- Linux-stable-mirror - lists.linaro.org

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.11.10 release. There are 107 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 22 Nov 2024 12:56:14 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.11.10-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.11.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.11.10-rc1 Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set Alexandre Ferrieux <alexandre.ferrieux(a)gmail.com> net: sched: u32: Add test case for systematic hnode IDR leaks Jiri Olsa <jolsa(a)kernel.org> lib/buildid: Fix build ID parsing logic Matthew Auld <matthew.auld(a)intel.com> drm/xe: improve hibernation on igpu Matthew Brost <matthew.brost(a)intel.com> drm/xe: Restore system memory GGTT mappings Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling Hamish Claxton <hamishclaxton(a)gmail.com> drm/amd/display: Fix failure to read vram info due to static BP_RESULT Ryan Seto <ryanseto(a)amd.com> drm/amd/display: Handle dml allocation failure to avoid crash Dillon Varone <dillon.varone(a)amd.com> drm/amd/display: Require minimum VBlank size for stutter optimization Rodrigo Siqueira <Rodrigo.Siqueira(a)amd.com> drm/amd/display: Adjust VSDB parser for replay feature Jack Xiao <Jack.Xiao(a)amd.com> drm/amdgpu/mes12: correct kiq unmap latency Christian König <christian.koenig(a)amd.com> drm/amdgpu: enable GTT fallback handling for dGPUs only Tim Huang <tim.huang(a)amd.com> drm/amd/pm: print pp_dpm_mclk in ascending order on SMU v14.0.0 David Rosca <david.rosca(a)amd.com> drm/amdgpu: Fix video caps for H264 and HEVC encode maximum size Christian König <christian.koenig(a)amd.com> drm/amdgpu: fix check in gmc_v9_0_get_vm_pte() Vijendar Mukunda <Vijendar.Mukunda(a)amd.com> drm/amd: Fix initialization mistake for NBIO 7.7.0 Dave Airlie <airlied(a)redhat.com> nouveau/dp: handle retries for AUX CH transfers with GSP. Dave Airlie <airlied(a)redhat.com> nouveau: handle EBUSY and EAGAIN for GSP aux errors. Dave Airlie <airlied(a)redhat.com> nouveau: fw: sync dma after setup is called. Sibi Sankar <quic_sibis(a)quicinc.com> pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag Sibi Sankar <quic_sibis(a)quicinc.com> pmdomain: arm: Use FLAG_DEV_NAME_FW to ensure unique names Peng Fan <peng.fan(a)nxp.com> pmdomain: imx93-blk-ctrl: correct remove path Ashutosh Dixit <ashutosh.dixit(a)intel.com> drm/xe/oa: Fix "Missing outer runtime PM protection" warning Matthew Auld <matthew.auld(a)intel.com> drm/xe: handle flat ccs during hibernation on igpu Francesco Dolcini <francesco.dolcini(a)toradex.com> drm/bridge: tc358768: Fix DSI command tx Andre Przywara <andre.przywara(a)arm.com> mmc: sunxi-mmc: Fix A100 compatible description Sibi Sankar <quic_sibis(a)quicinc.com> firmware: arm_scmi: Report duplicate opps as firmware bugs Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Skip opp duplicates Sibi Sankar <quic_sibis(a)quicinc.com> mailbox: qcom-cpucp: Mark the irq with IRQF_NO_SUSPEND flag Josef Bacik <josef(a)toxicpanda.com> btrfs: fix incorrect comparison for delayed refs Alex Deucher <alexander.deucher(a)amd.com> Revert "drm/amd/display: parse umc_info or vram_info based on ASIC" Aurelien Jarno <aurelien(a)aurel32.net> Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" Donet Tom <donettom(a)linux.ibm.com> selftests: hugetlb_dio: fixup check for initial conditions to skip in the start Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Make KASAN work with 5-level page-tables Bibo Mao <maobibo(a)loongson.cn> LoongArch: Fix AP booting issue in VM mode Kanglong Wang <wangkanglong(a)loongson.cn> LoongArch: Add WriteCombine shadow mapping in KASAN Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Disable KASAN if PGDIR_SIZE is too large for cpu_vabits Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Fix early_numa_add_cpu() usage for FDT systems Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint Dmitry Antipov <dmantipov(a)yandex.ru> ocfs2: fix UBSAN warning in ocfs2_verify_volume() Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: pm: use _rcu variant under rcu_read_lock Geliang Tang <geliang(a)kernel.org> mptcp: hold pm lock when deleting entry Geliang Tang <geliang(a)kernel.org> mptcp: update local address flags when setting it Maksym Glubokiy <maxgl.kernel(a)gmail.com> ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 Kailang Yang <kailang(a)realtek.com> ALSA: hda/realtek - update set GPIO3 to default for Thinkpad with ALC1318 Kailang Yang <kailang(a)realtek.com> ALSA: hda/realtek - Fixed Clevo platform headset Mic issue Roman Gushchin <roman.gushchin(a)linux.dev> mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Jarkko Sakkinen <jarkko(a)kernel.org> tpm: Disable TPM on tpm2_create_primary() failure Hajime Tazaki <thehajime(a)gmail.com> nommu: pass NULL argument to vma_iter_prealloc() Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint Sean Christopherson <seanjc(a)google.com> KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Sean Christopherson <seanjc(a)google.com> KVM: x86: Unconditionally set irr_pending when updating APICv state Sean Christopherson <seanjc(a)google.com> KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled Sean Christopherson <seanjc(a)google.com> KVM: selftests: Disable strict aliasing Mateusz Guzik <mjguzik(a)gmail.com> evm: stop avoidably reading i_writecount in evm_file_release Samasth Norway Ananda <samasth.norway.ananda(a)oracle.com> ima: fix buffer overrun in ima_eventdigest_init_common Xiaoguang Wang <lege.wang(a)jaguarmicro.com> vp_vdpa: fix id_table array not null terminated error Si-Wei Liu <si-wei.liu(a)oracle.com> vdpa/mlx5: Fix PA offset with unaligned starting iotlb map Philipp Stanner <pstanner(a)redhat.com> vdpa: solidrun: Fix UB bug with devres Andrew Morton <akpm(a)linux-foundation.org> mm: revert "mm: shmem: fix data-race in shmem_getattr()" Jann Horn <jannh(a)google.com> mm/mremap: fix address wraparound in move_page_tables() Dan Carpenter <dan.carpenter(a)linaro.org> fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args() Qun-Wei Lin <qun-wei.lin(a)mediatek.com> sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers Dave Vasilevsky <dave(a)vasilevsky.ca> crash, powerpc: default to CRASH_DUMP=n on PPC_BOOK3S_32 Dmitry Antipov <dmantipov(a)yandex.ru> ocfs2: uncache inode which has failed entering the group Jinjiang Tu <tujinjiang(a)huawei.com> mm: fix NULL pointer dereference in alloc_pages_bulk_noprof Ard Biesheuvel <ardb(a)kernel.org> x86/stackprotector: Work around strict Clang TLS symbol requirements Baoquan He <bhe(a)redhat.com> x86/mm: Fix a kdump kernel failure on SME system when CONFIG_IMA_KEXEC=y Mario Limonciello <mario.limonciello(a)amd.com> x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client Tom Chung <chiahsuan.chung(a)amd.com> drm/amd/display: Fix Panel Replay not update screen correctly Tom Chung <chiahsuan.chung(a)amd.com> drm/amd/display: Change some variable name of psr Leo Li <sunpeng.li(a)amd.com> drm/amd/display: Run idle optimizations at end of vblank handler Alex Deucher <alexander.deucher(a)amd.com> Revert "drm/amd/pm: correct the workload setting" Motiejus JakÅ`tys <motiejus(a)jakstys.lt> tools/mm: fix compile error Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> ARM: fix cacheflush with PAN Harith G <harith.g(a)alifsemi.com> ARM: 9419/1: mm: Fix kernel memory mapping for xip kernels Hangbin Liu <liuhangbin(a)gmail.com> bonding: add ns target multicast address to slave device Meghana Malladi <m-malladi(a)ti.com> net: ti: icssg-prueth: Fix 1 PPS sync Chen Ridong <chenridong(a)huawei.com> drm/vmwgfx: avoid null_ptr_deref in vmw_framebuffer_surface_create_handle Vitalii Mordan <mordan(a)ispras.ru> stmmac: dwmac-intel-plat: fix call balance of tx_clk handling routines Michal Luczaj <mhal(a)rbox.co> net: Make copy_safe_from_sockptr() match documentation Nícolas F. R. A. Prado <nfraprado(a)collabora.com> net: stmmac: dwmac-mediatek: Fix inverted handling of mediatek,mac-wol Wei Fang <wei.fang(a)nxp.com> samples: pktgen: correct dev to DEV Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> net: phylink: ensure PHY momentary link-fails are handled Alexandre Ferrieux <alexandre.ferrieux(a)gmail.com> net: sched: cls_u32: Fix u32's systematic failure to free IDR entries for hnodes. Akash Goel <akash.goel(a)arm.com> drm/panthor: Fix handling of partial GPU mapping of BOs Kiran K <kiran.k(a)intel.com> Bluetooth: btintel: Direct exception event to bluetooth stack Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_core: Fix calling mgmt_device_connected Alexandre Ghiti <alexghiti(a)rivosinc.com> drivers: perf: Fix wrong put_cpu() placement Leon Romanovsky <leon(a)kernel.org> Revert "RDMA/core: Fix ENODEV error for iWARP test over vlan" Michal Luczaj <mhal(a)rbox.co> virtio/vsock: Improve MSG_ZEROCOPY error handling Michal Luczaj <mhal(a)rbox.co> vsock: Fix sk_error_queue memory leak Michal Luczaj <mhal(a)rbox.co> virtio/vsock: Fix accept_queue memory leak Daniele Ceraolo Spurio <daniele.ceraolospurio(a)intel.com> drm/i915/gsc: ARL-H and ARL-U need a newer GSC FW. Carolina Jubran <cjubran(a)nvidia.com> net/mlx5e: Disable loopback self-test on multi-PF netdev Moshe Shemesh <moshe(a)nvidia.com> net/mlx5e: CT: Fix null-ptr-deref in add rule err flow William Tu <witu(a)nvidia.com> net/mlx5e: clear xdp features on non-uplink representors Dragos Tatulea <dtatulea(a)nvidia.com> net/mlx5e: kTLS, Fix incorrect page refcounting Mark Bloch <mbloch(a)nvidia.com> net/mlx5: fs, lock FTE when checking if active Parav Pandit <parav(a)nvidia.com> net/mlx5: Fix msix vectors to respect platform limit Paolo Abeni <pabeni(a)redhat.com> mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Paolo Abeni <pabeni(a)redhat.com> mptcp: error out earlier on disconnect Wang Liang <wangliang74(a)huawei.com> net: fix data-races around sk->sk_forward_alloc Andy Yan <andy.yan(a)rock-chips.com> drm/rockchip: vop: Fix a dereferenced before check warning Stefan Wahren <wahrenst(a)gmx.net> net: vertexcom: mse102x: Fix tx_bytes calculation Eric Dumazet <edumazet(a)google.com> sctp: fix possible UAF in sctp_v6_available() Jakub Kicinski <kuba(a)kernel.org> netlink: terminate outstanding dump on socket close ------------- Diffstat: Makefile | 4 +- arch/arm/Kconfig | 3 + arch/arm/kernel/head.S | 8 +- arch/arm/kernel/traps.c | 3 + arch/arm/mm/mmu.c | 34 +++--- arch/arm64/Kconfig | 3 + arch/arm64/include/asm/mman.h | 10 +- arch/loongarch/Kconfig | 3 + arch/loongarch/include/asm/kasan.h | 13 ++- arch/loongarch/kernel/paravirt.c | 15 +++ arch/loongarch/kernel/smp.c | 2 +- arch/loongarch/mm/kasan_init.c | 46 +++++++- arch/mips/Kconfig | 3 + arch/parisc/include/asm/mman.h | 5 +- arch/powerpc/Kconfig | 4 + arch/riscv/Kconfig | 3 + arch/s390/Kconfig | 3 + arch/sh/Kconfig | 3 + arch/x86/Kconfig | 3 + arch/x86/Makefile | 5 +- arch/x86/entry/entry.S | 16 +++ arch/x86/include/asm/asm-prototypes.h | 3 + arch/x86/kernel/cpu/amd.c | 11 ++ arch/x86/kernel/cpu/common.c | 2 + arch/x86/kernel/vmlinux.lds.S | 3 + arch/x86/kvm/lapic.c | 29 +++-- arch/x86/kvm/vmx/nested.c | 30 +++++- arch/x86/kvm/vmx/vmx.c | 6 +- arch/x86/mm/ioremap.c | 6 +- drivers/bluetooth/btintel.c | 5 +- drivers/char/tpm/tpm2-sessions.c | 7 +- drivers/firmware/arm_scmi/perf.c | 44 +++++--- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 3 +- drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c | 13 ++- drivers/gpu/drm/amd/amdgpu/mes_v12_0.c | 2 +- drivers/gpu/drm/amd/amdgpu/nbio_v7_7.c | 6 ++ drivers/gpu/drm/amd/amdgpu/nv.c | 12 +-- drivers/gpu/drm/amd/amdgpu/soc15.c | 4 +- drivers/gpu/drm/amd/amdgpu/soc21.c | 12 +-- drivers/gpu/drm/amd/amdgpu/soc24.c | 2 +- drivers/gpu/drm/amd/amdgpu/vi.c | 8 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 117 +++++++++++---------- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h | 2 +- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c | 17 +-- .../amd/display/amdgpu_dm/amdgpu_dm_irq_params.h | 2 +- drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c | 6 +- drivers/gpu/drm/amd/display/dc/core/dc_state.c | 3 + .../dml2/dml21/src/dml2_pmo/dml2_pmo_dcn4_fams2.c | 11 +- drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 49 +++------ drivers/gpu/drm/amd/pm/swsmu/inc/amdgpu_smu.h | 4 +- drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c | 5 +- drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c | 5 +- .../drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c | 5 +- drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 4 +- drivers/gpu/drm/amd/pm/swsmu/smu12/renoir_ppt.c | 4 +- .../gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c | 20 +--- .../gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c | 5 +- .../gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_0_ppt.c | 5 +- .../gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c | 9 +- drivers/gpu/drm/amd/pm/swsmu/smu_cmn.c | 8 -- drivers/gpu/drm/amd/pm/swsmu/smu_cmn.h | 2 - drivers/gpu/drm/bridge/tc358768.c | 21 +++- drivers/gpu/drm/i915/gt/uc/intel_gsc_fw.c | 50 +++++---- drivers/gpu/drm/i915/i915_drv.h | 8 +- drivers/gpu/drm/i915/intel_device_info.c | 24 ++++- drivers/gpu/drm/i915/intel_device_info.h | 4 +- drivers/gpu/drm/nouveau/nvkm/engine/disp/r535.c | 61 ++++++----- drivers/gpu/drm/nouveau/nvkm/falcon/fw.c | 11 +- drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c | 6 +- drivers/gpu/drm/panthor/panthor_mmu.c | 2 + drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 8 +- drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 2 + drivers/gpu/drm/xe/xe_bo.c | 43 ++++---- drivers/gpu/drm/xe/xe_bo_evict.c | 20 ++-- drivers/gpu/drm/xe/xe_oa.c | 2 + drivers/infiniband/core/addr.c | 2 - drivers/mailbox/qcom-cpucp-mbox.c | 2 +- drivers/media/dvb-core/dvbdev.c | 15 +-- drivers/mmc/host/dw_mmc.c | 4 +- drivers/mmc/host/sunxi-mmc.c | 6 +- drivers/net/bonding/bond_main.c | 16 ++- drivers/net/bonding/bond_options.c | 82 ++++++++++++++- drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c | 2 +- .../ethernet/mellanox/mlx5/core/en_accel/ktls_tx.c | 8 +- drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 3 +- .../net/ethernet/mellanox/mlx5/core/en_selftest.c | 4 + drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 19 +++- drivers/net/ethernet/mellanox/mlx5/core/pci_irq.c | 32 +++++- .../net/ethernet/stmicro/stmmac/dwmac-intel-plat.c | 25 +++-- .../net/ethernet/stmicro/stmmac/dwmac-mediatek.c | 4 +- drivers/net/ethernet/ti/icssg/icssg_prueth.c | 13 ++- drivers/net/ethernet/ti/icssg/icssg_prueth.h | 12 +++ drivers/net/ethernet/vertexcom/mse102x.c | 4 +- drivers/net/phy/phylink.c | 14 +-- drivers/perf/riscv_pmu_sbi.c | 4 +- drivers/pmdomain/arm/scmi_perf_domain.c | 3 +- drivers/pmdomain/core.c | 49 ++++++--- drivers/pmdomain/imx/imx93-blk-ctrl.c | 4 +- drivers/vdpa/mlx5/core/mr.c | 8 +- drivers/vdpa/solidrun/snet_main.c | 14 ++- drivers/vdpa/virtio_pci/vp_vdpa.c | 10 +- fs/btrfs/delayed-ref.c | 2 +- fs/nilfs2/btnode.c | 2 - fs/nilfs2/gcinode.c | 4 +- fs/nilfs2/mdt.c | 1 - fs/nilfs2/page.c | 2 +- fs/ocfs2/resize.c | 2 + fs/ocfs2/super.c | 13 ++- fs/proc/task_mmu.c | 4 +- include/drm/intel/i915_pciids.h | 19 +++- include/linux/mman.h | 7 +- include/linux/pm_domain.h | 6 ++ include/linux/sched/task_stack.h | 2 + include/linux/sockptr.h | 4 +- include/net/bond_options.h | 2 + kernel/Kconfig.kexec | 2 +- lib/buildid.c | 2 +- mm/mmap.c | 2 +- mm/mremap.c | 2 +- mm/nommu.c | 4 +- mm/page_alloc.c | 18 +++- mm/shmem.c | 5 - mm/swap.c | 14 --- net/bluetooth/hci_core.c | 2 - net/dccp/ipv6.c | 2 +- net/ipv6/tcp_ipv6.c | 4 +- net/mptcp/pm_netlink.c | 3 +- net/mptcp/pm_userspace.c | 15 +++ net/mptcp/protocol.c | 16 ++- net/netlink/af_netlink.c | 31 ++---- net/netlink/af_netlink.h | 2 - net/sched/cls_u32.c | 18 +++- net/sctp/ipv6.c | 19 ++-- net/vmw_vsock/af_vsock.c | 3 + net/vmw_vsock/virtio_transport_common.c | 9 ++ samples/pktgen/pktgen_sample01_simple.sh | 2 +- security/integrity/evm/evm_main.c | 3 +- security/integrity/ima/ima_template_lib.c | 14 ++- sound/pci/hda/patch_realtek.c | 13 ++- tools/mm/page-types.c | 2 +- tools/testing/selftests/kvm/Makefile | 8 +- tools/testing/selftests/mm/hugetlb_dio.c | 7 ++ .../selftests/tc-testing/tc-tests/filters/u32.json | 24 +++++ 143 files changed, 1080 insertions(+), 537 deletions(-)

15 minutes

9
115
0 0

[PATCH] fs/proc/kcore.c: Clear ret value in read_kcore_iter after successful iov_iter_zero

by Jiri Olsa

If iov_iter_zero succeeds after failed copy_from_kernel_nofault, we need to reset the ret value to zero otherwise it will be returned as final return value of read_kcore_iter. This fixes objdump -d dump over /proc/kcore for me. Cc: stable(a)vger.kernel.org Cc: Alexander Gordeev <agordeev(a)linux.ibm.com> Fixes: 3d5854d75e31 ("fs/proc/kcore.c: allow translation of physical memory addresses") Signed-off-by: Jiri Olsa <jolsa(a)kernel.org> --- fs/proc/kcore.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c index 51446c59388f..c82c408e573e 100644 --- a/fs/proc/kcore.c +++ b/fs/proc/kcore.c @@ -600,6 +600,7 @@ static ssize_t read_kcore_iter(struct kiocb *iocb, struct iov_iter *iter) ret = -EFAULT; goto out; } + ret = 0; /* * We know the bounce buffer is safe to copy from, so * use _copy_to_iter() directly. -- 2.47.0

1 hour, 9 minutes

1
0
0 0

[PATCH v1] usb: typec: ucsi: Fix completion notifications

by Łukasz Bartosik

OPM PPM LPM | 1.send cmd | | |-------------------------->| | | |-- | | | | 2.set busy bit in CCI | | |<- | | 3.notify the OPM | | |<--------------------------| | | | 4.send cmd to be executed | | |-------------------------->| | | | | | 5.cmd completed | | |<--------------------------| | | | | |-- | | | | 6.set cmd completed | | |<- bit in CCI | | | | | 7.handle notification | | | from point 3, read CCI | | |<--------------------------| | | | | | 8.notify the OPM | | |<--------------------------| | | | | When the PPM receives command from the OPM (p.1) it sets the busy bit in the CCI (p.2), sends notification to the OPM (p.3) and forwards the command to be executed by the LPM (p.4). When the PPM receives command completion from the LPM (p.5) it sets command completion bit in the CCI (p.6) and sends notification to the OPM (p.8). If command execution by the LPM is fast enough then when the OPM starts handling the notification from p.3 in p.7 and reads the CCI value it will see command completion bit and will call complete(). Then complete() might be called again when the OPM handles notification from p.8. This fix replaces test_bit() with test_and_clear_bit() in ucsi_notify_common() in order to call complete() only once per request. Fixes: 584e8df58942 ("usb: typec: ucsi: extract common code for command handling") Cc: stable(a)vger.kernel.org Signed-off-by: Łukasz Bartosik <ukaszb(a)chromium.org> --- drivers/usb/typec/ucsi/ucsi.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/usb/typec/ucsi/ucsi.c b/drivers/usb/typec/ucsi/ucsi.c index e0f3925e401b..7a9b987ea80c 100644 --- a/drivers/usb/typec/ucsi/ucsi.c +++ b/drivers/usb/typec/ucsi/ucsi.c @@ -46,11 +46,11 @@ void ucsi_notify_common(struct ucsi *ucsi, u32 cci) ucsi_connector_change(ucsi, UCSI_CCI_CONNECTOR(cci)); if (cci & UCSI_CCI_ACK_COMPLETE && - test_bit(ACK_PENDING, &ucsi->flags)) + test_and_clear_bit(ACK_PENDING, &ucsi->flags)) complete(&ucsi->complete); if (cci & UCSI_CCI_COMMAND_COMPLETE && - test_bit(COMMAND_PENDING, &ucsi->flags)) + test_and_clear_bit(COMMAND_PENDING, &ucsi->flags)) complete(&ucsi->complete); } EXPORT_SYMBOL_GPL(ucsi_notify_common); -- 2.47.0.199.ga7371fff76-goog

1 hour, 26 minutes

2
4
0 0

[PATCH v2] of: property: fw_devlink: Do not use interrupt-parent directly

by Samuel Holland

commit 7f00be96f125 ("of: property: Add device link support for interrupt-parent, dmas and -gpio(s)") started adding device links for the interrupt-parent property. commit 4104ca776ba3 ("of: property: Add fw_devlink support for interrupts") and commit f265f06af194 ("of: property: Fix fw_devlink handling of interrupts/interrupts-extended") later added full support for parsing the interrupts and interrupts-extended properties, which includes looking up the node of the parent domain. This made the handler for the interrupt-parent property redundant. In fact, creating device links based solely on interrupt-parent is problematic, because it can create spurious cycles. A node may have this property without itself being an interrupt controller or consumer. For example, this property is often present in the root node or a /soc bus node to set the default interrupt parent for child nodes. However, it is incorrect for the bus to depend on the interrupt controller, as some of the bus's children may not be interrupt consumers at all or may have a different interrupt parent. Resolving these spurious dependency cycles can cause an incorrect probe order for interrupt controller drivers. This was observed on a RISC-V system with both an APLIC and IMSIC under /soc, where interrupt-parent in /soc points to the APLIC, and the APLIC msi-parent points to the IMSIC. fw_devlink found three dependency cycles and attempted to probe the APLIC before the IMSIC. After applying this patch, there were no dependency cycles and the probe order was correct. Acked-by: Marc Zyngier <maz(a)kernel.org> Cc: stable(a)vger.kernel.org Fixes: 4104ca776ba3 ("of: property: Add fw_devlink support for interrupts") Signed-off-by: Samuel Holland <samuel.holland(a)sifive.com> --- Changes in v2: - Fix typo in commit message - Add Fixes: tag and CC stable drivers/of/property.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/drivers/of/property.c b/drivers/of/property.c index 11b922fde7af..7bd8390f2fba 100644 --- a/drivers/of/property.c +++ b/drivers/of/property.c @@ -1213,7 +1213,6 @@ DEFINE_SIMPLE_PROP(iommus, "iommus", "#iommu-cells") DEFINE_SIMPLE_PROP(mboxes, "mboxes", "#mbox-cells") DEFINE_SIMPLE_PROP(io_channels, "io-channels", "#io-channel-cells") DEFINE_SIMPLE_PROP(io_backends, "io-backends", "#io-backend-cells") -DEFINE_SIMPLE_PROP(interrupt_parent, "interrupt-parent", NULL) DEFINE_SIMPLE_PROP(dmas, "dmas", "#dma-cells") DEFINE_SIMPLE_PROP(power_domains, "power-domains", "#power-domain-cells") DEFINE_SIMPLE_PROP(hwlocks, "hwlocks", "#hwlock-cells") @@ -1359,7 +1358,6 @@ static const struct supplier_bindings of_supplier_bindings[] = { { .parse_prop = parse_mboxes, }, { .parse_prop = parse_io_channels, }, { .parse_prop = parse_io_backends, }, - { .parse_prop = parse_interrupt_parent, }, { .parse_prop = parse_dmas, .optional = true, }, { .parse_prop = parse_power_domains, }, { .parse_prop = parse_hwlocks, }, -- 2.45.1

2 hours, 31 minutes

2
1
0 0

[PATCH v3 2/8] serial: sh-sci: Check if TX data was written to device in .tx_empty()

by Claudiu

From: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> On the Renesas RZ/G3S, when doing suspend to RAM, the uart_suspend_port() is called. The uart_suspend_port() calls 3 times the struct uart_port::ops::tx_empty() before shutting down the port. According to the documentation, the struct uart_port::ops::tx_empty() API tests whether the transmitter FIFO and shifter for the port is empty. The Renesas RZ/G3S SCIFA IP reports the number of data units stored in the transmit FIFO through the FDR (FIFO Data Count Register). The data units in the FIFOs are written in the shift register and transmitted from there. The TEND bit in the Serial Status Register reports if the data was transmitted from the shift register. In the previous code, in the tx_empty() API implemented by the sh-sci driver, it is considered that the TX is empty if the hardware reports the TEND bit set and the number of data units in the FIFO is zero. According to the HW manual, the TEND bit has the following meaning: 0: Transmission is in the waiting state or in progress. 1: Transmission is completed. It has been noticed that when opening the serial device w/o using it and then switch to a power saving mode, the tx_empty() call in the uart_port_suspend() function fails, leading to the "Unable to drain transmitter" message being printed on the console. This is because the TEND=0 if nothing has been transmitted and the FIFOs are empty. As the TEND=0 has double meaning (waiting state, in progress) we can't determined the scenario described above. Add a software workaround for this. This sets a variable if any data has been sent on the serial console (when using PIO) or if the DMA callback has been called (meaning something has been transmitted). In the tx_empty() API the status of the DMA transaction is also checked and if it is completed or in progress the code falls back in checking the hardware registers instead of relying on the software variable. Fixes: 73a19e4c0301 ("serial: sh-sci: Add DMA support.") Cc: stable(a)vger.kernel.org Signed-off-by: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> --- Changes in v3: - s/first_time_tx/tx_occurred/g - checked the DMA status in sci_tx_empty() through sci_dma_check_tx_occurred() function; added this new function as the DMA support is conditioned by the CONFIG_SERIAL_SH_SCI_DMA flag - dropped the tx_occurred initialization in sci_shutdown() as it is already initialized in sci_startup() - adjusted the commit message to reflect latest changes Changes in v2: - use bool type instead of atomic_t drivers/tty/serial/sh-sci.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/drivers/tty/serial/sh-sci.c b/drivers/tty/serial/sh-sci.c index 136e0c257af1..ade151ff39d2 100644 --- a/drivers/tty/serial/sh-sci.c +++ b/drivers/tty/serial/sh-sci.c @@ -157,6 +157,7 @@ struct sci_port { bool has_rtscts; bool autorts; + bool tx_occurred; }; #define SCI_NPORTS CONFIG_SERIAL_SH_SCI_NR_UARTS @@ -850,6 +851,7 @@ static void sci_transmit_chars(struct uart_port *port) { struct tty_port *tport = &port->state->port; unsigned int stopped = uart_tx_stopped(port); + struct sci_port *s = to_sci_port(port); unsigned short status; unsigned short ctrl; int count; @@ -885,6 +887,7 @@ static void sci_transmit_chars(struct uart_port *port) } sci_serial_out(port, SCxTDR, c); + s->tx_occurred = true; port->icount.tx++; } while (--count > 0); @@ -1241,6 +1244,8 @@ static void sci_dma_tx_complete(void *arg) if (kfifo_len(&tport->xmit_fifo) < WAKEUP_CHARS) uart_write_wakeup(port); + s->tx_occurred = true; + if (!kfifo_is_empty(&tport->xmit_fifo)) { s->cookie_tx = 0; schedule_work(&s->work_tx); @@ -1731,6 +1736,16 @@ static void sci_flush_buffer(struct uart_port *port) s->cookie_tx = -EINVAL; } } + +static void sci_dma_check_tx_occurred(struct sci_port *s) +{ + struct dma_tx_state state; + enum dma_status status; + + status = dmaengine_tx_status(s->chan_tx, s->cookie_tx, &state); + if (status == DMA_COMPLETE || status == DMA_IN_PROGRESS) + s->tx_occurred = true; +} #else /* !CONFIG_SERIAL_SH_SCI_DMA */ static inline void sci_request_dma(struct uart_port *port) { @@ -1740,6 +1755,10 @@ static inline void sci_free_dma(struct uart_port *port) { } +static void sci_dma_check_tx_occurred(struct sci_port *s) +{ +} + #define sci_flush_buffer NULL #endif /* !CONFIG_SERIAL_SH_SCI_DMA */ @@ -2076,6 +2095,12 @@ static unsigned int sci_tx_empty(struct uart_port *port) { unsigned short status = sci_serial_in(port, SCxSR); unsigned short in_tx_fifo = sci_txfill(port); + struct sci_port *s = to_sci_port(port); + + sci_dma_check_tx_occurred(s); + + if (!s->tx_occurred) + return TIOCSER_TEMT; return (status & SCxSR_TEND(port)) && !in_tx_fifo ? TIOCSER_TEMT : 0; } @@ -2247,6 +2272,7 @@ static int sci_startup(struct uart_port *port) dev_dbg(port->dev, "%s(%d)\n", __func__, port->line); + s->tx_occurred = false; sci_request_dma(port); ret = sci_request_irq(s); -- 2.39.2

2 hours, 48 minutes

2
1
0 0

[PATCH v2] iommu/arm-smmu: Defer probe of clients after smmu device bound

by Pratyush Brahma

Null pointer dereference occurs due to a race between smmu driver probe and client driver probe, when of_dma_configure() for client is called after the iommu_device_register() for smmu driver probe has executed but before the driver_bound() for smmu driver has been called. Following is how the race occurs: T1:Smmu device probe T2: Client device probe really_probe() arm_smmu_device_probe() iommu_device_register() really_probe() platform_dma_configure() of_dma_configure() of_dma_configure_id() of_iommu_configure() iommu_probe_device() iommu_init_device() arm_smmu_probe_device() arm_smmu_get_by_fwnode() driver_find_device_by_fwnode() driver_find_device() next_device() klist_next() /* null ptr assigned to smmu */ /* null ptr dereference while smmu->streamid_mask */ driver_bound() klist_add_tail() When this null smmu pointer is dereferenced later in arm_smmu_probe_device, the device crashes. Fix this by deferring the probe of the client device until the smmu device has bound to the arm smmu driver. Fixes: 021bb8420d44 ("iommu/arm-smmu: Wire up generic configuration support") Cc: stable(a)vger.kernel.org Co-developed-by: Prakash Gupta <quic_guptap(a)quicinc.com> Signed-off-by: Prakash Gupta <quic_guptap(a)quicinc.com> Signed-off-by: Pratyush Brahma <quic_pbrahma(a)quicinc.com> --- Changes in v2: Fix kernel test robot warning Add stable kernel list in cc Link to v1: https://lore.kernel.org/all/20241001055633.21062-1-quic_pbrahma@quicinc.com/ drivers/iommu/arm/arm-smmu/arm-smmu.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/iommu/arm/arm-smmu/arm-smmu.c b/drivers/iommu/arm/arm-smmu/arm-smmu.c index 723273440c21..7c778b7eb8c8 100644 --- a/drivers/iommu/arm/arm-smmu/arm-smmu.c +++ b/drivers/iommu/arm/arm-smmu/arm-smmu.c @@ -1437,6 +1437,9 @@ static struct iommu_device *arm_smmu_probe_device(struct device *dev) goto out_free; } else { smmu = arm_smmu_get_by_fwnode(fwspec->iommu_fwnode); + if (!smmu) + return ERR_PTR(dev_err_probe(dev, -EPROBE_DEFER, + "smmu dev has not bound yet\n")); } ret = -EINVAL; -- 2.17.1

3 hours, 15 minutes

3
8
0 0

[PATCH] scsi: ufs: core: sysfs: Prevent div by zero

by Gwendal Grignou

Prevent a division by 0 when monitoring is not enabled. Fixes: 1d8613a23f3c ("scsi: ufs: core: Introduce HBA performance monitor sysfs nodes") Cc: stable(a)vger.kernel.org Signed-off-by: Gwendal Grignou <gwendal(a)chromium.org> --- drivers/ufs/core/ufs-sysfs.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/ufs/core/ufs-sysfs.c b/drivers/ufs/core/ufs-sysfs.c index c95906443d5f9..3692b39b35e78 100644 --- a/drivers/ufs/core/ufs-sysfs.c +++ b/drivers/ufs/core/ufs-sysfs.c @@ -485,6 +485,9 @@ static ssize_t read_req_latency_avg_show(struct device *dev, struct ufs_hba *hba = dev_get_drvdata(dev); struct ufs_hba_monitor *m = &hba->monitor; + if (!m->nr_req[READ]) + return sysfs_emit(buf, "0\n"); + return sysfs_emit(buf, "%llu\n", div_u64(ktime_to_us(m->lat_sum[READ]), m->nr_req[READ])); } @@ -552,6 +555,9 @@ static ssize_t write_req_latency_avg_show(struct device *dev, struct ufs_hba *hba = dev_get_drvdata(dev); struct ufs_hba_monitor *m = &hba->monitor; + if (!m->nr_req[WRITE]) + return sysfs_emit(buf, "0\n"); + return sysfs_emit(buf, "%llu\n", div_u64(ktime_to_us(m->lat_sum[WRITE]), m->nr_req[WRITE])); } -- 2.47.0.338.g60cca15819-goog

3 hours, 55 minutes

2
1
0 0

[PATCH 6.6 00/82] 6.6.63-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.63 release. There are 82 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 22 Nov 2024 12:56:17 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.63-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.63-rc1 SeongJae Park <sj(a)kernel.org> mm/damon/core: copy nr_accesses when splitting region SeongJae Park <sj(a)kernel.org> mm/damon/core: handle zero schemes apply interval SeongJae Park <sj(a)kernel.org> mm/damon/core: check apply interval in damon_do_apply_schemes() Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: resolve faulty mmap_region() error path behaviour Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: refactor map_deny_write_exec() Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: unconditionally close VMAs on error Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: avoid unsafe VMA hook invocation when error arises on mmap hook George Stark <gnstark(a)salutedevices.com> leds: mlxreg: Use devm_mutex_init() for mutex initialization Eric Van Hensbergen <ericvh(a)kernel.org> fs/9p: fix uninitialized values during inode evict Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> drm/amd/pm: Vangogh: Fix kernel memory out of bounds write Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: pm: use _rcu variant under rcu_read_lock Geliang Tang <tanggeliang(a)kylinos.cn> mptcp: drop lookup_by_id in lookup_addr Geliang Tang <tanggeliang(a)kylinos.cn> mptcp: hold pm lock when deleting entry Geliang Tang <tanggeliang(a)kylinos.cn> mptcp: update local address flags when setting it Geliang Tang <tanggeliang(a)kylinos.cn> mptcp: add userspace_pm_lookup_addr_by_id helper Geliang Tang <geliang.tang(a)suse.com> mptcp: define more local variables sk Chuck Lever <chuck.lever(a)oracle.com> NFSD: Never decrement pending_async_copies on error Chuck Lever <chuck.lever(a)oracle.com> NFSD: Initialize struct nfsd4_copy earlier Chuck Lever <chuck.lever(a)oracle.com> NFSD: Limit the number of concurrent async COPY operations Chuck Lever <chuck.lever(a)oracle.com> NFSD: Async COPY result needs to return a write verifier Dai Ngo <dai.ngo(a)oracle.com> NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set Jiri Olsa <jolsa(a)kernel.org> lib/buildid: Fix build ID parsing logic Umang Jain <umang.jain(a)ideasonboard.com> staging: vchiq_arm: Use devm_kzalloc() for vchiq_arm_state allocation Stefan Wahren <wahrenst(a)gmx.net> staging: vchiq_arm: Get the rid off struct vchiq_2835_state SeongJae Park <sj(a)kernel.org> mm/damon/core: handle zero {aggregation,ops_update} intervals SeongJae Park <sj(a)kernel.org> mm/damon/core: implement scheme-specific apply interval Rodrigo Siqueira <Rodrigo.Siqueira(a)amd.com> drm/amd/display: Adjust VSDB parser for replay feature Vijendar Mukunda <Vijendar.Mukunda(a)amd.com> drm/amd: Fix initialization mistake for NBIO 7.7.0 Dave Airlie <airlied(a)redhat.com> nouveau: fw: sync dma after setup is called. Peng Fan <peng.fan(a)nxp.com> pmdomain: imx93-blk-ctrl: correct remove path Francesco Dolcini <francesco.dolcini(a)toradex.com> drm/bridge: tc358768: Fix DSI command tx Andre Przywara <andre.przywara(a)arm.com> mmc: sunxi-mmc: Fix A100 compatible description Aurelien Jarno <aurelien(a)aurel32.net> Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Make KASAN work with 5-level page-tables Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Disable KASAN if PGDIR_SIZE is too large for cpu_vabits Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Fix early_numa_add_cpu() usage for FDT systems Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint Dmitry Antipov <dmantipov(a)yandex.ru> ocfs2: fix UBSAN warning in ocfs2_verify_volume() Maksym Glubokiy <maxgl.kernel(a)gmail.com> ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 Kailang Yang <kailang(a)realtek.com> ALSA: hda/realtek - Fixed Clevo platform headset Mic issue Hajime Tazaki <thehajime(a)gmail.com> nommu: pass NULL argument to vma_iter_prealloc() Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint Sean Christopherson <seanjc(a)google.com> KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Sean Christopherson <seanjc(a)google.com> KVM: x86: Unconditionally set irr_pending when updating APICv state Sean Christopherson <seanjc(a)google.com> KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled Samasth Norway Ananda <samasth.norway.ananda(a)oracle.com> ima: fix buffer overrun in ima_eventdigest_init_common Xiaoguang Wang <lege.wang(a)jaguarmicro.com> vp_vdpa: fix id_table array not null terminated error Si-Wei Liu <si-wei.liu(a)oracle.com> vdpa/mlx5: Fix PA offset with unaligned starting iotlb map Philipp Stanner <pstanner(a)redhat.com> vdpa: solidrun: Fix UB bug with devres Andrew Morton <akpm(a)linux-foundation.org> mm: revert "mm: shmem: fix data-race in shmem_getattr()" Dmitry Antipov <dmantipov(a)yandex.ru> ocfs2: uncache inode which has failed entering the group Jinjiang Tu <tujinjiang(a)huawei.com> mm: fix NULL pointer dereference in alloc_pages_bulk_noprof Baoquan He <bhe(a)redhat.com> x86/mm: Fix a kdump kernel failure on SME system when CONFIG_IMA_KEXEC=y Motiejus JakÅ`tys <motiejus(a)jakstys.lt> tools/mm: fix compile error Harith G <harith.g(a)alifsemi.com> ARM: 9419/1: mm: Fix kernel memory mapping for xip kernels Hangbin Liu <liuhangbin(a)gmail.com> bonding: add ns target multicast address to slave device Meghana Malladi <m-malladi(a)ti.com> net: ti: icssg-prueth: Fix 1 PPS sync Vitalii Mordan <mordan(a)ispras.ru> stmmac: dwmac-intel-plat: fix call balance of tx_clk handling routines Jisheng Zhang <jszhang(a)kernel.org> net: stmmac: rename stmmac_pltfr_remove_no_dt to stmmac_pltfr_remove Jisheng Zhang <jszhang(a)kernel.org> net: stmmac: dwmac-visconti: use devm_stmmac_probe_config_dt() Jisheng Zhang <jszhang(a)kernel.org> net: stmmac: dwmac-intel-plat: use devm_stmmac_probe_config_dt() Michal Luczaj <mhal(a)rbox.co> net: Make copy_safe_from_sockptr() match documentation Nícolas F. R. A. Prado <nfraprado(a)collabora.com> net: stmmac: dwmac-mediatek: Fix inverted handling of mediatek,mac-wol Wei Fang <wei.fang(a)nxp.com> samples: pktgen: correct dev to DEV Alexandre Ferrieux <alexandre.ferrieux(a)gmail.com> net: sched: cls_u32: Fix u32's systematic failure to free IDR entries for hnodes. Pedro Tammela <pctammela(a)mojatatu.com> net/sched: cls_u32: replace int refcounts with proper refcounts Kiran K <kiran.k(a)intel.com> Bluetooth: btintel: Direct exception event to bluetooth stack Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_core: Fix calling mgmt_device_connected Leon Romanovsky <leon(a)kernel.org> Revert "RDMA/core: Fix ENODEV error for iWARP test over vlan" Michal Luczaj <mhal(a)rbox.co> virtio/vsock: Fix accept_queue memory leak Moshe Shemesh <moshe(a)nvidia.com> net/mlx5e: CT: Fix null-ptr-deref in add rule err flow William Tu <witu(a)nvidia.com> net/mlx5e: clear xdp features on non-uplink representors Dragos Tatulea <dtatulea(a)nvidia.com> net/mlx5e: kTLS, Fix incorrect page refcounting Mark Bloch <mbloch(a)nvidia.com> net/mlx5: fs, lock FTE when checking if active Paolo Abeni <pabeni(a)redhat.com> mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Paolo Abeni <pabeni(a)redhat.com> mptcp: error out earlier on disconnect Andy Yan <andy.yan(a)rock-chips.com> drm/rockchip: vop: Fix a dereferenced before check warning Stefan Wahren <wahrenst(a)gmx.net> net: vertexcom: mse102x: Fix tx_bytes calculation Eric Dumazet <edumazet(a)google.com> sctp: fix possible UAF in sctp_v6_available() Jakub Kicinski <kuba(a)kernel.org> netlink: terminate outstanding dump on socket close ------------- Diffstat: Makefile | 4 +- arch/arm/kernel/head.S | 8 +- arch/arm/mm/mmu.c | 34 +++--- arch/arm64/include/asm/mman.h | 10 +- arch/loongarch/include/asm/kasan.h | 2 +- arch/loongarch/kernel/smp.c | 2 +- arch/loongarch/mm/kasan_init.c | 41 ++++++- arch/parisc/include/asm/mman.h | 5 +- arch/x86/kvm/lapic.c | 29 +++-- arch/x86/kvm/vmx/nested.c | 30 ++++- arch/x86/kvm/vmx/vmx.c | 6 +- arch/x86/mm/ioremap.c | 6 +- drivers/bluetooth/btintel.c | 5 +- drivers/gpu/drm/amd/amdgpu/nbio_v7_7.c | 6 + drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 2 +- drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 7 +- drivers/gpu/drm/bridge/tc358768.c | 21 +++- drivers/gpu/drm/nouveau/nvkm/falcon/fw.c | 11 +- drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 8 +- drivers/infiniband/core/addr.c | 2 - drivers/leds/leds-mlxreg.c | 16 +-- drivers/media/dvb-core/dvbdev.c | 15 +-- drivers/mmc/host/dw_mmc.c | 4 +- drivers/mmc/host/sunxi-mmc.c | 6 +- drivers/net/bonding/bond_main.c | 16 ++- drivers/net/bonding/bond_options.c | 82 ++++++++++++- drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c | 2 +- .../ethernet/mellanox/mlx5/core/en_accel/ktls_tx.c | 8 +- drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 3 +- drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 19 ++- .../net/ethernet/stmicro/stmmac/dwmac-intel-plat.c | 40 +++---- .../net/ethernet/stmicro/stmmac/dwmac-mediatek.c | 4 +- .../net/ethernet/stmicro/stmmac/dwmac-visconti.c | 18 +-- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 25 +--- .../net/ethernet/stmicro/stmmac/stmmac_platform.h | 1 - drivers/net/ethernet/ti/icssg/icssg_prueth.c | 13 ++- drivers/net/ethernet/ti/icssg/icssg_prueth.h | 12 ++ drivers/net/ethernet/vertexcom/mse102x.c | 4 +- drivers/pmdomain/imx/imx93-blk-ctrl.c | 4 +- .../vc04_services/interface/vchiq_arm/vchiq_arm.c | 25 +--- drivers/vdpa/mlx5/core/mr.c | 8 +- drivers/vdpa/solidrun/snet_main.c | 14 ++- drivers/vdpa/virtio_pci/vp_vdpa.c | 10 +- fs/9p/vfs_inode.c | 17 +-- fs/nfsd/netns.h | 1 + fs/nfsd/nfs4proc.c | 36 +++--- fs/nfsd/nfs4state.c | 1 + fs/nfsd/xdr4.h | 1 + fs/nilfs2/btnode.c | 2 - fs/nilfs2/gcinode.c | 4 +- fs/nilfs2/mdt.c | 1 - fs/nilfs2/page.c | 2 +- fs/ocfs2/resize.c | 2 + fs/ocfs2/super.c | 13 ++- include/linux/damon.h | 17 ++- include/linux/mman.h | 28 ++++- include/linux/sockptr.h | 4 +- include/net/bond_options.h | 2 + lib/buildid.c | 2 +- mm/damon/core.c | 84 ++++++++++++-- mm/damon/dbgfs.c | 3 +- mm/damon/lru_sort.c | 2 + mm/damon/reclaim.c | 2 + mm/damon/sysfs-schemes.c | 2 +- mm/internal.h | 45 ++++++++ mm/mmap.c | 128 ++++++++++++--------- mm/mprotect.c | 2 +- mm/nommu.c | 11 +- mm/page_alloc.c | 3 +- mm/shmem.c | 5 - net/bluetooth/hci_core.c | 2 - net/mptcp/pm_netlink.c | 15 ++- net/mptcp/pm_userspace.c | 77 ++++++++----- net/mptcp/protocol.c | 16 ++- net/netlink/af_netlink.c | 31 ++--- net/netlink/af_netlink.h | 2 - net/sched/cls_u32.c | 54 +++++---- net/sctp/ipv6.c | 19 ++- net/vmw_vsock/virtio_transport_common.c | 8 ++ samples/pktgen/pktgen_sample01_simple.sh | 2 +- security/integrity/ima/ima_template_lib.c | 14 ++- sound/pci/hda/patch_realtek.c | 3 + tools/mm/page-types.c | 2 +- 83 files changed, 824 insertions(+), 429 deletions(-)

4 hours, 40 minutes

9
90
0 0

[PATCH 6.1 00/73] 6.1.119-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.1.119 release. There are 73 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 22 Nov 2024 12:57:58 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.119-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.1.119-rc1 Michal Luczaj <mhal(a)rbox.co> net: Make copy_safe_from_sockptr() match documentation Eli Billauer <eli.billauer(a)gmail.com> char: xillybus: Fix trivial bug with mutex Mikulas Patocka <mpatocka(a)redhat.com> parisc: fix a possible DMA corruption Damien Le Moal <dlemoal(a)kernel.org> null_blk: Fix return value of nullb_device_power_store() Yu Kuai <yukuai3(a)huawei.com> null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> null_blk: Remove usage of the deprecated ida_simple_xx() API Eli Billauer <eli.billauer(a)gmail.com> char: xillybus: Prevent use-after-free due to race condition Lin.Cao <lincao12(a)amd.com> drm/amd: check num of link levels when update pcie param Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: resolve faulty mmap_region() error path behaviour Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: unconditionally close VMAs on error Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: avoid unsafe VMA hook invocation when error arises on mmap hook Andrew Morton <akpm(a)linux-foundation.org> mm: revert "mm: shmem: fix data-race in shmem_getattr()" Wei Fang <wei.fang(a)nxp.com> net: fec: remove .ndo_poll_controller to avoid deadlocks Vladimir Oltean <vladimir.oltean(a)nxp.com> net/sched: taprio: extend minimum interval restriction to entire cycle too Chen Hanxiao <chenhx.fnst(a)fujitsu.com> ipvs: properly dereference pe in ip_vs_add_service Eric Van Hensbergen <ericvh(a)kernel.org> fs/9p: fix uninitialized values during inode evict Eric Dumazet <edumazet(a)google.com> nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies Eric Dumazet <edumazet(a)google.com> net: add copy_safe_from_sockptr() helper Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix potencial out-of-bounds when buffer offset is invalid Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: pm: use _rcu variant under rcu_read_lock Geliang Tang <tanggeliang(a)kylinos.cn> mptcp: drop lookup_by_id in lookup_addr Geliang Tang <tanggeliang(a)kylinos.cn> mptcp: hold pm lock when deleting entry Geliang Tang <tanggeliang(a)kylinos.cn> mptcp: update local address flags when setting it Geliang Tang <tanggeliang(a)kylinos.cn> mptcp: add userspace_pm_lookup_addr_by_id helper Geliang Tang <geliang.tang(a)suse.com> mptcp: define more local variables sk Paolo Abeni <pabeni(a)redhat.com> mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Chuck Lever <chuck.lever(a)oracle.com> NFSD: Never decrement pending_async_copies on error Chuck Lever <chuck.lever(a)oracle.com> NFSD: Initialize struct nfsd4_copy earlier Chuck Lever <chuck.lever(a)oracle.com> NFSD: Limit the number of concurrent async COPY operations Chuck Lever <chuck.lever(a)oracle.com> NFSD: Async COPY result needs to return a write verifier Dai Ngo <dai.ngo(a)oracle.com> NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set Dan Carpenter <dan.carpenter(a)linaro.org> cxl/pci: fix error code in __cxl_hdm_decode_init() Jiri Olsa <jolsa(a)kernel.org> lib/buildid: Fix build ID parsing logic Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: ISO: Fix not validating setsockopt user input Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Additional check in ntfs_file_release Umang Jain <umang.jain(a)ideasonboard.com> staging: vchiq_arm: Use devm_kzalloc() for vchiq_arm_state allocation Stefan Wahren <wahrenst(a)gmx.net> staging: vchiq_arm: Get the rid off struct vchiq_2835_state Vijendar Mukunda <Vijendar.Mukunda(a)amd.com> drm/amd: Fix initialization mistake for NBIO 7.7.0 Francesco Dolcini <francesco.dolcini(a)toradex.com> drm/bridge: tc358768: Fix DSI command tx Andre Przywara <andre.przywara(a)arm.com> mmc: sunxi-mmc: Fix A100 compatible description Aurelien Jarno <aurelien(a)aurel32.net> Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint Dmitry Antipov <dmantipov(a)yandex.ru> ocfs2: fix UBSAN warning in ocfs2_verify_volume() Maksym Glubokiy <maxgl.kernel(a)gmail.com> ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 Kailang Yang <kailang(a)realtek.com> ALSA: hda/realtek - Fixed Clevo platform headset Mic issue Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint Sean Christopherson <seanjc(a)google.com> KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Sean Christopherson <seanjc(a)google.com> KVM: x86: Unconditionally set irr_pending when updating APICv state Sean Christopherson <seanjc(a)google.com> KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled Samasth Norway Ananda <samasth.norway.ananda(a)oracle.com> ima: fix buffer overrun in ima_eventdigest_init_common Xiaoguang Wang <lege.wang(a)jaguarmicro.com> vp_vdpa: fix id_table array not null terminated error Si-Wei Liu <si-wei.liu(a)oracle.com> vdpa/mlx5: Fix PA offset with unaligned starting iotlb map Dmitry Antipov <dmantipov(a)yandex.ru> ocfs2: uncache inode which has failed entering the group Jinjiang Tu <tujinjiang(a)huawei.com> mm: fix NULL pointer dereference in alloc_pages_bulk_noprof Baoquan He <bhe(a)redhat.com> x86/mm: Fix a kdump kernel failure on SME system when CONFIG_IMA_KEXEC=y Harith G <harith.g(a)alifsemi.com> ARM: 9419/1: mm: Fix kernel memory mapping for xip kernels Hangbin Liu <liuhangbin(a)gmail.com> bonding: add ns target multicast address to slave device Wei Fang <wei.fang(a)nxp.com> samples: pktgen: correct dev to DEV Alexandre Ferrieux <alexandre.ferrieux(a)gmail.com> net: sched: cls_u32: Fix u32's systematic failure to free IDR entries for hnodes. Pedro Tammela <pctammela(a)mojatatu.com> net/sched: cls_u32: replace int refcounts with proper refcounts Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_core: Fix calling mgmt_device_connected Lukas Bulwahn <lukas.bulwahn(a)gmail.com> Bluetooth: hci_event: Remove code to removed CONFIG_BT_HS Michal Luczaj <mhal(a)rbox.co> virtio/vsock: Fix accept_queue memory leak Moshe Shemesh <moshe(a)nvidia.com> net/mlx5e: CT: Fix null-ptr-deref in add rule err flow Dragos Tatulea <dtatulea(a)nvidia.com> net/mlx5e: kTLS, Fix incorrect page refcounting Mark Bloch <mbloch(a)nvidia.com> net/mlx5: fs, lock FTE when checking if active Paolo Abeni <pabeni(a)redhat.com> mptcp: error out earlier on disconnect Andy Yan <andy.yan(a)rock-chips.com> drm/rockchip: vop: Fix a dereferenced before check warning Stefan Wahren <wahrenst(a)gmx.net> net: vertexcom: mse102x: Fix tx_bytes calculation Jakub Kicinski <kuba(a)kernel.org> netlink: terminate outstanding dump on socket close ------------- Diffstat: Makefile | 4 +- arch/arm/kernel/head.S | 8 +- arch/arm/mm/mmu.c | 34 +++-- arch/arm64/include/asm/mman.h | 10 +- arch/parisc/Kconfig | 1 + arch/parisc/include/asm/cache.h | 11 +- arch/x86/kvm/lapic.c | 29 ++-- arch/x86/kvm/vmx/nested.c | 30 +++- arch/x86/kvm/vmx/vmx.c | 6 +- arch/x86/mm/ioremap.c | 6 +- drivers/block/null_blk/main.c | 45 ++++-- drivers/char/xillybus/xillybus_class.c | 7 +- drivers/char/xillybus/xillyusb.c | 22 ++- drivers/cxl/core/pci.c | 2 +- drivers/gpu/drm/amd/amdgpu/nbio_v7_7.c | 6 + drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c | 3 + drivers/gpu/drm/bridge/tc358768.c | 21 ++- drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 8 +- drivers/media/dvb-core/dvbdev.c | 15 +- drivers/mmc/host/dw_mmc.c | 4 +- drivers/mmc/host/sunxi-mmc.c | 6 +- drivers/net/bonding/bond_main.c | 16 +- drivers/net/bonding/bond_options.c | 82 ++++++++++- drivers/net/ethernet/freescale/fec_main.c | 26 ---- drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c | 2 +- .../ethernet/mellanox/mlx5/core/en_accel/ktls_tx.c | 8 +- drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 19 ++- drivers/net/ethernet/vertexcom/mse102x.c | 4 +- .../vc04_services/interface/vchiq_arm/vchiq_arm.c | 25 +--- drivers/vdpa/mlx5/core/mr.c | 8 +- drivers/vdpa/virtio_pci/vp_vdpa.c | 10 +- fs/9p/vfs_inode.c | 23 +-- fs/nfsd/netns.h | 1 + fs/nfsd/nfs4proc.c | 36 +++-- fs/nfsd/nfs4state.c | 1 + fs/nfsd/xdr4.h | 1 + fs/nilfs2/btnode.c | 2 - fs/nilfs2/gcinode.c | 4 +- fs/nilfs2/mdt.c | 1 - fs/nilfs2/page.c | 2 +- fs/ntfs3/file.c | 12 +- fs/ocfs2/resize.c | 2 + fs/ocfs2/super.c | 13 +- fs/smb/server/smb2misc.c | 26 +++- fs/smb/server/smb2pdu.c | 48 +++--- include/linux/mman.h | 7 +- include/linux/sockptr.h | 27 ++++ include/net/bond_options.h | 2 + lib/buildid.c | 2 +- mm/internal.h | 19 +++ mm/mmap.c | 120 ++++++++------- mm/nommu.c | 9 +- mm/page_alloc.c | 3 +- mm/shmem.c | 5 - mm/util.c | 33 +++++ net/bluetooth/hci_core.c | 2 - net/bluetooth/hci_event.c | 163 --------------------- net/bluetooth/iso.c | 32 ++-- net/mptcp/pm_netlink.c | 15 +- net/mptcp/pm_userspace.c | 77 ++++++---- net/mptcp/protocol.c | 16 +- net/netfilter/ipvs/ip_vs_ctl.c | 10 +- net/netlink/af_netlink.c | 31 +--- net/netlink/af_netlink.h | 2 - net/nfc/llcp_sock.c | 12 +- net/sched/cls_u32.c | 54 ++++--- net/sched/sch_taprio.c | 10 +- net/vmw_vsock/virtio_transport_common.c | 8 + samples/pktgen/pktgen_sample01_simple.sh | 2 +- security/integrity/ima/ima_template_lib.c | 14 +- sound/pci/hda/patch_realtek.c | 3 + .../tc-testing/tc-tests/qdiscs/taprio.json | 22 +++ 72 files changed, 763 insertions(+), 587 deletions(-)

4 hours, 41 minutes

10
82
0 0

[PATCH v2] hexagon: Disable constant extender optimization for LLVM prior to 19.1.0

by Nathan Chancellor

The Hexagon-specific constant extender optimization in LLVM may crash on Linux kernel code [1], such as fs/bcache/btree_io.c after commit 32ed4a620c54 ("bcachefs: Btree path tracepoints") in 6.12: clang: llvm/lib/Target/Hexagon/HexagonConstExtenders.cpp:745: bool (anonymous namespace)::HexagonConstExtenders::ExtRoot::operator<(const HCE::ExtRoot &) const: Assertion `ThisB->getParent() == OtherB->getParent()' failed. Stack dump: 0. Program arguments: clang --target=hexagon-linux-musl ... fs/bcachefs/btree_io.c 1. <eof> parser at end of file 2. Code generation 3. Running pass 'Function Pass Manager' on module 'fs/bcachefs/btree_io.c'. 4. Running pass 'Hexagon constant-extender optimization' on function '@__btree_node_lock_nopath' Without assertions enabled, there is just a hang during compilation. This has been resolved in LLVM main (20.0.0) [2] and backported to LLVM 19.1.0 but the kernel supports LLVM 13.0.1 and newer, so disable the constant expander optimization using the '-mllvm' option when using a toolchain that is not fixed. Cc: stable(a)vger.kernel.org Link: https://github.com/llvm/llvm-project/issues/99714 [1] Link: https://github.com/llvm/llvm-project/commit/68df06a0b2998765cb0a41353fcf091… [2] Link: https://github.com/llvm/llvm-project/commit/2ab8d93061581edad3501561722ebd5… [3] Reviewed-by: Brian Cain <bcain(a)quicinc.com> Signed-off-by: Nathan Chancellor <nathan(a)kernel.org> --- Andrew, can you please take this for 6.13? Our CI continues to hit this. Changes in v2: - Rebase on 6.12 to make sure it is still applicable - Name exact bcachefs commit that introduces crash now that it is merged - Add 'Cc: stable' as this is now visible in a stable release - Carry forward Brian's reviewed-by - Link to v1: https://lore.kernel.org/r/20240819-hexagon-disable-constant-expander-pass-v… --- arch/hexagon/Makefile | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/hexagon/Makefile b/arch/hexagon/Makefile index 92d005958dfb232d48a4ca843b46262a84a08eb4..ff172cbe5881a074f9d9430c37071992a4c8beac 100644 --- a/arch/hexagon/Makefile +++ b/arch/hexagon/Makefile @@ -32,3 +32,9 @@ KBUILD_LDFLAGS += $(ldflags-y) TIR_NAME := r19 KBUILD_CFLAGS += -ffixed-$(TIR_NAME) -DTHREADINFO_REG=$(TIR_NAME) -D__linux__ KBUILD_AFLAGS += -DTHREADINFO_REG=$(TIR_NAME) + +# Disable HexagonConstExtenders pass for LLVM versions prior to 19.1.0 +# https://github.com/llvm/llvm-project/issues/99714 +ifneq ($(call clang-min-version, 190100),y) +KBUILD_CFLAGS += -mllvm -hexagon-cext=false +endif --- base-commit: adc218676eef25575469234709c2d87185ca223a change-id: 20240802-hexagon-disable-constant-expander-pass-8b6b61db6afc Best regards, -- Nathan Chancellor <nathan(a)kernel.org>

5 hours, 58 minutes

1
0
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror