- Linux-stable-mirror - lists.linaro.org

Common Mistakes to Avoid When Calling Saudia Airlines

by danasia4＠ryvelide.com

📞 Call Saudia Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Saudia Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Saudia Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Saudia Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Saudia Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Saudia Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Saudia Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Saudia Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Saudia Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Saudia Airlines Now For immediate assistance, call Saudia Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Vueling Airlines Customer Contact Numbers in the USA — Complete Step-by-Step Guide

by danasia4＠ryvelide.com

📞 Call Vueling Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Vueling Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Vueling Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Vueling Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Vueling Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Vueling Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Vueling Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Vueling Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Vueling Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Vueling Airlines Now For immediate assistance, call Vueling Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

How to Quickly Reach a Live Agent for Assistance Etihad Airways

by scarlettfraz.ier84.045＠gmail.com

Need to talk to a real person Etihad Airways? Calling Etihad Airways directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Etihad Airways representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Etihad Airways (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Etihad Airways on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Etihad Airways App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Etihad Airways, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

1 month

1
0
0 0

Thai Airways Customer Service: Phone Number to Speak with a Real Person

by khakif0＠ryvelide.com

📞 Call Thai Airways Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Thai Airways in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Thai Airways customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Thai Airways official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Thai Airways app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Thai Airways support team—not a mis routed line. ✅ Summary If you need assistance with your Thai Airways travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Thai Airways flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Thai Airways Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Thai Airways Now For immediate assistance, call Thai Airways Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

How to Contact a Live Agent WestJet Airlines for Assistance

by scarlettfraz.ier84.045＠gmail.com

Need to talk to a real person WestJet Airlines? Calling WestJet Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real WestJet Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach WestJet Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM WestJet Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the WestJet Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to WestJet Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

1 month

1
0
0 0

Tap Air Customer Contact Numbers in the USA — Complete Step-by-Step Guide

by khakif0＠ryvelide.com

📞 Call Tap Air Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Tap Air in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Tap Air customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Tap Air official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Tap Air app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Tap Air support team—not a mis routed line. ✅ Summary If you need assistance with your Tap Air travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Tap Air flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Tap Air Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Tap Air Now For immediate assistance, call Tap Air Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Copa Airlines Customer Service: Phone Number to Speak with a Real Person

by khakif0＠ryvelide.com

📞 Call Copa Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Copa Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Copa Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Copa Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Copa Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Copa Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Copa Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Copa Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Copa Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Copa Airlines Now For immediate assistance, call Copa Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Contacting a Vueling Airlines Live Agent: A Simple Guide

by scarlettfraz.ier84.045＠gmail.com

Need to talk to a real person Vueling Airlines? Calling Vueling Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Vueling Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Vueling Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Vueling Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Vueling Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Vueling Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

1 month

1
0
0 0

Need to Talk to a Live Agent? Cape Air Customer Service Phone Number

by khakif0＠ryvelide.com

📞 Call Cape Air Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Cape Air in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Cape Air customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Cape Air official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Cape Air app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Cape Air support team—not a mis routed line. ✅ Summary If you need assistance with your Cape Air travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Cape Air flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Cape Air Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Cape Air Now For immediate assistance, call Cape Air Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Common Mistakes to Avoid When Calling Scandinavian Airlines

by khakif0＠ryvelide.com

📞 Call Scandinavian Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Scandinavian Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Scandinavian Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Scandinavian Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Scandinavian Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Scandinavian Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Scandinavian Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Scandinavian Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Scandinavian Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Scandinavian Airlines Now For immediate assistance, call Scandinavian Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

How to Connect with a Live Customer Service Agent Virgin Australia Airlines

by scarlettfraz.ier84.045＠gmail.com

Need to talk to a real person Virgin Australia Airlines? Calling Virgin Australia Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Virgin Australia Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Virgin Australia Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Virgin Australia Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Virgin Australia Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Virgin Australia Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

1 month

1
0
0 0

How to Connect with a Live Customer Service Agent Virgin Australia Airlines

by scarlettfraz.ier84.045＠gmail.com

Need to talk to a real person Virgin Australia Airlines? Calling Virgin Australia Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Virgin Australia Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Virgin Australia Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Virgin Australia Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Virgin Australia Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Virgin Australia Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

1 month

1
0
0 0

Etihad Airways customer service phone number for a real person.

by khakif0＠ryvelide.com

📞 Call Etihad Airways Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Etihad Airways in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Etihad Airways customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Etihad Airways official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Etihad Airways app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Etihad Airways support team—not a mis routed line. ✅ Summary If you need assistance with your Etihad Airways travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Etihad Airways flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Etihad Airways Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Etihad Airways Now For immediate assistance, call Etihad Airways Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Need Help with Vietnam Airlines? Here’s How to Speak to a Live Agent

by scarlettfraz.ier84.045＠gmail.com

Need to talk to a real person Vietnam Airlines? Calling Vietnam Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Vietnam Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Vietnam Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Vietnam Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Vietnam Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Vietnam Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

1 month

1
0
0 0

Contacting a Sun Country Airlines Live Agent: A Simple Guide

by scarlettfraz.ier84.045＠gmail.com

Need to talk to a real person Sun Country Airlines? Calling Sun Country Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real Sun Country Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach Sun Country Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM Sun Country Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the Sun Country Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to Sun Country Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

1 month

1
0
0 0

Need to Talk to a Live Agent? Vietnam Airlines Customer Service Phone Number

by melea53＠ryvelide.com

📞 Call Vietnam Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Vietnam Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Vietnam Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Vietnam Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Vietnam Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Vietnam Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Vietnam Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Vietnam Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Vietnam Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Vietnam Airlines Now For immediate assistance, call Vietnam Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

How to Reach a Live Agent SriLankan Airlines: A Quick Guide

by scarlettfraz.ier84.045＠gmail.com

Need to talk to a real person SriLankan Airlines? Calling SriLankan Airlines directly at 📞 1-866-284-3022. Whether you are trying to make a flight change, cancel your booking, ask about baggage, or resolve a booking issue, reaching a live agent can save you time, stress, and confusion. While automated systems are useful for simple tasks, some situations just need a human touch. In this guide, we will walk you through exactly how to reach a live person, what to prepare before calling, and alternate methods if the phone lines are busy. ☎️ First Things First: Call 1-866-284-3022 The most direct and reliable way to speak with a real SriLankan Airlines representative is by calling 📞 1-866-284-3022. This is Frontier’s official customer service number and should be your go-to for: ✈️ Flight changes or cancellations 🧾 Refund or credit questions 🛄 Baggage issues 🔁 Name corrections 🛑 Check-in or boarding problems 💺 Seat selection and upgrades Pro Tip: When calling, try to do so during non-peak hours — early mornings or late evenings — to reduce your hold time. 🎧 How to Navigate the Automated Menu When you call 1-866-284-3022, you will first hear an automated system. To get through to a live person faster, follow these steps: Dial 1-866-284-3022 Wait for the automated greeting to begin Press “1” for English (or “2” for Spanish) Press “2” for existing reservations Press “0” to speak with an agent (you may need to press "0" more than once) 👉 If “0” does not work immediately, stay on the line. Sometimes the system transfers you to an agent after a brief wait without needing more input. If the lines are busy and you are placed on hold, do not hang up — wait times vary, but you will eventually reach someone. 🧾 What to Have Ready Before You Call To help the agent assist you faster, make sure you have the following details on hand: 📌 Your confirmation code or booking number 📌 The full name on the reservation 📌 Your flight date and destination 📌 Any relevant documents (ID, credit card, etc.) 📌 A notepad for writing down instructions or confirmation numbers If you are calling to fix a mistake or request a refund, be prepared to briefly explain the issue and possibly provide documentation via email upon request. ⏰ Best Times to Call 1-866-284-3022 Customer service lines can be busy, especially during: ⚠️ Holidays ⚠️ Severe weather or flight delays ⚠️ Early morning flight hours 🎯 For the best chance at a short wait, try calling during these times: 🕔 5:00 AM – 7:00 AM (EST) 🕘 9:00 PM – 11:00 PM (EST) 📅 Midweek (Tuesdays and Wednesdays) Avoid Mondays if possible — it is the busiest day for airlines. 🧑‍💻 Alternative Ways to Reach SriLankan Airlines (If Phone Fails) If calling 📞 1-866-284-3022 does not work or you are stuck in a long queue, here are a few alternate ways to get help: 💬 1. Online Chat (Limited Availability) Visit www.flyfrontier.com Scroll down and look for the “Let’s Chat” option. This can connect you to a live agent or AI assistant, depending on availability. 📧 2. Email Support You can also submit a help request through their Customer Support Form online. Use this for non-urgent matters like refund requests or documentation review. 📱 3. Social Media Tweet or DM SriLankan Airlines on platforms like Twitter/X (@FlyFrontier) or send a message via Facebook. Sometimes social media agents respond faster than the phone team during high-volume periods. 📲 4. Mobile App Download the SriLankan Airlines App, log in, and navigate to “My Trips” or “Support” for quick options. While this will not guarantee a live agent, you might find answers to basic questions faster. ❗ Common Issues That Require a Live Agent While many tasks can be done online, certain problems are best resolved with a real person at 1-866-284-3022: 🛑 Double charges or billing issues 🔄 Complex flight changes involving multiple passengers 🛄 Lost or delayed baggage ✍️ Legal name changes (marriage, divorce, etc.) 🧑‍⚕️ Medical or accessibility needs during travel In these cases, avoid wasting time — call directly and ask for a live agent. 🚨 Beware of Fake Numbers and Scams Only use the official number: 📞 1-866-284-3022. Scammers often post fake “Frontier support” numbers online, asking for credit card info or login credentials. 🛡️ Never share your full credit card number or personal information with an unverified source. ✅ Final Thoughts Talking to a live person at an airline should not be this hard — but when it comes to SriLankan Airlines, knowing the right steps and phone number makes all the difference. 🧠 Remember: Dial 📞 1-866-284-3022 Press 0 to reach a live agent Call during off-peak hours Have your booking info ready Use alternative methods if the line is too busy 💡 The sooner you reach out, the more options you'll have to resolve your issue. ✈️ Whether you are rebooking, fixing an error, or checking a flight, calling 1-866-284-3022 connects you with someone who can truly help.

1 month

1
0
0 0

Aer Lingus Customer Service: Phone Number to Speak with a Real Person

by melea53＠ryvelide.com

📞 Call Aer Lingus Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Aer Lingus in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Aer Lingus customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Aer Lingus official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Aer Lingus app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Aer Lingus support team—not a mis routed line. ✅ Summary If you need assistance with your Aer Lingus travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Aer Lingus flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Aer Lingus Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Aer Lingus Now For immediate assistance, call Aer Lingus Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

How to Reach a Real Person at Play Airlines Customer Service

by melea53＠ryvelide.com

📞 Call Play Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Play Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Play Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Play Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Play Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Play Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Play Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Play Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Play Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Play Airlines Now For immediate assistance, call Play Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

JetBlue Airways customer service phone number for a real person.

by melea53＠ryvelide.com

📞 Call JetBlue Airways Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching JetBlue Airways in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for JetBlue Airways customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via JetBlue Airways official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the JetBlue Airways app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified JetBlue Airways support team—not a mis routed line. ✅ Summary If you need assistance with your JetBlue Airways travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my JetBlue Airways flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact JetBlue Airways Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact JetBlue Airways Now For immediate assistance, call JetBlue Airways Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Common Mistakes to Avoid When Calling Air Canada

by melea53＠ryvelide.com

📞 Call Air Canada Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Air Canada in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Air Canada customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Air Canada official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Air Canada app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Air Canada support team—not a mis routed line. ✅ Summary If you need assistance with your Air Canada travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Air Canada flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Air Canada Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Air Canada Now For immediate assistance, call Air Canada Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

China Eastern Airlines customer service phone number for a real person.

by melea53＠ryvelide.com

📞 Call China Eastern Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching China Eastern Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for China Eastern Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via China Eastern Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the China Eastern Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified China Eastern Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your China Eastern Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my China Eastern Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact China Eastern Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact China Eastern Airlines Now For immediate assistance, call China Eastern Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

How to Contact a Real Person at Latam Airlines Customer Support

by penelope225＠ryvelide.com

📞 Call Latam Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Latam Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Latam Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Latam Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Latam Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Latam Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Latam Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Latam Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Latam Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Latam Airlines Now For immediate assistance, call Latam Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Get in Touch with a Real Person at Southwest Airlines: Customer Service Number

by penelope225＠ryvelide.com

📞 Call Southwest Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Southwest Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Southwest Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Southwest Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Southwest Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Southwest Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Southwest Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Southwest Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Southwest Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Southwest Airlines Now For immediate assistance, call Southwest Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Volaris Airlines Customer Service: How to Talk to a Real Person Quickly

by penelope225＠ryvelide.com

📞 Call Volaris Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Volaris Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Volaris Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Volaris Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Volaris Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Volaris Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Volaris Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Volaris Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Volaris Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Volaris Airlines Now For immediate assistance, call Volaris Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Allegiant Airlines Phone Number for Live Customer Support Assistance

by penelope225＠ryvelide.com

📞 Call Allegiant Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Allegiant Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Allegiant Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Allegiant Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Allegiant Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Allegiant Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Allegiant Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Allegiant Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Allegiant Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Allegiant Airlines Now For immediate assistance, call Allegiant Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Get in Touch with a Real Person at Allegiant Airlines: Customer Service Number

by penelope225＠ryvelide.com

📞 Call Allegiant Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Allegiant Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Allegiant Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Allegiant Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Allegiant Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Allegiant Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Allegiant Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Allegiant Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Allegiant Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Allegiant Airlines Now For immediate assistance, call Allegiant Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

How to Speak with a Live Person at Sun Country Airlines Customer Service

by penelope225＠ryvelide.com

📞 Call Sun Country Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Sun Country Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Sun Country Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Sun Country Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Sun Country Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Sun Country Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Sun Country Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Sun Country Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Sun Country Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Sun Country Airlines Now For immediate assistance, call Sun Country Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Contacting Alaska Airlines for Accessibility or Special Assistance

by penelope225＠ryvelide.com

📞 Call Alaska Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Alaska Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Alaska Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Alaska Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Alaska Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Alaska Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Alaska Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Alaska Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Alaska Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Alaska Airlines Now For immediate assistance, call Alaska Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

How to Speak with a Live Person at Spirit Airlines Customer Service

by miquelb11＠ryvelide.com

📞 Call Spirit Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Spirit Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Spirit Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Spirit Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Spirit Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Spirit Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Spirit Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Spirit Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Spirit Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Spirit Airlines Now For immediate assistance, call Spirit Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Get in Touch with a Real Person at Aeromexico Airlines: Customer Service Number

by miquelb11＠ryvelide.com

📞 Call Aeromexico Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Aeromexico Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Aeromexico Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Aeromexico Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Aeromexico Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Aeromexico Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Aeromexico Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Aeromexico Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Aeromexico Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Aeromexico Airlines Now For immediate assistance, call Aeromexico Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

How to Reach a Real Person at Avelo Airlines Customer Service

by miquelb11＠ryvelide.com

📞 Call Avelo Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Avelo Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Avelo Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Avelo Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Avelo Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Avelo Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Avelo Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Avelo Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Avelo Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Avelo Airlines Now For immediate assistance, call Avelo Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Common Mistakes to Avoid When Calling Contour Airlines

by miquelb11＠ryvelide.com

📞 Call Contour Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Contour Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Contour Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Contour Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Contour Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Contour Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Contour Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Contour Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Contour Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Contour Airlines Now For immediate assistance, call Contour Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Condor Airlines Customer Contact Numbers in the USA — Complete Step-by-Step Guide

by miquelb11＠ryvelide.com

📞 Call Condor Airlines Customer Service at +1-866-284-3022 right away if you need assistance—this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Condor Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +1-866-284-3022 as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Condor Airlines customer support in the U.S. is +1-866-284-3022. You can call +1-866-284-3022 anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +1-866-284-3022 is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Condor Airlines official site. • One forum lists the hotline as +1-866-284-3022 for U.S. customers. • Another cites numbers like ++1-866-284-3022 or +1-866-284-3022 • Still others list +1-866-284-3022 Because of this variation, the safest and most reliable number remains +1-866-284-3022 (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +1-866-284-3022, you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +1-866-284-3022. ⏱ Tips to Reach a Live Agent Faster • Call +1-866-284-3022 during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say “agent” or press “0” to bypass menus and reach a representative. • Use +1-866-284-3022 for urgent issues; for less urgent ones you can also try live chat or the Condor Airlines app. • Remain polite and have your details ready—especially when you call +1-866-284-3022, to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +1-866-284-3022 as the primary U.S. customer service number. Using +1-866-284-3022 ensures you reach the verified Condor Airlines support team—not a mis routed line. ✅ Summary If you need assistance with your Condor Airlines travel in the U.S., your first call should be to +1-866-284-3022. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help—day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Condor Airlines flight? Call 📞 1-866-284-3022 to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Condor Airlines Customer Service at 1-866-284-3022. Our agents will guide you through the cancellation process and initiate your refund according to the airline’s policy. 3. Can I upgrade my seat after booking? Yes! Call 1-866-284-3022 to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there’s a spelling error or mismatch in your ticket, contact 1-866-284-3022 immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call 1-866-284-3022. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Condor Airlines Now For immediate assistance, call Condor Airlines Customer Support at 1-866-284-3022. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations — ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

Frontier Airlines Customer Service: How to Talk to a Real Person Quickly

by miquelb11＠ryvelide.com

📞 Call Frontier Airlines Customer Service at +[SCAMMER] right away if you need assistance--this is the main U.S. line and is available 24/7. 😊 Here is your complete guide to reaching Frontier Airlines in the USA with all the numbers and suggestions to get you helped fast. This guide uses +[SCAMMER] as the primary contact, and I will refer to it several times to make it easy to remember. 📞 Key Contact Number The go to phone number for Frontier Airlines customer support in the U.S. is +[SCAMMER]. You can call +[SCAMMER] anytime (24 hours a day, 7 days a week) for general customer service, including bookings, flight changes, baggage issues, or refunds. 🧭 Other Contact Options & Numbers While +[SCAMMER] is the main line, the online travel community lists a variety of numbers that are reported by users. Some of these may be older or unofficial, so use them with caution and always verify via Frontier Airlines official site. • One forum lists the hotline as +[SCAMMER] for U.S. customers. • Another cites numbers like ++[SCAMMER] or +[SCAMMER] • Still others list +[SCAMMER] Because of this variation, the safest and most reliable number remains +[SCAMMER] (as per official site) when in the U.S. 🎯 What to Use the Call For When you dial +[SCAMMER], you can ask for help with: • Flight cancellations or changes • Refunds or credits • Baggage delays, lost or damaged items • Reservation errors or ticketing issues • Accessibility requests or special services Having your booking number, flight date, and any relevant reference ready will speed things up when you call +[SCAMMER]. ⏱ Tips to Reach a Live Agent Faster • Call +[SCAMMER] during off peak hours (e.g., early morning or late evening) to avoid long hold times. • When the automated system starts, say "agent" or press "0" to bypass menus and reach a representative. • Use +[SCAMMER] for urgent issues; for less urgent ones you can also try live chat or the Frontier Airlines app. • Remain polite and have your details ready--especially when you call +[SCAMMER], to help the agent assist you efficiently. 🌍 Why Use the Official Number? Because multiple third party forums list different numbers (e.g., +1 855 xxx xx41, +1 877 xxx xx72, +1 866 xxx xx25), it is easy to get confused. These may be outdated or unofficial. The official site confirms +[SCAMMER] as the primary U.S. customer service number. Using +[SCAMMER] ensures you reach the verified Frontier Airlines support team--not a mis routed line. ✅ Summary If you need assistance with your Frontier Airlines travel in the U.S., your first call should be to +[SCAMMER]. Whether it is a last minute change, baggage issue, or booking question, calling +1 866 284 3022 connects you to professional help--day or night. Keep that number handy and you will be ready if any travel hiccup occurs. ❓ Frequently Asked Questions (FAQs) 1. How can I change or rebook my Frontier Airlines flight? Call 📞 [SCAMMER] to speak with a live agent who can help modify your travel date or destination. Rebooking fees and fare differences may apply depending on your ticket type. 2. How do I cancel my ticket and get a refund? Contact Frontier Airlines Customer Service at [SCAMMER]. Our agents will guide you through the cancellation process and initiate your refund according to the airline's policy. 3. Can I upgrade my seat after booking? Yes! Call [SCAMMER] to request seat upgrades, including premium or preferred seating options. Availability depends on the flight and fare class. 4. How can I correct a name on my booking? If there's a spelling error or mismatch in your ticket, contact [SCAMMER] immediately. Our support team can assist with minor corrections without affecting your booking. 5. How do I add children or infants to my existing booking? To add kids to a reservation, call [SCAMMER]. The agent will help include infants or children in your booking and provide fare details and seat assignments. 📞 Contact Frontier Airlines Now For immediate assistance, call Frontier Airlines Customer Support at [SCAMMER]. Our expert agents are available 24/7 to help with bookings, flight changes, cancellations, refunds, seat upgrades, and adding children to your reservations -- ensuring a smooth and stress-free travel experience.

1 month

1
0
0 0

[PATCH] btrfs: make sure no dirty metadata write is submitted after btrfs_stop_all_workers()

by Qu Wenruo

[BUG] During development of a minor feature (make sure all btrfs_bio::end_io() is called in task context), I noticed a crash in generic/388, where metadata writes triggered new works after btrfs_stop_all_workers(). It turns out that it can even happen without any code modification, just using RAID5 for metadata and the same workload from generic/388 is going to trigger the use-after-free. [CAUSE] If btrfs hits an error, the fs is marked as error, no new transaction is allowed thus metadata is in a frozen state. But there are some metadata modification before that error, and they are still in the btree inode page cache. Since there will be no real transaction commitment, all those dirty folios are just kept as is in the page cache, and they can not be invalidated by invalidate_inode_pages2() call inside close_ctree(), because they are dirty. And finally after btrfs_stop_all_workers(), we call iput() on btree inode, which triggers writeback of those dirty metadata. And if the fs is using RAID56 metadata, this will trigger RMW and queue new works into rmw_workers, which is already stopped, causing warning from queue_work() and use-after-free. [FIX] Add a special handling for write_one_eb(), that if the fs is already in an error state immediately mark the bbio as failure, instead of really submitting them into the device. This means for test case like generic/388, at iput() those dirty folios will just be discarded without triggering IO. CC: stable(a)vger.kernel.org Signed-off-by: Qu Wenruo <wqu(a)suse.com> --- fs/btrfs/disk-io.c | 12 ++++++++++++ fs/btrfs/extent_io.c | 11 +++++++++++ 2 files changed, 23 insertions(+) diff --git a/fs/btrfs/disk-io.c b/fs/btrfs/disk-io.c index 0aa7e5d1b05f..8b0fc2df85f1 100644 --- a/fs/btrfs/disk-io.c +++ b/fs/btrfs/disk-io.c @@ -4402,11 +4402,23 @@ void __cold close_ctree(struct btrfs_fs_info *fs_info) btrfs_put_block_group_cache(fs_info); + /* + * If the fs is already in trans aborted case, also trigger writeback of all + * dirty metadata folios. + * Those folios will not reach disk but dicarded directly. + * This is to make sure no dirty folios before iput(), or iput() will + * trigger writeback again, and may even cause extra works queued + * into workqueue. + */ + if (unlikely(BTRFS_FS_ERROR(fs_info))) + filemap_write_and_wait(fs_info->btree_inode->i_mapping); + /* * we must make sure there is not any read request to * submit after we stopping all workers. */ invalidate_inode_pages2(fs_info->btree_inode->i_mapping); + btrfs_stop_all_workers(fs_info); /* We shouldn't have any transaction open at this point */ diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index 870584dde575..a8a53409bb3f 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -2246,6 +2246,17 @@ static noinline_for_stack void write_one_eb(struct extent_buffer *eb, wbc_account_cgroup_owner(wbc, folio, range_len); folio_unlock(folio); } + /* + * If the fs is already in error status, do not submit any writeback + * but immediately finish it. + * This is to avoid iput() triggering dirty folio writeback for + * transaction aborted fses, which can cause extra works into + * already stopped workqueues. + */ + if (unlikely(BTRFS_FS_ERROR(fs_info))) { + btrfs_bio_end_io(bbio, errno_to_blk_status(-EROFS)); + return; + } btrfs_submit_bbio(bbio, 0); } -- 2.51.0

1 month

3
7
0 0

[PATCH v2] btrfs: ensure no dirty metadata is written back for an fs with errors

by Qu Wenruo

[BUG] During development of a minor feature (make sure all btrfs_bio::end_io() is called in task context), I noticed a crash in generic/388, where metadata writes triggered new works after btrfs_stop_all_workers(). It turns out that it can even happen without any code modification, just using RAID5 for metadata and the same workload from generic/388 is going to trigger the use-after-free. [CAUSE] If btrfs hits an error, the fs is marked as error, no new transaction is allowed thus metadata is in a frozen state. But there are some metadata modifications before that error, and they are still in the btree inode page cache. Since there will be no real transaction commit, all those dirty folios are just kept as is in the page cache, and they can not be invalidated by invalidate_inode_pages2() call inside close_ctree(), because they are dirty. And finally after btrfs_stop_all_workers(), we call iput() on btree inode, which triggers writeback of those dirty metadata. And if the fs is using RAID56 metadata, this will trigger RMW and queue new works into rmw_workers, which is already stopped, causing warning from queue_work() and use-after-free. [FIX] Add a special handling for write_one_eb(), that if the fs is already in an error state, immediately mark the bbio as failure, instead of really submitting them. Then during close_ctree(), iput() will just discard all those dirty tree blocks without really writing them back, thus no more new jobs for already stopped-and-freed workqueues. The extra discard in write_one_eb() also acts as an extra safenet. E.g. the transaction abort is triggered by some extent/free space tree corruptions, and since extent/free space tree is already corrupted some tree blocks may be allocated where they shouldn't be (overwriting existing tree blocks). In that case writing them back will further corrupting the fs. CC: stable(a)vger.kernel.org #6.6 Signed-off-by: Qu Wenruo <wqu(a)suse.com> --- Changelog v2: - Various grammar and newline fixes - A shorter title line - Enhance the [FIX] part, explain the full fix - Limit the backport for 6.6 v6.1 code base is very different compared to the current one, thus backporting to v6.6 would be the limit. - Explain more why discarding bios at write_one_eb() is safer - Remove the extra flushing part inside close_ctree() There is no difference flushing the dirty folios manually or by iput(), as dirty folios are discarded anyway, no new job will be created. --- fs/btrfs/extent_io.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index 870584dde575..8f6b8baba003 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -2246,6 +2246,14 @@ static noinline_for_stack void write_one_eb(struct extent_buffer *eb, wbc_account_cgroup_owner(wbc, folio, range_len); folio_unlock(folio); } + /* + * If the fs is already in error status, do not submit any writeback + * but immediately finish it. + */ + if (unlikely(BTRFS_FS_ERROR(fs_info))) { + btrfs_bio_end_io(bbio, errno_to_blk_status(-EROFS)); + return; + } btrfs_submit_bbio(bbio, 0); } -- 2.51.0

1 month

2
1
0 0

SPI flash transfer failed

by 张鹏

SGksCkR1cmluZyB0aGUgc3RhYmlsaXR5IHRlc3QsIEkgcmVwZWF0ZWRseSByZWJvb3RlZCAxMDAgZGV2aWNlcyBhbmQgdGhlbiBvYnNlcnZlZCB0aGVpciBzdGFydHVwIGxvZ3MuIFdoZW4gdXNpbmcga2VybmVsNC54LCB0aGV5IGFsbCB3b3JrIHZlcnkgd2VsbC4gQWZ0ZXIgMTAwMCBjb25zZWN1dGl2ZSB0ZXN0cywgbm8gcHJvYmxlbXMgaGF2ZSBvY2N1cnJlZC4gSG93ZXZlciwgd2hlbiBJIHVwZGF0ZWQgdGhlIGtlcm5lbCB2ZXJzaW9uIHRvIDUueC82LngsIGFmdGVyIHRlc3RpbmcgaW4gdGhlIHNhbWUgZW52aXJvbm1lbnQgZm9yIGFib3V0IHNldmVyYWwgZG96ZW4gdGltZXMsIHNvbWUgZGV2aWNlcyBleHBlcmllbmNlZCBhYm5vcm1hbGl0aWVzLiBJIHRlc3RlZCBtYW55IGRpZmZlcmVudCB2ZXJzaW9ucyBhbmQgYWxtb3N0IGFsbCB2ZXJzaW9ucyB3aXRoIGtlcm5lbCZndDs1LnggaGFkIHByb2JsZW1zLgoKCldoZW4gSSB3YXMgc2VhcmNoaW5nIGZvciByZWxhdGVkIHF1ZXN0aW9ucywgSSBmb3VuZCB0aGF0IG1hbnkgcGVvcGxlIGhhZCBlbmNvdW50ZXJlZCB0aGlzIHNpdHVhdGlvbi4KaHR0cHM6Ly9mb3J1bS5vcGVud3J0Lm9yZy90L3BhdGNoLXNxdWFzaGZzLWRhdGEtcHJvYmFibHktY29ycnVwdC83MDQ4MApodHRwczovL2dpdGh1Yi5jb20vb3BlbndydC9vcGVud3J0L3B1bGwvMTMxNDcKCgoKCmxvZzoKWyAmbmJzcDsgODkuNDMxODk3XSBzcGktbm9yIHNwaTAuMDogU1BJIHRyYW5zZmVyIGZhaWxlZDogLTExMApbICZuYnNwOyA4OS40MzIzNjldIHNwaV9tYXN0ZXIgc3BpMDogZmFpbGVkIHRvIHRyYW5zZmVyIG9uZSBtZXNzYWdlIGZyb20gcXVldWUKWyAmbmJzcDsgODkuNDM2NTU5XSBibGtfdXBkYXRlX3JlcXVlc3Q6IEkvTyBlcnJvciwgZGV2IG10ZGJsb2NrMTAsIHNlY3RvciAzOTA0IG9wIDB4MDooUkVBRCkgZmxhZ3MgMHg4MDAgcGh5c19zZWcgNCBwcmlvIGNsYXNzIDAKWyAmbmJzcDsgOTAuNDcxMjE0XSBzcGktbm9yIHNwaTAuMDogU1BJIHRyYW5zZmVyIGZhaWxlZDogLTExMApbICZuYnNwOyA5MC40NzEzNDldIHNwaV9tYXN0ZXIgc3BpMDogZmFpbGVkIHRvIHRyYW5zZmVyIG9uZSBtZXNzYWdlIGZyb20gcXVldWUKWyAmbmJzcDsgOTAuNDc1NTQ0XSBibGtfdXBkYXRlX3JlcXVlc3Q6IEkvTyBlcnJvciwgZGV2IG10ZGJsb2NrMTAsIHNlY3RvciAzOTEyIG9wIDB4MDooUkVBRCkgZmxhZ3MgMHg4MDAgcGh5c19zZWcgMyBwcmlvIGNsYXNzIDAKWyAmbmJzcDsgOTEuNTExMjYwXSBzcGktbm9yIHNwaTAuMDogU1BJIHRyYW5zZmVyIGZhaWxlZDogLTExMApbICZuYnNwOyA5MS41MTEzOTZdIHNwaV9tYXN0ZXIgc3BpMDogZmFpbGVkIHRvIHRyYW5zZmVyIG9uZSBtZXNzYWdlIGZyb20gcXVldWUKWyAmbmJzcDsgOTEuNTE1Mzg5XSBibGtfdXBkYXRlX3JlcXVlc3Q6IEkvTyBlcnJvciwgZGV2IG10ZGJsb2NrMTAsIHNlY3RvciAzOTIwIG9wIDB4MDooUkVBRCkgZmxhZ3MgMHg4MDAgcGh5c19zZWcgMiBwcmlvIGNsYXNzIDAKWyAmbmJzcDsgOTIuNTUxMjE0XSBzcGktbm9yIHNwaTAuMDogU1BJIHRyYW5zZmVyIGZhaWxlZDogLTExMApbICZuYnNwOyA5Mi41NTEzNDldIHNwaV9tYXN0ZXIgc3BpMDogZmFpbGVkIHRvIHRyYW5zZmVyIG9uZSBtZXNzYWdlIGZyb20gcXVldWUKWyAmbmJzcDsgOTIuNTU1MzQzXSBibGtfdXBkYXRlX3JlcXVlc3Q6IEkvTyBlcnJvciwgZGV2IG10ZGJsb2NrMTAsIHNlY3RvciAzOTI4IG9wIDB4MDooUkVBRCkgZmxhZ3MgMHg4MDAgcGh5c19zZWcgMSBwcmlvIGNsYXNzIDAKWyAmbmJzcDsgOTIuNTYyMTY3XSBTUVVBU0hGUyBlcnJvcjogRmFpbGVkIHRvIHJlYWQgYmxvY2sgMHgxZGUwNWU6IC01ClsgJm5ic3A7IDkyLjU3MjgzNF0gU1FVQVNIRlMgZXJyb3I6IFVuYWJsZSB0byByZWFkIGZyYWdtZW50IGNhY2hlIGVudHJ5IFsxZGUwNWVdClsgJm5ic3A7IDkyLjU3ODM4OF0gU1FVQVNIRlMgZXJyb3I6IFVuYWJsZSB0byByZWFkIHBhZ2UsIGJsb2NrIDFkZTA1ZSwgc2l6ZSBkNDUwClsgJm5ic3A7IDkyLjU4NTI3Ml0gU1FVQVNIRlMgZXJyb3I6IFVuYWJsZSB0byByZWFkIGZyYWdtZW50IGNhY2hlIGVudHJ5IFsxZGUwNWVdClsgJm5ic3A7IDkyLjU5MTg0Nl0gU1FVQVNIRlMgZXJyb3I6IFVuYWJsZSB0byByZWFkIHBhZ2UsIGJsb2NrIDFkZTA1ZSwgc2l6ZSBkNDUwi

1 month

1
0
0 0

[PATCH v2] sched/fair: Clear ->h_load_next when unregistering cgroup

by Peng Wang

An invalid pointer dereference bug was reported on arm64 cpu, and has not yet been seen on x86. A partial oops looks like: Call trace: update_cfs_rq_h_load+0x80/0xb0 wake_affine+0x158/0x168 select_task_rq_fair+0x364/0x3a8 try_to_wake_up+0x154/0x648 wake_up_q+0x68/0xd0 futex_wake_op+0x280/0x4c8 do_futex+0x198/0x1c0 __arm64_sys_futex+0x11c/0x198 Link: https://lore.kernel.org/all/20251013071820.1531295-1-CruzZhao@linux.alibaba… We found that the task_group corresponding to the problematic se is not in the parent task_group’s children list, indicating that h_load_next points to an invalid address. Consider the following cgroup and task hierarchy: A / \ / \ B E / \ | / \ t2 C D | | t0 t1 Here follows a timing sequence that may be responsible for triggering the problem: CPU X CPU Y CPU Z wakeup t0 set list A->B->C traverse A->B->C t0 exits destroy C wakeup t2 set list A->E wakeup t1 set list A->B->D traverse A->B->C panic CPU Z sets ->h_load_next list to A->B->D, but due to arm64 weaker memory ordering, Y may observe A->B before it sees B->D, then in this time window, it can traverse A->B->C and reach an invalid se. We can avoid stale pointer accesses by clearing ->h_load_next when unregistering cgroup. Suggested-by: Vincent Guittot <vincent.guittot(a)linaro.org> Fixes: 685207963be9 ("sched: Move h_load calculation to task_h_load()") Cc: <stable(a)vger.kernel.org> Co-developed-by: Cruz Zhao <CruzZhao(a)linux.alibaba.com> Signed-off-by: Cruz Zhao <CruzZhao(a)linux.alibaba.com> Signed-off-by: Peng Wang <peng_wang(a)linux.alibaba.com> --- kernel/sched/fair.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c index cee1793e8277..a5fce15093d3 100644 --- a/kernel/sched/fair.c +++ b/kernel/sched/fair.c @@ -13427,6 +13427,14 @@ void unregister_fair_sched_group(struct task_group *tg) list_del_leaf_cfs_rq(cfs_rq); } remove_entity_load_avg(se); + /* + * Clear parent's h_load_next if it points to the + * sched_entity being freed to avoid stale pointer. + */ + struct cfs_rq *parent_cfs_rq = cfs_rq_of(se); + + if (READ_ONCE(parent_cfs_rq->h_load_next) == se) + WRITE_ONCE(parent_cfs_rq->h_load_next, NULL); } /* -- 2.27.0

1 month

2
3
0 0

[PATCH 6.12.y] platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL

by alvalan9＠foxmail.com

From: Suma Hegde <suma.hegde(a)amd.com> [ Upstream commit 2c78fb287e1f430b929f2e49786518350d15605c ] If metric table address is not allocated, accessing metrics_bin will result in a NULL pointer dereference, so add a check. Fixes: 5150542b8ec5 ("platform/x86/amd/hsmp: add support for metrics tbl") Signed-off-by: Suma Hegde <suma.hegde(a)amd.com> Link: https://lore.kernel.org/r/20250807100637.952729-1-suma.hegde@amd.com Reviewed-by: Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> Signed-off-by: Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> [ Minor context change fixed. ] Signed-off-by: Alva Lan <alvalan9(a)foxmail.com> --- drivers/platform/x86/amd/hsmp.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/platform/x86/amd/hsmp.c b/drivers/platform/x86/amd/hsmp.c index 8fcf38eed7f0..66deb475f807 100644 --- a/drivers/platform/x86/amd/hsmp.c +++ b/drivers/platform/x86/amd/hsmp.c @@ -569,6 +569,11 @@ static ssize_t hsmp_metric_tbl_read(struct file *filp, struct kobject *kobj, if (!sock) return -EINVAL; + if (!sock->metric_tbl_addr) { + dev_err(sock->dev, "Metrics table address not available\n"); + return -ENOMEM; + } + /* Do not support lseek(), reads entire metric table */ if (count < bin_attr->size) { dev_err(sock->dev, "Wrong buffer size\n"); -- 2.43.0

1 month

1
0
0 0

[PATCH 1/2] LoongArch: KVM: Restore guest PMU if it is enabled

by Bibo Mao

On LoongArch system, guest PMU hardware is shared by guest and host and PMU interrupt is separated. PMU is pass-through to VM, and there is PMU context switch when exit to host and return to guest. There is optimiation to check whether PMU is enabled by guest. If not, it is not necessary to return to guest. However it is enabled, PMU context for guest need switch on. Now KVM_REQ_PMU notification is set on vcpu context switch, however it is missing if there is no vcpu context switch and PMU is used by guest VM. Fixes: f4e40ea9f78f ("LoongArch: KVM: Add PMU support for guest") Cc: <stable(a)vger.kernel.org> Signed-off-by: Bibo Mao <maobibo(a)loongson.cn> --- arch/loongarch/kvm/vcpu.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/loongarch/kvm/vcpu.c b/arch/loongarch/kvm/vcpu.c index 30e3b089a596..bf56ad29ac15 100644 --- a/arch/loongarch/kvm/vcpu.c +++ b/arch/loongarch/kvm/vcpu.c @@ -132,6 +132,9 @@ static void kvm_lose_pmu(struct kvm_vcpu *vcpu) * Clear KVM_LARCH_PMU if the guest is not using PMU CSRs when * exiting the guest, so that the next time trap into the guest. * We don't need to deal with PMU CSRs contexts. + * + * Otherwise set request bit KVM_REQ_PMU to restore guest PMU + * before entering guest VM */ val = kvm_read_sw_gcsr(csr, LOONGARCH_CSR_PERFCTRL0); val |= kvm_read_sw_gcsr(csr, LOONGARCH_CSR_PERFCTRL1); @@ -139,6 +142,8 @@ static void kvm_lose_pmu(struct kvm_vcpu *vcpu) val |= kvm_read_sw_gcsr(csr, LOONGARCH_CSR_PERFCTRL3); if (!(val & KVM_PMU_EVENT_ENABLED)) vcpu->arch.aux_inuse &= ~KVM_LARCH_PMU; + else + kvm_make_request(KVM_REQ_PMU, vcpu); kvm_restore_host_pmu(vcpu); } -- 2.39.3

1 month

1
0
0 0

[PATCH v2] drm/ast: Blank with VGACR17 sync enable, always clear VGACRB6 sync off

by Thomas Zimmermann

Blank the display by disabling sync pulses with VGACR17<7>. Unblank by reenabling them. This VGA setting should be supported by all Aspeed hardware. Ast currently blanks via sync-off bits in VGACRB6. Not all BMCs handle VGACRB6 correctly. After disabling sync during a reboot, some BMCs do not reenable it after the soft reset. The display output remains dark. When the display is off during boot, some BMCs set the sync-off bits in VGACRB6, so the display remains dark. Observed with Blackbird AST2500 BMCs. Clearing the sync-off bits unconditionally fixes these issues. Also do not modify VGASR1's SD bit for blanking, as it only disables GPU access to video memory. v2: - init vgacrb6 correctly (Jocelyn) Signed-off-by: Thomas Zimmermann <tzimmermann(a)suse.de> Fixes: ce3d99c83495 ("drm: Call drm_atomic_helper_shutdown() at shutdown time for misc drivers") Tested-by: Nick Bowler <nbowler(a)draconx.ca> Reported-by: Nick Bowler <nbowler(a)draconx.ca> Closes: https://lore.kernel.org/dri-devel/wpwd7rit6t4mnu6kdqbtsnk5bhftgslio6e2jgkz6… Cc: Douglas Anderson <dianders(a)chromium.org> Cc: Dave Airlie <airlied(a)redhat.com> Cc: Thomas Zimmermann <tzimmermann(a)suse.de> Cc: Jocelyn Falempe <jfalempe(a)redhat.com> Cc: dri-devel(a)lists.freedesktop.org Cc: <stable(a)vger.kernel.org> # v6.7+ --- drivers/gpu/drm/ast/ast_mode.c | 18 ++++++++++-------- drivers/gpu/drm/ast/ast_reg.h | 1 + 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/drivers/gpu/drm/ast/ast_mode.c b/drivers/gpu/drm/ast/ast_mode.c index 6b9d510c509d..9b6a7c54fbb5 100644 --- a/drivers/gpu/drm/ast/ast_mode.c +++ b/drivers/gpu/drm/ast/ast_mode.c @@ -836,22 +836,24 @@ ast_crtc_helper_atomic_flush(struct drm_crtc *crtc, static void ast_crtc_helper_atomic_enable(struct drm_crtc *crtc, struct drm_atomic_state *state) { struct ast_device *ast = to_ast_device(crtc->dev); + u8 vgacr17 = 0x00; + u8 vgacrb6 = 0xff; - ast_set_index_reg_mask(ast, AST_IO_VGACRI, 0xb6, 0xfc, 0x00); - ast_set_index_reg_mask(ast, AST_IO_VGASRI, 0x01, 0xdf, 0x00); + vgacr17 |= AST_IO_VGACR17_SYNC_ENABLE; + vgacrb6 &= ~(AST_IO_VGACRB6_VSYNC_OFF | AST_IO_VGACRB6_HSYNC_OFF); + + ast_set_index_reg_mask(ast, AST_IO_VGACRI, 0x17, 0x7f, vgacr17); + ast_set_index_reg_mask(ast, AST_IO_VGACRI, 0xb6, 0xfc, vgacrb6); } static void ast_crtc_helper_atomic_disable(struct drm_crtc *crtc, struct drm_atomic_state *state) { struct drm_crtc_state *old_crtc_state = drm_atomic_get_old_crtc_state(state, crtc); struct ast_device *ast = to_ast_device(crtc->dev); - u8 vgacrb6; + u8 vgacr17 = 0xff; - ast_set_index_reg_mask(ast, AST_IO_VGASRI, 0x01, 0xdf, AST_IO_VGASR1_SD); - - vgacrb6 = AST_IO_VGACRB6_VSYNC_OFF | - AST_IO_VGACRB6_HSYNC_OFF; - ast_set_index_reg_mask(ast, AST_IO_VGACRI, 0xb6, 0xfc, vgacrb6); + vgacr17 &= ~AST_IO_VGACR17_SYNC_ENABLE; + ast_set_index_reg_mask(ast, AST_IO_VGACRI, 0x17, 0x7f, vgacr17); /* * HW cursors require the underlying primary plane and CRTC to diff --git a/drivers/gpu/drm/ast/ast_reg.h b/drivers/gpu/drm/ast/ast_reg.h index e15adaf3a80e..30578e3b07e4 100644 --- a/drivers/gpu/drm/ast/ast_reg.h +++ b/drivers/gpu/drm/ast/ast_reg.h @@ -29,6 +29,7 @@ #define AST_IO_VGAGRI (0x4E) #define AST_IO_VGACRI (0x54) +#define AST_IO_VGACR17_SYNC_ENABLE BIT(7) /* called "Hardware reset" in docs */ #define AST_IO_VGACR80_PASSWORD (0xa8) #define AST_IO_VGACR99_VGAMEM_RSRV_MASK GENMASK(1, 0) #define AST_IO_VGACRA1_VGAIO_DISABLED BIT(1) -- 2.51.0

1 month

3
13
0 0

[PATCH 0/4] mm, swap: misc cleanup and bugfix

by Kairui Song

A few cleanups and a bugfix that are either suitable after the swap table phase I or found during code review. Patch 1 is a bugfix and needs to be included in the stable branch, the rest have no behavior change. --- Kairui Song (4): mm, swap: do not perform synchronous discard during allocation mm, swap: rename helper for setup bad slots mm, swap: cleanup swap entry allocation parameter mm/migrate, swap: drop usage of folio_index include/linux/swap.h | 4 ++-- mm/migrate.c | 4 ++-- mm/shmem.c | 2 +- mm/swap.h | 21 ----------------- mm/swapfile.c | 64 ++++++++++++++++++++++++++++++++++++---------------- mm/vmscan.c | 4 ++-- 6 files changed, 52 insertions(+), 47 deletions(-) --- base-commit: 53e573001f2b5168f9b65d2b79e9563a3b479c17 change-id: 20251007-swap-clean-after-swap-table-p1-b9a7635ee3fa Best regards, -- Kairui Song <kasong(a)tencent.com>

1 month

5
15
0 0

[PATCH v7 3/3] PCI: dwc: Don't return error when wait for link up in dw_pcie_resume_noirq()

by Richard Zhu

When waiting for the PCIe link to come up, both link up and link down are valid results depending on the device state. Since the link may come up later and to get rid of the following mis-reported PM errors. Do not return an -ETIMEDOUT error, as the outcome has already been reported in dw_pcie_wait_for_link(). PM error logs introduced by the -ETIMEDOUT error return. imx6q-pcie 33800000.pcie: Phy link never came up imx6q-pcie 33800000.pcie: PM: dpm_run_callback(): genpd_resume_noirq returns -110 imx6q-pcie 33800000.pcie: PM: failed to resume noirq: error -110 Cc: stable(a)vger.kernel.org Fixes: 4774faf854f5 ("PCI: dwc: Implement generic suspend/resume functionality") Signed-off-by: Richard Zhu <hongxing.zhu(a)nxp.com> Reviewed-by: Frank Li <Frank.Li(a)nxp.com> --- drivers/pci/controller/dwc/pcie-designware-host.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/drivers/pci/controller/dwc/pcie-designware-host.c b/drivers/pci/controller/dwc/pcie-designware-host.c index a4d9838bc33f0..8430ac433d457 100644 --- a/drivers/pci/controller/dwc/pcie-designware-host.c +++ b/drivers/pci/controller/dwc/pcie-designware-host.c @@ -1212,10 +1212,9 @@ int dw_pcie_resume_noirq(struct dw_pcie *pci) if (ret) return ret; - ret = dw_pcie_wait_for_link(pci); - if (ret) - return ret; + /* Ignore errors, the link may come up later */ + dw_pcie_wait_for_link(pci); - return ret; + return 0; } EXPORT_SYMBOL_GPL(dw_pcie_resume_noirq); -- 2.37.1

1 month

1
0
0 0

[PATCH v7 2/3] PCI: dwc: Skip PME_Turn_Off message if there is no endpoint connected

by Richard Zhu

A chip freeze is observed on i.MX7D when PCIe RC kicks off the PM_PME message and no devices are connected on the port. To work aroud such kind of issue, skip PME_Turn_Off message if there is no endpoint connected. Cc: stable(a)vger.kernel.org Fixes: 4774faf854f5 ("PCI: dwc: Implement generic suspend/resume functionality") Fixes: a528d1a72597 ("PCI: imx6: Use DWC common suspend resume method") Signed-off-by: Richard Zhu <hongxing.zhu(a)nxp.com> Reviewed-by: Frank Li <Frank.Li(a)nxp.com> --- drivers/pci/controller/dwc/pcie-designware-host.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/drivers/pci/controller/dwc/pcie-designware-host.c b/drivers/pci/controller/dwc/pcie-designware-host.c index 09b50a5ce19bb..a4d9838bc33f0 100644 --- a/drivers/pci/controller/dwc/pcie-designware-host.c +++ b/drivers/pci/controller/dwc/pcie-designware-host.c @@ -1136,12 +1136,15 @@ int dw_pcie_suspend_noirq(struct dw_pcie *pci) if (dw_pcie_readw_dbi(pci, offset + PCI_EXP_LNKCTL) & PCI_EXP_LNKCTL_ASPM_L1) return 0; - if (pci->pp.ops->pme_turn_off) { - pci->pp.ops->pme_turn_off(&pci->pp); - } else { - ret = dw_pcie_pme_turn_off(pci); - if (ret) - return ret; + /* Skip PME_Turn_Off message if there is no endpoint connected */ + if (dw_pcie_get_ltssm(pci) > DW_PCIE_LTSSM_DETECT_WAIT) { + if (pci->pp.ops->pme_turn_off) { + pci->pp.ops->pme_turn_off(&pci->pp); + } else { + ret = dw_pcie_pme_turn_off(pci); + if (ret) + return ret; + } } if (dwc_quirk(pci, QUIRK_NOL2POLL_IN_PM)) { -- 2.37.1

1 month

1
0
0 0

[PATCH v7 1/3] PCI: dwc: Don't poll L2 if QUIRK_NOL2POLL_IN_PM is existing in suspend

by Richard Zhu

Refer to PCIe r6.0, sec 5.2, fig 5-1 Link Power Management State Flow Diagram. Both L0 and L2/L3 Ready can be transferred to LDn directly. It's harmless to let dw_pcie_suspend_noirq() proceed suspend after the PME_Turn_Off is sent out, whatever the LTSSM state is in L2 or L3 after a recommended 10ms max wait refer to PCIe r6.0, sec 5.3.3.2.1 PME Synchronization. The LTSSM states are inaccessible on i.MX6QP and i.MX7D after the PME_Turn_Off is sent out. To support this case, don't poll L2 state and apply a simple delay of PCIE_PME_TO_L2_TIMEOUT_US(10ms) if the QUIRK_NOL2POLL_IN_PM flag is set in suspend. Cc: stable(a)vger.kernel.org Fixes: 4774faf854f5 ("PCI: dwc: Implement generic suspend/resume functionality") Fixes: a528d1a72597 ("PCI: imx6: Use DWC common suspend resume method") Signed-off-by: Richard Zhu <hongxing.zhu(a)nxp.com> Reviewed-by: Frank Li <Frank.Li(a)nxp.com> --- drivers/pci/controller/dwc/pci-imx6.c | 4 +++ .../pci/controller/dwc/pcie-designware-host.c | 34 +++++++++++++------ drivers/pci/controller/dwc/pcie-designware.h | 4 +++ 3 files changed, 32 insertions(+), 10 deletions(-) diff --git a/drivers/pci/controller/dwc/pci-imx6.c b/drivers/pci/controller/dwc/pci-imx6.c index 4668fc9648bff..d84bfcd1079ce 100644 --- a/drivers/pci/controller/dwc/pci-imx6.c +++ b/drivers/pci/controller/dwc/pci-imx6.c @@ -125,6 +125,7 @@ struct imx_pcie_drvdata { enum imx_pcie_variants variant; enum dw_pcie_device_mode mode; u32 flags; + u32 quirk; int dbi_length; const char *gpr; const u32 ltssm_off; @@ -1765,6 +1766,7 @@ static int imx_pcie_probe(struct platform_device *pdev) if (ret) return ret; + pci->quirk_flag = imx_pcie->drvdata->quirk; pci->use_parent_dt_ranges = true; if (imx_pcie->drvdata->mode == DW_PCIE_EP_TYPE) { ret = imx_add_pcie_ep(imx_pcie, pdev); @@ -1849,6 +1851,7 @@ static const struct imx_pcie_drvdata drvdata[] = { .enable_ref_clk = imx6q_pcie_enable_ref_clk, .core_reset = imx6qp_pcie_core_reset, .ops = &imx_pcie_host_ops, + .quirk = QUIRK_NOL2POLL_IN_PM, }, [IMX7D] = { .variant = IMX7D, @@ -1860,6 +1863,7 @@ static const struct imx_pcie_drvdata drvdata[] = { .mode_mask[0] = IMX6Q_GPR12_DEVICE_TYPE, .enable_ref_clk = imx7d_pcie_enable_ref_clk, .core_reset = imx7d_pcie_core_reset, + .quirk = QUIRK_NOL2POLL_IN_PM, }, [IMX8MQ] = { .variant = IMX8MQ, diff --git a/drivers/pci/controller/dwc/pcie-designware-host.c b/drivers/pci/controller/dwc/pcie-designware-host.c index 20c9333bcb1c4..09b50a5ce19bb 100644 --- a/drivers/pci/controller/dwc/pcie-designware-host.c +++ b/drivers/pci/controller/dwc/pcie-designware-host.c @@ -1144,15 +1144,29 @@ int dw_pcie_suspend_noirq(struct dw_pcie *pci) return ret; } - ret = read_poll_timeout(dw_pcie_get_ltssm, val, - val == DW_PCIE_LTSSM_L2_IDLE || - val <= DW_PCIE_LTSSM_DETECT_WAIT, - PCIE_PME_TO_L2_TIMEOUT_US/10, - PCIE_PME_TO_L2_TIMEOUT_US, false, pci); - if (ret) { - /* Only log message when LTSSM isn't in DETECT or POLL */ - dev_err(pci->dev, "Timeout waiting for L2 entry! LTSSM: 0x%x\n", val); - return ret; + if (dwc_quirk(pci, QUIRK_NOL2POLL_IN_PM)) { + /* + * Add the QUIRK_NOL2_POLL_IN_PM case to avoid the read hang, + * when LTSSM is not powered in L2/L3/LDn properly. + * + * Refer to PCIe r6.0, sec 5.2, fig 5-1 Link Power Management + * State Flow Diagram. Both L0 and L2/L3 Ready can be + * transferred to LDn directly. On the LTSSM states poll broken + * platforms, add a max 10ms delay refer to PCIe r6.0, + * sec 5.3.3.2.1 PME Synchronization. + */ + mdelay(PCIE_PME_TO_L2_TIMEOUT_US/1000); + } else { + ret = read_poll_timeout(dw_pcie_get_ltssm, val, + val == DW_PCIE_LTSSM_L2_IDLE || + val <= DW_PCIE_LTSSM_DETECT_WAIT, + PCIE_PME_TO_L2_TIMEOUT_US/10, + PCIE_PME_TO_L2_TIMEOUT_US, false, pci); + if (ret) { + /* Only log message when LTSSM isn't in DETECT or POLL */ + dev_err(pci->dev, "Timeout waiting for L2 entry! LTSSM: 0x%x\n", val); + return ret; + } } /* @@ -1168,7 +1182,7 @@ int dw_pcie_suspend_noirq(struct dw_pcie *pci) pci->suspended = true; - return ret; + return 0; } EXPORT_SYMBOL_GPL(dw_pcie_suspend_noirq); diff --git a/drivers/pci/controller/dwc/pcie-designware.h b/drivers/pci/controller/dwc/pcie-designware.h index e995f692a1ecd..1fdaed1562b7a 100644 --- a/drivers/pci/controller/dwc/pcie-designware.h +++ b/drivers/pci/controller/dwc/pcie-designware.h @@ -297,6 +297,9 @@ /* Default eDMA LLP memory size */ #define DMA_LLP_MEM_SIZE PAGE_SIZE +#define QUIRK_NOL2POLL_IN_PM BIT(0) +#define dwc_quirk(pci, val) (pci->quirk_flag & val) + struct dw_pcie; struct dw_pcie_rp; struct dw_pcie_ep; @@ -511,6 +514,7 @@ struct dw_pcie { const struct dw_pcie_ops *ops; u32 version; u32 type; + u32 quirk_flag; unsigned long caps; int num_lanes; int max_link_speed; -- 2.37.1

1 month

1
0
0 0

[STATUS] stable/linux-6.12.y - 4fc43debf5047d2469bdef3b25c02121afa7ef3d

by KernelCI bot

Hello, Status summary for stable/linux-6.12.y Dashboard: https://d.kernelci.org/c/stable/linux-6.12.y/4fc43debf5047d2469bdef3b25c021… giturl: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git branch: linux-6.12.y commit hash: 4fc43debf5047d2469bdef3b25c02121afa7ef3d origin: maestro test start time: 2025-10-23 14:29:15.692000+00:00 Builds: 37 ✅ 0 ❌ 0 ⚠️ Boots: 169 ✅ 0 ❌ 0 ⚠️ Tests: 9431 ✅ 5597 ❌ 2428 ⚠️ ### POSSIBLE REGRESSIONS Hardware: acer-chromebox-cxi4-puff > Config: x86_64_defconfig+lab-setup+x86-board+kselftest - Architecture/compiler: x86_64/gcc-12 - kselftest.cpufreq.hibernate last run: https://d.kernelci.org/test/maestro:68fa48db8a79c348aff82bf9 history: > ✅ > ❌ - kselftest.cpufreq.hibernate.cpufreq_main_sh last run: https://d.kernelci.org/test/maestro:68fa4b9c8a79c348aff83bce history: > ✅ > ❌ Hardware: k3-am625-verdin-wifi-mallow > Config: defconfig+lab-setup+kselftest - Architecture/compiler: arm64/gcc-12 - kselftest.device_error_logs last run: https://d.kernelci.org/test/maestro:68fa9d408a79c348aff8def7 history: > ✅ > ❌ > ❌ ### FIXED REGRESSIONS Hardware: dell-latitude-5400-8665U-sarien > Config: x86_64_defconfig+lab-setup+x86-board+kselftest - Architecture/compiler: x86_64/gcc-12 - kselftest.cpufreq.suspend last run: https://d.kernelci.org/test/maestro:68fa48e58a79c348aff82c7d history: > ❌ > ✅ - kselftest.cpufreq.suspend.cpufreq_main_sh last run: https://d.kernelci.org/test/maestro:68fa4c6c8a79c348aff8427e history: > ❌ > ✅ Hardware: hp-x360-14-G1-sona > Config: x86_64_defconfig+lab-setup+x86-board+kselftest - Architecture/compiler: x86_64/gcc-12 - kselftest.iommu last run: https://d.kernelci.org/test/maestro:68fa48fe8a79c348aff82d62 history: > ❌ > ❌ > ✅ ### UNSTABLE TESTS No unstable tests observed. Sent every day if there were changes in the past 24 hours. Legend: ✅ PASS ❌ FAIL ⚠️ INCONCLUSIVE -- This is an experimental report format. Please send feedback in! Talk to us at kernelci(a)lists.linux.dev Made with love by the KernelCI team - https://kernelci.org

1 month

1
0
0 0

[STATUS] stable/linux-6.6.y - 4a243110dc884d8e1fe69eecbc2daef10d8e75d7

by KernelCI bot

Hello, Status summary for stable/linux-6.6.y Dashboard: https://d.kernelci.org/c/stable/linux-6.6.y/4a243110dc884d8e1fe69eecbc2daef… giturl: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git branch: linux-6.6.y commit hash: 4a243110dc884d8e1fe69eecbc2daef10d8e75d7 origin: maestro test start time: 2025-10-23 14:29:15.250000+00:00 Builds: 38 ✅ 0 ❌ 0 ⚠️ Boots: 87 ✅ 0 ❌ 0 ⚠️ Tests: 3955 ✅ 1454 ❌ 1053 ⚠️ ### POSSIBLE REGRESSIONS Hardware: bcm2837-rpi-3-b-plus > Config: defconfig+lab-setup+kselftest - Architecture/compiler: arm64/gcc-12 - kselftest.ptrace last run: https://d.kernelci.org/test/maestro:68fa5f798a79c348aff889c4 history: > ✅ > ❌ > ❌ ### FIXED REGRESSIONS No fixed regressions observed. ### UNSTABLE TESTS No unstable tests observed. Sent every day if there were changes in the past 24 hours. Legend: ✅ PASS ❌ FAIL ⚠️ INCONCLUSIVE -- This is an experimental report format. Please send feedback in! Talk to us at kernelci(a)lists.linux.dev Made with love by the KernelCI team - https://kernelci.org

1 month

1
0
0 0

[PATCH 5.10.y] net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping

by Vasiliy Kovalev

From: Alexis Lothoré <alexis.lothore(a)bootlin.com> commit 030ce919e114a111e83b7976ecb3597cefd33f26 upstream. The stmmac platform drivers that do not open-code the clk_ptp_rate value after having retrieved the default one from the device-tree can end up with 0 in clk_ptp_rate (as clk_get_rate can return 0). It will eventually propagate up to PTP initialization when bringing up the interface, leading to a divide by 0: Division by zero in kernel. CPU: 1 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.30-00001-g48313bd5768a #22 Hardware name: STM32 (Device Tree Support) Call trace: unwind_backtrace from show_stack+0x18/0x1c show_stack from dump_stack_lvl+0x6c/0x8c dump_stack_lvl from Ldiv0_64+0x8/0x18 Ldiv0_64 from stmmac_init_tstamp_counter+0x190/0x1a4 stmmac_init_tstamp_counter from stmmac_hw_setup+0xc1c/0x111c stmmac_hw_setup from __stmmac_open+0x18c/0x434 __stmmac_open from stmmac_open+0x3c/0xbc stmmac_open from __dev_open+0xf4/0x1ac __dev_open from __dev_change_flags+0x1cc/0x224 __dev_change_flags from dev_change_flags+0x24/0x60 dev_change_flags from ip_auto_config+0x2e8/0x11a0 ip_auto_config from do_one_initcall+0x84/0x33c do_one_initcall from kernel_init_freeable+0x1b8/0x214 kernel_init_freeable from kernel_init+0x24/0x140 kernel_init from ret_from_fork+0x14/0x28 Exception stack(0xe0815fb0 to 0xe0815ff8) Prevent this division by 0 by adding an explicit check and error log about the actual issue. While at it, remove the same check from stmmac_ptp_register, which then becomes duplicate Fixes: 19d857c9038e ("stmmac: Fix calculations for ptp counters when clock input = 50Mhz.") Signed-off-by: Alexis Lothoré <alexis.lothore(a)bootlin.com> Reviewed-by: Yanteng Si <si.yanteng(a)linux.dev> Reviewed-by: Maxime Chevallier <maxime.chevallier(a)bootlin.com> Link: https://patch.msgid.link/20250529-stmmac_tstamp_div-v4-1-d73340a794d5@bootl… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> [ kovalev: bp to fix CVE-2025-38126; the duplicate check removal in stmmac_ptp_register was skipped (function not present) ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c index b8581a711514..d793bcb1b444 100644 --- a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c +++ b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c @@ -742,6 +742,11 @@ int stmmac_init_tstamp_counter(struct stmmac_priv *priv, u32 systime_flags) if (!(priv->dma_cap.time_stamp || priv->dma_cap.atime_stamp)) return -EOPNOTSUPP; + if (!priv->plat->clk_ptp_rate) { + netdev_err(priv->dev, "Invalid PTP clock rate"); + return -EINVAL; + } + stmmac_config_hw_tstamping(priv, priv->ptpaddr, systime_flags); priv->systime_flags = systime_flags; -- 2.50.1

1 month

1
0
0 0

[PATCH 5.15.y] net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping

by Vasiliy Kovalev

From: Alexis Lothoré <alexis.lothore(a)bootlin.com> commit 030ce919e114a111e83b7976ecb3597cefd33f26 upstream. The stmmac platform drivers that do not open-code the clk_ptp_rate value after having retrieved the default one from the device-tree can end up with 0 in clk_ptp_rate (as clk_get_rate can return 0). It will eventually propagate up to PTP initialization when bringing up the interface, leading to a divide by 0: Division by zero in kernel. CPU: 1 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.30-00001-g48313bd5768a #22 Hardware name: STM32 (Device Tree Support) Call trace: unwind_backtrace from show_stack+0x18/0x1c show_stack from dump_stack_lvl+0x6c/0x8c dump_stack_lvl from Ldiv0_64+0x8/0x18 Ldiv0_64 from stmmac_init_tstamp_counter+0x190/0x1a4 stmmac_init_tstamp_counter from stmmac_hw_setup+0xc1c/0x111c stmmac_hw_setup from __stmmac_open+0x18c/0x434 __stmmac_open from stmmac_open+0x3c/0xbc stmmac_open from __dev_open+0xf4/0x1ac __dev_open from __dev_change_flags+0x1cc/0x224 __dev_change_flags from dev_change_flags+0x24/0x60 dev_change_flags from ip_auto_config+0x2e8/0x11a0 ip_auto_config from do_one_initcall+0x84/0x33c do_one_initcall from kernel_init_freeable+0x1b8/0x214 kernel_init_freeable from kernel_init+0x24/0x140 kernel_init from ret_from_fork+0x14/0x28 Exception stack(0xe0815fb0 to 0xe0815ff8) Prevent this division by 0 by adding an explicit check and error log about the actual issue. While at it, remove the same check from stmmac_ptp_register, which then becomes duplicate Fixes: 19d857c9038e ("stmmac: Fix calculations for ptp counters when clock input = 50Mhz.") Signed-off-by: Alexis Lothoré <alexis.lothore(a)bootlin.com> Reviewed-by: Yanteng Si <si.yanteng(a)linux.dev> Reviewed-by: Maxime Chevallier <maxime.chevallier(a)bootlin.com> Link: https://patch.msgid.link/20250529-stmmac_tstamp_div-v4-1-d73340a794d5@bootl… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> [ kovalev: bp to fix CVE-2025-38126 ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c index 21cc8cd9e023..468aeedf22eb 100644 --- a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c +++ b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c @@ -522,7 +522,7 @@ bool stmmac_eee_init(struct stmmac_priv *priv) static inline u32 stmmac_cdc_adjust(struct stmmac_priv *priv) { /* Correct the clk domain crossing(CDC) error */ - if (priv->plat->has_gmac4 && priv->plat->clk_ptp_rate) + if (priv->plat->has_gmac4) return (2 * NSEC_PER_SEC) / priv->plat->clk_ptp_rate; return 0; } @@ -848,6 +848,11 @@ int stmmac_init_tstamp_counter(struct stmmac_priv *priv, u32 systime_flags) if (!(priv->dma_cap.time_stamp || priv->dma_cap.atime_stamp)) return -EOPNOTSUPP; + if (!priv->plat->clk_ptp_rate) { + netdev_err(priv->dev, "Invalid PTP clock rate"); + return -EINVAL; + } + stmmac_config_hw_tstamping(priv, priv->ptpaddr, systime_flags); priv->systime_flags = systime_flags; -- 2.50.1

1 month

1
0
0 0

[PATCH net v2] virtio-net: drop the multi-buffer XDP packet in zerocopy

by Bui Quang Minh

In virtio-net, we have not yet supported multi-buffer XDP packet in zerocopy mode when there is a binding XDP program. However, in that case, when receiving multi-buffer XDP packet, we skip the XDP program and return XDP_PASS. As a result, the packet is passed to normal network stack which is an incorrect behavior (e.g. a XDP program for packet count is installed, multi-buffer XDP packet arrives and does go through XDP program. As a result, the packet count does not increase but the packet is still received from network stack).This commit instead returns XDP_ABORTED in that case. Fixes: 99c861b44eb1 ("virtio_net: xsk: rx: support recv merge mode") Cc: stable(a)vger.kernel.org Acked-by: Jason Wang <jasowang(a)redhat.com> Reviewed-by: Xuan Zhuo <xuanzhuo(a)linux.alibaba.com> Signed-off-by: Bui Quang Minh <minhquangbui99(a)gmail.com> --- Changes in v2: - Return XDP_ABORTED instead of XDP_DROP, make clearer explanation in commit message --- drivers/net/virtio_net.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index a757cbcab87f..8e8a179aaa49 100644 --- a/drivers/net/virtio_net.c +++ b/drivers/net/virtio_net.c @@ -1379,9 +1379,14 @@ static struct sk_buff *virtnet_receive_xsk_merge(struct net_device *dev, struct ret = XDP_PASS; rcu_read_lock(); prog = rcu_dereference(rq->xdp_prog); - /* TODO: support multi buffer. */ - if (prog && num_buf == 1) - ret = virtnet_xdp_handler(prog, xdp, dev, xdp_xmit, stats); + if (prog) { + /* TODO: support multi buffer. */ + if (num_buf == 1) + ret = virtnet_xdp_handler(prog, xdp, dev, xdp_xmit, + stats); + else + ret = XDP_ABORTED; + } rcu_read_unlock(); switch (ret) { -- 2.43.0

1 month

2
1
0 0

[PATCH] ocxl: Fix race leading to use-after-free in file operations

by Yuhao Jiang

The file operations dereference the context pointer after checking status under ctx->status_mutex, then drop the lock before using the context. This allows afu_release() running on another CPU to free the context, leading to a use-after-free vulnerability. The race window exists in afu_ioctl(), afu_mmap(), afu_poll() and afu_read() between the status check and context usage. During device hot-unplug or rapid open/close cycles, this causes kernel crashes. Introduce reference counting via kref to prevent premature free. ocxl_context_get() atomically checks status and acquires a reference under status_mutex. File operations hold this reference for their duration, ensuring the context remains valid even if another thread calls afu_release(). ocxl_context_alloc() initializes refcount to 1 for the file's lifetime. afu_release() drops this reference, with the context freed when the last reference goes away. Preserve existing -EBUSY behavior where the context intentionally leaks on detach timeout. Reported-by: Yuhao Jiang <danisjiang(a)gmail.com> Fixes: 5ef3166e8a32 ("ocxl: Driver code for 'generic' opencapi devices") Cc: stable(a)vger.kernel.org Signed-off-by: Yuhao Jiang <danisjiang(a)gmail.com> --- drivers/misc/ocxl/context.c | 69 ++++++++++++++---- drivers/misc/ocxl/file.c | 113 +++++++++++++++++++++++------- drivers/misc/ocxl/ocxl_internal.h | 4 ++ 3 files changed, 144 insertions(+), 42 deletions(-) diff --git a/drivers/misc/ocxl/context.c b/drivers/misc/ocxl/context.c index cded7d1caf32..e154adc972a5 100644 --- a/drivers/misc/ocxl/context.c +++ b/drivers/misc/ocxl/context.c @@ -28,6 +28,7 @@ int ocxl_context_alloc(struct ocxl_context **context, struct ocxl_afu *afu, ctx->pasid = pasid; ctx->status = OPENED; + kref_init(&ctx->kref); mutex_init(&ctx->status_mutex); ctx->mapping = mapping; mutex_init(&ctx->mapping_lock); @@ -47,6 +48,59 @@ int ocxl_context_alloc(struct ocxl_context **context, struct ocxl_afu *afu, } EXPORT_SYMBOL_GPL(ocxl_context_alloc); +/** + * ocxl_context_get() - Get a reference to the context if not closed + * @ctx: The context + * + * Atomically checks if context status is not CLOSED and acquires a reference. + * Must be called with ctx->status_mutex held. + * + * Return: true if reference acquired, false if context is CLOSED + */ +bool ocxl_context_get(struct ocxl_context *ctx) +{ + lockdep_assert_held(&ctx->status_mutex); + + if (ctx->status == CLOSED) + return false; + + kref_get(&ctx->kref); + return true; +} +EXPORT_SYMBOL_GPL(ocxl_context_get); + +/* + * kref release callback - called when last reference is dropped + */ +static void ocxl_context_release(struct kref *kref) +{ + struct ocxl_context *ctx = container_of(kref, struct ocxl_context, + kref); + + mutex_lock(&ctx->afu->contexts_lock); + ctx->afu->pasid_count--; + idr_remove(&ctx->afu->contexts_idr, ctx->pasid); + mutex_unlock(&ctx->afu->contexts_lock); + + ocxl_afu_irq_free_all(ctx); + idr_destroy(&ctx->irq_idr); + /* reference to the AFU taken in ocxl_context_alloc() */ + ocxl_afu_put(ctx->afu); + kfree(ctx); +} + +/** + * ocxl_context_put() - Release a reference to the context + * @ctx: The context + * + * Decrements the reference count. When it reaches zero, the context is freed. + */ +void ocxl_context_put(struct ocxl_context *ctx) +{ + kref_put(&ctx->kref, ocxl_context_release); +} +EXPORT_SYMBOL_GPL(ocxl_context_put); + /* * Callback for when a translation fault triggers an error * data: a pointer to the context which triggered the fault @@ -279,18 +333,3 @@ void ocxl_context_detach_all(struct ocxl_afu *afu) } mutex_unlock(&afu->contexts_lock); } - -void ocxl_context_free(struct ocxl_context *ctx) -{ - mutex_lock(&ctx->afu->contexts_lock); - ctx->afu->pasid_count--; - idr_remove(&ctx->afu->contexts_idr, ctx->pasid); - mutex_unlock(&ctx->afu->contexts_lock); - - ocxl_afu_irq_free_all(ctx); - idr_destroy(&ctx->irq_idr); - /* reference to the AFU taken in ocxl_context_alloc() */ - ocxl_afu_put(ctx->afu); - kfree(ctx); -} -EXPORT_SYMBOL_GPL(ocxl_context_free); diff --git a/drivers/misc/ocxl/file.c b/drivers/misc/ocxl/file.c index 7eb74711ac96..c08724e7ff1e 100644 --- a/drivers/misc/ocxl/file.c +++ b/drivers/misc/ocxl/file.c @@ -204,17 +204,21 @@ static long afu_ioctl(struct file *file, unsigned int cmd, int irq_id; u64 irq_offset; long rc; - bool closed; - - pr_debug("%s for context %d, command %s\n", __func__, ctx->pasid, - CMD_STR(cmd)); + /* + * Hold a reference to the context for the duration of this operation. + * We check the status and acquire the reference atomically under the + * status_mutex to ensure the context remains valid. + */ mutex_lock(&ctx->status_mutex); - closed = (ctx->status == CLOSED); + if (!ocxl_context_get(ctx)) { + mutex_unlock(&ctx->status_mutex); + return -EIO; + } mutex_unlock(&ctx->status_mutex); - if (closed) - return -EIO; + pr_debug("%s for context %d, command %s\n", __func__, ctx->pasid, + CMD_STR(cmd)); switch (cmd) { case OCXL_IOCTL_ATTACH: @@ -230,7 +234,7 @@ static long afu_ioctl(struct file *file, unsigned int cmd, sizeof(irq_offset)); if (rc) { ocxl_afu_irq_free(ctx, irq_id); - return -EFAULT; + rc = -EFAULT; } } break; @@ -238,8 +242,10 @@ static long afu_ioctl(struct file *file, unsigned int cmd, case OCXL_IOCTL_IRQ_FREE: rc = copy_from_user(&irq_offset, (u64 __user *) args, sizeof(irq_offset)); - if (rc) - return -EFAULT; + if (rc) { + rc = -EFAULT; + break; + } irq_id = ocxl_irq_offset_to_id(ctx, irq_offset); rc = ocxl_afu_irq_free(ctx, irq_id); break; @@ -247,14 +253,20 @@ static long afu_ioctl(struct file *file, unsigned int cmd, case OCXL_IOCTL_IRQ_SET_FD: rc = copy_from_user(&irq_fd, (u64 __user *) args, sizeof(irq_fd)); - if (rc) - return -EFAULT; - if (irq_fd.reserved) - return -EINVAL; + if (rc) { + rc = -EFAULT; + break; + } + if (irq_fd.reserved) { + rc = -EINVAL; + break; + } irq_id = ocxl_irq_offset_to_id(ctx, irq_fd.irq_offset); ev_ctx = eventfd_ctx_fdget(irq_fd.eventfd); - if (IS_ERR(ev_ctx)) - return PTR_ERR(ev_ctx); + if (IS_ERR(ev_ctx)) { + rc = PTR_ERR(ev_ctx); + break; + } rc = ocxl_irq_set_handler(ctx, irq_id, irq_handler, irq_free, ev_ctx); if (rc) eventfd_ctx_put(ev_ctx); @@ -280,6 +292,8 @@ static long afu_ioctl(struct file *file, unsigned int cmd, default: rc = -EINVAL; } + + ocxl_context_put(ctx); return rc; } @@ -292,9 +306,23 @@ static long afu_compat_ioctl(struct file *file, unsigned int cmd, static int afu_mmap(struct file *file, struct vm_area_struct *vma) { struct ocxl_context *ctx = file->private_data; + int rc; + + /* + * Hold a reference during mmap setup to ensure the context + * remains valid. + */ + mutex_lock(&ctx->status_mutex); + if (!ocxl_context_get(ctx)) { + mutex_unlock(&ctx->status_mutex); + return -EIO; + } + mutex_unlock(&ctx->status_mutex); pr_debug("%s for context %d\n", __func__, ctx->pasid); - return ocxl_context_mmap(ctx, vma); + rc = ocxl_context_mmap(ctx, vma); + ocxl_context_put(ctx); + return rc; } static bool has_xsl_error(struct ocxl_context *ctx) @@ -324,21 +352,31 @@ static unsigned int afu_poll(struct file *file, struct poll_table_struct *wait) { struct ocxl_context *ctx = file->private_data; unsigned int mask = 0; - bool closed; + + /* + * Hold a reference to the context while checking for events. + */ + mutex_lock(&ctx->status_mutex); + if (!ocxl_context_get(ctx)) { + mutex_unlock(&ctx->status_mutex); + return EPOLLERR; + } + mutex_unlock(&ctx->status_mutex); pr_debug("%s for context %d\n", __func__, ctx->pasid); poll_wait(file, &ctx->events_wq, wait); - mutex_lock(&ctx->status_mutex); - closed = (ctx->status == CLOSED); - mutex_unlock(&ctx->status_mutex); - if (afu_events_pending(ctx)) mask = EPOLLIN | EPOLLRDNORM; - else if (closed) - mask = EPOLLERR; + else { + mutex_lock(&ctx->status_mutex); + if (ctx->status == CLOSED) + mask = EPOLLERR; + mutex_unlock(&ctx->status_mutex); + } + ocxl_context_put(ctx); return mask; } @@ -410,6 +448,16 @@ static ssize_t afu_read(struct file *file, char __user *buf, size_t count, AFU_EVENT_BODY_MAX_SIZE)) return -EINVAL; + /* + * Hold a reference to the context for the duration of the read operation. + */ + mutex_lock(&ctx->status_mutex); + if (!ocxl_context_get(ctx)) { + mutex_unlock(&ctx->status_mutex); + return -EIO; + } + mutex_unlock(&ctx->status_mutex); + for (;;) { prepare_to_wait(&ctx->events_wq, &event_wait, TASK_INTERRUPTIBLE); @@ -422,11 +470,13 @@ static ssize_t afu_read(struct file *file, char __user *buf, size_t count, if (file->f_flags & O_NONBLOCK) { finish_wait(&ctx->events_wq, &event_wait); + ocxl_context_put(ctx); return -EAGAIN; } if (signal_pending(current)) { finish_wait(&ctx->events_wq, &event_wait); + ocxl_context_put(ctx); return -ERESTARTSYS; } @@ -437,19 +487,24 @@ static ssize_t afu_read(struct file *file, char __user *buf, size_t count, if (has_xsl_error(ctx)) { used = append_xsl_error(ctx, &header, buf + sizeof(header)); - if (used < 0) + if (used < 0) { + ocxl_context_put(ctx); return used; + } } if (!afu_events_pending(ctx)) header.flags |= OCXL_KERNEL_EVENT_FLAG_LAST; - if (copy_to_user(buf, &header, sizeof(header))) + if (copy_to_user(buf, &header, sizeof(header))) { + ocxl_context_put(ctx); return -EFAULT; + } used += sizeof(header); rc = used; + ocxl_context_put(ctx); return rc; } @@ -464,8 +519,12 @@ static int afu_release(struct inode *inode, struct file *file) ctx->mapping = NULL; mutex_unlock(&ctx->mapping_lock); wake_up_all(&ctx->events_wq); + /* + * Drop the initial reference from afu_open(). The context will be + * freed when all references are released. + */ if (rc != -EBUSY) - ocxl_context_free(ctx); + ocxl_context_put(ctx); return 0; } diff --git a/drivers/misc/ocxl/ocxl_internal.h b/drivers/misc/ocxl/ocxl_internal.h index d2028d6c6f08..6eab7806b43d 100644 --- a/drivers/misc/ocxl/ocxl_internal.h +++ b/drivers/misc/ocxl/ocxl_internal.h @@ -5,6 +5,7 @@ #include <linux/pci.h> #include <linux/cdev.h> +#include <linux/kref.h> #include <linux/list.h> #include <misc/ocxl.h> @@ -68,6 +69,7 @@ struct ocxl_xsl_error { }; struct ocxl_context { + struct kref kref; struct ocxl_afu *afu; int pasid; struct mutex status_mutex; @@ -140,6 +142,8 @@ int ocxl_link_update_pe(void *link_handle, int pasid, __u16 tid); int ocxl_context_mmap(struct ocxl_context *ctx, struct vm_area_struct *vma); +bool ocxl_context_get(struct ocxl_context *ctx); +void ocxl_context_put(struct ocxl_context *ctx); void ocxl_context_detach_all(struct ocxl_afu *afu); int ocxl_sysfs_register_afu(struct ocxl_file_info *info); -- 2.34.1

1 month

1
0
0 0

[PATCH 5.10/5.15/6.1/6.6] net: stmmac: make sure that ptp_rate is not 0 before configuring EST

by Vasiliy Kovalev

From: Alexis Lothoré <alexis.lothore(a)bootlin.com> commit cbefe2ffa7784525ec5d008ba87c7add19ec631a upstream. If the ptp_rate recorded earlier in the driver happens to be 0, this bogus value will propagate up to EST configuration, where it will trigger a division by 0. Prevent this division by 0 by adding the corresponding check and error code. Suggested-by: Maxime Chevallier <maxime.chevallier(a)bootlin.com> Signed-off-by: Alexis Lothoré <alexis.lothore(a)bootlin.com> Fixes: 8572aec3d0dc ("net: stmmac: Add basic EST support for XGMAC") Link: https://patch.msgid.link/20250529-stmmac_tstamp_div-v4-2-d73340a794d5@bootl… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> [ kovalev: bp to fix CVE-2025-38125; replaced netdev_warn with pr_warn due to missing dev pointer ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- drivers/net/ethernet/stmicro/stmmac/dwmac5.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/net/ethernet/stmicro/stmmac/dwmac5.c b/drivers/net/ethernet/stmicro/stmmac/dwmac5.c index 8fd167501fa0..4df62268f852 100644 --- a/drivers/net/ethernet/stmicro/stmmac/dwmac5.c +++ b/drivers/net/ethernet/stmicro/stmmac/dwmac5.c @@ -597,6 +597,11 @@ int dwmac5_est_configure(void __iomem *ioaddr, struct stmmac_est *cfg, int i, ret = 0x0; u32 ctrl; + if (!ptp_rate) { + pr_warn("%s: Invalid PTP rate\n", __func__); + return -EINVAL; + } + ret |= dwmac5_est_write(ioaddr, BTR_LOW, cfg->btr[0], false); ret |= dwmac5_est_write(ioaddr, BTR_HIGH, cfg->btr[1], false); ret |= dwmac5_est_write(ioaddr, TER, cfg->ter, false); -- 2.50.1

1 month

1
0
0 0

[PATCH] perf/x86/intel: Fix KASAN global-out-of-bounds warning

by Dapeng Mi

When running "perf mem record" command on CWF, the below KASAN global-out-of-bounds warning is seen. 196.273657] ================================================================== [ 196.273662] BUG: KASAN: global-out-of-bounds in cmt_latency_data+0x176/0x1b0 [ 196.273669] Read of size 4 at addr ffffffffb721d000 by task dtlb/9850 [ 196.273676] CPU: 126 UID: 0 PID: 9850 Comm: dtlb Kdump: loaded Not tainted 6.17.0-rc3-2025-08-29-intel-next-34160-g316938187eb0 #1 PREEMPT(none) [ 196.273680] Hardware name: Intel Corporation AvenueCity/AvenueCity, BIOS BHSDCRB1.IPC.3544.P83.2507110208 07/11/2025 [ 196.273682] Call Trace: [ 196.273683] <NMI> [ 196.273684] dump_stack_lvl+0x55/0x70 [ 196.273689] print_address_description.constprop.0+0x2c/0x3d0 [ 196.273694] ? cmt_latency_data+0x176/0x1b0 [ 196.273696] print_report+0xb4/0x270 [ 196.273699] ? kasan_addr_to_slab+0xd/0xa0 [ 196.273702] kasan_report+0xb8/0xf0 [ 196.273705] ? cmt_latency_data+0x176/0x1b0 [ 196.273707] cmt_latency_data+0x176/0x1b0 [ 196.273710] setup_arch_pebs_sample_data+0xf49/0x2560 [ 196.273713] intel_pmu_drain_arch_pebs+0x577/0xb00 [ 196.273716] ? __pfx_intel_pmu_drain_arch_pebs+0x10/0x10 [ 196.273719] ? perf_output_begin+0x3e4/0xa10 [ 196.273724] ? intel_pmu_drain_bts_buffer+0xc2/0x6a0 [ 196.273727] ? __pfx_intel_pmu_drain_bts_buffer+0x10/0x10 [ 196.273730] handle_pmi_common+0x6c4/0xc80 [ 196.273734] ? __pfx_handle_pmi_common+0x10/0x10 [ 196.273738] ? intel_bts_interrupt+0xd3/0x4d0 [ 196.273740] ? __pfx_intel_bts_interrupt+0x10/0x10 [ 196.273742] ? intel_pmu_lbr_enable_all+0x25/0x150 [ 196.273745] intel_pmu_handle_irq+0x388/0x700 [ 196.273748] perf_event_nmi_handler+0xff/0x150 [ 196.273751] nmi_handle.part.0+0xa8/0x2d0 [ 196.273755] ? perf_output_begin+0x3e9/0xa10 [ 196.273757] default_do_nmi+0x79/0x1a0 [ 196.273760] fred_exc_nmi+0x40/0x90 [ 196.273762] asm_fred_entrypoint_kernel+0x45/0x60 [ 196.273765] RIP: 0010:perf_output_begin+0x3e9/0xa10 [ 196.273768] Code: 54 24 1c 85 d2 0f 85 19 03 00 00 48 8b 44 24 18 48 c1 e8 03 42 0f b6 04 28 84 c0 74 08 3c 03 0f 8e 25 05 00 00 41 8b 44 24 18 <c1> e0 0c 48 98 48 83 e8 01 80 7c 24 2a 00 0f 85 f9 02 00 00 4c 29 [ 196.273770] RSP: 0018:ffffc9001cf575e8 EFLAGS: 00000246 [ 196.273774] RAX: 0000000000000080 RBX: ffff88c1a0f95028 RCX: 0000000000000004 [ 196.273775] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88c08c8f9408 [ 196.273777] RBP: 0000000000000028 R08: 0000000000000000 R09: ffffed18341f2a05 [ 196.273778] R10: ffff88c1a0f9502f R11: ffff88c1a0dbe1b8 R12: ffff88c1a0f95000 [ 196.273779] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc9001cf577e0 [ 196.273782] </NMI> The issue is caused by below code in __grt_latency_data(). The code tries to access x86_hybrid_pmu structure which doesn't exist on non-hybrid platform like CWF. WARN_ON_ONCE(hybrid_pmu(event->pmu)->pmu_type == hybrid_big) So add is_hybrid() check before calling this WARN_ON_ONCE to fix the global-out-of-bounds access issue. Reported-by: Xudong Hao <xudong.hao(a)intel.com> Cc: stable(a)vger.kernel.org Fixes: 090262439f66 ("perf/x86/intel: Rename model-specific pebs_latency_data functions") Signed-off-by: Dapeng Mi <dapeng1.mi(a)linux.intel.com> --- arch/x86/events/intel/ds.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/events/intel/ds.c b/arch/x86/events/intel/ds.c index c0b7ac1c7594..d1ac1f1ceee9 100644 --- a/arch/x86/events/intel/ds.c +++ b/arch/x86/events/intel/ds.c @@ -317,7 +317,7 @@ static u64 __grt_latency_data(struct perf_event *event, u64 status, { u64 val; - WARN_ON_ONCE(hybrid_pmu(event->pmu)->pmu_type == hybrid_big); + WARN_ON_ONCE(is_hybrid() && hybrid_pmu(event->pmu)->pmu_type == hybrid_big); dse &= PERF_PEBS_DATA_SOURCE_GRT_MASK; val = hybrid_var(event->pmu, pebs_data_source)[dse]; base-commit: 16ed389227651330879e17bd83d43bd234006722 -- 2.34.1

1 month

3
2
0 0

+ ksm-use-range-walk-function-to-jump-over-holes-in-scan_get_next_rmap_item.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: ksm: use range-walk function to jump over holes in scan_get_next_rmap_item has been added to the -mm mm-hotfixes-unstable branch. Its filename is ksm-use-range-walk-function-to-jump-over-holes-in-scan_get_next_rmap_item.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Pedro Demarchi Gomes <pedrodemargomes(a)gmail.com> Subject: ksm: use range-walk function to jump over holes in scan_get_next_rmap_item Date: Wed, 22 Oct 2025 12:30:59 -0300 Currently, scan_get_next_rmap_item() walks every page address in a VMA to locate mergeable pages. This becomes highly inefficient when scanning large virtual memory areas that contain mostly unmapped regions, causing ksmd to use large amount of cpu without deduplicating much pages. This patch replaces the per-address lookup with a range walk using walk_page_range(). The range walker allows KSM to skip over entire unmapped holes in a VMA, avoiding unnecessary lookups. This problem was previously discussed in [1]. Consider the following test program which creates a 32 TiB mapping in the virtual address space but only populates a single page: #include <unistd.h> #include <stdio.h> #include <sys/mman.h> /* 32 TiB */ const size_t size = 32ul * 1024 * 1024 * 1024 * 1024; int main() { char *area = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_NORESERVE | MAP_PRIVATE | MAP_ANON, -1, 0); if (area == MAP_FAILED) { perror("mmap() failed\n"); return -1; } /* Populate a single page such that we get an anon_vma. */ *area = 0; /* Enable KSM. */ madvise(area, size, MADV_MERGEABLE); pause(); return 0; } $ ./ksm-sparse & $ echo 1 > /sys/kernel/mm/ksm/run Without this patch ksmd uses 100% of the cpu for a long time (more then 1 hour in my test machine) scanning all the 32 TiB virtual address space that contain only one mapped page. This makes ksmd essentially deadlocked not able to deduplicate anything of value. With this patch ksmd walks only the one mapped page and skips the rest of the 32 TiB virtual address space, making the scan fast using little cpu. Link: https://lkml.kernel.org/r/20251023035841.41406-1-pedrodemargomes@gmail.com Link: https://lkml.kernel.org/r/20251022153059.22763-1-pedrodemargomes@gmail.com Link: https://lore.kernel.org/linux-mm/423de7a3-1c62-4e72-8e79-19a6413e420c@redha… [1] Fixes: 31dbd01f3143 ("ksm: Kernel SamePage Merging") Signed-off-by: Pedro Demarchi Gomes <pedrodemargomes(a)gmail.com> Co-developed-by: David Hildenbrand <david(a)redhat.com> Signed-off-by: David Hildenbrand <david(a)redhat.com> Reported-by: craftfever <craftfever(a)airmail.cc> Closes: https://lkml.kernel.org/r/020cf8de6e773bb78ba7614ef250129f11a63781@murena.io Suggested-by: David Hildenbrand <david(a)redhat.com> Acked-by: David Hildenbrand <david(a)redhat.com> Cc: Chengming Zhou <chengming.zhou(a)linux.dev> Cc: xu xin <xu.xin16(a)zte.com.cn> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/ksm.c | 113 ++++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 104 insertions(+), 9 deletions(-) --- a/mm/ksm.c~ksm-use-range-walk-function-to-jump-over-holes-in-scan_get_next_rmap_item +++ a/mm/ksm.c @@ -2455,6 +2455,95 @@ static bool should_skip_rmap_item(struct return true; } +struct ksm_next_page_arg { + struct folio *folio; + struct page *page; + unsigned long addr; +}; + +static int ksm_next_page_pmd_entry(pmd_t *pmdp, unsigned long addr, unsigned long end, + struct mm_walk *walk) +{ + struct ksm_next_page_arg *private = walk->private; + struct vm_area_struct *vma = walk->vma; + pte_t *start_ptep = NULL, *ptep, pte; + struct mm_struct *mm = walk->mm; + struct folio *folio; + struct page *page; + spinlock_t *ptl; + pmd_t pmd; + + if (ksm_test_exit(mm)) + return 0; + + cond_resched(); + + pmd = pmdp_get_lockless(pmdp); + if (!pmd_present(pmd)) + return 0; + + if (IS_ENABLED(CONFIG_TRANSPARENT_HUGEPAGE) && pmd_leaf(pmd)) { + ptl = pmd_lock(mm, pmdp); + pmd = pmdp_get(pmdp); + + if (!pmd_present(pmd)) { + goto not_found_unlock; + } else if (pmd_leaf(pmd)) { + page = vm_normal_page_pmd(vma, addr, pmd); + if (!page) + goto not_found_unlock; + folio = page_folio(page); + + if (folio_is_zone_device(folio) || !folio_test_anon(folio)) + goto not_found_unlock; + + page += ((addr & (PMD_SIZE - 1)) >> PAGE_SHIFT); + goto found_unlock; + } + spin_unlock(ptl); + } + + start_ptep = pte_offset_map_lock(mm, pmdp, addr, &ptl); + if (!start_ptep) + return 0; + + for (ptep = start_ptep; addr < end; ptep++, addr += PAGE_SIZE) { + pte = ptep_get(ptep); + + if (!pte_present(pte)) + continue; + + page = vm_normal_page(vma, addr, pte); + if (!page) + continue; + folio = page_folio(page); + + if (folio_is_zone_device(folio) || !folio_test_anon(folio)) + continue; + goto found_unlock; + } + +not_found_unlock: + spin_unlock(ptl); + if (start_ptep) + pte_unmap(start_ptep); + return 0; +found_unlock: + folio_get(folio); + spin_unlock(ptl); + if (start_ptep) + pte_unmap(start_ptep); + private->page = page; + private->folio = folio; + private->addr = addr; + return 1; +} + +static struct mm_walk_ops ksm_next_page_ops = { + .pmd_entry = ksm_next_page_pmd_entry, + .walk_lock = PGWALK_RDLOCK, +}; + static struct ksm_rmap_item *scan_get_next_rmap_item(struct page **page) { struct mm_struct *mm; @@ -2542,21 +2631,27 @@ next_mm: ksm_scan.address = vma->vm_end; while (ksm_scan.address < vma->vm_end) { + struct ksm_next_page_arg ksm_next_page_arg; struct page *tmp_page = NULL; - struct folio_walk fw; struct folio *folio; if (ksm_test_exit(mm)) break; - folio = folio_walk_start(&fw, vma, ksm_scan.address, 0); - if (folio) { - if (!folio_is_zone_device(folio) && - folio_test_anon(folio)) { - folio_get(folio); - tmp_page = fw.page; - } - folio_walk_end(&fw, vma); + int found; + + found = walk_page_range_vma(vma, ksm_scan.address, + vma->vm_end, + &ksm_next_page_ops, + &ksm_next_page_arg); + + if (found > 0) { + folio = ksm_next_page_arg.folio; + tmp_page = ksm_next_page_arg.page; + ksm_scan.address = ksm_next_page_arg.addr; + } else { + VM_WARN_ON_ONCE(found < 0); + ksm_scan.address = vma->vm_end - PAGE_SIZE; } if (tmp_page) { _ Patches currently in -mm which might be from pedrodemargomes(a)gmail.com are ksm-use-range-walk-function-to-jump-over-holes-in-scan_get_next_rmap_item.patch

1 month

1
0
0 0

+ mm-shmem-fix-thp-allocation-and-fallback-loop-v3.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm-shmem-fix-thp-allocation-and-fallback-loop-v3 has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-shmem-fix-thp-allocation-and-fallback-loop-v3.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Kairui Song <kasong(a)tencent.com> Subject: mm-shmem-fix-thp-allocation-and-fallback-loop-v3 Date: Thu, 23 Oct 2025 14:59:13 +0800 introduce a temporary variable to improve code Link: https://lkml.kernel.org/r/20251023065913.36925-1-ryncsn@gmail.com Link: https://lore.kernel.org/linux-mm/CAMgjq7DqgAmj25nDUwwu1U2cSGSn8n4-Hqpgotted… [1] Fixes: e7a2ab7b3bb5d ("mm: shmem: add mTHP support for anonymous shmem") Signed-off-by: Kairui Song <kasong(a)tencent.com> Cc: Baolin Wang <baolin.wang(a)linux.alibaba.com> Cc: Barry Song <baohua(a)kernel.org> Cc: David Hildenbrand <david(a)redhat.com> Cc: Dev Jain <dev.jain(a)arm.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Liam Howlett <liam.howlett(a)oracle.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Nico Pache <npache(a)redhat.com> Cc: Ryan Roberts <ryan.roberts(a)arm.com> Cc: Zi Yan <ziy(a)nvidia.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/shmem.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) --- a/mm/shmem.c~mm-shmem-fix-thp-allocation-and-fallback-loop-v3 +++ a/mm/shmem.c @@ -1882,6 +1882,7 @@ static struct folio *shmem_alloc_and_add struct shmem_inode_info *info = SHMEM_I(inode); unsigned long suitable_orders = 0; struct folio *folio = NULL; + pgoff_t aligned_index; long pages; int error, order; @@ -1895,9 +1896,10 @@ static struct folio *shmem_alloc_and_add order = highest_order(suitable_orders); while (suitable_orders) { pages = 1UL << order; - folio = shmem_alloc_folio(gfp, order, info, round_down(index, pages)); + aligned_index = round_down(index, pages); + folio = shmem_alloc_folio(gfp, order, info, aligned_index); if (folio) { - index = round_down(index, pages); + index = aligned_index; goto allocated; } _ Patches currently in -mm which might be from kasong(a)tencent.com are mm-shmem-fix-thp-allocation-and-fallback-loop.patch mm-shmem-fix-thp-allocation-and-fallback-loop-v3.patch mm-swap-do-not-perform-synchronous-discard-during-allocation.patch mm-swap-rename-helper-for-setup-bad-slots.patch mm-swap-cleanup-swap-entry-allocation-parameter.patch mm-migrate-swap-drop-usage-of-folio_index.patch mm-swap-remove-redundant-argument-for-isolating-a-cluster.patch

1 month

1
0
0 0

[PATCH 6.1.y] spi-rockchip: Fix register out of bounds access

by Vasiliy Kovalev

From: Luis de Arquer <luis.dearquer(a)inertim.com> commit 7a874e8b54ea21094f7fd2d428b164394c6cb316 upstream. Do not write native chip select stuff for GPIO chip selects. GPIOs can be numbered much higher than native CS. Also, it makes no sense. Fixes: 736b81e07517 ("spi: rockchip: Support SPI_CS_HIGH") Signed-off-by: Luis de Arquer <luis.dearquer(a)inertim.com> Link: https://patch.msgid.link/365ccddfba110549202b3520f4401a6a936e82a8.camel@gma… Signed-off-by: Mark Brown <broonie(a)kernel.org> [ kovalev: bp to fix CVE-2025-38081; added Fixes tag ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- drivers/spi/spi-rockchip.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/spi/spi-rockchip.c b/drivers/spi/spi-rockchip.c index dbefc7e77313..cba858a7b4f9 100644 --- a/drivers/spi/spi-rockchip.c +++ b/drivers/spi/spi-rockchip.c @@ -540,8 +540,8 @@ static int rockchip_spi_config(struct rockchip_spi *rs, cr0 |= (spi->mode & 0x3U) << CR0_SCPH_OFFSET; if (spi->mode & SPI_LSB_FIRST) cr0 |= CR0_FBM_LSB << CR0_FBM_OFFSET; - if (spi->mode & SPI_CS_HIGH) - cr0 |= BIT(spi->chip_select) << CR0_SOI_OFFSET; + if ((spi->mode & SPI_CS_HIGH) && !(spi_get_csgpiod(spi, 0))) + cr0 |= BIT(spi_get_chipselect(spi, 0)) << CR0_SOI_OFFSET; if (xfer->rx_buf && xfer->tx_buf) cr0 |= CR0_XFM_TR << CR0_XFM_OFFSET; -- 2.50.1

1 month

1
0
0 0

Security alert for linux-stable-mirror@lists.linaro.org

by Cpanel Adminlists.linaro.org

1 month

1
0
0 0

+ mm-swap-do-not-perform-synchronous-discard-during-allocation.patch added to mm-new branch

by Andrew Morton

The patch titled Subject: mm, swap: do not perform synchronous discard during allocation has been added to the -mm mm-new branch. Its filename is mm-swap-do-not-perform-synchronous-discard-during-allocation.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-new branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Note, mm-new is a provisional staging ground for work-in-progress patches, and acceptance into mm-new is a notification for others take notice and to finish up reviews. Please do not hesitate to respond to review feedback and post updated versions to replace or incrementally fixup patches in mm-new. Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Kairui Song <kasong(a)tencent.com> Subject: mm, swap: do not perform synchronous discard during allocation Date: Fri, 24 Oct 2025 02:34:11 +0800 Patch series "mm, swap: misc cleanup and bugfix", v2. A few cleanups and a bugfix that are either suitable after the swap table phase I or found during code review. Patch 1 is a bugfix and needs to be included in the stable branch, the rest have no behavioral change. This patch (of 5): Since commit 1b7e90020eb77 ("mm, swap: use percpu cluster as allocation fast path"), swap allocation is protected by a local lock, which means we can't do any sleeping calls during allocation. However, the discard routine is not taken well care of. When the swap allocator failed to find any usable cluster, it would look at the pending discard cluster and try to issue some blocking discards. It may not necessarily sleep, but the cond_resched at the bio layer indicates this is wrong when combined with a local lock. And the bio GFP flag used for discard bio is also wrong (not atomic). It's arguable whether this synchronous discard is helpful at all. In most cases, the async discard is good enough. And the swap allocator is doing very differently at organizing the clusters since the recent change, so it is very rare to see discard clusters piling up. So far, no issues have been observed or reported with typical SSD setups under months of high pressure. This issue was found during my code review. But by hacking the kernel a bit: adding a mdelay(500) in the async discard path, this issue will be observable with WARNING triggered by the wrong GFP and cond_resched in the bio layer for debug builds. So now let's apply a hotfix for this issue: remove the synchronous discard in the swap allocation path. And when order 0 is failing with all cluster list drained on all swap devices, try to do a discard following the swap device priority list. If any discards released some cluster, try the allocation again. This way, we can still avoid OOM due to swap failure if the hardware is very slow and memory pressure is extremely high. This may cause more fragmentation issues if the discarding hardware is really slow. Ideally, we want to discard pending clusters before continuing to iterate the fragment cluster lists. This can be implemented in a cleaner way if we clean up the device list iteration part first. Link: https://lkml.kernel.org/r/20251024-swap-clean-after-swap-table-p1-v2-0-a709… Link: https://lkml.kernel.org/r/20251024-swap-clean-after-swap-table-p1-v2-1-c5b0… Fixes: 1b7e90020eb77 ("mm, swap: use percpu cluster as allocation fast path") Signed-off-by: Kairui Song <kasong(a)tencent.com> Acked-by: Nhat Pham <nphamcs(a)gmail.com> Cc: Baolin Wang <baolin.wang(a)linux.alibaba.com> Cc: Baoquan He <bhe(a)redhat.com> Cc: Barry Song <baohua(a)kernel.org> Cc: Chris Li <chrisl(a)kernel.org> Cc: David Hildenbrand <david(a)redhat.com> Cc: "Huang, Ying" <ying.huang(a)linux.alibaba.com> Cc: Kemeng Shi <shikemeng(a)huaweicloud.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/swapfile.c | 40 +++++++++++++++++++++++++++++++++------- 1 file changed, 33 insertions(+), 7 deletions(-) --- a/mm/swapfile.c~mm-swap-do-not-perform-synchronous-discard-during-allocation +++ a/mm/swapfile.c @@ -1101,13 +1101,6 @@ new_cluster: goto done; } - /* - * We don't have free cluster but have some clusters in discarding, - * do discard now and reclaim them. - */ - if ((si->flags & SWP_PAGE_DISCARD) && swap_do_scheduled_discard(si)) - goto new_cluster; - if (order) goto done; @@ -1394,6 +1387,33 @@ start_over: return false; } +/* + * Discard pending clusters in a synchronized way when under high pressure. + * Return: true if any cluster is discarded. + */ +static bool swap_sync_discard(void) +{ + bool ret = false; + int nid = numa_node_id(); + struct swap_info_struct *si, *next; + + spin_lock(&swap_avail_lock); + plist_for_each_entry_safe(si, next, &swap_avail_heads[nid], avail_lists[nid]) { + spin_unlock(&swap_avail_lock); + if (get_swap_device_info(si)) { + if (si->flags & SWP_PAGE_DISCARD) + ret = swap_do_scheduled_discard(si); + put_swap_device(si); + } + if (ret) + return true; + spin_lock(&swap_avail_lock); + } + spin_unlock(&swap_avail_lock); + + return false; +} + /** * folio_alloc_swap - allocate swap space for a folio * @folio: folio we want to move to swap @@ -1432,11 +1452,17 @@ int folio_alloc_swap(struct folio *folio } } +again: local_lock(&percpu_swap_cluster.lock); if (!swap_alloc_fast(&entry, order)) swap_alloc_slow(&entry, order); local_unlock(&percpu_swap_cluster.lock); + if (unlikely(!order && !entry.val)) { + if (swap_sync_discard()) + goto again; + } + /* Need to call this even if allocation failed, for MEMCG_SWAP_FAIL. */ if (mem_cgroup_try_charge_swap(folio, entry)) goto out_free; _ Patches currently in -mm which might be from kasong(a)tencent.com are mm-shmem-fix-thp-allocation-and-fallback-loop.patch mm-swap-do-not-perform-synchronous-discard-during-allocation.patch mm-swap-rename-helper-for-setup-bad-slots.patch mm-swap-cleanup-swap-entry-allocation-parameter.patch mm-migrate-swap-drop-usage-of-folio_index.patch mm-swap-remove-redundant-argument-for-isolating-a-cluster.patch

1 month

1
0
0 0

[PATCH v3] ACPI: video: Fix use-after-free in acpi_video_switch_brightness()

by Yuhao Jiang

The switch_brightness_work delayed work accesses device->brightness and device->backlight, which are freed by acpi_video_dev_unregister_backlight() during device removal. If the work executes after acpi_video_bus_unregister_backlight() frees these resources, it causes a use-after-free when acpi_video_switch_brightness() dereferences device->brightness or device->backlight. Fix this by calling cancel_delayed_work_sync() for each device's switch_brightness_work in acpi_video_bus_remove_notify_handler() after removing the notify handler that queues the work. This ensures the work completes before the memory is freed. Fixes: 8ab58e8e7e097 ("ACPI / video: Fix backlight taking 2 steps on a brightness up/down keypress") Cc: stable(a)vger.kernel.org Signed-off-by: Yuhao Jiang <danisjiang(a)gmail.com> --- Changes in v3: - Move cancel_delayed_work_sync() to acpi_video_bus_remove_notify_handler() instead of acpi_video_bus_unregister_backlight() for better logic placement - Link to v2: https://lore.kernel.org/all/20251022042514.2167599-1-danisjiang@gmail.com/ --- drivers/acpi/acpi_video.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/acpi/acpi_video.c b/drivers/acpi/acpi_video.c index 103f29661576..be8e7e18abca 100644 --- a/drivers/acpi/acpi_video.c +++ b/drivers/acpi/acpi_video.c @@ -1959,8 +1959,10 @@ static void acpi_video_bus_remove_notify_handler(struct acpi_video_bus *video) struct acpi_video_device *dev; mutex_lock(&video->device_list_lock); - list_for_each_entry(dev, &video->video_device_list, entry) + list_for_each_entry(dev, &video->video_device_list, entry) { acpi_video_dev_remove_notify_handler(dev); + cancel_delayed_work_sync(&dev->switch_brightness_work); + } mutex_unlock(&video->device_list_lock); acpi_video_bus_stop_devices(video); -- 2.34.1

1 month

3
2
0 0

[PATCH v1] riscv: dts: microchip: remove BeagleV Fire fabric.dtsi

by Conor Dooley

From: Conor Dooley <conor.dooley(a)microchip.com> At the time of adding the fabric.dtsi for the BeagleV Fire, we thought that the fabric nodes in the Beagle supplied images were stable. They are not, which has lead to nodes present in the devicetree that are not in the programmed FPGA images. This is obviously problematic, and these nodes must be removed. CC: stable(a)vger.kernel.org Fixes: 3f41368fbfe1 ("riscv: dts: microchip: add an initial devicetree for the BeagleV Fire") Signed-off-by: Conor Dooley <conor.dooley(a)microchip.com> -- CC: Valentina.FernandezAlanis(a)microchip.com CC: Cyril.Jean(a)microchip.com CC: Conor Dooley <conor(a)kernel.org> CC: Daire McNamara <daire.mcnamara(a)microchip.com> CC: Rob Herring <robh(a)kernel.org> CC: Krzysztof Kozlowski <krzk+dt(a)kernel.org> CC: Paul Walmsley <paul.walmsley(a)sifive.com> CC: Jamie Gibbons <jamie.gibbons(a)microchip.com> CC: linux-riscv(a)lists.infradead.org CC: devicetree(a)vger.kernel.org CC: linux-kernel(a)vger.kernel.org --- .../microchip/mpfs-beaglev-fire-fabric.dtsi | 82 ------------------- .../boot/dts/microchip/mpfs-beaglev-fire.dts | 5 -- 2 files changed, 87 deletions(-) delete mode 100644 arch/riscv/boot/dts/microchip/mpfs-beaglev-fire-fabric.dtsi diff --git a/arch/riscv/boot/dts/microchip/mpfs-beaglev-fire-fabric.dtsi b/arch/riscv/boot/dts/microchip/mpfs-beaglev-fire-fabric.dtsi deleted file mode 100644 index e153eaf9b90e..000000000000 --- a/arch/riscv/boot/dts/microchip/mpfs-beaglev-fire-fabric.dtsi +++ /dev/null @@ -1,82 +0,0 @@ -// SPDX-License-Identifier: (GPL-2.0 OR MIT) - -/ { - fabric_clk3: fabric-clk3 { - compatible = "fixed-clock"; - #clock-cells = <0>; - clock-frequency = <50000000>; - }; - - fabric_clk1: fabric-clk1 { - compatible = "fixed-clock"; - #clock-cells = <0>; - clock-frequency = <125000000>; - }; - - fabric-bus@40000000 { - compatible = "simple-bus"; - #address-cells = <2>; - #size-cells = <2>; - ranges = <0x0 0x40000000 0x0 0x40000000 0x0 0x20000000>, /* FIC3-FAB */ - <0x0 0x60000000 0x0 0x60000000 0x0 0x20000000>, /* FIC0, LO */ - <0x0 0xe0000000 0x0 0xe0000000 0x0 0x20000000>, /* FIC1, LO */ - <0x20 0x0 0x20 0x0 0x10 0x0>, /* FIC0,HI */ - <0x30 0x0 0x30 0x0 0x10 0x0>; /* FIC1,HI */ - - cape_gpios_p8: gpio@41100000 { - compatible = "microchip,coregpio-rtl-v3"; - reg = <0x0 0x41100000 0x0 0x1000>; - clocks = <&fabric_clk3>; - gpio-controller; - #gpio-cells = <2>; - ngpios = <16>; - gpio-line-names = "P8_PIN31", "P8_PIN32", "P8_PIN33", "P8_PIN34", - "P8_PIN35", "P8_PIN36", "P8_PIN37", "P8_PIN38", - "P8_PIN39", "P8_PIN40", "P8_PIN41", "P8_PIN42", - "P8_PIN43", "P8_PIN44", "P8_PIN45", "P8_PIN46"; - }; - - cape_gpios_p9: gpio@41200000 { - compatible = "microchip,coregpio-rtl-v3"; - reg = <0x0 0x41200000 0x0 0x1000>; - clocks = <&fabric_clk3>; - gpio-controller; - #gpio-cells = <2>; - ngpios = <20>; - gpio-line-names = "P9_PIN11", "P9_PIN12", "P9_PIN13", "P9_PIN14", - "P9_PIN15", "P9_PIN16", "P9_PIN17", "P9_PIN18", - "P9_PIN21", "P9_PIN22", "P9_PIN23", "P9_PIN24", - "P9_PIN25", "P9_PIN26", "P9_PIN27", "P9_PIN28", - "P9_PIN29", "P9_PIN31", "P9_PIN41", "P9_PIN42"; - }; - - hsi_gpios: gpio@44000000 { - compatible = "microchip,coregpio-rtl-v3"; - reg = <0x0 0x44000000 0x0 0x1000>; - clocks = <&fabric_clk3>; - gpio-controller; - #gpio-cells = <2>; - ngpios = <20>; - gpio-line-names = "B0_HSIO70N", "B0_HSIO71N", "B0_HSIO83N", - "B0_HSIO73N_C2P_CLKN", "B0_HSIO70P", "B0_HSIO71P", - "B0_HSIO83P", "B0_HSIO73N_C2P_CLKP", "XCVR1_RX_VALID", - "XCVR1_LOCK", "XCVR1_ERROR", "XCVR2_RX_VALID", - "XCVR2_LOCK", "XCVR2_ERROR", "XCVR3_RX_VALID", - "XCVR3_LOCK", "XCVR3_ERROR", "XCVR_0B_REF_CLK_PLL_LOCK", - "XCVR_0C_REF_CLK_PLL_LOCK", "B0_HSIO81N"; - }; - }; - - refclk_ccc: cccrefclk { - compatible = "fixed-clock"; - #clock-cells = <0>; - }; -}; - -&ccc_nw { - clocks = <&refclk_ccc>, <&refclk_ccc>, <&refclk_ccc>, <&refclk_ccc>, - <&refclk_ccc>, <&refclk_ccc>; - clock-names = "pll0_ref0", "pll0_ref1", "pll1_ref0", "pll1_ref1", - "dll0_ref", "dll1_ref"; - status = "okay"; -}; diff --git a/arch/riscv/boot/dts/microchip/mpfs-beaglev-fire.dts b/arch/riscv/boot/dts/microchip/mpfs-beaglev-fire.dts index 47cf693beb68..aae239d79162 100644 --- a/arch/riscv/boot/dts/microchip/mpfs-beaglev-fire.dts +++ b/arch/riscv/boot/dts/microchip/mpfs-beaglev-fire.dts @@ -5,7 +5,6 @@ #include <dt-bindings/gpio/gpio.h> #include "mpfs.dtsi" -#include "mpfs-beaglev-fire-fabric.dtsi" /* Clock frequency (in Hz) of MTIMER */ #define MTIMER_FREQ 1000000 @@ -183,10 +182,6 @@ &refclk { clock-frequency = <125000000>; }; -&refclk_ccc { - clock-frequency = <50000000>; -}; - &rtc { status = "okay"; }; -- 2.51.0

1 month

1
1
0 0

[PATCH 1/2] mmc: core sd: Simplify current limit logic for 200mA default

by Avri Altman

The SD current limit logic is updated to avoid explicitly setting the current limit when the maximum power is 200mA (0.72W) or less, as this is already the default value. The code now only issues a current limit switch if a higher limit is required, and the unused SD_SET_CURRENT_NO_CHANGE constant is removed. This reduces unnecessary commands and simplifies the logic. Fixes: 0aa6770000ba ("mmc: sdhci: only set 200mA support for 1.8v if 200mA is available") Signed-off-by: Avri Altman <avri.altman(a)sandisk.com> Cc: stable(a)vger.kernel.org --- drivers/mmc/core/sd.c | 7 ++----- include/linux/mmc/card.h | 1 - 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/drivers/mmc/core/sd.c b/drivers/mmc/core/sd.c index ec02067f03c5..cf92c5b2059a 100644 --- a/drivers/mmc/core/sd.c +++ b/drivers/mmc/core/sd.c @@ -554,7 +554,7 @@ static u32 sd_get_host_max_current(struct mmc_host *host) static int sd_set_current_limit(struct mmc_card *card, u8 *status) { - int current_limit = SD_SET_CURRENT_NO_CHANGE; + int current_limit = SD_SET_CURRENT_LIMIT_200; int err; u32 max_current; @@ -598,11 +598,8 @@ static int sd_set_current_limit(struct mmc_card *card, u8 *status) else if (max_current >= 400 && card->sw_caps.sd3_curr_limit & SD_MAX_CURRENT_400) current_limit = SD_SET_CURRENT_LIMIT_400; - else if (max_current >= 200 && - card->sw_caps.sd3_curr_limit & SD_MAX_CURRENT_200) - current_limit = SD_SET_CURRENT_LIMIT_200; - if (current_limit != SD_SET_CURRENT_NO_CHANGE) { + if (current_limit != SD_SET_CURRENT_LIMIT_200) { err = mmc_sd_switch(card, SD_SWITCH_SET, 3, current_limit, status); if (err) diff --git a/include/linux/mmc/card.h b/include/linux/mmc/card.h index ddcdf23d731c..e9e964c20e53 100644 --- a/include/linux/mmc/card.h +++ b/include/linux/mmc/card.h @@ -182,7 +182,6 @@ struct sd_switch_caps { #define SD_SET_CURRENT_LIMIT_400 1 #define SD_SET_CURRENT_LIMIT_600 2 #define SD_SET_CURRENT_LIMIT_800 3 -#define SD_SET_CURRENT_NO_CHANGE (-1) #define SD_MAX_CURRENT_200 (1 << SD_SET_CURRENT_LIMIT_200) #define SD_MAX_CURRENT_400 (1 << SD_SET_CURRENT_LIMIT_400) -- 2.25.1

1 month

3
4
0 0

Custom Packaging Boxes and Labels

by Micah Robert

Hi, We provide custom packaging boxes and labels. We make boxes in different materials and styles such as Vape Boxe, Cigarette Boxes, Cartridge Boxes, Cardboard boxes, Rigid Boxes and Mailer boxes, etc. Our benefits include quick turnaround time, free shipping and design support. Just send over your box or label specifications and quantity so I can give you an estimate on that. Let me know if you have any questions. Thanks Best Regards Micah Robert My Packaging Pro

1 month

1
0
0 0

[PATCH] PCI/PM: Ensure power-up succeeded before restoring MMIO state

by Brian Norris

From: Brian Norris <briannorris(a)google.com> As the comments in pci_pm_thaw_noirq() suggest, pci_restore_state() may need to restore MSI-X state in MMIO space. This is only possible if we reach D0; if we failed to power up, this might produce a fatal error when touching memory space. Check for errors (as the "verify" in "pci_pm_power_up_and_verify_state" implies), and skip restoring if it fails. This mitigates errors seen during resume_noirq, for example, when the platform did not resume the link properly. Cc: stable(a)vger.kernel.org Signed-off-by: Brian Norris <briannorris(a)google.com> Signed-off-by: Brian Norris <briannorris(a)chromium.org> --- drivers/pci/pci-driver.c | 12 +++++++++--- drivers/pci/pci.c | 13 +++++++++++-- drivers/pci/pci.h | 2 +- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/drivers/pci/pci-driver.c b/drivers/pci/pci-driver.c index 302d61783f6c..d66d95bd0ca2 100644 --- a/drivers/pci/pci-driver.c +++ b/drivers/pci/pci-driver.c @@ -557,7 +557,13 @@ static void pci_pm_default_resume(struct pci_dev *pci_dev) static void pci_pm_default_resume_early(struct pci_dev *pci_dev) { - pci_pm_power_up_and_verify_state(pci_dev); + /* + * If we failed to reach D0, we'd better not touch MSI-X state in MMIO + * space. + */ + if (pci_pm_power_up_and_verify_state(pci_dev)) + return; + pci_restore_state(pci_dev); pci_pme_restore(pci_dev); } @@ -1101,8 +1107,8 @@ static int pci_pm_thaw_noirq(struct device *dev) * in case the driver's "freeze" callbacks put it into a low-power * state. */ - pci_pm_power_up_and_verify_state(pci_dev); - pci_restore_state(pci_dev); + if (!pci_pm_power_up_and_verify_state(pci_dev)) + pci_restore_state(pci_dev); if (pci_has_legacy_pm_support(pci_dev)) return 0; diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c index e698278229f2..c75fec3b094f 100644 --- a/drivers/pci/pci.c +++ b/drivers/pci/pci.c @@ -3144,10 +3144,19 @@ void pci_d3cold_disable(struct pci_dev *dev) } EXPORT_SYMBOL_GPL(pci_d3cold_disable); -void pci_pm_power_up_and_verify_state(struct pci_dev *pci_dev) +int pci_pm_power_up_and_verify_state(struct pci_dev *pci_dev) { - pci_power_up(pci_dev); + int ret; + + ret = pci_power_up(pci_dev); pci_update_current_state(pci_dev, PCI_D0); + + if (ret < 0 && pci_dev->current_state == PCI_D3cold) { + dev_err(&pci_dev->dev, "Failed to power up device: %d\n", ret); + return ret; + } + + return 0; } /** diff --git a/drivers/pci/pci.h b/drivers/pci/pci.h index 1c48bc447f58..87ad201417d5 100644 --- a/drivers/pci/pci.h +++ b/drivers/pci/pci.h @@ -233,7 +233,7 @@ void pci_dev_adjust_pme(struct pci_dev *dev); void pci_dev_complete_resume(struct pci_dev *pci_dev); void pci_config_pm_runtime_get(struct pci_dev *dev); void pci_config_pm_runtime_put(struct pci_dev *dev); -void pci_pm_power_up_and_verify_state(struct pci_dev *pci_dev); +int pci_pm_power_up_and_verify_state(struct pci_dev *pci_dev); void pci_pm_init(struct pci_dev *dev); void pci_ea_init(struct pci_dev *dev); void pci_msi_init(struct pci_dev *dev); -- 2.51.0.rc1.193.gad69d77794-goog

1 month

2
1
0 0

FAILED: patch "[PATCH] x86/resctrl: Fix miscount of bandwidth event when" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 15292f1b4c55a3a7c940dbcb6cb8793871ed3d92 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102051-foe-trunks-268f@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 15292f1b4c55a3a7c940dbcb6cb8793871ed3d92 Mon Sep 17 00:00:00 2001 From: Babu Moger <babu.moger(a)amd.com> Date: Fri, 10 Oct 2025 12:08:35 -0500 Subject: [PATCH] x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Users can create as many monitoring groups as the number of RMIDs supported by the hardware. However, on AMD systems, only a limited number of RMIDs are guaranteed to be actively tracked by the hardware. RMIDs that exceed this limit are placed in an "Unavailable" state. When a bandwidth counter is read for such an RMID, the hardware sets MSR_IA32_QM_CTR.Unavailable (bit 62). When such an RMID starts being tracked again the hardware counter is reset to zero. MSR_IA32_QM_CTR.Unavailable remains set on first read after tracking re-starts and is clear on all subsequent reads as long as the RMID is tracked. resctrl miscounts the bandwidth events after an RMID transitions from the "Unavailable" state back to being tracked. This happens because when the hardware starts counting again after resetting the counter to zero, resctrl in turn compares the new count against the counter value stored from the previous time the RMID was tracked. This results in resctrl computing an event value that is either undercounting (when new counter is more than stored counter) or a mistaken overflow (when new counter is less than stored counter). Reset the stored value (arch_mbm_state::prev_msr) of MSR_IA32_QM_CTR to zero whenever the RMID is in the "Unavailable" state to ensure accurate counting after the RMID resets to zero when it starts to be tracked again. Example scenario that results in mistaken overflow ================================================== 1. The resctrl filesystem is mounted, and a task is assigned to a monitoring group. $mount -t resctrl resctrl /sys/fs/resctrl $mkdir /sys/fs/resctrl/mon_groups/test1/ $echo 1234 > /sys/fs/resctrl/mon_groups/test1/tasks $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes 21323 <- Total bytes on domain 0 "Unavailable" <- Total bytes on domain 1 Task is running on domain 0. Counter on domain 1 is "Unavailable". 2. The task runs on domain 0 for a while and then moves to domain 1. The counter starts incrementing on domain 1. $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes 7345357 <- Total bytes on domain 0 4545 <- Total bytes on domain 1 3. At some point, the RMID in domain 0 transitions to the "Unavailable" state because the task is no longer executing in that domain. $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes "Unavailable" <- Total bytes on domain 0 434341 <- Total bytes on domain 1 4. Since the task continues to migrate between domains, it may eventually return to domain 0. $cat /sys/fs/resctrl/mon_groups/test1/mon_data/mon_L3_*/mbm_total_bytes 17592178699059 <- Overflow on domain 0 3232332 <- Total bytes on domain 1 In this case, the RMID on domain 0 transitions from "Unavailable" state to active state. The hardware sets MSR_IA32_QM_CTR.Unavailable (bit 62) when the counter is read and begins tracking the RMID counting from 0. Subsequent reads succeed but return a value smaller than the previously saved MSR value (7345357). Consequently, the resctrl's overflow logic is triggered, it compares the previous value (7345357) with the new, smaller value and incorrectly interprets this as a counter overflow, adding a large delta. In reality, this is a false positive: the counter did not overflow but was simply reset when the RMID transitioned from "Unavailable" back to active state. Here is the text from APM [1] available from [2]. "In PQOS Version 2.0 or higher, the MBM hardware will set the U bit on the first QM_CTR read when it begins tracking an RMID that it was not previously tracking. The U bit will be zero for all subsequent reads from that RMID while it is still tracked by the hardware. Therefore, a QM_CTR read with the U bit set when that RMID is in use by a processor can be considered 0 when calculating the difference with a subsequent read." [1] AMD64 Architecture Programmer's Manual Volume 2: System Programming Publication # 24593 Revision 3.41 section 19.3.3 Monitoring L3 Memory Bandwidth (MBM). [ bp: Split commit message into smaller paragraph chunks for better consumption. ] Fixes: 4d05bf71f157d ("x86/resctrl: Introduce AMD QOS feature") Signed-off-by: Babu Moger <babu.moger(a)amd.com> Signed-off-by: Borislav Petkov (AMD) <bp(a)alien8.de> Reviewed-by: Reinette Chatre <reinette.chatre(a)intel.com> Tested-by: Reinette Chatre <reinette.chatre(a)intel.com> Cc: stable(a)vger.kernel.org # needs adjustments for <= v6.17 Link: https://bugzilla.kernel.org/show_bug.cgi?id=206537 # [2] diff --git a/arch/x86/kernel/cpu/resctrl/monitor.c b/arch/x86/kernel/cpu/resctrl/monitor.c index c8945610d455..2cd25a0d4637 100644 --- a/arch/x86/kernel/cpu/resctrl/monitor.c +++ b/arch/x86/kernel/cpu/resctrl/monitor.c @@ -242,7 +242,9 @@ int resctrl_arch_rmid_read(struct rdt_resource *r, struct rdt_mon_domain *d, u32 unused, u32 rmid, enum resctrl_event_id eventid, u64 *val, void *ignored) { + struct rdt_hw_mon_domain *hw_dom = resctrl_to_arch_mon_dom(d); int cpu = cpumask_any(&d->hdr.cpu_mask); + struct arch_mbm_state *am; u64 msr_val; u32 prmid; int ret; @@ -251,12 +253,16 @@ int resctrl_arch_rmid_read(struct rdt_resource *r, struct rdt_mon_domain *d, prmid = logical_rmid_to_physical_rmid(cpu, rmid); ret = __rmid_read_phys(prmid, eventid, &msr_val); - if (ret) - return ret; - *val = get_corrected_val(r, d, rmid, eventid, msr_val); + if (!ret) { + *val = get_corrected_val(r, d, rmid, eventid, msr_val); + } else if (ret == -EINVAL) { + am = get_arch_mbm_state(hw_dom, rmid, eventid); + if (am) + am->prev_msr = 0; + } - return 0; + return ret; } static int __cntr_id_read(u32 cntr_id, u64 *val)

1 month

3
2
0 0

, conoce mejor a tu candidato antes de contratar

by Valeria Pérez

Evaluaciones Psicométricas para RR.HH. body { margin: 0; padding: 0; font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #333; background-color: #ffffff; } table { border-spacing: 0; width: 100%; max-width: 600px; margin: auto; } td { padding: 12px 20px; } a { color: #1a73e8; text-decoration: none; } .footer { font-size: 12px; color: #888888; text-align: center; } Mejora tus procesos de selección con evaluaciones psicométricas fáciles y confiables. Hola, , Sabemos que encontrar al candidato ideal va más allá del currículum. Por eso quiero contarte brevemente sobre PsicoSmart, una plataforma que ayuda a equipos de RR.HH. a evaluar talento con pruebas psicométricas rápidas, confiables y fáciles de aplicar. Con PsicoSmart puedes: Aplicar evaluaciones psicométricas 100% en línea. Elegir entre más de 31 pruebas psicométricas Generar reportes automáticos, visuales y fáciles de interpretar. Comparar resultados entre candidatos en segundos. Ahorrar horas valiosas del proceso de selección. Si estás buscando mejorar tus contrataciones, te lo recomiendo muchísimo. Si quieres conocer más puedes responder este correo o simplemente contactarme, mis datos están abajo. Saludos, ----------------------------- Atte.: Valeria Pérez Ciudad de México: (55) 5018 0565 WhatsApp: +52 33 1607 2089 Si no deseas recibir más correos, haz clic aquí para darte de baja. Para remover su dirección de esta lista haga <a href="https://s1.arrobamail.com/unsuscribe.php?id=yiwtsrewispptseup">click aquí</a>

1 month

1
0
0 0

[PATCH 6.17 000/563] 6.17.3-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.17.3 release. There are 563 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 15 Oct 2025 14:42:41 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.17.3-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.17.3-rc1 Lijo Lazar <lijo.lazar(a)amd.com> drm/amdgpu/vcn: Fix double-free of vcn dump buffer Marek Szyprowski <m.szyprowski(a)samsung.com> scsi: ufs: core: Fix PM QoS mutex initialization Miaoqian Lin <linmq006(a)gmail.com> usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com> arm64: dts: qcom: qcm2290: Disable USB SS bus instances in park mode Sven Peter <sven(a)kernel.org> usb: typec: tipd: Clear interrupts first Oleksij Rempel <o.rempel(a)pengutronix.de> net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Dominique Martinet <asmadeus(a)codewreck.org> net/9p: Fix buffer overflow in USB transport layer Salah Triki <salah.triki(a)gmail.com> bus: fsl-mc: Check return value of platform_get_resource() Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> pinctrl: check the return value of pinmux_ops::get_function_name() Jens Wiklander <jens.wiklander(a)linaro.org> tee: fix register_shm_helper() Duoming Zhou <duoming(a)zju.edu.cn> thunderbolt: Fix use-after-free in tb_dp_dprx_work Shin'ichiro Kawasaki <shinichiro.kawasaki(a)wdc.com> PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release Zhen Ni <zhen.ni(a)easystack.cn> remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() Breno Leitao <leitao(a)debian.org> PCI/AER: Avoid NULL pointer dereference in aer_ratelimit() Lei Lu <llfamsec(a)gmail.com> sunrpc: fix null pointer dereference on zero-length checksum Zhen Ni <zhen.ni(a)easystack.cn> Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak Marek Vasut <marek.vasut(a)mailbox.org> Input: atmel_mxt_ts - allow reset GPIO to sleep Ling Xu <quic_lxu5(a)quicinc.com> misc: fastrpc: Skip reference for DMA handles Ling Xu <quic_lxu5(a)quicinc.com> misc: fastrpc: fix possible map leak in fastrpc_put_args Ling Xu <quic_lxu5(a)quicinc.com> misc: fastrpc: Fix fastrpc_map_lookup operation Ling Xu <quic_lxu5(a)quicinc.com> misc: fastrpc: Save actual DMA size in fastrpc_map structure Guangshuo Li <lgs201920130244(a)gmail.com> nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe() Lance Yang <lance.yang(a)linux.dev> selftests/mm: skip soft-dirty tests when CONFIG_MEM_SOFT_DIRTY is disabled Yang Shi <yang(a)os.amperecomputing.com> mm: hugetlb: avoid soft lockup when mprotect to large memory area Janne Grunau <j(a)jannau.net> fbdev: simplefb: Fix use after free in simplefb_detach_genpds() Sean Christopherson <seanjc(a)google.com> KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Jan Kara <jack(a)suse.cz> ext4: fix checks for orphan inodes Baokun Li <libaokun1(a)huawei.com> ext4: fix potential null deref in ext4_mb_init() Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: add max ip connections parameter Matvey Kovalev <matvey.kovalev(a)ispras.ru> ksmbd: fix error code overwriting in smb2_get_info_filesystem() Yunseong Kim <ysk(a)kzalloc.com> ksmbd: Fix race condition in RPC handle list access Jakub Acs <acsjakub(a)amazon.de> mm/ksm: fix flag-dropping behavior in ksm_madvise Huacai Chen <chenhuacai(a)kernel.org> LoongArch: BPF: Fix uninitialized symbol 'retval_off' Hengqi Chen <hengqi.chen(a)gmail.com> LoongArch: BPF: Remove duplicated flags check Hengqi Chen <hengqi.chen(a)gmail.com> LoongArch: BPF: No text_poke() for kernel text Hengqi Chen <hengqi.chen(a)gmail.com> LoongArch: BPF: Remove duplicated bpf_flush_icache() Hengqi Chen <hengqi.chen(a)gmail.com> LoongArch: BPF: Make error handling robust in arch_prepare_bpf_trampoline() Hengqi Chen <hengqi.chen(a)gmail.com> LoongArch: BPF: Make trampoline size stable Hengqi Chen <hengqi.chen(a)gmail.com> LoongArch: BPF: Don't align trampoline size Hengqi Chen <hengqi.chen(a)gmail.com> LoongArch: BPF: No support of struct argument in trampoline programs Hengqi Chen <hengqi.chen(a)gmail.com> LoongArch: BPF: Sign-extend struct ops return values properly Xi Ruoyao <xry111(a)xry111.site> pwm: loongson: Fix LOONGSON_PWM_FREQ_DEFAULT Youling Tang <tangyouling(a)kylinos.cn> LoongArch: Automatically disable kaslr if boot from kexec_file Zheng Qixing <zhengqixing(a)huawei.com> dm: fix NULL pointer dereference in __dm_suspend() Zheng Qixing <zhengqixing(a)huawei.com> dm: fix queue start/stop imbalance under suspend/load/resume races Steven Rostedt <rostedt(a)goodmis.org> tracing: Stop fortify-string from warning in tracing_mark_raw_write() Steven Rostedt <rostedt(a)goodmis.org> tracing: Fix tracing_mark_raw_write() to use buf and not ubuf Steven Rostedt <rostedt(a)goodmis.org> tracing: Have trace_marker use per-cpu data to read user space Steven Rostedt <rostedt(a)goodmis.org> tracing: Fix irqoff tracers on failure of acquiring calltime Steven Rostedt <rostedt(a)goodmis.org> tracing: Fix wakeup tracers on failure of acquiring calltime Yuan Chen <chenyuan(a)kylinos.cn> tracing: Fix race condition in kprobe initialization causing NULL pointer dereference Sasha Levin <sashal(a)kernel.org> tracing: Fix lock imbalance in s_start() memory allocation failure path Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() Hans de Goede <hansg(a)kernel.org> mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag Cosmin Tanislav <cosmin-gabriel.tanislav.xa(a)renesas.com> mfd: rz-mtu3: Fix MTU5 NFCR register offset Deepak Sharma <deepak.sharma.472935(a)gmail.com> net: nfc: nci: Add parameter validation for packet data Larshin Sergey <Sergey.Larshin(a)kaspersky.com> fs: udf: fix OOB read in lengthAllocDescs handling Kai Vehmanen <kai.vehmanen(a)linux.intel.com> ASoC: SOF: ipc4-pcm: fix start offset calculation for chain DMA Kai Vehmanen <kai.vehmanen(a)linux.intel.com> ASoC: SOF: ipc4-pcm: fix delay calculation when DSP resamples Srinivas Kandagatla <srinivas.kandagatla(a)oss.qualcomm.com> ASoC: codecs: wcd937x: make stub functions inline Srinivas Kandagatla <srinivas.kandagatla(a)oss.qualcomm.com> ASoC: codecs: wcd937x: set the comp soundwire port correctly Ranjani Sridharan <ranjani.sridharan(a)linux.intel.com> ASoC: SOF: ipc3-topology: Fix multi-core and static pipelines tear down Ma Ke <make24(a)iscas.ac.cn> ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() Pavel Begunkov <asml.silence(a)gmail.com> io_uring/zcrx: fix overshooting recv limit Jens Axboe <axboe(a)kernel.dk> io_uring/waitid: always prune wait queue entry in io_waitid_wait() Miaoqian Lin <linmq006(a)gmail.com> hisi_acc_vfio_pci: Fix reference leak in hisi_acc_vfio_debug_init Naman Jain <namjain(a)linux.microsoft.com> uio_hv_generic: Let userspace take care of interrupt mask Phillip Lougher <phillip(a)squashfs.org.uk> Squashfs: fix uninit-value in squashfs_get_parent Takashi Iwai <tiwai(a)suse.de> ALSA: hda/realtek: Add quirk for HP Spectre 14t-ea100 Steven 'Steve' Kendall <skend(a)chromium.org> ALSA: hda/hdmi: Add pin fix for HP ProDesk model Jarkko Sakkinen <jarkko(a)kernel.org> tpm: Disable TPM2_TCG_HMAC by default Yazhou Tang <tangyazhou518(a)outlook.com> bpf: Reject negative offsets for ALU ops Brahmajit Das <listout(a)listout.xyz> bpf: Skip scalar adjustment for BPF_NEG if dst is a pointer Jiri Olsa <jolsa(a)kernel.org> selftests/bpf: Fix realloc size in bpf_get_addrs Menglong Dong <menglong8.dong(a)gmail.com> selftests/bpf: move get_ksyms and get_addrs to trace_helpers.c Shubham Sharma <slopixelz(a)gmail.com> selftests/bpf: Fix typos and grammar in test sources zhang jiao <zhangjiao2(a)cmss.chinamobile.com> vhost: vringh: Modify the return value check Bo Sun <bo(a)mboxify.com> octeontx2-pf: fix bitmap leak Bo Sun <bo(a)mboxify.com> octeontx2-vf: fix bitmap leak Mike Snitzer <snitzer(a)kernel.org> nfs/localio: avoid issuing misaligned IO using O_DIRECT Mike Snitzer <snitzer(a)kernel.org> NFSD: filecache: add STATX_DIOALIGN and STATX_DIO_READ_ALIGN support Jakub Kicinski <kuba(a)kernel.org> Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set" Guixin Liu <kanie(a)linux.alibaba.com> iommufd: Register iommufd mock devices with fwspec Wei Fang <wei.fang(a)nxp.com> net: enetc: initialize SW PIR and CIR based HW PIR and CIR values Hangbin Liu <liuhangbin(a)gmail.com> bonding: fix xfrm offload feature setup on active-backup mode Enzo Matsumiya <ematsumiya(a)suse.de> smb: client: fix crypto buffers in non-linear memory Moshe Shemesh <moshe(a)nvidia.com> net/mlx5: fw reset, add reset timeout work Shay Drory <shayd(a)nvidia.com> net/mlx5: pagealloc: Fix reclaim race during command interface teardown Moshe Shemesh <moshe(a)nvidia.com> net/mlx5: Stop polling for command response if interface goes down Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: handle copy_thresh allocation failure Kohei Enju <enjuk(a)amazon.com> net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable Kohei Enju <enjuk(a)amazon.com> nfp: fix RSS hash key size when RSS is not supported Eric Dumazet <edumazet(a)google.com> tcp: use skb->len instead of skb->truesize in tcp_can_ingest() Alok Tiwari <alok.a.tiwari(a)oracle.com> idpf: fix mismatched free function for dma_alloc_coherent Alok Tiwari <alok.a.tiwari(a)oracle.com> PCI: j721e: Fix incorrect error message in probe() Erick Karanja <karanja99erick(a)gmail.com> mtd: rawnand: atmel: Fix error handling path in atmel_nand_controller_add_nands Chao Yu <chao(a)kernel.org> f2fs: fix UAF issue in f2fs_merge_page_bio() Donet Tom <donettom(a)linux.ibm.com> drivers/base/node: fix double free in register_one_node() Dan Carpenter <dan.carpenter(a)linaro.org> ocfs2: fix double free in user_cluster_connect() Alistair Popple <apopple(a)nvidia.com> cramfs: fix incorrect physical page address calculation Nishanth Menon <nm(a)ti.com> hwrng: ks-sa - fix division by zero in ks_sa_rng_init Fan Wu <wufan(a)kernel.org> KEYS: X.509: Fix Basic Constraints CA flag parsing Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements Pauli Virtanen <pav(a)iki.fi> Bluetooth: ISO: don't leak skb in ISO_CONT RX Pauli Virtanen <pav(a)iki.fi> Bluetooth: ISO: free rx_skb if not consumed Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: ISO: Fix possible UAF on iso_conn_free Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO Kiran K <kiran.k(a)intel.com> Bluetooth: btintel_pcie: Refactor Device Coredump Théo Lebrun <theo.lebrun(a)bootlin.com> net: macb: single dma_alloc_coherent() for DMA descriptors Théo Lebrun <theo.lebrun(a)bootlin.com> net: macb: move ring size computation to functions Théo Lebrun <theo.lebrun(a)bootlin.com> net: macb: remove illusion about TBQPH/RBQPH being per-queue Michael S. Tsirkin <mst(a)redhat.com> vhost: vringh: Fix copy_to_iter return value check I Viswanath <viswanathiyyappan(a)gmail.com> ptp: Add a upper bound on max_vclocks I Viswanath <viswanathiyyappan(a)gmail.com> net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast Claudiu Manoil <claudiu.manoil(a)nxp.com> net: enetc: Fix probing error message typo for the ENETCv4 PF driver Bernard Metzler <bernard.metzler(a)linux.dev> RDMA/siw: Always report immediate post SQ errors Alessandro Zanni <alessandro.zanni87(a)gmail.com> iommu/selftest: prevent use of uninitialized variable Lu Baolu <baolu.lu(a)linux.intel.com> iommu/vt-d: Disallow dirty tracking if incoherent page walk Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> ASoC: qcom: sc8280xp: use sa8775p/ subdir for QCS9100 / QCS9075 Marek Vasut <marek.vasut+renesas(a)mailbox.org> PCI: rcar-gen4: Fix inverted break condition in PHY initialization Marek Vasut <marek.vasut+renesas(a)mailbox.org> PCI: rcar-gen4: Assure reset occurs before DBI access Marek Vasut <marek.vasut+renesas(a)mailbox.org> PCI: rcar-gen4: Add missing 1ms delay after PWR reset assertion Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> usb: vhci-hcd: Prevent suspending virtually attached devices Ranjan Kumar <ranjan.kumar(a)broadcom.com> scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() Zhongqiu Han <zhongqiu.han(a)oss.qualcomm.com> scsi: ufs: core: Fix data race in CPU latency PM QoS request handling Eric Dumazet <edumazet(a)google.com> netfilter: nf_conntrack: do not skip entries in /proc/net/nf_conntrack Fernando Fernandez Mancera <fmancera(a)suse.de> netfilter: nfnetlink: reset nlh pointer during batch replay Slavin Liu <slavin452(a)gmail.com> ipvs: Defer ip_vs_ftp unregister during netns cleanup Vadim Fedorenko <vadim.fedorenko(a)linux.dev> net: ethtool: tsconfig: set command must provide a reply Anthony Iliopoulos <ailiop(a)suse.com> NFSv4.1: fix backchannel max_resp_sz verification check Lin Yujun <linyujun809(a)h-partners.com> coresight: Fix incorrect handling for return value of devm_kzalloc Jie Gan <jie.gan(a)oss.qualcomm.com> coresight: tpda: fix the logic to setup the element size Leo Yan <leo.yan(a)arm.com> coresight: trbe: Return NULL pointer for allocation failures Leo Yan <leo.yan(a)arm.com> coresight: Avoid enable programming clock duplicately Leo Yan <leo.yan(a)arm.com> coresight: Appropriately disable trace bus clocks Leo Yan <leo.yan(a)arm.com> coresight: Appropriately disable programming clocks Leo Yan <leo.yan(a)arm.com> coresight: etm4x: Support atclk Leo Yan <leo.yan(a)arm.com> coresight: catu: Support atclk Leo Yan <leo.yan(a)arm.com> coresight: tmc: Support atclk Yuanfang Zhang <yuanfang.zhang(a)oss.qualcomm.com> coresight-etm4x: Conditionally access register TRCEXTINSELR Yeoreum Yun <yeoreum.yun(a)arm.com> coresight: fix indentation error in cscfg_remove_owned_csdev_configs() Ivan Abramov <i.abramov(a)mt-integration.ru> dm vdo: return error on corrupted metadata in start_restoring_volume functions Ryder Lee <ryder.lee(a)mediatek.com> wifi: cfg80211: fix width unit in cfg80211_radio_chandef_valid() Nithyanantham Paramasivam <nithyanantham.paramasivam(a)oss.qualcomm.com> wifi: ath12k: Fix flush cache failure during RX queue update Nithyanantham Paramasivam <nithyanantham.paramasivam(a)oss.qualcomm.com> wifi: ath12k: Refactor RX TID deletion handling into helper function Stephan Gerhold <stephan.gerhold(a)linaro.org> remoteproc: qcom: pas: Shutdown lite ADSP DTB on X1E Stephan Gerhold <stephan.gerhold(a)linaro.org> remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice Nagarjuna Kristam <nkristam(a)nvidia.com> PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: rtw89: avoid circular locking dependency in ser_state_run() Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: rtw89: fix leak in rtw89_core_send_nullfunc() Chunyu Hu <chuhu(a)redhat.com> selftests/mm: fix va_high_addr_switch.sh failure on x86_64 Gui-Dong Han <hanguidong02(a)gmail.com> RDMA/rxe: Fix race in do_task() when draining Dmitry Baryshkov <lumag(a)kernel.org> remoteproc: qcom_q6v5_mss: support loading MBN file on msm8974 Barnabás Czémán <barnabas.czeman(a)mainlining.org> rpmsg: qcom_smd: Fix fallback to qcom,ipc parse Hari Chandrakanthan <quic_haric(a)quicinc.com> wifi: ath12k: Fix peer lookup in ath12k_dp_mon_rx_deliver_msdu() Chenghai Huang <huangchenghai2(a)huawei.com> crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs Dan Moulding <dan(a)danm.net> crypto: comp - Use same definition of context alloc and free ops Zilin Guan <zilin(a)seu.edu.cn> vfio/pds: replace bitmap_free with vfree Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from,to}_user for M7 Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_to_user for Niagara 4 Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC Richard Fitzgerald <rf(a)opensource.cirrus.com> ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback Aditya Kumar Singh <aditya.kumar.singh(a)oss.qualcomm.com> wifi: mac80211: fix Rx packet handling when pubsta information is not available Vineeth Pillai (Google) <vineeth(a)bitbyteword.org> iommu/vt-d: debugfs: Fix legacy mode page table dump logic Baochen Qiang <baochen.qiang(a)oss.qualcomm.com> wifi: ath10k: avoid unnecessary wait for service ready message Baochen Qiang <baochen.qiang(a)oss.qualcomm.com> wifi: ath12k: fix wrong logging ID used for CE Sriram R <quic_srirrama(a)quicinc.com> wifi: ath12k: Add fallback for invalid channel number in PHY metadata Kang Yang <kang.yang(a)oss.qualcomm.com> wifi: ath12k: fix the fetching of combined rssi Kang Yang <kang.yang(a)oss.qualcomm.com> wifi: ath12k: fix HAL_PHYRX_COMMON_USER_INFO handling in monitor mode Kang Yang <kang.yang(a)oss.qualcomm.com> wifi: ath12k: fix signal in radiotap for WCN7850 Baochen Qiang <quic_bqiang(a)quicinc.com> wifi: ath12k: fix overflow warning on num_pwr_levels Baochen Qiang <baochen.qiang(a)oss.qualcomm.com> wifi: ath12k: initialize eirp_power before use Richard Fitzgerald <rf(a)opensource.cirrus.com> ASoC: SOF: ipc4-pcm: Fix incorrect comparison with number of tdm_slots Bagas Sanjaya <bagasdotme(a)gmail.com> Documentation: trace: historgram-design: Separate sched_waking histogram section heading and the following diagram Vlad Dumitrescu <vdumitrescu(a)nvidia.com> IB/sa: Fix sa_local_svc_timeout_ms read race Parav Pandit <parav(a)nvidia.com> RDMA/core: Resolve MAC of next-hop device without ARP support Michal Pecio <michal.pecio(a)gmail.com> Revert "usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running" Kuniyuki Iwashima <kuniyu(a)google.com> mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable(). Kuniyuki Iwashima <kuniyu(a)google.com> mptcp: Call dst_release() in mptcp_active_enable(). Kuniyuki Iwashima <kuniyu(a)google.com> tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). Kuniyuki Iwashima <kuniyu(a)google.com> smc: Use __sk_dst_get() and dst_dev_rcu() in smc_vlan_by_tcpsk(). Kuniyuki Iwashima <kuniyu(a)google.com> smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). Kuniyuki Iwashima <kuniyu(a)google.com> smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). Kuniyuki Iwashima <kuniyu(a)google.com> smc: Fix use-after-free in __pnet_find_base_ndev(). wangzijie <wangzijie1(a)honor.com> f2fs: fix zero-sized extent for precache extents Benjamin Tissoires <bentiss(a)kernel.org> HID: hidraw: tighten ioctl command parsing Qianfeng Rong <rongqianfeng(a)vivo.com> scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp() Qianfeng Rong <rongqianfeng(a)vivo.com> scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES() Qianfeng Rong <rongqianfeng(a)vivo.com> scsi: qla2xxx: edif: Fix incorrect sign of error code Colin Ian King <colin.i.king(a)gmail.com> ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT Fangyu Yu <fangyu.yu(a)linux.alibaba.com> RISC-V: KVM: Write hgatp register with valid mode bits Chao Yu <chao(a)kernel.org> f2fs: fix to mitigate overhead of f2fs_zero_post_eof_page() Chao Yu <chao(a)kernel.org> f2fs: fix to avoid migrating empty section Chao Yu <chao(a)kernel.org> f2fs: fix to truncate first page in error path of f2fs_truncate() Chao Yu <chao(a)kernel.org> f2fs: fix to update map->m_next_extent correctly in f2fs_map_blocks() Timur Kristóf <timur.kristof(a)gmail.com> drm/amdgpu: Fix allocating extra dwords for rings (v2) Zqiang <qiang.zhang(a)linux.dev> srcu/tiny: Remove preempt_disable/enable() in srcu_gp_start_if_needed() Bard Liao <yung-chuan.liao(a)linux.intel.com> ASoC: Intel: hda-sdw-bpt: set persistent_buffer false Felix Fietkau <nbd(a)nbd.name> wifi: mt76: mt7996: remove redundant per-phy mac80211 calls during restart Zhi-Jun You <hujy652(a)gmail.com> wifi: mt76: mt7915: fix mt7981 pre-calibration Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Convert mt7996_wed_rro_addr to LE Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Fix RX packets configuration for primary WED device Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Fix tx-queues initialization for second phy on mt7996 Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Check phy before init msta_link in mt7996_mac_sta_add_links() Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Use proper link_id in link_sta_rc_update callback Abdun Nihaal <abdun.nihaal(a)gmail.com> wifi: mt76: fix potential memory leak in mt76_wmac_probe() Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Fix mt7996_mcu_bss_mld_tlv routine Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Fix mt7996_mcu_sta_ba wcid configuration Håkon Bugge <haakon.bugge(a)oracle.com> RDMA/cm: Rate limit destroy CM ID timeout error message Donet Tom <donettom(a)linux.ibm.com> drivers/base/node: handle error properly in register_one_node() Niklas Cassel <cassel(a)kernel.org> PCI: endpoint: pci-epf-test: Fix doorbell test support Christophe Leroy <christophe.leroy(a)csgroup.eu> watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog Guenter Roeck <linux(a)roeck-us.net> watchdog: intel_oc_wdt: Do not try to write into const memory Jiri Kosina <jikos(a)kernel.org> HID: steelseries: Fix STEELSERIES_SRWS1 handling in steelseries_remove() Zhang Tengfei <zhtfdev(a)gmail.com> ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enable Zhen Ni <zhen.ni(a)easystack.cn> netfilter: ipset: Remove unused htable_bits in macro ahash_region Edward Srouji <edwards(a)nvidia.com> RDMA/mlx5: Fix page size bitmap calculation for KSM mode Matthieu Baerts (NGI0) <matttbe(a)kernel.org> tools: ynl: fix undefined variable name Kuan-Wei Chiu <visitorckw(a)gmail.com> mm/slub: Fix cmp_loc_by_count() to return 0 when counts are equal Hans de Goede <hansg(a)kernel.org> iio: consumers: Fix offset handling in iio_convert_raw_to_processed() Hans de Goede <hansg(a)kernel.org> iio: consumers: Fix handling of negative channel scale in iio_convert_raw_to_processed() Moon Hee Lee <moonhee.lee.ca(a)gmail.com> fs/ntfs3: reject index allocation if $BITMAP is empty but blocks exist Vitaly Grigoryev <Vitaly.Grigoryev(a)kaspersky.com> fs: ntfs3: Fix integer overflow in run_unpack() Sarika Sharma <quic_sarishar(a)quicinc.com> wifi: mac80211: fix reporting of all valid links in sta_set_sinfo() Qianfeng Rong <rongqianfeng(a)vivo.com> drm/msm/dpu: fix incorrect type for ret Akhil P Oommen <akhilpo(a)oss.qualcomm.com> drm/msm: Fix bootup splat with separate_gpu_drm modparam Eric Dumazet <edumazet(a)google.com> ipv6: snmp: do not track per idev ICMP6_MIB_RATELIMITHOST Eric Dumazet <edumazet(a)google.com> ipv6: snmp: do not use SNMP_MIB_SENTINEL anymore Takashi Iwai <tiwai(a)suse.de> ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping Takashi Iwai <tiwai(a)suse.de> ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping Takashi Iwai <tiwai(a)suse.de> ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping Alexander Lobakin <aleksander.lobakin(a)intel.com> idpf: fix Rx descriptor ready check barrier in splitq Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> drm/msm: stop supporting no-IOMMU configuration Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> drm/msm/mdp4: stop supporting no-IOMMU configuration Liao Yuanhong <liaoyuanhong(a)vivo.com> wifi: iwlwifi: Remove redundant header files Rob Clark <robin.clark(a)oss.qualcomm.com> drm/msm: Fix missing VM_BIND offset/range validation Rob Clark <robin.clark(a)oss.qualcomm.com> drm/msm: Fix obj leak in VM_BIND error path Wang Liang <wangliang74(a)huawei.com> pps: fix warning in pps_register_cdev when register device fail Colin Ian King <colin.i.king(a)gmail.com> misc: genwqe: Fix incorrect cmd field being reported in error Seppo Takalo <seppo.takalo(a)nordicsemi.no> tty: n_gsm: Don't block input queue by waiting MSC William Wu <william.wu(a)rock-chips.com> usb: gadget: configfs: Correctly set use_os_string at bind Xichao Zhao <zhao.xichao(a)vivo.com> usb: phy: twl6030: Fix incorrect type for ret Qianfeng Rong <rongqianfeng(a)vivo.com> drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() Anderson Nascimento <anderson(a)allelesecurity.com> fanotify: Validate the return value of mnt_ns_from_dentry() before dereferencing Eric Dumazet <edumazet(a)google.com> tcp: fix __tcp_close() to only send RST when required Ziyue Zhang <ziyue.zhang(a)oss.qualcomm.com> PCI: qcom: Add equalization settings for 8.0 GT/s and 32.0 GT/s Aditya Kumar Singh <aditya.kumar.singh(a)oss.qualcomm.com> wifi: mac80211: consider links for validating SCAN_FLAG_AP in scan request during MLO Alok Tiwari <alok.a.tiwari(a)oracle.com> PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation Jun Nie <jun.nie(a)linaro.org> drm/msm: Do not validate SSPP when it is not ready Gokul Sivakumar <gokulkumar.sivakumar(a)infineon.com> wifi: brcmfmac: fix 43752 SDIO FWVID incorrectly labelled as Cypress (CYW) Stefan Kerkmann <s.kerkmann(a)pengutronix.de> wifi: mwifiex: send world regulatory domain to driver Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mac80211: Make CONNECTION_MONITOR optional for MLO sta Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/pm: Adjust si_upload_smc_data register programming (v3) Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/pm: Fix si_upload_smc_data (v3) Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/pm: Disable ULV even if unsupported (v3) Timur Kristóf <timur.kristof(a)gmail.com> drm/amdgpu: Power up UVD 3 for FW validation (v2) Yuanfang Zhang <quic_yuanfang(a)quicinc.com> coresight: Only register perf symlink for sinks with alloc_buffer James Clark <james.clark(a)linaro.org> coresight: Fix missing include for FIELD_GET James Clark <james.clark(a)linaro.org> coresight: trbe: Add ISB after TRBLIMITR write Nathan Lynch <nathan.lynch(a)amd.com> dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation Eric Dumazet <edumazet(a)google.com> inet: ping: check sock_net() in ping_get_port() and ping_lookup() Weili Qian <qianweili(a)huawei.com> crypto: hisilicon/qm - request reserved interrupt for virtual function Zhushuai Yin <yinzhushuai(a)huawei.com> crypto: hisilicon/qm - check whether the input function and PF are on the same device Weili Qian <qianweili(a)huawei.com> crypto: hisilicon - check the sva module status while enabling or disabling address prefetch Chenghai Huang <huangchenghai2(a)huawei.com> crypto: hisilicon - re-enable address prefetch after device resuming Chenghai Huang <huangchenghai2(a)huawei.com> crypto: hisilicon/zip - remove unnecessary validation for high-performance mode configurations Eric Dumazet <edumazet(a)google.com> ipv4: start using dst_dev_rcu() Eric Dumazet <edumazet(a)google.com> tcp_metrics: use dst_dev_net_rcu() Eric Dumazet <edumazet(a)google.com> net: use dst_dev_rcu() in sk_setup_caps() Eric Dumazet <edumazet(a)google.com> ipv6: use RCU in ip6_output() Eric Dumazet <edumazet(a)google.com> ipv6: use RCU in ip6_xmit() Eric Dumazet <edumazet(a)google.com> ipv6: start using dst_dev_rcu() Yue Haibing <yuehaibing(a)huawei.com> ipv6: mcast: Add ip6_mc_find_idev() helper Eric Dumazet <edumazet(a)google.com> net: dst: introduce dst->dev_rcu Geert Uytterhoeven <geert+renesas(a)glider.be> efi: Explain OVMF acronym in OVMF_DEBUG_LOG help text Qianfeng Rong <rongqianfeng(a)vivo.com> accel/amdxdna: Use int instead of u32 to store error codes Lijo Lazar <lijo.lazar(a)amd.com> drm/amdgpu: Check vcn state before profile switch Sathishkumar S <sathishkumar.sundararaju(a)amd.com> drm/amdgpu/vcn: Hold pg_lock before vcn power off Sathishkumar S <sathishkumar.sundararaju(a)amd.com> drm/amdgpu/vcn: Add regdump helper functions Arnd Bergmann <arnd(a)arndb.de> media: st-delta: avoid excessive stack usage Qianfeng Rong <rongqianfeng(a)vivo.com> ALSA: lx_core: use int type to store negative error codes Dan Carpenter <dan.carpenter(a)linaro.org> HID: i2c-hid: Fix test in i2c_hid_core_register_panel_follower() Nirmoy Das <nirmoyd(a)nvidia.com> PCI/ACPI: Fix pci_acpi_preserve_config() memory leak Nipun Gupta <nipun.gupta(a)amd.com> cdx: don't select CONFIG_GENERIC_MSI_IRQ Krishna Chaitanya Chundru <krishna.chundru(a)oss.qualcomm.com> PCI: qcom: Restrict port parsing only to PCIe bridge child nodes Joanne Koong <joannelkoong(a)gmail.com> fuse: remove unneeded offset assignment when filling write pages Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> PCI: rcar-host: Pass proper IRQ domain to generic_handle_domain_irq() Christian Marangi <ansuelsmth(a)gmail.com> net: phy: as21xxx: better handle PHY HW reset on soft-reboot Christian Marangi <ansuelsmth(a)gmail.com> net: phy: introduce phy_id_compare_vendor() PHY ID helper Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtw88: Use led->brightness_set_blocking for PCI too Patrisious Haddad <phaddad(a)nvidia.com> RDMA/mlx5: Fix vport loopback forcing for MPV device Or Har-Toov <ohartoov(a)nvidia.com> RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count Pin-yen Lin <treapking(a)chromium.org> HID: i2c-hid: Make elan touch controllers power on after panel is enabled Pin-yen Lin <treapking(a)chromium.org> drm/panel: Allow powering on panel follower after panel is enabled Benjamin Mugnier <benjamin.mugnier(a)foss.st.com> media: i2c: vd55g1: Fix duster register address Bingbu Cao <bingbu.cao(a)intel.com> media: staging/ipu7: cleanup the MMU correctly in IPU7 driver release Bingbu Cao <bingbu.cao(a)intel.com> media: staging/ipu7: Don't set name for IPU7 PCI device Bingbu Cao <bingbu.cao(a)intel.com> media: staging/ipu7: convert to use pci_alloc_irq_vectors() API Zhang Shurong <zhang_shurong(a)foxmail.com> media: rj54n1cb0c: Fix memleak in rj54n1_probe() Xaver Hugl <xaver.hugl(a)kde.org> drm: re-allow no-op changes on non-primary planes in async flips Thorsten Blum <thorsten.blum(a)linux.dev> crypto: octeontx2 - Call strscpy() with correct size argument Val Packett <val(a)packett.cool> drm/dp: drm_edp_backlight_set_level: do not always send 3-byte commands Chao Yu <chao(a)kernel.org> f2fs: fix to allow removing qf_name Chao Yu <chao(a)kernel.org> f2fs: fix to avoid NULL pointer dereference in f2fs_check_quota_consistency() Chao Yu <chao(a)kernel.org> f2fs: fix to clear unusable_cap for checkpoint=enable Thomas Fourier <fourier.thomas(a)gmail.com> scsi: myrs: Fix dma_alloc_coherent() error check Kuniyuki Iwashima <kuniyu(a)google.com> mptcp: Fix up subflow's memcg when CONFIG_SOCK_CGROUP_DATA=n. Niklas Cassel <cassel(a)kernel.org> scsi: pm80xx: Fix pm8001_abort_task() for chip_8006 when using an expander Niklas Cassel <cassel(a)kernel.org> scsi: pm80xx: Add helper function to get the local phy id Niklas Cassel <cassel(a)kernel.org> scsi: pm80xx: Use dev_parent_is_expander() helper Niklas Cassel <cassel(a)kernel.org> scsi: libsas: Add dev_parent_is_expander() helper Niklas Cassel <cassel(a)kernel.org> scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Niklas Cassel <cassel(a)kernel.org> scsi: pm80xx: Restore support for expanders Akhilesh Patil <akhilesh(a)ee.iitb.ac.in> fwctl/mlx5: Fix memory alloc/free in mlx5ctl_fw_rpc() Jorge Marques <jorge.marques(a)analog.com> docs: iio: ad3552r: Fix malformed code-block directive Arnd Bergmann <arnd(a)arndb.de> hwrng: nomadik - add ARM_AMBA dependency Thomas Fourier <fourier.thomas(a)gmail.com> crypto: keembay - Add missing check after sg_nents_for_len() Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/display: Add NULL pointer checks in dc_stream cursor attribute functions Liao Yuanhong <liaoyuanhong(a)vivo.com> drm/amd/display: Remove redundant semicolons Dan Carpenter <dan.carpenter(a)linaro.org> serial: max310x: Add error checking in probe() Dan Carpenter <dan.carpenter(a)linaro.org> misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl() Geert Uytterhoeven <geert+renesas(a)glider.be> PCI/pwrctrl: Fix double cleanup on devm_add_action_or_reset() failure Komal Bajaj <komal.bajaj(a)oss.qualcomm.com> usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls Dan Carpenter <dan.carpenter(a)linaro.org> usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup Aradhya Bhatia <aradhya.bhatia(a)linux.dev> drm/bridge: cdns-dsi: Fix the _atomic_check() Jonas Karlman <jonas(a)kwiboo.se> phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568 Jacopo Mondi <jacopo.mondi(a)ideasonboard.com> media: zoran: Remove zoran_fh structure Jack Xiao <Jack.Xiao(a)amd.com> drm/amdgpu: fix incorrect vm flags to map bo Jeongjun Park <aha310510(a)gmail.com> HID: steelseries: refactor probe() and remove() Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtw88: Lock rtwdev->mutex before setting the LED Chia-I Wu <olvaffe(a)gmail.com> drm/bridge: it6505: select REGMAP_I2C Chao Yu <chao(a)kernel.org> f2fs: fix to zero data after EOF for compressed file correctly Chao Yu <chao(a)kernel.org> f2fs: fix to avoid overflow while left shift operation Chao Yu <chao(a)kernel.org> f2fs: fix condition in __allow_reserved_blocks() Brahmajit Das <listout(a)listout.xyz> drm/radeon/r600_cs: clean up of dead code in r600_cs Dan Carpenter <dan.carpenter(a)linaro.org> PCI: xgene-msi: Return negative -EINVAL in xgene_msi_handler_setup() Dan Carpenter <dan.carpenter(a)linaro.org> PCI: endpoint: pci-ep-msi: Fix NULL vs IS_ERR() check in pci_epf_write_msi_msg() Xiang Liu <xiang.liu(a)amd.com> drm/amdgpu: Fix vcn v4.0.3 poison irq call trace on sriov guest Xiang Liu <xiang.liu(a)amd.com> drm/amdgpu: Fix jpeg v4.0.3 poison irq call trace on sriov guest Arnd Bergmann <arnd(a)arndb.de> drm/amdgpu: fix link error for !PM_SLEEP Brigham Campbell <me(a)brighamcampbell.com> drm/panel: novatek-nt35560: Fix invalid return value Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/display: Reduce Stack Usage by moving 'audio_output' into 'stream_res' v4 Colin Ian King <colin.i.king(a)gmail.com> drm/vmwgfx: fix missing assignment to ts Langyan Ye <yelangyan(a)huaqin.corp-partner.google.com> drm/panel-edp: Add 50ms disable delay for four panels Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> drm/display: bridge-connector: correct CEC bridge pointers in drm_bridge_connector_init Langyan Ye <yelangyan(a)huaqin.corp-partner.google.com> drm/panel-edp: Add disable to 100ms for MNB601LS1-4 Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> drm/sched: Fix a race in DRM_GPU_SCHED_STAT_NO_HANG test Dzmitry Sankouski <dsankouski(a)gmail.com> mfd: max77705: Setup the core driver as an interrupt controller Arnd Bergmann <arnd(a)arndb.de> i3c: fix big-endian FIFO transfers Daniel Borkmann <daniel(a)iogearbox.net> bpf: Enforce expected_attach_type for tailcall compatibility D. Wythe <alibuda(a)linux.alibaba.com> libbpf: Fix error when st-prefix_ops and ops from differ btf Kunihiko Hayashi <hayashi.kunihiko(a)socionext.com> i2c: designware: Add disabling clocks when probe fails Kunihiko Hayashi <hayashi.kunihiko(a)socionext.com> i2c: designware: Fix clock issue when PM is disabled Troy Mitchell <troy.mitchell(a)linux.spacemit.com> i2c: spacemit: ensure SDA is released after bus reset Troy Mitchell <troy.mitchell(a)linux.spacemit.com> i2c: spacemit: check SDA instead of SCL after bus reset Troy Mitchell <troy.mitchell(a)linux.spacemit.com> i2c: spacemit: disable SDA glitch fix to avoid restart delay Troy Mitchell <troy.mitchell(a)linux.spacemit.com> i2c: spacemit: remove stop function to avoid bus error Troy Mitchell <troy.mitchell(a)linux.spacemit.com> i2c: spacemit: ensure bus release check runs when wait_bus_idle() fails Leilk.Liu <leilk.liu(a)mediatek.com> i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> thermal/drivers/qcom/lmh: Add missing IRQ includes Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> thermal/drivers/qcom: Make LMH select QCOM_SCM André Almeida <andrealmeid(a)igalia.com> tools/nolibc: add stdbool.h to nolibc includes Vadim Pasternak <vadimp(a)nvidia.com> hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems Qi Xi <xiqi2(a)huawei.com> once: fix race by moving DO_ONCE to separate section Andrea Righi <arighi(a)nvidia.com> bpf: Mark kfuncs as __noclone Arnd Bergmann <arnd(a)arndb.de> clocksource/drivers/tegra186: Avoid 64-bit division Guenter Roeck <linux(a)roeck-us.net> clocksource/drivers/timer-tegra186: Avoid 64-bit divide operation Jonas Gorski <jonas.gorski(a)gmail.com> spi: fix return code when spi device has too many chipselects Zhouyi Zhou <zhouzhouyi(a)gmail.com> tools/nolibc: make time_t robust if __kernel_old_time_t is missing in host headers Dzmitry Sankouski <dsankouski(a)gmail.com> power: supply: max77705_charger: rework interrupts Dzmitry Sankouski <dsankouski(a)gmail.com> power: supply: max77705_charger: use regfields for config registers Dzmitry Sankouski <dsankouski(a)gmail.com> power: supply: max77705_charger: refactoring: rename charger to chg Dzmitry Sankouski <dsankouski(a)gmail.com> mfd: max77705: max77705_charger: move active discharge setting to mfd parent Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> smp: Fix up and expand the smp_call_function_many() kerneldoc Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> selftests: always install UAPI headers to the correct directory Janne Grunau <j(a)jannau.net> arm64: dts: apple: Add ethernet0 alias for J375 template Hector Martin <marcan(a)marcan.st> arm64: dts: apple: t600x: Add bluetooth device nodes Hector Martin <marcan(a)marcan.st> arm64: dts: apple: t600x: Add missing WiFi properties Hengqi Chen <hengqi.chen(a)gmail.com> bpf, arm64: Call bpf_jit_binary_pack_finalize() in bpf_jit_free() Eduard Zingerman <eddyz87(a)gmail.com> bpf: dont report verifier bug for missing bpf_scc_visit on speculative path Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> selftest/futex: Compile also with libnuma < 2.0.16 André Almeida <andrealmeid(a)igalia.com> selftest/futex: Make the error check more precise for futex_numa_mpol Dan Carpenter <dan.carpenter(a)linaro.org> selftests/futex: Fix futex_wait() for 32bit ARM Mikko Rapeli <mikko.rapeli(a)linaro.org> mmc: select REGMAP_MMIO with MMC_LOONGSON2 Paul Chaignon <paul.chaignon(a)gmail.com> bpf: Explicitly check accesses to bpf_sock_addr Yu Kuai <yukuai3(a)huawei.com> blk-throttle: fix throtl_data leak during disk release Yi Lai <yi1.lai(a)intel.com> selftests/kselftest_harness: Add harness-selftest.expected to TEST_FILES Akhilesh Patil <akhilesh(a)ee.iitb.ac.in> selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported John Garry <john.g.garry(a)oracle.com> block: fix stacking of atomic writes when atomics are not supported John Garry <john.g.garry(a)oracle.com> block: update validation of atomic writes boundary for stacked devices Stanley Chu <stanley.chuys(a)gmail.com> i3c: master: svc: Recycle unused IBI slot Stanley Chu <yschu(a)nuvoton.com> i3c: master: svc: Use manual response for IBI events Martin George <martinus.gpy(a)gmail.com> nvme-tcp: send only permitted commands for secure concat Daniel Wagner <wagi(a)kernel.org> nvmet-fcloop: call done callback even when remote port is gone Daniel Wagner <wagi(a)kernel.org> nvmet-fc: move lsop put work to nvmet_fc_ls_req_op Martin George <martinus.gpy(a)gmail.com> nvme-auth: update bi_directional flag Hengqi Chen <hengqi.chen(a)gmail.com> riscv, bpf: Sign extend struct ops return values properly Dmitry Antipov <dmantipov(a)yandex.ru> ACPICA: Fix largest possible resource descriptor index Ahmed Salem <x0rw3ll(a)gmail.com> ACPICA: Apply ACPI_NONSTRING Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: tiehrpwm: Fix corner case in clock divisor calculation Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: tiehrpwm: Fix various off-by-one errors in duty-cycle calculation Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: tiehrpwm: Make code comment in .free() more useful Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: tiehrpwm: Don't drop runtime PM reference in .free() Chen-Yu Tsai <wens(a)csie.org> arm64: dts: allwinner: t527: orangepi-4a: hook up external 32k crystal Chen-Yu Tsai <wens(a)csie.org> arm64: dts: allwinner: t527: avaota-a1: hook up external 32k crystal Chen-Yu Tsai <wens(a)csie.org> arm64: dts: allwinner: a527: cubie-a5e: Drop external 32.768 KHz crystal Chen-Yu Tsai <wens(a)csie.org> arm64: dts: allwinner: a527: cubie-a5e: Add LEDs AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mediatek: mt8516-pumpkin: Fix machine compatible AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mediatek: mt8395-kontron-i1200: Fix MT6360 regulator nodes AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mediatek: mt7986a: Fix PCI-Express T-PHY node address AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mediatek: mt6795-xperia-m5: Fix mmc0 latch-ck value Bean Huo <beanhuo(a)micron.com> mmc: core: Fix variable shadowing in mmc_route_rpmb_frames() AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mediatek: mt6331: Fix pmic, regulators, rtc, keys node names Biju Das <biju.das.jz(a)bp.renesas.com> arm64: dts: renesas: r9a09g047e57-smarc: Fix gpio key's pin control node Akashdeep Kaur <a-kaur(a)ti.com> arm64: dts: ti: k3-pinctrl: Fix the bug in existing macros Chen-Yu Tsai <wenst(a)chromium.org> arm64: dts: mediatek: mt8186-tentacruel: Fix touchscreen model Chen-Yu Tsai <wenst(a)chromium.org> arm64: dts: mediatek: mt8188: Change efuse fallback compatible to mt8186 Beleswar Padhi <b-padhi(a)ti.com> Revert "arm64: dts: ti: k3-j721e-beagleboneai64: Fix reversed C6x carveout locations" Beleswar Padhi <b-padhi(a)ti.com> Revert "arm64: dts: ti: k3-j721e-sk: Fix reversed C6x carveout locations" Beleswar Padhi <b-padhi(a)ti.com> arm64: dts: ti: k3: Rename rproc reserved-mem nodes to 'memory@addr' Beleswar Padhi <b-padhi(a)ti.com> arm64: dts: ti: k3-j742s2-mcu-wakeup: Override firmware-name for MCU R5F cores Sebastian Reichel <sebastian.reichel(a)collabora.com> arm64: dts: rockchip: Fix network on rk3576 evb1 board Alexey Charkov <alchark(a)gmail.com> arm64: dts: rockchip: Add WiFi on rk3576-evb1-v10 Alexey Charkov <alchark(a)gmail.com> arm64: dts: rockchip: Add RTC on rk3576-evb1-v10 Chen-Yu Tsai <wens(a)csie.org> arm64: dts: allwinner: t527: avaota-a1: Add ethernet PHY reset setting Chen-Yu Tsai <wens(a)csie.org> arm64: dts: allwinner: a527: cubie-a5e: Add ethernet PHY reset setting Yu Kuai <yukuai3(a)huawei.com> blk-mq: fix potential deadlock while nr_requests grown Yu Kuai <yukuai3(a)huawei.com> blk-mq-sched: add new parameter nr_requests in blk_mq_alloc_sched_tags() Yu Kuai <yukuai3(a)huawei.com> blk-mq: split bitmap grow and resize case in blk_mq_update_nr_requests() Yu Kuai <yukuai3(a)huawei.com> blk-mq: cleanup shared tags case in blk_mq_update_nr_requests() Yu Kuai <yukuai3(a)huawei.com> blk-mq: convert to serialize updating nr_requests with update_nr_hwq_lock Yu Kuai <yukuai3(a)huawei.com> blk-mq: check invalid nr_requests in queue_requests_store() Yu Kuai <yukuai3(a)huawei.com> blk-mq: remove useless checkings in blk_mq_update_nr_requests() Yu Kuai <yukuai3(a)huawei.com> block: fix ordering of recursive split IO Yu Kuai <yukuai3(a)huawei.com> block: skip unnecessary checks for split bio Yu Kuai <yukuai3(a)huawei.com> block: factor out a helper bio_submit_split_bioset() Yu Kuai <yukuai3(a)huawei.com> block: initialize bio issue time in blk_mq_submit_bio() Yu Kuai <yukuai3(a)huawei.com> block: cleanup bio_issue Johan Hovold <johan(a)kernel.org> cpuidle: qcom-spm: fix device and OF node leaks at probe Johan Hovold <johan(a)kernel.org> soc: mediatek: mtk-svs: fix device leaks on mt8192 probe failure Johan Hovold <johan(a)kernel.org> soc: mediatek: mtk-svs: fix device leaks on mt8183 probe failure Xianwei Zhao <xianwei.zhao(a)amlogic.com> dts: arm: amlogic: fix pwm node for c3 Johan Hovold <johan(a)kernel.org> firmware: firmware: meson-sm: fix compile-test default Nicolas Frattaroli <nicolas.frattaroli(a)collabora.com> PM / devfreq: rockchip-dfi: double count on RK3588 Eric Dumazet <edumazet(a)google.com> nbd: restrict sockets to TCP and UDP Rob Herring (Arm) <robh(a)kernel.org> arm64: dts: mediatek: mt8183: Fix out of range pull values Guoqing Jiang <guoqing.jiang(a)canonical.com> arm64: dts: mediatek: mt8195: Remove suspend-breaking reset from pcie0 Bibo Mao <maobibo(a)loongson.cn> tick: Do not set device to detached state in tick_shutdown() Dan Carpenter <dan.carpenter(a)linaro.org> irqchip/gic-v5: Fix error handling in gicv5_its_irq_domain_alloc() Dan Carpenter <dan.carpenter(a)linaro.org> irqchip/gic-v5: Fix loop in gicv5_its_create_itt_two_level() cleanup path Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> selftests: vDSO: vdso_test_abi: Correctly skip whole test with missing vDSO Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> selftests: vDSO: Fix -Wunitialized in powerpc VDSO_CALL() wrapper Han Guangjiang <hanguangjiang(a)lixiang.com> blk-throttle: fix access race during throttle policy activation Genjian Zhang <zhanggenjian(a)kylinos.cn> null_blk: Fix the description of the cache_size module argument Yulin Lu <luyulin(a)eswincomputing.com> pinctrl: eswin: Fix regulator error check and Kconfig dependency Qianfeng Rong <rongqianfeng(a)vivo.com> pinctrl: renesas: Use int type to store negative error codes Eugene Shalygin <eugene.shalygin(a)gmail.com> hwmon: (asus-ec-sensors) Narrow lock for X870E-CREATOR WIFI Andy Yan <andyshrk(a)163.com> power: supply: cw2015: Fix a alignment coding style issue Dan Carpenter <dan.carpenter(a)linaro.org> PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() Jihed Chaibi <jihed.chaibi.dev(a)gmail.com> ARM: dts: omap: am335x-cm-t335: Remove unused mcasp num-serializer property Jihed Chaibi <jihed.chaibi.dev(a)gmail.com> ARM: dts: ti: omap: omap3-devkit8000-lcd: Fix ti,keep-vref-on property to use correct boolean syntax in DTS Jihed Chaibi <jihed.chaibi.dev(a)gmail.com> ARM: dts: ti: omap: am335x-baltos: Fix ti,en-ck32k-xtal property in DTS to use correct boolean syntax Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> vdso: Add struct __kernel_old_timeval forward declaration to gettime.h Yu Kuai <yukuai3(a)huawei.com> blk-mq: fix elevator depth_updated method Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PM: sleep: core: Clear power.must_resume in noirq suspend error path Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> vdso/datastore: Gate time data behind CONFIG_GENERIC_GETTIMEOFDAY Ricardo B. Marlière <rbm(a)suse.com> selftests/bpf: Fix count write in testapp_xdp_metadata_copy() Brian Norris <briannorris(a)chromium.org> genirq/test: Ensure CPU 1 is online for hotplug test Brian Norris <briannorris(a)chromium.org> genirq/test: Drop CONFIG_GENERIC_IRQ_MIGRATION assumptions Brian Norris <briannorris(a)chromium.org> genirq/test: Depend on SPARSE_IRQ Brian Norris <briannorris(a)chromium.org> genirq/test: Select IRQ_DOMAIN David Gow <davidgow(a)google.com> genirq/test: Fix depth tests on architectures with NOREQUEST by default. Rob Herring (Arm) <robh(a)kernel.org> dt-bindings: vendor-prefixes: Add undocumented vendor prefixes Jihed Chaibi <jihed.chaibi.dev(a)gmail.com> ARM: dts: stm32: stm32mp151c-plyaqm: Use correct dai-format property Qianfeng Rong <rongqianfeng(a)vivo.com> block: use int to store blk_stack_limits() return value Inochi Amaoto <inochiama(a)gmail.com> PCI/MSI: Check MSI_FLAG_PCI_MSI_MASK_PARENT in cond_[startup|shutdown]_parent() Andrei Lalaev <andrei.lalaev(a)anton-paar.com> leds: leds-lp55xx: Use correct address for memory programming Benjamin Berg <benjamin.berg(a)intel.com> selftests/nolibc: fix EXPECT_NZ macro Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> tools/nolibc: avoid error in dup2() if old fd equals new fd Waiman Long <longman(a)redhat.com> selftests/futex: Fix some futex_numa_mpol subtests Qianfeng Rong <rongqianfeng(a)vivo.com> regulator: scmi: Use int type to store negative error codes Janne Grunau <j(a)jannau.net> arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map Nicolas Ferre <nicolas.ferre(a)microchip.com> ARM: at91: pm: fix MCKx restore routine Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> selftests/futex: Remove the -g parameter from futex_priv_hash Li Nan <linan122(a)huawei.com> blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx Da Xue <da(a)libre.computer> pinctrl: meson-gxl: add missing i2c_d pinmux Sneh Mankad <sneh.mankad(a)oss.qualcomm.com> soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS Vlastimil Babka <vbabka(a)suse.cz> scripts/misc-check: update export checks for EXPORT_SYMBOL_FOR_MODULES() Inochi Amaoto <inochiama(a)gmail.com> irqchip/sg2042-msi: Fix broken affinity setting Inochi Amaoto <inochiama(a)gmail.com> PCI/MSI: Add startup/shutdown for per device domains Inochi Amaoto <inochiama(a)gmail.com> genirq: Add irq_chip_(startup/shutdown)_parent() Huisong Li <lihuisong(a)huawei.com> ACPI: processor: idle: Fix memory leak when register cpuidle device failed Tao Chen <chen.dylane(a)linux.dev> bpf: Remove preempt_disable in bpf_try_get_buffers Joy Zou <joy.zou(a)nxp.com> arm64: dts: imx95: Correct the lpuart7 and lpuart8 srcid Frieder Schrempf <frieder.schrempf(a)kontron.de> arm64: dts: imx93-kontron: Fix USB port assignment Annette Kobou <annette.kobou(a)kontron.de> arm64: dts: imx93-kontron: Fix GPIO for panel regulator Junnan Wu <junnan01.wu(a)samsung.com> firmware: arm_scmi: Mark VirtIO ready before registering scmi_virtio_driver Mykyta Yatsenko <yatsenko(a)meta.com> libbpf: Export bpf_object__prepare symbol Marek Vasut <marek.vasut+renesas(a)mailbox.org> arm64: dts: renesas: sparrow-hawk: Set VDDQ18_25_AVB voltage on EVTB1 Marek Vasut <marek.vasut+renesas(a)mailbox.org> arm64: dts: renesas: sparrow-hawk: Invert microSD voltage selector on EVTB1 Florian Fainelli <florian.fainelli(a)broadcom.com> cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus() Ilya Leoshkevich <iii(a)linux.ibm.com> s390/bpf: Write back tail call counter for BPF_TRAMP_F_CALL_ORIG Ilya Leoshkevich <iii(a)linux.ibm.com> s390/bpf: Write back tail call counter for BPF_PSEUDO_CALL Ilya Leoshkevich <iii(a)linux.ibm.com> s390/bpf: Do not write tail call counter into helper and kfunc frames Fenglin Wu <fenglin.wu(a)oss.qualcomm.com> leds: flash: leds-qcom-flash: Update torch current clamp setting Len Bao <len.bao(a)gmx.us> leds: max77705: Function return instead of variable assignment Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: renesas: porter: Fix CAN pin group Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> tools/nolibc: fix error return value of clock_nanosleep() Yureka Lilian <yuka(a)yuka.dev> libbpf: Fix reuse of DEVMAP Tao Chen <chen.dylane(a)linux.dev> bpf: Remove migrate_disable in kprobe_multi_link_prog_run Matt Bobrowski <mattbobrowski(a)google.com> bpf/selftests: Fix test_tcpnotify_user Baptiste Lepers <baptiste.lepers(a)gmail.com> rust: cpumask: Mark CpumaskVar as transparent Amery Hung <ameryhung(a)gmail.com> selftests/bpf: Copy test_kmods when installing selftest Geert Uytterhoeven <geert+renesas(a)glider.be> regmap: Remove superfluous check for !config in __regmap_init() Paul Chaignon <paul.chaignon(a)gmail.com> bpf: Tidy verifier bug message Biju Das <biju.das.jz(a)bp.renesas.com> arm64: dts: renesas: rzg2lc-smarc: Disable CAN-FD channel0 Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> pinctrl: renesas: rzg2l: Fix invalid unsigned return in rzg3s_oen_read() Qu Wenruo <wqu(a)suse.com> btrfs: fix symbolic link reading when bs > ps Qu Wenruo <wqu(a)suse.com> btrfs: return any hit error from extent_writepage_io() Chen Ridong <chenridong(a)huawei.com> cpuset: fix failure to enable isolated partition when containing isolcpus Randy Dunlap <rdunlap(a)infradead.org> lsm: CONFIG_LSM can depend on CONFIG_SECURITY Peter Zijlstra <peterz(a)infradead.org> sched/fair: Get rid of sched_domains_curr_level hack for tl->cpumask() Michal Koutný <mkoutny(a)suse.com> selftests: cgroup: Make test_pids backwards compatible Uros Bizjak <ubizjak(a)gmail.com> x86/vdso: Fix output operand size of RDPID Dapeng Mi <dapeng1.mi(a)linux.intel.com> perf/x86/intel: Fix IA32_PMC_x_CFG_B MSRs access error Dapeng Mi <dapeng1.mi(a)linux.intel.com> perf/x86/intel: Use early_initcall() to hook bts_init() Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller Stefan Metzmacher <metze(a)samba.org> smb: server: fix IRD/ORD negotiation with the client Stefan Metzmacher <metze(a)samba.org> smb: client: fix sending the iwrap custom IRD/ORD negotiation messages Gao Xiang <xiang(a)kernel.org> erofs: avoid reading more for fragment maps Leo Yan <leo.yan(a)arm.com> perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Leo Yan <leo.yan(a)arm.com> coresight: trbe: Prevent overflow in PERF_IDX2OFF() Chunyan Zhang <zhangchunyan(a)iscas.ac.cn> raid6: riscv: Clean up unused header file inclusion Jeremy Linton <jeremy.linton(a)arm.com> uprobes: uprobe_warn should use passed task Joe Lawrence <joe.lawrence(a)redhat.com> powerpc64/modules: correctly iterate over stubs in setup_ftrace_ool_stubs Joe Lawrence <joe.lawrence(a)redhat.com> powerpc/ftrace: ensure ftrace record ops are always set for NOPs Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/603: Really copy kernel PGD entries into all PGDIRs Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/8xx: Remove left-over instruction and comments in DataStoreTLBMiss handler Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Add proper lockspace locking Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: do_xmote cleanup Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Get rid of GLF_INVALIDATE_IN_PROGRESS Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Remove duplicate check in do_xmote Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Fix LM_FLAG_TRY* logic in add_to_queue Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Further sanitize lock_dlm.c Colin Ian King <colin.i.king(a)gmail.com> gfs2: Remove space before newline Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Fix GLF_INVALIDATE_IN_PROGRESS flag clearing in do_xmote Kang Chen <k.chen(a)smail.nju.edu.cn> hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() Thomas Weißschuh <linux(a)weissschuh.net> kselftest/arm64/gcs: Correctly check return value when disabling GCS Bala-Vignesh-Reddy <reddybalavignesh9979(a)gmail.com> selftests: arm64: Fix -Waddress warning in tpidr2 test Bala-Vignesh-Reddy <reddybalavignesh9979(a)gmail.com> selftests: arm64: Check fread return value in exec_target Kienan Stewart <kstewart(a)efficios.com> kbuild: Add missing $(objtree) prefix to powerpc crtsavres.o artifact Johannes Nixdorf <johannes(a)nixdorf.dev> seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast Linus Torvalds <torvalds(a)linux-foundation.org> Fix CC_HAS_ASM_GOTO_OUTPUT on non-x86 architectures Christian Göttsche <cgzones(a)googlemail.com> pid: use ns_capable_noaudit() when determining net sysctl permissions Geert Uytterhoeven <geert+renesas(a)glider.be> init: INITRAMFS_PRESERVE_MTIME should depend on BLK_DEV_INITRD Jeff Layton <jlayton(a)kernel.org> filelock: add FL_RECLAIM to show_fl_flags() macro Simon Schuster <schuster.simon(a)siemens-energy.com> arch: copy_thread: pass clone_flags as u64 ------------- Diffstat: .../devicetree/bindings/vendor-prefixes.yaml | 50 ++++ Documentation/iio/ad3552r.rst | 3 +- Documentation/trace/histogram-design.rst | 4 +- Makefile | 4 +- arch/alpha/kernel/process.c | 2 +- arch/arc/kernel/process.c | 2 +- arch/arm/boot/dts/renesas/r8a7791-porter.dts | 2 +- arch/arm/boot/dts/st/stm32mp151c-plyaqm.dts | 2 +- arch/arm/boot/dts/ti/omap/am335x-baltos.dtsi | 2 +- arch/arm/boot/dts/ti/omap/am335x-cm-t335.dts | 2 - .../dts/ti/omap/omap3-devkit8000-lcd-common.dtsi | 2 +- arch/arm/kernel/process.c | 2 +- arch/arm/mach-at91/pm_suspend.S | 4 +- .../boot/dts/allwinner/sun55i-a527-cubie-a5e.dts | 25 +- .../boot/dts/allwinner/sun55i-t527-avaota-a1.dts | 11 + .../boot/dts/allwinner/sun55i-t527-orangepi-4a.dts | 8 + arch/arm64/boot/dts/amlogic/amlogic-c3.dtsi | 2 +- arch/arm64/boot/dts/apple/t6000-j314s.dts | 8 + arch/arm64/boot/dts/apple/t6000-j316s.dts | 8 + arch/arm64/boot/dts/apple/t6001-j314c.dts | 8 + arch/arm64/boot/dts/apple/t6001-j316c.dts | 8 + arch/arm64/boot/dts/apple/t6001-j375c.dts | 8 + arch/arm64/boot/dts/apple/t6002-j375d.dts | 8 + arch/arm64/boot/dts/apple/t600x-j314-j316.dtsi | 10 + arch/arm64/boot/dts/apple/t600x-j375.dtsi | 11 + arch/arm64/boot/dts/apple/t8103-j457.dts | 12 +- .../boot/dts/freescale/imx93-kontron-bl-osm-s.dts | 32 ++- arch/arm64/boot/dts/freescale/imx95.dtsi | 4 +- arch/arm64/boot/dts/mediatek/mt6331.dtsi | 10 +- .../boot/dts/mediatek/mt6795-sony-xperia-m5.dts | 2 +- arch/arm64/boot/dts/mediatek/mt7986a.dtsi | 12 +- arch/arm64/boot/dts/mediatek/mt8183-kukui.dtsi | 14 +- arch/arm64/boot/dts/mediatek/mt8183-pumpkin.dts | 14 +- .../boot/dts/mediatek/mt8186-corsola-krabby.dtsi | 8 +- .../mt8186-corsola-tentacruel-sku262144.dts | 4 + arch/arm64/boot/dts/mediatek/mt8188.dtsi | 2 +- arch/arm64/boot/dts/mediatek/mt8195.dtsi | 3 - .../dts/mediatek/mt8395-kontron-3-5-sbc-i1200.dts | 16 +- arch/arm64/boot/dts/mediatek/mt8516-pumpkin.dts | 2 +- arch/arm64/boot/dts/qcom/qcm2290.dtsi | 1 + .../boot/dts/renesas/r8a779g3-sparrow-hawk.dts | 6 +- arch/arm64/boot/dts/renesas/r9a09g047e57-smarc.dts | 6 +- arch/arm64/boot/dts/renesas/rzg2lc-smarc.dtsi | 5 +- arch/arm64/boot/dts/rockchip/rk3576-evb1-v10.dts | 118 ++++++++- arch/arm64/boot/dts/ti/k3-am62-phycore-som.dtsi | 10 +- arch/arm64/boot/dts/ti/k3-am62-pocketbeagle2.dts | 6 +- arch/arm64/boot/dts/ti/k3-am62-verdin.dtsi | 2 +- arch/arm64/boot/dts/ti/k3-am625-beagleplay.dts | 2 +- arch/arm64/boot/dts/ti/k3-am62a-phycore-som.dtsi | 12 +- arch/arm64/boot/dts/ti/k3-am62a7-sk.dts | 12 +- arch/arm64/boot/dts/ti/k3-am62d2-evm.dts | 14 +- arch/arm64/boot/dts/ti/k3-am62p-verdin.dtsi | 2 +- arch/arm64/boot/dts/ti/k3-am62p5-sk.dts | 8 +- arch/arm64/boot/dts/ti/k3-am62x-sk-common.dtsi | 8 +- arch/arm64/boot/dts/ti/k3-am64-phycore-som.dtsi | 22 +- arch/arm64/boot/dts/ti/k3-am642-evm.dts | 22 +- arch/arm64/boot/dts/ti/k3-am642-sk.dts | 22 +- arch/arm64/boot/dts/ti/k3-am642-sr-som.dtsi | 16 +- arch/arm64/boot/dts/ti/k3-am642-tqma64xxl.dtsi | 18 +- arch/arm64/boot/dts/ti/k3-am65-iot2050-common.dtsi | 10 +- arch/arm64/boot/dts/ti/k3-am654-base-board.dts | 10 +- arch/arm64/boot/dts/ti/k3-am67a-beagley-ai.dts | 22 +- arch/arm64/boot/dts/ti/k3-am68-phycore-som.dtsi | 34 +-- arch/arm64/boot/dts/ti/k3-am68-sk-som.dtsi | 34 +-- arch/arm64/boot/dts/ti/k3-am69-sk.dts | 48 ++-- arch/arm64/boot/dts/ti/k3-j7200-som-p0.dtsi | 18 +- arch/arm64/boot/dts/ti/k3-j721e-beagleboneai64.dts | 40 +-- arch/arm64/boot/dts/ti/k3-j721e-sk.dts | 40 +-- arch/arm64/boot/dts/ti/k3-j721e-som-p0.dtsi | 38 +-- arch/arm64/boot/dts/ti/k3-j721s2-som-p0.dtsi | 34 +-- arch/arm64/boot/dts/ti/k3-j722s-evm.dts | 22 +- arch/arm64/boot/dts/ti/k3-j742s2-mcu-wakeup.dtsi | 17 ++ arch/arm64/boot/dts/ti/k3-j742s2.dtsi | 1 + arch/arm64/boot/dts/ti/k3-j784s4-evm.dts | 4 +- .../boot/dts/ti/k3-j784s4-j742s2-evm-common.dtsi | 44 ++-- arch/arm64/boot/dts/ti/k3-pinctrl.h | 4 +- arch/arm64/kernel/process.c | 2 +- arch/arm64/net/bpf_jit_comp.c | 3 +- arch/csky/kernel/process.c | 2 +- arch/hexagon/kernel/process.c | 2 +- arch/loongarch/kernel/process.c | 2 +- arch/loongarch/kernel/relocate.c | 4 + arch/loongarch/net/bpf_jit.c | 80 ++++-- arch/m68k/kernel/process.c | 2 +- arch/microblaze/kernel/process.c | 2 +- arch/mips/kernel/process.c | 2 +- arch/nios2/kernel/process.c | 2 +- arch/openrisc/kernel/process.c | 2 +- arch/parisc/kernel/process.c | 2 +- arch/powerpc/Kconfig | 4 + arch/powerpc/Makefile | 2 +- arch/powerpc/include/asm/book3s/32/pgalloc.h | 10 +- arch/powerpc/include/asm/nohash/pgalloc.h | 2 +- arch/powerpc/include/asm/topology.h | 2 + arch/powerpc/kernel/head_8xx.S | 9 +- arch/powerpc/kernel/module_64.c | 2 +- arch/powerpc/kernel/process.c | 2 +- arch/powerpc/kernel/smp.c | 27 +- arch/powerpc/kernel/trace/ftrace.c | 10 +- arch/riscv/kernel/process.c | 2 +- arch/riscv/kvm/vmid.c | 3 +- arch/riscv/net/bpf_jit_comp64.c | 42 +++- arch/s390/kernel/process.c | 2 +- arch/s390/kernel/topology.c | 20 +- arch/s390/net/bpf_jit_comp.c | 42 +++- arch/sh/kernel/process_32.c | 2 +- arch/sparc/kernel/process_32.c | 2 +- arch/sparc/kernel/process_64.c | 2 +- arch/sparc/lib/M7memcpy.S | 20 +- arch/sparc/lib/Memcpy_utils.S | 9 + arch/sparc/lib/NG4memcpy.S | 2 +- arch/sparc/lib/NGmemcpy.S | 29 ++- arch/sparc/lib/U1memcpy.S | 19 +- arch/sparc/lib/U3memcpy.S | 2 +- arch/um/kernel/process.c | 2 +- arch/x86/events/intel/bts.c | 2 +- arch/x86/events/intel/core.c | 3 +- arch/x86/include/asm/fpu/sched.h | 2 +- arch/x86/include/asm/segment.h | 8 +- arch/x86/include/asm/shstk.h | 4 +- arch/x86/kernel/fpu/core.c | 2 +- arch/x86/kernel/process.c | 2 +- arch/x86/kernel/shstk.c | 2 +- arch/x86/kernel/smpboot.c | 8 +- arch/x86/kvm/svm/svm.c | 12 +- arch/xtensa/kernel/process.c | 2 +- block/bfq-iosched.c | 22 +- block/bio.c | 2 +- block/blk-cgroup.c | 6 - block/blk-cgroup.h | 12 +- block/blk-core.c | 19 +- block/blk-iolatency.c | 14 +- block/blk-merge.c | 64 +++-- block/blk-mq-sched.c | 14 +- block/blk-mq-sched.h | 13 +- block/blk-mq-sysfs.c | 6 +- block/blk-mq-tag.c | 23 +- block/blk-mq.c | 84 ++++--- block/blk-mq.h | 18 +- block/blk-settings.c | 44 ++-- block/blk-sysfs.c | 57 ++++- block/blk-throttle.c | 15 +- block/blk-throttle.h | 18 +- block/blk.h | 45 +--- block/elevator.c | 3 +- block/elevator.h | 2 +- block/kyber-iosched.c | 19 +- block/mq-deadline.c | 16 +- crypto/842.c | 6 +- crypto/asymmetric_keys/x509_cert_parser.c | 16 +- crypto/lz4.c | 6 +- crypto/lz4hc.c | 6 +- crypto/lzo-rle.c | 6 +- crypto/lzo.c | 6 +- drivers/accel/amdxdna/aie2_ctx.c | 6 +- drivers/acpi/acpica/aclocal.h | 2 +- drivers/acpi/nfit/core.c | 2 +- drivers/acpi/processor_idle.c | 3 + drivers/base/node.c | 4 + drivers/base/power/main.c | 14 +- drivers/base/regmap/regmap.c | 2 +- drivers/block/nbd.c | 8 + drivers/block/null_blk/main.c | 2 +- drivers/bluetooth/btintel_pcie.c | 218 ++++++---------- drivers/bluetooth/btintel_pcie.h | 2 + drivers/bus/fsl-mc/fsl-mc-bus.c | 3 + drivers/cdx/Kconfig | 1 - drivers/cdx/cdx.c | 4 +- drivers/cdx/controller/Kconfig | 1 - drivers/cdx/controller/cdx_controller.c | 3 +- drivers/char/hw_random/Kconfig | 1 + drivers/char/hw_random/ks-sa-rng.c | 4 + drivers/char/tpm/Kconfig | 2 +- drivers/clocksource/timer-tegra186.c | 4 +- drivers/cpufreq/scmi-cpufreq.c | 10 + drivers/cpuidle/cpuidle-qcom-spm.c | 7 +- drivers/crypto/hisilicon/debugfs.c | 1 + drivers/crypto/hisilicon/hpre/hpre_main.c | 86 +++++-- drivers/crypto/hisilicon/qm.c | 45 +++- drivers/crypto/hisilicon/sec2/sec_main.c | 126 +++++++--- drivers/crypto/hisilicon/zip/zip_main.c | 102 +++++--- .../crypto/intel/keembay/keembay-ocs-hcu-core.c | 5 +- .../crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 2 +- drivers/crypto/nx/nx-common-powernv.c | 6 +- drivers/crypto/nx/nx-common-pseries.c | 6 +- drivers/devfreq/event/rockchip-dfi.c | 7 +- drivers/devfreq/mtk-cci-devfreq.c | 3 +- drivers/edac/i10nm_base.c | 14 ++ drivers/firmware/arm_scmi/transports/virtio.c | 3 + drivers/firmware/efi/Kconfig | 7 +- drivers/firmware/meson/Kconfig | 2 +- drivers/fwctl/mlx5/main.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 20 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ring.h | 13 +- drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.c | 170 ++++++++++--- drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.h | 11 + drivers/gpu/drm/amd/amdgpu/jpeg_v1_0.c | 2 +- drivers/gpu/drm/amd/amdgpu/jpeg_v4_0_3.c | 2 +- drivers/gpu/drm/amd/amdgpu/uvd_v3_1.c | 29 ++- drivers/gpu/drm/amd/amdgpu/vcn_v2_5.c | 27 +- drivers/gpu/drm/amd/amdgpu/vcn_v3_0.c | 1 - drivers/gpu/drm/amd/amdgpu/vcn_v4_0.c | 2 +- drivers/gpu/drm/amd/amdgpu/vcn_v4_0_3.c | 4 +- drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c | 2 - drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 2 +- drivers/gpu/drm/amd/display/dc/core/dc_stream.c | 8 +- .../display/dc/dml/dcn32/display_rq_dlg_calc_32.c | 1 - .../drm/amd/display/dc/hwss/dce110/dce110_hwseq.c | 32 ++- drivers/gpu/drm/amd/display/dc/inc/core_types.h | 5 +- .../amd/display/dc/link/accessories/link_dp_cts.c | 12 +- .../amd/display/dc/resource/dcn31/dcn31_resource.c | 5 +- .../amd/display/dc/resource/dcn31/dcn31_resource.h | 3 +- drivers/gpu/drm/amd/pm/amdgpu_dpm_internal.c | 7 + drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c | 92 +++++-- drivers/gpu/drm/bridge/Kconfig | 1 + drivers/gpu/drm/bridge/cadence/cdns-dsi-core.c | 4 +- drivers/gpu/drm/display/drm_bridge_connector.c | 4 + drivers/gpu/drm/display/drm_dp_helper.c | 4 +- drivers/gpu/drm/drm_atomic_uapi.c | 23 +- drivers/gpu/drm/drm_panel.c | 73 +++++- .../gpu/drm/msm/disp/dpu1/dpu_encoder_phys_wb.c | 2 +- drivers/gpu/drm/msm/disp/dpu1/dpu_plane.c | 4 + drivers/gpu/drm/msm/disp/mdp4/mdp4_kms.c | 6 +- drivers/gpu/drm/msm/msm_drv.c | 1 + drivers/gpu/drm/msm/msm_gem_vma.c | 31 ++- drivers/gpu/drm/msm/msm_kms.c | 5 +- drivers/gpu/drm/panel/panel-edp.c | 20 +- drivers/gpu/drm/panel/panel-novatek-nt35560.c | 2 +- drivers/gpu/drm/radeon/r600_cs.c | 4 +- drivers/gpu/drm/scheduler/tests/mock_scheduler.c | 2 +- drivers/gpu/drm/scheduler/tests/sched_tests.h | 7 +- drivers/gpu/drm/scheduler/tests/tests_basic.c | 4 +- drivers/gpu/drm/vmwgfx/vmwgfx_fence.c | 2 +- drivers/hid/hid-ids.h | 2 + drivers/hid/hid-quirks.c | 2 + drivers/hid/hid-steelseries.c | 108 +++----- drivers/hid/hidraw.c | 262 ++++++++++--------- drivers/hid/i2c-hid/i2c-hid-core.c | 46 ++-- drivers/hid/i2c-hid/i2c-hid-of-elan.c | 11 +- drivers/hwmon/asus-ec-sensors.c | 2 +- drivers/hwmon/mlxreg-fan.c | 24 +- drivers/hwtracing/coresight/coresight-catu.c | 31 ++- drivers/hwtracing/coresight/coresight-catu.h | 1 + drivers/hwtracing/coresight/coresight-core.c | 6 +- drivers/hwtracing/coresight/coresight-cpu-debug.c | 6 +- drivers/hwtracing/coresight/coresight-ctcu-core.c | 10 +- drivers/hwtracing/coresight/coresight-etb10.c | 10 +- drivers/hwtracing/coresight/coresight-etm3x-core.c | 9 +- drivers/hwtracing/coresight/coresight-etm4x-core.c | 41 +-- .../hwtracing/coresight/coresight-etm4x-sysfs.c | 1 + drivers/hwtracing/coresight/coresight-etm4x.h | 6 +- drivers/hwtracing/coresight/coresight-funnel.c | 42 +--- drivers/hwtracing/coresight/coresight-replicator.c | 40 +-- drivers/hwtracing/coresight/coresight-stm.c | 13 +- drivers/hwtracing/coresight/coresight-syscfg.c | 2 +- drivers/hwtracing/coresight/coresight-tmc-core.c | 26 +- drivers/hwtracing/coresight/coresight-tmc.h | 2 + drivers/hwtracing/coresight/coresight-tpda.c | 3 + drivers/hwtracing/coresight/coresight-tpiu.c | 14 +- drivers/hwtracing/coresight/coresight-trbe.c | 12 +- drivers/hwtracing/coresight/ultrasoc-smb.h | 1 + drivers/i2c/busses/i2c-designware-platdrv.c | 5 +- drivers/i2c/busses/i2c-k1.c | 71 ++++-- drivers/i2c/busses/i2c-mt65xx.c | 17 +- drivers/i3c/internals.h | 12 +- drivers/i3c/master/svc-i3c-master.c | 31 ++- drivers/iio/inkern.c | 30 +-- drivers/infiniband/core/addr.c | 10 +- drivers/infiniband/core/cm.c | 4 +- drivers/infiniband/core/sa_query.c | 6 +- drivers/infiniband/hw/mlx5/main.c | 67 ++++- drivers/infiniband/hw/mlx5/mlx5_ib.h | 5 + drivers/infiniband/sw/rxe/rxe_task.c | 8 +- drivers/infiniband/sw/siw/siw_verbs.c | 25 +- drivers/input/misc/uinput.c | 1 + drivers/input/touchscreen/atmel_mxt_ts.c | 2 +- drivers/iommu/intel/debugfs.c | 17 +- drivers/iommu/intel/iommu.h | 3 +- drivers/iommu/iommu-priv.h | 2 + drivers/iommu/iommu.c | 26 ++ drivers/iommu/iommufd/selftest.c | 2 +- drivers/irqchip/irq-gic-v5-its.c | 24 +- drivers/irqchip/irq-sg2042-msi.c | 18 +- drivers/leds/flash/leds-qcom-flash.c | 62 +++-- drivers/leds/leds-lp55xx-common.c | 2 +- drivers/leds/leds-max77705.c | 2 +- drivers/md/dm-core.h | 1 + drivers/md/dm-vdo/indexer/volume-index.c | 4 +- drivers/md/dm.c | 13 +- drivers/media/i2c/rj54n1cb0c.c | 9 +- drivers/media/i2c/vd55g1.c | 2 +- drivers/media/pci/zoran/zoran.h | 6 - drivers/media/pci/zoran/zoran_driver.c | 3 +- .../media/platform/st/sti/delta/delta-mjpeg-dec.c | 20 +- drivers/mfd/intel_soc_pmic_chtdc_ti.c | 2 + drivers/mfd/max77705.c | 38 ++- drivers/mfd/rz-mtu3.c | 2 +- drivers/mfd/vexpress-sysreg.c | 6 +- drivers/misc/fastrpc.c | 89 ++++--- drivers/misc/genwqe/card_ddcb.c | 2 +- drivers/misc/pci_endpoint_test.c | 2 +- drivers/mmc/core/block.c | 6 +- drivers/mmc/host/Kconfig | 1 + drivers/mtd/nand/raw/atmel/nand-controller.c | 4 +- drivers/net/bonding/bond_main.c | 2 +- drivers/net/bonding/bond_netlink.c | 16 +- drivers/net/ethernet/amazon/ena/ena_ethtool.c | 5 +- drivers/net/ethernet/cadence/macb.h | 4 - drivers/net/ethernet/cadence/macb_main.c | 134 +++++----- drivers/net/ethernet/dlink/dl2k.c | 7 +- drivers/net/ethernet/freescale/enetc/enetc4_pf.c | 2 +- drivers/net/ethernet/freescale/enetc/ntmp.c | 15 +- drivers/net/ethernet/intel/idpf/idpf_txrx.c | 8 +- drivers/net/ethernet/intel/idpf/idpf_virtchnl.c | 6 +- .../net/ethernet/marvell/octeontx2/nic/otx2_pf.c | 1 + .../net/ethernet/marvell/octeontx2/nic/otx2_vf.c | 1 + drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 6 +- .../ethernet/mellanox/mlx5/core/en/port_buffer.h | 12 - drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 17 +- drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c | 24 ++ .../net/ethernet/mellanox/mlx5/core/pagealloc.c | 7 +- .../net/ethernet/netronome/nfp/nfp_net_ethtool.c | 2 +- drivers/net/phy/as21xxx.c | 7 +- drivers/net/usb/asix_devices.c | 29 +++ drivers/net/usb/rtl8150.c | 2 - drivers/net/wireless/ath/ath10k/wmi.c | 39 ++- drivers/net/wireless/ath/ath12k/ce.c | 2 +- drivers/net/wireless/ath/ath12k/debug.h | 1 + drivers/net/wireless/ath/ath12k/dp_mon.c | 56 +++-- drivers/net/wireless/ath/ath12k/dp_rx.c | 45 +++- drivers/net/wireless/ath/ath12k/hal_rx.h | 12 +- drivers/net/wireless/ath/ath12k/mac.c | 16 +- .../wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 2 +- .../wireless/broadcom/brcm80211/brcmfmac/chip.c | 4 +- .../wireless/broadcom/brcm80211/brcmfmac/sdio.c | 8 +- .../broadcom/brcm80211/include/brcm_hw_ids.h | 1 - drivers/net/wireless/intel/iwlwifi/fw/regulatory.h | 1 - drivers/net/wireless/marvell/mwifiex/cfg80211.c | 7 +- drivers/net/wireless/mediatek/mt76/mt7603/soc.c | 2 +- drivers/net/wireless/mediatek/mt76/mt7915/eeprom.h | 6 +- drivers/net/wireless/mediatek/mt76/mt7915/mcu.c | 29 +-- drivers/net/wireless/mediatek/mt76/mt7996/init.c | 29 ++- drivers/net/wireless/mediatek/mt76/mt7996/mac.c | 137 +++------- drivers/net/wireless/mediatek/mt76/mt7996/main.c | 106 ++++++-- drivers/net/wireless/mediatek/mt76/mt7996/mcu.c | 38 ++- drivers/net/wireless/mediatek/mt76/mt7996/mcu.h | 3 +- drivers/net/wireless/mediatek/mt76/mt7996/mt7996.h | 22 +- drivers/net/wireless/mediatek/mt76/mt7996/pci.c | 2 +- drivers/net/wireless/realtek/rtw88/led.c | 13 +- drivers/net/wireless/realtek/rtw89/core.c | 1 + drivers/net/wireless/realtek/rtw89/ser.c | 3 +- drivers/nvme/host/auth.c | 5 +- drivers/nvme/host/tcp.c | 3 + drivers/nvme/target/fc.c | 19 +- drivers/nvme/target/fcloop.c | 8 +- drivers/pci/controller/cadence/pci-j721e.c | 2 +- drivers/pci/controller/dwc/pcie-designware.h | 1 - drivers/pci/controller/dwc/pcie-qcom-common.c | 58 +++-- drivers/pci/controller/dwc/pcie-qcom-common.h | 2 +- drivers/pci/controller/dwc/pcie-qcom-ep.c | 6 +- drivers/pci/controller/dwc/pcie-qcom.c | 8 +- drivers/pci/controller/dwc/pcie-rcar-gen4.c | 26 +- drivers/pci/controller/dwc/pcie-tegra194.c | 4 +- drivers/pci/controller/pci-tegra.c | 2 +- drivers/pci/controller/pci-xgene-msi.c | 2 +- drivers/pci/controller/pcie-rcar-host.c | 2 +- drivers/pci/endpoint/functions/pci-epf-test.c | 31 ++- drivers/pci/endpoint/pci-ep-msi.c | 2 +- drivers/pci/msi/irqdomain.c | 57 +++++ drivers/pci/pci-acpi.c | 6 +- drivers/pci/pcie/aer.c | 3 + drivers/pci/pwrctrl/slot.c | 12 +- drivers/perf/arm_spe_pmu.c | 3 +- drivers/phy/rockchip/phy-rockchip-naneng-combphy.c | 12 + drivers/pinctrl/Kconfig | 2 + drivers/pinctrl/meson/pinctrl-meson-gxl.c | 10 + drivers/pinctrl/pinctrl-eic7700.c | 2 +- drivers/pinctrl/pinmux.c | 2 +- drivers/pinctrl/renesas/pinctrl-rzg2l.c | 2 +- drivers/pinctrl/renesas/pinctrl.c | 3 +- drivers/power/supply/cw2015_battery.c | 3 +- drivers/power/supply/max77705_charger.c | 198 +++++++-------- drivers/pps/kapi.c | 5 +- drivers/pps/pps.c | 5 +- drivers/ptp/ptp_private.h | 1 + drivers/ptp/ptp_sysfs.c | 2 +- drivers/pwm/pwm-loongson.c | 2 +- drivers/pwm/pwm-tiehrpwm.c | 154 +++++------- drivers/regulator/scmi-regulator.c | 3 +- drivers/remoteproc/pru_rproc.c | 3 +- drivers/remoteproc/qcom_q6v5.c | 3 - drivers/remoteproc/qcom_q6v5_mss.c | 11 +- drivers/remoteproc/qcom_q6v5_pas.c | 6 + drivers/rpmsg/qcom_smd.c | 2 +- drivers/scsi/libsas/sas_expander.c | 5 +- drivers/scsi/mpt3sas/mpt3sas_transport.c | 8 +- drivers/scsi/myrs.c | 8 +- drivers/scsi/pm8001/pm8001_hwi.c | 11 +- drivers/scsi/pm8001/pm8001_sas.c | 31 ++- drivers/scsi/pm8001/pm8001_sas.h | 1 + drivers/scsi/pm8001/pm80xx_hwi.c | 10 +- drivers/scsi/qla2xxx/qla_edif.c | 4 +- drivers/scsi/qla2xxx/qla_init.c | 4 +- drivers/scsi/qla2xxx/qla_nvme.c | 2 +- drivers/soc/mediatek/mtk-svs.c | 23 ++ drivers/soc/qcom/rpmh-rsc.c | 7 +- drivers/spi/spi.c | 2 +- drivers/staging/media/ipu7/ipu7.c | 28 +-- drivers/tee/tee_shm.c | 8 + drivers/thermal/qcom/Kconfig | 3 +- drivers/thermal/qcom/lmh.c | 2 + drivers/thunderbolt/tunnel.c | 5 +- drivers/tty/n_gsm.c | 25 +- drivers/tty/serial/max310x.c | 2 + drivers/ufs/core/ufs-sysfs.c | 2 + drivers/ufs/core/ufshcd.c | 9 + drivers/uio/uio_hv_generic.c | 7 +- drivers/usb/cdns3/cdnsp-pci.c | 5 +- drivers/usb/gadget/configfs.c | 2 + drivers/usb/host/max3421-hcd.c | 2 +- drivers/usb/host/xhci-ring.c | 11 +- drivers/usb/misc/Kconfig | 1 + drivers/usb/misc/qcom_eud.c | 33 ++- drivers/usb/phy/phy-twl6030-usb.c | 3 +- drivers/usb/typec/tipd/core.c | 24 +- drivers/usb/usbip/vhci_hcd.c | 22 ++ drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c | 6 +- drivers/vfio/pci/pds/dirty.c | 2 +- drivers/vhost/vringh.c | 14 +- drivers/video/fbdev/simplefb.c | 31 ++- drivers/watchdog/intel_oc_wdt.c | 8 +- drivers/watchdog/mpc8xxx_wdt.c | 2 + fs/btrfs/extent_io.c | 9 +- fs/btrfs/inode.c | 2 +- fs/cramfs/inode.c | 2 +- fs/erofs/zdata.c | 4 +- fs/ext4/ext4.h | 10 + fs/ext4/file.c | 2 +- fs/ext4/inode.c | 2 +- fs/ext4/mballoc.c | 10 + fs/ext4/orphan.c | 6 +- fs/ext4/super.c | 4 +- fs/f2fs/compress.c | 25 +- fs/f2fs/data.c | 11 +- fs/f2fs/f2fs.h | 4 +- fs/f2fs/file.c | 49 ++-- fs/f2fs/gc.c | 16 +- fs/f2fs/super.c | 10 +- fs/fuse/file.c | 1 - fs/gfs2/file.c | 23 +- fs/gfs2/glock.c | 121 ++++----- fs/gfs2/glock.h | 4 + fs/gfs2/incore.h | 3 +- fs/gfs2/lock_dlm.c | 72 ++++-- fs/gfs2/trace_gfs2.h | 1 - fs/hfsplus/dir.c | 2 +- fs/hfsplus/hfsplus_fs.h | 8 +- fs/hfsplus/unicode.c | 24 +- fs/hfsplus/xattr.c | 6 +- fs/nfs/localio.c | 65 ++++- fs/nfs/nfs4proc.c | 2 +- fs/nfsd/filecache.c | 34 +++ fs/nfsd/filecache.h | 4 + fs/nfsd/localio.c | 11 + fs/nfsd/trace.h | 27 ++ fs/nfsd/vfs.h | 4 + fs/notify/fanotify/fanotify_user.c | 3 + fs/ntfs3/index.c | 10 + fs/ntfs3/run.c | 12 +- fs/ocfs2/stack_user.c | 1 + fs/smb/client/smb2ops.c | 17 +- fs/smb/client/smbdirect.c | 110 +++++++- fs/smb/client/smbdirect.h | 4 +- fs/smb/server/ksmbd_netlink.h | 5 +- fs/smb/server/mgmt/user_session.c | 26 +- fs/smb/server/server.h | 1 + fs/smb/server/smb2pdu.c | 3 +- fs/smb/server/transport_ipc.c | 3 + fs/smb/server/transport_rdma.c | 97 ++++++- fs/smb/server/transport_tcp.c | 27 +- fs/squashfs/inode.c | 7 + fs/squashfs/squashfs_fs_i.h | 2 +- fs/udf/inode.c | 3 + include/acpi/actbl.h | 2 +- include/asm-generic/vmlinux.lds.h | 1 + include/crypto/internal/scompress.h | 11 +- include/drm/drm_panel.h | 14 ++ include/linux/blk_types.h | 7 +- include/linux/blkdev.h | 2 + include/linux/bpf.h | 1 + include/linux/bpf_verifier.h | 12 +- include/linux/btf.h | 2 +- include/linux/coresight.h | 25 +- include/linux/dmaengine.h | 2 +- include/linux/hid.h | 2 + include/linux/irq.h | 2 + include/linux/memcontrol.h | 6 + include/linux/mm.h | 2 +- include/linux/mmc/sdio_ids.h | 2 +- include/linux/msi.h | 2 + include/linux/nfslocalio.h | 2 + include/linux/once.h | 4 +- include/linux/phy.h | 23 +- include/linux/power/max77705_charger.h | 102 ++++---- include/linux/sched/topology.h | 28 ++- include/linux/topology.h | 2 +- include/net/bonding.h | 1 + include/net/dst.h | 16 +- include/net/ip.h | 30 ++- include/net/ip6_route.h | 2 +- include/net/route.h | 2 +- include/scsi/libsas.h | 8 + include/trace/events/filelock.h | 3 +- include/trace/misc/fs.h | 22 ++ include/uapi/linux/hidraw.h | 2 + include/ufs/ufshcd.h | 3 + include/vdso/gettime.h | 1 + init/Kconfig | 3 +- io_uring/waitid.c | 3 +- io_uring/zcrx.c | 4 + kernel/bpf/core.c | 5 + kernel/bpf/helpers.c | 3 - kernel/bpf/verifier.c | 28 ++- kernel/cgroup/cpuset.c | 2 +- kernel/events/uprobes.c | 2 +- kernel/irq/Kconfig | 2 + kernel/irq/chip.c | 37 +++ kernel/irq/irq_test.c | 18 +- kernel/pid.c | 2 +- kernel/rcu/srcutiny.c | 4 +- kernel/sched/topology.c | 28 +-- kernel/seccomp.c | 12 +- kernel/smp.c | 11 +- kernel/time/clockevents.c | 2 +- kernel/time/tick-common.c | 16 +- kernel/time/tick-internal.h | 2 +- kernel/trace/bpf_trace.c | 9 +- kernel/trace/trace.c | 278 +++++++++++++++++---- kernel/trace/trace_events.c | 3 +- kernel/trace/trace_fprobe.c | 10 +- kernel/trace/trace_irqsoff.c | 23 +- kernel/trace/trace_kprobe.c | 11 +- kernel/trace/trace_probe.h | 9 +- kernel/trace/trace_sched_wakeup.c | 16 +- kernel/trace/trace_uprobe.c | 12 +- lib/raid6/recov_rvv.c | 2 - lib/raid6/rvv.c | 3 - lib/vdso/datastore.c | 6 +- mm/hugetlb.c | 2 + mm/memcontrol.c | 13 + mm/slub.c | 5 +- net/9p/trans_usbg.c | 16 +- net/bluetooth/hci_sync.c | 10 +- net/bluetooth/iso.c | 11 +- net/bluetooth/mgmt.c | 10 +- net/core/dst.c | 2 +- net/core/filter.c | 16 +- net/core/sock.c | 16 +- net/ethtool/tsconfig.c | 12 +- net/ipv4/icmp.c | 6 +- net/ipv4/ip_fragment.c | 6 +- net/ipv4/ipmr.c | 6 +- net/ipv4/ping.c | 14 +- net/ipv4/route.c | 8 +- net/ipv4/tcp.c | 9 +- net/ipv4/tcp_input.c | 15 +- net/ipv4/tcp_metrics.c | 6 +- net/ipv6/anycast.c | 2 +- net/ipv6/icmp.c | 9 +- net/ipv6/ip6_output.c | 64 ++--- net/ipv6/mcast.c | 67 +++-- net/ipv6/ndisc.c | 2 +- net/ipv6/output_core.c | 8 +- net/ipv6/proc.c | 47 ++-- net/ipv6/route.c | 7 +- net/mac80211/cfg.c | 21 +- net/mac80211/main.c | 3 - net/mac80211/rx.c | 28 ++- net/mac80211/sta_info.c | 10 +- net/mptcp/ctrl.c | 9 +- net/mptcp/subflow.c | 11 +- net/netfilter/ipset/ip_set_hash_gen.h | 8 +- net/netfilter/ipvs/ip_vs_conn.c | 4 +- net/netfilter/ipvs/ip_vs_core.c | 11 +- net/netfilter/ipvs/ip_vs_ctl.c | 6 +- net/netfilter/ipvs/ip_vs_est.c | 16 +- net/netfilter/ipvs/ip_vs_ftp.c | 4 +- net/netfilter/nf_conntrack_standalone.c | 3 + net/netfilter/nfnetlink.c | 2 + net/nfc/nci/ntf.c | 135 +++++++--- net/smc/smc_clc.c | 67 ++--- net/smc/smc_core.c | 27 +- net/smc/smc_pnet.c | 43 ++-- net/sunrpc/auth_gss/svcauth_gss.c | 2 +- net/tls/tls_device.c | 18 +- net/wireless/util.c | 2 +- rust/bindings/bindings_helper.h | 1 + rust/kernel/cpumask.rs | 1 + scripts/misc-check | 4 +- security/Kconfig | 1 + sound/core/pcm_native.c | 21 +- sound/hda/codecs/hdmi/hdmi.c | 1 + sound/hda/codecs/realtek/alc269.c | 1 + sound/pci/lx6464es/lx_core.c | 4 +- sound/soc/codecs/wcd934x.c | 17 +- sound/soc/codecs/wcd937x.c | 4 +- sound/soc/codecs/wcd937x.h | 6 +- sound/soc/intel/boards/bytcht_es8316.c | 20 +- sound/soc/intel/boards/bytcr_rt5640.c | 7 +- sound/soc/intel/boards/bytcr_rt5651.c | 26 +- sound/soc/intel/boards/sof_sdw.c | 2 +- sound/soc/qcom/sc8280xp.c | 4 +- sound/soc/sof/intel/hda-sdw-bpt.c | 2 +- sound/soc/sof/ipc3-topology.c | 10 +- sound/soc/sof/ipc4-pcm.c | 101 ++++++-- sound/soc/sof/ipc4-topology.c | 1 - sound/soc/sof/ipc4-topology.h | 2 + tools/include/nolibc/nolibc.h | 1 + tools/include/nolibc/std.h | 2 +- tools/include/nolibc/sys.h | 13 + tools/include/nolibc/time.h | 5 +- tools/lib/bpf/libbpf.c | 46 ++-- tools/lib/bpf/libbpf.h | 2 +- tools/net/ynl/pyynl/lib/ynl.py | 2 +- .../acpi/os_specific/service_layers/oslinuxtbl.c | 4 +- tools/testing/nvdimm/test/ndtest.c | 13 +- tools/testing/selftests/arm64/abi/tpidr2.c | 8 +- tools/testing/selftests/arm64/gcs/basic-gcs.c | 2 +- tools/testing/selftests/arm64/pauth/exec_target.c | 7 +- tools/testing/selftests/bpf/Makefile | 4 +- tools/testing/selftests/bpf/bench.c | 2 +- tools/testing/selftests/bpf/prog_tests/btf_dump.c | 2 +- tools/testing/selftests/bpf/prog_tests/fd_array.c | 2 +- .../selftests/bpf/prog_tests/kprobe_multi_test.c | 220 +--------------- .../selftests/bpf/prog_tests/module_attach.c | 2 +- .../testing/selftests/bpf/prog_tests/reg_bounds.c | 4 +- .../selftests/bpf/prog_tests/stacktrace_build_id.c | 2 +- .../bpf/prog_tests/stacktrace_build_id_nmi.c | 2 +- .../selftests/bpf/prog_tests/stacktrace_map.c | 2 +- .../bpf/prog_tests/stacktrace_map_raw_tp.c | 2 +- .../selftests/bpf/prog_tests/stacktrace_map_skip.c | 2 +- tools/testing/selftests/bpf/progs/bpf_cc_cubic.c | 2 +- tools/testing/selftests/bpf/progs/bpf_dctcp.c | 2 +- .../selftests/bpf/progs/freplace_connect_v4_prog.c | 2 +- .../selftests/bpf/progs/iters_state_safety.c | 2 +- tools/testing/selftests/bpf/progs/rbtree_search.c | 2 +- .../selftests/bpf/progs/struct_ops_kptr_return.c | 2 +- .../selftests/bpf/progs/struct_ops_refcounted.c | 2 +- .../selftests/bpf/progs/test_cls_redirect.c | 2 +- .../selftests/bpf/progs/test_cls_redirect_dynptr.c | 2 +- .../selftests/bpf/progs/test_tcpnotify_kern.c | 1 - .../testing/selftests/bpf/progs/uretprobe_stack.c | 4 +- .../selftests/bpf/progs/verifier_scalar_ids.c | 2 +- .../testing/selftests/bpf/progs/verifier_var_off.c | 6 +- tools/testing/selftests/bpf/test_sockmap.c | 2 +- tools/testing/selftests/bpf/test_tcpnotify_user.c | 20 +- tools/testing/selftests/bpf/trace_helpers.c | 214 ++++++++++++++++ tools/testing/selftests/bpf/trace_helpers.h | 3 + tools/testing/selftests/bpf/verifier/calls.c | 8 +- tools/testing/selftests/bpf/xdping.c | 2 +- tools/testing/selftests/bpf/xsk.h | 4 +- tools/testing/selftests/bpf/xskxceiver.c | 14 +- tools/testing/selftests/cgroup/lib/cgroup_util.c | 12 + .../selftests/cgroup/lib/include/cgroup_util.h | 1 + tools/testing/selftests/cgroup/test_pids.c | 3 + tools/testing/selftests/futex/functional/Makefile | 5 +- .../selftests/futex/functional/futex_numa_mpol.c | 59 ++--- .../selftests/futex/functional/futex_priv_hash.c | 1 - tools/testing/selftests/futex/functional/run.sh | 1 - tools/testing/selftests/futex/include/futextest.h | 11 + tools/testing/selftests/iommu/iommufd_utils.h | 8 +- tools/testing/selftests/kselftest_harness/Makefile | 1 + tools/testing/selftests/lib.mk | 5 +- tools/testing/selftests/mm/madv_populate.c | 21 +- tools/testing/selftests/mm/soft-dirty.c | 5 +- tools/testing/selftests/mm/va_high_addr_switch.c | 4 +- tools/testing/selftests/mm/vm_util.c | 17 ++ tools/testing/selftests/mm/vm_util.h | 1 + tools/testing/selftests/nolibc/nolibc-test.c | 5 +- tools/testing/selftests/vDSO/vdso_call.h | 7 +- tools/testing/selftests/vDSO/vdso_test_abi.c | 9 +- tools/testing/selftests/watchdog/watchdog-test.c | 6 + 684 files changed, 6525 insertions(+), 3960 deletions(-)

1 month

22
590
0 0

Re: Patch "binfmt_elf: preserve original ELF e_flags for core dumps" has been added to the 6.12-stable tree

by Kees Cook

On Thu, Oct 23, 2025 at 11:25:53AM -0400, Sasha Levin wrote: > This is a note to let you know that I've just added the patch titled > > binfmt_elf: preserve original ELF e_flags for core dumps > > to the 6.12-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > binfmt_elf-preserve-original-elf-e_flags-for-core-du.patch > and it can be found in the queue-6.12 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. No, please don't. I already asked that this not be auto-backported: https://lore.kernel.org/all/202510020856.736F028D@keescook/ -- Kees Cook

1 month

1
0
0 0

[PATCH net v4] virtio-net: fix received length check in big packets

by Bui Quang Minh

Since commit 4959aebba8c0 ("virtio-net: use mtu size as buffer length for big packets"), when guest gso is off, the allocated size for big packets is not MAX_SKB_FRAGS * PAGE_SIZE anymore but depends on negotiated MTU. The number of allocated frags for big packets is stored in vi->big_packets_num_skbfrags. Because the host announced buffer length can be malicious (e.g. the host vhost_net driver's get_rx_bufs is modified to announce incorrect length), we need a check in virtio_net receive path. Currently, the check is not adapted to the new change which can lead to NULL page pointer dereference in the below while loop when receiving length that is larger than the allocated one. This commit fixes the received length check corresponding to the new change. Fixes: 4959aebba8c0 ("virtio-net: use mtu size as buffer length for big packets") Cc: stable(a)vger.kernel.org Signed-off-by: Bui Quang Minh <minhquangbui99(a)gmail.com> --- Changes in v4: - Remove unrelated changes, add more comments Changes in v3: - Convert BUG_ON to WARN_ON_ONCE Changes in v2: - Remove incorrect give_pages call --- drivers/net/virtio_net.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index a757cbcab87f..0ffe78b3fd8d 100644 --- a/drivers/net/virtio_net.c +++ b/drivers/net/virtio_net.c @@ -852,7 +852,7 @@ static struct sk_buff *page_to_skb(struct virtnet_info *vi, { struct sk_buff *skb; struct virtio_net_common_hdr *hdr; - unsigned int copy, hdr_len, hdr_padded_len; + unsigned int copy, hdr_len, hdr_padded_len, max_remaining_len; struct page *page_to_free = NULL; int tailroom, shinfo_size; char *p, *hdr_p, *buf; @@ -915,13 +915,23 @@ static struct sk_buff *page_to_skb(struct virtnet_info *vi, * This is here to handle cases when the device erroneously * tries to receive more than is possible. This is usually * the case of a broken device. + * + * The number of allocated pages for big packet is + * vi->big_packets_num_skbfrags + 1, the start of first page is + * for virtio header, the remaining is for data. We need to ensure + * the remaining len does not go out of the allocated pages. + * Please refer to add_recvbuf_big for more details on big packet + * buffer allocation. */ - if (unlikely(len > MAX_SKB_FRAGS * PAGE_SIZE)) { + BUG_ON(offset >= PAGE_SIZE); + max_remaining_len = (unsigned int)PAGE_SIZE - offset; + max_remaining_len += vi->big_packets_num_skbfrags * PAGE_SIZE; + if (unlikely(len > max_remaining_len)) { net_dbg_ratelimited("%s: too much data\n", skb->dev->name); dev_kfree_skb(skb); return NULL; } - BUG_ON(offset >= PAGE_SIZE); + while (len) { unsigned int frag_size = min((unsigned)PAGE_SIZE - offset, len); skb_add_rx_frag(skb, skb_shinfo(skb)->nr_frags, page, offset, -- 2.43.0

1 month

3
4
0 0

Linux 6.17.5

by Greg Kroah-Hartman

I'm announcing the release of the 6.17.5 kernel. All users of the 6.17 kernel series must upgrade. The updated 6.17.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.17.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/arch/arm64/silicon-errata.rst | 2 Documentation/networking/seg6-sysctl.rst | 3 Documentation/sphinx/kernel_feat.py | 4 Documentation/sphinx/kernel_include.py | 6 Documentation/sphinx/maintainers_include.py | 4 Makefile | 2 arch/Kconfig | 1 arch/arm64/Kconfig | 1 arch/arm64/include/asm/cputype.h | 2 arch/arm64/include/asm/sysreg.h | 11 arch/arm64/kernel/cpu_errata.c | 1 arch/arm64/kernel/entry-common.c | 8 arch/arm64/kvm/arm.c | 6 arch/powerpc/kernel/fadump.c | 3 arch/riscv/kernel/probes/kprobes.c | 13 arch/x86/kernel/cpu/amd.c | 16 arch/x86/kernel/cpu/resctrl/monitor.c | 44 + arch/x86/mm/tlb.c | 24 - block/blk-cgroup.c | 13 block/blk-mq-sched.c | 2 block/blk-mq-tag.c | 5 block/blk-mq.c | 2 block/blk-mq.h | 3 drivers/accel/qaic/qaic.h | 2 drivers/accel/qaic/qaic_control.c | 2 drivers/accel/qaic/qaic_data.c | 12 drivers/accel/qaic/qaic_debugfs.c | 5 drivers/accel/qaic/qaic_drv.c | 3 drivers/ata/libata-core.c | 11 drivers/cxl/acpi.c | 2 drivers/cxl/core/features.c | 3 drivers/cxl/core/region.c | 7 drivers/cxl/core/trace.h | 2 drivers/dpll/zl3073x/core.c | 228 ++++++---- drivers/dpll/zl3073x/core.h | 3 drivers/dpll/zl3073x/devlink.c | 18 drivers/dpll/zl3073x/regs.h | 3 drivers/gpu/drm/amd/amdgpu/Makefile | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 48 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_fence.c | 54 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_ring.h | 2 drivers/gpu/drm/amd/amdgpu/cyan_skillfish_reg_init.c | 56 ++ drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 drivers/gpu/drm/amd/amdgpu/mes_v12_0.c | 7 drivers/gpu/drm/amd/amdgpu/nv.h | 1 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 12 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h | 7 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 drivers/gpu/drm/bridge/lontium-lt9211.c | 3 drivers/gpu/drm/drm_draw.c | 2 drivers/gpu/drm/drm_draw_internal.h | 2 drivers/gpu/drm/i915/display/intel_fb.c | 38 - drivers/gpu/drm/i915/display/intel_frontbuffer.c | 10 drivers/gpu/drm/i915/gem/i915_gem_object_frontbuffer.h | 2 drivers/gpu/drm/i915/gt/uc/intel_guc_ct.c | 9 drivers/gpu/drm/panthor/panthor_fw.c | 1 drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 2 drivers/gpu/drm/scheduler/sched_main.c | 13 drivers/gpu/drm/xe/display/xe_fb_pin.c | 5 drivers/gpu/drm/xe/display/xe_plane_initial.c | 3 drivers/gpu/drm/xe/regs/xe_gt_regs.h | 1 drivers/gpu/drm/xe/xe_assert.h | 4 drivers/gpu/drm/xe/xe_bo.c | 1 drivers/gpu/drm/xe/xe_bo.h | 4 drivers/gpu/drm/xe/xe_bo_evict.c | 8 drivers/gpu/drm/xe/xe_bo_types.h | 1 drivers/gpu/drm/xe/xe_device.c | 22 drivers/gpu/drm/xe/xe_device_types.h | 62 -- drivers/gpu/drm/xe/xe_gt_idle.c | 8 drivers/gpu/drm/xe/xe_gt_pagefault.c | 13 drivers/gpu/drm/xe/xe_gt_sriov_pf_config.c | 3 drivers/gpu/drm/xe/xe_guc_submit.c | 13 drivers/gpu/drm/xe/xe_migrate.c | 25 - drivers/gpu/drm/xe/xe_pci.c | 8 drivers/gpu/drm/xe/xe_query.c | 5 drivers/gpu/drm/xe/xe_svm.c | 63 +- drivers/gpu/drm/xe/xe_tile.c | 58 +- drivers/gpu/drm/xe/xe_tile.h | 14 drivers/gpu/drm/xe/xe_ttm_stolen_mgr.c | 10 drivers/gpu/drm/xe/xe_ttm_vram_mgr.c | 22 drivers/gpu/drm/xe/xe_ttm_vram_mgr.h | 3 drivers/gpu/drm/xe/xe_vm.c | 32 + drivers/gpu/drm/xe/xe_vm_types.h | 2 drivers/gpu/drm/xe/xe_vram.c | 243 +++++++---- drivers/gpu/drm/xe/xe_vram.h | 12 drivers/gpu/drm/xe/xe_vram_types.h | 85 +++ drivers/hid/hid-input.c | 5 drivers/hid/hid-multitouch.c | 28 - drivers/hid/intel-thc-hid/intel-quickspi/quickspi-protocol.c | 3 drivers/media/platform/nxp/imx8-isi/imx8-isi-m2m.c | 226 ++++------ drivers/net/can/m_can/m_can.c | 62 +- drivers/net/can/m_can/m_can_platform.c | 2 drivers/net/can/usb/gs_usb.c | 23 - drivers/net/ethernet/airoha/airoha_eth.c | 16 drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 drivers/net/ethernet/broadcom/tg3.c | 5 drivers/net/ethernet/dlink/dl2k.c | 23 - drivers/net/ethernet/google/gve/gve.h | 2 drivers/net/ethernet/google/gve/gve_desc_dqo.h | 3 drivers/net/ethernet/google/gve/gve_rx_dqo.c | 18 drivers/net/ethernet/intel/idpf/idpf_ptp.c | 3 drivers/net/ethernet/intel/idpf/idpf_virtchnl_ptp.c | 1 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 3 drivers/net/ethernet/intel/ixgbevf/defines.h | 1 drivers/net/ethernet/intel/ixgbevf/ipsec.c | 10 drivers/net/ethernet/intel/ixgbevf/ixgbevf.h | 7 drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 34 + drivers/net/ethernet/intel/ixgbevf/mbx.h | 8 drivers/net/ethernet/intel/ixgbevf/vf.c | 182 ++++++-- drivers/net/ethernet/intel/ixgbevf/vf.h | 1 drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 1 drivers/net/ethernet/mediatek/mtk_wed.c | 8 drivers/net/ethernet/realtek/r8169_main.c | 5 drivers/net/netdevsim/netdev.c | 7 drivers/net/phy/broadcom.c | 20 drivers/net/phy/realtek/realtek_main.c | 23 - drivers/net/usb/lan78xx.c | 19 drivers/net/usb/r8152.c | 7 drivers/net/usb/usbnet.c | 2 drivers/nvme/host/auth.c | 6 drivers/nvme/host/multipath.c | 6 drivers/nvme/host/tcp.c | 3 drivers/pci/controller/vmd.c | 13 drivers/phy/cadence/cdns-dphy.c | 131 ++++- drivers/usb/gadget/function/f_acm.c | 42 - drivers/usb/gadget/function/f_ecm.c | 48 -- drivers/usb/gadget/function/f_ncm.c | 78 +-- drivers/usb/gadget/function/f_rndis.c | 85 +-- drivers/usb/gadget/udc/core.c | 3 fs/btrfs/extent_io.c | 2 fs/btrfs/free-space-tree.c | 15 fs/btrfs/ioctl.c | 2 fs/btrfs/relocation.c | 13 fs/btrfs/super.c | 3 fs/btrfs/zoned.c | 2 fs/coredump.c | 2 fs/dax.c | 2 fs/dcache.c | 2 fs/exec.c | 2 fs/ext4/ext4_jbd2.c | 11 fs/ext4/inode.c | 8 fs/f2fs/data.c | 2 fs/file_attr.c | 12 fs/fuse/ioctl.c | 4 fs/hfsplus/unicode.c | 24 + fs/jbd2/transaction.c | 13 fs/nfsd/blocklayout.c | 25 - fs/nfsd/blocklayoutxdr.c | 86 ++- fs/nfsd/blocklayoutxdr.h | 4 fs/nfsd/flexfilelayout.c | 8 fs/nfsd/flexfilelayoutxdr.c | 3 fs/nfsd/nfs4layouts.c | 1 fs/nfsd/nfs4proc.c | 36 - fs/nfsd/nfs4xdr.c | 25 - fs/nfsd/pnfs.h | 1 fs/nfsd/xdr4.h | 39 + fs/overlayfs/copy_up.c | 2 fs/overlayfs/inode.c | 5 fs/smb/client/inode.c | 6 fs/smb/client/misc.c | 17 fs/smb/client/smb2ops.c | 8 fs/smb/server/mgmt/user_session.c | 7 fs/smb/server/smb2pdu.c | 9 fs/smb/server/transport_ipc.c | 12 fs/xfs/libxfs/xfs_log_format.h | 30 + fs/xfs/libxfs/xfs_ondisk.h | 2 fs/xfs/xfs_log.c | 8 fs/xfs/xfs_log_priv.h | 4 fs/xfs/xfs_log_recover.c | 34 + include/linux/brcmphy.h | 1 include/linux/libata.h | 6 include/linux/suspend.h | 6 include/linux/usb/gadget.h | 25 + include/net/ip_tunnels.h | 15 include/uapi/drm/amdgpu_drm.h | 21 io_uring/register.c | 1 io_uring/rw.c | 2 kernel/events/core.c | 8 kernel/power/hibernate.c | 11 kernel/sched/core.c | 2 kernel/sched/deadline.c | 3 kernel/sched/fair.c | 26 - mm/slub.c | 9 net/can/j1939/main.c | 2 net/core/dev.c | 40 + net/ipv4/ip_tunnel.c | 14 net/ipv4/tcp_output.c | 19 net/ipv6/ip6_tunnel.c | 3 net/tls/tls_main.c | 7 net/tls/tls_sw.c | 31 + rust/kernel/cpufreq.rs | 3 sound/firewire/amdtp-stream.h | 2 sound/hda/codecs/realtek/alc269.c | 1 sound/hda/codecs/side-codecs/cs35l41_hda.c | 2 sound/hda/codecs/side-codecs/hda_component.c | 4 sound/hda/controllers/intel.c | 1 sound/soc/amd/acp/acp-sdw-sof-mach.c | 2 sound/soc/codecs/idt821034.c | 12 sound/soc/codecs/nau8821.c | 111 +++-- sound/usb/card.c | 10 tools/testing/selftests/bpf/prog_tests/arg_parsing.c | 12 tools/testing/selftests/net/rtnetlink.sh | 2 tools/testing/selftests/net/vlan_bridge_binding.sh | 2 209 files changed, 2368 insertions(+), 1221 deletions(-) Ada Couprie Diaz (1): arm64: debug: always unmask interrupts in el0_softstp() Adrian Hunter (3): perf/core: Fix address filter match with backing files perf/core: Fix MMAP event path names with backing files perf/core: Fix MMAP2 event device with backing files Alex Deucher (6): drm/amdgpu: add ip offset support for cyan skillfish drm/amdgpu: add support for cyan skillfish without IP discovery drm/amdgpu: fix handling of harvesting for ip_discovery firmware drm/amdgpu: handle wrap around in reemit handling drm/amdgpu: set an error on all fences from a bad context drm/amdgpu: drop unused structures in amdgpu_drm.h Alexey Simakov (1): tg3: prevent use of uninitialized remote_adv and local_adv variables Alison Schofield (1): cxl/trace: Subtract to find an hpa_alias0 in cxl_poison events Alok Tiwari (1): drm/rockchip: vop2: use correct destination rectangle height check Amit Chaudhary (1): nvme-multipath: Skip nr_active increments in RETRY disposition Andrey Albershteyn (1): Revert "fs: make vfs_fileattr_[get|set] return -EOPNOTSUPP" Andrii Nakryiko (1): selftests/bpf: make arg_parsing.c more robust to crashes Babu Moger (2): x86/resctrl: Refactor resctrl_arch_rmid_read() x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Benjamin Tissoires (1): HID: multitouch: fix sticky fingers Bhanu Seshu Kumar Valluri (1): net: usb: lan78xx: Fix lost EEPROM write timeout error(-ETIMEDOUT) in lan78xx_write_raw_eeprom Boris Burkov (1): btrfs: fix incorrect readahead expansion length Breno Leitao (1): netdevsim: set the carrier when the device goes up Celeste Liu (2): can: gs_usb: gs_make_candev(): populate net_device->dev_port can: gs_usb: increase max interface to U8_MAX Christian Brauner (1): coredump: fix core_pattern input validation Christoph Hellwig (2): xfs: rename the old_crc variable in xlog_recover_process xfs: fix log CRC mismatches between i386 and other architectures Christophe Leroy (1): ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec Chuck Lever (1): NFSD: Define a proc_layoutcommit for the FlexFiles layout type Conor Dooley (1): rust: cfi: only 64-bit arm and x86 support CFI_CLANG Cristian Ciocaltea (4): ASoC: nau8821: Cancel jdet_work before handling jack ejection ASoC: nau8821: Generalize helper to clear IRQ status ASoC: nau8821: Consistently clear interrupts before unmasking ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit Damien Le Moal (1): ata: libata-core: relax checks in ata_read_log_directory() Dan Carpenter (1): drm/xe: Fix an IS_ERR() vs NULL bug in xe_tile_alloc_vram() Dave Jiang (3): cxl/acpi: Fix setup of memory resource in cxl_acpi_set_cache_size() cxl/features: Add check for no entries in cxl_feature_info cxl: Fix match_region_by_range() to use region_res_match_cxl_range() Deepanshu Kartikey (1): ext4: detect invalid INLINE_DATA + EXTENTS flag combination Denis Arefev (2): ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() ALSA: hda: Fix missing pointer check in hda_component_manager_init function Devarsh Thakkar (2): phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling phy: cadence: cdns-dphy: Update calibration wait time for startup state machine Dmitry Safonov (1): net/ip6_tunnel: Prevent perpetual tunnel growth Dmitry Torokhov (1): HID: hid-input: only ignore 0 battery events for digitizers Eric Dumazet (1): tcp: fix tcp_tso_should_defer() vs large RTT Eugene Korenevsky (1): cifs: parse_dfs_referrals: prevent oob on malformed input Even Xu (1): HID: intel-thc-hid: Intel-quickspi: switch first interrupt from level to edge detection Fabian Vogt (1): riscv: kprobes: Fix probe address validation Filipe Manana (2): btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running btrfs: do not assert we found block group item when creating free space tree Florian Westphal (1): net: core: fix lockdep splat on device unregister Francesco Valla (1): drm/draw: fix color truncation in drm_draw_fill24 Greg Kroah-Hartman (1): Linux 6.17.5 Gui-Dong Han (1): drm/amdgpu: use atomic functions with memory barriers for vm fault info Guoniu Zhou (1): media: nxp: imx8-isi: m2m: Fix streaming cleanup on release Hao Ge (1): slab: reset slab->obj_ext when freeing and it is OBJEXTS_ALLOC_FAIL Harshit Mogalapalli (1): Octeontx2-af: Fix missing error code in cgx_probe() I Viswanath (1): net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Ingo Molnar (1): x86/mm: Fix SMP ordering in switch_mm_irqs_off() Inochi Amaoto (1): PCI: vmd: Override irq_startup()/irq_shutdown() in vmd_init_dev_msi_info() Ivan Vecera (2): dpll: zl3073x: Refactor DPLL initialization dpll: zl3073x: Handle missing or corrupted flash configuration Jaegeuk Kim (1): f2fs: fix wrong block mapping for multi-devices Jan Kara (1): vfs: Don't leak disconnected dentries on umount Jedrzej Jagielski (2): ixgbevf: fix getting link speed data for E610 devices ixgbevf: fix mailbox API compatibility by negotiating supported features Jeff Hugo (1): accel/qaic: Fix bootlog initialization ordering Jens Axboe (1): Revert "io_uring/rw: drop -EOPNOTSUPP check in __io_complete_rw_common()" Jiaming Zhang (1): ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card Jonathan Corbet (1): docs: kdoc: handle the obsolescensce of docutils.ErrorString() Jonathan Kim (1): drm/amdgpu: fix gfx12 mes packet status return check Kamil Horák - 2N (1): net: phy: bcm54811: Fix GMII/MII/MII-Lite selection Kenneth Graunke (1): drm/xe: Increase global invalidation timeout to 1000us Ketil Johnsen (1): drm/panthor: Ensure MCU is disabled on suspend Koichiro Den (1): ixgbe: fix too early devlink_free() in ixgbe_remove() Kuen-Han Tsai (6): usb: gadget: Store endpoint pointer in usb_request usb: gadget: Introduce free_usb_request helper usb: gadget: f_rndis: Refactor bind path to use __free() usb: gadget: f_acm: Refactor bind path to use __free() usb: gadget: f_ecm: Refactor bind path to use __free() usb: gadget: f_ncm: Refactor bind path to use __free() Li Qiang (1): ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails Linmao Li (1): r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Lorenzo Bianconi (1): net: airoha: Take into account out-of-order tx completions in airoha_dev_xmit() Lorenzo Pieralisi (1): arm64/sysreg: Fix GIC CDEOI instruction encoding Lucas De Marchi (1): drm/xe: Move rebar to be done earlier Marc Kleine-Budde (4): can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() can: m_can: m_can_handle_state_errors(): fix CAN state transition to Error Active can: m_can: m_can_chip_config(): bring up interface in correct state can: m_can: fix CAN state in system PM Marek Vasut (2): net: phy: realtek: Avoid PHYCR2 access if PHYCR2 not present drm/bridge: lt9211: Drop check for last nibble of version register Mario Limonciello (1): drm/amd: Check whether secure display TA loaded successfully Mario Limonciello (AMD) (2): PM: hibernate: Add pm_hibernation_mode_is_suspend() drm/amd: Fix hybrid sleep Marios Makassikis (1): ksmbd: fix recursive locking in RPC handle list access Mark Rutland (2): arm64: cputype: Add Neoverse-V3AE definitions arm64: errata: Apply workarounds for Neoverse-V3AE Martin George (1): nvme-auth: update sc_c in host response Matthew Auld (1): drm/xe/evict: drop bogus assert Matthew Brost (1): drm/xe: Don't allow evicting of BOs in same VM in array of VM binds Matthew Schwartz (1): Revert "drm/amd/display: Only restore backlight after amdgpu_dm_init or dm_resume" Miguel Ojeda (1): rust: cpufreq: fix formatting Milena Olech (1): idpf: cleanup remaining SKBs in PTP flows Ming Lei (1): block: Remove elevator_lock usage from blkg_conf frozen operations Miquel Sabaté Solà (2): btrfs: fix memory leak on duplicated memory in the qgroup assign ioctl btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST Nicolas Dichtel (1): doc: fix seg6_flowlabel path Oliver Upton (1): KVM: arm64: Prevent access to vCPU events before init Pavel Begunkov (1): io_uring: protect mem region deregistration Peter Zijlstra (Intel) (1): sched/deadline: Stop dl_server before CPU goes offline Piotr Piórkowski (4): drm/xe: Use devm_ioremap_wc for VRAM mapping and drop manual unmap drm/xe: Use dynamic allocation for tile and device VRAM region structures drm/xe: Move struct xe_vram_region to a dedicated header drm/xe: Unify the initialization of VRAM regions Pranjal Ramajor Asha Kanojiya (1): accel/qaic: Synchronize access to DBC request queue head & tail pointer Qu Wenruo (1): btrfs: only set the device specific options after devices are opened Rafael J. Wysocki (1): PM: hibernate: Fix pm_hibernation_mode_is_suspend() build breakage Raju Rangoju (1): amd-xgbe: Avoid spurious link down messages during interface toggle Randy Dunlap (1): ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Rex Lu (1): net: mtk: wed: add dma mask limitation and GFP_DMA32 for device with more than 4GB DRAM Rong Zhang (1): x86/CPU/AMD: Prevent reset reasons from being retained across reboot Sabrina Dubroca (5): tls: trim encrypted message to match the plaintext on short splice tls: wait for async encrypt in case of error during latter iterations of sendmsg tls: always set record_type in tls_process_cmsg tls: wait for pending async decryptions if tls_strp_msg_hold fails tls: don't rely on tx_work during send() Sergey Bashirov (4): NFSD: Rework encoding and decoding of nfsd4_deviceid NFSD: Minor cleanup in layoutcommit processing NFSD: Implement large extent array support in pNFS NFSD: Fix last write offset handling in layoutcommit Shuhao Fu (1): smb: client: Fix refcount leak for cifs_sb_tlink Shuicheng Lin (1): drm/xe/guc: Check GuC running state before deregistering exec queue Sourabh Jain (1): powerpc/fadump: skip parameter area allocation when fadump is disabled Stuart Hayhurst (1): ALSA: hda/intel: Add MSI X870E Tomahawk to denylist Takashi Iwai (1): ALSA: hda/realtek: Add quirk entry for HP ZBook 17 G6 Tetsuo Handa (1): can: j1939: add missing calls in NETDEV_UNREGISTER notification handler Thadeu Lima de Souza Cascardo (1): HID: multitouch: fix name of Stylus input devices Tim Hostetler (1): gve: Check valid ts bit on RX descriptor before hw timestamping Timur Kristóf (1): drm/amd/powerplay: Fix CIK shutdown temperature Tomi Valkeinen (1): phy: cdns-dphy: Store hs_clk_rate and return it Tvrtko Ursulin (1): drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies Viacheslav Dubeyko (1): hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Ville Syrjälä (2): drm/i915/frontbuffer: Move bo refcounting intel_frontbuffer_{get,release}() drm/i915/fb: Fix the set_tiling vs. addfb race, again Vinay Belgaumkar (1): drm/xe: Enable media sampler power gating Vincent Guittot (1): sched/fair: Fix pelt lost idle time detection Wang Liang (1): selftests: net: check jq command is supported Wilfred Mallawa (1): nvme/tcp: handle tls partially sent records in write_space() Xing Guo (1): selftests: arg_parsing: Ensure data is flushed to disk before reading. Yeounsu Moon (1): net: dlink: handle dma_map_single() failure properly Yi Cong (1): r8152: add error handling in rtl8152_driver_init Youssef Samir (1): accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Yu Kuai (1): blk-mq: fix stale tag depth for shared sched tags in blk_mq_update_nr_requests() Yuezhang Mo (1): dax: skip read lock assertion for read-only filesystems Zhang Yi (2): jbd2: ensure that all ongoing I/O complete before freeing blocks ext4: wait for ongoing I/O to complete before freeing blocks Zhanjun Dong (1): drm/i915/guc: Skip communication warning on reset in progress Zqiang (1): usbnet: Fix using smp_processor_id() in preemptible code warnings

1 month

1
1
0 0

Linux 6.12.55

by Greg Kroah-Hartman

I'm announcing the release of the 6.12.55 kernel. All users of the 6.12 kernel series must upgrade. The updated 6.12.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/arch/arm64/silicon-errata.rst | 2 Documentation/networking/seg6-sysctl.rst | 3 Makefile | 2 arch/Kconfig | 1 arch/arm64/Kconfig | 1 arch/arm64/include/asm/cputype.h | 2 arch/arm64/kernel/cpu_errata.c | 1 arch/riscv/kernel/probes/kprobes.c | 13 - arch/x86/kernel/cpu/resctrl/monitor.c | 44 ++- drivers/accel/qaic/qaic.h | 2 drivers/accel/qaic/qaic_control.c | 2 drivers/accel/qaic/qaic_data.c | 12 - drivers/accel/qaic/qaic_debugfs.c | 5 drivers/accel/qaic/qaic_drv.c | 3 drivers/base/power/runtime.c | 44 +++ drivers/cdx/cdx_msi.c | 5 drivers/cpufreq/cppc_cpufreq.c | 14 + drivers/dma/idxd/init.c | 2 drivers/gpu/drm/amd/amdgpu/Makefile | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 48 +++- drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 2 drivers/gpu/drm/amd/amdgpu/cyan_skillfish_reg_init.c | 56 ++++ drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 drivers/gpu/drm/amd/amdgpu/mes_v12_0.c | 7 drivers/gpu/drm/amd/amdgpu/nv.h | 1 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 drivers/gpu/drm/bridge/lontium-lt9211.c | 3 drivers/gpu/drm/drm_draw.c | 2 drivers/gpu/drm/drm_draw_internal.h | 2 drivers/gpu/drm/exynos/exynos7_drm_decon.c | 98 ++------ drivers/gpu/drm/i915/gt/uc/intel_guc_ct.c | 9 drivers/gpu/drm/msm/adreno/a6xx_gmu.c | 28 +- drivers/gpu/drm/msm/adreno/a6xx_gmu.h | 6 drivers/gpu/drm/panthor/panthor_fw.c | 1 drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 2 drivers/gpu/drm/scheduler/sched_main.c | 13 - drivers/gpu/drm/xe/xe_guc_submit.c | 13 + drivers/hid/hid-input.c | 5 drivers/hid/hid-multitouch.c | 28 +- drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 35 +- drivers/md/md-linear.c | 1 drivers/md/raid0.c | 16 + drivers/md/raid1.c | 37 ++- drivers/md/raid10.c | 55 ++++ drivers/md/raid5.c | 2 drivers/media/platform/nxp/imx8-isi/imx8-isi-core.h | 2 drivers/media/platform/nxp/imx8-isi/imx8-isi-hw.c | 2 drivers/media/platform/nxp/imx8-isi/imx8-isi-m2m.c | 225 +++++++------------ drivers/media/platform/nxp/imx8-isi/imx8-isi-pipe.c | 2 drivers/net/can/m_can/m_can.c | 84 ++++--- drivers/net/can/m_can/m_can.h | 1 drivers/net/can/m_can/m_can_platform.c | 2 drivers/net/can/usb/gs_usb.c | 23 - drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 drivers/net/ethernet/broadcom/tg3.c | 5 drivers/net/ethernet/dlink/dl2k.c | 23 + drivers/net/ethernet/intel/ixgbevf/defines.h | 6 drivers/net/ethernet/intel/ixgbevf/ipsec.c | 10 drivers/net/ethernet/intel/ixgbevf/ixgbevf.h | 13 + drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 46 +++ drivers/net/ethernet/intel/ixgbevf/mbx.h | 8 drivers/net/ethernet/intel/ixgbevf/vf.c | 194 +++++++++++++--- drivers/net/ethernet/intel/ixgbevf/vf.h | 5 drivers/net/ethernet/realtek/r8169_main.c | 5 drivers/net/netdevsim/netdev.c | 7 drivers/net/usb/lan78xx.c | 38 ++- drivers/net/usb/r8152.c | 7 drivers/net/wireless/realtek/rtw89/core.c | 39 +-- drivers/net/wireless/realtek/rtw89/core.h | 6 drivers/net/wireless/realtek/rtw89/mac80211.c | 2 drivers/net/wireless/realtek/rtw89/pci.c | 2 drivers/nvme/host/multipath.c | 6 drivers/nvme/host/tcp.c | 3 drivers/phy/cadence/cdns-dphy.c | 131 ++++++++--- drivers/usb/gadget/function/f_acm.c | 42 +-- drivers/usb/gadget/function/f_ecm.c | 48 +--- drivers/usb/gadget/function/f_ncm.c | 78 ++---- drivers/usb/gadget/function/f_rndis.c | 85 ++----- drivers/usb/gadget/udc/core.c | 3 fs/btrfs/extent_io.c | 2 fs/btrfs/free-space-tree.c | 15 - fs/btrfs/ioctl.c | 2 fs/btrfs/relocation.c | 13 - fs/btrfs/zoned.c | 2 fs/dax.c | 2 fs/dcache.c | 12 - fs/ext4/ext4_jbd2.c | 11 fs/ext4/inode.c | 8 fs/f2fs/data.c | 2 fs/hfsplus/unicode.c | 24 ++ fs/jbd2/transaction.c | 13 - fs/nfsd/blocklayout.c | 33 +- fs/nfsd/blocklayoutxdr.c | 171 ++++++++------ fs/nfsd/blocklayoutxdr.h | 8 fs/nfsd/flexfilelayout.c | 8 fs/nfsd/flexfilelayoutxdr.c | 3 fs/nfsd/nfs4layouts.c | 1 fs/nfsd/nfs4proc.c | 36 +-- fs/nfsd/nfs4xdr.c | 25 -- fs/nfsd/nfsd.h | 1 fs/nfsd/pnfs.h | 1 fs/nfsd/xdr4.h | 39 +++ fs/smb/client/inode.c | 6 fs/smb/client/misc.c | 17 + fs/smb/client/smb2ops.c | 8 fs/smb/server/mgmt/user_session.c | 7 fs/smb/server/smb2pdu.c | 9 fs/smb/server/transport_ipc.c | 12 + fs/xfs/libxfs/xfs_log_format.h | 30 ++ fs/xfs/libxfs/xfs_ondisk.h | 2 fs/xfs/scrub/reap.c | 9 fs/xfs/xfs_log.c | 8 fs/xfs/xfs_log_priv.h | 4 fs/xfs/xfs_log_recover.c | 34 ++ include/linux/mm.h | 2 include/linux/pci.h | 14 + include/linux/pm_runtime.h | 4 include/linux/usb/gadget.h | 25 ++ include/net/dst.h | 32 ++ include/net/inet6_hashtables.h | 2 include/net/inet_connection_sock.h | 3 include/net/inet_hashtables.h | 2 include/net/ip.h | 11 include/net/ip_tunnels.h | 15 + include/net/route.h | 2 io_uring/rw.c | 2 kernel/events/core.c | 8 kernel/padata.c | 6 kernel/sched/fair.c | 26 +- mm/slub.c | 9 net/core/dst.c | 4 net/core/sock.c | 14 - net/ipv4/icmp.c | 24 +- net/ipv4/igmp.c | 2 net/ipv4/ip_fragment.c | 2 net/ipv4/ip_output.c | 19 + net/ipv4/ip_tunnel.c | 14 - net/ipv4/ip_vti.c | 4 net/ipv4/netfilter.c | 4 net/ipv4/route.c | 8 net/ipv4/tcp_fastopen.c | 4 net/ipv4/tcp_input.c | 3 net/ipv4/tcp_ipv4.c | 12 - net/ipv4/tcp_metrics.c | 8 net/ipv4/tcp_output.c | 19 + net/ipv4/xfrm4_output.c | 2 net/ipv6/ip6_tunnel.c | 3 net/ipv6/tcp_ipv6.c | 22 - net/mptcp/ctrl.c | 9 net/tls/tls_main.c | 7 net/tls/tls_sw.c | 31 ++ rust/bindings/bindings_helper.h | 1 sound/firewire/amdtp-stream.h | 2 sound/soc/amd/acp/acp-sdw-sof-mach.c | 2 sound/soc/codecs/idt821034.c | 12 - sound/soc/codecs/nau8821.c | 53 +++- sound/usb/card.c | 10 tools/testing/selftests/bpf/prog_tests/arg_parsing.c | 12 - 161 files changed, 1901 insertions(+), 955 deletions(-) Adrian Hunter (3): perf/core: Fix address filter match with backing files perf/core: Fix MMAP event path names with backing files perf/core: Fix MMAP2 event device with backing files Akhil P Oommen (1): drm/msm/a6xx: Fix PDC sleep sequence Al Viro (1): d_alloc_parallel(): set DCACHE_PAR_LOOKUP earlier Alex Deucher (3): drm/amdgpu: add ip offset support for cyan skillfish drm/amdgpu: add support for cyan skillfish without IP discovery drm/amdgpu: fix handling of harvesting for ip_discovery firmware Alexey Simakov (1): tg3: prevent use of uninitialized remote_adv and local_adv variables Alok Tiwari (1): drm/rockchip: vop2: use correct destination rectangle height check Amit Chaudhary (1): nvme-multipath: Skip nr_active increments in RETRY disposition Andrii Nakryiko (1): selftests/bpf: make arg_parsing.c more robust to crashes Babu Moger (2): x86/resctrl: Refactor resctrl_arch_rmid_read() x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Bence Csókás (1): PM: runtime: Add new devm functions Benjamin Tissoires (1): HID: multitouch: fix sticky fingers Boris Burkov (1): btrfs: fix incorrect readahead expansion length Breno Leitao (1): netdevsim: set the carrier when the device goes up Celeste Liu (2): can: gs_usb: gs_make_candev(): populate net_device->dev_port can: gs_usb: increase max interface to U8_MAX Christoph Hellwig (2): xfs: rename the old_crc variable in xlog_recover_process xfs: fix log CRC mismatches between i386 and other architectures Christophe Leroy (1): ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec Chuck Lever (1): NFSD: Define a proc_layoutcommit for the FlexFiles layout type Conor Dooley (1): rust: cfi: only 64-bit arm and x86 support CFI_CLANG Cristian Ciocaltea (3): ASoC: nau8821: Cancel jdet_work before handling jack ejection ASoC: nau8821: Generalize helper to clear IRQ status ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit Darrick J. Wong (1): xfs: use deferred intent items for reaping crosslinked blocks Deepanshu Kartikey (1): ext4: detect invalid INLINE_DATA + EXTENTS flag combination Devarsh Thakkar (2): phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling phy: cadence: cdns-dphy: Update calibration wait time for startup state machine Dmitry Safonov (1): net/ip6_tunnel: Prevent perpetual tunnel growth Dmitry Torokhov (1): HID: hid-input: only ignore 0 battery events for digitizers Eric Dumazet (5): tcp: fix tcp_tso_should_defer() vs large RTT tcp: convert to dev_net_rcu() tcp: cache RTAX_QUICKACK metric in a hot cache line net: dst: add four helpers to annotate data-races around dst->dev ipv4: adopt dst_dev, skb_dst_dev and skb_dst_dev_net[_rcu] Eugene Korenevsky (1): cifs: parse_dfs_referrals: prevent oob on malformed input Fabian Vogt (1): riscv: kprobes: Fix probe address validation Fedor Pchelkin (1): wifi: rtw89: avoid possible TX wait initialization race Filipe Manana (2): btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running btrfs: do not assert we found block group item when creating free space tree Francesco Valla (1): drm/draw: fix color truncation in drm_draw_fill24 Greg Kroah-Hartman (1): Linux 6.12.55 Guenter Roeck (1): dmaengine: Add missing cleanup on module unload Gui-Dong Han (1): drm/amdgpu: use atomic functions with memory barriers for vm fault info Guoniu Zhou (1): media: nxp: imx8-isi: m2m: Fix streaming cleanup on release Hao Ge (1): slab: reset slab->obj_ext when freeing and it is OBJEXTS_ALLOC_FAIL I Viswanath (1): net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Jaegeuk Kim (1): f2fs: fix wrong block mapping for multi-devices Jakub Acs (1): mm/ksm: fix flag-dropping behavior in ksm_madvise Jan Kara (1): vfs: Don't leak disconnected dentries on umount Jedrzej Jagielski (2): ixgbevf: fix getting link speed data for E610 devices ixgbevf: fix mailbox API compatibility by negotiating supported features Jeffrey Hugo (1): accel/qaic: Fix bootlog initialization ordering Jens Axboe (1): Revert "io_uring/rw: drop -EOPNOTSUPP check in __io_complete_rw_common()" Jiaming Zhang (1): ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card Jiri Slaby (SUSE) (1): irqdomain: cdx: Switch to of_fwnode_handle() John Garry (3): md/raid0: Handle bio_split() errors md/raid1: Handle bio_split() errors md/raid10: Handle bio_split() errors Jonathan Kim (1): drm/amdgpu: fix gfx12 mes packet status return check Kaustabh Chakraborty (3): drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions drm/exynos: exynos7_drm_decon: properly clear channels during bind drm/exynos: exynos7_drm_decon: remove ctx->suspended Ketil Johnsen (1): drm/panthor: Ensure MCU is disabled on suspend Kuen-Han Tsai (6): usb: gadget: Store endpoint pointer in usb_request usb: gadget: Introduce free_usb_request helper usb: gadget: f_ncm: Refactor bind path to use __free() usb: gadget: f_acm: Refactor bind path to use __free() usb: gadget: f_ecm: Refactor bind path to use __free() usb: gadget: f_rndis: Refactor bind path to use __free() Kuniyuki Iwashima (2): mptcp: Call dst_release() in mptcp_active_enable(). mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable(). Laurent Pinchart (1): media: nxp: imx8-isi: Drop unused argument to mxc_isi_channel_chain() Li Qiang (1): ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails Linmao Li (1): r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Marc Kleine-Budde (4): can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() can: m_can: m_can_handle_state_errors(): fix CAN state transition to Error Active can: m_can: m_can_chip_config(): bring up interface in correct state can: m_can: fix CAN state in system PM Marek Vasut (1): drm/bridge: lt9211: Drop check for last nibble of version register Mario Limonciello (1): drm/amd: Check whether secure display TA loaded successfully Marios Makassikis (1): ksmbd: fix recursive locking in RPC handle list access Mark Rutland (2): arm64: cputype: Add Neoverse-V3AE definitions arm64: errata: Apply workarounds for Neoverse-V3AE Matthieu Baerts (NGI0) (1): mptcp: reset blackhole on success with non-loopback ifaces Miaoqian Lin (1): cdx: Fix device node reference leak in cdx_msi_domain_init Miquel Sabaté Solà (2): btrfs: fix memory leak on duplicated memory in the qgroup assign ioctl btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST Nicolas Dichtel (1): doc: fix seg6_flowlabel path Oleksij Rempel (1): net: usb: lan78xx: Add error handling to lan78xx_init_mac_address Piotr Kwapulinski (2): PCI: Add PCI_VDEVICE_SUB helper macro ixgbevf: Add support for Intel(R) E610 device Pranjal Ramajor Asha Kanojiya (1): accel/qaic: Synchronize access to DBC request queue head & tail pointer Rafael J. Wysocki (1): cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay Raju Rangoju (1): amd-xgbe: Avoid spurious link down messages during interface toggle Randy Dunlap (1): ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Sabrina Dubroca (5): tls: trim encrypted message to match the plaintext on short splice tls: wait for async encrypt in case of error during latter iterations of sendmsg tls: always set record_type in tls_process_cmsg tls: wait for pending async decryptions if tls_strp_msg_hold fails tls: don't rely on tx_work during send() Sean Nyekjaer (4): can: m_can: add deinit callback can: m_can: call deinit/init callback when going into suspend/resume iio: imu: inv_icm42600: Simplify pm_runtime setup iio: imu: inv_icm42600: Avoid configuring if already pm_runtime suspended Sergey Bashirov (6): nfsd: Use correct error code when decoding extents nfsd: Drop dprintk in blocklayout xdr functions NFSD: Rework encoding and decoding of nfsd4_deviceid NFSD: Minor cleanup in layoutcommit processing NFSD: Implement large extent array support in pNFS NFSD: Fix last write offset handling in layoutcommit Sharath Chandra Vurukala (1): net: Add locking to protect skb->dev access in ip_output Shuhao Fu (1): smb: client: Fix refcount leak for cifs_sb_tlink Shuicheng Lin (1): drm/xe/guc: Check GuC running state before deregistering exec queue Thadeu Lima de Souza Cascardo (1): HID: multitouch: fix name of Stylus input devices Timur Kristóf (1): drm/amd/powerplay: Fix CIK shutdown temperature Tomi Valkeinen (1): phy: cdns-dphy: Store hs_clk_rate and return it Tvrtko Ursulin (1): drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies Viacheslav Dubeyko (1): hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Vincent Guittot (1): sched/fair: Fix pelt lost idle time detection Wilfred Mallawa (1): nvme/tcp: handle tls partially sent records in write_space() Xiao Liang (1): padata: Reset next CPU when reorder sequence wraps around Xing Guo (1): selftests: arg_parsing: Ensure data is flushed to disk before reading. Yeounsu Moon (1): net: dlink: handle dma_map_single() failure properly Yi Cong (1): r8152: add error handling in rtl8152_driver_init Youssef Samir (1): accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Yu Kuai (1): md: fix mssing blktrace bio split events Yuezhang Mo (1): dax: skip read lock assertion for read-only filesystems Zhang Yi (2): jbd2: ensure that all ongoing I/O complete before freeing blocks ext4: wait for ongoing I/O to complete before freeing blocks Zhanjun Dong (1): drm/i915/guc: Skip communication warning on reset in progress

1 month

1
1
0 0

Linux 6.6.114

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.114 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/arch/arm64/silicon-errata.rst | 2 Documentation/networking/seg6-sysctl.rst | 3 Makefile | 2 arch/arm64/Kconfig | 1 arch/arm64/include/asm/cputype.h | 2 arch/arm64/kernel/cpu_errata.c | 1 arch/riscv/kernel/probes/kprobes.c | 13 - block/bdev.c | 17 + block/blk-zoned.c | 5 block/fops.c | 16 + block/ioctl.c | 6 drivers/accel/qaic/qaic_control.c | 2 drivers/base/power/runtime.c | 44 +++ drivers/bluetooth/btusb.c | 2 drivers/cpufreq/cppc_cpufreq.c | 14 + drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 2 drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 drivers/gpu/drm/bridge/lontium-lt9211.c | 3 drivers/gpu/drm/exynos/exynos7_drm_decon.c | 98 ++------ drivers/gpu/drm/i915/gt/uc/intel_guc_ct.c | 9 drivers/gpu/drm/msm/adreno/a6xx_gmu.c | 38 +-- drivers/gpu/drm/msm/adreno/a6xx_gmu.h | 6 drivers/gpu/drm/msm/adreno/a6xx_gpu.c | 10 drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 2 drivers/gpu/drm/scheduler/sched_main.c | 13 - drivers/hid/hid-input.c | 5 drivers/hid/hid-multitouch.c | 28 +- drivers/iio/imu/inv_icm42600/inv_icm42600.h | 8 drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 35 +- drivers/media/platform/nxp/imx8-isi/imx8-isi-core.h | 2 drivers/media/platform/nxp/imx8-isi/imx8-isi-hw.c | 2 drivers/media/platform/nxp/imx8-isi/imx8-isi-m2m.c | 225 +++++++------------ drivers/media/platform/nxp/imx8-isi/imx8-isi-pipe.c | 2 drivers/net/can/m_can/m_can_platform.c | 2 drivers/net/can/usb/gs_usb.c | 23 - drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 drivers/net/ethernet/broadcom/tg3.c | 5 drivers/net/ethernet/dlink/dl2k.c | 23 + drivers/net/ethernet/intel/ixgbevf/defines.h | 6 drivers/net/ethernet/intel/ixgbevf/ipsec.c | 10 drivers/net/ethernet/intel/ixgbevf/ixgbevf.h | 13 + drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 46 +++ drivers/net/ethernet/intel/ixgbevf/mbx.h | 8 drivers/net/ethernet/intel/ixgbevf/vf.c | 194 +++++++++++++--- drivers/net/ethernet/intel/ixgbevf/vf.h | 5 drivers/net/ethernet/realtek/r8169_main.c | 5 drivers/net/usb/lan78xx.c | 38 ++- drivers/net/usb/r8152.c | 7 drivers/nvme/host/multipath.c | 6 drivers/pci/controller/cadence/pci-j721e.c | 64 +++++ drivers/pci/controller/dwc/pcie-tegra194.c | 10 drivers/pci/pci-sysfs.c | 10 drivers/phy/cadence/cdns-dphy.c | 131 ++++++++--- drivers/usb/gadget/function/f_acm.c | 42 +-- drivers/usb/gadget/function/f_ecm.c | 48 +--- drivers/usb/gadget/function/f_ncm.c | 78 ++---- drivers/usb/gadget/function/f_rndis.c | 85 ++----- drivers/usb/gadget/udc/core.c | 3 fs/btrfs/extent_io.c | 2 fs/btrfs/free-space-tree.c | 15 - fs/btrfs/relocation.c | 13 - fs/dax.c | 2 fs/dcache.c | 2 fs/eventpoll.c | 145 ++---------- fs/ext4/ext4_jbd2.c | 11 fs/ext4/inode.c | 8 fs/ext4/super.c | 17 - fs/f2fs/data.c | 2 fs/hfsplus/unicode.c | 24 ++ fs/jbd2/transaction.c | 13 - fs/nfsd/blocklayout.c | 5 fs/nfsd/blocklayoutxdr.c | 7 fs/nfsd/export.c | 60 ++++- fs/nfsd/export.h | 2 fs/nfsd/flexfilelayout.c | 8 fs/nfsd/flexfilelayoutxdr.c | 3 fs/nfsd/nfs4layouts.c | 1 fs/nfsd/nfs4proc.c | 34 +- fs/nfsd/nfs4xdr.c | 14 - fs/nfsd/nfsfh.c | 12 - fs/nfsd/xdr4.h | 36 ++- fs/nilfs2/the_nilfs.c | 3 fs/ocfs2/super.c | 6 fs/quota/dquot.c | 13 - fs/quota/quota_v1.c | 3 fs/quota/quota_v2.c | 9 fs/smb/client/inode.c | 6 fs/smb/client/misc.c | 17 + fs/smb/client/smb2ops.c | 8 fs/smb/server/ksmbd_netlink.h | 3 fs/smb/server/server.h | 1 fs/smb/server/smb2pdu.c | 4 fs/smb/server/transport_ipc.c | 1 fs/smb/server/transport_tcp.c | 69 ++--- fs/smb/server/transport_tcp.h | 1 fs/xfs/libxfs/xfs_log_format.h | 30 ++ fs/xfs/scrub/reap.c | 19 + fs/xfs/xfs_log.c | 8 fs/xfs/xfs_log_priv.h | 4 fs/xfs/xfs_log_recover.c | 34 ++ fs/xfs/xfs_ondisk.h | 2 include/linux/cpufreq.h | 3 include/linux/mm.h | 2 include/linux/pci.h | 14 + include/linux/pm_runtime.h | 4 include/linux/quota.h | 2 include/linux/usb/gadget.h | 25 ++ include/net/ip_tunnels.h | 15 + kernel/padata.c | 6 kernel/sched/fair.c | 38 +-- mm/shmem.c | 7 net/ipv4/ip_tunnel.c | 14 - net/ipv4/tcp_output.c | 19 + net/ipv6/ip6_tunnel.c | 3 net/tls/tls_main.c | 7 net/tls/tls_sw.c | 33 ++ rust/bindings/bindings_helper.h | 2 rust/bindings/lib.rs | 1 sound/firewire/amdtp-stream.h | 2 sound/soc/codecs/idt821034.c | 12 - sound/soc/codecs/nau8821.c | 53 +++- sound/usb/card.c | 10 tools/testing/selftests/bpf/prog_tests/arg_parsing.c | 12 - 127 files changed, 1542 insertions(+), 923 deletions(-) Akhil P Oommen (1): drm/msm/a6xx: Fix PDC sleep sequence Alexey Simakov (1): tg3: prevent use of uninitialized remote_adv and local_adv variables Alok Tiwari (1): drm/rockchip: vop2: use correct destination rectangle height check Amit Chaudhary (1): nvme-multipath: Skip nr_active increments in RETRY disposition Andrii Nakryiko (1): selftests/bpf: make arg_parsing.c more robust to crashes Bence Csókás (1): PM: runtime: Add new devm functions Benjamin Tissoires (1): HID: multitouch: fix sticky fingers Boris Burkov (1): btrfs: fix incorrect readahead expansion length Brian Norris (1): PCI/sysfs: Ensure devices are powered for config reads (part 2) Celeste Liu (2): can: gs_usb: gs_make_candev(): populate net_device->dev_port can: gs_usb: increase max interface to U8_MAX Christoph Hellwig (2): xfs: rename the old_crc variable in xlog_recover_process xfs: fix log CRC mismatches between i386 and other architectures Christophe Leroy (1): ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec Chuck Lever (1): NFSD: Define a proc_layoutcommit for the FlexFiles layout type Cristian Ciocaltea (3): ASoC: nau8821: Cancel jdet_work before handling jack ejection ASoC: nau8821: Generalize helper to clear IRQ status ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit Darrick J. Wong (2): block: fix race between set_blocksize and read paths xfs: use deferred intent items for reaping crosslinked blocks Deepanshu Kartikey (1): ext4: detect invalid INLINE_DATA + EXTENTS flag combination Devarsh Thakkar (2): phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling phy: cadence: cdns-dphy: Update calibration wait time for startup state machine Dmitry Safonov (1): net/ip6_tunnel: Prevent perpetual tunnel growth Dmitry Torokhov (1): HID: hid-input: only ignore 0 battery events for digitizers Eric Dumazet (1): tcp: fix tcp_tso_should_defer() vs large RTT Eugene Korenevsky (1): cifs: parse_dfs_referrals: prevent oob on malformed input Fabian Vogt (1): riscv: kprobes: Fix probe address validation Filipe Manana (2): btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running btrfs: do not assert we found block group item when creating free space tree Greg Kroah-Hartman (1): Linux 6.6.114 Gui-Dong Han (1): drm/amdgpu: use atomic functions with memory barriers for vm fault info Guoniu Zhou (1): media: nxp: imx8-isi: m2m: Fix streaming cleanup on release Huang Xiaojia (1): epoll: Remove ep_scan_ready_list() in comments I Viswanath (1): net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Ingo Molnar (1): sched/balancing: Rename newidle_balance() => sched_balance_newidle() Jaegeuk Kim (1): f2fs: fix wrong block mapping for multi-devices Jakub Acs (1): mm/ksm: fix flag-dropping behavior in ksm_madvise Jan Kara (1): vfs: Don't leak disconnected dentries on umount Jean-Baptiste Maneyrol (1): iio: imu: inv_icm42600: reorganize DMA aligned buffers in structure Jedrzej Jagielski (2): ixgbevf: fix getting link speed data for E610 devices ixgbevf: fix mailbox API compatibility by negotiating supported features Jiaming Zhang (1): ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card Kaustabh Chakraborty (3): drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions drm/exynos: exynos7_drm_decon: properly clear channels during bind drm/exynos: exynos7_drm_decon: remove ctx->suspended Kemeng Shi (1): quota: remove unneeded return value of register_quota_format Konrad Dybcio (1): drm/msm/adreno: De-spaghettify the use of memory barriers Kuen-Han Tsai (6): usb: gadget: Store endpoint pointer in usb_request usb: gadget: Introduce free_usb_request helper usb: gadget: f_ecm: Refactor bind path to use __free() usb: gadget: f_acm: Refactor bind path to use __free() usb: gadget: f_ncm: Refactor bind path to use __free() usb: gadget: f_rndis: Refactor bind path to use __free() Laurent Pinchart (1): media: nxp: imx8-isi: Drop unused argument to mxc_isi_channel_chain() Linmao Li (1): r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Marc Kleine-Budde (1): can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() Marek Vasut (1): drm/bridge: lt9211: Drop check for last nibble of version register Mario Limonciello (1): drm/amd: Check whether secure display TA loaded successfully Mark Rutland (2): arm64: cputype: Add Neoverse-V3AE definitions arm64: errata: Apply workarounds for Neoverse-V3AE Nam Cao (1): eventpoll: Replace rwlock with spinlock Namjae Jeon (1): ksmbd: browse interfaces list on FSCTL_QUERY_INTERFACE_INFO IOCTL Nicolas Dichtel (1): doc: fix seg6_flowlabel path Niklas Cassel (1): PCI: tegra194: Reset BARs when running in PCIe endpoint mode Oleksij Rempel (1): net: usb: lan78xx: Add error handling to lan78xx_init_mac_address Piotr Kwapulinski (2): PCI: Add PCI_VDEVICE_SUB helper macro ixgbevf: Add support for Intel(R) E610 device Rafael J. Wysocki (1): cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay Raju Rangoju (1): amd-xgbe: Avoid spurious link down messages during interface toggle Randy Dunlap (1): ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Ryusuke Konishi (1): nilfs2: fix deadlock warnings caused by lock dependency in init_nilfs() Sabrina Dubroca (5): tls: trim encrypted message to match the plaintext on short splice tls: wait for async encrypt in case of error during latter iterations of sendmsg tls: always set record_type in tls_process_cmsg tls: wait for pending async decryptions if tls_strp_msg_hold fails tls: don't rely on tx_work during send() Sascha Hauer (1): net: tls: wait for async completion on last message Scott Mayhew (1): nfsd: decouple the xprtsec policy check from check_nfsd_access() Sean Nyekjaer (2): iio: imu: inv_icm42600: Simplify pm_runtime setup iio: imu: inv_icm42600: Avoid configuring if already pm_runtime suspended Sergey Bashirov (3): NFSD: Rework encoding and decoding of nfsd4_deviceid NFSD: Minor cleanup in layoutcommit processing NFSD: Fix last write offset handling in layoutcommit Shashank A P (1): fs: quota: create dedicated workqueue for quota_release_work Shuhao Fu (1): smb: client: Fix refcount leak for cifs_sb_tlink Siddharth Vadapalli (2): PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists PCI: j721e: Fix programming sequence of "strap" settings Thadeu Lima de Souza Cascardo (1): HID: multitouch: fix name of Stylus input devices Theodore Ts'o (1): ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() Timur Kristóf (1): drm/amd/powerplay: Fix CIK shutdown temperature Tomi Valkeinen (1): phy: cdns-dphy: Store hs_clk_rate and return it Tvrtko Ursulin (1): drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies Viacheslav Dubeyko (1): hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Vincent Guittot (1): sched/fair: Fix pelt lost idle time detection Xiao Liang (1): padata: Reset next CPU when reorder sequence wraps around Xing Guo (1): selftests: arg_parsing: Ensure data is flushed to disk before reading. Yeounsu Moon (1): net: dlink: handle dma_map_single() failure properly Yi Cong (1): r8152: add error handling in rtl8152_driver_init Youssef Samir (1): accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Yuezhang Mo (1): dax: skip read lock assertion for read-only filesystems Zenm Chen (1): Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 Zhang Yi (2): jbd2: ensure that all ongoing I/O complete before freeing blocks ext4: wait for ongoing I/O to complete before freeing blocks Zhanjun Dong (1): drm/i915/guc: Skip communication warning on reset in progress

1 month

1
1
0 0

[PATCH net V2] virtio-net: zero unused hash fields

by Jason Wang

When GSO tunnel is negotiated virtio_net_hdr_tnl_from_skb() tries to initialize the tunnel metadata but forget to zero unused rxhash fields. This may leak information to another side. Fixing this by zeroing the unused hash fields. Acked-by: Michael S. Tsirkin <mst(a)redhat.com> Fixes: a2fb4bc4e2a6a ("net: implement virtio helpers to handle UDP GSO tunneling") Cc: <stable(a)vger.kernel.org> Signed-off-by: Jason Wang <jasowang(a)redhat.com> --- include/linux/virtio_net.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/linux/virtio_net.h b/include/linux/virtio_net.h index 20e0584db1dd..4d1780848d0e 100644 --- a/include/linux/virtio_net.h +++ b/include/linux/virtio_net.h @@ -401,6 +401,10 @@ virtio_net_hdr_tnl_from_skb(const struct sk_buff *skb, if (!tnl_hdr_negotiated) return -EINVAL; + vhdr->hash_hdr.hash_value = 0; + vhdr->hash_hdr.hash_report = 0; + vhdr->hash_hdr.padding = 0; + /* Let the basic parsing deal with plain GSO features. */ skb_shinfo(skb)->gso_type &= ~tnl_gso_type; ret = virtio_net_hdr_from_skb(skb, hdr, true, false, vlan_hlen); -- 2.42.0

1 month

3
2
0 0

[PATCH v4] media: videobuf2: forbid remove_bufs when legacy fileio is active

by Marek Szyprowski

vb2_ioctl_remove_bufs() call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when fileio is active to protect internal queue state between subsequent read/write calls. CC: stable(a)vger.kernel.org Fixes: a3293a85381e ("media: v4l2: Add REMOVE_BUFS ioctl") Reported-by: Shuangpeng Bai <SJB7183(a)psu.edu> Signed-off-by: Marek Szyprowski <m.szyprowski(a)samsung.com> --- v4: - got back to simple vb2_fileio_is_active() check as in v1, as relying on vb2_verify_memory_type() misses some corner cases important to v4l2 compliance v3: https://lore.kernel.org/all/20251023113052.1303082-1-m.szyprowski@samsung.c… - moved vb2_verify_memory_type() check after (d->count == 0) check to pass v4l2 compliance v2: https://lore.kernel.org/all/20251020160121.1985354-1-m.szyprowski@samsung.c… - dropped a change to vb2_ioctl_create_bufs(), as it is already handled by the vb2_verify_memory_type() call - replaced queue->type check in vb2_ioctl_remove_bufs() by a call to vb2_verify_memory_type() which covers all cases v1: https://lore.kernel.org/all/20251016111154.993949-1-m.szyprowski@samsung.co… --- drivers/media/common/videobuf2/videobuf2-v4l2.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/media/common/videobuf2/videobuf2-v4l2.c b/drivers/media/common/videobuf2/videobuf2-v4l2.c index d911021c1bb0..83862d57b126 100644 --- a/drivers/media/common/videobuf2/videobuf2-v4l2.c +++ b/drivers/media/common/videobuf2/videobuf2-v4l2.c @@ -1010,6 +1010,11 @@ int vb2_ioctl_remove_bufs(struct file *file, void *priv, if (vb2_queue_is_busy(vdev->queue, file)) return -EBUSY; + if (vb2_fileio_is_active(vdev->queue)) { + dprintk(vdev->queue, 1, "file io in progress\n"); + return -EBUSY; + } + return vb2_core_remove_bufs(vdev->queue, d->index, d->count); } EXPORT_SYMBOL_GPL(vb2_ioctl_remove_bufs); -- 2.34.1

1 month

1
0
0 0

[PATCH net] vsock: fix lock inversion in vsock_assign_transport()

by Stefano Garzarella

From: Stefano Garzarella <sgarzare(a)redhat.com> Syzbot reported a potential lock inversion deadlock between vsock_register_mutex and sk_lock-AF_VSOCK when vsock_linger() is called. The issue was introduced by commit 687aa0c5581b ("vsock: Fix transport_* TOCTOU") which added vsock_register_mutex locking in vsock_assign_transport() around the transport->release() call, that can call vsock_linger(). vsock_assign_transport() can be called with sk_lock held. vsock_linger() calls sk_wait_event() that temporarily releases and re-acquires sk_lock. During this window, if another thread hold vsock_register_mutex while trying to acquire sk_lock, a circular dependency is created. Fix this by releasing vsock_register_mutex before calling transport->release() and vsock_deassign_transport(). This is safe because we don't need to hold vsock_register_mutex while releasing the old transport, and we ensure the new transport won't disappear by obtaining a module reference first via try_module_get(). Reported-by: syzbot+10e35716f8e4929681fa(a)syzkaller.appspotmail.com Tested-by: syzbot+10e35716f8e4929681fa(a)syzkaller.appspotmail.com Fixes: 687aa0c5581b ("vsock: Fix transport_* TOCTOU") Cc: mhal(a)rbox.co Cc: stable(a)vger.kernel.org Signed-off-by: Stefano Garzarella <sgarzare(a)redhat.com> --- net/vmw_vsock/af_vsock.c | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c index 4c2db6cca557..76763247a377 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -487,12 +487,26 @@ int vsock_assign_transport(struct vsock_sock *vsk, struct vsock_sock *psk) goto err; } - if (vsk->transport) { - if (vsk->transport == new_transport) { - ret = 0; - goto err; - } + if (vsk->transport && vsk->transport == new_transport) { + ret = 0; + goto err; + } + /* We increase the module refcnt to prevent the transport unloading + * while there are open sockets assigned to it. + */ + if (!new_transport || !try_module_get(new_transport->module)) { + ret = -ENODEV; + goto err; + } + + /* It's safe to release the mutex after a successful try_module_get(). + * Whichever transport `new_transport` points at, it won't go away until + * the last module_put() below or in vsock_deassign_transport(). + */ + mutex_unlock(&vsock_register_mutex); + + if (vsk->transport) { /* transport->release() must be called with sock lock acquired. * This path can only be taken during vsock_connect(), where we * have already held the sock lock. In the other cases, this @@ -512,20 +526,6 @@ int vsock_assign_transport(struct vsock_sock *vsk, struct vsock_sock *psk) vsk->peer_shutdown = 0; } - /* We increase the module refcnt to prevent the transport unloading - * while there are open sockets assigned to it. - */ - if (!new_transport || !try_module_get(new_transport->module)) { - ret = -ENODEV; - goto err; - } - - /* It's safe to release the mutex after a successful try_module_get(). - * Whichever transport `new_transport` points at, it won't go away until - * the last module_put() below or in vsock_deassign_transport(). - */ - mutex_unlock(&vsock_register_mutex); - if (sk->sk_type == SOCK_SEQPACKET) { if (!new_transport->seqpacket_allow || !new_transport->seqpacket_allow(remote_cid)) { -- 2.51.0

1 month

2
1
0 0

[PATCH 6.1.y] wifi: iwlwifi: fix debug actions order

by Vasiliy Kovalev

From: Johannes Berg <johannes.berg(a)intel.com> commit eb29b4ffafb20281624dcd2cbb768d6f30edf600 upstream. The order of actions taken for debug was implemented incorrectly. Now we implemented the dump split and do the FW reset only in the middle of the dump (rather than the FW killing itself on error.) As a result, some of the actions taken when applying the config will now crash the device, so we need to fix the order. Fixes: 1a5daead217c ("iwlwifi: yoyo: support for ROM usniffer") Fixes: f21baf244112 ("iwlwifi: yoyo: fw debug config from context info and preset") Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Miri Korenblit <miriam.rachel.korenblit(a)intel.com> Link: https://patch.msgid.link/20250308231427.6de7fa8e63ed.I40632c48e2a67a8aca05d… Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> [ kovalev: bp to fix CVE-2025-38045; added Fixes tags ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c b/drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c index ab80c79e35bc..d6d9f60839db 100644 --- a/drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c +++ b/drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c @@ -1,6 +1,6 @@ // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause /* - * Copyright (C) 2018-2022 Intel Corporation + * Copyright (C) 2018-2025 Intel Corporation */ #include <linux/firmware.h> #include "iwl-drv.h" @@ -1363,15 +1363,15 @@ void _iwl_dbg_tlv_time_point(struct iwl_fw_runtime *fwrt, switch (tp_id) { case IWL_FW_INI_TIME_POINT_EARLY: iwl_dbg_tlv_init_cfg(fwrt); - iwl_dbg_tlv_apply_config(fwrt, conf_list); iwl_dbg_tlv_update_drams(fwrt); iwl_dbg_tlv_tp_trigger(fwrt, sync, trig_list, tp_data, NULL); + iwl_dbg_tlv_apply_config(fwrt, conf_list); break; case IWL_FW_INI_TIME_POINT_AFTER_ALIVE: iwl_dbg_tlv_apply_buffers(fwrt); iwl_dbg_tlv_send_hcmds(fwrt, hcmd_list); - iwl_dbg_tlv_apply_config(fwrt, conf_list); iwl_dbg_tlv_tp_trigger(fwrt, sync, trig_list, tp_data, NULL); + iwl_dbg_tlv_apply_config(fwrt, conf_list); break; case IWL_FW_INI_TIME_POINT_PERIODIC: iwl_dbg_tlv_set_periodic_trigs(fwrt); @@ -1381,14 +1381,14 @@ void _iwl_dbg_tlv_time_point(struct iwl_fw_runtime *fwrt, case IWL_FW_INI_TIME_POINT_MISSED_BEACONS: case IWL_FW_INI_TIME_POINT_FW_DHC_NOTIFICATION: iwl_dbg_tlv_send_hcmds(fwrt, hcmd_list); - iwl_dbg_tlv_apply_config(fwrt, conf_list); iwl_dbg_tlv_tp_trigger(fwrt, sync, trig_list, tp_data, iwl_dbg_tlv_check_fw_pkt); + iwl_dbg_tlv_apply_config(fwrt, conf_list); break; default: iwl_dbg_tlv_send_hcmds(fwrt, hcmd_list); - iwl_dbg_tlv_apply_config(fwrt, conf_list); iwl_dbg_tlv_tp_trigger(fwrt, sync, trig_list, tp_data, NULL); + iwl_dbg_tlv_apply_config(fwrt, conf_list); break; } } -- 2.50.1

1 month

1
0
0 0

[PATCH 1/2] dt-bindings: pinctrl: toshiba,visconti: Fix number of items in groups

by Krzysztof Kozlowski

The "groups" property can hold multiple entries (e.g. toshiba/tmpv7708-rm-mbrc.dts file), so allow that by dropping incorrect type (pinmux-node.yaml schema already defines that as string-array) and adding constraints for items. This fixes dtbs_check warnings like: toshiba/tmpv7708-rm-mbrc.dtb: pinctrl@24190000 (toshiba,tmpv7708-pinctrl): pwm-pins:groups: ['pwm0_gpio16_grp', 'pwm1_gpio17_grp', 'pwm2_gpio18_grp', 'pwm3_gpio19_grp'] is too long Fixes: 1825c1fe0057 ("pinctrl: Add DT bindings for Toshiba Visconti TMPV7700 SoC") Cc: <stable(a)vger.kernel.org> Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> --- .../pinctrl/toshiba,visconti-pinctrl.yaml | 26 ++++++++++--------- 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/Documentation/devicetree/bindings/pinctrl/toshiba,visconti-pinctrl.yaml b/Documentation/devicetree/bindings/pinctrl/toshiba,visconti-pinctrl.yaml index 19d47fd414bc..ce04d2eadec9 100644 --- a/Documentation/devicetree/bindings/pinctrl/toshiba,visconti-pinctrl.yaml +++ b/Documentation/devicetree/bindings/pinctrl/toshiba,visconti-pinctrl.yaml @@ -50,18 +50,20 @@ patternProperties: groups: description: Name of the pin group to use for the functions. - $ref: /schemas/types.yaml#/definitions/string - enum: [i2c0_grp, i2c1_grp, i2c2_grp, i2c3_grp, i2c4_grp, - i2c5_grp, i2c6_grp, i2c7_grp, i2c8_grp, - spi0_grp, spi0_cs0_grp, spi0_cs1_grp, spi0_cs2_grp, - spi1_grp, spi2_grp, spi3_grp, spi4_grp, spi5_grp, spi6_grp, - uart0_grp, uart1_grp, uart2_grp, uart3_grp, - pwm0_gpio4_grp, pwm0_gpio8_grp, pwm0_gpio12_grp, - pwm0_gpio16_grp, pwm1_gpio5_grp, pwm1_gpio9_grp, - pwm1_gpio13_grp, pwm1_gpio17_grp, pwm2_gpio6_grp, - pwm2_gpio10_grp, pwm2_gpio14_grp, pwm2_gpio18_grp, - pwm3_gpio7_grp, pwm3_gpio11_grp, pwm3_gpio15_grp, - pwm3_gpio19_grp, pcmif_out_grp, pcmif_in_grp] + items: + enum: [i2c0_grp, i2c1_grp, i2c2_grp, i2c3_grp, i2c4_grp, + i2c5_grp, i2c6_grp, i2c7_grp, i2c8_grp, + spi0_grp, spi0_cs0_grp, spi0_cs1_grp, spi0_cs2_grp, + spi1_grp, spi2_grp, spi3_grp, spi4_grp, spi5_grp, spi6_grp, + uart0_grp, uart1_grp, uart2_grp, uart3_grp, + pwm0_gpio4_grp, pwm0_gpio8_grp, pwm0_gpio12_grp, + pwm0_gpio16_grp, pwm1_gpio5_grp, pwm1_gpio9_grp, + pwm1_gpio13_grp, pwm1_gpio17_grp, pwm2_gpio6_grp, + pwm2_gpio10_grp, pwm2_gpio14_grp, pwm2_gpio18_grp, + pwm3_gpio7_grp, pwm3_gpio11_grp, pwm3_gpio15_grp, + pwm3_gpio19_grp, pcmif_out_grp, pcmif_in_grp] + minItems: 1 + maxItems: 8 drive-strength: enum: [2, 4, 6, 8, 16, 24, 32] -- 2.48.1

1 month

3
2
0 0

[PATCH] leds: leds-lp50xx: allow LED 0 to be added to module bank

by Christian Hitz

From: Christian Hitz <christian.hitz(a)bbv.ch> led_banks contains LED module number(s) that should be grouped into the module bank. led_banks is 0-initialized. By checking the led_banks entries for 0, un-set entries are detected. But a 0-entry also indicates that LED module 0 should be grouped into the module bank. By only iterating over the available entries no check for unused entries is required and LED module 0 can be added to bank. Signed-off-by: Christian Hitz <christian.hitz(a)bbv.ch> Cc: stable(a)vger.kernel.org --- drivers/leds/leds-lp50xx.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/drivers/leds/leds-lp50xx.c b/drivers/leds/leds-lp50xx.c index 94f8ef6b482c..d50c7f3e8f99 100644 --- a/drivers/leds/leds-lp50xx.c +++ b/drivers/leds/leds-lp50xx.c @@ -341,17 +341,15 @@ static int lp50xx_brightness_set(struct led_classdev *cdev, return ret; } -static int lp50xx_set_banks(struct lp50xx *priv, u32 led_banks[]) +static int lp50xx_set_banks(struct lp50xx *priv, u32 led_banks[], int num_leds) { u8 led_config_lo, led_config_hi; u32 bank_enable_mask = 0; int ret; int i; - for (i = 0; i < priv->chip_info->max_modules; i++) { - if (led_banks[i]) - bank_enable_mask |= (1 << led_banks[i]); - } + for (i = 0; i < num_leds; i++) + bank_enable_mask |= (1 << led_banks[i]); led_config_lo = bank_enable_mask; led_config_hi = bank_enable_mask >> 8; @@ -405,7 +403,7 @@ static int lp50xx_probe_leds(struct fwnode_handle *child, struct lp50xx *priv, return ret; } - ret = lp50xx_set_banks(priv, led_banks); + ret = lp50xx_set_banks(priv, led_banks, num_leds); if (ret) { dev_err(priv->dev, "Cannot setup banked LEDs\n"); return ret; -- 2.51.0

1 month

3
4
0 0

FAILED: patch "[PATCH] s390/cio: Update purge function to unregister the unused" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 9daa5a8795865f9a3c93d8d1066785b07ded6073 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101905-removal-wistful-dd49@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 9daa5a8795865f9a3c93d8d1066785b07ded6073 Mon Sep 17 00:00:00 2001 From: Vineeth Vijayan <vneethv(a)linux.ibm.com> Date: Wed, 1 Oct 2025 15:38:17 +0200 Subject: [PATCH] s390/cio: Update purge function to unregister the unused subchannels Starting with 'commit 2297791c92d0 ("s390/cio: dont unregister subchannel from child-drivers")', cio no longer unregisters subchannels when the attached device is invalid or unavailable. As an unintended side-effect, the cio_ignore purge function no longer removes subchannels for devices on the cio_ignore list if no CCW device is attached. This situation occurs when a CCW device is non-operational or unavailable To ensure the same outcome of the purge function as when the current cio_ignore list had been active during boot, update the purge function to remove I/O subchannels without working CCW devices if the associated device number is found on the cio_ignore list. Fixes: 2297791c92d0 ("s390/cio: dont unregister subchannel from child-drivers") Suggested-by: Peter Oberparleiter <oberpar(a)linux.ibm.com> Reviewed-by: Peter Oberparleiter <oberpar(a)linux.ibm.com> Signed-off-by: Vineeth Vijayan <vneethv(a)linux.ibm.com> Signed-off-by: Heiko Carstens <hca(a)linux.ibm.com> diff --git a/drivers/s390/cio/device.c b/drivers/s390/cio/device.c index fb2c07cb4d3d..4b2dae6eb376 100644 --- a/drivers/s390/cio/device.c +++ b/drivers/s390/cio/device.c @@ -1316,23 +1316,34 @@ void ccw_device_schedule_recovery(void) spin_unlock_irqrestore(&recovery_lock, flags); } -static int purge_fn(struct device *dev, void *data) +static int purge_fn(struct subchannel *sch, void *data) { - struct ccw_device *cdev = to_ccwdev(dev); - struct ccw_dev_id *id = &cdev->private->dev_id; - struct subchannel *sch = to_subchannel(cdev->dev.parent); + struct ccw_device *cdev; - spin_lock_irq(cdev->ccwlock); - if (is_blacklisted(id->ssid, id->devno) && - (cdev->private->state == DEV_STATE_OFFLINE) && - (atomic_cmpxchg(&cdev->private->onoff, 0, 1) == 0)) { - CIO_MSG_EVENT(3, "ccw: purging 0.%x.%04x\n", id->ssid, - id->devno); + spin_lock_irq(&sch->lock); + if (sch->st != SUBCHANNEL_TYPE_IO || !sch->schib.pmcw.dnv) + goto unlock; + + if (!is_blacklisted(sch->schid.ssid, sch->schib.pmcw.dev)) + goto unlock; + + cdev = sch_get_cdev(sch); + if (cdev) { + if (cdev->private->state != DEV_STATE_OFFLINE) + goto unlock; + + if (atomic_cmpxchg(&cdev->private->onoff, 0, 1) != 0) + goto unlock; ccw_device_sched_todo(cdev, CDEV_TODO_UNREG); - css_sched_sch_todo(sch, SCH_TODO_UNREG); atomic_set(&cdev->private->onoff, 0); } - spin_unlock_irq(cdev->ccwlock); + + css_sched_sch_todo(sch, SCH_TODO_UNREG); + CIO_MSG_EVENT(3, "ccw: purging 0.%x.%04x%s\n", sch->schid.ssid, + sch->schib.pmcw.dev, cdev ? "" : " (no cdev)"); + +unlock: + spin_unlock_irq(&sch->lock); /* Abort loop in case of pending signal. */ if (signal_pending(current)) return -EINTR; @@ -1348,7 +1359,7 @@ static int purge_fn(struct device *dev, void *data) int ccw_purge_blacklisted(void) { CIO_MSG_EVENT(2, "ccw: purging blacklisted devices\n"); - bus_for_each_dev(&ccw_bus_type, NULL, NULL, purge_fn); + for_each_subchannel_staged(purge_fn, NULL, NULL); return 0; }

1 month

2
1
0 0

[PATCH v3] media: videobuf2: forbid remove_bufs when legacy fileio is active

by Marek Szyprowski

vb2_ioctl_remove_bufs() call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Add a vb2_verify_memory_type() check symmetrical to vb2_ioctl_create_bufs() to forbid that ioctl when fileio is active to protect internal queue state between subsequent read/write calls. CC: stable(a)vger.kernel.org Fixes: a3293a85381e ("media: v4l2: Add REMOVE_BUFS ioctl") Reported-by: Shuangpeng Bai<SJB7183(a)psu.edu> Suggested-by: Benjamin Gaignard <benjamin.gaignard(a)collabora.com> Signed-off-by: Marek Szyprowski <m.szyprowski(a)samsung.com> --- drivers/media/common/videobuf2/videobuf2-v4l2.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/media/common/videobuf2/videobuf2-v4l2.c b/drivers/media/common/videobuf2/videobuf2-v4l2.c index d911021c1bb0..a8a5b42a42d0 100644 --- a/drivers/media/common/videobuf2/videobuf2-v4l2.c +++ b/drivers/media/common/videobuf2/videobuf2-v4l2.c @@ -1000,13 +1000,15 @@ int vb2_ioctl_remove_bufs(struct file *file, void *priv, struct v4l2_remove_buffers *d) { struct video_device *vdev = video_devdata(file); - - if (vdev->queue->type != d->type) - return -EINVAL; + int res; if (d->count == 0) return 0; + res = vb2_verify_memory_type(vdev->queue, vdev->queue->memory, d->type); + if (res) + return res; + if (vb2_queue_is_busy(vdev->queue, file)) return -EBUSY; -- 2.34.1

1 month

2
4
0 0

FAILED: patch "[PATCH] s390/cio: Update purge function to unregister the unused" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 9daa5a8795865f9a3c93d8d1066785b07ded6073 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101905-depress-banjo-bc7e@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 9daa5a8795865f9a3c93d8d1066785b07ded6073 Mon Sep 17 00:00:00 2001 From: Vineeth Vijayan <vneethv(a)linux.ibm.com> Date: Wed, 1 Oct 2025 15:38:17 +0200 Subject: [PATCH] s390/cio: Update purge function to unregister the unused subchannels Starting with 'commit 2297791c92d0 ("s390/cio: dont unregister subchannel from child-drivers")', cio no longer unregisters subchannels when the attached device is invalid or unavailable. As an unintended side-effect, the cio_ignore purge function no longer removes subchannels for devices on the cio_ignore list if no CCW device is attached. This situation occurs when a CCW device is non-operational or unavailable To ensure the same outcome of the purge function as when the current cio_ignore list had been active during boot, update the purge function to remove I/O subchannels without working CCW devices if the associated device number is found on the cio_ignore list. Fixes: 2297791c92d0 ("s390/cio: dont unregister subchannel from child-drivers") Suggested-by: Peter Oberparleiter <oberpar(a)linux.ibm.com> Reviewed-by: Peter Oberparleiter <oberpar(a)linux.ibm.com> Signed-off-by: Vineeth Vijayan <vneethv(a)linux.ibm.com> Signed-off-by: Heiko Carstens <hca(a)linux.ibm.com> diff --git a/drivers/s390/cio/device.c b/drivers/s390/cio/device.c index fb2c07cb4d3d..4b2dae6eb376 100644 --- a/drivers/s390/cio/device.c +++ b/drivers/s390/cio/device.c @@ -1316,23 +1316,34 @@ void ccw_device_schedule_recovery(void) spin_unlock_irqrestore(&recovery_lock, flags); } -static int purge_fn(struct device *dev, void *data) +static int purge_fn(struct subchannel *sch, void *data) { - struct ccw_device *cdev = to_ccwdev(dev); - struct ccw_dev_id *id = &cdev->private->dev_id; - struct subchannel *sch = to_subchannel(cdev->dev.parent); + struct ccw_device *cdev; - spin_lock_irq(cdev->ccwlock); - if (is_blacklisted(id->ssid, id->devno) && - (cdev->private->state == DEV_STATE_OFFLINE) && - (atomic_cmpxchg(&cdev->private->onoff, 0, 1) == 0)) { - CIO_MSG_EVENT(3, "ccw: purging 0.%x.%04x\n", id->ssid, - id->devno); + spin_lock_irq(&sch->lock); + if (sch->st != SUBCHANNEL_TYPE_IO || !sch->schib.pmcw.dnv) + goto unlock; + + if (!is_blacklisted(sch->schid.ssid, sch->schib.pmcw.dev)) + goto unlock; + + cdev = sch_get_cdev(sch); + if (cdev) { + if (cdev->private->state != DEV_STATE_OFFLINE) + goto unlock; + + if (atomic_cmpxchg(&cdev->private->onoff, 0, 1) != 0) + goto unlock; ccw_device_sched_todo(cdev, CDEV_TODO_UNREG); - css_sched_sch_todo(sch, SCH_TODO_UNREG); atomic_set(&cdev->private->onoff, 0); } - spin_unlock_irq(cdev->ccwlock); + + css_sched_sch_todo(sch, SCH_TODO_UNREG); + CIO_MSG_EVENT(3, "ccw: purging 0.%x.%04x%s\n", sch->schid.ssid, + sch->schib.pmcw.dev, cdev ? "" : " (no cdev)"); + +unlock: + spin_unlock_irq(&sch->lock); /* Abort loop in case of pending signal. */ if (signal_pending(current)) return -EINTR; @@ -1348,7 +1359,7 @@ static int purge_fn(struct device *dev, void *data) int ccw_purge_blacklisted(void) { CIO_MSG_EVENT(2, "ccw: purging blacklisted devices\n"); - bus_for_each_dev(&ccw_bus_type, NULL, NULL, purge_fn); + for_each_subchannel_staged(purge_fn, NULL, NULL); return 0; }

1 month

2
1
0 0

[PATCH] Bluetooth: rfcomm: fix modem control handling

by Johan Hovold

The RFCOMM driver confuses the local and remote modem control signals, which specifically means that the reported DTR and RTS state will instead reflect the remote end (i.e. DSR and CTS). This issue dates back to the original driver (and a follow-on update) merged in 2002, which resulted in a non-standard implementation of TIOCMSET that allowed controlling also the TS07.10 IC and DV signals by mapping them to the RI and DCD input flags, while TIOCMGET failed to return the actual state of DTR and RTS. Note that the bogus control of input signals in tiocmset() is just dead code as those flags will have been masked out by the tty layer since 2003. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable(a)vger.kernel.org Signed-off-by: Johan Hovold <johan(a)kernel.org> --- net/bluetooth/rfcomm/tty.c | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) diff --git a/net/bluetooth/rfcomm/tty.c b/net/bluetooth/rfcomm/tty.c index 376ce6de84be..f20f043cc9b5 100644 --- a/net/bluetooth/rfcomm/tty.c +++ b/net/bluetooth/rfcomm/tty.c @@ -643,8 +643,8 @@ static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig) tty_port_tty_hangup(&dev->port, true); dev->modem_status = - ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | - ((v24_sig & RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) | + ((v24_sig & RFCOMM_V24_RTC) ? TIOCM_DSR : 0) | + ((v24_sig & RFCOMM_V24_RTR) ? TIOCM_CTS : 0) | ((v24_sig & RFCOMM_V24_IC) ? TIOCM_RI : 0) | ((v24_sig & RFCOMM_V24_DV) ? TIOCM_CD : 0); } @@ -1055,10 +1055,13 @@ static void rfcomm_tty_hangup(struct tty_struct *tty) static int rfcomm_tty_tiocmget(struct tty_struct *tty) { struct rfcomm_dev *dev = tty->driver_data; + u8 v24_sig; BT_DBG("tty %p dev %p", tty, dev); - return dev->modem_status; + rfcomm_dlc_get_modem_status(dlc, &v24_sig); + + return (v24_sig & (TIOCM_DTR | TIOCM_RTS)) | dev->modem_status; } static int rfcomm_tty_tiocmset(struct tty_struct *tty, unsigned int set, unsigned int clear) @@ -1071,23 +1074,15 @@ static int rfcomm_tty_tiocmset(struct tty_struct *tty, unsigned int set, unsigne rfcomm_dlc_get_modem_status(dlc, &v24_sig); - if (set & TIOCM_DSR || set & TIOCM_DTR) + if (set & TIOCM_DTR) v24_sig |= RFCOMM_V24_RTC; - if (set & TIOCM_RTS || set & TIOCM_CTS) + if (set & TIOCM_RTS) v24_sig |= RFCOMM_V24_RTR; - if (set & TIOCM_RI) - v24_sig |= RFCOMM_V24_IC; - if (set & TIOCM_CD) - v24_sig |= RFCOMM_V24_DV; - if (clear & TIOCM_DSR || clear & TIOCM_DTR) + if (clear & TIOCM_DTR) v24_sig &= ~RFCOMM_V24_RTC; - if (clear & TIOCM_RTS || clear & TIOCM_CTS) + if (clear & TIOCM_RTS) v24_sig &= ~RFCOMM_V24_RTR; - if (clear & TIOCM_RI) - v24_sig &= ~RFCOMM_V24_IC; - if (clear & TIOCM_CD) - v24_sig &= ~RFCOMM_V24_DV; rfcomm_dlc_set_modem_status(dlc, v24_sig); -- 2.49.1

1 month

1
0
0 0

FAILED: patch "[PATCH] s390/cio: Update purge function to unregister the unused" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 9daa5a8795865f9a3c93d8d1066785b07ded6073 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101904-seltzer-landslide-60b6@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 9daa5a8795865f9a3c93d8d1066785b07ded6073 Mon Sep 17 00:00:00 2001 From: Vineeth Vijayan <vneethv(a)linux.ibm.com> Date: Wed, 1 Oct 2025 15:38:17 +0200 Subject: [PATCH] s390/cio: Update purge function to unregister the unused subchannels Starting with 'commit 2297791c92d0 ("s390/cio: dont unregister subchannel from child-drivers")', cio no longer unregisters subchannels when the attached device is invalid or unavailable. As an unintended side-effect, the cio_ignore purge function no longer removes subchannels for devices on the cio_ignore list if no CCW device is attached. This situation occurs when a CCW device is non-operational or unavailable To ensure the same outcome of the purge function as when the current cio_ignore list had been active during boot, update the purge function to remove I/O subchannels without working CCW devices if the associated device number is found on the cio_ignore list. Fixes: 2297791c92d0 ("s390/cio: dont unregister subchannel from child-drivers") Suggested-by: Peter Oberparleiter <oberpar(a)linux.ibm.com> Reviewed-by: Peter Oberparleiter <oberpar(a)linux.ibm.com> Signed-off-by: Vineeth Vijayan <vneethv(a)linux.ibm.com> Signed-off-by: Heiko Carstens <hca(a)linux.ibm.com> diff --git a/drivers/s390/cio/device.c b/drivers/s390/cio/device.c index fb2c07cb4d3d..4b2dae6eb376 100644 --- a/drivers/s390/cio/device.c +++ b/drivers/s390/cio/device.c @@ -1316,23 +1316,34 @@ void ccw_device_schedule_recovery(void) spin_unlock_irqrestore(&recovery_lock, flags); } -static int purge_fn(struct device *dev, void *data) +static int purge_fn(struct subchannel *sch, void *data) { - struct ccw_device *cdev = to_ccwdev(dev); - struct ccw_dev_id *id = &cdev->private->dev_id; - struct subchannel *sch = to_subchannel(cdev->dev.parent); + struct ccw_device *cdev; - spin_lock_irq(cdev->ccwlock); - if (is_blacklisted(id->ssid, id->devno) && - (cdev->private->state == DEV_STATE_OFFLINE) && - (atomic_cmpxchg(&cdev->private->onoff, 0, 1) == 0)) { - CIO_MSG_EVENT(3, "ccw: purging 0.%x.%04x\n", id->ssid, - id->devno); + spin_lock_irq(&sch->lock); + if (sch->st != SUBCHANNEL_TYPE_IO || !sch->schib.pmcw.dnv) + goto unlock; + + if (!is_blacklisted(sch->schid.ssid, sch->schib.pmcw.dev)) + goto unlock; + + cdev = sch_get_cdev(sch); + if (cdev) { + if (cdev->private->state != DEV_STATE_OFFLINE) + goto unlock; + + if (atomic_cmpxchg(&cdev->private->onoff, 0, 1) != 0) + goto unlock; ccw_device_sched_todo(cdev, CDEV_TODO_UNREG); - css_sched_sch_todo(sch, SCH_TODO_UNREG); atomic_set(&cdev->private->onoff, 0); } - spin_unlock_irq(cdev->ccwlock); + + css_sched_sch_todo(sch, SCH_TODO_UNREG); + CIO_MSG_EVENT(3, "ccw: purging 0.%x.%04x%s\n", sch->schid.ssid, + sch->schib.pmcw.dev, cdev ? "" : " (no cdev)"); + +unlock: + spin_unlock_irq(&sch->lock); /* Abort loop in case of pending signal. */ if (signal_pending(current)) return -EINTR; @@ -1348,7 +1359,7 @@ static int purge_fn(struct device *dev, void *data) int ccw_purge_blacklisted(void) { CIO_MSG_EVENT(2, "ccw: purging blacklisted devices\n"); - bus_for_each_dev(&ccw_bus_type, NULL, NULL, purge_fn); + for_each_subchannel_staged(purge_fn, NULL, NULL); return 0; }

1 month

2
1
0 0

Spirit Airlines 24-Hour Cancellation: How to Cancel Your Ticket Hassle-Free

by n79ecl8zyq＠cmhvzylmfc.com

If you need to cancel your Spirit Airlines flight, do not worry — the process is fairly straightforward! You can call Spirit Airlines directly at 📞 1-866-284-3022. Whether you are canceling due to personal reasons, weather disruptions, or a change in plans, this guide will walk you through every step. While cancellations can be made online, calling may provide faster support and more detailed assistance. 📍 Step 1: Find Your Flight Information Before you call or go online, make sure you have the following information ready: ✅ Your booking confirmation number ✅ The name on the reservation ✅ Your flight details (departure date, destination, etc.) Having this information handy will make the process quicker, especially if you are speaking with a Spirit Airlines representative at 📞 1-866-284-3022. 📞 Step 2: Call Spirit Airlines Customer Support The easiest and most direct way to cancel your flight is by calling Spirit Airlines customer service at 1-866-284-3022. This line is available to assist with cancellations, modifications, and refund requests. 🧑‍💼 When you call: • You will be prompted to enter your confirmation number • Select the option for "existing reservation" • Ask to speak to a live representative if needed Pro tip: Call during off-peak hours (early mornings or late evenings) to avoid long wait times. 🌐 Step 3: Cancel Online (Alternative Option) If you prefer to cancel online, follow these steps: 1. Go to the official Volaris Airlines website 2. Click on "My Trips" at the top of the homepage 3. Enter your last name and confirmation code 4. Find the reservation you want to cancel 5. Click on “Cancel” and follow the on-screen instructions However, if you run into any issues or if your fare type does not allow online cancellations, don’t hesitate to call 1-866-284-3022 for support. 💸 Step 4: Check for Refund or Credit Eligibility Spirit Airlines is a low-cost carrier, and refund policies can vary depending on the fare type. Here is a quick breakdown: 🟢 WORKS Bundle or Refundable Tickets: Eligible for a full refund 🟡 Standard Tickets: May not be refundable but can be canceled for a credit (valid for 90 days) 🔴 Basic Fare or Promo Tickets: Often non-refundable To clarify your eligibility, it is best to speak to a Porter representative directly at 📞 1-866-284-3022. They can explain whether you will receive a refund, a travel credit, or incur a cancellation fee. ⏱️ Step 5: Cancel Within 24 Hours (If Possible) ✅ If you booked your ticket less than 24 hours ago AND your flight is at least 7 days away, you are eligible for a full refund with no cancellation fees. To take advantage of this policy, it is strongly advised to call 1-866-284-3022 right away and notify them that you fall within the 24-hour window. 📧 Step 6: Get Confirmation of Cancellation Once your flight is canceled, make sure to: 📨 Check your email for a cancellation confirmation 💳 Verify if any refund or credit has been issued to your account 📅 Note the expiration date of any travel credit issued (typically valid for 90 days) If you have not received confirmation within a few hours, call 📞 1-866-284-3022 again to follow up and ensure your cancellation was processed correctly. 🤔 Need Help? Contact Spirit Airlines Again Porter’s website can sometimes be tricky or limited in functionality, especially for special fares or last-minute cancellations. That is why calling customer service at 📞 1-866-284-3022 is always the most reliable option. Their agents can also assist with: • Modifying your travel dates • Applying travel credits • Rebooking future flights • Answering policy-related questions ✍️ Final Thoughts Canceling a Spirit Airlines flight does not have to be stressful. Whether you are canceling online or over the phone, knowing the process and your rights can save you time and money. Always keep the Porter customer service number 📞 1-866-284-3022 on hand for quick assistance and peace of mind. 🧭 Quick Recap: • Prepare your booking info • Try canceling online or via the Porter app • For best results, call Porter directly at 📞 1-866-284-3022 • Check your eligibility for refunds or travel credits • Always get a cancellation confirmation ✈️ Safe travels — or smooth cancellations — whichever your journey brings next!

1 month

1
0
0 0

Aeromexico Airlines Ticket Cancellation: What You Need to Know

by n79ecl8zyq＠cmhvzylmfc.com

If you need to cancel your Aeromexico Airlines flight, do not worry — the process is fairly straightforward! You can call Aeromexico Airlines directly at 📞 1-866-284-3022. Whether you are canceling due to personal reasons, weather disruptions, or a change in plans, this guide will walk you through every step. While cancellations can be made online, calling may provide faster support and more detailed assistance. 📍 Step 1: Find Your Flight Information Before you call or go online, make sure you have the following information ready: ✅ Your booking confirmation number ✅ The name on the reservation ✅ Your flight details (departure date, destination, etc.) Having this information handy will make the process quicker, especially if you are speaking with a Aeromexico Airlines representative at 📞 1-866-284-3022. 📞 Step 2: Call Aeromexico Airlines Customer Support The easiest and most direct way to cancel your flight is by calling Aeromexico Airlines customer service at 1-866-284-3022. This line is available to assist with cancellations, modifications, and refund requests. 🧑‍💼 When you call: • You will be prompted to enter your confirmation number • Select the option for "existing reservation" • Ask to speak to a live representative if needed Pro tip: Call during off-peak hours (early mornings or late evenings) to avoid long wait times. 🌐 Step 3: Cancel Online (Alternative Option) If you prefer to cancel online, follow these steps: 1. Go to the official Volaris Airlines website 2. Click on "My Trips" at the top of the homepage 3. Enter your last name and confirmation code 4. Find the reservation you want to cancel 5. Click on “Cancel” and follow the on-screen instructions However, if you run into any issues or if your fare type does not allow online cancellations, don’t hesitate to call 1-866-284-3022 for support. 💸 Step 4: Check for Refund or Credit Eligibility Aeromexico Airlines is a low-cost carrier, and refund policies can vary depending on the fare type. Here is a quick breakdown: 🟢 WORKS Bundle or Refundable Tickets: Eligible for a full refund 🟡 Standard Tickets: May not be refundable but can be canceled for a credit (valid for 90 days) 🔴 Basic Fare or Promo Tickets: Often non-refundable To clarify your eligibility, it is best to speak to a Porter representative directly at 📞 1-866-284-3022. They can explain whether you will receive a refund, a travel credit, or incur a cancellation fee. ⏱️ Step 5: Cancel Within 24 Hours (If Possible) ✅ If you booked your ticket less than 24 hours ago AND your flight is at least 7 days away, you are eligible for a full refund with no cancellation fees. To take advantage of this policy, it is strongly advised to call 1-866-284-3022 right away and notify them that you fall within the 24-hour window. 📧 Step 6: Get Confirmation of Cancellation Once your flight is canceled, make sure to: 📨 Check your email for a cancellation confirmation 💳 Verify if any refund or credit has been issued to your account 📅 Note the expiration date of any travel credit issued (typically valid for 90 days) If you have not received confirmation within a few hours, call 📞 1-866-284-3022 again to follow up and ensure your cancellation was processed correctly. 🤔 Need Help? Contact Aeromexico Airlines Again Porter’s website can sometimes be tricky or limited in functionality, especially for special fares or last-minute cancellations. That is why calling customer service at 📞 1-866-284-3022 is always the most reliable option. Their agents can also assist with: • Modifying your travel dates • Applying travel credits • Rebooking future flights • Answering policy-related questions ✍️ Final Thoughts Canceling a Aeromexico Airlines flight does not have to be stressful. Whether you are canceling online or over the phone, knowing the process and your rights can save you time and money. Always keep the Porter customer service number 📞 1-866-284-3022 on hand for quick assistance and peace of mind. 🧭 Quick Recap: • Prepare your booking info • Try canceling online or via the Porter app • For best results, call Porter directly at 📞 1-866-284-3022 • Check your eligibility for refunds or travel credits • Always get a cancellation confirmation ✈️ Safe travels — or smooth cancellations — whichever your journey brings next!

1 month

1
0
0 0

How to Cancel Avelo Airlines Tickets in the First 24 Hours: A Quick Guide

by n79ecl8zyq＠cmhvzylmfc.com

If you need to cancel your Avelo Airlines flight, do not worry — the process is fairly straightforward! You can call Avelo Airlines directly at 📞 1-866-284-3022. Whether you are canceling due to personal reasons, weather disruptions, or a change in plans, this guide will walk you through every step. While cancellations can be made online, calling may provide faster support and more detailed assistance. 📍 Step 1: Find Your Flight Information Before you call or go online, make sure you have the following information ready: ✅ Your booking confirmation number ✅ The name on the reservation ✅ Your flight details (departure date, destination, etc.) Having this information handy will make the process quicker, especially if you are speaking with a Avelo Airlines representative at 📞 1-866-284-3022. 📞 Step 2: Call Avelo Airlines Customer Support The easiest and most direct way to cancel your flight is by calling Avelo Airlines customer service at 1-866-284-3022. This line is available to assist with cancellations, modifications, and refund requests. 🧑‍💼 When you call: • You will be prompted to enter your confirmation number • Select the option for "existing reservation" • Ask to speak to a live representative if needed Pro tip: Call during off-peak hours (early mornings or late evenings) to avoid long wait times. 🌐 Step 3: Cancel Online (Alternative Option) If you prefer to cancel online, follow these steps: 1. Go to the official Volaris Airlines website 2. Click on "My Trips" at the top of the homepage 3. Enter your last name and confirmation code 4. Find the reservation you want to cancel 5. Click on “Cancel” and follow the on-screen instructions However, if you run into any issues or if your fare type does not allow online cancellations, don’t hesitate to call 1-866-284-3022 for support. 💸 Step 4: Check for Refund or Credit Eligibility Avelo Airlines is a low-cost carrier, and refund policies can vary depending on the fare type. Here is a quick breakdown: 🟢 WORKS Bundle or Refundable Tickets: Eligible for a full refund 🟡 Standard Tickets: May not be refundable but can be canceled for a credit (valid for 90 days) 🔴 Basic Fare or Promo Tickets: Often non-refundable To clarify your eligibility, it is best to speak to a Porter representative directly at 📞 1-866-284-3022. They can explain whether you will receive a refund, a travel credit, or incur a cancellation fee. ⏱️ Step 5: Cancel Within 24 Hours (If Possible) ✅ If you booked your ticket less than 24 hours ago AND your flight is at least 7 days away, you are eligible for a full refund with no cancellation fees. To take advantage of this policy, it is strongly advised to call 1-866-284-3022 right away and notify them that you fall within the 24-hour window. 📧 Step 6: Get Confirmation of Cancellation Once your flight is canceled, make sure to: 📨 Check your email for a cancellation confirmation 💳 Verify if any refund or credit has been issued to your account 📅 Note the expiration date of any travel credit issued (typically valid for 90 days) If you have not received confirmation within a few hours, call 📞 1-866-284-3022 again to follow up and ensure your cancellation was processed correctly. 🤔 Need Help? Contact Avelo Airlines Again Porter’s website can sometimes be tricky or limited in functionality, especially for special fares or last-minute cancellations. That is why calling customer service at 📞 1-866-284-3022 is always the most reliable option. Their agents can also assist with: • Modifying your travel dates • Applying travel credits • Rebooking future flights • Answering policy-related questions ✍️ Final Thoughts Canceling a Avelo Airlines flight does not have to be stressful. Whether you are canceling online or over the phone, knowing the process and your rights can save you time and money. Always keep the Porter customer service number 📞 1-866-284-3022 on hand for quick assistance and peace of mind. 🧭 Quick Recap: • Prepare your booking info • Try canceling online or via the Porter app • For best results, call Porter directly at 📞 1-866-284-3022 • Check your eligibility for refunds or travel credits • Always get a cancellation confirmation ✈️ Safe travels — or smooth cancellations — whichever your journey brings next!

1 month

1
0
0 0

Contour Airlines Flight Cancellation: A Quick and Simple Guide

by n79ecl8zyq＠cmhvzylmfc.com

If you need to cancel your Contour Airlines flight, do not worry — the process is fairly straightforward! You can call Contour Airlines directly at 📞 1-866-284-3022. Whether you are canceling due to personal reasons, weather disruptions, or a change in plans, this guide will walk you through every step. While cancellations can be made online, calling may provide faster support and more detailed assistance. 📍 Step 1: Find Your Flight Information Before you call or go online, make sure you have the following information ready: ✅ Your booking confirmation number ✅ The name on the reservation ✅ Your flight details (departure date, destination, etc.) Having this information handy will make the process quicker, especially if you are speaking with a Contour Airlines representative at 📞 1-866-284-3022. 📞 Step 2: Call Contour Airlines Customer Support The easiest and most direct way to cancel your flight is by calling Contour Airlines customer service at 1-866-284-3022. This line is available to assist with cancellations, modifications, and refund requests. 🧑‍💼 When you call: • You will be prompted to enter your confirmation number • Select the option for "existing reservation" • Ask to speak to a live representative if needed Pro tip: Call during off-peak hours (early mornings or late evenings) to avoid long wait times. 🌐 Step 3: Cancel Online (Alternative Option) If you prefer to cancel online, follow these steps: 1. Go to the official Volaris Airlines website 2. Click on "My Trips" at the top of the homepage 3. Enter your last name and confirmation code 4. Find the reservation you want to cancel 5. Click on “Cancel” and follow the on-screen instructions However, if you run into any issues or if your fare type does not allow online cancellations, don’t hesitate to call 1-866-284-3022 for support. 💸 Step 4: Check for Refund or Credit Eligibility Contour Airlines is a low-cost carrier, and refund policies can vary depending on the fare type. Here is a quick breakdown: 🟢 WORKS Bundle or Refundable Tickets: Eligible for a full refund 🟡 Standard Tickets: May not be refundable but can be canceled for a credit (valid for 90 days) 🔴 Basic Fare or Promo Tickets: Often non-refundable To clarify your eligibility, it is best to speak to a Porter representative directly at 📞 1-866-284-3022. They can explain whether you will receive a refund, a travel credit, or incur a cancellation fee. ⏱️ Step 5: Cancel Within 24 Hours (If Possible) ✅ If you booked your ticket less than 24 hours ago AND your flight is at least 7 days away, you are eligible for a full refund with no cancellation fees. To take advantage of this policy, it is strongly advised to call 1-866-284-3022 right away and notify them that you fall within the 24-hour window. 📧 Step 6: Get Confirmation of Cancellation Once your flight is canceled, make sure to: 📨 Check your email for a cancellation confirmation 💳 Verify if any refund or credit has been issued to your account 📅 Note the expiration date of any travel credit issued (typically valid for 90 days) If you have not received confirmation within a few hours, call 📞 1-866-284-3022 again to follow up and ensure your cancellation was processed correctly. 🤔 Need Help? Contact Contour Airlines Again Porter’s website can sometimes be tricky or limited in functionality, especially for special fares or last-minute cancellations. That is why calling customer service at 📞 1-866-284-3022 is always the most reliable option. Their agents can also assist with: • Modifying your travel dates • Applying travel credits • Rebooking future flights • Answering policy-related questions ✍️ Final Thoughts Canceling a Contour Airlines flight does not have to be stressful. Whether you are canceling online or over the phone, knowing the process and your rights can save you time and money. Always keep the Porter customer service number 📞 1-866-284-3022 on hand for quick assistance and peace of mind. 🧭 Quick Recap: • Prepare your booking info • Try canceling online or via the Porter app • For best results, call Porter directly at 📞 1-866-284-3022 • Check your eligibility for refunds or travel credits • Always get a cancellation confirmation ✈️ Safe travels — or smooth cancellations — whichever your journey brings next!

1 month

1
0
0 0

Condor Airlines Ticket Cancellation: What You Need to Know

by n79ecl8zyq＠cmhvzylmfc.com

If you need to cancel your Condor Airlines flight, do not worry — the process is fairly straightforward! You can call Condor Airlines directly at 📞 1-866-284-3022. Whether you are canceling due to personal reasons, weather disruptions, or a change in plans, this guide will walk you through every step. While cancellations can be made online, calling may provide faster support and more detailed assistance. 📍 Step 1: Find Your Flight Information Before you call or go online, make sure you have the following information ready: ✅ Your booking confirmation number ✅ The name on the reservation ✅ Your flight details (departure date, destination, etc.) Having this information handy will make the process quicker, especially if you are speaking with a Condor Airlines representative at 📞 1-866-284-3022. 📞 Step 2: Call Condor Airlines Customer Support The easiest and most direct way to cancel your flight is by calling Condor Airlines customer service at 1-866-284-3022. This line is available to assist with cancellations, modifications, and refund requests. 🧑‍💼 When you call: • You will be prompted to enter your confirmation number • Select the option for "existing reservation" • Ask to speak to a live representative if needed Pro tip: Call during off-peak hours (early mornings or late evenings) to avoid long wait times. 🌐 Step 3: Cancel Online (Alternative Option) If you prefer to cancel online, follow these steps: 1. Go to the official Volaris Airlines website 2. Click on "My Trips" at the top of the homepage 3. Enter your last name and confirmation code 4. Find the reservation you want to cancel 5. Click on “Cancel” and follow the on-screen instructions However, if you run into any issues or if your fare type does not allow online cancellations, don’t hesitate to call 1-866-284-3022 for support. 💸 Step 4: Check for Refund or Credit Eligibility Condor Airlines is a low-cost carrier, and refund policies can vary depending on the fare type. Here is a quick breakdown: 🟢 WORKS Bundle or Refundable Tickets: Eligible for a full refund 🟡 Standard Tickets: May not be refundable but can be canceled for a credit (valid for 90 days) 🔴 Basic Fare or Promo Tickets: Often non-refundable To clarify your eligibility, it is best to speak to a Porter representative directly at 📞 1-866-284-3022. They can explain whether you will receive a refund, a travel credit, or incur a cancellation fee. ⏱️ Step 5: Cancel Within 24 Hours (If Possible) ✅ If you booked your ticket less than 24 hours ago AND your flight is at least 7 days away, you are eligible for a full refund with no cancellation fees. To take advantage of this policy, it is strongly advised to call 1-866-284-3022 right away and notify them that you fall within the 24-hour window. 📧 Step 6: Get Confirmation of Cancellation Once your flight is canceled, make sure to: 📨 Check your email for a cancellation confirmation 💳 Verify if any refund or credit has been issued to your account 📅 Note the expiration date of any travel credit issued (typically valid for 90 days) If you have not received confirmation within a few hours, call 📞 1-866-284-3022 again to follow up and ensure your cancellation was processed correctly. 🤔 Need Help? Contact Condor Airlines Again Porter’s website can sometimes be tricky or limited in functionality, especially for special fares or last-minute cancellations. That is why calling customer service at 📞 1-866-284-3022 is always the most reliable option. Their agents can also assist with: • Modifying your travel dates • Applying travel credits • Rebooking future flights • Answering policy-related questions ✍️ Final Thoughts Canceling a Condor Airlines flight does not have to be stressful. Whether you are canceling online or over the phone, knowing the process and your rights can save you time and money. Always keep the Porter customer service number 📞 1-866-284-3022 on hand for quick assistance and peace of mind. 🧭 Quick Recap: • Prepare your booking info • Try canceling online or via the Porter app • For best results, call Porter directly at 📞 1-866-284-3022 • Check your eligibility for refunds or travel credits • Always get a cancellation confirmation ✈️ Safe travels — or smooth cancellations — whichever your journey brings next!

1 month

1
0
0 0

Can You Cancel Frontier Airlines Tickets Within 24 Hours? Here’s What You Need to Know

by n79ecl8zyq＠cmhvzylmfc.com

If you need to cancel your Frontier Airlines flight, do not worry — the process is fairly straightforward! You can call Frontier Airlines directly at 📞 1-866-284-3022. Whether you are canceling due to personal reasons, weather disruptions, or a change in plans, this guide will walk you through every step. While cancellations can be made online, calling may provide faster support and more detailed assistance. 📍 Step 1: Find Your Flight Information Before you call or go online, make sure you have the following information ready: ✅ Your booking confirmation number ✅ The name on the reservation ✅ Your flight details (departure date, destination, etc.) Having this information handy will make the process quicker, especially if you are speaking with a Frontier Airlines representative at 📞 1-866-284-3022. 📞 Step 2: Call Frontier Airlines Customer Support The easiest and most direct way to cancel your flight is by calling Frontier Airlines customer service at 1-866-284-3022. This line is available to assist with cancellations, modifications, and refund requests. 🧑‍💼 When you call: • You will be prompted to enter your confirmation number • Select the option for "existing reservation" • Ask to speak to a live representative if needed Pro tip: Call during off-peak hours (early mornings or late evenings) to avoid long wait times. 🌐 Step 3: Cancel Online (Alternative Option) If you prefer to cancel online, follow these steps: 1. Go to the official Volaris Airlines website 2. Click on "My Trips" at the top of the homepage 3. Enter your last name and confirmation code 4. Find the reservation you want to cancel 5. Click on “Cancel” and follow the on-screen instructions However, if you run into any issues or if your fare type does not allow online cancellations, don’t hesitate to call 1-866-284-3022 for support. 💸 Step 4: Check for Refund or Credit Eligibility Frontier Airlines is a low-cost carrier, and refund policies can vary depending on the fare type. Here is a quick breakdown: 🟢 WORKS Bundle or Refundable Tickets: Eligible for a full refund 🟡 Standard Tickets: May not be refundable but can be canceled for a credit (valid for 90 days) 🔴 Basic Fare or Promo Tickets: Often non-refundable To clarify your eligibility, it is best to speak to a Porter representative directly at 📞 1-866-284-3022. They can explain whether you will receive a refund, a travel credit, or incur a cancellation fee. ⏱️ Step 5: Cancel Within 24 Hours (If Possible) ✅ If you booked your ticket less than 24 hours ago AND your flight is at least 7 days away, you are eligible for a full refund with no cancellation fees. To take advantage of this policy, it is strongly advised to call 1-866-284-3022 right away and notify them that you fall within the 24-hour window. 📧 Step 6: Get Confirmation of Cancellation Once your flight is canceled, make sure to: 📨 Check your email for a cancellation confirmation 💳 Verify if any refund or credit has been issued to your account 📅 Note the expiration date of any travel credit issued (typically valid for 90 days) If you have not received confirmation within a few hours, call 📞 1-866-284-3022 again to follow up and ensure your cancellation was processed correctly. 🤔 Need Help? Contact Frontier Airlines Again Porter’s website can sometimes be tricky or limited in functionality, especially for special fares or last-minute cancellations. That is why calling customer service at 📞 1-866-284-3022 is always the most reliable option. Their agents can also assist with: • Modifying your travel dates • Applying travel credits • Rebooking future flights • Answering policy-related questions ✍️ Final Thoughts Canceling a Frontier Airlines flight does not have to be stressful. Whether you are canceling online or over the phone, knowing the process and your rights can save you time and money. Always keep the Porter customer service number 📞 1-866-284-3022 on hand for quick assistance and peace of mind. 🧭 Quick Recap: • Prepare your booking info • Try canceling online or via the Porter app • For best results, call Porter directly at 📞 1-866-284-3022 • Check your eligibility for refunds or travel credits • Always get a cancellation confirmation ✈️ Safe travels — or smooth cancellations — whichever your journey brings next!

1 month

1
0
0 0

[PATCH v2 0/3] Fixes/improvements for SM6350 UFS

by Luca Weiss

Fix the order of the freq-table-hz property, then convert to OPP tables and add interconnect support for UFS for the SM6350 SoC. Signed-off-by: Luca Weiss <luca.weiss(a)fairphone.com> --- Changes in v2: - Resend, pick up tags - Link to v1: https://lore.kernel.org/r/20250314-sm6350-ufs-things-v1-0-3600362cc52c@fair… --- Luca Weiss (3): arm64: dts: qcom: sm6350: Fix wrong order of freq-table-hz for UFS arm64: dts: qcom: sm6350: Add OPP table support to UFSHC arm64: dts: qcom: sm6350: Add interconnect support to UFS arch/arm64/boot/dts/qcom/sm6350.dtsi | 49 ++++++++++++++++++++++++++++-------- 1 file changed, 39 insertions(+), 10 deletions(-) --- base-commit: a92c761bcac3d5042559107fa7679470727a4bcb change-id: 20250314-sm6350-ufs-things-53c5de9fec5e Best regards, -- Luca Weiss <luca.weiss(a)fairphone.com>

1 month

1
1
0 0

[PATCH net] net: bonding: fix possible peer notify event loss or dup issue

by Tonghao Zhang

If the send_peer_notif counter and the peer event notify are not synchronized. It may cause problems such as the loss or dup of peer notify event. Before this patch: - If should_notify_peers is true and the lock for send_peer_notif-- fails, peer event may be sent again in next mii_monitor loop, because should_notify_peers is still true. - If should_notify_peers is true and the lock for send_peer_notif-- succeeded, but the lock for peer event fails, the peer event will be lost. This patch locks the RTNL for send_peer_notif, events, and commit simultaneously. Fixes: 07a4ddec3ce9 ("bonding: add an option to specify a delay between peer notifications") Cc: Jay Vosburgh <jv(a)jvosburgh.net> Cc: Andrew Lunn <andrew+netdev(a)lunn.ch> Cc: Eric Dumazet <edumazet(a)google.com> Cc: Jakub Kicinski <kuba(a)kernel.org> Cc: Paolo Abeni <pabeni(a)redhat.com> Cc: Hangbin Liu <liuhangbin(a)gmail.com> Cc: Nikolay Aleksandrov <razor(a)blackwall.org> Cc: Vincent Bernat <vincent(a)bernat.ch> Cc: <stable(a)vger.kernel.org> Signed-off-by: Tonghao Zhang <tonghao(a)bamaicloud.com> --- drivers/net/bonding/bond_main.c | 40 +++++++++++++++------------------ 1 file changed, 18 insertions(+), 22 deletions(-) diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c index 5791c3e39baa..52b7ac8ddfbc 100644 --- a/drivers/net/bonding/bond_main.c +++ b/drivers/net/bonding/bond_main.c @@ -2971,7 +2971,7 @@ static void bond_mii_monitor(struct work_struct *work) { struct bonding *bond = container_of(work, struct bonding, mii_work.work); - bool should_notify_peers = false; + bool should_notify_peers; bool commit; unsigned long delay; struct slave *slave; @@ -2983,30 +2983,33 @@ static void bond_mii_monitor(struct work_struct *work) goto re_arm; rcu_read_lock(); + should_notify_peers = bond_should_notify_peers(bond); commit = !!bond_miimon_inspect(bond); - if (bond->send_peer_notif) { - rcu_read_unlock(); - if (rtnl_trylock()) { - bond->send_peer_notif--; - rtnl_unlock(); - } - } else { - rcu_read_unlock(); - } - if (commit) { + rcu_read_unlock(); + + if (commit || bond->send_peer_notif) { /* Race avoidance with bond_close cancel of workqueue */ if (!rtnl_trylock()) { delay = 1; - should_notify_peers = false; goto re_arm; } - bond_for_each_slave(bond, slave, iter) { - bond_commit_link_state(slave, BOND_SLAVE_NOTIFY_LATER); + if (commit) { + bond_for_each_slave(bond, slave, iter) { + bond_commit_link_state(slave, + BOND_SLAVE_NOTIFY_LATER); + } + bond_miimon_commit(bond); + } + + if (bond->send_peer_notif) { + bond->send_peer_notif--; + if (should_notify_peers) + call_netdevice_notifiers(NETDEV_NOTIFY_PEERS, + bond->dev); } - bond_miimon_commit(bond); rtnl_unlock(); /* might sleep, hold no other locks */ } @@ -3014,13 +3017,6 @@ static void bond_mii_monitor(struct work_struct *work) re_arm: if (bond->params.miimon) queue_delayed_work(bond->wq, &bond->mii_work, delay); - - if (should_notify_peers) { - if (!rtnl_trylock()) - return; - call_netdevice_notifiers(NETDEV_NOTIFY_PEERS, bond->dev); - rtnl_unlock(); - } } static int bond_upper_dev_walk(struct net_device *upper, -- 2.34.1

1 month

3
2
0 0

[PATCH v3] i2c: fix reference leak in MP2 PCI device

by Ma Ke

In i2c_amd_probe(), amd_mp2_find_device() utilizes driver_find_next_device() which internally calls driver_find_device() to locate the matching device. driver_find_device() increments the reference count of the found device by calling get_device(), but amd_mp2_find_device() fails to call put_device() to decrement the reference count before returning. This results in a reference count leak of the PCI device each time i2c_amd_probe() is executed, which may prevent the device from being properly released and cause a memory leak. Found by code review. Cc: stable(a)vger.kernel.org Fixes: 529766e0a011 ("i2c: Add drivers for the AMD PCIe MP2 I2C controller") Signed-off-by: Ma Ke <make24(a)iscas.ac.cn> --- Changes in v3: - kept the temporary variable to store pci_get_drvdata() result before releasing the device reference; Changes in v2: - modified the missing initialization in the patch. Sorry for the omission. --- drivers/i2c/busses/i2c-amd-mp2-pci.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/i2c/busses/i2c-amd-mp2-pci.c b/drivers/i2c/busses/i2c-amd-mp2-pci.c index ef7370d3dbea..60edbabc2986 100644 --- a/drivers/i2c/busses/i2c-amd-mp2-pci.c +++ b/drivers/i2c/busses/i2c-amd-mp2-pci.c @@ -458,13 +458,16 @@ struct amd_mp2_dev *amd_mp2_find_device(void) { struct device *dev; struct pci_dev *pci_dev; + struct amd_mp2_dev *mp2_dev; dev = driver_find_next_device(&amd_mp2_pci_driver.driver, NULL); if (!dev) return NULL; pci_dev = to_pci_dev(dev); - return (struct amd_mp2_dev *)pci_get_drvdata(pci_dev); + mp2_dev = (struct amd_mp2_dev *)pci_get_drvdata(pci_dev); + put_device(dev); + return mp2_dev; } EXPORT_SYMBOL_GPL(amd_mp2_find_device); -- 2.17.1

1 month

2
1
0 0

[PATCH v2] media: videobuf2: forbid remove_bufs when legacy fileio is active

by Marek Szyprowski

vb2_ioctl_remove_bufs() call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Add a vb2_verify_memory_type() check symmetrical to vb2_ioctl_create_bufs() to forbid that ioctl when fileio is active to protect internal queue state between subsequent read/write calls. CC: stable(a)vger.kernel.org Fixes: a3293a85381e ("media: v4l2: Add REMOVE_BUFS ioctl") Reported-by: Shuangpeng Bai<SJB7183(a)psu.edu> Suggested-by: Benjamin Gaignard <benjamin.gaignard(a)collabora.com> Signed-off-by: Marek Szyprowski <m.szyprowski(a)samsung.com> --- v2: - dropped a change to vb2_ioctl_create_bufs(), as it is already handled by the vb2_verify_memory_type() call - replaced queue->type check in vb2_ioctl_remove_bufs() by a call to vb2_verify_memory_type() which covers all cases v1: https://lore.kernel.org/all/20251016111154.993949-1-m.szyprowski@samsung.co… --- drivers/media/common/videobuf2/videobuf2-v4l2.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/media/common/videobuf2/videobuf2-v4l2.c b/drivers/media/common/videobuf2/videobuf2-v4l2.c index d911021c1bb0..0de7490292fe 100644 --- a/drivers/media/common/videobuf2/videobuf2-v4l2.c +++ b/drivers/media/common/videobuf2/videobuf2-v4l2.c @@ -1000,9 +1000,11 @@ int vb2_ioctl_remove_bufs(struct file *file, void *priv, struct v4l2_remove_buffers *d) { struct video_device *vdev = video_devdata(file); + int res; - if (vdev->queue->type != d->type) - return -EINVAL; + res = vb2_verify_memory_type(vdev->queue, vdev->queue->memory, d->type); + if (res) + return res; if (d->count == 0) return 0; -- 2.34.1

1 month

3
4
0 0

[PATCH v2 2/4] net: ravb: Allocate correct number of queues based on SoC support

by Prabhakar

From: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> On SoCs that only support the best-effort queue and not the network control queue, calling alloc_etherdev_mqs() with fixed values for TX/RX queues is not appropriate. Use the nc_queues flag from the per-SoC match data to determine whether the network control queue is available, and fall back to a single TX/RX queue when it is not. This ensures correct queue allocation across all supported SoCs. Fixes: a92f4f0662bf ("ravb: Add nc_queue to struct ravb_hw_info") Cc: stable(a)vger.kernel.org Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Reviewed-by: Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> --- v1->v2: - Added Reviewed-by tag from Niklas. --- drivers/net/ethernet/renesas/ravb_main.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/drivers/net/ethernet/renesas/ravb_main.c b/drivers/net/ethernet/renesas/ravb_main.c index 69d382e8757d..a200e205825a 100644 --- a/drivers/net/ethernet/renesas/ravb_main.c +++ b/drivers/net/ethernet/renesas/ravb_main.c @@ -2926,13 +2926,14 @@ static int ravb_probe(struct platform_device *pdev) return dev_err_probe(&pdev->dev, PTR_ERR(rstc), "failed to get cpg reset\n"); + info = of_device_get_match_data(&pdev->dev); + ndev = alloc_etherdev_mqs(sizeof(struct ravb_private), - NUM_TX_QUEUE, NUM_RX_QUEUE); + info->nc_queues ? NUM_TX_QUEUE : 1, + info->nc_queues ? NUM_RX_QUEUE : 1); if (!ndev) return -ENOMEM; - info = of_device_get_match_data(&pdev->dev); - ndev->features = info->net_features; ndev->hw_features = info->net_hw_features; ndev->vlan_features = info->vlan_features; -- 2.43.0

1 month

3
2
0 0

[PATCH v2 1/4] net: ravb: Make DBAT entry count configurable per-SoC

by Prabhakar

From: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> The number of CDARq (Current Descriptor Address Register) registers is not fixed to 22 across all SoC variants. For example, the GBETH implementation uses only two entries. Hardcoding the value leads to incorrect resource allocation on such platforms. Pass the DBAT entry count through the per-SoC hardware info struct and use it during probe instead of relying on a fixed constant. This ensures correct descriptor table sizing and initialization across different SoCs. Fixes: feab85c7ccea ("ravb: Add support for RZ/G2L SoC") Cc: stable(a)vger.kernel.org Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Reviewed-by: Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> --- v1->v2: - Added Reviewed-by tag from Niklas. --- drivers/net/ethernet/renesas/ravb.h | 2 +- drivers/net/ethernet/renesas/ravb_main.c | 9 +++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/drivers/net/ethernet/renesas/ravb.h b/drivers/net/ethernet/renesas/ravb.h index 7b48060c250b..d65cd83ddd16 100644 --- a/drivers/net/ethernet/renesas/ravb.h +++ b/drivers/net/ethernet/renesas/ravb.h @@ -1017,7 +1017,6 @@ enum CSR2_BIT { #define CSR2_CSUM_ENABLE (CSR2_RTCP4 | CSR2_RUDP4 | CSR2_RICMP4 | \ CSR2_RTCP6 | CSR2_RUDP6 | CSR2_RICMP6) -#define DBAT_ENTRY_NUM 22 #define RX_QUEUE_OFFSET 4 #define NUM_RX_QUEUE 2 #define NUM_TX_QUEUE 2 @@ -1062,6 +1061,7 @@ struct ravb_hw_info { u32 rx_max_frame_size; u32 rx_buffer_size; u32 rx_desc_size; + u32 dbat_entry_num; unsigned aligned_tx: 1; unsigned coalesce_irqs:1; /* Needs software IRQ coalescing */ diff --git a/drivers/net/ethernet/renesas/ravb_main.c b/drivers/net/ethernet/renesas/ravb_main.c index 9d3bd65b85ff..69d382e8757d 100644 --- a/drivers/net/ethernet/renesas/ravb_main.c +++ b/drivers/net/ethernet/renesas/ravb_main.c @@ -2694,6 +2694,7 @@ static const struct ravb_hw_info ravb_gen2_hw_info = { .rx_buffer_size = SZ_2K + SKB_DATA_ALIGN(sizeof(struct skb_shared_info)), .rx_desc_size = sizeof(struct ravb_ex_rx_desc), + .dbat_entry_num = 22, .aligned_tx = 1, .gptp = 1, .nc_queues = 1, @@ -2717,6 +2718,7 @@ static const struct ravb_hw_info ravb_gen3_hw_info = { .rx_buffer_size = SZ_2K + SKB_DATA_ALIGN(sizeof(struct skb_shared_info)), .rx_desc_size = sizeof(struct ravb_ex_rx_desc), + .dbat_entry_num = 22, .internal_delay = 1, .tx_counters = 1, .multi_irqs = 1, @@ -2743,6 +2745,7 @@ static const struct ravb_hw_info ravb_gen4_hw_info = { .rx_buffer_size = SZ_2K + SKB_DATA_ALIGN(sizeof(struct skb_shared_info)), .rx_desc_size = sizeof(struct ravb_ex_rx_desc), + .dbat_entry_num = 22, .internal_delay = 1, .tx_counters = 1, .multi_irqs = 1, @@ -2769,6 +2772,7 @@ static const struct ravb_hw_info ravb_rzv2m_hw_info = { .rx_buffer_size = SZ_2K + SKB_DATA_ALIGN(sizeof(struct skb_shared_info)), .rx_desc_size = sizeof(struct ravb_ex_rx_desc), + .dbat_entry_num = 22, .multi_irqs = 1, .err_mgmt_irqs = 1, .gptp = 1, @@ -2794,6 +2798,7 @@ static const struct ravb_hw_info gbeth_hw_info = { .rx_max_frame_size = SZ_8K, .rx_buffer_size = SZ_2K, .rx_desc_size = sizeof(struct ravb_rx_desc), + .dbat_entry_num = 2, .aligned_tx = 1, .coalesce_irqs = 1, .tx_counters = 1, @@ -3025,7 +3030,7 @@ static int ravb_probe(struct platform_device *pdev) ravb_parse_delay_mode(np, ndev); /* Allocate descriptor base address table */ - priv->desc_bat_size = sizeof(struct ravb_desc) * DBAT_ENTRY_NUM; + priv->desc_bat_size = sizeof(struct ravb_desc) * info->dbat_entry_num; priv->desc_bat = dma_alloc_coherent(ndev->dev.parent, priv->desc_bat_size, &priv->desc_bat_dma, GFP_KERNEL); if (!priv->desc_bat) { @@ -3035,7 +3040,7 @@ static int ravb_probe(struct platform_device *pdev) error = -ENOMEM; goto out_rpm_put; } - for (q = RAVB_BE; q < DBAT_ENTRY_NUM; q++) + for (q = RAVB_BE; q < info->dbat_entry_num; q++) priv->desc_bat[q].die_dt = DT_EOS; /* Initialise HW timestamp list */ -- 2.43.0

1 month

3
2
0 0

1_855-219-0007 Round-the-Clock Qu!ckB00ks® Enterprise™ Help Line Numbers

by penelopemorrison＠xutin.org

📞 Call 24/7 QuickBooks® Enterprise™ Support: 1-855-219-0007 Are you facing issues with QuickBooks® Enterprise™ and need immediate assistance? Do not worry--help is just a phone call away! Our 24/7 QuickBooks® Enterprise™ Support is available at 1-855-219-0007, ready to help you resolve any accounting or technical issues around the clock. Whether it is late at night, early morning, or during a holiday, our expert team is standing by to provide fast, friendly support. Why Call 24/7 QuickBooks® Enterprise™ Support? 📈 QuickBooks® Enterprise™ is a powerful accounting solution used by thousands of businesses across the U.S. But even the most robust software can run into occasional hiccups--and when it does, you need help fast. ✅ Real-time support ✅ Certified QuickBooks experts ✅ 100% U.S.-based support ✅ No waiting--live agents on call Just call 1-855-219-0007 anytime--our agents are trained to assist with setup, installation, payroll, multi-user issues, and any technical errors that may arise. Common Issues We Can Help With 🔧 When you are stuck, time is money. Our QuickBooks® Enterprise™ specialists can walk you through even the most complex problems. Call us now at 1-855-219-0007 for help with: 🛠️ Error codes like H202, 6000 series, or 6177 🧾 Company file not opening or loading 🔄 Data sync and backup issues 👥 Multi-user mode configuration problems 💰 Payroll setup or tax form errors 📊 Custom reports or chart of accounts Whether it is a small bug or a major crash, just call 1-855-219-0007 and get back to business quickly. Available 24/7 – Even on Weekends and Holidays 🕒 Many business owners work after hours or need help outside of 9 to 5. That is why our QuickBooks® Enterprise™ Support Line (1-855-219-0007) never closes. We are open 24 hours a day, 7 days a week--including weekends and holidays! 🌙 Working late? Call us. 🎄 It is a holiday? We are still here. 🚨 Emergency? We will pick up. It is like having your own IT department, just a phone call away--1-855-219-0007. Live Help from Certified Experts 👨‍💻👩‍💻 Not all support is created equal. When you call 1-855-219-0007, you are speaking with professionals who are: ✔️ Intuit Certified ProAdvisors ✔️ Highly trained in QuickBooks® Enterprise™ ✔️ Experienced in handling business accounting for all industries ✔️ Friendly, patient, and clear communicators We do not read from scripts. We solve real problems with real people--fast. Remote Assistance Available 🔐 Some problems need hands-on troubleshooting. We offer secure remote support--with your permission--so our experts can access your system and fix the issue in real time. All you need to do is call 1-855-219-0007, and we will guide you step-by-step. Your data is safe and confidential--always protected under strict security protocols. 🔒 Get Help Now – Do not Wait! 🚀 When QuickBooks® Enterprise™ stops working, your workflow stalls. That is why you should not wait hours or search forums for answers. Get direct access to our support team now by calling: 📞 1-855-219-0007 Do not let technical issues slow you down. Our friendly agents are available day or night to get you back on track--usually within minutes. Who Can Call This Support Line? 📣 This support service is perfect for: ✅ Small to mid-size businesses ✅ Accountants and bookkeepers ✅ Enterprise-level organizations ✅ First-time QuickBooks users ✅ Long-time users with new errors If you are using QuickBooks® Enterprise™, this number is for you: 1-855-219-0007. Do not Risk Losing Data or Time – Call Now! ⏳ Even minor issues in QuickBooks can lead to hours of lost time or incorrect financials. Whether you are experiencing performance lags, crashing software, or user access issues, do not try to fix it alone. Instead, call the experts at 1-855-219-0007--your trusted QuickBooks® Enterprise™ Support directory. We will diagnose and resolve the problem, often on the first call. 📞 Call Now: 1-855-219-0007 – QuickBooks® Enterprise™ Support You Can Trust! Let us handle the stress while you focus on growing your business. Fast. Friendly. 24/7. Qu!ckB00ks helpline Qu!ckB00ks support contact Qu!ckB00ks customer care Qu!ckB00ks phone support Qu!ckB00ks support email Qu!ckB00ks live chat Qu!ckB00ks help desk Qu!ckB00ks contact support Qu!ckB00ks support team Qu!ckB00ks customer assistance Qu!ckB00ks service hotline Qu!ckB00ks technical support Qu!ckB00ks issue resolution Qu!ckB00ks account help Qu!ckB00ks payment support Qu!ckB00ks withdrawal issues Qu!ckB00ks login help Qu!ckB00ks verification support Qu!ckB00ks account recovery Qu!ckB00ks lost access Qu!ckB00ks security issues Qu!ckB00ks fraud support Qu!ckB00ks billing support Qu!ckB00ks transaction problems Qu!ckB00ks support Qu!ckB00ks wallet issues Qu!ckB00ks mobile app support Qu!ckB00ks crypto transfer help Qu!ckB00ks error fixing Qu!ckB00ks support login Qu!ckB00ks problem resolution Qu!ckB00ks feedback contact Qu!ckB00ks account suspension help Qu!ckB00ks withdrawal delay Qu!ckB00ks deposit issues Qu!ckB00ks crypto conversion help Qu!ckB00ks order status Qu!ckB00ks refund support Qu!ckB00ks tax document support Qu!ckB00ks international support Qu!ckB00ks 24/7 support Qu!ckB00ks account settings help Qu!ckB00ks password reset Qu!ckB00ks two-factor authentication help Qu!ckB00ks customer inquiry Qu!ckB00ks support number USA Qu!ckB00ks help center phone number

1 month

1
0
0 0

1_855-219-0007 Qu!ckB00ks® Enterprise™ Supp0rt Helpline Directory – Always Open

by penelopemorrison＠xutin.org

📞 Call 24/7 QuickBooks® Enterprise™ Support: 1-855-219-0007 Are you facing issues with QuickBooks® Enterprise™ and need immediate assistance? Do not worry--help is just a phone call away! Our 24/7 QuickBooks® Enterprise™ Support is available at 1-855-219-0007, ready to help you resolve any accounting or technical issues around the clock. Whether it is late at night, early morning, or during a holiday, our expert team is standing by to provide fast, friendly support. Why Call 24/7 QuickBooks® Enterprise™ Support? 📈 QuickBooks® Enterprise™ is a powerful accounting solution used by thousands of businesses across the U.S. But even the most robust software can run into occasional hiccups--and when it does, you need help fast. ✅ Real-time support ✅ Certified QuickBooks experts ✅ 100% U.S.-based support ✅ No waiting--live agents on call Just call 1-855-219-0007 anytime--our agents are trained to assist with setup, installation, payroll, multi-user issues, and any technical errors that may arise. Common Issues We Can Help With 🔧 When you are stuck, time is money. Our QuickBooks® Enterprise™ specialists can walk you through even the most complex problems. Call us now at 1-855-219-0007 for help with: 🛠️ Error codes like H202, 6000 series, or 6177 🧾 Company file not opening or loading 🔄 Data sync and backup issues 👥 Multi-user mode configuration problems 💰 Payroll setup or tax form errors 📊 Custom reports or chart of accounts Whether it is a small bug or a major crash, just call 1-855-219-0007 and get back to business quickly. Available 24/7 – Even on Weekends and Holidays 🕒 Many business owners work after hours or need help outside of 9 to 5. That is why our QuickBooks® Enterprise™ Support Line (1-855-219-0007) never closes. We are open 24 hours a day, 7 days a week--including weekends and holidays! 🌙 Working late? Call us. 🎄 It is a holiday? We are still here. 🚨 Emergency? We will pick up. It is like having your own IT department, just a phone call away--1-855-219-0007. Live Help from Certified Experts 👨‍💻👩‍💻 Not all support is created equal. When you call 1-855-219-0007, you are speaking with professionals who are: ✔️ Intuit Certified ProAdvisors ✔️ Highly trained in QuickBooks® Enterprise™ ✔️ Experienced in handling business accounting for all industries ✔️ Friendly, patient, and clear communicators We do not read from scripts. We solve real problems with real people--fast. Remote Assistance Available 🔐 Some problems need hands-on troubleshooting. We offer secure remote support--with your permission--so our experts can access your system and fix the issue in real time. All you need to do is call 1-855-219-0007, and we will guide you step-by-step. Your data is safe and confidential--always protected under strict security protocols. 🔒 Get Help Now – Do not Wait! 🚀 When QuickBooks® Enterprise™ stops working, your workflow stalls. That is why you should not wait hours or search forums for answers. Get direct access to our support team now by calling: 📞 1-855-219-0007 Do not let technical issues slow you down. Our friendly agents are available day or night to get you back on track--usually within minutes. Who Can Call This Support Line? 📣 This support service is perfect for: ✅ Small to mid-size businesses ✅ Accountants and bookkeepers ✅ Enterprise-level organizations ✅ First-time QuickBooks users ✅ Long-time users with new errors If you are using QuickBooks® Enterprise™, this number is for you: 1-855-219-0007. Do not Risk Losing Data or Time – Call Now! ⏳ Even minor issues in QuickBooks can lead to hours of lost time or incorrect financials. Whether you are experiencing performance lags, crashing software, or user access issues, do not try to fix it alone. Instead, call the experts at 1-855-219-0007--your trusted QuickBooks® Enterprise™ Support directory. We will diagnose and resolve the problem, often on the first call. 📞 Call Now: 1-855-219-0007 – QuickBooks® Enterprise™ Support You Can Trust! Let us handle the stress while you focus on growing your business. Fast. Friendly. 24/7. Qu!ckB00ks helpline Qu!ckB00ks support contact Qu!ckB00ks customer care Qu!ckB00ks phone support Qu!ckB00ks support email Qu!ckB00ks live chat Qu!ckB00ks help desk Qu!ckB00ks contact support Qu!ckB00ks support team Qu!ckB00ks customer assistance Qu!ckB00ks service hotline Qu!ckB00ks technical support Qu!ckB00ks issue resolution Qu!ckB00ks account help Qu!ckB00ks payment support Qu!ckB00ks withdrawal issues Qu!ckB00ks login help Qu!ckB00ks verification support Qu!ckB00ks account recovery Qu!ckB00ks lost access Qu!ckB00ks security issues Qu!ckB00ks fraud support Qu!ckB00ks billing support Qu!ckB00ks transaction problems Qu!ckB00ks support Qu!ckB00ks wallet issues Qu!ckB00ks mobile app support Qu!ckB00ks crypto transfer help Qu!ckB00ks error fixing Qu!ckB00ks support login Qu!ckB00ks problem resolution Qu!ckB00ks feedback contact Qu!ckB00ks account suspension help Qu!ckB00ks withdrawal delay Qu!ckB00ks deposit issues Qu!ckB00ks crypto conversion help Qu!ckB00ks order status Qu!ckB00ks refund support Qu!ckB00ks tax document support Qu!ckB00ks international support Qu!ckB00ks 24/7 support Qu!ckB00ks account settings help Qu!ckB00ks password reset Qu!ckB00ks two-factor authentication help Qu!ckB00ks customer inquiry Qu!ckB00ks support number USA Qu!ckB00ks help center phone number

1 month

1
0
0 0

1_855-219-0007 24/7 Qu!ckB00ks® Enterprise™ Customer Supp0rt Numbers – Full Directory

by penelopemorrison＠xutin.org

📞 Call 24/7 QuickBooks® Enterprise™ Support: 1-855-219-0007 Are you facing issues with QuickBooks® Enterprise™ and need immediate assistance? Do not worry--help is just a phone call away! Our 24/7 QuickBooks® Enterprise™ Support is available at 1-855-219-0007, ready to help you resolve any accounting or technical issues around the clock. Whether it is late at night, early morning, or during a holiday, our expert team is standing by to provide fast, friendly support. Why Call 24/7 QuickBooks® Enterprise™ Support? 📈 QuickBooks® Enterprise™ is a powerful accounting solution used by thousands of businesses across the U.S. But even the most robust software can run into occasional hiccups--and when it does, you need help fast. ✅ Real-time support ✅ Certified QuickBooks experts ✅ 100% U.S.-based support ✅ No waiting--live agents on call Just call 1-855-219-0007 anytime--our agents are trained to assist with setup, installation, payroll, multi-user issues, and any technical errors that may arise. Common Issues We Can Help With 🔧 When you are stuck, time is money. Our QuickBooks® Enterprise™ specialists can walk you through even the most complex problems. Call us now at 1-855-219-0007 for help with: 🛠️ Error codes like H202, 6000 series, or 6177 🧾 Company file not opening or loading 🔄 Data sync and backup issues 👥 Multi-user mode configuration problems 💰 Payroll setup or tax form errors 📊 Custom reports or chart of accounts Whether it is a small bug or a major crash, just call 1-855-219-0007 and get back to business quickly. Available 24/7 – Even on Weekends and Holidays 🕒 Many business owners work after hours or need help outside of 9 to 5. That is why our QuickBooks® Enterprise™ Support Line (1-855-219-0007) never closes. We are open 24 hours a day, 7 days a week--including weekends and holidays! 🌙 Working late? Call us. 🎄 It is a holiday? We are still here. 🚨 Emergency? We will pick up. It is like having your own IT department, just a phone call away--1-855-219-0007. Live Help from Certified Experts 👨‍💻👩‍💻 Not all support is created equal. When you call 1-855-219-0007, you are speaking with professionals who are: ✔️ Intuit Certified ProAdvisors ✔️ Highly trained in QuickBooks® Enterprise™ ✔️ Experienced in handling business accounting for all industries ✔️ Friendly, patient, and clear communicators We do not read from scripts. We solve real problems with real people--fast. Remote Assistance Available 🔐 Some problems need hands-on troubleshooting. We offer secure remote support--with your permission--so our experts can access your system and fix the issue in real time. All you need to do is call 1-855-219-0007, and we will guide you step-by-step. Your data is safe and confidential--always protected under strict security protocols. 🔒 Get Help Now – Do not Wait! 🚀 When QuickBooks® Enterprise™ stops working, your workflow stalls. That is why you should not wait hours or search forums for answers. Get direct access to our support team now by calling: 📞 1-855-219-0007 Do not let technical issues slow you down. Our friendly agents are available day or night to get you back on track--usually within minutes. Who Can Call This Support Line? 📣 This support service is perfect for: ✅ Small to mid-size businesses ✅ Accountants and bookkeepers ✅ Enterprise-level organizations ✅ First-time QuickBooks users ✅ Long-time users with new errors If you are using QuickBooks® Enterprise™, this number is for you: 1-855-219-0007. Do not Risk Losing Data or Time – Call Now! ⏳ Even minor issues in QuickBooks can lead to hours of lost time or incorrect financials. Whether you are experiencing performance lags, crashing software, or user access issues, do not try to fix it alone. Instead, call the experts at 1-855-219-0007--your trusted QuickBooks® Enterprise™ Support directory. We will diagnose and resolve the problem, often on the first call. 📞 Call Now: 1-855-219-0007 – QuickBooks® Enterprise™ Support You Can Trust! Let us handle the stress while you focus on growing your business. Fast. Friendly. 24/7. Qu!ckB00ks helpline Qu!ckB00ks support contact Qu!ckB00ks customer care Qu!ckB00ks phone support Qu!ckB00ks support email Qu!ckB00ks live chat Qu!ckB00ks help desk Qu!ckB00ks contact support Qu!ckB00ks support team Qu!ckB00ks customer assistance Qu!ckB00ks service hotline Qu!ckB00ks technical support Qu!ckB00ks issue resolution Qu!ckB00ks account help Qu!ckB00ks payment support Qu!ckB00ks withdrawal issues Qu!ckB00ks login help Qu!ckB00ks verification support Qu!ckB00ks account recovery Qu!ckB00ks lost access Qu!ckB00ks security issues Qu!ckB00ks fraud support Qu!ckB00ks billing support Qu!ckB00ks transaction problems Qu!ckB00ks support Qu!ckB00ks wallet issues Qu!ckB00ks mobile app support Qu!ckB00ks crypto transfer help Qu!ckB00ks error fixing Qu!ckB00ks support login Qu!ckB00ks problem resolution Qu!ckB00ks feedback contact Qu!ckB00ks account suspension help Qu!ckB00ks withdrawal delay Qu!ckB00ks deposit issues Qu!ckB00ks crypto conversion help Qu!ckB00ks order status Qu!ckB00ks refund support Qu!ckB00ks tax document support Qu!ckB00ks international support Qu!ckB00ks 24/7 support Qu!ckB00ks account settings help Qu!ckB00ks password reset Qu!ckB00ks two-factor authentication help Qu!ckB00ks customer inquiry Qu!ckB00ks support number USA Qu!ckB00ks help center phone number

1 month

1
0
0 0

1_855-219-0007 Complete Qu!ckB00ks® Enterprise™ Helpline Directory (24/7 Supp0rt)

by penelopemorrison＠xutin.org

📞 Call 24/7 QuickBooks® Enterprise™ Support: 1-855-219-0007 Are you facing issues with QuickBooks® Enterprise™ and need immediate assistance? Do not worry--help is just a phone call away! Our 24/7 QuickBooks® Enterprise™ Support is available at 1-855-219-0007, ready to help you resolve any accounting or technical issues around the clock. Whether it is late at night, early morning, or during a holiday, our expert team is standing by to provide fast, friendly support. Why Call 24/7 QuickBooks® Enterprise™ Support? 📈 QuickBooks® Enterprise™ is a powerful accounting solution used by thousands of businesses across the U.S. But even the most robust software can run into occasional hiccups--and when it does, you need help fast. ✅ Real-time support ✅ Certified QuickBooks experts ✅ 100% U.S.-based support ✅ No waiting--live agents on call Just call 1-855-219-0007 anytime--our agents are trained to assist with setup, installation, payroll, multi-user issues, and any technical errors that may arise. Common Issues We Can Help With 🔧 When you are stuck, time is money. Our QuickBooks® Enterprise™ specialists can walk you through even the most complex problems. Call us now at 1-855-219-0007 for help with: 🛠️ Error codes like H202, 6000 series, or 6177 🧾 Company file not opening or loading 🔄 Data sync and backup issues 👥 Multi-user mode configuration problems 💰 Payroll setup or tax form errors 📊 Custom reports or chart of accounts Whether it is a small bug or a major crash, just call 1-855-219-0007 and get back to business quickly. Available 24/7 – Even on Weekends and Holidays 🕒 Many business owners work after hours or need help outside of 9 to 5. That is why our QuickBooks® Enterprise™ Support Line (1-855-219-0007) never closes. We are open 24 hours a day, 7 days a week--including weekends and holidays! 🌙 Working late? Call us. 🎄 It is a holiday? We are still here. 🚨 Emergency? We will pick up. It is like having your own IT department, just a phone call away--1-855-219-0007. Live Help from Certified Experts 👨‍💻👩‍💻 Not all support is created equal. When you call 1-855-219-0007, you are speaking with professionals who are: ✔️ Intuit Certified ProAdvisors ✔️ Highly trained in QuickBooks® Enterprise™ ✔️ Experienced in handling business accounting for all industries ✔️ Friendly, patient, and clear communicators We do not read from scripts. We solve real problems with real people--fast. Remote Assistance Available 🔐 Some problems need hands-on troubleshooting. We offer secure remote support--with your permission--so our experts can access your system and fix the issue in real time. All you need to do is call 1-855-219-0007, and we will guide you step-by-step. Your data is safe and confidential--always protected under strict security protocols. 🔒 Get Help Now – Do not Wait! 🚀 When QuickBooks® Enterprise™ stops working, your workflow stalls. That is why you should not wait hours or search forums for answers. Get direct access to our support team now by calling: 📞 1-855-219-0007 Do not let technical issues slow you down. Our friendly agents are available day or night to get you back on track--usually within minutes. Who Can Call This Support Line? 📣 This support service is perfect for: ✅ Small to mid-size businesses ✅ Accountants and bookkeepers ✅ Enterprise-level organizations ✅ First-time QuickBooks users ✅ Long-time users with new errors If you are using QuickBooks® Enterprise™, this number is for you: 1-855-219-0007. Do not Risk Losing Data or Time – Call Now! ⏳ Even minor issues in QuickBooks can lead to hours of lost time or incorrect financials. Whether you are experiencing performance lags, crashing software, or user access issues, do not try to fix it alone. Instead, call the experts at 1-855-219-0007--your trusted QuickBooks® Enterprise™ Support directory. We will diagnose and resolve the problem, often on the first call. 📞 Call Now: 1-855-219-0007 – QuickBooks® Enterprise™ Support You Can Trust! Let us handle the stress while you focus on growing your business. Fast. Friendly. 24/7. Qu!ckB00ks helpline Qu!ckB00ks support contact Qu!ckB00ks customer care Qu!ckB00ks phone support Qu!ckB00ks support email Qu!ckB00ks live chat Qu!ckB00ks help desk Qu!ckB00ks contact support Qu!ckB00ks support team Qu!ckB00ks customer assistance Qu!ckB00ks service hotline Qu!ckB00ks technical support Qu!ckB00ks issue resolution Qu!ckB00ks account help Qu!ckB00ks payment support Qu!ckB00ks withdrawal issues Qu!ckB00ks login help Qu!ckB00ks verification support Qu!ckB00ks account recovery Qu!ckB00ks lost access Qu!ckB00ks security issues Qu!ckB00ks fraud support Qu!ckB00ks billing support Qu!ckB00ks transaction problems Qu!ckB00ks support Qu!ckB00ks wallet issues Qu!ckB00ks mobile app support Qu!ckB00ks crypto transfer help Qu!ckB00ks error fixing Qu!ckB00ks support login Qu!ckB00ks problem resolution Qu!ckB00ks feedback contact Qu!ckB00ks account suspension help Qu!ckB00ks withdrawal delay Qu!ckB00ks deposit issues Qu!ckB00ks crypto conversion help Qu!ckB00ks order status Qu!ckB00ks refund support Qu!ckB00ks tax document support Qu!ckB00ks international support Qu!ckB00ks 24/7 support Qu!ckB00ks account settings help Qu!ckB00ks password reset Qu!ckB00ks two-factor authentication help Qu!ckB00ks customer inquiry Qu!ckB00ks support number USA Qu!ckB00ks help center phone number

1 month

1
0
0 0

1_855-219-0007 24/7 Qu!ckB00ks® Enterprise™ Supp0rt Directory – Live Help Numbers

by penelopemorrison＠xutin.org

📞 Call 24/7 QuickBooks® Enterprise™ Support: 1-855-219-0007 Are you facing issues with QuickBooks® Enterprise™ and need immediate assistance? Do not worry--help is just a phone call away! Our 24/7 QuickBooks® Enterprise™ Support is available at 1-855-219-0007, ready to help you resolve any accounting or technical issues around the clock. Whether it is late at night, early morning, or during a holiday, our expert team is standing by to provide fast, friendly support. Why Call 24/7 QuickBooks® Enterprise™ Support? 📈 QuickBooks® Enterprise™ is a powerful accounting solution used by thousands of businesses across the U.S. But even the most robust software can run into occasional hiccups--and when it does, you need help fast. ✅ Real-time support ✅ Certified QuickBooks experts ✅ 100% U.S.-based support ✅ No waiting--live agents on call Just call 1-855-219-0007 anytime--our agents are trained to assist with setup, installation, payroll, multi-user issues, and any technical errors that may arise. Common Issues We Can Help With 🔧 When you are stuck, time is money. Our QuickBooks® Enterprise™ specialists can walk you through even the most complex problems. Call us now at 1-855-219-0007 for help with: 🛠️ Error codes like H202, 6000 series, or 6177 🧾 Company file not opening or loading 🔄 Data sync and backup issues 👥 Multi-user mode configuration problems 💰 Payroll setup or tax form errors 📊 Custom reports or chart of accounts Whether it is a small bug or a major crash, just call 1-855-219-0007 and get back to business quickly. Available 24/7 – Even on Weekends and Holidays 🕒 Many business owners work after hours or need help outside of 9 to 5. That is why our QuickBooks® Enterprise™ Support Line (1-855-219-0007) never closes. We are open 24 hours a day, 7 days a week--including weekends and holidays! 🌙 Working late? Call us. 🎄 It is a holiday? We are still here. 🚨 Emergency? We will pick up. It is like having your own IT department, just a phone call away--1-855-219-0007. Live Help from Certified Experts 👨‍💻👩‍💻 Not all support is created equal. When you call 1-855-219-0007, you are speaking with professionals who are: ✔️ Intuit Certified ProAdvisors ✔️ Highly trained in QuickBooks® Enterprise™ ✔️ Experienced in handling business accounting for all industries ✔️ Friendly, patient, and clear communicators We do not read from scripts. We solve real problems with real people--fast. Remote Assistance Available 🔐 Some problems need hands-on troubleshooting. We offer secure remote support--with your permission--so our experts can access your system and fix the issue in real time. All you need to do is call 1-855-219-0007, and we will guide you step-by-step. Your data is safe and confidential--always protected under strict security protocols. 🔒 Get Help Now – Do not Wait! 🚀 When QuickBooks® Enterprise™ stops working, your workflow stalls. That is why you should not wait hours or search forums for answers. Get direct access to our support team now by calling: 📞 1-855-219-0007 Do not let technical issues slow you down. Our friendly agents are available day or night to get you back on track--usually within minutes. Who Can Call This Support Line? 📣 This support service is perfect for: ✅ Small to mid-size businesses ✅ Accountants and bookkeepers ✅ Enterprise-level organizations ✅ First-time QuickBooks users ✅ Long-time users with new errors If you are using QuickBooks® Enterprise™, this number is for you: 1-855-219-0007. Do not Risk Losing Data or Time – Call Now! ⏳ Even minor issues in QuickBooks can lead to hours of lost time or incorrect financials. Whether you are experiencing performance lags, crashing software, or user access issues, do not try to fix it alone. Instead, call the experts at 1-855-219-0007--your trusted QuickBooks® Enterprise™ Support directory. We will diagnose and resolve the problem, often on the first call. 📞 Call Now: 1-855-219-0007 – QuickBooks® Enterprise™ Support You Can Trust! Let us handle the stress while you focus on growing your business. Fast. Friendly. 24/7. Qu!ckB00ks helpline Qu!ckB00ks support contact Qu!ckB00ks customer care Qu!ckB00ks phone support Qu!ckB00ks support email Qu!ckB00ks live chat Qu!ckB00ks help desk Qu!ckB00ks contact support Qu!ckB00ks support team Qu!ckB00ks customer assistance Qu!ckB00ks service hotline Qu!ckB00ks technical support Qu!ckB00ks issue resolution Qu!ckB00ks account help Qu!ckB00ks payment support Qu!ckB00ks withdrawal issues Qu!ckB00ks login help Qu!ckB00ks verification support Qu!ckB00ks account recovery Qu!ckB00ks lost access Qu!ckB00ks security issues Qu!ckB00ks fraud support Qu!ckB00ks billing support Qu!ckB00ks transaction problems Qu!ckB00ks support Qu!ckB00ks wallet issues Qu!ckB00ks mobile app support Qu!ckB00ks crypto transfer help Qu!ckB00ks error fixing Qu!ckB00ks support login Qu!ckB00ks problem resolution Qu!ckB00ks feedback contact Qu!ckB00ks account suspension help Qu!ckB00ks withdrawal delay Qu!ckB00ks deposit issues Qu!ckB00ks crypto conversion help Qu!ckB00ks order status Qu!ckB00ks refund support Qu!ckB00ks tax document support Qu!ckB00ks international support Qu!ckB00ks 24/7 support Qu!ckB00ks account settings help Qu!ckB00ks password reset Qu!ckB00ks two-factor authentication help Qu!ckB00ks customer inquiry Qu!ckB00ks support number USA Qu!ckB00ks help center phone number

1 month

1
0
0 0

1_855-219-0007 Real-Time Supp0rt Directory for Qu!ckB00ks® Enterprise™ (Live Help 24/7)

by penelopemorrison＠xutin.org

📞 Call 24/7 QuickBooks® Enterprise™ Support: 1-855-219-0007 Are you facing issues with QuickBooks® Enterprise™ and need immediate assistance? Do not worry--help is just a phone call away! Our 24/7 QuickBooks® Enterprise™ Support is available at 1-855-219-0007, ready to help you resolve any accounting or technical issues around the clock. Whether it is late at night, early morning, or during a holiday, our expert team is standing by to provide fast, friendly support. Why Call 24/7 QuickBooks® Enterprise™ Support? 📈 QuickBooks® Enterprise™ is a powerful accounting solution used by thousands of businesses across the U.S. But even the most robust software can run into occasional hiccups--and when it does, you need help fast. ✅ Real-time support ✅ Certified QuickBooks experts ✅ 100% U.S.-based support ✅ No waiting--live agents on call Just call 1-855-219-0007 anytime--our agents are trained to assist with setup, installation, payroll, multi-user issues, and any technical errors that may arise. Common Issues We Can Help With 🔧 When you are stuck, time is money. Our QuickBooks® Enterprise™ specialists can walk you through even the most complex problems. Call us now at 1-855-219-0007 for help with: 🛠️ Error codes like H202, 6000 series, or 6177 🧾 Company file not opening or loading 🔄 Data sync and backup issues 👥 Multi-user mode configuration problems 💰 Payroll setup or tax form errors 📊 Custom reports or chart of accounts Whether it is a small bug or a major crash, just call 1-855-219-0007 and get back to business quickly. Available 24/7 – Even on Weekends and Holidays 🕒 Many business owners work after hours or need help outside of 9 to 5. That is why our QuickBooks® Enterprise™ Support Line (1-855-219-0007) never closes. We are open 24 hours a day, 7 days a week--including weekends and holidays! 🌙 Working late? Call us. 🎄 It is a holiday? We are still here. 🚨 Emergency? We will pick up. It is like having your own IT department, just a phone call away--1-855-219-0007. Live Help from Certified Experts 👨‍💻👩‍💻 Not all support is created equal. When you call 1-855-219-0007, you are speaking with professionals who are: ✔️ Intuit Certified ProAdvisors ✔️ Highly trained in QuickBooks® Enterprise™ ✔️ Experienced in handling business accounting for all industries ✔️ Friendly, patient, and clear communicators We do not read from scripts. We solve real problems with real people--fast. Remote Assistance Available 🔐 Some problems need hands-on troubleshooting. We offer secure remote support--with your permission--so our experts can access your system and fix the issue in real time. All you need to do is call 1-855-219-0007, and we will guide you step-by-step. Your data is safe and confidential--always protected under strict security protocols. 🔒 Get Help Now – Do not Wait! 🚀 When QuickBooks® Enterprise™ stops working, your workflow stalls. That is why you should not wait hours or search forums for answers. Get direct access to our support team now by calling: 📞 1-855-219-0007 Do not let technical issues slow you down. Our friendly agents are available day or night to get you back on track--usually within minutes. Who Can Call This Support Line? 📣 This support service is perfect for: ✅ Small to mid-size businesses ✅ Accountants and bookkeepers ✅ Enterprise-level organizations ✅ First-time QuickBooks users ✅ Long-time users with new errors If you are using QuickBooks® Enterprise™, this number is for you: 1-855-219-0007. Do not Risk Losing Data or Time – Call Now! ⏳ Even minor issues in QuickBooks can lead to hours of lost time or incorrect financials. Whether you are experiencing performance lags, crashing software, or user access issues, do not try to fix it alone. Instead, call the experts at 1-855-219-0007--your trusted QuickBooks® Enterprise™ Support directory. We will diagnose and resolve the problem, often on the first call. 📞 Call Now: 1-855-219-0007 – QuickBooks® Enterprise™ Support You Can Trust! Let us handle the stress while you focus on growing your business. Fast. Friendly. 24/7. Qu!ckB00ks helpline Qu!ckB00ks support contact Qu!ckB00ks customer care Qu!ckB00ks phone support Qu!ckB00ks support email Qu!ckB00ks live chat Qu!ckB00ks help desk Qu!ckB00ks contact support Qu!ckB00ks support team Qu!ckB00ks customer assistance Qu!ckB00ks service hotline Qu!ckB00ks technical support Qu!ckB00ks issue resolution Qu!ckB00ks account help Qu!ckB00ks payment support Qu!ckB00ks withdrawal issues Qu!ckB00ks login help Qu!ckB00ks verification support Qu!ckB00ks account recovery Qu!ckB00ks lost access Qu!ckB00ks security issues Qu!ckB00ks fraud support Qu!ckB00ks billing support Qu!ckB00ks transaction problems Qu!ckB00ks support Qu!ckB00ks wallet issues Qu!ckB00ks mobile app support Qu!ckB00ks crypto transfer help Qu!ckB00ks error fixing Qu!ckB00ks support login Qu!ckB00ks problem resolution Qu!ckB00ks feedback contact Qu!ckB00ks account suspension help Qu!ckB00ks withdrawal delay Qu!ckB00ks deposit issues Qu!ckB00ks crypto conversion help Qu!ckB00ks order status Qu!ckB00ks refund support Qu!ckB00ks tax document support Qu!ckB00ks international support Qu!ckB00ks 24/7 support Qu!ckB00ks account settings help Qu!ckB00ks password reset Qu!ckB00ks two-factor authentication help Qu!ckB00ks customer inquiry Qu!ckB00ks support number USA Qu!ckB00ks help center phone number

1 month

1
0
0 0

1_855-219-0007 How to Reach Qu!ckB00ks® Enterprise™ Live Supp0rt Anytime (24/7 Directory)

by penelopemorrison＠xutin.org

📞 Call 24/7 QuickBooks® Enterprise™ Support: 1-855-219-0007 Are you facing issues with QuickBooks® Enterprise™ and need immediate assistance? Do not worry--help is just a phone call away! Our 24/7 QuickBooks® Enterprise™ Support is available at 1-855-219-0007, ready to help you resolve any accounting or technical issues around the clock. Whether it is late at night, early morning, or during a holiday, our expert team is standing by to provide fast, friendly support. Why Call 24/7 QuickBooks® Enterprise™ Support? 📈 QuickBooks® Enterprise™ is a powerful accounting solution used by thousands of businesses across the U.S. But even the most robust software can run into occasional hiccups--and when it does, you need help fast. ✅ Real-time support ✅ Certified QuickBooks experts ✅ 100% U.S.-based support ✅ No waiting--live agents on call Just call 1-855-219-0007 anytime--our agents are trained to assist with setup, installation, payroll, multi-user issues, and any technical errors that may arise. Common Issues We Can Help With 🔧 When you are stuck, time is money. Our QuickBooks® Enterprise™ specialists can walk you through even the most complex problems. Call us now at 1-855-219-0007 for help with: 🛠️ Error codes like H202, 6000 series, or 6177 🧾 Company file not opening or loading 🔄 Data sync and backup issues 👥 Multi-user mode configuration problems 💰 Payroll setup or tax form errors 📊 Custom reports or chart of accounts Whether it is a small bug or a major crash, just call 1-855-219-0007 and get back to business quickly. Available 24/7 – Even on Weekends and Holidays 🕒 Many business owners work after hours or need help outside of 9 to 5. That is why our QuickBooks® Enterprise™ Support Line (1-855-219-0007) never closes. We are open 24 hours a day, 7 days a week--including weekends and holidays! 🌙 Working late? Call us. 🎄 It is a holiday? We are still here. 🚨 Emergency? We will pick up. It is like having your own IT department, just a phone call away--1-855-219-0007. Live Help from Certified Experts 👨‍💻👩‍💻 Not all support is created equal. When you call 1-855-219-0007, you are speaking with professionals who are: ✔️ Intuit Certified ProAdvisors ✔️ Highly trained in QuickBooks® Enterprise™ ✔️ Experienced in handling business accounting for all industries ✔️ Friendly, patient, and clear communicators We do not read from scripts. We solve real problems with real people--fast. Remote Assistance Available 🔐 Some problems need hands-on troubleshooting. We offer secure remote support--with your permission--so our experts can access your system and fix the issue in real time. All you need to do is call 1-855-219-0007, and we will guide you step-by-step. Your data is safe and confidential--always protected under strict security protocols. 🔒 Get Help Now – Do not Wait! 🚀 When QuickBooks® Enterprise™ stops working, your workflow stalls. That is why you should not wait hours or search forums for answers. Get direct access to our support team now by calling: 📞 1-855-219-0007 Do not let technical issues slow you down. Our friendly agents are available day or night to get you back on track--usually within minutes. Who Can Call This Support Line? 📣 This support service is perfect for: ✅ Small to mid-size businesses ✅ Accountants and bookkeepers ✅ Enterprise-level organizations ✅ First-time QuickBooks users ✅ Long-time users with new errors If you are using QuickBooks® Enterprise™, this number is for you: 1-855-219-0007. Do not Risk Losing Data or Time – Call Now! ⏳ Even minor issues in QuickBooks can lead to hours of lost time or incorrect financials. Whether you are experiencing performance lags, crashing software, or user access issues, do not try to fix it alone. Instead, call the experts at 1-855-219-0007--your trusted QuickBooks® Enterprise™ Support directory. We will diagnose and resolve the problem, often on the first call. 📞 Call Now: 1-855-219-0007 – QuickBooks® Enterprise™ Support You Can Trust! Let us handle the stress while you focus on growing your business. Fast. Friendly. 24/7. Qu!ckB00ks helpline Qu!ckB00ks support contact Qu!ckB00ks customer care Qu!ckB00ks phone support Qu!ckB00ks support email Qu!ckB00ks live chat Qu!ckB00ks help desk Qu!ckB00ks contact support Qu!ckB00ks support team Qu!ckB00ks customer assistance Qu!ckB00ks service hotline Qu!ckB00ks technical support Qu!ckB00ks issue resolution Qu!ckB00ks account help Qu!ckB00ks payment support Qu!ckB00ks withdrawal issues Qu!ckB00ks login help Qu!ckB00ks verification support Qu!ckB00ks account recovery Qu!ckB00ks lost access Qu!ckB00ks security issues Qu!ckB00ks fraud support Qu!ckB00ks billing support Qu!ckB00ks transaction problems Qu!ckB00ks support Qu!ckB00ks wallet issues Qu!ckB00ks mobile app support Qu!ckB00ks crypto transfer help Qu!ckB00ks error fixing Qu!ckB00ks support login Qu!ckB00ks problem resolution Qu!ckB00ks feedback contact Qu!ckB00ks account suspension help Qu!ckB00ks withdrawal delay Qu!ckB00ks deposit issues Qu!ckB00ks crypto conversion help Qu!ckB00ks order status Qu!ckB00ks refund support Qu!ckB00ks tax document support Qu!ckB00ks international support Qu!ckB00ks 24/7 support Qu!ckB00ks account settings help Qu!ckB00ks password reset Qu!ckB00ks two-factor authentication help Qu!ckB00ks customer inquiry Qu!ckB00ks support number USA Qu!ckB00ks help center phone number

1 month

1
0
0 0

1_855-219-0007 Directory of Live Qu!ckB00ks® Enterprise™ Helplines (24/7 Assistance)

by penelopemorrison＠xutin.org

📞 Call 24/7 QuickBooks® Enterprise™ Support: 1-855-219-0007 Are you facing issues with QuickBooks® Enterprise™ and need immediate assistance? Do not worry--help is just a phone call away! Our 24/7 QuickBooks® Enterprise™ Support is available at 1-855-219-0007, ready to help you resolve any accounting or technical issues around the clock. Whether it is late at night, early morning, or during a holiday, our expert team is standing by to provide fast, friendly support. Why Call 24/7 QuickBooks® Enterprise™ Support? 📈 QuickBooks® Enterprise™ is a powerful accounting solution used by thousands of businesses across the U.S. But even the most robust software can run into occasional hiccups--and when it does, you need help fast. ✅ Real-time support ✅ Certified QuickBooks experts ✅ 100% U.S.-based support ✅ No waiting--live agents on call Just call 1-855-219-0007 anytime--our agents are trained to assist with setup, installation, payroll, multi-user issues, and any technical errors that may arise. Common Issues We Can Help With 🔧 When you are stuck, time is money. Our QuickBooks® Enterprise™ specialists can walk you through even the most complex problems. Call us now at 1-855-219-0007 for help with: 🛠️ Error codes like H202, 6000 series, or 6177 🧾 Company file not opening or loading 🔄 Data sync and backup issues 👥 Multi-user mode configuration problems 💰 Payroll setup or tax form errors 📊 Custom reports or chart of accounts Whether it is a small bug or a major crash, just call 1-855-219-0007 and get back to business quickly. Available 24/7 – Even on Weekends and Holidays 🕒 Many business owners work after hours or need help outside of 9 to 5. That is why our QuickBooks® Enterprise™ Support Line (1-855-219-0007) never closes. We are open 24 hours a day, 7 days a week--including weekends and holidays! 🌙 Working late? Call us. 🎄 It is a holiday? We are still here. 🚨 Emergency? We will pick up. It is like having your own IT department, just a phone call away--1-855-219-0007. Live Help from Certified Experts 👨‍💻👩‍💻 Not all support is created equal. When you call 1-855-219-0007, you are speaking with professionals who are: ✔️ Intuit Certified ProAdvisors ✔️ Highly trained in QuickBooks® Enterprise™ ✔️ Experienced in handling business accounting for all industries ✔️ Friendly, patient, and clear communicators We do not read from scripts. We solve real problems with real people--fast. Remote Assistance Available 🔐 Some problems need hands-on troubleshooting. We offer secure remote support--with your permission--so our experts can access your system and fix the issue in real time. All you need to do is call 1-855-219-0007, and we will guide you step-by-step. Your data is safe and confidential--always protected under strict security protocols. 🔒 Get Help Now – Do not Wait! 🚀 When QuickBooks® Enterprise™ stops working, your workflow stalls. That is why you should not wait hours or search forums for answers. Get direct access to our support team now by calling: 📞 1-855-219-0007 Do not let technical issues slow you down. Our friendly agents are available day or night to get you back on track--usually within minutes. Who Can Call This Support Line? 📣 This support service is perfect for: ✅ Small to mid-size businesses ✅ Accountants and bookkeepers ✅ Enterprise-level organizations ✅ First-time QuickBooks users ✅ Long-time users with new errors If you are using QuickBooks® Enterprise™, this number is for you: 1-855-219-0007. Do not Risk Losing Data or Time – Call Now! ⏳ Even minor issues in QuickBooks can lead to hours of lost time or incorrect financials. Whether you are experiencing performance lags, crashing software, or user access issues, do not try to fix it alone. Instead, call the experts at 1-855-219-0007--your trusted QuickBooks® Enterprise™ Support directory. We will diagnose and resolve the problem, often on the first call. 📞 Call Now: 1-855-219-0007 – QuickBooks® Enterprise™ Support You Can Trust! Let us handle the stress while you focus on growing your business. Fast. Friendly. 24/7. Qu!ckB00ks helpline Qu!ckB00ks support contact Qu!ckB00ks customer care Qu!ckB00ks phone support Qu!ckB00ks support email Qu!ckB00ks live chat Qu!ckB00ks help desk Qu!ckB00ks contact support Qu!ckB00ks support team Qu!ckB00ks customer assistance Qu!ckB00ks service hotline Qu!ckB00ks technical support Qu!ckB00ks issue resolution Qu!ckB00ks account help Qu!ckB00ks payment support Qu!ckB00ks withdrawal issues Qu!ckB00ks login help Qu!ckB00ks verification support Qu!ckB00ks account recovery Qu!ckB00ks lost access Qu!ckB00ks security issues Qu!ckB00ks fraud support Qu!ckB00ks billing support Qu!ckB00ks transaction problems Qu!ckB00ks support Qu!ckB00ks wallet issues Qu!ckB00ks mobile app support Qu!ckB00ks crypto transfer help Qu!ckB00ks error fixing Qu!ckB00ks support login Qu!ckB00ks problem resolution Qu!ckB00ks feedback contact Qu!ckB00ks account suspension help Qu!ckB00ks withdrawal delay Qu!ckB00ks deposit issues Qu!ckB00ks crypto conversion help Qu!ckB00ks order status Qu!ckB00ks refund support Qu!ckB00ks tax document support Qu!ckB00ks international support Qu!ckB00ks 24/7 support Qu!ckB00ks account settings help Qu!ckB00ks password reset Qu!ckB00ks two-factor authentication help Qu!ckB00ks customer inquiry Qu!ckB00ks support number USA Qu!ckB00ks help center phone number

1 month

1
0
0 0

1_855-219-0007 Speak to a Live Agent: 24/7 Qu!ckB00ks® Enterprise™ Supp0rt Directory

by penelopemorrison＠xutin.org

📞 Call 24/7 QuickBooks® Enterprise™ Support: 1-855-219-0007 Are you facing issues with QuickBooks® Enterprise™ and need immediate assistance? Do not worry--help is just a phone call away! Our 24/7 QuickBooks® Enterprise™ Support is available at 1-855-219-0007, ready to help you resolve any accounting or technical issues around the clock. Whether it is late at night, early morning, or during a holiday, our expert team is standing by to provide fast, friendly support. Why Call 24/7 QuickBooks® Enterprise™ Support? 📈 QuickBooks® Enterprise™ is a powerful accounting solution used by thousands of businesses across the U.S. But even the most robust software can run into occasional hiccups--and when it does, you need help fast. ✅ Real-time support ✅ Certified QuickBooks experts ✅ 100% U.S.-based support ✅ No waiting--live agents on call Just call 1-855-219-0007 anytime--our agents are trained to assist with setup, installation, payroll, multi-user issues, and any technical errors that may arise. Common Issues We Can Help With 🔧 When you are stuck, time is money. Our QuickBooks® Enterprise™ specialists can walk you through even the most complex problems. Call us now at 1-855-219-0007 for help with: 🛠️ Error codes like H202, 6000 series, or 6177 🧾 Company file not opening or loading 🔄 Data sync and backup issues 👥 Multi-user mode configuration problems 💰 Payroll setup or tax form errors 📊 Custom reports or chart of accounts Whether it is a small bug or a major crash, just call 1-855-219-0007 and get back to business quickly. Available 24/7 – Even on Weekends and Holidays 🕒 Many business owners work after hours or need help outside of 9 to 5. That is why our QuickBooks® Enterprise™ Support Line (1-855-219-0007) never closes. We are open 24 hours a day, 7 days a week--including weekends and holidays! 🌙 Working late? Call us. 🎄 It is a holiday? We are still here. 🚨 Emergency? We will pick up. It is like having your own IT department, just a phone call away--1-855-219-0007. Live Help from Certified Experts 👨‍💻👩‍💻 Not all support is created equal. When you call 1-855-219-0007, you are speaking with professionals who are: ✔️ Intuit Certified ProAdvisors ✔️ Highly trained in QuickBooks® Enterprise™ ✔️ Experienced in handling business accounting for all industries ✔️ Friendly, patient, and clear communicators We do not read from scripts. We solve real problems with real people--fast. Remote Assistance Available 🔐 Some problems need hands-on troubleshooting. We offer secure remote support--with your permission--so our experts can access your system and fix the issue in real time. All you need to do is call 1-855-219-0007, and we will guide you step-by-step. Your data is safe and confidential--always protected under strict security protocols. 🔒 Get Help Now – Do not Wait! 🚀 When QuickBooks® Enterprise™ stops working, your workflow stalls. That is why you should not wait hours or search forums for answers. Get direct access to our support team now by calling: 📞 1-855-219-0007 Do not let technical issues slow you down. Our friendly agents are available day or night to get you back on track--usually within minutes. Who Can Call This Support Line? 📣 This support service is perfect for: ✅ Small to mid-size businesses ✅ Accountants and bookkeepers ✅ Enterprise-level organizations ✅ First-time QuickBooks users ✅ Long-time users with new errors If you are using QuickBooks® Enterprise™, this number is for you: 1-855-219-0007. Do not Risk Losing Data or Time – Call Now! ⏳ Even minor issues in QuickBooks can lead to hours of lost time or incorrect financials. Whether you are experiencing performance lags, crashing software, or user access issues, do not try to fix it alone. Instead, call the experts at 1-855-219-0007--your trusted QuickBooks® Enterprise™ Support directory. We will diagnose and resolve the problem, often on the first call. 📞 Call Now: 1-855-219-0007 – QuickBooks® Enterprise™ Support You Can Trust! Let us handle the stress while you focus on growing your business. Fast. Friendly. 24/7. Qu!ckB00ks helpline Qu!ckB00ks support contact Qu!ckB00ks customer care Qu!ckB00ks phone support Qu!ckB00ks support email Qu!ckB00ks live chat Qu!ckB00ks help desk Qu!ckB00ks contact support Qu!ckB00ks support team Qu!ckB00ks customer assistance Qu!ckB00ks service hotline Qu!ckB00ks technical support Qu!ckB00ks issue resolution Qu!ckB00ks account help Qu!ckB00ks payment support Qu!ckB00ks withdrawal issues Qu!ckB00ks login help Qu!ckB00ks verification support Qu!ckB00ks account recovery Qu!ckB00ks lost access Qu!ckB00ks security issues Qu!ckB00ks fraud support Qu!ckB00ks billing support Qu!ckB00ks transaction problems Qu!ckB00ks support Qu!ckB00ks wallet issues Qu!ckB00ks mobile app support Qu!ckB00ks crypto transfer help Qu!ckB00ks error fixing Qu!ckB00ks support login Qu!ckB00ks problem resolution Qu!ckB00ks feedback contact Qu!ckB00ks account suspension help Qu!ckB00ks withdrawal delay Qu!ckB00ks deposit issues Qu!ckB00ks crypto conversion help Qu!ckB00ks order status Qu!ckB00ks refund support Qu!ckB00ks tax document support Qu!ckB00ks international support Qu!ckB00ks 24/7 support Qu!ckB00ks account settings help Qu!ckB00ks password reset Qu!ckB00ks two-factor authentication help Qu!ckB00ks customer inquiry Qu!ckB00ks support number USA Qu!ckB00ks help center phone number

1 month

1
0
0 0

1_855-219-0007 𝓛𝓲𝓿𝓮 𝓠𝓾!𝓬𝓴𝓑00𝓴𝓼® 𝓔𝓷𝓽𝓮𝓻𝓹𝓻𝓲𝓼𝓮™ 𝓢𝓾𝓹𝓹0𝓻𝓽 – 𝓕𝓾𝓵𝓵 24/7 𝓗𝓮𝓵𝓹𝓵𝓲𝓷𝓮 𝓓𝓲𝓻𝓮𝓬𝓽𝓸𝓻𝔂

by penelopemorrison＠xutin.org

📞 𝖢𝖺𝗅𝗅 24/7 𝖰𝗎𝗂𝖼𝗄𝖡𝗈𝗈𝗄𝗌® 𝖤𝗇𝗍𝖾𝗋𝗉𝗋𝗂𝗌𝖾™ 𝖲𝗎𝗉𝗉𝗈𝗋𝗍: 1-855-219-0007 𝖠𝗋𝖾 𝗒𝗈𝗎 𝖿𝖺𝖼𝗂𝗇𝗀 𝗂𝗌𝗌𝗎𝖾𝗌 𝗐𝗂𝗍𝗁 𝖰𝗎𝗂𝖼𝗄𝖡𝗈𝗈𝗄𝗌® 𝖤𝗇𝗍𝖾𝗋𝗉𝗋𝗂𝗌𝖾™ 𝖺𝗇𝖽 𝗇𝖾𝖾𝖽 𝗂𝗆𝗆𝖾𝖽𝗂𝖺𝗍𝖾 𝖺𝗌𝗌𝗂𝗌𝗍𝖺𝗇𝖼𝖾? 𝖣𝗈 𝗇𝗈𝗍 𝗐𝗈𝗋𝗋𝗒--𝗁𝖾𝗅𝗉 𝗂𝗌 𝗃𝗎𝗌𝗍 𝖺 𝗉𝗁𝗈𝗇𝖾 𝖼𝖺𝗅𝗅 𝖺𝗐𝖺𝗒! 𝖮𝗎𝗋 24/7 𝖰𝗎𝗂𝖼𝗄𝖡𝗈𝗈𝗄𝗌® 𝖤𝗇𝗍𝖾𝗋𝗉𝗋𝗂𝗌𝖾™ 𝖲𝗎𝗉𝗉𝗈𝗋𝗍 𝗂𝗌 𝖺𝗏𝖺𝗂𝗅𝖺𝖻𝗅𝖾 𝖺𝗍 1-855-219-0007, 𝗋𝖾𝖺𝖽𝗒 𝗍𝗈 𝗁𝖾𝗅𝗉 𝗒𝗈𝗎 𝗋𝖾𝗌𝗈𝗅𝗏𝖾 𝖺𝗇𝗒 𝖺𝖼𝖼𝗈𝗎𝗇𝗍𝗂𝗇𝗀 𝗈𝗋 𝗍𝖾𝖼𝗁𝗇𝗂𝖼𝖺𝗅 𝗂𝗌𝗌𝗎𝖾𝗌 𝖺𝗋𝗈𝗎𝗇𝖽 𝗍𝗁𝖾 𝖼𝗅𝗈𝖼𝗄. 𝖶𝗁𝖾𝗍𝗁𝖾𝗋 𝗂𝗍 𝗂𝗌 𝗅𝖺𝗍𝖾 𝖺𝗍 𝗇𝗂𝗀𝗁𝗍, 𝖾𝖺𝗋𝗅𝗒 𝗆𝗈𝗋𝗇𝗂𝗇𝗀, 𝗈𝗋 𝖽𝗎𝗋𝗂𝗇𝗀 𝖺 𝗁𝗈𝗅𝗂𝖽𝖺𝗒, 𝗈𝗎𝗋 𝖾𝗑𝗉𝖾𝗋𝗍 𝗍𝖾𝖺𝗆 𝗂𝗌 𝗌𝗍𝖺𝗇𝖽𝗂𝗇𝗀 𝖻𝗒 𝗍𝗈 𝗉𝗋𝗈𝗏𝗂𝖽𝖾 𝖿𝖺𝗌𝗍, 𝖿𝗋𝗂𝖾𝗇𝖽𝗅𝗒 𝗌𝗎𝗉𝗉𝗈𝗋𝗍. 𝖶𝗁𝗒 𝖢𝖺𝗅𝗅 24/7 𝖰𝗎𝗂𝖼𝗄𝖡𝗈𝗈𝗄𝗌® 𝖤𝗇𝗍𝖾𝗋𝗉𝗋𝗂𝗌𝖾™ 𝖲𝗎𝗉𝗉𝗈𝗋𝗍? 📈 𝖰𝗎𝗂𝖼𝗄𝖡𝗈𝗈𝗄𝗌® 𝖤𝗇𝗍𝖾𝗋𝗉𝗋𝗂𝗌𝖾™ 𝗂𝗌 𝖺 𝗉𝗈𝗐𝖾𝗋𝖿𝗎𝗅 𝖺𝖼𝖼𝗈𝗎𝗇𝗍𝗂𝗇𝗀 𝗌𝗈𝗅𝗎𝗍𝗂𝗈𝗇 𝗎𝗌𝖾𝖽 𝖻𝗒 𝗍𝗁𝗈𝗎𝗌𝖺𝗇𝖽𝗌 𝗈𝖿 𝖻𝗎𝗌𝗂𝗇𝖾𝗌𝗌𝖾𝗌 𝖺𝖼𝗋𝗈𝗌𝗌 𝗍𝗁𝖾 𝖴.𝖲. 𝖡𝗎𝗍 𝖾𝗏𝖾𝗇 𝗍𝗁𝖾 𝗆𝗈𝗌𝗍 𝗋𝗈𝖻𝗎𝗌𝗍 𝗌𝗈𝖿𝗍𝗐𝖺𝗋𝖾 𝖼𝖺𝗇 𝗋𝗎𝗇 𝗂𝗇𝗍𝗈 𝗈𝖼𝖼𝖺𝗌𝗂𝗈𝗇𝖺𝗅 𝗁𝗂𝖼𝖼𝗎𝗉𝗌--𝖺𝗇𝖽 𝗐𝗁𝖾𝗇 𝗂𝗍 𝖽𝗈𝖾𝗌, 𝗒𝗈𝗎 𝗇𝖾𝖾𝖽 𝗁𝖾𝗅𝗉 𝖿𝖺𝗌𝗍. ✅ 𝖱𝖾𝖺𝗅-𝗍𝗂𝗆𝖾 𝗌𝗎𝗉𝗉𝗈𝗋𝗍 ✅ 𝖢𝖾𝗋𝗍𝗂𝖿𝗂𝖾𝖽 𝖰𝗎𝗂𝖼𝗄𝖡𝗈𝗈𝗄𝗌 𝖾𝗑𝗉𝖾𝗋𝗍𝗌 ✅ 100% 𝖴.𝖲.-𝖻𝖺𝗌𝖾𝖽 𝗌𝗎𝗉𝗉𝗈𝗋𝗍 ✅ 𝖭𝗈 𝗐𝖺𝗂𝗍𝗂𝗇𝗀--𝗅𝗂𝗏𝖾 𝖺𝗀𝖾𝗇𝗍𝗌 𝗈𝗇 𝖼𝖺𝗅𝗅 𝖩𝗎𝗌𝗍 𝖼𝖺𝗅𝗅 1-855-219-0007 𝖺𝗇𝗒𝗍𝗂𝗆𝖾--𝗈𝗎𝗋 𝖺𝗀𝖾𝗇𝗍𝗌 𝖺𝗋𝖾 𝗍𝗋𝖺𝗂𝗇𝖾𝖽 𝗍𝗈 𝖺𝗌𝗌𝗂𝗌𝗍 𝗐𝗂𝗍𝗁 𝗌𝖾𝗍𝗎𝗉, 𝗂𝗇𝗌𝗍𝖺𝗅𝗅𝖺𝗍𝗂𝗈𝗇, 𝗉𝖺𝗒𝗋𝗈𝗅𝗅, 𝗆𝗎𝗅𝗍𝗂-𝗎𝗌𝖾𝗋 𝗂𝗌𝗌𝗎𝖾𝗌, 𝖺𝗇𝖽 𝖺𝗇𝗒 𝗍𝖾𝖼𝗁𝗇𝗂𝖼𝖺𝗅 𝖾𝗋𝗋𝗈𝗋𝗌 𝗍𝗁𝖺𝗍 𝗆𝖺𝗒 𝖺𝗋𝗂𝗌𝖾.

1 month

1
0
0 0

[PATCH v2 04/20] ASoC: qcom: q6asm-dai: perform correct state check before closing

by Srinivas Kandagatla

Do not stop a q6asm stream if its not started, this can result in unnecessary dsp command which will timeout anyway something like below: q6asm-dai ab00000.remoteproc:glink-edge:apr:service@7:dais: CMD 10bcd timeout Fix this by correctly checking the state. Fixes: 2a9e92d371db ("ASoC: qdsp6: q6asm: Add q6asm dai driver") Cc: <Stable(a)vger.kernel.org> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla(a)oss.qualcomm.com> Tested-by: Alexey Klimov <alexey.klimov(a)linaro.org> # RB5, RB3 --- sound/soc/qcom/qdsp6/q6asm-dai.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sound/soc/qcom/qdsp6/q6asm-dai.c b/sound/soc/qcom/qdsp6/q6asm-dai.c index e8129510a734..0eae8c6e42b8 100644 --- a/sound/soc/qcom/qdsp6/q6asm-dai.c +++ b/sound/soc/qcom/qdsp6/q6asm-dai.c @@ -233,13 +233,14 @@ static int q6asm_dai_prepare(struct snd_soc_component *component, prtd->pcm_count = snd_pcm_lib_period_bytes(substream); prtd->pcm_irq_pos = 0; /* rate and channels are sent to audio driver */ - if (prtd->state) { + if (prtd->state == Q6ASM_STREAM_RUNNING) { /* clear the previous setup if any */ q6asm_cmd(prtd->audio_client, prtd->stream_id, CMD_CLOSE); q6asm_unmap_memory_regions(substream->stream, prtd->audio_client); q6routing_stream_close(soc_prtd->dai_link->id, substream->stream); + prtd->state = Q6ASM_STREAM_STOPPED; } ret = q6asm_map_memory_regions(substream->stream, prtd->audio_client, -- 2.51.0

1 month

1
0
0 0

[PATCH v2 03/20] ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer alignment.

by Srinivas Kandagatla

DSP expects the periods to be aligned to fragment sizes, currently setting up to hw constriants on periods bytes is not going to work correctly as we can endup with periods sizes aligned to 32 bytes however not aligned to fragment size. Update the constriants to use fragment size, and also set at step of 10ms for period size to accommodate DSP requirements of 10ms latency. Fixes: 2a9e92d371db ("ASoC: qdsp6: q6asm: Add q6asm dai driver") Cc: <Stable(a)vger.kernel.org> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla(a)oss.qualcomm.com> Tested-by: Alexey Klimov <alexey.klimov(a)linaro.org> # RB5, RB3 --- sound/soc/qcom/qdsp6/q6asm-dai.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sound/soc/qcom/qdsp6/q6asm-dai.c b/sound/soc/qcom/qdsp6/q6asm-dai.c index b616ce316d2f..e8129510a734 100644 --- a/sound/soc/qcom/qdsp6/q6asm-dai.c +++ b/sound/soc/qcom/qdsp6/q6asm-dai.c @@ -403,13 +403,13 @@ static int q6asm_dai_open(struct snd_soc_component *component, } ret = snd_pcm_hw_constraint_step(runtime, 0, - SNDRV_PCM_HW_PARAM_PERIOD_BYTES, 32); + SNDRV_PCM_HW_PARAM_PERIOD_SIZE, 480); if (ret < 0) { dev_err(dev, "constraint for period bytes step ret = %d\n", ret); } ret = snd_pcm_hw_constraint_step(runtime, 0, - SNDRV_PCM_HW_PARAM_BUFFER_BYTES, 32); + SNDRV_PCM_HW_PARAM_BUFFER_SIZE, 480); if (ret < 0) { dev_err(dev, "constraint for buffer bytes step ret = %d\n", ret); -- 2.51.0

1 month

1
0
0 0

[PATCH v2 02/20] ASoC: qcom: q6adm: the the copp device only during last instance

by Srinivas Kandagatla

A matching Common object post processing instance is normally resused across multiple streams. However currently we close this on DSP even though there is a refcount on this copp object, this can result in below error. q6routing ab00000.remoteproc:glink-edge:apr:service@8:routing: Found Matching Copp 0x0 qcom-q6adm aprsvc:service:4:8: cmd = 0x10325 return error = 0x2 q6routing ab00000.remoteproc:glink-edge:apr:service@8:routing: DSP returned error[2] q6routing ab00000.remoteproc:glink-edge:apr:service@8:routing: Found Matching Copp 0x0 qcom-q6adm aprsvc:service:4:8: cmd = 0x10325 return error = 0x2 q6routing ab00000.remoteproc:glink-edge:apr:service@8:routing: DSP returned error[2] qcom-q6adm aprsvc:service:4:8: cmd = 0x10327 return error = 0x2 qcom-q6adm aprsvc:service:4:8: DSP returned error[2] qcom-q6adm aprsvc:service:4:8: Failed to close copp -22 qcom-q6adm aprsvc:service:4:8: cmd = 0x10327 return error = 0x2 qcom-q6adm aprsvc:service:4:8: DSP returned error[2] qcom-q6adm aprsvc:service:4:8: Failed to close copp -22 Fix this by addressing moving the adm_close to copp_kref destructor callback. Fixes: 7b20b2be51e1 ("ASoC: qdsp6: q6adm: Add q6adm driver") Cc: <Stable(a)vger.kernel.org> Reported-by: Martino Facchin <m.facchin(a)arduino.cc> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla(a)oss.qualcomm.com> Tested-by: Alexey Klimov <alexey.klimov(a)linaro.org> # RB5, RB3 --- sound/soc/qcom/qdsp6/q6adm.c | 146 +++++++++++++++++------------------ 1 file changed, 71 insertions(+), 75 deletions(-) diff --git a/sound/soc/qcom/qdsp6/q6adm.c b/sound/soc/qcom/qdsp6/q6adm.c index 1530e98df165..75a029a696ac 100644 --- a/sound/soc/qcom/qdsp6/q6adm.c +++ b/sound/soc/qcom/qdsp6/q6adm.c @@ -109,11 +109,75 @@ static struct q6copp *q6adm_find_copp(struct q6adm *adm, int port_idx, } +static int q6adm_apr_send_copp_pkt(struct q6adm *adm, struct q6copp *copp, + struct apr_pkt *pkt, uint32_t rsp_opcode) +{ + struct device *dev = adm->dev; + uint32_t opcode = pkt->hdr.opcode; + int ret; + + mutex_lock(&adm->lock); + copp->result.opcode = 0; + copp->result.status = 0; + ret = apr_send_pkt(adm->apr, pkt); + if (ret < 0) { + dev_err(dev, "Failed to send APR packet\n"); + ret = -EINVAL; + goto err; + } + + /* Wait for the callback with copp id */ + if (rsp_opcode) + ret = wait_event_timeout(copp->wait, + (copp->result.opcode == opcode) || + (copp->result.opcode == rsp_opcode), + msecs_to_jiffies(TIMEOUT_MS)); + else + ret = wait_event_timeout(copp->wait, + (copp->result.opcode == opcode), + msecs_to_jiffies(TIMEOUT_MS)); + + if (!ret) { + dev_err(dev, "ADM copp cmd timedout\n"); + ret = -ETIMEDOUT; + } else if (copp->result.status > 0) { + dev_err(dev, "DSP returned error[%d]\n", + copp->result.status); + ret = -EINVAL; + } + +err: + mutex_unlock(&adm->lock); + return ret; +} + +static int q6adm_device_close(struct q6adm *adm, struct q6copp *copp, + int port_id, int copp_idx) +{ + struct apr_pkt close; + + close.hdr.hdr_field = APR_HDR_FIELD(APR_MSG_TYPE_SEQ_CMD, + APR_HDR_LEN(APR_HDR_SIZE), + APR_PKT_VER); + close.hdr.pkt_size = sizeof(close); + close.hdr.src_port = port_id; + close.hdr.dest_port = copp->id; + close.hdr.token = port_id << 16 | copp_idx; + close.hdr.opcode = ADM_CMD_DEVICE_CLOSE_V5; + + return q6adm_apr_send_copp_pkt(adm, copp, &close, 0); +} + static void q6adm_free_copp(struct kref *ref) { struct q6copp *c = container_of(ref, struct q6copp, refcount); struct q6adm *adm = c->adm; unsigned long flags; + int ret; + + ret = q6adm_device_close(adm, c, c->afe_port, c->copp_idx); + if (ret < 0) + dev_err(adm->dev, "Failed to close copp %d\n", ret); spin_lock_irqsave(&adm->copps_list_lock, flags); clear_bit(c->copp_idx, &adm->copp_bitmap[c->afe_port]); @@ -155,13 +219,13 @@ static int q6adm_callback(struct apr_device *adev, struct apr_resp_pkt *data) switch (result->opcode) { case ADM_CMD_DEVICE_OPEN_V5: case ADM_CMD_DEVICE_CLOSE_V5: - copp = q6adm_find_copp(adm, port_idx, copp_idx); - if (!copp) - return 0; - - copp->result = *result; - wake_up(&copp->wait); - kref_put(&copp->refcount, q6adm_free_copp); + list_for_each_entry(copp, &adm->copps_list, node) { + if ((port_idx == copp->afe_port) && (copp_idx == copp->copp_idx)) { + copp->result = *result; + wake_up(&copp->wait); + break; + } + } break; case ADM_CMD_MATRIX_MAP_ROUTINGS_V5: adm->result = *result; @@ -234,65 +298,6 @@ static struct q6copp *q6adm_alloc_copp(struct q6adm *adm, int port_idx) return c; } -static int q6adm_apr_send_copp_pkt(struct q6adm *adm, struct q6copp *copp, - struct apr_pkt *pkt, uint32_t rsp_opcode) -{ - struct device *dev = adm->dev; - uint32_t opcode = pkt->hdr.opcode; - int ret; - - mutex_lock(&adm->lock); - copp->result.opcode = 0; - copp->result.status = 0; - ret = apr_send_pkt(adm->apr, pkt); - if (ret < 0) { - dev_err(dev, "Failed to send APR packet\n"); - ret = -EINVAL; - goto err; - } - - /* Wait for the callback with copp id */ - if (rsp_opcode) - ret = wait_event_timeout(copp->wait, - (copp->result.opcode == opcode) || - (copp->result.opcode == rsp_opcode), - msecs_to_jiffies(TIMEOUT_MS)); - else - ret = wait_event_timeout(copp->wait, - (copp->result.opcode == opcode), - msecs_to_jiffies(TIMEOUT_MS)); - - if (!ret) { - dev_err(dev, "ADM copp cmd timedout\n"); - ret = -ETIMEDOUT; - } else if (copp->result.status > 0) { - dev_err(dev, "DSP returned error[%d]\n", - copp->result.status); - ret = -EINVAL; - } - -err: - mutex_unlock(&adm->lock); - return ret; -} - -static int q6adm_device_close(struct q6adm *adm, struct q6copp *copp, - int port_id, int copp_idx) -{ - struct apr_pkt close; - - close.hdr.hdr_field = APR_HDR_FIELD(APR_MSG_TYPE_SEQ_CMD, - APR_HDR_LEN(APR_HDR_SIZE), - APR_PKT_VER); - close.hdr.pkt_size = sizeof(close); - close.hdr.src_port = port_id; - close.hdr.dest_port = copp->id; - close.hdr.token = port_id << 16 | copp_idx; - close.hdr.opcode = ADM_CMD_DEVICE_CLOSE_V5; - - return q6adm_apr_send_copp_pkt(adm, copp, &close, 0); -} - static struct q6copp *q6adm_find_matching_copp(struct q6adm *adm, int port_id, int topology, int mode, int rate, @@ -567,15 +572,6 @@ EXPORT_SYMBOL_GPL(q6adm_matrix_map); */ int q6adm_close(struct device *dev, struct q6copp *copp) { - struct q6adm *adm = dev_get_drvdata(dev->parent); - int ret = 0; - - ret = q6adm_device_close(adm, copp, copp->afe_port, copp->copp_idx); - if (ret < 0) { - dev_err(adm->dev, "Failed to close copp %d\n", ret); - return ret; - } - kref_put(&copp->refcount, q6adm_free_copp); return 0; -- 2.51.0

1 month

1
0
0 0

[PATCH v2 01/20] ASoC: qcom: q6apm-dai: set flags to reflect correct operation of appl_ptr

by Srinivas Kandagatla

Driver does not expect the appl_ptr to move backward and requires explict sync. Make sure that the userspace does not do appl_ptr rewinds by specifying the correct flags in pcm_info. Without this patch, the result could be a forever loop as current logic assumes that appl_ptr can only move forward. Fixes: 3d4a4411aa8b ("ASoC: q6apm-dai: schedule all available frames to avoid dsp under-runs") Cc: <Stable(a)vger.kernel.org> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla(a)oss.qualcomm.com> Tested-by: Alexey Klimov <alexey.klimov(a)linaro.org> # RB5, RB3 --- sound/soc/qcom/qdsp6/q6apm-dai.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sound/soc/qcom/qdsp6/q6apm-dai.c b/sound/soc/qcom/qdsp6/q6apm-dai.c index 4ecaff45c518..786ab3222515 100644 --- a/sound/soc/qcom/qdsp6/q6apm-dai.c +++ b/sound/soc/qcom/qdsp6/q6apm-dai.c @@ -86,6 +86,7 @@ static const struct snd_pcm_hardware q6apm_dai_hardware_capture = { .info = (SNDRV_PCM_INFO_MMAP | SNDRV_PCM_INFO_BLOCK_TRANSFER | SNDRV_PCM_INFO_MMAP_VALID | SNDRV_PCM_INFO_INTERLEAVED | SNDRV_PCM_INFO_PAUSE | SNDRV_PCM_INFO_RESUME | + SNDRV_PCM_INFO_NO_REWINDS | SNDRV_PCM_INFO_SYNC_APPLPTR | SNDRV_PCM_INFO_BATCH), .formats = (SNDRV_PCM_FMTBIT_S16_LE | SNDRV_PCM_FMTBIT_S24_LE), .rates = SNDRV_PCM_RATE_8000_48000, @@ -105,6 +106,7 @@ static const struct snd_pcm_hardware q6apm_dai_hardware_playback = { .info = (SNDRV_PCM_INFO_MMAP | SNDRV_PCM_INFO_BLOCK_TRANSFER | SNDRV_PCM_INFO_MMAP_VALID | SNDRV_PCM_INFO_INTERLEAVED | SNDRV_PCM_INFO_PAUSE | SNDRV_PCM_INFO_RESUME | + SNDRV_PCM_INFO_NO_REWINDS | SNDRV_PCM_INFO_SYNC_APPLPTR | SNDRV_PCM_INFO_BATCH), .formats = (SNDRV_PCM_FMTBIT_S16_LE | SNDRV_PCM_FMTBIT_S24_LE), .rates = SNDRV_PCM_RATE_8000_192000, -- 2.51.0

1 month

1
0
0 0

FAILED: patch "[PATCH] dm: fix NULL pointer dereference in __dm_suspend()" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 8d33a030c566e1f105cd5bf27f37940b6367f3be # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101316-favored-pulsate-a811@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8d33a030c566e1f105cd5bf27f37940b6367f3be Mon Sep 17 00:00:00 2001 From: Zheng Qixing <zhengqixing(a)huawei.com> Date: Tue, 26 Aug 2025 15:42:04 +0800 Subject: [PATCH] dm: fix NULL pointer dereference in __dm_suspend() There is a race condition between dm device suspend and table load that can lead to null pointer dereference. The issue occurs when suspend is invoked before table load completes: BUG: kernel NULL pointer dereference, address: 0000000000000054 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 6 PID: 6798 Comm: dmsetup Not tainted 6.6.0-g7e52f5f0ca9b #62 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014 RIP: 0010:blk_mq_wait_quiesce_done+0x0/0x50 Call Trace: <TASK> blk_mq_quiesce_queue+0x2c/0x50 dm_stop_queue+0xd/0x20 __dm_suspend+0x130/0x330 dm_suspend+0x11a/0x180 dev_suspend+0x27e/0x560 ctl_ioctl+0x4cf/0x850 dm_ctl_ioctl+0xd/0x20 vfs_ioctl+0x1d/0x50 __se_sys_ioctl+0x9b/0xc0 __x64_sys_ioctl+0x19/0x30 x64_sys_call+0x2c4a/0x4620 do_syscall_64+0x9e/0x1b0 The issue can be triggered as below: T1 T2 dm_suspend table_load __dm_suspend dm_setup_md_queue dm_mq_init_request_queue blk_mq_init_allocated_queue => q->mq_ops = set->ops; (1) dm_stop_queue / dm_wait_for_completion => q->tag_set NULL pointer! (2) => q->tag_set = set; (3) Fix this by checking if a valid table (map) exists before performing request-based suspend and waiting for target I/O. When map is NULL, skip these table-dependent suspend steps. Even when map is NULL, no I/O can reach any target because there is no table loaded; I/O submitted in this state will fail early in the DM layer. Skipping the table-dependent suspend logic in this case is safe and avoids NULL pointer dereferences. Fixes: c4576aed8d85 ("dm: fix request-based dm's use of dm_wait_for_completion") Cc: stable(a)vger.kernel.org Signed-off-by: Zheng Qixing <zhengqixing(a)huawei.com> Signed-off-by: Mikulas Patocka <mpatocka(a)redhat.com> diff --git a/drivers/md/dm.c b/drivers/md/dm.c index 7222f20c1a83..66dd5f6ce778 100644 --- a/drivers/md/dm.c +++ b/drivers/md/dm.c @@ -2908,7 +2908,7 @@ static int __dm_suspend(struct mapped_device *md, struct dm_table *map, { bool do_lockfs = suspend_flags & DM_SUSPEND_LOCKFS_FLAG; bool noflush = suspend_flags & DM_SUSPEND_NOFLUSH_FLAG; - int r; + int r = 0; lockdep_assert_held(&md->suspend_lock); @@ -2960,7 +2960,7 @@ static int __dm_suspend(struct mapped_device *md, struct dm_table *map, * Stop md->queue before flushing md->wq in case request-based * dm defers requests to md->wq from md->queue. */ - if (dm_request_based(md)) { + if (map && dm_request_based(md)) { dm_stop_queue(md->queue); set_bit(DMF_QUEUE_STOPPED, &md->flags); } @@ -2972,7 +2972,8 @@ static int __dm_suspend(struct mapped_device *md, struct dm_table *map, * We call dm_wait_for_completion to wait for all existing requests * to finish. */ - r = dm_wait_for_completion(md, task_state); + if (map) + r = dm_wait_for_completion(md, task_state); if (!r) set_bit(dmf_suspended_flag, &md->flags);

1 month

5
12
0 0

[PATCH] usb: renesas_usbhs: Fix synchronous external abort on unbind

by Claudiu

From: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> A synchronous external abort occurs on the Renesas RZ/G3S SoC if unbind is executed after the configuration sequence described above: modprobe usb_f_ecm modprobe libcomposite modprobe configfs cd /sys/kernel/config/usb_gadget mkdir -p g1 cd g1 echo "0x1d6b" > idVendor echo "0x0104" > idProduct mkdir -p strings/0x409 echo "0123456789" > strings/0x409/serialnumber echo "Renesas." > strings/0x409/manufacturer echo "Ethernet Gadget" > strings/0x409/product mkdir -p functions/ecm.usb0 mkdir -p configs/c.1 mkdir -p configs/c.1/strings/0x409 echo "ECM" > configs/c.1/strings/0x409/configuration if [ ! -L configs/c.1/ecm.usb0 ]; then ln -s functions/ecm.usb0 configs/c.1 fi echo 11e20000.usb > UDC echo 11e20000.usb > /sys/bus/platform/drivers/renesas_usbhs/unbind The displayed trace is as follows: Internal error: synchronous external abort: 0000000096000010 [#1] SMP CPU: 0 UID: 0 PID: 188 Comm: sh Tainted: G M 6.17.0-rc7-next-20250922-00010-g41050493b2bd #55 PREEMPT Tainted: [M]=MACHINE_CHECK Hardware name: Renesas SMARC EVK version 2 based on r9a08g045s33 (DT) pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : usbhs_sys_function_pullup+0x10/0x40 [renesas_usbhs] lr : usbhsg_update_pullup+0x3c/0x68 [renesas_usbhs] sp : ffff8000838b3920 x29: ffff8000838b3920 x28: ffff00000d585780 x27: 0000000000000000 x26: 0000000000000000 x25: 0000000000000000 x24: ffff00000c3e3810 x23: ffff00000d5e5c80 x22: ffff00000d5e5d40 x21: 0000000000000000 x20: 0000000000000000 x19: ffff00000d5e5c80 x18: 0000000000000020 x17: 2e30303230316531 x16: 312d7968703a7968 x15: 3d454d414e5f4344 x14: 000000000000002c x13: 0000000000000000 x12: 0000000000000000 x11: ffff00000f358f38 x10: ffff00000f358db0 x9 : ffff00000b41f418 x8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d x5 : 8080808000000000 x4 : 000000004b5ccb9d x3 : 0000000000000000 x2 : 0000000000000000 x1 : ffff800083790000 x0 : ffff00000d5e5c80 Call trace: usbhs_sys_function_pullup+0x10/0x40 [renesas_usbhs] (P) usbhsg_pullup+0x4c/0x7c [renesas_usbhs] usb_gadget_disconnect_locked+0x48/0xd4 gadget_unbind_driver+0x44/0x114 device_remove+0x4c/0x80 device_release_driver_internal+0x1c8/0x224 device_release_driver+0x18/0x24 bus_remove_device+0xcc/0x10c device_del+0x14c/0x404 usb_del_gadget+0x88/0xc0 usb_del_gadget_udc+0x18/0x30 usbhs_mod_gadget_remove+0x24/0x44 [renesas_usbhs] usbhs_mod_remove+0x20/0x30 [renesas_usbhs] usbhs_remove+0x98/0xdc [renesas_usbhs] platform_remove+0x20/0x30 device_remove+0x4c/0x80 device_release_driver_internal+0x1c8/0x224 device_driver_detach+0x18/0x24 unbind_store+0xb4/0xb8 drv_attr_store+0x24/0x38 sysfs_kf_write+0x7c/0x94 kernfs_fop_write_iter+0x128/0x1b8 vfs_write+0x2ac/0x350 ksys_write+0x68/0xfc __arm64_sys_write+0x1c/0x28 invoke_syscall+0x48/0x110 el0_svc_common.constprop.0+0xc0/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x34/0xf0 el0t_64_sync_handler+0xa0/0xe4 el0t_64_sync+0x198/0x19c Code: 7100003f 1a9f07e1 531c6c22 f9400001 (79400021) ---[ end trace 0000000000000000 ]--- note: sh[188] exited with irqs disabled note: sh[188] exited with preempt_count 1 The issue occurs because usbhs_sys_function_pullup(), which accesses the IP registers, is executed after the USBHS clocks have been disabled. The problem is reproducible on the Renesas RZ/G3S SoC starting with the addition of module stop in the clock enable/disable APIs. With module stop functionality enabled, a bus error is expected if a master accesses a module whose clock has been stopped and module stop activated. Disable the IP clocks at the end of remove. Cc: stable(a)vger.kernel.org Fixes: f1407d5c6624 ("usb: renesas_usbhs: Add Renesas USBHS common code") Signed-off-by: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> --- Patch was tested with continuous unbind/bind and the configuration sequence described above on the devices with the following device trees: - r8a774a1-hihope-rzg2m-ex.dts - r8a774b1-hihope-rzg2n-ex.dts - r8a774e1-hihope-rzg2h-ex.dts - r9a07g043u11-smarc.dts - r9a07g044c2-smarc.dts - r9a07g044l2-smarc.dts - r9a07g054l2-smarc.dts drivers/usb/renesas_usbhs/common.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/drivers/usb/renesas_usbhs/common.c b/drivers/usb/renesas_usbhs/common.c index 8f536f2c500f..b8b55d08ac52 100644 --- a/drivers/usb/renesas_usbhs/common.c +++ b/drivers/usb/renesas_usbhs/common.c @@ -813,18 +813,18 @@ static void usbhs_remove(struct platform_device *pdev) flush_delayed_work(&priv->notify_hotplug_work); - /* power off */ - if (!usbhs_get_dparam(priv, runtime_pwctrl)) - usbhsc_power_ctrl(priv, 0); - - pm_runtime_disable(&pdev->dev); - usbhs_platform_call(priv, hardware_exit, pdev); usbhsc_clk_put(priv); reset_control_assert(priv->rsts); usbhs_mod_remove(priv); usbhs_fifo_remove(priv); usbhs_pipe_remove(priv); + + /* power off */ + if (!usbhs_get_dparam(priv, runtime_pwctrl)) + usbhsc_power_ctrl(priv, 0); + + pm_runtime_disable(&pdev->dev); } static int usbhsc_suspend(struct device *dev) -- 2.43.0

1 month

3
2
0 0

[PATCH 5.15 000/276] 5.15.195-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.195 release. There are 276 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 19 Oct 2025 14:50:59 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.195-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.195-rc1 Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: join: validate C-flag + def limit Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: pm: in-kernel: usable client side with C-flag Dan Carpenter <dan.carpenter(a)linaro.org> mm/slab: make __free(kfree) accept error pointers Mikhail Kobuk <m.kobuk(a)ispras.ru> media: pci: ivtv: Add check for DMA map result Jason Andryuk <jason.andryuk(a)amd.com> xen/events: Update virq_to_irq on migration Thomas Fourier <fourier.thomas(a)gmail.com> media: pci: ivtv: Add missing check after DMA map Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: pci/ivtv: switch from 'pci_' to 'dma_' API Catalin Marinas <catalin.marinas(a)arm.com> arm64: mte: Do not flag the zero page as PG_mte_tagged Thomas Fourier <fourier.thomas(a)gmail.com> media: cx18: Add missing check after DMA map Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: switch from 'pci_' to 'dma_' API Jan Kara <jack(a)suse.cz> writeback: Avoid excessively long inode switching times Jan Kara <jack(a)suse.cz> writeback: Avoid softlockup when switching many inodes Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> cramfs: Verify inode mode when loading from disk Lichen Liu <lichliu(a)redhat.com> fs: Add 'initramfs_options' to set initramfs mount options Oleg Nesterov <oleg(a)redhat.com> pid: make __task_pid_nr_ns(ns => NULL) safe for zombie callers gaoxiang17 <gaoxiang17(a)xiaomi.com> pid: Add a judgment for ns null in pid_nr_ns Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> minixfs: Verify inode mode when loading from disk David Laight <David.Laight(a)ACULAB.COM> minmax.h: remove some #defines that are only expanded once David Laight <David.Laight(a)ACULAB.COM> minmax.h: simplify the variants of clamp() David Laight <David.Laight(a)ACULAB.COM> minmax.h: move all the clamp() definitions after the min/max() ones David Laight <David.Laight(a)ACULAB.COM> minmax.h: use BUILD_BUG_ON_MSG() for the lo < hi test in clamp() David Laight <David.Laight(a)ACULAB.COM> minmax.h: reduce the #define expansion of min(), max() and clamp() David Laight <David.Laight(a)ACULAB.COM> minmax.h: update some comments David Laight <David.Laight(a)ACULAB.COM> minmax.h: add whitespace around operators and after commas Linus Torvalds <torvalds(a)linux-foundation.org> minmax: fix up min3() and max3() too Linus Torvalds <torvalds(a)linux-foundation.org> minmax: improve macro expansion and type checking Linus Torvalds <torvalds(a)linux-foundation.org> minmax: simplify min()/max()/clamp() implementation Linus Torvalds <torvalds(a)linux-foundation.org> minmax: don't use max() in situations that want a C constant expression Linus Torvalds <torvalds(a)linux-foundation.org> minmax: make generic MIN() and MAX() macros available everywhere Linus Torvalds <torvalds(a)linux-foundation.org> minmax: simplify and clarify min_t()/max_t() implementation Linus Torvalds <torvalds(a)linux-foundation.org> minmax: add a few more MIN_T/MAX_T users Linus Torvalds <torvalds(a)linux-foundation.org> minmax: avoid overly complicated constant expressions in VM code David Laight <David.Laight(a)ACULAB.COM> minmax: fix indentation of __cmp_once() and __clamp_once() Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> minmax: deduplicate __unconst_integer_typeof() Herve Codina <herve.codina(a)bootlin.com> minmax: Introduce {min,max}_array() Stephan Gerhold <stephan.gerhold(a)linaro.org> arm64: dts: qcom: sdm845: Fix slimbam num-channels/ees Qu Wenruo <wqu(a)suse.com> btrfs: fix the incorrect max_bytes value for find_lock_delalloc_range() Aleksa Sarai <cyphar(a)cyphar.com> fscontext: do not consume log entries when returning -EMSGSIZE Peter Zijlstra <peterz(a)infradead.org> locking: Introduce __cleanup() based infrastructure Zheng Qixing <zhengqixing(a)huawei.com> dm: fix NULL pointer dereference in __dm_suspend() Yuan Chen <chenyuan(a)kylinos.cn> tracing: Fix race condition in kprobe initialization causing NULL pointer dereference Matvey Kovalev <matvey.kovalev(a)ispras.ru> ksmbd: fix error code overwriting in smb2_get_info_filesystem() Oleksij Rempel <linux(a)rempel-privat.de> net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Hans de Goede <hansg(a)kernel.org> mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type Hans de Goede <hdegoede(a)redhat.com> mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value Edward Adam Davis <eadavis(a)qq.com> media: mc: Clear minor number before put device Phillip Lougher <phillip(a)squashfs.org.uk> Squashfs: reject negative file sizes in squashfs_read_inode() Phillip Lougher <phillip(a)squashfs.org.uk> Squashfs: add additional inode sanity checking Ma Ke <make24(a)iscas.ac.cn> ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ASoC: codecs: wcd934x: Simplify with dev_err_probe Sean Christopherson <seanjc(a)google.com> KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O Nathan Chancellor <nathan(a)kernel.org> lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and older Jan Kara <jack(a)suse.cz> ext4: free orphan info with kvfree Ahmet Eray Karadag <eraykrdg1(a)gmail.com> ext4: guard against EA inode refcount underflow in xattr update Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: correctly handle queries for metadata mappings Yongjian Sun <sunyongjian1(a)huawei.com> ext4: increase i_disksize to offset + len in ext4_update_disksize_before_punch() Jan Kara <jack(a)suse.cz> ext4: verify orphan file size is not too big Olga Kornievskaia <okorniev(a)redhat.com> nfsd: nfserr_jukebox in nlm_fopen should lead to a retry Thorsten Blum <thorsten.blum(a)linux.dev> NFSD: Fix destination buffer size in nfsd4_ssc_setup_dul() Thadeu Lima de Souza Cascardo <cascardo(a)igalia.com> mm/page_alloc: only set ALLOC_HIGHATOMIC for __GPF_HIGH allocations Sean Christopherson <seanjc(a)google.com> x86/umip: Fix decoding of register forms of 0F 01 (SGDT and SIDT aliases) Sean Christopherson <seanjc(a)google.com> x86/umip: Check that the instruction opcode is at least two bytes Pratyush Yadav <pratyush(a)kernel.org> spi: cadence-quadspi: Flush posted register writes before DAC access Pratyush Yadav <pratyush(a)kernel.org> spi: cadence-quadspi: Flush posted register writes before INDAC access Niklas Cassel <cassel(a)kernel.org> PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit Lukas Wunner <lukas(a)wunner.de> PCI/AER: Support errors introduced by PCIe r6.0 Niklas Schnelle <schnelle(a)linux.ibm.com> PCI/AER: Fix missing uevent on recovery when a reset is requested Lukas Wunner <lukas(a)wunner.de> PCI/ERR: Fix uevent on failure to recover Niklas Schnelle <schnelle(a)linux.ibm.com> PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Brian Norris <briannorris(a)google.com> PCI/sysfs: Ensure devices are powered for config reads Sean Christopherson <seanjc(a)google.com> rseq/selftests: Use weak symbol reference, not definition, to link with glibc Esben Haabendal <esben(a)geanix.com> rtc: interface: Fix long-standing race when setting alarm Esben Haabendal <esben(a)geanix.com> rtc: interface: Ensure alarm irq is enabled when UIE is enabled Zhen Ni <zhen.ni(a)easystack.cn> memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe Rex Chen <rex.chen_1(a)nxp.com> mmc: core: SPI mode remove cmd7 Linus Walleij <linus.walleij(a)linaro.org> mtd: rawnand: fsmc: Default to autodetect buswidth Ma Ke <make24(a)iscas.ac.cn> sparc: fix error handling in scan_one_device() Anthony Yznaga <anthony.yznaga(a)oracle.com> sparc64: fix hugetlb for sun4u Eric Biggers <ebiggers(a)kernel.org> sctp: Fix MAC comparison to be constant-time Thorsten Blum <thorsten.blum(a)linux.dev> scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() Jisheng Zhang <jszhang(a)kernel.org> pwm: berlin: Fix wrong register in suspend/resume Nam Cao <namcao(a)linutronix.de> powerpc/pseries/msi: Fix potential underflow and leak issue Nam Cao <namcao(a)linutronix.de> powerpc/powernv/pci: Fix underflow and leak issue Georg Gottleuber <ggo(a)tuxedocomputers.com> nvme-pci: Add TUXEDO IBS Gen8 to Samsung sleep quirk Sam James <sam(a)gentoo.org> parisc: don't reference obsolete termio struct for TC* constants Askar Safin <safinaskar(a)zohomail.com> openat2: don't trigger automounts with RESOLVE_NO_XDEV Johan Hovold <johan(a)kernel.org> lib/genalloc: fix device leak in of_gen_pool_get() Eric Biggers <ebiggers(a)kernel.org> KEYS: trusted_tpm1: Compare HMAC values in constant time Lu Baolu <baolu.lu(a)linux.intel.com> iommu/vt-d: PRS isn't usable if PDS isn't supported Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume Huacai Chen <chenhuacai(a)kernel.org> init: handle bootloader identifier in kernel parameters Michael Hennerich <michael.hennerich(a)analog.com> iio: frequency: adf4350: Fix prescaler usage. Qianfeng Rong <rongqianfeng(a)vivo.com> iio: dac: ad5421: use int type to store negative error codes Qianfeng Rong <rongqianfeng(a)vivo.com> iio: dac: ad5360: use int type to store negative error codes Haoxiang Li <haoxiang_li2024(a)163.com> fs/ntfs3: Fix a resource leak bug in wnd_extend() Thomas Fourier <fourier.thomas(a)gmail.com> crypto: atmel - Fix dma_unmap_sg() direction Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() Simon Schuster <schuster.simon(a)siemens-energy.com> copy_sighand: Handle architectures where sizeof(unsigned long) < sizeof(u64) Adam Xue <zxue(a)semtech.com> bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() Anderson Nascimento <anderson(a)allelesecurity.com> btrfs: avoid potential out-of-bounds in btrfs_encode_fh() Shuhao Fu <sfual(a)cse.ust.hk> drm/nouveau: fix bad ret code in nouveau_bo_move_prep Qianfeng Rong <rongqianfeng(a)vivo.com> media: i2c: mt9v111: fix incorrect type for ret Johan Hovold <johan(a)kernel.org> firmware: meson_sm: fix device leak at probe Lukas Wunner <lukas(a)wunner.de> xen/manage: Fix suspend error path Jason Andryuk <jason.andryuk(a)amd.com> xen/events: Cleanup find_virq() return codes Miaoqian Lin <linmq006(a)gmail.com> ARM: OMAP2+: pm33xx-core: ix device node reference leaks in amx3_idle_init Stephan Gerhold <stephan.gerhold(a)linaro.org> arm64: dts: qcom: msm8916: Add missing MDSS reset Amir Mohammad Jahangirzad <a.jahangirzad(a)gmail.com> ACPI: debug: fix signedness issues in read/write helpers Daniel Tang <danielzgtg.opensource(a)gmail.com> ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT KaFai Wan <kafai.wan(a)linux.dev> bpf: Avoid RCU context warning when unpinning htab with internal structs Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpio: wcd934x: mark the GPIO controller as sleeping Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> gpio: wcd934x: Remove duplicate assignment of of_gpio_n_cells Gunnar Kudrjavets <gunnarku(a)amazon.com> tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single Herbert Xu <herbert(a)gondor.apana.org.au> crypto: essiv - Check ssize for decryption and in-place encryption Eric Woudstra <ericwouds(a)gmail.com> bridge: br_vlan_fill_forward_path_pvid: use br_vlan_group_rcu() Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Properly disable scaling on DCE6 Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Properly clear SCL_*_FILTER_CONTROL on DCE6 Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Add missing DCE6 SCL_HORZ_FILTER_INIT* SRIs Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: Add additional DCE6 SCL registers Daniel Borkmann <daniel(a)iogearbox.net> bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} Harini T <harini.t(a)amd.com> mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes Harini T <harini.t(a)amd.com> mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call Leo Yan <leo.yan(a)arm.com> tools build: Align warning options with perf Erick Karanja <karanja99erick(a)gmail.com> net: fsl_pq_mdio: Fix device node reference leak in fsl_pq_mdio_probe Kuniyuki Iwashima <kuniyu(a)google.com> tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). Alexandr Sapozhnikov <alsp705(a)gmail.com> net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Fix Use-after-free in validation Thomas Zimmermann <tzimmermann(a)suse.de> drm/vmwgfx: Copy DRM hash-table code into driver Vineeth Vijayan <vneethv(a)linux.ibm.com> s390/cio: Update purge function to unregister the unused subchannels Vineeth Vijayan <vneethv(a)linux.ibm.com> s390/cio: unregister the subchannel while purging Dan Carpenter <dan.carpenter(a)linaro.org> net/mlx4: prevent potential use after free in mlx4_en_do_uc_filter() Duoming Zhou <duoming(a)zju.edu.cn> scsi: mvsas: Fix use-after-free bugs in mvs_work_queue John Garry <john.garry(a)huawei.com> scsi: mvsas: Use sas_task_find_rq() for tagging John Garry <john.garry(a)huawei.com> scsi: mvsas: Delete mvs_tag_init() John Garry <john.garry(a)huawei.com> scsi: libsas: Add sas_task_find_rq() Aaron Kling <webgeek1234(a)gmail.com> cpufreq: tegra186: Set target frequency for all cpus in policy Alok Tiwari <alok.a.tiwari(a)oracle.com> clk: nxp: Fix pll0 rate check condition in LPC18xx CGU driver Brian Masney <bmasney(a)redhat.com> clk: nxp: lpc18xx-cgu: convert from round_rate() to determine_rate() Ian Rogers <irogers(a)google.com> perf test: Don't leak workload gopipe in PERF_RECORD_* Leo Yan <leo.yan(a)arm.com> perf session: Fix handling when buffer exceeds 2 GiB Leo Yan <leo.yan(a)arm.com> perf arm_spe: Correct memory level for remote access Leo Yan <leo.yan(a)arm.com> perf arm-spe: Rename the common data source encoding German Gomez <german.gomez(a)arm.com> perf arm-spe: Refactor arm-spe to support operation packet type Jing Zhang <renyu.zj(a)linux.alibaba.com> perf arm-spe: augment the data source type with neoverse_spe list Leo Yan <leo.yan(a)arm.com> perf arm_spe: Correct setting remote access Ali Saidi <alisaidi(a)amazon.com> perf arm-spe: Use SPE data source for neoverse cores German Gomez <german.gomez(a)arm.com> perf arm-spe: Save context ID in record Rob Herring (Arm) <robh(a)kernel.org> rtc: x1205: Fix Xicor X1205 vendor prefix Yunseong Kim <ysk(a)kzalloc.com> perf util: Fix compression checks returning -1 as bool Brian Masney <bmasney(a)redhat.com> clk: at91: peripheral: fix return value Ian Rogers <irogers(a)google.com> libperf event: Ensure tracing data is multiple of 8 sized Ian Rogers <irogers(a)google.com> perf evsel: Avoid container_of on a NULL leader Michael Hennerich <michael.hennerich(a)analog.com> iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE Zhen Ni <zhen.ni(a)easystack.cn> clocksource/drivers/clps711x: Fix resource leaks in error paths Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> fs: always return zero on success from replace_fd() Miaoqian Lin <linmq006(a)gmail.com> usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call Salah Triki <salah.triki(a)gmail.com> bus: fsl-mc: Check return value of platform_get_resource() Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> pinctrl: check the return value of pinmux_ops::get_function_name() Zhen Ni <zhen.ni(a)easystack.cn> Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak Marek Vasut <marek.vasut(a)mailbox.org> Input: atmel_mxt_ts - allow reset GPIO to sleep Guangshuo Li <lgs201920130244(a)gmail.com> nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe() Yang Shi <yang(a)os.amperecomputing.com> mm: hugetlb: avoid soft lockup when mprotect to large memory area Jan Kara <jack(a)suse.cz> ext4: fix checks for orphan inodes Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() Deepak Sharma <deepak.sharma.472935(a)gmail.com> net: nfc: nci: Add parameter validation for packet data Larshin Sergey <Sergey.Larshin(a)kaspersky.com> fs: udf: fix OOB read in lengthAllocDescs handling Naman Jain <namjain(a)linux.microsoft.com> uio_hv_generic: Let userspace take care of interrupt mask Phillip Lougher <phillip(a)squashfs.org.uk> Squashfs: fix uninit-value in squashfs_get_parent Jakub Kicinski <kuba(a)kernel.org> Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set" Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: handle copy_thresh allocation failure Kohei Enju <enjuk(a)amazon.com> net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable Kohei Enju <enjuk(a)amazon.com> nfp: fix RSS hash key size when RSS is not supported Donet Tom <donettom(a)linux.ibm.com> drivers/base/node: fix double free in register_one_node() Dan Carpenter <dan.carpenter(a)linaro.org> ocfs2: fix double free in user_cluster_connect() Nishanth Menon <nm(a)ti.com> hwrng: ks-sa - fix division by zero in ks_sa_rng_init Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO I Viswanath <viswanathiyyappan(a)gmail.com> net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast Bernard Metzler <bernard.metzler(a)linux.dev> RDMA/siw: Always report immediate post SQ errors Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> usb: vhci-hcd: Prevent suspending virtually attached devices Ranjan Kumar <ranjan.kumar(a)broadcom.com> scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() Slavin Liu <slavin452(a)gmail.com> ipvs: Defer ip_vs_ftp unregister during netns cleanup Anthony Iliopoulos <ailiop(a)suse.com> NFSv4.1: fix backchannel max_resp_sz verification check Leo Yan <leo.yan(a)arm.com> coresight: trbe: Return NULL pointer for allocation failures Stephan Gerhold <stephan.gerhold(a)linaro.org> remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from,to}_user for M7 Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_to_user for Niagara 4 Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III Michael Karcher <kernel(a)mkarcher.dialup.fu-berlin.de> sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC Baochen Qiang <baochen.qiang(a)oss.qualcomm.com> wifi: ath10k: avoid unnecessary wait for service ready message Bagas Sanjaya <bagasdotme(a)gmail.com> Documentation: trace: historgram-design: Separate sched_waking histogram section heading and the following diagram Vlad Dumitrescu <vdumitrescu(a)nvidia.com> IB/sa: Fix sa_local_svc_timeout_ms read race Parav Pandit <parav(a)nvidia.com> RDMA/core: Resolve MAC of next-hop device without ARP support Michal Pecio <michal.pecio(a)gmail.com> Revert "usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running" Qianfeng Rong <rongqianfeng(a)vivo.com> scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES() Qianfeng Rong <rongqianfeng(a)vivo.com> scsi: qla2xxx: edif: Fix incorrect sign of error code Colin Ian King <colin.i.king(a)gmail.com> ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message Abdun Nihaal <abdun.nihaal(a)gmail.com> wifi: mt76: fix potential memory leak in mt76_wmac_probe() Håkon Bugge <haakon.bugge(a)oracle.com> RDMA/cm: Rate limit destroy CM ID timeout error message Donet Tom <donettom(a)linux.ibm.com> drivers/base/node: handle error properly in register_one_node() Christophe Leroy <christophe.leroy(a)csgroup.eu> watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog Zhen Ni <zhen.ni(a)easystack.cn> netfilter: ipset: Remove unused htable_bits in macro ahash_region Hans de Goede <hansg(a)kernel.org> iio: consumers: Fix offset handling in iio_convert_raw_to_processed() Vitaly Grigoryev <Vitaly.Grigoryev(a)kaspersky.com> fs: ntfs3: Fix integer overflow in run_unpack() Takashi Iwai <tiwai(a)suse.de> ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping Takashi Iwai <tiwai(a)suse.de> ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping Takashi Iwai <tiwai(a)suse.de> ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping Wang Liang <wangliang74(a)huawei.com> pps: fix warning in pps_register_cdev when register device fail Colin Ian King <colin.i.king(a)gmail.com> misc: genwqe: Fix incorrect cmd field being reported in error William Wu <william.wu(a)rock-chips.com> usb: gadget: configfs: Correctly set use_os_string at bind Xichao Zhao <zhao.xichao(a)vivo.com> usb: phy: twl6030: Fix incorrect type for ret Qianfeng Rong <rongqianfeng(a)vivo.com> drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() Eric Dumazet <edumazet(a)google.com> tcp: fix __tcp_close() to only send RST when required Alok Tiwari <alok.a.tiwari(a)oracle.com> PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation Stefan Kerkmann <s.kerkmann(a)pengutronix.de> wifi: mwifiex: send world regulatory domain to driver Timur Kristóf <timur.kristof(a)gmail.com> drm/amdgpu: Power up UVD 3 for FW validation (v2) Qianfeng Rong <rongqianfeng(a)vivo.com> ALSA: lx_core: use int type to store negative error codes Zhang Shurong <zhang_shurong(a)foxmail.com> media: rj54n1cb0c: Fix memleak in rj54n1_probe() Thomas Fourier <fourier.thomas(a)gmail.com> scsi: myrs: Fix dma_alloc_coherent() error check Niklas Cassel <cassel(a)kernel.org> scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Dan Carpenter <dan.carpenter(a)linaro.org> usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup Brahmajit Das <listout(a)listout.xyz> drm/radeon/r600_cs: clean up of dead code in r600_cs Kunihiko Hayashi <hayashi.kunihiko(a)socionext.com> i2c: designware: Add disabling clocks when probe fails Leilk.Liu <leilk.liu(a)mediatek.com> i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> thermal/drivers/qcom/lmh: Add missing IRQ includes Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> thermal/drivers/qcom: Make LMH select QCOM_SCM Zhouyi Zhou <zhouzhouyi(a)gmail.com> tools/nolibc: make time_t robust if __kernel_old_time_t is missing in host headers Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> smp: Fix up and expand the smp_call_function_many() kerneldoc Paul Chaignon <paul.chaignon(a)gmail.com> bpf: Explicitly check accesses to bpf_sock_addr Akhilesh Patil <akhilesh(a)ee.iitb.ac.in> selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported Stanley Chu <stanley.chuys(a)gmail.com> i3c: master: svc: Recycle unused IBI slot Daniel Wagner <wagi(a)kernel.org> nvmet-fc: move lsop put work to nvmet_fc_ls_req_op Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: tiehrpwm: Fix corner case in clock divisor calculation AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mediatek: mt8516-pumpkin: Fix machine compatible Johan Hovold <johan(a)kernel.org> firmware: firmware: meson-sm: fix compile-test default Qianfeng Rong <rongqianfeng(a)vivo.com> pinctrl: renesas: Use int type to store negative error codes Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PM: sleep: core: Clear power.must_resume in noirq suspend error path Qianfeng Rong <rongqianfeng(a)vivo.com> block: use int to store blk_stack_limits() return value Qianfeng Rong <rongqianfeng(a)vivo.com> regulator: scmi: Use int type to store negative error codes Nicolas Ferre <nicolas.ferre(a)microchip.com> ARM: at91: pm: fix MCKx restore routine Li Nan <linan122(a)huawei.com> blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx Da Xue <da(a)libre.computer> pinctrl: meson-gxl: add missing i2c_d pinmux Sneh Mankad <sneh.mankad(a)oss.qualcomm.com> soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS Huisong Li <lihuisong(a)huawei.com> ACPI: processor: idle: Fix memory leak when register cpuidle device failed Florian Fainelli <florian.fainelli(a)broadcom.com> cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus() Yureka Lilian <yuka(a)yuka.dev> libbpf: Fix reuse of DEVMAP Geert Uytterhoeven <geert+renesas(a)glider.be> regmap: Remove superfluous check for !config in __regmap_init() Uros Bizjak <ubizjak(a)gmail.com> x86/vdso: Fix output operand size of RDPID Leo Yan <leo.yan(a)arm.com> perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Leo Yan <leo.yan(a)arm.com> coresight: trbe: Prevent overflow in PERF_IDX2OFF() Bala-Vignesh-Reddy <reddybalavignesh9979(a)gmail.com> selftests: arm64: Check fread return value in exec_target Jeff Layton <jlayton(a)kernel.org> filelock: add FL_RECLAIM to show_fl_flags() macro Nalivayko Sergey <Sergey.Nalivayko(a)kaspersky.com> net/9p: fix double req put in p9_fd_cancelled Matthew Wilcox (Oracle) <willy(a)infradead.org> minmax: add in_range() macro Herbert Xu <herbert(a)gondor.apana.org.au> crypto: rng - Ensure set_ent is always present Hans de Goede <hdegoede(a)redhat.com> platform/x86: int3472: Check for adev == NULL Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> driver core/PM: Set power.no_callbacks along with power.no_pm Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: flush RX FIFO on read errors Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> staging: axis-fifo: fix maximum TX packet length check Raphael Gallais-Pou <raphael.gallais-pou(a)foss.st.com> serial: stm32: allow selecting console when the driver is module Arnaud Lecomte <contact(a)arnaud-lcm.com> hid: fix I2C read buffer overflow in raw_event() for mcp2221 hupu <hupu.gm(a)gmail.com> perf subcmd: avoid crash in exclude_cmds when excludes is empty Mikulas Patocka <mpatocka(a)redhat.com> dm-integrity: limit MAX_TAG_SIZE to 255 Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 Xiaowei Li <xiaowei.li(a)simcom.com> USB: serial: option: add SIMCom 8230C compositions Duoming Zhou <duoming(a)zju.edu.cn> media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe Duoming Zhou <duoming(a)zju.edu.cn> media: tuner: xc5000: Fix use-after-free in xc5000_release Ricardo Ribalda <ribalda(a)chromium.org> media: tunner: xc5000: Refactor firmware load Kuniyuki Iwashima <kuniyu(a)amazon.com> udp: Fix memory accounting leak. Will Deacon <will(a)kernel.org> KVM: arm64: Fix softirq masking in FPSIMD register saving sequence Larshin Sergey <Sergey.Larshin(a)kaspersky.com> media: rc: fix races with imon_disconnect() Duoming Zhou <duoming(a)zju.edu.cn> media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove Wang Haoran <haoranwangsec(a)gmail.com> scsi: target: target_core_configfs: Add length check to avoid buffer overflow Vasant Hegde <vasant.hegde(a)amd.com> iommu/amd: Add map/unmap_pages() iommu_domain_ops callback support ------------- Diffstat: Documentation/admin-guide/kernel-parameters.txt | 3 + Documentation/gpu/todo.rst | 11 + Documentation/trace/histogram-design.rst | 4 +- Makefile | 4 +- arch/arm/mach-at91/pm_suspend.S | 4 +- arch/arm/mach-omap2/pm33xx-core.c | 6 +- arch/arm/mm/pageattr.c | 6 +- arch/arm64/boot/dts/mediatek/mt8516-pumpkin.dts | 2 +- arch/arm64/boot/dts/qcom/msm8916.dtsi | 2 + arch/arm64/boot/dts/qcom/sdm845.dtsi | 4 +- arch/arm64/kernel/cpufeature.c | 10 +- arch/arm64/kernel/fpsimd.c | 8 +- arch/arm64/kernel/mte.c | 3 +- arch/parisc/include/uapi/asm/ioctls.h | 8 +- arch/powerpc/platforms/powernv/pci-ioda.c | 2 +- arch/powerpc/platforms/pseries/msi.c | 2 +- arch/sparc/kernel/of_device_32.c | 1 + arch/sparc/kernel/of_device_64.c | 1 + arch/sparc/lib/M7memcpy.S | 20 +- arch/sparc/lib/Memcpy_utils.S | 9 + arch/sparc/lib/NG4memcpy.S | 2 +- arch/sparc/lib/NGmemcpy.S | 29 ++- arch/sparc/lib/U1memcpy.S | 19 +- arch/sparc/lib/U3memcpy.S | 2 +- arch/sparc/mm/hugetlbpage.c | 20 ++ arch/um/drivers/mconsole_user.c | 2 + arch/x86/include/asm/segment.h | 8 +- arch/x86/kernel/umip.c | 15 +- arch/x86/kvm/emulate.c | 11 +- arch/x86/kvm/kvm_emulate.h | 2 +- arch/x86/kvm/x86.c | 9 +- arch/x86/mm/pgtable.c | 2 +- block/blk-mq-sysfs.c | 6 +- block/blk-settings.c | 3 +- crypto/essiv.c | 14 +- crypto/rng.c | 8 + drivers/acpi/acpi_dbg.c | 26 +- drivers/acpi/acpi_tad.c | 3 + drivers/acpi/nfit/core.c | 2 +- drivers/acpi/processor_idle.c | 3 + drivers/base/node.c | 4 + drivers/base/power/main.c | 14 +- drivers/base/regmap/regmap.c | 2 +- drivers/bus/fsl-mc/fsl-mc-bus.c | 3 + drivers/bus/mhi/host/init.c | 5 +- drivers/char/hw_random/ks-sa-rng.c | 4 + drivers/char/tpm/tpm_tis_core.c | 4 +- drivers/clk/at91/clk-peripheral.c | 7 +- drivers/clk/nxp/clk-lpc18xx-cgu.c | 20 +- drivers/clocksource/clps711x-timer.c | 23 +- drivers/cpufreq/intel_pstate.c | 8 +- drivers/cpufreq/scmi-cpufreq.c | 10 + drivers/cpufreq/tegra186-cpufreq.c | 8 +- drivers/crypto/atmel-tdes.c | 2 +- drivers/dma/ioat/dma.c | 12 +- drivers/edac/sb_edac.c | 4 +- drivers/edac/skx_common.h | 1 - drivers/firmware/meson/Kconfig | 2 +- drivers/firmware/meson/meson_sm.c | 7 +- drivers/gpio/gpio-wcd934x.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu.h | 2 + drivers/gpu/drm/amd/amdgpu/uvd_v3_1.c | 29 ++- drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 2 +- drivers/gpu/drm/amd/display/dc/dce/dce_transform.c | 21 +- drivers/gpu/drm/amd/display/dc/dce/dce_transform.h | 4 + .../gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c | 2 + .../gpu/drm/amd/include/asic_reg/dce/dce_6_0_d.h | 7 + .../drm/amd/include/asic_reg/dce/dce_6_0_sh_mask.h | 2 + drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppevvmath.h | 14 +- .../drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c | 2 + drivers/gpu/drm/arm/display/include/malidp_utils.h | 2 +- .../drm/arm/display/komeda/komeda_pipeline_state.c | 24 +- drivers/gpu/drm/drm_color_mgmt.c | 2 +- drivers/gpu/drm/msm/adreno/a6xx_gmu.c | 6 - drivers/gpu/drm/nouveau/nouveau_bo.c | 2 +- drivers/gpu/drm/radeon/evergreen_cs.c | 2 + drivers/gpu/drm/radeon/r600_cs.c | 4 +- drivers/gpu/drm/vmwgfx/Makefile | 2 +- drivers/gpu/drm/vmwgfx/ttm_object.c | 52 ++-- drivers/gpu/drm/vmwgfx/ttm_object.h | 3 +- drivers/gpu/drm/vmwgfx/vmwgfx_cmdbuf_res.c | 24 +- drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 2 +- drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 6 +- drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c | 2 +- drivers/gpu/drm/vmwgfx/vmwgfx_hashtab.c | 199 ++++++++++++++++ drivers/gpu/drm/vmwgfx/vmwgfx_hashtab.h | 83 +++++++ drivers/gpu/drm/vmwgfx/vmwgfx_validation.c | 26 +- drivers/gpu/drm/vmwgfx/vmwgfx_validation.h | 7 +- drivers/hid/hid-mcp2221.c | 4 + drivers/hwmon/adt7475.c | 24 +- drivers/hwtracing/coresight/coresight-trbe.c | 9 +- drivers/i2c/busses/i2c-designware-platdrv.c | 1 + drivers/i2c/busses/i2c-mt65xx.c | 17 +- drivers/i3c/master/svc-i3c-master.c | 1 + drivers/iio/dac/ad5360.c | 2 +- drivers/iio/dac/ad5421.c | 2 +- drivers/iio/frequency/adf4350.c | 20 +- drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 4 - drivers/iio/inkern.c | 2 +- drivers/infiniband/core/addr.c | 10 +- drivers/infiniband/core/cm.c | 4 +- drivers/infiniband/core/sa_query.c | 6 +- drivers/infiniband/sw/siw/siw_verbs.c | 25 +- drivers/input/misc/uinput.c | 1 + drivers/input/touchscreen/atmel_mxt_ts.c | 2 +- drivers/input/touchscreen/cyttsp4_core.c | 2 +- drivers/iommu/amd/iommu.c | 3 +- drivers/iommu/intel/iommu.c | 2 +- drivers/irqchip/irq-sun6i-r.c | 2 +- drivers/mailbox/zynqmp-ipi-mailbox.c | 7 +- drivers/md/dm-integrity.c | 6 +- drivers/md/dm.c | 7 +- drivers/media/dvb-frontends/stv0367_priv.h | 3 + drivers/media/i2c/mt9v111.c | 2 +- drivers/media/i2c/rj54n1cb0c.c | 9 +- drivers/media/i2c/tc358743.c | 4 +- drivers/media/mc/mc-devnode.c | 6 +- drivers/media/pci/b2c2/flexcop-pci.c | 2 +- drivers/media/pci/cobalt/cobalt-driver.c | 4 +- drivers/media/pci/cx18/cx18-driver.c | 2 +- drivers/media/pci/cx18/cx18-queue.c | 20 +- drivers/media/pci/cx18/cx18-streams.c | 16 +- drivers/media/pci/ddbridge/ddbridge-main.c | 4 +- drivers/media/pci/intel/ipu3/ipu3-cio2-main.c | 2 +- drivers/media/pci/ivtv/ivtv-driver.c | 2 +- drivers/media/pci/ivtv/ivtv-irq.c | 2 +- drivers/media/pci/ivtv/ivtv-queue.c | 18 +- drivers/media/pci/ivtv/ivtv-streams.c | 22 +- drivers/media/pci/ivtv/ivtv-udma.c | 27 ++- drivers/media/pci/ivtv/ivtv-yuv.c | 24 +- drivers/media/pci/ivtv/ivtvfb.c | 6 +- drivers/media/pci/netup_unidvb/netup_unidvb_core.c | 2 +- drivers/media/pci/pluto2/pluto2.c | 20 +- drivers/media/pci/pt1/pt1.c | 2 +- drivers/media/pci/tw5864/tw5864-core.c | 2 +- drivers/media/rc/imon.c | 27 ++- drivers/media/tuners/xc5000.c | 41 ++-- drivers/memory/samsung/exynos-srom.c | 10 +- drivers/mfd/intel_soc_pmic_chtdc_ti.c | 5 +- drivers/mfd/vexpress-sysreg.c | 6 +- drivers/misc/genwqe/card_ddcb.c | 2 +- drivers/mmc/core/sdio.c | 6 +- drivers/mtd/nand/raw/fsmc_nand.c | 6 +- drivers/net/ethernet/amazon/ena/ena_ethtool.c | 5 +- drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c | 18 +- drivers/net/ethernet/dlink/dl2k.c | 7 +- drivers/net/ethernet/freescale/fsl_pq_mdio.c | 2 + drivers/net/ethernet/mellanox/mlx4/en_netdev.c | 2 +- .../ethernet/mellanox/mlx5/core/en/port_buffer.h | 12 - drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 17 +- .../net/ethernet/netronome/nfp/nfp_net_ethtool.c | 2 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +- drivers/net/fjes/fjes_main.c | 4 +- drivers/net/usb/asix_devices.c | 35 ++- drivers/net/usb/rtl8150.c | 2 - drivers/net/wireless/ath/ath10k/wmi.c | 39 ++- drivers/net/wireless/marvell/mwifiex/cfg80211.c | 7 +- drivers/net/wireless/mediatek/mt76/mt7603/soc.c | 2 +- .../net/wireless/realtek/rtlwifi/rtl8192cu/sw.c | 1 - drivers/nfc/pn544/i2c.c | 2 - drivers/nvme/host/pci.c | 2 + drivers/nvme/target/fc.c | 19 +- drivers/pci/controller/dwc/pci-keystone.c | 4 +- drivers/pci/controller/dwc/pcie-tegra194.c | 4 +- drivers/pci/controller/pci-tegra.c | 2 +- drivers/pci/iov.c | 5 + drivers/pci/pci-driver.c | 1 + drivers/pci/pci-sysfs.c | 20 +- drivers/pci/pcie/aer.c | 12 +- drivers/pci/pcie/err.c | 8 +- drivers/perf/arm_spe_pmu.c | 3 +- drivers/pinctrl/meson/pinctrl-meson-gxl.c | 10 + drivers/pinctrl/pinmux.c | 2 +- drivers/pinctrl/renesas/pinctrl.c | 3 +- drivers/platform/x86/intel/int3472/discrete.c | 3 + drivers/platform/x86/intel/int3472/tps68470.c | 3 + drivers/platform/x86/sony-laptop.c | 1 - drivers/pps/kapi.c | 5 +- drivers/pps/pps.c | 5 +- drivers/pwm/pwm-berlin.c | 4 +- drivers/pwm/pwm-tiehrpwm.c | 4 +- drivers/regulator/scmi-regulator.c | 3 +- drivers/remoteproc/qcom_q6v5.c | 3 - drivers/rtc/interface.c | 27 +++ drivers/rtc/rtc-x1205.c | 2 +- drivers/s390/cio/device.c | 35 ++- drivers/scsi/hpsa.c | 21 +- drivers/scsi/isci/init.c | 6 +- drivers/scsi/mpt3sas/mpt3sas_transport.c | 8 +- drivers/scsi/mvsas/mv_defs.h | 1 + drivers/scsi/mvsas/mv_init.c | 13 +- drivers/scsi/mvsas/mv_sas.c | 42 ++-- drivers/scsi/mvsas/mv_sas.h | 8 +- drivers/scsi/myrs.c | 8 +- drivers/scsi/pm8001/pm8001_sas.c | 9 +- drivers/scsi/qla2xxx/qla_edif.c | 4 +- drivers/scsi/qla2xxx/qla_init.c | 4 +- drivers/soc/qcom/rpmh-rsc.c | 7 +- drivers/spi/spi-cadence-quadspi.c | 5 + drivers/staging/axis-fifo/axis-fifo.c | 32 ++- .../pci/hive_isp_css_include/math_support.h | 5 - drivers/target/target_core_configfs.c | 2 +- drivers/thermal/qcom/Kconfig | 3 +- drivers/thermal/qcom/lmh.c | 2 + drivers/tty/serial/Kconfig | 2 +- drivers/uio/uio_hv_generic.c | 7 +- drivers/usb/cdns3/cdnsp-pci.c | 5 +- drivers/usb/gadget/configfs.c | 2 + drivers/usb/host/max3421-hcd.c | 2 +- drivers/usb/host/xhci-ring.c | 11 +- drivers/usb/phy/phy-twl6030-usb.c | 3 +- drivers/usb/serial/option.c | 6 + drivers/usb/usbip/vhci_hcd.c | 22 ++ drivers/virt/acrn/ioreq.c | 4 +- drivers/watchdog/mpc8xxx_wdt.c | 2 + drivers/xen/events/events_base.c | 20 +- drivers/xen/manage.c | 3 +- fs/btrfs/export.c | 8 +- fs/btrfs/extent_io.c | 14 +- fs/btrfs/misc.h | 2 - fs/btrfs/tree-checker.c | 2 +- fs/cramfs/inode.c | 11 +- fs/erofs/zdata.h | 2 +- fs/ext2/balloc.c | 2 - fs/ext4/ext4.h | 12 +- fs/ext4/file.c | 2 +- fs/ext4/fsmap.c | 14 +- fs/ext4/inode.c | 12 +- fs/ext4/orphan.c | 23 +- fs/ext4/super.c | 4 +- fs/ext4/xattr.c | 15 +- fs/file.c | 5 +- fs/fs-writeback.c | 32 ++- fs/fsopen.c | 70 +++--- fs/ksmbd/smb2pdu.c | 3 +- fs/minix/inode.c | 8 +- fs/namei.c | 8 + fs/namespace.c | 11 +- fs/nfs/nfs4proc.c | 2 +- fs/nfsd/lockd.c | 15 ++ fs/nfsd/nfs4proc.c | 2 +- fs/ntfs3/bitmap.c | 1 + fs/ntfs3/run.c | 12 +- fs/ocfs2/stack_user.c | 1 + fs/squashfs/inode.c | 31 ++- fs/squashfs/squashfs_fs_i.h | 2 +- fs/udf/inode.c | 3 + fs/ufs/util.h | 6 - include/linux/cleanup.h | 171 +++++++++++++ include/linux/compiler-clang.h | 9 + include/linux/compiler.h | 9 + include/linux/compiler_attributes.h | 6 + include/linux/device.h | 10 + include/linux/file.h | 6 + include/linux/iio/frequency/adf4350.h | 2 +- include/linux/irqflags.h | 7 + include/linux/minmax.h | 264 +++++++++++++++------ include/linux/mutex.h | 4 + include/linux/percpu.h | 4 + include/linux/preempt.h | 47 ++++ include/linux/rcupdate.h | 3 + include/linux/rwsem.h | 8 + include/linux/sched/task.h | 2 + include/linux/slab.h | 3 + include/linux/spinlock.h | 32 +++ include/linux/srcu.h | 5 + include/scsi/libsas.h | 18 ++ include/trace/events/filelock.h | 3 +- init/main.c | 14 ++ kernel/bpf/inode.c | 4 +- kernel/fork.c | 2 +- kernel/pid.c | 5 +- kernel/smp.c | 11 +- kernel/trace/preemptirq_delay_test.c | 2 - kernel/trace/trace_kprobe.c | 11 +- kernel/trace/trace_probe.h | 9 +- kernel/trace/trace_uprobe.c | 12 +- lib/btree.c | 1 - lib/crypto/Makefile | 4 + lib/decompress_unlzma.c | 2 + lib/genalloc.c | 5 +- lib/logic_pio.c | 3 - lib/vsprintf.c | 2 +- lib/zstd/zstd_internal.h | 2 - mm/hugetlb.c | 2 + mm/page_alloc.c | 2 +- mm/zsmalloc.c | 1 - net/9p/trans_fd.c | 8 +- net/bluetooth/mgmt.c | 10 +- net/bridge/br_vlan.c | 2 +- net/core/filter.c | 18 +- net/ipv4/proc.c | 2 +- net/ipv4/tcp.c | 9 +- net/ipv4/tcp_input.c | 1 - net/ipv4/udp.c | 16 +- net/ipv6/proc.c | 2 +- net/mptcp/pm.c | 7 +- net/mptcp/pm_netlink.c | 49 +++- net/mptcp/protocol.h | 8 + net/netfilter/ipset/ip_set_hash_gen.h | 8 +- net/netfilter/ipvs/ip_vs_ftp.c | 4 +- net/netfilter/nf_nat_core.c | 6 +- net/nfc/nci/ntf.c | 135 ++++++++--- net/sctp/sm_make_chunk.c | 3 +- net/sctp/sm_statefuns.c | 6 +- net/tipc/core.h | 2 +- net/tipc/link.c | 10 +- scripts/checkpatch.pl | 2 +- security/keys/trusted-keys/trusted_tpm1.c | 7 +- sound/pci/lx6464es/lx_core.c | 4 +- sound/soc/codecs/wcd934x.c | 30 ++- sound/soc/intel/boards/bytcht_es8316.c | 20 +- sound/soc/intel/boards/bytcr_rt5640.c | 7 +- sound/soc/intel/boards/bytcr_rt5651.c | 26 +- tools/build/feature/Makefile | 4 +- tools/include/nolibc/std.h | 2 +- tools/lib/bpf/libbpf.c | 10 + tools/lib/perf/include/perf/event.h | 1 + tools/lib/subcmd/help.c | 3 + tools/perf/tests/perf-record.c | 4 + tools/perf/util/arm-spe-decoder/arm-spe-decoder.c | 33 ++- tools/perf/util/arm-spe-decoder/arm-spe-decoder.h | 60 ++++- tools/perf/util/arm-spe.c | 146 ++++++++++-- tools/perf/util/evsel.c | 2 + tools/perf/util/lzma.c | 2 +- tools/perf/util/session.c | 2 +- tools/perf/util/zlib.c | 2 +- tools/testing/nvdimm/test/ndtest.c | 13 +- tools/testing/selftests/arm64/pauth/exec_target.c | 7 +- tools/testing/selftests/net/mptcp/mptcp_join.sh | 10 + tools/testing/selftests/rseq/rseq.c | 8 +- tools/testing/selftests/vm/mremap_test.c | 2 + tools/testing/selftests/watchdog/watchdog-test.c | 6 + 333 files changed, 2761 insertions(+), 1057 deletions(-)

1 month

7
287
0 0

[PATCH 5.15.y] Revert "perf test: Don't leak workload gopipe in PERF_RECORD_*"

by niko.mauno＠vaisala.com

From: Niko Mauno <niko.mauno(a)vaisala.com> This reverts commit b7e5c59f3b0971f56ebbceb9d42cc45e9ac1cd94. Commit in question broke building perf followingly with v5.15.195: | ld: perf-in.o: in function `test__PERF_RECORD': | tools/perf/tests/perf-record.c:142: undefined reference to `evlist__cancel_workload' The 'evlist__cancel_workload' seems to be introduced in commit e880a70f8046 ("perf stat: Close cork_fd when create_perf_stat_counter() failed") which is currently not included in the 5.15 stable series. Fixes: b7e5c59f3b09 ("perf test: Don't leak workload gopipe in PERF_RECORD_*") Cc: stable(a)vger.kernel.org # 5.15 Signed-off-by: Niko Mauno <niko.mauno(a)vaisala.com> --- tools/perf/tests/perf-record.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tools/perf/tests/perf-record.c b/tools/perf/tests/perf-record.c index b215e89b65f7..0df471bf1590 100644 --- a/tools/perf/tests/perf-record.c +++ b/tools/perf/tests/perf-record.c @@ -115,7 +115,6 @@ int test__PERF_RECORD(struct test *test __maybe_unused, int subtest __maybe_unus if (err < 0) { pr_debug("sched__get_first_possible_cpu: %s\n", str_error_r(errno, sbuf, sizeof(sbuf))); - evlist__cancel_workload(evlist); goto out_delete_evlist; } @@ -127,7 +126,6 @@ int test__PERF_RECORD(struct test *test __maybe_unused, int subtest __maybe_unus if (sched_setaffinity(evlist->workload.pid, cpu_mask_size, &cpu_mask) < 0) { pr_debug("sched_setaffinity: %s\n", str_error_r(errno, sbuf, sizeof(sbuf))); - evlist__cancel_workload(evlist); goto out_delete_evlist; } @@ -139,7 +137,6 @@ int test__PERF_RECORD(struct test *test __maybe_unused, int subtest __maybe_unus if (err < 0) { pr_debug("perf_evlist__open: %s\n", str_error_r(errno, sbuf, sizeof(sbuf))); - evlist__cancel_workload(evlist); goto out_delete_evlist; } @@ -152,7 +149,6 @@ int test__PERF_RECORD(struct test *test __maybe_unused, int subtest __maybe_unus if (err < 0) { pr_debug("evlist__mmap: %s\n", str_error_r(errno, sbuf, sizeof(sbuf))); - evlist__cancel_workload(evlist); goto out_delete_evlist; } -- 2.39.5

1 month

1
0
0 0

[PATCH 6.12 000/135] 6.12.55-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.12.55 release. There are 135 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 24 Oct 2025 06:01:25 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.12.55-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.12.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.12.55-rc2 Guenter Roeck <linux(a)roeck-us.net> dmaengine: Add missing cleanup on module unload Mark Rutland <mark.rutland(a)arm.com> arm64: errata: Apply workarounds for Neoverse-V3AE Mark Rutland <mark.rutland(a)arm.com> arm64: cputype: Add Neoverse-V3AE definitions Jakub Acs <acsjakub(a)amazon.de> mm/ksm: fix flag-dropping behavior in ksm_madvise Chuck Lever <chuck.lever(a)oracle.com> NFSD: Define a proc_layoutcommit for the FlexFiles layout type Devarsh Thakkar <devarsht(a)ti.com> phy: cadence: cdns-dphy: Update calibration wait time for startup state machine Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: reset blackhole on success with non-loopback ifaces Kuniyuki Iwashima <kuniyu(a)google.com> mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable(). Kuniyuki Iwashima <kuniyu(a)google.com> mptcp: Call dst_release() in mptcp_active_enable(). Sharath Chandra Vurukala <quic_sharathv(a)quicinc.com> net: Add locking to protect skb->dev access in ip_output Eric Dumazet <edumazet(a)google.com> ipv4: adopt dst_dev, skb_dst_dev and skb_dst_dev_net[_rcu] Eric Dumazet <edumazet(a)google.com> net: dst: add four helpers to annotate data-races around dst->dev Eric Dumazet <edumazet(a)google.com> tcp: cache RTAX_QUICKACK metric in a hot cache line Eric Dumazet <edumazet(a)google.com> tcp: convert to dev_net_rcu() Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbevf: fix mailbox API compatibility by negotiating supported features Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbevf: fix getting link speed data for E610 devices Piotr Kwapulinski <piotr.kwapulinski(a)intel.com> ixgbevf: Add support for Intel(R) E610 device Piotr Kwapulinski <piotr.kwapulinski(a)intel.com> PCI: Add PCI_VDEVICE_SUB helper macro Jan Kara <jack(a)suse.cz> vfs: Don't leak disconnected dentries on umount Al Viro <viro(a)zeniv.linux.org.uk> d_alloc_parallel(): set DCACHE_PAR_LOOKUP earlier Babu Moger <babu.moger(a)amd.com> x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Babu Moger <babu.moger(a)amd.com> x86/resctrl: Refactor resctrl_arch_rmid_read() Yu Kuai <yukuai3(a)huawei.com> md: fix mssing blktrace bio split events John Garry <john.g.garry(a)oracle.com> md/raid10: Handle bio_split() errors John Garry <john.g.garry(a)oracle.com> md/raid1: Handle bio_split() errors John Garry <john.g.garry(a)oracle.com> md/raid0: Handle bio_split() errors Xiao Liang <shaw.leon(a)gmail.com> padata: Reset next CPU when reorder sequence wraps around Darrick J. Wong <djwong(a)kernel.org> xfs: use deferred intent items for reaping crosslinked blocks Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: rtw89: avoid possible TX wait initialization race Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Fix last write offset handling in layoutcommit Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Implement large extent array support in pNFS Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Minor cleanup in layoutcommit processing Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Rework encoding and decoding of nfsd4_deviceid Sergey Bashirov <sergeybashirov(a)gmail.com> nfsd: Drop dprintk in blocklayout xdr functions Sergey Bashirov <sergeybashirov(a)gmail.com> nfsd: Use correct error code when decoding extents Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Avoid configuring if already pm_runtime suspended Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Simplify pm_runtime setup Bence Csókás <csokas.bence(a)prolan.hu> PM: runtime: Add new devm functions Devarsh Thakkar <devarsht(a)ti.com> phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> phy: cdns-dphy: Store hs_clk_rate and return it Christoph Hellwig <hch(a)lst.de> xfs: fix log CRC mismatches between i386 and other architectures Christoph Hellwig <hch(a)lst.de> xfs: rename the old_crc variable in xlog_recover_process Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Wilfred Mallawa <wilfred.mallawa(a)wdc.com> nvme/tcp: handle tls partially sent records in write_space() Xing Guo <higuoxing(a)gmail.com> selftests: arg_parsing: Ensure data is flushed to disk before reading. Li Qiang <liqiang01(a)kylinos.cn> ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails Thadeu Lima de Souza Cascardo <cascardo(a)igalia.com> HID: multitouch: fix name of Stylus input devices Dmitry Torokhov <dmitry.torokhov(a)gmail.com> HID: hid-input: only ignore 0 battery events for digitizers Jiaming Zhang <r772577952(a)gmail.com> ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: make arg_parsing.c more robust to crashes Pranjal Ramajor Asha Kanojiya <quic_pkanojiy(a)quicinc.com> accel/qaic: Synchronize access to DBC request queue head & tail pointer Youssef Samir <quic_yabdulra(a)quicinc.com> accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Jeffrey Hugo <quic_jhugo(a)quicinc.com> accel/qaic: Fix bootlog initialization ordering Randy Dunlap <rdunlap(a)infradead.org> ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Vincent Guittot <vincent.guittot(a)linaro.org> sched/fair: Fix pelt lost idle time detection Alok Tiwari <alok.a.tiwari(a)oracle.com> drm/rockchip: vop2: use correct destination rectangle height check Francesco Valla <francesco(a)valla.it> drm/draw: fix color truncation in drm_draw_fill24 Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/powerplay: Fix CIK shutdown temperature Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: fix handling of harvesting for ip_discovery firmware Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add support for cyan skillfish without IP discovery Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add ip offset support for cyan skillfish Zhanjun Dong <zhanjun.dong(a)intel.com> drm/i915/guc: Skip communication warning on reset in progress Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Generalize helper to clear IRQ status Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Cancel jdet_work before handling jack ejection Christophe Leroy <christophe.leroy(a)csgroup.eu> ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec Marek Vasut <marek.vasut(a)mailbox.org> drm/bridge: lt9211: Drop check for last nibble of version register Fabian Vogt <fvogt(a)suse.de> riscv: kprobes: Fix probe address validation Amit Chaudhary <achaudhary(a)purestorage.com> nvme-multipath: Skip nr_active increments in RETRY disposition Ketil Johnsen <ketil.johnsen(a)arm.com> drm/panthor: Ensure MCU is disabled on suspend I Viswanath <viswanathiyyappan(a)gmail.com> net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Oleksij Rempel <o.rempel(a)pengutronix.de> net: usb: lan78xx: Add error handling to lan78xx_init_mac_address Breno Leitao <leitao(a)debian.org> netdevsim: set the carrier when the device goes up Sabrina Dubroca <sd(a)queasysnail.net> tls: don't rely on tx_work during send() Sabrina Dubroca <sd(a)queasysnail.net> tls: wait for pending async decryptions if tls_strp_msg_hold fails Sabrina Dubroca <sd(a)queasysnail.net> tls: always set record_type in tls_process_cmsg Sabrina Dubroca <sd(a)queasysnail.net> tls: wait for async encrypt in case of error during latter iterations of sendmsg Sabrina Dubroca <sd(a)queasysnail.net> tls: trim encrypted message to match the plaintext on short splice Alexey Simakov <bigalex934(a)gmail.com> tg3: prevent use of uninitialized remote_adv and local_adv variables Marios Makassikis <mmakassikis(a)freebox.fr> ksmbd: fix recursive locking in RPC handle list access Eric Dumazet <edumazet(a)google.com> tcp: fix tcp_tso_should_defer() vs large RTT Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: Avoid spurious link down messages during interface toggle Dmitry Safonov <0x7f454c46(a)gmail.com> net/ip6_tunnel: Prevent perpetual tunnel growth Linmao Li <lilinmao(a)kylinos.cn> r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Nicolas Dichtel <nicolas.dichtel(a)6wind.com> doc: fix seg6_flowlabel path Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: handle dma_map_single() failure properly Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: fix CAN state in system PM Sean Nyekjaer <sean(a)geanix.com> can: m_can: call deinit/init callback when going into suspend/resume Sean Nyekjaer <sean(a)geanix.com> can: m_can: add deinit callback Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_chip_config(): bring up interface in correct state Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_handle_state_errors(): fix CAN state transition to Error Active Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() Yuezhang Mo <Yuezhang.Mo(a)sony.com> dax: skip read lock assertion for read-only filesystems Benjamin Tissoires <bentiss(a)kernel.org> HID: multitouch: fix sticky fingers Jens Axboe <axboe(a)kernel.dk> Revert "io_uring/rw: drop -EOPNOTSUPP check in __io_complete_rw_common()" Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_rndis: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_ecm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_acm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_ncm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Introduce free_usb_request helper Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Store endpoint pointer in usb_request Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: remove ctx->suspended Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: properly clear channels during bind Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions Guoniu Zhou <guoniu.zhou(a)nxp.com> media: nxp: imx8-isi: m2m: Fix streaming cleanup on release Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: nxp: imx8-isi: Drop unused argument to mxc_isi_channel_chain() Akhil P Oommen <akhilpo(a)oss.qualcomm.com> drm/msm/a6xx: Fix PDC sleep sequence Miaoqian Lin <linmq006(a)gmail.com> cdx: Fix device node reference leak in cdx_msi_domain_init Jiri Slaby (SUSE) <jirislaby(a)kernel.org> irqdomain: cdx: Switch to of_fwnode_handle() Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Check whether secure display TA loaded successfully Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix MMAP2 event device with backing files Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix MMAP event path names with backing files Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix address filter match with backing files Jonathan Kim <jonathan.kim(a)amd.com> drm/amdgpu: fix gfx12 mes packet status return check Gui-Dong Han <hanguidong02(a)gmail.com> drm/amdgpu: use atomic functions with memory barriers for vm fault info Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies Eugene Korenevsky <ekorenevsky(a)aliyun.com> cifs: parse_dfs_referrals: prevent oob on malformed input Celeste Liu <uwu(a)coelacanthus.name> can: gs_usb: increase max interface to U8_MAX Celeste Liu <uwu(a)coelacanthus.name> can: gs_usb: gs_make_candev(): populate net_device->dev_port Filipe Manana <fdmanana(a)suse.com> btrfs: do not assert we found block group item when creating free space tree Miquel Sabaté Solà <mssola(a)mssola.com> btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST Boris Burkov <boris(a)bur.io> btrfs: fix incorrect readahead expansion length Miquel Sabaté Solà <mssola(a)mssola.com> btrfs: fix memory leak on duplicated memory in the qgroup assign ioctl Filipe Manana <fdmanana(a)suse.com> btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running Deepanshu Kartikey <kartikey406(a)gmail.com> ext4: detect invalid INLINE_DATA + EXTENTS flag combination Zhang Yi <yi.zhang(a)huawei.com> ext4: wait for ongoing I/O to complete before freeing blocks Zhang Yi <yi.zhang(a)huawei.com> jbd2: ensure that all ongoing I/O complete before freeing blocks Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix wrong block mapping for multi-devices Oliver Upton <oliver.upton(a)linux.dev> KVM: arm64: Prevent access to vCPU events before init Yi Cong <yicong(a)kylinos.cn> r8152: add error handling in rtl8152_driver_init Hao Ge <gehao(a)kylinos.cn> slab: reset slab->obj_ext when freeing and it is OBJEXTS_ALLOC_FAIL Shuhao Fu <sfual(a)cse.ust.hk> smb: client: Fix refcount leak for cifs_sb_tlink Conor Dooley <conor.dooley(a)microchip.com> rust: cfi: only 64-bit arm and x86 support CFI_CLANG Shuicheng Lin <shuicheng.lin(a)intel.com> drm/xe/guc: Check GuC running state before deregistering exec queue ------------- Diffstat: Documentation/arch/arm64/silicon-errata.rst | 2 + Documentation/networking/seg6-sysctl.rst | 3 + Makefile | 4 +- arch/Kconfig | 1 + arch/arm64/Kconfig | 1 + arch/arm64/include/asm/cputype.h | 2 + arch/arm64/kernel/cpu_errata.c | 1 + arch/arm64/kvm/arm.c | 6 + arch/riscv/kernel/probes/kprobes.c | 13 +- arch/x86/kernel/cpu/resctrl/monitor.c | 46 +++-- drivers/accel/qaic/qaic.h | 2 + drivers/accel/qaic/qaic_control.c | 2 +- drivers/accel/qaic/qaic_data.c | 12 +- drivers/accel/qaic/qaic_debugfs.c | 5 +- drivers/accel/qaic/qaic_drv.c | 3 + drivers/base/power/runtime.c | 44 ++++ drivers/cdx/cdx_msi.c | 5 +- drivers/cpufreq/cppc_cpufreq.c | 14 +- drivers/dma/idxd/init.c | 2 + drivers/gpu/drm/amd/amdgpu/Makefile | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 48 ++++- drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 2 +- .../gpu/drm/amd/amdgpu/cyan_skillfish_reg_init.c | 56 +++++ drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/mes_v12_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/nv.h | 1 + .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 +- drivers/gpu/drm/bridge/lontium-lt9211.c | 3 +- drivers/gpu/drm/drm_draw.c | 2 +- drivers/gpu/drm/drm_draw_internal.h | 2 +- drivers/gpu/drm/exynos/exynos7_drm_decon.c | 98 ++++----- drivers/gpu/drm/i915/gt/uc/intel_guc_ct.c | 9 +- drivers/gpu/drm/msm/adreno/a6xx_gmu.c | 28 ++- drivers/gpu/drm/msm/adreno/a6xx_gmu.h | 6 + drivers/gpu/drm/panthor/panthor_fw.c | 1 + drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 2 +- drivers/gpu/drm/scheduler/sched_main.c | 13 +- drivers/gpu/drm/xe/xe_guc_submit.c | 13 +- drivers/hid/hid-input.c | 5 +- drivers/hid/hid-multitouch.c | 28 +-- drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 35 ++-- drivers/md/md-linear.c | 1 + drivers/md/raid0.c | 16 ++ drivers/md/raid1.c | 37 +++- drivers/md/raid10.c | 55 ++++- drivers/md/raid5.c | 2 + .../media/platform/nxp/imx8-isi/imx8-isi-core.h | 2 +- drivers/media/platform/nxp/imx8-isi/imx8-isi-hw.c | 2 +- drivers/media/platform/nxp/imx8-isi/imx8-isi-m2m.c | 225 +++++++++------------ .../media/platform/nxp/imx8-isi/imx8-isi-pipe.c | 2 +- drivers/net/can/m_can/m_can.c | 86 +++++--- drivers/net/can/m_can/m_can.h | 1 + drivers/net/can/m_can/m_can_platform.c | 2 +- drivers/net/can/usb/gs_usb.c | 23 +-- drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 - drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 + drivers/net/ethernet/broadcom/tg3.c | 5 +- drivers/net/ethernet/dlink/dl2k.c | 23 ++- drivers/net/ethernet/intel/ixgbevf/defines.h | 6 +- drivers/net/ethernet/intel/ixgbevf/ipsec.c | 10 + drivers/net/ethernet/intel/ixgbevf/ixgbevf.h | 13 +- drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 46 ++++- drivers/net/ethernet/intel/ixgbevf/mbx.h | 8 + drivers/net/ethernet/intel/ixgbevf/vf.c | 194 +++++++++++++++--- drivers/net/ethernet/intel/ixgbevf/vf.h | 5 +- drivers/net/ethernet/realtek/r8169_main.c | 5 +- drivers/net/netdevsim/netdev.c | 7 + drivers/net/usb/lan78xx.c | 38 +++- drivers/net/usb/r8152.c | 7 +- drivers/net/wireless/realtek/rtw89/core.c | 39 ++-- drivers/net/wireless/realtek/rtw89/core.h | 6 +- drivers/net/wireless/realtek/rtw89/mac80211.c | 2 +- drivers/net/wireless/realtek/rtw89/pci.c | 2 - drivers/nvme/host/multipath.c | 6 +- drivers/nvme/host/tcp.c | 3 + drivers/phy/cadence/cdns-dphy.c | 133 +++++++++--- drivers/usb/gadget/function/f_acm.c | 42 ++-- drivers/usb/gadget/function/f_ecm.c | 48 ++--- drivers/usb/gadget/function/f_ncm.c | 78 +++---- drivers/usb/gadget/function/f_rndis.c | 85 ++++---- drivers/usb/gadget/udc/core.c | 3 + fs/btrfs/extent_io.c | 2 +- fs/btrfs/free-space-tree.c | 15 +- fs/btrfs/ioctl.c | 2 +- fs/btrfs/relocation.c | 13 +- fs/btrfs/zoned.c | 2 +- fs/dax.c | 2 +- fs/dcache.c | 12 +- fs/ext4/ext4_jbd2.c | 11 +- fs/ext4/inode.c | 8 + fs/f2fs/data.c | 2 +- fs/hfsplus/unicode.c | 24 +++ fs/jbd2/transaction.c | 13 +- fs/nfsd/blocklayout.c | 33 +-- fs/nfsd/blocklayoutxdr.c | 171 ++++++++++------ fs/nfsd/blocklayoutxdr.h | 8 +- fs/nfsd/flexfilelayout.c | 8 + fs/nfsd/flexfilelayoutxdr.c | 3 +- fs/nfsd/nfs4layouts.c | 1 - fs/nfsd/nfs4proc.c | 36 ++-- fs/nfsd/nfs4xdr.c | 25 +-- fs/nfsd/nfsd.h | 1 + fs/nfsd/pnfs.h | 1 + fs/nfsd/xdr4.h | 39 +++- fs/smb/client/inode.c | 6 +- fs/smb/client/misc.c | 17 ++ fs/smb/client/smb2ops.c | 8 +- fs/smb/server/mgmt/user_session.c | 7 +- fs/smb/server/smb2pdu.c | 9 +- fs/smb/server/transport_ipc.c | 12 ++ fs/xfs/libxfs/xfs_log_format.h | 30 ++- fs/xfs/libxfs/xfs_ondisk.h | 2 + fs/xfs/scrub/reap.c | 9 +- fs/xfs/xfs_log.c | 8 +- fs/xfs/xfs_log_priv.h | 4 +- fs/xfs/xfs_log_recover.c | 34 +++- include/linux/mm.h | 2 +- include/linux/pci.h | 14 ++ include/linux/pm_runtime.h | 4 + include/linux/usb/gadget.h | 25 +++ include/net/dst.h | 32 +++ include/net/inet6_hashtables.h | 2 +- include/net/inet_connection_sock.h | 3 +- include/net/inet_hashtables.h | 2 +- include/net/ip.h | 11 +- include/net/ip_tunnels.h | 15 ++ include/net/route.h | 2 +- io_uring/rw.c | 2 +- kernel/events/core.c | 8 +- kernel/padata.c | 6 +- kernel/sched/fair.c | 26 +-- mm/slub.c | 9 +- net/core/dst.c | 4 +- net/core/sock.c | 14 +- net/ipv4/icmp.c | 24 ++- net/ipv4/igmp.c | 2 +- net/ipv4/ip_fragment.c | 2 +- net/ipv4/ip_output.c | 19 +- net/ipv4/ip_tunnel.c | 14 -- net/ipv4/ip_vti.c | 4 +- net/ipv4/netfilter.c | 4 +- net/ipv4/route.c | 8 +- net/ipv4/tcp_fastopen.c | 4 +- net/ipv4/tcp_input.c | 3 +- net/ipv4/tcp_ipv4.c | 12 +- net/ipv4/tcp_metrics.c | 8 +- net/ipv4/tcp_output.c | 19 +- net/ipv4/xfrm4_output.c | 2 +- net/ipv6/ip6_tunnel.c | 3 +- net/ipv6/tcp_ipv6.c | 22 +- net/mptcp/ctrl.c | 9 +- net/tls/tls_main.c | 7 +- net/tls/tls_sw.c | 31 ++- rust/bindings/bindings_helper.h | 1 + sound/firewire/amdtp-stream.h | 2 +- sound/soc/amd/acp/acp-sdw-sof-mach.c | 2 +- sound/soc/codecs/idt821034.c | 12 +- sound/soc/codecs/nau8821.c | 53 +++-- sound/usb/card.c | 10 +- .../testing/selftests/bpf/prog_tests/arg_parsing.c | 12 +- 162 files changed, 1911 insertions(+), 959 deletions(-)

1 month

11
10
0 0

[PATCH 6.17 000/160] 6.17.5-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.17.5 release. There are 160 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 24 Oct 2025 05:33:10 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.17.5-rc2… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.17.5-rc2 Dan Carpenter <dan.carpenter(a)linaro.org> drm/xe: Fix an IS_ERR() vs NULL bug in xe_tile_alloc_vram() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PM: hibernate: Fix pm_hibernation_mode_is_suspend() build breakage Matthew Brost <matthew.brost(a)intel.com> drm/xe: Don't allow evicting of BOs in same VM in array of VM binds Lucas De Marchi <lucas.demarchi(a)intel.com> drm/xe: Move rebar to be done earlier Piotr Piórkowski <piotr.piorkowski(a)intel.com> drm/xe: Unify the initialization of VRAM regions Piotr Piórkowski <piotr.piorkowski(a)intel.com> drm/xe: Move struct xe_vram_region to a dedicated header Piotr Piórkowski <piotr.piorkowski(a)intel.com> drm/xe: Use dynamic allocation for tile and device VRAM region structures Piotr Piórkowski <piotr.piorkowski(a)intel.com> drm/xe: Use devm_ioremap_wc for VRAM mapping and drop manual unmap Devarsh Thakkar <devarsht(a)ti.com> phy: cadence: cdns-dphy: Update calibration wait time for startup state machine Dave Jiang <dave.jiang(a)intel.com> cxl: Fix match_region_by_range() to use region_res_match_cxl_range() Babu Moger <babu.moger(a)amd.com> x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Babu Moger <babu.moger(a)amd.com> x86/resctrl: Refactor resctrl_arch_rmid_read() Chuck Lever <chuck.lever(a)oracle.com> NFSD: Define a proc_layoutcommit for the FlexFiles layout type Devarsh Thakkar <devarsht(a)ti.com> phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> phy: cdns-dphy: Store hs_clk_rate and return it Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Fix last write offset handling in layoutcommit Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Implement large extent array support in pNFS Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Minor cleanup in layoutcommit processing Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Rework encoding and decoding of nfsd4_deviceid Christoph Hellwig <hch(a)lst.de> xfs: fix log CRC mismatches between i386 and other architectures Christoph Hellwig <hch(a)lst.de> xfs: rename the old_crc variable in xlog_recover_process Mark Rutland <mark.rutland(a)arm.com> arm64: errata: Apply workarounds for Neoverse-V3AE Mark Rutland <mark.rutland(a)arm.com> arm64: cputype: Add Neoverse-V3AE definitions Ada Couprie Diaz <ada.coupriediaz(a)arm.com> arm64: debug: always unmask interrupts in el0_softstp() Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Miguel Ojeda <ojeda(a)kernel.org> rust: cpufreq: fix formatting Wilfred Mallawa <wilfred.mallawa(a)wdc.com> nvme/tcp: handle tls partially sent records in write_space() Xing Guo <higuoxing(a)gmail.com> selftests: arg_parsing: Ensure data is flushed to disk before reading. Matthew Auld <matthew.auld(a)intel.com> drm/xe/evict: drop bogus assert Li Qiang <liqiang01(a)kylinos.cn> ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails Thadeu Lima de Souza Cascardo <cascardo(a)igalia.com> HID: multitouch: fix name of Stylus input devices Dmitry Torokhov <dmitry.torokhov(a)gmail.com> HID: hid-input: only ignore 0 battery events for digitizers Ming Lei <ming.lei(a)redhat.com> block: Remove elevator_lock usage from blkg_conf frozen operations Yu Kuai <yukuai3(a)huawei.com> blk-mq: fix stale tag depth for shared sched tags in blk_mq_update_nr_requests() Jiaming Zhang <r772577952(a)gmail.com> ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: make arg_parsing.c more robust to crashes Alison Schofield <alison.schofield(a)intel.com> cxl/trace: Subtract to find an hpa_alias0 in cxl_poison events Martin George <martinus.gpy(a)gmail.com> nvme-auth: update sc_c in host response Pranjal Ramajor Asha Kanojiya <quic_pkanojiy(a)quicinc.com> accel/qaic: Synchronize access to DBC request queue head & tail pointer Youssef Samir <quic_yabdulra(a)quicinc.com> accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Jeff Hugo <jeff.hugo(a)oss.qualcomm.com> accel/qaic: Fix bootlog initialization ordering Randy Dunlap <rdunlap(a)infradead.org> ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Vincent Guittot <vincent.guittot(a)linaro.org> sched/fair: Fix pelt lost idle time detection Peter Zijlstra (Intel) <peterz(a)infradead.org> sched/deadline: Stop dl_server before CPU goes offline Even Xu <even.xu(a)intel.com> HID: intel-thc-hid: Intel-quickspi: switch first interrupt from level to edge detection Alok Tiwari <alok.a.tiwari(a)oracle.com> drm/rockchip: vop2: use correct destination rectangle height check Francesco Valla <francesco(a)valla.it> drm/draw: fix color truncation in drm_draw_fill24 Ingo Molnar <mingo(a)kernel.org> x86/mm: Fix SMP ordering in switch_mm_irqs_off() Dave Jiang <dave.jiang(a)intel.com> cxl/features: Add check for no entries in cxl_feature_info Vinay Belgaumkar <vinay.belgaumkar(a)intel.com> drm/xe: Enable media sampler power gating Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/powerplay: Fix CIK shutdown temperature Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: drop unused structures in amdgpu_drm.h Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: set an error on all fences from a bad context Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: handle wrap around in reemit handling Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: fix handling of harvesting for ip_discovery firmware Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add support for cyan skillfish without IP discovery Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add ip offset support for cyan skillfish Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/fb: Fix the set_tiling vs. addfb race, again Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/frontbuffer: Move bo refcounting intel_frontbuffer_{get,release}() Zhanjun Dong <zhanjun.dong(a)intel.com> drm/i915/guc: Skip communication warning on reset in progress Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Consistently clear interrupts before unmasking Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Generalize helper to clear IRQ status Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Cancel jdet_work before handling jack ejection Christophe Leroy <christophe.leroy(a)csgroup.eu> ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec Sourabh Jain <sourabhjain(a)linux.ibm.com> powerpc/fadump: skip parameter area allocation when fadump is disabled Marek Vasut <marek.vasut(a)mailbox.org> drm/bridge: lt9211: Drop check for last nibble of version register Fabian Vogt <fvogt(a)suse.de> riscv: kprobes: Fix probe address validation Amit Chaudhary <achaudhary(a)purestorage.com> nvme-multipath: Skip nr_active increments in RETRY disposition Ketil Johnsen <ketil.johnsen(a)arm.com> drm/panthor: Ensure MCU is disabled on suspend I Viswanath <viswanathiyyappan(a)gmail.com> net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Breno Leitao <leitao(a)debian.org> netdevsim: set the carrier when the device goes up Sabrina Dubroca <sd(a)queasysnail.net> tls: don't rely on tx_work during send() Sabrina Dubroca <sd(a)queasysnail.net> tls: wait for pending async decryptions if tls_strp_msg_hold fails Sabrina Dubroca <sd(a)queasysnail.net> tls: always set record_type in tls_process_cmsg Sabrina Dubroca <sd(a)queasysnail.net> tls: wait for async encrypt in case of error during latter iterations of sendmsg Sabrina Dubroca <sd(a)queasysnail.net> tls: trim encrypted message to match the plaintext on short splice Alexey Simakov <bigalex934(a)gmail.com> tg3: prevent use of uninitialized remote_adv and local_adv variables Marios Makassikis <mmakassikis(a)freebox.fr> ksmbd: fix recursive locking in RPC handle list access Florian Westphal <fw(a)strlen.de> net: core: fix lockdep splat on device unregister Wang Liang <wangliang74(a)huawei.com> selftests: net: check jq command is supported Lorenzo Bianconi <lorenzo(a)kernel.org> net: airoha: Take into account out-of-order tx completions in airoha_dev_xmit() Eric Dumazet <edumazet(a)google.com> tcp: fix tcp_tso_should_defer() vs large RTT Zqiang <qiang.zhang(a)linux.dev> usbnet: Fix using smp_processor_id() in preemptible code warnings Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> Octeontx2-af: Fix missing error code in cgx_probe() Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: Avoid spurious link down messages during interface toggle Marek Vasut <marek.vasut(a)mailbox.org> net: phy: realtek: Avoid PHYCR2 access if PHYCR2 not present Koichiro Den <den(a)valinux.co.jp> ixgbe: fix too early devlink_free() in ixgbe_remove() Milena Olech <milena.olech(a)intel.com> idpf: cleanup remaining SKBs in PTP flows Dmitry Safonov <0x7f454c46(a)gmail.com> net/ip6_tunnel: Prevent perpetual tunnel growth Kamil Horák - 2N <kamilh(a)axis.com> net: phy: bcm54811: Fix GMII/MII/MII-Lite selection Linmao Li <lilinmao(a)kylinos.cn> r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Ivan Vecera <ivecera(a)redhat.com> dpll: zl3073x: Handle missing or corrupted flash configuration Ivan Vecera <ivecera(a)redhat.com> dpll: zl3073x: Refactor DPLL initialization Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> can: j1939: add missing calls in NETDEV_UNREGISTER notification handler Nicolas Dichtel <nicolas.dichtel(a)6wind.com> doc: fix seg6_flowlabel path Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: handle dma_map_single() failure properly Rex Lu <rex.lu(a)mediatek.com> net: mtk: wed: add dma mask limitation and GFP_DMA32 for device with more than 4GB DRAM Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: fix CAN state in system PM Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_chip_config(): bring up interface in correct state Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_handle_state_errors(): fix CAN state transition to Error Active Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() Christian Brauner <brauner(a)kernel.org> coredump: fix core_pattern input validation Yuezhang Mo <Yuezhang.Mo(a)sony.com> dax: skip read lock assertion for read-only filesystems Benjamin Tissoires <bentiss(a)kernel.org> HID: multitouch: fix sticky fingers Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_ncm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_ecm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_acm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_rndis: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Introduce free_usb_request helper Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Store endpoint pointer in usb_request Guoniu Zhou <guoniu.zhou(a)nxp.com> media: nxp: imx8-isi: m2m: Fix streaming cleanup on release Mario Limonciello (AMD) <superm1(a)kernel.org> drm/amd: Fix hybrid sleep Mario Limonciello (AMD) <superm1(a)kernel.org> PM: hibernate: Add pm_hibernation_mode_is_suspend() Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Check whether secure display TA loaded successfully Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix MMAP2 event device with backing files Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix MMAP event path names with backing files Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix address filter match with backing files Kenneth Graunke <kenneth(a)whitecape.org> drm/xe: Increase global invalidation timeout to 1000us Jonathan Kim <jonathan.kim(a)amd.com> drm/amdgpu: fix gfx12 mes packet status return check Gui-Dong Han <hanguidong02(a)gmail.com> drm/amdgpu: use atomic functions with memory barriers for vm fault info Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies Denis Arefev <arefev(a)swemel.ru> ALSA: hda: Fix missing pointer check in hda_component_manager_init function Denis Arefev <arefev(a)swemel.ru> ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() Takashi Iwai <tiwai(a)suse.de> ALSA: hda/realtek: Add quirk entry for HP ZBook 17 G6 Stuart Hayhurst <stuart.a.hayhurst(a)gmail.com> ALSA: hda/intel: Add MSI X870E Tomahawk to denylist Dave Jiang <dave.jiang(a)intel.com> cxl/acpi: Fix setup of memory resource in cxl_acpi_set_cache_size() Eugene Korenevsky <ekorenevsky(a)aliyun.com> cifs: parse_dfs_referrals: prevent oob on malformed input Celeste Liu <uwu(a)coelacanthus.name> can: gs_usb: increase max interface to U8_MAX Celeste Liu <uwu(a)coelacanthus.name> can: gs_usb: gs_make_candev(): populate net_device->dev_port Filipe Manana <fdmanana(a)suse.com> btrfs: do not assert we found block group item when creating free space tree Miquel Sabaté Solà <mssola(a)mssola.com> btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST Boris Burkov <boris(a)bur.io> btrfs: fix incorrect readahead expansion length Qu Wenruo <wqu(a)suse.com> btrfs: only set the device specific options after devices are opened Miquel Sabaté Solà <mssola(a)mssola.com> btrfs: fix memory leak on duplicated memory in the qgroup assign ioctl Filipe Manana <fdmanana(a)suse.com> btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running Deepanshu Kartikey <kartikey406(a)gmail.com> ext4: detect invalid INLINE_DATA + EXTENTS flag combination Zhang Yi <yi.zhang(a)huawei.com> ext4: wait for ongoing I/O to complete before freeing blocks Zhang Yi <yi.zhang(a)huawei.com> jbd2: ensure that all ongoing I/O complete before freeing blocks Tim Hostetler <thostet(a)google.com> gve: Check valid ts bit on RX descriptor before hw timestamping Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix wrong block mapping for multi-devices Oliver Upton <oliver.upton(a)linux.dev> KVM: arm64: Prevent access to vCPU events before init Bhanu Seshu Kumar Valluri <bhanuseshukumar(a)gmail.com> net: usb: lan78xx: Fix lost EEPROM write timeout error(-ETIMEDOUT) in lan78xx_write_raw_eeprom Yi Cong <yicong(a)kylinos.cn> r8152: add error handling in rtl8152_driver_init Matthew Schwartz <matthew.schwartz(a)linux.dev> Revert "drm/amd/display: Only restore backlight after amdgpu_dm_init or dm_resume" Pavel Begunkov <asml.silence(a)gmail.com> io_uring: protect mem region deregistration Jens Axboe <axboe(a)kernel.dk> Revert "io_uring/rw: drop -EOPNOTSUPP check in __io_complete_rw_common()" Hao Ge <gehao(a)kylinos.cn> slab: reset slab->obj_ext when freeing and it is OBJEXTS_ALLOC_FAIL Rong Zhang <i(a)rong.moe> x86/CPU/AMD: Prevent reset reasons from being retained across reboot Shuhao Fu <sfual(a)cse.ust.hk> smb: client: Fix refcount leak for cifs_sb_tlink Conor Dooley <conor.dooley(a)microchip.com> rust: cfi: only 64-bit arm and x86 support CFI_CLANG Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbevf: fix mailbox API compatibility by negotiating supported features Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbevf: fix getting link speed data for E610 devices Shuicheng Lin <shuicheng.lin(a)intel.com> drm/xe/guc: Check GuC running state before deregistering exec queue Lorenzo Pieralisi <lpieralisi(a)kernel.org> arm64/sysreg: Fix GIC CDEOI instruction encoding Damien Le Moal <dlemoal(a)kernel.org> ata: libata-core: relax checks in ata_read_log_directory() Jan Kara <jack(a)suse.cz> vfs: Don't leak disconnected dentries on umount Inochi Amaoto <inochiama(a)gmail.com> PCI: vmd: Override irq_startup()/irq_shutdown() in vmd_init_dev_msi_info() Andrey Albershteyn <aalbersh(a)redhat.com> Revert "fs: make vfs_fileattr_[get|set] return -EOPNOTSUPP" Jonathan Corbet <corbet(a)lwn.net> docs: kdoc: handle the obsolescensce of docutils.ErrorString() ------------- Diffstat: Documentation/arch/arm64/silicon-errata.rst | 2 + Documentation/networking/seg6-sysctl.rst | 3 + Documentation/sphinx/kernel_feat.py | 4 +- Documentation/sphinx/kernel_include.py | 6 +- Documentation/sphinx/maintainers_include.py | 4 +- Makefile | 4 +- arch/Kconfig | 1 + arch/arm64/Kconfig | 1 + arch/arm64/include/asm/cputype.h | 2 + arch/arm64/include/asm/sysreg.h | 11 +- arch/arm64/kernel/cpu_errata.c | 1 + arch/arm64/kernel/entry-common.c | 8 +- arch/arm64/kvm/arm.c | 6 + arch/powerpc/kernel/fadump.c | 3 + arch/riscv/kernel/probes/kprobes.c | 13 +- arch/x86/kernel/cpu/amd.c | 16 +- arch/x86/kernel/cpu/resctrl/monitor.c | 46 ++-- arch/x86/mm/tlb.c | 24 +- block/blk-cgroup.c | 13 +- block/blk-mq-sched.c | 2 +- block/blk-mq-tag.c | 5 +- block/blk-mq.c | 2 +- block/blk-mq.h | 3 +- drivers/accel/qaic/qaic.h | 2 + drivers/accel/qaic/qaic_control.c | 2 +- drivers/accel/qaic/qaic_data.c | 12 +- drivers/accel/qaic/qaic_debugfs.c | 5 +- drivers/accel/qaic/qaic_drv.c | 3 + drivers/ata/libata-core.c | 11 +- drivers/cxl/acpi.c | 2 +- drivers/cxl/core/features.c | 3 + drivers/cxl/core/region.c | 7 +- drivers/cxl/core/trace.h | 2 +- drivers/dpll/zl3073x/core.c | 280 +++++++++++++-------- drivers/dpll/zl3073x/core.h | 3 + drivers/dpll/zl3073x/devlink.c | 18 +- drivers/dpll/zl3073x/regs.h | 3 + drivers/gpu/drm/amd/amdgpu/Makefile | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 48 +++- drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_fence.c | 54 +++- drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ring.h | 2 +- .../gpu/drm/amd/amdgpu/cyan_skillfish_reg_init.c | 56 +++++ drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/mes_v12_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/nv.h | 1 + drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 12 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h | 7 - .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 +- drivers/gpu/drm/bridge/lontium-lt9211.c | 3 +- drivers/gpu/drm/drm_draw.c | 2 +- drivers/gpu/drm/drm_draw_internal.h | 2 +- drivers/gpu/drm/i915/display/intel_fb.c | 38 +-- drivers/gpu/drm/i915/display/intel_frontbuffer.c | 10 +- .../gpu/drm/i915/gem/i915_gem_object_frontbuffer.h | 2 - drivers/gpu/drm/i915/gt/uc/intel_guc_ct.c | 9 +- drivers/gpu/drm/panthor/panthor_fw.c | 1 + drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 2 +- drivers/gpu/drm/scheduler/sched_main.c | 13 +- drivers/gpu/drm/xe/display/xe_fb_pin.c | 5 +- drivers/gpu/drm/xe/display/xe_plane_initial.c | 3 +- drivers/gpu/drm/xe/regs/xe_gt_regs.h | 1 + drivers/gpu/drm/xe/xe_assert.h | 4 +- drivers/gpu/drm/xe/xe_bo.c | 1 + drivers/gpu/drm/xe/xe_bo.h | 4 +- drivers/gpu/drm/xe/xe_bo_evict.c | 8 - drivers/gpu/drm/xe/xe_bo_types.h | 1 + drivers/gpu/drm/xe/xe_device.c | 22 +- drivers/gpu/drm/xe/xe_device_types.h | 62 +---- drivers/gpu/drm/xe/xe_gt_idle.c | 8 + drivers/gpu/drm/xe/xe_gt_pagefault.c | 13 +- drivers/gpu/drm/xe/xe_gt_sriov_pf_config.c | 3 +- drivers/gpu/drm/xe/xe_guc_submit.c | 13 +- drivers/gpu/drm/xe/xe_migrate.c | 25 +- drivers/gpu/drm/xe/xe_pci.c | 8 + drivers/gpu/drm/xe/xe_query.c | 5 +- drivers/gpu/drm/xe/xe_svm.c | 63 ++--- drivers/gpu/drm/xe/xe_tile.c | 58 +++-- drivers/gpu/drm/xe/xe_tile.h | 14 +- drivers/gpu/drm/xe/xe_ttm_stolen_mgr.c | 10 +- drivers/gpu/drm/xe/xe_ttm_vram_mgr.c | 22 +- drivers/gpu/drm/xe/xe_ttm_vram_mgr.h | 3 +- drivers/gpu/drm/xe/xe_vm.c | 32 ++- drivers/gpu/drm/xe/xe_vm_types.h | 2 + drivers/gpu/drm/xe/xe_vram.c | 245 +++++++++++++----- drivers/gpu/drm/xe/xe_vram.h | 14 +- drivers/gpu/drm/xe/xe_vram_types.h | 85 +++++++ drivers/hid/hid-input.c | 5 +- drivers/hid/hid-multitouch.c | 28 ++- .../intel-quickspi/quickspi-protocol.c | 3 +- drivers/media/platform/nxp/imx8-isi/imx8-isi-m2m.c | 226 +++++++---------- drivers/net/can/m_can/m_can.c | 64 +++-- drivers/net/can/m_can/m_can_platform.c | 2 +- drivers/net/can/usb/gs_usb.c | 23 +- drivers/net/ethernet/airoha/airoha_eth.c | 16 +- drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 - drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 + drivers/net/ethernet/broadcom/tg3.c | 5 +- drivers/net/ethernet/dlink/dl2k.c | 23 +- drivers/net/ethernet/google/gve/gve.h | 2 + drivers/net/ethernet/google/gve/gve_desc_dqo.h | 3 +- drivers/net/ethernet/google/gve/gve_rx_dqo.c | 16 +- drivers/net/ethernet/intel/idpf/idpf_ptp.c | 3 + .../net/ethernet/intel/idpf/idpf_virtchnl_ptp.c | 1 + drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 3 +- drivers/net/ethernet/intel/ixgbevf/defines.h | 1 + drivers/net/ethernet/intel/ixgbevf/ipsec.c | 10 + drivers/net/ethernet/intel/ixgbevf/ixgbevf.h | 7 + drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 34 ++- drivers/net/ethernet/intel/ixgbevf/mbx.h | 8 + drivers/net/ethernet/intel/ixgbevf/vf.c | 182 +++++++++++--- drivers/net/ethernet/intel/ixgbevf/vf.h | 1 + drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 1 + drivers/net/ethernet/mediatek/mtk_wed.c | 8 +- drivers/net/ethernet/realtek/r8169_main.c | 5 +- drivers/net/netdevsim/netdev.c | 7 + drivers/net/phy/broadcom.c | 20 +- drivers/net/phy/realtek/realtek_main.c | 23 +- drivers/net/usb/lan78xx.c | 19 +- drivers/net/usb/r8152.c | 7 +- drivers/net/usb/usbnet.c | 2 + drivers/nvme/host/auth.c | 6 +- drivers/nvme/host/multipath.c | 6 +- drivers/nvme/host/tcp.c | 3 + drivers/pci/controller/vmd.c | 13 + drivers/phy/cadence/cdns-dphy.c | 133 +++++++--- drivers/usb/gadget/function/f_acm.c | 42 ++-- drivers/usb/gadget/function/f_ecm.c | 48 ++-- drivers/usb/gadget/function/f_ncm.c | 78 +++--- drivers/usb/gadget/function/f_rndis.c | 85 +++---- drivers/usb/gadget/udc/core.c | 3 + fs/btrfs/extent_io.c | 2 +- fs/btrfs/free-space-tree.c | 15 +- fs/btrfs/ioctl.c | 2 +- fs/btrfs/relocation.c | 13 +- fs/btrfs/super.c | 3 +- fs/btrfs/zoned.c | 2 +- fs/coredump.c | 2 +- fs/dax.c | 2 +- fs/dcache.c | 2 + fs/exec.c | 2 +- fs/ext4/ext4_jbd2.c | 11 +- fs/ext4/inode.c | 8 + fs/f2fs/data.c | 2 +- fs/file_attr.c | 12 +- fs/fuse/ioctl.c | 4 - fs/hfsplus/unicode.c | 24 ++ fs/jbd2/transaction.c | 13 +- fs/nfsd/blocklayout.c | 25 +- fs/nfsd/blocklayoutxdr.c | 86 ++++--- fs/nfsd/blocklayoutxdr.h | 4 +- fs/nfsd/flexfilelayout.c | 8 + fs/nfsd/flexfilelayoutxdr.c | 3 +- fs/nfsd/nfs4layouts.c | 1 - fs/nfsd/nfs4proc.c | 36 ++- fs/nfsd/nfs4xdr.c | 25 +- fs/nfsd/pnfs.h | 1 + fs/nfsd/xdr4.h | 39 ++- fs/overlayfs/copy_up.c | 2 +- fs/overlayfs/inode.c | 5 +- fs/smb/client/inode.c | 6 +- fs/smb/client/misc.c | 17 ++ fs/smb/client/smb2ops.c | 8 +- fs/smb/server/mgmt/user_session.c | 7 +- fs/smb/server/smb2pdu.c | 9 +- fs/smb/server/transport_ipc.c | 12 + fs/xfs/libxfs/xfs_log_format.h | 30 ++- fs/xfs/libxfs/xfs_ondisk.h | 2 + fs/xfs/xfs_log.c | 8 +- fs/xfs/xfs_log_priv.h | 4 +- fs/xfs/xfs_log_recover.c | 34 ++- include/linux/brcmphy.h | 1 + include/linux/libata.h | 6 + include/linux/suspend.h | 6 + include/linux/usb/gadget.h | 25 ++ include/net/ip_tunnels.h | 15 ++ include/uapi/drm/amdgpu_drm.h | 21 -- io_uring/register.c | 1 + io_uring/rw.c | 2 +- kernel/events/core.c | 8 +- kernel/power/hibernate.c | 11 + kernel/sched/core.c | 2 + kernel/sched/deadline.c | 3 + kernel/sched/fair.c | 26 +- mm/slub.c | 9 +- net/can/j1939/main.c | 2 + net/core/dev.c | 40 ++- net/ipv4/ip_tunnel.c | 14 -- net/ipv4/tcp_output.c | 19 +- net/ipv6/ip6_tunnel.c | 3 +- net/tls/tls_main.c | 7 +- net/tls/tls_sw.c | 31 ++- rust/kernel/cpufreq.rs | 3 +- sound/firewire/amdtp-stream.h | 2 +- sound/hda/codecs/realtek/alc269.c | 1 + sound/hda/codecs/side-codecs/cs35l41_hda.c | 2 + sound/hda/codecs/side-codecs/hda_component.c | 4 + sound/hda/controllers/intel.c | 1 + sound/soc/amd/acp/acp-sdw-sof-mach.c | 2 +- sound/soc/codecs/idt821034.c | 12 +- sound/soc/codecs/nau8821.c | 115 +++++---- sound/usb/card.c | 10 +- .../testing/selftests/bpf/prog_tests/arg_parsing.c | 12 +- tools/testing/selftests/net/rtnetlink.sh | 2 + tools/testing/selftests/net/vlan_bridge_binding.sh | 2 + 209 files changed, 2401 insertions(+), 1254 deletions(-)

1 month

14
13
0 0

[PATCH] mtd: rawnand: cadence: fix DMA device NULL pointer dereference

by niravkumarlaxmidas.rabara＠altera.com

From: Niravkumar L Rabara <niravkumarlaxmidas.rabara(a)altera.com> The DMA device pointer `dma_dev` was being dereferenced before ensuring that `cdns_ctrl->dmac` is properly initialized. Move the assignment of `dma_dev` after successfully acquiring the DMA channel to ensure the pointer is valid before use. Fixes: d76d22b5096c ("mtd: rawnand: cadence: use dma_map_resource for sdma address") Cc: stable(a)vger.kernel.org Signed-off-by: Niravkumar L Rabara <niravkumarlaxmidas.rabara(a)altera.com> --- This patch fixes below kernel Oops: ... [ 1.469661] cadence-nand-controller 10b80000.nand-controller: IRQ: nr 21 [ 1.476591] Unable to handle kernel paging request at virtual address fffffffffffffff8 [ 1.484493] Mem abort info: [ 1.487280] ESR = 0x0000000096000004 [ 1.491019] EC = 0x25: DABT (current EL), IL = 32 bits [ 1.496318] SET = 0, FnV = 0 [ 1.499366] EA = 0, S1PTW = 0 [ 1.502499] FSC = 0x04: level 0 translation fault [ 1.507363] Data abort info: [ 1.510237] ISV = 0, ISS = 0x00000004 [ 1.514062] CM = 0, WnR = 0 [ 1.517024] swapper pgtable: 4k pages, 48-bit VAs, pgdp=0000000087a0a000 [ 1.523706] [fffffffffffffff8] pgd=0000000000000000, p4d=0000000000000000 [ 1.530490] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP ... drivers/mtd/nand/raw/cadence-nand-controller.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/mtd/nand/raw/cadence-nand-controller.c b/drivers/mtd/nand/raw/cadence-nand-controller.c index 6667eea95597..32ed38b89394 100644 --- a/drivers/mtd/nand/raw/cadence-nand-controller.c +++ b/drivers/mtd/nand/raw/cadence-nand-controller.c @@ -2871,7 +2871,7 @@ cadence_nand_irq_cleanup(int irqnum, struct cdns_nand_ctrl *cdns_ctrl) static int cadence_nand_init(struct cdns_nand_ctrl *cdns_ctrl) { dma_cap_mask_t mask; - struct dma_device *dma_dev = cdns_ctrl->dmac->device; + struct dma_device *dma_dev; int ret; cdns_ctrl->cdma_desc = dma_alloc_coherent(cdns_ctrl->dev, @@ -2915,6 +2915,7 @@ static int cadence_nand_init(struct cdns_nand_ctrl *cdns_ctrl) } } + dma_dev = cdns_ctrl->dmac->device; cdns_ctrl->io.iova_dma = dma_map_resource(dma_dev->dev, cdns_ctrl->io.dma, cdns_ctrl->io.size, DMA_BIDIRECTIONAL, 0); -- 2.25.1

1 month

2
1
0 0

[REGRESSION FIX resend 1/1] gpiolib: acpi: Make set debounce errors non fatal

by Hans de Goede

Commit 16c07342b542 ("gpiolib: acpi: Program debounce when finding GPIO") adds a gpio_set_debounce_timeout() call to acpi_find_gpio() and makes acpi_find_gpio() fail if this fails. But gpio_set_debounce_timeout() failing is a somewhat normal occurrence, since not all debounce values are supported on all GPIO/pinctrl chips. Making this an error for example break getting the card-detect GPIO for the micro-sd slot found on many Bay Trail tablets, breaking support for the micro-sd slot on these tablets. acpi_request_own_gpiod() already treats gpio_set_debounce_timeout() failures as non-fatal, just warning about them. Add a acpi_gpio_set_debounce_timeout() helper which wraps gpio_set_debounce_timeout() and warns on failures and replace both existing gpio_set_debounce_timeout() calls with the helper. Since the helper only warns on failures this fixes the card-detect issue. Fixes: 16c07342b542 ("gpiolib: acpi: Program debounce when finding GPIO") Cc: stable(a)vger.kernel.org Cc: Mario Limonciello <superm1(a)kernel.org> Signed-off-by: Hans de Goede <hansg(a)kernel.org> --- drivers/gpio/gpiolib-acpi-core.c | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/drivers/gpio/gpiolib-acpi-core.c b/drivers/gpio/gpiolib-acpi-core.c index 284e762d92c4..67c4c38afb86 100644 --- a/drivers/gpio/gpiolib-acpi-core.c +++ b/drivers/gpio/gpiolib-acpi-core.c @@ -291,6 +291,19 @@ acpi_gpio_to_gpiod_flags(const struct acpi_resource_gpio *agpio, int polarity) return GPIOD_ASIS; } +static void acpi_gpio_set_debounce_timeout(struct gpio_desc *desc, + unsigned int acpi_debounce) +{ + int ret; + + /* ACPI uses hundredths of milliseconds units */ + acpi_debounce *= 10; + ret = gpio_set_debounce_timeout(desc, acpi_debounce); + if (ret) + gpiod_warn(desc, "Failed to set debounce-timeout %u: %d\n", + acpi_debounce, ret); +} + static struct gpio_desc *acpi_request_own_gpiod(struct gpio_chip *chip, struct acpi_resource_gpio *agpio, unsigned int index, @@ -300,18 +313,12 @@ static struct gpio_desc *acpi_request_own_gpiod(struct gpio_chip *chip, enum gpiod_flags flags = acpi_gpio_to_gpiod_flags(agpio, polarity); unsigned int pin = agpio->pin_table[index]; struct gpio_desc *desc; - int ret; desc = gpiochip_request_own_desc(chip, pin, label, polarity, flags); if (IS_ERR(desc)) return desc; - /* ACPI uses hundredths of milliseconds units */ - ret = gpio_set_debounce_timeout(desc, agpio->debounce_timeout * 10); - if (ret) - dev_warn(chip->parent, - "Failed to set debounce-timeout for pin 0x%04X, err %d\n", - pin, ret); + acpi_gpio_set_debounce_timeout(desc, agpio->debounce_timeout); return desc; } @@ -944,7 +951,6 @@ struct gpio_desc *acpi_find_gpio(struct fwnode_handle *fwnode, bool can_fallback = acpi_can_fallback_to_crs(adev, con_id); struct acpi_gpio_info info = {}; struct gpio_desc *desc; - int ret; desc = __acpi_find_gpio(fwnode, con_id, idx, can_fallback, &info); if (IS_ERR(desc)) @@ -959,10 +965,7 @@ struct gpio_desc *acpi_find_gpio(struct fwnode_handle *fwnode, acpi_gpio_update_gpiod_flags(dflags, &info); acpi_gpio_update_gpiod_lookup_flags(lookupflags, &info); - /* ACPI uses hundredths of milliseconds units */ - ret = gpio_set_debounce_timeout(desc, info.debounce * 10); - if (ret) - return ERR_PTR(ret); + acpi_gpio_set_debounce_timeout(desc, info.debounce); return desc; } -- 2.51.0

1 month

3
2
0 0

[PATCH v2] mm/shmem: fix THP allocation and fallback loop

by Kairui Song

From: Kairui Song <kasong(a)tencent.com> The order check and fallback loop is updating the index value on every loop, this will cause the index to be aligned by a larger value while the loop shrinks the order. This may result in inserting and returning a folio of the wrong index and cause data corruption with some userspace workloads [1]. Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/linux-mm/CAMgjq7DqgAmj25nDUwwu1U2cSGSn8n4-Hqpgotted… [1] Fixes: e7a2ab7b3bb5d ("mm: shmem: add mTHP support for anonymous shmem") Signed-off-by: Kairui Song <kasong(a)tencent.com> --- Changes from V1: - Link to V1: https://lore.kernel.org/linux-mm/20251021190436.81682-1-ryncsn@gmail.com/ - Remove unnecessary cleanup and simplify the commit message. mm/shmem.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/mm/shmem.c b/mm/shmem.c index b50ce7dbc84a..7559773ebb30 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1895,10 +1895,11 @@ static struct folio *shmem_alloc_and_add_folio(struct vm_fault *vmf, order = highest_order(suitable_orders); while (suitable_orders) { pages = 1UL << order; - index = round_down(index, pages); - folio = shmem_alloc_folio(gfp, order, info, index); - if (folio) + folio = shmem_alloc_folio(gfp, order, info, round_down(index, pages)); + if (folio) { + index = round_down(index, pages); goto allocated; + } if (pages == HPAGE_PMD_NR) count_vm_event(THP_FILE_FALLBACK); -- 2.51.0

1 month

2
3
0 0

[PATCH v3] usb: gadget: udc: fix use-after-free in usb_gadget_state_work

by Jimmy Hu

A race condition during gadget teardown can lead to a use-after-free in usb_gadget_state_work(), as reported by KASAN: BUG: KASAN: invalid-access in sysfs_notify+0x2c/0xd0 Workqueue: events usb_gadget_state_work The fundamental race occurs because a concurrent event (e.g., an interrupt) can call usb_gadget_set_state() and schedule gadget->work at any time during the cleanup process in usb_del_gadget(). Commit 399a45e5237c ("usb: gadget: core: flush gadget workqueue after device removal") attempted to fix this by moving flush_work() to after device_del(). However, this does not fully solve the race, as a new work item can still be scheduled *after* flush_work() completes but before the gadget's memory is freed, leading to the same use-after-free. This patch fixes the race condition robustly by introducing a 'teardown' flag and a 'state_lock' spinlock to the usb_gadget struct. The flag is set during cleanup in usb_del_gadget() *before* calling flush_work() to prevent any new work from being scheduled once cleanup has commenced. The scheduling site, usb_gadget_set_state(), now checks this flag under the lock before queueing the work, thus safely closing the race window. Fixes: 5702f75375aa9 ("usb: gadget: udc-core: move sysfs_notify() to a workqueue") Cc: stable(a)vger.kernel.org Signed-off-by: Jimmy Hu <hhhuuu(a)google.com> --- Changes in v3: - Updated patch title to more accurately describe the bug. - Moved changelog below the '---' line as requested by Greg KH. - Rebased on usb-linus branch as requested by Greg KH. Changes in v2: - Removed redundant inline comments as suggested by Alan Stern. drivers/usb/gadget/udc/core.c | 17 ++++++++++++++++- include/linux/usb/gadget.h | 5 +++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/drivers/usb/gadget/udc/core.c b/drivers/usb/gadget/udc/core.c index 694653761c44..8dbe79bdc0f9 100644 --- a/drivers/usb/gadget/udc/core.c +++ b/drivers/usb/gadget/udc/core.c @@ -1126,8 +1126,13 @@ static void usb_gadget_state_work(struct work_struct *work) void usb_gadget_set_state(struct usb_gadget *gadget, enum usb_device_state state) { + unsigned long flags; + + spin_lock_irqsave(&gadget->state_lock, flags); gadget->state = state; - schedule_work(&gadget->work); + if (!gadget->teardown) + schedule_work(&gadget->work); + spin_unlock_irqrestore(&gadget->state_lock, flags); trace_usb_gadget_set_state(gadget, 0); } EXPORT_SYMBOL_GPL(usb_gadget_set_state); @@ -1361,6 +1366,8 @@ static void usb_udc_nop_release(struct device *dev) void usb_initialize_gadget(struct device *parent, struct usb_gadget *gadget, void (*release)(struct device *dev)) { + spin_lock_init(&gadget->state_lock); + gadget->teardown = false; INIT_WORK(&gadget->work, usb_gadget_state_work); gadget->dev.parent = parent; @@ -1535,6 +1542,7 @@ EXPORT_SYMBOL_GPL(usb_add_gadget_udc); void usb_del_gadget(struct usb_gadget *gadget) { struct usb_udc *udc = gadget->udc; + unsigned long flags; if (!udc) return; @@ -1548,6 +1556,13 @@ void usb_del_gadget(struct usb_gadget *gadget) kobject_uevent(&udc->dev.kobj, KOBJ_REMOVE); sysfs_remove_link(&udc->dev.kobj, "gadget"); device_del(&gadget->dev); + /* + * Set the teardown flag before flushing the work to prevent new work + * from being scheduled while we are cleaning up. + */ + spin_lock_irqsave(&gadget->state_lock, flags); + gadget->teardown = true; + spin_unlock_irqrestore(&gadget->state_lock, flags); flush_work(&gadget->work); ida_free(&gadget_id_numbers, gadget->id_number); cancel_work_sync(&udc->vbus_work); diff --git a/include/linux/usb/gadget.h b/include/linux/usb/gadget.h index 3aaf19e77558..8285b19a25e0 100644 --- a/include/linux/usb/gadget.h +++ b/include/linux/usb/gadget.h @@ -376,6 +376,9 @@ struct usb_gadget_ops { * can handle. The UDC must support this and all slower speeds and lower * number of lanes. * @state: the state we are now (attached, suspended, configured, etc) + * @state_lock: Spinlock protecting the `state` and `teardown` members. + * @teardown: True if the device is undergoing teardown, used to prevent + * new work from being scheduled during cleanup. * @name: Identifies the controller hardware type. Used in diagnostics * and sometimes configuration. * @dev: Driver model state for this abstract device. @@ -451,6 +454,8 @@ struct usb_gadget { enum usb_ssp_rate max_ssp_rate; enum usb_device_state state; + spinlock_t state_lock; + bool teardown; const char *name; struct device dev; unsigned isoch_delay; -- 2.51.1.814.gb8fa24458f-goog

1 month

1
0
0 0

[PATCH RESEND] drm/tegra: dc: fix reference leak in tegra_dc_couple()

by Ma Ke

driver_find_device() calls get_device() to increment the reference count once a matching device is found, but there is no put_device() to balance the reference count. To avoid reference count leakage, add put_device() to decrease the reference count. Found by code review. Cc: stable(a)vger.kernel.org Fixes: a31500fe7055 ("drm/tegra: dc: Restore coupling of display controllers") Signed-off-by: Ma Ke <make24(a)iscas.ac.cn> --- drivers/gpu/drm/tegra/dc.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/gpu/drm/tegra/dc.c b/drivers/gpu/drm/tegra/dc.c index 59d5c1ba145a..6c84bd69b11f 100644 --- a/drivers/gpu/drm/tegra/dc.c +++ b/drivers/gpu/drm/tegra/dc.c @@ -3148,6 +3148,7 @@ static int tegra_dc_couple(struct tegra_dc *dc) dc->client.parent = &parent->client; dev_dbg(dc->dev, "coupled to %s\n", dev_name(companion)); + put_device(companion); } return 0; -- 2.17.1

1 month

2
1
0 0

[PATCH] Revert "sched/core: Tweak wait_task_inactive() to force dequeue sched_delayed tasks"

by Matt Fleming

From: Matt Fleming <mfleming(a)cloudflare.com> This reverts commit b7ca5743a2604156d6083b88cefacef983f3a3a6. If we dequeue a task (task B) that was sched delayed then that task is definitely no longer on the rq and not tracked in the rbtree. Unfortunately, task_on_rq_queued(B) will still return true because dequeue_task() doesn't update p->on_rq. This inconsistency can lead to tasks (task A) spinning indefinitely in wait_task_inactive(), e.g. when delivering a fatal signal to a thread group, because it thinks the task B is still queued (it's not) and waits forever for it to unschedule. Task A Task B arch_do_signal_or_restart() get_signal() do_coredump() coredump_wait() zap_threads() arch_do_signal_or_restart() wait_task_inactive() <-- SPIN get_signal() do_group_exit() do_exit() coredump_task_exit() schedule() <--- never comes back Not only will task A spin forever in wait_task_inactive(), but task B will also trigger RCU stalls: INFO: rcu_tasks detected stalls on tasks: 00000000a973a4d8: .. nvcsw: 2/2 holdout: 1 idle_cpu: -1/79 task:ffmpeg state:I stack:0 pid:665601 tgid:665155 ppid:668691 task_flags:0x400448 flags:0x00004006 Call Trace: <TASK> __schedule+0x4fb/0xbf0 ? srso_return_thunk+0x5/0x5f schedule+0x27/0xf0 do_exit+0xdd/0xaa0 ? __pfx_futex_wake_mark+0x10/0x10 do_group_exit+0x30/0x80 get_signal+0x81e/0x860 ? srso_return_thunk+0x5/0x5f ? futex_wake+0x177/0x1a0 arch_do_signal_or_restart+0x2e/0x1f0 ? srso_return_thunk+0x5/0x5f ? srso_return_thunk+0x5/0x5f ? __x64_sys_futex+0x10c/0x1d0 syscall_exit_to_user_mode+0xa5/0x130 do_syscall_64+0x57/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7f22d05b0f16 RSP: 002b:00007f2265761cf0 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 0000000000000000 RCX: 00007f22d05b0f16 RDX: 0000000000000000 RSI: 0000000000000189 RDI: 00005629e320d97c RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000ffffffff R10: 0000000000000000 R11: 0000000000000246 R12: 00005629e320d928 R13: 0000000000000000 R14: 0000000000000001 R15: 00005629e320d97c </TASK> Fixes: b7ca5743a260 ("sched/core: Tweak wait_task_inactive() to force dequeue sched_delayed tasks") Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Oleg Nesterov <oleg(a)redhat.com> Cc: John Stultz <jstultz(a)google.com> Cc: Chris Arges <carges(a)cloudflare.com> Cc: stable(a)vger.kernel.org # v6.12 Signed-off-by: Matt Fleming <mfleming(a)cloudflare.com> --- kernel/sched/core.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/kernel/sched/core.c b/kernel/sched/core.c index ccba6fc3c3fe..2dfc3977920d 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -2293,12 +2293,6 @@ unsigned long wait_task_inactive(struct task_struct *p, unsigned int match_state * just go back and repeat. */ rq = task_rq_lock(p, &rf); - /* - * If task is sched_delayed, force dequeue it, to avoid always - * hitting the tick timeout in the queued case - */ - if (p->se.sched_delayed) - dequeue_task(rq, p, DEQUEUE_SLEEP | DEQUEUE_DELAYED); trace_sched_wait_task(p); running = task_on_cpu(rq, p); queued = task_on_rq_queued(p); -- 2.34.1

1 month

5
13
0 0

[PATCH 6.1.y v2] Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems"

by Leon Hwang

This reverts commit a584c7734a4dd050451fcdd65c66317e15660e81 to avoid the build error: map_hugetlb.c: In function 'main': map_hugetlb.c:79:25: warning: implicit declaration of function 'default_huge_page_size' [-Wimplicit-function-declaration] 79 | hugepage_size = default_huge_page_size(); Signed-off-by: Leon Hwang <leon.hwang(a)linux.dev> --- v1 -> v2: - Revert the commit instead of fixing the build error. - https://lore.kernel.org/linux-mm/20251022055138.375042-1-leon.hwang@linux.d… tools/testing/selftests/vm/map_hugetlb.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/tools/testing/selftests/vm/map_hugetlb.c b/tools/testing/selftests/vm/map_hugetlb.c index c65c55b7a789..312889edb84a 100644 --- a/tools/testing/selftests/vm/map_hugetlb.c +++ b/tools/testing/selftests/vm/map_hugetlb.c @@ -15,7 +15,6 @@ #include <unistd.h> #include <sys/mman.h> #include <fcntl.h> -#include "vm_util.h" #define LENGTH (256UL*1024*1024) #define PROTECTION (PROT_READ | PROT_WRITE) @@ -71,16 +70,10 @@ int main(int argc, char **argv) { void *addr; int ret; - size_t hugepage_size; size_t length = LENGTH; int flags = FLAGS; int shift = 0; - hugepage_size = default_huge_page_size(); - /* munmap with fail if the length is not page aligned */ - if (hugepage_size > length) - length = hugepage_size; - if (argc > 1) length = atol(argv[1]) << 20; if (argc > 2) { -- 2.51.0

1 month

1
0
0 0

[PATCH net 1/1] octeontx2-af: CGX: fix bitmap leaks

by Bo Sun

The RX/TX flow-control bitmaps (rx_fc_pfvf_bmap and tx_fc_pfvf_bmap) are allocated by cgx_lmac_init() but never freed in cgx_lmac_exit(). Unbinding and rebinding the driver therefore triggers kmemleak: unreferenced object (size 16): backtrace: rvu_alloc_bitmap cgx_probe Free both bitmaps during teardown. Fixes: e740003874ed ("octeontx2-af: Flow control resource management") Cc: stable(a)vger.kernel.org Signed-off-by: Bo Sun <bo(a)mboxify.com> --- drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/net/ethernet/marvell/octeontx2/af/cgx.c b/drivers/net/ethernet/marvell/octeontx2/af/cgx.c index ec0e11c77cbf..f56e6782c4de 100644 --- a/drivers/net/ethernet/marvell/octeontx2/af/cgx.c +++ b/drivers/net/ethernet/marvell/octeontx2/af/cgx.c @@ -1823,6 +1823,8 @@ static int cgx_lmac_exit(struct cgx *cgx) cgx->mac_ops->mac_pause_frm_config(cgx, lmac->lmac_id, false); cgx_configure_interrupt(cgx, lmac, lmac->lmac_id, true); kfree(lmac->mac_to_index_bmap.bmap); + kfree(lmac->rx_fc_pfvf_bmap.bmap); + kfree(lmac->tx_fc_pfvf_bmap.bmap); kfree(lmac->name); kfree(lmac); }

1 month

3
2
0 0

Re: [PATCH] ksmbd: transport_ipc: validate payload size before reading handle

by Namjae Jeon

On Wed, Oct 22, 2025 at 7:45 PM くさあさ <pioooooooooip(a)gmail.com> wrote: > > Hi Namjae, Steve, Hi, > > Thanks for updating the patch. I’ve reviewed the changes and they look good to me. Okay. > > Minor impact note: this patch prevents a 4-byte out-of-bounds read in ksmbd’s handle_response() when the declared Generic Netlink payload size is < 4. > If a remote client can influence ksmbd.mountd to emit a truncated payload, this could be remotely triggerable (info-leak/DoS potential). I don't understand how this is possible. Could you please explain it to me via private email? > If you consider this security-impacting, I’m happy to request a CVE via the kernel.org CNA. > > Thanks!! > Qianchang Zhao

1 month

1
0
0 0

[PATCH 6.1.y] net: mctp: Don't access ifa_index when missing

by Vasiliy Kovalev

From: Matt Johnston <matt(a)codeconstruct.com.au> commit f11cf946c0a92c560a890d68e4775723353599e1 upstream. In mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but only when the struct ifaddrmsg is provided. Otherwise it will be comparing to uninitialised memory - reproducible in the syzkaller case from dhcpd, or busybox "ip addr show". The kernel MCTP implementation has always filtered by ifa_index, so existing userspace programs expecting to dump MCTP addresses must already be passing a valid ifa_index value (either 0 or a real index). BUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128 mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128 rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380 rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824 netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309 Fixes: 583be982d934 ("mctp: Add device handling and netlink interface") Reported-by: syzbot+e76d52dadc089b9d197f(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/68135815.050a0220.3a872c.000e.GAE@google.com/ Reported-by: syzbot+1065a199625a388fce60(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/681357d6.050a0220.14dd7d.000d.GAE@google.com/ Signed-off-by: Matt Johnston <matt(a)codeconstruct.com.au> Link: https://patch.msgid.link/20250508-mctp-addr-dump-v2-1-c8a53fd2dd66@codecons… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> [ kovalev: bp to fix CVE-2025-38006 ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- net/mctp/device.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/net/mctp/device.c b/net/mctp/device.c index 85cc5f31f1e7..27aee8b04055 100644 --- a/net/mctp/device.c +++ b/net/mctp/device.c @@ -119,12 +119,19 @@ static int mctp_dump_addrinfo(struct sk_buff *skb, struct netlink_callback *cb) struct net_device *dev; struct ifaddrmsg *hdr; struct mctp_dev *mdev; - int ifindex; + int ifindex = 0; int idx = 0, rc; - hdr = nlmsg_data(cb->nlh); - // filter by ifindex if requested - ifindex = hdr->ifa_index; + /* Filter by ifindex if a header is provided */ + if (cb->nlh->nlmsg_len >= nlmsg_msg_size(sizeof(*hdr))) { + hdr = nlmsg_data(cb->nlh); + ifindex = hdr->ifa_index; + } else { + if (cb->strict_check) { + NL_SET_ERR_MSG(cb->extack, "mctp: Invalid header for addr dump request"); + return -EINVAL; + } + } rcu_read_lock(); for (; mcb->h < NETDEV_HASHENTRIES; mcb->h++, mcb->idx = 0) { -- 2.50.1

1 month

1
0
0 0

+ mm-shmem-fix-thp-allocation-and-fallback-loop.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/shmem: fix THP allocation and fallback loop has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-shmem-fix-thp-allocation-and-fallback-loop.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Kairui Song <kasong(a)tencent.com> Subject: mm/shmem: fix THP allocation and fallback loop Date: Wed, 22 Oct 2025 18:57:19 +0800 The order check and fallback loop is updating the index value on every loop, this will cause the index to be aligned by a larger value while the loop shrinks the order. This may result in inserting and returning a folio of the wrong index and cause data corruption with some userspace workloads [1]. Link: https://lkml.kernel.org/r/20251022105719.18321-1-ryncsn@gmail.com Link: https://lore.kernel.org/linux-mm/CAMgjq7DqgAmj25nDUwwu1U2cSGSn8n4-Hqpgotted… [1] Fixes: e7a2ab7b3bb5d ("mm: shmem: add mTHP support for anonymous shmem") Signed-off-by: Kairui Song <kasong(a)tencent.com> Cc: Baolin Wang <baolin.wang(a)linux.alibaba.com> Cc: Barry Song <baohua(a)kernel.org> Cc: David Hildenbrand <david(a)redhat.com> Cc: Dev Jain <dev.jain(a)arm.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Liam Howlett <liam.howlett(a)oracle.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Nico Pache <npache(a)redhat.com> Cc: Ryan Roberts <ryan.roberts(a)arm.com> Cc: Zi Yan <ziy(a)nvidia.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/shmem.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) --- a/mm/shmem.c~mm-shmem-fix-thp-allocation-and-fallback-loop +++ a/mm/shmem.c @@ -1895,10 +1895,11 @@ static struct folio *shmem_alloc_and_add order = highest_order(suitable_orders); while (suitable_orders) { pages = 1UL << order; - index = round_down(index, pages); - folio = shmem_alloc_folio(gfp, order, info, index); - if (folio) + folio = shmem_alloc_folio(gfp, order, info, round_down(index, pages)); + if (folio) { + index = round_down(index, pages); goto allocated; + } if (pages == HPAGE_PMD_NR) count_vm_event(THP_FILE_FALLBACK); _ Patches currently in -mm which might be from kasong(a)tencent.com are mm-shmem-fix-thp-allocation-and-fallback-loop.patch

1 month

1
0
0 0

[PATCH 5.10/5.15] cpufreq: davinci: Fix clk use after free

by Vasiliy Kovalev

From: Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> [ Upstream commit 5d8f384a9b4fc50f6a18405f1c08e5a87a77b5b3 ] The remove function first frees the clks and only then calls cpufreq_unregister_driver(). If one of the cpufreq callbacks is called just before cpufreq_unregister_driver() is run, the freed clks might be used. Fixes: 6601b8030de3 ("davinci: add generic CPUFreq driver for DaVinci") Signed-off-by: Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> Acked-by: Viresh Kumar <viresh.kumar(a)linaro.org> Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> (cherry picked from commit a5f024d0e6f91e05c816ad4ee8837173369dd5cb) [ kovalev: bp to fix CVE-2023-53544 ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- drivers/cpufreq/davinci-cpufreq.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/cpufreq/davinci-cpufreq.c b/drivers/cpufreq/davinci-cpufreq.c index 91f477a6cbc4..62380f05aec8 100644 --- a/drivers/cpufreq/davinci-cpufreq.c +++ b/drivers/cpufreq/davinci-cpufreq.c @@ -133,12 +133,14 @@ static int __init davinci_cpufreq_probe(struct platform_device *pdev) static int __exit davinci_cpufreq_remove(struct platform_device *pdev) { + cpufreq_unregister_driver(&davinci_driver); + clk_put(cpufreq.armclk); if (cpufreq.asyncclk) clk_put(cpufreq.asyncclk); - return cpufreq_unregister_driver(&davinci_driver); + return 0; } static struct platform_driver davinci_cpufreq_driver = { -- 2.50.1

1 month

1
0
0 0

[PATCH v2] ACPI: video: Fix use-after-free in acpi_video_switch_brightness()

by Yuhao Jiang

The switch_brightness_work delayed work accesses device->brightness and device->backlight, which are freed by acpi_video_dev_unregister_backlight() during device removal. If the work executes after acpi_video_bus_unregister_backlight() frees these resources, it causes a use-after-free when acpi_video_switch_brightness() dereferences device->brightness or device->backlight. Fix this by calling cancel_delayed_work_sync() for each device's switch_brightness_work before unregistering its backlight resources. This ensures the work completes before the memory is freed. Fixes: 8ab58e8e7e097 ("ACPI / video: Fix backlight taking 2 steps on a brightness up/down keypress") Cc: stable(a)vger.kernel.org Signed-off-by: Yuhao Jiang <danisjiang(a)gmail.com> --- Changes in v2: - Move cancel_delayed_work_sync() to acpi_video_bus_unregister_backlight() instead of acpi_video_bus_put_devices() for better logic clarity and to prevent potential UAF of device->brightness - Correct Fixes tag to point to 8ab58e8e7e097 which introduced the delayed work - Link to v1: https://lore.kernel.org/all/20251022040859.2102914-1-danisjiang@gmail.com --- drivers/acpi/acpi_video.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/acpi/acpi_video.c b/drivers/acpi/acpi_video.c index 103f29661576..64709658bdc4 100644 --- a/drivers/acpi/acpi_video.c +++ b/drivers/acpi/acpi_video.c @@ -1869,8 +1869,10 @@ static int acpi_video_bus_unregister_backlight(struct acpi_video_bus *video) error = unregister_pm_notifier(&video->pm_nb); mutex_lock(&video->device_list_lock); - list_for_each_entry(dev, &video->video_device_list, entry) + list_for_each_entry(dev, &video->video_device_list, entry) { + cancel_delayed_work_sync(&dev->switch_brightness_work); acpi_video_dev_unregister_backlight(dev); + } mutex_unlock(&video->device_list_lock); video->backlight_registered = false; -- 2.34.1

1 month

2
2
0 0

[PATCH 5.10.y] ionic: catch failure from devlink_alloc

by Vasiliy Kovalev

From: Shannon Nelson <shannon.nelson(a)amd.com> commit 4a54903ff68ddb33b6463c94b4eb37fc584ef760 upstream. Add a check for NULL on the alloc return. If devlink_alloc() fails and we try to use devlink_priv() on the NULL return, the kernel gets very unhappy and panics. With this fix, the driver load will still fail, but at least it won't panic the kernel. Fixes: df69ba43217d ("ionic: Add basic framework for IONIC Network device driver") Signed-off-by: Shannon Nelson <shannon.nelson(a)amd.com> Reviewed-by: Simon Horman <simon.horman(a)corigine.com> Reviewed-by: Jiri Pirko <jiri(a)nvidia.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> [ kovalev: bp to fix CVE-2023-53470 ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- drivers/net/ethernet/pensando/ionic/ionic_devlink.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/net/ethernet/pensando/ionic/ionic_devlink.c b/drivers/net/ethernet/pensando/ionic/ionic_devlink.c index 3d94064c685d..52ebecf2521e 100644 --- a/drivers/net/ethernet/pensando/ionic/ionic_devlink.c +++ b/drivers/net/ethernet/pensando/ionic/ionic_devlink.c @@ -65,6 +65,8 @@ struct ionic *ionic_devlink_alloc(struct device *dev) struct devlink *dl; dl = devlink_alloc(&ionic_dl_ops, sizeof(struct ionic)); + if (!dl) + return NULL; return devlink_priv(dl); } -- 2.50.1

1 month

1
0
0 0

[PATCH v7 1/8] iommu: Disable SVA when CONFIG_X86 is set

by Lu Baolu

In the IOMMU Shared Virtual Addressing (SVA) context, the IOMMU hardware shares and walks the CPU's page tables. The x86 architecture maps the kernel's virtual address space into the upper portion of every process's page table. Consequently, in an SVA context, the IOMMU hardware can walk and cache kernel page table entries. The Linux kernel currently lacks a notification mechanism for kernel page table changes, specifically when page table pages are freed and reused. The IOMMU driver is only notified of changes to user virtual address mappings. This can cause the IOMMU's internal caches to retain stale entries for kernel VA. Use-After-Free (UAF) and Write-After-Free (WAF) conditions arise when kernel page table pages are freed and later reallocated. The IOMMU could misinterpret the new data as valid page table entries. The IOMMU might then walk into attacker-controlled memory, leading to arbitrary physical memory DMA access or privilege escalation. This is also a Write-After-Free issue, as the IOMMU will potentially continue to write Accessed and Dirty bits to the freed memory while attempting to walk the stale page tables. Currently, SVA contexts are unprivileged and cannot access kernel mappings. However, the IOMMU will still walk kernel-only page tables all the way down to the leaf entries, where it realizes the mapping is for the kernel and errors out. This means the IOMMU still caches these intermediate page table entries, making the described vulnerability a real concern. Disable SVA on x86 architecture until the IOMMU can receive notification to flush the paging cache before freeing the CPU kernel page table pages. Fixes: 26b25a2b98e4 ("iommu: Bind process address spaces to devices") Cc: stable(a)vger.kernel.org Suggested-by: Jason Gunthorpe <jgg(a)nvidia.com> Signed-off-by: Lu Baolu <baolu.lu(a)linux.intel.com> --- drivers/iommu/iommu-sva.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/iommu/iommu-sva.c b/drivers/iommu/iommu-sva.c index 1a51cfd82808..a0442faad952 100644 --- a/drivers/iommu/iommu-sva.c +++ b/drivers/iommu/iommu-sva.c @@ -77,6 +77,9 @@ struct iommu_sva *iommu_sva_bind_device(struct device *dev, struct mm_struct *mm if (!group) return ERR_PTR(-ENODEV); + if (IS_ENABLED(CONFIG_X86)) + return ERR_PTR(-EOPNOTSUPP); + mutex_lock(&iommu_sva_lock); /* Allocate mm->pasid if necessary. */ -- 2.43.0

1 month

2
1
0 0

[PATCH 5.10.y] firewire: net: fix use after free in fwnet_finish_incoming_packet()

by Vasiliy Kovalev

From: Zhang Shurong <zhang_shurong(a)foxmail.com> commit 3ff256751a2853e1ffaa36958ff933ccc98c6cb5 upstream. The netif_rx() function frees the skb so we can't dereference it to save the skb->len. Signed-off-by: Zhang Shurong <zhang_shurong(a)foxmail.com> Link: https://lore.kernel.org/r/tencent_3B3D24B66ED66A6BB73CC0E63C6A14E45109@qq.c… Signed-off-by: Takashi Sakamoto <o-takashi(a)sakamocchi.jp> [ kovalev: bp to fix CVE-2023-53432 ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- drivers/firewire/net.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/firewire/net.c b/drivers/firewire/net.c index 715e491dfbc3..8504e95ede90 100644 --- a/drivers/firewire/net.c +++ b/drivers/firewire/net.c @@ -489,7 +489,7 @@ static int fwnet_finish_incoming_packet(struct net_device *net, bool is_broadcast, u16 ether_type) { struct fwnet_device *dev; - int status; + int status, len; __be64 guid; switch (ether_type) { @@ -546,13 +546,15 @@ static int fwnet_finish_incoming_packet(struct net_device *net, } skb->protocol = protocol; } + + len = skb->len; status = netif_rx(skb); if (status == NET_RX_DROP) { net->stats.rx_errors++; net->stats.rx_dropped++; } else { net->stats.rx_packets++; - net->stats.rx_bytes += skb->len; + net->stats.rx_bytes += len; } return 0; -- 2.50.1

1 month

1
0
0 0

+ iommu-disable-sva-when-config_x86-is-set.patch added to mm-new branch

by Andrew Morton

The patch titled Subject: iommu: disable SVA when CONFIG_X86 is set has been added to the -mm mm-new branch. Its filename is iommu-disable-sva-when-config_x86-is-set.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-new branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Note, mm-new is a provisional staging ground for work-in-progress patches, and acceptance into mm-new is a notification for others take notice and to finish up reviews. Please do not hesitate to respond to review feedback and post updated versions to replace or incrementally fixup patches in mm-new. Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Lu Baolu <baolu.lu(a)linux.intel.com> Subject: iommu: disable SVA when CONFIG_X86 is set Date: Wed, 22 Oct 2025 16:26:27 +0800 Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing (SVA). In an SVA context, an IOMMU can cache kernel page table entries. When a kernel page table page is freed and reallocated for another purpose, the IOMMU might still hold stale, incorrect entries. This can be exploited to cause a use-after-free or write-after-free condition, potentially leading to privilege escalation or data corruption. This solution introduces a deferred freeing mechanism for kernel page table pages, which provides a safe window to notify the IOMMU to invalidate its caches before the page is reused. This patch (of 8): In the IOMMU Shared Virtual Addressing (SVA) context, the IOMMU hardware shares and walks the CPU's page tables. The x86 architecture maps the kernel's virtual address space into the upper portion of every process's page table. Consequently, in an SVA context, the IOMMU hardware can walk and cache kernel page table entries. The Linux kernel currently lacks a notification mechanism for kernel page table changes, specifically when page table pages are freed and reused. The IOMMU driver is only notified of changes to user virtual address mappings. This can cause the IOMMU's internal caches to retain stale entries for kernel VA. Use-After-Free (UAF) and Write-After-Free (WAF) conditions arise when kernel page table pages are freed and later reallocated. The IOMMU could misinterpret the new data as valid page table entries. The IOMMU might then walk into attacker-controlled memory, leading to arbitrary physical memory DMA access or privilege escalation. This is also a Write-After-Free issue, as the IOMMU will potentially continue to write Accessed and Dirty bits to the freed memory while attempting to walk the stale page tables. Currently, SVA contexts are unprivileged and cannot access kernel mappings. However, the IOMMU will still walk kernel-only page tables all the way down to the leaf entries, where it realizes the mapping is for the kernel and errors out. This means the IOMMU still caches these intermediate page table entries, making the described vulnerability a real concern. Disable SVA on x86 architecture until the IOMMU can receive notification to flush the paging cache before freeing the CPU kernel page table pages. Link: https://lkml.kernel.org/r/20251022082635.2462433-1-baolu.lu@linux.intel.com Link: https://lkml.kernel.org/r/20251022082635.2462433-2-baolu.lu@linux.intel.com Fixes: 26b25a2b98e4 ("iommu: Bind process address spaces to devices") Signed-off-by: Lu Baolu <baolu.lu(a)linux.intel.com> Suggested-by: Jason Gunthorpe <jgg(a)nvidia.com> Cc: Alistair Popple <apopple(a)nvidia.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Borislav Betkov <bp(a)alien8.de> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Jann Horn <jannh(a)google.com> Cc: Jean-Philippe Brucker <jean-philippe(a)linaro.org> Cc: Joerg Roedel <joro(a)8bytes.org> Cc: Kevin Tian <kevin.tian(a)intel.com> Cc: Liam Howlett <liam.howlett(a)oracle.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: Mike Rapoport <rppt(a)kernel.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Robin Murohy <robin.murphy(a)arm.com> Cc: Thomas Gleinxer <tglx(a)linutronix.de> Cc: "Uladzislau Rezki (Sony)" <urezki(a)gmail.com> Cc: Vasant Hegde <vasant.hegde(a)amd.com> Cc: Vinicius Costa Gomes <vinicius.gomes(a)intel.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Will Deacon <will(a)kernel.org> Cc: Yi Lai <yi1.lai(a)intel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- drivers/iommu/iommu-sva.c | 3 +++ 1 file changed, 3 insertions(+) --- a/drivers/iommu/iommu-sva.c~iommu-disable-sva-when-config_x86-is-set +++ a/drivers/iommu/iommu-sva.c @@ -77,6 +77,9 @@ struct iommu_sva *iommu_sva_bind_device( if (!group) return ERR_PTR(-ENODEV); + if (IS_ENABLED(CONFIG_X86)) + return ERR_PTR(-EOPNOTSUPP); + mutex_lock(&iommu_sva_lock); /* Allocate mm->pasid if necessary. */ _ Patches currently in -mm which might be from baolu.lu(a)linux.intel.com are iommu-disable-sva-when-config_x86-is-set.patch x86-mm-use-pagetable_free.patch iommu-sva-invalidate-stale-iotlb-entries-for-kernel-address-space.patch

1 month

1
0
0 0

[PATCH 5.10.y] RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device

by Vasiliy Kovalev

From: Shay Drory <shayd(a)nvidia.com> commit 38b50aa44495d5eb4218f0b82fc2da76505cec53 upstream. Currently, when mlx5_ib_get_hw_stats() is used for device (port_num = 0), there is a special handling in order to use the correct counters, but, port_num is being passed down the stack without any change. Also, some functions assume that port_num >=1. As a result, the following oops can occur. BUG: unable to handle page fault for address: ffff89510294f1a8 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 0 P4D 0 Oops: 0002 [#1] SMP CPU: 8 PID: 1382 Comm: devlink Tainted: G W 6.1.0-rc4_for_upstream_base_2022_11_10_16_12 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 RIP: 0010:_raw_spin_lock+0xc/0x20 Call Trace: <TASK> mlx5_ib_get_native_port_mdev+0x73/0xe0 [mlx5_ib] do_get_hw_stats.constprop.0+0x109/0x160 [mlx5_ib] mlx5_ib_get_hw_stats+0xad/0x180 [mlx5_ib] ib_setup_device_attrs+0xf0/0x290 [ib_core] ib_register_device+0x3bb/0x510 [ib_core] ? atomic_notifier_chain_register+0x67/0x80 __mlx5_ib_add+0x2b/0x80 [mlx5_ib] mlx5r_probe+0xb8/0x150 [mlx5_ib] ? auxiliary_match_id+0x6a/0x90 auxiliary_bus_probe+0x3c/0x70 ? driver_sysfs_add+0x6b/0x90 really_probe+0xcd/0x380 __driver_probe_device+0x80/0x170 driver_probe_device+0x1e/0x90 __device_attach_driver+0x7d/0x100 ? driver_allows_async_probing+0x60/0x60 ? driver_allows_async_probing+0x60/0x60 bus_for_each_drv+0x7b/0xc0 __device_attach+0xbc/0x200 bus_probe_device+0x87/0xa0 device_add+0x404/0x940 ? dev_set_name+0x53/0x70 __auxiliary_device_add+0x43/0x60 add_adev+0x99/0xe0 [mlx5_core] mlx5_attach_device+0xc8/0x120 [mlx5_core] mlx5_load_one_devl_locked+0xb2/0xe0 [mlx5_core] devlink_reload+0x133/0x250 devlink_nl_cmd_reload+0x480/0x570 ? devlink_nl_pre_doit+0x44/0x2b0 genl_family_rcv_msg_doit.isra.0+0xc2/0x110 genl_rcv_msg+0x180/0x2b0 ? devlink_nl_cmd_region_read_dumpit+0x540/0x540 ? devlink_reload+0x250/0x250 ? devlink_put+0x50/0x50 ? genl_family_rcv_msg_doit.isra.0+0x110/0x110 netlink_rcv_skb+0x54/0x100 genl_rcv+0x24/0x40 netlink_unicast+0x1f6/0x2c0 netlink_sendmsg+0x237/0x490 sock_sendmsg+0x33/0x40 __sys_sendto+0x103/0x160 ? handle_mm_fault+0x10e/0x290 ? do_user_addr_fault+0x1c0/0x5f0 __x64_sys_sendto+0x25/0x30 do_syscall_64+0x3d/0x90 entry_SYSCALL_64_after_hwframe+0x46/0xb0 Fix it by setting port_num to 1 in order to get device status and remove unused variable. Fixes: aac4492ef23a ("IB/mlx5: Update counter implementation for dual port RoCE") Link: https://lore.kernel.org/r/98b82994c3cd3fa593b8a75ed3f3901e208beb0f.16722317… Signed-off-by: Shay Drory <shayd(a)nvidia.com> Reviewed-by: Patrisious Haddad <phaddad(a)nvidia.com> Signed-off-by: Leon Romanovsky <leon(a)kernel.org> [ kovalev: bp to fix CVE-2023-53393 ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- drivers/infiniband/hw/mlx5/counters.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/infiniband/hw/mlx5/counters.c b/drivers/infiniband/hw/mlx5/counters.c index 33636268d43d..29b38cf055be 100644 --- a/drivers/infiniband/hw/mlx5/counters.c +++ b/drivers/infiniband/hw/mlx5/counters.c @@ -249,7 +249,6 @@ static int mlx5_ib_get_hw_stats(struct ib_device *ibdev, const struct mlx5_ib_counters *cnts = get_counters(dev, port_num - 1); struct mlx5_core_dev *mdev; int ret, num_counters; - u8 mdev_port_num; if (!stats) return -EINVAL; @@ -270,8 +269,9 @@ static int mlx5_ib_get_hw_stats(struct ib_device *ibdev, } if (MLX5_CAP_GEN(dev->mdev, cc_query_allowed)) { - mdev = mlx5_ib_get_native_port_mdev(dev, port_num, - &mdev_port_num); + if (!port_num) + port_num = 1; + mdev = mlx5_ib_get_native_port_mdev(dev, port_num, NULL); if (!mdev) { /* If port is not affiliated yet, its in down state * which doesn't have any counters yet, so it would be -- 2.50.1

1 month

1
0
0 0

[PATCH 2/2] io_uring/sqpoll: be smarter on when to update the stime usage

by Jens Axboe

The current approach is a bit naive, and hence calls the time querying way too often. Only start the "doing work" timer when there's actual work to do, and then use that information to terminate (and account) the work time once done. This greatly reduces the frequency of these calls, when they cannot have changed anyway. Running a basic random reader that is setup to use SQPOLL, a profile before this change shows these as the top cycle consumers: + 32.60% iou-sqp-1074 [kernel.kallsyms] [k] thread_group_cputime_adjusted + 19.97% iou-sqp-1074 [kernel.kallsyms] [k] thread_group_cputime + 12.20% io_uring io_uring [.] submitter_uring_fn + 4.13% iou-sqp-1074 [kernel.kallsyms] [k] getrusage + 2.45% iou-sqp-1074 [kernel.kallsyms] [k] io_submit_sqes + 2.18% iou-sqp-1074 [kernel.kallsyms] [k] __pi_memset_generic + 2.09% iou-sqp-1074 [kernel.kallsyms] [k] cputime_adjust and after this change, top of profile looks as follows: + 36.23% io_uring io_uring [.] submitter_uring_fn + 23.26% iou-sqp-819 [kernel.kallsyms] [k] io_sq_thread + 10.14% iou-sqp-819 [kernel.kallsyms] [k] io_sq_tw + 6.52% iou-sqp-819 [kernel.kallsyms] [k] tctx_task_work_run + 4.82% iou-sqp-819 [kernel.kallsyms] [k] nvme_submit_cmds.part.0 + 2.91% iou-sqp-819 [kernel.kallsyms] [k] io_submit_sqes [...] 0.02% iou-sqp-819 [kernel.kallsyms] [k] cputime_adjust where it's spending the cycles on things that actually matter. Reported-by: Fengnan Chang <changfengnan(a)bytedance.com> Cc: stable(a)vger.kernel.org Fixes: 3fcb9d17206e ("io_uring/sqpoll: statistics of the true utilization of sq threads") Signed-off-by: Jens Axboe <axboe(a)kernel.dk> --- io_uring/sqpoll.c | 43 ++++++++++++++++++++++++++++++++----------- 1 file changed, 32 insertions(+), 11 deletions(-) diff --git a/io_uring/sqpoll.c b/io_uring/sqpoll.c index 2b816fdb9866..e22f072c7d5f 100644 --- a/io_uring/sqpoll.c +++ b/io_uring/sqpoll.c @@ -170,6 +170,11 @@ static inline bool io_sqd_events_pending(struct io_sq_data *sqd) return READ_ONCE(sqd->state); } +struct io_sq_time { + bool started; + u64 usec; +}; + u64 io_sq_cpu_usec(struct task_struct *tsk) { u64 utime, stime; @@ -179,12 +184,24 @@ u64 io_sq_cpu_usec(struct task_struct *tsk) return stime; } -static void io_sq_update_worktime(struct io_sq_data *sqd, u64 usec) +static void io_sq_update_worktime(struct io_sq_data *sqd, struct io_sq_time *ist) +{ + if (!ist->started) + return; + ist->started = false; + sqd->work_time += io_sq_cpu_usec(current) - ist->usec; +} + +static void io_sq_start_worktime(struct io_sq_time *ist) { - sqd->work_time += io_sq_cpu_usec(current) - usec; + if (ist->started) + return; + ist->started = true; + ist->usec = io_sq_cpu_usec(current); } -static int __io_sq_thread(struct io_ring_ctx *ctx, bool cap_entries) +static int __io_sq_thread(struct io_ring_ctx *ctx, struct io_sq_data *sqd, + bool cap_entries, struct io_sq_time *ist) { unsigned int to_submit; int ret = 0; @@ -197,6 +214,8 @@ static int __io_sq_thread(struct io_ring_ctx *ctx, bool cap_entries) if (to_submit || !wq_list_empty(&ctx->iopoll_list)) { const struct cred *creds = NULL; + io_sq_start_worktime(ist); + if (ctx->sq_creds != current_cred()) creds = override_creds(ctx->sq_creds); @@ -278,7 +297,6 @@ static int io_sq_thread(void *data) unsigned long timeout = 0; char buf[TASK_COMM_LEN] = {}; DEFINE_WAIT(wait); - u64 start; /* offload context creation failed, just exit */ if (!current->io_uring) { @@ -313,6 +331,7 @@ static int io_sq_thread(void *data) mutex_lock(&sqd->lock); while (1) { bool cap_entries, sqt_spin = false; + struct io_sq_time ist = { }; if (io_sqd_events_pending(sqd) || signal_pending(current)) { if (io_sqd_handle_event(sqd)) @@ -321,9 +340,8 @@ static int io_sq_thread(void *data) } cap_entries = !list_is_singular(&sqd->ctx_list); - start = io_sq_cpu_usec(current); list_for_each_entry(ctx, &sqd->ctx_list, sqd_list) { - int ret = __io_sq_thread(ctx, cap_entries); + int ret = __io_sq_thread(ctx, sqd, cap_entries, &ist); if (!sqt_spin && (ret > 0 || !wq_list_empty(&ctx->iopoll_list))) sqt_spin = true; @@ -331,15 +349,18 @@ static int io_sq_thread(void *data) if (io_sq_tw(&retry_list, IORING_TW_CAP_ENTRIES_VALUE)) sqt_spin = true; - list_for_each_entry(ctx, &sqd->ctx_list, sqd_list) - if (io_napi(ctx)) + list_for_each_entry(ctx, &sqd->ctx_list, sqd_list) { + if (io_napi(ctx)) { + io_sq_start_worktime(&ist); io_napi_sqpoll_busy_poll(ctx); + } + } + + io_sq_update_worktime(sqd, &ist); if (sqt_spin || !time_after(jiffies, timeout)) { - if (sqt_spin) { - io_sq_update_worktime(sqd, start); + if (sqt_spin) timeout = jiffies + sqd->sq_thread_idle; - } if (unlikely(need_resched())) { mutex_unlock(&sqd->lock); cond_resched(); -- 2.51.0

1 month

1
0
0 0

[PATCH 1/2] io_uring/sqpoll: switch away from getrusage() for CPU accounting

by Jens Axboe

getrusage() does a lot more than what the SQPOLL accounting needs, the latter only cares about (and uses) the stime. Rather than do a full RUSAGE_SELF summation, just query the used stime instead. Cc: stable(a)vger.kernel.org Fixes: 3fcb9d17206e ("io_uring/sqpoll: statistics of the true utilization of sq threads") Reviewed-by: Gabriel Krisman Bertazi <krisman(a)suse.de> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> --- io_uring/fdinfo.c | 8 ++++---- io_uring/sqpoll.c | 32 ++++++++++++++++++-------------- io_uring/sqpoll.h | 1 + 3 files changed, 23 insertions(+), 18 deletions(-) diff --git a/io_uring/fdinfo.c b/io_uring/fdinfo.c index ff3364531c77..294c75a8a3bd 100644 --- a/io_uring/fdinfo.c +++ b/io_uring/fdinfo.c @@ -59,7 +59,6 @@ static void __io_uring_show_fdinfo(struct io_ring_ctx *ctx, struct seq_file *m) { struct io_overflow_cqe *ocqe; struct io_rings *r = ctx->rings; - struct rusage sq_usage; unsigned int sq_mask = ctx->sq_entries - 1, cq_mask = ctx->cq_entries - 1; unsigned int sq_head = READ_ONCE(r->sq.head); unsigned int sq_tail = READ_ONCE(r->sq.tail); @@ -152,14 +151,15 @@ static void __io_uring_show_fdinfo(struct io_ring_ctx *ctx, struct seq_file *m) * thread termination. */ if (tsk) { + u64 usec; + get_task_struct(tsk); rcu_read_unlock(); - getrusage(tsk, RUSAGE_SELF, &sq_usage); + usec = io_sq_cpu_usec(tsk); put_task_struct(tsk); sq_pid = sq->task_pid; sq_cpu = sq->sq_cpu; - sq_total_time = (sq_usage.ru_stime.tv_sec * 1000000 - + sq_usage.ru_stime.tv_usec); + sq_total_time = usec; sq_work_time = sq->work_time; } else { rcu_read_unlock(); diff --git a/io_uring/sqpoll.c b/io_uring/sqpoll.c index a3f11349ce06..2b816fdb9866 100644 --- a/io_uring/sqpoll.c +++ b/io_uring/sqpoll.c @@ -11,6 +11,7 @@ #include <linux/audit.h> #include <linux/security.h> #include <linux/cpuset.h> +#include <linux/sched/cputime.h> #include <linux/io_uring.h> #include <uapi/linux/io_uring.h> @@ -169,6 +170,20 @@ static inline bool io_sqd_events_pending(struct io_sq_data *sqd) return READ_ONCE(sqd->state); } +u64 io_sq_cpu_usec(struct task_struct *tsk) +{ + u64 utime, stime; + + task_cputime_adjusted(tsk, &utime, &stime); + do_div(stime, 1000); + return stime; +} + +static void io_sq_update_worktime(struct io_sq_data *sqd, u64 usec) +{ + sqd->work_time += io_sq_cpu_usec(current) - usec; +} + static int __io_sq_thread(struct io_ring_ctx *ctx, bool cap_entries) { unsigned int to_submit; @@ -255,26 +270,15 @@ static bool io_sq_tw_pending(struct llist_node *retry_list) return retry_list || !llist_empty(&tctx->task_list); } -static void io_sq_update_worktime(struct io_sq_data *sqd, struct rusage *start) -{ - struct rusage end; - - getrusage(current, RUSAGE_SELF, &end); - end.ru_stime.tv_sec -= start->ru_stime.tv_sec; - end.ru_stime.tv_usec -= start->ru_stime.tv_usec; - - sqd->work_time += end.ru_stime.tv_usec + end.ru_stime.tv_sec * 1000000; -} - static int io_sq_thread(void *data) { struct llist_node *retry_list = NULL; struct io_sq_data *sqd = data; struct io_ring_ctx *ctx; - struct rusage start; unsigned long timeout = 0; char buf[TASK_COMM_LEN] = {}; DEFINE_WAIT(wait); + u64 start; /* offload context creation failed, just exit */ if (!current->io_uring) { @@ -317,7 +321,7 @@ static int io_sq_thread(void *data) } cap_entries = !list_is_singular(&sqd->ctx_list); - getrusage(current, RUSAGE_SELF, &start); + start = io_sq_cpu_usec(current); list_for_each_entry(ctx, &sqd->ctx_list, sqd_list) { int ret = __io_sq_thread(ctx, cap_entries); @@ -333,7 +337,7 @@ static int io_sq_thread(void *data) if (sqt_spin || !time_after(jiffies, timeout)) { if (sqt_spin) { - io_sq_update_worktime(sqd, &start); + io_sq_update_worktime(sqd, start); timeout = jiffies + sqd->sq_thread_idle; } if (unlikely(need_resched())) { diff --git a/io_uring/sqpoll.h b/io_uring/sqpoll.h index b83dcdec9765..fd2f6f29b516 100644 --- a/io_uring/sqpoll.h +++ b/io_uring/sqpoll.h @@ -29,6 +29,7 @@ void io_sq_thread_unpark(struct io_sq_data *sqd); void io_put_sq_data(struct io_sq_data *sqd); void io_sqpoll_wait_sq(struct io_ring_ctx *ctx); int io_sqpoll_wq_cpu_affinity(struct io_ring_ctx *ctx, cpumask_var_t mask); +u64 io_sq_cpu_usec(struct task_struct *tsk); static inline struct task_struct *sqpoll_task_locked(struct io_sq_data *sqd) { -- 2.51.0

1 month

1
0
0 0

[PATCH 1/2] io_uring/sqpoll: switch away from getrusage() for CPU accounting

by Jens Axboe

getrusage() does a lot more than what the SQPOLL accounting needs, the latter only cares about (and uses) the stime. Rather than do a full RUSAGE_SELF summation, just query the used stime instead. Cc: stable(a)vger.kernel.org Fixes: 3fcb9d17206e ("io_uring/sqpoll: statistics of the true utilization of sq threads") Signed-off-by: Jens Axboe <axboe(a)kernel.dk> --- io_uring/fdinfo.c | 9 +++++---- io_uring/sqpoll.c | 34 ++++++++++++++++++++-------------- io_uring/sqpoll.h | 1 + 3 files changed, 26 insertions(+), 18 deletions(-) diff --git a/io_uring/fdinfo.c b/io_uring/fdinfo.c index ff3364531c77..966e06b078f6 100644 --- a/io_uring/fdinfo.c +++ b/io_uring/fdinfo.c @@ -59,7 +59,6 @@ static void __io_uring_show_fdinfo(struct io_ring_ctx *ctx, struct seq_file *m) { struct io_overflow_cqe *ocqe; struct io_rings *r = ctx->rings; - struct rusage sq_usage; unsigned int sq_mask = ctx->sq_entries - 1, cq_mask = ctx->cq_entries - 1; unsigned int sq_head = READ_ONCE(r->sq.head); unsigned int sq_tail = READ_ONCE(r->sq.tail); @@ -152,14 +151,16 @@ static void __io_uring_show_fdinfo(struct io_ring_ctx *ctx, struct seq_file *m) * thread termination. */ if (tsk) { + struct timespec64 ts; + get_task_struct(tsk); rcu_read_unlock(); - getrusage(tsk, RUSAGE_SELF, &sq_usage); + ts = io_sq_cpu_time(tsk); put_task_struct(tsk); sq_pid = sq->task_pid; sq_cpu = sq->sq_cpu; - sq_total_time = (sq_usage.ru_stime.tv_sec * 1000000 - + sq_usage.ru_stime.tv_usec); + sq_total_time = (ts.tv_sec * 1000000 + + ts.tv_nsec / 1000); sq_work_time = sq->work_time; } else { rcu_read_unlock(); diff --git a/io_uring/sqpoll.c b/io_uring/sqpoll.c index a3f11349ce06..8705b0aa82e0 100644 --- a/io_uring/sqpoll.c +++ b/io_uring/sqpoll.c @@ -11,6 +11,7 @@ #include <linux/audit.h> #include <linux/security.h> #include <linux/cpuset.h> +#include <linux/sched/cputime.h> #include <linux/io_uring.h> #include <uapi/linux/io_uring.h> @@ -169,6 +170,22 @@ static inline bool io_sqd_events_pending(struct io_sq_data *sqd) return READ_ONCE(sqd->state); } +struct timespec64 io_sq_cpu_time(struct task_struct *tsk) +{ + u64 utime, stime; + + task_cputime_adjusted(tsk, &utime, &stime); + return ns_to_timespec64(stime); +} + +static void io_sq_update_worktime(struct io_sq_data *sqd, struct timespec64 start) +{ + struct timespec64 ts; + + ts = timespec64_sub(io_sq_cpu_time(current), start); + sqd->work_time += ts.tv_sec * 1000000 + ts.tv_nsec / 1000; +} + static int __io_sq_thread(struct io_ring_ctx *ctx, bool cap_entries) { unsigned int to_submit; @@ -255,23 +272,12 @@ static bool io_sq_tw_pending(struct llist_node *retry_list) return retry_list || !llist_empty(&tctx->task_list); } -static void io_sq_update_worktime(struct io_sq_data *sqd, struct rusage *start) -{ - struct rusage end; - - getrusage(current, RUSAGE_SELF, &end); - end.ru_stime.tv_sec -= start->ru_stime.tv_sec; - end.ru_stime.tv_usec -= start->ru_stime.tv_usec; - - sqd->work_time += end.ru_stime.tv_usec + end.ru_stime.tv_sec * 1000000; -} - static int io_sq_thread(void *data) { struct llist_node *retry_list = NULL; struct io_sq_data *sqd = data; struct io_ring_ctx *ctx; - struct rusage start; + struct timespec64 start; unsigned long timeout = 0; char buf[TASK_COMM_LEN] = {}; DEFINE_WAIT(wait); @@ -317,7 +323,7 @@ static int io_sq_thread(void *data) } cap_entries = !list_is_singular(&sqd->ctx_list); - getrusage(current, RUSAGE_SELF, &start); + start = io_sq_cpu_time(current); list_for_each_entry(ctx, &sqd->ctx_list, sqd_list) { int ret = __io_sq_thread(ctx, cap_entries); @@ -333,7 +339,7 @@ static int io_sq_thread(void *data) if (sqt_spin || !time_after(jiffies, timeout)) { if (sqt_spin) { - io_sq_update_worktime(sqd, &start); + io_sq_update_worktime(sqd, start); timeout = jiffies + sqd->sq_thread_idle; } if (unlikely(need_resched())) { diff --git a/io_uring/sqpoll.h b/io_uring/sqpoll.h index b83dcdec9765..84ed2b312e88 100644 --- a/io_uring/sqpoll.h +++ b/io_uring/sqpoll.h @@ -29,6 +29,7 @@ void io_sq_thread_unpark(struct io_sq_data *sqd); void io_put_sq_data(struct io_sq_data *sqd); void io_sqpoll_wait_sq(struct io_ring_ctx *ctx); int io_sqpoll_wq_cpu_affinity(struct io_ring_ctx *ctx, cpumask_var_t mask); +struct timespec64 io_sq_cpu_time(struct task_struct *tsk); static inline struct task_struct *sqpoll_task_locked(struct io_sq_data *sqd) { -- 2.51.0

1 month

2
2
0 0

[PATCH 6.6 000/105] 6.6.114-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.114 release. There are 105 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 23 Oct 2025 19:49:51 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.114-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.114-rc1 Niklas Cassel <cassel(a)kernel.org> PCI: tegra194: Reset BARs when running in PCIe endpoint mode Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: j721e: Fix programming sequence of "strap" settings Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists Jakub Acs <acsjakub(a)amazon.de> mm/ksm: fix flag-dropping behavior in ksm_madvise Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: browse interfaces list on FSCTL_QUERY_INTERFACE_INFO IOCTL Brian Norris <briannorris(a)google.com> PCI/sysfs: Ensure devices are powered for config reads (part 2) Scott Mayhew <smayhew(a)redhat.com> nfsd: decouple the xprtsec policy check from check_nfsd_access() Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbevf: fix mailbox API compatibility by negotiating supported features Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbevf: fix getting link speed data for E610 devices Piotr Kwapulinski <piotr.kwapulinski(a)intel.com> ixgbevf: Add support for Intel(R) E610 device Piotr Kwapulinski <piotr.kwapulinski(a)intel.com> PCI: Add PCI_VDEVICE_SUB helper macro Devarsh Thakkar <devarsht(a)ti.com> phy: cadence: cdns-dphy: Update calibration wait time for startup state machine Theodore Ts'o <tytso(a)mit.edu> ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() Jan Kara <jack(a)suse.cz> vfs: Don't leak disconnected dentries on umount Chuck Lever <chuck.lever(a)oracle.com> NFSD: Define a proc_layoutcommit for the FlexFiles layout type Shashank A P <shashank.ap(a)samsung.com> fs: quota: create dedicated workqueue for quota_release_work Kemeng Shi <shikemeng(a)huaweicloud.com> quota: remove unneeded return value of register_quota_format Xiao Liang <shaw.leon(a)gmail.com> padata: Reset next CPU when reorder sequence wraps around Darrick J. Wong <djwong(a)kernel.org> xfs: use deferred intent items for reaping crosslinked blocks Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Avoid configuring if already pm_runtime suspended Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com> iio: imu: inv_icm42600: reorganize DMA aligned buffers in structure Devarsh Thakkar <devarsht(a)ti.com> phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> phy: cdns-dphy: Store hs_clk_rate and return it Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Simplify pm_runtime setup Bence Csókás <csokas.bence(a)prolan.hu> PM: runtime: Add new devm functions Christoph Hellwig <hch(a)lst.de> xfs: fix log CRC mismatches between i386 and other architectures Christoph Hellwig <hch(a)lst.de> xfs: rename the old_crc variable in xlog_recover_process Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Fix last write offset handling in layoutcommit Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Minor cleanup in layoutcommit processing Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Rework encoding and decoding of nfsd4_deviceid Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix deadlock warnings caused by lock dependency in init_nilfs() Darrick J. Wong <djwong(a)kernel.org> block: fix race between set_blocksize and read paths Mark Rutland <mark.rutland(a)arm.com> arm64: errata: Apply workarounds for Neoverse-V3AE Mark Rutland <mark.rutland(a)arm.com> arm64: cputype: Add Neoverse-V3AE definitions Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Xing Guo <higuoxing(a)gmail.com> selftests: arg_parsing: Ensure data is flushed to disk before reading. Thadeu Lima de Souza Cascardo <cascardo(a)igalia.com> HID: multitouch: fix name of Stylus input devices Dmitry Torokhov <dmitry.torokhov(a)gmail.com> HID: hid-input: only ignore 0 battery events for digitizers Jiaming Zhang <r772577952(a)gmail.com> ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: make arg_parsing.c more robust to crashes Youssef Samir <quic_yabdulra(a)quicinc.com> accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Randy Dunlap <rdunlap(a)infradead.org> ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Vincent Guittot <vincent.guittot(a)linaro.org> sched/fair: Fix pelt lost idle time detection Ingo Molnar <mingo(a)kernel.org> sched/balancing: Rename newidle_balance() => sched_balance_newidle() Alok Tiwari <alok.a.tiwari(a)oracle.com> drm/rockchip: vop2: use correct destination rectangle height check Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/powerplay: Fix CIK shutdown temperature Zhanjun Dong <zhanjun.dong(a)intel.com> drm/i915/guc: Skip communication warning on reset in progress Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Generalize helper to clear IRQ status Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Cancel jdet_work before handling jack ejection Christophe Leroy <christophe.leroy(a)csgroup.eu> ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec Marek Vasut <marek.vasut(a)mailbox.org> drm/bridge: lt9211: Drop check for last nibble of version register Fabian Vogt <fvogt(a)suse.de> riscv: kprobes: Fix probe address validation Amit Chaudhary <achaudhary(a)purestorage.com> nvme-multipath: Skip nr_active increments in RETRY disposition I Viswanath <viswanathiyyappan(a)gmail.com> net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Oleksij Rempel <o.rempel(a)pengutronix.de> net: usb: lan78xx: Add error handling to lan78xx_init_mac_address Sabrina Dubroca <sd(a)queasysnail.net> tls: don't rely on tx_work during send() Sabrina Dubroca <sd(a)queasysnail.net> tls: wait for pending async decryptions if tls_strp_msg_hold fails Sabrina Dubroca <sd(a)queasysnail.net> tls: always set record_type in tls_process_cmsg Sabrina Dubroca <sd(a)queasysnail.net> tls: wait for async encrypt in case of error during latter iterations of sendmsg Sascha Hauer <s.hauer(a)pengutronix.de> net: tls: wait for async completion on last message Sabrina Dubroca <sd(a)queasysnail.net> tls: trim encrypted message to match the plaintext on short splice Alexey Simakov <bigalex934(a)gmail.com> tg3: prevent use of uninitialized remote_adv and local_adv variables Eric Dumazet <edumazet(a)google.com> tcp: fix tcp_tso_should_defer() vs large RTT Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: Avoid spurious link down messages during interface toggle Dmitry Safonov <0x7f454c46(a)gmail.com> net/ip6_tunnel: Prevent perpetual tunnel growth Linmao Li <lilinmao(a)kylinos.cn> r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Nicolas Dichtel <nicolas.dichtel(a)6wind.com> doc: fix seg6_flowlabel path Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: handle dma_map_single() failure properly Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() Yuezhang Mo <Yuezhang.Mo(a)sony.com> dax: skip read lock assertion for read-only filesystems Benjamin Tissoires <bentiss(a)kernel.org> HID: multitouch: fix sticky fingers Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_rndis: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_ncm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_acm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_ecm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Introduce free_usb_request helper Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Store endpoint pointer in usb_request Guoniu Zhou <guoniu.zhou(a)nxp.com> media: nxp: imx8-isi: m2m: Fix streaming cleanup on release Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: nxp: imx8-isi: Drop unused argument to mxc_isi_channel_chain() Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: remove ctx->suspended Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: properly clear channels during bind Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions Akhil P Oommen <akhilpo(a)oss.qualcomm.com> drm/msm/a6xx: Fix PDC sleep sequence Konrad Dybcio <konrad.dybcio(a)linaro.org> drm/msm/adreno: De-spaghettify the use of memory barriers Nam Cao <namcao(a)linutronix.de> eventpoll: Replace rwlock with spinlock Huang Xiaojia <huangxiaojia2(a)huawei.com> epoll: Remove ep_scan_ready_list() in comments Zenm Chen <zenmchen(a)gmail.com> Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Check whether secure display TA loaded successfully Gui-Dong Han <hanguidong02(a)gmail.com> drm/amdgpu: use atomic functions with memory barriers for vm fault info Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies Eugene Korenevsky <ekorenevsky(a)aliyun.com> cifs: parse_dfs_referrals: prevent oob on malformed input Celeste Liu <uwu(a)coelacanthus.name> can: gs_usb: increase max interface to U8_MAX Celeste Liu <uwu(a)coelacanthus.name> can: gs_usb: gs_make_candev(): populate net_device->dev_port Filipe Manana <fdmanana(a)suse.com> btrfs: do not assert we found block group item when creating free space tree Boris Burkov <boris(a)bur.io> btrfs: fix incorrect readahead expansion length Filipe Manana <fdmanana(a)suse.com> btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running Deepanshu Kartikey <kartikey406(a)gmail.com> ext4: detect invalid INLINE_DATA + EXTENTS flag combination Zhang Yi <yi.zhang(a)huawei.com> ext4: wait for ongoing I/O to complete before freeing blocks Zhang Yi <yi.zhang(a)huawei.com> jbd2: ensure that all ongoing I/O complete before freeing blocks Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix wrong block mapping for multi-devices Oliver Upton <oliver.upton(a)linux.dev> KVM: arm64: Prevent access to vCPU events before init Yi Cong <yicong(a)kylinos.cn> r8152: add error handling in rtl8152_driver_init Shuhao Fu <sfual(a)cse.ust.hk> smb: client: Fix refcount leak for cifs_sb_tlink ------------- Diffstat: Documentation/arch/arm64/silicon-errata.rst | 2 + Documentation/networking/seg6-sysctl.rst | 3 + Makefile | 4 +- arch/arm64/Kconfig | 1 + arch/arm64/include/asm/cputype.h | 2 + arch/arm64/kernel/cpu_errata.c | 1 + arch/arm64/kvm/arm.c | 6 + arch/riscv/kernel/probes/kprobes.c | 13 +- block/bdev.c | 17 ++ block/blk-zoned.c | 5 +- block/fops.c | 16 ++ block/ioctl.c | 6 + drivers/accel/qaic/qaic_control.c | 2 +- drivers/base/power/runtime.c | 44 ++++ drivers/bluetooth/btusb.c | 2 + drivers/cpufreq/cppc_cpufreq.c | 14 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 2 +- drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 +- .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 +- drivers/gpu/drm/bridge/lontium-lt9211.c | 3 +- drivers/gpu/drm/exynos/exynos7_drm_decon.c | 98 ++++----- drivers/gpu/drm/i915/gt/uc/intel_guc_ct.c | 9 +- drivers/gpu/drm/msm/adreno/a6xx_gmu.c | 38 ++-- drivers/gpu/drm/msm/adreno/a6xx_gmu.h | 6 + drivers/gpu/drm/msm/adreno/a6xx_gpu.c | 10 +- drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 2 +- drivers/gpu/drm/scheduler/sched_main.c | 13 +- drivers/hid/hid-input.c | 5 +- drivers/hid/hid-multitouch.c | 28 +-- drivers/iio/imu/inv_icm42600/inv_icm42600.h | 8 +- drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 35 ++-- .../media/platform/nxp/imx8-isi/imx8-isi-core.h | 2 +- drivers/media/platform/nxp/imx8-isi/imx8-isi-hw.c | 2 +- drivers/media/platform/nxp/imx8-isi/imx8-isi-m2m.c | 225 +++++++++------------ .../media/platform/nxp/imx8-isi/imx8-isi-pipe.c | 2 +- drivers/net/can/m_can/m_can_platform.c | 2 +- drivers/net/can/usb/gs_usb.c | 23 +-- drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 - drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 + drivers/net/ethernet/broadcom/tg3.c | 5 +- drivers/net/ethernet/dlink/dl2k.c | 23 ++- drivers/net/ethernet/intel/ixgbevf/defines.h | 6 +- drivers/net/ethernet/intel/ixgbevf/ipsec.c | 10 + drivers/net/ethernet/intel/ixgbevf/ixgbevf.h | 13 +- drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 46 ++++- drivers/net/ethernet/intel/ixgbevf/mbx.h | 8 + drivers/net/ethernet/intel/ixgbevf/vf.c | 194 +++++++++++++++--- drivers/net/ethernet/intel/ixgbevf/vf.h | 5 +- drivers/net/ethernet/realtek/r8169_main.c | 5 +- drivers/net/usb/lan78xx.c | 38 +++- drivers/net/usb/r8152.c | 7 +- drivers/nvme/host/multipath.c | 6 +- drivers/pci/controller/cadence/pci-j721e.c | 64 +++++- drivers/pci/controller/dwc/pcie-tegra194.c | 10 + drivers/pci/pci-sysfs.c | 10 +- drivers/phy/cadence/cdns-dphy.c | 133 +++++++++--- drivers/usb/gadget/function/f_acm.c | 42 ++-- drivers/usb/gadget/function/f_ecm.c | 48 ++--- drivers/usb/gadget/function/f_ncm.c | 78 +++---- drivers/usb/gadget/function/f_rndis.c | 85 ++++---- drivers/usb/gadget/udc/core.c | 3 + fs/btrfs/extent_io.c | 2 +- fs/btrfs/free-space-tree.c | 15 +- fs/btrfs/relocation.c | 13 +- fs/dax.c | 2 +- fs/dcache.c | 2 + fs/eventpoll.c | 145 +++---------- fs/ext4/ext4_jbd2.c | 11 +- fs/ext4/inode.c | 8 + fs/ext4/super.c | 17 +- fs/f2fs/data.c | 2 +- fs/hfsplus/unicode.c | 24 +++ fs/jbd2/transaction.c | 13 +- fs/nfsd/blocklayout.c | 5 +- fs/nfsd/blocklayoutxdr.c | 7 +- fs/nfsd/export.c | 60 +++++- fs/nfsd/export.h | 2 + fs/nfsd/flexfilelayout.c | 8 + fs/nfsd/flexfilelayoutxdr.c | 3 +- fs/nfsd/nfs4layouts.c | 1 - fs/nfsd/nfs4proc.c | 34 ++-- fs/nfsd/nfs4xdr.c | 14 +- fs/nfsd/nfsfh.c | 12 +- fs/nfsd/xdr4.h | 36 +++- fs/nilfs2/the_nilfs.c | 3 - fs/ocfs2/super.c | 6 +- fs/quota/dquot.c | 13 +- fs/quota/quota_v1.c | 3 +- fs/quota/quota_v2.c | 9 +- fs/smb/client/inode.c | 6 +- fs/smb/client/misc.c | 17 ++ fs/smb/client/smb2ops.c | 8 +- fs/smb/server/ksmbd_netlink.h | 3 +- fs/smb/server/server.h | 1 + fs/smb/server/smb2pdu.c | 4 + fs/smb/server/transport_ipc.c | 1 + fs/smb/server/transport_tcp.c | 67 +++--- fs/smb/server/transport_tcp.h | 1 + fs/xfs/libxfs/xfs_log_format.h | 30 ++- fs/xfs/scrub/reap.c | 19 +- fs/xfs/xfs_log.c | 8 +- fs/xfs/xfs_log_priv.h | 4 +- fs/xfs/xfs_log_recover.c | 34 +++- fs/xfs/xfs_ondisk.h | 2 + include/linux/cpufreq.h | 3 + include/linux/mm.h | 2 +- include/linux/pci.h | 14 ++ include/linux/pm_runtime.h | 4 + include/linux/quota.h | 2 +- include/linux/usb/gadget.h | 25 +++ include/net/ip_tunnels.h | 15 ++ kernel/padata.c | 6 +- kernel/sched/fair.c | 38 ++-- mm/shmem.c | 7 +- net/ipv4/ip_tunnel.c | 14 -- net/ipv4/tcp_output.c | 19 +- net/ipv6/ip6_tunnel.c | 3 +- net/tls/tls_main.c | 7 +- net/tls/tls_sw.c | 33 ++- rust/bindings/bindings_helper.h | 2 + rust/bindings/lib.rs | 1 + sound/firewire/amdtp-stream.h | 2 +- sound/soc/codecs/idt821034.c | 12 +- sound/soc/codecs/nau8821.c | 53 +++-- sound/usb/card.c | 10 +- .../testing/selftests/bpf/prog_tests/arg_parsing.c | 12 +- 128 files changed, 1549 insertions(+), 924 deletions(-)

1 month

11
115
0 0

[PATCHSET] xfs: random fixes for 6.18

by Darrick J. Wong

Hi all, Random fixes for 6.18. If you're going to start using this code, I strongly recommend pulling from my git trees, which are linked below. This has been running on the djcloud for months with no problems. Enjoy! Comments and questions are, as always, welcome. --D kernel git tree: https://git.kernel.org/cgit/linux/kernel/git/djwong/xfs-linux.git/log/?h=xf… --- Commits in this patchset: * xfs: don't set bt_nr_sectors to a negative number * xfs: always warn about deprecated mount options * xfs: loudly complain about defunct mount options * xfs: fix locking in xchk_nlinks_collect_dir --- fs/xfs/xfs_buf.h | 1 + fs/xfs/scrub/nlinks.c | 34 +++++++++++++++++++++++++++++++--- fs/xfs/xfs_buf.c | 2 +- fs/xfs/xfs_super.c | 45 +++++++++++++++++++++++++++++++++++---------- 4 files changed, 68 insertions(+), 14 deletions(-)

1 month

3
9
0 0

[PATCH 6.12 000/136] 6.12.55-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.12.55 release. There are 136 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 23 Oct 2025 19:49:51 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.12.55-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.12.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.12.55-rc1 Guenter Roeck <linux(a)roeck-us.net> dmaengine: Add missing cleanup on module unload Mark Rutland <mark.rutland(a)arm.com> arm64: errata: Apply workarounds for Neoverse-V3AE Mark Rutland <mark.rutland(a)arm.com> arm64: cputype: Add Neoverse-V3AE definitions Jakub Acs <acsjakub(a)amazon.de> mm/ksm: fix flag-dropping behavior in ksm_madvise Chuck Lever <chuck.lever(a)oracle.com> NFSD: Define a proc_layoutcommit for the FlexFiles layout type Devarsh Thakkar <devarsht(a)ti.com> phy: cadence: cdns-dphy: Update calibration wait time for startup state machine Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: reset blackhole on success with non-loopback ifaces Kuniyuki Iwashima <kuniyu(a)google.com> mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable(). Kuniyuki Iwashima <kuniyu(a)google.com> mptcp: Call dst_release() in mptcp_active_enable(). Sharath Chandra Vurukala <quic_sharathv(a)quicinc.com> net: Add locking to protect skb->dev access in ip_output Eric Dumazet <edumazet(a)google.com> ipv4: adopt dst_dev, skb_dst_dev and skb_dst_dev_net[_rcu] Eric Dumazet <edumazet(a)google.com> net: dst: add four helpers to annotate data-races around dst->dev Eric Dumazet <edumazet(a)google.com> tcp: cache RTAX_QUICKACK metric in a hot cache line Eric Dumazet <edumazet(a)google.com> tcp: convert to dev_net_rcu() Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbevf: fix mailbox API compatibility by negotiating supported features Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbevf: fix getting link speed data for E610 devices Piotr Kwapulinski <piotr.kwapulinski(a)intel.com> ixgbevf: Add support for Intel(R) E610 device Piotr Kwapulinski <piotr.kwapulinski(a)intel.com> PCI: Add PCI_VDEVICE_SUB helper macro Jan Kara <jack(a)suse.cz> vfs: Don't leak disconnected dentries on umount Al Viro <viro(a)zeniv.linux.org.uk> d_alloc_parallel(): set DCACHE_PAR_LOOKUP earlier Babu Moger <babu.moger(a)amd.com> x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Babu Moger <babu.moger(a)amd.com> x86/resctrl: Refactor resctrl_arch_rmid_read() Yu Kuai <yukuai3(a)huawei.com> md: fix mssing blktrace bio split events John Garry <john.g.garry(a)oracle.com> md/raid10: Handle bio_split() errors John Garry <john.g.garry(a)oracle.com> md/raid1: Handle bio_split() errors John Garry <john.g.garry(a)oracle.com> md/raid0: Handle bio_split() errors Xiao Liang <shaw.leon(a)gmail.com> padata: Reset next CPU when reorder sequence wraps around Darrick J. Wong <djwong(a)kernel.org> xfs: use deferred intent items for reaping crosslinked blocks Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: rtw89: avoid possible TX wait initialization race Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Fix last write offset handling in layoutcommit Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Implement large extent array support in pNFS Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Minor cleanup in layoutcommit processing Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Rework encoding and decoding of nfsd4_deviceid Sergey Bashirov <sergeybashirov(a)gmail.com> nfsd: Drop dprintk in blocklayout xdr functions Sergey Bashirov <sergeybashirov(a)gmail.com> nfsd: Use correct error code when decoding extents Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Avoid configuring if already pm_runtime suspended Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Simplify pm_runtime setup Bence Csókás <csokas.bence(a)prolan.hu> PM: runtime: Add new devm functions Devarsh Thakkar <devarsht(a)ti.com> phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> phy: cdns-dphy: Store hs_clk_rate and return it Christoph Hellwig <hch(a)lst.de> xfs: fix log CRC mismatches between i386 and other architectures Christoph Hellwig <hch(a)lst.de> xfs: rename the old_crc variable in xlog_recover_process Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Wilfred Mallawa <wilfred.mallawa(a)wdc.com> nvme/tcp: handle tls partially sent records in write_space() Xing Guo <higuoxing(a)gmail.com> selftests: arg_parsing: Ensure data is flushed to disk before reading. Li Qiang <liqiang01(a)kylinos.cn> ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails Thadeu Lima de Souza Cascardo <cascardo(a)igalia.com> HID: multitouch: fix name of Stylus input devices Dmitry Torokhov <dmitry.torokhov(a)gmail.com> HID: hid-input: only ignore 0 battery events for digitizers Jiaming Zhang <r772577952(a)gmail.com> ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: make arg_parsing.c more robust to crashes Pranjal Ramajor Asha Kanojiya <quic_pkanojiy(a)quicinc.com> accel/qaic: Synchronize access to DBC request queue head & tail pointer Youssef Samir <quic_yabdulra(a)quicinc.com> accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Jeffrey Hugo <quic_jhugo(a)quicinc.com> accel/qaic: Fix bootlog initialization ordering Randy Dunlap <rdunlap(a)infradead.org> ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Vincent Guittot <vincent.guittot(a)linaro.org> sched/fair: Fix pelt lost idle time detection Alok Tiwari <alok.a.tiwari(a)oracle.com> drm/rockchip: vop2: use correct destination rectangle height check Francesco Valla <francesco(a)valla.it> drm/draw: fix color truncation in drm_draw_fill24 Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/powerplay: Fix CIK shutdown temperature Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: fix handling of harvesting for ip_discovery firmware Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add support for cyan skillfish without IP discovery Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add ip offset support for cyan skillfish Zhanjun Dong <zhanjun.dong(a)intel.com> drm/i915/guc: Skip communication warning on reset in progress Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Generalize helper to clear IRQ status Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Cancel jdet_work before handling jack ejection Christophe Leroy <christophe.leroy(a)csgroup.eu> ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec Marek Vasut <marek.vasut(a)mailbox.org> drm/bridge: lt9211: Drop check for last nibble of version register Fabian Vogt <fvogt(a)suse.de> riscv: kprobes: Fix probe address validation Amit Chaudhary <achaudhary(a)purestorage.com> nvme-multipath: Skip nr_active increments in RETRY disposition Ketil Johnsen <ketil.johnsen(a)arm.com> drm/panthor: Ensure MCU is disabled on suspend I Viswanath <viswanathiyyappan(a)gmail.com> net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Oleksij Rempel <o.rempel(a)pengutronix.de> net: usb: lan78xx: Add error handling to lan78xx_init_mac_address Breno Leitao <leitao(a)debian.org> netdevsim: set the carrier when the device goes up Sabrina Dubroca <sd(a)queasysnail.net> tls: don't rely on tx_work during send() Sabrina Dubroca <sd(a)queasysnail.net> tls: wait for pending async decryptions if tls_strp_msg_hold fails Sabrina Dubroca <sd(a)queasysnail.net> tls: always set record_type in tls_process_cmsg Sabrina Dubroca <sd(a)queasysnail.net> tls: wait for async encrypt in case of error during latter iterations of sendmsg Sabrina Dubroca <sd(a)queasysnail.net> tls: trim encrypted message to match the plaintext on short splice Alexey Simakov <bigalex934(a)gmail.com> tg3: prevent use of uninitialized remote_adv and local_adv variables Marios Makassikis <mmakassikis(a)freebox.fr> ksmbd: fix recursive locking in RPC handle list access Eric Dumazet <edumazet(a)google.com> tcp: fix tcp_tso_should_defer() vs large RTT Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: Avoid spurious link down messages during interface toggle Dmitry Safonov <0x7f454c46(a)gmail.com> net/ip6_tunnel: Prevent perpetual tunnel growth Linmao Li <lilinmao(a)kylinos.cn> r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Nicolas Dichtel <nicolas.dichtel(a)6wind.com> doc: fix seg6_flowlabel path Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: handle dma_map_single() failure properly Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: fix CAN state in system PM Sean Nyekjaer <sean(a)geanix.com> can: m_can: call deinit/init callback when going into suspend/resume Sean Nyekjaer <sean(a)geanix.com> can: m_can: add deinit callback Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_chip_config(): bring up interface in correct state Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_handle_state_errors(): fix CAN state transition to Error Active Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() Yuezhang Mo <Yuezhang.Mo(a)sony.com> dax: skip read lock assertion for read-only filesystems Benjamin Tissoires <bentiss(a)kernel.org> HID: multitouch: fix sticky fingers Jens Axboe <axboe(a)kernel.dk> Revert "io_uring/rw: drop -EOPNOTSUPP check in __io_complete_rw_common()" Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_rndis: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_ecm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_acm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_ncm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Introduce free_usb_request helper Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Store endpoint pointer in usb_request Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: remove ctx->suspended Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: properly clear channels during bind Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions Guoniu Zhou <guoniu.zhou(a)nxp.com> media: nxp: imx8-isi: m2m: Fix streaming cleanup on release Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: nxp: imx8-isi: Drop unused argument to mxc_isi_channel_chain() Akhil P Oommen <akhilpo(a)oss.qualcomm.com> drm/msm/a6xx: Fix PDC sleep sequence Miaoqian Lin <linmq006(a)gmail.com> cdx: Fix device node reference leak in cdx_msi_domain_init Jiri Slaby (SUSE) <jirislaby(a)kernel.org> irqdomain: cdx: Switch to of_fwnode_handle() Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Check whether secure display TA loaded successfully Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix MMAP2 event device with backing files Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix MMAP event path names with backing files Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix address filter match with backing files Jonathan Kim <jonathan.kim(a)amd.com> drm/amdgpu: fix gfx12 mes packet status return check Gui-Dong Han <hanguidong02(a)gmail.com> drm/amdgpu: use atomic functions with memory barriers for vm fault info Thomas Zimmermann <tzimmermann(a)suse.de> drm/ast: Blank with VGACR17 sync enable, always clear VGACRB6 sync off Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies Eugene Korenevsky <ekorenevsky(a)aliyun.com> cifs: parse_dfs_referrals: prevent oob on malformed input Celeste Liu <uwu(a)coelacanthus.name> can: gs_usb: increase max interface to U8_MAX Celeste Liu <uwu(a)coelacanthus.name> can: gs_usb: gs_make_candev(): populate net_device->dev_port Filipe Manana <fdmanana(a)suse.com> btrfs: do not assert we found block group item when creating free space tree Miquel Sabaté Solà <mssola(a)mssola.com> btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST Boris Burkov <boris(a)bur.io> btrfs: fix incorrect readahead expansion length Miquel Sabaté Solà <mssola(a)mssola.com> btrfs: fix memory leak on duplicated memory in the qgroup assign ioctl Filipe Manana <fdmanana(a)suse.com> btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running Deepanshu Kartikey <kartikey406(a)gmail.com> ext4: detect invalid INLINE_DATA + EXTENTS flag combination Zhang Yi <yi.zhang(a)huawei.com> ext4: wait for ongoing I/O to complete before freeing blocks Zhang Yi <yi.zhang(a)huawei.com> jbd2: ensure that all ongoing I/O complete before freeing blocks Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix wrong block mapping for multi-devices Oliver Upton <oliver.upton(a)linux.dev> KVM: arm64: Prevent access to vCPU events before init Yi Cong <yicong(a)kylinos.cn> r8152: add error handling in rtl8152_driver_init Hao Ge <gehao(a)kylinos.cn> slab: reset slab->obj_ext when freeing and it is OBJEXTS_ALLOC_FAIL Shuhao Fu <sfual(a)cse.ust.hk> smb: client: Fix refcount leak for cifs_sb_tlink Conor Dooley <conor.dooley(a)microchip.com> rust: cfi: only 64-bit arm and x86 support CFI_CLANG Shuicheng Lin <shuicheng.lin(a)intel.com> drm/xe/guc: Check GuC running state before deregistering exec queue ------------- Diffstat: Documentation/arch/arm64/silicon-errata.rst | 2 + Documentation/networking/seg6-sysctl.rst | 3 + Makefile | 4 +- arch/Kconfig | 1 + arch/arm64/Kconfig | 1 + arch/arm64/include/asm/cputype.h | 2 + arch/arm64/kernel/cpu_errata.c | 1 + arch/arm64/kvm/arm.c | 6 + arch/riscv/kernel/probes/kprobes.c | 13 +- arch/x86/kernel/cpu/resctrl/monitor.c | 46 +++-- drivers/accel/qaic/qaic.h | 2 + drivers/accel/qaic/qaic_control.c | 2 +- drivers/accel/qaic/qaic_data.c | 12 +- drivers/accel/qaic/qaic_debugfs.c | 5 +- drivers/accel/qaic/qaic_drv.c | 3 + drivers/base/power/runtime.c | 44 ++++ drivers/cdx/cdx_msi.c | 5 +- drivers/cpufreq/cppc_cpufreq.c | 14 +- drivers/dma/idxd/init.c | 2 + drivers/gpu/drm/amd/amdgpu/Makefile | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 48 ++++- drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 2 +- .../gpu/drm/amd/amdgpu/cyan_skillfish_reg_init.c | 56 +++++ drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/mes_v12_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/nv.h | 1 + .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 +- drivers/gpu/drm/ast/ast_mode.c | 18 +- drivers/gpu/drm/ast/ast_reg.h | 1 + drivers/gpu/drm/bridge/lontium-lt9211.c | 3 +- drivers/gpu/drm/drm_draw.c | 2 +- drivers/gpu/drm/drm_draw_internal.h | 2 +- drivers/gpu/drm/exynos/exynos7_drm_decon.c | 98 ++++----- drivers/gpu/drm/i915/gt/uc/intel_guc_ct.c | 9 +- drivers/gpu/drm/msm/adreno/a6xx_gmu.c | 28 ++- drivers/gpu/drm/msm/adreno/a6xx_gmu.h | 6 + drivers/gpu/drm/panthor/panthor_fw.c | 1 + drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 2 +- drivers/gpu/drm/scheduler/sched_main.c | 13 +- drivers/gpu/drm/xe/xe_guc_submit.c | 13 +- drivers/hid/hid-input.c | 5 +- drivers/hid/hid-multitouch.c | 28 +-- drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 35 ++-- drivers/md/md-linear.c | 1 + drivers/md/raid0.c | 16 ++ drivers/md/raid1.c | 37 +++- drivers/md/raid10.c | 55 ++++- drivers/md/raid5.c | 2 + .../media/platform/nxp/imx8-isi/imx8-isi-core.h | 2 +- drivers/media/platform/nxp/imx8-isi/imx8-isi-hw.c | 2 +- drivers/media/platform/nxp/imx8-isi/imx8-isi-m2m.c | 225 +++++++++------------ .../media/platform/nxp/imx8-isi/imx8-isi-pipe.c | 2 +- drivers/net/can/m_can/m_can.c | 86 +++++--- drivers/net/can/m_can/m_can.h | 1 + drivers/net/can/m_can/m_can_platform.c | 2 +- drivers/net/can/usb/gs_usb.c | 23 +-- drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 - drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 + drivers/net/ethernet/broadcom/tg3.c | 5 +- drivers/net/ethernet/dlink/dl2k.c | 23 ++- drivers/net/ethernet/intel/ixgbevf/defines.h | 6 +- drivers/net/ethernet/intel/ixgbevf/ipsec.c | 10 + drivers/net/ethernet/intel/ixgbevf/ixgbevf.h | 13 +- drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 46 ++++- drivers/net/ethernet/intel/ixgbevf/mbx.h | 8 + drivers/net/ethernet/intel/ixgbevf/vf.c | 194 +++++++++++++++--- drivers/net/ethernet/intel/ixgbevf/vf.h | 5 +- drivers/net/ethernet/realtek/r8169_main.c | 5 +- drivers/net/netdevsim/netdev.c | 7 + drivers/net/usb/lan78xx.c | 38 +++- drivers/net/usb/r8152.c | 7 +- drivers/net/wireless/realtek/rtw89/core.c | 39 ++-- drivers/net/wireless/realtek/rtw89/core.h | 6 +- drivers/net/wireless/realtek/rtw89/mac80211.c | 2 +- drivers/net/wireless/realtek/rtw89/pci.c | 2 - drivers/nvme/host/multipath.c | 6 +- drivers/nvme/host/tcp.c | 3 + drivers/phy/cadence/cdns-dphy.c | 133 +++++++++--- drivers/usb/gadget/function/f_acm.c | 42 ++-- drivers/usb/gadget/function/f_ecm.c | 48 ++--- drivers/usb/gadget/function/f_ncm.c | 78 +++---- drivers/usb/gadget/function/f_rndis.c | 85 ++++---- drivers/usb/gadget/udc/core.c | 3 + fs/btrfs/extent_io.c | 2 +- fs/btrfs/free-space-tree.c | 15 +- fs/btrfs/ioctl.c | 2 +- fs/btrfs/relocation.c | 13 +- fs/btrfs/zoned.c | 2 +- fs/dax.c | 2 +- fs/dcache.c | 12 +- fs/ext4/ext4_jbd2.c | 11 +- fs/ext4/inode.c | 8 + fs/f2fs/data.c | 2 +- fs/hfsplus/unicode.c | 24 +++ fs/jbd2/transaction.c | 13 +- fs/nfsd/blocklayout.c | 33 +-- fs/nfsd/blocklayoutxdr.c | 171 ++++++++++------ fs/nfsd/blocklayoutxdr.h | 8 +- fs/nfsd/flexfilelayout.c | 8 + fs/nfsd/flexfilelayoutxdr.c | 3 +- fs/nfsd/nfs4layouts.c | 1 - fs/nfsd/nfs4proc.c | 36 ++-- fs/nfsd/nfs4xdr.c | 25 +-- fs/nfsd/nfsd.h | 1 + fs/nfsd/pnfs.h | 1 + fs/nfsd/xdr4.h | 39 +++- fs/smb/client/inode.c | 6 +- fs/smb/client/misc.c | 17 ++ fs/smb/client/smb2ops.c | 8 +- fs/smb/server/mgmt/user_session.c | 7 +- fs/smb/server/smb2pdu.c | 9 +- fs/smb/server/transport_ipc.c | 12 ++ fs/xfs/libxfs/xfs_log_format.h | 30 ++- fs/xfs/libxfs/xfs_ondisk.h | 2 + fs/xfs/scrub/reap.c | 9 +- fs/xfs/xfs_log.c | 8 +- fs/xfs/xfs_log_priv.h | 4 +- fs/xfs/xfs_log_recover.c | 34 +++- include/linux/mm.h | 2 +- include/linux/pci.h | 14 ++ include/linux/pm_runtime.h | 4 + include/linux/usb/gadget.h | 25 +++ include/net/dst.h | 32 +++ include/net/inet6_hashtables.h | 2 +- include/net/inet_connection_sock.h | 3 +- include/net/inet_hashtables.h | 2 +- include/net/ip.h | 11 +- include/net/ip_tunnels.h | 15 ++ include/net/route.h | 2 +- io_uring/rw.c | 2 +- kernel/events/core.c | 8 +- kernel/padata.c | 6 +- kernel/sched/fair.c | 26 +-- mm/slub.c | 9 +- net/core/dst.c | 4 +- net/core/sock.c | 14 +- net/ipv4/icmp.c | 24 ++- net/ipv4/igmp.c | 2 +- net/ipv4/ip_fragment.c | 2 +- net/ipv4/ip_output.c | 19 +- net/ipv4/ip_tunnel.c | 14 -- net/ipv4/ip_vti.c | 4 +- net/ipv4/netfilter.c | 4 +- net/ipv4/route.c | 8 +- net/ipv4/tcp_fastopen.c | 4 +- net/ipv4/tcp_input.c | 3 +- net/ipv4/tcp_ipv4.c | 12 +- net/ipv4/tcp_metrics.c | 8 +- net/ipv4/tcp_output.c | 19 +- net/ipv4/xfrm4_output.c | 2 +- net/ipv6/ip6_tunnel.c | 3 +- net/ipv6/tcp_ipv6.c | 22 +- net/mptcp/ctrl.c | 9 +- net/tls/tls_main.c | 7 +- net/tls/tls_sw.c | 31 ++- rust/bindings/bindings_helper.h | 1 + sound/firewire/amdtp-stream.h | 2 +- sound/soc/amd/acp/acp-sdw-sof-mach.c | 2 +- sound/soc/codecs/idt821034.c | 12 +- sound/soc/codecs/nau8821.c | 53 +++-- sound/usb/card.c | 10 +- .../testing/selftests/bpf/prog_tests/arg_parsing.c | 12 +- 164 files changed, 1922 insertions(+), 967 deletions(-)

1 month

8
146
0 0

[PATCH 6.17 000/159] 6.17.5-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.17.5 release. There are 159 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 23 Oct 2025 19:49:51 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.17.5-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.17.5-rc1 Matthew Brost <matthew.brost(a)intel.com> drm/xe: Don't allow evicting of BOs in same VM in array of VM binds Lucas De Marchi <lucas.demarchi(a)intel.com> drm/xe: Move rebar to be done earlier Piotr Piórkowski <piotr.piorkowski(a)intel.com> drm/xe: Unify the initialization of VRAM regions Piotr Piórkowski <piotr.piorkowski(a)intel.com> drm/xe: Move struct xe_vram_region to a dedicated header Piotr Piórkowski <piotr.piorkowski(a)intel.com> drm/xe: Use dynamic allocation for tile and device VRAM region structures Piotr Piórkowski <piotr.piorkowski(a)intel.com> drm/xe: Use devm_ioremap_wc for VRAM mapping and drop manual unmap Devarsh Thakkar <devarsht(a)ti.com> phy: cadence: cdns-dphy: Update calibration wait time for startup state machine Dave Jiang <dave.jiang(a)intel.com> cxl: Fix match_region_by_range() to use region_res_match_cxl_range() Babu Moger <babu.moger(a)amd.com> x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Babu Moger <babu.moger(a)amd.com> x86/resctrl: Refactor resctrl_arch_rmid_read() Chuck Lever <chuck.lever(a)oracle.com> NFSD: Define a proc_layoutcommit for the FlexFiles layout type Devarsh Thakkar <devarsht(a)ti.com> phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> phy: cdns-dphy: Store hs_clk_rate and return it Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Fix last write offset handling in layoutcommit Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Implement large extent array support in pNFS Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Minor cleanup in layoutcommit processing Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Rework encoding and decoding of nfsd4_deviceid Christoph Hellwig <hch(a)lst.de> xfs: fix log CRC mismatches between i386 and other architectures Christoph Hellwig <hch(a)lst.de> xfs: rename the old_crc variable in xlog_recover_process Mark Rutland <mark.rutland(a)arm.com> arm64: errata: Apply workarounds for Neoverse-V3AE Mark Rutland <mark.rutland(a)arm.com> arm64: cputype: Add Neoverse-V3AE definitions Ada Couprie Diaz <ada.coupriediaz(a)arm.com> arm64: debug: always unmask interrupts in el0_softstp() Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Miguel Ojeda <ojeda(a)kernel.org> rust: cpufreq: fix formatting Wilfred Mallawa <wilfred.mallawa(a)wdc.com> nvme/tcp: handle tls partially sent records in write_space() Xing Guo <higuoxing(a)gmail.com> selftests: arg_parsing: Ensure data is flushed to disk before reading. Matthew Auld <matthew.auld(a)intel.com> drm/xe/evict: drop bogus assert Li Qiang <liqiang01(a)kylinos.cn> ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails Thadeu Lima de Souza Cascardo <cascardo(a)igalia.com> HID: multitouch: fix name of Stylus input devices Dmitry Torokhov <dmitry.torokhov(a)gmail.com> HID: hid-input: only ignore 0 battery events for digitizers Ming Lei <ming.lei(a)redhat.com> block: Remove elevator_lock usage from blkg_conf frozen operations Yu Kuai <yukuai3(a)huawei.com> blk-mq: fix stale tag depth for shared sched tags in blk_mq_update_nr_requests() Jiaming Zhang <r772577952(a)gmail.com> ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card Andrii Nakryiko <andrii(a)kernel.org> selftests/bpf: make arg_parsing.c more robust to crashes Alison Schofield <alison.schofield(a)intel.com> cxl/trace: Subtract to find an hpa_alias0 in cxl_poison events Martin George <martinus.gpy(a)gmail.com> nvme-auth: update sc_c in host response Pranjal Ramajor Asha Kanojiya <quic_pkanojiy(a)quicinc.com> accel/qaic: Synchronize access to DBC request queue head & tail pointer Youssef Samir <quic_yabdulra(a)quicinc.com> accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Jeff Hugo <jeff.hugo(a)oss.qualcomm.com> accel/qaic: Fix bootlog initialization ordering Randy Dunlap <rdunlap(a)infradead.org> ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Vincent Guittot <vincent.guittot(a)linaro.org> sched/fair: Fix pelt lost idle time detection Peter Zijlstra (Intel) <peterz(a)infradead.org> sched/deadline: Stop dl_server before CPU goes offline Even Xu <even.xu(a)intel.com> HID: intel-thc-hid: Intel-quickspi: switch first interrupt from level to edge detection Alok Tiwari <alok.a.tiwari(a)oracle.com> drm/rockchip: vop2: use correct destination rectangle height check Francesco Valla <francesco(a)valla.it> drm/draw: fix color truncation in drm_draw_fill24 Ingo Molnar <mingo(a)kernel.org> x86/mm: Fix SMP ordering in switch_mm_irqs_off() Dave Jiang <dave.jiang(a)intel.com> cxl/features: Add check for no entries in cxl_feature_info Vinay Belgaumkar <vinay.belgaumkar(a)intel.com> drm/xe: Enable media sampler power gating Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/powerplay: Fix CIK shutdown temperature Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: drop unused structures in amdgpu_drm.h Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: set an error on all fences from a bad context Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: handle wrap around in reemit handling Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: fix handling of harvesting for ip_discovery firmware Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add support for cyan skillfish without IP discovery Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add ip offset support for cyan skillfish Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/fb: Fix the set_tiling vs. addfb race, again Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/frontbuffer: Move bo refcounting intel_frontbuffer_{get,release}() Zhanjun Dong <zhanjun.dong(a)intel.com> drm/i915/guc: Skip communication warning on reset in progress Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Consistently clear interrupts before unmasking Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Generalize helper to clear IRQ status Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: nau8821: Cancel jdet_work before handling jack ejection Christophe Leroy <christophe.leroy(a)csgroup.eu> ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec Sourabh Jain <sourabhjain(a)linux.ibm.com> powerpc/fadump: skip parameter area allocation when fadump is disabled Marek Vasut <marek.vasut(a)mailbox.org> drm/bridge: lt9211: Drop check for last nibble of version register Fabian Vogt <fvogt(a)suse.de> riscv: kprobes: Fix probe address validation Amit Chaudhary <achaudhary(a)purestorage.com> nvme-multipath: Skip nr_active increments in RETRY disposition Ketil Johnsen <ketil.johnsen(a)arm.com> drm/panthor: Ensure MCU is disabled on suspend I Viswanath <viswanathiyyappan(a)gmail.com> net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Breno Leitao <leitao(a)debian.org> netdevsim: set the carrier when the device goes up Sabrina Dubroca <sd(a)queasysnail.net> tls: don't rely on tx_work during send() Sabrina Dubroca <sd(a)queasysnail.net> tls: wait for pending async decryptions if tls_strp_msg_hold fails Sabrina Dubroca <sd(a)queasysnail.net> tls: always set record_type in tls_process_cmsg Sabrina Dubroca <sd(a)queasysnail.net> tls: wait for async encrypt in case of error during latter iterations of sendmsg Sabrina Dubroca <sd(a)queasysnail.net> tls: trim encrypted message to match the plaintext on short splice Alexey Simakov <bigalex934(a)gmail.com> tg3: prevent use of uninitialized remote_adv and local_adv variables Marios Makassikis <mmakassikis(a)freebox.fr> ksmbd: fix recursive locking in RPC handle list access Florian Westphal <fw(a)strlen.de> net: core: fix lockdep splat on device unregister Wang Liang <wangliang74(a)huawei.com> selftests: net: check jq command is supported Lorenzo Bianconi <lorenzo(a)kernel.org> net: airoha: Take into account out-of-order tx completions in airoha_dev_xmit() Eric Dumazet <edumazet(a)google.com> tcp: fix tcp_tso_should_defer() vs large RTT Zqiang <qiang.zhang(a)linux.dev> usbnet: Fix using smp_processor_id() in preemptible code warnings Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> Octeontx2-af: Fix missing error code in cgx_probe() Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: Avoid spurious link down messages during interface toggle Marek Vasut <marek.vasut(a)mailbox.org> net: phy: realtek: Avoid PHYCR2 access if PHYCR2 not present Koichiro Den <den(a)valinux.co.jp> ixgbe: fix too early devlink_free() in ixgbe_remove() Milena Olech <milena.olech(a)intel.com> idpf: cleanup remaining SKBs in PTP flows Dmitry Safonov <0x7f454c46(a)gmail.com> net/ip6_tunnel: Prevent perpetual tunnel growth Kamil Horák - 2N <kamilh(a)axis.com> net: phy: bcm54811: Fix GMII/MII/MII-Lite selection Linmao Li <lilinmao(a)kylinos.cn> r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Ivan Vecera <ivecera(a)redhat.com> dpll: zl3073x: Handle missing or corrupted flash configuration Ivan Vecera <ivecera(a)redhat.com> dpll: zl3073x: Refactor DPLL initialization Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> can: j1939: add missing calls in NETDEV_UNREGISTER notification handler Nicolas Dichtel <nicolas.dichtel(a)6wind.com> doc: fix seg6_flowlabel path Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: handle dma_map_single() failure properly Rex Lu <rex.lu(a)mediatek.com> net: mtk: wed: add dma mask limitation and GFP_DMA32 for device with more than 4GB DRAM Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: fix CAN state in system PM Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_chip_config(): bring up interface in correct state Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_handle_state_errors(): fix CAN state transition to Error Active Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() Christian Brauner <brauner(a)kernel.org> coredump: fix core_pattern input validation Yuezhang Mo <Yuezhang.Mo(a)sony.com> dax: skip read lock assertion for read-only filesystems Benjamin Tissoires <bentiss(a)kernel.org> HID: multitouch: fix sticky fingers Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_ncm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_ecm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_acm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_rndis: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Introduce free_usb_request helper Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Store endpoint pointer in usb_request Guoniu Zhou <guoniu.zhou(a)nxp.com> media: nxp: imx8-isi: m2m: Fix streaming cleanup on release Mario Limonciello (AMD) <superm1(a)kernel.org> drm/amd: Fix hybrid sleep Mario Limonciello (AMD) <superm1(a)kernel.org> PM: hibernate: Add pm_hibernation_mode_is_suspend() Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Check whether secure display TA loaded successfully Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix MMAP2 event device with backing files Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix MMAP event path names with backing files Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix address filter match with backing files Kenneth Graunke <kenneth(a)whitecape.org> drm/xe: Increase global invalidation timeout to 1000us Jonathan Kim <jonathan.kim(a)amd.com> drm/amdgpu: fix gfx12 mes packet status return check Gui-Dong Han <hanguidong02(a)gmail.com> drm/amdgpu: use atomic functions with memory barriers for vm fault info Thomas Zimmermann <tzimmermann(a)suse.de> drm/ast: Blank with VGACR17 sync enable, always clear VGACRB6 sync off Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies Denis Arefev <arefev(a)swemel.ru> ALSA: hda: Fix missing pointer check in hda_component_manager_init function Denis Arefev <arefev(a)swemel.ru> ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() Takashi Iwai <tiwai(a)suse.de> ALSA: hda/realtek: Add quirk entry for HP ZBook 17 G6 Stuart Hayhurst <stuart.a.hayhurst(a)gmail.com> ALSA: hda/intel: Add MSI X870E Tomahawk to denylist Dave Jiang <dave.jiang(a)intel.com> cxl/acpi: Fix setup of memory resource in cxl_acpi_set_cache_size() Eugene Korenevsky <ekorenevsky(a)aliyun.com> cifs: parse_dfs_referrals: prevent oob on malformed input Celeste Liu <uwu(a)coelacanthus.name> can: gs_usb: increase max interface to U8_MAX Celeste Liu <uwu(a)coelacanthus.name> can: gs_usb: gs_make_candev(): populate net_device->dev_port Filipe Manana <fdmanana(a)suse.com> btrfs: do not assert we found block group item when creating free space tree Miquel Sabaté Solà <mssola(a)mssola.com> btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST Boris Burkov <boris(a)bur.io> btrfs: fix incorrect readahead expansion length Qu Wenruo <wqu(a)suse.com> btrfs: only set the device specific options after devices are opened Miquel Sabaté Solà <mssola(a)mssola.com> btrfs: fix memory leak on duplicated memory in the qgroup assign ioctl Filipe Manana <fdmanana(a)suse.com> btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running Deepanshu Kartikey <kartikey406(a)gmail.com> ext4: detect invalid INLINE_DATA + EXTENTS flag combination Zhang Yi <yi.zhang(a)huawei.com> ext4: wait for ongoing I/O to complete before freeing blocks Zhang Yi <yi.zhang(a)huawei.com> jbd2: ensure that all ongoing I/O complete before freeing blocks Tim Hostetler <thostet(a)google.com> gve: Check valid ts bit on RX descriptor before hw timestamping Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix wrong block mapping for multi-devices Oliver Upton <oliver.upton(a)linux.dev> KVM: arm64: Prevent access to vCPU events before init Bhanu Seshu Kumar Valluri <bhanuseshukumar(a)gmail.com> net: usb: lan78xx: Fix lost EEPROM write timeout error(-ETIMEDOUT) in lan78xx_write_raw_eeprom Yi Cong <yicong(a)kylinos.cn> r8152: add error handling in rtl8152_driver_init Matthew Schwartz <matthew.schwartz(a)linux.dev> Revert "drm/amd/display: Only restore backlight after amdgpu_dm_init or dm_resume" Pavel Begunkov <asml.silence(a)gmail.com> io_uring: protect mem region deregistration Jens Axboe <axboe(a)kernel.dk> Revert "io_uring/rw: drop -EOPNOTSUPP check in __io_complete_rw_common()" Hao Ge <gehao(a)kylinos.cn> slab: reset slab->obj_ext when freeing and it is OBJEXTS_ALLOC_FAIL Rong Zhang <i(a)rong.moe> x86/CPU/AMD: Prevent reset reasons from being retained across reboot Shuhao Fu <sfual(a)cse.ust.hk> smb: client: Fix refcount leak for cifs_sb_tlink Conor Dooley <conor.dooley(a)microchip.com> rust: cfi: only 64-bit arm and x86 support CFI_CLANG Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbevf: fix mailbox API compatibility by negotiating supported features Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ixgbevf: fix getting link speed data for E610 devices Shuicheng Lin <shuicheng.lin(a)intel.com> drm/xe/guc: Check GuC running state before deregistering exec queue Lorenzo Pieralisi <lpieralisi(a)kernel.org> arm64/sysreg: Fix GIC CDEOI instruction encoding Damien Le Moal <dlemoal(a)kernel.org> ata: libata-core: relax checks in ata_read_log_directory() Jan Kara <jack(a)suse.cz> vfs: Don't leak disconnected dentries on umount Inochi Amaoto <inochiama(a)gmail.com> PCI: vmd: Override irq_startup()/irq_shutdown() in vmd_init_dev_msi_info() Andrey Albershteyn <aalbersh(a)redhat.com> Revert "fs: make vfs_fileattr_[get|set] return -EOPNOTSUPP" Jonathan Corbet <corbet(a)lwn.net> docs: kdoc: handle the obsolescensce of docutils.ErrorString() ------------- Diffstat: Documentation/arch/arm64/silicon-errata.rst | 2 + Documentation/networking/seg6-sysctl.rst | 3 + Documentation/sphinx/kernel_feat.py | 4 +- Documentation/sphinx/kernel_include.py | 6 +- Documentation/sphinx/maintainers_include.py | 4 +- Makefile | 4 +- arch/Kconfig | 1 + arch/arm64/Kconfig | 1 + arch/arm64/include/asm/cputype.h | 2 + arch/arm64/include/asm/sysreg.h | 11 +- arch/arm64/kernel/cpu_errata.c | 1 + arch/arm64/kernel/entry-common.c | 8 +- arch/arm64/kvm/arm.c | 6 + arch/powerpc/kernel/fadump.c | 3 + arch/riscv/kernel/probes/kprobes.c | 13 +- arch/x86/kernel/cpu/amd.c | 16 +- arch/x86/kernel/cpu/resctrl/monitor.c | 46 ++-- arch/x86/mm/tlb.c | 24 +- block/blk-cgroup.c | 13 +- block/blk-mq-sched.c | 2 +- block/blk-mq-tag.c | 5 +- block/blk-mq.c | 2 +- block/blk-mq.h | 3 +- drivers/accel/qaic/qaic.h | 2 + drivers/accel/qaic/qaic_control.c | 2 +- drivers/accel/qaic/qaic_data.c | 12 +- drivers/accel/qaic/qaic_debugfs.c | 5 +- drivers/accel/qaic/qaic_drv.c | 3 + drivers/ata/libata-core.c | 11 +- drivers/cxl/acpi.c | 2 +- drivers/cxl/core/features.c | 3 + drivers/cxl/core/region.c | 7 +- drivers/cxl/core/trace.h | 2 +- drivers/dpll/zl3073x/core.c | 280 +++++++++++++-------- drivers/dpll/zl3073x/core.h | 3 + drivers/dpll/zl3073x/devlink.c | 18 +- drivers/dpll/zl3073x/regs.h | 3 + drivers/gpu/drm/amd/amdgpu/Makefile | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 48 +++- drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_fence.c | 54 +++- drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ring.h | 2 +- .../gpu/drm/amd/amdgpu/cyan_skillfish_reg_init.c | 56 +++++ drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/mes_v12_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/nv.h | 1 + drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 12 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h | 7 - .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 +- drivers/gpu/drm/ast/ast_mode.c | 18 +- drivers/gpu/drm/ast/ast_reg.h | 1 + drivers/gpu/drm/bridge/lontium-lt9211.c | 3 +- drivers/gpu/drm/drm_draw.c | 2 +- drivers/gpu/drm/drm_draw_internal.h | 2 +- drivers/gpu/drm/i915/display/intel_fb.c | 38 +-- drivers/gpu/drm/i915/display/intel_frontbuffer.c | 10 +- .../gpu/drm/i915/gem/i915_gem_object_frontbuffer.h | 2 - drivers/gpu/drm/i915/gt/uc/intel_guc_ct.c | 9 +- drivers/gpu/drm/panthor/panthor_fw.c | 1 + drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 2 +- drivers/gpu/drm/scheduler/sched_main.c | 13 +- drivers/gpu/drm/xe/display/xe_fb_pin.c | 5 +- drivers/gpu/drm/xe/display/xe_plane_initial.c | 3 +- drivers/gpu/drm/xe/regs/xe_gt_regs.h | 1 + drivers/gpu/drm/xe/xe_assert.h | 4 +- drivers/gpu/drm/xe/xe_bo.c | 1 + drivers/gpu/drm/xe/xe_bo.h | 4 +- drivers/gpu/drm/xe/xe_bo_evict.c | 8 - drivers/gpu/drm/xe/xe_bo_types.h | 1 + drivers/gpu/drm/xe/xe_device.c | 22 +- drivers/gpu/drm/xe/xe_device_types.h | 62 +---- drivers/gpu/drm/xe/xe_gt_idle.c | 8 + drivers/gpu/drm/xe/xe_gt_pagefault.c | 13 +- drivers/gpu/drm/xe/xe_gt_sriov_pf_config.c | 3 +- drivers/gpu/drm/xe/xe_guc_submit.c | 13 +- drivers/gpu/drm/xe/xe_migrate.c | 25 +- drivers/gpu/drm/xe/xe_pci.c | 8 + drivers/gpu/drm/xe/xe_query.c | 5 +- drivers/gpu/drm/xe/xe_svm.c | 63 ++--- drivers/gpu/drm/xe/xe_tile.c | 58 +++-- drivers/gpu/drm/xe/xe_tile.h | 14 +- drivers/gpu/drm/xe/xe_ttm_stolen_mgr.c | 10 +- drivers/gpu/drm/xe/xe_ttm_vram_mgr.c | 22 +- drivers/gpu/drm/xe/xe_ttm_vram_mgr.h | 3 +- drivers/gpu/drm/xe/xe_vm.c | 32 ++- drivers/gpu/drm/xe/xe_vm_types.h | 2 + drivers/gpu/drm/xe/xe_vram.c | 245 +++++++++++++----- drivers/gpu/drm/xe/xe_vram.h | 14 +- drivers/gpu/drm/xe/xe_vram_types.h | 85 +++++++ drivers/hid/hid-input.c | 5 +- drivers/hid/hid-multitouch.c | 28 ++- .../intel-quickspi/quickspi-protocol.c | 3 +- drivers/media/platform/nxp/imx8-isi/imx8-isi-m2m.c | 226 +++++++---------- drivers/net/can/m_can/m_can.c | 64 +++-- drivers/net/can/m_can/m_can_platform.c | 2 +- drivers/net/can/usb/gs_usb.c | 23 +- drivers/net/ethernet/airoha/airoha_eth.c | 16 +- drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 - drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 + drivers/net/ethernet/broadcom/tg3.c | 5 +- drivers/net/ethernet/dlink/dl2k.c | 23 +- drivers/net/ethernet/google/gve/gve.h | 2 + drivers/net/ethernet/google/gve/gve_desc_dqo.h | 3 +- drivers/net/ethernet/google/gve/gve_rx_dqo.c | 16 +- drivers/net/ethernet/intel/idpf/idpf_ptp.c | 3 + .../net/ethernet/intel/idpf/idpf_virtchnl_ptp.c | 1 + drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 3 +- drivers/net/ethernet/intel/ixgbevf/defines.h | 1 + drivers/net/ethernet/intel/ixgbevf/ipsec.c | 10 + drivers/net/ethernet/intel/ixgbevf/ixgbevf.h | 7 + drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 34 ++- drivers/net/ethernet/intel/ixgbevf/mbx.h | 8 + drivers/net/ethernet/intel/ixgbevf/vf.c | 182 +++++++++++--- drivers/net/ethernet/intel/ixgbevf/vf.h | 1 + drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 1 + drivers/net/ethernet/mediatek/mtk_wed.c | 8 +- drivers/net/ethernet/realtek/r8169_main.c | 5 +- drivers/net/netdevsim/netdev.c | 7 + drivers/net/phy/broadcom.c | 20 +- drivers/net/phy/realtek/realtek_main.c | 23 +- drivers/net/usb/lan78xx.c | 19 +- drivers/net/usb/r8152.c | 7 +- drivers/net/usb/usbnet.c | 2 + drivers/nvme/host/auth.c | 6 +- drivers/nvme/host/multipath.c | 6 +- drivers/nvme/host/tcp.c | 3 + drivers/pci/controller/vmd.c | 13 + drivers/phy/cadence/cdns-dphy.c | 133 +++++++--- drivers/usb/gadget/function/f_acm.c | 42 ++-- drivers/usb/gadget/function/f_ecm.c | 48 ++-- drivers/usb/gadget/function/f_ncm.c | 78 +++--- drivers/usb/gadget/function/f_rndis.c | 85 +++---- drivers/usb/gadget/udc/core.c | 3 + fs/btrfs/extent_io.c | 2 +- fs/btrfs/free-space-tree.c | 15 +- fs/btrfs/ioctl.c | 2 +- fs/btrfs/relocation.c | 13 +- fs/btrfs/super.c | 3 +- fs/btrfs/zoned.c | 2 +- fs/coredump.c | 2 +- fs/dax.c | 2 +- fs/dcache.c | 2 + fs/exec.c | 2 +- fs/ext4/ext4_jbd2.c | 11 +- fs/ext4/inode.c | 8 + fs/f2fs/data.c | 2 +- fs/file_attr.c | 12 +- fs/fuse/ioctl.c | 4 - fs/hfsplus/unicode.c | 24 ++ fs/jbd2/transaction.c | 13 +- fs/nfsd/blocklayout.c | 25 +- fs/nfsd/blocklayoutxdr.c | 86 ++++--- fs/nfsd/blocklayoutxdr.h | 4 +- fs/nfsd/flexfilelayout.c | 8 + fs/nfsd/flexfilelayoutxdr.c | 3 +- fs/nfsd/nfs4layouts.c | 1 - fs/nfsd/nfs4proc.c | 36 ++- fs/nfsd/nfs4xdr.c | 25 +- fs/nfsd/pnfs.h | 1 + fs/nfsd/xdr4.h | 39 ++- fs/overlayfs/copy_up.c | 2 +- fs/overlayfs/inode.c | 5 +- fs/smb/client/inode.c | 6 +- fs/smb/client/misc.c | 17 ++ fs/smb/client/smb2ops.c | 8 +- fs/smb/server/mgmt/user_session.c | 7 +- fs/smb/server/smb2pdu.c | 9 +- fs/smb/server/transport_ipc.c | 12 + fs/xfs/libxfs/xfs_log_format.h | 30 ++- fs/xfs/libxfs/xfs_ondisk.h | 2 + fs/xfs/xfs_log.c | 8 +- fs/xfs/xfs_log_priv.h | 4 +- fs/xfs/xfs_log_recover.c | 34 ++- include/linux/brcmphy.h | 1 + include/linux/libata.h | 6 + include/linux/suspend.h | 2 + include/linux/usb/gadget.h | 25 ++ include/net/ip_tunnels.h | 15 ++ include/uapi/drm/amdgpu_drm.h | 21 -- io_uring/register.c | 1 + io_uring/rw.c | 2 +- kernel/events/core.c | 8 +- kernel/power/hibernate.c | 11 + kernel/sched/core.c | 2 + kernel/sched/deadline.c | 3 + kernel/sched/fair.c | 26 +- mm/slub.c | 9 +- net/can/j1939/main.c | 2 + net/core/dev.c | 40 ++- net/ipv4/ip_tunnel.c | 14 -- net/ipv4/tcp_output.c | 19 +- net/ipv6/ip6_tunnel.c | 3 +- net/tls/tls_main.c | 7 +- net/tls/tls_sw.c | 31 ++- rust/kernel/cpufreq.rs | 3 +- sound/firewire/amdtp-stream.h | 2 +- sound/hda/codecs/realtek/alc269.c | 1 + sound/hda/codecs/side-codecs/cs35l41_hda.c | 2 + sound/hda/codecs/side-codecs/hda_component.c | 4 + sound/hda/controllers/intel.c | 1 + sound/soc/amd/acp/acp-sdw-sof-mach.c | 2 +- sound/soc/codecs/idt821034.c | 12 +- sound/soc/codecs/nau8821.c | 115 +++++---- sound/usb/card.c | 10 +- .../testing/selftests/bpf/prog_tests/arg_parsing.c | 12 +- tools/testing/selftests/net/rtnetlink.sh | 2 + tools/testing/selftests/net/vlan_bridge_binding.sh | 2 + 211 files changed, 2408 insertions(+), 1262 deletions(-)

1 month

9
172
0 0

[PATCH 6.4 000/797] 6.4.4-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.4.4 release. There are 797 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 19 Jul 2023 18:55:19 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.4.4-rc2.… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.4.4-rc2 Andres Freund <andres(a)anarazel.de> io_uring: Use io_schedule* in cqring wait Sherry Sun <sherry.sun(a)nxp.com> tty: serial: fsl_lpuart: add earlycon for imx8ulp platform Jason A. Donenfeld <Jason(a)zx2c4.com> wireguard: netlink: send staged packets when setting initial private key Jason A. Donenfeld <Jason(a)zx2c4.com> wireguard: queueing: use saner cpu selection wrapping Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> netfilter: nf_tables: prevent OOB access in nft_byteorder_eval Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> netfilter: nf_tables: do not ignore genmask when looking up chain by id Florent Revest <revest(a)chromium.org> netfilter: conntrack: Avoid nf_ct_helper_hash uses after free Tao Zhou <tao.zhou1(a)amd.com> drm/amdgpu: check RAS irq existence for VCN/JPEG Kenneth Feng <kenneth.feng(a)amd.com> drm/amd/pm: add abnormal fan detection for smu 13.0.0 Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/sdma4: set align mask to 255 Evan Quan <evan.quan(a)amd.com> drm/amd/pm: revise the ASPM settings for thunderbolt attached scenario Jiadong Zhu <Jiadong.Zhu(a)amd.com> drm/amdgpu: Skip mark offset for high priority rings Christian König <christian.koenig(a)amd.com> drm/amdgpu: make sure that BOs have a backing store Christian König <christian.koenig(a)amd.com> drm/amdgpu: make sure BOs are locked in amdgpu_vm_get_memory WANG Xuerui <git(a)xen0n.name> LoongArch: Include KBUILD_CPPFLAGS in CHECKFLAGS invocation Zhihao Cheng <chengzhihao1(a)huawei.com> ovl: fix null pointer dereference in ovl_get_acl_rcu() Zhihao Cheng <chengzhihao1(a)huawei.com> ovl: let helper ovl_i_path_real() return the realinode Zhihao Cheng <chengzhihao1(a)huawei.com> ovl: fix null pointer dereference in ovl_permission() Masahiro Yamada <masahiroy(a)kernel.org> kbuild: add $(CLANG_FLAGS) to KBUILD_CPPFLAGS Nathan Chancellor <nathan(a)kernel.org> kbuild: Add KBUILD_CPPFLAGS to as-option invocation Nathan Chancellor <nathan(a)kernel.org> kbuild: Add CLANG_FLAGS to as-instr Nathan Chancellor <nathan(a)kernel.org> powerpc/vdso: Include CLANG_FLAGS explicitly in ldflags-y Nathan Chancellor <nathan(a)kernel.org> mips: Include KBUILD_CPPFLAGS in CHECKFLAGS invocation Arnd Bergmann <arnd(a)arndb.de> Input: ads7846 - fix pointer cast warning Jan Kara <jack(a)suse.cz> fs: no need to check source Yu Kuai <yukuai3(a)huawei.com> md/raid1-10: fix casting from randomized structure in raid1_submit_write() Linus Walleij <linus.walleij(a)linaro.org> Input: ads7846 - Fix usage of match data Yu Kuai <yukuai3(a)huawei.com> blktrace: use inline function for blk_trace_remove() while blktrace is disabled Christian Marangi <ansuelsmth(a)gmail.com> leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename Arnd Bergmann <arnd(a)arndb.de> ARM: orion5x: fix d2net gpio initialization Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: qcom: ipq4019: fix broken NAND controller properties override Linus Walleij <linus.walleij(a)linaro.org> ARM: dts: qcom: msm8660: Fix regulator node names Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> regulator: tps65219: Fix matching interrupts for their regulators Ricardo Ribalda Delgado <ribalda(a)chromium.org> ASoC: mediatek: mt8173: Fix snd_soc_component_initialize error path Ricardo Ribalda Delgado <ribalda(a)chromium.org> ASoC: mediatek: mt8173: Fix irq error path Filipe Manana <fdmanana(a)suse.com> btrfs: do not BUG_ON() on tree mod log failure at __btrfs_cow_block() Filipe Manana <fdmanana(a)suse.com> btrfs: fix extent buffer leak after tree mod log failure at split_node() Filipe Manana <fdmanana(a)suse.com> btrfs: add missing error handling when logging operation while COWing extent buffer Filipe Manana <fdmanana(a)suse.com> btrfs: fix race when deleting quota root from the dirty cow roots list Naohiro Aota <naota(a)elisp.net> btrfs: move out now unused BG from the reclaim list Naohiro Aota <naota(a)elisp.net> btrfs: reinsert BGs failed to reclaim David Sterba <dsterba(a)suse.com> btrfs: add block-group tree to lockdep classes Naohiro Aota <naota(a)elisp.net> btrfs: bail out reclaim process if filesystem is read-only Naohiro Aota <naota(a)elisp.net> btrfs: delete unused BGs while reclaiming BGs Boris Burkov <boris(a)bur.io> btrfs: warn on invalid slot in tree mod log rewind Boris Burkov <boris(a)bur.io> btrfs: insert tree mod log move in push_node_left Christoph Hellwig <hch(a)lst.de> btrfs: fix dirty_metadata_bytes for redirtied buffers Matt Corallo <blnxfsl(a)bluematt.me> btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile Abhijeet Rastogi <abhijeet.1989(a)gmail.com> ipvs: increase ip_vs_conn_tab_bits range for 64BIT Mario Limonciello <mario.limonciello(a)amd.com> usb: typec: ucsi: Mark dGPUs as DEVICE scope Jan Kara <jack(a)suse.cz> fs: Lock moved directories Jan Kara <jack(a)suse.cz> fs: Establish locking order for unrelated directories Jan Kara <jack(a)suse.cz> Revert "udf: Protect rename against modification of moved directory" Jan Kara <jack(a)suse.cz> Revert "f2fs: fix potential corruption when moving a directory" Jan Kara <jack(a)suse.cz> ext4: Remove ext4 locking of moved directory Thomas Weißschuh <linux(a)weissschuh.net> fs: avoid empty option when generating legacy mount string Fabian Frederick <fabf(a)skynet.be> jffs2: reduce stack usage in jffs2_build_xattr_subsystem() Christian Brauner <brauner(a)kernel.org> nfsd: use vfs setgid helper Roberto Sassu <roberto.sassu(a)huawei.com> shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs Ryan Roberts <ryan.roberts(a)arm.com> mm/damon/ops-common: atomically test and clear young on ptes and pmds Arnd Bergmann <arnd(a)arndb.de> autofs: use flexible array in ioctl structure Tianjia Zhang <tianjia.zhang(a)linux.alibaba.com> integrity: Fix possible multiple allocation in integrity_inode_get() Kees Cook <keescook(a)chromium.org> um: Use HOST_DIR for mrproper Siddh Raman Pant <code(a)siddh.me> watch_queue: prevent dangling pipe pointer Zheng Wang <zyytlz.wz(a)163.com> bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent Zheng Wang <zyytlz.wz(a)163.com> bcache: Remove unnecessary NULL point check in node allocations Mingzhe Zou <mingzhe.zou(a)easystack.cn> bcache: fixup btree_cache_wait list damage Quan Zhou <quan.zhou(a)mediatek.com> wifi: mt76: mt7921e: fix init command fail with enabled device Felix Fietkau <nbd(a)nbd.name> wifi: cfg80211: fix receiving mesh packets without RFC1042 header Alexander Wetzel <alexander(a)wetzel-home.de> wifi: ath10k: Serialize wake_tx_queue ops Johannes Berg <johannes.berg(a)intel.com> wifi: cfg80211: fix regulatory disconnect for non-MLO Chevron Li <chevron.li(a)bayhubtech.com> mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is used. Ulf Hansson <ulf.hansson(a)linaro.org> mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS Robert Marko <robimarko(a)gmail.com> mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M Robert Marko <robimarko(a)gmail.com> mmc: core: disable TRIM on Kingston EMMC04G-M627 Yu Zhao <yuzhao(a)google.com> mm/mglru: make memcg_lru->lock irq safe Jens Axboe <axboe(a)kernel.dk> io_uring: wait interruptibly for request completions on exit Jianmin Lv <lvjianmin(a)loongson.cn> irqchip/loongson-pch-pic: Fix initialization of HT vector register Dai Ngo <dai.ngo(a)oracle.com> NFSD: add encoding of op_recall flag for write delegation Liu Peibao <liupeibao(a)loongson.cn> irqchip/loongson-pch-pic: Fix potential incorrect hwirq assignment Jeff Layton <jlayton(a)kernel.org> nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net Jianmin Lv <lvjianmin(a)loongson.cn> irqchip/loongson-liointc: Fix IRQ trigger polarity Mark Brown <broonie(a)kernel.org> arm64/signal: Restore TPIDR2 register rather than memory state Daniel Miess <daniel.miess(a)amd.com> Revert "drm/amd/display: Move DCN314 DOMAIN power control to DMCUB" Geert Uytterhoeven <geert+renesas(a)glider.be> lib: dhry: fix sleeping allocations inside non-preemptable section Matthew Wilcox (Oracle) <willy(a)infradead.org> writeback: account the number of pages written back Robert Hancock <robert.hancock(a)calian.com> i2c: xiic: Don't try to handle more interrupt events after error John Johansen <john.johansen(a)canonical.com> apparmor: fix profile verification and enable it John Johansen <john.johansen(a)canonical.com> apparmor: fix policy_compat permission remap with extended permissions John Johansen <john.johansen(a)canonical.com> apparmor: add missing failure check in compute_xmatch_perms Danila Chernetsov <listdansp(a)mail.ru> apparmor: fix missing error check for rhashtable_insert_fast Artur Rojek <contact(a)artur-rojek.eu> sh: dma: Fix DMA channel offset calculation Marc Zyngier <maz(a)kernel.org> risc-v: Fix order of IPI enablement vs RCU startup Thorsten Winkler <twinkler(a)linux.ibm.com> s390/qeth: Fix vipa deletion David Howells <dhowells(a)redhat.com> afs: Fix accidental truncation when storing data Hariprasad Kelam <hkelam(a)marvell.com> octeontx-af: fix hardware timestamp configuration Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: sja1105: always enable the send_meta options Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: tag_sja1105: fix MAC DA patching from meta frames Guillaume Nault <gnault(a)redhat.com> pptp: Fix fib lookup calls. Woody Zhang <woodylab(a)foxmail.com> riscv: move memblock_allow_resize() after linear mapping is ready Amir Goldstein <amir73il(a)gmail.com> fanotify: disallow mount/sb marks on kernel internal pseudo fs Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/psr: Fix BDW PSR AUX CH data register offsets Lin Ma <linma(a)zju.edu.cn> net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX Ilya Maximets <i.maximets(a)ovn.org> xsk: Honor SO_BINDTODEVICE on bind SeongJae Park <sj(a)kernel.org> bpf, btf: Warn but return no error for NULL btf from __register_btf_kfunc_id_set() Maxime Coquelin <maxime.coquelin(a)redhat.com> vduse: fix NULL pointer dereference Eric Dumazet <edumazet(a)google.com> tcp: annotate data races in __tcp_oow_rate_limited() Eric Dumazet <edumazet(a)google.com> net: fix net_dev_start_xmit trace event vs skb_transport_offset() Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: tag_sja1105: fix source port decoding in vlan_filtering=0 bridge mode Vladimir Oltean <vladimir.oltean(a)nxp.com> net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode Pali Rohár <pali(a)kernel.org> powerpc: dts: turris1x.dts: Fix PCIe MEM size for pci2 node Randy Dunlap <rdunlap(a)infradead.org> powerpc: allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y Zeng Heng <zengheng4(a)huawei.com> ntfs: Fix panic about slab-out-of-bounds caused by ntfs_listxattr() Hariprasad Kelam <hkelam(a)marvell.com> octeontx2-af: Reset MAC features in FLR Hariprasad Kelam <hkelam(a)marvell.com> octeontx2-af: Add validation before accessing cgx and lmac Hariprasad Kelam <hkelam(a)marvell.com> octeontx2-af: Fix mapping for NIX block from CGX connection Hariprasad Kelam <hkelam(a)marvell.com> octeontx2-af: cn10kb: fix interrupt csr addresses Chao Yu <chao(a)kernel.org> f2fs: fix error path handling in truncate_dnode() Nishanth Menon <nm(a)ti.com> mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0 Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Don't try to enable secure display TA multiple times Christian König <christian.koenig(a)amd.com> drm/amdgpu: fix number of fence calculations Jonas Gorski <jonas.gorski(a)gmail.com> spi: bcm-qspi: return error if neither hif_mspi nor mspi is available Zhengchao Shao <shaozhengchao(a)huawei.com> mlxsw: minimal: fix potential memory leak in mlxsw_m_linecards_init Pawel Dembicki <paweldembicki(a)gmail.com> net: dsa: vsc73xx: fix MTU configuration Nick Child <nnac123(a)linux.ibm.com> ibmvnic: Do not reset dql stats on NON_FATAL err Martin Habets <habetsm.xilinx(a)gmail.com> sfc: support for devlink port requires MAE access Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: MGMT: Fix marking SCAN_RSP as not connectable Pauli Virtanen <pav(a)iki.fi> Bluetooth: ISO: use hci_sync for setting CIG parameters Johan Hovold <johan+linaro(a)kernel.org> Bluetooth: fix invalid-bdaddr quirk for non-persistent setup Tobias Heider <me(a)tobhe.de> Add MODULE_FIRMWARE() for FIRMWARE_TG357766. Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: tag_sja1105: always prefer source port information from INCL_SRCPT Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: sja1105: always enable the INCL_SRCPT option Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: felix: don't drop PTP frames with tag_8021q when RX timestamping is disabled Vladimir Oltean <vladimir.oltean(a)nxp.com> net: mscc: ocelot: don't keep PTP configuration of all ports in single structure Vladimir Oltean <vladimir.oltean(a)nxp.com> net: mscc: ocelot: don't report that RX timestamping is enabled by default Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> spi: spi-geni-qcom: enable SPI_CONTROLLER_MUST_TX for GPI DMA mode Florian Westphal <fw(a)strlen.de> net/sched: act_ipt: zero skb->cb before calling target Florian Westphal <fw(a)strlen.de> net/sched: act_ipt: add sanity checks on skb before calling target Florian Westphal <fw(a)strlen.de> net/sched: act_ipt: add sanity checks on table name and hook locations Chengfeng Ye <dg573847474(a)gmail.com> sctp: fix potential deadlock on &net->sctp.addr_wq_lock Randy Dunlap <rdunlap(a)infradead.org> media: cec: i2c: ch7322: also select REGMAP Arnd Bergmann <arnd(a)arndb.de> media: tc358746: select CONFIG_GENERIC_PHY Peng Fan <peng.fan(a)nxp.com> tools/virtio: fix build break for aarch64 Dragos Tatulea <dtatulea(a)nvidia.com> virtio-vdpa: Fix unchecked call to NULL set_vq_affinity Chao Yu <chao(a)kernel.org> f2fs: check return value of freeze_super() Vinay Belgaumkar <vinay.belgaumkar(a)intel.com> drm/i915/guc/slpc: Apply min softlimit correctly Jouni Högander <jouni.hogander(a)intel.com> drm/i915/psr: Use hw.adjusted mode when calculating io/fast wake times Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> rtc: st-lpc: Release some resources in st_rtc_probe() in case of error Jinke Han <hanjinke.666(a)bytedance.com> blk-throttle: Fix io statistics for cgroup v1 Ian Rogers <irogers(a)google.com> perf bpf: Move the declaration of struct rq Li Nan <linan122(a)huawei.com> md/raid10: fix the condition to call bio_end_io_acct() Shuijing Li <shuijing.li(a)mediatek.com> pwm: mtk_disp: Fix the disable flow of disp_pwm Dan Carpenter <dan.carpenter(a)linaro.org> pwm: ab8500: Fix error code in probe() Marek Vasut <marex(a)denx.de> pwm: sysfs: Do not apply state to already disabled PWMs Fancy Fang <chen.fang(a)nxp.com> pwm: imx-tpm: force 'real_period' to be zero in suspend Yury Norov <yury.norov(a)gmail.com> lib/bitmap: drop optimization of bitmap_{from,to}_arr64 Claudiu Beznea <claudiu.beznea(a)microchip.com> phy: tegra: xusb: check return value of devm_kzalloc() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> mfd: stmpe: Only disable the regulators if they are enabled Neil Armstrong <neil.armstrong(a)linaro.org> phy: qcom: qmp-combo: fix Display Port PHY configuration for SM8550 Yicong Yang <yangyicong(a)hisilicon.com> hwtracing: hisi_ptt: Fix potential sleep in atomic context Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> clk: qcom: mmcc-msm8974: fix MDSS_GDSC power flags Claudiu Beznea <claudiu.beznea(a)microchip.com> misc: fastrpc: check return value of devm_kasprintf() Daniel Golle <daniel(a)makrotopia.org> cpufreq: mediatek: correct voltages for MT7622 and MT7623 Christian Borntraeger <borntraeger(a)linux.ibm.com> KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler Pierre Morel <pmorel(a)linux.ibm.com> KVM: s390: vsie: fix the length of APCB bitmap Amelie Delaunay <amelie.delaunay(a)foss.st.com> mfd: stmfx: Nullify stmfx->vdd in case of error Amelie Delaunay <amelie.delaunay(a)foss.st.com> mfd: stmfx: Fix error path in stmfx_chip_init Laurentiu Tudor <laurentiu.tudor(a)nxp.com> bus: fsl-mc: don't assume child devices are all fsl-mc devices Phil Elwell <phil(a)raspberrypi.com> nvmem: rmem: Use NVMEM_DEVID_AUTO Mirsad Goran Todorovac <mirsad.todorovac(a)alu.unizg.hr> test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation Alexander Stein <alexander.stein(a)ew.tq-group.com> nvmem: imx-ocotp: Reverse MAC addresses on all i.MX derivates Yi Yingao <m202271736(a)hust.edu.cn> nvmem: sunplus-ocotp: release otp->clk before return Nipun Gupta <nipun.gupta(a)amd.com> cdx: fix driver managed dma support Matti Vaittinen <mazziesaccount(a)gmail.com> drivers: fwnode: fix fwnode_irq_get[_byname]() Tony Lindgren <tony(a)atomide.com> serial: 8250_omap: Use force_suspend and resume for system suspend Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "usb: common: usb-conn-gpio: Set last role to unknown before initial detection" Jiasheng Jiang <jiasheng(a)iscas.ac.cn> mfd: intel-lpss: Add missing check for platform_get_resource Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> mfd: wcd934x: Fix an error handling path in wcd934x_slim_probe() Daniel Bristot de Oliveira <bristot(a)kernel.org> rtla/hwnoise: Reduce runtime to 75% Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> usb: dwc3-meson-g12a: Fix an error handling path in dwc3_meson_g12a_probe() Prashanth K <quic_prashk(a)quicinc.com> usb: common: usb-conn-gpio: Set last role to unknown before initial detection Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove() Nico Boehr <nrb(a)linux.ibm.com> KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes Chao Yu <chao(a)kernel.org> f2fs: flush error flags in workqueue Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix the wrong condition to determine atomic context Chao Yu <chao(a)kernel.org> f2fs: support errors=remount-ro|continue|panic mountoption Chao Yu <chao(a)kernel.org> f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io() Chao Yu <chao(a)kernel.org> f2fs: fix potential deadlock due to unpaired node_write lock use Bob Peterson <rpeterso(a)redhat.com> gfs2: Fix duplicate should_fault_in_pages() call Sergey Shtylyov <s.shtylyov(a)omp.ru> sh: Avoid using IRQ0 on SH3 and SH4 Hans de Goede <hdegoede(a)redhat.com> media: atomisp: ov2680: Stop using half pixelclock for binned modes Dan Carpenter <dan.carpenter(a)linaro.org> media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var() Hans de Goede <hdegoede(a)redhat.com> media: atomisp: gc0310: Fix double free in gc0310_remove() Rikard Falkeborn <rikard.falkeborn(a)gmail.com> media: venus: helpers: Fix ALIGN() of non power of two Stephan Gerhold <stephan(a)gerhold.net> mfd: rt5033: Drop rt5033-battery sub-device ChiYuan Huang <cy_huang(a)richtek.com> power: supply: rt9467: Make charger-enable control as logic level Mike Leach <mike.leach(a)linaro.org> coresight: etm4x: Fix missing trctraceidr file in sysfs James Clark <james.clark(a)arm.com> coresight: Fix loss of connection info when a module is unloaded Clark Wang <xiaoning.wang(a)nxp.com> i3c: master: svc: fix cpu schedule in spin lock Yue Zhao <findns94(a)gmail.com> lkdtm: replace ll_rw_block with submit_bh Muchun Song <muchun.song(a)linux.dev> kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR John Ogness <john.ogness(a)linutronix.de> serial: 8250: lock port for UART_IER access in omap8250_irq() John Ogness <john.ogness(a)linutronix.de> serial: core: lock port for start_rx() in uart_resume_port() John Ogness <john.ogness(a)linutronix.de> serial: 8250: lock port for stop_rx() in omap8250_irq() John Ogness <john.ogness(a)linutronix.de> serial: core: lock port for stop_rx() in uart_suspend_port() Bhupesh Sharma <bhupesh.sharma(a)linaro.org> usb: misc: eud: Fix eud sysfs path (use 'qcom_eud') Arnd Bergmann <arnd(a)arndb.de> usb: hide unused usbfs_notify_suspend/resume functions Li Yang <lidaxian(a)hust.edu.cn> usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe() Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> extcon: Fix kernel doc of property capability fields to avoid warnings Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> extcon: Fix kernel doc of property fields to avoid warnings Prashanth K <quic_prashk(a)quicinc.com> usb: gadget: u_serial: Add null pointer check in gserial_suspend Vladislav Efanov <VEfanov(a)ispras.ru> usb: dwc3: qcom: Fix potential memory leak Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> soundwire: debugfs: fix unbalanced pm_runtime_put() Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> soundwire: qcom: fix unbalanced pm_runtime_put() Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> soundwire: qcom: use consistently 'ctrl' as state variable name Arnd Bergmann <arnd(a)arndb.de> staging: vchiq_arm: mark vchiq_platform_init() static Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> clk: qcom: mmcc-msm8974: use clk_rcg2_shared_ops for mdp_clk_src clock Kathiravan T <quic_kathirav(a)quicinc.com> clk: qcom: ipq5332: fix the order of SLEEP_CLK and XO clock Kathiravan T <quic_kathirav(a)quicinc.com> clk: qcom: ipq5332: fix the src parameter in ftbl_gcc_apss_axi_clk_src Konrad Dybcio <konrad.dybcio(a)linaro.org> clk: qcom: dispcc-qcm2290: Fix GPLL0_OUT_DIV handling Konrad Dybcio <konrad.dybcio(a)linaro.org> clk: qcom: dispcc-qcm2290: Fix BI_TCXO_AO handling Robert Marko <robimarko(a)gmail.com> clk: qcom: ipq6018: fix networking resets Yunfei Dong <yunfei.dong(a)mediatek.com> media: mediatek: vcodec: using decoder status instead of core work count Martin Kepplinger <martink(a)posteo.de> media: hi846: fix usage of pm_runtime_get_if_in_use() Geert Uytterhoeven <geert+renesas(a)glider.be> media: renesas: fdp1: Identify R-Car Gen2 versions Daniel Scally <dan.scally(a)ideasonboard.com> media: i2c: Correct format propagation for st-mipid02 Dan Carpenter <error27(a)gmail.com> media: i2c: imx296: fix error checking in imx296_read_temperature() Duoming Zhou <duoming(a)zju.edu.cn> media: usb: siano: Fix warning due to null work_func_t function pointer Marek Vasut <marex(a)denx.de> media: videodev2.h: Fix struct v4l2_input tuner index comment Ming Qian <ming.qian(a)nxp.com> media: amphion: initiate a drain of the capture queue in dynamic resolution change Daniel Lundberg Pedersen <dlp(a)qtec.com> media: videodev2.h: Fix p_s32 and p_s64 pointer types Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: common: saa7146: Avoid a leak in vmalloc_to_sg() Ming Qian <ming.qian(a)nxp.com> media: amphion: drop repeated codec data for vc1g format Ming Qian <ming.qian(a)nxp.com> media: amphion: drop repeated codec data for vc1l format Daniil Dulov <d.dulov(a)aladdin.ru> media: usb: Check az6007_read() return value Konrad Dybcio <konrad.dybcio(a)linaro.org> clk: qcom: gcc-qcm2290: Mark RCGs shared where applicable Mantas Pucka <mantas(a)8devices.com> clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks Taniya Das <quic_tdas(a)quicinc.com> clk: qcom: camcc-sc7180: Add parent dependency to all camera GDSCs Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> clk: qcom: mmcc-msm8974: remove oxili_ocmemgx_clk Kathiravan T <quic_kathirav(a)quicinc.com> clk: qcom: gcc: ipq5332: Use floor ops for SDCC clocks Konrad Dybcio <konrad.dybcio(a)linaro.org> interconnect: qcom: rpm: Don't use clk_get_optional for bus clocks anymore Konrad Dybcio <konrad.dybcio(a)linaro.org> interconnect: qcom: rpm: Rename icc provider num_clocks to num_bus_clocks Tony Lindgren <tony(a)atomide.com> serial: 8250: omap: Fix freeing of resources on failed register Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> usb: dwc2: Fix some error handling paths Basavaraj Natikar <Basavaraj.Natikar(a)amd.com> xhci: Improve the XHCI system resume time Basavaraj Natikar <Basavaraj.Natikar(a)amd.com> USB: Extend pci resume function to handle PM events Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> cpufreq: tegra194: Fix an error handling path in tegra194_cpufreq_probe() John Paul Adrian Glaubitz <glaubitz(a)physik.fu-berlin.de> sh: j2: Use ioremap() to translate device tree address into kernel memory Yangtao Li <frank.li(a)vivo.com> f2fs: do not allow to defragment files have FI_COMPRESS_RELEASED Konrad Dybcio <konrad.dybcio(a)linaro.org> dt-bindings: power: reset: qcom-pon: Only allow reboot-mode pre-pmk8350 Dan Carpenter <error27(a)gmail.com> w1: fix loop in w1_fini() Stefan Wahren <stefan.wahren(a)i2se.com> w1: w1_therm: fix locking behavior in convert_t Thomas Gleixner <tglx(a)linutronix.de> x86/efi: Make efi_set_virtual_address_map IBT safe Will Deacon <will(a)kernel.org> arm64: sme: Use STR P to clear FFR context field in streaming SVE mode Arnd Bergmann <arnd(a)arndb.de> ksmbd: avoid field overflow warning Paulo Alcantara <pc(a)manguebit.com> smb: client: fix shared DFS root mounts with different prefixes Paulo Alcantara <pc(a)manguebit.com> smb: client: fix broken file attrs with nodfs mounts Shyam Prasad N <sprasad(a)microsoft.com> cifs: do all necessary checks for credits within or before locking Shyam Prasad N <sprasad(a)microsoft.com> cifs: prevent use-after-free by freeing the cfile later Ard Biesheuvel <ardb(a)kernel.org> efi/libstub: Disable PCI DMA before grabbing the EFI memory map Masahiro Yamada <masahiroy(a)kernel.org> kbuild: deb-pkg: remove the CONFIG_MODULES check in buildeb Josh Triplett <josh(a)joshtriplett.org> kbuild: builddeb: always make modules_install, to install modules.builtin* Vishal Verma <vishal.l.verma(a)intel.com> tools/testing/cxl: Fix command effects for inject/clear poison Dan Williams <dan.j.williams(a)intel.com> cxl/region: Fix state transitions after reset failure Dan Williams <dan.j.williams(a)intel.com> cxl/region: Flag partially torn down regions as unusable Dan Williams <dan.j.williams(a)intel.com> cxl/region: Move cache invalidation before region teardown, and before setup Sami Tolvanen <samitolvanen(a)google.com> kbuild: Disable GCOV for *.mod.o Sami Tolvanen <samitolvanen(a)google.com> kbuild: Fix CFI failures with GCOV Ding Hui <dinghui(a)sangfor.com.cn> SUNRPC: Fix UAF in svc_tcp_listen_data_ready() Filipe Manana <fdmanana(a)suse.com> btrfs: do not BUG_ON() on tree mod log failure at balance_level() Filipe Manana <fdmanana(a)suse.com> btrfs: fix race when deleting free space root from the dirty cow roots list Christian Loehle <CLoehle(a)hyperstone.com> mmc: block: ioctl: do write error check for spi Demi Marie Obenour <demi(a)invisiblethingslab.com> block: increment diskseq on all media change events Michael Schmitz <schmitzmic(a)gmail.com> block: change all __u32 annotations to __be32 in affs_hardblocks.h Michael Schmitz <schmitzmic(a)gmail.com> block: add overflow checks for Amiga partition support Michael Schmitz <schmitzmic(a)gmail.com> block: fix signed int overflow in Amiga partition support John Johansen <john.johansen(a)canonical.com> apparmor: fix: kzalloc perms tables for shared dfas Takashi Iwai <tiwai(a)suse.de> ALSA: pcm: Fix potential data race at PCM memory allocation helpers Takashi Iwai <tiwai(a)suse.de> ALSA: jack: Fix mutex call in snd_jack_report() Werner Sembach <wse(a)tuxedocomputers.com> ALSA: hda/realtek: Add quirk for Clevo NPx0SNx Andy Chi <andy.chi(a)canonical.com> ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on EliteBook Martin Kaiser <martin(a)kaiser.cx> hwrng: st - keep clock enabled while hwrng is registered Tarun Sahu <tsahu(a)linux.ibm.com> dax/kmem: Pass valid argument to memory_group_register_static Dan Williams <dan.j.williams(a)intel.com> dax: Introduce alloc_dev_dax_id() Dan Williams <dan.j.williams(a)intel.com> dax: Fix dax_mapping_release() use after free Bharath SM <bharathsm(a)microsoft.com> SMB3: Do not send lease break acknowledgment if all file handles have been closed Olga Kornievskaia <kolga(a)netapp.com> NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION Qi Zheng <zhengqi.arch(a)bytedance.com> NFSv4.2: fix wrong shrinker_id Hareshx Sankar Raj <hareshx.sankar.raj(a)intel.com> crypto: qat - unmap buffers before free for RSA Hareshx Sankar Raj <hareshx.sankar.raj(a)intel.com> crypto: qat - unmap buffer before free for DH Masahiro Yamada <masahiroy(a)kernel.org> ARC: define ASM_NL and __ALIGN(_STR) outside #ifdef __ASSEMBLY__ guard Dan Carpenter <dan.carpenter(a)linaro.org> modpost: fix off by one in is_executable_section() Pierre-Clément Tosi <ptosi(a)google.com> scripts/mksysmap: Fix badly escaped '$' Bhupesh Sharma <bhupesh.sharma(a)linaro.org> dt-bindings: qcom-qce: Fix compatible combinations for SM8150 and IPQ4019 SoCs Stephan Müller <smueller(a)chronox.de> crypto: jitter - correct health test during initialization Arnd Bergmann <arnd(a)arndb.de> crypto: marvell/cesa - Fix type mismatch warning Masahiro Yamada <masahiroy(a)kernel.org> modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24} Masahiro Yamada <masahiroy(a)kernel.org> modpost: fix section mismatch message for R_ARM_ABS32 Randy Dunlap <rdunlap(a)infradead.org> crypto: nx - fix build warnings when DEBUG_FS is not enabled Masahiro Yamada <masahiroy(a)kernel.org> modpost: remove broken calculation of exception_table_entry size Herbert Xu <herbert(a)gondor.apana.org.au> hwrng: virtio - Fix race on data_avail and actual data Eric Farman <farman(a)linux.ibm.com> vfio/mdev: Move the compat_class initialization to module init Xinghui Li <korantli(a)tencent.com> PCI: vmd: Fix uninitialized variable usage in vmd_enable_domain() Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> PCI: endpoint: functions/pci-epf-test: Fix dma_chan direction Shunsuke Mie <mie(a)igel.co.jp> PCI: endpoint: Fix a Kconfig prompt of vNTB driver Song Shuai <songshuaishuai(a)tinylab.org> riscv: hibernate: remove WARN_ON in save_processor_state Namhyung Kim <namhyung(a)kernel.org> perf test: Set PERF_EXEC_PATH for script execution Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> powerpc/mm/dax: Fix the condition when checking if altmap vmemap can cross-boundary Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> powerpc/book3s64/mm: Fix DirectMap stats in /proc/meminfo Tiezhu Yang <yangtiezhu(a)loongson.cn> riscv: uprobes: Restore thread.bad_cause Xi Pardee <xi.pardee(a)intel.com> platform/x86:intel/pmc: Update maps for Meteor Lake P/M platforms Manivannan Sadhasivam <mani(a)kernel.org> PCI: qcom: Disable write access to read only registers for IP v2.9.0 Manivannan Sadhasivam <mani(a)kernel.org> PCI: qcom: Use DWC helpers for modifying the read-only DBI registers Song Shuai <songshuaishuai(a)tinylab.org> riscv: hibernation: Remove duplicate call of suspend_restore_csrs Aditya Gupta <adityag(a)linux.ibm.com> powerpc: update ppc_save_regs to save current r1 in pt_regs Colin Ian King <colin.i.king(a)gmail.com> powerpc/powernv/sriov: perform null check on iov before dereferencing iov Stanley Chu <stanley.chu(a)mediatek.com> scsi: ufs: core: mcq: Fix the incorrect OCS value for the device command Bart Van Assche <bvanassche(a)acm.org> scsi: ufs: core: Remove a ufshcd_add_command_trace() call Namhyung Kim <namhyung(a)kernel.org> perf stat: Reset aggr stats for each run Claudiu Beznea <claudiu.beznea(a)microchip.com> pinctrl: at91-pio4: check return value of devm_kasprintf() Claudiu Beznea <claudiu.beznea(a)microchip.com> pinctrl: microchip-sgpio: check return value of devm_kasprintf() Xiaolei Wang <xiaolei.wang(a)windriver.com> pinctrl: freescale: Fix a memory out of bounds when num_configs is 1 Nicholas Piggin <npiggin(a)gmail.com> powerpc/64s: Fix VAS mm use after free Ian Rogers <irogers(a)google.com> perf tool x86: Fix perf_env memory leak Ravi Bangoria <ravi.bangoria(a)amd.com> perf tool x86: Consolidate is_amd check into single function Michal Wilczynski <michal.wilczynski(a)intel.com> platform/x86/dell/dell-rbtn: Fix resources leaking on error path Aditya Gupta <adityag(a)linux.ibm.com> perf tests task_analyzer: Skip tests if no libtraceevent support Aditya Gupta <adityag(a)linux.ibm.com> perf tests task_analyzer: Fix bad substitution ${$1} Kan Liang <kan.liang(a)linux.intel.com> perf metric: Fix no group check Namhyung Kim <namhyung(a)kernel.org> perf dwarf-aux: Fix off-by-one in die_get_varname() David E. Box <david.e.box(a)linux.intel.com> platform/x86/intel/pmc/mtl: Put devices in D3 during resume David E. Box <david.e.box(a)linux.intel.com> platform/x86/intel/pmc: Add resume callback Mark Pearson <mpearson-lenovo(a)squebb.ca> platform/x86: thinkpad_acpi: Fix lkp-tests warnings for platform profiles Arnaldo Carvalho de Melo <acme(a)redhat.com> perf script: Fix allocation of evsel->priv related to per-event dump files Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/signal32: Force inlining of __unsafe_save_user_regs() and save_tm_user_regs_unsafe() Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/interrupt: Don't read MSR from interrupt_exit_kernel_prepare() Christophe Leroy <christophe.leroy(a)csgroup.eu> kcsan: Don't expect 64 bits atomic builtins from 32 bits architectures Jiasheng Jiang <jiasheng(a)iscas.ac.cn> pinctrl: npcm7xx: Add missing check for ioremap Wells Lu <wellslutw(a)gmail.com> pinctrl:sunplus: Add check for kmalloc Mark Pearson <mpearson-lenovo(a)squebb.ca> platform/x86: think-lmi: Correct NVME password handling Mark Pearson <mpearson-lenovo(a)squebb.ca> platform/x86: think-lmi: Correct System password interface Mark Pearson <mpearson-lenovo(a)squebb.ca> platform/x86: think-lmi: mutex protection around multiple WMI calls Xi Pardee <xi.pardee(a)intel.com> platform/x86:intel/pmc: Remove Meteor Lake S platform support Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> pinctrl: cherryview: Return correct value if pin in push-pull mode Arnaldo Carvalho de Melo <acme(a)redhat.com> perf bench: Add missing setlocale() call to allow usage of %'d style formatting Thierry Reding <treding(a)nvidia.com> pinctrl: tegra: Duplicate pinmux functions table Bart Van Assche <bvanassche(a)acm.org> scsi: ufs: core: Fix handling of lrbp->cmd Bart Van Assche <bvanassche(a)acm.org> scsi: ufs: core: Increase the START STOP UNIT timeout from one to ten seconds Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Revise NPIV ELS unsol rcv cmpl logic to drop ndlp based on nlp_state Sui Jingfeng <suijingfeng(a)loongson.cn> PCI: Add pci_clear_master() stub for non-CONFIG_PCI Bart Van Assche <bvanassche(a)acm.org> scsi: ufs: Declare ufshcd_{hold,release}() once Wells Lu <wellslutw(a)gmail.com> pinctrl: sunplus: Add check for kmalloc Junyan Ye <yejunyan(a)hust.edu.cn> PCI: ftpci100: Release the clock resources Ian Rogers <irogers(a)google.com> perf evsel: Don't let for_each_group() treat the head of the list as one of its nodes Rongguang Wei <weirongguang(a)kylinos.cn> PCI: pciehp: Cancel bringup sequence if card is not present Dan Carpenter <dan.carpenter(a)linaro.org> pinctrl: at91: fix a couple NULL vs IS_ERR() checks Yuchen Yang <u202114568(a)hust.edu.cn> scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() Ding Hui <dinghui(a)sangfor.com.cn> PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Hans de Goede <hdegoede(a)redhat.com> platform/x86: lenovo-yogabook: Set default keyboard backligh brightness on probe() Hans de Goede <hdegoede(a)redhat.com> platform/x86: lenovo-yogabook: Reprobe devices on remove() Hans de Goede <hdegoede(a)redhat.com> platform/x86: lenovo-yogabook: Fix work race on remove() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> pinctrl: bcm2835: Handle gpiochip_add_pin_range() errors Jinhong Zhu <jinhongzhu(a)hust.edu.cn> scsi: qedf: Fix NULL dereference in error handling Nirmal Patel <nirmal.patel(a)linux.intel.com> PCI: vmd: Reset VMD config register between soft reboots Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: cadence: Fix Gen2 Link Retraining process Jason Gunthorpe <jgg(a)ziepe.ca> iommufd: Call iopt_area_contig_done() under the lock Jason Gunthorpe <jgg(a)ziepe.ca> iommufd: Do not access the area pointer after unlocking Syed Saba Kareem <Syed.SabaKareem(a)amd.com> ASoC: amd: acp: clear pdm dma interrupt mask Michael Walle <mwalle(a)kernel.org> ARM: dts: lan966x: kontron-d10: fix SPI CS Michael Walle <mwalle(a)kernel.org> ARM: dts: lan966x: kontron-d10: fix board reset Fei Shao <fshao(a)chromium.org> clk: Fix memory leak in devm_clk_notifier_register() Claudiu Beznea <claudiu.beznea(a)microchip.com> ASoC: imx-audmix: check return value of devm_kasprintf() Amir Goldstein <amir73il(a)gmail.com> ovl: update of dentry revalidate flags after copy up Alexey Romanov <avromanov(a)sberdevices.ru> drivers: meson: secure-pwrc: always enable DMA domain Claudiu Beznea <claudiu.beznea(a)microchip.com> clk: clocking-wizard: check return value of devm_kasprintf() Claudiu Beznea <claudiu.beznea(a)microchip.com> clk: ti: clkctrl: check return value of kasprintf() Claudiu Beznea <claudiu.beznea(a)microchip.com> clk: keystone: sci-clk: check return value of kasprintf() Claudiu Beznea <claudiu.beznea(a)microchip.com> clk: si5341: free unused memory on probe failure Claudiu Beznea <claudiu.beznea(a)microchip.com> clk: si5341: check return value of {devm_}kasprintf() Claudiu Beznea <claudiu.beznea(a)microchip.com> clk: si5341: return error if one synth clock registration fails Claudiu Beznea <claudiu.beznea(a)microchip.com> clk: cdce925: check return value of kasprintf() Claudiu Beznea <claudiu.beznea(a)microchip.com> clk: vc5: check memory returned by kasprintf() AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> clk: mediatek: clk-mt8173-apmixedsys: Fix iomap not released issue AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> clk: mediatek: clk-mt8173-apmixedsys: Fix return value for of_iomap() error AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> clk: mediatek: clk-mtk: Grab iomem pointer for divider clocks Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: correct MERGE_3D length Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: fix sc7280 and sc7180 PINGPONG done interrupts Marijn Suijten <marijn.suijten(a)somainline.org> drm/msm/dpu: Disable pingpong TE on DPU 5.0.0 and above Marijn Suijten <marijn.suijten(a)somainline.org> drm/msm/dpu: Move autorefresh disable from CMD encoder to pingpong Marijn Suijten <marijn.suijten(a)somainline.org> drm/msm/dpu: Drop unused poll_timeout_wr_ptr PINGPONG callback Luben Tuikov <luben.tuikov(a)amd.com> drm/amdgpu: Fix usage of UMC fill record in RAS Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amdgpu: Fix memcpy() in sienna_cichlid_append_powerplay_table function. Daniel Golle <daniel(a)makrotopia.org> arm64: dts: mt7986: increase bl2 partition on NAND of Bananapi R3 Nícolas F. R. A. Prado <nfraprado(a)collabora.com> arm64: dts: mediatek: mt8192: Fix CPUs capacity-dmips-mhz Allen-KH Cheng <allen-kh.cheng(a)mediatek.com> arm64: dts: mediatek: Add cpufreq nodes for MT8192 Bjorn Andersson <quic_bjorande(a)quicinc.com> drm/msm/dp: Free resources after unregistering them Bjorn Andersson <quic_bjorande(a)quicinc.com> drm/msm/dp: Drop aux devices together with DP controller Jessica Zhang <quic_jesszhan(a)quicinc.com> drm/msm/dsi: Remove incorrect references to slice_count Jessica Zhang <quic_jesszhan(a)quicinc.com> drm/msm/dpu: Fix slice_last_group_size calculation Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: do not enable color-management if DSPPs are not available Su Hui <suhui(a)nfschina.com> ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer Nishanth Menon <nm(a)ti.com> arm64: dts: ti: k3-am69-sk: Fix main_i2c0 alias Thejasvi Konduru <t-konduru(a)ti.com> arm64: dts: ti: k3-j784s4: Fix wakeup pinmux range and pinctrl node offsets Nishanth Menon <nm(a)ti.com> arm64: dts: ti: k3-j784s4-evm: Fix main_i2c0 alias Andrew Davis <afd(a)ti.com> arm64: dts: ti: k3-j721e-beagleboneai64: Fix mailbox node status Yuan Can <yuancan(a)huawei.com> clk: tegra: tegra124-emc: Fix potential memory leak Dan Carpenter <dan.carpenter(a)linaro.org> clk: clocking-wizard: Fix Oops in clk_wzrd_register_divider() Dan Carpenter <dan.carpenter(a)linaro.org> clk: bcm: rpi: Fix off by one in raspberrypi_discover_clocks() Abel Vesa <abel.vesa(a)linaro.org> arm64: dts: qcom: sm8550: Add missing interconnect path to USB HC Marijn Suijten <marijn.suijten(a)somainline.org> arm64: dts: qcom: sm8250-edo: Panel framebuffer is 2.5k instead of 4k Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: sm8550: Flush RSC sleep & wake votes Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: sdm845: Flush RSC sleep & wake votes Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: sdm670: Flush RSC sleep & wake votes Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: qdu1000: Flush RSC sleep & wake votes Bosi Zhang <u201911157(a)hust.edu.cn> clk: mediatek: fix of_iomap memory leak Yuxing Liu <lyx2022(a)hust.edu.cn> clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe() Zhanhao Hu <zero12113(a)hust.edu.cn> clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe Hao Luo <m202171776(a)hust.edu.cn> clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe Kai Ma <kaima(a)hust.edu.cn> clk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe Adam Ford <aford173(a)gmail.com> clk: imx: composite-8m: Add imx8m_divider_determine_rate Kashyap Desai <kashyap.desai(a)broadcom.com> RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context Kashyap Desai <kashyap.desai(a)broadcom.com> RDMA/bnxt_re: wraparound mbox producer index Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/a5xx: really check for A510 in a5xx_gpu_init Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/a6xx: don't set IO_PGTABLE_QUIRK_ARM_OUTER_WBWA with coherent SMMU Chia-I Wu <olvaffe(a)gmail.com> amdgpu: validate offset_in_bo of drm_amdgpu_gem_va Bob Pearson <rpearsonhpe(a)gmail.com> RDMA/rxe: Fix access checks in rxe_check_bind_mw Geert Uytterhoeven <geert+renesas(a)glider.be> HID: uclogic: Modular KUnit tests should not depend on KUNIT=y Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> drm/radeon: fix possible division-by-zero errors Aurabindo Pillai <aurabindo.pillai(a)amd.com> drm/amd/display: Fix artifacting on eDP panels when engaging freesync video mode Chen-Yu Tsai <wenst(a)chromium.org> soc: mediatek: SVS: Fix MT8192 GPU node name Daniil Dulov <d.dulov(a)aladdin.ru> drm/amdkfd: Fix potential deallocation of previously deallocated memory. Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> drm/amd/display: Fix a test dml32_rq_dlg_get_rq_reg() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> drm/amd/display: Fix a test CalculatePrefetchSchedule() Paul Cercueil <paul(a)crapouillou.net> MIPS: DTS: CI20: Fix ACT8600 regulator node names Maxime Ripard <maxime(a)cerno.tech> clk: Export clk_hw_forward_rate_request() Christian Lamparter <chunkeey(a)gmail.com> ARM: dts: BCM5301X: fix duplex-full => full-duplex Guenter Roeck <linux(a)roeck-us.net> hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272 Tim Harvey <tharvey(a)gateworks.com> hwmon: (gsc-hwmon) fix fan pwm temperature scaling Olivier Moysan <olivier.moysan(a)foss.st.com> ARM: dts: stm32: fix i2s endpoint format property for stm32mp15xx-dkx Dan Carpenter <dan.carpenter(a)linaro.org> accel/habanalabs: fix gaudi2_get_tpc_idle_status() return Marek Vasut <marex(a)denx.de> ARM: dts: stm32: Fix audio routing on STM32MP15xx DHCOM PDK2 Chris Morgan <macromorgan(a)hotmail.com> arm64: dts: rockchip: Fix compatible for Bluetooth on rk3566-anbernic Caleb Connolly <caleb.connolly(a)linaro.org> Input: pm8941-powerkey - fix debounce on gen2+ PMICs Keerthy <j-keerthy(a)ti.com> arm64: dts: ti: k3-j7200: Fix physical address of pin Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> arm64: dts: rockchip: Assign ES8316 MCLK rate on rk3588-rock-5b Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915: No 10bit gamma on desktop gen3 parts Matt Roper <matthew.d.roper(a)intel.com> drm/i915/display: Make display responsible for probing its own IP Matt Roper <matthew.d.roper(a)intel.com> drm/i915/display: Move display runtime info to display structure Matt Roper <matthew.d.roper(a)intel.com> drm/i915: Convert INTEL_INFO()->display to a pointer Matt Roper <matthew.d.roper(a)intel.com> drm/i915/display: Move display device info to header under display/ Jani Nikula <jani.nikula(a)intel.com> drm/i915: hide mkwrite_device_info() better Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915: Fix limited range csc matrix Bjorn Andersson <quic_bjorande(a)quicinc.com> dt-bindings: arm-smmu: Fix SC8280XP Adreno binding Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() Kuogee Hsieh <quic_khsieh(a)quicinc.com> drm/msm/dpu: always clear every individual pending flush mask Kuogee Hsieh <quic_khsieh(a)quicinc.com> drm/msm/dpu: set DSC flush bit correctly at MDP CTL flush register Wolfram Sang <wsa+renesas(a)sang-engineering.com> arm64: dts: renesas: ulcb-kf: Remove flow control for SCIF1 Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: iwg20d-q7-common: Fix backlight pwm specifier Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix hns_roce_table_get return value Brendan Cunningham <bcunningham(a)cornelisnetworks.com> IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate Arnd Bergmann <arnd(a)arndb.de> RDMA/irdma: avoid fortify-string warning in irdma_clr_wqes Randy Dunlap <rdunlap(a)infradead.org> soc/fsl/qe: fix usb.c build errors Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> ARM: dts: meson8: correct uart_B and uart_C clock references Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: es8316: Do not set rate constraints for unsupported MCLKs Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: es8316: Increment max value for ALC Capture Target Volume control Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: apq8074-dragonboard: Set DMA as remotely controlled Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> memory: brcmstb_dpfe: fix testing array offset after use Marek Vasut <marex(a)denx.de> ARM: dts: stm32: Shorten the AV96 HDMI sound card name Douglas Anderson <dianders(a)chromium.org> arm64: dts: mediatek: mt8195: Add mediatek,broken-save-restore-fw to cherry Douglas Anderson <dianders(a)chromium.org> arm64: dts: mediatek: mt8192: Add mediatek,broken-save-restore-fw to asurada Douglas Anderson <dianders(a)chromium.org> arm64: dts: mediatek: mt8183: Add mediatek,broken-save-restore-fw to kukui Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: apq8096: fix fixed regulator name property Luca Weiss <luca.weiss(a)fairphone.com> arm64: dts: qcom: pm7250b: add missing spmi-vadc include Arnd Bergmann <arnd(a)arndb.de> ARM: omap2: fix missing tick_broadcast() prototype Arnd Bergmann <arnd(a)arndb.de> ARM: ep93xx: fix missing-prototype warnings Dario Binacchi <dario.binacchi(a)amarulasolutions.com> drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H Adam Ford <aford173(a)gmail.com> drm: bridge: samsung-dsim: Fix PMS Calculator on imx8m[mnp] Frieder Schrempf <frieder.schrempf(a)kontron.de> drm/bridge: ti-sn65dsi83: Fix enable/disable flow to meet spec Stephan Gerhold <stephan(a)gerhold.net> arm64: dts: qcom: apq8016-sbc: Fix 1.8V power rail on LS expansion Stephan Gerhold <stephan(a)gerhold.net> arm64: dts: qcom: apq8016-sbc: Fix regulator constraints Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sdm845-polaris: add missing touchscreen child node reg Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sm8550: correct pinctrl unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sm8550: correct crypto unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sm8350: correct USB phy unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sm8350: correct PCI phy unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sm8350: correct DMA controller unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sm6115: correct thermal-sensor unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sdm845: correct camss unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sdm630: correct camss unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: msm8996: correct camss unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: msm8994: correct SPMI unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: msm8976: correct MMC unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: msm8953: correct WCNSS unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: msm8953: correct IOMMU unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: msm8916: correct WCNSS unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: msm8916: correct MMC unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: msm8916: correct camss unit address Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: ipq6018: correct qrng unit address Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> arm64: dts: qcom: pm8998: don't use GIC_SPI for SPMI interrupts Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: qcom: msm8974: do not use underscore in node name (again) Linus Walleij <linus.walleij(a)linaro.org> ARM/musb: omap2: Remove global GPIO numbers from TUSB6010 Linus Walleij <linus.walleij(a)linaro.org> ARM: omap2: Rewrite WLAN quirk to use GPIO descriptors Linus Walleij <linus.walleij(a)linaro.org> ARM: omap2: Get USB hub reset GPIO from descriptor Linus Walleij <linus.walleij(a)linaro.org> ARM/gpio: Push OMAP2 quirk down into TWL4030 driver Linus Walleij <linus.walleij(a)linaro.org> ARM: omap1: Exorcise the legacy GPIO header Linus Walleij <linus.walleij(a)linaro.org> ARM: omap1: Make serial wakeup GPIOs use descriptors Linus Walleij <linus.walleij(a)linaro.org> ARM: omap1: Fix up the Nokia 770 board device IRQs Linus Walleij <linus.walleij(a)linaro.org> ARM/mmc: Convert old mmci-omap to GPIO descriptors Linus Walleij <linus.walleij(a)linaro.org> Input: ads7846 - Convert to use software nodes Linus Walleij <linus.walleij(a)linaro.org> ARM: omap1: Remove reliance on GPIO numbers from SX1 Linus Walleij <linus.walleij(a)linaro.org> ARM: omap1: Remove reliance on GPIO numbers from PalmTE Linus Walleij <linus.walleij(a)linaro.org> ARM: omap1: Drop header on AMS Delta Linus Walleij <linus.walleij(a)linaro.org> ARM/mfd/gpio: Fixup TPS65010 regression on OMAP1 OSK1 Nícolas F. R. A. Prado <nfraprado(a)collabora.com> drm/bridge: anx7625: Prevent endless probe loop Bhupesh Sharma <bhupesh.sharma(a)linaro.org> arm64: dts: qcom: qrb4210-rb2: Fix CD gpio for SDHC2 Tony Lindgren <tony(a)atomide.com> ARM: dts: gta04: Move model property out of pinctrl node Biju Das <biju.das.jz(a)bp.renesas.com> clk: renesas: rzg2l: Fix CPG_SIPLL5_CLK1 register write Jean-Philippe Brucker <jean-philippe(a)linaro.org> iommu/virtio: Return size mapped for a detached domain Jean-Philippe Brucker <jean-philippe(a)linaro.org> iommu/virtio: Detach domain on endpoint release Arnd Bergmann <arnd(a)arndb.de> drm/nouveau: dispnv50: fix missing-prototypes warning Konrad Dybcio <konrad.dybcio(a)linaro.org> drm/msm/dpu: Set DPU_DATA_HCTL_EN for in INTF_SC7180_MASK Marijn Suijten <marijn.suijten(a)somainline.org> drm/msm/dpu: Use V4.0 PCC DSPP sub-block in SC7[12]80 Arnaud Vrac <avrac(a)freebox.fr> drm/msm/dpu: fix cursor block register bit offset in msm8998 hw catalog Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dsi: don't allow enabling 14nm VCO with unprogrammed rate Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: enable DSPP_2/3 for LM_2/3 on sm8450 Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix to remove an unnecessary log Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Use unique names while registering interrupts Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix to remove unnecessary return labels Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Disable/kill tasklet only if it is enabled Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> hwmon: (f71882fg) prevent possible division by zero Dan Carpenter <dan.carpenter(a)linaro.org> clk: imx: scu: use _safe list iterator to avoid a use after free Devi Priya <quic_devipriy(a)quicinc.com> arm64: dts: qcom: ipq9574: Update the size of GICC & GICV regions Alexander Stein <alexander.stein(a)ew.tq-group.com> drm/bridge: tc358767: Switch to devm MIPI-DSI helpers Robert Marko <robert.marko(a)sartura.hr> arm64: dts: microchip: sparx5: do not use PSCI on reference boards Tony Lindgren <tony(a)atomide.com> bus: ti-sysc: Fix dispc quirk masking bool variables Marek Vasut <marex(a)denx.de> ARM: dts: stm32: Move ethernet MAC EEPROM from SoM to carrier boards Maíra Canal <mcanal(a)igalia.com> drm/vkms: Fix RGB565 pixel conversion Maíra Canal <mcanal(a)igalia.com> drm: Add fixed-point helper to get rounded integer values Maíra Canal <mcanal(a)igalia.com> drm/vkms: isolate pixel conversion functionality Bard Liao <yung-chuan.liao(a)linux.intel.com> ASoC: Intel: sof_sdw: start set codec init function with an adr index Bard Liao <yung-chuan.liao(a)linux.intel.com> ASoC: Intel: sof_sdw: remove SOF_SDW_TGL_HDMI for MeteorLake devices Trevor Wu <trevor.wu(a)mediatek.com> ASoC: dt-bindings: mediatek,mt8188-afe: correct clock name Dan Carpenter <dan.carpenter(a)linaro.org> driver: soc: xilinx: use _safe loop iterator to avoid a use after free Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/panel: sharp-ls043t1le01: adjust mode settings XuDong Liu <m202071377(a)hust.edu.cn> drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks` Marek Vasut <marex(a)denx.de> Input: adxl34x - do not hardcode interrupt trigger type Marek Vasut <marek.vasut+renesas(a)mailbox.org> clk: rs9: Fix .driver_data content in i2c_device_id Marek Vasut <marek.vasut+renesas(a)mailbox.org> clk: vc7: Fix .driver_data content in i2c_device_id Marek Vasut <marek.vasut+renesas(a)mailbox.org> clk: vc5: Fix .driver_data content in i2c_device_id hfdevel(a)gmx.net <hfdevel(a)gmx.net> ARM: dts: meson8b: correct uart_B and uart_C clock references Rafał Miłecki <rafal(a)milecki.pl> ARM: dts: BCM5301X: Drop "clock-names" from the SPI node Luc Ma <luc(a)sietium.com> drm/vram-helper: fix function names in vram helper doc Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: tests - fix input_test_match_device_id test Francesco Dolcini <francesco.dolcini(a)toradex.com> drm/bridge: tc358768: fix THS_TRAILCNT computation Francesco Dolcini <francesco.dolcini(a)toradex.com> drm/bridge: tc358768: fix TXTAGOCNT computation Francesco Dolcini <francesco.dolcini(a)toradex.com> drm/bridge: tc358768: fix THS_ZEROCNT computation Francesco Dolcini <francesco.dolcini(a)toradex.com> drm/bridge: tc358768: fix TCLK_TRAILCNT computation Francesco Dolcini <francesco.dolcini(a)toradex.com> drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation Francesco Dolcini <francesco.dolcini(a)toradex.com> drm/bridge: tc358768: fix TCLK_ZEROCNT computation Francesco Dolcini <francesco.dolcini(a)toradex.com> drm/bridge: tc358768: fix PLL target frequency Francesco Dolcini <francesco.dolcini(a)toradex.com> drm/bridge: tc358768: fix PLL parameters computation Francesco Dolcini <francesco.dolcini(a)toradex.com> drm/bridge: tc358768: always enable HS video mode Alexander Stein <alexander.stein(a)ew.tq-group.com> drm/bridge: ti-sn65dsi83: Fix enable error path Geert Uytterhoeven <geert+renesas(a)glider.be> Input: tests - modular KUnit tests should not depend on KUNIT=y Geert Uytterhoeven <geert+renesas(a)glider.be> Input: tests - fix use-after-free and refcount underflow in input_test_exit() Duoming Zhou <duoming(a)zju.edu.cn> Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync() Luca Weiss <luca(a)z3ntu.xyz> Input: drv260x - sleep between polling GO bit Markus Elfring <elfring(a)users.sourceforge.net> drm/bridge: it6505: Move a variable assignment behind a null pointer check in receive_timing_debugfs_show() Vinay Belgaumkar <vinay.belgaumkar(a)intel.com> drm/i915/guc/slpc: Provide sysfs for efficient freq Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> drm/amd/display: Explicitly specify update type per plane info change Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> radeon: avoid double free in ci_dpm_init() Arnd Bergmann <arnd(a)arndb.de> drm/amd/display: fix is_timing_changed() prototype Wesley Chalmers <Wesley.Chalmers(a)amd.com> drm/amd/display: Add logging for display MALL refresh setting Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/display: Unconditionally print when DP sink power state fails Dan Carpenter <error27(a)gmail.com> drm/imx/lcdc: fix a NULL vs IS_ERR() bug in probe Kuniyuki Iwashima <kuniyu(a)amazon.com> netlink: Add __sock_i_ino() for __netlink_diag_dump(). Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses Cambda Zhu <cambda(a)linux.alibaba.com> ipvlan: Fix return value of ipvlan_queue_xmit() Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: fix underflow in chain reference counter Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: unbind non-anonymous set if rule construction fails Ilia.Gavrilov <Ilia.Gavrilov(a)infotecs.ru> netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value. Florian Westphal <fw(a)strlen.de> netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one Jeremy Sowden <jeremy(a)azazel.net> lib/ts_bm: reset initial match offset for every block of text Lin Ma <linma(a)zju.edu.cn> net: nfc: Fix use-after-free caused by nfc_llcp_find_local Edward Cree <ecree.xilinx(a)gmail.com> sfc: fix crash when reading stats while NIC is resetting David Howells <dhowells(a)redhat.com> ocfs2: Fix use of slab data with sendpage Maxim Kochetkov <fido_max(a)inbox.ru> net: axienet: Move reset before 64-bit DMA detection Kuniyuki Iwashima <kuniyu(a)amazon.com> gtp: Fix use-after-free in __gtp_encap_destroy(). Sabrina Dubroca <sd(a)queasysnail.net> selftests: rtnetlink: remove netdevsim device after ipsec offload test Eric Dumazet <edumazet(a)google.com> sch_netem: fix issues in netem_change() vs get_dist_table() Eric Dumazet <edumazet(a)google.com> bonding: do not assume skb mac_header is set Eric Dumazet <edumazet(a)google.com> netlink: do not hard code device address lenth in fdb dumps Eric Dumazet <edumazet(a)google.com> netlink: fix potential deadlock in netlink_set_err() Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> net: stmmac: fix double serdes powerdown Vinicius Costa Gomes <vinicius.gomes(a)intel.com> igc: Work around HW bug causing missing timestamps Vinicius Costa Gomes <vinicius.gomes(a)intel.com> igc: Retrieve TX timestamp during interrupt handling Vinicius Costa Gomes <vinicius.gomes(a)intel.com> igc: Check if hardware TX timestamping is enabled earlier Vinicius Costa Gomes <vinicius.gomes(a)intel.com> igc: Fix race condition in PTP tx code Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_pciefd: Set hardware timestamp on transmitted packets Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_pciefd: Add function to set skb hwtstamps Vincent Mailhol <mailhol.vincent(a)wanadoo.fr> can: length: fix bitstuffing count Gilad Sever <gilad9366(a)gmail.com> bpf: Fix bpf socket lookup from tc/xdp to respect socket VRF bindings Gilad Sever <gilad9366(a)gmail.com> bpf: Call __bpf_sk_lookup()/__bpf_skc_lookup() directly via TC hookpoint Gilad Sever <gilad9366(a)gmail.com> bpf: Factor out socket lookup functions for the TC hookpoint. Dmitry Antipov <dmantipov(a)yandex.ru> wifi: ath9k: convert msecs to jiffies where needed Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: mvm: check only affected links Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: mvm: indicate HW decrypt for beacon protection Marek Vasut <marex(a)denx.de> mmc: Add MMC_QUIRK_BROKEN_SD_CACHE for Kingston Canvas Go Plus from 11/2019 Douglas Anderson <dianders(a)chromium.org> watchdog/hardlockup: keep kernel.nmi_watchdog sysctl as 0444 if probe fails Lecopzer Chen <lecopzer.chen(a)mediatek.com> watchdog/perf: adapt the watchdog_perf interface for async model Douglas Anderson <dianders(a)chromium.org> watchdog/hardlockup: rename some "NMI watchdog" constants/function Douglas Anderson <dianders(a)chromium.org> watchdog/hardlockup: move perf hardlockup checking/panic to common watchdog.c Lecopzer Chen <lecopzer.chen(a)mediatek.com> watchdog/hardlockup: change watchdog_nmi_enable() to void Lecopzer Chen <lecopzer.chen(a)mediatek.com> watchdog: remove WATCHDOG_DEFAULT Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> mm: move mm_count into its own cache line Ilan Peer <ilan.peer(a)intel.com> wifi: ieee80211: Fix the common size calculation for reconfiguration ML Johannes Berg <johannes.berg(a)intel.com> wifi: cfg80211: fix regulatory disconnect with OCB/NAN Benjamin Berg <benjamin.berg(a)intel.com> wifi: cfg80211: drop incorrect nontransmitted BSS update code Benjamin Berg <benjamin.berg(a)intel.com> wifi: cfg80211: rewrite merging of inherited elements Nicolas Cavallari <nicolas.cavallari(a)green-communications.fr> wifi: mac80211: Remove "Missing iftype sband data/EHT cap" spam Anjaneyulu <pagadala.yesu.anjaneyulu(a)intel.com> wifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler() Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: pull from TXQs with softirqs disabled Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: mvm: correctly access HE/EHT sband capa Gregory Greenman <gregory.greenman(a)intel.com> wifi: iwlwifi: mvm: add support for Extra EHT LTF Johannes Berg <johannes.berg(a)intel.com> wifi: mac80211: add helpers to access sband iftype data Ziyang Huang <hzyitc(a)outlook.com> wifi: ath11k: Add missing hw_ops->get_ring_selector() for IPQ5018 Ziyang Huang <hzyitc(a)outlook.com> wifi: ath11k: Restart firmware after cold boot calibration for IPQ5018 Ziyang Huang <hzyitc(a)outlook.com> wifi: ath11k: Add missing ops config for IPQ5018 in ath11k_ahb_probe() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> wifi: ath11k: Add missing check for ioremap Edwin Peer <edwin.peer(a)broadcom.com> rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO Mukesh Sisodiya <mukesh.sisodiya(a)intel.com> wifi: iwlwifi: fw: print PC register value instead of address Mukesh Sisodiya <mukesh.sisodiya(a)intel.com> wifi: iwlwifi: mvm: Handle return value for iwl_mvm_sta_init Ilan Peer <ilan.peer(a)intel.com> wifi: mac80211: Fix permissions for valid_links debugfs entry Eduard Zingerman <eddyz87(a)gmail.com> bpf: Verify scalar ids mapping in regsafe() using check_ids() Eduard Zingerman <eddyz87(a)gmail.com> bpf: Use scalar ids in mark_chain_precision() Remi Pommarel <repk(a)triplefau.lt> wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key() Eduard Zingerman <eddyz87(a)gmail.com> selftests/bpf: Fix invalid pointer check in get_xlated_program() Arnd Bergmann <arnd(a)arndb.de> memstick r592: make memstick_debug_get_tpc_name() static Douglas Anderson <dianders(a)chromium.org> mmc: mediatek: Avoid ugly error message when SDIO wakeup IRQ isn't used Zhen Lei <thunder.leizhen(a)huawei.com> kexec: fix a memory leak in crash_shrink_memory() Douglas Anderson <dianders(a)chromium.org> watchdog/perf: more properly prevent false positives with turbo modes Douglas Anderson <dianders(a)chromium.org> watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct config Haifeng Xu <haifeng.xu(a)shopee.com> selftests: cgroup: fix unexpected failure on test_memcg_low Karol Kolacinski <karol.kolacinski(a)intel.com> ice: handle extts in the miscellaneous interrupt thread Marek Vasut <marex(a)denx.de> wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown Marek Vasut <marex(a)denx.de> wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled Vijaya Krishna Nivarthi <quic_vnivarth(a)quicinc.com> spi: spi-geni-qcom: Do not do DMA map/unmap inside driver, use framework instead Vijaya Krishna Nivarthi <quic_vnivarth(a)quicinc.com> soc: qcom: geni-se: Add interfaces geni_se_tx_init_dma() and geni_se_rx_init_dma() Jesper Dangaard Brouer <brouer(a)redhat.com> selftests/bpf: Fix check_mtu using wrong variable type Johannes Berg <johannes.berg(a)intel.com> wifi: mac80211: recalc min chandef for new STA links Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: mvm: send time sync only if needed Viktor Malik <vmalik(a)redhat.com> tools/resolve_btfids: Fix setting HOSTCFLAGS Dave Marchevsky <davemarchevsky(a)fb.com> bpf: Make bpf_refcount_acquire fallible for non-owning refs Dave Marchevsky <davemarchevsky(a)fb.com> bpf: Fix __bpf_{list,rbtree}_add's beginning-of-node calculation Dave Marchevsky <davemarchevsky(a)fb.com> bpf: Set kptr_struct_meta for node param to list and rbtree insert funcs Dave Marchevsky <davemarchevsky(a)fb.com> bpf: Remove anonymous union in bpf_kfunc_call_arg_meta Youghandhar Chintala <quic_youghand(a)quicinc.com> wifi: ath10k: Trigger STA disconnect after reconfig complete on hardware restart Jesper Dangaard Brouer <brouer(a)redhat.com> samples/bpf: xdp1 and xdp2 reduce XDPBUFSIZE to 60 Sascha Hauer <s.hauer(a)pengutronix.de> wifi: rtw88: usb: silence log flooding error message Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> wifi: ray_cs: Fix an error handling path in ray_probe() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> wifi: wl3501_cs: Fix an error handling path in wl3501_probe() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> wifi: atmel: Fix an error handling path in atmel_probe() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> wifi: orinoco: Fix an error handling path in orinoco_cs_probe() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> wifi: orinoco: Fix an error handling path in spectrum_cs_probe() Geert Uytterhoeven <geert+renesas(a)glider.be> regulator: core: Streamline debugfs operations Geert Uytterhoeven <geert+renesas(a)glider.be> regulator: core: Fix more error checking for debugfs_create_dir() Sebastian Reichel <sebastian.reichel(a)collabora.com> regulator: rk808: fix asynchronous probing Alexey Gladkov <legion(a)kernel.org> selftests/bpf: Do not use sign-file as testcase Yafang Shao <laoar.shao(a)gmail.com> bpf: Fix memleak due to fentry attach failure Yafang Shao <laoar.shao(a)gmail.com> bpf: Remove bpf trampoline selector Alan Maguire <alan.maguire(a)oracle.com> bpftool: JIT limited misreported as negative value on aarch64 Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> nfc: llcp: fix possible use of uninitialized variable in nfc_llcp_send_connect() Joy Chakraborty <joychakr(a)google.com> spi: dw: Round of n_bytes to power of 2 Stanislav Fomichev <sdf(a)google.com> bpf: Don't EFAULT for {g,s}setsockopt with wrong optlen Andrii Nakryiko <andrii(a)kernel.org> libbpf: fix offsetof() and container_of() to work with CO-RE Edward Cree <ecree.xilinx(a)gmail.com> sfc: release encap match in efx_tc_flow_free() Alexander Mikhalitsyn <alexander(a)mihalicyn.com> sctp: add bpf_bypass_getsockopt proto callback Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> wifi: mwifiex: Fix the size of a memory allocation in mwifiex_ret_802_11_scan() Dan Carpenter <dan.carpenter(a)linaro.org> wifi: rtw88: unlock on error path in rtw_ops_add_interface() Amisha Patel <amisha.patel(a)microchip.com> wifi: wilc1000: fix for absent RSN capabilities WFA testcase Vijaya Krishna Nivarthi <quic_vnivarth(a)quicinc.com> spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG Pengcheng Yang <yangpc(a)wangsu.com> samples/bpf: Fix buffer overflow in tcp_basertt Dan Carpenter <dan.carpenter(a)linaro.org> wifi: rtw89: fix rtw89_read_chip_ver() for RTL8852B and RTL8851B Andrii Nakryiko <andrii(a)kernel.org> bpf: fix propagate_precision() logic for inner frames Andrii Nakryiko <andrii(a)kernel.org> bpf: maintain bitmasks across all active frames in __mark_chain_precision Andrii Nakryiko <andrii(a)kernel.org> bpf: improve precision backtrack logging Andrii Nakryiko <andrii(a)kernel.org> bpf: encapsulate precision backtracking bookkeeping Martin KaFai Lau <martin.lau(a)kernel.org> libbpf: btf_dump_type_data_check_overflow needs to consider BTF_MEMBER_BITFIELD_SIZE Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx Peter Seiderer <ps.report(a)gmx.net> wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation Jesper Dangaard Brouer <brouer(a)redhat.com> igc: Enable and fix RX hash usage by netstack Hao Jia <jiahao.os(a)bytedance.com> sched/core: Avoid multiple calling update_rq_clock() in __cfsb_csd_unthrottle() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> pstore/ram: Add check for kstrdup Roberto Sassu <roberto.sassu(a)huawei.com> ima: Fix build warnings Roberto Sassu <roberto.sassu(a)huawei.com> evm: Fix build warnings Roberto Sassu <roberto.sassu(a)huawei.com> evm: Complete description of evm_inode_setattr() Mark Rutland <mark.rutland(a)arm.com> locking/atomic: arm: fix sync ops Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> reiserfs: Initialize sec->length in reiserfs_security_init(). Juergen Gross <jgross(a)suse.com> x86/mm: Fix __swp_entry_to_pte() for Xen PV guests Ravi Bangoria <ravi.bangoria(a)amd.com> perf/ibs: Fix interface via core pmu events Mark Brown <broonie(a)kernel.org> selftests/ftace: Fix KTAP output ordering Colin Ian King <colin.i.king(a)gmail.com> kselftest: vDSO: Fix accumulation of uninitialized ret when CLOCK_REALTIME is undefined Thomas Weißschuh <linux(a)weissschuh.net> tools/nolibc: ensure fast64 integer types have 64 bits Juergen Gross <jgross(a)suse.com> x86/xen: Set MTRR state when running as Xen PV initial domain Juergen Gross <jgross(a)suse.com> x86/mtrr: Replace size_or_mask and size_and_mask with a much easier concept Juergen Gross <jgross(a)suse.com> x86/hyperv: Set MTRR state when running as SEV-SNP Hyper-V guest Juergen Gross <jgross(a)suse.com> x86/mtrr: Support setting MTRR state for software defined MTRRs Juergen Gross <jgross(a)suse.com> x86/mtrr: Remove physical address size calculation Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> rcu/rcuscale: Move rcu_scale_*() after kfree_scale_cleanup() Paul E. McKenney <paulmck(a)kernel.org> rcutorture: Correct name of use_softirq module parameter Paul E. McKenney <paulmck(a)kernel.org> rcu-tasks: Stop rcu_tasks_invoke_cbs() from using never-onlined CPUs Paul E. McKenney <paulmck(a)kernel.org> rcu: Make rcu_cpu_starting() rely on interrupts being disabled Daniel Latypov <dlatypov(a)google.com> kunit: tool: undo type subscripts for subprocess.Popen Peng Fan <peng.fan(a)nxp.com> thermal/drivers/qoriq: Only enable supported sensors Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe() Stephan Gerhold <stephan.gerhold(a)kernkonzept.com> thermal/drivers/qcom/tsens-v0_1: Add mdm9607 correction offsets Stephan Gerhold <stephan.gerhold(a)kernkonzept.com> thermal/drivers/qcom/tsens-v0_1: Fix mdm9607 slope values Matti Lehtimäki <matti.lehtimaki(a)gmail.com> thermal/drivers/qcom/tsens-v0_1: Add support for MSM8226 Tero Kristo <tero.kristo(a)linux.intel.com> cpufreq: intel_pstate: Fix energy_performance_preference for passive Arnd Bergmann <arnd(a)arndb.de> ARM: 9303/1: kprobes: avoid missing-declaration warnings Ulf Hansson <ulf.hansson(a)linaro.org> PM: domains: Move the verification of in-params from genpd_add_device() Zhang Rui <rui.zhang(a)intel.com> powercap: RAPL: Fix CONFIG_IOSF_MBI dependency Sumeet Pawnikar <sumeet.r.pawnikar(a)intel.com> powercap: RAPL: fix invalid initialization for pl4_supported field Li Yang <leoyang.li(a)nxp.com> APEI: GHES: correctly return NULL for ghes_get_devices() Robin Murphy <robin.murphy(a)arm.com> perf/arm_cspmu: Fix event attribute type Ilkka Koskinen <ilkka(a)os.amperecomputing.com> perf: arm_cspmu: Set irq affinitiy only if overflow interrupt is used Junhao He <hejunhao3(a)huawei.com> drivers/perf: hisi: Don't migrate perf to the CPU going to teardown Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> x86/tdx: Fix race between set_memory_encrypted() and load_unaligned_zeropad() Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> x86/mm: Allow guest.enc_status_change_prepare() to fail Marc Zyngier <maz(a)kernel.org> drivers/perf: apple_m1: Force 63bit counters for M2 CPUs Robin Murphy <robin.murphy(a)arm.com> perf/arm-cmn: Fix DTC reset Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> PM: domains: fix integer overflow issues in genpd_parse_state() Feng Mingxi <m202271825(a)hust.edu.cn> clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe Ming Lei <ming.lei(a)redhat.com> blk-mq: don't insert passthrough request into sw queue Christoph Hellwig <hch(a)lst.de> btrfs: fix file_offset for REQ_BTRFS_ONE_ORDERED bios that get split Christoph Hellwig <hch(a)lst.de> btrfs: don't treat zoned writeback as being from an async helper thread Christoph Hellwig <hch(a)lst.de> btrfs: only call __extent_writepage_io from extent_write_locked_range Christoph Hellwig <hch(a)lst.de> btrfs: don't fail writeback when allocating the compression context fails Christoph Hellwig <hch(a)lst.de> btrfs: fix range_end calculation in extent_write_locked_range Christoph Hellwig <hch(a)lst.de> btrfs: submit a writeback bio per extent_buffer Christoph Hellwig <hch(a)lst.de> btrfs: return bool from lock_extent_buffer_for_io Christoph Hellwig <hch(a)lst.de> btrfs: don't use btrfs_bio_ctrl for extent buffer reading Christoph Hellwig <hch(a)lst.de> btrfs: always read the entire extent_buffer Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode(). Wen Yang <wenyang.linux(a)foxmail.com> tick/rcu: Fix bogus ratelimit condition Thomas Gleixner <tglx(a)linutronix.de> posix-timers: Prevent RT livelock in itimer_delete() Gao Xiang <xiang(a)kernel.org> erofs: fix compact 4B support for 16k block size Chuck Lever <chuck.lever(a)oracle.com> svcrdma: Prevent page release when nothing was received John Paul Adrian Glaubitz <glaubitz(a)physik.fu-berlin.de> irqchip/jcore-aic: Fix missing allocation of IRQ descriptors Antonio Borneo <antonio.borneo(a)foss.st.com> irqchip/stm32-exti: Fix warning on initialized field overwritten Christoph Hellwig <hch(a)lst.de> splice: don't call file_accessed in copy_splice_read Jianmin Lv <lvjianmin(a)loongson.cn> irqchip/loongson-eiointc: Fix irq affinity setting during resume Yu Kuai <yukuai3(a)huawei.com> block: fix blktrace debugfs entries leakage Yu Kuai <yukuai3(a)huawei.com> md/raid1-10: submit write io directly if bitmap is not enabled Yu Kuai <yukuai3(a)huawei.com> md/raid1-10: factor out a helper to submit normal write Yu Kuai <yukuai3(a)huawei.com> md/raid1-10: factor out a helper to add bio to plug Li Nan <linan122(a)huawei.com> md/raid10: fix io loss while replacement replace rdev Li Nan <linan122(a)huawei.com> md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request Li Nan <linan122(a)huawei.com> md/raid10: fix wrong setting of max_corr_read_errors Li Nan <linan122(a)huawei.com> md/raid10: fix overflow of md/safe_mode_delay Li Nan <linan122(a)huawei.com> md/raid10: check slab-out-of-bounds in md_bitmap_get_counter Chaitanya Kulkarni <kch(a)nvidia.com> nvme-core: fix dev_pm_qos memleak Chaitanya Kulkarni <kch(a)nvidia.com> nvme-core: add missing fault-injection cleanup Chaitanya Kulkarni <kch(a)nvidia.com> nvme-core: fix memory leak in dhchap_ctrl_secret Chaitanya Kulkarni <kch(a)nvidia.com> nvme-core: fix memory leak in dhchap_secret_store NeilBrown <neilb(a)suse.de> lockd: drop inappropriate svc_get() from locked_get() Yu Kuai <yukuai3(a)huawei.com> blk-mq: fix potential io hang by wrong 'wake_batch' Arnd Bergmann <arnd(a)arndb.de> virt: sevguest: Add CONFIG_CRYPTO dependency Waiman Long <longman(a)redhat.com> blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() Tom Lendacky <thomas.lendacky(a)amd.com> x86/sev: Fix calculation of end address based on number of pages Li Nan <linan122(a)huawei.com> blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost Eric Biggers <ebiggers(a)google.com> fsverity: don't use bio_first_page_all() in fsverity_verify_bio() Eric Biggers <ebiggers(a)google.com> fsverity: use shash API instead of ahash API Shawn Wang <shawnwang(a)linux.alibaba.com> x86/resctrl: Only show tasks' pid in current pid namespace Gao Xiang <xiang(a)kernel.org> erofs: kill hooked chains to avoid loops on deduplicated compressed images David Howells <dhowells(a)redhat.com> splice: Fix filemap_splice_read() to use the correct inode Yu Kuai <yukuai3(a)huawei.com> block/rq_qos: protect rq_qos apis with a new lock Bart Van Assche <bvanassche(a)acm.org> block: Fix the type of the second bdev_op_is_zoned_write() argument Ming Lei <ming.lei(a)redhat.com> blk-mq: don't queue plugged passthrough requests into scheduler Alexander Gordeev <agordeev(a)linux.ibm.com> s390/kasan: fix insecure W+X mapping warning Arnd Bergmann <arnd(a)arndb.de> fs: pipe: reveal missing function protoypes Hersen Wu <hersenxs.wu(a)amd.com> Revert "drm/amd/display: edp do not add non-edid timings" Sean Nyekjaer <sean(a)geanix.com> iio: accel: fxls8962af: fixup buffer scan element type Sean Nyekjaer <sean(a)geanix.com> iio: accel: fxls8962af: errata bug only applicable for FXLS8962AF Fabrizio Lamarque <fl.scratchpad(a)gmail.com> iio: adc: ad7192: Fix internal/external clock selection Fabrizio Lamarque <fl.scratchpad(a)gmail.com> iio: adc: ad7192: Fix null ad7192_state pointer access Rasmus Villemoes <linux(a)rasmusvillemoes.dk> iio: addac: ad74413: don't set DIN_SINK for functions other than digital input Fabrizio Lamarque <fl.scratchpad(a)gmail.com> dt-bindings: iio: ad7192: Add mandatory reference voltage source Alvin Šipraga <alsi(a)bang-olufsen.dk> extcon: usbc-tusb320: Unregister typec port on driver removal EJ Hsu <ejh(a)nvidia.com> phy: tegra: xusb: Clear the driver reference in usb-phy dev Krishna Kurapati <quic_kriskura(a)quicinc.com> usb: dwc3: gadget: Propagate core init errors to UDC during pullup Davide Tronchin <davide.tronchin.94(a)gmail.com> USB: serial: option: add LARA-R6 01B PIDs ndesaulniers(a)google.com <ndesaulniers(a)google.com> start_kernel: Add __no_stack_protector function attribute ------------- Diffstat: Documentation/ABI/testing/sysfs-driver-eud | 2 +- .../devicetree/bindings/crypto/qcom-qce.yaml | 6 + .../devicetree/bindings/iio/adc/adi,ad7192.yaml | 5 + .../devicetree/bindings/iommu/arm,smmu.yaml | 6 +- .../devicetree/bindings/power/reset/qcom,pon.yaml | 4 +- .../bindings/sound/mediatek,mt8188-afe.yaml | 36 +- Documentation/fault-injection/provoke-crashes.rst | 2 +- Documentation/filesystems/autofs-mount-control.rst | 2 +- Documentation/filesystems/autofs.rst | 2 +- Documentation/filesystems/directory-locking.rst | 26 +- Documentation/filesystems/f2fs.rst | 16 + Documentation/networking/af_xdp.rst | 9 + Makefile | 4 +- arch/arc/include/asm/linkage.h | 8 +- arch/arm/boot/dts/bcm53015-meraki-mr26.dts | 2 +- arch/arm/boot/dts/bcm53016-meraki-mr32.dts | 2 +- arch/arm/boot/dts/bcm5301x.dtsi | 1 - arch/arm/boot/dts/iwg20d-q7-common.dtsi | 2 +- .../boot/dts/lan966x-kontron-kswitch-d10-mmt.dtsi | 16 +- arch/arm/boot/dts/meson8.dtsi | 4 +- arch/arm/boot/dts/meson8b.dtsi | 4 +- arch/arm/boot/dts/omap3-gta04a5one.dts | 4 +- arch/arm/boot/dts/qcom-apq8060-dragonboard.dts | 4 +- arch/arm/boot/dts/qcom-apq8074-dragonboard.dts | 4 + arch/arm/boot/dts/qcom-ipq4019-ap.dk04.1-c1.dts | 8 +- arch/arm/boot/dts/qcom-ipq4019-ap.dk04.1.dtsi | 10 +- arch/arm/boot/dts/qcom-ipq4019-ap.dk07.1.dtsi | 12 +- arch/arm/boot/dts/qcom-msm8974.dtsi | 2 +- arch/arm/boot/dts/stm32mp15xx-dhcom-pdk2.dtsi | 11 +- arch/arm/boot/dts/stm32mp15xx-dhcor-avenger96.dtsi | 8 +- .../boot/dts/stm32mp15xx-dhcor-drc-compact.dtsi | 6 + arch/arm/boot/dts/stm32mp15xx-dhcor-som.dtsi | 6 - arch/arm/boot/dts/stm32mp15xx-dhcor-testbench.dtsi | 8 + arch/arm/boot/dts/stm32mp15xx-dkx.dtsi | 2 +- arch/arm/include/asm/assembler.h | 17 + arch/arm/include/asm/sync_bitops.h | 29 +- arch/arm/lib/bitops.h | 14 +- arch/arm/lib/testchangebit.S | 4 + arch/arm/lib/testclearbit.S | 4 + arch/arm/lib/testsetbit.S | 4 + arch/arm/mach-ep93xx/timer-ep93xx.c | 3 +- arch/arm/mach-omap1/board-ams-delta.c | 1 - arch/arm/mach-omap1/board-nokia770.c | 207 +++--- arch/arm/mach-omap1/board-osk.c | 146 +++-- arch/arm/mach-omap1/board-palmte.c | 51 +- arch/arm/mach-omap1/board-sx1-mmc.c | 1 - arch/arm/mach-omap1/board-sx1.c | 40 +- arch/arm/mach-omap1/devices.c | 1 - arch/arm/mach-omap1/gpio15xx.c | 1 - arch/arm/mach-omap1/gpio16xx.c | 1 - arch/arm/mach-omap1/irq.c | 1 - arch/arm/mach-omap1/serial.c | 30 +- arch/arm/mach-omap2/board-generic.c | 1 + arch/arm/mach-omap2/board-n8x0.c | 156 ++--- arch/arm/mach-omap2/omap_device.c | 1 - arch/arm/mach-omap2/pdata-quirks.c | 132 ++-- arch/arm/mach-omap2/usb-tusb6010.c | 20 +- arch/arm/mach-omap2/usb-tusb6010.h | 12 + arch/arm/mach-orion5x/board-dt.c | 3 + arch/arm/mach-orion5x/common.h | 6 + arch/arm/mach-pxa/spitz.c | 11 +- arch/arm/probes/kprobes/checkers-common.c | 2 +- arch/arm/probes/kprobes/core.c | 2 +- arch/arm/probes/kprobes/opt-arm.c | 2 - arch/arm/probes/kprobes/test-core.c | 2 +- arch/arm/probes/kprobes/test-core.h | 4 + .../dts/mediatek/mt7986a-bananapi-bpi-r3-nand.dtso | 6 +- arch/arm64/boot/dts/mediatek/mt8183-kukui.dtsi | 4 + arch/arm64/boot/dts/mediatek/mt8192-asurada.dtsi | 4 + arch/arm64/boot/dts/mediatek/mt8192.dtsi | 22 +- arch/arm64/boot/dts/mediatek/mt8195-cherry.dtsi | 4 + arch/arm64/boot/dts/microchip/sparx5.dtsi | 2 +- .../boot/dts/microchip/sparx5_pcb_common.dtsi | 12 + arch/arm64/boot/dts/qcom/apq8016-sbc.dts | 78 ++- arch/arm64/boot/dts/qcom/apq8096-ifc6640.dts | 4 +- arch/arm64/boot/dts/qcom/ipq6018.dtsi | 2 +- arch/arm64/boot/dts/qcom/ipq9574.dtsi | 6 +- arch/arm64/boot/dts/qcom/msm8916.dtsi | 8 +- arch/arm64/boot/dts/qcom/msm8953.dtsi | 4 +- arch/arm64/boot/dts/qcom/msm8976.dtsi | 6 +- arch/arm64/boot/dts/qcom/msm8994.dtsi | 2 +- arch/arm64/boot/dts/qcom/msm8996.dtsi | 2 +- arch/arm64/boot/dts/qcom/pm7250b.dtsi | 1 + arch/arm64/boot/dts/qcom/pm8998.dtsi | 2 +- arch/arm64/boot/dts/qcom/qdu1000.dtsi | 1 + arch/arm64/boot/dts/qcom/qrb4210-rb2.dts | 3 +- arch/arm64/boot/dts/qcom/sdm630.dtsi | 2 +- arch/arm64/boot/dts/qcom/sdm670.dtsi | 1 + arch/arm64/boot/dts/qcom/sdm845-xiaomi-polaris.dts | 1 + arch/arm64/boot/dts/qcom/sdm845.dtsi | 3 +- arch/arm64/boot/dts/qcom/sm6115.dtsi | 2 +- .../boot/dts/qcom/sm8250-sony-xperia-edo.dtsi | 7 +- arch/arm64/boot/dts/qcom/sm8350.dtsi | 6 +- arch/arm64/boot/dts/qcom/sm8550.dtsi | 9 +- arch/arm64/boot/dts/renesas/ulcb-kf.dtsi | 3 +- .../boot/dts/rockchip/rk3566-anbernic-rgxx3.dtsi | 2 +- arch/arm64/boot/dts/rockchip/rk3588-rock-5b.dts | 2 + arch/arm64/boot/dts/ti/k3-am69-sk.dts | 2 +- .../boot/dts/ti/k3-j7200-common-proc-board.dts | 28 +- arch/arm64/boot/dts/ti/k3-j721e-beagleboneai64.dts | 5 + arch/arm64/boot/dts/ti/k3-j784s4-evm.dts | 32 +- arch/arm64/boot/dts/ti/k3-j784s4-mcu-wakeup.dtsi | 29 +- arch/arm64/include/asm/fpsimdmacros.h | 6 +- arch/arm64/kernel/signal.c | 2 +- arch/loongarch/Makefile | 2 +- arch/mips/Makefile | 2 +- arch/mips/alchemy/devboards/db1000.c | 11 +- arch/mips/boot/dts/ingenic/ci20.dts | 27 +- arch/powerpc/Kconfig.debug | 2 +- arch/powerpc/boot/dts/turris1x.dts | 6 +- arch/powerpc/include/asm/nmi.h | 4 +- arch/powerpc/kernel/interrupt.c | 3 +- arch/powerpc/kernel/ppc_save_regs.S | 6 +- arch/powerpc/kernel/signal_32.c | 15 +- arch/powerpc/kernel/smp.c | 1 + arch/powerpc/kernel/vdso/Makefile | 2 +- arch/powerpc/kernel/watchdog.c | 12 +- arch/powerpc/mm/book3s64/radix_pgtable.c | 34 +- arch/powerpc/mm/init_64.c | 2 +- arch/powerpc/platforms/powernv/pci-sriov.c | 6 +- arch/powerpc/platforms/powernv/vas-window.c | 2 +- arch/powerpc/platforms/pseries/mobility.c | 4 +- arch/powerpc/platforms/pseries/vas.c | 2 +- arch/riscv/kernel/hibernate-asm.S | 1 - arch/riscv/kernel/hibernate.c | 1 - arch/riscv/kernel/probes/uprobes.c | 2 + arch/riscv/kernel/smpboot.c | 5 +- arch/riscv/mm/init.c | 4 +- arch/s390/kvm/diag.c | 8 +- arch/s390/kvm/kvm-s390.c | 4 + arch/s390/kvm/vsie.c | 6 +- arch/s390/mm/vmem.c | 14 +- arch/sh/drivers/dma/dma-sh.c | 37 +- arch/sh/include/mach-common/mach/highlander.h | 2 +- arch/sh/include/mach-common/mach/r2d.h | 2 +- arch/sh/include/mach-dreamcast/mach/sysasic.h | 2 +- arch/sh/include/mach-se/mach/se7724.h | 2 +- arch/sh/kernel/cpu/sh2/probe.c | 2 +- arch/sh/kernel/cpu/sh3/entry.S | 4 +- arch/sparc/kernel/nmi.c | 10 +- arch/um/Makefile | 2 +- arch/x86/coco/tdx/tdx.c | 51 +- arch/x86/events/amd/core.c | 2 +- arch/x86/events/amd/ibs.c | 53 +- arch/x86/hyperv/ivm.c | 4 + arch/x86/include/asm/mtrr.h | 40 +- arch/x86/include/asm/perf_event.h | 2 + arch/x86/include/asm/pgtable_64.h | 4 +- arch/x86/include/asm/sev.h | 16 +- arch/x86/include/asm/x86_init.h | 2 +- arch/x86/include/uapi/asm/mtrr.h | 8 - arch/x86/kernel/cpu/mtrr/cleanup.c | 18 +- arch/x86/kernel/cpu/mtrr/generic.c | 124 +++- arch/x86/kernel/cpu/mtrr/mtrr.c | 73 +-- arch/x86/kernel/cpu/mtrr/mtrr.h | 4 +- arch/x86/kernel/cpu/resctrl/rdtgroup.c | 8 +- arch/x86/kernel/setup.c | 2 + arch/x86/kernel/sev.c | 14 +- arch/x86/kernel/x86_init.c | 2 +- arch/x86/mm/mem_encrypt_amd.c | 4 +- arch/x86/mm/pat/set_memory.c | 3 +- arch/x86/platform/efi/efi_64.c | 6 +- arch/x86/xen/enlighten_pv.c | 52 ++ block/blk-cgroup.c | 20 +- block/blk-core.c | 1 + block/blk-iocost.c | 7 +- block/blk-mq-debugfs.c | 2 +- block/blk-mq-tag.c | 15 +- block/blk-mq.c | 13 +- block/blk-mq.h | 3 +- block/blk-rq-qos.c | 20 +- block/blk-throttle.c | 6 - block/blk-throttle.h | 9 + block/blk-wbt.c | 2 + block/disk-events.c | 1 + block/genhd.c | 5 +- block/partitions/amiga.c | 102 ++- crypto/jitterentropy.c | 9 +- drivers/accel/habanalabs/gaudi2/gaudi2.c | 2 +- drivers/acpi/apei/ghes.c | 2 + drivers/base/power/domain.c | 15 +- drivers/base/property.c | 12 +- drivers/bus/fsl-mc/dprc-driver.c | 6 + drivers/bus/ti-sysc.c | 4 +- drivers/cdx/cdx.c | 18 + drivers/char/hw_random/st-rng.c | 21 +- drivers/char/hw_random/virtio-rng.c | 10 +- drivers/clk/bcm/clk-raspberrypi.c | 4 +- drivers/clk/clk-cdce925.c | 12 + drivers/clk/clk-renesas-pcie.c | 4 +- drivers/clk/clk-si5341.c | 38 +- drivers/clk/clk-versaclock5.c | 45 +- drivers/clk/clk-versaclock7.c | 2 +- drivers/clk/clk.c | 2 + drivers/clk/imx/clk-composite-8m.c | 31 + drivers/clk/imx/clk-imx8mn.c | 8 +- drivers/clk/imx/clk-imx8mp.c | 24 +- drivers/clk/imx/clk-imx93.c | 15 +- drivers/clk/imx/clk-imxrt1050.c | 22 +- drivers/clk/imx/clk-scu.c | 4 +- drivers/clk/keystone/sci-clk.c | 2 + drivers/clk/mediatek/clk-mt8173-apmixedsys.c | 7 +- drivers/clk/mediatek/clk-mtk.c | 13 +- drivers/clk/qcom/camcc-sc7180.c | 19 +- drivers/clk/qcom/dispcc-qcm2290.c | 12 +- drivers/clk/qcom/gcc-ipq5332.c | 6 +- drivers/clk/qcom/gcc-ipq6018.c | 34 +- drivers/clk/qcom/gcc-qcm2290.c | 62 +- drivers/clk/qcom/mmcc-msm8974.c | 23 +- drivers/clk/renesas/rzg2l-cpg.c | 6 +- drivers/clk/renesas/rzg2l-cpg.h | 3 - drivers/clk/tegra/clk-tegra124-emc.c | 2 + drivers/clk/ti/clkctrl.c | 7 + drivers/clk/xilinx/clk-xlnx-clock-wizard.c | 7 +- drivers/clocksource/timer-cadence-ttc.c | 19 +- drivers/cpufreq/intel_pstate.c | 2 + drivers/cpufreq/mediatek-cpufreq.c | 13 +- drivers/cpufreq/tegra194-cpufreq.c | 6 +- .../crypto/intel/qat/qat_common/qat_asym_algs.c | 14 +- drivers/crypto/marvell/cesa/cipher.c | 2 +- drivers/crypto/nx/Makefile | 2 +- drivers/crypto/nx/nx.h | 4 +- drivers/cxl/core/region.c | 102 +-- drivers/cxl/cxl.h | 16 +- drivers/dax/bus.c | 61 +- drivers/dax/dax-private.h | 4 +- drivers/dax/kmem.c | 2 +- drivers/extcon/extcon-usbc-tusb320.c | 42 +- drivers/extcon/extcon.c | 8 + drivers/firmware/efi/libstub/efi-stub-helper.c | 6 +- drivers/gpio/gpio-twl4030.c | 52 +- drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 11 +- drivers/gpu/drm/amd/amdgpu/amdgpu_jpeg.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 6 +- drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 2 + drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ring_mux.c | 3 + drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 85 +-- drivers/gpu/drm/amd/amdgpu/nbio_v2_3.c | 11 +- drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/sdma_v4_4_2.c | 4 +- drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v9.c | 13 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 10 +- .../amd/display/amdgpu_dm/amdgpu_dm_mst_types.c | 5 +- .../dc/clk_mgr/dcn30/dcn30_clk_mgr_smu_msg.c | 3 + drivers/gpu/drm/amd/display/dc/core/dc.c | 3 - drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 6 +- drivers/gpu/drm/amd/display/dc/dc.h | 3 + .../gpu/drm/amd/display/dc/dcn314/dcn314_hwseq.c | 23 - .../gpu/drm/amd/display/dc/dcn314/dcn314_hwseq.h | 2 - .../gpu/drm/amd/display/dc/dcn314/dcn314_init.c | 2 +- .../amd/display/dc/dml/dcn21/display_mode_vba_21.c | 2 +- .../display/dc/dml/dcn32/display_rq_dlg_calc_32.c | 2 +- .../display/dc/link/protocols/link_dp_capability.c | 4 +- .../drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c | 18 +- .../gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c | 1 + drivers/gpu/drm/bridge/analogix/anx7625.c | 128 ++-- drivers/gpu/drm/bridge/ite-it6505.c | 3 +- drivers/gpu/drm/bridge/samsung-dsim.c | 22 +- drivers/gpu/drm/bridge/tc358767.c | 4 +- drivers/gpu/drm/bridge/tc358768.c | 93 ++- drivers/gpu/drm/bridge/ti-sn65dsi83.c | 20 +- drivers/gpu/drm/drm_gem_vram_helper.c | 6 +- drivers/gpu/drm/i915/Makefile | 2 + drivers/gpu/drm/i915/display/intel_color.c | 36 +- drivers/gpu/drm/i915/display/intel_crtc.c | 2 +- drivers/gpu/drm/i915/display/intel_cursor.c | 4 +- drivers/gpu/drm/i915/display/intel_display.c | 2 +- drivers/gpu/drm/i915/display/intel_display.h | 10 +- .../gpu/drm/i915/display/intel_display_device.c | 728 +++++++++++++++++++++ .../gpu/drm/i915/display/intel_display_device.h | 86 +++ drivers/gpu/drm/i915/display/intel_display_power.c | 6 +- .../gpu/drm/i915/display/intel_display_reg_defs.h | 14 +- drivers/gpu/drm/i915/display/intel_fb_pin.c | 2 +- drivers/gpu/drm/i915/display/intel_fbc.c | 6 +- drivers/gpu/drm/i915/display/intel_hdcp.c | 2 +- drivers/gpu/drm/i915/display/intel_hti.c | 2 +- drivers/gpu/drm/i915/display/intel_psr.c | 4 +- drivers/gpu/drm/i915/display/intel_psr_regs.h | 2 +- drivers/gpu/drm/i915/display/skl_universal_plane.c | 2 +- drivers/gpu/drm/i915/display/skl_watermark.c | 8 +- drivers/gpu/drm/i915/gt/intel_gt_sysfs_pm.c | 35 + drivers/gpu/drm/i915/gt/uc/intel_guc_slpc.c | 40 +- drivers/gpu/drm/i915/gt/uc/intel_guc_slpc.h | 1 + drivers/gpu/drm/i915/gt/uc/intel_guc_slpc_types.h | 1 + drivers/gpu/drm/i915/i915_driver.c | 12 +- drivers/gpu/drm/i915/i915_drv.h | 52 +- drivers/gpu/drm/i915/i915_pci.c | 384 +---------- drivers/gpu/drm/i915/i915_reg.h | 33 - drivers/gpu/drm/i915/intel_device_info.c | 140 ++-- drivers/gpu/drm/i915/intel_device_info.h | 69 +- drivers/gpu/drm/i915/intel_step.c | 8 +- drivers/gpu/drm/imx/lcdc/imx-lcdc.c | 4 +- drivers/gpu/drm/msm/adreno/a5xx_gpu.c | 3 +- drivers/gpu/drm/msm/adreno/a6xx_gpu.c | 3 +- .../drm/msm/disp/dpu1/catalog/dpu_3_0_msm8998.h | 12 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_4_0_sdm845.h | 8 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_5_0_sm8150.h | 12 +- .../drm/msm/disp/dpu1/catalog/dpu_5_1_sc8180x.h | 12 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_6_0_sm8250.h | 12 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_6_2_sc7180.h | 10 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_6_3_sm6115.h | 2 +- .../drm/msm/disp/dpu1/catalog/dpu_6_5_qcm2290.h | 2 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_7_2_sc7280.h | 18 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_8_1_sm8450.h | 4 +- drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c | 5 +- .../gpu/drm/msm/disp/dpu1/dpu_encoder_phys_cmd.c | 60 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_catalog.c | 36 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_ctl.c | 5 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_dsc.c | 5 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_pingpong.c | 75 ++- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_pingpong.h | 31 +- drivers/gpu/drm/msm/disp/dpu1/dpu_kms.h | 4 + drivers/gpu/drm/msm/dp/dp_display.c | 16 +- drivers/gpu/drm/msm/dsi/dsi_host.c | 26 +- drivers/gpu/drm/msm/dsi/phy/dsi_phy_14nm.c | 3 + drivers/gpu/drm/nouveau/dispnv50/disp.c | 1 + drivers/gpu/drm/nouveau/nv50_display.h | 4 +- drivers/gpu/drm/panel/panel-sharp-ls043t1le01.c | 11 +- drivers/gpu/drm/panel/panel-simple.c | 4 +- drivers/gpu/drm/radeon/ci_dpm.c | 28 +- drivers/gpu/drm/radeon/cypress_dpm.c | 8 +- drivers/gpu/drm/radeon/ni_dpm.c | 8 +- drivers/gpu/drm/radeon/rv740_dpm.c | 8 +- drivers/gpu/drm/sun4i/sun4i_tcon.c | 19 +- drivers/gpu/drm/vkms/vkms_composer.c | 4 +- drivers/gpu/drm/vkms/vkms_drv.h | 4 +- drivers/gpu/drm/vkms/vkms_formats.c | 131 ++-- drivers/gpu/drm/vkms/vkms_formats.h | 2 +- drivers/gpu/drm/vkms/vkms_plane.c | 2 +- drivers/hid/Kconfig | 2 +- drivers/hwmon/f71882fg.c | 7 +- drivers/hwmon/gsc-hwmon.c | 6 +- drivers/hwmon/pmbus/adm1275.c | 52 +- drivers/hwtracing/coresight/coresight-core.c | 9 +- .../hwtracing/coresight/coresight-etm4x-sysfs.c | 27 +- drivers/hwtracing/ptt/hisi_ptt.c | 12 +- drivers/hwtracing/ptt/hisi_ptt.h | 2 + drivers/i2c/busses/i2c-designware-pcidrv.c | 13 +- drivers/i2c/busses/i2c-nvidia-gpu.c | 3 + drivers/i2c/busses/i2c-xiic.c | 2 + drivers/i3c/master/svc-i3c-master.c | 19 +- drivers/iio/accel/fxls8962af-core.c | 8 +- drivers/iio/adc/ad7192.c | 8 +- drivers/iio/addac/ad74413r.c | 11 +- drivers/infiniband/hw/bnxt_re/main.c | 20 +- drivers/infiniband/hw/bnxt_re/qplib_fp.c | 40 +- drivers/infiniband/hw/bnxt_re/qplib_fp.h | 2 +- drivers/infiniband/hw/bnxt_re/qplib_rcfw.c | 46 +- drivers/infiniband/hw/bnxt_re/qplib_rcfw.h | 1 + drivers/infiniband/hw/hfi1/ipoib_tx.c | 4 +- drivers/infiniband/hw/hfi1/mmu_rb.c | 101 +-- drivers/infiniband/hw/hfi1/mmu_rb.h | 3 + drivers/infiniband/hw/hfi1/sdma.c | 23 +- drivers/infiniband/hw/hfi1/sdma.h | 47 +- drivers/infiniband/hw/hfi1/sdma_txreq.h | 2 + drivers/infiniband/hw/hfi1/user_sdma.c | 137 ++-- drivers/infiniband/hw/hfi1/user_sdma.h | 1 - drivers/infiniband/hw/hfi1/vnic_sdma.c | 4 +- drivers/infiniband/hw/hns/hns_roce_hem.c | 7 +- drivers/infiniband/hw/irdma/uk.c | 10 +- drivers/infiniband/sw/rxe/rxe_mw.c | 17 +- drivers/input/Kconfig | 2 +- drivers/input/misc/adxl34x.c | 3 +- drivers/input/misc/drv260x.c | 1 + drivers/input/misc/pm8941-pwrkey.c | 19 +- drivers/input/tests/input_test.c | 6 +- drivers/input/touchscreen/ads7846.c | 114 ++-- drivers/input/touchscreen/cyttsp4_core.c | 3 +- drivers/interconnect/qcom/icc-rpm.c | 12 +- drivers/interconnect/qcom/icc-rpm.h | 4 +- drivers/iommu/iommufd/device.c | 2 +- drivers/iommu/iommufd/io_pagetable.c | 14 +- drivers/iommu/virtio-iommu.c | 57 +- drivers/irqchip/irq-jcore-aic.c | 7 + drivers/irqchip/irq-loongson-eiointc.c | 2 +- drivers/irqchip/irq-loongson-liointc.c | 12 +- drivers/irqchip/irq-loongson-pch-pic.c | 10 +- drivers/irqchip/irq-stm32-exti.c | 12 + drivers/leds/trigger/ledtrig-netdev.c | 3 + drivers/mailbox/ti-msgmgr.c | 12 +- drivers/md/bcache/btree.c | 25 +- drivers/md/bcache/btree.h | 1 + drivers/md/bcache/super.c | 4 +- drivers/md/bcache/writeback.c | 10 + drivers/md/md-bitmap.c | 21 +- drivers/md/md-bitmap.h | 7 + drivers/md/md.c | 9 +- drivers/md/raid1-10.c | 42 ++ drivers/md/raid1.c | 25 +- drivers/md/raid10.c | 75 +-- drivers/media/cec/i2c/Kconfig | 1 + drivers/media/common/saa7146/saa7146_core.c | 6 +- drivers/media/i2c/Kconfig | 1 + drivers/media/i2c/hi846.c | 3 +- drivers/media/i2c/imx296.c | 4 +- drivers/media/i2c/st-mipid02.c | 9 +- drivers/media/platform/amphion/vdec.c | 7 +- drivers/media/platform/amphion/venc.c | 4 +- drivers/media/platform/amphion/vpu_malone.c | 12 + drivers/media/platform/amphion/vpu_v4l2.c | 5 +- drivers/media/platform/amphion/vpu_v4l2.h | 2 +- .../platform/mediatek/vcodec/vdec_msg_queue.c | 33 +- .../platform/mediatek/vcodec/vdec_msg_queue.h | 16 +- drivers/media/platform/qcom/venus/helpers.c | 4 +- drivers/media/platform/renesas/rcar_fdp1.c | 5 + drivers/media/usb/dvb-usb-v2/az6007.c | 3 +- drivers/media/usb/siano/smsusb.c | 3 +- drivers/memory/brcmstb_dpfe.c | 4 +- drivers/memstick/host/r592.c | 4 +- drivers/mfd/intel-lpss-acpi.c | 3 + drivers/mfd/rt5033.c | 3 - drivers/mfd/stmfx.c | 7 +- drivers/mfd/stmpe.c | 4 +- drivers/mfd/tps65010.c | 14 +- drivers/mfd/wcd934x.c | 9 +- drivers/misc/fastrpc.c | 3 + drivers/misc/lkdtm/core.c | 2 +- drivers/mmc/core/block.c | 6 + drivers/mmc/core/card.h | 30 +- drivers/mmc/core/quirks.h | 27 + drivers/mmc/core/sd.c | 2 +- drivers/mmc/host/mmci.c | 1 + drivers/mmc/host/mtk-sd.c | 2 +- drivers/mmc/host/omap.c | 46 +- drivers/mmc/host/sdhci.c | 4 +- drivers/net/bonding/bond_main.c | 2 +- drivers/net/can/kvaser_pciefd.c | 39 +- drivers/net/dsa/ocelot/felix.c | 12 + drivers/net/dsa/sja1105/sja1105.h | 2 +- drivers/net/dsa/sja1105/sja1105_main.c | 14 +- drivers/net/dsa/sja1105/sja1105_ptp.c | 48 +- drivers/net/dsa/vitesse-vsc73xx-core.c | 6 +- drivers/net/ethernet/broadcom/tg3.c | 1 + drivers/net/ethernet/ibm/ibmvnic.c | 9 +- drivers/net/ethernet/intel/ice/ice.h | 7 + drivers/net/ethernet/intel/ice/ice_main.c | 29 +- drivers/net/ethernet/intel/ice/ice_ptp.c | 12 +- drivers/net/ethernet/intel/ice/ice_ptp.h | 4 +- drivers/net/ethernet/intel/igc/igc.h | 36 +- drivers/net/ethernet/intel/igc/igc_main.c | 45 +- drivers/net/ethernet/intel/igc/igc_ptp.c | 142 ++-- drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 33 +- drivers/net/ethernet/marvell/octeontx2/af/cgx.h | 2 + .../ethernet/marvell/octeontx2/af/lmac_common.h | 3 + drivers/net/ethernet/marvell/octeontx2/af/rpm.c | 32 +- drivers/net/ethernet/marvell/octeontx2/af/rpm.h | 5 +- drivers/net/ethernet/marvell/octeontx2/af/rvu.c | 1 + drivers/net/ethernet/marvell/octeontx2/af/rvu.h | 12 + .../net/ethernet/marvell/octeontx2/af/rvu_cgx.c | 22 +- drivers/net/ethernet/mellanox/mlxsw/minimal.c | 1 + drivers/net/ethernet/mscc/ocelot.c | 1 - drivers/net/ethernet/mscc/ocelot_ptp.c | 66 +- drivers/net/ethernet/sfc/ef10.c | 13 +- drivers/net/ethernet/sfc/efx_devlink.c | 3 + drivers/net/ethernet/sfc/tc.c | 32 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 6 - drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 10 +- drivers/net/gtp.c | 2 + drivers/net/ipvlan/ipvlan_core.c | 9 +- drivers/net/ppp/pptp.c | 31 +- drivers/net/wireguard/netlink.c | 14 +- drivers/net/wireguard/queueing.c | 1 + drivers/net/wireguard/queueing.h | 25 +- drivers/net/wireguard/receive.c | 2 +- drivers/net/wireguard/send.c | 2 +- drivers/net/wireless/ath/ath10k/core.c | 12 +- drivers/net/wireless/ath/ath10k/core.h | 3 + drivers/net/wireless/ath/ath10k/mac.c | 13 +- drivers/net/wireless/ath/ath11k/ahb.c | 1 + drivers/net/wireless/ath/ath11k/core.c | 1 + drivers/net/wireless/ath/ath11k/hw.c | 2 +- drivers/net/wireless/ath/ath11k/qmi.c | 5 + drivers/net/wireless/ath/ath9k/ar9003_hw.c | 27 +- drivers/net/wireless/ath/ath9k/htc_hst.c | 8 +- drivers/net/wireless/ath/ath9k/main.c | 11 +- drivers/net/wireless/ath/ath9k/wmi.c | 4 + drivers/net/wireless/atmel/atmel_cs.c | 13 +- drivers/net/wireless/intel/iwlwifi/fw/api/rs.h | 2 + drivers/net/wireless/intel/iwlwifi/fw/dump.c | 7 +- drivers/net/wireless/intel/iwlwifi/iwl-nvm-parse.c | 2 + drivers/net/wireless/intel/iwlwifi/mvm/fw.c | 8 +- drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 9 +- drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 10 +- drivers/net/wireless/intel/iwlwifi/mvm/rs-fw.c | 58 +- drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c | 9 +- drivers/net/wireless/intel/iwlwifi/mvm/sta.c | 2 + drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 5 +- drivers/net/wireless/intersil/orinoco/orinoco_cs.c | 13 +- .../net/wireless/intersil/orinoco/spectrum_cs.c | 13 +- drivers/net/wireless/legacy/ray_cs.c | 16 +- drivers/net/wireless/legacy/wl3501_cs.c | 16 +- drivers/net/wireless/marvell/mwifiex/scan.c | 6 +- drivers/net/wireless/mediatek/mt76/mt7921/dma.c | 4 - drivers/net/wireless/mediatek/mt76/mt7921/mcu.c | 8 - drivers/net/wireless/mediatek/mt76/mt7921/pci.c | 8 + drivers/net/wireless/microchip/wilc1000/hif.c | 8 +- drivers/net/wireless/realtek/rtw88/mac80211.c | 4 +- drivers/net/wireless/realtek/rtw88/usb.c | 2 +- drivers/net/wireless/realtek/rtw89/core.c | 2 +- drivers/net/wireless/rsi/rsi_91x_sdio.c | 9 +- drivers/nvme/host/core.c | 16 +- drivers/nvmem/imx-ocotp.c | 8 +- drivers/nvmem/rmem.c | 1 + drivers/nvmem/sunplus-ocotp.c | 9 +- drivers/pci/controller/cadence/pcie-cadence-host.c | 27 + drivers/pci/controller/dwc/pcie-qcom.c | 11 +- drivers/pci/controller/pci-ftpci100.c | 14 +- drivers/pci/controller/vmd.c | 11 +- drivers/pci/endpoint/functions/Kconfig | 2 +- drivers/pci/endpoint/functions/pci-epf-test.c | 2 +- drivers/pci/hotplug/pciehp_ctrl.c | 8 + drivers/pci/pcie/aspm.c | 21 +- drivers/perf/apple_m1_cpu_pmu.c | 30 +- drivers/perf/arm-cmn.c | 7 +- drivers/perf/arm_cspmu/arm_cspmu.c | 11 +- drivers/perf/arm_pmu.c | 2 + drivers/perf/hisilicon/hisi_pcie_pmu.c | 2 +- drivers/phy/Kconfig | 1 + drivers/phy/qualcomm/phy-qcom-qmp-combo.c | 8 +- drivers/phy/tegra/xusb.c | 4 + drivers/pinctrl/bcm/pinctrl-bcm2835.c | 6 +- drivers/pinctrl/freescale/pinctrl-scu.c | 3 +- drivers/pinctrl/intel/pinctrl-cherryview.c | 15 +- drivers/pinctrl/nuvoton/pinctrl-npcm7xx.c | 2 + drivers/pinctrl/pinctrl-at91-pio4.c | 2 + drivers/pinctrl/pinctrl-at91.c | 8 +- drivers/pinctrl/pinctrl-microchip-sgpio.c | 3 + drivers/pinctrl/sunplus/sppctl.c | 23 +- drivers/pinctrl/tegra/pinctrl-tegra.c | 15 +- drivers/pinctrl/tegra/pinctrl-tegra.h | 3 +- drivers/pinctrl/tegra/pinctrl-tegra114.c | 7 +- drivers/pinctrl/tegra/pinctrl-tegra124.c | 7 +- drivers/pinctrl/tegra/pinctrl-tegra194.c | 7 +- drivers/pinctrl/tegra/pinctrl-tegra20.c | 7 +- drivers/pinctrl/tegra/pinctrl-tegra210.c | 7 +- drivers/pinctrl/tegra/pinctrl-tegra30.c | 7 +- drivers/platform/x86/dell/dell-rbtn.c | 13 +- drivers/platform/x86/intel/pmc/core.c | 15 +- drivers/platform/x86/intel/pmc/core.h | 31 +- drivers/platform/x86/intel/pmc/mtl.c | 475 +++++++++++++- drivers/platform/x86/lenovo-yogabook-wmi.c | 34 +- drivers/platform/x86/think-lmi.c | 20 +- drivers/platform/x86/thinkpad_acpi.c | 6 +- drivers/power/supply/rt9467-charger.c | 2 +- drivers/powercap/Kconfig | 4 +- drivers/powercap/intel_rapl_msr.c | 17 +- drivers/pwm/pwm-ab8500.c | 2 +- drivers/pwm/pwm-imx-tpm.c | 7 + drivers/pwm/pwm-mtk-disp.c | 13 +- drivers/pwm/sysfs.c | 17 + drivers/regulator/core.c | 30 +- drivers/regulator/rk808-regulator.c | 1 + drivers/regulator/tps65219-regulator.c | 6 +- drivers/rtc/rtc-st-lpc.c | 2 +- drivers/s390/net/qeth_l3_sys.c | 2 +- drivers/scsi/3w-xxxx.c | 4 +- drivers/scsi/lpfc/lpfc_els.c | 14 +- drivers/scsi/qedf/qedf_main.c | 3 +- drivers/soc/amlogic/meson-secure-pwrc.c | 2 +- drivers/soc/fsl/qe/Kconfig | 1 + drivers/soc/mediatek/mtk-svs.c | 4 +- drivers/soc/qcom/qcom-geni-se.c | 67 +- drivers/soc/xilinx/xlnx_event_manager.c | 6 +- drivers/soundwire/debugfs.c | 3 +- drivers/soundwire/qcom.c | 179 ++--- drivers/spi/spi-bcm-qspi.c | 10 +- drivers/spi/spi-dw-core.c | 5 +- drivers/spi/spi-geni-qcom.c | 111 ++-- drivers/staging/media/atomisp/i2c/atomisp-gc0310.c | 2 +- drivers/staging/media/atomisp/i2c/atomisp-ov2680.c | 8 +- drivers/staging/media/atomisp/i2c/ov2680.h | 1 + .../media/atomisp/pci/atomisp_gmin_platform.c | 2 +- .../vc04_services/interface/vchiq_arm/vchiq_arm.c | 4 +- drivers/thermal/qcom/tsens-v0_1.c | 56 +- drivers/thermal/qcom/tsens.c | 19 +- drivers/thermal/qcom/tsens.h | 6 +- drivers/thermal/qoriq_thermal.c | 30 +- drivers/thermal/sun8i_thermal.c | 55 +- drivers/tty/serial/8250/8250_omap.c | 25 +- drivers/tty/serial/fsl_lpuart.c | 1 + drivers/tty/serial/serial_core.c | 10 +- drivers/ufs/core/ufshcd-priv.h | 3 - drivers/ufs/core/ufshcd.c | 21 +- drivers/usb/core/devio.c | 2 + drivers/usb/core/hcd-pci.c | 24 +- drivers/usb/dwc2/platform.c | 16 +- drivers/usb/dwc3/dwc3-meson-g12a.c | 5 +- drivers/usb/dwc3/dwc3-qcom.c | 17 +- drivers/usb/dwc3/gadget.c | 4 +- drivers/usb/gadget/function/u_serial.c | 13 +- drivers/usb/host/ehci-pci.c | 3 +- drivers/usb/host/ohci-pci.c | 8 +- drivers/usb/host/uhci-pci.c | 7 +- drivers/usb/host/xhci-histb.c | 2 +- drivers/usb/host/xhci-pci.c | 4 +- drivers/usb/host/xhci-plat.c | 4 +- drivers/usb/host/xhci-tegra.c | 2 +- drivers/usb/host/xhci.c | 5 +- drivers/usb/host/xhci.h | 2 +- drivers/usb/musb/musb_core.c | 1 - drivers/usb/musb/musb_core.h | 2 - drivers/usb/musb/tusb6010.c | 53 +- drivers/usb/phy/phy-tahvo.c | 2 +- drivers/usb/serial/option.c | 4 + drivers/usb/typec/ucsi/psy.c | 14 + drivers/vdpa/vdpa_user/vduse_dev.c | 6 +- drivers/vfio/mdev/mdev_core.c | 23 +- drivers/video/fbdev/omap/lcd_mipid.c | 16 +- drivers/virt/coco/sev-guest/Kconfig | 1 + drivers/virtio/virtio_vdpa.c | 4 +- drivers/w1/slaves/w1_therm.c | 31 +- drivers/w1/w1.c | 4 +- fs/afs/write.c | 8 +- fs/btrfs/bio.c | 3 +- fs/btrfs/block-group.c | 41 +- fs/btrfs/ctree.c | 49 +- fs/btrfs/disk-io.c | 7 +- fs/btrfs/extent_io.c | 333 ++++------ fs/btrfs/extent_io.h | 5 +- fs/btrfs/free-space-tree.c | 3 + fs/btrfs/inode.c | 92 ++- fs/btrfs/locking.c | 5 +- fs/btrfs/qgroup.c | 2 + fs/btrfs/tree-mod-log.c | 115 +++- fs/erofs/zdata.c | 72 +- fs/erofs/zmap.c | 6 +- fs/ext4/namei.c | 17 +- fs/f2fs/checkpoint.c | 7 +- fs/f2fs/compress.c | 11 +- fs/f2fs/data.c | 11 +- fs/f2fs/f2fs.h | 23 +- fs/f2fs/file.c | 13 +- fs/f2fs/gc.c | 27 +- fs/f2fs/namei.c | 16 +- fs/f2fs/node.c | 7 +- fs/f2fs/super.c | 160 ++++- fs/fs_context.c | 3 +- fs/gfs2/file.c | 2 +- fs/inode.c | 42 ++ fs/internal.h | 2 + fs/jffs2/build.c | 5 +- fs/jffs2/xattr.c | 13 +- fs/jffs2/xattr.h | 4 +- fs/kernfs/dir.c | 2 + fs/lockd/svc.c | 1 - fs/namei.c | 25 +- fs/nfs/nfs42xattr.c | 79 ++- fs/nfs/nfs4proc.c | 1 + fs/nfsd/cache.h | 2 + fs/nfsd/nfs4xdr.c | 2 +- fs/nfsd/nfscache.c | 25 +- fs/nfsd/nfsctl.c | 10 +- fs/nfsd/vfs.c | 4 +- fs/notify/fanotify/fanotify_user.c | 14 + fs/ntfs3/xattr.c | 3 + fs/ocfs2/cluster/tcp.c | 23 +- fs/overlayfs/copy_up.c | 2 + fs/overlayfs/dir.c | 3 +- fs/overlayfs/export.c | 3 +- fs/overlayfs/inode.c | 17 +- fs/overlayfs/namei.c | 3 +- fs/overlayfs/overlayfs.h | 8 +- fs/overlayfs/super.c | 2 +- fs/overlayfs/util.c | 31 +- fs/pstore/ram_core.c | 2 + fs/ramfs/inode.c | 2 +- fs/reiserfs/xattr_security.c | 1 + fs/smb/client/cifs_debug.c | 16 +- fs/smb/client/cifsglob.h | 10 +- fs/smb/client/cifsproto.h | 2 +- fs/smb/client/connect.c | 70 +- fs/smb/client/dfs.c | 55 +- fs/smb/client/dfs.h | 19 +- fs/smb/client/dfs_cache.c | 8 +- fs/smb/client/file.c | 25 +- fs/smb/client/misc.c | 38 +- fs/smb/client/smb2inode.c | 9 +- fs/smb/client/smb2ops.c | 19 +- fs/smb/client/transport.c | 20 +- fs/smb/server/smb_common.c | 2 +- fs/splice.c | 1 - fs/udf/namei.c | 14 +- fs/verity/enable.c | 19 +- fs/verity/fsverity_private.h | 13 +- fs/verity/hash_algs.c | 131 +--- fs/verity/verify.c | 113 ++-- include/drm/bridge/samsung-dsim.h | 3 + include/drm/drm_fixed.h | 6 + include/linux/bitmap.h | 8 +- include/linux/blk-mq.h | 3 +- include/linux/blkdev.h | 3 +- include/linux/blktrace_api.h | 6 +- include/linux/bpf.h | 1 - include/linux/bpf_verifier.h | 52 +- include/linux/can/length.h | 14 +- include/linux/compiler_attributes.h | 12 + include/linux/dsa/sja1105.h | 4 - include/linux/ieee80211.h | 6 +- include/linux/mfd/tps65010.h | 11 +- include/linux/mfd/twl.h | 3 - include/linux/mm_types.h | 23 +- include/linux/mmc/card.h | 1 + include/linux/netdevice.h | 9 + include/linux/nmi.h | 35 +- include/linux/pci.h | 1 + include/linux/perf/arm_pmu.h | 2 + include/linux/pipe_fs_i.h | 4 - include/linux/platform_data/lcd-mipid.h | 2 - include/linux/platform_data/mmc-omap.h | 2 - include/linux/ramfs.h | 1 + include/linux/sh_intc.h | 6 +- include/linux/soc/qcom/geni-se.h | 4 + include/linux/spi/ads7846.h | 2 - include/linux/usb/hcd.h | 2 +- include/linux/usb/musb.h | 13 - include/linux/watch_queue.h | 3 +- include/net/bluetooth/mgmt.h | 1 + include/net/dsa.h | 12 +- include/net/mac80211.h | 44 +- include/net/regulatory.h | 13 +- include/net/sock.h | 1 + include/soc/mscc/ocelot.h | 10 +- include/trace/events/net.h | 3 +- include/trace/events/timer.h | 6 +- include/uapi/linux/affs_hardblocks.h | 68 +- include/uapi/linux/auto_dev-ioctl.h | 2 +- include/uapi/linux/videodev2.h | 6 +- include/ufs/ufshcd.h | 1 - init/Makefile | 1 + init/main.c | 3 +- io_uring/io_uring.c | 35 +- kernel/bpf/btf.c | 6 +- kernel/bpf/cgroup.c | 15 + kernel/bpf/helpers.c | 12 +- kernel/bpf/trampoline.c | 32 +- kernel/bpf/verifier.c | 716 +++++++++++++++----- kernel/kcsan/core.c | 2 + kernel/kexec_core.c | 5 +- kernel/rcu/rcu.h | 6 + kernel/rcu/rcuscale.c | 199 +++--- kernel/rcu/tasks.h | 7 +- kernel/rcu/tree.c | 23 +- kernel/sched/fair.c | 18 + kernel/sched/sched.h | 22 + kernel/time/posix-timers.c | 43 +- kernel/time/tick-sched.c | 2 +- kernel/watch_queue.c | 12 +- kernel/watchdog.c | 302 ++++++--- kernel/watchdog_hld.c | 48 +- lib/bitmap.c | 2 +- lib/dhry_1.c | 11 +- lib/test_firmware.c | 12 +- lib/ts_bm.c | 4 +- mm/damon/ops-common.c | 16 +- mm/damon/ops-common.h | 4 +- mm/damon/paddr.c | 4 +- mm/damon/vaddr.c | 4 +- mm/filemap.c | 4 +- mm/page-writeback.c | 8 +- mm/shmem.c | 2 +- mm/vmscan.c | 13 +- net/bluetooth/hci_conn.c | 47 +- net/bluetooth/hci_event.c | 15 +- net/bluetooth/hci_sync.c | 28 +- net/bridge/br_if.c | 5 +- net/core/filter.c | 126 +++- net/core/rtnetlink.c | 104 +-- net/core/sock.c | 17 +- net/dsa/dsa.c | 2 +- net/dsa/slave.c | 84 ++- net/dsa/switch.c | 4 +- net/dsa/switch.h | 3 + net/dsa/tag_sja1105.c | 90 +-- net/ipv4/tcp_input.c | 12 +- net/mac80211/debugfs_netdev.c | 2 +- net/mac80211/eht.c | 5 +- net/mac80211/he.c | 3 +- net/mac80211/mlme.c | 30 +- net/mac80211/sta_info.c | 2 + net/mac80211/util.c | 15 +- net/netfilter/ipvs/Kconfig | 27 +- net/netfilter/ipvs/ip_vs_conn.c | 4 +- net/netfilter/nf_conntrack_helper.c | 4 + net/netfilter/nf_conntrack_proto_dccp.c | 52 +- net/netfilter/nf_conntrack_sip.c | 2 +- net/netfilter/nf_tables_api.c | 17 +- net/netfilter/nft_byteorder.c | 14 +- net/netlink/af_netlink.c | 5 +- net/netlink/diag.c | 7 +- net/nfc/llcp.h | 1 - net/nfc/llcp_commands.c | 15 +- net/nfc/llcp_core.c | 49 +- net/nfc/llcp_sock.c | 18 +- net/nfc/netlink.c | 20 +- net/nfc/nfc.h | 1 + net/sched/act_ipt.c | 70 +- net/sched/act_pedit.c | 1 + net/sched/sch_netem.c | 59 +- net/sctp/socket.c | 22 +- net/sunrpc/svcsock.c | 23 +- net/sunrpc/xprtrdma/svc_rdma_recvfrom.c | 12 +- net/wireless/core.c | 16 - net/wireless/reg.c | 16 +- net/wireless/scan.c | 367 ++++------- net/wireless/util.c | 2 + net/xdp/xsk.c | 5 + samples/bpf/tcp_basertt_kern.c | 2 +- samples/bpf/xdp1_kern.c | 2 +- samples/bpf/xdp2_kern.c | 2 +- scripts/Makefile.clang | 3 +- scripts/Makefile.compiler | 4 +- scripts/Makefile.modfinal | 2 +- scripts/Makefile.vmlinux | 1 + scripts/mksysmap | 4 +- scripts/mod/modpost.c | 86 +-- scripts/package/builddeb | 14 +- security/apparmor/policy.c | 13 + security/apparmor/policy_compat.c | 20 +- security/apparmor/policy_unpack.c | 100 +-- security/integrity/evm/evm_crypto.c | 2 +- security/integrity/evm/evm_main.c | 4 +- security/integrity/iint.c | 15 +- security/integrity/ima/ima_modsig.c | 3 + security/integrity/ima/ima_policy.c | 3 +- sound/core/jack.c | 15 +- sound/core/pcm_memory.c | 44 +- sound/pci/ac97/ac97_codec.c | 4 +- sound/pci/hda/patch_realtek.c | 7 +- sound/soc/amd/acp/acp-pdm.c | 2 +- sound/soc/codecs/es8316.c | 23 +- sound/soc/fsl/imx-audmix.c | 9 + sound/soc/intel/boards/sof_sdw.c | 18 +- sound/soc/mediatek/mt8173/mt8173-afe-pcm.c | 13 +- tools/bpf/bpftool/feature.c | 24 +- tools/bpf/resolve_btfids/Makefile | 4 +- tools/include/nolibc/stdint.h | 10 +- tools/lib/bpf/bpf_helpers.h | 15 +- tools/lib/bpf/btf_dump.c | 22 +- tools/perf/arch/x86/util/Build | 1 + tools/perf/arch/x86/util/env.c | 19 + tools/perf/arch/x86/util/env.h | 7 + tools/perf/arch/x86/util/evsel.c | 16 +- tools/perf/arch/x86/util/mem-events.c | 19 +- tools/perf/builtin-bench.c | 2 + tools/perf/builtin-script.c | 16 +- tools/perf/builtin-stat.c | 2 + tools/perf/tests/shell/test_task_analyzer.sh | 26 +- tools/perf/util/bpf_skel/lock_contention.bpf.c | 2 - tools/perf/util/bpf_skel/vmlinux.h | 10 + tools/perf/util/dwarf-aux.c | 2 +- tools/perf/util/evsel.h | 24 +- tools/perf/util/evsel_fprintf.c | 1 + tools/perf/util/metricgroup.c | 2 +- tools/testing/cxl/test/mem.c | 4 +- tools/testing/kunit/kunit_kernel.py | 6 +- tools/testing/kunit/mypy.ini | 6 + tools/testing/kunit/run_checks.py | 2 +- tools/testing/selftests/bpf/Makefile | 3 +- tools/testing/selftests/bpf/prog_tests/check_mtu.c | 2 +- .../testing/selftests/bpf/progs/refcounted_kptr.c | 2 + .../selftests/bpf/progs/refcounted_kptr_fail.c | 4 +- tools/testing/selftests/bpf/test_verifier.c | 24 +- tools/testing/selftests/bpf/verifier/precise.c | 106 +-- tools/testing/selftests/cgroup/test_memcontrol.c | 4 +- tools/testing/selftests/ftrace/ftracetest | 2 +- tools/testing/selftests/net/rtnetlink.sh | 1 + tools/testing/selftests/nolibc/nolibc-test.c | 6 +- .../rcutorture/configs/rcu/BUSTED-BOOST.boot | 2 +- .../selftests/rcutorture/configs/rcu/TREE03.boot | 2 +- .../selftests/vDSO/vdso_test_clock_getres.c | 4 +- tools/testing/selftests/wireguard/netns.sh | 30 +- tools/tracing/rtla/src/osnoise_top.c | 8 +- tools/virtio/Makefile | 13 +- 875 files changed, 10433 insertions(+), 6354 deletions(-)

1 month

2
2
0 0

, el clima laboral también se gestiona

by Daniel Rodríguez

Mejora el clima organizacional body { margin: 0; padding: 0; font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #333; background-color: #ffffff; } table { border-spacing: 0; width: 100%; max-width: 600px; margin: auto; } td { padding: 12px 20px; } a { color: #1a73e8; text-decoration: none; } .footer { font-size: 12px; color: #888888; text-align: center; } Diagnostica el clima y cultura de tu organización con Vorecol Work Environment. Hola, , El desempeño de un equipo no solo depende del talento individual, también del entorno en el que trabaja. Muchas veces, los problemas de rotación o bajo compromiso tienen raíces invisibles... hasta que se miden. Por eso quiero presentarte Vorecol Work Environment, una herramienta diseñada para ayudarte a comprender mejor cómo se vive la cultura y el clima dentro de tu organización. Con Vorecol puedes: Aplicar evaluaciones periódicas de clima y cultura organizacional, personalizadas a tu contexto. Obtener resultados organizados por áreas, con alertas sobre temas críticos como liderazgo, carga laboral o reconocimiento. Acceder a paneles dinámicos que te permiten visualizar tendencias, puntos de mejora y fortalezas de forma clara. Ideal para organizaciones que quieren escuchar más, reaccionar mejor y construir un entorno donde las personas quieran quedarse. Si estás buscando mejorar tu ambiente laboral, vale la pena considerarlo. Si quieres conocer más puedes responder este correo o simplemente contactarme, mis datos están abajo. Saludos, -------------- Atte.: Daniel Rodríguez Ciudad de México: (55) 5018 0565 WhatsApp: +52 33 1607 2089 Si no deseas recibir más correos, haz clic aquí para darte de baja. Para remover su dirección de esta lista haga <a href="https://s1.arrobamail.com/unsuscribe.php?id=yiwtsrewispprseup">click aquí</a>

1 month

1
0
0 0

[PATCH 6.1.y] selftests/mm: Move default_huge_page_size to vm_util.c

by Leon Hwang

Fix the build error: map_hugetlb.c: In function 'main': map_hugetlb.c:79:25: warning: implicit declaration of function 'default_huge_page_size' [-Wimplicit-function-declaration] 79 | hugepage_size = default_huge_page_size(); | ^~~~~~~~~~~~~~~~~~~~~~ /usr/bin/ld: /tmp/ccYOogvJ.o: in function 'main': map_hugetlb.c:(.text+0x114): undefined reference to 'default_huge_page_size' According to the latest selftests, 'default_huge_page_size' has been moved to 'vm_util.c'. So fix the error by the same way. Reviewed-by: Lance Yang <lance.yang(a)linux.dev> Signed-off-by: Leon Hwang <leon.hwang(a)linux.dev> --- tools/testing/selftests/vm/Makefile | 1 + tools/testing/selftests/vm/userfaultfd.c | 24 ------------------------ tools/testing/selftests/vm/vm_util.c | 21 +++++++++++++++++++++ tools/testing/selftests/vm/vm_util.h | 1 + 4 files changed, 23 insertions(+), 24 deletions(-) diff --git a/tools/testing/selftests/vm/Makefile b/tools/testing/selftests/vm/Makefile index 192ea3725c5c..ed90deebef0d 100644 --- a/tools/testing/selftests/vm/Makefile +++ b/tools/testing/selftests/vm/Makefile @@ -100,6 +100,7 @@ $(OUTPUT)/madv_populate: vm_util.c $(OUTPUT)/soft-dirty: vm_util.c $(OUTPUT)/split_huge_page_test: vm_util.c $(OUTPUT)/userfaultfd: vm_util.c +$(OUTPUT)/map_hugetlb: vm_util.c ifeq ($(MACHINE),x86_64) BINARIES_32 := $(patsubst %,$(OUTPUT)/%,$(BINARIES_32)) diff --git a/tools/testing/selftests/vm/userfaultfd.c b/tools/testing/selftests/vm/userfaultfd.c index 297f250c1d95..4751b28eba18 100644 --- a/tools/testing/selftests/vm/userfaultfd.c +++ b/tools/testing/selftests/vm/userfaultfd.c @@ -1674,30 +1674,6 @@ static int userfaultfd_stress(void) || userfaultfd_events_test() || userfaultfd_minor_test(); } -/* - * Copied from mlock2-tests.c - */ -unsigned long default_huge_page_size(void) -{ - unsigned long hps = 0; - char *line = NULL; - size_t linelen = 0; - FILE *f = fopen("/proc/meminfo", "r"); - - if (!f) - return 0; - while (getline(&line, &linelen, f) > 0) { - if (sscanf(line, "Hugepagesize: %lu kB", &hps) == 1) { - hps <<= 10; - break; - } - } - - free(line); - fclose(f); - return hps; -} - static void set_test_type(const char *type) { if (!strcmp(type, "anon")) { diff --git a/tools/testing/selftests/vm/vm_util.c b/tools/testing/selftests/vm/vm_util.c index fc5743bc1283..613cc61602c9 100644 --- a/tools/testing/selftests/vm/vm_util.c +++ b/tools/testing/selftests/vm/vm_util.c @@ -161,6 +161,27 @@ bool check_huge_shmem(void *addr, int nr_hpages, uint64_t hpage_size) return __check_huge(addr, "ShmemPmdMapped:", nr_hpages, hpage_size); } +unsigned long default_huge_page_size(void) +{ + unsigned long hps = 0; + char *line = NULL; + size_t linelen = 0; + FILE *f = fopen("/proc/meminfo", "r"); + + if (!f) + return 0; + while (getline(&line, &linelen, f) > 0) { + if (sscanf(line, "Hugepagesize: %lu kB", &hps) == 1) { + hps <<= 10; + break; + } + } + + free(line); + fclose(f); + return hps; +} + static bool check_vmflag(void *addr, const char *flag) { char buffer[MAX_LINE_LENGTH]; diff --git a/tools/testing/selftests/vm/vm_util.h b/tools/testing/selftests/vm/vm_util.h index 470f85fe9594..a4439db0d6f8 100644 --- a/tools/testing/selftests/vm/vm_util.h +++ b/tools/testing/selftests/vm/vm_util.h @@ -11,4 +11,5 @@ uint64_t read_pmd_pagesize(void); bool check_huge_anon(void *addr, int nr_hpages, uint64_t hpage_size); bool check_huge_file(void *addr, int nr_hpages, uint64_t hpage_size); bool check_huge_shmem(void *addr, int nr_hpages, uint64_t hpage_size); +unsigned long default_huge_page_size(void); bool softdirty_supported(void); -- 2.43.0

1 month

4
10
0 0

[PATCH 2/8] USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC

by Johan Hovold

Asserting or deasserting a modem control line using TIOCMBIS or TIOCMBIC should not deassert any lines that are not in the mask. Fix this long-standing issue dating back to 2003 when the support for these ioctls was added with the introduction of the tiocmset() callback. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable(a)vger.kernel.org Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/kobil_sct.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/drivers/usb/serial/kobil_sct.c b/drivers/usb/serial/kobil_sct.c index 464433be2034..96ea571c436a 100644 --- a/drivers/usb/serial/kobil_sct.c +++ b/drivers/usb/serial/kobil_sct.c @@ -418,7 +418,7 @@ static int kobil_tiocmset(struct tty_struct *tty, struct usb_serial_port *port = tty->driver_data; struct device *dev = &port->dev; struct kobil_private *priv; - int result; + int result = 0; int dtr = 0; int rts = 0; @@ -435,12 +435,12 @@ static int kobil_tiocmset(struct tty_struct *tty, if (set & TIOCM_DTR) dtr = 1; if (clear & TIOCM_RTS) - rts = 0; + rts = 1; if (clear & TIOCM_DTR) - dtr = 0; + dtr = 1; - if (priv->device_type == KOBIL_ADAPTER_B_PRODUCT_ID) { - if (dtr != 0) + if (dtr && priv->device_type == KOBIL_ADAPTER_B_PRODUCT_ID) { + if (set & TIOCM_DTR) dev_dbg(dev, "%s - Setting DTR\n", __func__); else dev_dbg(dev, "%s - Clearing DTR\n", __func__); @@ -448,13 +448,13 @@ static int kobil_tiocmset(struct tty_struct *tty, usb_sndctrlpipe(port->serial->dev, 0), SUSBCRequest_SetStatusLinesOrQueues, USB_TYPE_VENDOR | USB_RECIP_ENDPOINT | USB_DIR_OUT, - ((dtr != 0) ? SUSBCR_SSL_SETDTR : SUSBCR_SSL_CLRDTR), + ((set & TIOCM_DTR) ? SUSBCR_SSL_SETDTR : SUSBCR_SSL_CLRDTR), 0, NULL, 0, KOBIL_TIMEOUT); - } else { - if (rts != 0) + } else if (rts) { + if (set & TIOCM_RTS) dev_dbg(dev, "%s - Setting RTS\n", __func__); else dev_dbg(dev, "%s - Clearing RTS\n", __func__); @@ -462,7 +462,7 @@ static int kobil_tiocmset(struct tty_struct *tty, usb_sndctrlpipe(port->serial->dev, 0), SUSBCRequest_SetStatusLinesOrQueues, USB_TYPE_VENDOR | USB_RECIP_ENDPOINT | USB_DIR_OUT, - ((rts != 0) ? SUSBCR_SSL_SETRTS : SUSBCR_SSL_CLRRTS), + ((set & TIOCM_RTS) ? SUSBCR_SSL_SETRTS : SUSBCR_SSL_CLRRTS), 0, NULL, 0, -- 2.49.1

1 month

1
0
0 0

[PATCH 1/8] USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC

by Johan Hovold

Asserting or deasserting a modem control line using TIOCMBIS or TIOCMBIC should not deassert any lines that are not in the mask. Fix this long-standing regression dating back to 2003 when the tiocmset() callback was introduced. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable(a)vger.kernel.org Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/belkin_sa.c | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/drivers/usb/serial/belkin_sa.c b/drivers/usb/serial/belkin_sa.c index 44f5b58beec9..aa6b4c4ad5ec 100644 --- a/drivers/usb/serial/belkin_sa.c +++ b/drivers/usb/serial/belkin_sa.c @@ -435,7 +435,7 @@ static int belkin_sa_tiocmset(struct tty_struct *tty, struct belkin_sa_private *priv = usb_get_serial_port_data(port); unsigned long control_state; unsigned long flags; - int retval; + int retval = 0; int rts = 0; int dtr = 0; @@ -452,26 +452,32 @@ static int belkin_sa_tiocmset(struct tty_struct *tty, } if (clear & TIOCM_RTS) { control_state &= ~TIOCM_RTS; - rts = 0; + rts = 1; } if (clear & TIOCM_DTR) { control_state &= ~TIOCM_DTR; - dtr = 0; + dtr = 1; } priv->control_state = control_state; spin_unlock_irqrestore(&priv->lock, flags); - retval = BSA_USB_CMD(BELKIN_SA_SET_RTS_REQUEST, rts); - if (retval < 0) { - dev_err(&port->dev, "Set RTS error %d\n", retval); - goto exit; + if (rts) { + retval = BSA_USB_CMD(BELKIN_SA_SET_RTS_REQUEST, + !!(control_state & TIOCM_RTS)); + if (retval < 0) { + dev_err(&port->dev, "Set RTS error %d\n", retval); + goto exit; + } } - retval = BSA_USB_CMD(BELKIN_SA_SET_DTR_REQUEST, dtr); - if (retval < 0) { - dev_err(&port->dev, "Set DTR error %d\n", retval); - goto exit; + if (dtr) { + retval = BSA_USB_CMD(BELKIN_SA_SET_DTR_REQUEST, + !!(control_state & TIOCM_DTR)); + if (retval < 0) { + dev_err(&port->dev, "Set DTR error %d\n", retval); + goto exit; + } } exit: return retval; -- 2.49.1

1 month

1
0
0 0

[PATCH RESEND] fsi/core: fix error handling in fsi_slave_init()

by Ma Ke

Once cdev_device_add() failed, we should use put_device() to decrement reference count for cleanup. Or it could cause memory leak. Although operations in err_free_ida are similar to the operations in callback function fsi_slave_release(), put_device() is a correct handling operation as comments require when cdev_device_add() fails. As comment of device_add() says, 'if device_add() succeeds, you should call device_del() when you want to get rid of it. If device_add() has not succeeded, use only put_device() to drop the reference count'. Found by code review. Cc: stable(a)vger.kernel.org Fixes: 371975b0b075 ("fsi/core: Fix error paths on CFAM init") Signed-off-by: Ma Ke <make24(a)iscas.ac.cn> --- drivers/fsi/fsi-core.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/drivers/fsi/fsi-core.c b/drivers/fsi/fsi-core.c index c6c115993ebc..444878ab9fb1 100644 --- a/drivers/fsi/fsi-core.c +++ b/drivers/fsi/fsi-core.c @@ -1084,7 +1084,8 @@ static int fsi_slave_init(struct fsi_master *master, int link, uint8_t id) rc = cdev_device_add(&slave->cdev, &slave->dev); if (rc) { dev_err(&slave->dev, "Error %d creating slave device\n", rc); - goto err_free_ida; + put_device(&slave->dev); + return rc; } /* Now that we have the cdev registered with the core, any fatal @@ -1110,8 +1111,6 @@ static int fsi_slave_init(struct fsi_master *master, int link, uint8_t id) return 0; -err_free_ida: - fsi_free_minor(slave->dev.devt); err_free: of_node_put(slave->dev.of_node); kfree(slave); -- 2.17.1

1 month

2
1
0 0

[PATCH v2] drm/tilcdc: Fix removal actions in case of failed probe

by Kory Maincent

From: "Kory Maincent (TI.com)" <kory.maincent(a)bootlin.com> The drm_kms_helper_poll_fini() and drm_atomic_helper_shutdown() helpers should only be called when the device has been successfully registered. Currently, these functions are called unconditionally in tilcdc_fini(), which causes warnings during probe deferral scenarios. [ 7.972317] WARNING: CPU: 0 PID: 23 at drivers/gpu/drm/drm_atomic_state_helper.c:175 drm_atomic_helper_crtc_duplicate_state+0x60/0x68 ... [ 8.005820] drm_atomic_helper_crtc_duplicate_state from drm_atomic_get_crtc_state+0x68/0x108 [ 8.005858] drm_atomic_get_crtc_state from drm_atomic_helper_disable_all+0x90/0x1c8 [ 8.005885] drm_atomic_helper_disable_all from drm_atomic_helper_shutdown+0x90/0x144 [ 8.005911] drm_atomic_helper_shutdown from tilcdc_fini+0x68/0xf8 [tilcdc] [ 8.005957] tilcdc_fini [tilcdc] from tilcdc_pdev_probe+0xb0/0x6d4 [tilcdc] Fix this by moving both drm_kms_helper_poll_fini() and drm_atomic_helper_shutdown() inside the priv->is_registered conditional block, ensuring they only execute after successful device registration. Cc: stable(a)vger.kernel.org Reviewed-by: Swamil Jain <s-jain1(a)ti.com> Fixes: 3c4babae3c4a ("drm: Call drm_atomic_helper_shutdown() at shutdown/remove time for misc drivers") Signed-off-by: Kory Maincent (TI.com) <kory.maincent(a)bootlin.com> --- I'm working on removing the usage of deprecated functions as well as general improvements to this driver, but it will take some time so for now this is a simple fix to a functional bug. Change in v2: - Add missing cc: stable tag - Add Swamil reviewed-by --- drivers/gpu/drm/tilcdc/tilcdc_drv.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/gpu/drm/tilcdc/tilcdc_drv.c b/drivers/gpu/drm/tilcdc/tilcdc_drv.c index 7caec4d38ddf..2031267a3490 100644 --- a/drivers/gpu/drm/tilcdc/tilcdc_drv.c +++ b/drivers/gpu/drm/tilcdc/tilcdc_drv.c @@ -172,11 +172,11 @@ static void tilcdc_fini(struct drm_device *dev) if (priv->crtc) tilcdc_crtc_shutdown(priv->crtc); - if (priv->is_registered) + if (priv->is_registered) { drm_dev_unregister(dev); - - drm_kms_helper_poll_fini(dev); - drm_atomic_helper_shutdown(dev); + drm_kms_helper_poll_fini(dev); + drm_atomic_helper_shutdown(dev); + } tilcdc_irq_uninstall(dev); drm_mode_config_cleanup(dev); -- 2.43.0

1 month

1
0
0 0

[PATCH] ksmbd: transport_ipc: validate payload size before reading handle

by Qianchang Zhao

handle_response() dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message from ksmbd.mountd can lead to a 4-byte read past the declared payload size. Validate the size before dereferencing. This is a minimal fix to guard the initial handle read. Fixes: 0626e6641f6b ("cifsd: add server handler for central processing and tranport layers") Cc: stable(a)vger.kernel.org Reported-by: Qianchang Zhao <pioooooooooip(a)gmail.com> Signed-off-by: Qianchang Zhao <pioooooooooip(a)gmail.com> --- fs/smb/server/transport_ipc.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fs/smb/server/transport_ipc.c b/fs/smb/server/transport_ipc.c index 46f87fd1ce1c..2028de4d3ddf 100644 --- a/fs/smb/server/transport_ipc.c +++ b/fs/smb/server/transport_ipc.c @@ -263,6 +263,10 @@ static void ipc_msg_handle_free(int handle) static int handle_response(int type, void *payload, size_t sz) { + /* Prevent 4-byte read beyond declared payload size */ + if (sz < sizeof(unsigned int)) + return -EINVAL; + unsigned int handle = *(unsigned int *)payload; struct ipc_msg_table_entry *entry; int ret = 0; -- 2.34.1

1 month

3
2
0 0

[PATCH v3 1/4] ASoC: qcom: sdw: fix memory leak for sdw_stream_runtime

by Srinivas Kandagatla

For some reason we endedup allocating sdw_stream_runtime for every cpu dai, this has two issues. 1. we never set snd_soc_dai_set_stream for non soundwire dai, which means there is no way that we can free this, resulting in memory leak 2. startup and shutdown callbacks can be called without hw_params callback called. This combination results in memory leak because machine driver sruntime array pointer is only set in hw_params callback. Fix this by 1. adding a helper function to get sdw_runtime for substream which can be used by shutdown callback to get hold of sruntime to free. 2. only allocate sdw_runtime for soundwire dais. Fixes: d32bac9cb09c ("ASoC: qcom: Add helper for allocating Soundwire stream runtime") Cc: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> Cc: <Stable(a)vger.kernel.org> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla(a)oss.qualcomm.com> Tested-by: Steev Klimaszewski <threeway(a)gmail.com> # Thinkpad X13s --- sound/soc/qcom/sc7280.c | 2 +- sound/soc/qcom/sc8280xp.c | 2 +- sound/soc/qcom/sdw.c | 105 +++++++++++++++++++++----------------- sound/soc/qcom/sdw.h | 1 + sound/soc/qcom/sm8250.c | 2 +- sound/soc/qcom/x1e80100.c | 2 +- 6 files changed, 64 insertions(+), 50 deletions(-) diff --git a/sound/soc/qcom/sc7280.c b/sound/soc/qcom/sc7280.c index af412bd0c89f..c444dae563c7 100644 --- a/sound/soc/qcom/sc7280.c +++ b/sound/soc/qcom/sc7280.c @@ -317,7 +317,7 @@ static void sc7280_snd_shutdown(struct snd_pcm_substream *substream) struct snd_soc_card *card = rtd->card; struct sc7280_snd_data *data = snd_soc_card_get_drvdata(card); struct snd_soc_dai *cpu_dai = snd_soc_rtd_to_cpu(rtd, 0); - struct sdw_stream_runtime *sruntime = data->sruntime[cpu_dai->id]; + struct sdw_stream_runtime *sruntime = qcom_snd_sdw_get_stream(substream); switch (cpu_dai->id) { case MI2S_PRIMARY: diff --git a/sound/soc/qcom/sc8280xp.c b/sound/soc/qcom/sc8280xp.c index 78e327bc2f07..9ba536dff667 100644 --- a/sound/soc/qcom/sc8280xp.c +++ b/sound/soc/qcom/sc8280xp.c @@ -73,7 +73,7 @@ static void sc8280xp_snd_shutdown(struct snd_pcm_substream *substream) struct snd_soc_pcm_runtime *rtd = snd_soc_substream_to_rtd(substream); struct snd_soc_dai *cpu_dai = snd_soc_rtd_to_cpu(rtd, 0); struct sc8280xp_snd_data *pdata = snd_soc_card_get_drvdata(rtd->card); - struct sdw_stream_runtime *sruntime = pdata->sruntime[cpu_dai->id]; + struct sdw_stream_runtime *sruntime = qcom_snd_sdw_get_stream(substream); pdata->sruntime[cpu_dai->id] = NULL; sdw_release_stream(sruntime); diff --git a/sound/soc/qcom/sdw.c b/sound/soc/qcom/sdw.c index 7d7981d4295b..7b2cae92c812 100644 --- a/sound/soc/qcom/sdw.c +++ b/sound/soc/qcom/sdw.c @@ -7,6 +7,37 @@ #include <sound/soc.h> #include "sdw.h" +static bool qcom_snd_is_sdw_dai(int id) +{ + switch (id) { + case WSA_CODEC_DMA_RX_0: + case WSA_CODEC_DMA_TX_0: + case WSA_CODEC_DMA_RX_1: + case WSA_CODEC_DMA_TX_1: + case WSA_CODEC_DMA_TX_2: + case RX_CODEC_DMA_RX_0: + case TX_CODEC_DMA_TX_0: + case RX_CODEC_DMA_RX_1: + case TX_CODEC_DMA_TX_1: + case RX_CODEC_DMA_RX_2: + case TX_CODEC_DMA_TX_2: + case RX_CODEC_DMA_RX_3: + case TX_CODEC_DMA_TX_3: + case RX_CODEC_DMA_RX_4: + case TX_CODEC_DMA_TX_4: + case RX_CODEC_DMA_RX_5: + case TX_CODEC_DMA_TX_5: + case RX_CODEC_DMA_RX_6: + case RX_CODEC_DMA_RX_7: + case SLIMBUS_0_RX...SLIMBUS_6_TX: + return true; + default: + break; + } + + return false; +} + /** * qcom_snd_sdw_startup() - Helper to start Soundwire stream for SoC audio card * @substream: The PCM substream from audio, as passed to snd_soc_ops->startup() @@ -29,6 +60,9 @@ int qcom_snd_sdw_startup(struct snd_pcm_substream *substream) u32 rx_ch_cnt = 0, tx_ch_cnt = 0; int ret, i, j; + if (!qcom_snd_is_sdw_dai(cpu_dai->id)) + return 0; + sruntime = sdw_alloc_stream(cpu_dai->name, SDW_STREAM_PCM); if (!sruntime) return -ENOMEM; @@ -89,19 +123,8 @@ int qcom_snd_sdw_prepare(struct snd_pcm_substream *substream, if (!sruntime) return 0; - switch (cpu_dai->id) { - case WSA_CODEC_DMA_RX_0: - case WSA_CODEC_DMA_RX_1: - case RX_CODEC_DMA_RX_0: - case RX_CODEC_DMA_RX_1: - case TX_CODEC_DMA_TX_0: - case TX_CODEC_DMA_TX_1: - case TX_CODEC_DMA_TX_2: - case TX_CODEC_DMA_TX_3: - break; - default: + if (!qcom_snd_is_sdw_dai(cpu_dai->id)) return 0; - } if (*stream_prepared) return 0; @@ -129,9 +152,7 @@ int qcom_snd_sdw_prepare(struct snd_pcm_substream *substream, } EXPORT_SYMBOL_GPL(qcom_snd_sdw_prepare); -int qcom_snd_sdw_hw_params(struct snd_pcm_substream *substream, - struct snd_pcm_hw_params *params, - struct sdw_stream_runtime **psruntime) +struct sdw_stream_runtime *qcom_snd_sdw_get_stream(struct snd_pcm_substream *substream) { struct snd_soc_pcm_runtime *rtd = snd_soc_substream_to_rtd(substream); struct snd_soc_dai *codec_dai; @@ -139,21 +160,23 @@ int qcom_snd_sdw_hw_params(struct snd_pcm_substream *substream, struct sdw_stream_runtime *sruntime; int i; - switch (cpu_dai->id) { - case WSA_CODEC_DMA_RX_0: - case RX_CODEC_DMA_RX_0: - case RX_CODEC_DMA_RX_1: - case TX_CODEC_DMA_TX_0: - case TX_CODEC_DMA_TX_1: - case TX_CODEC_DMA_TX_2: - case TX_CODEC_DMA_TX_3: - for_each_rtd_codec_dais(rtd, i, codec_dai) { - sruntime = snd_soc_dai_get_stream(codec_dai, substream->stream); - if (sruntime != ERR_PTR(-ENOTSUPP)) - *psruntime = sruntime; - } - break; + if (!qcom_snd_is_sdw_dai(cpu_dai->id)) + return NULL; + + for_each_rtd_codec_dais(rtd, i, codec_dai) { + sruntime = snd_soc_dai_get_stream(codec_dai, substream->stream); + if (sruntime != ERR_PTR(-ENOTSUPP)) + return sruntime; } + return NULL; +} +EXPORT_SYMBOL_GPL(qcom_snd_sdw_get_stream); + +int qcom_snd_sdw_hw_params(struct snd_pcm_substream *substream, + struct snd_pcm_hw_params *params, + struct sdw_stream_runtime **psruntime) +{ + *psruntime = qcom_snd_sdw_get_stream(substream); return 0; @@ -166,23 +189,13 @@ int qcom_snd_sdw_hw_free(struct snd_pcm_substream *substream, struct snd_soc_pcm_runtime *rtd = snd_soc_substream_to_rtd(substream); struct snd_soc_dai *cpu_dai = snd_soc_rtd_to_cpu(rtd, 0); - switch (cpu_dai->id) { - case WSA_CODEC_DMA_RX_0: - case WSA_CODEC_DMA_RX_1: - case RX_CODEC_DMA_RX_0: - case RX_CODEC_DMA_RX_1: - case TX_CODEC_DMA_TX_0: - case TX_CODEC_DMA_TX_1: - case TX_CODEC_DMA_TX_2: - case TX_CODEC_DMA_TX_3: - if (sruntime && *stream_prepared) { - sdw_disable_stream(sruntime); - sdw_deprepare_stream(sruntime); - *stream_prepared = false; - } - break; - default: - break; + if (!qcom_snd_is_sdw_dai(cpu_dai->id)) + return 0; + + if (sruntime && *stream_prepared) { + sdw_disable_stream(sruntime); + sdw_deprepare_stream(sruntime); + *stream_prepared = false; } return 0; diff --git a/sound/soc/qcom/sdw.h b/sound/soc/qcom/sdw.h index 392e3455f1b1..b8bc5beb0522 100644 --- a/sound/soc/qcom/sdw.h +++ b/sound/soc/qcom/sdw.h @@ -10,6 +10,7 @@ int qcom_snd_sdw_startup(struct snd_pcm_substream *substream); int qcom_snd_sdw_prepare(struct snd_pcm_substream *substream, struct sdw_stream_runtime *runtime, bool *stream_prepared); +struct sdw_stream_runtime *qcom_snd_sdw_get_stream(struct snd_pcm_substream *stream); int qcom_snd_sdw_hw_params(struct snd_pcm_substream *substream, struct snd_pcm_hw_params *params, struct sdw_stream_runtime **psruntime); diff --git a/sound/soc/qcom/sm8250.c b/sound/soc/qcom/sm8250.c index f5b75a06e5bd..ce5b0059207f 100644 --- a/sound/soc/qcom/sm8250.c +++ b/sound/soc/qcom/sm8250.c @@ -117,7 +117,7 @@ static void sm8250_snd_shutdown(struct snd_pcm_substream *substream) struct snd_soc_pcm_runtime *rtd = snd_soc_substream_to_rtd(substream); struct snd_soc_dai *cpu_dai = snd_soc_rtd_to_cpu(rtd, 0); struct sm8250_snd_data *data = snd_soc_card_get_drvdata(rtd->card); - struct sdw_stream_runtime *sruntime = data->sruntime[cpu_dai->id]; + struct sdw_stream_runtime *sruntime = qcom_snd_sdw_get_stream(substream); data->sruntime[cpu_dai->id] = NULL; sdw_release_stream(sruntime); diff --git a/sound/soc/qcom/x1e80100.c b/sound/soc/qcom/x1e80100.c index 444f2162889f..2e3599516aa2 100644 --- a/sound/soc/qcom/x1e80100.c +++ b/sound/soc/qcom/x1e80100.c @@ -55,7 +55,7 @@ static void x1e80100_snd_shutdown(struct snd_pcm_substream *substream) struct snd_soc_pcm_runtime *rtd = snd_soc_substream_to_rtd(substream); struct snd_soc_dai *cpu_dai = snd_soc_rtd_to_cpu(rtd, 0); struct x1e80100_snd_data *data = snd_soc_card_get_drvdata(rtd->card); - struct sdw_stream_runtime *sruntime = data->sruntime[cpu_dai->id]; + struct sdw_stream_runtime *sruntime = qcom_snd_sdw_get_stream(substream); data->sruntime[cpu_dai->id] = NULL; sdw_release_stream(sruntime); -- 2.51.0

1 month

1
0
0 0

Export Inquiry from Ledcor Group.

by Phillip Davies

1 month

1
0
0 0

[PATCH] objtool/rust: add one more `noreturn` Rust function

by Miguel Ojeda

Between Rust 1.79 and 1.86, under `CONFIG_RUST_KERNEL_DOCTESTS=y`, `objtool` may report: rust/doctests_kernel_generated.o: warning: objtool: rust_doctest_kernel_alloc_kbox_rs_13() falls through to next function rust_doctest_kernel_alloc_kvec_rs_0() (as well as in rust_doctest_kernel_alloc_kvec_rs_0) due to calls to the `noreturn` symbol: core::option::expect_failed from code added in commits 779db37373a3 ("rust: alloc: kvec: implement AsPageIter for VVec") and 671618432f46 ("rust: alloc: kbox: implement AsPageIter for VBox"). Thus add the mangled one to the list so that `objtool` knows it is actually `noreturn`. This can be reproduced as well in other versions by tweaking the code, such as the latest stable Rust (1.90.0). Stable does not have code that triggers this, but it could have it in the future. Downstream forks could too. Thus tag it for backport. See commit 56d680dd23c3 ("objtool/rust: list `noreturn` Rust functions") for more details. Cc: stable(a)vger.kernel.org # Needed in 6.12.y and later. Cc: Josh Poimboeuf <jpoimboe(a)kernel.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Signed-off-by: Miguel Ojeda <ojeda(a)kernel.org> --- tools/objtool/check.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/objtool/check.c b/tools/objtool/check.c index a5770570b106..3c7ab910b189 100644 --- a/tools/objtool/check.c +++ b/tools/objtool/check.c @@ -217,6 +217,7 @@ static bool is_rust_noreturn(const struct symbol *func) * these come from the Rust standard library). */ return str_ends_with(func->name, "_4core5sliceSp15copy_from_slice17len_mismatch_fail") || + str_ends_with(func->name, "_4core6option13expect_failed") || str_ends_with(func->name, "_4core6option13unwrap_failed") || str_ends_with(func->name, "_4core6result13unwrap_failed") || str_ends_with(func->name, "_4core9panicking5panic") || base-commit: 211ddde0823f1442e4ad052a2f30f050145ccada -- 2.51.0

1 month

5
5
0 0

[PATCH v2 4/4] net: ravb: Ensure memory write completes before ringing TX doorbell

by Prabhakar

From: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Add a final dma_wmb() barrier before triggering the transmit request (TCCR_TSRQ) to ensure all descriptor and buffer writes are visible to the DMA engine. According to the hardware manual, a read-back operation is required before writing to the doorbell register to guarantee completion of previous writes. Instead of performing a dummy read, a dma_wmb() is used to both enforce the same ordering semantics on the CPU side and also to ensure completion of writes. Fixes: c156633f1353 ("Renesas Ethernet AVB driver proper") Cc: stable(a)vger.kernel.org Co-developed-by: Fabrizio Castro <fabrizio.castro.jz(a)renesas.com> Signed-off-by: Fabrizio Castro <fabrizio.castro.jz(a)renesas.com> Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> --- v1->v2: - New patch added to separate out the memory barrier change before ringing the doorbell. --- drivers/net/ethernet/renesas/ravb_main.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/net/ethernet/renesas/ravb_main.c b/drivers/net/ethernet/renesas/ravb_main.c index 0e40001f64b4..c3fc15f9ec85 100644 --- a/drivers/net/ethernet/renesas/ravb_main.c +++ b/drivers/net/ethernet/renesas/ravb_main.c @@ -2232,6 +2232,14 @@ static netdev_tx_t ravb_start_xmit(struct sk_buff *skb, struct net_device *ndev) dma_wmb(); desc->die_dt = DT_FSINGLE; } + + /* Before ringing the doorbell we need to make sure that the latest + * writes have been committed to memory, otherwise it could delay + * things until the doorbell is rang again. + * This is in replacement of the read operation mentioned in the HW + * manuals. + */ + dma_wmb(); ravb_modify(ndev, TCCR, TCCR_TSRQ0 << q, TCCR_TSRQ0 << q); priv->cur_tx[q] += num_tx_desc; -- 2.43.0

1 month

2
1
0 0

[PATCH v2 3/4] net: ravb: Enforce descriptor type ordering

by Prabhakar

From: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Ensure the TX descriptor type fields are published in a safe order so the DMA engine never begins processing a descriptor chain before all descriptor fields are fully initialised. For multi-descriptor transmits the driver writes DT_FEND into the last descriptor and DT_FSTART into the first. The DMA engine begins processing when it observes DT_FSTART. Move the dma_wmb() barrier so it executes immediately after DT_FEND and immediately before writing DT_FSTART (and before DT_FSINGLE in the single-descriptor case). This guarantees that all prior CPU writes to the descriptor memory are visible to the device before DT_FSTART is seen. This avoids a situation where compiler/CPU reordering could publish DT_FSTART ahead of DT_FEND or other descriptor fields, allowing the DMA to start on a partially initialised chain and causing corrupted transmissions or TX timeouts. Such a failure was observed on RZ/G2L with an RT kernel as transmit queue timeouts and device resets. Fixes: 2f45d1902acf ("ravb: minimize TX data copying") Cc: stable(a)vger.kernel.org Co-developed-by: Fabrizio Castro <fabrizio.castro.jz(a)renesas.com> Signed-off-by: Fabrizio Castro <fabrizio.castro.jz(a)renesas.com> Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> --- v1->v2: - Reflowed the code and updated the comment to clarify the ordering requirements. - Updated commit message. - Split up adding memory barrier change before ringing doorbell into a separate patch. --- drivers/net/ethernet/renesas/ravb_main.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/renesas/ravb_main.c b/drivers/net/ethernet/renesas/ravb_main.c index a200e205825a..0e40001f64b4 100644 --- a/drivers/net/ethernet/renesas/ravb_main.c +++ b/drivers/net/ethernet/renesas/ravb_main.c @@ -2211,13 +2211,25 @@ static netdev_tx_t ravb_start_xmit(struct sk_buff *skb, struct net_device *ndev) skb_tx_timestamp(skb); } - /* Descriptor type must be set after all the above writes */ - dma_wmb(); + if (num_tx_desc > 1) { desc->die_dt = DT_FEND; desc--; + /* When using multi-descriptors, DT_FEND needs to get written + * before DT_FSTART, but the compiler may reorder the memory + * writes in an attempt to optimize the code. + * Use a dma_wmb() barrier to make sure DT_FEND and DT_FSTART + * are written exactly in the order shown in the code. + * This is particularly important for cases where the DMA engine + * is already running when we are running this code. If the DMA + * sees DT_FSTART without the corresponding DT_FEND it will enter + * an error condition. + */ + dma_wmb(); desc->die_dt = DT_FSTART; } else { + /* Descriptor type must be set after all the above writes */ + dma_wmb(); desc->die_dt = DT_FSINGLE; } ravb_modify(ndev, TCCR, TCCR_TSRQ0 << q, TCCR_TSRQ0 << q); -- 2.43.0

1 month

2
1
0 0

[PATCH v2 1/4] ASoC: qcom: sdw: fix memory leak for sdw_stream_runtime

by Srinivas Kandagatla

For some reason we endedup allocating sdw_stream_runtime for every cpu dai, this has two issues. 1. we never set snd_soc_dai_set_stream for non soundwire dai, which means there is no way that we can free this, resulting in memory leak 2. startup and shutdown callbacks can be called without hw_params callback called. This combination results in memory leak because machine driver sruntime array pointer is only set in hw_params callback. Fix this by 1. adding a helper function to get sdw_runtime for substream which can be used by shutdown callback to get hold of sruntime to free. 2. only allocate sdw_runtime for soundwire dais. Fixes: d32bac9cb09c ("ASoC: qcom: Add helper for allocating Soundwire stream runtime") Cc: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> Cc: <Stable(a)vger.kernel.org> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla(a)oss.qualcomm.com> --- sound/soc/qcom/sc7280.c | 2 +- sound/soc/qcom/sc8280xp.c | 2 +- sound/soc/qcom/sdw.c | 105 +++++++++++++++++++++----------------- sound/soc/qcom/sdw.h | 1 + sound/soc/qcom/sm8250.c | 2 +- sound/soc/qcom/x1e80100.c | 2 +- 6 files changed, 64 insertions(+), 50 deletions(-) diff --git a/sound/soc/qcom/sc7280.c b/sound/soc/qcom/sc7280.c index af412bd0c89f..c444dae563c7 100644 --- a/sound/soc/qcom/sc7280.c +++ b/sound/soc/qcom/sc7280.c @@ -317,7 +317,7 @@ static void sc7280_snd_shutdown(struct snd_pcm_substream *substream) struct snd_soc_card *card = rtd->card; struct sc7280_snd_data *data = snd_soc_card_get_drvdata(card); struct snd_soc_dai *cpu_dai = snd_soc_rtd_to_cpu(rtd, 0); - struct sdw_stream_runtime *sruntime = data->sruntime[cpu_dai->id]; + struct sdw_stream_runtime *sruntime = qcom_snd_sdw_get_stream(substream); switch (cpu_dai->id) { case MI2S_PRIMARY: diff --git a/sound/soc/qcom/sc8280xp.c b/sound/soc/qcom/sc8280xp.c index 78e327bc2f07..9ba536dff667 100644 --- a/sound/soc/qcom/sc8280xp.c +++ b/sound/soc/qcom/sc8280xp.c @@ -73,7 +73,7 @@ static void sc8280xp_snd_shutdown(struct snd_pcm_substream *substream) struct snd_soc_pcm_runtime *rtd = snd_soc_substream_to_rtd(substream); struct snd_soc_dai *cpu_dai = snd_soc_rtd_to_cpu(rtd, 0); struct sc8280xp_snd_data *pdata = snd_soc_card_get_drvdata(rtd->card); - struct sdw_stream_runtime *sruntime = pdata->sruntime[cpu_dai->id]; + struct sdw_stream_runtime *sruntime = qcom_snd_sdw_get_stream(substream); pdata->sruntime[cpu_dai->id] = NULL; sdw_release_stream(sruntime); diff --git a/sound/soc/qcom/sdw.c b/sound/soc/qcom/sdw.c index 7d7981d4295b..7b2cae92c812 100644 --- a/sound/soc/qcom/sdw.c +++ b/sound/soc/qcom/sdw.c @@ -7,6 +7,37 @@ #include <sound/soc.h> #include "sdw.h" +static bool qcom_snd_is_sdw_dai(int id) +{ + switch (id) { + case WSA_CODEC_DMA_RX_0: + case WSA_CODEC_DMA_TX_0: + case WSA_CODEC_DMA_RX_1: + case WSA_CODEC_DMA_TX_1: + case WSA_CODEC_DMA_TX_2: + case RX_CODEC_DMA_RX_0: + case TX_CODEC_DMA_TX_0: + case RX_CODEC_DMA_RX_1: + case TX_CODEC_DMA_TX_1: + case RX_CODEC_DMA_RX_2: + case TX_CODEC_DMA_TX_2: + case RX_CODEC_DMA_RX_3: + case TX_CODEC_DMA_TX_3: + case RX_CODEC_DMA_RX_4: + case TX_CODEC_DMA_TX_4: + case RX_CODEC_DMA_RX_5: + case TX_CODEC_DMA_TX_5: + case RX_CODEC_DMA_RX_6: + case RX_CODEC_DMA_RX_7: + case SLIMBUS_0_RX...SLIMBUS_6_TX: + return true; + default: + break; + } + + return false; +} + /** * qcom_snd_sdw_startup() - Helper to start Soundwire stream for SoC audio card * @substream: The PCM substream from audio, as passed to snd_soc_ops->startup() @@ -29,6 +60,9 @@ int qcom_snd_sdw_startup(struct snd_pcm_substream *substream) u32 rx_ch_cnt = 0, tx_ch_cnt = 0; int ret, i, j; + if (!qcom_snd_is_sdw_dai(cpu_dai->id)) + return 0; + sruntime = sdw_alloc_stream(cpu_dai->name, SDW_STREAM_PCM); if (!sruntime) return -ENOMEM; @@ -89,19 +123,8 @@ int qcom_snd_sdw_prepare(struct snd_pcm_substream *substream, if (!sruntime) return 0; - switch (cpu_dai->id) { - case WSA_CODEC_DMA_RX_0: - case WSA_CODEC_DMA_RX_1: - case RX_CODEC_DMA_RX_0: - case RX_CODEC_DMA_RX_1: - case TX_CODEC_DMA_TX_0: - case TX_CODEC_DMA_TX_1: - case TX_CODEC_DMA_TX_2: - case TX_CODEC_DMA_TX_3: - break; - default: + if (!qcom_snd_is_sdw_dai(cpu_dai->id)) return 0; - } if (*stream_prepared) return 0; @@ -129,9 +152,7 @@ int qcom_snd_sdw_prepare(struct snd_pcm_substream *substream, } EXPORT_SYMBOL_GPL(qcom_snd_sdw_prepare); -int qcom_snd_sdw_hw_params(struct snd_pcm_substream *substream, - struct snd_pcm_hw_params *params, - struct sdw_stream_runtime **psruntime) +struct sdw_stream_runtime *qcom_snd_sdw_get_stream(struct snd_pcm_substream *substream) { struct snd_soc_pcm_runtime *rtd = snd_soc_substream_to_rtd(substream); struct snd_soc_dai *codec_dai; @@ -139,21 +160,23 @@ int qcom_snd_sdw_hw_params(struct snd_pcm_substream *substream, struct sdw_stream_runtime *sruntime; int i; - switch (cpu_dai->id) { - case WSA_CODEC_DMA_RX_0: - case RX_CODEC_DMA_RX_0: - case RX_CODEC_DMA_RX_1: - case TX_CODEC_DMA_TX_0: - case TX_CODEC_DMA_TX_1: - case TX_CODEC_DMA_TX_2: - case TX_CODEC_DMA_TX_3: - for_each_rtd_codec_dais(rtd, i, codec_dai) { - sruntime = snd_soc_dai_get_stream(codec_dai, substream->stream); - if (sruntime != ERR_PTR(-ENOTSUPP)) - *psruntime = sruntime; - } - break; + if (!qcom_snd_is_sdw_dai(cpu_dai->id)) + return NULL; + + for_each_rtd_codec_dais(rtd, i, codec_dai) { + sruntime = snd_soc_dai_get_stream(codec_dai, substream->stream); + if (sruntime != ERR_PTR(-ENOTSUPP)) + return sruntime; } + return NULL; +} +EXPORT_SYMBOL_GPL(qcom_snd_sdw_get_stream); + +int qcom_snd_sdw_hw_params(struct snd_pcm_substream *substream, + struct snd_pcm_hw_params *params, + struct sdw_stream_runtime **psruntime) +{ + *psruntime = qcom_snd_sdw_get_stream(substream); return 0; @@ -166,23 +189,13 @@ int qcom_snd_sdw_hw_free(struct snd_pcm_substream *substream, struct snd_soc_pcm_runtime *rtd = snd_soc_substream_to_rtd(substream); struct snd_soc_dai *cpu_dai = snd_soc_rtd_to_cpu(rtd, 0); - switch (cpu_dai->id) { - case WSA_CODEC_DMA_RX_0: - case WSA_CODEC_DMA_RX_1: - case RX_CODEC_DMA_RX_0: - case RX_CODEC_DMA_RX_1: - case TX_CODEC_DMA_TX_0: - case TX_CODEC_DMA_TX_1: - case TX_CODEC_DMA_TX_2: - case TX_CODEC_DMA_TX_3: - if (sruntime && *stream_prepared) { - sdw_disable_stream(sruntime); - sdw_deprepare_stream(sruntime); - *stream_prepared = false; - } - break; - default: - break; + if (!qcom_snd_is_sdw_dai(cpu_dai->id)) + return 0; + + if (sruntime && *stream_prepared) { + sdw_disable_stream(sruntime); + sdw_deprepare_stream(sruntime); + *stream_prepared = false; } return 0; diff --git a/sound/soc/qcom/sdw.h b/sound/soc/qcom/sdw.h index 392e3455f1b1..b8bc5beb0522 100644 --- a/sound/soc/qcom/sdw.h +++ b/sound/soc/qcom/sdw.h @@ -10,6 +10,7 @@ int qcom_snd_sdw_startup(struct snd_pcm_substream *substream); int qcom_snd_sdw_prepare(struct snd_pcm_substream *substream, struct sdw_stream_runtime *runtime, bool *stream_prepared); +struct sdw_stream_runtime *qcom_snd_sdw_get_stream(struct snd_pcm_substream *stream); int qcom_snd_sdw_hw_params(struct snd_pcm_substream *substream, struct snd_pcm_hw_params *params, struct sdw_stream_runtime **psruntime); diff --git a/sound/soc/qcom/sm8250.c b/sound/soc/qcom/sm8250.c index f5b75a06e5bd..ce5b0059207f 100644 --- a/sound/soc/qcom/sm8250.c +++ b/sound/soc/qcom/sm8250.c @@ -117,7 +117,7 @@ static void sm8250_snd_shutdown(struct snd_pcm_substream *substream) struct snd_soc_pcm_runtime *rtd = snd_soc_substream_to_rtd(substream); struct snd_soc_dai *cpu_dai = snd_soc_rtd_to_cpu(rtd, 0); struct sm8250_snd_data *data = snd_soc_card_get_drvdata(rtd->card); - struct sdw_stream_runtime *sruntime = data->sruntime[cpu_dai->id]; + struct sdw_stream_runtime *sruntime = qcom_snd_sdw_get_stream(substream); data->sruntime[cpu_dai->id] = NULL; sdw_release_stream(sruntime); diff --git a/sound/soc/qcom/x1e80100.c b/sound/soc/qcom/x1e80100.c index 444f2162889f..2e3599516aa2 100644 --- a/sound/soc/qcom/x1e80100.c +++ b/sound/soc/qcom/x1e80100.c @@ -55,7 +55,7 @@ static void x1e80100_snd_shutdown(struct snd_pcm_substream *substream) struct snd_soc_pcm_runtime *rtd = snd_soc_substream_to_rtd(substream); struct snd_soc_dai *cpu_dai = snd_soc_rtd_to_cpu(rtd, 0); struct x1e80100_snd_data *data = snd_soc_card_get_drvdata(rtd->card); - struct sdw_stream_runtime *sruntime = data->sruntime[cpu_dai->id]; + struct sdw_stream_runtime *sruntime = qcom_snd_sdw_get_stream(substream); data->sruntime[cpu_dai->id] = NULL; sdw_release_stream(sruntime); -- 2.51.0

1 month

2
3
0 0

[PATCH 1/3] drm/i915/dmc: Clear HRR EVT_CTL/HTP to zero on ADL-S

by Ville Syrjala

From: Ville Syrjälä <ville.syrjala(a)linux.intel.com> On ADL-S the main DMC HRR event DMC_EVT_CTL/HTP are never restored to their previous values during DC6 exit. This angers assert_dmc_loaded(), and basically makes the HRR handler unusable because we don't rewrite EVT_HTP when enabling DMC events. Let's just clear the HRR EVT_CTL/HTP to zero from the beginnning so that the expected value matches the post-DC6 reality. I suppose if we ever had actual use for HRR we'd have to both, reject HRR+PSR, and reprogram EVT_HTP when enabling the event. But for now we don't care about HRR so keeping both registers zeroed is fine. Cc: stable(a)vger.kernel.org Tested-by: Petr Vorel <pvorel(a)suse.cz> Fixes: 43175c92d403 ("drm/i915/dmc: Assert DMC is loaded harder") Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/15153 Signed-off-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> --- drivers/gpu/drm/i915/display/intel_dmc.c | 55 +++++++++++++++++++++++- 1 file changed, 54 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/i915/display/intel_dmc.c b/drivers/gpu/drm/i915/display/intel_dmc.c index be6d37ea1139..5ba531e3bc36 100644 --- a/drivers/gpu/drm/i915/display/intel_dmc.c +++ b/drivers/gpu/drm/i915/display/intel_dmc.c @@ -550,6 +550,36 @@ static bool is_event_handler(struct intel_display *display, REG_FIELD_GET(DMC_EVT_CTL_EVENT_ID_MASK, data) == event_id; } +static bool fixup_dmc_evt(struct intel_display *display, + enum intel_dmc_id dmc_id, + i915_reg_t reg_ctl, u32 *data_ctl, + i915_reg_t reg_htp, u32 *data_htp) +{ + if (!is_dmc_evt_ctl_reg(display, dmc_id, reg_ctl)) + return false; + + if (!is_dmc_evt_htp_reg(display, dmc_id, reg_htp)) + return false; + + /* make sure reg_ctl and reg_htp are for the same event */ + if (i915_mmio_reg_offset(reg_ctl) - i915_mmio_reg_offset(DMC_EVT_CTL(display, dmc_id, 0)) != + i915_mmio_reg_offset(reg_htp) - i915_mmio_reg_offset(DMC_EVT_HTP(display, dmc_id, 0))) + return false; + + /* + * On ADL-S the HRR event handler is not restored after DC6. + * Clear it to zero from the beginning to avoid mismatches later. + */ + if (display->platform.alderlake_s && dmc_id == DMC_FW_MAIN && + is_event_handler(display, dmc_id, MAINDMC_EVENT_VBLANK_A, reg_ctl, *data_ctl)) { + *data_ctl = 0; + *data_htp = 0; + return true; + } + + return false; +} + static bool disable_dmc_evt(struct intel_display *display, enum intel_dmc_id dmc_id, i915_reg_t reg, u32 data) @@ -1068,9 +1098,32 @@ static u32 parse_dmc_fw_header(struct intel_dmc *dmc, for (i = 0; i < mmio_count; i++) { dmc_info->mmioaddr[i] = _MMIO(mmioaddr[i]); dmc_info->mmiodata[i] = mmiodata[i]; + } + for (i = 0; i < mmio_count - 1; i++) { + u32 orig_mmiodata[2] = { + dmc_info->mmiodata[i], + dmc_info->mmiodata[i+1], + }; + + if (!fixup_dmc_evt(display, dmc_id, + dmc_info->mmioaddr[i], &dmc_info->mmiodata[i], + dmc_info->mmioaddr[i+1], &dmc_info->mmiodata[i+1])) + continue; + + drm_dbg_kms(display->drm, + " mmio[%d]: 0x%x = 0x%x->0x%x (EVT_CTL)\n", + i, i915_mmio_reg_offset(dmc_info->mmioaddr[i]), + orig_mmiodata[0], dmc_info->mmiodata[i]); + drm_dbg_kms(display->drm, + " mmio[%d]: 0x%x = 0x%x->0x%x (EVT_HTP)\n", + i+1, i915_mmio_reg_offset(dmc_info->mmioaddr[i+1]), + orig_mmiodata[1], dmc_info->mmiodata[i+1]); + } + + for (i = 0; i < mmio_count; i++) { drm_dbg_kms(display->drm, " mmio[%d]: 0x%x = 0x%x%s%s\n", - i, mmioaddr[i], mmiodata[i], + i, i915_mmio_reg_offset(dmc_info->mmioaddr[i]), dmc_info->mmiodata[i], is_dmc_evt_ctl_reg(display, dmc_id, dmc_info->mmioaddr[i]) ? " (EVT_CTL)" : is_dmc_evt_htp_reg(display, dmc_id, dmc_info->mmioaddr[i]) ? " (EVT_HTP)" : "", disable_dmc_evt(display, dmc_id, dmc_info->mmioaddr[i], -- 2.49.1

1 month

2
1
0 0

[PATCH 0/2] PCI: Keystone: __init and IRQ Fixes

by Siddharth Vadapalli

Hello, This series is based on commit 320475fbd590 Merge tag 'mtd/fixes-for-6.17-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux of Mainline Linux. The first patch in the series has been posted as a Fix in contrast to its predecessor at: https://lore.kernel.org/r/20250903124505.365913-10-s-vadapalli@ti.com/ based on the feedback provided by Jiri Slaby <jirislaby(a)kernel.org> at: https://lore.kernel.org/r/3d3a4b52-e343-42f3-9d69-94c259812143@kernel.org/ Since the Fix is independent of enabling loadable module support for the pci-keystone.c driver, it is being posted as a new patch. Checking out at the commit of Mainline Linux which this series is based on, I noticed an exception triggered by the pci-keystone.c driver during its probe. Although this is not a fatal exception and Linux continues to boot, the driver is non-functional. I root-caused the exception to free_initmem() freeing the memory associated with the ks_pcie_host_init() function in the driver before the driver's probe was invoked. This appears to be a race condition but it is easily reproducible with the Linux .config that I have used. The fix therefore is to remove the __init macro which is implemented by the second patch in the series. For reference, the logs for the case where Linux is built by checking out at the base commit of Mainline Linux are: https://gist.github.com/Siddharth-Vadapalli-at-TI/f4891b707921c53dfb464ad2f… and the logs clearly prove that the print associated with free_initmem() which is: [ 2.446834] Freeing unused kernel memory: 4864K is displayed prior to the prints associated with the pci-keystone.c driver being probed which is: [ 7.707103] keystone-pcie 5500000.pcie: host bridge /bus@100000/pcie@5500000 ranges: Building Linux by applying both patches in the series on the base commit of Mainline Linux, the driver probes successfully without any exceptions or errors. This was tested on AM654-EVM with an NVMe SSD connected to the PCIe Connector on the board. The NVMe SSD enumerates successfully. Additionally, the 'hdparm' utility was used to read from the SSD confirming that the SSD is functional. The logs corresponding to this are: https://gist.github.com/Siddharth-Vadapalli-at-TI/1b09a12a53db4233e82c5bcfc… Regards, Siddharth. Siddharth Vadapalli (2): PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit PCI: keystone: Remove the __init macro for the ks_pcie_host_init() callback drivers/pci/controller/dwc/pci-keystone.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) -- 2.43.0

1 month

3
5
0 0

[PATCH v2] serial: 8250: always disable IRQ during THRE test

by Peng Zhang

commit 039d4926379b ("serial: 8250: Toggle IER bits on only after irq has been set up") moved IRQ setup before the THRE test, so the interrupt handler can run during the test and race with its IIR reads. This can produce wrong THRE test results and cause spurious registration of the serial8250_backup_timeout timer. Unconditionally disable the IRQ for the short duration of the test and re-enable it afterwards to avoid the race. Cc: stable(a)vger.kernel.org Fixes: 039d4926379b ("serial: 8250: Toggle IER bits on only after irq has been set up") Signed-off-by: Peng Zhang <zhangpeng.00(a)bytedance.com> --- drivers/tty/serial/8250/8250_port.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/tty/serial/8250/8250_port.c b/drivers/tty/serial/8250/8250_port.c index 719faf92aa8a..f1740cc91143 100644 --- a/drivers/tty/serial/8250/8250_port.c +++ b/drivers/tty/serial/8250/8250_port.c @@ -2147,8 +2147,7 @@ static void serial8250_THRE_test(struct uart_port *port) if (up->port.flags & UPF_NO_THRE_TEST) return; - if (port->irqflags & IRQF_SHARED) - disable_irq_nosync(port->irq); + disable_irq(port->irq); /* * Test for UARTs that do not reassert THRE when the transmitter is idle and the interrupt @@ -2170,8 +2169,7 @@ static void serial8250_THRE_test(struct uart_port *port) serial_port_out(port, UART_IER, 0); } - if (port->irqflags & IRQF_SHARED) - enable_irq(port->irq); + enable_irq(port->irq); /* * If the interrupt is not reasserted, or we otherwise don't trust the iir, setup a timer to -- 2.20.1

1 month

3
2
0 0

[RESEND PATCH] dma-mapping: benchmark: Add padding to ensure uABI remained consistent

by Qinxin Xia

The padding field in the structure was previously reserved to maintain a stable interface for potential new fields, ensuring compatibility with user-space shared data structures. However,it was accidentally removed by tiantao in a prior commit, which may lead to incompatibility between user space and the kernel. This patch reinstates the padding to restore the original structure layout and preserve compatibility. Fixes: 8ddde07a3d28 ("dma-mapping: benchmark: extract a common header file for map_benchmark definition") Cc: stable(a)vger.kernel.org Acked-by: Barry Song <baohua(a)kernel.org> Signed-off-by: Qinxin Xia <xiaqinxin(a)huawei.com> --- include/linux/map_benchmark.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/linux/map_benchmark.h b/include/linux/map_benchmark.h index 62674c83bde4..2ac2fe52f248 100644 --- a/include/linux/map_benchmark.h +++ b/include/linux/map_benchmark.h @@ -27,5 +27,6 @@ struct map_benchmark { __u32 dma_dir; /* DMA data direction */ __u32 dma_trans_ns; /* time for DMA transmission in ns */ __u32 granule; /* how many PAGE_SIZE will do map/unmap once a time */ + __u8 expansion[76]; /* For future use */ }; #endif /* _KERNEL_DMA_BENCHMARK_H */ -- 2.33.0

1 month

1
1
0 0

RE: wifi: ath10k: avoid unnecessary wait for service ready message

by Andreas Tobler

Dear all, this commit (Upstream commit 51a73f1b2e56b0324b4a3bb8cebc4221b5be4c7) makes our WLE600 Compex wifi cards (qca988x based) unusable. Reverting the commit brings the wifi card back. This was discovered on the v6.12.53 from today. ath10k messages excerpt: -------------- Oct 15 22:00:13 klog: ath10k_pci 0000:05:00.0: pci irq msi oper_irq_mode 2 irq_mode 0 reset_mode 0 Oct 15 22:00:13 klog: ath10k_pci 0000:05:00.0: qca988x hw2.0 target 0x4100016c chip_id 0x043222ff sub 0000:0000 Oct 15 22:00:13 klog: ath10k_pci 0000:05:00.0: kconfig debug 0 debugfs 0 tracing 0 dfs 1 testmode 0 Oct 15 22:00:13 klog: ath10k_pci 0000:05:00.0: firmware ver 10.2.4-1.0-00047 api 5 features no-p2p,raw-mode,mfp,allows-mesh-bcast crc32 35bd9258 Oct 15 22:00:13 klog: ath10k_pci 0000:05:00.0: board_file api 1 bmi_id N/A crc32 bebc7c08 Oct 15 22:00:20 klog: ath10k_pci 0000:05:00.0: wmi unified ready event not received Oct 15 22:00:21 klog: ath10k_pci 0000:05:00.0: could not init core (-110) Oct 15 22:00:21 klog: ath10k_pci 0000:05:00.0: could not probe fw (-110) -------------- Beside reverting, how can we help fixing this? Thanks & regards, Andreas

1 month

2
4
0 0

[PATCH RESEND] Once cdev_device_add() failed, we should use put_device() to decrement reference count for cleanup. Or it could cause memory leak. Although operations in err_free_ida are similar to the operations in callback function fsi_slave_release(), put_device() is a correct handling operation as comments require when cdev_device_add() fails.

by Ma Ke

As comment of device_add() says, 'if device_add() succeeds, you should call device_del() when you want to get rid of it. If device_add() has not succeeded, use only put_device() to drop the reference count'. Found by code review. Cc: stable(a)vger.kernel.org Fixes: 371975b0b075 ("fsi/core: Fix error paths on CFAM init") Signed-off-by: Ma Ke <make24(a)iscas.ac.cn> --- drivers/fsi/fsi-core.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/drivers/fsi/fsi-core.c b/drivers/fsi/fsi-core.c index c6c115993ebc..444878ab9fb1 100644 --- a/drivers/fsi/fsi-core.c +++ b/drivers/fsi/fsi-core.c @@ -1084,7 +1084,8 @@ static int fsi_slave_init(struct fsi_master *master, int link, uint8_t id) rc = cdev_device_add(&slave->cdev, &slave->dev); if (rc) { dev_err(&slave->dev, "Error %d creating slave device\n", rc); - goto err_free_ida; + put_device(&slave->dev); + return rc; } /* Now that we have the cdev registered with the core, any fatal @@ -1110,8 +1111,6 @@ static int fsi_slave_init(struct fsi_master *master, int link, uint8_t id) return 0; -err_free_ida: - fsi_free_minor(slave->dev.devt); err_free: of_node_put(slave->dev.of_node); kfree(slave); -- 2.17.1

1 month

2
1
0 0

[PATCH v2] usb: gadget: udc: fix race condition in usb_del_gadget

by Jimmy Hu

A race condition during gadget teardown can lead to a use-after-free in usb_gadget_state_work(), as reported by KASAN: BUG: KASAN: invalid-access in sysfs_notify+0_x_2c/0_x_d0 Workqueue: events usb_gadget_state_work The fundamental race occurs because a concurrent event (e.g., an interrupt) can call usb_gadget_set_state() and schedule gadget->work at any time during the cleanup process in usb_del_gadget(). Commit 399a45e5237c ("usb: gadget: core: flush gadget workqueue after device removal") attempted to fix this by moving flush_work() to after device_del(). However, this does not fully solve the race, as a new work item can still be scheduled *after* flush_work() completes but before the gadget's memory is freed, leading to the same use-after-free. This patch fixes the race condition robustly by introducing a 'teardown' flag and a 'state_lock' spinlock to the usb_gadget struct. The flag is set during cleanup in usb_del_gadget() *before* calling flush_work() to prevent any new work from being scheduled once cleanup has commenced. The scheduling site, usb_gadget_set_state(), now checks this flag under the lock before queueing the work, thus safely closing the race window. Changes in v2: - Removed redundant inline comments as suggested by Alan Stern. Fixes: 5702f75375aa9 ("usb: gadget: udc-core: move sysfs_notify() to a workqueue") Signed-off-by: Jimmy Hu <hhhuuu(a)google.com> Cc: stable(a)vger.kernel.org --- drivers/usb/gadget/udc/core.c | 17 ++++++++++++++++- include/linux/usb/gadget.h | 5 +++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/drivers/usb/gadget/udc/core.c b/drivers/usb/gadget/udc/core.c index d709e24c1fd4..66d2428835da 100644 --- a/drivers/usb/gadget/udc/core.c +++ b/drivers/usb/gadget/udc/core.c @@ -1123,8 +1123,13 @@ static void usb_gadget_state_work(struct work_struct *work) void usb_gadget_set_state(struct usb_gadget *gadget, enum usb_device_state state) { + unsigned long flags; + + spin_lock_irqsave(&gadget->state_lock, flags); gadget->state = state; - schedule_work(&gadget->work); + if (!gadget->teardown) + schedule_work(&gadget->work); + spin_unlock_irqrestore(&gadget->state_lock, flags); } EXPORT_SYMBOL_GPL(usb_gadget_set_state); @@ -1357,6 +1362,8 @@ static void usb_udc_nop_release(struct device *dev) void usb_initialize_gadget(struct device *parent, struct usb_gadget *gadget, void (*release)(struct device *dev)) { + spin_lock_init(&gadget->state_lock); + gadget->teardown = false; INIT_WORK(&gadget->work, usb_gadget_state_work); gadget->dev.parent = parent; @@ -1531,6 +1538,7 @@ EXPORT_SYMBOL_GPL(usb_add_gadget_udc); void usb_del_gadget(struct usb_gadget *gadget) { struct usb_udc *udc = gadget->udc; + unsigned long flags; if (!udc) return; @@ -1544,6 +1552,13 @@ void usb_del_gadget(struct usb_gadget *gadget) kobject_uevent(&udc->dev.kobj, KOBJ_REMOVE); sysfs_remove_link(&udc->dev.kobj, "gadget"); device_del(&gadget->dev); + /* + * Set the teardown flag before flushing the work to prevent new work + * from being scheduled while we are cleaning up. + */ + spin_lock_irqsave(&gadget->state_lock, flags); + gadget->teardown = true; + spin_unlock_irqrestore(&gadget->state_lock, flags); flush_work(&gadget->work); ida_free(&gadget_id_numbers, gadget->id_number); cancel_work_sync(&udc->vbus_work); diff --git a/include/linux/usb/gadget.h b/include/linux/usb/gadget.h index 0f28c5512fcb..8b5e593f7966 100644 --- a/include/linux/usb/gadget.h +++ b/include/linux/usb/gadget.h @@ -351,6 +351,9 @@ struct usb_gadget_ops { * can handle. The UDC must support this and all slower speeds and lower * number of lanes. * @state: the state we are now (attached, suspended, configured, etc) + * @state_lock: Spinlock protecting the `state` and `teardown` members. + * @teardown: True if the device is undergoing teardown, used to prevent + * new work from being scheduled during cleanup. * @name: Identifies the controller hardware type. Used in diagnostics * and sometimes configuration. * @dev: Driver model state for this abstract device. @@ -426,6 +429,8 @@ struct usb_gadget { enum usb_ssp_rate max_ssp_rate; enum usb_device_state state; + spinlock_t state_lock; + bool teardown; const char *name; struct device dev; unsigned isoch_delay; -- 2.51.0.760.g7b8bcc2412-goog

1 month

3
2
0 0

[PATCH 6.1.y] sctp: linearize cloned gso packets in sctp_rcv

by Vasiliy Kovalev

From: Xin Long <lucien.xin(a)gmail.com> commit fd60d8a086191fe33c2d719732d2482052fa6805 upstream. A cloned head skb still shares these frag skbs in fraglist with the original head skb. It's not safe to access these frag skbs. syzbot reported two use-of-uninitialized-memory bugs caused by this: BUG: KMSAN: uninit-value in sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211 sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211 sctp_assoc_bh_rcv+0x1a7/0xc50 net/sctp/associola.c:998 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 sctp_backlog_rcv+0x397/0xdb0 net/sctp/input.c:331 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1122 __release_sock+0x1da/0x330 net/core/sock.c:3106 release_sock+0x6b/0x250 net/core/sock.c:3660 sctp_wait_for_connect+0x487/0x820 net/sctp/socket.c:9360 sctp_sendmsg_to_asoc+0x1ec1/0x1f00 net/sctp/socket.c:1885 sctp_sendmsg+0x32b9/0x4a80 net/sctp/socket.c:2031 inet_sendmsg+0x25a/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:718 [inline] and BUG: KMSAN: uninit-value in sctp_assoc_bh_rcv+0x34e/0xbc0 net/sctp/associola.c:987 sctp_assoc_bh_rcv+0x34e/0xbc0 net/sctp/associola.c:987 sctp_inq_push+0x2a3/0x350 net/sctp/inqueue.c:88 sctp_backlog_rcv+0x3c7/0xda0 net/sctp/input.c:331 sk_backlog_rcv+0x142/0x420 include/net/sock.h:1148 __release_sock+0x1d3/0x330 net/core/sock.c:3213 release_sock+0x6b/0x270 net/core/sock.c:3767 sctp_wait_for_connect+0x458/0x820 net/sctp/socket.c:9367 sctp_sendmsg_to_asoc+0x223a/0x2260 net/sctp/socket.c:1886 sctp_sendmsg+0x3910/0x49f0 net/sctp/socket.c:2032 inet_sendmsg+0x269/0x2a0 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:712 [inline] This patch fixes it by linearizing cloned gso packets in sctp_rcv(). Fixes: 90017accff61 ("sctp: Add GSO support") Reported-by: syzbot+773e51afe420baaf0e2b(a)syzkaller.appspotmail.com Reported-by: syzbot+70a42f45e76bede082be(a)syzkaller.appspotmail.com Signed-off-by: Xin Long <lucien.xin(a)gmail.com> Reviewed-by: Marcelo Ricardo Leitner <marcelo.leitner(a)gmail.com> Link: https://patch.msgid.link/dd7dc337b99876d4132d0961f776913719f7d225.175459561… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> [ kovalev: bp to fix CVE-2025-38718 ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- This patch is lost/missing, as it has already been added into stable branches less than and greater than 6.1. --- net/sctp/input.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/sctp/input.c b/net/sctp/input.c index 4ee9374dcfb9..182898cb754a 100644 --- a/net/sctp/input.c +++ b/net/sctp/input.c @@ -114,7 +114,7 @@ int sctp_rcv(struct sk_buff *skb) * it's better to just linearize it otherwise crc computing * takes longer. */ - if ((!is_gso && skb_linearize(skb)) || + if (((!is_gso || skb_cloned(skb)) && skb_linearize(skb)) || !pskb_may_pull(skb, sizeof(struct sctphdr))) goto discard_it; -- 2.50.1

1 month

1
0
0 0

[PATCH] mm/shmem: fix THP allocation size check and fallback

by Kairui Song

From: Kairui Song <kasong(a)tencent.com> There are some problems with the code implementations of THP fallback. suitable_orders could be zero, and calling highest_order on a zero value returns an overflowed size. And the order check loop is updating the index value on every loop which may cause the index to be aligned by a larger value while the loop shrinks the order. And it forgot to try order 0 after the final loop. This is usually fine because shmem_add_to_page_cache ensures the shmem mapping is still sane, but it might cause many potential issues like allocating random folios into the random position in the map or return -ENOMEM by accident. This triggered some strange userspace errors [1], and shouldn't have happened in the first place. Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/linux-mm/CAMgjq7DqgAmj25nDUwwu1U2cSGSn8n4-Hqpgotted… [1] Fixes: e7a2ab7b3bb5d ("mm: shmem: add mTHP support for anonymous shmem") Signed-off-by: Kairui Song <kasong(a)tencent.com> --- mm/shmem.c | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/mm/shmem.c b/mm/shmem.c index b50ce7dbc84a..25303711f123 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1824,6 +1824,9 @@ static unsigned long shmem_suitable_orders(struct inode *inode, struct vm_fault unsigned long pages; int order; + if (!orders) + return 0; + if (vma) { orders = thp_vma_suitable_orders(vma, vmf->address, orders); if (!orders) @@ -1888,27 +1891,28 @@ static struct folio *shmem_alloc_and_add_folio(struct vm_fault *vmf, if (!IS_ENABLED(CONFIG_TRANSPARENT_HUGEPAGE)) orders = 0; - if (orders > 0) { - suitable_orders = shmem_suitable_orders(inode, vmf, - mapping, index, orders); + suitable_orders = shmem_suitable_orders(inode, vmf, + mapping, index, orders); + if (suitable_orders) { order = highest_order(suitable_orders); - while (suitable_orders) { + do { pages = 1UL << order; - index = round_down(index, pages); - folio = shmem_alloc_folio(gfp, order, info, index); - if (folio) + folio = shmem_alloc_folio(gfp, order, info, round_down(index, pages)); + if (folio) { + index = round_down(index, pages); goto allocated; + } if (pages == HPAGE_PMD_NR) count_vm_event(THP_FILE_FALLBACK); count_mthp_stat(order, MTHP_STAT_SHMEM_FALLBACK); order = next_order(&suitable_orders, order); - } - } else { - pages = 1; - folio = shmem_alloc_folio(gfp, 0, info, index); + } while (suitable_orders); } + + pages = 1; + folio = shmem_alloc_folio(gfp, 0, info, index); if (!folio) return ERR_PTR(-ENOMEM); -- 2.51.0

1 month

2
3
0 0

[PATCH v3] mm/huge_memory: do not change split_huge_page*() target order silently.

by Zi Yan

Page cache folios from a file system that support large block size (LBS) can have minimal folio order greater than 0, thus a high order folio might not be able to be split down to order-0. Commit e220917fa507 ("mm: split a folio in minimum folio order chunks") bumps the target order of split_huge_page*() to the minimum allowed order when splitting a LBS folio. This causes confusion for some split_huge_page*() callers like memory failure handling code, since they expect after-split folios all have order-0 when split succeeds but in reality get min_order_for_split() order folios and give warnings. Fix it by failing a split if the folio cannot be split to the target order. Rename try_folio_split() to try_folio_split_to_order() to reflect the added new_order parameter. Remove its unused list parameter. Fixes: e220917fa507 ("mm: split a folio in minimum folio order chunks") [The test poisons LBS folios, which cannot be split to order-0 folios, and also tries to poison all memory. The non split LBS folios take more memory than the test anticipated, leading to OOM. The patch fixed the kernel warning and the test needs some change to avoid OOM.] Reported-by: syzbot+e6367ea2fdab6ed46056(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/68d2c943.a70a0220.1b52b.02b3.GAE@google.com/ Cc: stable(a)vger.kernel.org Signed-off-by: Zi Yan <ziy(a)nvidia.com> Reviewed-by: Luis Chamberlain <mcgrof(a)kernel.org> Reviewed-by: Pankaj Raghav <p.raghav(a)samsung.com> Reviewed-by: Wei Yang <richard.weiyang(a)gmail.com> --- From V2[1]: 1. Removed a typo in try_folio_split_to_order() comment. 2. Sent the Fixes patch separately. [1] https://lore.kernel.org/linux-mm/20251016033452.125479-1-ziy@nvidia.com/ include/linux/huge_mm.h | 55 +++++++++++++++++------------------------ mm/huge_memory.c | 9 +------ mm/truncate.c | 6 +++-- 3 files changed, 28 insertions(+), 42 deletions(-) diff --git a/include/linux/huge_mm.h b/include/linux/huge_mm.h index c4a811958cda..7698b3542c4f 100644 --- a/include/linux/huge_mm.h +++ b/include/linux/huge_mm.h @@ -383,45 +383,30 @@ static inline int split_huge_page_to_list_to_order(struct page *page, struct lis } /* - * try_folio_split - try to split a @folio at @page using non uniform split. + * try_folio_split_to_order - try to split a @folio at @page to @new_order using + * non uniform split. * @folio: folio to be split - * @page: split to order-0 at the given page - * @list: store the after-split folios + * @page: split to @new_order at the given page + * @new_order: the target split order * - * Try to split a @folio at @page using non uniform split to order-0, if - * non uniform split is not supported, fall back to uniform split. + * Try to split a @folio at @page using non uniform split to @new_order, if + * non uniform split is not supported, fall back to uniform split. After-split + * folios are put back to LRU list. Use min_order_for_split() to get the lower + * bound of @new_order. * * Return: 0: split is successful, otherwise split failed. */ -static inline int try_folio_split(struct folio *folio, struct page *page, - struct list_head *list) +static inline int try_folio_split_to_order(struct folio *folio, + struct page *page, unsigned int new_order) { - int ret = min_order_for_split(folio); - - if (ret < 0) - return ret; - - if (!non_uniform_split_supported(folio, 0, false)) - return split_huge_page_to_list_to_order(&folio->page, list, - ret); - return folio_split(folio, ret, page, list); + if (!non_uniform_split_supported(folio, new_order, /* warns= */ false)) + return split_huge_page_to_list_to_order(&folio->page, NULL, + new_order); + return folio_split(folio, new_order, page, NULL); } static inline int split_huge_page(struct page *page) { - struct folio *folio = page_folio(page); - int ret = min_order_for_split(folio); - - if (ret < 0) - return ret; - - /* - * split_huge_page() locks the page before splitting and - * expects the same page that has been split to be locked when - * returned. split_folio(page_folio(page)) cannot be used here - * because it converts the page to folio and passes the head - * page to be split. - */ - return split_huge_page_to_list_to_order(page, NULL, ret); + return split_huge_page_to_list_to_order(page, NULL, 0); } void deferred_split_folio(struct folio *folio, bool partially_mapped); #ifdef CONFIG_MEMCG @@ -611,14 +596,20 @@ static inline int split_huge_page(struct page *page) return -EINVAL; } +static inline int min_order_for_split(struct folio *folio) +{ + VM_WARN_ON_ONCE_FOLIO(1, folio); + return -EINVAL; +} + static inline int split_folio_to_list(struct folio *folio, struct list_head *list) { VM_WARN_ON_ONCE_FOLIO(1, folio); return -EINVAL; } -static inline int try_folio_split(struct folio *folio, struct page *page, - struct list_head *list) +static inline int try_folio_split_to_order(struct folio *folio, + struct page *page, unsigned int new_order) { VM_WARN_ON_ONCE_FOLIO(1, folio); return -EINVAL; diff --git a/mm/huge_memory.c b/mm/huge_memory.c index f14fbef1eefd..fc65ec3393d2 100644 --- a/mm/huge_memory.c +++ b/mm/huge_memory.c @@ -3812,8 +3812,6 @@ static int __folio_split(struct folio *folio, unsigned int new_order, min_order = mapping_min_folio_order(folio->mapping); if (new_order < min_order) { - VM_WARN_ONCE(1, "Cannot split mapped folio below min-order: %u", - min_order); ret = -EINVAL; goto out; } @@ -4165,12 +4163,7 @@ int min_order_for_split(struct folio *folio) int split_folio_to_list(struct folio *folio, struct list_head *list) { - int ret = min_order_for_split(folio); - - if (ret < 0) - return ret; - - return split_huge_page_to_list_to_order(&folio->page, list, ret); + return split_huge_page_to_list_to_order(&folio->page, list, 0); } /* diff --git a/mm/truncate.c b/mm/truncate.c index 91eb92a5ce4f..9210cf808f5c 100644 --- a/mm/truncate.c +++ b/mm/truncate.c @@ -194,6 +194,7 @@ bool truncate_inode_partial_folio(struct folio *folio, loff_t start, loff_t end) size_t size = folio_size(folio); unsigned int offset, length; struct page *split_at, *split_at2; + unsigned int min_order; if (pos < start) offset = start - pos; @@ -223,8 +224,9 @@ bool truncate_inode_partial_folio(struct folio *folio, loff_t start, loff_t end) if (!folio_test_large(folio)) return true; + min_order = mapping_min_folio_order(folio->mapping); split_at = folio_page(folio, PAGE_ALIGN_DOWN(offset) / PAGE_SIZE); - if (!try_folio_split(folio, split_at, NULL)) { + if (!try_folio_split_to_order(folio, split_at, min_order)) { /* * try to split at offset + length to make sure folios within * the range can be dropped, especially to avoid memory waste @@ -254,7 +256,7 @@ bool truncate_inode_partial_folio(struct folio *folio, loff_t start, loff_t end) */ if (folio_test_large(folio2) && folio2->mapping == folio->mapping) - try_folio_split(folio2, split_at2, NULL); + try_folio_split_to_order(folio2, split_at2, min_order); folio_unlock(folio2); out: -- 2.51.0

1 month

4
6
0 0

[PATCH v2 0/3] gpio: idio-16: Fix regmap initialization errors

by William Breathitt Gray

The migration of IDIO-16 GPIO drivers to the regmap API resulted in some regressions to the gpio-104-idio-16, gpio-pci-idio-16, and gpio-idio-16 modules. Specifically, the 104-idio-16 and pci-idio-16 GPIO drivers utilize regmap caching and thus must set max_register for their regmap_config, while gpio-idio-16 requires fixed_direction_output to represent the fixed direction of the IDIO-16 GPIO lines. Fixes for these regressions are provided by this series. Link: https://lore.kernel.org/r/cover.1680618405.git.william.gray@linaro.org Closes: https://lore.kernel.org/r/9b0375fd-235f-4ee1-a7fa-daca296ef6bf@nutanix.com Signed-off-by: William Breathitt Gray <wbg(a)kernel.org> --- Changes in v2: - Pick up Reviewed-by tags - Replace Link tags with Closes tags for fixes addressing bug reports - Link to v1: https://lore.kernel.org/r/20251017-fix-gpio-idio-16-regmap-v1-0-a7c71080f74… --- William Breathitt Gray (3): gpio: 104-idio-16: Define maximum valid register address offset gpio: pci-idio-16: Define maximum valid register address offset gpio: idio-16: Define fixed direction of the GPIO lines drivers/gpio/gpio-104-idio-16.c | 1 + drivers/gpio/gpio-idio-16.c | 5 +++++ drivers/gpio/gpio-pci-idio-16.c | 1 + 3 files changed, 7 insertions(+) --- base-commit: eba11116f39533d2e38cc5898014f2c95f32d23a change-id: 20251017-fix-gpio-idio-16-regmap-1282cdc56a19 Best regards, -- William Breathitt Gray <wbg(a)kernel.org>

1 month

4
12
0 0

LOAN OFFER

by Ms. Madelaine Alfelor

Dear sir/Ma I'm an Investment Financing Consultant working for top investment financing companies globally. By virtue of my esteemed affiliation with a Bank in Hong Kong, S. Korea, Japan and the USA, we can help you get a Credit Line which will actively give you access to Funds between $10 million to $5 billion up to a period of 5 to 10 years for 5% annual rate on the credit line in returns. I will help you process the Credit Line within a few days if interested. The Fund is available to fund any type of viable businesses, investments or projects. Let me know the exact amount you need for your projects. Get in touch if you have a viable project that requires funding. Regards Ms. Madelaine Alfelor.

1 month

1
0
0 0

Re: Patch "PM: hibernate: Add pm_hibernation_mode_is_suspend()" has been added to the 6.17-stable tree

by Pascal Ernster

[2025-10-20 10:36] gregkh linuxfoundation ! org: > This is a note to let you know that I've just added the patch titled > > PM: hibernate: Add pm_hibernation_mode_is_suspend() > > to the 6.17-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > pm-hibernate-add-pm_hibernation_mode_is_suspend.patch > and it can be found in the queue-6.17 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > From stable+bounces-187839-greg=kroah.com(a)vger.kernel.org Sat Oct 18 15:51:25 2025 > From: Sasha Levin <sashal(a)kernel.org> > Date: Sat, 18 Oct 2025 09:51:01 -0400 > Subject: PM: hibernate: Add pm_hibernation_mode_is_suspend() > To: stable(a)vger.kernel.org > Cc: "Mario Limonciello (AMD)" <superm1(a)kernel.org>, Ionut Nechita <ionut_n2001(a)yahoo.com>, Kenneth Crudup <kenny(a)panix.com>, Alex Deucher <alexander.deucher(a)amd.com>, "Rafael J. Wysocki" <rafael.j.wysocki(a)intel.com>, Sasha Levin <sashal(a)kernel.org> > Message-ID: <20251018135102.711457-1-sashal(a)kernel.org> > > From: "Mario Limonciello (AMD)" <superm1(a)kernel.org> > > [ Upstream commit 495c8d35035edb66e3284113bef01f3b1b843832 ] > > Some drivers have different flows for hibernation and suspend. If > the driver opportunistically will skip thaw() then it needs a hint > to know what is happening after the hibernate. > > Introduce a new symbol pm_hibernation_mode_is_suspend() that drivers > can call to determine if suspending the system for this purpose. > > Tested-by: Ionut Nechita <ionut_n2001(a)yahoo.com> > Tested-by: Kenneth Crudup <kenny(a)panix.com> > Acked-by: Alex Deucher <alexander.deucher(a)amd.com> > Signed-off-by: Mario Limonciello (AMD) <superm1(a)kernel.org> > Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> > Stable-dep-of: 0a6e9e098fcc ("drm/amd: Fix hybrid sleep") > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > --- > include/linux/suspend.h | 2 ++ > kernel/power/hibernate.c | 11 +++++++++++ > 2 files changed, 13 insertions(+) > > --- a/include/linux/suspend.h > +++ b/include/linux/suspend.h > @@ -276,6 +276,7 @@ extern void arch_suspend_enable_irqs(voi > > extern int pm_suspend(suspend_state_t state); > extern bool sync_on_suspend_enabled; > +bool pm_hibernation_mode_is_suspend(void); > #else /* !CONFIG_SUSPEND */ > #define suspend_valid_only_mem NULL > > @@ -288,6 +289,7 @@ static inline bool pm_suspend_via_firmwa > static inline bool pm_resume_via_firmware(void) { return false; } > static inline bool pm_suspend_no_platform(void) { return false; } > static inline bool pm_suspend_default_s2idle(void) { return false; } > +static inline bool pm_hibernation_mode_is_suspend(void) { return false; } > > static inline void suspend_set_ops(const struct platform_suspend_ops *ops) {} > static inline int pm_suspend(suspend_state_t state) { return -ENOSYS; } > --- a/kernel/power/hibernate.c > +++ b/kernel/power/hibernate.c > @@ -80,6 +80,17 @@ static const struct platform_hibernation > > static atomic_t hibernate_atomic = ATOMIC_INIT(1); > > +#ifdef CONFIG_SUSPEND > +/** > + * pm_hibernation_mode_is_suspend - Check if hibernation has been set to suspend > + */ > +bool pm_hibernation_mode_is_suspend(void) > +{ > + return hibernation_mode == HIBERNATION_SUSPEND; > +} > +EXPORT_SYMBOL_GPL(pm_hibernation_mode_is_suspend); > +#endif > + > bool hibernate_acquire(void) > { > return atomic_add_unless(&hibernate_atomic, -1, 0); > > > Patches currently in stable-queue which might be from sashal(a)kernel.org are > > queue-6.17/drm-amd-fix-hybrid-sleep.patch > queue-6.17/usb-gadget-introduce-free_usb_request-helper.patch > queue-6.17/pm-hibernate-add-pm_hibernation_mode_is_suspend.patch > queue-6.17/usb-gadget-store-endpoint-pointer-in-usb_request.patch > queue-6.17/media-nxp-imx8-isi-m2m-fix-streaming-cleanup-on-release.patch > queue-6.17/usb-gadget-f_rndis-refactor-bind-path-to-use-__free.patch Hi, I kept getting "ERROR: modpost: "pm_hibernation_mode_is_suspend" [drivers/gpu/drm/amd/amdgpu/amdgpu.ko] undefined!" when trying to build a 6.17.4 kernel with all the patches from queue-6.17 applied on top (from the stable-queue git repo at commit id 6aceec507fd0d3cefa7cac227eaf897edf09bf32). That build-time error is gone and the resulting kernel boots/runs fine on various x86_64 machines and VMs since I've removed/omitted both this patch and queue-6.17/drm-amd-fix-hybrid-sleep.patch. I'm not sure if omitting queue-6.17/drm-amd-fix-hybrid-sleep.patch would have been sufficient, but both patches are part of the same patch set anyway. Sadly, I haven't been able to figure out what about the changes actually causes the issue. My first guess was that if CONFIG_SUSPEND is not selected/enabled, then the whole pm_hibernation_mode_is_suspend() function and the corresponding export symbol would be missing. However, the kernel that I was trying to build *does* have CONFIG_SUSPEND=y in its config, so this shouldn't be the cause… Regards Pascal

1 month

3
7
0 0

[PATCH] ACPI: video: Fix use-after-free in acpi_video_bus_put_devices()

by Yuhao Jiang

The code contains a use-after-free vulnerability due to missing cancellation of delayed work during device removal. Specifically, in acpi_video_bus_remove(), the function acpi_video_bus_put_devices() is called, which frees all acpi_video_device structures without cancelling the associated delayed work (switch_brightness_work). This work is scheduled via brightness_switch_event() in response to ACPI events (e.g., brightness key presses) with a 100ms delay. If the work is pending when the device is removed, it may execute after the memory is freed, leading to use-after-free when the work function acpi_video_switch_brightness() accesses the device structure. Fix this by calling cancel_delayed_work_sync() before freeing each acpi_video_device to ensure the work is fully completed before the memory is released. Fixes: 67b662e189f46 ("ACPI / video: seperate backlight control and event interface") Cc: stable(a)vger.kernel.org Signed-off-by: Yuhao Jiang <danisjiang(a)gmail.com> --- drivers/acpi/acpi_video.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/acpi/acpi_video.c b/drivers/acpi/acpi_video.c index 103f29661576..5b80f87e078f 100644 --- a/drivers/acpi/acpi_video.c +++ b/drivers/acpi/acpi_video.c @@ -1974,6 +1974,7 @@ static int acpi_video_bus_put_devices(struct acpi_video_bus *video) mutex_lock(&video->device_list_lock); list_for_each_entry_safe(dev, next, &video->video_device_list, entry) { + cancel_delayed_work_sync(&dev->switch_brightness_work); list_del(&dev->entry); kfree(dev); } -- 2.34.1

1 month

1
0
0 0

[PATCH] ACPI: video: Fix use-after-free in acpi_video_bus_put_devices()

by Yuhao Jiang

The code contains a use-after-free vulnerability due to missing cancellation of delayed work during device removal. Specifically, in acpi_video_bus_remove(), the function acpi_video_bus_put_devices() is called, which frees all acpi_video_device structures without cancelling the associated delayed work (switch_brightness_work). This work is scheduled via brightness_switch_event() in response to ACPI events (e.g., brightness key presses) with a 100ms delay. If the work is pending when the device is removed, it may execute after the memory is freed, leading to use-after-free when the work function acpi_video_switch_brightness() accesses the device structure. Fix this by calling cancel_delayed_work_sync() before freeing each acpi_video_device to ensure the work is fully completed before the memory is released. Fixes: 67b662e189f46 ("ACPI / video: seperate backlight control and event interface") Cc: stable(a)vger.kernel.org Signed-off-by: Yuhao Jiang <danisjiang(a)gmail.com> --- drivers/acpi/acpi_video.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/acpi/acpi_video.c b/drivers/acpi/acpi_video.c index 103f29661576..5b80f87e078f 100644 --- a/drivers/acpi/acpi_video.c +++ b/drivers/acpi/acpi_video.c @@ -1974,6 +1974,7 @@ static int acpi_video_bus_put_devices(struct acpi_video_bus *video) mutex_lock(&video->device_list_lock); list_for_each_entry_safe(dev, next, &video->video_device_list, entry) { + cancel_delayed_work_sync(&dev->switch_brightness_work); list_del(&dev->entry); kfree(dev); } -- 2.34.1

1 month

1
0
0 0

[PATCH net] virtio-net: zero unused hash fields

by Jason Wang

When GSO tunnel is negotiated virtio_net_hdr_tnl_from_skb() tries to initialize the tunnel metadata but forget to zero unused rxhash fields. This may leak information to another side. Fixing this by zeroing the unused hash fields. Fixes: a2fb4bc4e2a6a ("net: implement virtio helpers to handle UDP GSO tunneling")x Cc: <stable(a)vger.kernel.org> Signed-off-by: Jason Wang <jasowang(a)redhat.com> --- include/linux/virtio_net.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/linux/virtio_net.h b/include/linux/virtio_net.h index 20e0584db1dd..4d1780848d0e 100644 --- a/include/linux/virtio_net.h +++ b/include/linux/virtio_net.h @@ -401,6 +401,10 @@ virtio_net_hdr_tnl_from_skb(const struct sk_buff *skb, if (!tnl_hdr_negotiated) return -EINVAL; + vhdr->hash_hdr.hash_value = 0; + vhdr->hash_hdr.hash_report = 0; + vhdr->hash_hdr.padding = 0; + /* Let the basic parsing deal with plain GSO features. */ skb_shinfo(skb)->gso_type &= ~tnl_gso_type; ret = virtio_net_hdr_from_skb(skb, hdr, true, false, vlan_hlen); -- 2.42.0

1 month

3
3
0 0

ORDER 8745631

by Diana Owen

Greetings, I hope this email finds you well. I am Mrs. Diana Owen contacting you from Reality Trading Group Ltd India. . As a new growing company, we are looking for reliable company of your product as seen in your website for urgent purchase order basis. Could you please give me more details and specification of your products. We also need your products catalog, MOQ, Production Lead Time and Unit price? Best Regards, Mrs. Diana Owen Purchase Manager Company: Reality Trading Group Ltd

1 month

1
0
0 0

[PATCH] scsi: aacraid: Fix DMA mapping leak in aac_send_raw_srb error paths

by Yuhao Jiang

The aac_send_raw_srb function creates DMA mappings for scatter-gather buffers but fails to unmap them in most error paths, leading to DMA mapping resource leaks. This patch fixes all error paths except -ERESTARTSYS. The -ERESTARTSYS case is a known design issue where resources cannot be safely freed (hardware may still be accessing them) but also cannot be properly tracked for later cleanup (they are local variables). Fixed paths: - copy_from_user failures during SG buffer setup - aac_hba_send/aac_fib_send errors after DMA mapping - copy_to_user failures after successful command execution Fixes: 423400e64d377 ("scsi: aacraid: Include HBA direct interface") Cc: stable(a)vger.kernel.org Signed-off-by: Yuhao Jiang <danisjiang(a)gmail.com> --- drivers/scsi/aacraid/commctrl.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/drivers/scsi/aacraid/commctrl.c b/drivers/scsi/aacraid/commctrl.c index 68240d6f27ab..e0495f278e2e 100644 --- a/drivers/scsi/aacraid/commctrl.c +++ b/drivers/scsi/aacraid/commctrl.c @@ -493,6 +493,8 @@ static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg) void __user *sg_user[HBA_MAX_SG_EMBEDDED]; void *sg_list[HBA_MAX_SG_EMBEDDED]; u32 sg_count[HBA_MAX_SG_EMBEDDED]; + dma_addr_t sg_dma_addr[HBA_MAX_SG_EMBEDDED]; + int sg_dma_last_mapped = -1; u32 sg_indx = 0; u32 byte_count = 0; u32 actual_fibsize64, actual_fibsize = 0; @@ -690,6 +692,8 @@ static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg) } addr = dma_map_single(&dev->pdev->dev, p, sg_count[i], data_dir); + sg_dma_addr[i] = addr; + sg_dma_last_mapped = i; hbacmd->sge[i].addr_hi = cpu_to_le32((u32)(addr>>32)); hbacmd->sge[i].addr_lo = cpu_to_le32( (u32)(addr & 0xffffffff)); @@ -752,6 +756,8 @@ static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg) } addr = dma_map_single(&dev->pdev->dev, p, sg_count[i], data_dir); + sg_dma_addr[i] = addr; + sg_dma_last_mapped = i; psg->sg[i].addr[0] = cpu_to_le32(addr & 0xffffffff); psg->sg[i].addr[1] = cpu_to_le32(addr>>32); @@ -808,6 +814,8 @@ static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg) } addr = dma_map_single(&dev->pdev->dev, p, sg_count[i], data_dir); + sg_dma_addr[i] = addr; + sg_dma_last_mapped = i; psg->sg[i].addr[0] = cpu_to_le32(addr & 0xffffffff); psg->sg[i].addr[1] = cpu_to_le32(addr>>32); @@ -865,6 +873,8 @@ static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg) addr = dma_map_single(&dev->pdev->dev, p, usg->sg[i].count, data_dir); + sg_dma_addr[i] = addr; + sg_dma_last_mapped = i; psg->sg[i].addr = cpu_to_le32(addr & 0xffffffff); byte_count += usg->sg[i].count; @@ -905,6 +915,8 @@ static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg) } addr = dma_map_single(&dev->pdev->dev, p, sg_count[i], data_dir); + sg_dma_addr[i] = addr; + sg_dma_last_mapped = i; psg->sg[i].addr = cpu_to_le32(addr); byte_count += sg_count[i]; @@ -986,6 +998,10 @@ static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg) cleanup: kfree(user_srbcmd); if (rcode != -ERESTARTSYS) { + for (i = 0; i <= sg_dma_last_mapped; i++) { + dma_unmap_single(&dev->pdev->dev, sg_dma_addr[i], + sg_count[i], data_dir); + } for (i = 0; i <= sg_indx; i++) kfree(sg_list[i]); aac_fib_complete(srbfib); -- 2.34.1

1 month

1
0
0 0

[PATCH 6.1.y ] drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()'

by Vasiliy Kovalev

From: Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> commit cdb637d339572398821204a1142d8d615668f1e9 upstream. The issue arises when the array 'adev->vcn.vcn_config' is accessed before checking if the index 'adev->vcn.num_vcn_inst' is within the bounds of the array. The fix involves moving the bounds check before the array access. This ensures that 'adev->vcn.num_vcn_inst' is within the bounds of the array before it is used as an index. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c:1289 amdgpu_discovery_reg_base_init() error: testing array offset 'adev->vcn.num_vcn_inst' after use. Fixes: a0ccc717c4ab ("drm/amdgpu/discovery: validate VCN and SDMA instances") Cc: Christian König <christian.koenig(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Signed-off-by: Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> Reviewed-by: Alex Deucher <alexander.deucher(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> [ kovalev: bp to fix CVE-2024-27042 ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c index d8441e273..8bc3a4bf3 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c @@ -1128,15 +1128,16 @@ static int amdgpu_discovery_reg_base_init(struct amdgpu_device *adev) * 0b10 : encode is disabled * 0b01 : decode is disabled */ - adev->vcn.vcn_config[adev->vcn.num_vcn_inst] = - ip->revision & 0xc0; - ip->revision &= ~0xc0; - if (adev->vcn.num_vcn_inst < AMDGPU_MAX_VCN_INSTANCES) + if (adev->vcn.num_vcn_inst < AMDGPU_MAX_VCN_INSTANCES) { + adev->vcn.vcn_config[adev->vcn.num_vcn_inst] = + ip->revision & 0xc0; adev->vcn.num_vcn_inst++; + } else dev_err(adev->dev, "Too many VCN instances: %d vs %d\n", adev->vcn.num_vcn_inst + 1, AMDGPU_MAX_VCN_INSTANCES); + ip->revision &= ~0xc0; } if (le16_to_cpu(ip->hw_id) == SDMA0_HWID || le16_to_cpu(ip->hw_id) == SDMA1_HWID || -- 2.50.1

1 month

1
0
0 0

【年に一度】SBIポイントで豪華賞品を交換 — 在庫がなくなり次第終了No.86212

by SBI証券

平素よりSBI証券をご利用いただき、誠にありがとうございます。SBI証券では、日頃のご愛顧に感謝を込めて、年に一度だけの「ポイント交換キャンペーン」を開催しております。お客様の現在の保有ポイントは以下のとおりです。保有ポイント28,810ポイント本キャンペーンでは、貯まったポイントを豪華賞品と交換いただけます。交換は先着順で、在庫がなくなり次第終了となります。交換は以下のページからお手続きください。ポイント交換ページhttps://www.sbisec.co.jp/member/point/交換可能賞品の一例キャンペーン終了日：2025年10月22日・Apple iPad（第9世代 Wi-Fiモデル 64GB）【限定100台／残り15台】・Dyson コードレス掃除機【限定200台／残り90台】・Apple Watch SE（GPSモデル）・BALMUDA The Toaster（バルミューダトースター）・JCBギフトカード（5,000円分）・SBIオリジナル記念グッズ（非売品）この「年に一度の特別企画」は、例年多くのお客様にご参加いただいております。人気商品の在庫はすでに残りわずかです。ご注意・本キャンペーンは年に一度のみの開催です。・在庫がなくなり次第、予告なく終了いたします。・ポイント交換後の変更・キャンセルはお受けできません。一年に一度の特別なチャンスを、ぜひお見逃しなく。この機会にポイント交換をご利用ください。 SBI証券株式会社東京都港区六本木1-6-1 泉ガーデンタワーhttps://www.sbisec.co.jp/ © 2025 SBI SECURITIES Co., Ltd.

1 month

1
0
0 0

FAILED: patch "[PATCH] fuse: fix livelock in synchronous file put from fuseblk" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 26e5c67deb2e1f42a951f022fdf5b9f7eb747b01 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101630-unvaried-protector-cae4@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 26e5c67deb2e1f42a951f022fdf5b9f7eb747b01 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" <djwong(a)kernel.org> Date: Mon, 15 Sep 2025 17:24:17 -0700 Subject: [PATCH] fuse: fix livelock in synchronous file put from fuseblk workers I observed a hang when running generic/323 against a fuseblk server. This test opens a file, initiates a lot of AIO writes to that file descriptor, and closes the file descriptor before the writes complete. Unsurprisingly, the AIO exerciser threads are mostly stuck waiting for responses from the fuseblk server: # cat /proc/372265/task/372313/stack [<0>] request_wait_answer+0x1fe/0x2a0 [fuse] [<0>] __fuse_simple_request+0xd3/0x2b0 [fuse] [<0>] fuse_do_getattr+0xfc/0x1f0 [fuse] [<0>] fuse_file_read_iter+0xbe/0x1c0 [fuse] [<0>] aio_read+0x130/0x1e0 [<0>] io_submit_one+0x542/0x860 [<0>] __x64_sys_io_submit+0x98/0x1a0 [<0>] do_syscall_64+0x37/0xf0 [<0>] entry_SYSCALL_64_after_hwframe+0x4b/0x53 But the /weird/ part is that the fuseblk server threads are waiting for responses from itself: # cat /proc/372210/task/372232/stack [<0>] request_wait_answer+0x1fe/0x2a0 [fuse] [<0>] __fuse_simple_request+0xd3/0x2b0 [fuse] [<0>] fuse_file_put+0x9a/0xd0 [fuse] [<0>] fuse_release+0x36/0x50 [fuse] [<0>] __fput+0xec/0x2b0 [<0>] task_work_run+0x55/0x90 [<0>] syscall_exit_to_user_mode+0xe9/0x100 [<0>] do_syscall_64+0x43/0xf0 [<0>] entry_SYSCALL_64_after_hwframe+0x4b/0x53 The fuseblk server is fuse2fs so there's nothing all that exciting in the server itself. So why is the fuse server calling fuse_file_put? The commit message for the fstest sheds some light on that: "By closing the file descriptor before calling io_destroy, you pretty much guarantee that the last put on the ioctx will be done in interrupt context (during I/O completion). Aha. AIO fgets a new struct file from the fd when it queues the ioctx. The completion of the FUSE_WRITE command from userspace causes the fuse server to call the AIO completion function. The completion puts the struct file, queuing a delayed fput to the fuse server task. When the fuse server task returns to userspace, it has to run the delayed fput, which in the case of a fuseblk server, it does synchronously. Sending the FUSE_RELEASE command sychronously from fuse server threads is a bad idea because a client program can initiate enough simultaneous AIOs such that all the fuse server threads end up in delayed_fput, and now there aren't any threads left to handle the queued fuse commands. Fix this by only using asynchronous fputs when closing files, and leave a comment explaining why. Cc: stable(a)vger.kernel.org # v2.6.38 Fixes: 5a18ec176c934c ("fuse: fix hang of single threaded fuseblk filesystem") Signed-off-by: Darrick J. Wong <djwong(a)kernel.org> Signed-off-by: Miklos Szeredi <mszeredi(a)redhat.com> diff --git a/fs/fuse/file.c b/fs/fuse/file.c index 54786f62a9d8..f1ef77a0be05 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c @@ -356,8 +356,14 @@ void fuse_file_release(struct inode *inode, struct fuse_file *ff, * Make the release synchronous if this is a fuseblk mount, * synchronous RELEASE is allowed (and desirable) in this case * because the server can be trusted not to screw up. + * + * Always use the asynchronous file put because the current thread + * might be the fuse server. This can happen if a process starts some + * aio and closes the fd before the aio completes. Since aio takes its + * own ref to the file, the IO completion has to drop the ref, which is + * how the fuse server can end up closing its clients' files. */ - fuse_file_put(ff, ff->fm->fc->destroy); + fuse_file_put(ff, false); } void fuse_release_common(struct file *file, bool isdir)

1 month

2
1
0 0

[PATCH net 0/5] mptcp: handle late ADD_ADDR + selftests skip

by Matthieu Baerts (NGI0)

Here are a few independent fixes related to MPTCP and its selftests: - Patch 1: correctly handle ADD_ADDR being received after the switch to 'fully-established'. A fix for another recent fix backported up to v5.14. - Patches 2-5: properly mark some MPTCP Join subtests as 'skipped' if the tested kernel doesn't support the feature being validated. Some fixes for up to v5.13, v5.18, v6.11 and v6.18-rc1 respectively. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Matthieu Baerts (NGI0) (5): mptcp: pm: in-kernel: C-flag: handle late ADD_ADDR selftests: mptcp: join: mark 'flush re-add' as skipped if not supported selftests: mptcp: join: mark implicit tests as skipped if not supported selftests: mptcp: join: mark 'delete re-add signal' as skipped if not supported selftests: mptcp: join: mark laminar tests as skipped if not supported net/mptcp/pm_kernel.c | 6 ++++++ tools/testing/selftests/net/mptcp/mptcp_join.sh | 18 +++++++++--------- 2 files changed, 15 insertions(+), 9 deletions(-) --- base-commit: ffff5c8fc2af2218a3332b3d5b97654599d50cde change-id: 20251020-net-mptcp-c-flag-late-add-addr-1d954e7b63d2 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

1 month

2
5
0 0

[REGRESSION] Secureboot violation for linux enrolled by-hash into db v6.17.4 and v6.18-rc1

by Dimitri John Ledkov

If one enrolls linux kernel by-hash into db (for example using virt-fw-vars), the secureboot fails with security violation as EDK2 computation of authenticode for the linux binary doesn't match the enrolled hash. This is reproducible in AWS VMs, as well as locally with EDK2 builds with secureboot. Not affected v6.17 Not affected v6.17.3 Affected v6.17.4 Affected v6.18-rc1 Affected v6.18-rc2 Suspected patches are: $ git log --oneline v6.17.3..v6.17.4 -- scripts/ 8e5e13c8df9e6 kbuild: Add '.rel.*' strip pattern for vmlinux 7b80f81ae3190 kbuild: Restore pattern to avoid stripping .rela.dyn from vmlinux 5b5cdb1fe434e kbuild: keep .modinfo section in vmlinux.unstripped 86f364ee58420 kbuild: always create intermediate vmlinux.unstripped Reverting all of the above, makes secureboot with by-hash enrolled into db work again. I will try to bisect this further to determine the culprit. It feels like the strip potentially didn't update section offsets or their numbers or something like that. -- Regards, Dimitri.

1 month

3
2
0 0

[merged mm-hotfixes-stable] mm-damon-core-use-damos_commit_quota_goal-for-new-goal-commit.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm/damon/core: use damos_commit_quota_goal() for new goal commit has been removed from the -mm tree. Its filename was mm-damon-core-use-damos_commit_quota_goal-for-new-goal-commit.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: SeongJae Park <sj(a)kernel.org> Subject: mm/damon/core: use damos_commit_quota_goal() for new goal commit Date: Mon, 13 Oct 2025 17:18:44 -0700 When damos_commit_quota_goals() is called for adding new DAMOS quota goals of DAMOS_QUOTA_USER_INPUT metric, current_value fields of the new goals should be also set as requested. However, damos_commit_quota_goals() is not updating the field for the case, since it is setting only metrics and target values using damos_new_quota_goal(), and metric-optional union fields using damos_commit_quota_goal_union(). As a result, users could see the first current_value parameter that committed online with a new quota goal is ignored. Users are assumed to commit the current_value for DAMOS_QUOTA_USER_INPUT quota goals, since it is being used as a feedback. Hence the real impact would be subtle. That said, this is obviously not intended behavior. Fix the issue by using damos_commit_quota_goal() which sets all quota goal parameters, instead of damos_commit_quota_goal_union(), which sets only the union fields. Link: https://lkml.kernel.org/r/20251014001846.279282-1-sj@kernel.org Fixes: 1aef9df0ee90 ("mm/damon/core: commit damos_quota_goal->nid") Signed-off-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> [6.16+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/damon/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/damon/core.c~mm-damon-core-use-damos_commit_quota_goal-for-new-goal-commit +++ a/mm/damon/core.c @@ -835,7 +835,7 @@ int damos_commit_quota_goals(struct damo src_goal->metric, src_goal->target_value); if (!new_goal) return -ENOMEM; - damos_commit_quota_goal_union(new_goal, src_goal); + damos_commit_quota_goal(new_goal, src_goal); damos_add_quota_goal(dst, new_goal); } return 0; _ Patches currently in -mm which might be from sj(a)kernel.org are mm-zswap-remove-unnecessary-dlen-writes-for-incompressible-pages.patch mm-zswap-fix-typos-s-zwap-zswap.patch mm-zswap-s-red-black-tree-xarray.patch docs-admin-guide-mm-zswap-s-red-black-tree-xarray.patch mm-damon-document-damos_quota_goal-nid-use-case.patch mm-damon-add-damos-quota-goal-type-for-per-memcg-per-node-memory-usage.patch mm-damon-core-implement-damos_quota_node_memcg_used_bp.patch mm-damon-sysfs-schemes-implement-path-file-under-quota-goal-directory.patch mm-damon-sysfs-schemes-support-damos_quota_node_memcg_used_bp.patch mm-damon-core-add-damos-quota-gaol-metric-for-per-memcg-per-numa-free-memory.patch mm-damon-sysfs-schemes-support-damos_quota_node_memcg_free_bp.patch docs-mm-damon-design-document-damos_quota_node_memcg_usedfree_bp.patch docs-admin-guide-mm-damon-usage-document-damos-quota-goal-path-file.patch docs-abi-damon-document-damos-quota-goal-path-file.patch

1 month

1
0
0 0

[merged mm-hotfixes-stable] mm-damon-core-fix-potential-memory-leak-by-cleaning-ops_filter-in-damon_destroy_scheme.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm/damon/core: fix potential memory leak by cleaning ops_filter in damon_destroy_scheme has been removed from the -mm tree. Its filename was mm-damon-core-fix-potential-memory-leak-by-cleaning-ops_filter-in-damon_destroy_scheme.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Enze Li <lienze(a)kylinos.cn> Subject: mm/damon/core: fix potential memory leak by cleaning ops_filter in damon_destroy_scheme Date: Tue, 14 Oct 2025 16:42:25 +0800 Currently, damon_destroy_scheme() only cleans up the filter list but leaves ops_filter untouched, which could lead to memory leaks when a scheme is destroyed. This patch ensures both filter and ops_filter are properly freed in damon_destroy_scheme(), preventing potential memory leaks. Link: https://lkml.kernel.org/r/20251014084225.313313-1-lienze@kylinos.cn Fixes: ab82e57981d0 ("mm/damon/core: introduce damos->ops_filters") Signed-off-by: Enze Li <lienze(a)kylinos.cn> Reviewed-by: SeongJae Park <sj(a)kernel.org> Tested-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/damon/core.c | 3 +++ 1 file changed, 3 insertions(+) --- a/mm/damon/core.c~mm-damon-core-fix-potential-memory-leak-by-cleaning-ops_filter-in-damon_destroy_scheme +++ a/mm/damon/core.c @@ -452,6 +452,9 @@ void damon_destroy_scheme(struct damos * damos_for_each_filter_safe(f, next, s) damos_destroy_filter(f); + damos_for_each_ops_filter_safe(f, next, s) + damos_destroy_filter(f); + kfree(s->migrate_dests.node_id_arr); kfree(s->migrate_dests.weight_arr); damon_del_scheme(s); _ Patches currently in -mm which might be from lienze(a)kylinos.cn are

1 month

1
0
0 0

[merged mm-hotfixes-stable] vmw_balloon-indicate-success-when-effectively-deflating-during-migration.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: vmw_balloon: indicate success when effectively deflating during migration has been removed from the -mm tree. Its filename was vmw_balloon-indicate-success-when-effectively-deflating-during-migration.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: David Hildenbrand <david(a)redhat.com> Subject: vmw_balloon: indicate success when effectively deflating during migration Date: Tue, 14 Oct 2025 14:44:55 +0200 When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively deflated the old page, reducing the balloon size. In that case, the migration actually worked: similar to migrating+ immediately deflating the new page. The old page will be freed back to the buddy. Right now, the core will leave the page be marked as isolated (as we returned an error). When later trying to putback that page, we will run into the WARN_ON_ONCE() in balloon_page_putback(). That handling was changed in commit 3544c4faccb8 ("mm/balloon_compaction: stop using __ClearPageMovable()"); before that change, we would have tolerated that way of handling it. To fix it, let's just return 0 in that case, making the core effectively just clear the "isolated" flag + freeing it back to the buddy as if the migration succeeded. Note that the new page will also get freed when the core puts the last reference. Note that this also makes it all be more consistent: we will no longer unisolate the page in the balloon driver while keeping it marked as being isolated in migration core. This was found by code inspection. Link: https://lkml.kernel.org/r/20251014124455.478345-1-david@redhat.com Fixes: 3544c4faccb8 ("mm/balloon_compaction: stop using __ClearPageMovable()") Signed-off-by: David Hildenbrand <david(a)redhat.com> Cc: Jerrin Shaji George <jerrin.shaji-george(a)broadcom.com> Cc: Broadcom internal kernel review list <bcm-kernel-feedback-list(a)broadcom.com> Cc: Arnd Bergmann <arnd(a)arndb.de> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- drivers/misc/vmw_balloon.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) --- a/drivers/misc/vmw_balloon.c~vmw_balloon-indicate-success-when-effectively-deflating-during-migration +++ a/drivers/misc/vmw_balloon.c @@ -1737,7 +1737,7 @@ static int vmballoon_migratepage(struct { unsigned long status, flags; struct vmballoon *b; - int ret; + int ret = 0; b = container_of(b_dev_info, struct vmballoon, b_dev_info); @@ -1796,17 +1796,15 @@ static int vmballoon_migratepage(struct * A failure happened. While we can deflate the page we just * inflated, this deflation can also encounter an error. Instead * we will decrease the size of the balloon to reflect the - * change and report failure. + * change. */ atomic64_dec(&b->size); - ret = -EBUSY; } else { /* * Success. Take a reference for the page, and we will add it to * the list after acquiring the lock. */ get_page(newpage); - ret = 0; } /* Update the balloon list under the @pages_lock */ @@ -1817,7 +1815,7 @@ static int vmballoon_migratepage(struct * If we succeed just insert it to the list and update the statistics * under the lock. */ - if (!ret) { + if (status == VMW_BALLOON_SUCCESS) { balloon_page_insert(&b->b_dev_info, newpage); __count_vm_event(BALLOON_MIGRATE); } _ Patches currently in -mm which might be from david(a)redhat.com are

1 month

1
0
0 0

[merged mm-hotfixes-stable] mm-damon-core-fix-list_add_tail-call-on-damon_call.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm/damon/core: fix list_add_tail() call on damon_call() has been removed from the -mm tree. Its filename was mm-damon-core-fix-list_add_tail-call-on-damon_call.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: SeongJae Park <sj(a)kernel.org> Subject: mm/damon/core: fix list_add_tail() call on damon_call() Date: Tue, 14 Oct 2025 13:59:36 -0700 Each damon_ctx maintains callback requests using a linked list (damon_ctx->call_controls). When a new callback request is received via damon_call(), the new request should be added to the list. However, the function is making a mistake at list_add_tail() invocation: putting the new item to add and the list head to add it before, in the opposite order. Because of the linked list manipulation implementation, the new request can still be reached from the context's list head. But the list items that were added before the new request are dropped from the list. As a result, the callbacks are unexpectedly not invocated. Worse yet, if the dropped callback requests were dynamically allocated, the memory is leaked. Actually DAMON sysfs interface is using a dynamically allocated repeat-mode callback request for automatic essential stats update. And because the online DAMON parameters commit is using a non-repeat-mode callback request, the issue can easily be reproduced, like below. # damo start --damos_action stat --refresh_stat 1s # damo tune --damos_action stat --refresh_stat 1s The first command dynamically allocates the repeat-mode callback request for automatic essential stat update. Users can see the essential stats are automatically updated for every second, using the sysfs interface. The second command calls damon_commit() with a new callback request that was made for the commit. As a result, the previously added repeat-mode callback request is dropped from the list. The automatic stats refresh stops working, and the memory for the repeat-mode callback request is leaked. It can be confirmed using kmemleak. Fix the mistake on the list_add_tail() call. Link: https://lkml.kernel.org/r/20251014205939.1206-1-sj@kernel.org Fixes: 004ded6bee11 ("mm/damon: accept parallel damon_call() requests") Signed-off-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> [6.17+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/damon/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/damon/core.c~mm-damon-core-fix-list_add_tail-call-on-damon_call +++ a/mm/damon/core.c @@ -1450,7 +1450,7 @@ int damon_call(struct damon_ctx *ctx, st INIT_LIST_HEAD(&control->list); mutex_lock(&ctx->call_controls_lock); - list_add_tail(&ctx->call_controls, &control->list); + list_add_tail(&control->list, &ctx->call_controls); mutex_unlock(&ctx->call_controls_lock); if (!damon_is_running(ctx)) return -EINVAL; _ Patches currently in -mm which might be from sj(a)kernel.org are mm-zswap-remove-unnecessary-dlen-writes-for-incompressible-pages.patch mm-zswap-fix-typos-s-zwap-zswap.patch mm-zswap-s-red-black-tree-xarray.patch docs-admin-guide-mm-zswap-s-red-black-tree-xarray.patch mm-damon-document-damos_quota_goal-nid-use-case.patch mm-damon-add-damos-quota-goal-type-for-per-memcg-per-node-memory-usage.patch mm-damon-core-implement-damos_quota_node_memcg_used_bp.patch mm-damon-sysfs-schemes-implement-path-file-under-quota-goal-directory.patch mm-damon-sysfs-schemes-support-damos_quota_node_memcg_used_bp.patch mm-damon-core-add-damos-quota-gaol-metric-for-per-memcg-per-numa-free-memory.patch mm-damon-sysfs-schemes-support-damos_quota_node_memcg_free_bp.patch docs-mm-damon-design-document-damos_quota_node_memcg_usedfree_bp.patch docs-admin-guide-mm-damon-usage-document-damos-quota-goal-path-file.patch docs-abi-damon-document-damos-quota-goal-path-file.patch

1 month

1
0
0 0

[merged mm-hotfixes-stable] mm-mremap-correctly-account-old-mapping-after-mremap_dontunmap-remap.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm/mremap: correctly account old mapping after MREMAP_DONTUNMAP remap has been removed from the -mm tree. Its filename was mm-mremap-correctly-account-old-mapping-after-mremap_dontunmap-remap.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Subject: mm/mremap: correctly account old mapping after MREMAP_DONTUNMAP remap Date: Mon, 13 Oct 2025 17:58:36 +0100 Commit b714ccb02a76 ("mm/mremap: complete refactor of move_vma()") mistakenly introduced a new behaviour - clearing the VM_ACCOUNT flag of the old mapping when a mapping is mremap()'d with the MREMAP_DONTUNMAP flag set. While we always clear the VM_LOCKED and VM_LOCKONFAULT flags for the old mapping (the page tables have been moved, so there is no data that could possibly be locked in memory), there is no reason to touch any other VMA flags. This is because after the move the old mapping is in a state as if it were freshly mapped. This implies that the attributes of the mapping ought to remain the same, including whether or not the mapping is accounted. Link: https://lkml.kernel.org/r/20251013165836.273113-1-lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Fixes: b714ccb02a76 ("mm/mremap: complete refactor of move_vma()") Reviewed-by: Pedro Falcato <pfalcato(a)suse.de> Cc: Jann Horn <jannh(a)google.com> Cc: Liam Howlett <liam.howlett(a)oracle.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/mremap.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) --- a/mm/mremap.c~mm-mremap-correctly-account-old-mapping-after-mremap_dontunmap-remap +++ a/mm/mremap.c @@ -1237,10 +1237,10 @@ static int copy_vma_and_data(struct vma_ } /* - * Perform final tasks for MADV_DONTUNMAP operation, clearing mlock() and - * account flags on remaining VMA by convention (it cannot be mlock()'d any - * longer, as pages in range are no longer mapped), and removing anon_vma_chain - * links from it (if the entire VMA was copied over). + * Perform final tasks for MADV_DONTUNMAP operation, clearing mlock() flag on + * remaining VMA by convention (it cannot be mlock()'d any longer, as pages in + * range are no longer mapped), and removing anon_vma_chain links from it if the + * entire VMA was copied over. */ static void dontunmap_complete(struct vma_remap_struct *vrm, struct vm_area_struct *new_vma) @@ -1250,11 +1250,8 @@ static void dontunmap_complete(struct vm unsigned long old_start = vrm->vma->vm_start; unsigned long old_end = vrm->vma->vm_end; - /* - * We always clear VM_LOCKED[ONFAULT] | VM_ACCOUNT on the old - * vma. - */ - vm_flags_clear(vrm->vma, VM_LOCKED_MASK | VM_ACCOUNT); + /* We always clear VM_LOCKED[ONFAULT] on the old VMA. */ + vm_flags_clear(vrm->vma, VM_LOCKED_MASK); /* * anon_vma links of the old vma is no longer needed after its page _ Patches currently in -mm which might be from lorenzo.stoakes(a)oracle.com are mm-shmem-update-shmem-to-use-mmap_prepare.patch device-dax-update-devdax-to-use-mmap_prepare.patch mm-vma-remove-unused-function-make-internal-functions-static.patch mm-add-vma_desc_size-vma_desc_pages-helpers.patch relay-update-relay-to-use-mmap_prepare.patch mm-vma-rename-__mmap_prepare-function-to-avoid-confusion.patch mm-add-remap_pfn_range_prepare-remap_pfn_range_complete.patch mm-abstract-io_remap_pfn_range-based-on-pfn.patch mm-introduce-io_remap_pfn_range_.patch mm-add-ability-to-take-further-action-in-vm_area_desc.patch doc-update-porting-vfs-documentation-for-mmap_prepare-actions.patch mm-hugetlbfs-update-hugetlbfs-to-use-mmap_prepare.patch mm-add-shmem_zero_setup_desc.patch mm-update-mem-char-driver-to-use-mmap_prepare.patch mm-update-resctl-to-use-mmap_prepare.patch

1 month

1
0
0 0

[PATCH] usb: raw-gadget: do not limit transfer length

by andrey.konovalov＠linux.dev

From: Andrey Konovalov <andreyknvl(a)gmail.com> Drop the check on the maximum transfer length in Raw Gadget for both control and non-control transfers. Limiting the transfer length causes a problem with emulating USB devices whose full configuration descriptor exceeds PAGE_SIZE in length. Overall, there does not appear to be any reason to enforce any kind of transfer length limit on the Raw Gadget side for either control or non-control transfers, so let's just drop the related check. Cc: stable(a)vger.kernel.org Fixes: f2c2e717642c ("usb: gadget: add raw-gadget interface") Signed-off-by: Andrey Konovalov <andreyknvl(a)gmail.com> --- drivers/usb/gadget/legacy/raw_gadget.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/drivers/usb/gadget/legacy/raw_gadget.c b/drivers/usb/gadget/legacy/raw_gadget.c index 20165e1582d9..b71680c58de6 100644 --- a/drivers/usb/gadget/legacy/raw_gadget.c +++ b/drivers/usb/gadget/legacy/raw_gadget.c @@ -667,8 +667,6 @@ static void *raw_alloc_io_data(struct usb_raw_ep_io *io, void __user *ptr, return ERR_PTR(-EINVAL); if (!usb_raw_io_flags_valid(io->flags)) return ERR_PTR(-EINVAL); - if (io->length > PAGE_SIZE) - return ERR_PTR(-EINVAL); if (get_from_user) data = memdup_user(ptr + sizeof(*io), io->length); else { -- 2.43.0

1 month

3
4
0 0

[PATCH RESEND] usb: raw-gadget: do not limit transfer length

by andrey.konovalov＠linux.dev

From: Andrey Konovalov <andreyknvl(a)gmail.com> Drop the check on the maximum transfer length in Raw Gadget for both control and non-control transfers. Limiting the transfer length causes a problem with emulating USB devices whose full configuration descriptor exceeds PAGE_SIZE in length. Overall, there does not appear to be any reason to enforce any kind of transfer length limit on the Raw Gadget side for either control or non-control transfers, so let's just drop the related check. Cc: stable(a)vger.kernel.org Fixes: f2c2e717642c ("usb: gadget: add raw-gadget interface") Signed-off-by: Andrey Konovalov <andreyknvl(a)gmail.com> --- drivers/usb/gadget/legacy/raw_gadget.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/drivers/usb/gadget/legacy/raw_gadget.c b/drivers/usb/gadget/legacy/raw_gadget.c index 20165e1582d9..b71680c58de6 100644 --- a/drivers/usb/gadget/legacy/raw_gadget.c +++ b/drivers/usb/gadget/legacy/raw_gadget.c @@ -667,8 +667,6 @@ static void *raw_alloc_io_data(struct usb_raw_ep_io *io, void __user *ptr, return ERR_PTR(-EINVAL); if (!usb_raw_io_flags_valid(io->flags)) return ERR_PTR(-EINVAL); - if (io->length > PAGE_SIZE) - return ERR_PTR(-EINVAL); if (get_from_user) data = memdup_user(ptr + sizeof(*io), io->length); else { -- 2.43.0

1 month

1
0
0 0

[PATCH 0/2] fuse: Fix possible memleak at startup with immediate teardown

by Bernd Schubert

Do not merge yet, the current series has not been tested yet. The race is only easily reproducible with additional patches that pin pages during FUSE_IO_URING_CMD_REGISTER - slows it down and then xfstest's generic/001 triggers it reliably. However, I need to update these pin patches for linux master. Signed-off-by: Bernd Schubert <bschubert(a)ddn.com> --- Bernd Schubert (1): fuse: Move ring queues_refs decrement Jian Huang Li (1): fs/fuse: fix potential memory leak from fuse_uring_cancel fs/fuse/dev_uring.c | 33 ++++++++++++++------------------- 1 file changed, 14 insertions(+), 19 deletions(-) --- base-commit: 6548d364a3e850326831799d7e3ea2d7bb97ba08 change-id: 20251021-io-uring-fixes-cancel-mem-leak-820642677c37 Best regards, -- Bernd Schubert <bschubert(a)ddn.com>

1 month

1
1
0 0

+ mm-shmem-fix-thp-allocation-size-check-and-fallback.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/shmem: fix THP allocation size check and fallback has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-shmem-fix-thp-allocation-size-check-and-fallback.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Kairui Song <kasong(a)tencent.com> Subject: mm/shmem: fix THP allocation size check and fallback Date: Wed, 22 Oct 2025 03:04:36 +0800 There are some problems with the code implementations of THP fallback. suitable_orders could be zero, and calling highest_order on a zero value returns an overflowed size. And the order check loop is updating the index value on every loop which may cause the index to be aligned by a larger value while the loop shrinks the order. And it forgot to try order 0 after the final loop. This is usually fine because shmem_add_to_page_cache ensures the shmem mapping is still sane, but it might cause many potential issues like allocating random folios into the random position in the map or return -ENOMEM by accident. This triggered some strange userspace errors [1], and shouldn't have happened in the first place. Link: https://lkml.kernel.org/r/20251021190436.81682-1-ryncsn@gmail.com Link: https://lore.kernel.org/linux-mm/CAMgjq7DqgAmj25nDUwwu1U2cSGSn8n4-Hqpgotted… [1] Fixes: e7a2ab7b3bb5d ("mm: shmem: add mTHP support for anonymous shmem") Signed-off-by: Kairui Song <kasong(a)tencent.com> Cc: Baolin Wang <baolin.wang(a)linux.alibaba.com> Cc: Barry Song <baohua(a)kernel.org> Cc: David Hildenbrand <david(a)redhat.com> Cc: Dev Jain <dev.jain(a)arm.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Liam Howlett <liam.howlett(a)oracle.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Nico Pache <npache(a)redhat.com> Cc: Ryan Roberts <ryan.roberts(a)arm.com> Cc: Zi Yan <ziy(a)nvidia.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/shmem.c | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) --- a/mm/shmem.c~mm-shmem-fix-thp-allocation-size-check-and-fallback +++ a/mm/shmem.c @@ -1824,6 +1824,9 @@ static unsigned long shmem_suitable_orde unsigned long pages; int order; + if (!orders) + return 0; + if (vma) { orders = thp_vma_suitable_orders(vma, vmf->address, orders); if (!orders) @@ -1888,27 +1891,28 @@ static struct folio *shmem_alloc_and_add if (!IS_ENABLED(CONFIG_TRANSPARENT_HUGEPAGE)) orders = 0; - if (orders > 0) { - suitable_orders = shmem_suitable_orders(inode, vmf, - mapping, index, orders); + suitable_orders = shmem_suitable_orders(inode, vmf, + mapping, index, orders); + if (suitable_orders) { order = highest_order(suitable_orders); - while (suitable_orders) { + do { pages = 1UL << order; - index = round_down(index, pages); - folio = shmem_alloc_folio(gfp, order, info, index); - if (folio) + folio = shmem_alloc_folio(gfp, order, info, round_down(index, pages)); + if (folio) { + index = round_down(index, pages); goto allocated; + } if (pages == HPAGE_PMD_NR) count_vm_event(THP_FILE_FALLBACK); count_mthp_stat(order, MTHP_STAT_SHMEM_FALLBACK); order = next_order(&suitable_orders, order); - } - } else { - pages = 1; - folio = shmem_alloc_folio(gfp, 0, info, index); + } while (suitable_orders); } + + pages = 1; + folio = shmem_alloc_folio(gfp, 0, info, index); if (!folio) return ERR_PTR(-ENOMEM); _ Patches currently in -mm which might be from kasong(a)tencent.com are mm-shmem-fix-thp-allocation-size-check-and-fallback.patch

1 month

1
0
0 0

[PATCH 5.10/5.15] srcu: Tighten cleanup_srcu_struct() GP checks

by Vasiliy Kovalev

From: "Paul E. McKenney" <paulmck(a)kernel.org> commit 8ed00760203d8018bee042fbfe8e076579be2c2b upstream. Currently, cleanup_srcu_struct() checks for a grace period in progress, but it does not check for a grace period that has not yet started but which might start at any time. Such a situation could result in a use-after-free bug, so this commit adds a check for a grace period that is needed but not yet started to cleanup_srcu_struct(). Fixes: da915ad5cf25 ("srcu: Parallelize callback handling") Signed-off-by: Paul E. McKenney <paulmck(a)kernel.org> [ kovalev: backport to fix CVE-2022-49651; added Fixes tag for commit da915ad5cf25 that introduced the srcu_gp_seq_needed field and the race condition between grace period requests and cleanup ] Signed-off-by: Vasiliy Kovalev <kovalev(a)altlinux.org> --- kernel/rcu/srcutree.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/kernel/rcu/srcutree.c b/kernel/rcu/srcutree.c index b8821665c435..5d89d941280f 100644 --- a/kernel/rcu/srcutree.c +++ b/kernel/rcu/srcutree.c @@ -388,9 +388,11 @@ void cleanup_srcu_struct(struct srcu_struct *ssp) return; /* Forgot srcu_barrier(), so just leak it! */ } if (WARN_ON(rcu_seq_state(READ_ONCE(ssp->srcu_gp_seq)) != SRCU_STATE_IDLE) || + WARN_ON(rcu_seq_current(&ssp->srcu_gp_seq) != ssp->srcu_gp_seq_needed) || WARN_ON(srcu_readers_active(ssp))) { - pr_info("%s: Active srcu_struct %p state: %d\n", - __func__, ssp, rcu_seq_state(READ_ONCE(ssp->srcu_gp_seq))); + pr_info("%s: Active srcu_struct %p read state: %d gp state: %lu/%lu\n", + __func__, ssp, rcu_seq_state(READ_ONCE(ssp->srcu_gp_seq)), + rcu_seq_current(&ssp->srcu_gp_seq), ssp->srcu_gp_seq_needed); return; /* Caller forgot to stop doing call_srcu()? */ } free_percpu(ssp->sda); -- 2.50.1

1 month

1
0
0 0

[PATCH v1 0/3] PCI fixes for s390

by Farhan Ali

Hi, I came across some issues in PCI code for s390 while working on VFIO error recovery for s390 PCI devices [1]. These patches can be indepedently applied and has no depedency on error recovery patch series. We would like to get these patches merged as they do fix some existing issues. [1] https://lore.kernel.org/all/20250924171628.826-1-alifm@linux.ibm.com/ Thanks Farhan Farhan Ali (3): PCI: Allow per function PCI slots s390/pci: Add architecture specific resource/bus address translation s390/pci: Restore IRQ unconditionally for the zPCI device arch/s390/include/asm/pci.h | 1 - arch/s390/pci/pci.c | 74 ++++++++++++++++++++++++++++++ arch/s390/pci/pci_irq.c | 9 +--- drivers/pci/host-bridge.c | 4 +- drivers/pci/hotplug/s390_pci_hpc.c | 10 +++- drivers/pci/pci.c | 5 +- drivers/pci/slot.c | 14 ++++-- include/linux/pci.h | 1 + 8 files changed, 100 insertions(+), 18 deletions(-) -- 2.43.0

1 month

4
8
0 0

[PATCH] drm/amd: Add missing return for VPE idle handler

by Mario Limonciello

Adjusting the idle handler for DPM0 handling forgot a return statement which causes the system to not be able to enter s0i3. Add the missing return statement. Cc: stable(a)vger.kernel.org Reported-by: Sultan Alsawaf <sultan(a)kerneltoast.com> Closes: https://lore.kernel.org/amd-gfx/aPawCXBY9eM8oZvG@sultan-box/ Signed-off-by: Mario Limonciello <mario.limonciello(a)amd.com> --- drivers/gpu/drm/amd/amdgpu/amdgpu_vpe.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_vpe.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_vpe.c index f4932339d79d..aa78c2ee9e21 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_vpe.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_vpe.c @@ -356,6 +356,7 @@ static void vpe_idle_work_handler(struct work_struct *work) goto reschedule; amdgpu_device_ip_set_powergating_state(adev, AMD_IP_BLOCK_TYPE_VPE, AMD_PG_STATE_GATE); + return; reschedule: schedule_delayed_work(&adev->vpe.idle_work, VPE_IDLE_TIMEOUT); -- 2.49.0

1 month

3
5
0 0

FAILED: patch "[PATCH] fuse: fix livelock in synchronous file put from fuseblk" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 26e5c67deb2e1f42a951f022fdf5b9f7eb747b01 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101627-calzone-emperor-7442@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 26e5c67deb2e1f42a951f022fdf5b9f7eb747b01 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" <djwong(a)kernel.org> Date: Mon, 15 Sep 2025 17:24:17 -0700 Subject: [PATCH] fuse: fix livelock in synchronous file put from fuseblk workers I observed a hang when running generic/323 against a fuseblk server. This test opens a file, initiates a lot of AIO writes to that file descriptor, and closes the file descriptor before the writes complete. Unsurprisingly, the AIO exerciser threads are mostly stuck waiting for responses from the fuseblk server: # cat /proc/372265/task/372313/stack [<0>] request_wait_answer+0x1fe/0x2a0 [fuse] [<0>] __fuse_simple_request+0xd3/0x2b0 [fuse] [<0>] fuse_do_getattr+0xfc/0x1f0 [fuse] [<0>] fuse_file_read_iter+0xbe/0x1c0 [fuse] [<0>] aio_read+0x130/0x1e0 [<0>] io_submit_one+0x542/0x860 [<0>] __x64_sys_io_submit+0x98/0x1a0 [<0>] do_syscall_64+0x37/0xf0 [<0>] entry_SYSCALL_64_after_hwframe+0x4b/0x53 But the /weird/ part is that the fuseblk server threads are waiting for responses from itself: # cat /proc/372210/task/372232/stack [<0>] request_wait_answer+0x1fe/0x2a0 [fuse] [<0>] __fuse_simple_request+0xd3/0x2b0 [fuse] [<0>] fuse_file_put+0x9a/0xd0 [fuse] [<0>] fuse_release+0x36/0x50 [fuse] [<0>] __fput+0xec/0x2b0 [<0>] task_work_run+0x55/0x90 [<0>] syscall_exit_to_user_mode+0xe9/0x100 [<0>] do_syscall_64+0x43/0xf0 [<0>] entry_SYSCALL_64_after_hwframe+0x4b/0x53 The fuseblk server is fuse2fs so there's nothing all that exciting in the server itself. So why is the fuse server calling fuse_file_put? The commit message for the fstest sheds some light on that: "By closing the file descriptor before calling io_destroy, you pretty much guarantee that the last put on the ioctx will be done in interrupt context (during I/O completion). Aha. AIO fgets a new struct file from the fd when it queues the ioctx. The completion of the FUSE_WRITE command from userspace causes the fuse server to call the AIO completion function. The completion puts the struct file, queuing a delayed fput to the fuse server task. When the fuse server task returns to userspace, it has to run the delayed fput, which in the case of a fuseblk server, it does synchronously. Sending the FUSE_RELEASE command sychronously from fuse server threads is a bad idea because a client program can initiate enough simultaneous AIOs such that all the fuse server threads end up in delayed_fput, and now there aren't any threads left to handle the queued fuse commands. Fix this by only using asynchronous fputs when closing files, and leave a comment explaining why. Cc: stable(a)vger.kernel.org # v2.6.38 Fixes: 5a18ec176c934c ("fuse: fix hang of single threaded fuseblk filesystem") Signed-off-by: Darrick J. Wong <djwong(a)kernel.org> Signed-off-by: Miklos Szeredi <mszeredi(a)redhat.com> diff --git a/fs/fuse/file.c b/fs/fuse/file.c index 54786f62a9d8..f1ef77a0be05 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c @@ -356,8 +356,14 @@ void fuse_file_release(struct inode *inode, struct fuse_file *ff, * Make the release synchronous if this is a fuseblk mount, * synchronous RELEASE is allowed (and desirable) in this case * because the server can be trusted not to screw up. + * + * Always use the asynchronous file put because the current thread + * might be the fuse server. This can happen if a process starts some + * aio and closes the fd before the aio completes. Since aio takes its + * own ref to the file, the IO completion has to drop the ref, which is + * how the fuse server can end up closing its clients' files. */ - fuse_file_put(ff, ff->fm->fc->destroy); + fuse_file_put(ff, false); } void fuse_release_common(struct file *file, bool isdir)

1 month

2
2
0 0

FAILED: patch "[PATCH] PCI: tegra194: Reset BARs when running in PCIe endpoint mode" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 42f9c66a6d0cc45758dab77233c5460e1cf003df # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101639-january-preheated-6487@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 42f9c66a6d0cc45758dab77233c5460e1cf003df Mon Sep 17 00:00:00 2001 From: Niklas Cassel <cassel(a)kernel.org> Date: Mon, 22 Sep 2025 16:08:25 +0200 Subject: [PATCH] PCI: tegra194: Reset BARs when running in PCIe endpoint mode Tegra already defines all BARs except BAR0 as BAR_RESERVED. This is sufficient for pci-epf-test to not allocate backing memory and to not call set_bar() for those BARs. However, marking a BAR as BAR_RESERVED does not mean that the BAR gets disabled. The host side driver, pci_endpoint_test, simply does an ioremap for all enabled BARs and will run tests against all enabled BARs, so it will run tests against the BARs marked as BAR_RESERVED. After running the BAR tests (which will write to all enabled BARs), the inbound address translation is broken. This is because the tegra controller exposes the ATU Port Logic Structure in BAR4, so when BAR4 is written, the inbound address translation settings get overwritten. To avoid this, implement the dw_pcie_ep_ops .init() callback and start off by disabling all BARs (pci-epf-test will later enable/configure BARs that are not defined as BAR_RESERVED). This matches the behavior of other PCIe endpoint drivers: dra7xx, imx6, layerscape-ep, artpec6, dw-rockchip, qcom-ep, rcar-gen4, and uniphier-ep. With this, the PCI endpoint kselftest test case CONSECUTIVE_BAR_TEST (which was specifically made to detect address translation issues) passes. Fixes: c57247f940e8 ("PCI: tegra: Add support for PCIe endpoint mode in Tegra194") Signed-off-by: Niklas Cassel <cassel(a)kernel.org> Signed-off-by: Manivannan Sadhasivam <mani(a)kernel.org> Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com> Cc: stable(a)vger.kernel.org Link: https://patch.msgid.link/20250922140822.519796-7-cassel@kernel.org diff --git a/drivers/pci/controller/dwc/pcie-tegra194.c b/drivers/pci/controller/dwc/pcie-tegra194.c index fe418b9bfbb4..359d92dca86a 100644 --- a/drivers/pci/controller/dwc/pcie-tegra194.c +++ b/drivers/pci/controller/dwc/pcie-tegra194.c @@ -1941,6 +1941,15 @@ static irqreturn_t tegra_pcie_ep_pex_rst_irq(int irq, void *arg) return IRQ_HANDLED; } +static void tegra_pcie_ep_init(struct dw_pcie_ep *ep) +{ + struct dw_pcie *pci = to_dw_pcie_from_ep(ep); + enum pci_barno bar; + + for (bar = 0; bar < PCI_STD_NUM_BARS; bar++) + dw_pcie_ep_reset_bar(pci, bar); +}; + static int tegra_pcie_ep_raise_intx_irq(struct tegra_pcie_dw *pcie, u16 irq) { /* Tegra194 supports only INTA */ @@ -2016,6 +2025,7 @@ tegra_pcie_ep_get_features(struct dw_pcie_ep *ep) } static const struct dw_pcie_ep_ops pcie_ep_ops = { + .init = tegra_pcie_ep_init, .raise_irq = tegra_pcie_ep_raise_irq, .get_features = tegra_pcie_ep_get_features, };

1 month

2
1
0 0

FAILED: patch "[PATCH] PM: EM: Fix late boot with holes in CPU topology" failed to apply to 6.12-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.12-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y git checkout FETCH_HEAD git cherry-pick -x 1ebe8f7e782523e62cd1fa8237f7afba5d1dae83 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101616-gigahertz-profane-b22c@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 1ebe8f7e782523e62cd1fa8237f7afba5d1dae83 Mon Sep 17 00:00:00 2001 From: Christian Loehle <christian.loehle(a)arm.com> Date: Sun, 31 Aug 2025 22:43:57 +0100 Subject: [PATCH] PM: EM: Fix late boot with holes in CPU topology Commit e3f1164fc9ee ("PM: EM: Support late CPUs booting and capacity adjustment") added a mechanism to handle CPUs that come up late by retrying when any of the `cpufreq_cpu_get()` call fails. However, if there are holes in the CPU topology (offline CPUs, e.g. nosmt), the first missing CPU causes the loop to break, preventing subsequent online CPUs from being updated. Instead of aborting on the first missing CPU policy, loop through all and retry if any were missing. Fixes: e3f1164fc9ee ("PM: EM: Support late CPUs booting and capacity adjustment") Suggested-by: Kenneth Crudup <kenneth.crudup(a)gmail.com> Reported-by: Kenneth Crudup <kenneth.crudup(a)gmail.com> Link: https://lore.kernel.org/linux-pm/40212796-734c-4140-8a85-854f72b8144d@panix… Cc: 6.9+ <stable(a)vger.kernel.org> # 6.9+ Signed-off-by: Christian Loehle <christian.loehle(a)arm.com> Link: https://patch.msgid.link/20250831214357.2020076-1-christian.loehle@arm.com [ rjw: Drop the new pr_debug() message which is not very useful ] Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> diff --git a/kernel/power/energy_model.c b/kernel/power/energy_model.c index 8df55397414a..5f17d2e8e954 100644 --- a/kernel/power/energy_model.c +++ b/kernel/power/energy_model.c @@ -799,7 +799,7 @@ void em_adjust_cpu_capacity(unsigned int cpu) static void em_check_capacity_update(void) { cpumask_var_t cpu_done_mask; - int cpu; + int cpu, failed_cpus = 0; if (!zalloc_cpumask_var(&cpu_done_mask, GFP_KERNEL)) { pr_warn("no free memory\n"); @@ -817,10 +817,8 @@ static void em_check_capacity_update(void) policy = cpufreq_cpu_get(cpu); if (!policy) { - pr_debug("Accessing cpu%d policy failed\n", cpu); - schedule_delayed_work(&em_update_work, - msecs_to_jiffies(1000)); - break; + failed_cpus++; + continue; } cpufreq_cpu_put(policy); @@ -835,6 +833,9 @@ static void em_check_capacity_update(void) em_adjust_new_capacity(cpu, dev, pd); } + if (failed_cpus) + schedule_delayed_work(&em_update_work, msecs_to_jiffies(1000)); + free_cpumask_var(cpu_done_mask); }

1 month

2
4
0 0

[REGRESSION] stable-rc/linux-5.10.y: (build) passing 'const struct iomap *' to parameter of type 'struct iomap ...

by KernelCI bot

Hello, New build issue found on stable-rc/linux-5.10.y: --- passing 'const struct iomap *' to parameter of type 'struct iomap *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers] in fs/dax.o (fs/dax.c) [logspec:kbuild,kbuild.compiler.error] --- - dashboard: https://d.kernelci.org/i/maestro:568e928648fdbc507b4cfc190ad338a93fe02440 - giturl: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git - commit HEAD: 63caad8a89c150b298b2e95d18ca60cd904d3183 Log excerpt: ===================================================== fs/dax.c:1147:44: error: passing 'const struct iomap *' to parameter of type 'struct iomap *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers] 1147 | const sector_t sector = dax_iomap_sector(iomap, pos); | ^~~~~ fs/dax.c:1009:48: note: passing argument to parameter 'iomap' here 1009 | static sector_t dax_iomap_sector(struct iomap *iomap, loff_t pos) | ^ 1 error generated. ===================================================== # Builds where the incident occurred: ## defconfig+allmodconfig on (arm64): - compiler: clang-17 - config: https://files.kernelci.org/kbuild-clang-17-arm64-allmodconfig-68f7d39c95331… - dashboard: https://d.kernelci.org/build/maestro:68f7d39c9533132a1895417c #kernelci issue maestro:568e928648fdbc507b4cfc190ad338a93fe02440 Reported-by: kernelci.org bot <bot(a)kernelci.org> -- This is an experimental report format. Please send feedback in! Talk to us at kernelci(a)lists.linux.dev Made with love by the KernelCI team - https://kernelci.org

1 month

1
0
0 0

FAILED: patch "[PATCH] memory: samsung: exynos-srom: Fix of_iomap leak in" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 6744085079e785dae5f7a2239456135407c58b25 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101607-discharge-haiku-4150@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 6744085079e785dae5f7a2239456135407c58b25 Mon Sep 17 00:00:00 2001 From: Zhen Ni <zhen.ni(a)easystack.cn> Date: Wed, 6 Aug 2025 10:55:38 +0800 Subject: [PATCH] memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe The of_platform_populate() call at the end of the function has a possible failure path, causing a resource leak. Replace of_iomap() with devm_platform_ioremap_resource() to ensure automatic cleanup of srom->reg_base. This issue was detected by smatch static analysis: drivers/memory/samsung/exynos-srom.c:155 exynos_srom_probe()warn: 'srom->reg_base' from of_iomap() not released on lines: 155. Fixes: 8ac2266d8831 ("memory: samsung: exynos-srom: Add support for bank configuration") Cc: stable(a)vger.kernel.org Signed-off-by: Zhen Ni <zhen.ni(a)easystack.cn> Link: https://lore.kernel.org/r/20250806025538.306593-1-zhen.ni@easystack.cn Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> diff --git a/drivers/memory/samsung/exynos-srom.c b/drivers/memory/samsung/exynos-srom.c index e73dd330af47..d913fb901973 100644 --- a/drivers/memory/samsung/exynos-srom.c +++ b/drivers/memory/samsung/exynos-srom.c @@ -121,20 +121,18 @@ static int exynos_srom_probe(struct platform_device *pdev) return -ENOMEM; srom->dev = dev; - srom->reg_base = of_iomap(np, 0); - if (!srom->reg_base) { + srom->reg_base = devm_platform_ioremap_resource(pdev, 0); + if (IS_ERR(srom->reg_base)) { dev_err(&pdev->dev, "iomap of exynos srom controller failed\n"); - return -ENOMEM; + return PTR_ERR(srom->reg_base); } platform_set_drvdata(pdev, srom); srom->reg_offset = exynos_srom_alloc_reg_dump(exynos_srom_offsets, ARRAY_SIZE(exynos_srom_offsets)); - if (!srom->reg_offset) { - iounmap(srom->reg_base); + if (!srom->reg_offset) return -ENOMEM; - } for_each_child_of_node(np, child) { if (exynos_srom_configure_bank(srom, child)) {

1 month

2
2
0 0

FAILED: patch "[PATCH] PCI: rcar-host: Drop PMSR spinlock" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 0a8f173d9dad13930d5888505dc4c4fd6a1d4262 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101648-abruptly-poncho-afdd@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 0a8f173d9dad13930d5888505dc4c4fd6a1d4262 Mon Sep 17 00:00:00 2001 From: Marek Vasut <marek.vasut+renesas(a)mailbox.org> Date: Tue, 9 Sep 2025 18:26:24 +0200 Subject: [PATCH] PCI: rcar-host: Drop PMSR spinlock The pmsr_lock spinlock used to be necessary to synchronize access to the PMSR register, because that access could have been triggered from either config space access in rcar_pcie_config_access() or an exception handler rcar_pcie_aarch32_abort_handler(). The rcar_pcie_aarch32_abort_handler() case is no longer applicable since commit 6e36203bc14c ("PCI: rcar: Use PCI_SET_ERROR_RESPONSE after read which triggered an exception"), which performs more accurate, controlled invocation of the exception, and a fixup. This leaves rcar_pcie_config_access() as the only call site from which rcar_pcie_wakeup() is called. The rcar_pcie_config_access() can only be called from the controller struct pci_ops .read and .write callbacks, and those are serialized in drivers/pci/access.c using raw spinlock 'pci_lock' . It should be noted that CONFIG_PCI_LOCKLESS_CONFIG is never set on this platform. Since the 'pci_lock' is a raw spinlock , and the 'pmsr_lock' is not a raw spinlock, this constellation triggers 'BUG: Invalid wait context' with CONFIG_PROVE_RAW_LOCK_NESTING=y . Remove the pmsr_lock to fix the locking. Fixes: a115b1bd3af0 ("PCI: rcar: Add L1 link state fix into data abort hook") Reported-by: Duy Nguyen <duy.nguyen.rh(a)renesas.com> Reported-by: Thuan Nguyen <thuan.nguyen-hong(a)banvien.com.vn> Signed-off-by: Marek Vasut <marek.vasut+renesas(a)mailbox.org> Signed-off-by: Manivannan Sadhasivam <mani(a)kernel.org> Reviewed-by: Geert Uytterhoeven <geert+renesas(a)glider.be> Cc: stable(a)vger.kernel.org Link: https://patch.msgid.link/20250909162707.13927-1-marek.vasut+renesas@mailbox… diff --git a/drivers/pci/controller/pcie-rcar-host.c b/drivers/pci/controller/pcie-rcar-host.c index 4780e0109e58..625a00f3b223 100644 --- a/drivers/pci/controller/pcie-rcar-host.c +++ b/drivers/pci/controller/pcie-rcar-host.c @@ -52,20 +52,13 @@ struct rcar_pcie_host { int (*phy_init_fn)(struct rcar_pcie_host *host); }; -static DEFINE_SPINLOCK(pmsr_lock); - static int rcar_pcie_wakeup(struct device *pcie_dev, void __iomem *pcie_base) { - unsigned long flags; u32 pmsr, val; int ret = 0; - spin_lock_irqsave(&pmsr_lock, flags); - - if (!pcie_base || pm_runtime_suspended(pcie_dev)) { - ret = -EINVAL; - goto unlock_exit; - } + if (!pcie_base || pm_runtime_suspended(pcie_dev)) + return -EINVAL; pmsr = readl(pcie_base + PMSR); @@ -87,8 +80,6 @@ static int rcar_pcie_wakeup(struct device *pcie_dev, void __iomem *pcie_base) writel(L1FAEG | PMEL1RX, pcie_base + PMSR); } -unlock_exit: - spin_unlock_irqrestore(&pmsr_lock, flags); return ret; }

1 month

2
2
0 0

FAILED: patch "[PATCH] PCI: tegra194: Reset BARs when running in PCIe endpoint mode" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 42f9c66a6d0cc45758dab77233c5460e1cf003df # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101638-slider-outlying-148b@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 42f9c66a6d0cc45758dab77233c5460e1cf003df Mon Sep 17 00:00:00 2001 From: Niklas Cassel <cassel(a)kernel.org> Date: Mon, 22 Sep 2025 16:08:25 +0200 Subject: [PATCH] PCI: tegra194: Reset BARs when running in PCIe endpoint mode Tegra already defines all BARs except BAR0 as BAR_RESERVED. This is sufficient for pci-epf-test to not allocate backing memory and to not call set_bar() for those BARs. However, marking a BAR as BAR_RESERVED does not mean that the BAR gets disabled. The host side driver, pci_endpoint_test, simply does an ioremap for all enabled BARs and will run tests against all enabled BARs, so it will run tests against the BARs marked as BAR_RESERVED. After running the BAR tests (which will write to all enabled BARs), the inbound address translation is broken. This is because the tegra controller exposes the ATU Port Logic Structure in BAR4, so when BAR4 is written, the inbound address translation settings get overwritten. To avoid this, implement the dw_pcie_ep_ops .init() callback and start off by disabling all BARs (pci-epf-test will later enable/configure BARs that are not defined as BAR_RESERVED). This matches the behavior of other PCIe endpoint drivers: dra7xx, imx6, layerscape-ep, artpec6, dw-rockchip, qcom-ep, rcar-gen4, and uniphier-ep. With this, the PCI endpoint kselftest test case CONSECUTIVE_BAR_TEST (which was specifically made to detect address translation issues) passes. Fixes: c57247f940e8 ("PCI: tegra: Add support for PCIe endpoint mode in Tegra194") Signed-off-by: Niklas Cassel <cassel(a)kernel.org> Signed-off-by: Manivannan Sadhasivam <mani(a)kernel.org> Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com> Cc: stable(a)vger.kernel.org Link: https://patch.msgid.link/20250922140822.519796-7-cassel@kernel.org diff --git a/drivers/pci/controller/dwc/pcie-tegra194.c b/drivers/pci/controller/dwc/pcie-tegra194.c index fe418b9bfbb4..359d92dca86a 100644 --- a/drivers/pci/controller/dwc/pcie-tegra194.c +++ b/drivers/pci/controller/dwc/pcie-tegra194.c @@ -1941,6 +1941,15 @@ static irqreturn_t tegra_pcie_ep_pex_rst_irq(int irq, void *arg) return IRQ_HANDLED; } +static void tegra_pcie_ep_init(struct dw_pcie_ep *ep) +{ + struct dw_pcie *pci = to_dw_pcie_from_ep(ep); + enum pci_barno bar; + + for (bar = 0; bar < PCI_STD_NUM_BARS; bar++) + dw_pcie_ep_reset_bar(pci, bar); +}; + static int tegra_pcie_ep_raise_intx_irq(struct tegra_pcie_dw *pcie, u16 irq) { /* Tegra194 supports only INTA */ @@ -2016,6 +2025,7 @@ tegra_pcie_ep_get_features(struct dw_pcie_ep *ep) } static const struct dw_pcie_ep_ops pcie_ep_ops = { + .init = tegra_pcie_ep_init, .raise_irq = tegra_pcie_ep_raise_irq, .get_features = tegra_pcie_ep_get_features, };

1 month

2
1
0 0

FAILED: patch "[PATCH] PCI: j721e: Fix programming sequence of "strap" settings" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x f842d3313ba179d4005096357289c7ad09cec575 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101614-regulator-gumball-c7c6@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f842d3313ba179d4005096357289c7ad09cec575 Mon Sep 17 00:00:00 2001 From: Siddharth Vadapalli <s-vadapalli(a)ti.com> Date: Mon, 8 Sep 2025 17:38:27 +0530 Subject: [PATCH] PCI: j721e: Fix programming sequence of "strap" settings The Cadence PCIe Controller integrated in the TI K3 SoCs supports both Root-Complex and Endpoint modes of operation. The Glue Layer allows "strapping" the Mode of operation of the Controller, the Link Speed and the Link Width. This is enabled by programming the "PCIEn_CTRL" register (n corresponds to the PCIe instance) within the CTRL_MMR memory-mapped register space. The "reset-values" of the registers are also different depending on the mode of operation. Since the PCIe Controller latches onto the "reset-values" immediately after being powered on, if the Glue Layer configuration is not done while the PCIe Controller is off, it will result in the PCIe Controller latching onto the wrong "reset-values". In practice, this will show up as a wrong representation of the PCIe Controller's capability structures in the PCIe Configuration Space. Some such capabilities which are supported by the PCIe Controller in the Root-Complex mode but are incorrectly latched onto as being unsupported are: - Link Bandwidth Notification - Alternate Routing ID (ARI) Forwarding Support - Next capability offset within Advanced Error Reporting (AER) capability Fix this by powering off the PCIe Controller before programming the "strap" settings and powering it on after that. The runtime PM APIs namely pm_runtime_put_sync() and pm_runtime_get_sync() will decrement and increment the usage counter respectively, causing GENPD to power off and power on the PCIe Controller. Fixes: f3e25911a430 ("PCI: j721e: Add TI J721E PCIe driver") Signed-off-by: Siddharth Vadapalli <s-vadapalli(a)ti.com> Signed-off-by: Manivannan Sadhasivam <mani(a)kernel.org> Cc: stable(a)vger.kernel.org Link: https://patch.msgid.link/20250908120828.1471776-1-s-vadapalli@ti.com diff --git a/drivers/pci/controller/cadence/pci-j721e.c b/drivers/pci/controller/cadence/pci-j721e.c index cfca13a4c840..5a9ae33e2b93 100644 --- a/drivers/pci/controller/cadence/pci-j721e.c +++ b/drivers/pci/controller/cadence/pci-j721e.c @@ -284,6 +284,25 @@ static int j721e_pcie_ctrl_init(struct j721e_pcie *pcie) if (!ret) offset = args.args[0]; + /* + * The PCIe Controller's registers have different "reset-values" + * depending on the "strap" settings programmed into the PCIEn_CTRL + * register within the CTRL_MMR memory-mapped register space. + * The registers latch onto a "reset-value" based on the "strap" + * settings sampled after the PCIe Controller is powered on. + * To ensure that the "reset-values" are sampled accurately, power + * off the PCIe Controller before programming the "strap" settings + * and power it on after that. The runtime PM APIs namely + * pm_runtime_put_sync() and pm_runtime_get_sync() will decrement and + * increment the usage counter respectively, causing GENPD to power off + * and power on the PCIe Controller. + */ + ret = pm_runtime_put_sync(dev); + if (ret < 0) { + dev_err(dev, "Failed to power off PCIe Controller\n"); + return ret; + } + ret = j721e_pcie_set_mode(pcie, syscon, offset); if (ret < 0) { dev_err(dev, "Failed to set pci mode\n"); @@ -302,6 +321,12 @@ static int j721e_pcie_ctrl_init(struct j721e_pcie *pcie) return ret; } + ret = pm_runtime_get_sync(dev); + if (ret < 0) { + dev_err(dev, "Failed to power on PCIe Controller\n"); + return ret; + } + /* Enable ACSPCIE refclk output if the optional property exists */ syscon = syscon_regmap_lookup_by_phandle_optional(node, "ti,syscon-acspcie-proxy-ctrl");

1 month

2
2
0 0

FAILED: patch "[PATCH] PCI: tegra194: Reset BARs when running in PCIe endpoint mode" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 42f9c66a6d0cc45758dab77233c5460e1cf003df # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101638-carry-unwashed-bba6@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 42f9c66a6d0cc45758dab77233c5460e1cf003df Mon Sep 17 00:00:00 2001 From: Niklas Cassel <cassel(a)kernel.org> Date: Mon, 22 Sep 2025 16:08:25 +0200 Subject: [PATCH] PCI: tegra194: Reset BARs when running in PCIe endpoint mode Tegra already defines all BARs except BAR0 as BAR_RESERVED. This is sufficient for pci-epf-test to not allocate backing memory and to not call set_bar() for those BARs. However, marking a BAR as BAR_RESERVED does not mean that the BAR gets disabled. The host side driver, pci_endpoint_test, simply does an ioremap for all enabled BARs and will run tests against all enabled BARs, so it will run tests against the BARs marked as BAR_RESERVED. After running the BAR tests (which will write to all enabled BARs), the inbound address translation is broken. This is because the tegra controller exposes the ATU Port Logic Structure in BAR4, so when BAR4 is written, the inbound address translation settings get overwritten. To avoid this, implement the dw_pcie_ep_ops .init() callback and start off by disabling all BARs (pci-epf-test will later enable/configure BARs that are not defined as BAR_RESERVED). This matches the behavior of other PCIe endpoint drivers: dra7xx, imx6, layerscape-ep, artpec6, dw-rockchip, qcom-ep, rcar-gen4, and uniphier-ep. With this, the PCI endpoint kselftest test case CONSECUTIVE_BAR_TEST (which was specifically made to detect address translation issues) passes. Fixes: c57247f940e8 ("PCI: tegra: Add support for PCIe endpoint mode in Tegra194") Signed-off-by: Niklas Cassel <cassel(a)kernel.org> Signed-off-by: Manivannan Sadhasivam <mani(a)kernel.org> Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com> Cc: stable(a)vger.kernel.org Link: https://patch.msgid.link/20250922140822.519796-7-cassel@kernel.org diff --git a/drivers/pci/controller/dwc/pcie-tegra194.c b/drivers/pci/controller/dwc/pcie-tegra194.c index fe418b9bfbb4..359d92dca86a 100644 --- a/drivers/pci/controller/dwc/pcie-tegra194.c +++ b/drivers/pci/controller/dwc/pcie-tegra194.c @@ -1941,6 +1941,15 @@ static irqreturn_t tegra_pcie_ep_pex_rst_irq(int irq, void *arg) return IRQ_HANDLED; } +static void tegra_pcie_ep_init(struct dw_pcie_ep *ep) +{ + struct dw_pcie *pci = to_dw_pcie_from_ep(ep); + enum pci_barno bar; + + for (bar = 0; bar < PCI_STD_NUM_BARS; bar++) + dw_pcie_ep_reset_bar(pci, bar); +}; + static int tegra_pcie_ep_raise_intx_irq(struct tegra_pcie_dw *pcie, u16 irq) { /* Tegra194 supports only INTA */ @@ -2016,6 +2025,7 @@ tegra_pcie_ep_get_features(struct dw_pcie_ep *ep) } static const struct dw_pcie_ep_ops pcie_ep_ops = { + .init = tegra_pcie_ep_init, .raise_irq = tegra_pcie_ep_raise_irq, .get_features = tegra_pcie_ep_get_features, };

1 month

2
1
0 0

FAILED: patch "[PATCH] spi: cadence-quadspi: Flush posted register writes before" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 29e0b471ccbd674d20d4bbddea1a51e7105212c5 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101621-blah-dyslexic-116b@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 29e0b471ccbd674d20d4bbddea1a51e7105212c5 Mon Sep 17 00:00:00 2001 From: Pratyush Yadav <pratyush(a)kernel.org> Date: Sat, 6 Sep 2025 00:29:55 +0530 Subject: [PATCH] spi: cadence-quadspi: Flush posted register writes before INDAC access cqspi_indirect_read_execute() and cqspi_indirect_write_execute() first set the enable bit on APB region and then start reading/writing to the AHB region. On TI K3 SoCs these regions lie on different endpoints. This means that the order of the two operations is not guaranteed, and they might be reordered at the interconnect level. It is possible for the AHB write to be executed before the APB write to enable the indirect controller, causing the transaction to be invalid and the write erroring out. Read back the APB region write before accessing the AHB region to make sure the write got flushed and the race condition is eliminated. Fixes: 140623410536 ("mtd: spi-nor: Add driver for Cadence Quad SPI Flash Controller") CC: stable(a)vger.kernel.org Reviewed-by: Pratyush Yadav <pratyush(a)kernel.org> Signed-off-by: Pratyush Yadav <pratyush(a)kernel.org> Signed-off-by: Santhosh Kumar K <s-k6(a)ti.com> Message-ID: <20250905185958.3575037-2-s-k6(a)ti.com> Signed-off-by: Mark Brown <broonie(a)kernel.org> diff --git a/drivers/spi/spi-cadence-quadspi.c b/drivers/spi/spi-cadence-quadspi.c index 9bf823348cd3..eaf9a0f522d5 100644 --- a/drivers/spi/spi-cadence-quadspi.c +++ b/drivers/spi/spi-cadence-quadspi.c @@ -764,6 +764,7 @@ static int cqspi_indirect_read_execute(struct cqspi_flash_pdata *f_pdata, reinit_completion(&cqspi->transfer_complete); writel(CQSPI_REG_INDIRECTRD_START_MASK, reg_base + CQSPI_REG_INDIRECTRD); + readl(reg_base + CQSPI_REG_INDIRECTRD); /* Flush posted write. */ while (remaining > 0) { if (use_irq && @@ -1090,6 +1091,8 @@ static int cqspi_indirect_write_execute(struct cqspi_flash_pdata *f_pdata, reinit_completion(&cqspi->transfer_complete); writel(CQSPI_REG_INDIRECTWR_START_MASK, reg_base + CQSPI_REG_INDIRECTWR); + readl(reg_base + CQSPI_REG_INDIRECTWR); /* Flush posted write. */ + /* * As per 66AK2G02 TRM SPRUHY8F section 11.15.5.3 Indirect Access * Controller programming sequence, couple of cycles of

1 month

2
1
0 0

FAILED: patch "[PATCH] spi: cadence-quadspi: Flush posted register writes before DAC" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 1ad55767e77a853c98752ed1e33b68049a243bd7 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101635-laurel-crawling-2104@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 1ad55767e77a853c98752ed1e33b68049a243bd7 Mon Sep 17 00:00:00 2001 From: Pratyush Yadav <pratyush(a)kernel.org> Date: Sat, 6 Sep 2025 00:29:56 +0530 Subject: [PATCH] spi: cadence-quadspi: Flush posted register writes before DAC access cqspi_read_setup() and cqspi_write_setup() program the address width as the last step in the setup. This is likely to be immediately followed by a DAC region read/write. On TI K3 SoCs the DAC region is on a different endpoint from the register region. This means that the order of the two operations is not guaranteed, and they might be reordered at the interconnect level. It is possible that the DAC read/write goes through before the address width update goes through. In this situation if the previous command used a different address width the OSPI command is sent with the wrong number of address bytes, resulting in an invalid command and undefined behavior. Read back the size register to make sure the write gets flushed before accessing the DAC region. Fixes: 140623410536 ("mtd: spi-nor: Add driver for Cadence Quad SPI Flash Controller") CC: stable(a)vger.kernel.org Reviewed-by: Pratyush Yadav <pratyush(a)kernel.org> Signed-off-by: Pratyush Yadav <pratyush(a)kernel.org> Signed-off-by: Santhosh Kumar K <s-k6(a)ti.com> Message-ID: <20250905185958.3575037-3-s-k6(a)ti.com> Signed-off-by: Mark Brown <broonie(a)kernel.org> diff --git a/drivers/spi/spi-cadence-quadspi.c b/drivers/spi/spi-cadence-quadspi.c index eaf9a0f522d5..447a32a08a93 100644 --- a/drivers/spi/spi-cadence-quadspi.c +++ b/drivers/spi/spi-cadence-quadspi.c @@ -719,6 +719,7 @@ static int cqspi_read_setup(struct cqspi_flash_pdata *f_pdata, reg &= ~CQSPI_REG_SIZE_ADDRESS_MASK; reg |= (op->addr.nbytes - 1); writel(reg, reg_base + CQSPI_REG_SIZE); + readl(reg_base + CQSPI_REG_SIZE); /* Flush posted write. */ return 0; } @@ -1063,6 +1064,7 @@ static int cqspi_write_setup(struct cqspi_flash_pdata *f_pdata, reg &= ~CQSPI_REG_SIZE_ADDRESS_MASK; reg |= (op->addr.nbytes - 1); writel(reg, reg_base + CQSPI_REG_SIZE); + readl(reg_base + CQSPI_REG_SIZE); /* Flush posted write. */ return 0; }

1 month

2
1
0 0