- Linux-stable-mirror - lists.linaro.org

FAILED: patch "[PATCH] crypto: rockchip - Fix dma_unmap_sg() nents value" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 21140e5caf019e4a24e1ceabcaaa16bd693b393f # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101646-entitle-romp-923e@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 21140e5caf019e4a24e1ceabcaaa16bd693b393f Mon Sep 17 00:00:00 2001 From: Thomas Fourier <fourier.thomas(a)gmail.com> Date: Wed, 3 Sep 2025 10:06:46 +0200 Subject: [PATCH] crypto: rockchip - Fix dma_unmap_sg() nents value The dma_unmap_sg() functions should be called with the same nents as the dma_map_sg(), not the value the map function returned. Fixes: 57d67c6e8219 ("crypto: rockchip - rework by using crypto_engine") Cc: <stable(a)vger.kernel.org> Signed-off-by: Thomas Fourier <fourier.thomas(a)gmail.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> diff --git a/drivers/crypto/rockchip/rk3288_crypto_ahash.c b/drivers/crypto/rockchip/rk3288_crypto_ahash.c index d6928ebe9526..b9f5a8b42e66 100644 --- a/drivers/crypto/rockchip/rk3288_crypto_ahash.c +++ b/drivers/crypto/rockchip/rk3288_crypto_ahash.c @@ -254,7 +254,7 @@ static void rk_hash_unprepare(struct crypto_engine *engine, void *breq) struct rk_ahash_rctx *rctx = ahash_request_ctx(areq); struct rk_crypto_info *rkc = rctx->dev; - dma_unmap_sg(rkc->dev, areq->src, rctx->nrsg, DMA_TO_DEVICE); + dma_unmap_sg(rkc->dev, areq->src, sg_nents(areq->src), DMA_TO_DEVICE); } static int rk_hash_run(struct crypto_engine *engine, void *breq)

2 weeks, 4 days

2
1
0 0

FAILED: patch "[PATCH] crypto: rockchip - Fix dma_unmap_sg() nents value" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 21140e5caf019e4a24e1ceabcaaa16bd693b393f # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101646-unsent-pull-230d@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 21140e5caf019e4a24e1ceabcaaa16bd693b393f Mon Sep 17 00:00:00 2001 From: Thomas Fourier <fourier.thomas(a)gmail.com> Date: Wed, 3 Sep 2025 10:06:46 +0200 Subject: [PATCH] crypto: rockchip - Fix dma_unmap_sg() nents value The dma_unmap_sg() functions should be called with the same nents as the dma_map_sg(), not the value the map function returned. Fixes: 57d67c6e8219 ("crypto: rockchip - rework by using crypto_engine") Cc: <stable(a)vger.kernel.org> Signed-off-by: Thomas Fourier <fourier.thomas(a)gmail.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> diff --git a/drivers/crypto/rockchip/rk3288_crypto_ahash.c b/drivers/crypto/rockchip/rk3288_crypto_ahash.c index d6928ebe9526..b9f5a8b42e66 100644 --- a/drivers/crypto/rockchip/rk3288_crypto_ahash.c +++ b/drivers/crypto/rockchip/rk3288_crypto_ahash.c @@ -254,7 +254,7 @@ static void rk_hash_unprepare(struct crypto_engine *engine, void *breq) struct rk_ahash_rctx *rctx = ahash_request_ctx(areq); struct rk_crypto_info *rkc = rctx->dev; - dma_unmap_sg(rkc->dev, areq->src, rctx->nrsg, DMA_TO_DEVICE); + dma_unmap_sg(rkc->dev, areq->src, sg_nents(areq->src), DMA_TO_DEVICE); } static int rk_hash_run(struct crypto_engine *engine, void *breq)

2 weeks, 4 days

2
1
0 0

FAILED: patch "[PATCH] eventpoll: Replace rwlock with spinlock" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 0c43094f8cc9d3d99d835c0ac9c4fe1ccc62babd # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101614-turbofan-sufferer-957e@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 0c43094f8cc9d3d99d835c0ac9c4fe1ccc62babd Mon Sep 17 00:00:00 2001 From: Nam Cao <namcao(a)linutronix.de> Date: Tue, 15 Jul 2025 14:46:34 +0200 Subject: [PATCH] eventpoll: Replace rwlock with spinlock The ready event list of an epoll object is protected by read-write semaphore: - The consumer (waiter) acquires the write lock and takes items. - the producer (waker) takes the read lock and adds items. The point of this design is enabling epoll to scale well with large number of producers, as multiple producers can hold the read lock at the same time. Unfortunately, this implementation may cause scheduling priority inversion problem. Suppose the consumer has higher scheduling priority than the producer. The consumer needs to acquire the write lock, but may be blocked by the producer holding the read lock. Since read-write semaphore does not support priority-boosting for the readers (even with CONFIG_PREEMPT_RT=y), we have a case of priority inversion: a higher priority consumer is blocked by a lower priority producer. This problem was reported in [1]. Furthermore, this could also cause stall problem, as described in [2]. Fix this problem by replacing rwlock with spinlock. This reduces the event bandwidth, as the producers now have to contend with each other for the spinlock. According to the benchmark from https://github.com/rouming/test-tools/blob/master/stress-epoll.c: On 12 x86 CPUs: Before After Diff threads events/ms events/ms 8 7162 4956 -31% 16 8733 5383 -38% 32 7968 5572 -30% 64 10652 5739 -46% 128 11236 5931 -47% On 4 riscv CPUs: Before After Diff threads events/ms events/ms 8 2958 2833 -4% 16 3323 3097 -7% 32 3451 3240 -6% 64 3554 3178 -11% 128 3601 3235 -10% Although the numbers look bad, it should be noted that this benchmark creates multiple threads who do nothing except constantly generating new epoll events, thus contention on the spinlock is high. For real workload, the event rate is likely much lower, and the performance drop is not as bad. Using another benchmark (perf bench epoll wait) where spinlock contention is lower, improvement is even observed on x86: On 12 x86 CPUs: Before: Averaged 110279 operations/sec (+- 1.09%), total secs = 8 After: Averaged 114577 operations/sec (+- 2.25%), total secs = 8 On 4 riscv CPUs: Before: Averaged 175767 operations/sec (+- 0.62%), total secs = 8 After: Averaged 167396 operations/sec (+- 0.23%), total secs = 8 In conclusion, no one is likely to be upset over this change. After all, spinlock was used originally for years, and the commit which converted to rwlock didn't mention a real workload, just that the benchmark numbers are nice. This patch is not exactly the revert of commit a218cc491420 ("epoll: use rwlock in order to reduce ep_poll_callback() contention"), because git revert conflicts in some places which are not obvious on the resolution. This patch is intended to be backported, therefore go with the obvious approach: - Replace rwlock_t with spinlock_t one to one - Delete list_add_tail_lockless() and chain_epi_lockless(). These were introduced to allow producers to concurrently add items to the list. But now that spinlock no longer allows producers to touch the event list concurrently, these two functions are not necessary anymore. Fixes: a218cc491420 ("epoll: use rwlock in order to reduce ep_poll_callback() contention") Signed-off-by: Nam Cao <namcao(a)linutronix.de> Link: https://lore.kernel.org/ec92458ea357ec503c737ead0f10b2c6e4c37d47.1752581388… Tested-by: K Prateek Nayak <kprateek.nayak(a)amd.com> Cc: stable(a)vger.kernel.org Reported-by: Frederic Weisbecker <frederic(a)kernel.org> Closes: https://lore.kernel.org/linux-rt-users/20210825132754.GA895675@lothringen/ [1] Reported-by: Valentin Schneider <vschneid(a)redhat.com> Closes: https://lore.kernel.org/linux-rt-users/xhsmhttqvnall.mognet@vschneid.remote… [2] Signed-off-by: Christian Brauner <brauner(a)kernel.org> diff --git a/fs/eventpoll.c b/fs/eventpoll.c index b22d6f819f78..ee7c4b683ec3 100644 --- a/fs/eventpoll.c +++ b/fs/eventpoll.c @@ -46,10 +46,10 @@ * * 1) epnested_mutex (mutex) * 2) ep->mtx (mutex) - * 3) ep->lock (rwlock) + * 3) ep->lock (spinlock) * * The acquire order is the one listed above, from 1 to 3. - * We need a rwlock (ep->lock) because we manipulate objects + * We need a spinlock (ep->lock) because we manipulate objects * from inside the poll callback, that might be triggered from * a wake_up() that in turn might be called from IRQ context. * So we can't sleep inside the poll callback and hence we need @@ -195,7 +195,7 @@ struct eventpoll { struct list_head rdllist; /* Lock which protects rdllist and ovflist */ - rwlock_t lock; + spinlock_t lock; /* RB tree root used to store monitored fd structs */ struct rb_root_cached rbr; @@ -741,10 +741,10 @@ static void ep_start_scan(struct eventpoll *ep, struct list_head *txlist) * in a lockless way. */ lockdep_assert_irqs_enabled(); - write_lock_irq(&ep->lock); + spin_lock_irq(&ep->lock); list_splice_init(&ep->rdllist, txlist); WRITE_ONCE(ep->ovflist, NULL); - write_unlock_irq(&ep->lock); + spin_unlock_irq(&ep->lock); } static void ep_done_scan(struct eventpoll *ep, @@ -752,7 +752,7 @@ static void ep_done_scan(struct eventpoll *ep, { struct epitem *epi, *nepi; - write_lock_irq(&ep->lock); + spin_lock_irq(&ep->lock); /* * During the time we spent inside the "sproc" callback, some * other events might have been queued by the poll callback. @@ -793,7 +793,7 @@ static void ep_done_scan(struct eventpoll *ep, wake_up(&ep->wq); } - write_unlock_irq(&ep->lock); + spin_unlock_irq(&ep->lock); } static void ep_get(struct eventpoll *ep) @@ -868,10 +868,10 @@ static bool __ep_remove(struct eventpoll *ep, struct epitem *epi, bool force) rb_erase_cached(&epi->rbn, &ep->rbr); - write_lock_irq(&ep->lock); + spin_lock_irq(&ep->lock); if (ep_is_linked(epi)) list_del_init(&epi->rdllink); - write_unlock_irq(&ep->lock); + spin_unlock_irq(&ep->lock); wakeup_source_unregister(ep_wakeup_source(epi)); /* @@ -1152,7 +1152,7 @@ static int ep_alloc(struct eventpoll **pep) return -ENOMEM; mutex_init(&ep->mtx); - rwlock_init(&ep->lock); + spin_lock_init(&ep->lock); init_waitqueue_head(&ep->wq); init_waitqueue_head(&ep->poll_wait); INIT_LIST_HEAD(&ep->rdllist); @@ -1239,100 +1239,10 @@ struct file *get_epoll_tfile_raw_ptr(struct file *file, int tfd, } #endif /* CONFIG_KCMP */ -/* - * Adds a new entry to the tail of the list in a lockless way, i.e. - * multiple CPUs are allowed to call this function concurrently. - * - * Beware: it is necessary to prevent any other modifications of the - * existing list until all changes are completed, in other words - * concurrent list_add_tail_lockless() calls should be protected - * with a read lock, where write lock acts as a barrier which - * makes sure all list_add_tail_lockless() calls are fully - * completed. - * - * Also an element can be locklessly added to the list only in one - * direction i.e. either to the tail or to the head, otherwise - * concurrent access will corrupt the list. - * - * Return: %false if element has been already added to the list, %true - * otherwise. - */ -static inline bool list_add_tail_lockless(struct list_head *new, - struct list_head *head) -{ - struct list_head *prev; - - /* - * This is simple 'new->next = head' operation, but cmpxchg() - * is used in order to detect that same element has been just - * added to the list from another CPU: the winner observes - * new->next == new. - */ - if (!try_cmpxchg(&new->next, &new, head)) - return false; - - /* - * Initially ->next of a new element must be updated with the head - * (we are inserting to the tail) and only then pointers are atomically - * exchanged. XCHG guarantees memory ordering, thus ->next should be - * updated before pointers are actually swapped and pointers are - * swapped before prev->next is updated. - */ - - prev = xchg(&head->prev, new); - - /* - * It is safe to modify prev->next and new->prev, because a new element - * is added only to the tail and new->next is updated before XCHG. - */ - - prev->next = new; - new->prev = prev; - - return true; -} - -/* - * Chains a new epi entry to the tail of the ep->ovflist in a lockless way, - * i.e. multiple CPUs are allowed to call this function concurrently. - * - * Return: %false if epi element has been already chained, %true otherwise. - */ -static inline bool chain_epi_lockless(struct epitem *epi) -{ - struct eventpoll *ep = epi->ep; - - /* Fast preliminary check */ - if (epi->next != EP_UNACTIVE_PTR) - return false; - - /* Check that the same epi has not been just chained from another CPU */ - if (cmpxchg(&epi->next, EP_UNACTIVE_PTR, NULL) != EP_UNACTIVE_PTR) - return false; - - /* Atomically exchange tail */ - epi->next = xchg(&ep->ovflist, epi); - - return true; -} - /* * This is the callback that is passed to the wait queue wakeup * mechanism. It is called by the stored file descriptors when they * have events to report. - * - * This callback takes a read lock in order not to contend with concurrent - * events from another file descriptor, thus all modifications to ->rdllist - * or ->ovflist are lockless. Read lock is paired with the write lock from - * ep_start/done_scan(), which stops all list modifications and guarantees - * that lists state is seen correctly. - * - * Another thing worth to mention is that ep_poll_callback() can be called - * concurrently for the same @epi from different CPUs if poll table was inited - * with several wait queues entries. Plural wakeup from different CPUs of a - * single wait queue is serialized by wq.lock, but the case when multiple wait - * queues are used should be detected accordingly. This is detected using - * cmpxchg() operation. */ static int ep_poll_callback(wait_queue_entry_t *wait, unsigned mode, int sync, void *key) { @@ -1343,7 +1253,7 @@ static int ep_poll_callback(wait_queue_entry_t *wait, unsigned mode, int sync, v unsigned long flags; int ewake = 0; - read_lock_irqsave(&ep->lock, flags); + spin_lock_irqsave(&ep->lock, flags); ep_set_busy_poll_napi_id(epi); @@ -1372,12 +1282,15 @@ static int ep_poll_callback(wait_queue_entry_t *wait, unsigned mode, int sync, v * chained in ep->ovflist and requeued later on. */ if (READ_ONCE(ep->ovflist) != EP_UNACTIVE_PTR) { - if (chain_epi_lockless(epi)) + if (epi->next == EP_UNACTIVE_PTR) { + epi->next = READ_ONCE(ep->ovflist); + WRITE_ONCE(ep->ovflist, epi); ep_pm_stay_awake_rcu(epi); + } } else if (!ep_is_linked(epi)) { /* In the usual case, add event to ready list. */ - if (list_add_tail_lockless(&epi->rdllink, &ep->rdllist)) - ep_pm_stay_awake_rcu(epi); + list_add_tail(&epi->rdllink, &ep->rdllist); + ep_pm_stay_awake_rcu(epi); } /* @@ -1410,7 +1323,7 @@ static int ep_poll_callback(wait_queue_entry_t *wait, unsigned mode, int sync, v pwake++; out_unlock: - read_unlock_irqrestore(&ep->lock, flags); + spin_unlock_irqrestore(&ep->lock, flags); /* We have to call this outside the lock */ if (pwake) @@ -1745,7 +1658,7 @@ static int ep_insert(struct eventpoll *ep, const struct epoll_event *event, } /* We have to drop the new item inside our item list to keep track of it */ - write_lock_irq(&ep->lock); + spin_lock_irq(&ep->lock); /* record NAPI ID of new item if present */ ep_set_busy_poll_napi_id(epi); @@ -1762,7 +1675,7 @@ static int ep_insert(struct eventpoll *ep, const struct epoll_event *event, pwake++; } - write_unlock_irq(&ep->lock); + spin_unlock_irq(&ep->lock); /* We have to call this outside the lock */ if (pwake) @@ -1826,7 +1739,7 @@ static int ep_modify(struct eventpoll *ep, struct epitem *epi, * list, push it inside. */ if (ep_item_poll(epi, &pt, 1)) { - write_lock_irq(&ep->lock); + spin_lock_irq(&ep->lock); if (!ep_is_linked(epi)) { list_add_tail(&epi->rdllink, &ep->rdllist); ep_pm_stay_awake(epi); @@ -1837,7 +1750,7 @@ static int ep_modify(struct eventpoll *ep, struct epitem *epi, if (waitqueue_active(&ep->poll_wait)) pwake++; } - write_unlock_irq(&ep->lock); + spin_unlock_irq(&ep->lock); } /* We have to call this outside the lock */ @@ -2089,7 +2002,7 @@ static int ep_poll(struct eventpoll *ep, struct epoll_event __user *events, init_wait(&wait); wait.func = ep_autoremove_wake_function; - write_lock_irq(&ep->lock); + spin_lock_irq(&ep->lock); /* * Barrierless variant, waitqueue_active() is called under * the same lock on wakeup ep_poll_callback() side, so it @@ -2108,7 +2021,7 @@ static int ep_poll(struct eventpoll *ep, struct epoll_event __user *events, if (!eavail) __add_wait_queue_exclusive(&ep->wq, &wait); - write_unlock_irq(&ep->lock); + spin_unlock_irq(&ep->lock); if (!eavail) timed_out = !ep_schedule_timeout(to) || @@ -2124,7 +2037,7 @@ static int ep_poll(struct eventpoll *ep, struct epoll_event __user *events, eavail = 1; if (!list_empty_careful(&wait.entry)) { - write_lock_irq(&ep->lock); + spin_lock_irq(&ep->lock); /* * If the thread timed out and is not on the wait queue, * it means that the thread was woken up after its @@ -2135,7 +2048,7 @@ static int ep_poll(struct eventpoll *ep, struct epoll_event __user *events, if (timed_out) eavail = list_empty(&wait.entry); __remove_wait_queue(&ep->wq, &wait); - write_unlock_irq(&ep->lock); + spin_unlock_irq(&ep->lock); } } }

2 weeks, 4 days

2
2
0 0

Re: [PATCH] media: videobuf2: forbid create_bufs/remove_bufs when legacy fileio is active

by Bai, Shuangpeng

Hi Marek, Thank you very much for fixing this bug and for your contribution. Since my original report was not posted to a public mailing list, I would appreciate it if you could add the following credit to this patch: Reported-by: Shuangpeng Bai <SJB7183(a)psu.edu> Thanks again! Best regards, Shuangpeng

2 weeks, 4 days

1
0
0 0

FAILED: patch "[PATCH] cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x f965d111e68f4a993cc44d487d416e3d954eea11 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101655-grandma-populate-0fb4@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f965d111e68f4a993cc44d487d416e3d954eea11 Mon Sep 17 00:00:00 2001 From: "Rafael J. Wysocki" <rafael.j.wysocki(a)intel.com> Date: Fri, 26 Sep 2025 12:19:41 +0200 Subject: [PATCH] cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay If cppc_get_transition_latency() returns CPUFREQ_ETERNAL to indicate a failure to retrieve the transition latency value from the platform firmware, the CPPC cpufreq driver will use that value (converted to microseconds) as the policy transition delay, but it is way too large for any practical use. Address this by making the driver use the cpufreq's default transition latency value (in microseconds) as the transition delay if CPUFREQ_ETERNAL is returned by cppc_get_transition_latency(). Fixes: d4f3388afd48 ("cpufreq / CPPC: Set platform specific transition_delay_us") Cc: 5.19+ <stable(a)vger.kernel.org> # 5.19 Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Reviewed-by: Mario Limonciello (AMD) <superm1(a)kernel.org> Reviewed-by: Jie Zhan <zhanjie9(a)hisilicon.com> Acked-by: Viresh Kumar <viresh.kumar(a)linaro.org> Reviewed-by: Qais Yousef <qyousef(a)layalina.io> diff --git a/drivers/cpufreq/cppc_cpufreq.c b/drivers/cpufreq/cppc_cpufreq.c index 12de0ac7bbaf..b71946937c52 100644 --- a/drivers/cpufreq/cppc_cpufreq.c +++ b/drivers/cpufreq/cppc_cpufreq.c @@ -308,6 +308,16 @@ static int cppc_verify_policy(struct cpufreq_policy_data *policy) return 0; } +static unsigned int __cppc_cpufreq_get_transition_delay_us(unsigned int cpu) +{ + unsigned int transition_latency_ns = cppc_get_transition_latency(cpu); + + if (transition_latency_ns == CPUFREQ_ETERNAL) + return CPUFREQ_DEFAULT_TRANSITION_LATENCY_NS / NSEC_PER_USEC; + + return transition_latency_ns / NSEC_PER_USEC; +} + /* * The PCC subspace describes the rate at which platform can accept commands * on the shared PCC channel (including READs which do not count towards freq @@ -330,12 +340,12 @@ static unsigned int cppc_cpufreq_get_transition_delay_us(unsigned int cpu) return 10000; } } - return cppc_get_transition_latency(cpu) / NSEC_PER_USEC; + return __cppc_cpufreq_get_transition_delay_us(cpu); } #else static unsigned int cppc_cpufreq_get_transition_delay_us(unsigned int cpu) { - return cppc_get_transition_latency(cpu) / NSEC_PER_USEC; + return __cppc_cpufreq_get_transition_delay_us(cpu); } #endif

2 weeks, 4 days

2
1
0 0

FAILED: patch "[PATCH] cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x f965d111e68f4a993cc44d487d416e3d954eea11 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101609-footsore-ensnare-d320@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f965d111e68f4a993cc44d487d416e3d954eea11 Mon Sep 17 00:00:00 2001 From: "Rafael J. Wysocki" <rafael.j.wysocki(a)intel.com> Date: Fri, 26 Sep 2025 12:19:41 +0200 Subject: [PATCH] cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay If cppc_get_transition_latency() returns CPUFREQ_ETERNAL to indicate a failure to retrieve the transition latency value from the platform firmware, the CPPC cpufreq driver will use that value (converted to microseconds) as the policy transition delay, but it is way too large for any practical use. Address this by making the driver use the cpufreq's default transition latency value (in microseconds) as the transition delay if CPUFREQ_ETERNAL is returned by cppc_get_transition_latency(). Fixes: d4f3388afd48 ("cpufreq / CPPC: Set platform specific transition_delay_us") Cc: 5.19+ <stable(a)vger.kernel.org> # 5.19 Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Reviewed-by: Mario Limonciello (AMD) <superm1(a)kernel.org> Reviewed-by: Jie Zhan <zhanjie9(a)hisilicon.com> Acked-by: Viresh Kumar <viresh.kumar(a)linaro.org> Reviewed-by: Qais Yousef <qyousef(a)layalina.io> diff --git a/drivers/cpufreq/cppc_cpufreq.c b/drivers/cpufreq/cppc_cpufreq.c index 12de0ac7bbaf..b71946937c52 100644 --- a/drivers/cpufreq/cppc_cpufreq.c +++ b/drivers/cpufreq/cppc_cpufreq.c @@ -308,6 +308,16 @@ static int cppc_verify_policy(struct cpufreq_policy_data *policy) return 0; } +static unsigned int __cppc_cpufreq_get_transition_delay_us(unsigned int cpu) +{ + unsigned int transition_latency_ns = cppc_get_transition_latency(cpu); + + if (transition_latency_ns == CPUFREQ_ETERNAL) + return CPUFREQ_DEFAULT_TRANSITION_LATENCY_NS / NSEC_PER_USEC; + + return transition_latency_ns / NSEC_PER_USEC; +} + /* * The PCC subspace describes the rate at which platform can accept commands * on the shared PCC channel (including READs which do not count towards freq @@ -330,12 +340,12 @@ static unsigned int cppc_cpufreq_get_transition_delay_us(unsigned int cpu) return 10000; } } - return cppc_get_transition_latency(cpu) / NSEC_PER_USEC; + return __cppc_cpufreq_get_transition_delay_us(cpu); } #else static unsigned int cppc_cpufreq_get_transition_delay_us(unsigned int cpu) { - return cppc_get_transition_latency(cpu) / NSEC_PER_USEC; + return __cppc_cpufreq_get_transition_delay_us(cpu); } #endif

2 weeks, 4 days

2
1
0 0

FAILED: patch "[PATCH] cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x f965d111e68f4a993cc44d487d416e3d954eea11 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101609-unmoved-thud-9d3a@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f965d111e68f4a993cc44d487d416e3d954eea11 Mon Sep 17 00:00:00 2001 From: "Rafael J. Wysocki" <rafael.j.wysocki(a)intel.com> Date: Fri, 26 Sep 2025 12:19:41 +0200 Subject: [PATCH] cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay If cppc_get_transition_latency() returns CPUFREQ_ETERNAL to indicate a failure to retrieve the transition latency value from the platform firmware, the CPPC cpufreq driver will use that value (converted to microseconds) as the policy transition delay, but it is way too large for any practical use. Address this by making the driver use the cpufreq's default transition latency value (in microseconds) as the transition delay if CPUFREQ_ETERNAL is returned by cppc_get_transition_latency(). Fixes: d4f3388afd48 ("cpufreq / CPPC: Set platform specific transition_delay_us") Cc: 5.19+ <stable(a)vger.kernel.org> # 5.19 Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Reviewed-by: Mario Limonciello (AMD) <superm1(a)kernel.org> Reviewed-by: Jie Zhan <zhanjie9(a)hisilicon.com> Acked-by: Viresh Kumar <viresh.kumar(a)linaro.org> Reviewed-by: Qais Yousef <qyousef(a)layalina.io> diff --git a/drivers/cpufreq/cppc_cpufreq.c b/drivers/cpufreq/cppc_cpufreq.c index 12de0ac7bbaf..b71946937c52 100644 --- a/drivers/cpufreq/cppc_cpufreq.c +++ b/drivers/cpufreq/cppc_cpufreq.c @@ -308,6 +308,16 @@ static int cppc_verify_policy(struct cpufreq_policy_data *policy) return 0; } +static unsigned int __cppc_cpufreq_get_transition_delay_us(unsigned int cpu) +{ + unsigned int transition_latency_ns = cppc_get_transition_latency(cpu); + + if (transition_latency_ns == CPUFREQ_ETERNAL) + return CPUFREQ_DEFAULT_TRANSITION_LATENCY_NS / NSEC_PER_USEC; + + return transition_latency_ns / NSEC_PER_USEC; +} + /* * The PCC subspace describes the rate at which platform can accept commands * on the shared PCC channel (including READs which do not count towards freq @@ -330,12 +340,12 @@ static unsigned int cppc_cpufreq_get_transition_delay_us(unsigned int cpu) return 10000; } } - return cppc_get_transition_latency(cpu) / NSEC_PER_USEC; + return __cppc_cpufreq_get_transition_delay_us(cpu); } #else static unsigned int cppc_cpufreq_get_transition_delay_us(unsigned int cpu) { - return cppc_get_transition_latency(cpu) / NSEC_PER_USEC; + return __cppc_cpufreq_get_transition_delay_us(cpu); } #endif

2 weeks, 4 days

2
1
0 0

FAILED: patch "[PATCH] blk-crypto: fix missing blktrace bio split events" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 06d712d297649f48ebf1381d19bd24e942813b37 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101657-rule-straw-2a51@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 06d712d297649f48ebf1381d19bd24e942813b37 Mon Sep 17 00:00:00 2001 From: Yu Kuai <yukuai3(a)huawei.com> Date: Wed, 10 Sep 2025 14:30:45 +0800 Subject: [PATCH] blk-crypto: fix missing blktrace bio split events trace_block_split() is missing, resulting in blktrace inability to catch BIO split events and making it harder to analyze the BIO sequence. Cc: stable(a)vger.kernel.org Fixes: 488f6682c832 ("block: blk-crypto-fallback for Inline Encryption") Signed-off-by: Yu Kuai <yukuai3(a)huawei.com> Reviewed-by: Bart Van Assche <bvanassche(a)acm.org> Reviewed-by: Christoph Hellwig <hch(a)lst.de> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/block/blk-crypto-fallback.c b/block/blk-crypto-fallback.c index dbc2d8784dab..27fa1ec4b264 100644 --- a/block/blk-crypto-fallback.c +++ b/block/blk-crypto-fallback.c @@ -18,6 +18,7 @@ #include <linux/module.h> #include <linux/random.h> #include <linux/scatterlist.h> +#include <trace/events/block.h> #include "blk-cgroup.h" #include "blk-crypto-internal.h" @@ -230,7 +231,9 @@ static bool blk_crypto_fallback_split_bio_if_needed(struct bio **bio_ptr) bio->bi_status = BLK_STS_RESOURCE; return false; } + bio_chain(split_bio, bio); + trace_block_split(split_bio, bio->bi_iter.bi_sector); submit_bio_noacct(bio); *bio_ptr = split_bio; }

2 weeks, 4 days

2
1
0 0

FAILED: patch "[PATCH] cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition" failed to apply to 6.12-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.12-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y git checkout FETCH_HEAD git cherry-pick -x f965d111e68f4a993cc44d487d416e3d954eea11 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101610-twistable-shaping-5da2@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f965d111e68f4a993cc44d487d416e3d954eea11 Mon Sep 17 00:00:00 2001 From: "Rafael J. Wysocki" <rafael.j.wysocki(a)intel.com> Date: Fri, 26 Sep 2025 12:19:41 +0200 Subject: [PATCH] cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay If cppc_get_transition_latency() returns CPUFREQ_ETERNAL to indicate a failure to retrieve the transition latency value from the platform firmware, the CPPC cpufreq driver will use that value (converted to microseconds) as the policy transition delay, but it is way too large for any practical use. Address this by making the driver use the cpufreq's default transition latency value (in microseconds) as the transition delay if CPUFREQ_ETERNAL is returned by cppc_get_transition_latency(). Fixes: d4f3388afd48 ("cpufreq / CPPC: Set platform specific transition_delay_us") Cc: 5.19+ <stable(a)vger.kernel.org> # 5.19 Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Reviewed-by: Mario Limonciello (AMD) <superm1(a)kernel.org> Reviewed-by: Jie Zhan <zhanjie9(a)hisilicon.com> Acked-by: Viresh Kumar <viresh.kumar(a)linaro.org> Reviewed-by: Qais Yousef <qyousef(a)layalina.io> diff --git a/drivers/cpufreq/cppc_cpufreq.c b/drivers/cpufreq/cppc_cpufreq.c index 12de0ac7bbaf..b71946937c52 100644 --- a/drivers/cpufreq/cppc_cpufreq.c +++ b/drivers/cpufreq/cppc_cpufreq.c @@ -308,6 +308,16 @@ static int cppc_verify_policy(struct cpufreq_policy_data *policy) return 0; } +static unsigned int __cppc_cpufreq_get_transition_delay_us(unsigned int cpu) +{ + unsigned int transition_latency_ns = cppc_get_transition_latency(cpu); + + if (transition_latency_ns == CPUFREQ_ETERNAL) + return CPUFREQ_DEFAULT_TRANSITION_LATENCY_NS / NSEC_PER_USEC; + + return transition_latency_ns / NSEC_PER_USEC; +} + /* * The PCC subspace describes the rate at which platform can accept commands * on the shared PCC channel (including READs which do not count towards freq @@ -330,12 +340,12 @@ static unsigned int cppc_cpufreq_get_transition_delay_us(unsigned int cpu) return 10000; } } - return cppc_get_transition_latency(cpu) / NSEC_PER_USEC; + return __cppc_cpufreq_get_transition_delay_us(cpu); } #else static unsigned int cppc_cpufreq_get_transition_delay_us(unsigned int cpu) { - return cppc_get_transition_latency(cpu) / NSEC_PER_USEC; + return __cppc_cpufreq_get_transition_delay_us(cpu); } #endif

2 weeks, 4 days

2
1
0 0

FAILED: patch "[PATCH] btrfs: avoid potential out-of-bounds in btrfs_encode_fh()" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x dff4f9ff5d7f289e4545cc936362e01ed3252742 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101644-legacy-starch-6a67@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From dff4f9ff5d7f289e4545cc936362e01ed3252742 Mon Sep 17 00:00:00 2001 From: Anderson Nascimento <anderson(a)allelesecurity.com> Date: Mon, 8 Sep 2025 09:49:02 -0300 Subject: [PATCH] btrfs: avoid potential out-of-bounds in btrfs_encode_fh() The function btrfs_encode_fh() does not properly account for the three cases it handles. Before writing to the file handle (fh), the function only returns to the user BTRFS_FID_SIZE_NON_CONNECTABLE (5 dwords, 20 bytes) or BTRFS_FID_SIZE_CONNECTABLE (8 dwords, 32 bytes). However, when a parent exists and the root ID of the parent and the inode are different, the function writes BTRFS_FID_SIZE_CONNECTABLE_ROOT (10 dwords, 40 bytes). If *max_len is not large enough, this write goes out of bounds because BTRFS_FID_SIZE_CONNECTABLE_ROOT is greater than BTRFS_FID_SIZE_CONNECTABLE originally returned. This results in an 8-byte out-of-bounds write at fid->parent_root_objectid = parent_root_id. A previous attempt to fix this issue was made but was lost. https://lore.kernel.org/all/4CADAEEC020000780001B32C@vpn.id2.novell.com/ Although this issue does not seem to be easily triggerable, it is a potential memory corruption bug that should be fixed. This patch resolves the issue by ensuring the function returns the appropriate size for all three cases and validates that *max_len is large enough before writing any data. Fixes: be6e8dc0ba84 ("NFS support for btrfs - v3") CC: stable(a)vger.kernel.org # 3.0+ Signed-off-by: Anderson Nascimento <anderson(a)allelesecurity.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/export.c b/fs/btrfs/export.c index d062ac521051..230d9326b685 100644 --- a/fs/btrfs/export.c +++ b/fs/btrfs/export.c @@ -23,7 +23,11 @@ static int btrfs_encode_fh(struct inode *inode, u32 *fh, int *max_len, int type; if (parent && (len < BTRFS_FID_SIZE_CONNECTABLE)) { - *max_len = BTRFS_FID_SIZE_CONNECTABLE; + if (btrfs_root_id(BTRFS_I(inode)->root) != + btrfs_root_id(BTRFS_I(parent)->root)) + *max_len = BTRFS_FID_SIZE_CONNECTABLE_ROOT; + else + *max_len = BTRFS_FID_SIZE_CONNECTABLE; return FILEID_INVALID; } else if (len < BTRFS_FID_SIZE_NON_CONNECTABLE) { *max_len = BTRFS_FID_SIZE_NON_CONNECTABLE; @@ -45,6 +49,8 @@ static int btrfs_encode_fh(struct inode *inode, u32 *fh, int *max_len, parent_root_id = btrfs_root_id(BTRFS_I(parent)->root); if (parent_root_id != fid->root_objectid) { + if (*max_len < BTRFS_FID_SIZE_CONNECTABLE_ROOT) + return FILEID_INVALID; fid->parent_root_objectid = parent_root_id; len = BTRFS_FID_SIZE_CONNECTABLE_ROOT; type = FILEID_BTRFS_WITH_PARENT_ROOT;

2 weeks, 4 days

2
1
0 0

[PATCH 6.6 000/201] 6.6.113-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.113 release. There are 201 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 19 Oct 2025 14:50:59 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.113-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.113-rc1 Ian Rogers <irogers(a)google.com> perf test stat: Avoid hybrid assumption when virtualized Jan Kara <jack(a)suse.cz> writeback: Avoid excessively long inode switching times Jan Kara <jack(a)suse.cz> writeback: Avoid softlockup when switching many inodes Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> cramfs: Verify inode mode when loading from disk Lichen Liu <lichliu(a)redhat.com> fs: Add 'initramfs_options' to set initramfs mount options Oleg Nesterov <oleg(a)redhat.com> pid: make __task_pid_nr_ns(ns => NULL) safe for zombie callers gaoxiang17 <gaoxiang17(a)xiaomi.com> pid: Add a judgment for ns null in pid_nr_ns Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> minixfs: Verify inode mode when loading from disk Lucas Zampieri <lzampier(a)redhat.com> irqchip/sifive-plic: Avoid interrupt ID 0 handling during suspend/resume Hongbo Li <lihongbo22(a)huawei.com> irqchip/sifive-plic: Make use of __assign_bit() Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: pm: in-kernel: usable client side with C-flag Lance Yang <lance.yang(a)linux.dev> selftests/mm: skip soft-dirty tests when CONFIG_MEM_SOFT_DIRTY is disabled Ilya Leoshkevich <iii(a)linux.ibm.com> s390/bpf: Write back tail call counter for BPF_TRAMP_F_CALL_ORIG Ilya Leoshkevich <iii(a)linux.ibm.com> s390/bpf: Write back tail call counter for BPF_PSEUDO_CALL Ilya Leoshkevich <iii(a)linux.ibm.com> s390/bpf: Describe the frame using a struct instead of constants Ilya Leoshkevich <iii(a)linux.ibm.com> s390/bpf: Centralize frame offset calculations Ilya Leoshkevich <iii(a)linux.ibm.com> s390/bpf: Change seen_reg to a mask Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI: property: Do not pass NULL handles to acpi_attach_data() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI: property: Add code comments explaining what is going on Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI: property: Disregard references in data-only subnode lists Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI: battery: Add synchronization between interface updates Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> ACPI: battery: Check for error code from devm_mutex_init() call Thomas Weißschuh <linux(a)weissschuh.net> ACPI: battery: initialize mutexes through devm_ APIs Thomas Weißschuh <linux(a)weissschuh.net> ACPI: battery: allocate driver data through devm_ APIs Catalin Marinas <catalin.marinas(a)arm.com> arm64: mte: Do not flag the zero page as PG_mte_tagged Yang Shi <yang(a)os.amperecomputing.com> arm64: kprobes: call set_memory_rox() for kprobe page Guenter Roeck <linux(a)roeck-us.net> ipmi: Fix handling of messages with provided receive message pointer Corey Minyard <corey(a)minyard.net> ipmi: Rework user message limit handling Sean Christopherson <seanjc(a)google.com> KVM: SVM: Emulate PERF_CNTR_GLOBAL_STATUS_SET for PerfMonV2 Thomas Gleixner <tglx(a)linutronix.de> rseq: Protect event mask against membarrier IPI Qu Wenruo <wqu(a)suse.com> btrfs: fix the incorrect max_bytes value for find_lock_delalloc_range() Shin'ichiro Kawasaki <shinichiro.kawasaki(a)wdc.com> PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release Wang Jiang <jiangwang(a)kylinos.cn> PCI: endpoint: Remove surplus return statement from pci_epf_test_clean_dma_chan() Ling Xu <quic_lxu5(a)quicinc.com> misc: fastrpc: Save actual DMA size in fastrpc_map structure Ekansh Gupta <quic_ekangupt(a)quicinc.com> misc: fastrpc: Add missing dev_err newlines Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: add max ip connections parameter Sean Christopherson <seanjc(a)google.com> KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Donet Tom <donettom(a)linux.ibm.com> mm/ksm: fix incorrect KSM counter handling in mm_struct during fork Yuan Chen <chenyuan(a)kylinos.cn> tracing: Fix race condition in kprobe initialization causing NULL pointer dereference Hans de Goede <hansg(a)kernel.org> mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type Hans de Goede <hdegoede(a)redhat.com> mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value Edward Adam Davis <eadavis(a)qq.com> media: mc: Clear minor number before put device Phillip Lougher <phillip(a)squashfs.org.uk> Squashfs: reject negative file sizes in squashfs_read_inode() Phillip Lougher <phillip(a)squashfs.org.uk> Squashfs: add additional inode sanity checking Nathan Chancellor <nathan(a)kernel.org> lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and older Jan Kara <jack(a)suse.cz> ext4: free orphan info with kvfree Huacai Chen <chenhuacai(a)kernel.org> ACPICA: Allow to skip Global Lock initialization Deepanshu Kartikey <kartikey406(a)gmail.com> ext4: validate ea_ino and size in check_xattrs Ahmet Eray Karadag <eraykrdg1(a)gmail.com> ext4: guard against EA inode refcount underflow in xattr update Zhang Yi <yi.zhang(a)huawei.com> ext4: fix an off-by-one issue during moving extents Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: correctly handle queries for metadata mappings Yongjian Sun <sunyongjian1(a)huawei.com> ext4: increase i_disksize to offset + len in ext4_update_disksize_before_punch() Jan Kara <jack(a)suse.cz> ext4: verify orphan file size is not too big Olga Kornievskaia <okorniev(a)redhat.com> nfsd: nfserr_jukebox in nlm_fopen should lead to a retry Thorsten Blum <thorsten.blum(a)linux.dev> NFSD: Fix destination buffer size in nfsd4_ssc_setup_dul() SeongJae Park <sj(a)kernel.org> mm/damon/vaddr: do not repeat pte_offset_map_lock() until success Li RongQing <lirongqing(a)baidu.com> mm/hugetlb: early exit from hugetlb_pages_alloc_boot() when max_huge_pages=0 Thadeu Lima de Souza Cascardo <cascardo(a)igalia.com> mm/page_alloc: only set ALLOC_HIGHATOMIC for __GPF_HIGH allocations Nick Morrow <morrownr(a)gmail.com> wifi: mt76: mt7921u: Add VID/PID for Netgear A7500 Muhammad Usama Anjum <usama.anjum(a)collabora.com> wifi: ath11k: HAL SRNG: don't deinitialize and re-initialize again Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: join: validate C-flag + def limit Sean Christopherson <seanjc(a)google.com> x86/umip: Fix decoding of register forms of 0F 01 (SGDT and SIDT aliases) Sean Christopherson <seanjc(a)google.com> x86/umip: Check that the instruction opcode is at least two bytes Pratyush Yadav <pratyush(a)kernel.org> spi: cadence-quadspi: Flush posted register writes before DAC access Pratyush Yadav <pratyush(a)kernel.org> spi: cadence-quadspi: Flush posted register writes before INDAC access Vidya Sagar <vidyas(a)nvidia.com> PCI: tegra194: Handle errors in BPMP response Niklas Cassel <cassel(a)kernel.org> PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() Marek Vasut <marek.vasut+renesas(a)mailbox.org> PCI: rcar-host: Convert struct rcar_msi mask_lock into raw spinlock Marek Vasut <marek.vasut+renesas(a)mailbox.org> PCI: rcar-host: Drop PMSR spinlock Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit Lukas Wunner <lukas(a)wunner.de> PCI/AER: Support errors introduced by PCIe r6.0 Niklas Schnelle <schnelle(a)linux.ibm.com> PCI/AER: Fix missing uevent on recovery when a reset is requested Lukas Wunner <lukas(a)wunner.de> PCI/ERR: Fix uevent on failure to recover Niklas Schnelle <schnelle(a)linux.ibm.com> PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Brian Norris <briannorris(a)google.com> PCI/sysfs: Ensure devices are powered for config reads Marek Vasut <marek.vasut+renesas(a)mailbox.org> PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock Sean Christopherson <seanjc(a)google.com> rseq/selftests: Use weak symbol reference, not definition, to link with glibc Esben Haabendal <esben(a)geanix.com> rtc: interface: Fix long-standing race when setting alarm Esben Haabendal <esben(a)geanix.com> rtc: interface: Ensure alarm irq is enabled when UIE is enabled Zhen Ni <zhen.ni(a)easystack.cn> memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe Rex Chen <rex.chen_1(a)nxp.com> mmc: core: SPI mode remove cmd7 Linus Walleij <linus.walleij(a)linaro.org> mtd: rawnand: fsmc: Default to autodetect buswidth Miaoqian Lin <linmq006(a)gmail.com> xtensa: simdisk: add input size check in proc_write_simdisk Ma Ke <make24(a)iscas.ac.cn> sparc: fix error handling in scan_one_device() Anthony Yznaga <anthony.yznaga(a)oracle.com> sparc64: fix hugetlb for sun4u Eric Biggers <ebiggers(a)kernel.org> sctp: Fix MAC comparison to be constant-time Thorsten Blum <thorsten.blum(a)linux.dev> scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() Harshit Agarwal <harshit(a)nutanix.com> sched/deadline: Fix race in push_dl_task() Corey Minyard <corey(a)minyard.net> Revert "ipmi: fix msg stack when IPMI is disconnected" Jisheng Zhang <jszhang(a)kernel.org> pwm: berlin: Fix wrong register in suspend/resume Nam Cao <namcao(a)linutronix.de> powerpc/pseries/msi: Fix potential underflow and leak issue Nam Cao <namcao(a)linutronix.de> powerpc/powernv/pci: Fix underflow and leak issue Dzmitry Sankouski <dsankouski(a)gmail.com> power: supply: max77976_charger: fix constant current reporting Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> pinctrl: samsung: Drop unused S3C24xx driver data Georg Gottleuber <ggo(a)tuxedocomputers.com> nvme-pci: Add TUXEDO IBS Gen8 to Samsung sleep quirk John David Anglin <dave.anglin(a)bell.net> parisc: Remove spurious if statement from raw_copy_from_user() Sam James <sam(a)gentoo.org> parisc: don't reference obsolete termio struct for TC* constants Askar Safin <safinaskar(a)zohomail.com> openat2: don't trigger automounts with RESOLVE_NO_XDEV Ma Ke <make24(a)iscas.ac.cn> of: unittest: Fix device reference count leak in of_unittest_pci_node_verify Johan Hovold <johan(a)kernel.org> lib/genalloc: fix device leak in of_gen_pool_get() Eric Biggers <ebiggers(a)kernel.org> KEYS: trusted_tpm1: Compare HMAC values in constant time Oleg Nesterov <oleg(a)redhat.com> kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths Lu Baolu <baolu.lu(a)linux.intel.com> iommu/vt-d: PRS isn't usable if PDS isn't supported Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume Huacai Chen <chenhuacai(a)kernel.org> init: handle bootloader identifier in kernel parameters Sean Anderson <sean.anderson(a)linux.dev> iio: xilinx-ams: Unmask interrupts after updating alarms Sean Anderson <sean.anderson(a)linux.dev> iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK Michael Hennerich <michael.hennerich(a)analog.com> iio: frequency: adf4350: Fix prescaler usage. Qianfeng Rong <rongqianfeng(a)vivo.com> iio: dac: ad5421: use int type to store negative error codes Qianfeng Rong <rongqianfeng(a)vivo.com> iio: dac: ad5360: use int type to store negative error codes Haoxiang Li <haoxiang_li2024(a)163.com> fs/ntfs3: Fix a resource leak bug in wnd_extend() Finn Thain <fthain(a)linux-m68k.org> fbdev: Fix logic error in "offb" name match Thomas Fourier <fourier.thomas(a)gmail.com> crypto: rockchip - Fix dma_unmap_sg() nents value Thomas Fourier <fourier.thomas(a)gmail.com> crypto: atmel - Fix dma_unmap_sg() direction Thomas Fourier <fourier.thomas(a)gmail.com> crypto: aspeed - Fix dma_unmap_sg() direction Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() Simon Schuster <schuster.simon(a)siemens-energy.com> copy_sighand: Handle architectures where sizeof(unsigned long) < sizeof(u64) Adam Xue <zxue(a)semtech.com> bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() Sumit Kumar <sumit.kumar(a)oss.qualcomm.com> bus: mhi: ep: Fix chained transfer handling in read path Anderson Nascimento <anderson(a)allelesecurity.com> btrfs: avoid potential out-of-bounds in btrfs_encode_fh() Yu Kuai <yukuai3(a)huawei.com> blk-crypto: fix missing blktrace bio split events Shuhao Fu <sfual(a)cse.ust.hk> drm/nouveau: fix bad ret code in nouveau_bo_move_prep Marek Vasut <marek.vasut+renesas(a)mailbox.org> drm/rcar-du: dsi: Fix 1/2/3 lane support Ma Ke <make24(a)iscas.ac.cn> media: lirc: Fix error handling in lirc_register() Stephan Gerhold <stephan.gerhold(a)linaro.org> media: venus: firmware: Use correct reset sequence for IRIS2 Thomas Fourier <fourier.thomas(a)gmail.com> media: pci: ivtv: Add missing check after DMA map Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: mc: Fix MUST_CONNECT handling for pads with no links Qianfeng Rong <rongqianfeng(a)vivo.com> media: i2c: mt9v111: fix incorrect type for ret Thomas Fourier <fourier.thomas(a)gmail.com> media: cx18: Add missing check after DMA map Johan Hovold <johan(a)kernel.org> firmware: meson_sm: fix device leak at probe Jason Andryuk <jason.andryuk(a)amd.com> xen/events: Update virq_to_irq on migration Jason Andryuk <jason.andryuk(a)amd.com> xen/events: Return -EEXIST for bound VIRQs Lukas Wunner <lukas(a)wunner.de> xen/manage: Fix suspend error path Jason Andryuk <jason.andryuk(a)amd.com> xen/events: Cleanup find_virq() return codes Michael Riesch <michael.riesch(a)collabora.com> dt-bindings: phy: rockchip-inno-csi-dphy: make power-domains non-required Miaoqian Lin <linmq006(a)gmail.com> ARM: OMAP2+: pm33xx-core: ix device node reference leaks in amx3_idle_init Vibhore Vardhan <vibhore(a)ti.com> arm64: dts: ti: k3-am62a-main: Fix main padcfg length Stephan Gerhold <stephan.gerhold(a)linaro.org> arm64: dts: qcom: sdm845: Fix slimbam num-channels/ees Stephan Gerhold <stephan.gerhold(a)linaro.org> arm64: dts: qcom: msm8939: Add missing MDSS reset Stephan Gerhold <stephan.gerhold(a)linaro.org> arm64: dts: qcom: msm8916: Add missing MDSS reset Amir Mohammad Jahangirzad <a.jahangirzad(a)gmail.com> ACPI: debug: fix signedness issues in read/write helpers Daniel Tang <danielzgtg.opensource(a)gmail.com> ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI: property: Fix buffer properties extraction for subnodes KaFai Wan <kafai.wan(a)linux.dev> bpf: Avoid RCU context warning when unpinning htab with internal structs Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpio: wcd934x: mark the GPIO controller as sleeping Gunnar Kudrjavets <gunnarku(a)amazon.com> tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single Pali Rohár <pali(a)kernel.org> cifs: Query EA $LXMOD in cifs_query_path_info() for WSL reparse points Paulo Alcantara <pc(a)manguebit.org> smb: client: fix missing timestamp updates after utime(2) Herbert Xu <herbert(a)gondor.apana.org.au> crypto: essiv - Check ssize for decryption and in-place encryption Eric Woudstra <ericwouds(a)gmail.com> bridge: br_vlan_fill_forward_path_pvid: use br_vlan_group_rcu() Fernando Fernandez Mancera <fmancera(a)suse.de> netfilter: nft_objref: validate objref and objrefmap expressions Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: drop unused 3rd argument from validate callback ops Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Properly disable scaling on DCE6 Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Properly clear SCL_*_FILTER_CONTROL on DCE6 Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Add missing DCE6 SCL_HORZ_FILTER_INIT* SRIs Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: Add additional DCE6 SCL registers Daniel Borkmann <daniel(a)iogearbox.net> bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} Harini T <harini.t(a)amd.com> mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes Harini T <harini.t(a)amd.com> mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call Eric Dumazet <edumazet(a)google.com> tcp: take care of zero tp->window_clamp in tcp_set_rcvlowat() Leo Yan <leo.yan(a)arm.com> perf python: split Clang options when invoking Popen Leo Yan <leo.yan(a)arm.com> tools build: Align warning options with perf Erick Karanja <karanja99erick(a)gmail.com> net: fsl_pq_mdio: Fix device node reference leak in fsl_pq_mdio_probe Kuniyuki Iwashima <kuniyu(a)google.com> tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). Alexandr Sapozhnikov <alsp705(a)gmail.com> net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Fix copy-paste typo in validation Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Fix Use-after-free in validation Zack Rusin <zack.rusin(a)broadcom.com> drm/vmwgfx: Fix a null-ptr access in the cursor snooper Vineeth Vijayan <vneethv(a)linux.ibm.com> s390/cio: Update purge function to unregister the unused subchannels Dan Carpenter <dan.carpenter(a)linaro.org> net/mlx4: prevent potential use after free in mlx4_en_do_uc_filter() Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Init acpi_gbl_use_global_lock to false Tiezhu Yang <yangtiezhu(a)loongson.cn> LoongArch: Remove CONFIG_ACPI_TABLE_UPGRADE in platform_init() Peter Ujfalusi <peter.ujfalusi(a)linux.intel.com> ASoC: SOF: ipc4-topology: Correct the minimum host DMA buffer size Duoming Zhou <duoming(a)zju.edu.cn> scsi: mvsas: Fix use-after-free bugs in mvs_work_queue Aaron Kling <webgeek1234(a)gmail.com> cpufreq: tegra186: Set target frequency for all cpus in policy Fedor Pchelkin <pchelkin(a)ispras.ru> clk: tegra: do not overallocate memory for bpmp clocks Alok Tiwari <alok.a.tiwari(a)oracle.com> clk: nxp: Fix pll0 rate check condition in LPC18xx CGU driver Brian Masney <bmasney(a)redhat.com> clk: nxp: lpc18xx-cgu: convert from round_rate() to determine_rate() Chen-Yu Tsai <wenst(a)chromium.org> clk: mediatek: clk-mux: Do not pass flags to clk_mux_determine_rate_flags() AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> clk: mediatek: mt8195-infra_ao: Fix parent for infra_ao_hdmi_26m Ian Rogers <irogers(a)google.com> perf evsel: Ensure the fallback message is always written to Namhyung Kim <namhyung(a)kernel.org> perf tools: Add fallback for exclude_guest James Clark <james.clark(a)linaro.org> perf test: Add a test for default perf stat command Ian Rogers <irogers(a)google.com> perf test: Don't leak workload gopipe in PERF_RECORD_* Leo Yan <leo.yan(a)arm.com> perf session: Fix handling when buffer exceeds 2 GiB Leo Yan <leo.yan(a)arm.com> perf arm_spe: Correct memory level for remote access Leo Yan <leo.yan(a)arm.com> perf arm-spe: Rename the common data source encoding Leo Yan <leo.yan(a)arm.com> perf arm_spe: Correct setting remote access Clément Le Goffic <clement.legoffic(a)foss.st.com> rtc: optee: fix memory leak on driver removal Rob Herring (Arm) <robh(a)kernel.org> rtc: x1205: Fix Xicor X1205 vendor prefix Yunseong Kim <ysk(a)kzalloc.com> perf util: Fix compression checks returning -1 as bool Brian Masney <bmasney(a)redhat.com> clk: at91: peripheral: fix return value Ian Rogers <irogers(a)google.com> libperf event: Ensure tracing data is multiple of 8 sized Ian Rogers <irogers(a)google.com> perf evsel: Avoid container_of on a NULL leader Varad Gautam <varadgautam(a)google.com> asm-generic/io.h: Skip trace helpers if rwmmio events are disabled Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() Michael Hennerich <michael.hennerich(a)analog.com> iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE Zhen Ni <zhen.ni(a)easystack.cn> clocksource/drivers/clps711x: Fix resource leaks in error paths Aleksa Sarai <cyphar(a)cyphar.com> fscontext: do not consume log entries when returning -EMSGSIZE Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> fs: always return zero on success from replace_fd() ------------- Diffstat: Documentation/admin-guide/kernel-parameters.txt | 3 + .../bindings/phy/rockchip-inno-csi-dphy.yaml | 15 +- Makefile | 4 +- arch/arm/mach-omap2/pm33xx-core.c | 6 +- arch/arm64/boot/dts/qcom/msm8916.dtsi | 2 + arch/arm64/boot/dts/qcom/msm8939.dtsi | 2 + arch/arm64/boot/dts/qcom/sdm845.dtsi | 4 +- arch/arm64/boot/dts/ti/k3-am62a-main.dtsi | 2 +- arch/arm64/kernel/cpufeature.c | 10 +- arch/arm64/kernel/mte.c | 3 +- arch/arm64/kernel/probes/kprobes.c | 8 +- arch/loongarch/kernel/setup.c | 5 +- arch/parisc/include/uapi/asm/ioctls.h | 8 +- arch/parisc/lib/memcpy.c | 1 - arch/powerpc/platforms/powernv/pci-ioda.c | 2 +- arch/powerpc/platforms/pseries/msi.c | 2 +- arch/s390/net/bpf_jit.h | 55 --- arch/s390/net/bpf_jit_comp.c | 161 ++++---- arch/sparc/kernel/of_device_32.c | 1 + arch/sparc/kernel/of_device_64.c | 1 + arch/sparc/mm/hugetlbpage.c | 20 + arch/x86/include/asm/msr-index.h | 1 + arch/x86/kernel/umip.c | 15 +- arch/x86/kvm/pmu.c | 5 + arch/x86/kvm/svm/pmu.c | 1 + arch/x86/kvm/svm/svm.c | 13 +- arch/x86/kvm/x86.c | 2 + arch/xtensa/platforms/iss/simdisk.c | 6 +- block/blk-crypto-fallback.c | 3 + crypto/essiv.c | 14 +- drivers/acpi/acpi_dbg.c | 26 +- drivers/acpi/acpi_tad.c | 3 + drivers/acpi/acpica/evglock.c | 4 + drivers/acpi/battery.c | 60 +-- drivers/acpi/property.c | 139 ++++--- drivers/bus/mhi/ep/main.c | 37 +- drivers/bus/mhi/host/init.c | 5 +- drivers/char/ipmi/ipmi_kcs_sm.c | 16 +- drivers/char/ipmi/ipmi_msghandler.c | 422 ++++++++++----------- drivers/char/tpm/tpm_tis_core.c | 4 +- drivers/clk/at91/clk-peripheral.c | 7 +- drivers/clk/mediatek/clk-mt8195-infra_ao.c | 2 +- drivers/clk/mediatek/clk-mux.c | 4 +- drivers/clk/nxp/clk-lpc18xx-cgu.c | 20 +- drivers/clk/tegra/clk-bpmp.c | 2 +- drivers/clocksource/clps711x-timer.c | 23 +- drivers/cpufreq/intel_pstate.c | 8 +- drivers/cpufreq/tegra186-cpufreq.c | 8 +- drivers/crypto/aspeed/aspeed-hace-crypto.c | 2 +- drivers/crypto/atmel-tdes.c | 2 +- drivers/crypto/rockchip/rk3288_crypto_ahash.c | 2 +- drivers/firmware/meson/meson_sm.c | 7 +- drivers/gpio/gpio-wcd934x.c | 2 +- drivers/gpu/drm/amd/display/dc/dce/dce_transform.c | 21 +- drivers/gpu/drm/amd/display/dc/dce/dce_transform.h | 4 + .../gpu/drm/amd/include/asic_reg/dce/dce_6_0_d.h | 7 + .../drm/amd/include/asic_reg/dce/dce_6_0_sh_mask.h | 2 + drivers/gpu/drm/nouveau/nouveau_bo.c | 2 +- drivers/gpu/drm/renesas/rcar-du/rcar_mipi_dsi.c | 5 +- .../gpu/drm/renesas/rcar-du/rcar_mipi_dsi_regs.h | 8 +- drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c | 17 +- drivers/gpu/drm/vmwgfx/vmwgfx_validation.c | 6 +- drivers/iio/adc/xilinx-ams.c | 47 ++- drivers/iio/dac/ad5360.c | 2 +- drivers/iio/dac/ad5421.c | 2 +- drivers/iio/frequency/adf4350.c | 20 +- drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 4 - drivers/iommu/intel/iommu.c | 2 +- drivers/irqchip/irq-sifive-plic.c | 13 +- drivers/mailbox/zynqmp-ipi-mailbox.c | 7 +- drivers/media/i2c/mt9v111.c | 2 +- drivers/media/mc/mc-devnode.c | 6 +- drivers/media/mc/mc-entity.c | 2 +- drivers/media/pci/cx18/cx18-queue.c | 13 +- drivers/media/pci/ivtv/ivtv-irq.c | 2 +- drivers/media/pci/ivtv/ivtv-yuv.c | 8 +- drivers/media/platform/qcom/venus/firmware.c | 8 +- drivers/media/rc/lirc_dev.c | 9 +- drivers/memory/samsung/exynos-srom.c | 10 +- drivers/mfd/intel_soc_pmic_chtdc_ti.c | 5 +- drivers/misc/fastrpc.c | 37 +- drivers/mmc/core/sdio.c | 6 +- drivers/mtd/nand/raw/fsmc_nand.c | 6 +- drivers/net/ethernet/freescale/fsl_pq_mdio.c | 2 + drivers/net/ethernet/mellanox/mlx4/en_netdev.c | 2 +- drivers/net/wireless/ath/ath11k/core.c | 6 +- drivers/net/wireless/ath/ath11k/hal.c | 16 + drivers/net/wireless/ath/ath11k/hal.h | 1 + drivers/net/wireless/mediatek/mt76/mt7921/usb.c | 3 + drivers/nvme/host/pci.c | 2 + drivers/of/unittest.c | 1 + drivers/pci/controller/dwc/pci-keystone.c | 4 +- drivers/pci/controller/dwc/pcie-tegra194.c | 22 +- drivers/pci/controller/pci-tegra.c | 27 +- drivers/pci/controller/pcie-rcar-host.c | 40 +- drivers/pci/endpoint/functions/pci-epf-test.c | 19 +- drivers/pci/iov.c | 5 + drivers/pci/pci-driver.c | 1 + drivers/pci/pci-sysfs.c | 20 +- drivers/pci/pcie/aer.c | 12 +- drivers/pci/pcie/err.c | 8 +- drivers/pinctrl/samsung/pinctrl-samsung.h | 4 - drivers/power/supply/max77976_charger.c | 12 +- drivers/pwm/pwm-berlin.c | 4 +- drivers/rtc/interface.c | 27 ++ drivers/rtc/rtc-optee.c | 1 + drivers/rtc/rtc-x1205.c | 2 +- drivers/s390/cio/device.c | 37 +- drivers/scsi/hpsa.c | 21 +- drivers/scsi/mvsas/mv_init.c | 2 +- drivers/spi/spi-cadence-quadspi.c | 5 + drivers/video/fbdev/core/fb_cmdline.c | 2 +- drivers/xen/events/events_base.c | 37 +- drivers/xen/manage.c | 3 +- fs/btrfs/export.c | 8 +- fs/btrfs/extent_io.c | 14 +- fs/cramfs/inode.c | 11 +- fs/ext4/fsmap.c | 14 +- fs/ext4/inode.c | 10 +- fs/ext4/move_extent.c | 2 +- fs/ext4/orphan.c | 17 +- fs/ext4/xattr.c | 19 +- fs/file.c | 5 +- fs/fs-writeback.c | 32 +- fs/fsopen.c | 70 ++-- fs/minix/inode.c | 8 +- fs/namei.c | 8 + fs/namespace.c | 11 +- fs/nfsd/lockd.c | 15 + fs/nfsd/nfs4proc.c | 2 +- fs/ntfs3/bitmap.c | 1 + fs/smb/client/smb1ops.c | 62 ++- fs/smb/client/smb2inode.c | 22 +- fs/smb/server/ksmbd_netlink.h | 5 +- fs/smb/server/server.h | 1 + fs/smb/server/transport_ipc.c | 3 + fs/smb/server/transport_tcp.c | 28 +- fs/squashfs/inode.c | 24 +- include/acpi/acpixf.h | 6 + include/asm-generic/io.h | 98 +++-- include/linux/iio/frequency/adf4350.h | 2 +- include/linux/ksm.h | 6 + include/linux/sched.h | 11 +- include/media/v4l2-subdev.h | 30 +- include/net/netfilter/nf_tables.h | 3 +- include/net/netfilter/nft_fib.h | 4 +- include/net/netfilter/nft_meta.h | 3 +- include/net/netfilter/nft_reject.h | 3 +- init/main.c | 12 + kernel/bpf/inode.c | 4 +- kernel/fork.c | 2 +- kernel/pid.c | 5 +- kernel/rseq.c | 10 +- kernel/sched/deadline.c | 73 ++-- kernel/sys.c | 22 +- kernel/trace/trace_fprobe.c | 11 +- kernel/trace/trace_kprobe.c | 11 +- kernel/trace/trace_probe.h | 9 +- kernel/trace/trace_uprobe.c | 12 +- lib/crypto/Makefile | 4 + lib/genalloc.c | 5 +- mm/damon/vaddr.c | 8 +- mm/hugetlb.c | 3 + mm/page_alloc.c | 2 +- net/bridge/br_vlan.c | 2 +- net/bridge/netfilter/nft_meta_bridge.c | 5 +- net/bridge/netfilter/nft_reject_bridge.c | 3 +- net/core/filter.c | 2 + net/ipv4/tcp.c | 5 +- net/ipv4/tcp_input.c | 1 - net/mptcp/pm.c | 7 +- net/mptcp/pm_netlink.c | 52 ++- net/mptcp/protocol.h | 8 + net/netfilter/nf_tables_api.c | 3 +- net/netfilter/nft_compat.c | 6 +- net/netfilter/nft_fib.c | 3 +- net/netfilter/nft_flow_offload.c | 3 +- net/netfilter/nft_fwd_netdev.c | 3 +- net/netfilter/nft_immediate.c | 3 +- net/netfilter/nft_lookup.c | 3 +- net/netfilter/nft_masq.c | 3 +- net/netfilter/nft_meta.c | 6 +- net/netfilter/nft_nat.c | 3 +- net/netfilter/nft_objref.c | 39 ++ net/netfilter/nft_osf.c | 3 +- net/netfilter/nft_queue.c | 3 +- net/netfilter/nft_redir.c | 3 +- net/netfilter/nft_reject.c | 3 +- net/netfilter/nft_reject_inet.c | 3 +- net/netfilter/nft_reject_netdev.c | 3 +- net/netfilter/nft_rt.c | 3 +- net/netfilter/nft_socket.c | 3 +- net/netfilter/nft_synproxy.c | 3 +- net/netfilter/nft_tproxy.c | 3 +- net/netfilter/nft_xfrm.c | 3 +- net/sctp/sm_make_chunk.c | 3 +- net/sctp/sm_statefuns.c | 6 +- security/keys/trusted-keys/trusted_tpm1.c | 7 +- sound/soc/sof/ipc4-topology.h | 4 +- tools/build/feature/Makefile | 4 +- tools/lib/perf/include/perf/event.h | 1 + tools/perf/builtin-stat.c | 18 +- tools/perf/tests/perf-record.c | 4 + tools/perf/tests/shell/stat.sh | 29 ++ tools/perf/util/arm-spe-decoder/arm-spe-decoder.h | 18 +- tools/perf/util/arm-spe.c | 34 +- tools/perf/util/evsel.c | 31 +- tools/perf/util/lzma.c | 2 +- tools/perf/util/session.c | 2 +- tools/perf/util/setup.py | 5 +- tools/perf/util/zlib.c | 2 +- tools/testing/selftests/mm/madv_populate.c | 21 +- tools/testing/selftests/mm/soft-dirty.c | 5 +- tools/testing/selftests/mm/vm_util.c | 77 ++++ tools/testing/selftests/mm/vm_util.h | 1 + tools/testing/selftests/net/mptcp/mptcp_join.sh | 11 + tools/testing/selftests/rseq/rseq.c | 8 +- 217 files changed, 1951 insertions(+), 1097 deletions(-)

2 weeks, 4 days

9
209
0 0

FAILED: patch "[PATCH] btrfs: avoid potential out-of-bounds in btrfs_encode_fh()" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x dff4f9ff5d7f289e4545cc936362e01ed3252742 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101645-ceremony-playlist-e997@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From dff4f9ff5d7f289e4545cc936362e01ed3252742 Mon Sep 17 00:00:00 2001 From: Anderson Nascimento <anderson(a)allelesecurity.com> Date: Mon, 8 Sep 2025 09:49:02 -0300 Subject: [PATCH] btrfs: avoid potential out-of-bounds in btrfs_encode_fh() The function btrfs_encode_fh() does not properly account for the three cases it handles. Before writing to the file handle (fh), the function only returns to the user BTRFS_FID_SIZE_NON_CONNECTABLE (5 dwords, 20 bytes) or BTRFS_FID_SIZE_CONNECTABLE (8 dwords, 32 bytes). However, when a parent exists and the root ID of the parent and the inode are different, the function writes BTRFS_FID_SIZE_CONNECTABLE_ROOT (10 dwords, 40 bytes). If *max_len is not large enough, this write goes out of bounds because BTRFS_FID_SIZE_CONNECTABLE_ROOT is greater than BTRFS_FID_SIZE_CONNECTABLE originally returned. This results in an 8-byte out-of-bounds write at fid->parent_root_objectid = parent_root_id. A previous attempt to fix this issue was made but was lost. https://lore.kernel.org/all/4CADAEEC020000780001B32C@vpn.id2.novell.com/ Although this issue does not seem to be easily triggerable, it is a potential memory corruption bug that should be fixed. This patch resolves the issue by ensuring the function returns the appropriate size for all three cases and validates that *max_len is large enough before writing any data. Fixes: be6e8dc0ba84 ("NFS support for btrfs - v3") CC: stable(a)vger.kernel.org # 3.0+ Signed-off-by: Anderson Nascimento <anderson(a)allelesecurity.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/export.c b/fs/btrfs/export.c index d062ac521051..230d9326b685 100644 --- a/fs/btrfs/export.c +++ b/fs/btrfs/export.c @@ -23,7 +23,11 @@ static int btrfs_encode_fh(struct inode *inode, u32 *fh, int *max_len, int type; if (parent && (len < BTRFS_FID_SIZE_CONNECTABLE)) { - *max_len = BTRFS_FID_SIZE_CONNECTABLE; + if (btrfs_root_id(BTRFS_I(inode)->root) != + btrfs_root_id(BTRFS_I(parent)->root)) + *max_len = BTRFS_FID_SIZE_CONNECTABLE_ROOT; + else + *max_len = BTRFS_FID_SIZE_CONNECTABLE; return FILEID_INVALID; } else if (len < BTRFS_FID_SIZE_NON_CONNECTABLE) { *max_len = BTRFS_FID_SIZE_NON_CONNECTABLE; @@ -45,6 +49,8 @@ static int btrfs_encode_fh(struct inode *inode, u32 *fh, int *max_len, parent_root_id = btrfs_root_id(BTRFS_I(parent)->root); if (parent_root_id != fid->root_objectid) { + if (*max_len < BTRFS_FID_SIZE_CONNECTABLE_ROOT) + return FILEID_INVALID; fid->parent_root_objectid = parent_root_id; len = BTRFS_FID_SIZE_CONNECTABLE_ROOT; type = FILEID_BTRFS_WITH_PARENT_ROOT;

2 weeks, 4 days

2
1
0 0

FAILED: patch "[PATCH] cdx: Fix device node reference leak in cdx_msi_domain_init" failed to apply to 6.12-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.12-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y git checkout FETCH_HEAD git cherry-pick -x 76254bc489d39dae9a3427f0984fe64213d20548 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101657-coaster-squall-0e3f@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 76254bc489d39dae9a3427f0984fe64213d20548 Mon Sep 17 00:00:00 2001 From: Miaoqian Lin <linmq006(a)gmail.com> Date: Tue, 2 Sep 2025 16:49:33 +0800 Subject: [PATCH] cdx: Fix device node reference leak in cdx_msi_domain_init Add missing of_node_put() call to release the device node reference obtained via of_parse_phandle(). Fixes: 0e439ba38e61 ("cdx: add MSI support for CDX bus") Cc: stable(a)vger.kernel.org Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> Acked-by: Nipun Gupta <nipun.gupta(a)amd.com> Link: https://lore.kernel.org/r/20250902084933.2418264-1-linmq006@gmail.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/cdx/cdx_msi.c b/drivers/cdx/cdx_msi.c index 3388a5d1462c..91b95422b263 100644 --- a/drivers/cdx/cdx_msi.c +++ b/drivers/cdx/cdx_msi.c @@ -174,6 +174,7 @@ struct irq_domain *cdx_msi_domain_init(struct device *dev) } parent = irq_find_matching_fwnode(of_fwnode_handle(parent_node), DOMAIN_BUS_NEXUS); + of_node_put(parent_node); if (!parent || !msi_get_domain_info(parent)) { dev_err(dev, "unable to locate ITS domain\n"); return NULL;

2 weeks, 4 days

2
2
0 0

FAILED: patch "[PATCH] bus: mhi: host: Do not use uninitialized 'dev' pointer in" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x d0856a6dff57f95cc5d2d74e50880f01697d0cc4 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101641-blooming-stiffness-1ee0@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d0856a6dff57f95cc5d2d74e50880f01697d0cc4 Mon Sep 17 00:00:00 2001 From: Adam Xue <zxue(a)semtech.com> Date: Fri, 5 Sep 2025 10:41:18 -0700 Subject: [PATCH] bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() In mhi_init_irq_setup, the device pointer used for dev_err() was not initialized. Use the pointer from mhi_cntrl instead. Fixes: b0fc0167f254 ("bus: mhi: core: Allow shared IRQ for event rings") Fixes: 3000f85b8f47 ("bus: mhi: core: Add support for basic PM operations") Signed-off-by: Adam Xue <zxue(a)semtech.com> [mani: reworded subject/description and CCed stable] Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam(a)oss.qualcomm.com> Reviewed-by: Krishna Chaitanya Chundru <krishna.chundru(a)oss.qualcomm.com> Cc: stable(a)vger.kernel.org Link: https://patch.msgid.link/20250905174118.38512-1-zxue@semtech.com diff --git a/drivers/bus/mhi/host/init.c b/drivers/bus/mhi/host/init.c index 7f72aab38ce9..099be8dd1900 100644 --- a/drivers/bus/mhi/host/init.c +++ b/drivers/bus/mhi/host/init.c @@ -194,7 +194,6 @@ static void mhi_deinit_free_irq(struct mhi_controller *mhi_cntrl) static int mhi_init_irq_setup(struct mhi_controller *mhi_cntrl) { struct mhi_event *mhi_event = mhi_cntrl->mhi_event; - struct device *dev = &mhi_cntrl->mhi_dev->dev; unsigned long irq_flags = IRQF_SHARED | IRQF_NO_SUSPEND; int i, ret; @@ -221,7 +220,7 @@ static int mhi_init_irq_setup(struct mhi_controller *mhi_cntrl) continue; if (mhi_event->irq >= mhi_cntrl->nr_irqs) { - dev_err(dev, "irq %d not available for event ring\n", + dev_err(mhi_cntrl->cntrl_dev, "irq %d not available for event ring\n", mhi_event->irq); ret = -EINVAL; goto error_request; @@ -232,7 +231,7 @@ static int mhi_init_irq_setup(struct mhi_controller *mhi_cntrl) irq_flags, "mhi", mhi_event); if (ret) { - dev_err(dev, "Error requesting irq:%d for ev:%d\n", + dev_err(mhi_cntrl->cntrl_dev, "Error requesting irq:%d for ev:%d\n", mhi_cntrl->irq[mhi_event->irq], i); goto error_request; }

2 weeks, 4 days

2
1
0 0

FAILED: patch "[PATCH] blk-crypto: fix missing blktrace bio split events" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 06d712d297649f48ebf1381d19bd24e942813b37 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101656-curdle-duration-949d@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 06d712d297649f48ebf1381d19bd24e942813b37 Mon Sep 17 00:00:00 2001 From: Yu Kuai <yukuai3(a)huawei.com> Date: Wed, 10 Sep 2025 14:30:45 +0800 Subject: [PATCH] blk-crypto: fix missing blktrace bio split events trace_block_split() is missing, resulting in blktrace inability to catch BIO split events and making it harder to analyze the BIO sequence. Cc: stable(a)vger.kernel.org Fixes: 488f6682c832 ("block: blk-crypto-fallback for Inline Encryption") Signed-off-by: Yu Kuai <yukuai3(a)huawei.com> Reviewed-by: Bart Van Assche <bvanassche(a)acm.org> Reviewed-by: Christoph Hellwig <hch(a)lst.de> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/block/blk-crypto-fallback.c b/block/blk-crypto-fallback.c index dbc2d8784dab..27fa1ec4b264 100644 --- a/block/blk-crypto-fallback.c +++ b/block/blk-crypto-fallback.c @@ -18,6 +18,7 @@ #include <linux/module.h> #include <linux/random.h> #include <linux/scatterlist.h> +#include <trace/events/block.h> #include "blk-cgroup.h" #include "blk-crypto-internal.h" @@ -230,7 +231,9 @@ static bool blk_crypto_fallback_split_bio_if_needed(struct bio **bio_ptr) bio->bi_status = BLK_STS_RESOURCE; return false; } + bio_chain(split_bio, bio); + trace_block_split(split_bio, bio->bi_iter.bi_sector); submit_bio_noacct(bio); *bio_ptr = split_bio; }

2 weeks, 4 days

2
1
0 0

FAILED: patch "[PATCH] drm/exynos: exynos7_drm_decon: remove ctx->suspended" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x e1361a4f1be9cb69a662c6d7b5ce218007d6e82b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101641-wistful-rebuff-94b8@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e1361a4f1be9cb69a662c6d7b5ce218007d6e82b Mon Sep 17 00:00:00 2001 From: Kaustabh Chakraborty <kauschluss(a)disroot.org> Date: Sun, 6 Jul 2025 22:59:46 +0530 Subject: [PATCH] drm/exynos: exynos7_drm_decon: remove ctx->suspended Condition guards are found to be redundant, as the call flow is properly managed now, as also observed in the Exynos5433 DECON driver. Since state checking is no longer necessary, remove it. This also fixes an issue which prevented decon_commit() from decon_atomic_enable() due to an incorrect state change setting. Fixes: 96976c3d9aff ("drm/exynos: Add DECON driver") Cc: stable(a)vger.kernel.org Suggested-by: Inki Dae <inki.dae(a)samsung.com> Signed-off-by: Kaustabh Chakraborty <kauschluss(a)disroot.org> Signed-off-by: Inki Dae <inki.dae(a)samsung.com> diff --git a/drivers/gpu/drm/exynos/exynos7_drm_decon.c b/drivers/gpu/drm/exynos/exynos7_drm_decon.c index 805aa28c1723..b8d9b7251319 100644 --- a/drivers/gpu/drm/exynos/exynos7_drm_decon.c +++ b/drivers/gpu/drm/exynos/exynos7_drm_decon.c @@ -69,7 +69,6 @@ struct decon_context { void __iomem *regs; unsigned long irq_flags; bool i80_if; - bool suspended; wait_queue_head_t wait_vsync_queue; atomic_t wait_vsync_event; @@ -132,9 +131,6 @@ static void decon_shadow_protect_win(struct decon_context *ctx, static void decon_wait_for_vblank(struct decon_context *ctx) { - if (ctx->suspended) - return; - atomic_set(&ctx->wait_vsync_event, 1); /* @@ -210,9 +206,6 @@ static void decon_commit(struct exynos_drm_crtc *crtc) struct drm_display_mode *mode = &crtc->base.state->adjusted_mode; u32 val, clkdiv; - if (ctx->suspended) - return; - /* nothing to do if we haven't set the mode yet */ if (mode->htotal == 0 || mode->vtotal == 0) return; @@ -274,9 +267,6 @@ static int decon_enable_vblank(struct exynos_drm_crtc *crtc) struct decon_context *ctx = crtc->ctx; u32 val; - if (ctx->suspended) - return -EPERM; - if (!test_and_set_bit(0, &ctx->irq_flags)) { val = readl(ctx->regs + VIDINTCON0); @@ -299,9 +289,6 @@ static void decon_disable_vblank(struct exynos_drm_crtc *crtc) struct decon_context *ctx = crtc->ctx; u32 val; - if (ctx->suspended) - return; - if (test_and_clear_bit(0, &ctx->irq_flags)) { val = readl(ctx->regs + VIDINTCON0); @@ -404,9 +391,6 @@ static void decon_atomic_begin(struct exynos_drm_crtc *crtc) struct decon_context *ctx = crtc->ctx; int i; - if (ctx->suspended) - return; - for (i = 0; i < WINDOWS_NR; i++) decon_shadow_protect_win(ctx, i, true); } @@ -427,9 +411,6 @@ static void decon_update_plane(struct exynos_drm_crtc *crtc, unsigned int pitch = fb->pitches[0]; unsigned int vidw_addr0_base = ctx->data->vidw_buf_start_base; - if (ctx->suspended) - return; - /* * SHADOWCON/PRTCON register is used for enabling timing. * @@ -517,9 +498,6 @@ static void decon_disable_plane(struct exynos_drm_crtc *crtc, unsigned int win = plane->index; u32 val; - if (ctx->suspended) - return; - /* protect windows */ decon_shadow_protect_win(ctx, win, true); @@ -538,9 +516,6 @@ static void decon_atomic_flush(struct exynos_drm_crtc *crtc) struct decon_context *ctx = crtc->ctx; int i; - if (ctx->suspended) - return; - for (i = 0; i < WINDOWS_NR; i++) decon_shadow_protect_win(ctx, i, false); exynos_crtc_handle_event(crtc); @@ -568,9 +543,6 @@ static void decon_atomic_enable(struct exynos_drm_crtc *crtc) struct decon_context *ctx = crtc->ctx; int ret; - if (!ctx->suspended) - return; - ret = pm_runtime_resume_and_get(ctx->dev); if (ret < 0) { DRM_DEV_ERROR(ctx->dev, "failed to enable DECON device.\n"); @@ -584,8 +556,6 @@ static void decon_atomic_enable(struct exynos_drm_crtc *crtc) decon_enable_vblank(ctx->crtc); decon_commit(ctx->crtc); - - ctx->suspended = false; } static void decon_atomic_disable(struct exynos_drm_crtc *crtc) @@ -593,9 +563,6 @@ static void decon_atomic_disable(struct exynos_drm_crtc *crtc) struct decon_context *ctx = crtc->ctx; int i; - if (ctx->suspended) - return; - /* * We need to make sure that all windows are disabled before we * suspend that connector. Otherwise we might try to scan from @@ -605,8 +572,6 @@ static void decon_atomic_disable(struct exynos_drm_crtc *crtc) decon_disable_plane(crtc, &ctx->planes[i]); pm_runtime_put_sync(ctx->dev); - - ctx->suspended = true; } static const struct exynos_drm_crtc_ops decon_crtc_ops = { @@ -727,7 +692,6 @@ static int decon_probe(struct platform_device *pdev) return -ENOMEM; ctx->dev = dev; - ctx->suspended = true; ctx->data = of_device_get_match_data(dev); i80_if_timings = of_get_child_by_name(dev->of_node, "i80-if-timings");

2 weeks, 4 days

2
1
0 0

FAILED: patch "[PATCH] drm/exynos: exynos7_drm_decon: remove ctx->suspended" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x e1361a4f1be9cb69a662c6d7b5ce218007d6e82b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101641-plop-hertz-3940@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e1361a4f1be9cb69a662c6d7b5ce218007d6e82b Mon Sep 17 00:00:00 2001 From: Kaustabh Chakraborty <kauschluss(a)disroot.org> Date: Sun, 6 Jul 2025 22:59:46 +0530 Subject: [PATCH] drm/exynos: exynos7_drm_decon: remove ctx->suspended Condition guards are found to be redundant, as the call flow is properly managed now, as also observed in the Exynos5433 DECON driver. Since state checking is no longer necessary, remove it. This also fixes an issue which prevented decon_commit() from decon_atomic_enable() due to an incorrect state change setting. Fixes: 96976c3d9aff ("drm/exynos: Add DECON driver") Cc: stable(a)vger.kernel.org Suggested-by: Inki Dae <inki.dae(a)samsung.com> Signed-off-by: Kaustabh Chakraborty <kauschluss(a)disroot.org> Signed-off-by: Inki Dae <inki.dae(a)samsung.com> diff --git a/drivers/gpu/drm/exynos/exynos7_drm_decon.c b/drivers/gpu/drm/exynos/exynos7_drm_decon.c index 805aa28c1723..b8d9b7251319 100644 --- a/drivers/gpu/drm/exynos/exynos7_drm_decon.c +++ b/drivers/gpu/drm/exynos/exynos7_drm_decon.c @@ -69,7 +69,6 @@ struct decon_context { void __iomem *regs; unsigned long irq_flags; bool i80_if; - bool suspended; wait_queue_head_t wait_vsync_queue; atomic_t wait_vsync_event; @@ -132,9 +131,6 @@ static void decon_shadow_protect_win(struct decon_context *ctx, static void decon_wait_for_vblank(struct decon_context *ctx) { - if (ctx->suspended) - return; - atomic_set(&ctx->wait_vsync_event, 1); /* @@ -210,9 +206,6 @@ static void decon_commit(struct exynos_drm_crtc *crtc) struct drm_display_mode *mode = &crtc->base.state->adjusted_mode; u32 val, clkdiv; - if (ctx->suspended) - return; - /* nothing to do if we haven't set the mode yet */ if (mode->htotal == 0 || mode->vtotal == 0) return; @@ -274,9 +267,6 @@ static int decon_enable_vblank(struct exynos_drm_crtc *crtc) struct decon_context *ctx = crtc->ctx; u32 val; - if (ctx->suspended) - return -EPERM; - if (!test_and_set_bit(0, &ctx->irq_flags)) { val = readl(ctx->regs + VIDINTCON0); @@ -299,9 +289,6 @@ static void decon_disable_vblank(struct exynos_drm_crtc *crtc) struct decon_context *ctx = crtc->ctx; u32 val; - if (ctx->suspended) - return; - if (test_and_clear_bit(0, &ctx->irq_flags)) { val = readl(ctx->regs + VIDINTCON0); @@ -404,9 +391,6 @@ static void decon_atomic_begin(struct exynos_drm_crtc *crtc) struct decon_context *ctx = crtc->ctx; int i; - if (ctx->suspended) - return; - for (i = 0; i < WINDOWS_NR; i++) decon_shadow_protect_win(ctx, i, true); } @@ -427,9 +411,6 @@ static void decon_update_plane(struct exynos_drm_crtc *crtc, unsigned int pitch = fb->pitches[0]; unsigned int vidw_addr0_base = ctx->data->vidw_buf_start_base; - if (ctx->suspended) - return; - /* * SHADOWCON/PRTCON register is used for enabling timing. * @@ -517,9 +498,6 @@ static void decon_disable_plane(struct exynos_drm_crtc *crtc, unsigned int win = plane->index; u32 val; - if (ctx->suspended) - return; - /* protect windows */ decon_shadow_protect_win(ctx, win, true); @@ -538,9 +516,6 @@ static void decon_atomic_flush(struct exynos_drm_crtc *crtc) struct decon_context *ctx = crtc->ctx; int i; - if (ctx->suspended) - return; - for (i = 0; i < WINDOWS_NR; i++) decon_shadow_protect_win(ctx, i, false); exynos_crtc_handle_event(crtc); @@ -568,9 +543,6 @@ static void decon_atomic_enable(struct exynos_drm_crtc *crtc) struct decon_context *ctx = crtc->ctx; int ret; - if (!ctx->suspended) - return; - ret = pm_runtime_resume_and_get(ctx->dev); if (ret < 0) { DRM_DEV_ERROR(ctx->dev, "failed to enable DECON device.\n"); @@ -584,8 +556,6 @@ static void decon_atomic_enable(struct exynos_drm_crtc *crtc) decon_enable_vblank(ctx->crtc); decon_commit(ctx->crtc); - - ctx->suspended = false; } static void decon_atomic_disable(struct exynos_drm_crtc *crtc) @@ -593,9 +563,6 @@ static void decon_atomic_disable(struct exynos_drm_crtc *crtc) struct decon_context *ctx = crtc->ctx; int i; - if (ctx->suspended) - return; - /* * We need to make sure that all windows are disabled before we * suspend that connector. Otherwise we might try to scan from @@ -605,8 +572,6 @@ static void decon_atomic_disable(struct exynos_drm_crtc *crtc) decon_disable_plane(crtc, &ctx->planes[i]); pm_runtime_put_sync(ctx->dev); - - ctx->suspended = true; } static const struct exynos_drm_crtc_ops decon_crtc_ops = { @@ -727,7 +692,6 @@ static int decon_probe(struct platform_device *pdev) return -ENOMEM; ctx->dev = dev; - ctx->suspended = true; ctx->data = of_device_get_match_data(dev); i80_if_timings = of_get_child_by_name(dev->of_node, "i80-if-timings");

2 weeks, 4 days

2
1
0 0

FAILED: patch "[PATCH] drm/amd: Fix hybrid sleep" failed to apply to 6.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.17.y git checkout FETCH_HEAD git cherry-pick -x 0a6e9e098fcc318fec0f45a05a5c4743a81a60d9 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101656-trailside-reabsorb-e368@gregkh' --subject-prefix 'PATCH 6.17.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 0a6e9e098fcc318fec0f45a05a5c4743a81a60d9 Mon Sep 17 00:00:00 2001 From: "Mario Limonciello (AMD)" <superm1(a)kernel.org> Date: Thu, 25 Sep 2025 13:51:08 -0500 Subject: [PATCH] drm/amd: Fix hybrid sleep [Why] commit 530694f54dd5e ("drm/amdgpu: do not resume device in thaw for normal hibernation") optimized the flow for systems that are going into S4 where the power would be turned off. Basically the thaw() callback wouldn't resume the device if the hibernation image was successfully created since the system would be powered off. This however isn't the correct flow for a system entering into s0i3 after the hibernation image is created. Some of the amdgpu callbacks have different behavior depending upon the intended state of the suspend. [How] Use pm_hibernation_mode_is_suspend() as an input to decide whether to run resume during thaw() callback. Reported-by: Ionut Nechita <ionut_n2001(a)yahoo.com> Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/4573 Tested-by: Ionut Nechita <ionut_n2001(a)yahoo.com> Fixes: 530694f54dd5e ("drm/amdgpu: do not resume device in thaw for normal hibernation") Acked-by: Alex Deucher <alexander.deucher(a)amd.com> Tested-by: Kenneth Crudup <kenny(a)panix.com> Signed-off-by: Mario Limonciello (AMD) <superm1(a)kernel.org> Cc: 6.17+ <stable(a)vger.kernel.org> # 6.17+: 495c8d35035e: PM: hibernate: Add pm_hibernation_mode_is_suspend() Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c index 395c6be901ce..dcea66aadfa3 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c @@ -2665,7 +2665,7 @@ static int amdgpu_pmops_thaw(struct device *dev) struct drm_device *drm_dev = dev_get_drvdata(dev); /* do not resume device if it's normal hibernation */ - if (!pm_hibernate_is_recovering()) + if (!pm_hibernate_is_recovering() && !pm_hibernation_mode_is_suspend()) return 0; return amdgpu_device_resume(drm_dev, true);

2 weeks, 4 days

2
2
0 0

[PATCH v6 03/10] KEYS: trusted: Fix memory leak in tpm2_load()

by Jarkko Sakkinen

tpm2_load() allocates a blob indirectly via tpm2_key_decode() but it is not freed in all failure paths. Address this with a scope-based cleanup helper __free(). For legacy blobs, the implicit de-allocation is gets disable by no_free_ptr(). Cc: stable(a)vger.kernel.org # v5.13+ Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs") Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v6: - A new patch in this version. --- security/keys/trusted-keys/trusted_tpm2.c | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c index 024be262702f..468a4a339541 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -106,9 +106,8 @@ struct tpm2_key_context { u32 priv_len; }; -static int tpm2_key_decode(struct trusted_key_payload *payload, - struct trusted_key_options *options, - u8 **buf) +static void *tpm2_key_decode(struct trusted_key_payload *payload, + struct trusted_key_options *options) { int ret; struct tpm2_key_context ctx; @@ -119,16 +118,15 @@ static int tpm2_key_decode(struct trusted_key_payload *payload, ret = asn1_ber_decoder(&tpm2key_decoder, &ctx, payload->blob, payload->blob_len); if (ret < 0) - return ret; + return ERR_PTR(ret); if (ctx.priv_len + ctx.pub_len > MAX_BLOB_SIZE) - return -EINVAL; + return ERR_PTR(-EINVAL); blob = kmalloc(ctx.priv_len + ctx.pub_len + 4, GFP_KERNEL); if (!blob) - return -ENOMEM; + return ERR_PTR(-ENOMEM); - *buf = blob; options->keyhandle = ctx.parent; memcpy(blob, ctx.priv, ctx.priv_len); @@ -136,7 +134,7 @@ static int tpm2_key_decode(struct trusted_key_payload *payload, memcpy(blob, ctx.pub, ctx.pub_len); - return 0; + return blob; } int tpm2_key_parent(void *context, size_t hdrlen, @@ -391,13 +389,14 @@ static int tpm2_load_cmd(struct tpm_chip *chip, unsigned int private_len; unsigned int public_len; unsigned int blob_len; - u8 *blob, *pub; + u8 *pub; int rc; u32 attrs; - rc = tpm2_key_decode(payload, options, &blob); - if (rc) { + u8 *blob __free(kfree) = tpm2_key_decode(payload, options); + if (IS_ERR(blob)) { /* old form */ + no_free_ptr(blob); blob = payload->blob; payload->old_format = 1; } @@ -464,8 +463,6 @@ static int tpm2_load_cmd(struct tpm_chip *chip, (__be32 *) &buf.data[TPM_HEADER_SIZE]); out: - if (blob != payload->blob) - kfree(blob); tpm_buf_destroy(&buf); if (rc > 0) -- 2.39.5

2 weeks, 4 days

1
0
0 0

[REGRESSION] stable-rc/linux-5.10.y: (build) call to '__compiletime_assert_1041' declared with 'error' attribut...

by KernelCI bot

Hello, New build issue found on stable-rc/linux-5.10.y: --- call to '__compiletime_assert_1041' declared with 'error' attribute: clamp() low limit -7 greater than high limit 15 in drivers/net/wireless/ralink/rt2x00/rt2800lib.o (drivers/net/wireless/ralink/rt2x00/rt2800lib.c) [logspec:kbuild,kbuild.compiler.error] --- - dashboard: https://d.kernelci.org/i/maestro:8602a79225a0e4285a39b81bbd04352b6ec80927 - giturl: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git - commit HEAD: a32db271d59d9f35f3a937ac27fcc2db1e029cdc Log excerpt: ===================================================== drivers/net/wireless/ralink/rt2x00/rt2800lib.c:3980:10: error: call to '__compiletime_assert_1041' declared with 'error' attribute: clamp() low limit -7 greater than high limit 15 3980 | return clamp_t(char, txpower, MIN_A_TXPOWER, MAX_A_TXPOWER); | ^ ./include/linux/minmax.h:218:36: note: expanded from macro 'clamp_t' 218 | #define clamp_t(type, val, lo, hi) __careful_clamp(type, val, lo, hi) | ^ ./include/linux/minmax.h:195:2: note: expanded from macro '__careful_clamp' 195 | __clamp_once(type, val, lo, hi, __UNIQUE_ID(v_), __UNIQUE_ID(l_), __UNIQUE_ID(h_)) | ^ ./include/linux/minmax.h:188:2: note: expanded from macro '__clamp_once' 188 | BUILD_BUG_ON_MSG(statically_true(ulo > uhi), \ | ^ note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all) ././include/linux/compiler_types.h:297:2: note: expanded from macro '_compiletime_assert' 297 | __compiletime_assert(condition, msg, prefix, suffix) | ^ ././include/linux/compiler_types.h:290:4: note: expanded from macro '__compiletime_assert' 290 | prefix ## suffix(); \ | ^ <scratch space>:146:1: note: expanded from here 146 | __compiletime_assert_1041 | ^ drivers/net/wireless/ralink/rt2x00/rt2800lib.c:3980:10: error: call to '__compiletime_assert_1041' declared with 'error' attribute: clamp() low limit -7 greater than high limit 15 ./include/linux/minmax.h:218:36: note: expanded from macro 'clamp_t' 218 | #define clamp_t(type, val, lo, hi) __careful_clamp(type, val, lo, hi) | ^ ./include/linux/minmax.h:195:2: note: expanded from macro '__careful_clamp' 195 | __clamp_once(type, val, lo, hi, __UNIQUE_ID(v_), __UNIQUE_ID(l_), __UNIQUE_ID(h_)) | ^ ./include/linux/minmax.h:188:2: note: expanded from macro '__clamp_once' 188 | BUILD_BUG_ON_MSG(statically_true(ulo > uhi), \ | ^ note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all) ././include/linux/compiler_types.h:297:2: note: expanded from macro '_compiletime_assert' 297 | __compiletime_assert(condition, msg, prefix, suffix) | ^ ././include/linux/compiler_types.h:290:4: note: expanded from macro '__compiletime_assert' 290 | prefix ## suffix(); \ | ^ <scratch space>:146:1: note: expanded from here 146 | __compiletime_assert_1041 | ^ drivers/net/wireless/ralink/rt2x00/rt2800lib.c:3980:10: error: call to '__compiletime_assert_1041' declared with 'error' attribute: clamp() low limit -7 greater than high limit 15 ./include/linux/minmax.h:218:36: note: expanded from macro 'clamp_t' 218 | #define clamp_t(type, val, lo, hi) __careful_clamp(type, val, lo, hi) | ^ ./include/linux/minmax.h:195:2: note: expanded from macro '__careful_clamp' 195 | __clamp_once(type, val, lo, hi, __UNIQUE_ID(v_), __UNIQUE_ID(l_), __UNIQUE_ID(h_)) | ^ ./include/linux/minmax.h:188:2: note: expanded from macro '__clamp_once' 188 | BUILD_BUG_ON_MSG(statically_true(ulo > uhi), \ | ^ note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all) ././include/linux/compiler_types.h:297:2: note: expanded from macro '_compiletime_assert' 297 | __compiletime_assert(condition, msg, prefix, suffix) | ^ ././include/linux/compiler_types.h:290:4: note: expanded from macro '__compiletime_assert' 290 | prefix ## suffix(); \ | ^ <scratch space>:146:1: note: expanded from here 146 | __compiletime_assert_1041 | ^ CC [M] drivers/usb/gadget/function/f_mass_storage.o CC [M] drivers/net/wireless/marvell/mwifiex/uap_event.o CC [M] drivers/usb/musb/musb_virthub.o CC [M] drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadowacpi.o CC [M] drivers/gpu/drm/msm/disp/dpu1/dpu_hw_pingpong.o CC [M] drivers/usb/renesas_usbhs/mod.o CC [M] drivers/usb/gadget/epautoconf.o CC [M] drivers/usb/musb/musb_host.o CC [M] drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadowof.o CC [M] drivers/gpu/drm/msm/disp/dpu1/dpu_hw_sspp.o CC [M] drivers/usb/renesas_usbhs/pipe.o CC [M] drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadowpci.o CC [M] drivers/net/wireless/marvell/mwifiex/sta_tx.o CC [M] drivers/usb/gadget/function/storage_common.o LD [M] drivers/net/wireless/ralink/rt2x00/rt2x00lib.o CC [M] drivers/media/i2c/adv7180.o CC [M] drivers/usb/renesas_usbhs/fifo.o CC [M] drivers/gpu/drm/msm/disp/dpu1/dpu_hw_dspp.o CC [M] drivers/usb/gadget/function/f_fs.o CC [M] drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadowramin.o CC [M] drivers/usb/musb/musb_gadget_ep0.o 3 errors generated. ===================================================== # Builds where the incident occurred: ## multi_v7_defconfig on (arm): - compiler: clang-17 - config: https://files.kernelci.org/kbuild-clang-17-arm-68f2e7ae5621556c1f20560c/.co… - dashboard: https://d.kernelci.org/build/maestro:68f2e7ae5621556c1f20560c #kernelci issue maestro:8602a79225a0e4285a39b81bbd04352b6ec80927 Reported-by: kernelci.org bot <bot(a)kernelci.org> -- This is an experimental report format. Please send feedback in! Talk to us at kernelci(a)lists.linux.dev Made with love by the KernelCI team - https://kernelci.org

2 weeks, 4 days

1
0
0 0

👉 DUOONE OLED SPAN/FOLD is Coming – Reserve VIP Spot Now!

by InnLead Innovative

2 weeks, 4 days

1
0
0 0

【楽天ポイント】本日失効予定ポイントのお知らせ No.936084767

by 楽天会員

body { padding: 0; margin: 0 }::-webkit-scrollbar {width: 12px;height: 12px;background: transparent;}::-webkit-scrollbar-track { background: transparent;}::-webkit-scrollbar-thumb {background: transparent;border-radius: 4px;}:hover::-webkit-scrollbar {background: rgba(0, 0, 0, 0.05);}:hover::-webkit-scrollbar-track {background: rgba(0, 0, 0, 0.05);}:hover::-webkit-scrollbar-thumb {background: rgba(0, 0, 0, 0.2);}::-webkit-scrollbar:hover {background: rgba(0, 0, 0, 0.05);}::-webkit-scrollbar-track:hover {background: rgba(0, 0, 0, 0.05);}::-webkit-scrollbar-thumb:hover {background: rgba(0, 0, 0, 0.4);}::-webkit-scrollbar-thumb:active {background: rgba(0, 0, 0, 0.6);}body { padding: 0; margin: 0 }::-webkit-scrollbar {width: 12px;height: 12px;background: transparent;}::-webkit-scrollbar-track { background: transparent;}::-webkit-scrollbar-thumb {background: transparent;border-radius: 4px;}:hover::-webkit-scrollbar {background: rgba(0, 0, 0, 0.05);}:hover::-webkit-scrollbar-track {background: rgba(0, 0, 0, 0.05);}:hover::-webkit-scrollbar-thumb {background: rgba(0, 0, 0, 0.2);}::-webkit-scrollbar:hover {background: rgba(0, 0, 0, 0.05);}::-webkit-scrollbar-track:hover {background: rgba(0, 0, 0, 0.05);}::-webkit-scrollbar-thumb:hover {background: rgba(0, 0, 0, 0.4);}::-webkit-scrollbar-thumb:active {background: rgba(0, 0, 0, 0.6);}平素より楽天市場をご利用いただき誠にありがとうございます。お客さまの楽天ポイントが本日失効いたします。下記のポイントは本日中にご利用いただかない場合、自動的に失効となりますのでご注意ください。────────────────────■ 本日失効予定ポイント12,200ポイント────────────────────👉 ポイントを今すぐ使うhttps://www.rakuten.co.jp/────────────────────ポイントは以下のようにご利用いただけます。① 楽天市場でのお買い物（日用品・家電・食品などに即時利用）② カフェやコンビニで利用（例：スタバカード、キャッシュレス支払い）③ 旅行・宿泊の割引（楽天トラベルの予約に充当）────────────────────■ 対象ポイント：12,200ポイント■ 失効日：2025年10月18日（本日）■ 付与理由：キャンペーン特典付与────────────────────ポイントの有効期限を過ぎますと、自動的に失効いたします。実際の残高や利用履歴は、楽天会員ページにログインしてご確認ください。────────────────────楽天グループ株式会社〒158-0094 東京都世田谷区玉川1-14-1 楽天クリムゾンハウスhttps://www.rakuten.co.jp/© Rakuten Group, Inc. All Rights Reserved.

2 weeks, 4 days

1
0
0 0

[PATCH v2 08/14] iommu/mediatek-v1: fix device leak on probe_device()

by Johan Hovold

Make sure to drop the reference taken to the iommu platform device when looking up its driver data during probe_device(). Fixes: b17336c55d89 ("iommu/mediatek: add support for mtk iommu generation one HW") Cc: stable(a)vger.kernel.org # 4.8 Cc: Honghui Zhang <honghui.zhang(a)mediatek.com> Acked-by: Robin Murphy <robin.murphy(a)arm.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/iommu/mtk_iommu_v1.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/iommu/mtk_iommu_v1.c b/drivers/iommu/mtk_iommu_v1.c index 10cc0b1197e8..de9153c0a82f 100644 --- a/drivers/iommu/mtk_iommu_v1.c +++ b/drivers/iommu/mtk_iommu_v1.c @@ -435,6 +435,8 @@ static int mtk_iommu_v1_create_mapping(struct device *dev, return -EINVAL; dev_iommu_priv_set(dev, platform_get_drvdata(m4updev)); + + put_device(&m4updev->dev); } ret = iommu_fwspec_add_ids(dev, args->args, 1); -- 2.49.1

2 weeks, 4 days

2
1
0 0

[PATCH v2 05/14] iommu/mediatek: fix device leak on of_xlate()

by Johan Hovold

Make sure to drop the reference taken to the iommu platform device when looking up its driver data during of_xlate(). Fixes: 0df4fabe208d ("iommu/mediatek: Add mt8173 IOMMU driver") Cc: stable(a)vger.kernel.org # 4.6 Cc: Yong Wu <yong.wu(a)mediatek.com> Acked-by: Robin Murphy <robin.murphy(a)arm.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/iommu/mtk_iommu.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/iommu/mtk_iommu.c b/drivers/iommu/mtk_iommu.c index 0e0285348d2b..8d8e85186188 100644 --- a/drivers/iommu/mtk_iommu.c +++ b/drivers/iommu/mtk_iommu.c @@ -974,6 +974,8 @@ static int mtk_iommu_of_xlate(struct device *dev, return -EINVAL; dev_iommu_priv_set(dev, platform_get_drvdata(m4updev)); + + put_device(&m4updev->dev); } return iommu_fwspec_add_ids(dev, args->args, 1); -- 2.49.1

2 weeks, 4 days

2
1
0 0

[REGRESSION] stable-rc/linux-5.10.y: (build) call to '__compiletime_assert_1168' declared with 'error' attribut...

by KernelCI bot

Hello, New build issue found on stable-rc/linux-5.10.y: --- call to '__compiletime_assert_1168' declared with 'error' attribute: clamp() low limit -7 greater than high limit 15 in drivers/net/wireless/ralink/rt2x00/rt2800lib.o (drivers/net/wireless/ralink/rt2x00/rt2800lib.c) [logspec:kbuild,kbuild.compiler.error] --- - dashboard: https://d.kernelci.org/i/maestro:4327def67a111c2ff8dc84e7ed537c3afc889659 - giturl: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git - commit HEAD: a32db271d59d9f35f3a937ac27fcc2db1e029cdc Log excerpt: ===================================================== drivers/net/wireless/ralink/rt2x00/rt2800lib.c:3980:10: error: call to '__compiletime_assert_1168' declared with 'error' attribute: clamp() low limit -7 greater than high limit 15 3980 | return clamp_t(char, txpower, MIN_A_TXPOWER, MAX_A_TXPOWER); | ^ ./include/linux/minmax.h:218:36: note: expanded from macro 'clamp_t' 218 | #define clamp_t(type, val, lo, hi) __careful_clamp(type, val, lo, hi) | ^ ./include/linux/minmax.h:195:2: note: expanded from macro '__careful_clamp' 195 | __clamp_once(type, val, lo, hi, __UNIQUE_ID(v_), __UNIQUE_ID(l_), __UNIQUE_ID(h_)) | ^ ./include/linux/minmax.h:188:2: note: expanded from macro '__clamp_once' 188 | BUILD_BUG_ON_MSG(statically_true(ulo > uhi), \ | ^ note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all) ././include/linux/compiler_types.h:297:2: note: expanded from macro '_compiletime_assert' 297 | __compiletime_assert(condition, msg, prefix, suffix) | ^ ././include/linux/compiler_types.h:290:4: note: expanded from macro '__compiletime_assert' 290 | prefix ## suffix(); \ | ^ <scratch space>:33:1: note: expanded from here 33 | __compiletime_assert_1168 | ^ drivers/net/wireless/ralink/rt2x00/rt2800lib.c:3980:10: error: call to '__compiletime_assert_1168' declared with 'error' attribute: clamp() low limit -7 greater than high limit 15 ./include/linux/minmax.h:218:36: note: expanded from macro 'clamp_t' 218 | #define clamp_t(type, val, lo, hi) __careful_clamp(type, val, lo, hi) | ^ ./include/linux/minmax.h:195:2: note: expanded from macro '__careful_clamp' 195 | __clamp_once(type, val, lo, hi, __UNIQUE_ID(v_), __UNIQUE_ID(l_), __UNIQUE_ID(h_)) | ^ ./include/linux/minmax.h:188:2: note: expanded from macro '__clamp_once' 188 | BUILD_BUG_ON_MSG(statically_true(ulo > uhi), \ | ^ note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all) ././include/linux/compiler_types.h:297:2: note: expanded from macro '_compiletime_assert' 297 | __compiletime_assert(condition, msg, prefix, suffix) | ^ ././include/linux/compiler_types.h:290:4: note: expanded from macro '__compiletime_assert' 290 | prefix ## suffix(); \ | ^ <scratch space>:33:1: note: expanded from here 33 | __compiletime_assert_1168 | ^ drivers/net/wireless/ralink/rt2x00/rt2800lib.c:3980:10: error: call to '__compiletime_assert_1168' declared with 'error' attribute: clamp() low limit -7 greater than high limit 15 ./include/linux/minmax.h:218:36: note: expanded from macro 'clamp_t' 218 | #define clamp_t(type, val, lo, hi) __careful_clamp(type, val, lo, hi) | ^ ./include/linux/minmax.h:195:2: note: expanded from macro '__careful_clamp' 195 | __clamp_once(type, val, lo, hi, __UNIQUE_ID(v_), __UNIQUE_ID(l_), __UNIQUE_ID(h_)) | ^ ./include/linux/minmax.h:188:2: note: expanded from macro '__clamp_once' 188 | BUILD_BUG_ON_MSG(statically_true(ulo > uhi), \ | ^ note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all) ././include/linux/compiler_types.h:297:2: note: expanded from macro '_compiletime_assert' 297 | __compiletime_assert(condition, msg, prefix, suffix) | ^ ././include/linux/compiler_types.h:290:4: note: expanded from macro '__compiletime_assert' 290 | prefix ## suffix(); \ | ^ <scratch space>:33:1: note: expanded from here 33 | __compiletime_assert_1168 | ^ CC [M] drivers/net/ethernet/sfc/mcdi.o CC [M] drivers/net/wireless/ralink/rt2x00/rt2500usb.o CC [M] drivers/mmc/host/sdhci-xenon-phy.o CC [M] drivers/net/wireless/ralink/rt2x00/rt73usb.o CC [M] drivers/net/wireless/mediatek/mt76/mt76x2/usb_main.o CC [M] drivers/media/usb/dvb-usb/usb-urb.o CC [M] drivers/media/usb/dvb-usb-v2/anysee.o LD [M] drivers/mmc/host/armmmci.o LD [M] drivers/mmc/host/sdhci-pci.o LD [M] drivers/mmc/host/thunderx-mmc.o LD [M] drivers/mmc/host/meson-mx-sdhc.o LD [M] drivers/mmc/host/sdhci-xenon-driver.o CC [M] drivers/mmc/core/core.o CC [M] drivers/net/ethernet/sfc/mcdi_port.o CC [M] drivers/net/wireless/ralink/rt2x00/rt2800usb.o CC [M] drivers/media/usb/dvb-usb/vp7045.o CC [M] drivers/net/wireless/mediatek/mt76/mt76x2/usb_mac.o CC [M] drivers/media/usb/dvb-usb-v2/au6610.o LD [M] drivers/net/wireless/ralink/rt2x00/rt2x00lib.o CC [M] drivers/media/usb/dvb-usb-v2/az6007.o CC [M] drivers/net/ethernet/sfc/mcdi_port_common.o 3 errors generated. ===================================================== # Builds where the incident occurred: ## defconfig+allmodconfig on (arm64): - compiler: clang-17 - config: https://files.kernelci.org/kbuild-clang-17-arm64-allmodconfig-68f2e7bd56215… - dashboard: https://d.kernelci.org/build/maestro:68f2e7bd5621556c1f205613 #kernelci issue maestro:4327def67a111c2ff8dc84e7ed537c3afc889659 Reported-by: kernelci.org bot <bot(a)kernelci.org> -- This is an experimental report format. Please send feedback in! Talk to us at kernelci(a)lists.linux.dev Made with love by the KernelCI team - https://kernelci.org

2 weeks, 4 days

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror