- Linux-stable-mirror - lists.linaro.org

[to-be-updated] memcg-dont-wait-writeback-completion-when-release-memcg.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: memcg: don't wait writeback completion when release memcg has been removed from the -mm tree. Its filename was memcg-dont-wait-writeback-completion-when-release-memcg.patch This patch was dropped because an updated version will be issued ------------------------------------------------------ From: Julian Sun <sunjunchao(a)bytedance.com> Subject: memcg: don't wait writeback completion when release memcg Date: Thu, 28 Aug 2025 04:45:57 +0800 Recently, we encountered the following hung task: INFO: task kworker/4:1:1334558 blocked for more than 1720 seconds. [Wed Jul 30 17:47:45 2025] Workqueue: cgroup_destroy css_free_rwork_fn [Wed Jul 30 17:47:45 2025] Call Trace: [Wed Jul 30 17:47:45 2025] __schedule+0x934/0xe10 [Wed Jul 30 17:47:45 2025] ? complete+0x3b/0x50 [Wed Jul 30 17:47:45 2025] ? _cond_resched+0x15/0x30 [Wed Jul 30 17:47:45 2025] schedule+0x40/0xb0 [Wed Jul 30 17:47:45 2025] wb_wait_for_completion+0x52/0x80 [Wed Jul 30 17:47:45 2025] ? finish_wait+0x80/0x80 [Wed Jul 30 17:47:45 2025] mem_cgroup_css_free+0x22/0x1b0 [Wed Jul 30 17:47:45 2025] css_free_rwork_fn+0x42/0x380 [Wed Jul 30 17:47:45 2025] process_one_work+0x1a2/0x360 [Wed Jul 30 17:47:45 2025] worker_thread+0x30/0x390 [Wed Jul 30 17:47:45 2025] ? create_worker+0x1a0/0x1a0 [Wed Jul 30 17:47:45 2025] kthread+0x110/0x130 [Wed Jul 30 17:47:45 2025] ? __kthread_cancel_work+0x40/0x40 [Wed Jul 30 17:47:45 2025] ret_from_fork+0x1f/0x30 The direct cause is that memcg spends a long time waiting for dirty page writeback of foreign memcgs during release. The root causes are: a. The wb may have multiple writeback tasks, containing millions of dirty pages, as shown below: >>> for work in list_for_each_entry("struct wb_writeback_work", \ wb.work_list.address_of_(), "list"): ... print(work.nr_pages, work.reason, hex(work)) ... 900628 WB_REASON_FOREIGN_FLUSH 0xffff969e8d956b40 1116521 WB_REASON_FOREIGN_FLUSH 0xffff9698332a9540 1275228 WB_REASON_FOREIGN_FLUSH 0xffff969d9b444bc0 1099673 WB_REASON_FOREIGN_FLUSH 0xffff969f0954d6c0 1351522 WB_REASON_FOREIGN_FLUSH 0xffff969e76713340 2567437 WB_REASON_FOREIGN_FLUSH 0xffff9694ae208400 2954033 WB_REASON_FOREIGN_FLUSH 0xffff96a22d62cbc0 3008860 WB_REASON_FOREIGN_FLUSH 0xffff969eee8ce3c0 3337932 WB_REASON_FOREIGN_FLUSH 0xffff9695b45156c0 3348916 WB_REASON_FOREIGN_FLUSH 0xffff96a22c7a4f40 3345363 WB_REASON_FOREIGN_FLUSH 0xffff969e5d872800 3333581 WB_REASON_FOREIGN_FLUSH 0xffff969efd0f4600 3382225 WB_REASON_FOREIGN_FLUSH 0xffff969e770edcc0 3418770 WB_REASON_FOREIGN_FLUSH 0xffff96a252ceea40 3387648 WB_REASON_FOREIGN_FLUSH 0xffff96a3bda86340 3385420 WB_REASON_FOREIGN_FLUSH 0xffff969efc6eb280 3418730 WB_REASON_FOREIGN_FLUSH 0xffff96a348ab1040 3426155 WB_REASON_FOREIGN_FLUSH 0xffff969d90beac00 3397995 WB_REASON_FOREIGN_FLUSH 0xffff96a2d7288800 3293095 WB_REASON_FOREIGN_FLUSH 0xffff969dab423240 3293595 WB_REASON_FOREIGN_FLUSH 0xffff969c765ff400 3199511 WB_REASON_FOREIGN_FLUSH 0xffff969a72d5e680 3085016 WB_REASON_FOREIGN_FLUSH 0xffff969f0455e000 3035712 WB_REASON_FOREIGN_FLUSH 0xffff969d9bbf4b00 b. The writeback might severely throttled by wbt, with a speed possibly less than 100kb/s, leading to a very long writeback time. >>> wb.write_bandwidth (unsigned long)24 >>> wb.write_bandwidth (unsigned long)13 The wb_wait_for_completion() here is probably only used to prevent use-after-free. Therefore, we manage 'done' separately and automatically free it. This allows us to remove wb_wait_for_completion() while preventing the use-after-free issue. Link: https://lkml.kernel.org/r/20250827204557.90112-1-sunjunchao@bytedance.com Fixes: 97b27821b485 ("writeback, memcg: Implement foreign dirty flushing") Signed-off-by: Julian Sun <sunjunchao(a)bytedance.com> Acked-by: Tejun Heo <tj(a)kernel.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Roman Gushchin <roman.gushchin(a)linux.dev> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Shakeel Butt <shakeelb(a)google.com> Cc: Muchun Song <songmuchun(a)bytedance.com> Cc: Venkat <venkat88(a)linux.ibm.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/memcontrol.h | 7 +++- mm/memcontrol.c | 53 +++++++++++++++++++++++++++++------ 2 files changed, 51 insertions(+), 9 deletions(-) --- a/include/linux/memcontrol.h~memcg-dont-wait-writeback-completion-when-release-memcg +++ a/include/linux/memcontrol.h @@ -157,11 +157,16 @@ struct mem_cgroup_thresholds { */ #define MEMCG_CGWB_FRN_CNT 4 +struct cgwb_frn_wait { + struct wb_completion done; + struct wait_queue_entry wq_entry; +}; + struct memcg_cgwb_frn { u64 bdi_id; /* bdi->id of the foreign inode */ int memcg_id; /* memcg->css.id of foreign inode */ u64 at; /* jiffies_64 at the time of dirtying */ - struct wb_completion done; /* tracks in-flight foreign writebacks */ + struct cgwb_frn_wait *wait; /* tracks in-flight foreign writebacks */ }; /* --- a/mm/memcontrol.c~memcg-dont-wait-writeback-completion-when-release-memcg +++ a/mm/memcontrol.c @@ -3457,7 +3457,7 @@ void mem_cgroup_track_foreign_dirty_slow frn->memcg_id == wb->memcg_css->id) break; if (time_before64(frn->at, oldest_at) && - atomic_read(&frn->done.cnt) == 1) { + atomic_read(&frn->wait->done.cnt) == 1) { oldest = i; oldest_at = frn->at; } @@ -3504,12 +3504,12 @@ void mem_cgroup_flush_foreign(struct bdi * already one in flight. */ if (time_after64(frn->at, now - intv) && - atomic_read(&frn->done.cnt) == 1) { + atomic_read(&frn->wait->done.cnt) == 1) { frn->at = 0; trace_flush_foreign(wb, frn->bdi_id, frn->memcg_id); cgroup_writeback_by_id(frn->bdi_id, frn->memcg_id, WB_REASON_FOREIGN_FLUSH, - &frn->done); + &frn->wait->done); } } } @@ -3700,13 +3700,29 @@ static void mem_cgroup_free(struct mem_c __mem_cgroup_free(memcg); } +#ifdef CONFIG_CGROUP_WRITEBACK +static int memcg_cgwb_waitq_callback_fn(struct wait_queue_entry *wq_entry, unsigned int mode, + int flags, void *key) +{ + struct cgwb_frn_wait *frn_wait = container_of(wq_entry, + struct cgwb_frn_wait, wq_entry); + + if (!atomic_read(&frn_wait->done.cnt)) { + list_del(&wq_entry->entry); + kfree(frn_wait); + } + + return 0; +} +#endif + static struct mem_cgroup *mem_cgroup_alloc(struct mem_cgroup *parent) { struct memcg_vmstats_percpu *statc; struct memcg_vmstats_percpu __percpu *pstatc_pcpu; struct mem_cgroup *memcg; int node, cpu; - int __maybe_unused i; + int __maybe_unused i = 0; long error; memcg = kmem_cache_zalloc(memcg_cachep, GFP_KERNEL); @@ -3761,9 +3777,17 @@ static struct mem_cgroup *mem_cgroup_all INIT_LIST_HEAD(&memcg->objcg_list); #ifdef CONFIG_CGROUP_WRITEBACK INIT_LIST_HEAD(&memcg->cgwb_list); - for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) - memcg->cgwb_frn[i].done = + for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) { + struct memcg_cgwb_frn *frn = &memcg->cgwb_frn[i]; + + frn->wait = kmalloc(sizeof(struct cgwb_frn_wait), GFP_KERNEL); + if (!frn->wait) + goto fail; + + frn->wait->done = __WB_COMPLETION_INIT(&memcg_cgwb_frn_waitq); + init_wait_func(&frn->wait->wq_entry, memcg_cgwb_waitq_callback_fn); + } #endif #ifdef CONFIG_TRANSPARENT_HUGEPAGE spin_lock_init(&memcg->deferred_split_queue.split_queue_lock); @@ -3773,6 +3797,10 @@ static struct mem_cgroup *mem_cgroup_all lru_gen_init_memcg(memcg); return memcg; fail: +#ifdef CONFIG_CGROUP_WRITEBACK + while (i--) + kfree(memcg->cgwb_frn[i].wait); +#endif mem_cgroup_id_remove(memcg); __mem_cgroup_free(memcg); return ERR_PTR(error); @@ -3910,8 +3938,17 @@ static void mem_cgroup_css_free(struct c int __maybe_unused i; #ifdef CONFIG_CGROUP_WRITEBACK - for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) - wb_wait_for_completion(&memcg->cgwb_frn[i].done); + for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) { + struct cgwb_frn_wait *wait = memcg->cgwb_frn[i].wait; + + /* + * Not necessary to wait for wb completion which might cause task hung, + * only used to free resources. See memcg_cgwb_waitq_callback_fn(). + */ + __add_wait_queue_entry_tail(wait->done.waitq, &wait->wq_entry); + if (atomic_dec_and_test(&wait->done.cnt)) + wake_up_all(wait->done.waitq); + } #endif if (cgroup_subsys_on_dfl(memory_cgrp_subsys) && !cgroup_memory_nosocket) static_branch_dec(&memcg_sockets_enabled_key); _ Patches currently in -mm which might be from sunjunchao(a)bytedance.com are

3 days, 6 hours

1
0
0 0

[PATCH v3 5.15.y 0/3] Fix TSA CPUID management in KVM

by Boris Ostrovsky

v3: * Make commit message in patch 2 more verbose v2: * Move kvm_cpu_cap_mask(CPUID_8000_0021_EAX, F(VERW_CLEAR)) to the first patch * Split second patch into two: fix TSA_SQ/L1_NO reporting (new patch) backport of LTS' f3f9deccfc68a6b7c8c1cc51e902edba23d309d4 Backport of AMD's TSA mitigation to 5.15 did not set CPUID bits that are passed to a guest correctly (commit c334ae4a545a "KVM: SVM: Advertise TSA CPUID bits to guests"). Boris Ostrovsky (1): KVM: SVM: Return TSA_SQ_NO and TSA_L1_NO bits in __do_cpuid_func() Borislav Petkov (AMD) (1): KVM: SVM: Set synthesized TSA CPUID flags Kim Phillips (1): KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code arch/x86/kvm/cpuid.c | 31 ++++++++++++++++++------------- 1 file changed, 18 insertions(+), 13 deletions(-) -- 2.43.5

3 days, 7 hours

2
6
0 0

[PATCH wireless-next v2] wifi: mt76: mt7921u: Add VID/PID for Netgear A7500

by Nick Morrow

Add VID/PID 0846/9065 for Netgear A7500. Reported-by: Autumn Dececco <autumndececco(a)gmail.com> Tested-by: Autumn Dececco <autumndececco(a)gmail.com> Signed-off-by: Nick Morrow <morrownr(a)gmail.com> Cc: stable(a)vger.kernel.org Acked-by: Lorenzo Bianconi <lorenzo(a)kernel.org> --- Changes in v2: - added missing tab in patch --- drivers/net/wireless/mediatek/mt76/mt7921/usb.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/net/wireless/mediatek/mt76/mt7921/usb.c b/drivers/net/wireless/mediatek/mt76/mt7921/usb.c index fe9751851ff7..100bdba32ba5 100644 --- a/drivers/net/wireless/mediatek/mt76/mt7921/usb.c +++ b/drivers/net/wireless/mediatek/mt76/mt7921/usb.c @@ -21,6 +21,9 @@ static const struct usb_device_id mt7921u_device_table[] = { /* Netgear, Inc. [A8000,AXE3000] */ { USB_DEVICE_AND_INTERFACE_INFO(0x0846, 0x9060, 0xff, 0xff, 0xff), .driver_info = (kernel_ulong_t)MT7921_FIRMWARE_WM }, + /* Netgear, Inc. A7500 */ + { USB_DEVICE_AND_INTERFACE_INFO(0x0846, 0x9065, 0xff, 0xff, 0xff), + .driver_info = (kernel_ulong_t)MT7921_FIRMWARE_WM }, /* TP-Link TXE50UH */ { USB_DEVICE_AND_INTERFACE_INFO(0x35bc, 0x0107, 0xff, 0xff, 0xff), .driver_info = (kernel_ulong_t)MT7921_FIRMWARE_WM }, -- 2.47.3

3 days, 7 hours

1
0
0 0

[PATCH 5.10.y] cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()

by Sergey Shtylyov

From: Henry Martin <bsdhenrymartin(a)gmail.com> [ Upstream commit 484d3f15cc6cbaa52541d6259778e715b2c83c54 ] cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. scmi_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference. Add NULL check after cpufreq_cpu_get_raw() to prevent this issue. [Sergey: resolved reject (reordering the local variables).] Fixes: 99d6bdf33877 ("cpufreq: add support for CPU DVFS based on SCMI message protocol") Signed-off-by: Henry Martin <bsdhenrymartin(a)gmail.com> Acked-by: Sudeep Holla <sudeep.holla(a)arm.com> Signed-off-by: Viresh Kumar <viresh.kumar(a)linaro.org> Signed-off-by: Sergey Shtylyov <s.shtylyov(a)omp.ru> --- drivers/cpufreq/scmi-cpufreq.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) Index: linux-stable/drivers/cpufreq/scmi-cpufreq.c =================================================================== --- linux-stable.orig/drivers/cpufreq/scmi-cpufreq.c +++ linux-stable/drivers/cpufreq/scmi-cpufreq.c @@ -29,12 +29,18 @@ static const struct scmi_handle *handle; static unsigned int scmi_cpufreq_get_rate(unsigned int cpu) { - struct cpufreq_policy *policy = cpufreq_cpu_get_raw(cpu); const struct scmi_perf_ops *perf_ops = handle->perf_ops; - struct scmi_data *priv = policy->driver_data; + struct cpufreq_policy *policy; + struct scmi_data *priv; unsigned long rate; int ret; + policy = cpufreq_cpu_get_raw(cpu); + if (unlikely(!policy)) + return 0; + + priv = policy->driver_data; + ret = perf_ops->freq_get(handle, priv->domain_id, &rate, false); if (ret) return 0;

3 days, 8 hours

1
0
0 0

[PATCH v2 0/4 5.10.y] overflow: Allow mixed type arguments in overflow macros

by Eliav Farber

This series backports four commits to bring include/linux/overflow.h in line with v5.15.193: - 2541be80b1a2 ("overflow: Correct check_shl_overflow() comment") - 564e84663d25 ("compiler.h: drop fallback overflow checkers") - 1d1ac8244c22 ("overflow: Allow mixed type arguments") - f96cfe3e05b0 ("tracing: Define the is_signed_type() macro once") The motivation is to fix build failures such as: drivers/net/ethernet/intel/e1000e/ethtool.c: In function ‘e1000_set_eeprom’: ./include/linux/overflow.h:71:15: error: comparison of distinct pointer types lacks a cast [-Werror] 71 | (void) (&__a == __d); \ | ^~ drivers/net/ethernet/intel/e1000e/ethtool.c:582:6: note: in expansion of macro ‘check_add_overflow’ 582 | if (check_add_overflow(eeprom->offset, eeprom->len, &total_len) || | ^~~~~~~~~~~~~~~~~~ This regression was triggered by commit ce8829d3d44b ("e1000e: fix heap overflow in e1000_set_eeprom"). check_add_overflow() requires the first two operands and the result pointer to be of identical type. On 64-bit builds, using size_t for the result conflicted with the u32 fields eeprom->offset and eeprom->len, resulting in type check failures. BarteVan Assche (1): tracing: Define the is_signed_type() macro once Kees Cook (1): overflow: Allow mixed type arguments Keith Busch (1): overflow: Correct check_shl_overflow() comment Nick Desaulniers (1): compiler.h: drop fallback overflow checkers include/linux/compiler-clang.h | 13 -- include/linux/compiler-gcc.h | 4 - include/linux/compiler.h | 6 + include/linux/overflow.h | 209 ++++++----------------------- include/linux/trace_events.h | 2 - tools/include/linux/compiler-gcc.h | 4 - tools/include/linux/overflow.h | 140 +------------------ 7 files changed, 52 insertions(+), 326 deletions(-) --- Changes in v2: - Added missing sign-off in all patches -- 2.47.3

3 days, 9 hours

4
7
0 0

Re

by Ms Jacq.

HELLO, MY NAME IS MS JACQUELYN MITCHARD, A BANKER BY PROFESSION. I AM CONTACTING YOU TO REPATRIATE A HUGE SUM OF MONEY DEPOSITED BY OUR DECEASED CUSTOMER WHO HAPPENED TO HAVE THE SAME LAST NAME AS YOU. FOR OVER FIVE YEARS THE FUND WAS WITHOUT CLAIM BECAUSE THE DECEASED DIED WITH HIS FAMILY IN AUTO CRASH INCIDENT. ALL THE EFFORT MADE TO LOCATE THE DECEASED FAMILY THROUGH HIS EMBASSY WAS ABORTIVE . SO I CONTACT YOU TO MAKE THIS DEAL WITH YOU BECAUSE IT WILL BE VERY EASY FOR THE BANK TO PAY YOU THE MONEY AS THE DECEASED NEXT OF KIN HENCE YOU HAVE THE SAME LAST NAME AS HIM. WRITE BACK FOR DETAILS. REPLY TO MY PRIVATE EMAIL ( msjacquelynmit(a)hotmail.com ) THANKS YOURS MS JACQUELYN. RE;

3 days, 10 hours

1
0
0 0

[PATCH 0/4 5.10.y] overflow: Allow mixed type arguments in overflow macros

by Eliav Farber

This series backports four commits to bring include/linux/overflow.h in line with v5.15.193: - 2541be80b1a2 ("overflow: Correct check_shl_overflow() comment") - 564e84663d25 ("compiler.h: drop fallback overflow checkers") - 1d1ac8244c22 ("overflow: Allow mixed type arguments") - f96cfe3e05b0 ("tracing: Define the is_signed_type() macro once") The motivation is to fix build failures such as: drivers/net/ethernet/intel/e1000e/ethtool.c: In function ‘e1000_set_eeprom’: ./include/linux/overflow.h:71:15: error: comparison of distinct pointer types lacks a cast [-Werror] 71 | (void) (&__a == __d); \ | ^~ drivers/net/ethernet/intel/e1000e/ethtool.c:582:6: note: in expansion of macro ‘check_add_overflow’ 582 | if (check_add_overflow(eeprom->offset, eeprom->len, &total_len) || | ^~~~~~~~~~~~~~~~~~ This regression was triggered by commit ce8829d3d44b ("e1000e: fix heap overflow in e1000_set_eeprom"). check_add_overflow() requires the first two operands and the result pointer to be of identical type. On 64-bit builds, using size_t for the result conflicted with the u32 fields eeprom->offset and eeprom->len, resulting in type check failures. BarteVan Assche (1): tracing: Define the is_signed_type() macro once Kees Cook (1): overflow: Allow mixed type arguments Keith Busch (1): overflow: Correct check_shl_overflow() comment Nick Desaulniers (1): compiler.h: drop fallback overflow checkers include/linux/compiler-clang.h | 13 -- include/linux/compiler-gcc.h | 4 - include/linux/compiler.h | 6 + include/linux/overflow.h | 209 ++++++----------------------- include/linux/trace_events.h | 2 - tools/include/linux/compiler-gcc.h | 4 - tools/include/linux/overflow.h | 140 +------------------ 7 files changed, 52 insertions(+), 326 deletions(-) -- 2.47.3

3 days, 13 hours

3
6
0 0

[PATCH] HID: lenovo: Use KEY_PERFORMANCE instead of ACPI's platform_profile

by Janne Grunau

Commit 84c9d2a968c82 ("HID: lenovo: Support for ThinkPad-X12-TAB-1/2 Kbd Fn keys") added a dependency on ACPI's platform_profile. This should not be done for generic USB devices as this prevents using the devices on non ACPI devices like Apple silicon Macs and other non-ACPI arm64 systems. An attempt to allow using platform_profile on non-ACPI systems was rejected in [1] and instead platform_profile was made to fail during init in commit dd133162c9cf ("ACPI: platform_profile: Avoid initializing on non-ACPI platforms"). So remove the broken dependency and instead let's user space handle this keycode by sending the new KEY_PERFORMANCE. Stable backport depends on commit 89c5214639294 ("Input: add keycode for performance mode key"). [1]: https://lore.kernel.org/linux-acpi/CAJZ5v0icRdTSToaKbdf=MdRin4NyB2MstUVaQo8… Cc: regressions(a)lists.linux.dev Cc: stable(a)vger.kernel.org Fixes: 84c9d2a968c82 ("HID: lenovo: Support for ThinkPad-X12-TAB-1/2 Kbd Fn keys") Signed-off-by: Janne Grunau <j(a)jannau.net> --- #regzbot introduced: 84c9d2a968c82 --- drivers/hid/Kconfig | 2 -- drivers/hid/hid-lenovo.c | 4 +--- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/drivers/hid/Kconfig b/drivers/hid/Kconfig index a57901203aeb284acd23be727d2fad0c137c101c..8ae63f8257cd582448e9683ca7fc654c8e465c0f 100644 --- a/drivers/hid/Kconfig +++ b/drivers/hid/Kconfig @@ -597,8 +597,6 @@ config HID_LED config HID_LENOVO tristate "Lenovo / Thinkpad devices" - depends on ACPI - select ACPI_PLATFORM_PROFILE select NEW_LEDS select LEDS_CLASS help diff --git a/drivers/hid/hid-lenovo.c b/drivers/hid/hid-lenovo.c index b3121fa7a72d73f2b9ac12f36bc3d87c2649c69b..654879814f97aaf876ac16c00bf9efca22d116f3 100644 --- a/drivers/hid/hid-lenovo.c +++ b/drivers/hid/hid-lenovo.c @@ -32,8 +32,6 @@ #include <linux/leds.h> #include <linux/workqueue.h> -#include <linux/platform_profile.h> - #include "hid-ids.h" /* Userspace expects F20 for mic-mute KEY_MICMUTE does not work */ @@ -734,7 +732,7 @@ static int lenovo_raw_event_TP_X12_tab(struct hid_device *hdev, u32 raw_data) report_key_event(input, KEY_RFKILL); return 1; } - platform_profile_cycle(); + report_key_event(input, KEY_PERFORMANCE); return 1; case TP_X12_RAW_HOTKEY_FN_F10: /* TAB1 has PICKUP Phone and TAB2 use Snipping tool*/ --- base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585 change-id: 20250901-hid-lenovo-drop-platform_profile-d59013f79a59 Best regards, -- Janne Grunau <j(a)jannau.net>

3 days, 14 hours

2
1
0 0

RE: [PATCH 5.10.y] e1000e: fix EEPROM length types for overflow checks

by Farber, Eliav

> On Wed, Sep 10, 2025 at 05:31:38PM +0000, Eliav Farber wrote: >> Fix a compilation failure when warnings are treated as errors: >> >> drivers/net/ethernet/intel/e1000e/ethtool.c: In function ‘e1000_set_eeprom’: >> ./include/linux/overflow.h:71:15: error: comparison of distinct pointer types lacks a cast [-Werror] >> 71 | (void) (&__a == __d); \ >> | ^~ >> drivers/net/ethernet/intel/e1000e/ethtool.c:582:6: note: in expansion of macro ‘check_add_overflow’ >> 582 | if (check_add_overflow(eeprom->offset, eeprom->len, &total_len) || >> | ^~~~~~~~~~~~~~~~~~ >> >> To fix this, change total_len and max_len from size_t to u32 in >> e1000_set_eeprom(). >> The check_add_overflow() helper requires that the first two operands >> and the pointer to the result (third operand) all have the same type. >> On 64-bit builds, using size_t caused a mismatch with the u32 fields >> eeprom->offset and eeprom->len, leading to type check failures. >> >> Fixes: ce8829d3d44b ("e1000e: fix heap overflow in e1000_set_eeprom") >> Signed-off-by: Eliav Farber <farbere(a)amazon.com> >> --- >> drivers/net/ethernet/intel/e1000e/ethtool.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/drivers/net/ethernet/intel/e1000e/ethtool.c >> b/drivers/net/ethernet/intel/e1000e/ethtool.c >> index 4aca854783e2..584378291f3f 100644 >> --- a/drivers/net/ethernet/intel/e1000e/ethtool.c >> +++ b/drivers/net/ethernet/intel/e1000e/ethtool.c >> @@ -559,7 +559,7 @@ static int e1000_set_eeprom(struct net_device >> *netdev, { >> struct e1000_adapter *adapter = netdev_priv(netdev); >> struct e1000_hw *hw = &adapter->hw; >> - size_t total_len, max_len; >> + u32 total_len, max_len; >> u16 *eeprom_buff; >> int ret_val = 0; >> int first_word; >> -- >> 2.47.3 >> > > Why is this not needed in Linus's tree? Kernel 5.10.243 enforces the same type, but this enforcement is absent from 5.15.192 and later: /* * For simplicity and code hygiene, the fallback code below insists on * a, b and *d having the same type (similar to the min() and max() * macros), whereas gcc's type-generic overflow checkers accept * different types. Hence we don't just make check_add_overflow an * alias for __builtin_add_overflow, but add type checks similar to * below. */ #define check_add_overflow(a, b, d) __must_check_overflow(({ \ > Also, why is it not cc: stable(a)vger.kernel.org? Added to cc. --- Regards, Eliav

3 days, 15 hours

3
4
0 0

[PATCH v3 1/3] mmc: sdhci: Move the code related to setting the clock from sdhci_set_ios_common() into sdhci_set_ios()

by Ben Chuang

From: Ben Chuang <ben.chuang(a)genesyslogic.com.tw> The sdhci_set_clock() is called in sdhci_set_ios_common() and __sdhci_uhs2_set_ios(). According to Section 3.13.2 "Card Interface Detection Sequence" of the SD Host Controller Standard Specification Version 7.00, the SD clock is supplied after power is supplied, so we only need one in __sdhci_uhs2_set_ios(). Let's move the code related to setting the clock from sdhci_set_ios_common() into sdhci_set_ios() and modify the parameters passed to sdhci_set_clock() in __sdhci_uhs2_set_ios(). Fixes: 10c8298a052b ("mmc: sdhci-uhs2: add set_ios()") Cc: stable(a)vger.kernel.org # v6.13+ Signed-off-by: Ben Chuang <ben.chuang(a)genesyslogic.com.tw> --- v3: * use ios->clock instead of host->clock as the parameter of sdhci_set_clcok() in __sdhci_uhs2_set_ios(). * set ios->clock to host->clock after calling sdhci_set_clock() in __sdhci_uhs2_set_ios(). v2: add this patch v1: None --- drivers/mmc/host/sdhci-uhs2.c | 3 ++- drivers/mmc/host/sdhci.c | 34 +++++++++++++++++----------------- 2 files changed, 19 insertions(+), 18 deletions(-) diff --git a/drivers/mmc/host/sdhci-uhs2.c b/drivers/mmc/host/sdhci-uhs2.c index 0efeb9d0c376..18fb6ee5b96a 100644 --- a/drivers/mmc/host/sdhci-uhs2.c +++ b/drivers/mmc/host/sdhci-uhs2.c @@ -295,7 +295,8 @@ static void __sdhci_uhs2_set_ios(struct mmc_host *mmc, struct mmc_ios *ios) else sdhci_uhs2_set_power(host, ios->power_mode, ios->vdd); - sdhci_set_clock(host, host->clock); + sdhci_set_clock(host, ios->clock); + host->clock = ios->clock; } static int sdhci_uhs2_set_ios(struct mmc_host *mmc, struct mmc_ios *ios) diff --git a/drivers/mmc/host/sdhci.c b/drivers/mmc/host/sdhci.c index 3a17821efa5c..ac7e11f37af7 100644 --- a/drivers/mmc/host/sdhci.c +++ b/drivers/mmc/host/sdhci.c @@ -2367,23 +2367,6 @@ void sdhci_set_ios_common(struct mmc_host *mmc, struct mmc_ios *ios) (ios->power_mode == MMC_POWER_UP) && !(host->quirks2 & SDHCI_QUIRK2_PRESET_VALUE_BROKEN)) sdhci_enable_preset_value(host, false); - - if (!ios->clock || ios->clock != host->clock) { - host->ops->set_clock(host, ios->clock); - host->clock = ios->clock; - - if (host->quirks & SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK && - host->clock) { - host->timeout_clk = mmc->actual_clock ? - mmc->actual_clock / 1000 : - host->clock / 1000; - mmc->max_busy_timeout = - host->ops->get_max_timeout_count ? - host->ops->get_max_timeout_count(host) : - 1 << 27; - mmc->max_busy_timeout /= host->timeout_clk; - } - } } EXPORT_SYMBOL_GPL(sdhci_set_ios_common); @@ -2410,6 +2393,23 @@ void sdhci_set_ios(struct mmc_host *mmc, struct mmc_ios *ios) sdhci_set_ios_common(mmc, ios); + if (!ios->clock || ios->clock != host->clock) { + host->ops->set_clock(host, ios->clock); + host->clock = ios->clock; + + if (host->quirks & SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK && + host->clock) { + host->timeout_clk = mmc->actual_clock ? + mmc->actual_clock / 1000 : + host->clock / 1000; + mmc->max_busy_timeout = + host->ops->get_max_timeout_count ? + host->ops->get_max_timeout_count(host) : + 1 << 27; + mmc->max_busy_timeout /= host->timeout_clk; + } + } + if (host->ops->set_power) host->ops->set_power(host, ios->power_mode, ios->vdd); else -- 2.51.0

3 days, 15 hours

3
5
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror