- Linux-stable-mirror - lists.linaro.org

[PATCH v4 4/5] tpm: Allocate chip->auth in tpm2_start_auth_session()

by Jarkko Sakkinen

Move allocation of chip->auth to tpm2_start_auth_session() so that the field can be used as flag to tell whether auth session is active or not. Cc: stable(a)vger.kernel.org # v6.10+ Fixes: 699e3efd6c64 ("tpm: Add HMAC session start and end functions") Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v4: - Change to bug. v3: - No changes. v2: - A new patch. --- drivers/char/tpm/tpm2-sessions.c | 43 +++++++++++++++++++------------- 1 file changed, 25 insertions(+), 18 deletions(-) diff --git a/drivers/char/tpm/tpm2-sessions.c b/drivers/char/tpm/tpm2-sessions.c index 42eb910e9acc..6371e0ee88b0 100644 --- a/drivers/char/tpm/tpm2-sessions.c +++ b/drivers/char/tpm/tpm2-sessions.c @@ -484,7 +484,8 @@ static void tpm2_KDFe(u8 z[EC_PT_SZ], const char *str, u8 *pt_u, u8 *pt_v, sha256_final(&sctx, out); } -static void tpm_buf_append_salt(struct tpm_buf *buf, struct tpm_chip *chip) +static void tpm_buf_append_salt(struct tpm_buf *buf, struct tpm_chip *chip, + struct tpm2_auth *auth) { struct crypto_kpp *kpp; struct kpp_request *req; @@ -543,7 +544,7 @@ static void tpm_buf_append_salt(struct tpm_buf *buf, struct tpm_chip *chip) sg_set_buf(&s[0], chip->null_ec_key_x, EC_PT_SZ); sg_set_buf(&s[1], chip->null_ec_key_y, EC_PT_SZ); kpp_request_set_input(req, s, EC_PT_SZ*2); - sg_init_one(d, chip->auth->salt, EC_PT_SZ); + sg_init_one(d, auth->salt, EC_PT_SZ); kpp_request_set_output(req, d, EC_PT_SZ); crypto_kpp_compute_shared_secret(req); kpp_request_free(req); @@ -554,8 +555,7 @@ static void tpm_buf_append_salt(struct tpm_buf *buf, struct tpm_chip *chip) * This works because KDFe fully consumes the secret before it * writes the salt */ - tpm2_KDFe(chip->auth->salt, "SECRET", x, chip->null_ec_key_x, - chip->auth->salt); + tpm2_KDFe(auth->salt, "SECRET", x, chip->null_ec_key_x, auth->salt); out: crypto_free_kpp(kpp); @@ -854,6 +854,8 @@ int tpm_buf_check_hmac_response(struct tpm_chip *chip, struct tpm_buf *buf, /* manually close the session if it wasn't consumed */ tpm2_flush_context(chip, auth->handle); memzero_explicit(auth, sizeof(*auth)); + kfree(auth); + chip->auth = NULL; } else { /* reset for next use */ auth->session = TPM_HEADER_SIZE; @@ -882,6 +884,8 @@ void tpm2_end_auth_session(struct tpm_chip *chip) tpm2_flush_context(chip, auth->handle); memzero_explicit(auth, sizeof(*auth)); + kfree(auth); + chip->auth = NULL; } EXPORT_SYMBOL(tpm2_end_auth_session); @@ -969,25 +973,29 @@ static int tpm2_load_null(struct tpm_chip *chip, u32 *null_key) */ int tpm2_start_auth_session(struct tpm_chip *chip) { + struct tpm2_auth *auth; struct tpm_buf buf; - struct tpm2_auth *auth = chip->auth; - int rc; u32 null_key; + int rc; - if (!auth) { - dev_warn_once(&chip->dev, "auth session is not active\n"); + if (chip->auth) { + dev_warn_once(&chip->dev, "auth session is active\n"); return 0; } + auth = kzalloc(sizeof(*auth), GFP_KERNEL); + if (!auth) + return -ENOMEM; + rc = tpm2_load_null(chip, &null_key); if (rc) - goto out; + goto err; auth->session = TPM_HEADER_SIZE; rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_START_AUTH_SESS); if (rc) - goto out; + goto err; /* salt key handle */ tpm_buf_append_u32(&buf, null_key); @@ -999,7 +1007,7 @@ int tpm2_start_auth_session(struct tpm_chip *chip) tpm_buf_append(&buf, auth->our_nonce, sizeof(auth->our_nonce)); /* append encrypted salt and squirrel away unencrypted in auth */ - tpm_buf_append_salt(&buf, chip); + tpm_buf_append_salt(&buf, chip, auth); /* session type (HMAC, audit or policy) */ tpm_buf_append_u8(&buf, TPM2_SE_HMAC); @@ -1020,10 +1028,13 @@ int tpm2_start_auth_session(struct tpm_chip *chip) tpm_buf_destroy(&buf); - if (rc) - goto out; + if (rc == TPM2_RC_SUCCESS) { + chip->auth = auth; + return 0; + } - out: +err: + kfree(auth); return rc; } EXPORT_SYMBOL(tpm2_start_auth_session); @@ -1375,10 +1386,6 @@ int tpm2_sessions_init(struct tpm_chip *chip) if (rc) return rc; - chip->auth = kmalloc(sizeof(*chip->auth), GFP_KERNEL); - if (!chip->auth) - return -ENOMEM; - return rc; } #endif /* CONFIG_TCG_TPM2_HMAC */ -- 2.46.0

9 months, 3 weeks

1
0
0 0

[PATCH v4 3/5] tpm: flush the null key only when /dev/tpm0 is accessed

by Jarkko Sakkinen

Instead of flushing and reloading the null key for every single auth session, flush it only when: 1. User space needs to access /dev/tpm{rm}0. 2. When going to sleep. 3. When unregistering the chip. This removes the need to load and swap the null key between TPM and regular memory per transaction, when the user space is not using the chip. Cc: stable(a)vger.kernel.org # v6.10+ Fixes: d2add27cf2b8 ("tpm: Add NULL primary creation") Tested-by: Pengyu Ma <mapengyu(a)gmail.com> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v4: - Changed to bug fix as not having the patch there is a major hit to bootup times. v3: - Unchanged. v2: - Refined the commit message. - Added tested-by from Pengyu Ma <mapengyu(a)gmail.com>. - Removed spurious pr_info() statement. --- drivers/char/tpm/tpm-chip.c | 13 +++++++++++++ drivers/char/tpm/tpm-dev-common.c | 7 +++++++ drivers/char/tpm/tpm-interface.c | 9 +++++++-- drivers/char/tpm/tpm2-cmd.c | 3 +++ drivers/char/tpm/tpm2-sessions.c | 17 ++++++++++++++--- include/linux/tpm.h | 2 ++ 6 files changed, 46 insertions(+), 5 deletions(-) diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c index 854546000c92..0ea00e32f575 100644 --- a/drivers/char/tpm/tpm-chip.c +++ b/drivers/char/tpm/tpm-chip.c @@ -674,6 +674,19 @@ EXPORT_SYMBOL_GPL(tpm_chip_register); */ void tpm_chip_unregister(struct tpm_chip *chip) { +#ifdef CONFIG_TCG_TPM2_HMAC + int rc; + + rc = tpm_try_get_ops(chip); + if (!rc) { + if (chip->flags & TPM_CHIP_FLAG_TPM2) { + tpm2_flush_context(chip, chip->null_key); + chip->null_key = 0; + } + tpm_put_ops(chip); + } +#endif + tpm_del_legacy_sysfs(chip); if (tpm_is_hwrng_enabled(chip)) hwrng_unregister(&chip->hwrng); diff --git a/drivers/char/tpm/tpm-dev-common.c b/drivers/char/tpm/tpm-dev-common.c index 30b4c288c1bb..4eaa8e05c291 100644 --- a/drivers/char/tpm/tpm-dev-common.c +++ b/drivers/char/tpm/tpm-dev-common.c @@ -27,6 +27,13 @@ static ssize_t tpm_dev_transmit(struct tpm_chip *chip, struct tpm_space *space, struct tpm_header *header = (void *)buf; ssize_t ret, len; +#ifdef CONFIG_TCG_TPM2_HMAC + if (chip->flags & TPM_CHIP_FLAG_TPM2) { + tpm2_flush_context(chip, chip->null_key); + chip->null_key = 0; + } +#endif + ret = tpm2_prepare_space(chip, space, buf, bufsiz); /* If the command is not implemented by the TPM, synthesize a * response with a TPM2_RC_COMMAND_CODE return for user-space. diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 5da134f12c9a..bfa47d48b0f2 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -379,10 +379,15 @@ int tpm_pm_suspend(struct device *dev) rc = tpm_try_get_ops(chip); if (!rc) { - if (chip->flags & TPM_CHIP_FLAG_TPM2) + if (chip->flags & TPM_CHIP_FLAG_TPM2) { +#ifdef CONFIG_TCG_TPM2_HMAC + tpm2_flush_context(chip, chip->null_key); + chip->null_key = 0; +#endif tpm2_shutdown(chip, TPM2_SU_STATE); - else + } else { rc = tpm1_pm_suspend(chip, tpm_suspend_pcr); + } tpm_put_ops(chip); } diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index 1e856259219e..aba024cbe7c5 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -364,6 +364,9 @@ void tpm2_flush_context(struct tpm_chip *chip, u32 handle) struct tpm_buf buf; int rc; + if (!handle) + return; + rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT); if (rc) { dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n", diff --git a/drivers/char/tpm/tpm2-sessions.c b/drivers/char/tpm/tpm2-sessions.c index a62f64e21511..42eb910e9acc 100644 --- a/drivers/char/tpm/tpm2-sessions.c +++ b/drivers/char/tpm/tpm2-sessions.c @@ -920,11 +920,19 @@ static int tpm2_load_null(struct tpm_chip *chip, u32 *null_key) u32 tmp_null_key; int rc; + /* fast path */ + if (chip->null_key) { + *null_key = chip->null_key; + return 0; + } + rc = tpm2_load_context(chip, chip->null_key_context, &offset, &tmp_null_key); if (rc != -EINVAL) { - if (!rc) + if (!rc) { + chip->null_key = tmp_null_key; *null_key = tmp_null_key; + } return rc; } dev_info(&chip->dev, "the null key has been reset\n"); @@ -935,6 +943,7 @@ static int tpm2_load_null(struct tpm_chip *chip, u32 *null_key) /* Return the null key if the name has not been changed: */ if (memcmp(name, chip->null_key_name, sizeof(name)) == 0) { + chip->null_key = tmp_null_key; *null_key = tmp_null_key; return 0; } @@ -1005,7 +1014,6 @@ int tpm2_start_auth_session(struct tpm_chip *chip) tpm_buf_append_u16(&buf, TPM_ALG_SHA256); rc = tpm_transmit_cmd(chip, &buf, 0, "start auth session"); - tpm2_flush_context(chip, null_key); if (rc == TPM2_RC_SUCCESS) rc = tpm2_parse_start_auth_session(auth, &buf); @@ -1337,7 +1345,10 @@ static int tpm2_create_null_primary(struct tpm_chip *chip) rc = tpm2_save_context(chip, null_key, chip->null_key_context, sizeof(chip->null_key_context), &offset); - tpm2_flush_context(chip, null_key); + if (rc) + tpm2_flush_context(chip, null_key); + else + chip->null_key = null_key; } if (rc < 0) diff --git a/include/linux/tpm.h b/include/linux/tpm.h index e93ee8d936a9..4eb39db80e05 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -205,6 +205,8 @@ struct tpm_chip { #ifdef CONFIG_TCG_TPM2_HMAC /* details for communication security via sessions */ + /* loaded null key */ + u32 null_key; /* saved context for NULL seed */ u8 null_key_context[TPM2_MAX_CONTEXT_SIZE]; /* name of NULL seed */ -- 2.46.0

9 months, 3 weeks

1
0
0 0

[PATCH v4 2/5] tpm: Return on tpm2_create_primary() failure in tpm2_load_null()

by Jarkko Sakkinen

tpm2_load_null() ignores the return value of tpm2_create_primary(). Further, it does not heal from the situation when memcmp() returns zero. Address this by returning on failure and saving the null key if there was no detected interference in the bus. Cc: stable(a)vger.kernel.org # v6.10+ Fixes: eb24c9788cd9 ("tpm: disable the TPM if NULL name changes") Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v3: - Update log messages. Previously the log message incorrectly stated on load failure that integrity check had been failed, even tho the check is done *after* the load operation. v2: - Refined the commit message. - Reverted tpm2_create_primary() changes. They are not required if tmp_null_key is used as the parameter. --- drivers/char/tpm/tpm2-sessions.c | 38 +++++++++++++++++--------------- 1 file changed, 20 insertions(+), 18 deletions(-) diff --git a/drivers/char/tpm/tpm2-sessions.c b/drivers/char/tpm/tpm2-sessions.c index 795f4c7c6adb..a62f64e21511 100644 --- a/drivers/char/tpm/tpm2-sessions.c +++ b/drivers/char/tpm/tpm2-sessions.c @@ -915,32 +915,34 @@ static int tpm2_parse_start_auth_session(struct tpm2_auth *auth, static int tpm2_load_null(struct tpm_chip *chip, u32 *null_key) { - int rc; unsigned int offset = 0; /* dummy offset for null seed context */ u8 name[SHA256_DIGEST_SIZE + 2]; + u32 tmp_null_key; + int rc; rc = tpm2_load_context(chip, chip->null_key_context, &offset, - null_key); - if (rc != -EINVAL) + &tmp_null_key); + if (rc != -EINVAL) { + if (!rc) + *null_key = tmp_null_key; return rc; + } + dev_info(&chip->dev, "the null key has been reset\n"); - /* an integrity failure may mean the TPM has been reset */ - dev_err(&chip->dev, "NULL key integrity failure!\n"); - /* check the null name against what we know */ - tpm2_create_primary(chip, TPM2_RH_NULL, NULL, name); - if (memcmp(name, chip->null_key_name, sizeof(name)) == 0) - /* name unchanged, assume transient integrity failure */ + rc = tpm2_create_primary(chip, TPM2_RH_NULL, &tmp_null_key, name); + if (rc) return rc; - /* - * Fatal TPM failure: the NULL seed has actually changed, so - * the TPM must have been illegally reset. All in-kernel TPM - * operations will fail because the NULL primary can't be - * loaded to salt the sessions, but disable the TPM anyway so - * userspace programmes can't be compromised by it. - */ - dev_err(&chip->dev, "NULL name has changed, disabling TPM due to interference\n"); - chip->flags |= TPM_CHIP_FLAG_DISABLE; + /* Return the null key if the name has not been changed: */ + if (memcmp(name, chip->null_key_name, sizeof(name)) == 0) { + *null_key = tmp_null_key; + return 0; + } + + /* Deduce from the name change TPM interference: */ + dev_err(&chip->dev, "the null key integrity check failedh\n"); + tpm2_flush_context(chip, tmp_null_key); + chip->flags |= TPM_CHIP_FLAG_DISABLE; return rc; } -- 2.46.0

9 months, 3 weeks

1
0
0 0

[PATCH v4 1/5] tpm: Return on tpm2_create_null_primary() failure

by Jarkko Sakkinen

tpm2_sessions_init() does not ignores the result of saving the null key. Address this by printing either TPM or POSIX error code, and returning -ENODEV back to the caller. Cc: stable(a)vger.kernel.org # v6.10+ Fixes: d2add27cf2b8 ("tpm: Add NULL primary creation") Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v4: - Fixed up stable version. v3: - Handle TPM and POSIX error separately and return -ENODEV always back to the caller. v2: - Refined the commit message. --- drivers/char/tpm/tpm2-sessions.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/drivers/char/tpm/tpm2-sessions.c b/drivers/char/tpm/tpm2-sessions.c index d3521aadd43e..795f4c7c6adb 100644 --- a/drivers/char/tpm/tpm2-sessions.c +++ b/drivers/char/tpm/tpm2-sessions.c @@ -1338,7 +1338,13 @@ static int tpm2_create_null_primary(struct tpm_chip *chip) tpm2_flush_context(chip, null_key); } - return rc; + if (rc < 0) + dev_err(&chip->dev, "saving the null key failed with error %d\n", rc); + else if (rc > 0) + dev_err(&chip->dev, "saving the null key failed with TPM error 0x%04X\n", rc); + + /* Map all errors to -ENODEV: */ + return rc ? -ENODEV : rc; } /** @@ -1354,7 +1360,7 @@ int tpm2_sessions_init(struct tpm_chip *chip) rc = tpm2_create_null_primary(chip); if (rc) - dev_err(&chip->dev, "TPM: security failed (NULL seed derivation): %d\n", rc); + return rc; chip->auth = kmalloc(sizeof(*chip->auth), GFP_KERNEL); if (!chip->auth) -- 2.46.0

9 months, 3 weeks

1
0
0 0

[PATCH 5.10.y] udf: Fold udf_getblk() into udf_bread()

by Sergey Shtylyov

From: Jan Kara <jack(a)suse.cz> udf_getblk() has a single call site. Fold it there. [Sergey: moved back to using udf_get_block() and buffer_{mapped|new}().] Signed-off-by: Jan Kara <jack(a)suse.cz> Signed-off-by: Sergey Shtylyov <s.shtylyov(a)omp.ru> --- This patch prevents NULL pointer dereference in case sb_getblk() fails... fs/udf/inode.c | 45 +++++++++++++++++++-------------------------- 1 file changed, 19 insertions(+), 26 deletions(-) Index: linux-stable/fs/udf/inode.c =================================================================== --- linux-stable.orig/fs/udf/inode.c +++ linux-stable/fs/udf/inode.c @@ -458,30 +458,6 @@ abort: return err; } -static struct buffer_head *udf_getblk(struct inode *inode, udf_pblk_t block, - int create, int *err) -{ - struct buffer_head *bh; - struct buffer_head dummy; - - dummy.b_state = 0; - dummy.b_blocknr = -1000; - *err = udf_get_block(inode, block, &dummy, create); - if (!*err && buffer_mapped(&dummy)) { - bh = sb_getblk(inode->i_sb, dummy.b_blocknr); - if (buffer_new(&dummy)) { - lock_buffer(bh); - memset(bh->b_data, 0x00, inode->i_sb->s_blocksize); - set_buffer_uptodate(bh); - unlock_buffer(bh); - mark_buffer_dirty_inode(bh, inode); - } - return bh; - } - - return NULL; -} - /* Extend the file with new blocks totaling 'new_block_bytes', * return the number of extents added */ @@ -1197,10 +1173,27 @@ struct buffer_head *udf_bread(struct ino int create, int *err) { struct buffer_head *bh = NULL; + struct buffer_head dummy; + + dummy.b_state = 0; + dummy.b_blocknr = -1000; + *err = udf_get_block(inode, block, &dummy, create); + if (*err || !buffer_mapped(&dummy)) + return NULL; - bh = udf_getblk(inode, block, create, err); - if (!bh) + bh = sb_getblk(inode->i_sb, dummy.b_blocknr); + if (!bh) { + *err = -ENOMEM; return NULL; + } + if (buffer_new(&dummy)) { + lock_buffer(bh); + memset(bh->b_data, 0x00, inode->i_sb->s_blocksize); + set_buffer_uptodate(bh); + unlock_buffer(bh); + mark_buffer_dirty_inode(bh, inode); + return bh; + } if (buffer_uptodate(bh)) return bh;

9 months, 3 weeks

1
0
0 0

stable request for kernel 6.1/6.6 for commit f3c89983cb4f ("block: Fix where bio IO priority gets set")

by Jinpu Wang

Hi Greg, hi Sasha, Please applied f3c89983cb4f ("block: Fix where bio IO priority gets set") to stable 6.1+, it applies cleanly to v6.1.110/v6.6.51. Thx! Jinpu Wang @ IONOS

9 months, 3 weeks

1
0
0 0

Request to revert "wifi: cfg80211: check wiphy mutex is held for wdev mutex" from 5.15/6.1/6.6

by Fedor Pchelkin

Hi, Upstream commit 1474bc87fe57 ("wifi: cfg80211: check wiphy mutex is held for wdev mutex") has been backported recently to 5.15/6.1/6.6 stable branches. After that we started seeing numerous lockdep assertion splats in these kernels originating from different parts of wireless stack where wdev_lock() is called. There is also a huge pile of them already found in Syzbot [1,2,3]. Digging more into the issue it appears that the blamed commit is a part of a much larger series [4] with locking cleanups and improvements for the whole wireless subsystem. The series was merged at 6.7. The cover letter for the series says: There's a kind of pointless commit in there that adds some wiphy locking assertions to the wdev as an intermediate step, I can remove that if you think that's better. We ran with it at that intermediate stage for a while to test things. So backporting this commit to stable branches without taking the series as a whole is pointless and just leads to bogus lockdep assertion splats there. The series itself is an improvement and cleanup work and therefore is not considered as material for old stable kernels. The solution which comes to mind is to revert this backported patch from the affected stable branches. Namely: - 5.15 https://lore.kernel.org/stable/20240901160825.013135421@linuxfoundation.org/ - 6.1 https://lore.kernel.org/stable/20240827143842.546537850@linuxfoundation.org/ - 6.6 https://lore.kernel.org/stable/20240827143846.794100356@linuxfoundation.org/ The intention why it was suddenly backported to these branches a year after merge-to-upstream is not clear actually: there are no stable or Fixes tags in commit message, and I don't find any public request for explicit backport on mailing lists. Please let me know if you can revert the commits yourself or I have to prepare and send them to you. [1]: https://syzkaller.appspot.com/bug?extid=310a1a9715fc1c9ead61 [2]: https://syzkaller.appspot.com/bug?extid=b730e8b6bc76d07fe10b [3]: https://syzkaller.appspot.com/bug?extid=09501cf606ec2823fafa [4]: https://lore.kernel.org/linux-wireless/20230828115927.116700-41-johannes@si… -- Thanks, Fedor

9 months, 3 weeks

1
0
0 0

Linux 6.10.11

by Greg Kroah-Hartman

I'm announcing the release of the 6.10.11 kernel. All users of the 6.10 kernel series must upgrade. The updated 6.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/netlink/specs/mptcp_pm.yaml | 1 Makefile | 2 arch/arm64/boot/dts/rockchip/rk3328-rock-pi-e.dts | 2 arch/arm64/boot/dts/rockchip/rk3399-puma.dtsi | 36 ++ arch/powerpc/kernel/setup-common.c | 1 arch/powerpc/mm/mem.c | 2 arch/riscv/boot/dts/starfive/jh7110-common.dtsi | 6 arch/riscv/mm/cacheflush.c | 12 arch/s390/Kconfig | 13 + arch/s390/boot/startup.c | 3 arch/x86/hyperv/hv_init.c | 5 arch/x86/include/asm/mshyperv.h | 1 arch/x86/kernel/cpu/mshyperv.c | 20 + drivers/clk/sophgo/clk-cv18xx-ip.c | 2 drivers/clocksource/hyperv_timer.c | 16 + drivers/cxl/acpi.c | 40 +++ drivers/cxl/core/region.c | 23 + drivers/cxl/cxl.h | 3 drivers/cxl/cxlmem.h | 2 drivers/dma-buf/heaps/cma_heap.c | 2 drivers/firmware/qcom/qcom_qseecom_uefisecapp.c | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.h | 5 drivers/gpu/drm/amd/amdgpu/jpeg_v1_0.c | 76 ++++++ drivers/gpu/drm/amd/amdgpu/jpeg_v1_0.h | 11 drivers/gpu/drm/amd/amdgpu/jpeg_v2_0.c | 63 ++++- drivers/gpu/drm/amd/amdgpu/jpeg_v2_0.h | 6 drivers/gpu/drm/amd/amdgpu/jpeg_v2_5.c | 2 drivers/gpu/drm/amd/amdgpu/jpeg_v3_0.c | 1 drivers/gpu/drm/amd/amdgpu/jpeg_v4_0.c | 1 drivers/gpu/drm/amd/amdgpu/jpeg_v4_0.h | 1 drivers/gpu/drm/amd/amdgpu/jpeg_v4_0_3.c | 57 ---- drivers/gpu/drm/amd/amdgpu/jpeg_v4_0_3.h | 7 drivers/gpu/drm/amd/amdgpu/jpeg_v4_0_5.c | 1 drivers/gpu/drm/amd/amdgpu/jpeg_v5_0_0.c | 3 drivers/gpu/drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c | 20 - drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_hwseq.c | 20 - drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_phy.c | 55 +--- drivers/gpu/drm/amd/include/atomfirmware.h | 4 drivers/gpu/drm/drm_panel_orientation_quirks.c | 12 drivers/gpu/drm/drm_syncobj.c | 17 + drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c | 4 drivers/gpu/drm/mediatek/mtk_drm_drv.c | 4 drivers/gpu/drm/msm/adreno/adreno_gpu.c | 2 drivers/gpu/drm/nouveau/nvkm/subdev/fb/ram.h | 2 drivers/gpu/drm/nouveau/nvkm/subdev/fb/ramgp100.c | 2 drivers/gpu/drm/nouveau/nvkm/subdev/fb/ramgp102.c | 1 drivers/gpu/drm/xe/compat-i915-headers/i915_drv.h | 2 drivers/gpu/drm/xe/xe_bo.c | 6 drivers/gpu/drm/xe/xe_drm_client.c | 45 +++ drivers/gpu/drm/xe/xe_gsc.c | 4 drivers/gpu/drm/xe/xe_wa.c | 10 drivers/hid/hid-asus.c | 3 drivers/hid/hid-ids.h | 3 drivers/hid/hid-multitouch.c | 33 ++ drivers/hwmon/pmbus/pmbus.h | 6 drivers/hwmon/pmbus/pmbus_core.c | 17 + drivers/input/mouse/synaptics.c | 1 drivers/input/serio/i8042-acpipnpio.h | 9 drivers/input/touchscreen/ads7846.c | 2 drivers/input/touchscreen/edt-ft5x06.c | 6 drivers/md/dm-integrity.c | 4 drivers/misc/eeprom/digsy_mtc_eeprom.c | 2 drivers/net/dsa/ocelot/felix_vsc9959.c | 11 drivers/net/ethernet/faraday/ftgmac100.h | 2 drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 9 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 2 drivers/net/ethernet/intel/ice/ice_lib.c | 15 - drivers/net/ethernet/intel/ice/ice_switch.c | 4 drivers/net/ethernet/intel/igb/igb_main.c | 17 + drivers/net/ethernet/jme.c | 10 drivers/net/ethernet/marvell/octeontx2/af/rvu.h | 3 drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c | 59 +++- drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c | 10 drivers/net/ethernet/mellanox/mlx5/core/esw/legacy.c | 4 drivers/net/ethernet/mellanox/mlx5/core/esw/qos.c | 51 ++-- drivers/net/ethernet/mellanox/mlx5/core/main.c | 1 drivers/net/ethernet/mellanox/mlx5/core/qos.c | 7 drivers/net/ethernet/wangxun/libwx/wx_type.h | 6 drivers/net/phy/dp83822.c | 35 +- drivers/net/phy/vitesse.c | 14 - drivers/net/usb/ipheth.c | 18 - drivers/net/wireless/mediatek/mt76/mt7921/main.c | 2 drivers/perf/riscv_pmu_sbi.c | 7 drivers/pinctrl/intel/pinctrl-meteorlake.c | 1 drivers/platform/surface/surface_aggregator_registry.c | 58 ++++ drivers/platform/x86/asus-wmi.c | 16 + drivers/platform/x86/panasonic-laptop.c | 58 +++- drivers/soundwire/stream.c | 8 drivers/spi/spi-geni-qcom.c | 17 - drivers/spi/spi-nxp-fspi.c | 5 drivers/spi/spi-zynqmp-gqspi.c | 30 +- drivers/staging/media/atomisp/pci/sh_css_frac.h | 26 +- drivers/usb/typec/ucsi/ucsi.c | 44 ++- drivers/usb/typec/ucsi/ucsi.h | 1 fs/bcachefs/extents.c | 23 + fs/bcachefs/fs-io-buffered.c | 149 +++--------- fs/bcachefs/fs.c | 8 fs/bcachefs/fs.h | 7 fs/bcachefs/fsck.c | 18 + fs/btrfs/inode.c | 1 fs/nfs/delegation.c | 15 - fs/nfs/nfs4proc.c | 9 fs/nfs/pnfs.c | 5 fs/smb/client/cifsencrypt.c | 2 fs/smb/server/mgmt/share_config.c | 15 - fs/smb/server/mgmt/share_config.h | 4 fs/smb/server/mgmt/tree_connect.c | 9 fs/smb/server/mgmt/tree_connect.h | 4 fs/smb/server/smb2pdu.c | 11 fs/smb/server/smb_common.c | 9 fs/smb/server/smb_common.h | 2 include/linux/mlx5/mlx5_ifc.h | 12 include/linux/virtio_net.h | 3 kernel/cgroup/cpuset.c | 33 +- kernel/trace/trace_kprobe.c | 25 +- kernel/trace/trace_osnoise.c | 10 mm/memory.c | 27 +- net/hsr/hsr_device.c | 67 ++++- net/hsr/hsr_forward.c | 37 ++ net/hsr/hsr_framereg.c | 12 net/hsr/hsr_framereg.h | 2 net/hsr/hsr_main.h | 4 net/hsr/hsr_netlink.c | 1 net/ipv4/fou_core.c | 4 net/mptcp/pm_netlink.c | 13 - net/netfilter/nft_socket.c | 7 scripts/kconfig/merge_config.sh | 2 sound/soc/codecs/peb2466.c | 3 sound/soc/intel/common/soc-acpi-intel-lnl-match.c | 1 sound/soc/intel/common/soc-acpi-intel-mtl-match.c | 1 sound/soc/meson/axg-card.c | 3 tools/testing/selftests/bpf/prog_tests/sockmap_listen.c | 3 tools/testing/selftests/net/lib/csum.c | 16 + tools/testing/selftests/net/mptcp/mptcp_join.sh | 4 134 files changed, 1308 insertions(+), 550 deletions(-) Alex Deucher (1): drm/amdgpu/atomfirmware: Silence UBSAN warning Alexander Gordeev (1): s390/mm: Pin identity mapping base to zero Alexandre Ghiti (1): drivers: perf: Fix smp_processor_id() use in preemptible code Alison Schofield (1): cxl: Restore XOR'd position bits during address translation Anders Roxell (1): scripts: kconfig: merge_config: config files: add a trailing newline Andy Shevchenko (1): eeprom: digsy_mtc: Fix 93xx46 driver probe failure AngeloGioacchino Del Regno (1): drm/mediatek: Set sensible cursor width/height values to fix crash Anirudh Rayabharam (Microsoft) (1): x86/hyperv: fix kexec crash due to VP assist page corruption Arseniy Krasnov (1): ASoC: meson: axg-card: fix 'use-after-free' Asbjørn Sloth Tønnesen (1): netlink: specs: mptcp: fix port endianness Bard Liao (2): ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item ASoC: Intel: soc-acpi-intel-mtl-match: add missing empty item Ben Skeggs (1): drm/nouveau/fb: restore init() for ramgp102 Benjamin Poirier (1): net/mlx5: Fix bridge mode operations when there are no VFs Bert Karwatzki (1): wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change Bouke Sybren Haarsma (2): drm: panel-orientation-quirks: Add quirk for Ayn Loki Zero drm: panel-orientation-quirks: Add quirk for Ayn Loki Max Carolina Jubran (3): net/mlx5: Explicitly set scheduling element and TSAR type net/mlx5: Add missing masks and QoS bit masks for scheduling elements net/mlx5: Verify support for scheduling element and TSAR type Charlie Jenkins (1): riscv: Disable preemption while handling PR_RISCV_CTX_SW_FENCEI_OFF ChenXiaoSong (1): smb/server: fix return value of smb2_open() Christophe Leroy (1): powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL Cosmin Ratiu (1): net/mlx5: Correct TASR typo into TSAR Cruise (1): drm/amd/display: Disable error correction if it's not supported Dan Carpenter (1): firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire() Daniele Ceraolo Spurio (2): drm/xe: fix WA 14018094691 drm/xe: use devm instead of drmm for managed bo David (Ming Qiang) Wu (2): drm/amd/amdgpu: apply command submission parser for JPEG v1 drm/amd/amdgpu: apply command submission parser for JPEG v2+ David Howells (1): cifs: Fix signature miscalculation Dexuan Cui (1): clocksource: hyper-v: Use lapic timer in a TDX VM without paravisor Dmitry Savin (1): HID: multitouch: Add support for GT7868Q Edward Adam Davis (1): mptcp: pm: Fix uaf in __timer_delete_sync FUKAUMI Naoki (1): arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E Felix Kaechele (1): Input: edt-ft5x06 - add support for FocalTech FT8201 Florian Westphal (1): netfilter: nft_socket: fix sk refcount leaks Foster Snowhill (4): usbnet: ipheth: remove extraneous rx URB length check usbnet: ipheth: drop RX URBs with no payload usbnet: ipheth: do not stop RX on failing RX callback usbnet: ipheth: fix carrier detection in modes 1 and 4 Greg Kroah-Hartman (1): Linux 6.10.11 Han Xu (1): spi: nxp-fspi: fix the KASAN report out-of-bounds bug Hans de Goede (2): platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array Heikki Krogerus (1): usb: typec: ucsi: Fix cable registration Ilya Bakoulin (1): drm/amd/display: Fix FEC_READY write on DP LT Jacky Chou (1): net: ftgmac100: Enable TX interrupt to avoid TX timeout Jacob Keller (1): ice: fix accounting for filters shared by multiple VSIs Jameson Thies (2): usb: typec: ucsi: Always set number of alternate modes usb: typec: ucsi: Only set number of plug altmodes after registration Jani Nikula (1): drm/xe/display: fix compat IS_DISPLAY_STEP() range end Jeff Layton (1): btrfs: update target inode's ctime on unlink Jeongjun Park (1): net: hsr: prevent NULL pointer dereference in hsr_proxy_announce() Jiawen Wu (1): net: libwx: fix number of Rx and Tx descriptors Jinjie Ruan (2): spi: geni-qcom: Undo runtime PM changes at driver exit time spi: geni-qcom: Fix incorrect free_irq() sequence Jonathan Denose (1): Input: synaptics - enable SMBus for HP Elitebook 840 G2 Kent Overstreet (3): bcachefs: Fix bch2_extents_match() false positive bcachefs: Revert lockless buffered IO path bcachefs: Don't delete open files in online fsck Krzysztof Kozlowski (1): soundwire: stream: Revert "soundwire: stream: fix programming slave ports for non-continous port maps" Li Qiang (1): clk/sophgo: Using BUG() instead of unreachable() in mmux_get_parent_id() Linus Torvalds (1): mm: avoid leaving partial pfn mappings around in error case Lorenzo Stoakes (1): minmax: reduce min/max macro expansion in atomisp driver Lukasz Majewski (1): net: hsr: Send supervisory frames to HSR network with ProxyNodeTable data Luke D. Jones (2): hid-asus: add ROG Ally X prod ID to quirk list platform/x86: asus-wmi: Add quirk for ROG Ally X Maher Sanalla (1): net/mlx5: Update the list of the PCI supported devices Marek Vasut (1): Input: ads7846 - ratelimit the spi_sync error message Martyna Szapar-Mudlaw (1): ice: Fix lldp packets dropping after changing the number of channels Masami Hiramatsu (Google) (1): tracing/kprobes: Fix build error when find_module() is not available Matthew Auld (2): drm/xe/client: fix deadlock in show_meminfo() drm/xe/client: add missing bo locking in show_meminfo() Matthieu Baerts (NGI0) (1): selftests: mptcp: join: restrict fullmesh endp on 1st sf Maximilian Luz (5): platform/surface: aggregator_registry: Add Support for Surface Pro 10 platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 platform/surface: aggregator_registry: Add support for Surface Laptop Studio 2 platform/surface: aggregator_registry: Add fan and thermal sensor support for Surface Laptop 5 platform/surface: aggregator_registry: Add support for Surface Laptop 6 Michal Luczaj (1): selftests/bpf: Support SOCK_STREAM in unix_inet_redir_to_connected() Michal Schmidt (1): ice: fix VSI lists confusion when adding VLANs Mika Westerberg (1): pinctrl: meteorlake: Add Arrow Lake-H/U ACPI ID Mikulas Patocka (1): dm-integrity: fix a race condition when accessing recalc_sector Moon Yeounsu (1): net: ethernet: use ip_hdrlen() instead of bit shift Muhammad Usama Anjum (1): fou: fix initialization of grc Namjae Jeon (2): ksmbd: override fsids for share path check ksmbd: override fsids for smb2_query_info() Naveen Mamindlapalli (1): octeontx2-af: Modify SMQ flush sequence to drop packets Ngai-Mint Kwan (1): drm/xe/xe2lpm: Extend Wa_16021639441 Nikita Zhandarovich (1): drm/i915/guc: prevent a possible int overflow in wq offsets Patryk Biel (1): hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >= 1.2 Pawel Dembicki (1): net: phy: vitesse: repair vsc73xx autonegotiation Peiyang Wang (1): net: hns3: use correct release function during uninitialization Quentin Schulz (2): arm64: dts: rockchip: fix eMMC/SPI corruption when audio has been used on RK3399 Puma arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma Rob Clark (1): drm/msm/adreno: Fix error return if missing firmware-name Sean Anderson (3): spi: zynqmp-gqspi: Scale timeout by data size selftests: net: csum: Fix checksums for packets with non-zero padding net: dpaa: Pad packets to ETH_ZLEN Shahar Shitrit (2): net/mlx5e: Add missing link modes to ptys2ethtool_map net/mlx5e: Add missing link mode to ptys2ext_ethtool_map Sriram Yagnaraman (1): igb: Always call igb_xdp_ring_update_tail() under Tx lock Steven Rostedt (1): tracing/osnoise: Fix build when timerlat is not enabled Su Hui (1): ASoC: codecs: avoid possible garbage value in peb2466_reg_read() T.J. Mercier (2): drm/syncobj: Fix syncobj leak in drm_syncobj_eventfd_ioctl dma-buf: heaps: Fix off-by-one in CMA heap fault handler Takashi Iwai (1): Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table Tobias Jakobi (2): drm/amd/display: Avoid race between dcn10_set_drr() and dc_state_destruct() drm/amd/display: Avoid race between dcn35_set_drr() and dc_state_destruct() Tomas Paukrt (1): net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices Trond Myklebust (2): NFSv4: Fix clearing of layout segments in layoutreturn NFS: Avoid unnecessary rescanning of the per-server delegation list Waiman Long (1): cgroup/cpuset: Eliminate unncessary sched domains rebuilds in hotplug Willem de Bruijn (1): net: tighten bad gso csum offset check in virtio_net_hdr Xiaoliang Yang (1): net: dsa: felix: ignore pending status of TAS module when it's disabled Xingyu Wu (1): riscv: dts: starfive: jh7110-common: Fix lower rate of CPUfreq by setting PLL0 rate to 1.5GHz Yinjie Yao (1): drm/amdgpu: Update kmd_fw_shared for VCN5 peng guo (1): cxl/core: Fix incorrect vendor debug UUID define

9 months, 4 weeks

1
1
0 0

Linux 6.6.52

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.52 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm64/boot/dts/rockchip/rk3328-rock-pi-e.dts | 2 arch/arm64/boot/dts/rockchip/rk3399-puma.dtsi | 36 +++ arch/powerpc/kernel/setup-common.c | 1 arch/powerpc/mm/mem.c | 2 arch/riscv/boot/dts/starfive/jh7110-starfive-visionfive-2.dtsi | 4 arch/x86/hyperv/hv_init.c | 5 arch/x86/include/asm/mshyperv.h | 1 arch/x86/kernel/cpu/mshyperv.c | 4 drivers/cxl/cxlmem.h | 2 drivers/dma-buf/heaps/cma_heap.c | 2 drivers/gpu/drm/amd/amdgpu/jpeg_v1_0.c | 76 ++++++++ drivers/gpu/drm/amd/amdgpu/jpeg_v1_0.h | 11 + drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_phy.c | 55 ++---- drivers/gpu/drm/amd/include/atomfirmware.h | 4 drivers/gpu/drm/drm_panel_orientation_quirks.c | 12 + drivers/gpu/drm/drm_syncobj.c | 17 + drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c | 4 drivers/gpu/drm/msm/adreno/adreno_gpu.c | 2 drivers/gpu/drm/nouveau/nvkm/subdev/fb/ram.h | 2 drivers/gpu/drm/nouveau/nvkm/subdev/fb/ramgp100.c | 2 drivers/gpu/drm/nouveau/nvkm/subdev/fb/ramgp102.c | 1 drivers/hid/hid-ids.h | 2 drivers/hid/hid-multitouch.c | 33 +++ drivers/hwmon/pmbus/pmbus.h | 6 drivers/hwmon/pmbus/pmbus_core.c | 17 + drivers/iio/adc/ad7124.c | 58 ++---- drivers/infiniband/hw/mlx5/main.c | 2 drivers/input/mouse/synaptics.c | 1 drivers/input/serio/i8042-acpipnpio.h | 9 drivers/input/touchscreen/ads7846.c | 2 drivers/md/dm-integrity.c | 4 drivers/misc/eeprom/digsy_mtc_eeprom.c | 2 drivers/net/dsa/ocelot/felix_vsc9959.c | 11 - drivers/net/ethernet/faraday/ftgmac100.h | 2 drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 9 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 2 drivers/net/ethernet/intel/ice/ice_lib.c | 15 - drivers/net/ethernet/intel/ice/ice_switch.c | 4 drivers/net/ethernet/intel/igb/igb_main.c | 17 + drivers/net/ethernet/jme.c | 10 - drivers/net/ethernet/marvell/octeontx2/af/rvu.h | 3 drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c | 59 +++++- drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c | 10 + drivers/net/ethernet/mellanox/mlx5/core/esw/legacy.c | 4 drivers/net/ethernet/mellanox/mlx5/core/esw/qos.c | 51 +++-- drivers/net/ethernet/mellanox/mlx5/core/main.c | 1 drivers/net/ethernet/mellanox/mlx5/core/port.c | 2 drivers/net/ethernet/mellanox/mlx5/core/qos.c | 7 drivers/net/ethernet/xilinx/xilinx_axienet.h | 3 drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 8 drivers/net/phy/vitesse.c | 14 - drivers/net/usb/ipheth.c | 18 + drivers/net/wireless/mediatek/mt76/mt7921/main.c | 2 drivers/nvmem/core.c | 13 + drivers/nvmem/u-boot-env.c | 91 +++++----- drivers/pinctrl/intel/pinctrl-meteorlake.c | 1 drivers/platform/surface/surface_aggregator_registry.c | 8 drivers/platform/x86/panasonic-laptop.c | 58 +++++- drivers/soundwire/stream.c | 8 drivers/spi/spi-geni-qcom.c | 17 - drivers/spi/spi-nxp-fspi.c | 5 drivers/staging/media/atomisp/pci/sh_css_frac.h | 26 ++ fs/btrfs/inode.c | 1 fs/nfs/delegation.c | 15 - fs/nfs/nfs4proc.c | 9 fs/nfs/pnfs.c | 5 fs/smb/client/cifsencrypt.c | 2 fs/smb/server/mgmt/share_config.c | 15 + fs/smb/server/mgmt/share_config.h | 4 fs/smb/server/mgmt/tree_connect.c | 9 fs/smb/server/mgmt/tree_connect.h | 4 fs/smb/server/smb2pdu.c | 11 - fs/smb/server/smb_common.c | 9 fs/smb/server/smb_common.h | 2 include/linux/mlx5/mlx5_ifc.h | 12 + include/linux/mlx5/port.h | 2 include/linux/nvmem-consumer.h | 1 include/linux/property.h | 8 include/linux/virtio_net.h | 3 kernel/trace/trace_osnoise.c | 10 - mm/memory.c | 27 ++ net/ipv4/fou_core.c | 4 net/mptcp/pm_netlink.c | 13 - net/netfilter/nft_socket.c | 7 scripts/kconfig/merge_config.sh | 2 sound/soc/codecs/peb2466.c | 3 sound/soc/meson/axg-card.c | 3 tools/testing/selftests/bpf/prog_tests/sockmap_listen.c | 3 tools/testing/selftests/net/csum.c | 16 + tools/testing/selftests/net/mptcp/mptcp_join.sh | 4 91 files changed, 741 insertions(+), 325 deletions(-) Alex Deucher (1): drm/amdgpu/atomfirmware: Silence UBSAN warning Anders Roxell (1): scripts: kconfig: merge_config: config files: add a trailing newline Andy Shevchenko (1): eeprom: digsy_mtc: Fix 93xx46 driver probe failure Anirudh Rayabharam (Microsoft) (1): x86/hyperv: fix kexec crash due to VP assist page corruption Arseniy Krasnov (1): ASoC: meson: axg-card: fix 'use-after-free' Ben Skeggs (1): drm/nouveau/fb: restore init() for ramgp102 Benjamin Poirier (1): net/mlx5: Fix bridge mode operations when there are no VFs Bert Karwatzki (1): wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change Bouke Sybren Haarsma (2): drm: panel-orientation-quirks: Add quirk for Ayn Loki Zero drm: panel-orientation-quirks: Add quirk for Ayn Loki Max Carolina Jubran (3): net/mlx5: Explicitly set scheduling element and TSAR type net/mlx5: Add missing masks and QoS bit masks for scheduling elements net/mlx5: Verify support for scheduling element and TSAR type ChenXiaoSong (1): smb/server: fix return value of smb2_open() Christophe Leroy (1): powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL Cosmin Ratiu (1): net/mlx5: Correct TASR typo into TSAR Cruise (1): drm/amd/display: Disable error correction if it's not supported David (Ming Qiang) Wu (1): drm/amd/amdgpu: apply command submission parser for JPEG v1 David Howells (1): cifs: Fix signature miscalculation Dmitry Savin (1): HID: multitouch: Add support for GT7868Q Dumitru Ceclan (1): iio: adc: ad7124: fix DT configuration parsing Edward Adam Davis (1): mptcp: pm: Fix uaf in __timer_delete_sync FUKAUMI Naoki (1): arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E Florian Westphal (1): netfilter: nft_socket: fix sk refcount leaks Foster Snowhill (4): usbnet: ipheth: remove extraneous rx URB length check usbnet: ipheth: drop RX URBs with no payload usbnet: ipheth: do not stop RX on failing RX callback usbnet: ipheth: fix carrier detection in modes 1 and 4 Greg Kroah-Hartman (1): Linux 6.6.52 Han Xu (1): spi: nxp-fspi: fix the KASAN report out-of-bounds bug Hans de Goede (2): platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array Ilya Bakoulin (1): drm/amd/display: Fix FEC_READY write on DP LT Jacky Chou (1): net: ftgmac100: Enable TX interrupt to avoid TX timeout Jacob Keller (1): ice: fix accounting for filters shared by multiple VSIs Jeff Layton (1): btrfs: update target inode's ctime on unlink Jinjie Ruan (2): spi: geni-qcom: Undo runtime PM changes at driver exit time spi: geni-qcom: Fix incorrect free_irq() sequence John Thomson (1): nvmem: u-boot-env: error if NVMEM device is too small Jonathan Cameron (3): device property: Add cleanup.h based fwnode_handle_put() scope based cleanup. device property: Introduce device_for_each_child_node_scoped() iio: adc: ad7124: Switch from of specific to fwnode based property handling Jonathan Denose (1): Input: synaptics - enable SMBus for HP Elitebook 840 G2 Krzysztof Kozlowski (1): soundwire: stream: Revert "soundwire: stream: fix programming slave ports for non-continous port maps" Linus Torvalds (1): mm: avoid leaving partial pfn mappings around in error case Lorenzo Stoakes (1): minmax: reduce min/max macro expansion in atomisp driver Maher Sanalla (1): net/mlx5: Update the list of the PCI supported devices Marek Vasut (1): Input: ads7846 - ratelimit the spi_sync error message Martyna Szapar-Mudlaw (1): ice: Fix lldp packets dropping after changing the number of channels Matthieu Baerts (NGI0) (1): selftests: mptcp: join: restrict fullmesh endp on 1st sf Maximilian Luz (2): platform/surface: aggregator_registry: Add Support for Surface Pro 10 platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 Michal Luczaj (1): selftests/bpf: Support SOCK_STREAM in unix_inet_redir_to_connected() Michal Schmidt (1): ice: fix VSI lists confusion when adding VLANs Mika Westerberg (1): pinctrl: meteorlake: Add Arrow Lake-H/U ACPI ID Mikulas Patocka (1): dm-integrity: fix a race condition when accessing recalc_sector Moon Yeounsu (1): net: ethernet: use ip_hdrlen() instead of bit shift Muhammad Usama Anjum (1): fou: fix initialization of grc Namjae Jeon (2): ksmbd: override fsids for share path check ksmbd: override fsids for smb2_query_info() Naveen Mamindlapalli (1): octeontx2-af: Modify SMQ flush sequence to drop packets Nikita Zhandarovich (1): drm/i915/guc: prevent a possible int overflow in wq offsets Patrisious Haddad (1): IB/mlx5: Rename 400G_8X speed to comply to naming convention Patryk Biel (1): hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >= 1.2 Pawel Dembicki (1): net: phy: vitesse: repair vsc73xx autonegotiation Peiyang Wang (1): net: hns3: use correct release function during uninitialization Quentin Schulz (2): arm64: dts: rockchip: fix eMMC/SPI corruption when audio has been used on RK3399 Puma arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma Rafał Miłecki (4): nvmem: core: add nvmem_dev_size() helper nvmem: u-boot-env: use nvmem_add_one_cell() nvmem subsystem helper nvmem: u-boot-env: use nvmem device helpers nvmem: u-boot-env: improve coding style Rob Clark (1): drm/msm/adreno: Fix error return if missing firmware-name Sean Anderson (3): net: xilinx: axienet: Fix race in axienet_stop selftests: net: csum: Fix checksums for packets with non-zero padding net: dpaa: Pad packets to ETH_ZLEN Shahar Shitrit (2): net/mlx5e: Add missing link modes to ptys2ethtool_map net/mlx5e: Add missing link mode to ptys2ext_ethtool_map Sriram Yagnaraman (1): igb: Always call igb_xdp_ring_update_tail() under Tx lock Steven Rostedt (1): tracing/osnoise: Fix build when timerlat is not enabled Su Hui (1): ASoC: codecs: avoid possible garbage value in peb2466_reg_read() T.J. Mercier (2): drm/syncobj: Fix syncobj leak in drm_syncobj_eventfd_ioctl dma-buf: heaps: Fix off-by-one in CMA heap fault handler Takashi Iwai (1): Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table Trond Myklebust (2): NFSv4: Fix clearing of layout segments in layoutreturn NFS: Avoid unnecessary rescanning of the per-server delegation list Willem de Bruijn (1): net: tighten bad gso csum offset check in virtio_net_hdr William Qiu (1): riscv: dts: starfive: add assigned-clock* to limit frquency Xiaoliang Yang (1): net: dsa: felix: ignore pending status of TAS module when it's disabled peng guo (1): cxl/core: Fix incorrect vendor debug UUID define

9 months, 4 weeks

1
1
0 0

Linux 6.1.111

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.111 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm64/boot/dts/rockchip/rk3328-rock-pi-e.dts | 2 arch/arm64/boot/dts/rockchip/rk3399-puma.dtsi | 36 ++- arch/powerpc/kernel/setup-common.c | 1 arch/powerpc/mm/mem.c | 2 drivers/cxl/cxlmem.h | 2 drivers/dma-buf/heaps/cma_heap.c | 2 drivers/gpu/drm/amd/include/atomfirmware.h | 4 drivers/gpu/drm/drm_panel_orientation_quirks.c | 12 + drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c | 4 drivers/gpu/drm/msm/adreno/adreno_gpu.c | 2 drivers/hid/hid-ids.h | 2 drivers/hid/hid-multitouch.c | 33 ++ drivers/hwmon/pmbus/pmbus.h | 6 drivers/hwmon/pmbus/pmbus_core.c | 17 + drivers/input/mouse/synaptics.c | 1 drivers/input/serio/i8042-acpipnpio.h | 9 drivers/input/touchscreen/ads7846.c | 2 drivers/md/dm-integrity.c | 4 drivers/misc/eeprom/digsy_mtc_eeprom.c | 2 drivers/net/ethernet/faraday/ftgmac100.h | 2 drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 9 drivers/net/ethernet/intel/ice/ice_switch.c | 2 drivers/net/ethernet/intel/igb/igb_main.c | 17 + drivers/net/ethernet/jme.c | 10 drivers/net/ethernet/marvell/octeontx2/af/rvu.h | 15 + drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c | 177 +++++++++++++++- drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c | 4 drivers/net/ethernet/mellanox/mlx5/core/esw/legacy.c | 4 drivers/net/ethernet/mellanox/mlx5/core/esw/qos.c | 51 ++-- drivers/net/ethernet/mellanox/mlx5/core/main.c | 1 drivers/net/ethernet/mellanox/mlx5/core/qos.c | 7 drivers/net/ethernet/xilinx/xilinx_axienet.h | 3 drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 8 drivers/net/phy/vitesse.c | 14 - drivers/net/usb/ipheth.c | 5 drivers/pinctrl/intel/pinctrl-meteorlake.c | 1 drivers/platform/surface/surface_aggregator_registry.c | 8 drivers/platform/x86/panasonic-laptop.c | 58 ++++- drivers/soc/ti/omap_prm.c | 2 drivers/soundwire/stream.c | 8 drivers/spi/spi-geni-qcom.c | 22 - drivers/spi/spi-nxp-fspi.c | 5 drivers/staging/media/atomisp/pci/sh_css_frac.h | 26 +- fs/btrfs/inode.c | 1 fs/nfs/delegation.c | 15 - fs/nfs/nfs4proc.c | 9 fs/nfs/pnfs.c | 5 fs/ntfs3/attrlist.c | 4 fs/ntfs3/bitmap.c | 4 fs/ntfs3/frecord.c | 4 fs/ntfs3/super.c | 2 fs/smb/server/mgmt/share_config.c | 15 + fs/smb/server/mgmt/share_config.h | 4 fs/smb/server/mgmt/tree_connect.c | 9 fs/smb/server/mgmt/tree_connect.h | 4 fs/smb/server/smb2pdu.c | 11 fs/smb/server/smb_common.c | 9 fs/smb/server/smb_common.h | 2 include/linux/mlx5/mlx5_ifc.h | 12 - include/linux/virtio_net.h | 3 mm/memory.c | 27 +- net/ipv4/fou.c | 4 net/mptcp/pm_netlink.c | 13 - net/netfilter/nft_socket.c | 7 scripts/kconfig/merge_config.sh | 2 sound/soc/meson/axg-card.c | 3 tools/testing/selftests/bpf/prog_tests/sockmap_listen.c | 3 68 files changed, 603 insertions(+), 173 deletions(-) Alex Deucher (1): drm/amdgpu/atomfirmware: Silence UBSAN warning Anders Roxell (1): scripts: kconfig: merge_config: config files: add a trailing newline Andy Shevchenko (1): eeprom: digsy_mtc: Fix 93xx46 driver probe failure Arseniy Krasnov (1): ASoC: meson: axg-card: fix 'use-after-free' Benjamin Poirier (1): net/mlx5: Fix bridge mode operations when there are no VFs Bouke Sybren Haarsma (2): drm: panel-orientation-quirks: Add quirk for Ayn Loki Zero drm: panel-orientation-quirks: Add quirk for Ayn Loki Max Carolina Jubran (3): net/mlx5: Explicitly set scheduling element and TSAR type net/mlx5: Add missing masks and QoS bit masks for scheduling elements net/mlx5: Verify support for scheduling element and TSAR type ChenXiaoSong (1): smb/server: fix return value of smb2_open() Christophe Leroy (1): powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL Cosmin Ratiu (1): net/mlx5: Correct TASR typo into TSAR Dmitry Savin (1): HID: multitouch: Add support for GT7868Q Edward Adam Davis (1): mptcp: pm: Fix uaf in __timer_delete_sync FUKAUMI Naoki (1): arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E Florian Westphal (1): netfilter: nft_socket: fix sk refcount leaks Foster Snowhill (1): usbnet: ipheth: fix carrier detection in modes 1 and 4 Greg Kroah-Hartman (1): Linux 6.1.111 Han Xu (1): spi: nxp-fspi: fix the KASAN report out-of-bounds bug Hans de Goede (2): platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array Jacky Chou (1): net: ftgmac100: Enable TX interrupt to avoid TX timeout Jacob Keller (1): ice: fix accounting for filters shared by multiple VSIs Jeff Layton (1): btrfs: update target inode's ctime on unlink Jinjie Ruan (2): spi: geni-qcom: Undo runtime PM changes at driver exit time spi: geni-qcom: Fix incorrect free_irq() sequence Jonathan Denose (1): Input: synaptics - enable SMBus for HP Elitebook 840 G2 Konstantin Komarov (1): fs/ntfs3: Use kvfree to free memory allocated by kvmalloc Krzysztof Kozlowski (1): soundwire: stream: Revert "soundwire: stream: fix programming slave ports for non-continous port maps" Kunwu Chan (1): pmdomain: ti: Add a null pointer check to the omap_prm_domain_init Linus Torvalds (1): mm: avoid leaving partial pfn mappings around in error case Lorenzo Stoakes (1): minmax: reduce min/max macro expansion in atomisp driver Maher Sanalla (1): net/mlx5: Update the list of the PCI supported devices Marek Vasut (1): Input: ads7846 - ratelimit the spi_sync error message Maximilian Luz (2): platform/surface: aggregator_registry: Add Support for Surface Pro 10 platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 Michal Luczaj (1): selftests/bpf: Support SOCK_STREAM in unix_inet_redir_to_connected() Mika Westerberg (1): pinctrl: meteorlake: Add Arrow Lake-H/U ACPI ID Mikulas Patocka (1): dm-integrity: fix a race condition when accessing recalc_sector Moon Yeounsu (1): net: ethernet: use ip_hdrlen() instead of bit shift Muhammad Usama Anjum (1): fou: fix initialization of grc Namjae Jeon (2): ksmbd: override fsids for share path check ksmbd: override fsids for smb2_query_info() Naveen Mamindlapalli (2): octeontx2-af: Set XOFF on other child transmit schedulers during SMQ flush octeontx2-af: Modify SMQ flush sequence to drop packets Nikita Zhandarovich (1): drm/i915/guc: prevent a possible int overflow in wq offsets Patryk Biel (1): hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >= 1.2 Pawel Dembicki (1): net: phy: vitesse: repair vsc73xx autonegotiation Quentin Schulz (2): arm64: dts: rockchip: fix eMMC/SPI corruption when audio has been used on RK3399 Puma arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma Rob Clark (1): drm/msm/adreno: Fix error return if missing firmware-name Sean Anderson (2): net: xilinx: axienet: Fix race in axienet_stop net: dpaa: Pad packets to ETH_ZLEN Shahar Shitrit (1): net/mlx5e: Add missing link modes to ptys2ethtool_map Sriram Yagnaraman (1): igb: Always call igb_xdp_ring_update_tail() under Tx lock T.J. Mercier (1): dma-buf: heaps: Fix off-by-one in CMA heap fault handler Takashi Iwai (1): Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table Trond Myklebust (2): NFSv4: Fix clearing of layout segments in layoutreturn NFS: Avoid unnecessary rescanning of the per-server delegation list Uwe Kleine-König (1): spi: geni-qcom: Convert to platform remove callback returning void Willem de Bruijn (1): net: tighten bad gso csum offset check in virtio_net_hdr peng guo (1): cxl/core: Fix incorrect vendor debug UUID define

9 months, 4 weeks

1
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror