- Linux-stable-mirror - lists.linaro.org

[PATCH rtw v3 2/5] wifi: rtw89: fix tx_wait initialization race

by Fedor Pchelkin

Now that nullfunc skbs are recycled in a separate work item in the driver, the following race during initialization and processing of those skbs might lead to noticeable bugs: Waiting thread Completing thread rtw89_core_send_nullfunc() rtw89_core_tx_write_link() ... rtw89_pci_txwd_submit() skb_data->wait = NULL /* add skb to the queue */ skb_queue_tail(&txwd->queue, skb) rtw89_pci_napi_poll() ... rtw89_pci_release_txwd_skb() /* get skb from the queue */ skb_unlink(skb, &txwd->queue) rtw89_pci_tx_status() rtw89_core_tx_wait_complete() /* use incorrect skb_data->wait */ rtw89_core_tx_kick_off_and_wait() /* assign skb_data->wait but too late */ The value of skb_data->wait indicates whether skb is passed on to the core ieee80211 stack or released by the driver itself. So assure that by the time skb is added to txwd queue and becomes visible to the completing side, it has already allocated tx_wait-related data (in case it's needed). Found by Linux Verification Center (linuxtesting.org). Fixes: 1ae5ca615285 ("wifi: rtw89: add function to wait for completion of TX skbs") Cc: stable(a)vger.kernel.org Signed-off-by: Fedor Pchelkin <pchelkin(a)ispras.ru> --- drivers/net/wireless/realtek/rtw89/core.c | 30 ++++++++++++++--------- drivers/net/wireless/realtek/rtw89/pci.c | 2 -- 2 files changed, 18 insertions(+), 14 deletions(-) diff --git a/drivers/net/wireless/realtek/rtw89/core.c b/drivers/net/wireless/realtek/rtw89/core.c index 5c964283cd67..57f20559dfde 100644 --- a/drivers/net/wireless/realtek/rtw89/core.c +++ b/drivers/net/wireless/realtek/rtw89/core.c @@ -1094,20 +1094,12 @@ int rtw89_core_tx_kick_off_and_wait(struct rtw89_dev *rtwdev, struct sk_buff *sk int qsel, unsigned int timeout) { struct rtw89_tx_skb_data *skb_data = RTW89_TX_SKB_CB(skb); - struct rtw89_tx_wait_info *wait; + struct rtw89_tx_wait_info *wait = skb_data->wait; unsigned long time_left; int ret = 0; lockdep_assert_wiphy(rtwdev->hw->wiphy); - wait = kzalloc(sizeof(*wait), GFP_KERNEL); - if (!wait) { - rtw89_core_tx_kick_off(rtwdev, qsel); - return 0; - } - - init_completion(&wait->completion); - rcu_assign_pointer(skb_data->wait, wait); wait->skb = skb; rtw89_core_tx_kick_off(rtwdev, qsel); @@ -1172,10 +1164,12 @@ int rtw89_h2c_tx(struct rtw89_dev *rtwdev, static int rtw89_core_tx_write_link(struct rtw89_dev *rtwdev, struct rtw89_vif_link *rtwvif_link, struct rtw89_sta_link *rtwsta_link, - struct sk_buff *skb, int *qsel, bool sw_mld) + struct sk_buff *skb, int *qsel, bool sw_mld, + struct rtw89_tx_wait_info *wait) { struct ieee80211_sta *sta = rtwsta_link_to_sta_safe(rtwsta_link); struct ieee80211_vif *vif = rtwvif_link_to_vif(rtwvif_link); + struct rtw89_tx_skb_data *skb_data = RTW89_TX_SKB_CB(skb); struct rtw89_vif *rtwvif = rtwvif_link->rtwvif; struct rtw89_core_tx_request tx_req = {}; int ret; @@ -1192,6 +1186,8 @@ static int rtw89_core_tx_write_link(struct rtw89_dev *rtwdev, rtw89_core_tx_update_desc_info(rtwdev, &tx_req); rtw89_core_tx_wake(rtwdev, &tx_req); + rcu_assign_pointer(skb_data->wait, wait); + ret = rtw89_hci_tx_write(rtwdev, &tx_req); if (ret) { rtw89_err(rtwdev, "failed to transmit skb to HCI\n"); @@ -1228,7 +1224,8 @@ int rtw89_core_tx_write(struct rtw89_dev *rtwdev, struct ieee80211_vif *vif, } } - return rtw89_core_tx_write_link(rtwdev, rtwvif_link, rtwsta_link, skb, qsel, false); + return rtw89_core_tx_write_link(rtwdev, rtwvif_link, rtwsta_link, skb, qsel, false, + NULL); } static __le32 rtw89_build_txwd_body0(struct rtw89_tx_desc_info *desc_info) @@ -3426,6 +3423,7 @@ int rtw89_core_send_nullfunc(struct rtw89_dev *rtwdev, struct rtw89_vif_link *rt struct ieee80211_vif *vif = rtwvif_link_to_vif(rtwvif_link); int link_id = ieee80211_vif_is_mld(vif) ? rtwvif_link->link_id : -1; struct rtw89_sta_link *rtwsta_link; + struct rtw89_tx_wait_info *wait; struct ieee80211_sta *sta; struct ieee80211_hdr *hdr; struct rtw89_sta *rtwsta; @@ -3435,6 +3433,12 @@ int rtw89_core_send_nullfunc(struct rtw89_dev *rtwdev, struct rtw89_vif_link *rt if (vif->type != NL80211_IFTYPE_STATION || !vif->cfg.assoc) return 0; + wait = kzalloc(sizeof(*wait), GFP_KERNEL); + if (!wait) + return -ENOMEM; + + init_completion(&wait->completion); + rcu_read_lock(); sta = ieee80211_find_sta(vif, vif->cfg.ap_addr); if (!sta) { @@ -3459,7 +3463,8 @@ int rtw89_core_send_nullfunc(struct rtw89_dev *rtwdev, struct rtw89_vif_link *rt goto out; } - ret = rtw89_core_tx_write_link(rtwdev, rtwvif_link, rtwsta_link, skb, &qsel, true); + ret = rtw89_core_tx_write_link(rtwdev, rtwvif_link, rtwsta_link, skb, &qsel, true, + wait); if (ret) { rtw89_warn(rtwdev, "nullfunc transmit failed: %d\n", ret); dev_kfree_skb_any(skb); @@ -3472,6 +3477,7 @@ int rtw89_core_send_nullfunc(struct rtw89_dev *rtwdev, struct rtw89_vif_link *rt timeout); out: rcu_read_unlock(); + kfree(wait); return ret; } diff --git a/drivers/net/wireless/realtek/rtw89/pci.c b/drivers/net/wireless/realtek/rtw89/pci.c index 4e3034b44f56..cb9682f306a6 100644 --- a/drivers/net/wireless/realtek/rtw89/pci.c +++ b/drivers/net/wireless/realtek/rtw89/pci.c @@ -1372,7 +1372,6 @@ static int rtw89_pci_txwd_submit(struct rtw89_dev *rtwdev, struct pci_dev *pdev = rtwpci->pdev; struct sk_buff *skb = tx_req->skb; struct rtw89_pci_tx_data *tx_data = RTW89_PCI_TX_SKB_CB(skb); - struct rtw89_tx_skb_data *skb_data = RTW89_TX_SKB_CB(skb); bool en_wd_info = desc_info->en_wd_info; u32 txwd_len; u32 txwp_len; @@ -1388,7 +1387,6 @@ static int rtw89_pci_txwd_submit(struct rtw89_dev *rtwdev, } tx_data->dma = dma; - rcu_assign_pointer(skb_data->wait, NULL); txwp_len = sizeof(*txwp_info); txwd_len = chip->txwd_body_size; -- 2.51.0

2 weeks, 3 days

2
1
0 0

[PATCH] drm/mediatek: fix device leaks at bind

by Johan Hovold

Make sure to drop the references to the sibling platform devices and their child drm devices taken by of_find_device_by_node() and device_find_child() when initialising the driver data during bind(). Fixes: 1ef7ed48356c ("drm/mediatek: Modify mediatek-drm for mt8195 multi mmsys support") Cc: stable(a)vger.kernel.org # 6.4 Cc: Nancy.Lin <nancy.lin(a)mediatek.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/gpu/drm/mediatek/mtk_drm_drv.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/gpu/drm/mediatek/mtk_drm_drv.c b/drivers/gpu/drm/mediatek/mtk_drm_drv.c index 7c0c12dde488..33b83576af7e 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_drv.c +++ b/drivers/gpu/drm/mediatek/mtk_drm_drv.c @@ -395,10 +395,12 @@ static bool mtk_drm_get_all_drm_priv(struct device *dev) continue; drm_dev = device_find_child(&pdev->dev, NULL, mtk_drm_match); + put_device(&pdev->dev); if (!drm_dev) continue; temp_drm_priv = dev_get_drvdata(drm_dev); + put_device(drm_dev); if (!temp_drm_priv) continue; -- 2.49.1

2 weeks, 3 days

3
5
0 0

[PATCH rtw v3 1/5] wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()

by Fedor Pchelkin

There is a bug observed when rtw89_core_tx_kick_off_and_wait() tries to access already freed skb_data: BUG: KFENCE: use-after-free write in rtw89_core_tx_kick_off_and_wait drivers/net/wireless/realtek/rtw89/core.c:1110 CPU: 6 UID: 0 PID: 41377 Comm: kworker/u64:24 Not tainted 6.17.0-rc1+ #1 PREEMPT(lazy) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS edk2-20250523-14.fc42 05/23/2025 Workqueue: events_unbound cfg80211_wiphy_work [cfg80211] Use-after-free write at 0x0000000020309d9d (in kfence-#251): rtw89_core_tx_kick_off_and_wait drivers/net/wireless/realtek/rtw89/core.c:1110 rtw89_core_scan_complete drivers/net/wireless/realtek/rtw89/core.c:5338 rtw89_hw_scan_complete_cb drivers/net/wireless/realtek/rtw89/fw.c:7979 rtw89_chanctx_proceed_cb drivers/net/wireless/realtek/rtw89/chan.c:3165 rtw89_chanctx_proceed drivers/net/wireless/realtek/rtw89/chan.h:141 rtw89_hw_scan_complete drivers/net/wireless/realtek/rtw89/fw.c:8012 rtw89_mac_c2h_scanofld_rsp drivers/net/wireless/realtek/rtw89/mac.c:5059 rtw89_fw_c2h_work drivers/net/wireless/realtek/rtw89/fw.c:6758 process_one_work kernel/workqueue.c:3241 worker_thread kernel/workqueue.c:3400 kthread kernel/kthread.c:463 ret_from_fork arch/x86/kernel/process.c:154 ret_from_fork_asm arch/x86/entry/entry_64.S:258 kfence-#251: 0x0000000056e2393d-0x000000009943cb62, size=232, cache=skbuff_head_cache allocated by task 41377 on cpu 6 at 77869.159548s (0.009551s ago): __alloc_skb net/core/skbuff.c:659 __netdev_alloc_skb net/core/skbuff.c:734 ieee80211_nullfunc_get net/mac80211/tx.c:5844 rtw89_core_send_nullfunc drivers/net/wireless/realtek/rtw89/core.c:3431 rtw89_core_scan_complete drivers/net/wireless/realtek/rtw89/core.c:5338 rtw89_hw_scan_complete_cb drivers/net/wireless/realtek/rtw89/fw.c:7979 rtw89_chanctx_proceed_cb drivers/net/wireless/realtek/rtw89/chan.c:3165 rtw89_chanctx_proceed drivers/net/wireless/realtek/rtw89/chan.c:3194 rtw89_hw_scan_complete drivers/net/wireless/realtek/rtw89/fw.c:8012 rtw89_mac_c2h_scanofld_rsp drivers/net/wireless/realtek/rtw89/mac.c:5059 rtw89_fw_c2h_work drivers/net/wireless/realtek/rtw89/fw.c:6758 process_one_work kernel/workqueue.c:3241 worker_thread kernel/workqueue.c:3400 kthread kernel/kthread.c:463 ret_from_fork arch/x86/kernel/process.c:154 ret_from_fork_asm arch/x86/entry/entry_64.S:258 freed by task 1045 on cpu 9 at 77869.168393s (0.001557s ago): ieee80211_tx_status_skb net/mac80211/status.c:1117 rtw89_pci_release_txwd_skb drivers/net/wireless/realtek/rtw89/pci.c:564 rtw89_pci_release_tx_skbs.isra.0 drivers/net/wireless/realtek/rtw89/pci.c:651 rtw89_pci_release_tx drivers/net/wireless/realtek/rtw89/pci.c:676 rtw89_pci_napi_poll drivers/net/wireless/realtek/rtw89/pci.c:4238 __napi_poll net/core/dev.c:7495 net_rx_action net/core/dev.c:7557 net/core/dev.c:7684 handle_softirqs kernel/softirq.c:580 do_softirq.part.0 kernel/softirq.c:480 __local_bh_enable_ip kernel/softirq.c:407 rtw89_pci_interrupt_threadfn drivers/net/wireless/realtek/rtw89/pci.c:927 irq_thread_fn kernel/irq/manage.c:1133 irq_thread kernel/irq/manage.c:1257 kthread kernel/kthread.c:463 ret_from_fork arch/x86/kernel/process.c:154 ret_from_fork_asm arch/x86/entry/entry_64.S:258 It is a consequence of a race between the waiting and the signaling side of the completion: Waiting thread Completing thread rtw89_core_tx_kick_off_and_wait() rcu_assign_pointer(skb_data->wait, wait) /* start waiting */ wait_for_completion_timeout() rtw89_pci_tx_status() rtw89_core_tx_wait_complete() rcu_read_lock() /* signals completion and * proceeds further */ complete(&wait->completion) rcu_read_unlock() ... /* frees skb_data */ ieee80211_tx_status_ni() /* returns (exit status doesn't matter) */ wait_for_completion_timeout() ... /* accesses the already freed skb_data */ rcu_assign_pointer(skb_data->wait, NULL) The completing side might proceed and free the underlying skb even before the waiting side is fully awoken and run to execution. Actually the race happens regardless of wait_for_completion_timeout() exit status, e.g. the waiting side may hit a timeout and the concurrent completing side is still able to free the skb. Skbs which are sent by rtw89_core_tx_kick_off_and_wait() are owned by the driver. They don't come from core ieee80211 stack so no need to pass them to ieee80211_tx_status_ni() on completing side. Introduce a work function which will act as a garbage collector for rtw89_tx_wait_info objects and the associated skbs. Thus no potentially heavy locks are required on the completing side. Found by Linux Verification Center (linuxtesting.org). Fixes: 1ae5ca615285 ("wifi: rtw89: add function to wait for completion of TX skbs") Cc: stable(a)vger.kernel.org Suggested-by: Zong-Zhe Yang <kevin_yang(a)realtek.com> Signed-off-by: Fedor Pchelkin <pchelkin(a)ispras.ru> --- v3: - decrease waiting timeout in rtw89_tx_wait_work() (Zong-Zhe) - clear tx_waits list from rtw89_hci_reset(), too (Zong-Zhe) - keep RCU updating for skb_data->wait (Zong-Zhe) - keep the old order of calls in rtw89_pci_tx_status() (Zong-Zhe) - drop wait->finished as complete_all() would make the completion be done permanently (me) v2: - use a work function to manage release of tx_waits and associated skbs (Zong-Zhe) FWIW, I think RCU locking becomes unnecessary after the next patch [PATCH rtw v3 2/5] wifi: rtw89: fix tx_wait initialization race but let's keep it if you feel that's more safe. drivers/net/wireless/realtek/rtw89/core.c | 28 ++++++++++++++--- drivers/net/wireless/realtek/rtw89/core.h | 38 +++++++++++++++++++++-- drivers/net/wireless/realtek/rtw89/pci.c | 3 +- drivers/net/wireless/realtek/rtw89/ser.c | 2 ++ 4 files changed, 63 insertions(+), 8 deletions(-) diff --git a/drivers/net/wireless/realtek/rtw89/core.c b/drivers/net/wireless/realtek/rtw89/core.c index 57590f5577a3..5c964283cd67 100644 --- a/drivers/net/wireless/realtek/rtw89/core.c +++ b/drivers/net/wireless/realtek/rtw89/core.c @@ -1073,6 +1073,14 @@ rtw89_core_tx_update_desc_info(struct rtw89_dev *rtwdev, } } +static void rtw89_tx_wait_work(struct wiphy *wiphy, struct wiphy_work *work) +{ + struct rtw89_dev *rtwdev = container_of(work, struct rtw89_dev, + tx_wait_work); + + rtw89_tx_wait_list_clear(rtwdev); +} + void rtw89_core_tx_kick_off(struct rtw89_dev *rtwdev, u8 qsel) { u8 ch_dma; @@ -1090,6 +1098,8 @@ int rtw89_core_tx_kick_off_and_wait(struct rtw89_dev *rtwdev, struct sk_buff *sk unsigned long time_left; int ret = 0; + lockdep_assert_wiphy(rtwdev->hw->wiphy); + wait = kzalloc(sizeof(*wait), GFP_KERNEL); if (!wait) { rtw89_core_tx_kick_off(rtwdev, qsel); @@ -1098,17 +1108,22 @@ int rtw89_core_tx_kick_off_and_wait(struct rtw89_dev *rtwdev, struct sk_buff *sk init_completion(&wait->completion); rcu_assign_pointer(skb_data->wait, wait); + wait->skb = skb; rtw89_core_tx_kick_off(rtwdev, qsel); time_left = wait_for_completion_timeout(&wait->completion, msecs_to_jiffies(timeout)); - if (time_left == 0) + + if (time_left == 0) { ret = -ETIMEDOUT; - else if (!wait->tx_done) - ret = -EAGAIN; + list_add_tail(&wait->list, &rtwdev->tx_waits); + wiphy_work_queue(rtwdev->hw->wiphy, &rtwdev->tx_wait_work); - rcu_assign_pointer(skb_data->wait, NULL); - kfree_rcu(wait, rcu_head); + } else { + if (!wait->tx_done) + ret = -EAGAIN; + rtw89_tx_wait_release(&wait->rcu_head); + } return ret; } @@ -4972,6 +4987,7 @@ void rtw89_core_stop(struct rtw89_dev *rtwdev) clear_bit(RTW89_FLAG_RUNNING, rtwdev->flags); wiphy_work_cancel(wiphy, &rtwdev->c2h_work); + wiphy_work_cancel(wiphy, &rtwdev->tx_wait_work); wiphy_work_cancel(wiphy, &rtwdev->cancel_6ghz_probe_work); wiphy_work_cancel(wiphy, &btc->eapol_notify_work); wiphy_work_cancel(wiphy, &btc->arp_notify_work); @@ -5203,6 +5219,7 @@ int rtw89_core_init(struct rtw89_dev *rtwdev) INIT_LIST_HEAD(&rtwdev->scan_info.pkt_list[band]); } INIT_LIST_HEAD(&rtwdev->scan_info.chan_list); + INIT_LIST_HEAD(&rtwdev->tx_waits); INIT_WORK(&rtwdev->ba_work, rtw89_core_ba_work); INIT_WORK(&rtwdev->txq_work, rtw89_core_txq_work); INIT_DELAYED_WORK(&rtwdev->txq_reinvoke_work, rtw89_core_txq_reinvoke_work); @@ -5233,6 +5250,7 @@ int rtw89_core_init(struct rtw89_dev *rtwdev) wiphy_work_init(&rtwdev->c2h_work, rtw89_fw_c2h_work); wiphy_work_init(&rtwdev->ips_work, rtw89_ips_work); wiphy_work_init(&rtwdev->cancel_6ghz_probe_work, rtw89_cancel_6ghz_probe_work); + wiphy_work_init(&rtwdev->tx_wait_work, rtw89_tx_wait_work); INIT_WORK(&rtwdev->load_firmware_work, rtw89_load_firmware_work); skb_queue_head_init(&rtwdev->c2h_queue); diff --git a/drivers/net/wireless/realtek/rtw89/core.h b/drivers/net/wireless/realtek/rtw89/core.h index 43e10278e14d..9b22bb116af9 100644 --- a/drivers/net/wireless/realtek/rtw89/core.h +++ b/drivers/net/wireless/realtek/rtw89/core.h @@ -3506,9 +3506,12 @@ struct rtw89_phy_rate_pattern { bool enable; }; +#define RTW89_TX_WAIT_DEFAULT_TIMEOUT 10 struct rtw89_tx_wait_info { struct rcu_head rcu_head; + struct list_head list; struct completion completion; + struct sk_buff *skb; bool tx_done; }; @@ -5925,6 +5928,9 @@ struct rtw89_dev { /* used to protect rpwm */ spinlock_t rpwm_lock; + struct list_head tx_waits; + struct wiphy_work tx_wait_work; + struct rtw89_cam_info cam_info; struct sk_buff_head c2h_queue; @@ -6181,6 +6187,30 @@ rtw89_assoc_link_rcu_dereference(struct rtw89_dev *rtwdev, u8 macid) list_first_entry_or_null(&p->dlink_pool, typeof(*p->links_inst), dlink_schd); \ }) +static inline void rtw89_tx_wait_release(struct rcu_head *rcu_head) +{ + struct rtw89_tx_wait_info *wait = + container_of(rcu_head, struct rtw89_tx_wait_info, rcu_head); + + dev_kfree_skb_any(wait->skb); + kfree(wait); +} + +static inline void rtw89_tx_wait_list_clear(struct rtw89_dev *rtwdev) +{ + struct rtw89_tx_wait_info *wait, *tmp; + + lockdep_assert_wiphy(rtwdev->hw->wiphy); + + list_for_each_entry_safe(wait, tmp, &rtwdev->tx_waits, list) { + if (!wait_for_completion_timeout(&wait->completion, + RTW89_TX_WAIT_DEFAULT_TIMEOUT)) + continue; + list_del(&wait->list); + call_rcu(&wait->rcu_head, rtw89_tx_wait_release); + } +} + static inline int rtw89_hci_tx_write(struct rtw89_dev *rtwdev, struct rtw89_core_tx_request *tx_req) { @@ -6190,6 +6220,7 @@ static inline int rtw89_hci_tx_write(struct rtw89_dev *rtwdev, static inline void rtw89_hci_reset(struct rtw89_dev *rtwdev) { rtwdev->hci.ops->reset(rtwdev); + rtw89_tx_wait_list_clear(rtwdev); } static inline int rtw89_hci_start(struct rtw89_dev *rtwdev) @@ -7258,11 +7289,12 @@ static inline struct sk_buff *rtw89_alloc_skb_for_rx(struct rtw89_dev *rtwdev, return dev_alloc_skb(length); } -static inline void rtw89_core_tx_wait_complete(struct rtw89_dev *rtwdev, +static inline bool rtw89_core_tx_wait_complete(struct rtw89_dev *rtwdev, struct rtw89_tx_skb_data *skb_data, bool tx_done) { struct rtw89_tx_wait_info *wait; + bool ret = false; rcu_read_lock(); @@ -7270,11 +7302,13 @@ static inline void rtw89_core_tx_wait_complete(struct rtw89_dev *rtwdev, if (!wait) goto out; + ret = true; wait->tx_done = tx_done; - complete(&wait->completion); + complete_all(&wait->completion); out: rcu_read_unlock(); + return ret; } static inline bool rtw89_is_mlo_1_1(struct rtw89_dev *rtwdev) diff --git a/drivers/net/wireless/realtek/rtw89/pci.c b/drivers/net/wireless/realtek/rtw89/pci.c index a669f2f843aa..4e3034b44f56 100644 --- a/drivers/net/wireless/realtek/rtw89/pci.c +++ b/drivers/net/wireless/realtek/rtw89/pci.c @@ -464,7 +464,8 @@ static void rtw89_pci_tx_status(struct rtw89_dev *rtwdev, struct rtw89_tx_skb_data *skb_data = RTW89_TX_SKB_CB(skb); struct ieee80211_tx_info *info; - rtw89_core_tx_wait_complete(rtwdev, skb_data, tx_status == RTW89_TX_DONE); + if (rtw89_core_tx_wait_complete(rtwdev, skb_data, tx_status == RTW89_TX_DONE)) + return; info = IEEE80211_SKB_CB(skb); ieee80211_tx_info_clear_status(info); diff --git a/drivers/net/wireless/realtek/rtw89/ser.c b/drivers/net/wireless/realtek/rtw89/ser.c index bb39fdbcba0d..fe7beff8c424 100644 --- a/drivers/net/wireless/realtek/rtw89/ser.c +++ b/drivers/net/wireless/realtek/rtw89/ser.c @@ -502,7 +502,9 @@ static void ser_reset_trx_st_hdl(struct rtw89_ser *ser, u8 evt) } drv_stop_rx(ser); + wiphy_lock(wiphy); drv_trx_reset(ser); + wiphy_unlock(wiphy); /* wait m3 */ hal_send_m2_event(ser); -- 2.51.0

2 weeks, 3 days

2
1
0 0

[PATCH 6.1 000/482] 6.1.149-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.1.149 release. There are 482 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 28 Aug 2025 11:08:22 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.149-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.1.149-rc1 Florian Westphal <fw(a)strlen.de> netfilter: nf_reject: don't leak dst refcount for loopback packets Peter Oberparleiter <oberpar(a)linux.ibm.com> s390/hypfs: Enable limited access during lockdown Peter Oberparleiter <oberpar(a)linux.ibm.com> s390/hypfs: Avoid unnecessary ioctl registration in debugfs Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation Hangbin Liu <liuhangbin(a)gmail.com> bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU Aahil Awatramani <aahila(a)google.com> bonding: Add independent control state machine Hangbin Liu <liuhangbin(a)gmail.com> bonding: update LACP activity flag after setting lacp_active William Liu <will(a)willsroot.io> net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate William Liu <will(a)willsroot.io> net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit ValdikSS <iam(a)valdikss.org.ru> igc: fix disabling L1.2 PCI-E link substate on I226 on init Jason Xing <kernelxing(a)tencent.com> ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc Jordan Rhee <jordanrhee(a)google.com> gve: prevent ethtool ops after shutdown Yuichiro Tsuji <yuichtsu(a)amazon.com> net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization Horatiu Vultur <horatiu.vultur(a)microchip.com> phy: mscc: Fix timestamping for vsc8584 Qingfang Deng <dqfext(a)gmail.com> ppp: fix race conditions in ppp_fill_forward_path Qingfang Deng <dqfext(a)gmail.com> net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path Minhong He <heminhong(a)kylinos.cn> ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add Jakub Ramaseuski <jramaseu(a)redhat.com> net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM Chenyuan Yang <chenyuan0y(a)gmail.com> drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() Dan Carpenter <dan.carpenter(a)linaro.org> ALSA: usb-audio: Fix size validation in convert_chmap_v3() Baihan Li <libaihan(a)huawei.com> drm/hisilicon/hibmc: fix the hibmc loaded failed bug Ido Schimmel <idosch(a)nvidia.com> mlxsw: spectrum: Forward packets with an IPv4 link-local source IP Sergey Shtylyov <s.shtylyov(a)omp.ru> Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() Kees Cook <kees(a)kernel.org> iommu/amd: Avoid stack buffer overflow from kernel cmdline Dan Carpenter <dan.carpenter(a)linaro.org> scsi: qla4xxx: Prevent a potential error pointer dereference Wang Liang <wangliang74(a)huawei.com> net: bridge: fix soft lockup in br_multicast_query_expired() Anantha Prabhu <anantha.prabhu(a)broadcom.com> RDMA/bnxt_re: Fix to initialize the PBL array Boshi Yu <boshiyu(a)linux.alibaba.com> RDMA/erdma: Fix ignored return value of init_kernel_qp Nitin Gote <nitin.r.gote(a)intel.com> iosys-map: Fix undefined behavior in iosys_map_clear() Waiman Long <longman(a)redhat.com> cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key Tianxiang Peng <txpeng(a)tencent.com> x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Jan Beulich <jbeulich(a)suse.com> compiler: remove __ADDRESSABLE_ASM{_STR,}() again David Lechner <dlechner(a)baylibre.com> iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read() Jonathan Cameron <Jonathan.Cameron(a)huawei.com> iio: light: as73211: Ensure buffer holes are zeroed Pu Lehui <pulehui(a)huawei.com> tracing: Limit access to parser->buffer when trace_get_user failed Steven Rostedt <rostedt(a)goodmis.org> tracing: Remove unneeded goto out logic Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com> iio: imu: inv_icm42600: change invalid data error to -EBUSY Jakub Kicinski <kuba(a)kernel.org> tls: fix handling of zero-length records on the rx_list Mikhail Lobanov <m.lobanov(a)rosa.ru> wifi: mac80211: check basic rates validity in sta_link_apply_parameters Benjamin Berg <benjamin.berg(a)intel.com> wifi: mac80211: avoid lockdep checking when removing deflink Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: pm: check flush doesn't reset limits Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Don't overclock DCE 6 by 15% Jinjiang Tu <tujinjiang(a)huawei.com> mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn Victor Shih <victor.shih(a)genesyslogic.com.tw> mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER Victor Shih <victor.shih(a)genesyslogic.com.tw> mmc: sdhci-pci-gli: Add a new function to simplify the code Bjorn Helgaas <bhelgaas(a)google.com> mmc: sdhci-pci-gli: Use PCI AER definitions, not hard-coded values Imre Deak <imre.deak(a)intel.com> drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS Geliang Tang <tanggeliang(a)kylinos.cn> mptcp: disable add_addr retransmission when timeout is 0 Chao Yu <chao(a)kernel.org> f2fs: fix to avoid out-of-boundary access in dnode page Chao Yu <chao(a)kernel.org> f2fs: fix to call clear_page_private_reference in .{release,invalid}_folio Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com> soc: qcom: mdt_loader: Ensure we don't read past the ELF header Gokul krishna Krishnakumar <quic_gokukris(a)quicinc.com> soc: qcom: mdt_loader: Enhance split binary detection Geraldo Nascimento <geraldogabriel(a)gmail.com> PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining Geraldo Nascimento <geraldogabriel(a)gmail.com> PCI: rockchip: Use standard PCIe definitions Ranjan Kumar <ranjan.kumar(a)broadcom.com> scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems Ranjan Kumar <ranjan.kumar(a)broadcom.com> scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers Baokun Li <libaokun1(a)huawei.com> ext4: preserve SB_I_VERSION on remount André Draszik <andre.draszik(a)linaro.org> scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE Judith Mendez <jm(a)ti.com> arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support Selvarasu Ganesan <selvarasu.g(a)samsung.com> usb: dwc3: Remove WARN_ON for device endpoint command timeouts Kuen-Han Tsai <khtsai(a)google.com> usb: dwc3: Ignore late xferNotReady event to prevent halt timeout Zenm Chen <zenmchen(a)gmail.com> USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles Thorsten Blum <thorsten.blum(a)linux.dev> usb: storage: realtek_cr: Use correct byte order for bcs->Residue Mael GUERIN <mael.guerin(a)murena.io> USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera Marek Vasut <marek.vasut+renesas(a)mailbox.org> usb: renesas-xhci: Fix External ROM access timeouts Xu Yang <xu.yang_2(a)nxp.com> usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test Ian Abbott <abbotti(a)mev.co.uk> comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() Edward Adam Davis <eadavis(a)qq.com> comedi: pcl726: Prevent invalid irq number Ian Abbott <abbotti(a)mev.co.uk> comedi: Make insn_rw_emulate_bits() do insn->n samples Miao Li <limiao(a)kylinos.cn> usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive Miaoqian Lin <linmq006(a)gmail.com> most: core: Drop device reference after usage in get_channel() David Lechner <dlechner(a)baylibre.com> iio: proximity: isl29501: fix buffered read on big-endian systems Salah Triki <salah.triki(a)gmail.com> iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() Steven Rostedt <rostedt(a)goodmis.org> ftrace: Also allocate and copy hash for reading of filter files Xu Yilun <yilun.xu(a)linux.intel.com> fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable() Al Viro <viro(a)zeniv.linux.org.uk> use uniform permission checks for all mount propagation changes Ye Bin <yebin10(a)huawei.com> fs/buffer: fix use-after-free when call bh_read() helper Stefan Metzmacher <metze(a)samba.org> smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy() Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Fix DP audio DTO1 clock source on DCE 6. Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 Mario Limonciello <mario.limonciello(a)amd.com> drm/amd/display: Avoid a NULL pointer dereference Peter Oberparleiter <oberpar(a)linux.ibm.com> s390/sclp: Fix SCCB present check Evgeniy Harchenko <evgeniyharchenko.dev(a)gmail.com> ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 Herton R. Krzesinski <herton(a)redhat.com> mm/debug_vm_pgtable: clear page table entries at destroy_args() Phillip Lougher <phillip(a)squashfs.org.uk> squashfs: fix memory leak in squashfs_fill_super Victor Shih <victor.shih(a)genesyslogic.com.tw> mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency Jiayi Li <lijiayi(a)kylinos.cn> memstick: Fix deadlock by moving removing flag earlier Will Deacon <will(a)kernel.org> KVM: arm64: Fix kernel BUG() due to bad backport of FPSIMD/SVE/SME fix Chao Gao <chao.gao(a)intel.com> KVM: VMX: Flush shadow VMCS on emergency reboot Sean Christopherson <seanjc(a)google.com> x86/reboot: KVM: Handle VMXOFF in KVM's reboot callback Sean Christopherson <seanjc(a)google.com> x86/reboot: Harden virtualization hooks for emergency reboot Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> kbuild: userprogs: use correct linker when mixing clang and GNU ld Sumanth Gavini <sumanth.gavini(a)yahoo.com> Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> selftests/memfd: add test for mapping write-sealed memfd read-only Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: reinstate ability to map write-sealed memfd mappings read-only Lorenzo Stoakes <lstoakes(a)gmail.com> mm: update memfd seal write check to include F_SEAL_WRITE Lorenzo Stoakes <lstoakes(a)gmail.com> mm: drop the assumption that VM_SHARED always implies writable Paolo Abeni <pabeni(a)redhat.com> mptcp: reset fallback status gracefully at disconnect() time Paolo Abeni <pabeni(a)redhat.com> mptcp: plug races between subflow fail and subflow creation Paolo Abeni <pabeni(a)redhat.com> mptcp: make fallback action and fallback decision atomic Sean Christopherson <seanjc(a)google.com> KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer Nianyao Tang <tangnianyao(a)huawei.com> arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 register Giovanni Cabiddu <giovanni.cabiddu(a)intel.com> crypto: qat - fix ring to service map for QAT GEN4 Sabrina Dubroca <sd(a)queasysnail.net> tls: separate no-async decryption request handling from async Qu Wenruo <wqu(a)suse.com> btrfs: populate otime when logging an inode item Damien Le Moal <dlemoal(a)kernel.org> ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig Johan Hovold <johan(a)kernel.org> usb: dwc3: imx8mp: fix device leak at unbind Tzung-Bi Shih <tzungbi(a)kernel.org> platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() Tzung-Bi Shih <tzungbi(a)kernel.org> platform/chrome: cros_ec: remove unneeded label and if-condition Chen-Yu Tsai <wenst(a)chromium.org> platform/chrome: cros_ec: Use per-device lockdep key Johan Hovold <johan(a)kernel.org> usb: musb: omap2430: fix device leak at unbind Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> usb: musb: omap2430: Convert to platform remove callback returning void Vedang Nagar <quic_vnagar(a)quicinc.com> media: venus: Fix OOB read due to missing payload bound check Konrad Dybcio <konrad.dybcio(a)linaro.org> media: venus: Introduce accessors for remapped hfi_buffer_reqs members Anshuman Khandual <anshuman.khandual(a)arm.com> mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Davide Caratti <dcaratti(a)redhat.com> net/sched: ets: use old 'nbands' while purging unused classes Eric Dumazet <edumazet(a)google.com> net_sched: sch_ets: implement lockless ets_dump() Filipe Manana <fdmanana(a)suse.com> btrfs: send: use fallocate for hole punching with send stream v2 Christoph Hellwig <hch(a)lst.de> xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags Filipe Manana <fdmanana(a)suse.com> btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() Filipe Manana <fdmanana(a)suse.com> btrfs: qgroup: fix race between quota disable and quota rescan ioctl Sebastian Reichel <sebastian.reichel(a)collabora.com> usb: typec: fusb302: cache PD RX state Shyam Prasad N <sprasad(a)microsoft.com> cifs: reset iface weights when we cannot find a candidate Lukas Wunner <lukas(a)wunner.de> PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports Damien Le Moal <dlemoal(a)kernel.org> block: Make REQ_OP_ZONE_FINISH a write operation Christoph Hellwig <hch(a)lst.de> block: reject invalid operation in submit_bio_noacct Eric Biggers <ebiggers(a)kernel.org> fscrypt: Don't use problematic non-inline crypto engines Johan Hovold <johan(a)kernel.org> net: enetc: fix device and OF node leak at probe Lin.Cao <lincao12(a)amd.com> drm/sched: Remove optimization that causes hang when killing dependent jobs Ada Couprie Diaz <ada.coupriediaz(a)arm.com> arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() Nathan Chancellor <nathan(a)kernel.org> ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS Filipe Manana <fdmanana(a)suse.com> btrfs: fix qgroup reservation leak on failure to allocate ordered extent Eric Dumazet <edumazet(a)google.com> net: add netdev_lockdep_set_classes() to virtual drivers Yazen Ghannam <yazen.ghannam(a)amd.com> x86/mce/amd: Add default names for MCA banks and blocks Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Fix crash in icl_update_topdown_event() Zhang Lixu <lixu.zhang(a)intel.com> iio: hid-sensor-prox: Fix incorrect OFFSET calculation Zhang Lixu <lixu.zhang(a)intel.com> iio: hid-sensor-prox: Restore lost scale assignments Chao Yu <chao(a)kernel.org> f2fs: fix to do sanity check on ino and xnid Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: pm: kernel: flush: do not reset ADD_ADDR limit Christoph Paasch <cpaasch(a)openai.com> mptcp: drop skb if MPTCP skb extension allocation fails Chen Yu <yu.c.chen(a)intel.com> ACPI: pfr_update: Fix the driver update version check Eric Biggers <ebiggers(a)kernel.org> ipv6: sr: Fix MAC comparison to be constant-time Jakub Acs <acsjakub(a)amazon.de> net, hsr: reject HSR frame if skb can't hold tag Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Don't overwrite dce60_clk_mgr Amber Lin <Amber.Lin(a)amd.com> drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: update mmhub 3.0.1 client id mappings Gang Ba <Gang.Ba(a)amd.com> drm/amdgpu: Avoid extra evict-restore process. Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Restore cached power limit during resume Ricardo Ribalda <ribalda(a)chromium.org> media: venus: venc: Clamp param smaller than 1fps and bigger than 240 Ricardo Ribalda <ribalda(a)chromium.org> media: venus: vdec: Clamp param smaller than 1fps and bigger than 240. Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com> media: venus: protect against spurious interrupts during probe Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com> media: venus: hfi: explicitly release IRQ during teardown Vedang Nagar <quic_vnagar(a)quicinc.com> media: venus: Add a check for packet size after reading from shared memory Vladimir Zapolskiy <vladimir.zapolskiy(a)linaro.org> media: qcom: camss: cleanup media device allocated resource on error path Zhang Shurong <zhang_shurong(a)foxmail.com> media: ov2659: Fix memory leaks in ov2659_probe() Gui-Dong Han <hanguidong02(a)gmail.com> media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() Ludwig Disterhof <ludwig(a)disterhof.eu> media: usbtv: Lock resolution while streaming Sakari Ailus <sakari.ailus(a)linux.intel.com> media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() Hans Verkuil <hverkuil(a)xs4all.nl> media: vivid: fix wrong pixel_array control size Haoxiang Li <haoxiang_li2024(a)163.com> media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() Bingbu Cao <bingbu.cao(a)intel.com> media: hi556: correct the test pattern configuration Dan Carpenter <dan.carpenter(a)linaro.org> media: gspca: Add bounds checking to firmware parser John David Anglin <dave.anglin(a)bell.net> parisc: Update comments in make_insert_tlb John David Anglin <dave.anglin(a)bell.net> parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault() John David Anglin <dave.anglin(a)bell.net> parisc: Revise gateway LWS calls to probe user read access John David Anglin <dave.anglin(a)bell.net> parisc: Revise __get_user() to probe user read access Randy Dunlap <rdunlap(a)infradead.org> parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers John David Anglin <dave.anglin(a)bell.net> parisc: Check region is readable by user in raw_copy_from_user() Jon Hunter <jonathanh(a)nvidia.com> soc/tegra: pmc: Ensure power-domains are in a known state Baokun Li <libaokun1(a)huawei.com> jbd2: prevent softlockup in jbd2_log_do_checkpoint() Will Deacon <will(a)kernel.org> vhost/vsock: Avoid allocating arbitrarily-sized SKBs Will Deacon <will(a)kernel.org> vsock/virtio: Validate length in packet header before skb_put() Damien Le Moal <dlemoal(a)kernel.org> PCI: endpoint: Fix configfs group removal on driver teardown Damien Le Moal <dlemoal(a)kernel.org> PCI: endpoint: Fix configfs group list head handling Thomas Fourier <fourier.thomas(a)gmail.com> mtd: rawnand: renesas: Add missing check after DMA map Thomas Fourier <fourier.thomas(a)gmail.com> mtd: rawnand: fsmc: Add missing check after DMA map Gabor Juhos <j4g8y7(a)gmail.com> mtd: spinand: propagate spinand_wait() errors from spinand_write_page() Michael Walle <mwalle(a)kernel.org> mtd: spi-nor: Fix spi_nor_try_unlock_all() Tim Harvey <tharvey(a)gateworks.com> hwmon: (gsc-hwmon) fix fan pwm setpoint show functions Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: mediatek: Fix duty and period setting Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: mediatek: Handle hardware enable and clock enable separately Laurentiu Mihalcea <laurentiu.mihalcea(a)nxp.com> pwm: imx-tpm: Reset counter if CMOD is 0 Johan Hovold <johan+linaro(a)kernel.org> wifi: ath11k: fix dest ring-buffer corruption when ring is full Johan Hovold <johan+linaro(a)kernel.org> wifi: ath11k: fix source ring-buffer corruption Johan Hovold <johan+linaro(a)kernel.org> wifi: ath11k: fix dest ring-buffer corruption Nathan Chancellor <nathan(a)kernel.org> wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() David Lechner <dlechner(a)baylibre.com> iio: adc: ad_sigma_delta: change to buffer predisable David Lechner <dlechner(a)baylibre.com> iio: imu: bno055: fix OOB access of hw_xlate array Marek Szyprowski <m.szyprowski(a)samsung.com> zynq_fpga: use sgtable-based scatterlist wrappers Adrian Hunter <adrian.hunter(a)intel.com> scsi: ufs: ufs-pci: Fix default runtime and system PM levels Archana Patni <archana.patni(a)intel.com> scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers Damien Le Moal <dlemoal(a)kernel.org> ata: libata-scsi: Fix ata_to_sense_error() status handling Ranjan Kumar <ranjan.kumar(a)broadcom.com> scsi: mpi3mr: Fix race between config read submit and interrupt completion Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints Zhang Yi <yi.zhang(a)huawei.com> ext4: fix hole length calculation overflow in non-extent inodes Liao Yuanhong <liaoyuanhong(a)vivo.com> ext4: use kmalloc_array() for array space allocation Theodore Ts'o <tytso(a)mit.edu> ext4: don't try to clear the orphan_present feature block device is r/o Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: fix reserved gdt blocks handling in fsmap Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: fix fsmap end of range reporting with bigalloc Andreas Dilger <adilger(a)dilger.ca> ext4: check fast symlink for ea_inode correctly Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: extend the connection limiting mechanism to support IPv6 Helge Deller <deller(a)gmx.de> Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" Eric Biggers <ebiggers(a)kernel.org> lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz> vt: defkeymap: Map keycodes above 127 to K_HOLE Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz> vt: keyboard: Don't process Unicode characters in K_OFF mode Youssef Samir <quic_yabdulra(a)quicinc.com> bus: mhi: host: Detect events pointing to unexpected TREs Alexander Wilhelm <alexander.wilhelm(a)westermo.com> bus: mhi: host: Fix endianness of BHI vector table Johan Hovold <johan(a)kernel.org> usb: dwc3: meson-g12a: fix device leaks at unbind Johan Hovold <johan(a)kernel.org> usb: gadget: udc: renesas_usb3: fix device leak at unbind Nathan Chancellor <nathan(a)kernel.org> usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() Finn Thain <fthain(a)linux-m68k.org> m68k: Fix lost column on framebuffer debug console Dan Carpenter <dan.carpenter(a)linaro.org> cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() Yunhui Cui <cuiyunhui(a)bytedance.com> serial: 8250: fix panic due to PSLVERR Aditya Garg <gargaditya08(a)live.com> HID: apple: avoid setting up battery timer for devices without battery Aditya Garg <gargaditya08(a)live.com> HID: magicmouse: avoid setting up battery timer when not needed Willy Tarreau <w(a)1wt.eu> tools/nolibc: fix spelling of FD_SETBITMASK in FD_* macros Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Do not mark valid metadata as invalid Youngjun Lee <yjjuny.lee(a)samsung.com> media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() Breno Leitao <leitao(a)debian.org> mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock Waiman Long <longman(a)redhat.com> mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() Randy Dunlap <rdunlap(a)infradead.org> parisc: Makefile: fix a typo in palo.conf Haiyang Zhang <haiyangz(a)microsoft.com> hv_netvsc: Fix panic during namespace deletion with VF Sravan Kumar Gundu <sravankumarlpu(a)gmail.com> fbdev: Fix vmalloc out-of-bounds write in fast_imageblit Qu Wenruo <wqu(a)suse.com> btrfs: do not allow relocation of partially dropped subvolumes Filipe Manana <fdmanana(a)suse.com> btrfs: fix log tree replay failure due to file with 0 links and extents Naohiro Aota <naohiro.aota(a)wdc.com> btrfs: zoned: do not remove unwritten non-data block group Filipe Manana <fdmanana(a)suse.com> btrfs: abort transaction during log replay if walk_log_tree() failed Johannes Thumshirn <johannes.thumshirn(a)wdc.com> btrfs: zoned: use filesystem size not disk size for reclaim decision Oliver Neukum <oneukum(a)suse.com> cdc-acm: fix race between initial clearing halt and open Eric Biggers <ebiggers(a)kernel.org> thunderbolt: Fix copy+paste error in match_service_id() Ian Abbott <abbotti(a)mev.co.uk> comedi: fix race between polling and detaching Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz> usb: typec: ucsi: Update power_supply on power role change Ricky Wu <ricky_wu(a)realtek.com> misc: rtsx: usb: Ensure mmc child device is active when card is present Xinyu Liu <katieeliu(a)tencent.com> usb: core: config: Prevent OOB read in SS endpoint companion parsing Baokun Li <libaokun1(a)huawei.com> ext4: fix largest free orders lists corruption on mb_optimize_scan switch Baokun Li <libaokun1(a)huawei.com> ext4: fix zombie groups in average fragment size lists Jack Xiao <Jack.Xiao(a)amd.com> drm/amdgpu: fix incorrect vm flags to map bo Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: fsl_sai: replace regmap_write with regmap_update_bits Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: fsl: merge DAI call back functions into ops Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: soc-dai.h: merge DAI call back functions into ops Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: soc-dai.c: add missing flag check at snd_soc_pcm_dai_probe() Jiasheng Jiang <jiashengjiangcool(a)gmail.com> scsi: lpfc: Remove redundant assignment to avoid memory leak Meagan Lloyd <meaganlloyd(a)linux.microsoft.com> rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe Sergey Bashirov <sergeybashirov(a)gmail.com> pNFS: Fix uninited ptr deref in block/scsi layout Sergey Bashirov <sergeybashirov(a)gmail.com> pNFS: Handle RPC size limit for layoutcommits Sergey Bashirov <sergeybashirov(a)gmail.com> pNFS: Fix disk addr range check in block/scsi layout Sergey Bashirov <sergeybashirov(a)gmail.com> pNFS: Fix stripe mapping in block/scsi layout John Garry <john.g.garry(a)oracle.com> block: avoid possible overflow for chunk_sectors check in blk_stack_limits() Cezary Rojewski <cezary.rojewski(a)intel.com> ASoC: Intel: avs: Fix uninitialized pointer error in probe() Buday Csaba <buday.csaba(a)prolan.hu> net: phy: smsc: add proper reset flags for LAN8710A Corey Minyard <corey(a)minyard.net> ipmi: Fix strcpy source and destination the same Yann E. MORIN <yann.morin.1998(a)free.fr> kconfig: lxdialog: fix 'space' to (de)select options Masahiro Yamada <masahiroy(a)kernel.org> kconfig: gconf: fix potential memory leak in renderer_edited() Masahiro Yamada <masahiroy(a)kernel.org> kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed() Breno Leitao <leitao(a)debian.org> ipmi: Use dev_warn_ratelimited() for incorrect message warnings Artem Sadovnikov <a.sadovnikov(a)ispras.ru> vfio/mlx5: fix possible overflow in tracking max message size John Garry <john.g.garry(a)oracle.com> scsi: aacraid: Stop using PCI_IRQ_AFFINITY Maurizio Lombardi <mlombard(a)redhat.com> scsi: target: core: Generate correct identifiers for PR OUT transport IDs Ranjan Kumar <ranjan.kumar(a)broadcom.com> scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans Shankari Anand <shankari.ak0208(a)gmail.com> kconfig: nconf: Ensure null termination where strncpy is used Keith Busch <kbusch(a)kernel.org> vfio/type1: conditional rescheduling while pinning Suchit Karunakaran <suchitkarunakaran(a)gmail.com> kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c fangzhong.zhou <myth5(a)myth5.com> i2c: Force DLL0945 touchpad i2c freq to 100khz Mateusz Guzik <mjguzik(a)gmail.com> apparmor: use the condition in AA_BUG_FMT even with debug disabled Benjamin Marzinski <bmarzins(a)redhat.com> dm-table: fix checking for rq stackable devices Mikulas Patocka <mpatocka(a)redhat.com> dm-mpath: don't print the "loaded" message if registering fails Jorge Marques <jorge.marques(a)analog.com> i3c: master: Initialize ret in i3c_i2c_notifier_call() Wolfram Sang <wsa+renesas(a)sang-engineering.com> i3c: don't fail if GETHDRCAP is unsupported Meagan Lloyd <meaganlloyd(a)linux.microsoft.com> rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 Wolfram Sang <wsa+renesas(a)sang-engineering.com> i3c: add missing include to internal header Petr Pavlu <petr.pavlu(a)suse.com> module: Prevent silent truncation of module name in delete_module(2) Purva Yeshi <purvayeshi550(a)gmail.com> md: dm-zoned-target: Initialize return variable r to avoid uninitialized use Bharat Bhushan <bbhushan2(a)marvell.com> crypto: octeontx2 - add timeout for load_fvc completion poll chenchangcheng <chenchangcheng(a)kylinos.cn> media: uvcvideo: Fix bandwidth issue for Alcor camera Alex Guo <alexguo1023(a)gmail.com> media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar Alex Guo <alexguo1023(a)gmail.com> media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() Wolfram Sang <wsa+renesas(a)sang-engineering.com> media: usb: hdpvr: disable zero-length read messages Dave Stevenson <dave.stevenson(a)raspberrypi.com> media: tc358743: Increase FIFO trigger level to 374 Dave Stevenson <dave.stevenson(a)raspberrypi.com> media: tc358743: Return an appropriate colorspace from tc358743_set_fmt Dave Stevenson <dave.stevenson(a)raspberrypi.com> media: tc358743: Check I2C succeeded during probe Cheick Traore <cheick.traore(a)foss.st.com> pinctrl: stm32: Manage irq affinity settings Damien Le Moal <dlemoal(a)kernel.org> scsi: mpi3mr: Correctly handle ATA device errors Damien Le Moal <dlemoal(a)kernel.org> scsi: mpt3sas: Correctly handle ATA device errors Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure Arnd Bergmann <arnd(a)arndb.de> RDMA/core: reduce stack using in nldev_stat_get_doit() Yury Norov [NVIDIA] <yury.norov(a)gmail.com> RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() Amelie Delaunay <amelie.delaunay(a)foss.st.com> dmaengine: stm32-dma: configure next sg only if there are more than 2 sgs Johan Adolfsson <johan.adolfsson(a)axis.com> leds: leds-lp50xx: Handle reg to get correct multi_index Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control Shiji Yang <yangshiji66(a)outlook.com> MIPS: lantiq: falcon: sysctrl: fix request memory check logic Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> MIPS: Don't crash in stack_top() for tasks without ABI or vDSO Arnaud Lecomte <contact(a)arnaud-lcm.com> jfs: upper bound check of tree index in dbAllocAG Edward Adam Davis <eadavis(a)qq.com> jfs: Regular file corruption check Lizhi Xu <lizhi.xu(a)windriver.com> jfs: truncate good inode pages when hard link is 0 jackysliu <1972843537(a)qq.com> scsi: bfa: Double-free fix Ziyan Fu <fuzy5(a)lenovo.com> watchdog: iTCO_wdt: Report error if timeout configuration fails Shiji Yang <yangshiji66(a)outlook.com> MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free} Florin Leotescu <florin.leotescu(a)nxp.com> hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state Sebastian Reichel <sebastian.reichel(a)collabora.com> watchdog: dw_wdt: Fix default timeout Amir Mohammad Jahangirzad <a.jahangirzad(a)gmail.com> fs/orangefs: use snprintf() instead of sprintf() Showrya M N <showrya(a)chelsio.com> scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated Theodore Ts'o <tytso(a)mit.edu> ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr Zhiqi Song <songzhiqi1(a)huawei.com> crypto: hisilicon/hpre - fix dma unmap sequence Yongzhen Zhang <zhangyongzhen(a)kylinos.cn> fbdev: fix potential buffer overflow in do_register_framebuffer() Pali Rohár <pali(a)kernel.org> cifs: Fix calling CIFSFindFirst() for root path without msearch Aaron Plattner <aplattner(a)nvidia.com> watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition Mario Limonciello <mario.limonciello(a)amd.com> drm/amd/display: Only finalize atomic_obj if it was initialized Jason Wang <jasowang(a)redhat.com> vhost: fail early when __vhost_add_used() fails Will Deacon <will(a)kernel.org> vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325 Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> drm/ttm: Respect the shrinker core free target Yonghong Song <yonghong.song(a)linux.dev> selftests/bpf: Fix a user_ringbuf failure with arm64 64KB page size Jakub Kicinski <kuba(a)kernel.org> uapi: in6: restore visibility of most IPv6 socket options Emily Deng <Emily.Deng(a)amd.com> drm/ttm: Should to return the evict error Hari Kalavakunta <kalavakunta.hari.prasad(a)gmail.com> net: ncsi: Fix buffer overflow in fetching version id Shannon Nelson <shannon.nelson(a)amd.com> ionic: clean dbpage in de-init Thomas Fourier <fourier.thomas(a)gmail.com> wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() Breno Leitao <leitao(a)debian.org> ptp: Use ratelimite for freerun error message Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: prevent SWITCH_CTRL access on BCM5325 Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: prevent DIS_LEARNING access on BCM5325 Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325 Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: fix b53_imp_vlan_setup for BCM5325 Alok Tiwari <alok.a.tiwari(a)oracle.com> gve: Return error for unknown admin queue command Gal Pressman <gal(a)nvidia.com> net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual Heiner Kallweit <hkallweit1(a)gmail.com> dpaa_eth: don't use fixed_phy_change_carrier Nicolas Escande <nico.escande(a)gmail.com> neighbour: add support for NUD_PERMANENT proxy entries Stanislaw Gruszka <stf_xl(a)wp.pl> wifi: iwlegacy: Check rate_idx range after addition Mina Almasry <almasrymina(a)google.com> netmem: fix skb_frag_address_safe with unreadable skbs Thomas Fourier <fourier.thomas(a)gmail.com> powerpc: floppy: Add missing checks after DMA map Thomas Fourier <fourier.thomas(a)gmail.com> wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`. Ramya Gnanasekar <ramya.gnanasekar(a)oss.qualcomm.com> wifi: mac80211: update radar_required in channel context after channel switch Wen Chen <Wen.Chen3(a)amd.com> drm/amd/display: Fix 'failed to blank crtc!' Pagadala Yesu Anjaneyulu <pagadala.yesu.anjaneyulu(a)intel.com> wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect Rand Deeb <rand.sec96(a)gmail.com> wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() Ilya Bakoulin <Ilya.Bakoulin(a)amd.com> drm/amd/display: Separate set_gsl from set_gsl_source_select Jonas Rebmann <jre(a)pengutronix.de> net: fec: allow disable coalescing Eric Work <work.eric(a)gmail.com> net: atlantic: add set_power to fw_ops for atl2 to fix wol zhangjianrong <zhangjianrong5(a)huawei.com> net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() zhangjianrong <zhangjianrong5(a)huawei.com> net: thunderbolt: Enable end-to-end flow control also in transmit Mark Brown <broonie(a)kernel.org> kselftest/arm64: Specify SVE data when testing VL set in sve-ptrace Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtw89: Disable deep power saving for USB/SDIO Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtw89: Fix rtw89_mac_power_switch() for USB Rob Clark <robdclark(a)chromium.org> drm/msm: use trylock for debugfs Kuniyuki Iwashima <kuniyu(a)google.com> ipv6: mcast: Check inet6_dev->dead under idev->mc_lock in __ipv6_dev_mc_inc(). Thomas Fourier <fourier.thomas(a)gmail.com> (powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer Johannes Berg <johannes.berg(a)intel.com> wifi: mac80211: don't complete management TX on SAE commit Chris Mason <clm(a)fb.com> sched/fair: Bump sd->max_newidle_lb_cost when newidle balance fails Sven Schnelle <svens(a)linux.ibm.com> s390/stp: Remove udelay from stp_sync_clock() Avraham Stern <avraham.stern(a)intel.com> wifi: iwlwifi: mvm: fix scan request validation Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> um: Re-evaluate thread flags repeatedly Alok Tiwari <alok.a.tiwari(a)oracle.com> net: thunderx: Fix format-truncation warning in bgx_acpi_match_id() Oscar Maes <oscmaes92(a)gmail.com> net: ipv4: fix incorrect MTU in broadcast routes Ilan Peer <ilan.peer(a)intel.com> wifi: cfg80211: Fix interface type validation Matt Johnston <matt(a)codeconstruct.com.au> net: mctp: Prevent duplicate binds Paul E. McKenney <paulmck(a)kernel.org> rcu: Protect ->defer_qs_iw_pending from data race Breno Leitao <leitao(a)debian.org> arm64: Mark kernel as tainted on SAE and SError panic Leon Romanovsky <leon(a)kernel.org> net/mlx5e: Properly access RCU protected qdisc_sleeping variable Thomas Fourier <fourier.thomas(a)gmail.com> net: ag71xx: Add missing check after DMA map Thomas Fourier <fourier.thomas(a)gmail.com> et131x: Add missing check after DMA map Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB Alok Tiwari <alok.a.tiwari(a)oracle.com> be2net: Use correct byte order and format string for TCP seq and ack_seq Sven Schnelle <svens(a)linux.ibm.com> s390/time: Use monotonic clock in get_cycles() Johannes Berg <johannes.berg(a)intel.com> wifi: cfg80211: reject HTC bit for management frames Steven Rostedt <rostedt(a)goodmis.org> ktest.pl: Prevent recursion of default variable options Oliver Neukum <oneukum(a)suse.com> net: usb: cdc-ncm: check for filtering capability Anthoine Bourgeois <anthoine.bourgeois(a)vates.tech> xen/netfront: Fix TX response spurious interrupts Xinxin Wan <xinxin.wan(a)intel.com> ASoC: codecs: rt5640: Retry DEVICE_ID verification Jonathan Santos <Jonathan.Santos(a)analog.com> iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros Christophe Leroy <christophe.leroy(a)csgroup.eu> ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop Lucy Thrun <lucy.thrun(a)digital-rabbithole.de> ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control Tomasz Michalec <tmichalec(a)google.com> platform/chrome: cros_ec_typec: Defer probe on missing EC parent Kees Cook <kees(a)kernel.org> platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches Gautham R. Shenoy <gautham.shenoy(a)amd.com> pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() Oliver Neukum <oneukum(a)suse.com> usb: core: usb_submit_urb: downgrade type check Tomasz Michalec <tmichalec(a)google.com> usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present Peter Ujfalusi <peter.ujfalusi(a)linux.intel.com> ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() Alok Tiwari <alok.a.tiwari(a)oracle.com> ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 Mark Brown <broonie(a)kernel.org> ASoC: hdac_hdmi: Rate limit logging on connection and disconnection Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/bugs: Avoid warning when overriding return thunk Takashi Iwai <tiwai(a)suse.de> ALSA: hda: Disable jack polling at shutdown Takashi Iwai <tiwai(a)suse.de> ALSA: hda: Handle the jack polling always via a work Ulf Hansson <ulf.hansson(a)linaro.org> mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() Hans de Goede <hansg(a)kernel.org> mei: bus: Check for still connected devices in mei_cl_bus_dev_release() Peter Robinson <pbrobinson(a)gmail.com> reset: brcmstb: Enable reset drivers for ARCH_BCM2835 Eliav Farber <farbere(a)amazon.com> pps: clients: gpio: fix interrupt handling order in remove path Breno Leitao <leitao(a)debian.org> ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path Sarthak Garg <quic_sartgarg(a)quicinc.com> mmc: sdhci-msm: Ensure SD card power isn't ON when card removed Sebastian Ott <sebott(a)redhat.com> ACPI: processor: fix acpi_object initialization tuhaowen <tuhaowen(a)uniontech.com> PM: sleep: console: Fix the black screen issue Hsin-Te Yuan <yuanhsinte(a)chromium.org> thermal: sysfs: Return ENODATA instead of EAGAIN for reads Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() Zhu Qiyu <qiyuzhu2(a)amd.com> ACPI: PRM: Reduce unnecessary printing to avoid user confusion Masami Hiramatsu (Google) <mhiramat(a)kernel.org> selftests: tracing: Use mutex_unlock for testing glob filter Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> tools/build: Fix s390(x) cross-compilation with clang Aaron Kling <webgeek1234(a)gmail.com> ARM: tegra: Use I/O memcpy to write to IRAM Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpio: tps65912: check the return value of regmap_update_bits() David Lechner <dlechner(a)baylibre.com> iio: adc: ad_sigma_delta: don't overallocate scan buffer Thomas Weißschuh <linux(a)weissschuh.net> tools/nolibc: define time_t in terms of __kernel_old_time_t David Collins <david.collins(a)oss.qualcomm.com> thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed Shubhrajyoti Datta <shubhrajyoti.datta(a)amd.com> EDAC/synopsys: Clear the ECC counters on init Lifeng Zheng <zhenglifeng1(a)huawei.com> PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() Alexander Kochetkov <al.kochet(a)gmail.com> ARM: rockchip: fix kernel hang during smp initialization Lifeng Zheng <zhenglifeng1(a)huawei.com> cpufreq: Exit governor when failed to start old governor Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpio: wcd934x: check the return value of regmap_update_bits() Hiago De Franco <hiago.franco(a)toradex.com> remoteproc: imx_rproc: skip clock enable when M-core is managed by the SCU Mario Limonciello <mario.limonciello(a)amd.com> usb: xhci: Avoid showing errors during surprise removal Jay Chen <shawn2000100(a)gmail.com> usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command Mario Limonciello <mario.limonciello(a)amd.com> usb: xhci: Avoid showing warnings for dying controller Benson Leung <bleung(a)chromium.org> usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default Cynthia Huang <cynthia(a)andestech.com> selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t Prashant Malani <pmalani(a)google.com> cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag Su Hui <suhui(a)nfschina.com> usb: xhci: print xhci->xhc_state when queue_command failed Al Viro <viro(a)zeniv.linux.org.uk> securityfs: don't pin dentries twice, once is enough... Al Viro <viro(a)zeniv.linux.org.uk> fix locking in efi_secret_unlink() Wei Gao <wegao(a)suse.com> ext2: Handle fiemap on empty files to prevent EINVAL Rong Zhang <ulin0208(a)gmail.com> fs/ntfs3: correctly create symlink for relative path Lizhi Xu <lizhi.xu(a)windriver.com> fs/ntfs3: Add sanity check for file name Damien Le Moal <dlemoal(a)kernel.org> ata: libata-sata: Disallow changing LPM state if not supported Al Viro <viro(a)zeniv.linux.org.uk> better lockdep annotations for simple_recursive_removal() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix not erasing deleted b-tree node issue Sarah Newman <srn(a)prgmr.com> drbd: add missing kref_get in handle_write_conflicts Jan Kara <jack(a)suse.cz> udf: Verify partition map count NeilBrown <neil(a)brown.name> smb/server: avoid deadlock when linking with ReplaceIfExists Kees Cook <kees(a)kernel.org> arm64: Handle KCOV __init vs inline mismatches Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix slab-out-of-bounds in hfs_bnode_read() Florian Westphal <fw(a)strlen.de> netfilter: ctnetlink: fix refcount leak on table dump Sabrina Dubroca <sd(a)queasysnail.net> udp: also consider secpath when evaluating ipsec use for checksumming Maxim Levitsky <mlevitsk(a)redhat.com> KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest Maxim Levitsky <mlevitsk(a)redhat.com> KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs Maxim Levitsky <mlevitsk(a)redhat.com> KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter Sean Christopherson <seanjc(a)google.com> KVM: VMX: Extract checking of guest's DEBUGCTL into helper Sean Christopherson <seanjc(a)google.com> KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported Sean Christopherson <seanjc(a)google.com> KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag Sean Christopherson <seanjc(a)google.com> KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap Sean Christopherson <seanjc(a)google.com> KVM: x86: Fully defer to vendor code to decide how to force immediate exit Sean Christopherson <seanjc(a)google.com> KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 Sean Christopherson <seanjc(a)google.com> KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers Sean Christopherson <seanjc(a)google.com> KVM: VMX: Handle forced exit due to preemption timer in fastpath Sean Christopherson <seanjc(a)google.com> KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits Sean Christopherson <seanjc(a)google.com> KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint Sean Christopherson <seanjc(a)google.com> KVM: x86/pmu: Gate all "unimplemented MSR" prints on report_ignored_msrs Sean Christopherson <seanjc(a)google.com> KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs Sean Christopherson <seanjc(a)google.com> KVM: x86: Snapshot the host's DEBUGCTL in common x86 Chao Gao <chao.gao(a)intel.com> KVM: nVMX: Defer SVI update to vmcs01 on EOI when L2 is active w/o VID Sean Christopherson <seanjc(a)google.com> KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() Sean Christopherson <seanjc(a)google.com> KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) Sean Christopherson <seanjc(a)google.com> KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI: processor: perflib: Move problematic pr->performance check Jiayi Li <lijiayi(a)kylinos.cn> ACPI: processor: perflib: Fix initial _PPC limit application Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Documentation: ACPI: Fix parent device references Jann Horn <jannh(a)google.com> eventpoll: Fix semi-unbounded recursion Sasha Levin <sashal(a)kernel.org> fs: Prevent file descriptor table allocations exceeding INT_MAX Ma Ke <make24(a)iscas.ac.cn> sunvdc: Balance device refcount in vdc_port_mpgroup_check Haoran Jiang <jianghaoran(a)kylinos.cn> LoongArch: BPF: Fix jump offset calculation in tailcall Huacai Chen <chenhuacai(a)kernel.org> PCI: Extend isolated function probing to LoongArch Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix the setting of capabilities when automounting a new filesystem Dai Ngo <dai.ngo(a)oracle.com> NFSD: detect mismatch of file handle and delegation stateid in OPEN op Jeff Layton <jlayton(a)kernel.org> nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Xu Yang <xu.yang_2(a)nxp.com> net: usb: asix_devices: add phy_mask for ax88772 mdio bus Johan Hovold <johan(a)kernel.org> net: dpaa: fix device leak when querying time stamp info Johan Hovold <johan(a)kernel.org> net: mtk_eth_soc: fix device leak at probe Johan Hovold <johan(a)kernel.org> net: gianfar: fix device leak when querying time stamp info Florian Larysch <fl(a)n621.de> net: phy: micrel: fix KSZ8081/KSZ8091 cable test Fedor Pchelkin <pchelkin(a)ispras.ru> netlink: avoid infinite retry looping in netlink_unicast() David Thompson <davthompson(a)nvidia.com> gpio: mlxbf2: use platform_get_irq_optional() Harald Mommer <harald.mommer(a)oss.qualcomm.com> gpio: virtio: Fix config space reading. Wang Zhaolong <wangzhaolong(a)huaweicloud.com> smb: client: remove redundant lstrp update in negotiate protocol Steve French <stfrench(a)microsoft.com> smb3: fix for slab out of bounds on mount to ksmbd Christopher Eby <kreed(a)kreed.org> ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks Vasiliy Kovalev <kovalev(a)altlinux.org> ALSA: hda/realtek: Fix headset mic on HONOR BRB-X Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Validate UAC3 cluster segment descriptors Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Validate UAC3 power domain descriptors, too Pavel Begunkov <asml.silence(a)gmail.com> io_uring: don't use int for ABI ------------- Diffstat: .../bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2 +- .../display/sprd/sprd,sharkl3-dsi-host.yaml | 2 +- Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 +- Documentation/networking/bonding.rst | 12 ++ Documentation/networking/mptcp-sysctl.rst | 2 + Makefile | 6 +- arch/arm/Makefile | 2 +- arch/arm/mach-rockchip/platsmp.c | 15 +- arch/arm/mach-tegra/reset.c | 2 +- arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1 - arch/arm64/include/asm/acpi.h | 2 +- arch/arm64/kernel/cpufeature.c | 1 + arch/arm64/kernel/entry.S | 6 + arch/arm64/kernel/fpsimd.c | 4 +- arch/arm64/kernel/traps.c | 1 + arch/arm64/mm/fault.c | 1 + arch/arm64/mm/ptdump_debugfs.c | 3 - arch/loongarch/net/bpf_jit.c | 21 +- arch/m68k/kernel/head.S | 31 ++- arch/mips/crypto/chacha-core.S | 20 +- arch/mips/include/asm/vpe.h | 8 + arch/mips/kernel/process.c | 16 +- arch/mips/lantiq/falcon/sysctrl.c | 23 +-- arch/parisc/Makefile | 6 +- arch/parisc/include/asm/special_insns.h | 28 +++ arch/parisc/include/asm/uaccess.h | 21 +- arch/parisc/kernel/entry.S | 17 +- arch/parisc/kernel/syscall.S | 30 ++- arch/parisc/lib/memcpy.c | 19 +- arch/parisc/mm/fault.c | 4 + arch/powerpc/include/asm/floppy.h | 5 +- arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 +- arch/s390/hypfs/hypfs_dbfs.c | 19 +- arch/s390/include/asm/timex.h | 13 +- arch/s390/kernel/time.c | 2 +- arch/s390/mm/dump_pagetables.c | 2 - arch/um/include/asm/thread_info.h | 4 + arch/um/kernel/process.c | 18 +- arch/x86/events/intel/core.c | 2 +- arch/x86/include/asm/kvm-x86-ops.h | 2 - arch/x86/include/asm/kvm_host.h | 24 ++- arch/x86/include/asm/msr-index.h | 1 + arch/x86/include/asm/reboot.h | 5 +- arch/x86/include/asm/virtext.h | 10 - arch/x86/include/asm/xen/hypercall.h | 5 +- arch/x86/kernel/cpu/bugs.c | 5 +- arch/x86/kernel/cpu/hygon.c | 3 + arch/x86/kernel/cpu/mce/amd.c | 13 +- arch/x86/kernel/reboot.c | 43 ++-- arch/x86/kvm/hyperv.c | 10 +- arch/x86/kvm/lapic.c | 61 ++++-- arch/x86/kvm/lapic.h | 1 + arch/x86/kvm/svm/svm.c | 49 +++-- arch/x86/kvm/svm/vmenter.S | 9 +- arch/x86/kvm/trace.h | 9 +- arch/x86/kvm/vmx/nested.c | 26 ++- arch/x86/kvm/vmx/pmu_intel.c | 8 +- arch/x86/kvm/vmx/vmx.c | 183 +++++++++++------ arch/x86/kvm/vmx/vmx.h | 31 ++- arch/x86/kvm/x86.c | 65 +++--- arch/x86/kvm/x86.h | 12 ++ block/blk-core.c | 26 ++- block/blk-settings.c | 2 +- drivers/acpi/acpi_processor.c | 2 +- drivers/acpi/apei/ghes.c | 2 + drivers/acpi/pfr_update.c | 2 +- drivers/acpi/prmt.c | 26 ++- drivers/acpi/processor_perflib.c | 11 + drivers/ata/Kconfig | 35 +++- drivers/ata/libata-sata.c | 5 + drivers/ata/libata-scsi.c | 20 +- drivers/base/power/runtime.c | 5 + drivers/block/drbd/drbd_receiver.c | 6 +- drivers/block/sunvdc.c | 4 +- drivers/bus/mhi/host/boot.c | 8 +- drivers/bus/mhi/host/internal.h | 4 +- drivers/bus/mhi/host/main.c | 12 +- drivers/char/ipmi/ipmi_msghandler.c | 8 +- drivers/char/ipmi/ipmi_watchdog.c | 59 ++++-- drivers/comedi/comedi_fops.c | 38 +++- drivers/comedi/comedi_internal.h | 1 + drivers/comedi/drivers.c | 40 ++-- drivers/comedi/drivers/pcl726.c | 3 +- drivers/cpufreq/armada-8k-cpufreq.c | 2 +- drivers/cpufreq/cppc_cpufreq.c | 2 +- drivers/cpufreq/cpufreq.c | 8 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 8 +- .../crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 16 +- drivers/crypto/qat/qat_4xxx/adf_4xxx_hw_data.c | 13 ++ drivers/crypto/qat/qat_common/adf_accel_devices.h | 1 + drivers/crypto/qat/qat_common/adf_gen4_hw_data.h | 6 + drivers/crypto/qat/qat_common/adf_init.c | 3 + drivers/devfreq/governor_userspace.c | 6 +- drivers/dma/stm32-dma.c | 2 +- drivers/edac/synopsys_edac.c | 93 ++++----- drivers/fpga/zynq-fpga.c | 10 +- drivers/gpio/gpio-mlxbf2.c | 2 +- drivers/gpio/gpio-tps65912.c | 7 +- drivers/gpio/gpio-virtio.c | 9 +- drivers/gpio/gpio-wcd934x.c | 7 +- drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6 +- drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 +++--- drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 6 +- .../gpu/drm/amd/display/dc/bios/command_table.c | 2 +- drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1 - .../amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2 - .../amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 ++-- .../amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 +-- drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11 +- .../gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 + drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6 + drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 37 ++-- drivers/gpu/drm/display/drm_dp_helper.c | 2 +- drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4 +- drivers/gpu/drm/msm/msm_gem.c | 3 +- drivers/gpu/drm/msm/msm_gem.h | 6 + drivers/gpu/drm/scheduler/sched_entity.c | 21 +- drivers/gpu/drm/ttm/ttm_pool.c | 8 +- drivers/gpu/drm/ttm/ttm_resource.c | 3 + drivers/hid/hid-apple.c | 13 +- drivers/hid/hid-magicmouse.c | 56 ++++-- drivers/hwmon/emc2305.c | 10 +- drivers/hwmon/gsc-hwmon.c | 4 +- drivers/i2c/i2c-core-acpi.c | 1 + drivers/i3c/internals.h | 1 + drivers/i3c/master.c | 4 +- drivers/iio/adc/ad7768-1.c | 23 ++- drivers/iio/adc/ad_sigma_delta.c | 6 +- drivers/iio/imu/bno055/bno055.c | 11 +- drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 6 +- drivers/iio/light/as73211.c | 2 +- drivers/iio/light/hid-sensor-prox.c | 8 +- drivers/iio/pressure/bmp280-core.c | 9 +- drivers/iio/proximity/isl29501.c | 14 +- drivers/iio/temperature/maxim_thermocouple.c | 26 ++- drivers/infiniband/core/nldev.c | 22 +- drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 + drivers/infiniband/hw/erdma/erdma_verbs.c | 4 +- drivers/infiniband/hw/hfi1/affinity.c | 44 ++-- drivers/iommu/amd/init.c | 4 +- drivers/leds/leds-lp50xx.c | 11 +- drivers/md/dm-ps-historical-service-time.c | 4 +- drivers/md/dm-ps-queue-length.c | 4 +- drivers/md/dm-ps-round-robin.c | 4 +- drivers/md/dm-ps-service-time.c | 4 +- drivers/md/dm-table.c | 10 +- drivers/md/dm-zoned-target.c | 2 +- drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 +- drivers/media/dvb-frontends/dib7000p.c | 8 + drivers/media/i2c/hi556.c | 26 +-- drivers/media/i2c/ov2659.c | 3 +- drivers/media/i2c/tc358743.c | 86 +++++--- drivers/media/platform/qcom/camss/camss.c | 4 +- drivers/media/platform/qcom/venus/core.c | 8 +- drivers/media/platform/qcom/venus/core.h | 2 + drivers/media/platform/qcom/venus/helpers.c | 2 +- drivers/media/platform/qcom/venus/hfi_helper.h | 61 +++++- drivers/media/platform/qcom/venus/hfi_msgs.c | 85 +++++--- drivers/media/platform/qcom/venus/hfi_venus.c | 5 + drivers/media/platform/qcom/venus/vdec.c | 13 +- drivers/media/platform/qcom/venus/vdec_ctrls.c | 2 +- drivers/media/platform/qcom/venus/venc.c | 9 +- drivers/media/platform/qcom/venus/venc_ctrls.c | 2 +- drivers/media/test-drivers/vivid/vivid-ctrls.c | 3 +- drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4 +- drivers/media/usb/gspca/vicam.c | 10 +- drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 + drivers/media/usb/usbtv/usbtv-video.c | 4 + drivers/media/usb/uvc/uvc_driver.c | 3 + drivers/media/usb/uvc/uvc_video.c | 21 +- drivers/media/v4l2-core/v4l2-common.c | 8 +- drivers/media/v4l2-core/v4l2-ctrls-core.c | 1 - drivers/memstick/core/memstick.c | 1 - drivers/memstick/host/rtsx_usb_ms.c | 1 + drivers/misc/cardreader/rtsx_usb.c | 16 +- drivers/misc/mei/bus.c | 6 + drivers/mmc/host/rtsx_usb_sdmmc.c | 4 +- drivers/mmc/host/sdhci-msm.c | 14 ++ drivers/mmc/host/sdhci-pci-gli.c | 33 +-- drivers/most/core.c | 2 +- drivers/mtd/nand/raw/fsmc_nand.c | 2 + drivers/mtd/nand/raw/renesas-nand-controller.c | 6 + drivers/mtd/nand/spi/core.c | 5 +- drivers/mtd/spi-nor/swp.c | 19 +- drivers/net/bonding/bond_3ad.c | 224 ++++++++++++++++++--- drivers/net/bonding/bond_main.c | 1 + drivers/net/bonding/bond_netlink.c | 16 ++ drivers/net/bonding/bond_options.c | 29 ++- drivers/net/dsa/b53/b53_common.c | 63 ++++-- drivers/net/dsa/b53/b53_regs.h | 2 + drivers/net/dummy.c | 1 + drivers/net/ethernet/agere/et131x.c | 36 ++++ drivers/net/ethernet/aquantia/atlantic/aq_hw.h | 2 + .../aquantia/atlantic/hw_atl2/hw_atl2_utils_fw.c | 39 ++++ drivers/net/ethernet/atheros/ag71xx.c | 9 + drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 +- drivers/net/ethernet/emulex/benet/be_main.c | 8 +- drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 2 - drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 +- drivers/net/ethernet/freescale/enetc/enetc_pf.c | 14 +- drivers/net/ethernet/freescale/fec_main.c | 34 ++-- drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 +- drivers/net/ethernet/google/gve/gve_adminq.c | 1 + drivers/net/ethernet/google/gve/gve_main.c | 2 + drivers/net/ethernet/intel/igc/igc_main.c | 14 +- drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 +- drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2 + drivers/net/ethernet/mediatek/mtk_wed.c | 1 - drivers/net/ethernet/mellanox/mlx5/core/en/qos.c | 2 +- drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 + drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 + drivers/net/ethernet/pensando/ionic/ionic_lif.c | 7 +- drivers/net/geneve.c | 1 + drivers/net/hyperv/hyperv_net.h | 3 + drivers/net/hyperv/netvsc_drv.c | 29 ++- drivers/net/loopback.c | 1 + drivers/net/phy/micrel.c | 2 + drivers/net/phy/mscc/mscc.h | 12 ++ drivers/net/phy/mscc/mscc_main.c | 12 ++ drivers/net/phy/mscc/mscc_ptp.c | 49 +++-- drivers/net/phy/smsc.c | 1 + drivers/net/ppp/ppp_generic.c | 17 +- drivers/net/thunderbolt.c | 21 +- drivers/net/usb/asix_devices.c | 1 + drivers/net/usb/cdc_ncm.c | 20 +- drivers/net/veth.c | 1 + drivers/net/vxlan/vxlan_core.c | 1 + drivers/net/wireless/ath/ath11k/ce.c | 3 - drivers/net/wireless/ath/ath11k/dp_rx.c | 3 - drivers/net/wireless/ath/ath11k/hal.c | 33 ++- .../broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 +- drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 +- drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 +- drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 +- drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 +- drivers/net/wireless/realtek/rtlwifi/pci.c | 23 ++- drivers/net/wireless/realtek/rtw89/core.c | 3 + drivers/net/wireless/realtek/rtw89/fw.c | 9 +- drivers/net/wireless/realtek/rtw89/fw.h | 2 + drivers/net/wireless/realtek/rtw89/mac.c | 19 ++ drivers/net/wireless/realtek/rtw89/reg.h | 1 + drivers/net/xen-netfront.c | 5 - drivers/pci/controller/pcie-rockchip-host.c | 49 +++-- drivers/pci/controller/pcie-rockchip.h | 11 +- drivers/pci/endpoint/pci-ep-cfs.c | 1 + drivers/pci/endpoint/pci-epf-core.c | 2 +- drivers/pci/pci-acpi.c | 4 +- drivers/pci/pci.c | 8 +- drivers/pci/probe.c | 2 +- drivers/pinctrl/stm32/pinctrl-stm32.c | 1 + drivers/platform/chrome/cros_ec.c | 19 +- drivers/platform/chrome/cros_ec_typec.c | 4 +- drivers/platform/x86/thinkpad_acpi.c | 4 +- drivers/pps/clients/pps-gpio.c | 5 +- drivers/ptp/ptp_clock.c | 2 +- drivers/pwm/pwm-imx-tpm.c | 9 + drivers/pwm/pwm-mediatek.c | 71 +++---- drivers/remoteproc/imx_rproc.c | 4 +- drivers/reset/Kconfig | 10 +- drivers/rtc/rtc-ds1307.c | 15 +- drivers/s390/char/sclp.c | 11 +- drivers/scsi/aacraid/comminit.c | 3 +- drivers/scsi/bfa/bfad_im.c | 1 + drivers/scsi/libiscsi.c | 3 +- drivers/scsi/lpfc/lpfc_debugfs.c | 1 - drivers/scsi/lpfc/lpfc_scsi.c | 4 + drivers/scsi/mpi3mr/mpi3mr.h | 6 +- drivers/scsi/mpi3mr/mpi3mr_fw.c | 17 +- drivers/scsi/mpi3mr/mpi3mr_os.c | 22 +- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19 ++ drivers/scsi/qla4xxx/ql4_os.c | 2 + drivers/scsi/scsi_scan.c | 2 +- drivers/scsi/scsi_transport_sas.c | 62 ++++-- drivers/soc/qcom/mdt_loader.c | 68 ++++++- drivers/soc/tegra/pmc.c | 51 +++-- drivers/staging/media/imx/imx-media-csc-scaler.c | 2 +- drivers/target/target_core_fabric_lib.c | 65 ++++-- drivers/target/target_core_internal.h | 4 +- drivers/target/target_core_pr.c | 18 +- drivers/thermal/qcom/qcom-spmi-temp-alarm.c | 43 +++- drivers/thermal/thermal_sysfs.c | 9 +- drivers/thunderbolt/domain.c | 2 +- drivers/tty/serial/8250/8250_port.c | 3 +- drivers/tty/vt/defkeymap.c_shipped | 112 +++++++++++ drivers/tty/vt/keyboard.c | 2 +- drivers/ufs/host/ufs-exynos.c | 4 +- drivers/ufs/host/ufshcd-pci.c | 42 +++- drivers/usb/atm/cxacru.c | 172 ++++++++-------- drivers/usb/class/cdc-acm.c | 11 +- drivers/usb/core/config.c | 10 +- drivers/usb/core/hcd.c | 8 +- drivers/usb/core/quirks.c | 1 + drivers/usb/core/urb.c | 2 +- drivers/usb/dwc3/dwc3-imx8mp.c | 6 +- drivers/usb/dwc3/dwc3-meson-g12a.c | 3 + drivers/usb/dwc3/ep0.c | 20 +- drivers/usb/dwc3/gadget.c | 19 +- drivers/usb/gadget/udc/renesas_usb3.c | 1 + drivers/usb/host/xhci-mem.c | 2 + drivers/usb/host/xhci-pci-renesas.c | 7 +- drivers/usb/host/xhci-ring.c | 10 +- drivers/usb/host/xhci.c | 6 +- drivers/usb/musb/omap2430.c | 20 +- drivers/usb/storage/realtek_cr.c | 2 +- drivers/usb/storage/unusual_devs.h | 29 +++ drivers/usb/typec/mux/intel_pmc_mux.c | 2 +- drivers/usb/typec/tcpm/fusb302.c | 8 + drivers/usb/typec/ucsi/psy.c | 2 +- drivers/usb/typec/ucsi/ucsi.c | 1 + drivers/usb/typec/ucsi/ucsi.h | 7 +- drivers/vfio/pci/mlx5/cmd.c | 4 +- drivers/vfio/vfio_iommu_type1.c | 7 + drivers/vhost/vhost.c | 3 + drivers/vhost/vsock.c | 6 +- drivers/video/console/vgacon.c | 2 +- drivers/video/fbdev/core/fbcon.c | 9 +- drivers/video/fbdev/core/fbmem.c | 3 + drivers/virt/coco/efi_secret/efi_secret.c | 10 +- drivers/watchdog/dw_wdt.c | 2 + drivers/watchdog/iTCO_wdt.c | 6 +- drivers/watchdog/sbsa_gwdt.c | 50 ++++- fs/btrfs/block-group.c | 27 ++- fs/btrfs/ctree.c | 9 +- fs/btrfs/ordered-data.c | 12 +- fs/btrfs/qgroup.c | 31 ++- fs/btrfs/relocation.c | 19 ++ fs/btrfs/send.c | 39 ++++ fs/btrfs/tree-log.c | 60 ++++-- fs/btrfs/zoned.c | 3 +- fs/buffer.c | 2 +- fs/crypto/fscrypt_private.h | 17 ++ fs/crypto/hkdf.c | 2 +- fs/crypto/keysetup.c | 3 +- fs/crypto/keysetup_v1.c | 3 +- fs/eventpoll.c | 60 ++++-- fs/ext2/inode.c | 12 +- fs/ext4/fsmap.c | 23 ++- fs/ext4/indirect.c | 4 +- fs/ext4/inline.c | 19 +- fs/ext4/inode.c | 2 +- fs/ext4/mballoc.c | 69 +++---- fs/ext4/orphan.c | 5 +- fs/ext4/super.c | 8 +- fs/f2fs/data.c | 2 + fs/f2fs/f2fs.h | 1 - fs/f2fs/inode.c | 7 + fs/f2fs/node.c | 10 + fs/file.c | 15 ++ fs/hfs/bnode.c | 93 +++++++++ fs/hfsplus/bnode.c | 92 +++++++++ fs/hfsplus/unicode.c | 7 + fs/hfsplus/xattr.c | 6 +- fs/hugetlbfs/inode.c | 2 +- fs/jbd2/checkpoint.c | 1 + fs/jfs/file.c | 3 + fs/jfs/inode.c | 2 +- fs/jfs/jfs_dmap.c | 6 + fs/libfs.c | 4 +- fs/namespace.c | 34 ++-- fs/nfs/blocklayout/blocklayout.c | 4 +- fs/nfs/blocklayout/dev.c | 5 +- fs/nfs/blocklayout/extent_tree.c | 20 +- fs/nfs/client.c | 44 +++- fs/nfs/internal.h | 2 +- fs/nfs/nfs4client.c | 20 +- fs/nfs/nfs4proc.c | 2 +- fs/nfs/pnfs.c | 11 +- fs/nfsd/nfs4state.c | 34 +++- fs/ntfs3/dir.c | 3 + fs/ntfs3/inode.c | 31 +-- fs/orangefs/orangefs-debugfs.c | 2 +- fs/smb/client/cifssmb.c | 10 + fs/smb/client/connect.c | 1 - fs/smb/client/sess.c | 9 + fs/smb/client/smb2ops.c | 11 +- fs/smb/server/connection.c | 3 +- fs/smb/server/connection.h | 7 +- fs/smb/server/smb2pdu.c | 16 +- fs/smb/server/transport_rdma.c | 5 +- fs/smb/server/transport_rdma.h | 4 +- fs/smb/server/transport_tcp.c | 26 ++- fs/squashfs/super.c | 14 +- fs/udf/super.c | 13 +- fs/xfs/xfs_itable.c | 6 +- include/linux/blk_types.h | 6 +- include/linux/compiler.h | 8 - include/linux/fs.h | 4 +- include/linux/hypervisor.h | 3 + include/linux/if_vlan.h | 6 +- include/linux/iosys-map.h | 7 +- include/linux/memfd.h | 14 ++ include/linux/mm.h | 76 +++++-- include/linux/pci.h | 10 +- include/linux/platform_data/cros_ec_proto.h | 4 + include/linux/skbuff.h | 8 +- include/linux/usb/cdc_ncm.h | 1 + include/linux/virtio_vsock.h | 7 +- include/net/bond_3ad.h | 3 + include/net/bond_options.h | 1 + include/net/bonding.h | 23 +++ include/net/cfg80211.h | 2 +- include/net/mac80211.h | 2 + include/net/neighbour.h | 1 + include/sound/soc-dai.h | 13 ++ include/uapi/linux/if_link.h | 1 + include/uapi/linux/in6.h | 4 +- include/uapi/linux/io_uring.h | 2 +- include/uapi/linux/pfrut.h | 1 + kernel/cgroup/cpuset.c | 2 +- kernel/fork.c | 2 +- kernel/module/main.c | 10 +- kernel/power/console.c | 7 +- kernel/rcu/tree_plugin.h | 3 + kernel/sched/fair.c | 19 +- kernel/trace/ftrace.c | 19 +- kernel/trace/trace.c | 33 ++- kernel/trace/trace.h | 8 +- mm/debug_vm_pgtable.c | 9 +- mm/filemap.c | 2 +- mm/kmemleak.c | 10 +- mm/madvise.c | 2 +- mm/memfd.c | 2 +- mm/memory-failure.c | 8 + mm/mmap.c | 12 +- mm/ptdump.c | 2 + mm/shmem.c | 2 +- net/bluetooth/hci_conn.c | 3 +- net/bluetooth/hci_sync.c | 43 ++-- net/bridge/br_multicast.c | 16 ++ net/bridge/br_private.h | 2 + net/core/dev.c | 12 ++ net/core/neighbour.c | 12 +- net/hsr/hsr_slave.c | 8 +- net/ipv4/ip_tunnel.c | 1 + net/ipv4/netfilter/nf_reject_ipv4.c | 6 +- net/ipv4/route.c | 1 - net/ipv4/udp_offload.c | 2 +- net/ipv6/addrconf.c | 7 +- net/ipv6/ip6_gre.c | 2 + net/ipv6/ip6_tunnel.c | 1 + net/ipv6/ip6_vti.c | 1 + net/ipv6/mcast.c | 11 +- net/ipv6/netfilter/nf_reject_ipv6.c | 5 +- net/ipv6/seg6_hmac.c | 6 +- net/ipv6/sit.c | 1 + net/mac80211/cfg.c | 12 +- net/mac80211/chan.c | 1 + net/mac80211/mlme.c | 9 +- net/mac80211/sta_info.c | 5 +- net/mctp/af_mctp.c | 28 ++- net/mptcp/options.c | 9 +- net/mptcp/pm.c | 8 +- net/mptcp/pm_netlink.c | 19 +- net/mptcp/protocol.c | 55 ++++- net/mptcp/protocol.h | 27 ++- net/mptcp/subflow.c | 30 ++- net/ncsi/internal.h | 2 +- net/ncsi/ncsi-rsp.c | 1 + net/netfilter/nf_conntrack_netlink.c | 24 ++- net/netlink/af_netlink.c | 2 +- net/sched/sch_cake.c | 14 +- net/sched/sch_ets.c | 36 ++-- net/sched/sch_htb.c | 2 +- net/tls/tls_sw.c | 16 +- net/vmw_vsock/virtio_transport.c | 14 +- net/wireless/mlme.c | 3 +- scripts/kconfig/gconf.c | 8 +- scripts/kconfig/lxdialog/inputbox.c | 6 +- scripts/kconfig/lxdialog/menubox.c | 2 +- scripts/kconfig/nconf.c | 2 + scripts/kconfig/nconf.gui.c | 1 + security/apparmor/include/lib.h | 6 +- security/inode.c | 2 - sound/core/pcm_native.c | 19 +- sound/pci/hda/hda_codec.c | 44 ++-- sound/pci/hda/patch_ca0132.c | 2 +- sound/pci/hda/patch_realtek.c | 4 + sound/pci/intel8x0.c | 2 +- sound/soc/codecs/hdac_hdmi.c | 10 +- sound/soc/codecs/rt5640.c | 5 + sound/soc/fsl/fsl_asrc.c | 16 +- sound/soc/fsl/fsl_aud2htx.c | 10 +- sound/soc/fsl/fsl_easrc.c | 16 +- sound/soc/fsl/fsl_esai.c | 20 +- sound/soc/fsl/fsl_micfil.c | 14 +- sound/soc/fsl/fsl_sai.c | 44 ++-- sound/soc/fsl/fsl_spdif.c | 17 +- sound/soc/fsl/fsl_ssi.c | 3 +- sound/soc/fsl/fsl_xcvr.c | 16 +- sound/soc/generic/audio-graph-card.c | 2 +- sound/soc/intel/avs/core.c | 3 +- sound/soc/soc-core.c | 28 +++ sound/soc/soc-dai.c | 43 ++-- sound/soc/soc-dapm.c | 4 + sound/usb/mixer_quirks.c | 14 +- sound/usb/stream.c | 25 ++- sound/usb/validate.c | 14 +- tools/include/nolibc/std.h | 4 +- tools/include/nolibc/types.h | 4 +- tools/include/uapi/linux/if_link.h | 1 + .../cpupower/utils/idle_monitor/mperf_monitor.c | 4 +- tools/scripts/Makefile.include | 4 +- tools/testing/ktest/ktest.pl | 5 +- tools/testing/selftests/arm64/fp/sve-ptrace.c | 3 +- .../selftests/bpf/prog_tests/user_ringbuf.c | 10 +- .../ftrace/test.d/ftrace/func-filter-glob.tc | 2 +- tools/testing/selftests/futex/include/futextest.h | 11 + tools/testing/selftests/memfd/memfd_test.c | 43 ++++ tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 + 511 files changed, 4945 insertions(+), 1976 deletions(-)

2 weeks, 3 days

10
491
0 0

[PATCH rtw v2 1/4] wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()

by Fedor Pchelkin

There is a bug observed when rtw89_core_tx_kick_off_and_wait() tries to access already freed skb_data: BUG: KFENCE: use-after-free write in rtw89_core_tx_kick_off_and_wait drivers/net/wireless/realtek/rtw89/core.c:1110 CPU: 6 UID: 0 PID: 41377 Comm: kworker/u64:24 Not tainted 6.17.0-rc1+ #1 PREEMPT(lazy) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS edk2-20250523-14.fc42 05/23/2025 Workqueue: events_unbound cfg80211_wiphy_work [cfg80211] Use-after-free write at 0x0000000020309d9d (in kfence-#251): rtw89_core_tx_kick_off_and_wait drivers/net/wireless/realtek/rtw89/core.c:1110 rtw89_core_scan_complete drivers/net/wireless/realtek/rtw89/core.c:5338 rtw89_hw_scan_complete_cb drivers/net/wireless/realtek/rtw89/fw.c:7979 rtw89_chanctx_proceed_cb drivers/net/wireless/realtek/rtw89/chan.c:3165 rtw89_chanctx_proceed drivers/net/wireless/realtek/rtw89/chan.h:141 rtw89_hw_scan_complete drivers/net/wireless/realtek/rtw89/fw.c:8012 rtw89_mac_c2h_scanofld_rsp drivers/net/wireless/realtek/rtw89/mac.c:5059 rtw89_fw_c2h_work drivers/net/wireless/realtek/rtw89/fw.c:6758 process_one_work kernel/workqueue.c:3241 worker_thread kernel/workqueue.c:3400 kthread kernel/kthread.c:463 ret_from_fork arch/x86/kernel/process.c:154 ret_from_fork_asm arch/x86/entry/entry_64.S:258 kfence-#251: 0x0000000056e2393d-0x000000009943cb62, size=232, cache=skbuff_head_cache allocated by task 41377 on cpu 6 at 77869.159548s (0.009551s ago): __alloc_skb net/core/skbuff.c:659 __netdev_alloc_skb net/core/skbuff.c:734 ieee80211_nullfunc_get net/mac80211/tx.c:5844 rtw89_core_send_nullfunc drivers/net/wireless/realtek/rtw89/core.c:3431 rtw89_core_scan_complete drivers/net/wireless/realtek/rtw89/core.c:5338 rtw89_hw_scan_complete_cb drivers/net/wireless/realtek/rtw89/fw.c:7979 rtw89_chanctx_proceed_cb drivers/net/wireless/realtek/rtw89/chan.c:3165 rtw89_chanctx_proceed drivers/net/wireless/realtek/rtw89/chan.c:3194 rtw89_hw_scan_complete drivers/net/wireless/realtek/rtw89/fw.c:8012 rtw89_mac_c2h_scanofld_rsp drivers/net/wireless/realtek/rtw89/mac.c:5059 rtw89_fw_c2h_work drivers/net/wireless/realtek/rtw89/fw.c:6758 process_one_work kernel/workqueue.c:3241 worker_thread kernel/workqueue.c:3400 kthread kernel/kthread.c:463 ret_from_fork arch/x86/kernel/process.c:154 ret_from_fork_asm arch/x86/entry/entry_64.S:258 freed by task 1045 on cpu 9 at 77869.168393s (0.001557s ago): ieee80211_tx_status_skb net/mac80211/status.c:1117 rtw89_pci_release_txwd_skb drivers/net/wireless/realtek/rtw89/pci.c:564 rtw89_pci_release_tx_skbs.isra.0 drivers/net/wireless/realtek/rtw89/pci.c:651 rtw89_pci_release_tx drivers/net/wireless/realtek/rtw89/pci.c:676 rtw89_pci_napi_poll drivers/net/wireless/realtek/rtw89/pci.c:4238 __napi_poll net/core/dev.c:7495 net_rx_action net/core/dev.c:7557 net/core/dev.c:7684 handle_softirqs kernel/softirq.c:580 do_softirq.part.0 kernel/softirq.c:480 __local_bh_enable_ip kernel/softirq.c:407 rtw89_pci_interrupt_threadfn drivers/net/wireless/realtek/rtw89/pci.c:927 irq_thread_fn kernel/irq/manage.c:1133 irq_thread kernel/irq/manage.c:1257 kthread kernel/kthread.c:463 ret_from_fork arch/x86/kernel/process.c:154 ret_from_fork_asm arch/x86/entry/entry_64.S:258 It is a consequence of a race between the waiting and the signaling side of the completion: Waiting thread Completing thread rtw89_core_tx_kick_off_and_wait() rcu_assign_pointer(skb_data->wait, wait) /* start waiting */ wait_for_completion_timeout() rtw89_pci_tx_status() rtw89_core_tx_wait_complete() rcu_read_lock() /* signals completion and * proceeds further */ complete(&wait->completion) rcu_read_unlock() ... /* frees skb_data */ ieee80211_tx_status_ni() /* returns (exit status doesn't matter) */ wait_for_completion_timeout() ... /* accesses the already freed skb_data */ rcu_assign_pointer(skb_data->wait, NULL) The completing side might proceed and free the underlying skb even before the waiting side is fully awoken and run to execution. Actually the race happens regardless of wait_for_completion_timeout() exit status, e.g. the waiting side may hit a timeout and the concurrent completing side is still able to free the skb. Skbs which are sent by rtw89_core_tx_kick_off_and_wait() are owned by the driver. They don't come from core ieee80211 stack so no need to pass them to ieee80211_tx_status_ni() on completing side. Introduce a work function which will act as a garbage collector for rtw89_tx_wait_info objects and the associated skbs. Thus no potentially heavy locks are required on the completing side. Found by Linux Verification Center (linuxtesting.org). Fixes: 1ae5ca615285 ("wifi: rtw89: add function to wait for completion of TX skbs") Cc: stable(a)vger.kernel.org Suggested-by: Zong-Zhe Yang <kevin_yang(a)realtek.com> Signed-off-by: Fedor Pchelkin <pchelkin(a)ispras.ru> --- v2: use a work function to manage release of tx_waits and associated skbs (Zong-Zhe) The interesting part is how rtw89_tx_wait_work() should wait for completion - based on timeout or without it, or just check status with a call to completion_done(). Simply waiting with wait_for_completion() may become a bottleneck if for any reason the completion is delayed significantly, and we are holding a wiphy lock here. I _suspect_ rtw89_pci_tx_status() should be called either by napi polling handler or in other cases e.g. by rtw89_hci_reset() but it's hard to deduce for any possible scenario that it will be called in some time. Anyway, the current and the next patch try to make sure that when rtw89_core_tx_wait_complete() is called, skbdata->wait is properly initialized so that there should be no buggy situations when tx_wait skb is not recognized and invalidly passed to ieee80211 stack, also without signaling a completion. If rtw89_core_tx_wait_complete() is not called at all, this should indicate a bug elsewhere. drivers/net/wireless/realtek/rtw89/core.c | 42 +++++++++++++++++++---- drivers/net/wireless/realtek/rtw89/core.h | 22 +++++++----- drivers/net/wireless/realtek/rtw89/pci.c | 9 ++--- 3 files changed, 54 insertions(+), 19 deletions(-) diff --git a/drivers/net/wireless/realtek/rtw89/core.c b/drivers/net/wireless/realtek/rtw89/core.c index 57590f5577a3..48aa02d6abd4 100644 --- a/drivers/net/wireless/realtek/rtw89/core.c +++ b/drivers/net/wireless/realtek/rtw89/core.c @@ -1073,6 +1073,26 @@ rtw89_core_tx_update_desc_info(struct rtw89_dev *rtwdev, } } +static void rtw89_tx_wait_work(struct wiphy *wiphy, struct wiphy_work *work) +{ + struct rtw89_dev *rtwdev = container_of(work, struct rtw89_dev, + tx_wait_work); + struct rtw89_tx_wait_info *wait, *tmp; + + lockdep_assert_wiphy(wiphy); + + list_for_each_entry_safe(wait, tmp, &rtwdev->tx_waits, list) { + if (!wait->finished) { + unsigned long tmo = msecs_to_jiffies(wait->timeout); + if (!wait_for_completion_timeout(&wait->completion, tmo)) + continue; + } + list_del(&wait->list); + dev_kfree_skb_any(wait->skb); + kfree(wait); + } +} + void rtw89_core_tx_kick_off(struct rtw89_dev *rtwdev, u8 qsel) { u8 ch_dma; @@ -1090,6 +1110,8 @@ int rtw89_core_tx_kick_off_and_wait(struct rtw89_dev *rtwdev, struct sk_buff *sk unsigned long time_left; int ret = 0; + lockdep_assert_wiphy(rtwdev->hw->wiphy); + wait = kzalloc(sizeof(*wait), GFP_KERNEL); if (!wait) { rtw89_core_tx_kick_off(rtwdev, qsel); @@ -1097,18 +1119,23 @@ int rtw89_core_tx_kick_off_and_wait(struct rtw89_dev *rtwdev, struct sk_buff *sk } init_completion(&wait->completion); - rcu_assign_pointer(skb_data->wait, wait); + skb_data->wait = wait; rtw89_core_tx_kick_off(rtwdev, qsel); time_left = wait_for_completion_timeout(&wait->completion, msecs_to_jiffies(timeout)); - if (time_left == 0) + if (time_left == 0) { ret = -ETIMEDOUT; - else if (!wait->tx_done) - ret = -EAGAIN; + } else { + wait->finished = true; + if (!wait->tx_done) + ret = -EAGAIN; + } - rcu_assign_pointer(skb_data->wait, NULL); - kfree_rcu(wait, rcu_head); + wait->skb = skb; + wait->timeout = timeout; + list_add_tail(&wait->list, &rtwdev->tx_waits); + wiphy_work_queue(rtwdev->hw->wiphy, &rtwdev->tx_wait_work); return ret; } @@ -4972,6 +4999,7 @@ void rtw89_core_stop(struct rtw89_dev *rtwdev) clear_bit(RTW89_FLAG_RUNNING, rtwdev->flags); wiphy_work_cancel(wiphy, &rtwdev->c2h_work); + wiphy_work_cancel(wiphy, &rtwdev->tx_wait_work); wiphy_work_cancel(wiphy, &rtwdev->cancel_6ghz_probe_work); wiphy_work_cancel(wiphy, &btc->eapol_notify_work); wiphy_work_cancel(wiphy, &btc->arp_notify_work); @@ -5203,6 +5231,7 @@ int rtw89_core_init(struct rtw89_dev *rtwdev) INIT_LIST_HEAD(&rtwdev->scan_info.pkt_list[band]); } INIT_LIST_HEAD(&rtwdev->scan_info.chan_list); + INIT_LIST_HEAD(&rtwdev->tx_waits); INIT_WORK(&rtwdev->ba_work, rtw89_core_ba_work); INIT_WORK(&rtwdev->txq_work, rtw89_core_txq_work); INIT_DELAYED_WORK(&rtwdev->txq_reinvoke_work, rtw89_core_txq_reinvoke_work); @@ -5233,6 +5262,7 @@ int rtw89_core_init(struct rtw89_dev *rtwdev) wiphy_work_init(&rtwdev->c2h_work, rtw89_fw_c2h_work); wiphy_work_init(&rtwdev->ips_work, rtw89_ips_work); wiphy_work_init(&rtwdev->cancel_6ghz_probe_work, rtw89_cancel_6ghz_probe_work); + wiphy_work_init(&rtwdev->tx_wait_work, rtw89_tx_wait_work); INIT_WORK(&rtwdev->load_firmware_work, rtw89_load_firmware_work); skb_queue_head_init(&rtwdev->c2h_queue); diff --git a/drivers/net/wireless/realtek/rtw89/core.h b/drivers/net/wireless/realtek/rtw89/core.h index 43e10278e14d..06f7d82a8d18 100644 --- a/drivers/net/wireless/realtek/rtw89/core.h +++ b/drivers/net/wireless/realtek/rtw89/core.h @@ -3508,12 +3508,16 @@ struct rtw89_phy_rate_pattern { struct rtw89_tx_wait_info { struct rcu_head rcu_head; + struct list_head list; struct completion completion; + struct sk_buff *skb; + unsigned int timeout; bool tx_done; + bool finished; }; struct rtw89_tx_skb_data { - struct rtw89_tx_wait_info __rcu *wait; + struct rtw89_tx_wait_info *wait; u8 hci_priv[]; }; @@ -5925,6 +5929,9 @@ struct rtw89_dev { /* used to protect rpwm */ spinlock_t rpwm_lock; + struct list_head tx_waits; + struct wiphy_work tx_wait_work; + struct rtw89_cam_info cam_info; struct sk_buff_head c2h_queue; @@ -7258,23 +7265,20 @@ static inline struct sk_buff *rtw89_alloc_skb_for_rx(struct rtw89_dev *rtwdev, return dev_alloc_skb(length); } -static inline void rtw89_core_tx_wait_complete(struct rtw89_dev *rtwdev, +static inline bool rtw89_core_tx_wait_complete(struct rtw89_dev *rtwdev, struct rtw89_tx_skb_data *skb_data, bool tx_done) { struct rtw89_tx_wait_info *wait; - rcu_read_lock(); - - wait = rcu_dereference(skb_data->wait); + wait = skb_data->wait; if (!wait) - goto out; + return false; wait->tx_done = tx_done; - complete(&wait->completion); + complete_all(&wait->completion); -out: - rcu_read_unlock(); + return true; } static inline bool rtw89_is_mlo_1_1(struct rtw89_dev *rtwdev) diff --git a/drivers/net/wireless/realtek/rtw89/pci.c b/drivers/net/wireless/realtek/rtw89/pci.c index a669f2f843aa..6356c2c224c5 100644 --- a/drivers/net/wireless/realtek/rtw89/pci.c +++ b/drivers/net/wireless/realtek/rtw89/pci.c @@ -464,10 +464,7 @@ static void rtw89_pci_tx_status(struct rtw89_dev *rtwdev, struct rtw89_tx_skb_data *skb_data = RTW89_TX_SKB_CB(skb); struct ieee80211_tx_info *info; - rtw89_core_tx_wait_complete(rtwdev, skb_data, tx_status == RTW89_TX_DONE); - info = IEEE80211_SKB_CB(skb); - ieee80211_tx_info_clear_status(info); if (info->flags & IEEE80211_TX_CTL_NO_ACK) info->flags |= IEEE80211_TX_STAT_NOACK_TRANSMITTED; @@ -494,6 +491,10 @@ static void rtw89_pci_tx_status(struct rtw89_dev *rtwdev, } } + if (rtw89_core_tx_wait_complete(rtwdev, skb_data, tx_status == RTW89_TX_DONE)) + return; + + ieee80211_tx_info_clear_status(info); ieee80211_tx_status_ni(rtwdev->hw, skb); } @@ -1387,7 +1388,7 @@ static int rtw89_pci_txwd_submit(struct rtw89_dev *rtwdev, } tx_data->dma = dma; - rcu_assign_pointer(skb_data->wait, NULL); + skb_data->wait = NULL; txwp_len = sizeof(*txwp_info); txwd_len = chip->txwd_body_size; -- 2.50.1

2 weeks, 4 days

3
3
0 0

[REGRESSION][BISECTED][PATCH] net: ipv4: fix regression in broadcast routes

by Brett A C Sheffield

Fix the regression introduced in 9e30ecf23b1b whereby IPv4 broadcast packets were having their ethernet destination field mangled. This broke WOL magic packets and likely other IPv4 broadcast. The regression can be observed by sending an IPv4 WOL packet using the wakeonlan program to any ethernet address: wakeonlan 46:3b:ad:61:e0:5d and capturing the packet with tcpdump: tcpdump -i eth0 -w /tmp/bad.cap dst port 9 The ethernet destination MUST be ff:ff:ff:ff:ff:ff for broadcast, but is mangled with 9e30ecf23b1b applied. Revert the change made in 9e30ecf23b1b and ensure the MTU value for broadcast routes is retained by calling ip_dst_init_metrics() directly, avoiding the need to enter the main code block in rt_set_nexthop(). Simplify the code path taken for broadcast packets back to the original before the regression, adding only the call to ip_dst_init_metrics(). The broadcast_pmtu.sh selftest provided with the original patch still passes with this patch applied. Fixes: 9e30ecf23b1b ("net: ipv4: fix incorrect MTU in broadcast routes") Signed-off-by: Brett A C Sheffield <bacs(a)librecast.net> --- net/ipv4/route.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index f639a2ae881a..eaf78e128aca 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -2588,6 +2588,7 @@ static struct rtable *__mkroute_output(const struct fib_result *res, do_cache = true; if (type == RTN_BROADCAST) { flags |= RTCF_BROADCAST | RTCF_LOCAL; + fi = NULL; } else if (type == RTN_MULTICAST) { flags |= RTCF_MULTICAST | RTCF_LOCAL; if (!ip_check_mc_rcu(in_dev, fl4->daddr, fl4->saddr, @@ -2657,8 +2658,12 @@ static struct rtable *__mkroute_output(const struct fib_result *res, rth->dst.output = ip_mc_output; RT_CACHE_STAT_INC(out_slow_mc); } + if (type == RTN_BROADCAST) { + /* ensure MTU value for broadcast routes is retained */ + ip_dst_init_metrics(&rth->dst, res->fi->fib_metrics); + } #ifdef CONFIG_IP_MROUTE - if (type == RTN_MULTICAST) { + else if (type == RTN_MULTICAST) { if (IN_DEV_MFORWARD(in_dev) && !ipv4_is_local_multicast(fl4->daddr)) { rth->dst.input = ip_mr_input; base-commit: 01b9128c5db1b470575d07b05b67ffa3cb02ebf1 -- 2.49.1

2 weeks, 4 days

8
21
0 0

[PATCH 1/2] mm/slub: Fix cmp_loc_by_count() to return 0 when counts are equal

by Kuan-Wei Chiu

The comparison function cmp_loc_by_count() used for sorting stack trace locations in debugfs currently returns -1 if a->count > b->count and 1 otherwise. This breaks the antisymmetry property required by sort(), because when two counts are equal, both cmp(a, b) and cmp(b, a) return 1. This can lead to undefined or incorrect ordering results. Fix it by explicitly returning 0 when the counts are equal, ensuring that the comparison function follows the expected mathematical properties. Fixes: 553c0369b3e1 ("mm/slub: sort debugfs output by frequency of stack traces") Cc: stable(a)vger.kernel.org Signed-off-by: Kuan-Wei Chiu <visitorckw(a)gmail.com> --- mm/slub.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/slub.c b/mm/slub.c index 30003763d224..c91b3744adbc 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -7718,8 +7718,9 @@ static int cmp_loc_by_count(const void *a, const void *b, const void *data) if (loc1->count > loc2->count) return -1; - else + if (loc1->count < loc2->count) return 1; + return 0; } static void *slab_debugfs_start(struct seq_file *seq, loff_t *ppos) -- 2.34.1

2 weeks, 4 days

4
8
0 0

+ mm-memory-failure-fix-vm_bug_on_pagepagepoisonedpage-when-unpoison-memory.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-memory-failure-fix-vm_bug_on_pagepagepoisonedpage-when-unpoison-memory.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Miaohe Lin <linmiaohe(a)huawei.com> Subject: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory Date: Thu, 28 Aug 2025 10:46:18 +0800 When I did memory failure tests, below panic occurs: page dumped because: VM_BUG_ON_PAGE(PagePoisoned(page)) kernel BUG at include/linux/page-flags.h:616! Oops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 3 PID: 720 Comm: bash Not tainted 6.10.0-rc1-00195-g148743902568 #40 RIP: 0010:unpoison_memory+0x2f3/0x590 RSP: 0018:ffffa57fc8787d60 EFLAGS: 00000246 RAX: 0000000000000037 RBX: 0000000000000009 RCX: ffff9be25fcdc9c8 RDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff9be25fcdc9c0 RBP: 0000000000300000 R08: ffffffffb4956f88 R09: 0000000000009ffb R10: 0000000000000284 R11: ffffffffb4926fa0 R12: ffffe6b00c000000 R13: ffff9bdb453dfd00 R14: 0000000000000000 R15: fffffffffffffffe FS: 00007f08f04e4740(0000) GS:ffff9be25fcc0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000564787a30410 CR3: 000000010d4e2000 CR4: 00000000000006f0 Call Trace: <TASK> unpoison_memory+0x2f3/0x590 simple_attr_write_xsigned.constprop.0.isra.0+0xb3/0x110 debugfs_attr_write+0x42/0x60 full_proxy_write+0x5b/0x80 vfs_write+0xd5/0x540 ksys_write+0x64/0xe0 do_syscall_64+0xb9/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f08f0314887 RSP: 002b:00007ffece710078 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f08f0314887 RDX: 0000000000000009 RSI: 0000564787a30410 RDI: 0000000000000001 RBP: 0000564787a30410 R08: 000000000000fefe R09: 000000007fffffff R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009 R13: 00007f08f041b780 R14: 00007f08f0417600 R15: 00007f08f0416a00 </TASK> Modules linked in: hwpoison_inject ---[ end trace 0000000000000000 ]--- RIP: 0010:unpoison_memory+0x2f3/0x590 RSP: 0018:ffffa57fc8787d60 EFLAGS: 00000246 RAX: 0000000000000037 RBX: 0000000000000009 RCX: ffff9be25fcdc9c8 RDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff9be25fcdc9c0 RBP: 0000000000300000 R08: ffffffffb4956f88 R09: 0000000000009ffb R10: 0000000000000284 R11: ffffffffb4926fa0 R12: ffffe6b00c000000 R13: ffff9bdb453dfd00 R14: 0000000000000000 R15: fffffffffffffffe FS: 00007f08f04e4740(0000) GS:ffff9be25fcc0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000564787a30410 CR3: 000000010d4e2000 CR4: 00000000000006f0 Kernel panic - not syncing: Fatal exception Kernel Offset: 0x31c00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) ---[ end Kernel panic - not syncing: Fatal exception ]--- The root cause is that unpoison_memory() tries to check the PG_HWPoison flags of an uninitialized page. So VM_BUG_ON_PAGE(PagePoisoned(page)) is triggered. This can be reproduced by below steps: 1.Offline memory block: echo offline > /sys/devices/system/memory/memory12/state 2.Get offlined memory pfn: page-types -b n -rlN 3.Write pfn to unpoison-pfn echo <pfn> > /sys/kernel/debug/hwpoison/unpoison-pfn This scenario can be identified by pfn_to_online_page() returning NULL. And ZONE_DEVICE pages are never expected, so we can simply fail if pfn_to_online_page() == NULL to fix the bug. Link: https://lkml.kernel.org/r/20250828024618.1744895-1-linmiaohe@huawei.com Fixes: f1dd2cd13c4b ("mm, memory_hotplug: do not associate hotadded memory to zones until online") Signed-off-by: Miaohe Lin <linmiaohe(a)huawei.com> Suggested-by: David Hildenbrand <david(a)redhat.com> Acked-by: David Hildenbrand <david(a)redhat.com> Cc: Naoya Horiguchi <nao.horiguchi(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/memory-failure.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) --- a/mm/memory-failure.c~mm-memory-failure-fix-vm_bug_on_pagepagepoisonedpage-when-unpoison-memory +++ a/mm/memory-failure.c @@ -2568,10 +2568,9 @@ int unpoison_memory(unsigned long pfn) static DEFINE_RATELIMIT_STATE(unpoison_rs, DEFAULT_RATELIMIT_INTERVAL, DEFAULT_RATELIMIT_BURST); - if (!pfn_valid(pfn)) - return -ENXIO; - - p = pfn_to_page(pfn); + p = pfn_to_online_page(pfn); + if (!p) + return -EIO; folio = page_folio(p); mutex_lock(&mf_mutex); _ Patches currently in -mm which might be from linmiaohe(a)huawei.com are mm-memory-failure-fix-vm_bug_on_pagepagepoisonedpage-when-unpoison-memory.patch revert-hugetlb-make-hugetlb-depends-on-sysfs-or-sysctl.patch

2 weeks, 4 days

1
0
0 0

Loan Offer

by Mrs.Seinfield

Hello, Are you looking for a loan to either increase your activity or to carry out a project. We offer Crypto Loans at 2-7% interest rate with or without a credit check. We also pay 1% commission to brokers, who introduce project owners for finance or other opportunities. Please get back to me if you are interested in more details. Best Regards, Lucy Seinfield Assistant Secretary

2 weeks, 4 days

1
0
0 0

+ mm-memory-failure-fix-redundant-updates-for-already-poisoned-pages.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/memory-failure: fix redundant updates for already poisoned pages has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-memory-failure-fix-redundant-updates-for-already-poisoned-pages.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Kyle Meyer <kyle.meyer(a)hpe.com> Subject: mm/memory-failure: fix redundant updates for already poisoned pages Date: Thu, 28 Aug 2025 13:38:20 -0500 Duplicate memory errors can be reported by multiple sources. Passing an already poisoned page to action_result() causes issues: * The amount of hardware corrupted memory is incorrectly updated. * Per NUMA node MF stats are incorrectly updated. * Redundant "already poisoned" messages are printed. Avoid those issues by: * Skipping hardware corrupted memory updates for already poisoned pages. * Skipping per NUMA node MF stats updates for already poisoned pages. * Dropping redundant "already poisoned" messages. Make MF_MSG_ALREADY_POISONED consistent with other action_page_types and make calls to action_result() consistent for already poisoned normal pages and huge pages. Link: https://lkml.kernel.org/r/aLCiHMy12Ck3ouwC@hpe.com Fixes: b8b9488d50b7 ("mm/memory-failure: improve memory failure action_result messages") Signed-off-by: Kyle Meyer <kyle.meyer(a)hpe.com> Reviewed-by: Jiaqi Yan <jiaqiyan(a)google.com> Acked-by: David Hildenbrand <david(a)redhat.com> Cc: Borislav Betkov <bp(a)alien8.de> Cc: Jane Chu <jane.chu(a)oracle.com> Cc: Kyle Meyer <kyle.meyer(a)hpe.com> Cc: Liam Howlett <liam.howlett(a)oracle.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: "Luck, Tony" <tony.luck(a)intel.com> Cc: Miaohe Lin <linmiaohe(a)huawei.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Mike Rapoport <rppt(a)kernel.org> Cc: Naoya Horiguchi <nao.horiguchi(a)gmail.com> Cc: Oscar Salvador <osalvador(a)suse.de> Cc: Russ Anderson <russ.anderson(a)hpe.com> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/memory-failure.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) --- a/mm/memory-failure.c~mm-memory-failure-fix-redundant-updates-for-already-poisoned-pages +++ a/mm/memory-failure.c @@ -956,7 +956,7 @@ static const char * const action_page_ty [MF_MSG_BUDDY] = "free buddy page", [MF_MSG_DAX] = "dax page", [MF_MSG_UNSPLIT_THP] = "unsplit thp", - [MF_MSG_ALREADY_POISONED] = "already poisoned", + [MF_MSG_ALREADY_POISONED] = "already poisoned page", [MF_MSG_UNKNOWN] = "unknown page", }; @@ -1349,9 +1349,10 @@ static int action_result(unsigned long p { trace_memory_failure_event(pfn, type, result); - num_poisoned_pages_inc(pfn); - - update_per_node_mf_stats(pfn, result); + if (type != MF_MSG_ALREADY_POISONED) { + num_poisoned_pages_inc(pfn); + update_per_node_mf_stats(pfn, result); + } pr_err("%#lx: recovery action for %s: %s\n", pfn, action_page_types[type], action_name[result]); @@ -2094,12 +2095,11 @@ retry: *hugetlb = 0; return 0; } else if (res == -EHWPOISON) { - pr_err("%#lx: already hardware poisoned\n", pfn); if (flags & MF_ACTION_REQUIRED) { folio = page_folio(p); res = kill_accessing_process(current, folio_pfn(folio), flags); - action_result(pfn, MF_MSG_ALREADY_POISONED, MF_FAILED); } + action_result(pfn, MF_MSG_ALREADY_POISONED, MF_FAILED); return res; } else if (res == -EBUSY) { if (!(flags & MF_NO_RETRY)) { @@ -2285,7 +2285,6 @@ try_again: goto unlock_mutex; if (TestSetPageHWPoison(p)) { - pr_err("%#lx: already hardware poisoned\n", pfn); res = -EHWPOISON; if (flags & MF_ACTION_REQUIRED) res = kill_accessing_process(current, pfn, flags); _ Patches currently in -mm which might be from kyle.meyer(a)hpe.com are mm-memory-failure-fix-redundant-updates-for-already-poisoned-pages.patch

2 weeks, 4 days

1
0
0 0

[PATCH v3 1/1] iommu/sva: Invalidate KVA range on kernel TLB flush

by Lu Baolu

In the IOMMU Shared Virtual Addressing (SVA) context, the IOMMU hardware shares and walks the CPU's page tables. The Linux x86 architecture maps the kernel address space into the upper portion of every process’s page table. Consequently, in an SVA context, the IOMMU hardware can walk and cache kernel space mappings. However, the Linux kernel currently lacks a notification mechanism for kernel space mapping changes. This means the IOMMU driver is not aware of such changes, leading to a break in IOMMU cache coherence. Modern IOMMUs often cache page table entries of the intermediate-level page table as long as the entry is valid, no matter the permissions, to optimize walk performance. Currently the iommu driver is notified only for changes of user VA mappings, so the IOMMU's internal caches may retain stale entries for kernel VA. When kernel page table mappings are changed (e.g., by vfree()), but the IOMMU's internal caches retain stale entries, Use-After-Free (UAF) vulnerability condition arises. If these freed page table pages are reallocated for a different purpose, potentially by an attacker, the IOMMU could misinterpret the new data as valid page table entries. This allows the IOMMU to walk into attacker- controlled memory, leading to arbitrary physical memory DMA access or privilege escalation. To mitigate this, introduce a new iommu interface to flush IOMMU caches. This interface should be invoked from architecture-specific code that manages combined user and kernel page tables, whenever a kernel page table update is done and the CPU TLB needs to be flushed. Fixes: 26b25a2b98e4 ("iommu: Bind process address spaces to devices") Cc: stable(a)vger.kernel.org Suggested-by: Jann Horn <jannh(a)google.com> Co-developed-by: Jason Gunthorpe <jgg(a)nvidia.com> Signed-off-by: Jason Gunthorpe <jgg(a)nvidia.com> Signed-off-by: Lu Baolu <baolu.lu(a)linux.intel.com> Reviewed-by: Jason Gunthorpe <jgg(a)nvidia.com> Reviewed-by: Vasant Hegde <vasant.hegde(a)amd.com> Reviewed-by: Kevin Tian <kevin.tian(a)intel.com> Tested-by: Yi Lai <yi1.lai(a)intel.com> --- arch/x86/mm/tlb.c | 4 +++ drivers/iommu/iommu-sva.c | 60 ++++++++++++++++++++++++++++++++++++++- include/linux/iommu.h | 4 +++ 3 files changed, 67 insertions(+), 1 deletion(-) Change log: v3: - iommu_sva_mms is an unbound list; iterating it in an atomic context could introduce significant latency issues. Schedule it in a kernel thread and replace the spinlock with a mutex. - Replace the static key with a normal bool; it can be brought back if data shows the benefit. - Invalidate KVA range in the flush_tlb_all() paths. - All previous reviewed-bys are preserved. Please let me know if there are any objections. v2: - https://lore.kernel.org/linux-iommu/20250709062800.651521-1-baolu.lu@linux.… - Remove EXPORT_SYMBOL_GPL(iommu_sva_invalidate_kva_range); - Replace the mutex with a spinlock to make the interface usable in the critical regions. v1: https://lore.kernel.org/linux-iommu/20250704133056.4023816-1-baolu.lu@linux… diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c index 39f80111e6f1..3b85e7d3ba44 100644 --- a/arch/x86/mm/tlb.c +++ b/arch/x86/mm/tlb.c @@ -12,6 +12,7 @@ #include <linux/task_work.h> #include <linux/mmu_notifier.h> #include <linux/mmu_context.h> +#include <linux/iommu.h> #include <asm/tlbflush.h> #include <asm/mmu_context.h> @@ -1478,6 +1479,8 @@ void flush_tlb_all(void) else /* Fall back to the IPI-based invalidation. */ on_each_cpu(do_flush_tlb_all, NULL, 1); + + iommu_sva_invalidate_kva_range(0, TLB_FLUSH_ALL); } /* Flush an arbitrarily large range of memory with INVLPGB. */ @@ -1540,6 +1543,7 @@ void flush_tlb_kernel_range(unsigned long start, unsigned long end) kernel_tlb_flush_range(info); put_flush_tlb_info(); + iommu_sva_invalidate_kva_range(start, end); } /* diff --git a/drivers/iommu/iommu-sva.c b/drivers/iommu/iommu-sva.c index 1a51cfd82808..d0da2b3fd64b 100644 --- a/drivers/iommu/iommu-sva.c +++ b/drivers/iommu/iommu-sva.c @@ -10,6 +10,8 @@ #include "iommu-priv.h" static DEFINE_MUTEX(iommu_sva_lock); +static bool iommu_sva_present; +static LIST_HEAD(iommu_sva_mms); static struct iommu_domain *iommu_sva_domain_alloc(struct device *dev, struct mm_struct *mm); @@ -42,6 +44,7 @@ static struct iommu_mm_data *iommu_alloc_mm_data(struct mm_struct *mm, struct de return ERR_PTR(-ENOSPC); } iommu_mm->pasid = pasid; + iommu_mm->mm = mm; INIT_LIST_HEAD(&iommu_mm->sva_domains); /* * Make sure the write to mm->iommu_mm is not reordered in front of @@ -132,8 +135,13 @@ struct iommu_sva *iommu_sva_bind_device(struct device *dev, struct mm_struct *mm if (ret) goto out_free_domain; domain->users = 1; - list_add(&domain->next, &mm->iommu_mm->sva_domains); + if (list_empty(&iommu_mm->sva_domains)) { + if (list_empty(&iommu_sva_mms)) + WRITE_ONCE(iommu_sva_present, true); + list_add(&iommu_mm->mm_list_elm, &iommu_sva_mms); + } + list_add(&domain->next, &iommu_mm->sva_domains); out: refcount_set(&handle->users, 1); mutex_unlock(&iommu_sva_lock); @@ -175,6 +183,13 @@ void iommu_sva_unbind_device(struct iommu_sva *handle) list_del(&domain->next); iommu_domain_free(domain); } + + if (list_empty(&iommu_mm->sva_domains)) { + list_del(&iommu_mm->mm_list_elm); + if (list_empty(&iommu_sva_mms)) + WRITE_ONCE(iommu_sva_present, false); + } + mutex_unlock(&iommu_sva_lock); kfree(handle); } @@ -312,3 +327,46 @@ static struct iommu_domain *iommu_sva_domain_alloc(struct device *dev, return domain; } + +struct kva_invalidation_work_data { + struct work_struct work; + unsigned long start; + unsigned long end; +}; + +static void invalidate_kva_func(struct work_struct *work) +{ + struct kva_invalidation_work_data *data = + container_of(work, struct kva_invalidation_work_data, work); + struct iommu_mm_data *iommu_mm; + + guard(mutex)(&iommu_sva_lock); + list_for_each_entry(iommu_mm, &iommu_sva_mms, mm_list_elm) + mmu_notifier_arch_invalidate_secondary_tlbs(iommu_mm->mm, + data->start, data->end); + + kfree(data); +} + +void iommu_sva_invalidate_kva_range(unsigned long start, unsigned long end) +{ + struct kva_invalidation_work_data *data; + + if (likely(!READ_ONCE(iommu_sva_present))) + return; + + /* will be freed in the task function */ + data = kzalloc(sizeof(*data), GFP_ATOMIC); + if (!data) + return; + + data->start = start; + data->end = end; + INIT_WORK(&data->work, invalidate_kva_func); + + /* + * Since iommu_sva_mms is an unbound list, iterating it in an atomic + * context could introduce significant latency issues. + */ + schedule_work(&data->work); +} diff --git a/include/linux/iommu.h b/include/linux/iommu.h index c30d12e16473..66e4abb2df0d 100644 --- a/include/linux/iommu.h +++ b/include/linux/iommu.h @@ -1134,7 +1134,9 @@ struct iommu_sva { struct iommu_mm_data { u32 pasid; + struct mm_struct *mm; struct list_head sva_domains; + struct list_head mm_list_elm; }; int iommu_fwspec_init(struct device *dev, struct fwnode_handle *iommu_fwnode); @@ -1615,6 +1617,7 @@ struct iommu_sva *iommu_sva_bind_device(struct device *dev, struct mm_struct *mm); void iommu_sva_unbind_device(struct iommu_sva *handle); u32 iommu_sva_get_pasid(struct iommu_sva *handle); +void iommu_sva_invalidate_kva_range(unsigned long start, unsigned long end); #else static inline struct iommu_sva * iommu_sva_bind_device(struct device *dev, struct mm_struct *mm) @@ -1639,6 +1642,7 @@ static inline u32 mm_get_enqcmd_pasid(struct mm_struct *mm) } static inline void mm_pasid_drop(struct mm_struct *mm) {} +static inline void iommu_sva_invalidate_kva_range(unsigned long start, unsigned long end) {} #endif /* CONFIG_IOMMU_SVA */ #ifdef CONFIG_IOMMU_IOPF -- 2.43.0

2 weeks, 4 days

8
48
0 0

[PATCH 5.4.y] Revert "drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS"

by Imre Deak

This reverts commit 2402adce8da4e7396b63b5ffa71e1fa16e5fe5c4. The upstream commit a40c5d727b8111b5db424a1e43e14a1dcce1e77f ("drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS") the reverted commit backported causes a regression, on one eDP panel at least resulting in display flickering, described in detail at the Link: below. The issue fixed by the upstream commit will need a different solution, revert the backport for now. Cc: intel-gfx(a)lists.freedesktop.org Cc: dri-devel(a)lists.freedesktop.org Cc: Sasha Levin <sashal(a)kernel.org> Link: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/14558 Signed-off-by: Imre Deak <imre.deak(a)intel.com> --- drivers/gpu/drm/drm_dp_helper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/drm_dp_helper.c b/drivers/gpu/drm/drm_dp_helper.c index 4eabef5b86d0..ffc68d305afe 100644 --- a/drivers/gpu/drm/drm_dp_helper.c +++ b/drivers/gpu/drm/drm_dp_helper.c @@ -280,7 +280,7 @@ ssize_t drm_dp_dpcd_read(struct drm_dp_aux *aux, unsigned int offset, * We just have to do it before any DPCD access and hope that the * monitor doesn't power down exactly after the throw away read. */ - ret = drm_dp_dpcd_access(aux, DP_AUX_NATIVE_READ, DP_LANE0_1_STATUS, buffer, + ret = drm_dp_dpcd_access(aux, DP_AUX_NATIVE_READ, DP_DPCD_REV, buffer, 1); if (ret != 1) goto out; -- 2.49.1

2 weeks, 4 days

1
6
0 0

FAILED: patch "[PATCH] NFS: Fix a race when updating an existing write" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 76d2e3890fb169168c73f2e4f8375c7cc24a765e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025082225-attribute-embark-823b@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 76d2e3890fb169168c73f2e4f8375c7cc24a765e Mon Sep 17 00:00:00 2001 From: Trond Myklebust <trond.myklebust(a)hammerspace.com> Date: Sat, 16 Aug 2025 07:25:20 -0700 Subject: [PATCH] NFS: Fix a race when updating an existing write After nfs_lock_and_join_requests() tests for whether the request is still attached to the mapping, nothing prevents a call to nfs_inode_remove_request() from succeeding until we actually lock the page group. The reason is that whoever called nfs_inode_remove_request() doesn't necessarily have a lock on the page group head. So in order to avoid races, let's take the page group lock earlier in nfs_lock_and_join_requests(), and hold it across the removal of the request in nfs_inode_remove_request(). Reported-by: Jeff Layton <jlayton(a)kernel.org> Tested-by: Joe Quanaim <jdq(a)meta.com> Tested-by: Andrew Steffen <aksteffen(a)meta.com> Reviewed-by: Jeff Layton <jlayton(a)kernel.org> Fixes: bd37d6fce184 ("NFSv4: Convert nfs_lock_and_join_requests() to use nfs_page_find_head_request()") Cc: stable(a)vger.kernel.org Signed-off-by: Trond Myklebust <trond.myklebust(a)hammerspace.com> diff --git a/fs/nfs/pagelist.c b/fs/nfs/pagelist.c index 11968dcb7243..6e69ce43a13f 100644 --- a/fs/nfs/pagelist.c +++ b/fs/nfs/pagelist.c @@ -253,13 +253,14 @@ nfs_page_group_unlock(struct nfs_page *req) nfs_page_clear_headlock(req); } -/* - * nfs_page_group_sync_on_bit_locked +/** + * nfs_page_group_sync_on_bit_locked - Test if all requests have @bit set + * @req: request in page group + * @bit: PG_* bit that is used to sync page group * * must be called with page group lock held */ -static bool -nfs_page_group_sync_on_bit_locked(struct nfs_page *req, unsigned int bit) +bool nfs_page_group_sync_on_bit_locked(struct nfs_page *req, unsigned int bit) { struct nfs_page *head = req->wb_head; struct nfs_page *tmp; diff --git a/fs/nfs/write.c b/fs/nfs/write.c index fa5c41d0989a..8b7c04737967 100644 --- a/fs/nfs/write.c +++ b/fs/nfs/write.c @@ -153,20 +153,10 @@ nfs_page_set_inode_ref(struct nfs_page *req, struct inode *inode) } } -static int -nfs_cancel_remove_inode(struct nfs_page *req, struct inode *inode) +static void nfs_cancel_remove_inode(struct nfs_page *req, struct inode *inode) { - int ret; - - if (!test_bit(PG_REMOVE, &req->wb_flags)) - return 0; - ret = nfs_page_group_lock(req); - if (ret) - return ret; if (test_and_clear_bit(PG_REMOVE, &req->wb_flags)) nfs_page_set_inode_ref(req, inode); - nfs_page_group_unlock(req); - return 0; } /** @@ -585,19 +575,18 @@ retry: } } + ret = nfs_page_group_lock(head); + if (ret < 0) + goto out_unlock; + /* Ensure that nobody removed the request before we locked it */ if (head != folio->private) { + nfs_page_group_unlock(head); nfs_unlock_and_release_request(head); goto retry; } - ret = nfs_cancel_remove_inode(head, inode); - if (ret < 0) - goto out_unlock; - - ret = nfs_page_group_lock(head); - if (ret < 0) - goto out_unlock; + nfs_cancel_remove_inode(head, inode); /* lock each request in the page group */ for (subreq = head->wb_this_page; @@ -786,7 +775,8 @@ static void nfs_inode_remove_request(struct nfs_page *req) { struct nfs_inode *nfsi = NFS_I(nfs_page_to_inode(req)); - if (nfs_page_group_sync_on_bit(req, PG_REMOVE)) { + nfs_page_group_lock(req); + if (nfs_page_group_sync_on_bit_locked(req, PG_REMOVE)) { struct folio *folio = nfs_page_to_folio(req->wb_head); struct address_space *mapping = folio->mapping; @@ -798,6 +788,7 @@ static void nfs_inode_remove_request(struct nfs_page *req) } spin_unlock(&mapping->i_private_lock); } + nfs_page_group_unlock(req); if (test_and_clear_bit(PG_INODE_REF, &req->wb_flags)) { atomic_long_dec(&nfsi->nrequests); diff --git a/include/linux/nfs_page.h b/include/linux/nfs_page.h index 169b4ae30ff4..9aed39abc94b 100644 --- a/include/linux/nfs_page.h +++ b/include/linux/nfs_page.h @@ -160,6 +160,7 @@ extern void nfs_join_page_group(struct nfs_page *head, extern int nfs_page_group_lock(struct nfs_page *); extern void nfs_page_group_unlock(struct nfs_page *); extern bool nfs_page_group_sync_on_bit(struct nfs_page *, unsigned int); +extern bool nfs_page_group_sync_on_bit_locked(struct nfs_page *, unsigned int); extern int nfs_page_set_headlock(struct nfs_page *req); extern void nfs_page_clear_headlock(struct nfs_page *req); extern bool nfs_async_iocounter_wait(struct rpc_task *, struct nfs_lock_context *);

2 weeks, 4 days

2
3
0 0

FAILED: patch "[PATCH] NFS: Fix a race when updating an existing write" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 76d2e3890fb169168c73f2e4f8375c7cc24a765e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025082225-cling-drainer-d884@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 76d2e3890fb169168c73f2e4f8375c7cc24a765e Mon Sep 17 00:00:00 2001 From: Trond Myklebust <trond.myklebust(a)hammerspace.com> Date: Sat, 16 Aug 2025 07:25:20 -0700 Subject: [PATCH] NFS: Fix a race when updating an existing write After nfs_lock_and_join_requests() tests for whether the request is still attached to the mapping, nothing prevents a call to nfs_inode_remove_request() from succeeding until we actually lock the page group. The reason is that whoever called nfs_inode_remove_request() doesn't necessarily have a lock on the page group head. So in order to avoid races, let's take the page group lock earlier in nfs_lock_and_join_requests(), and hold it across the removal of the request in nfs_inode_remove_request(). Reported-by: Jeff Layton <jlayton(a)kernel.org> Tested-by: Joe Quanaim <jdq(a)meta.com> Tested-by: Andrew Steffen <aksteffen(a)meta.com> Reviewed-by: Jeff Layton <jlayton(a)kernel.org> Fixes: bd37d6fce184 ("NFSv4: Convert nfs_lock_and_join_requests() to use nfs_page_find_head_request()") Cc: stable(a)vger.kernel.org Signed-off-by: Trond Myklebust <trond.myklebust(a)hammerspace.com> diff --git a/fs/nfs/pagelist.c b/fs/nfs/pagelist.c index 11968dcb7243..6e69ce43a13f 100644 --- a/fs/nfs/pagelist.c +++ b/fs/nfs/pagelist.c @@ -253,13 +253,14 @@ nfs_page_group_unlock(struct nfs_page *req) nfs_page_clear_headlock(req); } -/* - * nfs_page_group_sync_on_bit_locked +/** + * nfs_page_group_sync_on_bit_locked - Test if all requests have @bit set + * @req: request in page group + * @bit: PG_* bit that is used to sync page group * * must be called with page group lock held */ -static bool -nfs_page_group_sync_on_bit_locked(struct nfs_page *req, unsigned int bit) +bool nfs_page_group_sync_on_bit_locked(struct nfs_page *req, unsigned int bit) { struct nfs_page *head = req->wb_head; struct nfs_page *tmp; diff --git a/fs/nfs/write.c b/fs/nfs/write.c index fa5c41d0989a..8b7c04737967 100644 --- a/fs/nfs/write.c +++ b/fs/nfs/write.c @@ -153,20 +153,10 @@ nfs_page_set_inode_ref(struct nfs_page *req, struct inode *inode) } } -static int -nfs_cancel_remove_inode(struct nfs_page *req, struct inode *inode) +static void nfs_cancel_remove_inode(struct nfs_page *req, struct inode *inode) { - int ret; - - if (!test_bit(PG_REMOVE, &req->wb_flags)) - return 0; - ret = nfs_page_group_lock(req); - if (ret) - return ret; if (test_and_clear_bit(PG_REMOVE, &req->wb_flags)) nfs_page_set_inode_ref(req, inode); - nfs_page_group_unlock(req); - return 0; } /** @@ -585,19 +575,18 @@ retry: } } + ret = nfs_page_group_lock(head); + if (ret < 0) + goto out_unlock; + /* Ensure that nobody removed the request before we locked it */ if (head != folio->private) { + nfs_page_group_unlock(head); nfs_unlock_and_release_request(head); goto retry; } - ret = nfs_cancel_remove_inode(head, inode); - if (ret < 0) - goto out_unlock; - - ret = nfs_page_group_lock(head); - if (ret < 0) - goto out_unlock; + nfs_cancel_remove_inode(head, inode); /* lock each request in the page group */ for (subreq = head->wb_this_page; @@ -786,7 +775,8 @@ static void nfs_inode_remove_request(struct nfs_page *req) { struct nfs_inode *nfsi = NFS_I(nfs_page_to_inode(req)); - if (nfs_page_group_sync_on_bit(req, PG_REMOVE)) { + nfs_page_group_lock(req); + if (nfs_page_group_sync_on_bit_locked(req, PG_REMOVE)) { struct folio *folio = nfs_page_to_folio(req->wb_head); struct address_space *mapping = folio->mapping; @@ -798,6 +788,7 @@ static void nfs_inode_remove_request(struct nfs_page *req) } spin_unlock(&mapping->i_private_lock); } + nfs_page_group_unlock(req); if (test_and_clear_bit(PG_INODE_REF, &req->wb_flags)) { atomic_long_dec(&nfsi->nrequests); diff --git a/include/linux/nfs_page.h b/include/linux/nfs_page.h index 169b4ae30ff4..9aed39abc94b 100644 --- a/include/linux/nfs_page.h +++ b/include/linux/nfs_page.h @@ -160,6 +160,7 @@ extern void nfs_join_page_group(struct nfs_page *head, extern int nfs_page_group_lock(struct nfs_page *); extern void nfs_page_group_unlock(struct nfs_page *); extern bool nfs_page_group_sync_on_bit(struct nfs_page *, unsigned int); +extern bool nfs_page_group_sync_on_bit_locked(struct nfs_page *, unsigned int); extern int nfs_page_set_headlock(struct nfs_page *req); extern void nfs_page_clear_headlock(struct nfs_page *req); extern bool nfs_async_iocounter_wait(struct rpc_task *, struct nfs_lock_context *);

2 weeks, 4 days

2
3
0 0

[PATCH] drm/xe: Fix incorrect migration of backed-up object to VRAM

by Thomas Hellström

If an object is backed up to shmem it is incorrectly identified as not having valid data by the move code. This means moving to VRAM skips the -EMULTIHOP step and the bo is cleared. This causes all sorts of weird behaviour on DGFX if an already evicted object is targeted by the shrinker. Fix this by using ttm_tt_is_swapped() to identify backed-up objects. Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/5996 Fixes: 00c8efc3180f ("drm/xe: Add a shrinker for xe bos") Cc: Matthew Brost <matthew.brost(a)intel.com> Cc: Matthew Auld <matthew.auld(a)intel.com> Cc: <stable(a)vger.kernel.org> # v6.15+ Signed-off-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com> --- drivers/gpu/drm/xe/xe_bo.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/gpu/drm/xe/xe_bo.c b/drivers/gpu/drm/xe/xe_bo.c index 7d1ff642b02a..4faf15d5fa6d 100644 --- a/drivers/gpu/drm/xe/xe_bo.c +++ b/drivers/gpu/drm/xe/xe_bo.c @@ -823,8 +823,7 @@ static int xe_bo_move(struct ttm_buffer_object *ttm_bo, bool evict, return ret; } - tt_has_data = ttm && (ttm_tt_is_populated(ttm) || - (ttm->page_flags & TTM_TT_FLAG_SWAPPED)); + tt_has_data = ttm && (ttm_tt_is_populated(ttm) || ttm_tt_is_swapped(ttm)); move_lacks_source = !old_mem || (handle_system_ccs ? (!bo->ccs_cleared) : (!mem_type_is_vram(old_mem_type) && !tt_has_data)); -- 2.50.1

2 weeks, 4 days

2
2
0 0

Linux 6.16.4

by Greg Kroah-Hartman

I'm announcing the release of the 6.16.4 kernel. All users of the 6.16 kernel series must upgrade. The updated 6.16.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.16.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/display/rockchip/rockchip-vop2.yaml | 56 +- Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2 Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dsi-host.yaml | 2 Documentation/devicetree/bindings/ufs/mediatek,ufs.yaml | 4 Documentation/networking/mptcp-sysctl.rst | 2 Makefile | 4 arch/arm/lib/crypto/poly1305-glue.c | 3 arch/arm64/boot/dts/apple/t8012-j132.dts | 1 arch/arm64/boot/dts/exynos/exynos7870-j6lte.dts | 2 arch/arm64/boot/dts/exynos/exynos7870-on7xelte.dts | 2 arch/arm64/boot/dts/exynos/exynos7870.dtsi | 1 arch/arm64/boot/dts/exynos/google/gs101.dtsi | 1 arch/arm64/boot/dts/rockchip/rk3576.dtsi | 7 arch/arm64/boot/dts/rockchip/rk3588-turing-rk1.dtsi | 11 arch/arm64/boot/dts/ti/k3-am62-lp-sk.dts | 24 arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1 arch/arm64/boot/dts/ti/k3-am62-verdin.dtsi | 12 arch/arm64/boot/dts/ti/k3-am625-sk.dts | 24 arch/arm64/boot/dts/ti/k3-am62a7-sk.dts | 4 arch/arm64/boot/dts/ti/k3-am62x-sk-common.dtsi | 24 arch/arm64/boot/dts/ti/k3-pinctrl.h | 15 arch/arm64/lib/crypto/poly1305-glue.c | 3 arch/loongarch/Makefile | 6 arch/loongarch/kernel/module-sections.c | 36 - arch/loongarch/kvm/intc/eiointc.c | 32 - arch/loongarch/kvm/intc/ipi.c | 8 arch/loongarch/kvm/intc/pch_pic.c | 10 arch/loongarch/kvm/vcpu.c | 8 arch/m68k/kernel/head.S | 31 - arch/mips/lib/crypto/chacha-core.S | 20 arch/parisc/Makefile | 4 arch/parisc/include/asm/pgtable.h | 7 arch/parisc/include/asm/special_insns.h | 28 + arch/parisc/include/asm/uaccess.h | 21 arch/parisc/kernel/cache.c | 6 arch/parisc/kernel/entry.S | 17 arch/parisc/kernel/syscall.S | 30 - arch/parisc/lib/memcpy.c | 19 arch/parisc/mm/fault.c | 4 arch/s390/boot/vmem.c | 3 arch/s390/hypfs/hypfs_dbfs.c | 19 arch/x86/crypto/aegis128-aesni-glue.c | 40 + arch/x86/include/asm/xen/hypercall.h | 5 arch/x86/kernel/cpu/amd.c | 8 arch/x86/kernel/cpu/hygon.c | 3 block/bfq-iosched.c | 13 block/blk-mq-debugfs.c | 1 block/blk-mq-sched.c | 223 +++++--- block/blk-mq-sched.h | 12 block/blk-mq.c | 29 - block/blk-rq-qos.c | 8 block/blk-rq-qos.h | 48 + block/blk-sysfs.c | 2 block/blk.h | 4 block/elevator.c | 38 + block/elevator.h | 16 block/kyber-iosched.c | 11 block/mq-deadline.c | 14 crypto/deflate.c | 7 drivers/accel/habanalabs/gaudi2/gaudi2.c | 2 drivers/acpi/apei/einj-core.c | 12 drivers/acpi/pfr_update.c | 2 drivers/ata/Kconfig | 36 + drivers/ata/libata-scsi.c | 49 - drivers/base/power/runtime.c | 27 - drivers/bluetooth/btmtk.c | 7 drivers/bus/mhi/host/boot.c | 8 drivers/bus/mhi/host/internal.h | 4 drivers/bus/mhi/host/main.c | 12 drivers/cdx/controller/cdx_rpmsg.c | 3 drivers/comedi/comedi_fops.c | 5 drivers/comedi/drivers.c | 23 drivers/comedi/drivers/pcl726.c | 3 drivers/cpufreq/armada-8k-cpufreq.c | 2 drivers/cpuidle/governors/menu.c | 29 - drivers/crypto/caam/ctrl.c | 5 drivers/crypto/caam/intern.h | 1 drivers/crypto/ccp/sev-dev.c | 10 drivers/crypto/intel/qat/qat_common/adf_common_drv.h | 1 drivers/crypto/intel/qat/qat_common/adf_init.c | 1 drivers/crypto/intel/qat/qat_common/adf_isr.c | 5 drivers/crypto/intel/qat/qat_common/qat_algs.c | 12 drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h | 125 +++- drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 35 - drivers/fpga/zynq-fpga.c | 10 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_cper.c | 6 drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 6 drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 76 +- drivers/gpu/drm/amd/amdgpu/amdgpu_job.c | 7 drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 21 drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c | 5 drivers/gpu/drm/amd/amdgpu/gfx_v12_0.c | 14 drivers/gpu/drm/amd/amdgpu/imu_v12_0.c | 13 drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 +- drivers/gpu/drm/amd/amdgpu/mmhub_v3_3.c | 105 ++++ drivers/gpu/drm/amd/amdgpu/mmhub_v4_1_0.c | 34 - drivers/gpu/drm/amd/amdgpu/psp_v14_0.c | 2 drivers/gpu/drm/amd/amdgpu/soc15.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v9.c | 61 +- drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 20 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 19 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 28 + drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c | 2 drivers/gpu/drm/amd/display/dc/bios/bios_parser.c | 5 drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1 drivers/gpu/drm/amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 19 drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 - drivers/gpu/drm/amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 - drivers/gpu/drm/amd/display/dc/core/dc.c | 34 - drivers/gpu/drm/amd/display/dc/resource/dce60/dce60_resource.c | 34 - drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 16 drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0.c | 11 drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c | 30 - drivers/gpu/drm/display/drm_dp_helper.c | 2 drivers/gpu/drm/drm_format_helper.c | 108 +++- drivers/gpu/drm/drm_format_internal.h | 8 drivers/gpu/drm/drm_panic_qr.rs | 22 drivers/gpu/drm/hisilicon/hibmc/dp/dp_link.c | 14 drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 22 drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.h | 1 drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_i2c.c | 5 drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_vdac.c | 11 drivers/gpu/drm/i915/display/intel_display_irq.c | 4 drivers/gpu/drm/i915/display/intel_tc.c | 93 ++- drivers/gpu/drm/i915/gt/intel_workarounds.c | 20 drivers/gpu/drm/nouveau/nvif/vmm.c | 3 drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/rpc.c | 4 drivers/gpu/drm/nova/file.rs | 3 drivers/gpu/drm/tests/drm_format_helper_test.c | 111 ---- drivers/gpu/drm/xe/Kconfig | 1 drivers/gpu/drm/xe/xe_migrate.c | 2 drivers/gpu/drm/xe/xe_pxp_submit.c | 2 drivers/gpu/drm/xe/xe_shrinker.c | 51 + drivers/gpu/drm/xe/xe_vm.c | 48 - drivers/gpu/drm/xe/xe_vm.h | 2 drivers/hwmon/gsc-hwmon.c | 4 drivers/i2c/busses/i2c-qcom-geni.c | 6 drivers/i2c/busses/i2c-rtl9300.c | 20 drivers/iio/accel/sca3300.c | 2 drivers/iio/adc/Kconfig | 2 drivers/iio/adc/ad7124.c | 14 drivers/iio/adc/ad7173.c | 137 ++++- drivers/iio/adc/ad7380.c | 1 drivers/iio/adc/ad_sigma_delta.c | 4 drivers/iio/adc/rzg2l_adc.c | 33 - drivers/iio/imu/bno055/bno055.c | 11 drivers/iio/imu/inv_icm42600/inv_icm42600.h | 8 drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 31 - drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.c | 22 drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.h | 10 drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 6 drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 41 - drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 12 drivers/iio/light/as73211.c | 2 drivers/iio/pressure/bmp280-core.c | 9 drivers/iio/proximity/isl29501.c | 16 drivers/iio/temperature/maxim_thermocouple.c | 26 - drivers/infiniband/core/umem_odp.c | 4 drivers/infiniband/hw/bnxt_re/ib_verbs.c | 8 drivers/infiniband/hw/bnxt_re/main.c | 23 drivers/infiniband/hw/bnxt_re/qplib_fp.c | 30 - drivers/infiniband/hw/bnxt_re/qplib_fp.h | 2 drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 drivers/infiniband/hw/erdma/erdma_verbs.c | 6 drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 6 drivers/infiniband/hw/hns/hns_roce_restrack.c | 9 drivers/infiniband/sw/rxe/rxe_net.c | 29 - drivers/infiniband/sw/rxe/rxe_qp.c | 2 drivers/iommu/amd/init.c | 4 drivers/iommu/apple-dart.c | 1 drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 2 drivers/iommu/intel/iommu.c | 1 drivers/iommu/iommufd/selftest.c | 1 drivers/iommu/riscv/iommu.c | 3 drivers/iommu/virtio-iommu.c | 19 drivers/md/dm-crypt.c | 49 + drivers/md/dm-raid.c | 42 - drivers/md/dm.c | 17 drivers/md/md-bitmap.c | 8 drivers/md/md-cluster.c | 16 drivers/md/md.c | 110 ++-- drivers/md/md.h | 2 drivers/md/raid0.c | 6 drivers/md/raid1-10.c | 2 drivers/md/raid1.c | 10 drivers/md/raid10.c | 16 drivers/md/raid5-ppl.c | 6 drivers/md/raid5.c | 30 - drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 drivers/media/i2c/hi556.c | 26 - drivers/media/i2c/mt9m114.c | 8 drivers/media/i2c/ov2659.c | 3 drivers/media/pci/intel/ipu6/ipu6-isys-csi2.c | 12 drivers/media/pci/intel/ivsc/mei_ace.c | 2 drivers/media/pci/intel/ivsc/mei_csi.c | 2 drivers/media/platform/qcom/camss/camss-csiphy-3ph-1-0.c | 3 drivers/media/platform/qcom/camss/camss.c | 20 drivers/media/platform/qcom/iris/iris_buffer.c | 20 drivers/media/platform/qcom/iris/iris_buffer.h | 3 drivers/media/platform/qcom/iris/iris_ctrls.c | 7 drivers/media/platform/qcom/iris/iris_hfi_gen1_command.c | 27 - drivers/media/platform/qcom/iris/iris_hfi_gen1_defines.h | 1 drivers/media/platform/qcom/iris/iris_hfi_gen1_response.c | 20 drivers/media/platform/qcom/iris/iris_hfi_gen2_command.c | 4 drivers/media/platform/qcom/iris/iris_hfi_gen2_response.c | 11 drivers/media/platform/qcom/iris/iris_hfi_queue.c | 2 drivers/media/platform/qcom/iris/iris_instance.h | 2 drivers/media/platform/qcom/iris/iris_platform_common.h | 2 drivers/media/platform/qcom/iris/iris_platform_sm8250.c | 9 drivers/media/platform/qcom/iris/iris_state.c | 2 drivers/media/platform/qcom/iris/iris_state.h | 1 drivers/media/platform/qcom/iris/iris_vb2.c | 15 drivers/media/platform/qcom/iris/iris_vdec.c | 9 drivers/media/platform/qcom/iris/iris_vidc.c | 33 + drivers/media/platform/qcom/venus/core.c | 18 drivers/media/platform/qcom/venus/core.h | 2 drivers/media/platform/qcom/venus/hfi_venus.c | 5 drivers/media/platform/qcom/venus/vdec.c | 5 drivers/media/platform/qcom/venus/venc.c | 5 drivers/media/platform/raspberrypi/pisp_be/Kconfig | 1 drivers/media/platform/raspberrypi/pisp_be/pisp_be.c | 5 drivers/media/platform/verisilicon/rockchip_vpu_hw.c | 9 drivers/media/test-drivers/vivid/vivid-ctrls.c | 3 drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4 drivers/media/usb/gspca/vicam.c | 10 drivers/media/usb/usbtv/usbtv-video.c | 4 drivers/media/v4l2-core/v4l2-ctrls-core.c | 1 drivers/memstick/core/memstick.c | 1 drivers/memstick/host/rtsx_usb_ms.c | 1 drivers/mfd/mt6397-core.c | 12 drivers/mmc/host/sdhci-of-arasan.c | 33 + drivers/mmc/host/sdhci-pci-gli.c | 37 - drivers/mmc/host/sdhci_am654.c | 18 drivers/most/core.c | 2 drivers/mtd/nand/raw/fsmc_nand.c | 2 drivers/mtd/nand/raw/renesas-nand-controller.c | 6 drivers/mtd/nand/spi/core.c | 5 drivers/mtd/spi-nor/swp.c | 19 drivers/net/bonding/bond_3ad.c | 67 +- drivers/net/bonding/bond_options.c | 1 drivers/net/dsa/microchip/ksz_common.c | 6 drivers/net/ethernet/airoha/airoha_ppe.c | 4 drivers/net/ethernet/broadcom/bnxt/bnxt.c | 2 drivers/net/ethernet/google/gve/gve_main.c | 2 drivers/net/ethernet/intel/igc/igc_main.c | 14 drivers/net/ethernet/intel/ixgbe/devlink/devlink.c | 1 drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 drivers/net/ethernet/marvell/octeontx2/af/rvu_npc_fs.c | 4 drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en/dcbnl.h | 1 drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.c | 18 drivers/net/ethernet/mellanox/mlx5/core/en/tc/ct_fs_hmfs.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_dcbnl.c | 12 drivers/net/ethernet/mellanox/mlx5/core/esw/devlink_port.c | 4 drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.h | 2 drivers/net/ethernet/mellanox/mlx5/core/port.c | 20 drivers/net/ethernet/mellanox/mlx5/core/steering/hws/bwc_complex.c | 41 + drivers/net/ethernet/mellanox/mlx5/core/steering/hws/cmd.c | 1 drivers/net/ethernet/mellanox/mlx5/core/steering/hws/cmd.h | 1 drivers/net/ethernet/mellanox/mlx5/core/steering/hws/fs_hws.c | 1 drivers/net/ethernet/mellanox/mlx5/core/steering/hws/matcher.c | 5 drivers/net/ethernet/mellanox/mlx5/core/steering/hws/mlx5hws.h | 1 drivers/net/ethernet/mellanox/mlx5/core/steering/hws/send.c | 1 drivers/net/ethernet/mellanox/mlx5/core/steering/hws/table.c | 13 drivers/net/ethernet/mellanox/mlx5/core/steering/hws/table.h | 3 drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 drivers/net/ethernet/microchip/lan865x/lan865x.c | 21 drivers/net/ethernet/realtek/rtase/rtase.h | 2 drivers/net/ethernet/stmicro/stmmac/dwmac-thead.c | 9 drivers/net/ethernet/ti/icssg/icssg_prueth.c | 72 +- drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 8 drivers/net/phy/mscc/mscc.h | 12 drivers/net/phy/mscc/mscc_main.c | 12 drivers/net/phy/mscc/mscc_ptp.c | 49 + drivers/net/ppp/ppp_generic.c | 17 drivers/net/usb/asix_devices.c | 2 drivers/net/wireless/ath/ath11k/ce.c | 3 drivers/net/wireless/ath/ath11k/dp_rx.c | 3 drivers/net/wireless/ath/ath11k/hal.c | 33 + drivers/net/wireless/ath/ath12k/ce.c | 3 drivers/net/wireless/ath/ath12k/hal.c | 38 + drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 drivers/pci/controller/dwc/pci-imx6.c | 12 drivers/pci/controller/dwc/pcie-designware.c | 8 drivers/pci/controller/pcie-rockchip-ep.c | 4 drivers/pci/controller/pcie-rockchip-host.c | 49 + drivers/pci/controller/pcie-rockchip.h | 12 drivers/pci/endpoint/pci-ep-cfs.c | 1 drivers/pci/endpoint/pci-epf-core.c | 2 drivers/pci/pci.h | 32 - drivers/pci/pcie/portdrv.c | 2 drivers/phy/qualcomm/phy-qcom-m31.c | 14 drivers/platform/chrome/cros_ec.c | 3 drivers/platform/x86/amd/hsmp/hsmp.c | 5 drivers/platform/x86/intel/uncore-frequency/uncore-frequency-tpmi.c | 5 drivers/pwm/pwm-imx-tpm.c | 9 drivers/pwm/pwm-mediatek.c | 71 +- drivers/regulator/pca9450-regulator.c | 13 drivers/regulator/tps65219-regulator.c | 12 drivers/s390/char/sclp.c | 11 drivers/scsi/mpi3mr/mpi3mr.h | 6 drivers/scsi/mpi3mr/mpi3mr_fw.c | 17 drivers/scsi/mpi3mr/mpi3mr_os.c | 2 drivers/scsi/qla4xxx/ql4_os.c | 2 drivers/soc/qcom/mdt_loader.c | 43 + drivers/soc/tegra/pmc.c | 51 + drivers/spi/spi-fsl-lpspi.c | 8 drivers/spi/spi-qpic-snand.c | 22 drivers/staging/media/imx/imx-media-csc-scaler.c | 2 drivers/tty/serial/8250/8250_port.c | 3 drivers/tty/vt/defkeymap.c_shipped | 112 ++++ drivers/tty/vt/keyboard.c | 2 drivers/ufs/core/ufshcd.c | 10 drivers/ufs/host/ufs-exynos.c | 4 drivers/ufs/host/ufs-qcom.c | 42 - drivers/ufs/host/ufshcd-pci.c | 42 + drivers/usb/atm/cxacru.c | 106 +--- drivers/usb/core/hcd.c | 20 drivers/usb/core/quirks.c | 1 drivers/usb/dwc3/dwc3-imx8mp.c | 7 drivers/usb/dwc3/dwc3-meson-g12a.c | 3 drivers/usb/dwc3/dwc3-pci.c | 2 drivers/usb/dwc3/ep0.c | 20 drivers/usb/dwc3/gadget.c | 19 drivers/usb/gadget/udc/renesas_usb3.c | 1 drivers/usb/host/xhci-hub.c | 3 drivers/usb/host/xhci-mem.c | 22 drivers/usb/host/xhci-pci-renesas.c | 7 drivers/usb/host/xhci-ring.c | 9 drivers/usb/host/xhci.c | 23 drivers/usb/host/xhci.h | 3 drivers/usb/musb/omap2430.c | 14 drivers/usb/storage/realtek_cr.c | 2 drivers/usb/storage/unusual_devs.h | 29 + drivers/usb/typec/tcpm/maxim_contaminant.c | 58 ++ drivers/usb/typec/tcpm/tcpci_maxim.h | 1 drivers/vhost/vsock.c | 6 drivers/video/console/vgacon.c | 2 fs/btrfs/ctree.c | 23 fs/btrfs/extent-tree.c | 2 fs/btrfs/extent_io.c | 94 +-- fs/btrfs/extent_io.h | 2 fs/btrfs/fiemap.c | 2 fs/btrfs/free-space-tree.c | 17 fs/btrfs/inode.c | 8 fs/btrfs/print-tree.c | 2 fs/btrfs/qgroup.c | 6 fs/btrfs/relocation.c | 4 fs/btrfs/subpage.c | 258 +++++----- fs/btrfs/subpage.h | 45 + fs/btrfs/super.c | 13 fs/btrfs/tree-log.c | 4 fs/btrfs/zoned.c | 70 ++ fs/buffer.c | 2 fs/debugfs/inode.c | 11 fs/erofs/Kconfig | 18 fs/ext4/fsmap.c | 23 fs/ext4/indirect.c | 4 fs/ext4/inode.c | 2 fs/ext4/orphan.c | 5 fs/ext4/super.c | 8 fs/f2fs/node.c | 10 fs/fhandle.c | 2 fs/internal.h | 3 fs/iomap/direct-io.c | 14 fs/jbd2/checkpoint.c | 1 fs/libfs.c | 27 - fs/namespace.c | 69 +- fs/netfs/read_collect.c | 4 fs/netfs/write_collect.c | 10 fs/netfs/write_issue.c | 4 fs/nfs/pagelist.c | 9 fs/nfs/write.c | 29 - fs/overlayfs/copy_up.c | 2 fs/proc/task_mmu.c | 4 fs/smb/client/smb2ops.c | 2 fs/smb/server/connection.c | 3 fs/smb/server/connection.h | 7 fs/smb/server/oplock.c | 13 fs/smb/server/transport_rdma.c | 5 fs/smb/server/transport_rdma.h | 4 fs/smb/server/transport_tcp.c | 26 - fs/splice.c | 3 fs/squashfs/super.c | 14 fs/xfs/libxfs/xfs_refcount.c | 4 fs/xfs/scrub/common.c | 3 fs/xfs/scrub/repair.c | 12 fs/xfs/scrub/scrub.c | 5 fs/xfs/xfs_attr_item.c | 5 fs/xfs/xfs_discard.c | 12 fs/xfs/xfs_fsmap.c | 4 fs/xfs/xfs_icache.c | 5 fs/xfs/xfs_inode.c | 7 fs/xfs/xfs_itable.c | 24 fs/xfs/xfs_iwalk.c | 11 fs/xfs/xfs_notify_failure.c | 6 fs/xfs/xfs_qm.c | 10 fs/xfs/xfs_rtalloc.c | 13 fs/xfs/xfs_trans.c | 56 +- fs/xfs/xfs_trans.h | 3 fs/xfs/xfs_zone_alloc.c | 10 fs/xfs/xfs_zone_gc.c | 5 include/crypto/hash.h | 2 include/crypto/internal/acompress.h | 5 include/drm/drm_format_helper.h | 9 include/drm/intel/pciids.h | 1 include/linux/blkdev.h | 1 include/linux/compiler.h | 8 include/linux/iosys-map.h | 7 include/linux/iov_iter.h | 20 include/linux/kcov.h | 47 - include/linux/mlx5/mlx5_ifc.h | 14 include/linux/netfs.h | 1 include/linux/nfs_page.h | 1 include/net/bluetooth/bluetooth.h | 4 include/net/bluetooth/hci.h | 1 include/net/bluetooth/hci_core.h | 54 +- include/net/bond_3ad.h | 1 include/net/devlink.h | 6 include/net/sch_generic.h | 11 include/sound/cs35l56.h | 5 include/trace/events/btrfs.h | 2 include/uapi/linux/pfrut.h | 1 include/uapi/linux/raid/md_p.h | 2 io_uring/futex.c | 3 kernel/Kconfig.kexec | 1 kernel/cgroup/cpuset.c | 9 kernel/cgroup/rstat.c | 3 kernel/kexec_handover.c | 29 - kernel/sched/ext.c | 4 kernel/signal.c | 6 kernel/trace/ftrace.c | 19 kernel/trace/trace.c | 34 - kernel/trace/trace.h | 10 mm/damon/core.c | 15 mm/damon/paddr.c | 4 mm/debug_vm_pgtable.c | 9 mm/filemap.c | 3 mm/kasan/kasan_test_c.c | 2 mm/memory-failure.c | 8 mm/mremap.c | 41 - net/bluetooth/hci_conn.c | 17 net/bluetooth/hci_core.c | 27 - net/bluetooth/hci_event.c | 15 net/bluetooth/hci_sync.c | 33 - net/bluetooth/iso.c | 20 net/bluetooth/mgmt.c | 13 net/bridge/br_multicast.c | 16 net/bridge/br_private.h | 2 net/core/dev.c | 12 net/devlink/port.c | 2 net/hsr/hsr_slave.c | 8 net/ipv4/netfilter/nf_reject_ipv4.c | 6 net/ipv6/netfilter/nf_reject_ipv6.c | 5 net/ipv6/seg6_hmac.c | 6 net/mptcp/options.c | 6 net/mptcp/pm.c | 18 net/mptcp/pm_kernel.c | 1 net/sched/sch_cake.c | 14 net/sched/sch_codel.c | 12 net/sched/sch_fq.c | 12 net/sched/sch_fq_codel.c | 12 net/sched/sch_fq_pie.c | 12 net/sched/sch_hhf.c | 12 net/sched/sch_htb.c | 2 net/sched/sch_pie.c | 12 net/smc/af_smc.c | 3 net/tls/tls_sw.c | 7 net/vmw_vsock/virtio_transport.c | 12 rust/kernel/alloc/allocator.rs | 30 - rust/kernel/alloc/allocator_test.rs | 11 rust/kernel/drm/device.rs | 32 - rust/kernel/faux.rs | 2 security/apparmor/lsm.c | 4 sound/core/timer.c | 4 sound/pci/hda/patch_realtek.c | 2 sound/pci/hda/tas2781_hda_i2c.c | 2 sound/soc/codecs/cs35l56-sdw.c | 69 -- sound/soc/codecs/cs35l56-shared.c | 29 + sound/soc/codecs/cs35l56.c | 2 sound/soc/codecs/cs35l56.h | 3 sound/soc/sof/amd/acp-loader.c | 6 sound/usb/stream.c | 2 sound/usb/validate.c | 2 tools/objtool/arch/loongarch/special.c | 23 tools/testing/selftests/net/mptcp/mptcp_connect.c | 5 tools/testing/selftests/net/mptcp/mptcp_inq.c | 5 tools/testing/selftests/net/mptcp/mptcp_sockopt.c | 5 tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 498 files changed, 4865 insertions(+), 2704 deletions(-) Adrian Huang (Lenovo) (1): signal: Fix memory leak for PIDFD_SELF* sentinels Adrian Hunter (1): scsi: ufs: ufs-pci: Fix default runtime and system PM levels Akhilesh Patil (1): RDMA/core: Free pfn_list with appropriate kvfree call Al Viro (1): use uniform permission checks for all mount propagation changes Alan Huang (1): xfs: Remove unused label in xfs_dax_notify_dev_failure Aleksa Sarai (1): open_tree_attr: do not allow id-mapping changes without OPEN_TREE_CLONE Alex Deucher (7): drm/amdgpu/discovery: fix fw based ip discovery drm/amdgpu: add missing vram lost check for LEGACY RESET drm/amdgpu: track whether a queue is a kernel queue in amdgpu_mqd_prop drm/amdgpu: update mmhub 3.0.1 client id mappings drm/amdgpu: update mmhub 3.3 client id mappings drm/amdgpu: update mmhub 4.1.0 client id mappings drm/amdgpu/swm14: Update power limit logic Alex Guo (1): i2c: rtl9300: Fix out-of-bounds bug in rtl9300_i2c_smbus_xfer Alex Vesker (1): net/mlx5: HWS, Fix table creation UID Alexander Sverdlin (1): arm64: dts: ti: k3-pinctrl: Enable Schmitt Trigger by default Alexander Wilhelm (1): bus: mhi: host: Fix endianness of BHI vector table Alexei Lazar (1): net/mlx5e: Query FW for buffer ownership Amber Lin (1): drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Amit Sunil Dhamne (2): usb: typec: maxim_contaminant: disable low power mode when reading comparator values usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean Anantha Prabhu (1): RDMA/bnxt_re: Fix to initialize the PBL array Andrea Righi (1): sched/ext: Fix invalid task state transitions on class switch Andreas Dilger (1): ext4: check fast symlink for ea_inode correctly André Draszik (1): scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE Andy Shevchenko (1): iio: imu: inv_icm42600: Convert to uXX and sXX integer types Archana Patni (1): scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers Armen Ratner (1): net/mlx5e: Preserve shared buffer capacity during headroom updates Ashish Kalra (1): crypto: ccp - Fix SNP panic notifier unregistration Baihan Li (5): drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed drm/hisilicon/hibmc: fix irq_request()'s irq name variable is local drm/hisilicon/hibmc: fix the hibmc loaded failed bug drm/hisilicon/hibmc: fix rare monitors cannot display problem drm/hisilicon/hibmc: fix dp and vga cannot show together Bao D. Nguyen (1): scsi: ufs: ufs-qcom: Update esi_vec_mask for HW major version >= 6 Baokun Li (2): ext4: preserve SB_I_VERSION on remount jbd2: prevent softlockup in jbd2_log_do_checkpoint() Bart Van Assche (2): scsi: ufs: core: Fix IRQ lock inversion for the SCSI host lock scsi: ufs: core: Remove WARN_ON_ONCE() call from ufshcd_uic_cmd_compl() Bharat Bhushan (3): crypto: octeontx2 - Fix address alignment issue on ucode loading crypto: octeontx2 - Fix address alignment on CN10K A0/A1 and OcteonTX2 crypto: octeontx2 - Fix address alignment on CN10KB and CN10KA-B0 Bibo Mao (4): LoongArch: KVM: Make function kvm_own_lbt() robust LoongArch: KVM: Fix stack protector issue in send_ipi_data() LoongArch: KVM: Add address alignment check in pch_pic register access LoongArch: KVM: Use standard bitops API with eiointc Bingbu Cao (1): media: hi556: correct the test pattern configuration Bjorn Andersson (1): soc: qcom: mdt_loader: Ensure we don't read past the ELF header Bo Liu (OpenAnolis) (1): erofs: fix build error with CONFIG_EROFS_FS_ZIP_ACCEL=y Boshi Yu (2): RDMA/erdma: Fix ignored return value of init_kernel_qp RDMA/erdma: Fix unset QPN of GSI QP Bryan O'Donoghue (2): media: qcom: camss: csiphy-3ph: Fix inadvertent dropping of SDM660/SDM670 phy init media: qcom: camss: Remove extraneous -supply postfix on supply names Chao Yu (1): f2fs: fix to avoid out-of-boundary access in dnode page Charalampos Mitrodimas (1): debugfs: fix mount options not being applied Chen Yu (1): ACPI: pfr_update: Fix the driver update version check Chenyuan Yang (1): drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() Chi Zhiling (1): readahead: fix return value of page_cache_next_miss() when no hole is found Christian Brauner (1): libfs: massage path_from_stashed() to allow custom stashing behavior Christoph Hellwig (5): xfs: decouple xfs_trans_alloc_empty from xfs_trans_alloc xfs: return the allocated transaction from xfs_trans_alloc_empty xfs: improve the comments in xfs_select_zone_nowait xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags xfs: fix frozen file system assert in xfs_trans_alloc Christoph Manszewski (1): drm/xe: Fix vm_bind_ioctl double free bug Christoph Paasch (1): mptcp: drop skb if MPTCP skb extension allocation fails Claudiu Beznea (2): iio: adc: rzg2l_adc: Set driver data before enabling runtime PM iio: adc: rzg2l: Cleanup suspend/resume path Cristian Ciocaltea (3): arm64: dts: rockchip: Add HDMI PHY PLL clock source to VOP2 on rk3576 arm64: dts: rockchip: Enable HDMI PHY clk provider on rk3576 dt-bindings: display: vop2: Add optional PLL clock property for rk3576 D. Wythe (1): net/smc: fix UAF on smcsk after smc_listen_out() Damien Le Moal (7): ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig dm: dm-crypt: Do not partially accept write BIOs with zoned targets dm: Check for forbidden splitting of zone write operations ata: libata-scsi: Fix ata_to_sense_error() status handling ata: libata-scsi: Return aborted command when missing sense and result TF PCI: endpoint: Fix configfs group list head handling PCI: endpoint: Fix configfs group removal on driver teardown Dan Carpenter (6): cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() media: gspca: Add bounds checking to firmware parser soc: qcom: mdt_loader: Fix error return values in mdt_header_valid() scsi: qla4xxx: Prevent a potential error pointer dereference ALSA: usb-audio: Fix size validation in convert_chmap_v3() regulator: tps65219: regulator: tps65219: Fix error codes in probe() Daniel Jurgens (1): net/mlx5: Base ECVF devlink port attrs from 0 Danilo Krummrich (4): rust: alloc: replace aligned_size() with Kmalloc::aligned_layout() rust: drm: ensure kmalloc() compatible Layout rust: drm: remove pin annotations from drm::Device rust: drm: don't pass the address of drm::Device to drm_dev_put() David Hildenbrand (1): mm/mremap: fix WARN with uffd that has remap events disabled David Howells (2): netfs: Fix unbuffered write error handling cifs: Fix oops due to uninitialised variable David Lechner (13): iio: adc: ad7173: fix num_slots iio: imu: bno055: fix OOB access of hw_xlate array iio: adc: ad_sigma_delta: change to buffer predisable iio: adc: ad7173: fix channels index for syscalib_mode iio: adc: ad7173: fix calibration channel iio: adc: ad7173: fix setting ODR in probe iio: adc: ad7380: fix missing max_conversion_rate_hz on adaq4381-4 iio: accel: sca3300: fix uninitialized iio scan data iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read() iio: adc: ad7124: fix channel lookup in syscalib functions iio: adc: ad7173: prevent scan if too many setups requested iio: proximity: isl29501: fix buffered read on big-endian systems iio: imu: inv_icm42600: use = { } instead of memset() David Sterba (1): btrfs: move transaction aborts to the error site in add_block_group_free_space() David Yat Sin (1): drm/amdkfd: Fix checkpoint-restore on multi-xcc Dewei Meng (1): ALSA: timer: fix ida_free call while not allocated Dikshita Agarwal (16): media: iris: Avoid updating frame size to firmware during reconfig media: iris: Drop port check for session property response media: iris: Fix buffer preparation failure during resolution change media: iris: Fix missing function pointer initialization media: iris: Fix NULL pointer dereference media: iris: Fix typo in depth variable media: iris: Prevent HFI queue writes when core is in deinit state media: iris: Remove deprecated property setting to firmware media: iris: Remove error check for non-zero v4l2 controls media: iris: Send V4L2_BUF_FLAG_ERROR for capture buffers with 0 filled length media: iris: Skip destroying internal buffer if not dequeued media: iris: Skip flush on first sequence change media: iris: Track flush responses to prevent premature completion media: iris: Update CAPTURE format info based on OUTPUT format media: iris: Verify internal buffer release on close media: iris: Remove unnecessary re-initialization of flush completion Dmitry Torokhov (1): mfd: mt6397: Do not use generic name for keypad sub-devices Dominique Martinet (1): iov_iter: iterate_folioq: fix handling of offset >= folio size Edward Adam Davis (1): comedi: pcl726: Prevent invalid irq number Emanuele Ghidoli (1): arm64: dts: ti: k3-am62-verdin: Enable pull-ups on I2C buses Eric Biggers (7): lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts crypto: x86/aegis - Fix sleeping when disallowed on PREEMPT_RT crypto: x86/aegis - Add missing error checks ipv6: sr: Fix MAC comparison to be constant-time crypto: acomp - Fix CFI failure due to type punning Evgeniy Harchenko (1): ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 Fanhua Li (1): drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor(). Filipe Manana (5): btrfs: always abort transaction on failure to add block group to free space tree btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() btrfs: reorganize logic at free_extent_buffer() for better readability btrfs: add comment for optimization in free_extent_buffer() btrfs: use refcount_t type for the extent buffer reference counter Finn Thain (1): m68k: Fix lost column on framebuffer debug console Florian Westphal (1): netfilter: nf_reject: don't leak dst refcount for loopback packets Frank Min (1): drm/amdgpu: add kicker fws loading for gfx12/smu14/psp14 Gabor Juhos (3): mtd: spinand: propagate spinand_wait() errors from spinand_write_page() spi: spi-qpic-snand: use correct CW_PER_PAGE value for OOB write spi: spi-qpic-snand: fix calculating of ECC OOB regions' properties Gang Ba (1): drm/amdgpu: Avoid extra evict-restore process. Geert Uytterhoeven (1): erofs: Do not select tristate symbols from bool symbols Geliang Tang (2): mptcp: remove duplicate sk_reset_timer call mptcp: disable add_addr retransmission when timeout is 0 Geraldo Nascimento (2): PCI: rockchip: Use standard PCIe definitions PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining Giovanni Cabiddu (2): crypto: qat - lower priority for skcipher and aead algorithms crypto: qat - flush misc workqueue during device shutdown Greg Kroah-Hartman (1): Linux 6.16.4 Gui-Dong Han (1): media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() Hangbin Liu (2): bonding: update LACP activity flag after setting lacp_active bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU Hans Verkuil (1): media: vivid: fix wrong pixel_array control size Hans de Goede (1): media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls Haoxiang Li (1): media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() Hariprasad Kelam (1): Octeontx2-af: Skip overlap check for SPI field Harshal Gohel (1): i2c: rtl9300: Fix multi-byte I2C write Heikki Krogerus (1): usb: dwc3: pci: add support for the Intel Wildcat Lake Heiko Carstens (1): s390/mm: Do not map lowcore with identity mapping Helge Deller (2): Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" apparmor: Fix 8-byte alignment for initial dfa blob streams Herbert Xu (1): crypto: hash - Increase HASH_MAX_DESCSIZE for hmac(sha3-224-s390) Herton R. Krzesinski (1): mm/debug_vm_pgtable: clear page table entries at destroy_args() Hong Guan (1): arm64: dts: ti: k3-am62a7-sk: fix pinmux for main_uart1 Horatiu Vultur (1): phy: mscc: Fix timestamping for vsc8584 Ian Abbott (2): comedi: Make insn_rw_emulate_bits() do insn->n samples comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() Ido Schimmel (1): mlxsw: spectrum: Forward packets with an IPv4 link-local source IP Igor Pylypiv (1): ata: libata-scsi: Fix CDL control Imre Deak (6): drm/i915/lnl+/tc: Fix handling of an enabled/disconnected dp-alt sink drm/i915/icl+/tc: Cache the max lane count value drm/i915/lnl+/tc: Fix max lane count HW readout drm/i915/lnl+/tc: Use the cached max lane count value drm/i915/icl+/tc: Convert AUX powered WARN to a debug message drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS JP Kobryn (1): cgroup: avoid null de-ref in css_rstat_exit() Jacopo Mondi (1): media: pisp_be: Fix pm_runtime underrun in probe Jakub Acs (1): net, hsr: reject HSR frame if skb can't hold tag Jakub Kicinski (1): tls: fix handling of zero-length records on the rx_list Jakub Ramaseuski (1): net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM Jan Beulich (1): compiler: remove __ADDRESSABLE_ASM{_STR,}() again Jan Kara (1): iomap: Fix broken data integrity guarantees for O_SYNC writes Jani Nikula (1): drm/i915: silence rpm wakeref asserts on GEN11_GU_MISC_IIR access Jann Horn (1): kasan/test: fix protection against compiler elision Jason Gunthorpe (1): iommu: Remove ops.pgsize_bitmap from drivers that don't use it Jason Xing (1): ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc Jean-Baptiste Maneyrol (1): iio: imu: inv_icm42600: change invalid data error to -EBUSY Jedrzej Jagielski (2): devlink: let driver opt out of automatic phys_port_name generation ixgbe: prevent from unwanted interface name changes Jens Axboe (1): io_uring/futex: ensure io_futex_wait() cleans up properly on failure Jialin Wang (1): proc: proc_maps_open allow proc_mem_open to return NULL Jiande Lu (1): Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown Jiayi Li (1): memstick: Fix deadlock by moving removing flag earlier Jinjiang Tu (1): mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn Jiwei Sun (1): PCI: Fix link speed calculation on retrain failure Jocelyn Falempe (1): drm/panic: Add a u64 divide by 10 for arm32 Johan Hovold (10): usb: gadget: udc: renesas_usb3: fix device leak at unbind usb: musb: omap2430: fix device leak at unbind usb: dwc3: meson-g12a: fix device leaks at unbind usb: dwc3: imx8mp: fix device leak at unbind wifi: ath12k: fix dest ring-buffer corruption wifi: ath12k: fix source ring-buffer corruption wifi: ath12k: fix dest ring-buffer corruption when ring is full wifi: ath11k: fix dest ring-buffer corruption wifi: ath11k: fix source ring-buffer corruption wifi: ath11k: fix dest ring-buffer corruption when ring is full John David Anglin (8): parisc: Check region is readable by user in raw_copy_from_user() parisc: Define and use set_pte_at() parisc: Drop WARN_ON_ONCE() from flush_cache_vmap parisc: Rename pte_needs_flush() to pte_needs_cache_flush() in cache.c parisc: Revise __get_user() to probe user read access parisc: Revise gateway LWS calls to probe user read access parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault() parisc: Update comments in make_insert_tlb John Ernberg (1): crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Jon Hunter (1): soc/tegra: pmc: Ensure power-domains are in a known state Jonathan Cameron (1): iio: light: as73211: Ensure buffer holes are zeroed Jordan Rhee (1): gve: prevent ethtool ops after shutdown Jorge Ramirez-Ortiz (2): media: venus: hfi: explicitly release IRQ during teardown media: venus: protect against spurious interrupts during probe José Expósito (2): drm/tests: Fix endian warning drm/tests: Fix drm_test_fb_xrgb8888_to_xrgb2101010() on big-endian Judith Mendez (3): arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support arm64: dts: ti: k3-am62*: Move eMMC pinmux to top level board file mmc: sdhci_am654: Disable HS400 for AM62P SR1.0 and SR1.1 Julian Sun (1): block: restore default wbt enablement Junxian Huang (1): RDMA/hns: Fix dip entries leak on devices newer than hip09 Justin Lai (1): rtase: Fix Rx descriptor CRC error bit definition Kalesh AP (1): RDMA/bnxt_re: Fix a possible memory leak in the driver Kanglong Wang (1): LoongArch: Optimize module load time by optimizing PLT/GOT counting Kashyap Desai (2): RDMA/bnxt_re: Fix to do SRQ armena by default RDMA/bnxt_re: Fix to remove workload check in SRQ limit path Kathiravan Thirumoorthy (2): phy: qcom: phy-qcom-m31: Update IPQ5332 M31 USB phy initialization sequence i2c: qcom-geni: fix I2C frequency table to achieve accurate bus rates Kaustabh Chakraborty (3): arm64: dts: exynos7870-j6lte: reduce memory ranges to base amount arm64: dts: exynos7870: add quirk to disable USB2 LPM in gadget mode arm64: dts: exynos7870-on7xelte: reduce memory ranges to base amount Kees Cook (1): iommu/amd: Avoid stack buffer overflow from kernel cmdline Konrad Dybcio (1): media: venus: Fix MSM8998 frequency table Krzysztof Kozlowski (2): dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints Kuen-Han Tsai (1): usb: dwc3: Ignore late xferNotReady event to prevent halt timeout Kyoji Ogasawara (3): btrfs: fix incorrect log message for nobarrier mount option btrfs: restore mount option info messages during mount btrfs: fix printing of mount info messages for NODATACOW/NODATASUM Laurentiu Mihalcea (1): pwm: imx-tpm: Reset counter if CMOD is 0 Lauri Tirkkonen (1): drm/amd/display: fix initial backlight brightness calculation Leo Martins (1): btrfs: fix subpage deadlock in try_release_subpage_extent_buffer() Li Nan (1): md: rename recovery_cp to resync_offset Liao Yuanhong (1): ext4: use kmalloc_array() for array space allocation Lijo Lazar (2): drm/amdgpu: Update external revid for GC v9.5.0 drm/amdgpu: Update supported modes for GC v9.5.0 Liu01 Tong (1): drm/amdgpu: fix task hang from failed job submission during process kill Lorenzo Bianconi (1): net: airoha: ppe: Do not invalid PPE entries in case of SW hash collision Ludwig Disterhof (1): media: usbtv: Lock resolution while streaming Luiz Augusto von Dentz (4): Bluetooth: hci_sync: Fix scan state after PA Sync has been established Bluetooth: hci_core: Fix using {cis,bis}_capable for current settings Bluetooth: hci_core: Fix using ll_privacy_capable for current settings Bluetooth: hci_core: Fix not accounting for BIS/CIS/PA links separately Lukas Wunner (1): PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge MD Danish Anwar (1): net: ti: icssg-prueth: Fix HSR and switch offload Enablement during firwmare reload. Macpaul Lin (1): scsi: dt-bindings: mediatek,ufs: Add ufs-disable-mcq flag for UFS host Mael GUERIN (1): USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera Marek Szyprowski (1): zynq_fpga: use sgtable-based scatterlist wrappers Marek Vasut (1): usb: renesas-xhci: Fix External ROM access timeouts Mario Limonciello (5): drm/amd: Restore cached power limit during resume drm/amd/display: Pass up errors for reset GPU that fails to init HW drm/amd/display: Revert "drm/amd/display: Fix AMDGPU_MAX_BL_LEVEL value" drm/amd/display: Avoid a NULL pointer dereference drm/amd: Restore cached manual clock settings during resume Masami Hiramatsu (Google) (1): tracing: fprobe-event: Sanitize wildcard for fprobe event name Mathis Foerst (1): media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval Matthieu Baerts (NGI0) (4): mptcp: pm: kernel: flush: do not reset ADD_ADDR limit selftests: mptcp: pm: check flush doesn't reset limits selftests: mptcp: connect: fix C23 extension warning selftests: mptcp: sockopt: fix C23 extension warning Matti Vaittinen (1): iio: adc: bd79124: Add GPIOLIB dependency Miao Li (1): usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive Miaoqian Lin (1): most: core: Drop device reference after usage in get_channel() Michael Chan (1): bnxt_en: Fix lockdep warning during rmmod Michael Walle (1): mtd: spi-nor: Fix spi_nor_try_unlock_all() Michel Dänzer (1): drm/amd/display: Add primary plane to commits for correct VRR handling Miguel Ojeda (3): rust: faux: fix C header link drm: nova-drm: fix 32-bit arm build rust: alloc: fix `rusttest` by providing `Cmalloc::aligned_layout` too Ming Lei (1): blk-mq: fix lockdep warning in __blk_mq_update_nr_hw_queues Minhong He (1): ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add Muhammad Usama Anjum (1): ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context Myrrh Periwinkle (2): vt: keyboard: Don't process Unicode characters in K_OFF mode vt: defkeymap: Map keycodes above 127 to K_HOLE Namjae Jeon (1): ksmbd: extend the connection limiting mechanism to support IPv6 Naohiro Aota (3): btrfs: zoned: fix write time activation failure for metadata block group btrfs: subpage: keep TOWRITE tag until folio is cleaned btrfs: zoned: fix data relocation block group reservation Nathan Chancellor (3): usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() drm/amdgpu: Initialize data to NULL in imu_v12_0_program_rlc_ram() NeilBrown (1): ovl: use I_MUTEX_PARENT when locking parent in ovl_create_temp() Nick Chan (1): arm64: dts: apple: t8012-j132: Include touchbar framebuffer node Nicolas Dufresne (1): media: verisilicon: Fix AV1 decoder clock frequency Nicolin Chen (1): iommu/arm-smmu-v3: Fix smmu_domain->nr_ats_masters decrement Niklas Cassel (1): PCI: dwc: Ensure that dw_pcie_wait_for_link() waits 100 ms after link up Niklas Neronin (1): usb: xhci: fix host not responding after suspend and resume Nilay Shroff (6): block: move elevator queue allocation logic into blk_mq_init_sched block: fix lockdep warning caused by lock dependency in elv_iosched_store block: fix potential deadlock while running nr_hw_queue update block: decrement block_rq_qos static key in rq_qos_del() block: skip q->rq_qos check in rq_qos_done_bio() block: avoid cpu_hotplug_lock depedency on freeze_lock Nitin Gote (1): iosys-map: Fix undefined behavior in iosys_map_clear() Nitin Rawat (1): scsi: ufs: ufs-qcom: Fix ESI null pointer dereference Ojaswin Mujoo (2): ext4: fix fsmap end of range reporting with bigalloc ext4: fix reserved gdt blocks handling in fsmap Oren Sidi (1): net/mlx5: Add IFC bits and enums for buf_ownership Parthiban Veerasooran (2): microchip: lan865x: fix missing netif_start_queue() call on device open microchip: lan865x: fix missing Timer Increment config for Rev.B0/B1 Pasha Tatashin (3): kho: init new_physxa->phys_bits to fix lockdep kho: mm: don't allow deferred struct page with KHO kho: warn if KHO is disabled due to an error Pauli Virtanen (1): Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established Peng Fan (1): regulator: pca9450: Use devm_register_sys_off_handler Peter Griffin (1): arm64: dts: exynos: gs101: ufs: add dma-coherent property Peter Oberparleiter (3): s390/sclp: Fix SCCB present check s390/hypfs: Avoid unnecessary ioctl registration in debugfs s390/hypfs: Enable limited access during lockdown Peter Shkenev (1): drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities Phillip Lougher (1): squashfs: fix memory leak in squashfs_fill_super Piotr Piórkowski (2): drm/xe: Assign ioctl xe file handler to vm in xe_vm_create drm/xe: Move ASID allocation and user PT BO tracking into xe_vm_create Pu Lehui (1): tracing: Limit access to parser->buffer when trace_get_user failed Qianfeng Rong (1): drm/nouveau/gsp: fix mismatched alloc/free for kvmalloc() Qingfang Deng (2): net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path ppp: fix race conditions in ppp_fill_forward_path Qu Wenruo (2): btrfs: add comments on the extra btrfs specific subpage bitmaps btrfs: rename btrfs_subpage structure Rafael J. Wysocki (2): PM: runtime: Take active children into account in pm_runtime_get_if_in_use() cpuidle: governors: menu: Avoid selecting states with too much latency Randy Dunlap (1): parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers Ranjan Kumar (3): scsi: mpi3mr: Fix race between config read submit and interrupt completion scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems Ricardo Ribalda (2): media: venus: vdec: Clamp param smaller than 1fps and bigger than 240. media: venus: venc: Clamp param smaller than 1fps and bigger than 240 Richard Fitzgerald (1): ASoC: cs35l56: Handle new algorithms IDs for CS35L63 Richard Zhu (4): PCI: imx6: Add IMX8MQ_EP third 64-bit BAR in epc_features PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset PCI: imx6: Delay link start until configfs 'start' written Robin Murphy (1): iommu/virtio: Make instance lookup robust Sai Krishna Potthuri (1): mmc: sdhci-of-arasan: Ensure CD logic stabilization before power-up Sakari Ailus (2): media: ipu6: isys: Use correct pads for xlate_streams() media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() Salah Triki (1): iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() Sam Edwards (1): arm64: dts: rockchip: Remove workaround that prevented Turing RK1 GPU power regulator control Sang-Heon Jeon (2): mm/damon/core: fix commit_ops_filters by using correct nth function mm/damon/core: fix damos_commit_filter not changing allow Sebastian Andrzej Siewior (1): kcov, usb: Don't disable interrupts in kcov_remote_start_usb_softirq() Sebastian Brzezinka (1): drm/i915/gt: Relocate compression repacking WA for JSL/EHL Selvarasu Ganesan (1): usb: dwc3: Remove WARN_ON for device endpoint command timeouts SeongJae Park (1): mm/damon/ops-common: ignore migration request to invalid nodes Sergey Shtylyov (1): Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() Simon Richter (1): Mark xe driver as BROKEN if kernel page size is not 4kB Siyang Liu (1): drm/amd/display: fix a Null pointer dereference vulnerability Song Gao (1): LoongArch: KVM: Use kvm_get_vcpu_by_id() instead of kvm_get_vcpu() Srinivas Pandruvada (1): platform/x86/intel-uncore-freq: Check write blocked for ELC Stefan Binding (2): ASoC: cs35l56: Update Firmware Addresses for CS35L63 for production silicon ASoC: cs35l56: Remove SoundWire Clock Divider workaround for CS35L63 Stefan Metzmacher (1): smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy() Stefan Wahren (1): spi: spi-fsl-lpspi: Clamp too high speed_hz Steven Rostedt (2): ftrace: Also allocate and copy hash for reading of filter files tracing: Remove unneeded goto out logic Suma Hegde (1): platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL Suraj Gupta (1): net: xilinx: axienet: Fix RX skb ring management in DMAengine mode Sven Eckelmann (2): i2c: rtl9300: Increase timeout for transfer polling i2c: rtl9300: Add missing count byte for SMBus Block Ops Takashi Iwai (2): ALSA: hda: tas2781: Fix wrong reference of tasdevice_priv ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation Theodore Ts'o (1): ext4: don't try to clear the orphan_present feature block device is r/o Thomas Bertschinger (1): fhandle: do_handle_open() should get FD with user flags Thomas Fourier (2): mtd: rawnand: fsmc: Add missing check after DMA map mtd: rawnand: renesas: Add missing check after DMA map Thomas Hellström (1): drm/xe: Defer buffer object shrinker write-backs and GPU waits Thomas Weißschuh (1): kbuild: userprogs: use correct linker when mixing clang and GNU ld Thomas Zimmermann (1): drm/tests: Do not use drm_fb_blit() in format-helper tests Thorsten Blum (3): accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc() cdx: Fix off-by-one error in cdx_rpmsg_probe() usb: storage: realtek_cr: Use correct byte order for bcs->Residue Tianxiang Peng (1): x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Tiezhu Yang (2): objtool/LoongArch: Get table size correctly if LTO is enabled LoongArch: Pass annotate-tablejump option if LTO is enabled Tim Harvey (1): hwmon: (gsc-hwmon) fix fan pwm setpoint show functions Timur Kristóf (9): drm/amd/display: Fix DCE 6.0 and 6.4 PLL programming. drm/amd/display: Don't overwrite dce60_clk_mgr drm/amd/display: Don't overclock DCE 6 by 15% drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 drm/amd/display: Fix DP audio DTO1 clock source on DCE 6. drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs drm/amd/display: Adjust DCE 8-10 clock, don't overclock by 15% drm/amd/display: Don't print errors for nonexistent connectors Tom Chung (1): drm/amd/display: Fix Xorg desktop unresponsive on Replay panel Tristram Ha (1): net: dsa: microchip: Fix KSZ9477 HSR port setup issue Trond Myklebust (1): NFS: Fix a race when updating an existing write Tzung-Bi Shih (1): platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() Uwe Kleine-König (3): pwm: mediatek: Handle hardware enable and clock enable separately pwm: mediatek: Fix duty and period setting ACPI: APEI: EINJ: Fix resource leak by remove callback in .exit.text ValdikSS (1): igc: fix disabling L1.2 PCI-E link substate on I226 on init Vedang Nagar (1): media: venus: Add a check for packet size after reading from shared memory Victor Shih (3): mmc: sdhci-pci-gli: Add a new function to simplify the code mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency Vlad Dogaru (1): net/mlx5: CT: Use the correct counter offset Vladimir Zapolskiy (1): media: qcom: camss: cleanup media device allocated resource on error path Vodapalli, Ravi Kumar (1): drm/xe/bmg: Add one additional PCI ID Waiman Long (2): cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key cgroup/cpuset: Fix a partition error with CPU hotplug Wang Liang (1): net: bridge: fix soft lockup in br_multicast_query_expired() Weitao Wang (1): usb: xhci: Fix slot_id resource race conflict Will Deacon (2): vsock/virtio: Validate length in packet header before skb_put() vhost/vsock: Avoid allocating arbitrarily-sized SKBs William Liu (3): net/sched: Fix backlog accounting in qdisc_dequeue_internal net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate Xaver Hugl (1): amdgpu/amdgpu_discovery: increase timeout limit for IFWI init XianLiang Huang (1): iommu/riscv: prevent NULL deref in iova_to_phys Xu Yang (1): usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test Xu Yilun (1): fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable() Yang Li (2): Bluetooth: hci_sync: Prevent unintended PA sync when SID is 0xFF Bluetooth: Add PA_LINK to distinguish BIG sync and PA sync connections Yang Wang (1): drm/amd/amdgpu: fix missing lock for cper.ring->rptr/wptr access Yao Zi (1): net: stmmac: thead: Enable TX clock before MAC initialization Yazen Ghannam (1): x86/CPU/AMD: Ignore invalid reset reason value Ye Bin (1): fs/buffer: fix use-after-free when call bh_read() helper Yevgeny Kliteynik (2): net/mlx5: HWS, fix bad parameter in CQ creation net/mlx5: HWS, fix complex rules rehash error flow Youssef Samir (1): bus: mhi: host: Detect events pointing to unexpected TREs YuanShang (1): drm/amdgpu: Retain job->vm in amdgpu_job_prepare_job Yuichiro Tsuji (1): net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization Yunhui Cui (1): serial: 8250: fix panic due to PSLVERR Yuntao Wang (1): fs: fix incorrect lflags value in the move_mount syscall Zenm Chen (1): USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles Zhang Shurong (1): media: ov2659: Fix memory leaks in ov2659_probe() Zhang Yi (1): ext4: fix hole length calculation overflow in non-extent inodes Zheng Qixing (2): md: add helper rdev_needs_recovery() md: fix sync_action incorrect display during resync Zhu Yanjun (1): RDMA/rxe: Flush delayed SKBs while releasing RXE resources Ziyan Xu (1): ksmbd: fix refcount leak causing resource not released wenglianfa (1): RDMA/hns: Fix querying wrong SCC context for DIP algorithm

2 weeks, 4 days

1
1
0 0

Linux 6.12.44

by Greg Kroah-Hartman

I'm announcing the release of the 6.12.44 kernel. All users of the 6.12 kernel series must upgrade. The updated 6.12.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2 Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dsi-host.yaml | 2 Documentation/devicetree/bindings/ufs/mediatek,ufs.yaml | 4 Documentation/networking/mptcp-sysctl.rst | 2 Makefile | 4 arch/arm64/boot/dts/exynos/google/gs101.dtsi | 1 arch/arm64/boot/dts/ti/k3-am62-lp-sk.dts | 36 + arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1 arch/arm64/boot/dts/ti/k3-am62-phycore-som.dtsi | 1 arch/arm64/boot/dts/ti/k3-am62-verdin.dtsi | 12 arch/arm64/boot/dts/ti/k3-am625-beagleplay.dts | 2 arch/arm64/boot/dts/ti/k3-am625-sk.dts | 24 arch/arm64/boot/dts/ti/k3-am62a-phycore-som.dtsi | 1 arch/arm64/boot/dts/ti/k3-am62a7-sk.dts | 7 arch/arm64/boot/dts/ti/k3-am62p5-sk.dts | 2 arch/arm64/boot/dts/ti/k3-am62x-sk-common.dtsi | 24 arch/arm64/boot/dts/ti/k3-am642-evm.dts | 1 arch/arm64/boot/dts/ti/k3-am654-base-board.dts | 1 arch/arm64/boot/dts/ti/k3-am6548-iot2050-advanced-common.dtsi | 1 arch/arm64/boot/dts/ti/k3-am69-sk.dts | 1 arch/arm64/boot/dts/ti/k3-pinctrl.h | 15 arch/loongarch/kernel/module-sections.c | 36 - arch/loongarch/kvm/vcpu.c | 8 arch/m68k/kernel/head.S | 31 arch/mips/crypto/chacha-core.S | 20 arch/parisc/Makefile | 4 arch/parisc/include/asm/pgtable.h | 7 arch/parisc/include/asm/special_insns.h | 28 arch/parisc/include/asm/uaccess.h | 21 arch/parisc/kernel/cache.c | 6 arch/parisc/kernel/entry.S | 17 arch/parisc/kernel/syscall.S | 30 arch/parisc/lib/memcpy.c | 19 arch/parisc/mm/fault.c | 4 arch/powerpc/boot/Makefile | 1 arch/s390/boot/vmem.c | 3 arch/s390/hypfs/hypfs_dbfs.c | 19 arch/x86/coco/sev/shared.c | 3 arch/x86/include/asm/xen/hypercall.h | 5 arch/x86/kernel/cpu/hygon.c | 3 arch/x86/kvm/mmu/mmu.c | 10 drivers/accel/habanalabs/gaudi2/gaudi2.c | 2 drivers/acpi/pfr_update.c | 2 drivers/ata/Kconfig | 36 - drivers/ata/libata-scsi.c | 58 - drivers/base/power/runtime.c | 27 drivers/bluetooth/btmtk.c | 7 drivers/bus/mhi/host/boot.c | 8 drivers/bus/mhi/host/internal.h | 4 drivers/bus/mhi/host/main.c | 12 drivers/cdx/controller/cdx_rpmsg.c | 3 drivers/comedi/comedi_fops.c | 5 drivers/comedi/drivers.c | 23 drivers/comedi/drivers/pcl726.c | 3 drivers/cpufreq/armada-8k-cpufreq.c | 2 drivers/cpuidle/governors/menu.c | 101 -- drivers/crypto/caam/ctrl.c | 5 drivers/crypto/caam/intern.h | 1 drivers/crypto/intel/qat/qat_common/adf_common_drv.h | 1 drivers/crypto/intel/qat/qat_common/adf_init.c | 1 drivers/crypto/intel/qat/qat_common/adf_isr.c | 5 drivers/crypto/intel/qat/qat_common/qat_algs.c | 12 drivers/crypto/marvell/octeontx2/otx2_cpt_reqmgr.h | 125 ++- drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 35 drivers/fpga/zynq-fpga.c | 10 drivers/gpu/drm/Kconfig | 5 drivers/gpu/drm/Makefile | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 76 +- drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6 drivers/gpu/drm/amd/amdgpu/imu_v12_0.c | 2 drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 - drivers/gpu/drm/amd/amdgpu/mmhub_v4_1_0.c | 34 drivers/gpu/drm/amd/amdgpu/soc15.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 28 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c | 2 drivers/gpu/drm/amd/display/dc/bios/bios_parser.c | 5 drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1 drivers/gpu/drm/amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 - drivers/gpu/drm/amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 drivers/gpu/drm/amd/display/dc/core/dc.c | 34 drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6 drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c | 30 drivers/gpu/drm/display/drm_dp_helper.c | 2 drivers/gpu/drm/drm_draw.c | 155 ++++ drivers/gpu/drm/drm_draw_internal.h | 56 + drivers/gpu/drm/drm_format_helper.c | 234 ++++-- drivers/gpu/drm/drm_format_internal.h | 127 +++ drivers/gpu/drm/drm_panic.c | 269 ------- drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4 drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.h | 17 drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_i2c.c | 46 - drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_vdac.c | 29 drivers/gpu/drm/i915/display/intel_tc.c | 58 + drivers/gpu/drm/nouveau/nvif/vmm.c | 3 drivers/gpu/drm/tests/drm_format_helper_test.c | 176 ++-- drivers/gpu/drm/xe/Kconfig | 1 drivers/hwmon/gsc-hwmon.c | 4 drivers/iio/adc/ad7173.c | 3 drivers/iio/adc/ad_sigma_delta.c | 4 drivers/iio/imu/bno055/bno055.c | 11 drivers/iio/imu/inv_icm42600/inv_icm42600.h | 8 drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 33 drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.c | 22 drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.h | 10 drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 6 drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 43 - drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 12 drivers/iio/light/adjd_s311.c | 2 drivers/iio/light/as73211.c | 4 drivers/iio/light/bh1745.c | 2 drivers/iio/light/isl29125.c | 2 drivers/iio/light/ltr501.c | 2 drivers/iio/light/max44000.c | 2 drivers/iio/light/rohm-bu27034.c | 2 drivers/iio/light/rpr0521.c | 2 drivers/iio/light/st_uvis25.h | 2 drivers/iio/light/tcs3414.c | 2 drivers/iio/light/tcs3472.c | 2 drivers/iio/pressure/bmp280-core.c | 9 drivers/iio/proximity/isl29501.c | 16 drivers/iio/temperature/maxim_thermocouple.c | 26 drivers/infiniband/hw/bnxt_re/ib_verbs.c | 8 drivers/infiniband/hw/bnxt_re/main.c | 23 drivers/infiniband/hw/bnxt_re/qplib_fp.c | 30 drivers/infiniband/hw/bnxt_re/qplib_fp.h | 2 drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 drivers/infiniband/hw/erdma/erdma_verbs.c | 4 drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 6 drivers/infiniband/hw/hns/hns_roce_restrack.c | 9 drivers/infiniband/sw/rxe/rxe_net.c | 29 drivers/infiniband/sw/rxe/rxe_qp.c | 2 drivers/iommu/amd/init.c | 4 drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 2 drivers/md/dm-crypt.c | 49 + drivers/md/dm.c | 17 drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 drivers/media/i2c/hi556.c | 26 drivers/media/i2c/mt9m114.c | 8 drivers/media/i2c/ov2659.c | 3 drivers/media/pci/intel/ipu6/ipu6-isys-csi2.c | 12 drivers/media/pci/intel/ivsc/mei_ace.c | 2 drivers/media/pci/intel/ivsc/mei_csi.c | 2 drivers/media/platform/qcom/camss/camss.c | 4 drivers/media/platform/qcom/venus/core.c | 18 drivers/media/platform/qcom/venus/core.h | 2 drivers/media/platform/qcom/venus/hfi_venus.c | 5 drivers/media/platform/qcom/venus/vdec.c | 5 drivers/media/platform/qcom/venus/venc.c | 5 drivers/media/platform/raspberrypi/pisp_be/Kconfig | 1 drivers/media/platform/raspberrypi/pisp_be/pisp_be.c | 5 drivers/media/platform/verisilicon/rockchip_vpu_hw.c | 9 drivers/media/test-drivers/vivid/vivid-ctrls.c | 3 drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4 drivers/media/usb/gspca/vicam.c | 10 drivers/media/usb/usbtv/usbtv-video.c | 4 drivers/media/v4l2-core/v4l2-ctrls-core.c | 1 drivers/memstick/core/memstick.c | 1 drivers/memstick/host/rtsx_usb_ms.c | 1 drivers/mmc/host/sdhci-pci-gli.c | 37 - drivers/mmc/host/sdhci_am654.c | 18 drivers/most/core.c | 2 drivers/mtd/nand/raw/fsmc_nand.c | 2 drivers/mtd/nand/raw/renesas-nand-controller.c | 6 drivers/mtd/nand/spi/core.c | 5 drivers/mtd/spi-nor/swp.c | 19 drivers/net/bonding/bond_3ad.c | 67 + drivers/net/bonding/bond_options.c | 1 drivers/net/can/ti_hecc.c | 2 drivers/net/dsa/microchip/ksz_common.c | 6 drivers/net/ethernet/google/gve/gve_main.c | 2 drivers/net/ethernet/intel/igc/igc_main.c | 14 drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 drivers/net/ethernet/marvell/octeontx2/af/rvu_npc_fs.c | 4 drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en/dcbnl.h | 1 drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.c | 18 drivers/net/ethernet/mellanox/mlx5/core/en_dcbnl.c | 12 drivers/net/ethernet/mellanox/mlx5/core/esw/devlink_port.c | 4 drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.h | 87 ++ drivers/net/ethernet/mellanox/mlx5/core/port.c | 40 - drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 drivers/net/ethernet/microchip/lan865x/lan865x.c | 21 drivers/net/ethernet/realtek/rtase/rtase.h | 2 drivers/net/ethernet/ti/icssg/icssg_prueth.c | 72 +- drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 8 drivers/net/phy/mscc/mscc.h | 12 drivers/net/phy/mscc/mscc_main.c | 12 drivers/net/phy/mscc/mscc_ptp.c | 49 + drivers/net/ppp/ppp_generic.c | 17 drivers/net/usb/asix_devices.c | 2 drivers/net/wireless/ath/ath11k/ce.c | 3 drivers/net/wireless/ath/ath11k/dp_rx.c | 3 drivers/net/wireless/ath/ath11k/hal.c | 33 drivers/net/wireless/ath/ath12k/ce.c | 3 drivers/net/wireless/ath/ath12k/hal.c | 38 - drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 drivers/pci/controller/dwc/pci-imx6.c | 32 drivers/pci/controller/pcie-rockchip-host.c | 49 - drivers/pci/controller/pcie-rockchip.h | 11 drivers/pci/endpoint/pci-ep-cfs.c | 1 drivers/pci/endpoint/pci-epf-core.c | 2 drivers/pci/pcie/portdrv.c | 2 drivers/phy/qualcomm/phy-qcom-m31.c | 14 drivers/platform/chrome/cros_ec.c | 3 drivers/platform/x86/intel/uncore-frequency/uncore-frequency-tpmi.c | 5 drivers/pwm/pwm-imx-tpm.c | 9 drivers/pwm/pwm-mediatek.c | 71 + drivers/s390/char/sclp.c | 11 drivers/scsi/mpi3mr/mpi3mr.h | 6 drivers/scsi/mpi3mr/mpi3mr_fw.c | 17 drivers/scsi/mpi3mr/mpi3mr_os.c | 2 drivers/scsi/qla4xxx/ql4_os.c | 2 drivers/scsi/scsi_lib.c | 3 drivers/soc/qcom/mdt_loader.c | 43 + drivers/soc/tegra/pmc.c | 51 - drivers/spi/spi-fsl-lpspi.c | 8 drivers/staging/media/imx/imx-media-csc-scaler.c | 2 drivers/tty/serial/8250/8250_port.c | 3 drivers/tty/vt/defkeymap.c_shipped | 112 +++ drivers/tty/vt/keyboard.c | 2 drivers/ufs/host/ufs-exynos.c | 4 drivers/ufs/host/ufshcd-pci.c | 42 + drivers/usb/atm/cxacru.c | 106 +- drivers/usb/core/hcd.c | 20 drivers/usb/core/quirks.c | 1 drivers/usb/dwc3/dwc3-imx8mp.c | 7 drivers/usb/dwc3/dwc3-meson-g12a.c | 3 drivers/usb/dwc3/dwc3-pci.c | 2 drivers/usb/dwc3/ep0.c | 20 drivers/usb/dwc3/gadget.c | 19 drivers/usb/gadget/udc/renesas_usb3.c | 1 drivers/usb/host/xhci-hub.c | 3 drivers/usb/host/xhci-mem.c | 22 drivers/usb/host/xhci-pci-renesas.c | 7 drivers/usb/host/xhci-ring.c | 9 drivers/usb/host/xhci.c | 21 drivers/usb/host/xhci.h | 3 drivers/usb/musb/omap2430.c | 14 drivers/usb/storage/realtek_cr.c | 2 drivers/usb/storage/unusual_devs.h | 29 drivers/usb/typec/class.c | 7 drivers/usb/typec/tcpm/fusb302.c | 32 drivers/usb/typec/tcpm/maxim_contaminant.c | 58 + drivers/usb/typec/tcpm/qcom/qcom_pmic_typec_pdphy.c | 3 drivers/usb/typec/tcpm/qcom/qcom_pmic_typec_pdphy_stub.c | 3 drivers/usb/typec/tcpm/qcom/qcom_pmic_typec_port.c | 4 drivers/usb/typec/tcpm/tcpci_maxim.h | 1 drivers/usb/typec/tcpm/tcpm.c | 7 drivers/vhost/vsock.c | 6 drivers/video/console/vgacon.c | 2 fs/btrfs/block-group.c | 59 - fs/btrfs/ctree.c | 9 fs/btrfs/free-space-tree.c | 17 fs/btrfs/qgroup.c | 38 - fs/btrfs/send.c | 359 +++++----- fs/btrfs/subpage.c | 19 fs/btrfs/super.c | 13 fs/btrfs/transaction.c | 1 fs/btrfs/zoned.c | 13 fs/buffer.c | 2 fs/debugfs/inode.c | 11 fs/ext4/fsmap.c | 23 fs/ext4/indirect.c | 4 fs/ext4/inode.c | 2 fs/ext4/orphan.c | 5 fs/ext4/super.c | 8 fs/f2fs/node.c | 10 fs/file.c | 75 -- fs/jbd2/checkpoint.c | 1 fs/namespace.c | 34 fs/netfs/write_collect.c | 10 fs/netfs/write_issue.c | 4 fs/nfs/pagelist.c | 9 fs/nfs/write.c | 29 fs/overlayfs/copy_up.c | 2 fs/smb/client/smb2ops.c | 2 fs/smb/server/connection.c | 3 fs/smb/server/connection.h | 7 fs/smb/server/oplock.c | 13 fs/smb/server/transport_rdma.c | 5 fs/smb/server/transport_rdma.h | 4 fs/smb/server/transport_tcp.c | 26 fs/splice.c | 3 fs/squashfs/super.c | 14 fs/xfs/xfs_itable.c | 6 include/drm/drm_format_helper.h | 12 include/linux/call_once.h | 47 - include/linux/compiler.h | 8 include/linux/iosys-map.h | 7 include/linux/iov_iter.h | 20 include/linux/kcov.h | 47 - include/linux/mlx5/mlx5_ifc.h | 14 include/linux/mlx5/port.h | 85 -- include/linux/netfs.h | 1 include/linux/nfs_page.h | 1 include/net/bond_3ad.h | 1 include/uapi/linux/pfrut.h | 1 io_uring/futex.c | 3 io_uring/net.c | 27 kernel/cgroup/cpuset.c | 9 kernel/sched/ext.c | 18 kernel/trace/ftrace.c | 19 kernel/trace/trace.c | 34 kernel/trace/trace.h | 10 mm/damon/paddr.c | 4 mm/debug_vm_pgtable.c | 9 mm/filemap.c | 3 mm/memory-failure.c | 8 net/bluetooth/hci_conn.c | 3 net/bluetooth/hci_event.c | 8 net/bluetooth/hci_sync.c | 19 net/bridge/br_multicast.c | 16 net/bridge/br_private.h | 2 net/core/dev.c | 12 net/hsr/hsr_slave.c | 8 net/ipv4/netfilter/nf_reject_ipv4.c | 6 net/ipv6/netfilter/nf_reject_ipv6.c | 5 net/ipv6/seg6_hmac.c | 6 net/mptcp/options.c | 6 net/mptcp/pm_netlink.c | 19 net/sched/sch_cake.c | 14 net/sched/sch_htb.c | 2 net/smc/af_smc.c | 3 net/tls/tls_sw.c | 7 net/vmw_vsock/virtio_transport.c | 12 rust/kernel/alloc/allocator.rs | 30 rust/kernel/alloc/allocator_test.rs | 11 security/apparmor/lsm.c | 4 sound/core/timer.c | 4 sound/pci/hda/patch_realtek.c | 2 sound/soc/sof/amd/acp-loader.c | 6 sound/usb/stream.c | 2 sound/usb/validate.c | 2 tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 341 files changed, 3787 insertions(+), 2216 deletions(-) Adrian Hunter (1): scsi: ufs: ufs-pci: Fix default runtime and system PM levels Al Viro (2): use uniform permission checks for all mount propagation changes alloc_fdtable(): change calling conventions. Alex Deucher (4): drm/amdgpu/discovery: fix fw based ip discovery drm/amdgpu: update mmhub 3.0.1 client id mappings drm/amdgpu: update mmhub 4.1.0 client id mappings drm/amdgpu/swm14: Update power limit logic Alexander Sverdlin (1): arm64: dts: ti: k3-pinctrl: Enable Schmitt Trigger by default Alexander Wilhelm (1): bus: mhi: host: Fix endianness of BHI vector table Alexei Lazar (1): net/mlx5e: Query FW for buffer ownership Amber Lin (1): drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Amit Sunil Dhamne (2): usb: typec: maxim_contaminant: disable low power mode when reading comparator values usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean Anantha Prabhu (1): RDMA/bnxt_re: Fix to initialize the PBL array Andrea Righi (2): sched/ext: Fix invalid task state transitions on class switch sched_ext: initialize built-in idle state before ops.init() Andreas Dilger (1): ext4: check fast symlink for ea_inode correctly André Draszik (1): scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE Andy Shevchenko (1): iio: imu: inv_icm42600: Convert to uXX and sXX integer types Archana Patni (1): scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers Armen Ratner (1): net/mlx5e: Preserve shared buffer capacity during headroom updates Baihan Li (3): drm/hisilicon/hibmc: refactored struct hibmc_drm_private drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed drm/hisilicon/hibmc: fix the hibmc loaded failed bug Baokun Li (2): jbd2: prevent softlockup in jbd2_log_do_checkpoint() ext4: preserve SB_I_VERSION on remount Bharat Bhushan (3): crypto: octeontx2 - Fix address alignment issue on ucode loading crypto: octeontx2 - Fix address alignment on CN10K A0/A1 and OcteonTX2 crypto: octeontx2 - Fix address alignment on CN10KB and CN10KA-B0 Bibo Mao (1): LoongArch: KVM: Make function kvm_own_lbt() robust Bingbu Cao (1): media: hi556: correct the test pattern configuration Bjorn Andersson (1): soc: qcom: mdt_loader: Ensure we don't read past the ELF header Boris Burkov (2): btrfs: explicitly ref count block_group on new_bgs list btrfs: codify pattern for adding block_group to bg_list Boshi Yu (1): RDMA/erdma: Fix ignored return value of init_kernel_qp Chao Yu (1): f2fs: fix to avoid out-of-boundary access in dnode page Charalampos Mitrodimas (1): debugfs: fix mount options not being applied Chen Yu (1): ACPI: pfr_update: Fix the driver update version check Chenyuan Yang (1): drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() Chi Zhiling (1): readahead: fix return value of page_cache_next_miss() when no hole is found Christian Loehle (1): cpuidle: menu: Remove iowait influence Christoph Hellwig (1): xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags Christoph Paasch (1): mptcp: drop skb if MPTCP skb extension allocation fails D. Wythe (1): net/smc: fix UAF on smcsk after smc_listen_out() Damien Le Moal (7): ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig dm: dm-crypt: Do not partially accept write BIOs with zoned targets dm: Check for forbidden splitting of zone write operations ata: libata-scsi: Fix ata_to_sense_error() status handling PCI: endpoint: Fix configfs group list head handling PCI: endpoint: Fix configfs group removal on driver teardown ata: libata-scsi: Return aborted command when missing sense and result TF Dan Carpenter (5): cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() media: gspca: Add bounds checking to firmware parser soc: qcom: mdt_loader: Fix error return values in mdt_header_valid() scsi: qla4xxx: Prevent a potential error pointer dereference ALSA: usb-audio: Fix size validation in convert_chmap_v3() Daniel Jurgens (1): net/mlx5: Base ECVF devlink port attrs from 0 Danilo Krummrich (1): rust: alloc: replace aligned_size() with Kmalloc::aligned_layout() David Howells (2): netfs: Fix unbuffered write error handling cifs: Fix oops due to uninitialised variable David Lechner (6): iio: imu: bno055: fix OOB access of hw_xlate array iio: adc: ad_sigma_delta: change to buffer predisable iio: adc: ad7173: fix setting ODR in probe iio: proximity: isl29501: fix buffered read on big-endian systems iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read() iio: imu: inv_icm42600: use = { } instead of memset() David Sterba (2): btrfs: qgroup: drop unused parameter fs_info from __del_qgroup_rb() btrfs: move transaction aborts to the error site in add_block_group_free_space() Dewei Meng (1): ALSA: timer: fix ida_free call while not allocated Dominique Martinet (1): iov_iter: iterate_folioq: fix handling of offset >= folio size Edward Adam Davis (1): comedi: pcl726: Prevent invalid irq number Emanuele Ghidoli (1): arm64: dts: ti: k3-am62-verdin: Enable pull-ups on I2C buses Eric Biggers (2): lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap ipv6: sr: Fix MAC comparison to be constant-time Evgeniy Harchenko (1): ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 Fanhua Li (1): drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor(). Filipe Manana (10): btrfs: qgroup: fix race between quota disable and quota rescan ioctl btrfs: always abort transaction on failure to add block group to free space tree btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() btrfs: send: factor out common logic when sending xattrs btrfs: send: only use boolean variables at process_recorded_refs() btrfs: send: add and use helper to rename current inode when processing refs btrfs: send: keep the current inode's path cached btrfs: send: avoid path allocation for the current inode when issuing commands btrfs: send: use fallocate for hole punching with send stream v2 btrfs: send: make fs_path_len() inline and constify its argument Finn Thain (1): m68k: Fix lost column on framebuffer debug console Florian Westphal (1): netfilter: nf_reject: don't leak dst refcount for loopback packets Frank Li (1): PCI: imx6: Add i.MX8Q PCIe Endpoint (EP) support Gabor Juhos (1): mtd: spinand: propagate spinand_wait() errors from spinand_write_page() Gang Ba (1): drm/amdgpu: Avoid extra evict-restore process. Geliang Tang (2): mptcp: remove duplicate sk_reset_timer call mptcp: disable add_addr retransmission when timeout is 0 Geraldo Nascimento (2): PCI: rockchip: Use standard PCIe definitions PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining Giovanni Cabiddu (2): crypto: qat - lower priority for skcipher and aead algorithms crypto: qat - flush misc workqueue during device shutdown Greg Kroah-Hartman (2): Revert "can: ti_hecc: fix -Woverflow compiler warning" Linux 6.12.44 Gui-Dong Han (1): media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() Hangbin Liu (2): bonding: update LACP activity flag after setting lacp_active bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU Hans Verkuil (1): media: vivid: fix wrong pixel_array control size Hans de Goede (1): media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls Haoxiang Li (1): media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() Hariprasad Kelam (1): Octeontx2-af: Skip overlap check for SPI field Heikki Krogerus (1): usb: dwc3: pci: add support for the Intel Wildcat Lake Heiko Carstens (1): s390/mm: Do not map lowcore with identity mapping Helge Deller (2): Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" apparmor: Fix 8-byte alignment for initial dfa blob streams Herton R. Krzesinski (1): mm/debug_vm_pgtable: clear page table entries at destroy_args() Hong Guan (1): arm64: dts: ti: k3-am62a7-sk: fix pinmux for main_uart1 Horatiu Vultur (1): phy: mscc: Fix timestamping for vsc8584 Ian Abbott (2): comedi: Make insn_rw_emulate_bits() do insn->n samples comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() Ido Schimmel (1): mlxsw: spectrum: Forward packets with an IPv4 link-local source IP Igor Pylypiv (1): ata: libata-scsi: Fix CDL control Imre Deak (3): drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS drm/i915/icl+/tc: Convert AUX powered WARN to a debug message drm/i915/icl+/tc: Cache the max lane count value Jacopo Mondi (1): media: pisp_be: Fix pm_runtime underrun in probe Jakub Acs (1): net, hsr: reject HSR frame if skb can't hold tag Jakub Kicinski (1): tls: fix handling of zero-length records on the rx_list Jakub Ramaseuski (1): net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM Jan Beulich (1): compiler: remove __ADDRESSABLE_ASM{_STR,}() again Jason Xing (1): ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc Jean-Baptiste Maneyrol (1): iio: imu: inv_icm42600: change invalid data error to -EBUSY Jens Axboe (2): io_uring/net: commit partial buffers on retry io_uring/futex: ensure io_futex_wait() cleans up properly on failure Jiande Lu (1): Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown Jiayi Li (1): memstick: Fix deadlock by moving removing flag earlier Jinjiang Tu (1): mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn Jocelyn Falempe (1): drm/panic: Move drawing functions to drm_draw Johan Hovold (10): usb: gadget: udc: renesas_usb3: fix device leak at unbind usb: musb: omap2430: fix device leak at unbind usb: dwc3: meson-g12a: fix device leaks at unbind usb: dwc3: imx8mp: fix device leak at unbind wifi: ath12k: fix dest ring-buffer corruption wifi: ath12k: fix source ring-buffer corruption wifi: ath12k: fix dest ring-buffer corruption when ring is full wifi: ath11k: fix dest ring-buffer corruption wifi: ath11k: fix source ring-buffer corruption wifi: ath11k: fix dest ring-buffer corruption when ring is full John David Anglin (8): parisc: Check region is readable by user in raw_copy_from_user() parisc: Define and use set_pte_at() parisc: Drop WARN_ON_ONCE() from flush_cache_vmap parisc: Rename pte_needs_flush() to pte_needs_cache_flush() in cache.c parisc: Revise __get_user() to probe user read access parisc: Revise gateway LWS calls to probe user read access parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault() parisc: Update comments in make_insert_tlb John Ernberg (1): crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Jon Hunter (1): soc/tegra: pmc: Ensure power-domains are in a known state Jonathan Cameron (3): iio: light: Use aligned_s64 instead of open coding alignment. iio: light: as73211: Ensure buffer holes are zeroed iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 Jordan Rhee (1): gve: prevent ethtool ops after shutdown Jorge Ramirez-Ortiz (2): media: venus: hfi: explicitly release IRQ during teardown media: venus: protect against spurious interrupts during probe José Expósito (2): drm/tests: Fix endian warning drm/tests: Fix drm_test_fb_xrgb8888_to_xrgb2101010() on big-endian Judith Mendez (6): arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support arm64: dts: ti: k3-am6*: Add boot phase flag to support MMC boot arm64: dts: ti: k3-am62*: Add non-removable flag for eMMC arm64: dts: ti: k3-am6*: Remove disable-wp for eMMC arm64: dts: ti: k3-am62*: Move eMMC pinmux to top level board file mmc: sdhci_am654: Disable HS400 for AM62P SR1.0 and SR1.1 Junxian Huang (1): RDMA/hns: Fix dip entries leak on devices newer than hip09 Justin Lai (1): rtase: Fix Rx descriptor CRC error bit definition Kalesh AP (1): RDMA/bnxt_re: Fix a possible memory leak in the driver Kanglong Wang (1): LoongArch: Optimize module load time by optimizing PLT/GOT counting Kashyap Desai (2): RDMA/bnxt_re: Fix to do SRQ armena by default RDMA/bnxt_re: Fix to remove workload check in SRQ limit path Kathiravan Thirumoorthy (1): phy: qcom: phy-qcom-m31: Update IPQ5332 M31 USB phy initialization sequence Kees Cook (1): iommu/amd: Avoid stack buffer overflow from kernel cmdline Keith Busch (1): kvm: retry nx_huge_page_recovery_thread creation Kerem Karabay (1): drm/format-helper: Add conversion from XRGB8888 to BGR888 Konrad Dybcio (1): media: venus: Fix MSM8998 frequency table Krzysztof Kozlowski (3): dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints USB: typec: Use str_enable_disable-like helpers Kuen-Han Tsai (1): usb: dwc3: Ignore late xferNotReady event to prevent halt timeout Kyoji Ogasawara (3): btrfs: fix incorrect log message for nobarrier mount option btrfs: restore mount option info messages during mount btrfs: fix printing of mount info messages for NODATACOW/NODATASUM Laurentiu Mihalcea (1): pwm: imx-tpm: Reset counter if CMOD is 0 Liao Yuanhong (1): ext4: use kmalloc_array() for array space allocation Lijo Lazar (1): drm/amdgpu: Update external revid for GC v9.5.0 Ludwig Disterhof (1): media: usbtv: Lock resolution while streaming Luiz Augusto von Dentz (1): Bluetooth: hci_sync: Fix scan state after PA Sync has been established Lukas Wunner (1): PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge MD Danish Anwar (1): net: ti: icssg-prueth: Fix HSR and switch offload Enablement during firwmare reload. Macpaul Lin (1): scsi: dt-bindings: mediatek,ufs: Add ufs-disable-mcq flag for UFS host Mael GUERIN (1): USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera Marek Szyprowski (1): zynq_fpga: use sgtable-based scatterlist wrappers Marek Vasut (1): usb: renesas-xhci: Fix External ROM access timeouts Mario Limonciello (2): drm/amd: Restore cached power limit during resume drm/amd/display: Avoid a NULL pointer dereference Masami Hiramatsu (Google) (1): tracing: fprobe-event: Sanitize wildcard for fprobe event name Mathis Foerst (1): media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval Matthieu Baerts (NGI0) (2): mptcp: pm: kernel: flush: do not reset ADD_ADDR limit selftests: mptcp: pm: check flush doesn't reset limits Miao Li (1): usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive Miaoqian Lin (1): most: core: Drop device reference after usage in get_channel() Michael Walle (1): mtd: spi-nor: Fix spi_nor_try_unlock_all() Michal Suchanek (1): powerpc/boot: Fix build with gcc 15 Michel Dänzer (1): drm/amd/display: Add primary plane to commits for correct VRR handling Miguel Ojeda (1): rust: alloc: fix `rusttest` by providing `Cmalloc::aligned_layout` too Mike Christie (1): scsi: core: Fix command pass through retry regression Minhong He (1): ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add Muhammad Usama Anjum (1): ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context Myrrh Periwinkle (2): vt: keyboard: Don't process Unicode characters in K_OFF mode vt: defkeymap: Map keycodes above 127 to K_HOLE Namjae Jeon (1): ksmbd: extend the connection limiting mechanism to support IPv6 Naohiro Aota (3): btrfs: zoned: fix write time activation failure for metadata block group btrfs: zoned: requeue to unused block group list if zone finish failed btrfs: subpage: keep TOWRITE tag until folio is cleaned Nathan Chancellor (3): usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() drm/amdgpu: Initialize data to NULL in imu_v12_0_program_rlc_ram() NeilBrown (1): ovl: use I_MUTEX_PARENT when locking parent in ovl_create_temp() Nicolas Dufresne (1): media: verisilicon: Fix AV1 decoder clock frequency Nicolin Chen (1): iommu/arm-smmu-v3: Fix smmu_domain->nr_ats_masters decrement Nitin Gote (1): iosys-map: Fix undefined behavior in iosys_map_clear() Ojaswin Mujoo (2): ext4: fix fsmap end of range reporting with bigalloc ext4: fix reserved gdt blocks handling in fsmap Oren Sidi (1): net/mlx5: Add IFC bits and enums for buf_ownership Parthiban Veerasooran (2): microchip: lan865x: fix missing netif_start_queue() call on device open microchip: lan865x: fix missing Timer Increment config for Rev.B0/B1 Pauli Virtanen (1): Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established Peter Griffin (1): arm64: dts: exynos: gs101: ufs: add dma-coherent property Peter Oberparleiter (3): s390/sclp: Fix SCCB present check s390/hypfs: Avoid unnecessary ioctl registration in debugfs s390/hypfs: Enable limited access during lockdown Peter Shkenev (1): drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities Phillip Lougher (1): squashfs: fix memory leak in squashfs_fill_super Pu Lehui (1): tracing: Limit access to parser->buffer when trace_get_user failed Qingfang Deng (2): net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path ppp: fix race conditions in ppp_fill_forward_path Rafael J. Wysocki (2): PM: runtime: Take active children into account in pm_runtime_get_if_in_use() cpuidle: governors: menu: Avoid selecting states with too much latency Randy Dunlap (1): parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers Ranjan Kumar (3): scsi: mpi3mr: Fix race between config read submit and interrupt completion scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems Ricardo Ribalda (2): media: venus: vdec: Clamp param smaller than 1fps and bigger than 240. media: venus: venc: Clamp param smaller than 1fps and bigger than 240 Richard Zhu (4): PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset PCI: imx6: Delay link start until configfs 'start' written PCI: imx6: Add IMX8MQ_EP third 64-bit BAR in epc_features Sakari Ailus (2): media: ipu6: isys: Use correct pads for xlate_streams() media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() Salah Triki (1): iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() Sebastian Andrzej Siewior (1): kcov, usb: Don't disable interrupts in kcov_remote_start_usb_softirq() Sebastian Reichel (1): usb: typec: fusb302: cache PD RX state Selvarasu Ganesan (1): usb: dwc3: Remove WARN_ON for device endpoint command timeouts SeongJae Park (1): mm/damon/ops-common: ignore migration request to invalid nodes Sergey Shtylyov (1): Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() Shahar Shitrit (1): net/mlx5: Relocate function declarations from port.h to mlx5_core.h Simon Richter (1): Mark xe driver as BROKEN if kernel page size is not 4kB Siyang Liu (1): drm/amd/display: fix a Null pointer dereference vulnerability Srinivas Pandruvada (1): platform/x86/intel-uncore-freq: Check write blocked for ELC Stefan Metzmacher (1): smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy() Stefan Wahren (1): spi: spi-fsl-lpspi: Clamp too high speed_hz Steven Rostedt (2): ftrace: Also allocate and copy hash for reading of filter files tracing: Remove unneeded goto out logic Suraj Gupta (1): net: xilinx: axienet: Fix RX skb ring management in DMAengine mode Takashi Iwai (1): ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation Theodore Ts'o (1): ext4: don't try to clear the orphan_present feature block device is r/o Thomas Fourier (2): mtd: rawnand: fsmc: Add missing check after DMA map mtd: rawnand: renesas: Add missing check after DMA map Thomas Weißschuh (1): kbuild: userprogs: use correct linker when mixing clang and GNU ld Thomas Zimmermann (3): drm/format-helper: Move helpers for pixel conversion to header file drm/format-helper: Add generic conversion to 32-bit formats drm/tests: Do not use drm_fb_blit() in format-helper tests Thorsten Blum (3): accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc() cdx: Fix off-by-one error in cdx_rpmsg_probe() usb: storage: realtek_cr: Use correct byte order for bcs->Residue Tianxiang Peng (1): x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Tim Harvey (1): hwmon: (gsc-hwmon) fix fan pwm setpoint show functions Timur Kristóf (7): drm/amd/display: Don't overwrite dce60_clk_mgr drm/amd/display: Don't overclock DCE 6 by 15% drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 drm/amd/display: Fix DP audio DTO1 clock source on DCE 6. drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs drm/amd/display: Don't print errors for nonexistent connectors Tom Chung (1): drm/amd/display: Fix Xorg desktop unresponsive on Replay panel Tom Lendacky (1): x86/sev: Ensure SVSM reserved fields in a page validation entry are initialized to zero Tristram Ha (1): net: dsa: microchip: Fix KSZ9477 HSR port setup issue Trond Myklebust (1): NFS: Fix a race when updating an existing write Tzung-Bi Shih (1): platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() Uwe Kleine-König (2): pwm: mediatek: Handle hardware enable and clock enable separately pwm: mediatek: Fix duty and period setting ValdikSS (1): igc: fix disabling L1.2 PCI-E link substate on I226 on init Vedang Nagar (1): media: venus: Add a check for packet size after reading from shared memory Victor Shih (3): mmc: sdhci-pci-gli: Add a new function to simplify the code mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency Vladimir Zapolskiy (1): media: qcom: camss: cleanup media device allocated resource on error path Waiman Long (2): cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key cgroup/cpuset: Fix a partition error with CPU hotplug Wang Liang (1): net: bridge: fix soft lockup in br_multicast_query_expired() Weitao Wang (1): usb: xhci: Fix slot_id resource race conflict Will Deacon (2): vsock/virtio: Validate length in packet header before skb_put() vhost/vsock: Avoid allocating arbitrarily-sized SKBs William Liu (2): net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate Xaver Hugl (1): amdgpu/amdgpu_discovery: increase timeout limit for IFWI init Xu Yang (1): usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test Xu Yilun (1): fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable() Yang Li (1): Bluetooth: hci_sync: Prevent unintended PA sync when SID is 0xFF Ye Bin (1): fs/buffer: fix use-after-free when call bh_read() helper Youssef Samir (1): bus: mhi: host: Detect events pointing to unexpected TREs Yuichiro Tsuji (1): net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization Yunhui Cui (1): serial: 8250: fix panic due to PSLVERR Zenm Chen (1): USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles Zhang Shurong (1): media: ov2659: Fix memory leaks in ov2659_probe() Zhang Yi (1): ext4: fix hole length calculation overflow in non-extent inodes Zhu Yanjun (1): RDMA/rxe: Flush delayed SKBs while releasing RXE resources Ziyan Xu (1): ksmbd: fix refcount leak causing resource not released wenglianfa (1): RDMA/hns: Fix querying wrong SCC context for DIP algorithm

2 weeks, 4 days

1
1
0 0

Linux 6.6.103

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.103 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2 Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dsi-host.yaml | 2 Documentation/filesystems/fscrypt.rst | 37 - Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 Documentation/networking/bonding.rst | 12 Documentation/networking/mptcp-sysctl.rst | 2 Documentation/power/runtime_pm.rst | 5 Makefile | 4 arch/arm/include/asm/topology.h | 1 arch/arm/mach-rockchip/platsmp.c | 15 arch/arm/mach-tegra/reset.c | 2 arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1 arch/arm64/boot/dts/ti/k3-am62-verdin.dtsi | 12 arch/arm64/boot/dts/ti/k3-am62a7-sk.dts | 4 arch/arm64/boot/dts/ti/k3-pinctrl.h | 15 arch/arm64/include/asm/acpi.h | 2 arch/arm64/include/asm/topology.h | 1 arch/arm64/kernel/fpsimd.c | 4 arch/arm64/kernel/topology.c | 26 arch/arm64/kernel/traps.c | 1 arch/arm64/mm/fault.c | 1 arch/arm64/mm/ptdump_debugfs.c | 3 arch/loongarch/kernel/module-sections.c | 36 - arch/loongarch/net/bpf_jit.c | 21 arch/m68k/kernel/head.S | 31 arch/mips/crypto/chacha-core.S | 20 arch/mips/include/asm/vpe.h | 8 arch/mips/kernel/process.c | 16 arch/mips/lantiq/falcon/sysctrl.c | 23 arch/parisc/Makefile | 6 arch/parisc/include/asm/pgtable.h | 7 arch/parisc/include/asm/special_insns.h | 28 arch/parisc/include/asm/uaccess.h | 21 arch/parisc/kernel/cache.c | 6 arch/parisc/kernel/entry.S | 17 arch/parisc/kernel/syscall.S | 30 arch/parisc/lib/memcpy.c | 19 arch/parisc/mm/fault.c | 4 arch/powerpc/boot/Makefile | 1 arch/powerpc/include/asm/floppy.h | 5 arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 arch/riscv/include/asm/topology.h | 1 arch/s390/hypfs/hypfs_dbfs.c | 19 arch/s390/include/asm/timex.h | 13 arch/s390/kernel/time.c | 2 arch/s390/mm/dump_pagetables.c | 2 arch/s390/mm/pgalloc.c | 5 arch/um/include/asm/thread_info.h | 4 arch/um/kernel/process.c | 20 arch/x86/include/asm/kvm-x86-ops.h | 2 arch/x86/include/asm/kvm_host.h | 22 arch/x86/include/asm/msr-index.h | 1 arch/x86/include/asm/xen/hypercall.h | 5 arch/x86/kernel/cpu/bugs.c | 5 arch/x86/kernel/cpu/hygon.c | 3 arch/x86/kvm/hyperv.c | 3 arch/x86/kvm/lapic.c | 19 arch/x86/kvm/lapic.h | 1 arch/x86/kvm/svm/svm.c | 42 - arch/x86/kvm/svm/vmenter.S | 9 arch/x86/kvm/trace.h | 9 arch/x86/kvm/vmx/nested.c | 26 arch/x86/kvm/vmx/pmu_intel.c | 8 arch/x86/kvm/vmx/vmx.c | 164 ++-- arch/x86/kvm/vmx/vmx.h | 31 arch/x86/kvm/x86.c | 46 - block/blk-core.c | 26 block/blk-settings.c | 2 crypto/jitterentropy-kcapi.c | 9 drivers/acpi/acpi_processor.c | 2 drivers/acpi/apei/ghes.c | 13 drivers/acpi/pfr_update.c | 2 drivers/acpi/prmt.c | 26 drivers/acpi/processor_perflib.c | 11 drivers/ata/Kconfig | 35 drivers/ata/libata-sata.c | 5 drivers/ata/libata-scsi.c | 58 - drivers/base/arch_topology.c | 69 + drivers/base/power/runtime.c | 59 + drivers/block/drbd/drbd_receiver.c | 6 drivers/block/loop.c | 38 - drivers/block/sunvdc.c | 4 drivers/bus/mhi/host/boot.c | 8 drivers/bus/mhi/host/internal.h | 4 drivers/bus/mhi/host/main.c | 12 drivers/cdx/controller/cdx_rpmsg.c | 3 drivers/char/ipmi/ipmi_msghandler.c | 8 drivers/char/ipmi/ipmi_watchdog.c | 59 + drivers/char/misc.c | 4 drivers/clk/qcom/gcc-ipq5018.c | 2 drivers/clk/tegra/clk-periph.c | 4 drivers/comedi/comedi_fops.c | 36 - drivers/comedi/comedi_internal.h | 1 drivers/comedi/drivers.c | 36 - drivers/comedi/drivers/pcl726.c | 3 drivers/cpufreq/armada-8k-cpufreq.c | 2 drivers/cpufreq/cppc_cpufreq.c | 2 drivers/cpufreq/cpufreq.c | 12 drivers/cpuidle/governors/menu.c | 96 -- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 8 drivers/crypto/intel/qat/qat_common/adf_common_drv.h | 1 drivers/crypto/intel/qat/qat_common/adf_init.c | 1 drivers/crypto/intel/qat/qat_common/adf_isr.c | 5 drivers/crypto/intel/qat/qat_common/qat_algs.c | 12 drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 16 drivers/devfreq/governor_userspace.c | 6 drivers/dma/stm32-dma.c | 2 drivers/edac/synopsys_edac.c | 97 +- drivers/firmware/tegra/Kconfig | 5 drivers/fpga/zynq-fpga.c | 10 drivers/gpio/gpio-mlxbf2.c | 2 drivers/gpio/gpio-mlxbf3.c | 54 - drivers/gpio/gpio-tps65912.c | 7 drivers/gpio/gpio-virtio.c | 9 drivers/gpio/gpio-wcd934x.c | 7 drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6 drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 - drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 6 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 9 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_psr.c | 6 drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1 drivers/gpu/drm/amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 - drivers/gpu/drm/amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11 drivers/gpu/drm/amd/display/dc/link/link_dpms.c | 3 drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6 drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 37 - drivers/gpu/drm/display/drm_dp_helper.c | 2 drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4 drivers/gpu/drm/i915/intel_runtime_pm.c | 5 drivers/gpu/drm/msm/msm_gem.c | 3 drivers/gpu/drm/msm/msm_gem.h | 6 drivers/gpu/drm/nouveau/nvif/vmm.c | 3 drivers/gpu/drm/renesas/rcar-du/rzg2l_mipi_dsi.c | 3 drivers/gpu/drm/ttm/ttm_pool.c | 8 drivers/gpu/drm/ttm/ttm_resource.c | 3 drivers/hid/hid-apple.c | 13 drivers/hid/hid-magicmouse.c | 56 + drivers/hwmon/emc2305.c | 10 drivers/hwmon/gsc-hwmon.c | 4 drivers/i2c/i2c-core-acpi.c | 1 drivers/i3c/internals.h | 1 drivers/i3c/master.c | 4 drivers/idle/intel_idle.c | 2 drivers/iio/adc/ad7768-1.c | 23 drivers/iio/adc/ad_sigma_delta.c | 6 drivers/iio/imu/bno055/bno055.c | 11 drivers/iio/imu/inv_icm42600/inv_icm42600.h | 8 drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 33 drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.c | 22 drivers/iio/imu/inv_icm42600/inv_icm42600_buffer.h | 10 drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 6 drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 43 - drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 12 drivers/iio/light/as73211.c | 2 drivers/iio/pressure/bmp280-core.c | 9 drivers/iio/proximity/isl29501.c | 16 drivers/iio/temperature/maxim_thermocouple.c | 26 drivers/infiniband/core/nldev.c | 22 drivers/infiniband/hw/bnxt_re/ib_verbs.c | 8 drivers/infiniband/hw/bnxt_re/qplib_fp.c | 30 drivers/infiniband/hw/bnxt_re/qplib_fp.h | 2 drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 drivers/infiniband/hw/erdma/erdma_verbs.c | 4 drivers/infiniband/hw/hfi1/affinity.c | 44 - drivers/infiniband/sw/siw/siw_qp_tx.c | 5 drivers/iommu/amd/init.c | 4 drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 1 drivers/iommu/iommufd/io_pagetable.c | 48 - drivers/leds/flash/leds-qcom-flash.c | 178 ++++ drivers/leds/leds-lp50xx.c | 11 drivers/leds/trigger/ledtrig-netdev.c | 16 drivers/md/dm-ps-historical-service-time.c | 4 drivers/md/dm-ps-queue-length.c | 4 drivers/md/dm-ps-round-robin.c | 4 drivers/md/dm-ps-service-time.c | 4 drivers/md/dm-table.c | 10 drivers/md/dm-zoned-target.c | 2 drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 drivers/media/dvb-frontends/dib7000p.c | 8 drivers/media/i2c/ccs/ccs-core.c | 2 drivers/media/i2c/hi556.c | 26 drivers/media/i2c/ov2659.c | 3 drivers/media/i2c/tc358743.c | 86 +- drivers/media/pci/intel/ivsc/mei_ace.c | 2 drivers/media/pci/intel/ivsc/mei_csi.c | 2 drivers/media/platform/qcom/camss/camss.c | 4 drivers/media/platform/qcom/venus/core.c | 8 drivers/media/platform/qcom/venus/core.h | 2 drivers/media/platform/qcom/venus/hfi_msgs.c | 83 +- drivers/media/platform/qcom/venus/hfi_venus.c | 5 drivers/media/platform/qcom/venus/vdec.c | 5 drivers/media/platform/qcom/venus/venc.c | 5 drivers/media/platform/verisilicon/rockchip_vpu_hw.c | 9 drivers/media/test-drivers/vivid/vivid-ctrls.c | 3 drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4 drivers/media/usb/gspca/vicam.c | 10 drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 drivers/media/usb/usbtv/usbtv-video.c | 4 drivers/media/usb/uvc/uvc_driver.c | 3 drivers/media/usb/uvc/uvc_video.c | 21 drivers/media/v4l2-core/v4l2-common.c | 8 drivers/media/v4l2-core/v4l2-ctrls-core.c | 1 drivers/memstick/core/memstick.c | 1 drivers/memstick/host/rtsx_usb_ms.c | 1 drivers/mfd/axp20x.c | 3 drivers/misc/cardreader/rtsx_usb.c | 16 drivers/misc/mei/bus.c | 6 drivers/mmc/host/rtsx_usb_sdmmc.c | 4 drivers/mmc/host/sdhci-msm.c | 14 drivers/mmc/host/sdhci-pci-gli.c | 35 drivers/most/core.c | 2 drivers/mtd/nand/raw/fsmc_nand.c | 2 drivers/mtd/nand/raw/renesas-nand-controller.c | 6 drivers/mtd/nand/spi/core.c | 5 drivers/mtd/spi-nor/swp.c | 19 drivers/net/bonding/bond_3ad.c | 224 +++++- drivers/net/bonding/bond_main.c | 1 drivers/net/bonding/bond_netlink.c | 16 drivers/net/bonding/bond_options.c | 29 drivers/net/dsa/b53/b53_common.c | 65 + drivers/net/dsa/b53/b53_regs.h | 2 drivers/net/ethernet/agere/et131x.c | 36 + drivers/net/ethernet/aquantia/atlantic/aq_hw.h | 2 drivers/net/ethernet/aquantia/atlantic/hw_atl2/hw_atl2_utils_fw.c | 39 + drivers/net/ethernet/atheros/ag71xx.c | 9 drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 drivers/net/ethernet/emulex/benet/be_main.c | 8 drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 2 drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 drivers/net/ethernet/freescale/enetc/enetc_pf.c | 14 drivers/net/ethernet/freescale/fec_main.c | 34 drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 drivers/net/ethernet/google/gve/gve_adminq.c | 1 drivers/net/ethernet/google/gve/gve_main.c | 2 drivers/net/ethernet/intel/igc/igc_main.c | 14 drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 drivers/net/ethernet/marvell/octeontx2/af/rvu_npc_fs.c | 4 drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2 drivers/net/ethernet/mediatek/mtk_wed.c | 1 drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.c | 18 drivers/net/ethernet/mellanox/mlx5/core/en/qos.c | 2 drivers/net/ethernet/mellanox/mlx5/core/esw/devlink_port.c | 4 drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 drivers/net/ethernet/pensando/ionic/ionic_lif.c | 7 drivers/net/ethernet/ti/icssg/icss_iep.c | 26 drivers/net/hyperv/hyperv_net.h | 3 drivers/net/hyperv/netvsc_drv.c | 29 drivers/net/ipa/ipa_smp2p.c | 2 drivers/net/phy/micrel.c | 12 drivers/net/phy/mscc/mscc.h | 12 drivers/net/phy/mscc/mscc_main.c | 12 drivers/net/phy/mscc/mscc_ptp.c | 49 + drivers/net/phy/smsc.c | 1 drivers/net/ppp/ppp_generic.c | 17 drivers/net/thunderbolt/main.c | 21 drivers/net/usb/asix_devices.c | 1 drivers/net/usb/cdc_ncm.c | 20 drivers/net/wireless/ath/ath11k/ce.c | 3 drivers/net/wireless/ath/ath11k/dp_rx.c | 3 drivers/net/wireless/ath/ath11k/hal.c | 33 drivers/net/wireless/ath/ath12k/ce.c | 3 drivers/net/wireless/ath/ath12k/dp.c | 3 drivers/net/wireless/ath/ath12k/hal.c | 38 - drivers/net/wireless/ath/ath12k/hw.c | 2 drivers/net/wireless/ath/ath12k/wmi.c | 5 drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 drivers/net/wireless/intel/iwlwifi/mvm/d3.c | 2 drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 drivers/net/wireless/mediatek/mt76/mt7915/mcu.c | 25 drivers/net/wireless/realtek/rtlwifi/pci.c | 23 drivers/net/wireless/realtek/rtw89/core.c | 3 drivers/net/wireless/realtek/rtw89/fw.c | 9 drivers/net/wireless/realtek/rtw89/fw.h | 2 drivers/net/wireless/realtek/rtw89/mac.c | 19 drivers/net/wireless/realtek/rtw89/reg.h | 1 drivers/net/xen-netfront.c | 5 drivers/nvme/host/pci.c | 24 drivers/pci/controller/dwc/pci-imx6.c | 7 drivers/pci/controller/pcie-rockchip-host.c | 49 - drivers/pci/controller/pcie-rockchip.h | 11 drivers/pci/endpoint/pci-ep-cfs.c | 1 drivers/pci/endpoint/pci-epf-core.c | 2 drivers/pci/pci-acpi.c | 4 drivers/pci/pci.c | 10 drivers/pci/probe.c | 2 drivers/perf/cxl_pmu.c | 2 drivers/phy/qualcomm/phy-qcom-m31.c | 14 drivers/phy/rockchip/phy-rockchip-pcie.c | 3 drivers/pinctrl/stm32/pinctrl-stm32.c | 1 drivers/platform/chrome/cros_ec.c | 3 drivers/platform/chrome/cros_ec_typec.c | 4 drivers/platform/x86/amd/pmc/pmc-quirks.c | 9 drivers/platform/x86/thinkpad_acpi.c | 4 drivers/pmdomain/imx/imx8m-blk-ctrl.c | 10 drivers/power/supply/qcom_battmgr.c | 2 drivers/pps/clients/pps-gpio.c | 5 drivers/ptp/ptp_clock.c | 2 drivers/ptp/ptp_private.h | 5 drivers/ptp/ptp_vclock.c | 7 drivers/pwm/pwm-imx-tpm.c | 9 drivers/pwm/pwm-mediatek.c | 71 + drivers/remoteproc/imx_rproc.c | 4 drivers/reset/Kconfig | 10 drivers/rtc/rtc-ds1307.c | 15 drivers/s390/char/sclp.c | 11 drivers/scsi/aacraid/comminit.c | 3 drivers/scsi/bfa/bfad_im.c | 1 drivers/scsi/libiscsi.c | 3 drivers/scsi/lpfc/lpfc_debugfs.c | 1 drivers/scsi/lpfc/lpfc_scsi.c | 4 drivers/scsi/mpi3mr/mpi3mr.h | 6 drivers/scsi/mpi3mr/mpi3mr_fw.c | 17 drivers/scsi/mpi3mr/mpi3mr_os.c | 22 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19 drivers/scsi/qla4xxx/ql4_os.c | 2 drivers/scsi/scsi_scan.c | 2 drivers/scsi/scsi_transport_sas.c | 60 + drivers/soc/qcom/mdt_loader.c | 53 + drivers/soc/qcom/rpmh-rsc.c | 2 drivers/soc/tegra/pmc.c | 51 - drivers/soundwire/amd_manager.c | 6 drivers/soundwire/bus.c | 6 drivers/spi/spi-fsl-lpspi.c | 8 drivers/staging/media/imx/imx-media-csc-scaler.c | 2 drivers/target/target_core_fabric_lib.c | 63 + drivers/target/target_core_internal.h | 4 drivers/target/target_core_pr.c | 18 drivers/thermal/qcom/qcom-spmi-temp-alarm.c | 43 - drivers/thermal/thermal_sysfs.c | 9 drivers/thunderbolt/domain.c | 2 drivers/tty/serial/8250/8250_port.c | 3 drivers/tty/vt/defkeymap.c_shipped | 112 +++ drivers/tty/vt/keyboard.c | 2 drivers/ufs/core/ufshcd-priv.h | 2 drivers/ufs/host/ufs-exynos.c | 4 drivers/ufs/host/ufshcd-pci.c | 42 + drivers/usb/atm/cxacru.c | 106 +- drivers/usb/class/cdc-acm.c | 11 drivers/usb/core/config.c | 10 drivers/usb/core/hcd.c | 8 drivers/usb/core/quirks.c | 1 drivers/usb/core/urb.c | 2 drivers/usb/dwc3/dwc3-imx8mp.c | 6 drivers/usb/dwc3/dwc3-meson-g12a.c | 3 drivers/usb/dwc3/dwc3-pci.c | 2 drivers/usb/dwc3/ep0.c | 20 drivers/usb/dwc3/gadget.c | 19 drivers/usb/gadget/udc/renesas_usb3.c | 1 drivers/usb/host/xhci-hub.c | 3 drivers/usb/host/xhci-mem.c | 24 drivers/usb/host/xhci-pci-renesas.c | 7 drivers/usb/host/xhci-ring.c | 19 drivers/usb/host/xhci.c | 27 drivers/usb/host/xhci.h | 3 drivers/usb/musb/omap2430.c | 14 drivers/usb/storage/realtek_cr.c | 2 drivers/usb/storage/unusual_devs.h | 29 drivers/usb/typec/mux/intel_pmc_mux.c | 2 drivers/usb/typec/tcpm/fusb302.c | 8 drivers/usb/typec/tcpm/maxim_contaminant.c | 54 + drivers/usb/typec/tcpm/tcpci_maxim.h | 1 drivers/usb/typec/ucsi/psy.c | 2 drivers/usb/typec/ucsi/ucsi.c | 1 drivers/usb/typec/ucsi/ucsi.h | 7 drivers/vfio/pci/mlx5/cmd.c | 4 drivers/vfio/vfio_iommu_type1.c | 7 drivers/vhost/vhost.c | 3 drivers/vhost/vsock.c | 6 drivers/video/console/vgacon.c | 2 drivers/video/fbdev/core/fbcon.c | 9 drivers/video/fbdev/core/fbmem.c | 3 drivers/virt/coco/efi_secret/efi_secret.c | 10 drivers/watchdog/dw_wdt.c | 2 drivers/watchdog/iTCO_wdt.c | 6 drivers/watchdog/sbsa_gwdt.c | 50 + fs/btrfs/backref.c | 6 fs/btrfs/block-group.c | 61 + fs/btrfs/block-group.h | 11 fs/btrfs/block-rsv.c | 2 fs/btrfs/block-rsv.h | 2 fs/btrfs/btrfs_inode.h | 3 fs/btrfs/ctree.c | 24 fs/btrfs/ctree.h | 6 fs/btrfs/delayed-inode.c | 12 fs/btrfs/discard.c | 4 fs/btrfs/extent-tree.c | 33 fs/btrfs/file-item.c | 4 fs/btrfs/file-item.h | 2 fs/btrfs/free-space-tree.c | 17 fs/btrfs/inode-item.c | 10 fs/btrfs/inode-item.h | 4 fs/btrfs/inode.c | 26 fs/btrfs/qgroup.c | 31 fs/btrfs/relocation.c | 19 fs/btrfs/send.c | 359 +++++----- fs/btrfs/space-info.c | 17 fs/btrfs/space-info.h | 6 fs/btrfs/tree-log.c | 72 +- fs/btrfs/tree-mod-log.c | 14 fs/btrfs/tree-mod-log.h | 6 fs/btrfs/zoned.c | 20 fs/btrfs/zoned.h | 4 fs/buffer.c | 2 fs/crypto/fscrypt_private.h | 16 fs/crypto/hkdf.c | 2 fs/crypto/keysetup.c | 3 fs/crypto/keysetup_v1.c | 3 fs/eventpoll.c | 60 + fs/exfat/dir.c | 12 fs/exfat/fatent.c | 10 fs/exfat/namei.c | 5 fs/exfat/super.c | 32 fs/ext2/inode.c | 12 fs/ext4/fsmap.c | 23 fs/ext4/indirect.c | 4 fs/ext4/inline.c | 19 fs/ext4/inode.c | 2 fs/ext4/mballoc.c | 67 - fs/ext4/orphan.c | 5 fs/ext4/super.c | 8 fs/f2fs/file.c | 24 fs/f2fs/node.c | 10 fs/file.c | 90 +- fs/gfs2/meta_io.c | 2 fs/hfs/bfind.c | 3 fs/hfs/bnode.c | 93 ++ fs/hfs/btree.c | 57 + fs/hfs/extent.c | 2 fs/hfs/hfs_fs.h | 1 fs/hfsplus/bnode.c | 92 ++ fs/hfsplus/unicode.c | 7 fs/hfsplus/xattr.c | 6 fs/hugetlbfs/inode.c | 2 fs/jbd2/checkpoint.c | 1 fs/jfs/file.c | 3 fs/jfs/inode.c | 2 fs/jfs/jfs_dmap.c | 6 fs/libfs.c | 4 fs/namespace.c | 34 fs/nfs/blocklayout/blocklayout.c | 4 fs/nfs/blocklayout/dev.c | 5 fs/nfs/blocklayout/extent_tree.c | 20 fs/nfs/client.c | 44 + fs/nfs/internal.h | 2 fs/nfs/nfs4client.c | 20 fs/nfs/nfs4proc.c | 2 fs/nfs/pnfs.c | 11 fs/nfsd/nfs4state.c | 34 fs/ntfs3/dir.c | 3 fs/ntfs3/inode.c | 31 fs/orangefs/orangefs-debugfs.c | 2 fs/smb/client/cifssmb.c | 10 fs/smb/client/connect.c | 10 fs/smb/client/sess.c | 9 fs/smb/client/smb2ops.c | 11 fs/smb/client/smbdirect.c | 24 fs/smb/server/connection.c | 3 fs/smb/server/connection.h | 7 fs/smb/server/oplock.c | 13 fs/smb/server/smb2pdu.c | 16 fs/smb/server/transport_rdma.c | 5 fs/smb/server/transport_rdma.h | 4 fs/smb/server/transport_tcp.c | 26 fs/squashfs/super.c | 14 fs/tracefs/inode.c | 11 fs/udf/super.c | 13 fs/xfs/xfs_itable.c | 6 include/linux/arch_topology.h | 8 include/linux/blk_types.h | 6 include/linux/compiler.h | 8 include/linux/cpufreq.h | 1 include/linux/energy_model.h | 6 include/linux/fs.h | 4 include/linux/hypervisor.h | 3 include/linux/if_vlan.h | 21 include/linux/iosys-map.h | 7 include/linux/memfd.h | 14 include/linux/mm.h | 82 +- include/linux/pci.h | 10 include/linux/pm_runtime.h | 18 include/linux/sched/topology.h | 8 include/linux/skbuff.h | 8 include/linux/usb/cdc_ncm.h | 1 include/linux/virtio_vsock.h | 7 include/net/bond_3ad.h | 3 include/net/bond_options.h | 1 include/net/bonding.h | 23 include/net/cfg80211.h | 2 include/net/mac80211.h | 2 include/net/neighbour.h | 1 include/net/net_namespace.h | 16 include/net/sock.h | 1 include/trace/events/btrfs.h | 6 include/trace/events/thp.h | 2 include/uapi/linux/if_link.h | 1 include/uapi/linux/in6.h | 4 include/uapi/linux/io_uring.h | 2 include/uapi/linux/pfrut.h | 1 io_uring/net.c | 19 kernel/bpf/verifier.c | 3 kernel/cgroup/cpuset.c | 2 kernel/fork.c | 2 kernel/module/main.c | 10 kernel/power/console.c | 7 kernel/rcu/tree.c | 2 kernel/rcu/tree.h | 14 kernel/rcu/tree_plugin.h | 44 - kernel/sched/cpufreq_schedutil.c | 30 kernel/sched/fair.c | 19 kernel/trace/ftrace.c | 19 kernel/trace/trace.c | 33 kernel/trace/trace.h | 10 mm/debug_vm_pgtable.c | 9 mm/filemap.c | 2 mm/kmemleak.c | 10 mm/madvise.c | 2 mm/memfd.c | 2 mm/memory-failure.c | 8 mm/mmap.c | 12 mm/ptdump.c | 2 mm/shmem.c | 2 net/bluetooth/hci_conn.c | 3 net/bluetooth/hci_event.c | 8 net/bluetooth/hci_sock.c | 2 net/bridge/br_multicast.c | 16 net/bridge/br_private.h | 2 net/core/dev.c | 12 net/core/neighbour.c | 12 net/core/net_namespace.c | 8 net/core/sock.c | 27 net/hsr/hsr_slave.c | 8 net/ipv4/netfilter/nf_reject_ipv4.c | 6 net/ipv4/route.c | 1 net/ipv4/udp_offload.c | 2 net/ipv6/addrconf.c | 7 net/ipv6/mcast.c | 11 net/ipv6/netfilter/nf_reject_ipv6.c | 5 net/ipv6/seg6_hmac.c | 6 net/mac80211/cfg.c | 12 net/mac80211/chan.c | 1 net/mac80211/mlme.c | 9 net/mac80211/rx.c | 12 net/mctp/af_mctp.c | 26 net/mptcp/options.c | 6 net/mptcp/pm_netlink.c | 19 net/mptcp/subflow.c | 5 net/ncsi/internal.h | 2 net/ncsi/ncsi-rsp.c | 1 net/netfilter/nf_conntrack_netlink.c | 24 net/netlink/af_netlink.c | 12 net/rds/tcp.c | 8 net/sched/sch_cake.c | 14 net/sched/sch_ets.c | 36 - net/sched/sch_htb.c | 2 net/sctp/input.c | 2 net/smc/af_smc.c | 8 net/sunrpc/svcsock.c | 5 net/sunrpc/xprtsock.c | 8 net/tls/tls.h | 2 net/tls/tls_strp.c | 11 net/tls/tls_sw.c | 10 net/vmw_vsock/virtio_transport.c | 14 net/wireless/mlme.c | 3 net/xfrm/xfrm_state.c | 72 +- scripts/kconfig/gconf.c | 8 scripts/kconfig/lxdialog/inputbox.c | 6 scripts/kconfig/lxdialog/menubox.c | 2 scripts/kconfig/nconf.c | 2 scripts/kconfig/nconf.gui.c | 1 security/apparmor/file.c | 6 security/apparmor/include/lib.h | 6 security/inode.c | 2 sound/core/pcm_native.c | 19 sound/hda/hdac_device.c | 2 sound/pci/hda/hda_codec.c | 42 - sound/pci/hda/patch_ca0132.c | 2 sound/pci/hda/patch_realtek.c | 4 sound/pci/intel8x0.c | 2 sound/soc/codecs/hdac_hdmi.c | 10 sound/soc/codecs/rt5640.c | 5 sound/soc/fsl/fsl_sai.c | 20 sound/soc/intel/avs/core.c | 3 sound/soc/qcom/lpass-platform.c | 27 sound/soc/soc-core.c | 3 sound/soc/soc-dapm.c | 4 sound/usb/mixer_quirks.c | 14 sound/usb/stream.c | 25 sound/usb/validate.c | 14 tools/bpf/bpftool/main.c | 6 tools/include/nolibc/std.h | 4 tools/include/nolibc/types.h | 4 tools/include/uapi/linux/if_link.h | 1 tools/power/cpupower/utils/idle_monitor/mperf_monitor.c | 4 tools/scripts/Makefile.include | 4 tools/testing/ktest/ktest.pl | 5 tools/testing/selftests/arm64/fp/sve-ptrace.c | 3 tools/testing/selftests/bpf/prog_tests/user_ringbuf.c | 10 tools/testing/selftests/bpf/progs/verifier_unpriv.c | 2 tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc | 2 tools/testing/selftests/futex/include/futextest.h | 11 tools/testing/selftests/memfd/memfd_test.c | 43 + tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 612 files changed, 6026 insertions(+), 2723 deletions(-) Aahil Awatramani (1): bonding: Add independent control state machine Aakash Kumar S (1): xfrm: Duplicate SPI Handling Aaron Kling (1): ARM: tegra: Use I/O memcpy to write to IRAM Aaron Plattner (1): watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition Abel Vesa (1): power: supply: qcom_battmgr: Add lithium-polymer entry Aditya Garg (2): HID: magicmouse: avoid setting up battery timer when not needed HID: apple: avoid setting up battery timer for devices without battery Adrian Hunter (1): scsi: ufs: ufs-pci: Fix default runtime and system PM levels Al Viro (5): better lockdep annotations for simple_recursive_removal() fix locking in efi_secret_unlink() securityfs: don't pin dentries twice, once is enough... use uniform permission checks for all mount propagation changes alloc_fdtable(): change calling conventions. Alex Deucher (1): drm/amdgpu: update mmhub 3.0.1 client id mappings Alex Guo (2): media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar Alexander Kochetkov (1): ARM: rockchip: fix kernel hang during smp initialization Alexander Sverdlin (1): arm64: dts: ti: k3-pinctrl: Enable Schmitt Trigger by default Alexander Wilhelm (1): bus: mhi: host: Fix endianness of BHI vector table Alexey Klimov (1): iommu/arm-smmu-qcom: Add SM6115 MDSS compatible Alok Tiwari (6): net: ti: icss-iep: Fix incorrect type for return value in extts_enable() ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 be2net: Use correct byte order and format string for TCP seq and ack_seq net: thunderx: Fix format-truncation warning in bgx_acpi_match_id() perf/cxlpmu: Remove unintended newline from IRQ name format string gve: Return error for unknown admin queue command Amber Lin (1): drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Amelie Delaunay (1): dmaengine: stm32-dma: configure next sg only if there are more than 2 sgs Amir Mohammad Jahangirzad (1): fs/orangefs: use snprintf() instead of sprintf() Amit Sunil Dhamne (2): usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean usb: typec: maxim_contaminant: disable low power mode when reading comparator values Anantha Prabhu (1): RDMA/bnxt_re: Fix to initialize the PBL array Andreas Dilger (1): ext4: check fast symlink for ea_inode correctly Andrew Price (1): gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops André Draszik (1): scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE Andy Shevchenko (2): Documentation: ACPI: Fix parent device references iio: imu: inv_icm42600: Convert to uXX and sXX integer types Anshuman Khandual (1): mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Anthoine Bourgeois (1): xen/netfront: Fix TX response spurious interrupts Archana Patni (1): scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers Armen Ratner (1): net/mlx5e: Preserve shared buffer capacity during headroom updates Arnaud Lecomte (1): jfs: upper bound check of tree index in dbAllocAG Arnd Bergmann (1): RDMA/core: reduce stack using in nldev_stat_get_doit() Artem Sadovnikov (1): vfio/mlx5: fix possible overflow in tracking max message size Avraham Stern (1): wifi: iwlwifi: mvm: fix scan request validation Baihan Li (1): drm/hisilicon/hibmc: fix the hibmc loaded failed bug Baokun Li (4): ext4: fix zombie groups in average fragment size lists ext4: fix largest free orders lists corruption on mb_optimize_scan switch jbd2: prevent softlockup in jbd2_log_do_checkpoint() ext4: preserve SB_I_VERSION on remount Bartosz Golaszewski (2): gpio: wcd934x: check the return value of regmap_update_bits() gpio: tps65912: check the return value of regmap_update_bits() Benjamin Marzinski (1): dm-table: fix checking for rq stackable devices Benson Leung (1): usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default Bharat Bhushan (1): crypto: octeontx2 - add timeout for load_fvc completion poll Biju Das (1): net: phy: micrel: Add ksz9131_resume() Bingbu Cao (1): media: hi556: correct the test pattern configuration Bitterblue Smith (3): wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB wifi: rtw89: Fix rtw89_mac_power_switch() for USB wifi: rtw89: Disable deep power saving for USB/SDIO Bjorn Andersson (2): soc: qcom: mdt_loader: Actually use the e_phoff soc: qcom: mdt_loader: Ensure we don't read past the ELF header Bjorn Helgaas (1): mmc: sdhci-pci-gli: Use PCI AER definitions, not hard-coded values Boris Burkov (1): btrfs: fix ssd_spread overallocation Boshi Yu (1): RDMA/erdma: Fix ignored return value of init_kernel_qp Breno Leitao (5): ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path arm64: Mark kernel as tainted on SAE and SError panic ptp: Use ratelimite for freerun error message ipmi: Use dev_warn_ratelimited() for incorrect message warnings mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock Buday Csaba (1): net: phy: smsc: add proper reset flags for LAN8710A Cezary Rojewski (1): ASoC: Intel: avs: Fix uninitialized pointer error in probe() Chao Gao (1): KVM: nVMX: Defer SVI update to vmcs01 on EOI when L2 is active w/o VID Chao Yu (1): f2fs: fix to avoid out-of-boundary access in dnode page Charles Keepax (1): soundwire: Move handle_nested_irq outside of sdw_dev_lock Cheick Traore (1): pinctrl: stm32: Manage irq affinity settings Chen Yu (1): ACPI: pfr_update: Fix the driver update version check Chen-Yu Tsai (1): mfd: axp20x: Set explicit ID for AXP313 regulator Chenyuan Yang (1): drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() Chris Mason (1): sched/fair: Bump sd->max_newidle_lb_cost when newidle balance fails Christian Loehle (1): cpuidle: menu: Remove iowait influence Christoph Hellwig (2): block: reject invalid operation in submit_bio_noacct xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags Christoph Paasch (1): mptcp: drop skb if MPTCP skb extension allocation fails Christophe Leroy (1): ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop Christopher Eby (1): ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks Corey Minyard (1): ipmi: Fix strcpy source and destination the same Cristian Ciocaltea (1): ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros Cynthia Huang (1): selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t D. Wythe (1): net/smc: fix UAF on smcsk after smc_listen_out() Dai Ngo (1): NFSD: detect mismatch of file handle and delegation stateid in OPEN op Damien Le Moal (9): ata: libata-sata: Disallow changing LPM state if not supported scsi: mpt3sas: Correctly handle ATA device errors scsi: mpi3mr: Correctly handle ATA device errors ata: libata-scsi: Fix ata_to_sense_error() status handling PCI: endpoint: Fix configfs group list head handling PCI: endpoint: Fix configfs group removal on driver teardown block: Make REQ_OP_ZONE_FINISH a write operation ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig ata: libata-scsi: Return aborted command when missing sense and result TF Dan Carpenter (5): cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() media: gspca: Add bounds checking to firmware parser soc: qcom: mdt_loader: Fix error return values in mdt_header_valid() scsi: qla4xxx: Prevent a potential error pointer dereference ALSA: usb-audio: Fix size validation in convert_chmap_v3() Daniel Golle (1): Revert "leds: trigger: netdev: Configure LED blink interval for HW offload" Daniel Jurgens (1): net/mlx5: Base ECVF devlink port attrs from 0 Dave Stevenson (3): media: tc358743: Check I2C succeeded during probe media: tc358743: Return an appropriate colorspace from tc358743_set_fmt media: tc358743: Increase FIFO trigger level to 374 David Bauer (1): wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch David Collins (1): thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required David Lechner (6): iio: adc: ad_sigma_delta: don't overallocate scan buffer iio: imu: bno055: fix OOB access of hw_xlate array iio: adc: ad_sigma_delta: change to buffer predisable iio: proximity: isl29501: fix buffered read on big-endian systems iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read() iio: imu: inv_icm42600: use = { } instead of memset() David Sterba (3): btrfs: move transaction aborts to the error site in add_block_group_free_space() btrfs: open code timespec64 in struct btrfs_inode btrfs: constify more pointer parameters David Thompson (3): gpio: mlxbf2: use platform_get_irq_optional() Revert "gpio: mlxbf3: only get IRQ for device instance 0" gpio: mlxbf3: use platform_get_irq_optional() Davide Caratti (1): net/sched: ets: use old 'nbands' while purging unused classes Edward Adam Davis (2): jfs: Regular file corruption check comedi: pcl726: Prevent invalid irq number Eliav Farber (1): pps: clients: gpio: fix interrupt handling order in remove path Emanuele Ghidoli (1): arm64: dts: ti: k3-am62-verdin: Enable pull-ups on I2C buses Emily Deng (1): drm/ttm: Should to return the evict error Eric Biggers (4): thunderbolt: Fix copy+paste error in match_service_id() lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap ipv6: sr: Fix MAC comparison to be constant-time fscrypt: Don't use problematic non-inline crypto engines Eric Dumazet (2): net: better track kernel sockets lifetime net_sched: sch_ets: implement lockless ets_dump() Eric Work (1): net: atlantic: add set_power to fw_ops for atl2 to fix wol Evgeniy Harchenko (1): ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 Fanhua Li (1): drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor(). Fedor Pchelkin (1): netlink: avoid infinite retry looping in netlink_unicast() Fenglin Wu (1): leds: flash: leds-qcom-flash: Limit LED current based on thermal condition Filipe Manana (14): btrfs: abort transaction during log replay if walk_log_tree() failed btrfs: clear dirty status from extent buffer on error at insert_new_root() btrfs: fix log tree replay failure due to file with 0 links and extents btrfs: don't ignore inode missing when replaying log tree btrfs: qgroup: fix race between quota disable and quota rescan ioctl btrfs: always abort transaction on failure to add block group to free space tree btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() btrfs: send: factor out common logic when sending xattrs btrfs: send: only use boolean variables at process_recorded_refs() btrfs: send: add and use helper to rename current inode when processing refs btrfs: send: keep the current inode's path cached btrfs: send: avoid path allocation for the current inode when issuing commands btrfs: send: use fallocate for hole punching with send stream v2 btrfs: send: make fs_path_len() inline and constify its argument Finn Thain (1): m68k: Fix lost column on framebuffer debug console Florian Larysch (1): net: phy: micrel: fix KSZ8081/KSZ8091 cable test Florian Westphal (2): netfilter: ctnetlink: fix refcount leak on table dump netfilter: nf_reject: don't leak dst refcount for loopback packets Florin Leotescu (1): hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state Frederic Weisbecker (1): rcu: Fix racy re-initialization of irq_work causing hangs Gabor Juhos (1): mtd: spinand: propagate spinand_wait() errors from spinand_write_page() Gabriel Totev (1): apparmor: shift ouid when mediating hard links in userns Gal Pressman (2): net: vlan: Make is_vlan_dev() a stub when VLAN is not configured net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs Gang Ba (1): drm/amdgpu: Avoid extra evict-restore process. Gautham R. Shenoy (1): pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() Geliang Tang (2): mptcp: remove duplicate sk_reset_timer call mptcp: disable add_addr retransmission when timeout is 0 George Moussalem (1): clk: qcom: ipq5018: keep XO clock always on Gerald Schaefer (1): s390/mm: Remove possible false-positive warning in pte_free_defer() Geraldo Nascimento (3): phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal PCI: rockchip: Use standard PCIe definitions PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining Giovanni Cabiddu (2): crypto: qat - lower priority for skcipher and aead algorithms crypto: qat - flush misc workqueue during device shutdown Greg Kroah-Hartman (1): Linux 6.6.103 Gui-Dong Han (1): media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() Haiyang Zhang (1): hv_netvsc: Fix panic during namespace deletion with VF Hangbin Liu (2): bonding: update LACP activity flag after setting lacp_active bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU Hans Verkuil (1): media: vivid: fix wrong pixel_array control size Hans de Goede (2): mei: bus: Check for still connected devices in mei_cl_bus_dev_release() media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls Haoran Jiang (1): LoongArch: BPF: Fix jump offset calculation in tailcall Haoxiang Li (1): media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() Harald Mommer (1): gpio: virtio: Fix config space reading. Hari Chandrakanthan (1): wifi: mac80211: fix rx link assignment for non-MLO stations Hari Kalavakunta (1): net: ncsi: Fix buffer overflow in fetching version id Hariprasad Kelam (1): Octeontx2-af: Skip overlap check for SPI field Heikki Krogerus (1): usb: dwc3: pci: add support for the Intel Wildcat Lake Heiner Kallweit (1): dpaa_eth: don't use fixed_phy_change_carrier Helge Deller (1): Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" Herton R. Krzesinski (1): mm/debug_vm_pgtable: clear page table entries at destroy_args() Hiago De Franco (1): remoteproc: imx_rproc: skip clock enable when M-core is managed by the SCU Hong Guan (1): arm64: dts: ti: k3-am62a7-sk: fix pinmux for main_uart1 Horatiu Vultur (1): phy: mscc: Fix timestamping for vsc8584 Hsin-Te Yuan (1): thermal: sysfs: Return ENODATA instead of EAGAIN for reads Huacai Chen (1): PCI: Extend isolated function probing to LoongArch Ian Abbott (3): comedi: fix race between polling and detaching comedi: Make insn_rw_emulate_bits() do insn->n samples comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() Ido Schimmel (1): mlxsw: spectrum: Forward packets with an IPv4 link-local source IP Igor Pylypiv (1): ata: libata-scsi: Fix CDL control Ihor Solodrai (1): bpf: Make reg_not_null() true for CONST_PTR_TO_MAP Ilan Peer (1): wifi: cfg80211: Fix interface type validation Ilya Bakoulin (1): drm/amd/display: Separate set_gsl from set_gsl_source_select Imre Deak (1): drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS Isaac J. Manjarres (4): mm: drop the assumption that VM_SHARED always implies writable mm: update memfd seal write check to include F_SEAL_WRITE mm: reinstate ability to map write-sealed memfd mappings read-only selftests/memfd: add test for mapping write-sealed memfd read-only Jack Xiao (1): drm/amdgpu: fix incorrect vm flags to map bo Jaegeuk Kim (1): f2fs: check the generic conditions first Jakub Acs (1): net, hsr: reject HSR frame if skb can't hold tag Jakub Kicinski (3): tls: handle data disappearing from under the TLS ULP uapi: in6: restore visibility of most IPv6 socket options tls: fix handling of zero-length records on the rx_list Jakub Ramaseuski (1): net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM Jan Beulich (1): compiler: remove __ADDRESSABLE_ASM{_STR,}() again Jan Kara (2): loop: Avoid updating block size under exclusive owner udf: Verify partition map count Jann Horn (1): eventpoll: Fix semi-unbounded recursion Jason Gunthorpe (1): iommufd: Prevent ALIGN() overflow Jason Wang (1): vhost: fail early when __vhost_add_used() fails Jason Xing (1): ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc Jay Chen (1): usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command Jean-Baptiste Maneyrol (1): iio: imu: inv_icm42600: change invalid data error to -EBUSY Jeff Layton (1): nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Jens Axboe (1): io_uring/net: commit partial buffers on retry Jeongjun Park (1): ptp: prevent possible ABBA deadlock in ptp_clock_freerun() Jiasheng Jiang (1): scsi: lpfc: Remove redundant assignment to avoid memory leak Jiayi Li (2): ACPI: processor: perflib: Fix initial _PPC limit application memstick: Fix deadlock by moving removing flag earlier Jinjiang Tu (1): mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn Joel Fernandes (1): rcu: Fix rcu_read_unlock() deadloop due to IRQ work Johan Adolfsson (1): leds: leds-lp50xx: Handle reg to get correct multi_index Johan Hovold (15): net: gianfar: fix device leak when querying time stamp info net: enetc: fix device and OF node leak at probe net: mtk_eth_soc: fix device leak at probe net: ti: icss-iep: fix device and OF node leaks at probe net: dpaa: fix device leak when querying time stamp info usb: gadget: udc: renesas_usb3: fix device leak at unbind usb: musb: omap2430: fix device leak at unbind usb: dwc3: meson-g12a: fix device leaks at unbind wifi: ath12k: fix dest ring-buffer corruption wifi: ath12k: fix source ring-buffer corruption wifi: ath12k: fix dest ring-buffer corruption when ring is full wifi: ath11k: fix dest ring-buffer corruption wifi: ath11k: fix source ring-buffer corruption wifi: ath11k: fix dest ring-buffer corruption when ring is full usb: dwc3: imx8mp: fix device leak at unbind Johannes Berg (2): wifi: cfg80211: reject HTC bit for management frames wifi: mac80211: don't complete management TX on SAE commit Johannes Thumshirn (1): btrfs: zoned: use filesystem size not disk size for reclaim decision John David Anglin (8): parisc: Check region is readable by user in raw_copy_from_user() parisc: Define and use set_pte_at() parisc: Drop WARN_ON_ONCE() from flush_cache_vmap parisc: Rename pte_needs_flush() to pte_needs_cache_flush() in cache.c parisc: Revise __get_user() to probe user read access parisc: Revise gateway LWS calls to probe user read access parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault() parisc: Update comments in make_insert_tlb John Garry (2): scsi: aacraid: Stop using PCI_IRQ_AFFINITY block: avoid possible overflow for chunk_sectors check in blk_stack_limits() Jon Hunter (1): soc/tegra: pmc: Ensure power-domains are in a known state Jonas Rebmann (1): net: fec: allow disable coalescing Jonathan Cameron (2): iio: light: as73211: Ensure buffer holes are zeroed iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 Jonathan Santos (1): iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement Jordan Rhee (1): gve: prevent ethtool ops after shutdown Jorge Marques (1): i3c: master: Initialize ret in i3c_i2c_notifier_call() Jorge Ramirez-Ortiz (2): media: venus: hfi: explicitly release IRQ during teardown media: venus: protect against spurious interrupts during probe Judith Mendez (1): arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support Justin Tee (1): scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure Kanglong Wang (1): LoongArch: Optimize module load time by optimizing PLT/GOT counting Karthikeyan Kathirvel (1): wifi: ath12k: Decrement TID on RX peer frag setup error handling Kashyap Desai (2): RDMA/bnxt_re: Fix to do SRQ armena by default RDMA/bnxt_re: Fix to remove workload check in SRQ limit path Kathiravan Thirumoorthy (1): phy: qcom: phy-qcom-m31: Update IPQ5332 M31 USB phy initialization sequence Kees Cook (3): arm64: Handle KCOV __init vs inline mismatches platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches iommu/amd: Avoid stack buffer overflow from kernel cmdline Keith Busch (2): nvme-pci: try function level reset on init failure vfio/type1: conditional rescheduling while pinning Krzysztof Hałasa (1): imx8m-blk-ctrl: set ISI panic write hurry level Krzysztof Kozlowski (3): dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints leds: flash: leds-qcom-flash: Fix registry access after re-bind Kuen-Han Tsai (1): usb: dwc3: Ignore late xferNotReady event to prevent halt timeout Kuninori Morimoto (1): ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed Kuniyuki Iwashima (2): ipv6: mcast: Check inet6_dev->dead under idev->mc_lock in __ipv6_dev_mc_inc(). net: Add net_passive_inc() and net_passive_dec(). Lad Prabhakar (1): drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range Laurentiu Mihalcea (1): pwm: imx-tpm: Reset counter if CMOD is 0 Len Brown (1): intel_idle: Allow loading ACPI tables for any family Leon Romanovsky (1): net/mlx5e: Properly access RCU protected qdisc_sleeping variable Liao Yuanhong (1): ext4: use kmalloc_array() for array space allocation Lifeng Zheng (2): cpufreq: Exit governor when failed to start old governor PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() Lizhi Xu (2): fs/ntfs3: Add sanity check for file name jfs: truncate good inode pages when hard link is 0 Lucy Thrun (1): ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control Ludwig Disterhof (1): media: usbtv: Lock resolution while streaming Lukas Wunner (1): PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports Ma Ke (1): sunvdc: Balance device refcount in vdc_port_mpgroup_check Mael GUERIN (1): USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera Manuel Andreas (1): KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush Marek Szyprowski (1): zynq_fpga: use sgtable-based scatterlist wrappers Marek Vasut (1): usb: renesas-xhci: Fix External ROM access timeouts Mario Limonciello (8): platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list usb: xhci: Avoid showing warnings for dying controller usb: xhci: Avoid showing errors during surprise removal drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual drm/amd/display: Only finalize atomic_obj if it was initialized drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported drm/amd: Restore cached power limit during resume drm/amd/display: Avoid a NULL pointer dereference Mark Brown (2): ASoC: hdac_hdmi: Rate limit logging on connection and disconnection kselftest/arm64: Specify SVE data when testing VL set in sve-ptrace Markus Theil (1): crypto: jitter - fix intermediary handling Masahiro Yamada (2): kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed() kconfig: gconf: fix potential memory leak in renderer_edited() Masami Hiramatsu (Google) (2): selftests: tracing: Use mutex_unlock for testing glob filter tracing: fprobe-event: Sanitize wildcard for fprobe event name Mateusz Guzik (1): apparmor: use the condition in AA_BUG_FMT even with debug disabled Matt Johnston (1): net: mctp: Prevent duplicate binds Matthieu Baerts (NGI0) (2): mptcp: pm: kernel: flush: do not reset ADD_ADDR limit selftests: mptcp: pm: check flush doesn't reset limits Maulik Shah (1): soc: qcom: rpmh-rsc: Add RSC version 4 support Maurizio Lombardi (1): scsi: target: core: Generate correct identifiers for PR OUT transport IDs Maxim Levitsky (3): KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest Meagan Lloyd (2): rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe Miao Li (1): usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive Miaoqian Lin (1): most: core: Drop device reference after usage in get_channel() Michael Walle (1): mtd: spi-nor: Fix spi_nor_try_unlock_all() Michal Suchanek (1): powerpc/boot: Fix build with gcc 15 Michel Dänzer (1): drm/amd/display: Add primary plane to commits for correct VRR handling Mikhail Lobanov (1): wifi: mac80211: check basic rates validity in sta_link_apply_parameters Mikulas Patocka (1): dm-mpath: don't print the "loaded" message if registering fails Mina Almasry (1): netmem: fix skb_frag_address_safe with unreadable skbs Minhong He (1): ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add Miri Korenblit (1): wifi: iwlwifi: mvm: set gtk id also in older FWs Myrrh Periwinkle (3): usb: typec: ucsi: Update power_supply on power role change vt: keyboard: Don't process Unicode characters in K_OFF mode vt: defkeymap: Map keycodes above 127 to K_HOLE Namjae Jeon (1): ksmbd: extend the connection limiting mechanism to support IPv6 Naohiro Aota (3): btrfs: zoned: do not remove unwritten non-data block group btrfs: zoned: do not select metadata BG as finish target btrfs: zoned: fix write time activation failure for metadata block group Nathan Chancellor (2): usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() NeilBrown (1): smb/server: avoid deadlock when linking with ReplaceIfExists Nicolas Dufresne (1): media: verisilicon: Fix AV1 decoder clock frequency Nicolas Escande (1): neighbour: add support for NUD_PERMANENT proxy entries Nicolin Chen (1): iommufd: Report unmapped bytes in the error path of iopt_unmap_iova_range Niklas Söderlund (1): media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control Nitin Gote (1): iosys-map: Fix undefined behavior in iosys_map_clear() Ojaswin Mujoo (2): ext4: fix fsmap end of range reporting with bigalloc ext4: fix reserved gdt blocks handling in fsmap Oliver Neukum (3): usb: core: usb_submit_urb: downgrade type check net: usb: cdc-ncm: check for filtering capability cdc-acm: fix race between initial clearing halt and open Oscar Maes (1): net: ipv4: fix incorrect MTU in broadcast routes Pagadala Yesu Anjaneyulu (1): wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect Pali Rohár (1): cifs: Fix calling CIFSFindFirst() for root path without msearch Paul E. McKenney (1): rcu: Protect ->defer_qs_iw_pending from data race Pauli Virtanen (1): Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established Pavel Begunkov (1): io_uring: don't use int for ABI Pawan Gupta (1): x86/bugs: Avoid warning when overriding return thunk Pedro Falcato (1): RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages Pei Xiao (1): clk: tegra: periph: Fix error handling and resolve unsigned compare warning Peter Oberparleiter (3): s390/sclp: Fix SCCB present check s390/hypfs: Avoid unnecessary ioctl registration in debugfs s390/hypfs: Enable limited access during lockdown Peter Robinson (1): reset: brcmstb: Enable reset drivers for ARCH_BCM2835 Peter Ujfalusi (1): ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() Petr Pavlu (1): module: Prevent silent truncation of module name in delete_module(2) Phillip Lougher (1): squashfs: fix memory leak in squashfs_fill_super Prashant Malani (1): cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag Pu Lehui (1): tracing: Limit access to parser->buffer when trace_get_user failed Purva Yeshi (1): md: dm-zoned-target: Initialize return variable r to avoid uninitialized use Qingfang Deng (2): net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path ppp: fix race conditions in ppp_fill_forward_path Qu Wenruo (2): btrfs: do not allow relocation of partially dropped subvolumes btrfs: populate otime when logging an inode item Rafael J. Wysocki (5): ACPI: processor: perflib: Move problematic pr->performance check cpuidle: governors: menu: Avoid using invalid recent intervals data PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() PM: runtime: Take active children into account in pm_runtime_get_if_in_use() cpuidle: governors: menu: Avoid selecting states with too much latency Raj Kumar Bhagat (1): wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 Ramya Gnanasekar (1): wifi: mac80211: update radar_required in channel context after channel switch Rand Deeb (1): wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() Randy Dunlap (2): parisc: Makefile: fix a typo in palo.conf parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers Ranjan Kumar (4): scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans scsi: mpi3mr: Fix race between config read submit and interrupt completion scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems Ricardo Ribalda (3): media: uvcvideo: Do not mark valid metadata as invalid media: venus: vdec: Clamp param smaller than 1fps and bigger than 240. media: venus: venc: Clamp param smaller than 1fps and bigger than 240 Richard Zhu (2): PCI: imx6: Delay link start until configfs 'start' written PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features Ricky Wu (1): misc: rtsx: usb: Ensure mmc child device is active when card is present Rob Clark (1): drm/msm: use trylock for debugfs Rong Zhang (1): fs/ntfs3: correctly create symlink for relative path Sabrina Dubroca (1): udp: also consider secpath when evaluating ipsec use for checksumming Sakari Ailus (2): media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() PM: runtime: Simplify pm_runtime_get_if_active() usage Salah Triki (1): iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() Sarah Newman (1): drbd: add missing kref_get in handle_write_conflicts Sarika Sharma (2): wifi: ath12k: Correct tid cleanup when tid setup fails wifi: ath12k: Add memset and update default rate value in wmi tx completion Sarthak Garg (1): mmc: sdhci-msm: Ensure SD card power isn't ON when card removed Sasha Levin (1): fs: Prevent file descriptor table allocations exceeding INT_MAX Sean Christopherson (15): KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() KVM: x86: Snapshot the host's DEBUGCTL in common x86 KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits KVM: VMX: Handle forced exit due to preemption timer in fastpath KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 KVM: x86: Fully defer to vendor code to decide how to force immediate exit KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported KVM: VMX: Extract checking of guest's DEBUGCTL into helper KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer Sebastian Ott (1): ACPI: processor: fix acpi_object initialization Sebastian Reichel (2): watchdog: dw_wdt: Fix default timeout usb: typec: fusb302: cache PD RX state Selvarasu Ganesan (1): usb: dwc3: Remove WARN_ON for device endpoint command timeouts Sergey Bashirov (4): pNFS: Fix stripe mapping in block/scsi layout pNFS: Fix disk addr range check in block/scsi layout pNFS: Handle RPC size limit for layoutcommits pNFS: Fix uninited ptr deref in block/scsi layout Sergey Shtylyov (1): Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() Shankari Anand (1): kconfig: nconf: Ensure null termination where strncpy is used Shannon Nelson (1): ionic: clean dbpage in de-init Shengjiu Wang (1): ASoC: fsl_sai: replace regmap_write with regmap_update_bits Shiji Yang (2): MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free} MIPS: lantiq: falcon: sysctrl: fix request memory check logic Showrya M N (1): scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated Shuai Xue (1): ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered Shubhrajyoti Datta (1): EDAC/synopsys: Clear the ECC counters on init Shyam Prasad N (1): cifs: reset iface weights when we cannot find a candidate Sravan Kumar Gundu (1): fbdev: Fix vmalloc out-of-bounds write in fast_imageblit Srinivas Kandagatla (1): ASoC: qcom: use drvdata instead of component to keep id Stanislaw Gruszka (1): wifi: iwlegacy: Check rate_idx range after addition Stefan Metzmacher (3): smb: client: let send_done() cleanup before calling smbd_disconnect_rdma_connection() smb: client: don't wait for info->send_pending == 0 on error smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy() Stefan Wahren (1): spi: spi-fsl-lpspi: Clamp too high speed_hz Steve French (1): smb3: fix for slab out of bounds on mount to ksmbd Steven Rostedt (5): tracefs: Add d_delete to remove negative dentries powerpc/thp: tracing: Hide hugepage events under CONFIG_PPC_BOOK3S_64 ktest.pl: Prevent recursion of default variable options ftrace: Also allocate and copy hash for reading of filter files tracing: Remove unneeded goto out logic Su Hui (1): usb: xhci: print xhci->xhc_state when queue_command failed Suchit Karunakaran (1): kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c Sven Schnelle (2): s390/time: Use monotonic clock in get_cycles() s390/stp: Remove udelay from stp_sync_clock() Takashi Iwai (5): ALSA: usb-audio: Validate UAC3 power domain descriptors, too ALSA: usb-audio: Validate UAC3 cluster segment descriptors ALSA: hda: Handle the jack polling always via a work ALSA: hda: Disable jack polling at shutdown ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation Tetsuo Handa (1): hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() Theodore Ts'o (2): ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr ext4: don't try to clear the orphan_present feature block device is r/o Thierry Reding (1): firmware: tegra: Fix IVC dependency problems Thomas Fourier (8): et131x: Add missing check after DMA map net: ag71xx: Add missing check after DMA map (powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`. powerpc: floppy: Add missing checks after DMA map wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() mtd: rawnand: fsmc: Add missing check after DMA map mtd: rawnand: renesas: Add missing check after DMA map Thomas Weißschuh (5): tools/nolibc: define time_t in terms of __kernel_old_time_t tools/build: Fix s390(x) cross-compilation with clang um: Re-evaluate thread flags repeatedly MIPS: Don't crash in stack_top() for tasks without ABI or vDSO kbuild: userprogs: use correct linker when mixing clang and GNU ld Thorsten Blum (2): cdx: Fix off-by-one error in cdx_rpmsg_probe() usb: storage: realtek_cr: Use correct byte order for bcs->Residue Tianxiang Peng (1): x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Tim Harvey (1): hwmon: (gsc-hwmon) fix fan pwm setpoint show functions Timur Kristóf (6): drm/amd/display: Don't overwrite dce60_clk_mgr drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 drm/amd/display: Fix DP audio DTO1 clock source on DCE 6. drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs drm/amd/display: Don't overclock DCE 6 by 15% Tomasz Michalec (2): usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present platform/chrome: cros_ec_typec: Defer probe on missing EC parent Trond Myklebust (1): NFS: Fix the setting of capabilities when automounting a new filesystem Tvrtko Ursulin (1): drm/ttm: Respect the shrinker core free target Tzung-Bi Shih (1): platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() Ulf Hansson (1): mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() Uwe Kleine-König (2): pwm: mediatek: Handle hardware enable and clock enable separately pwm: mediatek: Fix duty and period setting ValdikSS (1): igc: fix disabling L1.2 PCI-E link substate on I226 on init Vasiliy Kovalev (1): ALSA: hda/realtek: Fix headset mic on HONOR BRB-X Vedang Nagar (2): media: venus: Fix OOB read due to missing payload bound check media: venus: Add a check for packet size after reading from shared memory Viacheslav Dubeyko (5): hfs: fix general protection fault in hfs_find_init() hfs: fix slab-out-of-bounds in hfs_bnode_read() hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() hfs: fix not erasing deleted b-tree node issue Victor Shih (3): mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency mmc: sdhci-pci-gli: Add a new function to simplify the code mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER Vijendar Mukunda (1): soundwire: amd: serialize amd manager resume sequence during pm_prepare Vincent Guittot (8): sched/topology: Add a new arch_scale_freq_ref() method cpufreq: Use the fixed and coherent frequency for scaling capacity cpufreq/schedutil: Use a fixed reference frequency energy_model: Use a fixed reference frequency cpufreq/cppc: Set the frequency used for computing the capacity arm64/amu: Use capacity_ref_freq() to set AMU ratio topology: Set capacity_freq_ref in all cases sched/fair: Fix frequency selection for non-invariant case Vladimir Zapolskiy (1): media: qcom: camss: cleanup media device allocated resource on error path Waiman Long (2): mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key Wang Liang (1): net: bridge: fix soft lockup in br_multicast_query_expired() Wang Zhaolong (2): smb: client: remove redundant lstrp update in negotiate protocol smb: client: fix netns refcount leak after net_passive changes Wayne Lin (1): drm/amd/display: Avoid trying AUX transactions on disconnected ports Wei Gao (1): ext2: Handle fiemap on empty files to prevent EINVAL Weitao Wang (1): usb: xhci: Fix slot_id resource race conflict Wen Chen (1): drm/amd/display: Fix 'failed to blank crtc!' Will Deacon (4): vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page vsock/virtio: Validate length in packet header before skb_put() vhost/vsock: Avoid allocating arbitrarily-sized SKBs KVM: arm64: Fix kernel BUG() due to bad backport of FPSIMD/SVE/SME fix William Liu (2): net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate Willy Tarreau (1): tools/nolibc: fix spelling of FD_SETBITMASK in FD_* macros Wolfram Sang (3): media: usb: hdpvr: disable zero-length read messages i3c: add missing include to internal header i3c: don't fail if GETHDRCAP is unsupported Xin Long (1): sctp: linearize cloned gso packets in sctp_rcv Xinxin Wan (1): ASoC: codecs: rt5640: Retry DEVICE_ID verification Xinyu Liu (1): usb: core: config: Prevent OOB read in SS endpoint companion parsing Xu Yang (2): net: usb: asix_devices: add phy_mask for ax88772 mdio bus usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test Xu Yilun (1): fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable() Yann E. MORIN (1): kconfig: lxdialog: fix 'space' to (de)select options Ye Bin (1): fs/buffer: fix use-after-free when call bh_read() helper Yonghong Song (1): selftests/bpf: Fix a user_ringbuf failure with arm64 64KB page size Yongzhen Zhang (1): fbdev: fix potential buffer overflow in do_register_framebuffer() Youngjun Lee (1): media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() Youssef Samir (1): bus: mhi: host: Detect events pointing to unexpected TREs Yuan Chen (1): bpftool: Fix JSON writer resource leak in version command Yuezhang Mo (1): exfat: add cluster chain loop check for dir Yuichiro Tsuji (1): net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization Yunhui Cui (1): serial: 8250: fix panic due to PSLVERR Yury Norov [NVIDIA] (1): RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() Zenm Chen (1): USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles Zhang Shurong (1): media: ov2659: Fix memory leaks in ov2659_probe() Zhang Yi (1): ext4: fix hole length calculation overflow in non-extent inodes Zhiqi Song (1): crypto: hisilicon/hpre - fix dma unmap sequence Zhu Qiyu (1): ACPI: PRM: Reduce unnecessary printing to avoid user confusion Zijun Hu (2): char: misc: Fix improper and inaccurate error code returned by misc_init() Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() Ziyan Fu (1): watchdog: iTCO_wdt: Report error if timeout configuration fails Ziyan Xu (1): ksmbd: fix refcount leak causing resource not released chenchangcheng (1): media: uvcvideo: Fix bandwidth issue for Alcor camera fangzhong.zhou (1): i2c: Force DLL0945 touchpad i2c freq to 100khz jackysliu (1): scsi: bfa: Double-free fix tuhaowen (1): PM: sleep: console: Fix the black screen issue zhangjianrong (2): net: thunderbolt: Enable end-to-end flow control also in transmit net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() Álvaro Fernández Rojas (5): net: dsa: b53: fix b53_imp_vlan_setup for BCM5325 net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325 net: dsa: b53: prevent DIS_LEARNING access on BCM5325 net: dsa: b53: prevent SWITCH_CTRL access on BCM5325 net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325

2 weeks, 4 days

1
1
0 0

Linux 6.1.149

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.149 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dpu.yaml | 2 Documentation/devicetree/bindings/display/sprd/sprd,sharkl3-dsi-host.yaml | 2 Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 Documentation/networking/bonding.rst | 12 Documentation/networking/mptcp-sysctl.rst | 2 Makefile | 4 arch/arm/Makefile | 2 arch/arm/mach-rockchip/platsmp.c | 15 arch/arm/mach-tegra/reset.c | 2 arch/arm64/boot/dts/ti/k3-am62-main.dtsi | 1 arch/arm64/include/asm/acpi.h | 2 arch/arm64/kernel/cpufeature.c | 1 arch/arm64/kernel/entry.S | 6 arch/arm64/kernel/fpsimd.c | 4 arch/arm64/kernel/traps.c | 1 arch/arm64/mm/fault.c | 1 arch/arm64/mm/ptdump_debugfs.c | 3 arch/loongarch/net/bpf_jit.c | 21 arch/m68k/kernel/head.S | 31 - arch/mips/crypto/chacha-core.S | 20 arch/mips/include/asm/vpe.h | 8 arch/mips/kernel/process.c | 16 arch/mips/lantiq/falcon/sysctrl.c | 23 - arch/parisc/Makefile | 6 arch/parisc/include/asm/special_insns.h | 28 + arch/parisc/include/asm/uaccess.h | 21 arch/parisc/kernel/entry.S | 17 arch/parisc/kernel/syscall.S | 30 - arch/parisc/lib/memcpy.c | 19 arch/parisc/mm/fault.c | 4 arch/powerpc/include/asm/floppy.h | 5 arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 arch/s390/hypfs/hypfs_dbfs.c | 19 arch/s390/include/asm/timex.h | 13 arch/s390/kernel/time.c | 2 arch/s390/mm/dump_pagetables.c | 2 arch/um/include/asm/thread_info.h | 4 arch/um/kernel/process.c | 20 arch/x86/events/intel/core.c | 2 arch/x86/include/asm/kvm-x86-ops.h | 2 arch/x86/include/asm/kvm_host.h | 24 - arch/x86/include/asm/msr-index.h | 1 arch/x86/include/asm/reboot.h | 5 arch/x86/include/asm/virtext.h | 10 arch/x86/include/asm/xen/hypercall.h | 5 arch/x86/kernel/cpu/bugs.c | 5 arch/x86/kernel/cpu/hygon.c | 3 arch/x86/kernel/cpu/mce/amd.c | 13 arch/x86/kernel/reboot.c | 43 + arch/x86/kvm/hyperv.c | 10 arch/x86/kvm/lapic.c | 61 ++ arch/x86/kvm/lapic.h | 1 arch/x86/kvm/svm/svm.c | 49 +- arch/x86/kvm/svm/vmenter.S | 9 arch/x86/kvm/trace.h | 9 arch/x86/kvm/vmx/nested.c | 26 - arch/x86/kvm/vmx/pmu_intel.c | 8 arch/x86/kvm/vmx/vmx.c | 183 +++++--- arch/x86/kvm/vmx/vmx.h | 31 + arch/x86/kvm/x86.c | 65 +- arch/x86/kvm/x86.h | 12 block/blk-core.c | 26 - block/blk-settings.c | 2 drivers/acpi/acpi_processor.c | 2 drivers/acpi/apei/ghes.c | 2 drivers/acpi/pfr_update.c | 2 drivers/acpi/prmt.c | 26 + drivers/acpi/processor_perflib.c | 11 drivers/ata/Kconfig | 35 + drivers/ata/libata-sata.c | 5 drivers/ata/libata-scsi.c | 20 drivers/base/power/runtime.c | 5 drivers/block/drbd/drbd_receiver.c | 6 drivers/block/sunvdc.c | 4 drivers/bus/mhi/host/boot.c | 8 drivers/bus/mhi/host/internal.h | 4 drivers/bus/mhi/host/main.c | 12 drivers/char/ipmi/ipmi_msghandler.c | 8 drivers/char/ipmi/ipmi_watchdog.c | 59 +- drivers/comedi/comedi_fops.c | 36 + drivers/comedi/comedi_internal.h | 1 drivers/comedi/drivers.c | 36 - drivers/comedi/drivers/pcl726.c | 3 drivers/cpufreq/armada-8k-cpufreq.c | 2 drivers/cpufreq/cppc_cpufreq.c | 2 drivers/cpufreq/cpufreq.c | 8 drivers/crypto/hisilicon/hpre/hpre_crypto.c | 8 drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 16 drivers/crypto/qat/qat_4xxx/adf_4xxx_hw_data.c | 13 drivers/crypto/qat/qat_common/adf_accel_devices.h | 1 drivers/crypto/qat/qat_common/adf_gen4_hw_data.h | 6 drivers/crypto/qat/qat_common/adf_init.c | 3 drivers/devfreq/governor_userspace.c | 6 drivers/dma/stm32-dma.c | 2 drivers/edac/synopsys_edac.c | 97 ++-- drivers/fpga/zynq-fpga.c | 10 drivers/gpio/gpio-mlxbf2.c | 2 drivers/gpio/gpio-tps65912.c | 7 drivers/gpio/gpio-virtio.c | 9 drivers/gpio/gpio-wcd934x.c | 7 drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6 drivers/gpu/drm/amd/amdgpu/mmhub_v3_0_1.c | 57 +- drivers/gpu/drm/amd/amdkfd/kfd_module.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 6 drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1 drivers/gpu/drm/amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 + drivers/gpu/drm/amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 - drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11 drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6 drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 37 - drivers/gpu/drm/display/drm_dp_helper.c | 2 drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4 drivers/gpu/drm/msm/msm_gem.c | 3 drivers/gpu/drm/msm/msm_gem.h | 6 drivers/gpu/drm/scheduler/sched_entity.c | 21 drivers/gpu/drm/ttm/ttm_pool.c | 8 drivers/gpu/drm/ttm/ttm_resource.c | 3 drivers/hid/hid-apple.c | 13 drivers/hid/hid-magicmouse.c | 56 +- drivers/hwmon/emc2305.c | 10 drivers/hwmon/gsc-hwmon.c | 4 drivers/i2c/i2c-core-acpi.c | 1 drivers/i3c/internals.h | 1 drivers/i3c/master.c | 4 drivers/iio/adc/ad7768-1.c | 23 - drivers/iio/adc/ad_sigma_delta.c | 6 drivers/iio/imu/bno055/bno055.c | 11 drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 6 drivers/iio/light/as73211.c | 2 drivers/iio/light/hid-sensor-prox.c | 8 drivers/iio/pressure/bmp280-core.c | 9 drivers/iio/proximity/isl29501.c | 16 drivers/iio/temperature/maxim_thermocouple.c | 26 - drivers/infiniband/core/nldev.c | 22 drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 drivers/infiniband/hw/erdma/erdma_verbs.c | 4 drivers/infiniband/hw/hfi1/affinity.c | 44 + drivers/iommu/amd/init.c | 4 drivers/leds/leds-lp50xx.c | 11 drivers/md/dm-ps-historical-service-time.c | 4 drivers/md/dm-ps-queue-length.c | 4 drivers/md/dm-ps-round-robin.c | 4 drivers/md/dm-ps-service-time.c | 4 drivers/md/dm-table.c | 10 drivers/md/dm-zoned-target.c | 2 drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 drivers/media/dvb-frontends/dib7000p.c | 8 drivers/media/i2c/hi556.c | 26 - drivers/media/i2c/ov2659.c | 3 drivers/media/i2c/tc358743.c | 86 ++- drivers/media/platform/qcom/camss/camss.c | 4 drivers/media/platform/qcom/venus/core.c | 8 drivers/media/platform/qcom/venus/core.h | 2 drivers/media/platform/qcom/venus/helpers.c | 2 drivers/media/platform/qcom/venus/hfi_helper.h | 61 ++ drivers/media/platform/qcom/venus/hfi_msgs.c | 85 ++- drivers/media/platform/qcom/venus/hfi_venus.c | 5 drivers/media/platform/qcom/venus/vdec.c | 13 drivers/media/platform/qcom/venus/vdec_ctrls.c | 2 drivers/media/platform/qcom/venus/venc.c | 9 drivers/media/platform/qcom/venus/venc_ctrls.c | 2 drivers/media/test-drivers/vivid/vivid-ctrls.c | 3 drivers/media/test-drivers/vivid/vivid-vid-cap.c | 4 drivers/media/usb/gspca/vicam.c | 10 drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 drivers/media/usb/usbtv/usbtv-video.c | 4 drivers/media/usb/uvc/uvc_driver.c | 3 drivers/media/usb/uvc/uvc_video.c | 21 drivers/media/v4l2-core/v4l2-common.c | 8 drivers/media/v4l2-core/v4l2-ctrls-core.c | 1 drivers/memstick/core/memstick.c | 1 drivers/memstick/host/rtsx_usb_ms.c | 1 drivers/misc/cardreader/rtsx_usb.c | 16 drivers/misc/mei/bus.c | 6 drivers/mmc/host/rtsx_usb_sdmmc.c | 4 drivers/mmc/host/sdhci-msm.c | 14 drivers/mmc/host/sdhci-pci-gli.c | 33 - drivers/most/core.c | 2 drivers/mtd/nand/raw/fsmc_nand.c | 2 drivers/mtd/nand/raw/renesas-nand-controller.c | 6 drivers/mtd/nand/spi/core.c | 5 drivers/mtd/spi-nor/swp.c | 19 drivers/net/bonding/bond_3ad.c | 224 ++++++++-- drivers/net/bonding/bond_main.c | 1 drivers/net/bonding/bond_netlink.c | 16 drivers/net/bonding/bond_options.c | 29 + drivers/net/dsa/b53/b53_common.c | 65 ++ drivers/net/dsa/b53/b53_regs.h | 2 drivers/net/dummy.c | 1 drivers/net/ethernet/agere/et131x.c | 36 + drivers/net/ethernet/aquantia/atlantic/aq_hw.h | 2 drivers/net/ethernet/aquantia/atlantic/hw_atl2/hw_atl2_utils_fw.c | 39 + drivers/net/ethernet/atheros/ag71xx.c | 9 drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 drivers/net/ethernet/emulex/benet/be_main.c | 8 drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 2 drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 drivers/net/ethernet/freescale/enetc/enetc_pf.c | 14 drivers/net/ethernet/freescale/fec_main.c | 34 - drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 drivers/net/ethernet/google/gve/gve_adminq.c | 1 drivers/net/ethernet/google/gve/gve_main.c | 2 drivers/net/ethernet/intel/igc/igc_main.c | 14 drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 drivers/net/ethernet/mediatek/mtk_ppe_offload.c | 2 drivers/net/ethernet/mediatek/mtk_wed.c | 1 drivers/net/ethernet/mellanox/mlx5/core/en/qos.c | 2 drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 drivers/net/ethernet/pensando/ionic/ionic_lif.c | 7 drivers/net/geneve.c | 1 drivers/net/hyperv/hyperv_net.h | 3 drivers/net/hyperv/netvsc_drv.c | 29 + drivers/net/loopback.c | 1 drivers/net/phy/micrel.c | 2 drivers/net/phy/mscc/mscc.h | 12 drivers/net/phy/mscc/mscc_main.c | 12 drivers/net/phy/mscc/mscc_ptp.c | 49 +- drivers/net/phy/smsc.c | 1 drivers/net/ppp/ppp_generic.c | 17 drivers/net/thunderbolt.c | 21 drivers/net/usb/asix_devices.c | 1 drivers/net/usb/cdc_ncm.c | 20 drivers/net/veth.c | 1 drivers/net/vxlan/vxlan_core.c | 1 drivers/net/wireless/ath/ath11k/ce.c | 3 drivers/net/wireless/ath/ath11k/dp_rx.c | 3 drivers/net/wireless/ath/ath11k/hal.c | 33 + drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 drivers/net/wireless/realtek/rtlwifi/pci.c | 23 - drivers/net/wireless/realtek/rtw89/core.c | 3 drivers/net/wireless/realtek/rtw89/fw.c | 9 drivers/net/wireless/realtek/rtw89/fw.h | 2 drivers/net/wireless/realtek/rtw89/mac.c | 19 drivers/net/wireless/realtek/rtw89/reg.h | 1 drivers/net/xen-netfront.c | 5 drivers/pci/controller/pcie-rockchip-host.c | 49 +- drivers/pci/controller/pcie-rockchip.h | 11 drivers/pci/endpoint/pci-ep-cfs.c | 1 drivers/pci/endpoint/pci-epf-core.c | 2 drivers/pci/pci-acpi.c | 4 drivers/pci/pci.c | 8 drivers/pci/probe.c | 2 drivers/pinctrl/stm32/pinctrl-stm32.c | 1 drivers/platform/chrome/cros_ec.c | 19 drivers/platform/chrome/cros_ec_typec.c | 4 drivers/platform/x86/thinkpad_acpi.c | 4 drivers/pps/clients/pps-gpio.c | 5 drivers/ptp/ptp_clock.c | 2 drivers/pwm/pwm-imx-tpm.c | 9 drivers/pwm/pwm-mediatek.c | 71 +-- drivers/remoteproc/imx_rproc.c | 4 drivers/reset/Kconfig | 10 drivers/rtc/rtc-ds1307.c | 15 drivers/s390/char/sclp.c | 11 drivers/scsi/aacraid/comminit.c | 3 drivers/scsi/bfa/bfad_im.c | 1 drivers/scsi/libiscsi.c | 3 drivers/scsi/lpfc/lpfc_debugfs.c | 1 drivers/scsi/lpfc/lpfc_scsi.c | 4 drivers/scsi/mpi3mr/mpi3mr.h | 6 drivers/scsi/mpi3mr/mpi3mr_fw.c | 17 drivers/scsi/mpi3mr/mpi3mr_os.c | 22 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19 drivers/scsi/qla4xxx/ql4_os.c | 2 drivers/scsi/scsi_scan.c | 2 drivers/scsi/scsi_transport_sas.c | 60 ++ drivers/soc/qcom/mdt_loader.c | 68 ++- drivers/soc/tegra/pmc.c | 51 +- drivers/staging/media/imx/imx-media-csc-scaler.c | 2 drivers/target/target_core_fabric_lib.c | 63 ++ drivers/target/target_core_internal.h | 4 drivers/target/target_core_pr.c | 18 drivers/thermal/qcom/qcom-spmi-temp-alarm.c | 43 + drivers/thermal/thermal_sysfs.c | 9 drivers/thunderbolt/domain.c | 2 drivers/tty/serial/8250/8250_port.c | 3 drivers/tty/vt/defkeymap.c_shipped | 112 +++++ drivers/tty/vt/keyboard.c | 2 drivers/ufs/host/ufs-exynos.c | 4 drivers/ufs/host/ufshcd-pci.c | 42 + drivers/usb/atm/cxacru.c | 106 ++-- drivers/usb/class/cdc-acm.c | 11 drivers/usb/core/config.c | 10 drivers/usb/core/hcd.c | 8 drivers/usb/core/quirks.c | 1 drivers/usb/core/urb.c | 2 drivers/usb/dwc3/dwc3-imx8mp.c | 6 drivers/usb/dwc3/dwc3-meson-g12a.c | 3 drivers/usb/dwc3/ep0.c | 20 drivers/usb/dwc3/gadget.c | 19 drivers/usb/gadget/udc/renesas_usb3.c | 1 drivers/usb/host/xhci-mem.c | 2 drivers/usb/host/xhci-pci-renesas.c | 7 drivers/usb/host/xhci-ring.c | 10 drivers/usb/host/xhci.c | 6 drivers/usb/musb/omap2430.c | 20 drivers/usb/storage/realtek_cr.c | 2 drivers/usb/storage/unusual_devs.h | 29 + drivers/usb/typec/mux/intel_pmc_mux.c | 2 drivers/usb/typec/tcpm/fusb302.c | 8 drivers/usb/typec/ucsi/psy.c | 2 drivers/usb/typec/ucsi/ucsi.c | 1 drivers/usb/typec/ucsi/ucsi.h | 7 drivers/vfio/pci/mlx5/cmd.c | 4 drivers/vfio/vfio_iommu_type1.c | 7 drivers/vhost/vhost.c | 3 drivers/vhost/vsock.c | 6 drivers/video/console/vgacon.c | 2 drivers/video/fbdev/core/fbcon.c | 9 drivers/video/fbdev/core/fbmem.c | 3 drivers/virt/coco/efi_secret/efi_secret.c | 10 drivers/watchdog/dw_wdt.c | 2 drivers/watchdog/iTCO_wdt.c | 6 drivers/watchdog/sbsa_gwdt.c | 50 ++ fs/btrfs/block-group.c | 27 + fs/btrfs/ctree.c | 9 fs/btrfs/ordered-data.c | 12 fs/btrfs/qgroup.c | 31 + fs/btrfs/relocation.c | 19 fs/btrfs/send.c | 39 + fs/btrfs/tree-log.c | 60 +- fs/btrfs/zoned.c | 3 fs/buffer.c | 2 fs/crypto/fscrypt_private.h | 17 fs/crypto/hkdf.c | 2 fs/crypto/keysetup.c | 3 fs/crypto/keysetup_v1.c | 3 fs/eventpoll.c | 60 ++ fs/ext2/inode.c | 12 fs/ext4/fsmap.c | 23 - fs/ext4/indirect.c | 4 fs/ext4/inline.c | 19 fs/ext4/inode.c | 2 fs/ext4/mballoc.c | 67 +- fs/ext4/orphan.c | 5 fs/ext4/super.c | 8 fs/f2fs/data.c | 2 fs/f2fs/f2fs.h | 1 fs/f2fs/inode.c | 7 fs/f2fs/node.c | 10 fs/file.c | 90 +--- fs/hfs/bnode.c | 93 ++++ fs/hfsplus/bnode.c | 92 ++++ fs/hfsplus/unicode.c | 7 fs/hfsplus/xattr.c | 6 fs/hugetlbfs/inode.c | 2 fs/jbd2/checkpoint.c | 1 fs/jfs/file.c | 3 fs/jfs/inode.c | 2 fs/jfs/jfs_dmap.c | 6 fs/libfs.c | 4 fs/namespace.c | 34 - fs/nfs/blocklayout/blocklayout.c | 4 fs/nfs/blocklayout/dev.c | 5 fs/nfs/blocklayout/extent_tree.c | 20 fs/nfs/client.c | 44 + fs/nfs/internal.h | 2 fs/nfs/nfs4client.c | 20 fs/nfs/nfs4proc.c | 2 fs/nfs/pnfs.c | 11 fs/nfsd/nfs4state.c | 34 + fs/ntfs3/dir.c | 3 fs/ntfs3/inode.c | 31 - fs/orangefs/orangefs-debugfs.c | 2 fs/smb/client/cifssmb.c | 10 fs/smb/client/connect.c | 1 fs/smb/client/sess.c | 9 fs/smb/client/smb2ops.c | 11 fs/smb/server/connection.c | 3 fs/smb/server/connection.h | 7 fs/smb/server/smb2pdu.c | 16 fs/smb/server/transport_rdma.c | 5 fs/smb/server/transport_rdma.h | 4 fs/smb/server/transport_tcp.c | 26 + fs/squashfs/super.c | 14 fs/udf/super.c | 13 fs/xfs/xfs_itable.c | 6 include/linux/blk_types.h | 6 include/linux/compiler.h | 8 include/linux/fs.h | 4 include/linux/hypervisor.h | 3 include/linux/if_vlan.h | 6 include/linux/iosys-map.h | 7 include/linux/memfd.h | 14 include/linux/mm.h | 82 ++- include/linux/pci.h | 10 include/linux/platform_data/cros_ec_proto.h | 4 include/linux/skbuff.h | 8 include/linux/usb/cdc_ncm.h | 1 include/linux/virtio_vsock.h | 7 include/net/bond_3ad.h | 3 include/net/bond_options.h | 1 include/net/bonding.h | 23 + include/net/cfg80211.h | 2 include/net/mac80211.h | 2 include/net/neighbour.h | 1 include/sound/soc-dai.h | 13 include/uapi/linux/if_link.h | 1 include/uapi/linux/in6.h | 4 include/uapi/linux/io_uring.h | 2 include/uapi/linux/pfrut.h | 1 kernel/cgroup/cpuset.c | 2 kernel/fork.c | 2 kernel/module/main.c | 10 kernel/power/console.c | 7 kernel/rcu/tree_plugin.h | 3 kernel/sched/fair.c | 19 kernel/trace/ftrace.c | 19 kernel/trace/trace.c | 33 - kernel/trace/trace.h | 8 mm/debug_vm_pgtable.c | 9 mm/filemap.c | 2 mm/kmemleak.c | 10 mm/madvise.c | 2 mm/memfd.c | 2 mm/memory-failure.c | 8 mm/mmap.c | 12 mm/ptdump.c | 2 mm/shmem.c | 2 net/bluetooth/hci_conn.c | 3 net/bluetooth/hci_sync.c | 43 + net/bridge/br_multicast.c | 16 net/bridge/br_private.h | 2 net/core/dev.c | 12 net/core/neighbour.c | 12 net/hsr/hsr_slave.c | 8 net/ipv4/ip_tunnel.c | 1 net/ipv4/netfilter/nf_reject_ipv4.c | 6 net/ipv4/route.c | 1 net/ipv4/udp_offload.c | 2 net/ipv6/addrconf.c | 7 net/ipv6/ip6_gre.c | 2 net/ipv6/ip6_tunnel.c | 1 net/ipv6/ip6_vti.c | 1 net/ipv6/mcast.c | 11 net/ipv6/netfilter/nf_reject_ipv6.c | 5 net/ipv6/seg6_hmac.c | 6 net/ipv6/sit.c | 1 net/mac80211/cfg.c | 12 net/mac80211/chan.c | 1 net/mac80211/mlme.c | 9 net/mac80211/sta_info.c | 5 net/mctp/af_mctp.c | 26 + net/mptcp/options.c | 9 net/mptcp/pm.c | 8 net/mptcp/pm_netlink.c | 19 net/mptcp/protocol.c | 55 ++ net/mptcp/protocol.h | 27 - net/mptcp/subflow.c | 30 - net/ncsi/internal.h | 2 net/ncsi/ncsi-rsp.c | 1 net/netfilter/nf_conntrack_netlink.c | 24 - net/netlink/af_netlink.c | 2 net/sched/sch_cake.c | 14 net/sched/sch_ets.c | 36 - net/sched/sch_htb.c | 2 net/tls/tls_sw.c | 16 net/vmw_vsock/virtio_transport.c | 14 net/wireless/mlme.c | 3 scripts/kconfig/gconf.c | 8 scripts/kconfig/lxdialog/inputbox.c | 6 scripts/kconfig/lxdialog/menubox.c | 2 scripts/kconfig/nconf.c | 2 scripts/kconfig/nconf.gui.c | 1 security/apparmor/include/lib.h | 6 security/inode.c | 2 sound/core/pcm_native.c | 19 sound/pci/hda/hda_codec.c | 42 - sound/pci/hda/patch_ca0132.c | 2 sound/pci/hda/patch_realtek.c | 4 sound/pci/intel8x0.c | 2 sound/soc/codecs/hdac_hdmi.c | 10 sound/soc/codecs/rt5640.c | 5 sound/soc/fsl/fsl_asrc.c | 16 sound/soc/fsl/fsl_aud2htx.c | 10 sound/soc/fsl/fsl_easrc.c | 16 sound/soc/fsl/fsl_esai.c | 20 sound/soc/fsl/fsl_micfil.c | 14 sound/soc/fsl/fsl_sai.c | 44 - sound/soc/fsl/fsl_spdif.c | 17 sound/soc/fsl/fsl_ssi.c | 3 sound/soc/fsl/fsl_xcvr.c | 16 sound/soc/generic/audio-graph-card.c | 2 sound/soc/intel/avs/core.c | 3 sound/soc/soc-core.c | 28 + sound/soc/soc-dai.c | 43 + sound/soc/soc-dapm.c | 4 sound/usb/mixer_quirks.c | 14 sound/usb/stream.c | 25 - sound/usb/validate.c | 14 tools/include/nolibc/std.h | 4 tools/include/nolibc/types.h | 4 tools/include/uapi/linux/if_link.h | 1 tools/power/cpupower/utils/idle_monitor/mperf_monitor.c | 4 tools/scripts/Makefile.include | 4 tools/testing/ktest/ktest.pl | 5 tools/testing/selftests/arm64/fp/sve-ptrace.c | 3 tools/testing/selftests/bpf/prog_tests/user_ringbuf.c | 10 tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc | 2 tools/testing/selftests/futex/include/futextest.h | 11 tools/testing/selftests/memfd/memfd_test.c | 43 + tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 511 files changed, 4940 insertions(+), 1988 deletions(-) Aahil Awatramani (1): bonding: Add independent control state machine Aaron Kling (1): ARM: tegra: Use I/O memcpy to write to IRAM Aaron Plattner (1): watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition Ada Couprie Diaz (1): arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() Aditya Garg (2): HID: magicmouse: avoid setting up battery timer when not needed HID: apple: avoid setting up battery timer for devices without battery Adrian Hunter (1): scsi: ufs: ufs-pci: Fix default runtime and system PM levels Al Viro (5): better lockdep annotations for simple_recursive_removal() fix locking in efi_secret_unlink() securityfs: don't pin dentries twice, once is enough... use uniform permission checks for all mount propagation changes alloc_fdtable(): change calling conventions. Alex Deucher (1): drm/amdgpu: update mmhub 3.0.1 client id mappings Alex Guo (2): media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar Alexander Kochetkov (1): ARM: rockchip: fix kernel hang during smp initialization Alexander Wilhelm (1): bus: mhi: host: Fix endianness of BHI vector table Alok Tiwari (4): ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 be2net: Use correct byte order and format string for TCP seq and ack_seq net: thunderx: Fix format-truncation warning in bgx_acpi_match_id() gve: Return error for unknown admin queue command Amber Lin (1): drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Amelie Delaunay (1): dmaengine: stm32-dma: configure next sg only if there are more than 2 sgs Amir Mohammad Jahangirzad (1): fs/orangefs: use snprintf() instead of sprintf() Anantha Prabhu (1): RDMA/bnxt_re: Fix to initialize the PBL array Andreas Dilger (1): ext4: check fast symlink for ea_inode correctly André Draszik (1): scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE Andy Shevchenko (1): Documentation: ACPI: Fix parent device references Anshuman Khandual (1): mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Anthoine Bourgeois (1): xen/netfront: Fix TX response spurious interrupts Archana Patni (1): scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers Arnaud Lecomte (1): jfs: upper bound check of tree index in dbAllocAG Arnd Bergmann (1): RDMA/core: reduce stack using in nldev_stat_get_doit() Artem Sadovnikov (1): vfio/mlx5: fix possible overflow in tracking max message size Avraham Stern (1): wifi: iwlwifi: mvm: fix scan request validation Baihan Li (1): drm/hisilicon/hibmc: fix the hibmc loaded failed bug Baokun Li (4): ext4: fix zombie groups in average fragment size lists ext4: fix largest free orders lists corruption on mb_optimize_scan switch jbd2: prevent softlockup in jbd2_log_do_checkpoint() ext4: preserve SB_I_VERSION on remount Bartosz Golaszewski (2): gpio: wcd934x: check the return value of regmap_update_bits() gpio: tps65912: check the return value of regmap_update_bits() Benjamin Berg (1): wifi: mac80211: avoid lockdep checking when removing deflink Benjamin Marzinski (1): dm-table: fix checking for rq stackable devices Benson Leung (1): usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default Bharat Bhushan (1): crypto: octeontx2 - add timeout for load_fvc completion poll Bingbu Cao (1): media: hi556: correct the test pattern configuration Bitterblue Smith (3): wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB wifi: rtw89: Fix rtw89_mac_power_switch() for USB wifi: rtw89: Disable deep power saving for USB/SDIO Bjorn Andersson (1): soc: qcom: mdt_loader: Ensure we don't read past the ELF header Bjorn Helgaas (1): mmc: sdhci-pci-gli: Use PCI AER definitions, not hard-coded values Boshi Yu (1): RDMA/erdma: Fix ignored return value of init_kernel_qp Breno Leitao (5): ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path arm64: Mark kernel as tainted on SAE and SError panic ptp: Use ratelimite for freerun error message ipmi: Use dev_warn_ratelimited() for incorrect message warnings mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock Buday Csaba (1): net: phy: smsc: add proper reset flags for LAN8710A Cezary Rojewski (1): ASoC: Intel: avs: Fix uninitialized pointer error in probe() Chao Gao (2): KVM: nVMX: Defer SVI update to vmcs01 on EOI when L2 is active w/o VID KVM: VMX: Flush shadow VMCS on emergency reboot Chao Yu (3): f2fs: fix to do sanity check on ino and xnid f2fs: fix to call clear_page_private_reference in .{release,invalid}_folio f2fs: fix to avoid out-of-boundary access in dnode page Cheick Traore (1): pinctrl: stm32: Manage irq affinity settings Chen Yu (1): ACPI: pfr_update: Fix the driver update version check Chen-Yu Tsai (1): platform/chrome: cros_ec: Use per-device lockdep key Chenyuan Yang (1): drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() Chris Mason (1): sched/fair: Bump sd->max_newidle_lb_cost when newidle balance fails Christoph Hellwig (2): block: reject invalid operation in submit_bio_noacct xfs: fully decouple XFS_IBULK* flags from XFS_IWALK* flags Christoph Paasch (1): mptcp: drop skb if MPTCP skb extension allocation fails Christophe Leroy (1): ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop Christopher Eby (1): ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks Corey Minyard (1): ipmi: Fix strcpy source and destination the same Cristian Ciocaltea (1): ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros Cynthia Huang (1): selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t Dai Ngo (1): NFSD: detect mismatch of file handle and delegation stateid in OPEN op Damien Le Moal (8): ata: libata-sata: Disallow changing LPM state if not supported scsi: mpt3sas: Correctly handle ATA device errors scsi: mpi3mr: Correctly handle ATA device errors ata: libata-scsi: Fix ata_to_sense_error() status handling PCI: endpoint: Fix configfs group list head handling PCI: endpoint: Fix configfs group removal on driver teardown block: Make REQ_OP_ZONE_FINISH a write operation ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig Dan Carpenter (4): cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() media: gspca: Add bounds checking to firmware parser scsi: qla4xxx: Prevent a potential error pointer dereference ALSA: usb-audio: Fix size validation in convert_chmap_v3() Dave Stevenson (3): media: tc358743: Check I2C succeeded during probe media: tc358743: Return an appropriate colorspace from tc358743_set_fmt media: tc358743: Increase FIFO trigger level to 374 David Collins (1): thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required David Lechner (5): iio: adc: ad_sigma_delta: don't overallocate scan buffer iio: imu: bno055: fix OOB access of hw_xlate array iio: adc: ad_sigma_delta: change to buffer predisable iio: proximity: isl29501: fix buffered read on big-endian systems iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read() David Thompson (1): gpio: mlxbf2: use platform_get_irq_optional() Davide Caratti (1): net/sched: ets: use old 'nbands' while purging unused classes Edward Adam Davis (2): jfs: Regular file corruption check comedi: pcl726: Prevent invalid irq number Eliav Farber (1): pps: clients: gpio: fix interrupt handling order in remove path Emily Deng (1): drm/ttm: Should to return the evict error Eric Biggers (4): thunderbolt: Fix copy+paste error in match_service_id() lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap ipv6: sr: Fix MAC comparison to be constant-time fscrypt: Don't use problematic non-inline crypto engines Eric Dumazet (2): net: add netdev_lockdep_set_classes() to virtual drivers net_sched: sch_ets: implement lockless ets_dump() Eric Work (1): net: atlantic: add set_power to fw_ops for atl2 to fix wol Evgeniy Harchenko (1): ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 Fedor Pchelkin (1): netlink: avoid infinite retry looping in netlink_unicast() Filipe Manana (6): btrfs: abort transaction during log replay if walk_log_tree() failed btrfs: fix log tree replay failure due to file with 0 links and extents btrfs: fix qgroup reservation leak on failure to allocate ordered extent btrfs: qgroup: fix race between quota disable and quota rescan ioctl btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() btrfs: send: use fallocate for hole punching with send stream v2 Finn Thain (1): m68k: Fix lost column on framebuffer debug console Florian Larysch (1): net: phy: micrel: fix KSZ8081/KSZ8091 cable test Florian Westphal (2): netfilter: ctnetlink: fix refcount leak on table dump netfilter: nf_reject: don't leak dst refcount for loopback packets Florin Leotescu (1): hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state Gabor Juhos (1): mtd: spinand: propagate spinand_wait() errors from spinand_write_page() Gal Pressman (1): net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs Gang Ba (1): drm/amdgpu: Avoid extra evict-restore process. Gautham R. Shenoy (1): pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() Geliang Tang (1): mptcp: disable add_addr retransmission when timeout is 0 Geraldo Nascimento (2): PCI: rockchip: Use standard PCIe definitions PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining Giovanni Cabiddu (1): crypto: qat - fix ring to service map for QAT GEN4 Gokul krishna Krishnakumar (1): soc: qcom: mdt_loader: Enhance split binary detection Greg Kroah-Hartman (1): Linux 6.1.149 Gui-Dong Han (1): media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() Haiyang Zhang (1): hv_netvsc: Fix panic during namespace deletion with VF Hangbin Liu (2): bonding: update LACP activity flag after setting lacp_active bonding: send LACPDUs periodically in passive mode after receiving partner's LACPDU Hans Verkuil (1): media: vivid: fix wrong pixel_array control size Hans de Goede (1): mei: bus: Check for still connected devices in mei_cl_bus_dev_release() Haoran Jiang (1): LoongArch: BPF: Fix jump offset calculation in tailcall Haoxiang Li (1): media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() Harald Mommer (1): gpio: virtio: Fix config space reading. Hari Kalavakunta (1): net: ncsi: Fix buffer overflow in fetching version id Heiner Kallweit (1): dpaa_eth: don't use fixed_phy_change_carrier Helge Deller (1): Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" Herton R. Krzesinski (1): mm/debug_vm_pgtable: clear page table entries at destroy_args() Hiago De Franco (1): remoteproc: imx_rproc: skip clock enable when M-core is managed by the SCU Horatiu Vultur (1): phy: mscc: Fix timestamping for vsc8584 Hsin-Te Yuan (1): thermal: sysfs: Return ENODATA instead of EAGAIN for reads Huacai Chen (1): PCI: Extend isolated function probing to LoongArch Ian Abbott (3): comedi: fix race between polling and detaching comedi: Make insn_rw_emulate_bits() do insn->n samples comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() Ido Schimmel (1): mlxsw: spectrum: Forward packets with an IPv4 link-local source IP Ilan Peer (1): wifi: cfg80211: Fix interface type validation Ilya Bakoulin (1): drm/amd/display: Separate set_gsl from set_gsl_source_select Imre Deak (1): drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS Jack Xiao (1): drm/amdgpu: fix incorrect vm flags to map bo Jakub Acs (1): net, hsr: reject HSR frame if skb can't hold tag Jakub Kicinski (2): uapi: in6: restore visibility of most IPv6 socket options tls: fix handling of zero-length records on the rx_list Jakub Ramaseuski (1): net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM Jan Beulich (1): compiler: remove __ADDRESSABLE_ASM{_STR,}() again Jan Kara (1): udf: Verify partition map count Jann Horn (1): eventpoll: Fix semi-unbounded recursion Jason Wang (1): vhost: fail early when __vhost_add_used() fails Jason Xing (1): ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc Jay Chen (1): usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command Jean-Baptiste Maneyrol (1): iio: imu: inv_icm42600: change invalid data error to -EBUSY Jeff Layton (1): nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Jiasheng Jiang (1): scsi: lpfc: Remove redundant assignment to avoid memory leak Jiayi Li (2): ACPI: processor: perflib: Fix initial _PPC limit application memstick: Fix deadlock by moving removing flag earlier Jinjiang Tu (1): mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn Johan Adolfsson (1): leds: leds-lp50xx: Handle reg to get correct multi_index Johan Hovold (11): net: gianfar: fix device leak when querying time stamp info net: mtk_eth_soc: fix device leak at probe net: dpaa: fix device leak when querying time stamp info usb: gadget: udc: renesas_usb3: fix device leak at unbind usb: dwc3: meson-g12a: fix device leaks at unbind wifi: ath11k: fix dest ring-buffer corruption wifi: ath11k: fix source ring-buffer corruption wifi: ath11k: fix dest ring-buffer corruption when ring is full net: enetc: fix device and OF node leak at probe usb: musb: omap2430: fix device leak at unbind usb: dwc3: imx8mp: fix device leak at unbind Johannes Berg (2): wifi: cfg80211: reject HTC bit for management frames wifi: mac80211: don't complete management TX on SAE commit Johannes Thumshirn (1): btrfs: zoned: use filesystem size not disk size for reclaim decision John David Anglin (5): parisc: Check region is readable by user in raw_copy_from_user() parisc: Revise __get_user() to probe user read access parisc: Revise gateway LWS calls to probe user read access parisc: Try to fixup kernel exception in bad_area_nosemaphore path of do_page_fault() parisc: Update comments in make_insert_tlb John Garry (2): scsi: aacraid: Stop using PCI_IRQ_AFFINITY block: avoid possible overflow for chunk_sectors check in blk_stack_limits() Jon Hunter (1): soc/tegra: pmc: Ensure power-domains are in a known state Jonas Rebmann (1): net: fec: allow disable coalescing Jonathan Cameron (1): iio: light: as73211: Ensure buffer holes are zeroed Jonathan Santos (1): iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement Jordan Rhee (1): gve: prevent ethtool ops after shutdown Jorge Marques (1): i3c: master: Initialize ret in i3c_i2c_notifier_call() Jorge Ramirez-Ortiz (2): media: venus: hfi: explicitly release IRQ during teardown media: venus: protect against spurious interrupts during probe Judith Mendez (1): arm64: dts: ti: k3-am62-main: Remove eMMC High Speed DDR support Justin Tee (1): scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure Kan Liang (1): perf/x86/intel: Fix crash in icl_update_topdown_event() Kees Cook (3): arm64: Handle KCOV __init vs inline mismatches platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches iommu/amd: Avoid stack buffer overflow from kernel cmdline Keith Busch (1): vfio/type1: conditional rescheduling while pinning Konrad Dybcio (1): media: venus: Introduce accessors for remapped hfi_buffer_reqs members Krzysztof Kozlowski (2): dt-bindings: display: sprd,sharkl3-dpu: Fix missing clocks constraints dt-bindings: display: sprd,sharkl3-dsi-host: Fix missing clocks constraints Kuen-Han Tsai (1): usb: dwc3: Ignore late xferNotReady event to prevent halt timeout Kuninori Morimoto (4): ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed ASoC: soc-dai.c: add missing flag check at snd_soc_pcm_dai_probe() ASoC: soc-dai.h: merge DAI call back functions into ops ASoC: fsl: merge DAI call back functions into ops Kuniyuki Iwashima (1): ipv6: mcast: Check inet6_dev->dead under idev->mc_lock in __ipv6_dev_mc_inc(). Laurentiu Mihalcea (1): pwm: imx-tpm: Reset counter if CMOD is 0 Leon Romanovsky (1): net/mlx5e: Properly access RCU protected qdisc_sleeping variable Liao Yuanhong (1): ext4: use kmalloc_array() for array space allocation Lifeng Zheng (2): cpufreq: Exit governor when failed to start old governor PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() Lin.Cao (1): drm/sched: Remove optimization that causes hang when killing dependent jobs Lizhi Xu (2): fs/ntfs3: Add sanity check for file name jfs: truncate good inode pages when hard link is 0 Lorenzo Stoakes (4): mm: drop the assumption that VM_SHARED always implies writable mm: update memfd seal write check to include F_SEAL_WRITE mm: reinstate ability to map write-sealed memfd mappings read-only selftests/memfd: add test for mapping write-sealed memfd read-only Lucy Thrun (1): ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control Ludwig Disterhof (1): media: usbtv: Lock resolution while streaming Lukas Wunner (1): PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports Ma Ke (1): sunvdc: Balance device refcount in vdc_port_mpgroup_check Mael GUERIN (1): USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera Marek Szyprowski (1): zynq_fpga: use sgtable-based scatterlist wrappers Marek Vasut (1): usb: renesas-xhci: Fix External ROM access timeouts Mario Limonciello (6): usb: xhci: Avoid showing warnings for dying controller usb: xhci: Avoid showing errors during surprise removal drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual drm/amd/display: Only finalize atomic_obj if it was initialized drm/amd: Restore cached power limit during resume drm/amd/display: Avoid a NULL pointer dereference Mark Brown (2): ASoC: hdac_hdmi: Rate limit logging on connection and disconnection kselftest/arm64: Specify SVE data when testing VL set in sve-ptrace Masahiro Yamada (2): kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed() kconfig: gconf: fix potential memory leak in renderer_edited() Masami Hiramatsu (Google) (1): selftests: tracing: Use mutex_unlock for testing glob filter Mateusz Guzik (1): apparmor: use the condition in AA_BUG_FMT even with debug disabled Matt Johnston (1): net: mctp: Prevent duplicate binds Matthieu Baerts (NGI0) (2): mptcp: pm: kernel: flush: do not reset ADD_ADDR limit selftests: mptcp: pm: check flush doesn't reset limits Maurizio Lombardi (1): scsi: target: core: Generate correct identifiers for PR OUT transport IDs Maxim Levitsky (3): KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest Meagan Lloyd (2): rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe Miao Li (1): usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive Miaoqian Lin (1): most: core: Drop device reference after usage in get_channel() Michael Walle (1): mtd: spi-nor: Fix spi_nor_try_unlock_all() Mikhail Lobanov (1): wifi: mac80211: check basic rates validity in sta_link_apply_parameters Mikulas Patocka (1): dm-mpath: don't print the "loaded" message if registering fails Mina Almasry (1): netmem: fix skb_frag_address_safe with unreadable skbs Minhong He (1): ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add Myrrh Periwinkle (3): usb: typec: ucsi: Update power_supply on power role change vt: keyboard: Don't process Unicode characters in K_OFF mode vt: defkeymap: Map keycodes above 127 to K_HOLE Namjae Jeon (1): ksmbd: extend the connection limiting mechanism to support IPv6 Naohiro Aota (1): btrfs: zoned: do not remove unwritten non-data block group Nathan Chancellor (3): usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS NeilBrown (1): smb/server: avoid deadlock when linking with ReplaceIfExists Nianyao Tang (1): arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 register Nicolas Escande (1): neighbour: add support for NUD_PERMANENT proxy entries Niklas Söderlund (1): media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control Nitin Gote (1): iosys-map: Fix undefined behavior in iosys_map_clear() Ojaswin Mujoo (2): ext4: fix fsmap end of range reporting with bigalloc ext4: fix reserved gdt blocks handling in fsmap Oliver Neukum (3): usb: core: usb_submit_urb: downgrade type check net: usb: cdc-ncm: check for filtering capability cdc-acm: fix race between initial clearing halt and open Oscar Maes (1): net: ipv4: fix incorrect MTU in broadcast routes Pagadala Yesu Anjaneyulu (1): wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect Pali Rohár (1): cifs: Fix calling CIFSFindFirst() for root path without msearch Paolo Abeni (3): mptcp: make fallback action and fallback decision atomic mptcp: plug races between subflow fail and subflow creation mptcp: reset fallback status gracefully at disconnect() time Paul E. McKenney (1): rcu: Protect ->defer_qs_iw_pending from data race Pavel Begunkov (1): io_uring: don't use int for ABI Pawan Gupta (1): x86/bugs: Avoid warning when overriding return thunk Peter Oberparleiter (3): s390/sclp: Fix SCCB present check s390/hypfs: Avoid unnecessary ioctl registration in debugfs s390/hypfs: Enable limited access during lockdown Peter Robinson (1): reset: brcmstb: Enable reset drivers for ARCH_BCM2835 Peter Ujfalusi (1): ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() Petr Pavlu (1): module: Prevent silent truncation of module name in delete_module(2) Phillip Lougher (1): squashfs: fix memory leak in squashfs_fill_super Prashant Malani (1): cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag Pu Lehui (1): tracing: Limit access to parser->buffer when trace_get_user failed Purva Yeshi (1): md: dm-zoned-target: Initialize return variable r to avoid uninitialized use Qingfang Deng (2): net: ethernet: mtk_ppe: add RCU lock around dev_fill_forward_path ppp: fix race conditions in ppp_fill_forward_path Qu Wenruo (2): btrfs: do not allow relocation of partially dropped subvolumes btrfs: populate otime when logging an inode item Rafael J. Wysocki (2): ACPI: processor: perflib: Move problematic pr->performance check PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() Ramya Gnanasekar (1): wifi: mac80211: update radar_required in channel context after channel switch Rand Deeb (1): wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() Randy Dunlap (2): parisc: Makefile: fix a typo in palo.conf parisc: Makefile: explain that 64BIT requires both 32-bit and 64-bit compilers Ranjan Kumar (4): scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans scsi: mpi3mr: Fix race between config read submit and interrupt completion scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems Ricardo Ribalda (3): media: uvcvideo: Do not mark valid metadata as invalid media: venus: vdec: Clamp param smaller than 1fps and bigger than 240. media: venus: venc: Clamp param smaller than 1fps and bigger than 240 Ricky Wu (1): misc: rtsx: usb: Ensure mmc child device is active when card is present Rob Clark (1): drm/msm: use trylock for debugfs Rong Zhang (1): fs/ntfs3: correctly create symlink for relative path Sabrina Dubroca (2): udp: also consider secpath when evaluating ipsec use for checksumming tls: separate no-async decryption request handling from async Sakari Ailus (1): media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() Salah Triki (1): iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() Sarah Newman (1): drbd: add missing kref_get in handle_write_conflicts Sarthak Garg (1): mmc: sdhci-msm: Ensure SD card power isn't ON when card removed Sasha Levin (1): fs: Prevent file descriptor table allocations exceeding INT_MAX Sean Christopherson (19): KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() KVM: x86: Snapshot the host's DEBUGCTL in common x86 KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs KVM: x86/pmu: Gate all "unimplemented MSR" prints on report_ignored_msrs KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits KVM: VMX: Handle forced exit due to preemption timer in fastpath KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 KVM: x86: Fully defer to vendor code to decide how to force immediate exit KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported KVM: VMX: Extract checking of guest's DEBUGCTL into helper KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer x86/reboot: Harden virtualization hooks for emergency reboot x86/reboot: KVM: Handle VMXOFF in KVM's reboot callback Sebastian Ott (1): ACPI: processor: fix acpi_object initialization Sebastian Reichel (2): watchdog: dw_wdt: Fix default timeout usb: typec: fusb302: cache PD RX state Selvarasu Ganesan (1): usb: dwc3: Remove WARN_ON for device endpoint command timeouts Sergey Bashirov (4): pNFS: Fix stripe mapping in block/scsi layout pNFS: Fix disk addr range check in block/scsi layout pNFS: Handle RPC size limit for layoutcommits pNFS: Fix uninited ptr deref in block/scsi layout Sergey Shtylyov (1): Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() Shankari Anand (1): kconfig: nconf: Ensure null termination where strncpy is used Shannon Nelson (1): ionic: clean dbpage in de-init Shengjiu Wang (1): ASoC: fsl_sai: replace regmap_write with regmap_update_bits Shiji Yang (2): MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free} MIPS: lantiq: falcon: sysctrl: fix request memory check logic Showrya M N (1): scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated Shubhrajyoti Datta (1): EDAC/synopsys: Clear the ECC counters on init Shyam Prasad N (1): cifs: reset iface weights when we cannot find a candidate Sravan Kumar Gundu (1): fbdev: Fix vmalloc out-of-bounds write in fast_imageblit Stanislaw Gruszka (1): wifi: iwlegacy: Check rate_idx range after addition Stefan Metzmacher (1): smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy() Steve French (1): smb3: fix for slab out of bounds on mount to ksmbd Steven Rostedt (3): ktest.pl: Prevent recursion of default variable options ftrace: Also allocate and copy hash for reading of filter files tracing: Remove unneeded goto out logic Su Hui (1): usb: xhci: print xhci->xhc_state when queue_command failed Suchit Karunakaran (1): kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c Sumanth Gavini (1): Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync Sven Schnelle (2): s390/time: Use monotonic clock in get_cycles() s390/stp: Remove udelay from stp_sync_clock() Takashi Iwai (5): ALSA: usb-audio: Validate UAC3 power domain descriptors, too ALSA: usb-audio: Validate UAC3 cluster segment descriptors ALSA: hda: Handle the jack polling always via a work ALSA: hda: Disable jack polling at shutdown ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation Tetsuo Handa (1): hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() Theodore Ts'o (2): ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr ext4: don't try to clear the orphan_present feature block device is r/o Thomas Fourier (8): et131x: Add missing check after DMA map net: ag71xx: Add missing check after DMA map (powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`. powerpc: floppy: Add missing checks after DMA map wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() mtd: rawnand: fsmc: Add missing check after DMA map mtd: rawnand: renesas: Add missing check after DMA map Thomas Weißschuh (5): tools/nolibc: define time_t in terms of __kernel_old_time_t tools/build: Fix s390(x) cross-compilation with clang um: Re-evaluate thread flags repeatedly MIPS: Don't crash in stack_top() for tasks without ABI or vDSO kbuild: userprogs: use correct linker when mixing clang and GNU ld Thorsten Blum (1): usb: storage: realtek_cr: Use correct byte order for bcs->Residue Tianxiang Peng (1): x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Tim Harvey (1): hwmon: (gsc-hwmon) fix fan pwm setpoint show functions Timur Kristóf (6): drm/amd/display: Don't overwrite dce60_clk_mgr drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 drm/amd/display: Fix DP audio DTO1 clock source on DCE 6. drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs drm/amd/display: Don't overclock DCE 6 by 15% Tomasz Michalec (2): usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present platform/chrome: cros_ec_typec: Defer probe on missing EC parent Trond Myklebust (1): NFS: Fix the setting of capabilities when automounting a new filesystem Tvrtko Ursulin (1): drm/ttm: Respect the shrinker core free target Tzung-Bi Shih (2): platform/chrome: cros_ec: remove unneeded label and if-condition platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() Ulf Hansson (1): mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() Uwe Kleine-König (3): pwm: mediatek: Handle hardware enable and clock enable separately pwm: mediatek: Fix duty and period setting usb: musb: omap2430: Convert to platform remove callback returning void ValdikSS (1): igc: fix disabling L1.2 PCI-E link substate on I226 on init Vasiliy Kovalev (1): ALSA: hda/realtek: Fix headset mic on HONOR BRB-X Vedang Nagar (2): media: venus: Add a check for packet size after reading from shared memory media: venus: Fix OOB read due to missing payload bound check Viacheslav Dubeyko (4): hfs: fix slab-out-of-bounds in hfs_bnode_read() hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() hfs: fix not erasing deleted b-tree node issue Victor Shih (3): mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency mmc: sdhci-pci-gli: Add a new function to simplify the code mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER Vladimir Zapolskiy (1): media: qcom: camss: cleanup media device allocated resource on error path Waiman Long (2): mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key Wang Liang (1): net: bridge: fix soft lockup in br_multicast_query_expired() Wang Zhaolong (1): smb: client: remove redundant lstrp update in negotiate protocol Wei Gao (1): ext2: Handle fiemap on empty files to prevent EINVAL Wen Chen (1): drm/amd/display: Fix 'failed to blank crtc!' Will Deacon (4): vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page vsock/virtio: Validate length in packet header before skb_put() vhost/vsock: Avoid allocating arbitrarily-sized SKBs KVM: arm64: Fix kernel BUG() due to bad backport of FPSIMD/SVE/SME fix William Liu (2): net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate Willy Tarreau (1): tools/nolibc: fix spelling of FD_SETBITMASK in FD_* macros Wolfram Sang (3): media: usb: hdpvr: disable zero-length read messages i3c: add missing include to internal header i3c: don't fail if GETHDRCAP is unsupported Xinxin Wan (1): ASoC: codecs: rt5640: Retry DEVICE_ID verification Xinyu Liu (1): usb: core: config: Prevent OOB read in SS endpoint companion parsing Xu Yang (2): net: usb: asix_devices: add phy_mask for ax88772 mdio bus usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test Xu Yilun (1): fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable() Yann E. MORIN (1): kconfig: lxdialog: fix 'space' to (de)select options Yazen Ghannam (1): x86/mce/amd: Add default names for MCA banks and blocks Ye Bin (1): fs/buffer: fix use-after-free when call bh_read() helper Yonghong Song (1): selftests/bpf: Fix a user_ringbuf failure with arm64 64KB page size Yongzhen Zhang (1): fbdev: fix potential buffer overflow in do_register_framebuffer() Youngjun Lee (1): media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() Youssef Samir (1): bus: mhi: host: Detect events pointing to unexpected TREs Yuichiro Tsuji (1): net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization Yunhui Cui (1): serial: 8250: fix panic due to PSLVERR Yury Norov [NVIDIA] (1): RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() Zenm Chen (1): USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles Zhang Lixu (2): iio: hid-sensor-prox: Restore lost scale assignments iio: hid-sensor-prox: Fix incorrect OFFSET calculation Zhang Shurong (1): media: ov2659: Fix memory leaks in ov2659_probe() Zhang Yi (1): ext4: fix hole length calculation overflow in non-extent inodes Zhiqi Song (1): crypto: hisilicon/hpre - fix dma unmap sequence Zhu Qiyu (1): ACPI: PRM: Reduce unnecessary printing to avoid user confusion Ziyan Fu (1): watchdog: iTCO_wdt: Report error if timeout configuration fails chenchangcheng (1): media: uvcvideo: Fix bandwidth issue for Alcor camera fangzhong.zhou (1): i2c: Force DLL0945 touchpad i2c freq to 100khz jackysliu (1): scsi: bfa: Double-free fix tuhaowen (1): PM: sleep: console: Fix the black screen issue zhangjianrong (2): net: thunderbolt: Enable end-to-end flow control also in transmit net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() Álvaro Fernández Rojas (5): net: dsa: b53: fix b53_imp_vlan_setup for BCM5325 net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325 net: dsa: b53: prevent DIS_LEARNING access on BCM5325 net: dsa: b53: prevent SWITCH_CTRL access on BCM5325 net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325

2 weeks, 4 days

1
1
0 0

Linux 5.15.190

by Greg Kroah-Hartman

I'm announcing the release of the 5.15.190 kernel. All users of the 5.15 kernel series must upgrade. The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/filesystems/f2fs.rst | 6 Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 Documentation/memory-barriers.txt | 11 Documentation/networking/mptcp-sysctl.rst | 2 Makefile | 4 arch/alpha/include/asm/processor.h | 2 arch/alpha/kernel/process.c | 5 arch/arc/include/asm/processor.h | 2 arch/arc/kernel/stacktrace.c | 4 arch/arm/Makefile | 2 arch/arm/boot/dts/am335x-boneblack.dts | 2 arch/arm/boot/dts/imx6ul-kontron-n6x1x-s.dtsi | 1 arch/arm/boot/dts/vfxxx.dtsi | 2 arch/arm/include/asm/processor.h | 2 arch/arm/kernel/process.c | 4 arch/arm/mach-rockchip/platsmp.c | 15 arch/arm/mach-tegra/reset.c | 2 arch/arm64/boot/dts/freescale/imx8mm-beacon-som.dtsi | 2 arch/arm64/boot/dts/freescale/imx8mn-beacon-som.dtsi | 2 arch/arm64/include/asm/acpi.h | 2 arch/arm64/include/asm/processor.h | 2 arch/arm64/kernel/entry.S | 6 arch/arm64/kernel/fpsimd.c | 4 arch/arm64/kernel/process.c | 4 arch/arm64/kernel/traps.c | 1 arch/arm64/mm/fault.c | 1 arch/arm64/mm/ptdump_debugfs.c | 3 arch/csky/include/asm/processor.h | 2 arch/csky/kernel/stacktrace.c | 5 arch/h8300/include/asm/processor.h | 2 arch/h8300/kernel/process.c | 5 arch/hexagon/include/asm/processor.h | 2 arch/hexagon/kernel/process.c | 4 arch/ia64/include/asm/processor.h | 2 arch/ia64/kernel/process.c | 5 arch/m68k/Kconfig.debug | 2 arch/m68k/include/asm/processor.h | 2 arch/m68k/kernel/early_printk.c | 42 - arch/m68k/kernel/head.S | 39 - arch/m68k/kernel/process.c | 4 arch/microblaze/include/asm/processor.h | 2 arch/microblaze/kernel/process.c | 2 arch/mips/crypto/chacha-core.S | 20 arch/mips/include/asm/processor.h | 2 arch/mips/include/asm/vpe.h | 8 arch/mips/kernel/process.c | 24 arch/mips/mm/tlb-r4k.c | 56 + arch/nds32/include/asm/processor.h | 2 arch/nds32/kernel/process.c | 7 arch/nios2/include/asm/processor.h | 2 arch/nios2/kernel/process.c | 5 arch/openrisc/include/asm/processor.h | 2 arch/openrisc/kernel/process.c | 2 arch/parisc/Makefile | 2 arch/parisc/include/asm/processor.h | 2 arch/parisc/kernel/process.c | 5 arch/powerpc/configs/ppc6xx_defconfig | 1 arch/powerpc/include/asm/processor.h | 2 arch/powerpc/kernel/eeh.c | 1 arch/powerpc/kernel/eeh_driver.c | 48 + arch/powerpc/kernel/eeh_pe.c | 11 arch/powerpc/kernel/pci-hotplug.c | 3 arch/powerpc/kernel/process.c | 9 arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 arch/riscv/include/asm/processor.h | 2 arch/riscv/kernel/stacktrace.c | 12 arch/s390/hypfs/hypfs_dbfs.c | 19 arch/s390/include/asm/processor.h | 2 arch/s390/include/asm/timex.h | 13 arch/s390/kernel/process.c | 4 arch/s390/kernel/time.c | 2 arch/s390/mm/dump_pagetables.c | 2 arch/sh/Makefile | 10 arch/sh/boot/compressed/Makefile | 4 arch/sh/boot/romimage/Makefile | 4 arch/sh/include/asm/processor_32.h | 2 arch/sh/kernel/process_32.c | 5 arch/sparc/include/asm/processor_32.h | 2 arch/sparc/include/asm/processor_64.h | 2 arch/sparc/kernel/process_32.c | 5 arch/sparc/kernel/process_64.c | 5 arch/um/drivers/rtc_user.c | 2 arch/um/include/asm/processor-generic.h | 2 arch/um/kernel/process.c | 5 arch/x86/include/asm/processor.h | 2 arch/x86/include/asm/xen/hypercall.h | 6 arch/x86/kernel/cpu/amd.c | 2 arch/x86/kernel/cpu/bugs.c | 5 arch/x86/kernel/cpu/hygon.c | 3 arch/x86/kernel/cpu/mce/amd.c | 13 arch/x86/kernel/process.c | 62 -- arch/x86/kvm/vmx/vmx.c | 5 arch/x86/mm/extable.c | 5 arch/xtensa/include/asm/processor.h | 2 arch/xtensa/kernel/process.c | 5 block/blk-settings.c | 2 drivers/acpi/acpi_processor.c | 2 drivers/acpi/apei/ghes.c | 2 drivers/acpi/prmt.c | 26 drivers/acpi/processor_idle.c | 4 drivers/acpi/processor_perflib.c | 11 drivers/ata/Kconfig | 35 - drivers/ata/libata-sata.c | 5 drivers/ata/libata-scsi.c | 20 drivers/base/power/domain_governor.c | 18 drivers/base/power/runtime.c | 5 drivers/base/regmap/regmap.c | 2 drivers/block/drbd/drbd_receiver.c | 6 drivers/block/sunvdc.c | 4 drivers/bus/fsl-mc/fsl-mc-bus.c | 19 drivers/bus/mhi/host/boot.c | 8 drivers/bus/mhi/host/internal.h | 4 drivers/bus/mhi/host/main.c | 15 drivers/char/hw_random/mtk-rng.c | 4 drivers/char/ipmi/ipmi_msghandler.c | 8 drivers/char/ipmi/ipmi_watchdog.c | 59 +- drivers/clk/clk-axi-clkgen.c | 2 drivers/clk/davinci/psc.c | 5 drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3 drivers/clk/xilinx/xlnx_vcu.c | 4 drivers/comedi/comedi_fops.c | 66 +- drivers/comedi/comedi_internal.h | 1 drivers/comedi/drivers.c | 43 - drivers/comedi/drivers/aio_iiro_16.c | 3 drivers/comedi/drivers/comedi_test.c | 2 drivers/comedi/drivers/das16m1.c | 3 drivers/comedi/drivers/das6402.c | 3 drivers/comedi/drivers/pcl726.c | 3 drivers/comedi/drivers/pcl812.c | 3 drivers/cpufreq/armada-8k-cpufreq.c | 2 drivers/cpufreq/cppc_cpufreq.c | 2 drivers/cpufreq/cpufreq.c | 29 drivers/cpufreq/intel_pstate.c | 4 drivers/cpuidle/governors/menu.c | 21 drivers/crypto/ccp/ccp-debugfs.c | 3 drivers/crypto/hisilicon/hpre/hpre_crypto.c | 8 drivers/crypto/img-hash.c | 2 drivers/crypto/inside-secure/safexcel_hash.c | 8 drivers/crypto/keembay/keembay-ocs-hcu-core.c | 8 drivers/crypto/marvell/cesa/cipher.c | 4 drivers/crypto/marvell/cesa/hash.c | 5 drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 16 drivers/crypto/qat/qat_common/adf_transport_debug.c | 4 drivers/devfreq/devfreq.c | 10 drivers/devfreq/governor_userspace.c | 6 drivers/dma/mv_xor.c | 21 drivers/dma/nbpfaxi.c | 24 drivers/edac/synopsys_edac.c | 97 +-- drivers/fpga/zynq-fpga.c | 10 drivers/gpio/gpio-tps65912.c | 7 drivers/gpio/gpio-virtio.c | 9 drivers/gpio/gpio-wcd934x.c | 7 drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 1 drivers/gpu/drm/amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 - drivers/gpu/drm/amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 - drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11 drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2 drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6 drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 37 - drivers/gpu/drm/drm_dp_helper.c | 2 drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4 drivers/gpu/drm/msm/msm_gem.c | 3 drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9 drivers/gpu/drm/scheduler/sched_entity.c | 27 drivers/gpu/drm/ttm/ttm_pool.c | 8 drivers/gpu/drm/ttm/ttm_resource.c | 3 drivers/hid/hid-core.c | 19 drivers/hid/hid-magicmouse.c | 51 + drivers/hwmon/corsair-cpro.c | 5 drivers/hwmon/gsc-hwmon.c | 4 drivers/i2c/busses/i2c-qup.c | 4 drivers/i2c/busses/i2c-stm32.c | 8 drivers/i2c/busses/i2c-stm32f7.c | 4 drivers/i2c/busses/i2c-virtio.c | 15 drivers/i2c/i2c-core-acpi.c | 1 drivers/i3c/internals.h | 1 drivers/i3c/master.c | 2 drivers/idle/intel_idle.c | 2 drivers/iio/adc/ad7768-1.c | 23 drivers/iio/adc/ad_sigma_delta.c | 4 drivers/iio/adc/max1363.c | 43 - drivers/iio/adc/stm32-adc-core.c | 7 drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 6 drivers/iio/light/as73211.c | 2 drivers/iio/light/hid-sensor-prox.c | 8 drivers/iio/pressure/bmp280-core.c | 9 drivers/iio/proximity/isl29501.c | 16 drivers/infiniband/core/cache.c | 4 drivers/infiniband/core/nldev.c | 22 drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 drivers/infiniband/hw/hfi1/affinity.c | 44 - drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 15 drivers/infiniband/hw/mlx5/dm.c | 2 drivers/input/joystick/xpad.c | 2 drivers/input/keyboard/gpio_keys.c | 4 drivers/interconnect/qcom/sc7280.c | 1 drivers/iommu/amd/init.c | 4 drivers/leds/leds-lp50xx.c | 11 drivers/md/dm-ps-historical-service-time.c | 4 drivers/md/dm-ps-queue-length.c | 4 drivers/md/dm-ps-round-robin.c | 4 drivers/md/dm-ps-service-time.c | 4 drivers/md/dm-zoned-target.c | 2 drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 drivers/media/dvb-frontends/dib7000p.c | 10 drivers/media/i2c/hi556.c | 26 drivers/media/i2c/ov2659.c | 3 drivers/media/i2c/tc358743.c | 86 +- drivers/media/platform/qcom/camss/camss.c | 10 drivers/media/platform/qcom/venus/core.c | 21 drivers/media/platform/qcom/venus/core.h | 2 drivers/media/platform/qcom/venus/dbgfs.c | 9 drivers/media/platform/qcom/venus/dbgfs.h | 13 drivers/media/platform/qcom/venus/hfi_venus.c | 5 drivers/media/platform/qcom/venus/vdec.c | 5 drivers/media/platform/qcom/venus/venc.c | 5 drivers/media/usb/gspca/vicam.c | 10 drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 drivers/media/usb/usbtv/usbtv-video.c | 4 drivers/media/usb/uvc/uvc_driver.c | 3 drivers/media/usb/uvc/uvc_video.c | 21 drivers/media/v4l2-core/v4l2-common.c | 8 drivers/media/v4l2-core/v4l2-ctrls-core.c | 9 drivers/memstick/core/memstick.c | 3 drivers/memstick/host/rtsx_usb_ms.c | 1 drivers/misc/cardreader/rtsx_usb.c | 16 drivers/mmc/host/bcm2835.c | 3 drivers/mmc/host/rtsx_usb_sdmmc.c | 4 drivers/mmc/host/sdhci-msm.c | 14 drivers/mmc/host/sdhci-pci-core.c | 3 drivers/mmc/host/sdhci-pci-gli.c | 4 drivers/mmc/host/sdhci_am654.c | 9 drivers/most/core.c | 2 drivers/mtd/ftl.c | 2 drivers/mtd/nand/raw/atmel/nand-controller.c | 2 drivers/mtd/nand/raw/atmel/pmecc.c | 6 drivers/mtd/nand/raw/fsmc_nand.c | 2 drivers/mtd/nand/raw/rockchip-nand-controller.c | 15 drivers/mtd/nand/spi/core.c | 5 drivers/net/bonding/bond_3ad.c | 25 drivers/net/bonding/bond_options.c | 1 drivers/net/can/kvaser_pciefd.c | 1 drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1 drivers/net/dsa/b53/b53_common.c | 65 +- drivers/net/dsa/b53/b53_regs.h | 2 drivers/net/ethernet/agere/et131x.c | 36 + drivers/net/ethernet/aquantia/atlantic/aq_hw.h | 2 drivers/net/ethernet/aquantia/atlantic/hw_atl2/hw_atl2_utils_fw.c | 39 + drivers/net/ethernet/atheros/ag71xx.c | 9 drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 drivers/net/ethernet/emulex/benet/be_cmds.c | 2 drivers/net/ethernet/emulex/benet/be_main.c | 8 drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 2 drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 15 drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c | 15 drivers/net/ethernet/freescale/enetc/enetc_pf.c | 14 drivers/net/ethernet/freescale/fec_main.c | 34 - drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 drivers/net/ethernet/google/gve/gve_adminq.c | 1 drivers/net/ethernet/google/gve/gve_main.c | 67 +- drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 36 - drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_ptp.c | 9 drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 6 drivers/net/ethernet/intel/e1000e/defines.h | 3 drivers/net/ethernet/intel/e1000e/ich8lan.c | 2 drivers/net/ethernet/intel/e1000e/nvm.c | 6 drivers/net/ethernet/intel/fm10k/fm10k.h | 3 drivers/net/ethernet/intel/i40e/i40e.h | 2 drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 3 drivers/net/ethernet/intel/i40e/i40e_main.c | 18 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 4 drivers/net/ethernet/intel/ice/ice_flex_pipe.c | 2 drivers/net/ethernet/intel/igc/igc_main.c | 14 drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3 drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 drivers/net/ethernet/mellanox/mlx5/core/en.h | 24 drivers/net/ethernet/mellanox/mlx5/core/en/qos.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 13 drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c | 4 drivers/net/ethernet/mellanox/mlx5/core/main.c | 3 drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 drivers/net/ethernet/xilinx/xilinx_emaclite.c | 2 drivers/net/hyperv/hyperv_net.h | 3 drivers/net/hyperv/netvsc_drv.c | 29 drivers/net/phy/dp83640.c | 6 drivers/net/phy/mscc/mscc.h | 12 drivers/net/phy/mscc/mscc_main.c | 12 drivers/net/phy/mscc/mscc_ptp.c | 50 + drivers/net/phy/mscc/mscc_ptp.h | 1 drivers/net/phy/nxp-c45-tja11xx.c | 2 drivers/net/phy/smsc.c | 1 drivers/net/ppp/ppp_generic.c | 17 drivers/net/ppp/pptp.c | 18 drivers/net/thunderbolt.c | 8 drivers/net/usb/asix_devices.c | 1 drivers/net/usb/sierra_net.c | 4 drivers/net/usb/usbnet.c | 11 drivers/net/vrf.c | 2 drivers/net/wireless/ath/ath11k/hal.c | 25 drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 8 drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11 drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4 drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 drivers/net/wireless/marvell/mwl8k.c | 4 drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3 drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2 drivers/net/wireless/realtek/rtlwifi/pci.c | 23 drivers/net/xen-netfront.c | 5 drivers/nvme/host/core.c | 4 drivers/pci/controller/pcie-rockchip-host.c | 2 drivers/pci/controller/vmd.c | 3 drivers/pci/endpoint/functions/pci-epf-vntb.c | 4 drivers/pci/endpoint/pci-ep-cfs.c | 1 drivers/pci/endpoint/pci-epf-core.c | 2 drivers/pci/hotplug/pnv_php.c | 233 +++++++ drivers/pci/pci-acpi.c | 4 drivers/pci/pci.c | 8 drivers/pci/probe.c | 2 drivers/phy/tegra/xusb-tegra186.c | 59 +- drivers/pinctrl/mediatek/pinctrl-moore.c | 18 drivers/pinctrl/stm32/pinctrl-stm32.c | 1 drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11 drivers/platform/chrome/cros_ec.c | 23 drivers/platform/chrome/cros_ec.h | 2 drivers/platform/chrome/cros_ec_i2c.c | 4 drivers/platform/chrome/cros_ec_lpc.c | 4 drivers/platform/chrome/cros_ec_spi.c | 4 drivers/platform/chrome/cros_ec_typec.c | 4 drivers/platform/x86/ideapad-laptop.c | 2 drivers/platform/x86/think-lmi.c | 27 drivers/platform/x86/thinkpad_acpi.c | 4 drivers/power/supply/cpcap-charger.c | 5 drivers/power/supply/max14577_charger.c | 4 drivers/powercap/intel_rapl_common.c | 23 drivers/pps/clients/pps-gpio.c | 5 drivers/pps/pps.c | 11 drivers/ptp/ptp_private.h | 5 drivers/ptp/ptp_vclock.c | 7 drivers/pwm/pwm-imx-tpm.c | 9 drivers/pwm/pwm-mediatek.c | 78 +- drivers/regulator/core.c | 1 drivers/reset/Kconfig | 10 drivers/rtc/rtc-ds1307.c | 17 drivers/rtc/rtc-hym8563.c | 2 drivers/rtc/rtc-pcf85063.c | 2 drivers/rtc/rtc-pcf8563.c | 2 drivers/rtc/rtc-rv3028.c | 2 drivers/scsi/aacraid/comminit.c | 3 drivers/scsi/bfa/bfad_im.c | 1 drivers/scsi/ibmvscsi_tgt/libsrp.c | 6 drivers/scsi/isci/request.c | 2 drivers/scsi/libiscsi.c | 3 drivers/scsi/lpfc/lpfc_debugfs.c | 1 drivers/scsi/lpfc/lpfc_scsi.c | 4 drivers/scsi/mpi3mr/mpi3mr.h | 6 drivers/scsi/mpi3mr/mpi3mr_fw.c | 17 drivers/scsi/mpi3mr/mpi3mr_os.c | 2 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 22 drivers/scsi/mvsas/mv_sas.c | 4 drivers/scsi/qla4xxx/ql4_os.c | 2 drivers/scsi/scsi_scan.c | 2 drivers/scsi/scsi_transport_sas.c | 60 +- drivers/scsi/ufs/ufs-exynos.c | 4 drivers/scsi/ufs/ufshcd-pci.c | 42 + drivers/scsi/ufs/ufshcd.c | 10 drivers/soc/aspeed/aspeed-lpc-snoop.c | 13 drivers/soc/qcom/mdt_loader.c | 41 + drivers/soc/tegra/pmc.c | 51 - drivers/soundwire/stream.c | 2 drivers/staging/fbtft/fbtft-core.c | 1 drivers/staging/media/imx/imx-media-csc-scaler.c | 2 drivers/staging/nvec/nvec_power.c | 2 drivers/target/target_core_fabric_lib.c | 63 +- drivers/target/target_core_internal.h | 4 drivers/target/target_core_pr.c | 18 drivers/thermal/qcom/qcom-spmi-temp-alarm.c | 43 + drivers/thermal/thermal_sysfs.c | 9 drivers/thunderbolt/domain.c | 2 drivers/thunderbolt/switch.c | 2 drivers/tty/serial/8250/8250_port.c | 3 drivers/tty/serial/pch_uart.c | 2 drivers/tty/vt/defkeymap.c_shipped | 112 +++ drivers/tty/vt/keyboard.c | 2 drivers/usb/atm/cxacru.c | 106 +-- drivers/usb/chipidea/ci.h | 18 drivers/usb/chipidea/udc.c | 10 drivers/usb/class/cdc-acm.c | 11 drivers/usb/core/config.c | 10 drivers/usb/core/hcd.c | 8 drivers/usb/core/hub.c | 60 +- drivers/usb/core/hub.h | 1 drivers/usb/core/quirks.c | 1 drivers/usb/core/urb.c | 2 drivers/usb/dwc3/dwc3-imx8mp.c | 6 drivers/usb/dwc3/dwc3-meson-g12a.c | 3 drivers/usb/dwc3/dwc3-qcom.c | 7 drivers/usb/dwc3/ep0.c | 20 drivers/usb/dwc3/gadget.c | 19 drivers/usb/early/xhci-dbc.c | 4 drivers/usb/gadget/composite.c | 5 drivers/usb/gadget/configfs.c | 2 drivers/usb/gadget/udc/renesas_usb3.c | 1 drivers/usb/host/xhci-hub.c | 3 drivers/usb/host/xhci-mem.c | 24 drivers/usb/host/xhci-pci-renesas.c | 7 drivers/usb/host/xhci-ring.c | 19 drivers/usb/host/xhci.c | 24 drivers/usb/host/xhci.h | 3 drivers/usb/misc/apple-mfi-fastcharge.c | 24 drivers/usb/musb/musb_core.c | 62 +- drivers/usb/musb/musb_core.h | 11 drivers/usb/musb/musb_debugfs.c | 6 drivers/usb/musb/musb_gadget.c | 30 - drivers/usb/musb/musb_host.c | 6 drivers/usb/musb/musb_virthub.c | 18 drivers/usb/musb/omap2430.c | 16 drivers/usb/phy/phy-mxs-usb.c | 4 drivers/usb/serial/ftdi_sio.c | 2 drivers/usb/serial/ftdi_sio_ids.h | 3 drivers/usb/serial/option.c | 7 drivers/usb/storage/realtek_cr.c | 2 drivers/usb/storage/unusual_devs.h | 29 drivers/usb/typec/mux/intel_pmc_mux.c | 2 drivers/usb/typec/tcpm/fusb302.c | 8 drivers/usb/typec/tcpm/tcpm.c | 64 +- drivers/usb/typec/ucsi/psy.c | 2 drivers/usb/typec/ucsi/ucsi.c | 1 drivers/usb/typec/ucsi/ucsi.h | 7 drivers/vhost/scsi.c | 4 drivers/vhost/vhost.c | 3 drivers/video/console/vgacon.c | 2 drivers/video/fbdev/core/fbcon.c | 9 drivers/video/fbdev/imxfb.c | 9 drivers/watchdog/dw_wdt.c | 2 drivers/watchdog/iTCO_wdt.c | 6 drivers/watchdog/sbsa_gwdt.c | 50 + drivers/watchdog/ziirave_wdt.c | 3 drivers/xen/gntdev-common.h | 4 drivers/xen/gntdev.c | 71 +- fs/btrfs/relocation.c | 19 fs/btrfs/tree-log.c | 53 + fs/buffer.c | 2 fs/cifs/cifssmb.c | 10 fs/cifs/file.c | 10 fs/cifs/smb2ops.c | 7 fs/cifs/smbdirect.c | 14 fs/eventpoll.c | 60 +- fs/ext2/inode.c | 12 fs/ext4/fsmap.c | 23 fs/ext4/indirect.c | 4 fs/ext4/inline.c | 19 fs/ext4/inode.c | 2 fs/ext4/mballoc.c | 33 - fs/ext4/orphan.c | 5 fs/ext4/super.c | 2 fs/f2fs/extent_cache.c | 2 fs/f2fs/f2fs.h | 2 fs/f2fs/inode.c | 28 fs/f2fs/node.c | 10 fs/file.c | 90 +-- fs/hfs/bnode.c | 93 +++ fs/hfsplus/bnode.c | 92 +++ fs/hfsplus/extents.c | 3 fs/hfsplus/unicode.c | 7 fs/hfsplus/xattr.c | 6 fs/hugetlbfs/inode.c | 2 fs/isofs/inode.c | 9 fs/jbd2/checkpoint.c | 1 fs/jfs/file.c | 3 fs/jfs/inode.c | 2 fs/jfs/jfs_dmap.c | 10 fs/jfs/jfs_imap.c | 13 fs/ksmbd/smb2pdu.c | 16 fs/ksmbd/smb_common.c | 2 fs/ksmbd/transport_rdma.c | 97 +-- fs/libfs.c | 4 fs/namespace.c | 39 - fs/nfs/blocklayout/blocklayout.c | 4 fs/nfs/blocklayout/dev.c | 5 fs/nfs/blocklayout/extent_tree.c | 20 fs/nfs/client.c | 44 + fs/nfs/export.c | 11 fs/nfs/flexfilelayout/flexfilelayout.c | 26 fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6 fs/nfs/internal.h | 10 fs/nfs/nfs4client.c | 15 fs/nfs/nfs4proc.c | 12 fs/nfs/pnfs.c | 11 fs/nfsd/nfs4state.c | 34 - fs/nilfs2/inode.c | 9 fs/ntfs3/dir.c | 3 fs/ntfs3/file.c | 5 fs/ntfs3/inode.c | 31 - fs/orangefs/orangefs-debugfs.c | 8 fs/squashfs/super.c | 14 fs/udf/super.c | 13 include/asm-generic/barrier.h | 33 + include/linux/bitmap.h | 2 include/linux/blk_types.h | 8 include/linux/compiler.h | 8 include/linux/cpuset.h | 17 include/linux/fs.h | 4 include/linux/fs_context.h | 2 include/linux/if_vlan.h | 6 include/linux/memfd.h | 14 include/linux/mlx5/device.h | 1 include/linux/mm.h | 80 +- include/linux/mmzone.h | 22 include/linux/moduleparam.h | 5 include/linux/pci.h | 10 include/linux/platform_data/cros_ec_proto.h | 4 include/linux/pps_kernel.h | 1 include/linux/sched.h | 1 include/linux/skbuff.h | 31 + include/linux/usb/usbnet.h | 1 include/linux/xarray.h | 15 include/net/bond_3ad.h | 1 include/net/cfg80211.h | 2 include/net/mac80211.h | 2 include/net/tc_act/tc_ctinfo.h | 6 include/net/udp.h | 24 include/sound/soc-dai.h | 13 include/uapi/linux/in6.h | 4 include/uapi/linux/io_uring.h | 2 kernel/bpf/helpers.c | 11 kernel/cgroup/cpuset.c | 23 kernel/events/core.c | 20 kernel/fork.c | 2 kernel/power/console.c | 7 kernel/rcu/tree_plugin.h | 3 kernel/sched/core.c | 19 kernel/sched/deadline.c | 4 kernel/sched/loadavg.c | 2 kernel/sched/rt.c | 6 kernel/sched/sched.h | 2 kernel/trace/ftrace.c | 19 kernel/trace/preemptirq_delay_test.c | 13 kernel/trace/trace.c | 33 - kernel/trace/trace.h | 8 kernel/trace/trace_events.c | 5 kernel/ucount.c | 2 lib/bitmap.c | 13 mm/debug_vm_pgtable.c | 9 mm/filemap.c | 2 mm/hmm.c | 2 mm/kmemleak.c | 10 mm/madvise.c | 2 mm/memfd.c | 2 mm/memory-failure.c | 8 mm/mmap.c | 10 mm/page_alloc.c | 13 mm/ptdump.c | 2 mm/shmem.c | 2 mm/vmalloc.c | 17 mm/zsmalloc.c | 3 net/8021q/vlan.c | 42 + net/8021q/vlan.h | 1 net/appletalk/aarp.c | 24 net/bluetooth/l2cap_core.c | 26 net/bluetooth/l2cap_sock.c | 3 net/bluetooth/smp.c | 21 net/bluetooth/smp.h | 1 net/bridge/br_multicast.c | 16 net/bridge/br_private.h | 2 net/bridge/br_switchdev.c | 3 net/caif/cfctrl.c | 294 ++++------ net/core/filter.c | 3 net/core/netpoll.c | 7 net/core/skmsg.c | 57 + net/hsr/hsr_slave.c | 8 net/ipv4/netfilter/nf_reject_ipv4.c | 6 net/ipv4/route.c | 1 net/ipv4/tcp_input.c | 3 net/ipv4/udp_offload.c | 2 net/ipv6/addrconf.c | 7 net/ipv6/ip6_offload.c | 4 net/ipv6/mcast.c | 13 net/ipv6/netfilter/nf_reject_ipv6.c | 5 net/ipv6/rpl_iptunnel.c | 8 net/ipv6/seg6_hmac.c | 6 net/mac80211/cfg.c | 13 net/mac80211/mlme.c | 9 net/mac80211/tx.c | 10 net/mctp/af_mctp.c | 26 net/mptcp/options.c | 7 net/mptcp/pm_netlink.c | 14 net/mptcp/protocol.c | 17 net/mptcp/protocol.h | 11 net/mptcp/subflow.c | 20 net/ncsi/internal.h | 2 net/ncsi/ncsi-rsp.c | 1 net/netfilter/nf_conntrack_netlink.c | 24 net/netfilter/nf_tables_api.c | 4 net/netfilter/xt_nfacct.c | 4 net/netlink/af_netlink.c | 2 net/packet/af_packet.c | 39 - net/phonet/pep.c | 2 net/sched/act_ctinfo.c | 19 net/sched/sch_cake.c | 14 net/sched/sch_codel.c | 5 net/sched/sch_drr.c | 7 net/sched/sch_ets.c | 46 - net/sched/sch_fq_codel.c | 6 net/sched/sch_hfsc.c | 8 net/sched/sch_htb.c | 19 net/sched/sch_netem.c | 40 + net/sched/sch_qfq.c | 40 - net/sctp/input.c | 2 net/tls/tls_sw.c | 13 net/vmw_vsock/af_vsock.c | 3 net/wireless/mlme.c | 3 samples/mei/mei-amt-version.c | 2 scripts/kconfig/gconf.c | 8 scripts/kconfig/lxdialog/inputbox.c | 6 scripts/kconfig/lxdialog/menubox.c | 2 scripts/kconfig/nconf.c | 2 scripts/kconfig/nconf.gui.c | 1 scripts/kconfig/qconf.cc | 2 security/apparmor/include/match.h | 3 security/apparmor/match.c | 1 security/inode.c | 2 sound/core/pcm_native.c | 19 sound/pci/hda/patch_ca0132.c | 7 sound/pci/hda/patch_hdmi.c | 19 sound/pci/hda/patch_realtek.c | 3 sound/pci/intel8x0.c | 2 sound/soc/codecs/hdac_hdmi.c | 10 sound/soc/codecs/rt5640.c | 5 sound/soc/fsl/fsl_sai.c | 30 - sound/soc/generic/audio-graph-card.c | 2 sound/soc/intel/boards/Kconfig | 2 sound/soc/soc-core.c | 28 sound/soc/soc-dai.c | 59 +- sound/soc/soc-dapm.c | 4 sound/soc/soc-ops.c | 26 sound/usb/mixer_quirks.c | 14 sound/usb/mixer_scarlett_gen2.c | 8 sound/usb/stream.c | 25 sound/usb/validate.c | 14 sound/x86/intel_hdmi_audio.c | 2 tools/bpf/bpftool/net.c | 15 tools/include/linux/sched/mm.h | 2 tools/include/nolibc/std.h | 4 tools/perf/builtin-sched.c | 12 tools/perf/tests/bp_account.c | 1 tools/perf/util/evsel.c | 11 tools/perf/util/evsel.h | 2 tools/power/cpupower/utils/idle_monitor/mperf_monitor.c | 4 tools/testing/ktest/ktest.pl | 5 tools/testing/selftests/ftrace/test.d/event/subsystem-enable.tc | 28 tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc | 2 tools/testing/selftests/futex/include/futextest.h | 11 tools/testing/selftests/memfd/memfd_test.c | 43 + tools/testing/selftests/net/mptcp/Makefile | 3 tools/testing/selftests/net/mptcp/mptcp_connect.c | 28 tools/testing/selftests/net/mptcp/mptcp_connect_checksum.sh | 5 tools/testing/selftests/net/mptcp/mptcp_connect_mmap.sh | 5 tools/testing/selftests/net/mptcp/mptcp_connect_sendfile.sh | 5 tools/testing/selftests/net/mptcp/mptcp_join.sh | 1 tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 tools/testing/selftests/net/rtnetlink.sh | 6 tools/testing/selftests/net/udpgro.sh | 46 - tools/testing/selftests/perf_events/.gitignore | 1 tools/testing/selftests/perf_events/Makefile | 2 tools/testing/selftests/perf_events/mmap.c | 236 ++++++++ tools/testing/selftests/syscall_user_dispatch/sud_test.c | 50 - 677 files changed, 6071 insertions(+), 2522 deletions(-) Aaron Kling (1): ARM: tegra: Use I/O memcpy to write to IRAM Aaron Plattner (1): watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition Abdun Nihaal (2): regmap: fix potential memory leak of regmap_bus staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() Abinash Singh (1): f2fs: fix KMSAN uninit-value in extent_info usage Ada Couprie Diaz (1): arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() Adam Ford (2): arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed Aditya Garg (1): HID: magicmouse: avoid setting up battery timer when not needed Adrian Hunter (1): scsi: ufs: ufs-pci: Fix default runtime and system PM levels Al Viro (5): clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns better lockdep annotations for simple_recursive_removal() securityfs: don't pin dentries twice, once is enough... use uniform permission checks for all mount propagation changes alloc_fdtable(): change calling conventions. Albin Törnqvist (1): arm: dts: ti: omap: Fixup pinheader typo Alessandro Carminati (1): regulator: core: fix NULL dereference on unbind due to stale coupling data Alex Guo (2): media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar Alexander Gordeev (1): mm/vmalloc: leave lazy MMU mode on PTE mapping error Alexander Kochetkov (1): ARM: rockchip: fix kernel hang during smp initialization Alexander Wetzel (1): wifi: mac80211: Don't call fq_flow_idx() for management frames Alexander Wilhelm (1): bus: mhi: host: Fix endianness of BHI vector table Alok Tiwari (7): thunderbolt: Fix bit masking in tb_dp_port_set_hops() net: emaclite: Fix missing pointer increment in aligned_read() staging: nvec: Fix incorrect null termination of battery manufacturer ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 be2net: Use correct byte order and format string for TCP seq and ack_seq net: thunderx: Fix format-truncation warning in bgx_acpi_match_id() gve: Return error for unknown admin queue command Amir Mohammad Jahangirzad (1): fs/orangefs: use snprintf() instead of sprintf() Ammar Faizi (1): net: usbnet: Fix the wrong netif_carrier_on() call Anantha Prabhu (1): RDMA/bnxt_re: Fix to initialize the PBL array Andreas Dilger (1): ext4: check fast symlink for ea_inode correctly Andrew Jeffery (2): soc: aspeed: lpc-snoop: Cleanup resources in stack-order soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled André Draszik (1): scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE Andy Shevchenko (2): mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery Documentation: ACPI: Fix parent device references Andy Yan (1): drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed Anna Schumaker (1): NFS: Create an nfs4_server_set_init_caps() function Annette Kobou (1): ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface Anshuman Khandual (1): mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Anthoine Bourgeois (1): xen/netfront: Fix TX response spurious interrupts Archana Patni (1): scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers Arnaud Lecomte (1): jfs: upper bound check of tree index in dbAllocAG Arnd Bergmann (6): ethernet: intel: fix building with large NR_CPUS ASoC: Intel: fix SND_SOC_SOF dependencies ASoC: ops: dynamically allocate struct snd_ctl_elem_value caif: reduce stack size, again kernel: trace: preemptirq_delay_test: use offstack cpu mask RDMA/core: reduce stack using in nldev_stat_get_doit() Arun Raghavan (1): ASoC: fsl_sai: Force a software reset when starting in consumer mode Aruna Ramakrishna (1): sched: Change nr_uninterruptible type to unsigned long Avraham Stern (1): wifi: iwlwifi: mvm: fix scan request validation Baihan Li (1): drm/hisilicon/hibmc: fix the hibmc loaded failed bug Balamanikandan Gunasundar (1): mtd: rawnand: atmel: set pmecc data setup time Baokun Li (2): ext4: fix largest free orders lists corruption on mb_optimize_scan switch jbd2: prevent softlockup in jbd2_log_do_checkpoint() Bard Liao (1): soundwire: stream: restore params when prepare ports fail Bartosz Golaszewski (2): gpio: wcd934x: check the return value of regmap_update_bits() gpio: tps65912: check the return value of regmap_update_bits() Ben Ben-Ishay (1): net/mlx5e: Add support to klm_umr_wqe Ben Hutchings (1): sh: Do not use hyphen in exported variable name Benjamin Coddington (1): NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY Benjamin Tissoires (3): HID: core: ensure the allocated report buffer can contain the reserved report ID HID: core: ensure __hid_request reserves the report ID as the first byte HID: core: do not bypass hid_hw_raw_request Benson Leung (1): usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default Bharat Bhushan (1): crypto: octeontx2 - add timeout for load_fvc completion poll Bingbu Cao (1): media: hi556: correct the test pattern configuration Bjorn Andersson (1): soc: qcom: mdt_loader: Ensure we don't read past the ELF header Brahmajit Das (1): samples: mei: Fix building on musl libc Breno Leitao (4): ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path arm64: Mark kernel as tainted on SAE and SError panic ipmi: Use dev_warn_ratelimited() for incorrect message warnings mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock Brian Masney (5): rtc: ds1307: fix incorrect maximum clock rate handling rtc: hym8563: fix incorrect maximum clock rate handling rtc: pcf85063: fix incorrect maximum clock rate handling rtc: pcf8563: fix incorrect maximum clock rate handling rtc: rv3028: fix incorrect maximum clock rate handling Buday Csaba (1): net: phy: smsc: add proper reset flags for LAN8710A Budimir Markovic (1): vsock: Do not allow binding to VMADDR_PORT_ANY Chao Gao (1): KVM: VMX: Flush shadow VMCS on emergency reboot Chao Yu (6): f2fs: doc: fix wrong quota mount option description f2fs: fix to avoid UAF in f2fs_sync_inode_meta() f2fs: fix to avoid panic in f2fs_evict_inode f2fs: fix to avoid out-of-boundary access in devs.path f2fs: fix to do sanity check on ino and xnid f2fs: fix to avoid out-of-boundary access in dnode page Charalampos Mitrodimas (1): usb: misc: apple-mfi-fastcharge: Make power supply names unique Charles Han (2): power: supply: cpcap-charger: Fix null check for power_supply_get_by_name power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set Cheick Traore (1): pinctrl: stm32: Manage irq affinity settings Chen Ni (1): iio: adc: stm32-adc: Fix race in installing chained IRQ handler Chen-Yu Tsai (1): platform/chrome: cros_ec: Use per-device lockdep key Chenyuan Yang (2): fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() Christoph Paasch (3): net/mlx5: Correctly set gso_size when LRO is used net/mlx5: Correctly set gso_segs when LRO is used mptcp: drop skb if MPTCP skb extension allocation fails Christophe Leroy (1): ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop Clément Le Goffic (1): i2c: stm32: fix the device used for the DMA map Cong Wang (6): sch_htb: make htb_qlen_notify() idempotent sch_hfsc: make hfsc_qlen_notify() idempotent sch_qfq: make qfq_qlen_notify() idempotent sch_drr: make drr_qlen_notify() idempotent codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() sch_htb: make htb_deactivate() idempotent Corey Minyard (1): ipmi: Fix strcpy source and destination the same Cristian Ciocaltea (1): ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros Cynthia Huang (1): selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t Dai Ngo (1): NFSD: detect mismatch of file handle and delegation stateid in OPEN op Damien Le Moal (7): ata: libata-sata: Disallow changing LPM state if not supported scsi: mpt3sas: Correctly handle ATA device errors ata: libata-scsi: Fix ata_to_sense_error() status handling PCI: endpoint: Fix configfs group list head handling PCI: endpoint: Fix configfs group removal on driver teardown block: Make REQ_OP_ZONE_FINISH a write operation ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig Dan Carpenter (7): dmaengine: nbpfaxi: Fix memory corruption in probe() watchdog: ziirave_wdt: check record length in ziirave_firm_verify() fs/orangefs: Allow 2 more characters in do_c_string() cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() media: gspca: Add bounds checking to firmware parser scsi: qla4xxx: Prevent a potential error pointer dereference ALSA: usb-audio: Fix size validation in convert_chmap_v3() Daniel Dadap (1): ALSA: hda: Add missing NVIDIA HDA codec IDs Daniil Dulov (1): wifi: rtl818x: Kill URBs before clearing tx status queue Dave Hansen (1): x86/fpu: Delay instruction pointer fixup until after warning Dave Stevenson (3): media: tc358743: Check I2C succeeded during probe media: tc358743: Return an appropriate colorspace from tc358743_set_fmt media: tc358743: Increase FIFO trigger level to 374 David Collins (1): thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required David Lechner (2): iio: proximity: isl29501: fix buffered read on big-endian systems iio: adc: ad_sigma_delta: change to buffer predisable Davide Caratti (2): net/sched: sch_ets: properly init all active DRR list handles net/sched: ets: use old 'nbands' while purging unused classes Dawid Rezler (1): ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx Denis OSTERLAND-HEIM (1): pps: fix poll support Dennis Chen (1): i40e: report VF tx_dropped with tx_errors instead of tx_discards Dikshita Agarwal (1): media: venus: Add support for SSR trigger using fault injection Dmitry Antipov (1): jfs: reject on-disk inodes of an unsupported type Dmitry Vyukov (1): selftests: Fix errno checking in syscall_user_dispatch test Dong Chenchen (1): net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Drew Hamilton (1): usb: musb: fix gadget state on disconnect Edson Juliano Drosdeck (1): mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models Edward Adam Davis (2): jfs: Regular file corruption check comedi: pcl726: Prevent invalid irq number Eliav Farber (1): pps: clients: gpio: fix interrupt handling order in remove path Emily Deng (1): drm/ttm: Should to return the evict error Eric Biggers (3): thunderbolt: Fix copy+paste error in match_service_id() lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap ipv6: sr: Fix MAC comparison to be constant-time Eric Dumazet (5): net_sched: act_ctinfo: use atomic64_t for three counters pptp: ensure minimal skb length in pptp_xmit() ipv6: reject malicious packets in ipv6_gso_segment() pptp: fix pptp_xmit() error path net_sched: sch_ets: implement lockless ets_dump() Eric Work (1): net: atlantic: add set_power to fw_ops for atl2 to fix wol Evgeniy Harchenko (1): ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 Fabio Estevam (2): iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] iio: adc: max1363: Reorder mode_list[] entries Fabio Porcedda (1): USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition Fabrice Gasnier (1): Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT Fedor Pchelkin (3): drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value netfilter: nf_tables: adjust lockdep assertions handling netlink: avoid infinite retry looping in netlink_unicast() Feng Tang (1): mm/page_alloc: detect allocation forbidden by cpuset and bail out early Filipe Manana (1): btrfs: fix log tree replay failure due to file with 0 links and extents Finn Thain (2): m68k: Don't unregister boot console needlessly m68k: Fix lost column on framebuffer debug console Florian Westphal (4): netfilter: xt_nfacct: don't assume acct name is null-terminated netfilter: ctnetlink: fix refcount leak on table dump selftests: mptcp: make sendfile selftest work netfilter: nf_reject: don't leak dst refcount for loopback packets Gabor Juhos (1): mtd: spinand: propagate spinand_wait() errors from spinand_write_page() Gal Pressman (1): net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs Gautham R. Shenoy (1): pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() Geliang Tang (2): mptcp: drop unused sk in mptcp_push_release mptcp: disable add_addr retransmission when timeout is 0 Geoffrey D. Bennett (1): ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() Giovanni Cabiddu (1): crypto: qat - fix seq_file position update in adf_ring_next() Gokul Sivakumar (1): wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE Greg Kroah-Hartman (2): Revert "vmci: Prevent the dispatching of uninitialized payloads" Linux 5.15.190 Gui-Dong Han (1): media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() Haiyang Zhang (1): hv_netvsc: Fix panic during namespace deletion with VF Hangbin Liu (2): selftests: udpgro: report error when receive failed bonding: update LACP activity flag after setting lacp_active Hans Zhang (1): PCI: rockchip-host: Fix "Unexpected Completion" log message Haoxiang Li (2): media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Harald Mommer (1): gpio: virtio: Fix config space reading. Hari Kalavakunta (1): net: ncsi: Fix buffer overflow in fetching version id Harry Yoo (1): mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n Heiner Kallweit (1): dpaa_eth: don't use fixed_phy_change_carrier Helge Deller (1): Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" Henry Martin (1): clk: davinci: Add NULL check in davinci_lpsc_clk_register() Herbert Xu (1): crypto: marvell/cesa - Fix engine load inaccuracy Herton R. Krzesinski (1): mm/debug_vm_pgtable: clear page table entries at destroy_args() Horatiu Vultur (2): phy: mscc: Fix parsing of unicast frames phy: mscc: Fix timestamping for vsc8584 Hsin-Te Yuan (1): thermal: sysfs: Return ENODATA instead of EAGAIN for reads Ian Abbott (12): comedi: pcl812: Fix bit shift out of bounds comedi: aio_iiro_16: Fix bit shift out of bounds comedi: das16m1: Fix bit shift out of bounds comedi: das6402: Fix bit shift out of bounds comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large comedi: Fix some signed shift left operations comedi: Fix use of uninitialized data in insn_rw_emulate_bits() comedi: Fix initialization of data for instructions that write to subdevice comedi: comedi_test: Fix possible deletion of uninitialized timers comedi: fix race between polling and detaching comedi: Make insn_rw_emulate_bits() do insn->n samples comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() Ido Schimmel (1): mlxsw: spectrum: Forward packets with an IPv4 link-local source IP Ilan Peer (1): wifi: cfg80211: Fix interface type validation Ilya Bakoulin (1): drm/amd/display: Separate set_gsl from set_gsl_source_select Imre Deak (1): drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS Ivan Stepchenko (1): mtd: fix possible integer overflow in erase_xfer() Jacek Kowalski (2): e1000e: disregard NVM checksum on tgp when valid checksum bit is not set e1000e: ignore uninitialized checksum word on tgp Jack Xiao (1): drm/amdgpu: fix incorrect vm flags to map bo Jakub Acs (1): net, hsr: reject HSR frame if skb can't hold tag Jakub Kicinski (2): netpoll: prevent hanging NAPI when netcons gets enabled uapi: in6: restore visibility of most IPv6 socket options James Cowgill (1): media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check Jan Beulich (1): compiler: remove __ADDRESSABLE_ASM{_STR,}() again Jan Kara (2): isofs: Verify inode mode when loading from disk udf: Verify partition map count Jann Horn (1): eventpoll: Fix semi-unbounded recursion Jason Wang (1): vhost: fail early when __vhost_add_used() fails Jason Xing (1): ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc Jay Chen (1): usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command Jean-Baptiste Maneyrol (1): iio: imu: inv_icm42600: change invalid data error to -EBUSY Jeff Layton (1): nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Jeongjun Park (1): ptp: prevent possible ABBA deadlock in ptp_clock_freerun() Jerome Brunet (1): PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails Jian Shen (2): net: hns3: fix concurrent setting vlan filter issue net: hns3: fixed vf get max channels bug Jiasheng Jiang (2): iwlwifi: Add missing check for alloc_ordered_workqueue scsi: lpfc: Remove redundant assignment to avoid memory leak Jiaxun Yang (1): MIPS: mm: tlb-r4k: Uniquify TLB entries on init Jiayi Li (2): ACPI: processor: perflib: Fix initial _PPC limit application memstick: Fix deadlock by moving removing flag earlier Jiayuan Chen (3): bpf, sockmap: Fix panic when calling skb_linearize bpf, sockmap: Fix psock incorrectly pointing to sk bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls Jimmy Assarsson (2): can: kvaser_pciefd: Store device channel index can: kvaser_usb: Assign netdev.dev_port based on device channel index Jinjiang Tu (1): mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn Johan Adolfsson (1): leds: leds-lp50xx: Handle reg to get correct multi_index Johan Hovold (9): net: gianfar: fix device leak when querying time stamp info net: dpaa: fix device leak when querying time stamp info usb: gadget: udc: renesas_usb3: fix device leak at unbind usb: dwc3: meson-g12a: fix device leaks at unbind wifi: ath11k: fix source ring-buffer corruption net: enetc: fix device and OF node leak at probe usb: musb: omap2430: fix device leak at unbind usb: dwc3: imx8mp: fix device leak at unbind wifi: ath11k: fix dest ring-buffer corruption when ring is full Johan Korsnes (1): arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX Johannes Berg (2): wifi: cfg80211: reject HTC bit for management frames wifi: mac80211: don't complete management TX on SAE commit John Ernberg (1): net: usbnet: Avoid potential RCU stall on LINK_CHANGE event John Garry (2): scsi: aacraid: Stop using PCI_IRQ_AFFINITY block: avoid possible overflow for chunk_sectors check in blk_stack_limits() Jon Hunter (1): soc/tegra: pmc: Ensure power-domains are in a known state Jonas Rebmann (1): net: fec: allow disable coalescing Jonathan Cameron (1): iio: light: as73211: Ensure buffer holes are zeroed Jonathan Santos (1): iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement Jorge Ramirez-Ortiz (2): media: venus: hfi: explicitly release IRQ during teardown media: venus: protect against spurious interrupts during probe Joseph Huang (1): net: bridge: Do not offload IGMP/MLD messages Judith Mendez (1): mmc: sdhci_am654: Workaround for Errata i2312 Juergen Gross (1): xen/gntdev: remove struct gntdev_copy_batch from stack Junxian Huang (1): RDMA/hns: Fix -Wframe-larger-than issue Juri Lelli (1): sched/deadline: Fix accounting after global limits change Justin Tee (1): scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure Kees Cook (4): sched: Add wrapper for get_wchan() to keep task blocked arm64: Handle KCOV __init vs inline mismatches platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches iommu/amd: Avoid stack buffer overflow from kernel cmdline Kefeng Wang (1): asm-generic: Add memory barrier dma_mb() Kito Xu (veritas501) (1): net: appletalk: Fix use-after-free in AARP proxy probe Konstantin Komarov (1): Revert "fs/ntfs3: Replace inode_trylock with inode_lock" Krishna Kurapati (1): usb: dwc3: qcom: Don't leave BCR asserted Krzysztof Kozlowski (1): ARM: dts: vfxxx: Correctly use two tuples for timer address Kuen-Han Tsai (1): usb: dwc3: Ignore late xferNotReady event to prevent halt timeout Kuninori Morimoto (4): ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed ASoC: soc-dai.c: add missing flag check at snd_soc_pcm_dai_probe() ASoC: soc-dai.h: merge DAI call back functions into ops Kuniyuki Iwashima (3): rpl: Fix use-after-free in rpl_do_srh_inline(). Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() ipv6: mcast: Check inet6_dev->dead under idev->mc_lock in __ipv6_dev_mc_inc(). Kurt Borja (1): platform/x86: think-lmi: Fix kobject cleanup Laurentiu Mihalcea (1): pwm: imx-tpm: Reset counter if CMOD is 0 Len Brown (1): intel_idle: Allow loading ACPI tables for any family Leo Yan (1): perf tests bp_account: Fix leaked file descriptor Leon Romanovsky (1): net/mlx5e: Properly access RCU protected qdisc_sleeping variable Li Zhong (1): ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value Liao Yuanhong (1): ext4: use kmalloc_array() for array space allocation Lifeng Zheng (5): PM / devfreq: Check governor before using governor->name cpufreq: Initialize cpufreq-based frequency-invariance later cpufreq: Init policy->rwsem before it may be possibly used cpufreq: Exit governor when failed to start old governor PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() Lin.Cao (1): drm/sched: Remove optimization that causes hang when killing dependent jobs Lizhi Xu (3): vmci: Prevent the dispatching of uninitialized payloads fs/ntfs3: Add sanity check for file name jfs: truncate good inode pages when hard link is 0 Lorenzo Stoakes (5): selftests/perf_events: Add a mmap() correctness test mm: drop the assumption that VM_SHARED always implies writable mm: update memfd seal write check to include F_SEAL_WRITE mm: reinstate ability to map write-sealed memfd mappings read-only selftests/memfd: add test for mapping write-sealed memfd read-only Lucas De Marchi (1): usb: early: xhci-dbc: Fix early_ioremap leak Lucy Thrun (1): ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control Ludwig Disterhof (1): media: usbtv: Lock resolution while streaming Luiz Augusto von Dentz (3): Bluetooth: SMP: If an unallowed command is received consider it a failure Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU Lukas Wunner (1): PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports Ma Ke (4): bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() dpaa2-eth: Fix device reference count leak in MAC endpoint handling dpaa2-switch: Fix device reference count leak in MAC endpoint handling sunvdc: Balance device refcount in vdc_port_mpgroup_check Maciej W. Rozycki (1): powerpc/eeh: Rely on dev->link_active_reporting Mael GUERIN (1): USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera Manivannan Sadhasivam (1): PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute Maor Gottlieb (1): RDMA/core: Rate limit GID cache warning messages Marco Elver (1): locking/barriers, kcsan: Support generic instrumentation Marek Szyprowski (1): zynq_fpga: use sgtable-based scatterlist wrappers Marek Vasut (1): usb: renesas-xhci: Fix External ROM access timeouts Mario Limonciello (5): usb: xhci: Avoid showing warnings for dying controller usb: xhci: Avoid showing errors during surprise removal drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual drm/amd: Restore cached power limit during resume drm/amd/display: Avoid a NULL pointer dereference Marius Zachmann (1): hwmon: (corsair-cpro) Validate the size of the received input buffer Mark Brown (1): ASoC: hdac_hdmi: Rate limit logging on connection and disconnection Martin Kaistra (1): wifi: rtl8xxxu: Fix RX skb size for aggregation disabled Masahiro Yamada (3): kconfig: qconf: fix ConfigList::updateListAllforAll() kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed() kconfig: gconf: fix potential memory leak in renderer_edited() Masami Hiramatsu (Google) (1): selftests: tracing: Use mutex_unlock for testing glob filter Mat Martineau (1): selftests: mptcp: Initialize variables to quiet gcc 12 warnings Mathias Nyman (5): usb: hub: fix detection of high tier USB3 devices behind suspended hubs usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm usb: hub: Fix flushing of delayed work used for post resume purposes usb: hub: avoid warm port reset during USB3 disconnect usb: hub: Don't try to recover devices lost during warm reset. Matt Johnston (1): net: mctp: Prevent duplicate binds Matthew Wilcox (Oracle) (1): XArray: Add calls to might_alloc() Matthieu Baerts (1): selftests: mptcp: add missing join check Matthieu Baerts (NGI0) (4): mptcp: pm: kernel: flush: do not reset ADD_ADDR limit selftests: mptcp: connect: also cover alt modes selftests: mptcp: connect: also cover checksum selftests: mptcp: pm: check flush doesn't reset limits Maulik Shah (1): pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov Maurizio Lombardi (1): scsi: target: core: Generate correct identifiers for PR OUT transport IDs Meagan Lloyd (2): rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe Mengbiao Xiong (1): crypto: ccp - Fix crash when rebind ccp device for ccp.ko Miao Li (1): usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive Miaoqian Lin (1): most: core: Drop device reference after usage in get_channel() Michael Grzeschik (2): usb: typec: tcpm: allow to use sink in accessory mode usb: typec: tcpm: allow switching to mode accessory to mux properly Michael Zhivich (1): x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode() Michal Schmidt (1): benet: fix BUG when creating VFs Mike Christie (1): vhost-scsi: Fix log flooding with target does not exist errors Mikhail Lobanov (1): wifi: mac80211: check basic rates validity in sta_link_apply_parameters Mikulas Patocka (1): dm-mpath: don't print the "loaded" message if registering fails Mina Almasry (1): netmem: fix skb_frag_address_safe with unreadable skbs Minhong He (1): ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add Myrrh Periwinkle (3): usb: typec: ucsi: Update power_supply on power role change vt: keyboard: Don't process Unicode characters in K_OFF mode vt: defkeymap: Map keycodes above 127 to K_HOLE Namhyung Kim (1): perf sched: Fix memory leaks for evsel->priv in timehist Nathan Chancellor (5): phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in pep_sock_accept() memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS NeilBrown (1): smb/server: avoid deadlock when linking with ReplaceIfExists Niklas Söderlund (1): media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control Nilton Perim Neto (1): Input: xpad - set correct controller type for Acer NGR200 Nirmal Patel (1): PCI: vmd: Assign VMD IRQ domain before enumeration Nuno Sá (1): clk: clk-axi-clkgen: fix fpfd_max frequency for zynq Ojaswin Mujoo (2): ext4: fix fsmap end of range reporting with bigalloc ext4: fix reserved gdt blocks handling in fsmap Olga Kornievskaia (1): NFSv4.2: another fix for listxattr Oliver Neukum (3): usb: net: sierra: check for no status endpoint usb: core: usb_submit_urb: downgrade type check cdc-acm: fix race between initial clearing halt and open Oscar Maes (1): net: ipv4: fix incorrect MTU in broadcast routes Ovidiu Panait (1): hwrng: mtk - handle devm_pm_runtime_enable errors Pagadala Yesu Anjaneyulu (1): wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect Pali Rohár (1): cifs: Fix calling CIFSFindFirst() for root path without msearch Paolo Abeni (4): selftests: net: increase inter-packet timeout in udpgro.sh mptcp: fix error mibs accounting mptcp: introduce MAPPING_BAD_CSUM mptcp: do not queue data on closed subflows Paul Cercueil (1): usb: musb: Add and use inline functions musb_{get,set}_state Paul Chaignon (2): bpf: Reject %p% format string in bprintf-like helpers bpf: Check flow_dissector ctx accesses are aligned Paul E. McKenney (1): rcu: Protect ->defer_qs_iw_pending from data race Paul Kocialkowski (1): clk: sunxi-ng: v3s: Fix de clock definition Pavel Begunkov (1): io_uring: don't use int for ABI Pawan Gupta (1): x86/bugs: Avoid warning when overriding return thunk Peter Oberparleiter (2): s390/hypfs: Avoid unnecessary ioctl registration in debugfs s390/hypfs: Enable limited access during lockdown Peter Robinson (1): reset: brcmstb: Enable reset drivers for ARCH_BCM2835 Peter Ujfalusi (1): ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() Peter Zijlstra (2): x86: Fix __get_wchan() for !STACKTRACE x86: Pin task-stack in __get_wchan() Petr Pavlu (1): module: Restore the moduleparam prefix length check Phillip Lougher (1): squashfs: fix memory leak in squashfs_fill_super Prashant Malani (1): cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag Praveen Kaligineedi (1): gve: Fix stuck TX queue for DQ queue format Pu Lehui (1): tracing: Limit access to parser->buffer when trace_get_user failed Purva Yeshi (1): md: dm-zoned-target: Initialize return variable r to avoid uninitialized use Qi Zheng (1): x86: Fix get_wchan() to support the ORC unwinder Qingfang Deng (1): ppp: fix race conditions in ppp_fill_forward_path Qu Wenruo (2): btrfs: do not allow relocation of partially dropped subvolumes btrfs: populate otime when logging an inode item Quang Le (1): net/packet: fix a race in packet_set_ring() and packet_notifier() RD Babiera (1): usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach Rafael J. Wysocki (4): cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode ACPI: processor: perflib: Move problematic pr->performance check cpuidle: governors: menu: Avoid using invalid recent intervals data PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() Rand Deeb (1): wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() Randy Dunlap (1): parisc: Makefile: fix a typo in palo.conf Ranjan Kumar (4): scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans scsi: mpi3mr: Fix race between config read submit and interrupt completion scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems Remi Pommarel (2): wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" Ricardo Ribalda (3): media: uvcvideo: Do not mark valid metadata as invalid media: venus: vdec: Clamp param smaller than 1fps and bigger than 240. media: venus: venc: Clamp param smaller than 1fps and bigger than 240 Ricky Wu (1): misc: rtsx: usb: Ensure mmc child device is active when card is present Rob Clark (1): drm/msm: use trylock for debugfs Rohit Visavalia (1): clk: xilinx: vcu: unregister pll_post only if registered correctly Rong Zhang (2): platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots fs/ntfs3: correctly create symlink for relative path RubenKelevra (1): fs_context: fix parameter name in infofc() macro Ryan Lee (1): apparmor: ensure WB_HISTORY_SIZE value is a power of 2 Ryan Mann (NDI) (1): USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI Ryusuke Konishi (1): nilfs2: reject invalid file types when reading inodes Sabrina Dubroca (1): udp: also consider secpath when evaluating ipsec use for checksumming Sakari Ailus (1): media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() Salah Triki (1): iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() Sam Shih (1): pinctrl: mediatek: moore: check if pin_desc is valid before use Sarah Newman (1): drbd: add missing kref_get in handle_write_conflicts Sarthak Garg (1): mmc: sdhci-msm: Ensure SD card power isn't ON when card removed Sasha Levin (2): fs: Prevent file descriptor table allocations exceeding INT_MAX media: qcom: camss: cleanup media device allocated resource on error path Sebastian Andrzej Siewior (1): net: phy: Use netif_rx(). Sebastian Ott (1): ACPI: processor: fix acpi_object initialization Sebastian Reichel (2): watchdog: dw_wdt: Fix default timeout usb: typec: fusb302: cache PD RX state Selvarasu Ganesan (1): usb: dwc3: Remove WARN_ON for device endpoint command timeouts Sergey Bashirov (4): pNFS: Fix stripe mapping in block/scsi layout pNFS: Fix disk addr range check in block/scsi layout pNFS: Handle RPC size limit for layoutcommits pNFS: Fix uninited ptr deref in block/scsi layout Sergey Senozhatsky (1): wifi: ath11k: clear initialized flag for deinit-ed srng lists Seunghui Lee (1): scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume Shankari Anand (1): kconfig: nconf: Ensure null termination where strncpy is used Shengjiu Wang (1): ASoC: fsl_sai: replace regmap_write with regmap_update_bits Shiji Yang (1): MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free} Showrya M N (1): scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated Shubhrajyoti Datta (1): EDAC/synopsys: Clear the ECC counters on init Slark Xiao (2): USB: serial: option: add Foxconn T99W640 USB: serial: option: add Foxconn T99W709 Sravan Kumar Gundu (1): fbdev: Fix vmalloc out-of-bounds write in fast_imageblit Stanislav Fomichev (1): vrf: Drop existing dst reference in vrf_ip6_input_dst Stanislaw Gruszka (1): wifi: iwlegacy: Check rate_idx range after addition Stav Aviram (1): net/mlx5: Check device memory pointer before usage Stefan Metzmacher (5): smb: server: remove separate empty_recvmsg_queue smb: server: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already smb: server: let recv_done() consistently call put_recvmsg/smb_direct_disconnect_rdma_connection smb: server: let recv_done() avoid touching data_transfer after cleanup/move smb: client: let recv_done() cleanup before notifying the callers. Steven Rostedt (5): tracing: Add down_write(trace_event_sem) when adding trace event selftests/tracing: Fix false failure of subsystem event test ktest.pl: Prevent recursion of default variable options ftrace: Also allocate and copy hash for reading of filter files tracing: Remove unneeded goto out logic Su Hui (1): usb: xhci: print xhci->xhc_state when queue_command failed Suchit Karunakaran (1): kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c Sven Schnelle (2): s390/time: Use monotonic clock in get_cycles() s390/stp: Remove udelay from stp_sync_clock() Takashi Iwai (4): ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() ALSA: usb-audio: Validate UAC3 power domain descriptors, too ALSA: usb-audio: Validate UAC3 cluster segment descriptors ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation Tao Xue (1): usb: gadget : fix use-after-free in composite_dev_cleanup() Tariq Toukan (1): lib: bitmap: Introduce node-aware alloc API Tetsuo Handa (1): hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() Theodore Ts'o (2): ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr ext4: don't try to clear the orphan_present feature block device is r/o Thomas Fourier (19): pch_uart: Fix dma_sync_sg_for_device() nents value mmc: bcm2835: Fix dma_unmap_sg() nents value mwl8k: Add missing check after DMA map crypto: inside-secure - Fix `dma_unmap_sg()` nents value scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value scsi: mvsas: Fix dma_unmap_sg() nents value scsi: isci: Fix dma_unmap_sg() nents value crypto: keembay - Fix dma_unmap_sg() nents value crypto: img-hash - Fix dma_unmap_sg() nents value dmaengine: mv_xor: Fix missing check after DMA map and missing unmap dmaengine: nbpfaxi: Add missing check after DMA map mtd: rawnand: atmel: Fix dma_mapping_error() address mtd: rawnand: rockchip: Add missing check after DMA map et131x: Add missing check after DMA map net: ag71xx: Add missing check after DMA map (powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`. wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() mtd: rawnand: fsmc: Add missing check after DMA map Thomas Gleixner (3): perf/core: Don't leak AUX buffer refcount on allocation failure perf/core: Exit early on perf_mmap() fail perf/core: Prevent VMA split of buffer mappings Thomas Weißschuh (3): tools/nolibc: define time_t in terms of __kernel_old_time_t MIPS: Don't crash in stack_top() for tasks without ABI or vDSO kbuild: userprogs: use correct linker when mixing clang and GNU ld Thorsten Blum (3): ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() smb: server: Fix extension string in ksmbd_extract_shortname() usb: storage: realtek_cr: Use correct byte order for bcs->Residue Tianxiang Peng (1): x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Tigran Mkrtchyan (1): pNFS/flexfiles: don't attempt pnfs on fatal DS errors Tim Harvey (1): hwmon: (gsc-hwmon) fix fan pwm setpoint show functions Timothy Pearson (5): PCI: pnv_php: Clean up allocated IRQs on unplug PCI: pnv_php: Work around switches with broken presence detection powerpc/eeh: Export eeh_unfreeze_pe() powerpc/eeh: Make EEH driver device hotplug safe PCI: pnv_php: Fix surprise plug detection and recovery Timur Kristóf (6): drm/amd/display: Don't overwrite dce60_clk_mgr drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 drm/amd/display: Fix DP audio DTO1 clock source on DCE 6. drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs drm/amd/display: Don't overclock DCE 6 by 15% Tiwei Bie (1): um: rtc: Avoid shadowing err in uml_rtc_start() Tomas Henzl (1): scsi: mpt3sas: Fix a fw_event memory leak Tomasz Michalec (2): usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present platform/chrome: cros_ec_typec: Defer probe on missing EC parent Trond Myklebust (2): NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() NFS: Fix the setting of capabilities when automounting a new filesystem Tvrtko Ursulin (1): drm/ttm: Respect the shrinker core free target Tzung-Bi Shih (2): platform/chrome: cros_ec: remove unneeded label and if-condition platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() Ulf Hansson (1): mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() Uros Bizjak (1): ucount: fix atomic_long_inc_below() argument type Uwe Kleine-König (6): usb: musb: omap2430: Convert to platform remove callback returning void platform/chrome: cros_ec: Make cros_ec_unregister() return void media: camss: Convert to platform remove callback returning void pwm: mediatek: Implement .apply() callback pwm: mediatek: Handle hardware enable and clock enable separately pwm: mediatek: Fix duty and period setting ValdikSS (1): igc: fix disabling L1.2 PCI-E link substate on I226 on init Vedang Nagar (1): media: venus: Add a check for packet size after reading from shared memory Viacheslav Dubeyko (4): hfs: fix slab-out-of-bounds in hfs_bnode_read() hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() hfs: fix not erasing deleted b-tree node issue Victor Shih (1): mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency Viresh Kumar (1): i2c: virtio: Avoid hang by using interruptible completion wait Waiman Long (2): mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key Wang Liang (2): net: drop UFO packets in udp_rcv_segment() net: bridge: fix soft lockup in br_multicast_query_expired() Wang Zhaolong (2): smb: client: fix use-after-free in cifs_oplock_break smb: client: fix use-after-free in crypt_message when using async crypto Wayne Chang (1): phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode Wei Gao (1): ext2: Handle fiemap on empty files to prevent EINVAL Weitao Wang (1): usb: xhci: Fix slot_id resource race conflict Wen Chen (1): drm/amd/display: Fix 'failed to blank crtc!' Will Deacon (1): KVM: arm64: Fix kernel BUG() due to bad backport of FPSIMD/SVE/SME fix William Liu (4): net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree net/sched: Restrict conditions for adding duplicating netems to qdisc tree net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate Wolfram Sang (3): media: usb: hdpvr: disable zero-length read messages i3c: add missing include to internal header i3c: don't fail if GETHDRCAP is unsupported Xiang Mei (2): net/sched: sch_qfq: Fix race condition on qfq_aggregate net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class Xilin Wu (1): interconnect: qcom: sc7280: Add missing num_links to xm_pcie3_1 node Xin Long (1): sctp: linearize cloned gso packets in sctp_rcv Xinxin Wan (1): ASoC: codecs: rt5640: Retry DEVICE_ID verification Xinyu Liu (2): usb: gadget: configfs: Fix OOB read on empty string write usb: core: config: Prevent OOB read in SS endpoint companion parsing Xiu Jianfeng (1): wifi: iwlwifi: Fix memory leak in iwl_mvm_init() Xiumei Mu (1): selftests: rtnetlink.sh: remove esp4_offload after test Xu Yang (4): usb: chipidea: add USB PHY event usb: phy: mxs: disconnect line when USB charger is attached net: usb: asix_devices: add phy_mask for ax88772 mdio bus usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test Xu Yilun (1): fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable() Yajun Deng (1): i40e: Add rx_missed_errors for buffer exhaustion Yang Xiwen (1): i2c: qup: jump out of the loop in case of timeout Yangtao Li (1): hfsplus: remove mutex_lock check in hfsplus_free_extents Yann E. MORIN (1): kconfig: lxdialog: fix 'space' to (de)select options Yazen Ghannam (1): x86/mce/amd: Add default names for MCA banks and blocks Ye Bin (1): fs/buffer: fix use-after-free when call bh_read() helper Yonglong Liu (1): net: hns3: disable interrupt when ptp init failed Youngjun Lee (1): media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() Youssef Samir (1): bus: mhi: host: Detect events pointing to unexpected TREs Yu Kuai (1): nvme: fix misaccounting of nvme-mpath inflight I/O Yuan Chen (2): bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure pinctrl: sunxi: Fix memory leak on krealloc failure Yue Haibing (1): ipv6: mcast: Delay put pmc->idev in mld_del_delrec() Yuichiro Tsuji (1): net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization Yun Lu (2): af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() af_packet: fix soft lockup issue caused by tpacket_snd() Yunhui Cui (1): serial: 8250: fix panic due to PSLVERR Yury Norov [NVIDIA] (1): RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() Zenm Chen (1): USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles Zhang Lixu (2): iio: hid-sensor-prox: Restore lost scale assignments iio: hid-sensor-prox: Fix incorrect OFFSET calculation Zhang Rui (1): powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed Zhang Shurong (1): media: ov2659: Fix memory leaks in ov2659_probe() Zhang Yi (1): ext4: fix hole length calculation overflow in non-extent inodes Zheng Yu (1): jfs: fix metapage reference count leak in dbAllocCtl Zhiqi Song (1): crypto: hisilicon/hpre - fix dma unmap sequence Zhu Qiyu (1): ACPI: PRM: Reduce unnecessary printing to avoid user confusion Ziyan Fu (1): watchdog: iTCO_wdt: Report error if timeout configuration fails chenchangcheng (1): media: uvcvideo: Fix bandwidth issue for Alcor camera fangzhong.zhou (1): i2c: Force DLL0945 touchpad i2c freq to 100khz jackysliu (1): scsi: bfa: Double-free fix tuhaowen (1): PM: sleep: console: Fix the black screen issue xin.guo (1): tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range zhangjianrong (1): net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() Álvaro Fernández Rojas (5): net: dsa: b53: fix b53_imp_vlan_setup for BCM5325 net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325 net: dsa: b53: prevent DIS_LEARNING access on BCM5325 net: dsa: b53: prevent SWITCH_CTRL access on BCM5325 net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325

2 weeks, 4 days

1
1
0 0

Linux 5.10.241

by Greg Kroah-Hartman

I'm announcing the release of the 5.10.241 kernel. All users of the 5.10 kernel series must upgrade. The updated 5.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/filesystems/f2fs.rst | 6 Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 Documentation/memory-barriers.txt | 11 Makefile | 4 arch/arm/Makefile | 2 arch/arm/boot/dts/imx6ul-kontron-n6x1x-s.dtsi | 1 arch/arm/boot/dts/vfxxx.dtsi | 2 arch/arm/mach-rockchip/platsmp.c | 15 arch/arm/mach-tegra/reset.c | 2 arch/arm64/boot/dts/freescale/imx8mm-beacon-som.dtsi | 2 arch/arm64/include/asm/acpi.h | 2 arch/arm64/mm/ptdump_debugfs.c | 3 arch/m68k/Kconfig.debug | 2 arch/m68k/kernel/early_printk.c | 42 - arch/m68k/kernel/head.S | 39 - arch/mips/crypto/chacha-core.S | 20 arch/mips/include/asm/vpe.h | 8 arch/mips/kernel/process.c | 16 arch/mips/mm/tlb-r4k.c | 56 + arch/parisc/Makefile | 2 arch/powerpc/configs/ppc6xx_defconfig | 1 arch/powerpc/kernel/eeh.c | 1 arch/powerpc/kernel/eeh_driver.c | 48 + arch/powerpc/kernel/eeh_pe.c | 11 arch/powerpc/kernel/pci-hotplug.c | 3 arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 arch/s390/hypfs/hypfs_dbfs.c | 19 arch/s390/include/asm/timex.h | 13 arch/s390/kernel/time.c | 2 arch/s390/mm/dump_pagetables.c | 2 arch/sh/Makefile | 10 arch/sh/boot/compressed/Makefile | 4 arch/sh/boot/romimage/Makefile | 4 arch/x86/include/asm/xen/hypercall.h | 6 arch/x86/kernel/cpu/amd.c | 2 arch/x86/kernel/cpu/bugs.c | 5 arch/x86/kernel/cpu/mce/amd.c | 13 arch/x86/mm/extable.c | 5 block/bio.c | 2 block/blk-settings.c | 2 drivers/acpi/acpi_processor.c | 2 drivers/acpi/apei/ghes.c | 2 drivers/acpi/processor_idle.c | 4 drivers/acpi/processor_perflib.c | 11 drivers/ata/Kconfig | 35 - drivers/ata/libata-sata.c | 5 drivers/ata/libata-scsi.c | 20 drivers/base/power/domain_governor.c | 18 drivers/base/power/runtime.c | 5 drivers/block/drbd/drbd_receiver.c | 6 drivers/block/sunvdc.c | 4 drivers/bus/mhi/host/boot.c | 8 drivers/bus/mhi/host/internal.h | 4 drivers/char/hw_random/mtk-rng.c | 4 drivers/char/ipmi/ipmi_msghandler.c | 8 drivers/char/ipmi/ipmi_watchdog.c | 59 +- drivers/clk/davinci/psc.c | 5 drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3 drivers/cpufreq/armada-8k-cpufreq.c | 2 drivers/cpufreq/cppc_cpufreq.c | 2 drivers/cpufreq/cpufreq.c | 29 drivers/cpuidle/governors/menu.c | 21 drivers/crypto/ccp/ccp-debugfs.c | 3 drivers/crypto/img-hash.c | 2 drivers/crypto/inside-secure/safexcel_hash.c | 8 drivers/crypto/marvell/cesa/cipher.c | 4 drivers/crypto/marvell/cesa/hash.c | 5 drivers/crypto/qat/qat_common/adf_transport_debug.c | 4 drivers/devfreq/governor_userspace.c | 6 drivers/dma-buf/dma-resv.c | 5 drivers/dma/mv_xor.c | 21 drivers/dma/nbpfaxi.c | 24 drivers/fpga/zynq-fpga.c | 10 drivers/gpio/gpio-rcar.c | 20 drivers/gpio/gpio-tps65912.c | 7 drivers/gpio/gpio-wcd934x.c | 7 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 6 drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 - drivers/gpu/drm/amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 - drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2 drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6 drivers/gpu/drm/drm_dp_helper.c | 2 drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9 drivers/gpu/drm/scheduler/sched_entity.c | 23 drivers/gpu/drm/ttm/ttm_resource.c | 3 drivers/hid/hid-core.c | 19 drivers/hwmon/corsair-cpro.c | 5 drivers/hwmon/gsc-hwmon.c | 4 drivers/i2c/busses/i2c-qup.c | 4 drivers/i2c/busses/i2c-stm32.c | 8 drivers/i2c/busses/i2c-stm32f7.c | 4 drivers/i2c/i2c-core-acpi.c | 1 drivers/i3c/internals.h | 1 drivers/i3c/master.c | 2 drivers/idle/intel_idle.c | 2 drivers/iio/adc/ad7768-1.c | 23 drivers/iio/adc/ad_sigma_delta.c | 4 drivers/iio/adc/max1363.c | 43 - drivers/iio/adc/stm32-adc-core.c | 7 drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 6 drivers/iio/light/as73211.c | 2 drivers/iio/light/hid-sensor-prox.c | 3 drivers/iio/pressure/bmp280-core.c | 9 drivers/iio/proximity/isl29501.c | 16 drivers/infiniband/core/cache.c | 4 drivers/infiniband/core/nldev.c | 22 drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 drivers/infiniband/hw/hfi1/affinity.c | 44 - drivers/infiniband/sw/rxe/rxe_comp.c | 16 drivers/input/joystick/xpad.c | 2 drivers/iommu/amd/init.c | 4 drivers/leds/leds-lp50xx.c | 11 drivers/md/dm-core.h | 52 + drivers/md/dm-historical-service-time.c | 4 drivers/md/dm-queue-length.c | 4 drivers/md/dm-round-robin.c | 4 drivers/md/dm-rq.c | 8 drivers/md/dm-service-time.c | 4 drivers/md/dm-zoned-target.c | 2 drivers/md/dm.c | 59 -- drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 drivers/media/dvb-frontends/dib7000p.c | 8 drivers/media/i2c/hi556.c | 26 drivers/media/i2c/ov2659.c | 3 drivers/media/i2c/tc358743.c | 86 +- drivers/media/platform/qcom/camss/camss.c | 4 drivers/media/platform/qcom/venus/core.c | 21 drivers/media/platform/qcom/venus/core.h | 2 drivers/media/platform/qcom/venus/dbgfs.c | 9 drivers/media/platform/qcom/venus/dbgfs.h | 13 drivers/media/platform/qcom/venus/hfi_venus.c | 14 drivers/media/platform/qcom/venus/vdec.c | 5 drivers/media/usb/gspca/vicam.c | 10 drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 drivers/media/usb/usbtv/usbtv-video.c | 4 drivers/media/usb/uvc/uvc_driver.c | 3 drivers/media/usb/uvc/uvc_video.c | 21 drivers/media/v4l2-core/v4l2-ctrls.c | 37 + drivers/memstick/core/memstick.c | 3 drivers/memstick/host/rtsx_usb_ms.c | 1 drivers/misc/cardreader/rtsx_usb.c | 16 drivers/mmc/host/bcm2835.c | 3 drivers/mmc/host/rtsx_usb_sdmmc.c | 4 drivers/mmc/host/sdhci-msm.c | 14 drivers/mmc/host/sdhci-pci-core.c | 3 drivers/mmc/host/sdhci-pci-gli.c | 4 drivers/mmc/host/sdhci_am654.c | 9 drivers/most/core.c | 2 drivers/mtd/ftl.c | 2 drivers/mtd/nand/raw/atmel/nand-controller.c | 2 drivers/mtd/nand/raw/atmel/pmecc.c | 6 drivers/mtd/nand/raw/fsmc_nand.c | 2 drivers/net/can/kvaser_pciefd.c | 1 drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1 drivers/net/dsa/b53/b53_common.c | 54 + drivers/net/dsa/b53/b53_regs.h | 2 drivers/net/ethernet/agere/et131x.c | 36 + drivers/net/ethernet/atheros/ag71xx.c | 9 drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 drivers/net/ethernet/emulex/benet/be_cmds.c | 2 drivers/net/ethernet/emulex/benet/be_main.c | 8 drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 66 +- drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.h | 13 drivers/net/ethernet/freescale/dpaa2/dpaa2-ethtool.c | 16 drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c | 95 +-- drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.h | 5 drivers/net/ethernet/freescale/fec_main.c | 34 - drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 drivers/net/ethernet/google/gve/gve_adminq.c | 1 drivers/net/ethernet/google/gve/gve_main.c | 67 +- drivers/net/ethernet/hisilicon/hns3/hnae3.h | 17 drivers/net/ethernet/hisilicon/hns3/hns3_debugfs.c | 3 drivers/net/ethernet/hisilicon/hns3/hns3_enet.c | 33 - drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_debugfs.c | 2 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 4 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_mbx.c | 2 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c | 49 - drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 25 drivers/net/ethernet/intel/e1000e/defines.h | 3 drivers/net/ethernet/intel/e1000e/ich8lan.c | 2 drivers/net/ethernet/intel/e1000e/nvm.c | 6 drivers/net/ethernet/intel/fm10k/fm10k.h | 3 drivers/net/ethernet/intel/i40e/i40e.h | 2 drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 3 drivers/net/ethernet/intel/i40e/i40e_main.c | 18 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 4 drivers/net/ethernet/intel/ice/ice_flex_pipe.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3 drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 drivers/net/ethernet/xilinx/xilinx_emaclite.c | 2 drivers/net/hyperv/hyperv_net.h | 3 drivers/net/hyperv/netvsc_drv.c | 29 drivers/net/phy/mscc/mscc_ptp.c | 1 drivers/net/phy/mscc/mscc_ptp.h | 1 drivers/net/phy/smsc.c | 1 drivers/net/ppp/pptp.c | 18 drivers/net/usb/sierra_net.c | 4 drivers/net/usb/usbnet.c | 11 drivers/net/virtio_net.c | 38 + drivers/net/vrf.c | 2 drivers/net/wireless/ath/ath11k/hal.c | 25 drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 8 drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11 drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4 drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 drivers/net/wireless/marvell/mwl8k.c | 4 drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3 drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2 drivers/net/wireless/realtek/rtlwifi/pci.c | 23 drivers/net/xen-netfront.c | 5 drivers/pci/controller/pcie-rockchip-host.c | 2 drivers/pci/endpoint/pci-ep-cfs.c | 1 drivers/pci/endpoint/pci-epf-core.c | 2 drivers/pci/hotplug/pnv_php.c | 233 +++++++ drivers/pci/pci-acpi.c | 4 drivers/pci/pci.c | 8 drivers/pci/probe.c | 2 drivers/phy/tegra/xusb-tegra186.c | 59 +- drivers/pinctrl/stm32/pinctrl-stm32.c | 1 drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11 drivers/platform/chrome/cros_ec.c | 23 drivers/platform/chrome/cros_ec.h | 2 drivers/platform/chrome/cros_ec_i2c.c | 4 drivers/platform/chrome/cros_ec_lpc.c | 4 drivers/platform/chrome/cros_ec_spi.c | 4 drivers/platform/chrome/cros_ec_typec.c | 4 drivers/platform/x86/thinkpad_acpi.c | 4 drivers/power/supply/max14577_charger.c | 4 drivers/pps/pps.c | 11 drivers/ptp/ptp_clock.c | 13 drivers/pwm/pwm-imx-tpm.c | 9 drivers/pwm/pwm-mediatek.c | 78 +- drivers/regulator/core.c | 1 drivers/reset/Kconfig | 10 drivers/rtc/rtc-ds1307.c | 17 drivers/rtc/rtc-hym8563.c | 2 drivers/rtc/rtc-pcf85063.c | 2 drivers/rtc/rtc-pcf8563.c | 2 drivers/rtc/rtc-rv3028.c | 2 drivers/scsi/aacraid/comminit.c | 3 drivers/scsi/bfa/bfad_im.c | 1 drivers/scsi/ibmvscsi_tgt/libsrp.c | 6 drivers/scsi/isci/request.c | 2 drivers/scsi/libiscsi.c | 3 drivers/scsi/lpfc/lpfc_debugfs.c | 1 drivers/scsi/lpfc/lpfc_scsi.c | 4 drivers/scsi/lpfc/lpfc_sli.c | 8 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19 drivers/scsi/mvsas/mv_sas.c | 4 drivers/scsi/pm8001/pm8001_init.c | 11 drivers/scsi/pm8001/pm8001_sas.h | 1 drivers/scsi/qla4xxx/ql4_os.c | 2 drivers/scsi/scsi_scan.c | 2 drivers/scsi/scsi_transport_sas.c | 60 +- drivers/scsi/ufs/ufs-exynos.c | 4 drivers/scsi/ufs/ufshcd.c | 10 drivers/soc/aspeed/aspeed-lpc-snoop.c | 13 drivers/soc/qcom/mdt_loader.c | 41 + drivers/soc/tegra/pmc.c | 51 - drivers/soundwire/stream.c | 2 drivers/staging/comedi/comedi_fops.c | 61 +- drivers/staging/comedi/comedi_internal.h | 1 drivers/staging/comedi/drivers.c | 30 - drivers/staging/comedi/drivers/aio_iiro_16.c | 3 drivers/staging/comedi/drivers/comedi_test.c | 2 drivers/staging/comedi/drivers/das16m1.c | 3 drivers/staging/comedi/drivers/das6402.c | 3 drivers/staging/comedi/drivers/pcl812.c | 3 drivers/staging/fbtft/fbtft-core.c | 1 drivers/staging/media/imx/imx-media-csc-scaler.c | 2 drivers/staging/nvec/nvec_power.c | 2 drivers/thermal/thermal_sysfs.c | 9 drivers/thunderbolt/domain.c | 2 drivers/thunderbolt/switch.c | 2 drivers/tty/serial/8250/8250_port.c | 3 drivers/tty/serial/pch_uart.c | 2 drivers/tty/vt/defkeymap.c_shipped | 112 +++ drivers/tty/vt/keyboard.c | 2 drivers/uio/uio_hv_generic.c | 4 drivers/usb/atm/cxacru.c | 106 +-- drivers/usb/chipidea/ci.h | 18 drivers/usb/chipidea/udc.c | 10 drivers/usb/class/cdc-acm.c | 13 drivers/usb/core/config.c | 10 drivers/usb/core/hub.c | 60 +- drivers/usb/core/hub.h | 1 drivers/usb/core/quirks.c | 1 drivers/usb/core/urb.c | 2 drivers/usb/dwc3/core.c | 10 drivers/usb/dwc3/dwc3-meson-g12a.c | 3 drivers/usb/dwc3/dwc3-qcom.c | 7 drivers/usb/dwc3/gadget.c | 14 drivers/usb/early/xhci-dbc.c | 4 drivers/usb/gadget/composite.c | 5 drivers/usb/gadget/configfs.c | 2 drivers/usb/gadget/udc/renesas_usb3.c | 1 drivers/usb/host/xhci-hub.c | 3 drivers/usb/host/xhci-mem.c | 24 drivers/usb/host/xhci-pci-renesas.c | 7 drivers/usb/host/xhci-plat.c | 3 drivers/usb/host/xhci-ring.c | 19 drivers/usb/host/xhci.c | 24 drivers/usb/host/xhci.h | 3 drivers/usb/musb/musb_core.c | 62 +- drivers/usb/musb/musb_core.h | 11 drivers/usb/musb/musb_debugfs.c | 6 drivers/usb/musb/musb_gadget.c | 30 - drivers/usb/musb/musb_host.c | 6 drivers/usb/musb/musb_virthub.c | 18 drivers/usb/musb/omap2430.c | 10 drivers/usb/phy/phy-mxs-usb.c | 4 drivers/usb/serial/ftdi_sio.c | 2 drivers/usb/serial/ftdi_sio_ids.h | 3 drivers/usb/serial/option.c | 7 drivers/usb/storage/realtek_cr.c | 2 drivers/usb/storage/unusual_devs.h | 29 drivers/usb/typec/mux/intel_pmc_mux.c | 2 drivers/usb/typec/tcpm/fusb302.c | 8 drivers/usb/typec/ucsi/psy.c | 2 drivers/usb/typec/ucsi/ucsi.c | 1 drivers/usb/typec/ucsi/ucsi.h | 7 drivers/vhost/scsi.c | 4 drivers/vhost/vhost.c | 3 drivers/video/console/vgacon.c | 2 drivers/video/fbdev/imxfb.c | 9 drivers/watchdog/dw_wdt.c | 2 drivers/watchdog/ziirave_wdt.c | 3 drivers/xen/gntdev-common.h | 4 drivers/xen/gntdev.c | 71 +- fs/btrfs/ctree.h | 2 fs/btrfs/inode.c | 4 fs/btrfs/ioctl.c | 2 fs/btrfs/qgroup.c | 2 fs/btrfs/send.c | 4 fs/btrfs/transaction.c | 2 fs/btrfs/tree-log.c | 53 + fs/buffer.c | 2 fs/cifs/cifssmb.c | 10 fs/cifs/smb2ops.c | 7 fs/cifs/smbdirect.c | 14 fs/ext4/fsmap.c | 23 fs/ext4/indirect.c | 4 fs/ext4/inline.c | 19 fs/ext4/inode.c | 2 fs/f2fs/f2fs.h | 2 fs/f2fs/inode.c | 28 fs/f2fs/node.c | 10 fs/file.c | 83 +- fs/hfs/bnode.c | 93 +++ fs/hfsplus/bnode.c | 92 +++ fs/hfsplus/extents.c | 3 fs/hfsplus/unicode.c | 7 fs/hfsplus/xattr.c | 6 fs/hugetlbfs/inode.c | 2 fs/isofs/inode.c | 9 fs/jbd2/checkpoint.c | 1 fs/jfs/file.c | 3 fs/jfs/inode.c | 2 fs/jfs/jfs_dmap.c | 10 fs/libfs.c | 4 fs/namespace.c | 89 ++- fs/nfs/blocklayout/blocklayout.c | 4 fs/nfs/blocklayout/dev.c | 5 fs/nfs/blocklayout/extent_tree.c | 20 fs/nfs/client.c | 46 + fs/nfs/export.c | 11 fs/nfs/flexfilelayout/flexfilelayout.c | 32 - fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6 fs/nfs/inode.c | 6 fs/nfs/internal.h | 10 fs/nfs/nfs4client.c | 15 fs/nfs/nfs4proc.c | 46 - fs/nfs/pnfs.c | 11 fs/nfsd/nfs4state.c | 34 - fs/nilfs2/inode.c | 9 fs/orangefs/orangefs-debugfs.c | 8 fs/squashfs/super.c | 14 fs/udf/super.c | 13 include/asm-generic/barrier.h | 33 + include/linux/blk_types.h | 8 include/linux/compiler.h | 8 include/linux/cpuset.h | 17 include/linux/fs.h | 4 include/linux/fs_context.h | 2 include/linux/if_vlan.h | 6 include/linux/memfd.h | 14 include/linux/minmax.h | 17 include/linux/mm.h | 80 +- include/linux/mmzone.h | 22 include/linux/moduleparam.h | 5 include/linux/pci.h | 1 include/linux/platform_data/cros_ec_proto.h | 4 include/linux/pps_kernel.h | 1 include/linux/sched/mm.h | 16 include/linux/skbuff.h | 31 + include/linux/usb/usbnet.h | 1 include/linux/xarray.h | 15 include/net/cfg80211.h | 2 include/net/tc_act/tc_ctinfo.h | 6 include/net/udp.h | 24 include/uapi/linux/in6.h | 4 include/uapi/linux/io_uring.h | 2 include/uapi/linux/mount.h | 3 kernel/cgroup/cpuset.c | 23 kernel/events/core.c | 20 kernel/fork.c | 2 kernel/power/console.c | 7 kernel/rcu/tree_plugin.h | 3 kernel/trace/ftrace.c | 19 kernel/trace/trace.c | 33 - kernel/trace/trace.h | 8 kernel/trace/trace_events.c | 5 mm/filemap.c | 2 mm/hmm.c | 2 mm/kmemleak.c | 10 mm/madvise.c | 2 mm/memfd.c | 2 mm/mmap.c | 10 mm/page_alloc.c | 13 mm/ptdump.c | 2 mm/shmem.c | 2 mm/slab.h | 5 mm/slob.c | 6 mm/vmalloc.c | 16 mm/zsmalloc.c | 6 net/8021q/vlan.c | 42 + net/8021q/vlan.h | 1 net/appletalk/aarp.c | 42 + net/appletalk/ddp.c | 7 net/bluetooth/l2cap_core.c | 26 net/bluetooth/l2cap_sock.c | 3 net/bluetooth/smp.c | 21 net/bluetooth/smp.h | 1 net/bridge/netfilter/nft_reject_bridge.c | 60 -- net/caif/cfctrl.c | 294 ++++------ net/core/filter.c | 3 net/core/netpoll.c | 7 net/hsr/hsr_slave.c | 8 net/ipv4/netfilter/nf_reject_ipv4.c | 4 net/ipv4/route.c | 1 net/ipv4/tcp_input.c | 3 net/ipv4/udp_offload.c | 2 net/ipv6/ip6_offload.c | 4 net/ipv6/netfilter/nf_reject_ipv6.c | 4 net/ipv6/rpl_iptunnel.c | 8 net/ipv6/seg6_hmac.c | 3 net/mac80211/tx.c | 7 net/ncsi/internal.h | 2 net/ncsi/ncsi-rsp.c | 1 net/netfilter/nf_conntrack_netlink.c | 24 net/netfilter/nf_tables_api.c | 4 net/netfilter/nft_reject.c | 12 net/netfilter/nft_reject_inet.c | 68 -- net/netfilter/xt_nfacct.c | 4 net/netlink/af_netlink.c | 2 net/packet/af_packet.c | 39 - net/phonet/pep.c | 2 net/sched/act_ctinfo.c | 19 net/sched/sch_cake.c | 14 net/sched/sch_codel.c | 5 net/sched/sch_drr.c | 7 net/sched/sch_ets.c | 46 - net/sched/sch_fq_codel.c | 6 net/sched/sch_hfsc.c | 8 net/sched/sch_htb.c | 19 net/sched/sch_netem.c | 40 + net/sched/sch_qfq.c | 40 - net/sctp/input.c | 2 net/tls/tls_sw.c | 13 net/vmw_vsock/af_vsock.c | 3 net/wireless/mlme.c | 3 samples/mei/mei-amt-version.c | 2 scripts/kconfig/gconf.c | 8 scripts/kconfig/lxdialog/inputbox.c | 6 scripts/kconfig/lxdialog/menubox.c | 2 scripts/kconfig/nconf.c | 2 scripts/kconfig/nconf.gui.c | 1 scripts/kconfig/qconf.cc | 2 security/apparmor/include/match.h | 3 security/apparmor/match.c | 1 security/inode.c | 2 sound/core/pcm_native.c | 19 sound/pci/hda/patch_ca0132.c | 7 sound/pci/hda/patch_hdmi.c | 19 sound/pci/hda/patch_realtek.c | 3 sound/pci/intel8x0.c | 2 sound/soc/codecs/hdac_hdmi.c | 10 sound/soc/codecs/rt5640.c | 5 sound/soc/fsl/fsl_sai.c | 30 - sound/soc/intel/boards/Kconfig | 2 sound/soc/soc-core.c | 3 sound/soc/soc-dai.c | 19 sound/soc/soc-dapm.c | 4 sound/soc/soc-ops.c | 26 sound/usb/mixer_quirks.c | 14 sound/usb/mixer_scarlett_gen2.c | 8 sound/usb/stream.c | 25 sound/usb/validate.c | 14 tools/bpf/bpftool/net.c | 15 tools/include/linux/sched/mm.h | 2 tools/perf/tests/bp_account.c | 1 tools/power/cpupower/utils/idle_monitor/mperf_monitor.c | 4 tools/testing/ktest/ktest.pl | 5 tools/testing/selftests/ftrace/test.d/event/subsystem-enable.tc | 28 tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc | 2 tools/testing/selftests/futex/include/futextest.h | 11 tools/testing/selftests/memfd/memfd_test.c | 43 + tools/testing/selftests/net/mptcp/Makefile | 3 tools/testing/selftests/net/mptcp/mptcp_connect_mmap.sh | 5 tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 tools/testing/selftests/net/rtnetlink.sh | 6 523 files changed, 4755 insertions(+), 2125 deletions(-) Aaron Kling (1): ARM: tegra: Use I/O memcpy to write to IRAM Abdun Nihaal (1): staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() Adam Ford (1): arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed Ajish Koshy (1): scsi: pm80xx: Fix memory leak during rmmod Al Viro (4): better lockdep annotations for simple_recursive_removal() securityfs: don't pin dentries twice, once is enough... use uniform permission checks for all mount propagation changes alloc_fdtable(): change calling conventions. Alessandro Carminati (1): regulator: core: fix NULL dereference on unbind due to stale coupling data Alex Guo (2): media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar Alexander Gordeev (1): mm/vmalloc: leave lazy MMU mode on PTE mapping error Alexander Kochetkov (1): ARM: rockchip: fix kernel hang during smp initialization Alexander Wilhelm (1): bus: mhi: host: Fix endianness of BHI vector table Alok Tiwari (7): thunderbolt: Fix bit masking in tb_dp_port_set_hops() net: emaclite: Fix missing pointer increment in aligned_read() staging: nvec: Fix incorrect null termination of battery manufacturer ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 be2net: Use correct byte order and format string for TCP seq and ack_seq net: thunderx: Fix format-truncation warning in bgx_acpi_match_id() gve: Return error for unknown admin queue command Amir Mohammad Jahangirzad (1): fs/orangefs: use snprintf() instead of sprintf() Ammar Faizi (1): net: usbnet: Fix the wrong netif_carrier_on() call Anantha Prabhu (1): RDMA/bnxt_re: Fix to initialize the PBL array Andreas Dilger (1): ext4: check fast symlink for ea_inode correctly Andrew Jeffery (2): soc: aspeed: lpc-snoop: Cleanup resources in stack-order soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Andrew Lunn (1): net: appletalk: fix kerneldoc warnings André Draszik (1): scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE Andy Shevchenko (2): mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery Documentation: ACPI: Fix parent device references Andy Yan (1): drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed Anna Schumaker (1): NFS: Create an nfs4_server_set_init_caps() function Annette Kobou (1): ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface Anshuman Khandual (1): mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Anthoine Bourgeois (1): xen/netfront: Fix TX response spurious interrupts Arnaud Lecomte (1): jfs: upper bound check of tree index in dbAllocAG Arnd Bergmann (5): ethernet: intel: fix building with large NR_CPUS ASoC: Intel: fix SND_SOC_SOF dependencies ASoC: ops: dynamically allocate struct snd_ctl_elem_value caif: reduce stack size, again RDMA/core: reduce stack using in nldev_stat_get_doit() Arun Raghavan (1): ASoC: fsl_sai: Force a software reset when starting in consumer mode Avraham Stern (1): wifi: iwlwifi: mvm: fix scan request validation Balamanikandan Gunasundar (1): mtd: rawnand: atmel: set pmecc data setup time Baokun Li (1): jbd2: prevent softlockup in jbd2_log_do_checkpoint() Bard Liao (1): soundwire: stream: restore params when prepare ports fail Bartosz Golaszewski (2): gpio: wcd934x: check the return value of regmap_update_bits() gpio: tps65912: check the return value of regmap_update_bits() Ben Hutchings (1): sh: Do not use hyphen in exported variable name Benjamin Coddington (1): NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY Benjamin Tissoires (3): HID: core: ensure the allocated report buffer can contain the reserved report ID HID: core: ensure __hid_request reserves the report ID as the first byte HID: core: do not bypass hid_hw_raw_request Benson Leung (1): usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default Bingbu Cao (1): media: hi556: correct the test pattern configuration Bjorn Andersson (1): soc: qcom: mdt_loader: Ensure we don't read past the ELF header Brahmajit Das (1): samples: mei: Fix building on musl libc Breno Leitao (3): ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path ipmi: Use dev_warn_ratelimited() for incorrect message warnings mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock Brian Masney (5): rtc: ds1307: fix incorrect maximum clock rate handling rtc: hym8563: fix incorrect maximum clock rate handling rtc: pcf85063: fix incorrect maximum clock rate handling rtc: pcf8563: fix incorrect maximum clock rate handling rtc: rv3028: fix incorrect maximum clock rate handling Buday Csaba (1): net: phy: smsc: add proper reset flags for LAN8710A Budimir Markovic (1): vsock: Do not allow binding to VMADDR_PORT_ANY Bui Quang Minh (1): virtio-net: ensure the received length does not exceed allocated size Chao Yu (6): f2fs: doc: fix wrong quota mount option description f2fs: fix to avoid UAF in f2fs_sync_inode_meta() f2fs: fix to avoid panic in f2fs_evict_inode f2fs: fix to avoid out-of-boundary access in devs.path f2fs: fix to do sanity check on ino and xnid f2fs: fix to avoid out-of-boundary access in dnode page Charles Han (1): power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set Cheick Traore (1): pinctrl: stm32: Manage irq affinity settings Chen Ni (1): iio: adc: stm32-adc: Fix race in installing chained IRQ handler Chen-Yu Tsai (1): platform/chrome: cros_ec: Use per-device lockdep key Chenyuan Yang (1): fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref Christophe JAILLET (1): uio_hv_generic: Fix another memory leak in error handling paths Christophe Leroy (1): ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop Clément Le Goffic (1): i2c: stm32: fix the device used for the DMA map Cong Wang (6): sch_htb: make htb_qlen_notify() idempotent sch_drr: make drr_qlen_notify() idempotent sch_hfsc: make hfsc_qlen_notify() idempotent sch_qfq: make qfq_qlen_notify() idempotent codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() sch_htb: make htb_deactivate() idempotent Corey Minyard (1): ipmi: Fix strcpy source and destination the same Cristian Ciocaltea (1): ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros Cynthia Huang (1): selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t Dai Ngo (1): NFSD: detect mismatch of file handle and delegation stateid in OPEN op Damien Le Moal (8): ata: libata-sata: Disallow changing LPM state if not supported scsi: mpt3sas: Correctly handle ATA device errors ata: libata-scsi: Fix ata_to_sense_error() status handling PCI: endpoint: Fix configfs group list head handling PCI: endpoint: Fix configfs group removal on driver teardown block: Make REQ_OP_ZONE_FINISH a write operation ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig dm: rearrange core declarations for extended use from dm-zone.c Dan Carpenter (7): dmaengine: nbpfaxi: Fix memory corruption in probe() watchdog: ziirave_wdt: check record length in ziirave_firm_verify() fs/orangefs: Allow 2 more characters in do_c_string() cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() media: gspca: Add bounds checking to firmware parser scsi: qla4xxx: Prevent a potential error pointer dereference ALSA: usb-audio: Fix size validation in convert_chmap_v3() Daniel Dadap (1): ALSA: hda: Add missing NVIDIA HDA codec IDs Daniel Vetter (1): mm: extract might_alloc() debug check Daniil Dulov (1): wifi: rtl818x: Kill URBs before clearing tx status queue Dave Hansen (1): x86/fpu: Delay instruction pointer fixup until after warning Dave Stevenson (3): media: tc358743: Check I2C succeeded during probe media: tc358743: Return an appropriate colorspace from tc358743_set_fmt media: tc358743: Increase FIFO trigger level to 374 David Laight (1): minmax: add umin(a, b) and umax(a, b) David Lechner (2): iio: proximity: isl29501: fix buffered read on big-endian systems iio: adc: ad_sigma_delta: change to buffer predisable Davide Caratti (2): net/sched: sch_ets: properly init all active DRR list handles net/sched: ets: use old 'nbands' while purging unused classes Dawid Rezler (1): ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx Denis OSTERLAND-HEIM (1): pps: fix poll support Dennis Chen (1): i40e: report VF tx_dropped with tx_errors instead of tx_discards Dikshita Agarwal (1): media: venus: Add support for SSR trigger using fault injection Dong Chenchen (1): net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Drew Hamilton (1): usb: musb: fix gadget state on disconnect Edson Juliano Drosdeck (1): mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models Edward Adam Davis (1): jfs: Regular file corruption check Emily Deng (1): drm/ttm: Should to return the evict error Eric Biggers (2): thunderbolt: Fix copy+paste error in match_service_id() lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap Eric Dumazet (5): net_sched: act_ctinfo: use atomic64_t for three counters pptp: ensure minimal skb length in pptp_xmit() ipv6: reject malicious packets in ipv6_gso_segment() pptp: fix pptp_xmit() error path net_sched: sch_ets: implement lockless ets_dump() Evgeniy Harchenko (1): ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 Fabio Estevam (2): iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] iio: adc: max1363: Reorder mode_list[] entries Fabio Porcedda (1): USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition Fedor Pchelkin (3): drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value netfilter: nf_tables: adjust lockdep assertions handling netlink: avoid infinite retry looping in netlink_unicast() Feng Tang (1): mm/page_alloc: detect allocation forbidden by cpuset and bail out early Filipe Manana (2): btrfs: fix log tree replay failure due to file with 0 links and extents btrfs: fix deadlock when cloning inline extents and using qgroups Finn Thain (2): m68k: Don't unregister boot console needlessly m68k: Fix lost column on framebuffer debug console Florian Westphal (3): netfilter: xt_nfacct: don't assume acct name is null-terminated netfilter: ctnetlink: fix refcount leak on table dump netfilter: nf_reject: don't leak dst refcount for loopback packets Gal Pressman (1): net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs Gautham R. Shenoy (1): pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() Geoffrey D. Bennett (1): ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() Giovanni Cabiddu (1): crypto: qat - fix seq_file position update in adf_ring_next() Gokul Sivakumar (1): wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE Greg Kroah-Hartman (2): Revert "vmci: Prevent the dispatching of uninitialized payloads" Linux 5.10.241 Guchun Chen (1): drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume Gui-Dong Han (1): media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() Haiyang Zhang (1): hv_netvsc: Fix panic during namespace deletion with VF Hans Verkuil (1): media: v4l2-ctrls: always copy the controls on completion Hans Zhang (1): PCI: rockchip-host: Fix "Unexpected Completion" log message Haoxiang Li (2): media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Hari Kalavakunta (1): net: ncsi: Fix buffer overflow in fetching version id Harry Yoo (1): mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n Helge Deller (1): Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" Henry Martin (1): clk: davinci: Add NULL check in davinci_lpsc_clk_register() Herbert Xu (1): crypto: marvell/cesa - Fix engine load inaccuracy Hongyu Xie (1): xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS Horatiu Vultur (1): phy: mscc: Fix parsing of unicast frames Hsin-Te Yuan (1): thermal: sysfs: Return ENODATA instead of EAGAIN for reads Hyejeong Choi (1): dma-buf: insert memory barrier before updating num_fences Ian Abbott (10): comedi: pcl812: Fix bit shift out of bounds comedi: aio_iiro_16: Fix bit shift out of bounds comedi: das16m1: Fix bit shift out of bounds comedi: das6402: Fix bit shift out of bounds comedi: Fix some signed shift left operations comedi: Fix use of uninitialized data in insn_rw_emulate_bits() comedi: Fix initialization of data for instructions that write to subdevice comedi: comedi_test: Fix possible deletion of uninitialized timers comedi: fix race between polling and detaching comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large Ido Schimmel (1): mlxsw: spectrum: Forward packets with an IPv4 link-local source IP Ilan Peer (1): wifi: cfg80211: Fix interface type validation Ilya Bakoulin (1): drm/amd/display: Separate set_gsl from set_gsl_source_select Imre Deak (1): drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS Ioana Ciornei (3): dpaa2-mac: split up initializing the MAC object from connecting to it dpaa2-mac: export MAC counters even when in TYPE_FIXED dpaa2-eth: retry the probe when the MAC is not yet discovered on the bus Ivan Stepchenko (1): mtd: fix possible integer overflow in erase_xfer() Jacek Kowalski (2): e1000e: disregard NVM checksum on tgp when valid checksum bit is not set e1000e: ignore uninitialized checksum word on tgp Jack Xiao (1): drm/amdgpu: fix incorrect vm flags to map bo Jakub Acs (1): net, hsr: reject HSR frame if skb can't hold tag Jakub Kicinski (2): netpoll: prevent hanging NAPI when netcons gets enabled uapi: in6: restore visibility of most IPv6 socket options James Smart (1): scsi: lpfc: Fix link down processing to address NULL pointer dereference Jan Beulich (1): compiler: remove __ADDRESSABLE_ASM{_STR,}() again Jan Kara (2): isofs: Verify inode mode when loading from disk udf: Verify partition map count Jason Wang (1): vhost: fail early when __vhost_add_used() fails Jason Xing (1): ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc Jay Chen (1): usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command Jean-Baptiste Maneyrol (1): iio: imu: inv_icm42600: change invalid data error to -EBUSY Jeff Layton (1): nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Jian Shen (2): net: hns3: refine the struct hane3_tc_info net: hns3: fixed vf get max channels bug Jiasheng Jiang (2): iwlwifi: Add missing check for alloc_ordered_workqueue scsi: lpfc: Remove redundant assignment to avoid memory leak Jiaxun Yang (1): MIPS: mm: tlb-r4k: Uniquify TLB entries on init Jiayi Li (2): ACPI: processor: perflib: Fix initial _PPC limit application memstick: Fix deadlock by moving removing flag earlier Jiayuan Chen (1): bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls Jimmy Assarsson (2): can: kvaser_pciefd: Store device channel index can: kvaser_usb: Assign netdev.dev_port based on device channel index Johan Adolfsson (1): leds: leds-lp50xx: Handle reg to get correct multi_index Johan Hovold (8): net: gianfar: fix device leak when querying time stamp info net: dpaa: fix device leak when querying time stamp info usb: gadget: udc: renesas_usb3: fix device leak at unbind usb: dwc3: meson-g12a: fix device leaks at unbind wifi: ath11k: fix source ring-buffer corruption USB: cdc-acm: do not log successful probe on later errors usb: musb: omap2430: fix device leak at unbind wifi: ath11k: fix dest ring-buffer corruption when ring is full Johan Korsnes (1): arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX Johannes Berg (1): wifi: cfg80211: reject HTC bit for management frames John Ernberg (1): net: usbnet: Avoid potential RCU stall on LINK_CHANGE event John Garry (2): scsi: aacraid: Stop using PCI_IRQ_AFFINITY block: avoid possible overflow for chunk_sectors check in blk_stack_limits() Jon Hunter (1): soc/tegra: pmc: Ensure power-domains are in a known state Jonas Rebmann (1): net: fec: allow disable coalescing Jonathan Cameron (1): iio: light: as73211: Ensure buffer holes are zeroed Jonathan Santos (1): iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement Jorge Ramirez-Ortiz (2): media: venus: hfi: explicitly release IRQ during teardown media: venus: protect against spurious interrupts during probe Jose M. Guisado Gomez (1): netfilter: nft_reject: unify reject init and dump into nft_reject Judith Mendez (1): mmc: sdhci_am654: Workaround for Errata i2312 Juergen Gross (1): xen/gntdev: remove struct gntdev_copy_batch from stack Justin Tee (1): scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure Kees Cook (3): arm64: Handle KCOV __init vs inline mismatches platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches iommu/amd: Avoid stack buffer overflow from kernel cmdline Kefeng Wang (1): asm-generic: Add memory barrier dma_mb() Kito Xu (veritas501) (1): net: appletalk: Fix use-after-free in AARP proxy probe Krishna Kurapati (1): usb: dwc3: qcom: Don't leave BCR asserted Krzysztof Kozlowski (1): ARM: dts: vfxxx: Correctly use two tuples for timer address Kuen-Han Tsai (1): usb: dwc3: Ignore late xferNotReady event to prevent halt timeout Kuninori Morimoto (3): ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed ASoC: soc-dai.c: add missing flag check at snd_soc_pcm_dai_probe() Kuniyuki Iwashima (2): rpl: Fix use-after-free in rpl_do_srh_inline(). Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() Laurentiu Mihalcea (1): pwm: imx-tpm: Reset counter if CMOD is 0 Len Brown (1): intel_idle: Allow loading ACPI tables for any family Leo Yan (1): perf tests bp_account: Fix leaked file descriptor Leon Romanovsky (1): RDMA/rxe: Return CQE error if invalid lkey was supplied Li Zhong (1): ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value Lifeng Zheng (4): cpufreq: Initialize cpufreq-based frequency-invariance later cpufreq: Init policy->rwsem before it may be possibly used cpufreq: Exit governor when failed to start old governor PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() Lin.Cao (1): drm/sched: Remove optimization that causes hang when killing dependent jobs Lizhi Xu (2): vmci: Prevent the dispatching of uninitialized payloads jfs: truncate good inode pages when hard link is 0 Lorenzo Stoakes (4): mm: drop the assumption that VM_SHARED always implies writable mm: update memfd seal write check to include F_SEAL_WRITE mm: reinstate ability to map write-sealed memfd mappings read-only selftests/memfd: add test for mapping write-sealed memfd read-only Lucas De Marchi (1): usb: early: xhci-dbc: Fix early_ioremap leak Lucy Thrun (1): ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control Ludwig Disterhof (1): media: usbtv: Lock resolution while streaming Luiz Augusto von Dentz (3): Bluetooth: SMP: If an unallowed command is received consider it a failure Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU Lukas Wunner (1): PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports Ma Ke (2): sunvdc: Balance device refcount in vdc_port_mpgroup_check dpaa2-eth: Fix device reference count leak in MAC endpoint handling Maciej W. Rozycki (1): powerpc/eeh: Rely on dev->link_active_reporting Mael GUERIN (1): USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera Maor Gottlieb (1): RDMA/core: Rate limit GID cache warning messages Marco Elver (1): locking/barriers, kcsan: Support generic instrumentation Marek Szyprowski (1): zynq_fpga: use sgtable-based scatterlist wrappers Marek Vasut (1): usb: renesas-xhci: Fix External ROM access timeouts Mario Limonciello (3): usb: xhci: Avoid showing warnings for dying controller usb: xhci: Avoid showing errors during surprise removal drm/amd: Restore cached power limit during resume Marius Zachmann (1): hwmon: (corsair-cpro) Validate the size of the received input buffer Mark Brown (1): ASoC: hdac_hdmi: Rate limit logging on connection and disconnection Martin Kaistra (1): wifi: rtl8xxxu: Fix RX skb size for aggregation disabled Masahiro Yamada (3): kconfig: qconf: fix ConfigList::updateListAllforAll() kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed() kconfig: gconf: fix potential memory leak in renderer_edited() Masami Hiramatsu (Google) (1): selftests: tracing: Use mutex_unlock for testing glob filter Mathias Nyman (5): usb: hub: fix detection of high tier USB3 devices behind suspended hubs usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm usb: hub: Fix flushing of delayed work used for post resume purposes usb: hub: avoid warm port reset during USB3 disconnect usb: hub: Don't try to recover devices lost during warm reset. Matthew Wilcox (Oracle) (1): XArray: Add calls to might_alloc() Matthieu Baerts (NGI0) (2): selftests: mptcp: connect: also cover alt modes selftests: mptcp: pm: check flush doesn't reset limits Maulik Shah (1): pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov Mauro Carvalho Chehab (1): media: venus: don't de-reference NULL pointers at IRQ time Meagan Lloyd (2): rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe Meng Li (1): usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock Mengbiao Xiong (1): crypto: ccp - Fix crash when rebind ccp device for ccp.ko Miao Li (1): usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive Miaohe Lin (1): mm/zsmalloc.c: convert to use kmem_cache_zalloc in cache_alloc_zspage() Miaoqian Lin (1): most: core: Drop device reference after usage in get_channel() Michael Zhivich (1): x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode() Michal Schmidt (1): benet: fix BUG when creating VFs Mike Christie (1): vhost-scsi: Fix log flooding with target does not exist errors Mikulas Patocka (1): dm-mpath: don't print the "loaded" message if registering fails Mina Almasry (1): netmem: fix skb_frag_address_safe with unreadable skbs Ming Lei (2): block: don't call rq_qos_ops->done_bio if the bio isn't tracked dm rq: don't queue request to blk-mq during DM suspend Minhong He (1): ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add Myrrh Periwinkle (3): usb: typec: ucsi: Update power_supply on power role change vt: keyboard: Don't process Unicode characters in K_OFF mode vt: defkeymap: Map keycodes above 127 to K_HOLE Nathan Chancellor (5): phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in pep_sock_accept() memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS Niklas Söderlund (1): gpio: rcar: Use raw_spinlock to protect register access Nilton Perim Neto (1): Input: xpad - set correct controller type for Acer NGR200 Ojaswin Mujoo (2): ext4: fix fsmap end of range reporting with bigalloc ext4: fix reserved gdt blocks handling in fsmap Olga Kornievskaia (1): NFSv4.2: another fix for listxattr Oliver Neukum (3): usb: net: sierra: check for no status endpoint usb: core: usb_submit_urb: downgrade type check cdc-acm: fix race between initial clearing halt and open Oscar Maes (1): net: ipv4: fix incorrect MTU in broadcast routes Ovidiu Panait (1): hwrng: mtk - handle devm_pm_runtime_enable errors Pablo Neira Ayuso (1): netfilter: nft_reject_inet: allow to use reject from inet ingress Pagadala Yesu Anjaneyulu (1): wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect Pali Rohár (1): cifs: Fix calling CIFSFindFirst() for root path without msearch Paul Cercueil (1): usb: musb: Add and use inline functions musb_{get,set}_state Paul Chaignon (1): bpf: Check flow_dissector ctx accesses are aligned Paul E. McKenney (1): rcu: Protect ->defer_qs_iw_pending from data race Paul Kocialkowski (1): clk: sunxi-ng: v3s: Fix de clock definition Pavel Begunkov (1): io_uring: don't use int for ABI Pavel Tikhomirov (1): move_mount: allow to add a mount into an existing group Pawan Gupta (1): x86/bugs: Avoid warning when overriding return thunk Peter Oberparleiter (2): s390/hypfs: Avoid unnecessary ioctl registration in debugfs s390/hypfs: Enable limited access during lockdown Peter Robinson (1): reset: brcmstb: Enable reset drivers for ARCH_BCM2835 Peter Ujfalusi (1): ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() Petr Pavlu (1): module: Restore the moduleparam prefix length check Phillip Lougher (1): squashfs: fix memory leak in squashfs_fill_super Prashant Malani (1): cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag Praveen Kaligineedi (1): gve: Fix stuck TX queue for DQ queue format Pu Lehui (1): tracing: Limit access to parser->buffer when trace_get_user failed Purva Yeshi (1): md: dm-zoned-target: Initialize return variable r to avoid uninitialized use Qu Wenruo (1): btrfs: populate otime when logging an inode item Quang Le (1): net/packet: fix a race in packet_set_ring() and packet_notifier() Rafael J. Wysocki (3): ACPI: processor: perflib: Move problematic pr->performance check cpuidle: governors: menu: Avoid using invalid recent intervals data PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() Rand Deeb (1): wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() Randy Dunlap (1): parisc: Makefile: fix a typo in palo.conf Ranjan Kumar (1): scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans Remi Pommarel (2): wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" Ricardo Ribalda (2): media: uvcvideo: Do not mark valid metadata as invalid media: venus: vdec: Clamp param smaller than 1fps and bigger than 240. Ricky Wu (1): misc: rtsx: usb: Ensure mmc child device is active when card is present RubenKelevra (1): fs_context: fix parameter name in infofc() macro Ryan Lee (1): apparmor: ensure WB_HISTORY_SIZE value is a power of 2 Ryan Mann (NDI) (1): USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI Ryusuke Konishi (1): nilfs2: reject invalid file types when reading inodes Sabrina Dubroca (1): udp: also consider secpath when evaluating ipsec use for checksumming Sakari Ailus (1): media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() Salah Triki (1): iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() Sarah Newman (1): drbd: add missing kref_get in handle_write_conflicts Sarthak Garg (1): mmc: sdhci-msm: Ensure SD card power isn't ON when card removed Sasha Levin (1): fs: Prevent file descriptor table allocations exceeding INT_MAX Sebastian Ott (1): ACPI: processor: fix acpi_object initialization Sebastian Reichel (2): watchdog: dw_wdt: Fix default timeout usb: typec: fusb302: cache PD RX state Sergey Bashirov (4): pNFS: Fix stripe mapping in block/scsi layout pNFS: Fix disk addr range check in block/scsi layout pNFS: Handle RPC size limit for layoutcommits pNFS: Fix uninited ptr deref in block/scsi layout Sergey Senozhatsky (1): wifi: ath11k: clear initialized flag for deinit-ed srng lists Seunghui Lee (1): scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume Shankari Anand (1): kconfig: nconf: Ensure null termination where strncpy is used Shengjiu Wang (1): ASoC: fsl_sai: replace regmap_write with regmap_update_bits Shiji Yang (1): MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free} Showrya M N (1): scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated Slark Xiao (2): USB: serial: option: add Foxconn T99W640 USB: serial: option: add Foxconn T99W709 Stanislav Fomichev (1): vrf: Drop existing dst reference in vrf_ip6_input_dst Stanislaw Gruszka (1): wifi: iwlegacy: Check rate_idx range after addition Stefan Metzmacher (1): smb: client: let recv_done() cleanup before notifying the callers. Steven Rostedt (5): selftests/tracing: Fix false failure of subsystem event test ktest.pl: Prevent recursion of default variable options ftrace: Also allocate and copy hash for reading of filter files tracing: Add down_write(trace_event_sem) when adding trace event tracing: Remove unneeded goto out logic Su Hui (1): usb: xhci: print xhci->xhc_state when queue_command failed Suchit Karunakaran (1): kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c Sven Schnelle (2): s390/time: Use monotonic clock in get_cycles() s390/stp: Remove udelay from stp_sync_clock() Takashi Iwai (4): ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() ALSA: usb-audio: Validate UAC3 power domain descriptors, too ALSA: usb-audio: Validate UAC3 cluster segment descriptors ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation Tao Xue (1): usb: gadget : fix use-after-free in composite_dev_cleanup() Tetsuo Handa (1): hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() Theodore Ts'o (1): ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr Thomas Fourier (17): pch_uart: Fix dma_sync_sg_for_device() nents value mmc: bcm2835: Fix dma_unmap_sg() nents value mwl8k: Add missing check after DMA map crypto: inside-secure - Fix `dma_unmap_sg()` nents value scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value scsi: mvsas: Fix dma_unmap_sg() nents value scsi: isci: Fix dma_unmap_sg() nents value crypto: img-hash - Fix dma_unmap_sg() nents value dmaengine: mv_xor: Fix missing check after DMA map and missing unmap dmaengine: nbpfaxi: Add missing check after DMA map mtd: rawnand: atmel: Fix dma_mapping_error() address et131x: Add missing check after DMA map net: ag71xx: Add missing check after DMA map (powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`. wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() mtd: rawnand: fsmc: Add missing check after DMA map Thomas Gleixner (3): perf/core: Don't leak AUX buffer refcount on allocation failure perf/core: Exit early on perf_mmap() fail perf/core: Prevent VMA split of buffer mappings Thomas Weißschuh (2): MIPS: Don't crash in stack_top() for tasks without ABI or vDSO kbuild: userprogs: use correct linker when mixing clang and GNU ld Thorsten Blum (1): usb: storage: realtek_cr: Use correct byte order for bcs->Residue Tigran Mkrtchyan (1): pNFS/flexfiles: don't attempt pnfs on fatal DS errors Tim Harvey (1): hwmon: (gsc-hwmon) fix fan pwm setpoint show functions Timothy Pearson (5): PCI: pnv_php: Clean up allocated IRQs on unplug PCI: pnv_php: Work around switches with broken presence detection powerpc/eeh: Export eeh_unfreeze_pe() powerpc/eeh: Make EEH driver device hotplug safe PCI: pnv_php: Fix surprise plug detection and recovery Timur Kristóf (5): drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 drm/amd/display: Fix DP audio DTO1 clock source on DCE 6. drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs drm/amd/display: Don't overclock DCE 6 by 15% Tomasz Michalec (2): usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present platform/chrome: cros_ec_typec: Defer probe on missing EC parent Trond Myklebust (5): pNFS/flexfiles: Avoid spurious layout returns in ff_layout_choose_ds_for_read NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() NFS: Don't set NFS_INO_REVAL_PAGECACHE in the inode cache validity NFSv4: Fix nfs4_bitmap_copy_adjust() NFS: Fix the setting of capabilities when automounting a new filesystem Tzung-Bi Shih (2): platform/chrome: cros_ec: remove unneeded label and if-condition platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() Ulf Hansson (1): mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() Uwe Kleine-König (4): platform/chrome: cros_ec: Make cros_ec_unregister() return void pwm: mediatek: Implement .apply() callback pwm: mediatek: Handle hardware enable and clock enable separately pwm: mediatek: Fix duty and period setting Vedang Nagar (1): media: venus: Add a check for packet size after reading from shared memory Viacheslav Dubeyko (4): hfs: fix slab-out-of-bounds in hfs_bnode_read() hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() hfs: fix not erasing deleted b-tree node issue Victor Shih (1): mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency Vladimir Zapolskiy (1): media: qcom: camss: cleanup media device allocated resource on error path Waiman Long (2): mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key Wang Liang (1): net: drop UFO packets in udp_rcv_segment() Wang Zhaolong (1): smb: client: fix use-after-free in crypt_message when using async crypto Wayne Chang (1): phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode Weitao Wang (1): usb: xhci: Fix slot_id resource race conflict Wen Chen (1): drm/amd/display: Fix 'failed to blank crtc!' Wesley Cheng (1): usb: dwc3: Remove DWC3 locking during gadget suspend/resume William Liu (4): net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree net/sched: Restrict conditions for adding duplicating netems to qdisc tree net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate Wolfram Sang (3): media: usb: hdpvr: disable zero-length read messages i3c: add missing include to internal header i3c: don't fail if GETHDRCAP is unsupported Xiang Mei (2): net/sched: sch_qfq: Fix race condition on qfq_aggregate net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class Xin Long (1): sctp: linearize cloned gso packets in sctp_rcv Xinxin Wan (1): ASoC: codecs: rt5640: Retry DEVICE_ID verification Xinyu Liu (2): usb: gadget: configfs: Fix OOB read on empty string write usb: core: config: Prevent OOB read in SS endpoint companion parsing Xiu Jianfeng (1): wifi: iwlwifi: Fix memory leak in iwl_mvm_init() Xiumei Mu (1): selftests: rtnetlink.sh: remove esp4_offload after test Xu Yang (2): usb: chipidea: add USB PHY event usb: phy: mxs: disconnect line when USB charger is attached Xu Yilun (1): fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable() Yajun Deng (1): i40e: Add rx_missed_errors for buffer exhaustion Yang Xiwen (1): i2c: qup: jump out of the loop in case of timeout Yang Yingliang (1): ptp: Fix possible memory leak in ptp_clock_register() Yangtao Li (1): hfsplus: remove mutex_lock check in hfsplus_free_extents Yann E. MORIN (1): kconfig: lxdialog: fix 'space' to (de)select options Yazen Ghannam (1): x86/mce/amd: Add default names for MCA banks and blocks Ye Bin (1): fs/buffer: fix use-after-free when call bh_read() helper Youngjun Lee (1): media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() Yuan Chen (2): bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure pinctrl: sunxi: Fix memory leak on krealloc failure Yun Lu (2): af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() af_packet: fix soft lockup issue caused by tpacket_snd() Yunhui Cui (1): serial: 8250: fix panic due to PSLVERR Yury Norov [NVIDIA] (1): RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() Zenm Chen (1): USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles Zhang Lixu (1): iio: hid-sensor-prox: Fix incorrect OFFSET calculation Zhang Shurong (1): media: ov2659: Fix memory leaks in ov2659_probe() Zhang Yi (1): ext4: fix hole length calculation overflow in non-extent inodes Zheng Yu (1): jfs: fix metapage reference count leak in dbAllocCtl chenchangcheng (1): media: uvcvideo: Fix bandwidth issue for Alcor camera fangzhong.zhou (1): i2c: Force DLL0945 touchpad i2c freq to 100khz jackysliu (1): scsi: bfa: Double-free fix tuhaowen (1): PM: sleep: console: Fix the black screen issue xin.guo (1): tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range Álvaro Fernández Rojas (4): net: dsa: b53: fix b53_imp_vlan_setup for BCM5325 net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325 net: dsa: b53: prevent SWITCH_CTRL access on BCM5325 net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325

2 weeks, 4 days

1
1
0 0

Linux 5.4.297

by Greg Kroah-Hartman

I'm announcing the release of the 5.4.297 kernel. All users of the 5.4 kernel series must upgrade. The updated 5.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 Makefile | 5 arch/arm/Makefile | 2 arch/arm/boot/dts/imx6ul-kontron-n6310-s.dts | 1 arch/arm/boot/dts/vfxxx.dtsi | 2 arch/arm/mach-rockchip/platsmp.c | 15 arch/arm/mach-tegra/reset.c | 2 arch/arm64/include/asm/acpi.h | 2 arch/m68k/Kconfig.debug | 2 arch/m68k/kernel/early_printk.c | 42 - arch/m68k/kernel/head.S | 39 - arch/mips/Makefile | 2 arch/mips/include/asm/vpe.h | 8 arch/mips/kernel/process.c | 16 arch/mips/mm/tlb-r4k.c | 56 + arch/parisc/Makefile | 2 arch/powerpc/configs/ppc6xx_defconfig | 1 arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 arch/s390/hypfs/hypfs_dbfs.c | 19 arch/s390/include/asm/timex.h | 13 arch/s390/kernel/time.c | 2 arch/x86/kernel/cpu/mce/amd.c | 13 arch/x86/mm/extable.c | 5 drivers/acpi/acpi_processor.c | 2 drivers/acpi/apei/ghes.c | 2 drivers/acpi/processor_idle.c | 4 drivers/acpi/processor_perflib.c | 11 drivers/ata/Kconfig | 35 - drivers/ata/libata-scsi.c | 20 drivers/base/power/domain_governor.c | 18 drivers/base/power/runtime.c | 5 drivers/block/drbd/drbd_receiver.c | 6 drivers/block/sunvdc.c | 4 drivers/char/hw_random/mtk-rng.c | 4 drivers/char/ipmi/ipmi_msghandler.c | 8 drivers/char/ipmi/ipmi_watchdog.c | 59 +- drivers/clk/davinci/psc.c | 5 drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3 drivers/cpufreq/armada-8k-cpufreq.c | 2 drivers/cpufreq/cpufreq.c | 11 drivers/crypto/ccp/ccp-debugfs.c | 3 drivers/crypto/img-hash.c | 2 drivers/crypto/marvell/cipher.c | 4 drivers/crypto/marvell/hash.c | 5 drivers/crypto/qat/qat_common/adf_transport_debug.c | 4 drivers/dma/mv_xor.c | 21 drivers/dma/nbpfaxi.c | 24 drivers/fpga/zynq-fpga.c | 10 drivers/gpio/gpio-tps65912.c | 7 drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 drivers/gpu/drm/amd/display/dc/bios/command_table.c | 2 drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 30 - drivers/gpu/drm/amd/powerplay/hwmgr/smu_helper.c | 2 drivers/gpu/drm/drm_dp_helper.c | 2 drivers/gpu/drm/scheduler/sched_entity.c | 23 drivers/hid/hid-core.c | 19 drivers/i2c/busses/i2c-qup.c | 4 drivers/i2c/busses/i2c-stm32.c | 8 drivers/i2c/busses/i2c-stm32f7.c | 4 drivers/i3c/internals.h | 1 drivers/i3c/master.c | 2 drivers/iio/adc/max1363.c | 43 - drivers/iio/adc/stm32-adc-core.c | 7 drivers/iio/light/hid-sensor-prox.c | 3 drivers/iio/proximity/isl29501.c | 16 drivers/infiniband/core/cache.c | 4 drivers/infiniband/hw/hfi1/affinity.c | 44 - drivers/input/joystick/xpad.c | 2 drivers/media/dvb-frontends/dib7000p.c | 8 drivers/media/i2c/ov2659.c | 3 drivers/media/i2c/tc358743.c | 86 +- drivers/media/platform/qcom/camss/camss.c | 4 drivers/media/platform/qcom/venus/core.c | 8 drivers/media/platform/qcom/venus/core.h | 2 drivers/media/platform/qcom/venus/hfi_venus.c | 5 drivers/media/platform/qcom/venus/vdec.c | 5 drivers/media/usb/gspca/vicam.c | 10 drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 drivers/media/usb/rainshadow-cec/rainshadow-cec.c | 3 drivers/media/usb/usbtv/usbtv-video.c | 4 drivers/media/usb/uvc/uvc_driver.c | 3 drivers/media/usb/uvc/uvc_video.c | 21 drivers/media/v4l2-core/v4l2-ctrls.c | 37 + drivers/memstick/core/memstick.c | 3 drivers/memstick/host/rtsx_usb_ms.c | 1 drivers/misc/cardreader/rtsx_usb.c | 16 drivers/mmc/host/bcm2835.c | 3 drivers/mmc/host/rtsx_usb_sdmmc.c | 4 drivers/mmc/host/sdhci-pci-core.c | 3 drivers/mmc/host/sdhci_am654.c | 9 drivers/mtd/ftl.c | 2 drivers/mtd/nand/raw/atmel/nand-controller.c | 2 drivers/mtd/nand/raw/atmel/pmecc.c | 6 drivers/mtd/nand/raw/fsmc_nand.c | 2 drivers/net/can/kvaser_pciefd.c | 1 drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1 drivers/net/dsa/b53/b53_common.c | 33 - drivers/net/dsa/b53/b53_regs.h | 1 drivers/net/ethernet/agere/et131x.c | 36 + drivers/net/ethernet/atheros/ag71xx.c | 9 drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 drivers/net/ethernet/emulex/benet/be_cmds.c | 2 drivers/net/ethernet/emulex/benet/be_main.c | 8 drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 drivers/net/ethernet/freescale/fec_main.c | 34 - drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 drivers/net/ethernet/intel/fm10k/fm10k.h | 3 drivers/net/ethernet/intel/i40e/i40e.h | 2 drivers/net/ethernet/intel/ice/ice_flex_pipe.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3 drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 drivers/net/ethernet/xilinx/xilinx_emaclite.c | 2 drivers/net/phy/smsc.c | 1 drivers/net/ppp/pptp.c | 18 drivers/net/usb/sierra_net.c | 4 drivers/net/usb/usbnet.c | 11 drivers/net/virtio_net.c | 38 + drivers/net/vrf.c | 2 drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 8 drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11 drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4 drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 drivers/net/wireless/marvell/mwl8k.c | 4 drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3 drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2 drivers/net/wireless/realtek/rtlwifi/pci.c | 18 drivers/pci/controller/pcie-rockchip-host.c | 2 drivers/pci/endpoint/pci-ep-cfs.c | 1 drivers/pci/endpoint/pci-epf-core.c | 2 drivers/pci/hotplug/pnv_php.c | 90 ++- drivers/pci/pci-acpi.c | 4 drivers/pci/pci.c | 8 drivers/pci/probe.c | 2 drivers/pinctrl/stm32/pinctrl-stm32.c | 1 drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11 drivers/platform/x86/thinkpad_acpi.c | 4 drivers/power/supply/bq24190_charger.c | 60 -- drivers/power/supply/max14577_charger.c | 4 drivers/pps/pps.c | 11 drivers/pwm/pwm-imx-tpm.c | 9 drivers/pwm/pwm-mediatek.c | 78 +- drivers/regulator/core.c | 1 drivers/rtc/rtc-ds1307.c | 17 drivers/rtc/rtc-hym8563.c | 2 drivers/rtc/rtc-pcf8563.c | 2 drivers/scsi/aacraid/comminit.c | 3 drivers/scsi/bfa/bfad_im.c | 1 drivers/scsi/ibmvscsi_tgt/libsrp.c | 6 drivers/scsi/isci/request.c | 2 drivers/scsi/libiscsi.c | 3 drivers/scsi/lpfc/lpfc_debugfs.c | 1 drivers/scsi/lpfc/lpfc_scsi.c | 4 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19 drivers/scsi/mvsas/mv_sas.c | 4 drivers/scsi/qla4xxx/ql4_os.c | 2 drivers/scsi/scsi_scan.c | 2 drivers/scsi/scsi_transport_sas.c | 60 +- drivers/soc/aspeed/aspeed-lpc-snoop.c | 13 drivers/soc/qcom/mdt_loader.c | 41 + drivers/soc/tegra/pmc.c | 51 - drivers/soundwire/stream.c | 2 drivers/staging/comedi/comedi_compat32.c | 3 drivers/staging/comedi/comedi_fops.c | 58 + drivers/staging/comedi/comedi_internal.h | 1 drivers/staging/comedi/drivers.c | 30 - drivers/staging/comedi/drivers/aio_iiro_16.c | 3 drivers/staging/comedi/drivers/comedi_test.c | 2 drivers/staging/comedi/drivers/das16m1.c | 3 drivers/staging/comedi/drivers/das6402.c | 3 drivers/staging/comedi/drivers/pcl812.c | 3 drivers/staging/fbtft/fbtft-core.c | 1 drivers/staging/media/imx/imx-media-csc-scaler.c | 2 drivers/staging/nvec/nvec_power.c | 2 drivers/thermal/thermal_sysfs.c | 9 drivers/thunderbolt/domain.c | 2 drivers/tty/serial/8250/8250_port.c | 3 drivers/tty/serial/pch_uart.c | 2 drivers/tty/vt/defkeymap.c_shipped | 112 +++ drivers/tty/vt/keyboard.c | 2 drivers/usb/atm/cxacru.c | 106 +-- drivers/usb/chipidea/ci.h | 18 drivers/usb/chipidea/udc.c | 89 +-- drivers/usb/class/cdc-acm.c | 13 drivers/usb/core/hub.c | 67 ++ drivers/usb/core/quirks.c | 1 drivers/usb/core/urb.c | 2 drivers/usb/dwc3/dwc3-meson-g12a.c | 3 drivers/usb/dwc3/dwc3-qcom.c | 8 drivers/usb/dwc3/gadget.c | 9 drivers/usb/early/xhci-dbc.c | 4 drivers/usb/gadget/composite.c | 5 drivers/usb/gadget/configfs.c | 2 drivers/usb/gadget/udc/renesas_usb3.c | 1 drivers/usb/host/xhci-hub.c | 3 drivers/usb/host/xhci-mem.c | 24 drivers/usb/host/xhci-plat.c | 3 drivers/usb/host/xhci-ring.c | 19 drivers/usb/host/xhci.c | 24 drivers/usb/host/xhci.h | 3 drivers/usb/musb/musb_gadget.c | 2 drivers/usb/musb/omap2430.c | 10 drivers/usb/phy/phy-mxs-usb.c | 4 drivers/usb/serial/ftdi_sio.c | 2 drivers/usb/serial/ftdi_sio_ids.h | 3 drivers/usb/serial/option.c | 7 drivers/usb/storage/realtek_cr.c | 2 drivers/usb/storage/unusual_devs.h | 29 drivers/usb/typec/tcpm/fusb302.c | 8 drivers/vhost/vhost.c | 3 drivers/video/console/vgacon.c | 2 drivers/video/fbdev/imxfb.c | 9 drivers/watchdog/dw_wdt.c | 2 drivers/watchdog/ziirave_wdt.c | 3 fs/btrfs/tree-log.c | 53 + fs/buffer.c | 2 fs/cifs/cifsglob.h | 1 fs/cifs/cifssmb.c | 10 fs/cifs/smbdirect.c | 14 fs/cifs/transport.c | 34 - fs/ext4/fsmap.c | 23 fs/ext4/inline.c | 19 fs/ext4/inode.c | 2 fs/f2fs/f2fs.h | 2 fs/f2fs/inode.c | 28 fs/f2fs/node.c | 10 fs/file.c | 81 +- fs/hfs/bnode.c | 93 +++ fs/hfsplus/bnode.c | 92 +++ fs/hfsplus/extents.c | 3 fs/hfsplus/unicode.c | 7 fs/hfsplus/xattr.c | 6 fs/hugetlbfs/inode.c | 2 fs/isofs/inode.c | 9 fs/jbd2/checkpoint.c | 1 fs/jfs/file.c | 3 fs/jfs/inode.c | 2 fs/jfs/jfs_dmap.c | 10 fs/namespace.c | 89 ++- fs/nfs/blocklayout/blocklayout.c | 4 fs/nfs/blocklayout/dev.c | 5 fs/nfs/blocklayout/extent_tree.c | 20 fs/nfs/client.c | 44 + fs/nfs/direct.c | 13 fs/nfs/export.c | 11 fs/nfs/inode.c | 6 fs/nfs/internal.h | 1 fs/nfs/nfs4client.c | 13 fs/nfs/nfs4proc.c | 35 - fs/nfs/pnfs.c | 11 fs/nfs/write.c | 11 fs/nfsd/nfs4state.c | 34 - fs/nilfs2/inode.c | 9 fs/orangefs/orangefs-debugfs.c | 8 fs/squashfs/super.c | 14 fs/udf/super.c | 13 include/linux/fs.h | 4 include/linux/if_vlan.h | 6 include/linux/mm.h | 26 include/linux/moduleparam.h | 5 include/linux/nfs_fs.h | 2 include/linux/pci.h | 1 include/linux/pps_kernel.h | 1 include/linux/skbuff.h | 31 + include/linux/usb/chipidea.h | 1 include/linux/usb/usbnet.h | 1 include/net/act_api.h | 25 include/net/cfg80211.h | 2 include/net/sch_generic.h | 13 include/net/udp.h | 24 include/uapi/linux/in6.h | 4 include/uapi/linux/io_uring.h | 2 include/uapi/linux/mount.h | 3 kernel/events/core.c | 20 kernel/fork.c | 2 kernel/power/console.c | 7 kernel/rcu/tree_plugin.h | 3 kernel/trace/ftrace.c | 19 kernel/trace/trace_events.c | 5 mm/filemap.c | 2 mm/hmm.c | 2 mm/kmemleak.c | 120 ++-- mm/madvise.c | 2 mm/mmap.c | 26 mm/shmem.c | 2 mm/zsmalloc.c | 6 net/8021q/vlan.c | 42 + net/8021q/vlan.h | 1 net/appletalk/aarp.c | 42 + net/appletalk/ddp.c | 7 net/bluetooth/hci_sysfs.c | 15 net/bluetooth/l2cap_core.c | 26 net/bluetooth/l2cap_sock.c | 3 net/bluetooth/smp.c | 21 net/bluetooth/smp.h | 1 net/caif/cfctrl.c | 294 ++++------ net/core/filter.c | 3 net/core/netpoll.c | 7 net/ipv4/route.c | 1 net/ipv4/tcp_input.c | 3 net/ipv4/udp_offload.c | 2 net/ipv6/ip6_offload.c | 4 net/ipv6/seg6_hmac.c | 3 net/mac80211/tx.c | 1 net/ncsi/internal.h | 2 net/ncsi/ncsi-rsp.c | 1 net/netfilter/nf_conntrack_netlink.c | 24 net/netfilter/nf_tables_api.c | 4 net/netfilter/xt_nfacct.c | 4 net/netlink/af_netlink.c | 2 net/packet/af_packet.c | 39 - net/phonet/pep.c | 2 net/sched/act_api.c | 14 net/sched/act_csum.c | 4 net/sched/act_ct.c | 10 net/sched/act_gact.c | 14 net/sched/act_mirred.c | 55 + net/sched/act_police.c | 5 net/sched/act_tunnel_key.c | 2 net/sched/act_vlan.c | 9 net/sched/sch_cake.c | 14 net/sched/sch_codel.c | 5 net/sched/sch_drr.c | 7 net/sched/sch_fq_codel.c | 6 net/sched/sch_hfsc.c | 8 net/sched/sch_htb.c | 6 net/sched/sch_netem.c | 40 + net/sched/sch_qfq.c | 40 - net/sched/sch_sfq.c | 114 ++- net/sctp/input.c | 2 net/tls/tls_sw.c | 13 net/vmw_vsock/af_vsock.c | 3 net/wireless/mlme.c | 3 samples/mei/mei-amt-version.c | 2 scripts/Kbuild.include | 8 scripts/kconfig/gconf.c | 8 scripts/kconfig/lxdialog/inputbox.c | 6 scripts/kconfig/lxdialog/menubox.c | 2 scripts/kconfig/nconf.c | 2 scripts/kconfig/nconf.gui.c | 1 security/inode.c | 2 sound/pci/hda/patch_ca0132.c | 2 sound/pci/hda/patch_hdmi.c | 19 sound/pci/intel8x0.c | 2 sound/soc/codecs/hdac_hdmi.c | 10 sound/soc/codecs/rt5640.c | 5 sound/soc/fsl/fsl_sai.c | 14 sound/soc/intel/boards/Kconfig | 2 sound/soc/soc-dapm.c | 4 sound/soc/soc-ops.c | 26 sound/usb/mixer_quirks.c | 14 sound/usb/mixer_scarlett_gen2.c | 9 sound/usb/stream.c | 25 sound/usb/validate.c | 14 tools/bpf/bpftool/net.c | 15 tools/perf/tests/bp_account.c | 1 tools/power/cpupower/utils/idle_monitor/mperf_monitor.c | 4 tools/testing/ktest/ktest.pl | 5 tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc | 2 tools/testing/selftests/futex/include/futextest.h | 11 tools/testing/selftests/net/forwarding/tc_actions.sh | 72 ++ tools/testing/selftests/net/rtnetlink.sh | 6 365 files changed, 3516 insertions(+), 1487 deletions(-) Aaron Kling (1): ARM: tegra: Use I/O memcpy to write to IRAM Abdun Nihaal (1): staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() Al Viro (3): securityfs: don't pin dentries twice, once is enough... use uniform permission checks for all mount propagation changes alloc_fdtable(): change calling conventions. Alessandro Carminati (1): regulator: core: fix NULL dereference on unbind due to stale coupling data Alex Guo (2): media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar Alexander Kochetkov (1): ARM: rockchip: fix kernel hang during smp initialization Alok Tiwari (5): net: emaclite: Fix missing pointer increment in aligned_read() staging: nvec: Fix incorrect null termination of battery manufacturer ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 be2net: Use correct byte order and format string for TCP seq and ack_seq net: thunderx: Fix format-truncation warning in bgx_acpi_match_id() Amir Mohammad Jahangirzad (1): fs/orangefs: use snprintf() instead of sprintf() Ammar Faizi (1): net: usbnet: Fix the wrong netif_carrier_on() call Andreas Dilger (1): ext4: check fast symlink for ea_inode correctly Andrew Jeffery (2): soc: aspeed: lpc-snoop: Cleanup resources in stack-order soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Andrew Lunn (1): net: appletalk: fix kerneldoc warnings Andy Shevchenko (2): Documentation: ACPI: Fix parent device references mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery Annette Kobou (1): ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface Arnaud Lecomte (1): jfs: upper bound check of tree index in dbAllocAG Arnd Bergmann (4): ethernet: intel: fix building with large NR_CPUS ASoC: Intel: fix SND_SOC_SOF dependencies ASoC: ops: dynamically allocate struct snd_ctl_elem_value caif: reduce stack size, again Arun Raghavan (1): ASoC: fsl_sai: Force a software reset when starting in consumer mode Avraham Stern (1): wifi: iwlwifi: mvm: fix scan request validation Balamanikandan Gunasundar (1): mtd: rawnand: atmel: set pmecc data setup time Baokun Li (1): jbd2: prevent softlockup in jbd2_log_do_checkpoint() Bard Liao (1): soundwire: stream: restore params when prepare ports fail Bartosz Golaszewski (1): gpio: tps65912: check the return value of regmap_update_bits() Benjamin Tissoires (3): HID: core: ensure the allocated report buffer can contain the reserved report ID HID: core: ensure __hid_request reserves the report ID as the first byte HID: core: do not bypass hid_hw_raw_request Bjorn Andersson (1): soc: qcom: mdt_loader: Ensure we don't read past the ELF header Brahmajit Das (1): samples: mei: Fix building on musl libc Breno Leitao (3): ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path ipmi: Use dev_warn_ratelimited() for incorrect message warnings mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock Brian Masney (3): rtc: ds1307: fix incorrect maximum clock rate handling rtc: hym8563: fix incorrect maximum clock rate handling rtc: pcf8563: fix incorrect maximum clock rate handling Buday Csaba (1): net: phy: smsc: add proper reset flags for LAN8710A Budimir Markovic (1): vsock: Do not allow binding to VMADDR_PORT_ANY Bui Quang Minh (1): virtio-net: ensure the received length does not exceed allocated size Chao Yu (5): f2fs: fix to avoid UAF in f2fs_sync_inode_meta() f2fs: fix to avoid panic in f2fs_evict_inode f2fs: fix to avoid out-of-boundary access in devs.path f2fs: fix to do sanity check on ino and xnid f2fs: fix to avoid out-of-boundary access in dnode page Charles Han (1): power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set Cheick Traore (1): pinctrl: stm32: Manage irq affinity settings Chen Ni (1): iio: adc: stm32-adc: Fix race in installing chained IRQ handler Chenyuan Yang (1): fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref Clément Le Goffic (1): i2c: stm32: fix the device used for the DMA map Cong Wang (4): sch_drr: make drr_qlen_notify() idempotent sch_hfsc: make hfsc_qlen_notify() idempotent sch_qfq: make qfq_qlen_notify() idempotent codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() Corey Minyard (1): ipmi: Fix strcpy source and destination the same Cristian Ciocaltea (1): ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros Cynthia Huang (1): selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t Dai Ngo (1): NFSD: detect mismatch of file handle and delegation stateid in OPEN op Damien Le Moal (5): scsi: mpt3sas: Correctly handle ATA device errors ata: libata-scsi: Fix ata_to_sense_error() status handling PCI: endpoint: Fix configfs group list head handling PCI: endpoint: Fix configfs group removal on driver teardown ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig Dan Carpenter (7): dmaengine: nbpfaxi: Fix memory corruption in probe() watchdog: ziirave_wdt: check record length in ziirave_firm_verify() fs/orangefs: Allow 2 more characters in do_c_string() cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() media: gspca: Add bounds checking to firmware parser scsi: qla4xxx: Prevent a potential error pointer dereference ALSA: usb-audio: Fix size validation in convert_chmap_v3() Daniel Dadap (1): ALSA: hda: Add missing NVIDIA HDA codec IDs Daniil Dulov (1): wifi: rtl818x: Kill URBs before clearing tx status queue Dave Hansen (1): x86/fpu: Delay instruction pointer fixup until after warning Dave Stevenson (3): media: tc358743: Check I2C succeeded during probe media: tc358743: Return an appropriate colorspace from tc358743_set_fmt media: tc358743: Increase FIFO trigger level to 374 David Lechner (1): iio: proximity: isl29501: fix buffered read on big-endian systems Davide Caratti (2): net/sched: act_mirred: better wording on protection against excessive stack growth act_mirred: use the backlog for nested calls to mirred ingress Denis OSTERLAND-HEIM (1): pps: fix poll support Dinghao Liu (1): power: supply: bq24190_charger: Fix runtime PM imbalance on error Dmitry Antipov (1): Bluetooth: fix use-after-free in device_for_each_child() Dong Chenchen (1): net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Drew Hamilton (1): usb: musb: fix gadget state on disconnect Edson Juliano Drosdeck (1): mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models Edward Adam Davis (1): jfs: Regular file corruption check Eric Biggers (1): thunderbolt: Fix copy+paste error in match_service_id() Eric Dumazet (6): net_sched: sch_sfq: annotate data-races around q->perturb_period net_sched: sch_sfq: handle bigger packets net_sched: sch_sfq: reject invalid perturb period pptp: ensure minimal skb length in pptp_xmit() ipv6: reject malicious packets in ipv6_gso_segment() pptp: fix pptp_xmit() error path Fabio Estevam (2): iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] iio: adc: max1363: Reorder mode_list[] entries Fabio Porcedda (1): USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition Fedor Pchelkin (3): drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value netfilter: nf_tables: adjust lockdep assertions handling netlink: avoid infinite retry looping in netlink_unicast() Filipe Manana (1): btrfs: fix log tree replay failure due to file with 0 links and extents Finn Thain (2): m68k: Don't unregister boot console needlessly m68k: Fix lost column on framebuffer debug console Florian Westphal (2): netfilter: xt_nfacct: don't assume acct name is null-terminated netfilter: ctnetlink: fix refcount leak on table dump Frederic Barrat (2): pci/hotplug/pnv-php: Improve error msg on power state change failure pci/hotplug/pnv-php: Wrap warnings in macro Gal Pressman (1): net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs Gautham R. Shenoy (1): pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() Geoffrey D. Bennett (1): ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() Giovanni Cabiddu (1): crypto: qat - fix seq_file position update in adf_ring_next() Gokul Sivakumar (1): wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE Greg Kroah-Hartman (2): Revert "vmci: Prevent the dispatching of uninitialized payloads" Linux 5.4.297 Gui-Dong Han (1): media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() Hans Verkuil (1): media: v4l2-ctrls: always copy the controls on completion Hans Zhang (1): PCI: rockchip-host: Fix "Unexpected Completion" log message Haoxiang Li (2): media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Hari Kalavakunta (1): net: ncsi: Fix buffer overflow in fetching version id Harry Yoo (1): mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n He Zhe (1): mm/kmemleak: turn kmemleak_lock and object->lock to raw_spinlock_t Helge Deller (1): Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" Henry Martin (1): clk: davinci: Add NULL check in davinci_lpsc_clk_register() Herbert Xu (1): crypto: marvell/cesa - Fix engine load inaccuracy Hongyu Xie (1): xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS Hsin-Te Yuan (1): thermal: sysfs: Return ENODATA instead of EAGAIN for reads Ian Abbott (10): comedi: pcl812: Fix bit shift out of bounds comedi: aio_iiro_16: Fix bit shift out of bounds comedi: das16m1: Fix bit shift out of bounds comedi: das6402: Fix bit shift out of bounds comedi: Fix some signed shift left operations comedi: Fix use of uninitialized data in insn_rw_emulate_bits() comedi: comedi_test: Fix possible deletion of uninitialized timers comedi: fix race between polling and detaching comedi: Fix initialization of data for instructions that write to subdevice comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large Ilan Peer (1): wifi: cfg80211: Fix interface type validation Imre Deak (1): drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS Ivan Stepchenko (1): mtd: fix possible integer overflow in erase_xfer() Jack Xiao (1): drm/amdgpu: fix incorrect vm flags to map bo Jakub Kicinski (2): netpoll: prevent hanging NAPI when netcons gets enabled uapi: in6: restore visibility of most IPv6 socket options Jan Kara (2): isofs: Verify inode mode when loading from disk udf: Verify partition map count Jason Wang (1): vhost: fail early when __vhost_add_used() fails Jason Xing (1): ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc Jay Chen (1): usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command Jeff Layton (1): nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Jiasheng Jiang (2): iwlwifi: Add missing check for alloc_ordered_workqueue scsi: lpfc: Remove redundant assignment to avoid memory leak Jiaxun Yang (1): MIPS: mm: tlb-r4k: Uniquify TLB entries on init Jiayi Li (2): ACPI: processor: perflib: Fix initial _PPC limit application memstick: Fix deadlock by moving removing flag earlier Jiayuan Chen (1): bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls Jimmy Assarsson (2): can: kvaser_pciefd: Store device channel index can: kvaser_usb: Assign netdev.dev_port based on device channel index Jiri Pirko (1): selftests: forwarding: tc_actions.sh: add matchall mirror test Johan Hovold (6): net: gianfar: fix device leak when querying time stamp info net: dpaa: fix device leak when querying time stamp info usb: gadget: udc: renesas_usb3: fix device leak at unbind usb: dwc3: meson-g12a: fix device leaks at unbind USB: cdc-acm: do not log successful probe on later errors usb: musb: omap2430: fix device leak at unbind Johan Korsnes (1): arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX Johannes Berg (1): wifi: cfg80211: reject HTC bit for management frames John Ernberg (1): net: usbnet: Avoid potential RCU stall on LINK_CHANGE event John Garry (1): scsi: aacraid: Stop using PCI_IRQ_AFFINITY Jon Hunter (1): soc/tegra: pmc: Ensure power-domains are in a known state Jonas Rebmann (1): net: fec: allow disable coalescing Jorge Ramirez-Ortiz (2): media: venus: protect against spurious interrupts during probe media: venus: hfi: explicitly release IRQ during teardown Josef Bacik (1): nfs: fix UAF in direct writes Judith Mendez (1): mmc: sdhci_am654: Workaround for Errata i2312 Jun Li (1): usb: chipidea: udc: protect usb interrupt enable Justin Tee (1): scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure Kees Cook (2): arm64: Handle KCOV __init vs inline mismatches platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches Kito Xu (veritas501) (1): net: appletalk: Fix use-after-free in AARP proxy probe Krishna Kurapati (1): usb: dwc3: qcom: Don't leave BCR asserted Krzysztof Kozlowski (1): ARM: dts: vfxxx: Correctly use two tuples for timer address Kuen-Han Tsai (1): usb: dwc3: Ignore late xferNotReady event to prevent halt timeout Kuninori Morimoto (1): ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed Kuniyuki Iwashima (1): Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() Laurentiu Mihalcea (1): pwm: imx-tpm: Reset counter if CMOD is 0 Leo Yan (1): perf tests bp_account: Fix leaked file descriptor Li Zhong (1): ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value Lifeng Zheng (2): cpufreq: Init policy->rwsem before it may be possibly used cpufreq: Exit governor when failed to start old governor Lin.Cao (1): drm/sched: Remove optimization that causes hang when killing dependent jobs Lizhi Xu (2): vmci: Prevent the dispatching of uninitialized payloads jfs: truncate good inode pages when hard link is 0 Lorenzo Stoakes (3): mm: drop the assumption that VM_SHARED always implies writable mm: update memfd seal write check to include F_SEAL_WRITE mm: perform the mapping_map_writable() check after call_mmap() Lucas De Marchi (1): usb: early: xhci-dbc: Fix early_ioremap leak Lucy Thrun (1): ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control Ludwig Disterhof (1): media: usbtv: Lock resolution while streaming Luiz Augusto von Dentz (3): Bluetooth: SMP: If an unallowed command is received consider it a failure Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU Lukas Wunner (1): PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports Ma Ke (1): sunvdc: Balance device refcount in vdc_port_mpgroup_check Mael GUERIN (1): USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera Maor Gottlieb (1): RDMA/core: Rate limit GID cache warning messages Marek Szyprowski (1): zynq_fpga: use sgtable-based scatterlist wrappers Mario Limonciello (2): usb: xhci: Avoid showing warnings for dying controller usb: xhci: Avoid showing errors during surprise removal Mark Brown (1): ASoC: hdac_hdmi: Rate limit logging on connection and disconnection Martin Kaistra (1): wifi: rtl8xxxu: Fix RX skb size for aggregation disabled Masahiro Yamada (3): kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed() kconfig: gconf: fix potential memory leak in renderer_edited() kbuild: add $(CLANG_FLAGS) to KBUILD_CPPFLAGS Masami Hiramatsu (Google) (1): selftests: tracing: Use mutex_unlock for testing glob filter Mathias Nyman (4): usb: hub: fix detection of high tier USB3 devices behind suspended hubs usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm usb: hub: avoid warm port reset during USB3 disconnect usb: hub: Don't try to recover devices lost during warm reset. Maulik Shah (1): pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov Meagan Lloyd (2): rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 Mengbiao Xiong (1): crypto: ccp - Fix crash when rebind ccp device for ccp.ko Miao Li (1): usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive Miaohe Lin (1): mm/zsmalloc.c: convert to use kmem_cache_zalloc in cache_alloc_zspage() Michal Schmidt (1): benet: fix BUG when creating VFs Mina Almasry (1): netmem: fix skb_frag_address_safe with unreadable skbs Minghao Chi (1): power: supply: bq24190_charger: using pm_runtime_resume_and_get instead of pm_runtime_get_sync Minhong He (1): ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add Myrrh Periwinkle (2): vt: keyboard: Don't process Unicode characters in K_OFF mode vt: defkeymap: Map keycodes above 127 to K_HOLE Nathan Chancellor (8): phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in pep_sock_accept() memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS mips: Include KBUILD_CPPFLAGS in CHECKFLAGS invocation kbuild: Add CLANG_FLAGS to as-instr kbuild: Add KBUILD_CPPFLAGS to as-option invocation Nick Desaulniers (1): kbuild: Update assembler calls to use proper flags and language target Nilton Perim Neto (1): Input: xpad - set correct controller type for Acer NGR200 Octavian Purdila (3): net_sched: sch_sfq: don't allow 1 packet limit net_sched: sch_sfq: use a temporary work area for validating configuration net_sched: sch_sfq: move the limit validation Ojaswin Mujoo (2): ext4: fix fsmap end of range reporting with bigalloc ext4: fix reserved gdt blocks handling in fsmap Oliver Neukum (3): usb: net: sierra: check for no status endpoint usb: core: usb_submit_urb: downgrade type check cdc-acm: fix race between initial clearing halt and open Oscar Maes (1): net: ipv4: fix incorrect MTU in broadcast routes Ovidiu Panait (1): hwrng: mtk - handle devm_pm_runtime_enable errors Pagadala Yesu Anjaneyulu (1): wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect Pali Rohár (1): cifs: Fix calling CIFSFindFirst() for root path without msearch Paul Chaignon (1): bpf: Check flow_dissector ctx accesses are aligned Paul E. McKenney (1): rcu: Protect ->defer_qs_iw_pending from data race Paul Kocialkowski (1): clk: sunxi-ng: v3s: Fix de clock definition Pavel Begunkov (1): io_uring: don't use int for ABI Pavel Tikhomirov (1): move_mount: allow to add a mount into an existing group Peter Chen (3): usb: chipidea: udc: add new API ci_hdrc_gadget_connect usb: chipidea: introduce CI_HDRC_CONTROLLER_VBUS_EVENT glue layer use usb: chipidea: udc: fix sleeping function called from invalid context Peter Oberparleiter (2): s390/hypfs: Avoid unnecessary ioctl registration in debugfs s390/hypfs: Enable limited access during lockdown Petr Pavlu (1): module: Restore the moduleparam prefix length check Phillip Lougher (1): squashfs: fix memory leak in squashfs_fill_super Qu Wenruo (1): btrfs: populate otime when logging an inode item Quang Le (1): net/packet: fix a race in packet_set_ring() and packet_notifier() Rafael J. Wysocki (2): ACPI: processor: perflib: Move problematic pr->performance check PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() Rand Deeb (1): wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() Randy Dunlap (1): parisc: Makefile: fix a typo in palo.conf Ranjan Kumar (1): scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans Remi Pommarel (1): Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" Ricardo Ribalda (2): media: uvcvideo: Do not mark valid metadata as invalid media: venus: vdec: Clamp param smaller than 1fps and bigger than 240. Ricky Wu (1): misc: rtsx: usb: Ensure mmc child device is active when card is present Ryan Mann (NDI) (1): USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI Ryusuke Konishi (1): nilfs2: reject invalid file types when reading inodes Sabrina Dubroca (1): udp: also consider secpath when evaluating ipsec use for checksumming Sakari Ailus (1): media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() Sarah Newman (1): drbd: add missing kref_get in handle_write_conflicts Sasha Levin (1): fs: Prevent file descriptor table allocations exceeding INT_MAX Sebastian Ott (1): ACPI: processor: fix acpi_object initialization Sebastian Reichel (2): watchdog: dw_wdt: Fix default timeout usb: typec: fusb302: cache PD RX state Sergey Bashirov (4): pNFS: Fix stripe mapping in block/scsi layout pNFS: Fix disk addr range check in block/scsi layout pNFS: Handle RPC size limit for layoutcommits pNFS: Fix uninited ptr deref in block/scsi layout Shankari Anand (1): kconfig: nconf: Ensure null termination where strncpy is used Shiji Yang (1): MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free} Showrya M N (1): scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated Slark Xiao (2): USB: serial: option: add Foxconn T99W640 USB: serial: option: add Foxconn T99W709 Stanislav Fomichev (1): vrf: Drop existing dst reference in vrf_ip6_input_dst Stanislaw Gruszka (1): wifi: iwlegacy: Check rate_idx range after addition Stefan Metzmacher (1): smb: client: let recv_done() cleanup before notifying the callers. Steven Rostedt (3): ktest.pl: Prevent recursion of default variable options ftrace: Also allocate and copy hash for reading of filter files tracing: Add down_write(trace_event_sem) when adding trace event Su Hui (1): usb: xhci: print xhci->xhc_state when queue_command failed Suchit Karunakaran (1): kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c Sven Schnelle (2): s390/time: Use monotonic clock in get_cycles() s390/stp: Remove udelay from stp_sync_clock() Takashi Iwai (3): ALSA: usb-audio: Validate UAC3 power domain descriptors, too ALSA: usb-audio: Validate UAC3 cluster segment descriptors ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation Tao Xue (1): usb: gadget : fix use-after-free in composite_dev_cleanup() Tetsuo Handa (1): hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() Theodore Ts'o (1): ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr Thomas Fourier (15): pch_uart: Fix dma_sync_sg_for_device() nents value mmc: bcm2835: Fix dma_unmap_sg() nents value mwl8k: Add missing check after DMA map scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value scsi: mvsas: Fix dma_unmap_sg() nents value scsi: isci: Fix dma_unmap_sg() nents value crypto: img-hash - Fix dma_unmap_sg() nents value dmaengine: mv_xor: Fix missing check after DMA map and missing unmap dmaengine: nbpfaxi: Add missing check after DMA map mtd: rawnand: atmel: Fix dma_mapping_error() address et131x: Add missing check after DMA map net: ag71xx: Add missing check after DMA map (powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`. mtd: rawnand: fsmc: Add missing check after DMA map Thomas Gleixner (3): perf/core: Don't leak AUX buffer refcount on allocation failure perf/core: Exit early on perf_mmap() fail perf/core: Prevent VMA split of buffer mappings Thomas Weißschuh (1): MIPS: Don't crash in stack_top() for tasks without ABI or vDSO Thorsten Blum (1): usb: storage: realtek_cr: Use correct byte order for bcs->Residue Timothy Pearson (1): PCI: pnv_php: Work around switches with broken presence detection Timur Kristóf (2): drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs Trond Myklebust (5): NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() NFSv4: Fix nfs4_bitmap_copy_adjust() NFS: Fix up handling of outstanding layoutcommit in nfs_update_inode() NFS: Fix the setting of capabilities when automounting a new filesystem NFS: Fix up commit deadlocks Ulf Hansson (1): mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() Uwe Kleine-König (3): pwm: mediatek: Implement .apply() callback pwm: mediatek: Handle hardware enable and clock enable separately pwm: mediatek: Fix duty and period setting Vedang Nagar (1): media: venus: Add a check for packet size after reading from shared memory Viacheslav Dubeyko (4): hfs: fix slab-out-of-bounds in hfs_bnode_read() hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() hfs: fix not erasing deleted b-tree node issue Vlad Buslov (4): net: sched: extract common action counters update code into function net: sched: extract bstats update code into function net: sched: extract qstats update code into functions net: sched: don't expose action qstats to skb_tc_reinsert() Vladimir Zapolskiy (1): media: qcom: camss: cleanup media device allocated resource on error path Waiman Long (1): mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() Wang Liang (1): net: drop UFO packets in udp_rcv_segment() Weitao Wang (1): usb: xhci: Fix slot_id resource race conflict William Liu (4): net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree net/sched: Restrict conditions for adding duplicating netems to qdisc tree net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate Wolfram Sang (3): media: usb: hdpvr: disable zero-length read messages i3c: add missing include to internal header i3c: don't fail if GETHDRCAP is unsupported Xiang Mei (2): net/sched: sch_qfq: Fix race condition on qfq_aggregate net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class Xin Long (1): sctp: linearize cloned gso packets in sctp_rcv Xinxin Wan (1): ASoC: codecs: rt5640: Retry DEVICE_ID verification Xinyu Liu (1): usb: gadget: configfs: Fix OOB read on empty string write Xiu Jianfeng (1): wifi: iwlwifi: Fix memory leak in iwl_mvm_init() Xiumei Mu (1): selftests: rtnetlink.sh: remove esp4_offload after test Xu Yang (2): usb: chipidea: add USB PHY event usb: phy: mxs: disconnect line when USB charger is attached Xu Yilun (1): fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable() Yang Xiwen (1): i2c: qup: jump out of the loop in case of timeout Yangtao Li (1): hfsplus: remove mutex_lock check in hfsplus_free_extents Yann E. MORIN (1): kconfig: lxdialog: fix 'space' to (de)select options Yazen Ghannam (1): x86/mce/amd: Add default names for MCA banks and blocks Ye Bin (1): fs/buffer: fix use-after-free when call bh_read() helper Youngjun Lee (1): media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() Yuan Chen (2): bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure pinctrl: sunxi: Fix memory leak on krealloc failure Yun Lu (2): af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() af_packet: fix soft lockup issue caused by tpacket_snd() Yunhui Cui (1): serial: 8250: fix panic due to PSLVERR Yury Norov [NVIDIA] (1): RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() Zenm Chen (1): USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles Zhang Lixu (1): iio: hid-sensor-prox: Fix incorrect OFFSET calculation Zhang Shurong (1): media: ov2659: Fix memory leaks in ov2659_probe() Zhang Xiaoxu (1): cifs: Fix UAF in cifs_demultiplex_thread() Zheng Wang (1): power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition Zheng Yu (1): jfs: fix metapage reference count leak in dbAllocCtl chenchangcheng (1): media: uvcvideo: Fix bandwidth issue for Alcor camera jackysliu (1): scsi: bfa: Double-free fix tuhaowen (1): PM: sleep: console: Fix the black screen issue wenxu (1): net/sched: act_mirred: refactor the handle of xmit xin.guo (1): tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range Álvaro Fernández Rojas (3): net: dsa: b53: fix b53_imp_vlan_setup for BCM5325 net: dsa: b53: prevent SWITCH_CTRL access on BCM5325 net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325

2 weeks, 4 days

1
1
0 0

[PATCH v2] mm/mremap: fix regression in vrm->new_addr check

by Carlos Llamas

Commit 3215eaceca87 ("mm/mremap: refactor initial parameter sanity checks") moved the sanity check for vrm->new_addr from mremap_to() to check_mremap_params(). However, this caused a regression as vrm->new_addr is now checked even when MREMAP_FIXED and MREMAP_DONTUNMAP flags are not specified. In this case, vrm->new_addr can be garbage and create unexpected failures. Fix this by moving the new_addr check after the vrm_implies_new_addr() guard. This ensures that the new_addr is only checked when the user has specified one explicitly. Cc: stable(a)vger.kernel.org Fixes: 3215eaceca87 ("mm/mremap: refactor initial parameter sanity checks") Reviewed-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> Signed-off-by: Carlos Llamas <cmllamas(a)google.com> --- v2: - split out vrm->new_len into individual checks - cc stable, collect tags v1: https://lore.kernel.org/all/20250828032653.521314-1-cmllamas@google.com/ mm/mremap.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/mm/mremap.c b/mm/mremap.c index e618a706aff5..35de0a7b910e 100644 --- a/mm/mremap.c +++ b/mm/mremap.c @@ -1774,15 +1774,18 @@ static unsigned long check_mremap_params(struct vma_remap_struct *vrm) if (!vrm->new_len) return -EINVAL; - /* Is the new length or address silly? */ - if (vrm->new_len > TASK_SIZE || - vrm->new_addr > TASK_SIZE - vrm->new_len) + /* Is the new length silly? */ + if (vrm->new_len > TASK_SIZE) return -EINVAL; /* Remainder of checks are for cases with specific new_addr. */ if (!vrm_implies_new_addr(vrm)) return 0; + /* Is the new address silly? */ + if (vrm->new_addr > TASK_SIZE - vrm->new_len) + return -EINVAL; + /* The new address must be page-aligned. */ if (offset_in_page(vrm->new_addr)) return -EINVAL; -- 2.51.0.268.g9569e192d0-goog

2 weeks, 4 days

3
2
0 0

[PATCH 5.10 000/523] 5.10.241-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.10.241 release. There are 523 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 28 Aug 2025 11:08:19 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.241-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.10.241-rc1 Florian Westphal <fw(a)strlen.de> netfilter: nf_reject: don't leak dst refcount for loopback packets Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_reject_inet: allow to use reject from inet ingress Jose M. Guisado Gomez <guigom(a)riseup.net> netfilter: nft_reject: unify reject init and dump into nft_reject Peter Oberparleiter <oberpar(a)linux.ibm.com> s390/hypfs: Enable limited access during lockdown Peter Oberparleiter <oberpar(a)linux.ibm.com> s390/hypfs: Avoid unnecessary ioctl registration in debugfs Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation William Liu <will(a)willsroot.io> net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate William Liu <will(a)willsroot.io> net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit Jason Xing <kernelxing(a)tencent.com> ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc Minhong He <heminhong(a)kylinos.cn> ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add Dan Carpenter <dan.carpenter(a)linaro.org> ALSA: usb-audio: Fix size validation in convert_chmap_v3() Ido Schimmel <idosch(a)nvidia.com> mlxsw: spectrum: Forward packets with an IPv4 link-local source IP Kees Cook <kees(a)kernel.org> iommu/amd: Avoid stack buffer overflow from kernel cmdline Dan Carpenter <dan.carpenter(a)linaro.org> scsi: qla4xxx: Prevent a potential error pointer dereference Anantha Prabhu <anantha.prabhu(a)broadcom.com> RDMA/bnxt_re: Fix to initialize the PBL array Waiman Long <longman(a)redhat.com> cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key Feng Tang <feng.tang(a)intel.com> mm/page_alloc: detect allocation forbidden by cpuset and bail out early Jonathan Cameron <Jonathan.Cameron(a)huawei.com> iio: light: as73211: Ensure buffer holes are zeroed Pu Lehui <pulehui(a)huawei.com> tracing: Limit access to parser->buffer when trace_get_user failed Steven Rostedt <rostedt(a)goodmis.org> tracing: Remove unneeded goto out logic Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com> iio: imu: inv_icm42600: change invalid data error to -EBUSY Weitao Wang <WeitaoWang-oc(a)zhaoxin.com> usb: xhci: Fix slot_id resource race conflict Jan Beulich <jbeulich(a)suse.com> compiler: remove __ADDRESSABLE_ASM{_STR,}() again Ammar Faizi <ammarfaizi2(a)gnuweeb.org> net: usbnet: Fix the wrong netif_carrier_on() call Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: pm: check flush doesn't reset limits Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> gpio: rcar: Use raw_spinlock to protect register access Meng Li <Meng.Li(a)windriver.com> usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock Wesley Cheng <quic_wcheng(a)quicinc.com> usb: dwc3: Remove DWC3 locking during gadget suspend/resume Ming Lei <ming.lei(a)redhat.com> dm rq: don't queue request to blk-mq during DM suspend Damien Le Moal <damien.lemoal(a)wdc.com> dm: rearrange core declarations for extended use from dm-zone.c Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> uio_hv_generic: Fix another memory leak in error handling paths Ricardo Ribalda <ribalda(a)chromium.org> media: venus: vdec: Clamp param smaller than 1fps and bigger than 240. Chao Yu <chao(a)kernel.org> f2fs: fix to avoid out-of-boundary access in dnode page Vladimir Zapolskiy <vladimir.zapolskiy(a)linaro.org> media: qcom: camss: cleanup media device allocated resource on error path Imre Deak <imre.deak(a)intel.com> drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Don't overclock DCE 6 by 15% Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com> media: venus: protect against spurious interrupts during probe Dikshita Agarwal <quic_dikshita(a)quicinc.com> media: venus: Add support for SSR trigger using fault injection Jorge Ramirez-Ortiz <jorge.ramirez(a)oss.qualcomm.com> media: venus: hfi: explicitly release IRQ during teardown Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: venus: don't de-reference NULL pointers at IRQ time Sakari Ailus <sakari.ailus(a)linux.intel.com> media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: v4l2-ctrls: always copy the controls on completion Johan Hovold <johan+linaro(a)kernel.org> wifi: ath11k: fix dest ring-buffer corruption when ring is full Kefeng Wang <wangkefeng.wang(a)huawei.com> asm-generic: Add memory barrier dma_mb() Marco Elver <elver(a)google.com> locking/barriers, kcsan: Support generic instrumentation Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: mediatek: Fix duty and period setting Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: mediatek: Handle hardware enable and clock enable separately Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> pwm: mediatek: Implement .apply() callback Tzung-Bi Shih <tzungbi(a)kernel.org> platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() Tzung-Bi Shih <tzungbi(a)kernel.org> platform/chrome: cros_ec: remove unneeded label and if-condition Chen-Yu Tsai <wenst(a)chromium.org> platform/chrome: cros_ec: Use per-device lockdep key Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> platform/chrome: cros_ec: Make cros_ec_unregister() return void Zhang Yi <yi.zhang(a)huawei.com> ext4: fix hole length calculation overflow in non-extent inodes David Laight <David.Laight(a)ACULAB.COM> minmax: add umin(a, b) and umax(a, b) Li Zhong <floridsleeves(a)gmail.com> ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value Qu Wenruo <wqu(a)suse.com> btrfs: populate otime when logging an inode item Johan Hovold <johan(a)kernel.org> usb: musb: omap2430: fix device leak at unbind Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com> soc: qcom: mdt_loader: Ensure we don't read past the ELF header David Lechner <dlechner(a)baylibre.com> iio: adc: ad_sigma_delta: change to buffer predisable André Draszik <andre.draszik(a)linaro.org> scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE Damien Le Moal <dlemoal(a)kernel.org> ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig Anshuman Khandual <anshuman.khandual(a)arm.com> mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Davide Caratti <dcaratti(a)redhat.com> net/sched: ets: use old 'nbands' while purging unused classes Eric Dumazet <edumazet(a)google.com> net_sched: sch_ets: implement lockless ets_dump() Davide Caratti <dcaratti(a)redhat.com> net/sched: sch_ets: properly init all active DRR list handles Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix the setting of capabilities when automounting a new filesystem Anna Schumaker <Anna.Schumaker(a)Netapp.com> NFS: Create an nfs4_server_set_init_caps() function Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Fix nfs4_bitmap_copy_adjust() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Don't set NFS_INO_REVAL_PAGECACHE in the inode cache validity Ajish Koshy <Ajish.Koshy(a)microchip.com> scsi: pm80xx: Fix memory leak during rmmod James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix link down processing to address NULL pointer dereference Leon Romanovsky <leon(a)kernel.org> RDMA/rxe: Return CQE error if invalid lkey was supplied Guchun Chen <guchun.chen(a)amd.com> drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume Hyejeong Choi <hjeong.choi(a)samsung.com> dma-buf: insert memory barrier before updating num_fences Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> selftests/memfd: add test for mapping write-sealed memfd read-only Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: reinstate ability to map write-sealed memfd mappings read-only Lorenzo Stoakes <lstoakes(a)gmail.com> mm: update memfd seal write check to include F_SEAL_WRITE Lorenzo Stoakes <lstoakes(a)gmail.com> mm: drop the assumption that VM_SHARED always implies writable Ma Ke <make24(a)iscas.ac.cn> dpaa2-eth: Fix device reference count leak in MAC endpoint handling Ioana Ciornei <ioana.ciornei(a)nxp.com> dpaa2-eth: retry the probe when the MAC is not yet discovered on the bus Ioana Ciornei <ioana.ciornei(a)nxp.com> dpaa2-mac: export MAC counters even when in TYPE_FIXED Ioana Ciornei <ioana.ciornei(a)nxp.com> dpaa2-mac: split up initializing the MAC object from connecting to it Nathan Chancellor <nathan(a)kernel.org> ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS Filipe Manana <fdmanana(a)suse.com> btrfs: fix deadlock when cloning inline extents and using qgroups Ming Lei <ming.lei(a)redhat.com> block: don't call rq_qos_ops->done_bio if the bio isn't tracked Yang Yingliang <yangyingliang(a)huawei.com> ptp: Fix possible memory leak in ptp_clock_register() Ian Abbott <abbotti(a)mev.co.uk> comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large Oliver Neukum <oneukum(a)suse.com> cdc-acm: fix race between initial clearing halt and open Johan Hovold <johan(a)kernel.org> USB: cdc-acm: do not log successful probe on later errors Haiyang Zhang <haiyangz(a)microsoft.com> hv_netvsc: Fix panic during namespace deletion with VF Damien Le Moal <dlemoal(a)kernel.org> block: Make REQ_OP_ZONE_FINISH a write operation Lukas Wunner <lukas(a)wunner.de> PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports Sebastian Reichel <sebastian.reichel(a)collabora.com> usb: typec: fusb302: cache PD RX state John Ernberg <john.ernberg(a)actia.se> net: usbnet: Avoid potential RCU stall on LINK_CHANGE event Geoffrey D. Bennett <g(a)b4.vu> ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() Dave Hansen <dave.hansen(a)linux.intel.com> x86/fpu: Delay instruction pointer fixup until after warning Harry Yoo <harry.yoo(a)oracle.com> mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n Miaohe Lin <linmiaohe(a)huawei.com> mm/zsmalloc.c: convert to use kmem_cache_zalloc in cache_alloc_zspage() Lin.Cao <lincao12(a)amd.com> drm/sched: Remove optimization that causes hang when killing dependent jobs Haoxiang Li <haoxiang_li2024(a)163.com> ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Maulik Shah <maulik.shah(a)oss.qualcomm.com> pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov Steven Rostedt <rostedt(a)goodmis.org> tracing: Add down_write(trace_event_sem) when adding trace event Wang Zhaolong <wangzhaolong(a)huaweicloud.com> smb: client: fix use-after-free in crypt_message when using async crypto Mathias Nyman <mathias.nyman(a)linux.intel.com> usb: hub: Don't try to recover devices lost during warm reset. Mathias Nyman <mathias.nyman(a)linux.intel.com> usb: hub: avoid warm port reset during USB3 disconnect Yazen Ghannam <yazen.ghannam(a)amd.com> x86/mce/amd: Add default names for MCA banks and blocks Zhang Lixu <lixu.zhang(a)intel.com> iio: hid-sensor-prox: Fix incorrect OFFSET calculation Chao Yu <chao(a)kernel.org> f2fs: fix to do sanity check on ino and xnid Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> kbuild: userprogs: use correct linker when mixing clang and GNU ld Kuen-Han Tsai <khtsai(a)google.com> usb: dwc3: Ignore late xferNotReady event to prevent halt timeout Zenm Chen <zenmchen(a)gmail.com> USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles Thorsten Blum <thorsten.blum(a)linux.dev> usb: storage: realtek_cr: Use correct byte order for bcs->Residue Mael GUERIN <mael.guerin(a)murena.io> USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera Marek Vasut <marek.vasut+renesas(a)mailbox.org> usb: renesas-xhci: Fix External ROM access timeouts Miao Li <limiao(a)kylinos.cn> usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive Miaoqian Lin <linmq006(a)gmail.com> most: core: Drop device reference after usage in get_channel() David Lechner <dlechner(a)baylibre.com> iio: proximity: isl29501: fix buffered read on big-endian systems Salah Triki <salah.triki(a)gmail.com> iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() Steven Rostedt <rostedt(a)goodmis.org> ftrace: Also allocate and copy hash for reading of filter files Xu Yilun <yilun.xu(a)linux.intel.com> fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable() Al Viro <viro(a)zeniv.linux.org.uk> use uniform permission checks for all mount propagation changes Pavel Tikhomirov <ptikhomirov(a)virtuozzo.com> move_mount: allow to add a mount into an existing group Ye Bin <yebin10(a)huawei.com> fs/buffer: fix use-after-free when call bh_read() helper Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: connect: also cover alt modes Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Fix DP audio DTO1 clock source on DCE 6. Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 Evgeniy Harchenko <evgeniyharchenko.dev(a)gmail.com> ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 Phillip Lougher <phillip(a)squashfs.org.uk> squashfs: fix memory leak in squashfs_fill_super Victor Shih <victor.shih(a)genesyslogic.com.tw> mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency Jiayi Li <lijiayi(a)kylinos.cn> memstick: Fix deadlock by moving removing flag earlier Cong Wang <xiyou.wangcong(a)gmail.com> sch_htb: make htb_deactivate() idempotent Cong Wang <xiyou.wangcong(a)gmail.com> codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() Cong Wang <xiyou.wangcong(a)gmail.com> sch_qfq: make qfq_qlen_notify() idempotent Cong Wang <xiyou.wangcong(a)gmail.com> sch_hfsc: make hfsc_qlen_notify() idempotent Cong Wang <xiyou.wangcong(a)gmail.com> sch_drr: make drr_qlen_notify() idempotent Cong Wang <xiyou.wangcong(a)gmail.com> sch_htb: make htb_qlen_notify() idempotent Jakub Acs <acsjakub(a)amazon.de> net, hsr: reject HSR frame if skb can't hold tag Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Restore cached power limit during resume Vedang Nagar <quic_vnagar(a)quicinc.com> media: venus: Add a check for packet size after reading from shared memory Zhang Shurong <zhang_shurong(a)foxmail.com> media: ov2659: Fix memory leaks in ov2659_probe() Gui-Dong Han <hanguidong02(a)gmail.com> media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() Ludwig Disterhof <ludwig(a)disterhof.eu> media: usbtv: Lock resolution while streaming Haoxiang Li <haoxiang_li2024(a)163.com> media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() Bingbu Cao <bingbu.cao(a)intel.com> media: hi556: correct the test pattern configuration Dan Carpenter <dan.carpenter(a)linaro.org> media: gspca: Add bounds checking to firmware parser Jon Hunter <jonathanh(a)nvidia.com> soc/tegra: pmc: Ensure power-domains are in a known state Baokun Li <libaokun1(a)huawei.com> jbd2: prevent softlockup in jbd2_log_do_checkpoint() Damien Le Moal <dlemoal(a)kernel.org> PCI: endpoint: Fix configfs group removal on driver teardown Damien Le Moal <dlemoal(a)kernel.org> PCI: endpoint: Fix configfs group list head handling Thomas Fourier <fourier.thomas(a)gmail.com> mtd: rawnand: fsmc: Add missing check after DMA map Tim Harvey <tharvey(a)gateworks.com> hwmon: (gsc-hwmon) fix fan pwm setpoint show functions Laurentiu Mihalcea <laurentiu.mihalcea(a)nxp.com> pwm: imx-tpm: Reset counter if CMOD is 0 Johan Hovold <johan+linaro(a)kernel.org> wifi: ath11k: fix source ring-buffer corruption Nathan Chancellor <nathan(a)kernel.org> wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() Marek Szyprowski <m.szyprowski(a)samsung.com> zynq_fpga: use sgtable-based scatterlist wrappers Damien Le Moal <dlemoal(a)kernel.org> ata: libata-scsi: Fix ata_to_sense_error() status handling Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: fix reserved gdt blocks handling in fsmap Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: fix fsmap end of range reporting with bigalloc Andreas Dilger <adilger(a)dilger.ca> ext4: check fast symlink for ea_inode correctly Helge Deller <deller(a)gmx.de> Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" Eric Biggers <ebiggers(a)kernel.org> lib/crypto: mips/chacha: Fix clang build and remove unneeded byteswap Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz> vt: defkeymap: Map keycodes above 127 to K_HOLE Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz> vt: keyboard: Don't process Unicode characters in K_OFF mode Alexander Wilhelm <alexander.wilhelm(a)westermo.com> bus: mhi: host: Fix endianness of BHI vector table Johan Hovold <johan(a)kernel.org> usb: dwc3: meson-g12a: fix device leaks at unbind Johan Hovold <johan(a)kernel.org> usb: gadget: udc: renesas_usb3: fix device leak at unbind Nathan Chancellor <nathan(a)kernel.org> usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() Finn Thain <fthain(a)linux-m68k.org> m68k: Fix lost column on framebuffer debug console Dan Carpenter <dan.carpenter(a)linaro.org> cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() Yunhui Cui <cuiyunhui(a)bytedance.com> serial: 8250: fix panic due to PSLVERR Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Do not mark valid metadata as invalid Youngjun Lee <yjjuny.lee(a)samsung.com> media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() Breno Leitao <leitao(a)debian.org> mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock Waiman Long <longman(a)redhat.com> mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() Randy Dunlap <rdunlap(a)infradead.org> parisc: Makefile: fix a typo in palo.conf Filipe Manana <fdmanana(a)suse.com> btrfs: fix log tree replay failure due to file with 0 links and extents Eric Biggers <ebiggers(a)kernel.org> thunderbolt: Fix copy+paste error in match_service_id() Ian Abbott <abbotti(a)mev.co.uk> comedi: fix race between polling and detaching Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz> usb: typec: ucsi: Update power_supply on power role change Ricky Wu <ricky_wu(a)realtek.com> misc: rtsx: usb: Ensure mmc child device is active when card is present Xinyu Liu <katieeliu(a)tencent.com> usb: core: config: Prevent OOB read in SS endpoint companion parsing Jack Xiao <Jack.Xiao(a)amd.com> drm/amdgpu: fix incorrect vm flags to map bo Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: fsl_sai: replace regmap_write with regmap_update_bits Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: soc-dai.c: add missing flag check at snd_soc_pcm_dai_probe() Jiasheng Jiang <jiashengjiangcool(a)gmail.com> scsi: lpfc: Remove redundant assignment to avoid memory leak Meagan Lloyd <meaganlloyd(a)linux.microsoft.com> rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe Sergey Bashirov <sergeybashirov(a)gmail.com> pNFS: Fix uninited ptr deref in block/scsi layout Sergey Bashirov <sergeybashirov(a)gmail.com> pNFS: Handle RPC size limit for layoutcommits Sergey Bashirov <sergeybashirov(a)gmail.com> pNFS: Fix disk addr range check in block/scsi layout Sergey Bashirov <sergeybashirov(a)gmail.com> pNFS: Fix stripe mapping in block/scsi layout John Garry <john.g.garry(a)oracle.com> block: avoid possible overflow for chunk_sectors check in blk_stack_limits() Buday Csaba <buday.csaba(a)prolan.hu> net: phy: smsc: add proper reset flags for LAN8710A Corey Minyard <corey(a)minyard.net> ipmi: Fix strcpy source and destination the same Yann E. MORIN <yann.morin.1998(a)free.fr> kconfig: lxdialog: fix 'space' to (de)select options Masahiro Yamada <masahiroy(a)kernel.org> kconfig: gconf: fix potential memory leak in renderer_edited() Masahiro Yamada <masahiroy(a)kernel.org> kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed() Breno Leitao <leitao(a)debian.org> ipmi: Use dev_warn_ratelimited() for incorrect message warnings John Garry <john.g.garry(a)oracle.com> scsi: aacraid: Stop using PCI_IRQ_AFFINITY Ranjan Kumar <ranjan.kumar(a)broadcom.com> scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans Shankari Anand <shankari.ak0208(a)gmail.com> kconfig: nconf: Ensure null termination where strncpy is used Suchit Karunakaran <suchitkarunakaran(a)gmail.com> kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c fangzhong.zhou <myth5(a)myth5.com> i2c: Force DLL0945 touchpad i2c freq to 100khz Mikulas Patocka <mpatocka(a)redhat.com> dm-mpath: don't print the "loaded" message if registering fails Wolfram Sang <wsa+renesas(a)sang-engineering.com> i3c: don't fail if GETHDRCAP is unsupported Meagan Lloyd <meaganlloyd(a)linux.microsoft.com> rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 Wolfram Sang <wsa+renesas(a)sang-engineering.com> i3c: add missing include to internal header Purva Yeshi <purvayeshi550(a)gmail.com> md: dm-zoned-target: Initialize return variable r to avoid uninitialized use chenchangcheng <chenchangcheng(a)kylinos.cn> media: uvcvideo: Fix bandwidth issue for Alcor camera Alex Guo <alexguo1023(a)gmail.com> media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar Alex Guo <alexguo1023(a)gmail.com> media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() Wolfram Sang <wsa+renesas(a)sang-engineering.com> media: usb: hdpvr: disable zero-length read messages Dave Stevenson <dave.stevenson(a)raspberrypi.com> media: tc358743: Increase FIFO trigger level to 374 Dave Stevenson <dave.stevenson(a)raspberrypi.com> media: tc358743: Return an appropriate colorspace from tc358743_set_fmt Dave Stevenson <dave.stevenson(a)raspberrypi.com> media: tc358743: Check I2C succeeded during probe Cheick Traore <cheick.traore(a)foss.st.com> pinctrl: stm32: Manage irq affinity settings Damien Le Moal <dlemoal(a)kernel.org> scsi: mpt3sas: Correctly handle ATA device errors Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure Arnd Bergmann <arnd(a)arndb.de> RDMA/core: reduce stack using in nldev_stat_get_doit() Yury Norov [NVIDIA] <yury.norov(a)gmail.com> RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() Johan Adolfsson <johan.adolfsson(a)axis.com> leds: leds-lp50xx: Handle reg to get correct multi_index Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> MIPS: Don't crash in stack_top() for tasks without ABI or vDSO Arnaud Lecomte <contact(a)arnaud-lcm.com> jfs: upper bound check of tree index in dbAllocAG Edward Adam Davis <eadavis(a)qq.com> jfs: Regular file corruption check Lizhi Xu <lizhi.xu(a)windriver.com> jfs: truncate good inode pages when hard link is 0 jackysliu <1972843537(a)qq.com> scsi: bfa: Double-free fix Shiji Yang <yangshiji66(a)outlook.com> MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free} Sebastian Reichel <sebastian.reichel(a)collabora.com> watchdog: dw_wdt: Fix default timeout Amir Mohammad Jahangirzad <a.jahangirzad(a)gmail.com> fs/orangefs: use snprintf() instead of sprintf() Showrya M N <showrya(a)chelsio.com> scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated Theodore Ts'o <tytso(a)mit.edu> ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr Pali Rohár <pali(a)kernel.org> cifs: Fix calling CIFSFindFirst() for root path without msearch Jason Wang <jasowang(a)redhat.com> vhost: fail early when __vhost_add_used() fails Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325 Jakub Kicinski <kuba(a)kernel.org> uapi: in6: restore visibility of most IPv6 socket options Emily Deng <Emily.Deng(a)amd.com> drm/ttm: Should to return the evict error Hari Kalavakunta <kalavakunta.hari.prasad(a)gmail.com> net: ncsi: Fix buffer overflow in fetching version id Thomas Fourier <fourier.thomas(a)gmail.com> wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: prevent SWITCH_CTRL access on BCM5325 Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325 Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: fix b53_imp_vlan_setup for BCM5325 Alok Tiwari <alok.a.tiwari(a)oracle.com> gve: Return error for unknown admin queue command Gal Pressman <gal(a)nvidia.com> net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs Stanislaw Gruszka <stf_xl(a)wp.pl> wifi: iwlegacy: Check rate_idx range after addition Mina Almasry <almasrymina(a)google.com> netmem: fix skb_frag_address_safe with unreadable skbs Thomas Fourier <fourier.thomas(a)gmail.com> wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`. Wen Chen <Wen.Chen3(a)amd.com> drm/amd/display: Fix 'failed to blank crtc!' Pagadala Yesu Anjaneyulu <pagadala.yesu.anjaneyulu(a)intel.com> wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect Rand Deeb <rand.sec96(a)gmail.com> wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() Ilya Bakoulin <Ilya.Bakoulin(a)amd.com> drm/amd/display: Separate set_gsl from set_gsl_source_select Jonas Rebmann <jre(a)pengutronix.de> net: fec: allow disable coalescing Thomas Fourier <fourier.thomas(a)gmail.com> (powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer Sven Schnelle <svens(a)linux.ibm.com> s390/stp: Remove udelay from stp_sync_clock() Avraham Stern <avraham.stern(a)intel.com> wifi: iwlwifi: mvm: fix scan request validation Alok Tiwari <alok.a.tiwari(a)oracle.com> net: thunderx: Fix format-truncation warning in bgx_acpi_match_id() Oscar Maes <oscmaes92(a)gmail.com> net: ipv4: fix incorrect MTU in broadcast routes Ilan Peer <ilan.peer(a)intel.com> wifi: cfg80211: Fix interface type validation Paul E. McKenney <paulmck(a)kernel.org> rcu: Protect ->defer_qs_iw_pending from data race Thomas Fourier <fourier.thomas(a)gmail.com> net: ag71xx: Add missing check after DMA map Thomas Fourier <fourier.thomas(a)gmail.com> et131x: Add missing check after DMA map Alok Tiwari <alok.a.tiwari(a)oracle.com> be2net: Use correct byte order and format string for TCP seq and ack_seq Sven Schnelle <svens(a)linux.ibm.com> s390/time: Use monotonic clock in get_cycles() Johannes Berg <johannes.berg(a)intel.com> wifi: cfg80211: reject HTC bit for management frames Steven Rostedt <rostedt(a)goodmis.org> ktest.pl: Prevent recursion of default variable options Anthoine Bourgeois <anthoine.bourgeois(a)vates.tech> xen/netfront: Fix TX response spurious interrupts Xinxin Wan <xinxin.wan(a)intel.com> ASoC: codecs: rt5640: Retry DEVICE_ID verification Jonathan Santos <Jonathan.Santos(a)analog.com> iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros Christophe Leroy <christophe.leroy(a)csgroup.eu> ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop Lucy Thrun <lucy.thrun(a)digital-rabbithole.de> ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control Tomasz Michalec <tmichalec(a)google.com> platform/chrome: cros_ec_typec: Defer probe on missing EC parent Kees Cook <kees(a)kernel.org> platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches Gautham R. Shenoy <gautham.shenoy(a)amd.com> pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() Oliver Neukum <oneukum(a)suse.com> usb: core: usb_submit_urb: downgrade type check Tomasz Michalec <tmichalec(a)google.com> usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present Peter Ujfalusi <peter.ujfalusi(a)linux.intel.com> ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() Alok Tiwari <alok.a.tiwari(a)oracle.com> ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 Mark Brown <broonie(a)kernel.org> ASoC: hdac_hdmi: Rate limit logging on connection and disconnection Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/bugs: Avoid warning when overriding return thunk Ulf Hansson <ulf.hansson(a)linaro.org> mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() Peter Robinson <pbrobinson(a)gmail.com> reset: brcmstb: Enable reset drivers for ARCH_BCM2835 Breno Leitao <leitao(a)debian.org> ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path Sarthak Garg <quic_sartgarg(a)quicinc.com> mmc: sdhci-msm: Ensure SD card power isn't ON when card removed Sebastian Ott <sebott(a)redhat.com> ACPI: processor: fix acpi_object initialization tuhaowen <tuhaowen(a)uniontech.com> PM: sleep: console: Fix the black screen issue Hsin-Te Yuan <yuanhsinte(a)chromium.org> thermal: sysfs: Return ENODATA instead of EAGAIN for reads Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() Masami Hiramatsu (Google) <mhiramat(a)kernel.org> selftests: tracing: Use mutex_unlock for testing glob filter Aaron Kling <webgeek1234(a)gmail.com> ARM: tegra: Use I/O memcpy to write to IRAM Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpio: tps65912: check the return value of regmap_update_bits() Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed Lifeng Zheng <zhenglifeng1(a)huawei.com> PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() Alexander Kochetkov <al.kochet(a)gmail.com> ARM: rockchip: fix kernel hang during smp initialization Lifeng Zheng <zhenglifeng1(a)huawei.com> cpufreq: Exit governor when failed to start old governor Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpio: wcd934x: check the return value of regmap_update_bits() Mario Limonciello <mario.limonciello(a)amd.com> usb: xhci: Avoid showing errors during surprise removal Jay Chen <shawn2000100(a)gmail.com> usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command Mario Limonciello <mario.limonciello(a)amd.com> usb: xhci: Avoid showing warnings for dying controller Benson Leung <bleung(a)chromium.org> usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default Cynthia Huang <cynthia(a)andestech.com> selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t Prashant Malani <pmalani(a)google.com> cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag Su Hui <suhui(a)nfschina.com> usb: xhci: print xhci->xhc_state when queue_command failed Al Viro <viro(a)zeniv.linux.org.uk> securityfs: don't pin dentries twice, once is enough... Damien Le Moal <dlemoal(a)kernel.org> ata: libata-sata: Disallow changing LPM state if not supported Al Viro <viro(a)zeniv.linux.org.uk> better lockdep annotations for simple_recursive_removal() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix not erasing deleted b-tree node issue Sarah Newman <srn(a)prgmr.com> drbd: add missing kref_get in handle_write_conflicts Jan Kara <jack(a)suse.cz> udf: Verify partition map count Kees Cook <kees(a)kernel.org> arm64: Handle KCOV __init vs inline mismatches Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix slab-out-of-bounds in hfs_bnode_read() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpuidle: governors: menu: Avoid using invalid recent intervals data Len Brown <len.brown(a)intel.com> intel_idle: Allow loading ACPI tables for any family Xin Long <lucien.xin(a)gmail.com> sctp: linearize cloned gso packets in sctp_rcv Florian Westphal <fw(a)strlen.de> netfilter: ctnetlink: fix refcount leak on table dump Sabrina Dubroca <sd(a)queasysnail.net> udp: also consider secpath when evaluating ipsec use for checksumming Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI: processor: perflib: Move problematic pr->performance check Jiayi Li <lijiayi(a)kylinos.cn> ACPI: processor: perflib: Fix initial _PPC limit application Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Documentation: ACPI: Fix parent device references Sasha Levin <sashal(a)kernel.org> fs: Prevent file descriptor table allocations exceeding INT_MAX Ma Ke <make24(a)iscas.ac.cn> sunvdc: Balance device refcount in vdc_port_mpgroup_check Dai Ngo <dai.ngo(a)oracle.com> NFSD: detect mismatch of file handle and delegation stateid in OPEN op Jeff Layton <jlayton(a)kernel.org> nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Johan Hovold <johan(a)kernel.org> net: dpaa: fix device leak when querying time stamp info Johan Hovold <johan(a)kernel.org> net: gianfar: fix device leak when querying time stamp info Fedor Pchelkin <pchelkin(a)ispras.ru> netlink: avoid infinite retry looping in netlink_unicast() Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Validate UAC3 cluster segment descriptors Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Validate UAC3 power domain descriptors, too Pavel Begunkov <asml.silence(a)gmail.com> io_uring: don't use int for ABI Tao Xue <xuetao09(a)huawei.com> usb: gadget : fix use-after-free in composite_dev_cleanup() Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery Jiaxun Yang <jiaxun.yang(a)flygoat.com> MIPS: mm: tlb-r4k: Uniquify TLB entries on init Slark Xiao <slark_xiao(a)163.com> USB: serial: option: add Foxconn T99W709 Budimir Markovic <markovicbudimir(a)gmail.com> vsock: Do not allow binding to VMADDR_PORT_ANY Quang Le <quanglex97(a)gmail.com> net/packet: fix a race in packet_set_ring() and packet_notifier() Thomas Gleixner <tglx(a)linutronix.de> perf/core: Prevent VMA split of buffer mappings Thomas Gleixner <tglx(a)linutronix.de> perf/core: Exit early on perf_mmap() fail Thomas Gleixner <tglx(a)linutronix.de> perf/core: Don't leak AUX buffer refcount on allocation failure Eric Dumazet <edumazet(a)google.com> pptp: fix pptp_xmit() error path Stefan Metzmacher <metze(a)samba.org> smb: client: let recv_done() cleanup before notifying the callers. Takashi Iwai <tiwai(a)suse.de> ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() Michal Schmidt <mschmidt(a)redhat.com> benet: fix BUG when creating VFs Wang Liang <wangliang74(a)huawei.com> net: drop UFO packets in udp_rcv_segment() Eric Dumazet <edumazet(a)google.com> ipv6: reject malicious packets in ipv6_gso_segment() Eric Dumazet <edumazet(a)google.com> pptp: ensure minimal skb length in pptp_xmit() Horatiu Vultur <horatiu.vultur(a)microchip.com> phy: mscc: Fix parsing of unicast frames Jakub Kicinski <kuba(a)kernel.org> netpoll: prevent hanging NAPI when netcons gets enabled Benjamin Coddington <bcodding(a)redhat.com> NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY Matthew Wilcox (Oracle) <willy(a)infradead.org> XArray: Add calls to might_alloc() Daniel Vetter <daniel.vetter(a)ffwll.ch> mm: extract might_alloc() debug check Olga Kornievskaia <okorniev(a)redhat.com> NFSv4.2: another fix for listxattr Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() Tigran Mkrtchyan <tigran.mkrtchyan(a)desy.de> pNFS/flexfiles: don't attempt pnfs on fatal DS errors Trond Myklebust <trond.myklebust(a)hammerspace.com> pNFS/flexfiles: Avoid spurious layout returns in ff_layout_choose_ds_for_read Timothy Pearson <tpearson(a)raptorengineering.com> PCI: pnv_php: Fix surprise plug detection and recovery Timothy Pearson <tpearson(a)raptorengineering.com> powerpc/eeh: Make EEH driver device hotplug safe Maciej W. Rozycki <macro(a)orcam.me.uk> powerpc/eeh: Rely on dev->link_active_reporting Timothy Pearson <tpearson(a)raptorengineering.com> powerpc/eeh: Export eeh_unfreeze_pe() Timothy Pearson <tpearson(a)raptorengineering.com> PCI: pnv_php: Work around switches with broken presence detection Timothy Pearson <tpearson(a)raptorengineering.com> PCI: pnv_php: Clean up allocated IRQs on unplug Masahiro Yamada <masahiroy(a)kernel.org> kconfig: qconf: fix ConfigList::updateListAllforAll() Seunghui Lee <sh043.lee(a)samsung.com> scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume Chao Yu <chao(a)kernel.org> f2fs: fix to avoid out-of-boundary access in devs.path Chao Yu <chao(a)kernel.org> f2fs: fix to avoid panic in f2fs_evict_inode Chao Yu <chao(a)kernel.org> f2fs: fix to avoid UAF in f2fs_sync_inode_meta() Chao Yu <chao(a)kernel.org> f2fs: doc: fix wrong quota mount option description Brian Masney <bmasney(a)redhat.com> rtc: rv3028: fix incorrect maximum clock rate handling Brian Masney <bmasney(a)redhat.com> rtc: pcf8563: fix incorrect maximum clock rate handling Brian Masney <bmasney(a)redhat.com> rtc: pcf85063: fix incorrect maximum clock rate handling Brian Masney <bmasney(a)redhat.com> rtc: hym8563: fix incorrect maximum clock rate handling Brian Masney <bmasney(a)redhat.com> rtc: ds1307: fix incorrect maximum clock rate handling Petr Pavlu <petr.pavlu(a)suse.com> module: Restore the moduleparam prefix length check Ryan Lee <ryan.lee(a)canonical.com> apparmor: ensure WB_HISTORY_SIZE value is a power of 2 Paul Chaignon <paul.chaignon(a)gmail.com> bpf: Check flow_dissector ctx accesses are aligned Mike Christie <michael.christie(a)oracle.com> vhost-scsi: Fix log flooding with target does not exist errors Balamanikandan Gunasundar <balamanikandan.gunasundar(a)microchip.com> mtd: rawnand: atmel: set pmecc data setup time Thomas Fourier <fourier.thomas(a)gmail.com> mtd: rawnand: atmel: Fix dma_mapping_error() address Zheng Yu <zheng.yu(a)northwestern.edu> jfs: fix metapage reference count leak in dbAllocCtl Chenyuan Yang <chenyuan0y(a)gmail.com> fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref Giovanni Cabiddu <giovanni.cabiddu(a)intel.com> crypto: qat - fix seq_file position update in adf_ring_next() Ben Hutchings <benh(a)debian.org> sh: Do not use hyphen in exported variable name Thomas Fourier <fourier.thomas(a)gmail.com> dmaengine: nbpfaxi: Add missing check after DMA map Thomas Fourier <fourier.thomas(a)gmail.com> dmaengine: mv_xor: Fix missing check after DMA map and missing unmap Dan Carpenter <dan.carpenter(a)linaro.org> fs/orangefs: Allow 2 more characters in do_c_string() Bard Liao <yung-chuan.liao(a)linux.intel.com> soundwire: stream: restore params when prepare ports fail Thomas Fourier <fourier.thomas(a)gmail.com> crypto: img-hash - Fix dma_unmap_sg() nents value Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> hwrng: mtk - handle devm_pm_runtime_enable errors Dan Carpenter <dan.carpenter(a)linaro.org> watchdog: ziirave_wdt: check record length in ziirave_firm_verify() Thomas Fourier <fourier.thomas(a)gmail.com> scsi: isci: Fix dma_unmap_sg() nents value Thomas Fourier <fourier.thomas(a)gmail.com> scsi: mvsas: Fix dma_unmap_sg() nents value Thomas Fourier <fourier.thomas(a)gmail.com> scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value Paul Kocialkowski <paulk(a)sys-base.io> clk: sunxi-ng: v3s: Fix de clock definition Leo Yan <leo.yan(a)arm.com> perf tests bp_account: Fix leaked file descriptor Mengbiao Xiong <xisme1998(a)gmail.com> crypto: ccp - Fix crash when rebind ccp device for ccp.ko Thomas Fourier <fourier.thomas(a)gmail.com> crypto: inside-secure - Fix `dma_unmap_sg()` nents value Yuan Chen <chenyuan(a)kylinos.cn> pinctrl: sunxi: Fix memory leak on krealloc failure Charles Han <hanchunchao(a)inspur.com> power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set Henry Martin <bsdhenrymartin(a)gmail.com> clk: davinci: Add NULL check in davinci_lpsc_clk_register() Ivan Stepchenko <sid(a)itb.spb.ru> mtd: fix possible integer overflow in erase_xfer() Herbert Xu <herbert(a)gondor.apana.org.au> crypto: marvell/cesa - Fix engine load inaccuracy Hans Zhang <18255117159(a)163.com> PCI: rockchip-host: Fix "Unexpected Completion" log message Stanislav Fomichev <sdf(a)fomichev.me> vrf: Drop existing dst reference in vrf_ip6_input_dst Xiumei Mu <xmu(a)redhat.com> selftests: rtnetlink.sh: remove esp4_offload after test Florian Westphal <fw(a)strlen.de> netfilter: xt_nfacct: don't assume acct name is null-terminated Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_usb: Assign netdev.dev_port based on device channel index Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_pciefd: Store device channel index Gokul Sivakumar <gokulkumar.sivakumar(a)infineon.com> wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE Remi Pommarel <repk(a)triplefau.lt> Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" Remi Pommarel <repk(a)triplefau.lt> wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() Thomas Fourier <fourier.thomas(a)gmail.com> mwl8k: Add missing check after DMA map Martin Kaistra <martin.kaistra(a)linutronix.de> wifi: rtl8xxxu: Fix RX skb size for aggregation disabled Juergen Gross <jgross(a)suse.com> xen/gntdev: remove struct gntdev_copy_batch from stack Eric Dumazet <edumazet(a)google.com> net_sched: act_ctinfo: use atomic64_t for three counters William Liu <will(a)willsroot.io> net/sched: Restrict conditions for adding duplicating netems to qdisc tree Johan Korsnes <johan.korsnes(a)gmail.com> arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX Fedor Pchelkin <pchelkin(a)ispras.ru> netfilter: nf_tables: adjust lockdep assertions handling Fedor Pchelkin <pchelkin(a)ispras.ru> drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value Finn Thain <fthain(a)linux-m68k.org> m68k: Don't unregister boot console needlessly xin.guo <guoxin0309(a)gmail.com> tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range Sergey Senozhatsky <senozhatsky(a)chromium.org> wifi: ath11k: clear initialized flag for deinit-ed srng lists Jiasheng Jiang <jiasheng(a)iscas.ac.cn> iwlwifi: Add missing check for alloc_ordered_workqueue Xiu Jianfeng <xiujianfeng(a)huawei.com> wifi: iwlwifi: Fix memory leak in iwl_mvm_init() Daniil Dulov <d.dulov(a)aladdin.ru> wifi: rtl818x: Kill URBs before clearing tx status queue Arnd Bergmann <arnd(a)arndb.de> caif: reduce stack size, again Yuan Chen <chenyuan(a)kylinos.cn> bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure Jiayuan Chen <jiayuan.chen(a)linux.dev> bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls Andy Yan <andy.yan(a)rock-chips.com> drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed Steven Rostedt <rostedt(a)goodmis.org> selftests/tracing: Fix false failure of subsystem event test Alok Tiwari <alok.a.tiwari(a)oracle.com> staging: nvec: Fix incorrect null termination of battery manufacturer Brahmajit Das <listout(a)listout.xyz> samples: mei: Fix building on musl libc Lifeng Zheng <zhenglifeng1(a)huawei.com> cpufreq: Init policy->rwsem before it may be possibly used Lifeng Zheng <zhenglifeng1(a)huawei.com> cpufreq: Initialize cpufreq-based frequency-invariance later Adam Ford <aford173(a)gmail.com> arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed Annette Kobou <annette.kobou(a)kontron.de> ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface Lucas De Marchi <lucas.demarchi(a)intel.com> usb: early: xhci-dbc: Fix early_ioremap leak Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "vmci: Prevent the dispatching of uninitialized payloads" Denis OSTERLAND-HEIM <denis.osterland(a)diehl.com> pps: fix poll support Lizhi Xu <lizhi.xu(a)windriver.com> vmci: Prevent the dispatching of uninitialized payloads Abdun Nihaal <abdun.nihaal(a)gmail.com> staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: vfxxx: Correctly use two tuples for timer address Arnd Bergmann <arnd(a)arndb.de> ASoC: ops: dynamically allocate struct snd_ctl_elem_value Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() Yangtao Li <frank.li(a)vivo.com> hfsplus: remove mutex_lock check in hfsplus_free_extents RubenKelevra <rubenkelevra(a)gmail.com> fs_context: fix parameter name in infofc() macro Arnd Bergmann <arnd(a)arndb.de> ASoC: Intel: fix SND_SOC_SOF dependencies Arnd Bergmann <arnd(a)arndb.de> ethernet: intel: fix building with large NR_CPUS Xu Yang <xu.yang_2(a)nxp.com> usb: phy: mxs: disconnect line when USB charger is attached Xu Yang <xu.yang_2(a)nxp.com> usb: chipidea: add USB PHY event Daniel Dadap <ddadap(a)nvidia.com> ALSA: hda: Add missing NVIDIA HDA codec IDs Ian Abbott <abbotti(a)mev.co.uk> comedi: comedi_test: Fix possible deletion of uninitialized timers Michael Zhivich <mzhivich(a)akamai.com> x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode() Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: reject invalid file types when reading inodes Praveen Kaligineedi <pkaligineedi(a)google.com> gve: Fix stuck TX queue for DQ queue format Jacek Kowalski <jacek(a)jacekk.info> e1000e: ignore uninitialized checksum word on tgp Jacek Kowalski <jacek(a)jacekk.info> e1000e: disregard NVM checksum on tgp when valid checksum bit is not set Dawid Rezler <dawidrezler.patches(a)gmail.com> ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx Yang Xiwen <forbidden405(a)outlook.com> i2c: qup: jump out of the loop in case of timeout Jian Shen <shenjian15(a)huawei.com> net: hns3: fixed vf get max channels bug Jian Shen <shenjian15(a)huawei.com> net: hns3: refine the struct hane3_tc_info Xiang Mei <xmei5(a)asu.edu> net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class Kito Xu (veritas501) <hxzene(a)gmail.com> net: appletalk: Fix use-after-free in AARP proxy probe Andrew Lunn <andrew(a)lunn.ch> net: appletalk: fix kerneldoc warnings Dennis Chen <dechen(a)redhat.com> i40e: report VF tx_dropped with tx_errors instead of tx_discards Yajun Deng <yajun.deng(a)linux.dev> i40e: Add rx_missed_errors for buffer exhaustion Maor Gottlieb <maorg(a)nvidia.com> RDMA/core: Rate limit GID cache warning messages Alessandro Carminati <acarmina(a)redhat.com> regulator: core: fix NULL dereference on unbind due to stale coupling data Hongyu Xie <xiehongyu1(a)kylinos.cn> xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS Bui Quang Minh <minhquangbui99(a)gmail.com> virtio-net: ensure the received length does not exceed allocated size Alexander Gordeev <agordeev(a)linux.ibm.com> mm/vmalloc: leave lazy MMU mode on PTE mapping error Arun Raghavan <arun(a)asymptotic.io> ASoC: fsl_sai: Force a software reset when starting in consumer mode Krishna Kurapati <krishna.kurapati(a)oss.qualcomm.com> usb: dwc3: qcom: Don't leave BCR asserted Drew Hamilton <drew.hamilton(a)zetier.com> usb: musb: fix gadget state on disconnect Paul Cercueil <paul(a)crapouillou.net> usb: musb: Add and use inline functions musb_{get,set}_state Mathias Nyman <mathias.nyman(a)linux.intel.com> usb: hub: Fix flushing of delayed work used for post resume purposes Mathias Nyman <mathias.nyman(a)linux.intel.com> usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm Mathias Nyman <mathias.nyman(a)linux.intel.com> usb: hub: fix detection of high tier USB3 devices behind suspended hubs William Liu <will(a)willsroot.io> net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree Dong Chenchen <dongchenchen2(a)huawei.com> net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: SMP: If an unallowed command is received consider it a failure Kuniyuki Iwashima <kuniyu(a)google.com> Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() Oliver Neukum <oneukum(a)suse.com> usb: net: sierra: check for no status endpoint Marius Zachmann <mail(a)mariuszachmann.de> hwmon: (corsair-cpro) Validate the size of the received input buffer Kuniyuki Iwashima <kuniyu(a)google.com> rpl: Fix use-after-free in rpl_do_srh_inline(). Xiang Mei <xmei5(a)asu.edu> net/sched: sch_qfq: Fix race condition on qfq_aggregate Alok Tiwari <alok.a.tiwari(a)oracle.com> net: emaclite: Fix missing pointer increment in aligned_read() Ian Abbott <abbotti(a)mev.co.uk> comedi: Fix initialization of data for instructions that write to subdevice Ian Abbott <abbotti(a)mev.co.uk> comedi: Fix use of uninitialized data in insn_rw_emulate_bits() Ian Abbott <abbotti(a)mev.co.uk> comedi: Fix some signed shift left operations Ian Abbott <abbotti(a)mev.co.uk> comedi: das6402: Fix bit shift out of bounds Ian Abbott <abbotti(a)mev.co.uk> comedi: das16m1: Fix bit shift out of bounds Ian Abbott <abbotti(a)mev.co.uk> comedi: aio_iiro_16: Fix bit shift out of bounds Ian Abbott <abbotti(a)mev.co.uk> comedi: pcl812: Fix bit shift out of bounds Chen Ni <nichen(a)iscas.ac.cn> iio: adc: stm32-adc: Fix race in installing chained IRQ handler Fabio Estevam <festevam(a)denx.de> iio: adc: max1363: Reorder mode_list[] entries Fabio Estevam <festevam(a)denx.de> iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] Andrew Jeffery <andrew(a)codeconstruct.com.au> soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Andrew Jeffery <andrew(a)codeconstruct.com.au> soc: aspeed: lpc-snoop: Cleanup resources in stack-order Judith Mendez <jm(a)ti.com> mmc: sdhci_am654: Workaround for Errata i2312 Edson Juliano Drosdeck <edson.drosdeck(a)gmail.com> mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models Thomas Fourier <fourier.thomas(a)gmail.com> mmc: bcm2835: Fix dma_unmap_sg() nents value Nathan Chancellor <nathan(a)kernel.org> memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() Jan Kara <jack(a)suse.cz> isofs: Verify inode mode when loading from disk Dan Carpenter <dan.carpenter(a)linaro.org> dmaengine: nbpfaxi: Fix memory corruption in probe() Yun Lu <luyun(a)kylinos.cn> af_packet: fix soft lockup issue caused by tpacket_snd() Yun Lu <luyun(a)kylinos.cn> af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() Nathan Chancellor <nathan(a)kernel.org> phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in pep_sock_accept() Benjamin Tissoires <bentiss(a)kernel.org> HID: core: do not bypass hid_hw_raw_request Benjamin Tissoires <bentiss(a)kernel.org> HID: core: ensure __hid_request reserves the report ID as the first byte Benjamin Tissoires <bentiss(a)kernel.org> HID: core: ensure the allocated report buffer can contain the reserved report ID Thomas Fourier <fourier.thomas(a)gmail.com> pch_uart: Fix dma_sync_sg_for_device() nents value Nilton Perim Neto <niltonperimneto(a)gmail.com> Input: xpad - set correct controller type for Acer NGR200 Alok Tiwari <alok.a.tiwari(a)oracle.com> thunderbolt: Fix bit masking in tb_dp_port_set_hops() Clément Le Goffic <clement.legoffic(a)foss.st.com> i2c: stm32: fix the device used for the DMA map Xinyu Liu <1171169449(a)qq.com> usb: gadget: configfs: Fix OOB read on empty string write Ryan Mann (NDI) <rmann(a)ndigital.com> USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI Slark Xiao <slark_xiao(a)163.com> USB: serial: option: add Foxconn T99W640 Fabio Porcedda <fabio.porcedda(a)gmail.com> USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition Wayne Chang <waynec(a)nvidia.com> phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode ------------- Diffstat: Documentation/filesystems/f2fs.rst | 6 +- Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 +- Documentation/memory-barriers.txt | 11 +- Makefile | 6 +- arch/arm/Makefile | 2 +- arch/arm/boot/dts/imx6ul-kontron-n6x1x-s.dtsi | 1 - arch/arm/boot/dts/vfxxx.dtsi | 2 +- arch/arm/mach-rockchip/platsmp.c | 15 +- arch/arm/mach-tegra/reset.c | 2 +- .../boot/dts/freescale/imx8mm-beacon-som.dtsi | 2 + arch/arm64/include/asm/acpi.h | 2 +- arch/arm64/mm/ptdump_debugfs.c | 3 - arch/m68k/Kconfig.debug | 2 +- arch/m68k/kernel/early_printk.c | 42 +-- arch/m68k/kernel/head.S | 39 ++- arch/mips/crypto/chacha-core.S | 20 +- arch/mips/include/asm/vpe.h | 8 + arch/mips/kernel/process.c | 16 +- arch/mips/mm/tlb-r4k.c | 56 +++- arch/parisc/Makefile | 2 +- arch/powerpc/configs/ppc6xx_defconfig | 1 - arch/powerpc/kernel/eeh.c | 1 + arch/powerpc/kernel/eeh_driver.c | 48 ++-- arch/powerpc/kernel/eeh_pe.c | 11 +- arch/powerpc/kernel/pci-hotplug.c | 3 + arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 +- arch/s390/hypfs/hypfs_dbfs.c | 19 +- arch/s390/include/asm/timex.h | 13 +- arch/s390/kernel/time.c | 2 +- arch/s390/mm/dump_pagetables.c | 2 - arch/sh/Makefile | 10 +- arch/sh/boot/compressed/Makefile | 4 +- arch/sh/boot/romimage/Makefile | 4 +- arch/x86/include/asm/xen/hypercall.h | 6 +- arch/x86/kernel/cpu/amd.c | 2 + arch/x86/kernel/cpu/bugs.c | 5 +- arch/x86/kernel/cpu/mce/amd.c | 13 +- arch/x86/mm/extable.c | 5 +- block/bio.c | 2 +- block/blk-settings.c | 2 +- drivers/acpi/acpi_processor.c | 2 +- drivers/acpi/apei/ghes.c | 2 + drivers/acpi/processor_idle.c | 4 +- drivers/acpi/processor_perflib.c | 11 + drivers/ata/Kconfig | 35 ++- drivers/ata/libata-sata.c | 5 + drivers/ata/libata-scsi.c | 20 +- drivers/base/power/domain_governor.c | 18 +- drivers/base/power/runtime.c | 5 + drivers/block/drbd/drbd_receiver.c | 6 +- drivers/block/sunvdc.c | 4 +- drivers/bus/mhi/host/boot.c | 8 +- drivers/bus/mhi/host/internal.h | 4 +- drivers/char/hw_random/mtk-rng.c | 4 +- drivers/char/ipmi/ipmi_msghandler.c | 8 +- drivers/char/ipmi/ipmi_watchdog.c | 59 +++-- drivers/clk/davinci/psc.c | 5 + drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3 +- drivers/cpufreq/armada-8k-cpufreq.c | 2 +- drivers/cpufreq/cppc_cpufreq.c | 2 +- drivers/cpufreq/cpufreq.c | 29 +- drivers/cpuidle/governors/menu.c | 21 +- drivers/crypto/ccp/ccp-debugfs.c | 3 + drivers/crypto/img-hash.c | 2 +- drivers/crypto/inside-secure/safexcel_hash.c | 8 +- drivers/crypto/marvell/cesa/cipher.c | 4 +- drivers/crypto/marvell/cesa/hash.c | 5 +- .../crypto/qat/qat_common/adf_transport_debug.c | 4 +- drivers/devfreq/governor_userspace.c | 6 +- drivers/dma-buf/dma-resv.c | 5 +- drivers/dma/mv_xor.c | 21 +- drivers/dma/nbpfaxi.c | 24 +- drivers/fpga/zynq-fpga.c | 10 +- drivers/gpio/gpio-rcar.c | 20 +- drivers/gpio/gpio-tps65912.c | 7 +- drivers/gpio/gpio-wcd934x.c | 7 +- drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 6 + .../gpu/drm/amd/display/dc/bios/command_table.c | 2 +- .../amd/display/dc/clk_mgr/dce100/dce_clk_mgr.c | 2 - .../amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c | 40 +-- .../amd/display/dc/clk_mgr/dce60/dce60_clk_mgr.c | 31 +-- drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 11 +- .../gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2 +- drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 6 + drivers/gpu/drm/drm_dp_helper.c | 2 +- drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9 +- drivers/gpu/drm/scheduler/sched_entity.c | 23 +- drivers/gpu/drm/ttm/ttm_resource.c | 3 + drivers/hid/hid-core.c | 21 +- drivers/hwmon/corsair-cpro.c | 5 + drivers/hwmon/gsc-hwmon.c | 4 +- drivers/i2c/busses/i2c-qup.c | 4 +- drivers/i2c/busses/i2c-stm32.c | 8 +- drivers/i2c/busses/i2c-stm32f7.c | 4 +- drivers/i2c/i2c-core-acpi.c | 1 + drivers/i3c/internals.h | 1 + drivers/i3c/master.c | 2 +- drivers/idle/intel_idle.c | 2 +- drivers/iio/adc/ad7768-1.c | 23 +- drivers/iio/adc/ad_sigma_delta.c | 4 +- drivers/iio/adc/max1363.c | 43 ++- drivers/iio/adc/stm32-adc-core.c | 7 +- drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 6 +- drivers/iio/light/as73211.c | 2 +- drivers/iio/light/hid-sensor-prox.c | 3 +- drivers/iio/pressure/bmp280-core.c | 9 +- drivers/iio/proximity/isl29501.c | 14 +- drivers/infiniband/core/cache.c | 4 +- drivers/infiniband/core/nldev.c | 22 +- drivers/infiniband/hw/bnxt_re/qplib_res.c | 2 + drivers/infiniband/hw/hfi1/affinity.c | 44 +-- drivers/infiniband/sw/rxe/rxe_comp.c | 16 +- drivers/input/joystick/xpad.c | 2 +- drivers/iommu/amd/init.c | 4 +- drivers/leds/leds-lp50xx.c | 11 +- drivers/md/dm-core.h | 52 ++++ drivers/md/dm-historical-service-time.c | 4 +- drivers/md/dm-queue-length.c | 4 +- drivers/md/dm-round-robin.c | 4 +- drivers/md/dm-rq.c | 8 + drivers/md/dm-service-time.c | 4 +- drivers/md/dm-zoned-target.c | 2 +- drivers/md/dm.c | 59 +---- drivers/media/cec/usb/rainshadow/rainshadow-cec.c | 3 +- drivers/media/dvb-frontends/dib7000p.c | 8 + drivers/media/i2c/hi556.c | 26 +- drivers/media/i2c/ov2659.c | 3 +- drivers/media/i2c/tc358743.c | 86 +++--- drivers/media/platform/qcom/camss/camss.c | 4 +- drivers/media/platform/qcom/venus/core.c | 21 +- drivers/media/platform/qcom/venus/core.h | 2 + drivers/media/platform/qcom/venus/dbgfs.c | 9 + drivers/media/platform/qcom/venus/dbgfs.h | 13 + drivers/media/platform/qcom/venus/hfi_venus.c | 14 +- drivers/media/platform/qcom/venus/vdec.c | 5 +- drivers/media/usb/gspca/vicam.c | 10 +- drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 + drivers/media/usb/usbtv/usbtv-video.c | 4 + drivers/media/usb/uvc/uvc_driver.c | 3 + drivers/media/usb/uvc/uvc_video.c | 21 +- drivers/media/v4l2-core/v4l2-ctrls.c | 37 ++- drivers/memstick/core/memstick.c | 3 +- drivers/memstick/host/rtsx_usb_ms.c | 1 + drivers/misc/cardreader/rtsx_usb.c | 16 +- drivers/mmc/host/bcm2835.c | 3 +- drivers/mmc/host/rtsx_usb_sdmmc.c | 4 +- drivers/mmc/host/sdhci-msm.c | 14 + drivers/mmc/host/sdhci-pci-core.c | 3 +- drivers/mmc/host/sdhci-pci-gli.c | 4 +- drivers/mmc/host/sdhci_am654.c | 9 +- drivers/most/core.c | 2 +- drivers/mtd/ftl.c | 2 +- drivers/mtd/nand/raw/atmel/nand-controller.c | 2 +- drivers/mtd/nand/raw/atmel/pmecc.c | 6 + drivers/mtd/nand/raw/fsmc_nand.c | 2 + drivers/net/can/kvaser_pciefd.c | 1 + drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1 + drivers/net/dsa/b53/b53_common.c | 52 ++-- drivers/net/dsa/b53/b53_regs.h | 2 + drivers/net/ethernet/agere/et131x.c | 36 +++ drivers/net/ethernet/atheros/ag71xx.c | 9 + drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 +- drivers/net/ethernet/emulex/benet/be_cmds.c | 2 +- drivers/net/ethernet/emulex/benet/be_main.c | 8 +- drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 +- drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 66 +++-- drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.h | 13 + .../net/ethernet/freescale/dpaa2/dpaa2-ethtool.c | 16 +- drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c | 97 +++---- drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.h | 5 + drivers/net/ethernet/freescale/fec_main.c | 34 ++- drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 +- drivers/net/ethernet/google/gve/gve_adminq.c | 1 + drivers/net/ethernet/google/gve/gve_main.c | 67 ++--- drivers/net/ethernet/hisilicon/hns3/hnae3.h | 19 +- drivers/net/ethernet/hisilicon/hns3/hns3_debugfs.c | 3 +- drivers/net/ethernet/hisilicon/hns3/hns3_enet.c | 33 ++- .../ethernet/hisilicon/hns3/hns3pf/hclge_debugfs.c | 2 +- .../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 4 +- .../net/ethernet/hisilicon/hns3/hns3pf/hclge_mbx.c | 2 +- .../net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c | 49 ++-- .../ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 25 +- drivers/net/ethernet/intel/e1000e/defines.h | 3 + drivers/net/ethernet/intel/e1000e/ich8lan.c | 2 + drivers/net/ethernet/intel/e1000e/nvm.c | 6 + drivers/net/ethernet/intel/fm10k/fm10k.h | 3 +- drivers/net/ethernet/intel/i40e/i40e.h | 2 +- drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 3 +- drivers/net/ethernet/intel/i40e/i40e_main.c | 18 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 4 +- drivers/net/ethernet/intel/ice/ice_flex_pipe.c | 2 + drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3 +- drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 +- drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 2 + drivers/net/ethernet/mellanox/mlxsw/trap.h | 1 + drivers/net/ethernet/xilinx/xilinx_emaclite.c | 2 +- drivers/net/hyperv/hyperv_net.h | 3 + drivers/net/hyperv/netvsc_drv.c | 29 +- drivers/net/phy/mscc/mscc_ptp.c | 1 + drivers/net/phy/mscc/mscc_ptp.h | 1 + drivers/net/phy/smsc.c | 1 + drivers/net/ppp/pptp.c | 18 +- drivers/net/usb/sierra_net.c | 4 + drivers/net/usb/usbnet.c | 11 +- drivers/net/virtio_net.c | 38 ++- drivers/net/vrf.c | 2 + drivers/net/wireless/ath/ath11k/hal.c | 25 +- .../broadcom/brcm80211/brcmfmac/cfg80211.c | 8 +- .../broadcom/brcm80211/brcmsmac/phy/phy_lcn.c | 2 +- drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 +- drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11 +- drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 +- drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 +- drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4 +- drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 +- drivers/net/wireless/marvell/mwl8k.c | 4 + drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3 +- .../net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2 +- drivers/net/wireless/realtek/rtlwifi/pci.c | 23 +- drivers/net/xen-netfront.c | 5 - drivers/pci/controller/pcie-rockchip-host.c | 2 +- drivers/pci/endpoint/pci-ep-cfs.c | 1 + drivers/pci/endpoint/pci-epf-core.c | 2 +- drivers/pci/hotplug/pnv_php.c | 235 ++++++++++++++-- drivers/pci/pci-acpi.c | 4 +- drivers/pci/pci.c | 8 +- drivers/pci/probe.c | 2 +- drivers/phy/tegra/xusb-tegra186.c | 61 +++-- drivers/pinctrl/stm32/pinctrl-stm32.c | 1 + drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11 +- drivers/platform/chrome/cros_ec.c | 23 +- drivers/platform/chrome/cros_ec.h | 2 +- drivers/platform/chrome/cros_ec_i2c.c | 4 +- drivers/platform/chrome/cros_ec_lpc.c | 4 +- drivers/platform/chrome/cros_ec_spi.c | 4 +- drivers/platform/chrome/cros_ec_typec.c | 4 +- drivers/platform/x86/thinkpad_acpi.c | 4 +- drivers/power/supply/max14577_charger.c | 4 +- drivers/pps/pps.c | 11 +- drivers/ptp/ptp_clock.c | 13 +- drivers/pwm/pwm-imx-tpm.c | 9 + drivers/pwm/pwm-mediatek.c | 78 ++++-- drivers/regulator/core.c | 1 + drivers/reset/Kconfig | 10 +- drivers/rtc/rtc-ds1307.c | 17 +- drivers/rtc/rtc-hym8563.c | 2 +- drivers/rtc/rtc-pcf85063.c | 2 +- drivers/rtc/rtc-pcf8563.c | 2 +- drivers/rtc/rtc-rv3028.c | 2 +- drivers/scsi/aacraid/comminit.c | 3 +- drivers/scsi/bfa/bfad_im.c | 1 + drivers/scsi/ibmvscsi_tgt/libsrp.c | 6 +- drivers/scsi/isci/request.c | 2 +- drivers/scsi/libiscsi.c | 3 +- drivers/scsi/lpfc/lpfc_debugfs.c | 1 - drivers/scsi/lpfc/lpfc_scsi.c | 4 + drivers/scsi/lpfc/lpfc_sli.c | 8 +- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19 ++ drivers/scsi/mvsas/mv_sas.c | 4 +- drivers/scsi/pm8001/pm8001_init.c | 11 + drivers/scsi/pm8001/pm8001_sas.h | 1 + drivers/scsi/qla4xxx/ql4_os.c | 2 + drivers/scsi/scsi_scan.c | 2 +- drivers/scsi/scsi_transport_sas.c | 62 ++++- drivers/scsi/ufs/ufs-exynos.c | 4 +- drivers/scsi/ufs/ufshcd.c | 10 +- drivers/soc/aspeed/aspeed-lpc-snoop.c | 13 +- drivers/soc/qcom/mdt_loader.c | 41 +++ drivers/soc/tegra/pmc.c | 51 ++-- drivers/soundwire/stream.c | 2 +- drivers/staging/comedi/comedi_fops.c | 63 ++++- drivers/staging/comedi/comedi_internal.h | 1 + drivers/staging/comedi/drivers.c | 30 ++- drivers/staging/comedi/drivers/aio_iiro_16.c | 3 +- drivers/staging/comedi/drivers/comedi_test.c | 2 +- drivers/staging/comedi/drivers/das16m1.c | 3 +- drivers/staging/comedi/drivers/das6402.c | 3 +- drivers/staging/comedi/drivers/pcl812.c | 3 +- drivers/staging/fbtft/fbtft-core.c | 1 + drivers/staging/media/imx/imx-media-csc-scaler.c | 2 +- drivers/staging/nvec/nvec_power.c | 2 +- drivers/thermal/thermal_sysfs.c | 9 +- drivers/thunderbolt/domain.c | 2 +- drivers/thunderbolt/switch.c | 2 +- drivers/tty/serial/8250/8250_port.c | 3 +- drivers/tty/serial/pch_uart.c | 2 +- drivers/tty/vt/defkeymap.c_shipped | 112 ++++++++ drivers/tty/vt/keyboard.c | 2 +- drivers/uio/uio_hv_generic.c | 4 +- drivers/usb/atm/cxacru.c | 172 ++++++------ drivers/usb/chipidea/ci.h | 18 +- drivers/usb/chipidea/udc.c | 10 + drivers/usb/class/cdc-acm.c | 13 +- drivers/usb/core/config.c | 10 +- drivers/usb/core/hub.c | 60 ++++- drivers/usb/core/hub.h | 1 + drivers/usb/core/quirks.c | 1 + drivers/usb/core/urb.c | 2 +- drivers/usb/dwc3/core.c | 10 - drivers/usb/dwc3/dwc3-meson-g12a.c | 3 + drivers/usb/dwc3/dwc3-qcom.c | 7 +- drivers/usb/dwc3/gadget.c | 14 + drivers/usb/early/xhci-dbc.c | 4 + drivers/usb/gadget/composite.c | 5 + drivers/usb/gadget/configfs.c | 2 + drivers/usb/gadget/udc/renesas_usb3.c | 1 + drivers/usb/host/xhci-hub.c | 3 +- drivers/usb/host/xhci-mem.c | 24 +- drivers/usb/host/xhci-pci-renesas.c | 7 +- drivers/usb/host/xhci-plat.c | 3 +- drivers/usb/host/xhci-ring.c | 19 +- drivers/usb/host/xhci.c | 24 +- drivers/usb/host/xhci.h | 3 +- drivers/usb/musb/musb_core.c | 62 ++--- drivers/usb/musb/musb_core.h | 11 + drivers/usb/musb/musb_debugfs.c | 6 +- drivers/usb/musb/musb_gadget.c | 30 ++- drivers/usb/musb/musb_host.c | 6 +- drivers/usb/musb/musb_virthub.c | 18 +- drivers/usb/musb/omap2430.c | 10 +- drivers/usb/phy/phy-mxs-usb.c | 4 +- drivers/usb/serial/ftdi_sio.c | 2 + drivers/usb/serial/ftdi_sio_ids.h | 3 + drivers/usb/serial/option.c | 7 + drivers/usb/storage/realtek_cr.c | 2 +- drivers/usb/storage/unusual_devs.h | 29 ++ drivers/usb/typec/mux/intel_pmc_mux.c | 2 +- drivers/usb/typec/tcpm/fusb302.c | 8 + drivers/usb/typec/ucsi/psy.c | 2 +- drivers/usb/typec/ucsi/ucsi.c | 1 + drivers/usb/typec/ucsi/ucsi.h | 7 +- drivers/vhost/scsi.c | 4 +- drivers/vhost/vhost.c | 3 + drivers/video/console/vgacon.c | 2 +- drivers/video/fbdev/imxfb.c | 9 +- drivers/watchdog/dw_wdt.c | 2 + drivers/watchdog/ziirave_wdt.c | 3 + drivers/xen/gntdev-common.h | 4 + drivers/xen/gntdev.c | 71 +++-- fs/btrfs/ctree.h | 2 +- fs/btrfs/inode.c | 4 +- fs/btrfs/ioctl.c | 2 +- fs/btrfs/qgroup.c | 2 +- fs/btrfs/send.c | 4 +- fs/btrfs/transaction.c | 2 +- fs/btrfs/tree-log.c | 53 ++-- fs/buffer.c | 2 +- fs/cifs/cifssmb.c | 10 + fs/cifs/smb2ops.c | 7 +- fs/cifs/smbdirect.c | 14 +- fs/ext4/fsmap.c | 23 +- fs/ext4/indirect.c | 4 +- fs/ext4/inline.c | 19 +- fs/ext4/inode.c | 2 +- fs/f2fs/f2fs.h | 2 +- fs/f2fs/inode.c | 28 +- fs/f2fs/node.c | 10 + fs/file.c | 15 ++ fs/hfs/bnode.c | 93 +++++++ fs/hfsplus/bnode.c | 92 +++++++ fs/hfsplus/extents.c | 3 - fs/hfsplus/unicode.c | 7 + fs/hfsplus/xattr.c | 6 +- fs/hugetlbfs/inode.c | 2 +- fs/isofs/inode.c | 9 +- fs/jbd2/checkpoint.c | 1 + fs/jfs/file.c | 3 + fs/jfs/inode.c | 2 +- fs/jfs/jfs_dmap.c | 10 +- fs/libfs.c | 4 +- fs/namespace.c | 89 ++++++- fs/nfs/blocklayout/blocklayout.c | 4 +- fs/nfs/blocklayout/dev.c | 5 +- fs/nfs/blocklayout/extent_tree.c | 20 +- fs/nfs/client.c | 46 +++- fs/nfs/export.c | 11 +- fs/nfs/flexfilelayout/flexfilelayout.c | 32 +-- fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6 +- fs/nfs/inode.c | 6 +- fs/nfs/internal.h | 10 +- fs/nfs/nfs4client.c | 15 +- fs/nfs/nfs4proc.c | 46 ++-- fs/nfs/pnfs.c | 11 +- fs/nfsd/nfs4state.c | 34 ++- fs/nilfs2/inode.c | 9 +- fs/orangefs/orangefs-debugfs.c | 8 +- fs/squashfs/super.c | 14 +- fs/udf/super.c | 13 +- include/asm-generic/barrier.h | 33 +++ include/linux/blk_types.h | 8 +- include/linux/compiler.h | 8 - include/linux/cpuset.h | 17 ++ include/linux/fs.h | 4 +- include/linux/fs_context.h | 2 +- include/linux/if_vlan.h | 6 +- include/linux/memfd.h | 14 + include/linux/minmax.h | 17 ++ include/linux/mm.h | 76 ++++-- include/linux/mmzone.h | 22 ++ include/linux/moduleparam.h | 5 +- include/linux/pci.h | 1 + include/linux/platform_data/cros_ec_proto.h | 4 + include/linux/pps_kernel.h | 1 + include/linux/sched/mm.h | 16 ++ include/linux/skbuff.h | 31 ++- include/linux/usb/usbnet.h | 1 + include/linux/xarray.h | 15 ++ include/net/cfg80211.h | 2 +- include/net/tc_act/tc_ctinfo.h | 6 +- include/net/udp.h | 24 +- include/uapi/linux/in6.h | 4 +- include/uapi/linux/io_uring.h | 2 +- include/uapi/linux/mount.h | 3 +- kernel/cgroup/cpuset.c | 23 ++ kernel/events/core.c | 20 +- kernel/fork.c | 2 +- kernel/power/console.c | 7 +- kernel/rcu/tree_plugin.h | 3 + kernel/trace/ftrace.c | 19 +- kernel/trace/trace.c | 33 ++- kernel/trace/trace.h | 8 +- kernel/trace/trace_events.c | 5 + mm/filemap.c | 2 +- mm/hmm.c | 2 +- mm/kmemleak.c | 10 +- mm/madvise.c | 2 +- mm/memfd.c | 2 +- mm/mmap.c | 10 +- mm/page_alloc.c | 13 + mm/ptdump.c | 2 + mm/shmem.c | 2 +- mm/slab.h | 5 +- mm/slob.c | 6 +- mm/vmalloc.c | 16 +- mm/zsmalloc.c | 6 +- net/8021q/vlan.c | 42 ++- net/8021q/vlan.h | 1 + net/appletalk/aarp.c | 42 ++- net/appletalk/ddp.c | 7 +- net/bluetooth/l2cap_core.c | 26 +- net/bluetooth/l2cap_sock.c | 3 + net/bluetooth/smp.c | 21 +- net/bluetooth/smp.h | 1 + net/bridge/netfilter/nft_reject_bridge.c | 60 +---- net/caif/cfctrl.c | 294 ++++++++++----------- net/core/filter.c | 3 + net/core/netpoll.c | 7 + net/hsr/hsr_slave.c | 8 +- net/ipv4/netfilter/nf_reject_ipv4.c | 4 +- net/ipv4/route.c | 1 - net/ipv4/tcp_input.c | 3 +- net/ipv4/udp_offload.c | 2 +- net/ipv6/ip6_offload.c | 4 +- net/ipv6/netfilter/nf_reject_ipv6.c | 4 +- net/ipv6/rpl_iptunnel.c | 8 +- net/ipv6/seg6_hmac.c | 3 + net/mac80211/tx.c | 7 + net/ncsi/internal.h | 2 +- net/ncsi/ncsi-rsp.c | 1 + net/netfilter/nf_conntrack_netlink.c | 24 +- net/netfilter/nf_tables_api.c | 4 +- net/netfilter/nft_reject.c | 12 +- net/netfilter/nft_reject_inet.c | 68 +---- net/netfilter/xt_nfacct.c | 4 +- net/netlink/af_netlink.c | 2 +- net/packet/af_packet.c | 39 ++- net/phonet/pep.c | 2 +- net/sched/act_ctinfo.c | 19 +- net/sched/sch_cake.c | 14 +- net/sched/sch_codel.c | 5 +- net/sched/sch_drr.c | 7 +- net/sched/sch_ets.c | 46 ++-- net/sched/sch_fq_codel.c | 6 +- net/sched/sch_hfsc.c | 8 +- net/sched/sch_htb.c | 19 +- net/sched/sch_netem.c | 40 +++ net/sched/sch_qfq.c | 40 ++- net/sctp/input.c | 2 +- net/tls/tls_sw.c | 13 + net/vmw_vsock/af_vsock.c | 3 +- net/wireless/mlme.c | 3 +- samples/mei/mei-amt-version.c | 2 +- scripts/kconfig/gconf.c | 8 +- scripts/kconfig/lxdialog/inputbox.c | 6 +- scripts/kconfig/lxdialog/menubox.c | 2 +- scripts/kconfig/nconf.c | 2 + scripts/kconfig/nconf.gui.c | 1 + scripts/kconfig/qconf.cc | 2 +- security/apparmor/include/match.h | 3 +- security/apparmor/match.c | 1 + security/inode.c | 2 - sound/core/pcm_native.c | 19 +- sound/pci/hda/patch_ca0132.c | 7 +- sound/pci/hda/patch_hdmi.c | 19 ++ sound/pci/hda/patch_realtek.c | 3 + sound/pci/intel8x0.c | 2 +- sound/soc/codecs/hdac_hdmi.c | 10 +- sound/soc/codecs/rt5640.c | 5 + sound/soc/fsl/fsl_sai.c | 30 ++- sound/soc/intel/boards/Kconfig | 2 +- sound/soc/soc-core.c | 3 + sound/soc/soc-dai.c | 19 +- sound/soc/soc-dapm.c | 4 + sound/soc/soc-ops.c | 28 +- sound/usb/mixer_quirks.c | 14 +- sound/usb/mixer_scarlett_gen2.c | 8 + sound/usb/stream.c | 25 +- sound/usb/validate.c | 14 +- tools/bpf/bpftool/net.c | 15 +- tools/include/linux/sched/mm.h | 2 + tools/perf/tests/bp_account.c | 1 + .../cpupower/utils/idle_monitor/mperf_monitor.c | 4 +- tools/testing/ktest/ktest.pl | 5 +- .../ftrace/test.d/event/subsystem-enable.tc | 28 +- .../ftrace/test.d/ftrace/func-filter-glob.tc | 2 +- tools/testing/selftests/futex/include/futextest.h | 11 + tools/testing/selftests/memfd/memfd_test.c | 43 +++ tools/testing/selftests/net/mptcp/Makefile | 3 +- .../selftests/net/mptcp/mptcp_connect_mmap.sh | 5 + tools/testing/selftests/net/mptcp/pm_netlink.sh | 1 + tools/testing/selftests/net/rtnetlink.sh | 6 + 523 files changed, 4765 insertions(+), 2123 deletions(-)

2 weeks, 4 days

7
530
0 0

[PATCH] Revert "virtio_pci: Support surprise removal of virtio pci device"

by Parav Pandit

This reverts commit 43bb40c5b926 ("virtio_pci: Support surprise removal of virtio pci device"). Virtio drivers and PCI devices have never fully supported true surprise (aka hot unplug) removal. Drivers historically continued processing and waiting for pending I/O and even continued synchronous device reset during surprise removal. Devices have also continued completing I/Os, doing DMA and allowing device reset after surprise removal to support such drivers. Supporting it correctly would require a new device capability and driver negotiation in the virtio specification to safely stop I/O and free queue memory. Failure to do so either breaks all the existing drivers with call trace listed in the commit or crashes the host on continuing the DMA. Hence, until such specification and devices are invented, restore the previous behavior of treating surprise removal as graceful removal to avoid regressions and maintain system stability same as before the commit 43bb40c5b926 ("virtio_pci: Support surprise removal of virtio pci device"). As explained above, previous analysis of solving this only in driver was incomplete and non-reliable at [1] and at [2]; Hence reverting commit 43bb40c5b926 ("virtio_pci: Support surprise removal of virtio pci device") is still the best stand to restore failures of virtio net and block devices. [1] https://lore.kernel.org/virtualization/CY8PR12MB719506CC5613EB100BC6C638DCB… [2] https://lore.kernel.org/virtualization/20250602024358.57114-1-parav@nvidia.… Fixes: 43bb40c5b926 ("virtio_pci: Support surprise removal of virtio pci device") Cc: stable(a)vger.kernel.org Reported-by: lirongqing(a)baidu.com Closes: https://lore.kernel.org/virtualization/c45dd68698cd47238c55fb73ca9b4741@bai… Signed-off-by: Parav Pandit <parav(a)nvidia.com> --- drivers/virtio/virtio_pci_common.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/drivers/virtio/virtio_pci_common.c b/drivers/virtio/virtio_pci_common.c index d6d79af44569..dba5eb2eaff9 100644 --- a/drivers/virtio/virtio_pci_common.c +++ b/drivers/virtio/virtio_pci_common.c @@ -747,13 +747,6 @@ static void virtio_pci_remove(struct pci_dev *pci_dev) struct virtio_pci_device *vp_dev = pci_get_drvdata(pci_dev); struct device *dev = get_device(&vp_dev->vdev.dev); - /* - * Device is marked broken on surprise removal so that virtio upper - * layers can abort any ongoing operation. - */ - if (!pci_device_is_present(pci_dev)) - virtio_break_device(&vp_dev->vdev); - pci_disable_sriov(pci_dev); unregister_virtio_device(&vp_dev->vdev); -- 2.26.2

2 weeks, 4 days

3
17
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror