- Linux-stable-mirror - lists.linaro.org

+ mm-damon-core-fix-damos_commit_filter-not-changing-allow.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/damon/core: fix damos_commit_filter not changing allow has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-damon-core-fix-damos_commit_filter-not-changing-allow.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Sang-Heon Jeon <ekffu200098(a)gmail.com> Subject: mm/damon/core: fix damos_commit_filter not changing allow Date: Sat, 16 Aug 2025 10:51:16 +0900 Current damos_commit_filter() does not persist the `allow' value of the filter. As a result, changing the `allow' value of a filter and committing doesn't change the `allow' value. Add the missing `allow' value update, so committing the filter persistently changes the `allow' value well. Link: https://lkml.kernel.org/r/20250816015116.194589-1-ekffu200098@gmail.com Fixes: fe6d7fdd6249 ("mm/damon/core: add damos_filter->allow field") Signed-off-by: Sang-Heon Jeon <ekffu200098(a)gmail.com> Reviewed-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> [6.14.x] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/damon/core.c | 1 + 1 file changed, 1 insertion(+) --- a/mm/damon/core.c~mm-damon-core-fix-damos_commit_filter-not-changing-allow +++ a/mm/damon/core.c @@ -883,6 +883,7 @@ static void damos_commit_filter( { dst->type = src->type; dst->matching = src->matching; + dst->allow = src->allow; damos_commit_filter_arg(dst, src); } _ Patches currently in -mm which might be from ekffu200098(a)gmail.com are mm-damon-core-fix-commit_ops_filters-by-using-correct-nth-function.patch selftests-damon-fix-selftests-by-installing-drgn-related-script.patch mm-damon-core-fix-damos_commit_filter-not-changing-allow.patch mm-damon-update-expired-description-of-damos_action.patch docs-mm-damon-design-fix-typo-s-sz_trtied-sz_tried.patch selftests-damon-test-no-op-commit-broke-damon-status.patch

1 month

1
0
0 0

[PATCH v2] staging: axis-fifo: fix maximum TX packet length check

by Ovidiu Panait

Since commit 2ca34b508774 ("staging: axis-fifo: Correct handling of tx_fifo_depth for size validation"), write() operations with packets larger than 'tx_fifo_depth - 4' words are no longer rejected with -EINVAL. Fortunately, the packets are not actually getting transmitted to hardware, otherwise they would be raising a 'Transmit Packet Overrun Error' interrupt, which requires a reset of the TX circuit to recover from. Instead, the request times out inside wait_event_interruptible_timeout() and always returns -EAGAIN, since the wake up condition can never be true for these packets. But still, they unnecessarily block other tasks from writing to the FIFO and the EAGAIN return code signals userspace to retry the write() call, even though it will always fail and time out. According to the AXI4-Stream FIFO reference manual (PG080), the maximum valid packet length is 'tx_fifo_depth - 4' words, so attempting to send larger packets is invalid and should not be happening in the first place: > The maximum packet that can be transmitted is limited by the size of > the FIFO, which is (C_TX_FIFO_DEPTH–4)*(data interface width/8) bytes. Therefore, bring back the old behavior and outright reject packets larger than 'tx_fifo_depth - 4' with -EINVAL. Add a comment to explain why the check is necessary. The dev_err() message was removed to avoid cluttering the dmesg log if an invalid packet is received from userspace. Fixes: 2ca34b508774 ("staging: axis-fifo: Correct handling of tx_fifo_depth for size validation") Cc: stable(a)vger.kernel.org Signed-off-by: Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> --- Changes in v2: - added "cc: stable" tag drivers/staging/axis-fifo/axis-fifo.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/drivers/staging/axis-fifo/axis-fifo.c b/drivers/staging/axis-fifo/axis-fifo.c index e8aa632e0a31..271236ad023f 100644 --- a/drivers/staging/axis-fifo/axis-fifo.c +++ b/drivers/staging/axis-fifo/axis-fifo.c @@ -325,11 +325,17 @@ static ssize_t axis_fifo_write(struct file *f, const char __user *buf, return -EINVAL; } - if (words_to_write > fifo->tx_fifo_depth) { - dev_err(fifo->dt_device, "tried to write more words [%u] than slots in the fifo buffer [%u]\n", - words_to_write, fifo->tx_fifo_depth); + /* + * In 'Store-and-Forward' mode, the maximum packet that can be + * transmitted is limited by the size of the FIFO, which is + * (C_TX_FIFO_DEPTH–4)*(data interface width/8) bytes. + * + * Do not attempt to send a packet larger than 'tx_fifo_depth - 4', + * otherwise a 'Transmit Packet Overrun Error' interrupt will be + * raised, which requires a reset of the TX circuit to recover. + */ + if (words_to_write > (fifo->tx_fifo_depth - 4)) return -EINVAL; - } if (fifo->write_flags & O_NONBLOCK) { /* -- 2.50.0

1 month

1
0
0 0

FAILED: patch "[PATCH] smb: client: let send_done() cleanup before calling" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 5349ae5e05fa37409fd48a1eb483b199c32c889b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081755-subdivide-astound-6aef@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5349ae5e05fa37409fd48a1eb483b199c32c889b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher <metze(a)samba.org> Date: Mon, 4 Aug 2025 14:10:12 +0200 Subject: [PATCH] smb: client: let send_done() cleanup before calling smbd_disconnect_rdma_connection() We should call ib_dma_unmap_single() and mempool_free() before calling smbd_disconnect_rdma_connection(). And smbd_disconnect_rdma_connection() needs to be the last function to call as all other state might already be gone after it returns. Cc: Steve French <smfrench(a)gmail.com> Cc: Tom Talpey <tom(a)talpey.com> Cc: Long Li <longli(a)microsoft.com> Cc: linux-cifs(a)vger.kernel.org Cc: samba-technical(a)lists.samba.org Fixes: f198186aa9bb ("CIFS: SMBD: Establish SMB Direct connection") Signed-off-by: Stefan Metzmacher <metze(a)samba.org> Signed-off-by: Steve French <stfrench(a)microsoft.com> diff --git a/fs/smb/client/smbdirect.c b/fs/smb/client/smbdirect.c index 754e94a0e07f..e99e783f1b0e 100644 --- a/fs/smb/client/smbdirect.c +++ b/fs/smb/client/smbdirect.c @@ -281,18 +281,20 @@ static void send_done(struct ib_cq *cq, struct ib_wc *wc) log_rdma_send(INFO, "smbd_request 0x%p completed wc->status=%d\n", request, wc->status); - if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) { - log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n", - wc->status, wc->opcode); - smbd_disconnect_rdma_connection(request->info); - } - for (i = 0; i < request->num_sge; i++) ib_dma_unmap_single(sc->ib.dev, request->sge[i].addr, request->sge[i].length, DMA_TO_DEVICE); + if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) { + log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n", + wc->status, wc->opcode); + mempool_free(request, info->request_mempool); + smbd_disconnect_rdma_connection(info); + return; + } + if (atomic_dec_and_test(&request->info->send_pending)) wake_up(&request->info->wait_send_pending);

1 month

2
1
0 0

FAILED: patch "[PATCH] smb: client: let send_done() cleanup before calling" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 5349ae5e05fa37409fd48a1eb483b199c32c889b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081757-moonwalk-backpedal-fe00@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5349ae5e05fa37409fd48a1eb483b199c32c889b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher <metze(a)samba.org> Date: Mon, 4 Aug 2025 14:10:12 +0200 Subject: [PATCH] smb: client: let send_done() cleanup before calling smbd_disconnect_rdma_connection() We should call ib_dma_unmap_single() and mempool_free() before calling smbd_disconnect_rdma_connection(). And smbd_disconnect_rdma_connection() needs to be the last function to call as all other state might already be gone after it returns. Cc: Steve French <smfrench(a)gmail.com> Cc: Tom Talpey <tom(a)talpey.com> Cc: Long Li <longli(a)microsoft.com> Cc: linux-cifs(a)vger.kernel.org Cc: samba-technical(a)lists.samba.org Fixes: f198186aa9bb ("CIFS: SMBD: Establish SMB Direct connection") Signed-off-by: Stefan Metzmacher <metze(a)samba.org> Signed-off-by: Steve French <stfrench(a)microsoft.com> diff --git a/fs/smb/client/smbdirect.c b/fs/smb/client/smbdirect.c index 754e94a0e07f..e99e783f1b0e 100644 --- a/fs/smb/client/smbdirect.c +++ b/fs/smb/client/smbdirect.c @@ -281,18 +281,20 @@ static void send_done(struct ib_cq *cq, struct ib_wc *wc) log_rdma_send(INFO, "smbd_request 0x%p completed wc->status=%d\n", request, wc->status); - if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) { - log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n", - wc->status, wc->opcode); - smbd_disconnect_rdma_connection(request->info); - } - for (i = 0; i < request->num_sge; i++) ib_dma_unmap_single(sc->ib.dev, request->sge[i].addr, request->sge[i].length, DMA_TO_DEVICE); + if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) { + log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n", + wc->status, wc->opcode); + mempool_free(request, info->request_mempool); + smbd_disconnect_rdma_connection(info); + return; + } + if (atomic_dec_and_test(&request->info->send_pending)) wake_up(&request->info->wait_send_pending);

1 month

2
1
0 0

FAILED: patch "[PATCH] smb: client: let send_done() cleanup before calling" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 5349ae5e05fa37409fd48a1eb483b199c32c889b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081753-revolver-radiated-4b75@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5349ae5e05fa37409fd48a1eb483b199c32c889b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher <metze(a)samba.org> Date: Mon, 4 Aug 2025 14:10:12 +0200 Subject: [PATCH] smb: client: let send_done() cleanup before calling smbd_disconnect_rdma_connection() We should call ib_dma_unmap_single() and mempool_free() before calling smbd_disconnect_rdma_connection(). And smbd_disconnect_rdma_connection() needs to be the last function to call as all other state might already be gone after it returns. Cc: Steve French <smfrench(a)gmail.com> Cc: Tom Talpey <tom(a)talpey.com> Cc: Long Li <longli(a)microsoft.com> Cc: linux-cifs(a)vger.kernel.org Cc: samba-technical(a)lists.samba.org Fixes: f198186aa9bb ("CIFS: SMBD: Establish SMB Direct connection") Signed-off-by: Stefan Metzmacher <metze(a)samba.org> Signed-off-by: Steve French <stfrench(a)microsoft.com> diff --git a/fs/smb/client/smbdirect.c b/fs/smb/client/smbdirect.c index 754e94a0e07f..e99e783f1b0e 100644 --- a/fs/smb/client/smbdirect.c +++ b/fs/smb/client/smbdirect.c @@ -281,18 +281,20 @@ static void send_done(struct ib_cq *cq, struct ib_wc *wc) log_rdma_send(INFO, "smbd_request 0x%p completed wc->status=%d\n", request, wc->status); - if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) { - log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n", - wc->status, wc->opcode); - smbd_disconnect_rdma_connection(request->info); - } - for (i = 0; i < request->num_sge; i++) ib_dma_unmap_single(sc->ib.dev, request->sge[i].addr, request->sge[i].length, DMA_TO_DEVICE); + if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) { + log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n", + wc->status, wc->opcode); + mempool_free(request, info->request_mempool); + smbd_disconnect_rdma_connection(info); + return; + } + if (atomic_dec_and_test(&request->info->send_pending)) wake_up(&request->info->wait_send_pending);

1 month

2
1
0 0

FAILED: patch "[PATCH] smb: client: let send_done() cleanup before calling" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 5349ae5e05fa37409fd48a1eb483b199c32c889b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081751-drench-clammy-f8dd@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5349ae5e05fa37409fd48a1eb483b199c32c889b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher <metze(a)samba.org> Date: Mon, 4 Aug 2025 14:10:12 +0200 Subject: [PATCH] smb: client: let send_done() cleanup before calling smbd_disconnect_rdma_connection() We should call ib_dma_unmap_single() and mempool_free() before calling smbd_disconnect_rdma_connection(). And smbd_disconnect_rdma_connection() needs to be the last function to call as all other state might already be gone after it returns. Cc: Steve French <smfrench(a)gmail.com> Cc: Tom Talpey <tom(a)talpey.com> Cc: Long Li <longli(a)microsoft.com> Cc: linux-cifs(a)vger.kernel.org Cc: samba-technical(a)lists.samba.org Fixes: f198186aa9bb ("CIFS: SMBD: Establish SMB Direct connection") Signed-off-by: Stefan Metzmacher <metze(a)samba.org> Signed-off-by: Steve French <stfrench(a)microsoft.com> diff --git a/fs/smb/client/smbdirect.c b/fs/smb/client/smbdirect.c index 754e94a0e07f..e99e783f1b0e 100644 --- a/fs/smb/client/smbdirect.c +++ b/fs/smb/client/smbdirect.c @@ -281,18 +281,20 @@ static void send_done(struct ib_cq *cq, struct ib_wc *wc) log_rdma_send(INFO, "smbd_request 0x%p completed wc->status=%d\n", request, wc->status); - if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) { - log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n", - wc->status, wc->opcode); - smbd_disconnect_rdma_connection(request->info); - } - for (i = 0; i < request->num_sge; i++) ib_dma_unmap_single(sc->ib.dev, request->sge[i].addr, request->sge[i].length, DMA_TO_DEVICE); + if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) { + log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n", + wc->status, wc->opcode); + mempool_free(request, info->request_mempool); + smbd_disconnect_rdma_connection(info); + return; + } + if (atomic_dec_and_test(&request->info->send_pending)) wake_up(&request->info->wait_send_pending);

1 month

2
1
0 0

FAILED: patch "[PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081513-doorpost-truck-2a5e@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a Mon Sep 17 00:00:00 2001 From: Lukas Wunner <lukas(a)wunner.de> Date: Sun, 13 Jul 2025 16:31:01 +0200 Subject: [PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports pci_bridge_d3_possible() is called from both pcie_portdrv_probe() and pcie_portdrv_remove() to determine whether runtime power management shall be enabled (on probe) or disabled (on remove) on a PCIe port. The underlying assumption is that pci_bridge_d3_possible() always returns the same value, else a runtime PM reference imbalance would occur. That assumption is not given if the PCIe port is inaccessible on remove due to hot-unplug: pci_bridge_d3_possible() calls pciehp_is_native(), which accesses Config Space to determine whether the port is Hot-Plug Capable. An inaccessible port returns "all ones", which is converted to "all zeroes" by pcie_capability_read_dword(). Hence the port no longer seems Hot-Plug Capable on remove even though it was on probe. The resulting runtime PM ref imbalance causes warning messages such as: pcieport 0000:02:04.0: Runtime PM usage count underflow! Avoid the Config Space access (and thus the runtime PM ref imbalance) by caching the Hot-Plug Capable bit in struct pci_dev. The struct already contains an "is_hotplug_bridge" flag, which however is not only set on Hot-Plug Capable PCIe ports, but also Conventional PCI Hot-Plug bridges and ACPI slots. The flag identifies bridges which are allocated additional MMIO and bus number resources to allow for hierarchy expansion. The kernel is somewhat sloppily using "is_hotplug_bridge" in a number of places to identify Hot-Plug Capable PCIe ports, even though the flag encompasses other devices. Subsequent commits replace these occurrences with the new flag to clearly delineate Hot-Plug Capable PCIe ports from other kinds of hotplug bridges. Document the existing "is_hotplug_bridge" and the new "is_pciehp" flag and document the (non-obvious) requirement that pci_bridge_d3_possible() always returns the same value across the entire lifetime of a bridge, including its hot-removal. Fixes: 5352a44a561d ("PCI: pciehp: Make pciehp_is_native() stricter") Reported-by: Laurent Bigonville <bigon(a)bigon.be> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220216 Reported-by: Mario Limonciello <mario.limonciello(a)amd.com> Closes: https://lore.kernel.org/r/20250609020223.269407-3-superm1@kernel.org/ Link: https://lore.kernel.org/all/20250620025535.3425049-3-superm1@kernel.org/T/#u Signed-off-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com> Acked-by: Rafael J. Wysocki <rafael(a)kernel.org> Cc: stable(a)vger.kernel.org # v4.18+ Link: https://patch.msgid.link/fe5dcc3b2e62ee1df7905d746bde161eb1b3291c.175239010… diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c index b78e0e417324..efe478e5073e 100644 --- a/drivers/pci/pci-acpi.c +++ b/drivers/pci/pci-acpi.c @@ -816,13 +816,11 @@ int pci_acpi_program_hp_params(struct pci_dev *dev) bool pciehp_is_native(struct pci_dev *bridge) { const struct pci_host_bridge *host; - u32 slot_cap; if (!IS_ENABLED(CONFIG_HOTPLUG_PCI_PCIE)) return false; - pcie_capability_read_dword(bridge, PCI_EXP_SLTCAP, &slot_cap); - if (!(slot_cap & PCI_EXP_SLTCAP_HPC)) + if (!bridge->is_pciehp) return false; if (pcie_ports_native) diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c index e9448d55113b..23d8fe98ddf9 100644 --- a/drivers/pci/pci.c +++ b/drivers/pci/pci.c @@ -3030,8 +3030,12 @@ static const struct dmi_system_id bridge_d3_blacklist[] = { * pci_bridge_d3_possible - Is it possible to put the bridge into D3 * @bridge: Bridge to check * - * This function checks if it is possible to move the bridge to D3. * Currently we only allow D3 for some PCIe ports and for Thunderbolt. + * + * Return: Whether it is possible to move the bridge to D3. + * + * The return value is guaranteed to be constant across the entire lifetime + * of the bridge, including its hot-removal. */ bool pci_bridge_d3_possible(struct pci_dev *bridge) { diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c index 4b8693ec9e4c..cf50be63bf5f 100644 --- a/drivers/pci/probe.c +++ b/drivers/pci/probe.c @@ -1678,7 +1678,7 @@ void set_pcie_hotplug_bridge(struct pci_dev *pdev) pcie_capability_read_dword(pdev, PCI_EXP_SLTCAP, &reg32); if (reg32 & PCI_EXP_SLTCAP_HPC) - pdev->is_hotplug_bridge = 1; + pdev->is_hotplug_bridge = pdev->is_pciehp = 1; } static void set_pcie_thunderbolt(struct pci_dev *dev) diff --git a/include/linux/pci.h b/include/linux/pci.h index 05e68f35f392..d56d0dd80afb 100644 --- a/include/linux/pci.h +++ b/include/linux/pci.h @@ -328,6 +328,11 @@ struct rcec_ea; * determined (e.g., for Root Complex Integrated * Endpoints without the relevant Capability * Registers). + * @is_hotplug_bridge: Hotplug bridge of any kind (e.g. PCIe Hot-Plug Capable, + * Conventional PCI Hot-Plug, ACPI slot). + * Such bridges are allocated additional MMIO and bus + * number resources to allow for hierarchy expansion. + * @is_pciehp: PCIe Hot-Plug Capable bridge. */ struct pci_dev { struct list_head bus_list; /* Node in per-bus list */ @@ -451,6 +456,7 @@ struct pci_dev { unsigned int is_physfn:1; unsigned int is_virtfn:1; unsigned int is_hotplug_bridge:1; + unsigned int is_pciehp:1; unsigned int shpc_managed:1; /* SHPC owned by shpchp */ unsigned int is_thunderbolt:1; /* Thunderbolt controller */ /*

1 month

2
1
0 0

FAILED: patch "[PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081512-refresh-safely-eef5@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a Mon Sep 17 00:00:00 2001 From: Lukas Wunner <lukas(a)wunner.de> Date: Sun, 13 Jul 2025 16:31:01 +0200 Subject: [PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports pci_bridge_d3_possible() is called from both pcie_portdrv_probe() and pcie_portdrv_remove() to determine whether runtime power management shall be enabled (on probe) or disabled (on remove) on a PCIe port. The underlying assumption is that pci_bridge_d3_possible() always returns the same value, else a runtime PM reference imbalance would occur. That assumption is not given if the PCIe port is inaccessible on remove due to hot-unplug: pci_bridge_d3_possible() calls pciehp_is_native(), which accesses Config Space to determine whether the port is Hot-Plug Capable. An inaccessible port returns "all ones", which is converted to "all zeroes" by pcie_capability_read_dword(). Hence the port no longer seems Hot-Plug Capable on remove even though it was on probe. The resulting runtime PM ref imbalance causes warning messages such as: pcieport 0000:02:04.0: Runtime PM usage count underflow! Avoid the Config Space access (and thus the runtime PM ref imbalance) by caching the Hot-Plug Capable bit in struct pci_dev. The struct already contains an "is_hotplug_bridge" flag, which however is not only set on Hot-Plug Capable PCIe ports, but also Conventional PCI Hot-Plug bridges and ACPI slots. The flag identifies bridges which are allocated additional MMIO and bus number resources to allow for hierarchy expansion. The kernel is somewhat sloppily using "is_hotplug_bridge" in a number of places to identify Hot-Plug Capable PCIe ports, even though the flag encompasses other devices. Subsequent commits replace these occurrences with the new flag to clearly delineate Hot-Plug Capable PCIe ports from other kinds of hotplug bridges. Document the existing "is_hotplug_bridge" and the new "is_pciehp" flag and document the (non-obvious) requirement that pci_bridge_d3_possible() always returns the same value across the entire lifetime of a bridge, including its hot-removal. Fixes: 5352a44a561d ("PCI: pciehp: Make pciehp_is_native() stricter") Reported-by: Laurent Bigonville <bigon(a)bigon.be> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220216 Reported-by: Mario Limonciello <mario.limonciello(a)amd.com> Closes: https://lore.kernel.org/r/20250609020223.269407-3-superm1@kernel.org/ Link: https://lore.kernel.org/all/20250620025535.3425049-3-superm1@kernel.org/T/#u Signed-off-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com> Acked-by: Rafael J. Wysocki <rafael(a)kernel.org> Cc: stable(a)vger.kernel.org # v4.18+ Link: https://patch.msgid.link/fe5dcc3b2e62ee1df7905d746bde161eb1b3291c.175239010… diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c index b78e0e417324..efe478e5073e 100644 --- a/drivers/pci/pci-acpi.c +++ b/drivers/pci/pci-acpi.c @@ -816,13 +816,11 @@ int pci_acpi_program_hp_params(struct pci_dev *dev) bool pciehp_is_native(struct pci_dev *bridge) { const struct pci_host_bridge *host; - u32 slot_cap; if (!IS_ENABLED(CONFIG_HOTPLUG_PCI_PCIE)) return false; - pcie_capability_read_dword(bridge, PCI_EXP_SLTCAP, &slot_cap); - if (!(slot_cap & PCI_EXP_SLTCAP_HPC)) + if (!bridge->is_pciehp) return false; if (pcie_ports_native) diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c index e9448d55113b..23d8fe98ddf9 100644 --- a/drivers/pci/pci.c +++ b/drivers/pci/pci.c @@ -3030,8 +3030,12 @@ static const struct dmi_system_id bridge_d3_blacklist[] = { * pci_bridge_d3_possible - Is it possible to put the bridge into D3 * @bridge: Bridge to check * - * This function checks if it is possible to move the bridge to D3. * Currently we only allow D3 for some PCIe ports and for Thunderbolt. + * + * Return: Whether it is possible to move the bridge to D3. + * + * The return value is guaranteed to be constant across the entire lifetime + * of the bridge, including its hot-removal. */ bool pci_bridge_d3_possible(struct pci_dev *bridge) { diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c index 4b8693ec9e4c..cf50be63bf5f 100644 --- a/drivers/pci/probe.c +++ b/drivers/pci/probe.c @@ -1678,7 +1678,7 @@ void set_pcie_hotplug_bridge(struct pci_dev *pdev) pcie_capability_read_dword(pdev, PCI_EXP_SLTCAP, &reg32); if (reg32 & PCI_EXP_SLTCAP_HPC) - pdev->is_hotplug_bridge = 1; + pdev->is_hotplug_bridge = pdev->is_pciehp = 1; } static void set_pcie_thunderbolt(struct pci_dev *dev) diff --git a/include/linux/pci.h b/include/linux/pci.h index 05e68f35f392..d56d0dd80afb 100644 --- a/include/linux/pci.h +++ b/include/linux/pci.h @@ -328,6 +328,11 @@ struct rcec_ea; * determined (e.g., for Root Complex Integrated * Endpoints without the relevant Capability * Registers). + * @is_hotplug_bridge: Hotplug bridge of any kind (e.g. PCIe Hot-Plug Capable, + * Conventional PCI Hot-Plug, ACPI slot). + * Such bridges are allocated additional MMIO and bus + * number resources to allow for hierarchy expansion. + * @is_pciehp: PCIe Hot-Plug Capable bridge. */ struct pci_dev { struct list_head bus_list; /* Node in per-bus list */ @@ -451,6 +456,7 @@ struct pci_dev { unsigned int is_physfn:1; unsigned int is_virtfn:1; unsigned int is_hotplug_bridge:1; + unsigned int is_pciehp:1; unsigned int shpc_managed:1; /* SHPC owned by shpchp */ unsigned int is_thunderbolt:1; /* Thunderbolt controller */ /*

1 month

2
1
0 0

[PATCH 6.16 000/627] 6.16.1-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.16.1 release. There are 627 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 14 Aug 2025 17:32:40 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.16.1-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.16.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.16.1-rc1 Suren Baghdasaryan <surenb(a)google.com> mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped Baochen Qiang <quic_bqiang(a)quicinc.com> wifi: ath12k: install pairwise key first Tao Xue <xuetao09(a)huawei.com> usb: gadget : fix use-after-free in composite_dev_cleanup() Aditya Garg <gargaditya08(a)live.com> HID: apple: avoid setting up battery timer for devices without battery Aditya Garg <gargaditya08(a)live.com> HID: magicmouse: avoid setting up battery timer when not needed Alan Stern <stern(a)rowland.harvard.edu> HID: core: Harden s32ton() against conversion to 0 bits Yuhao Jiang <danisjiang(a)gmail.com> USB: gadget: f_hid: Fix memory leak in hidg_bind error path Qasim Ijaz <qasdev00(a)gmail.com> HID: apple: validate feature-report field count to prevent NULL pointer dereference Julien Massot <julien.massot(a)collabora.com> media: ti: j721e-csi2rx: fix list_del corruption Robin Murphy <robin.murphy(a)arm.com> perf/arm-ni: Set initial IRQ affinity Akash Kumar <quic_akakum(a)quicinc.com> usb: gadget: uvc: Initialize frame-based format color matching descriptor Baolin Wang <baolin.wang(a)linux.alibaba.com> mm: shmem: fix the shmem large folio allocation for the i915 driver Kemeng Shi <shikemeng(a)huaweicloud.com> mm: swap: move nr_swap_pages counter decrement from folio_alloc_swap() to swap_range_alloc() Kemeng Shi <shikemeng(a)huaweicloud.com> mm: swap: fix potential buffer overflow in setup_clusters() Kemeng Shi <shikemeng(a)huaweicloud.com> mm: swap: correctly use maxpages in swapon syscall to avoid potential deadloop Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery Jiaxun Yang <jiaxun.yang(a)flygoat.com> MIPS: mm: tlb-r4k: Uniquify TLB entries on init Gerald Schaefer <gerald.schaefer(a)linux.ibm.com> s390/mm: Remove possible false-positive warning in pte_free_defer() Shin'ichiro Kawasaki <shinichiro.kawasaki(a)wdc.com> zloop: fix KASAN use-after-free of tag set Marc Zyngier <maz(a)kernel.org> KVM: arm64: Filter out HCR_EL2 bits when running in hypervisor context Marc Zyngier <maz(a)kernel.org> KVM: arm64: Check for SYSREGS_ON_CPU before accessing the CPU state Sean Christopherson <seanjc(a)google.com> KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported Sean Christopherson <seanjc(a)google.com> KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag Sean Christopherson <seanjc(a)google.com> KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap Dave Hansen <dave.hansen(a)linux.intel.com> x86/fpu: Delay instruction pointer fixup until after warning Michael J. Ruhl <michael.j.ruhl(a)intel.com> platform/x86/intel/pmt: fix a crashlog NULL pointer access Edip Hazuri <edip(a)medip.dev> ALSA: hda/realtek - Fix mute LED for HP Victus 16-d1xxx (MB 8A26) Edip Hazuri <edip(a)medip.dev> ALSA: hda/realtek - Fix mute LED for HP Victus 16-s0xxx Edip Hazuri <edip(a)medip.dev> ALSA: hda/realtek - Fix mute LED for HP Victus 16-r1xxx Geoffrey D. Bennett <g(a)b4.vu> ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() Thorsten Blum <thorsten.blum(a)linux.dev> ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() Tom Lendacky <thomas.lendacky(a)amd.com> x86/sev: Evict cache lines during SNP memory validation Ammar Faizi <ammarfaizi2(a)gnuweeb.org> net: usbnet: Fix the wrong netif_carrier_on() call John Ernberg <john.ernberg(a)actia.se> net: usbnet: Avoid potential RCU stall on LINK_CHANGE event Zenm Chen <zenmchen(a)gmail.com> Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano Slark Xiao <slark_xiao(a)163.com> USB: serial: option: add Foxconn T99W709 Thorsten Blum <thorsten.blum(a)linux.dev> smb: server: Fix extension string in ksmbd_extract_shortname() Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: limit repeated connections from clients with the same IP Paulo Alcantara <pc(a)manguebit.org> smb: client: default to nonativesocket under POSIX mounts Paulo Alcantara <pc(a)manguebit.org> smb: client: set symlink type as native for POSIX mounts Wang Zhaolong <wangzhaolong(a)huaweicloud.com> smb: client: fix netns refcount leak after net_passive changes Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix corrupted mtime and ctime in smb2_open Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix Preauh_HashValue race condition Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix null pointer dereference error in generate_encryptionkey Budimir Markovic <markovicbudimir(a)gmail.com> vsock: Do not allow binding to VMADDR_PORT_ANY Quang Le <quanglex97(a)gmail.com> net/packet: fix a race in packet_set_ring() and packet_notifier() Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> selftests/perf_events: Add a mmap() correctness test Thomas Gleixner <tglx(a)linutronix.de> perf/core: Prevent VMA split of buffer mappings Thomas Gleixner <tglx(a)linutronix.de> perf/core: Handle buffer mapping fail correctly in perf_mmap() Thomas Gleixner <tglx(a)linutronix.de> perf/core: Exit early on perf_mmap() fail Thomas Gleixner <tglx(a)linutronix.de> perf/core: Don't leak AUX buffer refcount on allocation failure Thomas Gleixner <tglx(a)linutronix.de> perf/core: Preserve AUX buffer allocation failure result Olga Kornievskaia <okorniev(a)redhat.com> sunrpc: fix handling of server side tls alerts NeilBrown <neil(a)brown.name> nfsd: avoid ref leak in nfsd_open_local_fh() Jeff Layton <jlayton(a)kernel.org> nfsd: don't set the ctime on delegated atime updates Zhang Rui <rui.zhang(a)intel.com> tools/power turbostat: Fix DMR support Zhang Rui <rui.zhang(a)intel.com> tools/power turbostat: Fix bogus SysWatt for forked program Stefan Metzmacher <metze(a)samba.org> smb: client: return an error if rdma_connect does not return within 5 seconds Eric Dumazet <edumazet(a)google.com> pptp: fix pptp_xmit() error path Mohamed Khalfella <mkhalfella(a)purestorage.com> nvmet: exit debugfs after discovery subsystem exits Stefan Metzmacher <metze(a)samba.org> smb: client: let recv_done() avoid touching data_transfer after cleanup/move Stefan Metzmacher <metze(a)samba.org> smb: client: let recv_done() cleanup before notifying the callers. Stefan Metzmacher <metze(a)samba.org> smb: client: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already Stefan Metzmacher <metze(a)samba.org> smb: client: remove separate empty_packet_queue Stefan Metzmacher <metze(a)samba.org> smb: client: let send_done() cleanup before calling smbd_disconnect_rdma_connection() Stefan Metzmacher <metze(a)samba.org> smb: server: let recv_done() avoid touching data_transfer after cleanup/move Stefan Metzmacher <metze(a)samba.org> smb: server: let recv_done() consistently call put_recvmsg/smb_direct_disconnect_rdma_connection Stefan Metzmacher <metze(a)samba.org> smb: server: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already Stefan Metzmacher <metze(a)samba.org> smb: server: remove separate empty_recvmsg_queue Mikhail Zaslonko <zaslonko(a)linux.ibm.com> s390/boot: Fix startup debugging log Takashi Iwai <tiwai(a)suse.de> ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() Arnd Bergmann <arnd(a)arndb.de> ASoC: SOF: Intel: hda-sdw-bpt: fix SND_SOF_SOF_HDA_SDW_BPT dependencies Arnd Bergmann <arnd(a)arndb.de> irqchip: Build IMX_MU_MSI only on ARM Meghana Malladi <m-malladi(a)ti.com> net: ti: icssg-prueth: Fix skb handling for XDP_PASS Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS/localio: nfs_uuid_put() fix the wake up after unlinking the file Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS/localio: nfs_uuid_put() fix races with nfs_open/close_local_fh() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS/localio: nfs_close_local_fh() fix check for file closed Mohsin Bashir <mohsin.bashr(a)gmail.com> eth: fbnic: Lock the tx_dropped update Mohsin Bashir <mohsin.bashr(a)gmail.com> eth: fbnic: Fix tx_dropped reporting Jakub Kicinski <kuba(a)kernel.org> eth: fbnic: remove the debugging trick of super high page bias Sumanth Korikkar <sumanthk(a)linux.ibm.com> s390/mm: Allocate page table with PAGE_SIZE granularity Maher Azzouzi <maherazz04(a)gmail.com> net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing Jakub Kicinski <kuba(a)kernel.org> Revert "net: mdio_bus: Use devm for getting reset GPIO" Michal Schmidt <mschmidt(a)redhat.com> benet: fix BUG when creating VFs Lorenzo Bianconi <lorenzo(a)kernel.org> net: airoha: npu: Add missing MODULE_FIRMWARE macros Jakub Kicinski <kuba(a)kernel.org> net: devmem: fix DMA direction on unmapping Arnd Bergmann <arnd(a)arndb.de> ipa: fix compile-testing with qcom-mdt=m Jakub Kicinski <kuba(a)kernel.org> eth: fbnic: unlink NAPIs from queues on error to open Thomas Gleixner <tglx(a)linutronix.de> x86/irq: Plug vector setup race Michal Wajdeczko <michal.wajdeczko(a)intel.com> drm/xe/pf: Disable PF restart worker on device removal Olga Kornievskaia <okorniev(a)redhat.com> sunrpc: fix client side handling of tls alerts Yang Erkun <yangerkun(a)huawei.com> md: make rdev_addable usable for rcu mode Takamitsu Iwai <takamitz(a)amazon.co.jp> net/sched: taprio: enforce minimum value for picos_per_byte Wang Liang <wangliang74(a)huawei.com> net: drop UFO packets in udp_rcv_segment() Florian Fainelli <florian.fainelli(a)broadcom.com> net: mdio: mdio-bcm-unimac: Correct rate fallback logic Eric Dumazet <edumazet(a)google.com> ipv6: reject malicious packets in ipv6_gso_segment() Eric Dumazet <edumazet(a)google.com> selftests: avoid using ifconfig Christoph Paasch <cpaasch(a)openai.com> net/mlx5: Correctly set gso_segs when LRO is used Lorenzo Bianconi <lorenzo(a)kernel.org> net: airoha: Fix PPE table access in airoha_ppe_debugfs_foe_show() Simon Trimmer <simont(a)opensource.cirrus.com> spi: cs42l43: Property entry should be a null-terminated array Baojun Xu <baojun.xu(a)ti.com> ASoC: tas2781: Fix the wrong step for TLV on tas2781 Christoph Hellwig <hch(a)lst.de> block: ensure discard_granularity is zero when discard is not supported Guenter Roeck <linux(a)roeck-us.net> block: Fix default IO priority if there is no IO context Jakub Kicinski <kuba(a)kernel.org> netlink: specs: ethtool: fix module EEPROM input/output arguments Alexander Gordeev <agordeev(a)linux.ibm.com> s390/mm: Set high_memory at the end of the identity mapping Harald Freudenberger <freude(a)linux.ibm.com> s390/ap: Unmask SLCF bit in card and queue ap functions sysfs Mohamed Khalfella <mkhalfella(a)purestorage.com> nvmet: initialize discovery subsys after debugfs is initialized Eric Dumazet <edumazet(a)google.com> pptp: ensure minimal skb length in pptp_xmit() Bence Csókás <csokas.bence(a)prolan.hu> net: mdio_bus: Use devm for getting reset GPIO Luca Weiss <luca.weiss(a)fairphone.com> net: ipa: add IPA v5.1 and v5.5 to ipa_version_string() Horatiu Vultur <horatiu.vultur(a)microchip.com> phy: mscc: Fix parsing of unicast frames Jakub Kicinski <kuba(a)kernel.org> netpoll: prevent hanging NAPI when netcons gets enabled Michal Luczaj <mhal(a)rbox.co> kcm: Fix splice support Heming Zhao <heming.zhao(a)suse.com> md/md-cluster: handle REMOVE message earlier Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> ARM: s3c/gpio: complete the conversion to new GPIO value setters Benjamin Coddington <bcodding(a)redhat.com> NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY Olga Kornievskaia <okorniev(a)redhat.com> NFSv4.2: another fix for listxattr Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() Tigran Mkrtchyan <tigran.mkrtchyan(a)desy.de> pNFS/flexfiles: don't attempt pnfs on fatal DS errors Len Brown <len.brown(a)intel.com> tools/power turbostat: regression fix: --show C1E% Timothy Pearson <tpearson(a)raptorengineering.com> PCI: pnv_php: Fix surprise plug detection and recovery Timothy Pearson <tpearson(a)raptorengineering.com> powerpc/eeh: Make EEH driver device hotplug safe Timothy Pearson <tpearson(a)raptorengineering.com> powerpc/eeh: Export eeh_unfreeze_pe() Timothy Pearson <tpearson(a)raptorengineering.com> PCI: pnv_php: Work around switches with broken presence detection Timothy Pearson <tpearson(a)raptorengineering.com> PCI: pnv_php: Clean up allocated IRQs on unplug Herbert Xu <herbert(a)gondor.apana.org.au> padata: Remove comment for reorder_work Peter Zijlstra <peterz(a)infradead.org> sched/psi: Fix psi_seq initialization Jason Gunthorpe <jgg(a)ziepe.ca> vfio/pci: Do vf_token checks for VFIO_DEVICE_BIND_IOMMUFD Masahiro Yamada <masahiroy(a)kernel.org> kconfig: qconf: fix ConfigList::updateListAllforAll() Salomon Dushimirimana <salomondush(a)google.com> scsi: sd: Make sd shutdown issue START STOP UNIT appropriately Seunghui Lee <sh043.lee(a)samsung.com> scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume Li Lingfeng <lilingfeng3(a)huawei.com> scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" Tomas Henzl <thenzl(a)redhat.com> scsi: mpt3sas: Fix a fw_event memory leak Alex Williamson <alex.williamson(a)redhat.com> vfio/pci: Separate SR-IOV VF dev_set Brett Creeley <brett.creeley(a)amd.com> vfio/pds: Fix missing detach_ioas op Jacob Pan <jacob.pan(a)linux.microsoft.com> vfio: Prevent open_count decrement to negative Jacob Pan <jacob.pan(a)linux.microsoft.com> vfio: Fix unbalanced vfio_df_close call in no-iommu mode Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> i2c: muxes: mule: Fix an error handling path in mule_i2c_mux_probe() Zhengxu Zhang <zhengxu.zhang(a)unisoc.com> exfat: fdatasync flag should be same like generic_write_sync() Chao Yu <chao(a)kernel.org> f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode Chao Yu <chao(a)kernel.org> f2fs: fix to calculate dirty data during has_not_enough_free_secs() Chao Yu <chao(a)kernel.org> f2fs: fix to update upper_p in __get_secs_required() correctly Jan Prusakowski <jprusakowski(a)google.com> f2fs: vm_unmap_ram() may be called from an invalid context Chao Yu <chao(a)kernel.org> f2fs: fix to avoid out-of-boundary access in devs.path Chao Yu <chao(a)kernel.org> f2fs: fix to avoid panic in f2fs_evict_inode Chao Yu <chao(a)kernel.org> f2fs: fix to avoid UAF in f2fs_sync_inode_meta() Chao Yu <chao(a)kernel.org> f2fs: doc: fix wrong quota mount option description Chao Yu <chao(a)kernel.org> f2fs: fix to check upper boundary for gc_no_zoned_gc_percent Chao Yu <chao(a)kernel.org> f2fs: fix to check upper boundary for gc_valid_thresh_ratio yohan.joung <yohan.joung(a)sk.com> f2fs: fix to check upper boundary for value of gc_boost_zoned_gc_percent Abinash Singh <abinashlalotra(a)gmail.com> f2fs: fix KMSAN uninit-value in extent_info usage Zhiguo Niu <zhiguo.niu(a)unisoc.com> f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic Zhiguo Niu <zhiguo.niu(a)unisoc.com> f2fs: compress: change the first parameter of page_array_{alloc,free} to sbi Chao Yu <chao(a)kernel.org> f2fs: fix to avoid invalid wait context issue Sheng Yong <shengyong1(a)xiaomi.com> f2fs: fix bio memleak when committing super block Daeho Jeong <daehojeong(a)google.com> f2fs: turn off one_time when forcibly set to foreground GC Brian Masney <bmasney(a)redhat.com> rtc: rv3028: fix incorrect maximum clock rate handling Brian Masney <bmasney(a)redhat.com> rtc: pcf8563: fix incorrect maximum clock rate handling Brian Masney <bmasney(a)redhat.com> rtc: pcf85063: fix incorrect maximum clock rate handling Brian Masney <bmasney(a)redhat.com> rtc: nct3018y: fix incorrect maximum clock rate handling Brian Masney <bmasney(a)redhat.com> rtc: hym8563: fix incorrect maximum clock rate handling Brian Masney <bmasney(a)redhat.com> rtc: ds1307: fix incorrect maximum clock rate handling Uros Bizjak <ubizjak(a)gmail.com> ucount: fix atomic_long_inc_below() argument type Petr Pavlu <petr.pavlu(a)suse.com> module: Restore the moduleparam prefix length check Stanley Chu <yschu(a)nuvoton.com> i3c: master: svc: Fix npcm845 FIFO_EMPTY quirk Arnd Bergmann <arnd(a)arndb.de> i3c: fix module_i3c_i2c_driver() with I3C=n Helge Deller <deller(a)gmx.de> apparmor: Fix unaligned memory accesses in KUnit test Colin Ian King <colin.i.king(a)gmail.com> squashfs: fix incorrect argument to sizeof in kmalloc_array call Matthew Wilcox (Oracle) <willy(a)infradead.org> squashfs: use folios in squashfs_bio_read_cached() Johannes Berg <johannes.berg(a)intel.com> scripts: gdb: move MNT_* constants to gdb-parsed Jiri Olsa <olsajiri(a)gmail.com> uprobes: revert ref_ctr_offset in uprobe_unregister error path Kent Overstreet <kent.overstreet(a)linux.dev> dm-flakey: Fix corrupt_bio_byte setup checks Ryan Lee <ryan.lee(a)canonical.com> apparmor: fix loop detection used in conflicting attachment resolution Ryan Lee <ryan.lee(a)canonical.com> apparmor: ensure WB_HISTORY_SIZE value is a power of 2 Paul Chaignon <paul.chaignon(a)gmail.com> bpf: Check netfilter ctx accesses are aligned Paul Chaignon <paul.chaignon(a)gmail.com> bpf: Check flow_dissector ctx accesses are aligned Cindy Lu <lulu(a)redhat.com> vhost: Reintroduce kthread API and add mode selection Anders Roxell <anders.roxell(a)linaro.org> vdpa: Fix IDR memory leak in VDUSE module exit Dragos Tatulea <dtatulea(a)nvidia.com> vdpa/mlx5: Fix release of uninitialized resources on error path Alok Tiwari <alok.a.tiwari(a)oracle.com> vhost-scsi: Fix check for inline_sg_cnt exceeding preallocated limit Mike Christie <michael.christie(a)oracle.com> vhost-scsi: Fix log flooding with target does not exist errors Dragos Tatulea <dtatulea(a)nvidia.com> vdpa/mlx5: Fix needs_teardown flag calculation Daniel Borkmann <daniel(a)iogearbox.net> bpf: Fix oob access in cgroup local storage Daniel Borkmann <daniel(a)iogearbox.net> bpf: Move cgroup iterator helpers to bpf.h Daniel Borkmann <daniel(a)iogearbox.net> bpf: Move bpf map owner out of common struct Daniel Borkmann <daniel(a)iogearbox.net> bpf: Add cookie object to bpf maps Namhyung Kim <namhyung(a)kernel.org> perf record: Cache build-ID of hit DSOs only Takashi Iwai <tiwai(a)suse.de> ALSA: usb: scarlett2: Fix missing NULL check WangYuli <wangyuli(a)uniontech.com> selftests: ALSA: fix memory leak in utimer test Lukasz Laguna <lukasz.laguna(a)intel.com> drm/xe/vf: Disable CSC support on VF Balamanikandan Gunasundar <balamanikandan.gunasundar(a)microchip.com> mtd: rawnand: atmel: set pmecc data setup time Thomas Fourier <fourier.thomas(a)gmail.com> mtd: rawnand: rockchip: Add missing check after DMA map Thomas Fourier <fourier.thomas(a)gmail.com> mtd: rawnand: atmel: Fix dma_mapping_error() address Zheng Yu <zheng.yu(a)northwestern.edu> jfs: fix metapage reference count leak in dbAllocCtl Michal Wajdeczko <michal.wajdeczko(a)intel.com> drm/xe/configfs: Fix pci_dev reference leak Paulo Alcantara <pc(a)manguebit.org> smb: client: allow parsing zero-length AV pairs Chenyuan Yang <chenyuan0y(a)gmail.com> fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref Giovanni Cabiddu <giovanni.cabiddu(a)intel.com> crypto: qat - fix seq_file position update in adf_ring_next() Giovanni Cabiddu <giovanni.cabiddu(a)intel.com> crypto: qat - fix DMA direction for compression on GEN2 devices Shubhrajyoti Datta <shubhrajyoti.datta(a)amd.com> clk: clocking-wizard: Fix the round rate handling for versal Chen Pei <cp0613(a)linux.alibaba.com> perf tools: Remove libtraceevent in .gitignore Ben Hutchings <benh(a)debian.org> sh: Do not use hyphen in exported variable name Akhilesh Patil <akhilesh(a)ee.iitb.ac.in> clk: spacemit: ccu_pll: fix error return value in recalc_rate callback Ian Rogers <irogers(a)google.com> perf topdown: Use attribute to see an event is a topdown metic or slots Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: fsl_xcvr: get channel status data with firmware exists Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: fsl_xcvr: get channel status data when PHY is not exists Charles Keepax <ckeepax(a)opensource.cirrus.com> ASoC: SDCA: Fix some holes in the regmap readable/writeable helpers Shree Ramamoorthy <s-ramamoorthy(a)ti.com> mfd: tps65219: Update TPS65214 MFD cell's GPIO compatible string Thomas Fourier <fourier.thomas(a)gmail.com> dmaengine: nbpfaxi: Add missing check after DMA map Thomas Fourier <fourier.thomas(a)gmail.com> dmaengine: mv_xor: Fix missing check after DMA map and missing unmap Ian Rogers <irogers(a)google.com> perf pmu: Switch FILENAME_MAX to NAME_MAX Ian Rogers <irogers(a)google.com> tools subcmd: Tighten the filename size in check_if_command_finished Yao Zi <ziyao(a)disroot.org> clk: thead: th1520-ap: Describe mux clocks with clk_mux Dan Carpenter <dan.carpenter(a)linaro.org> fs/orangefs: Allow 2 more characters in do_c_string() Tanmay Shah <tanmay.shah(a)amd.com> remoteproc: xlnx: Disable unsupported features Luca Weiss <luca.weiss(a)fairphone.com> phy: qcom: phy-qcom-snps-eusb2: Add missing write from init sequence Laurentiu Palcu <laurentiu.palcu(a)oss.nxp.com> clk: imx95-blk-ctl: Fix synchronous abort Manivannan Sadhasivam <mani(a)kernel.org> PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute Bard Liao <yung-chuan.liao(a)linux.intel.com> soundwire: stream: restore params when prepare ports fail Michal Koutný <mkoutny(a)suse.com> cgroup: Add compatibility option for content of /proc/cgroups Eric Biggers <ebiggers(a)kernel.org> crypto: krb5 - Fix memory leak in krb5_test_one_prf() Suman Kumar Chakraborty <suman.kumar.chakraborty(a)intel.com> crypto: qat - fix virtual channel configuration for GEN6 devices Bairavi Alagappan <bairavix.alagappan(a)intel.com> crypto: qat - disable ZUC-256 capability for QAT GEN5 Thomas Fourier <fourier.thomas(a)gmail.com> crypto: img-hash - Fix dma_unmap_sg() nents value Thomas Fourier <fourier.thomas(a)gmail.com> crypto: keembay - Fix dma_unmap_sg() nents value Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> hwrng: mtk - handle devm_pm_runtime_enable errors Varshini Rajendran <varshini.rajendran(a)microchip.com> clk: at91: sam9x7: update pll clk ranges Jan Kara <jack(a)suse.cz> ext4: Make sure BH_New bit is cleared in ->write_end handler Baokun Li <libaokun1(a)huawei.com> ext4: fix inode use after free in ext4_end_io_rsv_work() Shashank Balaji <shashank.mahadasyam(a)sony.com> selftests/cgroup: fix cpu.max tests Dan Carpenter <dan.carpenter(a)linaro.org> watchdog: ziirave_wdt: check record length in ziirave_firm_verify() Robin Murphy <robin.murphy(a)arm.com> PCI: Fix driver_managed_dma check Thomas Fourier <fourier.thomas(a)gmail.com> scsi: isci: Fix dma_unmap_sg() nents value Thomas Fourier <fourier.thomas(a)gmail.com> scsi: mvsas: Fix dma_unmap_sg() nents value Thomas Fourier <fourier.thomas(a)gmail.com> scsi: elx: efct: Fix dma_unmap_sg() nents value Bagas Sanjaya <bagasdotme(a)gmail.com> scsi: core: Fix kernel doc for scsi_track_queue_full() Thomas Fourier <fourier.thomas(a)gmail.com> scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value Paul Kocialkowski <paulk(a)sys-base.io> clk: sunxi-ng: v3s: Fix de clock definition Zhang Yi <yi.zhang(a)huawei.com> ext4: fix insufficient credits calculation in ext4_meta_trans_blocks() Zhang Yi <yi.zhang(a)huawei.com> ext4: correct the reserved credits for extent conversion Yao Zi <ziyao(a)disroot.org> clk: thead: th1520-ap: Correctly refer the parent of osc_12m Shiraz Saleem <shirazsaleem(a)microsoft.com> RDMA/mana_ib: Fix DSCP value in modify QP Ian Rogers <irogers(a)google.com> perf python: Correct pyrf_evsel__read for tool PMUs Ian Rogers <irogers(a)google.com> perf python: Fix thread check in pyrf_evsel__read Ian Rogers <irogers(a)google.com> perf hwmon_pmu: Avoid shortening hwmon PMU name Leo Yan <leo.yan(a)arm.com> perf tests bp_account: Fix leaked file descriptor Mukesh Ojha <mukesh.ojha(a)oss.qualcomm.com> pinmux: fix race causing mux_owner NULL with active mux_usecount Li Ming <ming.li(a)zohomail.com> cxl/edac: Fix wrong dpa checking for PPR operation Li Ming <ming.li(a)zohomail.com> cxl/core: Introduce a new helper cxl_resource_contains_addr() wangzijie <wangzijie1(a)honor.com> proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Leon Romanovsky <leon(a)kernel.org> RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration Arnd Bergmann <arnd(a)arndb.de> kernel: trace: preemptirq_delay_test: use offstack cpu mask Steven Rostedt <rostedt(a)goodmis.org> tracing: Use queue_rcu_work() to free filters Junxian Huang <huangjunxian6(a)hisilicon.com> RDMA/hns: Fix -Wframe-larger-than issue Junxian Huang <huangjunxian6(a)hisilicon.com> RDMA/hns: Drop GFP_NOWARN Junxian Huang <huangjunxian6(a)hisilicon.com> RDMA/hns: Fix accessing uninitialized resources Junxian Huang <huangjunxian6(a)hisilicon.com> RDMA/hns: Get message length of ack_req from FW Mengbiao Xiong <xisme1998(a)gmail.com> crypto: ccp - Fix crash when rebind ccp device for ccp.ko Thomas Fourier <fourier.thomas(a)gmail.com> crypto: inside-secure - Fix `dma_unmap_sg()` nents value Alexey Kardashevskiy <aik(a)amd.com> crypto: ccp - Fix locking on alloc failure handling wenglianfa <wenglianfa(a)huawei.com> RDMA/hns: Fix HW configurations not cleared in error flow wenglianfa <wenglianfa(a)huawei.com> RDMA/hns: Fix double destruction of rsv_qp Alex Elder <elder(a)riscstar.com> clk: spacemit: mark K1 pll1_d8 as critical Namhyung Kim <namhyung(a)kernel.org> perf sched: Fix memory leaks in 'perf sched latency' Namhyung Kim <namhyung(a)kernel.org> perf sched: Use RC_CHK_EQUAL() to compare pointers Namhyung Kim <namhyung(a)kernel.org> perf sched: Fix memory leaks for evsel->priv in timehist Namhyung Kim <namhyung(a)kernel.org> perf sched: Fix thread leaks in 'perf sched timehist' Namhyung Kim <namhyung(a)kernel.org> perf sched: Fix memory leaks in 'perf sched map' Namhyung Kim <namhyung(a)kernel.org> perf sched: Free thread->priv using priv_destructor Namhyung Kim <namhyung(a)kernel.org> perf sched: Make sure it frees the usage string Takahiro Kuwano <Takahiro.Kuwano(a)infineon.com> mtd: spi-nor: spansion: Fixup params->set_4byte_addr_mode for SEMPER Ian Rogers <irogers(a)google.com> perf dso: Add missed dso__put to dso__load_kcore Namhyung Kim <namhyung(a)kernel.org> perf tools: Fix use-after-free in help_unknown_cmd() WangYuli <wangyuli(a)uniontech.com> gitignore: allow .pylintrc to be tracked Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> leds: pca955x: Avoid potential overflow when filling default_label (take 2) Thomas Fourier <fourier.thomas(a)gmail.com> Fix dma_unmap_sg() nents value Parav Pandit <parav(a)nvidia.com> RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters Parav Pandit <parav(a)nvidia.com> RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify Parav Pandit <parav(a)nvidia.com> RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create Arnd Bergmann <arnd(a)arndb.de> leds: tps6131x: Add V4L2_FLASH_LED_CLASS dependency Parav Pandit <parav(a)nvidia.com> RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create Parav Pandit <parav(a)nvidia.com> RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create Parav Pandit <parav(a)nvidia.com> RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create Parav Pandit <parav(a)nvidia.com> RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create Parav Pandit <parav(a)nvidia.com> RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create Mark Bloch <mbloch(a)nvidia.com> RDMA/ipoib: Use parent rdma device net namespace Nuno Sá <nuno.sa(a)analog.com> clk: clk-axi-clkgen: fix fpfd_max frequency for zynq Amir Goldstein <amir73il(a)gmail.com> fanotify: sanitize handle_type values when reporting fid Luca Weiss <luca.weiss(a)fairphone.com> phy: qualcomm: phy-qcom-eusb2-repeater: Don't zero-out registers Rodrigo Gobbi <rodrigo.gobbi.7(a)gmail.com> soundwire: debugfs: move debug statement outside of error handling Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> dmaengine: mmp: Fix again Wvoid-pointer-to-enum-cast warning Charles Keepax <ckeepax(a)opensource.cirrus.com> soundwire: Correct some property names Niklas Cassel <cassel(a)kernel.org> PCI: qcom: Wait PCIE_RESET_CONFIG_WAIT_MS after link-up IRQ Niklas Cassel <cassel(a)kernel.org> PCI: dw-rockchip: Wait PCIE_RESET_CONFIG_WAIT_MS after link-up IRQ Niklas Cassel <cassel(a)kernel.org> PCI: Rename PCIE_RESET_CONFIG_DEVICE_WAIT_MS to PCIE_RESET_CONFIG_WAIT_MS Jiwei Sun <sunjw10(a)lenovo.com> PCI: Adjust the position of reading the Link Control 2 register Ze Huang <huangze(a)whut.edu.cn> pinctrl: canaan: k230: Fix order of DT parse and pinctrl register Ze Huang <huangze(a)whut.edu.cn> pinctrl: canaan: k230: add NULL check in DT parse Yuan Chen <chenyuan(a)kylinos.cn> pinctrl: berlin: fix memory leak in berlin_pinctrl_build_state() Yuan Chen <chenyuan(a)kylinos.cn> pinctrl: sunxi: Fix memory leak on krealloc failure Jerome Brunet <jbrunet(a)baylibre.com> PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails Suman Kumar Chakraborty <suman.kumar.chakraborty(a)intel.com> crypto: qat - restore ASYM service support for GEN6 devices Herbert Xu <herbert(a)gondor.apana.org.au> crypto: ahash - Stop legacy tfms from using the set_virt fallback path Herbert Xu <herbert(a)gondor.apana.org.au> crypto: ahash - Add support for drivers with no fallback Arnd Bergmann <arnd(a)arndb.de> crypto: arm/aes-neonbs - work around gcc-15 warning Thomas Antoine <t.antoine(a)uclouvain.be> power: supply: max1720x correct capacity computation Casey Connolly <casey.connolly(a)linaro.org> power: supply: qcom_pmi8998_charger: fix wakeirq Charles Han <hanchunchao(a)inspur.com> power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set Geert Uytterhoeven <geert+renesas(a)glider.be> power: reset: POWER_RESET_TORADEX_EC should depend on ARCH_MXC Charles Han <hanchunchao(a)inspur.com> power: supply: cpcap-charger: Fix null check for power_supply_get_by_name Rohit Visavalia <rohit.visavalia(a)amd.com> clk: xilinx: vcu: unregister pll_post only if registered correctly Namhyung Kim <namhyung(a)kernel.org> perf parse-events: Set default GH modifier properly James Cowgill <james.cowgill(a)blaize.com> media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check Ming Qian <ming.qian(a)oss.nxp.com> media: imx-jpeg: Account for data_offset when getting image address Henry Martin <bsdhenrymartin(a)gmail.com> clk: davinci: Add NULL check in davinci_lpsc_clk_register() Ivan Stepchenko <sid(a)itb.spb.ru> mtd: fix possible integer overflow in erase_xfer() Svyatoslav Pankratov <svyatoslav.pankratov(a)intel.com> crypto: qat - fix state restore for banks with exceptions Ahsan Atta <ahsan.atta(a)intel.com> crypto: qat - allow enabling VFs in the absence of IOMMU Ashish Kalra <ashish.kalra(a)amd.com> crypto: ccp - Fix dereferencing uninitialized error pointer Herbert Xu <herbert(a)gondor.apana.org.au> padata: Fix pd UAF once and for all Herbert Xu <herbert(a)gondor.apana.org.au> crypto: s390/sha3 - Use cpu byte-order when exporting Herbert Xu <herbert(a)gondor.apana.org.au> crypto: s390/hmac - Fix counter in export state Herbert Xu <herbert(a)gondor.apana.org.au> crypto: marvell/cesa - Fix engine load inaccuracy Suman Kumar Chakraborty <suman.kumar.chakraborty(a)intel.com> crypto: qat - use unmanaged allocation for dc_data Ovidiu Panait <ovidiu.panait.oss(a)gmail.com> crypto: sun8i-ce - fix nents passed to dma_unmap_sg() Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> clk: renesas: rzv2h: Fix missing CLK_SET_RATE_PARENT flag for ddiv clocks Hans Zhang <18255117159(a)163.com> PCI: rockchip-host: Fix "Unexpected Completion" log message Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com> remoteproc: qcom: pas: Conclude the rename from adsp Thomas Richard <thomas.richard(a)bootlin.com> pinctrl: cirrus: madera-core: Use devm_pinctrl_register_mappings() Kees Cook <kees(a)kernel.org> fortify: Fix incorrect reporting of read buffer size Kees Cook <kees(a)kernel.org> staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() Gabriele Monaco <gmonaco(a)redhat.com> rv: Adjust monitor dependencies Gabriele Monaco <gmonaco(a)redhat.com> rv: Use strings in da monitors tracepoints Gabriele Monaco <gmonaco(a)redhat.com> rv: Remove trailing whitespace from tracepoint string Samuel Holland <samuel.holland(a)sifive.com> RISC-V: KVM: Fix inclusion of Smnpm in the guest ISA bitmap Puranjay Mohan <puranjay(a)kernel.org> bpf, arm64: Fix fp initialization for exception boundary Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> bpf/preload: Don't select USERMODE_DRIVER Eric Dumazet <edumazet(a)google.com> ipv6: annotate data-races around rt->fib6_nsiblings Eric Dumazet <edumazet(a)google.com> ipv6: fix possible infinite loop in fib6_info_uses_dev() Eric Dumazet <edumazet(a)google.com> ipv6: prevent infinite loop in rt6_nlmsg_size() Eric Dumazet <edumazet(a)google.com> ipv6: add a retry logic in net6_rt_notify() Stanislav Fomichev <sdf(a)fomichev.me> vrf: Drop existing dst reference in vrf_ip6_input_dst Xiumei Mu <xmu(a)redhat.com> selftests: rtnetlink.sh: remove esp4_offload after test Jason Xing <kernelxing(a)tencent.com> igb: xsk: solve negative overflow of nb_pkts in zerocopy mode Jason Xing <kernelxing(a)tencent.com> stmmac: xsk: fix negative overflow of budget in zerocopy mode Kuniyuki Iwashima <kuniyu(a)google.com> neighbour: Fix null-ptr-deref in neigh_flush_dev(). Tristram Ha <tristram.ha(a)microchip.com> net: dsa: microchip: Fix wrong rx drop MIB counter for KSZ8863 Stanislav Fomichev <sdf(a)fomichev.me> macsec: set IFF_UNICAST_FLT priv flag Shahar Shitrit <shshitrit(a)nvidia.com> net/mlx5e: Fix potential deadlock by deferring RX timeout recovery Jianbo Liu <jianbol(a)nvidia.com> net/mlx5e: Remove skb secpath if xfrm state is not found Alexei Lazar <alazar(a)nvidia.com> net/mlx5e: Clear Read-Only port buffer size in PBMC before update Yi Chen <yiche(a)redhat.com> selftests: netfilter: ipvs.sh: Explicity disable rp_filter on interface tunl0 Phil Sutter <phil(a)nwl.cc> selftests: netfilter: Ignore tainted kernels in interface stress test Florian Westphal <fw(a)strlen.de> netfilter: xt_nfacct: don't assume acct name is null-terminated Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_usb: Assign netdev.dev_port based on device channel index Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_pciefd: Store device channel index Randy Dunlap <rdunlap(a)infradead.org> can: tscan1: CAN_TSCAN1 can depend on PC104 Vincent Mailhol <mailhol.vincent(a)wanadoo.fr> can: tscan1: Kconfig: add COMPILE_TEST Stephane Grosjean <stephane.grosjean(a)hms-networks.com> can: peak_usb: fix USB FD devices potential malfunction Daniel Zahka <daniel.zahka(a)gmail.com> selftests: drv-net: tso: fix non-tunneled tso6 test case name Daniel Zahka <daniel.zahka(a)gmail.com> selftests: drv-net: tso: fix vxlan tunnel flags to get correct gso_type Daniel Zahka <daniel.zahka(a)gmail.com> selftests: drv-net: tso: enable test cases based on hw_features Gal Pressman <gal(a)nvidia.com> selftests: drv-net: Fix remote command checking in require_cmd() Gabriele Monaco <gmonaco(a)redhat.com> tools/rv: Do not skip idle in trace Paul Chaignon <paul.chaignon(a)gmail.com> bpf: Reject narrower access to pointer ctx fields Kuniyuki Iwashima <kuniyu(a)google.com> bpf: Disable migration in nf_hook_run_bpf(). Chris Down <chris(a)chrisdown.name> Bluetooth: hci_event: Mask data status from LE ext adv reports Kiran K <kiran.k(a)intel.com> Bluetooth: btintel_pcie: Make driver wait for alive interrupt Kiran K <kiran.k(a)intel.com> Bluetooth: btintel: Define a macro for Intel Reset vendor command Ivan Pravdin <ipravdin.official(a)gmail.com> Bluetooth: hci_devcd_dump: fix out-of-bounds via dev_coredumpv Arseniy Krasnov <avkrasnov(a)salutedevices.com> Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()' Zhongqiu Han <quic_zhonhan(a)quicinc.com> Bluetooth: btusb: Fix potential NULL dereference on kmalloc failure Ting-Ying Li <tingying.li(a)cypress.com> wifi: brcmfmac: fix EXTSAE WPA3 connection failure due to AUTH TX failure Lu Baolu <baolu.lu(a)linux.intel.com> iommu/vt-d: Fix UAF on sva unbind with pending IOPFs Benjamin Berg <benjamin.berg(a)intel.com> wifi: iwlwifi: mld: decode EOF bit for AMPDUs Jeremy Linton <jeremy.linton(a)arm.com> arm64/gcs: task_gcs_el0_enable() should use passed task Johannes Berg <johannes.berg(a)intel.com> wifi: mac80211: fix WARN_ON for monitor mode on some devices Kees Cook <kees(a)kernel.org> wifi: brcmfmac: cyw: Fix __counted_by to be LE variant Matthew Wilcox (Oracle) <willy(a)infradead.org> memcg_slabinfo: Fix use of PG_slab Marco Elver <elver(a)google.com> kcsan: test: Initialize dummy variable Steven Rostedt <rostedt(a)goodmis.org> ring-buffer: Remove ring_buffer_read_prepare_sync() Kees Cook <kees(a)kernel.org> wifi: nl80211: Set num_sub_specs before looping through sub_specs Kees Cook <kees(a)kernel.org> wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon() Steven Rostedt <rostedt(a)goodmis.org> PM: cpufreq: powernv/tracing: Move powernv_throttle trace event Gokul Sivakumar <gokulkumar.sivakumar(a)infineon.com> wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE Tamizh Chelvam Raja <tamizh.raja(a)oss.qualcomm.com> wifi: ath12k: fix endianness handling while accessing wmi service bit Remi Pommarel <repk(a)triplefau.lt> Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" Remi Pommarel <repk(a)triplefau.lt> wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() Alexander Wetzel <Alexander(a)wetzel-home.de> wifi: mac80211: Don't call fq_flow_idx() for management frames Alexander Wetzel <Alexander(a)wetzel-home.de> wifi: mac80211: Do not schedule stopped TXQs Alexander Wetzel <Alexander(a)wetzel-home.de> wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() Murad Masimov <m.masimov(a)mt-integration.ru> wifi: plfxlc: Fix error handling in usb driver probe Moon Hee Lee <moonhee.lee.ca(a)gmail.com> wifi: mac80211: reject TDLS operations when station is not associated Tze-nan Wu <Tze-nan.Wu(a)mediatek.com> rcu: Fix delayed execution of hurry callbacks Jason Gunthorpe <jgg(a)ziepe.ca> iommu/amd: Fix geometry.aperture_end for V2 tables Puranjay Mohan <puranjay(a)kernel.org> selftests/bpf: fix implementation of smp_mb() Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/gfx10: fix kiq locking in KCQ reset Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/gfx9.4.3: fix kiq locking in KCQ reset Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/gfx9: fix kiq locking in KCQ reset Baochen Qiang <quic_bqiang(a)quicinc.com> wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() Aaradhana Sahu <aaradhana.sahu(a)oss.qualcomm.com> wifi: ath12k: Use HTT_TCL_METADATA_VER_V1 in FTM mode Maharaja Kennadyrajan <maharaja.kennadyrajan(a)oss.qualcomm.com> wifi: mac80211: use RCU-safe iteration in ieee80211_csa_finish Thomas Fourier <fourier.thomas(a)gmail.com> mwl8k: Add missing check after DMA map Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtw88: Fix macid assigned to TDLS station Martin Kaistra <martin.kaistra(a)linutronix.de> wifi: rtl8xxxu: Fix RX skb size for aggregation disabled Eric Dumazet <edumazet(a)google.com> tcp: call tcp_measure_rcv_mss() for ooo packets Juergen Gross <jgross(a)suse.com> xen/gntdev: remove struct gntdev_copy_batch from stack Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> iommu/arm-smmu: disable PRR on SM8250 Ethan Milon <ethan.milon(a)eviden.com> iommu/vt-d: Fix missing PASID in dev TLB flush with cache_tag_flush_all Jason Gunthorpe <jgg(a)ziepe.ca> iommu/vt-d: Do not wipe out the page table NID when devices detach Juri Lelli <juri.lelli(a)redhat.com> sched/deadline: Reset extra_bw to max_bw when clearing root domains Juri Lelli <juri.lelli(a)redhat.com> sched/deadline: Initialize dl_servers after SMP Al Viro <viro(a)zeniv.linux.org.uk> xen: fix UAF in dmabuf_exp_from_pages() Edward Srouji <edwards(a)nvidia.com> RDMA/mlx5: Fix UMR modifying of mkey page size Eric Dumazet <edumazet(a)google.com> net_sched: act_ctinfo: use atomic64_t for three counters William Liu <will(a)willsroot.io> net/sched: Restrict conditions for adding duplicating netems to qdisc tree Thomas Weißschuh <linux(a)weissschuh.net> leds: lp8860: Check return value of devm_mutex_init() Thomas Weißschuh <linux(a)weissschuh.net> spi: spi-nxp-fspi: Check return value of devm_mutex_init() Easwar Hariharan <eahariha(a)linux.microsoft.com> iommu/amd: Enable PASID and ATS capabilities in the correct order Tiwei Bie <tiwei.btw(a)antgroup.com> um: rtc: Avoid shadowing err in uml_rtc_start() Johan Korsnes <johan.korsnes(a)gmail.com> arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX Jeff Johnson <jeff.johnson(a)oss.qualcomm.com> wifi: ath12k: pack HTT pdev rate stats structs Harshitha Prem <quic_hprem(a)quicinc.com> wifi: ath12k: update unsupported bandwidth flags in reg rules Simona Vetter <simona.vetter(a)ffwll.ch> drm/panthor: Fix UAF in panthor_gem_create_with_handle() debugfs code Fedor Pchelkin <pchelkin(a)ispras.ru> netfilter: nf_tables: adjust lockdep assertions handling Phil Sutter <phil(a)nwl.cc> netfilter: nf_tables: Drop dead code from fill_*_info routines Shixiong Ou <oushixiong(a)kylinos.cn> fbcon: Fix outdated registered_fb reference in comment Peter Zijlstra <peterz(a)infradead.org> sched/deadline: Less agressive dl_server handling Peter Zijlstra <peterz(a)infradead.org> sched/psi: Optimize psi_group_change() cpu_clock() usage Andy Yan <andy.yan(a)rock-chips.com> drm/rockchip: vop2: Fix the update of LAYER/PORT select registers when there are multi display output on rk3588/rk3568 Heiko Stuebner <heiko(a)sntech.de> drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port Masahiro Yamada <masahiroy(a)kernel.org> arm64: fix unnecessary rebuilding when CONFIG_DEBUG_EFI=y Aaradhana Sahu <aaradhana.sahu(a)oss.qualcomm.com> wifi: ath12k: Block radio bring-up in FTM mode Vitaly Prosyak <vitaly.prosyak(a)amd.com> drm/amdgpu: fix use-after-free in amdgpu_userq_suspend+0x51a/0x5a0 Vitaly Prosyak <vitaly.prosyak(a)amd.com> Revert "drm/amdgpu: fix slab-use-after-free in amdgpu_userq_mgr_fini" Fedor Pchelkin <pchelkin(a)ispras.ru> drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/gfx10: fix KGQ reset sequence Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: move force completion into ring resets Christian König <ckoenig.leichtzumerken(a)gmail.com> drm/amdgpu: rework queue reset scheduler interaction Emily Deng <Emily.Deng(a)amd.com> drm/amdkfd: Move the process suspend and resume out of full access Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Fix valid_links bitmask in mt7996_mac_sta_{add,remove} Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Fix possible OOB access in mt7996_tx() Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Fix secondary link lookup in mt7996_mcu_sta_mld_setup_tlv() Artem Sadovnikov <a.sadovnikov(a)ispras.ru> refscale: Check that nreaders and loops multiplication doesn't overflow Finn Thain <fthain(a)linux-m68k.org> m68k: Don't unregister boot console needlessly Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com> drm/msm/dpu: Fill in min_prefill_lines for SC8180X Kumar Kartikeya Dwivedi <memxor(a)gmail.com> bpf: Ensure RCU lock is held around bpf_prog_ksym_find Dan Carpenter <dan.carpenter(a)linaro.org> wifi: mt76: mt7925: fix off by one in mt7925_mcu_hw_scan() Mark Brown <broonie(a)kernel.org> kselftest/arm64: Fix check for setting new VLs in sve-ptrace Dan Carpenter <dan.carpenter(a)linaro.org> wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() Eric Dumazet <edumazet(a)google.com> net: dst: add four helpers to annotate data-races around dst->dev Eric Dumazet <edumazet(a)google.com> net: dst: annotate data-races around dst->output Eric Dumazet <edumazet(a)google.com> net: dst: annotate data-races around dst->input Stav Aviram <saviram(a)nvidia.com> net/mlx5: Check device memory pointer before usage xin.guo <guoxin0309(a)gmail.com> tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range Thiraviyam Mariyappan <thiraviyam.mariyappan(a)oss.qualcomm.com> wifi: ath12k: Clear auth flag only for actual association in security mode Sergey Senozhatsky <senozhatsky(a)chromium.org> wifi: ath11k: clear initialized flag for deinit-ed srng lists Stanislav Fomichev <sdf(a)fomichev.me> team: replace team lock with rtnl lock Shuicheng Lin <shuicheng.lin(a)intel.com> drm/xe/uapi: Correct sync type definition in comments Jiasheng Jiang <jiasheng(a)iscas.ac.cn> iwlwifi: Add missing check for alloc_ordered_workqueue Xiu Jianfeng <xiujianfeng(a)huawei.com> wifi: iwlwifi: Fix memory leak in iwl_mvm_init() Vitaly Prosyak <vitaly.prosyak(a)amd.com> drm/amdgpu: fix slab-use-after-free in amdgpu_userq_mgr_fini+0x70c Daniil Dulov <d.dulov(a)aladdin.ru> wifi: rtl818x: Kill URBs before clearing tx status queue Zong-Zhe Yang <kevin_yang(a)realtek.com> wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band Eric Dumazet <edumazet(a)google.com> net: annotate races around sk->sk_uid Arnd Bergmann <arnd(a)arndb.de> caif: reduce stack size, again Tamizh Chelvam Raja <tamizh.raja(a)oss.qualcomm.com> wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() P Praneesh <praneesh.p(a)oss.qualcomm.com> wifi: ath12k: Fix double budget decrement while reaping monitor ring Kang Yang <kang.yang(a)oss.qualcomm.com> wifi: ath12k: update channel list in worker when wait flag is set Rameshkumar Sundaram <rameshkumar.sundaram(a)oss.qualcomm.com> wifi: ath12k: Avoid accessing uninitialized arvif->ar during beacon miss Haren Myneni <haren(a)linux.ibm.com> powerpc/pseries/dlpar: Search DRC index from ibm,drc-indexes for IO add Yuan Chen <chenyuan(a)kylinos.cn> bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure Rameshkumar Sundaram <rameshkumar.sundaram(a)oss.qualcomm.com> wifi: mac80211: Fix bssid_indicator for MBSSID in AP mode Erni Sri Satya Vennela <ernis(a)linux.microsoft.com> net: mana: Fix potential deadlocks in mana napi ops Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/sdma: handle paging queues in amdgpu_sdma_reset_engine() Lijo Lazar <lijo.lazar(a)amd.com> drm/amdgpu: Remove nbiov7.9 replay count reporting Jonathan Corbet <corbet(a)lwn.net> slub: Fix a documentation build error for krealloc() Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel Petr Machata <petrm(a)nvidia.com> net: ipv6: ip6mr: Fix in/out netdev to pass to the FORWARD chain Mykyta Yatsenko <yatsenko(a)meta.com> selftests/bpf: Fix unintentional switch case fall through Eduard Zingerman <eddyz87(a)gmail.com> bpf: handle jset (if a & b ...) as a jump in CFG computation Fushuai Wang <wangfushuai(a)baidu.com> selftests/bpf: fix signedness bug in redir_partial() Charalampos Mitrodimas <charmitro(a)posteo.net> net, bpf: Fix RCU usage in task_cls_state() for BPF programs Jiayuan Chen <jiayuan.chen(a)linux.dev> bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls Breno Leitao <leitao(a)debian.org> netconsole: Only register console drivers when targets are configured Jiayuan Chen <jiayuan.chen(a)linux.dev> bpf, sockmap: Fix psock incorrectly pointing to sk Kuan-Chung Chen <damon.chen(a)realtek.com> wifi: rtw89: fix EHT 20MHz TX rate for non-AP STA Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: rtw89: sar: do not assert wiphy lock held until probing is done Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: rtw89: sar: drop lockdep assertion in rtw89_set_sar_from_acpi Dan Carpenter <dan.carpenter(a)linaro.org> wifi: rtw89: mcc: prevent shift wrapping in rtw89_core_mlsr_switch() Boris Brezillon <boris.brezillon(a)collabora.com> drm/panthor: Add missing explicit padding in drm_panthor_gpu_info Adrián Larumbe <adrian.larumbe(a)collabora.com> drm/panfrost: Fix panfrost device variable name in devfreq Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> drm/connector: hdmi: Evaluate limited range after computing format Geert Uytterhoeven <geert+renesas(a)glider.be> drm/sitronix: Remove broken backwards-compatibility layer Andy Yan <andy.yan(a)rock-chips.com> drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed Huan Yang <link(a)vivo.com> udmabuf: fix vmap missed offset page Huan Yang <link(a)vivo.com> Revert "udmabuf: fix vmap_udmabuf error page set" Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> MIPS: alchemy: gpio: use new GPIO line value setter callbacks for the remaining chips Steven Rostedt <rostedt(a)goodmis.org> selftests/tracing: Fix false failure of subsystem event test Alok Tiwari <alok.a.tiwari(a)oracle.com> staging: nvec: Fix incorrect null termination of battery manufacturer Inochi Amaoto <inochiama(a)gmail.com> riscv: dts: sophgo: sg2044: Add missing riscv,cbop-block-size property Antheas Kapenekakis <lkml(a)antheas.dev> platform/x86: oxpec: Fix turbo register for G1 AMD Michael J. Ruhl <michael.j.ruhl(a)intel.com> drm/xe: Correct BMG VSEC header sizing Michael J. Ruhl <michael.j.ruhl(a)intel.com> drm/xe: Correct the rev value for the DVSEC entries Slark Xiao <slark_xiao(a)163.com> bus: mhi: host: pci_generic: Fix the modem name of Foxconn T99W640 Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com> interconnect: qcom: qcs615: Drop IP0 interconnects Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> interconnect: qcom: sc8180x: specify num_nodes Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> interconnect: qcom: sc8280xp: specify num_links for qnm_a1noc_cfg Johan Hovold <johan(a)kernel.org> soc: qcom: pmic_glink: fix OF node leak Brahmajit Das <listout(a)listout.xyz> samples: mei: Fix building on musl libc Johan Hovold <johan(a)kernel.org> driver core: auxiliary bus: fix OF node leak Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> staging: greybus: gbphy: fix up const issue with the match callback Charles Keepax <ckeepax(a)opensource.cirrus.com> ASoC: SDCA: Allow read-only controls to be deferrable Charles Keepax <ckeepax(a)opensource.cirrus.com> ASoC: SDCA: Update memory allocations to zero initialise Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> kexec_core: Fix error code path in the KEXEC_JUMP flow Jonas Karlman <jonas(a)kwiboo.se> arm64: dts: rockchip: Fix UART DMA support for RK3528 Lifeng Zheng <zhenglifeng1(a)huawei.com> cpufreq: Init policy->rwsem before it may be possibly used Lifeng Zheng <zhenglifeng1(a)huawei.com> cpufreq: Initialize cpufreq-based frequency-invariance later Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode Chanwoo Choi <cw00.choi(a)samsung.com> PM / devfreq: Fix a index typo in trans_stat Lifeng Zheng <zhenglifeng1(a)huawei.com> PM / devfreq: Check governor before using governor->name Jonas Karlman <jonas(a)kwiboo.se> arm64: dts: rockchip: Fix pinctrl node names for RK3528 Max Krummenacher <max.krummenacher(a)toradex.com> arm64: dts: freescale: imx8mp-toradex-smarc: fix lvds dsi mux gpio Adam Ford <aford173(a)gmail.com> arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed Adam Ford <aford173(a)gmail.com> arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed Annette Kobou <annette.kobou(a)kontron.de> ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface Moon Hee Lee <moonhee.lee.ca(a)gmail.com> selftests: breakpoints: use suspend_stats to reliably check suspend success Patrick Delaunay <patrick.delaunay(a)foss.st.com> arm64: dts: st: fix timer used for ticks Sebastian Reichel <sebastian.reichel(a)collabora.com> arm64: dts: rockchip: fix PHY handling for ROCK 4D Sumit Gupta <sumitg(a)nvidia.com> soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> staging: gpib: Fix error handling paths in cb_gpib_probe() Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> staging: gpib: Fix error code in board_type_ioctl() Parth Pancholi <parth.pancholi(a)toradex.com> arm64: dts: ti: k3-am62p-verdin: fix PWM_3_DSI GPIO direction Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> arm64: dts: renesas: r8a779g3-sparrow-hawk-fan-pwm: Add missing install target Albin Törnqvist <albin.tornqvist(a)codiax.se> arm: dts: ti: omap: Fixup pinheader typo Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> tools/nolibc: avoid false-positive -Wmaybe-uninitialized through waitpid() Lucas De Marchi <lucas.demarchi(a)intel.com> usb: early: xhci-dbc: Fix early_ioremap leak Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> selftests/nolibc: correctly report errors from printf() and friends Francesco Dolcini <francesco.dolcini(a)toradex.com> arm64: dts: ti: k3-am62p-verdin: add SD_1 CD pull-up Sivan Zohar-Kotzer <sivany32(a)gmail.com> powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "vmci: Prevent the dispatching of uninitialized payloads" Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> selftests: vDSO: chacha: Correctly skip test if necessary Tim Harvey <tharvey(a)gateworks.com> arm64: dts: imx8mp-venice-gw74xx: update name of M2SKT_WDIS2# gpio Denis OSTERLAND-HEIM <denis.osterland(a)diehl.com> pps: fix poll support Lizhi Xu <lizhi.xu(a)windriver.com> vmci: Prevent the dispatching of uninitialized payloads Shankari Anand <shankari.ak0208(a)gmail.com> rust: miscdevice: clarify invariant for `MiscDeviceRegistration` Abdun Nihaal <abdun.nihaal(a)gmail.com> staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() Colin Ian King <colin.i.king(a)gmail.com> staging: gpib: fix unset padding field copy back to userspace Charles Keepax <ckeepax(a)opensource.cirrus.com> ASoC: SDCA: Add missing default in switch in entity_pde_event() Jonas Karlman <jonas(a)kwiboo.se> arm64: dts: rockchip: Enable eMMC HS200 mode on Radxa E20C Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com> power: sequencing: qcom-wcn: fix bluetooth-wifi copypasta for WCN6855 Danilo Krummrich <dakr(a)kernel.org> rust: devres: require T: Send for Devres Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> drivers: misc: sram: fix up some const issues with recent attribute changes Clément Le Goffic <clement.legoffic(a)foss.st.com> spi: stm32: Check for cfg availability in stm32_spi_probe Hans de Goede <hansg(a)kernel.org> mei: vsc: Fix "BUG: Invalid wait context" lockdep error Hans de Goede <hansg(a)kernel.org> mei: vsc: Run event callback from a workqueue Hans de Goede <hansg(a)kernel.org> mei: vsc: Drop unused vsc_tp_request_irq() and vsc_tp_free_irq() Hans de Goede <hansg(a)kernel.org> mei: vsc: Unset the event callback on remove and probe errors Hans de Goede <hansg(a)kernel.org> mei: vsc: Event notifier fixes Hans de Goede <hansg(a)kernel.org> mei: vsc: Destroy mutex after freeing the IRQ Hans de Goede <hansg(a)kernel.org> mei: vsc: Don't re-init VSC from mei_vsc_hw_reset() on stop Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> usb: typec: ucsi: yoga-c630: fix error and remove paths Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/bugs: Allow ITS stuffing in eIBRS+retpoline mode also Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/bugs: Introduce cdt_possible() Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/bugs: Simplify the retbleed=stuff checks Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/bugs: Avoid AUTO after the select step in the retbleed mitigation Sibi Sankar <quic_sibis(a)quicinc.com> firmware: arm_scmi: Fix up turbo frequencies selection Arnd Bergmann <arnd(a)arndb.de> cpufreq: armada-8k: make both cpu masks static Ryan Wanner <Ryan.Wanner(a)microchip.com> ARM: dts: microchip: sam9x7: Add clock name property Ryan Wanner <Ryan.Wanner(a)microchip.com> ARM: dts: microchip: sama7d65: Add clock name property Michael Walle <mwalle(a)kernel.org> arm64: dts: ti: k3-am62p-j722s: fix pinctrl-single size Emanuele Ghidoli <emanuele.ghidoli(a)toradex.com> arm64: dts: ti: k3-am62p-verdin: Enable pull-ups on I2C_3_HDMI Wadim Egorov <w.egorov(a)phytec.de> arm64: dts: ti: k3-am642-phyboard-electra: Fix PRU-ICSSG Ethernet ports Quentin Schulz <quentin.schulz(a)cherry.de> arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP Charalampos Mitrodimas <charmitro(a)posteo.net> usb: misc: apple-mfi-fastcharge: Make power supply names unique Seungjin Bae <eeodqql09(a)gmail.com> usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: vfxxx: Correctly use two tuples for timer address Gautham R. Shenoy <gautham.shenoy(a)amd.com> pm: cpupower: Fix printing of CORE, CPU fields in cpupower-monitor André Apitzsch <git(a)apitzsch.eu> arm64: dts: qcom: msm8976: Make blsp_dma controlled-remotely Lijuan Gao <lijuan.gao(a)oss.qualcomm.com> arm64: dts: qcom: sa8775p: Correct the interrupt for remoteproc Will Deacon <willdeacon(a)google.com> arm64: dts: exynos: gs101: Add 'local-timer-stop' to cpuidle nodes Jie Gan <jie.gan(a)oss.qualcomm.com> arm64: dts: qcom: qcs615: disable the CTI device of the camera block Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com> arm64: dts: qcom: sc7180: Expand IMEM region Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com> arm64: dts: qcom: sdm845: Expand IMEM region Jie Gan <jie.gan(a)oss.qualcomm.com> arm64: dts: qcom: qcs615: fix a crash issue caused by infinite loop for Coresight Alexander Wilhelm <alexander.wilhelm(a)westermo.com> soc: qcom: fix endianness for QMI header Alexander Wilhelm <alexander.wilhelm(a)westermo.com> soc: qcom: QMI encoding/decoding for big endian Dmitry Vyukov <dvyukov(a)google.com> selftests: Fix errno checking in syscall_user_dispatch test Alexander Stein <alexander.stein(a)ew.tq-group.com> arm64: dts: freescale: imx93-tqma9352: Limit BUCK2 to 600mV Chen-Yu Tsai <wenst(a)chromium.org> ASoC: mediatek: mt8183-afe-pcm: Support >32 bit DMA addresses Chen-Yu Tsai <wenst(a)chromium.org> ASoC: mediatek: use reserved memory or enable buffer pre-allocation Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com> arm64: dts: qcom: x1p42100: Fix thermal sensor configuration Arnd Bergmann <arnd(a)arndb.de> ASoC: ops: dynamically allocate struct snd_ctl_elem_value Venkata Prasad Potturu <venkataprasad.potturu(a)amd.com> ASoC: amd: acp: Fix pointer assignments for snd_soc_acpi_mach structures Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() Pei Xiao <xiaopei01(a)kylinos.cn> ASOC: rockchip: fix capture stream handling in rockchip_sai_xfer_stop Kees Cook <kees(a)kernel.org> sched/task_stack: Add missing const qualifier to end_of_stack() Nilay Shroff <nilay(a)linux.ibm.com> block: restore two stage elevator switch while running nr_hw_queue update Bo Liu (OpenAnolis) <liubo03(a)inspur.com> erofs: fix build error with CONFIG_EROFS_FS_ZIP_ACCEL=y Jann Horn <jannh(a)google.com> eventpoll: fix sphinx documentation build warning Jann Horn <jannh(a)google.com> eventpoll: Fix semi-unbounded recursion Sun YangKai <sunk67188(a)gmail.com> btrfs: remove partial support for lowest level from btrfs_search_forward() Randy Dunlap <rdunlap(a)infradead.org> io_uring: fix breakage in EXPERT menu John Garry <john.g.garry(a)oracle.com> block: sanitize chunk_sectors for atomic write limits Rick Wertenbroek <rick.wertenbroek(a)gmail.com> nvmet: pci-epf: Do not complete commands twice if nvmet_req_init() fails Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: No more self recovery John Garry <john.g.garry(a)oracle.com> md/raid10: fix set but not used variable in sync_request_write() Ming Lei <ming.lei(a)redhat.com> ublk: validate ublk server pid Uday Shankar <ushankar(a)purestorage.com> ublk: speed up ublk server exit handling Kees Cook <kees(a)kernel.org> kunit/fortify: Add back "volatile" for sizeof() constants Zheng Qixing <zhengqixing(a)huawei.com> md: allow removing faulty rdev during resync Ming Lei <ming.lei(a)redhat.com> nbd: fix lockdep deadlock warning Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Minor do_xmote cancelation fix Thomas Fourier <fourier.thomas(a)gmail.com> block: mtip32xx: Fix usage of dma_map_sg() Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> Revert "fs/ntfs3: Replace inode_trylock with inode_lock" Yangtao Li <frank.li(a)vivo.com> hfsplus: remove mutex_lock check in hfsplus_free_extents Yangtao Li <frank.li(a)vivo.com> hfs: make splice write available again Yangtao Li <frank.li(a)vivo.com> hfsplus: make splice write available again Caleb Sander Mateos <csander(a)purestorage.com> ublk: use vmalloc for ublk_device's __queues Tingmao Wang <m(a)maowtm.org> landlock: Fix warning from KUnit tests Edward Adam Davis <eadavis(a)qq.com> fs/ntfs3: cancle set bad inode after removing name fails Song Liu <song(a)kernel.org> selftests/landlock: Fix build of audit_test Mickaël Salaün <mic(a)digikod.net> selftests/landlock: Fix readlink check RubenKelevra <rubenkelevra(a)gmail.com> fs_context: fix parameter name in infofc() macro Al Viro <viro(a)zeniv.linux.org.uk> parse_longname(): strrchr() expects NUL-terminated string Richard Guy Briggs <rgb(a)redhat.com> audit,module: restore audit logging in load failure case ------------- Diffstat: .gitignore | 1 + Documentation/admin-guide/kernel-parameters.txt | 8 + Documentation/filesystems/f2fs.rst | 6 +- Documentation/netlink/specs/ethtool.yaml | 6 +- Makefile | 4 +- arch/arm/boot/dts/microchip/sam9x7.dtsi | 2 + arch/arm/boot/dts/microchip/sama7d65.dtsi | 2 + .../boot/dts/nxp/imx/imx6ul-kontron-bl-common.dtsi | 1 - arch/arm/boot/dts/nxp/vf/vfxxx.dtsi | 2 +- arch/arm/boot/dts/ti/omap/am335x-boneblack.dts | 2 +- arch/arm/crypto/aes-neonbs-glue.c | 2 +- arch/arm/mach-s3c/gpio-samsung.c | 2 +- arch/arm64/boot/dts/exynos/google/gs101.dtsi | 3 + .../boot/dts/freescale/imx8mm-beacon-som.dtsi | 2 + .../boot/dts/freescale/imx8mn-beacon-som.dtsi | 2 + .../dts/freescale/imx8mp-toradex-smarc-dev.dts | 5 - .../boot/dts/freescale/imx8mp-toradex-smarc.dtsi | 2 + .../boot/dts/freescale/imx8mp-venice-gw74xx.dts | 8 +- arch/arm64/boot/dts/freescale/imx93-tqma9352.dtsi | 6 +- arch/arm64/boot/dts/qcom/msm8976.dtsi | 2 + arch/arm64/boot/dts/qcom/qcs615.dtsi | 4 + arch/arm64/boot/dts/qcom/sa8775p.dtsi | 10 +- arch/arm64/boot/dts/qcom/sc7180.dtsi | 10 +- arch/arm64/boot/dts/qcom/sdm845.dtsi | 10 +- arch/arm64/boot/dts/qcom/x1e80100.dtsi | 2 +- arch/arm64/boot/dts/qcom/x1p42100.dtsi | 556 +++++++++++++++++++ arch/arm64/boot/dts/renesas/Makefile | 1 + arch/arm64/boot/dts/rockchip/px30-evb.dts | 3 +- arch/arm64/boot/dts/rockchip/px30-pp1516.dtsi | 3 +- arch/arm64/boot/dts/rockchip/px30.dtsi | 2 - arch/arm64/boot/dts/rockchip/rk3528-pinctrl.dtsi | 20 +- arch/arm64/boot/dts/rockchip/rk3528-radxa-e20c.dts | 1 + arch/arm64/boot/dts/rockchip/rk3528.dtsi | 16 +- arch/arm64/boot/dts/rockchip/rk3576-rock-4d.dts | 6 +- arch/arm64/boot/dts/st/stm32mp251.dtsi | 2 +- .../boot/dts/ti/k3-am62p-j722s-common-main.dtsi | 2 +- arch/arm64/boot/dts/ti/k3-am62p-verdin.dtsi | 8 +- .../boot/dts/ti/k3-am642-phyboard-electra-rdk.dts | 2 + arch/arm64/include/asm/gcs.h | 2 +- arch/arm64/include/asm/kvm_host.h | 4 + arch/arm64/kernel/Makefile | 2 +- arch/arm64/kernel/process.c | 6 +- arch/arm64/kvm/hyp/exception.c | 6 +- arch/arm64/kvm/hyp/vhe/switch.c | 14 +- arch/arm64/net/bpf_jit_comp.c | 1 + arch/m68k/Kconfig.debug | 2 +- arch/m68k/kernel/early_printk.c | 42 +- arch/m68k/kernel/head.S | 8 +- arch/mips/alchemy/common/gpiolib.c | 12 +- arch/mips/mm/tlb-r4k.c | 56 +- arch/powerpc/configs/ppc6xx_defconfig | 1 - arch/powerpc/kernel/eeh.c | 1 + arch/powerpc/kernel/eeh_driver.c | 48 +- arch/powerpc/kernel/eeh_pe.c | 10 +- arch/powerpc/kernel/pci-hotplug.c | 3 + arch/powerpc/platforms/pseries/dlpar.c | 52 +- arch/riscv/boot/dts/sophgo/sg2044-cpus.dtsi | 64 +++ arch/riscv/kvm/vcpu_onereg.c | 83 ++- arch/s390/boot/startup.c | 2 +- arch/s390/crypto/hmac_s390.c | 12 +- arch/s390/crypto/sha.h | 3 + arch/s390/crypto/sha3_256_s390.c | 22 +- arch/s390/crypto/sha3_512_s390.c | 23 +- arch/s390/include/asm/ap.h | 2 +- arch/s390/kernel/setup.c | 6 + arch/s390/mm/pgalloc.c | 5 - arch/s390/mm/vmem.c | 5 +- arch/sh/Makefile | 10 +- arch/sh/boot/compressed/Makefile | 4 +- arch/sh/boot/romimage/Makefile | 4 +- arch/um/drivers/rtc_user.c | 2 +- arch/x86/boot/cpuflags.c | 13 + arch/x86/boot/startup/sev-shared.c | 7 + arch/x86/coco/sev/core.c | 21 + arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/hw_irq.h | 12 +- arch/x86/include/asm/kvm-x86-ops.h | 1 - arch/x86/include/asm/kvm_host.h | 8 +- arch/x86/include/asm/msr-index.h | 1 + arch/x86/include/asm/sev.h | 19 + arch/x86/kernel/cpu/bugs.c | 56 +- arch/x86/kernel/cpu/scattered.c | 1 + arch/x86/kernel/irq.c | 63 ++- arch/x86/kvm/svm/svm.c | 14 +- arch/x86/kvm/vmx/main.c | 15 +- arch/x86/kvm/vmx/tdx.c | 18 +- arch/x86/kvm/vmx/vmx.c | 16 +- arch/x86/kvm/vmx/x86_ops.h | 4 +- arch/x86/kvm/x86.c | 13 +- arch/x86/mm/extable.c | 5 +- block/blk-mq.c | 84 ++- block/blk-settings.c | 19 +- block/blk.h | 2 +- block/elevator.c | 10 +- crypto/ahash.c | 13 +- crypto/krb5/selftest.c | 1 + drivers/base/auxiliary.c | 2 + drivers/block/mtip32xx/mtip32xx.c | 27 +- drivers/block/nbd.c | 12 +- drivers/block/ublk_drv.c | 49 +- drivers/block/zloop.c | 3 +- drivers/bluetooth/btintel.c | 4 +- drivers/bluetooth/btintel.h | 2 + drivers/bluetooth/btintel_pcie.c | 42 +- drivers/bluetooth/btusb.c | 14 +- drivers/bluetooth/hci_intel.c | 10 +- drivers/bus/mhi/host/pci_generic.c | 8 +- drivers/char/hw_random/mtk-rng.c | 4 +- drivers/clk/at91/sam9x7.c | 20 +- drivers/clk/clk-axi-clkgen.c | 2 +- drivers/clk/davinci/psc.c | 5 + drivers/clk/imx/clk-imx95-blk-ctl.c | 13 +- drivers/clk/renesas/rzv2h-cpg.c | 1 + drivers/clk/spacemit/ccu-k1.c | 3 +- drivers/clk/spacemit/ccu_mix.h | 11 +- drivers/clk/spacemit/ccu_pll.c | 2 +- drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3 +- drivers/clk/thead/clk-th1520-ap.c | 102 ++-- drivers/clk/xilinx/clk-xlnx-clock-wizard.c | 2 +- drivers/clk/xilinx/xlnx_vcu.c | 4 +- drivers/cpufreq/Makefile | 1 + drivers/cpufreq/armada-8k-cpufreq.c | 3 +- drivers/cpufreq/cpufreq.c | 21 +- drivers/cpufreq/intel_pstate.c | 4 +- drivers/cpufreq/powernv-cpufreq.c | 4 +- drivers/cpufreq/powernv-trace.h | 44 ++ .../crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c | 4 +- drivers/crypto/ccp/ccp-debugfs.c | 3 + drivers/crypto/ccp/sev-dev.c | 16 +- drivers/crypto/img-hash.c | 2 +- drivers/crypto/inside-secure/safexcel_hash.c | 8 +- .../crypto/intel/keembay/keembay-ocs-hcu-core.c | 8 +- .../crypto/intel/qat/qat_420xx/adf_420xx_hw_data.c | 9 +- .../crypto/intel/qat/qat_6xxx/adf_6xxx_hw_data.c | 20 +- .../crypto/intel/qat/qat_6xxx/adf_6xxx_hw_data.h | 2 +- .../crypto/intel/qat/qat_common/adf_gen4_hw_data.c | 29 +- drivers/crypto/intel/qat/qat_common/adf_sriov.c | 1 - .../intel/qat/qat_common/adf_transport_debug.c | 4 +- drivers/crypto/intel/qat/qat_common/qat_bl.c | 6 +- .../crypto/intel/qat/qat_common/qat_compression.c | 8 +- drivers/crypto/marvell/cesa/cipher.c | 4 +- drivers/crypto/marvell/cesa/hash.c | 5 +- drivers/cxl/core/core.h | 1 + drivers/cxl/core/edac.c | 5 +- drivers/cxl/core/hdm.c | 7 + drivers/devfreq/devfreq.c | 12 +- drivers/dma-buf/Kconfig | 1 - drivers/dma-buf/udmabuf.c | 23 +- drivers/dma/mmp_tdma.c | 2 +- drivers/dma/mv_xor.c | 21 +- drivers/dma/nbpfaxi.c | 13 + drivers/firmware/arm_scmi/perf.c | 2 +- drivers/firmware/efi/libstub/Makefile.zboot | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c | 24 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h | 25 +- .../gpu/drm/amd/amdgpu/amdgpu_amdkfd_arcturus.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 11 +- drivers/gpu/drm/amd/amdgpu/amdgpu_job.c | 39 +- drivers/gpu/drm/amd/amdgpu/amdgpu_sdma.c | 10 +- drivers/gpu/drm/amd/amdgpu/amdgpu_userq.c | 2 +- drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 38 +- drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 12 +- drivers/gpu/drm/amd/amdgpu/gfx_v12_0.c | 12 +- drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 9 +- drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c | 10 +- drivers/gpu/drm/amd/amdgpu/jpeg_v2_0.c | 8 +- drivers/gpu/drm/amd/amdgpu/jpeg_v2_5.c | 8 +- drivers/gpu/drm/amd/amdgpu/jpeg_v3_0.c | 8 +- drivers/gpu/drm/amd/amdgpu/jpeg_v4_0.c | 8 +- drivers/gpu/drm/amd/amdgpu/jpeg_v4_0_3.c | 8 +- drivers/gpu/drm/amd/amdgpu/jpeg_v5_0_1.c | 8 +- drivers/gpu/drm/amd/amdgpu/nbio_v7_9.c | 20 - drivers/gpu/drm/amd/amdgpu/sdma_v4_4_2.c | 35 +- drivers/gpu/drm/amd/amdgpu/sdma_v5_0.c | 5 +- drivers/gpu/drm/amd/amdgpu/sdma_v5_2.c | 5 +- drivers/gpu/drm/amd/amdgpu/sdma_v6_0.c | 6 +- drivers/gpu/drm/amd/amdgpu/sdma_v7_0.c | 6 +- drivers/gpu/drm/amd/amdgpu/vcn_v4_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/vcn_v4_0_3.c | 6 +- drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c | 7 +- drivers/gpu/drm/amd/amdgpu/vcn_v5_0_0.c | 7 +- drivers/gpu/drm/amd/amdkfd/kfd_device.c | 54 +- .../gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2 +- drivers/gpu/drm/display/drm_hdmi_state_helper.c | 4 +- .../drm/msm/disp/dpu1/catalog/dpu_5_1_sc8180x.h | 1 + drivers/gpu/drm/panfrost/panfrost_devfreq.c | 4 +- drivers/gpu/drm/panthor/panthor_gem.c | 31 +- drivers/gpu/drm/panthor/panthor_gem.h | 3 - drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9 +- drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 29 +- drivers/gpu/drm/rockchip/rockchip_drm_vop2.h | 33 ++ drivers/gpu/drm/rockchip/rockchip_vop2_reg.c | 89 ++- drivers/gpu/drm/sitronix/Kconfig | 10 - drivers/gpu/drm/vmwgfx/vmwgfx_shader.c | 2 +- drivers/gpu/drm/xe/xe_configfs.c | 3 +- drivers/gpu/drm/xe/xe_device.c | 1 + drivers/gpu/drm/xe/xe_gt_sriov_pf.c | 32 +- drivers/gpu/drm/xe/xe_vsec.c | 20 +- drivers/hid/hid-apple.c | 20 +- drivers/hid/hid-core.c | 6 +- drivers/hid/hid-magicmouse.c | 60 +- drivers/i2c/muxes/i2c-mux-mule.c | 3 +- drivers/i3c/master/svc-i3c-master.c | 20 +- drivers/infiniband/core/counters.c | 2 +- drivers/infiniband/core/device.c | 27 + drivers/infiniband/core/nldev.c | 2 +- drivers/infiniband/core/rdma_core.c | 29 + drivers/infiniband/core/uverbs_cmd.c | 7 +- drivers/infiniband/core/uverbs_std_types_qp.c | 2 +- drivers/infiniband/hw/erdma/erdma_verbs.c | 3 +- drivers/infiniband/hw/hns/hns_roce_device.h | 1 + drivers/infiniband/hw/hns/hns_roce_hem.c | 18 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 87 ++- drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 8 +- drivers/infiniband/hw/hns/hns_roce_main.c | 22 +- drivers/infiniband/hw/mana/qp.c | 2 +- drivers/infiniband/hw/mlx5/devx.c | 2 +- drivers/infiniband/hw/mlx5/dm.c | 2 +- drivers/infiniband/hw/mlx5/fs.c | 4 +- drivers/infiniband/hw/mlx5/umr.c | 6 +- drivers/infiniband/ulp/ipoib/ipoib_main.c | 2 + drivers/interconnect/qcom/qcs615.c | 42 -- drivers/interconnect/qcom/sc8180x.c | 6 + drivers/interconnect/qcom/sc8280xp.c | 1 + drivers/iommu/amd/iommu.c | 19 +- drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 3 +- drivers/iommu/intel/cache.c | 18 +- drivers/iommu/intel/iommu.c | 3 +- drivers/irqchip/Kconfig | 1 + drivers/leds/flash/Kconfig | 1 + drivers/leds/leds-lp8860.c | 4 +- drivers/leds/leds-pca955x.c | 4 +- drivers/md/dm-flakey.c | 9 +- drivers/md/md.c | 41 +- drivers/md/raid10.c | 3 - drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c | 47 +- drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.h | 1 + .../media/platform/ti/j721e-csi2rx/j721e-csi2rx.c | 1 + drivers/media/v4l2-core/v4l2-ctrls-core.c | 8 +- drivers/mfd/tps65219.c | 2 +- drivers/misc/mei/platform-vsc.c | 8 + drivers/misc/mei/vsc-tp.c | 68 +-- drivers/misc/mei/vsc-tp.h | 3 - drivers/misc/sram.c | 10 +- drivers/mtd/ftl.c | 2 +- drivers/mtd/nand/raw/atmel/nand-controller.c | 2 +- drivers/mtd/nand/raw/atmel/pmecc.c | 6 + drivers/mtd/nand/raw/rockchip-nand-controller.c | 15 + drivers/mtd/spi-nor/spansion.c | 31 ++ drivers/net/can/kvaser_pciefd.c | 1 + drivers/net/can/sja1000/Kconfig | 2 +- drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1 + drivers/net/can/usb/peak_usb/pcan_usb_fd.c | 17 +- drivers/net/dsa/microchip/ksz8.c | 3 + drivers/net/dsa/microchip/ksz8_reg.h | 4 +- drivers/net/ethernet/airoha/airoha_npu.c | 2 + drivers/net/ethernet/airoha/airoha_ppe.c | 26 +- drivers/net/ethernet/emulex/benet/be_cmds.c | 2 +- drivers/net/ethernet/intel/igb/igb_xsk.c | 3 +- drivers/net/ethernet/mellanox/mlx5/core/en.h | 1 + .../ethernet/mellanox/mlx5/core/en/port_buffer.c | 3 + .../ethernet/mellanox/mlx5/core/en/reporter_rx.c | 7 + .../mellanox/mlx5/core/en_accel/ipsec_rxtx.c | 4 + drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 26 +- drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 1 + drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c | 4 +- drivers/net/ethernet/mellanox/mlx5/core/main.c | 3 - drivers/net/ethernet/meta/fbnic/fbnic_netdev.c | 14 +- drivers/net/ethernet/meta/fbnic/fbnic_txrx.c | 4 +- drivers/net/ethernet/meta/fbnic/fbnic_txrx.h | 6 +- drivers/net/ethernet/microsoft/mana/mana_en.c | 28 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +- drivers/net/ethernet/ti/icssg/icssg_common.c | 15 +- drivers/net/ipa/Kconfig | 2 +- drivers/net/ipa/ipa_sysfs.c | 6 +- drivers/net/macsec.c | 2 +- drivers/net/mdio/mdio-bcm-unimac.c | 5 +- drivers/net/netconsole.c | 30 +- drivers/net/phy/mscc/mscc_ptp.c | 1 + drivers/net/phy/mscc/mscc_ptp.h | 1 + drivers/net/ppp/pptp.c | 18 +- drivers/net/team/team_core.c | 96 ++-- drivers/net/team/team_mode_activebackup.c | 3 +- drivers/net/team/team_mode_loadbalance.c | 13 +- drivers/net/usb/usbnet.c | 11 +- drivers/net/vrf.c | 2 + drivers/net/wireless/ath/ath11k/hal.c | 4 + drivers/net/wireless/ath/ath11k/mac.c | 12 +- drivers/net/wireless/ath/ath12k/core.c | 1 + drivers/net/wireless/ath/ath12k/core.h | 8 +- .../net/wireless/ath/ath12k/debugfs_htt_stats.h | 6 +- drivers/net/wireless/ath/ath12k/dp.h | 1 + drivers/net/wireless/ath/ath12k/dp_mon.c | 1 - drivers/net/wireless/ath/ath12k/dp_tx.c | 10 +- drivers/net/wireless/ath/ath12k/mac.c | 120 +++- drivers/net/wireless/ath/ath12k/p2p.c | 3 +- drivers/net/wireless/ath/ath12k/reg.c | 116 +++- drivers/net/wireless/ath/ath12k/reg.h | 1 + drivers/net/wireless/ath/ath12k/wmi.c | 14 +- drivers/net/wireless/ath/ath12k/wmi.h | 2 + .../broadcom/brcm80211/brcmfmac/cfg80211.c | 38 +- .../broadcom/brcm80211/brcmfmac/cyw/core.c | 26 +- .../broadcom/brcm80211/brcmfmac/cyw/fwil_types.h | 2 +- drivers/net/wireless/intel/iwlwifi/dvm/main.c | 12 +- drivers/net/wireless/intel/iwlwifi/mld/rx.c | 9 + drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4 +- drivers/net/wireless/marvell/mwl8k.c | 4 + drivers/net/wireless/mediatek/mt76/mt7925/mcu.c | 4 +- drivers/net/wireless/mediatek/mt76/mt7996/main.c | 21 +- drivers/net/wireless/mediatek/mt76/mt7996/mcu.c | 3 +- drivers/net/wireless/purelifi/plfxlc/mac.c | 11 +- drivers/net/wireless/purelifi/plfxlc/mac.h | 2 +- drivers/net/wireless/purelifi/plfxlc/usb.c | 29 +- drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3 +- drivers/net/wireless/realtek/rtl8xxxu/core.c | 2 +- drivers/net/wireless/realtek/rtw88/main.c | 4 +- drivers/net/wireless/realtek/rtw89/core.c | 8 +- drivers/net/wireless/realtek/rtw89/phy.c | 12 +- drivers/net/wireless/realtek/rtw89/sar.c | 5 +- drivers/nvme/target/core.c | 18 +- drivers/nvme/target/pci-epf.c | 23 +- drivers/pci/controller/dwc/pcie-dw-rockchip.c | 1 + drivers/pci/controller/dwc/pcie-qcom.c | 1 + drivers/pci/controller/pcie-rockchip-host.c | 2 +- drivers/pci/controller/plda/pcie-starfive.c | 2 +- drivers/pci/endpoint/functions/pci-epf-vntb.c | 4 +- drivers/pci/hotplug/pnv_php.c | 235 +++++++- drivers/pci/pci-driver.c | 6 +- drivers/pci/pci.h | 2 +- drivers/pci/quirks.c | 6 +- drivers/perf/arm-ni.c | 2 + drivers/phy/phy-snps-eusb2.c | 3 + drivers/phy/qualcomm/phy-qcom-eusb2-repeater.c | 83 +-- drivers/pinctrl/berlin/berlin.c | 8 +- drivers/pinctrl/cirrus/pinctrl-madera-core.c | 14 +- drivers/pinctrl/pinctrl-k230.c | 13 +- drivers/pinctrl/pinmux.c | 20 +- drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11 +- drivers/platform/x86/intel/pmt/class.c | 3 +- drivers/platform/x86/intel/pmt/class.h | 1 + drivers/platform/x86/oxpec.c | 37 +- drivers/power/reset/Kconfig | 1 + drivers/power/sequencing/pwrseq-qcom-wcn.c | 2 +- drivers/power/supply/cpcap-charger.c | 5 +- drivers/power/supply/max14577_charger.c | 4 +- drivers/power/supply/max1720x_battery.c | 11 +- drivers/power/supply/qcom_pmi8998_charger.c | 4 +- drivers/powercap/dtpm_cpu.c | 2 + drivers/pps/pps.c | 11 +- drivers/remoteproc/Kconfig | 11 +- drivers/remoteproc/qcom_q6v5_pas.c | 615 ++++++++++----------- drivers/remoteproc/xlnx_r5_remoteproc.c | 2 + drivers/rtc/rtc-ds1307.c | 2 +- drivers/rtc/rtc-hym8563.c | 2 +- drivers/rtc/rtc-nct3018y.c | 2 +- drivers/rtc/rtc-pcf85063.c | 2 +- drivers/rtc/rtc-pcf8563.c | 2 +- drivers/rtc/rtc-rv3028.c | 2 +- drivers/s390/crypto/ap_bus.h | 2 +- drivers/scsi/elx/efct/efct_lio.c | 2 +- drivers/scsi/ibmvscsi_tgt/libsrp.c | 6 +- drivers/scsi/isci/request.c | 2 +- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 3 +- drivers/scsi/mvsas/mv_sas.c | 4 +- drivers/scsi/scsi.c | 8 +- drivers/scsi/scsi_transport_iscsi.c | 2 + drivers/scsi/sd.c | 4 +- drivers/soc/qcom/pmic_glink.c | 9 +- drivers/soc/qcom/qmi_encdec.c | 52 +- drivers/soc/qcom/qmi_interface.c | 6 +- drivers/soc/tegra/cbb/tegra234-cbb.c | 2 + drivers/soundwire/debugfs.c | 6 +- drivers/soundwire/mipi_disco.c | 4 +- drivers/soundwire/stream.c | 2 +- drivers/spi/spi-cs42l43.c | 2 +- drivers/spi/spi-nxp-fspi.c | 4 +- drivers/spi/spi-stm32.c | 8 +- drivers/staging/fbtft/fbtft-core.c | 1 + drivers/staging/gpib/cb7210/cb7210.c | 15 +- drivers/staging/gpib/common/gpib_os.c | 4 +- drivers/staging/greybus/gbphy.c | 6 +- .../media/atomisp/pci/atomisp_gmin_platform.c | 9 +- drivers/staging/nvec/nvec_power.c | 2 +- drivers/ufs/core/ufshcd.c | 10 +- drivers/usb/early/xhci-dbc.c | 4 + drivers/usb/gadget/composite.c | 5 + drivers/usb/gadget/function/f_hid.c | 7 +- drivers/usb/gadget/function/uvc_configfs.c | 10 + drivers/usb/host/xhci-plat.c | 2 +- drivers/usb/misc/apple-mfi-fastcharge.c | 24 +- drivers/usb/serial/option.c | 2 + drivers/usb/typec/ucsi/ucsi_yoga_c630.c | 19 +- drivers/vdpa/mlx5/core/mr.c | 3 + drivers/vdpa/mlx5/net/mlx5_vnet.c | 12 +- drivers/vdpa/vdpa_user/vduse_dev.c | 1 + drivers/vfio/device_cdev.c | 38 +- drivers/vfio/group.c | 7 +- drivers/vfio/iommufd.c | 4 + drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c | 1 + drivers/vfio/pci/mlx5/main.c | 1 + drivers/vfio/pci/nvgrace-gpu/main.c | 2 + drivers/vfio/pci/pds/vfio_dev.c | 2 + drivers/vfio/pci/qat/main.c | 1 + drivers/vfio/pci/vfio_pci.c | 1 + drivers/vfio/pci/vfio_pci_core.c | 24 +- drivers/vfio/pci/virtio/main.c | 3 + drivers/vfio/vfio_main.c | 3 +- drivers/vhost/Kconfig | 18 + drivers/vhost/scsi.c | 6 +- drivers/vhost/vhost.c | 244 +++++++- drivers/vhost/vhost.h | 22 + drivers/video/fbdev/core/fbcon.c | 4 +- drivers/video/fbdev/imxfb.c | 9 +- drivers/watchdog/ziirave_wdt.c | 3 + drivers/xen/gntdev-common.h | 4 + drivers/xen/gntdev-dmabuf.c | 28 +- drivers/xen/gntdev.c | 71 ++- fs/btrfs/ctree.c | 18 +- fs/ceph/crypto.c | 31 +- fs/erofs/Kconfig | 2 + fs/eventpoll.c | 58 +- fs/exfat/file.c | 5 +- fs/ext4/inline.c | 2 + fs/ext4/inode.c | 13 +- fs/ext4/page-io.c | 16 +- fs/f2fs/compress.c | 76 +-- fs/f2fs/data.c | 7 +- fs/f2fs/debug.c | 17 +- fs/f2fs/extent_cache.c | 2 +- fs/f2fs/f2fs.h | 4 +- fs/f2fs/gc.c | 1 + fs/f2fs/inode.c | 21 +- fs/f2fs/segment.h | 5 +- fs/f2fs/super.c | 1 + fs/f2fs/sysfs.c | 21 + fs/gfs2/glock.c | 3 +- fs/gfs2/util.c | 37 +- fs/hfs/inode.c | 1 + fs/hfsplus/extents.c | 3 - fs/hfsplus/inode.c | 1 + fs/jfs/jfs_dmap.c | 4 +- fs/nfs/dir.c | 4 +- fs/nfs/export.c | 11 +- fs/nfs/flexfilelayout/flexfilelayout.c | 26 +- fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6 +- fs/nfs/internal.h | 9 +- fs/nfs/nfs4proc.c | 10 +- fs/nfs_common/nfslocalio.c | 28 +- fs/nfsd/localio.c | 5 +- fs/nfsd/vfs.c | 10 +- fs/notify/fanotify/fanotify.c | 8 +- fs/ntfs3/file.c | 5 +- fs/ntfs3/frecord.c | 7 +- fs/ntfs3/namei.c | 10 +- fs/ntfs3/ntfs_fs.h | 3 +- fs/orangefs/orangefs-debugfs.c | 6 +- fs/proc/generic.c | 2 + fs/proc/inode.c | 2 +- fs/proc/internal.h | 5 + fs/smb/client/cifs_debug.c | 6 +- fs/smb/client/cifsencrypt.c | 4 +- fs/smb/client/cifsfs.c | 2 +- fs/smb/client/connect.c | 9 +- fs/smb/client/fs_context.c | 19 +- fs/smb/client/fs_context.h | 18 +- fs/smb/client/link.c | 11 +- fs/smb/client/reparse.c | 2 +- fs/smb/client/smbdirect.c | 130 ++--- fs/smb/client/smbdirect.h | 4 - fs/smb/server/connection.h | 1 + fs/smb/server/smb2pdu.c | 22 +- fs/smb/server/smb_common.c | 2 +- fs/smb/server/transport_rdma.c | 97 ++-- fs/smb/server/transport_tcp.c | 17 + fs/smb/server/vfs.c | 3 +- fs/squashfs/block.c | 47 +- include/crypto/internal/hash.h | 6 + include/linux/audit.h | 9 +- include/linux/bpf-cgroup.h | 5 - include/linux/bpf.h | 60 +- include/linux/crypto.h | 3 + include/linux/fortify-string.h | 2 +- include/linux/fs_context.h | 2 +- include/linux/i3c/device.h | 4 +- include/linux/if_team.h | 3 - include/linux/ioprio.h | 3 +- include/linux/mlx5/device.h | 1 + include/linux/mmap_lock.h | 30 + include/linux/moduleparam.h | 5 +- include/linux/padata.h | 4 - include/linux/pps_kernel.h | 1 + include/linux/proc_fs.h | 1 + include/linux/psi_types.h | 6 +- include/linux/ring_buffer.h | 4 +- include/linux/sched.h | 1 + include/linux/sched/task_stack.h | 2 +- include/linux/skbuff.h | 23 + include/linux/soc/qcom/qmi.h | 6 +- include/linux/usb/usbnet.h | 1 + include/linux/vfio.h | 4 + include/linux/vfio_pci_core.h | 2 + include/net/bluetooth/hci.h | 1 + include/net/bluetooth/hci_core.h | 6 + include/net/dst.h | 24 +- include/net/lwtunnel.h | 8 +- include/net/route.h | 4 +- include/net/sock.h | 12 +- include/net/tc_act/tc_ctinfo.h | 6 +- include/net/udp.h | 24 +- include/rdma/ib_verbs.h | 12 + include/sound/tas2781-tlv.h | 2 +- include/trace/events/power.h | 22 - include/uapi/drm/panthor_drm.h | 3 + include/uapi/drm/xe_drm.h | 8 +- include/uapi/linux/vfio.h | 12 +- include/uapi/linux/vhost.h | 29 + init/Kconfig | 2 +- kernel/audit.h | 2 +- kernel/auditsc.c | 2 +- kernel/bpf/cgroup.c | 8 +- kernel/bpf/core.c | 55 +- kernel/bpf/helpers.c | 11 +- kernel/bpf/preload/Kconfig | 1 - kernel/bpf/syscall.c | 19 +- kernel/bpf/verifier.c | 1 + kernel/cgroup/cgroup-v1.c | 14 +- kernel/events/core.c | 36 +- kernel/events/uprobes.c | 4 +- kernel/kcsan/kcsan_test.c | 2 +- kernel/kexec_core.c | 3 +- kernel/module/main.c | 6 +- kernel/padata.c | 132 ++--- kernel/rcu/refscale.c | 10 +- kernel/rcu/tree_nocb.h | 2 +- kernel/sched/core.c | 2 + kernel/sched/deadline.c | 78 ++- kernel/sched/fair.c | 9 - kernel/sched/psi.c | 123 +++-- kernel/sched/sched.h | 1 + kernel/trace/power-traces.c | 1 - kernel/trace/preemptirq_delay_test.c | 13 +- kernel/trace/ring_buffer.c | 63 +-- kernel/trace/rv/monitors/scpd/Kconfig | 2 +- kernel/trace/rv/monitors/sncid/Kconfig | 2 +- kernel/trace/rv/monitors/snep/Kconfig | 2 +- kernel/trace/rv/monitors/wip/Kconfig | 2 +- kernel/trace/rv/rv_trace.h | 84 +-- kernel/trace/trace.c | 14 +- kernel/trace/trace_events_filter.c | 28 +- kernel/trace/trace_kdb.c | 8 +- kernel/ucount.c | 2 +- lib/tests/fortify_kunit.c | 4 +- mm/hmm.c | 2 +- mm/mmap_lock.c | 3 +- mm/shmem.c | 4 +- mm/slub.c | 10 +- mm/swapfile.c | 65 +-- net/bluetooth/coredump.c | 6 +- net/bluetooth/hci_event.c | 8 +- net/caif/cfctrl.c | 294 +++++----- net/core/devmem.c | 6 +- net/core/devmem.h | 7 +- net/core/dst.c | 8 +- net/core/filter.c | 23 +- net/core/neighbour.c | 88 ++- net/core/netclassid_cgroup.c | 4 +- net/core/netpoll.c | 7 + net/core/skmsg.c | 7 + net/core/sock.c | 8 +- net/ipv4/inet_connection_sock.c | 4 +- net/ipv4/ping.c | 2 +- net/ipv4/raw.c | 2 +- net/ipv4/route.c | 7 +- net/ipv4/syncookies.c | 3 +- net/ipv4/tcp_input.c | 4 +- net/ipv4/udp.c | 3 +- net/ipv6/af_inet6.c | 2 +- net/ipv6/datagram.c | 2 +- net/ipv6/inet6_connection_sock.c | 4 +- net/ipv6/ip6_fib.c | 24 +- net/ipv6/ip6_offload.c | 4 +- net/ipv6/ip6mr.c | 3 +- net/ipv6/ping.c | 2 +- net/ipv6/raw.c | 2 +- net/ipv6/route.c | 79 +-- net/ipv6/syncookies.c | 2 +- net/ipv6/tcp_ipv6.c | 2 +- net/ipv6/udp.c | 5 +- net/kcm/kcmsock.c | 6 + net/l2tp/l2tp_ip6.c | 2 +- net/mac80211/cfg.c | 12 +- net/mac80211/ieee80211_i.h | 15 + net/mac80211/main.c | 13 +- net/mac80211/tdls.c | 2 +- net/mac80211/tx.c | 14 +- net/mptcp/protocol.c | 2 +- net/netfilter/nf_bpf_link.c | 5 +- net/netfilter/nf_tables_api.c | 29 +- net/netfilter/xt_nfacct.c | 4 +- net/packet/af_packet.c | 12 +- net/sched/act_ctinfo.c | 19 +- net/sched/sch_mqprio.c | 2 +- net/sched/sch_netem.c | 40 ++ net/sched/sch_taprio.c | 21 +- net/socket.c | 8 +- net/sunrpc/svcsock.c | 43 +- net/sunrpc/xprtsock.c | 40 +- net/tls/tls_sw.c | 13 + net/vmw_vsock/af_vsock.c | 3 +- net/wireless/nl80211.c | 1 + net/wireless/reg.c | 2 + rust/kernel/devres.rs | 10 +- rust/kernel/miscdevice.rs | 8 +- samples/mei/mei-amt-version.c | 2 +- scripts/gdb/linux/constants.py.in | 12 +- scripts/kconfig/qconf.cc | 2 +- security/apparmor/include/match.h | 8 +- security/apparmor/match.c | 23 +- security/apparmor/policy_unpack_test.c | 6 +- security/landlock/id.c | 69 ++- sound/pci/hda/patch_ca0132.c | 5 +- sound/pci/hda/patch_realtek.c | 3 + sound/soc/amd/acp/acp-pci.c | 8 +- sound/soc/amd/acp/amd-acpi-mach.c | 4 +- sound/soc/amd/acp/amd.h | 8 +- sound/soc/fsl/fsl_xcvr.c | 25 +- .../soc/mediatek/common/mtk-afe-platform-driver.c | 4 +- sound/soc/mediatek/common/mtk-base-afe.h | 1 + sound/soc/mediatek/mt8173/mt8173-afe-pcm.c | 7 + sound/soc/mediatek/mt8183/mt8183-afe-pcm.c | 21 + sound/soc/mediatek/mt8186/mt8186-afe-pcm.c | 7 + sound/soc/mediatek/mt8192/mt8192-afe-pcm.c | 7 + sound/soc/rockchip/rockchip_sai.c | 16 +- sound/soc/sdca/sdca_asoc.c | 14 +- sound/soc/sdca/sdca_functions.c | 3 +- sound/soc/sdca/sdca_regmap.c | 16 +- sound/soc/soc-dai.c | 16 +- sound/soc/soc-ops.c | 28 +- sound/soc/sof/intel/Kconfig | 3 +- sound/usb/mixer_scarlett2.c | 14 +- sound/x86/intel_hdmi_audio.c | 2 +- tools/bpf/bpftool/net.c | 15 +- tools/cgroup/memcg_slabinfo.py | 4 +- tools/include/nolibc/stdio.h | 4 +- tools/include/nolibc/sys/wait.h | 2 +- tools/lib/subcmd/help.c | 12 +- tools/lib/subcmd/run-command.c | 15 +- tools/perf/.gitignore | 2 - tools/perf/arch/x86/include/arch-tests.h | 4 + tools/perf/arch/x86/tests/Build | 1 + tools/perf/arch/x86/tests/arch-tests.c | 1 + tools/perf/arch/x86/tests/topdown.c | 76 +++ tools/perf/arch/x86/util/evsel.c | 46 +- tools/perf/arch/x86/util/topdown.c | 31 +- tools/perf/arch/x86/util/topdown.h | 4 + tools/perf/builtin-sched.c | 147 +++-- tools/perf/tests/bp_account.c | 1 + tools/perf/util/build-id.c | 2 +- tools/perf/util/evsel.c | 11 + tools/perf/util/evsel.h | 2 + tools/perf/util/hwmon_pmu.c | 2 +- tools/perf/util/parse-events.c | 11 +- tools/perf/util/pmu.c | 4 +- tools/perf/util/python.c | 49 +- tools/perf/util/symbol.c | 1 + .../cpupower/utils/idle_monitor/cpupower-monitor.c | 4 - tools/power/x86/turbostat/turbostat.c | 34 +- tools/testing/selftests/alsa/utimer-test.c | 1 + tools/testing/selftests/arm64/fp/sve-ptrace.c | 2 +- tools/testing/selftests/bpf/bpf_atomic.h | 2 +- .../selftests/bpf/prog_tests/sockmap_listen.c | 2 + tools/testing/selftests/bpf/veristat.c | 1 + .../breakpoints/step_after_suspend_test.c | 41 +- tools/testing/selftests/cgroup/test_cpu.c | 63 ++- tools/testing/selftests/drivers/net/hw/tso.py | 99 ++-- tools/testing/selftests/drivers/net/lib/py/env.py | 2 +- .../ftrace/test.d/event/subsystem-enable.tc | 28 +- tools/testing/selftests/landlock/audit.h | 7 +- tools/testing/selftests/landlock/audit_test.c | 1 + tools/testing/selftests/net/netfilter/ipvs.sh | 4 +- .../net/netfilter/nft_interface_stress.sh | 5 +- tools/testing/selftests/net/rtnetlink.sh | 6 + tools/testing/selftests/net/vlan_hw_filter.sh | 16 +- tools/testing/selftests/nolibc/nolibc-test.c | 23 + tools/testing/selftests/perf_events/.gitignore | 1 + tools/testing/selftests/perf_events/Makefile | 2 +- tools/testing/selftests/perf_events/mmap.c | 236 ++++++++ .../selftests/syscall_user_dispatch/sud_test.c | 50 +- tools/testing/selftests/vDSO/vdso_test_chacha.c | 3 +- tools/verification/rv/src/in_kernel.c | 4 +- 690 files changed, 7316 insertions(+), 3614 deletions(-)

1 month

24
675
0 0

Instability in ALL stable and LTS distro kernels (IRQ #16 being disabled, PCIe bus errors, ath10k_pci) in Dell Inspiron 5567

by Bandhan Pramanik

Hello, The following is the original thread, where a bug was reported to the linux-wireless and ath10k mailing lists. The specific bug has been detailed clearly here. https://lore.kernel.org/linux-wireless/690B1DB2-C9DC-4FAD-8063-4CED659B1701… There is also a Bugzilla report by me, which was opened later: https://bugzilla.kernel.org/show_bug.cgi?id=220264 As stated, it is highly encouraged to check out all the logs, especially the line of IRQ #16 in /proc/interrupts. Here is where all the logs are: https://gist.github.com/BandhanPramanik/ddb0cb23eca03ca2ea43a1d832a16180 (these logs are taken from an Arch liveboot) On my daily driver, I found these on my IRQ #16: 16: 173210 0 0 0 IR-IO-APIC 16-fasteoi i2c_designware.0, idma64.0, i801_smbus The fixes stated on the Reddit post for this Wi-Fi card didn't quite work. (But git-cloning the firmware files did give me some more time to have stable internet) This time, I had to go for the GRUB kernel parameters. Right now, I'm using "irqpoll" to curb the errors caused. "intel_iommu=off" did not work, and the Wi-Fi was constantly crashing even then. Did not try out "pci=noaer" this time. If it's of any concern, there is a very weird error in Chromium-based browsers which has only happened after I started using irqpoll. When I Google something, the background of the individual result boxes shows as pure black, while the surrounding space is the usual greyish-blackish, like we see in Dark Mode. Here is a picture of the exact thing I'm experiencing: https://files.catbox.moe/mjew6g.png If you notice anything in my logs/bug reports, please let me know. (Because it seems like Wi-Fi errors are just a red herring, there are some ACPI or PCIe-related errors in the computers of this model - just a naive speculation, though.) Thanking you, Bandhan Pramanik

1 month

4
20
0 0

Reply Request For International Broadcast Conference 2025

by Jack Reacher

Hi, I just wanted to check in and see if you had the chance to review my previous email regarding International Broadcast Conference (IBC) 2025. Looking forward to your reply. Kind regards, Jack Reacher _____________________________________________________________________________________ From: Jack Reacher Subject: International Broadcast Conference (IBC) 2025 Hi, We are offering the visitors contact list International Broadcast Conference (IBC) 2025. We currently have 50,656 verified visitor contacts. Each contact contains: Contact name, Job Title, Business Name, Physical Address, Phone Numbers, Official Email address and many more… Rest assured, our contacts are 100% opt-in and GDPR compliant, ensuring the utmost integrity in your outreach. Let me know if you are interested so that I can share the pricing for the same. Kind Regards, Jack Reacher Sr. Marketing Manager If you do not wish to receive this newsletter reply as “Unfollow”

1 month

1
0
0 0

FAILED: patch "[PATCH] NFS: Fix the setting of capabilities when automounting a new" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x b01f21cacde9f2878492cf318fee61bf4ccad323 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081556-illusive-crawlers-8c0e@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b01f21cacde9f2878492cf318fee61bf4ccad323 Mon Sep 17 00:00:00 2001 From: Trond Myklebust <trond.myklebust(a)hammerspace.com> Date: Sun, 3 Aug 2025 14:31:59 -0700 Subject: [PATCH] NFS: Fix the setting of capabilities when automounting a new filesystem Capabilities cannot be inherited when we cross into a new filesystem. They need to be reset to the minimal defaults, and then probed for again. Fixes: 54ceac451598 ("NFS: Share NFS superblocks per-protocol per-server per-FSID") Cc: stable(a)vger.kernel.org Reviewed-by: Benjamin Coddington <bcodding(a)redhat.com> Signed-off-by: Trond Myklebust <trond.myklebust(a)hammerspace.com> diff --git a/fs/nfs/client.c b/fs/nfs/client.c index e13eb429b8b5..8fb4a950dd55 100644 --- a/fs/nfs/client.c +++ b/fs/nfs/client.c @@ -682,6 +682,44 @@ struct nfs_client *nfs_init_client(struct nfs_client *clp, } EXPORT_SYMBOL_GPL(nfs_init_client); +static void nfs4_server_set_init_caps(struct nfs_server *server) +{ +#if IS_ENABLED(CONFIG_NFS_V4) + /* Set the basic capabilities */ + server->caps = server->nfs_client->cl_mvops->init_caps; + if (server->flags & NFS_MOUNT_NORDIRPLUS) + server->caps &= ~NFS_CAP_READDIRPLUS; + if (server->nfs_client->cl_proto == XPRT_TRANSPORT_RDMA) + server->caps &= ~NFS_CAP_READ_PLUS; + + /* + * Don't use NFS uid/gid mapping if we're using AUTH_SYS or lower + * authentication. + */ + if (nfs4_disable_idmapping && + server->client->cl_auth->au_flavor == RPC_AUTH_UNIX) + server->caps |= NFS_CAP_UIDGID_NOMAP; +#endif +} + +void nfs_server_set_init_caps(struct nfs_server *server) +{ + switch (server->nfs_client->rpc_ops->version) { + case 2: + server->caps = NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS; + break; + case 3: + server->caps = NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS; + if (!(server->flags & NFS_MOUNT_NORDIRPLUS)) + server->caps |= NFS_CAP_READDIRPLUS; + break; + default: + nfs4_server_set_init_caps(server); + break; + } +} +EXPORT_SYMBOL_GPL(nfs_server_set_init_caps); + /* * Create a version 2 or 3 client */ @@ -726,7 +764,6 @@ static int nfs_init_server(struct nfs_server *server, /* Initialise the client representation from the mount data */ server->flags = ctx->flags; server->options = ctx->options; - server->caps |= NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS; switch (clp->rpc_ops->version) { case 2: @@ -762,6 +799,8 @@ static int nfs_init_server(struct nfs_server *server, if (error < 0) goto error; + nfs_server_set_init_caps(server); + /* Preserve the values of mount_server-related mount options */ if (ctx->mount_server.addrlen) { memcpy(&server->mountd_address, &ctx->mount_server.address, @@ -934,7 +973,6 @@ void nfs_server_copy_userdata(struct nfs_server *target, struct nfs_server *sour target->acregmax = source->acregmax; target->acdirmin = source->acdirmin; target->acdirmax = source->acdirmax; - target->caps = source->caps; target->options = source->options; target->auth_info = source->auth_info; target->port = source->port; @@ -1169,6 +1207,8 @@ struct nfs_server *nfs_clone_server(struct nfs_server *source, if (error < 0) goto out_free_server; + nfs_server_set_init_caps(server); + /* probe the filesystem info for this server filesystem */ error = nfs_probe_server(server, fh); if (error < 0) diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h index 0143e0794d32..1a18d8d9be25 100644 --- a/fs/nfs/internal.h +++ b/fs/nfs/internal.h @@ -231,7 +231,7 @@ extern struct nfs_client * nfs4_find_client_sessionid(struct net *, const struct sockaddr *, struct nfs4_sessionid *, u32); extern struct nfs_server *nfs_create_server(struct fs_context *); -extern void nfs4_server_set_init_caps(struct nfs_server *); +extern void nfs_server_set_init_caps(struct nfs_server *); extern struct nfs_server *nfs4_create_server(struct fs_context *); extern struct nfs_server *nfs4_create_referral_server(struct fs_context *); extern int nfs4_update_server(struct nfs_server *server, const char *hostname, diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c index 2ea98f1f116f..6fddf43d729c 100644 --- a/fs/nfs/nfs4client.c +++ b/fs/nfs/nfs4client.c @@ -1074,24 +1074,6 @@ static void nfs4_session_limit_xasize(struct nfs_server *server) #endif } -void nfs4_server_set_init_caps(struct nfs_server *server) -{ - /* Set the basic capabilities */ - server->caps |= server->nfs_client->cl_mvops->init_caps; - if (server->flags & NFS_MOUNT_NORDIRPLUS) - server->caps &= ~NFS_CAP_READDIRPLUS; - if (server->nfs_client->cl_proto == XPRT_TRANSPORT_RDMA) - server->caps &= ~NFS_CAP_READ_PLUS; - - /* - * Don't use NFS uid/gid mapping if we're using AUTH_SYS or lower - * authentication. - */ - if (nfs4_disable_idmapping && - server->client->cl_auth->au_flavor == RPC_AUTH_UNIX) - server->caps |= NFS_CAP_UIDGID_NOMAP; -} - static int nfs4_server_common_setup(struct nfs_server *server, struct nfs_fh *mntfh, bool auth_probe) { @@ -1110,7 +1092,7 @@ static int nfs4_server_common_setup(struct nfs_server *server, if (error < 0) return error; - nfs4_server_set_init_caps(server); + nfs_server_set_init_caps(server); /* Probe the root fh to retrieve its FSID and filehandle */ error = nfs4_get_rootfh(server, mntfh, auth_probe); diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index d7dc669d84c5..c7c7ec22f21d 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -4092,7 +4092,7 @@ int nfs4_server_capabilities(struct nfs_server *server, struct nfs_fh *fhandle) }; int err; - nfs4_server_set_init_caps(server); + nfs_server_set_init_caps(server); do { err = nfs4_handle_exception(server, _nfs4_server_capabilities(server, fhandle),

1 month

2
3
0 0

FAILED: patch "[PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081511-procreate-museum-7213@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a Mon Sep 17 00:00:00 2001 From: Lukas Wunner <lukas(a)wunner.de> Date: Sun, 13 Jul 2025 16:31:01 +0200 Subject: [PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports pci_bridge_d3_possible() is called from both pcie_portdrv_probe() and pcie_portdrv_remove() to determine whether runtime power management shall be enabled (on probe) or disabled (on remove) on a PCIe port. The underlying assumption is that pci_bridge_d3_possible() always returns the same value, else a runtime PM reference imbalance would occur. That assumption is not given if the PCIe port is inaccessible on remove due to hot-unplug: pci_bridge_d3_possible() calls pciehp_is_native(), which accesses Config Space to determine whether the port is Hot-Plug Capable. An inaccessible port returns "all ones", which is converted to "all zeroes" by pcie_capability_read_dword(). Hence the port no longer seems Hot-Plug Capable on remove even though it was on probe. The resulting runtime PM ref imbalance causes warning messages such as: pcieport 0000:02:04.0: Runtime PM usage count underflow! Avoid the Config Space access (and thus the runtime PM ref imbalance) by caching the Hot-Plug Capable bit in struct pci_dev. The struct already contains an "is_hotplug_bridge" flag, which however is not only set on Hot-Plug Capable PCIe ports, but also Conventional PCI Hot-Plug bridges and ACPI slots. The flag identifies bridges which are allocated additional MMIO and bus number resources to allow for hierarchy expansion. The kernel is somewhat sloppily using "is_hotplug_bridge" in a number of places to identify Hot-Plug Capable PCIe ports, even though the flag encompasses other devices. Subsequent commits replace these occurrences with the new flag to clearly delineate Hot-Plug Capable PCIe ports from other kinds of hotplug bridges. Document the existing "is_hotplug_bridge" and the new "is_pciehp" flag and document the (non-obvious) requirement that pci_bridge_d3_possible() always returns the same value across the entire lifetime of a bridge, including its hot-removal. Fixes: 5352a44a561d ("PCI: pciehp: Make pciehp_is_native() stricter") Reported-by: Laurent Bigonville <bigon(a)bigon.be> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220216 Reported-by: Mario Limonciello <mario.limonciello(a)amd.com> Closes: https://lore.kernel.org/r/20250609020223.269407-3-superm1@kernel.org/ Link: https://lore.kernel.org/all/20250620025535.3425049-3-superm1@kernel.org/T/#u Signed-off-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com> Acked-by: Rafael J. Wysocki <rafael(a)kernel.org> Cc: stable(a)vger.kernel.org # v4.18+ Link: https://patch.msgid.link/fe5dcc3b2e62ee1df7905d746bde161eb1b3291c.175239010… diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c index b78e0e417324..efe478e5073e 100644 --- a/drivers/pci/pci-acpi.c +++ b/drivers/pci/pci-acpi.c @@ -816,13 +816,11 @@ int pci_acpi_program_hp_params(struct pci_dev *dev) bool pciehp_is_native(struct pci_dev *bridge) { const struct pci_host_bridge *host; - u32 slot_cap; if (!IS_ENABLED(CONFIG_HOTPLUG_PCI_PCIE)) return false; - pcie_capability_read_dword(bridge, PCI_EXP_SLTCAP, &slot_cap); - if (!(slot_cap & PCI_EXP_SLTCAP_HPC)) + if (!bridge->is_pciehp) return false; if (pcie_ports_native) diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c index e9448d55113b..23d8fe98ddf9 100644 --- a/drivers/pci/pci.c +++ b/drivers/pci/pci.c @@ -3030,8 +3030,12 @@ static const struct dmi_system_id bridge_d3_blacklist[] = { * pci_bridge_d3_possible - Is it possible to put the bridge into D3 * @bridge: Bridge to check * - * This function checks if it is possible to move the bridge to D3. * Currently we only allow D3 for some PCIe ports and for Thunderbolt. + * + * Return: Whether it is possible to move the bridge to D3. + * + * The return value is guaranteed to be constant across the entire lifetime + * of the bridge, including its hot-removal. */ bool pci_bridge_d3_possible(struct pci_dev *bridge) { diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c index 4b8693ec9e4c..cf50be63bf5f 100644 --- a/drivers/pci/probe.c +++ b/drivers/pci/probe.c @@ -1678,7 +1678,7 @@ void set_pcie_hotplug_bridge(struct pci_dev *pdev) pcie_capability_read_dword(pdev, PCI_EXP_SLTCAP, &reg32); if (reg32 & PCI_EXP_SLTCAP_HPC) - pdev->is_hotplug_bridge = 1; + pdev->is_hotplug_bridge = pdev->is_pciehp = 1; } static void set_pcie_thunderbolt(struct pci_dev *dev) diff --git a/include/linux/pci.h b/include/linux/pci.h index 05e68f35f392..d56d0dd80afb 100644 --- a/include/linux/pci.h +++ b/include/linux/pci.h @@ -328,6 +328,11 @@ struct rcec_ea; * determined (e.g., for Root Complex Integrated * Endpoints without the relevant Capability * Registers). + * @is_hotplug_bridge: Hotplug bridge of any kind (e.g. PCIe Hot-Plug Capable, + * Conventional PCI Hot-Plug, ACPI slot). + * Such bridges are allocated additional MMIO and bus + * number resources to allow for hierarchy expansion. + * @is_pciehp: PCIe Hot-Plug Capable bridge. */ struct pci_dev { struct list_head bus_list; /* Node in per-bus list */ @@ -451,6 +456,7 @@ struct pci_dev { unsigned int is_physfn:1; unsigned int is_virtfn:1; unsigned int is_hotplug_bridge:1; + unsigned int is_pciehp:1; unsigned int shpc_managed:1; /* SHPC owned by shpchp */ unsigned int is_thunderbolt:1; /* Thunderbolt controller */ /*

1 month

2
1
0 0

FAILED: patch "[PATCH] block: Make REQ_OP_ZONE_FINISH a write operation" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 3f66ccbaaef3a0c5bd844eab04e3207b4061c546 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081544-coliseum-cylinder-43d2@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 3f66ccbaaef3a0c5bd844eab04e3207b4061c546 Mon Sep 17 00:00:00 2001 From: Damien Le Moal <dlemoal(a)kernel.org> Date: Wed, 25 Jun 2025 18:33:23 +0900 Subject: [PATCH] block: Make REQ_OP_ZONE_FINISH a write operation REQ_OP_ZONE_FINISH is defined as "12", which makes op_is_write(REQ_OP_ZONE_FINISH) return false, despite the fact that a zone finish operation is an operation that modifies a zone (transition it to full) and so should be considered as a write operation (albeit one that does not transfer any data to the device). Fix this by redefining REQ_OP_ZONE_FINISH to be an odd number (13), and redefine REQ_OP_ZONE_RESET and REQ_OP_ZONE_RESET_ALL using sequential odd numbers from that new value. Fixes: 6c1b1da58f8c ("block: add zone open, close and finish operations") Cc: stable(a)vger.kernel.org Signed-off-by: Damien Le Moal <dlemoal(a)kernel.org> Reviewed-by: Bart Van Assche <bvanassche(a)acm.org> Reviewed-by: Johannes Thumshirn <johannes.thumshirn(a)wdc.com> Reviewed-by: Christoph Hellwig <hch(a)lst.de> Link: https://lore.kernel.org/r/20250625093327.548866-2-dlemoal@kernel.org Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h index 3d1577f07c1c..930daff207df 100644 --- a/include/linux/blk_types.h +++ b/include/linux/blk_types.h @@ -350,11 +350,11 @@ enum req_op { /* Close a zone */ REQ_OP_ZONE_CLOSE = (__force blk_opf_t)11, /* Transition a zone to full */ - REQ_OP_ZONE_FINISH = (__force blk_opf_t)12, + REQ_OP_ZONE_FINISH = (__force blk_opf_t)13, /* reset a zone write pointer */ - REQ_OP_ZONE_RESET = (__force blk_opf_t)13, + REQ_OP_ZONE_RESET = (__force blk_opf_t)15, /* reset all the zone present on the device */ - REQ_OP_ZONE_RESET_ALL = (__force blk_opf_t)15, + REQ_OP_ZONE_RESET_ALL = (__force blk_opf_t)17, /* Driver private requests */ REQ_OP_DRV_IN = (__force blk_opf_t)34,

1 month

2
1
0 0

FAILED: patch "[PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081510-deodorize-kitten-ff60@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a Mon Sep 17 00:00:00 2001 From: Lukas Wunner <lukas(a)wunner.de> Date: Sun, 13 Jul 2025 16:31:01 +0200 Subject: [PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports pci_bridge_d3_possible() is called from both pcie_portdrv_probe() and pcie_portdrv_remove() to determine whether runtime power management shall be enabled (on probe) or disabled (on remove) on a PCIe port. The underlying assumption is that pci_bridge_d3_possible() always returns the same value, else a runtime PM reference imbalance would occur. That assumption is not given if the PCIe port is inaccessible on remove due to hot-unplug: pci_bridge_d3_possible() calls pciehp_is_native(), which accesses Config Space to determine whether the port is Hot-Plug Capable. An inaccessible port returns "all ones", which is converted to "all zeroes" by pcie_capability_read_dword(). Hence the port no longer seems Hot-Plug Capable on remove even though it was on probe. The resulting runtime PM ref imbalance causes warning messages such as: pcieport 0000:02:04.0: Runtime PM usage count underflow! Avoid the Config Space access (and thus the runtime PM ref imbalance) by caching the Hot-Plug Capable bit in struct pci_dev. The struct already contains an "is_hotplug_bridge" flag, which however is not only set on Hot-Plug Capable PCIe ports, but also Conventional PCI Hot-Plug bridges and ACPI slots. The flag identifies bridges which are allocated additional MMIO and bus number resources to allow for hierarchy expansion. The kernel is somewhat sloppily using "is_hotplug_bridge" in a number of places to identify Hot-Plug Capable PCIe ports, even though the flag encompasses other devices. Subsequent commits replace these occurrences with the new flag to clearly delineate Hot-Plug Capable PCIe ports from other kinds of hotplug bridges. Document the existing "is_hotplug_bridge" and the new "is_pciehp" flag and document the (non-obvious) requirement that pci_bridge_d3_possible() always returns the same value across the entire lifetime of a bridge, including its hot-removal. Fixes: 5352a44a561d ("PCI: pciehp: Make pciehp_is_native() stricter") Reported-by: Laurent Bigonville <bigon(a)bigon.be> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220216 Reported-by: Mario Limonciello <mario.limonciello(a)amd.com> Closes: https://lore.kernel.org/r/20250609020223.269407-3-superm1@kernel.org/ Link: https://lore.kernel.org/all/20250620025535.3425049-3-superm1@kernel.org/T/#u Signed-off-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com> Acked-by: Rafael J. Wysocki <rafael(a)kernel.org> Cc: stable(a)vger.kernel.org # v4.18+ Link: https://patch.msgid.link/fe5dcc3b2e62ee1df7905d746bde161eb1b3291c.175239010… diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c index b78e0e417324..efe478e5073e 100644 --- a/drivers/pci/pci-acpi.c +++ b/drivers/pci/pci-acpi.c @@ -816,13 +816,11 @@ int pci_acpi_program_hp_params(struct pci_dev *dev) bool pciehp_is_native(struct pci_dev *bridge) { const struct pci_host_bridge *host; - u32 slot_cap; if (!IS_ENABLED(CONFIG_HOTPLUG_PCI_PCIE)) return false; - pcie_capability_read_dword(bridge, PCI_EXP_SLTCAP, &slot_cap); - if (!(slot_cap & PCI_EXP_SLTCAP_HPC)) + if (!bridge->is_pciehp) return false; if (pcie_ports_native) diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c index e9448d55113b..23d8fe98ddf9 100644 --- a/drivers/pci/pci.c +++ b/drivers/pci/pci.c @@ -3030,8 +3030,12 @@ static const struct dmi_system_id bridge_d3_blacklist[] = { * pci_bridge_d3_possible - Is it possible to put the bridge into D3 * @bridge: Bridge to check * - * This function checks if it is possible to move the bridge to D3. * Currently we only allow D3 for some PCIe ports and for Thunderbolt. + * + * Return: Whether it is possible to move the bridge to D3. + * + * The return value is guaranteed to be constant across the entire lifetime + * of the bridge, including its hot-removal. */ bool pci_bridge_d3_possible(struct pci_dev *bridge) { diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c index 4b8693ec9e4c..cf50be63bf5f 100644 --- a/drivers/pci/probe.c +++ b/drivers/pci/probe.c @@ -1678,7 +1678,7 @@ void set_pcie_hotplug_bridge(struct pci_dev *pdev) pcie_capability_read_dword(pdev, PCI_EXP_SLTCAP, &reg32); if (reg32 & PCI_EXP_SLTCAP_HPC) - pdev->is_hotplug_bridge = 1; + pdev->is_hotplug_bridge = pdev->is_pciehp = 1; } static void set_pcie_thunderbolt(struct pci_dev *dev) diff --git a/include/linux/pci.h b/include/linux/pci.h index 05e68f35f392..d56d0dd80afb 100644 --- a/include/linux/pci.h +++ b/include/linux/pci.h @@ -328,6 +328,11 @@ struct rcec_ea; * determined (e.g., for Root Complex Integrated * Endpoints without the relevant Capability * Registers). + * @is_hotplug_bridge: Hotplug bridge of any kind (e.g. PCIe Hot-Plug Capable, + * Conventional PCI Hot-Plug, ACPI slot). + * Such bridges are allocated additional MMIO and bus + * number resources to allow for hierarchy expansion. + * @is_pciehp: PCIe Hot-Plug Capable bridge. */ struct pci_dev { struct list_head bus_list; /* Node in per-bus list */ @@ -451,6 +456,7 @@ struct pci_dev { unsigned int is_physfn:1; unsigned int is_virtfn:1; unsigned int is_hotplug_bridge:1; + unsigned int is_pciehp:1; unsigned int shpc_managed:1; /* SHPC owned by shpchp */ unsigned int is_thunderbolt:1; /* Thunderbolt controller */ /*

1 month

2
1
0 0

[PATCH 6.12.y 0/7] KVM: x86: Backports for 6.12.y

by Sean Christopherson

More KVM backports, this time for 6.12.y (and with far fewer dependencies). Same note/caveat about Sasha already posting[1][2] many/most of these: KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported KVM: VMX: Extract checking of guest's DEBUGCTL into helper KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs I'm including them here to hopefully make life easier for y'all, and because the order they are presented here is the preferred ordering, i.e. should be the same ordering as the original upstream patches. But, if you end up grabbing Sasha's patches first, it's not a big deal as the only true dependencies is that the DEBUGCTL.RTM_DEBUG patch needs to land before "Check vmcs12->guest_ia32_debugctl on nested VM-Enter". [1] https://lore.kernel.org/all/20250813182455.2068642-1-sashal@kernel.org [2] https://lore.kernel.org/all/20250814125614.2090890-1-sashal@kernel.org Maxim Levitsky (3): KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest Sean Christopherson (4): KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported KVM: VMX: Extract checking of guest's DEBUGCTL into helper arch/x86/include/asm/kvm-x86-ops.h | 1 - arch/x86/include/asm/kvm_host.h | 15 ++++++-- arch/x86/include/asm/msr-index.h | 1 + arch/x86/kvm/svm/svm.c | 14 ++++---- arch/x86/kvm/vmx/main.c | 3 +- arch/x86/kvm/vmx/nested.c | 21 ++++++++--- arch/x86/kvm/vmx/pmu_intel.c | 8 ++--- arch/x86/kvm/vmx/vmx.c | 57 ++++++++++++++++++------------ arch/x86/kvm/vmx/vmx.h | 26 ++++++++++++++ arch/x86/kvm/vmx/x86_ops.h | 2 +- arch/x86/kvm/x86.c | 25 ++++++++++--- 11 files changed, 125 insertions(+), 48 deletions(-) base-commit: 8f5ff9784f3262e6e85c68d86f8b7931827f2983 -- 2.51.0.rc1.163.g2494970778-goog

1 month

2
8
0 0

FAILED: patch "[PATCH] block: Make REQ_OP_ZONE_FINISH a write operation" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 3f66ccbaaef3a0c5bd844eab04e3207b4061c546 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081544-slackness-vantage-3e99@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 3f66ccbaaef3a0c5bd844eab04e3207b4061c546 Mon Sep 17 00:00:00 2001 From: Damien Le Moal <dlemoal(a)kernel.org> Date: Wed, 25 Jun 2025 18:33:23 +0900 Subject: [PATCH] block: Make REQ_OP_ZONE_FINISH a write operation REQ_OP_ZONE_FINISH is defined as "12", which makes op_is_write(REQ_OP_ZONE_FINISH) return false, despite the fact that a zone finish operation is an operation that modifies a zone (transition it to full) and so should be considered as a write operation (albeit one that does not transfer any data to the device). Fix this by redefining REQ_OP_ZONE_FINISH to be an odd number (13), and redefine REQ_OP_ZONE_RESET and REQ_OP_ZONE_RESET_ALL using sequential odd numbers from that new value. Fixes: 6c1b1da58f8c ("block: add zone open, close and finish operations") Cc: stable(a)vger.kernel.org Signed-off-by: Damien Le Moal <dlemoal(a)kernel.org> Reviewed-by: Bart Van Assche <bvanassche(a)acm.org> Reviewed-by: Johannes Thumshirn <johannes.thumshirn(a)wdc.com> Reviewed-by: Christoph Hellwig <hch(a)lst.de> Link: https://lore.kernel.org/r/20250625093327.548866-2-dlemoal@kernel.org Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h index 3d1577f07c1c..930daff207df 100644 --- a/include/linux/blk_types.h +++ b/include/linux/blk_types.h @@ -350,11 +350,11 @@ enum req_op { /* Close a zone */ REQ_OP_ZONE_CLOSE = (__force blk_opf_t)11, /* Transition a zone to full */ - REQ_OP_ZONE_FINISH = (__force blk_opf_t)12, + REQ_OP_ZONE_FINISH = (__force blk_opf_t)13, /* reset a zone write pointer */ - REQ_OP_ZONE_RESET = (__force blk_opf_t)13, + REQ_OP_ZONE_RESET = (__force blk_opf_t)15, /* reset all the zone present on the device */ - REQ_OP_ZONE_RESET_ALL = (__force blk_opf_t)15, + REQ_OP_ZONE_RESET_ALL = (__force blk_opf_t)17, /* Driver private requests */ REQ_OP_DRV_IN = (__force blk_opf_t)34,

1 month

2
1
0 0

[PATCH v2] mm/damon/core: fix damos_commit_filter not changing allow

by Sang-Heon Jeon

Current damos_commit_filter() not persist allow value of filter. As a result, changing allow value of filter and commit doesn't change allow value. Add the missing allow value update, so commit filter now persist changing allow value well. Fixes: fe6d7fdd6249 ("mm/damon/core: add damos_filter->allow field") Cc: stable(a)vger.kernel.org # 6.14.x Signed-off-by: Sang-Heon Jeon <ekffu200098(a)gmail.com> --- Changes from v1 [1]: - Fix wrong fixes section commit - Add cc section for backporting [1] https://lore.kernel.org/damon/20250815094059.133769-1-ekffu200098@gmail.com/ --- mm/damon/core.c | 1 + 1 file changed, 1 insertion(+) diff --git a/mm/damon/core.c b/mm/damon/core.c index 19c8f01fc81a..cb41fddca78c 100644 --- a/mm/damon/core.c +++ b/mm/damon/core.c @@ -900,6 +900,7 @@ static void damos_commit_filter( { dst->type = src->type; dst->matching = src->matching; + dst->allow = src->allow; damos_commit_filter_arg(dst, src); } -- 2.43.0

1 month

2
1
0 0

[PATCH RESEND] pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region()

by Ma Ke

In __iodyn_find_io_region(), pcmcia_make_resource() is assigned to res and used in pci_bus_alloc_resource(). There is a dereference of res in pci_bus_alloc_resource(), which could lead to a NULL pointer dereference on failure of pcmcia_make_resource(). Fix this bug by adding a check of res. Found by code review, complie tested only. Cc: stable(a)vger.kernel.org Fixes: 49b1153adfe1 ("pcmcia: move all pcmcia_resource_ops providers into one module") Signed-off-by: Ma Ke <make24(a)iscas.ac.cn> --- drivers/pcmcia/rsrc_iodyn.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/pcmcia/rsrc_iodyn.c b/drivers/pcmcia/rsrc_iodyn.c index b04b16496b0c..2677b577c1f8 100644 --- a/drivers/pcmcia/rsrc_iodyn.c +++ b/drivers/pcmcia/rsrc_iodyn.c @@ -62,6 +62,9 @@ static struct resource *__iodyn_find_io_region(struct pcmcia_socket *s, unsigned long min = base; int ret; + if (!res) + return NULL; + data.mask = align - 1; data.offset = base & data.mask; -- 2.25.1

1 month

2
1
0 0

[PATCH v2] debugfs: fix mount options not being applied

by Charalampos Mitrodimas

Mount options (uid, gid, mode) are silently ignored when debugfs is mounted. This is a regression introduced during the conversion to the new mount API. When the mount API conversion was done, the line that sets sb->s_fs_info to the parsed options was removed. This causes debugfs_apply_options() to operate on a NULL pointer. Fix this by following the same pattern as the tracefs fix in commit e4d32142d1de ("tracing: Fix tracefs mount options"). Call debugfs_reconfigure() in debugfs_get_tree() to apply the mount options to the superblock after it has been created or reused. As an example, with the bug the "mode" mount option is ignored: $ mount -o mode=0666 -t debugfs debugfs /tmp/debugfs_test $ mount | grep debugfs_test debugfs on /tmp/debugfs_test type debugfs (rw,relatime) $ ls -ld /tmp/debugfs_test drwx------ 25 root root 0 Aug 4 14:16 /tmp/debugfs_test With the fix applied, it works as expected: $ mount -o mode=0666 -t debugfs debugfs /tmp/debugfs_test $ mount | grep debugfs_test debugfs on /tmp/debugfs_test type debugfs (rw,relatime,mode=666) $ ls -ld /tmp/debugfs_test drw-rw-rw- 37 root root 0 Aug 2 17:28 /tmp/debugfs_test Fixes: a20971c18752 ("vfs: Convert debugfs to use the new mount API") Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220406 Cc: stable(a)vger.kernel.org Signed-off-by: Charalampos Mitrodimas <charmitro(a)posteo.net> --- Changes in v2: - Follow the same pattern as e4d32142d1de ("tracing: Fix tracefs mount options") - Add Cc: stable tag - Link to v1: https://lore.kernel.org/r/20250804-debugfs-mount-opts-v1-1-bc05947a80b5@pos… --- fs/debugfs/inode.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c index a0357b0cf362d8ac47ff810e162402d6a8ae2cb9..c12d649df6a5435050f606c2828a9a7cc61922e4 100644 --- a/fs/debugfs/inode.c +++ b/fs/debugfs/inode.c @@ -183,6 +183,9 @@ static int debugfs_reconfigure(struct fs_context *fc) struct debugfs_fs_info *sb_opts = sb->s_fs_info; struct debugfs_fs_info *new_opts = fc->s_fs_info; + if (!new_opts) + return 0; + sync_filesystem(sb); /* structure copy of new mount options to sb */ @@ -282,10 +285,16 @@ static int debugfs_fill_super(struct super_block *sb, struct fs_context *fc) static int debugfs_get_tree(struct fs_context *fc) { + int err; + if (!(debugfs_allow & DEBUGFS_ALLOW_API)) return -EPERM; - return get_tree_single(fc, debugfs_fill_super); + err = get_tree_single(fc, debugfs_fill_super); + if (err) + return err; + + return debugfs_reconfigure(fc); } static void debugfs_free_fc(struct fs_context *fc) --- base-commit: 3c4a063b1f8ab71352df1421d9668521acb63cd9 change-id: 20250804-debugfs-mount-opts-2a68d7741f05 Best regards, -- Charalampos Mitrodimas <charmitro(a)posteo.net>

1 month

2
2
0 0

[PATCH AUTOSEL 6.16 01/85] usb: xhci: print xhci->xhc_state when queue_command failed

by Sasha Levin

From: Su Hui <suhui(a)nfschina.com> [ Upstream commit 7919407eca2ef562fa6c98c41cfdf6f6cdd69d92 ] When encounters some errors like these: xhci_hcd 0000:4a:00.2: xHCI dying or halted, can't queue_command xhci_hcd 0000:4a:00.2: FIXME: allocate a command ring segment usb usb5-port6: couldn't allocate usb_device It's hard to know whether xhc_state is dying or halted. So it's better to print xhc_state's value which can help locate the resaon of the bug. Signed-off-by: Su Hui <suhui(a)nfschina.com> Link: https://lore.kernel.org/r/20250725060117.1773770-1-suhui@nfschina.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- LLM Generated explanations, may be completely bogus: **Backport Status: YES** This commit is suitable for backporting to stable kernel trees for the following reasons: 1. **Enhanced Debugging for Real-World Issues**: The commit improves debugging of USB xHCI host controller failures by printing the actual `xhc_state` value when `queue_command` fails. The commit message shows real error messages users encounter ("xHCI dying or halted, can't queue_command"), demonstrating this is a real-world debugging problem. 2. **Minimal and Safe Change**: The change is extremely small and safe - it only modifies a debug print statement from: ```c xhci_dbg(xhci, "xHCI dying or halted, can't queue_command\n"); ``` to: ```c xhci_dbg(xhci, "xHCI dying or halted, can't queue_command. state: 0x%x\n", xhci->xhc_state); ``` 3. **No Functional Changes**: This is a pure diagnostic improvement. It doesn't change any logic, control flow, or data structures. It only adds the state value (0x%x format) to an existing debug message. 4. **Important for Troubleshooting**: The xHCI driver is critical for USB functionality, and when it fails with "dying or halted" states, knowing the exact state helps diagnose whether: - `XHCI_STATE_DYING` (0x1) - controller is dying - `XHCI_STATE_HALTED` (0x2) - controller is halted - Both states (0x3) - controller has both flags set This distinction is valuable for debugging hardware issues, driver bugs, or system problems. 5. **Zero Risk of Regression**: Adding a parameter to a debug print statement has no risk of introducing regressions. The worst case is the debug message prints the state value. 6. **Follows Stable Rules**: This meets stable kernel criteria as it: - Fixes a real debugging limitation - Is obviously correct - Has been tested (signed-off and accepted by Greg KH) - Is small (single line change) - Doesn't add new features, just improves existing diagnostics The commit helps system administrators and developers diagnose USB issues more effectively by providing the actual state value rather than just saying "dying or halted", making it a valuable debugging enhancement for stable kernels. drivers/usb/host/xhci-ring.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c index 94c9c9271658..131e7530ec4a 100644 --- a/drivers/usb/host/xhci-ring.c +++ b/drivers/usb/host/xhci-ring.c @@ -4372,7 +4372,8 @@ static int queue_command(struct xhci_hcd *xhci, struct xhci_command *cmd, if ((xhci->xhc_state & XHCI_STATE_DYING) || (xhci->xhc_state & XHCI_STATE_HALTED)) { - xhci_dbg(xhci, "xHCI dying or halted, can't queue_command\n"); + xhci_dbg(xhci, "xHCI dying or halted, can't queue_command. state: 0x%x\n", + xhci->xhc_state); return -ESHUTDOWN; } -- 2.39.5

1 month

5
89
0 0

[PATCH AUTOSEL 6.1 01/51] usb: xhci: print xhci->xhc_state when queue_command failed

by Sasha Levin

From: Su Hui <suhui(a)nfschina.com> [ Upstream commit 7919407eca2ef562fa6c98c41cfdf6f6cdd69d92 ] When encounters some errors like these: xhci_hcd 0000:4a:00.2: xHCI dying or halted, can't queue_command xhci_hcd 0000:4a:00.2: FIXME: allocate a command ring segment usb usb5-port6: couldn't allocate usb_device It's hard to know whether xhc_state is dying or halted. So it's better to print xhc_state's value which can help locate the resaon of the bug. Signed-off-by: Su Hui <suhui(a)nfschina.com> Link: https://lore.kernel.org/r/20250725060117.1773770-1-suhui@nfschina.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- LLM Generated explanations, may be completely bogus: **Backport Status: YES** This commit is suitable for backporting to stable kernel trees for the following reasons: 1. **Enhanced Debugging for Real-World Issues**: The commit improves debugging of USB xHCI host controller failures by printing the actual `xhc_state` value when `queue_command` fails. The commit message shows real error messages users encounter ("xHCI dying or halted, can't queue_command"), demonstrating this is a real-world debugging problem. 2. **Minimal and Safe Change**: The change is extremely small and safe - it only modifies a debug print statement from: ```c xhci_dbg(xhci, "xHCI dying or halted, can't queue_command\n"); ``` to: ```c xhci_dbg(xhci, "xHCI dying or halted, can't queue_command. state: 0x%x\n", xhci->xhc_state); ``` 3. **No Functional Changes**: This is a pure diagnostic improvement. It doesn't change any logic, control flow, or data structures. It only adds the state value (0x%x format) to an existing debug message. 4. **Important for Troubleshooting**: The xHCI driver is critical for USB functionality, and when it fails with "dying or halted" states, knowing the exact state helps diagnose whether: - `XHCI_STATE_DYING` (0x1) - controller is dying - `XHCI_STATE_HALTED` (0x2) - controller is halted - Both states (0x3) - controller has both flags set This distinction is valuable for debugging hardware issues, driver bugs, or system problems. 5. **Zero Risk of Regression**: Adding a parameter to a debug print statement has no risk of introducing regressions. The worst case is the debug message prints the state value. 6. **Follows Stable Rules**: This meets stable kernel criteria as it: - Fixes a real debugging limitation - Is obviously correct - Has been tested (signed-off and accepted by Greg KH) - Is small (single line change) - Doesn't add new features, just improves existing diagnostics The commit helps system administrators and developers diagnose USB issues more effectively by providing the actual state value rather than just saying "dying or halted", making it a valuable debugging enhancement for stable kernels. drivers/usb/host/xhci-ring.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c index 0862fdd3e568..c4880b22f359 100644 --- a/drivers/usb/host/xhci-ring.c +++ b/drivers/usb/host/xhci-ring.c @@ -4421,7 +4421,8 @@ static int queue_command(struct xhci_hcd *xhci, struct xhci_command *cmd, if ((xhci->xhc_state & XHCI_STATE_DYING) || (xhci->xhc_state & XHCI_STATE_HALTED)) { - xhci_dbg(xhci, "xHCI dying or halted, can't queue_command\n"); + xhci_dbg(xhci, "xHCI dying or halted, can't queue_command. state: 0x%x\n", + xhci->xhc_state); return -ESHUTDOWN; } -- 2.39.5

1 month

3
53
0 0

[PATCH AUTOSEL 6.16-6.6] apparmor: shift ouid when mediating hard links in userns

by Sasha Levin

From: Gabriel Totev <gabriel.totev(a)zetier.com> [ Upstream commit c5bf96d20fd787e4909b755de4705d52f3458836 ] When using AppArmor profiles inside an unprivileged container, the link operation observes an unshifted ouid. (tested with LXD and Incus) For example, root inside container and uid 1000000 outside, with `owner /root/link l,` profile entry for ln: /root$ touch chain && ln chain link ==> dmesg apparmor="DENIED" operation="link" class="file" namespace="root//lxd-feet_<var-snap-lxd-common-lxd>" profile="linkit" name="/root/link" pid=1655 comm="ln" requested_mask="l" denied_mask="l" fsuid=1000000 ouid=0 [<== should be 1000000] target="/root/chain" Fix by mapping inode uid of old_dentry in aa_path_link() rather than using it directly, similarly to how it's mapped in __file_path_perm() later in the file. Signed-off-by: Gabriel Totev <gabriel.totev(a)zetier.com> Signed-off-by: John Johansen <john.johansen(a)canonical.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- LLM Generated explanations, may be completely bogus: **Backport Status: YES** This commit should be backported to stable kernel trees for the following reasons: 1. **Clear Bug Fix**: This fixes a real bug where AppArmor incorrectly reports the unshifted uid when mediating hard link operations inside user namespaces/containers. The commit message provides a concrete example showing ouid=0 instead of the expected ouid=1000000 in container logs. 2. **Security Impact**: This is a security-relevant bug that causes AppArmor policy enforcement to behave incorrectly in containerized environments. The owner-based AppArmor rules (like `owner /root/link l,`) won't work correctly because the uid comparison is done with the wrong (unshifted) value. 3. **Minimal and Contained Fix**: The change is small and surgical - it only modifies the aa_path_link() function to properly map the inode uid through the mount's idmapping, following the exact same pattern already used in __file_path_perm(): - Uses `i_uid_into_vfsuid(mnt_idmap(target.mnt), inode)` to get the vfsuid - Converts it back with `vfsuid_into_kuid(vfsuid)` for the path_cond structure 4. **No New Features or Architecture Changes**: This is purely a bug fix that makes aa_path_link() consistent with how __file_path_perm() already handles uid mapping. No new functionality is added. 5. **Container/User Namespace Compatibility**: With the widespread use of containers (LXD, Incus, Docker with userns), this bug affects many production systems. The fix ensures AppArmor policies work correctly in these environments. 6. **Low Risk**: The change follows an established pattern in the codebase (from __file_path_perm) and only affects the specific case of hard link permission checks in user namespaces. The risk of regression is minimal. 7. **Clear Testing**: The commit message indicates this was tested with LXD and Incus containers, showing the issue is reproducible and the fix validated. The code change is straightforward - replacing direct access to `d_backing_inode(old_dentry)->i_uid` with proper idmapping-aware conversion that respects user namespace uid shifts. This makes aa_path_link() consistent with other AppArmor file operations that already handle idmapped mounts correctly. security/apparmor/file.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/security/apparmor/file.c b/security/apparmor/file.c index d52a5b14dad4..62bc46e03758 100644 --- a/security/apparmor/file.c +++ b/security/apparmor/file.c @@ -423,9 +423,11 @@ int aa_path_link(const struct cred *subj_cred, { struct path link = { .mnt = new_dir->mnt, .dentry = new_dentry }; struct path target = { .mnt = new_dir->mnt, .dentry = old_dentry }; + struct inode *inode = d_backing_inode(old_dentry); + vfsuid_t vfsuid = i_uid_into_vfsuid(mnt_idmap(target.mnt), inode); struct path_cond cond = { - d_backing_inode(old_dentry)->i_uid, - d_backing_inode(old_dentry)->i_mode + .uid = vfsuid_into_kuid(vfsuid), + .mode = inode->i_mode, }; char *buffer = NULL, *buffer2 = NULL; struct aa_profile *profile; -- 2.39.5

1 month

3
17
0 0

[PATCH] soc: qcom: icc-bwmon: Fix handling dev_pm_opp_find_bw_*() errors

by Krzysztof Kozlowski

The ISR calls dev_pm_opp_find_bw_ceil(), which can return EINVAL, ERANGE or ENODEV, and if that one fails with ERANGE, then it tries again with floor dev_pm_opp_find_bw_floor(). Code misses error checks for two cases: 1. First dev_pm_opp_find_bw_ceil() failed with error different than ERANGE, 2. Any error from second dev_pm_opp_find_bw_floor(). In an unlikely case these error happened, the code would further dereference the ERR pointer. Close that possibility and make the code more obvious that all errors are correctly handled. Reported by Smatch: icc-bwmon.c:693 bwmon_intr_thread() error: 'target_opp' dereferencing possible ERR_PTR() Fixes: b9c2ae6cac40 ("soc: qcom: icc-bwmon: Add bandwidth monitoring driver") Cc: <stable(a)vger.kernel.org> Reported-by: Dan Carpenter <dan.carpenter(a)linaro.org> Closes: https://lore.kernel.org/r/aJTNEQsRFjrFknG9@stanley.mountain/ Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> --- Some unreleased smatch, though, because I cannot reproduce the warning, but I imagine Dan keeps the tastiests reports for later. :) --- drivers/soc/qcom/icc-bwmon.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/soc/qcom/icc-bwmon.c b/drivers/soc/qcom/icc-bwmon.c index 3dfa448bf8cf..597f9025e422 100644 --- a/drivers/soc/qcom/icc-bwmon.c +++ b/drivers/soc/qcom/icc-bwmon.c @@ -656,6 +656,9 @@ static irqreturn_t bwmon_intr_thread(int irq, void *dev_id) if (IS_ERR(target_opp) && PTR_ERR(target_opp) == -ERANGE) target_opp = dev_pm_opp_find_bw_floor(bwmon->dev, &bw_kbps, 0); + if (IS_ERR(target_opp)) + return IRQ_HANDLED; + bwmon->target_kbps = bw_kbps; bw_kbps--; -- 2.48.1

1 month

3
5
0 0

[PATCH 6.1.y] tls: separate no-async decryption request handling from async

by William Liu

From: Sabrina Dubroca <sd(a)queasysnail.net> [ Upstream commit 41532b785e9d79636b3815a64ddf6a096647d011 ] If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We should preferably also use a separate crypto_wait. I'm not seeing a UAF as I did in the past, I think aec7961 ("tls: fix race between async notify and socket close") took care of it. This will make the next fix easier. Signed-off-by: Sabrina Dubroca <sd(a)queasysnail.net> Link: https://lore.kernel.org/r/47bde5f649707610eaef9f0d679519966fc31061.17091326… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> [ William: The original patch did not apply cleanly due to deletions of non-existent lines in 6.1.y. The UAF the author stopped seeing can still be reproduced on systems without AVX in conjunction with cryptd. Also removed an extraneous statement after a return statement that is adjacent to diff. ] Link: https://lore.kernel.org/netdev/he2K1yz_u7bZ-CnYcTSQ4OxuLuHZXN6xZRgp6_ICSWnq… Signed-off-by: William Liu <will(a)willsroot.io> --- Tested with original repro and all tests in selftests/net/tls.c --- net/tls/tls_sw.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 6ac3dcbe87b5..e1e3207168e3 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -274,9 +274,15 @@ static int tls_do_decryption(struct sock *sk, DEBUG_NET_WARN_ON_ONCE(atomic_read(&ctx->decrypt_pending) < 1); atomic_inc(&ctx->decrypt_pending); } else { + DECLARE_CRYPTO_WAIT(wait); + aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG, - crypto_req_done, &ctx->async_wait); + crypto_req_done, &wait); + ret = crypto_aead_decrypt(aead_req); + if (ret == -EINPROGRESS || ret == -EBUSY) + ret = crypto_wait_req(ret, &wait); + return ret; } ret = crypto_aead_decrypt(aead_req); @@ -289,7 +295,6 @@ static int tls_do_decryption(struct sock *sk, /* all completions have run, we're not doing async anymore */ darg->async = false; return ret; - ret = ret ?: -EINPROGRESS; } atomic_dec(&ctx->decrypt_pending); -- 2.43.0

1 month

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror