FAILED: patch "[PATCH] rseq: Protect event mask against membarrier IPI" failed to apply to 5.10-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.10-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y
git checkout FETCH_HEAD
git cherry-pick -x 6eb350a2233100a283f882c023e5ad426d0ed63b
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101556-riches-vivacious-ee8f@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 6eb350a2233100a283f882c023e5ad426d0ed63b Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx(a)linutronix.de>
Date: Wed, 13 Aug 2025 17:02:30 +0200
Subject: [PATCH] rseq: Protect event mask against membarrier IPI
rseq_need_restart() reads and clears task::rseq_event_mask with preemption
disabled to guard against the scheduler.
But membarrier() uses an IPI and sets the PREEMPT bit in the event mask
from the IPI, which leaves that RMW operation unprotected.
Use guard(irq) if CONFIG_MEMBARRIER is enabled to fix that.
Fixes: 2a36ab717e8f ("rseq/membarrier: Add MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ")
Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de>
Reviewed-by: Boqun Feng <boqun.feng(a)gmail.com>
Reviewed-by: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com>
Cc: stable(a)vger.kernel.org
diff --git a/include/linux/rseq.h b/include/linux/rseq.h
index bc8af3eb5598..1fbeb61babeb 100644
--- a/include/linux/rseq.h
+++ b/include/linux/rseq.h
@@ -7,6 +7,12 @@
#include <linux/preempt.h>
#include <linux/sched.h>
+#ifdef CONFIG_MEMBARRIER
+# define RSEQ_EVENT_GUARD irq
+#else
+# define RSEQ_EVENT_GUARD preempt
+#endif
+
/*
* Map the event mask on the user-space ABI enum rseq_cs_flags
* for direct mask checks.
@@ -41,9 +47,8 @@ static inline void rseq_handle_notify_resume(struct ksignal *ksig,
static inline void rseq_signal_deliver(struct ksignal *ksig,
struct pt_regs *regs)
{
- preempt_disable();
- __set_bit(RSEQ_EVENT_SIGNAL_BIT, ¤t->rseq_event_mask);
- preempt_enable();
+ scoped_guard(RSEQ_EVENT_GUARD)
+ __set_bit(RSEQ_EVENT_SIGNAL_BIT, ¤t->rseq_event_mask);
rseq_handle_notify_resume(ksig, regs);
}
diff --git a/kernel/rseq.c b/kernel/rseq.c
index b7a1ec327e81..2452b7366b00 100644
--- a/kernel/rseq.c
+++ b/kernel/rseq.c
@@ -342,12 +342,12 @@ static int rseq_need_restart(struct task_struct *t, u32 cs_flags)
/*
* Load and clear event mask atomically with respect to
- * scheduler preemption.
+ * scheduler preemption and membarrier IPIs.
*/
- preempt_disable();
- event_mask = t->rseq_event_mask;
- t->rseq_event_mask = 0;
- preempt_enable();
+ scoped_guard(RSEQ_EVENT_GUARD) {
+ event_mask = t->rseq_event_mask;
+ t->rseq_event_mask = 0;
+ }
return !!event_mask;
}
3 weeks, 1 day
- 1
- 0
FAILED: patch "[PATCH] arm64: map [_text, _stext) virtual address range" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x 5973a62efa34c80c9a4e5eac1fca6f6209b902af
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101551-unsealed-whisking-8514@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 5973a62efa34c80c9a4e5eac1fca6f6209b902af Mon Sep 17 00:00:00 2001
From: Omar Sandoval <osandov(a)fb.com>
Date: Fri, 19 Sep 2025 14:27:51 -0700
Subject: [PATCH] arm64: map [_text, _stext) virtual address range
non-executable+read-only
Since the referenced fixes commit, the kernel's .text section is only
mapped starting from _stext; the region [_text, _stext) is omitted. As a
result, other vmalloc/vmap allocations may use the virtual addresses
nominally in the range [_text, _stext). This address reuse confuses
multiple things:
1. crash_prepare_elf64_headers() sets up a segment in /proc/vmcore
mapping the entire range [_text, _end) to
[__pa_symbol(_text), __pa_symbol(_end)). Reading an address in
[_text, _stext) from /proc/vmcore therefore gives the incorrect
result.
2. Tools doing symbolization (either by reading /proc/kallsyms or based
on the vmlinux ELF file) will incorrectly identify vmalloc/vmap
allocations in [_text, _stext) as kernel symbols.
In practice, both of these issues affect the drgn debugger.
Specifically, there were cases where the vmap IRQ stacks for some CPUs
were allocated in [_text, _stext). As a result, drgn could not get the
stack trace for a crash in an IRQ handler because the core dump
contained invalid data for the IRQ stack address. The stack addresses
were also symbolized as being in the _text symbol.
Fix this by bringing back the mapping of [_text, _stext), but now make
it non-executable and read-only. This prevents other allocations from
using it while still achieving the original goal of not mapping
unpredictable data as executable. Other than the changed protection,
this is effectively a revert of the fixes commit.
Fixes: e2a073dde921 ("arm64: omit [_text, _stext) from permanent kernel mapping")
Cc: stable(a)vger.kernel.org
Signed-off-by: Omar Sandoval <osandov(a)fb.com>
Signed-off-by: Will Deacon <will(a)kernel.org>
diff --git a/arch/arm64/kernel/pi/map_kernel.c b/arch/arm64/kernel/pi/map_kernel.c
index e6d35eff1486..e8ddbde31a83 100644
--- a/arch/arm64/kernel/pi/map_kernel.c
+++ b/arch/arm64/kernel/pi/map_kernel.c
@@ -78,6 +78,12 @@ static void __init map_kernel(u64 kaslr_offset, u64 va_offset, int root_level)
twopass |= enable_scs;
prot = twopass ? data_prot : text_prot;
+ /*
+ * [_stext, _text) isn't executed after boot and contains some
+ * non-executable, unpredictable data, so map it non-executable.
+ */
+ map_segment(init_pg_dir, &pgdp, va_offset, _text, _stext, data_prot,
+ false, root_level);
map_segment(init_pg_dir, &pgdp, va_offset, _stext, _etext, prot,
!twopass, root_level);
map_segment(init_pg_dir, &pgdp, va_offset, __start_rodata,
diff --git a/arch/arm64/kernel/setup.c b/arch/arm64/kernel/setup.c
index 77c7926a4df6..23c05dc7a8f2 100644
--- a/arch/arm64/kernel/setup.c
+++ b/arch/arm64/kernel/setup.c
@@ -214,7 +214,7 @@ static void __init request_standard_resources(void)
unsigned long i = 0;
size_t res_size;
- kernel_code.start = __pa_symbol(_stext);
+ kernel_code.start = __pa_symbol(_text);
kernel_code.end = __pa_symbol(__init_begin - 1);
kernel_data.start = __pa_symbol(_sdata);
kernel_data.end = __pa_symbol(_end - 1);
@@ -280,7 +280,7 @@ u64 cpu_logical_map(unsigned int cpu)
void __init __no_sanitize_address setup_arch(char **cmdline_p)
{
- setup_initial_init_mm(_stext, _etext, _edata, _end);
+ setup_initial_init_mm(_text, _etext, _edata, _end);
*cmdline_p = boot_command_line;
diff --git a/arch/arm64/mm/init.c b/arch/arm64/mm/init.c
index 70c2ca813c18..524d34a0e921 100644
--- a/arch/arm64/mm/init.c
+++ b/arch/arm64/mm/init.c
@@ -279,7 +279,7 @@ void __init arm64_memblock_init(void)
* Register the kernel text, kernel data, initrd, and initial
* pagetables with memblock.
*/
- memblock_reserve(__pa_symbol(_stext), _end - _stext);
+ memblock_reserve(__pa_symbol(_text), _end - _text);
if (IS_ENABLED(CONFIG_BLK_DEV_INITRD) && phys_initrd_size) {
/* the generic initrd code expects virtual addresses */
initrd_start = __phys_to_virt(phys_initrd_start);
diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
index 0ba1a15e7e74..10c258099581 100644
--- a/arch/arm64/mm/mmu.c
+++ b/arch/arm64/mm/mmu.c
@@ -965,8 +965,8 @@ void __init mark_linear_text_alias_ro(void)
/*
* Remove the write permissions from the linear alias of .text/.rodata
*/
- update_mapping_prot(__pa_symbol(_stext), (unsigned long)lm_alias(_stext),
- (unsigned long)__init_begin - (unsigned long)_stext,
+ update_mapping_prot(__pa_symbol(_text), (unsigned long)lm_alias(_text),
+ (unsigned long)__init_begin - (unsigned long)_text,
PAGE_KERNEL_RO);
}
@@ -1037,7 +1037,7 @@ static inline bool force_pte_mapping(void)
static void __init map_mem(pgd_t *pgdp)
{
static const u64 direct_map_end = _PAGE_END(VA_BITS_MIN);
- phys_addr_t kernel_start = __pa_symbol(_stext);
+ phys_addr_t kernel_start = __pa_symbol(_text);
phys_addr_t kernel_end = __pa_symbol(__init_begin);
phys_addr_t start, end;
phys_addr_t early_kfence_pool;
@@ -1086,7 +1086,7 @@ static void __init map_mem(pgd_t *pgdp)
}
/*
- * Map the linear alias of the [_stext, __init_begin) interval
+ * Map the linear alias of the [_text, __init_begin) interval
* as non-executable now, and remove the write permission in
* mark_linear_text_alias_ro() below (which will be called after
* alternative patching has completed). This makes the contents
@@ -1113,6 +1113,10 @@ void mark_rodata_ro(void)
WRITE_ONCE(rodata_is_rw, false);
update_mapping_prot(__pa_symbol(__start_rodata), (unsigned long)__start_rodata,
section_size, PAGE_KERNEL_RO);
+ /* mark the range between _text and _stext as read only. */
+ update_mapping_prot(__pa_symbol(_text), (unsigned long)_text,
+ (unsigned long)_stext - (unsigned long)_text,
+ PAGE_KERNEL_RO);
}
static void __init declare_vma(struct vm_struct *vma,
@@ -1183,7 +1187,7 @@ static void __init declare_kernel_vmas(void)
{
static struct vm_struct vmlinux_seg[KERNEL_SEGMENT_COUNT];
- declare_vma(&vmlinux_seg[0], _stext, _etext, VM_NO_GUARD);
+ declare_vma(&vmlinux_seg[0], _text, _etext, VM_NO_GUARD);
declare_vma(&vmlinux_seg[1], __start_rodata, __inittext_begin, VM_NO_GUARD);
declare_vma(&vmlinux_seg[2], __inittext_begin, __inittext_end, VM_NO_GUARD);
declare_vma(&vmlinux_seg[3], __initdata_begin, __initdata_end, VM_NO_GUARD);
3 weeks, 1 day
- 1
- 0
FAILED: patch "[PATCH] arm64: map [_text, _stext) virtual address range" failed to apply to 6.1-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.1-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y
git checkout FETCH_HEAD
git cherry-pick -x 5973a62efa34c80c9a4e5eac1fca6f6209b902af
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101549-slurp-darkened-955a@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 5973a62efa34c80c9a4e5eac1fca6f6209b902af Mon Sep 17 00:00:00 2001
From: Omar Sandoval <osandov(a)fb.com>
Date: Fri, 19 Sep 2025 14:27:51 -0700
Subject: [PATCH] arm64: map [_text, _stext) virtual address range
non-executable+read-only
Since the referenced fixes commit, the kernel's .text section is only
mapped starting from _stext; the region [_text, _stext) is omitted. As a
result, other vmalloc/vmap allocations may use the virtual addresses
nominally in the range [_text, _stext). This address reuse confuses
multiple things:
1. crash_prepare_elf64_headers() sets up a segment in /proc/vmcore
mapping the entire range [_text, _end) to
[__pa_symbol(_text), __pa_symbol(_end)). Reading an address in
[_text, _stext) from /proc/vmcore therefore gives the incorrect
result.
2. Tools doing symbolization (either by reading /proc/kallsyms or based
on the vmlinux ELF file) will incorrectly identify vmalloc/vmap
allocations in [_text, _stext) as kernel symbols.
In practice, both of these issues affect the drgn debugger.
Specifically, there were cases where the vmap IRQ stacks for some CPUs
were allocated in [_text, _stext). As a result, drgn could not get the
stack trace for a crash in an IRQ handler because the core dump
contained invalid data for the IRQ stack address. The stack addresses
were also symbolized as being in the _text symbol.
Fix this by bringing back the mapping of [_text, _stext), but now make
it non-executable and read-only. This prevents other allocations from
using it while still achieving the original goal of not mapping
unpredictable data as executable. Other than the changed protection,
this is effectively a revert of the fixes commit.
Fixes: e2a073dde921 ("arm64: omit [_text, _stext) from permanent kernel mapping")
Cc: stable(a)vger.kernel.org
Signed-off-by: Omar Sandoval <osandov(a)fb.com>
Signed-off-by: Will Deacon <will(a)kernel.org>
diff --git a/arch/arm64/kernel/pi/map_kernel.c b/arch/arm64/kernel/pi/map_kernel.c
index e6d35eff1486..e8ddbde31a83 100644
--- a/arch/arm64/kernel/pi/map_kernel.c
+++ b/arch/arm64/kernel/pi/map_kernel.c
@@ -78,6 +78,12 @@ static void __init map_kernel(u64 kaslr_offset, u64 va_offset, int root_level)
twopass |= enable_scs;
prot = twopass ? data_prot : text_prot;
+ /*
+ * [_stext, _text) isn't executed after boot and contains some
+ * non-executable, unpredictable data, so map it non-executable.
+ */
+ map_segment(init_pg_dir, &pgdp, va_offset, _text, _stext, data_prot,
+ false, root_level);
map_segment(init_pg_dir, &pgdp, va_offset, _stext, _etext, prot,
!twopass, root_level);
map_segment(init_pg_dir, &pgdp, va_offset, __start_rodata,
diff --git a/arch/arm64/kernel/setup.c b/arch/arm64/kernel/setup.c
index 77c7926a4df6..23c05dc7a8f2 100644
--- a/arch/arm64/kernel/setup.c
+++ b/arch/arm64/kernel/setup.c
@@ -214,7 +214,7 @@ static void __init request_standard_resources(void)
unsigned long i = 0;
size_t res_size;
- kernel_code.start = __pa_symbol(_stext);
+ kernel_code.start = __pa_symbol(_text);
kernel_code.end = __pa_symbol(__init_begin - 1);
kernel_data.start = __pa_symbol(_sdata);
kernel_data.end = __pa_symbol(_end - 1);
@@ -280,7 +280,7 @@ u64 cpu_logical_map(unsigned int cpu)
void __init __no_sanitize_address setup_arch(char **cmdline_p)
{
- setup_initial_init_mm(_stext, _etext, _edata, _end);
+ setup_initial_init_mm(_text, _etext, _edata, _end);
*cmdline_p = boot_command_line;
diff --git a/arch/arm64/mm/init.c b/arch/arm64/mm/init.c
index 70c2ca813c18..524d34a0e921 100644
--- a/arch/arm64/mm/init.c
+++ b/arch/arm64/mm/init.c
@@ -279,7 +279,7 @@ void __init arm64_memblock_init(void)
* Register the kernel text, kernel data, initrd, and initial
* pagetables with memblock.
*/
- memblock_reserve(__pa_symbol(_stext), _end - _stext);
+ memblock_reserve(__pa_symbol(_text), _end - _text);
if (IS_ENABLED(CONFIG_BLK_DEV_INITRD) && phys_initrd_size) {
/* the generic initrd code expects virtual addresses */
initrd_start = __phys_to_virt(phys_initrd_start);
diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
index 0ba1a15e7e74..10c258099581 100644
--- a/arch/arm64/mm/mmu.c
+++ b/arch/arm64/mm/mmu.c
@@ -965,8 +965,8 @@ void __init mark_linear_text_alias_ro(void)
/*
* Remove the write permissions from the linear alias of .text/.rodata
*/
- update_mapping_prot(__pa_symbol(_stext), (unsigned long)lm_alias(_stext),
- (unsigned long)__init_begin - (unsigned long)_stext,
+ update_mapping_prot(__pa_symbol(_text), (unsigned long)lm_alias(_text),
+ (unsigned long)__init_begin - (unsigned long)_text,
PAGE_KERNEL_RO);
}
@@ -1037,7 +1037,7 @@ static inline bool force_pte_mapping(void)
static void __init map_mem(pgd_t *pgdp)
{
static const u64 direct_map_end = _PAGE_END(VA_BITS_MIN);
- phys_addr_t kernel_start = __pa_symbol(_stext);
+ phys_addr_t kernel_start = __pa_symbol(_text);
phys_addr_t kernel_end = __pa_symbol(__init_begin);
phys_addr_t start, end;
phys_addr_t early_kfence_pool;
@@ -1086,7 +1086,7 @@ static void __init map_mem(pgd_t *pgdp)
}
/*
- * Map the linear alias of the [_stext, __init_begin) interval
+ * Map the linear alias of the [_text, __init_begin) interval
* as non-executable now, and remove the write permission in
* mark_linear_text_alias_ro() below (which will be called after
* alternative patching has completed). This makes the contents
@@ -1113,6 +1113,10 @@ void mark_rodata_ro(void)
WRITE_ONCE(rodata_is_rw, false);
update_mapping_prot(__pa_symbol(__start_rodata), (unsigned long)__start_rodata,
section_size, PAGE_KERNEL_RO);
+ /* mark the range between _text and _stext as read only. */
+ update_mapping_prot(__pa_symbol(_text), (unsigned long)_text,
+ (unsigned long)_stext - (unsigned long)_text,
+ PAGE_KERNEL_RO);
}
static void __init declare_vma(struct vm_struct *vma,
@@ -1183,7 +1187,7 @@ static void __init declare_kernel_vmas(void)
{
static struct vm_struct vmlinux_seg[KERNEL_SEGMENT_COUNT];
- declare_vma(&vmlinux_seg[0], _stext, _etext, VM_NO_GUARD);
+ declare_vma(&vmlinux_seg[0], _text, _etext, VM_NO_GUARD);
declare_vma(&vmlinux_seg[1], __start_rodata, __inittext_begin, VM_NO_GUARD);
declare_vma(&vmlinux_seg[2], __inittext_begin, __inittext_end, VM_NO_GUARD);
declare_vma(&vmlinux_seg[3], __initdata_begin, __initdata_end, VM_NO_GUARD);
3 weeks, 1 day
- 1
- 0
FAILED: patch "[PATCH] arm64: map [_text, _stext) virtual address range" failed to apply to 6.6-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.6-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y
git checkout FETCH_HEAD
git cherry-pick -x 5973a62efa34c80c9a4e5eac1fca6f6209b902af
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101548-stiffly-eagle-d9a5@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 5973a62efa34c80c9a4e5eac1fca6f6209b902af Mon Sep 17 00:00:00 2001
From: Omar Sandoval <osandov(a)fb.com>
Date: Fri, 19 Sep 2025 14:27:51 -0700
Subject: [PATCH] arm64: map [_text, _stext) virtual address range
non-executable+read-only
Since the referenced fixes commit, the kernel's .text section is only
mapped starting from _stext; the region [_text, _stext) is omitted. As a
result, other vmalloc/vmap allocations may use the virtual addresses
nominally in the range [_text, _stext). This address reuse confuses
multiple things:
1. crash_prepare_elf64_headers() sets up a segment in /proc/vmcore
mapping the entire range [_text, _end) to
[__pa_symbol(_text), __pa_symbol(_end)). Reading an address in
[_text, _stext) from /proc/vmcore therefore gives the incorrect
result.
2. Tools doing symbolization (either by reading /proc/kallsyms or based
on the vmlinux ELF file) will incorrectly identify vmalloc/vmap
allocations in [_text, _stext) as kernel symbols.
In practice, both of these issues affect the drgn debugger.
Specifically, there were cases where the vmap IRQ stacks for some CPUs
were allocated in [_text, _stext). As a result, drgn could not get the
stack trace for a crash in an IRQ handler because the core dump
contained invalid data for the IRQ stack address. The stack addresses
were also symbolized as being in the _text symbol.
Fix this by bringing back the mapping of [_text, _stext), but now make
it non-executable and read-only. This prevents other allocations from
using it while still achieving the original goal of not mapping
unpredictable data as executable. Other than the changed protection,
this is effectively a revert of the fixes commit.
Fixes: e2a073dde921 ("arm64: omit [_text, _stext) from permanent kernel mapping")
Cc: stable(a)vger.kernel.org
Signed-off-by: Omar Sandoval <osandov(a)fb.com>
Signed-off-by: Will Deacon <will(a)kernel.org>
diff --git a/arch/arm64/kernel/pi/map_kernel.c b/arch/arm64/kernel/pi/map_kernel.c
index e6d35eff1486..e8ddbde31a83 100644
--- a/arch/arm64/kernel/pi/map_kernel.c
+++ b/arch/arm64/kernel/pi/map_kernel.c
@@ -78,6 +78,12 @@ static void __init map_kernel(u64 kaslr_offset, u64 va_offset, int root_level)
twopass |= enable_scs;
prot = twopass ? data_prot : text_prot;
+ /*
+ * [_stext, _text) isn't executed after boot and contains some
+ * non-executable, unpredictable data, so map it non-executable.
+ */
+ map_segment(init_pg_dir, &pgdp, va_offset, _text, _stext, data_prot,
+ false, root_level);
map_segment(init_pg_dir, &pgdp, va_offset, _stext, _etext, prot,
!twopass, root_level);
map_segment(init_pg_dir, &pgdp, va_offset, __start_rodata,
diff --git a/arch/arm64/kernel/setup.c b/arch/arm64/kernel/setup.c
index 77c7926a4df6..23c05dc7a8f2 100644
--- a/arch/arm64/kernel/setup.c
+++ b/arch/arm64/kernel/setup.c
@@ -214,7 +214,7 @@ static void __init request_standard_resources(void)
unsigned long i = 0;
size_t res_size;
- kernel_code.start = __pa_symbol(_stext);
+ kernel_code.start = __pa_symbol(_text);
kernel_code.end = __pa_symbol(__init_begin - 1);
kernel_data.start = __pa_symbol(_sdata);
kernel_data.end = __pa_symbol(_end - 1);
@@ -280,7 +280,7 @@ u64 cpu_logical_map(unsigned int cpu)
void __init __no_sanitize_address setup_arch(char **cmdline_p)
{
- setup_initial_init_mm(_stext, _etext, _edata, _end);
+ setup_initial_init_mm(_text, _etext, _edata, _end);
*cmdline_p = boot_command_line;
diff --git a/arch/arm64/mm/init.c b/arch/arm64/mm/init.c
index 70c2ca813c18..524d34a0e921 100644
--- a/arch/arm64/mm/init.c
+++ b/arch/arm64/mm/init.c
@@ -279,7 +279,7 @@ void __init arm64_memblock_init(void)
* Register the kernel text, kernel data, initrd, and initial
* pagetables with memblock.
*/
- memblock_reserve(__pa_symbol(_stext), _end - _stext);
+ memblock_reserve(__pa_symbol(_text), _end - _text);
if (IS_ENABLED(CONFIG_BLK_DEV_INITRD) && phys_initrd_size) {
/* the generic initrd code expects virtual addresses */
initrd_start = __phys_to_virt(phys_initrd_start);
diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
index 0ba1a15e7e74..10c258099581 100644
--- a/arch/arm64/mm/mmu.c
+++ b/arch/arm64/mm/mmu.c
@@ -965,8 +965,8 @@ void __init mark_linear_text_alias_ro(void)
/*
* Remove the write permissions from the linear alias of .text/.rodata
*/
- update_mapping_prot(__pa_symbol(_stext), (unsigned long)lm_alias(_stext),
- (unsigned long)__init_begin - (unsigned long)_stext,
+ update_mapping_prot(__pa_symbol(_text), (unsigned long)lm_alias(_text),
+ (unsigned long)__init_begin - (unsigned long)_text,
PAGE_KERNEL_RO);
}
@@ -1037,7 +1037,7 @@ static inline bool force_pte_mapping(void)
static void __init map_mem(pgd_t *pgdp)
{
static const u64 direct_map_end = _PAGE_END(VA_BITS_MIN);
- phys_addr_t kernel_start = __pa_symbol(_stext);
+ phys_addr_t kernel_start = __pa_symbol(_text);
phys_addr_t kernel_end = __pa_symbol(__init_begin);
phys_addr_t start, end;
phys_addr_t early_kfence_pool;
@@ -1086,7 +1086,7 @@ static void __init map_mem(pgd_t *pgdp)
}
/*
- * Map the linear alias of the [_stext, __init_begin) interval
+ * Map the linear alias of the [_text, __init_begin) interval
* as non-executable now, and remove the write permission in
* mark_linear_text_alias_ro() below (which will be called after
* alternative patching has completed). This makes the contents
@@ -1113,6 +1113,10 @@ void mark_rodata_ro(void)
WRITE_ONCE(rodata_is_rw, false);
update_mapping_prot(__pa_symbol(__start_rodata), (unsigned long)__start_rodata,
section_size, PAGE_KERNEL_RO);
+ /* mark the range between _text and _stext as read only. */
+ update_mapping_prot(__pa_symbol(_text), (unsigned long)_text,
+ (unsigned long)_stext - (unsigned long)_text,
+ PAGE_KERNEL_RO);
}
static void __init declare_vma(struct vm_struct *vma,
@@ -1183,7 +1187,7 @@ static void __init declare_kernel_vmas(void)
{
static struct vm_struct vmlinux_seg[KERNEL_SEGMENT_COUNT];
- declare_vma(&vmlinux_seg[0], _stext, _etext, VM_NO_GUARD);
+ declare_vma(&vmlinux_seg[0], _text, _etext, VM_NO_GUARD);
declare_vma(&vmlinux_seg[1], __start_rodata, __inittext_begin, VM_NO_GUARD);
declare_vma(&vmlinux_seg[2], __inittext_begin, __inittext_end, VM_NO_GUARD);
declare_vma(&vmlinux_seg[3], __initdata_begin, __initdata_end, VM_NO_GUARD);
3 weeks, 1 day
- 1
- 0
FAILED: patch "[PATCH] debugfs: fix mount options not being applied" failed to apply to 6.12-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.12-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y
git checkout FETCH_HEAD
git cherry-pick -x 8e7e265d558e0257d6dacc78ec64aff4ba75f61e
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101502-elf-bootie-19bf@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 8e7e265d558e0257d6dacc78ec64aff4ba75f61e Mon Sep 17 00:00:00 2001
From: Charalampos Mitrodimas <charmitro(a)posteo.net>
Date: Sat, 16 Aug 2025 14:14:37 +0000
Subject: [PATCH] debugfs: fix mount options not being applied
Mount options (uid, gid, mode) are silently ignored when debugfs is
mounted. This is a regression introduced during the conversion to the
new mount API.
When the mount API conversion was done, the parsed options were never
applied to the superblock when it was reused. As a result, the mount
options were ignored when debugfs was mounted.
Fix this by following the same pattern as the tracefs fix in commit
e4d32142d1de ("tracing: Fix tracefs mount options"). Call
debugfs_reconfigure() in debugfs_get_tree() to apply the mount options
to the superblock after it has been created or reused.
As an example, with the bug the "mode" mount option is ignored:
$ mount -o mode=0666 -t debugfs debugfs /tmp/debugfs_test
$ mount | grep debugfs_test
debugfs on /tmp/debugfs_test type debugfs (rw,relatime)
$ ls -ld /tmp/debugfs_test
drwx------ 25 root root 0 Aug 4 14:16 /tmp/debugfs_test
With the fix applied, it works as expected:
$ mount -o mode=0666 -t debugfs debugfs /tmp/debugfs_test
$ mount | grep debugfs_test
debugfs on /tmp/debugfs_test type debugfs (rw,relatime,mode=666)
$ ls -ld /tmp/debugfs_test
drw-rw-rw- 37 root root 0 Aug 2 17:28 /tmp/debugfs_test
Fixes: a20971c18752 ("vfs: Convert debugfs to use the new mount API")
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220406
Cc: stable(a)vger.kernel.org
Reviewed-by: Eric Sandeen <sandeen(a)redhat.com>
Signed-off-by: Charalampos Mitrodimas <charmitro(a)posteo.net>
Link: https://lore.kernel.org/20250816-debugfs-mount-opts-v3-1-d271dad57b5b@poste…
Signed-off-by: Christian Brauner <brauner(a)kernel.org>
diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c
index a0357b0cf362..c12d649df6a5 100644
--- a/fs/debugfs/inode.c
+++ b/fs/debugfs/inode.c
@@ -183,6 +183,9 @@ static int debugfs_reconfigure(struct fs_context *fc)
struct debugfs_fs_info *sb_opts = sb->s_fs_info;
struct debugfs_fs_info *new_opts = fc->s_fs_info;
+ if (!new_opts)
+ return 0;
+
sync_filesystem(sb);
/* structure copy of new mount options to sb */
@@ -282,10 +285,16 @@ static int debugfs_fill_super(struct super_block *sb, struct fs_context *fc)
static int debugfs_get_tree(struct fs_context *fc)
{
+ int err;
+
if (!(debugfs_allow & DEBUGFS_ALLOW_API))
return -EPERM;
- return get_tree_single(fc, debugfs_fill_super);
+ err = get_tree_single(fc, debugfs_fill_super);
+ if (err)
+ return err;
+
+ return debugfs_reconfigure(fc);
}
static void debugfs_free_fc(struct fs_context *fc)
3 weeks, 1 day
- 1
- 0
FAILED: patch "[PATCH] debugfs: fix mount options not being applied" failed to apply to 6.17-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.17-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.17.y
git checkout FETCH_HEAD
git cherry-pick -x 8e7e265d558e0257d6dacc78ec64aff4ba75f61e
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101559-usher-corroding-5b5a@gregkh' --subject-prefix 'PATCH 6.17.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 8e7e265d558e0257d6dacc78ec64aff4ba75f61e Mon Sep 17 00:00:00 2001
From: Charalampos Mitrodimas <charmitro(a)posteo.net>
Date: Sat, 16 Aug 2025 14:14:37 +0000
Subject: [PATCH] debugfs: fix mount options not being applied
Mount options (uid, gid, mode) are silently ignored when debugfs is
mounted. This is a regression introduced during the conversion to the
new mount API.
When the mount API conversion was done, the parsed options were never
applied to the superblock when it was reused. As a result, the mount
options were ignored when debugfs was mounted.
Fix this by following the same pattern as the tracefs fix in commit
e4d32142d1de ("tracing: Fix tracefs mount options"). Call
debugfs_reconfigure() in debugfs_get_tree() to apply the mount options
to the superblock after it has been created or reused.
As an example, with the bug the "mode" mount option is ignored:
$ mount -o mode=0666 -t debugfs debugfs /tmp/debugfs_test
$ mount | grep debugfs_test
debugfs on /tmp/debugfs_test type debugfs (rw,relatime)
$ ls -ld /tmp/debugfs_test
drwx------ 25 root root 0 Aug 4 14:16 /tmp/debugfs_test
With the fix applied, it works as expected:
$ mount -o mode=0666 -t debugfs debugfs /tmp/debugfs_test
$ mount | grep debugfs_test
debugfs on /tmp/debugfs_test type debugfs (rw,relatime,mode=666)
$ ls -ld /tmp/debugfs_test
drw-rw-rw- 37 root root 0 Aug 2 17:28 /tmp/debugfs_test
Fixes: a20971c18752 ("vfs: Convert debugfs to use the new mount API")
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220406
Cc: stable(a)vger.kernel.org
Reviewed-by: Eric Sandeen <sandeen(a)redhat.com>
Signed-off-by: Charalampos Mitrodimas <charmitro(a)posteo.net>
Link: https://lore.kernel.org/20250816-debugfs-mount-opts-v3-1-d271dad57b5b@poste…
Signed-off-by: Christian Brauner <brauner(a)kernel.org>
diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c
index a0357b0cf362..c12d649df6a5 100644
--- a/fs/debugfs/inode.c
+++ b/fs/debugfs/inode.c
@@ -183,6 +183,9 @@ static int debugfs_reconfigure(struct fs_context *fc)
struct debugfs_fs_info *sb_opts = sb->s_fs_info;
struct debugfs_fs_info *new_opts = fc->s_fs_info;
+ if (!new_opts)
+ return 0;
+
sync_filesystem(sb);
/* structure copy of new mount options to sb */
@@ -282,10 +285,16 @@ static int debugfs_fill_super(struct super_block *sb, struct fs_context *fc)
static int debugfs_get_tree(struct fs_context *fc)
{
+ int err;
+
if (!(debugfs_allow & DEBUGFS_ALLOW_API))
return -EPERM;
- return get_tree_single(fc, debugfs_fill_super);
+ err = get_tree_single(fc, debugfs_fill_super);
+ if (err)
+ return err;
+
+ return debugfs_reconfigure(fc);
}
static void debugfs_free_fc(struct fs_context *fc)
3 weeks, 1 day
- 1
- 0
FAILED: patch "[PATCH] fscontext: do not consume log entries when returning" failed to apply to 5.4-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.4-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y
git checkout FETCH_HEAD
git cherry-pick -x 72d271a7baa7062cb27e774ac37c5459c6d20e22
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101537-visor-thank-7800@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 72d271a7baa7062cb27e774ac37c5459c6d20e22 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <cyphar(a)cyphar.com>
Date: Thu, 7 Aug 2025 03:55:23 +1000
Subject: [PATCH] fscontext: do not consume log entries when returning
-EMSGSIZE
Userspace generally expects APIs that return -EMSGSIZE to allow for them
to adjust their buffer size and retry the operation. However, the
fscontext log would previously clear the message even in the -EMSGSIZE
case.
Given that it is very cheap for us to check whether the buffer is too
small before we remove the message from the ring buffer, let's just do
that instead. While we're at it, refactor some fscontext_read() into a
separate helper to make the ring buffer logic a bit easier to read.
Fixes: 007ec26cdc9f ("vfs: Implement logging through fs_context")
Cc: David Howells <dhowells(a)redhat.com>
Cc: stable(a)vger.kernel.org # v5.2+
Signed-off-by: Aleksa Sarai <cyphar(a)cyphar.com>
Link: https://lore.kernel.org/20250807-fscontext-log-cleanups-v3-1-8d91d6242dc3@c…
Signed-off-by: Christian Brauner <brauner(a)kernel.org>
diff --git a/fs/fsopen.c b/fs/fsopen.c
index 1aaf4cb2afb2..f645c99204eb 100644
--- a/fs/fsopen.c
+++ b/fs/fsopen.c
@@ -18,50 +18,56 @@
#include "internal.h"
#include "mount.h"
+static inline const char *fetch_message_locked(struct fc_log *log, size_t len,
+ bool *need_free)
+{
+ const char *p;
+ int index;
+
+ if (unlikely(log->head == log->tail))
+ return ERR_PTR(-ENODATA);
+
+ index = log->tail & (ARRAY_SIZE(log->buffer) - 1);
+ p = log->buffer[index];
+ if (unlikely(strlen(p) > len))
+ return ERR_PTR(-EMSGSIZE);
+
+ log->buffer[index] = NULL;
+ *need_free = log->need_free & (1 << index);
+ log->need_free &= ~(1 << index);
+ log->tail++;
+
+ return p;
+}
+
/*
* Allow the user to read back any error, warning or informational messages.
+ * Only one message is returned for each read(2) call.
*/
static ssize_t fscontext_read(struct file *file,
char __user *_buf, size_t len, loff_t *pos)
{
struct fs_context *fc = file->private_data;
- struct fc_log *log = fc->log.log;
- unsigned int logsize = ARRAY_SIZE(log->buffer);
- ssize_t ret;
- char *p;
+ ssize_t err;
+ const char *p __free(kfree) = NULL, *message;
bool need_free;
- int index, n;
+ int n;
- ret = mutex_lock_interruptible(&fc->uapi_mutex);
- if (ret < 0)
- return ret;
-
- if (log->head == log->tail) {
- mutex_unlock(&fc->uapi_mutex);
- return -ENODATA;
- }
-
- index = log->tail & (logsize - 1);
- p = log->buffer[index];
- need_free = log->need_free & (1 << index);
- log->buffer[index] = NULL;
- log->need_free &= ~(1 << index);
- log->tail++;
+ err = mutex_lock_interruptible(&fc->uapi_mutex);
+ if (err < 0)
+ return err;
+ message = fetch_message_locked(fc->log.log, len, &need_free);
mutex_unlock(&fc->uapi_mutex);
+ if (IS_ERR(message))
+ return PTR_ERR(message);
- ret = -EMSGSIZE;
- n = strlen(p);
- if (n > len)
- goto err_free;
- ret = -EFAULT;
- if (copy_to_user(_buf, p, n) != 0)
- goto err_free;
- ret = n;
-
-err_free:
if (need_free)
- kfree(p);
- return ret;
+ p = message;
+
+ n = strlen(message);
+ if (copy_to_user(_buf, message, n))
+ return -EFAULT;
+ return n;
}
static int fscontext_release(struct inode *inode, struct file *file)
3 weeks, 1 day
- 1
- 0
Linux 6.17.3
by Greg Kroah-Hartman
I'm announcing the release of the 6.17.3 kernel.
All users of the 6.17 kernel series must upgrade.
The updated 6.17.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.17.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/devicetree/bindings/vendor-prefixes.yaml | 50 +
Documentation/iio/ad3552r.rst | 3
Documentation/trace/histogram-design.rst | 4
Makefile | 2
arch/alpha/kernel/process.c | 2
arch/arc/kernel/process.c | 2
arch/arm/boot/dts/renesas/r8a7791-porter.dts | 2
arch/arm/boot/dts/st/stm32mp151c-plyaqm.dts | 2
arch/arm/boot/dts/ti/omap/am335x-baltos.dtsi | 2
arch/arm/boot/dts/ti/omap/am335x-cm-t335.dts | 2
arch/arm/boot/dts/ti/omap/omap3-devkit8000-lcd-common.dtsi | 2
arch/arm/kernel/process.c | 2
arch/arm/mach-at91/pm_suspend.S | 4
arch/arm64/boot/dts/allwinner/sun55i-a527-cubie-a5e.dts | 25
arch/arm64/boot/dts/allwinner/sun55i-t527-avaota-a1.dts | 11
arch/arm64/boot/dts/allwinner/sun55i-t527-orangepi-4a.dts | 8
arch/arm64/boot/dts/amlogic/amlogic-c3.dtsi | 2
arch/arm64/boot/dts/apple/t6000-j314s.dts | 8
arch/arm64/boot/dts/apple/t6000-j316s.dts | 8
arch/arm64/boot/dts/apple/t6001-j314c.dts | 8
arch/arm64/boot/dts/apple/t6001-j316c.dts | 8
arch/arm64/boot/dts/apple/t6001-j375c.dts | 8
arch/arm64/boot/dts/apple/t6002-j375d.dts | 8
arch/arm64/boot/dts/apple/t600x-j314-j316.dtsi | 10
arch/arm64/boot/dts/apple/t600x-j375.dtsi | 11
arch/arm64/boot/dts/apple/t8103-j457.dts | 12
arch/arm64/boot/dts/freescale/imx93-kontron-bl-osm-s.dts | 32 -
arch/arm64/boot/dts/freescale/imx95.dtsi | 4
arch/arm64/boot/dts/mediatek/mt6331.dtsi | 10
arch/arm64/boot/dts/mediatek/mt6795-sony-xperia-m5.dts | 2
arch/arm64/boot/dts/mediatek/mt7986a.dtsi | 12
arch/arm64/boot/dts/mediatek/mt8183-kukui.dtsi | 14
arch/arm64/boot/dts/mediatek/mt8183-pumpkin.dts | 14
arch/arm64/boot/dts/mediatek/mt8186-corsola-krabby.dtsi | 8
arch/arm64/boot/dts/mediatek/mt8186-corsola-tentacruel-sku262144.dts | 4
arch/arm64/boot/dts/mediatek/mt8188.dtsi | 2
arch/arm64/boot/dts/mediatek/mt8195.dtsi | 3
arch/arm64/boot/dts/mediatek/mt8395-kontron-3-5-sbc-i1200.dts | 16
arch/arm64/boot/dts/mediatek/mt8516-pumpkin.dts | 2
arch/arm64/boot/dts/qcom/qcm2290.dtsi | 1
arch/arm64/boot/dts/renesas/r8a779g3-sparrow-hawk.dts | 6
arch/arm64/boot/dts/renesas/r9a09g047e57-smarc.dts | 6
arch/arm64/boot/dts/renesas/rzg2lc-smarc.dtsi | 5
arch/arm64/boot/dts/rockchip/rk3576-evb1-v10.dts | 118 +++-
arch/arm64/boot/dts/ti/k3-am62-phycore-som.dtsi | 10
arch/arm64/boot/dts/ti/k3-am62-pocketbeagle2.dts | 6
arch/arm64/boot/dts/ti/k3-am62-verdin.dtsi | 2
arch/arm64/boot/dts/ti/k3-am625-beagleplay.dts | 2
arch/arm64/boot/dts/ti/k3-am62a-phycore-som.dtsi | 12
arch/arm64/boot/dts/ti/k3-am62a7-sk.dts | 12
arch/arm64/boot/dts/ti/k3-am62d2-evm.dts | 14
arch/arm64/boot/dts/ti/k3-am62p-verdin.dtsi | 2
arch/arm64/boot/dts/ti/k3-am62p5-sk.dts | 8
arch/arm64/boot/dts/ti/k3-am62x-sk-common.dtsi | 8
arch/arm64/boot/dts/ti/k3-am64-phycore-som.dtsi | 22
arch/arm64/boot/dts/ti/k3-am642-evm.dts | 22
arch/arm64/boot/dts/ti/k3-am642-sk.dts | 22
arch/arm64/boot/dts/ti/k3-am642-sr-som.dtsi | 16
arch/arm64/boot/dts/ti/k3-am642-tqma64xxl.dtsi | 18
arch/arm64/boot/dts/ti/k3-am65-iot2050-common.dtsi | 10
arch/arm64/boot/dts/ti/k3-am654-base-board.dts | 10
arch/arm64/boot/dts/ti/k3-am67a-beagley-ai.dts | 22
arch/arm64/boot/dts/ti/k3-am68-phycore-som.dtsi | 34 -
arch/arm64/boot/dts/ti/k3-am68-sk-som.dtsi | 34 -
arch/arm64/boot/dts/ti/k3-am69-sk.dts | 48 -
arch/arm64/boot/dts/ti/k3-j7200-som-p0.dtsi | 18
arch/arm64/boot/dts/ti/k3-j721e-beagleboneai64.dts | 40 -
arch/arm64/boot/dts/ti/k3-j721e-sk.dts | 40 -
arch/arm64/boot/dts/ti/k3-j721e-som-p0.dtsi | 38 -
arch/arm64/boot/dts/ti/k3-j721s2-som-p0.dtsi | 34 -
arch/arm64/boot/dts/ti/k3-j722s-evm.dts | 22
arch/arm64/boot/dts/ti/k3-j742s2-mcu-wakeup.dtsi | 17
arch/arm64/boot/dts/ti/k3-j742s2.dtsi | 1
arch/arm64/boot/dts/ti/k3-j784s4-evm.dts | 4
arch/arm64/boot/dts/ti/k3-j784s4-j742s2-evm-common.dtsi | 44 -
arch/arm64/boot/dts/ti/k3-pinctrl.h | 4
arch/arm64/kernel/process.c | 2
arch/arm64/net/bpf_jit_comp.c | 3
arch/csky/kernel/process.c | 2
arch/hexagon/kernel/process.c | 2
arch/loongarch/kernel/process.c | 2
arch/loongarch/kernel/relocate.c | 4
arch/loongarch/net/bpf_jit.c | 80 ++
arch/m68k/kernel/process.c | 2
arch/microblaze/kernel/process.c | 2
arch/mips/kernel/process.c | 2
arch/nios2/kernel/process.c | 2
arch/openrisc/kernel/process.c | 2
arch/parisc/kernel/process.c | 2
arch/powerpc/Kconfig | 4
arch/powerpc/Makefile | 2
arch/powerpc/include/asm/book3s/32/pgalloc.h | 10
arch/powerpc/include/asm/nohash/pgalloc.h | 2
arch/powerpc/include/asm/topology.h | 2
arch/powerpc/kernel/head_8xx.S | 9
arch/powerpc/kernel/module_64.c | 2
arch/powerpc/kernel/process.c | 2
arch/powerpc/kernel/smp.c | 27
arch/powerpc/kernel/trace/ftrace.c | 10
arch/riscv/kernel/process.c | 2
arch/riscv/kvm/vmid.c | 3
arch/riscv/net/bpf_jit_comp64.c | 42 +
arch/s390/kernel/process.c | 2
arch/s390/kernel/topology.c | 20
arch/s390/net/bpf_jit_comp.c | 42 +
arch/sh/kernel/process_32.c | 2
arch/sparc/kernel/process_32.c | 2
arch/sparc/kernel/process_64.c | 2
arch/sparc/lib/M7memcpy.S | 20
arch/sparc/lib/Memcpy_utils.S | 9
arch/sparc/lib/NG4memcpy.S | 2
arch/sparc/lib/NGmemcpy.S | 29 -
arch/sparc/lib/U1memcpy.S | 19
arch/sparc/lib/U3memcpy.S | 2
arch/um/kernel/process.c | 2
arch/x86/events/intel/bts.c | 2
arch/x86/events/intel/core.c | 3
arch/x86/include/asm/fpu/sched.h | 2
arch/x86/include/asm/segment.h | 8
arch/x86/include/asm/shstk.h | 4
arch/x86/kernel/fpu/core.c | 2
arch/x86/kernel/process.c | 2
arch/x86/kernel/shstk.c | 2
arch/x86/kernel/smpboot.c | 8
arch/x86/kvm/svm/svm.c | 12
arch/xtensa/kernel/process.c | 2
block/bfq-iosched.c | 22
block/bio.c | 2
block/blk-cgroup.c | 6
block/blk-cgroup.h | 12
block/blk-core.c | 19
block/blk-iolatency.c | 14
block/blk-merge.c | 64 +-
block/blk-mq-sched.c | 14
block/blk-mq-sched.h | 13
block/blk-mq-sysfs.c | 6
block/blk-mq-tag.c | 23
block/blk-mq.c | 84 +--
block/blk-mq.h | 18
block/blk-settings.c | 44 -
block/blk-sysfs.c | 57 +-
block/blk-throttle.c | 15
block/blk-throttle.h | 18
block/blk.h | 45 -
block/elevator.c | 3
block/elevator.h | 2
block/kyber-iosched.c | 19
block/mq-deadline.c | 16
crypto/842.c | 6
crypto/asymmetric_keys/x509_cert_parser.c | 16
crypto/lz4.c | 6
crypto/lz4hc.c | 6
crypto/lzo-rle.c | 6
crypto/lzo.c | 6
drivers/accel/amdxdna/aie2_ctx.c | 6
drivers/acpi/acpica/aclocal.h | 2
drivers/acpi/nfit/core.c | 2
drivers/acpi/processor_idle.c | 3
drivers/base/node.c | 4
drivers/base/power/main.c | 14
drivers/base/regmap/regmap.c | 2
drivers/block/nbd.c | 8
drivers/block/null_blk/main.c | 2
drivers/bluetooth/btintel_pcie.c | 220 ++-----
drivers/bluetooth/btintel_pcie.h | 2
drivers/bus/fsl-mc/fsl-mc-bus.c | 3
drivers/cdx/Kconfig | 1
drivers/cdx/cdx.c | 4
drivers/cdx/controller/Kconfig | 1
drivers/cdx/controller/cdx_controller.c | 3
drivers/char/hw_random/Kconfig | 1
drivers/char/hw_random/ks-sa-rng.c | 4
drivers/char/tpm/Kconfig | 2
drivers/clocksource/timer-tegra186.c | 4
drivers/cpufreq/scmi-cpufreq.c | 10
drivers/cpuidle/cpuidle-qcom-spm.c | 7
drivers/crypto/hisilicon/debugfs.c | 1
drivers/crypto/hisilicon/hpre/hpre_main.c | 66 +-
drivers/crypto/hisilicon/qm.c | 45 +
drivers/crypto/hisilicon/sec2/sec_main.c | 126 +++-
drivers/crypto/hisilicon/zip/zip_main.c | 94 ++-
drivers/crypto/intel/keembay/keembay-ocs-hcu-core.c | 5
drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 2
drivers/crypto/nx/nx-common-powernv.c | 6
drivers/crypto/nx/nx-common-pseries.c | 6
drivers/devfreq/event/rockchip-dfi.c | 7
drivers/devfreq/mtk-cci-devfreq.c | 3
drivers/edac/i10nm_base.c | 14
drivers/firmware/arm_scmi/transports/virtio.c | 3
drivers/firmware/efi/Kconfig | 7
drivers/firmware/meson/Kconfig | 2
drivers/fwctl/mlx5/main.c | 2
drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 20
drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 3
drivers/gpu/drm/amd/amdgpu/amdgpu_ring.h | 13
drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.c | 170 +++++-
drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.h | 11
drivers/gpu/drm/amd/amdgpu/jpeg_v1_0.c | 2
drivers/gpu/drm/amd/amdgpu/jpeg_v4_0_3.c | 2
drivers/gpu/drm/amd/amdgpu/uvd_v3_1.c | 29 -
drivers/gpu/drm/amd/amdgpu/vcn_v2_5.c | 27
drivers/gpu/drm/amd/amdgpu/vcn_v3_0.c | 1
drivers/gpu/drm/amd/amdgpu/vcn_v4_0.c | 2
drivers/gpu/drm/amd/amdgpu/vcn_v4_0_3.c | 4
drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c | 2
drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 2
drivers/gpu/drm/amd/display/dc/core/dc_stream.c | 8
drivers/gpu/drm/amd/display/dc/dml/dcn32/display_rq_dlg_calc_32.c | 1
drivers/gpu/drm/amd/display/dc/hwss/dce110/dce110_hwseq.c | 32 -
drivers/gpu/drm/amd/display/dc/inc/core_types.h | 5
drivers/gpu/drm/amd/display/dc/link/accessories/link_dp_cts.c | 12
drivers/gpu/drm/amd/display/dc/resource/dcn31/dcn31_resource.c | 5
drivers/gpu/drm/amd/display/dc/resource/dcn31/dcn31_resource.h | 3
drivers/gpu/drm/amd/pm/amdgpu_dpm_internal.c | 7
drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c | 92 ++-
drivers/gpu/drm/bridge/Kconfig | 1
drivers/gpu/drm/bridge/cadence/cdns-dsi-core.c | 4
drivers/gpu/drm/display/drm_bridge_connector.c | 4
drivers/gpu/drm/display/drm_dp_helper.c | 4
drivers/gpu/drm/drm_atomic_uapi.c | 23
drivers/gpu/drm/drm_panel.c | 73 ++
drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys_wb.c | 2
drivers/gpu/drm/msm/disp/dpu1/dpu_plane.c | 4
drivers/gpu/drm/msm/disp/mdp4/mdp4_kms.c | 6
drivers/gpu/drm/msm/msm_drv.c | 1
drivers/gpu/drm/msm/msm_gem_vma.c | 31 -
drivers/gpu/drm/msm/msm_kms.c | 5
drivers/gpu/drm/panel/panel-edp.c | 20
drivers/gpu/drm/panel/panel-novatek-nt35560.c | 2
drivers/gpu/drm/radeon/r600_cs.c | 4
drivers/gpu/drm/scheduler/tests/mock_scheduler.c | 2
drivers/gpu/drm/scheduler/tests/sched_tests.h | 7
drivers/gpu/drm/scheduler/tests/tests_basic.c | 4
drivers/gpu/drm/vmwgfx/vmwgfx_fence.c | 2
drivers/hid/hid-ids.h | 2
drivers/hid/hid-quirks.c | 2
drivers/hid/hid-steelseries.c | 108 +--
drivers/hid/hidraw.c | 224 ++++----
drivers/hid/i2c-hid/i2c-hid-core.c | 46 +
drivers/hid/i2c-hid/i2c-hid-of-elan.c | 11
drivers/hwmon/asus-ec-sensors.c | 2
drivers/hwmon/mlxreg-fan.c | 24
drivers/hwtracing/coresight/coresight-catu.c | 31 -
drivers/hwtracing/coresight/coresight-catu.h | 1
drivers/hwtracing/coresight/coresight-core.c | 6
drivers/hwtracing/coresight/coresight-cpu-debug.c | 6
drivers/hwtracing/coresight/coresight-ctcu-core.c | 10
drivers/hwtracing/coresight/coresight-etb10.c | 10
drivers/hwtracing/coresight/coresight-etm3x-core.c | 9
drivers/hwtracing/coresight/coresight-etm4x-core.c | 41 -
drivers/hwtracing/coresight/coresight-etm4x-sysfs.c | 1
drivers/hwtracing/coresight/coresight-etm4x.h | 6
drivers/hwtracing/coresight/coresight-funnel.c | 42 -
drivers/hwtracing/coresight/coresight-replicator.c | 40 -
drivers/hwtracing/coresight/coresight-stm.c | 13
drivers/hwtracing/coresight/coresight-syscfg.c | 2
drivers/hwtracing/coresight/coresight-tmc-core.c | 26
drivers/hwtracing/coresight/coresight-tmc.h | 2
drivers/hwtracing/coresight/coresight-tpda.c | 3
drivers/hwtracing/coresight/coresight-tpiu.c | 14
drivers/hwtracing/coresight/coresight-trbe.c | 12
drivers/hwtracing/coresight/ultrasoc-smb.h | 1
drivers/i2c/busses/i2c-designware-platdrv.c | 5
drivers/i2c/busses/i2c-k1.c | 71 +-
drivers/i2c/busses/i2c-mt65xx.c | 17
drivers/i3c/internals.h | 12
drivers/i3c/master/svc-i3c-master.c | 31 -
drivers/iio/inkern.c | 30 -
drivers/infiniband/core/addr.c | 10
drivers/infiniband/core/cm.c | 4
drivers/infiniband/core/sa_query.c | 6
drivers/infiniband/hw/mlx5/main.c | 67 ++
drivers/infiniband/hw/mlx5/mlx5_ib.h | 5
drivers/infiniband/sw/rxe/rxe_task.c | 8
drivers/infiniband/sw/siw/siw_verbs.c | 25
drivers/input/misc/uinput.c | 1
drivers/input/touchscreen/atmel_mxt_ts.c | 2
drivers/iommu/intel/debugfs.c | 17
drivers/iommu/intel/iommu.h | 3
drivers/iommu/iommu-priv.h | 2
drivers/iommu/iommu.c | 26
drivers/iommu/iommufd/selftest.c | 2
drivers/irqchip/irq-gic-v5-its.c | 24
drivers/irqchip/irq-sg2042-msi.c | 18
drivers/leds/flash/leds-qcom-flash.c | 62 +-
drivers/leds/leds-lp55xx-common.c | 2
drivers/leds/leds-max77705.c | 2
drivers/md/dm-core.h | 1
drivers/md/dm-vdo/indexer/volume-index.c | 4
drivers/md/dm.c | 13
drivers/media/i2c/rj54n1cb0c.c | 9
drivers/media/i2c/vd55g1.c | 2
drivers/media/pci/zoran/zoran.h | 6
drivers/media/pci/zoran/zoran_driver.c | 3
drivers/media/platform/st/sti/delta/delta-mjpeg-dec.c | 20
drivers/mfd/intel_soc_pmic_chtdc_ti.c | 2
drivers/mfd/max77705.c | 38 -
drivers/mfd/rz-mtu3.c | 2
drivers/mfd/vexpress-sysreg.c | 6
drivers/misc/fastrpc.c | 89 ++-
drivers/misc/genwqe/card_ddcb.c | 2
drivers/misc/pci_endpoint_test.c | 2
drivers/mmc/core/block.c | 6
drivers/mmc/host/Kconfig | 1
drivers/mtd/nand/raw/atmel/nand-controller.c | 4
drivers/net/bonding/bond_main.c | 2
drivers/net/bonding/bond_netlink.c | 16
drivers/net/ethernet/amazon/ena/ena_ethtool.c | 5
drivers/net/ethernet/cadence/macb.h | 4
drivers/net/ethernet/cadence/macb_main.c | 134 ++--
drivers/net/ethernet/dlink/dl2k.c | 7
drivers/net/ethernet/freescale/enetc/enetc4_pf.c | 2
drivers/net/ethernet/freescale/enetc/ntmp.c | 15
drivers/net/ethernet/intel/idpf/idpf_txrx.c | 8
drivers/net/ethernet/intel/idpf/idpf_virtchnl.c | 6
drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c | 1
drivers/net/ethernet/marvell/octeontx2/nic/otx2_vf.c | 1
drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 6
drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.h | 12
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 17
drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c | 24
drivers/net/ethernet/mellanox/mlx5/core/pagealloc.c | 7
drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c | 2
drivers/net/phy/as21xxx.c | 7
drivers/net/usb/asix_devices.c | 29 +
drivers/net/usb/rtl8150.c | 2
drivers/net/wireless/ath/ath10k/wmi.c | 39 -
drivers/net/wireless/ath/ath12k/ce.c | 2
drivers/net/wireless/ath/ath12k/debug.h | 1
drivers/net/wireless/ath/ath12k/dp_mon.c | 56 +-
drivers/net/wireless/ath/ath12k/dp_rx.c | 45 +
drivers/net/wireless/ath/ath12k/hal_rx.h | 12
drivers/net/wireless/ath/ath12k/mac.c | 16
drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 2
drivers/net/wireless/broadcom/brcm80211/brcmfmac/chip.c | 4
drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c | 8
drivers/net/wireless/broadcom/brcm80211/include/brcm_hw_ids.h | 1
drivers/net/wireless/intel/iwlwifi/fw/regulatory.h | 1
drivers/net/wireless/marvell/mwifiex/cfg80211.c | 7
drivers/net/wireless/mediatek/mt76/mt7603/soc.c | 2
drivers/net/wireless/mediatek/mt76/mt7915/eeprom.h | 6
drivers/net/wireless/mediatek/mt76/mt7915/mcu.c | 29 -
drivers/net/wireless/mediatek/mt76/mt7996/init.c | 29 -
drivers/net/wireless/mediatek/mt76/mt7996/mac.c | 137 +---
drivers/net/wireless/mediatek/mt76/mt7996/main.c | 106 ++-
drivers/net/wireless/mediatek/mt76/mt7996/mcu.c | 38 -
drivers/net/wireless/mediatek/mt76/mt7996/mcu.h | 3
drivers/net/wireless/mediatek/mt76/mt7996/mt7996.h | 22
drivers/net/wireless/mediatek/mt76/mt7996/pci.c | 2
drivers/net/wireless/realtek/rtw88/led.c | 13
drivers/net/wireless/realtek/rtw89/core.c | 1
drivers/net/wireless/realtek/rtw89/ser.c | 3
drivers/nvme/host/auth.c | 5
drivers/nvme/host/tcp.c | 3
drivers/nvme/target/fc.c | 19
drivers/nvme/target/fcloop.c | 8
drivers/pci/controller/cadence/pci-j721e.c | 2
drivers/pci/controller/dwc/pcie-designware.h | 1
drivers/pci/controller/dwc/pcie-qcom-common.c | 58 +-
drivers/pci/controller/dwc/pcie-qcom-common.h | 2
drivers/pci/controller/dwc/pcie-qcom-ep.c | 6
drivers/pci/controller/dwc/pcie-qcom.c | 8
drivers/pci/controller/dwc/pcie-rcar-gen4.c | 26
drivers/pci/controller/dwc/pcie-tegra194.c | 4
drivers/pci/controller/pci-tegra.c | 2
drivers/pci/controller/pci-xgene-msi.c | 2
drivers/pci/controller/pcie-rcar-host.c | 2
drivers/pci/endpoint/functions/pci-epf-test.c | 31 -
drivers/pci/endpoint/pci-ep-msi.c | 2
drivers/pci/msi/irqdomain.c | 57 ++
drivers/pci/pci-acpi.c | 6
drivers/pci/pcie/aer.c | 3
drivers/pci/pwrctrl/slot.c | 12
drivers/perf/arm_spe_pmu.c | 3
drivers/phy/rockchip/phy-rockchip-naneng-combphy.c | 12
drivers/pinctrl/Kconfig | 2
drivers/pinctrl/meson/pinctrl-meson-gxl.c | 10
drivers/pinctrl/pinctrl-eic7700.c | 2
drivers/pinctrl/pinmux.c | 2
drivers/pinctrl/renesas/pinctrl-rzg2l.c | 2
drivers/pinctrl/renesas/pinctrl.c | 3
drivers/power/supply/cw2015_battery.c | 3
drivers/power/supply/max77705_charger.c | 200 +++----
drivers/pps/kapi.c | 5
drivers/pps/pps.c | 5
drivers/ptp/ptp_private.h | 1
drivers/ptp/ptp_sysfs.c | 2
drivers/pwm/pwm-loongson.c | 2
drivers/pwm/pwm-tiehrpwm.c | 154 ++---
drivers/regulator/scmi-regulator.c | 3
drivers/remoteproc/pru_rproc.c | 3
drivers/remoteproc/qcom_q6v5.c | 3
drivers/remoteproc/qcom_q6v5_mss.c | 11
drivers/remoteproc/qcom_q6v5_pas.c | 6
drivers/rpmsg/qcom_smd.c | 2
drivers/scsi/libsas/sas_expander.c | 5
drivers/scsi/mpt3sas/mpt3sas_transport.c | 8
drivers/scsi/myrs.c | 8
drivers/scsi/pm8001/pm8001_hwi.c | 11
drivers/scsi/pm8001/pm8001_sas.c | 31 -
drivers/scsi/pm8001/pm8001_sas.h | 1
drivers/scsi/pm8001/pm80xx_hwi.c | 10
drivers/scsi/qla2xxx/qla_edif.c | 4
drivers/scsi/qla2xxx/qla_init.c | 4
drivers/scsi/qla2xxx/qla_nvme.c | 2
drivers/soc/mediatek/mtk-svs.c | 23
drivers/soc/qcom/rpmh-rsc.c | 7
drivers/spi/spi.c | 2
drivers/staging/media/ipu7/ipu7.c | 28 -
drivers/tee/tee_shm.c | 8
drivers/thermal/qcom/Kconfig | 3
drivers/thermal/qcom/lmh.c | 2
drivers/thunderbolt/tunnel.c | 5
drivers/tty/n_gsm.c | 25
drivers/tty/serial/max310x.c | 2
drivers/ufs/core/ufs-sysfs.c | 2
drivers/ufs/core/ufshcd.c | 9
drivers/uio/uio_hv_generic.c | 7
drivers/usb/cdns3/cdnsp-pci.c | 5
drivers/usb/gadget/configfs.c | 2
drivers/usb/host/max3421-hcd.c | 2
drivers/usb/host/xhci-ring.c | 11
drivers/usb/misc/Kconfig | 1
drivers/usb/misc/qcom_eud.c | 33 -
drivers/usb/phy/phy-twl6030-usb.c | 3
drivers/usb/typec/tipd/core.c | 24
drivers/usb/usbip/vhci_hcd.c | 22
drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c | 6
drivers/vfio/pci/pds/dirty.c | 2
drivers/vhost/vringh.c | 14
drivers/video/fbdev/simplefb.c | 31 -
drivers/watchdog/intel_oc_wdt.c | 8
drivers/watchdog/mpc8xxx_wdt.c | 2
fs/btrfs/extent_io.c | 9
fs/btrfs/inode.c | 2
fs/cramfs/inode.c | 2
fs/erofs/zdata.c | 4
fs/ext4/ext4.h | 10
fs/ext4/file.c | 2
fs/ext4/inode.c | 2
fs/ext4/mballoc.c | 10
fs/ext4/orphan.c | 6
fs/ext4/super.c | 4
fs/f2fs/compress.c | 25
fs/f2fs/data.c | 11
fs/f2fs/f2fs.h | 4
fs/f2fs/file.c | 49 +
fs/f2fs/gc.c | 16
fs/f2fs/super.c | 10
fs/fuse/file.c | 1
fs/gfs2/file.c | 23
fs/gfs2/glock.c | 115 +---
fs/gfs2/glock.h | 4
fs/gfs2/incore.h | 3
fs/gfs2/lock_dlm.c | 72 +-
fs/gfs2/trace_gfs2.h | 1
fs/hfsplus/dir.c | 2
fs/hfsplus/hfsplus_fs.h | 8
fs/hfsplus/unicode.c | 24
fs/hfsplus/xattr.c | 6
fs/nfs/localio.c | 65 +-
fs/nfs/nfs4proc.c | 2
fs/nfsd/filecache.c | 34 +
fs/nfsd/filecache.h | 4
fs/nfsd/localio.c | 11
fs/nfsd/trace.h | 27
fs/nfsd/vfs.h | 4
fs/notify/fanotify/fanotify_user.c | 3
fs/ntfs3/index.c | 10
fs/ntfs3/run.c | 12
fs/ocfs2/stack_user.c | 1
fs/smb/client/smb2ops.c | 17
fs/smb/client/smbdirect.c | 110 +++
fs/smb/client/smbdirect.h | 4
fs/smb/server/ksmbd_netlink.h | 5
fs/smb/server/mgmt/user_session.c | 26
fs/smb/server/server.h | 1
fs/smb/server/smb2pdu.c | 3
fs/smb/server/transport_ipc.c | 3
fs/smb/server/transport_rdma.c | 99 +++
fs/smb/server/transport_tcp.c | 27
fs/squashfs/inode.c | 7
fs/squashfs/squashfs_fs_i.h | 2
fs/udf/inode.c | 3
include/acpi/actbl.h | 2
include/asm-generic/vmlinux.lds.h | 1
include/crypto/internal/scompress.h | 11
include/drm/drm_panel.h | 14
include/linux/blk_types.h | 7
include/linux/blkdev.h | 2
include/linux/bpf.h | 1
include/linux/bpf_verifier.h | 12
include/linux/btf.h | 2
include/linux/coresight.h | 27
include/linux/dmaengine.h | 2
include/linux/hid.h | 2
include/linux/irq.h | 2
include/linux/memcontrol.h | 6
include/linux/mm.h | 2
include/linux/mmc/sdio_ids.h | 2
include/linux/msi.h | 2
include/linux/nfslocalio.h | 2
include/linux/once.h | 4
include/linux/phy.h | 23
include/linux/power/max77705_charger.h | 102 +--
include/linux/sched/topology.h | 28 -
include/linux/topology.h | 2
include/net/bonding.h | 1
include/net/dst.h | 16
include/net/ip.h | 30 +
include/net/ip6_route.h | 2
include/net/route.h | 2
include/scsi/libsas.h | 8
include/trace/events/filelock.h | 3
include/trace/misc/fs.h | 22
include/uapi/linux/hidraw.h | 2
include/ufs/ufshcd.h | 3
include/vdso/gettime.h | 1
init/Kconfig | 3
io_uring/waitid.c | 3
io_uring/zcrx.c | 4
kernel/bpf/core.c | 5
kernel/bpf/helpers.c | 3
kernel/bpf/verifier.c | 28 -
kernel/cgroup/cpuset.c | 2
kernel/events/uprobes.c | 2
kernel/irq/Kconfig | 2
kernel/irq/chip.c | 37 +
kernel/irq/irq_test.c | 18
kernel/pid.c | 2
kernel/rcu/srcutiny.c | 4
kernel/sched/topology.c | 28 -
kernel/seccomp.c | 12
kernel/smp.c | 11
kernel/time/clockevents.c | 2
kernel/time/tick-common.c | 16
kernel/time/tick-internal.h | 2
kernel/trace/bpf_trace.c | 9
kernel/trace/trace.c | 278 ++++++++--
kernel/trace/trace_events.c | 3
kernel/trace/trace_fprobe.c | 10
kernel/trace/trace_irqsoff.c | 23
kernel/trace/trace_kprobe.c | 11
kernel/trace/trace_probe.h | 9
kernel/trace/trace_sched_wakeup.c | 16
kernel/trace/trace_uprobe.c | 12
lib/raid6/recov_rvv.c | 2
lib/raid6/rvv.c | 3
lib/vdso/datastore.c | 6
mm/hugetlb.c | 2
mm/memcontrol.c | 13
mm/slub.c | 5
net/9p/trans_usbg.c | 16
net/bluetooth/hci_sync.c | 10
net/bluetooth/iso.c | 11
net/bluetooth/mgmt.c | 10
net/core/dst.c | 2
net/core/filter.c | 16
net/core/sock.c | 16
net/ethtool/tsconfig.c | 12
net/ipv4/icmp.c | 6
net/ipv4/ip_fragment.c | 6
net/ipv4/ipmr.c | 6
net/ipv4/ping.c | 14
net/ipv4/route.c | 8
net/ipv4/tcp.c | 9
net/ipv4/tcp_input.c | 15
net/ipv4/tcp_metrics.c | 6
net/ipv6/anycast.c | 2
net/ipv6/icmp.c | 9
net/ipv6/ip6_output.c | 64 +-
net/ipv6/mcast.c | 67 +-
net/ipv6/ndisc.c | 2
net/ipv6/output_core.c | 8
net/ipv6/proc.c | 47 +
net/ipv6/route.c | 7
net/mac80211/cfg.c | 21
net/mac80211/main.c | 3
net/mac80211/rx.c | 28 -
net/mac80211/sta_info.c | 10
net/mptcp/ctrl.c | 9
net/mptcp/subflow.c | 11
net/netfilter/ipset/ip_set_hash_gen.h | 8
net/netfilter/ipvs/ip_vs_conn.c | 4
net/netfilter/ipvs/ip_vs_core.c | 11
net/netfilter/ipvs/ip_vs_ctl.c | 6
net/netfilter/ipvs/ip_vs_est.c | 16
net/netfilter/ipvs/ip_vs_ftp.c | 4
net/netfilter/nf_conntrack_standalone.c | 3
net/netfilter/nfnetlink.c | 2
net/nfc/nci/ntf.c | 135 +++-
net/smc/smc_clc.c | 67 +-
net/smc/smc_core.c | 27
net/smc/smc_pnet.c | 43 -
net/sunrpc/auth_gss/svcauth_gss.c | 2
net/tls/tls_device.c | 18
net/wireless/util.c | 2
rust/bindings/bindings_helper.h | 1
rust/kernel/cpumask.rs | 1
scripts/misc-check | 4
security/Kconfig | 1
sound/core/pcm_native.c | 25
sound/hda/codecs/hdmi/hdmi.c | 1
sound/hda/codecs/realtek/alc269.c | 1
sound/pci/lx6464es/lx_core.c | 4
sound/soc/codecs/wcd934x.c | 17
sound/soc/codecs/wcd937x.c | 4
sound/soc/codecs/wcd937x.h | 6
sound/soc/intel/boards/bytcht_es8316.c | 20
sound/soc/intel/boards/bytcr_rt5640.c | 7
sound/soc/intel/boards/bytcr_rt5651.c | 26
sound/soc/intel/boards/sof_sdw.c | 2
sound/soc/qcom/sc8280xp.c | 4
sound/soc/sof/intel/hda-sdw-bpt.c | 2
sound/soc/sof/ipc3-topology.c | 10
sound/soc/sof/ipc4-pcm.c | 101 ++-
sound/soc/sof/ipc4-topology.c | 1
sound/soc/sof/ipc4-topology.h | 2
tools/include/nolibc/nolibc.h | 1
tools/include/nolibc/std.h | 2
tools/include/nolibc/sys.h | 13
tools/include/nolibc/time.h | 5
tools/lib/bpf/libbpf.c | 46 -
tools/lib/bpf/libbpf.h | 2
tools/net/ynl/pyynl/lib/ynl.py | 2
tools/power/acpi/os_specific/service_layers/oslinuxtbl.c | 4
tools/testing/nvdimm/test/ndtest.c | 13
tools/testing/selftests/arm64/abi/tpidr2.c | 8
tools/testing/selftests/arm64/gcs/basic-gcs.c | 2
tools/testing/selftests/arm64/pauth/exec_target.c | 7
tools/testing/selftests/bpf/Makefile | 4
tools/testing/selftests/bpf/bench.c | 2
tools/testing/selftests/bpf/prog_tests/btf_dump.c | 2
tools/testing/selftests/bpf/prog_tests/fd_array.c | 2
tools/testing/selftests/bpf/prog_tests/kprobe_multi_test.c | 220 -------
tools/testing/selftests/bpf/prog_tests/module_attach.c | 2
tools/testing/selftests/bpf/prog_tests/reg_bounds.c | 4
tools/testing/selftests/bpf/prog_tests/stacktrace_build_id.c | 2
tools/testing/selftests/bpf/prog_tests/stacktrace_build_id_nmi.c | 2
tools/testing/selftests/bpf/prog_tests/stacktrace_map.c | 2
tools/testing/selftests/bpf/prog_tests/stacktrace_map_raw_tp.c | 2
tools/testing/selftests/bpf/prog_tests/stacktrace_map_skip.c | 2
tools/testing/selftests/bpf/progs/bpf_cc_cubic.c | 2
tools/testing/selftests/bpf/progs/bpf_dctcp.c | 2
tools/testing/selftests/bpf/progs/freplace_connect_v4_prog.c | 2
tools/testing/selftests/bpf/progs/iters_state_safety.c | 2
tools/testing/selftests/bpf/progs/rbtree_search.c | 2
tools/testing/selftests/bpf/progs/struct_ops_kptr_return.c | 2
tools/testing/selftests/bpf/progs/struct_ops_refcounted.c | 2
tools/testing/selftests/bpf/progs/test_cls_redirect.c | 2
tools/testing/selftests/bpf/progs/test_cls_redirect_dynptr.c | 2
tools/testing/selftests/bpf/progs/test_tcpnotify_kern.c | 1
tools/testing/selftests/bpf/progs/uretprobe_stack.c | 4
tools/testing/selftests/bpf/progs/verifier_scalar_ids.c | 2
tools/testing/selftests/bpf/progs/verifier_var_off.c | 6
tools/testing/selftests/bpf/test_sockmap.c | 2
tools/testing/selftests/bpf/test_tcpnotify_user.c | 20
tools/testing/selftests/bpf/trace_helpers.c | 214 +++++++
tools/testing/selftests/bpf/trace_helpers.h | 3
tools/testing/selftests/bpf/verifier/calls.c | 8
tools/testing/selftests/bpf/xdping.c | 2
tools/testing/selftests/bpf/xsk.h | 4
tools/testing/selftests/bpf/xskxceiver.c | 14
tools/testing/selftests/cgroup/lib/cgroup_util.c | 12
tools/testing/selftests/cgroup/lib/include/cgroup_util.h | 1
tools/testing/selftests/cgroup/test_pids.c | 3
tools/testing/selftests/futex/functional/Makefile | 5
tools/testing/selftests/futex/functional/futex_numa_mpol.c | 59 +-
tools/testing/selftests/futex/functional/futex_priv_hash.c | 1
tools/testing/selftests/futex/functional/run.sh | 1
tools/testing/selftests/futex/include/futextest.h | 11
tools/testing/selftests/iommu/iommufd_utils.h | 8
tools/testing/selftests/kselftest_harness/Makefile | 1
tools/testing/selftests/lib.mk | 5
tools/testing/selftests/mm/madv_populate.c | 21
tools/testing/selftests/mm/soft-dirty.c | 5
tools/testing/selftests/mm/va_high_addr_switch.c | 4
tools/testing/selftests/mm/vm_util.c | 17
tools/testing/selftests/mm/vm_util.h | 1
tools/testing/selftests/nolibc/nolibc-test.c | 5
tools/testing/selftests/vDSO/vdso_call.h | 7
tools/testing/selftests/vDSO/vdso_test_abi.c | 9
tools/testing/selftests/watchdog/watchdog-test.c | 6
683 files changed, 6492 insertions(+), 3927 deletions(-)
Abdun Nihaal (1):
wifi: mt76: fix potential memory leak in mt76_wmac_probe()
Aditya Kumar Singh (2):
wifi: mac80211: consider links for validating SCAN_FLAG_AP in scan request during MLO
wifi: mac80211: fix Rx packet handling when pubsta information is not available
Ahmed Salem (1):
ACPICA: Apply ACPI_NONSTRING
Akashdeep Kaur (1):
arm64: dts: ti: k3-pinctrl: Fix the bug in existing macros
Akhil P Oommen (1):
drm/msm: Fix bootup splat with separate_gpu_drm modparam
Akhilesh Patil (2):
selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported
fwctl/mlx5: Fix memory alloc/free in mlx5ctl_fw_rpc()
Alessandro Zanni (1):
iommu/selftest: prevent use of uninitialized variable
Alexander Lobakin (1):
idpf: fix Rx descriptor ready check barrier in splitq
Alexey Charkov (2):
arm64: dts: rockchip: Add RTC on rk3576-evb1-v10
arm64: dts: rockchip: Add WiFi on rk3576-evb1-v10
Alistair Popple (1):
cramfs: fix incorrect physical page address calculation
Alok Tiwari (3):
PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation
PCI: j721e: Fix incorrect error message in probe()
idpf: fix mismatched free function for dma_alloc_coherent
Amery Hung (1):
selftests/bpf: Copy test_kmods when installing selftest
Anderson Nascimento (1):
fanotify: Validate the return value of mnt_ns_from_dentry() before dereferencing
Andrea Righi (1):
bpf: Mark kfuncs as __noclone
Andreas Gruenbacher (7):
gfs2: Fix GLF_INVALIDATE_IN_PROGRESS flag clearing in do_xmote
gfs2: Further sanitize lock_dlm.c
gfs2: Fix LM_FLAG_TRY* logic in add_to_queue
gfs2: Remove duplicate check in do_xmote
gfs2: Get rid of GLF_INVALIDATE_IN_PROGRESS
gfs2: do_xmote cleanup
gfs2: Add proper lockspace locking
Andrei Lalaev (1):
leds: leds-lp55xx: Use correct address for memory programming
André Almeida (2):
selftest/futex: Make the error check more precise for futex_numa_mpol
tools/nolibc: add stdbool.h to nolibc includes
Andy Yan (1):
power: supply: cw2015: Fix a alignment coding style issue
AngeloGioacchino Del Regno (5):
arm64: dts: mediatek: mt6331: Fix pmic, regulators, rtc, keys node names
arm64: dts: mediatek: mt6795-xperia-m5: Fix mmc0 latch-ck value
arm64: dts: mediatek: mt7986a: Fix PCI-Express T-PHY node address
arm64: dts: mediatek: mt8395-kontron-i1200: Fix MT6360 regulator nodes
arm64: dts: mediatek: mt8516-pumpkin: Fix machine compatible
Annette Kobou (1):
arm64: dts: imx93-kontron: Fix GPIO for panel regulator
Anthony Iliopoulos (1):
NFSv4.1: fix backchannel max_resp_sz verification check
Aradhya Bhatia (1):
drm/bridge: cdns-dsi: Fix the _atomic_check()
Arnd Bergmann (5):
clocksource/drivers/tegra186: Avoid 64-bit division
i3c: fix big-endian FIFO transfers
drm/amdgpu: fix link error for !PM_SLEEP
hwrng: nomadik - add ARM_AMBA dependency
media: st-delta: avoid excessive stack usage
Bagas Sanjaya (1):
Documentation: trace: historgram-design: Separate sched_waking histogram section heading and the following diagram
Bala-Vignesh-Reddy (2):
selftests: arm64: Check fread return value in exec_target
selftests: arm64: Fix -Waddress warning in tpidr2 test
Baochen Qiang (4):
wifi: ath12k: initialize eirp_power before use
wifi: ath12k: fix overflow warning on num_pwr_levels
wifi: ath12k: fix wrong logging ID used for CE
wifi: ath10k: avoid unnecessary wait for service ready message
Baokun Li (1):
ext4: fix potential null deref in ext4_mb_init()
Baptiste Lepers (1):
rust: cpumask: Mark CpumaskVar as transparent
Bard Liao (1):
ASoC: Intel: hda-sdw-bpt: set persistent_buffer false
Barnabás Czémán (1):
rpmsg: qcom_smd: Fix fallback to qcom,ipc parse
Bartosz Golaszewski (2):
mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data()
pinctrl: check the return value of pinmux_ops::get_function_name()
Bean Huo (1):
mmc: core: Fix variable shadowing in mmc_route_rpmb_frames()
Beleswar Padhi (4):
arm64: dts: ti: k3-j742s2-mcu-wakeup: Override firmware-name for MCU R5F cores
arm64: dts: ti: k3: Rename rproc reserved-mem nodes to 'memory@addr'
Revert "arm64: dts: ti: k3-j721e-sk: Fix reversed C6x carveout locations"
Revert "arm64: dts: ti: k3-j721e-beagleboneai64: Fix reversed C6x carveout locations"
Benjamin Berg (1):
selftests/nolibc: fix EXPECT_NZ macro
Benjamin Mugnier (1):
media: i2c: vd55g1: Fix duster register address
Benjamin Tissoires (1):
HID: hidraw: tighten ioctl command parsing
Bernard Metzler (1):
RDMA/siw: Always report immediate post SQ errors
Bibo Mao (1):
tick: Do not set device to detached state in tick_shutdown()
Biju Das (2):
arm64: dts: renesas: rzg2lc-smarc: Disable CAN-FD channel0
arm64: dts: renesas: r9a09g047e57-smarc: Fix gpio key's pin control node
Bingbu Cao (3):
media: staging/ipu7: convert to use pci_alloc_irq_vectors() API
media: staging/ipu7: Don't set name for IPU7 PCI device
media: staging/ipu7: cleanup the MMU correctly in IPU7 driver release
Bitterblue Smith (2):
wifi: rtw88: Lock rtwdev->mutex before setting the LED
wifi: rtw88: Use led->brightness_set_blocking for PCI too
Bo Sun (2):
octeontx2-vf: fix bitmap leak
octeontx2-pf: fix bitmap leak
Brahmajit Das (2):
drm/radeon/r600_cs: clean up of dead code in r600_cs
bpf: Skip scalar adjustment for BPF_NEG if dst is a pointer
Breno Leitao (1):
PCI/AER: Avoid NULL pointer dereference in aer_ratelimit()
Brian Norris (4):
genirq/test: Select IRQ_DOMAIN
genirq/test: Depend on SPARSE_IRQ
genirq/test: Drop CONFIG_GENERIC_IRQ_MIGRATION assumptions
genirq/test: Ensure CPU 1 is online for hotplug test
Brigham Campbell (1):
drm/panel: novatek-nt35560: Fix invalid return value
Chao Yu (11):
f2fs: fix condition in __allow_reserved_blocks()
f2fs: fix to avoid overflow while left shift operation
f2fs: fix to zero data after EOF for compressed file correctly
f2fs: fix to clear unusable_cap for checkpoint=enable
f2fs: fix to avoid NULL pointer dereference in f2fs_check_quota_consistency()
f2fs: fix to allow removing qf_name
f2fs: fix to update map->m_next_extent correctly in f2fs_map_blocks()
f2fs: fix to truncate first page in error path of f2fs_truncate()
f2fs: fix to avoid migrating empty section
f2fs: fix to mitigate overhead of f2fs_zero_post_eof_page()
f2fs: fix UAF issue in f2fs_merge_page_bio()
Chen Ridong (1):
cpuset: fix failure to enable isolated partition when containing isolcpus
Chen-Yu Tsai (8):
arm64: dts: allwinner: a527: cubie-a5e: Add ethernet PHY reset setting
arm64: dts: allwinner: t527: avaota-a1: Add ethernet PHY reset setting
arm64: dts: mediatek: mt8188: Change efuse fallback compatible to mt8186
arm64: dts: mediatek: mt8186-tentacruel: Fix touchscreen model
arm64: dts: allwinner: a527: cubie-a5e: Add LEDs
arm64: dts: allwinner: a527: cubie-a5e: Drop external 32.768 KHz crystal
arm64: dts: allwinner: t527: avaota-a1: hook up external 32k crystal
arm64: dts: allwinner: t527: orangepi-4a: hook up external 32k crystal
Chenghai Huang (3):
crypto: hisilicon/zip - remove unnecessary validation for high-performance mode configurations
crypto: hisilicon - re-enable address prefetch after device resuming
crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs
Chia-I Wu (1):
drm/bridge: it6505: select REGMAP_I2C
Christian Göttsche (1):
pid: use ns_capable_noaudit() when determining net sysctl permissions
Christian Marangi (2):
net: phy: introduce phy_id_compare_vendor() PHY ID helper
net: phy: as21xxx: better handle PHY HW reset on soft-reboot
Christophe Leroy (3):
powerpc/8xx: Remove left-over instruction and comments in DataStoreTLBMiss handler
powerpc/603: Really copy kernel PGD entries into all PGDIRs
watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog
Chunyan Zhang (1):
raid6: riscv: Clean up unused header file inclusion
Chunyu Hu (1):
selftests/mm: fix va_high_addr_switch.sh failure on x86_64
Claudiu Beznea (1):
PCI: rcar-host: Pass proper IRQ domain to generic_handle_domain_irq()
Claudiu Manoil (1):
net: enetc: Fix probing error message typo for the ENETCv4 PF driver
Colin Ian King (4):
gfs2: Remove space before newline
drm/vmwgfx: fix missing assignment to ts
misc: genwqe: Fix incorrect cmd field being reported in error
ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message
Cosmin Tanislav (1):
mfd: rz-mtu3: Fix MTU5 NFCR register offset
Cristian Ciocaltea (1):
usb: vhci-hcd: Prevent suspending virtually attached devices
D. Wythe (1):
libbpf: Fix error when st-prefix_ops and ops from differ btf
Da Xue (1):
pinctrl: meson-gxl: add missing i2c_d pinmux
Dan Carpenter (11):
PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe()
irqchip/gic-v5: Fix loop in gicv5_its_create_itt_two_level() cleanup path
irqchip/gic-v5: Fix error handling in gicv5_its_irq_domain_alloc()
selftests/futex: Fix futex_wait() for 32bit ARM
PCI: endpoint: pci-ep-msi: Fix NULL vs IS_ERR() check in pci_epf_write_msi_msg()
PCI: xgene-msi: Return negative -EINVAL in xgene_msi_handler_setup()
usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup
misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl()
serial: max310x: Add error checking in probe()
HID: i2c-hid: Fix test in i2c_hid_core_register_panel_follower()
ocfs2: fix double free in user_cluster_connect()
Dan Moulding (1):
crypto: comp - Use same definition of context alloc and free ops
Daniel Borkmann (1):
bpf: Enforce expected_attach_type for tailcall compatibility
Daniel Wagner (2):
nvmet-fc: move lsop put work to nvmet_fc_ls_req_op
nvmet-fcloop: call done callback even when remote port is gone
Dapeng Mi (2):
perf/x86/intel: Use early_initcall() to hook bts_init()
perf/x86/intel: Fix IA32_PMC_x_CFG_B MSRs access error
David Gow (1):
genirq/test: Fix depth tests on architectures with NOREQUEST by default.
Deepak Sharma (1):
net: nfc: nci: Add parameter validation for packet data
Dmitry Antipov (1):
ACPICA: Fix largest possible resource descriptor index
Dmitry Baryshkov (7):
thermal/drivers/qcom: Make LMH select QCOM_SCM
thermal/drivers/qcom/lmh: Add missing IRQ includes
drm/display: bridge-connector: correct CEC bridge pointers in drm_bridge_connector_init
drm/msm/mdp4: stop supporting no-IOMMU configuration
drm/msm: stop supporting no-IOMMU configuration
remoteproc: qcom_q6v5_mss: support loading MBN file on msm8974
ASoC: qcom: sc8280xp: use sa8775p/ subdir for QCS9100 / QCS9075
Dominique Martinet (1):
net/9p: Fix buffer overflow in USB transport layer
Donet Tom (2):
drivers/base/node: handle error properly in register_one_node()
drivers/base/node: fix double free in register_one_node()
Duoming Zhou (1):
thunderbolt: Fix use-after-free in tb_dp_dprx_work
Dzmitry Sankouski (5):
mfd: max77705: max77705_charger: move active discharge setting to mfd parent
power: supply: max77705_charger: refactoring: rename charger to chg
power: supply: max77705_charger: use regfields for config registers
power: supply: max77705_charger: rework interrupts
mfd: max77705: Setup the core driver as an interrupt controller
Eduard Zingerman (1):
bpf: dont report verifier bug for missing bpf_scc_visit on speculative path
Edward Srouji (1):
RDMA/mlx5: Fix page size bitmap calculation for KSM mode
Enzo Matsumiya (1):
smb: client: fix crypto buffers in non-linear memory
Eric Dumazet (14):
nbd: restrict sockets to TCP and UDP
net: dst: introduce dst->dev_rcu
ipv6: start using dst_dev_rcu()
ipv6: use RCU in ip6_xmit()
ipv6: use RCU in ip6_output()
net: use dst_dev_rcu() in sk_setup_caps()
tcp_metrics: use dst_dev_net_rcu()
ipv4: start using dst_dev_rcu()
inet: ping: check sock_net() in ping_get_port() and ping_lookup()
tcp: fix __tcp_close() to only send RST when required
ipv6: snmp: do not use SNMP_MIB_SENTINEL anymore
ipv6: snmp: do not track per idev ICMP6_MIB_RATELIMITHOST
netfilter: nf_conntrack: do not skip entries in /proc/net/nf_conntrack
tcp: use skb->len instead of skb->truesize in tcp_can_ingest()
Erick Karanja (1):
mtd: rawnand: atmel: Fix error handling path in atmel_nand_controller_add_nands
Eugene Shalygin (1):
hwmon: (asus-ec-sensors) Narrow lock for X870E-CREATOR WIFI
Fan Wu (1):
KEYS: X.509: Fix Basic Constraints CA flag parsing
Fangyu Yu (1):
RISC-V: KVM: Write hgatp register with valid mode bits
Fedor Pchelkin (2):
wifi: rtw89: fix leak in rtw89_core_send_nullfunc()
wifi: rtw89: avoid circular locking dependency in ser_state_run()
Felix Fietkau (1):
wifi: mt76: mt7996: remove redundant per-phy mac80211 calls during restart
Fenglin Wu (1):
leds: flash: leds-qcom-flash: Update torch current clamp setting
Fernando Fernandez Mancera (1):
netfilter: nfnetlink: reset nlh pointer during batch replay
Florian Fainelli (1):
cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus()
Frieder Schrempf (1):
arm64: dts: imx93-kontron: Fix USB port assignment
Gao Xiang (1):
erofs: avoid reading more for fragment maps
Geert Uytterhoeven (5):
init: INITRAMFS_PRESERVE_MTIME should depend on BLK_DEV_INITRD
regmap: Remove superfluous check for !config in __regmap_init()
ARM: dts: renesas: porter: Fix CAN pin group
PCI/pwrctrl: Fix double cleanup on devm_add_action_or_reset() failure
efi: Explain OVMF acronym in OVMF_DEBUG_LOG help text
Genjian Zhang (1):
null_blk: Fix the description of the cache_size module argument
Gokul Sivakumar (1):
wifi: brcmfmac: fix 43752 SDIO FWVID incorrectly labelled as Cypress (CYW)
Greg Kroah-Hartman (1):
Linux 6.17.3
Guangshuo Li (1):
nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe()
Guenter Roeck (2):
clocksource/drivers/timer-tegra186: Avoid 64-bit divide operation
watchdog: intel_oc_wdt: Do not try to write into const memory
Gui-Dong Han (1):
RDMA/rxe: Fix race in do_task() when draining
Guixin Liu (1):
iommufd: Register iommufd mock devices with fwspec
Guoqing Jiang (1):
arm64: dts: mediatek: mt8195: Remove suspend-breaking reset from pcie0
Han Guangjiang (1):
blk-throttle: fix access race during throttle policy activation
Hangbin Liu (1):
bonding: fix xfrm offload feature setup on active-backup mode
Hans de Goede (3):
iio: consumers: Fix handling of negative channel scale in iio_convert_raw_to_processed()
iio: consumers: Fix offset handling in iio_convert_raw_to_processed()
mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag
Hari Chandrakanthan (1):
wifi: ath12k: Fix peer lookup in ath12k_dp_mon_rx_deliver_msdu()
Hector Martin (2):
arm64: dts: apple: t600x: Add missing WiFi properties
arm64: dts: apple: t600x: Add bluetooth device nodes
Hengqi Chen (10):
riscv, bpf: Sign extend struct ops return values properly
bpf, arm64: Call bpf_jit_binary_pack_finalize() in bpf_jit_free()
LoongArch: BPF: Sign-extend struct ops return values properly
LoongArch: BPF: No support of struct argument in trampoline programs
LoongArch: BPF: Don't align trampoline size
LoongArch: BPF: Make trampoline size stable
LoongArch: BPF: Make error handling robust in arch_prepare_bpf_trampoline()
LoongArch: BPF: Remove duplicated bpf_flush_icache()
LoongArch: BPF: No text_poke() for kernel text
LoongArch: BPF: Remove duplicated flags check
Huacai Chen (1):
LoongArch: BPF: Fix uninitialized symbol 'retval_off'
Huisong Li (1):
ACPI: processor: idle: Fix memory leak when register cpuidle device failed
Håkon Bugge (1):
RDMA/cm: Rate limit destroy CM ID timeout error message
I Viswanath (2):
net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast
ptp: Add a upper bound on max_vclocks
Ilya Leoshkevich (3):
s390/bpf: Do not write tail call counter into helper and kfunc frames
s390/bpf: Write back tail call counter for BPF_PSEUDO_CALL
s390/bpf: Write back tail call counter for BPF_TRAMP_F_CALL_ORIG
Inochi Amaoto (4):
genirq: Add irq_chip_(startup/shutdown)_parent()
PCI/MSI: Add startup/shutdown for per device domains
irqchip/sg2042-msi: Fix broken affinity setting
PCI/MSI: Check MSI_FLAG_PCI_MSI_MASK_PARENT in cond_[startup|shutdown]_parent()
Ivan Abramov (1):
dm vdo: return error on corrupted metadata in start_restoring_volume functions
Jacopo Mondi (1):
media: zoran: Remove zoran_fh structure
Jakub Acs (1):
mm/ksm: fix flag-dropping behavior in ksm_madvise
Jakub Kicinski (1):
Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set"
James Clark (2):
coresight: trbe: Add ISB after TRBLIMITR write
coresight: Fix missing include for FIELD_GET
Jan Kara (1):
ext4: fix checks for orphan inodes
Janne Grunau (3):
arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map
arm64: dts: apple: Add ethernet0 alias for J375 template
fbdev: simplefb: Fix use after free in simplefb_detach_genpds()
Jarkko Sakkinen (1):
tpm: Disable TPM2_TCG_HMAC by default
Jeff Layton (1):
filelock: add FL_RECLAIM to show_fl_flags() macro
Jens Axboe (1):
io_uring/waitid: always prune wait queue entry in io_waitid_wait()
Jens Wiklander (1):
tee: fix register_shm_helper()
Jeongjun Park (1):
HID: steelseries: refactor probe() and remove()
Jeremy Linton (1):
uprobes: uprobe_warn should use passed task
Jie Gan (1):
coresight: tpda: fix the logic to setup the element size
Jihed Chaibi (4):
ARM: dts: stm32: stm32mp151c-plyaqm: Use correct dai-format property
ARM: dts: ti: omap: am335x-baltos: Fix ti,en-ck32k-xtal property in DTS to use correct boolean syntax
ARM: dts: ti: omap: omap3-devkit8000-lcd: Fix ti,keep-vref-on property to use correct boolean syntax in DTS
ARM: dts: omap: am335x-cm-t335: Remove unused mcasp num-serializer property
Jiri Kosina (1):
HID: steelseries: Fix STEELSERIES_SRWS1 handling in steelseries_remove()
Jiri Olsa (1):
selftests/bpf: Fix realloc size in bpf_get_addrs
Joanne Koong (1):
fuse: remove unneeded offset assignment when filling write pages
Joe Lawrence (2):
powerpc/ftrace: ensure ftrace record ops are always set for NOPs
powerpc64/modules: correctly iterate over stubs in setup_ftrace_ool_stubs
Johan Hovold (4):
firmware: firmware: meson-sm: fix compile-test default
soc: mediatek: mtk-svs: fix device leaks on mt8183 probe failure
soc: mediatek: mtk-svs: fix device leaks on mt8192 probe failure
cpuidle: qcom-spm: fix device and OF node leaks at probe
Johannes Nixdorf (1):
seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast
John Garry (2):
block: update validation of atomic writes boundary for stacked devices
block: fix stacking of atomic writes when atomics are not supported
Jonas Gorski (1):
spi: fix return code when spi device has too many chipselects
Jonas Karlman (1):
phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568
Jorge Marques (1):
docs: iio: ad3552r: Fix malformed code-block directive
Joy Zou (1):
arm64: dts: imx95: Correct the lpuart7 and lpuart8 srcid
Jun Nie (1):
drm/msm: Do not validate SSPP when it is not ready
Junnan Wu (1):
firmware: arm_scmi: Mark VirtIO ready before registering scmi_virtio_driver
Kai Vehmanen (2):
ASoC: SOF: ipc4-pcm: fix delay calculation when DSP resamples
ASoC: SOF: ipc4-pcm: fix start offset calculation for chain DMA
Kang Chen (1):
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
Kang Yang (3):
wifi: ath12k: fix signal in radiotap for WCN7850
wifi: ath12k: fix HAL_PHYRX_COMMON_USER_INFO handling in monitor mode
wifi: ath12k: fix the fetching of combined rssi
Kienan Stewart (1):
kbuild: Add missing $(objtree) prefix to powerpc crtsavres.o artifact
Kiran K (1):
Bluetooth: btintel_pcie: Refactor Device Coredump
Kohei Enju (2):
nfp: fix RSS hash key size when RSS is not supported
net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable
Komal Bajaj (1):
usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls
Konrad Dybcio (1):
arm64: dts: qcom: qcm2290: Disable USB SS bus instances in park mode
Krishna Chaitanya Chundru (1):
PCI: qcom: Restrict port parsing only to PCIe bridge child nodes
Kuan-Wei Chiu (1):
mm/slub: Fix cmp_loc_by_count() to return 0 when counts are equal
Kunihiko Hayashi (2):
i2c: designware: Fix clock issue when PM is disabled
i2c: designware: Add disabling clocks when probe fails
Kuniyuki Iwashima (8):
mptcp: Fix up subflow's memcg when CONFIG_SOCK_CGROUP_DATA=n.
smc: Fix use-after-free in __pnet_find_base_ndev().
smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set().
smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match().
smc: Use __sk_dst_get() and dst_dev_rcu() in smc_vlan_by_tcpsk().
tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock().
mptcp: Call dst_release() in mptcp_active_enable().
mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable().
Lad Prabhakar (1):
pinctrl: renesas: rzg2l: Fix invalid unsigned return in rzg3s_oen_read()
Lance Yang (1):
selftests/mm: skip soft-dirty tests when CONFIG_MEM_SOFT_DIRTY is disabled
Langyan Ye (2):
drm/panel-edp: Add disable to 100ms for MNB601LS1-4
drm/panel-edp: Add 50ms disable delay for four panels
Larshin Sergey (1):
fs: udf: fix OOB read in lengthAllocDescs handling
Lei Lu (1):
sunrpc: fix null pointer dereference on zero-length checksum
Leilk.Liu (1):
i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD
Len Bao (1):
leds: max77705: Function return instead of variable assignment
Leo Yan (9):
coresight: trbe: Prevent overflow in PERF_IDX2OFF()
perf: arm_spe: Prevent overflow in PERF_IDX2OFF()
coresight: tmc: Support atclk
coresight: catu: Support atclk
coresight: etm4x: Support atclk
coresight: Appropriately disable programming clocks
coresight: Appropriately disable trace bus clocks
coresight: Avoid enable programming clock duplicately
coresight: trbe: Return NULL pointer for allocation failures
Li Nan (1):
blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx
Liao Yuanhong (2):
drm/amd/display: Remove redundant semicolons
wifi: iwlwifi: Remove redundant header files
Lijo Lazar (2):
drm/amdgpu: Check vcn state before profile switch
drm/amdgpu/vcn: Fix double-free of vcn dump buffer
Lin Yujun (1):
coresight: Fix incorrect handling for return value of devm_kzalloc
Ling Xu (4):
misc: fastrpc: Save actual DMA size in fastrpc_map structure
misc: fastrpc: Fix fastrpc_map_lookup operation
misc: fastrpc: fix possible map leak in fastrpc_put_args
misc: fastrpc: Skip reference for DMA handles
Linus Torvalds (1):
Fix CC_HAS_ASM_GOTO_OUTPUT on non-x86 architectures
Lorenzo Bianconi (8):
wifi: mac80211: Make CONNECTION_MONITOR optional for MLO sta
wifi: mt76: mt7996: Fix mt7996_mcu_sta_ba wcid configuration
wifi: mt76: mt7996: Fix mt7996_mcu_bss_mld_tlv routine
wifi: mt76: mt7996: Use proper link_id in link_sta_rc_update callback
wifi: mt76: mt7996: Check phy before init msta_link in mt7996_mac_sta_add_links()
wifi: mt76: mt7996: Fix tx-queues initialization for second phy on mt7996
wifi: mt76: mt7996: Fix RX packets configuration for primary WED device
wifi: mt76: mt7996: Convert mt7996_wed_rro_addr to LE
Lu Baolu (1):
iommu/vt-d: Disallow dirty tracking if incoherent page walk
Luiz Augusto von Dentz (3):
Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO
Bluetooth: ISO: Fix possible UAF on iso_conn_free
Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements
Ma Ke (1):
ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data()
Marek Szyprowski (1):
scsi: ufs: core: Fix PM QoS mutex initialization
Marek Vasut (6):
arm64: dts: renesas: sparrow-hawk: Invert microSD voltage selector on EVTB1
arm64: dts: renesas: sparrow-hawk: Set VDDQ18_25_AVB voltage on EVTB1
PCI: rcar-gen4: Add missing 1ms delay after PWR reset assertion
PCI: rcar-gen4: Assure reset occurs before DBI access
PCI: rcar-gen4: Fix inverted break condition in PHY initialization
Input: atmel_mxt_ts - allow reset GPIO to sleep
Martin George (2):
nvme-auth: update bi_directional flag
nvme-tcp: send only permitted commands for secure concat
Matt Bobrowski (1):
bpf/selftests: Fix test_tcpnotify_user
Matthieu Baerts (NGI0) (1):
tools: ynl: fix undefined variable name
Matvey Kovalev (1):
ksmbd: fix error code overwriting in smb2_get_info_filesystem()
Menglong Dong (1):
selftests/bpf: move get_ksyms and get_addrs to trace_helpers.c
Miaoqian Lin (2):
hisi_acc_vfio_pci: Fix reference leak in hisi_acc_vfio_debug_init
usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call
Michael Karcher (5):
sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC
sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III
sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara
sparc: fix accurate exception reporting in copy_to_user for Niagara 4
sparc: fix accurate exception reporting in copy_{from,to}_user for M7
Michael S. Tsirkin (1):
vhost: vringh: Fix copy_to_iter return value check
Michal Koutný (1):
selftests: cgroup: Make test_pids backwards compatible
Michal Pecio (1):
Revert "usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running"
Mike Snitzer (2):
NFSD: filecache: add STATX_DIOALIGN and STATX_DIO_READ_ALIGN support
nfs/localio: avoid issuing misaligned IO using O_DIRECT
Mikko Rapeli (1):
mmc: select REGMAP_MMIO with MMC_LOONGSON2
Moon Hee Lee (1):
fs/ntfs3: reject index allocation if $BITMAP is empty but blocks exist
Moshe Shemesh (2):
net/mlx5: Stop polling for command response if interface goes down
net/mlx5: fw reset, add reset timeout work
Mykyta Yatsenko (1):
libbpf: Export bpf_object__prepare symbol
Nagarjuna Kristam (1):
PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert()
Naman Jain (1):
uio_hv_generic: Let userspace take care of interrupt mask
Namjae Jeon (1):
ksmbd: add max ip connections parameter
Nathan Lynch (1):
dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation
Nicolas Ferre (1):
ARM: at91: pm: fix MCKx restore routine
Nicolas Frattaroli (1):
PM / devfreq: rockchip-dfi: double count on RK3588
Niklas Cassel (7):
scsi: pm80xx: Restore support for expanders
scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod
scsi: libsas: Add dev_parent_is_expander() helper
scsi: pm80xx: Use dev_parent_is_expander() helper
scsi: pm80xx: Add helper function to get the local phy id
scsi: pm80xx: Fix pm8001_abort_task() for chip_8006 when using an expander
PCI: endpoint: pci-epf-test: Fix doorbell test support
Nipun Gupta (1):
cdx: don't select CONFIG_GENERIC_MSI_IRQ
Nirmoy Das (1):
PCI/ACPI: Fix pci_acpi_preserve_config() memory leak
Nishanth Menon (1):
hwrng: ks-sa - fix division by zero in ks_sa_rng_init
Nithyanantham Paramasivam (2):
wifi: ath12k: Refactor RX TID deletion handling into helper function
wifi: ath12k: Fix flush cache failure during RX queue update
Oleksij Rempel (1):
net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock
Or Har-Toov (1):
RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count
Parav Pandit (1):
RDMA/core: Resolve MAC of next-hop device without ARP support
Patrisious Haddad (1):
RDMA/mlx5: Fix vport loopback forcing for MPV device
Paul Chaignon (2):
bpf: Tidy verifier bug message
bpf: Explicitly check accesses to bpf_sock_addr
Pauli Virtanen (2):
Bluetooth: ISO: free rx_skb if not consumed
Bluetooth: ISO: don't leak skb in ISO_CONT RX
Pavel Begunkov (1):
io_uring/zcrx: fix overshooting recv limit
Peter Zijlstra (1):
sched/fair: Get rid of sched_domains_curr_level hack for tl->cpumask()
Phillip Lougher (1):
Squashfs: fix uninit-value in squashfs_get_parent
Pin-yen Lin (2):
drm/panel: Allow powering on panel follower after panel is enabled
HID: i2c-hid: Make elan touch controllers power on after panel is enabled
Qi Xi (1):
once: fix race by moving DO_ONCE to separate section
Qianfeng Rong (10):
regulator: scmi: Use int type to store negative error codes
block: use int to store blk_stack_limits() return value
pinctrl: renesas: Use int type to store negative error codes
ALSA: lx_core: use int type to store negative error codes
accel/amdxdna: Use int instead of u32 to store error codes
drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl()
drm/msm/dpu: fix incorrect type for ret
scsi: qla2xxx: edif: Fix incorrect sign of error code
scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES()
scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp()
Qiuxu Zhuo (1):
EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller
Qu Wenruo (2):
btrfs: return any hit error from extent_writepage_io()
btrfs: fix symbolic link reading when bs > ps
Rafael J. Wysocki (2):
PM: sleep: core: Clear power.must_resume in noirq suspend error path
smp: Fix up and expand the smp_call_function_many() kerneldoc
Randy Dunlap (1):
lsm: CONFIG_LSM can depend on CONFIG_SECURITY
Ranjan Kumar (1):
scsi: mpt3sas: Fix crash in transport port remove by using ioc_info()
Ranjani Sridharan (1):
ASoC: SOF: ipc3-topology: Fix multi-core and static pipelines tear down
Ricardo B. Marlière (1):
selftests/bpf: Fix count write in testapp_xdp_metadata_copy()
Richard Fitzgerald (2):
ASoC: SOF: ipc4-pcm: Fix incorrect comparison with number of tdm_slots
ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback
Rob Clark (2):
drm/msm: Fix obj leak in VM_BIND error path
drm/msm: Fix missing VM_BIND offset/range validation
Rob Herring (Arm) (2):
dt-bindings: vendor-prefixes: Add undocumented vendor prefixes
arm64: dts: mediatek: mt8183: Fix out of range pull values
Ryder Lee (1):
wifi: cfg80211: fix width unit in cfg80211_radio_chandef_valid()
Salah Triki (1):
bus: fsl-mc: Check return value of platform_get_resource()
Sarika Sharma (1):
wifi: mac80211: fix reporting of all valid links in sta_set_sinfo()
Sasha Levin (1):
tracing: Fix lock imbalance in s_start() memory allocation failure path
Sathishkumar S (2):
drm/amdgpu/vcn: Add regdump helper functions
drm/amdgpu/vcn: Hold pg_lock before vcn power off
Sean Christopherson (1):
KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid
Sebastian Andrzej Siewior (3):
selftests/futex: Remove the -g parameter from futex_priv_hash
selftest/futex: Compile also with libnuma < 2.0.16
ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT
Sebastian Reichel (1):
arm64: dts: rockchip: Fix network on rk3576 evb1 board
Seppo Takalo (1):
tty: n_gsm: Don't block input queue by waiting MSC
Shay Drory (1):
net/mlx5: pagealloc: Fix reclaim race during command interface teardown
Shin'ichiro Kawasaki (1):
PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release
Shubham Sharma (1):
selftests/bpf: Fix typos and grammar in test sources
Simon Schuster (1):
arch: copy_thread: pass clone_flags as u64
Slavin Liu (1):
ipvs: Defer ip_vs_ftp unregister during netns cleanup
Sneh Mankad (1):
soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS
Srinivas Kandagatla (2):
ASoC: codecs: wcd937x: set the comp soundwire port correctly
ASoC: codecs: wcd937x: make stub functions inline
Srinivasan Shanmugam (2):
drm/amd/display: Reduce Stack Usage by moving 'audio_output' into 'stream_res' v4
drm/amd/display: Add NULL pointer checks in dc_stream cursor attribute functions
Sriram R (1):
wifi: ath12k: Add fallback for invalid channel number in PHY metadata
Stanley Chu (2):
i3c: master: svc: Use manual response for IBI events
i3c: master: svc: Recycle unused IBI slot
Stefan Kerkmann (1):
wifi: mwifiex: send world regulatory domain to driver
Stefan Metzmacher (2):
smb: client: fix sending the iwrap custom IRD/ORD negotiation messages
smb: server: fix IRD/ORD negotiation with the client
Stephan Gerhold (2):
remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice
remoteproc: qcom: pas: Shutdown lite ADSP DTB on X1E
Steven 'Steve' Kendall (1):
ALSA: hda/hdmi: Add pin fix for HP ProDesk model
Steven Rostedt (5):
tracing: Fix wakeup tracers on failure of acquiring calltime
tracing: Fix irqoff tracers on failure of acquiring calltime
tracing: Have trace_marker use per-cpu data to read user space
tracing: Fix tracing_mark_raw_write() to use buf and not ubuf
tracing: Stop fortify-string from warning in tracing_mark_raw_write()
Sven Peter (1):
usb: typec: tipd: Clear interrupts first
Takashi Iwai (4):
ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping
ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping
ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping
ALSA: hda/realtek: Add quirk for HP Spectre 14t-ea100
Tao Chen (2):
bpf: Remove migrate_disable in kprobe_multi_link_prog_run
bpf: Remove preempt_disable in bpf_try_get_buffers
Thomas Fourier (2):
crypto: keembay - Add missing check after sg_nents_for_len()
scsi: myrs: Fix dma_alloc_coherent() error check
Thomas Weißschuh (8):
kselftest/arm64/gcs: Correctly check return value when disabling GCS
tools/nolibc: fix error return value of clock_nanosleep()
tools/nolibc: avoid error in dup2() if old fd equals new fd
vdso/datastore: Gate time data behind CONFIG_GENERIC_GETTIMEOFDAY
vdso: Add struct __kernel_old_timeval forward declaration to gettime.h
selftests: vDSO: Fix -Wunitialized in powerpc VDSO_CALL() wrapper
selftests: vDSO: vdso_test_abi: Correctly skip whole test with missing vDSO
selftests: always install UAPI headers to the correct directory
Thorsten Blum (1):
crypto: octeontx2 - Call strscpy() with correct size argument
Théo Lebrun (3):
net: macb: remove illusion about TBQPH/RBQPH being per-queue
net: macb: move ring size computation to functions
net: macb: single dma_alloc_coherent() for DMA descriptors
Timur Kristóf (8):
drm/amdgpu: Power up UVD 3 for FW validation (v2)
drm/amd/pm: Disable ULV even if unsupported (v3)
drm/amd/pm: Fix si_upload_smc_data (v3)
drm/amd/pm: Adjust si_upload_smc_data register programming (v3)
drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3)
drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2)
drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3)
drm/amdgpu: Fix allocating extra dwords for rings (v2)
Troy Mitchell (5):
i2c: spacemit: ensure bus release check runs when wait_bus_idle() fails
i2c: spacemit: remove stop function to avoid bus error
i2c: spacemit: disable SDA glitch fix to avoid restart delay
i2c: spacemit: check SDA instead of SCL after bus reset
i2c: spacemit: ensure SDA is released after bus reset
Tvrtko Ursulin (1):
drm/sched: Fix a race in DRM_GPU_SCHED_STAT_NO_HANG test
Uros Bizjak (1):
x86/vdso: Fix output operand size of RDPID
Uwe Kleine-König (4):
pwm: tiehrpwm: Don't drop runtime PM reference in .free()
pwm: tiehrpwm: Make code comment in .free() more useful
pwm: tiehrpwm: Fix various off-by-one errors in duty-cycle calculation
pwm: tiehrpwm: Fix corner case in clock divisor calculation
Vadim Fedorenko (1):
net: ethtool: tsconfig: set command must provide a reply
Vadim Pasternak (1):
hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems
Val Packett (1):
drm/dp: drm_edp_backlight_set_level: do not always send 3-byte commands
Vineeth Pillai (Google) (1):
iommu/vt-d: debugfs: Fix legacy mode page table dump logic
Vitaly Grigoryev (1):
fs: ntfs3: Fix integer overflow in run_unpack()
Vlad Dumitrescu (1):
IB/sa: Fix sa_local_svc_timeout_ms read race
Vlastimil Babka (1):
scripts/misc-check: update export checks for EXPORT_SYMBOL_FOR_MODULES()
Waiman Long (1):
selftests/futex: Fix some futex_numa_mpol subtests
Wang Liang (1):
pps: fix warning in pps_register_cdev when register device fail
Wei Fang (1):
net: enetc: initialize SW PIR and CIR based HW PIR and CIR values
Weili Qian (2):
crypto: hisilicon - check the sva module status while enabling or disabling address prefetch
crypto: hisilicon/qm - request reserved interrupt for virtual function
William Wu (1):
usb: gadget: configfs: Correctly set use_os_string at bind
Xaver Hugl (1):
drm: re-allow no-op changes on non-primary planes in async flips
Xi Ruoyao (1):
pwm: loongson: Fix LOONGSON_PWM_FREQ_DEFAULT
Xiang Liu (2):
drm/amdgpu: Fix jpeg v4.0.3 poison irq call trace on sriov guest
drm/amdgpu: Fix vcn v4.0.3 poison irq call trace on sriov guest
Xianwei Zhao (1):
dts: arm: amlogic: fix pwm node for c3
Xichao Zhao (1):
usb: phy: twl6030: Fix incorrect type for ret
Yang Shi (1):
mm: hugetlb: avoid soft lockup when mprotect to large memory area
Yazhou Tang (1):
bpf: Reject negative offsets for ALU ops
Yeoreum Yun (1):
coresight: fix indentation error in cscfg_remove_owned_csdev_configs()
Yeounsu Moon (1):
net: dlink: handle copy_thresh allocation failure
Yi Lai (1):
selftests/kselftest_harness: Add harness-selftest.expected to TEST_FILES
Youling Tang (1):
LoongArch: Automatically disable kaslr if boot from kexec_file
Yu Kuai (14):
blk-mq: fix elevator depth_updated method
block: cleanup bio_issue
block: initialize bio issue time in blk_mq_submit_bio()
block: factor out a helper bio_submit_split_bioset()
block: skip unnecessary checks for split bio
block: fix ordering of recursive split IO
blk-mq: remove useless checkings in blk_mq_update_nr_requests()
blk-mq: check invalid nr_requests in queue_requests_store()
blk-mq: convert to serialize updating nr_requests with update_nr_hwq_lock
blk-mq: cleanup shared tags case in blk_mq_update_nr_requests()
blk-mq: split bitmap grow and resize case in blk_mq_update_nr_requests()
blk-mq-sched: add new parameter nr_requests in blk_mq_alloc_sched_tags()
blk-mq: fix potential deadlock while nr_requests grown
blk-throttle: fix throtl_data leak during disk release
Yuan Chen (1):
tracing: Fix race condition in kprobe initialization causing NULL pointer dereference
Yuanfang Zhang (2):
coresight: Only register perf symlink for sinks with alloc_buffer
coresight-etm4x: Conditionally access register TRCEXTINSELR
Yue Haibing (1):
ipv6: mcast: Add ip6_mc_find_idev() helper
Yulin Lu (1):
pinctrl: eswin: Fix regulator error check and Kconfig dependency
Yunseong Kim (1):
ksmbd: Fix race condition in RPC handle list access
Yureka Lilian (1):
libbpf: Fix reuse of DEVMAP
Zhang Shurong (1):
media: rj54n1cb0c: Fix memleak in rj54n1_probe()
Zhang Tengfei (1):
ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enable
Zhen Ni (3):
netfilter: ipset: Remove unused htable_bits in macro ahash_region
Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak
remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable()
Zheng Qixing (2):
dm: fix queue start/stop imbalance under suspend/load/resume races
dm: fix NULL pointer dereference in __dm_suspend()
Zhi-Jun You (1):
wifi: mt76: mt7915: fix mt7981 pre-calibration
Zhongqiu Han (1):
scsi: ufs: core: Fix data race in CPU latency PM QoS request handling
Zhouyi Zhou (1):
tools/nolibc: make time_t robust if __kernel_old_time_t is missing in host headers
Zhushuai Yin (1):
crypto: hisilicon/qm - check whether the input function and PF are on the same device
Zilin Guan (1):
vfio/pds: replace bitmap_free with vfree
Ziyue Zhang (1):
PCI: qcom: Add equalization settings for 8.0 GT/s and 32.0 GT/s
Zqiang (1):
srcu/tiny: Remove preempt_disable/enable() in srcu_gp_start_if_needed()
wangzijie (1):
f2fs: fix zero-sized extent for precache extents
zhang jiao (1):
vhost: vringh: Modify the return value check
3 weeks, 1 day
- 1
- 1
Linux 6.12.53
by Greg Kroah-Hartman
I'm announcing the release of the 6.12.53 kernel.
All users of the 6.12 kernel series must upgrade.
The updated 6.12.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/trace/histogram-design.rst | 4
Makefile | 2
arch/arm/boot/dts/renesas/r8a7791-porter.dts | 2
arch/arm/boot/dts/ti/omap/am335x-baltos.dtsi | 2
arch/arm/boot/dts/ti/omap/am335x-cm-t335.dts | 2
arch/arm/boot/dts/ti/omap/omap3-devkit8000-lcd-common.dtsi | 2
arch/arm/mach-at91/pm_suspend.S | 4
arch/arm64/boot/dts/apple/t8103-j457.dts | 12
arch/arm64/boot/dts/freescale/imx93-kontron-bl-osm-s.dts | 32 -
arch/arm64/boot/dts/freescale/imx95.dtsi | 4
arch/arm64/boot/dts/mediatek/mt6331.dtsi | 10
arch/arm64/boot/dts/mediatek/mt6795-sony-xperia-m5.dts | 2
arch/arm64/boot/dts/mediatek/mt8186-corsola-krabby.dtsi | 8
arch/arm64/boot/dts/mediatek/mt8186-corsola-tentacruel-sku262144.dts | 4
arch/arm64/boot/dts/mediatek/mt8195.dtsi | 3
arch/arm64/boot/dts/mediatek/mt8395-kontron-3-5-sbc-i1200.dts | 16
arch/arm64/boot/dts/mediatek/mt8516-pumpkin.dts | 2
arch/arm64/boot/dts/qcom/qcm2290.dtsi | 1
arch/arm64/boot/dts/renesas/rzg2lc-smarc.dtsi | 5
arch/arm64/net/bpf_jit_comp.c | 3
arch/loongarch/kernel/relocate.c | 4
arch/powerpc/include/asm/book3s/32/pgalloc.h | 10
arch/powerpc/include/asm/nohash/pgalloc.h | 2
arch/powerpc/kernel/head_8xx.S | 9
arch/riscv/net/bpf_jit_comp64.c | 42 +
arch/sparc/lib/M7memcpy.S | 20
arch/sparc/lib/Memcpy_utils.S | 9
arch/sparc/lib/NG4memcpy.S | 2
arch/sparc/lib/NGmemcpy.S | 29 -
arch/sparc/lib/U1memcpy.S | 19
arch/sparc/lib/U3memcpy.S | 2
arch/x86/include/asm/segment.h | 8
arch/x86/kvm/svm/svm.c | 12
block/blk-mq-sysfs.c | 6
block/blk-settings.c | 3
crypto/asymmetric_keys/x509_cert_parser.c | 16
drivers/acpi/acpica/aclocal.h | 2
drivers/acpi/nfit/core.c | 2
drivers/acpi/processor_idle.c | 3
drivers/base/node.c | 4
drivers/base/power/main.c | 14
drivers/base/regmap/regmap.c | 2
drivers/block/nbd.c | 8
drivers/block/null_blk/main.c | 2
drivers/bus/fsl-mc/fsl-mc-bus.c | 3
drivers/char/hw_random/Kconfig | 1
drivers/char/hw_random/ks-sa-rng.c | 4
drivers/char/tpm/Kconfig | 2
drivers/cpufreq/scmi-cpufreq.c | 10
drivers/cpuidle/cpuidle-qcom-spm.c | 7
drivers/crypto/hisilicon/debugfs.c | 1
drivers/crypto/hisilicon/hpre/hpre_main.c | 3
drivers/crypto/hisilicon/qm.c | 7
drivers/crypto/hisilicon/sec2/sec_main.c | 80 +--
drivers/crypto/hisilicon/zip/zip_main.c | 17
drivers/crypto/intel/keembay/keembay-ocs-hcu-core.c | 5
drivers/crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 2
drivers/devfreq/event/rockchip-dfi.c | 7
drivers/devfreq/mtk-cci-devfreq.c | 3
drivers/edac/i10nm_base.c | 14
drivers/firmware/arm_scmi/transports/virtio.c | 3
drivers/firmware/meson/Kconfig | 2
drivers/gpu/drm/amd/amdgpu/uvd_v3_1.c | 29 +
drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 2
drivers/gpu/drm/amd/display/dc/dml/dcn32/display_rq_dlg_calc_32.c | 1
drivers/gpu/drm/amd/pm/amdgpu_dpm_internal.c | 7
drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c | 92 ++--
drivers/gpu/drm/bridge/Kconfig | 1
drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys_wb.c | 2
drivers/gpu/drm/panel/panel-novatek-nt35560.c | 2
drivers/gpu/drm/radeon/r600_cs.c | 4
drivers/hid/hidraw.c | 224 +++++-----
drivers/hwmon/mlxreg-fan.c | 24 -
drivers/hwtracing/coresight/coresight-catu.c | 22
drivers/hwtracing/coresight/coresight-catu.h | 1
drivers/hwtracing/coresight/coresight-core.c | 5
drivers/hwtracing/coresight/coresight-etm4x-core.c | 31 +
drivers/hwtracing/coresight/coresight-etm4x.h | 6
drivers/hwtracing/coresight/coresight-tmc-core.c | 22
drivers/hwtracing/coresight/coresight-tmc.h | 2
drivers/hwtracing/coresight/coresight-tpda.c | 3
drivers/hwtracing/coresight/coresight-trbe.c | 11
drivers/i2c/busses/i2c-designware-platdrv.c | 5
drivers/i2c/busses/i2c-mt65xx.c | 17
drivers/i3c/master/svc-i3c-master.c | 31 +
drivers/iio/inkern.c | 30 -
drivers/infiniband/core/addr.c | 10
drivers/infiniband/core/cm.c | 4
drivers/infiniband/core/sa_query.c | 6
drivers/infiniband/hw/mlx5/main.c | 67 ++
drivers/infiniband/hw/mlx5/mlx5_ib.h | 1
drivers/infiniband/sw/rxe/rxe_task.c | 8
drivers/infiniband/sw/siw/siw_verbs.c | 25 -
drivers/input/misc/uinput.c | 1
drivers/input/touchscreen/atmel_mxt_ts.c | 2
drivers/iommu/intel/debugfs.c | 17
drivers/iommu/intel/iommu.h | 3
drivers/leds/flash/leds-qcom-flash.c | 62 +-
drivers/leds/leds-lp55xx-common.c | 2
drivers/md/dm-core.h | 1
drivers/md/dm-vdo/indexer/volume-index.c | 4
drivers/md/dm.c | 13
drivers/media/i2c/rj54n1cb0c.c | 9
drivers/media/pci/zoran/zoran.h | 6
drivers/media/pci/zoran/zoran_driver.c | 3
drivers/media/platform/st/sti/delta/delta-mjpeg-dec.c | 20
drivers/mfd/rz-mtu3.c | 2
drivers/mfd/vexpress-sysreg.c | 6
drivers/misc/fastrpc.c | 89 ++-
drivers/misc/genwqe/card_ddcb.c | 2
drivers/mmc/core/block.c | 6
drivers/mtd/nand/raw/atmel/nand-controller.c | 4
drivers/net/ethernet/amazon/ena/ena_ethtool.c | 5
drivers/net/ethernet/dlink/dl2k.c | 7
drivers/net/ethernet/intel/idpf/idpf_txrx.c | 8
drivers/net/ethernet/intel/idpf/idpf_virtchnl.c | 6
drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 6
drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.h | 12
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 17
drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c | 24 +
drivers/net/ethernet/mellanox/mlx5/core/pagealloc.c | 7
drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c | 2
drivers/net/usb/asix_devices.c | 29 +
drivers/net/usb/rtl8150.c | 2
drivers/net/wireless/ath/ath10k/wmi.c | 39 -
drivers/net/wireless/ath/ath12k/ce.c | 2
drivers/net/wireless/ath/ath12k/debug.h | 1
drivers/net/wireless/intel/iwlwifi/fw/regulatory.h | 1
drivers/net/wireless/marvell/mwifiex/cfg80211.c | 7
drivers/net/wireless/mediatek/mt76/mt7603/soc.c | 2
drivers/net/wireless/mediatek/mt76/mt7915/eeprom.h | 6
drivers/net/wireless/mediatek/mt76/mt7915/mcu.c | 29 -
drivers/net/wireless/mediatek/mt76/mt7996/init.c | 8
drivers/net/wireless/mediatek/mt76/mt7996/mt7996.h | 11
drivers/net/wireless/mediatek/mt76/mt7996/pci.c | 2
drivers/net/wireless/realtek/rtw89/ser.c | 3
drivers/nvme/target/fc.c | 19
drivers/pci/controller/cadence/pci-j721e.c | 2
drivers/pci/controller/dwc/pcie-rcar-gen4.c | 26 +
drivers/pci/controller/dwc/pcie-tegra194.c | 4
drivers/pci/controller/pci-tegra.c | 2
drivers/pci/pci-acpi.c | 6
drivers/perf/arm_spe_pmu.c | 3
drivers/phy/rockchip/phy-rockchip-naneng-combphy.c | 12
drivers/pinctrl/meson/pinctrl-meson-gxl.c | 10
drivers/pinctrl/pinmux.c | 2
drivers/pinctrl/renesas/pinctrl-rzg2l.c | 2
drivers/pinctrl/renesas/pinctrl.c | 3
drivers/power/supply/cw2015_battery.c | 3
drivers/pps/kapi.c | 5
drivers/pps/pps.c | 5
drivers/ptp/ptp_private.h | 1
drivers/ptp/ptp_sysfs.c | 2
drivers/pwm/pwm-tiehrpwm.c | 154 ++----
drivers/regulator/scmi-regulator.c | 3
drivers/remoteproc/pru_rproc.c | 3
drivers/remoteproc/qcom_q6v5.c | 3
drivers/scsi/mpt3sas/mpt3sas_transport.c | 8
drivers/scsi/myrs.c | 8
drivers/scsi/pm8001/pm8001_sas.c | 9
drivers/scsi/qla2xxx/qla_edif.c | 4
drivers/scsi/qla2xxx/qla_init.c | 4
drivers/scsi/qla2xxx/qla_nvme.c | 2
drivers/soc/mediatek/mtk-svs.c | 23 +
drivers/soc/qcom/rpmh-rsc.c | 7
drivers/spi/spi.c | 2
drivers/tee/tee_shm.c | 8
drivers/thermal/qcom/Kconfig | 3
drivers/thermal/qcom/lmh.c | 2
drivers/tty/n_gsm.c | 25 +
drivers/tty/serial/max310x.c | 2
drivers/uio/uio_hv_generic.c | 7
drivers/usb/cdns3/cdnsp-pci.c | 5
drivers/usb/gadget/configfs.c | 2
drivers/usb/host/max3421-hcd.c | 2
drivers/usb/host/xhci-ring.c | 11
drivers/usb/misc/Kconfig | 1
drivers/usb/misc/qcom_eud.c | 33 +
drivers/usb/phy/phy-twl6030-usb.c | 3
drivers/usb/typec/tipd/core.c | 24 -
drivers/usb/usbip/vhci_hcd.c | 22
drivers/vfio/pci/pds/dirty.c | 2
drivers/vhost/vringh.c | 14
drivers/video/fbdev/simplefb.c | 31 +
drivers/watchdog/mpc8xxx_wdt.c | 2
fs/btrfs/extent_io.c | 9
fs/ext4/ext4.h | 10
fs/ext4/file.c | 2
fs/ext4/inode.c | 2
fs/ext4/orphan.c | 6
fs/ext4/super.c | 4
fs/f2fs/data.c | 9
fs/f2fs/f2fs.h | 4
fs/f2fs/file.c | 49 +-
fs/gfs2/glock.c | 2
fs/nfs/nfs4proc.c | 2
fs/ntfs3/index.c | 10
fs/ntfs3/run.c | 12
fs/ocfs2/stack_user.c | 1
fs/smb/client/smb2ops.c | 17
fs/smb/server/ksmbd_netlink.h | 5
fs/smb/server/mgmt/user_session.c | 26 -
fs/smb/server/server.h | 1
fs/smb/server/smb2pdu.c | 3
fs/smb/server/transport_ipc.c | 3
fs/smb/server/transport_rdma.c | 99 +++-
fs/smb/server/transport_tcp.c | 27 -
fs/squashfs/inode.c | 7
fs/squashfs/squashfs_fs_i.h | 2
fs/udf/inode.c | 3
include/asm-generic/vmlinux.lds.h | 1
include/linux/bpf.h | 1
include/linux/btf.h | 2
include/linux/once.h | 4
include/trace/events/filelock.h | 3
include/uapi/linux/hidraw.h | 2
include/vdso/gettime.h | 1
init/Kconfig | 1
io_uring/waitid.c | 3
kernel/bpf/core.c | 5
kernel/bpf/verifier.c | 4
kernel/events/uprobes.c | 2
kernel/seccomp.c | 12
kernel/smp.c | 11
kernel/trace/bpf_trace.c | 9
mm/hugetlb.c | 2
net/9p/trans_usbg.c | 16
net/bluetooth/hci_sync.c | 10
net/bluetooth/iso.c | 11
net/bluetooth/mgmt.c | 10
net/core/filter.c | 16
net/ipv4/ping.c | 14
net/ipv4/tcp.c | 9
net/mac80211/rx.c | 28 -
net/netfilter/ipset/ip_set_hash_gen.h | 8
net/netfilter/ipvs/ip_vs_conn.c | 4
net/netfilter/ipvs/ip_vs_core.c | 11
net/netfilter/ipvs/ip_vs_ctl.c | 6
net/netfilter/ipvs/ip_vs_est.c | 16
net/netfilter/ipvs/ip_vs_ftp.c | 4
net/netfilter/nfnetlink.c | 2
net/nfc/nci/ntf.c | 135 ++++--
net/sunrpc/auth_gss/svcauth_gss.c | 2
security/Kconfig | 1
sound/core/pcm_native.c | 25 -
sound/pci/lx6464es/lx_core.c | 4
sound/soc/codecs/wcd934x.c | 17
sound/soc/codecs/wcd937x.c | 4
sound/soc/codecs/wcd937x.h | 6
sound/soc/intel/boards/bytcht_es8316.c | 20
sound/soc/intel/boards/bytcr_rt5640.c | 7
sound/soc/intel/boards/bytcr_rt5651.c | 26 -
sound/soc/intel/boards/sof_sdw.c | 2
sound/soc/sof/ipc3-topology.c | 10
tools/include/nolibc/std.h | 2
tools/lib/bpf/libbpf.c | 46 +-
tools/testing/nvdimm/test/ndtest.c | 13
tools/testing/selftests/arm64/pauth/exec_target.c | 7
tools/testing/selftests/bpf/progs/test_tcpnotify_kern.c | 1
tools/testing/selftests/bpf/test_tcpnotify_user.c | 20
tools/testing/selftests/nolibc/nolibc-test.c | 4
tools/testing/selftests/vDSO/vdso_call.h | 7
tools/testing/selftests/vDSO/vdso_test_abi.c | 9
tools/testing/selftests/watchdog/watchdog-test.c | 6
264 files changed, 2038 insertions(+), 1119 deletions(-)
Abdun Nihaal (1):
wifi: mt76: fix potential memory leak in mt76_wmac_probe()
Aditya Kumar Singh (1):
wifi: mac80211: fix Rx packet handling when pubsta information is not available
Akhilesh Patil (1):
selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported
Alexander Lobakin (1):
idpf: fix Rx descriptor ready check barrier in splitq
Alok Tiwari (3):
PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation
PCI: j721e: Fix incorrect error message in probe()
idpf: fix mismatched free function for dma_alloc_coherent
Andrea Righi (1):
bpf: Mark kfuncs as __noclone
Andreas Gruenbacher (1):
gfs2: Fix GLF_INVALIDATE_IN_PROGRESS flag clearing in do_xmote
Andrei Lalaev (1):
leds: leds-lp55xx: Use correct address for memory programming
Andy Yan (1):
power: supply: cw2015: Fix a alignment coding style issue
AngeloGioacchino Del Regno (4):
arm64: dts: mediatek: mt6331: Fix pmic, regulators, rtc, keys node names
arm64: dts: mediatek: mt6795-xperia-m5: Fix mmc0 latch-ck value
arm64: dts: mediatek: mt8395-kontron-i1200: Fix MT6360 regulator nodes
arm64: dts: mediatek: mt8516-pumpkin: Fix machine compatible
Annette Kobou (1):
arm64: dts: imx93-kontron: Fix GPIO for panel regulator
Anthony Iliopoulos (1):
NFSv4.1: fix backchannel max_resp_sz verification check
Arnd Bergmann (2):
hwrng: nomadik - add ARM_AMBA dependency
media: st-delta: avoid excessive stack usage
Bagas Sanjaya (1):
Documentation: trace: historgram-design: Separate sched_waking histogram section heading and the following diagram
Bala-Vignesh-Reddy (1):
selftests: arm64: Check fread return value in exec_target
Baochen Qiang (2):
wifi: ath12k: fix wrong logging ID used for CE
wifi: ath10k: avoid unnecessary wait for service ready message
Bartosz Golaszewski (2):
mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data()
pinctrl: check the return value of pinmux_ops::get_function_name()
Bean Huo (1):
mmc: core: Fix variable shadowing in mmc_route_rpmb_frames()
Benjamin Berg (1):
selftests/nolibc: fix EXPECT_NZ macro
Benjamin Tissoires (1):
HID: hidraw: tighten ioctl command parsing
Bernard Metzler (1):
RDMA/siw: Always report immediate post SQ errors
Biju Das (1):
arm64: dts: renesas: rzg2lc-smarc: Disable CAN-FD channel0
Brahmajit Das (1):
drm/radeon/r600_cs: clean up of dead code in r600_cs
Brigham Campbell (1):
drm/panel: novatek-nt35560: Fix invalid return value
Chao Yu (4):
f2fs: fix condition in __allow_reserved_blocks()
f2fs: fix to update map->m_next_extent correctly in f2fs_map_blocks()
f2fs: fix to truncate first page in error path of f2fs_truncate()
f2fs: fix to mitigate overhead of f2fs_zero_post_eof_page()
Chen-Yu Tsai (1):
arm64: dts: mediatek: mt8186-tentacruel: Fix touchscreen model
Chenghai Huang (3):
crypto: hisilicon/zip - remove unnecessary validation for high-performance mode configurations
crypto: hisilicon - re-enable address prefetch after device resuming
crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs
Chia-I Wu (1):
drm/bridge: it6505: select REGMAP_I2C
Christophe Leroy (3):
powerpc/8xx: Remove left-over instruction and comments in DataStoreTLBMiss handler
powerpc/603: Really copy kernel PGD entries into all PGDIRs
watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog
Colin Ian King (2):
misc: genwqe: Fix incorrect cmd field being reported in error
ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message
Cosmin Tanislav (1):
mfd: rz-mtu3: Fix MTU5 NFCR register offset
Cristian Ciocaltea (1):
usb: vhci-hcd: Prevent suspending virtually attached devices
D. Wythe (1):
libbpf: Fix error when st-prefix_ops and ops from differ btf
Da Xue (1):
pinctrl: meson-gxl: add missing i2c_d pinmux
Dan Carpenter (4):
PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe()
usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup
serial: max310x: Add error checking in probe()
ocfs2: fix double free in user_cluster_connect()
Daniel Borkmann (1):
bpf: Enforce expected_attach_type for tailcall compatibility
Daniel Wagner (1):
nvmet-fc: move lsop put work to nvmet_fc_ls_req_op
Deepak Sharma (1):
net: nfc: nci: Add parameter validation for packet data
Dmitry Antipov (1):
ACPICA: Fix largest possible resource descriptor index
Dmitry Baryshkov (2):
thermal/drivers/qcom: Make LMH select QCOM_SCM
thermal/drivers/qcom/lmh: Add missing IRQ includes
Dominique Martinet (1):
net/9p: Fix buffer overflow in USB transport layer
Donet Tom (2):
drivers/base/node: handle error properly in register_one_node()
drivers/base/node: fix double free in register_one_node()
Enzo Matsumiya (1):
smb: client: fix crypto buffers in non-linear memory
Eric Dumazet (3):
nbd: restrict sockets to TCP and UDP
inet: ping: check sock_net() in ping_get_port() and ping_lookup()
tcp: fix __tcp_close() to only send RST when required
Erick Karanja (1):
mtd: rawnand: atmel: Fix error handling path in atmel_nand_controller_add_nands
Fan Wu (1):
KEYS: X.509: Fix Basic Constraints CA flag parsing
Fedor Pchelkin (1):
wifi: rtw89: avoid circular locking dependency in ser_state_run()
Fenglin Wu (1):
leds: flash: leds-qcom-flash: Update torch current clamp setting
Fernando Fernandez Mancera (1):
netfilter: nfnetlink: reset nlh pointer during batch replay
Florian Fainelli (1):
cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus()
Frieder Schrempf (1):
arm64: dts: imx93-kontron: Fix USB port assignment
Geert Uytterhoeven (3):
init: INITRAMFS_PRESERVE_MTIME should depend on BLK_DEV_INITRD
regmap: Remove superfluous check for !config in __regmap_init()
ARM: dts: renesas: porter: Fix CAN pin group
Genjian Zhang (1):
null_blk: Fix the description of the cache_size module argument
Greg Kroah-Hartman (1):
Linux 6.12.53
Guangshuo Li (1):
nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe()
Gui-Dong Han (1):
RDMA/rxe: Fix race in do_task() when draining
Guoqing Jiang (1):
arm64: dts: mediatek: mt8195: Remove suspend-breaking reset from pcie0
Hans de Goede (2):
iio: consumers: Fix handling of negative channel scale in iio_convert_raw_to_processed()
iio: consumers: Fix offset handling in iio_convert_raw_to_processed()
Hengqi Chen (2):
riscv, bpf: Sign extend struct ops return values properly
bpf, arm64: Call bpf_jit_binary_pack_finalize() in bpf_jit_free()
Huisong Li (1):
ACPI: processor: idle: Fix memory leak when register cpuidle device failed
Håkon Bugge (1):
RDMA/cm: Rate limit destroy CM ID timeout error message
I Viswanath (2):
net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast
ptp: Add a upper bound on max_vclocks
Ivan Abramov (1):
dm vdo: return error on corrupted metadata in start_restoring_volume functions
Jacopo Mondi (1):
media: zoran: Remove zoran_fh structure
Jakub Kicinski (1):
Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set"
Jan Kara (1):
ext4: fix checks for orphan inodes
Janne Grunau (2):
arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map
fbdev: simplefb: Fix use after free in simplefb_detach_genpds()
Jarkko Sakkinen (1):
tpm: Disable TPM2_TCG_HMAC by default
Jeff Layton (1):
filelock: add FL_RECLAIM to show_fl_flags() macro
Jens Axboe (1):
io_uring/waitid: always prune wait queue entry in io_waitid_wait()
Jens Wiklander (1):
tee: fix register_shm_helper()
Jeremy Linton (1):
uprobes: uprobe_warn should use passed task
Jie Gan (1):
coresight: tpda: fix the logic to setup the element size
Jihed Chaibi (3):
ARM: dts: ti: omap: am335x-baltos: Fix ti,en-ck32k-xtal property in DTS to use correct boolean syntax
ARM: dts: ti: omap: omap3-devkit8000-lcd: Fix ti,keep-vref-on property to use correct boolean syntax in DTS
ARM: dts: omap: am335x-cm-t335: Remove unused mcasp num-serializer property
Johan Hovold (4):
firmware: firmware: meson-sm: fix compile-test default
soc: mediatek: mtk-svs: fix device leaks on mt8183 probe failure
soc: mediatek: mtk-svs: fix device leaks on mt8192 probe failure
cpuidle: qcom-spm: fix device and OF node leaks at probe
Johannes Nixdorf (1):
seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast
Jonas Gorski (1):
spi: fix return code when spi device has too many chipselects
Jonas Karlman (1):
phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568
Joy Zou (1):
arm64: dts: imx95: Correct the lpuart7 and lpuart8 srcid
Junnan Wu (1):
firmware: arm_scmi: Mark VirtIO ready before registering scmi_virtio_driver
Kohei Enju (2):
nfp: fix RSS hash key size when RSS is not supported
net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable
Komal Bajaj (1):
usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls
Konrad Dybcio (1):
arm64: dts: qcom: qcm2290: Disable USB SS bus instances in park mode
Kunihiko Hayashi (2):
i2c: designware: Fix clock issue when PM is disabled
i2c: designware: Add disabling clocks when probe fails
Lad Prabhakar (1):
pinctrl: renesas: rzg2l: Fix invalid unsigned return in rzg3s_oen_read()
Larshin Sergey (1):
fs: udf: fix OOB read in lengthAllocDescs handling
Lei Lu (1):
sunrpc: fix null pointer dereference on zero-length checksum
Leilk.Liu (1):
i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD
Leo Yan (6):
coresight: trbe: Prevent overflow in PERF_IDX2OFF()
perf: arm_spe: Prevent overflow in PERF_IDX2OFF()
coresight: tmc: Support atclk
coresight: catu: Support atclk
coresight: etm4x: Support atclk
coresight: trbe: Return NULL pointer for allocation failures
Li Nan (1):
blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx
Liao Yuanhong (2):
drm/amd/display: Remove redundant semicolons
wifi: iwlwifi: Remove redundant header files
Lin Yujun (1):
coresight: Fix incorrect handling for return value of devm_kzalloc
Ling Xu (4):
misc: fastrpc: Save actual DMA size in fastrpc_map structure
misc: fastrpc: Fix fastrpc_map_lookup operation
misc: fastrpc: fix possible map leak in fastrpc_put_args
misc: fastrpc: Skip reference for DMA handles
Lorenzo Bianconi (2):
wifi: mt76: mt7996: Fix RX packets configuration for primary WED device
wifi: mt76: mt7996: Convert mt7996_wed_rro_addr to LE
Lu Baolu (1):
iommu/vt-d: Disallow dirty tracking if incoherent page walk
Luiz Augusto von Dentz (3):
Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO
Bluetooth: ISO: Fix possible UAF on iso_conn_free
Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements
Ma Ke (1):
ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data()
Marek Vasut (4):
PCI: rcar-gen4: Add missing 1ms delay after PWR reset assertion
PCI: rcar-gen4: Assure reset occurs before DBI access
PCI: rcar-gen4: Fix inverted break condition in PHY initialization
Input: atmel_mxt_ts - allow reset GPIO to sleep
Matt Bobrowski (1):
bpf/selftests: Fix test_tcpnotify_user
Matvey Kovalev (1):
ksmbd: fix error code overwriting in smb2_get_info_filesystem()
Miaoqian Lin (1):
usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call
Michael Karcher (5):
sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC
sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III
sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara
sparc: fix accurate exception reporting in copy_to_user for Niagara 4
sparc: fix accurate exception reporting in copy_{from,to}_user for M7
Michael S. Tsirkin (1):
vhost: vringh: Fix copy_to_iter return value check
Michal Pecio (1):
Revert "usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running"
Moon Hee Lee (1):
fs/ntfs3: reject index allocation if $BITMAP is empty but blocks exist
Moshe Shemesh (2):
net/mlx5: Stop polling for command response if interface goes down
net/mlx5: fw reset, add reset timeout work
Nagarjuna Kristam (1):
PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert()
Naman Jain (1):
uio_hv_generic: Let userspace take care of interrupt mask
Namjae Jeon (1):
ksmbd: add max ip connections parameter
Nicolas Ferre (1):
ARM: at91: pm: fix MCKx restore routine
Nicolas Frattaroli (1):
PM / devfreq: rockchip-dfi: double count on RK3588
Niklas Cassel (1):
scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod
Nirmoy Das (1):
PCI/ACPI: Fix pci_acpi_preserve_config() memory leak
Nishanth Menon (1):
hwrng: ks-sa - fix division by zero in ks_sa_rng_init
Oleksij Rempel (1):
net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock
Or Har-Toov (1):
RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count
Parav Pandit (1):
RDMA/core: Resolve MAC of next-hop device without ARP support
Patrisious Haddad (1):
RDMA/mlx5: Fix vport loopback forcing for MPV device
Paul Chaignon (1):
bpf: Explicitly check accesses to bpf_sock_addr
Pauli Virtanen (2):
Bluetooth: ISO: free rx_skb if not consumed
Bluetooth: ISO: don't leak skb in ISO_CONT RX
Phillip Lougher (1):
Squashfs: fix uninit-value in squashfs_get_parent
Qi Xi (1):
once: fix race by moving DO_ONCE to separate section
Qianfeng Rong (9):
regulator: scmi: Use int type to store negative error codes
block: use int to store blk_stack_limits() return value
pinctrl: renesas: Use int type to store negative error codes
ALSA: lx_core: use int type to store negative error codes
drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl()
drm/msm/dpu: fix incorrect type for ret
scsi: qla2xxx: edif: Fix incorrect sign of error code
scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES()
scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp()
Qiuxu Zhuo (1):
EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller
Qu Wenruo (1):
btrfs: return any hit error from extent_writepage_io()
Rafael J. Wysocki (2):
PM: sleep: core: Clear power.must_resume in noirq suspend error path
smp: Fix up and expand the smp_call_function_many() kerneldoc
Randy Dunlap (1):
lsm: CONFIG_LSM can depend on CONFIG_SECURITY
Ranjan Kumar (1):
scsi: mpt3sas: Fix crash in transport port remove by using ioc_info()
Ranjani Sridharan (1):
ASoC: SOF: ipc3-topology: Fix multi-core and static pipelines tear down
Richard Fitzgerald (1):
ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback
Salah Triki (1):
bus: fsl-mc: Check return value of platform_get_resource()
Sean Christopherson (1):
KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid
Sebastian Andrzej Siewior (1):
ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT
Seppo Takalo (1):
tty: n_gsm: Don't block input queue by waiting MSC
Shay Drory (1):
net/mlx5: pagealloc: Fix reclaim race during command interface teardown
Slavin Liu (1):
ipvs: Defer ip_vs_ftp unregister during netns cleanup
Sneh Mankad (1):
soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS
Srinivas Kandagatla (2):
ASoC: codecs: wcd937x: set the comp soundwire port correctly
ASoC: codecs: wcd937x: make stub functions inline
Stanley Chu (2):
i3c: master: svc: Use manual response for IBI events
i3c: master: svc: Recycle unused IBI slot
Stefan Kerkmann (1):
wifi: mwifiex: send world regulatory domain to driver
Stefan Metzmacher (1):
smb: server: fix IRD/ORD negotiation with the client
Stephan Gerhold (1):
remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice
Sven Peter (1):
usb: typec: tipd: Clear interrupts first
Takashi Iwai (3):
ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping
ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping
ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping
Tao Chen (1):
bpf: Remove migrate_disable in kprobe_multi_link_prog_run
Thomas Fourier (2):
crypto: keembay - Add missing check after sg_nents_for_len()
scsi: myrs: Fix dma_alloc_coherent() error check
Thomas Weißschuh (3):
vdso: Add struct __kernel_old_timeval forward declaration to gettime.h
selftests: vDSO: Fix -Wunitialized in powerpc VDSO_CALL() wrapper
selftests: vDSO: vdso_test_abi: Correctly skip whole test with missing vDSO
Thorsten Blum (1):
crypto: octeontx2 - Call strscpy() with correct size argument
Timur Kristóf (7):
drm/amdgpu: Power up UVD 3 for FW validation (v2)
drm/amd/pm: Disable ULV even if unsupported (v3)
drm/amd/pm: Fix si_upload_smc_data (v3)
drm/amd/pm: Adjust si_upload_smc_data register programming (v3)
drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3)
drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2)
drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3)
Uros Bizjak (1):
x86/vdso: Fix output operand size of RDPID
Uwe Kleine-König (4):
pwm: tiehrpwm: Don't drop runtime PM reference in .free()
pwm: tiehrpwm: Make code comment in .free() more useful
pwm: tiehrpwm: Fix various off-by-one errors in duty-cycle calculation
pwm: tiehrpwm: Fix corner case in clock divisor calculation
Vadim Pasternak (1):
hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems
Vineeth Pillai (Google) (1):
iommu/vt-d: debugfs: Fix legacy mode page table dump logic
Vitaly Grigoryev (1):
fs: ntfs3: Fix integer overflow in run_unpack()
Vlad Dumitrescu (1):
IB/sa: Fix sa_local_svc_timeout_ms read race
Wang Liang (1):
pps: fix warning in pps_register_cdev when register device fail
William Wu (1):
usb: gadget: configfs: Correctly set use_os_string at bind
Xichao Zhao (1):
usb: phy: twl6030: Fix incorrect type for ret
Yang Shi (1):
mm: hugetlb: avoid soft lockup when mprotect to large memory area
Yazhou Tang (1):
bpf: Reject negative offsets for ALU ops
Yeounsu Moon (1):
net: dlink: handle copy_thresh allocation failure
Youling Tang (1):
LoongArch: Automatically disable kaslr if boot from kexec_file
Yuanfang Zhang (2):
coresight: Only register perf symlink for sinks with alloc_buffer
coresight-etm4x: Conditionally access register TRCEXTINSELR
Yunseong Kim (1):
ksmbd: Fix race condition in RPC handle list access
Yureka Lilian (1):
libbpf: Fix reuse of DEVMAP
Zhang Shurong (1):
media: rj54n1cb0c: Fix memleak in rj54n1_probe()
Zhang Tengfei (1):
ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enable
Zhen Ni (3):
netfilter: ipset: Remove unused htable_bits in macro ahash_region
Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak
remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable()
Zheng Qixing (2):
dm: fix queue start/stop imbalance under suspend/load/resume races
dm: fix NULL pointer dereference in __dm_suspend()
Zhi-Jun You (1):
wifi: mt76: mt7915: fix mt7981 pre-calibration
Zhouyi Zhou (1):
tools/nolibc: make time_t robust if __kernel_old_time_t is missing in host headers
Zhushuai Yin (1):
crypto: hisilicon/qm - check whether the input function and PF are on the same device
Zilin Guan (1):
vfio/pds: replace bitmap_free with vfree
wangzijie (1):
f2fs: fix zero-sized extent for precache extents
zhang jiao (1):
vhost: vringh: Modify the return value check
3 weeks, 1 day
- 1
- 1
[PATCH net v2] xsk: Fix overflow in descriptor validation
by Ilia Gavrilov
The desc->len value can be set up to U32_MAX. If umem tx_metadata_len
option is also set, the value of the expression
'desc->len + pool->tx_metadata_len' can overflow and validation
of the incorrect descriptor will be successfully passed.
This can lead to a subsequent chain of arithmetic overflows
in the xsk_build_skb() function and incorrect sk_buff allocation.
To reproduce the overflow, this piece of userspace code can be used:
struct xdp_umem_reg umem_reg;
umem_reg.addr = (__u64)(void *)umem;
...
umem_reg.chunk_size = 4096;
umem_reg.tx_metadata_len = 16;
umem_reg.flags = XDP_UMEM_TX_METADATA_LEN;
setsockopt(sfd, SOL_XDP, XDP_UMEM_REG, &umem_reg, sizeof(umem_reg));
...
xsk_ring_prod__reserve(tq, batch_size, &idx);
for (i = 0; i < nr_packets; ++i) {
struct xdp_desc *tx_desc = xsk_ring_prod__tx_desc(tq, idx + i);
tx_desc->addr = packets[i].addr;
tx_desc->addr += umem->tx_metadata_len;
tx_desc->options = XDP_TX_METADATA;
tx_desc->len = UINT32_MAX;
}
xsk_ring_prod__submit(tq, nr_packets);
...
sendto(sfd, NULL, 0, MSG_DONTWAIT, NULL, 0);
Found by InfoTeCS on behalf of Linux Verification Center
(linuxtesting.org) with SVACE.
Fixes: 341ac980eab9 ("xsk: Support tx_metadata_len")
Cc: stable(a)vger.kernel.org
Signed-off-by: Ilia Gavrilov <Ilia.Gavrilov(a)infotecs.ru>
---
v2: Add a repro
net/xdp/xsk_queue.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/xdp/xsk_queue.h b/net/xdp/xsk_queue.h
index f16f390370dc..b206a8839b39 100644
--- a/net/xdp/xsk_queue.h
+++ b/net/xdp/xsk_queue.h
@@ -144,7 +144,7 @@ static inline bool xp_aligned_validate_desc(struct xsk_buff_pool *pool,
struct xdp_desc *desc)
{
u64 addr = desc->addr - pool->tx_metadata_len;
- u64 len = desc->len + pool->tx_metadata_len;
+ u64 len = (u64)desc->len + pool->tx_metadata_len;
u64 offset = addr & (pool->chunk_size - 1);
if (!desc->len)
@@ -165,7 +165,7 @@ static inline bool xp_unaligned_validate_desc(struct xsk_buff_pool *pool,
struct xdp_desc *desc)
{
u64 addr = xp_unaligned_add_offset_to_addr(desc->addr) - pool->tx_metadata_len;
- u64 len = desc->len + pool->tx_metadata_len;
+ u64 len = (u64)desc->len + pool->tx_metadata_len;
if (!desc->len)
return false;
--
2.39.5
3 weeks, 1 day
- 2
- 2
Linux 6.6.112
by Greg Kroah-Hartman
I'm announcing the release of the 6.6.112 kernel.
All users of the 6.6 kernel series must upgrade.
The updated 6.6.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/trace/histogram-design.rst | 4
Makefile | 2
arch/arm/boot/dts/renesas/r8a7791-porter.dts | 2
arch/arm/boot/dts/ti/omap/am335x-baltos.dtsi | 2
arch/arm/boot/dts/ti/omap/am335x-cm-t335.dts | 2
arch/arm/boot/dts/ti/omap/omap3-devkit8000-lcd-common.dtsi | 2
arch/arm/mach-at91/pm_suspend.S | 4
arch/arm64/boot/dts/apple/t8103-j457.dts | 12
arch/arm64/boot/dts/mediatek/mt6331.dtsi | 10
arch/arm64/boot/dts/mediatek/mt6795-sony-xperia-m5.dts | 2
arch/arm64/boot/dts/mediatek/mt8195.dtsi | 3
arch/arm64/boot/dts/mediatek/mt8516-pumpkin.dts | 2
arch/arm64/boot/dts/qcom/qcm2290.dtsi | 1
arch/arm64/boot/dts/renesas/rzg2lc-smarc.dtsi | 5
arch/loongarch/kernel/relocate.c | 4
arch/sparc/lib/M7memcpy.S | 20 -
arch/sparc/lib/Memcpy_utils.S | 9
arch/sparc/lib/NG4memcpy.S | 2
arch/sparc/lib/NGmemcpy.S | 29 +-
arch/sparc/lib/U1memcpy.S | 19 -
arch/sparc/lib/U3memcpy.S | 2
arch/x86/include/asm/segment.h | 8
block/blk-mq-sysfs.c | 6
block/blk-settings.c | 3
crypto/asymmetric_keys/x509_cert_parser.c | 16 -
drivers/acpi/acpica/aclocal.h | 2
drivers/acpi/nfit/core.c | 2
drivers/acpi/processor_idle.c | 3
drivers/base/node.c | 4
drivers/base/power/main.c | 14 -
drivers/base/regmap/regmap.c | 2
drivers/block/nbd.c | 8
drivers/block/null_blk/main.c | 2
drivers/bus/fsl-mc/fsl-mc-bus.c | 3
drivers/char/hw_random/Kconfig | 1
drivers/char/hw_random/ks-sa-rng.c | 4
drivers/cpufreq/scmi-cpufreq.c | 10
drivers/cpuidle/cpuidle-qcom-spm.c | 7
drivers/crypto/hisilicon/debugfs.c | 1
drivers/crypto/hisilicon/hpre/hpre_main.c | 3
drivers/crypto/hisilicon/qm.c | 7
drivers/crypto/hisilicon/sec2/sec_main.c | 80 ++---
drivers/crypto/hisilicon/zip/zip_main.c | 17 -
drivers/crypto/intel/keembay/keembay-ocs-hcu-core.c | 5
drivers/devfreq/mtk-cci-devfreq.c | 3
drivers/edac/i10nm_base.c | 14 +
drivers/firmware/meson/Kconfig | 2
drivers/gpu/drm/amd/amdgpu/uvd_v3_1.c | 29 +-
drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 2
drivers/gpu/drm/amd/display/dc/dml/dcn32/display_rq_dlg_calc_32.c | 1
drivers/gpu/drm/amd/pm/amdgpu_dpm_internal.c | 7
drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c | 92 ++++--
drivers/gpu/drm/bridge/Kconfig | 1
drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys_wb.c | 2
drivers/gpu/drm/panel/panel-novatek-nt35560.c | 2
drivers/gpu/drm/radeon/r600_cs.c | 4
drivers/hwmon/mlxreg-fan.c | 24 +
drivers/hwtracing/coresight/coresight-core.c | 5
drivers/hwtracing/coresight/coresight-etm4x-core.c | 31 +-
drivers/hwtracing/coresight/coresight-etm4x.h | 6
drivers/hwtracing/coresight/coresight-trbe.c | 9
drivers/i2c/busses/i2c-designware-platdrv.c | 5
drivers/i2c/busses/i2c-mt65xx.c | 17 -
drivers/i3c/master/svc-i3c-master.c | 31 +-
drivers/iio/inkern.c | 30 +-
drivers/infiniband/core/addr.c | 10
drivers/infiniband/core/cm.c | 4
drivers/infiniband/core/sa_query.c | 6
drivers/infiniband/hw/mlx5/main.c | 19 +
drivers/infiniband/hw/mlx5/mlx5_ib.h | 1
drivers/infiniband/sw/rxe/rxe_task.c | 8
drivers/infiniband/sw/siw/siw_verbs.c | 25 +
drivers/input/misc/uinput.c | 1
drivers/input/touchscreen/atmel_mxt_ts.c | 2
drivers/leds/flash/leds-qcom-flash.c | 62 ++--
drivers/md/dm-core.h | 1
drivers/md/dm.c | 13
drivers/media/i2c/rj54n1cb0c.c | 9
drivers/media/pci/zoran/zoran.h | 6
drivers/media/pci/zoran/zoran_driver.c | 3
drivers/media/platform/st/sti/delta/delta-mjpeg-dec.c | 20 -
drivers/mfd/rz-mtu3.c | 2
drivers/mfd/vexpress-sysreg.c | 6
drivers/misc/fastrpc.c | 62 ++--
drivers/misc/genwqe/card_ddcb.c | 2
drivers/mtd/nand/raw/atmel/nand-controller.c | 4
drivers/net/ethernet/amazon/ena/ena_ethtool.c | 5
drivers/net/ethernet/dlink/dl2k.c | 7
drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 6
drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.h | 12
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 17 -
drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c | 24 +
drivers/net/ethernet/mellanox/mlx5/core/pagealloc.c | 7
drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c | 2
drivers/net/usb/asix_devices.c | 29 ++
drivers/net/usb/rtl8150.c | 2
drivers/net/wireless/ath/ath10k/wmi.c | 39 +-
drivers/net/wireless/marvell/mwifiex/cfg80211.c | 7
drivers/net/wireless/mediatek/mt76/mt7603/soc.c | 2
drivers/net/wireless/realtek/rtw89/ser.c | 3
drivers/nvme/target/fc.c | 19 -
drivers/pci/controller/dwc/pcie-tegra194.c | 4
drivers/pci/controller/pci-tegra.c | 2
drivers/perf/arm_spe_pmu.c | 3
drivers/phy/rockchip/phy-rockchip-naneng-combphy.c | 12
drivers/pinctrl/meson/pinctrl-meson-gxl.c | 10
drivers/pinctrl/pinmux.c | 2
drivers/pinctrl/renesas/pinctrl.c | 3
drivers/power/supply/cw2015_battery.c | 3
drivers/pps/kapi.c | 5
drivers/pps/pps.c | 5
drivers/pwm/pwm-tiehrpwm.c | 4
drivers/regulator/scmi-regulator.c | 3
drivers/remoteproc/pru_rproc.c | 3
drivers/remoteproc/qcom_q6v5.c | 3
drivers/scsi/mpt3sas/mpt3sas_transport.c | 8
drivers/scsi/myrs.c | 8
drivers/scsi/pm8001/pm8001_sas.c | 9
drivers/scsi/qla2xxx/qla_edif.c | 4
drivers/scsi/qla2xxx/qla_init.c | 4
drivers/scsi/qla2xxx/qla_nvme.c | 2
drivers/soc/qcom/rpmh-rsc.c | 7
drivers/thermal/qcom/Kconfig | 3
drivers/thermal/qcom/lmh.c | 2
drivers/tty/n_gsm.c | 25 +
drivers/tty/serial/max310x.c | 2
drivers/uio/uio_hv_generic.c | 7
drivers/usb/cdns3/cdnsp-pci.c | 5
drivers/usb/gadget/configfs.c | 2
drivers/usb/host/max3421-hcd.c | 2
drivers/usb/host/xhci-ring.c | 11
drivers/usb/misc/Kconfig | 1
drivers/usb/misc/qcom_eud.c | 33 +-
drivers/usb/phy/phy-twl6030-usb.c | 3
drivers/usb/typec/tipd/core.c | 24 -
drivers/usb/usbip/vhci_hcd.c | 22 +
drivers/vfio/pci/pds/dirty.c | 2
drivers/vhost/vringh.c | 14 -
drivers/watchdog/mpc8xxx_wdt.c | 2
fs/ext4/ext4.h | 10
fs/ext4/file.c | 2
fs/ext4/inode.c | 2
fs/ext4/orphan.c | 6
fs/ext4/super.c | 4
fs/f2fs/data.c | 9
fs/f2fs/f2fs.h | 4
fs/f2fs/file.c | 49 ++-
fs/gfs2/glock.c | 2
fs/nfs/nfs4proc.c | 2
fs/ntfs3/index.c | 10
fs/ntfs3/run.c | 12
fs/ocfs2/stack_user.c | 1
fs/smb/client/smb2ops.c | 17 -
fs/smb/server/smb2pdu.c | 3
fs/smb/server/transport_rdma.c | 99 ++++++-
fs/squashfs/inode.c | 7
fs/squashfs/squashfs_fs_i.h | 2
fs/udf/inode.c | 3
include/asm-generic/vmlinux.lds.h | 1
include/linux/bpf.h | 1
include/linux/once.h | 4
include/trace/events/filelock.h | 3
init/Kconfig | 1
kernel/bpf/core.c | 5
kernel/bpf/verifier.c | 4
kernel/seccomp.c | 12
kernel/smp.c | 11
kernel/trace/bpf_trace.c | 9
mm/hugetlb.c | 2
net/bluetooth/hci_sync.c | 10
net/bluetooth/iso.c | 9
net/bluetooth/mgmt.c | 10
net/core/filter.c | 16 -
net/ipv4/ping.c | 14 -
net/ipv4/tcp.c | 9
net/mac80211/rx.c | 28 +-
net/netfilter/ipset/ip_set_hash_gen.h | 8
net/netfilter/ipvs/ip_vs_conn.c | 4
net/netfilter/ipvs/ip_vs_core.c | 11
net/netfilter/ipvs/ip_vs_ctl.c | 6
net/netfilter/ipvs/ip_vs_est.c | 16 -
net/netfilter/ipvs/ip_vs_ftp.c | 4
net/nfc/nci/ntf.c | 135 +++++++---
net/sunrpc/auth_gss/svcauth_gss.c | 2
sound/pci/lx6464es/lx_core.c | 4
sound/soc/codecs/wcd934x.c | 17 +
sound/soc/intel/boards/bytcht_es8316.c | 20 +
sound/soc/intel/boards/bytcr_rt5640.c | 7
sound/soc/intel/boards/bytcr_rt5651.c | 26 +
sound/soc/sof/ipc3-topology.c | 10
tools/include/nolibc/std.h | 2
tools/lib/bpf/libbpf.c | 10
tools/testing/nvdimm/test/ndtest.c | 13
tools/testing/selftests/arm64/pauth/exec_target.c | 7
tools/testing/selftests/bpf/progs/test_tcpnotify_kern.c | 1
tools/testing/selftests/bpf/test_tcpnotify_user.c | 20 -
tools/testing/selftests/nolibc/nolibc-test.c | 4
tools/testing/selftests/watchdog/watchdog-test.c | 6
198 files changed, 1386 insertions(+), 714 deletions(-)
Abdun Nihaal (1):
wifi: mt76: fix potential memory leak in mt76_wmac_probe()
Aditya Kumar Singh (1):
wifi: mac80211: fix Rx packet handling when pubsta information is not available
Akhilesh Patil (1):
selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported
Alok Tiwari (1):
PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation
Andreas Gruenbacher (1):
gfs2: Fix GLF_INVALIDATE_IN_PROGRESS flag clearing in do_xmote
Andy Yan (1):
power: supply: cw2015: Fix a alignment coding style issue
AngeloGioacchino Del Regno (3):
arm64: dts: mediatek: mt6331: Fix pmic, regulators, rtc, keys node names
arm64: dts: mediatek: mt6795-xperia-m5: Fix mmc0 latch-ck value
arm64: dts: mediatek: mt8516-pumpkin: Fix machine compatible
Anthony Iliopoulos (1):
NFSv4.1: fix backchannel max_resp_sz verification check
Arnd Bergmann (2):
hwrng: nomadik - add ARM_AMBA dependency
media: st-delta: avoid excessive stack usage
Bagas Sanjaya (1):
Documentation: trace: historgram-design: Separate sched_waking histogram section heading and the following diagram
Bala-Vignesh-Reddy (1):
selftests: arm64: Check fread return value in exec_target
Baochen Qiang (1):
wifi: ath10k: avoid unnecessary wait for service ready message
Bartosz Golaszewski (2):
mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data()
pinctrl: check the return value of pinmux_ops::get_function_name()
Benjamin Berg (1):
selftests/nolibc: fix EXPECT_NZ macro
Bernard Metzler (1):
RDMA/siw: Always report immediate post SQ errors
Biju Das (1):
arm64: dts: renesas: rzg2lc-smarc: Disable CAN-FD channel0
Brahmajit Das (1):
drm/radeon/r600_cs: clean up of dead code in r600_cs
Brigham Campbell (1):
drm/panel: novatek-nt35560: Fix invalid return value
Chao Yu (4):
f2fs: fix condition in __allow_reserved_blocks()
f2fs: fix to update map->m_next_extent correctly in f2fs_map_blocks()
f2fs: fix to truncate first page in error path of f2fs_truncate()
f2fs: fix to mitigate overhead of f2fs_zero_post_eof_page()
Chenghai Huang (3):
crypto: hisilicon/zip - remove unnecessary validation for high-performance mode configurations
crypto: hisilicon - re-enable address prefetch after device resuming
crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs
Chia-I Wu (1):
drm/bridge: it6505: select REGMAP_I2C
Christophe Leroy (1):
watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog
Colin Ian King (2):
misc: genwqe: Fix incorrect cmd field being reported in error
ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message
Cosmin Tanislav (1):
mfd: rz-mtu3: Fix MTU5 NFCR register offset
Cristian Ciocaltea (1):
usb: vhci-hcd: Prevent suspending virtually attached devices
Da Xue (1):
pinctrl: meson-gxl: add missing i2c_d pinmux
Dan Carpenter (4):
PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe()
usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup
serial: max310x: Add error checking in probe()
ocfs2: fix double free in user_cluster_connect()
Daniel Borkmann (1):
bpf: Enforce expected_attach_type for tailcall compatibility
Daniel Wagner (1):
nvmet-fc: move lsop put work to nvmet_fc_ls_req_op
Deepak Sharma (1):
net: nfc: nci: Add parameter validation for packet data
Dmitry Antipov (1):
ACPICA: Fix largest possible resource descriptor index
Dmitry Baryshkov (2):
thermal/drivers/qcom: Make LMH select QCOM_SCM
thermal/drivers/qcom/lmh: Add missing IRQ includes
Donet Tom (2):
drivers/base/node: handle error properly in register_one_node()
drivers/base/node: fix double free in register_one_node()
Enzo Matsumiya (1):
smb: client: fix crypto buffers in non-linear memory
Eric Dumazet (3):
nbd: restrict sockets to TCP and UDP
inet: ping: check sock_net() in ping_get_port() and ping_lookup()
tcp: fix __tcp_close() to only send RST when required
Erick Karanja (1):
mtd: rawnand: atmel: Fix error handling path in atmel_nand_controller_add_nands
Fan Wu (1):
KEYS: X.509: Fix Basic Constraints CA flag parsing
Fedor Pchelkin (1):
wifi: rtw89: avoid circular locking dependency in ser_state_run()
Fenglin Wu (1):
leds: flash: leds-qcom-flash: Update torch current clamp setting
Florian Fainelli (1):
cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus()
Geert Uytterhoeven (3):
init: INITRAMFS_PRESERVE_MTIME should depend on BLK_DEV_INITRD
regmap: Remove superfluous check for !config in __regmap_init()
ARM: dts: renesas: porter: Fix CAN pin group
Genjian Zhang (1):
null_blk: Fix the description of the cache_size module argument
Greg Kroah-Hartman (1):
Linux 6.6.112
Guangshuo Li (1):
nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe()
Gui-Dong Han (1):
RDMA/rxe: Fix race in do_task() when draining
Guoqing Jiang (1):
arm64: dts: mediatek: mt8195: Remove suspend-breaking reset from pcie0
Hans de Goede (2):
iio: consumers: Fix handling of negative channel scale in iio_convert_raw_to_processed()
iio: consumers: Fix offset handling in iio_convert_raw_to_processed()
Huisong Li (1):
ACPI: processor: idle: Fix memory leak when register cpuidle device failed
Håkon Bugge (1):
RDMA/cm: Rate limit destroy CM ID timeout error message
I Viswanath (1):
net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast
Jacopo Mondi (1):
media: zoran: Remove zoran_fh structure
Jakub Kicinski (1):
Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set"
Jan Kara (1):
ext4: fix checks for orphan inodes
Janne Grunau (1):
arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map
Jeff Layton (1):
filelock: add FL_RECLAIM to show_fl_flags() macro
Jihed Chaibi (3):
ARM: dts: ti: omap: am335x-baltos: Fix ti,en-ck32k-xtal property in DTS to use correct boolean syntax
ARM: dts: ti: omap: omap3-devkit8000-lcd: Fix ti,keep-vref-on property to use correct boolean syntax in DTS
ARM: dts: omap: am335x-cm-t335: Remove unused mcasp num-serializer property
Johan Hovold (2):
firmware: firmware: meson-sm: fix compile-test default
cpuidle: qcom-spm: fix device and OF node leaks at probe
Johannes Nixdorf (1):
seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast
Jonas Karlman (1):
phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568
Kohei Enju (2):
nfp: fix RSS hash key size when RSS is not supported
net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable
Komal Bajaj (1):
usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls
Konrad Dybcio (1):
arm64: dts: qcom: qcm2290: Disable USB SS bus instances in park mode
Kunihiko Hayashi (2):
i2c: designware: Fix clock issue when PM is disabled
i2c: designware: Add disabling clocks when probe fails
Larshin Sergey (1):
fs: udf: fix OOB read in lengthAllocDescs handling
Lei Lu (1):
sunrpc: fix null pointer dereference on zero-length checksum
Leilk.Liu (1):
i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD
Leo Yan (4):
coresight: trbe: Prevent overflow in PERF_IDX2OFF()
perf: arm_spe: Prevent overflow in PERF_IDX2OFF()
coresight: etm4x: Support atclk
coresight: trbe: Return NULL pointer for allocation failures
Li Nan (1):
blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx
Liao Yuanhong (1):
drm/amd/display: Remove redundant semicolons
Ling Xu (3):
misc: fastrpc: Fix fastrpc_map_lookup operation
misc: fastrpc: fix possible map leak in fastrpc_put_args
misc: fastrpc: Skip reference for DMA handles
Luiz Augusto von Dentz (3):
Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO
Bluetooth: ISO: Fix possible UAF on iso_conn_free
Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements
Ma Ke (1):
ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data()
Marek Vasut (1):
Input: atmel_mxt_ts - allow reset GPIO to sleep
Matt Bobrowski (1):
bpf/selftests: Fix test_tcpnotify_user
Matvey Kovalev (1):
ksmbd: fix error code overwriting in smb2_get_info_filesystem()
Miaoqian Lin (1):
usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call
Michael Karcher (5):
sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC
sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III
sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara
sparc: fix accurate exception reporting in copy_to_user for Niagara 4
sparc: fix accurate exception reporting in copy_{from,to}_user for M7
Michael S. Tsirkin (1):
vhost: vringh: Fix copy_to_iter return value check
Michal Pecio (1):
Revert "usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running"
Moon Hee Lee (1):
fs/ntfs3: reject index allocation if $BITMAP is empty but blocks exist
Moshe Shemesh (2):
net/mlx5: Stop polling for command response if interface goes down
net/mlx5: fw reset, add reset timeout work
Nagarjuna Kristam (1):
PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert()
Naman Jain (1):
uio_hv_generic: Let userspace take care of interrupt mask
Nicolas Ferre (1):
ARM: at91: pm: fix MCKx restore routine
Niklas Cassel (1):
scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod
Nishanth Menon (1):
hwrng: ks-sa - fix division by zero in ks_sa_rng_init
Oleksij Rempel (1):
net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock
Parav Pandit (1):
RDMA/core: Resolve MAC of next-hop device without ARP support
Patrisious Haddad (1):
RDMA/mlx5: Fix vport loopback forcing for MPV device
Paul Chaignon (1):
bpf: Explicitly check accesses to bpf_sock_addr
Pauli Virtanen (1):
Bluetooth: ISO: don't leak skb in ISO_CONT RX
Phillip Lougher (1):
Squashfs: fix uninit-value in squashfs_get_parent
Qi Xi (1):
once: fix race by moving DO_ONCE to separate section
Qianfeng Rong (9):
regulator: scmi: Use int type to store negative error codes
block: use int to store blk_stack_limits() return value
pinctrl: renesas: Use int type to store negative error codes
ALSA: lx_core: use int type to store negative error codes
drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl()
drm/msm/dpu: fix incorrect type for ret
scsi: qla2xxx: edif: Fix incorrect sign of error code
scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES()
scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp()
Qiuxu Zhuo (1):
EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller
Rafael J. Wysocki (2):
PM: sleep: core: Clear power.must_resume in noirq suspend error path
smp: Fix up and expand the smp_call_function_many() kerneldoc
Ranjan Kumar (1):
scsi: mpt3sas: Fix crash in transport port remove by using ioc_info()
Ranjani Sridharan (1):
ASoC: SOF: ipc3-topology: Fix multi-core and static pipelines tear down
Salah Triki (1):
bus: fsl-mc: Check return value of platform_get_resource()
Seppo Takalo (1):
tty: n_gsm: Don't block input queue by waiting MSC
Shay Drory (1):
net/mlx5: pagealloc: Fix reclaim race during command interface teardown
Slavin Liu (1):
ipvs: Defer ip_vs_ftp unregister during netns cleanup
Sneh Mankad (1):
soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS
Stanley Chu (2):
i3c: master: svc: Use manual response for IBI events
i3c: master: svc: Recycle unused IBI slot
Stefan Kerkmann (1):
wifi: mwifiex: send world regulatory domain to driver
Stefan Metzmacher (1):
smb: server: fix IRD/ORD negotiation with the client
Stephan Gerhold (1):
remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice
Sven Peter (1):
usb: typec: tipd: Clear interrupts first
Takashi Iwai (3):
ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping
ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping
ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping
Tao Chen (1):
bpf: Remove migrate_disable in kprobe_multi_link_prog_run
Thomas Fourier (2):
crypto: keembay - Add missing check after sg_nents_for_len()
scsi: myrs: Fix dma_alloc_coherent() error check
Timur Kristóf (7):
drm/amdgpu: Power up UVD 3 for FW validation (v2)
drm/amd/pm: Disable ULV even if unsupported (v3)
drm/amd/pm: Fix si_upload_smc_data (v3)
drm/amd/pm: Adjust si_upload_smc_data register programming (v3)
drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3)
drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2)
drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3)
Uros Bizjak (1):
x86/vdso: Fix output operand size of RDPID
Uwe Kleine-König (1):
pwm: tiehrpwm: Fix corner case in clock divisor calculation
Vadim Pasternak (1):
hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems
Vitaly Grigoryev (1):
fs: ntfs3: Fix integer overflow in run_unpack()
Vlad Dumitrescu (1):
IB/sa: Fix sa_local_svc_timeout_ms read race
Wang Liang (1):
pps: fix warning in pps_register_cdev when register device fail
William Wu (1):
usb: gadget: configfs: Correctly set use_os_string at bind
Xichao Zhao (1):
usb: phy: twl6030: Fix incorrect type for ret
Yang Shi (1):
mm: hugetlb: avoid soft lockup when mprotect to large memory area
Yazhou Tang (1):
bpf: Reject negative offsets for ALU ops
Yeounsu Moon (1):
net: dlink: handle copy_thresh allocation failure
Youling Tang (1):
LoongArch: Automatically disable kaslr if boot from kexec_file
Yuanfang Zhang (2):
coresight: Only register perf symlink for sinks with alloc_buffer
coresight-etm4x: Conditionally access register TRCEXTINSELR
Yureka Lilian (1):
libbpf: Fix reuse of DEVMAP
Zhang Shurong (1):
media: rj54n1cb0c: Fix memleak in rj54n1_probe()
Zhang Tengfei (1):
ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enable
Zhen Ni (3):
netfilter: ipset: Remove unused htable_bits in macro ahash_region
Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak
remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable()
Zheng Qixing (2):
dm: fix queue start/stop imbalance under suspend/load/resume races
dm: fix NULL pointer dereference in __dm_suspend()
Zhouyi Zhou (1):
tools/nolibc: make time_t robust if __kernel_old_time_t is missing in host headers
Zhushuai Yin (1):
crypto: hisilicon/qm - check whether the input function and PF are on the same device
Zilin Guan (1):
vfio/pds: replace bitmap_free with vfree
wangzijie (1):
f2fs: fix zero-sized extent for precache extents
zhang jiao (1):
vhost: vringh: Modify the return value check
3 weeks, 1 day
- 1
- 1
Linux 6.1.156
by Greg Kroah-Hartman
I'm announcing the release of the 6.1.156 kernel.
All users of the 6.1 kernel series must upgrade.
The updated 6.1.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/trace/histogram-design.rst | 4
Makefile | 2
arch/arm/mach-at91/pm_suspend.S | 4
arch/arm64/boot/dts/mediatek/mt8516-pumpkin.dts | 2
arch/arm64/boot/dts/renesas/rzg2lc-smarc.dtsi | 5
arch/arm64/kernel/fpsimd.c | 8
arch/sparc/lib/M7memcpy.S | 20
arch/sparc/lib/Memcpy_utils.S | 9
arch/sparc/lib/NG4memcpy.S | 2
arch/sparc/lib/NGmemcpy.S | 29 -
arch/sparc/lib/U1memcpy.S | 19
arch/sparc/lib/U3memcpy.S | 2
arch/x86/include/asm/segment.h | 8
block/blk-mq-sysfs.c | 6
block/blk-settings.c | 3
crypto/rng.c | 8
drivers/acpi/nfit/core.c | 2
drivers/acpi/processor_idle.c | 3
drivers/base/node.c | 4
drivers/base/power/main.c | 14
drivers/base/regmap/regmap.c | 2
drivers/block/nbd.c | 8
drivers/block/null_blk/main.c | 2
drivers/bus/fsl-mc/fsl-mc-bus.c | 3
drivers/char/hw_random/Kconfig | 1
drivers/char/hw_random/ks-sa-rng.c | 4
drivers/cpufreq/scmi-cpufreq.c | 10
drivers/cpuidle/cpuidle-qcom-spm.c | 7
drivers/crypto/hisilicon/debugfs.c | 1
drivers/crypto/hisilicon/hpre/hpre_main.c | 3
drivers/crypto/hisilicon/qm.c | 3
drivers/crypto/hisilicon/sec2/sec_main.c | 80 +--
drivers/crypto/hisilicon/zip/zip_main.c | 17
drivers/devfreq/mtk-cci-devfreq.c | 3
drivers/firmware/meson/Kconfig | 2
drivers/gpu/drm/amd/amdgpu/uvd_v3_1.c | 29 +
drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 2
drivers/gpu/drm/amd/display/dc/dml/dcn32/display_rq_dlg_calc_32.c | 1
drivers/gpu/drm/amd/pm/amdgpu_dpm_internal.c | 7
drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c | 92 ++--
drivers/gpu/drm/amd/pm/swsmu/smu_cmn.c | 2
drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys_wb.c | 2
drivers/gpu/drm/panel/panel-novatek-nt35560.c | 2
drivers/gpu/drm/radeon/r600_cs.c | 4
drivers/hid/hid-mcp2221.c | 4
drivers/hwmon/mlxreg-fan.c | 24 -
drivers/hwtracing/coresight/coresight-etm4x-core.c | 11
drivers/hwtracing/coresight/coresight-etm4x.h | 2
drivers/hwtracing/coresight/coresight-trbe.c | 9
drivers/i2c/busses/i2c-designware-platdrv.c | 1
drivers/i2c/busses/i2c-mt65xx.c | 17
drivers/i3c/master/svc-i3c-master.c | 31 +
drivers/iio/inkern.c | 2
drivers/infiniband/core/addr.c | 10
drivers/infiniband/core/cm.c | 4
drivers/infiniband/core/sa_query.c | 6
drivers/infiniband/sw/siw/siw_verbs.c | 25 -
drivers/input/misc/uinput.c | 1
drivers/input/touchscreen/atmel_mxt_ts.c | 2
drivers/input/touchscreen/cyttsp4_core.c | 2
drivers/irqchip/irq-sun6i-r.c | 2
drivers/md/dm-core.h | 1
drivers/md/dm-integrity.c | 4
drivers/md/dm.c | 13
drivers/media/i2c/rj54n1cb0c.c | 9
drivers/media/i2c/tc358743.c | 4
drivers/media/pci/b2c2/flexcop-pci.c | 2
drivers/media/platform/st/sti/delta/delta-mjpeg-dec.c | 20
drivers/media/rc/imon.c | 27 -
drivers/media/tuners/xc5000.c | 41 -
drivers/mfd/vexpress-sysreg.c | 6
drivers/misc/fastrpc.c | 62 +-
drivers/misc/genwqe/card_ddcb.c | 2
drivers/mtd/nand/raw/atmel/nand-controller.c | 4
drivers/net/can/rcar/rcar_canfd.c | 7
drivers/net/can/spi/hi311x.c | 33 -
drivers/net/ethernet/amazon/ena/ena_ethtool.c | 5
drivers/net/ethernet/dlink/dl2k.c | 7
drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 6
drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.h | 12
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 17
drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c | 24 +
drivers/net/ethernet/mellanox/mlx5/core/pagealloc.c | 7
drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c | 2
drivers/net/usb/asix_devices.c | 29 +
drivers/net/usb/rtl8150.c | 2
drivers/net/wireless/ath/ath10k/wmi.c | 39 -
drivers/net/wireless/marvell/mwifiex/cfg80211.c | 7
drivers/net/wireless/mediatek/mt76/mt7603/soc.c | 2
drivers/net/wireless/realtek/rtlwifi/rtl8192cu/sw.c | 1
drivers/net/wireless/realtek/rtw89/ser.c | 3
drivers/nvme/target/fc.c | 19
drivers/pci/controller/dwc/pcie-tegra194.c | 4
drivers/pci/controller/pci-tegra.c | 2
drivers/perf/arm_spe_pmu.c | 3
drivers/pinctrl/meson/pinctrl-meson-gxl.c | 10
drivers/pinctrl/pinmux.c | 2
drivers/pinctrl/renesas/pinctrl.c | 3
drivers/power/supply/cw2015_battery.c | 3
drivers/pps/kapi.c | 5
drivers/pps/pps.c | 5
drivers/pwm/pwm-tiehrpwm.c | 4
drivers/regulator/scmi-regulator.c | 3
drivers/remoteproc/qcom_q6v5.c | 3
drivers/scsi/mpt3sas/mpt3sas_transport.c | 8
drivers/scsi/myrs.c | 8
drivers/scsi/pm8001/pm8001_sas.c | 9
drivers/scsi/qla2xxx/qla_edif.c | 4
drivers/scsi/qla2xxx/qla_init.c | 4
drivers/soc/qcom/rpmh-rsc.c | 7
drivers/staging/axis-fifo/axis-fifo.c | 68 +--
drivers/target/target_core_configfs.c | 2
drivers/thermal/qcom/Kconfig | 3
drivers/thermal/qcom/lmh.c | 2
drivers/tty/serial/Kconfig | 2
drivers/tty/serial/max310x.c | 2
drivers/uio/uio_hv_generic.c | 7
drivers/usb/cdns3/cdnsp-pci.c | 5
drivers/usb/gadget/configfs.c | 2
drivers/usb/host/max3421-hcd.c | 2
drivers/usb/host/xhci-ring.c | 11
drivers/usb/phy/phy-twl6030-usb.c | 3
drivers/usb/serial/option.c | 6
drivers/usb/typec/tipd/core.c | 24 -
drivers/usb/usbip/vhci_hcd.c | 22
drivers/vhost/vringh.c | 14
drivers/watchdog/mpc8xxx_wdt.c | 2
fs/btrfs/ref-verify.c | 9
fs/btrfs/tree-checker.c | 2
fs/ext4/ext4.h | 10
fs/ext4/file.c | 2
fs/ext4/inode.c | 2
fs/ext4/orphan.c | 6
fs/ext4/super.c | 4
fs/f2fs/data.c | 7
fs/nfs/nfs4proc.c | 2
fs/ntfs3/run.c | 12
fs/ocfs2/stack_user.c | 1
fs/smb/server/smb2pdu.c | 3
fs/smb/server/transport_rdma.c | 99 +++-
fs/squashfs/inode.c | 7
fs/squashfs/squashfs_fs_i.h | 2
fs/udf/inode.c | 3
include/crypto/sha256_base.h | 2
include/linux/bpf.h | 1
include/linux/compiler.h | 9
include/linux/device.h | 3
include/linux/minmax.h | 222 +++++-----
include/trace/events/filelock.h | 3
init/Kconfig | 1
kernel/bpf/core.c | 5
kernel/seccomp.c | 12
kernel/smp.c | 11
kernel/trace/bpf_trace.c | 9
lib/vsprintf.c | 2
mm/hugetlb.c | 2
net/9p/trans_fd.c | 8
net/bluetooth/hci_sync.c | 10
net/bluetooth/iso.c | 9
net/bluetooth/mgmt.c | 10
net/core/filter.c | 16
net/ipv4/tcp.c | 9
net/mac80211/rx.c | 28 -
net/netfilter/ipset/ip_set_hash_gen.h | 8
net/netfilter/ipvs/ip_vs_ftp.c | 4
net/nfc/nci/ntf.c | 135 ++++--
scripts/gcc-plugins/gcc-common.h | 7
sound/pci/lx6464es/lx_core.c | 4
sound/soc/codecs/rt5682s.c | 17
sound/soc/intel/boards/bytcht_es8316.c | 20
sound/soc/intel/boards/bytcr_rt5640.c | 7
sound/soc/intel/boards/bytcr_rt5651.c | 26 -
sound/soc/qcom/qdsp6/topology.c | 4
tools/include/nolibc/std.h | 2
tools/lib/bpf/libbpf.c | 10
tools/lib/subcmd/help.c | 3
tools/testing/nvdimm/test/ndtest.c | 13
tools/testing/selftests/arm64/pauth/exec_target.c | 7
tools/testing/selftests/bpf/progs/test_tcpnotify_kern.c | 1
tools/testing/selftests/bpf/test_tcpnotify_user.c | 20
tools/testing/selftests/net/mptcp/mptcp_connect.c | 2
tools/testing/selftests/watchdog/watchdog-test.c | 6
182 files changed, 1363 insertions(+), 751 deletions(-)
Abdun Nihaal (1):
wifi: mt76: fix potential memory leak in mt76_wmac_probe()
Aditya Kumar Singh (1):
wifi: mac80211: fix Rx packet handling when pubsta information is not available
Akhilesh Patil (1):
selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported
Alok Tiwari (1):
PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation
Andy Yan (1):
power: supply: cw2015: Fix a alignment coding style issue
AngeloGioacchino Del Regno (1):
arm64: dts: mediatek: mt8516-pumpkin: Fix machine compatible
Anthony Iliopoulos (1):
NFSv4.1: fix backchannel max_resp_sz verification check
Arnaud Lecomte (1):
hid: fix I2C read buffer overflow in raw_event() for mcp2221
Arnd Bergmann (2):
hwrng: nomadik - add ARM_AMBA dependency
media: st-delta: avoid excessive stack usage
Bagas Sanjaya (1):
Documentation: trace: historgram-design: Separate sched_waking histogram section heading and the following diagram
Bala-Vignesh-Reddy (1):
selftests: arm64: Check fread return value in exec_target
Baochen Qiang (1):
wifi: ath10k: avoid unnecessary wait for service ready message
Bartosz Golaszewski (2):
mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data()
pinctrl: check the return value of pinmux_ops::get_function_name()
Bernard Metzler (1):
RDMA/siw: Always report immediate post SQ errors
Biju Das (1):
arm64: dts: renesas: rzg2lc-smarc: Disable CAN-FD channel0
Bitterblue Smith (1):
wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188
Brahmajit Das (1):
drm/radeon/r600_cs: clean up of dead code in r600_cs
Breno Leitao (1):
crypto: sha256 - fix crash at kexec
Brigham Campbell (1):
drm/panel: novatek-nt35560: Fix invalid return value
Chen Yufeng (1):
can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled
Chenghai Huang (3):
crypto: hisilicon/zip - remove unnecessary validation for high-performance mode configurations
crypto: hisilicon - re-enable address prefetch after device resuming
crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs
Christophe Leroy (1):
watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog
Colin Ian King (2):
misc: genwqe: Fix incorrect cmd field being reported in error
ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message
Cristian Ciocaltea (1):
usb: vhci-hcd: Prevent suspending virtually attached devices
Da Xue (1):
pinctrl: meson-gxl: add missing i2c_d pinmux
Dan Carpenter (4):
PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe()
usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup
serial: max310x: Add error checking in probe()
ocfs2: fix double free in user_cluster_connect()
Daniel Borkmann (1):
bpf: Enforce expected_attach_type for tailcall compatibility
Daniel Wagner (1):
nvmet-fc: move lsop put work to nvmet_fc_ls_req_op
David Laight (7):
minmax.h: add whitespace around operators and after commas
minmax.h: update some comments
minmax.h: reduce the #define expansion of min(), max() and clamp()
minmax.h: use BUILD_BUG_ON_MSG() for the lo < hi test in clamp()
minmax.h: move all the clamp() definitions after the min/max() ones
minmax.h: simplify the variants of clamp()
minmax.h: remove some #defines that are only expanded once
David Sterba (1):
btrfs: ref-verify: handle damaged extent root tree
Deepak Sharma (1):
net: nfc: nci: Add parameter validation for packet data
Dmitry Baryshkov (2):
thermal/drivers/qcom: Make LMH select QCOM_SCM
thermal/drivers/qcom/lmh: Add missing IRQ includes
Donet Tom (2):
drivers/base/node: handle error properly in register_one_node()
drivers/base/node: fix double free in register_one_node()
Duoming Zhou (3):
media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove
media: tuner: xc5000: Fix use-after-free in xc5000_release
media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe
Duy Nguyen (1):
can: rcar_canfd: Fix controller mode setting
Eric Dumazet (2):
nbd: restrict sockets to TCP and UDP
tcp: fix __tcp_close() to only send RST when required
Erick Karanja (1):
mtd: rawnand: atmel: Fix error handling path in atmel_nand_controller_add_nands
Fedor Pchelkin (1):
wifi: rtw89: avoid circular locking dependency in ser_state_run()
Florian Fainelli (1):
cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus()
Geert Uytterhoeven (2):
init: INITRAMFS_PRESERVE_MTIME should depend on BLK_DEV_INITRD
regmap: Remove superfluous check for !config in __regmap_init()
Genjian Zhang (1):
null_blk: Fix the description of the cache_size module argument
Greg Kroah-Hartman (1):
Linux 6.1.156
Guangshuo Li (1):
nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe()
Hans de Goede (1):
iio: consumers: Fix offset handling in iio_convert_raw_to_processed()
Herbert Xu (1):
crypto: rng - Ensure set_ent is always present
Huisong Li (1):
ACPI: processor: idle: Fix memory leak when register cpuidle device failed
Håkon Bugge (1):
RDMA/cm: Rate limit destroy CM ID timeout error message
I Viswanath (1):
net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast
Jack Yu (1):
ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue
Jakub Kicinski (1):
Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set"
Jan Kara (1):
ext4: fix checks for orphan inodes
Jeff Layton (1):
filelock: add FL_RECLAIM to show_fl_flags() macro
Johan Hovold (2):
firmware: firmware: meson-sm: fix compile-test default
cpuidle: qcom-spm: fix device and OF node leaks at probe
Johannes Nixdorf (1):
seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast
Kees Cook (1):
gcc-plugins: Remove TODO_verify_il for GCC >= 16
Kenta Akagi (1):
selftests: mptcp: connect: fix build regression caused by backport
Kohei Enju (2):
nfp: fix RSS hash key size when RSS is not supported
net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable
Kunihiko Hayashi (1):
i2c: designware: Add disabling clocks when probe fails
Larshin Sergey (2):
media: rc: fix races with imon_disconnect()
fs: udf: fix OOB read in lengthAllocDescs handling
Leilk.Liu (1):
i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD
Leo Yan (3):
coresight: trbe: Prevent overflow in PERF_IDX2OFF()
perf: arm_spe: Prevent overflow in PERF_IDX2OFF()
coresight: trbe: Return NULL pointer for allocation failures
Li Nan (1):
blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx
Liao Yuanhong (1):
drm/amd/display: Remove redundant semicolons
Ling Xu (3):
misc: fastrpc: Fix fastrpc_map_lookup operation
misc: fastrpc: fix possible map leak in fastrpc_put_args
misc: fastrpc: Skip reference for DMA handles
Linus Torvalds (4):
minmax: don't use max() in situations that want a C constant expression
minmax: simplify min()/max()/clamp() implementation
minmax: improve macro expansion and type checking
minmax: fix up min3() and max3() too
Luiz Augusto von Dentz (3):
Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO
Bluetooth: ISO: Fix possible UAF on iso_conn_free
Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements
Marek Vasut (1):
Input: atmel_mxt_ts - allow reset GPIO to sleep
Matt Bobrowski (1):
bpf/selftests: Fix test_tcpnotify_user
Matvey Kovalev (1):
ksmbd: fix error code overwriting in smb2_get_info_filesystem()
Miaoqian Lin (1):
usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call
Michael Karcher (5):
sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC
sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III
sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara
sparc: fix accurate exception reporting in copy_to_user for Niagara 4
sparc: fix accurate exception reporting in copy_{from,to}_user for M7
Michael S. Tsirkin (1):
vhost: vringh: Fix copy_to_iter return value check
Michal Pecio (1):
Revert "usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running"
Mikulas Patocka (1):
dm-integrity: limit MAX_TAG_SIZE to 255
Moshe Shemesh (2):
net/mlx5: Stop polling for command response if interface goes down
net/mlx5: fw reset, add reset timeout work
Nagarjuna Kristam (1):
PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert()
Nalivayko Sergey (1):
net/9p: fix double req put in p9_fd_cancelled
Naman Jain (1):
uio_hv_generic: Let userspace take care of interrupt mask
Nicolas Ferre (1):
ARM: at91: pm: fix MCKx restore routine
Niklas Cassel (1):
scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod
Nishanth Menon (1):
hwrng: ks-sa - fix division by zero in ks_sa_rng_init
Oleksij Rempel (1):
net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock
Ovidiu Panait (3):
staging: axis-fifo: fix maximum TX packet length check
staging: axis-fifo: fix TX handling on copy_from_user() failure
staging: axis-fifo: flush RX FIFO on read errors
Parav Pandit (1):
RDMA/core: Resolve MAC of next-hop device without ARP support
Paul Chaignon (1):
bpf: Explicitly check accesses to bpf_sock_addr
Pauli Virtanen (1):
Bluetooth: ISO: don't leak skb in ISO_CONT RX
Phillip Lougher (1):
Squashfs: fix uninit-value in squashfs_get_parent
Qianfeng Rong (8):
regulator: scmi: Use int type to store negative error codes
block: use int to store blk_stack_limits() return value
pinctrl: renesas: Use int type to store negative error codes
ALSA: lx_core: use int type to store negative error codes
drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl()
drm/msm/dpu: fix incorrect type for ret
scsi: qla2xxx: edif: Fix incorrect sign of error code
scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES()
Rafael J. Wysocki (3):
driver core/PM: Set power.no_callbacks along with power.no_pm
PM: sleep: core: Clear power.must_resume in noirq suspend error path
smp: Fix up and expand the smp_call_function_many() kerneldoc
Ranjan Kumar (1):
scsi: mpt3sas: Fix crash in transport port remove by using ioc_info()
Raphael Gallais-Pou (1):
serial: stm32: allow selecting console when the driver is module
Ricardo Ribalda (1):
media: tunner: xc5000: Refactor firmware load
Salah Triki (1):
bus: fsl-mc: Check return value of platform_get_resource()
Shay Drory (1):
net/mlx5: pagealloc: Fix reclaim race during command interface teardown
Slavin Liu (1):
ipvs: Defer ip_vs_ftp unregister during netns cleanup
Sneh Mankad (1):
soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS
Srinivas Kandagatla (1):
ASoC: qcom: audioreach: fix potential null pointer dereference
Stanley Chu (2):
i3c: master: svc: Use manual response for IBI events
i3c: master: svc: Recycle unused IBI slot
Stefan Kerkmann (1):
wifi: mwifiex: send world regulatory domain to driver
Stefan Metzmacher (1):
smb: server: fix IRD/ORD negotiation with the client
Stephan Gerhold (1):
remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice
Sven Peter (1):
usb: typec: tipd: Clear interrupts first
Takashi Iwai (3):
ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping
ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping
ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping
Tao Chen (1):
bpf: Remove migrate_disable in kprobe_multi_link_prog_run
Thomas Fourier (1):
scsi: myrs: Fix dma_alloc_coherent() error check
Timur Kristóf (7):
drm/amdgpu: Power up UVD 3 for FW validation (v2)
drm/amd/pm: Disable ULV even if unsupported (v3)
drm/amd/pm: Fix si_upload_smc_data (v3)
drm/amd/pm: Adjust si_upload_smc_data register programming (v3)
drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3)
drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2)
drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3)
Uros Bizjak (1):
x86/vdso: Fix output operand size of RDPID
Uwe Kleine-König (1):
pwm: tiehrpwm: Fix corner case in clock divisor calculation
Vadim Pasternak (1):
hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems
Vitaly Grigoryev (1):
fs: ntfs3: Fix integer overflow in run_unpack()
Vlad Dumitrescu (1):
IB/sa: Fix sa_local_svc_timeout_ms read race
Wang Haoran (1):
scsi: target: target_core_configfs: Add length check to avoid buffer overflow
Wang Liang (1):
pps: fix warning in pps_register_cdev when register device fail
Will Deacon (1):
KVM: arm64: Fix softirq masking in FPSIMD register saving sequence
William Wu (1):
usb: gadget: configfs: Correctly set use_os_string at bind
Xiaowei Li (1):
USB: serial: option: add SIMCom 8230C compositions
Xichao Zhao (1):
usb: phy: twl6030: Fix incorrect type for ret
Yang Shi (1):
mm: hugetlb: avoid soft lockup when mprotect to large memory area
Yeounsu Moon (1):
net: dlink: handle copy_thresh allocation failure
Yuanfang Zhang (1):
coresight-etm4x: Conditionally access register TRCEXTINSELR
Yureka Lilian (1):
libbpf: Fix reuse of DEVMAP
Zhang Shurong (1):
media: rj54n1cb0c: Fix memleak in rj54n1_probe()
Zhen Ni (2):
netfilter: ipset: Remove unused htable_bits in macro ahash_region
Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak
Zheng Qixing (2):
dm: fix queue start/stop imbalance under suspend/load/resume races
dm: fix NULL pointer dereference in __dm_suspend()
Zhouyi Zhou (1):
tools/nolibc: make time_t robust if __kernel_old_time_t is missing in host headers
hupu (1):
perf subcmd: avoid crash in exclude_cmds when excludes is empty
wangzijie (1):
f2fs: fix zero-sized extent for precache extents
zhang jiao (1):
vhost: vringh: Modify the return value check
3 weeks, 1 day
- 1
- 1
Chinese Legal Translation - 95,000+ Satisfied Clients in 29+ Years
by Communication Dubai
[Logo]
PROFESSIONAL & ACCURATE
CHINESE
LEGAL TRANSLATION SERVICES
Our certified CHINESE-ARABIC TRANSLATION SERVICES IN DUBAI is
approved by the UAE Ministry of Justice, ensuring official
recognition for all translation.
WHAT WE OFFER
▸ CERTIFICATES
▸ LICENSES
▸ LEGAL DOCUMENTS
▸ CONTRACTS & AGREEMENTS
▸ COURT DOCUMENTS & MORE
FOR MORE INFORMATION
+971 42663517
+971 502885313
[http://track.uaetranslationservices.com/web/index.php/campaigns/vg637tltmtc…]
→ FREE QUOTE
[http://track.uaetranslationservices.com/web/index.php/campaigns/vg637tltmtc…]
OTHER LEGAL LANGUAGES WE OFFER:
Arabic, Russian, Turkish, French, Spanish, German, Italian, Persian
and Bulgarian.
95,000+ SATISFIED CLIENTS IN 29+ YEARS
www.communicationdubai.com I admin(a)communicationdubai.com
[http://track.uaetranslationservices.com/web/index.php/campaigns/vg637tltmtc…]
Near Abu Abu Hail Metro Station - Al Yasmeen Bldg. Office - 108 Salah
Uddin Road - Dubai
If you want to Unsubscribe Click Here
[http://track.uaetranslationservices.com/web/index.php/campaigns/vg637tltmtc…]
and Abuse Report
[http://track.uaetranslationservices.com/web/index.php/campaigns/vg637tltmtc…]
3 weeks, 1 day
- 1
- 0
[PATCH v3] platform/x86: alienware-wmi-wmax: Add AWCC support to Dell G15 5530
by tr1x_em
Makes alienware-wmi load on G15 5530 by default
Cc: stable(a)vger.kernel.org
Signed-off-by: Saumya <admin(a)trix.is-a.dev>
---
drivers/platform/x86/dell/alienware-wmi-wmax.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/drivers/platform/x86/dell/alienware-wmi-wmax.c b/drivers/platform/x86/dell/alienware-wmi-wmax.c
index 31f9643a6..3b25a8283 100644
--- a/drivers/platform/x86/dell/alienware-wmi-wmax.c
+++ b/drivers/platform/x86/dell/alienware-wmi-wmax.c
@@ -209,6 +209,14 @@ static const struct dmi_system_id awcc_dmi_table[] __initconst = {
},
.driver_data = &g_series_quirks,
},
+ {
+ .ident = "Dell Inc. G15 5530",
+ .matches = {
+ DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."),
+ DMI_MATCH(DMI_PRODUCT_NAME, "Dell G15 5530"),
+ },
+ .driver_data = &g_series_quirks,
+ },
{
.ident = "Dell Inc. G16 7630",
.matches = {
--
2.51.0
3 weeks, 1 day
- 3
- 2
[PATCH v3] platform/x86: alienware-wmi-wmax: Fix null pointer dereference in sleep handlers
by Kurt Borja
Devices without the AWCC interface don't initialize `awcc`. Add a check
before dereferencing it in sleep handlers.
Cc: stable(a)vger.kernel.org
Reported-by: Gal Hammer <galhammer(a)gmail.com>
Tested-by: Gal Hammer <galhammer(a)gmail.com>
Fixes: 07ac275981b1 ("platform/x86: alienware-wmi-wmax: Add support for manual fan control")
Signed-off-by: Kurt Borja <kuurtb(a)gmail.com>
---
Changes in v3:
- Fix typo in title
- Go for a simpler approach because the last one prevented the old
driver interface from loading
- Link to v2: https://lore.kernel.org/r/20251013-sleep-fix-v2-1-1ad8bdb79585@gmail.com
Changes in v2:
- Little logic mistake in the `force_gmode` path... (oops)
- Link to v1: https://lore.kernel.org/r/20251013-sleep-fix-v1-1-92bc11b6ecae@gmail.com
---
drivers/platform/x86/dell/alienware-wmi-wmax.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/platform/x86/dell/alienware-wmi-wmax.c b/drivers/platform/x86/dell/alienware-wmi-wmax.c
index 31f9643a6a3b..b106e8e407b3 100644
--- a/drivers/platform/x86/dell/alienware-wmi-wmax.c
+++ b/drivers/platform/x86/dell/alienware-wmi-wmax.c
@@ -1639,7 +1639,7 @@ static int wmax_wmi_probe(struct wmi_device *wdev, const void *context)
static int wmax_wmi_suspend(struct device *dev)
{
- if (awcc->hwmon)
+ if (awcc && awcc->hwmon)
awcc_hwmon_suspend(dev);
return 0;
@@ -1647,7 +1647,7 @@ static int wmax_wmi_suspend(struct device *dev)
static int wmax_wmi_resume(struct device *dev)
{
- if (awcc->hwmon)
+ if (awcc && awcc->hwmon)
awcc_hwmon_resume(dev);
return 0;
---
base-commit: 3ed17349f18774c24505b0c21dfbd3cc4f126518
change-id: 20251012-sleep-fix-5d0596dd92a3
--
~ Kurt
3 weeks, 1 day
- 2
- 1
[PATCH v2] drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies
by Tvrtko Ursulin
When adding dependencies with drm_sched_job_add_dependency(), that
function consumes the fence reference both on success and failure, so in
the latter case the dma_fence_put() on the error path (xarray failed to
expand) is a double free.
Interestingly this bug appears to have been present ever since
ebd5f74255b9 ("drm/sched: Add dependency tracking"), since the code back
then looked like this:
drm_sched_job_add_implicit_dependencies():
...
for (i = 0; i < fence_count; i++) {
ret = drm_sched_job_add_dependency(job, fences[i]);
if (ret)
break;
}
for (; i < fence_count; i++)
dma_fence_put(fences[i]);
Which means for the failing 'i' the dma_fence_put was already a double
free. Possibly there were no users at that time, or the test cases were
insufficient to hit it.
The bug was then only noticed and fixed after
9c2ba265352a ("drm/scheduler: use new iterator in drm_sched_job_add_implicit_dependencies v2")
landed, with its fixup of
4eaf02d6076c ("drm/scheduler: fix drm_sched_job_add_implicit_dependencies").
At that point it was a slightly different flavour of a double free, which
963d0b356935 ("drm/scheduler: fix drm_sched_job_add_implicit_dependencies harder")
noticed and attempted to fix.
But it only moved the double free from happening inside the
drm_sched_job_add_dependency(), when releasing the reference not yet
obtained, to the caller, when releasing the reference already released by
the former in the failure case.
As such it is not easy to identify the right target for the fixes tag so
lets keep it simple and just continue the chain.
While fixing we also improve the comment and explain the reason for taking
the reference and not dropping it.
Signed-off-by: Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com>
Fixes: 963d0b356935 ("drm/scheduler: fix drm_sched_job_add_implicit_dependencies harder")
Reported-by: Dan Carpenter <dan.carpenter(a)linaro.org>
Reference: https://lore.kernel.org/dri-devel/aNFbXq8OeYl3QSdm@stanley.mountain/
Cc: Christian König <christian.koenig(a)amd.com>
Cc: Rob Clark <robdclark(a)chromium.org>
Cc: Daniel Vetter <daniel.vetter(a)ffwll.ch>
Cc: Matthew Brost <matthew.brost(a)intel.com>
Cc: Danilo Krummrich <dakr(a)kernel.org>
Cc: Philipp Stanner <phasta(a)kernel.org>
Cc: "Christian König" <ckoenig.leichtzumerken(a)gmail.com>
Cc: dri-devel(a)lists.freedesktop.org
Cc: <stable(a)vger.kernel.org> # v5.16+
---
v2:
* Re-arrange commit text so discussion around sentences starting with
capital letters in all cases can be avoided.
* Keep double return for now.
* Improved comment instead of dropping it.
---
drivers/gpu/drm/scheduler/sched_main.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/drivers/gpu/drm/scheduler/sched_main.c b/drivers/gpu/drm/scheduler/sched_main.c
index 46119aacb809..c39f0245e3a9 100644
--- a/drivers/gpu/drm/scheduler/sched_main.c
+++ b/drivers/gpu/drm/scheduler/sched_main.c
@@ -965,13 +965,14 @@ int drm_sched_job_add_resv_dependencies(struct drm_sched_job *job,
dma_resv_assert_held(resv);
dma_resv_for_each_fence(&cursor, resv, usage, fence) {
- /* Make sure to grab an additional ref on the added fence */
- dma_fence_get(fence);
- ret = drm_sched_job_add_dependency(job, fence);
- if (ret) {
- dma_fence_put(fence);
+ /*
+ * As drm_sched_job_add_dependency always consumes the fence
+ * reference (even when it fails), and dma_resv_for_each_fence
+ * is not obtaining one, we need to grab one before calling.
+ */
+ ret = drm_sched_job_add_dependency(job, dma_fence_get(fence));
+ if (ret)
return ret;
- }
}
return 0;
}
--
2.48.0
3 weeks, 1 day
- 2
- 3
FAILED: patch "[PATCH] ASoC: SOF: ipc4-pcm: fix delay calculation when DSP resamples" failed to apply to 6.12-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.12-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y
git checkout FETCH_HEAD
git cherry-pick -x bcd1383516bb5a6f72b2d1e7f7ad42c4a14837d1
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025101352-joylessly-yoyo-b1e8@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From bcd1383516bb5a6f72b2d1e7f7ad42c4a14837d1 Mon Sep 17 00:00:00 2001
From: Kai Vehmanen <kai.vehmanen(a)linux.intel.com>
Date: Thu, 2 Oct 2025 10:47:15 +0300
Subject: [PATCH] ASoC: SOF: ipc4-pcm: fix delay calculation when DSP resamples
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When the sampling rates going in (host) and out (dai) from the DSP
are different, the IPC4 delay reporting does not work correctly.
Add support for this case by scaling the all raw position values to
a common timebase before calculating real-time delay for the PCM.
Cc: stable(a)vger.kernel.org
Fixes: 0ea06680dfcb ("ASoC: SOF: ipc4-pcm: Correct the delay calculation")
Signed-off-by: Kai Vehmanen <kai.vehmanen(a)linux.intel.com>
Reviewed-by: Péter Ujfalusi <peter.ujfalusi(a)linux.intel.com>
Reviewed-by: Bard Liao <yung-chuan.liao(a)linux.intel.com>
Signed-off-by: Peter Ujfalusi <peter.ujfalusi(a)linux.intel.com>
Link: https://patch.msgid.link/20251002074719.2084-2-peter.ujfalusi@linux.intel.c…
Signed-off-by: Mark Brown <broonie(a)kernel.org>
diff --git a/sound/soc/sof/ipc4-pcm.c b/sound/soc/sof/ipc4-pcm.c
index cb9a06792a47..769ba4fed56a 100644
--- a/sound/soc/sof/ipc4-pcm.c
+++ b/sound/soc/sof/ipc4-pcm.c
@@ -19,12 +19,14 @@
* struct sof_ipc4_timestamp_info - IPC4 timestamp info
* @host_copier: the host copier of the pcm stream
* @dai_copier: the dai copier of the pcm stream
- * @stream_start_offset: reported by fw in memory window (converted to frames)
- * @stream_end_offset: reported by fw in memory window (converted to frames)
+ * @stream_start_offset: reported by fw in memory window (converted to
+ * frames at host_copier sampling rate)
+ * @stream_end_offset: reported by fw in memory window (converted to
+ * frames at host_copier sampling rate)
* @llp_offset: llp offset in memory window
- * @boundary: wrap boundary should be used for the LLP frame counter
* @delay: Calculated and stored in pointer callback. The stored value is
- * returned in the delay callback.
+ * returned in the delay callback. Expressed in frames at host copier
+ * sampling rate.
*/
struct sof_ipc4_timestamp_info {
struct sof_ipc4_copier *host_copier;
@@ -33,7 +35,6 @@ struct sof_ipc4_timestamp_info {
u64 stream_end_offset;
u32 llp_offset;
- u64 boundary;
snd_pcm_sframes_t delay;
};
@@ -48,6 +49,16 @@ struct sof_ipc4_pcm_stream_priv {
bool chain_dma_allocated;
};
+/*
+ * Modulus to use to compare host and link position counters. The sampling
+ * rates may be different, so the raw hardware counters will wrap
+ * around at different times. To calculate differences, use
+ * DELAY_BOUNDARY as a common modulus. This value must be smaller than
+ * the wrap-around point of any hardware counter, and larger than any
+ * valid delay measurement.
+ */
+#define DELAY_BOUNDARY U32_MAX
+
static inline struct sof_ipc4_timestamp_info *
sof_ipc4_sps_to_time_info(struct snd_sof_pcm_stream *sps)
{
@@ -1049,6 +1060,35 @@ static int sof_ipc4_pcm_hw_params(struct snd_soc_component *component,
return 0;
}
+static u64 sof_ipc4_frames_dai_to_host(struct sof_ipc4_timestamp_info *time_info, u64 value)
+{
+ u64 dai_rate, host_rate;
+
+ if (!time_info->dai_copier || !time_info->host_copier)
+ return value;
+
+ /*
+ * copiers do not change sampling rate, so we can use the
+ * out_format independently of stream direction
+ */
+ dai_rate = time_info->dai_copier->data.out_format.sampling_frequency;
+ host_rate = time_info->host_copier->data.out_format.sampling_frequency;
+
+ if (!dai_rate || !host_rate || dai_rate == host_rate)
+ return value;
+
+ /* take care not to overflow u64, rates can be up to 768000 */
+ if (value > U32_MAX) {
+ value = div64_u64(value, dai_rate);
+ value *= host_rate;
+ } else {
+ value *= host_rate;
+ value = div64_u64(value, dai_rate);
+ }
+
+ return value;
+}
+
static int sof_ipc4_get_stream_start_offset(struct snd_sof_dev *sdev,
struct snd_pcm_substream *substream,
struct snd_sof_pcm_stream *sps,
@@ -1099,14 +1139,13 @@ static int sof_ipc4_get_stream_start_offset(struct snd_sof_dev *sdev,
time_info->stream_end_offset = ppl_reg.stream_end_offset;
do_div(time_info->stream_end_offset, dai_sample_size);
+ /* convert to host frame time */
+ time_info->stream_start_offset =
+ sof_ipc4_frames_dai_to_host(time_info, time_info->stream_start_offset);
+ time_info->stream_end_offset =
+ sof_ipc4_frames_dai_to_host(time_info, time_info->stream_end_offset);
+
out:
- /*
- * Calculate the wrap boundary need to be used for delay calculation
- * The host counter is in bytes, it will wrap earlier than the frames
- * based link counter.
- */
- time_info->boundary = div64_u64(~((u64)0),
- frames_to_bytes(substream->runtime, 1));
/* Initialize the delay value to 0 (no delay) */
time_info->delay = 0;
@@ -1149,6 +1188,8 @@ static int sof_ipc4_pcm_pointer(struct snd_soc_component *component,
/* For delay calculation we need the host counter */
host_cnt = snd_sof_pcm_get_host_byte_counter(sdev, component, substream);
+
+ /* Store the original value to host_ptr */
host_ptr = host_cnt;
/* convert the host_cnt to frames */
@@ -1167,6 +1208,8 @@ static int sof_ipc4_pcm_pointer(struct snd_soc_component *component,
sof_mailbox_read(sdev, time_info->llp_offset, &llp, sizeof(llp));
dai_cnt = ((u64)llp.reading.llp_u << 32) | llp.reading.llp_l;
}
+
+ dai_cnt = sof_ipc4_frames_dai_to_host(time_info, dai_cnt);
dai_cnt += time_info->stream_end_offset;
/* In two cases dai dma counter is not accurate
@@ -1200,8 +1243,9 @@ static int sof_ipc4_pcm_pointer(struct snd_soc_component *component,
dai_cnt -= time_info->stream_start_offset;
}
- /* Wrap the dai counter at the boundary where the host counter wraps */
- div64_u64_rem(dai_cnt, time_info->boundary, &dai_cnt);
+ /* Convert to a common base before comparisons */
+ dai_cnt &= DELAY_BOUNDARY;
+ host_cnt &= DELAY_BOUNDARY;
if (substream->stream == SNDRV_PCM_STREAM_PLAYBACK) {
head_cnt = host_cnt;
@@ -1211,14 +1255,11 @@ static int sof_ipc4_pcm_pointer(struct snd_soc_component *component,
tail_cnt = host_cnt;
}
- if (head_cnt < tail_cnt) {
- time_info->delay = time_info->boundary - tail_cnt + head_cnt;
- goto out;
- }
+ if (unlikely(head_cnt < tail_cnt))
+ time_info->delay = DELAY_BOUNDARY - tail_cnt + head_cnt;
+ else
+ time_info->delay = head_cnt - tail_cnt;
- time_info->delay = head_cnt - tail_cnt;
-
-out:
/*
* Convert the host byte counter to PCM pointer which wraps in buffer
* and it is in frames
3 weeks, 1 day
- 3
- 3
+ mm-damon-core-use-damos_commit_quota_goal-for-new-goal-commit.patch added to mm-hotfixes-unstable branch
by Andrew Morton
The patch titled
Subject: mm/damon/core: use damos_commit_quota_goal() for new goal commit
has been added to the -mm mm-hotfixes-unstable branch. Its filename is
mm-damon-core-use-damos_commit_quota_goal-for-new-goal-commit.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-hotfixes-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: SeongJae Park <sj(a)kernel.org>
Subject: mm/damon/core: use damos_commit_quota_goal() for new goal commit
Date: Mon, 13 Oct 2025 17:18:44 -0700
When damos_commit_quota_goals() is called for adding new DAMOS quota goals
of DAMOS_QUOTA_USER_INPUT metric, current_value fields of the new goals
should be also set as requested.
However, damos_commit_quota_goals() is not updating the field for the
case, since it is setting only metrics and target values using
damos_new_quota_goal(), and metric-optional union fields using
damos_commit_quota_goal_union(). As a result, users could see the first
current_value parameter that committed online with a new quota goal is
ignored. Users are assumed to commit the current_value for
DAMOS_QUOTA_USER_INPUT quota goals, since it is being used as a feedback.
Hence the real impact would be subtle. That said, this is obviously not
intended behavior.
Fix the issue by using damos_commit_quota_goal() which sets all quota goal
parameters, instead of damos_commit_quota_goal_union(), which sets only
the union fields.
Link: https://lkml.kernel.org/r/20251014001846.279282-1-sj@kernel.org
Fixes: 1aef9df0ee90 ("mm/damon/core: commit damos_quota_goal->nid")
Signed-off-by: SeongJae Park <sj(a)kernel.org>
Cc: <stable(a)vger.kernel.org> [6.16+]
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/damon/core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/mm/damon/core.c~mm-damon-core-use-damos_commit_quota_goal-for-new-goal-commit
+++ a/mm/damon/core.c
@@ -835,7 +835,7 @@ int damos_commit_quota_goals(struct damo
src_goal->metric, src_goal->target_value);
if (!new_goal)
return -ENOMEM;
- damos_commit_quota_goal_union(new_goal, src_goal);
+ damos_commit_quota_goal(new_goal, src_goal);
damos_add_quota_goal(dst, new_goal);
}
return 0;
_
Patches currently in -mm which might be from sj(a)kernel.org are
mm-damon-sysfs-catch-commit-test-ctx-alloc-failure.patch
mm-damon-sysfs-dealloc-commit-test-ctx-always.patch
mm-damon-core-fix-list_add_tail-call-on-damon_call.patch
mm-damon-core-use-damos_commit_quota_goal-for-new-goal-commit.patch
mm-zswap-remove-unnecessary-dlen-writes-for-incompressible-pages.patch
mm-zswap-fix-typos-s-zwap-zswap.patch
mm-zswap-s-red-black-tree-xarray.patch
docs-admin-guide-mm-zswap-s-red-black-tree-xarray.patch
3 weeks, 1 day
- 1
- 0
[PATCH] ext4: free orphan info with kvfree
by Jan Kara
Orphan info is now getting allocated with kvmalloc_array(). Free it with
kvfree() instead of kfree() to avoid complaints from mm.
Reported-by: Chris Mason <clm(a)meta.com>
Fixes: 0a6ce20c1564 ("ext4: verify orphan file size is not too big")
CC: stable(a)vger.kernel.org
Signed-off-by: Jan Kara <jack(a)suse.cz>
---
fs/ext4/orphan.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ext4/orphan.c b/fs/ext4/orphan.c
index 33c3a89396b1..82d5e7501455 100644
--- a/fs/ext4/orphan.c
+++ b/fs/ext4/orphan.c
@@ -513,7 +513,7 @@ void ext4_release_orphan_info(struct super_block *sb)
return;
for (i = 0; i < oi->of_blocks; i++)
brelse(oi->of_binfo[i].ob_bh);
- kfree(oi->of_binfo);
+ kvfree(oi->of_binfo);
}
static struct ext4_orphan_block_tail *ext4_orphan_block_tail(
@@ -637,7 +637,7 @@ int ext4_init_orphan_info(struct super_block *sb)
out_free:
for (i--; i >= 0; i--)
brelse(oi->of_binfo[i].ob_bh);
- kfree(oi->of_binfo);
+ kvfree(oi->of_binfo);
out_put:
iput(inode);
return ret;
--
2.51.0
3 weeks, 1 day
- 2
- 1
+ mm-damon-core-fix-potential-memory-leak-by-cleaning-ops_filter-in-damon_destroy_scheme.patch added to mm-hotfixes-unstable branch
by Andrew Morton
The patch titled
Subject: mm/damon/core: fix potential memory leak by cleaning ops_filter in damon_destroy_scheme
has been added to the -mm mm-hotfixes-unstable branch. Its filename is
mm-damon-core-fix-potential-memory-leak-by-cleaning-ops_filter-in-damon_destroy_scheme.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-hotfixes-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Enze Li <lienze(a)kylinos.cn>
Subject: mm/damon/core: fix potential memory leak by cleaning ops_filter in damon_destroy_scheme
Date: Tue, 14 Oct 2025 16:42:25 +0800
Currently, damon_destroy_scheme() only cleans up the filter list but
leaves ops_filter untouched, which could lead to memory leaks when a
scheme is destroyed.
This patch ensures both filter and ops_filter are properly freed in
damon_destroy_scheme(), preventing potential memory leaks.
Link: https://lkml.kernel.org/r/20251014084225.313313-1-lienze@kylinos.cn
Fixes: ab82e57981d0 ("mm/damon/core: introduce damos->ops_filters")
Signed-off-by: Enze Li <lienze(a)kylinos.cn>
Reviewed-by: SeongJae Park <sj(a)kernel.org>
Tested-by: SeongJae Park <sj(a)kernel.org>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/damon/core.c | 3 +++
1 file changed, 3 insertions(+)
--- a/mm/damon/core.c~mm-damon-core-fix-potential-memory-leak-by-cleaning-ops_filter-in-damon_destroy_scheme
+++ a/mm/damon/core.c
@@ -452,6 +452,9 @@ void damon_destroy_scheme(struct damos *
damos_for_each_filter_safe(f, next, s)
damos_destroy_filter(f);
+ damos_for_each_ops_filter_safe(f, next, s)
+ damos_destroy_filter(f);
+
kfree(s->migrate_dests.node_id_arr);
kfree(s->migrate_dests.weight_arr);
damon_del_scheme(s);
_
Patches currently in -mm which might be from lienze(a)kylinos.cn are
mm-damon-core-fix-potential-memory-leak-by-cleaning-ops_filter-in-damon_destroy_scheme.patch
3 weeks, 1 day
- 1
- 0
+ vmw_balloon-indicate-success-when-effectively-deflating-during-migration.patch added to mm-hotfixes-unstable branch
by Andrew Morton
The patch titled
Subject: vmw_balloon: indicate success when effectively deflating during migration
has been added to the -mm mm-hotfixes-unstable branch. Its filename is
vmw_balloon-indicate-success-when-effectively-deflating-during-migration.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-hotfixes-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: David Hildenbrand <david(a)redhat.com>
Subject: vmw_balloon: indicate success when effectively deflating during migration
Date: Tue, 14 Oct 2025 14:44:55 +0200
When migrating a balloon page, we first deflate the old page to then
inflate the new page.
However, if inflating the new page succeeded, we effectively deflated the
old page, reducing the balloon size.
In that case, the migration actually worked: similar to migrating+
immediately deflating the new page. The old page will be freed back to
the buddy.
Right now, the core will leave the page be marked as isolated (as we
returned an error). When later trying to putback that page, we will run
into the WARN_ON_ONCE() in balloon_page_putback().
That handling was changed in commit 3544c4faccb8 ("mm/balloon_compaction:
stop using __ClearPageMovable()"); before that change, we would have
tolerated that way of handling it.
To fix it, let's just return 0 in that case, making the core effectively
just clear the "isolated" flag + freeing it back to the buddy as if the
migration succeeded. Note that the new page will also get freed when the
core puts the last reference.
Note that this also makes it all be more consistent: we will no longer
unisolate the page in the balloon driver while keeping it marked as being
isolated in migration core.
This was found by code inspection.
Link: https://lkml.kernel.org/r/20251014124455.478345-1-david@redhat.com
Fixes: 3544c4faccb8 ("mm/balloon_compaction: stop using __ClearPageMovable()")
Signed-off-by: David Hildenbrand <david(a)redhat.com>
Cc: Jerrin Shaji George <jerrin.shaji-george(a)broadcom.com>
Cc: Broadcom internal kernel review list <bcm-kernel-feedback-list(a)broadcom.com>
Cc: Arnd Bergmann <arnd(a)arndb.de>
Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
drivers/misc/vmw_balloon.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
--- a/drivers/misc/vmw_balloon.c~vmw_balloon-indicate-success-when-effectively-deflating-during-migration
+++ a/drivers/misc/vmw_balloon.c
@@ -1737,7 +1737,7 @@ static int vmballoon_migratepage(struct
{
unsigned long status, flags;
struct vmballoon *b;
- int ret;
+ int ret = 0;
b = container_of(b_dev_info, struct vmballoon, b_dev_info);
@@ -1796,17 +1796,15 @@ static int vmballoon_migratepage(struct
* A failure happened. While we can deflate the page we just
* inflated, this deflation can also encounter an error. Instead
* we will decrease the size of the balloon to reflect the
- * change and report failure.
+ * change.
*/
atomic64_dec(&b->size);
- ret = -EBUSY;
} else {
/*
* Success. Take a reference for the page, and we will add it to
* the list after acquiring the lock.
*/
get_page(newpage);
- ret = 0;
}
/* Update the balloon list under the @pages_lock */
@@ -1817,7 +1815,7 @@ static int vmballoon_migratepage(struct
* If we succeed just insert it to the list and update the statistics
* under the lock.
*/
- if (!ret) {
+ if (status == VMW_BALLOON_SUCCESS) {
balloon_page_insert(&b->b_dev_info, newpage);
__count_vm_event(BALLOON_MIGRATE);
}
_
Patches currently in -mm which might be from david(a)redhat.com are
vmw_balloon-indicate-success-when-effectively-deflating-during-migration.patch
3 weeks, 1 day
- 1
- 0
[REGRESSION] bisected: perf: hang when using async-profiler caused by perf: Fix the POLL_HUP delivery breakage
by Octavia Togami
Using async-profiler
(https://github.com/async-profiler/async-profiler/) on Linux
6.17.1-arch1-1 causes a complete hang of the CPU. This has been
reported by many people at https://github.com/lucko/spark/issues/530.
spark is a piece of software that uses async-profiler internally.
As seen in https://github.com/lucko/spark/issues/530#issuecomment-3339974827,
this was bisected to 18dbcbfabfffc4a5d3ea10290c5ad27f22b0d240 perf:
Fix the POLL_HUP delivery breakage. Reverting this commit on 6.17.1
fixed the issue for me.
Steps to reproduce:
1. Get a copy of async-profiler. I tested both v3 (affects older spark
versions) and v4.1 (latest at time of writing). Unarchive it, this is
<async-profiler-dir>.
2. Set kernel parameters kernel.perf_event_paranoid=1 and
kernel.kptr_restrict=0 as instructed by
https://github.com/async-profiler/async-profiler/blob/fb673227c7fb311f872ce…
3. Install a version of Java that comes with jshell, i.e. Java 9 or
newer. Note: jshell is used for ease of reproduction. Any Java
application that is actively running will work.
4. Run `printf 'int acc; while (true) { acc++; }' | jshell -`. This
will start an infinitely running Java process.
5. Run `jps` and take the PID next to the text RemoteExecutionControl
-- this is the process that was just started.
6. Attach async-profiler to this process by running
`<async-profiler-dir>/bin/asprof -d 1 <PID>`. This will run for one
second, then the system should freeze entirely shortly thereafter.
I triggered a sysrq crash while the system was frozen, and the output
I found in journalctl afterwards is at
https://gist.github.com/octylFractal/76611ee76060051e5efc0c898dd0949e
I'm not sure if that text is actually from the triggered crash, but it
seems relevant. If needed, please tell me how to get the actual crash
report, I'm not sure where it is.
I'm using an AMD Ryzen 9 5900X 12-Core Processor. Given that I've seen
no Intel reports, it may be AMD specific. I don't have an Intel CPU on
hand to test with.
/proc/version: Linux version 6.17.1-arch1-1 (linux@archlinux) (gcc
(GCC) 15.2.1 20250813, GNU ld (GNU Binutils) 2.45.0) #1 SMP
PREEMPT_DYNAMIC Mon, 06 Oct 2025 18:48:29 +0000
Operating System: Arch Linux
uname -mi: x86_64 unknown
3 weeks, 1 day
- 3
- 7
[PATCH net v3 0/6] Intel Wired LAN Driver Updates 2025-10-01 (idpf, ixgbe, ixgbevf)
by Jacob Keller
For idpf:
Milena fixes a memory leak in the idpf reset logic when the driver resets
with an outstanding Tx timestamp.
For ixgbe and ixgbevf:
Jedrzej fixes an issue with reporting link speed on E610 VFs.
Jedrzej also fixes the VF mailbox API incompatibilities caused by the
confusion with API v1.4, v1.5, and v1.6. The v1.4 API introduced IPSEC
offload, but this was only supported on Linux hosts. The v1.5 API
introduced a new mailbox API which is necessary to resolve issues on ESX
hosts. The v1.6 API introduced a new link management API for E610. Jedrzej
introduces a new v1.7 API with a feature negotiation which enables properly
checking if features such as IPSEC or the ESX mailbox APIs are supported.
This resolves issues with compatibility on different hosts, and aligns the
API across hosts instead of having Linux require custom mailbox API
versions for IPSEC offload.
Koichiro fixes a KASAN use-after-free bug in ixgbe_remove().
Signed-off-by: Jacob Keller <jacob.e.keller(a)intel.com>
---
Changes in v3:
- Rebase and verified compilation issues are resolved.
- Configured b4 to exclude undeliverable addresses.
- Link to v2: https://lore.kernel.org/r/20251003-jk-iwl-net-2025-10-01-v2-0-e59b4141c1b5@…
Changes in v2:
- Drop Emil's idpf_vport_open race fix for now.
- Add my signature.
- Link to v1: https://lore.kernel.org/r/20251001-jk-iwl-net-2025-10-01-v1-0-49fa99e86600@…
---
Jedrzej Jagielski (4):
ixgbevf: fix getting link speed data for E610 devices
ixgbe: handle IXGBE_VF_GET_PF_LINK_STATE mailbox operation
ixgbevf: fix mailbox API compatibility by negotiating supported features
ixgbe: handle IXGBE_VF_FEATURES_NEGOTIATE mbox cmd
Koichiro Den (1):
ixgbe: fix too early devlink_free() in ixgbe_remove()
Milena Olech (1):
idpf: cleanup remaining SKBs in PTP flows
drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h | 15 ++
drivers/net/ethernet/intel/ixgbevf/defines.h | 1 +
drivers/net/ethernet/intel/ixgbevf/ixgbevf.h | 7 +
drivers/net/ethernet/intel/ixgbevf/mbx.h | 8 +
drivers/net/ethernet/intel/ixgbevf/vf.h | 1 +
drivers/net/ethernet/intel/idpf/idpf_ptp.c | 3 +
.../net/ethernet/intel/idpf/idpf_virtchnl_ptp.c | 1 +
drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 3 +-
drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 79 +++++++++
drivers/net/ethernet/intel/ixgbevf/ipsec.c | 10 ++
drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 34 +++-
drivers/net/ethernet/intel/ixgbevf/vf.c | 182 +++++++++++++++++----
12 files changed, 310 insertions(+), 34 deletions(-)
---
base-commit: fea8cdf6738a8b25fccbb7b109b440795a0892cb
change-id: 20251001-jk-iwl-net-2025-10-01-92cd2a626ff7
Best regards,
--
Jacob Keller <jacob.e.keller(a)intel.com>
3 weeks, 1 day
- 2
- 4
+ mm-damon-core-fix-list_add_tail-call-on-damon_call.patch added to mm-hotfixes-unstable branch
by Andrew Morton
The patch titled
Subject: mm/damon/core: fix list_add_tail() call on damon_call()
has been added to the -mm mm-hotfixes-unstable branch. Its filename is
mm-damon-core-fix-list_add_tail-call-on-damon_call.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-hotfixes-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: SeongJae Park <sj(a)kernel.org>
Subject: mm/damon/core: fix list_add_tail() call on damon_call()
Date: Tue, 14 Oct 2025 13:59:36 -0700
Each damon_ctx maintains callback requests using a linked list
(damon_ctx->call_controls). When a new callback request is received via
damon_call(), the new request should be added to the list. However, the
function is making a mistake at list_add_tail() invocation: putting the
new item to add and the list head to add it before, in the opposite order.
Because of the linked list manipulation implementation, the new request
can still be reached from the context's list head. But the list items
that were added before the new request are dropped from the list.
As a result, the callbacks are unexpectedly not invocated. Worse yet, if
the dropped callback requests were dynamically allocated, the memory is
leaked. Actually DAMON sysfs interface is using a dynamically allocated
repeat-mode callback request for automatic essential stats update. And
because the online DAMON parameters commit is using a non-repeat-mode
callback request, the issue can easily be reproduced, like below.
# damo start --damos_action stat --refresh_stat 1s
# damo tune --damos_action stat --refresh_stat 1s
The first command dynamically allocates the repeat-mode callback request
for automatic essential stat update. Users can see the essential stats
are automatically updated for every second, using the sysfs interface.
The second command calls damon_commit() with a new callback request that
was made for the commit. As a result, the previously added repeat-mode
callback request is dropped from the list. The automatic stats refresh
stops working, and the memory for the repeat-mode callback request is
leaked. It can be confirmed using kmemleak.
Fix the mistake on the list_add_tail() call.
Link: https://lkml.kernel.org/r/20251014205939.1206-1-sj@kernel.org
Fixes: 004ded6bee11 ("mm/damon: accept parallel damon_call() requests")
Signed-off-by: SeongJae Park <sj(a)kernel.org>
Cc: <stable(a)vger.kernel.org> [6.17+]
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/damon/core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/mm/damon/core.c~mm-damon-core-fix-list_add_tail-call-on-damon_call
+++ a/mm/damon/core.c
@@ -1450,7 +1450,7 @@ int damon_call(struct damon_ctx *ctx, st
INIT_LIST_HEAD(&control->list);
mutex_lock(&ctx->call_controls_lock);
- list_add_tail(&ctx->call_controls, &control->list);
+ list_add_tail(&control->list, &ctx->call_controls);
mutex_unlock(&ctx->call_controls_lock);
if (!damon_is_running(ctx))
return -EINVAL;
_
Patches currently in -mm which might be from sj(a)kernel.org are
mm-damon-sysfs-catch-commit-test-ctx-alloc-failure.patch
mm-damon-sysfs-dealloc-commit-test-ctx-always.patch
mm-damon-core-fix-list_add_tail-call-on-damon_call.patch
mm-zswap-remove-unnecessary-dlen-writes-for-incompressible-pages.patch
mm-zswap-fix-typos-s-zwap-zswap.patch
mm-zswap-s-red-black-tree-xarray.patch
docs-admin-guide-mm-zswap-s-red-black-tree-xarray.patch
3 weeks, 1 day
- 1
- 0
[PATCH Resend] PCI: Limit islolated function probing on bus 0 for LoongArch
by Huacai Chen
We found some discrete AMD graphics devices hide funtion 0 and the whole
is not supposed to be probed.
Since our original purpose is to allow integrated devices (on bus 0) to
be probed without function 0, we can limit the islolated function probing
only on bus 0.
Cc: stable(a)vger.kernel.org
Fixes: a02fd05661d73a8 ("PCI: Extend isolated function probing to LoongArch")
Signed-off-by: Huacai Chen <chenhuacai(a)loongson.cn>
---
Resend to correct the subject line.
drivers/pci/probe.c | 2 +-
include/linux/hypervisor.h | 8 +++++---
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
index c83e75a0ec12..da6a2aef823a 100644
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -2883,7 +2883,7 @@ int pci_scan_slot(struct pci_bus *bus, int devfn)
* a hypervisor that passes through individual PCI
* functions.
*/
- if (!hypervisor_isolated_pci_functions())
+ if (!hypervisor_isolated_pci_functions(bus->number))
break;
}
fn = next_fn(bus, dev, fn);
diff --git a/include/linux/hypervisor.h b/include/linux/hypervisor.h
index be5417303ecf..30ece04a16d9 100644
--- a/include/linux/hypervisor.h
+++ b/include/linux/hypervisor.h
@@ -32,13 +32,15 @@ static inline bool jailhouse_paravirt(void)
#endif /* !CONFIG_X86 */
-static inline bool hypervisor_isolated_pci_functions(void)
+static inline bool hypervisor_isolated_pci_functions(int bus)
{
if (IS_ENABLED(CONFIG_S390))
return true;
- if (IS_ENABLED(CONFIG_LOONGARCH))
- return true;
+ if (IS_ENABLED(CONFIG_LOONGARCH)) {
+ if (bus == 0)
+ return true;
+ }
return jailhouse_paravirt();
}
--
2.47.3
3 weeks, 1 day
- 2
- 1