/xfs_attr_remote.c
+++ b/fs/xfs/libxfs/xfs_attr_remote.c
@@ -435,6 +435,13 @@ xfs_attr_rmtval_get(
0, &bp, &xfs_attr3_rmt_buf_ops);
if (xfs_metadata_is_sick(error))
xfs_dirattr_mark_sick(args->dp, XFS_ATTR_FORK);
+ /*
+ * ENODATA from disk implies a disk medium failure;
+ * ENODATA for xattrs means attribute not found, so
+ * disambiguate that here.
+ */
+ if (error == -ENODATA)
+ error = -EIO;
if (error)
return error;
diff --git a/fs/xfs/libxfs/xfs_da_btree.c b/fs/xfs/libxfs/xfs_da_btree.c
index 17d9e6154f19..723a0643b838 100644
--- a/fs/xfs/libxfs/xfs_da_btree.c
+++ b/fs/xfs/libxfs/xfs_da_btree.c
@@ -2833,6 +2833,12 @@ xfs_da_read_buf(
&bp, ops);
if (xfs_metadata_is_sick(error))
xfs_dirattr_mark_sick(dp, whichfork);
+ /*
+ * ENODATA from disk implies a disk medium failure; ENODATA for
+ * xattrs means attribute not found, so disambiguate that here.
+ */
+ if (error == -ENODATA && whichfork == XFS_ATTR_FORK)
+ error = -EIO;
if (error)
goto out_free;
2 weeks, 1 day
- 2
- 1
FAILED: patch "[PATCH] xfs: do not propagate ENODATA disk errors into xattr code" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x ae668cd567a6a7622bc813ee0bb61c42bed61ba7
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025090111-acorn-ammonia-8c45@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From ae668cd567a6a7622bc813ee0bb61c42bed61ba7 Mon Sep 17 00:00:00 2001
From: Eric Sandeen <sandeen(a)redhat.com>
Date: Fri, 22 Aug 2025 12:55:56 -0500
Subject: [PATCH] xfs: do not propagate ENODATA disk errors into xattr code
ENODATA (aka ENOATTR) has a very specific meaning in the xfs xattr code;
namely, that the requested attribute name could not be found.
However, a medium error from disk may also return ENODATA. At best,
this medium error may escape to userspace as "attribute not found"
when in fact it's an IO (disk) error.
At worst, we may oops in xfs_attr_leaf_get() when we do:
error = xfs_attr_leaf_hasname(args, &bp);
if (error == -ENOATTR) {
xfs_trans_brelse(args->trans, bp);
return error;
}
because an ENODATA/ENOATTR error from disk leaves us with a null bp,
and the xfs_trans_brelse will then null-deref it.
As discussed on the list, we really need to modify the lower level
IO functions to trap all disk errors and ensure that we don't let
unique errors like this leak up into higher xfs functions - many
like this should be remapped to EIO.
However, this patch directly addresses a reported bug in the xattr
code, and should be safe to backport to stable kernels. A larger-scope
patch to handle more unique errors at lower levels can follow later.
(Note, prior to 07120f1abdff we did not oops, but we did return the
wrong error code to userspace.)
Signed-off-by: Eric Sandeen <sandeen(a)redhat.com>
Fixes: 07120f1abdff ("xfs: Add xfs_has_attr and subroutines")
Cc: stable(a)vger.kernel.org # v5.9+
Reviewed-by: Darrick J. Wong <djwong(a)kernel.org>
Signed-off-by: Carlos Maiolino <cem(a)kernel.org>
diff --git a/fs/xfs/libxfs/xfs_attr_remote.c b/fs/xfs/libxfs/xfs_attr_remote.c
index 4c44ce1c8a64..bff3dc226f81 100644
--- a/fs/xfs/libxfs/xfs_attr_remote.c
+++ b/fs/xfs/libxfs/xfs_attr_remote.c
@@ -435,6 +435,13 @@ xfs_attr_rmtval_get(
0, &bp, &xfs_attr3_rmt_buf_ops);
if (xfs_metadata_is_sick(error))
xfs_dirattr_mark_sick(args->dp, XFS_ATTR_FORK);
+ /*
+ * ENODATA from disk implies a disk medium failure;
+ * ENODATA for xattrs means attribute not found, so
+ * disambiguate that here.
+ */
+ if (error == -ENODATA)
+ error = -EIO;
if (error)
return error;
diff --git a/fs/xfs/libxfs/xfs_da_btree.c b/fs/xfs/libxfs/xfs_da_btree.c
index 17d9e6154f19..723a0643b838 100644
--- a/fs/xfs/libxfs/xfs_da_btree.c
+++ b/fs/xfs/libxfs/xfs_da_btree.c
@@ -2833,6 +2833,12 @@ xfs_da_read_buf(
&bp, ops);
if (xfs_metadata_is_sick(error))
xfs_dirattr_mark_sick(dp, whichfork);
+ /*
+ * ENODATA from disk implies a disk medium failure; ENODATA for
+ * xattrs means attribute not found, so disambiguate that here.
+ */
+ if (error == -ENODATA && whichfork == XFS_ATTR_FORK)
+ error = -EIO;
if (error)
goto out_free;
2 weeks, 1 day
- 2
- 1
[PATCH AUTOSEL 6.16] gpiolib: acpi: Add quirk for ASUS ProArt PX13
by Sasha Levin
From: "Mario Limonciello (AMD)" <superm1(a)kernel.org>
[ Upstream commit 23800ad1265f10c2bc6f42154ce4d20e59f2900e ]
The ASUS ProArt PX13 has a spurious wakeup event from the touchpad
a few moments after entering hardware sleep. This can be avoided
by preventing the touchpad from being a wake source.
Add to the wakeup ignore list.
Reported-by: Amit Chaudhari <amitchaudhari(a)mac.com>
Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/4482
Tested-by: Amit Chaudhari <amitchaudhari(a)mac.com>
Signed-off-by: Mario Limonciello (AMD) <superm1(a)kernel.org>
Reviewed-by: Mika Westerberg <mika.westerberg(a)linux.intel.com>
Link: https://lore.kernel.org/20250814183430.3887973-1-superm1@kernel.org
Signed-off-by: Linus Walleij <linus.walleij(a)linaro.org>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
---
LLM Generated explanations, may be completely bogus:
Based on my comprehensive analysis of this commit and the context, here
is my assessment:
**Backport Status: YES**
## Extensive Analysis:
### 1. **Nature of the Fix**
This commit fixes a real hardware bug - spurious wakeup events from the
touchpad on the ASUS ProArt PX13 laptop. The code change adds a DMI-
based quirk entry to the `gpiolib_acpi_quirks` table in
`/home/sasha/linux/drivers/gpio/gpiolib-acpi-quirks.c:350-359`, which
instructs the GPIO subsystem to ignore wake events from the specific
touchpad GPIO pin (`ASCP1A00:00@8`).
### 2. **符合稳定内核规则 (Meets Stable Kernel Rules)**
According to `/home/sasha/linux/Documentation/process/stable-kernel-
rules.rst`:
- **Fixes a real bug**: Yes - spurious wakeups are a real hardware issue
that impacts users' ability to use sleep/suspend effectively (lines
18-19 of rules)
- **Obviously correct and tested**: Yes - the fix is straightforward
(adding a quirk entry), has been tested by the reporter (Amit
Chaudhari), and reviewed by Mika Westerberg
- **Size constraint**: The patch is only ~20 lines with context, well
under the 100-line limit
- **Already in mainline**: Yes - commit
23800ad1265f10c2bc6f42154ce4d20e59f2900e
### 3. **Historical Precedent**
Multiple similar commits for spurious wakeup quirks have been backported
to stable:
- Commit `805c74eac8cb3` (GPD G1619-04 touchpad wakeup) - explicitly
marked with `Cc: stable(a)vger.kernel.org`
- Commit `782eea0c89f7d` (Clevo NL5xNU) - marked with `Cc:
stable(a)vger.kernel.org`
- Commit `a69982c37cd05` (Clevo NH5xAx) - marked with `Cc:
<stable(a)vger.kernel.org> # v6.1+`
### 4. **Code Structure Analysis**
The change follows the exact same pattern as other quirk entries in the
file:
```c
.driver_data = &(struct acpi_gpiolib_dmi_quirk) {
.ignore_wake = "ASCP1A00:00@8",
},
```
This is a data-only addition to an existing quirk table - no logic
changes, no new code paths, minimal regression risk.
### 5. **User Impact**
The bug causes spurious wakeups "a few moments after entering hardware
sleep", which:
- Prevents proper system suspend/sleep functionality
- Drains battery life on laptops
- Disrupts user workflow
- Is a clear hardware-specific issue that cannot be worked around by
users
### 6. **Risk Assessment**
- **Extremely low risk**: The change only affects systems that match the
specific DMI strings (ASUSTeK COMPUTER INC. + ProArt PX13)
- **No impact on other systems**: DMI matching ensures this quirk only
applies to the affected hardware
- **Well-established mechanism**: The ignore_wake infrastructure is
mature and widely used
### 7. **Backporting Considerations**
While this specific commit wasn't explicitly marked with `Cc: stable`,
it follows the exact same pattern as commits that were. The commit has
already been picked up by Sasha Levin's stable tree (as shown in the `[
Upstream commit ]` tag in the local repository), suggesting the stable
maintainers recognize its importance.
The fix is self-contained, requires no prerequisites, and can be cleanly
applied to any kernel version that has the `gpiolib-acpi-quirks.c` file
structure (introduced in commit `92dc572852ddc`).
### Conclusion
This is a textbook example of a stable-appropriate fix: it addresses a
specific hardware bug affecting real users, uses a well-established
quirk mechanism, has zero impact on unaffected systems, and follows the
exact pattern of previously backported fixes for identical issues on
different hardware.
drivers/gpio/gpiolib-acpi-quirks.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/drivers/gpio/gpiolib-acpi-quirks.c b/drivers/gpio/gpiolib-acpi-quirks.c
index c13545dce3492..bfb04e67c4bc8 100644
--- a/drivers/gpio/gpiolib-acpi-quirks.c
+++ b/drivers/gpio/gpiolib-acpi-quirks.c
@@ -344,6 +344,20 @@ static const struct dmi_system_id gpiolib_acpi_quirks[] __initconst = {
.ignore_interrupt = "AMDI0030:00@8",
},
},
+ {
+ /*
+ * Spurious wakeups from TP_ATTN# pin
+ * Found in BIOS 5.35
+ * https://gitlab.freedesktop.org/drm/amd/-/issues/4482
+ */
+ .matches = {
+ DMI_MATCH(DMI_SYS_VENDOR, "ASUSTeK COMPUTER INC."),
+ DMI_MATCH(DMI_PRODUCT_FAMILY, "ProArt PX13"),
+ },
+ .driver_data = &(struct acpi_gpiolib_dmi_quirk) {
+ .ignore_wake = "ASCP1A00:00@8",
+ },
+ },
{} /* Terminating entry */
};
--
2.50.1
2 weeks, 1 day
- 1
- 16
FAILED: patch "[PATCH] xfs: do not propagate ENODATA disk errors into xattr code" failed to apply to 6.1-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.1-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y
git checkout FETCH_HEAD
git cherry-pick -x ae668cd567a6a7622bc813ee0bb61c42bed61ba7
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025090111-poem-retold-4ac2@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From ae668cd567a6a7622bc813ee0bb61c42bed61ba7 Mon Sep 17 00:00:00 2001
From: Eric Sandeen <sandeen(a)redhat.com>
Date: Fri, 22 Aug 2025 12:55:56 -0500
Subject: [PATCH] xfs: do not propagate ENODATA disk errors into xattr code
ENODATA (aka ENOATTR) has a very specific meaning in the xfs xattr code;
namely, that the requested attribute name could not be found.
However, a medium error from disk may also return ENODATA. At best,
this medium error may escape to userspace as "attribute not found"
when in fact it's an IO (disk) error.
At worst, we may oops in xfs_attr_leaf_get() when we do:
error = xfs_attr_leaf_hasname(args, &bp);
if (error == -ENOATTR) {
xfs_trans_brelse(args->trans, bp);
return error;
}
because an ENODATA/ENOATTR error from disk leaves us with a null bp,
and the xfs_trans_brelse will then null-deref it.
As discussed on the list, we really need to modify the lower level
IO functions to trap all disk errors and ensure that we don't let
unique errors like this leak up into higher xfs functions - many
like this should be remapped to EIO.
However, this patch directly addresses a reported bug in the xattr
code, and should be safe to backport to stable kernels. A larger-scope
patch to handle more unique errors at lower levels can follow later.
(Note, prior to 07120f1abdff we did not oops, but we did return the
wrong error code to userspace.)
Signed-off-by: Eric Sandeen <sandeen(a)redhat.com>
Fixes: 07120f1abdff ("xfs: Add xfs_has_attr and subroutines")
Cc: stable(a)vger.kernel.org # v5.9+
Reviewed-by: Darrick J. Wong <djwong(a)kernel.org>
Signed-off-by: Carlos Maiolino <cem(a)kernel.org>
diff --git a/fs/xfs/libxfs/xfs_attr_remote.c b/fs/xfs/libxfs/xfs_attr_remote.c
index 4c44ce1c8a64..bff3dc226f81 100644
--- a/fs/xfs/libxfs/xfs_attr_remote.c
+++ b/fs/xfs/libxfs/xfs_attr_remote.c
@@ -435,6 +435,13 @@ xfs_attr_rmtval_get(
0, &bp, &xfs_attr3_rmt_buf_ops);
if (xfs_metadata_is_sick(error))
xfs_dirattr_mark_sick(args->dp, XFS_ATTR_FORK);
+ /*
+ * ENODATA from disk implies a disk medium failure;
+ * ENODATA for xattrs means attribute not found, so
+ * disambiguate that here.
+ */
+ if (error == -ENODATA)
+ error = -EIO;
if (error)
return error;
diff --git a/fs/xfs/libxfs/xfs_da_btree.c b/fs/xfs/libxfs/xfs_da_btree.c
index 17d9e6154f19..723a0643b838 100644
--- a/fs/xfs/libxfs/xfs_da_btree.c
+++ b/fs/xfs/libxfs/xfs_da_btree.c
@@ -2833,6 +2833,12 @@ xfs_da_read_buf(
&bp, ops);
if (xfs_metadata_is_sick(error))
xfs_dirattr_mark_sick(dp, whichfork);
+ /*
+ * ENODATA from disk implies a disk medium failure; ENODATA for
+ * xattrs means attribute not found, so disambiguate that here.
+ */
+ if (error == -ENODATA && whichfork == XFS_ATTR_FORK)
+ error = -EIO;
if (error)
goto out_free;
2 weeks, 1 day
- 2
- 1
[PATCH] blk-throttle: check policy bit in blk_throtl_activated()
by gj.han@foxmail.com
From: Han Guangjiang <hanguangjiang(a)lixiang.com>
On repeated cold boots we occasionally hit a NULL pointer crash in
blk_should_throtl() when throttling is consulted before the throttle
policy is fully enabled for the queue. Checking only q->td != NULL is
insufficient during early initialization, so blkg_to_pd() for the
throttle policy can still return NULL and blkg_to_tg() becomes NULL,
which later gets dereferenced.
Tighten blk_throtl_activated() to also require that the throttle policy
bit is set on the queue:
return q->td != NULL &&
test_bit(blkcg_policy_throtl.plid, q->blkcg_pols);
This prevents blk_should_throtl() from accessing throttle group state
until policy data has been attached to blkgs.
Fixes: a3166c51702b ("blk-throttle: delay initialization until configuration")
Cc: stable(a)vger.kernel.org
Co-developed-by: Liang Jie <liangjie(a)lixiang.com>
Signed-off-by: Liang Jie <liangjie(a)lixiang.com>
Signed-off-by: Han Guangjiang <hanguangjiang(a)lixiang.com>
---
block/blk-throttle.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/block/blk-throttle.h b/block/blk-throttle.h
index 3b27755bfbff..9ca43dc56eda 100644
--- a/block/blk-throttle.h
+++ b/block/blk-throttle.h
@@ -156,7 +156,7 @@ void blk_throtl_cancel_bios(struct gendisk *disk);
static inline bool blk_throtl_activated(struct request_queue *q)
{
- return q->td != NULL;
+ return q->td != NULL && test_bit(blkcg_policy_throtl.plid, q->blkcg_pols);
}
static inline bool blk_should_throtl(struct bio *bio)
--
2.25.1
2 weeks, 1 day
- 1
- 0
FAILED: patch "[PATCH] xfs: do not propagate ENODATA disk errors into xattr code" failed to apply to 6.6-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.6-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y
git checkout FETCH_HEAD
git cherry-pick -x ae668cd567a6a7622bc813ee0bb61c42bed61ba7
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025090105-strainer-glider-fdcd@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From ae668cd567a6a7622bc813ee0bb61c42bed61ba7 Mon Sep 17 00:00:00 2001
From: Eric Sandeen <sandeen(a)redhat.com>
Date: Fri, 22 Aug 2025 12:55:56 -0500
Subject: [PATCH] xfs: do not propagate ENODATA disk errors into xattr code
ENODATA (aka ENOATTR) has a very specific meaning in the xfs xattr code;
namely, that the requested attribute name could not be found.
However, a medium error from disk may also return ENODATA. At best,
this medium error may escape to userspace as "attribute not found"
when in fact it's an IO (disk) error.
At worst, we may oops in xfs_attr_leaf_get() when we do:
error = xfs_attr_leaf_hasname(args, &bp);
if (error == -ENOATTR) {
xfs_trans_brelse(args->trans, bp);
return error;
}
because an ENODATA/ENOATTR error from disk leaves us with a null bp,
and the xfs_trans_brelse will then null-deref it.
As discussed on the list, we really need to modify the lower level
IO functions to trap all disk errors and ensure that we don't let
unique errors like this leak up into higher xfs functions - many
like this should be remapped to EIO.
However, this patch directly addresses a reported bug in the xattr
code, and should be safe to backport to stable kernels. A larger-scope
patch to handle more unique errors at lower levels can follow later.
(Note, prior to 07120f1abdff we did not oops, but we did return the
wrong error code to userspace.)
Signed-off-by: Eric Sandeen <sandeen(a)redhat.com>
Fixes: 07120f1abdff ("xfs: Add xfs_has_attr and subroutines")
Cc: stable(a)vger.kernel.org # v5.9+
Reviewed-by: Darrick J. Wong <djwong(a)kernel.org>
Signed-off-by: Carlos Maiolino <cem(a)kernel.org>
diff --git a/fs/xfs/libxfs/xfs_attr_remote.c b/fs/xfs/libxfs/xfs_attr_remote.c
index 4c44ce1c8a64..bff3dc226f81 100644
--- a/fs/xfs/libxfs/xfs_attr_remote.c
+++ b/fs/xfs/libxfs/xfs_attr_remote.c
@@ -435,6 +435,13 @@ xfs_attr_rmtval_get(
0, &bp, &xfs_attr3_rmt_buf_ops);
if (xfs_metadata_is_sick(error))
xfs_dirattr_mark_sick(args->dp, XFS_ATTR_FORK);
+ /*
+ * ENODATA from disk implies a disk medium failure;
+ * ENODATA for xattrs means attribute not found, so
+ * disambiguate that here.
+ */
+ if (error == -ENODATA)
+ error = -EIO;
if (error)
return error;
diff --git a/fs/xfs/libxfs/xfs_da_btree.c b/fs/xfs/libxfs/xfs_da_btree.c
index 17d9e6154f19..723a0643b838 100644
--- a/fs/xfs/libxfs/xfs_da_btree.c
+++ b/fs/xfs/libxfs/xfs_da_btree.c
@@ -2833,6 +2833,12 @@ xfs_da_read_buf(
&bp, ops);
if (xfs_metadata_is_sick(error))
xfs_dirattr_mark_sick(dp, whichfork);
+ /*
+ * ENODATA from disk implies a disk medium failure; ENODATA for
+ * xattrs means attribute not found, so disambiguate that here.
+ */
+ if (error == -ENODATA && whichfork == XFS_ATTR_FORK)
+ error = -EIO;
if (error)
goto out_free;
2 weeks, 1 day
- 2
- 1
[PATCH] hisi_acc_vfio_pci: Fix reference leak in hisi_acc_vfio_debug_init
by Miaoqian Lin
The debugfs_lookup() function returns a dentry with an increased reference
count that must be released by calling dput().
Fixes: b398f91779b8 ("hisi_acc_vfio_pci: register debugfs for hisilicon migration driver")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c b/drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c
index 2149f49aeec7..1710485cbbec 100644
--- a/drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c
+++ b/drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c
@@ -1611,8 +1611,10 @@ static void hisi_acc_vfio_debug_init(struct hisi_acc_vf_core_device *hisi_acc_vd
}
migf = kzalloc(sizeof(*migf), GFP_KERNEL);
- if (!migf)
+ if (!migf) {
+ dput(vfio_dev_migration);
return;
+ }
hisi_acc_vdev->debug_migf = migf;
vfio_hisi_acc = debugfs_create_dir("hisi_acc", vfio_dev_migration);
@@ -1622,6 +1624,8 @@ static void hisi_acc_vfio_debug_init(struct hisi_acc_vf_core_device *hisi_acc_vd
hisi_acc_vf_migf_read);
debugfs_create_devm_seqfile(dev, "cmd_state", vfio_hisi_acc,
hisi_acc_vf_debug_cmd);
+
+ dput(vfio_dev_migration);
}
static void hisi_acc_vf_debugfs_exit(struct hisi_acc_vf_core_device *hisi_acc_vdev)
--
2.35.1
2 weeks, 1 day
- 3
- 2
[PATCH v2 1/3] drm/xe: Attempt to bring bos back to VRAM after eviction
by Thomas Hellström
VRAM+TT bos that are evicted from VRAM to TT may remain in
TT also after a revalidation following eviction or suspend.
This manifests itself as applications becoming sluggish
after buffer objects get evicted or after a resume from
suspend or hibernation.
If the bo supports placement in both VRAM and TT, and
we are on DGFX, mark the TT placement as fallback. This means
that it is tried only after VRAM + eviction.
This flaw has probably been present since the xe module was
upstreamed but use a Fixes: commit below where backporting is
likely to be simple. For earlier versions we need to open-
code the fallback algorithm in the driver.
v2:
- Remove check for dgfx. (Matthew Auld)
- Update the xe_dma_buf kunit test for the new strategy (CI)
- Allow dma-buf to pin in current placement (CI)
- Make xe_bo_validate() for pinned bos a NOP.
Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/5995
Fixes: a78a8da51b36 ("drm/ttm: replace busy placement with flags v6")
Cc: Matthew Brost <matthew.brost(a)intel.com>
Cc: Matthew Auld <matthew.auld(a)intel.com>
Cc: <stable(a)vger.kernel.org> # v6.9+
Signed-off-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com>
Reviewed-by: Matthew Auld <matthew.auld(a)intel.com> #v1
---
drivers/gpu/drm/xe/tests/xe_bo.c | 2 +-
drivers/gpu/drm/xe/tests/xe_dma_buf.c | 10 +---------
drivers/gpu/drm/xe/xe_bo.c | 16 ++++++++++++----
drivers/gpu/drm/xe/xe_bo.h | 2 +-
drivers/gpu/drm/xe/xe_dma_buf.c | 2 +-
5 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/drivers/gpu/drm/xe/tests/xe_bo.c b/drivers/gpu/drm/xe/tests/xe_bo.c
index bb469096d072..7b40cc8be1c9 100644
--- a/drivers/gpu/drm/xe/tests/xe_bo.c
+++ b/drivers/gpu/drm/xe/tests/xe_bo.c
@@ -236,7 +236,7 @@ static int evict_test_run_tile(struct xe_device *xe, struct xe_tile *tile, struc
}
xe_bo_lock(external, false);
- err = xe_bo_pin_external(external);
+ err = xe_bo_pin_external(external, false);
xe_bo_unlock(external);
if (err) {
KUNIT_FAIL(test, "external bo pin err=%pe\n",
diff --git a/drivers/gpu/drm/xe/tests/xe_dma_buf.c b/drivers/gpu/drm/xe/tests/xe_dma_buf.c
index 3c5ad8cc65a0..5baeab6b6fb7 100644
--- a/drivers/gpu/drm/xe/tests/xe_dma_buf.c
+++ b/drivers/gpu/drm/xe/tests/xe_dma_buf.c
@@ -85,15 +85,7 @@ static void check_residency(struct kunit *test, struct xe_bo *exported,
return;
}
- /*
- * If on different devices, the exporter is kept in system if
- * possible, saving a migration step as the transfer is just
- * likely as fast from system memory.
- */
- if (params->mem_mask & XE_BO_FLAG_SYSTEM)
- KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(exported, XE_PL_TT));
- else
- KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(exported, mem_type));
+ KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(exported, mem_type));
if (params->force_different_devices)
KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(imported, XE_PL_TT));
diff --git a/drivers/gpu/drm/xe/xe_bo.c b/drivers/gpu/drm/xe/xe_bo.c
index 4faf15d5fa6d..870f43347281 100644
--- a/drivers/gpu/drm/xe/xe_bo.c
+++ b/drivers/gpu/drm/xe/xe_bo.c
@@ -188,6 +188,8 @@ static void try_add_system(struct xe_device *xe, struct xe_bo *bo,
bo->placements[*c] = (struct ttm_place) {
.mem_type = XE_PL_TT,
+ .flags = (bo_flags & XE_BO_FLAG_VRAM_MASK) ?
+ TTM_PL_FLAG_FALLBACK : 0,
};
*c += 1;
}
@@ -2322,6 +2324,7 @@ uint64_t vram_region_gpu_offset(struct ttm_resource *res)
/**
* xe_bo_pin_external - pin an external BO
* @bo: buffer object to be pinned
+ * @in_place: Pin in current placement, don't attempt to migrate.
*
* Pin an external (not tied to a VM, can be exported via dma-buf / prime FD)
* BO. Unique call compared to xe_bo_pin as this function has it own set of
@@ -2329,7 +2332,7 @@ uint64_t vram_region_gpu_offset(struct ttm_resource *res)
*
* Returns 0 for success, negative error code otherwise.
*/
-int xe_bo_pin_external(struct xe_bo *bo)
+int xe_bo_pin_external(struct xe_bo *bo, bool in_place)
{
struct xe_device *xe = xe_bo_device(bo);
int err;
@@ -2338,9 +2341,11 @@ int xe_bo_pin_external(struct xe_bo *bo)
xe_assert(xe, xe_bo_is_user(bo));
if (!xe_bo_is_pinned(bo)) {
- err = xe_bo_validate(bo, NULL, false);
- if (err)
- return err;
+ if (!in_place) {
+ err = xe_bo_validate(bo, NULL, false);
+ if (err)
+ return err;
+ }
spin_lock(&xe->pinned.lock);
list_add_tail(&bo->pinned_link, &xe->pinned.late.external);
@@ -2493,6 +2498,9 @@ int xe_bo_validate(struct xe_bo *bo, struct xe_vm *vm, bool allow_res_evict)
};
int ret;
+ if (xe_bo_is_pinned(bo))
+ return 0;
+
if (vm) {
lockdep_assert_held(&vm->lock);
xe_vm_assert_held(vm);
diff --git a/drivers/gpu/drm/xe/xe_bo.h b/drivers/gpu/drm/xe/xe_bo.h
index 8cce413b5235..cfb1ec266a6d 100644
--- a/drivers/gpu/drm/xe/xe_bo.h
+++ b/drivers/gpu/drm/xe/xe_bo.h
@@ -200,7 +200,7 @@ static inline void xe_bo_unlock_vm_held(struct xe_bo *bo)
}
}
-int xe_bo_pin_external(struct xe_bo *bo);
+int xe_bo_pin_external(struct xe_bo *bo, bool in_place);
int xe_bo_pin(struct xe_bo *bo);
void xe_bo_unpin_external(struct xe_bo *bo);
void xe_bo_unpin(struct xe_bo *bo);
diff --git a/drivers/gpu/drm/xe/xe_dma_buf.c b/drivers/gpu/drm/xe/xe_dma_buf.c
index 346f857f3837..af64baf872ef 100644
--- a/drivers/gpu/drm/xe/xe_dma_buf.c
+++ b/drivers/gpu/drm/xe/xe_dma_buf.c
@@ -72,7 +72,7 @@ static int xe_dma_buf_pin(struct dma_buf_attachment *attach)
return ret;
}
- ret = xe_bo_pin_external(bo);
+ ret = xe_bo_pin_external(bo, true);
xe_assert(xe, !ret);
return 0;
--
2.50.1
2 weeks, 1 day
- 2
- 1
Re: [PATCH net] netrom: validate header lengths in nr_rx_frame() using pskb_may_pull()
by Eric Dumazet
On Wed, Aug 27, 2025 at 7:38 AM Stanislav Fort <disclosure(a)aisle.com> wrote:
>
> NET/ROM nr_rx_frame() dereferences the 5-byte transport header
> unconditionally. nr_route_frame() currently accepts frames as short as
> NR_NETWORK_LEN (15 bytes), which can lead to small out-of-bounds reads
> on short frames.
>
> Fix by using pskb_may_pull() in nr_rx_frame() to ensure the full
> NET/ROM network + transport header is present before accessing it, and
> guard the extra fields used by NR_CONNREQ (window, user address, and the
> optional BPQ timeout extension) with additional pskb_may_pull() checks.
>
> This aligns with recent fixes using pskb_may_pull() to validate header
> availability.
>
> Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
> Reported-by: Stanislav Fort <disclosure(a)aisle.com>
> Cc: stable(a)vger.kernel.org
> Signed-off-by: Stanislav Fort <disclosure(a)aisle.com>
> ---
> net/netrom/af_netrom.c | 12 +++++++++++-
> net/netrom/nr_route.c | 2 +-
> 2 files changed, 12 insertions(+), 2 deletions(-)
>
> diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c
> index 3331669d8e33..1fbaa161288a 100644
> --- a/net/netrom/af_netrom.c
> +++ b/net/netrom/af_netrom.c
> @@ -885,6 +885,10 @@ int nr_rx_frame(struct sk_buff *skb, struct net_device *dev)
> * skb->data points to the netrom frame start
> */
>
> + /* Ensure NET/ROM network + transport header are present */
> + if (!pskb_may_pull(skb, NR_NETWORK_LEN + NR_TRANSPORT_LEN))
> + return 0;
> +
> src = (ax25_address *)(skb->data + 0);
> dest = (ax25_address *)(skb->data + 7);
>
> @@ -961,6 +965,12 @@ int nr_rx_frame(struct sk_buff *skb, struct net_device *dev)
> return 0;
> }
>
> + /* Ensure NR_CONNREQ fields (window + user address) are present */
> + if (!pskb_may_pull(skb, 21 + AX25_ADDR_LEN)) {
If skb->head is reallocated by this pskb_may_pull(), dest variable
might point to a freed piece of memory
(old skb->head)
As far as netrom is concerned, I would force a full linearization of
the packet very early
It is also unclear if the bug even exists in the first place.
Can you show the stack trace leading to this function being called
from an arbitrary
provider (like a packet being fed by malicious user space)
For instance nr_rx_frame() can be called from net/netrom/nr_loopback.c
with non malicious packet.
For the remaining caller (nr_route_frame()), it is unclear to me.
2 weeks, 1 day
- 2
- 1
[PATCH] cpufreq: nforce2: fix PCI device reference leaks in nforce2_fsb_read
by Miaoqian Lin
Add missing pci_dev_put() calls to release device references
obtained via pci_get_subsys().
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/cpufreq/cpufreq-nforce2.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/cpufreq/cpufreq-nforce2.c b/drivers/cpufreq/cpufreq-nforce2.c
index fedad1081973..0a49cb9d7ba1 100644
--- a/drivers/cpufreq/cpufreq-nforce2.c
+++ b/drivers/cpufreq/cpufreq-nforce2.c
@@ -148,13 +148,16 @@ static unsigned int nforce2_fsb_read(int bootfsb)
/* Check if PLL register is already set */
pci_read_config_byte(nforce2_dev, NFORCE2_PLLENABLE, (u8 *)&temp);
- if (bootfsb || !temp)
+ if (bootfsb || !temp) {
+ pci_dev_put(nforce2_sub5);
return fsb;
+ }
/* Use PLL register FSB value */
pci_read_config_dword(nforce2_dev, NFORCE2_PLLREG, &temp);
fsb = nforce2_calc_fsb(temp);
+ pci_dev_put(nforce2_sub5);
return fsb;
}
--
2.35.1
2 weeks, 1 day
- 2
- 1
[PATCH 0/3] drm/exynos: vidi: fix various memory corruption bugs
by Jeongjun Park
This is a series of patches that address several memory bugs that occur
in the Exynos Virtual Display driver.
Jeongjun Park (3):
drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl()
drm/exynos: vidi: fix to avoid directly dereferencing user pointer
drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free
drivers/gpu/drm/exynos/exynos_drm_drv.h | 1 +
drivers/gpu/drm/exynos/exynos_drm_vidi.c | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++----------
2 files changed, 64 insertions(+), 11 deletions(-)
2 weeks, 1 day
- 1
- 3
[PATCH] drivers: bus: fix device node reference leak in __cci_ace_get_port
by Miaoqian Lin
Add missing of_node_put() call to release
the device node reference obtained via of_parse_phandle().
Fixes: ed69bdd8fd9b ("drivers: bus: add ARM CCI support")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/bus/arm-cci.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/drivers/bus/arm-cci.c b/drivers/bus/arm-cci.c
index b8184a903583..af180f884f1d 100644
--- a/drivers/bus/arm-cci.c
+++ b/drivers/bus/arm-cci.c
@@ -163,14 +163,18 @@ static int __cci_ace_get_port(struct device_node *dn, int type)
int i;
bool ace_match;
struct device_node *cci_portn;
+ int ret = -ENODEV;
cci_portn = of_parse_phandle(dn, "cci-control-port", 0);
for (i = 0; i < nb_cci_ports; i++) {
ace_match = ports[i].type == type;
- if (ace_match && cci_portn == ports[i].dn)
- return i;
+ if (ace_match && cci_portn == ports[i].dn) {
+ ret = i;
+ break;
+ }
}
- return -ENODEV;
+ of_node_put(cci_portn);
+ return ret;
}
int cci_ace_get_port(struct device_node *dn)
--
2.35.1
2 weeks, 1 day
- 3
- 2
[PATCH] pasemi: fix PCI device reference leaks in pas_setup_mce_regs
by Miaoqian Lin
Fix reference leaks where PCI device references
obtained via pci_get_device() were not being released:
1. The while loop that iterates through 0xa00a devices was not
releasing the final device reference when the loop terminates.
2. Single device lookups for 0xa001 and 0xa009 devices were not
releasing their references after use.
Add missing pci_dev_put() calls to ensure all device references
are properly released.
Fixes: cd7834167ffb ("[POWERPC] pasemi: Print more information at machine check")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
arch/powerpc/platforms/pasemi/setup.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/arch/powerpc/platforms/pasemi/setup.c b/arch/powerpc/platforms/pasemi/setup.c
index d03b41336901..dafbee3afd86 100644
--- a/arch/powerpc/platforms/pasemi/setup.c
+++ b/arch/powerpc/platforms/pasemi/setup.c
@@ -169,6 +169,8 @@ static int __init pas_setup_mce_regs(void)
dev = pci_get_device(PCI_VENDOR_ID_PASEMI, 0xa00a, dev);
reg++;
}
+ /* Release the last device reference from the while loop */
+ pci_dev_put(dev);
dev = pci_get_device(PCI_VENDOR_ID_PASEMI, 0xa001, NULL);
if (dev && reg+4 < MAX_MCE_REGS) {
@@ -185,6 +187,7 @@ static int __init pas_setup_mce_regs(void)
mce_regs[reg].addr = pasemi_pci_getcfgaddr(dev, 0xc1c);
reg++;
}
+ pci_dev_put(dev);
dev = pci_get_device(PCI_VENDOR_ID_PASEMI, 0xa009, NULL);
if (dev && reg+2 < MAX_MCE_REGS) {
@@ -195,6 +198,7 @@ static int __init pas_setup_mce_regs(void)
mce_regs[reg].addr = pasemi_pci_getcfgaddr(dev, 0x214);
reg++;
}
+ pci_dev_put(dev);
num_mce_regs = reg;
--
2.35.1
2 weeks, 1 day
- 4
- 4
[PATCH 3/3] xhci: fix memory leak regression when freeing xhci vdev devices depth first
by Mathias Nyman
Suspend-resume cycle test revealed a memory leak in 6.17-rc3
Turns out the slot_id race fix changes accidentally ends up calling
xhci_free_virt_device() with an incorrect vdev parameter.
The vdev variable was reused for temporary purposes right before calling
xhci_free_virt_device().
Fix this by passing the correct vdev parameter.
The slot_id race fix that caused this regression was targeted for stable,
so this needs to be applied there as well.
Fixes: 2eb03376151b ("usb: xhci: Fix slot_id resource race conflict")
Reported-by: David Wang <00107082(a)163.com>
Closes: https://lore.kernel.org/linux-usb/20250829181354.4450-1-00107082@163.com
Suggested-by: Michal Pecio <michal.pecio(a)gmail.com>
Suggested-by: David Wang <00107082(a)163.com>
Cc: stable(a)vger.kernel.org
Tested-by: David Wang <00107082(a)163.com>
Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com>
---
drivers/usb/host/xhci-mem.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/usb/host/xhci-mem.c b/drivers/usb/host/xhci-mem.c
index 81eaad87a3d9..c4a6544aa107 100644
--- a/drivers/usb/host/xhci-mem.c
+++ b/drivers/usb/host/xhci-mem.c
@@ -962,7 +962,7 @@ static void xhci_free_virt_devices_depth_first(struct xhci_hcd *xhci, int slot_i
out:
/* we are now at a leaf device */
xhci_debugfs_remove_slot(xhci, slot_id);
- xhci_free_virt_device(xhci, vdev, slot_id);
+ xhci_free_virt_device(xhci, xhci->devs[slot_id], slot_id);
}
int xhci_alloc_virt_device(struct xhci_hcd *xhci, int slot_id,
--
2.43.0
2 weeks, 1 day
- 1
- 0
[PATCH 2/3] xhci: dbc: Fix full DbC transfer ring after several reconnects
by Mathias Nyman
Pending requests will be flushed on disconnect, and the corresponding
TRBs will be turned into No-op TRBs, which are ignored by the xHC
controller once it starts processing the ring.
If the USB debug cable repeatedly disconnects before ring is started
then the ring will eventually be filled with No-op TRBs.
No new transfers can be queued when the ring is full, and driver will
print the following error message:
"xhci_hcd 0000:00:14.0: failed to queue trbs"
This is a normal case for 'in' transfers where TRBs are always enqueued
in advance, ready to take on incoming data. If no data arrives, and
device is disconnected, then ring dequeue will remain at beginning of
the ring while enqueue points to first free TRB after last cancelled
No-op TRB.
s
Solve this by reinitializing the rings when the debug cable disconnects
and DbC is leaving the configured state.
Clear the whole ring buffer and set enqueue and dequeue to the beginning
of ring, and set cycle bit to its initial state.
Cc: stable(a)vger.kernel.org
Fixes: dfba2174dc42 ("usb: xhci: Add DbC support in xHCI driver")
Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com>
---
drivers/usb/host/xhci-dbgcap.c | 23 +++++++++++++++++++++--
1 file changed, 21 insertions(+), 2 deletions(-)
diff --git a/drivers/usb/host/xhci-dbgcap.c b/drivers/usb/host/xhci-dbgcap.c
index d0faff233e3e..63edf2d8f245 100644
--- a/drivers/usb/host/xhci-dbgcap.c
+++ b/drivers/usb/host/xhci-dbgcap.c
@@ -462,6 +462,25 @@ static void xhci_dbc_ring_init(struct xhci_ring *ring)
xhci_initialize_ring_info(ring);
}
+static int xhci_dbc_reinit_ep_rings(struct xhci_dbc *dbc)
+{
+ struct xhci_ring *in_ring = dbc->eps[BULK_IN].ring;
+ struct xhci_ring *out_ring = dbc->eps[BULK_OUT].ring;
+
+ if (!in_ring || !out_ring || !dbc->ctx) {
+ dev_warn(dbc->dev, "Can't re-init unallocated endpoints\n");
+ return -ENODEV;
+ }
+
+ xhci_dbc_ring_init(in_ring);
+ xhci_dbc_ring_init(out_ring);
+
+ /* set ep context enqueue, dequeue, and cycle to initial values */
+ xhci_dbc_init_ep_contexts(dbc);
+
+ return 0;
+}
+
static struct xhci_ring *
xhci_dbc_ring_alloc(struct device *dev, enum xhci_ring_type type, gfp_t flags)
{
@@ -885,7 +904,7 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc)
dev_info(dbc->dev, "DbC cable unplugged\n");
dbc->state = DS_ENABLED;
xhci_dbc_flush_requests(dbc);
-
+ xhci_dbc_reinit_ep_rings(dbc);
return EVT_DISC;
}
@@ -895,7 +914,7 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc)
writel(portsc, &dbc->regs->portsc);
dbc->state = DS_ENABLED;
xhci_dbc_flush_requests(dbc);
-
+ xhci_dbc_reinit_ep_rings(dbc);
return EVT_DISC;
}
--
2.43.0
2 weeks, 1 day
- 1
- 0
[PATCH 1/3] xhci: dbc: decouple endpoint allocation from initialization
by Mathias Nyman
Decouple allocation of endpoint ring buffer from initialization
of the buffer, and initialization of endpoint context parts from
from the rest of the contexts.
It allows driver to clear up and reinitialize endpoint rings
after disconnect without reallocating everything.
This is a prerequisite for the next patch that prevents the transfer
ring from filling up with cancelled (no-op) TRBs if a debug cable is
reconnected several times without transferring anything.
Cc: stable(a)vger.kernel.org
Fixes: dfba2174dc42 ("usb: xhci: Add DbC support in xHCI driver")
Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com>
---
drivers/usb/host/xhci-dbgcap.c | 71 ++++++++++++++++++++++------------
1 file changed, 46 insertions(+), 25 deletions(-)
diff --git a/drivers/usb/host/xhci-dbgcap.c b/drivers/usb/host/xhci-dbgcap.c
index 06a2edb9e86e..d0faff233e3e 100644
--- a/drivers/usb/host/xhci-dbgcap.c
+++ b/drivers/usb/host/xhci-dbgcap.c
@@ -101,13 +101,34 @@ static u32 xhci_dbc_populate_strings(struct dbc_str_descs *strings)
return string_length;
}
+static void xhci_dbc_init_ep_contexts(struct xhci_dbc *dbc)
+{
+ struct xhci_ep_ctx *ep_ctx;
+ unsigned int max_burst;
+ dma_addr_t deq;
+
+ max_burst = DBC_CTRL_MAXBURST(readl(&dbc->regs->control));
+
+ /* Populate bulk out endpoint context: */
+ ep_ctx = dbc_bulkout_ctx(dbc);
+ deq = dbc_bulkout_enq(dbc);
+ ep_ctx->ep_info = 0;
+ ep_ctx->ep_info2 = dbc_epctx_info2(BULK_OUT_EP, 1024, max_burst);
+ ep_ctx->deq = cpu_to_le64(deq | dbc->ring_out->cycle_state);
+
+ /* Populate bulk in endpoint context: */
+ ep_ctx = dbc_bulkin_ctx(dbc);
+ deq = dbc_bulkin_enq(dbc);
+ ep_ctx->ep_info = 0;
+ ep_ctx->ep_info2 = dbc_epctx_info2(BULK_IN_EP, 1024, max_burst);
+ ep_ctx->deq = cpu_to_le64(deq | dbc->ring_in->cycle_state);
+}
+
static void xhci_dbc_init_contexts(struct xhci_dbc *dbc, u32 string_length)
{
struct dbc_info_context *info;
- struct xhci_ep_ctx *ep_ctx;
u32 dev_info;
- dma_addr_t deq, dma;
- unsigned int max_burst;
+ dma_addr_t dma;
if (!dbc)
return;
@@ -121,20 +142,8 @@ static void xhci_dbc_init_contexts(struct xhci_dbc *dbc, u32 string_length)
info->serial = cpu_to_le64(dma + DBC_MAX_STRING_LENGTH * 3);
info->length = cpu_to_le32(string_length);
- /* Populate bulk out endpoint context: */
- ep_ctx = dbc_bulkout_ctx(dbc);
- max_burst = DBC_CTRL_MAXBURST(readl(&dbc->regs->control));
- deq = dbc_bulkout_enq(dbc);
- ep_ctx->ep_info = 0;
- ep_ctx->ep_info2 = dbc_epctx_info2(BULK_OUT_EP, 1024, max_burst);
- ep_ctx->deq = cpu_to_le64(deq | dbc->ring_out->cycle_state);
-
- /* Populate bulk in endpoint context: */
- ep_ctx = dbc_bulkin_ctx(dbc);
- deq = dbc_bulkin_enq(dbc);
- ep_ctx->ep_info = 0;
- ep_ctx->ep_info2 = dbc_epctx_info2(BULK_IN_EP, 1024, max_burst);
- ep_ctx->deq = cpu_to_le64(deq | dbc->ring_in->cycle_state);
+ /* Populate bulk in and out endpoint contexts: */
+ xhci_dbc_init_ep_contexts(dbc);
/* Set DbC context and info registers: */
lo_hi_writeq(dbc->ctx->dma, &dbc->regs->dccp);
@@ -436,6 +445,23 @@ dbc_alloc_ctx(struct device *dev, gfp_t flags)
return ctx;
}
+static void xhci_dbc_ring_init(struct xhci_ring *ring)
+{
+ struct xhci_segment *seg = ring->first_seg;
+
+ /* clear all trbs on ring in case of old ring */
+ memset(seg->trbs, 0, TRB_SEGMENT_SIZE);
+
+ /* Only event ring does not use link TRB */
+ if (ring->type != TYPE_EVENT) {
+ union xhci_trb *trb = &seg->trbs[TRBS_PER_SEGMENT - 1];
+
+ trb->link.segment_ptr = cpu_to_le64(ring->first_seg->dma);
+ trb->link.control = cpu_to_le32(LINK_TOGGLE | TRB_TYPE(TRB_LINK));
+ }
+ xhci_initialize_ring_info(ring);
+}
+
static struct xhci_ring *
xhci_dbc_ring_alloc(struct device *dev, enum xhci_ring_type type, gfp_t flags)
{
@@ -464,15 +490,10 @@ xhci_dbc_ring_alloc(struct device *dev, enum xhci_ring_type type, gfp_t flags)
seg->dma = dma;
- /* Only event ring does not use link TRB */
- if (type != TYPE_EVENT) {
- union xhci_trb *trb = &seg->trbs[TRBS_PER_SEGMENT - 1];
-
- trb->link.segment_ptr = cpu_to_le64(dma);
- trb->link.control = cpu_to_le32(LINK_TOGGLE | TRB_TYPE(TRB_LINK));
- }
INIT_LIST_HEAD(&ring->td_list);
- xhci_initialize_ring_info(ring);
+
+ xhci_dbc_ring_init(ring);
+
return ring;
dma_fail:
kfree(seg);
--
2.43.0
2 weeks, 1 day
- 1
- 0
[PATCH 1/2] pinctrl: samsung: Drop unused S3C24xx driver data
by Krzysztof Kozlowski
Drop unused declarations after S3C24xx SoC family removal in the commit
61b7f8920b17 ("ARM: s3c: remove all s3c24xx support").
Fixes: 1ea35b355722 ("ARM: s3c: remove s3c24xx specific hacks")
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
---
drivers/pinctrl/samsung/pinctrl-samsung.h | 4 ----
1 file changed, 4 deletions(-)
diff --git a/drivers/pinctrl/samsung/pinctrl-samsung.h b/drivers/pinctrl/samsung/pinctrl-samsung.h
index 1cabcbe1401a..a51aee8c5f89 100644
--- a/drivers/pinctrl/samsung/pinctrl-samsung.h
+++ b/drivers/pinctrl/samsung/pinctrl-samsung.h
@@ -402,10 +402,6 @@ extern const struct samsung_pinctrl_of_match_data exynosautov920_of_data;
extern const struct samsung_pinctrl_of_match_data fsd_of_data;
extern const struct samsung_pinctrl_of_match_data gs101_of_data;
extern const struct samsung_pinctrl_of_match_data s3c64xx_of_data;
-extern const struct samsung_pinctrl_of_match_data s3c2412_of_data;
-extern const struct samsung_pinctrl_of_match_data s3c2416_of_data;
-extern const struct samsung_pinctrl_of_match_data s3c2440_of_data;
-extern const struct samsung_pinctrl_of_match_data s3c2450_of_data;
extern const struct samsung_pinctrl_of_match_data s5pv210_of_data;
#endif /* __PINCTRL_SAMSUNG_H */
--
2.48.1
2 weeks, 1 day
- 1
- 1
[PATCH v2 2/3] drm/xe: Allow the pm notifier to continue on failure
by Thomas Hellström
Its actions are opportunistic anyway and will be completed
on device suspend.
Marking as a fix to simplify backporting of the fix
that follows in the series.
v2:
- Keep the runtime pm reference over suspend / hibernate and
document why. (Matt Auld, Rodrigo Vivi):
Fixes: c6a4d46ec1d7 ("drm/xe: evict user memory in PM notifier")
Cc: Matthew Auld <matthew.auld(a)intel.com>
Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com>
Cc: <stable(a)vger.kernel.org> # v6.16+
Signed-off-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com>
---
drivers/gpu/drm/xe/xe_pm.c | 17 +++++++----------
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/drivers/gpu/drm/xe/xe_pm.c b/drivers/gpu/drm/xe/xe_pm.c
index a2e85030b7f4..bee9aacd82e7 100644
--- a/drivers/gpu/drm/xe/xe_pm.c
+++ b/drivers/gpu/drm/xe/xe_pm.c
@@ -308,17 +308,17 @@ static int xe_pm_notifier_callback(struct notifier_block *nb,
case PM_SUSPEND_PREPARE:
xe_pm_runtime_get(xe);
err = xe_bo_evict_all_user(xe);
- if (err) {
+ if (err)
drm_dbg(&xe->drm, "Notifier evict user failed (%d)\n", err);
- xe_pm_runtime_put(xe);
- break;
- }
err = xe_bo_notifier_prepare_all_pinned(xe);
- if (err) {
+ if (err)
drm_dbg(&xe->drm, "Notifier prepare pin failed (%d)\n", err);
- xe_pm_runtime_put(xe);
- }
+ /*
+ * Keep the runtime pm reference until post hibernation / post suspend to
+ * avoid a runtime suspend interfering with evicted objects or backup
+ * allocations.
+ */
break;
case PM_POST_HIBERNATION:
case PM_POST_SUSPEND:
@@ -327,9 +327,6 @@ static int xe_pm_notifier_callback(struct notifier_block *nb,
break;
}
- if (err)
- return NOTIFY_BAD;
-
return NOTIFY_DONE;
}
--
2.50.1
2 weeks, 1 day
- 2
- 1
[PATCH net v4] selftests: net: add test for destination in broadcast packets
by Oscar Maes
Add test to check the broadcast ethernet destination field is set
correctly.
This test sends a broadcast ping, captures it using tcpdump and
ensures that all bits of the 6 octet ethernet destination address
are correctly set by examining the output capture file.
Signed-off-by: Oscar Maes <oscmaes92(a)gmail.com>
Co-authored-by: Brett A C Sheffield <bacs(a)librecast.net>
---
v3 -> v4:
- Added Brett as co-author
- Wait for tcpdump to bind using slowwait
Links:
- Discussion: https://lore.kernel.org/netdev/20250822165231.4353-4-bacs@librecast.net/
- Previous version: https://lore.kernel.org/netdev/20250827062322.4807-2-oscmaes92@gmail.com/
Thanks to Brett Sheffield for writing the initial version of this
selftest!
tools/testing/selftests/net/Makefile | 1 +
.../selftests/net/broadcast_ether_dst.sh | 83 +++++++++++++++++++
2 files changed, 84 insertions(+)
create mode 100755 tools/testing/selftests/net/broadcast_ether_dst.sh
diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile
index b31a71f2b372..56ad10ea6628 100644
--- a/tools/testing/selftests/net/Makefile
+++ b/tools/testing/selftests/net/Makefile
@@ -115,6 +115,7 @@ TEST_PROGS += skf_net_off.sh
TEST_GEN_FILES += skf_net_off
TEST_GEN_FILES += tfo
TEST_PROGS += tfo_passive.sh
+TEST_PROGS += broadcast_ether_dst.sh
TEST_PROGS += broadcast_pmtu.sh
TEST_PROGS += ipv6_force_forwarding.sh
diff --git a/tools/testing/selftests/net/broadcast_ether_dst.sh b/tools/testing/selftests/net/broadcast_ether_dst.sh
new file mode 100755
index 000000000000..334a7eca8a80
--- /dev/null
+++ b/tools/testing/selftests/net/broadcast_ether_dst.sh
@@ -0,0 +1,83 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-2.0
+#
+# Author: Brett A C Sheffield <bacs(a)librecast.net>
+# Author: Oscar Maes <oscmaes92(a)gmail.com>
+#
+# Ensure destination ethernet field is correctly set for
+# broadcast packets
+
+source lib.sh
+
+CLIENT_IP4="192.168.0.1"
+GW_IP4="192.168.0.2"
+
+setup() {
+ setup_ns CLIENT_NS SERVER_NS
+
+ ip -net "${SERVER_NS}" link add link1 type veth \
+ peer name link0 netns "${CLIENT_NS}"
+
+ ip -net "${CLIENT_NS}" link set link0 up
+ ip -net "${CLIENT_NS}" addr add "${CLIENT_IP4}"/24 dev link0
+
+ ip -net "${SERVER_NS}" link set link1 up
+
+ ip -net "${CLIENT_NS}" route add default via "${GW_IP4}"
+ ip netns exec "${CLIENT_NS}" arp -s "${GW_IP4}" 00:11:22:33:44:55
+}
+
+cleanup() {
+ rm -f "${CAPFILE}" "${OUTPUT}"
+ ip -net "${SERVER_NS}" link del link1
+ cleanup_ns "${CLIENT_NS}" "${SERVER_NS}"
+}
+
+test_broadcast_ether_dst() {
+ local rc=0
+ CAPFILE=$(mktemp -u cap.XXXXXXXXXX)
+ OUTPUT=$(mktemp -u out.XXXXXXXXXX)
+
+ echo "Testing ethernet broadcast destination"
+
+ # start tcpdump listening for icmp
+ # tcpdump will exit after receiving a single packet
+ # timeout will kill tcpdump if it is still running after 2s
+ timeout 2s ip netns exec "${CLIENT_NS}" \
+ tcpdump -i link0 -c 1 -w "${CAPFILE}" icmp &> "${OUTPUT}" &
+ pid=$!
+ slowwait 1 grep -qs "listening" "${OUTPUT}"
+
+ # send broadcast ping
+ ip netns exec "${CLIENT_NS}" \
+ ping -W0.01 -c1 -b 255.255.255.255 &> /dev/null
+
+ # wait for tcpdump for exit after receiving packet
+ wait "${pid}"
+
+ # compare ethernet destination field to ff:ff:ff:ff:ff:ff
+ ether_dst=$(tcpdump -r "${CAPFILE}" -tnne 2>/dev/null | \
+ awk '{sub(/,/,"",$3); print $3}')
+ if [[ "${ether_dst}" == "ff:ff:ff:ff:ff:ff" ]]; then
+ echo "[ OK ]"
+ rc="${ksft_pass}"
+ else
+ echo "[FAIL] expected dst ether addr to be ff:ff:ff:ff:ff:ff," \
+ "got ${ether_dst}"
+ rc="${ksft_fail}"
+ fi
+
+ return "${rc}"
+}
+
+if [ ! -x "$(command -v tcpdump)" ]; then
+ echo "SKIP: Could not run test without tcpdump tool"
+ exit "${ksft_skip}"
+fi
+
+trap cleanup EXIT
+
+setup
+test_broadcast_ether_dst
+
+exit $?
--
2.39.5
2 weeks, 1 day
- 6
- 10
IAA Mobility 2025 Verified List!
by Garnet Conwell
Hi,
I’d like to share a verified database of 502,364 attendees and 750 exhibitors from IAA Mobility 2025.
The file includes key information such as: Name, Job Title, Company, Location, Phone, and Email.
Delivery is within 48 hours and the data is GDPR compliant.
Labour Day Special: 20% discount available for a short time.
If you’d like the pricing, just reply with “Send me the cost” and I’ll provide the details.
Best regards,
Garnet Conwell
Sr. Marketing Manager
P.S. To opt out of future updates, reply with “Unfollow”.
2 weeks, 1 day
- 1
- 0
[PATCH 2/2] mmc: sdhci-pci-gli: GL9767: Fix initializing the UHS-II interface during a power-on
by Ben Chuang
From: Ben Chuang <ben.chuang(a)genesyslogic.com.tw>
According to the power structure of IC hardware design for UHS-II
interface, reset control and timing must be added to the initialization
process of powering on the UHS-II interface.
Fixes: 27dd3b82557a ("mmc: sdhci-pci-gli: enable UHS-II mode for GL9767")
Cc: stable(a)vger.kernel.org # v6.13+
Signed-off-by: Ben Chuang <ben.chuang(a)genesyslogic.com.tw>
---
drivers/mmc/host/sdhci-pci-gli.c | 71 +++++++++++++++++++++++++++++++-
1 file changed, 70 insertions(+), 1 deletion(-)
diff --git a/drivers/mmc/host/sdhci-pci-gli.c b/drivers/mmc/host/sdhci-pci-gli.c
index 3a1de477e9af..85d0d7e6169c 100644
--- a/drivers/mmc/host/sdhci-pci-gli.c
+++ b/drivers/mmc/host/sdhci-pci-gli.c
@@ -283,6 +283,8 @@
#define PCIE_GLI_9767_UHS2_CTL2_ZC_VALUE 0xb
#define PCIE_GLI_9767_UHS2_CTL2_ZC_CTL BIT(6)
#define PCIE_GLI_9767_UHS2_CTL2_ZC_CTL_VALUE 0x1
+#define PCIE_GLI_9767_UHS2_CTL2_FORCE_PHY_RESETN BIT(13)
+#define PCIE_GLI_9767_UHS2_CTL2_FORCE_RESETN_VALUE BIT(14)
#define GLI_MAX_TUNING_LOOP 40
@@ -1179,6 +1181,69 @@ static void gl9767_set_low_power_negotiation(struct pci_dev *pdev, bool enable)
gl9767_vhs_read(pdev);
}
+static void sdhci_gl9767_uhs2_phy_reset_assert(struct sdhci_host *host)
+{
+ struct sdhci_pci_slot *slot = sdhci_priv(host);
+ struct pci_dev *pdev = slot->chip->pdev;
+ u32 value;
+
+ gl9767_vhs_write(pdev);
+ pci_read_config_dword(pdev, PCIE_GLI_9767_UHS2_CTL2, &value);
+ value |= PCIE_GLI_9767_UHS2_CTL2_FORCE_PHY_RESETN;
+ pci_write_config_dword(pdev, PCIE_GLI_9767_UHS2_CTL2, value);
+ value &= ~PCIE_GLI_9767_UHS2_CTL2_FORCE_RESETN_VALUE;
+ pci_write_config_dword(pdev, PCIE_GLI_9767_UHS2_CTL2, value);
+ gl9767_vhs_read(pdev);
+}
+
+static void sdhci_gl9767_uhs2_phy_reset_deassert(struct sdhci_host *host)
+{
+ struct sdhci_pci_slot *slot = sdhci_priv(host);
+ struct pci_dev *pdev = slot->chip->pdev;
+ u32 value;
+
+ gl9767_vhs_write(pdev);
+ pci_read_config_dword(pdev, PCIE_GLI_9767_UHS2_CTL2, &value);
+ value |= PCIE_GLI_9767_UHS2_CTL2_FORCE_RESETN_VALUE;
+ pci_write_config_dword(pdev, PCIE_GLI_9767_UHS2_CTL2, value);
+ value &= ~PCIE_GLI_9767_UHS2_CTL2_FORCE_PHY_RESETN;
+ pci_write_config_dword(pdev, PCIE_GLI_9767_UHS2_CTL2, value);
+ gl9767_vhs_read(pdev);
+}
+
+static void __gl9767_uhs2_set_power(struct sdhci_host *host, unsigned char mode, unsigned short vdd)
+{
+ u8 pwr = 0;
+
+ if (mode != MMC_POWER_OFF) {
+ pwr = sdhci_get_vdd_value(vdd);
+ if (!pwr)
+ WARN(1, "%s: Invalid vdd %#x\n",
+ mmc_hostname(host->mmc), vdd);
+ pwr |= SDHCI_VDD2_POWER_180;
+ }
+
+ if (host->pwr == pwr)
+ return;
+
+ host->pwr = pwr;
+
+ if (pwr == 0) {
+ sdhci_writeb(host, 0, SDHCI_POWER_CONTROL);
+ } else {
+ sdhci_writeb(host, 0, SDHCI_POWER_CONTROL);
+
+ pwr |= SDHCI_POWER_ON;
+ sdhci_writeb(host, pwr & 0xf, SDHCI_POWER_CONTROL);
+ mdelay(5);
+
+ sdhci_gl9767_uhs2_phy_reset_assert(host);
+ pwr |= SDHCI_VDD2_POWER_ON;
+ sdhci_writeb(host, pwr, SDHCI_POWER_CONTROL);
+ mdelay(5);
+ }
+}
+
static void sdhci_gl9767_set_clock(struct sdhci_host *host, unsigned int clock)
{
struct sdhci_pci_slot *slot = sdhci_priv(host);
@@ -1205,6 +1270,10 @@ static void sdhci_gl9767_set_clock(struct sdhci_host *host, unsigned int clock)
}
sdhci_enable_clk(host, clk);
+
+ if (mmc_card_uhs2(host->mmc))
+ sdhci_gl9767_uhs2_phy_reset_deassert(host);
+
gl9767_set_low_power_negotiation(pdev, true);
}
@@ -1476,7 +1545,7 @@ static void sdhci_gl9767_set_power(struct sdhci_host *host, unsigned char mode,
gl9767_vhs_read(pdev);
sdhci_gli_overcurrent_event_enable(host, false);
- sdhci_uhs2_set_power(host, mode, vdd);
+ __gl9767_uhs2_set_power(host, mode, vdd);
sdhci_gli_overcurrent_event_enable(host, true);
} else {
gl9767_vhs_write(pdev);
--
2.51.0
2 weeks, 1 day
- 2
- 5
[PATCH] bus: vexpress-config: fix device node reference leak in vexpress_syscfg_probe
by Miaoqian Lin
Add missing of_node_put() call to release
the device node reference obtained via of_parse_phandle().
Since we don't actually use the node, decrement the
reference count immediately after obtaining it.
Fixes: a5a38765ac79 ("bus: vexpress-config: simplify config bus probing")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/bus/vexpress-config.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/bus/vexpress-config.c b/drivers/bus/vexpress-config.c
index 64ee920721ee..aa17f819dfc9 100644
--- a/drivers/bus/vexpress-config.c
+++ b/drivers/bus/vexpress-config.c
@@ -393,6 +393,7 @@ static int vexpress_syscfg_probe(struct platform_device *pdev)
struct device_node *bridge_np;
bridge_np = of_parse_phandle(node, "arm,vexpress,config-bridge", 0);
+ of_node_put(bridge_np);
if (bridge_np != pdev->dev.parent->of_node)
continue;
--
2.35.1
2 weeks, 1 day
- 2
- 1
[PATCH v3] mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag
by Hans de Goede
Testing has shown that reading multiple registers at once (for 10-bit
ADC values) does not work. Set the use_single_read regmap_config flag
to make regmap split these for us.
This should fix temperature opregion accesses done by
drivers/acpi/pmic/intel_pmic_chtdc_ti.c and is also necessary for
the upcoming drivers for the ADC and battery MFD cells.
Fixes: 6bac0606fdba ("mfd: Add support for Cherry Trail Dollar Cove TI PMIC")
Cc: stable(a)vger.kernel.org
Reviewed-by: Andy Shevchenko <andy(a)kernel.org>
Signed-off-by: Hans de Goede <hansg(a)kernel.org>
---
Changes in v3:
- Fix a few typos in the commit message
Changes in v2:
- Update comment to: "The hardware does not support reading multiple
registers at once"
---
drivers/mfd/intel_soc_pmic_chtdc_ti.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/mfd/intel_soc_pmic_chtdc_ti.c b/drivers/mfd/intel_soc_pmic_chtdc_ti.c
index 4c1a68c9f575..6daf33e07ea0 100644
--- a/drivers/mfd/intel_soc_pmic_chtdc_ti.c
+++ b/drivers/mfd/intel_soc_pmic_chtdc_ti.c
@@ -82,6 +82,8 @@ static const struct regmap_config chtdc_ti_regmap_config = {
.reg_bits = 8,
.val_bits = 8,
.max_register = 0xff,
+ /* The hardware does not support reading multiple registers at once */
+ .use_single_read = true,
};
static const struct regmap_irq chtdc_ti_irqs[] = {
--
2.49.0
2 weeks, 1 day
- 2
- 1
[PATCH] thunderbolt: debugfs: Fix dentry reference leaks in margining_port_init
by Miaoqian Lin
The debugfs_lookup() function returns a dentry with an increased
reference count that must be released by calling dput().
Fixes: d0f1e0c2a699 ("thunderbolt: Add support for receiver lane margining")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/thunderbolt/debugfs.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/thunderbolt/debugfs.c b/drivers/thunderbolt/debugfs.c
index f8328ca7e22e..2aadbec9a3e5 100644
--- a/drivers/thunderbolt/debugfs.c
+++ b/drivers/thunderbolt/debugfs.c
@@ -1770,6 +1770,7 @@ static void margining_port_init(struct tb_port *port)
port->usb4->margining = margining_alloc(port, &port->usb4->dev,
USB4_SB_TARGET_ROUTER, 0,
parent);
+ dput(parent);
}
static void margining_port_remove(struct tb_port *port)
--
2.35.1
2 weeks, 1 day
- 2
- 1
[PATCH net v2] net: xilinx: axienet: Add error handling for RX metadata pointer retrieval
by Abin Joseph
Add proper error checking for dmaengine_desc_get_metadata_ptr() which
can return an error pointer and lead to potential crashes or undefined
behaviour if the pointer retrieval fails.
Properly handle the error by unmapping DMA buffer, freeing the skb and
returning early to prevent further processing with invalid data.
Fixes: 6a91b846af85 ("net: axienet: Introduce dmaengine support")
Signed-off-by: Abin Joseph <abin.joseph(a)amd.com>
---
Changes in v2:
Update the alias to net
---
drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/drivers/net/ethernet/xilinx/xilinx_axienet_main.c b/drivers/net/ethernet/xilinx/xilinx_axienet_main.c
index 0d8a05fe541a..83469f7f08d1 100644
--- a/drivers/net/ethernet/xilinx/xilinx_axienet_main.c
+++ b/drivers/net/ethernet/xilinx/xilinx_axienet_main.c
@@ -1166,8 +1166,18 @@ static void axienet_dma_rx_cb(void *data, const struct dmaengine_result *result)
skb = skbuf_dma->skb;
app_metadata = dmaengine_desc_get_metadata_ptr(skbuf_dma->desc, &meta_len,
&meta_max_len);
+
dma_unmap_single(lp->dev, skbuf_dma->dma_address, lp->max_frm_size,
DMA_FROM_DEVICE);
+
+ if (IS_ERR(app_metadata)) {
+ if (net_ratelimit())
+ netdev_err(lp->ndev, "Failed to get RX metadata pointer\n");
+ dev_kfree_skb_any(skb);
+ lp->ndev->stats.rx_dropped++;
+ goto rx_submit;
+ }
+
/* TODO: Derive app word index programmatically */
rx_len = (app_metadata[LEN_APP] & 0xFFFF);
skb_put(skb, rx_len);
@@ -1180,6 +1190,7 @@ static void axienet_dma_rx_cb(void *data, const struct dmaengine_result *result)
u64_stats_add(&lp->rx_bytes, rx_len);
u64_stats_update_end(&lp->rx_stat_sync);
+rx_submit:
for (i = 0; i < CIRC_SPACE(lp->rx_ring_head, lp->rx_ring_tail,
RX_BUF_NUM_DEFAULT); i++)
axienet_rx_submit_desc(lp->ndev);
--
2.34.1
2 weeks, 2 days
- 3
- 2
[PATCH 6.6 000/139] 6.6.96-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 6.6.96 release.
There are 139 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Sat, 05 Jul 2025 14:39:10 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.96-rc1…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 6.6.96-rc1
Sibi Sankar <quic_sibis(a)quicinc.com>
firmware: arm_scmi: Ensure that the message-id supports fastchannel
Cristian Marussi <cristian.marussi(a)arm.com>
firmware: arm_scmi: Add a common helper to check if a message is supported
Jens Axboe <axboe(a)kernel.dk>
nvme: always punt polled uring_cmd end_io work to task_work
Khairul Anuar Romli <khairul.anuar.romli(a)altera.com>
spi: spi-cadence-quadspi: Fix pm runtime unbalance
Brett A C Sheffield (Librecast) <bacs(a)librecast.net>
Revert "ipv6: save dontfrag in cork"
Nathan Chancellor <nathan(a)kernel.org>
x86/tools: Drop duplicate unlikely() definition in insn_decoder_test.c
Sergio González Collado <sergio.collado(a)gmail.com>
Kunit to check the longest symbol length
Heiko Carstens <hca(a)linux.ibm.com>
s390/entry: Fix last breaking event handling in case of stack corruption
Ricardo Ribalda <ribalda(a)chromium.org>
media: uvcvideo: Rollback non processed entities on error
Jose Ignacio Tornos Martinez <jtornosm(a)redhat.com>
kbuild: rpm-pkg: simplify installkernel %post
Masahiro Yamada <masahiroy(a)kernel.org>
scripts: clean up IA-64 code
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: remove unsafe_memcpy use in session setup
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: Use unsafe_memcpy() for ntlm_negotiate
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu: switch job hw_fence to amdgpu_fence
Frank Min <Frank.Min(a)amd.com>
drm/amdgpu: Add kicker device detection
Ville Syrjälä <ville.syrjala(a)linux.intel.com>
drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1
John Olender <john.olender(a)gmail.com>
drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram
Wentao Liang <vulab(a)iscas.ac.cn>
drm/amd/display: Add null pointer check for get_first_active_display()
Aradhya Bhatia <a-bhatia1(a)ti.com>
drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready
Aradhya Bhatia <a-bhatia1(a)ti.com>
drm/bridge: cdns-dsi: Check return value when getting default PHY config
Aradhya Bhatia <a-bhatia1(a)ti.com>
drm/bridge: cdns-dsi: Fix connecting to next bridge
Aradhya Bhatia <a-bhatia1(a)ti.com>
drm/bridge: cdns-dsi: Fix phy de-init and flag it so
Aradhya Bhatia <a-bhatia1(a)ti.com>
drm/bridge: cdns-dsi: Fix the clock variable for mode_valid()
Jay Cornwall <jay.cornwall(a)amd.com>
drm/amdkfd: Fix race in GWS queue scheduling
Stephan Gerhold <stephan.gerhold(a)linaro.org>
drm/msm/gpu: Fix crash when throttling GPU immediately during boot
Thomas Zimmermann <tzimmermann(a)suse.de>
drm/udl: Unregister device before cleaning up on disconnect
Qiu-ji Chen <chenqiuji666(a)gmail.com>
drm/tegra: Fix a possible null pointer dereference
Thierry Reding <treding(a)nvidia.com>
drm/tegra: Assign plane type before registration
Maíra Canal <mcanal(a)igalia.com>
drm/etnaviv: Protect the scheduler's pending list with its lock
Thomas Zimmermann <tzimmermann(a)suse.de>
drm/cirrus-qemu: Fix pitch programming
Thomas Zimmermann <tzimmermann(a)suse.de>
drm/ast: Fix comment on modeset lock
Chen Yu <yu.c.chen(a)intel.com>
scsi: megaraid_sas: Fix invalid node index
Qasim Ijaz <qasdev00(a)gmail.com>
HID: wacom: fix kobject reference count leak
Qasim Ijaz <qasdev00(a)gmail.com>
HID: wacom: fix memory leak on sysfs attribute creation failure
Qasim Ijaz <qasdev00(a)gmail.com>
HID: wacom: fix memory leak on kobject creation failure
Iusico Maxim <iusico.maxim(a)libero.it>
HID: lenovo: Restrict F7/9/11 mode to compact keyboards only
Jiawen Wu <jiawenwu(a)trustnetic.com>
net: libwx: fix the creation of page_pool
Mark Harmstone <maharmstone(a)fb.com>
btrfs: update superblock's device bytes_used when dropping chunk
Filipe Manana <fdmanana(a)suse.com>
btrfs: fix a race between renames and directory logging
Heinz Mauelshagen <heinzm(a)redhat.com>
dm-raid: fix variable in journal device check
Frédéric Danis <frederic.danis(a)collabora.com>
Bluetooth: L2CAP: Fix L2CAP MTU negotiation
Fabio Estevam <festevam(a)gmail.com>
serial: imx: Restore original RXTL for console to fix data loss
Yao Zi <ziyao(a)disroot.org>
dt-bindings: serial: 8250: Make clocks and clock-frequency exclusive
Nathan Chancellor <nathan(a)kernel.org>
staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher()
Avadhut Naik <avadhut.naik(a)amd.com>
EDAC/amd64: Fix size calculation for Non-Power-of-Two DIMMs
Paulo Alcantara <pc(a)manguebit.org>
smb: client: fix potential deadlock when reconnecting channels
Jayesh Choudhary <j-choudhary(a)ti.com>
drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
drm/bridge: ti-sn65dsi86: make use of debugfs_init callback
Arnd Bergmann <arnd(a)arndb.de>
drm/i915: fix build error some more
Jakub Kicinski <kuba(a)kernel.org>
net: selftests: fix TCP packet checksum
Salvatore Bonaccorso <carnil(a)debian.org>
ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR
Kuniyuki Iwashima <kuniyu(a)google.com>
atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().
Simon Horman <horms(a)kernel.org>
net: enetc: Correct endianness handling in _enetc_rd_reg64
Adin Scannell <amscanne(a)meta.com>
libbpf: Fix possible use-after-free for externs
Tiwei Bie <tiwei.btw(a)antgroup.com>
um: ubd: Add missing error check in start_io_thread()
Stefano Garzarella <sgarzare(a)redhat.com>
vsock/uapi: fix linux/vm_sockets.h userspace compilation errors
Kuniyuki Iwashima <kuniyu(a)google.com>
af_unix: Don't set -ECONNRESET for consumed OOB skb.
Lachlan Hodges <lachlan.hodges(a)morsemicro.com>
wifi: mac80211: fix beacon interval calculation overflow
Yuan Chen <chenyuan(a)kylinos.cn>
libbpf: Fix null pointer dereference in btf_dump__free on allocation failure
Al Viro <viro(a)zeniv.linux.org.uk>
attach_recursive_mnt(): do not lock the covering tree when sliding something under it
Youngjun Lee <yjjuny.lee(a)samsung.com>
ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()
Eric Dumazet <edumazet(a)google.com>
atm: clip: prevent NULL deref in clip_push()
Imre Deak <imre.deak(a)intel.com>
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Yu Kuai <yukuai3(a)huawei.com>
lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly()
Fedor Pchelkin <pchelkin(a)ispras.ru>
s390/pkey: Prevent overflow in size calculation for memdup_user()
Oliver Schramm <oliver.schramm97(a)gmail.com>
ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15
SeongJae Park <sj(a)kernel.org>
mm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter->memcg_path on write
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i2c: robotfuzz-osif: disable zero-length read messages
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i2c: tiny-usb: disable zero-length read messages
Kuniyuki Iwashima <kuniyu(a)google.com>
af_unix: Don't leave consecutive consumed OOB skbs.
Kuniyuki Iwashima <kuniyu(a)amazon.com>
af_unix: Don't call skb_get() for OOB skb.
Kuniyuki Iwashima <kuniyu(a)amazon.com>
af_unix: Define locking order for U_RECVQ_LOCK_EMBRYO in unix_collect_skb().
Kuniyuki Iwashima <kuniyu(a)amazon.com>
af_unix: Define locking order for U_LOCK_SECOND in unix_state_double_lock().
Kuniyuki Iwashima <kuniyu(a)amazon.com>
af_unix: Define locking order for unix_table_double_lock().
Rong Zhang <i(a)rong.moe>
platform/x86: ideapad-laptop: use usleep_range() for EC polling
Gergo Koteles <soyer(a)irl.hu>
platform/x86: ideapad-laptop: move ACPI helpers from header to source file
Gergo Koteles <soyer(a)irl.hu>
platform/x86: ideapad-laptop: move ymc_trigger_ec from lenovo-ymc
Gergo Koteles <soyer(a)irl.hu>
platform/x86: ideapad-laptop: introduce a generic notification chain
Thomas Zimmermann <tzimmermann(a)suse.de>
dummycon: Trigger redraw when switching consoles with deferred takeover
Jiri Slaby (SUSE) <jirislaby(a)kernel.org>
tty: vt: make consw::con_switch() return a bool
Jiri Slaby (SUSE) <jirislaby(a)kernel.org>
tty: vt: sanitize arguments of consw::con_clear()
Jiri Slaby (SUSE) <jirislaby(a)kernel.org>
tty: vt: make init parameter of consw::con_init() a bool
Janne Grunau <j(a)jannau.net>
PCI: apple: Set only available ports up
Zhang Zekun <zhangzekun11(a)huawei.com>
PCI: apple: Use helper function for_each_child_of_node_scoped()
Long Li <longli(a)microsoft.com>
uio_hv_generic: Align ring size to system page
Saurabh Sengar <ssengar(a)linux.microsoft.com>
uio_hv_generic: Query the ringbuffer size for device
Saurabh Sengar <ssengar(a)linux.microsoft.com>
Drivers: hv: vmbus: Add utility function for querying ring size
Chao Yu <chao(a)kernel.org>
f2fs: don't over-report free space or inodes in statvfs
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
ASoC: codecs: wcd9335: Fix missing free of regulator supplies
Peng Fan <peng.fan(a)nxp.com>
ASoC: codec: wcd9335: Convert to GPIO descriptors
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe()
Vasiliy Kovalev <kovalev(a)altlinux.org>
jfs: validate AG parameters in dbMount() to prevent crashes
Dave Kleikamp <dave.kleikamp(a)oracle.com>
fs/jfs: consolidate sanity checking in dbMount
Qu Wenruo <wqu(a)suse.com>
btrfs: handle csum tree error with rescue=ibadroots correctly
Kees Cook <kees(a)kernel.org>
ovl: Check for NULL d_inode() in ovl_dentry_upper()
Ziqi Chen <quic_ziqichen(a)quicinc.com>
scsi: ufs: core: Don't perform UFS clkscaling during host async scan
Dmitry Kandybka <d.kandybka(a)gmail.com>
ceph: fix possible integer overflow in ceph_zero_objects()
Mario Limonciello <mario.limonciello(a)amd.com>
ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock
Vijendar Mukunda <Vijendar.Mukunda(a)amd.com>
ALSA: hda: Add new pci id for AMD GPU display HD audio controller
Cezary Rojewski <cezary.rojewski(a)intel.com>
ALSA: hda: Ignore unsol events for cards being shut down
Michael Grzeschik <m.grzeschik(a)pengutronix.de>
usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set
Jos Wang <joswang(a)lenovo.com>
usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode
Robert Hodaszi <robert.hodaszi(a)digi.com>
usb: cdc-wdm: avoid setting WDM_READ for ZLP-s
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
usb: Add checks for snprintf() calls in usb_alloc_dev()
Chance Yang <chance.yang(a)kneron.us>
usb: common: usb-conn-gpio: use a unique name for usb connector device
Jakub Lewalski <jakub.lewalski(a)nokia.com>
tty: serial: uartlite: register uart driver in init
Chen Yufeng <chenyufeng(a)iie.ac.cn>
usb: potential integer overflow in usbg_make_tpg()
Chenyuan Yang <chenyuan0y(a)gmail.com>
misc: tps6594-pfsm: Add NULL pointer check in tps6594_pfsm_probe()
Purva Yeshi <purvayeshi550(a)gmail.com>
iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos
Michael Grzeschik <m.grzeschik(a)pengutronix.de>
usb: dwc2: also exit clock_gating when stopping udc while suspended
James Clark <james.clark(a)linaro.org>
coresight: Only check bottom two claim bits
Benjamin Berg <benjamin.berg(a)intel.com>
um: use proper care when taking mmap lock during segfault
Sami Tolvanen <samitolvanen(a)google.com>
um: Add cmpxchg8b_emu and checksum functions to asm-prototypes.h
Jonathan Cameron <Jonathan.Cameron(a)huawei.com>
iio: pressure: zpa2326: Use aligned_s64 for the timestamp
Lin.Cao <lincao12(a)amd.com>
drm/scheduler: signal scheduled fence when kill job
Linggang Zeng <linggang.zeng(a)easystack.cn>
bcache: fix NULL pointer in cache_set_flush()
Yifan Zhang <yifan1.zhang(a)amd.com>
amd/amdkfd: fix a kfd_process ref leak
Yu Kuai <yukuai3(a)huawei.com>
md/md-bitmap: fix dm-raid max_write_behind setting
Hector Martin <marcan(a)marcan.st>
PCI: apple: Fix missing OF node reference in apple_pcie_setup_port
Wenbin Yao <quic_wenbyao(a)quicinc.com>
PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane
Thomas Gessler <thomas.gessler(a)brueckmann-gmbh.de>
dmaengine: xilinx_dma: Set dma_device directions
Yi Sun <yi.sun(a)intel.com>
dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using
Lukas Wunner <lukas(a)wunner.de>
Revert "iommu/amd: Prevent binding other PCI drivers to IOMMU PCI devices"
FUJITA Tomonori <fujita.tomonori(a)gmail.com>
rust: module: place cleanup_module() in .exit.text section
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: provide zero as a unique ID to the Mac client
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: allow a filename to contain special characters on SMB3.1.1 posix extension
Alexis Czezar Torreno <alexisczezar.torreno(a)analog.com>
hwmon: (pmbus/max34440) Fix support for max34451
Scott Mayhew <smayhew(a)redhat.com>
NFSv4: xattr handlers should check for absent nfs filehandles
Robert Richter <rrichter(a)amd.com>
cxl/region: Add a dev_err() on missing target list entries
Guang Yuan Wu <gwu(a)ddn.com>
fuse: fix race between concurrent setattrs from multiple nodes
Sven Schwermer <sven.schwermer(a)disruptive-technologies.com>
leds: multicolor: Fix intensity setting while SW blinking
Nikhil Jha <njha(a)janestreet.com>
sunrpc: don't immediately retransmit on seqno miss
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
mfd: max14577: Fix wakeup source leaks on device unbind
Peng Fan <peng.fan(a)nxp.com>
mailbox: Not protect module_put with spin_lock_irqsave
Olga Kornievskaia <okorniev(a)redhat.com>
NFSv4.2: fix listxattr to return selinux security label
Han Young <hanyang.tony(a)bytedance.com>
NFSv4: Always set NLINK even if the server doesn't support it
Pali Rohár <pali(a)kernel.org>
cifs: Fix encoding of SMB1 Session Setup NTLMSSP Request in non-UNICODE mode
Pali Rohár <pali(a)kernel.org>
cifs: Fix cifs_query_path_info() for Windows NT servers
Pali Rohár <pali(a)kernel.org>
cifs: Correctly set SMB1 SessionKey field in Session Setup Request
-------------
Diffstat:
Documentation/devicetree/bindings/serial/8250.yaml | 2 +-
Makefile | 4 +-
arch/s390/kernel/entry.S | 2 +-
arch/um/drivers/ubd_user.c | 2 +-
arch/um/include/asm/asm-prototypes.h | 5 +
arch/um/kernel/trap.c | 129 +++++++++--
arch/x86/tools/insn_decoder_test.c | 5 +-
arch/x86/um/asm/checksum.h | 3 +
drivers/cxl/core/region.c | 7 +
drivers/dma/idxd/cdev.c | 4 +-
drivers/dma/xilinx/xilinx_dma.c | 2 +
drivers/edac/amd64_edac.c | 57 +++--
drivers/firmware/arm_scmi/driver.c | 44 ++++
drivers/firmware/arm_scmi/protocols.h | 6 +
drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 2 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 2 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_fence.c | 30 +--
drivers/gpu/drm/amd/amdgpu/amdgpu_job.c | 12 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_job.h | 2 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_ring.h | 16 ++
drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.c | 17 ++
drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.h | 6 +
drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c | 2 +-
drivers/gpu/drm/amd/amdkfd/kfd_events.c | 1 +
drivers/gpu/drm/amd/amdkfd/kfd_packet_manager_v9.c | 2 +-
.../gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 +
drivers/gpu/drm/ast/ast_mode.c | 6 +-
drivers/gpu/drm/bridge/cadence/cdns-dsi-core.c | 32 ++-
drivers/gpu/drm/bridge/ti-sn65dsi86.c | 109 ++++++----
drivers/gpu/drm/display/drm_dp_helper.c | 2 +-
drivers/gpu/drm/etnaviv/etnaviv_sched.c | 5 +-
drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c | 2 +-
drivers/gpu/drm/i915/i915_pmu.c | 2 +-
drivers/gpu/drm/msm/msm_gpu_devfreq.c | 1 +
drivers/gpu/drm/scheduler/sched_entity.c | 1 +
drivers/gpu/drm/tegra/dc.c | 17 +-
drivers/gpu/drm/tegra/hub.c | 4 +-
drivers/gpu/drm/tegra/hub.h | 3 +-
drivers/gpu/drm/tiny/cirrus.c | 1 -
drivers/gpu/drm/udl/udl_drv.c | 2 +-
drivers/hid/hid-lenovo.c | 11 +-
drivers/hid/wacom_sys.c | 6 +-
drivers/hv/channel_mgmt.c | 15 +-
drivers/hv/hyperv_vmbus.h | 5 +
drivers/hwmon/pmbus/max34440.c | 48 ++++-
drivers/hwtracing/coresight/coresight-core.c | 3 +-
drivers/hwtracing/coresight/coresight-priv.h | 1 +
drivers/i2c/busses/i2c-robotfuzz-osif.c | 6 +
drivers/i2c/busses/i2c-tiny-usb.c | 6 +
drivers/iio/adc/ad_sigma_delta.c | 4 +
drivers/iio/pressure/zpa2326.c | 2 +-
drivers/iommu/amd/init.c | 3 -
drivers/leds/led-class-multicolor.c | 3 +-
drivers/mailbox/mailbox.c | 2 +-
drivers/md/bcache/super.c | 7 +-
drivers/md/dm-raid.c | 2 +-
drivers/md/md-bitmap.c | 2 +-
drivers/media/usb/uvc/uvc_ctrl.c | 41 ++--
drivers/mfd/max14577.c | 1 +
drivers/misc/tps6594-pfsm.c | 3 +
drivers/net/ethernet/freescale/enetc/enetc_hw.h | 2 +-
drivers/net/ethernet/wangxun/libwx/wx_lib.c | 2 +-
drivers/nvme/host/ioctl.c | 16 +-
drivers/pci/controller/dwc/pcie-designware.c | 5 +-
drivers/pci/controller/pcie-apple.c | 7 +-
drivers/platform/x86/Kconfig | 1 +
drivers/platform/x86/ideapad-laptop.c | 237 +++++++++++++++++++++
drivers/platform/x86/ideapad-laptop.h | 142 +-----------
drivers/platform/x86/lenovo-ymc.c | 60 +-----
drivers/s390/crypto/pkey_api.c | 2 +-
drivers/scsi/megaraid/megaraid_sas_base.c | 6 +-
drivers/spi/spi-cadence-quadspi.c | 11 +-
drivers/staging/rtl8723bs/core/rtw_security.c | 44 ++--
drivers/tty/serial/imx.c | 17 +-
drivers/tty/serial/uartlite.c | 25 ++-
drivers/tty/vt/vt.c | 12 +-
drivers/ufs/core/ufshcd.c | 3 +
drivers/uio/uio_hv_generic.c | 10 +-
drivers/usb/class/cdc-wdm.c | 23 +-
drivers/usb/common/usb-conn-gpio.c | 25 ++-
drivers/usb/core/usb.c | 14 +-
drivers/usb/dwc2/gadget.c | 6 +
drivers/usb/gadget/function/f_tcm.c | 4 +-
drivers/usb/typec/altmodes/displayport.c | 4 +
drivers/usb/typec/mux.c | 4 +-
drivers/video/console/dummycon.c | 24 ++-
drivers/video/console/mdacon.c | 21 +-
drivers/video/console/newport_con.c | 12 +-
drivers/video/console/sticon.c | 14 +-
drivers/video/console/vgacon.c | 12 +-
drivers/video/fbdev/core/fbcon.c | 40 ++--
fs/btrfs/disk-io.c | 3 +-
fs/btrfs/inode.c | 83 ++++++--
fs/btrfs/volumes.c | 6 +
fs/ceph/file.c | 2 +-
fs/f2fs/super.c | 30 +--
fs/fuse/dir.c | 11 +
fs/jfs/jfs_dmap.c | 41 ++--
fs/namespace.c | 8 +-
fs/nfs/inode.c | 2 +
fs/nfs/nfs4proc.c | 17 +-
fs/overlayfs/util.c | 4 +-
fs/smb/client/cifsglob.h | 2 +
fs/smb/client/cifspdu.h | 6 +-
fs/smb/client/cifssmb.c | 1 +
fs/smb/client/connect.c | 58 +++--
fs/smb/client/misc.c | 8 +
fs/smb/client/sess.c | 21 +-
fs/smb/server/connection.h | 1 +
fs/smb/server/smb2pdu.c | 81 ++++---
fs/smb/server/smb2pdu.h | 3 +
include/linux/console.h | 13 +-
include/linux/hyperv.h | 2 +
include/linux/ipv6.h | 1 -
include/uapi/linux/vm_sockets.h | 4 +
lib/Kconfig.debug | 9 +
lib/Makefile | 2 +
lib/group_cpus.c | 9 +-
lib/longest_symbol_kunit.c | 82 +++++++
mm/damon/sysfs-schemes.c | 1 +
net/atm/clip.c | 11 +-
net/atm/resources.c | 3 +-
net/bluetooth/l2cap_core.c | 9 +-
net/core/selftests.c | 5 +-
net/ipv6/ip6_output.c | 9 +-
net/mac80211/util.c | 2 +-
net/sunrpc/clnt.c | 9 +-
net/unix/af_unix.c | 107 +++++++---
net/unix/garbage.c | 24 +--
rust/macros/module.rs | 1 +
scripts/checkstack.pl | 3 -
scripts/gdb/linux/tasks.py | 15 +-
scripts/head-object-list.txt | 1 -
scripts/kconfig/mconf.c | 2 +-
scripts/kconfig/nconf.c | 2 +-
scripts/package/kernel.spec | 28 +--
scripts/package/mkdebian | 2 +-
scripts/recordmcount.c | 1 -
scripts/recordmcount.pl | 7 -
scripts/xz_wrap.sh | 1 -
sound/pci/hda/hda_bind.c | 2 +-
sound/pci/hda/hda_intel.c | 3 +
sound/pci/hda/patch_realtek.c | 1 +
sound/soc/amd/yc/acp6x-mach.c | 7 +
sound/soc/codecs/wcd9335.c | 62 ++----
sound/usb/quirks.c | 2 +
sound/usb/stream.c | 2 +
tools/lib/bpf/btf_dump.c | 3 +
tools/lib/bpf/libbpf.c | 10 +-
.../selftests/bpf/progs/test_global_map_resize.c | 16 ++
150 files changed, 1558 insertions(+), 833 deletions(-)
2 weeks, 2 days
- 15
- 159
[PATCH] wifi: iwlwifi: Fix dentry reference leak in iwl_mld_add_link_debugfs
by Miaoqian Lin
The debugfs_lookup() function increases the dentry reference count.
Add missing dput() call to release the reference when the "iwlmld"
directory already exists.
Fixes: d1e879ec600f ("wifi: iwlwifi: add iwlmld sub-driver")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/net/wireless/intel/iwlwifi/mld/debugfs.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/net/wireless/intel/iwlwifi/mld/debugfs.c b/drivers/net/wireless/intel/iwlwifi/mld/debugfs.c
index cc052b0aa53f..372204bf8452 100644
--- a/drivers/net/wireless/intel/iwlwifi/mld/debugfs.c
+++ b/drivers/net/wireless/intel/iwlwifi/mld/debugfs.c
@@ -1001,8 +1001,12 @@ void iwl_mld_add_link_debugfs(struct ieee80211_hw *hw,
* If not, this is a per-link dir of a MLO vif, add in it the iwlmld
* dir.
*/
- if (!mld_link_dir)
+ if (!mld_link_dir) {
mld_link_dir = debugfs_create_dir("iwlmld", dir);
+ } else {
+ /* Release the reference from debugfs_lookup */
+ dput(mld_link_dir);
+ }
}
static ssize_t _iwl_dbgfs_fixed_rate_write(struct iwl_mld *mld, char *buf,
--
2.35.1
2 weeks, 2 days
- 1
- 0
[PATCH] hisi_acc_vfio_pci: Fix reference leak in hisi_acc_vfio_debug_init
by Miaoqian Lin
The debugfs_lookup() function returns a dentry with an increased reference
count that must be released by calling dput().
Fixes: b398f91779b8 ("hisi_acc_vfio_pci: register debugfs for hisilicon migration driver")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c b/drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c
index 2149f49aeec7..1710485cbbec 100644
--- a/drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c
+++ b/drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c
@@ -1611,8 +1611,10 @@ static void hisi_acc_vfio_debug_init(struct hisi_acc_vf_core_device *hisi_acc_vd
}
migf = kzalloc(sizeof(*migf), GFP_KERNEL);
- if (!migf)
+ if (!migf) {
+ dput(vfio_dev_migration);
return;
+ }
hisi_acc_vdev->debug_migf = migf;
vfio_hisi_acc = debugfs_create_dir("hisi_acc", vfio_dev_migration);
@@ -1622,6 +1624,8 @@ static void hisi_acc_vfio_debug_init(struct hisi_acc_vf_core_device *hisi_acc_vd
hisi_acc_vf_migf_read);
debugfs_create_devm_seqfile(dev, "cmd_state", vfio_hisi_acc,
hisi_acc_vf_debug_cmd);
+
+ dput(vfio_dev_migration);
}
static void hisi_acc_vf_debugfs_exit(struct hisi_acc_vf_core_device *hisi_acc_vdev)
--
2.35.1
2 weeks, 2 days
- 1
- 0
[PATCH 08/11] drm/amd/display: Correct sequences and delays for DCN35 PG & RCG
by waynelin
From: Ovidiu Bunea <ovidiu.bunea(a)amd.com>
[why]
The current PG & RCG programming in driver has some gaps and incorrect
sequences.
[how]
Added delays after ungating clocks to allow ramp up, increased polling
to allow more time for power up, and removed the incorrect sequences.
Cc: Mario Limonciello <mario.limonciello(a)amd.com>
Cc: Alex Deucher <alexander.deucher(a)amd.com>
Cc: stable(a)vger.kernel.org
Reviewed-by: Charlene Liu <charlene.liu(a)amd.com>
Signed-off-by: Ovidiu Bunea <ovidiu.bunea(a)amd.com>
Signed-off-by: Wayne Lin <wayne.lin(a)amd.com>
---
drivers/gpu/drm/amd/display/dc/dc.h | 1 +
.../amd/display/dc/dccg/dcn35/dcn35_dccg.c | 74 +++++------
.../amd/display/dc/hwss/dcn35/dcn35_hwseq.c | 115 +++---------------
.../amd/display/dc/hwss/dcn35/dcn35_init.c | 3 -
.../amd/display/dc/hwss/dcn351/dcn351_init.c | 3 -
.../gpu/drm/amd/display/dc/inc/hw/pg_cntl.h | 1 +
.../amd/display/dc/pg/dcn35/dcn35_pg_cntl.c | 78 +++++++-----
7 files changed, 111 insertions(+), 164 deletions(-)
diff --git a/drivers/gpu/drm/amd/display/dc/dc.h b/drivers/gpu/drm/amd/display/dc/dc.h
index b41e66c31e6a..09d705cf5c9b 100644
--- a/drivers/gpu/drm/amd/display/dc/dc.h
+++ b/drivers/gpu/drm/amd/display/dc/dc.h
@@ -1162,6 +1162,7 @@ struct dc_debug_options {
unsigned int auxless_alpm_lfps_silence_ns;
unsigned int auxless_alpm_lfps_t1t2_us;
short auxless_alpm_lfps_t1t2_offset_us;
+ bool enable_pg_cntl_debug_logs;
};
diff --git a/drivers/gpu/drm/amd/display/dc/dccg/dcn35/dcn35_dccg.c b/drivers/gpu/drm/amd/display/dc/dccg/dcn35/dcn35_dccg.c
index 58c84f555c0f..0ce9489ac6b7 100644
--- a/drivers/gpu/drm/amd/display/dc/dccg/dcn35/dcn35_dccg.c
+++ b/drivers/gpu/drm/amd/display/dc/dccg/dcn35/dcn35_dccg.c
@@ -133,30 +133,34 @@ enum dsc_clk_source {
};
-static void dccg35_set_dsc_clk_rcg(struct dccg *dccg, int inst, bool enable)
+static void dccg35_set_dsc_clk_rcg(struct dccg *dccg, int inst, bool allow_rcg)
{
struct dcn_dccg *dccg_dcn = TO_DCN_DCCG(dccg);
- if (!dccg->ctx->dc->debug.root_clock_optimization.bits.dsc && enable)
+ if (!dccg->ctx->dc->debug.root_clock_optimization.bits.dsc && allow_rcg)
return;
switch (inst) {
case 0:
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK0_ROOT_GATE_DISABLE, enable ? 0 : 1);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK0_ROOT_GATE_DISABLE, allow_rcg ? 0 : 1);
break;
case 1:
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK1_ROOT_GATE_DISABLE, enable ? 0 : 1);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK1_ROOT_GATE_DISABLE, allow_rcg ? 0 : 1);
break;
case 2:
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK2_ROOT_GATE_DISABLE, enable ? 0 : 1);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK2_ROOT_GATE_DISABLE, allow_rcg ? 0 : 1);
break;
case 3:
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK3_ROOT_GATE_DISABLE, enable ? 0 : 1);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK3_ROOT_GATE_DISABLE, allow_rcg ? 0 : 1);
break;
default:
BREAK_TO_DEBUGGER();
return;
}
+
+ /* Wait for clock to ramp */
+ if (!allow_rcg)
+ udelay(10);
}
static void dccg35_set_symclk32_se_rcg(
@@ -385,35 +389,34 @@ static void dccg35_set_dtbclk_p_rcg(struct dccg *dccg, int inst, bool enable)
}
}
-static void dccg35_set_dppclk_rcg(struct dccg *dccg,
- int inst, bool enable)
+static void dccg35_set_dppclk_rcg(struct dccg *dccg, int inst, bool allow_rcg)
{
-
struct dcn_dccg *dccg_dcn = TO_DCN_DCCG(dccg);
-
- if (!dccg->ctx->dc->debug.root_clock_optimization.bits.dpp && enable)
+ if (!dccg->ctx->dc->debug.root_clock_optimization.bits.dpp && allow_rcg)
return;
switch (inst) {
case 0:
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK0_ROOT_GATE_DISABLE, enable ? 0 : 1);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK0_ROOT_GATE_DISABLE, allow_rcg ? 0 : 1);
break;
case 1:
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK1_ROOT_GATE_DISABLE, enable ? 0 : 1);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK1_ROOT_GATE_DISABLE, allow_rcg ? 0 : 1);
break;
case 2:
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK2_ROOT_GATE_DISABLE, enable ? 0 : 1);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK2_ROOT_GATE_DISABLE, allow_rcg ? 0 : 1);
break;
case 3:
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK3_ROOT_GATE_DISABLE, enable ? 0 : 1);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK3_ROOT_GATE_DISABLE, allow_rcg ? 0 : 1);
break;
default:
BREAK_TO_DEBUGGER();
break;
}
- //DC_LOG_DEBUG("%s: inst(%d) DPPCLK rcg_disable: %d\n", __func__, inst, enable ? 0 : 1);
+ /* Wait for clock to ramp */
+ if (!allow_rcg)
+ udelay(10);
}
static void dccg35_set_dpstreamclk_rcg(
@@ -1177,32 +1180,34 @@ static void dccg35_update_dpp_dto(struct dccg *dccg, int dpp_inst,
}
static void dccg35_set_dppclk_root_clock_gating(struct dccg *dccg,
- uint32_t dpp_inst, uint32_t enable)
+ uint32_t dpp_inst, uint32_t disallow_rcg)
{
struct dcn_dccg *dccg_dcn = TO_DCN_DCCG(dccg);
- if (!dccg->ctx->dc->debug.root_clock_optimization.bits.dpp)
+ if (!dccg->ctx->dc->debug.root_clock_optimization.bits.dpp && !disallow_rcg)
return;
switch (dpp_inst) {
case 0:
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK0_ROOT_GATE_DISABLE, enable);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK0_ROOT_GATE_DISABLE, disallow_rcg);
break;
case 1:
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK1_ROOT_GATE_DISABLE, enable);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK1_ROOT_GATE_DISABLE, disallow_rcg);
break;
case 2:
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK2_ROOT_GATE_DISABLE, enable);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK2_ROOT_GATE_DISABLE, disallow_rcg);
break;
case 3:
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK3_ROOT_GATE_DISABLE, enable);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DPPCLK3_ROOT_GATE_DISABLE, disallow_rcg);
break;
default:
break;
}
- //DC_LOG_DEBUG("%s: dpp_inst(%d) rcg: %d\n", __func__, dpp_inst, enable);
+ /* Wait for clock to ramp */
+ if (disallow_rcg)
+ udelay(10);
}
static void dccg35_get_pixel_rate_div(
@@ -1782,8 +1787,7 @@ static void dccg35_enable_dscclk(struct dccg *dccg, int inst)
//Disable DTO
switch (inst) {
case 0:
- if (dccg->ctx->dc->debug.root_clock_optimization.bits.dsc)
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK0_ROOT_GATE_DISABLE, 1);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK0_ROOT_GATE_DISABLE, 1);
REG_UPDATE_2(DSCCLK0_DTO_PARAM,
DSCCLK0_DTO_PHASE, 0,
@@ -1791,8 +1795,7 @@ static void dccg35_enable_dscclk(struct dccg *dccg, int inst)
REG_UPDATE(DSCCLK_DTO_CTRL, DSCCLK0_EN, 1);
break;
case 1:
- if (dccg->ctx->dc->debug.root_clock_optimization.bits.dsc)
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK1_ROOT_GATE_DISABLE, 1);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK1_ROOT_GATE_DISABLE, 1);
REG_UPDATE_2(DSCCLK1_DTO_PARAM,
DSCCLK1_DTO_PHASE, 0,
@@ -1800,8 +1803,7 @@ static void dccg35_enable_dscclk(struct dccg *dccg, int inst)
REG_UPDATE(DSCCLK_DTO_CTRL, DSCCLK1_EN, 1);
break;
case 2:
- if (dccg->ctx->dc->debug.root_clock_optimization.bits.dsc)
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK2_ROOT_GATE_DISABLE, 1);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK2_ROOT_GATE_DISABLE, 1);
REG_UPDATE_2(DSCCLK2_DTO_PARAM,
DSCCLK2_DTO_PHASE, 0,
@@ -1809,8 +1811,7 @@ static void dccg35_enable_dscclk(struct dccg *dccg, int inst)
REG_UPDATE(DSCCLK_DTO_CTRL, DSCCLK2_EN, 1);
break;
case 3:
- if (dccg->ctx->dc->debug.root_clock_optimization.bits.dsc)
- REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK3_ROOT_GATE_DISABLE, 1);
+ REG_UPDATE(DCCG_GATE_DISABLE_CNTL6, DSCCLK3_ROOT_GATE_DISABLE, 1);
REG_UPDATE_2(DSCCLK3_DTO_PARAM,
DSCCLK3_DTO_PHASE, 0,
@@ -1821,6 +1822,9 @@ static void dccg35_enable_dscclk(struct dccg *dccg, int inst)
BREAK_TO_DEBUGGER();
return;
}
+
+ /* Wait for clock to ramp */
+ udelay(10);
}
static void dccg35_disable_dscclk(struct dccg *dccg,
@@ -1864,6 +1868,9 @@ static void dccg35_disable_dscclk(struct dccg *dccg,
default:
return;
}
+
+ /* Wait for clock ramp */
+ udelay(10);
}
static void dccg35_enable_symclk_se(struct dccg *dccg, uint32_t stream_enc_inst, uint32_t link_enc_inst)
@@ -2349,10 +2356,7 @@ static void dccg35_disable_symclk_se_cb(
void dccg35_root_gate_disable_control(struct dccg *dccg, uint32_t pipe_idx, uint32_t disable_clock_gating)
{
-
- if (dccg->ctx->dc->debug.root_clock_optimization.bits.dpp) {
- dccg35_set_dppclk_root_clock_gating(dccg, pipe_idx, disable_clock_gating);
- }
+ dccg35_set_dppclk_root_clock_gating(dccg, pipe_idx, disable_clock_gating);
}
static const struct dccg_funcs dccg35_funcs_new = {
diff --git a/drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_hwseq.c b/drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_hwseq.c
index a267f574b619..764eff6a4ec6 100644
--- a/drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_hwseq.c
+++ b/drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_hwseq.c
@@ -113,6 +113,14 @@ static void enable_memory_low_power(struct dc *dc)
}
#endif
+static void print_pg_status(struct dc *dc, const char *debug_func, const char *debug_log)
+{
+ if (dc->debug.enable_pg_cntl_debug_logs && dc->res_pool->pg_cntl) {
+ if (dc->res_pool->pg_cntl->funcs->print_pg_status)
+ dc->res_pool->pg_cntl->funcs->print_pg_status(dc->res_pool->pg_cntl, debug_func, debug_log);
+ }
+}
+
void dcn35_set_dmu_fgcg(struct dce_hwseq *hws, bool enable)
{
REG_UPDATE_3(DMU_CLK_CNTL,
@@ -137,6 +145,8 @@ void dcn35_init_hw(struct dc *dc)
uint32_t user_level = MAX_BACKLIGHT_LEVEL;
int i;
+ print_pg_status(dc, __func__, ": start");
+
if (dc->clk_mgr && dc->clk_mgr->funcs->init_clocks)
dc->clk_mgr->funcs->init_clocks(dc->clk_mgr);
@@ -200,10 +210,7 @@ void dcn35_init_hw(struct dc *dc)
/* we want to turn off all dp displays before doing detection */
dc->link_srv->blank_all_dp_displays(dc);
-/*
- if (hws->funcs.enable_power_gating_plane)
- hws->funcs.enable_power_gating_plane(dc->hwseq, true);
-*/
+
if (res_pool->hubbub && res_pool->hubbub->funcs->dchubbub_init)
res_pool->hubbub->funcs->dchubbub_init(dc->res_pool->hubbub);
/* If taking control over from VBIOS, we may want to optimize our first
@@ -236,6 +243,8 @@ void dcn35_init_hw(struct dc *dc)
}
hws->funcs.init_pipes(dc, dc->current_state);
+ print_pg_status(dc, __func__, ": after init_pipes");
+
if (dc->res_pool->hubbub->funcs->allow_self_refresh_control &&
!dc->res_pool->hubbub->ctx->dc->debug.disable_stutter)
dc->res_pool->hubbub->funcs->allow_self_refresh_control(dc->res_pool->hubbub,
@@ -312,6 +321,7 @@ void dcn35_init_hw(struct dc *dc)
if (dc->res_pool->pg_cntl->funcs->init_pg_status)
dc->res_pool->pg_cntl->funcs->init_pg_status(dc->res_pool->pg_cntl);
}
+ print_pg_status(dc, __func__, ": after init_pg_status");
}
static void update_dsc_on_stream(struct pipe_ctx *pipe_ctx, bool enable)
@@ -500,97 +510,6 @@ void dcn35_physymclk_root_clock_control(struct dce_hwseq *hws, unsigned int phy_
}
}
-void dcn35_dsc_pg_control(
- struct dce_hwseq *hws,
- unsigned int dsc_inst,
- bool power_on)
-{
- uint32_t power_gate = power_on ? 0 : 1;
- uint32_t pwr_status = power_on ? 0 : 2;
- uint32_t org_ip_request_cntl = 0;
-
- if (hws->ctx->dc->debug.disable_dsc_power_gate)
- return;
- if (hws->ctx->dc->debug.ignore_pg)
- return;
- REG_GET(DC_IP_REQUEST_CNTL, IP_REQUEST_EN, &org_ip_request_cntl);
- if (org_ip_request_cntl == 0)
- REG_SET(DC_IP_REQUEST_CNTL, 0, IP_REQUEST_EN, 1);
-
- switch (dsc_inst) {
- case 0: /* DSC0 */
- REG_UPDATE(DOMAIN16_PG_CONFIG,
- DOMAIN_POWER_GATE, power_gate);
-
- REG_WAIT(DOMAIN16_PG_STATUS,
- DOMAIN_PGFSM_PWR_STATUS, pwr_status,
- 1, 1000);
- break;
- case 1: /* DSC1 */
- REG_UPDATE(DOMAIN17_PG_CONFIG,
- DOMAIN_POWER_GATE, power_gate);
-
- REG_WAIT(DOMAIN17_PG_STATUS,
- DOMAIN_PGFSM_PWR_STATUS, pwr_status,
- 1, 1000);
- break;
- case 2: /* DSC2 */
- REG_UPDATE(DOMAIN18_PG_CONFIG,
- DOMAIN_POWER_GATE, power_gate);
-
- REG_WAIT(DOMAIN18_PG_STATUS,
- DOMAIN_PGFSM_PWR_STATUS, pwr_status,
- 1, 1000);
- break;
- case 3: /* DSC3 */
- REG_UPDATE(DOMAIN19_PG_CONFIG,
- DOMAIN_POWER_GATE, power_gate);
-
- REG_WAIT(DOMAIN19_PG_STATUS,
- DOMAIN_PGFSM_PWR_STATUS, pwr_status,
- 1, 1000);
- break;
- default:
- BREAK_TO_DEBUGGER();
- break;
- }
-
- if (org_ip_request_cntl == 0)
- REG_SET(DC_IP_REQUEST_CNTL, 0, IP_REQUEST_EN, 0);
-}
-
-void dcn35_enable_power_gating_plane(struct dce_hwseq *hws, bool enable)
-{
- bool force_on = true; /* disable power gating */
- uint32_t org_ip_request_cntl = 0;
-
- if (hws->ctx->dc->debug.disable_hubp_power_gate)
- return;
- if (hws->ctx->dc->debug.ignore_pg)
- return;
- REG_GET(DC_IP_REQUEST_CNTL, IP_REQUEST_EN, &org_ip_request_cntl);
- if (org_ip_request_cntl == 0)
- REG_SET(DC_IP_REQUEST_CNTL, 0, IP_REQUEST_EN, 1);
- /* DCHUBP0/1/2/3/4/5 */
- REG_UPDATE(DOMAIN0_PG_CONFIG, DOMAIN_POWER_FORCEON, force_on);
- REG_UPDATE(DOMAIN2_PG_CONFIG, DOMAIN_POWER_FORCEON, force_on);
- /* DPP0/1/2/3/4/5 */
- REG_UPDATE(DOMAIN1_PG_CONFIG, DOMAIN_POWER_FORCEON, force_on);
- REG_UPDATE(DOMAIN3_PG_CONFIG, DOMAIN_POWER_FORCEON, force_on);
-
- force_on = true; /* disable power gating */
- if (enable && !hws->ctx->dc->debug.disable_dsc_power_gate)
- force_on = false;
-
- /* DCS0/1/2/3/4 */
- REG_UPDATE(DOMAIN16_PG_CONFIG, DOMAIN_POWER_FORCEON, force_on);
- REG_UPDATE(DOMAIN17_PG_CONFIG, DOMAIN_POWER_FORCEON, force_on);
- REG_UPDATE(DOMAIN18_PG_CONFIG, DOMAIN_POWER_FORCEON, force_on);
- REG_UPDATE(DOMAIN19_PG_CONFIG, DOMAIN_POWER_FORCEON, force_on);
-
-
-}
-
/* In headless boot cases, DIG may be turned
* on which causes HW/SW discrepancies.
* To avoid this, power down hardware on boot
@@ -1453,6 +1372,8 @@ void dcn35_prepare_bandwidth(
}
dcn20_prepare_bandwidth(dc, context);
+
+ print_pg_status(dc, __func__, ": after rcg and power up");
}
void dcn35_optimize_bandwidth(
@@ -1461,6 +1382,8 @@ void dcn35_optimize_bandwidth(
{
struct pg_block_update pg_update_state;
+ print_pg_status(dc, __func__, ": before rcg and power up");
+
dcn20_optimize_bandwidth(dc, context);
if (dc->hwss.calc_blocks_to_gate) {
@@ -1472,6 +1395,8 @@ void dcn35_optimize_bandwidth(
if (dc->hwss.root_clock_control)
dc->hwss.root_clock_control(dc, &pg_update_state, false);
}
+
+ print_pg_status(dc, __func__, ": after rcg and power up");
}
void dcn35_set_drr(struct pipe_ctx **pipe_ctx,
diff --git a/drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_init.c b/drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_init.c
index 52cc488416ac..f2f16a0bdb4f 100644
--- a/drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_init.c
+++ b/drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_init.c
@@ -115,7 +115,6 @@ static const struct hw_sequencer_funcs dcn35_funcs = {
.exit_optimized_pwr_state = dcn21_exit_optimized_pwr_state,
.update_visual_confirm_color = dcn10_update_visual_confirm_color,
.apply_idle_power_optimizations = dcn35_apply_idle_power_optimizations,
- .update_dsc_pg = dcn32_update_dsc_pg,
.calc_blocks_to_gate = dcn35_calc_blocks_to_gate,
.calc_blocks_to_ungate = dcn35_calc_blocks_to_ungate,
.hw_block_power_up = dcn35_hw_block_power_up,
@@ -151,7 +150,6 @@ static const struct hwseq_private_funcs dcn35_private_funcs = {
.plane_atomic_disable = dcn35_plane_atomic_disable,
//.plane_atomic_disable = dcn20_plane_atomic_disable,/*todo*/
//.hubp_pg_control = dcn35_hubp_pg_control,
- .enable_power_gating_plane = dcn35_enable_power_gating_plane,
.dpp_root_clock_control = dcn35_dpp_root_clock_control,
.dpstream_root_clock_control = dcn35_dpstream_root_clock_control,
.physymclk_root_clock_control = dcn35_physymclk_root_clock_control,
@@ -166,7 +164,6 @@ static const struct hwseq_private_funcs dcn35_private_funcs = {
.calculate_dccg_k1_k2_values = dcn32_calculate_dccg_k1_k2_values,
.resync_fifo_dccg_dio = dcn314_resync_fifo_dccg_dio,
.is_dp_dig_pixel_rate_div_policy = dcn35_is_dp_dig_pixel_rate_div_policy,
- .dsc_pg_control = dcn35_dsc_pg_control,
.dsc_pg_status = dcn32_dsc_pg_status,
.enable_plane = dcn35_enable_plane,
.wait_for_pipe_update_if_needed = dcn10_wait_for_pipe_update_if_needed,
diff --git a/drivers/gpu/drm/amd/display/dc/hwss/dcn351/dcn351_init.c b/drivers/gpu/drm/amd/display/dc/hwss/dcn351/dcn351_init.c
index e34efcb7bde5..09e60158f0b5 100644
--- a/drivers/gpu/drm/amd/display/dc/hwss/dcn351/dcn351_init.c
+++ b/drivers/gpu/drm/amd/display/dc/hwss/dcn351/dcn351_init.c
@@ -114,7 +114,6 @@ static const struct hw_sequencer_funcs dcn351_funcs = {
.exit_optimized_pwr_state = dcn21_exit_optimized_pwr_state,
.update_visual_confirm_color = dcn10_update_visual_confirm_color,
.apply_idle_power_optimizations = dcn35_apply_idle_power_optimizations,
- .update_dsc_pg = dcn32_update_dsc_pg,
.calc_blocks_to_gate = dcn351_calc_blocks_to_gate,
.calc_blocks_to_ungate = dcn351_calc_blocks_to_ungate,
.hw_block_power_up = dcn351_hw_block_power_up,
@@ -146,7 +145,6 @@ static const struct hwseq_private_funcs dcn351_private_funcs = {
.plane_atomic_disable = dcn35_plane_atomic_disable,
//.plane_atomic_disable = dcn20_plane_atomic_disable,/*todo*/
//.hubp_pg_control = dcn35_hubp_pg_control,
- .enable_power_gating_plane = dcn35_enable_power_gating_plane,
.dpp_root_clock_control = dcn35_dpp_root_clock_control,
.dpstream_root_clock_control = dcn35_dpstream_root_clock_control,
.physymclk_root_clock_control = dcn35_physymclk_root_clock_control,
@@ -160,7 +158,6 @@ static const struct hwseq_private_funcs dcn351_private_funcs = {
.setup_hpo_hw_control = dcn35_setup_hpo_hw_control,
.calculate_dccg_k1_k2_values = dcn32_calculate_dccg_k1_k2_values,
.is_dp_dig_pixel_rate_div_policy = dcn35_is_dp_dig_pixel_rate_div_policy,
- .dsc_pg_control = dcn35_dsc_pg_control,
.dsc_pg_status = dcn32_dsc_pg_status,
.enable_plane = dcn35_enable_plane,
.wait_for_pipe_update_if_needed = dcn10_wait_for_pipe_update_if_needed,
diff --git a/drivers/gpu/drm/amd/display/dc/inc/hw/pg_cntl.h b/drivers/gpu/drm/amd/display/dc/inc/hw/pg_cntl.h
index 44f86cc2d1d6..227e3f8d7e5f 100644
--- a/drivers/gpu/drm/amd/display/dc/inc/hw/pg_cntl.h
+++ b/drivers/gpu/drm/amd/display/dc/inc/hw/pg_cntl.h
@@ -49,6 +49,7 @@ struct pg_cntl_funcs {
void (*mem_pg_control)(struct pg_cntl *pg_cntl, bool power_on);
void (*dio_pg_control)(struct pg_cntl *pg_cntl, bool power_on);
void (*init_pg_status)(struct pg_cntl *pg_cntl);
+ void (*print_pg_status)(struct pg_cntl *pg_cntl, const char *debug_func, const char *debug_log);
};
#endif //__DC_PG_CNTL_H__
diff --git a/drivers/gpu/drm/amd/display/dc/pg/dcn35/dcn35_pg_cntl.c b/drivers/gpu/drm/amd/display/dc/pg/dcn35/dcn35_pg_cntl.c
index af21c0a27f86..72bd43f9bbe2 100644
--- a/drivers/gpu/drm/amd/display/dc/pg/dcn35/dcn35_pg_cntl.c
+++ b/drivers/gpu/drm/amd/display/dc/pg/dcn35/dcn35_pg_cntl.c
@@ -79,16 +79,12 @@ void pg_cntl35_dsc_pg_control(struct pg_cntl *pg_cntl, unsigned int dsc_inst, bo
uint32_t power_gate = power_on ? 0 : 1;
uint32_t pwr_status = power_on ? 0 : 2;
uint32_t org_ip_request_cntl = 0;
- bool block_enabled;
-
- /*need to enable dscclk regardless DSC_PG*/
- if (pg_cntl->ctx->dc->res_pool->dccg->funcs->enable_dsc && power_on)
- pg_cntl->ctx->dc->res_pool->dccg->funcs->enable_dsc(
- pg_cntl->ctx->dc->res_pool->dccg, dsc_inst);
+ bool block_enabled = false;
+ bool skip_pg = pg_cntl->ctx->dc->debug.ignore_pg ||
+ pg_cntl->ctx->dc->debug.disable_dsc_power_gate ||
+ pg_cntl->ctx->dc->idle_optimizations_allowed;
- if (pg_cntl->ctx->dc->debug.ignore_pg ||
- pg_cntl->ctx->dc->debug.disable_dsc_power_gate ||
- pg_cntl->ctx->dc->idle_optimizations_allowed)
+ if (skip_pg && !power_on)
return;
block_enabled = pg_cntl35_dsc_pg_status(pg_cntl, dsc_inst);
@@ -111,7 +107,7 @@ void pg_cntl35_dsc_pg_control(struct pg_cntl *pg_cntl, unsigned int dsc_inst, bo
REG_WAIT(DOMAIN16_PG_STATUS,
DOMAIN_PGFSM_PWR_STATUS, pwr_status,
- 1, 1000);
+ 1, 10000);
break;
case 1: /* DSC1 */
REG_UPDATE(DOMAIN17_PG_CONFIG,
@@ -119,7 +115,7 @@ void pg_cntl35_dsc_pg_control(struct pg_cntl *pg_cntl, unsigned int dsc_inst, bo
REG_WAIT(DOMAIN17_PG_STATUS,
DOMAIN_PGFSM_PWR_STATUS, pwr_status,
- 1, 1000);
+ 1, 10000);
break;
case 2: /* DSC2 */
REG_UPDATE(DOMAIN18_PG_CONFIG,
@@ -127,7 +123,7 @@ void pg_cntl35_dsc_pg_control(struct pg_cntl *pg_cntl, unsigned int dsc_inst, bo
REG_WAIT(DOMAIN18_PG_STATUS,
DOMAIN_PGFSM_PWR_STATUS, pwr_status,
- 1, 1000);
+ 1, 10000);
break;
case 3: /* DSC3 */
REG_UPDATE(DOMAIN19_PG_CONFIG,
@@ -135,7 +131,7 @@ void pg_cntl35_dsc_pg_control(struct pg_cntl *pg_cntl, unsigned int dsc_inst, bo
REG_WAIT(DOMAIN19_PG_STATUS,
DOMAIN_PGFSM_PWR_STATUS, pwr_status,
- 1, 1000);
+ 1, 10000);
break;
default:
BREAK_TO_DEBUGGER();
@@ -144,12 +140,6 @@ void pg_cntl35_dsc_pg_control(struct pg_cntl *pg_cntl, unsigned int dsc_inst, bo
if (dsc_inst < MAX_PIPES)
pg_cntl->pg_pipe_res_enable[PG_DSC][dsc_inst] = power_on;
-
- if (pg_cntl->ctx->dc->res_pool->dccg->funcs->disable_dsc && !power_on) {
- /*this is to disable dscclk*/
- pg_cntl->ctx->dc->res_pool->dccg->funcs->disable_dsc(
- pg_cntl->ctx->dc->res_pool->dccg, dsc_inst);
- }
}
static bool pg_cntl35_hubp_dpp_pg_status(struct pg_cntl *pg_cntl, unsigned int hubp_dpp_inst)
@@ -189,11 +179,12 @@ void pg_cntl35_hubp_dpp_pg_control(struct pg_cntl *pg_cntl, unsigned int hubp_dp
uint32_t pwr_status = power_on ? 0 : 2;
uint32_t org_ip_request_cntl;
bool block_enabled;
+ bool skip_pg = pg_cntl->ctx->dc->debug.ignore_pg ||
+ pg_cntl->ctx->dc->debug.disable_hubp_power_gate ||
+ pg_cntl->ctx->dc->debug.disable_dpp_power_gate ||
+ pg_cntl->ctx->dc->idle_optimizations_allowed;
- if (pg_cntl->ctx->dc->debug.ignore_pg ||
- pg_cntl->ctx->dc->debug.disable_hubp_power_gate ||
- pg_cntl->ctx->dc->debug.disable_dpp_power_gate ||
- pg_cntl->ctx->dc->idle_optimizations_allowed)
+ if (skip_pg && !power_on)
return;
block_enabled = pg_cntl35_hubp_dpp_pg_status(pg_cntl, hubp_dpp_inst);
@@ -213,22 +204,22 @@ void pg_cntl35_hubp_dpp_pg_control(struct pg_cntl *pg_cntl, unsigned int hubp_dp
case 0:
/* DPP0 & HUBP0 */
REG_UPDATE(DOMAIN0_PG_CONFIG, DOMAIN_POWER_GATE, power_gate);
- REG_WAIT(DOMAIN0_PG_STATUS, DOMAIN_PGFSM_PWR_STATUS, pwr_status, 1, 1000);
+ REG_WAIT(DOMAIN0_PG_STATUS, DOMAIN_PGFSM_PWR_STATUS, pwr_status, 1, 10000);
break;
case 1:
/* DPP1 & HUBP1 */
REG_UPDATE(DOMAIN1_PG_CONFIG, DOMAIN_POWER_GATE, power_gate);
- REG_WAIT(DOMAIN1_PG_STATUS, DOMAIN_PGFSM_PWR_STATUS, pwr_status, 1, 1000);
+ REG_WAIT(DOMAIN1_PG_STATUS, DOMAIN_PGFSM_PWR_STATUS, pwr_status, 1, 10000);
break;
case 2:
/* DPP2 & HUBP2 */
REG_UPDATE(DOMAIN2_PG_CONFIG, DOMAIN_POWER_GATE, power_gate);
- REG_WAIT(DOMAIN2_PG_STATUS, DOMAIN_PGFSM_PWR_STATUS, pwr_status, 1, 1000);
+ REG_WAIT(DOMAIN2_PG_STATUS, DOMAIN_PGFSM_PWR_STATUS, pwr_status, 1, 10000);
break;
case 3:
/* DPP3 & HUBP3 */
REG_UPDATE(DOMAIN3_PG_CONFIG, DOMAIN_POWER_GATE, power_gate);
- REG_WAIT(DOMAIN3_PG_STATUS, DOMAIN_PGFSM_PWR_STATUS, pwr_status, 1, 1000);
+ REG_WAIT(DOMAIN3_PG_STATUS, DOMAIN_PGFSM_PWR_STATUS, pwr_status, 1, 10000);
break;
default:
BREAK_TO_DEBUGGER();
@@ -501,6 +492,36 @@ void pg_cntl35_init_pg_status(struct pg_cntl *pg_cntl)
pg_cntl->pg_res_enable[PG_DWB] = block_enabled;
}
+static void pg_cntl35_print_pg_status(struct pg_cntl *pg_cntl, const char *debug_func, const char *debug_log)
+{
+ int i = 0;
+ bool block_enabled = false;
+
+ DC_LOG_DEBUG("%s: %s", debug_func, debug_log);
+
+ DC_LOG_DEBUG("PG_CNTL status:\n");
+
+ block_enabled = pg_cntl35_io_clk_status(pg_cntl);
+ DC_LOG_DEBUG("ONO0=%d (DCCG, DIO, DCIO)\n", block_enabled ? 1 : 0);
+
+ block_enabled = pg_cntl35_mem_status(pg_cntl);
+ DC_LOG_DEBUG("ONO1=%d (DCHUBBUB, DCHVM, DCHUBBUBMEM)\n", block_enabled ? 1 : 0);
+
+ block_enabled = pg_cntl35_plane_otg_status(pg_cntl);
+ DC_LOG_DEBUG("ONO2=%d (MPC, OPP, OPTC, DWB)\n", block_enabled ? 1 : 0);
+
+ block_enabled = pg_cntl35_hpo_pg_status(pg_cntl);
+ DC_LOG_DEBUG("ONO3=%d (HPO)\n", block_enabled ? 1 : 0);
+
+ for (i = 0; i < pg_cntl->ctx->dc->res_pool->pipe_count; i++) {
+ block_enabled = pg_cntl35_hubp_dpp_pg_status(pg_cntl, i);
+ DC_LOG_DEBUG("ONO%d=%d (DCHUBP%d, DPP%d)\n", 4 + i * 2, block_enabled ? 1 : 0, i, i);
+
+ block_enabled = pg_cntl35_dsc_pg_status(pg_cntl, i);
+ DC_LOG_DEBUG("ONO%d=%d (DSC%d)\n", 5 + i * 2, block_enabled ? 1 : 0, i);
+ }
+}
+
static const struct pg_cntl_funcs pg_cntl35_funcs = {
.init_pg_status = pg_cntl35_init_pg_status,
.dsc_pg_control = pg_cntl35_dsc_pg_control,
@@ -511,7 +532,8 @@ static const struct pg_cntl_funcs pg_cntl35_funcs = {
.mpcc_pg_control = pg_cntl35_mpcc_pg_control,
.opp_pg_control = pg_cntl35_opp_pg_control,
.optc_pg_control = pg_cntl35_optc_pg_control,
- .dwb_pg_control = pg_cntl35_dwb_pg_control
+ .dwb_pg_control = pg_cntl35_dwb_pg_control,
+ .print_pg_status = pg_cntl35_print_pg_status
};
struct pg_cntl *pg_cntl35_create(
--
2.43.0
2 weeks, 2 days
- 1
- 0
[PATCH 1/2] PCI: Rename PCIE_RESET_CONFIG_DEVICE_WAIT_MS to PCIE_RESET_CONFIG_WAIT_MS
by Marek Vasut
From: Niklas Cassel <cassel(a)kernel.org>
[ Upstream commit 817f989700fddefa56e5e443e7d138018ca6709d ]
Rename PCIE_RESET_CONFIG_DEVICE_WAIT_MS to PCIE_RESET_CONFIG_WAIT_MS.
Suggested-by: Bjorn Helgaas <helgaas(a)kernel.org>
Signed-off-by: Niklas Cassel <cassel(a)kernel.org>
Signed-off-by: Manivannan Sadhasivam <mani(a)kernel.org>
Cc: <stable(a)vger.kernel.org> # 6.12.x
---
drivers/pci/controller/plda/pcie-starfive.c | 2 +-
drivers/pci/pci.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/pci/controller/plda/pcie-starfive.c b/drivers/pci/controller/plda/pcie-starfive.c
index 0564fdce47c2a..0a0b5a7d84d7e 100644
--- a/drivers/pci/controller/plda/pcie-starfive.c
+++ b/drivers/pci/controller/plda/pcie-starfive.c
@@ -368,7 +368,7 @@ static int starfive_pcie_host_init(struct plda_pcie_rp *plda)
* of 100ms following exit from a conventional reset before
* sending a configuration request to the device.
*/
- msleep(PCIE_RESET_CONFIG_DEVICE_WAIT_MS);
+ msleep(PCIE_RESET_CONFIG_WAIT_MS);
if (starfive_pcie_host_wait_for_link(pcie))
dev_info(dev, "port link down\n");
diff --git a/drivers/pci/pci.h b/drivers/pci/pci.h
index b65868e709517..c951f861a69b2 100644
--- a/drivers/pci/pci.h
+++ b/drivers/pci/pci.h
@@ -57,7 +57,7 @@
* completes before sending a Configuration Request to the device
* immediately below that Port."
*/
-#define PCIE_RESET_CONFIG_DEVICE_WAIT_MS 100
+#define PCIE_RESET_CONFIG_WAIT_MS 100
/* Message Routing (r[2:0]); PCIe r6.0, sec 2.2.8 */
#define PCIE_MSG_TYPE_R_RC 0
--
2.50.1
2 weeks, 2 days
- 3
- 3
[PATCH v2 1/2] PCI: Rename PCIE_RESET_CONFIG_DEVICE_WAIT_MS to PCIE_RESET_CONFIG_WAIT_MS
by Marek Vasut
From: Niklas Cassel <cassel(a)kernel.org>
[ Upstream commit 817f989700fddefa56e5e443e7d138018ca6709d ]
Rename PCIE_RESET_CONFIG_DEVICE_WAIT_MS to PCIE_RESET_CONFIG_WAIT_MS.
Suggested-by: Bjorn Helgaas <helgaas(a)kernel.org>
Signed-off-by: Niklas Cassel <cassel(a)kernel.org>
Signed-off-by: Manivannan Sadhasivam <mani(a)kernel.org>
Signed-off-by: Marek Vasut <marek.vasut+renesas(a)mailbox.org>
Cc: <stable(a)vger.kernel.org> # 6.12.x
---
V2: Add own SoB line
---
drivers/pci/controller/plda/pcie-starfive.c | 2 +-
drivers/pci/pci.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/pci/controller/plda/pcie-starfive.c b/drivers/pci/controller/plda/pcie-starfive.c
index 0564fdce47c2a..0a0b5a7d84d7e 100644
--- a/drivers/pci/controller/plda/pcie-starfive.c
+++ b/drivers/pci/controller/plda/pcie-starfive.c
@@ -368,7 +368,7 @@ static int starfive_pcie_host_init(struct plda_pcie_rp *plda)
* of 100ms following exit from a conventional reset before
* sending a configuration request to the device.
*/
- msleep(PCIE_RESET_CONFIG_DEVICE_WAIT_MS);
+ msleep(PCIE_RESET_CONFIG_WAIT_MS);
if (starfive_pcie_host_wait_for_link(pcie))
dev_info(dev, "port link down\n");
diff --git a/drivers/pci/pci.h b/drivers/pci/pci.h
index b65868e709517..c951f861a69b2 100644
--- a/drivers/pci/pci.h
+++ b/drivers/pci/pci.h
@@ -57,7 +57,7 @@
* completes before sending a Configuration Request to the device
* immediately below that Port."
*/
-#define PCIE_RESET_CONFIG_DEVICE_WAIT_MS 100
+#define PCIE_RESET_CONFIG_WAIT_MS 100
/* Message Routing (r[2:0]); PCIe r6.0, sec 2.2.8 */
#define PCIE_MSG_TYPE_R_RC 0
--
2.50.1
2 weeks, 2 days
- 1
- 1
[PATCH v8] Bluetooth: hci_qca: Fix SSR (SubSystem Restart) fail when BT_EN is pulled up by hw
by Shuai Zhang
When the host actively triggers SSR and collects coredump data,
the Bluetooth stack sends a reset command to the controller. However, due
to the inability to clear the QCA_SSR_TRIGGERED and QCA_IBS_DISABLED bits,
the reset command times out.
To address this, this patch clears the QCA_SSR_TRIGGERED and
QCA_IBS_DISABLED flags and adds a 50ms delay after SSR, but only when
HCI_QUIRK_NON_PERSISTENT_SETUP is not set. This ensures the controller
completes the SSR process when BT_EN is always high due to hardware.
For the purpose of HCI_QUIRK_NON_PERSISTENT_SETUP, please refer to
the comment in `include/net/bluetooth/hci.h`.
The HCI_QUIRK_NON_PERSISTENT_SETUP quirk is associated with BT_EN,
and its presence can be used to determine whether BT_EN is defined in DTS.
After SSR, host will not download the firmware, causing
controller to remain in the IBS_WAKE state. Host needs
to synchronize with the controller to maintain proper operation.
Multiple triggers of SSR only first generate coredump file,
due to memcoredump_flag no clear.
add clear coredump flag when ssr completed.
When the SSR duration exceeds 2 seconds, it triggers
host tx_idle_timeout, which sets host TX state to sleep. due to the
hardware pulling up bt_en, the firmware is not downloaded after the SSR.
As a result, the controller does not enter sleep mode. Consequently,
when the host sends a command afterward, it sends 0xFD to the controller,
but the controller does not respond, leading to a command timeout.
So reset tx_idle_timer after SSR to prevent host enter TX IBS_Sleep mode.
Changes since v6-7:
- Merge the changes into a single patch.
- Update commit.
Changes since v1-5:
- Add an explanation for HCI_QUIRK_NON_PERSISTENT_SETUP.
- Add commments for msleep(50).
- Update format and commit.
Signed-off-by: Shuai Zhang <quic_shuaz(a)quicinc.com>
---
drivers/bluetooth/hci_qca.c | 33 +++++++++++++++++++++++++++++++++
1 file changed, 33 insertions(+)
diff --git a/drivers/bluetooth/hci_qca.c b/drivers/bluetooth/hci_qca.c
index 4e56782b0..9dc59b002 100644
--- a/drivers/bluetooth/hci_qca.c
+++ b/drivers/bluetooth/hci_qca.c
@@ -1653,6 +1653,39 @@ static void qca_hw_error(struct hci_dev *hdev, u8 code)
skb_queue_purge(&qca->rx_memdump_q);
}
+ /*
+ * If the BT chip's bt_en pin is connected to a 3.3V power supply via
+ * hardware and always stays high, driver cannot control the bt_en pin.
+ * As a result, during SSR (SubSystem Restart), QCA_SSR_TRIGGERED and
+ * QCA_IBS_DISABLED flags cannot be cleared, which leads to a reset
+ * command timeout.
+ * Add an msleep delay to ensure controller completes the SSR process.
+ *
+ * Host will not download the firmware after SSR, controller to remain
+ * in the IBS_WAKE state, and the host needs to synchronize with it
+ *
+ * Since the bluetooth chip has been reset, clear the memdump state.
+ */
+ if (!test_bit(HCI_QUIRK_NON_PERSISTENT_SETUP, &hdev->quirks)) {
+ /*
+ * When the SSR (SubSystem Restart) duration exceeds 2 seconds,
+ * it triggers host tx_idle_delay, which sets host TX state
+ * to sleep. Reset tx_idle_timer after SSR to prevent
+ * host enter TX IBS_Sleep mode.
+ */
+ mod_timer(&qca->tx_idle_timer, jiffies +
+ msecs_to_jiffies(qca->tx_idle_delay));
+
+ /* Controller reset completion time is 50ms */
+ msleep(50);
+
+ clear_bit(QCA_SSR_TRIGGERED, &qca->flags);
+ clear_bit(QCA_IBS_DISABLED, &qca->flags);
+
+ qca->tx_ibs_state = HCI_IBS_TX_AWAKE;
+ qca->memdump_state = QCA_MEMDUMP_IDLE;
+ }
+
clear_bit(QCA_HW_ERROR_EVENT, &qca->flags);
}
--
2.34.1
2 weeks, 2 days
- 3
- 3
[PATCH v1] spi: microchip-core-qspi: stop checking viability of op->max_freq in supports_op callback
by Conor Dooley
From: Conor Dooley <conor.dooley(a)microchip.com>
In commit 13529647743d9 ("spi: microchip-core-qspi: Support per spi-mem
operation frequency switches") the logic for checking the viability of
op->max_freq in mchp_coreqspi_setup_clock() was copied into
mchp_coreqspi_supports_op(). Unfortunately, op->max_freq is not valid
when this function is called during probe but is instead zero.
Accordingly, baud_rate_val is calculated to be INT_MAX due to division
by zero, causing probe of the attached memory device to fail.
Seemingly spi-microchip-core-qspi was the only driver that had such a
modification made to its supports_op callback when the per_op_freq
capability was added, so just remove it to restore prior functionality.
CC: stable(a)vger.kernel.org
Reported-by: Valentina Fernandez <valentina.fernandezalanis(a)microchip.com>
Fixes: 13529647743d9 ("spi: microchip-core-qspi: Support per spi-mem operation frequency switches")
Signed-off-by: Conor Dooley <conor.dooley(a)microchip.com>
---
CC: Conor Dooley <conor.dooley(a)microchip.com>
CC: Daire McNamara <daire.mcnamara(a)microchip.com>
CC: Mark Brown <broonie(a)kernel.org>
CC: Miquel Raynal <miquel.raynal(a)bootlin.com>
CC: linux-spi(a)vger.kernel.org
CC: linux-kernel(a)vger.kernel.org
---
drivers/spi/spi-microchip-core-qspi.c | 12 ------------
1 file changed, 12 deletions(-)
diff --git a/drivers/spi/spi-microchip-core-qspi.c b/drivers/spi/spi-microchip-core-qspi.c
index d13a9b755c7f8..8dc98b17f77b5 100644
--- a/drivers/spi/spi-microchip-core-qspi.c
+++ b/drivers/spi/spi-microchip-core-qspi.c
@@ -531,10 +531,6 @@ static int mchp_coreqspi_exec_op(struct spi_mem *mem, const struct spi_mem_op *o
static bool mchp_coreqspi_supports_op(struct spi_mem *mem, const struct spi_mem_op *op)
{
- struct mchp_coreqspi *qspi = spi_controller_get_devdata(mem->spi->controller);
- unsigned long clk_hz;
- u32 baud_rate_val;
-
if (!spi_mem_default_supports_op(mem, op))
return false;
@@ -557,14 +553,6 @@ static bool mchp_coreqspi_supports_op(struct spi_mem *mem, const struct spi_mem_
return false;
}
- clk_hz = clk_get_rate(qspi->clk);
- if (!clk_hz)
- return false;
-
- baud_rate_val = DIV_ROUND_UP(clk_hz, 2 * op->max_freq);
- if (baud_rate_val > MAX_DIVIDER || baud_rate_val < MIN_DIVIDER)
- return false;
-
return true;
}
--
2.47.2
2 weeks, 2 days
- 2
- 2
[PATCH] PM: EM: Fix late boot with holes in CPU topology
by Christian Loehle
commit e3f1164fc9ee ("PM: EM: Support late CPUs booting and capacity
adjustment") added a mechanism to handle CPUs that come up late by
retrying when any of the `cpufreq_cpu_get()` call fails.
However, if there are holes in the CPU topology (offline CPUs, e.g.
nosmt), the first missing CPU causes the loop to break, preventing
subsequent online CPUs from being updated.
Instead of aborting on the first missing CPU policy, loop through all
and retry if any were missing.
Fixes: e3f1164fc9ee ("PM: EM: Support late CPUs booting and capacity adjustment")
Suggested-by: Kenneth Crudup <kenneth.crudup(a)gmail.com>
Reported-by: Kenneth Crudup <kenneth.crudup(a)gmail.com>
Closes: https://lore.kernel.org/linux-pm/40212796-734c-4140-8a85-854f72b8144d@panix…
Cc: stable(a)vger.kernel.org
Signed-off-by: Christian Loehle <christian.loehle(a)arm.com>
---
kernel/power/energy_model.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/kernel/power/energy_model.c b/kernel/power/energy_model.c
index ea7995a25780..b63c2afc1379 100644
--- a/kernel/power/energy_model.c
+++ b/kernel/power/energy_model.c
@@ -778,7 +778,7 @@ void em_adjust_cpu_capacity(unsigned int cpu)
static void em_check_capacity_update(void)
{
cpumask_var_t cpu_done_mask;
- int cpu;
+ int cpu, failed_cpus = 0;
if (!zalloc_cpumask_var(&cpu_done_mask, GFP_KERNEL)) {
pr_warn("no free memory\n");
@@ -796,10 +796,8 @@ static void em_check_capacity_update(void)
policy = cpufreq_cpu_get(cpu);
if (!policy) {
- pr_debug("Accessing cpu%d policy failed\n", cpu);
- schedule_delayed_work(&em_update_work,
- msecs_to_jiffies(1000));
- break;
+ failed_cpus++;
+ continue;
}
cpufreq_cpu_put(policy);
@@ -814,6 +812,11 @@ static void em_check_capacity_update(void)
em_adjust_new_capacity(cpu, dev, pd);
}
+ if (failed_cpus) {
+ pr_debug("Accessing %d policies failed, retrying\n", failed_cpus);
+ schedule_delayed_work(&em_update_work, msecs_to_jiffies(1000));
+ }
+
free_cpumask_var(cpu_done_mask);
}
--
2.34.1
2 weeks, 2 days
- 2
- 5
[PATCH v3] mm: memory-tiering: fix PGPROMOTE_CANDIDATE counting
by Ruan Shiyang
Goto-san reported confusing pgpromote statistics where the
pgpromote_success count significantly exceeded pgpromote_candidate.
On a system with three nodes (nodes 0-1: DRAM 4GB, node 2: NVDIMM 4GB):
# Enable demotion only
echo 1 > /sys/kernel/mm/numa/demotion_enabled
numactl -m 0-1 memhog -r200 3500M >/dev/null &
pid=$!
sleep 2
numactl memhog -r100 2500M >/dev/null &
sleep 10
kill -9 $pid # terminate the 1st memhog
# Enable promotion
echo 2 > /proc/sys/kernel/numa_balancing
After a few seconds, we observeed `pgpromote_candidate < pgpromote_success`
$ grep -e pgpromote /proc/vmstat
pgpromote_success 2579
pgpromote_candidate 0
In this scenario, after terminating the first memhog, the conditions for
pgdat_free_space_enough() are quickly met, and triggers promotion.
However, these migrated pages are only counted for in PGPROMOTE_SUCCESS,
not in PGPROMOTE_CANDIDATE.
To solve these confusing statistics, introduce PGPROMOTE_CANDIDATE_NRL to
count the missed promotion pages. And also, not counting these pages into
PGPROMOTE_CANDIDATE is to avoid changing the existing algorithm or
performance of the promotion rate limit.
Link: https://lkml.kernel.org/r/20250729035101.1601407-1-ruansy.fnst@fujitsu.com
Co-developed-by: Li Zhijian <lizhijian(a)fujitsu.com>
Signed-off-by: Li Zhijian <lizhijian(a)fujitsu.com>
Signed-off-by: Ruan Shiyang <ruansy.fnst(a)fujitsu.com>
Reported-by: Yasunori Gotou (Fujitsu) <y-goto(a)fujitsu.com>
Suggested-by: Huang Ying <ying.huang(a)linux.alibaba.com>
Acked-by: Vlastimil Babka <vbabka(a)suse.cz>
Cc: Ingo Molnar <mingo(a)redhat.com>
Cc: Peter Zijlstra <peterz(a)infradead.org>
Cc: Juri Lelli <juri.lelli(a)redhat.com>
Cc: Vincent Guittot <vincent.guittot(a)linaro.org>
Cc: Dietmar Eggemann <dietmar.eggemann(a)arm.com>
Cc: Steven Rostedt <rostedt(a)goodmis.org>
Cc: Ben Segall <bsegall(a)google.com>
Cc: Mel Gorman <mgorman(a)suse.de>
Cc: Valentin Schneider <vschneid(a)redhat.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
Changes since v2:
1. add 'Co-developed-by: Li Zhijian' followed by 'Signed-off-by' per Vlastimil.
---
include/linux/mmzone.h | 16 +++++++++++++++-
kernel/sched/fair.c | 5 +++--
mm/vmstat.c | 1 +
3 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/include/linux/mmzone.h b/include/linux/mmzone.h
index 0c5da9141983..9d3ea9085556 100644
--- a/include/linux/mmzone.h
+++ b/include/linux/mmzone.h
@@ -234,7 +234,21 @@ enum node_stat_item {
#endif
#ifdef CONFIG_NUMA_BALANCING
PGPROMOTE_SUCCESS, /* promote successfully */
- PGPROMOTE_CANDIDATE, /* candidate pages to promote */
+ /**
+ * Candidate pages for promotion based on hint fault latency. This
+ * counter is used to control the promotion rate and adjust the hot
+ * threshold.
+ */
+ PGPROMOTE_CANDIDATE,
+ /**
+ * Not rate-limited (NRL) candidate pages for those can be promoted
+ * without considering hot threshold because of enough free pages in
+ * fast-tier node. These promotions bypass the regular hotness checks
+ * and do NOT influence the promotion rate-limiter or
+ * threshold-adjustment logic.
+ * This is for statistics/monitoring purposes.
+ */
+ PGPROMOTE_CANDIDATE_NRL,
#endif
/* PGDEMOTE_*: pages demoted */
PGDEMOTE_KSWAPD,
diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c
index b173a059315c..82c8d804c54c 100644
--- a/kernel/sched/fair.c
+++ b/kernel/sched/fair.c
@@ -1923,11 +1923,13 @@ bool should_numa_migrate_memory(struct task_struct *p, struct folio *folio,
struct pglist_data *pgdat;
unsigned long rate_limit;
unsigned int latency, th, def_th;
+ long nr = folio_nr_pages(folio);
pgdat = NODE_DATA(dst_nid);
if (pgdat_free_space_enough(pgdat)) {
/* workload changed, reset hot threshold */
pgdat->nbp_threshold = 0;
+ mod_node_page_state(pgdat, PGPROMOTE_CANDIDATE_NRL, nr);
return true;
}
@@ -1941,8 +1943,7 @@ bool should_numa_migrate_memory(struct task_struct *p, struct folio *folio,
if (latency >= th)
return false;
- return !numa_promotion_rate_limit(pgdat, rate_limit,
- folio_nr_pages(folio));
+ return !numa_promotion_rate_limit(pgdat, rate_limit, nr);
}
this_cpupid = cpu_pid_to_cpupid(dst_cpu, current->pid);
diff --git a/mm/vmstat.c b/mm/vmstat.c
index 71cd1ceba191..e74f0b2a1021 100644
--- a/mm/vmstat.c
+++ b/mm/vmstat.c
@@ -1280,6 +1280,7 @@ const char * const vmstat_text[] = {
#ifdef CONFIG_NUMA_BALANCING
[I(PGPROMOTE_SUCCESS)] = "pgpromote_success",
[I(PGPROMOTE_CANDIDATE)] = "pgpromote_candidate",
+ [I(PGPROMOTE_CANDIDATE_NRL)] = "pgpromote_candidate_nrl",
#endif
[I(PGDEMOTE_KSWAPD)] = "pgdemote_kswapd",
[I(PGDEMOTE_DIRECT)] = "pgdemote_direct",
--
2.43.0
2 weeks, 2 days
- 4
- 4
[PATCH net 1/1] batman-adv: fix OOB read/write in network-coding decode
by Simon Wunderlich
From: Stanislav Fort <stanislav.fort(a)aisle.com>
batadv_nc_skb_decode_packet() trusts coded_len and checks only against
skb->len. XOR starts at sizeof(struct batadv_unicast_packet), reducing
payload headroom, and the source skb length is not verified, allowing an
out-of-bounds read and a small out-of-bounds write.
Validate that coded_len fits within the payload area of both destination
and source sk_buffs before XORing.
Fixes: 2df5278b0267 ("batman-adv: network coding - receive coded packets and decode them")
Cc: stable(a)vger.kernel.org
Reported-by: Stanislav Fort <disclosure(a)aisle.com>
Signed-off-by: Stanislav Fort <stanislav.fort(a)aisle.com>
Signed-off-by: Sven Eckelmann <sven(a)narfation.org>
Signed-off-by: Simon Wunderlich <sw(a)simonwunderlich.de>
---
net/batman-adv/network-coding.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/net/batman-adv/network-coding.c b/net/batman-adv/network-coding.c
index 9f56308779cc3..af97d077369f9 100644
--- a/net/batman-adv/network-coding.c
+++ b/net/batman-adv/network-coding.c
@@ -1687,7 +1687,12 @@ batadv_nc_skb_decode_packet(struct batadv_priv *bat_priv, struct sk_buff *skb,
coding_len = ntohs(coded_packet_tmp.coded_len);
- if (coding_len > skb->len)
+ /* ensure dst buffer is large enough (payload only) */
+ if (coding_len + h_size > skb->len)
+ return NULL;
+
+ /* ensure src buffer is large enough (payload only) */
+ if (coding_len + h_size > nc_packet->skb->len)
return NULL;
/* Here the magic is reversed:
--
2.47.2
2 weeks, 2 days
- 2
- 1
[PATCH] KVM: arm64: nested: Fix VA sign extension in VNCR/TLBI paths
by Gyujeong Jin
From: gyutrange <wlsrbwjd643(a)naver.com>
VNCR/TLBI VA reconstruction currently uses bit 48 as the sign bit,
but for 48-bit virtual addresses the correct sign bit is bit 47.
Using 48 can mis-canonicalize addresses in the negative half and may
cause missed invalidations.
Although VNCR_EL2 encodes other architectural fields (RESS, BADDR;
see Arm ARM D24.2.206), sign_extend64() interprets its second argument
as the index of the sign bit. Passing 48 prevents propagation of the
canonical sign bit for 48-bit VAs.
Impact:
- Incorrect canonicalization of VAs with bit47=1
- Potential stale VNCR pseudo-TLB entries after TLBI or MMU notifier
- Possible incorrect translation/permissions or DoS when combined
with other issues
Fixes: 667304740537 ("KVM: arm64: Mask out non-VA bits from TLBI VA* on VNCR invalidation")
Cc: stable(a)vger.kernel.org
Reported-by: DongHa Lee <gap-dev(a)example.com>
Reported-by: Gyujeong Jin <wlsrbwjd7232(a)gmail.com>
Reported-by: Daehyeon Ko <4ncient(a)example.com>
Reported-by: Geonha Lee <leegn4a(a)example.com>
Reported-by: Hyungyu Oh <dqpc_lover(a)example.com>
Reported-by: Jaewon Yang <r4mbb1(a)example.com>
Signed-off-by: Gyujeong Jin <wlsrbwjd7232(a)gmail.com>
---
arch/arm64/kvm/nested.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm64/kvm/nested.c b/arch/arm64/kvm/nested.c
index 77db81bae86f..eaa6dd9da086 100644
--- a/arch/arm64/kvm/nested.c
+++ b/arch/arm64/kvm/nested.c
@@ -1169,7 +1169,7 @@ int kvm_vcpu_allocate_vncr_tlb(struct kvm_vcpu *vcpu)
static u64 read_vncr_el2(struct kvm_vcpu *vcpu)
{
- return (u64)sign_extend64(__vcpu_sys_reg(vcpu, VNCR_EL2), 48);
+ return (u64)sign_extend64(__vcpu_sys_reg(vcpu, VNCR_EL2), 47);
}
static int kvm_translate_vncr(struct kvm_vcpu *vcpu)
--
2.43.0
2 weeks, 2 days
- 3
- 3
[PATCH v2] arm64: dts: qcom: sm8450: Fix address for usb controller node
by Krishna Kurapati
Correct the address in usb controller node to fix the following warning:
Warning (simple_bus_reg): /soc@0/usb@a6f8800: simple-bus unit address
format error, expected "a600000"
Fixes: c5a87e3a6b3e ("arm64: dts: qcom: sm8450: Flatten usb controller node")
Cc: stable(a)vger.kernel.org
Reported-by: kernel test robot <lkp(a)intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202508121834.953Mvah2-lkp@intel.com/
Signed-off-by: Krishna Kurapati <krishna.kurapati(a)oss.qualcomm.com>
---
This change was tested with W=1 and the reported issue is not seen.
Also didn't add RB Tag received from Neil Armstrong since there is a
change in commit text. This change is based on top of latest linux next.
Changes in v2:
Fixed the fixes tag.
Link to v1:
https://lore.kernel.org/all/20250813063840.2158792-1-krishna.kurapati@oss.q…
arch/arm64/boot/dts/qcom/sm8450.dtsi | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm64/boot/dts/qcom/sm8450.dtsi b/arch/arm64/boot/dts/qcom/sm8450.dtsi
index 2baef6869ed7..38c91c3ec787 100644
--- a/arch/arm64/boot/dts/qcom/sm8450.dtsi
+++ b/arch/arm64/boot/dts/qcom/sm8450.dtsi
@@ -5417,7 +5417,7 @@ opp-202000000 {
};
};
- usb_1: usb@a6f8800 {
+ usb_1: usb@a600000 {
compatible = "qcom,sm8450-dwc3", "qcom,snps-dwc3";
reg = <0 0x0a600000 0 0xfc100>;
status = "disabled";
--
2.34.1
2 weeks, 2 days
- 4
- 3
[PATCH v5 2/2] drm/buddy: Separate clear and dirty free block trees
by Arunpravin Paneer Selvam
Maintain two separate RB trees per order - one for clear (zeroed) blocks
and another for dirty (uncleared) blocks. This separation improves
code clarity and makes it more obvious which tree is being searched
during allocation. It also improves scalability and efficiency when
searching for a specific type of block, avoiding unnecessary checks
and making the allocator more predictable under fragmentation.
The changes have been validated using the existing drm_buddy_test
KUnit test cases, along with selected graphics workloads,
to ensure correctness and avoid regressions.
v2: Missed adding the suggested-by tag. Added it in v2.
v3(Matthew):
- Remove the double underscores from the internal functions.
- Rename the internal functions to have less generic names.
- Fix the error handling code.
- Pass tree argument for the tree macro.
- Use the existing dirty/free bit instead of new tree field.
- Make free_trees[] instead of clear_tree and dirty_tree for
more cleaner approach.
v4:
- A bug was reported by Intel CI and it is fixed by
Matthew Auld.
- Replace the get_root function with
&mm->free_trees[tree][order] (Matthew)
- Remove the unnecessary rbtree_is_empty() check (Matthew)
- Remove the unnecessary get_tree_for_flags() function.
- Rename get_tree_for_block() name with get_block_tree() for more
clarity.
v5(Jani Nikula):
- Don't use static inline in .c files.
- enum free_tree and enumerator names are quite generic for a header
and usage and the whole enum should be an implementation detail.
Signed-off-by: Arunpravin Paneer Selvam <Arunpravin.PaneerSelvam(a)amd.com>
Suggested-by: Matthew Auld <matthew.auld(a)intel.com>
Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/4260
---
drivers/gpu/drm/drm_buddy.c | 336 +++++++++++++++++++++---------------
include/drm/drm_buddy.h | 2 +-
2 files changed, 201 insertions(+), 137 deletions(-)
diff --git a/drivers/gpu/drm/drm_buddy.c b/drivers/gpu/drm/drm_buddy.c
index 978cabfbcf0f..4f96e2e17d08 100644
--- a/drivers/gpu/drm/drm_buddy.c
+++ b/drivers/gpu/drm/drm_buddy.c
@@ -12,8 +12,17 @@
#include <drm/drm_buddy.h>
+enum drm_buddy_free_tree {
+ DRM_BUDDY_CLEAR_TREE = 0,
+ DRM_BUDDY_DIRTY_TREE,
+ DRM_BUDDY_MAX_FREE_TREES,
+};
+
static struct kmem_cache *slab_blocks;
+#define for_each_free_tree(tree) \
+ for ((tree) = 0; (tree) < DRM_BUDDY_MAX_FREE_TREES; (tree)++)
+
static struct drm_buddy_block *drm_block_alloc(struct drm_buddy *mm,
struct drm_buddy_block *parent,
unsigned int order,
@@ -43,22 +52,61 @@ static void drm_block_free(struct drm_buddy *mm,
kmem_cache_free(slab_blocks, block);
}
+static enum drm_buddy_free_tree
+get_block_tree(struct drm_buddy_block *block)
+{
+ return drm_buddy_block_is_clear(block) ?
+ DRM_BUDDY_CLEAR_TREE : DRM_BUDDY_DIRTY_TREE;
+}
+
+static struct drm_buddy_block *
+rbtree_get_free_block(struct rb_node *node)
+{
+ return node ? rb_entry(node, struct drm_buddy_block, rb) : NULL;
+}
+
+static struct drm_buddy_block *
+rbtree_prev_free_block(struct rb_node *node)
+{
+ return rbtree_get_free_block(rb_prev(node));
+}
+
+static struct drm_buddy_block *
+rbtree_first_free_block(struct rb_root *root)
+{
+ return rbtree_get_free_block(rb_first(root));
+}
+
+static struct drm_buddy_block *
+rbtree_last_free_block(struct rb_root *root)
+{
+ return rbtree_get_free_block(rb_last(root));
+}
+
+static bool rbtree_is_empty(struct rb_root *root)
+{
+ return RB_EMPTY_ROOT(root);
+}
+
static void rbtree_insert(struct drm_buddy *mm,
- struct drm_buddy_block *block)
+ struct drm_buddy_block *block,
+ enum drm_buddy_free_tree tree)
{
- struct rb_root *root = &mm->free_tree[drm_buddy_block_order(block)];
- struct rb_node **link = &root->rb_node;
- struct rb_node *parent = NULL;
+ struct rb_node **link, *parent = NULL;
struct drm_buddy_block *node;
- u64 offset;
+ struct rb_root *root;
+ unsigned int order;
- offset = drm_buddy_block_offset(block);
+ order = drm_buddy_block_order(block);
+
+ root = &mm->free_trees[tree][order];
+ link = &root->rb_node;
while (*link) {
parent = *link;
- node = rb_entry(parent, struct drm_buddy_block, rb);
+ node = rbtree_get_free_block(parent);
- if (offset < drm_buddy_block_offset(node))
+ if (drm_buddy_block_offset(block) < drm_buddy_block_offset(node))
link = &parent->rb_left;
else
link = &parent->rb_right;
@@ -71,27 +119,17 @@ static void rbtree_insert(struct drm_buddy *mm,
static void rbtree_remove(struct drm_buddy *mm,
struct drm_buddy_block *block)
{
+ unsigned int order = drm_buddy_block_order(block);
struct rb_root *root;
+ enum drm_buddy_free_tree tree;
- root = &mm->free_tree[drm_buddy_block_order(block)];
- rb_erase(&block->rb, root);
+ tree = get_block_tree(block);
+ root = &mm->free_trees[tree][order];
+ rb_erase(&block->rb, root);
RB_CLEAR_NODE(&block->rb);
}
-static inline struct drm_buddy_block *
-rbtree_last_entry(struct drm_buddy *mm, unsigned int order)
-{
- struct rb_node *node = rb_last(&mm->free_tree[order]);
-
- return node ? rb_entry(node, struct drm_buddy_block, rb) : NULL;
-}
-
-static bool rbtree_is_empty(struct drm_buddy *mm, unsigned int order)
-{
- return RB_EMPTY_ROOT(&mm->free_tree[order]);
-}
-
static void clear_reset(struct drm_buddy_block *block)
{
block->header &= ~DRM_BUDDY_HEADER_CLEAR;
@@ -114,10 +152,13 @@ static void mark_allocated(struct drm_buddy *mm,
static void mark_free(struct drm_buddy *mm,
struct drm_buddy_block *block)
{
+ enum drm_buddy_free_tree tree;
+
block->header &= ~DRM_BUDDY_HEADER_STATE;
block->header |= DRM_BUDDY_FREE;
- rbtree_insert(mm, block);
+ tree = get_block_tree(block);
+ rbtree_insert(mm, block, tree);
}
static void mark_split(struct drm_buddy *mm,
@@ -203,6 +244,7 @@ static int __force_merge(struct drm_buddy *mm,
u64 end,
unsigned int min_order)
{
+ enum drm_buddy_free_tree tree;
unsigned int order;
int i;
@@ -212,50 +254,49 @@ static int __force_merge(struct drm_buddy *mm,
if (min_order > mm->max_order)
return -EINVAL;
- for (i = min_order - 1; i >= 0; i--) {
- struct drm_buddy_block *block, *prev_block, *first_block;
+ for_each_free_tree(tree) {
+ for (i = min_order - 1; i >= 0; i--) {
+ struct rb_root *root = &mm->free_trees[tree][i];
+ struct drm_buddy_block *block, *prev_block;
- first_block = rb_entry(rb_first(&mm->free_tree[i]), struct drm_buddy_block, rb);
+ rbtree_reverse_for_each_entry_safe(block, prev_block, root, rb) {
+ struct drm_buddy_block *buddy;
+ u64 block_start, block_end;
- rbtree_reverse_for_each_entry_safe(block, prev_block, &mm->free_tree[i], rb) {
- struct drm_buddy_block *buddy;
- u64 block_start, block_end;
-
- if (!block->parent)
- continue;
+ if (!block->parent)
+ continue;
- block_start = drm_buddy_block_offset(block);
- block_end = block_start + drm_buddy_block_size(mm, block) - 1;
+ block_start = drm_buddy_block_offset(block);
+ block_end = block_start + drm_buddy_block_size(mm, block) - 1;
- if (!contains(start, end, block_start, block_end))
- continue;
+ if (!contains(start, end, block_start, block_end))
+ continue;
- buddy = __get_buddy(block);
- if (!drm_buddy_block_is_free(buddy))
- continue;
+ buddy = __get_buddy(block);
+ if (!drm_buddy_block_is_free(buddy))
+ continue;
- WARN_ON(drm_buddy_block_is_clear(block) ==
- drm_buddy_block_is_clear(buddy));
+ WARN_ON(drm_buddy_block_is_clear(block) ==
+ drm_buddy_block_is_clear(buddy));
- /*
- * If the prev block is same as buddy, don't access the
- * block in the next iteration as we would free the
- * buddy block as part of the free function.
- */
- if (prev_block && prev_block == buddy) {
- if (prev_block != first_block)
- prev_block = rb_entry(rb_prev(&prev_block->rb),
- struct drm_buddy_block,
- rb);
- }
+ /*
+ * If the prev block is same as buddy, don't access the
+ * block in the next iteration as we would free the
+ * buddy block as part of the free function.
+ */
+ if (prev_block && prev_block == buddy) {
+ if (prev_block != rbtree_first_free_block(root))
+ prev_block = rbtree_prev_free_block(&prev_block->rb);
+ }
- rbtree_remove(mm, block);
- if (drm_buddy_block_is_clear(block))
- mm->clear_avail -= drm_buddy_block_size(mm, block);
+ rbtree_remove(mm, block);
+ if (drm_buddy_block_is_clear(block))
+ mm->clear_avail -= drm_buddy_block_size(mm, block);
- order = __drm_buddy_free(mm, block, true);
- if (order >= min_order)
- return 0;
+ order = __drm_buddy_free(mm, block, true);
+ if (order >= min_order)
+ return 0;
+ }
}
}
@@ -276,7 +317,7 @@ static int __force_merge(struct drm_buddy *mm,
*/
int drm_buddy_init(struct drm_buddy *mm, u64 size, u64 chunk_size)
{
- unsigned int i;
+ unsigned int i, j;
u64 offset;
if (size < chunk_size)
@@ -298,14 +339,22 @@ int drm_buddy_init(struct drm_buddy *mm, u64 size, u64 chunk_size)
BUG_ON(mm->max_order > DRM_BUDDY_MAX_ORDER);
- mm->free_tree = kmalloc_array(mm->max_order + 1,
- sizeof(struct rb_root),
- GFP_KERNEL);
- if (!mm->free_tree)
+ mm->free_trees = kmalloc_array(DRM_BUDDY_MAX_FREE_TREES,
+ sizeof(*mm->free_trees),
+ GFP_KERNEL);
+ if (!mm->free_trees)
return -ENOMEM;
- for (i = 0; i <= mm->max_order; ++i)
- mm->free_tree[i] = RB_ROOT;
+ for (i = 0; i < DRM_BUDDY_MAX_FREE_TREES; i++) {
+ mm->free_trees[i] = kmalloc_array(mm->max_order + 1,
+ sizeof(struct rb_root),
+ GFP_KERNEL);
+ if (!mm->free_trees[i])
+ goto out_free_tree;
+
+ for (j = 0; j <= mm->max_order; ++j)
+ mm->free_trees[i][j] = RB_ROOT;
+ }
mm->n_roots = hweight64(size);
@@ -353,7 +402,9 @@ int drm_buddy_init(struct drm_buddy *mm, u64 size, u64 chunk_size)
drm_block_free(mm, mm->roots[i]);
kfree(mm->roots);
out_free_tree:
- kfree(mm->free_tree);
+ while (i--)
+ kfree(mm->free_trees[i]);
+ kfree(mm->free_trees);
return -ENOMEM;
}
EXPORT_SYMBOL(drm_buddy_init);
@@ -389,8 +440,9 @@ void drm_buddy_fini(struct drm_buddy *mm)
WARN_ON(mm->avail != mm->size);
+ for (i = 0; i < DRM_BUDDY_MAX_FREE_TREES; i++)
+ kfree(mm->free_trees[i]);
kfree(mm->roots);
- kfree(mm->free_tree);
}
EXPORT_SYMBOL(drm_buddy_fini);
@@ -414,8 +466,7 @@ static int split_block(struct drm_buddy *mm,
return -ENOMEM;
}
- mark_free(mm, block->left);
- mark_free(mm, block->right);
+ mark_split(mm, block);
if (drm_buddy_block_is_clear(block)) {
mark_cleared(block->left);
@@ -423,7 +474,8 @@ static int split_block(struct drm_buddy *mm,
clear_reset(block);
}
- mark_split(mm, block);
+ mark_free(mm, block->left);
+ mark_free(mm, block->right);
return 0;
}
@@ -456,6 +508,7 @@ EXPORT_SYMBOL(drm_get_buddy);
*/
void drm_buddy_reset_clear(struct drm_buddy *mm, bool is_clear)
{
+ enum drm_buddy_free_tree src_tree, dst_tree;
u64 root_size, size, start;
unsigned int order;
int i;
@@ -470,19 +523,24 @@ void drm_buddy_reset_clear(struct drm_buddy *mm, bool is_clear)
size -= root_size;
}
+ src_tree = is_clear ? DRM_BUDDY_DIRTY_TREE : DRM_BUDDY_CLEAR_TREE;
+ dst_tree = is_clear ? DRM_BUDDY_CLEAR_TREE : DRM_BUDDY_DIRTY_TREE;
+
for (i = 0; i <= mm->max_order; ++i) {
+ struct rb_root *root = &mm->free_trees[src_tree][i];
struct drm_buddy_block *block;
- rbtree_reverse_for_each_entry(block, &mm->free_tree[i], rb) {
- if (is_clear != drm_buddy_block_is_clear(block)) {
- if (is_clear) {
- mark_cleared(block);
- mm->clear_avail += drm_buddy_block_size(mm, block);
- } else {
- clear_reset(block);
- mm->clear_avail -= drm_buddy_block_size(mm, block);
- }
+ rbtree_reverse_for_each_entry(block, root, rb) {
+ rbtree_remove(mm, block);
+ if (is_clear) {
+ mark_cleared(block);
+ mm->clear_avail += drm_buddy_block_size(mm, block);
+ } else {
+ clear_reset(block);
+ mm->clear_avail -= drm_buddy_block_size(mm, block);
}
+
+ rbtree_insert(mm, block, dst_tree);
}
}
}
@@ -672,23 +730,17 @@ __drm_buddy_alloc_range_bias(struct drm_buddy *mm,
}
static struct drm_buddy_block *
-get_maxblock(struct drm_buddy *mm, unsigned int order,
- unsigned long flags)
+get_maxblock(struct drm_buddy *mm,
+ unsigned int order,
+ enum drm_buddy_free_tree tree)
{
struct drm_buddy_block *max_block = NULL, *block = NULL;
+ struct rb_root *root;
unsigned int i;
for (i = order; i <= mm->max_order; ++i) {
- struct drm_buddy_block *tmp_block;
-
- rbtree_reverse_for_each_entry(tmp_block, &mm->free_tree[i], rb) {
- if (block_incompatible(tmp_block, flags))
- continue;
-
- block = tmp_block;
- break;
- }
-
+ root = &mm->free_trees[tree][i];
+ block = rbtree_last_free_block(root);
if (!block)
continue;
@@ -712,39 +764,39 @@ alloc_from_freetree(struct drm_buddy *mm,
unsigned long flags)
{
struct drm_buddy_block *block = NULL;
+ struct rb_root *root;
+ enum drm_buddy_free_tree tree;
unsigned int tmp;
int err;
+ tree = (flags & DRM_BUDDY_CLEAR_ALLOCATION) ?
+ DRM_BUDDY_CLEAR_TREE : DRM_BUDDY_DIRTY_TREE;
+
if (flags & DRM_BUDDY_TOPDOWN_ALLOCATION) {
- block = get_maxblock(mm, order, flags);
+ block = get_maxblock(mm, order, tree);
if (block)
/* Store the obtained block order */
tmp = drm_buddy_block_order(block);
} else {
for (tmp = order; tmp <= mm->max_order; ++tmp) {
- struct drm_buddy_block *tmp_block;
-
- rbtree_reverse_for_each_entry(tmp_block, &mm->free_tree[tmp], rb) {
- if (block_incompatible(tmp_block, flags))
- continue;
-
- block = tmp_block;
- break;
- }
-
+ /* Get RB tree root for this order and tree */
+ root = &mm->free_trees[tree][tmp];
+ block = rbtree_last_free_block(root);
if (block)
break;
}
}
if (!block) {
- /* Fallback method */
+ /* Try allocating from the other tree */
+ tree = (tree == DRM_BUDDY_CLEAR_TREE) ?
+ DRM_BUDDY_DIRTY_TREE : DRM_BUDDY_CLEAR_TREE;
+
for (tmp = order; tmp <= mm->max_order; ++tmp) {
- if (!rbtree_is_empty(mm, tmp)) {
- block = rbtree_last_entry(mm, tmp);
- if (block)
- break;
- }
+ root = &mm->free_trees[tree][tmp];
+ block = rbtree_last_free_block(root);
+ if (block)
+ break;
}
if (!block)
@@ -888,6 +940,7 @@ static int __alloc_contig_try_harder(struct drm_buddy *mm,
u64 rhs_offset, lhs_offset, lhs_size, filled;
struct drm_buddy_block *block;
LIST_HEAD(blocks_lhs);
+ enum drm_buddy_free_tree tree;
unsigned long pages;
unsigned int order;
u64 modify_size;
@@ -899,34 +952,39 @@ static int __alloc_contig_try_harder(struct drm_buddy *mm,
if (order == 0)
return -ENOSPC;
- if (rbtree_is_empty(mm, order))
+ if (rbtree_is_empty(&mm->free_trees[DRM_BUDDY_CLEAR_TREE][order]) &&
+ rbtree_is_empty(&mm->free_trees[DRM_BUDDY_DIRTY_TREE][order]))
return -ENOSPC;
- rbtree_reverse_for_each_entry(block, &mm->free_tree[order], rb) {
- /* Allocate blocks traversing RHS */
- rhs_offset = drm_buddy_block_offset(block);
- err = __drm_buddy_alloc_range(mm, rhs_offset, size,
- &filled, blocks);
- if (!err || err != -ENOSPC)
- return err;
-
- lhs_size = max((size - filled), min_block_size);
- if (!IS_ALIGNED(lhs_size, min_block_size))
- lhs_size = round_up(lhs_size, min_block_size);
-
- /* Allocate blocks traversing LHS */
- lhs_offset = drm_buddy_block_offset(block) - lhs_size;
- err = __drm_buddy_alloc_range(mm, lhs_offset, lhs_size,
- NULL, &blocks_lhs);
- if (!err) {
- list_splice(&blocks_lhs, blocks);
- return 0;
- } else if (err != -ENOSPC) {
+ for_each_free_tree(tree) {
+ struct rb_root *root = &mm->free_trees[tree][order];
+
+ rbtree_reverse_for_each_entry(block, root, rb) {
+ /* Allocate blocks traversing RHS */
+ rhs_offset = drm_buddy_block_offset(block);
+ err = __drm_buddy_alloc_range(mm, rhs_offset, size,
+ &filled, blocks);
+ if (!err || err != -ENOSPC)
+ return err;
+
+ lhs_size = max((size - filled), min_block_size);
+ if (!IS_ALIGNED(lhs_size, min_block_size))
+ lhs_size = round_up(lhs_size, min_block_size);
+
+ /* Allocate blocks traversing LHS */
+ lhs_offset = drm_buddy_block_offset(block) - lhs_size;
+ err = __drm_buddy_alloc_range(mm, lhs_offset, lhs_size,
+ NULL, &blocks_lhs);
+ if (!err) {
+ list_splice(&blocks_lhs, blocks);
+ return 0;
+ } else if (err != -ENOSPC) {
+ drm_buddy_free_list_internal(mm, blocks);
+ return err;
+ }
+ /* Free blocks for the next iteration */
drm_buddy_free_list_internal(mm, blocks);
- return err;
}
- /* Free blocks for the next iteration */
- drm_buddy_free_list_internal(mm, blocks);
}
return -ENOSPC;
@@ -1231,6 +1289,7 @@ EXPORT_SYMBOL(drm_buddy_block_print);
*/
void drm_buddy_print(struct drm_buddy *mm, struct drm_printer *p)
{
+ enum drm_buddy_free_tree tree;
int order;
drm_printf(p, "chunk_size: %lluKiB, total: %lluMiB, free: %lluMiB, clear_free: %lluMiB\n",
@@ -1238,11 +1297,16 @@ void drm_buddy_print(struct drm_buddy *mm, struct drm_printer *p)
for (order = mm->max_order; order >= 0; order--) {
struct drm_buddy_block *block;
+ struct rb_root *root;
u64 count = 0, free;
- rbtree_for_each_entry(block, &mm->free_tree[order], rb) {
- BUG_ON(!drm_buddy_block_is_free(block));
- count++;
+ for_each_free_tree(tree) {
+ root = &mm->free_trees[tree][order];
+
+ rbtree_for_each_entry(block, root, rb) {
+ BUG_ON(!drm_buddy_block_is_free(block));
+ count++;
+ }
}
drm_printf(p, "order-%2d ", order);
diff --git a/include/drm/drm_buddy.h b/include/drm/drm_buddy.h
index 091823592034..a2189a92bb7a 100644
--- a/include/drm/drm_buddy.h
+++ b/include/drm/drm_buddy.h
@@ -73,7 +73,7 @@ struct drm_buddy_block {
*/
struct drm_buddy {
/* Maintain a free list for each order. */
- struct rb_root *free_tree;
+ struct rb_root **free_trees;
/*
* Maintain explicit binary tree(s) to track the allocation of the
--
2.34.1
2 weeks, 2 days
- 2
- 1
[PATCH v3 0/2] i2c: pxa: fix I2C communication on Armada 3700
by Gabor Juhos
There is a long standing bug which causes I2C communication not to
work on the Armada 3700 based boards. The first patch in the series
fixes that regression. The second patch improves recovery to make it
more robust which helps to avoid communication problems with certain
SFP modules.
Signed-off-by: Gabor Juhos <j4g8y7(a)gmail.com>
---
Changes in v3:
- rebase on tip of i2c/for-current
- remove Imre's tag from the cover letter, and replace his SoB tag to
Reviewed-by in the individual patches
- rework the second patch so it does not need changes in the I2C core code,
and drop the first one as it is not needed now
- Link to v2: https://lore.kernel.org/r/20250811-i2c-pxa-fix-i2c-communication-v2-0-ca42e…
Changes in v2:
- collect offered tags
- rebase and retest on tip of i2c/for-current
- Link to v1: https://lore.kernel.org/r/20250511-i2c-pxa-fix-i2c-communication-v1-0-e9097…
---
Gabor Juhos (2):
i2c: pxa: defer reset on Armada 3700 when recovery is used
i2c: pxa: handle 'Early Bus Busy' condition on Armada 3700
drivers/i2c/busses/i2c-pxa.c | 35 ++++++++++++++++++++++++++++-------
1 file changed, 28 insertions(+), 7 deletions(-)
---
base-commit: 3dd22078026c7cad4d4a3f32c5dc5452c7180de8
change-id: 20250510-i2c-pxa-fix-i2c-communication-3e6de1e3d0c6
Best regards,
--
Gabor Juhos <j4g8y7(a)gmail.com>
2 weeks, 2 days
- 2
- 8
[PATCH] PCI: j721e: Fix module autoloading
by Siddharth Vadapalli
Commit under Fixes added support to build the driver as a loadable
module. However, it did not add MODULE_DEVICE_TABLE() which is required
for autoloading the driver when it is built as a loadable module.
Fix it.
Fixes: a2790bf81f0f ("PCI: j721e: Add support to build as a loadable module")
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Siddharth Vadapalli <s-vadapalli(a)ti.com>
---
Hello,
This patch is based on commit
b320789d6883 Linux 6.17-rc4
of Mainline Linux.
Patch has been tested on J7200-EVM with the driver configs set to 'm'.
The pci-j721e.c driver is autoloaded as Linux boots and it doesn't need
to be manually probed. Logs:
https://gist.github.com/Siddharth-Vadapalli-at-TI/f64eed4df6fd4f714747b3c7e…
Regards,
Siddharth.
drivers/pci/controller/cadence/pci-j721e.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/pci/controller/cadence/pci-j721e.c b/drivers/pci/controller/cadence/pci-j721e.c
index 6c93f39d0288..cfca13a4c840 100644
--- a/drivers/pci/controller/cadence/pci-j721e.c
+++ b/drivers/pci/controller/cadence/pci-j721e.c
@@ -440,6 +440,7 @@ static const struct of_device_id of_j721e_pcie_match[] = {
},
{},
};
+MODULE_DEVICE_TABLE(of, of_j721e_pcie_match);
static int j721e_pcie_probe(struct platform_device *pdev)
{
--
2.43.0
2 weeks, 2 days
- 2
- 1
[PATCH 0/2] Backport request: mcp2221 needed to access eeprom data
by Romain Sioen
Hi maintainers,
Please consider backporting the following patches to the stable trees.
These patches fix a significant reading issue with mcp2221 on i2c eeprom.
I have confirmed that the patches applie cleanly and build successfully
against v6.6, v6.1, v5.15 and v5.10 stable branches.
I will later come back to you with other patches that might need larger
backport changes.
Thanks,
Romain
Hamish Martin (2):
HID: mcp2221: Don't set bus speed on every transfer
HID: mcp2221: Handle reads greater than 60 bytes
drivers/hid/hid-mcp2221.c | 71 +++++++++++++++++++++++++++------------
1 file changed, 49 insertions(+), 22 deletions(-)
--
2.48.1
2 weeks, 2 days
- 1
- 2
5.10 backport request: ASoC: Intel: sof_rt5682: shrink platform_id names below 20 characters
by Michał Górny
Hello,
I would like to request backporting the following patch to 5.10 series:
590cfb082837cc6c0c595adf1711330197c86a58
ASoC: Intel: sof_rt5682: shrink platform_id names below 20 characters
The patch seems to be already present in 5.15 and newer branches, and
its lack seems to be causing out-of-bounds read. I've hit it in the
wild while trying to install 5.10.241 on i686:
sh /var/tmp/portage/sys-kernel/gentoo-kernel-5.10.241/work/linux-5.10/scripts/depmod.sh depmod 5.10.241-gentoo-dist
depmod: FATAL: Module index: bad character '�'=0x80 - only 7-bit ASCII is supported:
platform:jsl_rt5682_max98360ax�
TIA.
--
Best regards,
Michał Górny
2 weeks, 2 days
- 3
- 17
[PATCH v4 2/4] x86/cpu/topology: Always try cpu_parse_topology_ext() on AMD/Hygon
by K Prateek Nayak
Support for parsing the topology on AMD/Hygon processors using CPUID
leaf 0xb was added in commit 3986a0a805e6 ("x86/CPU/AMD: Derive CPU
topology from CPUID function 0xB when available"). In an effort to keep
all the topology parsing bits in one place, this commit also introduced
a pseudo dependency on the TOPOEXT feature to parse the CPUID leaf 0xb.
TOPOEXT feature (CPUID 0x80000001 ECX[22]) advertises the support for
Cache Properties leaf 0x8000001d and the CPUID leaf 0x8000001e EAX for
"Extended APIC ID" however support for 0xb was introduced alongside the
x2APIC support not only on AMD [1], but also historically on x86 [2].
Similar to 0xb, the support for extended CPU topology leaf 0x80000026
too does not depend on the TOPOEXT feature.
The support for these leaves is expected to be confirmed by ensuring
"leaf <= {extended_}cpuid_level" and then parsing the level 0 of the
respective leaf to confirm EBX[15:0] (LogProcAtThisLevel) is non-zero as
stated in the definition of "CPUID_Fn0000000B_EAX_x00 [Extended Topology
Enumeration] (Core::X86::Cpuid::ExtTopEnumEax0)" in Processor
Programming Reference (PPR) for AMD Family 19h Model 01h Rev B1 Vol1 [3]
Sec. 2.1.15.1 "CPUID Instruction Functions".
This has not been a problem on baremetal platforms since support for
TOPOEXT (Fam 0x15 and later) predates the support for CPUID leaf 0xb
(Fam 0x17[Zen2] and later), however, for AMD guests on QEMU, "x2apic"
feature can be enabled independent of the "topoext" feature where QEMU
expects topology and the initial APICID to be parsed using the CPUID
leaf 0xb (especially when number of cores > 255) which is populated
independent of the "topoext" feature flag.
Unconditionally call cpu_parse_topology_ext() on AMD and Hygon
processors to first parse the topology using the XTOPOLOGY leaves
(0x80000026 / 0xb) before using the TOPOEXT leaf (0x8000001e).
Cc: stable(a)vger.kernel.org # Only v6.9 and above
Link: https://lore.kernel.org/lkml/1529686927-7665-1-git-send-email-suravee.suthi… [1]
Link: https://lore.kernel.org/lkml/20080818181435.523309000@linux-os.sc.intel.com/ [2]
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206537 [3]
Suggested-by: Naveen N Rao (AMD) <naveen(a)kernel.org>
Fixes: 3986a0a805e6 ("x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available")
Signed-off-by: K Prateek Nayak <kprateek.nayak(a)amd.com>
---
Changelog v3..v4:
o Quoted relevant section of the PPR justifying the changes.
o Moved this patch up ahead.
o Cc'd stable and made a note that backports should target v6.9 and
above since this depends on the x86 topology rewrite.
---
arch/x86/kernel/cpu/topology_amd.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/arch/x86/kernel/cpu/topology_amd.c b/arch/x86/kernel/cpu/topology_amd.c
index 827dd0dbb6e9..4e3134a5550c 100644
--- a/arch/x86/kernel/cpu/topology_amd.c
+++ b/arch/x86/kernel/cpu/topology_amd.c
@@ -175,18 +175,14 @@ static void topoext_fixup(struct topo_scan *tscan)
static void parse_topology_amd(struct topo_scan *tscan)
{
- bool has_topoext = false;
-
/*
- * If the extended topology leaf 0x8000_001e is available
- * try to get SMT, CORE, TILE, and DIE shifts from extended
+ * Try to get SMT, CORE, TILE, and DIE shifts from extended
* CPUID leaf 0x8000_0026 on supported processors first. If
* extended CPUID leaf 0x8000_0026 is not supported, try to
* get SMT and CORE shift from leaf 0xb first, then try to
* get the CORE shift from leaf 0x8000_0008.
*/
- if (cpu_feature_enabled(X86_FEATURE_TOPOEXT))
- has_topoext = cpu_parse_topology_ext(tscan);
+ bool has_topoext = cpu_parse_topology_ext(tscan);
if (cpu_feature_enabled(X86_FEATURE_AMD_HTR_CORES))
tscan->c->topo.cpu_type = cpuid_ebx(0x80000026);
--
2.34.1
2 weeks, 2 days
- 2
- 3
[PATCH v2 0/4] nios2: Add architecture support for clone3
by Simon Schuster via B4 Relay
This series adds support for the clone3 system call to the nios2
architecture. This addresses the build-time warning "warning: clone3()
entry point is missing, please fix" introduced in 505d66d1abfb9
("clone3: drop __ARCH_WANT_SYS_CLONE3 macro"). The implementation passes
the relevant clone3 tests of kselftest when applied on top of
next-20250815:
./run_kselftest.sh
TAP version 13
1..4
# selftests: clone3: clone3
ok 1 selftests: clone3: clone3
# selftests: clone3: clone3_clear_sighand
ok 2 selftests: clone3: clone3_clear_sighand
# selftests: clone3: clone3_set_tid
ok 3 selftests: clone3: clone3_set_tid
# selftests: clone3: clone3_cap_checkpoint_restore
ok 4 selftests: clone3: clone3_cap_checkpoint_restore
The series also includes a small patch to kernel/fork.c that ensures
that clone_flags are passed correctly on architectures where unsigned
long is insufficient to store the u64 clone_flags. It is marked as a fix
for stable backporting.
As requested, in v2, this series now further tries to correct this type
error throughout the whole code base. Thus, it now touches a larger
number of subsystems and all architectures.
Therefore, another test was performed for ARCH=x86_64 (as a
representative for 64-bit architectures). Here, the series builds cleanly
without warnings on defconfig with CONFIG_SECURITY_APPARMOR=y and
CONFIG_SECURITY_TOMOYO=y (to compile-check the LSM-related changes).
The build further successfully passes testing/selftests/clone3 (with the
patch from 20241105062948.1037011-1-zhouyuhang1010(a)163.com to prepare
clone3_cap_checkpoint_restore for compatibility with the newer libcap
version on my system).
Is there any option to further preflight check this patch series via
lkp/KernelCI/etc. for a broader test across architectures, or is this
degree of testing sufficient to eventually get the series merged?
N.B.: The series is not checkpatch clean right now:
- include/linux/cred.h, include/linux/mnt_namespace.h:
function definition arguments without identifier name
- include/trace/events/task.h:
space prohibited after that open parenthesis
I did not fix these warnings to keep my changes minimal and reviewable,
as the issues persist throughout the files and they were not introduced
by me; I only followed the existing code style and just replaced the
types. If desired, I'd be happy to make the changes in a potential v3,
though.
Signed-off-by: Simon Schuster <schuster.simon(a)siemens-energy.com>
---
Changes in v2:
- Introduce "Fixes:" and "Cc: stable(a)vger.kernel.org" where necessary
- Factor out "Fixes:" when adapting the datatype of clone_flags for
easier backports
- Fix additional instances where `unsigned long` clone_flags is used
- Reword commit message to make it clearer that any 32-bit arch is
affected by this bug
- Link to v1: https://lore.kernel.org/r/20250821-nios2-implement-clone3-v1-0-1bb24017376a…
---
Simon Schuster (4):
copy_sighand: Handle architectures where sizeof(unsigned long) < sizeof(u64)
copy_process: pass clone_flags as u64 across calltree
arch: copy_thread: pass clone_flags as u64
nios2: implement architecture-specific portion of sys_clone3
arch/alpha/kernel/process.c | 2 +-
arch/arc/kernel/process.c | 2 +-
arch/arm/kernel/process.c | 2 +-
arch/arm64/kernel/process.c | 2 +-
arch/csky/kernel/process.c | 2 +-
arch/hexagon/kernel/process.c | 2 +-
arch/loongarch/kernel/process.c | 2 +-
arch/m68k/kernel/process.c | 2 +-
arch/microblaze/kernel/process.c | 2 +-
arch/mips/kernel/process.c | 2 +-
arch/nios2/include/asm/syscalls.h | 1 +
arch/nios2/include/asm/unistd.h | 2 --
arch/nios2/kernel/entry.S | 6 ++++++
arch/nios2/kernel/process.c | 2 +-
arch/nios2/kernel/syscall_table.c | 1 +
arch/openrisc/kernel/process.c | 2 +-
arch/parisc/kernel/process.c | 2 +-
arch/powerpc/kernel/process.c | 2 +-
arch/riscv/kernel/process.c | 2 +-
arch/s390/kernel/process.c | 2 +-
arch/sh/kernel/process_32.c | 2 +-
arch/sparc/kernel/process_32.c | 2 +-
arch/sparc/kernel/process_64.c | 2 +-
arch/um/kernel/process.c | 2 +-
arch/x86/include/asm/fpu/sched.h | 2 +-
arch/x86/include/asm/shstk.h | 4 ++--
arch/x86/kernel/fpu/core.c | 2 +-
arch/x86/kernel/process.c | 2 +-
arch/x86/kernel/shstk.c | 2 +-
arch/xtensa/kernel/process.c | 2 +-
block/blk-ioc.c | 2 +-
fs/namespace.c | 2 +-
include/linux/cgroup.h | 4 ++--
include/linux/cred.h | 2 +-
include/linux/iocontext.h | 6 +++---
include/linux/ipc_namespace.h | 4 ++--
include/linux/lsm_hook_defs.h | 2 +-
include/linux/mnt_namespace.h | 2 +-
include/linux/nsproxy.h | 2 +-
include/linux/pid_namespace.h | 4 ++--
include/linux/rseq.h | 4 ++--
include/linux/sched/task.h | 2 +-
include/linux/security.h | 4 ++--
include/linux/sem.h | 4 ++--
include/linux/time_namespace.h | 4 ++--
include/linux/uprobes.h | 4 ++--
include/linux/user_events.h | 4 ++--
include/linux/utsname.h | 4 ++--
include/net/net_namespace.h | 4 ++--
include/trace/events/task.h | 6 +++---
ipc/namespace.c | 2 +-
ipc/sem.c | 2 +-
kernel/cgroup/namespace.c | 2 +-
kernel/cred.c | 2 +-
kernel/events/uprobes.c | 2 +-
kernel/fork.c | 10 +++++-----
kernel/nsproxy.c | 4 ++--
kernel/pid_namespace.c | 2 +-
kernel/sched/core.c | 4 ++--
kernel/sched/fair.c | 2 +-
kernel/sched/sched.h | 4 ++--
kernel/time/namespace.c | 2 +-
kernel/utsname.c | 2 +-
net/core/net_namespace.c | 2 +-
security/apparmor/lsm.c | 2 +-
security/security.c | 2 +-
security/selinux/hooks.c | 2 +-
security/tomoyo/tomoyo.c | 2 +-
68 files changed, 95 insertions(+), 89 deletions(-)
---
base-commit: 1357b2649c026b51353c84ddd32bc963e8999603
change-id: 20250818-nios2-implement-clone3-7f252c20860b
Best regards,
--
Simon Schuster <schuster.simon(a)siemens-energy.com>
2 weeks, 2 days
- 4
- 5
[PATCH v2] mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing
by A. Sverdlin
From: Alexander Sverdlin <alexander.sverdlin(a)siemens.com>
Having setup time 0 violates tAR, tCLR of some chips, for instance
TOSHIBA TC58NVG2S3ETAI0 cannot be detected successfully (first ID byte
being read duplicated, i.e. 98 98 dc 90 15 76 14 03 instead of
98 dc 90 15 76 ...).
Atmel Application Notes postulated 1 cycle NRD_SETUP without explanation
[1], but it looks more appropriate to just calculate setup time properly.
[1] Link: https://ww1.microchip.com/downloads/aemDocuments/documents/MPU32/Applicatio…
Cc: stable(a)vger.kernel.org
Fixes: f9ce2eddf176 ("mtd: nand: atmel: Add ->setup_data_interface() hooks")
Signed-off-by: Alexander Sverdlin <alexander.sverdlin(a)siemens.com>
---
v2:
- Cc'ed stable
- reformatted atmel_smc_cs_conf_set_setup() call
- rebased onto mtd/fixes
drivers/mtd/nand/raw/atmel/nand-controller.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/drivers/mtd/nand/raw/atmel/nand-controller.c b/drivers/mtd/nand/raw/atmel/nand-controller.c
index dedcca87defc7..ad0eff385e123 100644
--- a/drivers/mtd/nand/raw/atmel/nand-controller.c
+++ b/drivers/mtd/nand/raw/atmel/nand-controller.c
@@ -1377,14 +1377,24 @@ static int atmel_smc_nand_prepare_smcconf(struct atmel_nand *nand,
if (ret)
return ret;
+ /*
+ * Read setup timing depends on the operation done on the NAND:
+ *
+ * NRD_SETUP = max(tAR, tCLR)
+ */
+ timeps = max(conf->timings.sdr.tAR_min, conf->timings.sdr.tCLR_min);
+ ncycles = DIV_ROUND_UP(timeps, mckperiodps);
+ totalcycles += ncycles;
+ ret = atmel_smc_cs_conf_set_setup(smcconf, ATMEL_SMC_NRD_SHIFT, ncycles);
+ if (ret)
+ return ret;
+
/*
* The read cycle timing is directly matching tRC, but is also
* dependent on the setup and hold timings we calculated earlier,
* which gives:
*
- * NRD_CYCLE = max(tRC, NRD_PULSE + NRD_HOLD)
- *
- * NRD_SETUP is always 0.
+ * NRD_CYCLE = max(tRC, NRD_SETUP + NRD_PULSE + NRD_HOLD)
*/
ncycles = DIV_ROUND_UP(conf->timings.sdr.tRC_min, mckperiodps);
ncycles = max(totalcycles, ncycles);
--
2.50.1
2 weeks, 2 days
- 4
- 6
[PATCH] mtd: rawnand: stm32_fmc2: fix ECC overwrite
by Christophe Kerello
In case OOB write is requested during a data write, ECC is currently
lost. Avoid this issue by only writing in the free spare area.
This issue has been seen with a YAFFS2 file system.
Signed-off-by: Christophe Kerello <christophe.kerello(a)foss.st.com>
Cc: stable(a)vger.kernel.org
Fixes: 2cd457f328c1 ("mtd: rawnand: stm32_fmc2: add STM32 FMC2 NAND flash controller driver")
---
drivers/mtd/nand/raw/stm32_fmc2_nand.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/drivers/mtd/nand/raw/stm32_fmc2_nand.c b/drivers/mtd/nand/raw/stm32_fmc2_nand.c
index a960403081f11091837b73b8610231fe421d0c05..f84f23392fa441327bec90ba12a2a57d825d9330 100644
--- a/drivers/mtd/nand/raw/stm32_fmc2_nand.c
+++ b/drivers/mtd/nand/raw/stm32_fmc2_nand.c
@@ -996,9 +996,21 @@ static int stm32_fmc2_nfc_seq_write(struct nand_chip *chip, const u8 *buf,
/* Write oob */
if (oob_required) {
- ret = nand_change_write_column_op(chip, mtd->writesize,
- chip->oob_poi, mtd->oobsize,
- false);
+ unsigned int offset_in_page = mtd->writesize;
+ const void *buf = chip->oob_poi;
+ unsigned int len = mtd->oobsize;
+
+ if (!raw) {
+ struct mtd_oob_region oob_free;
+
+ mtd_ooblayout_free(mtd, 0, &oob_free);
+ offset_in_page += oob_free.offset;
+ buf += oob_free.offset;
+ len = oob_free.length;
+ }
+
+ ret = nand_change_write_column_op(chip, offset_in_page,
+ buf, len, false);
if (ret)
return ret;
}
---
base-commit: fb2fae70e7e985c4acb1ad96110d8b98bb64a87c
change-id: 20250811-fix-ecc-overwrite-9962b7797746
Best regards,
--
Christophe Kerello <christophe.kerello(a)foss.st.com>
2 weeks, 2 days
- 2
- 1
[PATCH] mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer
by Christophe Kerello
Avoid below overlapping mappings by using a contiguous
non-cacheable buffer.
[ 4.077708] DMA-API: stm32_fmc2_nfc 48810000.nand-controller: cacheline tracking EEXIST,
overlapping mappings aren't supported
[ 4.089103] WARNING: CPU: 1 PID: 44 at kernel/dma/debug.c:568 add_dma_entry+0x23c/0x300
[ 4.097071] Modules linked in:
[ 4.100101] CPU: 1 PID: 44 Comm: kworker/u4:2 Not tainted 6.1.82 #1
[ 4.106346] Hardware name: STMicroelectronics STM32MP257F VALID1 SNOR / MB1704 (LPDDR4 Power discrete) + MB1703 + MB1708 (SNOR MB1730) (DT)
[ 4.118824] Workqueue: events_unbound deferred_probe_work_func
[ 4.124674] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[ 4.131624] pc : add_dma_entry+0x23c/0x300
[ 4.135658] lr : add_dma_entry+0x23c/0x300
[ 4.139792] sp : ffff800009dbb490
[ 4.143016] x29: ffff800009dbb4a0 x28: 0000000004008022 x27: ffff8000098a6000
[ 4.150174] x26: 0000000000000000 x25: ffff8000099e7000 x24: ffff8000099e7de8
[ 4.157231] x23: 00000000ffffffff x22: 0000000000000000 x21: ffff8000098a6a20
[ 4.164388] x20: ffff000080964180 x19: ffff800009819ba0 x18: 0000000000000006
[ 4.171545] x17: 6361727420656e69 x16: 6c6568636163203a x15: 72656c6c6f72746e
[ 4.178602] x14: 6f632d646e616e2e x13: ffff800009832f58 x12: 00000000000004ec
[ 4.185759] x11: 00000000000001a4 x10: ffff80000988af58 x9 : ffff800009832f58
[ 4.192916] x8 : 00000000ffffefff x7 : ffff80000988af58 x6 : 80000000fffff000
[ 4.199972] x5 : 000000000000bff4 x4 : 0000000000000000 x3 : 0000000000000000
[ 4.207128] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000812d2c40
[ 4.214185] Call trace:
[ 4.216605] add_dma_entry+0x23c/0x300
[ 4.220338] debug_dma_map_sg+0x198/0x350
[ 4.224373] __dma_map_sg_attrs+0xa0/0x110
[ 4.228411] dma_map_sg_attrs+0x10/0x2c
[ 4.232247] stm32_fmc2_nfc_xfer.isra.0+0x1c8/0x3fc
[ 4.237088] stm32_fmc2_nfc_seq_read_page+0xc8/0x174
[ 4.242127] nand_read_oob+0x1d4/0x8e0
[ 4.245861] mtd_read_oob_std+0x58/0x84
[ 4.249596] mtd_read_oob+0x90/0x150
[ 4.253231] mtd_read+0x68/0xac
Signed-off-by: Christophe Kerello <christophe.kerello(a)foss.st.com>
Cc: stable(a)vger.kernel.org
Fixes: 2cd457f328c1 ("mtd: rawnand: stm32_fmc2: add STM32 FMC2 NAND flash controller driver")
---
drivers/mtd/nand/raw/stm32_fmc2_nand.c | 28 +++++++++-------------------
1 file changed, 9 insertions(+), 19 deletions(-)
diff --git a/drivers/mtd/nand/raw/stm32_fmc2_nand.c b/drivers/mtd/nand/raw/stm32_fmc2_nand.c
index a960403081f11091837b73b8610231fe421d0c05..222c3c3b684841879a55835e802dcf9983860c28 100644
--- a/drivers/mtd/nand/raw/stm32_fmc2_nand.c
+++ b/drivers/mtd/nand/raw/stm32_fmc2_nand.c
@@ -272,6 +272,7 @@ struct stm32_fmc2_nfc {
struct sg_table dma_data_sg;
struct sg_table dma_ecc_sg;
u8 *ecc_buf;
+ dma_addr_t dma_ecc_addr;
int dma_ecc_len;
u32 tx_dma_max_burst;
u32 rx_dma_max_burst;
@@ -902,17 +903,10 @@ static int stm32_fmc2_nfc_xfer(struct nand_chip *chip, const u8 *buf,
if (!write_data && !raw) {
/* Configure DMA ECC status */
- p = nfc->ecc_buf;
for_each_sg(nfc->dma_ecc_sg.sgl, sg, eccsteps, s) {
- sg_set_buf(sg, p, nfc->dma_ecc_len);
- p += nfc->dma_ecc_len;
- }
-
- ret = dma_map_sg(nfc->dev, nfc->dma_ecc_sg.sgl,
- eccsteps, dma_data_dir);
- if (!ret) {
- ret = -EIO;
- goto err_unmap_data;
+ sg_dma_address(sg) = nfc->dma_ecc_addr +
+ s * nfc->dma_ecc_len;
+ sg_dma_len(sg) = nfc->dma_ecc_len;
}
desc_ecc = dmaengine_prep_slave_sg(nfc->dma_ecc_ch,
@@ -921,7 +915,7 @@ static int stm32_fmc2_nfc_xfer(struct nand_chip *chip, const u8 *buf,
DMA_PREP_INTERRUPT);
if (!desc_ecc) {
ret = -ENOMEM;
- goto err_unmap_ecc;
+ goto err_unmap_data;
}
reinit_completion(&nfc->dma_ecc_complete);
@@ -929,7 +923,7 @@ static int stm32_fmc2_nfc_xfer(struct nand_chip *chip, const u8 *buf,
desc_ecc->callback_param = &nfc->dma_ecc_complete;
ret = dma_submit_error(dmaengine_submit(desc_ecc));
if (ret)
- goto err_unmap_ecc;
+ goto err_unmap_data;
dma_async_issue_pending(nfc->dma_ecc_ch);
}
@@ -949,7 +943,7 @@ static int stm32_fmc2_nfc_xfer(struct nand_chip *chip, const u8 *buf,
if (!write_data && !raw)
dmaengine_terminate_all(nfc->dma_ecc_ch);
ret = -ETIMEDOUT;
- goto err_unmap_ecc;
+ goto err_unmap_data;
}
/* Wait DMA data transfer completion */
@@ -969,11 +963,6 @@ static int stm32_fmc2_nfc_xfer(struct nand_chip *chip, const u8 *buf,
}
}
-err_unmap_ecc:
- if (!write_data && !raw)
- dma_unmap_sg(nfc->dev, nfc->dma_ecc_sg.sgl,
- eccsteps, dma_data_dir);
-
err_unmap_data:
dma_unmap_sg(nfc->dev, nfc->dma_data_sg.sgl, eccsteps, dma_data_dir);
@@ -1610,7 +1599,8 @@ static int stm32_fmc2_nfc_dma_setup(struct stm32_fmc2_nfc *nfc)
return ret;
/* Allocate a buffer to store ECC status registers */
- nfc->ecc_buf = devm_kzalloc(nfc->dev, FMC2_MAX_ECC_BUF_LEN, GFP_KERNEL);
+ nfc->ecc_buf = dmam_alloc_coherent(nfc->dev, FMC2_MAX_ECC_BUF_LEN,
+ &nfc->dma_ecc_addr, GFP_KERNEL);
if (!nfc->ecc_buf)
return -ENOMEM;
---
base-commit: fb2fae70e7e985c4acb1ad96110d8b98bb64a87c
change-id: 20250811-fix-dma-overlapping-1c8fba7fd519
Best regards,
--
Christophe Kerello <christophe.kerello(a)foss.st.com>
2 weeks, 2 days
- 2
- 1
UDF failures in 5.15
by Jan Kara
Hello,
Henrik notified me that UDF in 5.15 kernel is failing for him, likely
because commit 1ea1cd11c72d ("udf: Fix directory iteration for longer tail
extents") is missing 5.15 stable tree. Basically wherever d16076d9b684b got
backported, 1ea1cd11c72d needs to be backported as well (I'm sorry for
forgetting to add proper Fixes tag back then).
Honza
--
Jan Kara <jack(a)suse.com>
SUSE Labs, CR
2 weeks, 2 days
- 2
- 1
[PATCH] accel/ivpu: Prevent recovery work from being queued during device removal
by Jacek Lawrynowicz
From: Karol Wachowski <karol.wachowski(a)intel.com>
Use disable_work_sync() instead of cancel_work_sync() in ivpu_dev_fini()
to ensure that no new recovery work items can be queued after device
removal has started. Previously, recovery work could be scheduled even
after canceling existing work, potentially leading to use-after-free
bugs if recovery accessed freed resources.
Rename ivpu_pm_cancel_recovery() to ivpu_pm_disable_recovery() to better
reflect its new behavior.
Fixes: 58cde80f45a2 ("accel/ivpu: Use dedicated work for job timeout detection")
Cc: <stable(a)vger.kernel.org> # v6.8+
Signed-off-by: Karol Wachowski <karol.wachowski(a)intel.com>
Signed-off-by: Jacek Lawrynowicz <jacek.lawrynowicz(a)linux.intel.com>
---
drivers/accel/ivpu/ivpu_drv.c | 2 +-
drivers/accel/ivpu/ivpu_pm.c | 4 ++--
drivers/accel/ivpu/ivpu_pm.h | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/accel/ivpu/ivpu_drv.c b/drivers/accel/ivpu/ivpu_drv.c
index 3d6d52492536a..3289751b47573 100644
--- a/drivers/accel/ivpu/ivpu_drv.c
+++ b/drivers/accel/ivpu/ivpu_drv.c
@@ -677,7 +677,7 @@ static void ivpu_bo_unbind_all_user_contexts(struct ivpu_device *vdev)
static void ivpu_dev_fini(struct ivpu_device *vdev)
{
ivpu_jobs_abort_all(vdev);
- ivpu_pm_cancel_recovery(vdev);
+ ivpu_pm_disable_recovery(vdev);
ivpu_pm_disable(vdev);
ivpu_prepare_for_reset(vdev);
ivpu_shutdown(vdev);
diff --git a/drivers/accel/ivpu/ivpu_pm.c b/drivers/accel/ivpu/ivpu_pm.c
index eacda1dbe8405..475ddc94f1cfe 100644
--- a/drivers/accel/ivpu/ivpu_pm.c
+++ b/drivers/accel/ivpu/ivpu_pm.c
@@ -417,10 +417,10 @@ void ivpu_pm_init(struct ivpu_device *vdev)
ivpu_dbg(vdev, PM, "Autosuspend delay = %d\n", delay);
}
-void ivpu_pm_cancel_recovery(struct ivpu_device *vdev)
+void ivpu_pm_disable_recovery(struct ivpu_device *vdev)
{
drm_WARN_ON(&vdev->drm, delayed_work_pending(&vdev->pm->job_timeout_work));
- cancel_work_sync(&vdev->pm->recovery_work);
+ disable_work_sync(&vdev->pm->recovery_work);
}
void ivpu_pm_enable(struct ivpu_device *vdev)
diff --git a/drivers/accel/ivpu/ivpu_pm.h b/drivers/accel/ivpu/ivpu_pm.h
index 89b264cc0e3e7..a2aa7a27f32ef 100644
--- a/drivers/accel/ivpu/ivpu_pm.h
+++ b/drivers/accel/ivpu/ivpu_pm.h
@@ -25,7 +25,7 @@ struct ivpu_pm_info {
void ivpu_pm_init(struct ivpu_device *vdev);
void ivpu_pm_enable(struct ivpu_device *vdev);
void ivpu_pm_disable(struct ivpu_device *vdev);
-void ivpu_pm_cancel_recovery(struct ivpu_device *vdev);
+void ivpu_pm_disable_recovery(struct ivpu_device *vdev);
int ivpu_pm_suspend_cb(struct device *dev);
int ivpu_pm_resume_cb(struct device *dev);
--
2.45.1
2 weeks, 2 days
- 2
- 2
[PATCH v2] drm/rcar-du: dsi: Fix 1/2/3 lane support
by Marek Vasut
Remove fixed PPI lane count setup. The R-Car DSI host is capable
of operating in 1..4 DSI lane mode. Remove the hard-coded 4-lane
configuration from PPI register settings and instead configure
the PPI lane count according to lane count information already
obtained by this driver instance.
Configure TXSETR register to match PPI lane count. The R-Car V4H
Reference Manual R19UH0186EJ0121 Rev.1.21 section 67.2.2.3 Tx Set
Register (TXSETR), field LANECNT description indicates that the
TXSETR register LANECNT bitfield lane count must be configured
such, that it matches lane count configuration in PPISETR register
DLEN bitfield. Make sure the LANECNT and DLEN bitfields are
configured to match.
Fixes: 155358310f01 ("drm: rcar-du: Add R-Car DSI driver")
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Marek Vasut <marek.vasut+renesas(a)mailbox.org>
---
Cc: David Airlie <airlied(a)gmail.com>
Cc: Geert Uytterhoeven <geert+renesas(a)glider.be>
Cc: Kieran Bingham <kieran.bingham+renesas(a)ideasonboard.com>
Cc: Laurent Pinchart <laurent.pinchart+renesas(a)ideasonboard.com>
Cc: Maarten Lankhorst <maarten.lankhorst(a)linux.intel.com>
Cc: Magnus Damm <magnus.damm(a)gmail.com>
Cc: Maxime Ripard <mripard(a)kernel.org>
Cc: Simona Vetter <simona(a)ffwll.ch>
Cc: Thomas Zimmermann <tzimmermann(a)suse.de>
Cc: Tomi Valkeinen <tomi.valkeinen+renesas(a)ideasonboard.com>
Cc: dri-devel(a)lists.freedesktop.org
Cc: linux-renesas-soc(a)vger.kernel.org
---
V2: - Split this out of a series, update commit message, combine from
drm/rcar-du: dsi: Remove fixed PPI lane count setup
drm/rcar-du: dsi: Configure TXSETR register to match PPI lane count
- add Fixes tag, CC stable
---
drivers/gpu/drm/renesas/rcar-du/rcar_mipi_dsi.c | 5 ++++-
drivers/gpu/drm/renesas/rcar-du/rcar_mipi_dsi_regs.h | 8 ++++----
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/drivers/gpu/drm/renesas/rcar-du/rcar_mipi_dsi.c b/drivers/gpu/drm/renesas/rcar-du/rcar_mipi_dsi.c
index 1af4c73f7a88..952c3efb74da 100644
--- a/drivers/gpu/drm/renesas/rcar-du/rcar_mipi_dsi.c
+++ b/drivers/gpu/drm/renesas/rcar-du/rcar_mipi_dsi.c
@@ -576,7 +576,10 @@ static int rcar_mipi_dsi_startup(struct rcar_mipi_dsi *dsi,
udelay(10);
rcar_mipi_dsi_clr(dsi, CLOCKSET1, CLOCKSET1_UPDATEPLL);
- ppisetr = PPISETR_DLEN_3 | PPISETR_CLEN;
+ rcar_mipi_dsi_clr(dsi, TXSETR, TXSETR_LANECNT_MASK);
+ rcar_mipi_dsi_set(dsi, TXSETR, dsi->lanes - 1);
+
+ ppisetr = ((BIT(dsi->lanes) - 1) & PPISETR_DLEN_MASK) | PPISETR_CLEN;
rcar_mipi_dsi_write(dsi, PPISETR, ppisetr);
rcar_mipi_dsi_set(dsi, PHYSETUP, PHYSETUP_SHUTDOWNZ);
diff --git a/drivers/gpu/drm/renesas/rcar-du/rcar_mipi_dsi_regs.h b/drivers/gpu/drm/renesas/rcar-du/rcar_mipi_dsi_regs.h
index a6b276f1d6ee..a54c7eb4113b 100644
--- a/drivers/gpu/drm/renesas/rcar-du/rcar_mipi_dsi_regs.h
+++ b/drivers/gpu/drm/renesas/rcar-du/rcar_mipi_dsi_regs.h
@@ -12,6 +12,9 @@
#define LINKSR_LPBUSY (1 << 1)
#define LINKSR_HSBUSY (1 << 0)
+#define TXSETR 0x100
+#define TXSETR_LANECNT_MASK (0x3 << 0)
+
/*
* Video Mode Register
*/
@@ -80,10 +83,7 @@
* PHY-Protocol Interface (PPI) Registers
*/
#define PPISETR 0x700
-#define PPISETR_DLEN_0 (0x1 << 0)
-#define PPISETR_DLEN_1 (0x3 << 0)
-#define PPISETR_DLEN_2 (0x7 << 0)
-#define PPISETR_DLEN_3 (0xf << 0)
+#define PPISETR_DLEN_MASK (0xf << 0)
#define PPISETR_CLEN (1 << 8)
#define PPICLCR 0x710
--
2.47.2
2 weeks, 2 days
- 3
- 4
[PATCH] xtensa: simdisk: add input size check in proc_write_simdisk
by Miaoqian Lin
A malicious user could pass an arbitrarily bad value
to memdup_user_nul(), potentially causing kernel crash.
This follows the same pattern as commit ee76746387f6
("netdevsim: prevent bad user input in nsim_dev_health_break_write()")
Fixes: b6c7e873daf7 ("xtensa: ISS: add host file-based simulated disk")
Fixes: 16e5c1fc3604 ("convert a bunch of open-coded instances of memdup_user_nul()")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
arch/xtensa/platforms/iss/simdisk.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/arch/xtensa/platforms/iss/simdisk.c b/arch/xtensa/platforms/iss/simdisk.c
index 6ed009318d24..3cafc8feddee 100644
--- a/arch/xtensa/platforms/iss/simdisk.c
+++ b/arch/xtensa/platforms/iss/simdisk.c
@@ -231,10 +231,14 @@ static ssize_t proc_read_simdisk(struct file *file, char __user *buf,
static ssize_t proc_write_simdisk(struct file *file, const char __user *buf,
size_t count, loff_t *ppos)
{
- char *tmp = memdup_user_nul(buf, count);
+ char *tmp;
struct simdisk *dev = pde_data(file_inode(file));
int err;
+ if (count == 0 || count > PAGE_SIZE)
+ return -EINVAL;
+
+ tmp = memdup_user_nul(buf, count);
if (IS_ERR(tmp))
return PTR_ERR(tmp);
--
2.35.1
2 weeks, 2 days
- 2
- 1
[PATCH v4] mm: slub: avoid wake up kswapd in set_track_prepare
by yangshiguang1011@163.com
From: yangshiguang <yangshiguang(a)xiaomi.com>
From: yangshiguang <yangshiguang(a)xiaomi.com>
set_track_prepare() can incur lock recursion.
The issue is that it is called from hrtimer_start_range_ns
holding the per_cpu(hrtimer_bases)[n].lock, but when enabled
CONFIG_DEBUG_OBJECTS_TIMERS, may wake up kswapd in set_track_prepare,
and try to hold the per_cpu(hrtimer_bases)[n].lock.
Avoid deadlock caused by implicitly waking up kswapd by
passing in allocation flags. And the slab caller context has
preemption disabled, so __GFP_KSWAPD_RECLAIM must not appear in gfp_flags.
The oops looks something like:
BUG: spinlock recursion on CPU#3, swapper/3/0
lock: 0xffffff8a4bf29c80, .magic: dead4ead, .owner: swapper/3/0, .owner_cpu: 3
Hardware name: Qualcomm Technologies, Inc. Popsicle based on SM8850 (DT)
Call trace:
spin_bug+0x0
_raw_spin_lock_irqsave+0x80
hrtimer_try_to_cancel+0x94
task_contending+0x10c
enqueue_dl_entity+0x2a4
dl_server_start+0x74
enqueue_task_fair+0x568
enqueue_task+0xac
do_activate_task+0x14c
ttwu_do_activate+0xcc
try_to_wake_up+0x6c8
default_wake_function+0x20
autoremove_wake_function+0x1c
__wake_up+0xac
wakeup_kswapd+0x19c
wake_all_kswapds+0x78
__alloc_pages_slowpath+0x1ac
__alloc_pages_noprof+0x298
stack_depot_save_flags+0x6b0
stack_depot_save+0x14
set_track_prepare+0x5c
___slab_alloc+0xccc
__kmalloc_cache_noprof+0x470
__set_page_owner+0x2bc
post_alloc_hook[jt]+0x1b8
prep_new_page+0x28
get_page_from_freelist+0x1edc
__alloc_pages_noprof+0x13c
alloc_slab_page+0x244
allocate_slab+0x7c
___slab_alloc+0x8e8
kmem_cache_alloc_noprof+0x450
debug_objects_fill_pool+0x22c
debug_object_activate+0x40
enqueue_hrtimer[jt]+0xdc
hrtimer_start_range_ns+0x5f8
...
Signed-off-by: yangshiguang <yangshiguang(a)xiaomi.com>
Fixes: 5cf909c553e9 ("mm/slub: use stackdepot to save stack trace in objects")
Cc: stable(a)vger.kernel.org
---
v1 -> v2:
propagate gfp flags to set_track_prepare()
v2 -> v3:
Remove the gfp restriction in set_track_prepare()
v3 -> v4:
Re-describe the comments in set_track_prepare.
[1]https://lore.kernel.org/all/20250801065121.876793-1-yangshiguang1011@163.…
[2]https://lore.kernel.org/all/20250814111641.380629-2-yangshiguang1011@163.…
[3]https://lore.kernel.org/all/20250825121737.2535732-1-yangshiguang1011@163…
---
mm/slub.c | 26 ++++++++++++++++----------
1 file changed, 16 insertions(+), 10 deletions(-)
diff --git a/mm/slub.c b/mm/slub.c
index 30003763d224..b0af51a5321b 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -962,19 +962,25 @@ static struct track *get_track(struct kmem_cache *s, void *object,
}
#ifdef CONFIG_STACKDEPOT
-static noinline depot_stack_handle_t set_track_prepare(void)
+static noinline depot_stack_handle_t set_track_prepare(gfp_t gfp_flags)
{
depot_stack_handle_t handle;
unsigned long entries[TRACK_ADDRS_COUNT];
unsigned int nr_entries;
+ /*
+ * Preemption is disabled in ___slab_alloc() so we need to disallow
+ * blocking. The flags are further adjusted by gfp_nested_mask() in
+ * stack_depot itself.
+ */
+ gfp_flags &= ~(__GFP_DIRECT_RECLAIM);
nr_entries = stack_trace_save(entries, ARRAY_SIZE(entries), 3);
- handle = stack_depot_save(entries, nr_entries, GFP_NOWAIT);
+ handle = stack_depot_save(entries, nr_entries, gfp_flags);
return handle;
}
#else
-static inline depot_stack_handle_t set_track_prepare(void)
+static inline depot_stack_handle_t set_track_prepare(gfp_t gfp_flags)
{
return 0;
}
@@ -996,9 +1002,9 @@ static void set_track_update(struct kmem_cache *s, void *object,
}
static __always_inline void set_track(struct kmem_cache *s, void *object,
- enum track_item alloc, unsigned long addr)
+ enum track_item alloc, unsigned long addr, gfp_t gfp_flags)
{
- depot_stack_handle_t handle = set_track_prepare();
+ depot_stack_handle_t handle = set_track_prepare(gfp_flags);
set_track_update(s, object, alloc, addr, handle);
}
@@ -1921,9 +1927,9 @@ static inline bool free_debug_processing(struct kmem_cache *s,
static inline void slab_pad_check(struct kmem_cache *s, struct slab *slab) {}
static inline int check_object(struct kmem_cache *s, struct slab *slab,
void *object, u8 val) { return 1; }
-static inline depot_stack_handle_t set_track_prepare(void) { return 0; }
+static inline depot_stack_handle_t set_track_prepare(gfp_t gfp_flags) { return 0; }
static inline void set_track(struct kmem_cache *s, void *object,
- enum track_item alloc, unsigned long addr) {}
+ enum track_item alloc, unsigned long addr, gfp_t gfp_flags) {}
static inline void add_full(struct kmem_cache *s, struct kmem_cache_node *n,
struct slab *slab) {}
static inline void remove_full(struct kmem_cache *s, struct kmem_cache_node *n,
@@ -3878,7 +3884,7 @@ static void *___slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
* tracking info and return the object.
*/
if (s->flags & SLAB_STORE_USER)
- set_track(s, freelist, TRACK_ALLOC, addr);
+ set_track(s, freelist, TRACK_ALLOC, addr, gfpflags);
return freelist;
}
@@ -3910,7 +3916,7 @@ static void *___slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
goto new_objects;
if (s->flags & SLAB_STORE_USER)
- set_track(s, freelist, TRACK_ALLOC, addr);
+ set_track(s, freelist, TRACK_ALLOC, addr, gfpflags);
return freelist;
}
@@ -4422,7 +4428,7 @@ static noinline void free_to_partial_list(
depot_stack_handle_t handle = 0;
if (s->flags & SLAB_STORE_USER)
- handle = set_track_prepare();
+ handle = set_track_prepare(__GFP_NOWARN);
spin_lock_irqsave(&n->list_lock, flags);
--
2.43.0
2 weeks, 2 days
- 4
- 6
[PATCH] fbdev/simplefb: Fix use after free in simplefb_detach_genpds()
by Janne Grunau
The pm_domain cleanup can not be devres managed as it uses struct
simplefb_par which is allocated within struct fb_info by
framebuffer_alloc(). This allocation is explicitly freed by
unregister_framebuffer() in simplefb_remove().
Devres managed cleanup runs after the device remove call and thus can no
longer access struct simplefb_par.
Call simplefb_detach_genpds() explicitly from simplefb_destroy() like
the cleanup functions for clocks and regulators.
Fixes an use after free on M2 Mac mini during
aperture_remove_conflicting_devices() using the downstream asahi kernel
with Debian's kernel config. For unknown reasons this started to
consistently dereference an invalid pointer in v6.16.3 based kernels.
[ 6.736134] BUG: KASAN: slab-use-after-free in simplefb_detach_genpds+0x58/0x220
[ 6.743545] Read of size 4 at addr ffff8000304743f0 by task (udev-worker)/227
[ 6.750697]
[ 6.752182] CPU: 6 UID: 0 PID: 227 Comm: (udev-worker) Tainted: G S 6.16.3-asahi+ #16 PREEMPTLAZY
[ 6.752186] Tainted: [S]=CPU_OUT_OF_SPEC
[ 6.752187] Hardware name: Apple Mac mini (M2, 2023) (DT)
[ 6.752189] Call trace:
[ 6.752190] show_stack+0x34/0x98 (C)
[ 6.752194] dump_stack_lvl+0x60/0x80
[ 6.752197] print_report+0x17c/0x4d8
[ 6.752201] kasan_report+0xb4/0x100
[ 6.752206] __asan_report_load4_noabort+0x20/0x30
[ 6.752209] simplefb_detach_genpds+0x58/0x220
[ 6.752213] devm_action_release+0x50/0x98
[ 6.752216] release_nodes+0xd0/0x2c8
[ 6.752219] devres_release_all+0xfc/0x178
[ 6.752221] device_unbind_cleanup+0x28/0x168
[ 6.752224] device_release_driver_internal+0x34c/0x470
[ 6.752228] device_release_driver+0x20/0x38
[ 6.752231] bus_remove_device+0x1b0/0x380
[ 6.752234] device_del+0x314/0x820
[ 6.752238] platform_device_del+0x3c/0x1e8
[ 6.752242] platform_device_unregister+0x20/0x50
[ 6.752246] aperture_detach_platform_device+0x1c/0x30
[ 6.752250] aperture_detach_devices+0x16c/0x290
[ 6.752253] aperture_remove_conflicting_devices+0x34/0x50
...
[ 6.752343]
[ 6.967409] Allocated by task 62:
[ 6.970724] kasan_save_stack+0x3c/0x70
[ 6.974560] kasan_save_track+0x20/0x40
[ 6.978397] kasan_save_alloc_info+0x40/0x58
[ 6.982670] __kasan_kmalloc+0xd4/0xd8
[ 6.986420] __kmalloc_noprof+0x194/0x540
[ 6.990432] framebuffer_alloc+0xc8/0x130
[ 6.994444] simplefb_probe+0x258/0x2378
...
[ 7.054356]
[ 7.055838] Freed by task 227:
[ 7.058891] kasan_save_stack+0x3c/0x70
[ 7.062727] kasan_save_track+0x20/0x40
[ 7.066565] kasan_save_free_info+0x4c/0x80
[ 7.070751] __kasan_slab_free+0x6c/0xa0
[ 7.074675] kfree+0x10c/0x380
[ 7.077727] framebuffer_release+0x5c/0x90
[ 7.081826] simplefb_destroy+0x1b4/0x2c0
[ 7.085837] put_fb_info+0x98/0x100
[ 7.089326] unregister_framebuffer+0x178/0x320
[ 7.093861] simplefb_remove+0x3c/0x60
[ 7.097611] platform_remove+0x60/0x98
[ 7.101361] device_remove+0xb8/0x160
[ 7.105024] device_release_driver_internal+0x2fc/0x470
[ 7.110256] device_release_driver+0x20/0x38
[ 7.114529] bus_remove_device+0x1b0/0x380
[ 7.118628] device_del+0x314/0x820
[ 7.122116] platform_device_del+0x3c/0x1e8
[ 7.126302] platform_device_unregister+0x20/0x50
[ 7.131012] aperture_detach_platform_device+0x1c/0x30
[ 7.136157] aperture_detach_devices+0x16c/0x290
[ 7.140779] aperture_remove_conflicting_devices+0x34/0x50
...
Reported-by: Daniel Huhardeaux <tech(a)tootai.net>
Cc: stable(a)vger.kernel.org
Fixes: 92a511a568e44 ("fbdev/simplefb: Add support for generic power-domains")
Signed-off-by: Janne Grunau <j(a)jannau.net>
---
drivers/video/fbdev/simplefb.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/drivers/video/fbdev/simplefb.c b/drivers/video/fbdev/simplefb.c
index 1893815dc67f4c1403eea42c0e10a7ead4d96ba9..cd5193e704ffe1ccc178c13916a462446af9cb14 100644
--- a/drivers/video/fbdev/simplefb.c
+++ b/drivers/video/fbdev/simplefb.c
@@ -93,6 +93,7 @@ struct simplefb_par {
static void simplefb_clocks_destroy(struct simplefb_par *par);
static void simplefb_regulators_destroy(struct simplefb_par *par);
+static void simplefb_detach_genpds(void *res);
/*
* fb_ops.fb_destroy is called by the last put_fb_info() call at the end
@@ -105,6 +106,7 @@ static void simplefb_destroy(struct fb_info *info)
simplefb_regulators_destroy(info->par);
simplefb_clocks_destroy(info->par);
+ simplefb_detach_genpds(info->par);
if (info->screen_base)
iounmap(info->screen_base);
@@ -465,13 +467,11 @@ static int simplefb_attach_genpds(struct simplefb_par *par,
return err;
}
- par->num_genpds = err;
-
/*
* Single power-domain devices are handled by the driver core, so
* nothing to do here.
*/
- if (par->num_genpds <= 1)
+ if (err <= 1)
return 0;
par->genpds = devm_kcalloc(dev, par->num_genpds, sizeof(*par->genpds),
@@ -485,6 +485,12 @@ static int simplefb_attach_genpds(struct simplefb_par *par,
if (!par->genpd_links)
return -ENOMEM;
+ /*
+ * Set num_genpds only after genpds and genpd_links are allocated to
+ * exit early from simplefb_detach_genpds() without full initialisation.
+ */
+ par->num_genpds = err;
+
for (i = 0; i < par->num_genpds; i++) {
par->genpds[i] = dev_pm_domain_attach_by_id(dev, i);
if (IS_ERR(par->genpds[i])) {
@@ -506,9 +512,10 @@ static int simplefb_attach_genpds(struct simplefb_par *par,
dev_warn(dev, "failed to link power-domain %u\n", i);
}
- return devm_add_action_or_reset(dev, simplefb_detach_genpds, par);
+ return 0;
}
#else
+static void simplefb_detach_genpds(void *res) { }
static int simplefb_attach_genpds(struct simplefb_par *par,
struct platform_device *pdev)
{
---
base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585
change-id: 20250901-simplefb-genpd-uaf-352704761a29
Best regards,
--
Janne Grunau <j(a)jannau.net>
2 weeks, 2 days
- 1
- 0
[PATCH v5] mm: slub: avoid wake up kswapd in set_track_prepare
by yangshiguang1011@163.com
From: yangshiguang <yangshiguang(a)xiaomi.com>
set_track_prepare() can incur lock recursion.
The issue is that it is called from hrtimer_start_range_ns
holding the per_cpu(hrtimer_bases)[n].lock, but when enabled
CONFIG_DEBUG_OBJECTS_TIMERS, may wake up kswapd in set_track_prepare,
and try to hold the per_cpu(hrtimer_bases)[n].lock.
Avoid deadlock caused by implicitly waking up kswapd by
passing in allocation flags. And the slab caller context has
preemption disabled, so __GFP_DIRECT_RECLAIM must not appear in gfp_flags.
The oops looks something like:
BUG: spinlock recursion on CPU#3, swapper/3/0
lock: 0xffffff8a4bf29c80, .magic: dead4ead, .owner: swapper/3/0, .owner_cpu: 3
Hardware name: Qualcomm Technologies, Inc. Popsicle based on SM8850 (DT)
Call trace:
spin_bug+0x0
_raw_spin_lock_irqsave+0x80
hrtimer_try_to_cancel+0x94
task_contending+0x10c
enqueue_dl_entity+0x2a4
dl_server_start+0x74
enqueue_task_fair+0x568
enqueue_task+0xac
do_activate_task+0x14c
ttwu_do_activate+0xcc
try_to_wake_up+0x6c8
default_wake_function+0x20
autoremove_wake_function+0x1c
__wake_up+0xac
wakeup_kswapd+0x19c
wake_all_kswapds+0x78
__alloc_pages_slowpath+0x1ac
__alloc_pages_noprof+0x298
stack_depot_save_flags+0x6b0
stack_depot_save+0x14
set_track_prepare+0x5c
___slab_alloc+0xccc
__kmalloc_cache_noprof+0x470
__set_page_owner+0x2bc
post_alloc_hook[jt]+0x1b8
prep_new_page+0x28
get_page_from_freelist+0x1edc
__alloc_pages_noprof+0x13c
alloc_slab_page+0x244
allocate_slab+0x7c
___slab_alloc+0x8e8
kmem_cache_alloc_noprof+0x450
debug_objects_fill_pool+0x22c
debug_object_activate+0x40
enqueue_hrtimer[jt]+0xdc
hrtimer_start_range_ns+0x5f8
...
Signed-off-by: yangshiguang <yangshiguang(a)xiaomi.com>
Fixes: 5cf909c553e9 ("mm/slub: use stackdepot to save stack trace in objects")
Cc: stable(a)vger.kernel.org
---
v1 -> v2:
propagate gfp flags to set_track_prepare()
v2 -> v3:
Remove the gfp restriction in set_track_prepare()
v3 -> v4:
Re-describe the comments in set_track_prepare.
v4 -> v5:
Modify the patch commit.
[1]https://lore.kernel.org/all/20250801065121.876793-1-yangshiguang1011@163.…
[2]https://lore.kernel.org/all/20250814111641.380629-2-yangshiguang1011@163.…
[3]https://lore.kernel.org/all/20250825121737.2535732-1-yangshiguang1011@163…
[4]https://lore.kernel.org/all/20250830020946.1767573-1-yangshiguang1011@163…
---
mm/slub.c | 26 ++++++++++++++++----------
1 file changed, 16 insertions(+), 10 deletions(-)
diff --git a/mm/slub.c b/mm/slub.c
index 30003763d224..b0af51a5321b 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -962,19 +962,25 @@ static struct track *get_track(struct kmem_cache *s, void *object,
}
#ifdef CONFIG_STACKDEPOT
-static noinline depot_stack_handle_t set_track_prepare(void)
+static noinline depot_stack_handle_t set_track_prepare(gfp_t gfp_flags)
{
depot_stack_handle_t handle;
unsigned long entries[TRACK_ADDRS_COUNT];
unsigned int nr_entries;
+ /*
+ * Preemption is disabled in ___slab_alloc() so we need to disallow
+ * blocking. The flags are further adjusted by gfp_nested_mask() in
+ * stack_depot itself.
+ */
+ gfp_flags &= ~(__GFP_DIRECT_RECLAIM);
nr_entries = stack_trace_save(entries, ARRAY_SIZE(entries), 3);
- handle = stack_depot_save(entries, nr_entries, GFP_NOWAIT);
+ handle = stack_depot_save(entries, nr_entries, gfp_flags);
return handle;
}
#else
-static inline depot_stack_handle_t set_track_prepare(void)
+static inline depot_stack_handle_t set_track_prepare(gfp_t gfp_flags)
{
return 0;
}
@@ -996,9 +1002,9 @@ static void set_track_update(struct kmem_cache *s, void *object,
}
static __always_inline void set_track(struct kmem_cache *s, void *object,
- enum track_item alloc, unsigned long addr)
+ enum track_item alloc, unsigned long addr, gfp_t gfp_flags)
{
- depot_stack_handle_t handle = set_track_prepare();
+ depot_stack_handle_t handle = set_track_prepare(gfp_flags);
set_track_update(s, object, alloc, addr, handle);
}
@@ -1921,9 +1927,9 @@ static inline bool free_debug_processing(struct kmem_cache *s,
static inline void slab_pad_check(struct kmem_cache *s, struct slab *slab) {}
static inline int check_object(struct kmem_cache *s, struct slab *slab,
void *object, u8 val) { return 1; }
-static inline depot_stack_handle_t set_track_prepare(void) { return 0; }
+static inline depot_stack_handle_t set_track_prepare(gfp_t gfp_flags) { return 0; }
static inline void set_track(struct kmem_cache *s, void *object,
- enum track_item alloc, unsigned long addr) {}
+ enum track_item alloc, unsigned long addr, gfp_t gfp_flags) {}
static inline void add_full(struct kmem_cache *s, struct kmem_cache_node *n,
struct slab *slab) {}
static inline void remove_full(struct kmem_cache *s, struct kmem_cache_node *n,
@@ -3878,7 +3884,7 @@ static void *___slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
* tracking info and return the object.
*/
if (s->flags & SLAB_STORE_USER)
- set_track(s, freelist, TRACK_ALLOC, addr);
+ set_track(s, freelist, TRACK_ALLOC, addr, gfpflags);
return freelist;
}
@@ -3910,7 +3916,7 @@ static void *___slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
goto new_objects;
if (s->flags & SLAB_STORE_USER)
- set_track(s, freelist, TRACK_ALLOC, addr);
+ set_track(s, freelist, TRACK_ALLOC, addr, gfpflags);
return freelist;
}
@@ -4422,7 +4428,7 @@ static noinline void free_to_partial_list(
depot_stack_handle_t handle = 0;
if (s->flags & SLAB_STORE_USER)
- handle = set_track_prepare();
+ handle = set_track_prepare(__GFP_NOWARN);
spin_lock_irqsave(&n->list_lock, flags);
--
2.43.0
2 weeks, 2 days
- 1
- 0
[PATCH v2 3/3] drm/xe: Block exec and rebind worker while evicting for suspend / hibernate
by Thomas Hellström
When the xe pm_notifier evicts for suspend / hibernate, there might be
racing tasks trying to re-validate again. This can lead to suspend taking
excessive time or get stuck in a live-lock. This behaviour becomes
much worse with the fix that actually makes re-validation bring back
bos to VRAM rather than letting them remain in TT.
Prevent that by having exec and the rebind worker waiting for a completion
that is set to block by the pm_notifier before suspend and is signaled
by the pm_notifier after resume / wakeup.
It's probably still possible to craft malicious applications that block
suspending. More work is pending to fix that.
Link: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/4288
Fixes: c6a4d46ec1d7 ("drm/xe: evict user memory in PM notifier")
Cc: Matthew Auld <matthew.auld(a)intel.com>
Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com>
Cc: <stable(a)vger.kernel.org> # v6.16+
Signed-off-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com>
---
drivers/gpu/drm/xe/xe_device_types.h | 2 ++
drivers/gpu/drm/xe/xe_exec.c | 9 +++++++++
drivers/gpu/drm/xe/xe_pm.c | 4 ++++
drivers/gpu/drm/xe/xe_vm.c | 14 ++++++++++++++
4 files changed, 29 insertions(+)
diff --git a/drivers/gpu/drm/xe/xe_device_types.h b/drivers/gpu/drm/xe/xe_device_types.h
index 092004d14db2..6602bd678cbc 100644
--- a/drivers/gpu/drm/xe/xe_device_types.h
+++ b/drivers/gpu/drm/xe/xe_device_types.h
@@ -507,6 +507,8 @@ struct xe_device {
/** @pm_notifier: Our PM notifier to perform actions in response to various PM events. */
struct notifier_block pm_notifier;
+ /** @pm_block: Completion to block validating tasks on suspend / hibernate prepare */
+ struct completion pm_block;
/** @pmt: Support the PMT driver callback interface */
struct {
diff --git a/drivers/gpu/drm/xe/xe_exec.c b/drivers/gpu/drm/xe/xe_exec.c
index 44364c042ad7..374c831e691b 100644
--- a/drivers/gpu/drm/xe/xe_exec.c
+++ b/drivers/gpu/drm/xe/xe_exec.c
@@ -237,6 +237,15 @@ int xe_exec_ioctl(struct drm_device *dev, void *data, struct drm_file *file)
goto err_unlock_list;
}
+ /*
+ * It's OK to block interruptible here with the vm lock held, since
+ * on task freezing during suspend / hibernate, the call will
+ * return -ERESTARTSYS and the IOCTL will be rerun.
+ */
+ err = wait_for_completion_interruptible(&xe->pm_block);
+ if (err)
+ goto err_unlock_list;
+
vm_exec.vm = &vm->gpuvm;
vm_exec.flags = DRM_EXEC_INTERRUPTIBLE_WAIT;
if (xe_vm_in_lr_mode(vm)) {
diff --git a/drivers/gpu/drm/xe/xe_pm.c b/drivers/gpu/drm/xe/xe_pm.c
index bee9aacd82e7..f4c7a84270ea 100644
--- a/drivers/gpu/drm/xe/xe_pm.c
+++ b/drivers/gpu/drm/xe/xe_pm.c
@@ -306,6 +306,7 @@ static int xe_pm_notifier_callback(struct notifier_block *nb,
switch (action) {
case PM_HIBERNATION_PREPARE:
case PM_SUSPEND_PREPARE:
+ reinit_completion(&xe->pm_block);
xe_pm_runtime_get(xe);
err = xe_bo_evict_all_user(xe);
if (err)
@@ -322,6 +323,7 @@ static int xe_pm_notifier_callback(struct notifier_block *nb,
break;
case PM_POST_HIBERNATION:
case PM_POST_SUSPEND:
+ complete_all(&xe->pm_block);
xe_bo_notifier_unprepare_all_pinned(xe);
xe_pm_runtime_put(xe);
break;
@@ -348,6 +350,8 @@ int xe_pm_init(struct xe_device *xe)
if (err)
return err;
+ init_completion(&xe->pm_block);
+ complete_all(&xe->pm_block);
/* For now suspend/resume is only allowed with GuC */
if (!xe_device_uc_enabled(xe))
return 0;
diff --git a/drivers/gpu/drm/xe/xe_vm.c b/drivers/gpu/drm/xe/xe_vm.c
index 3ff3c67aa79d..edcdb0528f2a 100644
--- a/drivers/gpu/drm/xe/xe_vm.c
+++ b/drivers/gpu/drm/xe/xe_vm.c
@@ -394,6 +394,9 @@ static int xe_gpuvm_validate(struct drm_gpuvm_bo *vm_bo, struct drm_exec *exec)
list_move_tail(&gpuva_to_vma(gpuva)->combined_links.rebind,
&vm->rebind_list);
+ if (!try_wait_for_completion(&vm->xe->pm_block))
+ return -EAGAIN;
+
ret = xe_bo_validate(gem_to_xe_bo(vm_bo->obj), vm, false);
if (ret)
return ret;
@@ -494,6 +497,12 @@ static void preempt_rebind_work_func(struct work_struct *w)
xe_assert(vm->xe, xe_vm_in_preempt_fence_mode(vm));
trace_xe_vm_rebind_worker_enter(vm);
+ /*
+ * This blocks the wq during suspend / hibernate.
+ * Don't hold any locks.
+ */
+retry_pm:
+ wait_for_completion(&vm->xe->pm_block);
down_write(&vm->lock);
if (xe_vm_is_closed_or_banned(vm)) {
@@ -503,6 +512,11 @@ static void preempt_rebind_work_func(struct work_struct *w)
}
retry:
+ if (!try_wait_for_completion(&vm->xe->pm_block)) {
+ up_write(&vm->lock);
+ goto retry_pm;
+ }
+
if (xe_vm_userptr_check_repin(vm)) {
err = xe_vm_userptr_pin(vm);
if (err)
--
2.50.1
2 weeks, 2 days
- 1
- 0
[PATCH v5] mm: slub: avoid wake up kswapd in set_track_prepare
by yangshiguang1011@163.com
From: yangshiguang <yangshiguang(a)xiaomi.com>
From: yangshiguang <yangshiguang(a)xiaomi.com>
set_track_prepare() can incur lock recursion.
The issue is that it is called from hrtimer_start_range_ns
holding the per_cpu(hrtimer_bases)[n].lock, but when enabled
CONFIG_DEBUG_OBJECTS_TIMERS, may wake up kswapd in set_track_prepare,
and try to hold the per_cpu(hrtimer_bases)[n].lock.
Avoid deadlock caused by implicitly waking up kswapd by
passing in allocation flags. And the slab caller context has
preemption disabled, so __GFP_DIRECT_RECLAIM must not appear in gfp_flags.
The oops looks something like:
BUG: spinlock recursion on CPU#3, swapper/3/0
lock: 0xffffff8a4bf29c80, .magic: dead4ead, .owner: swapper/3/0, .owner_cpu: 3
Hardware name: Qualcomm Technologies, Inc. Popsicle based on SM8850 (DT)
Call trace:
spin_bug+0x0
_raw_spin_lock_irqsave+0x80
hrtimer_try_to_cancel+0x94
task_contending+0x10c
enqueue_dl_entity+0x2a4
dl_server_start+0x74
enqueue_task_fair+0x568
enqueue_task+0xac
do_activate_task+0x14c
ttwu_do_activate+0xcc
try_to_wake_up+0x6c8
default_wake_function+0x20
autoremove_wake_function+0x1c
__wake_up+0xac
wakeup_kswapd+0x19c
wake_all_kswapds+0x78
__alloc_pages_slowpath+0x1ac
__alloc_pages_noprof+0x298
stack_depot_save_flags+0x6b0
stack_depot_save+0x14
set_track_prepare+0x5c
___slab_alloc+0xccc
__kmalloc_cache_noprof+0x470
__set_page_owner+0x2bc
post_alloc_hook[jt]+0x1b8
prep_new_page+0x28
get_page_from_freelist+0x1edc
__alloc_pages_noprof+0x13c
alloc_slab_page+0x244
allocate_slab+0x7c
___slab_alloc+0x8e8
kmem_cache_alloc_noprof+0x450
debug_objects_fill_pool+0x22c
debug_object_activate+0x40
enqueue_hrtimer[jt]+0xdc
hrtimer_start_range_ns+0x5f8
...
Signed-off-by: yangshiguang <yangshiguang(a)xiaomi.com>
Fixes: 5cf909c553e9 ("mm/slub: use stackdepot to save stack trace in objects")
Cc: stable(a)vger.kernel.org
---
v1 -> v2:
propagate gfp flags to set_track_prepare()
v2 -> v3:
Remove the gfp restriction in set_track_prepare()
v3 -> v4:
Re-describe the comments in set_track_prepare.
v4 -> v5:
Modify the patch commit.
[1]https://lore.kernel.org/all/20250801065121.876793-1-yangshiguang1011@163.…
[2]https://lore.kernel.org/all/20250814111641.380629-2-yangshiguang1011@163.…
[3]https://lore.kernel.org/all/20250825121737.2535732-1-yangshiguang1011@163…
[4]https://lore.kernel.org/all/20250830020946.1767573-1-yangshiguang1011@163…
---
mm/slub.c | 26 ++++++++++++++++----------
1 file changed, 16 insertions(+), 10 deletions(-)
diff --git a/mm/slub.c b/mm/slub.c
index 30003763d224..b0af51a5321b 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -962,19 +962,25 @@ static struct track *get_track(struct kmem_cache *s, void *object,
}
#ifdef CONFIG_STACKDEPOT
-static noinline depot_stack_handle_t set_track_prepare(void)
+static noinline depot_stack_handle_t set_track_prepare(gfp_t gfp_flags)
{
depot_stack_handle_t handle;
unsigned long entries[TRACK_ADDRS_COUNT];
unsigned int nr_entries;
+ /*
+ * Preemption is disabled in ___slab_alloc() so we need to disallow
+ * blocking. The flags are further adjusted by gfp_nested_mask() in
+ * stack_depot itself.
+ */
+ gfp_flags &= ~(__GFP_DIRECT_RECLAIM);
nr_entries = stack_trace_save(entries, ARRAY_SIZE(entries), 3);
- handle = stack_depot_save(entries, nr_entries, GFP_NOWAIT);
+ handle = stack_depot_save(entries, nr_entries, gfp_flags);
return handle;
}
#else
-static inline depot_stack_handle_t set_track_prepare(void)
+static inline depot_stack_handle_t set_track_prepare(gfp_t gfp_flags)
{
return 0;
}
@@ -996,9 +1002,9 @@ static void set_track_update(struct kmem_cache *s, void *object,
}
static __always_inline void set_track(struct kmem_cache *s, void *object,
- enum track_item alloc, unsigned long addr)
+ enum track_item alloc, unsigned long addr, gfp_t gfp_flags)
{
- depot_stack_handle_t handle = set_track_prepare();
+ depot_stack_handle_t handle = set_track_prepare(gfp_flags);
set_track_update(s, object, alloc, addr, handle);
}
@@ -1921,9 +1927,9 @@ static inline bool free_debug_processing(struct kmem_cache *s,
static inline void slab_pad_check(struct kmem_cache *s, struct slab *slab) {}
static inline int check_object(struct kmem_cache *s, struct slab *slab,
void *object, u8 val) { return 1; }
-static inline depot_stack_handle_t set_track_prepare(void) { return 0; }
+static inline depot_stack_handle_t set_track_prepare(gfp_t gfp_flags) { return 0; }
static inline void set_track(struct kmem_cache *s, void *object,
- enum track_item alloc, unsigned long addr) {}
+ enum track_item alloc, unsigned long addr, gfp_t gfp_flags) {}
static inline void add_full(struct kmem_cache *s, struct kmem_cache_node *n,
struct slab *slab) {}
static inline void remove_full(struct kmem_cache *s, struct kmem_cache_node *n,
@@ -3878,7 +3884,7 @@ static void *___slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
* tracking info and return the object.
*/
if (s->flags & SLAB_STORE_USER)
- set_track(s, freelist, TRACK_ALLOC, addr);
+ set_track(s, freelist, TRACK_ALLOC, addr, gfpflags);
return freelist;
}
@@ -3910,7 +3916,7 @@ static void *___slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
goto new_objects;
if (s->flags & SLAB_STORE_USER)
- set_track(s, freelist, TRACK_ALLOC, addr);
+ set_track(s, freelist, TRACK_ALLOC, addr, gfpflags);
return freelist;
}
@@ -4422,7 +4428,7 @@ static noinline void free_to_partial_list(
depot_stack_handle_t handle = 0;
if (s->flags & SLAB_STORE_USER)
- handle = set_track_prepare();
+ handle = set_track_prepare(__GFP_NOWARN);
spin_lock_irqsave(&n->list_lock, flags);
--
2.43.0
2 weeks, 2 days
- 1
- 0
[PATCH v5] mm: slub: avoid wake up kswapd in set_track_prepare
by yangshiguang1011@163.com
From: yangshiguang <yangshiguang(a)xiaomi.com>
From: yangshiguang <yangshiguang(a)xiaomi.com>
set_track_prepare() can incur lock recursion.
The issue is that it is called from hrtimer_start_range_ns
holding the per_cpu(hrtimer_bases)[n].lock, but when enabled
CONFIG_DEBUG_OBJECTS_TIMERS, may wake up kswapd in set_track_prepare,
and try to hold the per_cpu(hrtimer_bases)[n].lock.
Avoid deadlock caused by implicitly waking up kswapd by
passing in allocation flags. And the slab caller context has
preemption disabled, so __GFP_DIRECT_RECLAIM must not appear in gfp_flags.
The oops looks something like:
BUG: spinlock recursion on CPU#3, swapper/3/0
lock: 0xffffff8a4bf29c80, .magic: dead4ead, .owner: swapper/3/0, .owner_cpu: 3
Hardware name: Qualcomm Technologies, Inc. Popsicle based on SM8850 (DT)
Call trace:
spin_bug+0x0
_raw_spin_lock_irqsave+0x80
hrtimer_try_to_cancel+0x94
task_contending+0x10c
enqueue_dl_entity+0x2a4
dl_server_start+0x74
enqueue_task_fair+0x568
enqueue_task+0xac
do_activate_task+0x14c
ttwu_do_activate+0xcc
try_to_wake_up+0x6c8
default_wake_function+0x20
autoremove_wake_function+0x1c
__wake_up+0xac
wakeup_kswapd+0x19c
wake_all_kswapds+0x78
__alloc_pages_slowpath+0x1ac
__alloc_pages_noprof+0x298
stack_depot_save_flags+0x6b0
stack_depot_save+0x14
set_track_prepare+0x5c
___slab_alloc+0xccc
__kmalloc_cache_noprof+0x470
__set_page_owner+0x2bc
post_alloc_hook[jt]+0x1b8
prep_new_page+0x28
get_page_from_freelist+0x1edc
__alloc_pages_noprof+0x13c
alloc_slab_page+0x244
allocate_slab+0x7c
___slab_alloc+0x8e8
kmem_cache_alloc_noprof+0x450
debug_objects_fill_pool+0x22c
debug_object_activate+0x40
enqueue_hrtimer[jt]+0xdc
hrtimer_start_range_ns+0x5f8
...
Signed-off-by: yangshiguang <yangshiguang(a)xiaomi.com>
Fixes: 5cf909c553e9 ("mm/slub: use stackdepot to save stack trace in objects")
Cc: stable(a)vger.kernel.org
---
v1 -> v2:
propagate gfp flags to set_track_prepare()
v2 -> v3:
Remove the gfp restriction in set_track_prepare()
v3 -> v4:
Re-describe the comments in set_track_prepare.
v4 -> v5:
Modify the patch commit.
[1]https://lore.kernel.org/all/20250801065121.876793-1-yangshiguang1011@163.…
[2]https://lore.kernel.org/all/20250814111641.380629-2-yangshiguang1011@163.…
[3]https://lore.kernel.org/all/20250825121737.2535732-1-yangshiguang1011@163…
[4]https://lore.kernel.org/all/20250830020946.1767573-1-yangshiguang1011@163…
---
mm/slub.c | 26 ++++++++++++++++----------
1 file changed, 16 insertions(+), 10 deletions(-)
diff --git a/mm/slub.c b/mm/slub.c
index 30003763d224..b0af51a5321b 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -962,19 +962,25 @@ static struct track *get_track(struct kmem_cache *s, void *object,
}
#ifdef CONFIG_STACKDEPOT
-static noinline depot_stack_handle_t set_track_prepare(void)
+static noinline depot_stack_handle_t set_track_prepare(gfp_t gfp_flags)
{
depot_stack_handle_t handle;
unsigned long entries[TRACK_ADDRS_COUNT];
unsigned int nr_entries;
+ /*
+ * Preemption is disabled in ___slab_alloc() so we need to disallow
+ * blocking. The flags are further adjusted by gfp_nested_mask() in
+ * stack_depot itself.
+ */
+ gfp_flags &= ~(__GFP_DIRECT_RECLAIM);
nr_entries = stack_trace_save(entries, ARRAY_SIZE(entries), 3);
- handle = stack_depot_save(entries, nr_entries, GFP_NOWAIT);
+ handle = stack_depot_save(entries, nr_entries, gfp_flags);
return handle;
}
#else
-static inline depot_stack_handle_t set_track_prepare(void)
+static inline depot_stack_handle_t set_track_prepare(gfp_t gfp_flags)
{
return 0;
}
@@ -996,9 +1002,9 @@ static void set_track_update(struct kmem_cache *s, void *object,
}
static __always_inline void set_track(struct kmem_cache *s, void *object,
- enum track_item alloc, unsigned long addr)
+ enum track_item alloc, unsigned long addr, gfp_t gfp_flags)
{
- depot_stack_handle_t handle = set_track_prepare();
+ depot_stack_handle_t handle = set_track_prepare(gfp_flags);
set_track_update(s, object, alloc, addr, handle);
}
@@ -1921,9 +1927,9 @@ static inline bool free_debug_processing(struct kmem_cache *s,
static inline void slab_pad_check(struct kmem_cache *s, struct slab *slab) {}
static inline int check_object(struct kmem_cache *s, struct slab *slab,
void *object, u8 val) { return 1; }
-static inline depot_stack_handle_t set_track_prepare(void) { return 0; }
+static inline depot_stack_handle_t set_track_prepare(gfp_t gfp_flags) { return 0; }
static inline void set_track(struct kmem_cache *s, void *object,
- enum track_item alloc, unsigned long addr) {}
+ enum track_item alloc, unsigned long addr, gfp_t gfp_flags) {}
static inline void add_full(struct kmem_cache *s, struct kmem_cache_node *n,
struct slab *slab) {}
static inline void remove_full(struct kmem_cache *s, struct kmem_cache_node *n,
@@ -3878,7 +3884,7 @@ static void *___slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
* tracking info and return the object.
*/
if (s->flags & SLAB_STORE_USER)
- set_track(s, freelist, TRACK_ALLOC, addr);
+ set_track(s, freelist, TRACK_ALLOC, addr, gfpflags);
return freelist;
}
@@ -3910,7 +3916,7 @@ static void *___slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
goto new_objects;
if (s->flags & SLAB_STORE_USER)
- set_track(s, freelist, TRACK_ALLOC, addr);
+ set_track(s, freelist, TRACK_ALLOC, addr, gfpflags);
return freelist;
}
@@ -4422,7 +4428,7 @@ static noinline void free_to_partial_list(
depot_stack_handle_t handle = 0;
if (s->flags & SLAB_STORE_USER)
- handle = set_track_prepare();
+ handle = set_track_prepare(__GFP_NOWARN);
spin_lock_irqsave(&n->list_lock, flags);
--
2.43.0
2 weeks, 2 days
- 1
- 0
[PATCH v2] mm: memory-tiering: fix PGPROMOTE_CANDIDATE counting
by Ruan Shiyang
Goto-san reported confusing pgpromote statistics where the
pgpromote_success count significantly exceeded pgpromote_candidate.
On a system with three nodes (nodes 0-1: DRAM 4GB, node 2: NVDIMM 4GB):
# Enable demotion only
echo 1 > /sys/kernel/mm/numa/demotion_enabled
numactl -m 0-1 memhog -r200 3500M >/dev/null &
pid=$!
sleep 2
numactl memhog -r100 2500M >/dev/null &
sleep 10
kill -9 $pid # terminate the 1st memhog
# Enable promotion
echo 2 > /proc/sys/kernel/numa_balancing
After a few seconds, we observeed `pgpromote_candidate < pgpromote_success`
$ grep -e pgpromote /proc/vmstat
pgpromote_success 2579
pgpromote_candidate 0
In this scenario, after terminating the first memhog, the conditions for
pgdat_free_space_enough() are quickly met, and triggers promotion.
However, these migrated pages are only counted for in PGPROMOTE_SUCCESS,
not in PGPROMOTE_CANDIDATE.
To solve these confusing statistics, introduce PGPROMOTE_CANDIDATE_NRL to
count the missed promotion pages. And also, not counting these pages into
PGPROMOTE_CANDIDATE is to avoid changing the existing algorithm or
performance of the promotion rate limit.
Link: https://lkml.kernel.org/r/20250729035101.1601407-1-ruansy.fnst@fujitsu.com
Co-developed-by: Li Zhijian <lizhijian(a)fujitsu.com>
Signed-off-by: Ruan Shiyang <ruansy.fnst(a)fujitsu.com>
Reported-by: Yasunori Gotou (Fujitsu) <y-goto(a)fujitsu.com>
Suggested-by: Huang Ying <ying.huang(a)linux.alibaba.com>
Acked-by: Vlastimil Babka <vbabka(a)suse.cz>
Cc: Ingo Molnar <mingo(a)redhat.com>
Cc: Peter Zijlstra <peterz(a)infradead.org>
Cc: Juri Lelli <juri.lelli(a)redhat.com>
Cc: Vincent Guittot <vincent.guittot(a)linaro.org>
Cc: Dietmar Eggemann <dietmar.eggemann(a)arm.com>
Cc: Steven Rostedt <rostedt(a)goodmis.org>
Cc: Ben Segall <bsegall(a)google.com>
Cc: Mel Gorman <mgorman(a)suse.de>
Cc: Valentin Schneider <vschneid(a)redhat.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
Changes since v1:
1. change Li Zhijian from 'Signed-off-by' to 'Co-developed-by' per Vlastimil.
2. add Acked-by: Vlastimil Babka <vbabka(a)suse.cz>
---
include/linux/mmzone.h | 16 +++++++++++++++-
kernel/sched/fair.c | 5 +++--
mm/vmstat.c | 1 +
3 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/include/linux/mmzone.h b/include/linux/mmzone.h
index 0c5da9141983..9d3ea9085556 100644
--- a/include/linux/mmzone.h
+++ b/include/linux/mmzone.h
@@ -234,7 +234,21 @@ enum node_stat_item {
#endif
#ifdef CONFIG_NUMA_BALANCING
PGPROMOTE_SUCCESS, /* promote successfully */
- PGPROMOTE_CANDIDATE, /* candidate pages to promote */
+ /**
+ * Candidate pages for promotion based on hint fault latency. This
+ * counter is used to control the promotion rate and adjust the hot
+ * threshold.
+ */
+ PGPROMOTE_CANDIDATE,
+ /**
+ * Not rate-limited (NRL) candidate pages for those can be promoted
+ * without considering hot threshold because of enough free pages in
+ * fast-tier node. These promotions bypass the regular hotness checks
+ * and do NOT influence the promotion rate-limiter or
+ * threshold-adjustment logic.
+ * This is for statistics/monitoring purposes.
+ */
+ PGPROMOTE_CANDIDATE_NRL,
#endif
/* PGDEMOTE_*: pages demoted */
PGDEMOTE_KSWAPD,
diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c
index b173a059315c..82c8d804c54c 100644
--- a/kernel/sched/fair.c
+++ b/kernel/sched/fair.c
@@ -1923,11 +1923,13 @@ bool should_numa_migrate_memory(struct task_struct *p, struct folio *folio,
struct pglist_data *pgdat;
unsigned long rate_limit;
unsigned int latency, th, def_th;
+ long nr = folio_nr_pages(folio);
pgdat = NODE_DATA(dst_nid);
if (pgdat_free_space_enough(pgdat)) {
/* workload changed, reset hot threshold */
pgdat->nbp_threshold = 0;
+ mod_node_page_state(pgdat, PGPROMOTE_CANDIDATE_NRL, nr);
return true;
}
@@ -1941,8 +1943,7 @@ bool should_numa_migrate_memory(struct task_struct *p, struct folio *folio,
if (latency >= th)
return false;
- return !numa_promotion_rate_limit(pgdat, rate_limit,
- folio_nr_pages(folio));
+ return !numa_promotion_rate_limit(pgdat, rate_limit, nr);
}
this_cpupid = cpu_pid_to_cpupid(dst_cpu, current->pid);
diff --git a/mm/vmstat.c b/mm/vmstat.c
index 71cd1ceba191..e74f0b2a1021 100644
--- a/mm/vmstat.c
+++ b/mm/vmstat.c
@@ -1280,6 +1280,7 @@ const char * const vmstat_text[] = {
#ifdef CONFIG_NUMA_BALANCING
[I(PGPROMOTE_SUCCESS)] = "pgpromote_success",
[I(PGPROMOTE_CANDIDATE)] = "pgpromote_candidate",
+ [I(PGPROMOTE_CANDIDATE_NRL)] = "pgpromote_candidate_nrl",
#endif
[I(PGDEMOTE_KSWAPD)] = "pgdemote_kswapd",
[I(PGDEMOTE_DIRECT)] = "pgdemote_direct",
--
2.43.0
2 weeks, 2 days
- 2
- 1
[PATCH] iommu/intel: Fix __domain_mapping()'s usage of switch_to_super_page()
by Eugene Koira
switch_to_super_page() assumes the memory range it's working on is aligned
to the target large page level. Unfortunately, __domain_mapping() doesn't
take this into account when using it, and will pass unaligned ranges
ultimately freeing a PTE range larger than expected.
Take for example a mapping with the following iov_pfn range [0x3fe400,
0x4c0600], which should be backed by the following mappings:
iov_pfn [0x3fe400, 0x3fffff] covered by 2MiB pages
iov_pfn [0x400000, 0x4bffff] covered by 1GiB pages
iov_pfn [0x4c0000, 0x4c05ff] covered by 2MiB pages
Under this circumstance, __domain_mapping() will pass [0x400000, 0x4c05ff]
to switch_to_super_page() at a 1 GiB granularity, which will in turn
free PTEs all the way to iov_pfn 0x4fffff.
Mitigate this by rounding down the iov_pfn range passed to
switch_to_super_page() in __domain_mapping()
to the target large page level.
Additionally add range alignment checks to switch_to_super_page.
Fixes: 9906b9352a35 ("iommu/vt-d: Avoid duplicate removing in __domain_mapping()")
Signed-off-by: Eugene Koira <eugkoira(a)amazon.com>
Cc: stable(a)vger.kernel.org
---
drivers/iommu/intel/iommu.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
index 9c3ab9d9f69a..dff2d895b8ab 100644
--- a/drivers/iommu/intel/iommu.c
+++ b/drivers/iommu/intel/iommu.c
@@ -1575,6 +1575,10 @@ static void switch_to_super_page(struct dmar_domain *domain,
unsigned long lvl_pages = lvl_to_nr_pages(level);
struct dma_pte *pte = NULL;
+ if (WARN_ON(!IS_ALIGNED(start_pfn, lvl_pages) ||
+ !IS_ALIGNED(end_pfn + 1, lvl_pages)))
+ return;
+
while (start_pfn <= end_pfn) {
if (!pte)
pte = pfn_to_dma_pte(domain, start_pfn, &level,
@@ -1650,7 +1654,8 @@ __domain_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
unsigned long pages_to_remove;
pteval |= DMA_PTE_LARGE_PAGE;
- pages_to_remove = min_t(unsigned long, nr_pages,
+ pages_to_remove = min_t(unsigned long,
+ round_down(nr_pages, lvl_pages),
nr_pte_to_next_page(pte) * lvl_pages);
end_pfn = iov_pfn + pages_to_remove - 1;
switch_to_super_page(domain, iov_pfn, end_pfn, largepage_lvl);
--
2.47.3
Amazon Development Center (Netherlands) B.V., Johanna Westerdijkplein 1, NL-2521 EN The Hague, Registration No. Chamber of Commerce 56869649, VAT: NL 852339859B01
2 weeks, 3 days
- 4
- 5
[PATCH] coresight: trbe: Fix incorrect error check for devm_kzalloc
by Miaoqian Lin
Fix incorrect use of IS_ERR() to check devm_kzalloc() return value.
devm_kzalloc() returns NULL on failure, not an error pointer.
This issue was introduced by commit 4277f035d227
("coresight: trbe: Add a representative coresight_platform_data for TRBE")
which replaced the original function but didn't update the error check.
Fixes: 4277f035d227 ("coresight: trbe: Add a representative coresight_platform_data for TRBE")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/hwtracing/coresight/coresight-trbe.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/hwtracing/coresight/coresight-trbe.c b/drivers/hwtracing/coresight/coresight-trbe.c
index 8267dd1a2130..caf873adfc3a 100644
--- a/drivers/hwtracing/coresight/coresight-trbe.c
+++ b/drivers/hwtracing/coresight/coresight-trbe.c
@@ -1279,7 +1279,7 @@ static void arm_trbe_register_coresight_cpu(struct trbe_drvdata *drvdata, int cp
* into the device for that purpose.
*/
desc.pdata = devm_kzalloc(dev, sizeof(*desc.pdata), GFP_KERNEL);
- if (IS_ERR(desc.pdata))
+ if (!desc.pdata)
goto cpu_clear;
desc.type = CORESIGHT_DEV_TYPE_SINK;
--
2.35.1
2 weeks, 3 days
- 2
- 1
+ mm-fix-folio_expected_ref_count-when-pg_private_2.patch added to mm-new branch
by Andrew Morton
The patch titled
Subject: mm: fix folio_expected_ref_count() when PG_private_2
has been added to the -mm mm-new branch. Its filename is
mm-fix-folio_expected_ref_count-when-pg_private_2.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-new branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Note, mm-new is a provisional staging ground for work-in-progress
patches, and acceptance into mm-new is a notification for others take
notice and to finish up reviews. Please do not hesitate to respond to
review feedback and post updated versions to replace or incrementally
fixup patches in mm-new.
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Hugh Dickins <hughd(a)google.com>
Subject: mm: fix folio_expected_ref_count() when PG_private_2
Date: Sun, 31 Aug 2025 02:01:16 -0700 (PDT)
6.16's folio_expected_ref_count() is forgetting the PG_private_2 flag,
which (like PG_private, but not in addition to PG_private) counts for 1
more reference: it needs to be using folio_has_private() in place of
folio_test_private().
But this went wrong earlier: folio_expected_ref_count() was based on (and
replaced) mm/migrate.c's folio_expected_refs(), which has been using
folio_test_private() since 6.0 converted to folios(): before that,
expected_page_refs() was correctly using page_has_private().
Just a few filesystems are still using PG_private_2 a.k.a. PG_fscache.
Potentially, this fix re-enables page migration on their folios; but it
would not be surprising to learn that in practice those folios are not
migratable for other reasons.
Link: https://lkml.kernel.org/r/f91ee36e-a8cb-e3a4-c23b-524ff3848da7@google.com
Fixes: 86ebd50224c0 ("mm: add folio_expected_ref_count() for reference count calculation")
Fixes: 108ca8358139 ("mm/migrate: Convert expected_page_refs() to folio_expected_refs()")
Signed-off-by: Hugh Dickins <hughd(a)google.com>
Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)kernel.org>
Cc: Axel Rasmussen <axelrasmussen(a)google.com>
Cc: Chris Li <chrisl(a)kernel.org>
Cc: Christoph Hellwig <hch(a)infradead.org>
Cc: David Hildenbrand <david(a)redhat.com>
Cc: Jason Gunthorpe <jgg(a)ziepe.ca>
Cc: Johannes Weiner <hannes(a)cmpxchg.org>
Cc: John Hubbard <jhubbard(a)nvidia.com>
Cc: Keir Fraser <keirf(a)google.com>
Cc: Konstantin Khlebnikov <koct9i(a)gmail.com>
Cc: Li Zhe <lizhe.67(a)bytedance.com>
Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org>
Cc: Peter Xu <peterx(a)redhat.com>
Cc: Shivank Garg <shivankg(a)amd.com>
Cc: Vlastimil Babka <vbabka(a)suse.cz>
Cc: Wei Xu <weixugc(a)google.com>
Cc: Will Deacon <will(a)kernel.org>
Cc: yangge <yangge1116(a)126.com>
Cc: Yuanchu Xie <yuanchu(a)google.com>
Cc: Yu Zhao <yuzhao(a)google.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
include/linux/mm.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/include/linux/mm.h~mm-fix-folio_expected_ref_count-when-pg_private_2
+++ a/include/linux/mm.h
@@ -2234,8 +2234,8 @@ static inline int folio_expected_ref_cou
} else {
/* One reference per page from the pagecache. */
ref_count += !!folio->mapping << order;
- /* One reference from PG_private. */
- ref_count += folio_test_private(folio);
+ /* One reference from PG_private or PG_private_2. */
+ ref_count += folio_has_private(folio);
}
/* One reference per page table mapping. */
_
Patches currently in -mm which might be from hughd(a)google.com are
mm-fix-folio_expected_ref_count-when-pg_private_2.patch
mm-gup-check-ref_count-instead-of-lru-before-migration.patch
mm-gup-local-lru_add_drain-to-avoid-lru_add_drain_all.patch
mm-revert-mm-gup-clear-the-lru-flag-of-a-page-before-adding-to-lru-batch.patch
mm-revert-mm-vmscanc-fix-oom-on-swap-stress-test.patch
mm-folio_may_be_cached-unless-folio_test_large.patch
mm-lru_add_drain_all-do-local-lru_add_drain-first.patch
2 weeks, 3 days
- 2
- 1
PCI: dwc: Ensure that dw_pcie_wait_for_link() waits 100 ms after link up
by Marek Vasut
Please backport the following commit into Linux v5.4 and newer stable
releases:
80dc18a0cba8dea42614f021b20a04354b213d86
The backport will likely depend on macro rename commit:
817f989700fddefa56e5e443e7d138018ca6709d
This part of commit description clarifies why this is a fix:
"
As per PCIe r6.0, sec 6.6.1, a Downstream Port that supports Link speeds
greater than 5.0 GT/s, software must wait a minimum of 100 ms after Link
training completes before sending a Configuration Request.
"
In practice, this makes detection of PCIe Gen3 and Gen4 SSDs reliable on
Renesas R-Car V4H SoC. Without this commit, the SSDs sporadically do not
get detected, or sometimes they link up in Gen1 mode.
This fixes commit
886bc5ceb5cc ("PCI: designware: Add generic dw_pcie_wait_for_link()")
which is in v4.5-rc1-4-g886bc5ceb5cc3 , so I think this fix should be
backported to all currently maintained stable releases, i.e. v5.4+ .
Thank you
--
Best regards,
Marek Vasut
2 weeks, 3 days
- 2
- 2
+ mm-folio_may_be_cached-unless-folio_test_large.patch added to mm-new branch
by Andrew Morton
The patch titled
Subject: mm: folio_may_be_cached() unless folio_test_large()
has been added to the -mm mm-new branch. Its filename is
mm-folio_may_be_cached-unless-folio_test_large.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-new branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Note, mm-new is a provisional staging ground for work-in-progress
patches, and acceptance into mm-new is a notification for others take
notice and to finish up reviews. Please do not hesitate to respond to
review feedback and post updated versions to replace or incrementally
fixup patches in mm-new.
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Hugh Dickins <hughd(a)google.com>
Subject: mm: folio_may_be_cached() unless folio_test_large()
Date: Sun, 31 Aug 2025 02:16:25 -0700 (PDT)
mm/swap.c and mm/mlock.c agree to drain any per-CPU batch as soon as a
large folio is added: so collect_longterm_unpinnable_folios() just wastes
effort when calling lru_add_drain_all() on a large folio.
But although there is good reason not to batch up PMD-sized folios, we
might well benefit from batching a small number of low-order mTHPs (though
unclear how that "small number" limitation will be implemented).
So ask if folio_may_be_cached() rather than !folio_test_large(), to
insulate those particular checks from future change. Name preferred to
"folio_is_batchable" because large folios can well be put on a batch: it's
just the per-CPU LRU caches, drained much later, which need care.
Marked for stable, to counter the increase in lru_add_drain_all()s from
"mm/gup: check ref_count instead of lru before migration".
Link: https://lkml.kernel.org/r/861c061c-51cd-b940-49df-9f55e1fee2c8@google.com
Signed-off-by: Hugh Dickins <hughd(a)google.com>
Suggested-by: David Hildenbrand <david(a)redhat.com>
Cc: <stable(a)vger.kernel.org>
Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)kernel.org>
Cc: Axel Rasmussen <axelrasmussen(a)google.com>
Cc: Chris Li <chrisl(a)kernel.org>
Cc: Christoph Hellwig <hch(a)infradead.org>
Cc: Jason Gunthorpe <jgg(a)ziepe.ca>
Cc: Johannes Weiner <hannes(a)cmpxchg.org>
Cc: John Hubbard <jhubbard(a)nvidia.com>
Cc: Keir Fraser <keirf(a)google.com>
Cc: Konstantin Khlebnikov <koct9i(a)gmail.com>
Cc: Li Zhe <lizhe.67(a)bytedance.com>
Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org>
Cc: Peter Xu <peterx(a)redhat.com>
Cc: Shivank Garg <shivankg(a)amd.com>
Cc: Vlastimil Babka <vbabka(a)suse.cz>
Cc: Wei Xu <weixugc(a)google.com>
Cc: Will Deacon <will(a)kernel.org>
Cc: yangge <yangge1116(a)126.com>
Cc: Yuanchu Xie <yuanchu(a)google.com>
Cc: Yu Zhao <yuzhao(a)google.com>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
include/linux/swap.h | 10 ++++++++++
mm/gup.c | 5 +++--
mm/mlock.c | 6 +++---
mm/swap.c | 2 +-
4 files changed, 17 insertions(+), 6 deletions(-)
--- a/include/linux/swap.h~mm-folio_may_be_cached-unless-folio_test_large
+++ a/include/linux/swap.h
@@ -381,6 +381,16 @@ void folio_add_lru_vma(struct folio *, s
void mark_page_accessed(struct page *);
void folio_mark_accessed(struct folio *);
+static inline bool folio_may_be_cached(struct folio *folio)
+{
+ /*
+ * Holding PMD-sized folios in per-CPU LRU cache unbalances accounting.
+ * Holding small numbers of low-order mTHP folios in per-CPU LRU cache
+ * will be sensible, but nobody has implemented and tested that yet.
+ */
+ return !folio_test_large(folio);
+}
+
extern atomic_t lru_disable_count;
static inline bool lru_cache_disabled(void)
--- a/mm/gup.c~mm-folio_may_be_cached-unless-folio_test_large
+++ a/mm/gup.c
@@ -2309,8 +2309,9 @@ static unsigned long collect_longterm_un
continue;
}
- if (drain_allow && folio_ref_count(folio) !=
- folio_expected_ref_count(folio) + 1) {
+ if (drain_allow && folio_may_be_cached(folio) &&
+ folio_ref_count(folio) !=
+ folio_expected_ref_count(folio) + 1) {
lru_add_drain_all();
drain_allow = false;
}
--- a/mm/mlock.c~mm-folio_may_be_cached-unless-folio_test_large
+++ a/mm/mlock.c
@@ -255,7 +255,7 @@ void mlock_folio(struct folio *folio)
folio_get(folio);
if (!folio_batch_add(fbatch, mlock_lru(folio)) ||
- folio_test_large(folio) || lru_cache_disabled())
+ !folio_may_be_cached(folio) || lru_cache_disabled())
mlock_folio_batch(fbatch);
local_unlock(&mlock_fbatch.lock);
}
@@ -278,7 +278,7 @@ void mlock_new_folio(struct folio *folio
folio_get(folio);
if (!folio_batch_add(fbatch, mlock_new(folio)) ||
- folio_test_large(folio) || lru_cache_disabled())
+ !folio_may_be_cached(folio) || lru_cache_disabled())
mlock_folio_batch(fbatch);
local_unlock(&mlock_fbatch.lock);
}
@@ -299,7 +299,7 @@ void munlock_folio(struct folio *folio)
*/
folio_get(folio);
if (!folio_batch_add(fbatch, folio) ||
- folio_test_large(folio) || lru_cache_disabled())
+ !folio_may_be_cached(folio) || lru_cache_disabled())
mlock_folio_batch(fbatch);
local_unlock(&mlock_fbatch.lock);
}
--- a/mm/swap.c~mm-folio_may_be_cached-unless-folio_test_large
+++ a/mm/swap.c
@@ -192,7 +192,7 @@ static void __folio_batch_add_and_move(s
local_lock(&cpu_fbatches.lock);
if (!folio_batch_add(this_cpu_ptr(fbatch), folio) ||
- folio_test_large(folio) || lru_cache_disabled())
+ !folio_may_be_cached(folio) || lru_cache_disabled())
folio_batch_move_lru(this_cpu_ptr(fbatch), move_fn);
if (disable_irq)
_
Patches currently in -mm which might be from hughd(a)google.com are
mm-fix-folio_expected_ref_count-when-pg_private_2.patch
mm-gup-check-ref_count-instead-of-lru-before-migration.patch
mm-gup-local-lru_add_drain-to-avoid-lru_add_drain_all.patch
mm-revert-mm-gup-clear-the-lru-flag-of-a-page-before-adding-to-lru-batch.patch
mm-revert-mm-vmscanc-fix-oom-on-swap-stress-test.patch
mm-folio_may_be_cached-unless-folio_test_large.patch
mm-lru_add_drain_all-do-local-lru_add_drain-first.patch
2 weeks, 3 days
- 1
- 0
+ mm-revert-mm-vmscanc-fix-oom-on-swap-stress-test.patch added to mm-new branch
by Andrew Morton
The patch titled
Subject: mm: Revert "mm: vmscan.c: fix OOM on swap stress test"
has been added to the -mm mm-new branch. Its filename is
mm-revert-mm-vmscanc-fix-oom-on-swap-stress-test.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-new branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Note, mm-new is a provisional staging ground for work-in-progress
patches, and acceptance into mm-new is a notification for others take
notice and to finish up reviews. Please do not hesitate to respond to
review feedback and post updated versions to replace or incrementally
fixup patches in mm-new.
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Hugh Dickins <hughd(a)google.com>
Subject: mm: Revert "mm: vmscan.c: fix OOM on swap stress test"
Date: Sun, 31 Aug 2025 02:13:55 -0700 (PDT)
This reverts commit 0885ef4705607936fc36a38fd74356e1c465b023: that
was a fix to the reverted 33dfe9204f29b415bbc0abb1a50642d1ba94f5e9.
Link: https://lkml.kernel.org/r/bd440614-3d2c-31d6-1b8f-9635c69cef7c@google.com
Fixes: 0885ef470560 ("mm: vmscan.c: fix OOM on swap stress test")
Signed-off-by: Hugh Dickins <hughd(a)google.com>
Cc: <stable(a)vger.kernel.org>
Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)kernel.org>
Cc: Axel Rasmussen <axelrasmussen(a)google.com>
Cc: Chris Li <chrisl(a)kernel.org>
Cc: Christoph Hellwig <hch(a)infradead.org>
Cc: David Hildenbrand <david(a)redhat.com>
Cc: Jason Gunthorpe <jgg(a)ziepe.ca>
Cc: Johannes Weiner <hannes(a)cmpxchg.org>
Cc: John Hubbard <jhubbard(a)nvidia.com>
Cc: Keir Fraser <keirf(a)google.com>
Cc: Konstantin Khlebnikov <koct9i(a)gmail.com>
Cc: Li Zhe <lizhe.67(a)bytedance.com>
Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org>
Cc: Peter Xu <peterx(a)redhat.com>
Cc: Shivank Garg <shivankg(a)amd.com>
Cc: Vlastimil Babka <vbabka(a)suse.cz>
Cc: Wei Xu <weixugc(a)google.com>
Cc: Will Deacon <will(a)kernel.org>
Cc: yangge <yangge1116(a)126.com>
Cc: Yuanchu Xie <yuanchu(a)google.com>
Cc: Yu Zhao <yuzhao(a)google.com>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/vmscan.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/mm/vmscan.c~mm-revert-mm-vmscanc-fix-oom-on-swap-stress-test
+++ a/mm/vmscan.c
@@ -4500,7 +4500,7 @@ static bool sort_folio(struct lruvec *lr
}
/* ineligible */
- if (!folio_test_lru(folio) || zone > sc->reclaim_idx) {
+ if (zone > sc->reclaim_idx) {
gen = folio_inc_gen(lruvec, folio, false);
list_move_tail(&folio->lru, &lrugen->folios[gen][type][zone]);
return true;
_
Patches currently in -mm which might be from hughd(a)google.com are
mm-fix-folio_expected_ref_count-when-pg_private_2.patch
mm-gup-check-ref_count-instead-of-lru-before-migration.patch
mm-gup-local-lru_add_drain-to-avoid-lru_add_drain_all.patch
mm-revert-mm-gup-clear-the-lru-flag-of-a-page-before-adding-to-lru-batch.patch
mm-revert-mm-vmscanc-fix-oom-on-swap-stress-test.patch
mm-folio_may_be_cached-unless-folio_test_large.patch
mm-lru_add_drain_all-do-local-lru_add_drain-first.patch
2 weeks, 3 days
- 1
- 0
+ mm-revert-mm-gup-clear-the-lru-flag-of-a-page-before-adding-to-lru-batch.patch added to mm-new branch
by Andrew Morton
The patch titled
Subject: mm: Revert "mm/gup: clear the LRU flag of a page before adding to LRU batch"
has been added to the -mm mm-new branch. Its filename is
mm-revert-mm-gup-clear-the-lru-flag-of-a-page-before-adding-to-lru-batch.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-new branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Note, mm-new is a provisional staging ground for work-in-progress
patches, and acceptance into mm-new is a notification for others take
notice and to finish up reviews. Please do not hesitate to respond to
review feedback and post updated versions to replace or incrementally
fixup patches in mm-new.
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Hugh Dickins <hughd(a)google.com>
Subject: mm: Revert "mm/gup: clear the LRU flag of a page before adding to LRU batch"
Date: Sun, 31 Aug 2025 02:11:33 -0700 (PDT)
This reverts commit 33dfe9204f29b415bbc0abb1a50642d1ba94f5e9: now that
collect_longterm_unpinnable_folios() is checking ref_count instead of lru,
and mlock/munlock do not participate in the revised LRU flag clearing,
those changes are misleading, and enlarge the window during which
mlock/munlock may miss an mlock_count update.
It is possible (I'd hesitate to claim probable) that the greater
likelihood of missed mlock_count updates would explain the "Realtime
threads delayed due to kcompactd0" observed on 6.12 in the Link below. If
that is the case, this reversion will help; but a complete solution needs
also a further patch, beyond the scope of this series.
Included some 80-column cleanup around folio_batch_add_and_move().
The role of folio_test_clear_lru() (before taking per-memcg lru_lock) is
questionable since 6.13 removed mem_cgroup_move_account() etc; but perhaps
there are still some races which need it - not examined here.
Link: https://lore.kernel.org/linux-mm/DU0PR01MB10385345F7153F334100981888259A@DU…
Link: https://lkml.kernel.org/r/0215a42b-99cd-612a-95f7-56f8251d99ef@google.com
Fixes: 33dfe9204f29 ("mm/gup: clear the LRU flag of a page before adding to LRU batch")
Signed-off-by: Hugh Dickins <hughd(a)google.com>
Cc: <stable(a)vger.kernel.org>
Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)kernel.org>
Cc: Axel Rasmussen <axelrasmussen(a)google.com>
Cc: Chris Li <chrisl(a)kernel.org>
Cc: Christoph Hellwig <hch(a)infradead.org>
Cc: David Hildenbrand <david(a)redhat.com>
Cc: Jason Gunthorpe <jgg(a)ziepe.ca>
Cc: Johannes Weiner <hannes(a)cmpxchg.org>
Cc: John Hubbard <jhubbard(a)nvidia.com>
Cc: Keir Fraser <keirf(a)google.com>
Cc: Konstantin Khlebnikov <koct9i(a)gmail.com>
Cc: Li Zhe <lizhe.67(a)bytedance.com>
Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org>
Cc: Peter Xu <peterx(a)redhat.com>
Cc: Shivank Garg <shivankg(a)amd.com>
Cc: Vlastimil Babka <vbabka(a)suse.cz>
Cc: Wei Xu <weixugc(a)google.com>
Cc: Will Deacon <will(a)kernel.org>
Cc: yangge <yangge1116(a)126.com>
Cc: Yuanchu Xie <yuanchu(a)google.com>
Cc: Yu Zhao <yuzhao(a)google.com>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/swap.c | 50 ++++++++++++++++++++++++++------------------------
1 file changed, 26 insertions(+), 24 deletions(-)
--- a/mm/swap.c~mm-revert-mm-gup-clear-the-lru-flag-of-a-page-before-adding-to-lru-batch
+++ a/mm/swap.c
@@ -164,6 +164,10 @@ static void folio_batch_move_lru(struct
for (i = 0; i < folio_batch_count(fbatch); i++) {
struct folio *folio = fbatch->folios[i];
+ /* block memcg migration while the folio moves between lru */
+ if (move_fn != lru_add && !folio_test_clear_lru(folio))
+ continue;
+
folio_lruvec_relock_irqsave(folio, &lruvec, &flags);
move_fn(lruvec, folio);
@@ -176,14 +180,10 @@ static void folio_batch_move_lru(struct
}
static void __folio_batch_add_and_move(struct folio_batch __percpu *fbatch,
- struct folio *folio, move_fn_t move_fn,
- bool on_lru, bool disable_irq)
+ struct folio *folio, move_fn_t move_fn, bool disable_irq)
{
unsigned long flags;
- if (on_lru && !folio_test_clear_lru(folio))
- return;
-
folio_get(folio);
if (disable_irq)
@@ -191,8 +191,8 @@ static void __folio_batch_add_and_move(s
else
local_lock(&cpu_fbatches.lock);
- if (!folio_batch_add(this_cpu_ptr(fbatch), folio) || folio_test_large(folio) ||
- lru_cache_disabled())
+ if (!folio_batch_add(this_cpu_ptr(fbatch), folio) ||
+ folio_test_large(folio) || lru_cache_disabled())
folio_batch_move_lru(this_cpu_ptr(fbatch), move_fn);
if (disable_irq)
@@ -201,13 +201,13 @@ static void __folio_batch_add_and_move(s
local_unlock(&cpu_fbatches.lock);
}
-#define folio_batch_add_and_move(folio, op, on_lru) \
- __folio_batch_add_and_move( \
- &cpu_fbatches.op, \
- folio, \
- op, \
- on_lru, \
- offsetof(struct cpu_fbatches, op) >= offsetof(struct cpu_fbatches, lock_irq) \
+#define folio_batch_add_and_move(folio, op) \
+ __folio_batch_add_and_move( \
+ &cpu_fbatches.op, \
+ folio, \
+ op, \
+ offsetof(struct cpu_fbatches, op) >= \
+ offsetof(struct cpu_fbatches, lock_irq) \
)
static void lru_move_tail(struct lruvec *lruvec, struct folio *folio)
@@ -231,10 +231,10 @@ static void lru_move_tail(struct lruvec
void folio_rotate_reclaimable(struct folio *folio)
{
if (folio_test_locked(folio) || folio_test_dirty(folio) ||
- folio_test_unevictable(folio))
+ folio_test_unevictable(folio) || !folio_test_lru(folio))
return;
- folio_batch_add_and_move(folio, lru_move_tail, true);
+ folio_batch_add_and_move(folio, lru_move_tail);
}
void lru_note_cost_unlock_irq(struct lruvec *lruvec, bool file,
@@ -328,10 +328,11 @@ static void folio_activate_drain(int cpu
void folio_activate(struct folio *folio)
{
- if (folio_test_active(folio) || folio_test_unevictable(folio))
+ if (folio_test_active(folio) || folio_test_unevictable(folio) ||
+ !folio_test_lru(folio))
return;
- folio_batch_add_and_move(folio, lru_activate, true);
+ folio_batch_add_and_move(folio, lru_activate);
}
#else
@@ -507,7 +508,7 @@ void folio_add_lru(struct folio *folio)
lru_gen_in_fault() && !(current->flags & PF_MEMALLOC))
folio_set_active(folio);
- folio_batch_add_and_move(folio, lru_add, false);
+ folio_batch_add_and_move(folio, lru_add);
}
EXPORT_SYMBOL(folio_add_lru);
@@ -685,13 +686,13 @@ void lru_add_drain_cpu(int cpu)
void deactivate_file_folio(struct folio *folio)
{
/* Deactivating an unevictable folio will not accelerate reclaim */
- if (folio_test_unevictable(folio))
+ if (folio_test_unevictable(folio) || !folio_test_lru(folio))
return;
if (lru_gen_enabled() && lru_gen_clear_refs(folio))
return;
- folio_batch_add_and_move(folio, lru_deactivate_file, true);
+ folio_batch_add_and_move(folio, lru_deactivate_file);
}
/*
@@ -704,13 +705,13 @@ void deactivate_file_folio(struct folio
*/
void folio_deactivate(struct folio *folio)
{
- if (folio_test_unevictable(folio))
+ if (folio_test_unevictable(folio) || !folio_test_lru(folio))
return;
if (lru_gen_enabled() ? lru_gen_clear_refs(folio) : !folio_test_active(folio))
return;
- folio_batch_add_and_move(folio, lru_deactivate, true);
+ folio_batch_add_and_move(folio, lru_deactivate);
}
/**
@@ -723,10 +724,11 @@ void folio_deactivate(struct folio *foli
void folio_mark_lazyfree(struct folio *folio)
{
if (!folio_test_anon(folio) || !folio_test_swapbacked(folio) ||
+ !folio_test_lru(folio) ||
folio_test_swapcache(folio) || folio_test_unevictable(folio))
return;
- folio_batch_add_and_move(folio, lru_lazyfree, true);
+ folio_batch_add_and_move(folio, lru_lazyfree);
}
void lru_add_drain(void)
_
Patches currently in -mm which might be from hughd(a)google.com are
mm-fix-folio_expected_ref_count-when-pg_private_2.patch
mm-gup-check-ref_count-instead-of-lru-before-migration.patch
mm-gup-local-lru_add_drain-to-avoid-lru_add_drain_all.patch
mm-revert-mm-gup-clear-the-lru-flag-of-a-page-before-adding-to-lru-batch.patch
mm-revert-mm-vmscanc-fix-oom-on-swap-stress-test.patch
mm-folio_may_be_cached-unless-folio_test_large.patch
mm-lru_add_drain_all-do-local-lru_add_drain-first.patch
2 weeks, 3 days
- 1
- 0
+ mm-gup-local-lru_add_drain-to-avoid-lru_add_drain_all.patch added to mm-new branch
by Andrew Morton
The patch titled
Subject: mm/gup: local lru_add_drain() to avoid lru_add_drain_all()
has been added to the -mm mm-new branch. Its filename is
mm-gup-local-lru_add_drain-to-avoid-lru_add_drain_all.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-new branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Note, mm-new is a provisional staging ground for work-in-progress
patches, and acceptance into mm-new is a notification for others take
notice and to finish up reviews. Please do not hesitate to respond to
review feedback and post updated versions to replace or incrementally
fixup patches in mm-new.
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Hugh Dickins <hughd(a)google.com>
Subject: mm/gup: local lru_add_drain() to avoid lru_add_drain_all()
Date: Sun, 31 Aug 2025 02:08:26 -0700 (PDT)
In many cases, if collect_longterm_unpinnable_folios() does need to drain
the LRU cache to release a reference, the cache in question is on this
same CPU, and much more efficiently drained by a preliminary local
lru_add_drain(), than the later cross-CPU lru_add_drain_all().
Marked for stable, to counter the increase in lru_add_drain_all()s from
"mm/gup: check ref_count instead of lru before migration". Note for clean
backports: can take 6.16 commit a03db236aebf ("gup: optimize longterm
pin_user_pages() for large folio") first.
Link: https://lkml.kernel.org/r/165ccfdb-16b5-ac11-0d66-2984293590c8@google.com
Signed-off-by: Hugh Dickins <hughd(a)google.com>
Cc: <stable(a)vger.kernel.org>
Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)kernel.org>
Cc: Axel Rasmussen <axelrasmussen(a)google.com>
Cc: Chris Li <chrisl(a)kernel.org>
Cc: Christoph Hellwig <hch(a)infradead.org>
Cc: David Hildenbrand <david(a)redhat.com>
Cc: Jason Gunthorpe <jgg(a)ziepe.ca>
Cc: Johannes Weiner <hannes(a)cmpxchg.org>
Cc: John Hubbard <jhubbard(a)nvidia.com>
Cc: Keir Fraser <keirf(a)google.com>
Cc: Konstantin Khlebnikov <koct9i(a)gmail.com>
Cc: Li Zhe <lizhe.67(a)bytedance.com>
Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org>
Cc: Peter Xu <peterx(a)redhat.com>
Cc: Shivank Garg <shivankg(a)amd.com>
Cc: Vlastimil Babka <vbabka(a)suse.cz>
Cc: Wei Xu <weixugc(a)google.com>
Cc: Will Deacon <will(a)kernel.org>
Cc: yangge <yangge1116(a)126.com>
Cc: Yuanchu Xie <yuanchu(a)google.com>
Cc: Yu Zhao <yuzhao(a)google.com>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/gup.c | 2 ++
1 file changed, 2 insertions(+)
--- a/mm/gup.c~mm-gup-local-lru_add_drain-to-avoid-lru_add_drain_all
+++ a/mm/gup.c
@@ -2291,6 +2291,8 @@ static unsigned long collect_longterm_un
struct folio *folio;
long i = 0;
+ lru_add_drain();
+
for (folio = pofs_get_folio(pofs, i); folio;
folio = pofs_next_folio(folio, pofs, &i)) {
_
Patches currently in -mm which might be from hughd(a)google.com are
mm-fix-folio_expected_ref_count-when-pg_private_2.patch
mm-gup-check-ref_count-instead-of-lru-before-migration.patch
mm-gup-local-lru_add_drain-to-avoid-lru_add_drain_all.patch
mm-revert-mm-gup-clear-the-lru-flag-of-a-page-before-adding-to-lru-batch.patch
mm-revert-mm-vmscanc-fix-oom-on-swap-stress-test.patch
mm-folio_may_be_cached-unless-folio_test_large.patch
mm-lru_add_drain_all-do-local-lru_add_drain-first.patch
2 weeks, 3 days
- 1
- 0
+ mm-gup-check-ref_count-instead-of-lru-before-migration.patch added to mm-new branch
by Andrew Morton
The patch titled
Subject: mm/gup: check ref_count instead of lru before migration
has been added to the -mm mm-new branch. Its filename is
mm-gup-check-ref_count-instead-of-lru-before-migration.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-new branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Note, mm-new is a provisional staging ground for work-in-progress
patches, and acceptance into mm-new is a notification for others take
notice and to finish up reviews. Please do not hesitate to respond to
review feedback and post updated versions to replace or incrementally
fixup patches in mm-new.
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Hugh Dickins <hughd(a)google.com>
Subject: mm/gup: check ref_count instead of lru before migration
Date: Sun, 31 Aug 2025 02:05:56 -0700 (PDT)
Will Deacon reports:-
When taking a longterm GUP pin via pin_user_pages(),
__gup_longterm_locked() tries to migrate target folios that should not be
longterm pinned, for example because they reside in a CMA region or
movable zone. This is done by first pinning all of the target folios
anyway, collecting all of the longterm-unpinnable target folios into a
list, dropping the pins that were just taken and finally handing the list
off to migrate_pages() for the actual migration.
It is critically important that no unexpected references are held on the
folios being migrated, otherwise the migration will fail and
pin_user_pages() will return -ENOMEM to its caller. Unfortunately, it is
relatively easy to observe migration failures when running pKVM (which
uses pin_user_pages() on crosvm's virtual address space to resolve stage-2
page faults from the guest) on a 6.15-based Pixel 6 device and this
results in the VM terminating prematurely.
In the failure case, 'crosvm' has called mlock(MLOCK_ONFAULT) on its
mapping of guest memory prior to the pinning. Subsequently, when
pin_user_pages() walks the page-table, the relevant 'pte' is not present
and so the faulting logic allocates a new folio, mlocks it with
mlock_folio() and maps it in the page-table.
Since commit 2fbb0c10d1e8 ("mm/munlock: mlock_page() munlock_page() batch
by pagevec"), mlock/munlock operations on a folio (formerly page), are
deferred. For example, mlock_folio() takes an additional reference on the
target folio before placing it into a per-cpu 'folio_batch' for later
processing by mlock_folio_batch(), which drops the refcount once the
operation is complete. Processing of the batches is coupled with the LRU
batch logic and can be forcefully drained with lru_add_drain_all() but as
long as a folio remains unprocessed on the batch, its refcount will be
elevated.
This deferred batching therefore interacts poorly with the pKVM pinning
scenario as we can find ourselves in a situation where the migration code
fails to migrate a folio due to the elevated refcount from the pending
mlock operation.
Hugh Dickins adds:-
!folio_test_lru() has never been a very reliable way to tell if an
lru_add_drain_all() is worth calling, to remove LRU cache references to
make the folio migratable: the LRU flag may be set even while the folio is
held with an extra reference in a per-CPU LRU cache.
5.18 commit 2fbb0c10d1e8 may have made it more unreliable. Then 6.11
commit 33dfe9204f29 ("mm/gup: clear the LRU flag of a page before adding
to LRU batch") tried to make it reliable, by moving LRU flag clearing; but
missed the mlock/munlock batches, so still unreliable as reported.
And it turns out to be difficult to extend 33dfe9204f29's LRU flag
clearing to the mlock/munlock batches: if they do benefit from batching,
mlock/munlock cannot be so effective when easily suppressed while !LRU.
Instead, switch to an expected ref_count check, which was more reliable
all along: some more false positives (unhelpful drains) than before, and
never a guarantee that the folio will prove migratable, but better.
Note for stable backports: requires 6.16 commit 86ebd50224c0 ("mm: add
folio_expected_ref_count() for reference count calculation") and 6.17
commit ("mm: fix folio_expected_ref_count() when PG_private_2").
Link: https://lkml.kernel.org/r/47c51c9a-140f-1ea1-b692-c4bae5d1fa58@google.com
Fixes: 9a4e9f3b2d73 ("mm: update get_user_pages_longterm to migrate pages allocated from CMA region")
Signed-off-by: Hugh Dickins <hughd(a)google.com>
Reported-by: Will Deacon <will(a)kernel.org>
Link: https://lore.kernel.org/linux-mm/20250815101858.24352-1-will@kernel.org/
Cc: <stable(a)vger.kernel.org>
Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)kernel.org>
Cc: Axel Rasmussen <axelrasmussen(a)google.com>
Cc: Chris Li <chrisl(a)kernel.org>
Cc: Christoph Hellwig <hch(a)infradead.org>
Cc: David Hildenbrand <david(a)redhat.com>
Cc: Jason Gunthorpe <jgg(a)ziepe.ca>
Cc: Johannes Weiner <hannes(a)cmpxchg.org>
Cc: John Hubbard <jhubbard(a)nvidia.com>
Cc: Keir Fraser <keirf(a)google.com>
Cc: Konstantin Khlebnikov <koct9i(a)gmail.com>
Cc: Li Zhe <lizhe.67(a)bytedance.com>
Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org>
Cc: Peter Xu <peterx(a)redhat.com>
Cc: Shivank Garg <shivankg(a)amd.com>
Cc: Vlastimil Babka <vbabka(a)suse.cz>
Cc: Wei Xu <weixugc(a)google.com>
Cc: yangge <yangge1116(a)126.com>
Cc: Yuanchu Xie <yuanchu(a)google.com>
Cc: Yu Zhao <yuzhao(a)google.com>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/gup.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/mm/gup.c~mm-gup-check-ref_count-instead-of-lru-before-migration
+++ a/mm/gup.c
@@ -2307,7 +2307,8 @@ static unsigned long collect_longterm_un
continue;
}
- if (!folio_test_lru(folio) && drain_allow) {
+ if (drain_allow && folio_ref_count(folio) !=
+ folio_expected_ref_count(folio) + 1) {
lru_add_drain_all();
drain_allow = false;
}
_
Patches currently in -mm which might be from hughd(a)google.com are
mm-fix-folio_expected_ref_count-when-pg_private_2.patch
mm-gup-check-ref_count-instead-of-lru-before-migration.patch
mm-gup-local-lru_add_drain-to-avoid-lru_add_drain_all.patch
mm-revert-mm-gup-clear-the-lru-flag-of-a-page-before-adding-to-lru-batch.patch
mm-revert-mm-vmscanc-fix-oom-on-swap-stress-test.patch
mm-folio_may_be_cached-unless-folio_test_large.patch
mm-lru_add_drain_all-do-local-lru_add_drain-first.patch
2 weeks, 3 days
- 1
- 0
+ mm-vmalloc-mm-kasan-respect-gfp-mask-in-kasan_populate_vmalloc.patch added to mm-hotfixes-unstable branch
by Andrew Morton
The patch titled
Subject: mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc()
has been added to the -mm mm-hotfixes-unstable branch. Its filename is
mm-vmalloc-mm-kasan-respect-gfp-mask-in-kasan_populate_vmalloc.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-hotfixes-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: "Uladzislau Rezki (Sony)" <urezki(a)gmail.com>
Subject: mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc()
Date: Sun, 31 Aug 2025 14:10:58 +0200
kasan_populate_vmalloc() and its helpers ignore the caller's gfp_mask and
always allocate memory using the hardcoded GFP_KERNEL flag. This makes
them inconsistent with vmalloc(), which was recently extended to support
GFP_NOFS and GFP_NOIO allocations.
Page table allocations performed during shadow population also ignore the
external gfp_mask. To preserve the intended semantics of GFP_NOFS and
GFP_NOIO, wrap the apply_to_page_range() calls into the appropriate
memalloc scope.
This patch:
- Extends kasan_populate_vmalloc() and helpers to take gfp_mask;
- Passes gfp_mask down to alloc_pages_bulk() and __get_free_page();
- Enforces GFP_NOFS/NOIO semantics with memalloc_*_save()/restore()
around apply_to_page_range();
- Updates vmalloc.c and percpu allocator call sites accordingly.
Link: https://lkml.kernel.org/r/20250831121058.92971-1-urezki@gmail.com
Fixes: 451769ebb7e7 ("mm/vmalloc: alloc GFP_NO{FS,IO} for vmalloc")
Signed-off-by: Uladzislau Rezki (Sony) <urezki(a)gmail.com>
Cc: Andrey Ryabinin <ryabinin.a.a(a)gmail.com>
Cc: Baoquan He <bhe(a)redhat.com>
Cc: Michal Hocko <mhocko(a)kernel.org>
Cc: Alexander Potapenko <glider(a)google.com>
Cc: Andrey Konovalov <andreyknvl(a)gmail.com>
Cc: Dmitry Vyukov <dvyukov(a)google.com>
Cc: Vincenzo Frascino <vincenzo.frascino(a)arm.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
include/linux/kasan.h | 6 +++---
mm/kasan/shadow.c | 31 ++++++++++++++++++++++++-------
mm/vmalloc.c | 8 ++++----
3 files changed, 31 insertions(+), 14 deletions(-)
--- a/include/linux/kasan.h~mm-vmalloc-mm-kasan-respect-gfp-mask-in-kasan_populate_vmalloc
+++ a/include/linux/kasan.h
@@ -562,7 +562,7 @@ static inline void kasan_init_hw_tags(vo
#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)
void kasan_populate_early_vm_area_shadow(void *start, unsigned long size);
-int kasan_populate_vmalloc(unsigned long addr, unsigned long size);
+int kasan_populate_vmalloc(unsigned long addr, unsigned long size, gfp_t gfp_mask);
void kasan_release_vmalloc(unsigned long start, unsigned long end,
unsigned long free_region_start,
unsigned long free_region_end,
@@ -574,7 +574,7 @@ static inline void kasan_populate_early_
unsigned long size)
{ }
static inline int kasan_populate_vmalloc(unsigned long start,
- unsigned long size)
+ unsigned long size, gfp_t gfp_mask)
{
return 0;
}
@@ -610,7 +610,7 @@ static __always_inline void kasan_poison
static inline void kasan_populate_early_vm_area_shadow(void *start,
unsigned long size) { }
static inline int kasan_populate_vmalloc(unsigned long start,
- unsigned long size)
+ unsigned long size, gfp_t gfp_mask)
{
return 0;
}
--- a/mm/kasan/shadow.c~mm-vmalloc-mm-kasan-respect-gfp-mask-in-kasan_populate_vmalloc
+++ a/mm/kasan/shadow.c
@@ -336,13 +336,13 @@ static void ___free_pages_bulk(struct pa
}
}
-static int ___alloc_pages_bulk(struct page **pages, int nr_pages)
+static int ___alloc_pages_bulk(struct page **pages, int nr_pages, gfp_t gfp_mask)
{
unsigned long nr_populated, nr_total = nr_pages;
struct page **page_array = pages;
while (nr_pages) {
- nr_populated = alloc_pages_bulk(GFP_KERNEL, nr_pages, pages);
+ nr_populated = alloc_pages_bulk(gfp_mask, nr_pages, pages);
if (!nr_populated) {
___free_pages_bulk(page_array, nr_total - nr_pages);
return -ENOMEM;
@@ -354,25 +354,42 @@ static int ___alloc_pages_bulk(struct pa
return 0;
}
-static int __kasan_populate_vmalloc(unsigned long start, unsigned long end)
+static int __kasan_populate_vmalloc(unsigned long start, unsigned long end, gfp_t gfp_mask)
{
unsigned long nr_pages, nr_total = PFN_UP(end - start);
struct vmalloc_populate_data data;
+ unsigned int flags;
int ret = 0;
- data.pages = (struct page **)__get_free_page(GFP_KERNEL | __GFP_ZERO);
+ data.pages = (struct page **)__get_free_page(gfp_mask | __GFP_ZERO);
if (!data.pages)
return -ENOMEM;
while (nr_total) {
nr_pages = min(nr_total, PAGE_SIZE / sizeof(data.pages[0]));
- ret = ___alloc_pages_bulk(data.pages, nr_pages);
+ ret = ___alloc_pages_bulk(data.pages, nr_pages, gfp_mask);
if (ret)
break;
data.start = start;
+
+ /*
+ * page tables allocations ignore external gfp mask, enforce it
+ * by the scope API
+ */
+ if ((gfp_mask & (__GFP_FS | __GFP_IO)) == __GFP_IO)
+ flags = memalloc_nofs_save();
+ else if ((gfp_mask & (__GFP_FS | __GFP_IO)) == 0)
+ flags = memalloc_noio_save();
+
ret = apply_to_page_range(&init_mm, start, nr_pages * PAGE_SIZE,
kasan_populate_vmalloc_pte, &data);
+
+ if ((gfp_mask & (__GFP_FS | __GFP_IO)) == __GFP_IO)
+ memalloc_nofs_restore(flags);
+ else if ((gfp_mask & (__GFP_FS | __GFP_IO)) == 0)
+ memalloc_noio_restore(flags);
+
___free_pages_bulk(data.pages, nr_pages);
if (ret)
break;
@@ -386,7 +403,7 @@ static int __kasan_populate_vmalloc(unsi
return ret;
}
-int kasan_populate_vmalloc(unsigned long addr, unsigned long size)
+int kasan_populate_vmalloc(unsigned long addr, unsigned long size, gfp_t gfp_mask)
{
unsigned long shadow_start, shadow_end;
int ret;
@@ -415,7 +432,7 @@ int kasan_populate_vmalloc(unsigned long
shadow_start = PAGE_ALIGN_DOWN(shadow_start);
shadow_end = PAGE_ALIGN(shadow_end);
- ret = __kasan_populate_vmalloc(shadow_start, shadow_end);
+ ret = __kasan_populate_vmalloc(shadow_start, shadow_end, gfp_mask);
if (ret)
return ret;
--- a/mm/vmalloc.c~mm-vmalloc-mm-kasan-respect-gfp-mask-in-kasan_populate_vmalloc
+++ a/mm/vmalloc.c
@@ -2026,6 +2026,8 @@ static struct vmap_area *alloc_vmap_area
if (unlikely(!vmap_initialized))
return ERR_PTR(-EBUSY);
+ /* Only reclaim behaviour flags are relevant. */
+ gfp_mask = gfp_mask & GFP_RECLAIM_MASK;
might_sleep();
/*
@@ -2038,8 +2040,6 @@ static struct vmap_area *alloc_vmap_area
*/
va = node_alloc(size, align, vstart, vend, &addr, &vn_id);
if (!va) {
- gfp_mask = gfp_mask & GFP_RECLAIM_MASK;
-
va = kmem_cache_alloc_node(vmap_area_cachep, gfp_mask, node);
if (unlikely(!va))
return ERR_PTR(-ENOMEM);
@@ -2089,7 +2089,7 @@ retry:
BUG_ON(va->va_start < vstart);
BUG_ON(va->va_end > vend);
- ret = kasan_populate_vmalloc(addr, size);
+ ret = kasan_populate_vmalloc(addr, size, gfp_mask);
if (ret) {
free_vmap_area(va);
return ERR_PTR(ret);
@@ -4826,7 +4826,7 @@ retry:
/* populate the kasan shadow space */
for (area = 0; area < nr_vms; area++) {
- if (kasan_populate_vmalloc(vas[area]->va_start, sizes[area]))
+ if (kasan_populate_vmalloc(vas[area]->va_start, sizes[area], GFP_KERNEL))
goto err_free_shadow;
}
_
Patches currently in -mm which might be from urezki(a)gmail.com are
mm-vmalloc-mm-kasan-respect-gfp-mask-in-kasan_populate_vmalloc.patch
2 weeks, 3 days
- 1
- 0
+ ocfs2-fix-recursive-semaphore-deadlock-in-fiemap-call.patch added to mm-hotfixes-unstable branch
by Andrew Morton
The patch titled
Subject: ocfs2: fix recursive semaphore deadlock in fiemap call
has been added to the -mm mm-hotfixes-unstable branch. Its filename is
ocfs2-fix-recursive-semaphore-deadlock-in-fiemap-call.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-hotfixes-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Mark Tinguely <mark.tinguely(a)oracle.com>
Subject: ocfs2: fix recursive semaphore deadlock in fiemap call
Date: Fri, 29 Aug 2025 10:18:15 -0500
syzbot detected a OCFS2 hang due to a recursive semaphore on a
FS_IOC_FIEMAP of the extent list on a specially crafted mmap file.
context_switch kernel/sched/core.c:5357 [inline]
__schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
__schedule_loop kernel/sched/core.c:7043 [inline]
schedule+0x165/0x360 kernel/sched/core.c:7058
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7115
rwsem_down_write_slowpath+0x872/0xfe0 kernel/locking/rwsem.c:1185
__down_write_common kernel/locking/rwsem.c:1317 [inline]
__down_write kernel/locking/rwsem.c:1326 [inline]
down_write+0x1ab/0x1f0 kernel/locking/rwsem.c:1591
ocfs2_page_mkwrite+0x2ff/0xc40 fs/ocfs2/mmap.c:142
do_page_mkwrite+0x14d/0x310 mm/memory.c:3361
wp_page_shared mm/memory.c:3762 [inline]
do_wp_page+0x268d/0x5800 mm/memory.c:3981
handle_pte_fault mm/memory.c:6068 [inline]
__handle_mm_fault+0x1033/0x5440 mm/memory.c:6195
handle_mm_fault+0x40a/0x8e0 mm/memory.c:6364
do_user_addr_fault+0x764/0x1390 arch/x86/mm/fault.c:1387
handle_page_fault arch/x86/mm/fault.c:1476 [inline]
exc_page_fault+0x76/0xf0 arch/x86/mm/fault.c:1532
asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
RIP: 0010:copy_user_generic arch/x86/include/asm/uaccess_64.h:126 [inline]
RIP: 0010:raw_copy_to_user arch/x86/include/asm/uaccess_64.h:147 [inline]
RIP: 0010:_inline_copy_to_user include/linux/uaccess.h:197 [inline]
RIP: 0010:_copy_to_user+0x85/0xb0 lib/usercopy.c:26
Code: e8 00 bc f7 fc 4d 39 fc 72 3d 4d 39 ec 77 38 e8 91 b9 f7 fc 4c 89
f7 89 de e8 47 25 5b fd 0f 01 cb 4c 89 ff 48 89 d9 4c 89 f6 <f3> a4 0f
1f 00 48 89 cb 0f 01 ca 48 89 d8 5b 41 5c 41 5d 41 5e 41
RSP: 0018:ffffc9000403f950 EFLAGS: 00050256
RAX: ffffffff84c7f101 RBX: 0000000000000038 RCX: 0000000000000038
RDX: 0000000000000000 RSI: ffffc9000403f9e0 RDI: 0000200000000060
RBP: ffffc9000403fa90 R08: ffffc9000403fa17 R09: 1ffff92000807f42
R10: dffffc0000000000 R11: fffff52000807f43 R12: 0000200000000098
R13: 00007ffffffff000 R14: ffffc9000403f9e0 R15: 0000200000000060
copy_to_user include/linux/uaccess.h:225 [inline]
fiemap_fill_next_extent+0x1c0/0x390 fs/ioctl.c:145
ocfs2_fiemap+0x888/0xc90 fs/ocfs2/extent_map.c:806
ioctl_fiemap fs/ioctl.c:220 [inline]
do_vfs_ioctl+0x1173/0x1430 fs/ioctl.c:532
__do_sys_ioctl fs/ioctl.c:596 [inline]
__se_sys_ioctl+0x82/0x170 fs/ioctl.c:584
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f5f13850fd9
RSP: 002b:00007ffe3b3518b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000200000000000 RCX: 00007f5f13850fd9
RDX: 0000200000000040 RSI: 00000000c020660b RDI: 0000000000000004
RBP: 6165627472616568 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe3b3518f0
R13: 00007ffe3b351b18 R14: 431bde82d7b634db R15: 00007f5f1389a03b
ocfs2_fiemap() takes a read lock of the ip_alloc_sem semaphore (since
v2.6.22-527-g7307de80510a) and calls fiemap_fill_next_extent() to read the
extent list of this running mmap executable. The user supplied buffer to
hold the fiemap information page faults calling ocfs2_page_mkwrite() which
will take a write lock (since v2.6.27-38-g00dc417fa3e7) of the same
semaphore. This recursive semaphore will hold filesystem locks and causes
a hang of the fileystem.
The ip_alloc_sem protects the inode extent list and size. Release the
read semphore before calling fiemap_fill_next_extent() in ocfs2_fiemap()
and ocfs2_fiemap_inline(). This does an unnecessary semaphore lock/unlock
on the last extent but simplifies the error path.
Link: https://lkml.kernel.org/r/61d1a62b-2631-4f12-81e2-cd689914360b@oracle.com
Fixes: 00dc417fa3e7 ("ocfs2: fiemap support")
Signed-off-by: Mark Tinguely <mark.tinguely(a)oracle.com>
Reported-by: syzbot+541dcc6ee768f77103e7(a)syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=541dcc6ee768f77103e7
Reviewed-by: Joseph Qi <joseph.qi(a)linux.alibaba.com>
Cc: Mark Fasheh <mark(a)fasheh.com>
Cc: Joel Becker <jlbec(a)evilplan.org>
Cc: Junxiao Bi <junxiao.bi(a)oracle.com>
Cc: Changwei Ge <gechangwei(a)live.cn>
Cc: Jun Piao <piaojun(a)huawei.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
fs/ocfs2/extent_map.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
--- a/fs/ocfs2/extent_map.c~ocfs2-fix-recursive-semaphore-deadlock-in-fiemap-call
+++ a/fs/ocfs2/extent_map.c
@@ -706,6 +706,8 @@ out:
* it not only handles the fiemap for inlined files, but also deals
* with the fast symlink, cause they have no difference for extent
* mapping per se.
+ *
+ * Must be called with ip_alloc_sem semaphore held.
*/
static int ocfs2_fiemap_inline(struct inode *inode, struct buffer_head *di_bh,
struct fiemap_extent_info *fieinfo,
@@ -717,6 +719,7 @@ static int ocfs2_fiemap_inline(struct in
u64 phys;
u32 flags = FIEMAP_EXTENT_DATA_INLINE|FIEMAP_EXTENT_LAST;
struct ocfs2_inode_info *oi = OCFS2_I(inode);
+ lockdep_assert_held_read(&oi->ip_alloc_sem);
di = (struct ocfs2_dinode *)di_bh->b_data;
if (ocfs2_inode_is_fast_symlink(inode))
@@ -732,8 +735,11 @@ static int ocfs2_fiemap_inline(struct in
phys += offsetof(struct ocfs2_dinode,
id2.i_data.id_data);
+ /* Release the ip_alloc_sem to prevent deadlock on page fault */
+ up_read(&OCFS2_I(inode)->ip_alloc_sem);
ret = fiemap_fill_next_extent(fieinfo, 0, phys, id_count,
flags);
+ down_read(&OCFS2_I(inode)->ip_alloc_sem);
if (ret < 0)
return ret;
}
@@ -802,9 +808,11 @@ int ocfs2_fiemap(struct inode *inode, st
len_bytes = (u64)le16_to_cpu(rec.e_leaf_clusters) << osb->s_clustersize_bits;
phys_bytes = le64_to_cpu(rec.e_blkno) << osb->sb->s_blocksize_bits;
virt_bytes = (u64)le32_to_cpu(rec.e_cpos) << osb->s_clustersize_bits;
-
+ /* Release the ip_alloc_sem to prevent deadlock on page fault */
+ up_read(&OCFS2_I(inode)->ip_alloc_sem);
ret = fiemap_fill_next_extent(fieinfo, virt_bytes, phys_bytes,
len_bytes, fe_flags);
+ down_read(&OCFS2_I(inode)->ip_alloc_sem);
if (ret)
break;
_
Patches currently in -mm which might be from mark.tinguely(a)oracle.com are
ocfs2-fix-recursive-semaphore-deadlock-in-fiemap-call.patch
2 weeks, 3 days
- 1
- 0
[PATCH v2] uio_hv_generic: Let userspace take care of interrupt mask
by Naman Jain
Remove the logic to set interrupt mask by default in uio_hv_generic
driver as the interrupt mask value is supposed to be controlled
completely by the user space. If the mask bit gets changed
by the driver, concurrently with user mode operating on the ring,
the mask bit may be set when it is supposed to be clear, and the
user-mode driver will miss an interrupt which will cause a hang.
For eg- when the driver sets inbound ring buffer interrupt mask to 1,
the host does not interrupt the guest on the UIO VMBus channel.
However, setting the mask does not prevent the host from putting a
message in the inbound ring buffer. So let’s assume that happens,
the host puts a message into the ring buffer but does not interrupt.
Subsequently, the user space code in the guest sets the inbound ring
buffer interrupt mask to 0, saying “Hey, I’m ready for interrupts”.
User space code then calls pread() to wait for an interrupt.
Then one of two things happens:
* The host never sends another message. So the pread() waits forever.
* The host does send another message. But because there’s already a
message in the ring buffer, it doesn’t generate an interrupt.
This is the correct behavior, because the host should only send an
interrupt when the inbound ring buffer transitions from empty to
not-empty. Adding an additional message to a ring buffer that is not
empty is not supposed to generate an interrupt on the guest.
Since the guest is waiting in pread() and not removing messages from
the ring buffer, the pread() waits forever.
This could be easily reproduced in hv_fcopy_uio_daemon if we delay
setting interrupt mask to 0.
Similarly if hv_uio_channel_cb() sets the interrupt_mask to 1,
there’s a race condition. Once user space empties the inbound ring
buffer, but before user space sets interrupt_mask to 0, the host could
put another message in the ring buffer but it wouldn’t interrupt.
Then the next pread() would hang.
Fix these by removing all instances where interrupt_mask is changed,
while keeping the one in set_event() unchanged to enable userspace
control the interrupt mask by writing 0/1 to /dev/uioX.
Fixes: 95096f2fbd10 ("uio-hv-generic: new userspace i/o driver for VMBus")
Suggested-by: John Starks <jostarks(a)microsoft.com>
Signed-off-by: Naman Jain <namjain(a)linux.microsoft.com>
Cc: <stable(a)vger.kernel.org>
---
Changes since v1:
https://lore.kernel.org/all/20250818064846.271294-1-namjain@linux.microsoft…
* Added Fixes and Cc stable tags.
---
drivers/uio/uio_hv_generic.c | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/drivers/uio/uio_hv_generic.c b/drivers/uio/uio_hv_generic.c
index f19efad4d6f8..3f8e2e27697f 100644
--- a/drivers/uio/uio_hv_generic.c
+++ b/drivers/uio/uio_hv_generic.c
@@ -111,7 +111,6 @@ static void hv_uio_channel_cb(void *context)
struct hv_device *hv_dev;
struct hv_uio_private_data *pdata;
- chan->inbound.ring_buffer->interrupt_mask = 1;
virt_mb();
/*
@@ -183,8 +182,6 @@ hv_uio_new_channel(struct vmbus_channel *new_sc)
return;
}
- /* Disable interrupts on sub channel */
- new_sc->inbound.ring_buffer->interrupt_mask = 1;
set_channel_read_mode(new_sc, HV_CALL_ISR);
ret = hv_create_ring_sysfs(new_sc, hv_uio_ring_mmap);
if (ret) {
@@ -227,9 +224,7 @@ hv_uio_open(struct uio_info *info, struct inode *inode)
ret = vmbus_connect_ring(dev->channel,
hv_uio_channel_cb, dev->channel);
- if (ret == 0)
- dev->channel->inbound.ring_buffer->interrupt_mask = 1;
- else
+ if (ret)
atomic_dec(&pdata->refcnt);
return ret;
--
2.34.1
2 weeks, 3 days
- 5
- 5
[PATCH 6.16 000/457] 6.16.4-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 6.16.4 release.
There are 457 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 28 Aug 2025 11:08:27 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.16.4-rc1…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.16.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 6.16.4-rc1
Christoph Manszewski <christoph.manszewski(a)intel.com>
drm/xe: Fix vm_bind_ioctl double free bug
Piotr Piórkowski <piotr.piorkowski(a)intel.com>
drm/xe: Move ASID allocation and user PT BO tracking into xe_vm_create
Florian Westphal <fw(a)strlen.de>
netfilter: nf_reject: don't leak dst refcount for loopback packets
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Enable limited access during lockdown
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
Armen Ratner <armeng(a)nvidia.com>
net/mlx5e: Preserve shared buffer capacity during headroom updates
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Query FW for buffer ownership
Oren Sidi <osidi(a)nvidia.com>
net/mlx5: Add IFC bits and enums for buf_ownership
Daniel Jurgens <danielj(a)nvidia.com>
net/mlx5: Base ECVF devlink port attrs from 0
Hariprasad Kelam <hkelam(a)marvell.com>
Octeontx2-af: Skip overlap check for SPI field
Nilay Shroff <nilay(a)linux.ibm.com>
block: avoid cpu_hotplug_lock depedency on freeze_lock
Nilay Shroff <nilay(a)linux.ibm.com>
block: skip q->rq_qos check in rq_qos_done_bio()
Nilay Shroff <nilay(a)linux.ibm.com>
block: decrement block_rq_qos static key in rq_qos_del()
Ming Lei <ming.lei(a)redhat.com>
blk-mq: fix lockdep warning in __blk_mq_update_nr_hw_queues
Nilay Shroff <nilay(a)linux.ibm.com>
block: fix potential deadlock while running nr_hw_queue update
Nilay Shroff <nilay(a)linux.ibm.com>
block: fix lockdep warning caused by lock dependency in elv_iosched_store
Nilay Shroff <nilay(a)linux.ibm.com>
block: move elevator queue allocation logic into blk_mq_init_sched
Lorenzo Bianconi <lorenzo(a)kernel.org>
net: airoha: ppe: Do not invalid PPE entries in case of SW hash collision
Hangbin Liu <liuhangbin(a)gmail.com>
bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU
Hangbin Liu <liuhangbin(a)gmail.com>
bonding: update LACP activity flag after setting lacp_active
Dewei Meng <mengdewei(a)cqsoftware.com.cn>
ALSA: timer: fix ida_free call while not allocated
William Liu <will(a)willsroot.io>
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
William Liu <will(a)willsroot.io>
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
Tristram Ha <tristram.ha(a)microchip.com>
net: dsa: microchip: Fix KSZ9477 HSR port setup issue
ValdikSS <iam(a)valdikss.org.ru>
igc: fix disabling L1.2 PCI-E link substate on I226 on init
Jason Xing <kernelxing(a)tencent.com>
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Song Gao <gaosong(a)loongson.cn>
LoongArch: KVM: Use kvm_get_vcpu_by_id() instead of kvm_get_vcpu()
Bibo Mao <maobibo(a)loongson.cn>
LoongArch: KVM: Use standard bitops API with eiointc
Heiko Carstens <hca(a)linux.ibm.com>
s390/mm: Do not map lowcore with identity mapping
Stefan Binding <sbinding(a)opensource.cirrus.com>
ASoC: cs35l56: Remove SoundWire Clock Divider workaround for CS35L63
Richard Fitzgerald <rf(a)opensource.cirrus.com>
ASoC: cs35l56: Handle new algorithms IDs for CS35L63
Stefan Binding <sbinding(a)opensource.cirrus.com>
ASoC: cs35l56: Update Firmware Addresses for CS35L63 for production silicon
Kanglong Wang <wangkanglong(a)loongson.cn>
LoongArch: Optimize module load time by optimizing PLT/GOT counting
Tiezhu Yang <yangtiezhu(a)loongson.cn>
LoongArch: Pass annotate-tablejump option if LTO is enabled
Tiezhu Yang <yangtiezhu(a)loongson.cn>
objtool/LoongArch: Get table size correctly if LTO is enabled
Parthiban Veerasooran <parthiban.veerasooran(a)microchip.com>
microchip: lan865x: fix missing Timer Increment config for Rev.B0/B1
Parthiban Veerasooran <parthiban.veerasooran(a)microchip.com>
microchip: lan865x: fix missing netif_start_queue() call on device open
Vlad Dogaru <vdogaru(a)nvidia.com>
net/mlx5: CT: Use the correct counter offset
Alex Vesker <valex(a)nvidia.com>
net/mlx5: HWS, Fix table creation UID
Yevgeny Kliteynik <kliteyn(a)nvidia.com>
net/mlx5: HWS, fix complex rules rehash error flow
Yevgeny Kliteynik <kliteyn(a)nvidia.com>
net/mlx5: HWS, fix bad parameter in CQ creation
D. Wythe <alibuda(a)linux.alibaba.com>
net/smc: fix UAF on smcsk after smc_listen_out()
Yao Zi <ziyao(a)disroot.org>
net: stmmac: thead: Enable TX clock before MAC initialization
Jordan Rhee <jordanrhee(a)google.com>
gve: prevent ethtool ops after shutdown
Yuichiro Tsuji <yuichtsu(a)amazon.com>
net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization
Horatiu Vultur <horatiu.vultur(a)microchip.com>
phy: mscc: Fix timestamping for vsc8584
David Howells <dhowells(a)redhat.com>
cifs: Fix oops due to uninitialised variable
Dan Carpenter <dan.carpenter(a)linaro.org>
regulator: tps65219: regulator: tps65219: Fix error codes in probe()
Piotr Piórkowski <piotr.piorkowski(a)intel.com>
drm/xe: Assign ioctl xe file handler to vm in xe_vm_create
MD Danish Anwar <danishanwar(a)ti.com>
net: ti: icssg-prueth: Fix HSR and switch offload Enablement during firwmare reload.
Qingfang Deng <dqfext(a)gmail.com>
ppp: fix race conditions in ppp_fill_forward_path
Qingfang Deng <dqfext(a)gmail.com>
net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path
Nitin Rawat <quic_nitirawa(a)quicinc.com>
scsi: ufs: ufs-qcom: Fix ESI null pointer dereference
Bao D. Nguyen <quic_nguyenb(a)quicinc.com>
scsi: ufs: ufs-qcom: Update esi_vec_mask for HW major version >= 6
Bart Van Assche <bvanassche(a)acm.org>
scsi: ufs: core: Remove WARN_ON_ONCE() call from ufshcd_uic_cmd_compl()
Bart Van Assche <bvanassche(a)acm.org>
scsi: ufs: core: Fix IRQ lock inversion for the SCSI host lock
Michael Chan <michael.chan(a)broadcom.com>
bnxt_en: Fix lockdep warning during rmmod
Minhong He <heminhong(a)kylinos.cn>
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Jakub Ramaseuski <jramaseu(a)redhat.com>
net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Don't print errors for nonexistent connectors
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Adjust DCE 8-10 clock, don't overclock by 15%
Chenyuan Yang <chenyuan0y(a)gmail.com>
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
Peng Fan <peng.fan(a)nxp.com>
regulator: pca9450: Use devm_register_sys_off_handler
Dan Carpenter <dan.carpenter(a)linaro.org>
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Baihan Li <libaihan(a)huawei.com>
drm/hisilicon/hibmc: fix dp and vga cannot show together
Baihan Li <libaihan(a)huawei.com>
drm/hisilicon/hibmc: fix rare monitors cannot display problem
Baihan Li <libaihan(a)huawei.com>
drm/hisilicon/hibmc: fix the hibmc loaded failed bug
Baihan Li <libaihan(a)huawei.com>
drm/hisilicon/hibmc: fix irq_request()'s irq name variable is local
Baihan Li <libaihan(a)huawei.com>
drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed
Miguel Ojeda <ojeda(a)kernel.org>
rust: alloc: fix `rusttest` by providing `Cmalloc::aligned_layout` too
Zheng Qixing <zhengqixing(a)huawei.com>
md: fix sync_action incorrect display during resync
Zheng Qixing <zhengqixing(a)huawei.com>
md: add helper rdev_needs_recovery()
Li Nan <linan122(a)huawei.com>
md: rename recovery_cp to resync_offset
Miguel Ojeda <ojeda(a)kernel.org>
drm: nova-drm: fix 32-bit arm build
Ido Schimmel <idosch(a)nvidia.com>
mlxsw: spectrum: Forward packets with an IPv4 link-local source IP
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: hci_core: Fix not accounting for BIS/CIS/PA links separately
Yang Li <yang.li(a)amlogic.com>
Bluetooth: Add PA_LINK to distinguish BIG sync and PA sync connections
Sergey Shtylyov <s.shtylyov(a)omp.ru>
Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync()
Pauli Virtanen <pav(a)iki.fi>
Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established
Yang Li <yang.li(a)amlogic.com>
Bluetooth: hci_sync: Prevent unintended PA sync when SID is 0xFF
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: hci_core: Fix using ll_privacy_capable for current settings
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: hci_core: Fix using {cis,bis}_capable for current settings
Jiande Lu <jiande.lu(a)mediatek.com>
Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: hci_sync: Fix scan state after PA Sync has been established
Kees Cook <kees(a)kernel.org>
iommu/amd: Avoid stack buffer overflow from kernel cmdline
Dan Carpenter <dan.carpenter(a)linaro.org>
scsi: qla4xxx: Prevent a potential error pointer dereference
Justin Lai <justinlai0215(a)realtek.com>
rtase: Fix Rx descriptor CRC error bit definition
William Liu <will(a)willsroot.io>
net/sched: Fix backlog accounting in qdisc_dequeue_internal
Wang Liang <wangliang74(a)huawei.com>
net: bridge: fix soft lockup in br_multicast_query_expired()
Suraj Gupta <suraj.gupta2(a)amd.com>
net: xilinx: axienet: Fix RX skb ring management in DMAengine mode
Junxian Huang <huangjunxian6(a)hisilicon.com>
RDMA/hns: Fix dip entries leak on devices newer than hip09
Akhilesh Patil <akhilesh(a)ee.iitb.ac.in>
RDMA/core: Free pfn_list with appropriate kvfree call
Anantha Prabhu <anantha.prabhu(a)broadcom.com>
RDMA/bnxt_re: Fix to initialize the PBL array
Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com>
RDMA/bnxt_re: Fix a possible memory leak in the driver
Kashyap Desai <kashyap.desai(a)broadcom.com>
RDMA/bnxt_re: Fix to remove workload check in SRQ limit path
Kashyap Desai <kashyap.desai(a)broadcom.com>
RDMA/bnxt_re: Fix to do SRQ armena by default
wenglianfa <wenglianfa(a)huawei.com>
RDMA/hns: Fix querying wrong SCC context for DIP algorithm
Boshi Yu <boshiyu(a)linux.alibaba.com>
RDMA/erdma: Fix unset QPN of GSI QP
Boshi Yu <boshiyu(a)linux.alibaba.com>
RDMA/erdma: Fix ignored return value of init_kernel_qp
Suma Hegde <suma.hegde(a)amd.com>
platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL
Jocelyn Falempe <jfalempe(a)redhat.com>
drm/panic: Add a u64 divide by 10 for arm32
Danilo Krummrich <dakr(a)kernel.org>
rust: drm: don't pass the address of drm::Device to drm_dev_put()
Danilo Krummrich <dakr(a)kernel.org>
rust: drm: remove pin annotations from drm::Device
Danilo Krummrich <dakr(a)kernel.org>
rust: drm: ensure kmalloc() compatible Layout
Danilo Krummrich <dakr(a)kernel.org>
rust: alloc: replace aligned_size() with Kmalloc::aligned_layout()
Nitin Gote <nitin.r.gote(a)intel.com>
iosys-map: Fix undefined behavior in iosys_map_clear()
José Expósito <jose.exposito89(a)gmail.com>
drm/tests: Fix drm_test_fb_xrgb8888_to_xrgb2101010() on big-endian
Thomas Zimmermann <tzimmermann(a)suse.de>
drm/tests: Do not use drm_fb_blit() in format-helper tests
José Expósito <jose.exposito89(a)gmail.com>
drm/tests: Fix endian warning
Waiman Long <longman(a)redhat.com>
cgroup/cpuset: Fix a partition error with CPU hotplug
Waiman Long <longman(a)redhat.com>
cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key
Fanhua Li <lifanhua5(a)huawei.com>
drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor().
Gabor Juhos <j4g8y7(a)gmail.com>
spi: spi-qpic-snand: fix calculating of ECC OOB regions' properties
Stefan Wahren <wahrenst(a)gmx.net>
spi: spi-fsl-lpspi: Clamp too high speed_hz
Gabor Juhos <j4g8y7(a)gmail.com>
spi: spi-qpic-snand: use correct CW_PER_PAGE value for OOB write
Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com>
iio: imu: inv_icm42600: change invalid data error to -EBUSY
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
iio: imu: inv_icm42600: Convert to uXX and sXX integer types
David Lechner <dlechner(a)baylibre.com>
iio: imu: inv_icm42600: use = { } instead of memset()
Jedrzej Jagielski <jedrzej.jagielski(a)intel.com>
ixgbe: prevent from unwanted interface name changes
Jedrzej Jagielski <jedrzej.jagielski(a)intel.com>
devlink: let driver opt out of automatic phys_port_name generation
Sven Eckelmann <sven(a)narfation.org>
i2c: rtl9300: Add missing count byte for SMBus Block Ops
Sven Eckelmann <sven(a)narfation.org>
i2c: rtl9300: Increase timeout for transfer polling
Harshal Gohel <hg(a)simonwunderlich.de>
i2c: rtl9300: Fix multi-byte I2C write
Alex Guo <alexguo1023(a)gmail.com>
i2c: rtl9300: Fix out-of-bounds bug in rtl9300_i2c_smbus_xfer
Tianxiang Peng <txpeng(a)tencent.com>
x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper
Yazen Ghannam <yazen.ghannam(a)amd.com>
x86/CPU/AMD: Ignore invalid reset reason value
Jakub Kicinski <kuba(a)kernel.org>
tls: fix handling of zero-length records on the rx_list
Niklas Cassel <cassel(a)kernel.org>
PCI: dwc: Ensure that dw_pcie_wait_for_link() waits 100 ms after link up
NeilBrown <neil(a)brown.name>
ovl: use I_MUTEX_PARENT when locking parent in ovl_create_temp()
Pu Lehui <pulehui(a)huawei.com>
tracing: Limit access to parser->buffer when trace_get_user failed
Steven Rostedt <rostedt(a)goodmis.org>
tracing: Remove unneeded goto out logic
Heikki Krogerus <heikki.krogerus(a)linux.intel.com>
usb: dwc3: pci: add support for the Intel Wildcat Lake
Selvarasu Ganesan <selvarasu.g(a)samsung.com>
usb: dwc3: Remove WARN_ON for device endpoint command timeouts
Kuen-Han Tsai <khtsai(a)google.com>
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Niklas Neronin <niklas.neronin(a)linux.intel.com>
usb: xhci: fix host not responding after suspend and resume
Weitao Wang <WeitaoWang-oc(a)zhaoxin.com>
usb: xhci: Fix slot_id resource race conflict
Amit Sunil Dhamne <amitsd(a)google.com>
usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean
Amit Sunil Dhamne <amitsd(a)google.com>
usb: typec: maxim_contaminant: disable low power mode when reading comparator values
Zenm Chen <zenmchen(a)gmail.com>
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Thorsten Blum <thorsten.blum(a)linux.dev>
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Mael GUERIN <mael.guerin(a)murena.io>
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Marek Vasut <marek.vasut+renesas(a)mailbox.org>
usb: renesas-xhci: Fix External ROM access timeouts
Xu Yang <xu.yang_2(a)nxp.com>
usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()
Edward Adam Davis <eadavis(a)qq.com>
comedi: pcl726: Prevent invalid irq number
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Make insn_rw_emulate_bits() do insn->n samples
Miao Li <limiao(a)kylinos.cn>
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
Thorsten Blum <thorsten.blum(a)linux.dev>
cdx: Fix off-by-one error in cdx_rpmsg_probe()
Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
kcov, usb: Don't disable interrupts in kcov_remote_start_usb_softirq()
Miaoqian Lin <linmq006(a)gmail.com>
most: core: Drop device reference after usage in get_channel()
Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com>
iio: adc: rzg2l: Cleanup suspend/resume path
David Lechner <dlechner(a)baylibre.com>
iio: proximity: isl29501: fix buffered read on big-endian systems
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad7173: prevent scan if too many setups requested
Matti Vaittinen <mazziesaccount(a)gmail.com>
iio: adc: bd79124: Add GPIOLIB dependency
Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com>
iio: adc: rzg2l_adc: Set driver data before enabling runtime PM
Salah Triki <salah.triki(a)gmail.com>
iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe()
Jonathan Cameron <Jonathan.Cameron(a)huawei.com>
iio: light: as73211: Ensure buffer holes are zeroed
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad7124: fix channel lookup in syscalib functions
David Lechner <dlechner(a)baylibre.com>
iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read()
Steven Rostedt <rostedt(a)goodmis.org>
ftrace: Also allocate and copy hash for reading of filter files
David Lechner <dlechner(a)baylibre.com>
iio: accel: sca3300: fix uninitialized iio scan data
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad7380: fix missing max_conversion_rate_hz on adaq4381-4
Xu Yilun <yilun.xu(a)linux.intel.com>
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Imre Deak <imre.deak(a)intel.com>
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd: Restore cached manual clock settings during resume
Robin Murphy <robin.murphy(a)arm.com>
iommu/virtio: Make instance lookup robust
Jason Gunthorpe <jgg(a)ziepe.ca>
iommu: Remove ops.pgsize_bitmap from drivers that don't use it
Al Viro <viro(a)zeniv.linux.org.uk>
use uniform permission checks for all mount propagation changes
Adrian Huang (Lenovo) <adrianhuang0701(a)gmail.com>
signal: Fix memory leak for PIDFD_SELF* sentinels
Ye Bin <yebin10(a)huawei.com>
fs/buffer: fix use-after-free when call bh_read() helper
Stefan Metzmacher <metze(a)samba.org>
smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy()
Christian Brauner <brauner(a)kernel.org>
libfs: massage path_from_stashed() to allow custom stashing behavior
Thomas Bertschinger <tahbertschinger(a)gmail.com>
fhandle: do_handle_open() should get FD with user flags
Naohiro Aota <naohiro.aota(a)wdc.com>
btrfs: zoned: fix data relocation block group reservation
Yuntao Wang <yuntao.wang(a)linux.dev>
fs: fix incorrect lflags value in the move_mount syscall
Charalampos Mitrodimas <charmitro(a)posteo.net>
debugfs: fix mount options not being applied
Miguel Ojeda <ojeda(a)kernel.org>
rust: faux: fix C header link
Christoph Hellwig <hch(a)lst.de>
xfs: fix frozen file system assert in xfs_trans_alloc
Dan Carpenter <dan.carpenter(a)linaro.org>
soc: qcom: mdt_loader: Fix error return values in mdt_header_valid()
Liu01 Tong <Tong.Liu01(a)amd.com>
drm/amdgpu: fix task hang from failed job submission during process kill
Geraldo Nascimento <geraldogabriel(a)gmail.com>
PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining
Geraldo Nascimento <geraldogabriel(a)gmail.com>
PCI: rockchip: Use standard PCIe definitions
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix DP audio DTO1 clock source on DCE 6.
Tom Chung <chiahsuan.chung(a)amd.com>
drm/amd/display: Fix Xorg desktop unresponsive on Replay panel
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Don't overclock DCE 6 by 15%
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd/display: Avoid a NULL pointer dereference
Imre Deak <imre.deak(a)intel.com>
drm/i915/icl+/tc: Convert AUX powered WARN to a debug message
Imre Deak <imre.deak(a)intel.com>
drm/i915/lnl+/tc: Use the cached max lane count value
Imre Deak <imre.deak(a)intel.com>
drm/i915/lnl+/tc: Fix max lane count HW readout
Imre Deak <imre.deak(a)intel.com>
drm/i915/icl+/tc: Cache the max lane count value
Imre Deak <imre.deak(a)intel.com>
drm/i915/lnl+/tc: Fix handling of an enabled/disconnected dp-alt sink
Sebastian Brzezinka <sebastian.brzezinka(a)intel.com>
drm/i915/gt: Relocate compression repacking WA for JSL/EHL
Qianfeng Rong <rongqianfeng(a)vivo.com>
drm/nouveau/gsp: fix mismatched alloc/free for kvmalloc()
Jani Nikula <jani.nikula(a)intel.com>
drm/i915: silence rpm wakeref asserts on GEN11_GU_MISC_IIR access
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu/swm14: Update power limit logic
Thorsten Blum <thorsten.blum(a)linux.dev>
accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc()
Jan Beulich <jbeulich(a)suse.com>
compiler: remove __ADDRESSABLE_ASM{_STR,}() again
Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com>
platform/x86/intel-uncore-freq: Check write blocked for ELC
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/sclp: Fix SCCB present check
Zhu Yanjun <yanjun.zhu(a)linux.dev>
RDMA/rxe: Flush delayed SKBs while releasing RXE resources
Evgeniy Harchenko <evgeniyharchenko.dev(a)gmail.com>
ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6
Takashi Iwai <tiwai(a)suse.de>
ALSA: hda: tas2781: Fix wrong reference of tasdevice_priv
David Hildenbrand <david(a)redhat.com>
mm/mremap: fix WARN with uffd that has remap events disabled
Jinjiang Tu <tujinjiang(a)huawei.com>
mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
Herton R. Krzesinski <herton(a)redhat.com>
mm/debug_vm_pgtable: clear page table entries at destroy_args()
Sang-Heon Jeon <ekffu200098(a)gmail.com>
mm/damon/core: fix damos_commit_filter not changing allow
Phillip Lougher <phillip(a)squashfs.org.uk>
squashfs: fix memory leak in squashfs_fill_super
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix a race when updating an existing write
Judith Mendez <jm(a)ti.com>
mmc: sdhci_am654: Disable HS400 for AM62P SR1.0 and SR1.1
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER
Jiayi Li <lijiayi(a)kylinos.cn>
memstick: Fix deadlock by moving removing flag earlier
Pasha Tatashin <pasha.tatashin(a)soleen.com>
kho: warn if KHO is disabled due to an error
Pasha Tatashin <pasha.tatashin(a)soleen.com>
kho: mm: don't allow deferred struct page with KHO
Pasha Tatashin <pasha.tatashin(a)soleen.com>
kho: init new_physxa->phys_bits to fix lockdep
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: Add a new function to simplify the code
Sai Krishna Potthuri <sai.krishna.potthuri(a)amd.com>
mmc: sdhci-of-arasan: Ensure CD logic stabilization before power-up
Sang-Heon Jeon <ekffu200098(a)gmail.com>
mm/damon/core: fix commit_ops_filters by using correct nth function
Nicolin Chen <nicolinc(a)nvidia.com>
iommu/arm-smmu-v3: Fix smmu_domain->nr_ats_masters decrement
Dominique Martinet <asmadeus(a)codewreck.org>
iov_iter: iterate_folioq: fix handling of offset >= folio size
Jens Axboe <axboe(a)kernel.dk>
io_uring/futex: ensure io_futex_wait() cleans up properly on failure
XianLiang Huang <huangxianliang(a)lanxincomputing.com>
iommu/riscv: prevent NULL deref in iova_to_phys
Eric Biggers <ebiggers(a)kernel.org>
crypto: acomp - Fix CFI failure due to type punning
Geert Uytterhoeven <geert+renesas(a)glider.be>
erofs: Do not select tristate symbols from bool symbols
Bo Liu (OpenAnolis) <liubo03(a)inspur.com>
erofs: fix build error with CONFIG_EROFS_FS_ZIP_ACCEL=y
Alan Huang <mmpgouride(a)gmail.com>
xfs: Remove unused label in xfs_dax_notify_dev_failure
Christoph Hellwig <hch(a)lst.de>
xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags
Christoph Hellwig <hch(a)lst.de>
xfs: improve the comments in xfs_select_zone_nowait
Christoph Hellwig <hch(a)lst.de>
xfs: return the allocated transaction from xfs_trans_alloc_empty
Christoph Hellwig <hch(a)lst.de>
xfs: decouple xfs_trans_alloc_empty from xfs_trans_alloc
Naohiro Aota <naohiro.aota(a)wdc.com>
btrfs: subpage: keep TOWRITE tag until folio is cleaned
Qu Wenruo <wqu(a)suse.com>
btrfs: rename btrfs_subpage structure
Qu Wenruo <wqu(a)suse.com>
btrfs: add comments on the extra btrfs specific subpage bitmaps
Leo Martins <loemra.dev(a)gmail.com>
btrfs: fix subpage deadlock in try_release_subpage_extent_buffer()
Filipe Manana <fdmanana(a)suse.com>
btrfs: use refcount_t type for the extent buffer reference counter
Filipe Manana <fdmanana(a)suse.com>
btrfs: add comment for optimization in free_extent_buffer()
Filipe Manana <fdmanana(a)suse.com>
btrfs: reorganize logic at free_extent_buffer() for better readability
Filipe Manana <fdmanana(a)suse.com>
btrfs: abort transaction on unexpected eb generation at btrfs_copy_root()
Filipe Manana <fdmanana(a)suse.com>
btrfs: always abort transaction on failure to add block group to free space tree
David Sterba <dsterba(a)suse.com>
btrfs: move transaction aborts to the error site in add_block_group_free_space()
SeongJae Park <sj(a)kernel.org>
mm/damon/ops-common: ignore migration request to invalid nodes
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
selftests: mptcp: sockopt: fix C23 extension warning
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
selftests: mptcp: connect: fix C23 extension warning
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
selftests: mptcp: pm: check flush doesn't reset limits
Geliang Tang <geliang(a)kernel.org>
mptcp: disable add_addr retransmission when timeout is 0
Geliang Tang <geliang(a)kernel.org>
mptcp: remove duplicate sk_reset_timer call
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
mptcp: pm: kernel: flush: do not reset ADD_ADDR limit
Christoph Paasch <cpaasch(a)openai.com>
mptcp: drop skb if MPTCP skb extension allocation fails
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
ACPI: APEI: EINJ: Fix resource leak by remove callback in .exit.text
Chen Yu <yu.c.chen(a)intel.com>
ACPI: pfr_update: Fix the driver update version check
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
cpuidle: governors: menu: Avoid selecting states with too much latency
JP Kobryn <inwardvessel(a)gmail.com>
cgroup: avoid null de-ref in css_rstat_exit()
Eric Biggers <ebiggers(a)kernel.org>
ipv6: sr: Fix MAC comparison to be constant-time
Andrea Righi <arighi(a)nvidia.com>
sched/ext: Fix invalid task state transitions on class switch
Jakub Acs <acsjakub(a)amazon.de>
net, hsr: reject HSR frame if skb can't hold tag
Bibo Mao <maobibo(a)loongson.cn>
LoongArch: KVM: Add address alignment check in pch_pic register access
Bibo Mao <maobibo(a)loongson.cn>
LoongArch: KVM: Fix stack protector issue in send_ipi_data()
Bibo Mao <maobibo(a)loongson.cn>
LoongArch: KVM: Make function kvm_own_lbt() robust
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Don't overwrite dce60_clk_mgr
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd/display: Revert "drm/amd/display: Fix AMDGPU_MAX_BL_LEVEL value"
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd/display: Pass up errors for reset GPU that fails to init HW
Lauri Tirkkonen <lauri(a)hacktheplanet.fi>
drm/amd/display: fix initial backlight brightness calculation
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix DCE 6.0 and 6.4 PLL programming.
Siyang Liu <Security(a)tencent.com>
drm/amd/display: fix a Null pointer dereference vulnerability
Michel Dänzer <mdaenzer(a)redhat.com>
drm/amd/display: Add primary plane to commits for correct VRR handling
David Yat Sin <David.YatSin(a)amd.com>
drm/amdkfd: Fix checkpoint-restore on multi-xcc
Amber Lin <Amber.Lin(a)amd.com>
drm/amdkfd: Destroy KFD debugfs after destroy KFD wq
Lijo Lazar <lijo.lazar(a)amd.com>
drm/amdgpu: Update supported modes for GC v9.5.0
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu: update mmhub 4.1.0 client id mappings
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu: update mmhub 3.3 client id mappings
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu: update mmhub 3.0.1 client id mappings
Lijo Lazar <lijo.lazar(a)amd.com>
drm/amdgpu: Update external revid for GC v9.5.0
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu: track whether a queue is a kernel queue in amdgpu_mqd_prop
YuanShang <YuanShang.Mao(a)amd.com>
drm/amdgpu: Retain job->vm in amdgpu_job_prepare_job
Nathan Chancellor <nathan(a)kernel.org>
drm/amdgpu: Initialize data to NULL in imu_v12_0_program_rlc_ram()
Peter Shkenev <mustela(a)erminea.space>
drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities
Gang Ba <Gang.Ba(a)amd.com>
drm/amdgpu: Avoid extra evict-restore process.
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu: add missing vram lost check for LEGACY RESET
Frank Min <Frank.Min(a)amd.com>
drm/amdgpu: add kicker fws loading for gfx12/smu14/psp14
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd: Restore cached power limit during resume
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu/discovery: fix fw based ip discovery
Yang Wang <kevinyang.wang(a)amd.com>
drm/amd/amdgpu: fix missing lock for cper.ring->rptr/wptr access
Thomas Hellström <thomas.hellstrom(a)linux.intel.com>
drm/xe: Defer buffer object shrinker write-backs and GPU waits
Vodapalli, Ravi Kumar <ravi.kumar.vodapalli(a)intel.com>
drm/xe/bmg: Add one additional PCI ID
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Remove unnecessary re-initialization of flush completion
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Verify internal buffer release on close
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Update CAPTURE format info based on OUTPUT format
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Track flush responses to prevent premature completion
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Skip flush on first sequence change
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Skip destroying internal buffer if not dequeued
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Send V4L2_BUF_FLAG_ERROR for capture buffers with 0 filled length
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Remove error check for non-zero v4l2 controls
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Remove deprecated property setting to firmware
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Prevent HFI queue writes when core is in deinit state
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Fix typo in depth variable
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Fix NULL pointer dereference
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Fix missing function pointer initialization
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Fix buffer preparation failure during resolution change
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Drop port check for session property response
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: iris: Avoid updating frame size to firmware during reconfig
Ricardo Ribalda <ribalda(a)chromium.org>
media: venus: venc: Clamp param smaller than 1fps and bigger than 240
Ricardo Ribalda <ribalda(a)chromium.org>
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: protect against spurious interrupts during probe
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: hfi: explicitly release IRQ during teardown
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
media: venus: Fix MSM8998 frequency table
Vedang Nagar <quic_vnagar(a)quicinc.com>
media: venus: Add a check for packet size after reading from shared memory
Bryan O'Donoghue <bryan.odonoghue(a)linaro.org>
media: qcom: camss: Remove extraneous -supply postfix on supply names
Vladimir Zapolskiy <vladimir.zapolskiy(a)linaro.org>
media: qcom: camss: cleanup media device allocated resource on error path
Bryan O'Donoghue <bryan.odonoghue(a)linaro.org>
media: qcom: camss: csiphy-3ph: Fix inadvertent dropping of SDM660/SDM670 phy init
Hans de Goede <hansg(a)kernel.org>
media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls
Mathis Foerst <mathis.foerst(a)mt.com>
media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval
Zhang Shurong <zhang_shurong(a)foxmail.com>
media: ov2659: Fix memory leaks in ov2659_probe()
Jacopo Mondi <jacopo.mondi(a)ideasonboard.com>
media: pisp_be: Fix pm_runtime underrun in probe
Gui-Dong Han <hanguidong02(a)gmail.com>
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Ludwig Disterhof <ludwig(a)disterhof.eu>
media: usbtv: Lock resolution while streaming
Sakari Ailus <sakari.ailus(a)linux.intel.com>
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Nicolas Dufresne <nicolas.dufresne(a)collabora.com>
media: verisilicon: Fix AV1 decoder clock frequency
Hans Verkuil <hverkuil(a)xs4all.nl>
media: vivid: fix wrong pixel_array control size
Sakari Ailus <sakari.ailus(a)linux.intel.com>
media: ipu6: isys: Use correct pads for xlate_streams()
Haoxiang Li <haoxiang_li2024(a)163.com>
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
Bingbu Cao <bingbu.cao(a)intel.com>
media: hi556: correct the test pattern configuration
Dan Carpenter <dan.carpenter(a)linaro.org>
media: gspca: Add bounds checking to firmware parser
John David Anglin <dave.anglin(a)bell.net>
parisc: Update comments in make_insert_tlb
John David Anglin <dave.anglin(a)bell.net>
parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault()
John David Anglin <dave.anglin(a)bell.net>
parisc: Revise gateway LWS calls to probe user read access
John David Anglin <dave.anglin(a)bell.net>
parisc: Revise __get_user() to probe user read access
John David Anglin <dave.anglin(a)bell.net>
parisc: Rename pte_needs_flush() to pte_needs_cache_flush() in cache.c
Randy Dunlap <rdunlap(a)infradead.org>
parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers
John David Anglin <dave.anglin(a)bell.net>
parisc: Drop WARN_ON_ONCE() from flush_cache_vmap
John David Anglin <dave.anglin(a)bell.net>
parisc: Define and use set_pte_at()
John David Anglin <dave.anglin(a)bell.net>
parisc: Check region is readable by user in raw_copy_from_user()
Jon Hunter <jonathanh(a)nvidia.com>
soc/tegra: pmc: Ensure power-domains are in a known state
Jialin Wang <wjl.linux(a)gmail.com>
proc: proc_maps_open allow proc_mem_open to return NULL
Aleksa Sarai <cyphar(a)cyphar.com>
open_tree_attr: do not allow id-mapping changes without OPEN_TREE_CLONE
Simon Richter <Simon.Richter(a)hogyros.de>
Mark xe driver as BROKEN if kernel page size is not 4kB
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
kbuild: userprogs: use correct linker when mixing clang and GNU ld
Jann Horn <jannh(a)google.com>
kasan/test: fix protection against compiler elision
Baokun Li <libaokun1(a)huawei.com>
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
Jan Kara <jack(a)suse.cz>
iomap: Fix broken data integrity guarantees for O_SYNC writes
Kathiravan Thirumoorthy <kathiravan.thirumoorthy(a)oss.qualcomm.com>
i2c: qcom-geni: fix I2C frequency table to achieve accurate bus rates
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in dnode page
Julian Sun <sunjunchao2870(a)gmail.com>
block: restore default wbt enablement
Muhammad Usama Anjum <usama.anjum(a)collabora.com>
ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context
Xaver Hugl <xaver.hugl(a)kde.org>
amdgpu/amdgpu_discovery: increase timeout limit for IFWI init
Kathiravan Thirumoorthy <kathiravan.thirumoorthy(a)oss.qualcomm.com>
phy: qcom: phy-qcom-m31: Update IPQ5332 M31 USB phy initialization sequence
Will Deacon <will(a)kernel.org>
vhost/vsock: Avoid allocating arbitrarily-sized SKBs
Will Deacon <will(a)kernel.org>
vsock/virtio: Validate length in packet header before skb_put()
Richard Zhu <hongxing.zhu(a)nxp.com>
PCI: imx6: Delay link start until configfs 'start' written
Richard Zhu <hongxing.zhu(a)nxp.com>
PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset
Richard Zhu <hongxing.zhu(a)nxp.com>
PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features
Richard Zhu <hongxing.zhu(a)nxp.com>
PCI: imx6: Add IMX8MQ_EP third 64-bit BAR in epc_features
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group removal on driver teardown
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group list head handling
Jiwei Sun <sunjw10(a)lenovo.com>
PCI: Fix link speed calculation on retrain failure
Lukas Wunner <lukas(a)wunner.de>
PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge
Chi Zhiling <chizhiling(a)kylinos.cn>
readahead: fix return value of page_cache_next_miss() when no hole is found
Dmitry Torokhov <dmitry.torokhov(a)gmail.com>
mfd: mt6397: Do not use generic name for keypad sub-devices
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: renesas: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: fsmc: Add missing check after DMA map
Gabor Juhos <j4g8y7(a)gmail.com>
mtd: spinand: propagate spinand_wait() errors from spinand_write_page()
Michael Walle <mwalle(a)kernel.org>
mtd: spi-nor: Fix spi_nor_try_unlock_all()
Tim Harvey <tharvey(a)gateworks.com>
hwmon: (gsc-hwmon) fix fan pwm setpoint show functions
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Fix duty and period setting
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Handle hardware enable and clock enable separately
Laurentiu Mihalcea <laurentiu.mihalcea(a)nxp.com>
pwm: imx-tpm: Reset counter if CMOD is 0
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix dest ring-buffer corruption when ring is full
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix source ring-buffer corruption
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix dest ring-buffer corruption
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath12k: fix dest ring-buffer corruption when ring is full
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath12k: fix source ring-buffer corruption
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath12k: fix dest ring-buffer corruption
Nathan Chancellor <nathan(a)kernel.org>
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad7173: fix setting ODR in probe
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad7173: fix calibration channel
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad7173: fix channels index for syscalib_mode
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad_sigma_delta: change to buffer predisable
David Lechner <dlechner(a)baylibre.com>
iio: imu: bno055: fix OOB access of hw_xlate array
Marek Szyprowski <m.szyprowski(a)samsung.com>
zynq_fpga: use sgtable-based scatterlist wrappers
Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com>
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Igor Pylypiv <ipylypiv(a)google.com>
ata: libata-scsi: Fix CDL control
Adrian Hunter <adrian.hunter(a)intel.com>
scsi: ufs: ufs-pci: Fix default runtime and system PM levels
Archana Patni <archana.patni(a)intel.com>
scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-scsi: Return aborted command when missing sense and result TF
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-scsi: Fix ata_to_sense_error() status handling
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: mpi3mr: Fix race between config read submit and interrupt completion
André Draszik <andre.draszik(a)linaro.org>
scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE
Macpaul Lin <macpaul.lin(a)mediatek.com>
scsi: dt-bindings: mediatek,ufs: Add ufs-disable-mcq flag for UFS host
Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com>
dt-bindings: display: vop2: Add optional PLL clock property for rk3576
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints
Helge Deller <deller(a)gmx.de>
apparmor: Fix 8-byte alignment for initial dfa blob streams
Sam Edwards <cfsworks(a)gmail.com>
arm64: dts: rockchip: Remove workaround that prevented Turing RK1 GPU power regulator control
Emanuele Ghidoli <emanuele.ghidoli(a)toradex.com>
arm64: dts: ti: k3-am62-verdin: Enable pull-ups on I2C buses
Kaustabh Chakraborty <kauschluss(a)disroot.org>
arm64: dts: exynos7870-on7xelte: reduce memory ranges to base amount
Judith Mendez <jm(a)ti.com>
arm64: dts: ti: k3-am62*: Move eMMC pinmux to top level board file
Hong Guan <hguan(a)ti.com>
arm64: dts: ti: k3-am62a7-sk: fix pinmux for main_uart1
Peter Griffin <peter.griffin(a)linaro.org>
arm64: dts: exynos: gs101: ufs: add dma-coherent property
Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com>
arm64: dts: rockchip: Enable HDMI PHY clk provider on rk3576
Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com>
arm64: dts: rockchip: Add HDMI PHY PLL clock source to VOP2 on rk3576
Kaustabh Chakraborty <kauschluss(a)disroot.org>
arm64: dts: exynos7870: add quirk to disable USB2 LPM in gadget mode
Alexander Sverdlin <alexander.sverdlin(a)gmail.com>
arm64: dts: ti: k3-pinctrl: Enable Schmitt Trigger by default
Kaustabh Chakraborty <kauschluss(a)disroot.org>
arm64: dts: exynos7870-j6lte: reduce memory ranges to base amount
Judith Mendez <jm(a)ti.com>
arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support
Nick Chan <towinchenmi(a)gmail.com>
arm64: dts: apple: t8012-j132: Include touchbar framebuffer node
Kyoji Ogasawara <sawara04.o(a)gmail.com>
btrfs: fix printing of mount info messages for NODATACOW/NODATASUM
Kyoji Ogasawara <sawara04.o(a)gmail.com>
btrfs: restore mount option info messages during mount
Kyoji Ogasawara <sawara04.o(a)gmail.com>
btrfs: fix incorrect log message for nobarrier mount option
Naohiro Aota <naohiro.aota(a)wdc.com>
btrfs: zoned: fix write time activation failure for metadata block group
Zhang Yi <yi.zhang(a)huawei.com>
ext4: fix hole length calculation overflow in non-extent inodes
Liao Yuanhong <liaoyuanhong(a)vivo.com>
ext4: use kmalloc_array() for array space allocation
Theodore Ts'o <tytso(a)mit.edu>
ext4: don't try to clear the orphan_present feature block device is r/o
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix reserved gdt blocks handling in fsmap
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix fsmap end of range reporting with bigalloc
Andreas Dilger <adilger(a)dilger.ca>
ext4: check fast symlink for ea_inode correctly
Baokun Li <libaokun1(a)huawei.com>
ext4: preserve SB_I_VERSION on remount
Masami Hiramatsu (Google) <mhiramat(a)kernel.org>
tracing: fprobe-event: Sanitize wildcard for fprobe event name
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: extend the connection limiting mechanism to support IPv6
Ziyan Xu <ziyan(a)securitygossip.com>
ksmbd: fix refcount leak causing resource not released
Helge Deller <deller(a)gmx.de>
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
Herbert Xu <herbert(a)gondor.apana.org.au>
crypto: hash - Increase HASH_MAX_DESCSIZE for hmac(sha3-224-s390)
Bharat Bhushan <bbhushan2(a)marvell.com>
crypto: octeontx2 - Fix address alignment on CN10KB and CN10KA-B0
Bharat Bhushan <bbhushan2(a)marvell.com>
crypto: octeontx2 - Fix address alignment on CN10K A0/A1 and OcteonTX2
Bharat Bhushan <bbhushan2(a)marvell.com>
crypto: octeontx2 - Fix address alignment issue on ucode loading
Eric Biggers <ebiggers(a)kernel.org>
crypto: x86/aegis - Add missing error checks
Eric Biggers <ebiggers(a)kernel.org>
crypto: x86/aegis - Fix sleeping when disallowed on PREEMPT_RT
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - flush misc workqueue during device shutdown
John Ernberg <john.ernberg(a)actia.se>
crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP
Ashish Kalra <ashish.kalra(a)amd.com>
crypto: ccp - Fix SNP panic notifier unregistration
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - lower priority for skcipher and aead algorithms
Eric Biggers <ebiggers(a)kernel.org>
lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts
Eric Biggers <ebiggers(a)kernel.org>
lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts
Eric Biggers <ebiggers(a)kernel.org>
lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap
David Howells <dhowells(a)redhat.com>
netfs: Fix unbuffered write error handling
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: defkeymap: Map keycodes above 127 to K_HOLE
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: keyboard: Don't process Unicode characters in K_OFF mode
Youssef Samir <quic_yabdulra(a)quicinc.com>
bus: mhi: host: Detect events pointing to unexpected TREs
Alexander Wilhelm <alexander.wilhelm(a)westermo.com>
bus: mhi: host: Fix endianness of BHI vector table
Johan Hovold <johan(a)kernel.org>
usb: dwc3: imx8mp: fix device leak at unbind
Johan Hovold <johan(a)kernel.org>
usb: dwc3: meson-g12a: fix device leaks at unbind
Johan Hovold <johan(a)kernel.org>
usb: musb: omap2430: fix device leak at unbind
Johan Hovold <johan(a)kernel.org>
usb: gadget: udc: renesas_usb3: fix device leak at unbind
Nathan Chancellor <nathan(a)kernel.org>
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad7173: fix num_slots
Finn Thain <fthain(a)linux-m68k.org>
m68k: Fix lost column on framebuffer debug console
Damien Le Moal <dlemoal(a)kernel.org>
dm: Check for forbidden splitting of zone write operations
Damien Le Moal <dlemoal(a)kernel.org>
dm: dm-crypt: Do not partially accept write BIOs with zoned targets
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
PM: runtime: Take active children into account in pm_runtime_get_if_in_use()
Tzung-Bi Shih <tzungbi(a)kernel.org>
platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister()
Dan Carpenter <dan.carpenter(a)linaro.org>
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
Damien Le Moal <dlemoal(a)kernel.org>
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
Yunhui Cui <cuiyunhui(a)bytedance.com>
serial: 8250: fix panic due to PSLVERR
-------------
Diffstat:
.../bindings/display/rockchip/rockchip-vop2.yaml | 56 ++++-
.../bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2 +-
.../display/sprd/sprd,sharkl3-dsi-host.yaml | 2 +-
.../devicetree/bindings/ufs/mediatek,ufs.yaml | 4 +
Documentation/networking/mptcp-sysctl.rst | 2 +
Makefile | 6 +-
arch/arm/lib/crypto/poly1305-glue.c | 3 +-
arch/arm64/boot/dts/apple/t8012-j132.dts | 1 +
arch/arm64/boot/dts/exynos/exynos7870-j6lte.dts | 2 +-
arch/arm64/boot/dts/exynos/exynos7870-on7xelte.dts | 2 +-
arch/arm64/boot/dts/exynos/exynos7870.dtsi | 1 +
arch/arm64/boot/dts/exynos/google/gs101.dtsi | 1 +
arch/arm64/boot/dts/rockchip/rk3576.dtsi | 7 +-
.../arm64/boot/dts/rockchip/rk3588-turing-rk1.dtsi | 11 -
arch/arm64/boot/dts/ti/k3-am62-lp-sk.dts | 24 ++
arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1 -
arch/arm64/boot/dts/ti/k3-am62-verdin.dtsi | 12 +-
arch/arm64/boot/dts/ti/k3-am625-sk.dts | 24 ++
arch/arm64/boot/dts/ti/k3-am62a7-sk.dts | 4 +-
arch/arm64/boot/dts/ti/k3-am62x-sk-common.dtsi | 24 --
arch/arm64/boot/dts/ti/k3-pinctrl.h | 15 +-
arch/arm64/lib/crypto/poly1305-glue.c | 3 +-
arch/loongarch/Makefile | 6 +
arch/loongarch/kernel/module-sections.c | 38 +--
arch/loongarch/kvm/intc/eiointc.c | 32 +--
arch/loongarch/kvm/intc/ipi.c | 8 +-
arch/loongarch/kvm/intc/pch_pic.c | 10 +
arch/loongarch/kvm/vcpu.c | 8 +-
arch/m68k/kernel/head.S | 31 ++-
arch/mips/lib/crypto/chacha-core.S | 20 +-
arch/parisc/Makefile | 4 +-
arch/parisc/include/asm/pgtable.h | 7 +-
arch/parisc/include/asm/special_insns.h | 28 +++
arch/parisc/include/asm/uaccess.h | 21 +-
arch/parisc/kernel/cache.c | 6 +-
arch/parisc/kernel/entry.S | 17 +-
arch/parisc/kernel/syscall.S | 30 ++-
arch/parisc/lib/memcpy.c | 19 +-
arch/parisc/mm/fault.c | 4 +
arch/s390/boot/vmem.c | 3 +
arch/s390/hypfs/hypfs_dbfs.c | 19 +-
arch/x86/crypto/aegis128-aesni-glue.c | 40 +++-
arch/x86/include/asm/xen/hypercall.h | 5 +-
arch/x86/kernel/cpu/amd.c | 8 +-
arch/x86/kernel/cpu/hygon.c | 3 +
block/bfq-iosched.c | 13 +-
block/blk-mq-debugfs.c | 1 +
block/blk-mq-sched.c | 223 ++++++++++++------
block/blk-mq-sched.h | 12 +-
block/blk-mq.c | 29 ++-
block/blk-rq-qos.c | 8 +-
block/blk-rq-qos.h | 48 ++--
block/blk-sysfs.c | 2 +-
block/blk.h | 4 +-
block/elevator.c | 38 ++-
block/elevator.h | 16 +-
block/kyber-iosched.c | 11 +-
block/mq-deadline.c | 14 +-
crypto/deflate.c | 7 +-
drivers/accel/habanalabs/gaudi2/gaudi2.c | 2 +-
drivers/acpi/apei/einj-core.c | 12 +-
drivers/acpi/pfr_update.c | 2 +-
drivers/ata/Kconfig | 32 ++-
drivers/ata/libata-scsi.c | 49 ++--
drivers/base/power/runtime.c | 27 ++-
drivers/bluetooth/btmtk.c | 7 +-
drivers/bus/mhi/host/boot.c | 8 +-
drivers/bus/mhi/host/internal.h | 4 +-
drivers/bus/mhi/host/main.c | 12 +-
drivers/cdx/controller/cdx_rpmsg.c | 3 +-
drivers/comedi/comedi_fops.c | 5 +
drivers/comedi/drivers.c | 27 +--
drivers/comedi/drivers/pcl726.c | 3 +-
drivers/cpufreq/armada-8k-cpufreq.c | 2 +-
drivers/cpuidle/governors/menu.c | 29 +--
drivers/crypto/caam/ctrl.c | 5 +-
drivers/crypto/caam/intern.h | 1 +
drivers/crypto/ccp/sev-dev.c | 10 +-
.../crypto/intel/qat/qat_common/adf_common_drv.h | 1 +
drivers/crypto/intel/qat/qat_common/adf_init.c | 1 +
drivers/crypto/intel/qat/qat_common/adf_isr.c | 5 +
drivers/crypto/intel/qat/qat_common/qat_algs.c | 12 +-
drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h | 125 +++++++---
.../crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 35 +--
drivers/fpga/zynq-fpga.c | 10 +-
drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 +
drivers/gpu/drm/amd/amdgpu/amdgpu_cper.c | 8 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 3 +
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 6 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 76 +++---
drivers/gpu/drm/amd/amdgpu/amdgpu_job.c | 7 -
drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 1 +
drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.c | 1 +
drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 21 +-
drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c | 5 +-
drivers/gpu/drm/amd/amdgpu/gfx_v12_0.c | 14 +-
drivers/gpu/drm/amd/amdgpu/imu_v12_0.c | 13 +-
drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 +++--
drivers/gpu/drm/amd/amdgpu/mmhub_v3_3.c | 121 +++++++++-
drivers/gpu/drm/amd/amdgpu/mmhub_v4_1_0.c | 34 ++-
drivers/gpu/drm/amd/amdgpu/psp_v14_0.c | 2 +
drivers/gpu/drm/amd/amdgpu/soc15.c | 2 +
.../gpu/drm/amd/amdkfd/kfd_device_queue_manager.c | 2 +-
drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2 +-
drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v9.c | 61 ++++-
.../gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 20 +-
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 19 +-
.../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 28 +++
.../drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c | 2 +-
drivers/gpu/drm/amd/display/dc/bios/bios_parser.c | 5 +-
.../gpu/drm/amd/display/dc/bios/command_table.c | 2 +-
drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1 -
.../amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 19 +-
.../amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 ++--
.../amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 +--
drivers/gpu/drm/amd/display/dc/core/dc.c | 34 ++-
.../amd/display/dc/resource/dce60/dce60_resource.c | 34 +--
.../gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 +
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 16 ++
drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0.c | 11 +-
.../gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c | 30 ++-
drivers/gpu/drm/display/drm_dp_helper.c | 2 +-
drivers/gpu/drm/drm_format_helper.c | 108 ++++++++-
drivers/gpu/drm/drm_format_internal.h | 8 +
drivers/gpu/drm/drm_panic_qr.rs | 22 +-
drivers/gpu/drm/hisilicon/hibmc/dp/dp_link.c | 14 +-
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 22 +-
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.h | 1 +
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_i2c.c | 5 +
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_vdac.c | 11 +-
drivers/gpu/drm/i915/display/intel_display_irq.c | 4 +
drivers/gpu/drm/i915/display/intel_tc.c | 93 ++++++--
drivers/gpu/drm/i915/gt/intel_workarounds.c | 20 +-
drivers/gpu/drm/nouveau/nvif/vmm.c | 3 +-
.../gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/rpc.c | 4 +-
drivers/gpu/drm/nova/file.rs | 3 +-
drivers/gpu/drm/tests/drm_format_helper_test.c | 111 ++-------
drivers/gpu/drm/xe/Kconfig | 1 +
drivers/gpu/drm/xe/xe_migrate.c | 2 +-
drivers/gpu/drm/xe/xe_pxp_submit.c | 2 +-
drivers/gpu/drm/xe/xe_shrinker.c | 51 +++-
drivers/gpu/drm/xe/xe_vm.c | 48 ++--
drivers/gpu/drm/xe/xe_vm.h | 2 +-
drivers/hwmon/gsc-hwmon.c | 4 +-
drivers/i2c/busses/i2c-qcom-geni.c | 6 +-
drivers/i2c/busses/i2c-rtl9300.c | 20 +-
drivers/iio/accel/sca3300.c | 2 +-
drivers/iio/adc/Kconfig | 2 +-
drivers/iio/adc/ad7124.c | 14 +-
drivers/iio/adc/ad7173.c | 137 ++++++++---
drivers/iio/adc/ad7380.c | 1 +
drivers/iio/adc/ad_sigma_delta.c | 4 +-
drivers/iio/adc/rzg2l_adc.c | 33 +--
drivers/iio/imu/bno055/bno055.c | 11 +-
drivers/iio/imu/inv_icm42600/inv_icm42600.h | 8 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 31 ++-
drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.c | 22 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.h | 10 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 6 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 41 ++--
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 12 +-
drivers/iio/light/as73211.c | 2 +-
drivers/iio/pressure/bmp280-core.c | 9 +-
drivers/iio/proximity/isl29501.c | 14 +-
drivers/iio/temperature/maxim_thermocouple.c | 26 ++-
drivers/infiniband/core/umem_odp.c | 4 +-
drivers/infiniband/hw/bnxt_re/ib_verbs.c | 8 +-
drivers/infiniband/hw/bnxt_re/main.c | 23 ++
drivers/infiniband/hw/bnxt_re/qplib_fp.c | 30 +--
drivers/infiniband/hw/bnxt_re/qplib_fp.h | 2 -
drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 +
drivers/infiniband/hw/erdma/erdma_verbs.c | 6 +-
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 6 +-
drivers/infiniband/hw/hns/hns_roce_restrack.c | 9 +-
drivers/infiniband/sw/rxe/rxe_net.c | 29 +--
drivers/infiniband/sw/rxe/rxe_qp.c | 2 +-
drivers/iommu/amd/init.c | 4 +-
drivers/iommu/apple-dart.c | 1 -
drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 2 +-
drivers/iommu/intel/iommu.c | 1 -
drivers/iommu/iommufd/selftest.c | 1 -
drivers/iommu/riscv/iommu.c | 3 +-
drivers/iommu/virtio-iommu.c | 19 +-
drivers/md/dm-crypt.c | 47 +++-
drivers/md/dm-raid.c | 42 ++--
drivers/md/dm.c | 17 +-
drivers/md/md-bitmap.c | 8 +-
drivers/md/md-cluster.c | 16 +-
drivers/md/md.c | 110 ++++++---
drivers/md/md.h | 2 +-
drivers/md/raid0.c | 6 +-
drivers/md/raid1-10.c | 2 +-
drivers/md/raid1.c | 10 +-
drivers/md/raid10.c | 16 +-
drivers/md/raid5-ppl.c | 6 +-
drivers/md/raid5.c | 30 +--
drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 +-
drivers/media/i2c/hi556.c | 26 ++-
drivers/media/i2c/mt9m114.c | 8 -
drivers/media/i2c/ov2659.c | 3 +-
drivers/media/pci/intel/ipu6/ipu6-isys-csi2.c | 12 +-
drivers/media/pci/intel/ivsc/mei_ace.c | 2 +
drivers/media/pci/intel/ivsc/mei_csi.c | 2 +
.../platform/qcom/camss/camss-csiphy-3ph-1-0.c | 3 +-
drivers/media/platform/qcom/camss/camss.c | 20 +-
drivers/media/platform/qcom/iris/iris_buffer.c | 20 +-
drivers/media/platform/qcom/iris/iris_buffer.h | 3 +-
drivers/media/platform/qcom/iris/iris_ctrls.c | 7 +-
.../platform/qcom/iris/iris_hfi_gen1_command.c | 27 +--
.../platform/qcom/iris/iris_hfi_gen1_defines.h | 1 -
.../platform/qcom/iris/iris_hfi_gen1_response.c | 20 +-
.../platform/qcom/iris/iris_hfi_gen2_command.c | 4 +-
.../platform/qcom/iris/iris_hfi_gen2_response.c | 11 +-
drivers/media/platform/qcom/iris/iris_hfi_queue.c | 2 +-
drivers/media/platform/qcom/iris/iris_instance.h | 2 +
.../platform/qcom/iris/iris_platform_common.h | 2 +-
.../platform/qcom/iris/iris_platform_sm8250.c | 9 -
drivers/media/platform/qcom/iris/iris_state.c | 2 +-
drivers/media/platform/qcom/iris/iris_state.h | 1 +
drivers/media/platform/qcom/iris/iris_vb2.c | 15 +-
drivers/media/platform/qcom/iris/iris_vdec.c | 9 +-
drivers/media/platform/qcom/iris/iris_vidc.c | 33 ++-
drivers/media/platform/qcom/venus/core.c | 18 +-
drivers/media/platform/qcom/venus/core.h | 2 +
drivers/media/platform/qcom/venus/hfi_venus.c | 5 +
drivers/media/platform/qcom/venus/vdec.c | 5 +-
drivers/media/platform/qcom/venus/venc.c | 5 +-
drivers/media/platform/raspberrypi/pisp_be/Kconfig | 1 +
.../media/platform/raspberrypi/pisp_be/pisp_be.c | 5 +-
.../media/platform/verisilicon/rockchip_vpu_hw.c | 9 -
drivers/media/test-drivers/vivid/vivid-ctrls.c | 3 +-
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4 +-
drivers/media/usb/gspca/vicam.c | 10 +-
drivers/media/usb/usbtv/usbtv-video.c | 4 +
drivers/media/v4l2-core/v4l2-ctrls-core.c | 1 -
drivers/memstick/core/memstick.c | 1 -
drivers/memstick/host/rtsx_usb_ms.c | 1 +
drivers/mfd/mt6397-core.c | 12 +-
drivers/mmc/host/sdhci-of-arasan.c | 33 ++-
drivers/mmc/host/sdhci-pci-gli.c | 37 +--
drivers/mmc/host/sdhci_am654.c | 18 ++
drivers/most/core.c | 2 +-
drivers/mtd/nand/raw/fsmc_nand.c | 2 +
drivers/mtd/nand/raw/renesas-nand-controller.c | 6 +
drivers/mtd/nand/spi/core.c | 5 +-
drivers/mtd/spi-nor/swp.c | 19 +-
drivers/net/bonding/bond_3ad.c | 67 ++++--
drivers/net/bonding/bond_options.c | 1 +
drivers/net/dsa/microchip/ksz_common.c | 6 +
drivers/net/ethernet/airoha/airoha_ppe.c | 4 +-
drivers/net/ethernet/broadcom/bnxt/bnxt.c | 2 +-
drivers/net/ethernet/google/gve/gve_main.c | 2 +
drivers/net/ethernet/intel/igc/igc_main.c | 14 +-
drivers/net/ethernet/intel/ixgbe/devlink/devlink.c | 1 +
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 +-
.../net/ethernet/marvell/octeontx2/af/rvu_npc_fs.c | 4 +-
drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2 +
drivers/net/ethernet/mellanox/mlx5/core/en/dcbnl.h | 1 -
.../ethernet/mellanox/mlx5/core/en/port_buffer.c | 18 +-
.../ethernet/mellanox/mlx5/core/en/tc/ct_fs_hmfs.c | 2 +
drivers/net/ethernet/mellanox/mlx5/core/en_dcbnl.c | 12 +-
.../ethernet/mellanox/mlx5/core/esw/devlink_port.c | 4 +-
.../net/ethernet/mellanox/mlx5/core/mlx5_core.h | 2 +
drivers/net/ethernet/mellanox/mlx5/core/port.c | 20 ++
.../mellanox/mlx5/core/steering/hws/bwc_complex.c | 41 ++--
.../ethernet/mellanox/mlx5/core/steering/hws/cmd.c | 1 +
.../ethernet/mellanox/mlx5/core/steering/hws/cmd.h | 1 +
.../mellanox/mlx5/core/steering/hws/fs_hws.c | 1 +
.../mellanox/mlx5/core/steering/hws/matcher.c | 5 +-
.../mellanox/mlx5/core/steering/hws/mlx5hws.h | 1 +
.../mellanox/mlx5/core/steering/hws/send.c | 1 -
.../mellanox/mlx5/core/steering/hws/table.c | 13 +-
.../mellanox/mlx5/core/steering/hws/table.h | 3 +-
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 +
drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 +
drivers/net/ethernet/microchip/lan865x/lan865x.c | 21 ++
drivers/net/ethernet/realtek/rtase/rtase.h | 2 +-
drivers/net/ethernet/stmicro/stmmac/dwmac-thead.c | 9 +-
drivers/net/ethernet/ti/icssg/icssg_prueth.c | 72 +++---
drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 8 +-
drivers/net/phy/mscc/mscc.h | 12 +
drivers/net/phy/mscc/mscc_main.c | 12 +
drivers/net/phy/mscc/mscc_ptp.c | 49 +++-
drivers/net/ppp/ppp_generic.c | 17 +-
drivers/net/usb/asix_devices.c | 2 +-
drivers/net/wireless/ath/ath11k/ce.c | 3 -
drivers/net/wireless/ath/ath11k/dp_rx.c | 3 -
drivers/net/wireless/ath/ath11k/hal.c | 33 ++-
drivers/net/wireless/ath/ath12k/ce.c | 3 -
drivers/net/wireless/ath/ath12k/hal.c | 38 ++-
.../broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 +-
drivers/pci/controller/dwc/pci-imx6.c | 12 +-
drivers/pci/controller/dwc/pcie-designware.c | 8 +
drivers/pci/controller/pcie-rockchip-ep.c | 4 +-
drivers/pci/controller/pcie-rockchip-host.c | 49 ++--
drivers/pci/controller/pcie-rockchip.h | 12 +-
drivers/pci/endpoint/pci-ep-cfs.c | 1 +
drivers/pci/endpoint/pci-epf-core.c | 2 +-
drivers/pci/pci.h | 32 +--
drivers/pci/pcie/portdrv.c | 2 +-
drivers/phy/qualcomm/phy-qcom-m31.c | 14 +-
drivers/platform/chrome/cros_ec.c | 3 +
drivers/platform/x86/amd/hsmp/hsmp.c | 5 +
.../intel/uncore-frequency/uncore-frequency-tpmi.c | 5 +
drivers/pwm/pwm-imx-tpm.c | 9 +
drivers/pwm/pwm-mediatek.c | 71 +++---
drivers/regulator/pca9450-regulator.c | 13 +-
drivers/regulator/tps65219-regulator.c | 12 +-
drivers/s390/char/sclp.c | 11 +-
drivers/scsi/mpi3mr/mpi3mr.h | 6 +-
drivers/scsi/mpi3mr/mpi3mr_fw.c | 17 +-
drivers/scsi/mpi3mr/mpi3mr_os.c | 2 +
drivers/scsi/qla4xxx/ql4_os.c | 2 +
drivers/soc/qcom/mdt_loader.c | 43 ++++
drivers/soc/tegra/pmc.c | 51 ++--
drivers/spi/spi-fsl-lpspi.c | 8 +-
drivers/spi/spi-qpic-snand.c | 22 +-
drivers/staging/media/imx/imx-media-csc-scaler.c | 2 +-
drivers/tty/serial/8250/8250_port.c | 3 +-
drivers/tty/vt/defkeymap.c_shipped | 112 +++++++++
drivers/tty/vt/keyboard.c | 2 +-
drivers/ufs/core/ufshcd.c | 10 +-
drivers/ufs/host/ufs-exynos.c | 4 +-
drivers/ufs/host/ufs-qcom.c | 42 ++--
drivers/ufs/host/ufshcd-pci.c | 42 +++-
drivers/usb/atm/cxacru.c | 172 +++++++-------
drivers/usb/core/hcd.c | 20 +-
drivers/usb/core/quirks.c | 1 +
drivers/usb/dwc3/dwc3-imx8mp.c | 7 +-
drivers/usb/dwc3/dwc3-meson-g12a.c | 3 +
drivers/usb/dwc3/dwc3-pci.c | 2 +
drivers/usb/dwc3/ep0.c | 20 +-
drivers/usb/dwc3/gadget.c | 19 +-
drivers/usb/gadget/udc/renesas_usb3.c | 1 +
drivers/usb/host/xhci-hub.c | 3 +-
drivers/usb/host/xhci-mem.c | 22 +-
drivers/usb/host/xhci-pci-renesas.c | 7 +-
drivers/usb/host/xhci-ring.c | 9 +-
drivers/usb/host/xhci.c | 23 +-
drivers/usb/host/xhci.h | 3 +-
drivers/usb/musb/omap2430.c | 14 +-
drivers/usb/storage/realtek_cr.c | 2 +-
drivers/usb/storage/unusual_devs.h | 29 +++
drivers/usb/typec/tcpm/maxim_contaminant.c | 58 +++++
drivers/usb/typec/tcpm/tcpci_maxim.h | 1 +
drivers/vhost/vsock.c | 6 +-
drivers/video/console/vgacon.c | 2 +-
fs/btrfs/ctree.c | 23 +-
fs/btrfs/extent-tree.c | 2 +-
fs/btrfs/extent_io.c | 94 ++++----
fs/btrfs/extent_io.h | 2 +-
fs/btrfs/fiemap.c | 2 +-
fs/btrfs/free-space-tree.c | 17 +-
fs/btrfs/inode.c | 8 +-
fs/btrfs/print-tree.c | 2 +-
fs/btrfs/qgroup.c | 6 +-
fs/btrfs/relocation.c | 4 +-
fs/btrfs/subpage.c | 258 +++++++++++----------
fs/btrfs/subpage.h | 45 +++-
fs/btrfs/super.c | 13 +-
fs/btrfs/tree-log.c | 4 +-
fs/btrfs/zoned.c | 70 ++++--
fs/buffer.c | 2 +-
fs/debugfs/inode.c | 11 +-
fs/erofs/Kconfig | 18 +-
fs/ext4/fsmap.c | 23 +-
fs/ext4/indirect.c | 4 +-
fs/ext4/inode.c | 2 +-
fs/ext4/orphan.c | 5 +-
fs/ext4/super.c | 8 +-
fs/f2fs/node.c | 10 +
fs/fhandle.c | 2 +-
fs/internal.h | 3 +
fs/iomap/direct-io.c | 14 +-
fs/jbd2/checkpoint.c | 1 +
fs/libfs.c | 27 ++-
fs/namespace.c | 69 +++---
fs/netfs/read_collect.c | 4 +-
fs/netfs/write_collect.c | 10 +-
fs/netfs/write_issue.c | 4 +-
fs/nfs/pagelist.c | 9 +-
fs/nfs/write.c | 29 +--
fs/overlayfs/copy_up.c | 2 +-
fs/proc/task_mmu.c | 4 +-
fs/smb/client/smb2ops.c | 2 +-
fs/smb/server/connection.c | 3 +-
fs/smb/server/connection.h | 7 +-
fs/smb/server/oplock.c | 13 +-
fs/smb/server/transport_rdma.c | 5 +-
fs/smb/server/transport_rdma.h | 4 +-
fs/smb/server/transport_tcp.c | 26 ++-
fs/splice.c | 3 +
fs/squashfs/super.c | 14 +-
fs/xfs/libxfs/xfs_refcount.c | 4 +-
fs/xfs/scrub/common.c | 3 +-
fs/xfs/scrub/repair.c | 12 +-
fs/xfs/scrub/scrub.c | 5 +-
fs/xfs/xfs_attr_item.c | 5 +-
fs/xfs/xfs_discard.c | 12 +-
fs/xfs/xfs_fsmap.c | 4 +-
fs/xfs/xfs_icache.c | 5 +-
fs/xfs/xfs_inode.c | 7 +-
fs/xfs/xfs_itable.c | 24 +-
fs/xfs/xfs_iwalk.c | 11 +-
fs/xfs/xfs_notify_failure.c | 6 +-
fs/xfs/xfs_qm.c | 10 +-
fs/xfs/xfs_rtalloc.c | 13 +-
fs/xfs/xfs_trans.c | 56 ++---
fs/xfs/xfs_trans.h | 3 +-
fs/xfs/xfs_zone_alloc.c | 10 +-
fs/xfs/xfs_zone_gc.c | 5 +-
include/crypto/hash.h | 2 +-
include/crypto/internal/acompress.h | 5 +-
include/drm/drm_format_helper.h | 9 +
include/drm/intel/pciids.h | 1 +
include/linux/blkdev.h | 1 +
include/linux/compiler.h | 8 -
include/linux/iosys-map.h | 7 +-
include/linux/iov_iter.h | 20 +-
include/linux/kcov.h | 47 +---
include/linux/mlx5/mlx5_ifc.h | 14 +-
include/linux/netfs.h | 1 +
include/linux/nfs_page.h | 1 +
include/net/bluetooth/bluetooth.h | 4 +-
include/net/bluetooth/hci.h | 1 +
include/net/bluetooth/hci_core.h | 54 ++++-
include/net/bond_3ad.h | 1 +
include/net/devlink.h | 6 +-
include/net/sch_generic.h | 11 +-
include/sound/cs35l56.h | 5 +-
include/trace/events/btrfs.h | 2 +-
include/uapi/linux/pfrut.h | 1 +
include/uapi/linux/raid/md_p.h | 2 +-
io_uring/futex.c | 3 +
kernel/Kconfig.kexec | 1 +
kernel/cgroup/cpuset.c | 9 +-
kernel/cgroup/rstat.c | 3 +
kernel/kexec_handover.c | 29 ++-
kernel/sched/ext.c | 4 +
kernel/signal.c | 6 +-
kernel/trace/ftrace.c | 19 +-
kernel/trace/trace.c | 34 ++-
kernel/trace/trace.h | 10 +-
mm/damon/core.c | 15 +-
mm/damon/paddr.c | 4 +
mm/debug_vm_pgtable.c | 9 +-
mm/filemap.c | 3 +-
mm/kasan/kasan_test_c.c | 2 +-
mm/memory-failure.c | 8 +
mm/mremap.c | 41 ++--
net/bluetooth/hci_conn.c | 17 +-
net/bluetooth/hci_core.c | 27 ++-
net/bluetooth/hci_event.c | 15 +-
net/bluetooth/hci_sync.c | 33 +--
net/bluetooth/iso.c | 20 +-
net/bluetooth/mgmt.c | 13 +-
net/bridge/br_multicast.c | 16 ++
net/bridge/br_private.h | 2 +
net/core/dev.c | 12 +
net/devlink/port.c | 2 +-
net/hsr/hsr_slave.c | 8 +-
net/ipv4/netfilter/nf_reject_ipv4.c | 6 +-
net/ipv6/netfilter/nf_reject_ipv6.c | 5 +-
net/ipv6/seg6_hmac.c | 6 +-
net/mptcp/options.c | 6 +-
net/mptcp/pm.c | 18 +-
net/mptcp/pm_kernel.c | 1 -
net/sched/sch_cake.c | 14 +-
net/sched/sch_codel.c | 12 +-
net/sched/sch_fq.c | 12 +-
net/sched/sch_fq_codel.c | 12 +-
net/sched/sch_fq_pie.c | 12 +-
net/sched/sch_hhf.c | 12 +-
net/sched/sch_htb.c | 2 +-
net/sched/sch_pie.c | 12 +-
net/smc/af_smc.c | 3 +-
net/tls/tls_sw.c | 7 +-
net/vmw_vsock/virtio_transport.c | 12 +-
rust/kernel/alloc/allocator.rs | 30 ++-
rust/kernel/alloc/allocator_test.rs | 11 +
rust/kernel/drm/device.rs | 32 ++-
rust/kernel/faux.rs | 2 +-
security/apparmor/lsm.c | 4 +-
sound/core/timer.c | 4 +-
sound/pci/hda/patch_realtek.c | 2 +
sound/pci/hda/tas2781_hda_i2c.c | 2 +-
sound/soc/codecs/cs35l56-sdw.c | 69 ------
sound/soc/codecs/cs35l56-shared.c | 29 ++-
sound/soc/codecs/cs35l56.c | 2 +-
sound/soc/codecs/cs35l56.h | 3 -
sound/soc/sof/amd/acp-loader.c | 6 +-
sound/usb/stream.c | 2 +-
sound/usb/validate.c | 2 +-
tools/objtool/arch/loongarch/special.c | 23 ++
tools/testing/selftests/net/mptcp/mptcp_connect.c | 5 +-
tools/testing/selftests/net/mptcp/mptcp_inq.c | 5 +-
tools/testing/selftests/net/mptcp/mptcp_sockopt.c | 5 +-
tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 +
498 files changed, 4907 insertions(+), 2746 deletions(-)
2 weeks, 3 days
- 20
- 477
[PATCH net v2] batman-adv: fix OOB read/write in network-coding decode
by Stanislav Fort
batadv_nc_skb_decode_packet() trusts coded_len and checks only against
skb->len. XOR starts at sizeof(struct batadv_unicast_packet), reducing
payload headroom, and the source skb length is not verified, allowing an
out-of-bounds read and a small out-of-bounds write.
Validate that coded_len fits within the payload area of both destination
and source sk_buffs before XORing.
Fixes: 2df5278b0267 ("batman-adv: network coding - receive coded packets and decode them")
Cc: stable(a)vger.kernel.org
Reported-by: Stanislav Fort <disclosure(a)aisle.com>
Signed-off-by: Stanislav Fort <disclosure(a)aisle.com>
---
net/batman-adv/network-coding.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/net/batman-adv/network-coding.c b/net/batman-adv/network-coding.c
index 9f56308779cc..af97d077369f 100644
--- a/net/batman-adv/network-coding.c
+++ b/net/batman-adv/network-coding.c
@@ -1687,7 +1687,12 @@ batadv_nc_skb_decode_packet(struct batadv_priv *bat_priv, struct sk_buff *skb,
coding_len = ntohs(coded_packet_tmp.coded_len);
- if (coding_len > skb->len)
+ /* ensure dst buffer is large enough (payload only) */
+ if (coding_len + h_size > skb->len)
+ return NULL;
+
+ /* ensure src buffer is large enough (payload only) */
+ if (coding_len + h_size > nc_packet->skb->len)
return NULL;
/* Here the magic is reversed:
--
2.39.3 (Apple Git-146)
2 weeks, 3 days
- 2
- 1
[PATCH 0/3] clk: samsung: exynos990: Fix USB clock support
by Denzeel Oliva
Hi,
Small fixes for Exynos990 HSI0 USB clocks:
Add missing LHS_ACEL clock ID and implementation, plus two missing
USB clock registers. Without these, USB connections fail with errors
like device descriptor read timeouts and address response issues.
These changes ensure proper USB operation by adding critical missing
clock definitions.
Denzeel Oliva
Signed-off-by: Denzeel Oliva <wachiturroxd150(a)gmail.com>
Signed-off-by: Denzeel Oliva <wachiturroxd150(a)gmail.com>
---
Denzeel Oliva (3):
dt-bindings: clock: exynos990: Add LHS_ACEL clock ID for HSI0 block
clk: samsung: exynos990: Add LHS_ACEL gate clock for HSI0 and update CLK_NR_TOP
clk: samsung: exynos990: Add missing USB clock registers to HSI0
drivers/clk/samsung/clk-exynos990.c | 8 +++++++-
include/dt-bindings/clock/samsung,exynos990.h | 1 +
2 files changed, 8 insertions(+), 1 deletion(-)
---
base-commit: e0edfc39b62e35dfb6d669b1189fa268147345ef
change-id: 20250830-usb-c8d352f5de9f
Best regards,
--
Denzeel Oliva <wachiturroxd150(a)gmail.com>
2 weeks, 3 days
- 2
- 4
[PATCH v7 02/12] i2c: rtl9300: ensure data length is within supported range
by Jonas Jelonek
Add an explicit check for the xfer length to 'rtl9300_i2c_config_xfer'
to ensure the data length isn't within the supported range. In
particular a data length of 0 is not supported by the hardware and
causes unintended or destructive behaviour.
This limitation becomes obvious when looking at the register
documentation [1]. 4 bits are reserved for DATA_WIDTH and the value
of these 4 bits is used as N + 1, allowing a data length range of
1 <= len <= 16.
Affected by this is the SMBus Quick Operation which works with a data
length of 0. Passing 0 as the length causes an underflow of the value
due to:
(len - 1) & 0xf
and effectively specifying a transfer length of 16 via the registers.
This causes a 16-byte write operation instead of a Quick Write. For
example, on SFP modules without write-protected EEPROM this soft-bricks
them by overwriting some initial bytes.
For completeness, also add a quirk for the zero length.
[1] https://svanheule.net/realtek/longan/register/i2c_mst1_ctrl2
Fixes: c366be720235 ("i2c: Add driver for the RTL9300 I2C controller")
Cc: <stable(a)vger.kernel.org> # v6.13+
Signed-off-by: Jonas Jelonek <jelonek.jonas(a)gmail.com>
Tested-by: Sven Eckelmann <sven(a)narfation.org>
Reviewed-by: Chris Packham <chris.packham(a)alliedtelesis.co.nz>
Tested-by: Chris Packham <chris.packham(a)alliedtelesis.co.nz> # On RTL9302C based board
Tested-by: Markus Stockhausen <markus.stockhausen(a)gmx.de>
---
drivers/i2c/busses/i2c-rtl9300.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/i2c/busses/i2c-rtl9300.c b/drivers/i2c/busses/i2c-rtl9300.c
index 19c367703eaf..ebd4a85e1bde 100644
--- a/drivers/i2c/busses/i2c-rtl9300.c
+++ b/drivers/i2c/busses/i2c-rtl9300.c
@@ -99,6 +99,9 @@ static int rtl9300_i2c_config_xfer(struct rtl9300_i2c *i2c, struct rtl9300_i2c_c
{
u32 val, mask;
+ if (len < 1 || len > 16)
+ return -EINVAL;
+
val = chan->bus_freq << RTL9300_I2C_MST_CTRL2_SCL_FREQ_OFS;
mask = RTL9300_I2C_MST_CTRL2_SCL_FREQ_MASK;
@@ -352,7 +355,7 @@ static const struct i2c_algorithm rtl9300_i2c_algo = {
};
static struct i2c_adapter_quirks rtl9300_i2c_quirks = {
- .flags = I2C_AQ_NO_CLK_STRETCH,
+ .flags = I2C_AQ_NO_CLK_STRETCH | I2C_AQ_NO_ZERO_LEN,
.max_read_len = 16,
.max_write_len = 16,
};
--
2.48.1
2 weeks, 3 days
- 1
- 0
[PATCH v7 01/12] i2c: rtl9300: fix channel number bound check
by Jonas Jelonek
Fix the current check for number of channels (child nodes in the device
tree). Before, this was:
if (device_get_child_node_count(dev) >= RTL9300_I2C_MUX_NCHAN)
RTL9300_I2C_MUX_NCHAN gives the maximum number of channels so checking
with '>=' isn't correct because it doesn't allow the last channel
number. Thus, fix it to:
if (device_get_child_node_count(dev) > RTL9300_I2C_MUX_NCHAN)
Issue occured on a TP-Link TL-ST1008F v2.0 device (8 SFP+ ports) and fix
is tested there.
Fixes: c366be720235 ("i2c: Add driver for the RTL9300 I2C controller")
Cc: <stable(a)vger.kernel.org> # v6.13+
Signed-off-by: Jonas Jelonek <jelonek.jonas(a)gmail.com>
Tested-by: Sven Eckelmann <sven(a)narfation.org>
Reviewed-by: Chris Packham <chris.packham(a)alliedtelesis.co.nz>
Tested-by: Chris Packham <chris.packham(a)alliedtelesis.co.nz> # On RTL9302C based board
Tested-by: Markus Stockhausen <markus.stockhausen(a)gmx.de>
---
drivers/i2c/busses/i2c-rtl9300.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/i2c/busses/i2c-rtl9300.c b/drivers/i2c/busses/i2c-rtl9300.c
index 4b215f9a24e6..19c367703eaf 100644
--- a/drivers/i2c/busses/i2c-rtl9300.c
+++ b/drivers/i2c/busses/i2c-rtl9300.c
@@ -382,7 +382,7 @@ static int rtl9300_i2c_probe(struct platform_device *pdev)
platform_set_drvdata(pdev, i2c);
- if (device_get_child_node_count(dev) >= RTL9300_I2C_MUX_NCHAN)
+ if (device_get_child_node_count(dev) > RTL9300_I2C_MUX_NCHAN)
return dev_err_probe(dev, -EINVAL, "Too many channels\n");
device_for_each_child_node(dev, child) {
--
2.48.1
2 weeks, 3 days
- 1
- 0
New September Order. 15508 Sunday, August 31, 2025 at 11:07:52 AM
by Info - Albinayah 957
Hi Stable,
Please provide a quote for your products:
Include:
1.Pricing (per unit)
2.Delivery cost & timeline
3.Quote expiry date
Deadline: September
Thanks!
Kamal Prasad
Albinayah Trading
2 weeks, 3 days
- 1
- 0
[PATCH 6.6 0/8] Backport sched/schedutil fixes and depend patch series
by Wentao Guan
Our user report a bug that his cpu keep the min cpu freq,
bisect to commit ada8d7fa0ad49a2a078f97f7f6e02d24d3c357a3
("sched/cpufreq: Rework schedutil governor performance estimation")
and test the fix e37617c8e53a1f7fcba6d5e1041f4fd8a2425c27
("sched/fair: Fix frequency selection for non-invariant case")
works.
And backport the "stable-deps-of" series:
"consolidate and cleanup CPU capacity"
Link: https://lore.kernel.org/all/20231211104855.558096-1-vincent.guittot@linaro.…
PS:
commit 50b813b147e9eb6546a1fc49d4e703e6d23691f2 in series
("cpufreq/cppc: Move and rename cppc_cpufreq_{perf_to_khz|khz_to_perf}()")
merged in v6.6.59 as 33e89c16cea0882bb05c585fa13236b730dd0efa
Vincent Guittot (8):
sched/topology: Add a new arch_scale_freq_ref() method
cpufreq: Use the fixed and coherent frequency for scaling capacity
cpufreq/schedutil: Use a fixed reference frequency
energy_model: Use a fixed reference frequency
cpufreq/cppc: Set the frequency used for computing the capacity
arm64/amu: Use capacity_ref_freq() to set AMU ratio
topology: Set capacity_freq_ref in all cases
sched/fair: Fix frequency selection for non-invariant case
arch/arm/include/asm/topology.h | 1 +
arch/arm64/include/asm/topology.h | 1 +
arch/arm64/kernel/topology.c | 26 ++++++------
arch/riscv/include/asm/topology.h | 1 +
drivers/base/arch_topology.c | 69 ++++++++++++++++++++-----------
drivers/cpufreq/cpufreq.c | 4 +-
include/linux/arch_topology.h | 8 ++++
include/linux/cpufreq.h | 1 +
include/linux/energy_model.h | 6 +--
include/linux/sched/topology.h | 8 ++++
kernel/sched/cpufreq_schedutil.c | 30 +++++++++++++-
11 files changed, 111 insertions(+), 44 deletions(-)
--
2.20.1
2 weeks, 3 days
- 3
- 12
[PATCH v2] scsi: lpfc: Fix buffer free/clear order in deferred receive path
by John Evans
Fix a use-after-free window by correcting the buffer release sequence in
the deferred receive path. The code freed the RQ buffer first and only
then cleared the context pointer under the lock. Concurrent paths
(e.g., ABTS and the repost path) also inspect and release the same
pointer under the lock, so the old order could lead to double-free/UAF.
Note that the repost path already uses the correct pattern: detach the
pointer under the lock, then free it after dropping the lock. The deferred
path should do the same.
Fixes: 472e146d1cf3 ("scsi: lpfc: Correct upcalling nvmet_fc transport during io done downcall")
Cc: stable(a)vger.kernel.org
Signed-off-by: John Evans <evans1210144(a)gmail.com>
---
v2:
* Rework locking to read and clear the buffer pointer atomically, as
suggested by Justin Tee.
---
drivers/scsi/lpfc/lpfc_nvmet.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/drivers/scsi/lpfc/lpfc_nvmet.c b/drivers/scsi/lpfc/lpfc_nvmet.c
index fba2e62027b7..4cfc928bcf2d 100644
--- a/drivers/scsi/lpfc/lpfc_nvmet.c
+++ b/drivers/scsi/lpfc/lpfc_nvmet.c
@@ -1243,7 +1243,7 @@ lpfc_nvmet_defer_rcv(struct nvmet_fc_target_port *tgtport,
struct lpfc_nvmet_tgtport *tgtp;
struct lpfc_async_xchg_ctx *ctxp =
container_of(rsp, struct lpfc_async_xchg_ctx, hdlrctx.fcp_req);
- struct rqb_dmabuf *nvmebuf = ctxp->rqb_buffer;
+ struct rqb_dmabuf *nvmebuf;
struct lpfc_hba *phba = ctxp->phba;
unsigned long iflag;
@@ -1251,13 +1251,18 @@ lpfc_nvmet_defer_rcv(struct nvmet_fc_target_port *tgtport,
lpfc_nvmeio_data(phba, "NVMET DEFERRCV: xri x%x sz %d CPU %02x\n",
ctxp->oxid, ctxp->size, raw_smp_processor_id());
+ spin_lock_irqsave(&ctxp->ctxlock, iflag);
+ nvmebuf = ctxp->rqb_buffer;
if (!nvmebuf) {
+ spin_unlock_irqrestore(&ctxp->ctxlock, iflag);
lpfc_printf_log(phba, KERN_INFO, LOG_NVME_IOERR,
"6425 Defer rcv: no buffer oxid x%x: "
"flg %x ste %x\n",
ctxp->oxid, ctxp->flag, ctxp->state);
return;
}
+ ctxp->rqb_buffer = NULL;
+ spin_unlock_irqrestore(&ctxp->ctxlock, iflag);
tgtp = phba->targetport->private;
if (tgtp)
@@ -1265,9 +1270,6 @@ lpfc_nvmet_defer_rcv(struct nvmet_fc_target_port *tgtport,
/* Free the nvmebuf since a new buffer already replaced it */
nvmebuf->hrq->rqbp->rqb_free_buffer(phba, nvmebuf);
- spin_lock_irqsave(&ctxp->ctxlock, iflag);
- ctxp->rqb_buffer = NULL;
- spin_unlock_irqrestore(&ctxp->ctxlock, iflag);
}
/**
--
2.43.0
2 weeks, 4 days
- 3
- 2
[regression] Wireguard fragmentation fails with VXLAN since 8930424777e4 ("tunnels: Accept PACKET_HOST skb_tunnel_check_pmtu().") causing network timeouts
by Salvatore Bonaccorso
Hi,
Charles Bordet reported the following issue (full context in
https://bugs.debian.org/1108860)
> Dear Maintainer,
>
> What led up to the situation?
> We run a production environment using Debian 12 VMs, with a network
> topology involving VXLAN tunnels encapsulated inside Wireguard
> interfaces. This setup has worked reliably for over a year, with MTU set
> to 1500 on all interfaces except the Wireguard interface (set to 1420).
> Wireguard kernel fragmentation allowed this configuration to function
> without issues, even though the effective path MTU is lower than 1500.
>
> What exactly did you do (or not do) that was effective (or ineffective)?
> We performed a routine system upgrade, updating all packages include the
> kernel. After the upgrade, we observed severe network issues (timeouts,
> very slow HTTP/HTTPS, and apt update failures) on all VMs behind the
> router. SSH and small-packet traffic continued to work.
>
> To diagnose, we:
>
> * Restored a backup (with the previous kernel): the problem disappeared.
> * Repeated the upgrade, confirming the issue reappeared.
> * Systematically tested each kernel version from 6.1.124-1 up to
> 6.1.140-1. The problem first appears with kernel 6.1.135-1; all earlier
> versions work as expected.
> * Kernel version from the backports (6.12.32-1) did not resolve the
> problem.
>
> What was the outcome of this action?
>
> * With kernel 6.1.135-1 or later, network timeouts occur for
> large-packet protocols (HTTP, apt, etc.), while SSH and small-packet
> protocols work.
> * With kernel 6.1.133-1 or earlier, everything works as expected.
>
> What outcome did you expect instead?
> We expected the network to function as before, with Wireguard handling
> fragmentation transparently and no application-level timeouts,
> regardless of the kernel version.
While triaging the issue we found that the commit 8930424777e4
("tunnels: Accept PACKET_HOST in skb_tunnel_check_pmtu()." introduces
the issue and Charles confirmed that the issue was present as well in
6.12.35 and 6.15.4 (other version up could potentially still be
affected, but we wanted to check it is not a 6.1.y specific
regression).
Reverthing the commit fixes Charles' issue.
Does that ring a bell?
Regards,
Salvatore
2 weeks, 4 days
- 3
- 3
[PATCH] net: dsa: mv88e6xxx: Fix fwnode reference leaks in mv88e6xxx_port_setup_leds
by Miaoqian Lin
Fix multiple fwnode reference leaks:
1. The function calls fwnode_get_named_child_node() to get the "leds" node,
but never calls fwnode_handle_put(leds) to release this reference.
2. Within the fwnode_for_each_child_node() loop, the early return
paths that don't properly release the "led" fwnode reference.
This fix follows the same pattern as commit d029edefed39
("net dsa: qca8k: fix usages of device_get_named_child_node()")
Fixes: 94a2a84f5e9e ("net: dsa: mv88e6xxx: Support LED control")
Cc: stable(a)vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
drivers/net/dsa/mv88e6xxx/leds.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/drivers/net/dsa/mv88e6xxx/leds.c b/drivers/net/dsa/mv88e6xxx/leds.c
index 1c88bfaea46b..dcc765066f9c 100644
--- a/drivers/net/dsa/mv88e6xxx/leds.c
+++ b/drivers/net/dsa/mv88e6xxx/leds.c
@@ -779,6 +779,8 @@ int mv88e6xxx_port_setup_leds(struct mv88e6xxx_chip *chip, int port)
continue;
if (led_num > 1) {
dev_err(dev, "invalid LED specified port %d\n", port);
+ fwnode_handle_put(led);
+ fwnode_handle_put(leds);
return -EINVAL;
}
@@ -823,17 +825,23 @@ int mv88e6xxx_port_setup_leds(struct mv88e6xxx_chip *chip, int port)
init_data.devname_mandatory = true;
init_data.devicename = kasprintf(GFP_KERNEL, "%s:0%d:0%d", chip->info->name,
port, led_num);
- if (!init_data.devicename)
+ if (!init_data.devicename) {
+ fwnode_handle_put(led);
+ fwnode_handle_put(leds);
return -ENOMEM;
+ }
ret = devm_led_classdev_register_ext(dev, l, &init_data);
kfree(init_data.devicename);
if (ret) {
dev_err(dev, "Failed to init LED %d for port %d", led_num, port);
+ fwnode_handle_put(led);
+ fwnode_handle_put(leds);
return ret;
}
}
+ fwnode_handle_put(leds);
return 0;
}
--
2.35.1
2 weeks, 4 days
- 2
- 1
[PATCH 1/2] ALSA: hda: tas2781: fix tas2563 EFI data endianness
by Gergo Koteles
Before conversion to unify the calibration data management, the
tas2563_apply_calib() function performed the big endian conversion and
wrote the calibration data to the device. The writing is now done by the
common tasdev_load_calibrated_data() function, but without conversion.
Put the values into the calibration data buffer with the expected
endianness.
Fixes: 4fe238513407 ("ALSA: hda/tas2781: Move and unified the calibrated-data getting function for SPI and I2C into the tas2781_hda lib")
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Gergo Koteles <soyer(a)irl.hu>
---
sound/hda/codecs/side-codecs/tas2781_hda_i2c.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/sound/hda/codecs/side-codecs/tas2781_hda_i2c.c b/sound/hda/codecs/side-codecs/tas2781_hda_i2c.c
index e34b17f0c9b9..1eac751ab2a6 100644
--- a/sound/hda/codecs/side-codecs/tas2781_hda_i2c.c
+++ b/sound/hda/codecs/side-codecs/tas2781_hda_i2c.c
@@ -310,6 +310,7 @@ static int tas2563_save_calibration(struct tas2781_hda *h)
struct cali_reg *r = &cd->cali_reg_array;
unsigned int offset = 0;
unsigned char *data;
+ __be32 bedata;
efi_status_t status;
unsigned int attr;
int ret, i, j, k;
@@ -351,6 +352,8 @@ static int tas2563_save_calibration(struct tas2781_hda *h)
i, j, status);
return -EINVAL;
}
+ bedata = cpu_to_be32(*(uint32_t *)&data[offset]);
+ memcpy(&data[offset], &bedata, sizeof(bedata));
offset += TAS2563_CAL_DATA_SIZE;
}
}
--
2.51.0
2 weeks, 4 days
- 2
- 2
[PATCH 5.4 000/403] 5.4.297-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 5.4.297 release.
There are 403 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 28 Aug 2025 11:08:17 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.297-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 5.4.297-rc1
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Enable limited access during lockdown
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
William Liu <will(a)willsroot.io>
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
William Liu <will(a)willsroot.io>
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
Jason Xing <kernelxing(a)tencent.com>
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Minhong He <heminhong(a)kylinos.cn>
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Dan Carpenter <dan.carpenter(a)linaro.org>
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Dan Carpenter <dan.carpenter(a)linaro.org>
scsi: qla4xxx: Prevent a potential error pointer dereference
Weitao Wang <WeitaoWang-oc(a)zhaoxin.com>
usb: xhci: Fix slot_id resource race conflict
Josef Bacik <josef(a)toxicpanda.com>
nfs: fix UAF in direct writes
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix up commit deadlocks
Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com>
cifs: Fix UAF in cifs_demultiplex_thread()
Dmitry Antipov <dmantipov(a)yandex.ru>
Bluetooth: fix use-after-free in device_for_each_child()
Davide Caratti <dcaratti(a)redhat.com>
act_mirred: use the backlog for nested calls to mirred ingress
Davide Caratti <dcaratti(a)redhat.com>
net/sched: act_mirred: better wording on protection against excessive stack growth
wenxu <wenxu(a)ucloud.cn>
net/sched: act_mirred: refactor the handle of xmit
Jiri Pirko <jiri(a)mellanox.com>
selftests: forwarding: tc_actions.sh: add matchall mirror test
Vlad Buslov <vladbu(a)mellanox.com>
net: sched: don't expose action qstats to skb_tc_reinsert()
Vlad Buslov <vladbu(a)mellanox.com>
net: sched: extract qstats update code into functions
Vlad Buslov <vladbu(a)mellanox.com>
net: sched: extract bstats update code into function
Vlad Buslov <vladbu(a)mellanox.com>
net: sched: extract common action counters update code into function
Lorenzo Stoakes <lstoakes(a)gmail.com>
mm: perform the mapping_map_writable() check after call_mmap()
Lorenzo Stoakes <lstoakes(a)gmail.com>
mm: update memfd seal write check to include F_SEAL_WRITE
Lorenzo Stoakes <lstoakes(a)gmail.com>
mm: drop the assumption that VM_SHARED always implies writable
Cong Wang <xiyou.wangcong(a)gmail.com>
codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
Cong Wang <xiyou.wangcong(a)gmail.com>
sch_qfq: make qfq_qlen_notify() idempotent
Cong Wang <xiyou.wangcong(a)gmail.com>
sch_hfsc: make hfsc_qlen_notify() idempotent
Cong Wang <xiyou.wangcong(a)gmail.com>
sch_drr: make drr_qlen_notify() idempotent
Qu Wenruo <wqu(a)suse.com>
btrfs: populate otime when logging an inode item
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: hfi: explicitly release IRQ during teardown
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in dnode page
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: protect against spurious interrupts during probe
Vladimir Zapolskiy <vladimir.zapolskiy(a)linaro.org>
media: qcom: camss: cleanup media device allocated resource on error path
Ricardo Ribalda <ribalda(a)chromium.org>
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
Imre Deak <imre.deak(a)intel.com>
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Fix duty and period setting
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Handle hardware enable and clock enable separately
Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de>
pwm: mediatek: Implement .apply() callback
Gui-Dong Han <hanguidong02(a)gmail.com>
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Sakari Ailus <sakari.ailus(a)linux.intel.com>
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Hans Verkuil <hverkuil-cisco(a)xs4all.nl>
media: v4l2-ctrls: always copy the controls on completion
Damien Le Moal <dlemoal(a)kernel.org>
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com>
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Meagan Lloyd <meaganlloyd(a)linux.microsoft.com>
rtc: ds1307: handle oscillator stop flag (OSF) for ds1341
Johan Hovold <johan(a)kernel.org>
usb: musb: omap2430: fix device leak at unbind
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix the setting of capabilities when automounting a new filesystem
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix up handling of outstanding layoutcommit in nfs_update_inode()
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFSv4: Fix nfs4_bitmap_copy_adjust()
Sebastian Reichel <sebastian.reichel(a)collabora.com>
usb: typec: fusb302: cache PD RX state
Oliver Neukum <oneukum(a)suse.com>
cdc-acm: fix race between initial clearing halt and open
Johan Hovold <johan(a)kernel.org>
USB: cdc-acm: do not log successful probe on later errors
Breno Leitao <leitao(a)debian.org>
mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
He Zhe <zhe.he(a)windriver.com>
mm/kmemleak: turn kmemleak_lock and object->lock to raw_spinlock_t
Geoffrey D. Bennett <g(a)b4.vu>
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Dave Hansen <dave.hansen(a)linux.intel.com>
x86/fpu: Delay instruction pointer fixup until after warning
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Jeff Layton <jlayton(a)kernel.org>
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
Maulik Shah <maulik.shah(a)oss.qualcomm.com>
pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov
Steven Rostedt <rostedt(a)goodmis.org>
tracing: Add down_write(trace_event_sem) when adding trace event
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: Don't try to recover devices lost during warm reset.
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: avoid warm port reset during USB3 disconnect
Yazen Ghannam <yazen.ghannam(a)amd.com>
x86/mce/amd: Add default names for MCA banks and blocks
Zhang Lixu <lixu.zhang(a)intel.com>
iio: hid-sensor-prox: Fix incorrect OFFSET calculation
Chao Yu <chao(a)kernel.org>
f2fs: fix to do sanity check on ino and xnid
Harry Yoo <harry.yoo(a)oracle.com>
mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n
Miaohe Lin <linmiaohe(a)huawei.com>
mm/zsmalloc.c: convert to use kmem_cache_zalloc in cache_alloc_zspage()
Lin.Cao <lincao12(a)amd.com>
drm/sched: Remove optimization that causes hang when killing dependent jobs
Haoxiang Li <haoxiang_li2024(a)163.com>
ice: Fix a null pointer dereference in ice_copy_and_init_pkg()
Ammar Faizi <ammarfaizi2(a)gnuweeb.org>
net: usbnet: Fix the wrong netif_carrier_on() call
John Ernberg <john.ernberg(a)actia.se>
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
Lukas Wunner <lukas(a)wunner.de>
PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports
Li Zhong <floridsleeves(a)gmail.com>
ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix initialization of data for instructions that write to subdevice
Nathan Chancellor <nathan(a)kernel.org>
kbuild: Add KBUILD_CPPFLAGS to as-option invocation
Masahiro Yamada <masahiroy(a)kernel.org>
kbuild: add $(CLANG_FLAGS) to KBUILD_CPPFLAGS
Nathan Chancellor <nathan(a)kernel.org>
kbuild: Add CLANG_FLAGS to as-instr
Nathan Chancellor <nathan(a)kernel.org>
mips: Include KBUILD_CPPFLAGS in CHECKFLAGS invocation
Nick Desaulniers <ndesaulniers(a)google.com>
kbuild: Update assembler calls to use proper flags and language target
Nathan Chancellor <nathan(a)kernel.org>
ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS
Kuen-Han Tsai <khtsai(a)google.com>
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Zenm Chen <zenmchen(a)gmail.com>
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Thorsten Blum <thorsten.blum(a)linux.dev>
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Mael GUERIN <mael.guerin(a)murena.io>
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Miao Li <limiao(a)kylinos.cn>
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
David Lechner <dlechner(a)baylibre.com>
iio: proximity: isl29501: fix buffered read on big-endian systems
Steven Rostedt <rostedt(a)goodmis.org>
ftrace: Also allocate and copy hash for reading of filter files
Xu Yilun <yilun.xu(a)linux.intel.com>
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Al Viro <viro(a)zeniv.linux.org.uk>
use uniform permission checks for all mount propagation changes
Pavel Tikhomirov <ptikhomirov(a)virtuozzo.com>
move_mount: allow to add a mount into an existing group
Ye Bin <yebin10(a)huawei.com>
fs/buffer: fix use-after-free when call bh_read() helper
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
Phillip Lougher <phillip(a)squashfs.org.uk>
squashfs: fix memory leak in squashfs_fill_super
Jiayi Li <lijiayi(a)kylinos.cn>
memstick: Fix deadlock by moving removing flag earlier
Vedang Nagar <quic_vnagar(a)quicinc.com>
media: venus: Add a check for packet size after reading from shared memory
Zhang Shurong <zhang_shurong(a)foxmail.com>
media: ov2659: Fix memory leaks in ov2659_probe()
Ludwig Disterhof <ludwig(a)disterhof.eu>
media: usbtv: Lock resolution while streaming
Haoxiang Li <haoxiang_li2024(a)163.com>
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
Dan Carpenter <dan.carpenter(a)linaro.org>
media: gspca: Add bounds checking to firmware parser
Jon Hunter <jonathanh(a)nvidia.com>
soc/tegra: pmc: Ensure power-domains are in a known state
Baokun Li <libaokun1(a)huawei.com>
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group removal on driver teardown
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group list head handling
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: fsmc: Add missing check after DMA map
Laurentiu Mihalcea <laurentiu.mihalcea(a)nxp.com>
pwm: imx-tpm: Reset counter if CMOD is 0
Nathan Chancellor <nathan(a)kernel.org>
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
Marek Szyprowski <m.szyprowski(a)samsung.com>
zynq_fpga: use sgtable-based scatterlist wrappers
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-scsi: Fix ata_to_sense_error() status handling
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix reserved gdt blocks handling in fsmap
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix fsmap end of range reporting with bigalloc
Andreas Dilger <adilger(a)dilger.ca>
ext4: check fast symlink for ea_inode correctly
Helge Deller <deller(a)gmx.de>
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: defkeymap: Map keycodes above 127 to K_HOLE
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: keyboard: Don't process Unicode characters in K_OFF mode
Johan Hovold <johan(a)kernel.org>
usb: dwc3: meson-g12a: fix device leaks at unbind
Johan Hovold <johan(a)kernel.org>
usb: gadget: udc: renesas_usb3: fix device leak at unbind
Nathan Chancellor <nathan(a)kernel.org>
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
Finn Thain <fthain(a)linux-m68k.org>
m68k: Fix lost column on framebuffer debug console
Dan Carpenter <dan.carpenter(a)linaro.org>
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
Yunhui Cui <cuiyunhui(a)bytedance.com>
serial: 8250: fix panic due to PSLVERR
Ricardo Ribalda <ribalda(a)chromium.org>
media: uvcvideo: Do not mark valid metadata as invalid
Youngjun Lee <yjjuny.lee(a)samsung.com>
media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()
Waiman Long <longman(a)redhat.com>
mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup()
Randy Dunlap <rdunlap(a)infradead.org>
parisc: Makefile: fix a typo in palo.conf
Filipe Manana <fdmanana(a)suse.com>
btrfs: fix log tree replay failure due to file with 0 links and extents
Eric Biggers <ebiggers(a)kernel.org>
thunderbolt: Fix copy+paste error in match_service_id()
Ian Abbott <abbotti(a)mev.co.uk>
comedi: fix race between polling and detaching
Ricky Wu <ricky_wu(a)realtek.com>
misc: rtsx: usb: Ensure mmc child device is active when card is present
Jack Xiao <Jack.Xiao(a)amd.com>
drm/amdgpu: fix incorrect vm flags to map bo
Jiasheng Jiang <jiashengjiangcool(a)gmail.com>
scsi: lpfc: Remove redundant assignment to avoid memory leak
Meagan Lloyd <meaganlloyd(a)linux.microsoft.com>
rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix uninited ptr deref in block/scsi layout
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Handle RPC size limit for layoutcommits
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix disk addr range check in block/scsi layout
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix stripe mapping in block/scsi layout
Buday Csaba <buday.csaba(a)prolan.hu>
net: phy: smsc: add proper reset flags for LAN8710A
Corey Minyard <corey(a)minyard.net>
ipmi: Fix strcpy source and destination the same
Yann E. MORIN <yann.morin.1998(a)free.fr>
kconfig: lxdialog: fix 'space' to (de)select options
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: gconf: fix potential memory leak in renderer_edited()
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed()
Breno Leitao <leitao(a)debian.org>
ipmi: Use dev_warn_ratelimited() for incorrect message warnings
John Garry <john.g.garry(a)oracle.com>
scsi: aacraid: Stop using PCI_IRQ_AFFINITY
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans
Shankari Anand <shankari.ak0208(a)gmail.com>
kconfig: nconf: Ensure null termination where strncpy is used
Suchit Karunakaran <suchitkarunakaran(a)gmail.com>
kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i3c: don't fail if GETHDRCAP is unsupported
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Work around switches with broken presence detection
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i3c: add missing include to internal header
chenchangcheng <chenchangcheng(a)kylinos.cn>
media: uvcvideo: Fix bandwidth issue for Alcor camera
Alex Guo <alexguo1023(a)gmail.com>
media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar
Alex Guo <alexguo1023(a)gmail.com>
media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
media: usb: hdpvr: disable zero-length read messages
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Increase FIFO trigger level to 374
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Return an appropriate colorspace from tc358743_set_fmt
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Check I2C succeeded during probe
Cheick Traore <cheick.traore(a)foss.st.com>
pinctrl: stm32: Manage irq affinity settings
Damien Le Moal <dlemoal(a)kernel.org>
scsi: mpt3sas: Correctly handle ATA device errors
Justin Tee <justin.tee(a)broadcom.com>
scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure
Yury Norov [NVIDIA] <yury.norov(a)gmail.com>
RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
MIPS: Don't crash in stack_top() for tasks without ABI or vDSO
Arnaud Lecomte <contact(a)arnaud-lcm.com>
jfs: upper bound check of tree index in dbAllocAG
Edward Adam Davis <eadavis(a)qq.com>
jfs: Regular file corruption check
Lizhi Xu <lizhi.xu(a)windriver.com>
jfs: truncate good inode pages when hard link is 0
jackysliu <1972843537(a)qq.com>
scsi: bfa: Double-free fix
Shiji Yang <yangshiji66(a)outlook.com>
MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free}
Sebastian Reichel <sebastian.reichel(a)collabora.com>
watchdog: dw_wdt: Fix default timeout
Amir Mohammad Jahangirzad <a.jahangirzad(a)gmail.com>
fs/orangefs: use snprintf() instead of sprintf()
Showrya M N <showrya(a)chelsio.com>
scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated
Theodore Ts'o <tytso(a)mit.edu>
ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
Pali Rohár <pali(a)kernel.org>
cifs: Fix calling CIFSFindFirst() for root path without msearch
Jason Wang <jasowang(a)redhat.com>
vhost: fail early when __vhost_add_used() fails
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325
Jakub Kicinski <kuba(a)kernel.org>
uapi: in6: restore visibility of most IPv6 socket options
Hari Kalavakunta <kalavakunta.hari.prasad(a)gmail.com>
net: ncsi: Fix buffer overflow in fetching version id
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: prevent SWITCH_CTRL access on BCM5325
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: fix b53_imp_vlan_setup for BCM5325
Gal Pressman <gal(a)nvidia.com>
net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs
Stanislaw Gruszka <stf_xl(a)wp.pl>
wifi: iwlegacy: Check rate_idx range after addition
Mina Almasry <almasrymina(a)google.com>
netmem: fix skb_frag_address_safe with unreadable skbs
Thomas Fourier <fourier.thomas(a)gmail.com>
wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`.
Pagadala Yesu Anjaneyulu <pagadala.yesu.anjaneyulu(a)intel.com>
wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect
Rand Deeb <rand.sec96(a)gmail.com>
wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd()
Jonas Rebmann <jre(a)pengutronix.de>
net: fec: allow disable coalescing
Thomas Fourier <fourier.thomas(a)gmail.com>
(powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer
Sven Schnelle <svens(a)linux.ibm.com>
s390/stp: Remove udelay from stp_sync_clock()
Avraham Stern <avraham.stern(a)intel.com>
wifi: iwlwifi: mvm: fix scan request validation
Alok Tiwari <alok.a.tiwari(a)oracle.com>
net: thunderx: Fix format-truncation warning in bgx_acpi_match_id()
Oscar Maes <oscmaes92(a)gmail.com>
net: ipv4: fix incorrect MTU in broadcast routes
Ilan Peer <ilan.peer(a)intel.com>
wifi: cfg80211: Fix interface type validation
Paul E. McKenney <paulmck(a)kernel.org>
rcu: Protect ->defer_qs_iw_pending from data race
Thomas Fourier <fourier.thomas(a)gmail.com>
net: ag71xx: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
et131x: Add missing check after DMA map
Alok Tiwari <alok.a.tiwari(a)oracle.com>
be2net: Use correct byte order and format string for TCP seq and ack_seq
Sven Schnelle <svens(a)linux.ibm.com>
s390/time: Use monotonic clock in get_cycles()
Johannes Berg <johannes.berg(a)intel.com>
wifi: cfg80211: reject HTC bit for management frames
Steven Rostedt <rostedt(a)goodmis.org>
ktest.pl: Prevent recursion of default variable options
Xinxin Wan <xinxin.wan(a)intel.com>
ASoC: codecs: rt5640: Retry DEVICE_ID verification
Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com>
ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros
Lucy Thrun <lucy.thrun(a)digital-rabbithole.de>
ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
Kees Cook <kees(a)kernel.org>
platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches
Gautham R. Shenoy <gautham.shenoy(a)amd.com>
pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop()
Oliver Neukum <oneukum(a)suse.com>
usb: core: usb_submit_urb: downgrade type check
Alok Tiwari <alok.a.tiwari(a)oracle.com>
ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4
Mark Brown <broonie(a)kernel.org>
ASoC: hdac_hdmi: Rate limit logging on connection and disconnection
Ulf Hansson <ulf.hansson(a)linaro.org>
mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode()
Breno Leitao <leitao(a)debian.org>
ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path
Sebastian Ott <sebott(a)redhat.com>
ACPI: processor: fix acpi_object initialization
tuhaowen <tuhaowen(a)uniontech.com>
PM: sleep: console: Fix the black screen issue
Hsin-Te Yuan <yuanhsinte(a)chromium.org>
thermal: sysfs: Return ENODATA instead of EAGAIN for reads
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit()
Masami Hiramatsu (Google) <mhiramat(a)kernel.org>
selftests: tracing: Use mutex_unlock for testing glob filter
Aaron Kling <webgeek1234(a)gmail.com>
ARM: tegra: Use I/O memcpy to write to IRAM
Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
gpio: tps65912: check the return value of regmap_update_bits()
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed
Alexander Kochetkov <al.kochet(a)gmail.com>
ARM: rockchip: fix kernel hang during smp initialization
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Exit governor when failed to start old governor
Mario Limonciello <mario.limonciello(a)amd.com>
usb: xhci: Avoid showing errors during surprise removal
Jay Chen <shawn2000100(a)gmail.com>
usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command
Mario Limonciello <mario.limonciello(a)amd.com>
usb: xhci: Avoid showing warnings for dying controller
Cynthia Huang <cynthia(a)andestech.com>
selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t
Prashant Malani <pmalani(a)google.com>
cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag
Su Hui <suhui(a)nfschina.com>
usb: xhci: print xhci->xhc_state when queue_command failed
Al Viro <viro(a)zeniv.linux.org.uk>
securityfs: don't pin dentries twice, once is enough...
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfs: fix not erasing deleted b-tree node issue
Sarah Newman <srn(a)prgmr.com>
drbd: add missing kref_get in handle_write_conflicts
Jan Kara <jack(a)suse.cz>
udf: Verify partition map count
Kees Cook <kees(a)kernel.org>
arm64: Handle KCOV __init vs inline mismatches
Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp>
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfs: fix slab-out-of-bounds in hfs_bnode_read()
Xin Long <lucien.xin(a)gmail.com>
sctp: linearize cloned gso packets in sctp_rcv
Florian Westphal <fw(a)strlen.de>
netfilter: ctnetlink: fix refcount leak on table dump
Sabrina Dubroca <sd(a)queasysnail.net>
udp: also consider secpath when evaluating ipsec use for checksumming
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
ACPI: processor: perflib: Move problematic pr->performance check
Jiayi Li <lijiayi(a)kylinos.cn>
ACPI: processor: perflib: Fix initial _PPC limit application
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
Documentation: ACPI: Fix parent device references
Sasha Levin <sashal(a)kernel.org>
fs: Prevent file descriptor table allocations exceeding INT_MAX
Ma Ke <make24(a)iscas.ac.cn>
sunvdc: Balance device refcount in vdc_port_mpgroup_check
Dai Ngo <dai.ngo(a)oracle.com>
NFSD: detect mismatch of file handle and delegation stateid in OPEN op
Johan Hovold <johan(a)kernel.org>
net: dpaa: fix device leak when querying time stamp info
Johan Hovold <johan(a)kernel.org>
net: gianfar: fix device leak when querying time stamp info
Fedor Pchelkin <pchelkin(a)ispras.ru>
netlink: avoid infinite retry looping in netlink_unicast()
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Validate UAC3 power domain descriptors, too
Pavel Begunkov <asml.silence(a)gmail.com>
io_uring: don't use int for ABI
Tao Xue <xuetao09(a)huawei.com>
usb: gadget : fix use-after-free in composite_dev_cleanup()
Jiaxun Yang <jiaxun.yang(a)flygoat.com>
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Slark Xiao <slark_xiao(a)163.com>
USB: serial: option: add Foxconn T99W709
Budimir Markovic <markovicbudimir(a)gmail.com>
vsock: Do not allow binding to VMADDR_PORT_ANY
Quang Le <quanglex97(a)gmail.com>
net/packet: fix a race in packet_set_ring() and packet_notifier()
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Prevent VMA split of buffer mappings
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Exit early on perf_mmap() fail
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Don't leak AUX buffer refcount on allocation failure
Eric Dumazet <edumazet(a)google.com>
pptp: fix pptp_xmit() error path
Stefan Metzmacher <metze(a)samba.org>
smb: client: let recv_done() cleanup before notifying the callers.
Michal Schmidt <mschmidt(a)redhat.com>
benet: fix BUG when creating VFs
Wang Liang <wangliang74(a)huawei.com>
net: drop UFO packets in udp_rcv_segment()
Eric Dumazet <edumazet(a)google.com>
ipv6: reject malicious packets in ipv6_gso_segment()
Eric Dumazet <edumazet(a)google.com>
pptp: ensure minimal skb length in pptp_xmit()
Jakub Kicinski <kuba(a)kernel.org>
netpoll: prevent hanging NAPI when netcons gets enabled
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
Frederic Barrat <fbarrat(a)linux.ibm.com>
pci/hotplug/pnv-php: Wrap warnings in macro
Frederic Barrat <fbarrat(a)linux.ibm.com>
pci/hotplug/pnv-php: Improve error msg on power state change failure
Peter Chen <peter.chen(a)nxp.com>
usb: chipidea: udc: fix sleeping function called from invalid context
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in devs.path
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid panic in f2fs_evict_inode
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
Brian Masney <bmasney(a)redhat.com>
rtc: pcf8563: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: hym8563: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: ds1307: fix incorrect maximum clock rate handling
Petr Pavlu <petr.pavlu(a)suse.com>
module: Restore the moduleparam prefix length check
Paul Chaignon <paul.chaignon(a)gmail.com>
bpf: Check flow_dissector ctx accesses are aligned
Balamanikandan Gunasundar <balamanikandan.gunasundar(a)microchip.com>
mtd: rawnand: atmel: set pmecc data setup time
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: atmel: Fix dma_mapping_error() address
Zheng Yu <zheng.yu(a)northwestern.edu>
jfs: fix metapage reference count leak in dbAllocCtl
Chenyuan Yang <chenyuan0y(a)gmail.com>
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - fix seq_file position update in adf_ring_next()
Thomas Fourier <fourier.thomas(a)gmail.com>
dmaengine: nbpfaxi: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
Dan Carpenter <dan.carpenter(a)linaro.org>
fs/orangefs: Allow 2 more characters in do_c_string()
Bard Liao <yung-chuan.liao(a)linux.intel.com>
soundwire: stream: restore params when prepare ports fail
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: img-hash - Fix dma_unmap_sg() nents value
Ovidiu Panait <ovidiu.panait.oss(a)gmail.com>
hwrng: mtk - handle devm_pm_runtime_enable errors
Dan Carpenter <dan.carpenter(a)linaro.org>
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: isci: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: mvsas: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
Paul Kocialkowski <paulk(a)sys-base.io>
clk: sunxi-ng: v3s: Fix de clock definition
Leo Yan <leo.yan(a)arm.com>
perf tests bp_account: Fix leaked file descriptor
Mengbiao Xiong <xisme1998(a)gmail.com>
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Yuan Chen <chenyuan(a)kylinos.cn>
pinctrl: sunxi: Fix memory leak on krealloc failure
Charles Han <hanchunchao(a)inspur.com>
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Henry Martin <bsdhenrymartin(a)gmail.com>
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Ivan Stepchenko <sid(a)itb.spb.ru>
mtd: fix possible integer overflow in erase_xfer()
Herbert Xu <herbert(a)gondor.apana.org.au>
crypto: marvell/cesa - Fix engine load inaccuracy
Hans Zhang <18255117159(a)163.com>
PCI: rockchip-host: Fix "Unexpected Completion" log message
Stanislav Fomichev <sdf(a)fomichev.me>
vrf: Drop existing dst reference in vrf_ip6_input_dst
Xiumei Mu <xmu(a)redhat.com>
selftests: rtnetlink.sh: remove esp4_offload after test
Florian Westphal <fw(a)strlen.de>
netfilter: xt_nfacct: don't assume acct name is null-terminated
Jimmy Assarsson <extja(a)kvaser.com>
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Jimmy Assarsson <extja(a)kvaser.com>
can: kvaser_pciefd: Store device channel index
Gokul Sivakumar <gokulkumar.sivakumar(a)infineon.com>
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Remi Pommarel <repk(a)triplefau.lt>
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Thomas Fourier <fourier.thomas(a)gmail.com>
mwl8k: Add missing check after DMA map
Martin Kaistra <martin.kaistra(a)linutronix.de>
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
William Liu <will(a)willsroot.io>
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
Johan Korsnes <johan.korsnes(a)gmail.com>
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
Fedor Pchelkin <pchelkin(a)ispras.ru>
netfilter: nf_tables: adjust lockdep assertions handling
Fedor Pchelkin <pchelkin(a)ispras.ru>
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
Finn Thain <fthain(a)linux-m68k.org>
m68k: Don't unregister boot console needlessly
xin.guo <guoxin0309(a)gmail.com>
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
iwlwifi: Add missing check for alloc_ordered_workqueue
Xiu Jianfeng <xiujianfeng(a)huawei.com>
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Daniil Dulov <d.dulov(a)aladdin.ru>
wifi: rtl818x: Kill URBs before clearing tx status queue
Arnd Bergmann <arnd(a)arndb.de>
caif: reduce stack size, again
Yuan Chen <chenyuan(a)kylinos.cn>
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
Jiayuan Chen <jiayuan.chen(a)linux.dev>
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Alok Tiwari <alok.a.tiwari(a)oracle.com>
staging: nvec: Fix incorrect null termination of battery manufacturer
Brahmajit Das <listout(a)listout.xyz>
samples: mei: Fix building on musl libc
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Init policy->rwsem before it may be possibly used
Annette Kobou <annette.kobou(a)kontron.de>
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Lucas De Marchi <lucas.demarchi(a)intel.com>
usb: early: xhci-dbc: Fix early_ioremap leak
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Revert "vmci: Prevent the dispatching of uninitialized payloads"
Denis OSTERLAND-HEIM <denis.osterland(a)diehl.com>
pps: fix poll support
Lizhi Xu <lizhi.xu(a)windriver.com>
vmci: Prevent the dispatching of uninitialized payloads
Abdun Nihaal <abdun.nihaal(a)gmail.com>
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
ARM: dts: vfxxx: Correctly use two tuples for timer address
Arnd Bergmann <arnd(a)arndb.de>
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
Yangtao Li <frank.li(a)vivo.com>
hfsplus: remove mutex_lock check in hfsplus_free_extents
Arnd Bergmann <arnd(a)arndb.de>
ASoC: Intel: fix SND_SOC_SOF dependencies
Arnd Bergmann <arnd(a)arndb.de>
ethernet: intel: fix building with large NR_CPUS
Xu Yang <xu.yang_2(a)nxp.com>
usb: phy: mxs: disconnect line when USB charger is attached
Xu Yang <xu.yang_2(a)nxp.com>
usb: chipidea: add USB PHY event
Peter Chen <peter.chen(a)nxp.com>
usb: chipidea: introduce CI_HDRC_CONTROLLER_VBUS_EVENT glue layer use
Jun Li <jun.li(a)nxp.com>
usb: chipidea: udc: protect usb interrupt enable
Peter Chen <peter.chen(a)nxp.com>
usb: chipidea: udc: add new API ci_hdrc_gadget_connect
Daniel Dadap <ddadap(a)nvidia.com>
ALSA: hda: Add missing NVIDIA HDA codec IDs
Ian Abbott <abbotti(a)mev.co.uk>
comedi: comedi_test: Fix possible deletion of uninitialized timers
Ryusuke Konishi <konishi.ryusuke(a)gmail.com>
nilfs2: reject invalid file types when reading inodes
Yang Xiwen <forbidden405(a)outlook.com>
i2c: qup: jump out of the loop in case of timeout
Xiang Mei <xmei5(a)asu.edu>
net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class
Kito Xu (veritas501) <hxzene(a)gmail.com>
net: appletalk: Fix use-after-free in AARP proxy probe
Andrew Lunn <andrew(a)lunn.ch>
net: appletalk: fix kerneldoc warnings
Maor Gottlieb <maorg(a)nvidia.com>
RDMA/core: Rate limit GID cache warning messages
Alessandro Carminati <acarmina(a)redhat.com>
regulator: core: fix NULL dereference on unbind due to stale coupling data
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: fix detection of high tier USB3 devices behind suspended hubs
Eric Dumazet <edumazet(a)google.com>
net_sched: sch_sfq: reject invalid perturb period
Octavian Purdila <tavip(a)google.com>
net_sched: sch_sfq: move the limit validation
Octavian Purdila <tavip(a)google.com>
net_sched: sch_sfq: use a temporary work area for validating configuration
Octavian Purdila <tavip(a)google.com>
net_sched: sch_sfq: don't allow 1 packet limit
Eric Dumazet <edumazet(a)google.com>
net_sched: sch_sfq: handle bigger packets
Eric Dumazet <edumazet(a)google.com>
net_sched: sch_sfq: annotate data-races around q->perturb_period
Zheng Wang <zyytlz.wz(a)163.com>
power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
Minghao Chi <chi.minghao(a)zte.com.cn>
power: supply: bq24190_charger: using pm_runtime_resume_and_get instead of pm_runtime_get_sync
Dinghao Liu <dinghao.liu(a)zju.edu.cn>
power: supply: bq24190_charger: Fix runtime PM imbalance on error
Hongyu Xie <xiehongyu1(a)kylinos.cn>
xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS
Bui Quang Minh <minhquangbui99(a)gmail.com>
virtio-net: ensure the received length does not exceed allocated size
Arun Raghavan <arun(a)asymptotic.io>
ASoC: fsl_sai: Force a software reset when starting in consumer mode
Krishna Kurapati <krishna.kurapati(a)oss.qualcomm.com>
usb: dwc3: qcom: Don't leave BCR asserted
Drew Hamilton <drew.hamilton(a)zetier.com>
usb: musb: fix gadget state on disconnect
William Liu <will(a)willsroot.io>
net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree
Dong Chenchen <dongchenchen2(a)huawei.com>
net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: SMP: If an unallowed command is received consider it a failure
Kuniyuki Iwashima <kuniyu(a)google.com>
Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()
Oliver Neukum <oneukum(a)suse.com>
usb: net: sierra: check for no status endpoint
Xiang Mei <xmei5(a)asu.edu>
net/sched: sch_qfq: Fix race condition on qfq_aggregate
Alok Tiwari <alok.a.tiwari(a)oracle.com>
net: emaclite: Fix missing pointer increment in aligned_read()
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix use of uninitialized data in insn_rw_emulate_bits()
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix some signed shift left operations
Ian Abbott <abbotti(a)mev.co.uk>
comedi: das6402: Fix bit shift out of bounds
Ian Abbott <abbotti(a)mev.co.uk>
comedi: das16m1: Fix bit shift out of bounds
Ian Abbott <abbotti(a)mev.co.uk>
comedi: aio_iiro_16: Fix bit shift out of bounds
Ian Abbott <abbotti(a)mev.co.uk>
comedi: pcl812: Fix bit shift out of bounds
Chen Ni <nichen(a)iscas.ac.cn>
iio: adc: stm32-adc: Fix race in installing chained IRQ handler
Fabio Estevam <festevam(a)denx.de>
iio: adc: max1363: Reorder mode_list[] entries
Fabio Estevam <festevam(a)denx.de>
iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[]
Andrew Jeffery <andrew(a)codeconstruct.com.au>
soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled
Andrew Jeffery <andrew(a)codeconstruct.com.au>
soc: aspeed: lpc-snoop: Cleanup resources in stack-order
Judith Mendez <jm(a)ti.com>
mmc: sdhci_am654: Workaround for Errata i2312
Edson Juliano Drosdeck <edson.drosdeck(a)gmail.com>
mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models
Thomas Fourier <fourier.thomas(a)gmail.com>
mmc: bcm2835: Fix dma_unmap_sg() nents value
Nathan Chancellor <nathan(a)kernel.org>
memstick: core: Zero initialize id_reg in h_memstick_read_dev_id()
Jan Kara <jack(a)suse.cz>
isofs: Verify inode mode when loading from disk
Dan Carpenter <dan.carpenter(a)linaro.org>
dmaengine: nbpfaxi: Fix memory corruption in probe()
Yun Lu <luyun(a)kylinos.cn>
af_packet: fix soft lockup issue caused by tpacket_snd()
Yun Lu <luyun(a)kylinos.cn>
af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd()
Nathan Chancellor <nathan(a)kernel.org>
phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in pep_sock_accept()
Benjamin Tissoires <bentiss(a)kernel.org>
HID: core: do not bypass hid_hw_raw_request
Benjamin Tissoires <bentiss(a)kernel.org>
HID: core: ensure __hid_request reserves the report ID as the first byte
Benjamin Tissoires <bentiss(a)kernel.org>
HID: core: ensure the allocated report buffer can contain the reserved report ID
Thomas Fourier <fourier.thomas(a)gmail.com>
pch_uart: Fix dma_sync_sg_for_device() nents value
Nilton Perim Neto <niltonperimneto(a)gmail.com>
Input: xpad - set correct controller type for Acer NGR200
Clément Le Goffic <clement.legoffic(a)foss.st.com>
i2c: stm32: fix the device used for the DMA map
Xinyu Liu <1171169449(a)qq.com>
usb: gadget: configfs: Fix OOB read on empty string write
Ryan Mann (NDI) <rmann(a)ndigital.com>
USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI
Slark Xiao <slark_xiao(a)163.com>
USB: serial: option: add Foxconn T99W640
Fabio Porcedda <fabio.porcedda(a)gmail.com>
USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition
-------------
Diffstat:
Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 +-
Makefile | 7 +-
arch/arm/Makefile | 2 +-
arch/arm/boot/dts/imx6ul-kontron-n6310-s.dts | 1 -
arch/arm/boot/dts/vfxxx.dtsi | 2 +-
arch/arm/mach-rockchip/platsmp.c | 15 +-
arch/arm/mach-tegra/reset.c | 2 +-
arch/arm64/include/asm/acpi.h | 2 +-
arch/m68k/Kconfig.debug | 2 +-
arch/m68k/kernel/early_printk.c | 42 +--
arch/m68k/kernel/head.S | 39 ++-
arch/mips/Makefile | 2 +-
arch/mips/include/asm/vpe.h | 8 +
arch/mips/kernel/process.c | 16 +-
arch/mips/mm/tlb-r4k.c | 56 +++-
arch/parisc/Makefile | 2 +-
arch/powerpc/configs/ppc6xx_defconfig | 1 -
arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 +-
arch/s390/hypfs/hypfs_dbfs.c | 19 +-
arch/s390/include/asm/timex.h | 13 +-
arch/s390/kernel/time.c | 2 +-
arch/x86/kernel/cpu/mce/amd.c | 13 +-
arch/x86/mm/extable.c | 5 +-
drivers/acpi/acpi_processor.c | 2 +-
drivers/acpi/apei/ghes.c | 2 +
drivers/acpi/processor_idle.c | 4 +-
drivers/acpi/processor_perflib.c | 11 +
drivers/ata/Kconfig | 35 ++-
drivers/ata/libata-scsi.c | 20 +-
drivers/base/power/domain_governor.c | 18 +-
drivers/base/power/runtime.c | 5 +
drivers/block/drbd/drbd_receiver.c | 6 +-
drivers/block/sunvdc.c | 4 +-
drivers/char/hw_random/mtk-rng.c | 4 +-
drivers/char/ipmi/ipmi_msghandler.c | 8 +-
drivers/char/ipmi/ipmi_watchdog.c | 59 +++--
drivers/clk/davinci/psc.c | 5 +
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3 +-
drivers/cpufreq/armada-8k-cpufreq.c | 2 +-
drivers/cpufreq/cppc_cpufreq.c | 2 +-
drivers/cpufreq/cpufreq.c | 11 +-
drivers/crypto/ccp/ccp-debugfs.c | 3 +
drivers/crypto/img-hash.c | 2 +-
drivers/crypto/marvell/cipher.c | 4 +-
drivers/crypto/marvell/hash.c | 5 +-
.../crypto/qat/qat_common/adf_transport_debug.c | 4 +-
drivers/dma/mv_xor.c | 21 +-
drivers/dma/nbpfaxi.c | 24 +-
drivers/fpga/zynq-fpga.c | 10 +-
drivers/gpio/gpio-tps65912.c | 7 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +-
.../gpu/drm/amd/display/dc/bios/command_table.c | 2 +-
.../amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 30 ++-
drivers/gpu/drm/amd/powerplay/hwmgr/smu_helper.c | 2 +-
drivers/gpu/drm/drm_dp_helper.c | 2 +-
drivers/gpu/drm/scheduler/sched_entity.c | 23 +-
drivers/hid/hid-core.c | 21 +-
drivers/i2c/busses/i2c-qup.c | 4 +-
drivers/i2c/busses/i2c-stm32.c | 8 +-
drivers/i2c/busses/i2c-stm32f7.c | 4 +-
drivers/i3c/internals.h | 1 +
drivers/i3c/master.c | 2 +-
drivers/iio/adc/max1363.c | 43 ++-
drivers/iio/adc/stm32-adc-core.c | 7 +-
drivers/iio/light/hid-sensor-prox.c | 3 +-
drivers/iio/proximity/isl29501.c | 14 +-
drivers/infiniband/core/cache.c | 4 +-
drivers/infiniband/hw/hfi1/affinity.c | 44 +--
drivers/input/joystick/xpad.c | 2 +-
drivers/media/dvb-frontends/dib7000p.c | 8 +
drivers/media/i2c/ov2659.c | 3 +-
drivers/media/i2c/tc358743.c | 86 +++---
drivers/media/platform/qcom/camss/camss.c | 4 +-
drivers/media/platform/qcom/venus/core.c | 8 +-
drivers/media/platform/qcom/venus/core.h | 2 +
drivers/media/platform/qcom/venus/hfi_venus.c | 5 +
drivers/media/platform/qcom/venus/vdec.c | 5 +-
drivers/media/usb/gspca/vicam.c | 10 +-
drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 +
drivers/media/usb/rainshadow-cec/rainshadow-cec.c | 3 +-
drivers/media/usb/usbtv/usbtv-video.c | 4 +
drivers/media/usb/uvc/uvc_driver.c | 3 +
drivers/media/usb/uvc/uvc_video.c | 21 +-
drivers/media/v4l2-core/v4l2-ctrls.c | 37 ++-
drivers/memstick/core/memstick.c | 3 +-
drivers/memstick/host/rtsx_usb_ms.c | 1 +
drivers/misc/cardreader/rtsx_usb.c | 16 +-
drivers/mmc/host/bcm2835.c | 3 +-
drivers/mmc/host/rtsx_usb_sdmmc.c | 4 +-
drivers/mmc/host/sdhci-pci-core.c | 3 +-
drivers/mmc/host/sdhci_am654.c | 9 +-
drivers/mtd/ftl.c | 2 +-
drivers/mtd/nand/raw/atmel/nand-controller.c | 2 +-
drivers/mtd/nand/raw/atmel/pmecc.c | 6 +
drivers/mtd/nand/raw/fsmc_nand.c | 2 +
drivers/net/can/kvaser_pciefd.c | 1 +
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1 +
drivers/net/dsa/b53/b53_common.c | 31 ++-
drivers/net/dsa/b53/b53_regs.h | 1 +
drivers/net/ethernet/agere/et131x.c | 36 +++
drivers/net/ethernet/atheros/ag71xx.c | 9 +
drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 +-
drivers/net/ethernet/emulex/benet/be_cmds.c | 2 +-
drivers/net/ethernet/emulex/benet/be_main.c | 8 +-
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 +-
drivers/net/ethernet/freescale/fec_main.c | 34 ++-
drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 +-
drivers/net/ethernet/intel/fm10k/fm10k.h | 3 +-
drivers/net/ethernet/intel/i40e/i40e.h | 2 +-
drivers/net/ethernet/intel/ice/ice_flex_pipe.c | 2 +
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3 +-
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 +-
drivers/net/ethernet/xilinx/xilinx_emaclite.c | 2 +-
drivers/net/phy/smsc.c | 1 +
drivers/net/ppp/pptp.c | 18 +-
drivers/net/usb/sierra_net.c | 4 +
drivers/net/usb/usbnet.c | 11 +-
drivers/net/virtio_net.c | 38 ++-
drivers/net/vrf.c | 2 +
.../broadcom/brcm80211/brcmfmac/cfg80211.c | 8 +-
.../broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 +-
drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 +-
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11 +-
drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 +-
drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 +-
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4 +-
drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 +-
drivers/net/wireless/marvell/mwl8k.c | 4 +
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3 +-
.../net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2 +-
drivers/net/wireless/realtek/rtlwifi/pci.c | 18 +-
drivers/pci/controller/pcie-rockchip-host.c | 2 +-
drivers/pci/endpoint/pci-ep-cfs.c | 1 +
drivers/pci/endpoint/pci-epf-core.c | 2 +-
drivers/pci/hotplug/pnv_php.c | 90 +++++--
drivers/pci/pci-acpi.c | 4 +-
drivers/pci/pci.c | 8 +-
drivers/pci/probe.c | 2 +-
drivers/pinctrl/stm32/pinctrl-stm32.c | 1 +
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11 +-
drivers/platform/x86/thinkpad_acpi.c | 4 +-
drivers/power/supply/bq24190_charger.c | 60 ++---
drivers/power/supply/max14577_charger.c | 4 +-
drivers/pps/pps.c | 11 +-
drivers/pwm/pwm-imx-tpm.c | 9 +
drivers/pwm/pwm-mediatek.c | 78 ++++--
drivers/regulator/core.c | 1 +
drivers/rtc/rtc-ds1307.c | 17 +-
drivers/rtc/rtc-hym8563.c | 2 +-
drivers/rtc/rtc-pcf8563.c | 2 +-
drivers/scsi/aacraid/comminit.c | 3 +-
drivers/scsi/bfa/bfad_im.c | 1 +
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6 +-
drivers/scsi/isci/request.c | 2 +-
drivers/scsi/libiscsi.c | 3 +-
drivers/scsi/lpfc/lpfc_debugfs.c | 1 -
drivers/scsi/lpfc/lpfc_scsi.c | 4 +
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19 ++
drivers/scsi/mvsas/mv_sas.c | 4 +-
drivers/scsi/qla4xxx/ql4_os.c | 2 +
drivers/scsi/scsi_scan.c | 2 +-
drivers/scsi/scsi_transport_sas.c | 62 ++++-
drivers/soc/aspeed/aspeed-lpc-snoop.c | 13 +-
drivers/soc/qcom/mdt_loader.c | 41 +++
drivers/soc/tegra/pmc.c | 51 ++--
drivers/soundwire/stream.c | 2 +-
drivers/staging/comedi/comedi_compat32.c | 3 +
drivers/staging/comedi/comedi_fops.c | 60 ++++-
drivers/staging/comedi/comedi_internal.h | 1 +
drivers/staging/comedi/drivers.c | 30 ++-
drivers/staging/comedi/drivers/aio_iiro_16.c | 3 +-
drivers/staging/comedi/drivers/comedi_test.c | 2 +-
drivers/staging/comedi/drivers/das16m1.c | 3 +-
drivers/staging/comedi/drivers/das6402.c | 3 +-
drivers/staging/comedi/drivers/pcl812.c | 3 +-
drivers/staging/fbtft/fbtft-core.c | 1 +
drivers/staging/media/imx/imx-media-csc-scaler.c | 2 +-
drivers/staging/nvec/nvec_power.c | 2 +-
drivers/thermal/thermal_sysfs.c | 9 +-
drivers/thunderbolt/domain.c | 2 +-
drivers/tty/serial/8250/8250_port.c | 3 +-
drivers/tty/serial/pch_uart.c | 2 +-
drivers/tty/vt/defkeymap.c_shipped | 112 ++++++++
drivers/tty/vt/keyboard.c | 2 +-
drivers/usb/atm/cxacru.c | 172 ++++++------
drivers/usb/chipidea/ci.h | 18 +-
drivers/usb/chipidea/udc.c | 89 ++++---
drivers/usb/class/cdc-acm.c | 13 +-
drivers/usb/core/hub.c | 67 ++++-
drivers/usb/core/quirks.c | 1 +
drivers/usb/core/urb.c | 2 +-
drivers/usb/dwc3/dwc3-meson-g12a.c | 3 +
drivers/usb/dwc3/dwc3-qcom.c | 8 +-
drivers/usb/dwc3/gadget.c | 9 +
drivers/usb/early/xhci-dbc.c | 4 +
drivers/usb/gadget/composite.c | 5 +
drivers/usb/gadget/configfs.c | 2 +
drivers/usb/gadget/udc/renesas_usb3.c | 1 +
drivers/usb/host/xhci-hub.c | 3 +-
drivers/usb/host/xhci-mem.c | 24 +-
drivers/usb/host/xhci-plat.c | 3 +-
drivers/usb/host/xhci-ring.c | 19 +-
drivers/usb/host/xhci.c | 24 +-
drivers/usb/host/xhci.h | 3 +-
drivers/usb/musb/musb_gadget.c | 2 +
drivers/usb/musb/omap2430.c | 10 +-
drivers/usb/phy/phy-mxs-usb.c | 4 +-
drivers/usb/serial/ftdi_sio.c | 2 +
drivers/usb/serial/ftdi_sio_ids.h | 3 +
drivers/usb/serial/option.c | 7 +
drivers/usb/storage/realtek_cr.c | 2 +-
drivers/usb/storage/unusual_devs.h | 29 ++
drivers/usb/typec/tcpm/fusb302.c | 8 +
drivers/vhost/vhost.c | 3 +
drivers/video/console/vgacon.c | 2 +-
drivers/video/fbdev/imxfb.c | 9 +-
drivers/watchdog/dw_wdt.c | 2 +
drivers/watchdog/ziirave_wdt.c | 3 +
fs/btrfs/tree-log.c | 53 ++--
fs/buffer.c | 2 +-
fs/cifs/cifsglob.h | 1 +
fs/cifs/cifssmb.c | 10 +
fs/cifs/smbdirect.c | 14 +-
fs/cifs/transport.c | 34 ++-
fs/ext4/fsmap.c | 23 +-
fs/ext4/inline.c | 19 +-
fs/ext4/inode.c | 2 +-
fs/f2fs/f2fs.h | 2 +-
fs/f2fs/inode.c | 28 +-
fs/f2fs/node.c | 10 +
fs/file.c | 15 ++
fs/hfs/bnode.c | 93 +++++++
fs/hfsplus/bnode.c | 92 +++++++
fs/hfsplus/extents.c | 3 -
fs/hfsplus/unicode.c | 7 +
fs/hfsplus/xattr.c | 6 +-
fs/hugetlbfs/inode.c | 2 +-
fs/isofs/inode.c | 9 +-
fs/jbd2/checkpoint.c | 1 +
fs/jfs/file.c | 3 +
fs/jfs/inode.c | 2 +-
fs/jfs/jfs_dmap.c | 10 +-
fs/namespace.c | 89 ++++++-
fs/nfs/blocklayout/blocklayout.c | 4 +-
fs/nfs/blocklayout/dev.c | 5 +-
fs/nfs/blocklayout/extent_tree.c | 20 +-
fs/nfs/client.c | 44 ++-
fs/nfs/direct.c | 13 +-
fs/nfs/export.c | 11 +-
fs/nfs/inode.c | 6 +-
fs/nfs/internal.h | 1 +
fs/nfs/nfs4client.c | 13 +-
fs/nfs/nfs4proc.c | 35 +--
fs/nfs/pnfs.c | 11 +-
fs/nfs/write.c | 11 +-
fs/nfsd/nfs4state.c | 34 ++-
fs/nilfs2/inode.c | 9 +-
fs/orangefs/orangefs-debugfs.c | 8 +-
fs/squashfs/super.c | 14 +-
fs/udf/super.c | 13 +-
include/linux/fs.h | 4 +-
include/linux/if_vlan.h | 6 +-
include/linux/mm.h | 26 +-
include/linux/moduleparam.h | 5 +-
include/linux/nfs_fs.h | 2 +
include/linux/pci.h | 1 +
include/linux/pps_kernel.h | 1 +
include/linux/skbuff.h | 31 ++-
include/linux/usb/chipidea.h | 1 +
include/linux/usb/usbnet.h | 1 +
include/net/act_api.h | 25 ++
include/net/cfg80211.h | 2 +-
include/net/sch_generic.h | 13 -
include/net/udp.h | 24 +-
include/uapi/linux/in6.h | 4 +-
include/uapi/linux/io_uring.h | 2 +-
include/uapi/linux/mount.h | 3 +-
kernel/events/core.c | 20 +-
kernel/fork.c | 2 +-
kernel/power/console.c | 7 +-
kernel/rcu/tree_plugin.h | 3 +
kernel/trace/ftrace.c | 19 +-
kernel/trace/trace_events.c | 5 +
mm/filemap.c | 2 +-
mm/hmm.c | 2 +-
mm/kmemleak.c | 120 +++++----
mm/madvise.c | 2 +-
mm/mmap.c | 26 +-
mm/shmem.c | 2 +-
mm/zsmalloc.c | 6 +-
net/8021q/vlan.c | 42 ++-
net/8021q/vlan.h | 1 +
net/appletalk/aarp.c | 42 ++-
net/appletalk/ddp.c | 7 +-
net/bluetooth/hci_sysfs.c | 15 +-
net/bluetooth/l2cap_core.c | 26 +-
net/bluetooth/l2cap_sock.c | 3 +
net/bluetooth/smp.c | 21 +-
net/bluetooth/smp.h | 1 +
net/caif/cfctrl.c | 294 ++++++++++-----------
net/core/filter.c | 3 +
net/core/netpoll.c | 7 +
net/ipv4/route.c | 1 -
net/ipv4/tcp_input.c | 3 +-
net/ipv4/udp_offload.c | 2 +-
net/ipv6/ip6_offload.c | 4 +-
net/ipv6/seg6_hmac.c | 3 +
net/mac80211/tx.c | 1 +
net/ncsi/internal.h | 2 +-
net/ncsi/ncsi-rsp.c | 1 +
net/netfilter/nf_conntrack_netlink.c | 24 +-
net/netfilter/nf_tables_api.c | 4 +-
net/netfilter/xt_nfacct.c | 4 +-
net/netlink/af_netlink.c | 2 +-
net/packet/af_packet.c | 39 ++-
net/phonet/pep.c | 2 +-
net/sched/act_api.c | 14 +
net/sched/act_csum.c | 4 +-
net/sched/act_ct.c | 10 +-
net/sched/act_gact.c | 14 +-
net/sched/act_mirred.c | 55 ++--
net/sched/act_police.c | 5 +-
net/sched/act_tunnel_key.c | 2 +-
net/sched/act_vlan.c | 9 +-
net/sched/sch_cake.c | 14 +-
net/sched/sch_codel.c | 5 +-
net/sched/sch_drr.c | 7 +-
net/sched/sch_fq_codel.c | 6 +-
net/sched/sch_hfsc.c | 8 +-
net/sched/sch_htb.c | 6 +-
net/sched/sch_netem.c | 40 +++
net/sched/sch_qfq.c | 40 ++-
net/sched/sch_sfq.c | 116 +++++---
net/sctp/input.c | 2 +-
net/tls/tls_sw.c | 13 +
net/vmw_vsock/af_vsock.c | 3 +-
net/wireless/mlme.c | 3 +-
samples/mei/mei-amt-version.c | 2 +-
scripts/Kbuild.include | 8 +-
scripts/kconfig/gconf.c | 8 +-
scripts/kconfig/lxdialog/inputbox.c | 6 +-
scripts/kconfig/lxdialog/menubox.c | 2 +-
scripts/kconfig/nconf.c | 2 +
scripts/kconfig/nconf.gui.c | 1 +
security/inode.c | 2 -
sound/pci/hda/patch_ca0132.c | 2 +-
sound/pci/hda/patch_hdmi.c | 19 ++
sound/pci/intel8x0.c | 2 +-
sound/soc/codecs/hdac_hdmi.c | 10 +-
sound/soc/codecs/rt5640.c | 5 +
sound/soc/fsl/fsl_sai.c | 14 +-
sound/soc/intel/boards/Kconfig | 2 +-
sound/soc/soc-dapm.c | 4 +
sound/soc/soc-ops.c | 28 +-
sound/usb/mixer_quirks.c | 14 +-
sound/usb/mixer_scarlett_gen2.c | 9 +
sound/usb/stream.c | 25 +-
sound/usb/validate.c | 14 +-
tools/bpf/bpftool/net.c | 15 +-
tools/perf/tests/bp_account.c | 1 +
.../cpupower/utils/idle_monitor/mperf_monitor.c | 4 +-
tools/testing/ktest/ktest.pl | 5 +-
.../ftrace/test.d/ftrace/func-filter-glob.tc | 2 +-
tools/testing/selftests/futex/include/futextest.h | 11 +
.../testing/selftests/net/forwarding/tc_actions.sh | 72 ++++-
tools/testing/selftests/net/rtnetlink.sh | 6 +
366 files changed, 3519 insertions(+), 1494 deletions(-)
2 weeks, 4 days
- 7
- 413
[RFC 1/8] powerpc/mm: Fix SLB multihit issue during SLB preload
by Ritesh Harjani (IBM)
From: Donet Tom <donettom(a)linux.ibm.com>
On systems using the hash MMU, there is a software SLB preload cache that
mirrors the entries loaded into the hardware SLB buffer. This preload
cache is subject to periodic eviction — typically after every 256 context
switches — to remove old entry.
To optimize performance, the kernel skips switch_mmu_context() in
switch_mm_irqs_off() when the prev and next mm_struct are the same.
However, on hash MMU systems, this can lead to inconsistencies between
the hardware SLB and the software preload cache.
If an SLB entry for a process is evicted from the software cache on one
CPU, and the same process later runs on another CPU without executing
switch_mmu_context(), the hardware SLB may retain stale entries. If the
kernel then attempts to reload that entry, it can trigger an SLB
multi-hit error.
The following timeline shows how stale SLB entries are created and can
cause a multi-hit error when a process moves between CPUs without a
MMU context switch.
CPU 0 CPU 1
----- -----
Process P
exec swapper/1
load_elf_binary
begin_new_exc
activate_mm
switch_mm_irqs_off
switch_mmu_context
switch_slb
/*
* This invalidates all
* the entries in the HW
* and setup the new HW
* SLB entries as per the
* preload cache.
*/
context_switch
sched_migrate_task migrates process P to cpu-1
Process swapper/0 context switch (to process P)
(uses mm_struct of Process P) switch_mm_irqs_off()
switch_slb
load_slb++
/*
* load_slb becomes 0 here
* and we evict an entry from
* the preload cache with
* preload_age(). We still
* keep HW SLB and preload
* cache in sync, that is
* because all HW SLB entries
* anyways gets evicted in
* switch_slb during SLBIA.
* We then only add those
* entries back in HW SLB,
* which are currently
* present in preload_cache
* (after eviction).
*/
load_elf_binary continues...
setup_new_exec()
slb_setup_new_exec()
sched_switch event
sched_migrate_task migrates
process P to cpu-0
context_switch from swapper/0 to Process P
switch_mm_irqs_off()
/*
* Since both prev and next mm struct are same we don't call
* switch_mmu_context(). This will cause the HW SLB and SW preload
* cache to go out of sync in preload_new_slb_context. Because there
* was an SLB entry which was evicted from both HW and preload cache
* on cpu-1. Now later in preload_new_slb_context(), when we will try
* to add the same preload entry again, we will add this to the SW
* preload cache and then will add it to the HW SLB. Since on cpu-0
* this entry was never invalidated, hence adding this entry to the HW
* SLB will cause a SLB multi-hit error.
*/
load_elf_binary continues...
START_THREAD
start_thread
preload_new_slb_context
/*
* This tries to add a new EA to preload cache which was earlier
* evicted from both cpu-1 HW SLB and preload cache. This caused the
* HW SLB of cpu-0 to go out of sync with the SW preload cache. The
* reason for this was, that when we context switched back on CPU-0,
* we should have ideally called switch_mmu_context() which will
* bring the HW SLB entries on CPU-0 in sync with SW preload cache
* entries by setting up the mmu context properly. But we didn't do
* that since the prev mm_struct running on cpu-0 was same as the
* next mm_struct (which is true for swapper / kernel threads). So
* now when we try to add this new entry into the HW SLB of cpu-0,
* we hit a SLB multi-hit error.
*/
WARNING: CPU: 0 PID: 1810970 at arch/powerpc/mm/book3s64/slb.c:62
assert_slb_presence+0x2c/0x50(48 results) 02:47:29 [20157/42149]
Modules linked in:
CPU: 0 UID: 0 PID: 1810970 Comm: dd Not tainted 6.16.0-rc3-dirty #12
VOLUNTARY
Hardware name: IBM pSeries (emulated by qemu) POWER8 (architected)
0x4d0200 0xf000004 of:SLOF,HEAD hv:linux,kvm pSeries
NIP: c00000000015426c LR: c0000000001543b4 CTR: 0000000000000000
REGS: c0000000497c77e0 TRAP: 0700 Not tainted (6.16.0-rc3-dirty)
MSR: 8000000002823033 <SF,VEC,VSX,FP,ME,IR,DR,RI,LE> CR: 28888482 XER: 00000000
CFAR: c0000000001543b0 IRQMASK: 3
<...>
NIP [c00000000015426c] assert_slb_presence+0x2c/0x50
LR [c0000000001543b4] slb_insert_entry+0x124/0x390
Call Trace:
0x7fffceb5ffff (unreliable)
preload_new_slb_context+0x100/0x1a0
start_thread+0x26c/0x420
load_elf_binary+0x1b04/0x1c40
bprm_execve+0x358/0x680
do_execveat_common+0x1f8/0x240
sys_execve+0x58/0x70
system_call_exception+0x114/0x300
system_call_common+0x160/0x2c4
>From the above analysis, during early exec the hardware SLB is cleared,
and entries from the software preload cache are reloaded into hardware
by switch_slb. However, preload_new_slb_context and slb_setup_new_exec
also attempt to load some of the same entries, which can trigger a
multi-hit. In most cases, these additional preloads simply hit existing
entries and add nothing new. Removing these functions avoids redundant
preloads and eliminates the multi-hit issue. This patch removes these
two functions.
We tested process switching performance using the context_switch
benchmark on POWER9/hash, and observed no regression.
Without this patch: 129041 ops/sec
With this patch: 129341 ops/sec
We also measured SLB faults during boot, and the counts are essentially
the same with and without this patch.
SLB faults without this patch: 19727
SLB faults with this patch: 19786
Cc: Madhavan Srinivasan <maddy(a)linux.ibm.com>
Cc: Michael Ellerman <mpe(a)ellerman.id.au>
Cc: Nicholas Piggin <npiggin(a)gmail.com>
Cc: Christophe Leroy <christophe.leroy(a)csgroup.eu>
Cc: Paul Mackerras <paulus(a)ozlabs.org>
Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)kernel.org>
Cc: Donet Tom <donettom(a)linux.ibm.com>
Cc: linuxppc-dev(a)lists.ozlabs.org
Fixes: 5434ae74629a ("powerpc/64s/hash: Add a SLB preload cache")
cc: <stable(a)vger.kernel.org>
Suggested-by: Nicholas Piggin <npiggin(a)gmail.com>
Signed-off-by: Donet Tom <donettom(a)linux.ibm.com>
---
arch/powerpc/include/asm/book3s/64/mmu-hash.h | 1 -
arch/powerpc/kernel/process.c | 5 --
arch/powerpc/mm/book3s64/internal.h | 2 -
arch/powerpc/mm/book3s64/mmu_context.c | 2 -
arch/powerpc/mm/book3s64/slb.c | 88 -------------------
5 files changed, 98 deletions(-)
diff --git a/arch/powerpc/include/asm/book3s/64/mmu-hash.h b/arch/powerpc/include/asm/book3s/64/mmu-hash.h
index 1c4eebbc69c9..e1f77e2eead4 100644
--- a/arch/powerpc/include/asm/book3s/64/mmu-hash.h
+++ b/arch/powerpc/include/asm/book3s/64/mmu-hash.h
@@ -524,7 +524,6 @@ void slb_save_contents(struct slb_entry *slb_ptr);
void slb_dump_contents(struct slb_entry *slb_ptr);
extern void slb_vmalloc_update(void);
-void preload_new_slb_context(unsigned long start, unsigned long sp);
#ifdef CONFIG_PPC_64S_HASH_MMU
void slb_set_size(u16 size);
diff --git a/arch/powerpc/kernel/process.c b/arch/powerpc/kernel/process.c
index 855e09886503..2b9799157eb4 100644
--- a/arch/powerpc/kernel/process.c
+++ b/arch/powerpc/kernel/process.c
@@ -1897,8 +1897,6 @@ int copy_thread(struct task_struct *p, const struct kernel_clone_args *args)
return 0;
}
-void preload_new_slb_context(unsigned long start, unsigned long sp);
-
/*
* Set up a thread for executing a new program
*/
@@ -1906,9 +1904,6 @@ void start_thread(struct pt_regs *regs, unsigned long start, unsigned long sp)
{
#ifdef CONFIG_PPC64
unsigned long load_addr = regs->gpr[2]; /* saved by ELF_PLAT_INIT */
-
- if (IS_ENABLED(CONFIG_PPC_BOOK3S_64) && !radix_enabled())
- preload_new_slb_context(start, sp);
#endif
#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
diff --git a/arch/powerpc/mm/book3s64/internal.h b/arch/powerpc/mm/book3s64/internal.h
index a57a25f06a21..c26a6f0c90fc 100644
--- a/arch/powerpc/mm/book3s64/internal.h
+++ b/arch/powerpc/mm/book3s64/internal.h
@@ -24,8 +24,6 @@ static inline bool stress_hpt(void)
void hpt_do_stress(unsigned long ea, unsigned long hpte_group);
-void slb_setup_new_exec(void);
-
void exit_lazy_flush_tlb(struct mm_struct *mm, bool always_flush);
#endif /* ARCH_POWERPC_MM_BOOK3S64_INTERNAL_H */
diff --git a/arch/powerpc/mm/book3s64/mmu_context.c b/arch/powerpc/mm/book3s64/mmu_context.c
index 4e1e45420bd4..fb9dcf9ca599 100644
--- a/arch/powerpc/mm/book3s64/mmu_context.c
+++ b/arch/powerpc/mm/book3s64/mmu_context.c
@@ -150,8 +150,6 @@ static int hash__init_new_context(struct mm_struct *mm)
void hash__setup_new_exec(void)
{
slice_setup_new_exec();
-
- slb_setup_new_exec();
}
#else
static inline int hash__init_new_context(struct mm_struct *mm)
diff --git a/arch/powerpc/mm/book3s64/slb.c b/arch/powerpc/mm/book3s64/slb.c
index 6b783552403c..7e053c561a09 100644
--- a/arch/powerpc/mm/book3s64/slb.c
+++ b/arch/powerpc/mm/book3s64/slb.c
@@ -328,94 +328,6 @@ static void preload_age(struct thread_info *ti)
ti->slb_preload_tail = (ti->slb_preload_tail + 1) % SLB_PRELOAD_NR;
}
-void slb_setup_new_exec(void)
-{
- struct thread_info *ti = current_thread_info();
- struct mm_struct *mm = current->mm;
- unsigned long exec = 0x10000000;
-
- WARN_ON(irqs_disabled());
-
- /*
- * preload cache can only be used to determine whether a SLB
- * entry exists if it does not start to overflow.
- */
- if (ti->slb_preload_nr + 2 > SLB_PRELOAD_NR)
- return;
-
- hard_irq_disable();
-
- /*
- * We have no good place to clear the slb preload cache on exec,
- * flush_thread is about the earliest arch hook but that happens
- * after we switch to the mm and have already preloaded the SLBEs.
- *
- * For the most part that's probably okay to use entries from the
- * previous exec, they will age out if unused. It may turn out to
- * be an advantage to clear the cache before switching to it,
- * however.
- */
-
- /*
- * preload some userspace segments into the SLB.
- * Almost all 32 and 64bit PowerPC executables are linked at
- * 0x10000000 so it makes sense to preload this segment.
- */
- if (!is_kernel_addr(exec)) {
- if (preload_add(ti, exec))
- slb_allocate_user(mm, exec);
- }
-
- /* Libraries and mmaps. */
- if (!is_kernel_addr(mm->mmap_base)) {
- if (preload_add(ti, mm->mmap_base))
- slb_allocate_user(mm, mm->mmap_base);
- }
-
- /* see switch_slb */
- asm volatile("isync" : : : "memory");
-
- local_irq_enable();
-}
-
-void preload_new_slb_context(unsigned long start, unsigned long sp)
-{
- struct thread_info *ti = current_thread_info();
- struct mm_struct *mm = current->mm;
- unsigned long heap = mm->start_brk;
-
- WARN_ON(irqs_disabled());
-
- /* see above */
- if (ti->slb_preload_nr + 3 > SLB_PRELOAD_NR)
- return;
-
- hard_irq_disable();
-
- /* Userspace entry address. */
- if (!is_kernel_addr(start)) {
- if (preload_add(ti, start))
- slb_allocate_user(mm, start);
- }
-
- /* Top of stack, grows down. */
- if (!is_kernel_addr(sp)) {
- if (preload_add(ti, sp))
- slb_allocate_user(mm, sp);
- }
-
- /* Bottom of heap, grows up. */
- if (heap && !is_kernel_addr(heap)) {
- if (preload_add(ti, heap))
- slb_allocate_user(mm, heap);
- }
-
- /* see switch_slb */
- asm volatile("isync" : : : "memory");
-
- local_irq_enable();
-}
-
static void slb_cache_slbie_kernel(unsigned int index)
{
unsigned long slbie_data = get_paca()->slb_cache[index];
--
2.50.1
2 weeks, 5 days
- 1
- 0
Re: [PATCH v3] mm: slub: avoid wake up kswapd in set_track_prepare
by Vlastimil Babka
On 8/29/25 13:29, yangshiguang wrote:
> At 2025-08-27 16:40:21, "Vlastimil Babka" <vbabka(a)suse.cz> wrote:
>
>>>
>>>>
>>>
>>> How about this?
>>>
>>> /* Preemption is disabled in ___slab_alloc() */
>>> - gfp_flags &= ~(__GFP_DIRECT_RECLAIM);
>>> + gfp_flags = (gfp_flags & ~(__GFP_DIRECT_RECLAIM | __GFP_NOFAIL)) |
>>> + __GFP_NOWARN;
>>
>>I'd suggest using gfp_nested_flags() and & ~(__GFP_DIRECT_RECLAIM);
>>
>
> However, gfp has been processed by gfp_nested_mask() in
> stack_depot_save_flags().
Aha, didn't notice. Good to know!
> Still need to call here?
No then we can indeed just mask out __GFP_DIRECT_RECLAIM.
Maybe the comment could say something like:
/*
* Preemption is disabled in ___slab_alloc() so we need to disallow
* blocking. The flags are further adjusted by gfp_nested_mask() in
* stack_depot itself.
*/
> set_track_prepare()
> ->stack_depot_save_flags()
>
>>> >--
>>>>Cheers,
>>>>Harry / Hyeonggon
2 weeks, 5 days
- 2
- 1
[PATCH 2/3] drm/xe: Allow the pm notifier to continue on failure
by Thomas Hellström
Its actions are opportunistic anyway and will be completed
on device suspend.
Also restrict the scope of the pm runtime reference to
the notifier callback itself to make it easier to
follow.
Marking as a fix to simplify backporting of the fix
that follows in the series.
Fixes: c6a4d46ec1d7 ("drm/xe: evict user memory in PM notifier")
Cc: Matthew Auld <matthew.auld(a)intel.com>
Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com>
Cc: <stable(a)vger.kernel.org> # v6.16+
Signed-off-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com>
---
drivers/gpu/drm/xe/xe_pm.c | 14 ++++----------
1 file changed, 4 insertions(+), 10 deletions(-)
diff --git a/drivers/gpu/drm/xe/xe_pm.c b/drivers/gpu/drm/xe/xe_pm.c
index a2e85030b7f4..b57b46ad9f7c 100644
--- a/drivers/gpu/drm/xe/xe_pm.c
+++ b/drivers/gpu/drm/xe/xe_pm.c
@@ -308,28 +308,22 @@ static int xe_pm_notifier_callback(struct notifier_block *nb,
case PM_SUSPEND_PREPARE:
xe_pm_runtime_get(xe);
err = xe_bo_evict_all_user(xe);
- if (err) {
+ if (err)
drm_dbg(&xe->drm, "Notifier evict user failed (%d)\n", err);
- xe_pm_runtime_put(xe);
- break;
- }
err = xe_bo_notifier_prepare_all_pinned(xe);
- if (err) {
+ if (err)
drm_dbg(&xe->drm, "Notifier prepare pin failed (%d)\n", err);
- xe_pm_runtime_put(xe);
- }
+ xe_pm_runtime_put(xe);
break;
case PM_POST_HIBERNATION:
case PM_POST_SUSPEND:
+ xe_pm_runtime_get(xe);
xe_bo_notifier_unprepare_all_pinned(xe);
xe_pm_runtime_put(xe);
break;
}
- if (err)
- return NOTIFY_BAD;
-
return NOTIFY_DONE;
}
--
2.50.1
2 weeks, 5 days
- 3
- 4
[PATCH 5.4 000/403] 5.4.297-rc2 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 5.4.297 release.
There are 403 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Fri, 29 Aug 2025 07:37:48 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.297-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 5.4.297-rc2
Al Viro <viro(a)zeniv.linux.org.uk>
alloc_fdtable(): change calling conventions.
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Enable limited access during lockdown
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
William Liu <will(a)willsroot.io>
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
William Liu <will(a)willsroot.io>
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
Jason Xing <kernelxing(a)tencent.com>
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Minhong He <heminhong(a)kylinos.cn>
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Dan Carpenter <dan.carpenter(a)linaro.org>
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Dan Carpenter <dan.carpenter(a)linaro.org>
scsi: qla4xxx: Prevent a potential error pointer dereference
Weitao Wang <WeitaoWang-oc(a)zhaoxin.com>
usb: xhci: Fix slot_id resource race conflict
Josef Bacik <josef(a)toxicpanda.com>
nfs: fix UAF in direct writes
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix up commit deadlocks
Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com>
cifs: Fix UAF in cifs_demultiplex_thread()
Dmitry Antipov <dmantipov(a)yandex.ru>
Bluetooth: fix use-after-free in device_for_each_child()
Davide Caratti <dcaratti(a)redhat.com>
act_mirred: use the backlog for nested calls to mirred ingress
Davide Caratti <dcaratti(a)redhat.com>
net/sched: act_mirred: better wording on protection against excessive stack growth
wenxu <wenxu(a)ucloud.cn>
net/sched: act_mirred: refactor the handle of xmit
Jiri Pirko <jiri(a)mellanox.com>
selftests: forwarding: tc_actions.sh: add matchall mirror test
Vlad Buslov <vladbu(a)mellanox.com>
net: sched: don't expose action qstats to skb_tc_reinsert()
Vlad Buslov <vladbu(a)mellanox.com>
net: sched: extract qstats update code into functions
Vlad Buslov <vladbu(a)mellanox.com>
net: sched: extract bstats update code into function
Vlad Buslov <vladbu(a)mellanox.com>
net: sched: extract common action counters update code into function
Lorenzo Stoakes <lstoakes(a)gmail.com>
mm: perform the mapping_map_writable() check after call_mmap()
Lorenzo Stoakes <lstoakes(a)gmail.com>
mm: update memfd seal write check to include F_SEAL_WRITE
Lorenzo Stoakes <lstoakes(a)gmail.com>
mm: drop the assumption that VM_SHARED always implies writable
Cong Wang <xiyou.wangcong(a)gmail.com>
codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
Cong Wang <xiyou.wangcong(a)gmail.com>
sch_qfq: make qfq_qlen_notify() idempotent
Cong Wang <xiyou.wangcong(a)gmail.com>
sch_hfsc: make hfsc_qlen_notify() idempotent
Cong Wang <xiyou.wangcong(a)gmail.com>
sch_drr: make drr_qlen_notify() idempotent
Qu Wenruo <wqu(a)suse.com>
btrfs: populate otime when logging an inode item
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: hfi: explicitly release IRQ during teardown
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in dnode page
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: protect against spurious interrupts during probe
Vladimir Zapolskiy <vladimir.zapolskiy(a)linaro.org>
media: qcom: camss: cleanup media device allocated resource on error path
Ricardo Ribalda <ribalda(a)chromium.org>
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
Imre Deak <imre.deak(a)intel.com>
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Fix duty and period setting
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Handle hardware enable and clock enable separately
Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de>
pwm: mediatek: Implement .apply() callback
Gui-Dong Han <hanguidong02(a)gmail.com>
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Sakari Ailus <sakari.ailus(a)linux.intel.com>
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Hans Verkuil <hverkuil-cisco(a)xs4all.nl>
media: v4l2-ctrls: always copy the controls on completion
Damien Le Moal <dlemoal(a)kernel.org>
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com>
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Meagan Lloyd <meaganlloyd(a)linux.microsoft.com>
rtc: ds1307: handle oscillator stop flag (OSF) for ds1341
Johan Hovold <johan(a)kernel.org>
usb: musb: omap2430: fix device leak at unbind
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix the setting of capabilities when automounting a new filesystem
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix up handling of outstanding layoutcommit in nfs_update_inode()
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFSv4: Fix nfs4_bitmap_copy_adjust()
Sebastian Reichel <sebastian.reichel(a)collabora.com>
usb: typec: fusb302: cache PD RX state
Oliver Neukum <oneukum(a)suse.com>
cdc-acm: fix race between initial clearing halt and open
Johan Hovold <johan(a)kernel.org>
USB: cdc-acm: do not log successful probe on later errors
Breno Leitao <leitao(a)debian.org>
mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
He Zhe <zhe.he(a)windriver.com>
mm/kmemleak: turn kmemleak_lock and object->lock to raw_spinlock_t
Geoffrey D. Bennett <g(a)b4.vu>
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Dave Hansen <dave.hansen(a)linux.intel.com>
x86/fpu: Delay instruction pointer fixup until after warning
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Jeff Layton <jlayton(a)kernel.org>
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
Maulik Shah <maulik.shah(a)oss.qualcomm.com>
pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov
Steven Rostedt <rostedt(a)goodmis.org>
tracing: Add down_write(trace_event_sem) when adding trace event
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: Don't try to recover devices lost during warm reset.
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: avoid warm port reset during USB3 disconnect
Yazen Ghannam <yazen.ghannam(a)amd.com>
x86/mce/amd: Add default names for MCA banks and blocks
Zhang Lixu <lixu.zhang(a)intel.com>
iio: hid-sensor-prox: Fix incorrect OFFSET calculation
Chao Yu <chao(a)kernel.org>
f2fs: fix to do sanity check on ino and xnid
Harry Yoo <harry.yoo(a)oracle.com>
mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n
Miaohe Lin <linmiaohe(a)huawei.com>
mm/zsmalloc.c: convert to use kmem_cache_zalloc in cache_alloc_zspage()
Lin.Cao <lincao12(a)amd.com>
drm/sched: Remove optimization that causes hang when killing dependent jobs
Haoxiang Li <haoxiang_li2024(a)163.com>
ice: Fix a null pointer dereference in ice_copy_and_init_pkg()
Ammar Faizi <ammarfaizi2(a)gnuweeb.org>
net: usbnet: Fix the wrong netif_carrier_on() call
John Ernberg <john.ernberg(a)actia.se>
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
Lukas Wunner <lukas(a)wunner.de>
PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports
Li Zhong <floridsleeves(a)gmail.com>
ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix initialization of data for instructions that write to subdevice
Nathan Chancellor <nathan(a)kernel.org>
kbuild: Add KBUILD_CPPFLAGS to as-option invocation
Masahiro Yamada <masahiroy(a)kernel.org>
kbuild: add $(CLANG_FLAGS) to KBUILD_CPPFLAGS
Nathan Chancellor <nathan(a)kernel.org>
kbuild: Add CLANG_FLAGS to as-instr
Nathan Chancellor <nathan(a)kernel.org>
mips: Include KBUILD_CPPFLAGS in CHECKFLAGS invocation
Nick Desaulniers <ndesaulniers(a)google.com>
kbuild: Update assembler calls to use proper flags and language target
Nathan Chancellor <nathan(a)kernel.org>
ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS
Kuen-Han Tsai <khtsai(a)google.com>
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Zenm Chen <zenmchen(a)gmail.com>
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Thorsten Blum <thorsten.blum(a)linux.dev>
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Mael GUERIN <mael.guerin(a)murena.io>
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Miao Li <limiao(a)kylinos.cn>
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
David Lechner <dlechner(a)baylibre.com>
iio: proximity: isl29501: fix buffered read on big-endian systems
Steven Rostedt <rostedt(a)goodmis.org>
ftrace: Also allocate and copy hash for reading of filter files
Xu Yilun <yilun.xu(a)linux.intel.com>
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Al Viro <viro(a)zeniv.linux.org.uk>
use uniform permission checks for all mount propagation changes
Pavel Tikhomirov <ptikhomirov(a)virtuozzo.com>
move_mount: allow to add a mount into an existing group
Ye Bin <yebin10(a)huawei.com>
fs/buffer: fix use-after-free when call bh_read() helper
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
Phillip Lougher <phillip(a)squashfs.org.uk>
squashfs: fix memory leak in squashfs_fill_super
Jiayi Li <lijiayi(a)kylinos.cn>
memstick: Fix deadlock by moving removing flag earlier
Vedang Nagar <quic_vnagar(a)quicinc.com>
media: venus: Add a check for packet size after reading from shared memory
Zhang Shurong <zhang_shurong(a)foxmail.com>
media: ov2659: Fix memory leaks in ov2659_probe()
Ludwig Disterhof <ludwig(a)disterhof.eu>
media: usbtv: Lock resolution while streaming
Haoxiang Li <haoxiang_li2024(a)163.com>
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
Dan Carpenter <dan.carpenter(a)linaro.org>
media: gspca: Add bounds checking to firmware parser
Jon Hunter <jonathanh(a)nvidia.com>
soc/tegra: pmc: Ensure power-domains are in a known state
Baokun Li <libaokun1(a)huawei.com>
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group removal on driver teardown
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group list head handling
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: fsmc: Add missing check after DMA map
Laurentiu Mihalcea <laurentiu.mihalcea(a)nxp.com>
pwm: imx-tpm: Reset counter if CMOD is 0
Nathan Chancellor <nathan(a)kernel.org>
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
Marek Szyprowski <m.szyprowski(a)samsung.com>
zynq_fpga: use sgtable-based scatterlist wrappers
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-scsi: Fix ata_to_sense_error() status handling
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix reserved gdt blocks handling in fsmap
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix fsmap end of range reporting with bigalloc
Andreas Dilger <adilger(a)dilger.ca>
ext4: check fast symlink for ea_inode correctly
Helge Deller <deller(a)gmx.de>
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: defkeymap: Map keycodes above 127 to K_HOLE
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: keyboard: Don't process Unicode characters in K_OFF mode
Johan Hovold <johan(a)kernel.org>
usb: dwc3: meson-g12a: fix device leaks at unbind
Johan Hovold <johan(a)kernel.org>
usb: gadget: udc: renesas_usb3: fix device leak at unbind
Nathan Chancellor <nathan(a)kernel.org>
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
Finn Thain <fthain(a)linux-m68k.org>
m68k: Fix lost column on framebuffer debug console
Dan Carpenter <dan.carpenter(a)linaro.org>
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
Yunhui Cui <cuiyunhui(a)bytedance.com>
serial: 8250: fix panic due to PSLVERR
Ricardo Ribalda <ribalda(a)chromium.org>
media: uvcvideo: Do not mark valid metadata as invalid
Youngjun Lee <yjjuny.lee(a)samsung.com>
media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()
Waiman Long <longman(a)redhat.com>
mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup()
Randy Dunlap <rdunlap(a)infradead.org>
parisc: Makefile: fix a typo in palo.conf
Filipe Manana <fdmanana(a)suse.com>
btrfs: fix log tree replay failure due to file with 0 links and extents
Eric Biggers <ebiggers(a)kernel.org>
thunderbolt: Fix copy+paste error in match_service_id()
Ian Abbott <abbotti(a)mev.co.uk>
comedi: fix race between polling and detaching
Ricky Wu <ricky_wu(a)realtek.com>
misc: rtsx: usb: Ensure mmc child device is active when card is present
Jack Xiao <Jack.Xiao(a)amd.com>
drm/amdgpu: fix incorrect vm flags to map bo
Jiasheng Jiang <jiashengjiangcool(a)gmail.com>
scsi: lpfc: Remove redundant assignment to avoid memory leak
Meagan Lloyd <meaganlloyd(a)linux.microsoft.com>
rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix uninited ptr deref in block/scsi layout
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Handle RPC size limit for layoutcommits
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix disk addr range check in block/scsi layout
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix stripe mapping in block/scsi layout
Buday Csaba <buday.csaba(a)prolan.hu>
net: phy: smsc: add proper reset flags for LAN8710A
Corey Minyard <corey(a)minyard.net>
ipmi: Fix strcpy source and destination the same
Yann E. MORIN <yann.morin.1998(a)free.fr>
kconfig: lxdialog: fix 'space' to (de)select options
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: gconf: fix potential memory leak in renderer_edited()
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed()
Breno Leitao <leitao(a)debian.org>
ipmi: Use dev_warn_ratelimited() for incorrect message warnings
John Garry <john.g.garry(a)oracle.com>
scsi: aacraid: Stop using PCI_IRQ_AFFINITY
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans
Shankari Anand <shankari.ak0208(a)gmail.com>
kconfig: nconf: Ensure null termination where strncpy is used
Suchit Karunakaran <suchitkarunakaran(a)gmail.com>
kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i3c: don't fail if GETHDRCAP is unsupported
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Work around switches with broken presence detection
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i3c: add missing include to internal header
chenchangcheng <chenchangcheng(a)kylinos.cn>
media: uvcvideo: Fix bandwidth issue for Alcor camera
Alex Guo <alexguo1023(a)gmail.com>
media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar
Alex Guo <alexguo1023(a)gmail.com>
media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
media: usb: hdpvr: disable zero-length read messages
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Increase FIFO trigger level to 374
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Return an appropriate colorspace from tc358743_set_fmt
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Check I2C succeeded during probe
Cheick Traore <cheick.traore(a)foss.st.com>
pinctrl: stm32: Manage irq affinity settings
Damien Le Moal <dlemoal(a)kernel.org>
scsi: mpt3sas: Correctly handle ATA device errors
Justin Tee <justin.tee(a)broadcom.com>
scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure
Yury Norov [NVIDIA] <yury.norov(a)gmail.com>
RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
MIPS: Don't crash in stack_top() for tasks without ABI or vDSO
Arnaud Lecomte <contact(a)arnaud-lcm.com>
jfs: upper bound check of tree index in dbAllocAG
Edward Adam Davis <eadavis(a)qq.com>
jfs: Regular file corruption check
Lizhi Xu <lizhi.xu(a)windriver.com>
jfs: truncate good inode pages when hard link is 0
jackysliu <1972843537(a)qq.com>
scsi: bfa: Double-free fix
Shiji Yang <yangshiji66(a)outlook.com>
MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free}
Sebastian Reichel <sebastian.reichel(a)collabora.com>
watchdog: dw_wdt: Fix default timeout
Amir Mohammad Jahangirzad <a.jahangirzad(a)gmail.com>
fs/orangefs: use snprintf() instead of sprintf()
Showrya M N <showrya(a)chelsio.com>
scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated
Theodore Ts'o <tytso(a)mit.edu>
ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
Pali Rohár <pali(a)kernel.org>
cifs: Fix calling CIFSFindFirst() for root path without msearch
Jason Wang <jasowang(a)redhat.com>
vhost: fail early when __vhost_add_used() fails
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325
Jakub Kicinski <kuba(a)kernel.org>
uapi: in6: restore visibility of most IPv6 socket options
Hari Kalavakunta <kalavakunta.hari.prasad(a)gmail.com>
net: ncsi: Fix buffer overflow in fetching version id
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: prevent SWITCH_CTRL access on BCM5325
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: fix b53_imp_vlan_setup for BCM5325
Gal Pressman <gal(a)nvidia.com>
net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs
Stanislaw Gruszka <stf_xl(a)wp.pl>
wifi: iwlegacy: Check rate_idx range after addition
Mina Almasry <almasrymina(a)google.com>
netmem: fix skb_frag_address_safe with unreadable skbs
Thomas Fourier <fourier.thomas(a)gmail.com>
wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`.
Pagadala Yesu Anjaneyulu <pagadala.yesu.anjaneyulu(a)intel.com>
wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect
Rand Deeb <rand.sec96(a)gmail.com>
wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd()
Jonas Rebmann <jre(a)pengutronix.de>
net: fec: allow disable coalescing
Thomas Fourier <fourier.thomas(a)gmail.com>
(powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer
Sven Schnelle <svens(a)linux.ibm.com>
s390/stp: Remove udelay from stp_sync_clock()
Avraham Stern <avraham.stern(a)intel.com>
wifi: iwlwifi: mvm: fix scan request validation
Alok Tiwari <alok.a.tiwari(a)oracle.com>
net: thunderx: Fix format-truncation warning in bgx_acpi_match_id()
Oscar Maes <oscmaes92(a)gmail.com>
net: ipv4: fix incorrect MTU in broadcast routes
Ilan Peer <ilan.peer(a)intel.com>
wifi: cfg80211: Fix interface type validation
Paul E. McKenney <paulmck(a)kernel.org>
rcu: Protect ->defer_qs_iw_pending from data race
Thomas Fourier <fourier.thomas(a)gmail.com>
net: ag71xx: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
et131x: Add missing check after DMA map
Alok Tiwari <alok.a.tiwari(a)oracle.com>
be2net: Use correct byte order and format string for TCP seq and ack_seq
Sven Schnelle <svens(a)linux.ibm.com>
s390/time: Use monotonic clock in get_cycles()
Johannes Berg <johannes.berg(a)intel.com>
wifi: cfg80211: reject HTC bit for management frames
Steven Rostedt <rostedt(a)goodmis.org>
ktest.pl: Prevent recursion of default variable options
Xinxin Wan <xinxin.wan(a)intel.com>
ASoC: codecs: rt5640: Retry DEVICE_ID verification
Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com>
ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros
Lucy Thrun <lucy.thrun(a)digital-rabbithole.de>
ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
Kees Cook <kees(a)kernel.org>
platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches
Gautham R. Shenoy <gautham.shenoy(a)amd.com>
pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop()
Oliver Neukum <oneukum(a)suse.com>
usb: core: usb_submit_urb: downgrade type check
Alok Tiwari <alok.a.tiwari(a)oracle.com>
ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4
Mark Brown <broonie(a)kernel.org>
ASoC: hdac_hdmi: Rate limit logging on connection and disconnection
Ulf Hansson <ulf.hansson(a)linaro.org>
mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode()
Breno Leitao <leitao(a)debian.org>
ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path
Sebastian Ott <sebott(a)redhat.com>
ACPI: processor: fix acpi_object initialization
tuhaowen <tuhaowen(a)uniontech.com>
PM: sleep: console: Fix the black screen issue
Hsin-Te Yuan <yuanhsinte(a)chromium.org>
thermal: sysfs: Return ENODATA instead of EAGAIN for reads
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit()
Masami Hiramatsu (Google) <mhiramat(a)kernel.org>
selftests: tracing: Use mutex_unlock for testing glob filter
Aaron Kling <webgeek1234(a)gmail.com>
ARM: tegra: Use I/O memcpy to write to IRAM
Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
gpio: tps65912: check the return value of regmap_update_bits()
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed
Alexander Kochetkov <al.kochet(a)gmail.com>
ARM: rockchip: fix kernel hang during smp initialization
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Exit governor when failed to start old governor
Mario Limonciello <mario.limonciello(a)amd.com>
usb: xhci: Avoid showing errors during surprise removal
Jay Chen <shawn2000100(a)gmail.com>
usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command
Mario Limonciello <mario.limonciello(a)amd.com>
usb: xhci: Avoid showing warnings for dying controller
Cynthia Huang <cynthia(a)andestech.com>
selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t
Su Hui <suhui(a)nfschina.com>
usb: xhci: print xhci->xhc_state when queue_command failed
Al Viro <viro(a)zeniv.linux.org.uk>
securityfs: don't pin dentries twice, once is enough...
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfs: fix not erasing deleted b-tree node issue
Sarah Newman <srn(a)prgmr.com>
drbd: add missing kref_get in handle_write_conflicts
Jan Kara <jack(a)suse.cz>
udf: Verify partition map count
Kees Cook <kees(a)kernel.org>
arm64: Handle KCOV __init vs inline mismatches
Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp>
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfs: fix slab-out-of-bounds in hfs_bnode_read()
Xin Long <lucien.xin(a)gmail.com>
sctp: linearize cloned gso packets in sctp_rcv
Florian Westphal <fw(a)strlen.de>
netfilter: ctnetlink: fix refcount leak on table dump
Sabrina Dubroca <sd(a)queasysnail.net>
udp: also consider secpath when evaluating ipsec use for checksumming
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
ACPI: processor: perflib: Move problematic pr->performance check
Jiayi Li <lijiayi(a)kylinos.cn>
ACPI: processor: perflib: Fix initial _PPC limit application
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
Documentation: ACPI: Fix parent device references
Sasha Levin <sashal(a)kernel.org>
fs: Prevent file descriptor table allocations exceeding INT_MAX
Ma Ke <make24(a)iscas.ac.cn>
sunvdc: Balance device refcount in vdc_port_mpgroup_check
Dai Ngo <dai.ngo(a)oracle.com>
NFSD: detect mismatch of file handle and delegation stateid in OPEN op
Johan Hovold <johan(a)kernel.org>
net: dpaa: fix device leak when querying time stamp info
Johan Hovold <johan(a)kernel.org>
net: gianfar: fix device leak when querying time stamp info
Fedor Pchelkin <pchelkin(a)ispras.ru>
netlink: avoid infinite retry looping in netlink_unicast()
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Validate UAC3 power domain descriptors, too
Pavel Begunkov <asml.silence(a)gmail.com>
io_uring: don't use int for ABI
Tao Xue <xuetao09(a)huawei.com>
usb: gadget : fix use-after-free in composite_dev_cleanup()
Jiaxun Yang <jiaxun.yang(a)flygoat.com>
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Slark Xiao <slark_xiao(a)163.com>
USB: serial: option: add Foxconn T99W709
Budimir Markovic <markovicbudimir(a)gmail.com>
vsock: Do not allow binding to VMADDR_PORT_ANY
Quang Le <quanglex97(a)gmail.com>
net/packet: fix a race in packet_set_ring() and packet_notifier()
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Prevent VMA split of buffer mappings
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Exit early on perf_mmap() fail
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Don't leak AUX buffer refcount on allocation failure
Eric Dumazet <edumazet(a)google.com>
pptp: fix pptp_xmit() error path
Stefan Metzmacher <metze(a)samba.org>
smb: client: let recv_done() cleanup before notifying the callers.
Michal Schmidt <mschmidt(a)redhat.com>
benet: fix BUG when creating VFs
Wang Liang <wangliang74(a)huawei.com>
net: drop UFO packets in udp_rcv_segment()
Eric Dumazet <edumazet(a)google.com>
ipv6: reject malicious packets in ipv6_gso_segment()
Eric Dumazet <edumazet(a)google.com>
pptp: ensure minimal skb length in pptp_xmit()
Jakub Kicinski <kuba(a)kernel.org>
netpoll: prevent hanging NAPI when netcons gets enabled
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
Frederic Barrat <fbarrat(a)linux.ibm.com>
pci/hotplug/pnv-php: Wrap warnings in macro
Frederic Barrat <fbarrat(a)linux.ibm.com>
pci/hotplug/pnv-php: Improve error msg on power state change failure
Peter Chen <peter.chen(a)nxp.com>
usb: chipidea: udc: fix sleeping function called from invalid context
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in devs.path
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid panic in f2fs_evict_inode
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
Brian Masney <bmasney(a)redhat.com>
rtc: pcf8563: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: hym8563: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: ds1307: fix incorrect maximum clock rate handling
Petr Pavlu <petr.pavlu(a)suse.com>
module: Restore the moduleparam prefix length check
Paul Chaignon <paul.chaignon(a)gmail.com>
bpf: Check flow_dissector ctx accesses are aligned
Balamanikandan Gunasundar <balamanikandan.gunasundar(a)microchip.com>
mtd: rawnand: atmel: set pmecc data setup time
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: atmel: Fix dma_mapping_error() address
Zheng Yu <zheng.yu(a)northwestern.edu>
jfs: fix metapage reference count leak in dbAllocCtl
Chenyuan Yang <chenyuan0y(a)gmail.com>
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - fix seq_file position update in adf_ring_next()
Thomas Fourier <fourier.thomas(a)gmail.com>
dmaengine: nbpfaxi: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
Dan Carpenter <dan.carpenter(a)linaro.org>
fs/orangefs: Allow 2 more characters in do_c_string()
Bard Liao <yung-chuan.liao(a)linux.intel.com>
soundwire: stream: restore params when prepare ports fail
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: img-hash - Fix dma_unmap_sg() nents value
Ovidiu Panait <ovidiu.panait.oss(a)gmail.com>
hwrng: mtk - handle devm_pm_runtime_enable errors
Dan Carpenter <dan.carpenter(a)linaro.org>
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: isci: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: mvsas: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
Paul Kocialkowski <paulk(a)sys-base.io>
clk: sunxi-ng: v3s: Fix de clock definition
Leo Yan <leo.yan(a)arm.com>
perf tests bp_account: Fix leaked file descriptor
Mengbiao Xiong <xisme1998(a)gmail.com>
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Yuan Chen <chenyuan(a)kylinos.cn>
pinctrl: sunxi: Fix memory leak on krealloc failure
Charles Han <hanchunchao(a)inspur.com>
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Henry Martin <bsdhenrymartin(a)gmail.com>
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Ivan Stepchenko <sid(a)itb.spb.ru>
mtd: fix possible integer overflow in erase_xfer()
Herbert Xu <herbert(a)gondor.apana.org.au>
crypto: marvell/cesa - Fix engine load inaccuracy
Hans Zhang <18255117159(a)163.com>
PCI: rockchip-host: Fix "Unexpected Completion" log message
Stanislav Fomichev <sdf(a)fomichev.me>
vrf: Drop existing dst reference in vrf_ip6_input_dst
Xiumei Mu <xmu(a)redhat.com>
selftests: rtnetlink.sh: remove esp4_offload after test
Florian Westphal <fw(a)strlen.de>
netfilter: xt_nfacct: don't assume acct name is null-terminated
Jimmy Assarsson <extja(a)kvaser.com>
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Jimmy Assarsson <extja(a)kvaser.com>
can: kvaser_pciefd: Store device channel index
Gokul Sivakumar <gokulkumar.sivakumar(a)infineon.com>
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Remi Pommarel <repk(a)triplefau.lt>
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Thomas Fourier <fourier.thomas(a)gmail.com>
mwl8k: Add missing check after DMA map
Martin Kaistra <martin.kaistra(a)linutronix.de>
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
William Liu <will(a)willsroot.io>
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
Johan Korsnes <johan.korsnes(a)gmail.com>
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
Fedor Pchelkin <pchelkin(a)ispras.ru>
netfilter: nf_tables: adjust lockdep assertions handling
Fedor Pchelkin <pchelkin(a)ispras.ru>
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
Finn Thain <fthain(a)linux-m68k.org>
m68k: Don't unregister boot console needlessly
xin.guo <guoxin0309(a)gmail.com>
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
iwlwifi: Add missing check for alloc_ordered_workqueue
Xiu Jianfeng <xiujianfeng(a)huawei.com>
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Daniil Dulov <d.dulov(a)aladdin.ru>
wifi: rtl818x: Kill URBs before clearing tx status queue
Arnd Bergmann <arnd(a)arndb.de>
caif: reduce stack size, again
Yuan Chen <chenyuan(a)kylinos.cn>
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
Jiayuan Chen <jiayuan.chen(a)linux.dev>
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Alok Tiwari <alok.a.tiwari(a)oracle.com>
staging: nvec: Fix incorrect null termination of battery manufacturer
Brahmajit Das <listout(a)listout.xyz>
samples: mei: Fix building on musl libc
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Init policy->rwsem before it may be possibly used
Annette Kobou <annette.kobou(a)kontron.de>
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Lucas De Marchi <lucas.demarchi(a)intel.com>
usb: early: xhci-dbc: Fix early_ioremap leak
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Revert "vmci: Prevent the dispatching of uninitialized payloads"
Denis OSTERLAND-HEIM <denis.osterland(a)diehl.com>
pps: fix poll support
Lizhi Xu <lizhi.xu(a)windriver.com>
vmci: Prevent the dispatching of uninitialized payloads
Abdun Nihaal <abdun.nihaal(a)gmail.com>
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
ARM: dts: vfxxx: Correctly use two tuples for timer address
Arnd Bergmann <arnd(a)arndb.de>
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
Yangtao Li <frank.li(a)vivo.com>
hfsplus: remove mutex_lock check in hfsplus_free_extents
Arnd Bergmann <arnd(a)arndb.de>
ASoC: Intel: fix SND_SOC_SOF dependencies
Arnd Bergmann <arnd(a)arndb.de>
ethernet: intel: fix building with large NR_CPUS
Xu Yang <xu.yang_2(a)nxp.com>
usb: phy: mxs: disconnect line when USB charger is attached
Xu Yang <xu.yang_2(a)nxp.com>
usb: chipidea: add USB PHY event
Peter Chen <peter.chen(a)nxp.com>
usb: chipidea: introduce CI_HDRC_CONTROLLER_VBUS_EVENT glue layer use
Jun Li <jun.li(a)nxp.com>
usb: chipidea: udc: protect usb interrupt enable
Peter Chen <peter.chen(a)nxp.com>
usb: chipidea: udc: add new API ci_hdrc_gadget_connect
Daniel Dadap <ddadap(a)nvidia.com>
ALSA: hda: Add missing NVIDIA HDA codec IDs
Ian Abbott <abbotti(a)mev.co.uk>
comedi: comedi_test: Fix possible deletion of uninitialized timers
Ryusuke Konishi <konishi.ryusuke(a)gmail.com>
nilfs2: reject invalid file types when reading inodes
Yang Xiwen <forbidden405(a)outlook.com>
i2c: qup: jump out of the loop in case of timeout
Xiang Mei <xmei5(a)asu.edu>
net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class
Kito Xu (veritas501) <hxzene(a)gmail.com>
net: appletalk: Fix use-after-free in AARP proxy probe
Andrew Lunn <andrew(a)lunn.ch>
net: appletalk: fix kerneldoc warnings
Maor Gottlieb <maorg(a)nvidia.com>
RDMA/core: Rate limit GID cache warning messages
Alessandro Carminati <acarmina(a)redhat.com>
regulator: core: fix NULL dereference on unbind due to stale coupling data
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: fix detection of high tier USB3 devices behind suspended hubs
Eric Dumazet <edumazet(a)google.com>
net_sched: sch_sfq: reject invalid perturb period
Octavian Purdila <tavip(a)google.com>
net_sched: sch_sfq: move the limit validation
Octavian Purdila <tavip(a)google.com>
net_sched: sch_sfq: use a temporary work area for validating configuration
Octavian Purdila <tavip(a)google.com>
net_sched: sch_sfq: don't allow 1 packet limit
Eric Dumazet <edumazet(a)google.com>
net_sched: sch_sfq: handle bigger packets
Eric Dumazet <edumazet(a)google.com>
net_sched: sch_sfq: annotate data-races around q->perturb_period
Zheng Wang <zyytlz.wz(a)163.com>
power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
Minghao Chi <chi.minghao(a)zte.com.cn>
power: supply: bq24190_charger: using pm_runtime_resume_and_get instead of pm_runtime_get_sync
Dinghao Liu <dinghao.liu(a)zju.edu.cn>
power: supply: bq24190_charger: Fix runtime PM imbalance on error
Hongyu Xie <xiehongyu1(a)kylinos.cn>
xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS
Bui Quang Minh <minhquangbui99(a)gmail.com>
virtio-net: ensure the received length does not exceed allocated size
Arun Raghavan <arun(a)asymptotic.io>
ASoC: fsl_sai: Force a software reset when starting in consumer mode
Krishna Kurapati <krishna.kurapati(a)oss.qualcomm.com>
usb: dwc3: qcom: Don't leave BCR asserted
Drew Hamilton <drew.hamilton(a)zetier.com>
usb: musb: fix gadget state on disconnect
William Liu <will(a)willsroot.io>
net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree
Dong Chenchen <dongchenchen2(a)huawei.com>
net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: SMP: If an unallowed command is received consider it a failure
Kuniyuki Iwashima <kuniyu(a)google.com>
Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()
Oliver Neukum <oneukum(a)suse.com>
usb: net: sierra: check for no status endpoint
Xiang Mei <xmei5(a)asu.edu>
net/sched: sch_qfq: Fix race condition on qfq_aggregate
Alok Tiwari <alok.a.tiwari(a)oracle.com>
net: emaclite: Fix missing pointer increment in aligned_read()
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix use of uninitialized data in insn_rw_emulate_bits()
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix some signed shift left operations
Ian Abbott <abbotti(a)mev.co.uk>
comedi: das6402: Fix bit shift out of bounds
Ian Abbott <abbotti(a)mev.co.uk>
comedi: das16m1: Fix bit shift out of bounds
Ian Abbott <abbotti(a)mev.co.uk>
comedi: aio_iiro_16: Fix bit shift out of bounds
Ian Abbott <abbotti(a)mev.co.uk>
comedi: pcl812: Fix bit shift out of bounds
Chen Ni <nichen(a)iscas.ac.cn>
iio: adc: stm32-adc: Fix race in installing chained IRQ handler
Fabio Estevam <festevam(a)denx.de>
iio: adc: max1363: Reorder mode_list[] entries
Fabio Estevam <festevam(a)denx.de>
iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[]
Andrew Jeffery <andrew(a)codeconstruct.com.au>
soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled
Andrew Jeffery <andrew(a)codeconstruct.com.au>
soc: aspeed: lpc-snoop: Cleanup resources in stack-order
Judith Mendez <jm(a)ti.com>
mmc: sdhci_am654: Workaround for Errata i2312
Edson Juliano Drosdeck <edson.drosdeck(a)gmail.com>
mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models
Thomas Fourier <fourier.thomas(a)gmail.com>
mmc: bcm2835: Fix dma_unmap_sg() nents value
Nathan Chancellor <nathan(a)kernel.org>
memstick: core: Zero initialize id_reg in h_memstick_read_dev_id()
Jan Kara <jack(a)suse.cz>
isofs: Verify inode mode when loading from disk
Dan Carpenter <dan.carpenter(a)linaro.org>
dmaengine: nbpfaxi: Fix memory corruption in probe()
Yun Lu <luyun(a)kylinos.cn>
af_packet: fix soft lockup issue caused by tpacket_snd()
Yun Lu <luyun(a)kylinos.cn>
af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd()
Nathan Chancellor <nathan(a)kernel.org>
phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in pep_sock_accept()
Benjamin Tissoires <bentiss(a)kernel.org>
HID: core: do not bypass hid_hw_raw_request
Benjamin Tissoires <bentiss(a)kernel.org>
HID: core: ensure __hid_request reserves the report ID as the first byte
Benjamin Tissoires <bentiss(a)kernel.org>
HID: core: ensure the allocated report buffer can contain the reserved report ID
Thomas Fourier <fourier.thomas(a)gmail.com>
pch_uart: Fix dma_sync_sg_for_device() nents value
Nilton Perim Neto <niltonperimneto(a)gmail.com>
Input: xpad - set correct controller type for Acer NGR200
Clément Le Goffic <clement.legoffic(a)foss.st.com>
i2c: stm32: fix the device used for the DMA map
Xinyu Liu <1171169449(a)qq.com>
usb: gadget: configfs: Fix OOB read on empty string write
Ryan Mann (NDI) <rmann(a)ndigital.com>
USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI
Slark Xiao <slark_xiao(a)163.com>
USB: serial: option: add Foxconn T99W640
Fabio Porcedda <fabio.porcedda(a)gmail.com>
USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition
-------------
Diffstat:
Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 +-
Makefile | 7 +-
arch/arm/Makefile | 2 +-
arch/arm/boot/dts/imx6ul-kontron-n6310-s.dts | 1 -
arch/arm/boot/dts/vfxxx.dtsi | 2 +-
arch/arm/mach-rockchip/platsmp.c | 15 +-
arch/arm/mach-tegra/reset.c | 2 +-
arch/arm64/include/asm/acpi.h | 2 +-
arch/m68k/Kconfig.debug | 2 +-
arch/m68k/kernel/early_printk.c | 42 +--
arch/m68k/kernel/head.S | 39 ++-
arch/mips/Makefile | 2 +-
arch/mips/include/asm/vpe.h | 8 +
arch/mips/kernel/process.c | 16 +-
arch/mips/mm/tlb-r4k.c | 56 +++-
arch/parisc/Makefile | 2 +-
arch/powerpc/configs/ppc6xx_defconfig | 1 -
arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 +-
arch/s390/hypfs/hypfs_dbfs.c | 19 +-
arch/s390/include/asm/timex.h | 13 +-
arch/s390/kernel/time.c | 2 +-
arch/x86/kernel/cpu/mce/amd.c | 13 +-
arch/x86/mm/extable.c | 5 +-
drivers/acpi/acpi_processor.c | 2 +-
drivers/acpi/apei/ghes.c | 2 +
drivers/acpi/processor_idle.c | 4 +-
drivers/acpi/processor_perflib.c | 11 +
drivers/ata/Kconfig | 35 ++-
drivers/ata/libata-scsi.c | 20 +-
drivers/base/power/domain_governor.c | 18 +-
drivers/base/power/runtime.c | 5 +
drivers/block/drbd/drbd_receiver.c | 6 +-
drivers/block/sunvdc.c | 4 +-
drivers/char/hw_random/mtk-rng.c | 4 +-
drivers/char/ipmi/ipmi_msghandler.c | 8 +-
drivers/char/ipmi/ipmi_watchdog.c | 59 +++--
drivers/clk/davinci/psc.c | 5 +
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3 +-
drivers/cpufreq/armada-8k-cpufreq.c | 2 +-
drivers/cpufreq/cpufreq.c | 11 +-
drivers/crypto/ccp/ccp-debugfs.c | 3 +
drivers/crypto/img-hash.c | 2 +-
drivers/crypto/marvell/cipher.c | 4 +-
drivers/crypto/marvell/hash.c | 5 +-
.../crypto/qat/qat_common/adf_transport_debug.c | 4 +-
drivers/dma/mv_xor.c | 21 +-
drivers/dma/nbpfaxi.c | 24 +-
drivers/fpga/zynq-fpga.c | 10 +-
drivers/gpio/gpio-tps65912.c | 7 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +-
.../gpu/drm/amd/display/dc/bios/command_table.c | 2 +-
.../amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 30 ++-
drivers/gpu/drm/amd/powerplay/hwmgr/smu_helper.c | 2 +-
drivers/gpu/drm/drm_dp_helper.c | 2 +-
drivers/gpu/drm/scheduler/sched_entity.c | 23 +-
drivers/hid/hid-core.c | 21 +-
drivers/i2c/busses/i2c-qup.c | 4 +-
drivers/i2c/busses/i2c-stm32.c | 8 +-
drivers/i2c/busses/i2c-stm32f7.c | 4 +-
drivers/i3c/internals.h | 1 +
drivers/i3c/master.c | 2 +-
drivers/iio/adc/max1363.c | 43 ++-
drivers/iio/adc/stm32-adc-core.c | 7 +-
drivers/iio/light/hid-sensor-prox.c | 3 +-
drivers/iio/proximity/isl29501.c | 14 +-
drivers/infiniband/core/cache.c | 4 +-
drivers/infiniband/hw/hfi1/affinity.c | 44 +--
drivers/input/joystick/xpad.c | 2 +-
drivers/media/dvb-frontends/dib7000p.c | 8 +
drivers/media/i2c/ov2659.c | 3 +-
drivers/media/i2c/tc358743.c | 86 +++---
drivers/media/platform/qcom/camss/camss.c | 4 +-
drivers/media/platform/qcom/venus/core.c | 8 +-
drivers/media/platform/qcom/venus/core.h | 2 +
drivers/media/platform/qcom/venus/hfi_venus.c | 5 +
drivers/media/platform/qcom/venus/vdec.c | 5 +-
drivers/media/usb/gspca/vicam.c | 10 +-
drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 +
drivers/media/usb/rainshadow-cec/rainshadow-cec.c | 3 +-
drivers/media/usb/usbtv/usbtv-video.c | 4 +
drivers/media/usb/uvc/uvc_driver.c | 3 +
drivers/media/usb/uvc/uvc_video.c | 21 +-
drivers/media/v4l2-core/v4l2-ctrls.c | 37 ++-
drivers/memstick/core/memstick.c | 3 +-
drivers/memstick/host/rtsx_usb_ms.c | 1 +
drivers/misc/cardreader/rtsx_usb.c | 16 +-
drivers/mmc/host/bcm2835.c | 3 +-
drivers/mmc/host/rtsx_usb_sdmmc.c | 4 +-
drivers/mmc/host/sdhci-pci-core.c | 3 +-
drivers/mmc/host/sdhci_am654.c | 9 +-
drivers/mtd/ftl.c | 2 +-
drivers/mtd/nand/raw/atmel/nand-controller.c | 2 +-
drivers/mtd/nand/raw/atmel/pmecc.c | 6 +
drivers/mtd/nand/raw/fsmc_nand.c | 2 +
drivers/net/can/kvaser_pciefd.c | 1 +
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1 +
drivers/net/dsa/b53/b53_common.c | 31 ++-
drivers/net/dsa/b53/b53_regs.h | 1 +
drivers/net/ethernet/agere/et131x.c | 36 +++
drivers/net/ethernet/atheros/ag71xx.c | 9 +
drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 +-
drivers/net/ethernet/emulex/benet/be_cmds.c | 2 +-
drivers/net/ethernet/emulex/benet/be_main.c | 8 +-
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 +-
drivers/net/ethernet/freescale/fec_main.c | 34 ++-
drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 +-
drivers/net/ethernet/intel/fm10k/fm10k.h | 3 +-
drivers/net/ethernet/intel/i40e/i40e.h | 2 +-
drivers/net/ethernet/intel/ice/ice_flex_pipe.c | 2 +
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3 +-
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 +-
drivers/net/ethernet/xilinx/xilinx_emaclite.c | 2 +-
drivers/net/phy/smsc.c | 1 +
drivers/net/ppp/pptp.c | 18 +-
drivers/net/usb/sierra_net.c | 4 +
drivers/net/usb/usbnet.c | 11 +-
drivers/net/virtio_net.c | 38 ++-
drivers/net/vrf.c | 2 +
.../broadcom/brcm80211/brcmfmac/cfg80211.c | 8 +-
.../broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 +-
drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 +-
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11 +-
drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 +-
drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 +-
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4 +-
drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 +-
drivers/net/wireless/marvell/mwl8k.c | 4 +
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3 +-
.../net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2 +-
drivers/net/wireless/realtek/rtlwifi/pci.c | 18 +-
drivers/pci/controller/pcie-rockchip-host.c | 2 +-
drivers/pci/endpoint/pci-ep-cfs.c | 1 +
drivers/pci/endpoint/pci-epf-core.c | 2 +-
drivers/pci/hotplug/pnv_php.c | 90 +++++--
drivers/pci/pci-acpi.c | 4 +-
drivers/pci/pci.c | 8 +-
drivers/pci/probe.c | 2 +-
drivers/pinctrl/stm32/pinctrl-stm32.c | 1 +
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11 +-
drivers/platform/x86/thinkpad_acpi.c | 4 +-
drivers/power/supply/bq24190_charger.c | 60 ++---
drivers/power/supply/max14577_charger.c | 4 +-
drivers/pps/pps.c | 11 +-
drivers/pwm/pwm-imx-tpm.c | 9 +
drivers/pwm/pwm-mediatek.c | 78 ++++--
drivers/regulator/core.c | 1 +
drivers/rtc/rtc-ds1307.c | 17 +-
drivers/rtc/rtc-hym8563.c | 2 +-
drivers/rtc/rtc-pcf8563.c | 2 +-
drivers/scsi/aacraid/comminit.c | 3 +-
drivers/scsi/bfa/bfad_im.c | 1 +
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6 +-
drivers/scsi/isci/request.c | 2 +-
drivers/scsi/libiscsi.c | 3 +-
drivers/scsi/lpfc/lpfc_debugfs.c | 1 -
drivers/scsi/lpfc/lpfc_scsi.c | 4 +
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19 ++
drivers/scsi/mvsas/mv_sas.c | 4 +-
drivers/scsi/qla4xxx/ql4_os.c | 2 +
drivers/scsi/scsi_scan.c | 2 +-
drivers/scsi/scsi_transport_sas.c | 62 ++++-
drivers/soc/aspeed/aspeed-lpc-snoop.c | 13 +-
drivers/soc/qcom/mdt_loader.c | 41 +++
drivers/soc/tegra/pmc.c | 51 ++--
drivers/soundwire/stream.c | 2 +-
drivers/staging/comedi/comedi_compat32.c | 3 +
drivers/staging/comedi/comedi_fops.c | 60 ++++-
drivers/staging/comedi/comedi_internal.h | 1 +
drivers/staging/comedi/drivers.c | 30 ++-
drivers/staging/comedi/drivers/aio_iiro_16.c | 3 +-
drivers/staging/comedi/drivers/comedi_test.c | 2 +-
drivers/staging/comedi/drivers/das16m1.c | 3 +-
drivers/staging/comedi/drivers/das6402.c | 3 +-
drivers/staging/comedi/drivers/pcl812.c | 3 +-
drivers/staging/fbtft/fbtft-core.c | 1 +
drivers/staging/media/imx/imx-media-csc-scaler.c | 2 +-
drivers/staging/nvec/nvec_power.c | 2 +-
drivers/thermal/thermal_sysfs.c | 9 +-
drivers/thunderbolt/domain.c | 2 +-
drivers/tty/serial/8250/8250_port.c | 3 +-
drivers/tty/serial/pch_uart.c | 2 +-
drivers/tty/vt/defkeymap.c_shipped | 112 ++++++++
drivers/tty/vt/keyboard.c | 2 +-
drivers/usb/atm/cxacru.c | 172 ++++++------
drivers/usb/chipidea/ci.h | 18 +-
drivers/usb/chipidea/udc.c | 89 ++++---
drivers/usb/class/cdc-acm.c | 13 +-
drivers/usb/core/hub.c | 67 ++++-
drivers/usb/core/quirks.c | 1 +
drivers/usb/core/urb.c | 2 +-
drivers/usb/dwc3/dwc3-meson-g12a.c | 3 +
drivers/usb/dwc3/dwc3-qcom.c | 8 +-
drivers/usb/dwc3/gadget.c | 9 +
drivers/usb/early/xhci-dbc.c | 4 +
drivers/usb/gadget/composite.c | 5 +
drivers/usb/gadget/configfs.c | 2 +
drivers/usb/gadget/udc/renesas_usb3.c | 1 +
drivers/usb/host/xhci-hub.c | 3 +-
drivers/usb/host/xhci-mem.c | 24 +-
drivers/usb/host/xhci-plat.c | 3 +-
drivers/usb/host/xhci-ring.c | 19 +-
drivers/usb/host/xhci.c | 24 +-
drivers/usb/host/xhci.h | 3 +-
drivers/usb/musb/musb_gadget.c | 2 +
drivers/usb/musb/omap2430.c | 10 +-
drivers/usb/phy/phy-mxs-usb.c | 4 +-
drivers/usb/serial/ftdi_sio.c | 2 +
drivers/usb/serial/ftdi_sio_ids.h | 3 +
drivers/usb/serial/option.c | 7 +
drivers/usb/storage/realtek_cr.c | 2 +-
drivers/usb/storage/unusual_devs.h | 29 ++
drivers/usb/typec/tcpm/fusb302.c | 8 +
drivers/vhost/vhost.c | 3 +
drivers/video/console/vgacon.c | 2 +-
drivers/video/fbdev/imxfb.c | 9 +-
drivers/watchdog/dw_wdt.c | 2 +
drivers/watchdog/ziirave_wdt.c | 3 +
fs/btrfs/tree-log.c | 53 ++--
fs/buffer.c | 2 +-
fs/cifs/cifsglob.h | 1 +
fs/cifs/cifssmb.c | 10 +
fs/cifs/smbdirect.c | 14 +-
fs/cifs/transport.c | 34 ++-
fs/ext4/fsmap.c | 23 +-
fs/ext4/inline.c | 19 +-
fs/ext4/inode.c | 2 +-
fs/f2fs/f2fs.h | 2 +-
fs/f2fs/inode.c | 28 +-
fs/f2fs/node.c | 10 +
fs/file.c | 81 +++---
fs/hfs/bnode.c | 93 +++++++
fs/hfsplus/bnode.c | 92 +++++++
fs/hfsplus/extents.c | 3 -
fs/hfsplus/unicode.c | 7 +
fs/hfsplus/xattr.c | 6 +-
fs/hugetlbfs/inode.c | 2 +-
fs/isofs/inode.c | 9 +-
fs/jbd2/checkpoint.c | 1 +
fs/jfs/file.c | 3 +
fs/jfs/inode.c | 2 +-
fs/jfs/jfs_dmap.c | 10 +-
fs/namespace.c | 89 ++++++-
fs/nfs/blocklayout/blocklayout.c | 4 +-
fs/nfs/blocklayout/dev.c | 5 +-
fs/nfs/blocklayout/extent_tree.c | 20 +-
fs/nfs/client.c | 44 ++-
fs/nfs/direct.c | 13 +-
fs/nfs/export.c | 11 +-
fs/nfs/inode.c | 6 +-
fs/nfs/internal.h | 1 +
fs/nfs/nfs4client.c | 13 +-
fs/nfs/nfs4proc.c | 35 +--
fs/nfs/pnfs.c | 11 +-
fs/nfs/write.c | 11 +-
fs/nfsd/nfs4state.c | 34 ++-
fs/nilfs2/inode.c | 9 +-
fs/orangefs/orangefs-debugfs.c | 8 +-
fs/squashfs/super.c | 14 +-
fs/udf/super.c | 13 +-
include/linux/fs.h | 4 +-
include/linux/if_vlan.h | 6 +-
include/linux/mm.h | 26 +-
include/linux/moduleparam.h | 5 +-
include/linux/nfs_fs.h | 2 +
include/linux/pci.h | 1 +
include/linux/pps_kernel.h | 1 +
include/linux/skbuff.h | 31 ++-
include/linux/usb/chipidea.h | 1 +
include/linux/usb/usbnet.h | 1 +
include/net/act_api.h | 25 ++
include/net/cfg80211.h | 2 +-
include/net/sch_generic.h | 13 -
include/net/udp.h | 24 +-
include/uapi/linux/in6.h | 4 +-
include/uapi/linux/io_uring.h | 2 +-
include/uapi/linux/mount.h | 3 +-
kernel/events/core.c | 20 +-
kernel/fork.c | 2 +-
kernel/power/console.c | 7 +-
kernel/rcu/tree_plugin.h | 3 +
kernel/trace/ftrace.c | 19 +-
kernel/trace/trace_events.c | 5 +
mm/filemap.c | 2 +-
mm/hmm.c | 2 +-
mm/kmemleak.c | 120 +++++----
mm/madvise.c | 2 +-
mm/mmap.c | 26 +-
mm/shmem.c | 2 +-
mm/zsmalloc.c | 6 +-
net/8021q/vlan.c | 42 ++-
net/8021q/vlan.h | 1 +
net/appletalk/aarp.c | 42 ++-
net/appletalk/ddp.c | 7 +-
net/bluetooth/hci_sysfs.c | 15 +-
net/bluetooth/l2cap_core.c | 26 +-
net/bluetooth/l2cap_sock.c | 3 +
net/bluetooth/smp.c | 21 +-
net/bluetooth/smp.h | 1 +
net/caif/cfctrl.c | 294 ++++++++++-----------
net/core/filter.c | 3 +
net/core/netpoll.c | 7 +
net/ipv4/route.c | 1 -
net/ipv4/tcp_input.c | 3 +-
net/ipv4/udp_offload.c | 2 +-
net/ipv6/ip6_offload.c | 4 +-
net/ipv6/seg6_hmac.c | 3 +
net/mac80211/tx.c | 1 +
net/ncsi/internal.h | 2 +-
net/ncsi/ncsi-rsp.c | 1 +
net/netfilter/nf_conntrack_netlink.c | 24 +-
net/netfilter/nf_tables_api.c | 4 +-
net/netfilter/xt_nfacct.c | 4 +-
net/netlink/af_netlink.c | 2 +-
net/packet/af_packet.c | 39 ++-
net/phonet/pep.c | 2 +-
net/sched/act_api.c | 14 +
net/sched/act_csum.c | 4 +-
net/sched/act_ct.c | 10 +-
net/sched/act_gact.c | 14 +-
net/sched/act_mirred.c | 55 ++--
net/sched/act_police.c | 5 +-
net/sched/act_tunnel_key.c | 2 +-
net/sched/act_vlan.c | 9 +-
net/sched/sch_cake.c | 14 +-
net/sched/sch_codel.c | 5 +-
net/sched/sch_drr.c | 7 +-
net/sched/sch_fq_codel.c | 6 +-
net/sched/sch_hfsc.c | 8 +-
net/sched/sch_htb.c | 6 +-
net/sched/sch_netem.c | 40 +++
net/sched/sch_qfq.c | 40 ++-
net/sched/sch_sfq.c | 116 +++++---
net/sctp/input.c | 2 +-
net/tls/tls_sw.c | 13 +
net/vmw_vsock/af_vsock.c | 3 +-
net/wireless/mlme.c | 3 +-
samples/mei/mei-amt-version.c | 2 +-
scripts/Kbuild.include | 8 +-
scripts/kconfig/gconf.c | 8 +-
scripts/kconfig/lxdialog/inputbox.c | 6 +-
scripts/kconfig/lxdialog/menubox.c | 2 +-
scripts/kconfig/nconf.c | 2 +
scripts/kconfig/nconf.gui.c | 1 +
security/inode.c | 2 -
sound/pci/hda/patch_ca0132.c | 2 +-
sound/pci/hda/patch_hdmi.c | 19 ++
sound/pci/intel8x0.c | 2 +-
sound/soc/codecs/hdac_hdmi.c | 10 +-
sound/soc/codecs/rt5640.c | 5 +
sound/soc/fsl/fsl_sai.c | 14 +-
sound/soc/intel/boards/Kconfig | 2 +-
sound/soc/soc-dapm.c | 4 +
sound/soc/soc-ops.c | 28 +-
sound/usb/mixer_quirks.c | 14 +-
sound/usb/mixer_scarlett_gen2.c | 9 +
sound/usb/stream.c | 25 +-
sound/usb/validate.c | 14 +-
tools/bpf/bpftool/net.c | 15 +-
tools/perf/tests/bp_account.c | 1 +
.../cpupower/utils/idle_monitor/mperf_monitor.c | 4 +-
tools/testing/ktest/ktest.pl | 5 +-
.../ftrace/test.d/ftrace/func-filter-glob.tc | 2 +-
tools/testing/selftests/futex/include/futextest.h | 11 +
.../testing/selftests/net/forwarding/tc_actions.sh | 72 ++++-
tools/testing/selftests/net/rtnetlink.sh | 6 +
365 files changed, 3553 insertions(+), 1524 deletions(-)
2 weeks, 5 days
- 5
- 4
[PATCH 6.6 000/587] 6.6.103-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 6.6.103 release.
There are 587 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 28 Aug 2025 11:08:24 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.103-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 6.6.103-rc1
Florian Westphal <fw(a)strlen.de>
netfilter: nf_reject: don't leak dst refcount for loopback packets
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Enable limited access during lockdown
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
Armen Ratner <armeng(a)nvidia.com>
net/mlx5e: Preserve shared buffer capacity during headroom updates
Daniel Jurgens <danielj(a)nvidia.com>
net/mlx5: Base ECVF devlink port attrs from 0
Hariprasad Kelam <hkelam(a)marvell.com>
Octeontx2-af: Skip overlap check for SPI field
Hangbin Liu <liuhangbin(a)gmail.com>
bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU
Aahil Awatramani <aahila(a)google.com>
bonding: Add independent control state machine
Hangbin Liu <liuhangbin(a)gmail.com>
bonding: update LACP activity flag after setting lacp_active
William Liu <will(a)willsroot.io>
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
William Liu <will(a)willsroot.io>
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
ValdikSS <iam(a)valdikss.org.ru>
igc: fix disabling L1.2 PCI-E link substate on I226 on init
Jason Xing <kernelxing(a)tencent.com>
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Kanglong Wang <wangkanglong(a)loongson.cn>
LoongArch: Optimize module load time by optimizing PLT/GOT counting
D. Wythe <alibuda(a)linux.alibaba.com>
net/smc: fix UAF on smcsk after smc_listen_out()
Jordan Rhee <jordanrhee(a)google.com>
gve: prevent ethtool ops after shutdown
Yuichiro Tsuji <yuichtsu(a)amazon.com>
net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization
Horatiu Vultur <horatiu.vultur(a)microchip.com>
phy: mscc: Fix timestamping for vsc8584
Qingfang Deng <dqfext(a)gmail.com>
ppp: fix race conditions in ppp_fill_forward_path
Qingfang Deng <dqfext(a)gmail.com>
net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path
Minhong He <heminhong(a)kylinos.cn>
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Jakub Ramaseuski <jramaseu(a)redhat.com>
net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM
Chenyuan Yang <chenyuan0y(a)gmail.com>
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
Dan Carpenter <dan.carpenter(a)linaro.org>
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Baihan Li <libaihan(a)huawei.com>
drm/hisilicon/hibmc: fix the hibmc loaded failed bug
Ido Schimmel <idosch(a)nvidia.com>
mlxsw: spectrum: Forward packets with an IPv4 link-local source IP
Sergey Shtylyov <s.shtylyov(a)omp.ru>
Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync()
Pauli Virtanen <pav(a)iki.fi>
Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established
Kees Cook <kees(a)kernel.org>
iommu/amd: Avoid stack buffer overflow from kernel cmdline
Dan Carpenter <dan.carpenter(a)linaro.org>
scsi: qla4xxx: Prevent a potential error pointer dereference
Wang Liang <wangliang74(a)huawei.com>
net: bridge: fix soft lockup in br_multicast_query_expired()
Anantha Prabhu <anantha.prabhu(a)broadcom.com>
RDMA/bnxt_re: Fix to initialize the PBL array
Kashyap Desai <kashyap.desai(a)broadcom.com>
RDMA/bnxt_re: Fix to remove workload check in SRQ limit path
Kashyap Desai <kashyap.desai(a)broadcom.com>
RDMA/bnxt_re: Fix to do SRQ armena by default
Boshi Yu <boshiyu(a)linux.alibaba.com>
RDMA/erdma: Fix ignored return value of init_kernel_qp
Nitin Gote <nitin.r.gote(a)intel.com>
iosys-map: Fix undefined behavior in iosys_map_clear()
Waiman Long <longman(a)redhat.com>
cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key
Fanhua Li <lifanhua5(a)huawei.com>
drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor().
Stefan Wahren <wahrenst(a)gmx.net>
spi: spi-fsl-lpspi: Clamp too high speed_hz
Tianxiang Peng <txpeng(a)tencent.com>
x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper
Amit Sunil Dhamne <amitsd(a)google.com>
usb: typec: maxim_contaminant: disable low power mode when reading comparator values
Amit Sunil Dhamne <amitsd(a)google.com>
usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean
Weitao Wang <WeitaoWang-oc(a)zhaoxin.com>
usb: xhci: Fix slot_id resource race conflict
Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com>
iio: imu: inv_icm42600: change invalid data error to -EBUSY
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
iio: imu: inv_icm42600: Convert to uXX and sXX integer types
David Lechner <dlechner(a)baylibre.com>
iio: imu: inv_icm42600: use = { } instead of memset()
Jonathan Cameron <Jonathan.Cameron(a)huawei.com>
iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64
David Lechner <dlechner(a)baylibre.com>
iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read()
Jonathan Cameron <Jonathan.Cameron(a)huawei.com>
iio: light: as73211: Ensure buffer holes are zeroed
Pu Lehui <pulehui(a)huawei.com>
tracing: Limit access to parser->buffer when trace_get_user failed
Steven Rostedt <rostedt(a)goodmis.org>
tracing: Remove unneeded goto out logic
Jakub Kicinski <kuba(a)kernel.org>
tls: fix handling of zero-length records on the rx_list
Michal Suchanek <msuchanek(a)suse.de>
powerpc/boot: Fix build with gcc 15
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER
Jan Beulich <jbeulich(a)suse.com>
compiler: remove __ADDRESSABLE_ASM{_STR,}() again
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Don't overclock DCE 6 by 15%
Heikki Krogerus <heikki.krogerus(a)linux.intel.com>
usb: dwc3: pci: add support for the Intel Wildcat Lake
Selvarasu Ganesan <selvarasu.g(a)samsung.com>
usb: dwc3: Remove WARN_ON for device endpoint command timeouts
Kuen-Han Tsai <khtsai(a)google.com>
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Zenm Chen <zenmchen(a)gmail.com>
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Thorsten Blum <thorsten.blum(a)linux.dev>
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Mael GUERIN <mael.guerin(a)murena.io>
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Marek Vasut <marek.vasut+renesas(a)mailbox.org>
usb: renesas-xhci: Fix External ROM access timeouts
Xu Yang <xu.yang_2(a)nxp.com>
usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()
Edward Adam Davis <eadavis(a)qq.com>
comedi: pcl726: Prevent invalid irq number
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Make insn_rw_emulate_bits() do insn->n samples
Miao Li <limiao(a)kylinos.cn>
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
Thorsten Blum <thorsten.blum(a)linux.dev>
cdx: Fix off-by-one error in cdx_rpmsg_probe()
Miaoqian Lin <linmq006(a)gmail.com>
most: core: Drop device reference after usage in get_channel()
David Lechner <dlechner(a)baylibre.com>
iio: proximity: isl29501: fix buffered read on big-endian systems
Salah Triki <salah.triki(a)gmail.com>
iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe()
Steven Rostedt <rostedt(a)goodmis.org>
ftrace: Also allocate and copy hash for reading of filter files
Xu Yilun <yilun.xu(a)linux.intel.com>
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Imre Deak <imre.deak(a)intel.com>
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
cpuidle: governors: menu: Avoid selecting states with too much latency
Christian Loehle <christian.loehle(a)arm.com>
cpuidle: menu: Remove iowait influence
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: Add a new function to simplify the code
Bjorn Helgaas <bhelgaas(a)google.com>
mmc: sdhci-pci-gli: Use PCI AER definitions, not hard-coded values
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
selftests: mptcp: pm: check flush doesn't reset limits
Geliang Tang <tanggeliang(a)kylinos.cn>
mptcp: disable add_addr retransmission when timeout is 0
Geliang Tang <tanggeliang(a)kylinos.cn>
mptcp: remove duplicate sk_reset_timer call
Al Viro <viro(a)zeniv.linux.org.uk>
use uniform permission checks for all mount propagation changes
Ye Bin <yebin10(a)huawei.com>
fs/buffer: fix use-after-free when call bh_read() helper
Stefan Metzmacher <metze(a)samba.org>
smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy()
Judith Mendez <jm(a)ti.com>
arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support
Baokun Li <libaokun1(a)huawei.com>
ext4: preserve SB_I_VERSION on remount
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers
André Draszik <andre.draszik(a)linaro.org>
scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE
Richard Zhu <hongxing.zhu(a)nxp.com>
PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features
Richard Zhu <hongxing.zhu(a)nxp.com>
PCI: imx6: Delay link start until configfs 'start' written
Geraldo Nascimento <geraldogabriel(a)gmail.com>
PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining
Geraldo Nascimento <geraldogabriel(a)gmail.com>
PCI: rockchip: Use standard PCIe definitions
Dan Carpenter <dan.carpenter(a)linaro.org>
soc: qcom: mdt_loader: Fix error return values in mdt_header_valid()
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix DP audio DTO1 clock source on DCE 6.
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd/display: Avoid a NULL pointer dereference
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/sclp: Fix SCCB present check
Evgeniy Harchenko <evgeniyharchenko.dev(a)gmail.com>
ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6
Jinjiang Tu <tujinjiang(a)huawei.com>
mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
Herton R. Krzesinski <herton(a)redhat.com>
mm/debug_vm_pgtable: clear page table entries at destroy_args()
Phillip Lougher <phillip(a)squashfs.org.uk>
squashfs: fix memory leak in squashfs_fill_super
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency
Jiayi Li <lijiayi(a)kylinos.cn>
memstick: Fix deadlock by moving removing flag earlier
Will Deacon <will(a)kernel.org>
KVM: arm64: Fix kernel BUG() due to bad backport of FPSIMD/SVE/SME fix
Vincent Guittot <vincent.guittot(a)linaro.org>
sched/fair: Fix frequency selection for non-invariant case
Vincent Guittot <vincent.guittot(a)linaro.org>
topology: Set capacity_freq_ref in all cases
Vincent Guittot <vincent.guittot(a)linaro.org>
arm64/amu: Use capacity_ref_freq() to set AMU ratio
Vincent Guittot <vincent.guittot(a)linaro.org>
cpufreq/cppc: Set the frequency used for computing the capacity
Vincent Guittot <vincent.guittot(a)linaro.org>
energy_model: Use a fixed reference frequency
Vincent Guittot <vincent.guittot(a)linaro.org>
cpufreq/schedutil: Use a fixed reference frequency
Vincent Guittot <vincent.guittot(a)linaro.org>
cpufreq: Use the fixed and coherent frequency for scaling capacity
Vincent Guittot <vincent.guittot(a)linaro.org>
sched/topology: Add a new arch_scale_freq_ref() method
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
kbuild: userprogs: use correct linker when mixing clang and GNU ld
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-scsi: Return aborted command when missing sense and result TF
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
PM: runtime: Take active children into account in pm_runtime_get_if_in_use()
Sakari Ailus <sakari.ailus(a)linux.intel.com>
PM: runtime: Simplify pm_runtime_get_if_active() usage
Damien Le Moal <dlemoal(a)kernel.org>
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
Johan Hovold <johan(a)kernel.org>
usb: dwc3: imx8mp: fix device leak at unbind
Anshuman Khandual <anshuman.khandual(a)arm.com>
mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd()
Mikhail Lobanov <m.lobanov(a)rosa.ru>
wifi: mac80211: check basic rates validity in sta_link_apply_parameters
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer
Gerald Schaefer <gerald.schaefer(a)linux.ibm.com>
s390/mm: Remove possible false-positive warning in pte_free_defer()
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: make fs_path_len() inline and constify its argument
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: use fallocate for hole punching with send stream v2
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: avoid path allocation for the current inode when issuing commands
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: keep the current inode's path cached
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: add and use helper to rename current inode when processing refs
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: only use boolean variables at process_recorded_refs()
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: factor out common logic when sending xattrs
Qu Wenruo <wqu(a)suse.com>
btrfs: populate otime when logging an inode item
David Sterba <dsterba(a)suse.com>
btrfs: constify more pointer parameters
Boris Burkov <boris(a)bur.io>
btrfs: fix ssd_spread overallocation
David Sterba <dsterba(a)suse.com>
btrfs: open code timespec64 in struct btrfs_inode
Christoph Hellwig <hch(a)lst.de>
xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags
Filipe Manana <fdmanana(a)suse.com>
btrfs: abort transaction on unexpected eb generation at btrfs_copy_root()
Filipe Manana <fdmanana(a)suse.com>
btrfs: always abort transaction on failure to add block group to free space tree
David Sterba <dsterba(a)suse.com>
btrfs: move transaction aborts to the error site in add_block_group_free_space()
Filipe Manana <fdmanana(a)suse.com>
btrfs: qgroup: fix race between quota disable and quota rescan ioctl
Filipe Manana <fdmanana(a)suse.com>
btrfs: don't ignore inode missing when replaying log tree
Sebastian Reichel <sebastian.reichel(a)collabora.com>
usb: typec: fusb302: cache PD RX state
Lukas Wunner <lukas(a)wunner.de>
PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports
Damien Le Moal <dlemoal(a)kernel.org>
block: Make REQ_OP_ZONE_FINISH a write operation
Christoph Hellwig <hch(a)lst.de>
block: reject invalid operation in submit_bio_noacct
Eric Biggers <ebiggers(a)kernel.org>
fscrypt: Don't use problematic non-inline crypto engines
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
leds: flash: leds-qcom-flash: Fix registry access after re-bind
Fenglin Wu <quic_fenglinw(a)quicinc.com>
leds: flash: leds-qcom-flash: Limit LED current based on thermal condition
Davide Caratti <dcaratti(a)redhat.com>
net/sched: ets: use old 'nbands' while purging unused classes
Eric Dumazet <edumazet(a)google.com>
net_sched: sch_ets: implement lockless ets_dump()
Wang Zhaolong <wangzhaolong(a)huaweicloud.com>
smb: client: fix netns refcount leak after net_passive changes
Eric Dumazet <edumazet(a)google.com>
net: better track kernel sockets lifetime
Kuniyuki Iwashima <kuniyu(a)amazon.com>
net: Add net_passive_inc() and net_passive_dec().
Isaac J. Manjarres <isaacmanjarres(a)google.com>
selftests/memfd: add test for mapping write-sealed memfd read-only
Isaac J. Manjarres <isaacmanjarres(a)google.com>
mm: reinstate ability to map write-sealed memfd mappings read-only
Isaac J. Manjarres <isaacmanjarres(a)google.com>
mm: update memfd seal write check to include F_SEAL_WRITE
Isaac J. Manjarres <isaacmanjarres(a)google.com>
mm: drop the assumption that VM_SHARED always implies writable
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
mptcp: pm: kernel: flush: do not reset ADD_ADDR limit
Christoph Paasch <cpaasch(a)openai.com>
mptcp: drop skb if MPTCP skb extension allocation fails
Chen Yu <yu.c.chen(a)intel.com>
ACPI: pfr_update: Fix the driver update version check
Eric Biggers <ebiggers(a)kernel.org>
ipv6: sr: Fix MAC comparison to be constant-time
Jakub Acs <acsjakub(a)amazon.de>
net, hsr: reject HSR frame if skb can't hold tag
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Don't overwrite dce60_clk_mgr
Michel Dänzer <mdaenzer(a)redhat.com>
drm/amd/display: Add primary plane to commits for correct VRR handling
Amber Lin <Amber.Lin(a)amd.com>
drm/amdkfd: Destroy KFD debugfs after destroy KFD wq
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu: update mmhub 3.0.1 client id mappings
Gang Ba <Gang.Ba(a)amd.com>
drm/amdgpu: Avoid extra evict-restore process.
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd: Restore cached power limit during resume
Ricardo Ribalda <ribalda(a)chromium.org>
media: venus: venc: Clamp param smaller than 1fps and bigger than 240
Ricardo Ribalda <ribalda(a)chromium.org>
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: protect against spurious interrupts during probe
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: hfi: explicitly release IRQ during teardown
Vedang Nagar <quic_vnagar(a)quicinc.com>
media: venus: Add a check for packet size after reading from shared memory
Vladimir Zapolskiy <vladimir.zapolskiy(a)linaro.org>
media: qcom: camss: cleanup media device allocated resource on error path
Hans de Goede <hansg(a)kernel.org>
media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls
Zhang Shurong <zhang_shurong(a)foxmail.com>
media: ov2659: Fix memory leaks in ov2659_probe()
Gui-Dong Han <hanguidong02(a)gmail.com>
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Ludwig Disterhof <ludwig(a)disterhof.eu>
media: usbtv: Lock resolution while streaming
Sakari Ailus <sakari.ailus(a)linux.intel.com>
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Nicolas Dufresne <nicolas.dufresne(a)collabora.com>
media: verisilicon: Fix AV1 decoder clock frequency
Hans Verkuil <hverkuil(a)xs4all.nl>
media: vivid: fix wrong pixel_array control size
Haoxiang Li <haoxiang_li2024(a)163.com>
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
Bingbu Cao <bingbu.cao(a)intel.com>
media: hi556: correct the test pattern configuration
Dan Carpenter <dan.carpenter(a)linaro.org>
media: gspca: Add bounds checking to firmware parser
John David Anglin <dave.anglin(a)bell.net>
parisc: Update comments in make_insert_tlb
John David Anglin <dave.anglin(a)bell.net>
parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault()
John David Anglin <dave.anglin(a)bell.net>
parisc: Revise gateway LWS calls to probe user read access
John David Anglin <dave.anglin(a)bell.net>
parisc: Revise __get_user() to probe user read access
John David Anglin <dave.anglin(a)bell.net>
parisc: Rename pte_needs_flush() to pte_needs_cache_flush() in cache.c
Randy Dunlap <rdunlap(a)infradead.org>
parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers
John David Anglin <dave.anglin(a)bell.net>
parisc: Drop WARN_ON_ONCE() from flush_cache_vmap
John David Anglin <dave.anglin(a)bell.net>
parisc: Define and use set_pte_at()
John David Anglin <dave.anglin(a)bell.net>
parisc: Check region is readable by user in raw_copy_from_user()
Jon Hunter <jonathanh(a)nvidia.com>
soc/tegra: pmc: Ensure power-domains are in a known state
Baokun Li <libaokun1(a)huawei.com>
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in dnode page
Kathiravan Thirumoorthy <kathiravan.thirumoorthy(a)oss.qualcomm.com>
phy: qcom: phy-qcom-m31: Update IPQ5332 M31 USB phy initialization sequence
Will Deacon <will(a)kernel.org>
vhost/vsock: Avoid allocating arbitrarily-sized SKBs
Will Deacon <will(a)kernel.org>
vsock/virtio: Validate length in packet header before skb_put()
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group removal on driver teardown
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group list head handling
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: renesas: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: fsmc: Add missing check after DMA map
Gabor Juhos <j4g8y7(a)gmail.com>
mtd: spinand: propagate spinand_wait() errors from spinand_write_page()
Michael Walle <mwalle(a)kernel.org>
mtd: spi-nor: Fix spi_nor_try_unlock_all()
Tim Harvey <tharvey(a)gateworks.com>
hwmon: (gsc-hwmon) fix fan pwm setpoint show functions
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Fix duty and period setting
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Handle hardware enable and clock enable separately
Laurentiu Mihalcea <laurentiu.mihalcea(a)nxp.com>
pwm: imx-tpm: Reset counter if CMOD is 0
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix dest ring-buffer corruption when ring is full
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix source ring-buffer corruption
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix dest ring-buffer corruption
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath12k: fix dest ring-buffer corruption when ring is full
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath12k: fix source ring-buffer corruption
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath12k: fix dest ring-buffer corruption
Nathan Chancellor <nathan(a)kernel.org>
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad_sigma_delta: change to buffer predisable
David Lechner <dlechner(a)baylibre.com>
iio: imu: bno055: fix OOB access of hw_xlate array
Marek Szyprowski <m.szyprowski(a)samsung.com>
zynq_fpga: use sgtable-based scatterlist wrappers
Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com>
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Igor Pylypiv <ipylypiv(a)google.com>
ata: libata-scsi: Fix CDL control
Adrian Hunter <adrian.hunter(a)intel.com>
scsi: ufs: ufs-pci: Fix default runtime and system PM levels
Archana Patni <archana.patni(a)intel.com>
scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-scsi: Fix ata_to_sense_error() status handling
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: mpi3mr: Fix race between config read submit and interrupt completion
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints
Emanuele Ghidoli <emanuele.ghidoli(a)toradex.com>
arm64: dts: ti: k3-am62-verdin: Enable pull-ups on I2C buses
Hong Guan <hguan(a)ti.com>
arm64: dts: ti: k3-am62a7-sk: fix pinmux for main_uart1
Alexander Sverdlin <alexander.sverdlin(a)siemens.com>
arm64: dts: ti: k3-pinctrl: Enable Schmitt Trigger by default
Naohiro Aota <naohiro.aota(a)wdc.com>
btrfs: zoned: fix write time activation failure for metadata block group
Zhang Yi <yi.zhang(a)huawei.com>
ext4: fix hole length calculation overflow in non-extent inodes
Liao Yuanhong <liaoyuanhong(a)vivo.com>
ext4: use kmalloc_array() for array space allocation
Theodore Ts'o <tytso(a)mit.edu>
ext4: don't try to clear the orphan_present feature block device is r/o
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix reserved gdt blocks handling in fsmap
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix fsmap end of range reporting with bigalloc
Andreas Dilger <adilger(a)dilger.ca>
ext4: check fast symlink for ea_inode correctly
Masami Hiramatsu (Google) <mhiramat(a)kernel.org>
tracing: fprobe-event: Sanitize wildcard for fprobe event name
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: extend the connection limiting mechanism to support IPv6
Ziyan Xu <ziyan(a)securitygossip.com>
ksmbd: fix refcount leak causing resource not released
Helge Deller <deller(a)gmx.de>
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - flush misc workqueue during device shutdown
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - lower priority for skcipher and aead algorithms
Eric Biggers <ebiggers(a)kernel.org>
lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: defkeymap: Map keycodes above 127 to K_HOLE
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: keyboard: Don't process Unicode characters in K_OFF mode
Youssef Samir <quic_yabdulra(a)quicinc.com>
bus: mhi: host: Detect events pointing to unexpected TREs
Alexander Wilhelm <alexander.wilhelm(a)westermo.com>
bus: mhi: host: Fix endianness of BHI vector table
Johan Hovold <johan(a)kernel.org>
usb: dwc3: meson-g12a: fix device leaks at unbind
Johan Hovold <johan(a)kernel.org>
usb: musb: omap2430: fix device leak at unbind
Johan Hovold <johan(a)kernel.org>
usb: gadget: udc: renesas_usb3: fix device leak at unbind
Nathan Chancellor <nathan(a)kernel.org>
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
Finn Thain <fthain(a)linux-m68k.org>
m68k: Fix lost column on framebuffer debug console
Tzung-Bi Shih <tzungbi(a)kernel.org>
platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister()
Dan Carpenter <dan.carpenter(a)linaro.org>
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
Yunhui Cui <cuiyunhui(a)bytedance.com>
serial: 8250: fix panic due to PSLVERR
Frederic Weisbecker <frederic(a)kernel.org>
rcu: Fix racy re-initialization of irq_work causing hangs
Aditya Garg <gargaditya08(a)live.com>
HID: apple: avoid setting up battery timer for devices without battery
Aditya Garg <gargaditya08(a)live.com>
HID: magicmouse: avoid setting up battery timer when not needed
Pedro Falcato <pfalcato(a)suse.de>
RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages
Willy Tarreau <w(a)1wt.eu>
tools/nolibc: fix spelling of FD_SETBITMASK in FD_* macros
Ricardo Ribalda <ribalda(a)chromium.org>
media: uvcvideo: Do not mark valid metadata as invalid
Vedang Nagar <quic_vnagar(a)quicinc.com>
media: venus: Fix OOB read due to missing payload bound check
Youngjun Lee <yjjuny.lee(a)samsung.com>
media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()
Breno Leitao <leitao(a)debian.org>
mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
Waiman Long <longman(a)redhat.com>
mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup()
Randy Dunlap <rdunlap(a)infradead.org>
parisc: Makefile: fix a typo in palo.conf
Haiyang Zhang <haiyangz(a)microsoft.com>
hv_netvsc: Fix panic during namespace deletion with VF
Sravan Kumar Gundu <sravankumarlpu(a)gmail.com>
fbdev: Fix vmalloc out-of-bounds write in fast_imageblit
Qu Wenruo <wqu(a)suse.com>
btrfs: do not allow relocation of partially dropped subvolumes
Naohiro Aota <naohiro.aota(a)wdc.com>
btrfs: zoned: do not select metadata BG as finish target
Filipe Manana <fdmanana(a)suse.com>
btrfs: fix log tree replay failure due to file with 0 links and extents
Filipe Manana <fdmanana(a)suse.com>
btrfs: clear dirty status from extent buffer on error at insert_new_root()
Naohiro Aota <naohiro.aota(a)wdc.com>
btrfs: zoned: do not remove unwritten non-data block group
Filipe Manana <fdmanana(a)suse.com>
btrfs: abort transaction during log replay if walk_log_tree() failed
Johannes Thumshirn <johannes.thumshirn(a)wdc.com>
btrfs: zoned: use filesystem size not disk size for reclaim decision
Oliver Neukum <oneukum(a)suse.com>
cdc-acm: fix race between initial clearing halt and open
Eric Biggers <ebiggers(a)kernel.org>
thunderbolt: Fix copy+paste error in match_service_id()
Ian Abbott <abbotti(a)mev.co.uk>
comedi: fix race between polling and detaching
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
usb: typec: ucsi: Update power_supply on power role change
Ricky Wu <ricky_wu(a)realtek.com>
misc: rtsx: usb: Ensure mmc child device is active when card is present
Xinyu Liu <katieeliu(a)tencent.com>
usb: core: config: Prevent OOB read in SS endpoint companion parsing
Baokun Li <libaokun1(a)huawei.com>
ext4: fix largest free orders lists corruption on mb_optimize_scan switch
Baokun Li <libaokun1(a)huawei.com>
ext4: fix zombie groups in average fragment size lists
Jason Gunthorpe <jgg(a)ziepe.ca>
iommufd: Prevent ALIGN() overflow
Nicolin Chen <nicolinc(a)nvidia.com>
iommufd: Report unmapped bytes in the error path of iopt_unmap_iova_range
Alexey Klimov <alexey.klimov(a)linaro.org>
iommu/arm-smmu-qcom: Add SM6115 MDSS compatible
Shyam Prasad N <sprasad(a)microsoft.com>
cifs: reset iface weights when we cannot find a candidate
Jack Xiao <Jack.Xiao(a)amd.com>
drm/amdgpu: fix incorrect vm flags to map bo
Shengjiu Wang <shengjiu.wang(a)nxp.com>
ASoC: fsl_sai: replace regmap_write with regmap_update_bits
Jiasheng Jiang <jiashengjiangcool(a)gmail.com>
scsi: lpfc: Remove redundant assignment to avoid memory leak
Meagan Lloyd <meaganlloyd(a)linux.microsoft.com>
rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix uninited ptr deref in block/scsi layout
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Handle RPC size limit for layoutcommits
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix disk addr range check in block/scsi layout
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix stripe mapping in block/scsi layout
John Garry <john.g.garry(a)oracle.com>
block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
Cezary Rojewski <cezary.rojewski(a)intel.com>
ASoC: Intel: avs: Fix uninitialized pointer error in probe()
Buday Csaba <buday.csaba(a)prolan.hu>
net: phy: smsc: add proper reset flags for LAN8710A
Corey Minyard <corey(a)minyard.net>
ipmi: Fix strcpy source and destination the same
Yann E. MORIN <yann.morin.1998(a)free.fr>
kconfig: lxdialog: fix 'space' to (de)select options
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: gconf: fix potential memory leak in renderer_edited()
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed()
Breno Leitao <leitao(a)debian.org>
ipmi: Use dev_warn_ratelimited() for incorrect message warnings
Artem Sadovnikov <a.sadovnikov(a)ispras.ru>
vfio/mlx5: fix possible overflow in tracking max message size
John Garry <john.g.garry(a)oracle.com>
scsi: aacraid: Stop using PCI_IRQ_AFFINITY
Maurizio Lombardi <mlombard(a)redhat.com>
scsi: target: core: Generate correct identifiers for PR OUT transport IDs
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans
Shankari Anand <shankari.ak0208(a)gmail.com>
kconfig: nconf: Ensure null termination where strncpy is used
Keith Busch <kbusch(a)kernel.org>
vfio/type1: conditional rescheduling while pinning
Suchit Karunakaran <suchitkarunakaran(a)gmail.com>
kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c
Jaegeuk Kim <jaegeuk(a)kernel.org>
f2fs: check the generic conditions first
Yuezhang Mo <Yuezhang.Mo(a)sony.com>
exfat: add cluster chain loop check for dir
fangzhong.zhou <myth5(a)myth5.com>
i2c: Force DLL0945 touchpad i2c freq to 100khz
Mateusz Guzik <mjguzik(a)gmail.com>
apparmor: use the condition in AA_BUG_FMT even with debug disabled
Benjamin Marzinski <bmarzins(a)redhat.com>
dm-table: fix checking for rq stackable devices
Mikulas Patocka <mpatocka(a)redhat.com>
dm-mpath: don't print the "loaded" message if registering fails
Jorge Marques <jorge.marques(a)analog.com>
i3c: master: Initialize ret in i3c_i2c_notifier_call()
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i3c: don't fail if GETHDRCAP is unsupported
Gabriel Totev <gabriel.totev(a)zetier.com>
apparmor: shift ouid when mediating hard links in userns
Meagan Lloyd <meaganlloyd(a)linux.microsoft.com>
rtc: ds1307: handle oscillator stop flag (OSF) for ds1341
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i3c: add missing include to internal header
Petr Pavlu <petr.pavlu(a)suse.com>
module: Prevent silent truncation of module name in delete_module(2)
Purva Yeshi <purvayeshi550(a)gmail.com>
md: dm-zoned-target: Initialize return variable r to avoid uninitialized use
Charles Keepax <ckeepax(a)opensource.cirrus.com>
soundwire: Move handle_nested_irq outside of sdw_dev_lock
Vijendar Mukunda <Vijendar.Mukunda(a)amd.com>
soundwire: amd: serialize amd manager resume sequence during pm_prepare
Bharat Bhushan <bbhushan2(a)marvell.com>
crypto: octeontx2 - add timeout for load_fvc completion poll
chenchangcheng <chenchangcheng(a)kylinos.cn>
media: uvcvideo: Fix bandwidth issue for Alcor camera
Alex Guo <alexguo1023(a)gmail.com>
media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar
Alex Guo <alexguo1023(a)gmail.com>
media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
media: usb: hdpvr: disable zero-length read messages
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Increase FIFO trigger level to 374
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Return an appropriate colorspace from tc358743_set_fmt
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Check I2C succeeded during probe
Cheick Traore <cheick.traore(a)foss.st.com>
pinctrl: stm32: Manage irq affinity settings
Damien Le Moal <dlemoal(a)kernel.org>
scsi: mpi3mr: Correctly handle ATA device errors
Damien Le Moal <dlemoal(a)kernel.org>
scsi: mpt3sas: Correctly handle ATA device errors
Abel Vesa <abel.vesa(a)linaro.org>
power: supply: qcom_battmgr: Add lithium-polymer entry
Justin Tee <justin.tee(a)broadcom.com>
scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure
Arnd Bergmann <arnd(a)arndb.de>
RDMA/core: reduce stack using in nldev_stat_get_doit()
Yury Norov [NVIDIA] <yury.norov(a)gmail.com>
RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()
Amelie Delaunay <amelie.delaunay(a)foss.st.com>
dmaengine: stm32-dma: configure next sg only if there are more than 2 sgs
Johan Adolfsson <johan.adolfsson(a)axis.com>
leds: leds-lp50xx: Handle reg to get correct multi_index
Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se>
media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control
Shiji Yang <yangshiji66(a)outlook.com>
MIPS: lantiq: falcon: sysctrl: fix request memory check logic
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
MIPS: Don't crash in stack_top() for tasks without ABI or vDSO
Markus Theil <theil.markus(a)gmail.com>
crypto: jitter - fix intermediary handling
Arnaud Lecomte <contact(a)arnaud-lcm.com>
jfs: upper bound check of tree index in dbAllocAG
Edward Adam Davis <eadavis(a)qq.com>
jfs: Regular file corruption check
Lizhi Xu <lizhi.xu(a)windriver.com>
jfs: truncate good inode pages when hard link is 0
jackysliu <1972843537(a)qq.com>
scsi: bfa: Double-free fix
Ziyan Fu <fuzy5(a)lenovo.com>
watchdog: iTCO_wdt: Report error if timeout configuration fails
Shiji Yang <yangshiji66(a)outlook.com>
MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free}
George Moussalem <george.moussalem(a)outlook.com>
clk: qcom: ipq5018: keep XO clock always on
Florin Leotescu <florin.leotescu(a)nxp.com>
hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state
Sebastian Reichel <sebastian.reichel(a)collabora.com>
watchdog: dw_wdt: Fix default timeout
Amir Mohammad Jahangirzad <a.jahangirzad(a)gmail.com>
fs/orangefs: use snprintf() instead of sprintf()
Showrya M N <showrya(a)chelsio.com>
scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated
Geraldo Nascimento <geraldogabriel(a)gmail.com>
phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal
Chen-Yu Tsai <wens(a)csie.org>
mfd: axp20x: Set explicit ID for AXP313 regulator
Pei Xiao <xiaopei01(a)kylinos.cn>
clk: tegra: periph: Fix error handling and resolve unsigned compare warning
Theodore Ts'o <tytso(a)mit.edu>
ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
Zhiqi Song <songzhiqi1(a)huawei.com>
crypto: hisilicon/hpre - fix dma unmap sequence
Yongzhen Zhang <zhangyongzhen(a)kylinos.cn>
fbdev: fix potential buffer overflow in do_register_framebuffer()
Pali Rohár <pali(a)kernel.org>
cifs: Fix calling CIFSFindFirst() for root path without msearch
Aaron Plattner <aplattner(a)nvidia.com>
watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd/display: Only finalize atomic_obj if it was initialized
Jason Wang <jasowang(a)redhat.com>
vhost: fail early when __vhost_add_used() fails
Will Deacon <will(a)kernel.org>
vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325
Joel Fernandes <joelagnelf(a)nvidia.com>
rcu: Fix rcu_read_unlock() deadloop due to IRQ work
Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com>
drm/ttm: Respect the shrinker core free target
Wayne Lin <Wayne.Lin(a)amd.com>
drm/amd/display: Avoid trying AUX transactions on disconnected ports
Yonghong Song <yonghong.song(a)linux.dev>
selftests/bpf: Fix a user_ringbuf failure with arm64 64KB page size
Ihor Solodrai <isolodrai(a)meta.com>
bpf: Make reg_not_null() true for CONST_PTR_TO_MAP
Jakub Kicinski <kuba(a)kernel.org>
uapi: in6: restore visibility of most IPv6 socket options
Emily Deng <Emily.Deng(a)amd.com>
drm/ttm: Should to return the evict error
Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com>
drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range
Hari Kalavakunta <kalavakunta.hari.prasad(a)gmail.com>
net: ncsi: Fix buffer overflow in fetching version id
Shannon Nelson <shannon.nelson(a)amd.com>
ionic: clean dbpage in de-init
Thomas Fourier <fourier.thomas(a)gmail.com>
wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc()
Breno Leitao <leitao(a)debian.org>
ptp: Use ratelimite for freerun error message
Yuan Chen <chenyuan(a)kylinos.cn>
bpftool: Fix JSON writer resource leak in version command
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: prevent SWITCH_CTRL access on BCM5325
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: prevent DIS_LEARNING access on BCM5325
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: fix b53_imp_vlan_setup for BCM5325
Alok Tiwari <alok.a.tiwari(a)oracle.com>
gve: Return error for unknown admin queue command
Gal Pressman <gal(a)nvidia.com>
net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs
Gal Pressman <gal(a)nvidia.com>
net: vlan: Make is_vlan_dev() a stub when VLAN is not configured
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual
Heiner Kallweit <hkallweit1(a)gmail.com>
dpaa_eth: don't use fixed_phy_change_carrier
Nicolas Escande <nico.escande(a)gmail.com>
neighbour: add support for NUD_PERMANENT proxy entries
Stanislaw Gruszka <stf_xl(a)wp.pl>
wifi: iwlegacy: Check rate_idx range after addition
Mina Almasry <almasrymina(a)google.com>
netmem: fix skb_frag_address_safe with unreadable skbs
Thomas Fourier <fourier.thomas(a)gmail.com>
powerpc: floppy: Add missing checks after DMA map
Karthikeyan Kathirvel <quic_kathirve(a)quicinc.com>
wifi: ath12k: Decrement TID on RX peer frag setup error handling
Raj Kumar Bhagat <quic_rajkbhag(a)quicinc.com>
wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0
Thomas Fourier <fourier.thomas(a)gmail.com>
wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`.
Ramya Gnanasekar <ramya.gnanasekar(a)oss.qualcomm.com>
wifi: mac80211: update radar_required in channel context after channel switch
Wen Chen <Wen.Chen3(a)amd.com>
drm/amd/display: Fix 'failed to blank crtc!'
Pagadala Yesu Anjaneyulu <pagadala.yesu.anjaneyulu(a)intel.com>
wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect
Rand Deeb <rand.sec96(a)gmail.com>
wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd()
Sarika Sharma <quic_sarishar(a)quicinc.com>
wifi: ath12k: Add memset and update default rate value in wmi tx completion
Ilya Bakoulin <Ilya.Bakoulin(a)amd.com>
drm/amd/display: Separate set_gsl from set_gsl_source_select
Jonas Rebmann <jre(a)pengutronix.de>
net: fec: allow disable coalescing
Eric Work <work.eric(a)gmail.com>
net: atlantic: add set_power to fw_ops for atl2 to fix wol
Aakash Kumar S <saakashkumar(a)marvell.com>
xfrm: Duplicate SPI Handling
zhangjianrong <zhangjianrong5(a)huawei.com>
net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths()
zhangjianrong <zhangjianrong5(a)huawei.com>
net: thunderbolt: Enable end-to-end flow control also in transmit
Mark Brown <broonie(a)kernel.org>
kselftest/arm64: Specify SVE data when testing VL set in sve-ptrace
David Bauer <mail(a)david-bauer.net>
wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch
Bitterblue Smith <rtl8821cerfe2(a)gmail.com>
wifi: rtw89: Disable deep power saving for USB/SDIO
Bitterblue Smith <rtl8821cerfe2(a)gmail.com>
wifi: rtw89: Fix rtw89_mac_power_switch() for USB
Rob Clark <robdclark(a)chromium.org>
drm/msm: use trylock for debugfs
Hari Chandrakanthan <quic_haric(a)quicinc.com>
wifi: mac80211: fix rx link assignment for non-MLO stations
Kuniyuki Iwashima <kuniyu(a)google.com>
ipv6: mcast: Check inet6_dev->dead under idev->mc_lock in __ipv6_dev_mc_inc().
Thomas Fourier <fourier.thomas(a)gmail.com>
(powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer
Johannes Berg <johannes.berg(a)intel.com>
wifi: mac80211: don't complete management TX on SAE commit
Chris Mason <clm(a)fb.com>
sched/fair: Bump sd->max_newidle_lb_cost when newidle balance fails
Sven Schnelle <svens(a)linux.ibm.com>
s390/stp: Remove udelay from stp_sync_clock()
Avraham Stern <avraham.stern(a)intel.com>
wifi: iwlwifi: mvm: fix scan request validation
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
um: Re-evaluate thread flags repeatedly
Miri Korenblit <miriam.rachel.korenblit(a)intel.com>
wifi: iwlwifi: mvm: set gtk id also in older FWs
Alok Tiwari <alok.a.tiwari(a)oracle.com>
perf/cxlpmu: Remove unintended newline from IRQ name format string
Biju Das <biju.das.jz(a)bp.renesas.com>
net: phy: micrel: Add ksz9131_resume()
Alok Tiwari <alok.a.tiwari(a)oracle.com>
net: thunderx: Fix format-truncation warning in bgx_acpi_match_id()
Oscar Maes <oscmaes92(a)gmail.com>
net: ipv4: fix incorrect MTU in broadcast routes
Ilan Peer <ilan.peer(a)intel.com>
wifi: cfg80211: Fix interface type validation
Matt Johnston <matt(a)codeconstruct.com.au>
net: mctp: Prevent duplicate binds
Paul E. McKenney <paulmck(a)kernel.org>
rcu: Protect ->defer_qs_iw_pending from data race
Breno Leitao <leitao(a)debian.org>
arm64: Mark kernel as tainted on SAE and SError panic
Leon Romanovsky <leon(a)kernel.org>
net/mlx5e: Properly access RCU protected qdisc_sleeping variable
Thomas Fourier <fourier.thomas(a)gmail.com>
net: ag71xx: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
et131x: Add missing check after DMA map
Bitterblue Smith <rtl8821cerfe2(a)gmail.com>
wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB
Alok Tiwari <alok.a.tiwari(a)oracle.com>
be2net: Use correct byte order and format string for TCP seq and ack_seq
Sven Schnelle <svens(a)linux.ibm.com>
s390/time: Use monotonic clock in get_cycles()
Johannes Berg <johannes.berg(a)intel.com>
wifi: cfg80211: reject HTC bit for management frames
Steven Rostedt <rostedt(a)goodmis.org>
ktest.pl: Prevent recursion of default variable options
Sarika Sharma <quic_sarishar(a)quicinc.com>
wifi: ath12k: Correct tid cleanup when tid setup fails
Oliver Neukum <oneukum(a)suse.com>
net: usb: cdc-ncm: check for filtering capability
Anthoine Bourgeois <anthoine.bourgeois(a)vates.tech>
xen/netfront: Fix TX response spurious interrupts
Zijun Hu <zijun.hu(a)oss.qualcomm.com>
Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie()
Steven Rostedt <rostedt(a)goodmis.org>
powerpc/thp: tracing: Hide hugepage events under CONFIG_PPC_BOOK3S_64
Srinivas Kandagatla <srini(a)kernel.org>
ASoC: qcom: use drvdata instead of component to keep id
Xinxin Wan <xinxin.wan(a)intel.com>
ASoC: codecs: rt5640: Retry DEVICE_ID verification
Jonathan Santos <Jonathan.Santos(a)analog.com>
iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement
Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com>
ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros
Christophe Leroy <christophe.leroy(a)csgroup.eu>
ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop
Lucy Thrun <lucy.thrun(a)digital-rabbithole.de>
ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
Tomasz Michalec <tmichalec(a)google.com>
platform/chrome: cros_ec_typec: Defer probe on missing EC parent
Kees Cook <kees(a)kernel.org>
platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches
Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com>
soc: qcom: mdt_loader: Actually use the e_phoff
Krzysztof Hałasa <khalasa(a)piap.pl>
imx8m-blk-ctrl: set ISI panic write hurry level
Gautham R. Shenoy <gautham.shenoy(a)amd.com>
pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop()
Oliver Neukum <oneukum(a)suse.com>
usb: core: usb_submit_urb: downgrade type check
Tomasz Michalec <tmichalec(a)google.com>
usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present
Peter Ujfalusi <peter.ujfalusi(a)linux.intel.com>
ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()
Alok Tiwari <alok.a.tiwari(a)oracle.com>
ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4
Mark Brown <broonie(a)kernel.org>
ASoC: hdac_hdmi: Rate limit logging on connection and disconnection
Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com>
x86/bugs: Avoid warning when overriding return thunk
Takashi Iwai <tiwai(a)suse.de>
ALSA: hda: Disable jack polling at shutdown
Takashi Iwai <tiwai(a)suse.de>
ALSA: hda: Handle the jack polling always via a work
Ulf Hansson <ulf.hansson(a)linaro.org>
mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode()
Hans de Goede <hansg(a)kernel.org>
mei: bus: Check for still connected devices in mei_cl_bus_dev_release()
Zijun Hu <zijun.hu(a)oss.qualcomm.com>
char: misc: Fix improper and inaccurate error code returned by misc_init()
Peter Robinson <pbrobinson(a)gmail.com>
reset: brcmstb: Enable reset drivers for ARCH_BCM2835
Eliav Farber <farbere(a)amazon.com>
pps: clients: gpio: fix interrupt handling order in remove path
Breno Leitao <leitao(a)debian.org>
ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path
Sarthak Garg <quic_sartgarg(a)quicinc.com>
mmc: sdhci-msm: Ensure SD card power isn't ON when card removed
Sebastian Ott <sebott(a)redhat.com>
ACPI: processor: fix acpi_object initialization
tuhaowen <tuhaowen(a)uniontech.com>
PM: sleep: console: Fix the black screen issue
Hsin-Te Yuan <yuanhsinte(a)chromium.org>
thermal: sysfs: Return ENODATA instead of EAGAIN for reads
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit()
Thierry Reding <treding(a)nvidia.com>
firmware: tegra: Fix IVC dependency problems
Zhu Qiyu <qiyuzhu2(a)amd.com>
ACPI: PRM: Reduce unnecessary printing to avoid user confusion
Masami Hiramatsu (Google) <mhiramat(a)kernel.org>
selftests: tracing: Use mutex_unlock for testing glob filter
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
tools/build: Fix s390(x) cross-compilation with clang
Aaron Kling <webgeek1234(a)gmail.com>
ARM: tegra: Use I/O memcpy to write to IRAM
Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
gpio: tps65912: check the return value of regmap_update_bits()
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad_sigma_delta: don't overallocate scan buffer
Thomas Weißschuh <linux(a)weissschuh.net>
tools/nolibc: define time_t in terms of __kernel_old_time_t
David Collins <david.collins(a)oss.qualcomm.com>
thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed
Shubhrajyoti Datta <shubhrajyoti.datta(a)amd.com>
EDAC/synopsys: Clear the ECC counters on init
Lifeng Zheng <zhenglifeng1(a)huawei.com>
PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store()
Alexander Kochetkov <al.kochet(a)gmail.com>
ARM: rockchip: fix kernel hang during smp initialization
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Exit governor when failed to start old governor
Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
gpio: wcd934x: check the return value of regmap_update_bits()
Hiago De Franco <hiago.franco(a)toradex.com>
remoteproc: imx_rproc: skip clock enable when M-core is managed by the SCU
Shuai Xue <xueshuai(a)linux.alibaba.com>
ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered
Maulik Shah <maulik.shah(a)oss.qualcomm.com>
soc: qcom: rpmh-rsc: Add RSC version 4 support
Mario Limonciello <mario.limonciello(a)amd.com>
usb: xhci: Avoid showing errors during surprise removal
Jay Chen <shawn2000100(a)gmail.com>
usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command
Mario Limonciello <mario.limonciello(a)amd.com>
usb: xhci: Avoid showing warnings for dying controller
Benson Leung <bleung(a)chromium.org>
usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default
Cynthia Huang <cynthia(a)andestech.com>
selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t
Prashant Malani <pmalani(a)google.com>
cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag
Mario Limonciello <mario.limonciello(a)amd.com>
platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list
Su Hui <suhui(a)nfschina.com>
usb: xhci: print xhci->xhc_state when queue_command failed
Steven Rostedt <rostedt(a)goodmis.org>
tracefs: Add d_delete to remove negative dentries
Al Viro <viro(a)zeniv.linux.org.uk>
securityfs: don't pin dentries twice, once is enough...
Al Viro <viro(a)zeniv.linux.org.uk>
fix locking in efi_secret_unlink()
Wei Gao <wegao(a)suse.com>
ext2: Handle fiemap on empty files to prevent EINVAL
Rong Zhang <ulin0208(a)gmail.com>
fs/ntfs3: correctly create symlink for relative path
Lizhi Xu <lizhi.xu(a)windriver.com>
fs/ntfs3: Add sanity check for file name
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-sata: Disallow changing LPM state if not supported
Al Viro <viro(a)zeniv.linux.org.uk>
better lockdep annotations for simple_recursive_removal()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfs: fix not erasing deleted b-tree node issue
Sarah Newman <srn(a)prgmr.com>
drbd: add missing kref_get in handle_write_conflicts
Jan Kara <jack(a)suse.cz>
udf: Verify partition map count
Jan Kara <jack(a)suse.cz>
loop: Avoid updating block size under exclusive owner
Andrew Price <anprice(a)redhat.com>
gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops
Keith Busch <kbusch(a)kernel.org>
nvme-pci: try function level reset on init failure
NeilBrown <neil(a)brown.name>
smb/server: avoid deadlock when linking with ReplaceIfExists
Kees Cook <kees(a)kernel.org>
arm64: Handle KCOV __init vs inline mismatches
Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp>
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfs: fix slab-out-of-bounds in hfs_bnode_read()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfs: fix general protection fault in hfs_find_init()
Jakub Kicinski <kuba(a)kernel.org>
tls: handle data disappearing from under the TLS ULP
Jeongjun Park <aha310510(a)gmail.com>
ptp: prevent possible ABBA deadlock in ptp_clock_freerun()
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
cpuidle: governors: menu: Avoid using invalid recent intervals data
Len Brown <len.brown(a)intel.com>
intel_idle: Allow loading ACPI tables for any family
Xin Long <lucien.xin(a)gmail.com>
sctp: linearize cloned gso packets in sctp_rcv
Alok Tiwari <alok.a.tiwari(a)oracle.com>
net: ti: icss-iep: Fix incorrect type for return value in extts_enable()
Florian Westphal <fw(a)strlen.de>
netfilter: ctnetlink: fix refcount leak on table dump
Sabrina Dubroca <sd(a)queasysnail.net>
udp: also consider secpath when evaluating ipsec use for checksumming
Maxim Levitsky <mlevitsk(a)redhat.com>
KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest
Maxim Levitsky <mlevitsk(a)redhat.com>
KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs
Maxim Levitsky <mlevitsk(a)redhat.com>
KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter
Sean Christopherson <seanjc(a)google.com>
KVM: VMX: Extract checking of guest's DEBUGCTL into helper
Sean Christopherson <seanjc(a)google.com>
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Fully defer to vendor code to decide how to force immediate exit
Sean Christopherson <seanjc(a)google.com>
KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers
Sean Christopherson <seanjc(a)google.com>
KVM: VMX: Handle forced exit due to preemption timer in fastpath
Sean Christopherson <seanjc(a)google.com>
KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Snapshot the host's DEBUGCTL in common x86
Chao Gao <chao.gao(a)intel.com>
KVM: nVMX: Defer SVI update to vmcs01 on EOI when L2 is active w/o VID
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update()
Sean Christopherson <seanjc(a)google.com>
KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow
Manuel Andreas <manuel.andreas(a)tum.de>
KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush
Stefan Metzmacher <metze(a)samba.org>
smb: client: don't wait for info->send_pending == 0 on error
Stefan Metzmacher <metze(a)samba.org>
smb: client: let send_done() cleanup before calling smbd_disconnect_rdma_connection()
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
ACPI: processor: perflib: Move problematic pr->performance check
Jiayi Li <lijiayi(a)kylinos.cn>
ACPI: processor: perflib: Fix initial _PPC limit application
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
Documentation: ACPI: Fix parent device references
Jann Horn <jannh(a)google.com>
eventpoll: Fix semi-unbounded recursion
Sasha Levin <sashal(a)kernel.org>
fs: Prevent file descriptor table allocations exceeding INT_MAX
Ma Ke <make24(a)iscas.ac.cn>
sunvdc: Balance device refcount in vdc_port_mpgroup_check
Haoran Jiang <jianghaoran(a)kylinos.cn>
LoongArch: BPF: Fix jump offset calculation in tailcall
Huacai Chen <chenhuacai(a)kernel.org>
PCI: Extend isolated function probing to LoongArch
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix the setting of capabilities when automounting a new filesystem
Dai Ngo <dai.ngo(a)oracle.com>
NFSD: detect mismatch of file handle and delegation stateid in OPEN op
Jeff Layton <jlayton(a)kernel.org>
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
Jens Axboe <axboe(a)kernel.dk>
io_uring/net: commit partial buffers on retry
Xu Yang <xu.yang_2(a)nxp.com>
net: usb: asix_devices: add phy_mask for ax88772 mdio bus
Johan Hovold <johan(a)kernel.org>
net: dpaa: fix device leak when querying time stamp info
Johan Hovold <johan(a)kernel.org>
net: ti: icss-iep: fix device and OF node leaks at probe
Johan Hovold <johan(a)kernel.org>
net: mtk_eth_soc: fix device leak at probe
Johan Hovold <johan(a)kernel.org>
net: enetc: fix device and OF node leak at probe
Johan Hovold <johan(a)kernel.org>
net: gianfar: fix device leak when querying time stamp info
Florian Larysch <fl(a)n621.de>
net: phy: micrel: fix KSZ8081/KSZ8091 cable test
Fedor Pchelkin <pchelkin(a)ispras.ru>
netlink: avoid infinite retry looping in netlink_unicast()
Daniel Golle <daniel(a)makrotopia.org>
Revert "leds: trigger: netdev: Configure LED blink interval for HW offload"
David Thompson <davthompson(a)nvidia.com>
gpio: mlxbf3: use platform_get_irq_optional()
David Thompson <davthompson(a)nvidia.com>
Revert "gpio: mlxbf3: only get IRQ for device instance 0"
David Thompson <davthompson(a)nvidia.com>
gpio: mlxbf2: use platform_get_irq_optional()
Harald Mommer <harald.mommer(a)oss.qualcomm.com>
gpio: virtio: Fix config space reading.
Wang Zhaolong <wangzhaolong(a)huaweicloud.com>
smb: client: remove redundant lstrp update in negotiate protocol
Steve French <stfrench(a)microsoft.com>
smb3: fix for slab out of bounds on mount to ksmbd
Christopher Eby <kreed(a)kreed.org>
ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks
Vasiliy Kovalev <kovalev(a)altlinux.org>
ALSA: hda/realtek: Fix headset mic on HONOR BRB-X
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Validate UAC3 power domain descriptors, too
Pavel Begunkov <asml.silence(a)gmail.com>
io_uring: don't use int for ABI
-------------
Diffstat:
.../bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2 +-
.../display/sprd/sprd,sharkl3-dsi-host.yaml | 2 +-
Documentation/filesystems/fscrypt.rst | 37 +--
Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 +-
Documentation/networking/bonding.rst | 12 +
Documentation/networking/mptcp-sysctl.rst | 2 +
Documentation/power/runtime_pm.rst | 5 +-
Makefile | 6 +-
arch/arm/include/asm/topology.h | 1 +
arch/arm/mach-rockchip/platsmp.c | 15 +-
arch/arm/mach-tegra/reset.c | 2 +-
arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1 -
arch/arm64/boot/dts/ti/k3-am62-verdin.dtsi | 12 +-
arch/arm64/boot/dts/ti/k3-am62a7-sk.dts | 4 +-
arch/arm64/boot/dts/ti/k3-pinctrl.h | 15 +-
arch/arm64/include/asm/acpi.h | 2 +-
arch/arm64/include/asm/topology.h | 1 +
arch/arm64/kernel/fpsimd.c | 4 +-
arch/arm64/kernel/topology.c | 26 +-
arch/arm64/kernel/traps.c | 1 +
arch/arm64/mm/fault.c | 1 +
arch/arm64/mm/ptdump_debugfs.c | 3 -
arch/loongarch/kernel/module-sections.c | 38 +--
arch/loongarch/net/bpf_jit.c | 21 +-
arch/m68k/kernel/head.S | 31 +-
arch/mips/crypto/chacha-core.S | 20 +-
arch/mips/include/asm/vpe.h | 8 +
arch/mips/kernel/process.c | 16 +-
arch/mips/lantiq/falcon/sysctrl.c | 23 +-
arch/parisc/Makefile | 6 +-
arch/parisc/include/asm/pgtable.h | 7 +-
arch/parisc/include/asm/special_insns.h | 28 ++
arch/parisc/include/asm/uaccess.h | 21 +-
arch/parisc/kernel/cache.c | 6 +-
arch/parisc/kernel/entry.S | 17 +-
arch/parisc/kernel/syscall.S | 30 +-
arch/parisc/lib/memcpy.c | 19 +-
arch/parisc/mm/fault.c | 4 +
arch/powerpc/boot/Makefile | 1 +
arch/powerpc/include/asm/floppy.h | 5 +-
arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 +-
arch/riscv/include/asm/topology.h | 1 +
arch/s390/hypfs/hypfs_dbfs.c | 19 +-
arch/s390/include/asm/timex.h | 13 +-
arch/s390/kernel/time.c | 2 +-
arch/s390/mm/dump_pagetables.c | 2 -
arch/s390/mm/pgalloc.c | 5 -
arch/um/include/asm/thread_info.h | 4 +
arch/um/kernel/process.c | 18 +-
arch/x86/include/asm/kvm-x86-ops.h | 2 -
arch/x86/include/asm/kvm_host.h | 22 +-
arch/x86/include/asm/msr-index.h | 1 +
arch/x86/include/asm/xen/hypercall.h | 5 +-
arch/x86/kernel/cpu/bugs.c | 5 +-
arch/x86/kernel/cpu/hygon.c | 3 +
arch/x86/kvm/hyperv.c | 3 +
arch/x86/kvm/lapic.c | 19 +-
arch/x86/kvm/lapic.h | 1 +
arch/x86/kvm/svm/svm.c | 42 ++-
arch/x86/kvm/svm/vmenter.S | 9 +-
arch/x86/kvm/trace.h | 9 +-
arch/x86/kvm/vmx/nested.c | 26 +-
arch/x86/kvm/vmx/pmu_intel.c | 8 +-
arch/x86/kvm/vmx/vmx.c | 164 ++++++----
arch/x86/kvm/vmx/vmx.h | 31 +-
arch/x86/kvm/x86.c | 46 ++-
block/blk-core.c | 26 +-
block/blk-settings.c | 2 +-
crypto/jitterentropy-kcapi.c | 9 +-
drivers/acpi/acpi_processor.c | 2 +-
drivers/acpi/apei/ghes.c | 13 +
drivers/acpi/pfr_update.c | 2 +-
drivers/acpi/prmt.c | 26 +-
drivers/acpi/processor_perflib.c | 11 +
drivers/ata/Kconfig | 35 +-
drivers/ata/libata-sata.c | 5 +
drivers/ata/libata-scsi.c | 58 ++--
drivers/base/arch_topology.c | 69 ++--
drivers/base/power/runtime.c | 59 +++-
drivers/block/drbd/drbd_receiver.c | 6 +-
drivers/block/loop.c | 38 ++-
drivers/block/sunvdc.c | 4 +-
drivers/bus/mhi/host/boot.c | 8 +-
drivers/bus/mhi/host/internal.h | 4 +-
drivers/bus/mhi/host/main.c | 12 +-
drivers/cdx/controller/cdx_rpmsg.c | 3 +-
drivers/char/ipmi/ipmi_msghandler.c | 8 +-
drivers/char/ipmi/ipmi_watchdog.c | 59 +++-
drivers/char/misc.c | 4 +-
drivers/clk/qcom/gcc-ipq5018.c | 2 +-
drivers/clk/tegra/clk-periph.c | 4 +-
drivers/comedi/comedi_fops.c | 38 ++-
drivers/comedi/comedi_internal.h | 1 +
drivers/comedi/drivers.c | 40 ++-
drivers/comedi/drivers/pcl726.c | 3 +-
drivers/cpufreq/armada-8k-cpufreq.c | 2 +-
drivers/cpufreq/cppc_cpufreq.c | 2 +-
drivers/cpufreq/cpufreq.c | 12 +-
drivers/cpuidle/governors/menu.c | 98 ++----
drivers/crypto/hisilicon/hpre/hpre_crypto.c | 8 +-
.../crypto/intel/qat/qat_common/adf_common_drv.h | 1 +
drivers/crypto/intel/qat/qat_common/adf_init.c | 1 +
drivers/crypto/intel/qat/qat_common/adf_isr.c | 5 +
drivers/crypto/intel/qat/qat_common/qat_algs.c | 12 +-
.../crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 16 +-
drivers/devfreq/governor_userspace.c | 6 +-
drivers/dma/stm32-dma.c | 2 +-
drivers/edac/synopsys_edac.c | 93 +++---
drivers/firmware/tegra/Kconfig | 5 +-
drivers/fpga/zynq-fpga.c | 10 +-
drivers/gpio/gpio-mlxbf2.c | 2 +-
drivers/gpio/gpio-mlxbf3.c | 52 +--
drivers/gpio/gpio-tps65912.c | 7 +-
drivers/gpio/gpio-virtio.c | 9 +-
drivers/gpio/gpio-wcd934x.c | 7 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6 +-
drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 ++--
drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2 +-
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 6 +-
.../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 9 +
.../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_psr.c | 6 +-
.../gpu/drm/amd/display/dc/bios/command_table.c | 2 +-
drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1 -
.../amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2 -
.../amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 ++-
.../amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 +-
drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11 +-
drivers/gpu/drm/amd/display/dc/link/link_dpms.c | 3 +-
.../gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 +
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6 +
drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 37 +--
drivers/gpu/drm/display/drm_dp_helper.c | 2 +-
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4 +-
drivers/gpu/drm/i915/intel_runtime_pm.c | 5 +-
drivers/gpu/drm/msm/msm_gem.c | 3 +-
drivers/gpu/drm/msm/msm_gem.h | 6 +
drivers/gpu/drm/nouveau/nvif/vmm.c | 3 +-
drivers/gpu/drm/renesas/rcar-du/rzg2l_mipi_dsi.c | 3 +
drivers/gpu/drm/ttm/ttm_pool.c | 8 +-
drivers/gpu/drm/ttm/ttm_resource.c | 3 +
drivers/hid/hid-apple.c | 13 +-
drivers/hid/hid-magicmouse.c | 56 ++--
drivers/hwmon/emc2305.c | 10 +-
drivers/hwmon/gsc-hwmon.c | 4 +-
drivers/i2c/i2c-core-acpi.c | 1 +
drivers/i3c/internals.h | 1 +
drivers/i3c/master.c | 4 +-
drivers/idle/intel_idle.c | 2 +-
drivers/iio/adc/ad7768-1.c | 23 +-
drivers/iio/adc/ad_sigma_delta.c | 6 +-
drivers/iio/imu/bno055/bno055.c | 11 +-
drivers/iio/imu/inv_icm42600/inv_icm42600.h | 8 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 33 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.c | 22 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.h | 10 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 6 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 43 ++-
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 12 +-
drivers/iio/light/as73211.c | 2 +-
drivers/iio/pressure/bmp280-core.c | 9 +-
drivers/iio/proximity/isl29501.c | 14 +-
drivers/iio/temperature/maxim_thermocouple.c | 26 +-
drivers/infiniband/core/nldev.c | 22 +-
drivers/infiniband/hw/bnxt_re/ib_verbs.c | 8 +-
drivers/infiniband/hw/bnxt_re/qplib_fp.c | 30 +-
drivers/infiniband/hw/bnxt_re/qplib_fp.h | 2 -
drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 +
drivers/infiniband/hw/erdma/erdma_verbs.c | 4 +-
drivers/infiniband/hw/hfi1/affinity.c | 44 +--
drivers/infiniband/sw/siw/siw_qp_tx.c | 5 +-
drivers/iommu/amd/init.c | 4 +-
drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 1 +
drivers/iommu/iommufd/io_pagetable.c | 48 ++-
drivers/leds/flash/leds-qcom-flash.c | 178 +++++++++-
drivers/leds/leds-lp50xx.c | 11 +-
drivers/leds/trigger/ledtrig-netdev.c | 16 +-
drivers/md/dm-ps-historical-service-time.c | 4 +-
drivers/md/dm-ps-queue-length.c | 4 +-
drivers/md/dm-ps-round-robin.c | 4 +-
drivers/md/dm-ps-service-time.c | 4 +-
drivers/md/dm-table.c | 10 +-
drivers/md/dm-zoned-target.c | 2 +-
drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 +-
drivers/media/dvb-frontends/dib7000p.c | 8 +
drivers/media/i2c/ccs/ccs-core.c | 2 +-
drivers/media/i2c/hi556.c | 26 +-
drivers/media/i2c/ov2659.c | 3 +-
drivers/media/i2c/tc358743.c | 86 +++--
drivers/media/pci/intel/ivsc/mei_ace.c | 2 +
drivers/media/pci/intel/ivsc/mei_csi.c | 2 +
drivers/media/platform/qcom/camss/camss.c | 4 +-
drivers/media/platform/qcom/venus/core.c | 8 +-
drivers/media/platform/qcom/venus/core.h | 2 +
drivers/media/platform/qcom/venus/hfi_msgs.c | 83 +++--
drivers/media/platform/qcom/venus/hfi_venus.c | 5 +
drivers/media/platform/qcom/venus/vdec.c | 5 +-
drivers/media/platform/qcom/venus/venc.c | 5 +-
.../media/platform/verisilicon/rockchip_vpu_hw.c | 9 -
drivers/media/test-drivers/vivid/vivid-ctrls.c | 3 +-
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4 +-
drivers/media/usb/gspca/vicam.c | 10 +-
drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 +
drivers/media/usb/usbtv/usbtv-video.c | 4 +
drivers/media/usb/uvc/uvc_driver.c | 3 +
drivers/media/usb/uvc/uvc_video.c | 21 +-
drivers/media/v4l2-core/v4l2-common.c | 8 +-
drivers/media/v4l2-core/v4l2-ctrls-core.c | 1 -
drivers/memstick/core/memstick.c | 1 -
drivers/memstick/host/rtsx_usb_ms.c | 1 +
drivers/mfd/axp20x.c | 3 +-
drivers/misc/cardreader/rtsx_usb.c | 16 +-
drivers/misc/mei/bus.c | 6 +
drivers/mmc/host/rtsx_usb_sdmmc.c | 4 +-
drivers/mmc/host/sdhci-msm.c | 14 +
drivers/mmc/host/sdhci-pci-gli.c | 35 +-
drivers/most/core.c | 2 +-
drivers/mtd/nand/raw/fsmc_nand.c | 2 +
drivers/mtd/nand/raw/renesas-nand-controller.c | 6 +
drivers/mtd/nand/spi/core.c | 5 +-
drivers/mtd/spi-nor/swp.c | 19 +-
drivers/net/bonding/bond_3ad.c | 224 +++++++++++--
drivers/net/bonding/bond_main.c | 1 +
drivers/net/bonding/bond_netlink.c | 16 +
drivers/net/bonding/bond_options.c | 29 +-
drivers/net/dsa/b53/b53_common.c | 63 +++-
drivers/net/dsa/b53/b53_regs.h | 2 +
drivers/net/ethernet/agere/et131x.c | 36 ++
drivers/net/ethernet/aquantia/atlantic/aq_hw.h | 2 +
.../aquantia/atlantic/hw_atl2/hw_atl2_utils_fw.c | 39 +++
drivers/net/ethernet/atheros/ag71xx.c | 9 +
drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 +-
drivers/net/ethernet/emulex/benet/be_main.c | 8 +-
drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 2 -
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 +-
drivers/net/ethernet/freescale/enetc/enetc_pf.c | 14 +-
drivers/net/ethernet/freescale/fec_main.c | 34 +-
drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 +-
drivers/net/ethernet/google/gve/gve_adminq.c | 1 +
drivers/net/ethernet/google/gve/gve_main.c | 2 +
drivers/net/ethernet/intel/igc/igc_main.c | 14 +-
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 +-
.../net/ethernet/marvell/octeontx2/af/rvu_npc_fs.c | 4 +-
drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2 +
drivers/net/ethernet/mediatek/mtk_wed.c | 1 -
.../ethernet/mellanox/mlx5/core/en/port_buffer.c | 18 +-
drivers/net/ethernet/mellanox/mlx5/core/en/qos.c | 2 +-
.../ethernet/mellanox/mlx5/core/esw/devlink_port.c | 4 +-
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 +
drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 +
drivers/net/ethernet/pensando/ionic/ionic_lif.c | 7 +-
drivers/net/ethernet/ti/icssg/icss_iep.c | 26 +-
drivers/net/hyperv/hyperv_net.h | 3 +
drivers/net/hyperv/netvsc_drv.c | 29 +-
drivers/net/ipa/ipa_smp2p.c | 2 +-
drivers/net/phy/micrel.c | 12 +-
drivers/net/phy/mscc/mscc.h | 12 +
drivers/net/phy/mscc/mscc_main.c | 12 +
drivers/net/phy/mscc/mscc_ptp.c | 49 ++-
drivers/net/phy/smsc.c | 1 +
drivers/net/ppp/ppp_generic.c | 17 +-
drivers/net/thunderbolt/main.c | 21 +-
drivers/net/usb/asix_devices.c | 1 +
drivers/net/usb/cdc_ncm.c | 20 +-
drivers/net/wireless/ath/ath11k/ce.c | 3 -
drivers/net/wireless/ath/ath11k/dp_rx.c | 3 -
drivers/net/wireless/ath/ath11k/hal.c | 33 +-
drivers/net/wireless/ath/ath12k/ce.c | 3 -
drivers/net/wireless/ath/ath12k/dp.c | 3 +-
drivers/net/wireless/ath/ath12k/hal.c | 38 ++-
drivers/net/wireless/ath/ath12k/hw.c | 2 +-
drivers/net/wireless/ath/ath12k/wmi.c | 5 +
.../broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 +-
drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 +-
drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 +-
drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 +-
drivers/net/wireless/intel/iwlwifi/mvm/d3.c | 2 +
drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 +-
drivers/net/wireless/mediatek/mt76/mt7915/mcu.c | 25 +-
drivers/net/wireless/realtek/rtlwifi/pci.c | 23 +-
drivers/net/wireless/realtek/rtw89/core.c | 3 +
drivers/net/wireless/realtek/rtw89/fw.c | 9 +-
drivers/net/wireless/realtek/rtw89/fw.h | 2 +
drivers/net/wireless/realtek/rtw89/mac.c | 19 ++
drivers/net/wireless/realtek/rtw89/reg.h | 1 +
drivers/net/xen-netfront.c | 5 -
drivers/nvme/host/pci.c | 24 +-
drivers/pci/controller/dwc/pci-imx6.c | 7 +-
drivers/pci/controller/pcie-rockchip-host.c | 49 +--
drivers/pci/controller/pcie-rockchip.h | 11 +-
drivers/pci/endpoint/pci-ep-cfs.c | 1 +
drivers/pci/endpoint/pci-epf-core.c | 2 +-
drivers/pci/pci-acpi.c | 4 +-
drivers/pci/pci.c | 10 +-
drivers/pci/probe.c | 2 +-
drivers/perf/cxl_pmu.c | 2 +-
drivers/phy/qualcomm/phy-qcom-m31.c | 14 +-
drivers/phy/rockchip/phy-rockchip-pcie.c | 3 +-
drivers/pinctrl/stm32/pinctrl-stm32.c | 1 +
drivers/platform/chrome/cros_ec.c | 3 +
drivers/platform/chrome/cros_ec_typec.c | 4 +-
drivers/platform/x86/amd/pmc/pmc-quirks.c | 9 +
drivers/platform/x86/thinkpad_acpi.c | 4 +-
drivers/pmdomain/imx/imx8m-blk-ctrl.c | 10 +
drivers/power/supply/qcom_battmgr.c | 2 +
drivers/pps/clients/pps-gpio.c | 5 +-
drivers/ptp/ptp_clock.c | 2 +-
drivers/ptp/ptp_private.h | 5 +
drivers/ptp/ptp_vclock.c | 7 +
drivers/pwm/pwm-imx-tpm.c | 9 +
drivers/pwm/pwm-mediatek.c | 71 ++--
drivers/remoteproc/imx_rproc.c | 4 +-
drivers/reset/Kconfig | 10 +-
drivers/rtc/rtc-ds1307.c | 15 +-
drivers/s390/char/sclp.c | 11 +-
drivers/scsi/aacraid/comminit.c | 3 +-
drivers/scsi/bfa/bfad_im.c | 1 +
drivers/scsi/libiscsi.c | 3 +-
drivers/scsi/lpfc/lpfc_debugfs.c | 1 -
drivers/scsi/lpfc/lpfc_scsi.c | 4 +
drivers/scsi/mpi3mr/mpi3mr.h | 6 +-
drivers/scsi/mpi3mr/mpi3mr_fw.c | 17 +-
drivers/scsi/mpi3mr/mpi3mr_os.c | 22 +-
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19 ++
drivers/scsi/qla4xxx/ql4_os.c | 2 +
drivers/scsi/scsi_scan.c | 2 +-
drivers/scsi/scsi_transport_sas.c | 62 +++-
drivers/soc/qcom/mdt_loader.c | 53 ++-
drivers/soc/qcom/rpmh-rsc.c | 2 +-
drivers/soc/tegra/pmc.c | 51 +--
drivers/soundwire/amd_manager.c | 6 +-
drivers/soundwire/bus.c | 6 +-
drivers/spi/spi-fsl-lpspi.c | 8 +-
drivers/staging/media/imx/imx-media-csc-scaler.c | 2 +-
drivers/target/target_core_fabric_lib.c | 65 +++-
drivers/target/target_core_internal.h | 4 +-
drivers/target/target_core_pr.c | 18 +-
drivers/thermal/qcom/qcom-spmi-temp-alarm.c | 43 ++-
drivers/thermal/thermal_sysfs.c | 9 +-
drivers/thunderbolt/domain.c | 2 +-
drivers/tty/serial/8250/8250_port.c | 3 +-
drivers/tty/vt/defkeymap.c_shipped | 112 +++++++
drivers/tty/vt/keyboard.c | 2 +-
drivers/ufs/core/ufshcd-priv.h | 2 +-
drivers/ufs/host/ufs-exynos.c | 4 +-
drivers/ufs/host/ufshcd-pci.c | 42 ++-
drivers/usb/atm/cxacru.c | 172 +++++-----
drivers/usb/class/cdc-acm.c | 11 +-
drivers/usb/core/config.c | 10 +-
drivers/usb/core/hcd.c | 8 +-
drivers/usb/core/quirks.c | 1 +
drivers/usb/core/urb.c | 2 +-
drivers/usb/dwc3/dwc3-imx8mp.c | 6 +-
drivers/usb/dwc3/dwc3-meson-g12a.c | 3 +
drivers/usb/dwc3/dwc3-pci.c | 2 +
drivers/usb/dwc3/ep0.c | 20 +-
drivers/usb/dwc3/gadget.c | 19 +-
drivers/usb/gadget/udc/renesas_usb3.c | 1 +
drivers/usb/host/xhci-hub.c | 3 +-
drivers/usb/host/xhci-mem.c | 24 +-
drivers/usb/host/xhci-pci-renesas.c | 7 +-
drivers/usb/host/xhci-ring.c | 19 +-
drivers/usb/host/xhci.c | 27 +-
drivers/usb/host/xhci.h | 3 +-
drivers/usb/musb/omap2430.c | 14 +-
drivers/usb/storage/realtek_cr.c | 2 +-
drivers/usb/storage/unusual_devs.h | 29 ++
drivers/usb/typec/mux/intel_pmc_mux.c | 2 +-
drivers/usb/typec/tcpm/fusb302.c | 8 +
drivers/usb/typec/tcpm/maxim_contaminant.c | 54 +++
drivers/usb/typec/tcpm/tcpci_maxim.h | 1 +
drivers/usb/typec/ucsi/psy.c | 2 +-
drivers/usb/typec/ucsi/ucsi.c | 1 +
drivers/usb/typec/ucsi/ucsi.h | 7 +-
drivers/vfio/pci/mlx5/cmd.c | 4 +-
drivers/vfio/vfio_iommu_type1.c | 7 +
drivers/vhost/vhost.c | 3 +
drivers/vhost/vsock.c | 6 +-
drivers/video/console/vgacon.c | 2 +-
drivers/video/fbdev/core/fbcon.c | 9 +-
drivers/video/fbdev/core/fbmem.c | 3 +
drivers/virt/coco/efi_secret/efi_secret.c | 10 +-
drivers/watchdog/dw_wdt.c | 2 +
drivers/watchdog/iTCO_wdt.c | 6 +-
drivers/watchdog/sbsa_gwdt.c | 50 ++-
fs/btrfs/backref.c | 6 +-
fs/btrfs/block-group.c | 61 ++--
fs/btrfs/block-group.h | 11 +-
fs/btrfs/block-rsv.c | 2 +-
fs/btrfs/block-rsv.h | 2 +-
fs/btrfs/btrfs_inode.h | 3 +-
fs/btrfs/ctree.c | 24 +-
fs/btrfs/ctree.h | 6 +-
fs/btrfs/delayed-inode.c | 12 +-
fs/btrfs/discard.c | 4 +-
fs/btrfs/extent-tree.c | 33 +-
fs/btrfs/file-item.c | 4 +-
fs/btrfs/file-item.h | 2 +-
fs/btrfs/free-space-tree.c | 17 +-
fs/btrfs/inode-item.c | 10 +-
fs/btrfs/inode-item.h | 4 +-
fs/btrfs/inode.c | 26 +-
fs/btrfs/qgroup.c | 31 +-
fs/btrfs/relocation.c | 19 ++
fs/btrfs/send.c | 361 ++++++++++++---------
fs/btrfs/space-info.c | 17 +-
fs/btrfs/space-info.h | 6 +-
fs/btrfs/tree-log.c | 72 ++--
fs/btrfs/tree-mod-log.c | 14 +-
fs/btrfs/tree-mod-log.h | 6 +-
fs/btrfs/zoned.c | 20 +-
fs/btrfs/zoned.h | 4 +-
fs/buffer.c | 2 +-
fs/crypto/fscrypt_private.h | 16 +
fs/crypto/hkdf.c | 2 +-
fs/crypto/keysetup.c | 3 +-
fs/crypto/keysetup_v1.c | 3 +-
fs/eventpoll.c | 60 +++-
fs/exfat/dir.c | 12 +
fs/exfat/fatent.c | 10 +
fs/exfat/namei.c | 5 +
fs/exfat/super.c | 32 +-
fs/ext2/inode.c | 12 +-
fs/ext4/fsmap.c | 23 +-
fs/ext4/indirect.c | 4 +-
fs/ext4/inline.c | 19 +-
fs/ext4/inode.c | 2 +-
fs/ext4/mballoc.c | 69 ++--
fs/ext4/orphan.c | 5 +-
fs/ext4/super.c | 8 +-
fs/f2fs/file.c | 24 +-
fs/f2fs/node.c | 10 +
fs/file.c | 15 +
fs/gfs2/meta_io.c | 2 +
fs/hfs/bfind.c | 3 +
fs/hfs/bnode.c | 93 ++++++
fs/hfs/btree.c | 57 +++-
fs/hfs/extent.c | 2 +-
fs/hfs/hfs_fs.h | 1 +
fs/hfsplus/bnode.c | 92 ++++++
fs/hfsplus/unicode.c | 7 +
fs/hfsplus/xattr.c | 6 +-
fs/hugetlbfs/inode.c | 2 +-
fs/jbd2/checkpoint.c | 1 +
fs/jfs/file.c | 3 +
fs/jfs/inode.c | 2 +-
fs/jfs/jfs_dmap.c | 6 +
fs/libfs.c | 4 +-
fs/namespace.c | 34 +-
fs/nfs/blocklayout/blocklayout.c | 4 +-
fs/nfs/blocklayout/dev.c | 5 +-
fs/nfs/blocklayout/extent_tree.c | 20 +-
fs/nfs/client.c | 44 ++-
fs/nfs/internal.h | 2 +-
fs/nfs/nfs4client.c | 20 +-
fs/nfs/nfs4proc.c | 2 +-
fs/nfs/pnfs.c | 11 +-
fs/nfsd/nfs4state.c | 34 +-
fs/ntfs3/dir.c | 3 +
fs/ntfs3/inode.c | 31 +-
fs/orangefs/orangefs-debugfs.c | 2 +-
fs/smb/client/cifssmb.c | 10 +
fs/smb/client/connect.c | 10 +-
fs/smb/client/sess.c | 9 +
fs/smb/client/smb2ops.c | 11 +-
fs/smb/client/smbdirect.c | 24 +-
fs/smb/server/connection.c | 3 +-
fs/smb/server/connection.h | 7 +-
fs/smb/server/oplock.c | 13 +-
fs/smb/server/smb2pdu.c | 16 +-
fs/smb/server/transport_rdma.c | 5 +-
fs/smb/server/transport_rdma.h | 4 +-
fs/smb/server/transport_tcp.c | 26 +-
fs/squashfs/super.c | 14 +-
fs/tracefs/inode.c | 11 +
fs/udf/super.c | 13 +-
fs/xfs/xfs_itable.c | 6 +-
include/linux/arch_topology.h | 8 +
include/linux/blk_types.h | 6 +-
include/linux/compiler.h | 8 -
include/linux/cpufreq.h | 1 +
include/linux/energy_model.h | 6 +-
include/linux/fs.h | 4 +-
include/linux/hypervisor.h | 3 +
include/linux/if_vlan.h | 21 +-
include/linux/iosys-map.h | 7 +-
include/linux/memfd.h | 14 +
include/linux/mm.h | 76 +++--
include/linux/pci.h | 10 +-
include/linux/pm_runtime.h | 18 +-
include/linux/sched/topology.h | 8 +
include/linux/skbuff.h | 8 +-
include/linux/usb/cdc_ncm.h | 1 +
include/linux/virtio_vsock.h | 7 +-
include/net/bond_3ad.h | 3 +
include/net/bond_options.h | 1 +
include/net/bonding.h | 23 ++
include/net/cfg80211.h | 2 +-
include/net/mac80211.h | 2 +
include/net/neighbour.h | 1 +
include/net/net_namespace.h | 16 +
include/net/sock.h | 1 +
include/trace/events/btrfs.h | 6 +-
include/trace/events/thp.h | 2 +
include/uapi/linux/if_link.h | 1 +
include/uapi/linux/in6.h | 4 +-
include/uapi/linux/io_uring.h | 2 +-
include/uapi/linux/pfrut.h | 1 +
io_uring/net.c | 19 +-
kernel/bpf/verifier.c | 3 +-
kernel/cgroup/cpuset.c | 2 +-
kernel/fork.c | 2 +-
kernel/module/main.c | 10 +-
kernel/power/console.c | 7 +-
kernel/rcu/tree.c | 2 +
kernel/rcu/tree.h | 14 +-
kernel/rcu/tree_plugin.h | 44 ++-
kernel/sched/cpufreq_schedutil.c | 30 +-
kernel/sched/fair.c | 19 +-
kernel/trace/ftrace.c | 19 +-
kernel/trace/trace.c | 33 +-
kernel/trace/trace.h | 10 +-
mm/debug_vm_pgtable.c | 9 +-
mm/filemap.c | 2 +-
mm/kmemleak.c | 10 +-
mm/madvise.c | 2 +-
mm/memfd.c | 2 +-
mm/memory-failure.c | 8 +
mm/mmap.c | 12 +-
mm/ptdump.c | 2 +
mm/shmem.c | 2 +-
net/bluetooth/hci_conn.c | 3 +-
net/bluetooth/hci_event.c | 8 +-
net/bluetooth/hci_sock.c | 2 +-
net/bridge/br_multicast.c | 16 +
net/bridge/br_private.h | 2 +
net/core/dev.c | 12 +
net/core/neighbour.c | 12 +-
net/core/net_namespace.c | 8 +-
net/core/sock.c | 27 +-
net/hsr/hsr_slave.c | 8 +-
net/ipv4/netfilter/nf_reject_ipv4.c | 6 +-
net/ipv4/route.c | 1 -
net/ipv4/udp_offload.c | 2 +-
net/ipv6/addrconf.c | 7 +-
net/ipv6/mcast.c | 11 +-
net/ipv6/netfilter/nf_reject_ipv6.c | 5 +-
net/ipv6/seg6_hmac.c | 6 +-
net/mac80211/cfg.c | 12 +-
net/mac80211/chan.c | 1 +
net/mac80211/mlme.c | 9 +-
net/mac80211/rx.c | 12 +-
net/mctp/af_mctp.c | 28 +-
net/mptcp/options.c | 6 +-
net/mptcp/pm_netlink.c | 19 +-
net/mptcp/subflow.c | 5 +-
net/ncsi/internal.h | 2 +-
net/ncsi/ncsi-rsp.c | 1 +
net/netfilter/nf_conntrack_netlink.c | 24 +-
net/netlink/af_netlink.c | 12 +-
net/rds/tcp.c | 8 +-
net/sched/sch_cake.c | 14 +-
net/sched/sch_ets.c | 36 +-
net/sched/sch_htb.c | 2 +-
net/sctp/input.c | 2 +-
net/smc/af_smc.c | 8 +-
net/sunrpc/svcsock.c | 5 +-
net/sunrpc/xprtsock.c | 8 +-
net/tls/tls.h | 2 +-
net/tls/tls_strp.c | 11 +-
net/tls/tls_sw.c | 10 +-
net/vmw_vsock/virtio_transport.c | 14 +-
net/wireless/mlme.c | 3 +-
net/xfrm/xfrm_state.c | 74 +++--
scripts/kconfig/gconf.c | 8 +-
scripts/kconfig/lxdialog/inputbox.c | 6 +-
scripts/kconfig/lxdialog/menubox.c | 2 +-
scripts/kconfig/nconf.c | 2 +
scripts/kconfig/nconf.gui.c | 1 +
security/apparmor/file.c | 6 +-
security/apparmor/include/lib.h | 6 +-
security/inode.c | 2 -
sound/core/pcm_native.c | 19 +-
sound/hda/hdac_device.c | 2 +-
sound/pci/hda/hda_codec.c | 44 +--
sound/pci/hda/patch_ca0132.c | 2 +-
sound/pci/hda/patch_realtek.c | 4 +
sound/pci/intel8x0.c | 2 +-
sound/soc/codecs/hdac_hdmi.c | 10 +-
sound/soc/codecs/rt5640.c | 5 +
sound/soc/fsl/fsl_sai.c | 20 +-
sound/soc/intel/avs/core.c | 3 +-
sound/soc/qcom/lpass-platform.c | 27 +-
sound/soc/soc-core.c | 3 +
sound/soc/soc-dapm.c | 4 +
sound/usb/mixer_quirks.c | 14 +-
sound/usb/stream.c | 25 +-
sound/usb/validate.c | 14 +-
tools/bpf/bpftool/main.c | 6 +-
tools/include/nolibc/std.h | 4 +-
tools/include/nolibc/types.h | 4 +-
tools/include/uapi/linux/if_link.h | 1 +
.../cpupower/utils/idle_monitor/mperf_monitor.c | 4 +-
tools/scripts/Makefile.include | 4 +-
tools/testing/ktest/ktest.pl | 5 +-
tools/testing/selftests/arm64/fp/sve-ptrace.c | 3 +-
.../selftests/bpf/prog_tests/user_ringbuf.c | 10 +-
.../testing/selftests/bpf/progs/verifier_unpriv.c | 2 +-
.../ftrace/test.d/ftrace/func-filter-glob.tc | 2 +-
tools/testing/selftests/futex/include/futextest.h | 11 +
tools/testing/selftests/memfd/memfd_test.c | 43 +++
tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 +
612 files changed, 6034 insertions(+), 2714 deletions(-)
2 weeks, 5 days
- 12
- 602
2 weeks, 5 days
- 1
- 0
[PATCH v2 3/4] cxl, acpi/hmat: Update CXL access coordinates directly instead of through HMAT
by Dave Jiang
The current implementation of CXL memory hotplug notifier gets called
before the HMAT memory hotplug notifier. The CXL driver calculates the
access coordinates (bandwidth and latency values) for the CXL end to
end path (i.e. CPU to endpoint). When the CXL region is onlined, the CXL
memory hotplug notifier writes the access coordinates to the HMAT target
structs. Then the HMAT memory hotplug notifier is called and it creates
the access coordinates for the node sysfs attributes.
During testing on an Intel platform, it was found that although the
newly calculated coordinates were pushed to sysfs, the sysfs attributes for
the access coordinates showed up with the wrong initiator. The system has
4 nodes (0, 1, 2, 3) where node 0 and 1 are CPU nodes and node 2 and 3 are
CXL nodes. The expectation is that node 2 would show up as a target to node
0:
/sys/devices/system/node/node2/access0/initiators/node0
However it was observed that node 2 showed up as a target under node 1:
/sys/devices/system/node/node2/access0/initiators/node1
The original intent of the 'ext_updated' flag in HMAT handling code was to
stop HMAT memory hotplug callback from clobbering the access coordinates
after CXL has injected its calculated coordinates and replaced the generic
target access coordinates provided by the HMAT table in the HMAT target
structs. However the flag is hacky at best and blocks the updates from
other CXL regions that are onlined in the same node later on. Remove the
'ext_updated' flag usage and just update the access coordinates for the
nodes directly without touching HMAT target data.
The hotplug memory callback ordering is changed. Instead of changing CXL,
move HMAT back so there's room for the levels rather than have CXL share
the same level as SLAB_CALLBACK_PRI. The change will resulting in the CXL
callback to be executed after the HMAT callback.
With the change, the CXL hotplug memory notifier runs after the HMAT
callback. The HMAT callback will create the node sysfs attributes for
access coordinates. The CXL callback will write the access coordinates to
the now created node sysfs attributes directly and will not pollute the
HMAT target values.
Fixes: 067353a46d8c ("cxl/region: Add memory hotplug notifier for cxl region")
Cc: stable(a)vger.kernel.org
Tested-by: Marc Herbert <marc.herbert(a)linux.intel.com>
Reviewed-by: Dan Williams <dan.j.williams(a)intel.com>
Signed-off-by: Dave Jiang <dave.jiang(a)intel.com>
---
v2:
- Add description to what was observed for the issue. (Dan)
- Use the correct Fixes tag. (Dan)
- Add Cc to stable. (Dan)
- Add support to only update on first region appearance. (Jonathan)
---
drivers/acpi/numa/hmat.c | 6 ------
drivers/cxl/core/cdat.c | 5 -----
drivers/cxl/core/core.h | 1 -
drivers/cxl/core/region.c | 21 +++++++++++++--------
include/linux/memory.h | 2 +-
5 files changed, 14 insertions(+), 21 deletions(-)
diff --git a/drivers/acpi/numa/hmat.c b/drivers/acpi/numa/hmat.c
index 4958301f5417..5d32490dc4ab 100644
--- a/drivers/acpi/numa/hmat.c
+++ b/drivers/acpi/numa/hmat.c
@@ -74,7 +74,6 @@ struct memory_target {
struct node_cache_attrs cache_attrs;
u8 gen_port_device_handle[ACPI_SRAT_DEVICE_HANDLE_SIZE];
bool registered;
- bool ext_updated; /* externally updated */
};
struct memory_initiator {
@@ -391,7 +390,6 @@ int hmat_update_target_coordinates(int nid, struct access_coordinate *coord,
coord->read_bandwidth, access);
hmat_update_target_access(target, ACPI_HMAT_WRITE_BANDWIDTH,
coord->write_bandwidth, access);
- target->ext_updated = true;
return 0;
}
@@ -773,10 +771,6 @@ static void hmat_update_target_attrs(struct memory_target *target,
u32 best = 0;
int i;
- /* Don't update if an external agent has changed the data. */
- if (target->ext_updated)
- return;
-
/* Don't update for generic port if there's no device handle */
if ((access == NODE_ACCESS_CLASS_GENPORT_SINK_LOCAL ||
access == NODE_ACCESS_CLASS_GENPORT_SINK_CPU) &&
diff --git a/drivers/cxl/core/cdat.c b/drivers/cxl/core/cdat.c
index c0af645425f4..c891fd618cfd 100644
--- a/drivers/cxl/core/cdat.c
+++ b/drivers/cxl/core/cdat.c
@@ -1081,8 +1081,3 @@ int cxl_update_hmat_access_coordinates(int nid, struct cxl_region *cxlr,
{
return hmat_update_target_coordinates(nid, &cxlr->coord[access], access);
}
-
-bool cxl_need_node_perf_attrs_update(int nid)
-{
- return !acpi_node_backed_by_real_pxm(nid);
-}
diff --git a/drivers/cxl/core/core.h b/drivers/cxl/core/core.h
index 2669f251d677..a253d308f3c9 100644
--- a/drivers/cxl/core/core.h
+++ b/drivers/cxl/core/core.h
@@ -139,7 +139,6 @@ long cxl_pci_get_latency(struct pci_dev *pdev);
int cxl_pci_get_bandwidth(struct pci_dev *pdev, struct access_coordinate *c);
int cxl_update_hmat_access_coordinates(int nid, struct cxl_region *cxlr,
enum access_coordinate_class access);
-bool cxl_need_node_perf_attrs_update(int nid);
int cxl_port_get_switch_dport_bandwidth(struct cxl_port *port,
struct access_coordinate *c);
diff --git a/drivers/cxl/core/region.c b/drivers/cxl/core/region.c
index 71cc42d05248..371873fc43eb 100644
--- a/drivers/cxl/core/region.c
+++ b/drivers/cxl/core/region.c
@@ -9,6 +9,7 @@
#include <linux/uuid.h>
#include <linux/sort.h>
#include <linux/idr.h>
+#include <linux/xarray.h>
#include <linux/memory-tiers.h>
#include <cxlmem.h>
#include <cxl.h>
@@ -30,6 +31,9 @@
* 3. Decoder targets
*/
+/* xarray that stores the reference count per node for regions */
+static DEFINE_XARRAY(node_regions_xa);
+
static struct cxl_region *to_cxl_region(struct device *dev);
#define __ACCESS_ATTR_RO(_level, _name) { \
@@ -2442,14 +2446,8 @@ static bool cxl_region_update_coordinates(struct cxl_region *cxlr, int nid)
for (int i = 0; i < ACCESS_COORDINATE_MAX; i++) {
if (cxlr->coord[i].read_bandwidth) {
- rc = 0;
- if (cxl_need_node_perf_attrs_update(nid))
- node_set_perf_attrs(nid, &cxlr->coord[i], i);
- else
- rc = cxl_update_hmat_access_coordinates(nid, cxlr, i);
-
- if (rc == 0)
- cset++;
+ node_update_perf_attrs(nid, &cxlr->coord[i], i);
+ cset++;
}
}
@@ -2475,6 +2473,7 @@ static int cxl_region_perf_attrs_callback(struct notifier_block *nb,
struct node_notify *nn = arg;
int nid = nn->nid;
int region_nid;
+ int rc;
if (action != NODE_ADDED_FIRST_MEMORY)
return NOTIFY_DONE;
@@ -2487,6 +2486,11 @@ static int cxl_region_perf_attrs_callback(struct notifier_block *nb,
if (nid != region_nid)
return NOTIFY_DONE;
+ /* No action needed if there's existing entry */
+ rc = xa_insert(&node_regions_xa, nid, NULL, GFP_KERNEL);
+ if (rc < 0)
+ return NOTIFY_DONE;
+
if (!cxl_region_update_coordinates(cxlr, nid))
return NOTIFY_DONE;
@@ -3638,6 +3642,7 @@ int cxl_region_init(void)
void cxl_region_exit(void)
{
+ xa_destroy(&node_regions_xa);
cxl_driver_unregister(&cxl_region_driver);
}
diff --git a/include/linux/memory.h b/include/linux/memory.h
index de5c0d8e8925..684fd641f2f0 100644
--- a/include/linux/memory.h
+++ b/include/linux/memory.h
@@ -120,8 +120,8 @@ struct mem_section;
*/
#define DEFAULT_CALLBACK_PRI 0
#define SLAB_CALLBACK_PRI 1
-#define HMAT_CALLBACK_PRI 2
#define CXL_CALLBACK_PRI 5
+#define HMAT_CALLBACK_PRI 6
#define MM_COMPUTE_BATCH_PRI 10
#define CPUSET_CALLBACK_PRI 10
#define MEMTIER_HOTPLUG_PRI 100
--
2.50.1
2 weeks, 5 days
- 2
- 1
Re: [PATCH] interconnect: qcom: icc-rpm: Set the count member before accessing the flex array
by Dan Carpenter
Hi Greg,
Could you pick up this commit for 6.12 and 6.6:
00a973e093e9 ("interconnect: qcom: icc-rpm: Set the count member before accessing the flex array")
It just silences a UBSan warning so it doesn't affect regular users, but
it helps in testing to silence those warnings. It is a clean cherry-pick.
regards,
dan carpenter
On Wed, Dec 04, 2024 at 12:33:34AM +0200, djakov(a)kernel.org wrote:
> From: Georgi Djakov <djakov(a)kernel.org>
>
> The following UBSAN error is reported during boot on the db410c board on
> a clang-19 build:
>
> Internal error: UBSAN: array index out of bounds: 00000000f2005512 [#1] PREEMPT SMP
> ...
> pc : qnoc_probe+0x5f8/0x5fc
> ...
>
> The cause of the error is that the counter member was not set before
> accessing the annotated flexible array member, but after that. Fix this
> by initializing it earlier.
>
> Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org>
> Closes: https://lore.kernel.org/r/CA+G9fYs+2mBz1y2dAzxkj9-oiBJ2Acm1Sf1h2YQ3VmBqj_VX…
> Fixes: dd4904f3b924 ("interconnect: qcom: Annotate struct icc_onecell_data with __counted_by")
> Signed-off-by: Georgi Djakov <djakov(a)kernel.org>
> ---
> drivers/interconnect/qcom/icc-rpm.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/interconnect/qcom/icc-rpm.c b/drivers/interconnect/qcom/icc-rpm.c
> index a8ed435f696c..ea1042d38128 100644
> --- a/drivers/interconnect/qcom/icc-rpm.c
> +++ b/drivers/interconnect/qcom/icc-rpm.c
> @@ -503,6 +503,7 @@ int qnoc_probe(struct platform_device *pdev)
> GFP_KERNEL);
> if (!data)
> return -ENOMEM;
> + data->num_nodes = num_nodes;
>
> qp->num_intf_clks = cd_num;
> for (i = 0; i < cd_num; i++)
> @@ -597,7 +598,6 @@ int qnoc_probe(struct platform_device *pdev)
>
> data->nodes[i] = node;
> }
> - data->num_nodes = num_nodes;
>
> clk_bulk_disable_unprepare(qp->num_intf_clks, qp->intf_clks);
>
2 weeks, 5 days
- 1
- 0
ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list
by Werner Sembach
Commit ID: 9cd51eefae3c871440b93c03716c5398f41bdf78
Why it should be applied: This is a small addition to a quirk list for which I
forgot to set cc: stable when originally submitted it. Bringing it onto stable
will result in several downstream distributions automatically adopting the
patch, helping the affected device.
What kernel versions I wish it to be applied to: It should apply cleanly to
6.1.y and newer longterm releases.
I hope I correctly followed
https://docs.kernel.org/process/stable-kernel-rules.html#option-2 to bring this
into stable.
2 weeks, 5 days
- 2
- 1
After Hours? Dr. Sam Lavi Cosmetic And Implant Dentistry
by Mohanish Ved
Hi Dr. Sam Lavi Cosmetic And Implant Dentistry ,
Quick question: what happens when a patient calls after hours about implants?
Studies show 35–40% of dental calls go unanswered.
Every unanswered call = one implant patient choosing another practice.
We built an AI voice agent that answers every call, educates patients, and books consultations
24/7.
Want me to send you a 30-sec demo recording so you can hear it in action?
Just reply 'Yes' and I’ll send it right away.
—
Best regards,
Mohanish Ved
AI Growth Specialist
EditRage Solutions
2 weeks, 5 days
- 1
- 0
Re: Bug report - Sticky keys acting not sticky sometimes
by Alerymin
Note:
The issue looks like it's from tty directly but I don't see who is the maintainer, so I email the closest I can get
Description:
In command line, sticky keys reset only when typing ASCII and ISO-8859-1 characters.
Tested with the QWERTY Lafayette layout: https://codeberg.org/Alerymin/kbd-qwerty-lafayette
Observed Behaviour:
When the layout is loaded in ISO-8859-15, most characters typed don't reset the sticky key, unless it's basic ASCII characters or Unicode
When the layout is loaded in ISO-8859-1, the sticky key works fine.
Expected behaviour:
Sticky key working in ISO-8859-1 and ISO-8859-15
System used:
Arch Linux, kernel 6.16.3-arch1-1
2 weeks, 5 days
- 2
- 3
[PATCH 3/3] drm/xe: Block exec and rebind worker while evicting for suspend / hibernate
by Thomas Hellström
When the xe pm_notifier evicts for suspend / hibernate, there might be
racing tasks trying to re-validate again. This can lead to suspend taking
excessive time or get stuck in a live-lock. This behaviour becomes
much worse with the fix that actually makes re-validation bring back
bos to VRAM rather than letting them remain in TT.
Prevent that by having exec and the rebind worker waiting for a completion
that is set to block by the pm_notifier before suspend and is signaled
by the pm_notifier after resume / wakeup.
It's probably still possible to craft malicious applications that block
suspending. More work is pending to fix that.
Link: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/4288
Fixes: c6a4d46ec1d7 ("drm/xe: evict user memory in PM notifier")
Cc: Matthew Auld <matthew.auld(a)intel.com>
Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com>
Cc: <stable(a)vger.kernel.org> # v6.16+
Signed-off-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com>
---
drivers/gpu/drm/xe/xe_device_types.h | 2 ++
drivers/gpu/drm/xe/xe_exec.c | 9 +++++++++
drivers/gpu/drm/xe/xe_pm.c | 4 ++++
drivers/gpu/drm/xe/xe_vm.c | 14 ++++++++++++++
4 files changed, 29 insertions(+)
diff --git a/drivers/gpu/drm/xe/xe_device_types.h b/drivers/gpu/drm/xe/xe_device_types.h
index 092004d14db2..6602bd678cbc 100644
--- a/drivers/gpu/drm/xe/xe_device_types.h
+++ b/drivers/gpu/drm/xe/xe_device_types.h
@@ -507,6 +507,8 @@ struct xe_device {
/** @pm_notifier: Our PM notifier to perform actions in response to various PM events. */
struct notifier_block pm_notifier;
+ /** @pm_block: Completion to block validating tasks on suspend / hibernate prepare */
+ struct completion pm_block;
/** @pmt: Support the PMT driver callback interface */
struct {
diff --git a/drivers/gpu/drm/xe/xe_exec.c b/drivers/gpu/drm/xe/xe_exec.c
index 44364c042ad7..374c831e691b 100644
--- a/drivers/gpu/drm/xe/xe_exec.c
+++ b/drivers/gpu/drm/xe/xe_exec.c
@@ -237,6 +237,15 @@ int xe_exec_ioctl(struct drm_device *dev, void *data, struct drm_file *file)
goto err_unlock_list;
}
+ /*
+ * It's OK to block interruptible here with the vm lock held, since
+ * on task freezing during suspend / hibernate, the call will
+ * return -ERESTARTSYS and the IOCTL will be rerun.
+ */
+ err = wait_for_completion_interruptible(&xe->pm_block);
+ if (err)
+ goto err_unlock_list;
+
vm_exec.vm = &vm->gpuvm;
vm_exec.flags = DRM_EXEC_INTERRUPTIBLE_WAIT;
if (xe_vm_in_lr_mode(vm)) {
diff --git a/drivers/gpu/drm/xe/xe_pm.c b/drivers/gpu/drm/xe/xe_pm.c
index b57b46ad9f7c..2d7b05d8a78b 100644
--- a/drivers/gpu/drm/xe/xe_pm.c
+++ b/drivers/gpu/drm/xe/xe_pm.c
@@ -306,6 +306,7 @@ static int xe_pm_notifier_callback(struct notifier_block *nb,
switch (action) {
case PM_HIBERNATION_PREPARE:
case PM_SUSPEND_PREPARE:
+ reinit_completion(&xe->pm_block);
xe_pm_runtime_get(xe);
err = xe_bo_evict_all_user(xe);
if (err)
@@ -318,6 +319,7 @@ static int xe_pm_notifier_callback(struct notifier_block *nb,
break;
case PM_POST_HIBERNATION:
case PM_POST_SUSPEND:
+ complete_all(&xe->pm_block);
xe_pm_runtime_get(xe);
xe_bo_notifier_unprepare_all_pinned(xe);
xe_pm_runtime_put(xe);
@@ -345,6 +347,8 @@ int xe_pm_init(struct xe_device *xe)
if (err)
return err;
+ init_completion(&xe->pm_block);
+ complete_all(&xe->pm_block);
/* For now suspend/resume is only allowed with GuC */
if (!xe_device_uc_enabled(xe))
return 0;
diff --git a/drivers/gpu/drm/xe/xe_vm.c b/drivers/gpu/drm/xe/xe_vm.c
index 3ff3c67aa79d..edcdb0528f2a 100644
--- a/drivers/gpu/drm/xe/xe_vm.c
+++ b/drivers/gpu/drm/xe/xe_vm.c
@@ -394,6 +394,9 @@ static int xe_gpuvm_validate(struct drm_gpuvm_bo *vm_bo, struct drm_exec *exec)
list_move_tail(&gpuva_to_vma(gpuva)->combined_links.rebind,
&vm->rebind_list);
+ if (!try_wait_for_completion(&vm->xe->pm_block))
+ return -EAGAIN;
+
ret = xe_bo_validate(gem_to_xe_bo(vm_bo->obj), vm, false);
if (ret)
return ret;
@@ -494,6 +497,12 @@ static void preempt_rebind_work_func(struct work_struct *w)
xe_assert(vm->xe, xe_vm_in_preempt_fence_mode(vm));
trace_xe_vm_rebind_worker_enter(vm);
+ /*
+ * This blocks the wq during suspend / hibernate.
+ * Don't hold any locks.
+ */
+retry_pm:
+ wait_for_completion(&vm->xe->pm_block);
down_write(&vm->lock);
if (xe_vm_is_closed_or_banned(vm)) {
@@ -503,6 +512,11 @@ static void preempt_rebind_work_func(struct work_struct *w)
}
retry:
+ if (!try_wait_for_completion(&vm->xe->pm_block)) {
+ up_write(&vm->lock);
+ goto retry_pm;
+ }
+
if (xe_vm_userptr_check_repin(vm)) {
err = xe_vm_userptr_pin(vm);
if (err)
--
2.50.1
2 weeks, 5 days
- 1
- 0
[PATCH 1/3] drm/xe: Attempt to bring bos back to VRAM after eviction
by Thomas Hellström
VRAM+TT bos that are evicted from VRAM to TT may remain in
TT also after a revalidation following eviction or suspend.
This manifests itself as applications becoming sluggish
after buffer objects get evicted or after a resume from
suspend or hibernation.
If the bo supports placement in both VRAM and TT, and
we are on DGFX, mark the TT placement as fallback. This means
that it is tried only after VRAM + eviction.
This flaw has probably been present since the xe module was
upstreamed but use a Fixes: commit below where backporting is
likely to be simple. For earlier versions we need to open-
code the fallback algorithm in the driver.
v2:
- Remove check for dgfx. (Matthew Auld)
- Update the xe_dma_buf kunit test for the new strategy (CI)
- Allow dma-buf to pin in current placement (CI)
- Make xe_bo_validate() for pinned bos a NOP.
Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/5995
Fixes: a78a8da51b36 ("drm/ttm: replace busy placement with flags v6")
Cc: Matthew Brost <matthew.brost(a)intel.com>
Cc: Matthew Auld <matthew.auld(a)intel.com>
Cc: <stable(a)vger.kernel.org> # v6.9+
Signed-off-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com>
Reviewed-by: Matthew Auld <matthew.auld(a)intel.com>
---
drivers/gpu/drm/xe/tests/xe_bo.c | 2 +-
drivers/gpu/drm/xe/tests/xe_dma_buf.c | 10 +---------
drivers/gpu/drm/xe/xe_bo.c | 16 ++++++++++++----
drivers/gpu/drm/xe/xe_bo.h | 2 +-
drivers/gpu/drm/xe/xe_dma_buf.c | 2 +-
5 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/drivers/gpu/drm/xe/tests/xe_bo.c b/drivers/gpu/drm/xe/tests/xe_bo.c
index bb469096d072..7b40cc8be1c9 100644
--- a/drivers/gpu/drm/xe/tests/xe_bo.c
+++ b/drivers/gpu/drm/xe/tests/xe_bo.c
@@ -236,7 +236,7 @@ static int evict_test_run_tile(struct xe_device *xe, struct xe_tile *tile, struc
}
xe_bo_lock(external, false);
- err = xe_bo_pin_external(external);
+ err = xe_bo_pin_external(external, false);
xe_bo_unlock(external);
if (err) {
KUNIT_FAIL(test, "external bo pin err=%pe\n",
diff --git a/drivers/gpu/drm/xe/tests/xe_dma_buf.c b/drivers/gpu/drm/xe/tests/xe_dma_buf.c
index cde9530bef8c..3f30d2cef917 100644
--- a/drivers/gpu/drm/xe/tests/xe_dma_buf.c
+++ b/drivers/gpu/drm/xe/tests/xe_dma_buf.c
@@ -85,15 +85,7 @@ static void check_residency(struct kunit *test, struct xe_bo *exported,
return;
}
- /*
- * If on different devices, the exporter is kept in system if
- * possible, saving a migration step as the transfer is just
- * likely as fast from system memory.
- */
- if (params->mem_mask & XE_BO_FLAG_SYSTEM)
- KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(exported, XE_PL_TT));
- else
- KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(exported, mem_type));
+ KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(exported, mem_type));
if (params->force_different_devices)
KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(imported, XE_PL_TT));
diff --git a/drivers/gpu/drm/xe/xe_bo.c b/drivers/gpu/drm/xe/xe_bo.c
index 4faf15d5fa6d..870f43347281 100644
--- a/drivers/gpu/drm/xe/xe_bo.c
+++ b/drivers/gpu/drm/xe/xe_bo.c
@@ -188,6 +188,8 @@ static void try_add_system(struct xe_device *xe, struct xe_bo *bo,
bo->placements[*c] = (struct ttm_place) {
.mem_type = XE_PL_TT,
+ .flags = (bo_flags & XE_BO_FLAG_VRAM_MASK) ?
+ TTM_PL_FLAG_FALLBACK : 0,
};
*c += 1;
}
@@ -2322,6 +2324,7 @@ uint64_t vram_region_gpu_offset(struct ttm_resource *res)
/**
* xe_bo_pin_external - pin an external BO
* @bo: buffer object to be pinned
+ * @in_place: Pin in current placement, don't attempt to migrate.
*
* Pin an external (not tied to a VM, can be exported via dma-buf / prime FD)
* BO. Unique call compared to xe_bo_pin as this function has it own set of
@@ -2329,7 +2332,7 @@ uint64_t vram_region_gpu_offset(struct ttm_resource *res)
*
* Returns 0 for success, negative error code otherwise.
*/
-int xe_bo_pin_external(struct xe_bo *bo)
+int xe_bo_pin_external(struct xe_bo *bo, bool in_place)
{
struct xe_device *xe = xe_bo_device(bo);
int err;
@@ -2338,9 +2341,11 @@ int xe_bo_pin_external(struct xe_bo *bo)
xe_assert(xe, xe_bo_is_user(bo));
if (!xe_bo_is_pinned(bo)) {
- err = xe_bo_validate(bo, NULL, false);
- if (err)
- return err;
+ if (!in_place) {
+ err = xe_bo_validate(bo, NULL, false);
+ if (err)
+ return err;
+ }
spin_lock(&xe->pinned.lock);
list_add_tail(&bo->pinned_link, &xe->pinned.late.external);
@@ -2493,6 +2498,9 @@ int xe_bo_validate(struct xe_bo *bo, struct xe_vm *vm, bool allow_res_evict)
};
int ret;
+ if (xe_bo_is_pinned(bo))
+ return 0;
+
if (vm) {
lockdep_assert_held(&vm->lock);
xe_vm_assert_held(vm);
diff --git a/drivers/gpu/drm/xe/xe_bo.h b/drivers/gpu/drm/xe/xe_bo.h
index 8cce413b5235..cfb1ec266a6d 100644
--- a/drivers/gpu/drm/xe/xe_bo.h
+++ b/drivers/gpu/drm/xe/xe_bo.h
@@ -200,7 +200,7 @@ static inline void xe_bo_unlock_vm_held(struct xe_bo *bo)
}
}
-int xe_bo_pin_external(struct xe_bo *bo);
+int xe_bo_pin_external(struct xe_bo *bo, bool in_place);
int xe_bo_pin(struct xe_bo *bo);
void xe_bo_unpin_external(struct xe_bo *bo);
void xe_bo_unpin(struct xe_bo *bo);
diff --git a/drivers/gpu/drm/xe/xe_dma_buf.c b/drivers/gpu/drm/xe/xe_dma_buf.c
index 346f857f3837..af64baf872ef 100644
--- a/drivers/gpu/drm/xe/xe_dma_buf.c
+++ b/drivers/gpu/drm/xe/xe_dma_buf.c
@@ -72,7 +72,7 @@ static int xe_dma_buf_pin(struct dma_buf_attachment *attach)
return ret;
}
- ret = xe_bo_pin_external(bo);
+ ret = xe_bo_pin_external(bo, true);
xe_assert(xe, !ret);
return 0;
--
2.50.1
2 weeks, 5 days
- 1
- 0
[PATCH] drm/xe: Attempt to bring bos back to VRAM after eviction
by Thomas Hellström
VRAM+TT bos that are evicted from VRAM to TT may remain in
TT also after a revalidation following eviction or suspend.
This manifests itself as applications becoming sluggish
after buffer objects get evicted or after a resume from
suspend or hibernation.
If the bo supports placement in both VRAM and TT, and
we are on DGFX, mark the TT placement as fallback. This means
that it is tried only after VRAM + eviction.
This flaw has probably been present since the xe module was
upstreamed but use a Fixes: commit below where backporting is
likely to be simple. For earlier versions we need to open-
code the fallback algorithm in the driver.
Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/5995
Fixes: a78a8da51b36 ("drm/ttm: replace busy placement with flags v6")
Cc: Matthew Brost <matthew.brost(a)intel.com>
Cc: Matthew Auld <matthew.auld(a)intel.com>
Cc: <stable(a)vger.kernel.org> # v6.9+
Signed-off-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com>
---
drivers/gpu/drm/xe/xe_bo.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/gpu/drm/xe/xe_bo.c b/drivers/gpu/drm/xe/xe_bo.c
index 4faf15d5fa6d..64dea4e478bd 100644
--- a/drivers/gpu/drm/xe/xe_bo.c
+++ b/drivers/gpu/drm/xe/xe_bo.c
@@ -188,6 +188,8 @@ static void try_add_system(struct xe_device *xe, struct xe_bo *bo,
bo->placements[*c] = (struct ttm_place) {
.mem_type = XE_PL_TT,
+ .flags = (IS_DGFX(xe) && (bo_flags & XE_BO_FLAG_VRAM_MASK)) ?
+ TTM_PL_FLAG_FALLBACK : 0,
};
*c += 1;
}
--
2.50.1
2 weeks, 5 days
- 3
- 7
[PATCH rtw v3 2/5] wifi: rtw89: fix tx_wait initialization race
by Fedor Pchelkin
Now that nullfunc skbs are recycled in a separate work item in the driver,
the following race during initialization and processing of those skbs
might lead to noticeable bugs:
Waiting thread Completing thread
rtw89_core_send_nullfunc()
rtw89_core_tx_write_link()
...
rtw89_pci_txwd_submit()
skb_data->wait = NULL
/* add skb to the queue */
skb_queue_tail(&txwd->queue, skb)
rtw89_pci_napi_poll()
...
rtw89_pci_release_txwd_skb()
/* get skb from the queue */
skb_unlink(skb, &txwd->queue)
rtw89_pci_tx_status()
rtw89_core_tx_wait_complete()
/* use incorrect skb_data->wait */
rtw89_core_tx_kick_off_and_wait()
/* assign skb_data->wait but too late */
The value of skb_data->wait indicates whether skb is passed on to the
core ieee80211 stack or released by the driver itself. So assure that by
the time skb is added to txwd queue and becomes visible to the completing
side, it has already allocated tx_wait-related data (in case it's needed).
Found by Linux Verification Center (linuxtesting.org).
Fixes: 1ae5ca615285 ("wifi: rtw89: add function to wait for completion of TX skbs")
Cc: stable(a)vger.kernel.org
Signed-off-by: Fedor Pchelkin <pchelkin(a)ispras.ru>
---
drivers/net/wireless/realtek/rtw89/core.c | 30 ++++++++++++++---------
drivers/net/wireless/realtek/rtw89/pci.c | 2 --
2 files changed, 18 insertions(+), 14 deletions(-)
diff --git a/drivers/net/wireless/realtek/rtw89/core.c b/drivers/net/wireless/realtek/rtw89/core.c
index 5c964283cd67..57f20559dfde 100644
--- a/drivers/net/wireless/realtek/rtw89/core.c
+++ b/drivers/net/wireless/realtek/rtw89/core.c
@@ -1094,20 +1094,12 @@ int rtw89_core_tx_kick_off_and_wait(struct rtw89_dev *rtwdev, struct sk_buff *sk
int qsel, unsigned int timeout)
{
struct rtw89_tx_skb_data *skb_data = RTW89_TX_SKB_CB(skb);
- struct rtw89_tx_wait_info *wait;
+ struct rtw89_tx_wait_info *wait = skb_data->wait;
unsigned long time_left;
int ret = 0;
lockdep_assert_wiphy(rtwdev->hw->wiphy);
- wait = kzalloc(sizeof(*wait), GFP_KERNEL);
- if (!wait) {
- rtw89_core_tx_kick_off(rtwdev, qsel);
- return 0;
- }
-
- init_completion(&wait->completion);
- rcu_assign_pointer(skb_data->wait, wait);
wait->skb = skb;
rtw89_core_tx_kick_off(rtwdev, qsel);
@@ -1172,10 +1164,12 @@ int rtw89_h2c_tx(struct rtw89_dev *rtwdev,
static int rtw89_core_tx_write_link(struct rtw89_dev *rtwdev,
struct rtw89_vif_link *rtwvif_link,
struct rtw89_sta_link *rtwsta_link,
- struct sk_buff *skb, int *qsel, bool sw_mld)
+ struct sk_buff *skb, int *qsel, bool sw_mld,
+ struct rtw89_tx_wait_info *wait)
{
struct ieee80211_sta *sta = rtwsta_link_to_sta_safe(rtwsta_link);
struct ieee80211_vif *vif = rtwvif_link_to_vif(rtwvif_link);
+ struct rtw89_tx_skb_data *skb_data = RTW89_TX_SKB_CB(skb);
struct rtw89_vif *rtwvif = rtwvif_link->rtwvif;
struct rtw89_core_tx_request tx_req = {};
int ret;
@@ -1192,6 +1186,8 @@ static int rtw89_core_tx_write_link(struct rtw89_dev *rtwdev,
rtw89_core_tx_update_desc_info(rtwdev, &tx_req);
rtw89_core_tx_wake(rtwdev, &tx_req);
+ rcu_assign_pointer(skb_data->wait, wait);
+
ret = rtw89_hci_tx_write(rtwdev, &tx_req);
if (ret) {
rtw89_err(rtwdev, "failed to transmit skb to HCI\n");
@@ -1228,7 +1224,8 @@ int rtw89_core_tx_write(struct rtw89_dev *rtwdev, struct ieee80211_vif *vif,
}
}
- return rtw89_core_tx_write_link(rtwdev, rtwvif_link, rtwsta_link, skb, qsel, false);
+ return rtw89_core_tx_write_link(rtwdev, rtwvif_link, rtwsta_link, skb, qsel, false,
+ NULL);
}
static __le32 rtw89_build_txwd_body0(struct rtw89_tx_desc_info *desc_info)
@@ -3426,6 +3423,7 @@ int rtw89_core_send_nullfunc(struct rtw89_dev *rtwdev, struct rtw89_vif_link *rt
struct ieee80211_vif *vif = rtwvif_link_to_vif(rtwvif_link);
int link_id = ieee80211_vif_is_mld(vif) ? rtwvif_link->link_id : -1;
struct rtw89_sta_link *rtwsta_link;
+ struct rtw89_tx_wait_info *wait;
struct ieee80211_sta *sta;
struct ieee80211_hdr *hdr;
struct rtw89_sta *rtwsta;
@@ -3435,6 +3433,12 @@ int rtw89_core_send_nullfunc(struct rtw89_dev *rtwdev, struct rtw89_vif_link *rt
if (vif->type != NL80211_IFTYPE_STATION || !vif->cfg.assoc)
return 0;
+ wait = kzalloc(sizeof(*wait), GFP_KERNEL);
+ if (!wait)
+ return -ENOMEM;
+
+ init_completion(&wait->completion);
+
rcu_read_lock();
sta = ieee80211_find_sta(vif, vif->cfg.ap_addr);
if (!sta) {
@@ -3459,7 +3463,8 @@ int rtw89_core_send_nullfunc(struct rtw89_dev *rtwdev, struct rtw89_vif_link *rt
goto out;
}
- ret = rtw89_core_tx_write_link(rtwdev, rtwvif_link, rtwsta_link, skb, &qsel, true);
+ ret = rtw89_core_tx_write_link(rtwdev, rtwvif_link, rtwsta_link, skb, &qsel, true,
+ wait);
if (ret) {
rtw89_warn(rtwdev, "nullfunc transmit failed: %d\n", ret);
dev_kfree_skb_any(skb);
@@ -3472,6 +3477,7 @@ int rtw89_core_send_nullfunc(struct rtw89_dev *rtwdev, struct rtw89_vif_link *rt
timeout);
out:
rcu_read_unlock();
+ kfree(wait);
return ret;
}
diff --git a/drivers/net/wireless/realtek/rtw89/pci.c b/drivers/net/wireless/realtek/rtw89/pci.c
index 4e3034b44f56..cb9682f306a6 100644
--- a/drivers/net/wireless/realtek/rtw89/pci.c
+++ b/drivers/net/wireless/realtek/rtw89/pci.c
@@ -1372,7 +1372,6 @@ static int rtw89_pci_txwd_submit(struct rtw89_dev *rtwdev,
struct pci_dev *pdev = rtwpci->pdev;
struct sk_buff *skb = tx_req->skb;
struct rtw89_pci_tx_data *tx_data = RTW89_PCI_TX_SKB_CB(skb);
- struct rtw89_tx_skb_data *skb_data = RTW89_TX_SKB_CB(skb);
bool en_wd_info = desc_info->en_wd_info;
u32 txwd_len;
u32 txwp_len;
@@ -1388,7 +1387,6 @@ static int rtw89_pci_txwd_submit(struct rtw89_dev *rtwdev,
}
tx_data->dma = dma;
- rcu_assign_pointer(skb_data->wait, NULL);
txwp_len = sizeof(*txwp_info);
txwd_len = chip->txwd_body_size;
--
2.51.0
2 weeks, 5 days
- 2
- 1
[PATCH] drm/mediatek: fix device leaks at bind
by Johan Hovold
Make sure to drop the references to the sibling platform devices and
their child drm devices taken by of_find_device_by_node() and
device_find_child() when initialising the driver data during bind().
Fixes: 1ef7ed48356c ("drm/mediatek: Modify mediatek-drm for mt8195 multi mmsys support")
Cc: stable(a)vger.kernel.org # 6.4
Cc: Nancy.Lin <nancy.lin(a)mediatek.com>
Signed-off-by: Johan Hovold <johan(a)kernel.org>
---
drivers/gpu/drm/mediatek/mtk_drm_drv.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/gpu/drm/mediatek/mtk_drm_drv.c b/drivers/gpu/drm/mediatek/mtk_drm_drv.c
index 7c0c12dde488..33b83576af7e 100644
--- a/drivers/gpu/drm/mediatek/mtk_drm_drv.c
+++ b/drivers/gpu/drm/mediatek/mtk_drm_drv.c
@@ -395,10 +395,12 @@ static bool mtk_drm_get_all_drm_priv(struct device *dev)
continue;
drm_dev = device_find_child(&pdev->dev, NULL, mtk_drm_match);
+ put_device(&pdev->dev);
if (!drm_dev)
continue;
temp_drm_priv = dev_get_drvdata(drm_dev);
+ put_device(drm_dev);
if (!temp_drm_priv)
continue;
--
2.49.1
2 weeks, 5 days
- 3
- 5
[PATCH rtw v3 1/5] wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()
by Fedor Pchelkin
There is a bug observed when rtw89_core_tx_kick_off_and_wait() tries to
access already freed skb_data:
BUG: KFENCE: use-after-free write in rtw89_core_tx_kick_off_and_wait drivers/net/wireless/realtek/rtw89/core.c:1110
CPU: 6 UID: 0 PID: 41377 Comm: kworker/u64:24 Not tainted 6.17.0-rc1+ #1 PREEMPT(lazy)
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS edk2-20250523-14.fc42 05/23/2025
Workqueue: events_unbound cfg80211_wiphy_work [cfg80211]
Use-after-free write at 0x0000000020309d9d (in kfence-#251):
rtw89_core_tx_kick_off_and_wait drivers/net/wireless/realtek/rtw89/core.c:1110
rtw89_core_scan_complete drivers/net/wireless/realtek/rtw89/core.c:5338
rtw89_hw_scan_complete_cb drivers/net/wireless/realtek/rtw89/fw.c:7979
rtw89_chanctx_proceed_cb drivers/net/wireless/realtek/rtw89/chan.c:3165
rtw89_chanctx_proceed drivers/net/wireless/realtek/rtw89/chan.h:141
rtw89_hw_scan_complete drivers/net/wireless/realtek/rtw89/fw.c:8012
rtw89_mac_c2h_scanofld_rsp drivers/net/wireless/realtek/rtw89/mac.c:5059
rtw89_fw_c2h_work drivers/net/wireless/realtek/rtw89/fw.c:6758
process_one_work kernel/workqueue.c:3241
worker_thread kernel/workqueue.c:3400
kthread kernel/kthread.c:463
ret_from_fork arch/x86/kernel/process.c:154
ret_from_fork_asm arch/x86/entry/entry_64.S:258
kfence-#251: 0x0000000056e2393d-0x000000009943cb62, size=232, cache=skbuff_head_cache
allocated by task 41377 on cpu 6 at 77869.159548s (0.009551s ago):
__alloc_skb net/core/skbuff.c:659
__netdev_alloc_skb net/core/skbuff.c:734
ieee80211_nullfunc_get net/mac80211/tx.c:5844
rtw89_core_send_nullfunc drivers/net/wireless/realtek/rtw89/core.c:3431
rtw89_core_scan_complete drivers/net/wireless/realtek/rtw89/core.c:5338
rtw89_hw_scan_complete_cb drivers/net/wireless/realtek/rtw89/fw.c:7979
rtw89_chanctx_proceed_cb drivers/net/wireless/realtek/rtw89/chan.c:3165
rtw89_chanctx_proceed drivers/net/wireless/realtek/rtw89/chan.c:3194
rtw89_hw_scan_complete drivers/net/wireless/realtek/rtw89/fw.c:8012
rtw89_mac_c2h_scanofld_rsp drivers/net/wireless/realtek/rtw89/mac.c:5059
rtw89_fw_c2h_work drivers/net/wireless/realtek/rtw89/fw.c:6758
process_one_work kernel/workqueue.c:3241
worker_thread kernel/workqueue.c:3400
kthread kernel/kthread.c:463
ret_from_fork arch/x86/kernel/process.c:154
ret_from_fork_asm arch/x86/entry/entry_64.S:258
freed by task 1045 on cpu 9 at 77869.168393s (0.001557s ago):
ieee80211_tx_status_skb net/mac80211/status.c:1117
rtw89_pci_release_txwd_skb drivers/net/wireless/realtek/rtw89/pci.c:564
rtw89_pci_release_tx_skbs.isra.0 drivers/net/wireless/realtek/rtw89/pci.c:651
rtw89_pci_release_tx drivers/net/wireless/realtek/rtw89/pci.c:676
rtw89_pci_napi_poll drivers/net/wireless/realtek/rtw89/pci.c:4238
__napi_poll net/core/dev.c:7495
net_rx_action net/core/dev.c:7557 net/core/dev.c:7684
handle_softirqs kernel/softirq.c:580
do_softirq.part.0 kernel/softirq.c:480
__local_bh_enable_ip kernel/softirq.c:407
rtw89_pci_interrupt_threadfn drivers/net/wireless/realtek/rtw89/pci.c:927
irq_thread_fn kernel/irq/manage.c:1133
irq_thread kernel/irq/manage.c:1257
kthread kernel/kthread.c:463
ret_from_fork arch/x86/kernel/process.c:154
ret_from_fork_asm arch/x86/entry/entry_64.S:258
It is a consequence of a race between the waiting and the signaling side
of the completion:
Waiting thread Completing thread
rtw89_core_tx_kick_off_and_wait()
rcu_assign_pointer(skb_data->wait, wait)
/* start waiting */
wait_for_completion_timeout()
rtw89_pci_tx_status()
rtw89_core_tx_wait_complete()
rcu_read_lock()
/* signals completion and
* proceeds further
*/
complete(&wait->completion)
rcu_read_unlock()
...
/* frees skb_data */
ieee80211_tx_status_ni()
/* returns (exit status doesn't matter) */
wait_for_completion_timeout()
...
/* accesses the already freed skb_data */
rcu_assign_pointer(skb_data->wait, NULL)
The completing side might proceed and free the underlying skb even before
the waiting side is fully awoken and run to execution. Actually the race
happens regardless of wait_for_completion_timeout() exit status, e.g.
the waiting side may hit a timeout and the concurrent completing side is
still able to free the skb.
Skbs which are sent by rtw89_core_tx_kick_off_and_wait() are owned by the
driver. They don't come from core ieee80211 stack so no need to pass them
to ieee80211_tx_status_ni() on completing side.
Introduce a work function which will act as a garbage collector for
rtw89_tx_wait_info objects and the associated skbs. Thus no potentially
heavy locks are required on the completing side.
Found by Linux Verification Center (linuxtesting.org).
Fixes: 1ae5ca615285 ("wifi: rtw89: add function to wait for completion of TX skbs")
Cc: stable(a)vger.kernel.org
Suggested-by: Zong-Zhe Yang <kevin_yang(a)realtek.com>
Signed-off-by: Fedor Pchelkin <pchelkin(a)ispras.ru>
---
v3: - decrease waiting timeout in rtw89_tx_wait_work() (Zong-Zhe)
- clear tx_waits list from rtw89_hci_reset(), too (Zong-Zhe)
- keep RCU updating for skb_data->wait (Zong-Zhe)
- keep the old order of calls in rtw89_pci_tx_status() (Zong-Zhe)
- drop wait->finished as complete_all() would make the completion be
done permanently (me)
v2: - use a work function to manage release of tx_waits and associated skbs (Zong-Zhe)
FWIW, I think RCU locking becomes unnecessary after the next patch
[PATCH rtw v3 2/5] wifi: rtw89: fix tx_wait initialization race
but let's keep it if you feel that's more safe.
drivers/net/wireless/realtek/rtw89/core.c | 28 ++++++++++++++---
drivers/net/wireless/realtek/rtw89/core.h | 38 +++++++++++++++++++++--
drivers/net/wireless/realtek/rtw89/pci.c | 3 +-
drivers/net/wireless/realtek/rtw89/ser.c | 2 ++
4 files changed, 63 insertions(+), 8 deletions(-)
diff --git a/drivers/net/wireless/realtek/rtw89/core.c b/drivers/net/wireless/realtek/rtw89/core.c
index 57590f5577a3..5c964283cd67 100644
--- a/drivers/net/wireless/realtek/rtw89/core.c
+++ b/drivers/net/wireless/realtek/rtw89/core.c
@@ -1073,6 +1073,14 @@ rtw89_core_tx_update_desc_info(struct rtw89_dev *rtwdev,
}
}
+static void rtw89_tx_wait_work(struct wiphy *wiphy, struct wiphy_work *work)
+{
+ struct rtw89_dev *rtwdev = container_of(work, struct rtw89_dev,
+ tx_wait_work);
+
+ rtw89_tx_wait_list_clear(rtwdev);
+}
+
void rtw89_core_tx_kick_off(struct rtw89_dev *rtwdev, u8 qsel)
{
u8 ch_dma;
@@ -1090,6 +1098,8 @@ int rtw89_core_tx_kick_off_and_wait(struct rtw89_dev *rtwdev, struct sk_buff *sk
unsigned long time_left;
int ret = 0;
+ lockdep_assert_wiphy(rtwdev->hw->wiphy);
+
wait = kzalloc(sizeof(*wait), GFP_KERNEL);
if (!wait) {
rtw89_core_tx_kick_off(rtwdev, qsel);
@@ -1098,17 +1108,22 @@ int rtw89_core_tx_kick_off_and_wait(struct rtw89_dev *rtwdev, struct sk_buff *sk
init_completion(&wait->completion);
rcu_assign_pointer(skb_data->wait, wait);
+ wait->skb = skb;
rtw89_core_tx_kick_off(rtwdev, qsel);
time_left = wait_for_completion_timeout(&wait->completion,
msecs_to_jiffies(timeout));
- if (time_left == 0)
+
+ if (time_left == 0) {
ret = -ETIMEDOUT;
- else if (!wait->tx_done)
- ret = -EAGAIN;
+ list_add_tail(&wait->list, &rtwdev->tx_waits);
+ wiphy_work_queue(rtwdev->hw->wiphy, &rtwdev->tx_wait_work);
- rcu_assign_pointer(skb_data->wait, NULL);
- kfree_rcu(wait, rcu_head);
+ } else {
+ if (!wait->tx_done)
+ ret = -EAGAIN;
+ rtw89_tx_wait_release(&wait->rcu_head);
+ }
return ret;
}
@@ -4972,6 +4987,7 @@ void rtw89_core_stop(struct rtw89_dev *rtwdev)
clear_bit(RTW89_FLAG_RUNNING, rtwdev->flags);
wiphy_work_cancel(wiphy, &rtwdev->c2h_work);
+ wiphy_work_cancel(wiphy, &rtwdev->tx_wait_work);
wiphy_work_cancel(wiphy, &rtwdev->cancel_6ghz_probe_work);
wiphy_work_cancel(wiphy, &btc->eapol_notify_work);
wiphy_work_cancel(wiphy, &btc->arp_notify_work);
@@ -5203,6 +5219,7 @@ int rtw89_core_init(struct rtw89_dev *rtwdev)
INIT_LIST_HEAD(&rtwdev->scan_info.pkt_list[band]);
}
INIT_LIST_HEAD(&rtwdev->scan_info.chan_list);
+ INIT_LIST_HEAD(&rtwdev->tx_waits);
INIT_WORK(&rtwdev->ba_work, rtw89_core_ba_work);
INIT_WORK(&rtwdev->txq_work, rtw89_core_txq_work);
INIT_DELAYED_WORK(&rtwdev->txq_reinvoke_work, rtw89_core_txq_reinvoke_work);
@@ -5233,6 +5250,7 @@ int rtw89_core_init(struct rtw89_dev *rtwdev)
wiphy_work_init(&rtwdev->c2h_work, rtw89_fw_c2h_work);
wiphy_work_init(&rtwdev->ips_work, rtw89_ips_work);
wiphy_work_init(&rtwdev->cancel_6ghz_probe_work, rtw89_cancel_6ghz_probe_work);
+ wiphy_work_init(&rtwdev->tx_wait_work, rtw89_tx_wait_work);
INIT_WORK(&rtwdev->load_firmware_work, rtw89_load_firmware_work);
skb_queue_head_init(&rtwdev->c2h_queue);
diff --git a/drivers/net/wireless/realtek/rtw89/core.h b/drivers/net/wireless/realtek/rtw89/core.h
index 43e10278e14d..9b22bb116af9 100644
--- a/drivers/net/wireless/realtek/rtw89/core.h
+++ b/drivers/net/wireless/realtek/rtw89/core.h
@@ -3506,9 +3506,12 @@ struct rtw89_phy_rate_pattern {
bool enable;
};
+#define RTW89_TX_WAIT_DEFAULT_TIMEOUT 10
struct rtw89_tx_wait_info {
struct rcu_head rcu_head;
+ struct list_head list;
struct completion completion;
+ struct sk_buff *skb;
bool tx_done;
};
@@ -5925,6 +5928,9 @@ struct rtw89_dev {
/* used to protect rpwm */
spinlock_t rpwm_lock;
+ struct list_head tx_waits;
+ struct wiphy_work tx_wait_work;
+
struct rtw89_cam_info cam_info;
struct sk_buff_head c2h_queue;
@@ -6181,6 +6187,30 @@ rtw89_assoc_link_rcu_dereference(struct rtw89_dev *rtwdev, u8 macid)
list_first_entry_or_null(&p->dlink_pool, typeof(*p->links_inst), dlink_schd); \
})
+static inline void rtw89_tx_wait_release(struct rcu_head *rcu_head)
+{
+ struct rtw89_tx_wait_info *wait =
+ container_of(rcu_head, struct rtw89_tx_wait_info, rcu_head);
+
+ dev_kfree_skb_any(wait->skb);
+ kfree(wait);
+}
+
+static inline void rtw89_tx_wait_list_clear(struct rtw89_dev *rtwdev)
+{
+ struct rtw89_tx_wait_info *wait, *tmp;
+
+ lockdep_assert_wiphy(rtwdev->hw->wiphy);
+
+ list_for_each_entry_safe(wait, tmp, &rtwdev->tx_waits, list) {
+ if (!wait_for_completion_timeout(&wait->completion,
+ RTW89_TX_WAIT_DEFAULT_TIMEOUT))
+ continue;
+ list_del(&wait->list);
+ call_rcu(&wait->rcu_head, rtw89_tx_wait_release);
+ }
+}
+
static inline int rtw89_hci_tx_write(struct rtw89_dev *rtwdev,
struct rtw89_core_tx_request *tx_req)
{
@@ -6190,6 +6220,7 @@ static inline int rtw89_hci_tx_write(struct rtw89_dev *rtwdev,
static inline void rtw89_hci_reset(struct rtw89_dev *rtwdev)
{
rtwdev->hci.ops->reset(rtwdev);
+ rtw89_tx_wait_list_clear(rtwdev);
}
static inline int rtw89_hci_start(struct rtw89_dev *rtwdev)
@@ -7258,11 +7289,12 @@ static inline struct sk_buff *rtw89_alloc_skb_for_rx(struct rtw89_dev *rtwdev,
return dev_alloc_skb(length);
}
-static inline void rtw89_core_tx_wait_complete(struct rtw89_dev *rtwdev,
+static inline bool rtw89_core_tx_wait_complete(struct rtw89_dev *rtwdev,
struct rtw89_tx_skb_data *skb_data,
bool tx_done)
{
struct rtw89_tx_wait_info *wait;
+ bool ret = false;
rcu_read_lock();
@@ -7270,11 +7302,13 @@ static inline void rtw89_core_tx_wait_complete(struct rtw89_dev *rtwdev,
if (!wait)
goto out;
+ ret = true;
wait->tx_done = tx_done;
- complete(&wait->completion);
+ complete_all(&wait->completion);
out:
rcu_read_unlock();
+ return ret;
}
static inline bool rtw89_is_mlo_1_1(struct rtw89_dev *rtwdev)
diff --git a/drivers/net/wireless/realtek/rtw89/pci.c b/drivers/net/wireless/realtek/rtw89/pci.c
index a669f2f843aa..4e3034b44f56 100644
--- a/drivers/net/wireless/realtek/rtw89/pci.c
+++ b/drivers/net/wireless/realtek/rtw89/pci.c
@@ -464,7 +464,8 @@ static void rtw89_pci_tx_status(struct rtw89_dev *rtwdev,
struct rtw89_tx_skb_data *skb_data = RTW89_TX_SKB_CB(skb);
struct ieee80211_tx_info *info;
- rtw89_core_tx_wait_complete(rtwdev, skb_data, tx_status == RTW89_TX_DONE);
+ if (rtw89_core_tx_wait_complete(rtwdev, skb_data, tx_status == RTW89_TX_DONE))
+ return;
info = IEEE80211_SKB_CB(skb);
ieee80211_tx_info_clear_status(info);
diff --git a/drivers/net/wireless/realtek/rtw89/ser.c b/drivers/net/wireless/realtek/rtw89/ser.c
index bb39fdbcba0d..fe7beff8c424 100644
--- a/drivers/net/wireless/realtek/rtw89/ser.c
+++ b/drivers/net/wireless/realtek/rtw89/ser.c
@@ -502,7 +502,9 @@ static void ser_reset_trx_st_hdl(struct rtw89_ser *ser, u8 evt)
}
drv_stop_rx(ser);
+ wiphy_lock(wiphy);
drv_trx_reset(ser);
+ wiphy_unlock(wiphy);
/* wait m3 */
hal_send_m2_event(ser);
--
2.51.0
2 weeks, 5 days
- 2
- 1
[PATCH 6.1 000/482] 6.1.149-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 6.1.149 release.
There are 482 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 28 Aug 2025 11:08:22 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.149-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 6.1.149-rc1
Florian Westphal <fw(a)strlen.de>
netfilter: nf_reject: don't leak dst refcount for loopback packets
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Enable limited access during lockdown
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
Hangbin Liu <liuhangbin(a)gmail.com>
bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU
Aahil Awatramani <aahila(a)google.com>
bonding: Add independent control state machine
Hangbin Liu <liuhangbin(a)gmail.com>
bonding: update LACP activity flag after setting lacp_active
William Liu <will(a)willsroot.io>
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
William Liu <will(a)willsroot.io>
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
ValdikSS <iam(a)valdikss.org.ru>
igc: fix disabling L1.2 PCI-E link substate on I226 on init
Jason Xing <kernelxing(a)tencent.com>
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Jordan Rhee <jordanrhee(a)google.com>
gve: prevent ethtool ops after shutdown
Yuichiro Tsuji <yuichtsu(a)amazon.com>
net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization
Horatiu Vultur <horatiu.vultur(a)microchip.com>
phy: mscc: Fix timestamping for vsc8584
Qingfang Deng <dqfext(a)gmail.com>
ppp: fix race conditions in ppp_fill_forward_path
Qingfang Deng <dqfext(a)gmail.com>
net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path
Minhong He <heminhong(a)kylinos.cn>
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Jakub Ramaseuski <jramaseu(a)redhat.com>
net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM
Chenyuan Yang <chenyuan0y(a)gmail.com>
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
Dan Carpenter <dan.carpenter(a)linaro.org>
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Baihan Li <libaihan(a)huawei.com>
drm/hisilicon/hibmc: fix the hibmc loaded failed bug
Ido Schimmel <idosch(a)nvidia.com>
mlxsw: spectrum: Forward packets with an IPv4 link-local source IP
Sergey Shtylyov <s.shtylyov(a)omp.ru>
Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync()
Kees Cook <kees(a)kernel.org>
iommu/amd: Avoid stack buffer overflow from kernel cmdline
Dan Carpenter <dan.carpenter(a)linaro.org>
scsi: qla4xxx: Prevent a potential error pointer dereference
Wang Liang <wangliang74(a)huawei.com>
net: bridge: fix soft lockup in br_multicast_query_expired()
Anantha Prabhu <anantha.prabhu(a)broadcom.com>
RDMA/bnxt_re: Fix to initialize the PBL array
Boshi Yu <boshiyu(a)linux.alibaba.com>
RDMA/erdma: Fix ignored return value of init_kernel_qp
Nitin Gote <nitin.r.gote(a)intel.com>
iosys-map: Fix undefined behavior in iosys_map_clear()
Waiman Long <longman(a)redhat.com>
cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key
Tianxiang Peng <txpeng(a)tencent.com>
x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper
Jan Beulich <jbeulich(a)suse.com>
compiler: remove __ADDRESSABLE_ASM{_STR,}() again
David Lechner <dlechner(a)baylibre.com>
iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read()
Jonathan Cameron <Jonathan.Cameron(a)huawei.com>
iio: light: as73211: Ensure buffer holes are zeroed
Pu Lehui <pulehui(a)huawei.com>
tracing: Limit access to parser->buffer when trace_get_user failed
Steven Rostedt <rostedt(a)goodmis.org>
tracing: Remove unneeded goto out logic
Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com>
iio: imu: inv_icm42600: change invalid data error to -EBUSY
Jakub Kicinski <kuba(a)kernel.org>
tls: fix handling of zero-length records on the rx_list
Mikhail Lobanov <m.lobanov(a)rosa.ru>
wifi: mac80211: check basic rates validity in sta_link_apply_parameters
Benjamin Berg <benjamin.berg(a)intel.com>
wifi: mac80211: avoid lockdep checking when removing deflink
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
selftests: mptcp: pm: check flush doesn't reset limits
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Don't overclock DCE 6 by 15%
Jinjiang Tu <tujinjiang(a)huawei.com>
mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: Add a new function to simplify the code
Bjorn Helgaas <bhelgaas(a)google.com>
mmc: sdhci-pci-gli: Use PCI AER definitions, not hard-coded values
Imre Deak <imre.deak(a)intel.com>
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Geliang Tang <tanggeliang(a)kylinos.cn>
mptcp: disable add_addr retransmission when timeout is 0
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in dnode page
Chao Yu <chao(a)kernel.org>
f2fs: fix to call clear_page_private_reference in .{release,invalid}_folio
Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com>
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Gokul krishna Krishnakumar <quic_gokukris(a)quicinc.com>
soc: qcom: mdt_loader: Enhance split binary detection
Geraldo Nascimento <geraldogabriel(a)gmail.com>
PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining
Geraldo Nascimento <geraldogabriel(a)gmail.com>
PCI: rockchip: Use standard PCIe definitions
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers
Baokun Li <libaokun1(a)huawei.com>
ext4: preserve SB_I_VERSION on remount
André Draszik <andre.draszik(a)linaro.org>
scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE
Judith Mendez <jm(a)ti.com>
arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support
Selvarasu Ganesan <selvarasu.g(a)samsung.com>
usb: dwc3: Remove WARN_ON for device endpoint command timeouts
Kuen-Han Tsai <khtsai(a)google.com>
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Zenm Chen <zenmchen(a)gmail.com>
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Thorsten Blum <thorsten.blum(a)linux.dev>
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Mael GUERIN <mael.guerin(a)murena.io>
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Marek Vasut <marek.vasut+renesas(a)mailbox.org>
usb: renesas-xhci: Fix External ROM access timeouts
Xu Yang <xu.yang_2(a)nxp.com>
usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()
Edward Adam Davis <eadavis(a)qq.com>
comedi: pcl726: Prevent invalid irq number
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Make insn_rw_emulate_bits() do insn->n samples
Miao Li <limiao(a)kylinos.cn>
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
Miaoqian Lin <linmq006(a)gmail.com>
most: core: Drop device reference after usage in get_channel()
David Lechner <dlechner(a)baylibre.com>
iio: proximity: isl29501: fix buffered read on big-endian systems
Salah Triki <salah.triki(a)gmail.com>
iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe()
Steven Rostedt <rostedt(a)goodmis.org>
ftrace: Also allocate and copy hash for reading of filter files
Xu Yilun <yilun.xu(a)linux.intel.com>
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Al Viro <viro(a)zeniv.linux.org.uk>
use uniform permission checks for all mount propagation changes
Ye Bin <yebin10(a)huawei.com>
fs/buffer: fix use-after-free when call bh_read() helper
Stefan Metzmacher <metze(a)samba.org>
smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy()
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix DP audio DTO1 clock source on DCE 6.
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd/display: Avoid a NULL pointer dereference
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/sclp: Fix SCCB present check
Evgeniy Harchenko <evgeniyharchenko.dev(a)gmail.com>
ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6
Herton R. Krzesinski <herton(a)redhat.com>
mm/debug_vm_pgtable: clear page table entries at destroy_args()
Phillip Lougher <phillip(a)squashfs.org.uk>
squashfs: fix memory leak in squashfs_fill_super
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency
Jiayi Li <lijiayi(a)kylinos.cn>
memstick: Fix deadlock by moving removing flag earlier
Will Deacon <will(a)kernel.org>
KVM: arm64: Fix kernel BUG() due to bad backport of FPSIMD/SVE/SME fix
Chao Gao <chao.gao(a)intel.com>
KVM: VMX: Flush shadow VMCS on emergency reboot
Sean Christopherson <seanjc(a)google.com>
x86/reboot: KVM: Handle VMXOFF in KVM's reboot callback
Sean Christopherson <seanjc(a)google.com>
x86/reboot: Harden virtualization hooks for emergency reboot
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
kbuild: userprogs: use correct linker when mixing clang and GNU ld
Sumanth Gavini <sumanth.gavini(a)yahoo.com>
Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync
Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com>
selftests/memfd: add test for mapping write-sealed memfd read-only
Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com>
mm: reinstate ability to map write-sealed memfd mappings read-only
Lorenzo Stoakes <lstoakes(a)gmail.com>
mm: update memfd seal write check to include F_SEAL_WRITE
Lorenzo Stoakes <lstoakes(a)gmail.com>
mm: drop the assumption that VM_SHARED always implies writable
Paolo Abeni <pabeni(a)redhat.com>
mptcp: reset fallback status gracefully at disconnect() time
Paolo Abeni <pabeni(a)redhat.com>
mptcp: plug races between subflow fail and subflow creation
Paolo Abeni <pabeni(a)redhat.com>
mptcp: make fallback action and fallback decision atomic
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer
Nianyao Tang <tangnianyao(a)huawei.com>
arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 register
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - fix ring to service map for QAT GEN4
Sabrina Dubroca <sd(a)queasysnail.net>
tls: separate no-async decryption request handling from async
Qu Wenruo <wqu(a)suse.com>
btrfs: populate otime when logging an inode item
Damien Le Moal <dlemoal(a)kernel.org>
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
Johan Hovold <johan(a)kernel.org>
usb: dwc3: imx8mp: fix device leak at unbind
Tzung-Bi Shih <tzungbi(a)kernel.org>
platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister()
Tzung-Bi Shih <tzungbi(a)kernel.org>
platform/chrome: cros_ec: remove unneeded label and if-condition
Chen-Yu Tsai <wenst(a)chromium.org>
platform/chrome: cros_ec: Use per-device lockdep key
Johan Hovold <johan(a)kernel.org>
usb: musb: omap2430: fix device leak at unbind
Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de>
usb: musb: omap2430: Convert to platform remove callback returning void
Vedang Nagar <quic_vnagar(a)quicinc.com>
media: venus: Fix OOB read due to missing payload bound check
Konrad Dybcio <konrad.dybcio(a)linaro.org>
media: venus: Introduce accessors for remapped hfi_buffer_reqs members
Anshuman Khandual <anshuman.khandual(a)arm.com>
mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd()
Davide Caratti <dcaratti(a)redhat.com>
net/sched: ets: use old 'nbands' while purging unused classes
Eric Dumazet <edumazet(a)google.com>
net_sched: sch_ets: implement lockless ets_dump()
Filipe Manana <fdmanana(a)suse.com>
btrfs: send: use fallocate for hole punching with send stream v2
Christoph Hellwig <hch(a)lst.de>
xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags
Filipe Manana <fdmanana(a)suse.com>
btrfs: abort transaction on unexpected eb generation at btrfs_copy_root()
Filipe Manana <fdmanana(a)suse.com>
btrfs: qgroup: fix race between quota disable and quota rescan ioctl
Sebastian Reichel <sebastian.reichel(a)collabora.com>
usb: typec: fusb302: cache PD RX state
Shyam Prasad N <sprasad(a)microsoft.com>
cifs: reset iface weights when we cannot find a candidate
Lukas Wunner <lukas(a)wunner.de>
PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports
Damien Le Moal <dlemoal(a)kernel.org>
block: Make REQ_OP_ZONE_FINISH a write operation
Christoph Hellwig <hch(a)lst.de>
block: reject invalid operation in submit_bio_noacct
Eric Biggers <ebiggers(a)kernel.org>
fscrypt: Don't use problematic non-inline crypto engines
Johan Hovold <johan(a)kernel.org>
net: enetc: fix device and OF node leak at probe
Lin.Cao <lincao12(a)amd.com>
drm/sched: Remove optimization that causes hang when killing dependent jobs
Ada Couprie Diaz <ada.coupriediaz(a)arm.com>
arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()
Nathan Chancellor <nathan(a)kernel.org>
ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS
Filipe Manana <fdmanana(a)suse.com>
btrfs: fix qgroup reservation leak on failure to allocate ordered extent
Eric Dumazet <edumazet(a)google.com>
net: add netdev_lockdep_set_classes() to virtual drivers
Yazen Ghannam <yazen.ghannam(a)amd.com>
x86/mce/amd: Add default names for MCA banks and blocks
Kan Liang <kan.liang(a)linux.intel.com>
perf/x86/intel: Fix crash in icl_update_topdown_event()
Zhang Lixu <lixu.zhang(a)intel.com>
iio: hid-sensor-prox: Fix incorrect OFFSET calculation
Zhang Lixu <lixu.zhang(a)intel.com>
iio: hid-sensor-prox: Restore lost scale assignments
Chao Yu <chao(a)kernel.org>
f2fs: fix to do sanity check on ino and xnid
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
mptcp: pm: kernel: flush: do not reset ADD_ADDR limit
Christoph Paasch <cpaasch(a)openai.com>
mptcp: drop skb if MPTCP skb extension allocation fails
Chen Yu <yu.c.chen(a)intel.com>
ACPI: pfr_update: Fix the driver update version check
Eric Biggers <ebiggers(a)kernel.org>
ipv6: sr: Fix MAC comparison to be constant-time
Jakub Acs <acsjakub(a)amazon.de>
net, hsr: reject HSR frame if skb can't hold tag
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Don't overwrite dce60_clk_mgr
Amber Lin <Amber.Lin(a)amd.com>
drm/amdkfd: Destroy KFD debugfs after destroy KFD wq
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu: update mmhub 3.0.1 client id mappings
Gang Ba <Gang.Ba(a)amd.com>
drm/amdgpu: Avoid extra evict-restore process.
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd: Restore cached power limit during resume
Ricardo Ribalda <ribalda(a)chromium.org>
media: venus: venc: Clamp param smaller than 1fps and bigger than 240
Ricardo Ribalda <ribalda(a)chromium.org>
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: protect against spurious interrupts during probe
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: hfi: explicitly release IRQ during teardown
Vedang Nagar <quic_vnagar(a)quicinc.com>
media: venus: Add a check for packet size after reading from shared memory
Vladimir Zapolskiy <vladimir.zapolskiy(a)linaro.org>
media: qcom: camss: cleanup media device allocated resource on error path
Zhang Shurong <zhang_shurong(a)foxmail.com>
media: ov2659: Fix memory leaks in ov2659_probe()
Gui-Dong Han <hanguidong02(a)gmail.com>
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Ludwig Disterhof <ludwig(a)disterhof.eu>
media: usbtv: Lock resolution while streaming
Sakari Ailus <sakari.ailus(a)linux.intel.com>
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Hans Verkuil <hverkuil(a)xs4all.nl>
media: vivid: fix wrong pixel_array control size
Haoxiang Li <haoxiang_li2024(a)163.com>
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
Bingbu Cao <bingbu.cao(a)intel.com>
media: hi556: correct the test pattern configuration
Dan Carpenter <dan.carpenter(a)linaro.org>
media: gspca: Add bounds checking to firmware parser
John David Anglin <dave.anglin(a)bell.net>
parisc: Update comments in make_insert_tlb
John David Anglin <dave.anglin(a)bell.net>
parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault()
John David Anglin <dave.anglin(a)bell.net>
parisc: Revise gateway LWS calls to probe user read access
John David Anglin <dave.anglin(a)bell.net>
parisc: Revise __get_user() to probe user read access
Randy Dunlap <rdunlap(a)infradead.org>
parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers
John David Anglin <dave.anglin(a)bell.net>
parisc: Check region is readable by user in raw_copy_from_user()
Jon Hunter <jonathanh(a)nvidia.com>
soc/tegra: pmc: Ensure power-domains are in a known state
Baokun Li <libaokun1(a)huawei.com>
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
Will Deacon <will(a)kernel.org>
vhost/vsock: Avoid allocating arbitrarily-sized SKBs
Will Deacon <will(a)kernel.org>
vsock/virtio: Validate length in packet header before skb_put()
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group removal on driver teardown
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group list head handling
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: renesas: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: fsmc: Add missing check after DMA map
Gabor Juhos <j4g8y7(a)gmail.com>
mtd: spinand: propagate spinand_wait() errors from spinand_write_page()
Michael Walle <mwalle(a)kernel.org>
mtd: spi-nor: Fix spi_nor_try_unlock_all()
Tim Harvey <tharvey(a)gateworks.com>
hwmon: (gsc-hwmon) fix fan pwm setpoint show functions
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Fix duty and period setting
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Handle hardware enable and clock enable separately
Laurentiu Mihalcea <laurentiu.mihalcea(a)nxp.com>
pwm: imx-tpm: Reset counter if CMOD is 0
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix dest ring-buffer corruption when ring is full
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix source ring-buffer corruption
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix dest ring-buffer corruption
Nathan Chancellor <nathan(a)kernel.org>
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad_sigma_delta: change to buffer predisable
David Lechner <dlechner(a)baylibre.com>
iio: imu: bno055: fix OOB access of hw_xlate array
Marek Szyprowski <m.szyprowski(a)samsung.com>
zynq_fpga: use sgtable-based scatterlist wrappers
Adrian Hunter <adrian.hunter(a)intel.com>
scsi: ufs: ufs-pci: Fix default runtime and system PM levels
Archana Patni <archana.patni(a)intel.com>
scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-scsi: Fix ata_to_sense_error() status handling
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: mpi3mr: Fix race between config read submit and interrupt completion
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints
Zhang Yi <yi.zhang(a)huawei.com>
ext4: fix hole length calculation overflow in non-extent inodes
Liao Yuanhong <liaoyuanhong(a)vivo.com>
ext4: use kmalloc_array() for array space allocation
Theodore Ts'o <tytso(a)mit.edu>
ext4: don't try to clear the orphan_present feature block device is r/o
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix reserved gdt blocks handling in fsmap
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix fsmap end of range reporting with bigalloc
Andreas Dilger <adilger(a)dilger.ca>
ext4: check fast symlink for ea_inode correctly
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: extend the connection limiting mechanism to support IPv6
Helge Deller <deller(a)gmx.de>
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
Eric Biggers <ebiggers(a)kernel.org>
lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: defkeymap: Map keycodes above 127 to K_HOLE
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: keyboard: Don't process Unicode characters in K_OFF mode
Youssef Samir <quic_yabdulra(a)quicinc.com>
bus: mhi: host: Detect events pointing to unexpected TREs
Alexander Wilhelm <alexander.wilhelm(a)westermo.com>
bus: mhi: host: Fix endianness of BHI vector table
Johan Hovold <johan(a)kernel.org>
usb: dwc3: meson-g12a: fix device leaks at unbind
Johan Hovold <johan(a)kernel.org>
usb: gadget: udc: renesas_usb3: fix device leak at unbind
Nathan Chancellor <nathan(a)kernel.org>
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
Finn Thain <fthain(a)linux-m68k.org>
m68k: Fix lost column on framebuffer debug console
Dan Carpenter <dan.carpenter(a)linaro.org>
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
Yunhui Cui <cuiyunhui(a)bytedance.com>
serial: 8250: fix panic due to PSLVERR
Aditya Garg <gargaditya08(a)live.com>
HID: apple: avoid setting up battery timer for devices without battery
Aditya Garg <gargaditya08(a)live.com>
HID: magicmouse: avoid setting up battery timer when not needed
Willy Tarreau <w(a)1wt.eu>
tools/nolibc: fix spelling of FD_SETBITMASK in FD_* macros
Ricardo Ribalda <ribalda(a)chromium.org>
media: uvcvideo: Do not mark valid metadata as invalid
Youngjun Lee <yjjuny.lee(a)samsung.com>
media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()
Breno Leitao <leitao(a)debian.org>
mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
Waiman Long <longman(a)redhat.com>
mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup()
Randy Dunlap <rdunlap(a)infradead.org>
parisc: Makefile: fix a typo in palo.conf
Haiyang Zhang <haiyangz(a)microsoft.com>
hv_netvsc: Fix panic during namespace deletion with VF
Sravan Kumar Gundu <sravankumarlpu(a)gmail.com>
fbdev: Fix vmalloc out-of-bounds write in fast_imageblit
Qu Wenruo <wqu(a)suse.com>
btrfs: do not allow relocation of partially dropped subvolumes
Filipe Manana <fdmanana(a)suse.com>
btrfs: fix log tree replay failure due to file with 0 links and extents
Naohiro Aota <naohiro.aota(a)wdc.com>
btrfs: zoned: do not remove unwritten non-data block group
Filipe Manana <fdmanana(a)suse.com>
btrfs: abort transaction during log replay if walk_log_tree() failed
Johannes Thumshirn <johannes.thumshirn(a)wdc.com>
btrfs: zoned: use filesystem size not disk size for reclaim decision
Oliver Neukum <oneukum(a)suse.com>
cdc-acm: fix race between initial clearing halt and open
Eric Biggers <ebiggers(a)kernel.org>
thunderbolt: Fix copy+paste error in match_service_id()
Ian Abbott <abbotti(a)mev.co.uk>
comedi: fix race between polling and detaching
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
usb: typec: ucsi: Update power_supply on power role change
Ricky Wu <ricky_wu(a)realtek.com>
misc: rtsx: usb: Ensure mmc child device is active when card is present
Xinyu Liu <katieeliu(a)tencent.com>
usb: core: config: Prevent OOB read in SS endpoint companion parsing
Baokun Li <libaokun1(a)huawei.com>
ext4: fix largest free orders lists corruption on mb_optimize_scan switch
Baokun Li <libaokun1(a)huawei.com>
ext4: fix zombie groups in average fragment size lists
Jack Xiao <Jack.Xiao(a)amd.com>
drm/amdgpu: fix incorrect vm flags to map bo
Shengjiu Wang <shengjiu.wang(a)nxp.com>
ASoC: fsl_sai: replace regmap_write with regmap_update_bits
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: fsl: merge DAI call back functions into ops
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: soc-dai.h: merge DAI call back functions into ops
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: soc-dai.c: add missing flag check at snd_soc_pcm_dai_probe()
Jiasheng Jiang <jiashengjiangcool(a)gmail.com>
scsi: lpfc: Remove redundant assignment to avoid memory leak
Meagan Lloyd <meaganlloyd(a)linux.microsoft.com>
rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix uninited ptr deref in block/scsi layout
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Handle RPC size limit for layoutcommits
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix disk addr range check in block/scsi layout
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix stripe mapping in block/scsi layout
John Garry <john.g.garry(a)oracle.com>
block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
Cezary Rojewski <cezary.rojewski(a)intel.com>
ASoC: Intel: avs: Fix uninitialized pointer error in probe()
Buday Csaba <buday.csaba(a)prolan.hu>
net: phy: smsc: add proper reset flags for LAN8710A
Corey Minyard <corey(a)minyard.net>
ipmi: Fix strcpy source and destination the same
Yann E. MORIN <yann.morin.1998(a)free.fr>
kconfig: lxdialog: fix 'space' to (de)select options
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: gconf: fix potential memory leak in renderer_edited()
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed()
Breno Leitao <leitao(a)debian.org>
ipmi: Use dev_warn_ratelimited() for incorrect message warnings
Artem Sadovnikov <a.sadovnikov(a)ispras.ru>
vfio/mlx5: fix possible overflow in tracking max message size
John Garry <john.g.garry(a)oracle.com>
scsi: aacraid: Stop using PCI_IRQ_AFFINITY
Maurizio Lombardi <mlombard(a)redhat.com>
scsi: target: core: Generate correct identifiers for PR OUT transport IDs
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans
Shankari Anand <shankari.ak0208(a)gmail.com>
kconfig: nconf: Ensure null termination where strncpy is used
Keith Busch <kbusch(a)kernel.org>
vfio/type1: conditional rescheduling while pinning
Suchit Karunakaran <suchitkarunakaran(a)gmail.com>
kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c
fangzhong.zhou <myth5(a)myth5.com>
i2c: Force DLL0945 touchpad i2c freq to 100khz
Mateusz Guzik <mjguzik(a)gmail.com>
apparmor: use the condition in AA_BUG_FMT even with debug disabled
Benjamin Marzinski <bmarzins(a)redhat.com>
dm-table: fix checking for rq stackable devices
Mikulas Patocka <mpatocka(a)redhat.com>
dm-mpath: don't print the "loaded" message if registering fails
Jorge Marques <jorge.marques(a)analog.com>
i3c: master: Initialize ret in i3c_i2c_notifier_call()
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i3c: don't fail if GETHDRCAP is unsupported
Meagan Lloyd <meaganlloyd(a)linux.microsoft.com>
rtc: ds1307: handle oscillator stop flag (OSF) for ds1341
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i3c: add missing include to internal header
Petr Pavlu <petr.pavlu(a)suse.com>
module: Prevent silent truncation of module name in delete_module(2)
Purva Yeshi <purvayeshi550(a)gmail.com>
md: dm-zoned-target: Initialize return variable r to avoid uninitialized use
Bharat Bhushan <bbhushan2(a)marvell.com>
crypto: octeontx2 - add timeout for load_fvc completion poll
chenchangcheng <chenchangcheng(a)kylinos.cn>
media: uvcvideo: Fix bandwidth issue for Alcor camera
Alex Guo <alexguo1023(a)gmail.com>
media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar
Alex Guo <alexguo1023(a)gmail.com>
media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
media: usb: hdpvr: disable zero-length read messages
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Increase FIFO trigger level to 374
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Return an appropriate colorspace from tc358743_set_fmt
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Check I2C succeeded during probe
Cheick Traore <cheick.traore(a)foss.st.com>
pinctrl: stm32: Manage irq affinity settings
Damien Le Moal <dlemoal(a)kernel.org>
scsi: mpi3mr: Correctly handle ATA device errors
Damien Le Moal <dlemoal(a)kernel.org>
scsi: mpt3sas: Correctly handle ATA device errors
Justin Tee <justin.tee(a)broadcom.com>
scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure
Arnd Bergmann <arnd(a)arndb.de>
RDMA/core: reduce stack using in nldev_stat_get_doit()
Yury Norov [NVIDIA] <yury.norov(a)gmail.com>
RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()
Amelie Delaunay <amelie.delaunay(a)foss.st.com>
dmaengine: stm32-dma: configure next sg only if there are more than 2 sgs
Johan Adolfsson <johan.adolfsson(a)axis.com>
leds: leds-lp50xx: Handle reg to get correct multi_index
Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se>
media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control
Shiji Yang <yangshiji66(a)outlook.com>
MIPS: lantiq: falcon: sysctrl: fix request memory check logic
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
MIPS: Don't crash in stack_top() for tasks without ABI or vDSO
Arnaud Lecomte <contact(a)arnaud-lcm.com>
jfs: upper bound check of tree index in dbAllocAG
Edward Adam Davis <eadavis(a)qq.com>
jfs: Regular file corruption check
Lizhi Xu <lizhi.xu(a)windriver.com>
jfs: truncate good inode pages when hard link is 0
jackysliu <1972843537(a)qq.com>
scsi: bfa: Double-free fix
Ziyan Fu <fuzy5(a)lenovo.com>
watchdog: iTCO_wdt: Report error if timeout configuration fails
Shiji Yang <yangshiji66(a)outlook.com>
MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free}
Florin Leotescu <florin.leotescu(a)nxp.com>
hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state
Sebastian Reichel <sebastian.reichel(a)collabora.com>
watchdog: dw_wdt: Fix default timeout
Amir Mohammad Jahangirzad <a.jahangirzad(a)gmail.com>
fs/orangefs: use snprintf() instead of sprintf()
Showrya M N <showrya(a)chelsio.com>
scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated
Theodore Ts'o <tytso(a)mit.edu>
ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
Zhiqi Song <songzhiqi1(a)huawei.com>
crypto: hisilicon/hpre - fix dma unmap sequence
Yongzhen Zhang <zhangyongzhen(a)kylinos.cn>
fbdev: fix potential buffer overflow in do_register_framebuffer()
Pali Rohár <pali(a)kernel.org>
cifs: Fix calling CIFSFindFirst() for root path without msearch
Aaron Plattner <aplattner(a)nvidia.com>
watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd/display: Only finalize atomic_obj if it was initialized
Jason Wang <jasowang(a)redhat.com>
vhost: fail early when __vhost_add_used() fails
Will Deacon <will(a)kernel.org>
vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325
Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com>
drm/ttm: Respect the shrinker core free target
Yonghong Song <yonghong.song(a)linux.dev>
selftests/bpf: Fix a user_ringbuf failure with arm64 64KB page size
Jakub Kicinski <kuba(a)kernel.org>
uapi: in6: restore visibility of most IPv6 socket options
Emily Deng <Emily.Deng(a)amd.com>
drm/ttm: Should to return the evict error
Hari Kalavakunta <kalavakunta.hari.prasad(a)gmail.com>
net: ncsi: Fix buffer overflow in fetching version id
Shannon Nelson <shannon.nelson(a)amd.com>
ionic: clean dbpage in de-init
Thomas Fourier <fourier.thomas(a)gmail.com>
wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc()
Breno Leitao <leitao(a)debian.org>
ptp: Use ratelimite for freerun error message
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: prevent SWITCH_CTRL access on BCM5325
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: prevent DIS_LEARNING access on BCM5325
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: fix b53_imp_vlan_setup for BCM5325
Alok Tiwari <alok.a.tiwari(a)oracle.com>
gve: Return error for unknown admin queue command
Gal Pressman <gal(a)nvidia.com>
net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual
Heiner Kallweit <hkallweit1(a)gmail.com>
dpaa_eth: don't use fixed_phy_change_carrier
Nicolas Escande <nico.escande(a)gmail.com>
neighbour: add support for NUD_PERMANENT proxy entries
Stanislaw Gruszka <stf_xl(a)wp.pl>
wifi: iwlegacy: Check rate_idx range after addition
Mina Almasry <almasrymina(a)google.com>
netmem: fix skb_frag_address_safe with unreadable skbs
Thomas Fourier <fourier.thomas(a)gmail.com>
powerpc: floppy: Add missing checks after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`.
Ramya Gnanasekar <ramya.gnanasekar(a)oss.qualcomm.com>
wifi: mac80211: update radar_required in channel context after channel switch
Wen Chen <Wen.Chen3(a)amd.com>
drm/amd/display: Fix 'failed to blank crtc!'
Pagadala Yesu Anjaneyulu <pagadala.yesu.anjaneyulu(a)intel.com>
wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect
Rand Deeb <rand.sec96(a)gmail.com>
wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd()
Ilya Bakoulin <Ilya.Bakoulin(a)amd.com>
drm/amd/display: Separate set_gsl from set_gsl_source_select
Jonas Rebmann <jre(a)pengutronix.de>
net: fec: allow disable coalescing
Eric Work <work.eric(a)gmail.com>
net: atlantic: add set_power to fw_ops for atl2 to fix wol
zhangjianrong <zhangjianrong5(a)huawei.com>
net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths()
zhangjianrong <zhangjianrong5(a)huawei.com>
net: thunderbolt: Enable end-to-end flow control also in transmit
Mark Brown <broonie(a)kernel.org>
kselftest/arm64: Specify SVE data when testing VL set in sve-ptrace
Bitterblue Smith <rtl8821cerfe2(a)gmail.com>
wifi: rtw89: Disable deep power saving for USB/SDIO
Bitterblue Smith <rtl8821cerfe2(a)gmail.com>
wifi: rtw89: Fix rtw89_mac_power_switch() for USB
Rob Clark <robdclark(a)chromium.org>
drm/msm: use trylock for debugfs
Kuniyuki Iwashima <kuniyu(a)google.com>
ipv6: mcast: Check inet6_dev->dead under idev->mc_lock in __ipv6_dev_mc_inc().
Thomas Fourier <fourier.thomas(a)gmail.com>
(powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer
Johannes Berg <johannes.berg(a)intel.com>
wifi: mac80211: don't complete management TX on SAE commit
Chris Mason <clm(a)fb.com>
sched/fair: Bump sd->max_newidle_lb_cost when newidle balance fails
Sven Schnelle <svens(a)linux.ibm.com>
s390/stp: Remove udelay from stp_sync_clock()
Avraham Stern <avraham.stern(a)intel.com>
wifi: iwlwifi: mvm: fix scan request validation
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
um: Re-evaluate thread flags repeatedly
Alok Tiwari <alok.a.tiwari(a)oracle.com>
net: thunderx: Fix format-truncation warning in bgx_acpi_match_id()
Oscar Maes <oscmaes92(a)gmail.com>
net: ipv4: fix incorrect MTU in broadcast routes
Ilan Peer <ilan.peer(a)intel.com>
wifi: cfg80211: Fix interface type validation
Matt Johnston <matt(a)codeconstruct.com.au>
net: mctp: Prevent duplicate binds
Paul E. McKenney <paulmck(a)kernel.org>
rcu: Protect ->defer_qs_iw_pending from data race
Breno Leitao <leitao(a)debian.org>
arm64: Mark kernel as tainted on SAE and SError panic
Leon Romanovsky <leon(a)kernel.org>
net/mlx5e: Properly access RCU protected qdisc_sleeping variable
Thomas Fourier <fourier.thomas(a)gmail.com>
net: ag71xx: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
et131x: Add missing check after DMA map
Bitterblue Smith <rtl8821cerfe2(a)gmail.com>
wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB
Alok Tiwari <alok.a.tiwari(a)oracle.com>
be2net: Use correct byte order and format string for TCP seq and ack_seq
Sven Schnelle <svens(a)linux.ibm.com>
s390/time: Use monotonic clock in get_cycles()
Johannes Berg <johannes.berg(a)intel.com>
wifi: cfg80211: reject HTC bit for management frames
Steven Rostedt <rostedt(a)goodmis.org>
ktest.pl: Prevent recursion of default variable options
Oliver Neukum <oneukum(a)suse.com>
net: usb: cdc-ncm: check for filtering capability
Anthoine Bourgeois <anthoine.bourgeois(a)vates.tech>
xen/netfront: Fix TX response spurious interrupts
Xinxin Wan <xinxin.wan(a)intel.com>
ASoC: codecs: rt5640: Retry DEVICE_ID verification
Jonathan Santos <Jonathan.Santos(a)analog.com>
iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement
Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com>
ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros
Christophe Leroy <christophe.leroy(a)csgroup.eu>
ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop
Lucy Thrun <lucy.thrun(a)digital-rabbithole.de>
ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
Tomasz Michalec <tmichalec(a)google.com>
platform/chrome: cros_ec_typec: Defer probe on missing EC parent
Kees Cook <kees(a)kernel.org>
platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches
Gautham R. Shenoy <gautham.shenoy(a)amd.com>
pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop()
Oliver Neukum <oneukum(a)suse.com>
usb: core: usb_submit_urb: downgrade type check
Tomasz Michalec <tmichalec(a)google.com>
usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present
Peter Ujfalusi <peter.ujfalusi(a)linux.intel.com>
ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()
Alok Tiwari <alok.a.tiwari(a)oracle.com>
ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4
Mark Brown <broonie(a)kernel.org>
ASoC: hdac_hdmi: Rate limit logging on connection and disconnection
Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com>
x86/bugs: Avoid warning when overriding return thunk
Takashi Iwai <tiwai(a)suse.de>
ALSA: hda: Disable jack polling at shutdown
Takashi Iwai <tiwai(a)suse.de>
ALSA: hda: Handle the jack polling always via a work
Ulf Hansson <ulf.hansson(a)linaro.org>
mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode()
Hans de Goede <hansg(a)kernel.org>
mei: bus: Check for still connected devices in mei_cl_bus_dev_release()
Peter Robinson <pbrobinson(a)gmail.com>
reset: brcmstb: Enable reset drivers for ARCH_BCM2835
Eliav Farber <farbere(a)amazon.com>
pps: clients: gpio: fix interrupt handling order in remove path
Breno Leitao <leitao(a)debian.org>
ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path
Sarthak Garg <quic_sartgarg(a)quicinc.com>
mmc: sdhci-msm: Ensure SD card power isn't ON when card removed
Sebastian Ott <sebott(a)redhat.com>
ACPI: processor: fix acpi_object initialization
tuhaowen <tuhaowen(a)uniontech.com>
PM: sleep: console: Fix the black screen issue
Hsin-Te Yuan <yuanhsinte(a)chromium.org>
thermal: sysfs: Return ENODATA instead of EAGAIN for reads
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit()
Zhu Qiyu <qiyuzhu2(a)amd.com>
ACPI: PRM: Reduce unnecessary printing to avoid user confusion
Masami Hiramatsu (Google) <mhiramat(a)kernel.org>
selftests: tracing: Use mutex_unlock for testing glob filter
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
tools/build: Fix s390(x) cross-compilation with clang
Aaron Kling <webgeek1234(a)gmail.com>
ARM: tegra: Use I/O memcpy to write to IRAM
Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
gpio: tps65912: check the return value of regmap_update_bits()
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad_sigma_delta: don't overallocate scan buffer
Thomas Weißschuh <linux(a)weissschuh.net>
tools/nolibc: define time_t in terms of __kernel_old_time_t
David Collins <david.collins(a)oss.qualcomm.com>
thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed
Shubhrajyoti Datta <shubhrajyoti.datta(a)amd.com>
EDAC/synopsys: Clear the ECC counters on init
Lifeng Zheng <zhenglifeng1(a)huawei.com>
PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store()
Alexander Kochetkov <al.kochet(a)gmail.com>
ARM: rockchip: fix kernel hang during smp initialization
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Exit governor when failed to start old governor
Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
gpio: wcd934x: check the return value of regmap_update_bits()
Hiago De Franco <hiago.franco(a)toradex.com>
remoteproc: imx_rproc: skip clock enable when M-core is managed by the SCU
Mario Limonciello <mario.limonciello(a)amd.com>
usb: xhci: Avoid showing errors during surprise removal
Jay Chen <shawn2000100(a)gmail.com>
usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command
Mario Limonciello <mario.limonciello(a)amd.com>
usb: xhci: Avoid showing warnings for dying controller
Benson Leung <bleung(a)chromium.org>
usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default
Cynthia Huang <cynthia(a)andestech.com>
selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t
Prashant Malani <pmalani(a)google.com>
cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag
Su Hui <suhui(a)nfschina.com>
usb: xhci: print xhci->xhc_state when queue_command failed
Al Viro <viro(a)zeniv.linux.org.uk>
securityfs: don't pin dentries twice, once is enough...
Al Viro <viro(a)zeniv.linux.org.uk>
fix locking in efi_secret_unlink()
Wei Gao <wegao(a)suse.com>
ext2: Handle fiemap on empty files to prevent EINVAL
Rong Zhang <ulin0208(a)gmail.com>
fs/ntfs3: correctly create symlink for relative path
Lizhi Xu <lizhi.xu(a)windriver.com>
fs/ntfs3: Add sanity check for file name
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-sata: Disallow changing LPM state if not supported
Al Viro <viro(a)zeniv.linux.org.uk>
better lockdep annotations for simple_recursive_removal()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfs: fix not erasing deleted b-tree node issue
Sarah Newman <srn(a)prgmr.com>
drbd: add missing kref_get in handle_write_conflicts
Jan Kara <jack(a)suse.cz>
udf: Verify partition map count
NeilBrown <neil(a)brown.name>
smb/server: avoid deadlock when linking with ReplaceIfExists
Kees Cook <kees(a)kernel.org>
arm64: Handle KCOV __init vs inline mismatches
Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp>
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfs: fix slab-out-of-bounds in hfs_bnode_read()
Florian Westphal <fw(a)strlen.de>
netfilter: ctnetlink: fix refcount leak on table dump
Sabrina Dubroca <sd(a)queasysnail.net>
udp: also consider secpath when evaluating ipsec use for checksumming
Maxim Levitsky <mlevitsk(a)redhat.com>
KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest
Maxim Levitsky <mlevitsk(a)redhat.com>
KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs
Maxim Levitsky <mlevitsk(a)redhat.com>
KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter
Sean Christopherson <seanjc(a)google.com>
KVM: VMX: Extract checking of guest's DEBUGCTL into helper
Sean Christopherson <seanjc(a)google.com>
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Fully defer to vendor code to decide how to force immediate exit
Sean Christopherson <seanjc(a)google.com>
KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers
Sean Christopherson <seanjc(a)google.com>
KVM: VMX: Handle forced exit due to preemption timer in fastpath
Sean Christopherson <seanjc(a)google.com>
KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint
Sean Christopherson <seanjc(a)google.com>
KVM: x86/pmu: Gate all "unimplemented MSR" prints on report_ignored_msrs
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Snapshot the host's DEBUGCTL in common x86
Chao Gao <chao.gao(a)intel.com>
KVM: nVMX: Defer SVI update to vmcs01 on EOI when L2 is active w/o VID
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update()
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC)
Sean Christopherson <seanjc(a)google.com>
KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
ACPI: processor: perflib: Move problematic pr->performance check
Jiayi Li <lijiayi(a)kylinos.cn>
ACPI: processor: perflib: Fix initial _PPC limit application
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
Documentation: ACPI: Fix parent device references
Jann Horn <jannh(a)google.com>
eventpoll: Fix semi-unbounded recursion
Sasha Levin <sashal(a)kernel.org>
fs: Prevent file descriptor table allocations exceeding INT_MAX
Ma Ke <make24(a)iscas.ac.cn>
sunvdc: Balance device refcount in vdc_port_mpgroup_check
Haoran Jiang <jianghaoran(a)kylinos.cn>
LoongArch: BPF: Fix jump offset calculation in tailcall
Huacai Chen <chenhuacai(a)kernel.org>
PCI: Extend isolated function probing to LoongArch
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix the setting of capabilities when automounting a new filesystem
Dai Ngo <dai.ngo(a)oracle.com>
NFSD: detect mismatch of file handle and delegation stateid in OPEN op
Jeff Layton <jlayton(a)kernel.org>
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
Xu Yang <xu.yang_2(a)nxp.com>
net: usb: asix_devices: add phy_mask for ax88772 mdio bus
Johan Hovold <johan(a)kernel.org>
net: dpaa: fix device leak when querying time stamp info
Johan Hovold <johan(a)kernel.org>
net: mtk_eth_soc: fix device leak at probe
Johan Hovold <johan(a)kernel.org>
net: gianfar: fix device leak when querying time stamp info
Florian Larysch <fl(a)n621.de>
net: phy: micrel: fix KSZ8081/KSZ8091 cable test
Fedor Pchelkin <pchelkin(a)ispras.ru>
netlink: avoid infinite retry looping in netlink_unicast()
David Thompson <davthompson(a)nvidia.com>
gpio: mlxbf2: use platform_get_irq_optional()
Harald Mommer <harald.mommer(a)oss.qualcomm.com>
gpio: virtio: Fix config space reading.
Wang Zhaolong <wangzhaolong(a)huaweicloud.com>
smb: client: remove redundant lstrp update in negotiate protocol
Steve French <stfrench(a)microsoft.com>
smb3: fix for slab out of bounds on mount to ksmbd
Christopher Eby <kreed(a)kreed.org>
ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks
Vasiliy Kovalev <kovalev(a)altlinux.org>
ALSA: hda/realtek: Fix headset mic on HONOR BRB-X
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Validate UAC3 power domain descriptors, too
Pavel Begunkov <asml.silence(a)gmail.com>
io_uring: don't use int for ABI
-------------
Diffstat:
.../bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2 +-
.../display/sprd/sprd,sharkl3-dsi-host.yaml | 2 +-
Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 +-
Documentation/networking/bonding.rst | 12 ++
Documentation/networking/mptcp-sysctl.rst | 2 +
Makefile | 6 +-
arch/arm/Makefile | 2 +-
arch/arm/mach-rockchip/platsmp.c | 15 +-
arch/arm/mach-tegra/reset.c | 2 +-
arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1 -
arch/arm64/include/asm/acpi.h | 2 +-
arch/arm64/kernel/cpufeature.c | 1 +
arch/arm64/kernel/entry.S | 6 +
arch/arm64/kernel/fpsimd.c | 4 +-
arch/arm64/kernel/traps.c | 1 +
arch/arm64/mm/fault.c | 1 +
arch/arm64/mm/ptdump_debugfs.c | 3 -
arch/loongarch/net/bpf_jit.c | 21 +-
arch/m68k/kernel/head.S | 31 ++-
arch/mips/crypto/chacha-core.S | 20 +-
arch/mips/include/asm/vpe.h | 8 +
arch/mips/kernel/process.c | 16 +-
arch/mips/lantiq/falcon/sysctrl.c | 23 +--
arch/parisc/Makefile | 6 +-
arch/parisc/include/asm/special_insns.h | 28 +++
arch/parisc/include/asm/uaccess.h | 21 +-
arch/parisc/kernel/entry.S | 17 +-
arch/parisc/kernel/syscall.S | 30 ++-
arch/parisc/lib/memcpy.c | 19 +-
arch/parisc/mm/fault.c | 4 +
arch/powerpc/include/asm/floppy.h | 5 +-
arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 +-
arch/s390/hypfs/hypfs_dbfs.c | 19 +-
arch/s390/include/asm/timex.h | 13 +-
arch/s390/kernel/time.c | 2 +-
arch/s390/mm/dump_pagetables.c | 2 -
arch/um/include/asm/thread_info.h | 4 +
arch/um/kernel/process.c | 18 +-
arch/x86/events/intel/core.c | 2 +-
arch/x86/include/asm/kvm-x86-ops.h | 2 -
arch/x86/include/asm/kvm_host.h | 24 ++-
arch/x86/include/asm/msr-index.h | 1 +
arch/x86/include/asm/reboot.h | 5 +-
arch/x86/include/asm/virtext.h | 10 -
arch/x86/include/asm/xen/hypercall.h | 5 +-
arch/x86/kernel/cpu/bugs.c | 5 +-
arch/x86/kernel/cpu/hygon.c | 3 +
arch/x86/kernel/cpu/mce/amd.c | 13 +-
arch/x86/kernel/reboot.c | 43 ++--
arch/x86/kvm/hyperv.c | 10 +-
arch/x86/kvm/lapic.c | 61 ++++--
arch/x86/kvm/lapic.h | 1 +
arch/x86/kvm/svm/svm.c | 49 +++--
arch/x86/kvm/svm/vmenter.S | 9 +-
arch/x86/kvm/trace.h | 9 +-
arch/x86/kvm/vmx/nested.c | 26 ++-
arch/x86/kvm/vmx/pmu_intel.c | 8 +-
arch/x86/kvm/vmx/vmx.c | 183 +++++++++++------
arch/x86/kvm/vmx/vmx.h | 31 ++-
arch/x86/kvm/x86.c | 65 +++---
arch/x86/kvm/x86.h | 12 ++
block/blk-core.c | 26 ++-
block/blk-settings.c | 2 +-
drivers/acpi/acpi_processor.c | 2 +-
drivers/acpi/apei/ghes.c | 2 +
drivers/acpi/pfr_update.c | 2 +-
drivers/acpi/prmt.c | 26 ++-
drivers/acpi/processor_perflib.c | 11 +
drivers/ata/Kconfig | 35 +++-
drivers/ata/libata-sata.c | 5 +
drivers/ata/libata-scsi.c | 20 +-
drivers/base/power/runtime.c | 5 +
drivers/block/drbd/drbd_receiver.c | 6 +-
drivers/block/sunvdc.c | 4 +-
drivers/bus/mhi/host/boot.c | 8 +-
drivers/bus/mhi/host/internal.h | 4 +-
drivers/bus/mhi/host/main.c | 12 +-
drivers/char/ipmi/ipmi_msghandler.c | 8 +-
drivers/char/ipmi/ipmi_watchdog.c | 59 ++++--
drivers/comedi/comedi_fops.c | 38 +++-
drivers/comedi/comedi_internal.h | 1 +
drivers/comedi/drivers.c | 40 ++--
drivers/comedi/drivers/pcl726.c | 3 +-
drivers/cpufreq/armada-8k-cpufreq.c | 2 +-
drivers/cpufreq/cppc_cpufreq.c | 2 +-
drivers/cpufreq/cpufreq.c | 8 +-
drivers/crypto/hisilicon/hpre/hpre_crypto.c | 8 +-
.../crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 16 +-
drivers/crypto/qat/qat_4xxx/adf_4xxx_hw_data.c | 13 ++
drivers/crypto/qat/qat_common/adf_accel_devices.h | 1 +
drivers/crypto/qat/qat_common/adf_gen4_hw_data.h | 6 +
drivers/crypto/qat/qat_common/adf_init.c | 3 +
drivers/devfreq/governor_userspace.c | 6 +-
drivers/dma/stm32-dma.c | 2 +-
drivers/edac/synopsys_edac.c | 93 ++++-----
drivers/fpga/zynq-fpga.c | 10 +-
drivers/gpio/gpio-mlxbf2.c | 2 +-
drivers/gpio/gpio-tps65912.c | 7 +-
drivers/gpio/gpio-virtio.c | 9 +-
drivers/gpio/gpio-wcd934x.c | 7 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6 +-
drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 +++---
drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2 +-
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 6 +-
.../gpu/drm/amd/display/dc/bios/command_table.c | 2 +-
drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1 -
.../amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2 -
.../amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 ++--
.../amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 +--
drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11 +-
.../gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 +
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6 +
drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 37 ++--
drivers/gpu/drm/display/drm_dp_helper.c | 2 +-
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4 +-
drivers/gpu/drm/msm/msm_gem.c | 3 +-
drivers/gpu/drm/msm/msm_gem.h | 6 +
drivers/gpu/drm/scheduler/sched_entity.c | 21 +-
drivers/gpu/drm/ttm/ttm_pool.c | 8 +-
drivers/gpu/drm/ttm/ttm_resource.c | 3 +
drivers/hid/hid-apple.c | 13 +-
drivers/hid/hid-magicmouse.c | 56 ++++--
drivers/hwmon/emc2305.c | 10 +-
drivers/hwmon/gsc-hwmon.c | 4 +-
drivers/i2c/i2c-core-acpi.c | 1 +
drivers/i3c/internals.h | 1 +
drivers/i3c/master.c | 4 +-
drivers/iio/adc/ad7768-1.c | 23 ++-
drivers/iio/adc/ad_sigma_delta.c | 6 +-
drivers/iio/imu/bno055/bno055.c | 11 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 6 +-
drivers/iio/light/as73211.c | 2 +-
drivers/iio/light/hid-sensor-prox.c | 8 +-
drivers/iio/pressure/bmp280-core.c | 9 +-
drivers/iio/proximity/isl29501.c | 14 +-
drivers/iio/temperature/maxim_thermocouple.c | 26 ++-
drivers/infiniband/core/nldev.c | 22 +-
drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 +
drivers/infiniband/hw/erdma/erdma_verbs.c | 4 +-
drivers/infiniband/hw/hfi1/affinity.c | 44 ++--
drivers/iommu/amd/init.c | 4 +-
drivers/leds/leds-lp50xx.c | 11 +-
drivers/md/dm-ps-historical-service-time.c | 4 +-
drivers/md/dm-ps-queue-length.c | 4 +-
drivers/md/dm-ps-round-robin.c | 4 +-
drivers/md/dm-ps-service-time.c | 4 +-
drivers/md/dm-table.c | 10 +-
drivers/md/dm-zoned-target.c | 2 +-
drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 +-
drivers/media/dvb-frontends/dib7000p.c | 8 +
drivers/media/i2c/hi556.c | 26 +--
drivers/media/i2c/ov2659.c | 3 +-
drivers/media/i2c/tc358743.c | 86 +++++---
drivers/media/platform/qcom/camss/camss.c | 4 +-
drivers/media/platform/qcom/venus/core.c | 8 +-
drivers/media/platform/qcom/venus/core.h | 2 +
drivers/media/platform/qcom/venus/helpers.c | 2 +-
drivers/media/platform/qcom/venus/hfi_helper.h | 61 +++++-
drivers/media/platform/qcom/venus/hfi_msgs.c | 85 +++++---
drivers/media/platform/qcom/venus/hfi_venus.c | 5 +
drivers/media/platform/qcom/venus/vdec.c | 13 +-
drivers/media/platform/qcom/venus/vdec_ctrls.c | 2 +-
drivers/media/platform/qcom/venus/venc.c | 9 +-
drivers/media/platform/qcom/venus/venc_ctrls.c | 2 +-
drivers/media/test-drivers/vivid/vivid-ctrls.c | 3 +-
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4 +-
drivers/media/usb/gspca/vicam.c | 10 +-
drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 +
drivers/media/usb/usbtv/usbtv-video.c | 4 +
drivers/media/usb/uvc/uvc_driver.c | 3 +
drivers/media/usb/uvc/uvc_video.c | 21 +-
drivers/media/v4l2-core/v4l2-common.c | 8 +-
drivers/media/v4l2-core/v4l2-ctrls-core.c | 1 -
drivers/memstick/core/memstick.c | 1 -
drivers/memstick/host/rtsx_usb_ms.c | 1 +
drivers/misc/cardreader/rtsx_usb.c | 16 +-
drivers/misc/mei/bus.c | 6 +
drivers/mmc/host/rtsx_usb_sdmmc.c | 4 +-
drivers/mmc/host/sdhci-msm.c | 14 ++
drivers/mmc/host/sdhci-pci-gli.c | 33 +--
drivers/most/core.c | 2 +-
drivers/mtd/nand/raw/fsmc_nand.c | 2 +
drivers/mtd/nand/raw/renesas-nand-controller.c | 6 +
drivers/mtd/nand/spi/core.c | 5 +-
drivers/mtd/spi-nor/swp.c | 19 +-
drivers/net/bonding/bond_3ad.c | 224 ++++++++++++++++++---
drivers/net/bonding/bond_main.c | 1 +
drivers/net/bonding/bond_netlink.c | 16 ++
drivers/net/bonding/bond_options.c | 29 ++-
drivers/net/dsa/b53/b53_common.c | 63 ++++--
drivers/net/dsa/b53/b53_regs.h | 2 +
drivers/net/dummy.c | 1 +
drivers/net/ethernet/agere/et131x.c | 36 ++++
drivers/net/ethernet/aquantia/atlantic/aq_hw.h | 2 +
.../aquantia/atlantic/hw_atl2/hw_atl2_utils_fw.c | 39 ++++
drivers/net/ethernet/atheros/ag71xx.c | 9 +
drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 +-
drivers/net/ethernet/emulex/benet/be_main.c | 8 +-
drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 2 -
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 +-
drivers/net/ethernet/freescale/enetc/enetc_pf.c | 14 +-
drivers/net/ethernet/freescale/fec_main.c | 34 ++--
drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 +-
drivers/net/ethernet/google/gve/gve_adminq.c | 1 +
drivers/net/ethernet/google/gve/gve_main.c | 2 +
drivers/net/ethernet/intel/igc/igc_main.c | 14 +-
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 +-
drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2 +
drivers/net/ethernet/mediatek/mtk_wed.c | 1 -
drivers/net/ethernet/mellanox/mlx5/core/en/qos.c | 2 +-
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 +
drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 +
drivers/net/ethernet/pensando/ionic/ionic_lif.c | 7 +-
drivers/net/geneve.c | 1 +
drivers/net/hyperv/hyperv_net.h | 3 +
drivers/net/hyperv/netvsc_drv.c | 29 ++-
drivers/net/loopback.c | 1 +
drivers/net/phy/micrel.c | 2 +
drivers/net/phy/mscc/mscc.h | 12 ++
drivers/net/phy/mscc/mscc_main.c | 12 ++
drivers/net/phy/mscc/mscc_ptp.c | 49 +++--
drivers/net/phy/smsc.c | 1 +
drivers/net/ppp/ppp_generic.c | 17 +-
drivers/net/thunderbolt.c | 21 +-
drivers/net/usb/asix_devices.c | 1 +
drivers/net/usb/cdc_ncm.c | 20 +-
drivers/net/veth.c | 1 +
drivers/net/vxlan/vxlan_core.c | 1 +
drivers/net/wireless/ath/ath11k/ce.c | 3 -
drivers/net/wireless/ath/ath11k/dp_rx.c | 3 -
drivers/net/wireless/ath/ath11k/hal.c | 33 ++-
.../broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 +-
drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 +-
drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 +-
drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 +-
drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 +-
drivers/net/wireless/realtek/rtlwifi/pci.c | 23 ++-
drivers/net/wireless/realtek/rtw89/core.c | 3 +
drivers/net/wireless/realtek/rtw89/fw.c | 9 +-
drivers/net/wireless/realtek/rtw89/fw.h | 2 +
drivers/net/wireless/realtek/rtw89/mac.c | 19 ++
drivers/net/wireless/realtek/rtw89/reg.h | 1 +
drivers/net/xen-netfront.c | 5 -
drivers/pci/controller/pcie-rockchip-host.c | 49 +++--
drivers/pci/controller/pcie-rockchip.h | 11 +-
drivers/pci/endpoint/pci-ep-cfs.c | 1 +
drivers/pci/endpoint/pci-epf-core.c | 2 +-
drivers/pci/pci-acpi.c | 4 +-
drivers/pci/pci.c | 8 +-
drivers/pci/probe.c | 2 +-
drivers/pinctrl/stm32/pinctrl-stm32.c | 1 +
drivers/platform/chrome/cros_ec.c | 19 +-
drivers/platform/chrome/cros_ec_typec.c | 4 +-
drivers/platform/x86/thinkpad_acpi.c | 4 +-
drivers/pps/clients/pps-gpio.c | 5 +-
drivers/ptp/ptp_clock.c | 2 +-
drivers/pwm/pwm-imx-tpm.c | 9 +
drivers/pwm/pwm-mediatek.c | 71 +++----
drivers/remoteproc/imx_rproc.c | 4 +-
drivers/reset/Kconfig | 10 +-
drivers/rtc/rtc-ds1307.c | 15 +-
drivers/s390/char/sclp.c | 11 +-
drivers/scsi/aacraid/comminit.c | 3 +-
drivers/scsi/bfa/bfad_im.c | 1 +
drivers/scsi/libiscsi.c | 3 +-
drivers/scsi/lpfc/lpfc_debugfs.c | 1 -
drivers/scsi/lpfc/lpfc_scsi.c | 4 +
drivers/scsi/mpi3mr/mpi3mr.h | 6 +-
drivers/scsi/mpi3mr/mpi3mr_fw.c | 17 +-
drivers/scsi/mpi3mr/mpi3mr_os.c | 22 +-
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19 ++
drivers/scsi/qla4xxx/ql4_os.c | 2 +
drivers/scsi/scsi_scan.c | 2 +-
drivers/scsi/scsi_transport_sas.c | 62 ++++--
drivers/soc/qcom/mdt_loader.c | 68 ++++++-
drivers/soc/tegra/pmc.c | 51 +++--
drivers/staging/media/imx/imx-media-csc-scaler.c | 2 +-
drivers/target/target_core_fabric_lib.c | 65 ++++--
drivers/target/target_core_internal.h | 4 +-
drivers/target/target_core_pr.c | 18 +-
drivers/thermal/qcom/qcom-spmi-temp-alarm.c | 43 +++-
drivers/thermal/thermal_sysfs.c | 9 +-
drivers/thunderbolt/domain.c | 2 +-
drivers/tty/serial/8250/8250_port.c | 3 +-
drivers/tty/vt/defkeymap.c_shipped | 112 +++++++++++
drivers/tty/vt/keyboard.c | 2 +-
drivers/ufs/host/ufs-exynos.c | 4 +-
drivers/ufs/host/ufshcd-pci.c | 42 +++-
drivers/usb/atm/cxacru.c | 172 ++++++++--------
drivers/usb/class/cdc-acm.c | 11 +-
drivers/usb/core/config.c | 10 +-
drivers/usb/core/hcd.c | 8 +-
drivers/usb/core/quirks.c | 1 +
drivers/usb/core/urb.c | 2 +-
drivers/usb/dwc3/dwc3-imx8mp.c | 6 +-
drivers/usb/dwc3/dwc3-meson-g12a.c | 3 +
drivers/usb/dwc3/ep0.c | 20 +-
drivers/usb/dwc3/gadget.c | 19 +-
drivers/usb/gadget/udc/renesas_usb3.c | 1 +
drivers/usb/host/xhci-mem.c | 2 +
drivers/usb/host/xhci-pci-renesas.c | 7 +-
drivers/usb/host/xhci-ring.c | 10 +-
drivers/usb/host/xhci.c | 6 +-
drivers/usb/musb/omap2430.c | 20 +-
drivers/usb/storage/realtek_cr.c | 2 +-
drivers/usb/storage/unusual_devs.h | 29 +++
drivers/usb/typec/mux/intel_pmc_mux.c | 2 +-
drivers/usb/typec/tcpm/fusb302.c | 8 +
drivers/usb/typec/ucsi/psy.c | 2 +-
drivers/usb/typec/ucsi/ucsi.c | 1 +
drivers/usb/typec/ucsi/ucsi.h | 7 +-
drivers/vfio/pci/mlx5/cmd.c | 4 +-
drivers/vfio/vfio_iommu_type1.c | 7 +
drivers/vhost/vhost.c | 3 +
drivers/vhost/vsock.c | 6 +-
drivers/video/console/vgacon.c | 2 +-
drivers/video/fbdev/core/fbcon.c | 9 +-
drivers/video/fbdev/core/fbmem.c | 3 +
drivers/virt/coco/efi_secret/efi_secret.c | 10 +-
drivers/watchdog/dw_wdt.c | 2 +
drivers/watchdog/iTCO_wdt.c | 6 +-
drivers/watchdog/sbsa_gwdt.c | 50 ++++-
fs/btrfs/block-group.c | 27 ++-
fs/btrfs/ctree.c | 9 +-
fs/btrfs/ordered-data.c | 12 +-
fs/btrfs/qgroup.c | 31 ++-
fs/btrfs/relocation.c | 19 ++
fs/btrfs/send.c | 39 ++++
fs/btrfs/tree-log.c | 60 ++++--
fs/btrfs/zoned.c | 3 +-
fs/buffer.c | 2 +-
fs/crypto/fscrypt_private.h | 17 ++
fs/crypto/hkdf.c | 2 +-
fs/crypto/keysetup.c | 3 +-
fs/crypto/keysetup_v1.c | 3 +-
fs/eventpoll.c | 60 ++++--
fs/ext2/inode.c | 12 +-
fs/ext4/fsmap.c | 23 ++-
fs/ext4/indirect.c | 4 +-
fs/ext4/inline.c | 19 +-
fs/ext4/inode.c | 2 +-
fs/ext4/mballoc.c | 69 +++----
fs/ext4/orphan.c | 5 +-
fs/ext4/super.c | 8 +-
fs/f2fs/data.c | 2 +
fs/f2fs/f2fs.h | 1 -
fs/f2fs/inode.c | 7 +
fs/f2fs/node.c | 10 +
fs/file.c | 15 ++
fs/hfs/bnode.c | 93 +++++++++
fs/hfsplus/bnode.c | 92 +++++++++
fs/hfsplus/unicode.c | 7 +
fs/hfsplus/xattr.c | 6 +-
fs/hugetlbfs/inode.c | 2 +-
fs/jbd2/checkpoint.c | 1 +
fs/jfs/file.c | 3 +
fs/jfs/inode.c | 2 +-
fs/jfs/jfs_dmap.c | 6 +
fs/libfs.c | 4 +-
fs/namespace.c | 34 ++--
fs/nfs/blocklayout/blocklayout.c | 4 +-
fs/nfs/blocklayout/dev.c | 5 +-
fs/nfs/blocklayout/extent_tree.c | 20 +-
fs/nfs/client.c | 44 +++-
fs/nfs/internal.h | 2 +-
fs/nfs/nfs4client.c | 20 +-
fs/nfs/nfs4proc.c | 2 +-
fs/nfs/pnfs.c | 11 +-
fs/nfsd/nfs4state.c | 34 +++-
fs/ntfs3/dir.c | 3 +
fs/ntfs3/inode.c | 31 +--
fs/orangefs/orangefs-debugfs.c | 2 +-
fs/smb/client/cifssmb.c | 10 +
fs/smb/client/connect.c | 1 -
fs/smb/client/sess.c | 9 +
fs/smb/client/smb2ops.c | 11 +-
fs/smb/server/connection.c | 3 +-
fs/smb/server/connection.h | 7 +-
fs/smb/server/smb2pdu.c | 16 +-
fs/smb/server/transport_rdma.c | 5 +-
fs/smb/server/transport_rdma.h | 4 +-
fs/smb/server/transport_tcp.c | 26 ++-
fs/squashfs/super.c | 14 +-
fs/udf/super.c | 13 +-
fs/xfs/xfs_itable.c | 6 +-
include/linux/blk_types.h | 6 +-
include/linux/compiler.h | 8 -
include/linux/fs.h | 4 +-
include/linux/hypervisor.h | 3 +
include/linux/if_vlan.h | 6 +-
include/linux/iosys-map.h | 7 +-
include/linux/memfd.h | 14 ++
include/linux/mm.h | 76 +++++--
include/linux/pci.h | 10 +-
include/linux/platform_data/cros_ec_proto.h | 4 +
include/linux/skbuff.h | 8 +-
include/linux/usb/cdc_ncm.h | 1 +
include/linux/virtio_vsock.h | 7 +-
include/net/bond_3ad.h | 3 +
include/net/bond_options.h | 1 +
include/net/bonding.h | 23 +++
include/net/cfg80211.h | 2 +-
include/net/mac80211.h | 2 +
include/net/neighbour.h | 1 +
include/sound/soc-dai.h | 13 ++
include/uapi/linux/if_link.h | 1 +
include/uapi/linux/in6.h | 4 +-
include/uapi/linux/io_uring.h | 2 +-
include/uapi/linux/pfrut.h | 1 +
kernel/cgroup/cpuset.c | 2 +-
kernel/fork.c | 2 +-
kernel/module/main.c | 10 +-
kernel/power/console.c | 7 +-
kernel/rcu/tree_plugin.h | 3 +
kernel/sched/fair.c | 19 +-
kernel/trace/ftrace.c | 19 +-
kernel/trace/trace.c | 33 ++-
kernel/trace/trace.h | 8 +-
mm/debug_vm_pgtable.c | 9 +-
mm/filemap.c | 2 +-
mm/kmemleak.c | 10 +-
mm/madvise.c | 2 +-
mm/memfd.c | 2 +-
mm/memory-failure.c | 8 +
mm/mmap.c | 12 +-
mm/ptdump.c | 2 +
mm/shmem.c | 2 +-
net/bluetooth/hci_conn.c | 3 +-
net/bluetooth/hci_sync.c | 43 ++--
net/bridge/br_multicast.c | 16 ++
net/bridge/br_private.h | 2 +
net/core/dev.c | 12 ++
net/core/neighbour.c | 12 +-
net/hsr/hsr_slave.c | 8 +-
net/ipv4/ip_tunnel.c | 1 +
net/ipv4/netfilter/nf_reject_ipv4.c | 6 +-
net/ipv4/route.c | 1 -
net/ipv4/udp_offload.c | 2 +-
net/ipv6/addrconf.c | 7 +-
net/ipv6/ip6_gre.c | 2 +
net/ipv6/ip6_tunnel.c | 1 +
net/ipv6/ip6_vti.c | 1 +
net/ipv6/mcast.c | 11 +-
net/ipv6/netfilter/nf_reject_ipv6.c | 5 +-
net/ipv6/seg6_hmac.c | 6 +-
net/ipv6/sit.c | 1 +
net/mac80211/cfg.c | 12 +-
net/mac80211/chan.c | 1 +
net/mac80211/mlme.c | 9 +-
net/mac80211/sta_info.c | 5 +-
net/mctp/af_mctp.c | 28 ++-
net/mptcp/options.c | 9 +-
net/mptcp/pm.c | 8 +-
net/mptcp/pm_netlink.c | 19 +-
net/mptcp/protocol.c | 55 ++++-
net/mptcp/protocol.h | 27 ++-
net/mptcp/subflow.c | 30 ++-
net/ncsi/internal.h | 2 +-
net/ncsi/ncsi-rsp.c | 1 +
net/netfilter/nf_conntrack_netlink.c | 24 ++-
net/netlink/af_netlink.c | 2 +-
net/sched/sch_cake.c | 14 +-
net/sched/sch_ets.c | 36 ++--
net/sched/sch_htb.c | 2 +-
net/tls/tls_sw.c | 16 +-
net/vmw_vsock/virtio_transport.c | 14 +-
net/wireless/mlme.c | 3 +-
scripts/kconfig/gconf.c | 8 +-
scripts/kconfig/lxdialog/inputbox.c | 6 +-
scripts/kconfig/lxdialog/menubox.c | 2 +-
scripts/kconfig/nconf.c | 2 +
scripts/kconfig/nconf.gui.c | 1 +
security/apparmor/include/lib.h | 6 +-
security/inode.c | 2 -
sound/core/pcm_native.c | 19 +-
sound/pci/hda/hda_codec.c | 44 ++--
sound/pci/hda/patch_ca0132.c | 2 +-
sound/pci/hda/patch_realtek.c | 4 +
sound/pci/intel8x0.c | 2 +-
sound/soc/codecs/hdac_hdmi.c | 10 +-
sound/soc/codecs/rt5640.c | 5 +
sound/soc/fsl/fsl_asrc.c | 16 +-
sound/soc/fsl/fsl_aud2htx.c | 10 +-
sound/soc/fsl/fsl_easrc.c | 16 +-
sound/soc/fsl/fsl_esai.c | 20 +-
sound/soc/fsl/fsl_micfil.c | 14 +-
sound/soc/fsl/fsl_sai.c | 44 ++--
sound/soc/fsl/fsl_spdif.c | 17 +-
sound/soc/fsl/fsl_ssi.c | 3 +-
sound/soc/fsl/fsl_xcvr.c | 16 +-
sound/soc/generic/audio-graph-card.c | 2 +-
sound/soc/intel/avs/core.c | 3 +-
sound/soc/soc-core.c | 28 +++
sound/soc/soc-dai.c | 43 ++--
sound/soc/soc-dapm.c | 4 +
sound/usb/mixer_quirks.c | 14 +-
sound/usb/stream.c | 25 ++-
sound/usb/validate.c | 14 +-
tools/include/nolibc/std.h | 4 +-
tools/include/nolibc/types.h | 4 +-
tools/include/uapi/linux/if_link.h | 1 +
.../cpupower/utils/idle_monitor/mperf_monitor.c | 4 +-
tools/scripts/Makefile.include | 4 +-
tools/testing/ktest/ktest.pl | 5 +-
tools/testing/selftests/arm64/fp/sve-ptrace.c | 3 +-
.../selftests/bpf/prog_tests/user_ringbuf.c | 10 +-
.../ftrace/test.d/ftrace/func-filter-glob.tc | 2 +-
tools/testing/selftests/futex/include/futextest.h | 11 +
tools/testing/selftests/memfd/memfd_test.c | 43 ++++
tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 +
511 files changed, 4945 insertions(+), 1976 deletions(-)
2 weeks, 5 days
- 10
- 491
[PATCH rtw v2 1/4] wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()
by Fedor Pchelkin
There is a bug observed when rtw89_core_tx_kick_off_and_wait() tries to
access already freed skb_data:
BUG: KFENCE: use-after-free write in rtw89_core_tx_kick_off_and_wait drivers/net/wireless/realtek/rtw89/core.c:1110
CPU: 6 UID: 0 PID: 41377 Comm: kworker/u64:24 Not tainted 6.17.0-rc1+ #1 PREEMPT(lazy)
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS edk2-20250523-14.fc42 05/23/2025
Workqueue: events_unbound cfg80211_wiphy_work [cfg80211]
Use-after-free write at 0x0000000020309d9d (in kfence-#251):
rtw89_core_tx_kick_off_and_wait drivers/net/wireless/realtek/rtw89/core.c:1110
rtw89_core_scan_complete drivers/net/wireless/realtek/rtw89/core.c:5338
rtw89_hw_scan_complete_cb drivers/net/wireless/realtek/rtw89/fw.c:7979
rtw89_chanctx_proceed_cb drivers/net/wireless/realtek/rtw89/chan.c:3165
rtw89_chanctx_proceed drivers/net/wireless/realtek/rtw89/chan.h:141
rtw89_hw_scan_complete drivers/net/wireless/realtek/rtw89/fw.c:8012
rtw89_mac_c2h_scanofld_rsp drivers/net/wireless/realtek/rtw89/mac.c:5059
rtw89_fw_c2h_work drivers/net/wireless/realtek/rtw89/fw.c:6758
process_one_work kernel/workqueue.c:3241
worker_thread kernel/workqueue.c:3400
kthread kernel/kthread.c:463
ret_from_fork arch/x86/kernel/process.c:154
ret_from_fork_asm arch/x86/entry/entry_64.S:258
kfence-#251: 0x0000000056e2393d-0x000000009943cb62, size=232, cache=skbuff_head_cache
allocated by task 41377 on cpu 6 at 77869.159548s (0.009551s ago):
__alloc_skb net/core/skbuff.c:659
__netdev_alloc_skb net/core/skbuff.c:734
ieee80211_nullfunc_get net/mac80211/tx.c:5844
rtw89_core_send_nullfunc drivers/net/wireless/realtek/rtw89/core.c:3431
rtw89_core_scan_complete drivers/net/wireless/realtek/rtw89/core.c:5338
rtw89_hw_scan_complete_cb drivers/net/wireless/realtek/rtw89/fw.c:7979
rtw89_chanctx_proceed_cb drivers/net/wireless/realtek/rtw89/chan.c:3165
rtw89_chanctx_proceed drivers/net/wireless/realtek/rtw89/chan.c:3194
rtw89_hw_scan_complete drivers/net/wireless/realtek/rtw89/fw.c:8012
rtw89_mac_c2h_scanofld_rsp drivers/net/wireless/realtek/rtw89/mac.c:5059
rtw89_fw_c2h_work drivers/net/wireless/realtek/rtw89/fw.c:6758
process_one_work kernel/workqueue.c:3241
worker_thread kernel/workqueue.c:3400
kthread kernel/kthread.c:463
ret_from_fork arch/x86/kernel/process.c:154
ret_from_fork_asm arch/x86/entry/entry_64.S:258
freed by task 1045 on cpu 9 at 77869.168393s (0.001557s ago):
ieee80211_tx_status_skb net/mac80211/status.c:1117
rtw89_pci_release_txwd_skb drivers/net/wireless/realtek/rtw89/pci.c:564
rtw89_pci_release_tx_skbs.isra.0 drivers/net/wireless/realtek/rtw89/pci.c:651
rtw89_pci_release_tx drivers/net/wireless/realtek/rtw89/pci.c:676
rtw89_pci_napi_poll drivers/net/wireless/realtek/rtw89/pci.c:4238
__napi_poll net/core/dev.c:7495
net_rx_action net/core/dev.c:7557 net/core/dev.c:7684
handle_softirqs kernel/softirq.c:580
do_softirq.part.0 kernel/softirq.c:480
__local_bh_enable_ip kernel/softirq.c:407
rtw89_pci_interrupt_threadfn drivers/net/wireless/realtek/rtw89/pci.c:927
irq_thread_fn kernel/irq/manage.c:1133
irq_thread kernel/irq/manage.c:1257
kthread kernel/kthread.c:463
ret_from_fork arch/x86/kernel/process.c:154
ret_from_fork_asm arch/x86/entry/entry_64.S:258
It is a consequence of a race between the waiting and the signaling side
of the completion:
Waiting thread Completing thread
rtw89_core_tx_kick_off_and_wait()
rcu_assign_pointer(skb_data->wait, wait)
/* start waiting */
wait_for_completion_timeout()
rtw89_pci_tx_status()
rtw89_core_tx_wait_complete()
rcu_read_lock()
/* signals completion and
* proceeds further
*/
complete(&wait->completion)
rcu_read_unlock()
...
/* frees skb_data */
ieee80211_tx_status_ni()
/* returns (exit status doesn't matter) */
wait_for_completion_timeout()
...
/* accesses the already freed skb_data */
rcu_assign_pointer(skb_data->wait, NULL)
The completing side might proceed and free the underlying skb even before
the waiting side is fully awoken and run to execution. Actually the race
happens regardless of wait_for_completion_timeout() exit status, e.g.
the waiting side may hit a timeout and the concurrent completing side is
still able to free the skb.
Skbs which are sent by rtw89_core_tx_kick_off_and_wait() are owned by the
driver. They don't come from core ieee80211 stack so no need to pass them
to ieee80211_tx_status_ni() on completing side.
Introduce a work function which will act as a garbage collector for
rtw89_tx_wait_info objects and the associated skbs. Thus no potentially
heavy locks are required on the completing side.
Found by Linux Verification Center (linuxtesting.org).
Fixes: 1ae5ca615285 ("wifi: rtw89: add function to wait for completion of TX skbs")
Cc: stable(a)vger.kernel.org
Suggested-by: Zong-Zhe Yang <kevin_yang(a)realtek.com>
Signed-off-by: Fedor Pchelkin <pchelkin(a)ispras.ru>
---
v2: use a work function to manage release of tx_waits and associated skbs (Zong-Zhe)
The interesting part is how rtw89_tx_wait_work() should wait for
completion - based on timeout or without it, or just check status with
a call to completion_done().
Simply waiting with wait_for_completion() may become a bottleneck if for
any reason the completion is delayed significantly, and we are holding a
wiphy lock here. I _suspect_ rtw89_pci_tx_status() should be called
either by napi polling handler or in other cases e.g. by rtw89_hci_reset()
but it's hard to deduce for any possible scenario that it will be called
in some time.
Anyway, the current and the next patch try to make sure that when
rtw89_core_tx_wait_complete() is called, skbdata->wait is properly
initialized so that there should be no buggy situations when tx_wait skb
is not recognized and invalidly passed to ieee80211 stack, also without
signaling a completion.
If rtw89_core_tx_wait_complete() is not called at all, this should
indicate a bug elsewhere.
drivers/net/wireless/realtek/rtw89/core.c | 42 +++++++++++++++++++----
drivers/net/wireless/realtek/rtw89/core.h | 22 +++++++-----
drivers/net/wireless/realtek/rtw89/pci.c | 9 ++---
3 files changed, 54 insertions(+), 19 deletions(-)
diff --git a/drivers/net/wireless/realtek/rtw89/core.c b/drivers/net/wireless/realtek/rtw89/core.c
index 57590f5577a3..48aa02d6abd4 100644
--- a/drivers/net/wireless/realtek/rtw89/core.c
+++ b/drivers/net/wireless/realtek/rtw89/core.c
@@ -1073,6 +1073,26 @@ rtw89_core_tx_update_desc_info(struct rtw89_dev *rtwdev,
}
}
+static void rtw89_tx_wait_work(struct wiphy *wiphy, struct wiphy_work *work)
+{
+ struct rtw89_dev *rtwdev = container_of(work, struct rtw89_dev,
+ tx_wait_work);
+ struct rtw89_tx_wait_info *wait, *tmp;
+
+ lockdep_assert_wiphy(wiphy);
+
+ list_for_each_entry_safe(wait, tmp, &rtwdev->tx_waits, list) {
+ if (!wait->finished) {
+ unsigned long tmo = msecs_to_jiffies(wait->timeout);
+ if (!wait_for_completion_timeout(&wait->completion, tmo))
+ continue;
+ }
+ list_del(&wait->list);
+ dev_kfree_skb_any(wait->skb);
+ kfree(wait);
+ }
+}
+
void rtw89_core_tx_kick_off(struct rtw89_dev *rtwdev, u8 qsel)
{
u8 ch_dma;
@@ -1090,6 +1110,8 @@ int rtw89_core_tx_kick_off_and_wait(struct rtw89_dev *rtwdev, struct sk_buff *sk
unsigned long time_left;
int ret = 0;
+ lockdep_assert_wiphy(rtwdev->hw->wiphy);
+
wait = kzalloc(sizeof(*wait), GFP_KERNEL);
if (!wait) {
rtw89_core_tx_kick_off(rtwdev, qsel);
@@ -1097,18 +1119,23 @@ int rtw89_core_tx_kick_off_and_wait(struct rtw89_dev *rtwdev, struct sk_buff *sk
}
init_completion(&wait->completion);
- rcu_assign_pointer(skb_data->wait, wait);
+ skb_data->wait = wait;
rtw89_core_tx_kick_off(rtwdev, qsel);
time_left = wait_for_completion_timeout(&wait->completion,
msecs_to_jiffies(timeout));
- if (time_left == 0)
+ if (time_left == 0) {
ret = -ETIMEDOUT;
- else if (!wait->tx_done)
- ret = -EAGAIN;
+ } else {
+ wait->finished = true;
+ if (!wait->tx_done)
+ ret = -EAGAIN;
+ }
- rcu_assign_pointer(skb_data->wait, NULL);
- kfree_rcu(wait, rcu_head);
+ wait->skb = skb;
+ wait->timeout = timeout;
+ list_add_tail(&wait->list, &rtwdev->tx_waits);
+ wiphy_work_queue(rtwdev->hw->wiphy, &rtwdev->tx_wait_work);
return ret;
}
@@ -4972,6 +4999,7 @@ void rtw89_core_stop(struct rtw89_dev *rtwdev)
clear_bit(RTW89_FLAG_RUNNING, rtwdev->flags);
wiphy_work_cancel(wiphy, &rtwdev->c2h_work);
+ wiphy_work_cancel(wiphy, &rtwdev->tx_wait_work);
wiphy_work_cancel(wiphy, &rtwdev->cancel_6ghz_probe_work);
wiphy_work_cancel(wiphy, &btc->eapol_notify_work);
wiphy_work_cancel(wiphy, &btc->arp_notify_work);
@@ -5203,6 +5231,7 @@ int rtw89_core_init(struct rtw89_dev *rtwdev)
INIT_LIST_HEAD(&rtwdev->scan_info.pkt_list[band]);
}
INIT_LIST_HEAD(&rtwdev->scan_info.chan_list);
+ INIT_LIST_HEAD(&rtwdev->tx_waits);
INIT_WORK(&rtwdev->ba_work, rtw89_core_ba_work);
INIT_WORK(&rtwdev->txq_work, rtw89_core_txq_work);
INIT_DELAYED_WORK(&rtwdev->txq_reinvoke_work, rtw89_core_txq_reinvoke_work);
@@ -5233,6 +5262,7 @@ int rtw89_core_init(struct rtw89_dev *rtwdev)
wiphy_work_init(&rtwdev->c2h_work, rtw89_fw_c2h_work);
wiphy_work_init(&rtwdev->ips_work, rtw89_ips_work);
wiphy_work_init(&rtwdev->cancel_6ghz_probe_work, rtw89_cancel_6ghz_probe_work);
+ wiphy_work_init(&rtwdev->tx_wait_work, rtw89_tx_wait_work);
INIT_WORK(&rtwdev->load_firmware_work, rtw89_load_firmware_work);
skb_queue_head_init(&rtwdev->c2h_queue);
diff --git a/drivers/net/wireless/realtek/rtw89/core.h b/drivers/net/wireless/realtek/rtw89/core.h
index 43e10278e14d..06f7d82a8d18 100644
--- a/drivers/net/wireless/realtek/rtw89/core.h
+++ b/drivers/net/wireless/realtek/rtw89/core.h
@@ -3508,12 +3508,16 @@ struct rtw89_phy_rate_pattern {
struct rtw89_tx_wait_info {
struct rcu_head rcu_head;
+ struct list_head list;
struct completion completion;
+ struct sk_buff *skb;
+ unsigned int timeout;
bool tx_done;
+ bool finished;
};
struct rtw89_tx_skb_data {
- struct rtw89_tx_wait_info __rcu *wait;
+ struct rtw89_tx_wait_info *wait;
u8 hci_priv[];
};
@@ -5925,6 +5929,9 @@ struct rtw89_dev {
/* used to protect rpwm */
spinlock_t rpwm_lock;
+ struct list_head tx_waits;
+ struct wiphy_work tx_wait_work;
+
struct rtw89_cam_info cam_info;
struct sk_buff_head c2h_queue;
@@ -7258,23 +7265,20 @@ static inline struct sk_buff *rtw89_alloc_skb_for_rx(struct rtw89_dev *rtwdev,
return dev_alloc_skb(length);
}
-static inline void rtw89_core_tx_wait_complete(struct rtw89_dev *rtwdev,
+static inline bool rtw89_core_tx_wait_complete(struct rtw89_dev *rtwdev,
struct rtw89_tx_skb_data *skb_data,
bool tx_done)
{
struct rtw89_tx_wait_info *wait;
- rcu_read_lock();
-
- wait = rcu_dereference(skb_data->wait);
+ wait = skb_data->wait;
if (!wait)
- goto out;
+ return false;
wait->tx_done = tx_done;
- complete(&wait->completion);
+ complete_all(&wait->completion);
-out:
- rcu_read_unlock();
+ return true;
}
static inline bool rtw89_is_mlo_1_1(struct rtw89_dev *rtwdev)
diff --git a/drivers/net/wireless/realtek/rtw89/pci.c b/drivers/net/wireless/realtek/rtw89/pci.c
index a669f2f843aa..6356c2c224c5 100644
--- a/drivers/net/wireless/realtek/rtw89/pci.c
+++ b/drivers/net/wireless/realtek/rtw89/pci.c
@@ -464,10 +464,7 @@ static void rtw89_pci_tx_status(struct rtw89_dev *rtwdev,
struct rtw89_tx_skb_data *skb_data = RTW89_TX_SKB_CB(skb);
struct ieee80211_tx_info *info;
- rtw89_core_tx_wait_complete(rtwdev, skb_data, tx_status == RTW89_TX_DONE);
-
info = IEEE80211_SKB_CB(skb);
- ieee80211_tx_info_clear_status(info);
if (info->flags & IEEE80211_TX_CTL_NO_ACK)
info->flags |= IEEE80211_TX_STAT_NOACK_TRANSMITTED;
@@ -494,6 +491,10 @@ static void rtw89_pci_tx_status(struct rtw89_dev *rtwdev,
}
}
+ if (rtw89_core_tx_wait_complete(rtwdev, skb_data, tx_status == RTW89_TX_DONE))
+ return;
+
+ ieee80211_tx_info_clear_status(info);
ieee80211_tx_status_ni(rtwdev->hw, skb);
}
@@ -1387,7 +1388,7 @@ static int rtw89_pci_txwd_submit(struct rtw89_dev *rtwdev,
}
tx_data->dma = dma;
- rcu_assign_pointer(skb_data->wait, NULL);
+ skb_data->wait = NULL;
txwp_len = sizeof(*txwp_info);
txwd_len = chip->txwd_body_size;
--
2.50.1
2 weeks, 6 days
- 3
- 3
[REGRESSION][BISECTED][PATCH] net: ipv4: fix regression in broadcast routes
by Brett A C Sheffield
Fix the regression introduced in 9e30ecf23b1b whereby IPv4 broadcast
packets were having their ethernet destination field mangled. This
broke WOL magic packets and likely other IPv4 broadcast.
The regression can be observed by sending an IPv4 WOL packet using
the wakeonlan program to any ethernet address:
wakeonlan 46:3b:ad:61:e0:5d
and capturing the packet with tcpdump:
tcpdump -i eth0 -w /tmp/bad.cap dst port 9
The ethernet destination MUST be ff:ff:ff:ff:ff:ff for broadcast, but is
mangled with 9e30ecf23b1b applied.
Revert the change made in 9e30ecf23b1b and ensure the MTU value for
broadcast routes is retained by calling ip_dst_init_metrics() directly,
avoiding the need to enter the main code block in rt_set_nexthop().
Simplify the code path taken for broadcast packets back to the original
before the regression, adding only the call to ip_dst_init_metrics().
The broadcast_pmtu.sh selftest provided with the original patch still
passes with this patch applied.
Fixes: 9e30ecf23b1b ("net: ipv4: fix incorrect MTU in broadcast routes")
Signed-off-by: Brett A C Sheffield <bacs(a)librecast.net>
---
net/ipv4/route.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index f639a2ae881a..eaf78e128aca 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -2588,6 +2588,7 @@ static struct rtable *__mkroute_output(const struct fib_result *res,
do_cache = true;
if (type == RTN_BROADCAST) {
flags |= RTCF_BROADCAST | RTCF_LOCAL;
+ fi = NULL;
} else if (type == RTN_MULTICAST) {
flags |= RTCF_MULTICAST | RTCF_LOCAL;
if (!ip_check_mc_rcu(in_dev, fl4->daddr, fl4->saddr,
@@ -2657,8 +2658,12 @@ static struct rtable *__mkroute_output(const struct fib_result *res,
rth->dst.output = ip_mc_output;
RT_CACHE_STAT_INC(out_slow_mc);
}
+ if (type == RTN_BROADCAST) {
+ /* ensure MTU value for broadcast routes is retained */
+ ip_dst_init_metrics(&rth->dst, res->fi->fib_metrics);
+ }
#ifdef CONFIG_IP_MROUTE
- if (type == RTN_MULTICAST) {
+ else if (type == RTN_MULTICAST) {
if (IN_DEV_MFORWARD(in_dev) &&
!ipv4_is_local_multicast(fl4->daddr)) {
rth->dst.input = ip_mr_input;
base-commit: 01b9128c5db1b470575d07b05b67ffa3cb02ebf1
--
2.49.1
2 weeks, 6 days
- 8
- 21
[PATCH 1/2] mm/slub: Fix cmp_loc_by_count() to return 0 when counts are equal
by Kuan-Wei Chiu
The comparison function cmp_loc_by_count() used for sorting stack trace
locations in debugfs currently returns -1 if a->count > b->count and 1
otherwise. This breaks the antisymmetry property required by sort(),
because when two counts are equal, both cmp(a, b) and cmp(b, a) return
1.
This can lead to undefined or incorrect ordering results. Fix it by
explicitly returning 0 when the counts are equal, ensuring that the
comparison function follows the expected mathematical properties.
Fixes: 553c0369b3e1 ("mm/slub: sort debugfs output by frequency of stack traces")
Cc: stable(a)vger.kernel.org
Signed-off-by: Kuan-Wei Chiu <visitorckw(a)gmail.com>
---
mm/slub.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/mm/slub.c b/mm/slub.c
index 30003763d224..c91b3744adbc 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -7718,8 +7718,9 @@ static int cmp_loc_by_count(const void *a, const void *b, const void *data)
if (loc1->count > loc2->count)
return -1;
- else
+ if (loc1->count < loc2->count)
return 1;
+ return 0;
}
static void *slab_debugfs_start(struct seq_file *seq, loff_t *ppos)
--
2.34.1
2 weeks, 6 days
- 4
- 8
+ mm-memory-failure-fix-vm_bug_on_pagepagepoisonedpage-when-unpoison-memory.patch added to mm-hotfixes-unstable branch
by Andrew Morton
The patch titled
Subject: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory
has been added to the -mm mm-hotfixes-unstable branch. Its filename is
mm-memory-failure-fix-vm_bug_on_pagepagepoisonedpage-when-unpoison-memory.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-hotfixes-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Miaohe Lin <linmiaohe(a)huawei.com>
Subject: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory
Date: Thu, 28 Aug 2025 10:46:18 +0800
When I did memory failure tests, below panic occurs:
page dumped because: VM_BUG_ON_PAGE(PagePoisoned(page))
kernel BUG at include/linux/page-flags.h:616!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI
CPU: 3 PID: 720 Comm: bash Not tainted 6.10.0-rc1-00195-g148743902568 #40
RIP: 0010:unpoison_memory+0x2f3/0x590
RSP: 0018:ffffa57fc8787d60 EFLAGS: 00000246
RAX: 0000000000000037 RBX: 0000000000000009 RCX: ffff9be25fcdc9c8
RDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff9be25fcdc9c0
RBP: 0000000000300000 R08: ffffffffb4956f88 R09: 0000000000009ffb
R10: 0000000000000284 R11: ffffffffb4926fa0 R12: ffffe6b00c000000
R13: ffff9bdb453dfd00 R14: 0000000000000000 R15: fffffffffffffffe
FS: 00007f08f04e4740(0000) GS:ffff9be25fcc0000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000564787a30410 CR3: 000000010d4e2000 CR4: 00000000000006f0
Call Trace:
<TASK>
unpoison_memory+0x2f3/0x590
simple_attr_write_xsigned.constprop.0.isra.0+0xb3/0x110
debugfs_attr_write+0x42/0x60
full_proxy_write+0x5b/0x80
vfs_write+0xd5/0x540
ksys_write+0x64/0xe0
do_syscall_64+0xb9/0x1d0
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f08f0314887
RSP: 002b:00007ffece710078 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f08f0314887
RDX: 0000000000000009 RSI: 0000564787a30410 RDI: 0000000000000001
RBP: 0000564787a30410 R08: 000000000000fefe R09: 000000007fffffff
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009
R13: 00007f08f041b780 R14: 00007f08f0417600 R15: 00007f08f0416a00
</TASK>
Modules linked in: hwpoison_inject
---[ end trace 0000000000000000 ]---
RIP: 0010:unpoison_memory+0x2f3/0x590
RSP: 0018:ffffa57fc8787d60 EFLAGS: 00000246
RAX: 0000000000000037 RBX: 0000000000000009 RCX: ffff9be25fcdc9c8
RDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff9be25fcdc9c0
RBP: 0000000000300000 R08: ffffffffb4956f88 R09: 0000000000009ffb
R10: 0000000000000284 R11: ffffffffb4926fa0 R12: ffffe6b00c000000
R13: ffff9bdb453dfd00 R14: 0000000000000000 R15: fffffffffffffffe
FS: 00007f08f04e4740(0000) GS:ffff9be25fcc0000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000564787a30410 CR3: 000000010d4e2000 CR4: 00000000000006f0
Kernel panic - not syncing: Fatal exception
Kernel Offset: 0x31c00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
---[ end Kernel panic - not syncing: Fatal exception ]---
The root cause is that unpoison_memory() tries to check the PG_HWPoison
flags of an uninitialized page. So VM_BUG_ON_PAGE(PagePoisoned(page)) is
triggered. This can be reproduced by below steps:
1.Offline memory block:
echo offline > /sys/devices/system/memory/memory12/state
2.Get offlined memory pfn:
page-types -b n -rlN
3.Write pfn to unpoison-pfn
echo <pfn> > /sys/kernel/debug/hwpoison/unpoison-pfn
This scenario can be identified by pfn_to_online_page() returning NULL.
And ZONE_DEVICE pages are never expected, so we can simply fail if
pfn_to_online_page() == NULL to fix the bug.
Link: https://lkml.kernel.org/r/20250828024618.1744895-1-linmiaohe@huawei.com
Fixes: f1dd2cd13c4b ("mm, memory_hotplug: do not associate hotadded memory to zones until online")
Signed-off-by: Miaohe Lin <linmiaohe(a)huawei.com>
Suggested-by: David Hildenbrand <david(a)redhat.com>
Acked-by: David Hildenbrand <david(a)redhat.com>
Cc: Naoya Horiguchi <nao.horiguchi(a)gmail.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/memory-failure.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
--- a/mm/memory-failure.c~mm-memory-failure-fix-vm_bug_on_pagepagepoisonedpage-when-unpoison-memory
+++ a/mm/memory-failure.c
@@ -2568,10 +2568,9 @@ int unpoison_memory(unsigned long pfn)
static DEFINE_RATELIMIT_STATE(unpoison_rs, DEFAULT_RATELIMIT_INTERVAL,
DEFAULT_RATELIMIT_BURST);
- if (!pfn_valid(pfn))
- return -ENXIO;
-
- p = pfn_to_page(pfn);
+ p = pfn_to_online_page(pfn);
+ if (!p)
+ return -EIO;
folio = page_folio(p);
mutex_lock(&mf_mutex);
_
Patches currently in -mm which might be from linmiaohe(a)huawei.com are
mm-memory-failure-fix-vm_bug_on_pagepagepoisonedpage-when-unpoison-memory.patch
revert-hugetlb-make-hugetlb-depends-on-sysfs-or-sysctl.patch
2 weeks, 6 days
- 1
- 0
Loan Offer
by Mrs.Seinfield
Hello,
Are you looking for a loan to either increase your activity or to
carry out a project. We offer Crypto Loans at 2-7% interest rate
with or without a credit check. We also pay 1% commission to
brokers, who introduce project owners for finance or other
opportunities.
Please get back to me if you are interested in more details.
Best Regards,
Lucy Seinfield
Assistant Secretary
2 weeks, 6 days
- 1
- 0
+ mm-memory-failure-fix-redundant-updates-for-already-poisoned-pages.patch added to mm-hotfixes-unstable branch
by Andrew Morton
The patch titled
Subject: mm/memory-failure: fix redundant updates for already poisoned pages
has been added to the -mm mm-hotfixes-unstable branch. Its filename is
mm-memory-failure-fix-redundant-updates-for-already-poisoned-pages.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-hotfixes-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Kyle Meyer <kyle.meyer(a)hpe.com>
Subject: mm/memory-failure: fix redundant updates for already poisoned pages
Date: Thu, 28 Aug 2025 13:38:20 -0500
Duplicate memory errors can be reported by multiple sources.
Passing an already poisoned page to action_result() causes issues:
* The amount of hardware corrupted memory is incorrectly updated.
* Per NUMA node MF stats are incorrectly updated.
* Redundant "already poisoned" messages are printed.
Avoid those issues by:
* Skipping hardware corrupted memory updates for already poisoned pages.
* Skipping per NUMA node MF stats updates for already poisoned pages.
* Dropping redundant "already poisoned" messages.
Make MF_MSG_ALREADY_POISONED consistent with other action_page_types and
make calls to action_result() consistent for already poisoned normal pages
and huge pages.
Link: https://lkml.kernel.org/r/aLCiHMy12Ck3ouwC@hpe.com
Fixes: b8b9488d50b7 ("mm/memory-failure: improve memory failure action_result messages")
Signed-off-by: Kyle Meyer <kyle.meyer(a)hpe.com>
Reviewed-by: Jiaqi Yan <jiaqiyan(a)google.com>
Acked-by: David Hildenbrand <david(a)redhat.com>
Cc: Borislav Betkov <bp(a)alien8.de>
Cc: Jane Chu <jane.chu(a)oracle.com>
Cc: Kyle Meyer <kyle.meyer(a)hpe.com>
Cc: Liam Howlett <liam.howlett(a)oracle.com>
Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com>
Cc: "Luck, Tony" <tony.luck(a)intel.com>
Cc: Miaohe Lin <linmiaohe(a)huawei.com>
Cc: Michal Hocko <mhocko(a)suse.com>
Cc: Mike Rapoport <rppt(a)kernel.org>
Cc: Naoya Horiguchi <nao.horiguchi(a)gmail.com>
Cc: Oscar Salvador <osalvador(a)suse.de>
Cc: Russ Anderson <russ.anderson(a)hpe.com>
Cc: Suren Baghdasaryan <surenb(a)google.com>
Cc: Vlastimil Babka <vbabka(a)suse.cz>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/memory-failure.c | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
--- a/mm/memory-failure.c~mm-memory-failure-fix-redundant-updates-for-already-poisoned-pages
+++ a/mm/memory-failure.c
@@ -956,7 +956,7 @@ static const char * const action_page_ty
[MF_MSG_BUDDY] = "free buddy page",
[MF_MSG_DAX] = "dax page",
[MF_MSG_UNSPLIT_THP] = "unsplit thp",
- [MF_MSG_ALREADY_POISONED] = "already poisoned",
+ [MF_MSG_ALREADY_POISONED] = "already poisoned page",
[MF_MSG_UNKNOWN] = "unknown page",
};
@@ -1349,9 +1349,10 @@ static int action_result(unsigned long p
{
trace_memory_failure_event(pfn, type, result);
- num_poisoned_pages_inc(pfn);
-
- update_per_node_mf_stats(pfn, result);
+ if (type != MF_MSG_ALREADY_POISONED) {
+ num_poisoned_pages_inc(pfn);
+ update_per_node_mf_stats(pfn, result);
+ }
pr_err("%#lx: recovery action for %s: %s\n",
pfn, action_page_types[type], action_name[result]);
@@ -2094,12 +2095,11 @@ retry:
*hugetlb = 0;
return 0;
} else if (res == -EHWPOISON) {
- pr_err("%#lx: already hardware poisoned\n", pfn);
if (flags & MF_ACTION_REQUIRED) {
folio = page_folio(p);
res = kill_accessing_process(current, folio_pfn(folio), flags);
- action_result(pfn, MF_MSG_ALREADY_POISONED, MF_FAILED);
}
+ action_result(pfn, MF_MSG_ALREADY_POISONED, MF_FAILED);
return res;
} else if (res == -EBUSY) {
if (!(flags & MF_NO_RETRY)) {
@@ -2285,7 +2285,6 @@ try_again:
goto unlock_mutex;
if (TestSetPageHWPoison(p)) {
- pr_err("%#lx: already hardware poisoned\n", pfn);
res = -EHWPOISON;
if (flags & MF_ACTION_REQUIRED)
res = kill_accessing_process(current, pfn, flags);
_
Patches currently in -mm which might be from kyle.meyer(a)hpe.com are
mm-memory-failure-fix-redundant-updates-for-already-poisoned-pages.patch
2 weeks, 6 days
- 1
- 0
[PATCH v3 1/1] iommu/sva: Invalidate KVA range on kernel TLB flush
by Lu Baolu
In the IOMMU Shared Virtual Addressing (SVA) context, the IOMMU hardware
shares and walks the CPU's page tables. The Linux x86 architecture maps
the kernel address space into the upper portion of every process’s page
table. Consequently, in an SVA context, the IOMMU hardware can walk and
cache kernel space mappings. However, the Linux kernel currently lacks
a notification mechanism for kernel space mapping changes. This means
the IOMMU driver is not aware of such changes, leading to a break in
IOMMU cache coherence.
Modern IOMMUs often cache page table entries of the intermediate-level
page table as long as the entry is valid, no matter the permissions, to
optimize walk performance. Currently the iommu driver is notified only
for changes of user VA mappings, so the IOMMU's internal caches may
retain stale entries for kernel VA. When kernel page table mappings are
changed (e.g., by vfree()), but the IOMMU's internal caches retain stale
entries, Use-After-Free (UAF) vulnerability condition arises.
If these freed page table pages are reallocated for a different purpose,
potentially by an attacker, the IOMMU could misinterpret the new data as
valid page table entries. This allows the IOMMU to walk into attacker-
controlled memory, leading to arbitrary physical memory DMA access or
privilege escalation.
To mitigate this, introduce a new iommu interface to flush IOMMU caches.
This interface should be invoked from architecture-specific code that
manages combined user and kernel page tables, whenever a kernel page table
update is done and the CPU TLB needs to be flushed.
Fixes: 26b25a2b98e4 ("iommu: Bind process address spaces to devices")
Cc: stable(a)vger.kernel.org
Suggested-by: Jann Horn <jannh(a)google.com>
Co-developed-by: Jason Gunthorpe <jgg(a)nvidia.com>
Signed-off-by: Jason Gunthorpe <jgg(a)nvidia.com>
Signed-off-by: Lu Baolu <baolu.lu(a)linux.intel.com>
Reviewed-by: Jason Gunthorpe <jgg(a)nvidia.com>
Reviewed-by: Vasant Hegde <vasant.hegde(a)amd.com>
Reviewed-by: Kevin Tian <kevin.tian(a)intel.com>
Tested-by: Yi Lai <yi1.lai(a)intel.com>
---
arch/x86/mm/tlb.c | 4 +++
drivers/iommu/iommu-sva.c | 60 ++++++++++++++++++++++++++++++++++++++-
include/linux/iommu.h | 4 +++
3 files changed, 67 insertions(+), 1 deletion(-)
Change log:
v3:
- iommu_sva_mms is an unbound list; iterating it in an atomic context
could introduce significant latency issues. Schedule it in a kernel
thread and replace the spinlock with a mutex.
- Replace the static key with a normal bool; it can be brought back if
data shows the benefit.
- Invalidate KVA range in the flush_tlb_all() paths.
- All previous reviewed-bys are preserved. Please let me know if there
are any objections.
v2:
- https://lore.kernel.org/linux-iommu/20250709062800.651521-1-baolu.lu@linux.…
- Remove EXPORT_SYMBOL_GPL(iommu_sva_invalidate_kva_range);
- Replace the mutex with a spinlock to make the interface usable in the
critical regions.
v1: https://lore.kernel.org/linux-iommu/20250704133056.4023816-1-baolu.lu@linux…
diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c
index 39f80111e6f1..3b85e7d3ba44 100644
--- a/arch/x86/mm/tlb.c
+++ b/arch/x86/mm/tlb.c
@@ -12,6 +12,7 @@
#include <linux/task_work.h>
#include <linux/mmu_notifier.h>
#include <linux/mmu_context.h>
+#include <linux/iommu.h>
#include <asm/tlbflush.h>
#include <asm/mmu_context.h>
@@ -1478,6 +1479,8 @@ void flush_tlb_all(void)
else
/* Fall back to the IPI-based invalidation. */
on_each_cpu(do_flush_tlb_all, NULL, 1);
+
+ iommu_sva_invalidate_kva_range(0, TLB_FLUSH_ALL);
}
/* Flush an arbitrarily large range of memory with INVLPGB. */
@@ -1540,6 +1543,7 @@ void flush_tlb_kernel_range(unsigned long start, unsigned long end)
kernel_tlb_flush_range(info);
put_flush_tlb_info();
+ iommu_sva_invalidate_kva_range(start, end);
}
/*
diff --git a/drivers/iommu/iommu-sva.c b/drivers/iommu/iommu-sva.c
index 1a51cfd82808..d0da2b3fd64b 100644
--- a/drivers/iommu/iommu-sva.c
+++ b/drivers/iommu/iommu-sva.c
@@ -10,6 +10,8 @@
#include "iommu-priv.h"
static DEFINE_MUTEX(iommu_sva_lock);
+static bool iommu_sva_present;
+static LIST_HEAD(iommu_sva_mms);
static struct iommu_domain *iommu_sva_domain_alloc(struct device *dev,
struct mm_struct *mm);
@@ -42,6 +44,7 @@ static struct iommu_mm_data *iommu_alloc_mm_data(struct mm_struct *mm, struct de
return ERR_PTR(-ENOSPC);
}
iommu_mm->pasid = pasid;
+ iommu_mm->mm = mm;
INIT_LIST_HEAD(&iommu_mm->sva_domains);
/*
* Make sure the write to mm->iommu_mm is not reordered in front of
@@ -132,8 +135,13 @@ struct iommu_sva *iommu_sva_bind_device(struct device *dev, struct mm_struct *mm
if (ret)
goto out_free_domain;
domain->users = 1;
- list_add(&domain->next, &mm->iommu_mm->sva_domains);
+ if (list_empty(&iommu_mm->sva_domains)) {
+ if (list_empty(&iommu_sva_mms))
+ WRITE_ONCE(iommu_sva_present, true);
+ list_add(&iommu_mm->mm_list_elm, &iommu_sva_mms);
+ }
+ list_add(&domain->next, &iommu_mm->sva_domains);
out:
refcount_set(&handle->users, 1);
mutex_unlock(&iommu_sva_lock);
@@ -175,6 +183,13 @@ void iommu_sva_unbind_device(struct iommu_sva *handle)
list_del(&domain->next);
iommu_domain_free(domain);
}
+
+ if (list_empty(&iommu_mm->sva_domains)) {
+ list_del(&iommu_mm->mm_list_elm);
+ if (list_empty(&iommu_sva_mms))
+ WRITE_ONCE(iommu_sva_present, false);
+ }
+
mutex_unlock(&iommu_sva_lock);
kfree(handle);
}
@@ -312,3 +327,46 @@ static struct iommu_domain *iommu_sva_domain_alloc(struct device *dev,
return domain;
}
+
+struct kva_invalidation_work_data {
+ struct work_struct work;
+ unsigned long start;
+ unsigned long end;
+};
+
+static void invalidate_kva_func(struct work_struct *work)
+{
+ struct kva_invalidation_work_data *data =
+ container_of(work, struct kva_invalidation_work_data, work);
+ struct iommu_mm_data *iommu_mm;
+
+ guard(mutex)(&iommu_sva_lock);
+ list_for_each_entry(iommu_mm, &iommu_sva_mms, mm_list_elm)
+ mmu_notifier_arch_invalidate_secondary_tlbs(iommu_mm->mm,
+ data->start, data->end);
+
+ kfree(data);
+}
+
+void iommu_sva_invalidate_kva_range(unsigned long start, unsigned long end)
+{
+ struct kva_invalidation_work_data *data;
+
+ if (likely(!READ_ONCE(iommu_sva_present)))
+ return;
+
+ /* will be freed in the task function */
+ data = kzalloc(sizeof(*data), GFP_ATOMIC);
+ if (!data)
+ return;
+
+ data->start = start;
+ data->end = end;
+ INIT_WORK(&data->work, invalidate_kva_func);
+
+ /*
+ * Since iommu_sva_mms is an unbound list, iterating it in an atomic
+ * context could introduce significant latency issues.
+ */
+ schedule_work(&data->work);
+}
diff --git a/include/linux/iommu.h b/include/linux/iommu.h
index c30d12e16473..66e4abb2df0d 100644
--- a/include/linux/iommu.h
+++ b/include/linux/iommu.h
@@ -1134,7 +1134,9 @@ struct iommu_sva {
struct iommu_mm_data {
u32 pasid;
+ struct mm_struct *mm;
struct list_head sva_domains;
+ struct list_head mm_list_elm;
};
int iommu_fwspec_init(struct device *dev, struct fwnode_handle *iommu_fwnode);
@@ -1615,6 +1617,7 @@ struct iommu_sva *iommu_sva_bind_device(struct device *dev,
struct mm_struct *mm);
void iommu_sva_unbind_device(struct iommu_sva *handle);
u32 iommu_sva_get_pasid(struct iommu_sva *handle);
+void iommu_sva_invalidate_kva_range(unsigned long start, unsigned long end);
#else
static inline struct iommu_sva *
iommu_sva_bind_device(struct device *dev, struct mm_struct *mm)
@@ -1639,6 +1642,7 @@ static inline u32 mm_get_enqcmd_pasid(struct mm_struct *mm)
}
static inline void mm_pasid_drop(struct mm_struct *mm) {}
+static inline void iommu_sva_invalidate_kva_range(unsigned long start, unsigned long end) {}
#endif /* CONFIG_IOMMU_SVA */
#ifdef CONFIG_IOMMU_IOPF
--
2.43.0
2 weeks, 6 days
- 8
- 48
[PATCH 5.4.y] Revert "drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS"
by Imre Deak
This reverts commit 2402adce8da4e7396b63b5ffa71e1fa16e5fe5c4.
The upstream commit a40c5d727b8111b5db424a1e43e14a1dcce1e77f ("drm/dp:
Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS") the
reverted commit backported causes a regression, on one eDP panel at
least resulting in display flickering, described in detail at the Link:
below. The issue fixed by the upstream commit will need a different
solution, revert the backport for now.
Cc: intel-gfx(a)lists.freedesktop.org
Cc: dri-devel(a)lists.freedesktop.org
Cc: Sasha Levin <sashal(a)kernel.org>
Link: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/14558
Signed-off-by: Imre Deak <imre.deak(a)intel.com>
---
drivers/gpu/drm/drm_dp_helper.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/drm_dp_helper.c b/drivers/gpu/drm/drm_dp_helper.c
index 4eabef5b86d0..ffc68d305afe 100644
--- a/drivers/gpu/drm/drm_dp_helper.c
+++ b/drivers/gpu/drm/drm_dp_helper.c
@@ -280,7 +280,7 @@ ssize_t drm_dp_dpcd_read(struct drm_dp_aux *aux, unsigned int offset,
* We just have to do it before any DPCD access and hope that the
* monitor doesn't power down exactly after the throw away read.
*/
- ret = drm_dp_dpcd_access(aux, DP_AUX_NATIVE_READ, DP_LANE0_1_STATUS, buffer,
+ ret = drm_dp_dpcd_access(aux, DP_AUX_NATIVE_READ, DP_DPCD_REV, buffer,
1);
if (ret != 1)
goto out;
--
2.49.1
2 weeks, 6 days
- 1
- 6
FAILED: patch "[PATCH] NFS: Fix a race when updating an existing write" failed to apply to 5.10-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.10-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y
git checkout FETCH_HEAD
git cherry-pick -x 76d2e3890fb169168c73f2e4f8375c7cc24a765e
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025082225-attribute-embark-823b@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 76d2e3890fb169168c73f2e4f8375c7cc24a765e Mon Sep 17 00:00:00 2001
From: Trond Myklebust <trond.myklebust(a)hammerspace.com>
Date: Sat, 16 Aug 2025 07:25:20 -0700
Subject: [PATCH] NFS: Fix a race when updating an existing write
After nfs_lock_and_join_requests() tests for whether the request is
still attached to the mapping, nothing prevents a call to
nfs_inode_remove_request() from succeeding until we actually lock the
page group.
The reason is that whoever called nfs_inode_remove_request() doesn't
necessarily have a lock on the page group head.
So in order to avoid races, let's take the page group lock earlier in
nfs_lock_and_join_requests(), and hold it across the removal of the
request in nfs_inode_remove_request().
Reported-by: Jeff Layton <jlayton(a)kernel.org>
Tested-by: Joe Quanaim <jdq(a)meta.com>
Tested-by: Andrew Steffen <aksteffen(a)meta.com>
Reviewed-by: Jeff Layton <jlayton(a)kernel.org>
Fixes: bd37d6fce184 ("NFSv4: Convert nfs_lock_and_join_requests() to use nfs_page_find_head_request()")
Cc: stable(a)vger.kernel.org
Signed-off-by: Trond Myklebust <trond.myklebust(a)hammerspace.com>
diff --git a/fs/nfs/pagelist.c b/fs/nfs/pagelist.c
index 11968dcb7243..6e69ce43a13f 100644
--- a/fs/nfs/pagelist.c
+++ b/fs/nfs/pagelist.c
@@ -253,13 +253,14 @@ nfs_page_group_unlock(struct nfs_page *req)
nfs_page_clear_headlock(req);
}
-/*
- * nfs_page_group_sync_on_bit_locked
+/**
+ * nfs_page_group_sync_on_bit_locked - Test if all requests have @bit set
+ * @req: request in page group
+ * @bit: PG_* bit that is used to sync page group
*
* must be called with page group lock held
*/
-static bool
-nfs_page_group_sync_on_bit_locked(struct nfs_page *req, unsigned int bit)
+bool nfs_page_group_sync_on_bit_locked(struct nfs_page *req, unsigned int bit)
{
struct nfs_page *head = req->wb_head;
struct nfs_page *tmp;
diff --git a/fs/nfs/write.c b/fs/nfs/write.c
index fa5c41d0989a..8b7c04737967 100644
--- a/fs/nfs/write.c
+++ b/fs/nfs/write.c
@@ -153,20 +153,10 @@ nfs_page_set_inode_ref(struct nfs_page *req, struct inode *inode)
}
}
-static int
-nfs_cancel_remove_inode(struct nfs_page *req, struct inode *inode)
+static void nfs_cancel_remove_inode(struct nfs_page *req, struct inode *inode)
{
- int ret;
-
- if (!test_bit(PG_REMOVE, &req->wb_flags))
- return 0;
- ret = nfs_page_group_lock(req);
- if (ret)
- return ret;
if (test_and_clear_bit(PG_REMOVE, &req->wb_flags))
nfs_page_set_inode_ref(req, inode);
- nfs_page_group_unlock(req);
- return 0;
}
/**
@@ -585,19 +575,18 @@ retry:
}
}
+ ret = nfs_page_group_lock(head);
+ if (ret < 0)
+ goto out_unlock;
+
/* Ensure that nobody removed the request before we locked it */
if (head != folio->private) {
+ nfs_page_group_unlock(head);
nfs_unlock_and_release_request(head);
goto retry;
}
- ret = nfs_cancel_remove_inode(head, inode);
- if (ret < 0)
- goto out_unlock;
-
- ret = nfs_page_group_lock(head);
- if (ret < 0)
- goto out_unlock;
+ nfs_cancel_remove_inode(head, inode);
/* lock each request in the page group */
for (subreq = head->wb_this_page;
@@ -786,7 +775,8 @@ static void nfs_inode_remove_request(struct nfs_page *req)
{
struct nfs_inode *nfsi = NFS_I(nfs_page_to_inode(req));
- if (nfs_page_group_sync_on_bit(req, PG_REMOVE)) {
+ nfs_page_group_lock(req);
+ if (nfs_page_group_sync_on_bit_locked(req, PG_REMOVE)) {
struct folio *folio = nfs_page_to_folio(req->wb_head);
struct address_space *mapping = folio->mapping;
@@ -798,6 +788,7 @@ static void nfs_inode_remove_request(struct nfs_page *req)
}
spin_unlock(&mapping->i_private_lock);
}
+ nfs_page_group_unlock(req);
if (test_and_clear_bit(PG_INODE_REF, &req->wb_flags)) {
atomic_long_dec(&nfsi->nrequests);
diff --git a/include/linux/nfs_page.h b/include/linux/nfs_page.h
index 169b4ae30ff4..9aed39abc94b 100644
--- a/include/linux/nfs_page.h
+++ b/include/linux/nfs_page.h
@@ -160,6 +160,7 @@ extern void nfs_join_page_group(struct nfs_page *head,
extern int nfs_page_group_lock(struct nfs_page *);
extern void nfs_page_group_unlock(struct nfs_page *);
extern bool nfs_page_group_sync_on_bit(struct nfs_page *, unsigned int);
+extern bool nfs_page_group_sync_on_bit_locked(struct nfs_page *, unsigned int);
extern int nfs_page_set_headlock(struct nfs_page *req);
extern void nfs_page_clear_headlock(struct nfs_page *req);
extern bool nfs_async_iocounter_wait(struct rpc_task *, struct nfs_lock_context *);
2 weeks, 6 days
- 2
- 3
FAILED: patch "[PATCH] NFS: Fix a race when updating an existing write" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x 76d2e3890fb169168c73f2e4f8375c7cc24a765e
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025082225-cling-drainer-d884@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 76d2e3890fb169168c73f2e4f8375c7cc24a765e Mon Sep 17 00:00:00 2001
From: Trond Myklebust <trond.myklebust(a)hammerspace.com>
Date: Sat, 16 Aug 2025 07:25:20 -0700
Subject: [PATCH] NFS: Fix a race when updating an existing write
After nfs_lock_and_join_requests() tests for whether the request is
still attached to the mapping, nothing prevents a call to
nfs_inode_remove_request() from succeeding until we actually lock the
page group.
The reason is that whoever called nfs_inode_remove_request() doesn't
necessarily have a lock on the page group head.
So in order to avoid races, let's take the page group lock earlier in
nfs_lock_and_join_requests(), and hold it across the removal of the
request in nfs_inode_remove_request().
Reported-by: Jeff Layton <jlayton(a)kernel.org>
Tested-by: Joe Quanaim <jdq(a)meta.com>
Tested-by: Andrew Steffen <aksteffen(a)meta.com>
Reviewed-by: Jeff Layton <jlayton(a)kernel.org>
Fixes: bd37d6fce184 ("NFSv4: Convert nfs_lock_and_join_requests() to use nfs_page_find_head_request()")
Cc: stable(a)vger.kernel.org
Signed-off-by: Trond Myklebust <trond.myklebust(a)hammerspace.com>
diff --git a/fs/nfs/pagelist.c b/fs/nfs/pagelist.c
index 11968dcb7243..6e69ce43a13f 100644
--- a/fs/nfs/pagelist.c
+++ b/fs/nfs/pagelist.c
@@ -253,13 +253,14 @@ nfs_page_group_unlock(struct nfs_page *req)
nfs_page_clear_headlock(req);
}
-/*
- * nfs_page_group_sync_on_bit_locked
+/**
+ * nfs_page_group_sync_on_bit_locked - Test if all requests have @bit set
+ * @req: request in page group
+ * @bit: PG_* bit that is used to sync page group
*
* must be called with page group lock held
*/
-static bool
-nfs_page_group_sync_on_bit_locked(struct nfs_page *req, unsigned int bit)
+bool nfs_page_group_sync_on_bit_locked(struct nfs_page *req, unsigned int bit)
{
struct nfs_page *head = req->wb_head;
struct nfs_page *tmp;
diff --git a/fs/nfs/write.c b/fs/nfs/write.c
index fa5c41d0989a..8b7c04737967 100644
--- a/fs/nfs/write.c
+++ b/fs/nfs/write.c
@@ -153,20 +153,10 @@ nfs_page_set_inode_ref(struct nfs_page *req, struct inode *inode)
}
}
-static int
-nfs_cancel_remove_inode(struct nfs_page *req, struct inode *inode)
+static void nfs_cancel_remove_inode(struct nfs_page *req, struct inode *inode)
{
- int ret;
-
- if (!test_bit(PG_REMOVE, &req->wb_flags))
- return 0;
- ret = nfs_page_group_lock(req);
- if (ret)
- return ret;
if (test_and_clear_bit(PG_REMOVE, &req->wb_flags))
nfs_page_set_inode_ref(req, inode);
- nfs_page_group_unlock(req);
- return 0;
}
/**
@@ -585,19 +575,18 @@ retry:
}
}
+ ret = nfs_page_group_lock(head);
+ if (ret < 0)
+ goto out_unlock;
+
/* Ensure that nobody removed the request before we locked it */
if (head != folio->private) {
+ nfs_page_group_unlock(head);
nfs_unlock_and_release_request(head);
goto retry;
}
- ret = nfs_cancel_remove_inode(head, inode);
- if (ret < 0)
- goto out_unlock;
-
- ret = nfs_page_group_lock(head);
- if (ret < 0)
- goto out_unlock;
+ nfs_cancel_remove_inode(head, inode);
/* lock each request in the page group */
for (subreq = head->wb_this_page;
@@ -786,7 +775,8 @@ static void nfs_inode_remove_request(struct nfs_page *req)
{
struct nfs_inode *nfsi = NFS_I(nfs_page_to_inode(req));
- if (nfs_page_group_sync_on_bit(req, PG_REMOVE)) {
+ nfs_page_group_lock(req);
+ if (nfs_page_group_sync_on_bit_locked(req, PG_REMOVE)) {
struct folio *folio = nfs_page_to_folio(req->wb_head);
struct address_space *mapping = folio->mapping;
@@ -798,6 +788,7 @@ static void nfs_inode_remove_request(struct nfs_page *req)
}
spin_unlock(&mapping->i_private_lock);
}
+ nfs_page_group_unlock(req);
if (test_and_clear_bit(PG_INODE_REF, &req->wb_flags)) {
atomic_long_dec(&nfsi->nrequests);
diff --git a/include/linux/nfs_page.h b/include/linux/nfs_page.h
index 169b4ae30ff4..9aed39abc94b 100644
--- a/include/linux/nfs_page.h
+++ b/include/linux/nfs_page.h
@@ -160,6 +160,7 @@ extern void nfs_join_page_group(struct nfs_page *head,
extern int nfs_page_group_lock(struct nfs_page *);
extern void nfs_page_group_unlock(struct nfs_page *);
extern bool nfs_page_group_sync_on_bit(struct nfs_page *, unsigned int);
+extern bool nfs_page_group_sync_on_bit_locked(struct nfs_page *, unsigned int);
extern int nfs_page_set_headlock(struct nfs_page *req);
extern void nfs_page_clear_headlock(struct nfs_page *req);
extern bool nfs_async_iocounter_wait(struct rpc_task *, struct nfs_lock_context *);
2 weeks, 6 days
- 2
- 3
[PATCH] drm/xe: Fix incorrect migration of backed-up object to VRAM
by Thomas Hellström
If an object is backed up to shmem it is incorrectly identified
as not having valid data by the move code. This means moving
to VRAM skips the -EMULTIHOP step and the bo is cleared. This
causes all sorts of weird behaviour on DGFX if an already evicted
object is targeted by the shrinker.
Fix this by using ttm_tt_is_swapped() to identify backed-up
objects.
Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/5996
Fixes: 00c8efc3180f ("drm/xe: Add a shrinker for xe bos")
Cc: Matthew Brost <matthew.brost(a)intel.com>
Cc: Matthew Auld <matthew.auld(a)intel.com>
Cc: <stable(a)vger.kernel.org> # v6.15+
Signed-off-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com>
---
drivers/gpu/drm/xe/xe_bo.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/xe/xe_bo.c b/drivers/gpu/drm/xe/xe_bo.c
index 7d1ff642b02a..4faf15d5fa6d 100644
--- a/drivers/gpu/drm/xe/xe_bo.c
+++ b/drivers/gpu/drm/xe/xe_bo.c
@@ -823,8 +823,7 @@ static int xe_bo_move(struct ttm_buffer_object *ttm_bo, bool evict,
return ret;
}
- tt_has_data = ttm && (ttm_tt_is_populated(ttm) ||
- (ttm->page_flags & TTM_TT_FLAG_SWAPPED));
+ tt_has_data = ttm && (ttm_tt_is_populated(ttm) || ttm_tt_is_swapped(ttm));
move_lacks_source = !old_mem || (handle_system_ccs ? (!bo->ccs_cleared) :
(!mem_type_is_vram(old_mem_type) && !tt_has_data));
--
2.50.1
2 weeks, 6 days
- 2
- 2
Linux 6.16.4
by Greg Kroah-Hartman
I'm announcing the release of the 6.16.4 kernel.
All users of the 6.16 kernel series must upgrade.
The updated 6.16.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.16.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/devicetree/bindings/display/rockchip/rockchip-vop2.yaml | 56 +-
Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2
Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dsi-host.yaml | 2
Documentation/devicetree/bindings/ufs/mediatek,ufs.yaml | 4
Documentation/networking/mptcp-sysctl.rst | 2
Makefile | 4
arch/arm/lib/crypto/poly1305-glue.c | 3
arch/arm64/boot/dts/apple/t8012-j132.dts | 1
arch/arm64/boot/dts/exynos/exynos7870-j6lte.dts | 2
arch/arm64/boot/dts/exynos/exynos7870-on7xelte.dts | 2
arch/arm64/boot/dts/exynos/exynos7870.dtsi | 1
arch/arm64/boot/dts/exynos/google/gs101.dtsi | 1
arch/arm64/boot/dts/rockchip/rk3576.dtsi | 7
arch/arm64/boot/dts/rockchip/rk3588-turing-rk1.dtsi | 11
arch/arm64/boot/dts/ti/k3-am62-lp-sk.dts | 24
arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1
arch/arm64/boot/dts/ti/k3-am62-verdin.dtsi | 12
arch/arm64/boot/dts/ti/k3-am625-sk.dts | 24
arch/arm64/boot/dts/ti/k3-am62a7-sk.dts | 4
arch/arm64/boot/dts/ti/k3-am62x-sk-common.dtsi | 24
arch/arm64/boot/dts/ti/k3-pinctrl.h | 15
arch/arm64/lib/crypto/poly1305-glue.c | 3
arch/loongarch/Makefile | 6
arch/loongarch/kernel/module-sections.c | 36 -
arch/loongarch/kvm/intc/eiointc.c | 32 -
arch/loongarch/kvm/intc/ipi.c | 8
arch/loongarch/kvm/intc/pch_pic.c | 10
arch/loongarch/kvm/vcpu.c | 8
arch/m68k/kernel/head.S | 31 -
arch/mips/lib/crypto/chacha-core.S | 20
arch/parisc/Makefile | 4
arch/parisc/include/asm/pgtable.h | 7
arch/parisc/include/asm/special_insns.h | 28 +
arch/parisc/include/asm/uaccess.h | 21
arch/parisc/kernel/cache.c | 6
arch/parisc/kernel/entry.S | 17
arch/parisc/kernel/syscall.S | 30 -
arch/parisc/lib/memcpy.c | 19
arch/parisc/mm/fault.c | 4
arch/s390/boot/vmem.c | 3
arch/s390/hypfs/hypfs_dbfs.c | 19
arch/x86/crypto/aegis128-aesni-glue.c | 40 +
arch/x86/include/asm/xen/hypercall.h | 5
arch/x86/kernel/cpu/amd.c | 8
arch/x86/kernel/cpu/hygon.c | 3
block/bfq-iosched.c | 13
block/blk-mq-debugfs.c | 1
block/blk-mq-sched.c | 223 +++++---
block/blk-mq-sched.h | 12
block/blk-mq.c | 29 -
block/blk-rq-qos.c | 8
block/blk-rq-qos.h | 48 +
block/blk-sysfs.c | 2
block/blk.h | 4
block/elevator.c | 38 +
block/elevator.h | 16
block/kyber-iosched.c | 11
block/mq-deadline.c | 14
crypto/deflate.c | 7
drivers/accel/habanalabs/gaudi2/gaudi2.c | 2
drivers/acpi/apei/einj-core.c | 12
drivers/acpi/pfr_update.c | 2
drivers/ata/Kconfig | 36 +
drivers/ata/libata-scsi.c | 49 -
drivers/base/power/runtime.c | 27 -
drivers/bluetooth/btmtk.c | 7
drivers/bus/mhi/host/boot.c | 8
drivers/bus/mhi/host/internal.h | 4
drivers/bus/mhi/host/main.c | 12
drivers/cdx/controller/cdx_rpmsg.c | 3
drivers/comedi/comedi_fops.c | 5
drivers/comedi/drivers.c | 23
drivers/comedi/drivers/pcl726.c | 3
drivers/cpufreq/armada-8k-cpufreq.c | 2
drivers/cpuidle/governors/menu.c | 29 -
drivers/crypto/caam/ctrl.c | 5
drivers/crypto/caam/intern.h | 1
drivers/crypto/ccp/sev-dev.c | 10
drivers/crypto/intel/qat/qat_common/adf_common_drv.h | 1
drivers/crypto/intel/qat/qat_common/adf_init.c | 1
drivers/crypto/intel/qat/qat_common/adf_isr.c | 5
drivers/crypto/intel/qat/qat_common/qat_algs.c | 12
drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h | 125 +++-
drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 35 -
drivers/fpga/zynq-fpga.c | 10
drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_cper.c | 6
drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 3
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 6
drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 76 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_job.c | 7
drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.c | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 21
drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c | 5
drivers/gpu/drm/amd/amdgpu/gfx_v12_0.c | 14
drivers/gpu/drm/amd/amdgpu/imu_v12_0.c | 13
drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 +-
drivers/gpu/drm/amd/amdgpu/mmhub_v3_3.c | 105 ++++
drivers/gpu/drm/amd/amdgpu/mmhub_v4_1_0.c | 34 -
drivers/gpu/drm/amd/amdgpu/psp_v14_0.c | 2
drivers/gpu/drm/amd/amdgpu/soc15.c | 2
drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c | 2
drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2
drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v9.c | 61 +-
drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 20
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 19
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 28 +
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c | 2
drivers/gpu/drm/amd/display/dc/bios/bios_parser.c | 5
drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2
drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1
drivers/gpu/drm/amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 19
drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 -
drivers/gpu/drm/amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 -
drivers/gpu/drm/amd/display/dc/core/dc.c | 34 -
drivers/gpu/drm/amd/display/dc/resource/dce60/dce60_resource.c | 34 -
drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 16
drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0.c | 11
drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c | 30 -
drivers/gpu/drm/display/drm_dp_helper.c | 2
drivers/gpu/drm/drm_format_helper.c | 108 +++-
drivers/gpu/drm/drm_format_internal.h | 8
drivers/gpu/drm/drm_panic_qr.rs | 22
drivers/gpu/drm/hisilicon/hibmc/dp/dp_link.c | 14
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 22
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.h | 1
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_i2c.c | 5
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_vdac.c | 11
drivers/gpu/drm/i915/display/intel_display_irq.c | 4
drivers/gpu/drm/i915/display/intel_tc.c | 93 ++-
drivers/gpu/drm/i915/gt/intel_workarounds.c | 20
drivers/gpu/drm/nouveau/nvif/vmm.c | 3
drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/rpc.c | 4
drivers/gpu/drm/nova/file.rs | 3
drivers/gpu/drm/tests/drm_format_helper_test.c | 111 ----
drivers/gpu/drm/xe/Kconfig | 1
drivers/gpu/drm/xe/xe_migrate.c | 2
drivers/gpu/drm/xe/xe_pxp_submit.c | 2
drivers/gpu/drm/xe/xe_shrinker.c | 51 +
drivers/gpu/drm/xe/xe_vm.c | 48 -
drivers/gpu/drm/xe/xe_vm.h | 2
drivers/hwmon/gsc-hwmon.c | 4
drivers/i2c/busses/i2c-qcom-geni.c | 6
drivers/i2c/busses/i2c-rtl9300.c | 20
drivers/iio/accel/sca3300.c | 2
drivers/iio/adc/Kconfig | 2
drivers/iio/adc/ad7124.c | 14
drivers/iio/adc/ad7173.c | 137 ++++-
drivers/iio/adc/ad7380.c | 1
drivers/iio/adc/ad_sigma_delta.c | 4
drivers/iio/adc/rzg2l_adc.c | 33 -
drivers/iio/imu/bno055/bno055.c | 11
drivers/iio/imu/inv_icm42600/inv_icm42600.h | 8
drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 31 -
drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.c | 22
drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.h | 10
drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 6
drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 41 -
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 12
drivers/iio/light/as73211.c | 2
drivers/iio/pressure/bmp280-core.c | 9
drivers/iio/proximity/isl29501.c | 16
drivers/iio/temperature/maxim_thermocouple.c | 26 -
drivers/infiniband/core/umem_odp.c | 4
drivers/infiniband/hw/bnxt_re/ib_verbs.c | 8
drivers/infiniband/hw/bnxt_re/main.c | 23
drivers/infiniband/hw/bnxt_re/qplib_fp.c | 30 -
drivers/infiniband/hw/bnxt_re/qplib_fp.h | 2
drivers/infiniband/hw/bnxt_re/qplib_res.c | 2
drivers/infiniband/hw/erdma/erdma_verbs.c | 6
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 6
drivers/infiniband/hw/hns/hns_roce_restrack.c | 9
drivers/infiniband/sw/rxe/rxe_net.c | 29 -
drivers/infiniband/sw/rxe/rxe_qp.c | 2
drivers/iommu/amd/init.c | 4
drivers/iommu/apple-dart.c | 1
drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 2
drivers/iommu/intel/iommu.c | 1
drivers/iommu/iommufd/selftest.c | 1
drivers/iommu/riscv/iommu.c | 3
drivers/iommu/virtio-iommu.c | 19
drivers/md/dm-crypt.c | 49 +
drivers/md/dm-raid.c | 42 -
drivers/md/dm.c | 17
drivers/md/md-bitmap.c | 8
drivers/md/md-cluster.c | 16
drivers/md/md.c | 110 ++--
drivers/md/md.h | 2
drivers/md/raid0.c | 6
drivers/md/raid1-10.c | 2
drivers/md/raid1.c | 10
drivers/md/raid10.c | 16
drivers/md/raid5-ppl.c | 6
drivers/md/raid5.c | 30 -
drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3
drivers/media/i2c/hi556.c | 26 -
drivers/media/i2c/mt9m114.c | 8
drivers/media/i2c/ov2659.c | 3
drivers/media/pci/intel/ipu6/ipu6-isys-csi2.c | 12
drivers/media/pci/intel/ivsc/mei_ace.c | 2
drivers/media/pci/intel/ivsc/mei_csi.c | 2
drivers/media/platform/qcom/camss/camss-csiphy-3ph-1-0.c | 3
drivers/media/platform/qcom/camss/camss.c | 20
drivers/media/platform/qcom/iris/iris_buffer.c | 20
drivers/media/platform/qcom/iris/iris_buffer.h | 3
drivers/media/platform/qcom/iris/iris_ctrls.c | 7
drivers/media/platform/qcom/iris/iris_hfi_gen1_command.c | 27 -
drivers/media/platform/qcom/iris/iris_hfi_gen1_defines.h | 1
drivers/media/platform/qcom/iris/iris_hfi_gen1_response.c | 20
drivers/media/platform/qcom/iris/iris_hfi_gen2_command.c | 4
drivers/media/platform/qcom/iris/iris_hfi_gen2_response.c | 11
drivers/media/platform/qcom/iris/iris_hfi_queue.c | 2
drivers/media/platform/qcom/iris/iris_instance.h | 2
drivers/media/platform/qcom/iris/iris_platform_common.h | 2
drivers/media/platform/qcom/iris/iris_platform_sm8250.c | 9
drivers/media/platform/qcom/iris/iris_state.c | 2
drivers/media/platform/qcom/iris/iris_state.h | 1
drivers/media/platform/qcom/iris/iris_vb2.c | 15
drivers/media/platform/qcom/iris/iris_vdec.c | 9
drivers/media/platform/qcom/iris/iris_vidc.c | 33 +
drivers/media/platform/qcom/venus/core.c | 18
drivers/media/platform/qcom/venus/core.h | 2
drivers/media/platform/qcom/venus/hfi_venus.c | 5
drivers/media/platform/qcom/venus/vdec.c | 5
drivers/media/platform/qcom/venus/venc.c | 5
drivers/media/platform/raspberrypi/pisp_be/Kconfig | 1
drivers/media/platform/raspberrypi/pisp_be/pisp_be.c | 5
drivers/media/platform/verisilicon/rockchip_vpu_hw.c | 9
drivers/media/test-drivers/vivid/vivid-ctrls.c | 3
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4
drivers/media/usb/gspca/vicam.c | 10
drivers/media/usb/usbtv/usbtv-video.c | 4
drivers/media/v4l2-core/v4l2-ctrls-core.c | 1
drivers/memstick/core/memstick.c | 1
drivers/memstick/host/rtsx_usb_ms.c | 1
drivers/mfd/mt6397-core.c | 12
drivers/mmc/host/sdhci-of-arasan.c | 33 +
drivers/mmc/host/sdhci-pci-gli.c | 37 -
drivers/mmc/host/sdhci_am654.c | 18
drivers/most/core.c | 2
drivers/mtd/nand/raw/fsmc_nand.c | 2
drivers/mtd/nand/raw/renesas-nand-controller.c | 6
drivers/mtd/nand/spi/core.c | 5
drivers/mtd/spi-nor/swp.c | 19
drivers/net/bonding/bond_3ad.c | 67 +-
drivers/net/bonding/bond_options.c | 1
drivers/net/dsa/microchip/ksz_common.c | 6
drivers/net/ethernet/airoha/airoha_ppe.c | 4
drivers/net/ethernet/broadcom/bnxt/bnxt.c | 2
drivers/net/ethernet/google/gve/gve_main.c | 2
drivers/net/ethernet/intel/igc/igc_main.c | 14
drivers/net/ethernet/intel/ixgbe/devlink/devlink.c | 1
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4
drivers/net/ethernet/marvell/octeontx2/af/rvu_npc_fs.c | 4
drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2
drivers/net/ethernet/mellanox/mlx5/core/en/dcbnl.h | 1
drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.c | 18
drivers/net/ethernet/mellanox/mlx5/core/en/tc/ct_fs_hmfs.c | 2
drivers/net/ethernet/mellanox/mlx5/core/en_dcbnl.c | 12
drivers/net/ethernet/mellanox/mlx5/core/esw/devlink_port.c | 4
drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.h | 2
drivers/net/ethernet/mellanox/mlx5/core/port.c | 20
drivers/net/ethernet/mellanox/mlx5/core/steering/hws/bwc_complex.c | 41 +
drivers/net/ethernet/mellanox/mlx5/core/steering/hws/cmd.c | 1
drivers/net/ethernet/mellanox/mlx5/core/steering/hws/cmd.h | 1
drivers/net/ethernet/mellanox/mlx5/core/steering/hws/fs_hws.c | 1
drivers/net/ethernet/mellanox/mlx5/core/steering/hws/matcher.c | 5
drivers/net/ethernet/mellanox/mlx5/core/steering/hws/mlx5hws.h | 1
drivers/net/ethernet/mellanox/mlx5/core/steering/hws/send.c | 1
drivers/net/ethernet/mellanox/mlx5/core/steering/hws/table.c | 13
drivers/net/ethernet/mellanox/mlx5/core/steering/hws/table.h | 3
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2
drivers/net/ethernet/mellanox/mlxsw/trap.h | 1
drivers/net/ethernet/microchip/lan865x/lan865x.c | 21
drivers/net/ethernet/realtek/rtase/rtase.h | 2
drivers/net/ethernet/stmicro/stmmac/dwmac-thead.c | 9
drivers/net/ethernet/ti/icssg/icssg_prueth.c | 72 +-
drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 8
drivers/net/phy/mscc/mscc.h | 12
drivers/net/phy/mscc/mscc_main.c | 12
drivers/net/phy/mscc/mscc_ptp.c | 49 +
drivers/net/ppp/ppp_generic.c | 17
drivers/net/usb/asix_devices.c | 2
drivers/net/wireless/ath/ath11k/ce.c | 3
drivers/net/wireless/ath/ath11k/dp_rx.c | 3
drivers/net/wireless/ath/ath11k/hal.c | 33 +
drivers/net/wireless/ath/ath12k/ce.c | 3
drivers/net/wireless/ath/ath12k/hal.c | 38 +
drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2
drivers/pci/controller/dwc/pci-imx6.c | 12
drivers/pci/controller/dwc/pcie-designware.c | 8
drivers/pci/controller/pcie-rockchip-ep.c | 4
drivers/pci/controller/pcie-rockchip-host.c | 49 +
drivers/pci/controller/pcie-rockchip.h | 12
drivers/pci/endpoint/pci-ep-cfs.c | 1
drivers/pci/endpoint/pci-epf-core.c | 2
drivers/pci/pci.h | 32 -
drivers/pci/pcie/portdrv.c | 2
drivers/phy/qualcomm/phy-qcom-m31.c | 14
drivers/platform/chrome/cros_ec.c | 3
drivers/platform/x86/amd/hsmp/hsmp.c | 5
drivers/platform/x86/intel/uncore-frequency/uncore-frequency-tpmi.c | 5
drivers/pwm/pwm-imx-tpm.c | 9
drivers/pwm/pwm-mediatek.c | 71 +-
drivers/regulator/pca9450-regulator.c | 13
drivers/regulator/tps65219-regulator.c | 12
drivers/s390/char/sclp.c | 11
drivers/scsi/mpi3mr/mpi3mr.h | 6
drivers/scsi/mpi3mr/mpi3mr_fw.c | 17
drivers/scsi/mpi3mr/mpi3mr_os.c | 2
drivers/scsi/qla4xxx/ql4_os.c | 2
drivers/soc/qcom/mdt_loader.c | 43 +
drivers/soc/tegra/pmc.c | 51 +
drivers/spi/spi-fsl-lpspi.c | 8
drivers/spi/spi-qpic-snand.c | 22
drivers/staging/media/imx/imx-media-csc-scaler.c | 2
drivers/tty/serial/8250/8250_port.c | 3
drivers/tty/vt/defkeymap.c_shipped | 112 ++++
drivers/tty/vt/keyboard.c | 2
drivers/ufs/core/ufshcd.c | 10
drivers/ufs/host/ufs-exynos.c | 4
drivers/ufs/host/ufs-qcom.c | 42 -
drivers/ufs/host/ufshcd-pci.c | 42 +
drivers/usb/atm/cxacru.c | 106 +---
drivers/usb/core/hcd.c | 20
drivers/usb/core/quirks.c | 1
drivers/usb/dwc3/dwc3-imx8mp.c | 7
drivers/usb/dwc3/dwc3-meson-g12a.c | 3
drivers/usb/dwc3/dwc3-pci.c | 2
drivers/usb/dwc3/ep0.c | 20
drivers/usb/dwc3/gadget.c | 19
drivers/usb/gadget/udc/renesas_usb3.c | 1
drivers/usb/host/xhci-hub.c | 3
drivers/usb/host/xhci-mem.c | 22
drivers/usb/host/xhci-pci-renesas.c | 7
drivers/usb/host/xhci-ring.c | 9
drivers/usb/host/xhci.c | 23
drivers/usb/host/xhci.h | 3
drivers/usb/musb/omap2430.c | 14
drivers/usb/storage/realtek_cr.c | 2
drivers/usb/storage/unusual_devs.h | 29 +
drivers/usb/typec/tcpm/maxim_contaminant.c | 58 ++
drivers/usb/typec/tcpm/tcpci_maxim.h | 1
drivers/vhost/vsock.c | 6
drivers/video/console/vgacon.c | 2
fs/btrfs/ctree.c | 23
fs/btrfs/extent-tree.c | 2
fs/btrfs/extent_io.c | 94 +--
fs/btrfs/extent_io.h | 2
fs/btrfs/fiemap.c | 2
fs/btrfs/free-space-tree.c | 17
fs/btrfs/inode.c | 8
fs/btrfs/print-tree.c | 2
fs/btrfs/qgroup.c | 6
fs/btrfs/relocation.c | 4
fs/btrfs/subpage.c | 258 +++++-----
fs/btrfs/subpage.h | 45 +
fs/btrfs/super.c | 13
fs/btrfs/tree-log.c | 4
fs/btrfs/zoned.c | 70 ++
fs/buffer.c | 2
fs/debugfs/inode.c | 11
fs/erofs/Kconfig | 18
fs/ext4/fsmap.c | 23
fs/ext4/indirect.c | 4
fs/ext4/inode.c | 2
fs/ext4/orphan.c | 5
fs/ext4/super.c | 8
fs/f2fs/node.c | 10
fs/fhandle.c | 2
fs/internal.h | 3
fs/iomap/direct-io.c | 14
fs/jbd2/checkpoint.c | 1
fs/libfs.c | 27 -
fs/namespace.c | 69 +-
fs/netfs/read_collect.c | 4
fs/netfs/write_collect.c | 10
fs/netfs/write_issue.c | 4
fs/nfs/pagelist.c | 9
fs/nfs/write.c | 29 -
fs/overlayfs/copy_up.c | 2
fs/proc/task_mmu.c | 4
fs/smb/client/smb2ops.c | 2
fs/smb/server/connection.c | 3
fs/smb/server/connection.h | 7
fs/smb/server/oplock.c | 13
fs/smb/server/transport_rdma.c | 5
fs/smb/server/transport_rdma.h | 4
fs/smb/server/transport_tcp.c | 26 -
fs/splice.c | 3
fs/squashfs/super.c | 14
fs/xfs/libxfs/xfs_refcount.c | 4
fs/xfs/scrub/common.c | 3
fs/xfs/scrub/repair.c | 12
fs/xfs/scrub/scrub.c | 5
fs/xfs/xfs_attr_item.c | 5
fs/xfs/xfs_discard.c | 12
fs/xfs/xfs_fsmap.c | 4
fs/xfs/xfs_icache.c | 5
fs/xfs/xfs_inode.c | 7
fs/xfs/xfs_itable.c | 24
fs/xfs/xfs_iwalk.c | 11
fs/xfs/xfs_notify_failure.c | 6
fs/xfs/xfs_qm.c | 10
fs/xfs/xfs_rtalloc.c | 13
fs/xfs/xfs_trans.c | 56 +-
fs/xfs/xfs_trans.h | 3
fs/xfs/xfs_zone_alloc.c | 10
fs/xfs/xfs_zone_gc.c | 5
include/crypto/hash.h | 2
include/crypto/internal/acompress.h | 5
include/drm/drm_format_helper.h | 9
include/drm/intel/pciids.h | 1
include/linux/blkdev.h | 1
include/linux/compiler.h | 8
include/linux/iosys-map.h | 7
include/linux/iov_iter.h | 20
include/linux/kcov.h | 47 -
include/linux/mlx5/mlx5_ifc.h | 14
include/linux/netfs.h | 1
include/linux/nfs_page.h | 1
include/net/bluetooth/bluetooth.h | 4
include/net/bluetooth/hci.h | 1
include/net/bluetooth/hci_core.h | 54 +-
include/net/bond_3ad.h | 1
include/net/devlink.h | 6
include/net/sch_generic.h | 11
include/sound/cs35l56.h | 5
include/trace/events/btrfs.h | 2
include/uapi/linux/pfrut.h | 1
include/uapi/linux/raid/md_p.h | 2
io_uring/futex.c | 3
kernel/Kconfig.kexec | 1
kernel/cgroup/cpuset.c | 9
kernel/cgroup/rstat.c | 3
kernel/kexec_handover.c | 29 -
kernel/sched/ext.c | 4
kernel/signal.c | 6
kernel/trace/ftrace.c | 19
kernel/trace/trace.c | 34 -
kernel/trace/trace.h | 10
mm/damon/core.c | 15
mm/damon/paddr.c | 4
mm/debug_vm_pgtable.c | 9
mm/filemap.c | 3
mm/kasan/kasan_test_c.c | 2
mm/memory-failure.c | 8
mm/mremap.c | 41 -
net/bluetooth/hci_conn.c | 17
net/bluetooth/hci_core.c | 27 -
net/bluetooth/hci_event.c | 15
net/bluetooth/hci_sync.c | 33 -
net/bluetooth/iso.c | 20
net/bluetooth/mgmt.c | 13
net/bridge/br_multicast.c | 16
net/bridge/br_private.h | 2
net/core/dev.c | 12
net/devlink/port.c | 2
net/hsr/hsr_slave.c | 8
net/ipv4/netfilter/nf_reject_ipv4.c | 6
net/ipv6/netfilter/nf_reject_ipv6.c | 5
net/ipv6/seg6_hmac.c | 6
net/mptcp/options.c | 6
net/mptcp/pm.c | 18
net/mptcp/pm_kernel.c | 1
net/sched/sch_cake.c | 14
net/sched/sch_codel.c | 12
net/sched/sch_fq.c | 12
net/sched/sch_fq_codel.c | 12
net/sched/sch_fq_pie.c | 12
net/sched/sch_hhf.c | 12
net/sched/sch_htb.c | 2
net/sched/sch_pie.c | 12
net/smc/af_smc.c | 3
net/tls/tls_sw.c | 7
net/vmw_vsock/virtio_transport.c | 12
rust/kernel/alloc/allocator.rs | 30 -
rust/kernel/alloc/allocator_test.rs | 11
rust/kernel/drm/device.rs | 32 -
rust/kernel/faux.rs | 2
security/apparmor/lsm.c | 4
sound/core/timer.c | 4
sound/pci/hda/patch_realtek.c | 2
sound/pci/hda/tas2781_hda_i2c.c | 2
sound/soc/codecs/cs35l56-sdw.c | 69 --
sound/soc/codecs/cs35l56-shared.c | 29 +
sound/soc/codecs/cs35l56.c | 2
sound/soc/codecs/cs35l56.h | 3
sound/soc/sof/amd/acp-loader.c | 6
sound/usb/stream.c | 2
sound/usb/validate.c | 2
tools/objtool/arch/loongarch/special.c | 23
tools/testing/selftests/net/mptcp/mptcp_connect.c | 5
tools/testing/selftests/net/mptcp/mptcp_inq.c | 5
tools/testing/selftests/net/mptcp/mptcp_sockopt.c | 5
tools/testing/selftests/net/mptcp/pm_netlink.sh | 1
498 files changed, 4865 insertions(+), 2704 deletions(-)
Adrian Huang (Lenovo) (1):
signal: Fix memory leak for PIDFD_SELF* sentinels
Adrian Hunter (1):
scsi: ufs: ufs-pci: Fix default runtime and system PM levels
Akhilesh Patil (1):
RDMA/core: Free pfn_list with appropriate kvfree call
Al Viro (1):
use uniform permission checks for all mount propagation changes
Alan Huang (1):
xfs: Remove unused label in xfs_dax_notify_dev_failure
Aleksa Sarai (1):
open_tree_attr: do not allow id-mapping changes without OPEN_TREE_CLONE
Alex Deucher (7):
drm/amdgpu/discovery: fix fw based ip discovery
drm/amdgpu: add missing vram lost check for LEGACY RESET
drm/amdgpu: track whether a queue is a kernel queue in amdgpu_mqd_prop
drm/amdgpu: update mmhub 3.0.1 client id mappings
drm/amdgpu: update mmhub 3.3 client id mappings
drm/amdgpu: update mmhub 4.1.0 client id mappings
drm/amdgpu/swm14: Update power limit logic
Alex Guo (1):
i2c: rtl9300: Fix out-of-bounds bug in rtl9300_i2c_smbus_xfer
Alex Vesker (1):
net/mlx5: HWS, Fix table creation UID
Alexander Sverdlin (1):
arm64: dts: ti: k3-pinctrl: Enable Schmitt Trigger by default
Alexander Wilhelm (1):
bus: mhi: host: Fix endianness of BHI vector table
Alexei Lazar (1):
net/mlx5e: Query FW for buffer ownership
Amber Lin (1):
drm/amdkfd: Destroy KFD debugfs after destroy KFD wq
Amit Sunil Dhamne (2):
usb: typec: maxim_contaminant: disable low power mode when reading comparator values
usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean
Anantha Prabhu (1):
RDMA/bnxt_re: Fix to initialize the PBL array
Andrea Righi (1):
sched/ext: Fix invalid task state transitions on class switch
Andreas Dilger (1):
ext4: check fast symlink for ea_inode correctly
André Draszik (1):
scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE
Andy Shevchenko (1):
iio: imu: inv_icm42600: Convert to uXX and sXX integer types
Archana Patni (1):
scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers
Armen Ratner (1):
net/mlx5e: Preserve shared buffer capacity during headroom updates
Ashish Kalra (1):
crypto: ccp - Fix SNP panic notifier unregistration
Baihan Li (5):
drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed
drm/hisilicon/hibmc: fix irq_request()'s irq name variable is local
drm/hisilicon/hibmc: fix the hibmc loaded failed bug
drm/hisilicon/hibmc: fix rare monitors cannot display problem
drm/hisilicon/hibmc: fix dp and vga cannot show together
Bao D. Nguyen (1):
scsi: ufs: ufs-qcom: Update esi_vec_mask for HW major version >= 6
Baokun Li (2):
ext4: preserve SB_I_VERSION on remount
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
Bart Van Assche (2):
scsi: ufs: core: Fix IRQ lock inversion for the SCSI host lock
scsi: ufs: core: Remove WARN_ON_ONCE() call from ufshcd_uic_cmd_compl()
Bharat Bhushan (3):
crypto: octeontx2 - Fix address alignment issue on ucode loading
crypto: octeontx2 - Fix address alignment on CN10K A0/A1 and OcteonTX2
crypto: octeontx2 - Fix address alignment on CN10KB and CN10KA-B0
Bibo Mao (4):
LoongArch: KVM: Make function kvm_own_lbt() robust
LoongArch: KVM: Fix stack protector issue in send_ipi_data()
LoongArch: KVM: Add address alignment check in pch_pic register access
LoongArch: KVM: Use standard bitops API with eiointc
Bingbu Cao (1):
media: hi556: correct the test pattern configuration
Bjorn Andersson (1):
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Bo Liu (OpenAnolis) (1):
erofs: fix build error with CONFIG_EROFS_FS_ZIP_ACCEL=y
Boshi Yu (2):
RDMA/erdma: Fix ignored return value of init_kernel_qp
RDMA/erdma: Fix unset QPN of GSI QP
Bryan O'Donoghue (2):
media: qcom: camss: csiphy-3ph: Fix inadvertent dropping of SDM660/SDM670 phy init
media: qcom: camss: Remove extraneous -supply postfix on supply names
Chao Yu (1):
f2fs: fix to avoid out-of-boundary access in dnode page
Charalampos Mitrodimas (1):
debugfs: fix mount options not being applied
Chen Yu (1):
ACPI: pfr_update: Fix the driver update version check
Chenyuan Yang (1):
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
Chi Zhiling (1):
readahead: fix return value of page_cache_next_miss() when no hole is found
Christian Brauner (1):
libfs: massage path_from_stashed() to allow custom stashing behavior
Christoph Hellwig (5):
xfs: decouple xfs_trans_alloc_empty from xfs_trans_alloc
xfs: return the allocated transaction from xfs_trans_alloc_empty
xfs: improve the comments in xfs_select_zone_nowait
xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags
xfs: fix frozen file system assert in xfs_trans_alloc
Christoph Manszewski (1):
drm/xe: Fix vm_bind_ioctl double free bug
Christoph Paasch (1):
mptcp: drop skb if MPTCP skb extension allocation fails
Claudiu Beznea (2):
iio: adc: rzg2l_adc: Set driver data before enabling runtime PM
iio: adc: rzg2l: Cleanup suspend/resume path
Cristian Ciocaltea (3):
arm64: dts: rockchip: Add HDMI PHY PLL clock source to VOP2 on rk3576
arm64: dts: rockchip: Enable HDMI PHY clk provider on rk3576
dt-bindings: display: vop2: Add optional PLL clock property for rk3576
D. Wythe (1):
net/smc: fix UAF on smcsk after smc_listen_out()
Damien Le Moal (7):
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
dm: dm-crypt: Do not partially accept write BIOs with zoned targets
dm: Check for forbidden splitting of zone write operations
ata: libata-scsi: Fix ata_to_sense_error() status handling
ata: libata-scsi: Return aborted command when missing sense and result TF
PCI: endpoint: Fix configfs group list head handling
PCI: endpoint: Fix configfs group removal on driver teardown
Dan Carpenter (6):
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
media: gspca: Add bounds checking to firmware parser
soc: qcom: mdt_loader: Fix error return values in mdt_header_valid()
scsi: qla4xxx: Prevent a potential error pointer dereference
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
regulator: tps65219: regulator: tps65219: Fix error codes in probe()
Daniel Jurgens (1):
net/mlx5: Base ECVF devlink port attrs from 0
Danilo Krummrich (4):
rust: alloc: replace aligned_size() with Kmalloc::aligned_layout()
rust: drm: ensure kmalloc() compatible Layout
rust: drm: remove pin annotations from drm::Device
rust: drm: don't pass the address of drm::Device to drm_dev_put()
David Hildenbrand (1):
mm/mremap: fix WARN with uffd that has remap events disabled
David Howells (2):
netfs: Fix unbuffered write error handling
cifs: Fix oops due to uninitialised variable
David Lechner (13):
iio: adc: ad7173: fix num_slots
iio: imu: bno055: fix OOB access of hw_xlate array
iio: adc: ad_sigma_delta: change to buffer predisable
iio: adc: ad7173: fix channels index for syscalib_mode
iio: adc: ad7173: fix calibration channel
iio: adc: ad7173: fix setting ODR in probe
iio: adc: ad7380: fix missing max_conversion_rate_hz on adaq4381-4
iio: accel: sca3300: fix uninitialized iio scan data
iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read()
iio: adc: ad7124: fix channel lookup in syscalib functions
iio: adc: ad7173: prevent scan if too many setups requested
iio: proximity: isl29501: fix buffered read on big-endian systems
iio: imu: inv_icm42600: use = { } instead of memset()
David Sterba (1):
btrfs: move transaction aborts to the error site in add_block_group_free_space()
David Yat Sin (1):
drm/amdkfd: Fix checkpoint-restore on multi-xcc
Dewei Meng (1):
ALSA: timer: fix ida_free call while not allocated
Dikshita Agarwal (16):
media: iris: Avoid updating frame size to firmware during reconfig
media: iris: Drop port check for session property response
media: iris: Fix buffer preparation failure during resolution change
media: iris: Fix missing function pointer initialization
media: iris: Fix NULL pointer dereference
media: iris: Fix typo in depth variable
media: iris: Prevent HFI queue writes when core is in deinit state
media: iris: Remove deprecated property setting to firmware
media: iris: Remove error check for non-zero v4l2 controls
media: iris: Send V4L2_BUF_FLAG_ERROR for capture buffers with 0 filled length
media: iris: Skip destroying internal buffer if not dequeued
media: iris: Skip flush on first sequence change
media: iris: Track flush responses to prevent premature completion
media: iris: Update CAPTURE format info based on OUTPUT format
media: iris: Verify internal buffer release on close
media: iris: Remove unnecessary re-initialization of flush completion
Dmitry Torokhov (1):
mfd: mt6397: Do not use generic name for keypad sub-devices
Dominique Martinet (1):
iov_iter: iterate_folioq: fix handling of offset >= folio size
Edward Adam Davis (1):
comedi: pcl726: Prevent invalid irq number
Emanuele Ghidoli (1):
arm64: dts: ti: k3-am62-verdin: Enable pull-ups on I2C buses
Eric Biggers (7):
lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap
lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts
lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts
crypto: x86/aegis - Fix sleeping when disallowed on PREEMPT_RT
crypto: x86/aegis - Add missing error checks
ipv6: sr: Fix MAC comparison to be constant-time
crypto: acomp - Fix CFI failure due to type punning
Evgeniy Harchenko (1):
ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6
Fanhua Li (1):
drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor().
Filipe Manana (5):
btrfs: always abort transaction on failure to add block group to free space tree
btrfs: abort transaction on unexpected eb generation at btrfs_copy_root()
btrfs: reorganize logic at free_extent_buffer() for better readability
btrfs: add comment for optimization in free_extent_buffer()
btrfs: use refcount_t type for the extent buffer reference counter
Finn Thain (1):
m68k: Fix lost column on framebuffer debug console
Florian Westphal (1):
netfilter: nf_reject: don't leak dst refcount for loopback packets
Frank Min (1):
drm/amdgpu: add kicker fws loading for gfx12/smu14/psp14
Gabor Juhos (3):
mtd: spinand: propagate spinand_wait() errors from spinand_write_page()
spi: spi-qpic-snand: use correct CW_PER_PAGE value for OOB write
spi: spi-qpic-snand: fix calculating of ECC OOB regions' properties
Gang Ba (1):
drm/amdgpu: Avoid extra evict-restore process.
Geert Uytterhoeven (1):
erofs: Do not select tristate symbols from bool symbols
Geliang Tang (2):
mptcp: remove duplicate sk_reset_timer call
mptcp: disable add_addr retransmission when timeout is 0
Geraldo Nascimento (2):
PCI: rockchip: Use standard PCIe definitions
PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining
Giovanni Cabiddu (2):
crypto: qat - lower priority for skcipher and aead algorithms
crypto: qat - flush misc workqueue during device shutdown
Greg Kroah-Hartman (1):
Linux 6.16.4
Gui-Dong Han (1):
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Hangbin Liu (2):
bonding: update LACP activity flag after setting lacp_active
bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU
Hans Verkuil (1):
media: vivid: fix wrong pixel_array control size
Hans de Goede (1):
media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls
Haoxiang Li (1):
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
Hariprasad Kelam (1):
Octeontx2-af: Skip overlap check for SPI field
Harshal Gohel (1):
i2c: rtl9300: Fix multi-byte I2C write
Heikki Krogerus (1):
usb: dwc3: pci: add support for the Intel Wildcat Lake
Heiko Carstens (1):
s390/mm: Do not map lowcore with identity mapping
Helge Deller (2):
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
apparmor: Fix 8-byte alignment for initial dfa blob streams
Herbert Xu (1):
crypto: hash - Increase HASH_MAX_DESCSIZE for hmac(sha3-224-s390)
Herton R. Krzesinski (1):
mm/debug_vm_pgtable: clear page table entries at destroy_args()
Hong Guan (1):
arm64: dts: ti: k3-am62a7-sk: fix pinmux for main_uart1
Horatiu Vultur (1):
phy: mscc: Fix timestamping for vsc8584
Ian Abbott (2):
comedi: Make insn_rw_emulate_bits() do insn->n samples
comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()
Ido Schimmel (1):
mlxsw: spectrum: Forward packets with an IPv4 link-local source IP
Igor Pylypiv (1):
ata: libata-scsi: Fix CDL control
Imre Deak (6):
drm/i915/lnl+/tc: Fix handling of an enabled/disconnected dp-alt sink
drm/i915/icl+/tc: Cache the max lane count value
drm/i915/lnl+/tc: Fix max lane count HW readout
drm/i915/lnl+/tc: Use the cached max lane count value
drm/i915/icl+/tc: Convert AUX powered WARN to a debug message
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
JP Kobryn (1):
cgroup: avoid null de-ref in css_rstat_exit()
Jacopo Mondi (1):
media: pisp_be: Fix pm_runtime underrun in probe
Jakub Acs (1):
net, hsr: reject HSR frame if skb can't hold tag
Jakub Kicinski (1):
tls: fix handling of zero-length records on the rx_list
Jakub Ramaseuski (1):
net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM
Jan Beulich (1):
compiler: remove __ADDRESSABLE_ASM{_STR,}() again
Jan Kara (1):
iomap: Fix broken data integrity guarantees for O_SYNC writes
Jani Nikula (1):
drm/i915: silence rpm wakeref asserts on GEN11_GU_MISC_IIR access
Jann Horn (1):
kasan/test: fix protection against compiler elision
Jason Gunthorpe (1):
iommu: Remove ops.pgsize_bitmap from drivers that don't use it
Jason Xing (1):
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Jean-Baptiste Maneyrol (1):
iio: imu: inv_icm42600: change invalid data error to -EBUSY
Jedrzej Jagielski (2):
devlink: let driver opt out of automatic phys_port_name generation
ixgbe: prevent from unwanted interface name changes
Jens Axboe (1):
io_uring/futex: ensure io_futex_wait() cleans up properly on failure
Jialin Wang (1):
proc: proc_maps_open allow proc_mem_open to return NULL
Jiande Lu (1):
Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown
Jiayi Li (1):
memstick: Fix deadlock by moving removing flag earlier
Jinjiang Tu (1):
mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
Jiwei Sun (1):
PCI: Fix link speed calculation on retrain failure
Jocelyn Falempe (1):
drm/panic: Add a u64 divide by 10 for arm32
Johan Hovold (10):
usb: gadget: udc: renesas_usb3: fix device leak at unbind
usb: musb: omap2430: fix device leak at unbind
usb: dwc3: meson-g12a: fix device leaks at unbind
usb: dwc3: imx8mp: fix device leak at unbind
wifi: ath12k: fix dest ring-buffer corruption
wifi: ath12k: fix source ring-buffer corruption
wifi: ath12k: fix dest ring-buffer corruption when ring is full
wifi: ath11k: fix dest ring-buffer corruption
wifi: ath11k: fix source ring-buffer corruption
wifi: ath11k: fix dest ring-buffer corruption when ring is full
John David Anglin (8):
parisc: Check region is readable by user in raw_copy_from_user()
parisc: Define and use set_pte_at()
parisc: Drop WARN_ON_ONCE() from flush_cache_vmap
parisc: Rename pte_needs_flush() to pte_needs_cache_flush() in cache.c
parisc: Revise __get_user() to probe user read access
parisc: Revise gateway LWS calls to probe user read access
parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault()
parisc: Update comments in make_insert_tlb
John Ernberg (1):
crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP
Jon Hunter (1):
soc/tegra: pmc: Ensure power-domains are in a known state
Jonathan Cameron (1):
iio: light: as73211: Ensure buffer holes are zeroed
Jordan Rhee (1):
gve: prevent ethtool ops after shutdown
Jorge Ramirez-Ortiz (2):
media: venus: hfi: explicitly release IRQ during teardown
media: venus: protect against spurious interrupts during probe
José Expósito (2):
drm/tests: Fix endian warning
drm/tests: Fix drm_test_fb_xrgb8888_to_xrgb2101010() on big-endian
Judith Mendez (3):
arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support
arm64: dts: ti: k3-am62*: Move eMMC pinmux to top level board file
mmc: sdhci_am654: Disable HS400 for AM62P SR1.0 and SR1.1
Julian Sun (1):
block: restore default wbt enablement
Junxian Huang (1):
RDMA/hns: Fix dip entries leak on devices newer than hip09
Justin Lai (1):
rtase: Fix Rx descriptor CRC error bit definition
Kalesh AP (1):
RDMA/bnxt_re: Fix a possible memory leak in the driver
Kanglong Wang (1):
LoongArch: Optimize module load time by optimizing PLT/GOT counting
Kashyap Desai (2):
RDMA/bnxt_re: Fix to do SRQ armena by default
RDMA/bnxt_re: Fix to remove workload check in SRQ limit path
Kathiravan Thirumoorthy (2):
phy: qcom: phy-qcom-m31: Update IPQ5332 M31 USB phy initialization sequence
i2c: qcom-geni: fix I2C frequency table to achieve accurate bus rates
Kaustabh Chakraborty (3):
arm64: dts: exynos7870-j6lte: reduce memory ranges to base amount
arm64: dts: exynos7870: add quirk to disable USB2 LPM in gadget mode
arm64: dts: exynos7870-on7xelte: reduce memory ranges to base amount
Kees Cook (1):
iommu/amd: Avoid stack buffer overflow from kernel cmdline
Konrad Dybcio (1):
media: venus: Fix MSM8998 frequency table
Krzysztof Kozlowski (2):
dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints
dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints
Kuen-Han Tsai (1):
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Kyoji Ogasawara (3):
btrfs: fix incorrect log message for nobarrier mount option
btrfs: restore mount option info messages during mount
btrfs: fix printing of mount info messages for NODATACOW/NODATASUM
Laurentiu Mihalcea (1):
pwm: imx-tpm: Reset counter if CMOD is 0
Lauri Tirkkonen (1):
drm/amd/display: fix initial backlight brightness calculation
Leo Martins (1):
btrfs: fix subpage deadlock in try_release_subpage_extent_buffer()
Li Nan (1):
md: rename recovery_cp to resync_offset
Liao Yuanhong (1):
ext4: use kmalloc_array() for array space allocation
Lijo Lazar (2):
drm/amdgpu: Update external revid for GC v9.5.0
drm/amdgpu: Update supported modes for GC v9.5.0
Liu01 Tong (1):
drm/amdgpu: fix task hang from failed job submission during process kill
Lorenzo Bianconi (1):
net: airoha: ppe: Do not invalid PPE entries in case of SW hash collision
Ludwig Disterhof (1):
media: usbtv: Lock resolution while streaming
Luiz Augusto von Dentz (4):
Bluetooth: hci_sync: Fix scan state after PA Sync has been established
Bluetooth: hci_core: Fix using {cis,bis}_capable for current settings
Bluetooth: hci_core: Fix using ll_privacy_capable for current settings
Bluetooth: hci_core: Fix not accounting for BIS/CIS/PA links separately
Lukas Wunner (1):
PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge
MD Danish Anwar (1):
net: ti: icssg-prueth: Fix HSR and switch offload Enablement during firwmare reload.
Macpaul Lin (1):
scsi: dt-bindings: mediatek,ufs: Add ufs-disable-mcq flag for UFS host
Mael GUERIN (1):
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Marek Szyprowski (1):
zynq_fpga: use sgtable-based scatterlist wrappers
Marek Vasut (1):
usb: renesas-xhci: Fix External ROM access timeouts
Mario Limonciello (5):
drm/amd: Restore cached power limit during resume
drm/amd/display: Pass up errors for reset GPU that fails to init HW
drm/amd/display: Revert "drm/amd/display: Fix AMDGPU_MAX_BL_LEVEL value"
drm/amd/display: Avoid a NULL pointer dereference
drm/amd: Restore cached manual clock settings during resume
Masami Hiramatsu (Google) (1):
tracing: fprobe-event: Sanitize wildcard for fprobe event name
Mathis Foerst (1):
media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval
Matthieu Baerts (NGI0) (4):
mptcp: pm: kernel: flush: do not reset ADD_ADDR limit
selftests: mptcp: pm: check flush doesn't reset limits
selftests: mptcp: connect: fix C23 extension warning
selftests: mptcp: sockopt: fix C23 extension warning
Matti Vaittinen (1):
iio: adc: bd79124: Add GPIOLIB dependency
Miao Li (1):
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
Miaoqian Lin (1):
most: core: Drop device reference after usage in get_channel()
Michael Chan (1):
bnxt_en: Fix lockdep warning during rmmod
Michael Walle (1):
mtd: spi-nor: Fix spi_nor_try_unlock_all()
Michel Dänzer (1):
drm/amd/display: Add primary plane to commits for correct VRR handling
Miguel Ojeda (3):
rust: faux: fix C header link
drm: nova-drm: fix 32-bit arm build
rust: alloc: fix `rusttest` by providing `Cmalloc::aligned_layout` too
Ming Lei (1):
blk-mq: fix lockdep warning in __blk_mq_update_nr_hw_queues
Minhong He (1):
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Muhammad Usama Anjum (1):
ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context
Myrrh Periwinkle (2):
vt: keyboard: Don't process Unicode characters in K_OFF mode
vt: defkeymap: Map keycodes above 127 to K_HOLE
Namjae Jeon (1):
ksmbd: extend the connection limiting mechanism to support IPv6
Naohiro Aota (3):
btrfs: zoned: fix write time activation failure for metadata block group
btrfs: subpage: keep TOWRITE tag until folio is cleaned
btrfs: zoned: fix data relocation block group reservation
Nathan Chancellor (3):
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
drm/amdgpu: Initialize data to NULL in imu_v12_0_program_rlc_ram()
NeilBrown (1):
ovl: use I_MUTEX_PARENT when locking parent in ovl_create_temp()
Nick Chan (1):
arm64: dts: apple: t8012-j132: Include touchbar framebuffer node
Nicolas Dufresne (1):
media: verisilicon: Fix AV1 decoder clock frequency
Nicolin Chen (1):
iommu/arm-smmu-v3: Fix smmu_domain->nr_ats_masters decrement
Niklas Cassel (1):
PCI: dwc: Ensure that dw_pcie_wait_for_link() waits 100 ms after link up
Niklas Neronin (1):
usb: xhci: fix host not responding after suspend and resume
Nilay Shroff (6):
block: move elevator queue allocation logic into blk_mq_init_sched
block: fix lockdep warning caused by lock dependency in elv_iosched_store
block: fix potential deadlock while running nr_hw_queue update
block: decrement block_rq_qos static key in rq_qos_del()
block: skip q->rq_qos check in rq_qos_done_bio()
block: avoid cpu_hotplug_lock depedency on freeze_lock
Nitin Gote (1):
iosys-map: Fix undefined behavior in iosys_map_clear()
Nitin Rawat (1):
scsi: ufs: ufs-qcom: Fix ESI null pointer dereference
Ojaswin Mujoo (2):
ext4: fix fsmap end of range reporting with bigalloc
ext4: fix reserved gdt blocks handling in fsmap
Oren Sidi (1):
net/mlx5: Add IFC bits and enums for buf_ownership
Parthiban Veerasooran (2):
microchip: lan865x: fix missing netif_start_queue() call on device open
microchip: lan865x: fix missing Timer Increment config for Rev.B0/B1
Pasha Tatashin (3):
kho: init new_physxa->phys_bits to fix lockdep
kho: mm: don't allow deferred struct page with KHO
kho: warn if KHO is disabled due to an error
Pauli Virtanen (1):
Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established
Peng Fan (1):
regulator: pca9450: Use devm_register_sys_off_handler
Peter Griffin (1):
arm64: dts: exynos: gs101: ufs: add dma-coherent property
Peter Oberparleiter (3):
s390/sclp: Fix SCCB present check
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
s390/hypfs: Enable limited access during lockdown
Peter Shkenev (1):
drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities
Phillip Lougher (1):
squashfs: fix memory leak in squashfs_fill_super
Piotr Piórkowski (2):
drm/xe: Assign ioctl xe file handler to vm in xe_vm_create
drm/xe: Move ASID allocation and user PT BO tracking into xe_vm_create
Pu Lehui (1):
tracing: Limit access to parser->buffer when trace_get_user failed
Qianfeng Rong (1):
drm/nouveau/gsp: fix mismatched alloc/free for kvmalloc()
Qingfang Deng (2):
net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path
ppp: fix race conditions in ppp_fill_forward_path
Qu Wenruo (2):
btrfs: add comments on the extra btrfs specific subpage bitmaps
btrfs: rename btrfs_subpage structure
Rafael J. Wysocki (2):
PM: runtime: Take active children into account in pm_runtime_get_if_in_use()
cpuidle: governors: menu: Avoid selecting states with too much latency
Randy Dunlap (1):
parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers
Ranjan Kumar (3):
scsi: mpi3mr: Fix race between config read submit and interrupt completion
scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers
scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems
Ricardo Ribalda (2):
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
media: venus: venc: Clamp param smaller than 1fps and bigger than 240
Richard Fitzgerald (1):
ASoC: cs35l56: Handle new algorithms IDs for CS35L63
Richard Zhu (4):
PCI: imx6: Add IMX8MQ_EP third 64-bit BAR in epc_features
PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features
PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset
PCI: imx6: Delay link start until configfs 'start' written
Robin Murphy (1):
iommu/virtio: Make instance lookup robust
Sai Krishna Potthuri (1):
mmc: sdhci-of-arasan: Ensure CD logic stabilization before power-up
Sakari Ailus (2):
media: ipu6: isys: Use correct pads for xlate_streams()
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Salah Triki (1):
iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe()
Sam Edwards (1):
arm64: dts: rockchip: Remove workaround that prevented Turing RK1 GPU power regulator control
Sang-Heon Jeon (2):
mm/damon/core: fix commit_ops_filters by using correct nth function
mm/damon/core: fix damos_commit_filter not changing allow
Sebastian Andrzej Siewior (1):
kcov, usb: Don't disable interrupts in kcov_remote_start_usb_softirq()
Sebastian Brzezinka (1):
drm/i915/gt: Relocate compression repacking WA for JSL/EHL
Selvarasu Ganesan (1):
usb: dwc3: Remove WARN_ON for device endpoint command timeouts
SeongJae Park (1):
mm/damon/ops-common: ignore migration request to invalid nodes
Sergey Shtylyov (1):
Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync()
Simon Richter (1):
Mark xe driver as BROKEN if kernel page size is not 4kB
Siyang Liu (1):
drm/amd/display: fix a Null pointer dereference vulnerability
Song Gao (1):
LoongArch: KVM: Use kvm_get_vcpu_by_id() instead of kvm_get_vcpu()
Srinivas Pandruvada (1):
platform/x86/intel-uncore-freq: Check write blocked for ELC
Stefan Binding (2):
ASoC: cs35l56: Update Firmware Addresses for CS35L63 for production silicon
ASoC: cs35l56: Remove SoundWire Clock Divider workaround for CS35L63
Stefan Metzmacher (1):
smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy()
Stefan Wahren (1):
spi: spi-fsl-lpspi: Clamp too high speed_hz
Steven Rostedt (2):
ftrace: Also allocate and copy hash for reading of filter files
tracing: Remove unneeded goto out logic
Suma Hegde (1):
platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL
Suraj Gupta (1):
net: xilinx: axienet: Fix RX skb ring management in DMAengine mode
Sven Eckelmann (2):
i2c: rtl9300: Increase timeout for transfer polling
i2c: rtl9300: Add missing count byte for SMBus Block Ops
Takashi Iwai (2):
ALSA: hda: tas2781: Fix wrong reference of tasdevice_priv
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
Theodore Ts'o (1):
ext4: don't try to clear the orphan_present feature block device is r/o
Thomas Bertschinger (1):
fhandle: do_handle_open() should get FD with user flags
Thomas Fourier (2):
mtd: rawnand: fsmc: Add missing check after DMA map
mtd: rawnand: renesas: Add missing check after DMA map
Thomas Hellström (1):
drm/xe: Defer buffer object shrinker write-backs and GPU waits
Thomas Weißschuh (1):
kbuild: userprogs: use correct linker when mixing clang and GNU ld
Thomas Zimmermann (1):
drm/tests: Do not use drm_fb_blit() in format-helper tests
Thorsten Blum (3):
accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc()
cdx: Fix off-by-one error in cdx_rpmsg_probe()
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Tianxiang Peng (1):
x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper
Tiezhu Yang (2):
objtool/LoongArch: Get table size correctly if LTO is enabled
LoongArch: Pass annotate-tablejump option if LTO is enabled
Tim Harvey (1):
hwmon: (gsc-hwmon) fix fan pwm setpoint show functions
Timur Kristóf (9):
drm/amd/display: Fix DCE 6.0 and 6.4 PLL programming.
drm/amd/display: Don't overwrite dce60_clk_mgr
drm/amd/display: Don't overclock DCE 6 by 15%
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
drm/amd/display: Fix DP audio DTO1 clock source on DCE 6.
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs
drm/amd/display: Adjust DCE 8-10 clock, don't overclock by 15%
drm/amd/display: Don't print errors for nonexistent connectors
Tom Chung (1):
drm/amd/display: Fix Xorg desktop unresponsive on Replay panel
Tristram Ha (1):
net: dsa: microchip: Fix KSZ9477 HSR port setup issue
Trond Myklebust (1):
NFS: Fix a race when updating an existing write
Tzung-Bi Shih (1):
platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister()
Uwe Kleine-König (3):
pwm: mediatek: Handle hardware enable and clock enable separately
pwm: mediatek: Fix duty and period setting
ACPI: APEI: EINJ: Fix resource leak by remove callback in .exit.text
ValdikSS (1):
igc: fix disabling L1.2 PCI-E link substate on I226 on init
Vedang Nagar (1):
media: venus: Add a check for packet size after reading from shared memory
Victor Shih (3):
mmc: sdhci-pci-gli: Add a new function to simplify the code
mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER
mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency
Vlad Dogaru (1):
net/mlx5: CT: Use the correct counter offset
Vladimir Zapolskiy (1):
media: qcom: camss: cleanup media device allocated resource on error path
Vodapalli, Ravi Kumar (1):
drm/xe/bmg: Add one additional PCI ID
Waiman Long (2):
cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key
cgroup/cpuset: Fix a partition error with CPU hotplug
Wang Liang (1):
net: bridge: fix soft lockup in br_multicast_query_expired()
Weitao Wang (1):
usb: xhci: Fix slot_id resource race conflict
Will Deacon (2):
vsock/virtio: Validate length in packet header before skb_put()
vhost/vsock: Avoid allocating arbitrarily-sized SKBs
William Liu (3):
net/sched: Fix backlog accounting in qdisc_dequeue_internal
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
Xaver Hugl (1):
amdgpu/amdgpu_discovery: increase timeout limit for IFWI init
XianLiang Huang (1):
iommu/riscv: prevent NULL deref in iova_to_phys
Xu Yang (1):
usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test
Xu Yilun (1):
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Yang Li (2):
Bluetooth: hci_sync: Prevent unintended PA sync when SID is 0xFF
Bluetooth: Add PA_LINK to distinguish BIG sync and PA sync connections
Yang Wang (1):
drm/amd/amdgpu: fix missing lock for cper.ring->rptr/wptr access
Yao Zi (1):
net: stmmac: thead: Enable TX clock before MAC initialization
Yazen Ghannam (1):
x86/CPU/AMD: Ignore invalid reset reason value
Ye Bin (1):
fs/buffer: fix use-after-free when call bh_read() helper
Yevgeny Kliteynik (2):
net/mlx5: HWS, fix bad parameter in CQ creation
net/mlx5: HWS, fix complex rules rehash error flow
Youssef Samir (1):
bus: mhi: host: Detect events pointing to unexpected TREs
YuanShang (1):
drm/amdgpu: Retain job->vm in amdgpu_job_prepare_job
Yuichiro Tsuji (1):
net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization
Yunhui Cui (1):
serial: 8250: fix panic due to PSLVERR
Yuntao Wang (1):
fs: fix incorrect lflags value in the move_mount syscall
Zenm Chen (1):
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Zhang Shurong (1):
media: ov2659: Fix memory leaks in ov2659_probe()
Zhang Yi (1):
ext4: fix hole length calculation overflow in non-extent inodes
Zheng Qixing (2):
md: add helper rdev_needs_recovery()
md: fix sync_action incorrect display during resync
Zhu Yanjun (1):
RDMA/rxe: Flush delayed SKBs while releasing RXE resources
Ziyan Xu (1):
ksmbd: fix refcount leak causing resource not released
wenglianfa (1):
RDMA/hns: Fix querying wrong SCC context for DIP algorithm
2 weeks, 6 days
- 1
- 1
Linux 6.12.44
by Greg Kroah-Hartman
I'm announcing the release of the 6.12.44 kernel.
All users of the 6.12 kernel series must upgrade.
The updated 6.12.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2
Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dsi-host.yaml | 2
Documentation/devicetree/bindings/ufs/mediatek,ufs.yaml | 4
Documentation/networking/mptcp-sysctl.rst | 2
Makefile | 4
arch/arm64/boot/dts/exynos/google/gs101.dtsi | 1
arch/arm64/boot/dts/ti/k3-am62-lp-sk.dts | 36 +
arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1
arch/arm64/boot/dts/ti/k3-am62-phycore-som.dtsi | 1
arch/arm64/boot/dts/ti/k3-am62-verdin.dtsi | 12
arch/arm64/boot/dts/ti/k3-am625-beagleplay.dts | 2
arch/arm64/boot/dts/ti/k3-am625-sk.dts | 24
arch/arm64/boot/dts/ti/k3-am62a-phycore-som.dtsi | 1
arch/arm64/boot/dts/ti/k3-am62a7-sk.dts | 7
arch/arm64/boot/dts/ti/k3-am62p5-sk.dts | 2
arch/arm64/boot/dts/ti/k3-am62x-sk-common.dtsi | 24
arch/arm64/boot/dts/ti/k3-am642-evm.dts | 1
arch/arm64/boot/dts/ti/k3-am654-base-board.dts | 1
arch/arm64/boot/dts/ti/k3-am6548-iot2050-advanced-common.dtsi | 1
arch/arm64/boot/dts/ti/k3-am69-sk.dts | 1
arch/arm64/boot/dts/ti/k3-pinctrl.h | 15
arch/loongarch/kernel/module-sections.c | 36 -
arch/loongarch/kvm/vcpu.c | 8
arch/m68k/kernel/head.S | 31
arch/mips/crypto/chacha-core.S | 20
arch/parisc/Makefile | 4
arch/parisc/include/asm/pgtable.h | 7
arch/parisc/include/asm/special_insns.h | 28
arch/parisc/include/asm/uaccess.h | 21
arch/parisc/kernel/cache.c | 6
arch/parisc/kernel/entry.S | 17
arch/parisc/kernel/syscall.S | 30
arch/parisc/lib/memcpy.c | 19
arch/parisc/mm/fault.c | 4
arch/powerpc/boot/Makefile | 1
arch/s390/boot/vmem.c | 3
arch/s390/hypfs/hypfs_dbfs.c | 19
arch/x86/coco/sev/shared.c | 3
arch/x86/include/asm/xen/hypercall.h | 5
arch/x86/kernel/cpu/hygon.c | 3
arch/x86/kvm/mmu/mmu.c | 10
drivers/accel/habanalabs/gaudi2/gaudi2.c | 2
drivers/acpi/pfr_update.c | 2
drivers/ata/Kconfig | 36 -
drivers/ata/libata-scsi.c | 58 -
drivers/base/power/runtime.c | 27
drivers/bluetooth/btmtk.c | 7
drivers/bus/mhi/host/boot.c | 8
drivers/bus/mhi/host/internal.h | 4
drivers/bus/mhi/host/main.c | 12
drivers/cdx/controller/cdx_rpmsg.c | 3
drivers/comedi/comedi_fops.c | 5
drivers/comedi/drivers.c | 23
drivers/comedi/drivers/pcl726.c | 3
drivers/cpufreq/armada-8k-cpufreq.c | 2
drivers/cpuidle/governors/menu.c | 101 --
drivers/crypto/caam/ctrl.c | 5
drivers/crypto/caam/intern.h | 1
drivers/crypto/intel/qat/qat_common/adf_common_drv.h | 1
drivers/crypto/intel/qat/qat_common/adf_init.c | 1
drivers/crypto/intel/qat/qat_common/adf_isr.c | 5
drivers/crypto/intel/qat/qat_common/qat_algs.c | 12
drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h | 125 ++-
drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 35
drivers/fpga/zynq-fpga.c | 10
drivers/gpu/drm/Kconfig | 5
drivers/gpu/drm/Makefile | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 5
drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 76 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6
drivers/gpu/drm/amd/amdgpu/imu_v12_0.c | 2
drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 -
drivers/gpu/drm/amd/amdgpu/mmhub_v4_1_0.c | 34
drivers/gpu/drm/amd/amdgpu/soc15.c | 2
drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 28
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c | 2
drivers/gpu/drm/amd/display/dc/bios/bios_parser.c | 5
drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2
drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1
drivers/gpu/drm/amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2
drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 -
drivers/gpu/drm/amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31
drivers/gpu/drm/amd/display/dc/core/dc.c | 34
drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6
drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c | 30
drivers/gpu/drm/display/drm_dp_helper.c | 2
drivers/gpu/drm/drm_draw.c | 155 ++++
drivers/gpu/drm/drm_draw_internal.h | 56 +
drivers/gpu/drm/drm_format_helper.c | 234 ++++--
drivers/gpu/drm/drm_format_internal.h | 127 +++
drivers/gpu/drm/drm_panic.c | 269 -------
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.h | 17
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_i2c.c | 46 -
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_vdac.c | 29
drivers/gpu/drm/i915/display/intel_tc.c | 58 +
drivers/gpu/drm/nouveau/nvif/vmm.c | 3
drivers/gpu/drm/tests/drm_format_helper_test.c | 176 ++--
drivers/gpu/drm/xe/Kconfig | 1
drivers/hwmon/gsc-hwmon.c | 4
drivers/iio/adc/ad7173.c | 3
drivers/iio/adc/ad_sigma_delta.c | 4
drivers/iio/imu/bno055/bno055.c | 11
drivers/iio/imu/inv_icm42600/inv_icm42600.h | 8
drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 33
drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.c | 22
drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.h | 10
drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 6
drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 43 -
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 12
drivers/iio/light/adjd_s311.c | 2
drivers/iio/light/as73211.c | 4
drivers/iio/light/bh1745.c | 2
drivers/iio/light/isl29125.c | 2
drivers/iio/light/ltr501.c | 2
drivers/iio/light/max44000.c | 2
drivers/iio/light/rohm-bu27034.c | 2
drivers/iio/light/rpr0521.c | 2
drivers/iio/light/st_uvis25.h | 2
drivers/iio/light/tcs3414.c | 2
drivers/iio/light/tcs3472.c | 2
drivers/iio/pressure/bmp280-core.c | 9
drivers/iio/proximity/isl29501.c | 16
drivers/iio/temperature/maxim_thermocouple.c | 26
drivers/infiniband/hw/bnxt_re/ib_verbs.c | 8
drivers/infiniband/hw/bnxt_re/main.c | 23
drivers/infiniband/hw/bnxt_re/qplib_fp.c | 30
drivers/infiniband/hw/bnxt_re/qplib_fp.h | 2
drivers/infiniband/hw/bnxt_re/qplib_res.c | 2
drivers/infiniband/hw/erdma/erdma_verbs.c | 4
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 6
drivers/infiniband/hw/hns/hns_roce_restrack.c | 9
drivers/infiniband/sw/rxe/rxe_net.c | 29
drivers/infiniband/sw/rxe/rxe_qp.c | 2
drivers/iommu/amd/init.c | 4
drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 2
drivers/md/dm-crypt.c | 49 +
drivers/md/dm.c | 17
drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3
drivers/media/i2c/hi556.c | 26
drivers/media/i2c/mt9m114.c | 8
drivers/media/i2c/ov2659.c | 3
drivers/media/pci/intel/ipu6/ipu6-isys-csi2.c | 12
drivers/media/pci/intel/ivsc/mei_ace.c | 2
drivers/media/pci/intel/ivsc/mei_csi.c | 2
drivers/media/platform/qcom/camss/camss.c | 4
drivers/media/platform/qcom/venus/core.c | 18
drivers/media/platform/qcom/venus/core.h | 2
drivers/media/platform/qcom/venus/hfi_venus.c | 5
drivers/media/platform/qcom/venus/vdec.c | 5
drivers/media/platform/qcom/venus/venc.c | 5
drivers/media/platform/raspberrypi/pisp_be/Kconfig | 1
drivers/media/platform/raspberrypi/pisp_be/pisp_be.c | 5
drivers/media/platform/verisilicon/rockchip_vpu_hw.c | 9
drivers/media/test-drivers/vivid/vivid-ctrls.c | 3
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4
drivers/media/usb/gspca/vicam.c | 10
drivers/media/usb/usbtv/usbtv-video.c | 4
drivers/media/v4l2-core/v4l2-ctrls-core.c | 1
drivers/memstick/core/memstick.c | 1
drivers/memstick/host/rtsx_usb_ms.c | 1
drivers/mmc/host/sdhci-pci-gli.c | 37 -
drivers/mmc/host/sdhci_am654.c | 18
drivers/most/core.c | 2
drivers/mtd/nand/raw/fsmc_nand.c | 2
drivers/mtd/nand/raw/renesas-nand-controller.c | 6
drivers/mtd/nand/spi/core.c | 5
drivers/mtd/spi-nor/swp.c | 19
drivers/net/bonding/bond_3ad.c | 67 +
drivers/net/bonding/bond_options.c | 1
drivers/net/can/ti_hecc.c | 2
drivers/net/dsa/microchip/ksz_common.c | 6
drivers/net/ethernet/google/gve/gve_main.c | 2
drivers/net/ethernet/intel/igc/igc_main.c | 14
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4
drivers/net/ethernet/marvell/octeontx2/af/rvu_npc_fs.c | 4
drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2
drivers/net/ethernet/mellanox/mlx5/core/en/dcbnl.h | 1
drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.c | 18
drivers/net/ethernet/mellanox/mlx5/core/en_dcbnl.c | 12
drivers/net/ethernet/mellanox/mlx5/core/esw/devlink_port.c | 4
drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.h | 87 ++
drivers/net/ethernet/mellanox/mlx5/core/port.c | 40 -
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2
drivers/net/ethernet/mellanox/mlxsw/trap.h | 1
drivers/net/ethernet/microchip/lan865x/lan865x.c | 21
drivers/net/ethernet/realtek/rtase/rtase.h | 2
drivers/net/ethernet/ti/icssg/icssg_prueth.c | 72 +-
drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 8
drivers/net/phy/mscc/mscc.h | 12
drivers/net/phy/mscc/mscc_main.c | 12
drivers/net/phy/mscc/mscc_ptp.c | 49 +
drivers/net/ppp/ppp_generic.c | 17
drivers/net/usb/asix_devices.c | 2
drivers/net/wireless/ath/ath11k/ce.c | 3
drivers/net/wireless/ath/ath11k/dp_rx.c | 3
drivers/net/wireless/ath/ath11k/hal.c | 33
drivers/net/wireless/ath/ath12k/ce.c | 3
drivers/net/wireless/ath/ath12k/hal.c | 38 -
drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2
drivers/pci/controller/dwc/pci-imx6.c | 32
drivers/pci/controller/pcie-rockchip-host.c | 49 -
drivers/pci/controller/pcie-rockchip.h | 11
drivers/pci/endpoint/pci-ep-cfs.c | 1
drivers/pci/endpoint/pci-epf-core.c | 2
drivers/pci/pcie/portdrv.c | 2
drivers/phy/qualcomm/phy-qcom-m31.c | 14
drivers/platform/chrome/cros_ec.c | 3
drivers/platform/x86/intel/uncore-frequency/uncore-frequency-tpmi.c | 5
drivers/pwm/pwm-imx-tpm.c | 9
drivers/pwm/pwm-mediatek.c | 71 +
drivers/s390/char/sclp.c | 11
drivers/scsi/mpi3mr/mpi3mr.h | 6
drivers/scsi/mpi3mr/mpi3mr_fw.c | 17
drivers/scsi/mpi3mr/mpi3mr_os.c | 2
drivers/scsi/qla4xxx/ql4_os.c | 2
drivers/scsi/scsi_lib.c | 3
drivers/soc/qcom/mdt_loader.c | 43 +
drivers/soc/tegra/pmc.c | 51 -
drivers/spi/spi-fsl-lpspi.c | 8
drivers/staging/media/imx/imx-media-csc-scaler.c | 2
drivers/tty/serial/8250/8250_port.c | 3
drivers/tty/vt/defkeymap.c_shipped | 112 +++
drivers/tty/vt/keyboard.c | 2
drivers/ufs/host/ufs-exynos.c | 4
drivers/ufs/host/ufshcd-pci.c | 42 +
drivers/usb/atm/cxacru.c | 106 +-
drivers/usb/core/hcd.c | 20
drivers/usb/core/quirks.c | 1
drivers/usb/dwc3/dwc3-imx8mp.c | 7
drivers/usb/dwc3/dwc3-meson-g12a.c | 3
drivers/usb/dwc3/dwc3-pci.c | 2
drivers/usb/dwc3/ep0.c | 20
drivers/usb/dwc3/gadget.c | 19
drivers/usb/gadget/udc/renesas_usb3.c | 1
drivers/usb/host/xhci-hub.c | 3
drivers/usb/host/xhci-mem.c | 22
drivers/usb/host/xhci-pci-renesas.c | 7
drivers/usb/host/xhci-ring.c | 9
drivers/usb/host/xhci.c | 21
drivers/usb/host/xhci.h | 3
drivers/usb/musb/omap2430.c | 14
drivers/usb/storage/realtek_cr.c | 2
drivers/usb/storage/unusual_devs.h | 29
drivers/usb/typec/class.c | 7
drivers/usb/typec/tcpm/fusb302.c | 32
drivers/usb/typec/tcpm/maxim_contaminant.c | 58 +
drivers/usb/typec/tcpm/qcom/qcom_pmic_typec_pdphy.c | 3
drivers/usb/typec/tcpm/qcom/qcom_pmic_typec_pdphy_stub.c | 3
drivers/usb/typec/tcpm/qcom/qcom_pmic_typec_port.c | 4
drivers/usb/typec/tcpm/tcpci_maxim.h | 1
drivers/usb/typec/tcpm/tcpm.c | 7
drivers/vhost/vsock.c | 6
drivers/video/console/vgacon.c | 2
fs/btrfs/block-group.c | 59 -
fs/btrfs/ctree.c | 9
fs/btrfs/free-space-tree.c | 17
fs/btrfs/qgroup.c | 38 -
fs/btrfs/send.c | 359 +++++-----
fs/btrfs/subpage.c | 19
fs/btrfs/super.c | 13
fs/btrfs/transaction.c | 1
fs/btrfs/zoned.c | 13
fs/buffer.c | 2
fs/debugfs/inode.c | 11
fs/ext4/fsmap.c | 23
fs/ext4/indirect.c | 4
fs/ext4/inode.c | 2
fs/ext4/orphan.c | 5
fs/ext4/super.c | 8
fs/f2fs/node.c | 10
fs/file.c | 75 --
fs/jbd2/checkpoint.c | 1
fs/namespace.c | 34
fs/netfs/write_collect.c | 10
fs/netfs/write_issue.c | 4
fs/nfs/pagelist.c | 9
fs/nfs/write.c | 29
fs/overlayfs/copy_up.c | 2
fs/smb/client/smb2ops.c | 2
fs/smb/server/connection.c | 3
fs/smb/server/connection.h | 7
fs/smb/server/oplock.c | 13
fs/smb/server/transport_rdma.c | 5
fs/smb/server/transport_rdma.h | 4
fs/smb/server/transport_tcp.c | 26
fs/splice.c | 3
fs/squashfs/super.c | 14
fs/xfs/xfs_itable.c | 6
include/drm/drm_format_helper.h | 12
include/linux/call_once.h | 47 -
include/linux/compiler.h | 8
include/linux/iosys-map.h | 7
include/linux/iov_iter.h | 20
include/linux/kcov.h | 47 -
include/linux/mlx5/mlx5_ifc.h | 14
include/linux/mlx5/port.h | 85 --
include/linux/netfs.h | 1
include/linux/nfs_page.h | 1
include/net/bond_3ad.h | 1
include/uapi/linux/pfrut.h | 1
io_uring/futex.c | 3
io_uring/net.c | 27
kernel/cgroup/cpuset.c | 9
kernel/sched/ext.c | 18
kernel/trace/ftrace.c | 19
kernel/trace/trace.c | 34
kernel/trace/trace.h | 10
mm/damon/paddr.c | 4
mm/debug_vm_pgtable.c | 9
mm/filemap.c | 3
mm/memory-failure.c | 8
net/bluetooth/hci_conn.c | 3
net/bluetooth/hci_event.c | 8
net/bluetooth/hci_sync.c | 19
net/bridge/br_multicast.c | 16
net/bridge/br_private.h | 2
net/core/dev.c | 12
net/hsr/hsr_slave.c | 8
net/ipv4/netfilter/nf_reject_ipv4.c | 6
net/ipv6/netfilter/nf_reject_ipv6.c | 5
net/ipv6/seg6_hmac.c | 6
net/mptcp/options.c | 6
net/mptcp/pm_netlink.c | 19
net/sched/sch_cake.c | 14
net/sched/sch_htb.c | 2
net/smc/af_smc.c | 3
net/tls/tls_sw.c | 7
net/vmw_vsock/virtio_transport.c | 12
rust/kernel/alloc/allocator.rs | 30
rust/kernel/alloc/allocator_test.rs | 11
security/apparmor/lsm.c | 4
sound/core/timer.c | 4
sound/pci/hda/patch_realtek.c | 2
sound/soc/sof/amd/acp-loader.c | 6
sound/usb/stream.c | 2
sound/usb/validate.c | 2
tools/testing/selftests/net/mptcp/pm_netlink.sh | 1
341 files changed, 3787 insertions(+), 2216 deletions(-)
Adrian Hunter (1):
scsi: ufs: ufs-pci: Fix default runtime and system PM levels
Al Viro (2):
use uniform permission checks for all mount propagation changes
alloc_fdtable(): change calling conventions.
Alex Deucher (4):
drm/amdgpu/discovery: fix fw based ip discovery
drm/amdgpu: update mmhub 3.0.1 client id mappings
drm/amdgpu: update mmhub 4.1.0 client id mappings
drm/amdgpu/swm14: Update power limit logic
Alexander Sverdlin (1):
arm64: dts: ti: k3-pinctrl: Enable Schmitt Trigger by default
Alexander Wilhelm (1):
bus: mhi: host: Fix endianness of BHI vector table
Alexei Lazar (1):
net/mlx5e: Query FW for buffer ownership
Amber Lin (1):
drm/amdkfd: Destroy KFD debugfs after destroy KFD wq
Amit Sunil Dhamne (2):
usb: typec: maxim_contaminant: disable low power mode when reading comparator values
usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean
Anantha Prabhu (1):
RDMA/bnxt_re: Fix to initialize the PBL array
Andrea Righi (2):
sched/ext: Fix invalid task state transitions on class switch
sched_ext: initialize built-in idle state before ops.init()
Andreas Dilger (1):
ext4: check fast symlink for ea_inode correctly
André Draszik (1):
scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE
Andy Shevchenko (1):
iio: imu: inv_icm42600: Convert to uXX and sXX integer types
Archana Patni (1):
scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers
Armen Ratner (1):
net/mlx5e: Preserve shared buffer capacity during headroom updates
Baihan Li (3):
drm/hisilicon/hibmc: refactored struct hibmc_drm_private
drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed
drm/hisilicon/hibmc: fix the hibmc loaded failed bug
Baokun Li (2):
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
ext4: preserve SB_I_VERSION on remount
Bharat Bhushan (3):
crypto: octeontx2 - Fix address alignment issue on ucode loading
crypto: octeontx2 - Fix address alignment on CN10K A0/A1 and OcteonTX2
crypto: octeontx2 - Fix address alignment on CN10KB and CN10KA-B0
Bibo Mao (1):
LoongArch: KVM: Make function kvm_own_lbt() robust
Bingbu Cao (1):
media: hi556: correct the test pattern configuration
Bjorn Andersson (1):
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Boris Burkov (2):
btrfs: explicitly ref count block_group on new_bgs list
btrfs: codify pattern for adding block_group to bg_list
Boshi Yu (1):
RDMA/erdma: Fix ignored return value of init_kernel_qp
Chao Yu (1):
f2fs: fix to avoid out-of-boundary access in dnode page
Charalampos Mitrodimas (1):
debugfs: fix mount options not being applied
Chen Yu (1):
ACPI: pfr_update: Fix the driver update version check
Chenyuan Yang (1):
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
Chi Zhiling (1):
readahead: fix return value of page_cache_next_miss() when no hole is found
Christian Loehle (1):
cpuidle: menu: Remove iowait influence
Christoph Hellwig (1):
xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags
Christoph Paasch (1):
mptcp: drop skb if MPTCP skb extension allocation fails
D. Wythe (1):
net/smc: fix UAF on smcsk after smc_listen_out()
Damien Le Moal (7):
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
dm: dm-crypt: Do not partially accept write BIOs with zoned targets
dm: Check for forbidden splitting of zone write operations
ata: libata-scsi: Fix ata_to_sense_error() status handling
PCI: endpoint: Fix configfs group list head handling
PCI: endpoint: Fix configfs group removal on driver teardown
ata: libata-scsi: Return aborted command when missing sense and result TF
Dan Carpenter (5):
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
media: gspca: Add bounds checking to firmware parser
soc: qcom: mdt_loader: Fix error return values in mdt_header_valid()
scsi: qla4xxx: Prevent a potential error pointer dereference
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Daniel Jurgens (1):
net/mlx5: Base ECVF devlink port attrs from 0
Danilo Krummrich (1):
rust: alloc: replace aligned_size() with Kmalloc::aligned_layout()
David Howells (2):
netfs: Fix unbuffered write error handling
cifs: Fix oops due to uninitialised variable
David Lechner (6):
iio: imu: bno055: fix OOB access of hw_xlate array
iio: adc: ad_sigma_delta: change to buffer predisable
iio: adc: ad7173: fix setting ODR in probe
iio: proximity: isl29501: fix buffered read on big-endian systems
iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read()
iio: imu: inv_icm42600: use = { } instead of memset()
David Sterba (2):
btrfs: qgroup: drop unused parameter fs_info from __del_qgroup_rb()
btrfs: move transaction aborts to the error site in add_block_group_free_space()
Dewei Meng (1):
ALSA: timer: fix ida_free call while not allocated
Dominique Martinet (1):
iov_iter: iterate_folioq: fix handling of offset >= folio size
Edward Adam Davis (1):
comedi: pcl726: Prevent invalid irq number
Emanuele Ghidoli (1):
arm64: dts: ti: k3-am62-verdin: Enable pull-ups on I2C buses
Eric Biggers (2):
lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap
ipv6: sr: Fix MAC comparison to be constant-time
Evgeniy Harchenko (1):
ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6
Fanhua Li (1):
drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor().
Filipe Manana (10):
btrfs: qgroup: fix race between quota disable and quota rescan ioctl
btrfs: always abort transaction on failure to add block group to free space tree
btrfs: abort transaction on unexpected eb generation at btrfs_copy_root()
btrfs: send: factor out common logic when sending xattrs
btrfs: send: only use boolean variables at process_recorded_refs()
btrfs: send: add and use helper to rename current inode when processing refs
btrfs: send: keep the current inode's path cached
btrfs: send: avoid path allocation for the current inode when issuing commands
btrfs: send: use fallocate for hole punching with send stream v2
btrfs: send: make fs_path_len() inline and constify its argument
Finn Thain (1):
m68k: Fix lost column on framebuffer debug console
Florian Westphal (1):
netfilter: nf_reject: don't leak dst refcount for loopback packets
Frank Li (1):
PCI: imx6: Add i.MX8Q PCIe Endpoint (EP) support
Gabor Juhos (1):
mtd: spinand: propagate spinand_wait() errors from spinand_write_page()
Gang Ba (1):
drm/amdgpu: Avoid extra evict-restore process.
Geliang Tang (2):
mptcp: remove duplicate sk_reset_timer call
mptcp: disable add_addr retransmission when timeout is 0
Geraldo Nascimento (2):
PCI: rockchip: Use standard PCIe definitions
PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining
Giovanni Cabiddu (2):
crypto: qat - lower priority for skcipher and aead algorithms
crypto: qat - flush misc workqueue during device shutdown
Greg Kroah-Hartman (2):
Revert "can: ti_hecc: fix -Woverflow compiler warning"
Linux 6.12.44
Gui-Dong Han (1):
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Hangbin Liu (2):
bonding: update LACP activity flag after setting lacp_active
bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU
Hans Verkuil (1):
media: vivid: fix wrong pixel_array control size
Hans de Goede (1):
media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls
Haoxiang Li (1):
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
Hariprasad Kelam (1):
Octeontx2-af: Skip overlap check for SPI field
Heikki Krogerus (1):
usb: dwc3: pci: add support for the Intel Wildcat Lake
Heiko Carstens (1):
s390/mm: Do not map lowcore with identity mapping
Helge Deller (2):
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
apparmor: Fix 8-byte alignment for initial dfa blob streams
Herton R. Krzesinski (1):
mm/debug_vm_pgtable: clear page table entries at destroy_args()
Hong Guan (1):
arm64: dts: ti: k3-am62a7-sk: fix pinmux for main_uart1
Horatiu Vultur (1):
phy: mscc: Fix timestamping for vsc8584
Ian Abbott (2):
comedi: Make insn_rw_emulate_bits() do insn->n samples
comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()
Ido Schimmel (1):
mlxsw: spectrum: Forward packets with an IPv4 link-local source IP
Igor Pylypiv (1):
ata: libata-scsi: Fix CDL control
Imre Deak (3):
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
drm/i915/icl+/tc: Convert AUX powered WARN to a debug message
drm/i915/icl+/tc: Cache the max lane count value
Jacopo Mondi (1):
media: pisp_be: Fix pm_runtime underrun in probe
Jakub Acs (1):
net, hsr: reject HSR frame if skb can't hold tag
Jakub Kicinski (1):
tls: fix handling of zero-length records on the rx_list
Jakub Ramaseuski (1):
net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM
Jan Beulich (1):
compiler: remove __ADDRESSABLE_ASM{_STR,}() again
Jason Xing (1):
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Jean-Baptiste Maneyrol (1):
iio: imu: inv_icm42600: change invalid data error to -EBUSY
Jens Axboe (2):
io_uring/net: commit partial buffers on retry
io_uring/futex: ensure io_futex_wait() cleans up properly on failure
Jiande Lu (1):
Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown
Jiayi Li (1):
memstick: Fix deadlock by moving removing flag earlier
Jinjiang Tu (1):
mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
Jocelyn Falempe (1):
drm/panic: Move drawing functions to drm_draw
Johan Hovold (10):
usb: gadget: udc: renesas_usb3: fix device leak at unbind
usb: musb: omap2430: fix device leak at unbind
usb: dwc3: meson-g12a: fix device leaks at unbind
usb: dwc3: imx8mp: fix device leak at unbind
wifi: ath12k: fix dest ring-buffer corruption
wifi: ath12k: fix source ring-buffer corruption
wifi: ath12k: fix dest ring-buffer corruption when ring is full
wifi: ath11k: fix dest ring-buffer corruption
wifi: ath11k: fix source ring-buffer corruption
wifi: ath11k: fix dest ring-buffer corruption when ring is full
John David Anglin (8):
parisc: Check region is readable by user in raw_copy_from_user()
parisc: Define and use set_pte_at()
parisc: Drop WARN_ON_ONCE() from flush_cache_vmap
parisc: Rename pte_needs_flush() to pte_needs_cache_flush() in cache.c
parisc: Revise __get_user() to probe user read access
parisc: Revise gateway LWS calls to probe user read access
parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault()
parisc: Update comments in make_insert_tlb
John Ernberg (1):
crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP
Jon Hunter (1):
soc/tegra: pmc: Ensure power-domains are in a known state
Jonathan Cameron (3):
iio: light: Use aligned_s64 instead of open coding alignment.
iio: light: as73211: Ensure buffer holes are zeroed
iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64
Jordan Rhee (1):
gve: prevent ethtool ops after shutdown
Jorge Ramirez-Ortiz (2):
media: venus: hfi: explicitly release IRQ during teardown
media: venus: protect against spurious interrupts during probe
José Expósito (2):
drm/tests: Fix endian warning
drm/tests: Fix drm_test_fb_xrgb8888_to_xrgb2101010() on big-endian
Judith Mendez (6):
arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support
arm64: dts: ti: k3-am6*: Add boot phase flag to support MMC boot
arm64: dts: ti: k3-am62*: Add non-removable flag for eMMC
arm64: dts: ti: k3-am6*: Remove disable-wp for eMMC
arm64: dts: ti: k3-am62*: Move eMMC pinmux to top level board file
mmc: sdhci_am654: Disable HS400 for AM62P SR1.0 and SR1.1
Junxian Huang (1):
RDMA/hns: Fix dip entries leak on devices newer than hip09
Justin Lai (1):
rtase: Fix Rx descriptor CRC error bit definition
Kalesh AP (1):
RDMA/bnxt_re: Fix a possible memory leak in the driver
Kanglong Wang (1):
LoongArch: Optimize module load time by optimizing PLT/GOT counting
Kashyap Desai (2):
RDMA/bnxt_re: Fix to do SRQ armena by default
RDMA/bnxt_re: Fix to remove workload check in SRQ limit path
Kathiravan Thirumoorthy (1):
phy: qcom: phy-qcom-m31: Update IPQ5332 M31 USB phy initialization sequence
Kees Cook (1):
iommu/amd: Avoid stack buffer overflow from kernel cmdline
Keith Busch (1):
kvm: retry nx_huge_page_recovery_thread creation
Kerem Karabay (1):
drm/format-helper: Add conversion from XRGB8888 to BGR888
Konrad Dybcio (1):
media: venus: Fix MSM8998 frequency table
Krzysztof Kozlowski (3):
dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints
dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints
USB: typec: Use str_enable_disable-like helpers
Kuen-Han Tsai (1):
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Kyoji Ogasawara (3):
btrfs: fix incorrect log message for nobarrier mount option
btrfs: restore mount option info messages during mount
btrfs: fix printing of mount info messages for NODATACOW/NODATASUM
Laurentiu Mihalcea (1):
pwm: imx-tpm: Reset counter if CMOD is 0
Liao Yuanhong (1):
ext4: use kmalloc_array() for array space allocation
Lijo Lazar (1):
drm/amdgpu: Update external revid for GC v9.5.0
Ludwig Disterhof (1):
media: usbtv: Lock resolution while streaming
Luiz Augusto von Dentz (1):
Bluetooth: hci_sync: Fix scan state after PA Sync has been established
Lukas Wunner (1):
PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge
MD Danish Anwar (1):
net: ti: icssg-prueth: Fix HSR and switch offload Enablement during firwmare reload.
Macpaul Lin (1):
scsi: dt-bindings: mediatek,ufs: Add ufs-disable-mcq flag for UFS host
Mael GUERIN (1):
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Marek Szyprowski (1):
zynq_fpga: use sgtable-based scatterlist wrappers
Marek Vasut (1):
usb: renesas-xhci: Fix External ROM access timeouts
Mario Limonciello (2):
drm/amd: Restore cached power limit during resume
drm/amd/display: Avoid a NULL pointer dereference
Masami Hiramatsu (Google) (1):
tracing: fprobe-event: Sanitize wildcard for fprobe event name
Mathis Foerst (1):
media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval
Matthieu Baerts (NGI0) (2):
mptcp: pm: kernel: flush: do not reset ADD_ADDR limit
selftests: mptcp: pm: check flush doesn't reset limits
Miao Li (1):
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
Miaoqian Lin (1):
most: core: Drop device reference after usage in get_channel()
Michael Walle (1):
mtd: spi-nor: Fix spi_nor_try_unlock_all()
Michal Suchanek (1):
powerpc/boot: Fix build with gcc 15
Michel Dänzer (1):
drm/amd/display: Add primary plane to commits for correct VRR handling
Miguel Ojeda (1):
rust: alloc: fix `rusttest` by providing `Cmalloc::aligned_layout` too
Mike Christie (1):
scsi: core: Fix command pass through retry regression
Minhong He (1):
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Muhammad Usama Anjum (1):
ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context
Myrrh Periwinkle (2):
vt: keyboard: Don't process Unicode characters in K_OFF mode
vt: defkeymap: Map keycodes above 127 to K_HOLE
Namjae Jeon (1):
ksmbd: extend the connection limiting mechanism to support IPv6
Naohiro Aota (3):
btrfs: zoned: fix write time activation failure for metadata block group
btrfs: zoned: requeue to unused block group list if zone finish failed
btrfs: subpage: keep TOWRITE tag until folio is cleaned
Nathan Chancellor (3):
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
drm/amdgpu: Initialize data to NULL in imu_v12_0_program_rlc_ram()
NeilBrown (1):
ovl: use I_MUTEX_PARENT when locking parent in ovl_create_temp()
Nicolas Dufresne (1):
media: verisilicon: Fix AV1 decoder clock frequency
Nicolin Chen (1):
iommu/arm-smmu-v3: Fix smmu_domain->nr_ats_masters decrement
Nitin Gote (1):
iosys-map: Fix undefined behavior in iosys_map_clear()
Ojaswin Mujoo (2):
ext4: fix fsmap end of range reporting with bigalloc
ext4: fix reserved gdt blocks handling in fsmap
Oren Sidi (1):
net/mlx5: Add IFC bits and enums for buf_ownership
Parthiban Veerasooran (2):
microchip: lan865x: fix missing netif_start_queue() call on device open
microchip: lan865x: fix missing Timer Increment config for Rev.B0/B1
Pauli Virtanen (1):
Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established
Peter Griffin (1):
arm64: dts: exynos: gs101: ufs: add dma-coherent property
Peter Oberparleiter (3):
s390/sclp: Fix SCCB present check
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
s390/hypfs: Enable limited access during lockdown
Peter Shkenev (1):
drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities
Phillip Lougher (1):
squashfs: fix memory leak in squashfs_fill_super
Pu Lehui (1):
tracing: Limit access to parser->buffer when trace_get_user failed
Qingfang Deng (2):
net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path
ppp: fix race conditions in ppp_fill_forward_path
Rafael J. Wysocki (2):
PM: runtime: Take active children into account in pm_runtime_get_if_in_use()
cpuidle: governors: menu: Avoid selecting states with too much latency
Randy Dunlap (1):
parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers
Ranjan Kumar (3):
scsi: mpi3mr: Fix race between config read submit and interrupt completion
scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers
scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems
Ricardo Ribalda (2):
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
media: venus: venc: Clamp param smaller than 1fps and bigger than 240
Richard Zhu (4):
PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features
PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset
PCI: imx6: Delay link start until configfs 'start' written
PCI: imx6: Add IMX8MQ_EP third 64-bit BAR in epc_features
Sakari Ailus (2):
media: ipu6: isys: Use correct pads for xlate_streams()
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Salah Triki (1):
iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe()
Sebastian Andrzej Siewior (1):
kcov, usb: Don't disable interrupts in kcov_remote_start_usb_softirq()
Sebastian Reichel (1):
usb: typec: fusb302: cache PD RX state
Selvarasu Ganesan (1):
usb: dwc3: Remove WARN_ON for device endpoint command timeouts
SeongJae Park (1):
mm/damon/ops-common: ignore migration request to invalid nodes
Sergey Shtylyov (1):
Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync()
Shahar Shitrit (1):
net/mlx5: Relocate function declarations from port.h to mlx5_core.h
Simon Richter (1):
Mark xe driver as BROKEN if kernel page size is not 4kB
Siyang Liu (1):
drm/amd/display: fix a Null pointer dereference vulnerability
Srinivas Pandruvada (1):
platform/x86/intel-uncore-freq: Check write blocked for ELC
Stefan Metzmacher (1):
smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy()
Stefan Wahren (1):
spi: spi-fsl-lpspi: Clamp too high speed_hz
Steven Rostedt (2):
ftrace: Also allocate and copy hash for reading of filter files
tracing: Remove unneeded goto out logic
Suraj Gupta (1):
net: xilinx: axienet: Fix RX skb ring management in DMAengine mode
Takashi Iwai (1):
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
Theodore Ts'o (1):
ext4: don't try to clear the orphan_present feature block device is r/o
Thomas Fourier (2):
mtd: rawnand: fsmc: Add missing check after DMA map
mtd: rawnand: renesas: Add missing check after DMA map
Thomas Weißschuh (1):
kbuild: userprogs: use correct linker when mixing clang and GNU ld
Thomas Zimmermann (3):
drm/format-helper: Move helpers for pixel conversion to header file
drm/format-helper: Add generic conversion to 32-bit formats
drm/tests: Do not use drm_fb_blit() in format-helper tests
Thorsten Blum (3):
accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc()
cdx: Fix off-by-one error in cdx_rpmsg_probe()
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Tianxiang Peng (1):
x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper
Tim Harvey (1):
hwmon: (gsc-hwmon) fix fan pwm setpoint show functions
Timur Kristóf (7):
drm/amd/display: Don't overwrite dce60_clk_mgr
drm/amd/display: Don't overclock DCE 6 by 15%
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
drm/amd/display: Fix DP audio DTO1 clock source on DCE 6.
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs
drm/amd/display: Don't print errors for nonexistent connectors
Tom Chung (1):
drm/amd/display: Fix Xorg desktop unresponsive on Replay panel
Tom Lendacky (1):
x86/sev: Ensure SVSM reserved fields in a page validation entry are initialized to zero
Tristram Ha (1):
net: dsa: microchip: Fix KSZ9477 HSR port setup issue
Trond Myklebust (1):
NFS: Fix a race when updating an existing write
Tzung-Bi Shih (1):
platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister()
Uwe Kleine-König (2):
pwm: mediatek: Handle hardware enable and clock enable separately
pwm: mediatek: Fix duty and period setting
ValdikSS (1):
igc: fix disabling L1.2 PCI-E link substate on I226 on init
Vedang Nagar (1):
media: venus: Add a check for packet size after reading from shared memory
Victor Shih (3):
mmc: sdhci-pci-gli: Add a new function to simplify the code
mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER
mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency
Vladimir Zapolskiy (1):
media: qcom: camss: cleanup media device allocated resource on error path
Waiman Long (2):
cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key
cgroup/cpuset: Fix a partition error with CPU hotplug
Wang Liang (1):
net: bridge: fix soft lockup in br_multicast_query_expired()
Weitao Wang (1):
usb: xhci: Fix slot_id resource race conflict
Will Deacon (2):
vsock/virtio: Validate length in packet header before skb_put()
vhost/vsock: Avoid allocating arbitrarily-sized SKBs
William Liu (2):
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
Xaver Hugl (1):
amdgpu/amdgpu_discovery: increase timeout limit for IFWI init
Xu Yang (1):
usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test
Xu Yilun (1):
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Yang Li (1):
Bluetooth: hci_sync: Prevent unintended PA sync when SID is 0xFF
Ye Bin (1):
fs/buffer: fix use-after-free when call bh_read() helper
Youssef Samir (1):
bus: mhi: host: Detect events pointing to unexpected TREs
Yuichiro Tsuji (1):
net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization
Yunhui Cui (1):
serial: 8250: fix panic due to PSLVERR
Zenm Chen (1):
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Zhang Shurong (1):
media: ov2659: Fix memory leaks in ov2659_probe()
Zhang Yi (1):
ext4: fix hole length calculation overflow in non-extent inodes
Zhu Yanjun (1):
RDMA/rxe: Flush delayed SKBs while releasing RXE resources
Ziyan Xu (1):
ksmbd: fix refcount leak causing resource not released
wenglianfa (1):
RDMA/hns: Fix querying wrong SCC context for DIP algorithm
2 weeks, 6 days
- 1
- 1
Linux 6.6.103
by Greg Kroah-Hartman
I'm announcing the release of the 6.6.103 kernel.
All users of the 6.6 kernel series must upgrade.
The updated 6.6.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2
Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dsi-host.yaml | 2
Documentation/filesystems/fscrypt.rst | 37 -
Documentation/firmware-guide/acpi/i2c-muxes.rst | 8
Documentation/networking/bonding.rst | 12
Documentation/networking/mptcp-sysctl.rst | 2
Documentation/power/runtime_pm.rst | 5
Makefile | 4
arch/arm/include/asm/topology.h | 1
arch/arm/mach-rockchip/platsmp.c | 15
arch/arm/mach-tegra/reset.c | 2
arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1
arch/arm64/boot/dts/ti/k3-am62-verdin.dtsi | 12
arch/arm64/boot/dts/ti/k3-am62a7-sk.dts | 4
arch/arm64/boot/dts/ti/k3-pinctrl.h | 15
arch/arm64/include/asm/acpi.h | 2
arch/arm64/include/asm/topology.h | 1
arch/arm64/kernel/fpsimd.c | 4
arch/arm64/kernel/topology.c | 26
arch/arm64/kernel/traps.c | 1
arch/arm64/mm/fault.c | 1
arch/arm64/mm/ptdump_debugfs.c | 3
arch/loongarch/kernel/module-sections.c | 36 -
arch/loongarch/net/bpf_jit.c | 21
arch/m68k/kernel/head.S | 31
arch/mips/crypto/chacha-core.S | 20
arch/mips/include/asm/vpe.h | 8
arch/mips/kernel/process.c | 16
arch/mips/lantiq/falcon/sysctrl.c | 23
arch/parisc/Makefile | 6
arch/parisc/include/asm/pgtable.h | 7
arch/parisc/include/asm/special_insns.h | 28
arch/parisc/include/asm/uaccess.h | 21
arch/parisc/kernel/cache.c | 6
arch/parisc/kernel/entry.S | 17
arch/parisc/kernel/syscall.S | 30
arch/parisc/lib/memcpy.c | 19
arch/parisc/mm/fault.c | 4
arch/powerpc/boot/Makefile | 1
arch/powerpc/include/asm/floppy.h | 5
arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6
arch/riscv/include/asm/topology.h | 1
arch/s390/hypfs/hypfs_dbfs.c | 19
arch/s390/include/asm/timex.h | 13
arch/s390/kernel/time.c | 2
arch/s390/mm/dump_pagetables.c | 2
arch/s390/mm/pgalloc.c | 5
arch/um/include/asm/thread_info.h | 4
arch/um/kernel/process.c | 20
arch/x86/include/asm/kvm-x86-ops.h | 2
arch/x86/include/asm/kvm_host.h | 22
arch/x86/include/asm/msr-index.h | 1
arch/x86/include/asm/xen/hypercall.h | 5
arch/x86/kernel/cpu/bugs.c | 5
arch/x86/kernel/cpu/hygon.c | 3
arch/x86/kvm/hyperv.c | 3
arch/x86/kvm/lapic.c | 19
arch/x86/kvm/lapic.h | 1
arch/x86/kvm/svm/svm.c | 42 -
arch/x86/kvm/svm/vmenter.S | 9
arch/x86/kvm/trace.h | 9
arch/x86/kvm/vmx/nested.c | 26
arch/x86/kvm/vmx/pmu_intel.c | 8
arch/x86/kvm/vmx/vmx.c | 164 ++--
arch/x86/kvm/vmx/vmx.h | 31
arch/x86/kvm/x86.c | 46 -
block/blk-core.c | 26
block/blk-settings.c | 2
crypto/jitterentropy-kcapi.c | 9
drivers/acpi/acpi_processor.c | 2
drivers/acpi/apei/ghes.c | 13
drivers/acpi/pfr_update.c | 2
drivers/acpi/prmt.c | 26
drivers/acpi/processor_perflib.c | 11
drivers/ata/Kconfig | 35
drivers/ata/libata-sata.c | 5
drivers/ata/libata-scsi.c | 58 -
drivers/base/arch_topology.c | 69 +
drivers/base/power/runtime.c | 59 +
drivers/block/drbd/drbd_receiver.c | 6
drivers/block/loop.c | 38 -
drivers/block/sunvdc.c | 4
drivers/bus/mhi/host/boot.c | 8
drivers/bus/mhi/host/internal.h | 4
drivers/bus/mhi/host/main.c | 12
drivers/cdx/controller/cdx_rpmsg.c | 3
drivers/char/ipmi/ipmi_msghandler.c | 8
drivers/char/ipmi/ipmi_watchdog.c | 59 +
drivers/char/misc.c | 4
drivers/clk/qcom/gcc-ipq5018.c | 2
drivers/clk/tegra/clk-periph.c | 4
drivers/comedi/comedi_fops.c | 36 -
drivers/comedi/comedi_internal.h | 1
drivers/comedi/drivers.c | 36 -
drivers/comedi/drivers/pcl726.c | 3
drivers/cpufreq/armada-8k-cpufreq.c | 2
drivers/cpufreq/cppc_cpufreq.c | 2
drivers/cpufreq/cpufreq.c | 12
drivers/cpuidle/governors/menu.c | 96 --
drivers/crypto/hisilicon/hpre/hpre_crypto.c | 8
drivers/crypto/intel/qat/qat_common/adf_common_drv.h | 1
drivers/crypto/intel/qat/qat_common/adf_init.c | 1
drivers/crypto/intel/qat/qat_common/adf_isr.c | 5
drivers/crypto/intel/qat/qat_common/qat_algs.c | 12
drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 16
drivers/devfreq/governor_userspace.c | 6
drivers/dma/stm32-dma.c | 2
drivers/edac/synopsys_edac.c | 97 +-
drivers/firmware/tegra/Kconfig | 5
drivers/fpga/zynq-fpga.c | 10
drivers/gpio/gpio-mlxbf2.c | 2
drivers/gpio/gpio-mlxbf3.c | 54 -
drivers/gpio/gpio-tps65912.c | 7
drivers/gpio/gpio-virtio.c | 9
drivers/gpio/gpio-wcd934x.c | 7
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4
drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6
drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 -
drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 6
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 9
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_psr.c | 6
drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2
drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1
drivers/gpu/drm/amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2
drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 -
drivers/gpu/drm/amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31
drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11
drivers/gpu/drm/amd/display/dc/link/link_dpms.c | 3
drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6
drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 37 -
drivers/gpu/drm/display/drm_dp_helper.c | 2
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4
drivers/gpu/drm/i915/intel_runtime_pm.c | 5
drivers/gpu/drm/msm/msm_gem.c | 3
drivers/gpu/drm/msm/msm_gem.h | 6
drivers/gpu/drm/nouveau/nvif/vmm.c | 3
drivers/gpu/drm/renesas/rcar-du/rzg2l_mipi_dsi.c | 3
drivers/gpu/drm/ttm/ttm_pool.c | 8
drivers/gpu/drm/ttm/ttm_resource.c | 3
drivers/hid/hid-apple.c | 13
drivers/hid/hid-magicmouse.c | 56 +
drivers/hwmon/emc2305.c | 10
drivers/hwmon/gsc-hwmon.c | 4
drivers/i2c/i2c-core-acpi.c | 1
drivers/i3c/internals.h | 1
drivers/i3c/master.c | 4
drivers/idle/intel_idle.c | 2
drivers/iio/adc/ad7768-1.c | 23
drivers/iio/adc/ad_sigma_delta.c | 6
drivers/iio/imu/bno055/bno055.c | 11
drivers/iio/imu/inv_icm42600/inv_icm42600.h | 8
drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 33
drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.c | 22
drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.h | 10
drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 6
drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 43 -
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 12
drivers/iio/light/as73211.c | 2
drivers/iio/pressure/bmp280-core.c | 9
drivers/iio/proximity/isl29501.c | 16
drivers/iio/temperature/maxim_thermocouple.c | 26
drivers/infiniband/core/nldev.c | 22
drivers/infiniband/hw/bnxt_re/ib_verbs.c | 8
drivers/infiniband/hw/bnxt_re/qplib_fp.c | 30
drivers/infiniband/hw/bnxt_re/qplib_fp.h | 2
drivers/infiniband/hw/bnxt_re/qplib_res.c | 2
drivers/infiniband/hw/erdma/erdma_verbs.c | 4
drivers/infiniband/hw/hfi1/affinity.c | 44 -
drivers/infiniband/sw/siw/siw_qp_tx.c | 5
drivers/iommu/amd/init.c | 4
drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 1
drivers/iommu/iommufd/io_pagetable.c | 48 -
drivers/leds/flash/leds-qcom-flash.c | 178 ++++
drivers/leds/leds-lp50xx.c | 11
drivers/leds/trigger/ledtrig-netdev.c | 16
drivers/md/dm-ps-historical-service-time.c | 4
drivers/md/dm-ps-queue-length.c | 4
drivers/md/dm-ps-round-robin.c | 4
drivers/md/dm-ps-service-time.c | 4
drivers/md/dm-table.c | 10
drivers/md/dm-zoned-target.c | 2
drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3
drivers/media/dvb-frontends/dib7000p.c | 8
drivers/media/i2c/ccs/ccs-core.c | 2
drivers/media/i2c/hi556.c | 26
drivers/media/i2c/ov2659.c | 3
drivers/media/i2c/tc358743.c | 86 +-
drivers/media/pci/intel/ivsc/mei_ace.c | 2
drivers/media/pci/intel/ivsc/mei_csi.c | 2
drivers/media/platform/qcom/camss/camss.c | 4
drivers/media/platform/qcom/venus/core.c | 8
drivers/media/platform/qcom/venus/core.h | 2
drivers/media/platform/qcom/venus/hfi_msgs.c | 83 +-
drivers/media/platform/qcom/venus/hfi_venus.c | 5
drivers/media/platform/qcom/venus/vdec.c | 5
drivers/media/platform/qcom/venus/venc.c | 5
drivers/media/platform/verisilicon/rockchip_vpu_hw.c | 9
drivers/media/test-drivers/vivid/vivid-ctrls.c | 3
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4
drivers/media/usb/gspca/vicam.c | 10
drivers/media/usb/hdpvr/hdpvr-i2c.c | 6
drivers/media/usb/usbtv/usbtv-video.c | 4
drivers/media/usb/uvc/uvc_driver.c | 3
drivers/media/usb/uvc/uvc_video.c | 21
drivers/media/v4l2-core/v4l2-common.c | 8
drivers/media/v4l2-core/v4l2-ctrls-core.c | 1
drivers/memstick/core/memstick.c | 1
drivers/memstick/host/rtsx_usb_ms.c | 1
drivers/mfd/axp20x.c | 3
drivers/misc/cardreader/rtsx_usb.c | 16
drivers/misc/mei/bus.c | 6
drivers/mmc/host/rtsx_usb_sdmmc.c | 4
drivers/mmc/host/sdhci-msm.c | 14
drivers/mmc/host/sdhci-pci-gli.c | 35
drivers/most/core.c | 2
drivers/mtd/nand/raw/fsmc_nand.c | 2
drivers/mtd/nand/raw/renesas-nand-controller.c | 6
drivers/mtd/nand/spi/core.c | 5
drivers/mtd/spi-nor/swp.c | 19
drivers/net/bonding/bond_3ad.c | 224 +++++-
drivers/net/bonding/bond_main.c | 1
drivers/net/bonding/bond_netlink.c | 16
drivers/net/bonding/bond_options.c | 29
drivers/net/dsa/b53/b53_common.c | 65 +
drivers/net/dsa/b53/b53_regs.h | 2
drivers/net/ethernet/agere/et131x.c | 36 +
drivers/net/ethernet/aquantia/atlantic/aq_hw.h | 2
drivers/net/ethernet/aquantia/atlantic/hw_atl2/hw_atl2_utils_fw.c | 39 +
drivers/net/ethernet/atheros/ag71xx.c | 9
drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4
drivers/net/ethernet/emulex/benet/be_main.c | 8
drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 2
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4
drivers/net/ethernet/freescale/enetc/enetc_pf.c | 14
drivers/net/ethernet/freescale/fec_main.c | 34
drivers/net/ethernet/freescale/gianfar_ethtool.c | 4
drivers/net/ethernet/google/gve/gve_adminq.c | 1
drivers/net/ethernet/google/gve/gve_main.c | 2
drivers/net/ethernet/intel/igc/igc_main.c | 14
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4
drivers/net/ethernet/marvell/octeontx2/af/rvu_npc_fs.c | 4
drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2
drivers/net/ethernet/mediatek/mtk_wed.c | 1
drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.c | 18
drivers/net/ethernet/mellanox/mlx5/core/en/qos.c | 2
drivers/net/ethernet/mellanox/mlx5/core/esw/devlink_port.c | 4
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2
drivers/net/ethernet/mellanox/mlxsw/trap.h | 1
drivers/net/ethernet/pensando/ionic/ionic_lif.c | 7
drivers/net/ethernet/ti/icssg/icss_iep.c | 26
drivers/net/hyperv/hyperv_net.h | 3
drivers/net/hyperv/netvsc_drv.c | 29
drivers/net/ipa/ipa_smp2p.c | 2
drivers/net/phy/micrel.c | 12
drivers/net/phy/mscc/mscc.h | 12
drivers/net/phy/mscc/mscc_main.c | 12
drivers/net/phy/mscc/mscc_ptp.c | 49 +
drivers/net/phy/smsc.c | 1
drivers/net/ppp/ppp_generic.c | 17
drivers/net/thunderbolt/main.c | 21
drivers/net/usb/asix_devices.c | 1
drivers/net/usb/cdc_ncm.c | 20
drivers/net/wireless/ath/ath11k/ce.c | 3
drivers/net/wireless/ath/ath11k/dp_rx.c | 3
drivers/net/wireless/ath/ath11k/hal.c | 33
drivers/net/wireless/ath/ath12k/ce.c | 3
drivers/net/wireless/ath/ath12k/dp.c | 3
drivers/net/wireless/ath/ath12k/hal.c | 38 -
drivers/net/wireless/ath/ath12k/hw.c | 2
drivers/net/wireless/ath/ath12k/wmi.c | 5
drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2
drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5
drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2
drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7
drivers/net/wireless/intel/iwlwifi/mvm/d3.c | 2
drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2
drivers/net/wireless/mediatek/mt76/mt7915/mcu.c | 25
drivers/net/wireless/realtek/rtlwifi/pci.c | 23
drivers/net/wireless/realtek/rtw89/core.c | 3
drivers/net/wireless/realtek/rtw89/fw.c | 9
drivers/net/wireless/realtek/rtw89/fw.h | 2
drivers/net/wireless/realtek/rtw89/mac.c | 19
drivers/net/wireless/realtek/rtw89/reg.h | 1
drivers/net/xen-netfront.c | 5
drivers/nvme/host/pci.c | 24
drivers/pci/controller/dwc/pci-imx6.c | 7
drivers/pci/controller/pcie-rockchip-host.c | 49 -
drivers/pci/controller/pcie-rockchip.h | 11
drivers/pci/endpoint/pci-ep-cfs.c | 1
drivers/pci/endpoint/pci-epf-core.c | 2
drivers/pci/pci-acpi.c | 4
drivers/pci/pci.c | 10
drivers/pci/probe.c | 2
drivers/perf/cxl_pmu.c | 2
drivers/phy/qualcomm/phy-qcom-m31.c | 14
drivers/phy/rockchip/phy-rockchip-pcie.c | 3
drivers/pinctrl/stm32/pinctrl-stm32.c | 1
drivers/platform/chrome/cros_ec.c | 3
drivers/platform/chrome/cros_ec_typec.c | 4
drivers/platform/x86/amd/pmc/pmc-quirks.c | 9
drivers/platform/x86/thinkpad_acpi.c | 4
drivers/pmdomain/imx/imx8m-blk-ctrl.c | 10
drivers/power/supply/qcom_battmgr.c | 2
drivers/pps/clients/pps-gpio.c | 5
drivers/ptp/ptp_clock.c | 2
drivers/ptp/ptp_private.h | 5
drivers/ptp/ptp_vclock.c | 7
drivers/pwm/pwm-imx-tpm.c | 9
drivers/pwm/pwm-mediatek.c | 71 +
drivers/remoteproc/imx_rproc.c | 4
drivers/reset/Kconfig | 10
drivers/rtc/rtc-ds1307.c | 15
drivers/s390/char/sclp.c | 11
drivers/scsi/aacraid/comminit.c | 3
drivers/scsi/bfa/bfad_im.c | 1
drivers/scsi/libiscsi.c | 3
drivers/scsi/lpfc/lpfc_debugfs.c | 1
drivers/scsi/lpfc/lpfc_scsi.c | 4
drivers/scsi/mpi3mr/mpi3mr.h | 6
drivers/scsi/mpi3mr/mpi3mr_fw.c | 17
drivers/scsi/mpi3mr/mpi3mr_os.c | 22
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19
drivers/scsi/qla4xxx/ql4_os.c | 2
drivers/scsi/scsi_scan.c | 2
drivers/scsi/scsi_transport_sas.c | 60 +
drivers/soc/qcom/mdt_loader.c | 53 +
drivers/soc/qcom/rpmh-rsc.c | 2
drivers/soc/tegra/pmc.c | 51 -
drivers/soundwire/amd_manager.c | 6
drivers/soundwire/bus.c | 6
drivers/spi/spi-fsl-lpspi.c | 8
drivers/staging/media/imx/imx-media-csc-scaler.c | 2
drivers/target/target_core_fabric_lib.c | 63 +
drivers/target/target_core_internal.h | 4
drivers/target/target_core_pr.c | 18
drivers/thermal/qcom/qcom-spmi-temp-alarm.c | 43 -
drivers/thermal/thermal_sysfs.c | 9
drivers/thunderbolt/domain.c | 2
drivers/tty/serial/8250/8250_port.c | 3
drivers/tty/vt/defkeymap.c_shipped | 112 +++
drivers/tty/vt/keyboard.c | 2
drivers/ufs/core/ufshcd-priv.h | 2
drivers/ufs/host/ufs-exynos.c | 4
drivers/ufs/host/ufshcd-pci.c | 42 +
drivers/usb/atm/cxacru.c | 106 +-
drivers/usb/class/cdc-acm.c | 11
drivers/usb/core/config.c | 10
drivers/usb/core/hcd.c | 8
drivers/usb/core/quirks.c | 1
drivers/usb/core/urb.c | 2
drivers/usb/dwc3/dwc3-imx8mp.c | 6
drivers/usb/dwc3/dwc3-meson-g12a.c | 3
drivers/usb/dwc3/dwc3-pci.c | 2
drivers/usb/dwc3/ep0.c | 20
drivers/usb/dwc3/gadget.c | 19
drivers/usb/gadget/udc/renesas_usb3.c | 1
drivers/usb/host/xhci-hub.c | 3
drivers/usb/host/xhci-mem.c | 24
drivers/usb/host/xhci-pci-renesas.c | 7
drivers/usb/host/xhci-ring.c | 19
drivers/usb/host/xhci.c | 27
drivers/usb/host/xhci.h | 3
drivers/usb/musb/omap2430.c | 14
drivers/usb/storage/realtek_cr.c | 2
drivers/usb/storage/unusual_devs.h | 29
drivers/usb/typec/mux/intel_pmc_mux.c | 2
drivers/usb/typec/tcpm/fusb302.c | 8
drivers/usb/typec/tcpm/maxim_contaminant.c | 54 +
drivers/usb/typec/tcpm/tcpci_maxim.h | 1
drivers/usb/typec/ucsi/psy.c | 2
drivers/usb/typec/ucsi/ucsi.c | 1
drivers/usb/typec/ucsi/ucsi.h | 7
drivers/vfio/pci/mlx5/cmd.c | 4
drivers/vfio/vfio_iommu_type1.c | 7
drivers/vhost/vhost.c | 3
drivers/vhost/vsock.c | 6
drivers/video/console/vgacon.c | 2
drivers/video/fbdev/core/fbcon.c | 9
drivers/video/fbdev/core/fbmem.c | 3
drivers/virt/coco/efi_secret/efi_secret.c | 10
drivers/watchdog/dw_wdt.c | 2
drivers/watchdog/iTCO_wdt.c | 6
drivers/watchdog/sbsa_gwdt.c | 50 +
fs/btrfs/backref.c | 6
fs/btrfs/block-group.c | 61 +
fs/btrfs/block-group.h | 11
fs/btrfs/block-rsv.c | 2
fs/btrfs/block-rsv.h | 2
fs/btrfs/btrfs_inode.h | 3
fs/btrfs/ctree.c | 24
fs/btrfs/ctree.h | 6
fs/btrfs/delayed-inode.c | 12
fs/btrfs/discard.c | 4
fs/btrfs/extent-tree.c | 33
fs/btrfs/file-item.c | 4
fs/btrfs/file-item.h | 2
fs/btrfs/free-space-tree.c | 17
fs/btrfs/inode-item.c | 10
fs/btrfs/inode-item.h | 4
fs/btrfs/inode.c | 26
fs/btrfs/qgroup.c | 31
fs/btrfs/relocation.c | 19
fs/btrfs/send.c | 359 +++++-----
fs/btrfs/space-info.c | 17
fs/btrfs/space-info.h | 6
fs/btrfs/tree-log.c | 72 +-
fs/btrfs/tree-mod-log.c | 14
fs/btrfs/tree-mod-log.h | 6
fs/btrfs/zoned.c | 20
fs/btrfs/zoned.h | 4
fs/buffer.c | 2
fs/crypto/fscrypt_private.h | 16
fs/crypto/hkdf.c | 2
fs/crypto/keysetup.c | 3
fs/crypto/keysetup_v1.c | 3
fs/eventpoll.c | 60 +
fs/exfat/dir.c | 12
fs/exfat/fatent.c | 10
fs/exfat/namei.c | 5
fs/exfat/super.c | 32
fs/ext2/inode.c | 12
fs/ext4/fsmap.c | 23
fs/ext4/indirect.c | 4
fs/ext4/inline.c | 19
fs/ext4/inode.c | 2
fs/ext4/mballoc.c | 67 -
fs/ext4/orphan.c | 5
fs/ext4/super.c | 8
fs/f2fs/file.c | 24
fs/f2fs/node.c | 10
fs/file.c | 90 +-
fs/gfs2/meta_io.c | 2
fs/hfs/bfind.c | 3
fs/hfs/bnode.c | 93 ++
fs/hfs/btree.c | 57 +
fs/hfs/extent.c | 2
fs/hfs/hfs_fs.h | 1
fs/hfsplus/bnode.c | 92 ++
fs/hfsplus/unicode.c | 7
fs/hfsplus/xattr.c | 6
fs/hugetlbfs/inode.c | 2
fs/jbd2/checkpoint.c | 1
fs/jfs/file.c | 3
fs/jfs/inode.c | 2
fs/jfs/jfs_dmap.c | 6
fs/libfs.c | 4
fs/namespace.c | 34
fs/nfs/blocklayout/blocklayout.c | 4
fs/nfs/blocklayout/dev.c | 5
fs/nfs/blocklayout/extent_tree.c | 20
fs/nfs/client.c | 44 +
fs/nfs/internal.h | 2
fs/nfs/nfs4client.c | 20
fs/nfs/nfs4proc.c | 2
fs/nfs/pnfs.c | 11
fs/nfsd/nfs4state.c | 34
fs/ntfs3/dir.c | 3
fs/ntfs3/inode.c | 31
fs/orangefs/orangefs-debugfs.c | 2
fs/smb/client/cifssmb.c | 10
fs/smb/client/connect.c | 10
fs/smb/client/sess.c | 9
fs/smb/client/smb2ops.c | 11
fs/smb/client/smbdirect.c | 24
fs/smb/server/connection.c | 3
fs/smb/server/connection.h | 7
fs/smb/server/oplock.c | 13
fs/smb/server/smb2pdu.c | 16
fs/smb/server/transport_rdma.c | 5
fs/smb/server/transport_rdma.h | 4
fs/smb/server/transport_tcp.c | 26
fs/squashfs/super.c | 14
fs/tracefs/inode.c | 11
fs/udf/super.c | 13
fs/xfs/xfs_itable.c | 6
include/linux/arch_topology.h | 8
include/linux/blk_types.h | 6
include/linux/compiler.h | 8
include/linux/cpufreq.h | 1
include/linux/energy_model.h | 6
include/linux/fs.h | 4
include/linux/hypervisor.h | 3
include/linux/if_vlan.h | 21
include/linux/iosys-map.h | 7
include/linux/memfd.h | 14
include/linux/mm.h | 82 +-
include/linux/pci.h | 10
include/linux/pm_runtime.h | 18
include/linux/sched/topology.h | 8
include/linux/skbuff.h | 8
include/linux/usb/cdc_ncm.h | 1
include/linux/virtio_vsock.h | 7
include/net/bond_3ad.h | 3
include/net/bond_options.h | 1
include/net/bonding.h | 23
include/net/cfg80211.h | 2
include/net/mac80211.h | 2
include/net/neighbour.h | 1
include/net/net_namespace.h | 16
include/net/sock.h | 1
include/trace/events/btrfs.h | 6
include/trace/events/thp.h | 2
include/uapi/linux/if_link.h | 1
include/uapi/linux/in6.h | 4
include/uapi/linux/io_uring.h | 2
include/uapi/linux/pfrut.h | 1
io_uring/net.c | 19
kernel/bpf/verifier.c | 3
kernel/cgroup/cpuset.c | 2
kernel/fork.c | 2
kernel/module/main.c | 10
kernel/power/console.c | 7
kernel/rcu/tree.c | 2
kernel/rcu/tree.h | 14
kernel/rcu/tree_plugin.h | 44 -
kernel/sched/cpufreq_schedutil.c | 30
kernel/sched/fair.c | 19
kernel/trace/ftrace.c | 19
kernel/trace/trace.c | 33
kernel/trace/trace.h | 10
mm/debug_vm_pgtable.c | 9
mm/filemap.c | 2
mm/kmemleak.c | 10
mm/madvise.c | 2
mm/memfd.c | 2
mm/memory-failure.c | 8
mm/mmap.c | 12
mm/ptdump.c | 2
mm/shmem.c | 2
net/bluetooth/hci_conn.c | 3
net/bluetooth/hci_event.c | 8
net/bluetooth/hci_sock.c | 2
net/bridge/br_multicast.c | 16
net/bridge/br_private.h | 2
net/core/dev.c | 12
net/core/neighbour.c | 12
net/core/net_namespace.c | 8
net/core/sock.c | 27
net/hsr/hsr_slave.c | 8
net/ipv4/netfilter/nf_reject_ipv4.c | 6
net/ipv4/route.c | 1
net/ipv4/udp_offload.c | 2
net/ipv6/addrconf.c | 7
net/ipv6/mcast.c | 11
net/ipv6/netfilter/nf_reject_ipv6.c | 5
net/ipv6/seg6_hmac.c | 6
net/mac80211/cfg.c | 12
net/mac80211/chan.c | 1
net/mac80211/mlme.c | 9
net/mac80211/rx.c | 12
net/mctp/af_mctp.c | 26
net/mptcp/options.c | 6
net/mptcp/pm_netlink.c | 19
net/mptcp/subflow.c | 5
net/ncsi/internal.h | 2
net/ncsi/ncsi-rsp.c | 1
net/netfilter/nf_conntrack_netlink.c | 24
net/netlink/af_netlink.c | 12
net/rds/tcp.c | 8
net/sched/sch_cake.c | 14
net/sched/sch_ets.c | 36 -
net/sched/sch_htb.c | 2
net/sctp/input.c | 2
net/smc/af_smc.c | 8
net/sunrpc/svcsock.c | 5
net/sunrpc/xprtsock.c | 8
net/tls/tls.h | 2
net/tls/tls_strp.c | 11
net/tls/tls_sw.c | 10
net/vmw_vsock/virtio_transport.c | 14
net/wireless/mlme.c | 3
net/xfrm/xfrm_state.c | 72 +-
scripts/kconfig/gconf.c | 8
scripts/kconfig/lxdialog/inputbox.c | 6
scripts/kconfig/lxdialog/menubox.c | 2
scripts/kconfig/nconf.c | 2
scripts/kconfig/nconf.gui.c | 1
security/apparmor/file.c | 6
security/apparmor/include/lib.h | 6
security/inode.c | 2
sound/core/pcm_native.c | 19
sound/hda/hdac_device.c | 2
sound/pci/hda/hda_codec.c | 42 -
sound/pci/hda/patch_ca0132.c | 2
sound/pci/hda/patch_realtek.c | 4
sound/pci/intel8x0.c | 2
sound/soc/codecs/hdac_hdmi.c | 10
sound/soc/codecs/rt5640.c | 5
sound/soc/fsl/fsl_sai.c | 20
sound/soc/intel/avs/core.c | 3
sound/soc/qcom/lpass-platform.c | 27
sound/soc/soc-core.c | 3
sound/soc/soc-dapm.c | 4
sound/usb/mixer_quirks.c | 14
sound/usb/stream.c | 25
sound/usb/validate.c | 14
tools/bpf/bpftool/main.c | 6
tools/include/nolibc/std.h | 4
tools/include/nolibc/types.h | 4
tools/include/uapi/linux/if_link.h | 1
tools/power/cpupower/utils/idle_monitor/mperf_monitor.c | 4
tools/scripts/Makefile.include | 4
tools/testing/ktest/ktest.pl | 5
tools/testing/selftests/arm64/fp/sve-ptrace.c | 3
tools/testing/selftests/bpf/prog_tests/user_ringbuf.c | 10
tools/testing/selftests/bpf/progs/verifier_unpriv.c | 2
tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc | 2
tools/testing/selftests/futex/include/futextest.h | 11
tools/testing/selftests/memfd/memfd_test.c | 43 +
tools/testing/selftests/net/mptcp/pm_netlink.sh | 1
612 files changed, 6026 insertions(+), 2723 deletions(-)
Aahil Awatramani (1):
bonding: Add independent control state machine
Aakash Kumar S (1):
xfrm: Duplicate SPI Handling
Aaron Kling (1):
ARM: tegra: Use I/O memcpy to write to IRAM
Aaron Plattner (1):
watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition
Abel Vesa (1):
power: supply: qcom_battmgr: Add lithium-polymer entry
Aditya Garg (2):
HID: magicmouse: avoid setting up battery timer when not needed
HID: apple: avoid setting up battery timer for devices without battery
Adrian Hunter (1):
scsi: ufs: ufs-pci: Fix default runtime and system PM levels
Al Viro (5):
better lockdep annotations for simple_recursive_removal()
fix locking in efi_secret_unlink()
securityfs: don't pin dentries twice, once is enough...
use uniform permission checks for all mount propagation changes
alloc_fdtable(): change calling conventions.
Alex Deucher (1):
drm/amdgpu: update mmhub 3.0.1 client id mappings
Alex Guo (2):
media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()
media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar
Alexander Kochetkov (1):
ARM: rockchip: fix kernel hang during smp initialization
Alexander Sverdlin (1):
arm64: dts: ti: k3-pinctrl: Enable Schmitt Trigger by default
Alexander Wilhelm (1):
bus: mhi: host: Fix endianness of BHI vector table
Alexey Klimov (1):
iommu/arm-smmu-qcom: Add SM6115 MDSS compatible
Alok Tiwari (6):
net: ti: icss-iep: Fix incorrect type for return value in extts_enable()
ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4
be2net: Use correct byte order and format string for TCP seq and ack_seq
net: thunderx: Fix format-truncation warning in bgx_acpi_match_id()
perf/cxlpmu: Remove unintended newline from IRQ name format string
gve: Return error for unknown admin queue command
Amber Lin (1):
drm/amdkfd: Destroy KFD debugfs after destroy KFD wq
Amelie Delaunay (1):
dmaengine: stm32-dma: configure next sg only if there are more than 2 sgs
Amir Mohammad Jahangirzad (1):
fs/orangefs: use snprintf() instead of sprintf()
Amit Sunil Dhamne (2):
usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean
usb: typec: maxim_contaminant: disable low power mode when reading comparator values
Anantha Prabhu (1):
RDMA/bnxt_re: Fix to initialize the PBL array
Andreas Dilger (1):
ext4: check fast symlink for ea_inode correctly
Andrew Price (1):
gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops
André Draszik (1):
scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE
Andy Shevchenko (2):
Documentation: ACPI: Fix parent device references
iio: imu: inv_icm42600: Convert to uXX and sXX integer types
Anshuman Khandual (1):
mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd()
Anthoine Bourgeois (1):
xen/netfront: Fix TX response spurious interrupts
Archana Patni (1):
scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers
Armen Ratner (1):
net/mlx5e: Preserve shared buffer capacity during headroom updates
Arnaud Lecomte (1):
jfs: upper bound check of tree index in dbAllocAG
Arnd Bergmann (1):
RDMA/core: reduce stack using in nldev_stat_get_doit()
Artem Sadovnikov (1):
vfio/mlx5: fix possible overflow in tracking max message size
Avraham Stern (1):
wifi: iwlwifi: mvm: fix scan request validation
Baihan Li (1):
drm/hisilicon/hibmc: fix the hibmc loaded failed bug
Baokun Li (4):
ext4: fix zombie groups in average fragment size lists
ext4: fix largest free orders lists corruption on mb_optimize_scan switch
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
ext4: preserve SB_I_VERSION on remount
Bartosz Golaszewski (2):
gpio: wcd934x: check the return value of regmap_update_bits()
gpio: tps65912: check the return value of regmap_update_bits()
Benjamin Marzinski (1):
dm-table: fix checking for rq stackable devices
Benson Leung (1):
usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default
Bharat Bhushan (1):
crypto: octeontx2 - add timeout for load_fvc completion poll
Biju Das (1):
net: phy: micrel: Add ksz9131_resume()
Bingbu Cao (1):
media: hi556: correct the test pattern configuration
Bitterblue Smith (3):
wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB
wifi: rtw89: Fix rtw89_mac_power_switch() for USB
wifi: rtw89: Disable deep power saving for USB/SDIO
Bjorn Andersson (2):
soc: qcom: mdt_loader: Actually use the e_phoff
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Bjorn Helgaas (1):
mmc: sdhci-pci-gli: Use PCI AER definitions, not hard-coded values
Boris Burkov (1):
btrfs: fix ssd_spread overallocation
Boshi Yu (1):
RDMA/erdma: Fix ignored return value of init_kernel_qp
Breno Leitao (5):
ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path
arm64: Mark kernel as tainted on SAE and SError panic
ptp: Use ratelimite for freerun error message
ipmi: Use dev_warn_ratelimited() for incorrect message warnings
mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
Buday Csaba (1):
net: phy: smsc: add proper reset flags for LAN8710A
Cezary Rojewski (1):
ASoC: Intel: avs: Fix uninitialized pointer error in probe()
Chao Gao (1):
KVM: nVMX: Defer SVI update to vmcs01 on EOI when L2 is active w/o VID
Chao Yu (1):
f2fs: fix to avoid out-of-boundary access in dnode page
Charles Keepax (1):
soundwire: Move handle_nested_irq outside of sdw_dev_lock
Cheick Traore (1):
pinctrl: stm32: Manage irq affinity settings
Chen Yu (1):
ACPI: pfr_update: Fix the driver update version check
Chen-Yu Tsai (1):
mfd: axp20x: Set explicit ID for AXP313 regulator
Chenyuan Yang (1):
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
Chris Mason (1):
sched/fair: Bump sd->max_newidle_lb_cost when newidle balance fails
Christian Loehle (1):
cpuidle: menu: Remove iowait influence
Christoph Hellwig (2):
block: reject invalid operation in submit_bio_noacct
xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags
Christoph Paasch (1):
mptcp: drop skb if MPTCP skb extension allocation fails
Christophe Leroy (1):
ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop
Christopher Eby (1):
ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks
Corey Minyard (1):
ipmi: Fix strcpy source and destination the same
Cristian Ciocaltea (1):
ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros
Cynthia Huang (1):
selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t
D. Wythe (1):
net/smc: fix UAF on smcsk after smc_listen_out()
Dai Ngo (1):
NFSD: detect mismatch of file handle and delegation stateid in OPEN op
Damien Le Moal (9):
ata: libata-sata: Disallow changing LPM state if not supported
scsi: mpt3sas: Correctly handle ATA device errors
scsi: mpi3mr: Correctly handle ATA device errors
ata: libata-scsi: Fix ata_to_sense_error() status handling
PCI: endpoint: Fix configfs group list head handling
PCI: endpoint: Fix configfs group removal on driver teardown
block: Make REQ_OP_ZONE_FINISH a write operation
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
ata: libata-scsi: Return aborted command when missing sense and result TF
Dan Carpenter (5):
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
media: gspca: Add bounds checking to firmware parser
soc: qcom: mdt_loader: Fix error return values in mdt_header_valid()
scsi: qla4xxx: Prevent a potential error pointer dereference
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Daniel Golle (1):
Revert "leds: trigger: netdev: Configure LED blink interval for HW offload"
Daniel Jurgens (1):
net/mlx5: Base ECVF devlink port attrs from 0
Dave Stevenson (3):
media: tc358743: Check I2C succeeded during probe
media: tc358743: Return an appropriate colorspace from tc358743_set_fmt
media: tc358743: Increase FIFO trigger level to 374
David Bauer (1):
wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch
David Collins (1):
thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required
David Lechner (6):
iio: adc: ad_sigma_delta: don't overallocate scan buffer
iio: imu: bno055: fix OOB access of hw_xlate array
iio: adc: ad_sigma_delta: change to buffer predisable
iio: proximity: isl29501: fix buffered read on big-endian systems
iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read()
iio: imu: inv_icm42600: use = { } instead of memset()
David Sterba (3):
btrfs: move transaction aborts to the error site in add_block_group_free_space()
btrfs: open code timespec64 in struct btrfs_inode
btrfs: constify more pointer parameters
David Thompson (3):
gpio: mlxbf2: use platform_get_irq_optional()
Revert "gpio: mlxbf3: only get IRQ for device instance 0"
gpio: mlxbf3: use platform_get_irq_optional()
Davide Caratti (1):
net/sched: ets: use old 'nbands' while purging unused classes
Edward Adam Davis (2):
jfs: Regular file corruption check
comedi: pcl726: Prevent invalid irq number
Eliav Farber (1):
pps: clients: gpio: fix interrupt handling order in remove path
Emanuele Ghidoli (1):
arm64: dts: ti: k3-am62-verdin: Enable pull-ups on I2C buses
Emily Deng (1):
drm/ttm: Should to return the evict error
Eric Biggers (4):
thunderbolt: Fix copy+paste error in match_service_id()
lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap
ipv6: sr: Fix MAC comparison to be constant-time
fscrypt: Don't use problematic non-inline crypto engines
Eric Dumazet (2):
net: better track kernel sockets lifetime
net_sched: sch_ets: implement lockless ets_dump()
Eric Work (1):
net: atlantic: add set_power to fw_ops for atl2 to fix wol
Evgeniy Harchenko (1):
ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6
Fanhua Li (1):
drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor().
Fedor Pchelkin (1):
netlink: avoid infinite retry looping in netlink_unicast()
Fenglin Wu (1):
leds: flash: leds-qcom-flash: Limit LED current based on thermal condition
Filipe Manana (14):
btrfs: abort transaction during log replay if walk_log_tree() failed
btrfs: clear dirty status from extent buffer on error at insert_new_root()
btrfs: fix log tree replay failure due to file with 0 links and extents
btrfs: don't ignore inode missing when replaying log tree
btrfs: qgroup: fix race between quota disable and quota rescan ioctl
btrfs: always abort transaction on failure to add block group to free space tree
btrfs: abort transaction on unexpected eb generation at btrfs_copy_root()
btrfs: send: factor out common logic when sending xattrs
btrfs: send: only use boolean variables at process_recorded_refs()
btrfs: send: add and use helper to rename current inode when processing refs
btrfs: send: keep the current inode's path cached
btrfs: send: avoid path allocation for the current inode when issuing commands
btrfs: send: use fallocate for hole punching with send stream v2
btrfs: send: make fs_path_len() inline and constify its argument
Finn Thain (1):
m68k: Fix lost column on framebuffer debug console
Florian Larysch (1):
net: phy: micrel: fix KSZ8081/KSZ8091 cable test
Florian Westphal (2):
netfilter: ctnetlink: fix refcount leak on table dump
netfilter: nf_reject: don't leak dst refcount for loopback packets
Florin Leotescu (1):
hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state
Frederic Weisbecker (1):
rcu: Fix racy re-initialization of irq_work causing hangs
Gabor Juhos (1):
mtd: spinand: propagate spinand_wait() errors from spinand_write_page()
Gabriel Totev (1):
apparmor: shift ouid when mediating hard links in userns
Gal Pressman (2):
net: vlan: Make is_vlan_dev() a stub when VLAN is not configured
net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs
Gang Ba (1):
drm/amdgpu: Avoid extra evict-restore process.
Gautham R. Shenoy (1):
pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop()
Geliang Tang (2):
mptcp: remove duplicate sk_reset_timer call
mptcp: disable add_addr retransmission when timeout is 0
George Moussalem (1):
clk: qcom: ipq5018: keep XO clock always on
Gerald Schaefer (1):
s390/mm: Remove possible false-positive warning in pte_free_defer()
Geraldo Nascimento (3):
phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal
PCI: rockchip: Use standard PCIe definitions
PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining
Giovanni Cabiddu (2):
crypto: qat - lower priority for skcipher and aead algorithms
crypto: qat - flush misc workqueue during device shutdown
Greg Kroah-Hartman (1):
Linux 6.6.103
Gui-Dong Han (1):
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Haiyang Zhang (1):
hv_netvsc: Fix panic during namespace deletion with VF
Hangbin Liu (2):
bonding: update LACP activity flag after setting lacp_active
bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU
Hans Verkuil (1):
media: vivid: fix wrong pixel_array control size
Hans de Goede (2):
mei: bus: Check for still connected devices in mei_cl_bus_dev_release()
media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls
Haoran Jiang (1):
LoongArch: BPF: Fix jump offset calculation in tailcall
Haoxiang Li (1):
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
Harald Mommer (1):
gpio: virtio: Fix config space reading.
Hari Chandrakanthan (1):
wifi: mac80211: fix rx link assignment for non-MLO stations
Hari Kalavakunta (1):
net: ncsi: Fix buffer overflow in fetching version id
Hariprasad Kelam (1):
Octeontx2-af: Skip overlap check for SPI field
Heikki Krogerus (1):
usb: dwc3: pci: add support for the Intel Wildcat Lake
Heiner Kallweit (1):
dpaa_eth: don't use fixed_phy_change_carrier
Helge Deller (1):
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
Herton R. Krzesinski (1):
mm/debug_vm_pgtable: clear page table entries at destroy_args()
Hiago De Franco (1):
remoteproc: imx_rproc: skip clock enable when M-core is managed by the SCU
Hong Guan (1):
arm64: dts: ti: k3-am62a7-sk: fix pinmux for main_uart1
Horatiu Vultur (1):
phy: mscc: Fix timestamping for vsc8584
Hsin-Te Yuan (1):
thermal: sysfs: Return ENODATA instead of EAGAIN for reads
Huacai Chen (1):
PCI: Extend isolated function probing to LoongArch
Ian Abbott (3):
comedi: fix race between polling and detaching
comedi: Make insn_rw_emulate_bits() do insn->n samples
comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()
Ido Schimmel (1):
mlxsw: spectrum: Forward packets with an IPv4 link-local source IP
Igor Pylypiv (1):
ata: libata-scsi: Fix CDL control
Ihor Solodrai (1):
bpf: Make reg_not_null() true for CONST_PTR_TO_MAP
Ilan Peer (1):
wifi: cfg80211: Fix interface type validation
Ilya Bakoulin (1):
drm/amd/display: Separate set_gsl from set_gsl_source_select
Imre Deak (1):
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Isaac J. Manjarres (4):
mm: drop the assumption that VM_SHARED always implies writable
mm: update memfd seal write check to include F_SEAL_WRITE
mm: reinstate ability to map write-sealed memfd mappings read-only
selftests/memfd: add test for mapping write-sealed memfd read-only
Jack Xiao (1):
drm/amdgpu: fix incorrect vm flags to map bo
Jaegeuk Kim (1):
f2fs: check the generic conditions first
Jakub Acs (1):
net, hsr: reject HSR frame if skb can't hold tag
Jakub Kicinski (3):
tls: handle data disappearing from under the TLS ULP
uapi: in6: restore visibility of most IPv6 socket options
tls: fix handling of zero-length records on the rx_list
Jakub Ramaseuski (1):
net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM
Jan Beulich (1):
compiler: remove __ADDRESSABLE_ASM{_STR,}() again
Jan Kara (2):
loop: Avoid updating block size under exclusive owner
udf: Verify partition map count
Jann Horn (1):
eventpoll: Fix semi-unbounded recursion
Jason Gunthorpe (1):
iommufd: Prevent ALIGN() overflow
Jason Wang (1):
vhost: fail early when __vhost_add_used() fails
Jason Xing (1):
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Jay Chen (1):
usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command
Jean-Baptiste Maneyrol (1):
iio: imu: inv_icm42600: change invalid data error to -EBUSY
Jeff Layton (1):
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
Jens Axboe (1):
io_uring/net: commit partial buffers on retry
Jeongjun Park (1):
ptp: prevent possible ABBA deadlock in ptp_clock_freerun()
Jiasheng Jiang (1):
scsi: lpfc: Remove redundant assignment to avoid memory leak
Jiayi Li (2):
ACPI: processor: perflib: Fix initial _PPC limit application
memstick: Fix deadlock by moving removing flag earlier
Jinjiang Tu (1):
mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
Joel Fernandes (1):
rcu: Fix rcu_read_unlock() deadloop due to IRQ work
Johan Adolfsson (1):
leds: leds-lp50xx: Handle reg to get correct multi_index
Johan Hovold (15):
net: gianfar: fix device leak when querying time stamp info
net: enetc: fix device and OF node leak at probe
net: mtk_eth_soc: fix device leak at probe
net: ti: icss-iep: fix device and OF node leaks at probe
net: dpaa: fix device leak when querying time stamp info
usb: gadget: udc: renesas_usb3: fix device leak at unbind
usb: musb: omap2430: fix device leak at unbind
usb: dwc3: meson-g12a: fix device leaks at unbind
wifi: ath12k: fix dest ring-buffer corruption
wifi: ath12k: fix source ring-buffer corruption
wifi: ath12k: fix dest ring-buffer corruption when ring is full
wifi: ath11k: fix dest ring-buffer corruption
wifi: ath11k: fix source ring-buffer corruption
wifi: ath11k: fix dest ring-buffer corruption when ring is full
usb: dwc3: imx8mp: fix device leak at unbind
Johannes Berg (2):
wifi: cfg80211: reject HTC bit for management frames
wifi: mac80211: don't complete management TX on SAE commit
Johannes Thumshirn (1):
btrfs: zoned: use filesystem size not disk size for reclaim decision
John David Anglin (8):
parisc: Check region is readable by user in raw_copy_from_user()
parisc: Define and use set_pte_at()
parisc: Drop WARN_ON_ONCE() from flush_cache_vmap
parisc: Rename pte_needs_flush() to pte_needs_cache_flush() in cache.c
parisc: Revise __get_user() to probe user read access
parisc: Revise gateway LWS calls to probe user read access
parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault()
parisc: Update comments in make_insert_tlb
John Garry (2):
scsi: aacraid: Stop using PCI_IRQ_AFFINITY
block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
Jon Hunter (1):
soc/tegra: pmc: Ensure power-domains are in a known state
Jonas Rebmann (1):
net: fec: allow disable coalescing
Jonathan Cameron (2):
iio: light: as73211: Ensure buffer holes are zeroed
iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64
Jonathan Santos (1):
iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement
Jordan Rhee (1):
gve: prevent ethtool ops after shutdown
Jorge Marques (1):
i3c: master: Initialize ret in i3c_i2c_notifier_call()
Jorge Ramirez-Ortiz (2):
media: venus: hfi: explicitly release IRQ during teardown
media: venus: protect against spurious interrupts during probe
Judith Mendez (1):
arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support
Justin Tee (1):
scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure
Kanglong Wang (1):
LoongArch: Optimize module load time by optimizing PLT/GOT counting
Karthikeyan Kathirvel (1):
wifi: ath12k: Decrement TID on RX peer frag setup error handling
Kashyap Desai (2):
RDMA/bnxt_re: Fix to do SRQ armena by default
RDMA/bnxt_re: Fix to remove workload check in SRQ limit path
Kathiravan Thirumoorthy (1):
phy: qcom: phy-qcom-m31: Update IPQ5332 M31 USB phy initialization sequence
Kees Cook (3):
arm64: Handle KCOV __init vs inline mismatches
platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches
iommu/amd: Avoid stack buffer overflow from kernel cmdline
Keith Busch (2):
nvme-pci: try function level reset on init failure
vfio/type1: conditional rescheduling while pinning
Krzysztof Hałasa (1):
imx8m-blk-ctrl: set ISI panic write hurry level
Krzysztof Kozlowski (3):
dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints
dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints
leds: flash: leds-qcom-flash: Fix registry access after re-bind
Kuen-Han Tsai (1):
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Kuninori Morimoto (1):
ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed
Kuniyuki Iwashima (2):
ipv6: mcast: Check inet6_dev->dead under idev->mc_lock in __ipv6_dev_mc_inc().
net: Add net_passive_inc() and net_passive_dec().
Lad Prabhakar (1):
drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range
Laurentiu Mihalcea (1):
pwm: imx-tpm: Reset counter if CMOD is 0
Len Brown (1):
intel_idle: Allow loading ACPI tables for any family
Leon Romanovsky (1):
net/mlx5e: Properly access RCU protected qdisc_sleeping variable
Liao Yuanhong (1):
ext4: use kmalloc_array() for array space allocation
Lifeng Zheng (2):
cpufreq: Exit governor when failed to start old governor
PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store()
Lizhi Xu (2):
fs/ntfs3: Add sanity check for file name
jfs: truncate good inode pages when hard link is 0
Lucy Thrun (1):
ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
Ludwig Disterhof (1):
media: usbtv: Lock resolution while streaming
Lukas Wunner (1):
PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports
Ma Ke (1):
sunvdc: Balance device refcount in vdc_port_mpgroup_check
Mael GUERIN (1):
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Manuel Andreas (1):
KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush
Marek Szyprowski (1):
zynq_fpga: use sgtable-based scatterlist wrappers
Marek Vasut (1):
usb: renesas-xhci: Fix External ROM access timeouts
Mario Limonciello (8):
platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list
usb: xhci: Avoid showing warnings for dying controller
usb: xhci: Avoid showing errors during surprise removal
drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual
drm/amd/display: Only finalize atomic_obj if it was initialized
drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported
drm/amd: Restore cached power limit during resume
drm/amd/display: Avoid a NULL pointer dereference
Mark Brown (2):
ASoC: hdac_hdmi: Rate limit logging on connection and disconnection
kselftest/arm64: Specify SVE data when testing VL set in sve-ptrace
Markus Theil (1):
crypto: jitter - fix intermediary handling
Masahiro Yamada (2):
kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed()
kconfig: gconf: fix potential memory leak in renderer_edited()
Masami Hiramatsu (Google) (2):
selftests: tracing: Use mutex_unlock for testing glob filter
tracing: fprobe-event: Sanitize wildcard for fprobe event name
Mateusz Guzik (1):
apparmor: use the condition in AA_BUG_FMT even with debug disabled
Matt Johnston (1):
net: mctp: Prevent duplicate binds
Matthieu Baerts (NGI0) (2):
mptcp: pm: kernel: flush: do not reset ADD_ADDR limit
selftests: mptcp: pm: check flush doesn't reset limits
Maulik Shah (1):
soc: qcom: rpmh-rsc: Add RSC version 4 support
Maurizio Lombardi (1):
scsi: target: core: Generate correct identifiers for PR OUT transport IDs
Maxim Levitsky (3):
KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter
KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs
KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest
Meagan Lloyd (2):
rtc: ds1307: handle oscillator stop flag (OSF) for ds1341
rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe
Miao Li (1):
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
Miaoqian Lin (1):
most: core: Drop device reference after usage in get_channel()
Michael Walle (1):
mtd: spi-nor: Fix spi_nor_try_unlock_all()
Michal Suchanek (1):
powerpc/boot: Fix build with gcc 15
Michel Dänzer (1):
drm/amd/display: Add primary plane to commits for correct VRR handling
Mikhail Lobanov (1):
wifi: mac80211: check basic rates validity in sta_link_apply_parameters
Mikulas Patocka (1):
dm-mpath: don't print the "loaded" message if registering fails
Mina Almasry (1):
netmem: fix skb_frag_address_safe with unreadable skbs
Minhong He (1):
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Miri Korenblit (1):
wifi: iwlwifi: mvm: set gtk id also in older FWs
Myrrh Periwinkle (3):
usb: typec: ucsi: Update power_supply on power role change
vt: keyboard: Don't process Unicode characters in K_OFF mode
vt: defkeymap: Map keycodes above 127 to K_HOLE
Namjae Jeon (1):
ksmbd: extend the connection limiting mechanism to support IPv6
Naohiro Aota (3):
btrfs: zoned: do not remove unwritten non-data block group
btrfs: zoned: do not select metadata BG as finish target
btrfs: zoned: fix write time activation failure for metadata block group
Nathan Chancellor (2):
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
NeilBrown (1):
smb/server: avoid deadlock when linking with ReplaceIfExists
Nicolas Dufresne (1):
media: verisilicon: Fix AV1 decoder clock frequency
Nicolas Escande (1):
neighbour: add support for NUD_PERMANENT proxy entries
Nicolin Chen (1):
iommufd: Report unmapped bytes in the error path of iopt_unmap_iova_range
Niklas Söderlund (1):
media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control
Nitin Gote (1):
iosys-map: Fix undefined behavior in iosys_map_clear()
Ojaswin Mujoo (2):
ext4: fix fsmap end of range reporting with bigalloc
ext4: fix reserved gdt blocks handling in fsmap
Oliver Neukum (3):
usb: core: usb_submit_urb: downgrade type check
net: usb: cdc-ncm: check for filtering capability
cdc-acm: fix race between initial clearing halt and open
Oscar Maes (1):
net: ipv4: fix incorrect MTU in broadcast routes
Pagadala Yesu Anjaneyulu (1):
wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect
Pali Rohár (1):
cifs: Fix calling CIFSFindFirst() for root path without msearch
Paul E. McKenney (1):
rcu: Protect ->defer_qs_iw_pending from data race
Pauli Virtanen (1):
Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established
Pavel Begunkov (1):
io_uring: don't use int for ABI
Pawan Gupta (1):
x86/bugs: Avoid warning when overriding return thunk
Pedro Falcato (1):
RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages
Pei Xiao (1):
clk: tegra: periph: Fix error handling and resolve unsigned compare warning
Peter Oberparleiter (3):
s390/sclp: Fix SCCB present check
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
s390/hypfs: Enable limited access during lockdown
Peter Robinson (1):
reset: brcmstb: Enable reset drivers for ARCH_BCM2835
Peter Ujfalusi (1):
ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()
Petr Pavlu (1):
module: Prevent silent truncation of module name in delete_module(2)
Phillip Lougher (1):
squashfs: fix memory leak in squashfs_fill_super
Prashant Malani (1):
cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag
Pu Lehui (1):
tracing: Limit access to parser->buffer when trace_get_user failed
Purva Yeshi (1):
md: dm-zoned-target: Initialize return variable r to avoid uninitialized use
Qingfang Deng (2):
net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path
ppp: fix race conditions in ppp_fill_forward_path
Qu Wenruo (2):
btrfs: do not allow relocation of partially dropped subvolumes
btrfs: populate otime when logging an inode item
Rafael J. Wysocki (5):
ACPI: processor: perflib: Move problematic pr->performance check
cpuidle: governors: menu: Avoid using invalid recent intervals data
PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit()
PM: runtime: Take active children into account in pm_runtime_get_if_in_use()
cpuidle: governors: menu: Avoid selecting states with too much latency
Raj Kumar Bhagat (1):
wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0
Ramya Gnanasekar (1):
wifi: mac80211: update radar_required in channel context after channel switch
Rand Deeb (1):
wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd()
Randy Dunlap (2):
parisc: Makefile: fix a typo in palo.conf
parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers
Ranjan Kumar (4):
scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans
scsi: mpi3mr: Fix race between config read submit and interrupt completion
scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers
scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems
Ricardo Ribalda (3):
media: uvcvideo: Do not mark valid metadata as invalid
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
media: venus: venc: Clamp param smaller than 1fps and bigger than 240
Richard Zhu (2):
PCI: imx6: Delay link start until configfs 'start' written
PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features
Ricky Wu (1):
misc: rtsx: usb: Ensure mmc child device is active when card is present
Rob Clark (1):
drm/msm: use trylock for debugfs
Rong Zhang (1):
fs/ntfs3: correctly create symlink for relative path
Sabrina Dubroca (1):
udp: also consider secpath when evaluating ipsec use for checksumming
Sakari Ailus (2):
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
PM: runtime: Simplify pm_runtime_get_if_active() usage
Salah Triki (1):
iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe()
Sarah Newman (1):
drbd: add missing kref_get in handle_write_conflicts
Sarika Sharma (2):
wifi: ath12k: Correct tid cleanup when tid setup fails
wifi: ath12k: Add memset and update default rate value in wmi tx completion
Sarthak Garg (1):
mmc: sdhci-msm: Ensure SD card power isn't ON when card removed
Sasha Levin (1):
fs: Prevent file descriptor table allocations exceeding INT_MAX
Sean Christopherson (15):
KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow
KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update()
KVM: x86: Snapshot the host's DEBUGCTL in common x86
KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs
KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint
KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits
KVM: VMX: Handle forced exit due to preemption timer in fastpath
KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers
KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2
KVM: x86: Fully defer to vendor code to decide how to force immediate exit
KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap
KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
KVM: VMX: Extract checking of guest's DEBUGCTL into helper
KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer
Sebastian Ott (1):
ACPI: processor: fix acpi_object initialization
Sebastian Reichel (2):
watchdog: dw_wdt: Fix default timeout
usb: typec: fusb302: cache PD RX state
Selvarasu Ganesan (1):
usb: dwc3: Remove WARN_ON for device endpoint command timeouts
Sergey Bashirov (4):
pNFS: Fix stripe mapping in block/scsi layout
pNFS: Fix disk addr range check in block/scsi layout
pNFS: Handle RPC size limit for layoutcommits
pNFS: Fix uninited ptr deref in block/scsi layout
Sergey Shtylyov (1):
Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync()
Shankari Anand (1):
kconfig: nconf: Ensure null termination where strncpy is used
Shannon Nelson (1):
ionic: clean dbpage in de-init
Shengjiu Wang (1):
ASoC: fsl_sai: replace regmap_write with regmap_update_bits
Shiji Yang (2):
MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free}
MIPS: lantiq: falcon: sysctrl: fix request memory check logic
Showrya M N (1):
scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated
Shuai Xue (1):
ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered
Shubhrajyoti Datta (1):
EDAC/synopsys: Clear the ECC counters on init
Shyam Prasad N (1):
cifs: reset iface weights when we cannot find a candidate
Sravan Kumar Gundu (1):
fbdev: Fix vmalloc out-of-bounds write in fast_imageblit
Srinivas Kandagatla (1):
ASoC: qcom: use drvdata instead of component to keep id
Stanislaw Gruszka (1):
wifi: iwlegacy: Check rate_idx range after addition
Stefan Metzmacher (3):
smb: client: let send_done() cleanup before calling smbd_disconnect_rdma_connection()
smb: client: don't wait for info->send_pending == 0 on error
smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy()
Stefan Wahren (1):
spi: spi-fsl-lpspi: Clamp too high speed_hz
Steve French (1):
smb3: fix for slab out of bounds on mount to ksmbd
Steven Rostedt (5):
tracefs: Add d_delete to remove negative dentries
powerpc/thp: tracing: Hide hugepage events under CONFIG_PPC_BOOK3S_64
ktest.pl: Prevent recursion of default variable options
ftrace: Also allocate and copy hash for reading of filter files
tracing: Remove unneeded goto out logic
Su Hui (1):
usb: xhci: print xhci->xhc_state when queue_command failed
Suchit Karunakaran (1):
kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c
Sven Schnelle (2):
s390/time: Use monotonic clock in get_cycles()
s390/stp: Remove udelay from stp_sync_clock()
Takashi Iwai (5):
ALSA: usb-audio: Validate UAC3 power domain descriptors, too
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
ALSA: hda: Handle the jack polling always via a work
ALSA: hda: Disable jack polling at shutdown
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
Tetsuo Handa (1):
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
Theodore Ts'o (2):
ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
ext4: don't try to clear the orphan_present feature block device is r/o
Thierry Reding (1):
firmware: tegra: Fix IVC dependency problems
Thomas Fourier (8):
et131x: Add missing check after DMA map
net: ag71xx: Add missing check after DMA map
(powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer
wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`.
powerpc: floppy: Add missing checks after DMA map
wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc()
mtd: rawnand: fsmc: Add missing check after DMA map
mtd: rawnand: renesas: Add missing check after DMA map
Thomas Weißschuh (5):
tools/nolibc: define time_t in terms of __kernel_old_time_t
tools/build: Fix s390(x) cross-compilation with clang
um: Re-evaluate thread flags repeatedly
MIPS: Don't crash in stack_top() for tasks without ABI or vDSO
kbuild: userprogs: use correct linker when mixing clang and GNU ld
Thorsten Blum (2):
cdx: Fix off-by-one error in cdx_rpmsg_probe()
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Tianxiang Peng (1):
x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper
Tim Harvey (1):
hwmon: (gsc-hwmon) fix fan pwm setpoint show functions
Timur Kristóf (6):
drm/amd/display: Don't overwrite dce60_clk_mgr
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
drm/amd/display: Fix DP audio DTO1 clock source on DCE 6.
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs
drm/amd/display: Don't overclock DCE 6 by 15%
Tomasz Michalec (2):
usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present
platform/chrome: cros_ec_typec: Defer probe on missing EC parent
Trond Myklebust (1):
NFS: Fix the setting of capabilities when automounting a new filesystem
Tvrtko Ursulin (1):
drm/ttm: Respect the shrinker core free target
Tzung-Bi Shih (1):
platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister()
Ulf Hansson (1):
mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode()
Uwe Kleine-König (2):
pwm: mediatek: Handle hardware enable and clock enable separately
pwm: mediatek: Fix duty and period setting
ValdikSS (1):
igc: fix disabling L1.2 PCI-E link substate on I226 on init
Vasiliy Kovalev (1):
ALSA: hda/realtek: Fix headset mic on HONOR BRB-X
Vedang Nagar (2):
media: venus: Fix OOB read due to missing payload bound check
media: venus: Add a check for packet size after reading from shared memory
Viacheslav Dubeyko (5):
hfs: fix general protection fault in hfs_find_init()
hfs: fix slab-out-of-bounds in hfs_bnode_read()
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
hfs: fix not erasing deleted b-tree node issue
Victor Shih (3):
mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency
mmc: sdhci-pci-gli: Add a new function to simplify the code
mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER
Vijendar Mukunda (1):
soundwire: amd: serialize amd manager resume sequence during pm_prepare
Vincent Guittot (8):
sched/topology: Add a new arch_scale_freq_ref() method
cpufreq: Use the fixed and coherent frequency for scaling capacity
cpufreq/schedutil: Use a fixed reference frequency
energy_model: Use a fixed reference frequency
cpufreq/cppc: Set the frequency used for computing the capacity
arm64/amu: Use capacity_ref_freq() to set AMU ratio
topology: Set capacity_freq_ref in all cases
sched/fair: Fix frequency selection for non-invariant case
Vladimir Zapolskiy (1):
media: qcom: camss: cleanup media device allocated resource on error path
Waiman Long (2):
mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup()
cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key
Wang Liang (1):
net: bridge: fix soft lockup in br_multicast_query_expired()
Wang Zhaolong (2):
smb: client: remove redundant lstrp update in negotiate protocol
smb: client: fix netns refcount leak after net_passive changes
Wayne Lin (1):
drm/amd/display: Avoid trying AUX transactions on disconnected ports
Wei Gao (1):
ext2: Handle fiemap on empty files to prevent EINVAL
Weitao Wang (1):
usb: xhci: Fix slot_id resource race conflict
Wen Chen (1):
drm/amd/display: Fix 'failed to blank crtc!'
Will Deacon (4):
vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page
vsock/virtio: Validate length in packet header before skb_put()
vhost/vsock: Avoid allocating arbitrarily-sized SKBs
KVM: arm64: Fix kernel BUG() due to bad backport of FPSIMD/SVE/SME fix
William Liu (2):
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
Willy Tarreau (1):
tools/nolibc: fix spelling of FD_SETBITMASK in FD_* macros
Wolfram Sang (3):
media: usb: hdpvr: disable zero-length read messages
i3c: add missing include to internal header
i3c: don't fail if GETHDRCAP is unsupported
Xin Long (1):
sctp: linearize cloned gso packets in sctp_rcv
Xinxin Wan (1):
ASoC: codecs: rt5640: Retry DEVICE_ID verification
Xinyu Liu (1):
usb: core: config: Prevent OOB read in SS endpoint companion parsing
Xu Yang (2):
net: usb: asix_devices: add phy_mask for ax88772 mdio bus
usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test
Xu Yilun (1):
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Yann E. MORIN (1):
kconfig: lxdialog: fix 'space' to (de)select options
Ye Bin (1):
fs/buffer: fix use-after-free when call bh_read() helper
Yonghong Song (1):
selftests/bpf: Fix a user_ringbuf failure with arm64 64KB page size
Yongzhen Zhang (1):
fbdev: fix potential buffer overflow in do_register_framebuffer()
Youngjun Lee (1):
media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()
Youssef Samir (1):
bus: mhi: host: Detect events pointing to unexpected TREs
Yuan Chen (1):
bpftool: Fix JSON writer resource leak in version command
Yuezhang Mo (1):
exfat: add cluster chain loop check for dir
Yuichiro Tsuji (1):
net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization
Yunhui Cui (1):
serial: 8250: fix panic due to PSLVERR
Yury Norov [NVIDIA] (1):
RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()
Zenm Chen (1):
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Zhang Shurong (1):
media: ov2659: Fix memory leaks in ov2659_probe()
Zhang Yi (1):
ext4: fix hole length calculation overflow in non-extent inodes
Zhiqi Song (1):
crypto: hisilicon/hpre - fix dma unmap sequence
Zhu Qiyu (1):
ACPI: PRM: Reduce unnecessary printing to avoid user confusion
Zijun Hu (2):
char: misc: Fix improper and inaccurate error code returned by misc_init()
Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie()
Ziyan Fu (1):
watchdog: iTCO_wdt: Report error if timeout configuration fails
Ziyan Xu (1):
ksmbd: fix refcount leak causing resource not released
chenchangcheng (1):
media: uvcvideo: Fix bandwidth issue for Alcor camera
fangzhong.zhou (1):
i2c: Force DLL0945 touchpad i2c freq to 100khz
jackysliu (1):
scsi: bfa: Double-free fix
tuhaowen (1):
PM: sleep: console: Fix the black screen issue
zhangjianrong (2):
net: thunderbolt: Enable end-to-end flow control also in transmit
net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths()
Álvaro Fernández Rojas (5):
net: dsa: b53: fix b53_imp_vlan_setup for BCM5325
net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325
net: dsa: b53: prevent DIS_LEARNING access on BCM5325
net: dsa: b53: prevent SWITCH_CTRL access on BCM5325
net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325
2 weeks, 6 days
- 1
- 1
Linux 6.1.149
by Greg Kroah-Hartman
I'm announcing the release of the 6.1.149 kernel.
All users of the 6.1 kernel series must upgrade.
The updated 6.1.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2
Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dsi-host.yaml | 2
Documentation/firmware-guide/acpi/i2c-muxes.rst | 8
Documentation/networking/bonding.rst | 12
Documentation/networking/mptcp-sysctl.rst | 2
Makefile | 4
arch/arm/Makefile | 2
arch/arm/mach-rockchip/platsmp.c | 15
arch/arm/mach-tegra/reset.c | 2
arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1
arch/arm64/include/asm/acpi.h | 2
arch/arm64/kernel/cpufeature.c | 1
arch/arm64/kernel/entry.S | 6
arch/arm64/kernel/fpsimd.c | 4
arch/arm64/kernel/traps.c | 1
arch/arm64/mm/fault.c | 1
arch/arm64/mm/ptdump_debugfs.c | 3
arch/loongarch/net/bpf_jit.c | 21
arch/m68k/kernel/head.S | 31 -
arch/mips/crypto/chacha-core.S | 20
arch/mips/include/asm/vpe.h | 8
arch/mips/kernel/process.c | 16
arch/mips/lantiq/falcon/sysctrl.c | 23 -
arch/parisc/Makefile | 6
arch/parisc/include/asm/special_insns.h | 28 +
arch/parisc/include/asm/uaccess.h | 21
arch/parisc/kernel/entry.S | 17
arch/parisc/kernel/syscall.S | 30 -
arch/parisc/lib/memcpy.c | 19
arch/parisc/mm/fault.c | 4
arch/powerpc/include/asm/floppy.h | 5
arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6
arch/s390/hypfs/hypfs_dbfs.c | 19
arch/s390/include/asm/timex.h | 13
arch/s390/kernel/time.c | 2
arch/s390/mm/dump_pagetables.c | 2
arch/um/include/asm/thread_info.h | 4
arch/um/kernel/process.c | 20
arch/x86/events/intel/core.c | 2
arch/x86/include/asm/kvm-x86-ops.h | 2
arch/x86/include/asm/kvm_host.h | 24 -
arch/x86/include/asm/msr-index.h | 1
arch/x86/include/asm/reboot.h | 5
arch/x86/include/asm/virtext.h | 10
arch/x86/include/asm/xen/hypercall.h | 5
arch/x86/kernel/cpu/bugs.c | 5
arch/x86/kernel/cpu/hygon.c | 3
arch/x86/kernel/cpu/mce/amd.c | 13
arch/x86/kernel/reboot.c | 43 +
arch/x86/kvm/hyperv.c | 10
arch/x86/kvm/lapic.c | 61 ++
arch/x86/kvm/lapic.h | 1
arch/x86/kvm/svm/svm.c | 49 +-
arch/x86/kvm/svm/vmenter.S | 9
arch/x86/kvm/trace.h | 9
arch/x86/kvm/vmx/nested.c | 26 -
arch/x86/kvm/vmx/pmu_intel.c | 8
arch/x86/kvm/vmx/vmx.c | 183 +++++---
arch/x86/kvm/vmx/vmx.h | 31 +
arch/x86/kvm/x86.c | 65 +-
arch/x86/kvm/x86.h | 12
block/blk-core.c | 26 -
block/blk-settings.c | 2
drivers/acpi/acpi_processor.c | 2
drivers/acpi/apei/ghes.c | 2
drivers/acpi/pfr_update.c | 2
drivers/acpi/prmt.c | 26 +
drivers/acpi/processor_perflib.c | 11
drivers/ata/Kconfig | 35 +
drivers/ata/libata-sata.c | 5
drivers/ata/libata-scsi.c | 20
drivers/base/power/runtime.c | 5
drivers/block/drbd/drbd_receiver.c | 6
drivers/block/sunvdc.c | 4
drivers/bus/mhi/host/boot.c | 8
drivers/bus/mhi/host/internal.h | 4
drivers/bus/mhi/host/main.c | 12
drivers/char/ipmi/ipmi_msghandler.c | 8
drivers/char/ipmi/ipmi_watchdog.c | 59 +-
drivers/comedi/comedi_fops.c | 36 +
drivers/comedi/comedi_internal.h | 1
drivers/comedi/drivers.c | 36 -
drivers/comedi/drivers/pcl726.c | 3
drivers/cpufreq/armada-8k-cpufreq.c | 2
drivers/cpufreq/cppc_cpufreq.c | 2
drivers/cpufreq/cpufreq.c | 8
drivers/crypto/hisilicon/hpre/hpre_crypto.c | 8
drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 16
drivers/crypto/qat/qat_4xxx/adf_4xxx_hw_data.c | 13
drivers/crypto/qat/qat_common/adf_accel_devices.h | 1
drivers/crypto/qat/qat_common/adf_gen4_hw_data.h | 6
drivers/crypto/qat/qat_common/adf_init.c | 3
drivers/devfreq/governor_userspace.c | 6
drivers/dma/stm32-dma.c | 2
drivers/edac/synopsys_edac.c | 97 ++--
drivers/fpga/zynq-fpga.c | 10
drivers/gpio/gpio-mlxbf2.c | 2
drivers/gpio/gpio-tps65912.c | 7
drivers/gpio/gpio-virtio.c | 9
drivers/gpio/gpio-wcd934x.c | 7
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4
drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6
drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 +-
drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 6
drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2
drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1
drivers/gpu/drm/amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2
drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 +
drivers/gpu/drm/amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 -
drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11
drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6
drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 37 -
drivers/gpu/drm/display/drm_dp_helper.c | 2
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4
drivers/gpu/drm/msm/msm_gem.c | 3
drivers/gpu/drm/msm/msm_gem.h | 6
drivers/gpu/drm/scheduler/sched_entity.c | 21
drivers/gpu/drm/ttm/ttm_pool.c | 8
drivers/gpu/drm/ttm/ttm_resource.c | 3
drivers/hid/hid-apple.c | 13
drivers/hid/hid-magicmouse.c | 56 +-
drivers/hwmon/emc2305.c | 10
drivers/hwmon/gsc-hwmon.c | 4
drivers/i2c/i2c-core-acpi.c | 1
drivers/i3c/internals.h | 1
drivers/i3c/master.c | 4
drivers/iio/adc/ad7768-1.c | 23 -
drivers/iio/adc/ad_sigma_delta.c | 6
drivers/iio/imu/bno055/bno055.c | 11
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 6
drivers/iio/light/as73211.c | 2
drivers/iio/light/hid-sensor-prox.c | 8
drivers/iio/pressure/bmp280-core.c | 9
drivers/iio/proximity/isl29501.c | 16
drivers/iio/temperature/maxim_thermocouple.c | 26 -
drivers/infiniband/core/nldev.c | 22
drivers/infiniband/hw/bnxt_re/qplib_res.c | 2
drivers/infiniband/hw/erdma/erdma_verbs.c | 4
drivers/infiniband/hw/hfi1/affinity.c | 44 +
drivers/iommu/amd/init.c | 4
drivers/leds/leds-lp50xx.c | 11
drivers/md/dm-ps-historical-service-time.c | 4
drivers/md/dm-ps-queue-length.c | 4
drivers/md/dm-ps-round-robin.c | 4
drivers/md/dm-ps-service-time.c | 4
drivers/md/dm-table.c | 10
drivers/md/dm-zoned-target.c | 2
drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3
drivers/media/dvb-frontends/dib7000p.c | 8
drivers/media/i2c/hi556.c | 26 -
drivers/media/i2c/ov2659.c | 3
drivers/media/i2c/tc358743.c | 86 ++-
drivers/media/platform/qcom/camss/camss.c | 4
drivers/media/platform/qcom/venus/core.c | 8
drivers/media/platform/qcom/venus/core.h | 2
drivers/media/platform/qcom/venus/helpers.c | 2
drivers/media/platform/qcom/venus/hfi_helper.h | 61 ++
drivers/media/platform/qcom/venus/hfi_msgs.c | 85 ++-
drivers/media/platform/qcom/venus/hfi_venus.c | 5
drivers/media/platform/qcom/venus/vdec.c | 13
drivers/media/platform/qcom/venus/vdec_ctrls.c | 2
drivers/media/platform/qcom/venus/venc.c | 9
drivers/media/platform/qcom/venus/venc_ctrls.c | 2
drivers/media/test-drivers/vivid/vivid-ctrls.c | 3
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4
drivers/media/usb/gspca/vicam.c | 10
drivers/media/usb/hdpvr/hdpvr-i2c.c | 6
drivers/media/usb/usbtv/usbtv-video.c | 4
drivers/media/usb/uvc/uvc_driver.c | 3
drivers/media/usb/uvc/uvc_video.c | 21
drivers/media/v4l2-core/v4l2-common.c | 8
drivers/media/v4l2-core/v4l2-ctrls-core.c | 1
drivers/memstick/core/memstick.c | 1
drivers/memstick/host/rtsx_usb_ms.c | 1
drivers/misc/cardreader/rtsx_usb.c | 16
drivers/misc/mei/bus.c | 6
drivers/mmc/host/rtsx_usb_sdmmc.c | 4
drivers/mmc/host/sdhci-msm.c | 14
drivers/mmc/host/sdhci-pci-gli.c | 33 -
drivers/most/core.c | 2
drivers/mtd/nand/raw/fsmc_nand.c | 2
drivers/mtd/nand/raw/renesas-nand-controller.c | 6
drivers/mtd/nand/spi/core.c | 5
drivers/mtd/spi-nor/swp.c | 19
drivers/net/bonding/bond_3ad.c | 224 ++++++++--
drivers/net/bonding/bond_main.c | 1
drivers/net/bonding/bond_netlink.c | 16
drivers/net/bonding/bond_options.c | 29 +
drivers/net/dsa/b53/b53_common.c | 65 ++
drivers/net/dsa/b53/b53_regs.h | 2
drivers/net/dummy.c | 1
drivers/net/ethernet/agere/et131x.c | 36 +
drivers/net/ethernet/aquantia/atlantic/aq_hw.h | 2
drivers/net/ethernet/aquantia/atlantic/hw_atl2/hw_atl2_utils_fw.c | 39 +
drivers/net/ethernet/atheros/ag71xx.c | 9
drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4
drivers/net/ethernet/emulex/benet/be_main.c | 8
drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 2
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4
drivers/net/ethernet/freescale/enetc/enetc_pf.c | 14
drivers/net/ethernet/freescale/fec_main.c | 34 -
drivers/net/ethernet/freescale/gianfar_ethtool.c | 4
drivers/net/ethernet/google/gve/gve_adminq.c | 1
drivers/net/ethernet/google/gve/gve_main.c | 2
drivers/net/ethernet/intel/igc/igc_main.c | 14
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4
drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2
drivers/net/ethernet/mediatek/mtk_wed.c | 1
drivers/net/ethernet/mellanox/mlx5/core/en/qos.c | 2
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2
drivers/net/ethernet/mellanox/mlxsw/trap.h | 1
drivers/net/ethernet/pensando/ionic/ionic_lif.c | 7
drivers/net/geneve.c | 1
drivers/net/hyperv/hyperv_net.h | 3
drivers/net/hyperv/netvsc_drv.c | 29 +
drivers/net/loopback.c | 1
drivers/net/phy/micrel.c | 2
drivers/net/phy/mscc/mscc.h | 12
drivers/net/phy/mscc/mscc_main.c | 12
drivers/net/phy/mscc/mscc_ptp.c | 49 +-
drivers/net/phy/smsc.c | 1
drivers/net/ppp/ppp_generic.c | 17
drivers/net/thunderbolt.c | 21
drivers/net/usb/asix_devices.c | 1
drivers/net/usb/cdc_ncm.c | 20
drivers/net/veth.c | 1
drivers/net/vxlan/vxlan_core.c | 1
drivers/net/wireless/ath/ath11k/ce.c | 3
drivers/net/wireless/ath/ath11k/dp_rx.c | 3
drivers/net/wireless/ath/ath11k/hal.c | 33 +
drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2
drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5
drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2
drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7
drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2
drivers/net/wireless/realtek/rtlwifi/pci.c | 23 -
drivers/net/wireless/realtek/rtw89/core.c | 3
drivers/net/wireless/realtek/rtw89/fw.c | 9
drivers/net/wireless/realtek/rtw89/fw.h | 2
drivers/net/wireless/realtek/rtw89/mac.c | 19
drivers/net/wireless/realtek/rtw89/reg.h | 1
drivers/net/xen-netfront.c | 5
drivers/pci/controller/pcie-rockchip-host.c | 49 +-
drivers/pci/controller/pcie-rockchip.h | 11
drivers/pci/endpoint/pci-ep-cfs.c | 1
drivers/pci/endpoint/pci-epf-core.c | 2
drivers/pci/pci-acpi.c | 4
drivers/pci/pci.c | 8
drivers/pci/probe.c | 2
drivers/pinctrl/stm32/pinctrl-stm32.c | 1
drivers/platform/chrome/cros_ec.c | 19
drivers/platform/chrome/cros_ec_typec.c | 4
drivers/platform/x86/thinkpad_acpi.c | 4
drivers/pps/clients/pps-gpio.c | 5
drivers/ptp/ptp_clock.c | 2
drivers/pwm/pwm-imx-tpm.c | 9
drivers/pwm/pwm-mediatek.c | 71 +--
drivers/remoteproc/imx_rproc.c | 4
drivers/reset/Kconfig | 10
drivers/rtc/rtc-ds1307.c | 15
drivers/s390/char/sclp.c | 11
drivers/scsi/aacraid/comminit.c | 3
drivers/scsi/bfa/bfad_im.c | 1
drivers/scsi/libiscsi.c | 3
drivers/scsi/lpfc/lpfc_debugfs.c | 1
drivers/scsi/lpfc/lpfc_scsi.c | 4
drivers/scsi/mpi3mr/mpi3mr.h | 6
drivers/scsi/mpi3mr/mpi3mr_fw.c | 17
drivers/scsi/mpi3mr/mpi3mr_os.c | 22
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19
drivers/scsi/qla4xxx/ql4_os.c | 2
drivers/scsi/scsi_scan.c | 2
drivers/scsi/scsi_transport_sas.c | 60 ++
drivers/soc/qcom/mdt_loader.c | 68 ++-
drivers/soc/tegra/pmc.c | 51 +-
drivers/staging/media/imx/imx-media-csc-scaler.c | 2
drivers/target/target_core_fabric_lib.c | 63 ++
drivers/target/target_core_internal.h | 4
drivers/target/target_core_pr.c | 18
drivers/thermal/qcom/qcom-spmi-temp-alarm.c | 43 +
drivers/thermal/thermal_sysfs.c | 9
drivers/thunderbolt/domain.c | 2
drivers/tty/serial/8250/8250_port.c | 3
drivers/tty/vt/defkeymap.c_shipped | 112 +++++
drivers/tty/vt/keyboard.c | 2
drivers/ufs/host/ufs-exynos.c | 4
drivers/ufs/host/ufshcd-pci.c | 42 +
drivers/usb/atm/cxacru.c | 106 ++--
drivers/usb/class/cdc-acm.c | 11
drivers/usb/core/config.c | 10
drivers/usb/core/hcd.c | 8
drivers/usb/core/quirks.c | 1
drivers/usb/core/urb.c | 2
drivers/usb/dwc3/dwc3-imx8mp.c | 6
drivers/usb/dwc3/dwc3-meson-g12a.c | 3
drivers/usb/dwc3/ep0.c | 20
drivers/usb/dwc3/gadget.c | 19
drivers/usb/gadget/udc/renesas_usb3.c | 1
drivers/usb/host/xhci-mem.c | 2
drivers/usb/host/xhci-pci-renesas.c | 7
drivers/usb/host/xhci-ring.c | 10
drivers/usb/host/xhci.c | 6
drivers/usb/musb/omap2430.c | 20
drivers/usb/storage/realtek_cr.c | 2
drivers/usb/storage/unusual_devs.h | 29 +
drivers/usb/typec/mux/intel_pmc_mux.c | 2
drivers/usb/typec/tcpm/fusb302.c | 8
drivers/usb/typec/ucsi/psy.c | 2
drivers/usb/typec/ucsi/ucsi.c | 1
drivers/usb/typec/ucsi/ucsi.h | 7
drivers/vfio/pci/mlx5/cmd.c | 4
drivers/vfio/vfio_iommu_type1.c | 7
drivers/vhost/vhost.c | 3
drivers/vhost/vsock.c | 6
drivers/video/console/vgacon.c | 2
drivers/video/fbdev/core/fbcon.c | 9
drivers/video/fbdev/core/fbmem.c | 3
drivers/virt/coco/efi_secret/efi_secret.c | 10
drivers/watchdog/dw_wdt.c | 2
drivers/watchdog/iTCO_wdt.c | 6
drivers/watchdog/sbsa_gwdt.c | 50 ++
fs/btrfs/block-group.c | 27 +
fs/btrfs/ctree.c | 9
fs/btrfs/ordered-data.c | 12
fs/btrfs/qgroup.c | 31 +
fs/btrfs/relocation.c | 19
fs/btrfs/send.c | 39 +
fs/btrfs/tree-log.c | 60 +-
fs/btrfs/zoned.c | 3
fs/buffer.c | 2
fs/crypto/fscrypt_private.h | 17
fs/crypto/hkdf.c | 2
fs/crypto/keysetup.c | 3
fs/crypto/keysetup_v1.c | 3
fs/eventpoll.c | 60 ++
fs/ext2/inode.c | 12
fs/ext4/fsmap.c | 23 -
fs/ext4/indirect.c | 4
fs/ext4/inline.c | 19
fs/ext4/inode.c | 2
fs/ext4/mballoc.c | 67 +-
fs/ext4/orphan.c | 5
fs/ext4/super.c | 8
fs/f2fs/data.c | 2
fs/f2fs/f2fs.h | 1
fs/f2fs/inode.c | 7
fs/f2fs/node.c | 10
fs/file.c | 90 +---
fs/hfs/bnode.c | 93 ++++
fs/hfsplus/bnode.c | 92 ++++
fs/hfsplus/unicode.c | 7
fs/hfsplus/xattr.c | 6
fs/hugetlbfs/inode.c | 2
fs/jbd2/checkpoint.c | 1
fs/jfs/file.c | 3
fs/jfs/inode.c | 2
fs/jfs/jfs_dmap.c | 6
fs/libfs.c | 4
fs/namespace.c | 34 -
fs/nfs/blocklayout/blocklayout.c | 4
fs/nfs/blocklayout/dev.c | 5
fs/nfs/blocklayout/extent_tree.c | 20
fs/nfs/client.c | 44 +
fs/nfs/internal.h | 2
fs/nfs/nfs4client.c | 20
fs/nfs/nfs4proc.c | 2
fs/nfs/pnfs.c | 11
fs/nfsd/nfs4state.c | 34 +
fs/ntfs3/dir.c | 3
fs/ntfs3/inode.c | 31 -
fs/orangefs/orangefs-debugfs.c | 2
fs/smb/client/cifssmb.c | 10
fs/smb/client/connect.c | 1
fs/smb/client/sess.c | 9
fs/smb/client/smb2ops.c | 11
fs/smb/server/connection.c | 3
fs/smb/server/connection.h | 7
fs/smb/server/smb2pdu.c | 16
fs/smb/server/transport_rdma.c | 5
fs/smb/server/transport_rdma.h | 4
fs/smb/server/transport_tcp.c | 26 +
fs/squashfs/super.c | 14
fs/udf/super.c | 13
fs/xfs/xfs_itable.c | 6
include/linux/blk_types.h | 6
include/linux/compiler.h | 8
include/linux/fs.h | 4
include/linux/hypervisor.h | 3
include/linux/if_vlan.h | 6
include/linux/iosys-map.h | 7
include/linux/memfd.h | 14
include/linux/mm.h | 82 ++-
include/linux/pci.h | 10
include/linux/platform_data/cros_ec_proto.h | 4
include/linux/skbuff.h | 8
include/linux/usb/cdc_ncm.h | 1
include/linux/virtio_vsock.h | 7
include/net/bond_3ad.h | 3
include/net/bond_options.h | 1
include/net/bonding.h | 23 +
include/net/cfg80211.h | 2
include/net/mac80211.h | 2
include/net/neighbour.h | 1
include/sound/soc-dai.h | 13
include/uapi/linux/if_link.h | 1
include/uapi/linux/in6.h | 4
include/uapi/linux/io_uring.h | 2
include/uapi/linux/pfrut.h | 1
kernel/cgroup/cpuset.c | 2
kernel/fork.c | 2
kernel/module/main.c | 10
kernel/power/console.c | 7
kernel/rcu/tree_plugin.h | 3
kernel/sched/fair.c | 19
kernel/trace/ftrace.c | 19
kernel/trace/trace.c | 33 -
kernel/trace/trace.h | 8
mm/debug_vm_pgtable.c | 9
mm/filemap.c | 2
mm/kmemleak.c | 10
mm/madvise.c | 2
mm/memfd.c | 2
mm/memory-failure.c | 8
mm/mmap.c | 12
mm/ptdump.c | 2
mm/shmem.c | 2
net/bluetooth/hci_conn.c | 3
net/bluetooth/hci_sync.c | 43 +
net/bridge/br_multicast.c | 16
net/bridge/br_private.h | 2
net/core/dev.c | 12
net/core/neighbour.c | 12
net/hsr/hsr_slave.c | 8
net/ipv4/ip_tunnel.c | 1
net/ipv4/netfilter/nf_reject_ipv4.c | 6
net/ipv4/route.c | 1
net/ipv4/udp_offload.c | 2
net/ipv6/addrconf.c | 7
net/ipv6/ip6_gre.c | 2
net/ipv6/ip6_tunnel.c | 1
net/ipv6/ip6_vti.c | 1
net/ipv6/mcast.c | 11
net/ipv6/netfilter/nf_reject_ipv6.c | 5
net/ipv6/seg6_hmac.c | 6
net/ipv6/sit.c | 1
net/mac80211/cfg.c | 12
net/mac80211/chan.c | 1
net/mac80211/mlme.c | 9
net/mac80211/sta_info.c | 5
net/mctp/af_mctp.c | 26 +
net/mptcp/options.c | 9
net/mptcp/pm.c | 8
net/mptcp/pm_netlink.c | 19
net/mptcp/protocol.c | 55 ++
net/mptcp/protocol.h | 27 -
net/mptcp/subflow.c | 30 -
net/ncsi/internal.h | 2
net/ncsi/ncsi-rsp.c | 1
net/netfilter/nf_conntrack_netlink.c | 24 -
net/netlink/af_netlink.c | 2
net/sched/sch_cake.c | 14
net/sched/sch_ets.c | 36 -
net/sched/sch_htb.c | 2
net/tls/tls_sw.c | 16
net/vmw_vsock/virtio_transport.c | 14
net/wireless/mlme.c | 3
scripts/kconfig/gconf.c | 8
scripts/kconfig/lxdialog/inputbox.c | 6
scripts/kconfig/lxdialog/menubox.c | 2
scripts/kconfig/nconf.c | 2
scripts/kconfig/nconf.gui.c | 1
security/apparmor/include/lib.h | 6
security/inode.c | 2
sound/core/pcm_native.c | 19
sound/pci/hda/hda_codec.c | 42 -
sound/pci/hda/patch_ca0132.c | 2
sound/pci/hda/patch_realtek.c | 4
sound/pci/intel8x0.c | 2
sound/soc/codecs/hdac_hdmi.c | 10
sound/soc/codecs/rt5640.c | 5
sound/soc/fsl/fsl_asrc.c | 16
sound/soc/fsl/fsl_aud2htx.c | 10
sound/soc/fsl/fsl_easrc.c | 16
sound/soc/fsl/fsl_esai.c | 20
sound/soc/fsl/fsl_micfil.c | 14
sound/soc/fsl/fsl_sai.c | 44 -
sound/soc/fsl/fsl_spdif.c | 17
sound/soc/fsl/fsl_ssi.c | 3
sound/soc/fsl/fsl_xcvr.c | 16
sound/soc/generic/audio-graph-card.c | 2
sound/soc/intel/avs/core.c | 3
sound/soc/soc-core.c | 28 +
sound/soc/soc-dai.c | 43 +
sound/soc/soc-dapm.c | 4
sound/usb/mixer_quirks.c | 14
sound/usb/stream.c | 25 -
sound/usb/validate.c | 14
tools/include/nolibc/std.h | 4
tools/include/nolibc/types.h | 4
tools/include/uapi/linux/if_link.h | 1
tools/power/cpupower/utils/idle_monitor/mperf_monitor.c | 4
tools/scripts/Makefile.include | 4
tools/testing/ktest/ktest.pl | 5
tools/testing/selftests/arm64/fp/sve-ptrace.c | 3
tools/testing/selftests/bpf/prog_tests/user_ringbuf.c | 10
tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc | 2
tools/testing/selftests/futex/include/futextest.h | 11
tools/testing/selftests/memfd/memfd_test.c | 43 +
tools/testing/selftests/net/mptcp/pm_netlink.sh | 1
511 files changed, 4940 insertions(+), 1988 deletions(-)
Aahil Awatramani (1):
bonding: Add independent control state machine
Aaron Kling (1):
ARM: tegra: Use I/O memcpy to write to IRAM
Aaron Plattner (1):
watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition
Ada Couprie Diaz (1):
arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()
Aditya Garg (2):
HID: magicmouse: avoid setting up battery timer when not needed
HID: apple: avoid setting up battery timer for devices without battery
Adrian Hunter (1):
scsi: ufs: ufs-pci: Fix default runtime and system PM levels
Al Viro (5):
better lockdep annotations for simple_recursive_removal()
fix locking in efi_secret_unlink()
securityfs: don't pin dentries twice, once is enough...
use uniform permission checks for all mount propagation changes
alloc_fdtable(): change calling conventions.
Alex Deucher (1):
drm/amdgpu: update mmhub 3.0.1 client id mappings
Alex Guo (2):
media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()
media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar
Alexander Kochetkov (1):
ARM: rockchip: fix kernel hang during smp initialization
Alexander Wilhelm (1):
bus: mhi: host: Fix endianness of BHI vector table
Alok Tiwari (4):
ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4
be2net: Use correct byte order and format string for TCP seq and ack_seq
net: thunderx: Fix format-truncation warning in bgx_acpi_match_id()
gve: Return error for unknown admin queue command
Amber Lin (1):
drm/amdkfd: Destroy KFD debugfs after destroy KFD wq
Amelie Delaunay (1):
dmaengine: stm32-dma: configure next sg only if there are more than 2 sgs
Amir Mohammad Jahangirzad (1):
fs/orangefs: use snprintf() instead of sprintf()
Anantha Prabhu (1):
RDMA/bnxt_re: Fix to initialize the PBL array
Andreas Dilger (1):
ext4: check fast symlink for ea_inode correctly
André Draszik (1):
scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE
Andy Shevchenko (1):
Documentation: ACPI: Fix parent device references
Anshuman Khandual (1):
mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd()
Anthoine Bourgeois (1):
xen/netfront: Fix TX response spurious interrupts
Archana Patni (1):
scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers
Arnaud Lecomte (1):
jfs: upper bound check of tree index in dbAllocAG
Arnd Bergmann (1):
RDMA/core: reduce stack using in nldev_stat_get_doit()
Artem Sadovnikov (1):
vfio/mlx5: fix possible overflow in tracking max message size
Avraham Stern (1):
wifi: iwlwifi: mvm: fix scan request validation
Baihan Li (1):
drm/hisilicon/hibmc: fix the hibmc loaded failed bug
Baokun Li (4):
ext4: fix zombie groups in average fragment size lists
ext4: fix largest free orders lists corruption on mb_optimize_scan switch
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
ext4: preserve SB_I_VERSION on remount
Bartosz Golaszewski (2):
gpio: wcd934x: check the return value of regmap_update_bits()
gpio: tps65912: check the return value of regmap_update_bits()
Benjamin Berg (1):
wifi: mac80211: avoid lockdep checking when removing deflink
Benjamin Marzinski (1):
dm-table: fix checking for rq stackable devices
Benson Leung (1):
usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default
Bharat Bhushan (1):
crypto: octeontx2 - add timeout for load_fvc completion poll
Bingbu Cao (1):
media: hi556: correct the test pattern configuration
Bitterblue Smith (3):
wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB
wifi: rtw89: Fix rtw89_mac_power_switch() for USB
wifi: rtw89: Disable deep power saving for USB/SDIO
Bjorn Andersson (1):
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Bjorn Helgaas (1):
mmc: sdhci-pci-gli: Use PCI AER definitions, not hard-coded values
Boshi Yu (1):
RDMA/erdma: Fix ignored return value of init_kernel_qp
Breno Leitao (5):
ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path
arm64: Mark kernel as tainted on SAE and SError panic
ptp: Use ratelimite for freerun error message
ipmi: Use dev_warn_ratelimited() for incorrect message warnings
mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
Buday Csaba (1):
net: phy: smsc: add proper reset flags for LAN8710A
Cezary Rojewski (1):
ASoC: Intel: avs: Fix uninitialized pointer error in probe()
Chao Gao (2):
KVM: nVMX: Defer SVI update to vmcs01 on EOI when L2 is active w/o VID
KVM: VMX: Flush shadow VMCS on emergency reboot
Chao Yu (3):
f2fs: fix to do sanity check on ino and xnid
f2fs: fix to call clear_page_private_reference in .{release,invalid}_folio
f2fs: fix to avoid out-of-boundary access in dnode page
Cheick Traore (1):
pinctrl: stm32: Manage irq affinity settings
Chen Yu (1):
ACPI: pfr_update: Fix the driver update version check
Chen-Yu Tsai (1):
platform/chrome: cros_ec: Use per-device lockdep key
Chenyuan Yang (1):
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
Chris Mason (1):
sched/fair: Bump sd->max_newidle_lb_cost when newidle balance fails
Christoph Hellwig (2):
block: reject invalid operation in submit_bio_noacct
xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags
Christoph Paasch (1):
mptcp: drop skb if MPTCP skb extension allocation fails
Christophe Leroy (1):
ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop
Christopher Eby (1):
ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks
Corey Minyard (1):
ipmi: Fix strcpy source and destination the same
Cristian Ciocaltea (1):
ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros
Cynthia Huang (1):
selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t
Dai Ngo (1):
NFSD: detect mismatch of file handle and delegation stateid in OPEN op
Damien Le Moal (8):
ata: libata-sata: Disallow changing LPM state if not supported
scsi: mpt3sas: Correctly handle ATA device errors
scsi: mpi3mr: Correctly handle ATA device errors
ata: libata-scsi: Fix ata_to_sense_error() status handling
PCI: endpoint: Fix configfs group list head handling
PCI: endpoint: Fix configfs group removal on driver teardown
block: Make REQ_OP_ZONE_FINISH a write operation
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
Dan Carpenter (4):
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
media: gspca: Add bounds checking to firmware parser
scsi: qla4xxx: Prevent a potential error pointer dereference
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Dave Stevenson (3):
media: tc358743: Check I2C succeeded during probe
media: tc358743: Return an appropriate colorspace from tc358743_set_fmt
media: tc358743: Increase FIFO trigger level to 374
David Collins (1):
thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required
David Lechner (5):
iio: adc: ad_sigma_delta: don't overallocate scan buffer
iio: imu: bno055: fix OOB access of hw_xlate array
iio: adc: ad_sigma_delta: change to buffer predisable
iio: proximity: isl29501: fix buffered read on big-endian systems
iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read()
David Thompson (1):
gpio: mlxbf2: use platform_get_irq_optional()
Davide Caratti (1):
net/sched: ets: use old 'nbands' while purging unused classes
Edward Adam Davis (2):
jfs: Regular file corruption check
comedi: pcl726: Prevent invalid irq number
Eliav Farber (1):
pps: clients: gpio: fix interrupt handling order in remove path
Emily Deng (1):
drm/ttm: Should to return the evict error
Eric Biggers (4):
thunderbolt: Fix copy+paste error in match_service_id()
lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap
ipv6: sr: Fix MAC comparison to be constant-time
fscrypt: Don't use problematic non-inline crypto engines
Eric Dumazet (2):
net: add netdev_lockdep_set_classes() to virtual drivers
net_sched: sch_ets: implement lockless ets_dump()
Eric Work (1):
net: atlantic: add set_power to fw_ops for atl2 to fix wol
Evgeniy Harchenko (1):
ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6
Fedor Pchelkin (1):
netlink: avoid infinite retry looping in netlink_unicast()
Filipe Manana (6):
btrfs: abort transaction during log replay if walk_log_tree() failed
btrfs: fix log tree replay failure due to file with 0 links and extents
btrfs: fix qgroup reservation leak on failure to allocate ordered extent
btrfs: qgroup: fix race between quota disable and quota rescan ioctl
btrfs: abort transaction on unexpected eb generation at btrfs_copy_root()
btrfs: send: use fallocate for hole punching with send stream v2
Finn Thain (1):
m68k: Fix lost column on framebuffer debug console
Florian Larysch (1):
net: phy: micrel: fix KSZ8081/KSZ8091 cable test
Florian Westphal (2):
netfilter: ctnetlink: fix refcount leak on table dump
netfilter: nf_reject: don't leak dst refcount for loopback packets
Florin Leotescu (1):
hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state
Gabor Juhos (1):
mtd: spinand: propagate spinand_wait() errors from spinand_write_page()
Gal Pressman (1):
net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs
Gang Ba (1):
drm/amdgpu: Avoid extra evict-restore process.
Gautham R. Shenoy (1):
pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop()
Geliang Tang (1):
mptcp: disable add_addr retransmission when timeout is 0
Geraldo Nascimento (2):
PCI: rockchip: Use standard PCIe definitions
PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining
Giovanni Cabiddu (1):
crypto: qat - fix ring to service map for QAT GEN4
Gokul krishna Krishnakumar (1):
soc: qcom: mdt_loader: Enhance split binary detection
Greg Kroah-Hartman (1):
Linux 6.1.149
Gui-Dong Han (1):
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Haiyang Zhang (1):
hv_netvsc: Fix panic during namespace deletion with VF
Hangbin Liu (2):
bonding: update LACP activity flag after setting lacp_active
bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU
Hans Verkuil (1):
media: vivid: fix wrong pixel_array control size
Hans de Goede (1):
mei: bus: Check for still connected devices in mei_cl_bus_dev_release()
Haoran Jiang (1):
LoongArch: BPF: Fix jump offset calculation in tailcall
Haoxiang Li (1):
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
Harald Mommer (1):
gpio: virtio: Fix config space reading.
Hari Kalavakunta (1):
net: ncsi: Fix buffer overflow in fetching version id
Heiner Kallweit (1):
dpaa_eth: don't use fixed_phy_change_carrier
Helge Deller (1):
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
Herton R. Krzesinski (1):
mm/debug_vm_pgtable: clear page table entries at destroy_args()
Hiago De Franco (1):
remoteproc: imx_rproc: skip clock enable when M-core is managed by the SCU
Horatiu Vultur (1):
phy: mscc: Fix timestamping for vsc8584
Hsin-Te Yuan (1):
thermal: sysfs: Return ENODATA instead of EAGAIN for reads
Huacai Chen (1):
PCI: Extend isolated function probing to LoongArch
Ian Abbott (3):
comedi: fix race between polling and detaching
comedi: Make insn_rw_emulate_bits() do insn->n samples
comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()
Ido Schimmel (1):
mlxsw: spectrum: Forward packets with an IPv4 link-local source IP
Ilan Peer (1):
wifi: cfg80211: Fix interface type validation
Ilya Bakoulin (1):
drm/amd/display: Separate set_gsl from set_gsl_source_select
Imre Deak (1):
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Jack Xiao (1):
drm/amdgpu: fix incorrect vm flags to map bo
Jakub Acs (1):
net, hsr: reject HSR frame if skb can't hold tag
Jakub Kicinski (2):
uapi: in6: restore visibility of most IPv6 socket options
tls: fix handling of zero-length records on the rx_list
Jakub Ramaseuski (1):
net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM
Jan Beulich (1):
compiler: remove __ADDRESSABLE_ASM{_STR,}() again
Jan Kara (1):
udf: Verify partition map count
Jann Horn (1):
eventpoll: Fix semi-unbounded recursion
Jason Wang (1):
vhost: fail early when __vhost_add_used() fails
Jason Xing (1):
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Jay Chen (1):
usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command
Jean-Baptiste Maneyrol (1):
iio: imu: inv_icm42600: change invalid data error to -EBUSY
Jeff Layton (1):
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
Jiasheng Jiang (1):
scsi: lpfc: Remove redundant assignment to avoid memory leak
Jiayi Li (2):
ACPI: processor: perflib: Fix initial _PPC limit application
memstick: Fix deadlock by moving removing flag earlier
Jinjiang Tu (1):
mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
Johan Adolfsson (1):
leds: leds-lp50xx: Handle reg to get correct multi_index
Johan Hovold (11):
net: gianfar: fix device leak when querying time stamp info
net: mtk_eth_soc: fix device leak at probe
net: dpaa: fix device leak when querying time stamp info
usb: gadget: udc: renesas_usb3: fix device leak at unbind
usb: dwc3: meson-g12a: fix device leaks at unbind
wifi: ath11k: fix dest ring-buffer corruption
wifi: ath11k: fix source ring-buffer corruption
wifi: ath11k: fix dest ring-buffer corruption when ring is full
net: enetc: fix device and OF node leak at probe
usb: musb: omap2430: fix device leak at unbind
usb: dwc3: imx8mp: fix device leak at unbind
Johannes Berg (2):
wifi: cfg80211: reject HTC bit for management frames
wifi: mac80211: don't complete management TX on SAE commit
Johannes Thumshirn (1):
btrfs: zoned: use filesystem size not disk size for reclaim decision
John David Anglin (5):
parisc: Check region is readable by user in raw_copy_from_user()
parisc: Revise __get_user() to probe user read access
parisc: Revise gateway LWS calls to probe user read access
parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault()
parisc: Update comments in make_insert_tlb
John Garry (2):
scsi: aacraid: Stop using PCI_IRQ_AFFINITY
block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
Jon Hunter (1):
soc/tegra: pmc: Ensure power-domains are in a known state
Jonas Rebmann (1):
net: fec: allow disable coalescing
Jonathan Cameron (1):
iio: light: as73211: Ensure buffer holes are zeroed
Jonathan Santos (1):
iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement
Jordan Rhee (1):
gve: prevent ethtool ops after shutdown
Jorge Marques (1):
i3c: master: Initialize ret in i3c_i2c_notifier_call()
Jorge Ramirez-Ortiz (2):
media: venus: hfi: explicitly release IRQ during teardown
media: venus: protect against spurious interrupts during probe
Judith Mendez (1):
arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support
Justin Tee (1):
scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure
Kan Liang (1):
perf/x86/intel: Fix crash in icl_update_topdown_event()
Kees Cook (3):
arm64: Handle KCOV __init vs inline mismatches
platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches
iommu/amd: Avoid stack buffer overflow from kernel cmdline
Keith Busch (1):
vfio/type1: conditional rescheduling while pinning
Konrad Dybcio (1):
media: venus: Introduce accessors for remapped hfi_buffer_reqs members
Krzysztof Kozlowski (2):
dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints
dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints
Kuen-Han Tsai (1):
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Kuninori Morimoto (4):
ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed
ASoC: soc-dai.c: add missing flag check at snd_soc_pcm_dai_probe()
ASoC: soc-dai.h: merge DAI call back functions into ops
ASoC: fsl: merge DAI call back functions into ops
Kuniyuki Iwashima (1):
ipv6: mcast: Check inet6_dev->dead under idev->mc_lock in __ipv6_dev_mc_inc().
Laurentiu Mihalcea (1):
pwm: imx-tpm: Reset counter if CMOD is 0
Leon Romanovsky (1):
net/mlx5e: Properly access RCU protected qdisc_sleeping variable
Liao Yuanhong (1):
ext4: use kmalloc_array() for array space allocation
Lifeng Zheng (2):
cpufreq: Exit governor when failed to start old governor
PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store()
Lin.Cao (1):
drm/sched: Remove optimization that causes hang when killing dependent jobs
Lizhi Xu (2):
fs/ntfs3: Add sanity check for file name
jfs: truncate good inode pages when hard link is 0
Lorenzo Stoakes (4):
mm: drop the assumption that VM_SHARED always implies writable
mm: update memfd seal write check to include F_SEAL_WRITE
mm: reinstate ability to map write-sealed memfd mappings read-only
selftests/memfd: add test for mapping write-sealed memfd read-only
Lucy Thrun (1):
ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
Ludwig Disterhof (1):
media: usbtv: Lock resolution while streaming
Lukas Wunner (1):
PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports
Ma Ke (1):
sunvdc: Balance device refcount in vdc_port_mpgroup_check
Mael GUERIN (1):
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Marek Szyprowski (1):
zynq_fpga: use sgtable-based scatterlist wrappers
Marek Vasut (1):
usb: renesas-xhci: Fix External ROM access timeouts
Mario Limonciello (6):
usb: xhci: Avoid showing warnings for dying controller
usb: xhci: Avoid showing errors during surprise removal
drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual
drm/amd/display: Only finalize atomic_obj if it was initialized
drm/amd: Restore cached power limit during resume
drm/amd/display: Avoid a NULL pointer dereference
Mark Brown (2):
ASoC: hdac_hdmi: Rate limit logging on connection and disconnection
kselftest/arm64: Specify SVE data when testing VL set in sve-ptrace
Masahiro Yamada (2):
kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed()
kconfig: gconf: fix potential memory leak in renderer_edited()
Masami Hiramatsu (Google) (1):
selftests: tracing: Use mutex_unlock for testing glob filter
Mateusz Guzik (1):
apparmor: use the condition in AA_BUG_FMT even with debug disabled
Matt Johnston (1):
net: mctp: Prevent duplicate binds
Matthieu Baerts (NGI0) (2):
mptcp: pm: kernel: flush: do not reset ADD_ADDR limit
selftests: mptcp: pm: check flush doesn't reset limits
Maurizio Lombardi (1):
scsi: target: core: Generate correct identifiers for PR OUT transport IDs
Maxim Levitsky (3):
KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter
KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs
KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest
Meagan Lloyd (2):
rtc: ds1307: handle oscillator stop flag (OSF) for ds1341
rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe
Miao Li (1):
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
Miaoqian Lin (1):
most: core: Drop device reference after usage in get_channel()
Michael Walle (1):
mtd: spi-nor: Fix spi_nor_try_unlock_all()
Mikhail Lobanov (1):
wifi: mac80211: check basic rates validity in sta_link_apply_parameters
Mikulas Patocka (1):
dm-mpath: don't print the "loaded" message if registering fails
Mina Almasry (1):
netmem: fix skb_frag_address_safe with unreadable skbs
Minhong He (1):
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Myrrh Periwinkle (3):
usb: typec: ucsi: Update power_supply on power role change
vt: keyboard: Don't process Unicode characters in K_OFF mode
vt: defkeymap: Map keycodes above 127 to K_HOLE
Namjae Jeon (1):
ksmbd: extend the connection limiting mechanism to support IPv6
Naohiro Aota (1):
btrfs: zoned: do not remove unwritten non-data block group
Nathan Chancellor (3):
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS
NeilBrown (1):
smb/server: avoid deadlock when linking with ReplaceIfExists
Nianyao Tang (1):
arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 register
Nicolas Escande (1):
neighbour: add support for NUD_PERMANENT proxy entries
Niklas Söderlund (1):
media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control
Nitin Gote (1):
iosys-map: Fix undefined behavior in iosys_map_clear()
Ojaswin Mujoo (2):
ext4: fix fsmap end of range reporting with bigalloc
ext4: fix reserved gdt blocks handling in fsmap
Oliver Neukum (3):
usb: core: usb_submit_urb: downgrade type check
net: usb: cdc-ncm: check for filtering capability
cdc-acm: fix race between initial clearing halt and open
Oscar Maes (1):
net: ipv4: fix incorrect MTU in broadcast routes
Pagadala Yesu Anjaneyulu (1):
wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect
Pali Rohár (1):
cifs: Fix calling CIFSFindFirst() for root path without msearch
Paolo Abeni (3):
mptcp: make fallback action and fallback decision atomic
mptcp: plug races between subflow fail and subflow creation
mptcp: reset fallback status gracefully at disconnect() time
Paul E. McKenney (1):
rcu: Protect ->defer_qs_iw_pending from data race
Pavel Begunkov (1):
io_uring: don't use int for ABI
Pawan Gupta (1):
x86/bugs: Avoid warning when overriding return thunk
Peter Oberparleiter (3):
s390/sclp: Fix SCCB present check
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
s390/hypfs: Enable limited access during lockdown
Peter Robinson (1):
reset: brcmstb: Enable reset drivers for ARCH_BCM2835
Peter Ujfalusi (1):
ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()
Petr Pavlu (1):
module: Prevent silent truncation of module name in delete_module(2)
Phillip Lougher (1):
squashfs: fix memory leak in squashfs_fill_super
Prashant Malani (1):
cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag
Pu Lehui (1):
tracing: Limit access to parser->buffer when trace_get_user failed
Purva Yeshi (1):
md: dm-zoned-target: Initialize return variable r to avoid uninitialized use
Qingfang Deng (2):
net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path
ppp: fix race conditions in ppp_fill_forward_path
Qu Wenruo (2):
btrfs: do not allow relocation of partially dropped subvolumes
btrfs: populate otime when logging an inode item
Rafael J. Wysocki (2):
ACPI: processor: perflib: Move problematic pr->performance check
PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit()
Ramya Gnanasekar (1):
wifi: mac80211: update radar_required in channel context after channel switch
Rand Deeb (1):
wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd()
Randy Dunlap (2):
parisc: Makefile: fix a typo in palo.conf
parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers
Ranjan Kumar (4):
scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans
scsi: mpi3mr: Fix race between config read submit and interrupt completion
scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers
scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems
Ricardo Ribalda (3):
media: uvcvideo: Do not mark valid metadata as invalid
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
media: venus: venc: Clamp param smaller than 1fps and bigger than 240
Ricky Wu (1):
misc: rtsx: usb: Ensure mmc child device is active when card is present
Rob Clark (1):
drm/msm: use trylock for debugfs
Rong Zhang (1):
fs/ntfs3: correctly create symlink for relative path
Sabrina Dubroca (2):
udp: also consider secpath when evaluating ipsec use for checksumming
tls: separate no-async decryption request handling from async
Sakari Ailus (1):
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Salah Triki (1):
iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe()
Sarah Newman (1):
drbd: add missing kref_get in handle_write_conflicts
Sarthak Garg (1):
mmc: sdhci-msm: Ensure SD card power isn't ON when card removed
Sasha Levin (1):
fs: Prevent file descriptor table allocations exceeding INT_MAX
Sean Christopherson (19):
KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow
KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC)
KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update()
KVM: x86: Snapshot the host's DEBUGCTL in common x86
KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs
KVM: x86/pmu: Gate all "unimplemented MSR" prints on report_ignored_msrs
KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint
KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits
KVM: VMX: Handle forced exit due to preemption timer in fastpath
KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers
KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2
KVM: x86: Fully defer to vendor code to decide how to force immediate exit
KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap
KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
KVM: VMX: Extract checking of guest's DEBUGCTL into helper
KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer
x86/reboot: Harden virtualization hooks for emergency reboot
x86/reboot: KVM: Handle VMXOFF in KVM's reboot callback
Sebastian Ott (1):
ACPI: processor: fix acpi_object initialization
Sebastian Reichel (2):
watchdog: dw_wdt: Fix default timeout
usb: typec: fusb302: cache PD RX state
Selvarasu Ganesan (1):
usb: dwc3: Remove WARN_ON for device endpoint command timeouts
Sergey Bashirov (4):
pNFS: Fix stripe mapping in block/scsi layout
pNFS: Fix disk addr range check in block/scsi layout
pNFS: Handle RPC size limit for layoutcommits
pNFS: Fix uninited ptr deref in block/scsi layout
Sergey Shtylyov (1):
Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync()
Shankari Anand (1):
kconfig: nconf: Ensure null termination where strncpy is used
Shannon Nelson (1):
ionic: clean dbpage in de-init
Shengjiu Wang (1):
ASoC: fsl_sai: replace regmap_write with regmap_update_bits
Shiji Yang (2):
MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free}
MIPS: lantiq: falcon: sysctrl: fix request memory check logic
Showrya M N (1):
scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated
Shubhrajyoti Datta (1):
EDAC/synopsys: Clear the ECC counters on init
Shyam Prasad N (1):
cifs: reset iface weights when we cannot find a candidate
Sravan Kumar Gundu (1):
fbdev: Fix vmalloc out-of-bounds write in fast_imageblit
Stanislaw Gruszka (1):
wifi: iwlegacy: Check rate_idx range after addition
Stefan Metzmacher (1):
smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy()
Steve French (1):
smb3: fix for slab out of bounds on mount to ksmbd
Steven Rostedt (3):
ktest.pl: Prevent recursion of default variable options
ftrace: Also allocate and copy hash for reading of filter files
tracing: Remove unneeded goto out logic
Su Hui (1):
usb: xhci: print xhci->xhc_state when queue_command failed
Suchit Karunakaran (1):
kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c
Sumanth Gavini (1):
Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync
Sven Schnelle (2):
s390/time: Use monotonic clock in get_cycles()
s390/stp: Remove udelay from stp_sync_clock()
Takashi Iwai (5):
ALSA: usb-audio: Validate UAC3 power domain descriptors, too
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
ALSA: hda: Handle the jack polling always via a work
ALSA: hda: Disable jack polling at shutdown
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
Tetsuo Handa (1):
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
Theodore Ts'o (2):
ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
ext4: don't try to clear the orphan_present feature block device is r/o
Thomas Fourier (8):
et131x: Add missing check after DMA map
net: ag71xx: Add missing check after DMA map
(powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer
wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`.
powerpc: floppy: Add missing checks after DMA map
wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc()
mtd: rawnand: fsmc: Add missing check after DMA map
mtd: rawnand: renesas: Add missing check after DMA map
Thomas Weißschuh (5):
tools/nolibc: define time_t in terms of __kernel_old_time_t
tools/build: Fix s390(x) cross-compilation with clang
um: Re-evaluate thread flags repeatedly
MIPS: Don't crash in stack_top() for tasks without ABI or vDSO
kbuild: userprogs: use correct linker when mixing clang and GNU ld
Thorsten Blum (1):
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Tianxiang Peng (1):
x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper
Tim Harvey (1):
hwmon: (gsc-hwmon) fix fan pwm setpoint show functions
Timur Kristóf (6):
drm/amd/display: Don't overwrite dce60_clk_mgr
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
drm/amd/display: Fix DP audio DTO1 clock source on DCE 6.
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs
drm/amd/display: Don't overclock DCE 6 by 15%
Tomasz Michalec (2):
usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present
platform/chrome: cros_ec_typec: Defer probe on missing EC parent
Trond Myklebust (1):
NFS: Fix the setting of capabilities when automounting a new filesystem
Tvrtko Ursulin (1):
drm/ttm: Respect the shrinker core free target
Tzung-Bi Shih (2):
platform/chrome: cros_ec: remove unneeded label and if-condition
platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister()
Ulf Hansson (1):
mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode()
Uwe Kleine-König (3):
pwm: mediatek: Handle hardware enable and clock enable separately
pwm: mediatek: Fix duty and period setting
usb: musb: omap2430: Convert to platform remove callback returning void
ValdikSS (1):
igc: fix disabling L1.2 PCI-E link substate on I226 on init
Vasiliy Kovalev (1):
ALSA: hda/realtek: Fix headset mic on HONOR BRB-X
Vedang Nagar (2):
media: venus: Add a check for packet size after reading from shared memory
media: venus: Fix OOB read due to missing payload bound check
Viacheslav Dubeyko (4):
hfs: fix slab-out-of-bounds in hfs_bnode_read()
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
hfs: fix not erasing deleted b-tree node issue
Victor Shih (3):
mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency
mmc: sdhci-pci-gli: Add a new function to simplify the code
mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER
Vladimir Zapolskiy (1):
media: qcom: camss: cleanup media device allocated resource on error path
Waiman Long (2):
mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup()
cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key
Wang Liang (1):
net: bridge: fix soft lockup in br_multicast_query_expired()
Wang Zhaolong (1):
smb: client: remove redundant lstrp update in negotiate protocol
Wei Gao (1):
ext2: Handle fiemap on empty files to prevent EINVAL
Wen Chen (1):
drm/amd/display: Fix 'failed to blank crtc!'
Will Deacon (4):
vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page
vsock/virtio: Validate length in packet header before skb_put()
vhost/vsock: Avoid allocating arbitrarily-sized SKBs
KVM: arm64: Fix kernel BUG() due to bad backport of FPSIMD/SVE/SME fix
William Liu (2):
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
Willy Tarreau (1):
tools/nolibc: fix spelling of FD_SETBITMASK in FD_* macros
Wolfram Sang (3):
media: usb: hdpvr: disable zero-length read messages
i3c: add missing include to internal header
i3c: don't fail if GETHDRCAP is unsupported
Xinxin Wan (1):
ASoC: codecs: rt5640: Retry DEVICE_ID verification
Xinyu Liu (1):
usb: core: config: Prevent OOB read in SS endpoint companion parsing
Xu Yang (2):
net: usb: asix_devices: add phy_mask for ax88772 mdio bus
usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test
Xu Yilun (1):
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Yann E. MORIN (1):
kconfig: lxdialog: fix 'space' to (de)select options
Yazen Ghannam (1):
x86/mce/amd: Add default names for MCA banks and blocks
Ye Bin (1):
fs/buffer: fix use-after-free when call bh_read() helper
Yonghong Song (1):
selftests/bpf: Fix a user_ringbuf failure with arm64 64KB page size
Yongzhen Zhang (1):
fbdev: fix potential buffer overflow in do_register_framebuffer()
Youngjun Lee (1):
media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()
Youssef Samir (1):
bus: mhi: host: Detect events pointing to unexpected TREs
Yuichiro Tsuji (1):
net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization
Yunhui Cui (1):
serial: 8250: fix panic due to PSLVERR
Yury Norov [NVIDIA] (1):
RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()
Zenm Chen (1):
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Zhang Lixu (2):
iio: hid-sensor-prox: Restore lost scale assignments
iio: hid-sensor-prox: Fix incorrect OFFSET calculation
Zhang Shurong (1):
media: ov2659: Fix memory leaks in ov2659_probe()
Zhang Yi (1):
ext4: fix hole length calculation overflow in non-extent inodes
Zhiqi Song (1):
crypto: hisilicon/hpre - fix dma unmap sequence
Zhu Qiyu (1):
ACPI: PRM: Reduce unnecessary printing to avoid user confusion
Ziyan Fu (1):
watchdog: iTCO_wdt: Report error if timeout configuration fails
chenchangcheng (1):
media: uvcvideo: Fix bandwidth issue for Alcor camera
fangzhong.zhou (1):
i2c: Force DLL0945 touchpad i2c freq to 100khz
jackysliu (1):
scsi: bfa: Double-free fix
tuhaowen (1):
PM: sleep: console: Fix the black screen issue
zhangjianrong (2):
net: thunderbolt: Enable end-to-end flow control also in transmit
net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths()
Álvaro Fernández Rojas (5):
net: dsa: b53: fix b53_imp_vlan_setup for BCM5325
net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325
net: dsa: b53: prevent DIS_LEARNING access on BCM5325
net: dsa: b53: prevent SWITCH_CTRL access on BCM5325
net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325
2 weeks, 6 days
- 1
- 1
Linux 5.15.190
by Greg Kroah-Hartman
I'm announcing the release of the 5.15.190 kernel.
All users of the 5.15 kernel series must upgrade.
The updated 5.15.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/filesystems/f2fs.rst | 6
Documentation/firmware-guide/acpi/i2c-muxes.rst | 8
Documentation/memory-barriers.txt | 11
Documentation/networking/mptcp-sysctl.rst | 2
Makefile | 4
arch/alpha/include/asm/processor.h | 2
arch/alpha/kernel/process.c | 5
arch/arc/include/asm/processor.h | 2
arch/arc/kernel/stacktrace.c | 4
arch/arm/Makefile | 2
arch/arm/boot/dts/am335x-boneblack.dts | 2
arch/arm/boot/dts/imx6ul-kontron-n6x1x-s.dtsi | 1
arch/arm/boot/dts/vfxxx.dtsi | 2
arch/arm/include/asm/processor.h | 2
arch/arm/kernel/process.c | 4
arch/arm/mach-rockchip/platsmp.c | 15
arch/arm/mach-tegra/reset.c | 2
arch/arm64/boot/dts/freescale/imx8mm-beacon-som.dtsi | 2
arch/arm64/boot/dts/freescale/imx8mn-beacon-som.dtsi | 2
arch/arm64/include/asm/acpi.h | 2
arch/arm64/include/asm/processor.h | 2
arch/arm64/kernel/entry.S | 6
arch/arm64/kernel/fpsimd.c | 4
arch/arm64/kernel/process.c | 4
arch/arm64/kernel/traps.c | 1
arch/arm64/mm/fault.c | 1
arch/arm64/mm/ptdump_debugfs.c | 3
arch/csky/include/asm/processor.h | 2
arch/csky/kernel/stacktrace.c | 5
arch/h8300/include/asm/processor.h | 2
arch/h8300/kernel/process.c | 5
arch/hexagon/include/asm/processor.h | 2
arch/hexagon/kernel/process.c | 4
arch/ia64/include/asm/processor.h | 2
arch/ia64/kernel/process.c | 5
arch/m68k/Kconfig.debug | 2
arch/m68k/include/asm/processor.h | 2
arch/m68k/kernel/early_printk.c | 42 -
arch/m68k/kernel/head.S | 39 -
arch/m68k/kernel/process.c | 4
arch/microblaze/include/asm/processor.h | 2
arch/microblaze/kernel/process.c | 2
arch/mips/crypto/chacha-core.S | 20
arch/mips/include/asm/processor.h | 2
arch/mips/include/asm/vpe.h | 8
arch/mips/kernel/process.c | 24
arch/mips/mm/tlb-r4k.c | 56 +
arch/nds32/include/asm/processor.h | 2
arch/nds32/kernel/process.c | 7
arch/nios2/include/asm/processor.h | 2
arch/nios2/kernel/process.c | 5
arch/openrisc/include/asm/processor.h | 2
arch/openrisc/kernel/process.c | 2
arch/parisc/Makefile | 2
arch/parisc/include/asm/processor.h | 2
arch/parisc/kernel/process.c | 5
arch/powerpc/configs/ppc6xx_defconfig | 1
arch/powerpc/include/asm/processor.h | 2
arch/powerpc/kernel/eeh.c | 1
arch/powerpc/kernel/eeh_driver.c | 48 +
arch/powerpc/kernel/eeh_pe.c | 11
arch/powerpc/kernel/pci-hotplug.c | 3
arch/powerpc/kernel/process.c | 9
arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6
arch/riscv/include/asm/processor.h | 2
arch/riscv/kernel/stacktrace.c | 12
arch/s390/hypfs/hypfs_dbfs.c | 19
arch/s390/include/asm/processor.h | 2
arch/s390/include/asm/timex.h | 13
arch/s390/kernel/process.c | 4
arch/s390/kernel/time.c | 2
arch/s390/mm/dump_pagetables.c | 2
arch/sh/Makefile | 10
arch/sh/boot/compressed/Makefile | 4
arch/sh/boot/romimage/Makefile | 4
arch/sh/include/asm/processor_32.h | 2
arch/sh/kernel/process_32.c | 5
arch/sparc/include/asm/processor_32.h | 2
arch/sparc/include/asm/processor_64.h | 2
arch/sparc/kernel/process_32.c | 5
arch/sparc/kernel/process_64.c | 5
arch/um/drivers/rtc_user.c | 2
arch/um/include/asm/processor-generic.h | 2
arch/um/kernel/process.c | 5
arch/x86/include/asm/processor.h | 2
arch/x86/include/asm/xen/hypercall.h | 6
arch/x86/kernel/cpu/amd.c | 2
arch/x86/kernel/cpu/bugs.c | 5
arch/x86/kernel/cpu/hygon.c | 3
arch/x86/kernel/cpu/mce/amd.c | 13
arch/x86/kernel/process.c | 62 --
arch/x86/kvm/vmx/vmx.c | 5
arch/x86/mm/extable.c | 5
arch/xtensa/include/asm/processor.h | 2
arch/xtensa/kernel/process.c | 5
block/blk-settings.c | 2
drivers/acpi/acpi_processor.c | 2
drivers/acpi/apei/ghes.c | 2
drivers/acpi/prmt.c | 26
drivers/acpi/processor_idle.c | 4
drivers/acpi/processor_perflib.c | 11
drivers/ata/Kconfig | 35 -
drivers/ata/libata-sata.c | 5
drivers/ata/libata-scsi.c | 20
drivers/base/power/domain_governor.c | 18
drivers/base/power/runtime.c | 5
drivers/base/regmap/regmap.c | 2
drivers/block/drbd/drbd_receiver.c | 6
drivers/block/sunvdc.c | 4
drivers/bus/fsl-mc/fsl-mc-bus.c | 19
drivers/bus/mhi/host/boot.c | 8
drivers/bus/mhi/host/internal.h | 4
drivers/bus/mhi/host/main.c | 15
drivers/char/hw_random/mtk-rng.c | 4
drivers/char/ipmi/ipmi_msghandler.c | 8
drivers/char/ipmi/ipmi_watchdog.c | 59 +-
drivers/clk/clk-axi-clkgen.c | 2
drivers/clk/davinci/psc.c | 5
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3
drivers/clk/xilinx/xlnx_vcu.c | 4
drivers/comedi/comedi_fops.c | 66 +-
drivers/comedi/comedi_internal.h | 1
drivers/comedi/drivers.c | 43 -
drivers/comedi/drivers/aio_iiro_16.c | 3
drivers/comedi/drivers/comedi_test.c | 2
drivers/comedi/drivers/das16m1.c | 3
drivers/comedi/drivers/das6402.c | 3
drivers/comedi/drivers/pcl726.c | 3
drivers/comedi/drivers/pcl812.c | 3
drivers/cpufreq/armada-8k-cpufreq.c | 2
drivers/cpufreq/cppc_cpufreq.c | 2
drivers/cpufreq/cpufreq.c | 29
drivers/cpufreq/intel_pstate.c | 4
drivers/cpuidle/governors/menu.c | 21
drivers/crypto/ccp/ccp-debugfs.c | 3
drivers/crypto/hisilicon/hpre/hpre_crypto.c | 8
drivers/crypto/img-hash.c | 2
drivers/crypto/inside-secure/safexcel_hash.c | 8
drivers/crypto/keembay/keembay-ocs-hcu-core.c | 8
drivers/crypto/marvell/cesa/cipher.c | 4
drivers/crypto/marvell/cesa/hash.c | 5
drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 16
drivers/crypto/qat/qat_common/adf_transport_debug.c | 4
drivers/devfreq/devfreq.c | 10
drivers/devfreq/governor_userspace.c | 6
drivers/dma/mv_xor.c | 21
drivers/dma/nbpfaxi.c | 24
drivers/edac/synopsys_edac.c | 97 +--
drivers/fpga/zynq-fpga.c | 10
drivers/gpio/gpio-tps65912.c | 7
drivers/gpio/gpio-virtio.c | 9
drivers/gpio/gpio-wcd934x.c | 7
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3
drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2
drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1
drivers/gpu/drm/amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2
drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 -
drivers/gpu/drm/amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 -
drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11
drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6
drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 37 -
drivers/gpu/drm/drm_dp_helper.c | 2
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4
drivers/gpu/drm/msm/msm_gem.c | 3
drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9
drivers/gpu/drm/scheduler/sched_entity.c | 27
drivers/gpu/drm/ttm/ttm_pool.c | 8
drivers/gpu/drm/ttm/ttm_resource.c | 3
drivers/hid/hid-core.c | 19
drivers/hid/hid-magicmouse.c | 51 +
drivers/hwmon/corsair-cpro.c | 5
drivers/hwmon/gsc-hwmon.c | 4
drivers/i2c/busses/i2c-qup.c | 4
drivers/i2c/busses/i2c-stm32.c | 8
drivers/i2c/busses/i2c-stm32f7.c | 4
drivers/i2c/busses/i2c-virtio.c | 15
drivers/i2c/i2c-core-acpi.c | 1
drivers/i3c/internals.h | 1
drivers/i3c/master.c | 2
drivers/idle/intel_idle.c | 2
drivers/iio/adc/ad7768-1.c | 23
drivers/iio/adc/ad_sigma_delta.c | 4
drivers/iio/adc/max1363.c | 43 -
drivers/iio/adc/stm32-adc-core.c | 7
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 6
drivers/iio/light/as73211.c | 2
drivers/iio/light/hid-sensor-prox.c | 8
drivers/iio/pressure/bmp280-core.c | 9
drivers/iio/proximity/isl29501.c | 16
drivers/infiniband/core/cache.c | 4
drivers/infiniband/core/nldev.c | 22
drivers/infiniband/hw/bnxt_re/qplib_res.c | 2
drivers/infiniband/hw/hfi1/affinity.c | 44 -
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 15
drivers/infiniband/hw/mlx5/dm.c | 2
drivers/input/joystick/xpad.c | 2
drivers/input/keyboard/gpio_keys.c | 4
drivers/interconnect/qcom/sc7280.c | 1
drivers/iommu/amd/init.c | 4
drivers/leds/leds-lp50xx.c | 11
drivers/md/dm-ps-historical-service-time.c | 4
drivers/md/dm-ps-queue-length.c | 4
drivers/md/dm-ps-round-robin.c | 4
drivers/md/dm-ps-service-time.c | 4
drivers/md/dm-zoned-target.c | 2
drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3
drivers/media/dvb-frontends/dib7000p.c | 10
drivers/media/i2c/hi556.c | 26
drivers/media/i2c/ov2659.c | 3
drivers/media/i2c/tc358743.c | 86 +-
drivers/media/platform/qcom/camss/camss.c | 10
drivers/media/platform/qcom/venus/core.c | 21
drivers/media/platform/qcom/venus/core.h | 2
drivers/media/platform/qcom/venus/dbgfs.c | 9
drivers/media/platform/qcom/venus/dbgfs.h | 13
drivers/media/platform/qcom/venus/hfi_venus.c | 5
drivers/media/platform/qcom/venus/vdec.c | 5
drivers/media/platform/qcom/venus/venc.c | 5
drivers/media/usb/gspca/vicam.c | 10
drivers/media/usb/hdpvr/hdpvr-i2c.c | 6
drivers/media/usb/usbtv/usbtv-video.c | 4
drivers/media/usb/uvc/uvc_driver.c | 3
drivers/media/usb/uvc/uvc_video.c | 21
drivers/media/v4l2-core/v4l2-common.c | 8
drivers/media/v4l2-core/v4l2-ctrls-core.c | 9
drivers/memstick/core/memstick.c | 3
drivers/memstick/host/rtsx_usb_ms.c | 1
drivers/misc/cardreader/rtsx_usb.c | 16
drivers/mmc/host/bcm2835.c | 3
drivers/mmc/host/rtsx_usb_sdmmc.c | 4
drivers/mmc/host/sdhci-msm.c | 14
drivers/mmc/host/sdhci-pci-core.c | 3
drivers/mmc/host/sdhci-pci-gli.c | 4
drivers/mmc/host/sdhci_am654.c | 9
drivers/most/core.c | 2
drivers/mtd/ftl.c | 2
drivers/mtd/nand/raw/atmel/nand-controller.c | 2
drivers/mtd/nand/raw/atmel/pmecc.c | 6
drivers/mtd/nand/raw/fsmc_nand.c | 2
drivers/mtd/nand/raw/rockchip-nand-controller.c | 15
drivers/mtd/nand/spi/core.c | 5
drivers/net/bonding/bond_3ad.c | 25
drivers/net/bonding/bond_options.c | 1
drivers/net/can/kvaser_pciefd.c | 1
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1
drivers/net/dsa/b53/b53_common.c | 65 +-
drivers/net/dsa/b53/b53_regs.h | 2
drivers/net/ethernet/agere/et131x.c | 36 +
drivers/net/ethernet/aquantia/atlantic/aq_hw.h | 2
drivers/net/ethernet/aquantia/atlantic/hw_atl2/hw_atl2_utils_fw.c | 39 +
drivers/net/ethernet/atheros/ag71xx.c | 9
drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4
drivers/net/ethernet/emulex/benet/be_cmds.c | 2
drivers/net/ethernet/emulex/benet/be_main.c | 8
drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 2
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4
drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 15
drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c | 15
drivers/net/ethernet/freescale/enetc/enetc_pf.c | 14
drivers/net/ethernet/freescale/fec_main.c | 34 -
drivers/net/ethernet/freescale/gianfar_ethtool.c | 4
drivers/net/ethernet/google/gve/gve_adminq.c | 1
drivers/net/ethernet/google/gve/gve_main.c | 67 +-
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 36 -
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_ptp.c | 9
drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 6
drivers/net/ethernet/intel/e1000e/defines.h | 3
drivers/net/ethernet/intel/e1000e/ich8lan.c | 2
drivers/net/ethernet/intel/e1000e/nvm.c | 6
drivers/net/ethernet/intel/fm10k/fm10k.h | 3
drivers/net/ethernet/intel/i40e/i40e.h | 2
drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 3
drivers/net/ethernet/intel/i40e/i40e_main.c | 18
drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 4
drivers/net/ethernet/intel/ice/ice_flex_pipe.c | 2
drivers/net/ethernet/intel/igc/igc_main.c | 14
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4
drivers/net/ethernet/mellanox/mlx5/core/en.h | 24
drivers/net/ethernet/mellanox/mlx5/core/en/qos.c | 2
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 13
drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c | 4
drivers/net/ethernet/mellanox/mlx5/core/main.c | 3
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2
drivers/net/ethernet/mellanox/mlxsw/trap.h | 1
drivers/net/ethernet/xilinx/xilinx_emaclite.c | 2
drivers/net/hyperv/hyperv_net.h | 3
drivers/net/hyperv/netvsc_drv.c | 29
drivers/net/phy/dp83640.c | 6
drivers/net/phy/mscc/mscc.h | 12
drivers/net/phy/mscc/mscc_main.c | 12
drivers/net/phy/mscc/mscc_ptp.c | 50 +
drivers/net/phy/mscc/mscc_ptp.h | 1
drivers/net/phy/nxp-c45-tja11xx.c | 2
drivers/net/phy/smsc.c | 1
drivers/net/ppp/ppp_generic.c | 17
drivers/net/ppp/pptp.c | 18
drivers/net/thunderbolt.c | 8
drivers/net/usb/asix_devices.c | 1
drivers/net/usb/sierra_net.c | 4
drivers/net/usb/usbnet.c | 11
drivers/net/vrf.c | 2
drivers/net/wireless/ath/ath11k/hal.c | 25
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 8
drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2
drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11
drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2
drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4
drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2
drivers/net/wireless/marvell/mwl8k.c | 4
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3
drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2
drivers/net/wireless/realtek/rtlwifi/pci.c | 23
drivers/net/xen-netfront.c | 5
drivers/nvme/host/core.c | 4
drivers/pci/controller/pcie-rockchip-host.c | 2
drivers/pci/controller/vmd.c | 3
drivers/pci/endpoint/functions/pci-epf-vntb.c | 4
drivers/pci/endpoint/pci-ep-cfs.c | 1
drivers/pci/endpoint/pci-epf-core.c | 2
drivers/pci/hotplug/pnv_php.c | 233 +++++++
drivers/pci/pci-acpi.c | 4
drivers/pci/pci.c | 8
drivers/pci/probe.c | 2
drivers/phy/tegra/xusb-tegra186.c | 59 +-
drivers/pinctrl/mediatek/pinctrl-moore.c | 18
drivers/pinctrl/stm32/pinctrl-stm32.c | 1
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11
drivers/platform/chrome/cros_ec.c | 23
drivers/platform/chrome/cros_ec.h | 2
drivers/platform/chrome/cros_ec_i2c.c | 4
drivers/platform/chrome/cros_ec_lpc.c | 4
drivers/platform/chrome/cros_ec_spi.c | 4
drivers/platform/chrome/cros_ec_typec.c | 4
drivers/platform/x86/ideapad-laptop.c | 2
drivers/platform/x86/think-lmi.c | 27
drivers/platform/x86/thinkpad_acpi.c | 4
drivers/power/supply/cpcap-charger.c | 5
drivers/power/supply/max14577_charger.c | 4
drivers/powercap/intel_rapl_common.c | 23
drivers/pps/clients/pps-gpio.c | 5
drivers/pps/pps.c | 11
drivers/ptp/ptp_private.h | 5
drivers/ptp/ptp_vclock.c | 7
drivers/pwm/pwm-imx-tpm.c | 9
drivers/pwm/pwm-mediatek.c | 78 +-
drivers/regulator/core.c | 1
drivers/reset/Kconfig | 10
drivers/rtc/rtc-ds1307.c | 17
drivers/rtc/rtc-hym8563.c | 2
drivers/rtc/rtc-pcf85063.c | 2
drivers/rtc/rtc-pcf8563.c | 2
drivers/rtc/rtc-rv3028.c | 2
drivers/scsi/aacraid/comminit.c | 3
drivers/scsi/bfa/bfad_im.c | 1
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6
drivers/scsi/isci/request.c | 2
drivers/scsi/libiscsi.c | 3
drivers/scsi/lpfc/lpfc_debugfs.c | 1
drivers/scsi/lpfc/lpfc_scsi.c | 4
drivers/scsi/mpi3mr/mpi3mr.h | 6
drivers/scsi/mpi3mr/mpi3mr_fw.c | 17
drivers/scsi/mpi3mr/mpi3mr_os.c | 2
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 22
drivers/scsi/mvsas/mv_sas.c | 4
drivers/scsi/qla4xxx/ql4_os.c | 2
drivers/scsi/scsi_scan.c | 2
drivers/scsi/scsi_transport_sas.c | 60 +-
drivers/scsi/ufs/ufs-exynos.c | 4
drivers/scsi/ufs/ufshcd-pci.c | 42 +
drivers/scsi/ufs/ufshcd.c | 10
drivers/soc/aspeed/aspeed-lpc-snoop.c | 13
drivers/soc/qcom/mdt_loader.c | 41 +
drivers/soc/tegra/pmc.c | 51 -
drivers/soundwire/stream.c | 2
drivers/staging/fbtft/fbtft-core.c | 1
drivers/staging/media/imx/imx-media-csc-scaler.c | 2
drivers/staging/nvec/nvec_power.c | 2
drivers/target/target_core_fabric_lib.c | 63 +-
drivers/target/target_core_internal.h | 4
drivers/target/target_core_pr.c | 18
drivers/thermal/qcom/qcom-spmi-temp-alarm.c | 43 +
drivers/thermal/thermal_sysfs.c | 9
drivers/thunderbolt/domain.c | 2
drivers/thunderbolt/switch.c | 2
drivers/tty/serial/8250/8250_port.c | 3
drivers/tty/serial/pch_uart.c | 2
drivers/tty/vt/defkeymap.c_shipped | 112 +++
drivers/tty/vt/keyboard.c | 2
drivers/usb/atm/cxacru.c | 106 +--
drivers/usb/chipidea/ci.h | 18
drivers/usb/chipidea/udc.c | 10
drivers/usb/class/cdc-acm.c | 11
drivers/usb/core/config.c | 10
drivers/usb/core/hcd.c | 8
drivers/usb/core/hub.c | 60 +-
drivers/usb/core/hub.h | 1
drivers/usb/core/quirks.c | 1
drivers/usb/core/urb.c | 2
drivers/usb/dwc3/dwc3-imx8mp.c | 6
drivers/usb/dwc3/dwc3-meson-g12a.c | 3
drivers/usb/dwc3/dwc3-qcom.c | 7
drivers/usb/dwc3/ep0.c | 20
drivers/usb/dwc3/gadget.c | 19
drivers/usb/early/xhci-dbc.c | 4
drivers/usb/gadget/composite.c | 5
drivers/usb/gadget/configfs.c | 2
drivers/usb/gadget/udc/renesas_usb3.c | 1
drivers/usb/host/xhci-hub.c | 3
drivers/usb/host/xhci-mem.c | 24
drivers/usb/host/xhci-pci-renesas.c | 7
drivers/usb/host/xhci-ring.c | 19
drivers/usb/host/xhci.c | 24
drivers/usb/host/xhci.h | 3
drivers/usb/misc/apple-mfi-fastcharge.c | 24
drivers/usb/musb/musb_core.c | 62 +-
drivers/usb/musb/musb_core.h | 11
drivers/usb/musb/musb_debugfs.c | 6
drivers/usb/musb/musb_gadget.c | 30 -
drivers/usb/musb/musb_host.c | 6
drivers/usb/musb/musb_virthub.c | 18
drivers/usb/musb/omap2430.c | 16
drivers/usb/phy/phy-mxs-usb.c | 4
drivers/usb/serial/ftdi_sio.c | 2
drivers/usb/serial/ftdi_sio_ids.h | 3
drivers/usb/serial/option.c | 7
drivers/usb/storage/realtek_cr.c | 2
drivers/usb/storage/unusual_devs.h | 29
drivers/usb/typec/mux/intel_pmc_mux.c | 2
drivers/usb/typec/tcpm/fusb302.c | 8
drivers/usb/typec/tcpm/tcpm.c | 64 +-
drivers/usb/typec/ucsi/psy.c | 2
drivers/usb/typec/ucsi/ucsi.c | 1
drivers/usb/typec/ucsi/ucsi.h | 7
drivers/vhost/scsi.c | 4
drivers/vhost/vhost.c | 3
drivers/video/console/vgacon.c | 2
drivers/video/fbdev/core/fbcon.c | 9
drivers/video/fbdev/imxfb.c | 9
drivers/watchdog/dw_wdt.c | 2
drivers/watchdog/iTCO_wdt.c | 6
drivers/watchdog/sbsa_gwdt.c | 50 +
drivers/watchdog/ziirave_wdt.c | 3
drivers/xen/gntdev-common.h | 4
drivers/xen/gntdev.c | 71 +-
fs/btrfs/relocation.c | 19
fs/btrfs/tree-log.c | 53 +
fs/buffer.c | 2
fs/cifs/cifssmb.c | 10
fs/cifs/file.c | 10
fs/cifs/smb2ops.c | 7
fs/cifs/smbdirect.c | 14
fs/eventpoll.c | 60 +-
fs/ext2/inode.c | 12
fs/ext4/fsmap.c | 23
fs/ext4/indirect.c | 4
fs/ext4/inline.c | 19
fs/ext4/inode.c | 2
fs/ext4/mballoc.c | 33 -
fs/ext4/orphan.c | 5
fs/ext4/super.c | 2
fs/f2fs/extent_cache.c | 2
fs/f2fs/f2fs.h | 2
fs/f2fs/inode.c | 28
fs/f2fs/node.c | 10
fs/file.c | 90 +--
fs/hfs/bnode.c | 93 +++
fs/hfsplus/bnode.c | 92 +++
fs/hfsplus/extents.c | 3
fs/hfsplus/unicode.c | 7
fs/hfsplus/xattr.c | 6
fs/hugetlbfs/inode.c | 2
fs/isofs/inode.c | 9
fs/jbd2/checkpoint.c | 1
fs/jfs/file.c | 3
fs/jfs/inode.c | 2
fs/jfs/jfs_dmap.c | 10
fs/jfs/jfs_imap.c | 13
fs/ksmbd/smb2pdu.c | 16
fs/ksmbd/smb_common.c | 2
fs/ksmbd/transport_rdma.c | 97 +--
fs/libfs.c | 4
fs/namespace.c | 39 -
fs/nfs/blocklayout/blocklayout.c | 4
fs/nfs/blocklayout/dev.c | 5
fs/nfs/blocklayout/extent_tree.c | 20
fs/nfs/client.c | 44 +
fs/nfs/export.c | 11
fs/nfs/flexfilelayout/flexfilelayout.c | 26
fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6
fs/nfs/internal.h | 10
fs/nfs/nfs4client.c | 15
fs/nfs/nfs4proc.c | 12
fs/nfs/pnfs.c | 11
fs/nfsd/nfs4state.c | 34 -
fs/nilfs2/inode.c | 9
fs/ntfs3/dir.c | 3
fs/ntfs3/file.c | 5
fs/ntfs3/inode.c | 31 -
fs/orangefs/orangefs-debugfs.c | 8
fs/squashfs/super.c | 14
fs/udf/super.c | 13
include/asm-generic/barrier.h | 33 +
include/linux/bitmap.h | 2
include/linux/blk_types.h | 8
include/linux/compiler.h | 8
include/linux/cpuset.h | 17
include/linux/fs.h | 4
include/linux/fs_context.h | 2
include/linux/if_vlan.h | 6
include/linux/memfd.h | 14
include/linux/mlx5/device.h | 1
include/linux/mm.h | 80 +-
include/linux/mmzone.h | 22
include/linux/moduleparam.h | 5
include/linux/pci.h | 10
include/linux/platform_data/cros_ec_proto.h | 4
include/linux/pps_kernel.h | 1
include/linux/sched.h | 1
include/linux/skbuff.h | 31 +
include/linux/usb/usbnet.h | 1
include/linux/xarray.h | 15
include/net/bond_3ad.h | 1
include/net/cfg80211.h | 2
include/net/mac80211.h | 2
include/net/tc_act/tc_ctinfo.h | 6
include/net/udp.h | 24
include/sound/soc-dai.h | 13
include/uapi/linux/in6.h | 4
include/uapi/linux/io_uring.h | 2
kernel/bpf/helpers.c | 11
kernel/cgroup/cpuset.c | 23
kernel/events/core.c | 20
kernel/fork.c | 2
kernel/power/console.c | 7
kernel/rcu/tree_plugin.h | 3
kernel/sched/core.c | 19
kernel/sched/deadline.c | 4
kernel/sched/loadavg.c | 2
kernel/sched/rt.c | 6
kernel/sched/sched.h | 2
kernel/trace/ftrace.c | 19
kernel/trace/preemptirq_delay_test.c | 13
kernel/trace/trace.c | 33 -
kernel/trace/trace.h | 8
kernel/trace/trace_events.c | 5
kernel/ucount.c | 2
lib/bitmap.c | 13
mm/debug_vm_pgtable.c | 9
mm/filemap.c | 2
mm/hmm.c | 2
mm/kmemleak.c | 10
mm/madvise.c | 2
mm/memfd.c | 2
mm/memory-failure.c | 8
mm/mmap.c | 10
mm/page_alloc.c | 13
mm/ptdump.c | 2
mm/shmem.c | 2
mm/vmalloc.c | 17
mm/zsmalloc.c | 3
net/8021q/vlan.c | 42 +
net/8021q/vlan.h | 1
net/appletalk/aarp.c | 24
net/bluetooth/l2cap_core.c | 26
net/bluetooth/l2cap_sock.c | 3
net/bluetooth/smp.c | 21
net/bluetooth/smp.h | 1
net/bridge/br_multicast.c | 16
net/bridge/br_private.h | 2
net/bridge/br_switchdev.c | 3
net/caif/cfctrl.c | 294 ++++------
net/core/filter.c | 3
net/core/netpoll.c | 7
net/core/skmsg.c | 57 +
net/hsr/hsr_slave.c | 8
net/ipv4/netfilter/nf_reject_ipv4.c | 6
net/ipv4/route.c | 1
net/ipv4/tcp_input.c | 3
net/ipv4/udp_offload.c | 2
net/ipv6/addrconf.c | 7
net/ipv6/ip6_offload.c | 4
net/ipv6/mcast.c | 13
net/ipv6/netfilter/nf_reject_ipv6.c | 5
net/ipv6/rpl_iptunnel.c | 8
net/ipv6/seg6_hmac.c | 6
net/mac80211/cfg.c | 13
net/mac80211/mlme.c | 9
net/mac80211/tx.c | 10
net/mctp/af_mctp.c | 26
net/mptcp/options.c | 7
net/mptcp/pm_netlink.c | 14
net/mptcp/protocol.c | 17
net/mptcp/protocol.h | 11
net/mptcp/subflow.c | 20
net/ncsi/internal.h | 2
net/ncsi/ncsi-rsp.c | 1
net/netfilter/nf_conntrack_netlink.c | 24
net/netfilter/nf_tables_api.c | 4
net/netfilter/xt_nfacct.c | 4
net/netlink/af_netlink.c | 2
net/packet/af_packet.c | 39 -
net/phonet/pep.c | 2
net/sched/act_ctinfo.c | 19
net/sched/sch_cake.c | 14
net/sched/sch_codel.c | 5
net/sched/sch_drr.c | 7
net/sched/sch_ets.c | 46 -
net/sched/sch_fq_codel.c | 6
net/sched/sch_hfsc.c | 8
net/sched/sch_htb.c | 19
net/sched/sch_netem.c | 40 +
net/sched/sch_qfq.c | 40 -
net/sctp/input.c | 2
net/tls/tls_sw.c | 13
net/vmw_vsock/af_vsock.c | 3
net/wireless/mlme.c | 3
samples/mei/mei-amt-version.c | 2
scripts/kconfig/gconf.c | 8
scripts/kconfig/lxdialog/inputbox.c | 6
scripts/kconfig/lxdialog/menubox.c | 2
scripts/kconfig/nconf.c | 2
scripts/kconfig/nconf.gui.c | 1
scripts/kconfig/qconf.cc | 2
security/apparmor/include/match.h | 3
security/apparmor/match.c | 1
security/inode.c | 2
sound/core/pcm_native.c | 19
sound/pci/hda/patch_ca0132.c | 7
sound/pci/hda/patch_hdmi.c | 19
sound/pci/hda/patch_realtek.c | 3
sound/pci/intel8x0.c | 2
sound/soc/codecs/hdac_hdmi.c | 10
sound/soc/codecs/rt5640.c | 5
sound/soc/fsl/fsl_sai.c | 30 -
sound/soc/generic/audio-graph-card.c | 2
sound/soc/intel/boards/Kconfig | 2
sound/soc/soc-core.c | 28
sound/soc/soc-dai.c | 59 +-
sound/soc/soc-dapm.c | 4
sound/soc/soc-ops.c | 26
sound/usb/mixer_quirks.c | 14
sound/usb/mixer_scarlett_gen2.c | 8
sound/usb/stream.c | 25
sound/usb/validate.c | 14
sound/x86/intel_hdmi_audio.c | 2
tools/bpf/bpftool/net.c | 15
tools/include/linux/sched/mm.h | 2
tools/include/nolibc/std.h | 4
tools/perf/builtin-sched.c | 12
tools/perf/tests/bp_account.c | 1
tools/perf/util/evsel.c | 11
tools/perf/util/evsel.h | 2
tools/power/cpupower/utils/idle_monitor/mperf_monitor.c | 4
tools/testing/ktest/ktest.pl | 5
tools/testing/selftests/ftrace/test.d/event/subsystem-enable.tc | 28
tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc | 2
tools/testing/selftests/futex/include/futextest.h | 11
tools/testing/selftests/memfd/memfd_test.c | 43 +
tools/testing/selftests/net/mptcp/Makefile | 3
tools/testing/selftests/net/mptcp/mptcp_connect.c | 28
tools/testing/selftests/net/mptcp/mptcp_connect_checksum.sh | 5
tools/testing/selftests/net/mptcp/mptcp_connect_mmap.sh | 5
tools/testing/selftests/net/mptcp/mptcp_connect_sendfile.sh | 5
tools/testing/selftests/net/mptcp/mptcp_join.sh | 1
tools/testing/selftests/net/mptcp/pm_netlink.sh | 1
tools/testing/selftests/net/rtnetlink.sh | 6
tools/testing/selftests/net/udpgro.sh | 46 -
tools/testing/selftests/perf_events/.gitignore | 1
tools/testing/selftests/perf_events/Makefile | 2
tools/testing/selftests/perf_events/mmap.c | 236 ++++++++
tools/testing/selftests/syscall_user_dispatch/sud_test.c | 50 -
677 files changed, 6071 insertions(+), 2522 deletions(-)
Aaron Kling (1):
ARM: tegra: Use I/O memcpy to write to IRAM
Aaron Plattner (1):
watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition
Abdun Nihaal (2):
regmap: fix potential memory leak of regmap_bus
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Abinash Singh (1):
f2fs: fix KMSAN uninit-value in extent_info usage
Ada Couprie Diaz (1):
arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()
Adam Ford (2):
arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed
arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed
Aditya Garg (1):
HID: magicmouse: avoid setting up battery timer when not needed
Adrian Hunter (1):
scsi: ufs: ufs-pci: Fix default runtime and system PM levels
Al Viro (5):
clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns
better lockdep annotations for simple_recursive_removal()
securityfs: don't pin dentries twice, once is enough...
use uniform permission checks for all mount propagation changes
alloc_fdtable(): change calling conventions.
Albin Törnqvist (1):
arm: dts: ti: omap: Fixup pinheader typo
Alessandro Carminati (1):
regulator: core: fix NULL dereference on unbind due to stale coupling data
Alex Guo (2):
media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()
media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar
Alexander Gordeev (1):
mm/vmalloc: leave lazy MMU mode on PTE mapping error
Alexander Kochetkov (1):
ARM: rockchip: fix kernel hang during smp initialization
Alexander Wetzel (1):
wifi: mac80211: Don't call fq_flow_idx() for management frames
Alexander Wilhelm (1):
bus: mhi: host: Fix endianness of BHI vector table
Alok Tiwari (7):
thunderbolt: Fix bit masking in tb_dp_port_set_hops()
net: emaclite: Fix missing pointer increment in aligned_read()
staging: nvec: Fix incorrect null termination of battery manufacturer
ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4
be2net: Use correct byte order and format string for TCP seq and ack_seq
net: thunderx: Fix format-truncation warning in bgx_acpi_match_id()
gve: Return error for unknown admin queue command
Amir Mohammad Jahangirzad (1):
fs/orangefs: use snprintf() instead of sprintf()
Ammar Faizi (1):
net: usbnet: Fix the wrong netif_carrier_on() call
Anantha Prabhu (1):
RDMA/bnxt_re: Fix to initialize the PBL array
Andreas Dilger (1):
ext4: check fast symlink for ea_inode correctly
Andrew Jeffery (2):
soc: aspeed: lpc-snoop: Cleanup resources in stack-order
soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled
André Draszik (1):
scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE
Andy Shevchenko (2):
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Documentation: ACPI: Fix parent device references
Andy Yan (1):
drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed
Anna Schumaker (1):
NFS: Create an nfs4_server_set_init_caps() function
Annette Kobou (1):
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Anshuman Khandual (1):
mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd()
Anthoine Bourgeois (1):
xen/netfront: Fix TX response spurious interrupts
Archana Patni (1):
scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers
Arnaud Lecomte (1):
jfs: upper bound check of tree index in dbAllocAG
Arnd Bergmann (6):
ethernet: intel: fix building with large NR_CPUS
ASoC: Intel: fix SND_SOC_SOF dependencies
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
caif: reduce stack size, again
kernel: trace: preemptirq_delay_test: use offstack cpu mask
RDMA/core: reduce stack using in nldev_stat_get_doit()
Arun Raghavan (1):
ASoC: fsl_sai: Force a software reset when starting in consumer mode
Aruna Ramakrishna (1):
sched: Change nr_uninterruptible type to unsigned long
Avraham Stern (1):
wifi: iwlwifi: mvm: fix scan request validation
Baihan Li (1):
drm/hisilicon/hibmc: fix the hibmc loaded failed bug
Balamanikandan Gunasundar (1):
mtd: rawnand: atmel: set pmecc data setup time
Baokun Li (2):
ext4: fix largest free orders lists corruption on mb_optimize_scan switch
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
Bard Liao (1):
soundwire: stream: restore params when prepare ports fail
Bartosz Golaszewski (2):
gpio: wcd934x: check the return value of regmap_update_bits()
gpio: tps65912: check the return value of regmap_update_bits()
Ben Ben-Ishay (1):
net/mlx5e: Add support to klm_umr_wqe
Ben Hutchings (1):
sh: Do not use hyphen in exported variable name
Benjamin Coddington (1):
NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY
Benjamin Tissoires (3):
HID: core: ensure the allocated report buffer can contain the reserved report ID
HID: core: ensure __hid_request reserves the report ID as the first byte
HID: core: do not bypass hid_hw_raw_request
Benson Leung (1):
usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default
Bharat Bhushan (1):
crypto: octeontx2 - add timeout for load_fvc completion poll
Bingbu Cao (1):
media: hi556: correct the test pattern configuration
Bjorn Andersson (1):
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Brahmajit Das (1):
samples: mei: Fix building on musl libc
Breno Leitao (4):
ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path
arm64: Mark kernel as tainted on SAE and SError panic
ipmi: Use dev_warn_ratelimited() for incorrect message warnings
mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
Brian Masney (5):
rtc: ds1307: fix incorrect maximum clock rate handling
rtc: hym8563: fix incorrect maximum clock rate handling
rtc: pcf85063: fix incorrect maximum clock rate handling
rtc: pcf8563: fix incorrect maximum clock rate handling
rtc: rv3028: fix incorrect maximum clock rate handling
Buday Csaba (1):
net: phy: smsc: add proper reset flags for LAN8710A
Budimir Markovic (1):
vsock: Do not allow binding to VMADDR_PORT_ANY
Chao Gao (1):
KVM: VMX: Flush shadow VMCS on emergency reboot
Chao Yu (6):
f2fs: doc: fix wrong quota mount option description
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
f2fs: fix to avoid panic in f2fs_evict_inode
f2fs: fix to avoid out-of-boundary access in devs.path
f2fs: fix to do sanity check on ino and xnid
f2fs: fix to avoid out-of-boundary access in dnode page
Charalampos Mitrodimas (1):
usb: misc: apple-mfi-fastcharge: Make power supply names unique
Charles Han (2):
power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Cheick Traore (1):
pinctrl: stm32: Manage irq affinity settings
Chen Ni (1):
iio: adc: stm32-adc: Fix race in installing chained IRQ handler
Chen-Yu Tsai (1):
platform/chrome: cros_ec: Use per-device lockdep key
Chenyuan Yang (2):
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
Christoph Paasch (3):
net/mlx5: Correctly set gso_size when LRO is used
net/mlx5: Correctly set gso_segs when LRO is used
mptcp: drop skb if MPTCP skb extension allocation fails
Christophe Leroy (1):
ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop
Clément Le Goffic (1):
i2c: stm32: fix the device used for the DMA map
Cong Wang (6):
sch_htb: make htb_qlen_notify() idempotent
sch_hfsc: make hfsc_qlen_notify() idempotent
sch_qfq: make qfq_qlen_notify() idempotent
sch_drr: make drr_qlen_notify() idempotent
codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
sch_htb: make htb_deactivate() idempotent
Corey Minyard (1):
ipmi: Fix strcpy source and destination the same
Cristian Ciocaltea (1):
ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros
Cynthia Huang (1):
selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t
Dai Ngo (1):
NFSD: detect mismatch of file handle and delegation stateid in OPEN op
Damien Le Moal (7):
ata: libata-sata: Disallow changing LPM state if not supported
scsi: mpt3sas: Correctly handle ATA device errors
ata: libata-scsi: Fix ata_to_sense_error() status handling
PCI: endpoint: Fix configfs group list head handling
PCI: endpoint: Fix configfs group removal on driver teardown
block: Make REQ_OP_ZONE_FINISH a write operation
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
Dan Carpenter (7):
dmaengine: nbpfaxi: Fix memory corruption in probe()
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
fs/orangefs: Allow 2 more characters in do_c_string()
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
media: gspca: Add bounds checking to firmware parser
scsi: qla4xxx: Prevent a potential error pointer dereference
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Daniel Dadap (1):
ALSA: hda: Add missing NVIDIA HDA codec IDs
Daniil Dulov (1):
wifi: rtl818x: Kill URBs before clearing tx status queue
Dave Hansen (1):
x86/fpu: Delay instruction pointer fixup until after warning
Dave Stevenson (3):
media: tc358743: Check I2C succeeded during probe
media: tc358743: Return an appropriate colorspace from tc358743_set_fmt
media: tc358743: Increase FIFO trigger level to 374
David Collins (1):
thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required
David Lechner (2):
iio: proximity: isl29501: fix buffered read on big-endian systems
iio: adc: ad_sigma_delta: change to buffer predisable
Davide Caratti (2):
net/sched: sch_ets: properly init all active DRR list handles
net/sched: ets: use old 'nbands' while purging unused classes
Dawid Rezler (1):
ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx
Denis OSTERLAND-HEIM (1):
pps: fix poll support
Dennis Chen (1):
i40e: report VF tx_dropped with tx_errors instead of tx_discards
Dikshita Agarwal (1):
media: venus: Add support for SSR trigger using fault injection
Dmitry Antipov (1):
jfs: reject on-disk inodes of an unsupported type
Dmitry Vyukov (1):
selftests: Fix errno checking in syscall_user_dispatch test
Dong Chenchen (1):
net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime
Drew Hamilton (1):
usb: musb: fix gadget state on disconnect
Edson Juliano Drosdeck (1):
mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models
Edward Adam Davis (2):
jfs: Regular file corruption check
comedi: pcl726: Prevent invalid irq number
Eliav Farber (1):
pps: clients: gpio: fix interrupt handling order in remove path
Emily Deng (1):
drm/ttm: Should to return the evict error
Eric Biggers (3):
thunderbolt: Fix copy+paste error in match_service_id()
lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap
ipv6: sr: Fix MAC comparison to be constant-time
Eric Dumazet (5):
net_sched: act_ctinfo: use atomic64_t for three counters
pptp: ensure minimal skb length in pptp_xmit()
ipv6: reject malicious packets in ipv6_gso_segment()
pptp: fix pptp_xmit() error path
net_sched: sch_ets: implement lockless ets_dump()
Eric Work (1):
net: atlantic: add set_power to fw_ops for atl2 to fix wol
Evgeniy Harchenko (1):
ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6
Fabio Estevam (2):
iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[]
iio: adc: max1363: Reorder mode_list[] entries
Fabio Porcedda (1):
USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition
Fabrice Gasnier (1):
Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT
Fedor Pchelkin (3):
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
netfilter: nf_tables: adjust lockdep assertions handling
netlink: avoid infinite retry looping in netlink_unicast()
Feng Tang (1):
mm/page_alloc: detect allocation forbidden by cpuset and bail out early
Filipe Manana (1):
btrfs: fix log tree replay failure due to file with 0 links and extents
Finn Thain (2):
m68k: Don't unregister boot console needlessly
m68k: Fix lost column on framebuffer debug console
Florian Westphal (4):
netfilter: xt_nfacct: don't assume acct name is null-terminated
netfilter: ctnetlink: fix refcount leak on table dump
selftests: mptcp: make sendfile selftest work
netfilter: nf_reject: don't leak dst refcount for loopback packets
Gabor Juhos (1):
mtd: spinand: propagate spinand_wait() errors from spinand_write_page()
Gal Pressman (1):
net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs
Gautham R. Shenoy (1):
pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop()
Geliang Tang (2):
mptcp: drop unused sk in mptcp_push_release
mptcp: disable add_addr retransmission when timeout is 0
Geoffrey D. Bennett (1):
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Giovanni Cabiddu (1):
crypto: qat - fix seq_file position update in adf_ring_next()
Gokul Sivakumar (1):
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Greg Kroah-Hartman (2):
Revert "vmci: Prevent the dispatching of uninitialized payloads"
Linux 5.15.190
Gui-Dong Han (1):
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Haiyang Zhang (1):
hv_netvsc: Fix panic during namespace deletion with VF
Hangbin Liu (2):
selftests: udpgro: report error when receive failed
bonding: update LACP activity flag after setting lacp_active
Hans Zhang (1):
PCI: rockchip-host: Fix "Unexpected Completion" log message
Haoxiang Li (2):
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
ice: Fix a null pointer dereference in ice_copy_and_init_pkg()
Harald Mommer (1):
gpio: virtio: Fix config space reading.
Hari Kalavakunta (1):
net: ncsi: Fix buffer overflow in fetching version id
Harry Yoo (1):
mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n
Heiner Kallweit (1):
dpaa_eth: don't use fixed_phy_change_carrier
Helge Deller (1):
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
Henry Martin (1):
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Herbert Xu (1):
crypto: marvell/cesa - Fix engine load inaccuracy
Herton R. Krzesinski (1):
mm/debug_vm_pgtable: clear page table entries at destroy_args()
Horatiu Vultur (2):
phy: mscc: Fix parsing of unicast frames
phy: mscc: Fix timestamping for vsc8584
Hsin-Te Yuan (1):
thermal: sysfs: Return ENODATA instead of EAGAIN for reads
Ian Abbott (12):
comedi: pcl812: Fix bit shift out of bounds
comedi: aio_iiro_16: Fix bit shift out of bounds
comedi: das16m1: Fix bit shift out of bounds
comedi: das6402: Fix bit shift out of bounds
comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large
comedi: Fix some signed shift left operations
comedi: Fix use of uninitialized data in insn_rw_emulate_bits()
comedi: Fix initialization of data for instructions that write to subdevice
comedi: comedi_test: Fix possible deletion of uninitialized timers
comedi: fix race between polling and detaching
comedi: Make insn_rw_emulate_bits() do insn->n samples
comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()
Ido Schimmel (1):
mlxsw: spectrum: Forward packets with an IPv4 link-local source IP
Ilan Peer (1):
wifi: cfg80211: Fix interface type validation
Ilya Bakoulin (1):
drm/amd/display: Separate set_gsl from set_gsl_source_select
Imre Deak (1):
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Ivan Stepchenko (1):
mtd: fix possible integer overflow in erase_xfer()
Jacek Kowalski (2):
e1000e: disregard NVM checksum on tgp when valid checksum bit is not set
e1000e: ignore uninitialized checksum word on tgp
Jack Xiao (1):
drm/amdgpu: fix incorrect vm flags to map bo
Jakub Acs (1):
net, hsr: reject HSR frame if skb can't hold tag
Jakub Kicinski (2):
netpoll: prevent hanging NAPI when netcons gets enabled
uapi: in6: restore visibility of most IPv6 socket options
James Cowgill (1):
media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check
Jan Beulich (1):
compiler: remove __ADDRESSABLE_ASM{_STR,}() again
Jan Kara (2):
isofs: Verify inode mode when loading from disk
udf: Verify partition map count
Jann Horn (1):
eventpoll: Fix semi-unbounded recursion
Jason Wang (1):
vhost: fail early when __vhost_add_used() fails
Jason Xing (1):
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Jay Chen (1):
usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command
Jean-Baptiste Maneyrol (1):
iio: imu: inv_icm42600: change invalid data error to -EBUSY
Jeff Layton (1):
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
Jeongjun Park (1):
ptp: prevent possible ABBA deadlock in ptp_clock_freerun()
Jerome Brunet (1):
PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails
Jian Shen (2):
net: hns3: fix concurrent setting vlan filter issue
net: hns3: fixed vf get max channels bug
Jiasheng Jiang (2):
iwlwifi: Add missing check for alloc_ordered_workqueue
scsi: lpfc: Remove redundant assignment to avoid memory leak
Jiaxun Yang (1):
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Jiayi Li (2):
ACPI: processor: perflib: Fix initial _PPC limit application
memstick: Fix deadlock by moving removing flag earlier
Jiayuan Chen (3):
bpf, sockmap: Fix panic when calling skb_linearize
bpf, sockmap: Fix psock incorrectly pointing to sk
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Jimmy Assarsson (2):
can: kvaser_pciefd: Store device channel index
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Jinjiang Tu (1):
mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
Johan Adolfsson (1):
leds: leds-lp50xx: Handle reg to get correct multi_index
Johan Hovold (9):
net: gianfar: fix device leak when querying time stamp info
net: dpaa: fix device leak when querying time stamp info
usb: gadget: udc: renesas_usb3: fix device leak at unbind
usb: dwc3: meson-g12a: fix device leaks at unbind
wifi: ath11k: fix source ring-buffer corruption
net: enetc: fix device and OF node leak at probe
usb: musb: omap2430: fix device leak at unbind
usb: dwc3: imx8mp: fix device leak at unbind
wifi: ath11k: fix dest ring-buffer corruption when ring is full
Johan Korsnes (1):
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
Johannes Berg (2):
wifi: cfg80211: reject HTC bit for management frames
wifi: mac80211: don't complete management TX on SAE commit
John Ernberg (1):
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
John Garry (2):
scsi: aacraid: Stop using PCI_IRQ_AFFINITY
block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
Jon Hunter (1):
soc/tegra: pmc: Ensure power-domains are in a known state
Jonas Rebmann (1):
net: fec: allow disable coalescing
Jonathan Cameron (1):
iio: light: as73211: Ensure buffer holes are zeroed
Jonathan Santos (1):
iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement
Jorge Ramirez-Ortiz (2):
media: venus: hfi: explicitly release IRQ during teardown
media: venus: protect against spurious interrupts during probe
Joseph Huang (1):
net: bridge: Do not offload IGMP/MLD messages
Judith Mendez (1):
mmc: sdhci_am654: Workaround for Errata i2312
Juergen Gross (1):
xen/gntdev: remove struct gntdev_copy_batch from stack
Junxian Huang (1):
RDMA/hns: Fix -Wframe-larger-than issue
Juri Lelli (1):
sched/deadline: Fix accounting after global limits change
Justin Tee (1):
scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure
Kees Cook (4):
sched: Add wrapper for get_wchan() to keep task blocked
arm64: Handle KCOV __init vs inline mismatches
platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches
iommu/amd: Avoid stack buffer overflow from kernel cmdline
Kefeng Wang (1):
asm-generic: Add memory barrier dma_mb()
Kito Xu (veritas501) (1):
net: appletalk: Fix use-after-free in AARP proxy probe
Konstantin Komarov (1):
Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
Krishna Kurapati (1):
usb: dwc3: qcom: Don't leave BCR asserted
Krzysztof Kozlowski (1):
ARM: dts: vfxxx: Correctly use two tuples for timer address
Kuen-Han Tsai (1):
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Kuninori Morimoto (4):
ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask()
ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed
ASoC: soc-dai.c: add missing flag check at snd_soc_pcm_dai_probe()
ASoC: soc-dai.h: merge DAI call back functions into ops
Kuniyuki Iwashima (3):
rpl: Fix use-after-free in rpl_do_srh_inline().
Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()
ipv6: mcast: Check inet6_dev->dead under idev->mc_lock in __ipv6_dev_mc_inc().
Kurt Borja (1):
platform/x86: think-lmi: Fix kobject cleanup
Laurentiu Mihalcea (1):
pwm: imx-tpm: Reset counter if CMOD is 0
Len Brown (1):
intel_idle: Allow loading ACPI tables for any family
Leo Yan (1):
perf tests bp_account: Fix leaked file descriptor
Leon Romanovsky (1):
net/mlx5e: Properly access RCU protected qdisc_sleeping variable
Li Zhong (1):
ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value
Liao Yuanhong (1):
ext4: use kmalloc_array() for array space allocation
Lifeng Zheng (5):
PM / devfreq: Check governor before using governor->name
cpufreq: Initialize cpufreq-based frequency-invariance later
cpufreq: Init policy->rwsem before it may be possibly used
cpufreq: Exit governor when failed to start old governor
PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store()
Lin.Cao (1):
drm/sched: Remove optimization that causes hang when killing dependent jobs
Lizhi Xu (3):
vmci: Prevent the dispatching of uninitialized payloads
fs/ntfs3: Add sanity check for file name
jfs: truncate good inode pages when hard link is 0
Lorenzo Stoakes (5):
selftests/perf_events: Add a mmap() correctness test
mm: drop the assumption that VM_SHARED always implies writable
mm: update memfd seal write check to include F_SEAL_WRITE
mm: reinstate ability to map write-sealed memfd mappings read-only
selftests/memfd: add test for mapping write-sealed memfd read-only
Lucas De Marchi (1):
usb: early: xhci-dbc: Fix early_ioremap leak
Lucy Thrun (1):
ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
Ludwig Disterhof (1):
media: usbtv: Lock resolution while streaming
Luiz Augusto von Dentz (3):
Bluetooth: SMP: If an unallowed command is received consider it a failure
Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout
Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU
Lukas Wunner (1):
PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports
Ma Ke (4):
bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint()
dpaa2-eth: Fix device reference count leak in MAC endpoint handling
dpaa2-switch: Fix device reference count leak in MAC endpoint handling
sunvdc: Balance device refcount in vdc_port_mpgroup_check
Maciej W. Rozycki (1):
powerpc/eeh: Rely on dev->link_active_reporting
Mael GUERIN (1):
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Manivannan Sadhasivam (1):
PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute
Maor Gottlieb (1):
RDMA/core: Rate limit GID cache warning messages
Marco Elver (1):
locking/barriers, kcsan: Support generic instrumentation
Marek Szyprowski (1):
zynq_fpga: use sgtable-based scatterlist wrappers
Marek Vasut (1):
usb: renesas-xhci: Fix External ROM access timeouts
Mario Limonciello (5):
usb: xhci: Avoid showing warnings for dying controller
usb: xhci: Avoid showing errors during surprise removal
drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual
drm/amd: Restore cached power limit during resume
drm/amd/display: Avoid a NULL pointer dereference
Marius Zachmann (1):
hwmon: (corsair-cpro) Validate the size of the received input buffer
Mark Brown (1):
ASoC: hdac_hdmi: Rate limit logging on connection and disconnection
Martin Kaistra (1):
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
Masahiro Yamada (3):
kconfig: qconf: fix ConfigList::updateListAllforAll()
kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed()
kconfig: gconf: fix potential memory leak in renderer_edited()
Masami Hiramatsu (Google) (1):
selftests: tracing: Use mutex_unlock for testing glob filter
Mat Martineau (1):
selftests: mptcp: Initialize variables to quiet gcc 12 warnings
Mathias Nyman (5):
usb: hub: fix detection of high tier USB3 devices behind suspended hubs
usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm
usb: hub: Fix flushing of delayed work used for post resume purposes
usb: hub: avoid warm port reset during USB3 disconnect
usb: hub: Don't try to recover devices lost during warm reset.
Matt Johnston (1):
net: mctp: Prevent duplicate binds
Matthew Wilcox (Oracle) (1):
XArray: Add calls to might_alloc()
Matthieu Baerts (1):
selftests: mptcp: add missing join check
Matthieu Baerts (NGI0) (4):
mptcp: pm: kernel: flush: do not reset ADD_ADDR limit
selftests: mptcp: connect: also cover alt modes
selftests: mptcp: connect: also cover checksum
selftests: mptcp: pm: check flush doesn't reset limits
Maulik Shah (1):
pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov
Maurizio Lombardi (1):
scsi: target: core: Generate correct identifiers for PR OUT transport IDs
Meagan Lloyd (2):
rtc: ds1307: handle oscillator stop flag (OSF) for ds1341
rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe
Mengbiao Xiong (1):
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Miao Li (1):
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
Miaoqian Lin (1):
most: core: Drop device reference after usage in get_channel()
Michael Grzeschik (2):
usb: typec: tcpm: allow to use sink in accessory mode
usb: typec: tcpm: allow switching to mode accessory to mux properly
Michael Zhivich (1):
x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
Michal Schmidt (1):
benet: fix BUG when creating VFs
Mike Christie (1):
vhost-scsi: Fix log flooding with target does not exist errors
Mikhail Lobanov (1):
wifi: mac80211: check basic rates validity in sta_link_apply_parameters
Mikulas Patocka (1):
dm-mpath: don't print the "loaded" message if registering fails
Mina Almasry (1):
netmem: fix skb_frag_address_safe with unreadable skbs
Minhong He (1):
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Myrrh Periwinkle (3):
usb: typec: ucsi: Update power_supply on power role change
vt: keyboard: Don't process Unicode characters in K_OFF mode
vt: defkeymap: Map keycodes above 127 to K_HOLE
Namhyung Kim (1):
perf sched: Fix memory leaks for evsel->priv in timehist
Nathan Chancellor (5):
phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in pep_sock_accept()
memstick: core: Zero initialize id_reg in h_memstick_read_dev_id()
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS
NeilBrown (1):
smb/server: avoid deadlock when linking with ReplaceIfExists
Niklas Söderlund (1):
media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control
Nilton Perim Neto (1):
Input: xpad - set correct controller type for Acer NGR200
Nirmal Patel (1):
PCI: vmd: Assign VMD IRQ domain before enumeration
Nuno Sá (1):
clk: clk-axi-clkgen: fix fpfd_max frequency for zynq
Ojaswin Mujoo (2):
ext4: fix fsmap end of range reporting with bigalloc
ext4: fix reserved gdt blocks handling in fsmap
Olga Kornievskaia (1):
NFSv4.2: another fix for listxattr
Oliver Neukum (3):
usb: net: sierra: check for no status endpoint
usb: core: usb_submit_urb: downgrade type check
cdc-acm: fix race between initial clearing halt and open
Oscar Maes (1):
net: ipv4: fix incorrect MTU in broadcast routes
Ovidiu Panait (1):
hwrng: mtk - handle devm_pm_runtime_enable errors
Pagadala Yesu Anjaneyulu (1):
wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect
Pali Rohár (1):
cifs: Fix calling CIFSFindFirst() for root path without msearch
Paolo Abeni (4):
selftests: net: increase inter-packet timeout in udpgro.sh
mptcp: fix error mibs accounting
mptcp: introduce MAPPING_BAD_CSUM
mptcp: do not queue data on closed subflows
Paul Cercueil (1):
usb: musb: Add and use inline functions musb_{get,set}_state
Paul Chaignon (2):
bpf: Reject %p% format string in bprintf-like helpers
bpf: Check flow_dissector ctx accesses are aligned
Paul E. McKenney (1):
rcu: Protect ->defer_qs_iw_pending from data race
Paul Kocialkowski (1):
clk: sunxi-ng: v3s: Fix de clock definition
Pavel Begunkov (1):
io_uring: don't use int for ABI
Pawan Gupta (1):
x86/bugs: Avoid warning when overriding return thunk
Peter Oberparleiter (2):
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
s390/hypfs: Enable limited access during lockdown
Peter Robinson (1):
reset: brcmstb: Enable reset drivers for ARCH_BCM2835
Peter Ujfalusi (1):
ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()
Peter Zijlstra (2):
x86: Fix __get_wchan() for !STACKTRACE
x86: Pin task-stack in __get_wchan()
Petr Pavlu (1):
module: Restore the moduleparam prefix length check
Phillip Lougher (1):
squashfs: fix memory leak in squashfs_fill_super
Prashant Malani (1):
cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag
Praveen Kaligineedi (1):
gve: Fix stuck TX queue for DQ queue format
Pu Lehui (1):
tracing: Limit access to parser->buffer when trace_get_user failed
Purva Yeshi (1):
md: dm-zoned-target: Initialize return variable r to avoid uninitialized use
Qi Zheng (1):
x86: Fix get_wchan() to support the ORC unwinder
Qingfang Deng (1):
ppp: fix race conditions in ppp_fill_forward_path
Qu Wenruo (2):
btrfs: do not allow relocation of partially dropped subvolumes
btrfs: populate otime when logging an inode item
Quang Le (1):
net/packet: fix a race in packet_set_ring() and packet_notifier()
RD Babiera (1):
usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach
Rafael J. Wysocki (4):
cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode
ACPI: processor: perflib: Move problematic pr->performance check
cpuidle: governors: menu: Avoid using invalid recent intervals data
PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit()
Rand Deeb (1):
wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd()
Randy Dunlap (1):
parisc: Makefile: fix a typo in palo.conf
Ranjan Kumar (4):
scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans
scsi: mpi3mr: Fix race between config read submit and interrupt completion
scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers
scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems
Remi Pommarel (2):
wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key()
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Ricardo Ribalda (3):
media: uvcvideo: Do not mark valid metadata as invalid
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
media: venus: venc: Clamp param smaller than 1fps and bigger than 240
Ricky Wu (1):
misc: rtsx: usb: Ensure mmc child device is active when card is present
Rob Clark (1):
drm/msm: use trylock for debugfs
Rohit Visavalia (1):
clk: xilinx: vcu: unregister pll_post only if registered correctly
Rong Zhang (2):
platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots
fs/ntfs3: correctly create symlink for relative path
RubenKelevra (1):
fs_context: fix parameter name in infofc() macro
Ryan Lee (1):
apparmor: ensure WB_HISTORY_SIZE value is a power of 2
Ryan Mann (NDI) (1):
USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI
Ryusuke Konishi (1):
nilfs2: reject invalid file types when reading inodes
Sabrina Dubroca (1):
udp: also consider secpath when evaluating ipsec use for checksumming
Sakari Ailus (1):
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Salah Triki (1):
iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe()
Sam Shih (1):
pinctrl: mediatek: moore: check if pin_desc is valid before use
Sarah Newman (1):
drbd: add missing kref_get in handle_write_conflicts
Sarthak Garg (1):
mmc: sdhci-msm: Ensure SD card power isn't ON when card removed
Sasha Levin (2):
fs: Prevent file descriptor table allocations exceeding INT_MAX
media: qcom: camss: cleanup media device allocated resource on error path
Sebastian Andrzej Siewior (1):
net: phy: Use netif_rx().
Sebastian Ott (1):
ACPI: processor: fix acpi_object initialization
Sebastian Reichel (2):
watchdog: dw_wdt: Fix default timeout
usb: typec: fusb302: cache PD RX state
Selvarasu Ganesan (1):
usb: dwc3: Remove WARN_ON for device endpoint command timeouts
Sergey Bashirov (4):
pNFS: Fix stripe mapping in block/scsi layout
pNFS: Fix disk addr range check in block/scsi layout
pNFS: Handle RPC size limit for layoutcommits
pNFS: Fix uninited ptr deref in block/scsi layout
Sergey Senozhatsky (1):
wifi: ath11k: clear initialized flag for deinit-ed srng lists
Seunghui Lee (1):
scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume
Shankari Anand (1):
kconfig: nconf: Ensure null termination where strncpy is used
Shengjiu Wang (1):
ASoC: fsl_sai: replace regmap_write with regmap_update_bits
Shiji Yang (1):
MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free}
Showrya M N (1):
scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated
Shubhrajyoti Datta (1):
EDAC/synopsys: Clear the ECC counters on init
Slark Xiao (2):
USB: serial: option: add Foxconn T99W640
USB: serial: option: add Foxconn T99W709
Sravan Kumar Gundu (1):
fbdev: Fix vmalloc out-of-bounds write in fast_imageblit
Stanislav Fomichev (1):
vrf: Drop existing dst reference in vrf_ip6_input_dst
Stanislaw Gruszka (1):
wifi: iwlegacy: Check rate_idx range after addition
Stav Aviram (1):
net/mlx5: Check device memory pointer before usage
Stefan Metzmacher (5):
smb: server: remove separate empty_recvmsg_queue
smb: server: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
smb: server: let recv_done() consistently call put_recvmsg/smb_direct_disconnect_rdma_connection
smb: server: let recv_done() avoid touching data_transfer after cleanup/move
smb: client: let recv_done() cleanup before notifying the callers.
Steven Rostedt (5):
tracing: Add down_write(trace_event_sem) when adding trace event
selftests/tracing: Fix false failure of subsystem event test
ktest.pl: Prevent recursion of default variable options
ftrace: Also allocate and copy hash for reading of filter files
tracing: Remove unneeded goto out logic
Su Hui (1):
usb: xhci: print xhci->xhc_state when queue_command failed
Suchit Karunakaran (1):
kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c
Sven Schnelle (2):
s390/time: Use monotonic clock in get_cycles()
s390/stp: Remove udelay from stp_sync_clock()
Takashi Iwai (4):
ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out()
ALSA: usb-audio: Validate UAC3 power domain descriptors, too
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
Tao Xue (1):
usb: gadget : fix use-after-free in composite_dev_cleanup()
Tariq Toukan (1):
lib: bitmap: Introduce node-aware alloc API
Tetsuo Handa (1):
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
Theodore Ts'o (2):
ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
ext4: don't try to clear the orphan_present feature block device is r/o
Thomas Fourier (19):
pch_uart: Fix dma_sync_sg_for_device() nents value
mmc: bcm2835: Fix dma_unmap_sg() nents value
mwl8k: Add missing check after DMA map
crypto: inside-secure - Fix `dma_unmap_sg()` nents value
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
scsi: mvsas: Fix dma_unmap_sg() nents value
scsi: isci: Fix dma_unmap_sg() nents value
crypto: keembay - Fix dma_unmap_sg() nents value
crypto: img-hash - Fix dma_unmap_sg() nents value
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
dmaengine: nbpfaxi: Add missing check after DMA map
mtd: rawnand: atmel: Fix dma_mapping_error() address
mtd: rawnand: rockchip: Add missing check after DMA map
et131x: Add missing check after DMA map
net: ag71xx: Add missing check after DMA map
(powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer
wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`.
wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc()
mtd: rawnand: fsmc: Add missing check after DMA map
Thomas Gleixner (3):
perf/core: Don't leak AUX buffer refcount on allocation failure
perf/core: Exit early on perf_mmap() fail
perf/core: Prevent VMA split of buffer mappings
Thomas Weißschuh (3):
tools/nolibc: define time_t in terms of __kernel_old_time_t
MIPS: Don't crash in stack_top() for tasks without ABI or vDSO
kbuild: userprogs: use correct linker when mixing clang and GNU ld
Thorsten Blum (3):
ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe()
smb: server: Fix extension string in ksmbd_extract_shortname()
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Tianxiang Peng (1):
x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper
Tigran Mkrtchyan (1):
pNFS/flexfiles: don't attempt pnfs on fatal DS errors
Tim Harvey (1):
hwmon: (gsc-hwmon) fix fan pwm setpoint show functions
Timothy Pearson (5):
PCI: pnv_php: Clean up allocated IRQs on unplug
PCI: pnv_php: Work around switches with broken presence detection
powerpc/eeh: Export eeh_unfreeze_pe()
powerpc/eeh: Make EEH driver device hotplug safe
PCI: pnv_php: Fix surprise plug detection and recovery
Timur Kristóf (6):
drm/amd/display: Don't overwrite dce60_clk_mgr
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
drm/amd/display: Fix DP audio DTO1 clock source on DCE 6.
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs
drm/amd/display: Don't overclock DCE 6 by 15%
Tiwei Bie (1):
um: rtc: Avoid shadowing err in uml_rtc_start()
Tomas Henzl (1):
scsi: mpt3sas: Fix a fw_event memory leak
Tomasz Michalec (2):
usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present
platform/chrome: cros_ec_typec: Defer probe on missing EC parent
Trond Myklebust (2):
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
NFS: Fix the setting of capabilities when automounting a new filesystem
Tvrtko Ursulin (1):
drm/ttm: Respect the shrinker core free target
Tzung-Bi Shih (2):
platform/chrome: cros_ec: remove unneeded label and if-condition
platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister()
Ulf Hansson (1):
mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode()
Uros Bizjak (1):
ucount: fix atomic_long_inc_below() argument type
Uwe Kleine-König (6):
usb: musb: omap2430: Convert to platform remove callback returning void
platform/chrome: cros_ec: Make cros_ec_unregister() return void
media: camss: Convert to platform remove callback returning void
pwm: mediatek: Implement .apply() callback
pwm: mediatek: Handle hardware enable and clock enable separately
pwm: mediatek: Fix duty and period setting
ValdikSS (1):
igc: fix disabling L1.2 PCI-E link substate on I226 on init
Vedang Nagar (1):
media: venus: Add a check for packet size after reading from shared memory
Viacheslav Dubeyko (4):
hfs: fix slab-out-of-bounds in hfs_bnode_read()
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
hfs: fix not erasing deleted b-tree node issue
Victor Shih (1):
mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency
Viresh Kumar (1):
i2c: virtio: Avoid hang by using interruptible completion wait
Waiman Long (2):
mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup()
cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key
Wang Liang (2):
net: drop UFO packets in udp_rcv_segment()
net: bridge: fix soft lockup in br_multicast_query_expired()
Wang Zhaolong (2):
smb: client: fix use-after-free in cifs_oplock_break
smb: client: fix use-after-free in crypt_message when using async crypto
Wayne Chang (1):
phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode
Wei Gao (1):
ext2: Handle fiemap on empty files to prevent EINVAL
Weitao Wang (1):
usb: xhci: Fix slot_id resource race conflict
Wen Chen (1):
drm/amd/display: Fix 'failed to blank crtc!'
Will Deacon (1):
KVM: arm64: Fix kernel BUG() due to bad backport of FPSIMD/SVE/SME fix
William Liu (4):
net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
Wolfram Sang (3):
media: usb: hdpvr: disable zero-length read messages
i3c: add missing include to internal header
i3c: don't fail if GETHDRCAP is unsupported
Xiang Mei (2):
net/sched: sch_qfq: Fix race condition on qfq_aggregate
net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class
Xilin Wu (1):
interconnect: qcom: sc7280: Add missing num_links to xm_pcie3_1 node
Xin Long (1):
sctp: linearize cloned gso packets in sctp_rcv
Xinxin Wan (1):
ASoC: codecs: rt5640: Retry DEVICE_ID verification
Xinyu Liu (2):
usb: gadget: configfs: Fix OOB read on empty string write
usb: core: config: Prevent OOB read in SS endpoint companion parsing
Xiu Jianfeng (1):
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Xiumei Mu (1):
selftests: rtnetlink.sh: remove esp4_offload after test
Xu Yang (4):
usb: chipidea: add USB PHY event
usb: phy: mxs: disconnect line when USB charger is attached
net: usb: asix_devices: add phy_mask for ax88772 mdio bus
usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test
Xu Yilun (1):
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Yajun Deng (1):
i40e: Add rx_missed_errors for buffer exhaustion
Yang Xiwen (1):
i2c: qup: jump out of the loop in case of timeout
Yangtao Li (1):
hfsplus: remove mutex_lock check in hfsplus_free_extents
Yann E. MORIN (1):
kconfig: lxdialog: fix 'space' to (de)select options
Yazen Ghannam (1):
x86/mce/amd: Add default names for MCA banks and blocks
Ye Bin (1):
fs/buffer: fix use-after-free when call bh_read() helper
Yonglong Liu (1):
net: hns3: disable interrupt when ptp init failed
Youngjun Lee (1):
media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()
Youssef Samir (1):
bus: mhi: host: Detect events pointing to unexpected TREs
Yu Kuai (1):
nvme: fix misaccounting of nvme-mpath inflight I/O
Yuan Chen (2):
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
pinctrl: sunxi: Fix memory leak on krealloc failure
Yue Haibing (1):
ipv6: mcast: Delay put pmc->idev in mld_del_delrec()
Yuichiro Tsuji (1):
net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization
Yun Lu (2):
af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd()
af_packet: fix soft lockup issue caused by tpacket_snd()
Yunhui Cui (1):
serial: 8250: fix panic due to PSLVERR
Yury Norov [NVIDIA] (1):
RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()
Zenm Chen (1):
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Zhang Lixu (2):
iio: hid-sensor-prox: Restore lost scale assignments
iio: hid-sensor-prox: Fix incorrect OFFSET calculation
Zhang Rui (1):
powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed
Zhang Shurong (1):
media: ov2659: Fix memory leaks in ov2659_probe()
Zhang Yi (1):
ext4: fix hole length calculation overflow in non-extent inodes
Zheng Yu (1):
jfs: fix metapage reference count leak in dbAllocCtl
Zhiqi Song (1):
crypto: hisilicon/hpre - fix dma unmap sequence
Zhu Qiyu (1):
ACPI: PRM: Reduce unnecessary printing to avoid user confusion
Ziyan Fu (1):
watchdog: iTCO_wdt: Report error if timeout configuration fails
chenchangcheng (1):
media: uvcvideo: Fix bandwidth issue for Alcor camera
fangzhong.zhou (1):
i2c: Force DLL0945 touchpad i2c freq to 100khz
jackysliu (1):
scsi: bfa: Double-free fix
tuhaowen (1):
PM: sleep: console: Fix the black screen issue
xin.guo (1):
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
zhangjianrong (1):
net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths()
Álvaro Fernández Rojas (5):
net: dsa: b53: fix b53_imp_vlan_setup for BCM5325
net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325
net: dsa: b53: prevent DIS_LEARNING access on BCM5325
net: dsa: b53: prevent SWITCH_CTRL access on BCM5325
net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325
2 weeks, 6 days
- 1
- 1
Linux 5.10.241
by Greg Kroah-Hartman
I'm announcing the release of the 5.10.241 kernel.
All users of the 5.10 kernel series must upgrade.
The updated 5.10.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/filesystems/f2fs.rst | 6
Documentation/firmware-guide/acpi/i2c-muxes.rst | 8
Documentation/memory-barriers.txt | 11
Makefile | 4
arch/arm/Makefile | 2
arch/arm/boot/dts/imx6ul-kontron-n6x1x-s.dtsi | 1
arch/arm/boot/dts/vfxxx.dtsi | 2
arch/arm/mach-rockchip/platsmp.c | 15
arch/arm/mach-tegra/reset.c | 2
arch/arm64/boot/dts/freescale/imx8mm-beacon-som.dtsi | 2
arch/arm64/include/asm/acpi.h | 2
arch/arm64/mm/ptdump_debugfs.c | 3
arch/m68k/Kconfig.debug | 2
arch/m68k/kernel/early_printk.c | 42 -
arch/m68k/kernel/head.S | 39 -
arch/mips/crypto/chacha-core.S | 20
arch/mips/include/asm/vpe.h | 8
arch/mips/kernel/process.c | 16
arch/mips/mm/tlb-r4k.c | 56 +
arch/parisc/Makefile | 2
arch/powerpc/configs/ppc6xx_defconfig | 1
arch/powerpc/kernel/eeh.c | 1
arch/powerpc/kernel/eeh_driver.c | 48 +
arch/powerpc/kernel/eeh_pe.c | 11
arch/powerpc/kernel/pci-hotplug.c | 3
arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6
arch/s390/hypfs/hypfs_dbfs.c | 19
arch/s390/include/asm/timex.h | 13
arch/s390/kernel/time.c | 2
arch/s390/mm/dump_pagetables.c | 2
arch/sh/Makefile | 10
arch/sh/boot/compressed/Makefile | 4
arch/sh/boot/romimage/Makefile | 4
arch/x86/include/asm/xen/hypercall.h | 6
arch/x86/kernel/cpu/amd.c | 2
arch/x86/kernel/cpu/bugs.c | 5
arch/x86/kernel/cpu/mce/amd.c | 13
arch/x86/mm/extable.c | 5
block/bio.c | 2
block/blk-settings.c | 2
drivers/acpi/acpi_processor.c | 2
drivers/acpi/apei/ghes.c | 2
drivers/acpi/processor_idle.c | 4
drivers/acpi/processor_perflib.c | 11
drivers/ata/Kconfig | 35 -
drivers/ata/libata-sata.c | 5
drivers/ata/libata-scsi.c | 20
drivers/base/power/domain_governor.c | 18
drivers/base/power/runtime.c | 5
drivers/block/drbd/drbd_receiver.c | 6
drivers/block/sunvdc.c | 4
drivers/bus/mhi/host/boot.c | 8
drivers/bus/mhi/host/internal.h | 4
drivers/char/hw_random/mtk-rng.c | 4
drivers/char/ipmi/ipmi_msghandler.c | 8
drivers/char/ipmi/ipmi_watchdog.c | 59 +-
drivers/clk/davinci/psc.c | 5
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3
drivers/cpufreq/armada-8k-cpufreq.c | 2
drivers/cpufreq/cppc_cpufreq.c | 2
drivers/cpufreq/cpufreq.c | 29
drivers/cpuidle/governors/menu.c | 21
drivers/crypto/ccp/ccp-debugfs.c | 3
drivers/crypto/img-hash.c | 2
drivers/crypto/inside-secure/safexcel_hash.c | 8
drivers/crypto/marvell/cesa/cipher.c | 4
drivers/crypto/marvell/cesa/hash.c | 5
drivers/crypto/qat/qat_common/adf_transport_debug.c | 4
drivers/devfreq/governor_userspace.c | 6
drivers/dma-buf/dma-resv.c | 5
drivers/dma/mv_xor.c | 21
drivers/dma/nbpfaxi.c | 24
drivers/fpga/zynq-fpga.c | 10
drivers/gpio/gpio-rcar.c | 20
drivers/gpio/gpio-tps65912.c | 7
drivers/gpio/gpio-wcd934x.c | 7
drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 6
drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2
drivers/gpu/drm/amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2
drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 -
drivers/gpu/drm/amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 -
drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6
drivers/gpu/drm/drm_dp_helper.c | 2
drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9
drivers/gpu/drm/scheduler/sched_entity.c | 23
drivers/gpu/drm/ttm/ttm_resource.c | 3
drivers/hid/hid-core.c | 19
drivers/hwmon/corsair-cpro.c | 5
drivers/hwmon/gsc-hwmon.c | 4
drivers/i2c/busses/i2c-qup.c | 4
drivers/i2c/busses/i2c-stm32.c | 8
drivers/i2c/busses/i2c-stm32f7.c | 4
drivers/i2c/i2c-core-acpi.c | 1
drivers/i3c/internals.h | 1
drivers/i3c/master.c | 2
drivers/idle/intel_idle.c | 2
drivers/iio/adc/ad7768-1.c | 23
drivers/iio/adc/ad_sigma_delta.c | 4
drivers/iio/adc/max1363.c | 43 -
drivers/iio/adc/stm32-adc-core.c | 7
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 6
drivers/iio/light/as73211.c | 2
drivers/iio/light/hid-sensor-prox.c | 3
drivers/iio/pressure/bmp280-core.c | 9
drivers/iio/proximity/isl29501.c | 16
drivers/infiniband/core/cache.c | 4
drivers/infiniband/core/nldev.c | 22
drivers/infiniband/hw/bnxt_re/qplib_res.c | 2
drivers/infiniband/hw/hfi1/affinity.c | 44 -
drivers/infiniband/sw/rxe/rxe_comp.c | 16
drivers/input/joystick/xpad.c | 2
drivers/iommu/amd/init.c | 4
drivers/leds/leds-lp50xx.c | 11
drivers/md/dm-core.h | 52 +
drivers/md/dm-historical-service-time.c | 4
drivers/md/dm-queue-length.c | 4
drivers/md/dm-round-robin.c | 4
drivers/md/dm-rq.c | 8
drivers/md/dm-service-time.c | 4
drivers/md/dm-zoned-target.c | 2
drivers/md/dm.c | 59 --
drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3
drivers/media/dvb-frontends/dib7000p.c | 8
drivers/media/i2c/hi556.c | 26
drivers/media/i2c/ov2659.c | 3
drivers/media/i2c/tc358743.c | 86 +-
drivers/media/platform/qcom/camss/camss.c | 4
drivers/media/platform/qcom/venus/core.c | 21
drivers/media/platform/qcom/venus/core.h | 2
drivers/media/platform/qcom/venus/dbgfs.c | 9
drivers/media/platform/qcom/venus/dbgfs.h | 13
drivers/media/platform/qcom/venus/hfi_venus.c | 14
drivers/media/platform/qcom/venus/vdec.c | 5
drivers/media/usb/gspca/vicam.c | 10
drivers/media/usb/hdpvr/hdpvr-i2c.c | 6
drivers/media/usb/usbtv/usbtv-video.c | 4
drivers/media/usb/uvc/uvc_driver.c | 3
drivers/media/usb/uvc/uvc_video.c | 21
drivers/media/v4l2-core/v4l2-ctrls.c | 37 +
drivers/memstick/core/memstick.c | 3
drivers/memstick/host/rtsx_usb_ms.c | 1
drivers/misc/cardreader/rtsx_usb.c | 16
drivers/mmc/host/bcm2835.c | 3
drivers/mmc/host/rtsx_usb_sdmmc.c | 4
drivers/mmc/host/sdhci-msm.c | 14
drivers/mmc/host/sdhci-pci-core.c | 3
drivers/mmc/host/sdhci-pci-gli.c | 4
drivers/mmc/host/sdhci_am654.c | 9
drivers/most/core.c | 2
drivers/mtd/ftl.c | 2
drivers/mtd/nand/raw/atmel/nand-controller.c | 2
drivers/mtd/nand/raw/atmel/pmecc.c | 6
drivers/mtd/nand/raw/fsmc_nand.c | 2
drivers/net/can/kvaser_pciefd.c | 1
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1
drivers/net/dsa/b53/b53_common.c | 54 +
drivers/net/dsa/b53/b53_regs.h | 2
drivers/net/ethernet/agere/et131x.c | 36 +
drivers/net/ethernet/atheros/ag71xx.c | 9
drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4
drivers/net/ethernet/emulex/benet/be_cmds.c | 2
drivers/net/ethernet/emulex/benet/be_main.c | 8
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4
drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 66 +-
drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.h | 13
drivers/net/ethernet/freescale/dpaa2/dpaa2-ethtool.c | 16
drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c | 95 +--
drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.h | 5
drivers/net/ethernet/freescale/fec_main.c | 34 -
drivers/net/ethernet/freescale/gianfar_ethtool.c | 4
drivers/net/ethernet/google/gve/gve_adminq.c | 1
drivers/net/ethernet/google/gve/gve_main.c | 67 +-
drivers/net/ethernet/hisilicon/hns3/hnae3.h | 17
drivers/net/ethernet/hisilicon/hns3/hns3_debugfs.c | 3
drivers/net/ethernet/hisilicon/hns3/hns3_enet.c | 33 -
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_debugfs.c | 2
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 4
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_mbx.c | 2
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c | 49 -
drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 25
drivers/net/ethernet/intel/e1000e/defines.h | 3
drivers/net/ethernet/intel/e1000e/ich8lan.c | 2
drivers/net/ethernet/intel/e1000e/nvm.c | 6
drivers/net/ethernet/intel/fm10k/fm10k.h | 3
drivers/net/ethernet/intel/i40e/i40e.h | 2
drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 3
drivers/net/ethernet/intel/i40e/i40e_main.c | 18
drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 4
drivers/net/ethernet/intel/ice/ice_flex_pipe.c | 2
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2
drivers/net/ethernet/mellanox/mlxsw/trap.h | 1
drivers/net/ethernet/xilinx/xilinx_emaclite.c | 2
drivers/net/hyperv/hyperv_net.h | 3
drivers/net/hyperv/netvsc_drv.c | 29
drivers/net/phy/mscc/mscc_ptp.c | 1
drivers/net/phy/mscc/mscc_ptp.h | 1
drivers/net/phy/smsc.c | 1
drivers/net/ppp/pptp.c | 18
drivers/net/usb/sierra_net.c | 4
drivers/net/usb/usbnet.c | 11
drivers/net/virtio_net.c | 38 +
drivers/net/vrf.c | 2
drivers/net/wireless/ath/ath11k/hal.c | 25
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 8
drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2
drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11
drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2
drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4
drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2
drivers/net/wireless/marvell/mwl8k.c | 4
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3
drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2
drivers/net/wireless/realtek/rtlwifi/pci.c | 23
drivers/net/xen-netfront.c | 5
drivers/pci/controller/pcie-rockchip-host.c | 2
drivers/pci/endpoint/pci-ep-cfs.c | 1
drivers/pci/endpoint/pci-epf-core.c | 2
drivers/pci/hotplug/pnv_php.c | 233 +++++++
drivers/pci/pci-acpi.c | 4
drivers/pci/pci.c | 8
drivers/pci/probe.c | 2
drivers/phy/tegra/xusb-tegra186.c | 59 +-
drivers/pinctrl/stm32/pinctrl-stm32.c | 1
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11
drivers/platform/chrome/cros_ec.c | 23
drivers/platform/chrome/cros_ec.h | 2
drivers/platform/chrome/cros_ec_i2c.c | 4
drivers/platform/chrome/cros_ec_lpc.c | 4
drivers/platform/chrome/cros_ec_spi.c | 4
drivers/platform/chrome/cros_ec_typec.c | 4
drivers/platform/x86/thinkpad_acpi.c | 4
drivers/power/supply/max14577_charger.c | 4
drivers/pps/pps.c | 11
drivers/ptp/ptp_clock.c | 13
drivers/pwm/pwm-imx-tpm.c | 9
drivers/pwm/pwm-mediatek.c | 78 +-
drivers/regulator/core.c | 1
drivers/reset/Kconfig | 10
drivers/rtc/rtc-ds1307.c | 17
drivers/rtc/rtc-hym8563.c | 2
drivers/rtc/rtc-pcf85063.c | 2
drivers/rtc/rtc-pcf8563.c | 2
drivers/rtc/rtc-rv3028.c | 2
drivers/scsi/aacraid/comminit.c | 3
drivers/scsi/bfa/bfad_im.c | 1
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6
drivers/scsi/isci/request.c | 2
drivers/scsi/libiscsi.c | 3
drivers/scsi/lpfc/lpfc_debugfs.c | 1
drivers/scsi/lpfc/lpfc_scsi.c | 4
drivers/scsi/lpfc/lpfc_sli.c | 8
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19
drivers/scsi/mvsas/mv_sas.c | 4
drivers/scsi/pm8001/pm8001_init.c | 11
drivers/scsi/pm8001/pm8001_sas.h | 1
drivers/scsi/qla4xxx/ql4_os.c | 2
drivers/scsi/scsi_scan.c | 2
drivers/scsi/scsi_transport_sas.c | 60 +-
drivers/scsi/ufs/ufs-exynos.c | 4
drivers/scsi/ufs/ufshcd.c | 10
drivers/soc/aspeed/aspeed-lpc-snoop.c | 13
drivers/soc/qcom/mdt_loader.c | 41 +
drivers/soc/tegra/pmc.c | 51 -
drivers/soundwire/stream.c | 2
drivers/staging/comedi/comedi_fops.c | 61 +-
drivers/staging/comedi/comedi_internal.h | 1
drivers/staging/comedi/drivers.c | 30 -
drivers/staging/comedi/drivers/aio_iiro_16.c | 3
drivers/staging/comedi/drivers/comedi_test.c | 2
drivers/staging/comedi/drivers/das16m1.c | 3
drivers/staging/comedi/drivers/das6402.c | 3
drivers/staging/comedi/drivers/pcl812.c | 3
drivers/staging/fbtft/fbtft-core.c | 1
drivers/staging/media/imx/imx-media-csc-scaler.c | 2
drivers/staging/nvec/nvec_power.c | 2
drivers/thermal/thermal_sysfs.c | 9
drivers/thunderbolt/domain.c | 2
drivers/thunderbolt/switch.c | 2
drivers/tty/serial/8250/8250_port.c | 3
drivers/tty/serial/pch_uart.c | 2
drivers/tty/vt/defkeymap.c_shipped | 112 +++
drivers/tty/vt/keyboard.c | 2
drivers/uio/uio_hv_generic.c | 4
drivers/usb/atm/cxacru.c | 106 +--
drivers/usb/chipidea/ci.h | 18
drivers/usb/chipidea/udc.c | 10
drivers/usb/class/cdc-acm.c | 13
drivers/usb/core/config.c | 10
drivers/usb/core/hub.c | 60 +-
drivers/usb/core/hub.h | 1
drivers/usb/core/quirks.c | 1
drivers/usb/core/urb.c | 2
drivers/usb/dwc3/core.c | 10
drivers/usb/dwc3/dwc3-meson-g12a.c | 3
drivers/usb/dwc3/dwc3-qcom.c | 7
drivers/usb/dwc3/gadget.c | 14
drivers/usb/early/xhci-dbc.c | 4
drivers/usb/gadget/composite.c | 5
drivers/usb/gadget/configfs.c | 2
drivers/usb/gadget/udc/renesas_usb3.c | 1
drivers/usb/host/xhci-hub.c | 3
drivers/usb/host/xhci-mem.c | 24
drivers/usb/host/xhci-pci-renesas.c | 7
drivers/usb/host/xhci-plat.c | 3
drivers/usb/host/xhci-ring.c | 19
drivers/usb/host/xhci.c | 24
drivers/usb/host/xhci.h | 3
drivers/usb/musb/musb_core.c | 62 +-
drivers/usb/musb/musb_core.h | 11
drivers/usb/musb/musb_debugfs.c | 6
drivers/usb/musb/musb_gadget.c | 30 -
drivers/usb/musb/musb_host.c | 6
drivers/usb/musb/musb_virthub.c | 18
drivers/usb/musb/omap2430.c | 10
drivers/usb/phy/phy-mxs-usb.c | 4
drivers/usb/serial/ftdi_sio.c | 2
drivers/usb/serial/ftdi_sio_ids.h | 3
drivers/usb/serial/option.c | 7
drivers/usb/storage/realtek_cr.c | 2
drivers/usb/storage/unusual_devs.h | 29
drivers/usb/typec/mux/intel_pmc_mux.c | 2
drivers/usb/typec/tcpm/fusb302.c | 8
drivers/usb/typec/ucsi/psy.c | 2
drivers/usb/typec/ucsi/ucsi.c | 1
drivers/usb/typec/ucsi/ucsi.h | 7
drivers/vhost/scsi.c | 4
drivers/vhost/vhost.c | 3
drivers/video/console/vgacon.c | 2
drivers/video/fbdev/imxfb.c | 9
drivers/watchdog/dw_wdt.c | 2
drivers/watchdog/ziirave_wdt.c | 3
drivers/xen/gntdev-common.h | 4
drivers/xen/gntdev.c | 71 +-
fs/btrfs/ctree.h | 2
fs/btrfs/inode.c | 4
fs/btrfs/ioctl.c | 2
fs/btrfs/qgroup.c | 2
fs/btrfs/send.c | 4
fs/btrfs/transaction.c | 2
fs/btrfs/tree-log.c | 53 +
fs/buffer.c | 2
fs/cifs/cifssmb.c | 10
fs/cifs/smb2ops.c | 7
fs/cifs/smbdirect.c | 14
fs/ext4/fsmap.c | 23
fs/ext4/indirect.c | 4
fs/ext4/inline.c | 19
fs/ext4/inode.c | 2
fs/f2fs/f2fs.h | 2
fs/f2fs/inode.c | 28
fs/f2fs/node.c | 10
fs/file.c | 83 +-
fs/hfs/bnode.c | 93 +++
fs/hfsplus/bnode.c | 92 +++
fs/hfsplus/extents.c | 3
fs/hfsplus/unicode.c | 7
fs/hfsplus/xattr.c | 6
fs/hugetlbfs/inode.c | 2
fs/isofs/inode.c | 9
fs/jbd2/checkpoint.c | 1
fs/jfs/file.c | 3
fs/jfs/inode.c | 2
fs/jfs/jfs_dmap.c | 10
fs/libfs.c | 4
fs/namespace.c | 89 ++-
fs/nfs/blocklayout/blocklayout.c | 4
fs/nfs/blocklayout/dev.c | 5
fs/nfs/blocklayout/extent_tree.c | 20
fs/nfs/client.c | 46 +
fs/nfs/export.c | 11
fs/nfs/flexfilelayout/flexfilelayout.c | 32 -
fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6
fs/nfs/inode.c | 6
fs/nfs/internal.h | 10
fs/nfs/nfs4client.c | 15
fs/nfs/nfs4proc.c | 46 -
fs/nfs/pnfs.c | 11
fs/nfsd/nfs4state.c | 34 -
fs/nilfs2/inode.c | 9
fs/orangefs/orangefs-debugfs.c | 8
fs/squashfs/super.c | 14
fs/udf/super.c | 13
include/asm-generic/barrier.h | 33 +
include/linux/blk_types.h | 8
include/linux/compiler.h | 8
include/linux/cpuset.h | 17
include/linux/fs.h | 4
include/linux/fs_context.h | 2
include/linux/if_vlan.h | 6
include/linux/memfd.h | 14
include/linux/minmax.h | 17
include/linux/mm.h | 80 +-
include/linux/mmzone.h | 22
include/linux/moduleparam.h | 5
include/linux/pci.h | 1
include/linux/platform_data/cros_ec_proto.h | 4
include/linux/pps_kernel.h | 1
include/linux/sched/mm.h | 16
include/linux/skbuff.h | 31 +
include/linux/usb/usbnet.h | 1
include/linux/xarray.h | 15
include/net/cfg80211.h | 2
include/net/tc_act/tc_ctinfo.h | 6
include/net/udp.h | 24
include/uapi/linux/in6.h | 4
include/uapi/linux/io_uring.h | 2
include/uapi/linux/mount.h | 3
kernel/cgroup/cpuset.c | 23
kernel/events/core.c | 20
kernel/fork.c | 2
kernel/power/console.c | 7
kernel/rcu/tree_plugin.h | 3
kernel/trace/ftrace.c | 19
kernel/trace/trace.c | 33 -
kernel/trace/trace.h | 8
kernel/trace/trace_events.c | 5
mm/filemap.c | 2
mm/hmm.c | 2
mm/kmemleak.c | 10
mm/madvise.c | 2
mm/memfd.c | 2
mm/mmap.c | 10
mm/page_alloc.c | 13
mm/ptdump.c | 2
mm/shmem.c | 2
mm/slab.h | 5
mm/slob.c | 6
mm/vmalloc.c | 16
mm/zsmalloc.c | 6
net/8021q/vlan.c | 42 +
net/8021q/vlan.h | 1
net/appletalk/aarp.c | 42 +
net/appletalk/ddp.c | 7
net/bluetooth/l2cap_core.c | 26
net/bluetooth/l2cap_sock.c | 3
net/bluetooth/smp.c | 21
net/bluetooth/smp.h | 1
net/bridge/netfilter/nft_reject_bridge.c | 60 --
net/caif/cfctrl.c | 294 ++++------
net/core/filter.c | 3
net/core/netpoll.c | 7
net/hsr/hsr_slave.c | 8
net/ipv4/netfilter/nf_reject_ipv4.c | 4
net/ipv4/route.c | 1
net/ipv4/tcp_input.c | 3
net/ipv4/udp_offload.c | 2
net/ipv6/ip6_offload.c | 4
net/ipv6/netfilter/nf_reject_ipv6.c | 4
net/ipv6/rpl_iptunnel.c | 8
net/ipv6/seg6_hmac.c | 3
net/mac80211/tx.c | 7
net/ncsi/internal.h | 2
net/ncsi/ncsi-rsp.c | 1
net/netfilter/nf_conntrack_netlink.c | 24
net/netfilter/nf_tables_api.c | 4
net/netfilter/nft_reject.c | 12
net/netfilter/nft_reject_inet.c | 68 --
net/netfilter/xt_nfacct.c | 4
net/netlink/af_netlink.c | 2
net/packet/af_packet.c | 39 -
net/phonet/pep.c | 2
net/sched/act_ctinfo.c | 19
net/sched/sch_cake.c | 14
net/sched/sch_codel.c | 5
net/sched/sch_drr.c | 7
net/sched/sch_ets.c | 46 -
net/sched/sch_fq_codel.c | 6
net/sched/sch_hfsc.c | 8
net/sched/sch_htb.c | 19
net/sched/sch_netem.c | 40 +
net/sched/sch_qfq.c | 40 -
net/sctp/input.c | 2
net/tls/tls_sw.c | 13
net/vmw_vsock/af_vsock.c | 3
net/wireless/mlme.c | 3
samples/mei/mei-amt-version.c | 2
scripts/kconfig/gconf.c | 8
scripts/kconfig/lxdialog/inputbox.c | 6
scripts/kconfig/lxdialog/menubox.c | 2
scripts/kconfig/nconf.c | 2
scripts/kconfig/nconf.gui.c | 1
scripts/kconfig/qconf.cc | 2
security/apparmor/include/match.h | 3
security/apparmor/match.c | 1
security/inode.c | 2
sound/core/pcm_native.c | 19
sound/pci/hda/patch_ca0132.c | 7
sound/pci/hda/patch_hdmi.c | 19
sound/pci/hda/patch_realtek.c | 3
sound/pci/intel8x0.c | 2
sound/soc/codecs/hdac_hdmi.c | 10
sound/soc/codecs/rt5640.c | 5
sound/soc/fsl/fsl_sai.c | 30 -
sound/soc/intel/boards/Kconfig | 2
sound/soc/soc-core.c | 3
sound/soc/soc-dai.c | 19
sound/soc/soc-dapm.c | 4
sound/soc/soc-ops.c | 26
sound/usb/mixer_quirks.c | 14
sound/usb/mixer_scarlett_gen2.c | 8
sound/usb/stream.c | 25
sound/usb/validate.c | 14
tools/bpf/bpftool/net.c | 15
tools/include/linux/sched/mm.h | 2
tools/perf/tests/bp_account.c | 1
tools/power/cpupower/utils/idle_monitor/mperf_monitor.c | 4
tools/testing/ktest/ktest.pl | 5
tools/testing/selftests/ftrace/test.d/event/subsystem-enable.tc | 28
tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc | 2
tools/testing/selftests/futex/include/futextest.h | 11
tools/testing/selftests/memfd/memfd_test.c | 43 +
tools/testing/selftests/net/mptcp/Makefile | 3
tools/testing/selftests/net/mptcp/mptcp_connect_mmap.sh | 5
tools/testing/selftests/net/mptcp/pm_netlink.sh | 1
tools/testing/selftests/net/rtnetlink.sh | 6
523 files changed, 4755 insertions(+), 2125 deletions(-)
Aaron Kling (1):
ARM: tegra: Use I/O memcpy to write to IRAM
Abdun Nihaal (1):
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Adam Ford (1):
arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed
Ajish Koshy (1):
scsi: pm80xx: Fix memory leak during rmmod
Al Viro (4):
better lockdep annotations for simple_recursive_removal()
securityfs: don't pin dentries twice, once is enough...
use uniform permission checks for all mount propagation changes
alloc_fdtable(): change calling conventions.
Alessandro Carminati (1):
regulator: core: fix NULL dereference on unbind due to stale coupling data
Alex Guo (2):
media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()
media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar
Alexander Gordeev (1):
mm/vmalloc: leave lazy MMU mode on PTE mapping error
Alexander Kochetkov (1):
ARM: rockchip: fix kernel hang during smp initialization
Alexander Wilhelm (1):
bus: mhi: host: Fix endianness of BHI vector table
Alok Tiwari (7):
thunderbolt: Fix bit masking in tb_dp_port_set_hops()
net: emaclite: Fix missing pointer increment in aligned_read()
staging: nvec: Fix incorrect null termination of battery manufacturer
ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4
be2net: Use correct byte order and format string for TCP seq and ack_seq
net: thunderx: Fix format-truncation warning in bgx_acpi_match_id()
gve: Return error for unknown admin queue command
Amir Mohammad Jahangirzad (1):
fs/orangefs: use snprintf() instead of sprintf()
Ammar Faizi (1):
net: usbnet: Fix the wrong netif_carrier_on() call
Anantha Prabhu (1):
RDMA/bnxt_re: Fix to initialize the PBL array
Andreas Dilger (1):
ext4: check fast symlink for ea_inode correctly
Andrew Jeffery (2):
soc: aspeed: lpc-snoop: Cleanup resources in stack-order
soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled
Andrew Lunn (1):
net: appletalk: fix kerneldoc warnings
André Draszik (1):
scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE
Andy Shevchenko (2):
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Documentation: ACPI: Fix parent device references
Andy Yan (1):
drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed
Anna Schumaker (1):
NFS: Create an nfs4_server_set_init_caps() function
Annette Kobou (1):
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Anshuman Khandual (1):
mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd()
Anthoine Bourgeois (1):
xen/netfront: Fix TX response spurious interrupts
Arnaud Lecomte (1):
jfs: upper bound check of tree index in dbAllocAG
Arnd Bergmann (5):
ethernet: intel: fix building with large NR_CPUS
ASoC: Intel: fix SND_SOC_SOF dependencies
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
caif: reduce stack size, again
RDMA/core: reduce stack using in nldev_stat_get_doit()
Arun Raghavan (1):
ASoC: fsl_sai: Force a software reset when starting in consumer mode
Avraham Stern (1):
wifi: iwlwifi: mvm: fix scan request validation
Balamanikandan Gunasundar (1):
mtd: rawnand: atmel: set pmecc data setup time
Baokun Li (1):
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
Bard Liao (1):
soundwire: stream: restore params when prepare ports fail
Bartosz Golaszewski (2):
gpio: wcd934x: check the return value of regmap_update_bits()
gpio: tps65912: check the return value of regmap_update_bits()
Ben Hutchings (1):
sh: Do not use hyphen in exported variable name
Benjamin Coddington (1):
NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY
Benjamin Tissoires (3):
HID: core: ensure the allocated report buffer can contain the reserved report ID
HID: core: ensure __hid_request reserves the report ID as the first byte
HID: core: do not bypass hid_hw_raw_request
Benson Leung (1):
usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default
Bingbu Cao (1):
media: hi556: correct the test pattern configuration
Bjorn Andersson (1):
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Brahmajit Das (1):
samples: mei: Fix building on musl libc
Breno Leitao (3):
ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path
ipmi: Use dev_warn_ratelimited() for incorrect message warnings
mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
Brian Masney (5):
rtc: ds1307: fix incorrect maximum clock rate handling
rtc: hym8563: fix incorrect maximum clock rate handling
rtc: pcf85063: fix incorrect maximum clock rate handling
rtc: pcf8563: fix incorrect maximum clock rate handling
rtc: rv3028: fix incorrect maximum clock rate handling
Buday Csaba (1):
net: phy: smsc: add proper reset flags for LAN8710A
Budimir Markovic (1):
vsock: Do not allow binding to VMADDR_PORT_ANY
Bui Quang Minh (1):
virtio-net: ensure the received length does not exceed allocated size
Chao Yu (6):
f2fs: doc: fix wrong quota mount option description
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
f2fs: fix to avoid panic in f2fs_evict_inode
f2fs: fix to avoid out-of-boundary access in devs.path
f2fs: fix to do sanity check on ino and xnid
f2fs: fix to avoid out-of-boundary access in dnode page
Charles Han (1):
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Cheick Traore (1):
pinctrl: stm32: Manage irq affinity settings
Chen Ni (1):
iio: adc: stm32-adc: Fix race in installing chained IRQ handler
Chen-Yu Tsai (1):
platform/chrome: cros_ec: Use per-device lockdep key
Chenyuan Yang (1):
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Christophe JAILLET (1):
uio_hv_generic: Fix another memory leak in error handling paths
Christophe Leroy (1):
ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop
Clément Le Goffic (1):
i2c: stm32: fix the device used for the DMA map
Cong Wang (6):
sch_htb: make htb_qlen_notify() idempotent
sch_drr: make drr_qlen_notify() idempotent
sch_hfsc: make hfsc_qlen_notify() idempotent
sch_qfq: make qfq_qlen_notify() idempotent
codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
sch_htb: make htb_deactivate() idempotent
Corey Minyard (1):
ipmi: Fix strcpy source and destination the same
Cristian Ciocaltea (1):
ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros
Cynthia Huang (1):
selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t
Dai Ngo (1):
NFSD: detect mismatch of file handle and delegation stateid in OPEN op
Damien Le Moal (8):
ata: libata-sata: Disallow changing LPM state if not supported
scsi: mpt3sas: Correctly handle ATA device errors
ata: libata-scsi: Fix ata_to_sense_error() status handling
PCI: endpoint: Fix configfs group list head handling
PCI: endpoint: Fix configfs group removal on driver teardown
block: Make REQ_OP_ZONE_FINISH a write operation
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
dm: rearrange core declarations for extended use from dm-zone.c
Dan Carpenter (7):
dmaengine: nbpfaxi: Fix memory corruption in probe()
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
fs/orangefs: Allow 2 more characters in do_c_string()
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
media: gspca: Add bounds checking to firmware parser
scsi: qla4xxx: Prevent a potential error pointer dereference
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Daniel Dadap (1):
ALSA: hda: Add missing NVIDIA HDA codec IDs
Daniel Vetter (1):
mm: extract might_alloc() debug check
Daniil Dulov (1):
wifi: rtl818x: Kill URBs before clearing tx status queue
Dave Hansen (1):
x86/fpu: Delay instruction pointer fixup until after warning
Dave Stevenson (3):
media: tc358743: Check I2C succeeded during probe
media: tc358743: Return an appropriate colorspace from tc358743_set_fmt
media: tc358743: Increase FIFO trigger level to 374
David Laight (1):
minmax: add umin(a, b) and umax(a, b)
David Lechner (2):
iio: proximity: isl29501: fix buffered read on big-endian systems
iio: adc: ad_sigma_delta: change to buffer predisable
Davide Caratti (2):
net/sched: sch_ets: properly init all active DRR list handles
net/sched: ets: use old 'nbands' while purging unused classes
Dawid Rezler (1):
ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx
Denis OSTERLAND-HEIM (1):
pps: fix poll support
Dennis Chen (1):
i40e: report VF tx_dropped with tx_errors instead of tx_discards
Dikshita Agarwal (1):
media: venus: Add support for SSR trigger using fault injection
Dong Chenchen (1):
net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime
Drew Hamilton (1):
usb: musb: fix gadget state on disconnect
Edson Juliano Drosdeck (1):
mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models
Edward Adam Davis (1):
jfs: Regular file corruption check
Emily Deng (1):
drm/ttm: Should to return the evict error
Eric Biggers (2):
thunderbolt: Fix copy+paste error in match_service_id()
lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap
Eric Dumazet (5):
net_sched: act_ctinfo: use atomic64_t for three counters
pptp: ensure minimal skb length in pptp_xmit()
ipv6: reject malicious packets in ipv6_gso_segment()
pptp: fix pptp_xmit() error path
net_sched: sch_ets: implement lockless ets_dump()
Evgeniy Harchenko (1):
ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6
Fabio Estevam (2):
iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[]
iio: adc: max1363: Reorder mode_list[] entries
Fabio Porcedda (1):
USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition
Fedor Pchelkin (3):
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
netfilter: nf_tables: adjust lockdep assertions handling
netlink: avoid infinite retry looping in netlink_unicast()
Feng Tang (1):
mm/page_alloc: detect allocation forbidden by cpuset and bail out early
Filipe Manana (2):
btrfs: fix log tree replay failure due to file with 0 links and extents
btrfs: fix deadlock when cloning inline extents and using qgroups
Finn Thain (2):
m68k: Don't unregister boot console needlessly
m68k: Fix lost column on framebuffer debug console
Florian Westphal (3):
netfilter: xt_nfacct: don't assume acct name is null-terminated
netfilter: ctnetlink: fix refcount leak on table dump
netfilter: nf_reject: don't leak dst refcount for loopback packets
Gal Pressman (1):
net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs
Gautham R. Shenoy (1):
pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop()
Geoffrey D. Bennett (1):
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Giovanni Cabiddu (1):
crypto: qat - fix seq_file position update in adf_ring_next()
Gokul Sivakumar (1):
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Greg Kroah-Hartman (2):
Revert "vmci: Prevent the dispatching of uninitialized payloads"
Linux 5.10.241
Guchun Chen (1):
drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume
Gui-Dong Han (1):
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Haiyang Zhang (1):
hv_netvsc: Fix panic during namespace deletion with VF
Hans Verkuil (1):
media: v4l2-ctrls: always copy the controls on completion
Hans Zhang (1):
PCI: rockchip-host: Fix "Unexpected Completion" log message
Haoxiang Li (2):
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
ice: Fix a null pointer dereference in ice_copy_and_init_pkg()
Hari Kalavakunta (1):
net: ncsi: Fix buffer overflow in fetching version id
Harry Yoo (1):
mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n
Helge Deller (1):
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
Henry Martin (1):
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Herbert Xu (1):
crypto: marvell/cesa - Fix engine load inaccuracy
Hongyu Xie (1):
xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS
Horatiu Vultur (1):
phy: mscc: Fix parsing of unicast frames
Hsin-Te Yuan (1):
thermal: sysfs: Return ENODATA instead of EAGAIN for reads
Hyejeong Choi (1):
dma-buf: insert memory barrier before updating num_fences
Ian Abbott (10):
comedi: pcl812: Fix bit shift out of bounds
comedi: aio_iiro_16: Fix bit shift out of bounds
comedi: das16m1: Fix bit shift out of bounds
comedi: das6402: Fix bit shift out of bounds
comedi: Fix some signed shift left operations
comedi: Fix use of uninitialized data in insn_rw_emulate_bits()
comedi: Fix initialization of data for instructions that write to subdevice
comedi: comedi_test: Fix possible deletion of uninitialized timers
comedi: fix race between polling and detaching
comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large
Ido Schimmel (1):
mlxsw: spectrum: Forward packets with an IPv4 link-local source IP
Ilan Peer (1):
wifi: cfg80211: Fix interface type validation
Ilya Bakoulin (1):
drm/amd/display: Separate set_gsl from set_gsl_source_select
Imre Deak (1):
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Ioana Ciornei (3):
dpaa2-mac: split up initializing the MAC object from connecting to it
dpaa2-mac: export MAC counters even when in TYPE_FIXED
dpaa2-eth: retry the probe when the MAC is not yet discovered on the bus
Ivan Stepchenko (1):
mtd: fix possible integer overflow in erase_xfer()
Jacek Kowalski (2):
e1000e: disregard NVM checksum on tgp when valid checksum bit is not set
e1000e: ignore uninitialized checksum word on tgp
Jack Xiao (1):
drm/amdgpu: fix incorrect vm flags to map bo
Jakub Acs (1):
net, hsr: reject HSR frame if skb can't hold tag
Jakub Kicinski (2):
netpoll: prevent hanging NAPI when netcons gets enabled
uapi: in6: restore visibility of most IPv6 socket options
James Smart (1):
scsi: lpfc: Fix link down processing to address NULL pointer dereference
Jan Beulich (1):
compiler: remove __ADDRESSABLE_ASM{_STR,}() again
Jan Kara (2):
isofs: Verify inode mode when loading from disk
udf: Verify partition map count
Jason Wang (1):
vhost: fail early when __vhost_add_used() fails
Jason Xing (1):
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Jay Chen (1):
usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command
Jean-Baptiste Maneyrol (1):
iio: imu: inv_icm42600: change invalid data error to -EBUSY
Jeff Layton (1):
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
Jian Shen (2):
net: hns3: refine the struct hane3_tc_info
net: hns3: fixed vf get max channels bug
Jiasheng Jiang (2):
iwlwifi: Add missing check for alloc_ordered_workqueue
scsi: lpfc: Remove redundant assignment to avoid memory leak
Jiaxun Yang (1):
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Jiayi Li (2):
ACPI: processor: perflib: Fix initial _PPC limit application
memstick: Fix deadlock by moving removing flag earlier
Jiayuan Chen (1):
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Jimmy Assarsson (2):
can: kvaser_pciefd: Store device channel index
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Johan Adolfsson (1):
leds: leds-lp50xx: Handle reg to get correct multi_index
Johan Hovold (8):
net: gianfar: fix device leak when querying time stamp info
net: dpaa: fix device leak when querying time stamp info
usb: gadget: udc: renesas_usb3: fix device leak at unbind
usb: dwc3: meson-g12a: fix device leaks at unbind
wifi: ath11k: fix source ring-buffer corruption
USB: cdc-acm: do not log successful probe on later errors
usb: musb: omap2430: fix device leak at unbind
wifi: ath11k: fix dest ring-buffer corruption when ring is full
Johan Korsnes (1):
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
Johannes Berg (1):
wifi: cfg80211: reject HTC bit for management frames
John Ernberg (1):
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
John Garry (2):
scsi: aacraid: Stop using PCI_IRQ_AFFINITY
block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
Jon Hunter (1):
soc/tegra: pmc: Ensure power-domains are in a known state
Jonas Rebmann (1):
net: fec: allow disable coalescing
Jonathan Cameron (1):
iio: light: as73211: Ensure buffer holes are zeroed
Jonathan Santos (1):
iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement
Jorge Ramirez-Ortiz (2):
media: venus: hfi: explicitly release IRQ during teardown
media: venus: protect against spurious interrupts during probe
Jose M. Guisado Gomez (1):
netfilter: nft_reject: unify reject init and dump into nft_reject
Judith Mendez (1):
mmc: sdhci_am654: Workaround for Errata i2312
Juergen Gross (1):
xen/gntdev: remove struct gntdev_copy_batch from stack
Justin Tee (1):
scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure
Kees Cook (3):
arm64: Handle KCOV __init vs inline mismatches
platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches
iommu/amd: Avoid stack buffer overflow from kernel cmdline
Kefeng Wang (1):
asm-generic: Add memory barrier dma_mb()
Kito Xu (veritas501) (1):
net: appletalk: Fix use-after-free in AARP proxy probe
Krishna Kurapati (1):
usb: dwc3: qcom: Don't leave BCR asserted
Krzysztof Kozlowski (1):
ARM: dts: vfxxx: Correctly use two tuples for timer address
Kuen-Han Tsai (1):
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Kuninori Morimoto (3):
ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask()
ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed
ASoC: soc-dai.c: add missing flag check at snd_soc_pcm_dai_probe()
Kuniyuki Iwashima (2):
rpl: Fix use-after-free in rpl_do_srh_inline().
Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()
Laurentiu Mihalcea (1):
pwm: imx-tpm: Reset counter if CMOD is 0
Len Brown (1):
intel_idle: Allow loading ACPI tables for any family
Leo Yan (1):
perf tests bp_account: Fix leaked file descriptor
Leon Romanovsky (1):
RDMA/rxe: Return CQE error if invalid lkey was supplied
Li Zhong (1):
ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value
Lifeng Zheng (4):
cpufreq: Initialize cpufreq-based frequency-invariance later
cpufreq: Init policy->rwsem before it may be possibly used
cpufreq: Exit governor when failed to start old governor
PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store()
Lin.Cao (1):
drm/sched: Remove optimization that causes hang when killing dependent jobs
Lizhi Xu (2):
vmci: Prevent the dispatching of uninitialized payloads
jfs: truncate good inode pages when hard link is 0
Lorenzo Stoakes (4):
mm: drop the assumption that VM_SHARED always implies writable
mm: update memfd seal write check to include F_SEAL_WRITE
mm: reinstate ability to map write-sealed memfd mappings read-only
selftests/memfd: add test for mapping write-sealed memfd read-only
Lucas De Marchi (1):
usb: early: xhci-dbc: Fix early_ioremap leak
Lucy Thrun (1):
ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
Ludwig Disterhof (1):
media: usbtv: Lock resolution while streaming
Luiz Augusto von Dentz (3):
Bluetooth: SMP: If an unallowed command is received consider it a failure
Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout
Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU
Lukas Wunner (1):
PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports
Ma Ke (2):
sunvdc: Balance device refcount in vdc_port_mpgroup_check
dpaa2-eth: Fix device reference count leak in MAC endpoint handling
Maciej W. Rozycki (1):
powerpc/eeh: Rely on dev->link_active_reporting
Mael GUERIN (1):
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Maor Gottlieb (1):
RDMA/core: Rate limit GID cache warning messages
Marco Elver (1):
locking/barriers, kcsan: Support generic instrumentation
Marek Szyprowski (1):
zynq_fpga: use sgtable-based scatterlist wrappers
Marek Vasut (1):
usb: renesas-xhci: Fix External ROM access timeouts
Mario Limonciello (3):
usb: xhci: Avoid showing warnings for dying controller
usb: xhci: Avoid showing errors during surprise removal
drm/amd: Restore cached power limit during resume
Marius Zachmann (1):
hwmon: (corsair-cpro) Validate the size of the received input buffer
Mark Brown (1):
ASoC: hdac_hdmi: Rate limit logging on connection and disconnection
Martin Kaistra (1):
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
Masahiro Yamada (3):
kconfig: qconf: fix ConfigList::updateListAllforAll()
kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed()
kconfig: gconf: fix potential memory leak in renderer_edited()
Masami Hiramatsu (Google) (1):
selftests: tracing: Use mutex_unlock for testing glob filter
Mathias Nyman (5):
usb: hub: fix detection of high tier USB3 devices behind suspended hubs
usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm
usb: hub: Fix flushing of delayed work used for post resume purposes
usb: hub: avoid warm port reset during USB3 disconnect
usb: hub: Don't try to recover devices lost during warm reset.
Matthew Wilcox (Oracle) (1):
XArray: Add calls to might_alloc()
Matthieu Baerts (NGI0) (2):
selftests: mptcp: connect: also cover alt modes
selftests: mptcp: pm: check flush doesn't reset limits
Maulik Shah (1):
pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov
Mauro Carvalho Chehab (1):
media: venus: don't de-reference NULL pointers at IRQ time
Meagan Lloyd (2):
rtc: ds1307: handle oscillator stop flag (OSF) for ds1341
rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe
Meng Li (1):
usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock
Mengbiao Xiong (1):
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Miao Li (1):
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
Miaohe Lin (1):
mm/zsmalloc.c: convert to use kmem_cache_zalloc in cache_alloc_zspage()
Miaoqian Lin (1):
most: core: Drop device reference after usage in get_channel()
Michael Zhivich (1):
x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
Michal Schmidt (1):
benet: fix BUG when creating VFs
Mike Christie (1):
vhost-scsi: Fix log flooding with target does not exist errors
Mikulas Patocka (1):
dm-mpath: don't print the "loaded" message if registering fails
Mina Almasry (1):
netmem: fix skb_frag_address_safe with unreadable skbs
Ming Lei (2):
block: don't call rq_qos_ops->done_bio if the bio isn't tracked
dm rq: don't queue request to blk-mq during DM suspend
Minhong He (1):
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Myrrh Periwinkle (3):
usb: typec: ucsi: Update power_supply on power role change
vt: keyboard: Don't process Unicode characters in K_OFF mode
vt: defkeymap: Map keycodes above 127 to K_HOLE
Nathan Chancellor (5):
phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in pep_sock_accept()
memstick: core: Zero initialize id_reg in h_memstick_read_dev_id()
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS
Niklas Söderlund (1):
gpio: rcar: Use raw_spinlock to protect register access
Nilton Perim Neto (1):
Input: xpad - set correct controller type for Acer NGR200
Ojaswin Mujoo (2):
ext4: fix fsmap end of range reporting with bigalloc
ext4: fix reserved gdt blocks handling in fsmap
Olga Kornievskaia (1):
NFSv4.2: another fix for listxattr
Oliver Neukum (3):
usb: net: sierra: check for no status endpoint
usb: core: usb_submit_urb: downgrade type check
cdc-acm: fix race between initial clearing halt and open
Oscar Maes (1):
net: ipv4: fix incorrect MTU in broadcast routes
Ovidiu Panait (1):
hwrng: mtk - handle devm_pm_runtime_enable errors
Pablo Neira Ayuso (1):
netfilter: nft_reject_inet: allow to use reject from inet ingress
Pagadala Yesu Anjaneyulu (1):
wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect
Pali Rohár (1):
cifs: Fix calling CIFSFindFirst() for root path without msearch
Paul Cercueil (1):
usb: musb: Add and use inline functions musb_{get,set}_state
Paul Chaignon (1):
bpf: Check flow_dissector ctx accesses are aligned
Paul E. McKenney (1):
rcu: Protect ->defer_qs_iw_pending from data race
Paul Kocialkowski (1):
clk: sunxi-ng: v3s: Fix de clock definition
Pavel Begunkov (1):
io_uring: don't use int for ABI
Pavel Tikhomirov (1):
move_mount: allow to add a mount into an existing group
Pawan Gupta (1):
x86/bugs: Avoid warning when overriding return thunk
Peter Oberparleiter (2):
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
s390/hypfs: Enable limited access during lockdown
Peter Robinson (1):
reset: brcmstb: Enable reset drivers for ARCH_BCM2835
Peter Ujfalusi (1):
ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()
Petr Pavlu (1):
module: Restore the moduleparam prefix length check
Phillip Lougher (1):
squashfs: fix memory leak in squashfs_fill_super
Prashant Malani (1):
cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag
Praveen Kaligineedi (1):
gve: Fix stuck TX queue for DQ queue format
Pu Lehui (1):
tracing: Limit access to parser->buffer when trace_get_user failed
Purva Yeshi (1):
md: dm-zoned-target: Initialize return variable r to avoid uninitialized use
Qu Wenruo (1):
btrfs: populate otime when logging an inode item
Quang Le (1):
net/packet: fix a race in packet_set_ring() and packet_notifier()
Rafael J. Wysocki (3):
ACPI: processor: perflib: Move problematic pr->performance check
cpuidle: governors: menu: Avoid using invalid recent intervals data
PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit()
Rand Deeb (1):
wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd()
Randy Dunlap (1):
parisc: Makefile: fix a typo in palo.conf
Ranjan Kumar (1):
scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans
Remi Pommarel (2):
wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key()
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Ricardo Ribalda (2):
media: uvcvideo: Do not mark valid metadata as invalid
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
Ricky Wu (1):
misc: rtsx: usb: Ensure mmc child device is active when card is present
RubenKelevra (1):
fs_context: fix parameter name in infofc() macro
Ryan Lee (1):
apparmor: ensure WB_HISTORY_SIZE value is a power of 2
Ryan Mann (NDI) (1):
USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI
Ryusuke Konishi (1):
nilfs2: reject invalid file types when reading inodes
Sabrina Dubroca (1):
udp: also consider secpath when evaluating ipsec use for checksumming
Sakari Ailus (1):
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Salah Triki (1):
iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe()
Sarah Newman (1):
drbd: add missing kref_get in handle_write_conflicts
Sarthak Garg (1):
mmc: sdhci-msm: Ensure SD card power isn't ON when card removed
Sasha Levin (1):
fs: Prevent file descriptor table allocations exceeding INT_MAX
Sebastian Ott (1):
ACPI: processor: fix acpi_object initialization
Sebastian Reichel (2):
watchdog: dw_wdt: Fix default timeout
usb: typec: fusb302: cache PD RX state
Sergey Bashirov (4):
pNFS: Fix stripe mapping in block/scsi layout
pNFS: Fix disk addr range check in block/scsi layout
pNFS: Handle RPC size limit for layoutcommits
pNFS: Fix uninited ptr deref in block/scsi layout
Sergey Senozhatsky (1):
wifi: ath11k: clear initialized flag for deinit-ed srng lists
Seunghui Lee (1):
scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume
Shankari Anand (1):
kconfig: nconf: Ensure null termination where strncpy is used
Shengjiu Wang (1):
ASoC: fsl_sai: replace regmap_write with regmap_update_bits
Shiji Yang (1):
MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free}
Showrya M N (1):
scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated
Slark Xiao (2):
USB: serial: option: add Foxconn T99W640
USB: serial: option: add Foxconn T99W709
Stanislav Fomichev (1):
vrf: Drop existing dst reference in vrf_ip6_input_dst
Stanislaw Gruszka (1):
wifi: iwlegacy: Check rate_idx range after addition
Stefan Metzmacher (1):
smb: client: let recv_done() cleanup before notifying the callers.
Steven Rostedt (5):
selftests/tracing: Fix false failure of subsystem event test
ktest.pl: Prevent recursion of default variable options
ftrace: Also allocate and copy hash for reading of filter files
tracing: Add down_write(trace_event_sem) when adding trace event
tracing: Remove unneeded goto out logic
Su Hui (1):
usb: xhci: print xhci->xhc_state when queue_command failed
Suchit Karunakaran (1):
kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c
Sven Schnelle (2):
s390/time: Use monotonic clock in get_cycles()
s390/stp: Remove udelay from stp_sync_clock()
Takashi Iwai (4):
ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out()
ALSA: usb-audio: Validate UAC3 power domain descriptors, too
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
Tao Xue (1):
usb: gadget : fix use-after-free in composite_dev_cleanup()
Tetsuo Handa (1):
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
Theodore Ts'o (1):
ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
Thomas Fourier (17):
pch_uart: Fix dma_sync_sg_for_device() nents value
mmc: bcm2835: Fix dma_unmap_sg() nents value
mwl8k: Add missing check after DMA map
crypto: inside-secure - Fix `dma_unmap_sg()` nents value
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
scsi: mvsas: Fix dma_unmap_sg() nents value
scsi: isci: Fix dma_unmap_sg() nents value
crypto: img-hash - Fix dma_unmap_sg() nents value
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
dmaengine: nbpfaxi: Add missing check after DMA map
mtd: rawnand: atmel: Fix dma_mapping_error() address
et131x: Add missing check after DMA map
net: ag71xx: Add missing check after DMA map
(powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer
wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`.
wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc()
mtd: rawnand: fsmc: Add missing check after DMA map
Thomas Gleixner (3):
perf/core: Don't leak AUX buffer refcount on allocation failure
perf/core: Exit early on perf_mmap() fail
perf/core: Prevent VMA split of buffer mappings
Thomas Weißschuh (2):
MIPS: Don't crash in stack_top() for tasks without ABI or vDSO
kbuild: userprogs: use correct linker when mixing clang and GNU ld
Thorsten Blum (1):
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Tigran Mkrtchyan (1):
pNFS/flexfiles: don't attempt pnfs on fatal DS errors
Tim Harvey (1):
hwmon: (gsc-hwmon) fix fan pwm setpoint show functions
Timothy Pearson (5):
PCI: pnv_php: Clean up allocated IRQs on unplug
PCI: pnv_php: Work around switches with broken presence detection
powerpc/eeh: Export eeh_unfreeze_pe()
powerpc/eeh: Make EEH driver device hotplug safe
PCI: pnv_php: Fix surprise plug detection and recovery
Timur Kristóf (5):
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
drm/amd/display: Fix DP audio DTO1 clock source on DCE 6.
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs
drm/amd/display: Don't overclock DCE 6 by 15%
Tomasz Michalec (2):
usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present
platform/chrome: cros_ec_typec: Defer probe on missing EC parent
Trond Myklebust (5):
pNFS/flexfiles: Avoid spurious layout returns in ff_layout_choose_ds_for_read
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
NFS: Don't set NFS_INO_REVAL_PAGECACHE in the inode cache validity
NFSv4: Fix nfs4_bitmap_copy_adjust()
NFS: Fix the setting of capabilities when automounting a new filesystem
Tzung-Bi Shih (2):
platform/chrome: cros_ec: remove unneeded label and if-condition
platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister()
Ulf Hansson (1):
mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode()
Uwe Kleine-König (4):
platform/chrome: cros_ec: Make cros_ec_unregister() return void
pwm: mediatek: Implement .apply() callback
pwm: mediatek: Handle hardware enable and clock enable separately
pwm: mediatek: Fix duty and period setting
Vedang Nagar (1):
media: venus: Add a check for packet size after reading from shared memory
Viacheslav Dubeyko (4):
hfs: fix slab-out-of-bounds in hfs_bnode_read()
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
hfs: fix not erasing deleted b-tree node issue
Victor Shih (1):
mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency
Vladimir Zapolskiy (1):
media: qcom: camss: cleanup media device allocated resource on error path
Waiman Long (2):
mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup()
cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key
Wang Liang (1):
net: drop UFO packets in udp_rcv_segment()
Wang Zhaolong (1):
smb: client: fix use-after-free in crypt_message when using async crypto
Wayne Chang (1):
phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode
Weitao Wang (1):
usb: xhci: Fix slot_id resource race conflict
Wen Chen (1):
drm/amd/display: Fix 'failed to blank crtc!'
Wesley Cheng (1):
usb: dwc3: Remove DWC3 locking during gadget suspend/resume
William Liu (4):
net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
Wolfram Sang (3):
media: usb: hdpvr: disable zero-length read messages
i3c: add missing include to internal header
i3c: don't fail if GETHDRCAP is unsupported
Xiang Mei (2):
net/sched: sch_qfq: Fix race condition on qfq_aggregate
net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class
Xin Long (1):
sctp: linearize cloned gso packets in sctp_rcv
Xinxin Wan (1):
ASoC: codecs: rt5640: Retry DEVICE_ID verification
Xinyu Liu (2):
usb: gadget: configfs: Fix OOB read on empty string write
usb: core: config: Prevent OOB read in SS endpoint companion parsing
Xiu Jianfeng (1):
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Xiumei Mu (1):
selftests: rtnetlink.sh: remove esp4_offload after test
Xu Yang (2):
usb: chipidea: add USB PHY event
usb: phy: mxs: disconnect line when USB charger is attached
Xu Yilun (1):
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Yajun Deng (1):
i40e: Add rx_missed_errors for buffer exhaustion
Yang Xiwen (1):
i2c: qup: jump out of the loop in case of timeout
Yang Yingliang (1):
ptp: Fix possible memory leak in ptp_clock_register()
Yangtao Li (1):
hfsplus: remove mutex_lock check in hfsplus_free_extents
Yann E. MORIN (1):
kconfig: lxdialog: fix 'space' to (de)select options
Yazen Ghannam (1):
x86/mce/amd: Add default names for MCA banks and blocks
Ye Bin (1):
fs/buffer: fix use-after-free when call bh_read() helper
Youngjun Lee (1):
media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()
Yuan Chen (2):
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
pinctrl: sunxi: Fix memory leak on krealloc failure
Yun Lu (2):
af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd()
af_packet: fix soft lockup issue caused by tpacket_snd()
Yunhui Cui (1):
serial: 8250: fix panic due to PSLVERR
Yury Norov [NVIDIA] (1):
RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()
Zenm Chen (1):
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Zhang Lixu (1):
iio: hid-sensor-prox: Fix incorrect OFFSET calculation
Zhang Shurong (1):
media: ov2659: Fix memory leaks in ov2659_probe()
Zhang Yi (1):
ext4: fix hole length calculation overflow in non-extent inodes
Zheng Yu (1):
jfs: fix metapage reference count leak in dbAllocCtl
chenchangcheng (1):
media: uvcvideo: Fix bandwidth issue for Alcor camera
fangzhong.zhou (1):
i2c: Force DLL0945 touchpad i2c freq to 100khz
jackysliu (1):
scsi: bfa: Double-free fix
tuhaowen (1):
PM: sleep: console: Fix the black screen issue
xin.guo (1):
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
Álvaro Fernández Rojas (4):
net: dsa: b53: fix b53_imp_vlan_setup for BCM5325
net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325
net: dsa: b53: prevent SWITCH_CTRL access on BCM5325
net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325
2 weeks, 6 days
- 1
- 1
Linux 5.4.297
by Greg Kroah-Hartman
I'm announcing the release of the 5.4.297 kernel.
All users of the 5.4 kernel series must upgrade.
The updated 5.4.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/firmware-guide/acpi/i2c-muxes.rst | 8
Makefile | 5
arch/arm/Makefile | 2
arch/arm/boot/dts/imx6ul-kontron-n6310-s.dts | 1
arch/arm/boot/dts/vfxxx.dtsi | 2
arch/arm/mach-rockchip/platsmp.c | 15
arch/arm/mach-tegra/reset.c | 2
arch/arm64/include/asm/acpi.h | 2
arch/m68k/Kconfig.debug | 2
arch/m68k/kernel/early_printk.c | 42 -
arch/m68k/kernel/head.S | 39 -
arch/mips/Makefile | 2
arch/mips/include/asm/vpe.h | 8
arch/mips/kernel/process.c | 16
arch/mips/mm/tlb-r4k.c | 56 +
arch/parisc/Makefile | 2
arch/powerpc/configs/ppc6xx_defconfig | 1
arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6
arch/s390/hypfs/hypfs_dbfs.c | 19
arch/s390/include/asm/timex.h | 13
arch/s390/kernel/time.c | 2
arch/x86/kernel/cpu/mce/amd.c | 13
arch/x86/mm/extable.c | 5
drivers/acpi/acpi_processor.c | 2
drivers/acpi/apei/ghes.c | 2
drivers/acpi/processor_idle.c | 4
drivers/acpi/processor_perflib.c | 11
drivers/ata/Kconfig | 35 -
drivers/ata/libata-scsi.c | 20
drivers/base/power/domain_governor.c | 18
drivers/base/power/runtime.c | 5
drivers/block/drbd/drbd_receiver.c | 6
drivers/block/sunvdc.c | 4
drivers/char/hw_random/mtk-rng.c | 4
drivers/char/ipmi/ipmi_msghandler.c | 8
drivers/char/ipmi/ipmi_watchdog.c | 59 +-
drivers/clk/davinci/psc.c | 5
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3
drivers/cpufreq/armada-8k-cpufreq.c | 2
drivers/cpufreq/cpufreq.c | 11
drivers/crypto/ccp/ccp-debugfs.c | 3
drivers/crypto/img-hash.c | 2
drivers/crypto/marvell/cipher.c | 4
drivers/crypto/marvell/hash.c | 5
drivers/crypto/qat/qat_common/adf_transport_debug.c | 4
drivers/dma/mv_xor.c | 21
drivers/dma/nbpfaxi.c | 24
drivers/fpga/zynq-fpga.c | 10
drivers/gpio/gpio-tps65912.c | 7
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4
drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2
drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 30 -
drivers/gpu/drm/amd/powerplay/hwmgr/smu_helper.c | 2
drivers/gpu/drm/drm_dp_helper.c | 2
drivers/gpu/drm/scheduler/sched_entity.c | 23
drivers/hid/hid-core.c | 19
drivers/i2c/busses/i2c-qup.c | 4
drivers/i2c/busses/i2c-stm32.c | 8
drivers/i2c/busses/i2c-stm32f7.c | 4
drivers/i3c/internals.h | 1
drivers/i3c/master.c | 2
drivers/iio/adc/max1363.c | 43 -
drivers/iio/adc/stm32-adc-core.c | 7
drivers/iio/light/hid-sensor-prox.c | 3
drivers/iio/proximity/isl29501.c | 16
drivers/infiniband/core/cache.c | 4
drivers/infiniband/hw/hfi1/affinity.c | 44 -
drivers/input/joystick/xpad.c | 2
drivers/media/dvb-frontends/dib7000p.c | 8
drivers/media/i2c/ov2659.c | 3
drivers/media/i2c/tc358743.c | 86 +-
drivers/media/platform/qcom/camss/camss.c | 4
drivers/media/platform/qcom/venus/core.c | 8
drivers/media/platform/qcom/venus/core.h | 2
drivers/media/platform/qcom/venus/hfi_venus.c | 5
drivers/media/platform/qcom/venus/vdec.c | 5
drivers/media/usb/gspca/vicam.c | 10
drivers/media/usb/hdpvr/hdpvr-i2c.c | 6
drivers/media/usb/rainshadow-cec/rainshadow-cec.c | 3
drivers/media/usb/usbtv/usbtv-video.c | 4
drivers/media/usb/uvc/uvc_driver.c | 3
drivers/media/usb/uvc/uvc_video.c | 21
drivers/media/v4l2-core/v4l2-ctrls.c | 37 +
drivers/memstick/core/memstick.c | 3
drivers/memstick/host/rtsx_usb_ms.c | 1
drivers/misc/cardreader/rtsx_usb.c | 16
drivers/mmc/host/bcm2835.c | 3
drivers/mmc/host/rtsx_usb_sdmmc.c | 4
drivers/mmc/host/sdhci-pci-core.c | 3
drivers/mmc/host/sdhci_am654.c | 9
drivers/mtd/ftl.c | 2
drivers/mtd/nand/raw/atmel/nand-controller.c | 2
drivers/mtd/nand/raw/atmel/pmecc.c | 6
drivers/mtd/nand/raw/fsmc_nand.c | 2
drivers/net/can/kvaser_pciefd.c | 1
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1
drivers/net/dsa/b53/b53_common.c | 33 -
drivers/net/dsa/b53/b53_regs.h | 1
drivers/net/ethernet/agere/et131x.c | 36 +
drivers/net/ethernet/atheros/ag71xx.c | 9
drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4
drivers/net/ethernet/emulex/benet/be_cmds.c | 2
drivers/net/ethernet/emulex/benet/be_main.c | 8
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4
drivers/net/ethernet/freescale/fec_main.c | 34 -
drivers/net/ethernet/freescale/gianfar_ethtool.c | 4
drivers/net/ethernet/intel/fm10k/fm10k.h | 3
drivers/net/ethernet/intel/i40e/i40e.h | 2
drivers/net/ethernet/intel/ice/ice_flex_pipe.c | 2
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4
drivers/net/ethernet/xilinx/xilinx_emaclite.c | 2
drivers/net/phy/smsc.c | 1
drivers/net/ppp/pptp.c | 18
drivers/net/usb/sierra_net.c | 4
drivers/net/usb/usbnet.c | 11
drivers/net/virtio_net.c | 38 +
drivers/net/vrf.c | 2
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 8
drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2
drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11
drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2
drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4
drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2
drivers/net/wireless/marvell/mwl8k.c | 4
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3
drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2
drivers/net/wireless/realtek/rtlwifi/pci.c | 18
drivers/pci/controller/pcie-rockchip-host.c | 2
drivers/pci/endpoint/pci-ep-cfs.c | 1
drivers/pci/endpoint/pci-epf-core.c | 2
drivers/pci/hotplug/pnv_php.c | 90 ++-
drivers/pci/pci-acpi.c | 4
drivers/pci/pci.c | 8
drivers/pci/probe.c | 2
drivers/pinctrl/stm32/pinctrl-stm32.c | 1
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11
drivers/platform/x86/thinkpad_acpi.c | 4
drivers/power/supply/bq24190_charger.c | 60 --
drivers/power/supply/max14577_charger.c | 4
drivers/pps/pps.c | 11
drivers/pwm/pwm-imx-tpm.c | 9
drivers/pwm/pwm-mediatek.c | 78 +-
drivers/regulator/core.c | 1
drivers/rtc/rtc-ds1307.c | 17
drivers/rtc/rtc-hym8563.c | 2
drivers/rtc/rtc-pcf8563.c | 2
drivers/scsi/aacraid/comminit.c | 3
drivers/scsi/bfa/bfad_im.c | 1
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6
drivers/scsi/isci/request.c | 2
drivers/scsi/libiscsi.c | 3
drivers/scsi/lpfc/lpfc_debugfs.c | 1
drivers/scsi/lpfc/lpfc_scsi.c | 4
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19
drivers/scsi/mvsas/mv_sas.c | 4
drivers/scsi/qla4xxx/ql4_os.c | 2
drivers/scsi/scsi_scan.c | 2
drivers/scsi/scsi_transport_sas.c | 60 +-
drivers/soc/aspeed/aspeed-lpc-snoop.c | 13
drivers/soc/qcom/mdt_loader.c | 41 +
drivers/soc/tegra/pmc.c | 51 -
drivers/soundwire/stream.c | 2
drivers/staging/comedi/comedi_compat32.c | 3
drivers/staging/comedi/comedi_fops.c | 58 +
drivers/staging/comedi/comedi_internal.h | 1
drivers/staging/comedi/drivers.c | 30 -
drivers/staging/comedi/drivers/aio_iiro_16.c | 3
drivers/staging/comedi/drivers/comedi_test.c | 2
drivers/staging/comedi/drivers/das16m1.c | 3
drivers/staging/comedi/drivers/das6402.c | 3
drivers/staging/comedi/drivers/pcl812.c | 3
drivers/staging/fbtft/fbtft-core.c | 1
drivers/staging/media/imx/imx-media-csc-scaler.c | 2
drivers/staging/nvec/nvec_power.c | 2
drivers/thermal/thermal_sysfs.c | 9
drivers/thunderbolt/domain.c | 2
drivers/tty/serial/8250/8250_port.c | 3
drivers/tty/serial/pch_uart.c | 2
drivers/tty/vt/defkeymap.c_shipped | 112 +++
drivers/tty/vt/keyboard.c | 2
drivers/usb/atm/cxacru.c | 106 +--
drivers/usb/chipidea/ci.h | 18
drivers/usb/chipidea/udc.c | 89 +--
drivers/usb/class/cdc-acm.c | 13
drivers/usb/core/hub.c | 67 ++
drivers/usb/core/quirks.c | 1
drivers/usb/core/urb.c | 2
drivers/usb/dwc3/dwc3-meson-g12a.c | 3
drivers/usb/dwc3/dwc3-qcom.c | 8
drivers/usb/dwc3/gadget.c | 9
drivers/usb/early/xhci-dbc.c | 4
drivers/usb/gadget/composite.c | 5
drivers/usb/gadget/configfs.c | 2
drivers/usb/gadget/udc/renesas_usb3.c | 1
drivers/usb/host/xhci-hub.c | 3
drivers/usb/host/xhci-mem.c | 24
drivers/usb/host/xhci-plat.c | 3
drivers/usb/host/xhci-ring.c | 19
drivers/usb/host/xhci.c | 24
drivers/usb/host/xhci.h | 3
drivers/usb/musb/musb_gadget.c | 2
drivers/usb/musb/omap2430.c | 10
drivers/usb/phy/phy-mxs-usb.c | 4
drivers/usb/serial/ftdi_sio.c | 2
drivers/usb/serial/ftdi_sio_ids.h | 3
drivers/usb/serial/option.c | 7
drivers/usb/storage/realtek_cr.c | 2
drivers/usb/storage/unusual_devs.h | 29
drivers/usb/typec/tcpm/fusb302.c | 8
drivers/vhost/vhost.c | 3
drivers/video/console/vgacon.c | 2
drivers/video/fbdev/imxfb.c | 9
drivers/watchdog/dw_wdt.c | 2
drivers/watchdog/ziirave_wdt.c | 3
fs/btrfs/tree-log.c | 53 +
fs/buffer.c | 2
fs/cifs/cifsglob.h | 1
fs/cifs/cifssmb.c | 10
fs/cifs/smbdirect.c | 14
fs/cifs/transport.c | 34 -
fs/ext4/fsmap.c | 23
fs/ext4/inline.c | 19
fs/ext4/inode.c | 2
fs/f2fs/f2fs.h | 2
fs/f2fs/inode.c | 28
fs/f2fs/node.c | 10
fs/file.c | 81 +-
fs/hfs/bnode.c | 93 +++
fs/hfsplus/bnode.c | 92 +++
fs/hfsplus/extents.c | 3
fs/hfsplus/unicode.c | 7
fs/hfsplus/xattr.c | 6
fs/hugetlbfs/inode.c | 2
fs/isofs/inode.c | 9
fs/jbd2/checkpoint.c | 1
fs/jfs/file.c | 3
fs/jfs/inode.c | 2
fs/jfs/jfs_dmap.c | 10
fs/namespace.c | 89 ++-
fs/nfs/blocklayout/blocklayout.c | 4
fs/nfs/blocklayout/dev.c | 5
fs/nfs/blocklayout/extent_tree.c | 20
fs/nfs/client.c | 44 +
fs/nfs/direct.c | 13
fs/nfs/export.c | 11
fs/nfs/inode.c | 6
fs/nfs/internal.h | 1
fs/nfs/nfs4client.c | 13
fs/nfs/nfs4proc.c | 35 -
fs/nfs/pnfs.c | 11
fs/nfs/write.c | 11
fs/nfsd/nfs4state.c | 34 -
fs/nilfs2/inode.c | 9
fs/orangefs/orangefs-debugfs.c | 8
fs/squashfs/super.c | 14
fs/udf/super.c | 13
include/linux/fs.h | 4
include/linux/if_vlan.h | 6
include/linux/mm.h | 26
include/linux/moduleparam.h | 5
include/linux/nfs_fs.h | 2
include/linux/pci.h | 1
include/linux/pps_kernel.h | 1
include/linux/skbuff.h | 31 +
include/linux/usb/chipidea.h | 1
include/linux/usb/usbnet.h | 1
include/net/act_api.h | 25
include/net/cfg80211.h | 2
include/net/sch_generic.h | 13
include/net/udp.h | 24
include/uapi/linux/in6.h | 4
include/uapi/linux/io_uring.h | 2
include/uapi/linux/mount.h | 3
kernel/events/core.c | 20
kernel/fork.c | 2
kernel/power/console.c | 7
kernel/rcu/tree_plugin.h | 3
kernel/trace/ftrace.c | 19
kernel/trace/trace_events.c | 5
mm/filemap.c | 2
mm/hmm.c | 2
mm/kmemleak.c | 120 ++--
mm/madvise.c | 2
mm/mmap.c | 26
mm/shmem.c | 2
mm/zsmalloc.c | 6
net/8021q/vlan.c | 42 +
net/8021q/vlan.h | 1
net/appletalk/aarp.c | 42 +
net/appletalk/ddp.c | 7
net/bluetooth/hci_sysfs.c | 15
net/bluetooth/l2cap_core.c | 26
net/bluetooth/l2cap_sock.c | 3
net/bluetooth/smp.c | 21
net/bluetooth/smp.h | 1
net/caif/cfctrl.c | 294 ++++------
net/core/filter.c | 3
net/core/netpoll.c | 7
net/ipv4/route.c | 1
net/ipv4/tcp_input.c | 3
net/ipv4/udp_offload.c | 2
net/ipv6/ip6_offload.c | 4
net/ipv6/seg6_hmac.c | 3
net/mac80211/tx.c | 1
net/ncsi/internal.h | 2
net/ncsi/ncsi-rsp.c | 1
net/netfilter/nf_conntrack_netlink.c | 24
net/netfilter/nf_tables_api.c | 4
net/netfilter/xt_nfacct.c | 4
net/netlink/af_netlink.c | 2
net/packet/af_packet.c | 39 -
net/phonet/pep.c | 2
net/sched/act_api.c | 14
net/sched/act_csum.c | 4
net/sched/act_ct.c | 10
net/sched/act_gact.c | 14
net/sched/act_mirred.c | 55 +
net/sched/act_police.c | 5
net/sched/act_tunnel_key.c | 2
net/sched/act_vlan.c | 9
net/sched/sch_cake.c | 14
net/sched/sch_codel.c | 5
net/sched/sch_drr.c | 7
net/sched/sch_fq_codel.c | 6
net/sched/sch_hfsc.c | 8
net/sched/sch_htb.c | 6
net/sched/sch_netem.c | 40 +
net/sched/sch_qfq.c | 40 -
net/sched/sch_sfq.c | 114 ++-
net/sctp/input.c | 2
net/tls/tls_sw.c | 13
net/vmw_vsock/af_vsock.c | 3
net/wireless/mlme.c | 3
samples/mei/mei-amt-version.c | 2
scripts/Kbuild.include | 8
scripts/kconfig/gconf.c | 8
scripts/kconfig/lxdialog/inputbox.c | 6
scripts/kconfig/lxdialog/menubox.c | 2
scripts/kconfig/nconf.c | 2
scripts/kconfig/nconf.gui.c | 1
security/inode.c | 2
sound/pci/hda/patch_ca0132.c | 2
sound/pci/hda/patch_hdmi.c | 19
sound/pci/intel8x0.c | 2
sound/soc/codecs/hdac_hdmi.c | 10
sound/soc/codecs/rt5640.c | 5
sound/soc/fsl/fsl_sai.c | 14
sound/soc/intel/boards/Kconfig | 2
sound/soc/soc-dapm.c | 4
sound/soc/soc-ops.c | 26
sound/usb/mixer_quirks.c | 14
sound/usb/mixer_scarlett_gen2.c | 9
sound/usb/stream.c | 25
sound/usb/validate.c | 14
tools/bpf/bpftool/net.c | 15
tools/perf/tests/bp_account.c | 1
tools/power/cpupower/utils/idle_monitor/mperf_monitor.c | 4
tools/testing/ktest/ktest.pl | 5
tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc | 2
tools/testing/selftests/futex/include/futextest.h | 11
tools/testing/selftests/net/forwarding/tc_actions.sh | 72 ++
tools/testing/selftests/net/rtnetlink.sh | 6
365 files changed, 3516 insertions(+), 1487 deletions(-)
Aaron Kling (1):
ARM: tegra: Use I/O memcpy to write to IRAM
Abdun Nihaal (1):
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Al Viro (3):
securityfs: don't pin dentries twice, once is enough...
use uniform permission checks for all mount propagation changes
alloc_fdtable(): change calling conventions.
Alessandro Carminati (1):
regulator: core: fix NULL dereference on unbind due to stale coupling data
Alex Guo (2):
media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()
media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar
Alexander Kochetkov (1):
ARM: rockchip: fix kernel hang during smp initialization
Alok Tiwari (5):
net: emaclite: Fix missing pointer increment in aligned_read()
staging: nvec: Fix incorrect null termination of battery manufacturer
ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4
be2net: Use correct byte order and format string for TCP seq and ack_seq
net: thunderx: Fix format-truncation warning in bgx_acpi_match_id()
Amir Mohammad Jahangirzad (1):
fs/orangefs: use snprintf() instead of sprintf()
Ammar Faizi (1):
net: usbnet: Fix the wrong netif_carrier_on() call
Andreas Dilger (1):
ext4: check fast symlink for ea_inode correctly
Andrew Jeffery (2):
soc: aspeed: lpc-snoop: Cleanup resources in stack-order
soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled
Andrew Lunn (1):
net: appletalk: fix kerneldoc warnings
Andy Shevchenko (2):
Documentation: ACPI: Fix parent device references
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Annette Kobou (1):
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Arnaud Lecomte (1):
jfs: upper bound check of tree index in dbAllocAG
Arnd Bergmann (4):
ethernet: intel: fix building with large NR_CPUS
ASoC: Intel: fix SND_SOC_SOF dependencies
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
caif: reduce stack size, again
Arun Raghavan (1):
ASoC: fsl_sai: Force a software reset when starting in consumer mode
Avraham Stern (1):
wifi: iwlwifi: mvm: fix scan request validation
Balamanikandan Gunasundar (1):
mtd: rawnand: atmel: set pmecc data setup time
Baokun Li (1):
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
Bard Liao (1):
soundwire: stream: restore params when prepare ports fail
Bartosz Golaszewski (1):
gpio: tps65912: check the return value of regmap_update_bits()
Benjamin Tissoires (3):
HID: core: ensure the allocated report buffer can contain the reserved report ID
HID: core: ensure __hid_request reserves the report ID as the first byte
HID: core: do not bypass hid_hw_raw_request
Bjorn Andersson (1):
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
Brahmajit Das (1):
samples: mei: Fix building on musl libc
Breno Leitao (3):
ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path
ipmi: Use dev_warn_ratelimited() for incorrect message warnings
mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
Brian Masney (3):
rtc: ds1307: fix incorrect maximum clock rate handling
rtc: hym8563: fix incorrect maximum clock rate handling
rtc: pcf8563: fix incorrect maximum clock rate handling
Buday Csaba (1):
net: phy: smsc: add proper reset flags for LAN8710A
Budimir Markovic (1):
vsock: Do not allow binding to VMADDR_PORT_ANY
Bui Quang Minh (1):
virtio-net: ensure the received length does not exceed allocated size
Chao Yu (5):
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
f2fs: fix to avoid panic in f2fs_evict_inode
f2fs: fix to avoid out-of-boundary access in devs.path
f2fs: fix to do sanity check on ino and xnid
f2fs: fix to avoid out-of-boundary access in dnode page
Charles Han (1):
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Cheick Traore (1):
pinctrl: stm32: Manage irq affinity settings
Chen Ni (1):
iio: adc: stm32-adc: Fix race in installing chained IRQ handler
Chenyuan Yang (1):
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Clément Le Goffic (1):
i2c: stm32: fix the device used for the DMA map
Cong Wang (4):
sch_drr: make drr_qlen_notify() idempotent
sch_hfsc: make hfsc_qlen_notify() idempotent
sch_qfq: make qfq_qlen_notify() idempotent
codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
Corey Minyard (1):
ipmi: Fix strcpy source and destination the same
Cristian Ciocaltea (1):
ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros
Cynthia Huang (1):
selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t
Dai Ngo (1):
NFSD: detect mismatch of file handle and delegation stateid in OPEN op
Damien Le Moal (5):
scsi: mpt3sas: Correctly handle ATA device errors
ata: libata-scsi: Fix ata_to_sense_error() status handling
PCI: endpoint: Fix configfs group list head handling
PCI: endpoint: Fix configfs group removal on driver teardown
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
Dan Carpenter (7):
dmaengine: nbpfaxi: Fix memory corruption in probe()
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
fs/orangefs: Allow 2 more characters in do_c_string()
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
media: gspca: Add bounds checking to firmware parser
scsi: qla4xxx: Prevent a potential error pointer dereference
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Daniel Dadap (1):
ALSA: hda: Add missing NVIDIA HDA codec IDs
Daniil Dulov (1):
wifi: rtl818x: Kill URBs before clearing tx status queue
Dave Hansen (1):
x86/fpu: Delay instruction pointer fixup until after warning
Dave Stevenson (3):
media: tc358743: Check I2C succeeded during probe
media: tc358743: Return an appropriate colorspace from tc358743_set_fmt
media: tc358743: Increase FIFO trigger level to 374
David Lechner (1):
iio: proximity: isl29501: fix buffered read on big-endian systems
Davide Caratti (2):
net/sched: act_mirred: better wording on protection against excessive stack growth
act_mirred: use the backlog for nested calls to mirred ingress
Denis OSTERLAND-HEIM (1):
pps: fix poll support
Dinghao Liu (1):
power: supply: bq24190_charger: Fix runtime PM imbalance on error
Dmitry Antipov (1):
Bluetooth: fix use-after-free in device_for_each_child()
Dong Chenchen (1):
net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime
Drew Hamilton (1):
usb: musb: fix gadget state on disconnect
Edson Juliano Drosdeck (1):
mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models
Edward Adam Davis (1):
jfs: Regular file corruption check
Eric Biggers (1):
thunderbolt: Fix copy+paste error in match_service_id()
Eric Dumazet (6):
net_sched: sch_sfq: annotate data-races around q->perturb_period
net_sched: sch_sfq: handle bigger packets
net_sched: sch_sfq: reject invalid perturb period
pptp: ensure minimal skb length in pptp_xmit()
ipv6: reject malicious packets in ipv6_gso_segment()
pptp: fix pptp_xmit() error path
Fabio Estevam (2):
iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[]
iio: adc: max1363: Reorder mode_list[] entries
Fabio Porcedda (1):
USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition
Fedor Pchelkin (3):
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
netfilter: nf_tables: adjust lockdep assertions handling
netlink: avoid infinite retry looping in netlink_unicast()
Filipe Manana (1):
btrfs: fix log tree replay failure due to file with 0 links and extents
Finn Thain (2):
m68k: Don't unregister boot console needlessly
m68k: Fix lost column on framebuffer debug console
Florian Westphal (2):
netfilter: xt_nfacct: don't assume acct name is null-terminated
netfilter: ctnetlink: fix refcount leak on table dump
Frederic Barrat (2):
pci/hotplug/pnv-php: Improve error msg on power state change failure
pci/hotplug/pnv-php: Wrap warnings in macro
Gal Pressman (1):
net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs
Gautham R. Shenoy (1):
pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop()
Geoffrey D. Bennett (1):
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Giovanni Cabiddu (1):
crypto: qat - fix seq_file position update in adf_ring_next()
Gokul Sivakumar (1):
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Greg Kroah-Hartman (2):
Revert "vmci: Prevent the dispatching of uninitialized payloads"
Linux 5.4.297
Gui-Dong Han (1):
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Hans Verkuil (1):
media: v4l2-ctrls: always copy the controls on completion
Hans Zhang (1):
PCI: rockchip-host: Fix "Unexpected Completion" log message
Haoxiang Li (2):
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
ice: Fix a null pointer dereference in ice_copy_and_init_pkg()
Hari Kalavakunta (1):
net: ncsi: Fix buffer overflow in fetching version id
Harry Yoo (1):
mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n
He Zhe (1):
mm/kmemleak: turn kmemleak_lock and object->lock to raw_spinlock_t
Helge Deller (1):
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
Henry Martin (1):
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Herbert Xu (1):
crypto: marvell/cesa - Fix engine load inaccuracy
Hongyu Xie (1):
xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS
Hsin-Te Yuan (1):
thermal: sysfs: Return ENODATA instead of EAGAIN for reads
Ian Abbott (10):
comedi: pcl812: Fix bit shift out of bounds
comedi: aio_iiro_16: Fix bit shift out of bounds
comedi: das16m1: Fix bit shift out of bounds
comedi: das6402: Fix bit shift out of bounds
comedi: Fix some signed shift left operations
comedi: Fix use of uninitialized data in insn_rw_emulate_bits()
comedi: comedi_test: Fix possible deletion of uninitialized timers
comedi: fix race between polling and detaching
comedi: Fix initialization of data for instructions that write to subdevice
comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large
Ilan Peer (1):
wifi: cfg80211: Fix interface type validation
Imre Deak (1):
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Ivan Stepchenko (1):
mtd: fix possible integer overflow in erase_xfer()
Jack Xiao (1):
drm/amdgpu: fix incorrect vm flags to map bo
Jakub Kicinski (2):
netpoll: prevent hanging NAPI when netcons gets enabled
uapi: in6: restore visibility of most IPv6 socket options
Jan Kara (2):
isofs: Verify inode mode when loading from disk
udf: Verify partition map count
Jason Wang (1):
vhost: fail early when __vhost_add_used() fails
Jason Xing (1):
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Jay Chen (1):
usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command
Jeff Layton (1):
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
Jiasheng Jiang (2):
iwlwifi: Add missing check for alloc_ordered_workqueue
scsi: lpfc: Remove redundant assignment to avoid memory leak
Jiaxun Yang (1):
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Jiayi Li (2):
ACPI: processor: perflib: Fix initial _PPC limit application
memstick: Fix deadlock by moving removing flag earlier
Jiayuan Chen (1):
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Jimmy Assarsson (2):
can: kvaser_pciefd: Store device channel index
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Jiri Pirko (1):
selftests: forwarding: tc_actions.sh: add matchall mirror test
Johan Hovold (6):
net: gianfar: fix device leak when querying time stamp info
net: dpaa: fix device leak when querying time stamp info
usb: gadget: udc: renesas_usb3: fix device leak at unbind
usb: dwc3: meson-g12a: fix device leaks at unbind
USB: cdc-acm: do not log successful probe on later errors
usb: musb: omap2430: fix device leak at unbind
Johan Korsnes (1):
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
Johannes Berg (1):
wifi: cfg80211: reject HTC bit for management frames
John Ernberg (1):
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
John Garry (1):
scsi: aacraid: Stop using PCI_IRQ_AFFINITY
Jon Hunter (1):
soc/tegra: pmc: Ensure power-domains are in a known state
Jonas Rebmann (1):
net: fec: allow disable coalescing
Jorge Ramirez-Ortiz (2):
media: venus: protect against spurious interrupts during probe
media: venus: hfi: explicitly release IRQ during teardown
Josef Bacik (1):
nfs: fix UAF in direct writes
Judith Mendez (1):
mmc: sdhci_am654: Workaround for Errata i2312
Jun Li (1):
usb: chipidea: udc: protect usb interrupt enable
Justin Tee (1):
scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure
Kees Cook (2):
arm64: Handle KCOV __init vs inline mismatches
platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches
Kito Xu (veritas501) (1):
net: appletalk: Fix use-after-free in AARP proxy probe
Krishna Kurapati (1):
usb: dwc3: qcom: Don't leave BCR asserted
Krzysztof Kozlowski (1):
ARM: dts: vfxxx: Correctly use two tuples for timer address
Kuen-Han Tsai (1):
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Kuninori Morimoto (1):
ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed
Kuniyuki Iwashima (1):
Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()
Laurentiu Mihalcea (1):
pwm: imx-tpm: Reset counter if CMOD is 0
Leo Yan (1):
perf tests bp_account: Fix leaked file descriptor
Li Zhong (1):
ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value
Lifeng Zheng (2):
cpufreq: Init policy->rwsem before it may be possibly used
cpufreq: Exit governor when failed to start old governor
Lin.Cao (1):
drm/sched: Remove optimization that causes hang when killing dependent jobs
Lizhi Xu (2):
vmci: Prevent the dispatching of uninitialized payloads
jfs: truncate good inode pages when hard link is 0
Lorenzo Stoakes (3):
mm: drop the assumption that VM_SHARED always implies writable
mm: update memfd seal write check to include F_SEAL_WRITE
mm: perform the mapping_map_writable() check after call_mmap()
Lucas De Marchi (1):
usb: early: xhci-dbc: Fix early_ioremap leak
Lucy Thrun (1):
ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
Ludwig Disterhof (1):
media: usbtv: Lock resolution while streaming
Luiz Augusto von Dentz (3):
Bluetooth: SMP: If an unallowed command is received consider it a failure
Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout
Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU
Lukas Wunner (1):
PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports
Ma Ke (1):
sunvdc: Balance device refcount in vdc_port_mpgroup_check
Mael GUERIN (1):
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Maor Gottlieb (1):
RDMA/core: Rate limit GID cache warning messages
Marek Szyprowski (1):
zynq_fpga: use sgtable-based scatterlist wrappers
Mario Limonciello (2):
usb: xhci: Avoid showing warnings for dying controller
usb: xhci: Avoid showing errors during surprise removal
Mark Brown (1):
ASoC: hdac_hdmi: Rate limit logging on connection and disconnection
Martin Kaistra (1):
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
Masahiro Yamada (3):
kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed()
kconfig: gconf: fix potential memory leak in renderer_edited()
kbuild: add $(CLANG_FLAGS) to KBUILD_CPPFLAGS
Masami Hiramatsu (Google) (1):
selftests: tracing: Use mutex_unlock for testing glob filter
Mathias Nyman (4):
usb: hub: fix detection of high tier USB3 devices behind suspended hubs
usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm
usb: hub: avoid warm port reset during USB3 disconnect
usb: hub: Don't try to recover devices lost during warm reset.
Maulik Shah (1):
pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov
Meagan Lloyd (2):
rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe
rtc: ds1307: handle oscillator stop flag (OSF) for ds1341
Mengbiao Xiong (1):
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Miao Li (1):
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
Miaohe Lin (1):
mm/zsmalloc.c: convert to use kmem_cache_zalloc in cache_alloc_zspage()
Michal Schmidt (1):
benet: fix BUG when creating VFs
Mina Almasry (1):
netmem: fix skb_frag_address_safe with unreadable skbs
Minghao Chi (1):
power: supply: bq24190_charger: using pm_runtime_resume_and_get instead of pm_runtime_get_sync
Minhong He (1):
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Myrrh Periwinkle (2):
vt: keyboard: Don't process Unicode characters in K_OFF mode
vt: defkeymap: Map keycodes above 127 to K_HOLE
Nathan Chancellor (8):
phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in pep_sock_accept()
memstick: core: Zero initialize id_reg in h_memstick_read_dev_id()
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS
mips: Include KBUILD_CPPFLAGS in CHECKFLAGS invocation
kbuild: Add CLANG_FLAGS to as-instr
kbuild: Add KBUILD_CPPFLAGS to as-option invocation
Nick Desaulniers (1):
kbuild: Update assembler calls to use proper flags and language target
Nilton Perim Neto (1):
Input: xpad - set correct controller type for Acer NGR200
Octavian Purdila (3):
net_sched: sch_sfq: don't allow 1 packet limit
net_sched: sch_sfq: use a temporary work area for validating configuration
net_sched: sch_sfq: move the limit validation
Ojaswin Mujoo (2):
ext4: fix fsmap end of range reporting with bigalloc
ext4: fix reserved gdt blocks handling in fsmap
Oliver Neukum (3):
usb: net: sierra: check for no status endpoint
usb: core: usb_submit_urb: downgrade type check
cdc-acm: fix race between initial clearing halt and open
Oscar Maes (1):
net: ipv4: fix incorrect MTU in broadcast routes
Ovidiu Panait (1):
hwrng: mtk - handle devm_pm_runtime_enable errors
Pagadala Yesu Anjaneyulu (1):
wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect
Pali Rohár (1):
cifs: Fix calling CIFSFindFirst() for root path without msearch
Paul Chaignon (1):
bpf: Check flow_dissector ctx accesses are aligned
Paul E. McKenney (1):
rcu: Protect ->defer_qs_iw_pending from data race
Paul Kocialkowski (1):
clk: sunxi-ng: v3s: Fix de clock definition
Pavel Begunkov (1):
io_uring: don't use int for ABI
Pavel Tikhomirov (1):
move_mount: allow to add a mount into an existing group
Peter Chen (3):
usb: chipidea: udc: add new API ci_hdrc_gadget_connect
usb: chipidea: introduce CI_HDRC_CONTROLLER_VBUS_EVENT glue layer use
usb: chipidea: udc: fix sleeping function called from invalid context
Peter Oberparleiter (2):
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
s390/hypfs: Enable limited access during lockdown
Petr Pavlu (1):
module: Restore the moduleparam prefix length check
Phillip Lougher (1):
squashfs: fix memory leak in squashfs_fill_super
Qu Wenruo (1):
btrfs: populate otime when logging an inode item
Quang Le (1):
net/packet: fix a race in packet_set_ring() and packet_notifier()
Rafael J. Wysocki (2):
ACPI: processor: perflib: Move problematic pr->performance check
PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit()
Rand Deeb (1):
wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd()
Randy Dunlap (1):
parisc: Makefile: fix a typo in palo.conf
Ranjan Kumar (1):
scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans
Remi Pommarel (1):
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Ricardo Ribalda (2):
media: uvcvideo: Do not mark valid metadata as invalid
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
Ricky Wu (1):
misc: rtsx: usb: Ensure mmc child device is active when card is present
Ryan Mann (NDI) (1):
USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI
Ryusuke Konishi (1):
nilfs2: reject invalid file types when reading inodes
Sabrina Dubroca (1):
udp: also consider secpath when evaluating ipsec use for checksumming
Sakari Ailus (1):
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Sarah Newman (1):
drbd: add missing kref_get in handle_write_conflicts
Sasha Levin (1):
fs: Prevent file descriptor table allocations exceeding INT_MAX
Sebastian Ott (1):
ACPI: processor: fix acpi_object initialization
Sebastian Reichel (2):
watchdog: dw_wdt: Fix default timeout
usb: typec: fusb302: cache PD RX state
Sergey Bashirov (4):
pNFS: Fix stripe mapping in block/scsi layout
pNFS: Fix disk addr range check in block/scsi layout
pNFS: Handle RPC size limit for layoutcommits
pNFS: Fix uninited ptr deref in block/scsi layout
Shankari Anand (1):
kconfig: nconf: Ensure null termination where strncpy is used
Shiji Yang (1):
MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free}
Showrya M N (1):
scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated
Slark Xiao (2):
USB: serial: option: add Foxconn T99W640
USB: serial: option: add Foxconn T99W709
Stanislav Fomichev (1):
vrf: Drop existing dst reference in vrf_ip6_input_dst
Stanislaw Gruszka (1):
wifi: iwlegacy: Check rate_idx range after addition
Stefan Metzmacher (1):
smb: client: let recv_done() cleanup before notifying the callers.
Steven Rostedt (3):
ktest.pl: Prevent recursion of default variable options
ftrace: Also allocate and copy hash for reading of filter files
tracing: Add down_write(trace_event_sem) when adding trace event
Su Hui (1):
usb: xhci: print xhci->xhc_state when queue_command failed
Suchit Karunakaran (1):
kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c
Sven Schnelle (2):
s390/time: Use monotonic clock in get_cycles()
s390/stp: Remove udelay from stp_sync_clock()
Takashi Iwai (3):
ALSA: usb-audio: Validate UAC3 power domain descriptors, too
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
Tao Xue (1):
usb: gadget : fix use-after-free in composite_dev_cleanup()
Tetsuo Handa (1):
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
Theodore Ts'o (1):
ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
Thomas Fourier (15):
pch_uart: Fix dma_sync_sg_for_device() nents value
mmc: bcm2835: Fix dma_unmap_sg() nents value
mwl8k: Add missing check after DMA map
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
scsi: mvsas: Fix dma_unmap_sg() nents value
scsi: isci: Fix dma_unmap_sg() nents value
crypto: img-hash - Fix dma_unmap_sg() nents value
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
dmaengine: nbpfaxi: Add missing check after DMA map
mtd: rawnand: atmel: Fix dma_mapping_error() address
et131x: Add missing check after DMA map
net: ag71xx: Add missing check after DMA map
(powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer
wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`.
mtd: rawnand: fsmc: Add missing check after DMA map
Thomas Gleixner (3):
perf/core: Don't leak AUX buffer refcount on allocation failure
perf/core: Exit early on perf_mmap() fail
perf/core: Prevent VMA split of buffer mappings
Thomas Weißschuh (1):
MIPS: Don't crash in stack_top() for tasks without ABI or vDSO
Thorsten Blum (1):
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Timothy Pearson (1):
PCI: pnv_php: Work around switches with broken presence detection
Timur Kristóf (2):
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
Trond Myklebust (5):
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
NFSv4: Fix nfs4_bitmap_copy_adjust()
NFS: Fix up handling of outstanding layoutcommit in nfs_update_inode()
NFS: Fix the setting of capabilities when automounting a new filesystem
NFS: Fix up commit deadlocks
Ulf Hansson (1):
mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode()
Uwe Kleine-König (3):
pwm: mediatek: Implement .apply() callback
pwm: mediatek: Handle hardware enable and clock enable separately
pwm: mediatek: Fix duty and period setting
Vedang Nagar (1):
media: venus: Add a check for packet size after reading from shared memory
Viacheslav Dubeyko (4):
hfs: fix slab-out-of-bounds in hfs_bnode_read()
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
hfs: fix not erasing deleted b-tree node issue
Vlad Buslov (4):
net: sched: extract common action counters update code into function
net: sched: extract bstats update code into function
net: sched: extract qstats update code into functions
net: sched: don't expose action qstats to skb_tc_reinsert()
Vladimir Zapolskiy (1):
media: qcom: camss: cleanup media device allocated resource on error path
Waiman Long (1):
mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup()
Wang Liang (1):
net: drop UFO packets in udp_rcv_segment()
Weitao Wang (1):
usb: xhci: Fix slot_id resource race conflict
William Liu (4):
net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
Wolfram Sang (3):
media: usb: hdpvr: disable zero-length read messages
i3c: add missing include to internal header
i3c: don't fail if GETHDRCAP is unsupported
Xiang Mei (2):
net/sched: sch_qfq: Fix race condition on qfq_aggregate
net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class
Xin Long (1):
sctp: linearize cloned gso packets in sctp_rcv
Xinxin Wan (1):
ASoC: codecs: rt5640: Retry DEVICE_ID verification
Xinyu Liu (1):
usb: gadget: configfs: Fix OOB read on empty string write
Xiu Jianfeng (1):
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Xiumei Mu (1):
selftests: rtnetlink.sh: remove esp4_offload after test
Xu Yang (2):
usb: chipidea: add USB PHY event
usb: phy: mxs: disconnect line when USB charger is attached
Xu Yilun (1):
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Yang Xiwen (1):
i2c: qup: jump out of the loop in case of timeout
Yangtao Li (1):
hfsplus: remove mutex_lock check in hfsplus_free_extents
Yann E. MORIN (1):
kconfig: lxdialog: fix 'space' to (de)select options
Yazen Ghannam (1):
x86/mce/amd: Add default names for MCA banks and blocks
Ye Bin (1):
fs/buffer: fix use-after-free when call bh_read() helper
Youngjun Lee (1):
media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()
Yuan Chen (2):
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
pinctrl: sunxi: Fix memory leak on krealloc failure
Yun Lu (2):
af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd()
af_packet: fix soft lockup issue caused by tpacket_snd()
Yunhui Cui (1):
serial: 8250: fix panic due to PSLVERR
Yury Norov [NVIDIA] (1):
RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()
Zenm Chen (1):
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Zhang Lixu (1):
iio: hid-sensor-prox: Fix incorrect OFFSET calculation
Zhang Shurong (1):
media: ov2659: Fix memory leaks in ov2659_probe()
Zhang Xiaoxu (1):
cifs: Fix UAF in cifs_demultiplex_thread()
Zheng Wang (1):
power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
Zheng Yu (1):
jfs: fix metapage reference count leak in dbAllocCtl
chenchangcheng (1):
media: uvcvideo: Fix bandwidth issue for Alcor camera
jackysliu (1):
scsi: bfa: Double-free fix
tuhaowen (1):
PM: sleep: console: Fix the black screen issue
wenxu (1):
net/sched: act_mirred: refactor the handle of xmit
xin.guo (1):
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
Álvaro Fernández Rojas (3):
net: dsa: b53: fix b53_imp_vlan_setup for BCM5325
net: dsa: b53: prevent SWITCH_CTRL access on BCM5325
net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325
2 weeks, 6 days
- 1
- 1
[PATCH v2] mm/mremap: fix regression in vrm->new_addr check
by Carlos Llamas
Commit 3215eaceca87 ("mm/mremap: refactor initial parameter sanity
checks") moved the sanity check for vrm->new_addr from mremap_to() to
check_mremap_params().
However, this caused a regression as vrm->new_addr is now checked even
when MREMAP_FIXED and MREMAP_DONTUNMAP flags are not specified. In this
case, vrm->new_addr can be garbage and create unexpected failures.
Fix this by moving the new_addr check after the vrm_implies_new_addr()
guard. This ensures that the new_addr is only checked when the user has
specified one explicitly.
Cc: stable(a)vger.kernel.org
Fixes: 3215eaceca87 ("mm/mremap: refactor initial parameter sanity checks")
Reviewed-by: Liam R. Howlett <Liam.Howlett(a)oracle.com>
Signed-off-by: Carlos Llamas <cmllamas(a)google.com>
---
v2:
- split out vrm->new_len into individual checks
- cc stable, collect tags
v1:
https://lore.kernel.org/all/20250828032653.521314-1-cmllamas@google.com/
mm/mremap.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/mm/mremap.c b/mm/mremap.c
index e618a706aff5..35de0a7b910e 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
@@ -1774,15 +1774,18 @@ static unsigned long check_mremap_params(struct vma_remap_struct *vrm)
if (!vrm->new_len)
return -EINVAL;
- /* Is the new length or address silly? */
- if (vrm->new_len > TASK_SIZE ||
- vrm->new_addr > TASK_SIZE - vrm->new_len)
+ /* Is the new length silly? */
+ if (vrm->new_len > TASK_SIZE)
return -EINVAL;
/* Remainder of checks are for cases with specific new_addr. */
if (!vrm_implies_new_addr(vrm))
return 0;
+ /* Is the new address silly? */
+ if (vrm->new_addr > TASK_SIZE - vrm->new_len)
+ return -EINVAL;
+
/* The new address must be page-aligned. */
if (offset_in_page(vrm->new_addr))
return -EINVAL;
--
2.51.0.268.g9569e192d0-goog
2 weeks, 6 days
- 3
- 2
[PATCH 5.10 000/523] 5.10.241-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 5.10.241 release.
There are 523 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 28 Aug 2025 11:08:19 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.241-r…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 5.10.241-rc1
Florian Westphal <fw(a)strlen.de>
netfilter: nf_reject: don't leak dst refcount for loopback packets
Pablo Neira Ayuso <pablo(a)netfilter.org>
netfilter: nft_reject_inet: allow to use reject from inet ingress
Jose M. Guisado Gomez <guigom(a)riseup.net>
netfilter: nft_reject: unify reject init and dump into nft_reject
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Enable limited access during lockdown
Peter Oberparleiter <oberpar(a)linux.ibm.com>
s390/hypfs: Avoid unnecessary ioctl registration in debugfs
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation
William Liu <will(a)willsroot.io>
net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate
William Liu <will(a)willsroot.io>
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
Jason Xing <kernelxing(a)tencent.com>
ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc
Minhong He <heminhong(a)kylinos.cn>
ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add
Dan Carpenter <dan.carpenter(a)linaro.org>
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
Ido Schimmel <idosch(a)nvidia.com>
mlxsw: spectrum: Forward packets with an IPv4 link-local source IP
Kees Cook <kees(a)kernel.org>
iommu/amd: Avoid stack buffer overflow from kernel cmdline
Dan Carpenter <dan.carpenter(a)linaro.org>
scsi: qla4xxx: Prevent a potential error pointer dereference
Anantha Prabhu <anantha.prabhu(a)broadcom.com>
RDMA/bnxt_re: Fix to initialize the PBL array
Waiman Long <longman(a)redhat.com>
cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key
Feng Tang <feng.tang(a)intel.com>
mm/page_alloc: detect allocation forbidden by cpuset and bail out early
Jonathan Cameron <Jonathan.Cameron(a)huawei.com>
iio: light: as73211: Ensure buffer holes are zeroed
Pu Lehui <pulehui(a)huawei.com>
tracing: Limit access to parser->buffer when trace_get_user failed
Steven Rostedt <rostedt(a)goodmis.org>
tracing: Remove unneeded goto out logic
Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com>
iio: imu: inv_icm42600: change invalid data error to -EBUSY
Weitao Wang <WeitaoWang-oc(a)zhaoxin.com>
usb: xhci: Fix slot_id resource race conflict
Jan Beulich <jbeulich(a)suse.com>
compiler: remove __ADDRESSABLE_ASM{_STR,}() again
Ammar Faizi <ammarfaizi2(a)gnuweeb.org>
net: usbnet: Fix the wrong netif_carrier_on() call
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
selftests: mptcp: pm: check flush doesn't reset limits
Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se>
gpio: rcar: Use raw_spinlock to protect register access
Meng Li <Meng.Li(a)windriver.com>
usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock
Wesley Cheng <quic_wcheng(a)quicinc.com>
usb: dwc3: Remove DWC3 locking during gadget suspend/resume
Ming Lei <ming.lei(a)redhat.com>
dm rq: don't queue request to blk-mq during DM suspend
Damien Le Moal <damien.lemoal(a)wdc.com>
dm: rearrange core declarations for extended use from dm-zone.c
Christophe JAILLET <christophe.jaillet(a)wanadoo.fr>
uio_hv_generic: Fix another memory leak in error handling paths
Ricardo Ribalda <ribalda(a)chromium.org>
media: venus: vdec: Clamp param smaller than 1fps and bigger than 240.
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in dnode page
Vladimir Zapolskiy <vladimir.zapolskiy(a)linaro.org>
media: qcom: camss: cleanup media device allocated resource on error path
Imre Deak <imre.deak(a)intel.com>
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Don't overclock DCE 6 by 15%
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: protect against spurious interrupts during probe
Dikshita Agarwal <quic_dikshita(a)quicinc.com>
media: venus: Add support for SSR trigger using fault injection
Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com>
media: venus: hfi: explicitly release IRQ during teardown
Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org>
media: venus: don't de-reference NULL pointers at IRQ time
Sakari Ailus <sakari.ailus(a)linux.intel.com>
media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free()
Hans Verkuil <hverkuil-cisco(a)xs4all.nl>
media: v4l2-ctrls: always copy the controls on completion
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix dest ring-buffer corruption when ring is full
Kefeng Wang <wangkefeng.wang(a)huawei.com>
asm-generic: Add memory barrier dma_mb()
Marco Elver <elver(a)google.com>
locking/barriers, kcsan: Support generic instrumentation
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Fix duty and period setting
Uwe Kleine-König <u.kleine-koenig(a)baylibre.com>
pwm: mediatek: Handle hardware enable and clock enable separately
Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de>
pwm: mediatek: Implement .apply() callback
Tzung-Bi Shih <tzungbi(a)kernel.org>
platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister()
Tzung-Bi Shih <tzungbi(a)kernel.org>
platform/chrome: cros_ec: remove unneeded label and if-condition
Chen-Yu Tsai <wenst(a)chromium.org>
platform/chrome: cros_ec: Use per-device lockdep key
Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de>
platform/chrome: cros_ec: Make cros_ec_unregister() return void
Zhang Yi <yi.zhang(a)huawei.com>
ext4: fix hole length calculation overflow in non-extent inodes
David Laight <David.Laight(a)ACULAB.COM>
minmax: add umin(a, b) and umax(a, b)
Li Zhong <floridsleeves(a)gmail.com>
ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value
Qu Wenruo <wqu(a)suse.com>
btrfs: populate otime when logging an inode item
Johan Hovold <johan(a)kernel.org>
usb: musb: omap2430: fix device leak at unbind
Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com>
soc: qcom: mdt_loader: Ensure we don't read past the ELF header
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad_sigma_delta: change to buffer predisable
André Draszik <andre.draszik(a)linaro.org>
scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE
Damien Le Moal <dlemoal(a)kernel.org>
ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig
Anshuman Khandual <anshuman.khandual(a)arm.com>
mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd()
Davide Caratti <dcaratti(a)redhat.com>
net/sched: ets: use old 'nbands' while purging unused classes
Eric Dumazet <edumazet(a)google.com>
net_sched: sch_ets: implement lockless ets_dump()
Davide Caratti <dcaratti(a)redhat.com>
net/sched: sch_ets: properly init all active DRR list handles
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix the setting of capabilities when automounting a new filesystem
Anna Schumaker <Anna.Schumaker(a)Netapp.com>
NFS: Create an nfs4_server_set_init_caps() function
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFSv4: Fix nfs4_bitmap_copy_adjust()
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Don't set NFS_INO_REVAL_PAGECACHE in the inode cache validity
Ajish Koshy <Ajish.Koshy(a)microchip.com>
scsi: pm80xx: Fix memory leak during rmmod
James Smart <jsmart2021(a)gmail.com>
scsi: lpfc: Fix link down processing to address NULL pointer dereference
Leon Romanovsky <leon(a)kernel.org>
RDMA/rxe: Return CQE error if invalid lkey was supplied
Guchun Chen <guchun.chen(a)amd.com>
drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume
Hyejeong Choi <hjeong.choi(a)samsung.com>
dma-buf: insert memory barrier before updating num_fences
Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com>
selftests/memfd: add test for mapping write-sealed memfd read-only
Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com>
mm: reinstate ability to map write-sealed memfd mappings read-only
Lorenzo Stoakes <lstoakes(a)gmail.com>
mm: update memfd seal write check to include F_SEAL_WRITE
Lorenzo Stoakes <lstoakes(a)gmail.com>
mm: drop the assumption that VM_SHARED always implies writable
Ma Ke <make24(a)iscas.ac.cn>
dpaa2-eth: Fix device reference count leak in MAC endpoint handling
Ioana Ciornei <ioana.ciornei(a)nxp.com>
dpaa2-eth: retry the probe when the MAC is not yet discovered on the bus
Ioana Ciornei <ioana.ciornei(a)nxp.com>
dpaa2-mac: export MAC counters even when in TYPE_FIXED
Ioana Ciornei <ioana.ciornei(a)nxp.com>
dpaa2-mac: split up initializing the MAC object from connecting to it
Nathan Chancellor <nathan(a)kernel.org>
ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS
Filipe Manana <fdmanana(a)suse.com>
btrfs: fix deadlock when cloning inline extents and using qgroups
Ming Lei <ming.lei(a)redhat.com>
block: don't call rq_qos_ops->done_bio if the bio isn't tracked
Yang Yingliang <yangyingliang(a)huawei.com>
ptp: Fix possible memory leak in ptp_clock_register()
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large
Oliver Neukum <oneukum(a)suse.com>
cdc-acm: fix race between initial clearing halt and open
Johan Hovold <johan(a)kernel.org>
USB: cdc-acm: do not log successful probe on later errors
Haiyang Zhang <haiyangz(a)microsoft.com>
hv_netvsc: Fix panic during namespace deletion with VF
Damien Le Moal <dlemoal(a)kernel.org>
block: Make REQ_OP_ZONE_FINISH a write operation
Lukas Wunner <lukas(a)wunner.de>
PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports
Sebastian Reichel <sebastian.reichel(a)collabora.com>
usb: typec: fusb302: cache PD RX state
John Ernberg <john.ernberg(a)actia.se>
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
Geoffrey D. Bennett <g(a)b4.vu>
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Dave Hansen <dave.hansen(a)linux.intel.com>
x86/fpu: Delay instruction pointer fixup until after warning
Harry Yoo <harry.yoo(a)oracle.com>
mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n
Miaohe Lin <linmiaohe(a)huawei.com>
mm/zsmalloc.c: convert to use kmem_cache_zalloc in cache_alloc_zspage()
Lin.Cao <lincao12(a)amd.com>
drm/sched: Remove optimization that causes hang when killing dependent jobs
Haoxiang Li <haoxiang_li2024(a)163.com>
ice: Fix a null pointer dereference in ice_copy_and_init_pkg()
Maulik Shah <maulik.shah(a)oss.qualcomm.com>
pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov
Steven Rostedt <rostedt(a)goodmis.org>
tracing: Add down_write(trace_event_sem) when adding trace event
Wang Zhaolong <wangzhaolong(a)huaweicloud.com>
smb: client: fix use-after-free in crypt_message when using async crypto
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: Don't try to recover devices lost during warm reset.
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: avoid warm port reset during USB3 disconnect
Yazen Ghannam <yazen.ghannam(a)amd.com>
x86/mce/amd: Add default names for MCA banks and blocks
Zhang Lixu <lixu.zhang(a)intel.com>
iio: hid-sensor-prox: Fix incorrect OFFSET calculation
Chao Yu <chao(a)kernel.org>
f2fs: fix to do sanity check on ino and xnid
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
kbuild: userprogs: use correct linker when mixing clang and GNU ld
Kuen-Han Tsai <khtsai(a)google.com>
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout
Zenm Chen <zenmchen(a)gmail.com>
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles
Thorsten Blum <thorsten.blum(a)linux.dev>
usb: storage: realtek_cr: Use correct byte order for bcs->Residue
Mael GUERIN <mael.guerin(a)murena.io>
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera
Marek Vasut <marek.vasut+renesas(a)mailbox.org>
usb: renesas-xhci: Fix External ROM access timeouts
Miao Li <limiao(a)kylinos.cn>
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive
Miaoqian Lin <linmq006(a)gmail.com>
most: core: Drop device reference after usage in get_channel()
David Lechner <dlechner(a)baylibre.com>
iio: proximity: isl29501: fix buffered read on big-endian systems
Salah Triki <salah.triki(a)gmail.com>
iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe()
Steven Rostedt <rostedt(a)goodmis.org>
ftrace: Also allocate and copy hash for reading of filter files
Xu Yilun <yilun.xu(a)linux.intel.com>
fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable()
Al Viro <viro(a)zeniv.linux.org.uk>
use uniform permission checks for all mount propagation changes
Pavel Tikhomirov <ptikhomirov(a)virtuozzo.com>
move_mount: allow to add a mount into an existing group
Ye Bin <yebin10(a)huawei.com>
fs/buffer: fix use-after-free when call bh_read() helper
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
selftests: mptcp: connect: also cover alt modes
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix DP audio DTO1 clock source on DCE 6.
Timur Kristóf <timur.kristof(a)gmail.com>
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
Evgeniy Harchenko <evgeniyharchenko.dev(a)gmail.com>
ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6
Phillip Lougher <phillip(a)squashfs.org.uk>
squashfs: fix memory leak in squashfs_fill_super
Victor Shih <victor.shih(a)genesyslogic.com.tw>
mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency
Jiayi Li <lijiayi(a)kylinos.cn>
memstick: Fix deadlock by moving removing flag earlier
Cong Wang <xiyou.wangcong(a)gmail.com>
sch_htb: make htb_deactivate() idempotent
Cong Wang <xiyou.wangcong(a)gmail.com>
codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
Cong Wang <xiyou.wangcong(a)gmail.com>
sch_qfq: make qfq_qlen_notify() idempotent
Cong Wang <xiyou.wangcong(a)gmail.com>
sch_hfsc: make hfsc_qlen_notify() idempotent
Cong Wang <xiyou.wangcong(a)gmail.com>
sch_drr: make drr_qlen_notify() idempotent
Cong Wang <xiyou.wangcong(a)gmail.com>
sch_htb: make htb_qlen_notify() idempotent
Jakub Acs <acsjakub(a)amazon.de>
net, hsr: reject HSR frame if skb can't hold tag
Mario Limonciello <mario.limonciello(a)amd.com>
drm/amd: Restore cached power limit during resume
Vedang Nagar <quic_vnagar(a)quicinc.com>
media: venus: Add a check for packet size after reading from shared memory
Zhang Shurong <zhang_shurong(a)foxmail.com>
media: ov2659: Fix memory leaks in ov2659_probe()
Gui-Dong Han <hanguidong02(a)gmail.com>
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
Ludwig Disterhof <ludwig(a)disterhof.eu>
media: usbtv: Lock resolution while streaming
Haoxiang Li <haoxiang_li2024(a)163.com>
media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init()
Bingbu Cao <bingbu.cao(a)intel.com>
media: hi556: correct the test pattern configuration
Dan Carpenter <dan.carpenter(a)linaro.org>
media: gspca: Add bounds checking to firmware parser
Jon Hunter <jonathanh(a)nvidia.com>
soc/tegra: pmc: Ensure power-domains are in a known state
Baokun Li <libaokun1(a)huawei.com>
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group removal on driver teardown
Damien Le Moal <dlemoal(a)kernel.org>
PCI: endpoint: Fix configfs group list head handling
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: fsmc: Add missing check after DMA map
Tim Harvey <tharvey(a)gateworks.com>
hwmon: (gsc-hwmon) fix fan pwm setpoint show functions
Laurentiu Mihalcea <laurentiu.mihalcea(a)nxp.com>
pwm: imx-tpm: Reset counter if CMOD is 0
Johan Hovold <johan+linaro(a)kernel.org>
wifi: ath11k: fix source ring-buffer corruption
Nathan Chancellor <nathan(a)kernel.org>
wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table()
Marek Szyprowski <m.szyprowski(a)samsung.com>
zynq_fpga: use sgtable-based scatterlist wrappers
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-scsi: Fix ata_to_sense_error() status handling
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix reserved gdt blocks handling in fsmap
Ojaswin Mujoo <ojaswin(a)linux.ibm.com>
ext4: fix fsmap end of range reporting with bigalloc
Andreas Dilger <adilger(a)dilger.ca>
ext4: check fast symlink for ea_inode correctly
Helge Deller <deller(a)gmx.de>
Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()"
Eric Biggers <ebiggers(a)kernel.org>
lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: defkeymap: Map keycodes above 127 to K_HOLE
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
vt: keyboard: Don't process Unicode characters in K_OFF mode
Alexander Wilhelm <alexander.wilhelm(a)westermo.com>
bus: mhi: host: Fix endianness of BHI vector table
Johan Hovold <johan(a)kernel.org>
usb: dwc3: meson-g12a: fix device leaks at unbind
Johan Hovold <johan(a)kernel.org>
usb: gadget: udc: renesas_usb3: fix device leak at unbind
Nathan Chancellor <nathan(a)kernel.org>
usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init()
Finn Thain <fthain(a)linux-m68k.org>
m68k: Fix lost column on framebuffer debug console
Dan Carpenter <dan.carpenter(a)linaro.org>
cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table()
Yunhui Cui <cuiyunhui(a)bytedance.com>
serial: 8250: fix panic due to PSLVERR
Ricardo Ribalda <ribalda(a)chromium.org>
media: uvcvideo: Do not mark valid metadata as invalid
Youngjun Lee <yjjuny.lee(a)samsung.com>
media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()
Breno Leitao <leitao(a)debian.org>
mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
Waiman Long <longman(a)redhat.com>
mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup()
Randy Dunlap <rdunlap(a)infradead.org>
parisc: Makefile: fix a typo in palo.conf
Filipe Manana <fdmanana(a)suse.com>
btrfs: fix log tree replay failure due to file with 0 links and extents
Eric Biggers <ebiggers(a)kernel.org>
thunderbolt: Fix copy+paste error in match_service_id()
Ian Abbott <abbotti(a)mev.co.uk>
comedi: fix race between polling and detaching
Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz>
usb: typec: ucsi: Update power_supply on power role change
Ricky Wu <ricky_wu(a)realtek.com>
misc: rtsx: usb: Ensure mmc child device is active when card is present
Xinyu Liu <katieeliu(a)tencent.com>
usb: core: config: Prevent OOB read in SS endpoint companion parsing
Jack Xiao <Jack.Xiao(a)amd.com>
drm/amdgpu: fix incorrect vm flags to map bo
Shengjiu Wang <shengjiu.wang(a)nxp.com>
ASoC: fsl_sai: replace regmap_write with regmap_update_bits
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: soc-dai.c: add missing flag check at snd_soc_pcm_dai_probe()
Jiasheng Jiang <jiashengjiangcool(a)gmail.com>
scsi: lpfc: Remove redundant assignment to avoid memory leak
Meagan Lloyd <meaganlloyd(a)linux.microsoft.com>
rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix uninited ptr deref in block/scsi layout
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Handle RPC size limit for layoutcommits
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix disk addr range check in block/scsi layout
Sergey Bashirov <sergeybashirov(a)gmail.com>
pNFS: Fix stripe mapping in block/scsi layout
John Garry <john.g.garry(a)oracle.com>
block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
Buday Csaba <buday.csaba(a)prolan.hu>
net: phy: smsc: add proper reset flags for LAN8710A
Corey Minyard <corey(a)minyard.net>
ipmi: Fix strcpy source and destination the same
Yann E. MORIN <yann.morin.1998(a)free.fr>
kconfig: lxdialog: fix 'space' to (de)select options
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: gconf: fix potential memory leak in renderer_edited()
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed()
Breno Leitao <leitao(a)debian.org>
ipmi: Use dev_warn_ratelimited() for incorrect message warnings
John Garry <john.g.garry(a)oracle.com>
scsi: aacraid: Stop using PCI_IRQ_AFFINITY
Ranjan Kumar <ranjan.kumar(a)broadcom.com>
scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans
Shankari Anand <shankari.ak0208(a)gmail.com>
kconfig: nconf: Ensure null termination where strncpy is used
Suchit Karunakaran <suchitkarunakaran(a)gmail.com>
kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c
fangzhong.zhou <myth5(a)myth5.com>
i2c: Force DLL0945 touchpad i2c freq to 100khz
Mikulas Patocka <mpatocka(a)redhat.com>
dm-mpath: don't print the "loaded" message if registering fails
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i3c: don't fail if GETHDRCAP is unsupported
Meagan Lloyd <meaganlloyd(a)linux.microsoft.com>
rtc: ds1307: handle oscillator stop flag (OSF) for ds1341
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i3c: add missing include to internal header
Purva Yeshi <purvayeshi550(a)gmail.com>
md: dm-zoned-target: Initialize return variable r to avoid uninitialized use
chenchangcheng <chenchangcheng(a)kylinos.cn>
media: uvcvideo: Fix bandwidth issue for Alcor camera
Alex Guo <alexguo1023(a)gmail.com>
media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar
Alex Guo <alexguo1023(a)gmail.com>
media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
media: usb: hdpvr: disable zero-length read messages
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Increase FIFO trigger level to 374
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Return an appropriate colorspace from tc358743_set_fmt
Dave Stevenson <dave.stevenson(a)raspberrypi.com>
media: tc358743: Check I2C succeeded during probe
Cheick Traore <cheick.traore(a)foss.st.com>
pinctrl: stm32: Manage irq affinity settings
Damien Le Moal <dlemoal(a)kernel.org>
scsi: mpt3sas: Correctly handle ATA device errors
Justin Tee <justin.tee(a)broadcom.com>
scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure
Arnd Bergmann <arnd(a)arndb.de>
RDMA/core: reduce stack using in nldev_stat_get_doit()
Yury Norov [NVIDIA] <yury.norov(a)gmail.com>
RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()
Johan Adolfsson <johan.adolfsson(a)axis.com>
leds: leds-lp50xx: Handle reg to get correct multi_index
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
MIPS: Don't crash in stack_top() for tasks without ABI or vDSO
Arnaud Lecomte <contact(a)arnaud-lcm.com>
jfs: upper bound check of tree index in dbAllocAG
Edward Adam Davis <eadavis(a)qq.com>
jfs: Regular file corruption check
Lizhi Xu <lizhi.xu(a)windriver.com>
jfs: truncate good inode pages when hard link is 0
jackysliu <1972843537(a)qq.com>
scsi: bfa: Double-free fix
Shiji Yang <yangshiji66(a)outlook.com>
MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free}
Sebastian Reichel <sebastian.reichel(a)collabora.com>
watchdog: dw_wdt: Fix default timeout
Amir Mohammad Jahangirzad <a.jahangirzad(a)gmail.com>
fs/orangefs: use snprintf() instead of sprintf()
Showrya M N <showrya(a)chelsio.com>
scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated
Theodore Ts'o <tytso(a)mit.edu>
ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
Pali Rohár <pali(a)kernel.org>
cifs: Fix calling CIFSFindFirst() for root path without msearch
Jason Wang <jasowang(a)redhat.com>
vhost: fail early when __vhost_add_used() fails
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325
Jakub Kicinski <kuba(a)kernel.org>
uapi: in6: restore visibility of most IPv6 socket options
Emily Deng <Emily.Deng(a)amd.com>
drm/ttm: Should to return the evict error
Hari Kalavakunta <kalavakunta.hari.prasad(a)gmail.com>
net: ncsi: Fix buffer overflow in fetching version id
Thomas Fourier <fourier.thomas(a)gmail.com>
wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc()
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: prevent SWITCH_CTRL access on BCM5325
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325
Álvaro Fernández Rojas <noltari(a)gmail.com>
net: dsa: b53: fix b53_imp_vlan_setup for BCM5325
Alok Tiwari <alok.a.tiwari(a)oracle.com>
gve: Return error for unknown admin queue command
Gal Pressman <gal(a)nvidia.com>
net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs
Stanislaw Gruszka <stf_xl(a)wp.pl>
wifi: iwlegacy: Check rate_idx range after addition
Mina Almasry <almasrymina(a)google.com>
netmem: fix skb_frag_address_safe with unreadable skbs
Thomas Fourier <fourier.thomas(a)gmail.com>
wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`.
Wen Chen <Wen.Chen3(a)amd.com>
drm/amd/display: Fix 'failed to blank crtc!'
Pagadala Yesu Anjaneyulu <pagadala.yesu.anjaneyulu(a)intel.com>
wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect
Rand Deeb <rand.sec96(a)gmail.com>
wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd()
Ilya Bakoulin <Ilya.Bakoulin(a)amd.com>
drm/amd/display: Separate set_gsl from set_gsl_source_select
Jonas Rebmann <jre(a)pengutronix.de>
net: fec: allow disable coalescing
Thomas Fourier <fourier.thomas(a)gmail.com>
(powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer
Sven Schnelle <svens(a)linux.ibm.com>
s390/stp: Remove udelay from stp_sync_clock()
Avraham Stern <avraham.stern(a)intel.com>
wifi: iwlwifi: mvm: fix scan request validation
Alok Tiwari <alok.a.tiwari(a)oracle.com>
net: thunderx: Fix format-truncation warning in bgx_acpi_match_id()
Oscar Maes <oscmaes92(a)gmail.com>
net: ipv4: fix incorrect MTU in broadcast routes
Ilan Peer <ilan.peer(a)intel.com>
wifi: cfg80211: Fix interface type validation
Paul E. McKenney <paulmck(a)kernel.org>
rcu: Protect ->defer_qs_iw_pending from data race
Thomas Fourier <fourier.thomas(a)gmail.com>
net: ag71xx: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
et131x: Add missing check after DMA map
Alok Tiwari <alok.a.tiwari(a)oracle.com>
be2net: Use correct byte order and format string for TCP seq and ack_seq
Sven Schnelle <svens(a)linux.ibm.com>
s390/time: Use monotonic clock in get_cycles()
Johannes Berg <johannes.berg(a)intel.com>
wifi: cfg80211: reject HTC bit for management frames
Steven Rostedt <rostedt(a)goodmis.org>
ktest.pl: Prevent recursion of default variable options
Anthoine Bourgeois <anthoine.bourgeois(a)vates.tech>
xen/netfront: Fix TX response spurious interrupts
Xinxin Wan <xinxin.wan(a)intel.com>
ASoC: codecs: rt5640: Retry DEVICE_ID verification
Jonathan Santos <Jonathan.Santos(a)analog.com>
iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement
Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com>
ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros
Christophe Leroy <christophe.leroy(a)csgroup.eu>
ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop
Lucy Thrun <lucy.thrun(a)digital-rabbithole.de>
ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
Tomasz Michalec <tmichalec(a)google.com>
platform/chrome: cros_ec_typec: Defer probe on missing EC parent
Kees Cook <kees(a)kernel.org>
platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches
Gautham R. Shenoy <gautham.shenoy(a)amd.com>
pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop()
Oliver Neukum <oneukum(a)suse.com>
usb: core: usb_submit_urb: downgrade type check
Tomasz Michalec <tmichalec(a)google.com>
usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present
Peter Ujfalusi <peter.ujfalusi(a)linux.intel.com>
ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()
Alok Tiwari <alok.a.tiwari(a)oracle.com>
ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4
Mark Brown <broonie(a)kernel.org>
ASoC: hdac_hdmi: Rate limit logging on connection and disconnection
Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com>
x86/bugs: Avoid warning when overriding return thunk
Ulf Hansson <ulf.hansson(a)linaro.org>
mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode()
Peter Robinson <pbrobinson(a)gmail.com>
reset: brcmstb: Enable reset drivers for ARCH_BCM2835
Breno Leitao <leitao(a)debian.org>
ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path
Sarthak Garg <quic_sartgarg(a)quicinc.com>
mmc: sdhci-msm: Ensure SD card power isn't ON when card removed
Sebastian Ott <sebott(a)redhat.com>
ACPI: processor: fix acpi_object initialization
tuhaowen <tuhaowen(a)uniontech.com>
PM: sleep: console: Fix the black screen issue
Hsin-Te Yuan <yuanhsinte(a)chromium.org>
thermal: sysfs: Return ENODATA instead of EAGAIN for reads
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit()
Masami Hiramatsu (Google) <mhiramat(a)kernel.org>
selftests: tracing: Use mutex_unlock for testing glob filter
Aaron Kling <webgeek1234(a)gmail.com>
ARM: tegra: Use I/O memcpy to write to IRAM
Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
gpio: tps65912: check the return value of regmap_update_bits()
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed
Lifeng Zheng <zhenglifeng1(a)huawei.com>
PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store()
Alexander Kochetkov <al.kochet(a)gmail.com>
ARM: rockchip: fix kernel hang during smp initialization
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Exit governor when failed to start old governor
Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
gpio: wcd934x: check the return value of regmap_update_bits()
Mario Limonciello <mario.limonciello(a)amd.com>
usb: xhci: Avoid showing errors during surprise removal
Jay Chen <shawn2000100(a)gmail.com>
usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command
Mario Limonciello <mario.limonciello(a)amd.com>
usb: xhci: Avoid showing warnings for dying controller
Benson Leung <bleung(a)chromium.org>
usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default
Cynthia Huang <cynthia(a)andestech.com>
selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t
Prashant Malani <pmalani(a)google.com>
cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag
Su Hui <suhui(a)nfschina.com>
usb: xhci: print xhci->xhc_state when queue_command failed
Al Viro <viro(a)zeniv.linux.org.uk>
securityfs: don't pin dentries twice, once is enough...
Damien Le Moal <dlemoal(a)kernel.org>
ata: libata-sata: Disallow changing LPM state if not supported
Al Viro <viro(a)zeniv.linux.org.uk>
better lockdep annotations for simple_recursive_removal()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfs: fix not erasing deleted b-tree node issue
Sarah Newman <srn(a)prgmr.com>
drbd: add missing kref_get in handle_write_conflicts
Jan Kara <jack(a)suse.cz>
udf: Verify partition map count
Kees Cook <kees(a)kernel.org>
arm64: Handle KCOV __init vs inline mismatches
Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp>
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
Viacheslav Dubeyko <slava(a)dubeyko.com>
hfs: fix slab-out-of-bounds in hfs_bnode_read()
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
cpuidle: governors: menu: Avoid using invalid recent intervals data
Len Brown <len.brown(a)intel.com>
intel_idle: Allow loading ACPI tables for any family
Xin Long <lucien.xin(a)gmail.com>
sctp: linearize cloned gso packets in sctp_rcv
Florian Westphal <fw(a)strlen.de>
netfilter: ctnetlink: fix refcount leak on table dump
Sabrina Dubroca <sd(a)queasysnail.net>
udp: also consider secpath when evaluating ipsec use for checksumming
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
ACPI: processor: perflib: Move problematic pr->performance check
Jiayi Li <lijiayi(a)kylinos.cn>
ACPI: processor: perflib: Fix initial _PPC limit application
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
Documentation: ACPI: Fix parent device references
Sasha Levin <sashal(a)kernel.org>
fs: Prevent file descriptor table allocations exceeding INT_MAX
Ma Ke <make24(a)iscas.ac.cn>
sunvdc: Balance device refcount in vdc_port_mpgroup_check
Dai Ngo <dai.ngo(a)oracle.com>
NFSD: detect mismatch of file handle and delegation stateid in OPEN op
Jeff Layton <jlayton(a)kernel.org>
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
Johan Hovold <johan(a)kernel.org>
net: dpaa: fix device leak when querying time stamp info
Johan Hovold <johan(a)kernel.org>
net: gianfar: fix device leak when querying time stamp info
Fedor Pchelkin <pchelkin(a)ispras.ru>
netlink: avoid infinite retry looping in netlink_unicast()
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Validate UAC3 power domain descriptors, too
Pavel Begunkov <asml.silence(a)gmail.com>
io_uring: don't use int for ABI
Tao Xue <xuetao09(a)huawei.com>
usb: gadget : fix use-after-free in composite_dev_cleanup()
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Jiaxun Yang <jiaxun.yang(a)flygoat.com>
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Slark Xiao <slark_xiao(a)163.com>
USB: serial: option: add Foxconn T99W709
Budimir Markovic <markovicbudimir(a)gmail.com>
vsock: Do not allow binding to VMADDR_PORT_ANY
Quang Le <quanglex97(a)gmail.com>
net/packet: fix a race in packet_set_ring() and packet_notifier()
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Prevent VMA split of buffer mappings
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Exit early on perf_mmap() fail
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Don't leak AUX buffer refcount on allocation failure
Eric Dumazet <edumazet(a)google.com>
pptp: fix pptp_xmit() error path
Stefan Metzmacher <metze(a)samba.org>
smb: client: let recv_done() cleanup before notifying the callers.
Takashi Iwai <tiwai(a)suse.de>
ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out()
Michal Schmidt <mschmidt(a)redhat.com>
benet: fix BUG when creating VFs
Wang Liang <wangliang74(a)huawei.com>
net: drop UFO packets in udp_rcv_segment()
Eric Dumazet <edumazet(a)google.com>
ipv6: reject malicious packets in ipv6_gso_segment()
Eric Dumazet <edumazet(a)google.com>
pptp: ensure minimal skb length in pptp_xmit()
Horatiu Vultur <horatiu.vultur(a)microchip.com>
phy: mscc: Fix parsing of unicast frames
Jakub Kicinski <kuba(a)kernel.org>
netpoll: prevent hanging NAPI when netcons gets enabled
Benjamin Coddington <bcodding(a)redhat.com>
NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY
Matthew Wilcox (Oracle) <willy(a)infradead.org>
XArray: Add calls to might_alloc()
Daniel Vetter <daniel.vetter(a)ffwll.ch>
mm: extract might_alloc() debug check
Olga Kornievskaia <okorniev(a)redhat.com>
NFSv4.2: another fix for listxattr
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
Tigran Mkrtchyan <tigran.mkrtchyan(a)desy.de>
pNFS/flexfiles: don't attempt pnfs on fatal DS errors
Trond Myklebust <trond.myklebust(a)hammerspace.com>
pNFS/flexfiles: Avoid spurious layout returns in ff_layout_choose_ds_for_read
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Fix surprise plug detection and recovery
Timothy Pearson <tpearson(a)raptorengineering.com>
powerpc/eeh: Make EEH driver device hotplug safe
Maciej W. Rozycki <macro(a)orcam.me.uk>
powerpc/eeh: Rely on dev->link_active_reporting
Timothy Pearson <tpearson(a)raptorengineering.com>
powerpc/eeh: Export eeh_unfreeze_pe()
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Work around switches with broken presence detection
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Clean up allocated IRQs on unplug
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: qconf: fix ConfigList::updateListAllforAll()
Seunghui Lee <sh043.lee(a)samsung.com>
scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in devs.path
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid panic in f2fs_evict_inode
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
Chao Yu <chao(a)kernel.org>
f2fs: doc: fix wrong quota mount option description
Brian Masney <bmasney(a)redhat.com>
rtc: rv3028: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: pcf8563: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: pcf85063: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: hym8563: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: ds1307: fix incorrect maximum clock rate handling
Petr Pavlu <petr.pavlu(a)suse.com>
module: Restore the moduleparam prefix length check
Ryan Lee <ryan.lee(a)canonical.com>
apparmor: ensure WB_HISTORY_SIZE value is a power of 2
Paul Chaignon <paul.chaignon(a)gmail.com>
bpf: Check flow_dissector ctx accesses are aligned
Mike Christie <michael.christie(a)oracle.com>
vhost-scsi: Fix log flooding with target does not exist errors
Balamanikandan Gunasundar <balamanikandan.gunasundar(a)microchip.com>
mtd: rawnand: atmel: set pmecc data setup time
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: atmel: Fix dma_mapping_error() address
Zheng Yu <zheng.yu(a)northwestern.edu>
jfs: fix metapage reference count leak in dbAllocCtl
Chenyuan Yang <chenyuan0y(a)gmail.com>
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - fix seq_file position update in adf_ring_next()
Ben Hutchings <benh(a)debian.org>
sh: Do not use hyphen in exported variable name
Thomas Fourier <fourier.thomas(a)gmail.com>
dmaengine: nbpfaxi: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
Dan Carpenter <dan.carpenter(a)linaro.org>
fs/orangefs: Allow 2 more characters in do_c_string()
Bard Liao <yung-chuan.liao(a)linux.intel.com>
soundwire: stream: restore params when prepare ports fail
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: img-hash - Fix dma_unmap_sg() nents value
Ovidiu Panait <ovidiu.panait.oss(a)gmail.com>
hwrng: mtk - handle devm_pm_runtime_enable errors
Dan Carpenter <dan.carpenter(a)linaro.org>
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: isci: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: mvsas: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
Paul Kocialkowski <paulk(a)sys-base.io>
clk: sunxi-ng: v3s: Fix de clock definition
Leo Yan <leo.yan(a)arm.com>
perf tests bp_account: Fix leaked file descriptor
Mengbiao Xiong <xisme1998(a)gmail.com>
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: inside-secure - Fix `dma_unmap_sg()` nents value
Yuan Chen <chenyuan(a)kylinos.cn>
pinctrl: sunxi: Fix memory leak on krealloc failure
Charles Han <hanchunchao(a)inspur.com>
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Henry Martin <bsdhenrymartin(a)gmail.com>
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Ivan Stepchenko <sid(a)itb.spb.ru>
mtd: fix possible integer overflow in erase_xfer()
Herbert Xu <herbert(a)gondor.apana.org.au>
crypto: marvell/cesa - Fix engine load inaccuracy
Hans Zhang <18255117159(a)163.com>
PCI: rockchip-host: Fix "Unexpected Completion" log message
Stanislav Fomichev <sdf(a)fomichev.me>
vrf: Drop existing dst reference in vrf_ip6_input_dst
Xiumei Mu <xmu(a)redhat.com>
selftests: rtnetlink.sh: remove esp4_offload after test
Florian Westphal <fw(a)strlen.de>
netfilter: xt_nfacct: don't assume acct name is null-terminated
Jimmy Assarsson <extja(a)kvaser.com>
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Jimmy Assarsson <extja(a)kvaser.com>
can: kvaser_pciefd: Store device channel index
Gokul Sivakumar <gokulkumar.sivakumar(a)infineon.com>
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Remi Pommarel <repk(a)triplefau.lt>
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Remi Pommarel <repk(a)triplefau.lt>
wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key()
Thomas Fourier <fourier.thomas(a)gmail.com>
mwl8k: Add missing check after DMA map
Martin Kaistra <martin.kaistra(a)linutronix.de>
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
Juergen Gross <jgross(a)suse.com>
xen/gntdev: remove struct gntdev_copy_batch from stack
Eric Dumazet <edumazet(a)google.com>
net_sched: act_ctinfo: use atomic64_t for three counters
William Liu <will(a)willsroot.io>
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
Johan Korsnes <johan.korsnes(a)gmail.com>
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
Fedor Pchelkin <pchelkin(a)ispras.ru>
netfilter: nf_tables: adjust lockdep assertions handling
Fedor Pchelkin <pchelkin(a)ispras.ru>
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
Finn Thain <fthain(a)linux-m68k.org>
m68k: Don't unregister boot console needlessly
xin.guo <guoxin0309(a)gmail.com>
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
Sergey Senozhatsky <senozhatsky(a)chromium.org>
wifi: ath11k: clear initialized flag for deinit-ed srng lists
Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
iwlwifi: Add missing check for alloc_ordered_workqueue
Xiu Jianfeng <xiujianfeng(a)huawei.com>
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Daniil Dulov <d.dulov(a)aladdin.ru>
wifi: rtl818x: Kill URBs before clearing tx status queue
Arnd Bergmann <arnd(a)arndb.de>
caif: reduce stack size, again
Yuan Chen <chenyuan(a)kylinos.cn>
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
Jiayuan Chen <jiayuan.chen(a)linux.dev>
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Andy Yan <andy.yan(a)rock-chips.com>
drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed
Steven Rostedt <rostedt(a)goodmis.org>
selftests/tracing: Fix false failure of subsystem event test
Alok Tiwari <alok.a.tiwari(a)oracle.com>
staging: nvec: Fix incorrect null termination of battery manufacturer
Brahmajit Das <listout(a)listout.xyz>
samples: mei: Fix building on musl libc
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Init policy->rwsem before it may be possibly used
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Initialize cpufreq-based frequency-invariance later
Adam Ford <aford173(a)gmail.com>
arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed
Annette Kobou <annette.kobou(a)kontron.de>
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Lucas De Marchi <lucas.demarchi(a)intel.com>
usb: early: xhci-dbc: Fix early_ioremap leak
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Revert "vmci: Prevent the dispatching of uninitialized payloads"
Denis OSTERLAND-HEIM <denis.osterland(a)diehl.com>
pps: fix poll support
Lizhi Xu <lizhi.xu(a)windriver.com>
vmci: Prevent the dispatching of uninitialized payloads
Abdun Nihaal <abdun.nihaal(a)gmail.com>
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
ARM: dts: vfxxx: Correctly use two tuples for timer address
Arnd Bergmann <arnd(a)arndb.de>
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask()
Yangtao Li <frank.li(a)vivo.com>
hfsplus: remove mutex_lock check in hfsplus_free_extents
RubenKelevra <rubenkelevra(a)gmail.com>
fs_context: fix parameter name in infofc() macro
Arnd Bergmann <arnd(a)arndb.de>
ASoC: Intel: fix SND_SOC_SOF dependencies
Arnd Bergmann <arnd(a)arndb.de>
ethernet: intel: fix building with large NR_CPUS
Xu Yang <xu.yang_2(a)nxp.com>
usb: phy: mxs: disconnect line when USB charger is attached
Xu Yang <xu.yang_2(a)nxp.com>
usb: chipidea: add USB PHY event
Daniel Dadap <ddadap(a)nvidia.com>
ALSA: hda: Add missing NVIDIA HDA codec IDs
Ian Abbott <abbotti(a)mev.co.uk>
comedi: comedi_test: Fix possible deletion of uninitialized timers
Michael Zhivich <mzhivich(a)akamai.com>
x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
Ryusuke Konishi <konishi.ryusuke(a)gmail.com>
nilfs2: reject invalid file types when reading inodes
Praveen Kaligineedi <pkaligineedi(a)google.com>
gve: Fix stuck TX queue for DQ queue format
Jacek Kowalski <jacek(a)jacekk.info>
e1000e: ignore uninitialized checksum word on tgp
Jacek Kowalski <jacek(a)jacekk.info>
e1000e: disregard NVM checksum on tgp when valid checksum bit is not set
Dawid Rezler <dawidrezler.patches(a)gmail.com>
ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx
Yang Xiwen <forbidden405(a)outlook.com>
i2c: qup: jump out of the loop in case of timeout
Jian Shen <shenjian15(a)huawei.com>
net: hns3: fixed vf get max channels bug
Jian Shen <shenjian15(a)huawei.com>
net: hns3: refine the struct hane3_tc_info
Xiang Mei <xmei5(a)asu.edu>
net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class
Kito Xu (veritas501) <hxzene(a)gmail.com>
net: appletalk: Fix use-after-free in AARP proxy probe
Andrew Lunn <andrew(a)lunn.ch>
net: appletalk: fix kerneldoc warnings
Dennis Chen <dechen(a)redhat.com>
i40e: report VF tx_dropped with tx_errors instead of tx_discards
Yajun Deng <yajun.deng(a)linux.dev>
i40e: Add rx_missed_errors for buffer exhaustion
Maor Gottlieb <maorg(a)nvidia.com>
RDMA/core: Rate limit GID cache warning messages
Alessandro Carminati <acarmina(a)redhat.com>
regulator: core: fix NULL dereference on unbind due to stale coupling data
Hongyu Xie <xiehongyu1(a)kylinos.cn>
xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS
Bui Quang Minh <minhquangbui99(a)gmail.com>
virtio-net: ensure the received length does not exceed allocated size
Alexander Gordeev <agordeev(a)linux.ibm.com>
mm/vmalloc: leave lazy MMU mode on PTE mapping error
Arun Raghavan <arun(a)asymptotic.io>
ASoC: fsl_sai: Force a software reset when starting in consumer mode
Krishna Kurapati <krishna.kurapati(a)oss.qualcomm.com>
usb: dwc3: qcom: Don't leave BCR asserted
Drew Hamilton <drew.hamilton(a)zetier.com>
usb: musb: fix gadget state on disconnect
Paul Cercueil <paul(a)crapouillou.net>
usb: musb: Add and use inline functions musb_{get,set}_state
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: Fix flushing of delayed work used for post resume purposes
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm
Mathias Nyman <mathias.nyman(a)linux.intel.com>
usb: hub: fix detection of high tier USB3 devices behind suspended hubs
William Liu <will(a)willsroot.io>
net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree
Dong Chenchen <dongchenchen2(a)huawei.com>
net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout
Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Bluetooth: SMP: If an unallowed command is received consider it a failure
Kuniyuki Iwashima <kuniyu(a)google.com>
Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()
Oliver Neukum <oneukum(a)suse.com>
usb: net: sierra: check for no status endpoint
Marius Zachmann <mail(a)mariuszachmann.de>
hwmon: (corsair-cpro) Validate the size of the received input buffer
Kuniyuki Iwashima <kuniyu(a)google.com>
rpl: Fix use-after-free in rpl_do_srh_inline().
Xiang Mei <xmei5(a)asu.edu>
net/sched: sch_qfq: Fix race condition on qfq_aggregate
Alok Tiwari <alok.a.tiwari(a)oracle.com>
net: emaclite: Fix missing pointer increment in aligned_read()
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix initialization of data for instructions that write to subdevice
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix use of uninitialized data in insn_rw_emulate_bits()
Ian Abbott <abbotti(a)mev.co.uk>
comedi: Fix some signed shift left operations
Ian Abbott <abbotti(a)mev.co.uk>
comedi: das6402: Fix bit shift out of bounds
Ian Abbott <abbotti(a)mev.co.uk>
comedi: das16m1: Fix bit shift out of bounds
Ian Abbott <abbotti(a)mev.co.uk>
comedi: aio_iiro_16: Fix bit shift out of bounds
Ian Abbott <abbotti(a)mev.co.uk>
comedi: pcl812: Fix bit shift out of bounds
Chen Ni <nichen(a)iscas.ac.cn>
iio: adc: stm32-adc: Fix race in installing chained IRQ handler
Fabio Estevam <festevam(a)denx.de>
iio: adc: max1363: Reorder mode_list[] entries
Fabio Estevam <festevam(a)denx.de>
iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[]
Andrew Jeffery <andrew(a)codeconstruct.com.au>
soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled
Andrew Jeffery <andrew(a)codeconstruct.com.au>
soc: aspeed: lpc-snoop: Cleanup resources in stack-order
Judith Mendez <jm(a)ti.com>
mmc: sdhci_am654: Workaround for Errata i2312
Edson Juliano Drosdeck <edson.drosdeck(a)gmail.com>
mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models
Thomas Fourier <fourier.thomas(a)gmail.com>
mmc: bcm2835: Fix dma_unmap_sg() nents value
Nathan Chancellor <nathan(a)kernel.org>
memstick: core: Zero initialize id_reg in h_memstick_read_dev_id()
Jan Kara <jack(a)suse.cz>
isofs: Verify inode mode when loading from disk
Dan Carpenter <dan.carpenter(a)linaro.org>
dmaengine: nbpfaxi: Fix memory corruption in probe()
Yun Lu <luyun(a)kylinos.cn>
af_packet: fix soft lockup issue caused by tpacket_snd()
Yun Lu <luyun(a)kylinos.cn>
af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd()
Nathan Chancellor <nathan(a)kernel.org>
phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in pep_sock_accept()
Benjamin Tissoires <bentiss(a)kernel.org>
HID: core: do not bypass hid_hw_raw_request
Benjamin Tissoires <bentiss(a)kernel.org>
HID: core: ensure __hid_request reserves the report ID as the first byte
Benjamin Tissoires <bentiss(a)kernel.org>
HID: core: ensure the allocated report buffer can contain the reserved report ID
Thomas Fourier <fourier.thomas(a)gmail.com>
pch_uart: Fix dma_sync_sg_for_device() nents value
Nilton Perim Neto <niltonperimneto(a)gmail.com>
Input: xpad - set correct controller type for Acer NGR200
Alok Tiwari <alok.a.tiwari(a)oracle.com>
thunderbolt: Fix bit masking in tb_dp_port_set_hops()
Clément Le Goffic <clement.legoffic(a)foss.st.com>
i2c: stm32: fix the device used for the DMA map
Xinyu Liu <1171169449(a)qq.com>
usb: gadget: configfs: Fix OOB read on empty string write
Ryan Mann (NDI) <rmann(a)ndigital.com>
USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI
Slark Xiao <slark_xiao(a)163.com>
USB: serial: option: add Foxconn T99W640
Fabio Porcedda <fabio.porcedda(a)gmail.com>
USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition
Wayne Chang <waynec(a)nvidia.com>
phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode
-------------
Diffstat:
Documentation/filesystems/f2fs.rst | 6 +-
Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 +-
Documentation/memory-barriers.txt | 11 +-
Makefile | 6 +-
arch/arm/Makefile | 2 +-
arch/arm/boot/dts/imx6ul-kontron-n6x1x-s.dtsi | 1 -
arch/arm/boot/dts/vfxxx.dtsi | 2 +-
arch/arm/mach-rockchip/platsmp.c | 15 +-
arch/arm/mach-tegra/reset.c | 2 +-
.../boot/dts/freescale/imx8mm-beacon-som.dtsi | 2 +
arch/arm64/include/asm/acpi.h | 2 +-
arch/arm64/mm/ptdump_debugfs.c | 3 -
arch/m68k/Kconfig.debug | 2 +-
arch/m68k/kernel/early_printk.c | 42 +--
arch/m68k/kernel/head.S | 39 ++-
arch/mips/crypto/chacha-core.S | 20 +-
arch/mips/include/asm/vpe.h | 8 +
arch/mips/kernel/process.c | 16 +-
arch/mips/mm/tlb-r4k.c | 56 +++-
arch/parisc/Makefile | 2 +-
arch/powerpc/configs/ppc6xx_defconfig | 1 -
arch/powerpc/kernel/eeh.c | 1 +
arch/powerpc/kernel/eeh_driver.c | 48 ++--
arch/powerpc/kernel/eeh_pe.c | 11 +-
arch/powerpc/kernel/pci-hotplug.c | 3 +
arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 +-
arch/s390/hypfs/hypfs_dbfs.c | 19 +-
arch/s390/include/asm/timex.h | 13 +-
arch/s390/kernel/time.c | 2 +-
arch/s390/mm/dump_pagetables.c | 2 -
arch/sh/Makefile | 10 +-
arch/sh/boot/compressed/Makefile | 4 +-
arch/sh/boot/romimage/Makefile | 4 +-
arch/x86/include/asm/xen/hypercall.h | 6 +-
arch/x86/kernel/cpu/amd.c | 2 +
arch/x86/kernel/cpu/bugs.c | 5 +-
arch/x86/kernel/cpu/mce/amd.c | 13 +-
arch/x86/mm/extable.c | 5 +-
block/bio.c | 2 +-
block/blk-settings.c | 2 +-
drivers/acpi/acpi_processor.c | 2 +-
drivers/acpi/apei/ghes.c | 2 +
drivers/acpi/processor_idle.c | 4 +-
drivers/acpi/processor_perflib.c | 11 +
drivers/ata/Kconfig | 35 ++-
drivers/ata/libata-sata.c | 5 +
drivers/ata/libata-scsi.c | 20 +-
drivers/base/power/domain_governor.c | 18 +-
drivers/base/power/runtime.c | 5 +
drivers/block/drbd/drbd_receiver.c | 6 +-
drivers/block/sunvdc.c | 4 +-
drivers/bus/mhi/host/boot.c | 8 +-
drivers/bus/mhi/host/internal.h | 4 +-
drivers/char/hw_random/mtk-rng.c | 4 +-
drivers/char/ipmi/ipmi_msghandler.c | 8 +-
drivers/char/ipmi/ipmi_watchdog.c | 59 +++--
drivers/clk/davinci/psc.c | 5 +
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3 +-
drivers/cpufreq/armada-8k-cpufreq.c | 2 +-
drivers/cpufreq/cppc_cpufreq.c | 2 +-
drivers/cpufreq/cpufreq.c | 29 +-
drivers/cpuidle/governors/menu.c | 21 +-
drivers/crypto/ccp/ccp-debugfs.c | 3 +
drivers/crypto/img-hash.c | 2 +-
drivers/crypto/inside-secure/safexcel_hash.c | 8 +-
drivers/crypto/marvell/cesa/cipher.c | 4 +-
drivers/crypto/marvell/cesa/hash.c | 5 +-
.../crypto/qat/qat_common/adf_transport_debug.c | 4 +-
drivers/devfreq/governor_userspace.c | 6 +-
drivers/dma-buf/dma-resv.c | 5 +-
drivers/dma/mv_xor.c | 21 +-
drivers/dma/nbpfaxi.c | 24 +-
drivers/fpga/zynq-fpga.c | 10 +-
drivers/gpio/gpio-rcar.c | 20 +-
drivers/gpio/gpio-tps65912.c | 7 +-
drivers/gpio/gpio-wcd934x.c | 7 +-
drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 +
drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 6 +
.../gpu/drm/amd/display/dc/bios/command_table.c | 2 +-
.../amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2 -
.../amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 +--
.../amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 +--
drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11 +-
.../gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2 +-
drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6 +
drivers/gpu/drm/drm_dp_helper.c | 2 +-
drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9 +-
drivers/gpu/drm/scheduler/sched_entity.c | 23 +-
drivers/gpu/drm/ttm/ttm_resource.c | 3 +
drivers/hid/hid-core.c | 21 +-
drivers/hwmon/corsair-cpro.c | 5 +
drivers/hwmon/gsc-hwmon.c | 4 +-
drivers/i2c/busses/i2c-qup.c | 4 +-
drivers/i2c/busses/i2c-stm32.c | 8 +-
drivers/i2c/busses/i2c-stm32f7.c | 4 +-
drivers/i2c/i2c-core-acpi.c | 1 +
drivers/i3c/internals.h | 1 +
drivers/i3c/master.c | 2 +-
drivers/idle/intel_idle.c | 2 +-
drivers/iio/adc/ad7768-1.c | 23 +-
drivers/iio/adc/ad_sigma_delta.c | 4 +-
drivers/iio/adc/max1363.c | 43 ++-
drivers/iio/adc/stm32-adc-core.c | 7 +-
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 6 +-
drivers/iio/light/as73211.c | 2 +-
drivers/iio/light/hid-sensor-prox.c | 3 +-
drivers/iio/pressure/bmp280-core.c | 9 +-
drivers/iio/proximity/isl29501.c | 14 +-
drivers/infiniband/core/cache.c | 4 +-
drivers/infiniband/core/nldev.c | 22 +-
drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 +
drivers/infiniband/hw/hfi1/affinity.c | 44 +--
drivers/infiniband/sw/rxe/rxe_comp.c | 16 +-
drivers/input/joystick/xpad.c | 2 +-
drivers/iommu/amd/init.c | 4 +-
drivers/leds/leds-lp50xx.c | 11 +-
drivers/md/dm-core.h | 52 ++++
drivers/md/dm-historical-service-time.c | 4 +-
drivers/md/dm-queue-length.c | 4 +-
drivers/md/dm-round-robin.c | 4 +-
drivers/md/dm-rq.c | 8 +
drivers/md/dm-service-time.c | 4 +-
drivers/md/dm-zoned-target.c | 2 +-
drivers/md/dm.c | 59 +----
drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 +-
drivers/media/dvb-frontends/dib7000p.c | 8 +
drivers/media/i2c/hi556.c | 26 +-
drivers/media/i2c/ov2659.c | 3 +-
drivers/media/i2c/tc358743.c | 86 +++---
drivers/media/platform/qcom/camss/camss.c | 4 +-
drivers/media/platform/qcom/venus/core.c | 21 +-
drivers/media/platform/qcom/venus/core.h | 2 +
drivers/media/platform/qcom/venus/dbgfs.c | 9 +
drivers/media/platform/qcom/venus/dbgfs.h | 13 +
drivers/media/platform/qcom/venus/hfi_venus.c | 14 +-
drivers/media/platform/qcom/venus/vdec.c | 5 +-
drivers/media/usb/gspca/vicam.c | 10 +-
drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 +
drivers/media/usb/usbtv/usbtv-video.c | 4 +
drivers/media/usb/uvc/uvc_driver.c | 3 +
drivers/media/usb/uvc/uvc_video.c | 21 +-
drivers/media/v4l2-core/v4l2-ctrls.c | 37 ++-
drivers/memstick/core/memstick.c | 3 +-
drivers/memstick/host/rtsx_usb_ms.c | 1 +
drivers/misc/cardreader/rtsx_usb.c | 16 +-
drivers/mmc/host/bcm2835.c | 3 +-
drivers/mmc/host/rtsx_usb_sdmmc.c | 4 +-
drivers/mmc/host/sdhci-msm.c | 14 +
drivers/mmc/host/sdhci-pci-core.c | 3 +-
drivers/mmc/host/sdhci-pci-gli.c | 4 +-
drivers/mmc/host/sdhci_am654.c | 9 +-
drivers/most/core.c | 2 +-
drivers/mtd/ftl.c | 2 +-
drivers/mtd/nand/raw/atmel/nand-controller.c | 2 +-
drivers/mtd/nand/raw/atmel/pmecc.c | 6 +
drivers/mtd/nand/raw/fsmc_nand.c | 2 +
drivers/net/can/kvaser_pciefd.c | 1 +
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1 +
drivers/net/dsa/b53/b53_common.c | 52 ++--
drivers/net/dsa/b53/b53_regs.h | 2 +
drivers/net/ethernet/agere/et131x.c | 36 +++
drivers/net/ethernet/atheros/ag71xx.c | 9 +
drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 +-
drivers/net/ethernet/emulex/benet/be_cmds.c | 2 +-
drivers/net/ethernet/emulex/benet/be_main.c | 8 +-
drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 +-
drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 66 +++--
drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.h | 13 +
.../net/ethernet/freescale/dpaa2/dpaa2-ethtool.c | 16 +-
drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c | 97 +++----
drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.h | 5 +
drivers/net/ethernet/freescale/fec_main.c | 34 ++-
drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 +-
drivers/net/ethernet/google/gve/gve_adminq.c | 1 +
drivers/net/ethernet/google/gve/gve_main.c | 67 ++---
drivers/net/ethernet/hisilicon/hns3/hnae3.h | 19 +-
drivers/net/ethernet/hisilicon/hns3/hns3_debugfs.c | 3 +-
drivers/net/ethernet/hisilicon/hns3/hns3_enet.c | 33 ++-
.../ethernet/hisilicon/hns3/hns3pf/hclge_debugfs.c | 2 +-
.../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 4 +-
.../net/ethernet/hisilicon/hns3/hns3pf/hclge_mbx.c | 2 +-
.../net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c | 49 ++--
.../ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 25 +-
drivers/net/ethernet/intel/e1000e/defines.h | 3 +
drivers/net/ethernet/intel/e1000e/ich8lan.c | 2 +
drivers/net/ethernet/intel/e1000e/nvm.c | 6 +
drivers/net/ethernet/intel/fm10k/fm10k.h | 3 +-
drivers/net/ethernet/intel/i40e/i40e.h | 2 +-
drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 3 +-
drivers/net/ethernet/intel/i40e/i40e_main.c | 18 +-
drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 4 +-
drivers/net/ethernet/intel/ice/ice_flex_pipe.c | 2 +
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3 +-
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 +-
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 +
drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 +
drivers/net/ethernet/xilinx/xilinx_emaclite.c | 2 +-
drivers/net/hyperv/hyperv_net.h | 3 +
drivers/net/hyperv/netvsc_drv.c | 29 +-
drivers/net/phy/mscc/mscc_ptp.c | 1 +
drivers/net/phy/mscc/mscc_ptp.h | 1 +
drivers/net/phy/smsc.c | 1 +
drivers/net/ppp/pptp.c | 18 +-
drivers/net/usb/sierra_net.c | 4 +
drivers/net/usb/usbnet.c | 11 +-
drivers/net/virtio_net.c | 38 ++-
drivers/net/vrf.c | 2 +
drivers/net/wireless/ath/ath11k/hal.c | 25 +-
.../broadcom/brcm80211/brcmfmac/cfg80211.c | 8 +-
.../broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 +-
drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 +-
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11 +-
drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 +-
drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 +-
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4 +-
drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 +-
drivers/net/wireless/marvell/mwl8k.c | 4 +
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3 +-
.../net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2 +-
drivers/net/wireless/realtek/rtlwifi/pci.c | 23 +-
drivers/net/xen-netfront.c | 5 -
drivers/pci/controller/pcie-rockchip-host.c | 2 +-
drivers/pci/endpoint/pci-ep-cfs.c | 1 +
drivers/pci/endpoint/pci-epf-core.c | 2 +-
drivers/pci/hotplug/pnv_php.c | 235 ++++++++++++++--
drivers/pci/pci-acpi.c | 4 +-
drivers/pci/pci.c | 8 +-
drivers/pci/probe.c | 2 +-
drivers/phy/tegra/xusb-tegra186.c | 61 +++--
drivers/pinctrl/stm32/pinctrl-stm32.c | 1 +
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11 +-
drivers/platform/chrome/cros_ec.c | 23 +-
drivers/platform/chrome/cros_ec.h | 2 +-
drivers/platform/chrome/cros_ec_i2c.c | 4 +-
drivers/platform/chrome/cros_ec_lpc.c | 4 +-
drivers/platform/chrome/cros_ec_spi.c | 4 +-
drivers/platform/chrome/cros_ec_typec.c | 4 +-
drivers/platform/x86/thinkpad_acpi.c | 4 +-
drivers/power/supply/max14577_charger.c | 4 +-
drivers/pps/pps.c | 11 +-
drivers/ptp/ptp_clock.c | 13 +-
drivers/pwm/pwm-imx-tpm.c | 9 +
drivers/pwm/pwm-mediatek.c | 78 ++++--
drivers/regulator/core.c | 1 +
drivers/reset/Kconfig | 10 +-
drivers/rtc/rtc-ds1307.c | 17 +-
drivers/rtc/rtc-hym8563.c | 2 +-
drivers/rtc/rtc-pcf85063.c | 2 +-
drivers/rtc/rtc-pcf8563.c | 2 +-
drivers/rtc/rtc-rv3028.c | 2 +-
drivers/scsi/aacraid/comminit.c | 3 +-
drivers/scsi/bfa/bfad_im.c | 1 +
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6 +-
drivers/scsi/isci/request.c | 2 +-
drivers/scsi/libiscsi.c | 3 +-
drivers/scsi/lpfc/lpfc_debugfs.c | 1 -
drivers/scsi/lpfc/lpfc_scsi.c | 4 +
drivers/scsi/lpfc/lpfc_sli.c | 8 +-
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19 ++
drivers/scsi/mvsas/mv_sas.c | 4 +-
drivers/scsi/pm8001/pm8001_init.c | 11 +
drivers/scsi/pm8001/pm8001_sas.h | 1 +
drivers/scsi/qla4xxx/ql4_os.c | 2 +
drivers/scsi/scsi_scan.c | 2 +-
drivers/scsi/scsi_transport_sas.c | 62 ++++-
drivers/scsi/ufs/ufs-exynos.c | 4 +-
drivers/scsi/ufs/ufshcd.c | 10 +-
drivers/soc/aspeed/aspeed-lpc-snoop.c | 13 +-
drivers/soc/qcom/mdt_loader.c | 41 +++
drivers/soc/tegra/pmc.c | 51 ++--
drivers/soundwire/stream.c | 2 +-
drivers/staging/comedi/comedi_fops.c | 63 ++++-
drivers/staging/comedi/comedi_internal.h | 1 +
drivers/staging/comedi/drivers.c | 30 ++-
drivers/staging/comedi/drivers/aio_iiro_16.c | 3 +-
drivers/staging/comedi/drivers/comedi_test.c | 2 +-
drivers/staging/comedi/drivers/das16m1.c | 3 +-
drivers/staging/comedi/drivers/das6402.c | 3 +-
drivers/staging/comedi/drivers/pcl812.c | 3 +-
drivers/staging/fbtft/fbtft-core.c | 1 +
drivers/staging/media/imx/imx-media-csc-scaler.c | 2 +-
drivers/staging/nvec/nvec_power.c | 2 +-
drivers/thermal/thermal_sysfs.c | 9 +-
drivers/thunderbolt/domain.c | 2 +-
drivers/thunderbolt/switch.c | 2 +-
drivers/tty/serial/8250/8250_port.c | 3 +-
drivers/tty/serial/pch_uart.c | 2 +-
drivers/tty/vt/defkeymap.c_shipped | 112 ++++++++
drivers/tty/vt/keyboard.c | 2 +-
drivers/uio/uio_hv_generic.c | 4 +-
drivers/usb/atm/cxacru.c | 172 ++++++------
drivers/usb/chipidea/ci.h | 18 +-
drivers/usb/chipidea/udc.c | 10 +
drivers/usb/class/cdc-acm.c | 13 +-
drivers/usb/core/config.c | 10 +-
drivers/usb/core/hub.c | 60 ++++-
drivers/usb/core/hub.h | 1 +
drivers/usb/core/quirks.c | 1 +
drivers/usb/core/urb.c | 2 +-
drivers/usb/dwc3/core.c | 10 -
drivers/usb/dwc3/dwc3-meson-g12a.c | 3 +
drivers/usb/dwc3/dwc3-qcom.c | 7 +-
drivers/usb/dwc3/gadget.c | 14 +
drivers/usb/early/xhci-dbc.c | 4 +
drivers/usb/gadget/composite.c | 5 +
drivers/usb/gadget/configfs.c | 2 +
drivers/usb/gadget/udc/renesas_usb3.c | 1 +
drivers/usb/host/xhci-hub.c | 3 +-
drivers/usb/host/xhci-mem.c | 24 +-
drivers/usb/host/xhci-pci-renesas.c | 7 +-
drivers/usb/host/xhci-plat.c | 3 +-
drivers/usb/host/xhci-ring.c | 19 +-
drivers/usb/host/xhci.c | 24 +-
drivers/usb/host/xhci.h | 3 +-
drivers/usb/musb/musb_core.c | 62 ++---
drivers/usb/musb/musb_core.h | 11 +
drivers/usb/musb/musb_debugfs.c | 6 +-
drivers/usb/musb/musb_gadget.c | 30 ++-
drivers/usb/musb/musb_host.c | 6 +-
drivers/usb/musb/musb_virthub.c | 18 +-
drivers/usb/musb/omap2430.c | 10 +-
drivers/usb/phy/phy-mxs-usb.c | 4 +-
drivers/usb/serial/ftdi_sio.c | 2 +
drivers/usb/serial/ftdi_sio_ids.h | 3 +
drivers/usb/serial/option.c | 7 +
drivers/usb/storage/realtek_cr.c | 2 +-
drivers/usb/storage/unusual_devs.h | 29 ++
drivers/usb/typec/mux/intel_pmc_mux.c | 2 +-
drivers/usb/typec/tcpm/fusb302.c | 8 +
drivers/usb/typec/ucsi/psy.c | 2 +-
drivers/usb/typec/ucsi/ucsi.c | 1 +
drivers/usb/typec/ucsi/ucsi.h | 7 +-
drivers/vhost/scsi.c | 4 +-
drivers/vhost/vhost.c | 3 +
drivers/video/console/vgacon.c | 2 +-
drivers/video/fbdev/imxfb.c | 9 +-
drivers/watchdog/dw_wdt.c | 2 +
drivers/watchdog/ziirave_wdt.c | 3 +
drivers/xen/gntdev-common.h | 4 +
drivers/xen/gntdev.c | 71 +++--
fs/btrfs/ctree.h | 2 +-
fs/btrfs/inode.c | 4 +-
fs/btrfs/ioctl.c | 2 +-
fs/btrfs/qgroup.c | 2 +-
fs/btrfs/send.c | 4 +-
fs/btrfs/transaction.c | 2 +-
fs/btrfs/tree-log.c | 53 ++--
fs/buffer.c | 2 +-
fs/cifs/cifssmb.c | 10 +
fs/cifs/smb2ops.c | 7 +-
fs/cifs/smbdirect.c | 14 +-
fs/ext4/fsmap.c | 23 +-
fs/ext4/indirect.c | 4 +-
fs/ext4/inline.c | 19 +-
fs/ext4/inode.c | 2 +-
fs/f2fs/f2fs.h | 2 +-
fs/f2fs/inode.c | 28 +-
fs/f2fs/node.c | 10 +
fs/file.c | 15 ++
fs/hfs/bnode.c | 93 +++++++
fs/hfsplus/bnode.c | 92 +++++++
fs/hfsplus/extents.c | 3 -
fs/hfsplus/unicode.c | 7 +
fs/hfsplus/xattr.c | 6 +-
fs/hugetlbfs/inode.c | 2 +-
fs/isofs/inode.c | 9 +-
fs/jbd2/checkpoint.c | 1 +
fs/jfs/file.c | 3 +
fs/jfs/inode.c | 2 +-
fs/jfs/jfs_dmap.c | 10 +-
fs/libfs.c | 4 +-
fs/namespace.c | 89 ++++++-
fs/nfs/blocklayout/blocklayout.c | 4 +-
fs/nfs/blocklayout/dev.c | 5 +-
fs/nfs/blocklayout/extent_tree.c | 20 +-
fs/nfs/client.c | 46 +++-
fs/nfs/export.c | 11 +-
fs/nfs/flexfilelayout/flexfilelayout.c | 32 +--
fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6 +-
fs/nfs/inode.c | 6 +-
fs/nfs/internal.h | 10 +-
fs/nfs/nfs4client.c | 15 +-
fs/nfs/nfs4proc.c | 46 ++--
fs/nfs/pnfs.c | 11 +-
fs/nfsd/nfs4state.c | 34 ++-
fs/nilfs2/inode.c | 9 +-
fs/orangefs/orangefs-debugfs.c | 8 +-
fs/squashfs/super.c | 14 +-
fs/udf/super.c | 13 +-
include/asm-generic/barrier.h | 33 +++
include/linux/blk_types.h | 8 +-
include/linux/compiler.h | 8 -
include/linux/cpuset.h | 17 ++
include/linux/fs.h | 4 +-
include/linux/fs_context.h | 2 +-
include/linux/if_vlan.h | 6 +-
include/linux/memfd.h | 14 +
include/linux/minmax.h | 17 ++
include/linux/mm.h | 76 ++++--
include/linux/mmzone.h | 22 ++
include/linux/moduleparam.h | 5 +-
include/linux/pci.h | 1 +
include/linux/platform_data/cros_ec_proto.h | 4 +
include/linux/pps_kernel.h | 1 +
include/linux/sched/mm.h | 16 ++
include/linux/skbuff.h | 31 ++-
include/linux/usb/usbnet.h | 1 +
include/linux/xarray.h | 15 ++
include/net/cfg80211.h | 2 +-
include/net/tc_act/tc_ctinfo.h | 6 +-
include/net/udp.h | 24 +-
include/uapi/linux/in6.h | 4 +-
include/uapi/linux/io_uring.h | 2 +-
include/uapi/linux/mount.h | 3 +-
kernel/cgroup/cpuset.c | 23 ++
kernel/events/core.c | 20 +-
kernel/fork.c | 2 +-
kernel/power/console.c | 7 +-
kernel/rcu/tree_plugin.h | 3 +
kernel/trace/ftrace.c | 19 +-
kernel/trace/trace.c | 33 ++-
kernel/trace/trace.h | 8 +-
kernel/trace/trace_events.c | 5 +
mm/filemap.c | 2 +-
mm/hmm.c | 2 +-
mm/kmemleak.c | 10 +-
mm/madvise.c | 2 +-
mm/memfd.c | 2 +-
mm/mmap.c | 10 +-
mm/page_alloc.c | 13 +
mm/ptdump.c | 2 +
mm/shmem.c | 2 +-
mm/slab.h | 5 +-
mm/slob.c | 6 +-
mm/vmalloc.c | 16 +-
mm/zsmalloc.c | 6 +-
net/8021q/vlan.c | 42 ++-
net/8021q/vlan.h | 1 +
net/appletalk/aarp.c | 42 ++-
net/appletalk/ddp.c | 7 +-
net/bluetooth/l2cap_core.c | 26 +-
net/bluetooth/l2cap_sock.c | 3 +
net/bluetooth/smp.c | 21 +-
net/bluetooth/smp.h | 1 +
net/bridge/netfilter/nft_reject_bridge.c | 60 +----
net/caif/cfctrl.c | 294 ++++++++++-----------
net/core/filter.c | 3 +
net/core/netpoll.c | 7 +
net/hsr/hsr_slave.c | 8 +-
net/ipv4/netfilter/nf_reject_ipv4.c | 4 +-
net/ipv4/route.c | 1 -
net/ipv4/tcp_input.c | 3 +-
net/ipv4/udp_offload.c | 2 +-
net/ipv6/ip6_offload.c | 4 +-
net/ipv6/netfilter/nf_reject_ipv6.c | 4 +-
net/ipv6/rpl_iptunnel.c | 8 +-
net/ipv6/seg6_hmac.c | 3 +
net/mac80211/tx.c | 7 +
net/ncsi/internal.h | 2 +-
net/ncsi/ncsi-rsp.c | 1 +
net/netfilter/nf_conntrack_netlink.c | 24 +-
net/netfilter/nf_tables_api.c | 4 +-
net/netfilter/nft_reject.c | 12 +-
net/netfilter/nft_reject_inet.c | 68 +----
net/netfilter/xt_nfacct.c | 4 +-
net/netlink/af_netlink.c | 2 +-
net/packet/af_packet.c | 39 ++-
net/phonet/pep.c | 2 +-
net/sched/act_ctinfo.c | 19 +-
net/sched/sch_cake.c | 14 +-
net/sched/sch_codel.c | 5 +-
net/sched/sch_drr.c | 7 +-
net/sched/sch_ets.c | 46 ++--
net/sched/sch_fq_codel.c | 6 +-
net/sched/sch_hfsc.c | 8 +-
net/sched/sch_htb.c | 19 +-
net/sched/sch_netem.c | 40 +++
net/sched/sch_qfq.c | 40 ++-
net/sctp/input.c | 2 +-
net/tls/tls_sw.c | 13 +
net/vmw_vsock/af_vsock.c | 3 +-
net/wireless/mlme.c | 3 +-
samples/mei/mei-amt-version.c | 2 +-
scripts/kconfig/gconf.c | 8 +-
scripts/kconfig/lxdialog/inputbox.c | 6 +-
scripts/kconfig/lxdialog/menubox.c | 2 +-
scripts/kconfig/nconf.c | 2 +
scripts/kconfig/nconf.gui.c | 1 +
scripts/kconfig/qconf.cc | 2 +-
security/apparmor/include/match.h | 3 +-
security/apparmor/match.c | 1 +
security/inode.c | 2 -
sound/core/pcm_native.c | 19 +-
sound/pci/hda/patch_ca0132.c | 7 +-
sound/pci/hda/patch_hdmi.c | 19 ++
sound/pci/hda/patch_realtek.c | 3 +
sound/pci/intel8x0.c | 2 +-
sound/soc/codecs/hdac_hdmi.c | 10 +-
sound/soc/codecs/rt5640.c | 5 +
sound/soc/fsl/fsl_sai.c | 30 ++-
sound/soc/intel/boards/Kconfig | 2 +-
sound/soc/soc-core.c | 3 +
sound/soc/soc-dai.c | 19 +-
sound/soc/soc-dapm.c | 4 +
sound/soc/soc-ops.c | 28 +-
sound/usb/mixer_quirks.c | 14 +-
sound/usb/mixer_scarlett_gen2.c | 8 +
sound/usb/stream.c | 25 +-
sound/usb/validate.c | 14 +-
tools/bpf/bpftool/net.c | 15 +-
tools/include/linux/sched/mm.h | 2 +
tools/perf/tests/bp_account.c | 1 +
.../cpupower/utils/idle_monitor/mperf_monitor.c | 4 +-
tools/testing/ktest/ktest.pl | 5 +-
.../ftrace/test.d/event/subsystem-enable.tc | 28 +-
.../ftrace/test.d/ftrace/func-filter-glob.tc | 2 +-
tools/testing/selftests/futex/include/futextest.h | 11 +
tools/testing/selftests/memfd/memfd_test.c | 43 +++
tools/testing/selftests/net/mptcp/Makefile | 3 +-
.../selftests/net/mptcp/mptcp_connect_mmap.sh | 5 +
tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 +
tools/testing/selftests/net/rtnetlink.sh | 6 +
523 files changed, 4765 insertions(+), 2123 deletions(-)
2 weeks, 6 days
- 7
- 530
[PATCH] Revert "virtio_pci: Support surprise removal of virtio pci device"
by Parav Pandit
This reverts commit 43bb40c5b926 ("virtio_pci: Support surprise removal of virtio pci device").
Virtio drivers and PCI devices have never fully supported true
surprise (aka hot unplug) removal. Drivers historically continued
processing and waiting for pending I/O and even continued synchronous
device reset during surprise removal. Devices have also continued
completing I/Os, doing DMA and allowing device reset after surprise
removal to support such drivers.
Supporting it correctly would require a new device capability and
driver negotiation in the virtio specification to safely stop
I/O and free queue memory. Failure to do so either breaks all the
existing drivers with call trace listed in the commit or crashes the
host on continuing the DMA. Hence, until such specification and devices
are invented, restore the previous behavior of treating surprise
removal as graceful removal to avoid regressions and maintain system
stability same as before the
commit 43bb40c5b926 ("virtio_pci: Support surprise removal of virtio pci device").
As explained above, previous analysis of solving this only in driver
was incomplete and non-reliable at [1] and at [2]; Hence reverting commit
43bb40c5b926 ("virtio_pci: Support surprise removal of virtio pci device")
is still the best stand to restore failures of virtio net and
block devices.
[1] https://lore.kernel.org/virtualization/CY8PR12MB719506CC5613EB100BC6C638DCB…
[2] https://lore.kernel.org/virtualization/20250602024358.57114-1-parav@nvidia.…
Fixes: 43bb40c5b926 ("virtio_pci: Support surprise removal of virtio pci device")
Cc: stable(a)vger.kernel.org
Reported-by: lirongqing(a)baidu.com
Closes: https://lore.kernel.org/virtualization/c45dd68698cd47238c55fb73ca9b4741@bai…
Signed-off-by: Parav Pandit <parav(a)nvidia.com>
---
drivers/virtio/virtio_pci_common.c | 7 -------
1 file changed, 7 deletions(-)
diff --git a/drivers/virtio/virtio_pci_common.c b/drivers/virtio/virtio_pci_common.c
index d6d79af44569..dba5eb2eaff9 100644
--- a/drivers/virtio/virtio_pci_common.c
+++ b/drivers/virtio/virtio_pci_common.c
@@ -747,13 +747,6 @@ static void virtio_pci_remove(struct pci_dev *pci_dev)
struct virtio_pci_device *vp_dev = pci_get_drvdata(pci_dev);
struct device *dev = get_device(&vp_dev->vdev.dev);
- /*
- * Device is marked broken on surprise removal so that virtio upper
- * layers can abort any ongoing operation.
- */
- if (!pci_device_is_present(pci_dev))
- virtio_break_device(&vp_dev->vdev);
-
pci_disable_sriov(pci_dev);
unregister_virtio_device(&vp_dev->vdev);
--
2.26.2
2 weeks, 6 days
- 3
- 17
Ref:-""Breakthrough Funding for Innovative Ideas"
by Mr. William Man Fu Hung
Dear Entrepreneur,
"Global Support for Project & Business Development"
Need funds for your project or business plan? Our investors are ready to help and support you. Our network of professional investors offers soft loans to support project owners worldwide. Contact us to explore funding opportunities."
"Businesses and entrepreneurs seeking strategic partnerships and investment opportunities can benefit from our expertise. We consider collaborations in various sectors, including:
1. Business development
2. Project financing
3. Growth and expansion
4. Real estate investments
5. Strategic contracts
Note: IF YOU BRING A PROJECT OWNER TO US, YOU WILL RECEIVE A REFERER COMMISION. KINDLY DISCUSS PARTNERSHIP WITH US TODAY. info(a)firstcapitalsinvestors.com or firstcapitalsinvestors(a)gmail.com
We finance all kinds of viable projects ranging from personal projects to multi mega capital project. Organizational projects, . Government projects and community development are part of our services to humanity. We have support project such as real estate projects, Oil and Gas Projects, Health and medications, Engineering, Construction, Agriculture, Aviation, Retail sales business. All viable projects and businesses are welcome. Our investors are ready to support you.
Best Regards
Mr. William Man Fu Hung
First Capital Loans and Finance
www.firstcapitalsinvestors.com
info(a)firstcapitalsinvestors.com
2 weeks, 6 days
- 1
- 0
[PATCH] perf lzma: Fix return value in lzma_is_compressed()
by Miaoqian Lin
lzma_is_compressed() returns -1 on error but is declared as bool.
And -1 gets converted to true, which could be misleading.
Return false instead to match the declared type.
Fixes: 4b57fd44b61b ("perf tools: Add lzma_is_compressed function")
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com>
---
tools/perf/util/lzma.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/perf/util/lzma.c b/tools/perf/util/lzma.c
index bbcd2ffcf4bd..c355757ed391 100644
--- a/tools/perf/util/lzma.c
+++ b/tools/perf/util/lzma.c
@@ -120,7 +120,7 @@ bool lzma_is_compressed(const char *input)
ssize_t rc;
if (fd < 0)
- return -1;
+ return false;
rc = read(fd, buf, sizeof(buf));
close(fd);
--
2.39.5 (Apple Git-154)
2 weeks, 6 days
- 1
- 0