[PATCH 1/4] usb: xhci: quirk for data loss in ISOC transfers
by Mathias Nyman
From: Raju Rangoju <Raju.Rangoju(a)amd.com>
During the High-Speed Isochronous Audio transfers, xHCI
controller on certain AMD platforms experiences momentary data
loss. This results in Missed Service Errors (MSE) being
generated by the xHCI.
The root cause of the MSE is attributed to the ISOC OUT endpoint
being omitted from scheduling. This can happen when an IN
endpoint with a 64ms service interval either is pre-scheduled
prior to the ISOC OUT endpoint or the interval of the ISOC OUT
endpoint is shorter than that of the IN endpoint. Consequently,
the OUT service is neglected when an IN endpoint with a service
interval exceeding 32ms is scheduled concurrently (every 64ms in
this scenario).
This issue is particularly seen on certain older AMD platforms.
To mitigate this problem, it is recommended to adjust the service
interval of the IN endpoint to not exceed 32ms (interval 8). This
adjustment ensures that the OUT endpoint will not be bypassed,
even if a smaller interval value is utilized.
Cc: stable(a)vger.kernel.org
Signed-off-by: Raju Rangoju <Raju.Rangoju(a)amd.com>
Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com>
---
drivers/usb/host/xhci-mem.c | 4 ++++
drivers/usb/host/xhci-pci.c | 25 +++++++++++++++++++++++++
drivers/usb/host/xhci.h | 1 +
3 files changed, 30 insertions(+)
diff --git a/drivers/usb/host/xhci-mem.c b/drivers/usb/host/xhci-mem.c
index bd745a0f2f78..6680afa4f596 100644
--- a/drivers/usb/host/xhci-mem.c
+++ b/drivers/usb/host/xhci-mem.c
@@ -1449,6 +1449,10 @@ int xhci_endpoint_init(struct xhci_hcd *xhci,
/* Periodic endpoint bInterval limit quirk */
if (usb_endpoint_xfer_int(&ep->desc) ||
usb_endpoint_xfer_isoc(&ep->desc)) {
+ if ((xhci->quirks & XHCI_LIMIT_ENDPOINT_INTERVAL_9) &&
+ interval >= 9) {
+ interval = 8;
+ }
if ((xhci->quirks & XHCI_LIMIT_ENDPOINT_INTERVAL_7) &&
udev->speed >= USB_SPEED_HIGH &&
interval >= 7) {
diff --git a/drivers/usb/host/xhci-pci.c b/drivers/usb/host/xhci-pci.c
index 0c481cbc8f08..00fac8b233d2 100644
--- a/drivers/usb/host/xhci-pci.c
+++ b/drivers/usb/host/xhci-pci.c
@@ -71,12 +71,22 @@
#define PCI_DEVICE_ID_INTEL_TITAN_RIDGE_4C_XHCI 0x15ec
#define PCI_DEVICE_ID_INTEL_TITAN_RIDGE_DD_XHCI 0x15f0
+#define PCI_DEVICE_ID_AMD_ARIEL_TYPEC_XHCI 0x13ed
+#define PCI_DEVICE_ID_AMD_ARIEL_TYPEA_XHCI 0x13ee
+#define PCI_DEVICE_ID_AMD_STARSHIP_XHCI 0x148c
+#define PCI_DEVICE_ID_AMD_FIREFLIGHT_15D4_XHCI 0x15d4
+#define PCI_DEVICE_ID_AMD_FIREFLIGHT_15D5_XHCI 0x15d5
+#define PCI_DEVICE_ID_AMD_RAVEN_15E0_XHCI 0x15e0
+#define PCI_DEVICE_ID_AMD_RAVEN_15E1_XHCI 0x15e1
+#define PCI_DEVICE_ID_AMD_RAVEN2_XHCI 0x15e5
#define PCI_DEVICE_ID_AMD_RENOIR_XHCI 0x1639
#define PCI_DEVICE_ID_AMD_PROMONTORYA_4 0x43b9
#define PCI_DEVICE_ID_AMD_PROMONTORYA_3 0x43ba
#define PCI_DEVICE_ID_AMD_PROMONTORYA_2 0x43bb
#define PCI_DEVICE_ID_AMD_PROMONTORYA_1 0x43bc
+#define PCI_DEVICE_ID_ATI_NAVI10_7316_XHCI 0x7316
+
#define PCI_DEVICE_ID_ASMEDIA_1042_XHCI 0x1042
#define PCI_DEVICE_ID_ASMEDIA_1042A_XHCI 0x1142
#define PCI_DEVICE_ID_ASMEDIA_1142_XHCI 0x1242
@@ -280,6 +290,21 @@ static void xhci_pci_quirks(struct device *dev, struct xhci_hcd *xhci)
if (pdev->vendor == PCI_VENDOR_ID_NEC)
xhci->quirks |= XHCI_NEC_HOST;
+ if (pdev->vendor == PCI_VENDOR_ID_AMD &&
+ (pdev->device == PCI_DEVICE_ID_AMD_ARIEL_TYPEC_XHCI ||
+ pdev->device == PCI_DEVICE_ID_AMD_ARIEL_TYPEA_XHCI ||
+ pdev->device == PCI_DEVICE_ID_AMD_STARSHIP_XHCI ||
+ pdev->device == PCI_DEVICE_ID_AMD_FIREFLIGHT_15D4_XHCI ||
+ pdev->device == PCI_DEVICE_ID_AMD_FIREFLIGHT_15D5_XHCI ||
+ pdev->device == PCI_DEVICE_ID_AMD_RAVEN_15E0_XHCI ||
+ pdev->device == PCI_DEVICE_ID_AMD_RAVEN_15E1_XHCI ||
+ pdev->device == PCI_DEVICE_ID_AMD_RAVEN2_XHCI))
+ xhci->quirks |= XHCI_LIMIT_ENDPOINT_INTERVAL_9;
+
+ if (pdev->vendor == PCI_VENDOR_ID_ATI &&
+ pdev->device == PCI_DEVICE_ID_ATI_NAVI10_7316_XHCI)
+ xhci->quirks |= XHCI_LIMIT_ENDPOINT_INTERVAL_9;
+
if (pdev->vendor == PCI_VENDOR_ID_AMD && xhci->hci_version == 0x96)
xhci->quirks |= XHCI_AMD_0x96_HOST;
diff --git a/drivers/usb/host/xhci.h b/drivers/usb/host/xhci.h
index fa1ea0e0c7fb..a20f4e7cd43a 100644
--- a/drivers/usb/host/xhci.h
+++ b/drivers/usb/host/xhci.h
@@ -1643,6 +1643,7 @@ struct xhci_hcd {
#define XHCI_WRITE_64_HI_LO BIT_ULL(47)
#define XHCI_CDNS_SCTX_QUIRK BIT_ULL(48)
#define XHCI_ETRON_HOST BIT_ULL(49)
+#define XHCI_LIMIT_ENDPOINT_INTERVAL_9 BIT_ULL(50)
unsigned int num_active_eps;
unsigned int limit_active_eps;
--
2.43.0
3 days, 13 hours
- 1
- 0
Re: [PATCH v5] virtio_blk: Fix disk deletion hang on device surprise removal
by Stefan Hajnoczi
On Mon, Jun 02, 2025 at 02:44:33AM +0000, Parav Pandit wrote:
> When the PCI device is surprise removed, requests may not complete
> the device as the VQ is marked as broken. Due to this, the disk
> deletion hangs.
There are loops in the core virtio driver code that expect device
register reads to eventually return 0:
drivers/virtio/virtio_pci_modern.c:vp_reset()
drivers/virtio/virtio_pci_modern_dev.c:vp_modern_set_queue_reset()
Is there a hang if these loops are hit when a device has been surprise
removed? I'm trying to understand whether surprise removal is fully
supported or whether this patch is one step in that direction.
Apart from that, I'm happy with the virtio_blk.c aspects of the patch:
Reviewed-by: Stefan Hajnoczi <stefanha(a)redhat.com>
>
> Fix it by aborting the requests when the VQ is broken.
>
> With this fix now fio completes swiftly.
> An alternative of IO timeout has been considered, however
> when the driver knows about unresponsive block device, swiftly clearing
> them enables users and upper layers to react quickly.
>
> Verified with multiple device unplug iterations with pending requests in
> virtio used ring and some pending with the device.
>
> Fixes: 43bb40c5b926 ("virtio_pci: Support surprise removal of virtio pci device")
> Cc: stable(a)vger.kernel.org
> Reported-by: Li RongQing <lirongqing(a)baidu.com>
> Closes: https://lore.kernel.org/virtualization/c45dd68698cd47238c55fb73ca9b4741@bai…
> Reviewed-by: Max Gurtovoy <mgurtovoy(a)nvidia.com>
> Reviewed-by: Israel Rukshin <israelr(a)nvidia.com>
> Signed-off-by: Parav Pandit <parav(a)nvidia.com>
>
> ---
> v4->v5:
> - fixed comment style where comment to start with one empty line at start
> - Addressed comments from Alok
> - fixed typo in broken vq check
> v3->v4:
> - Addressed comments from Michael
> - renamed virtblk_request_cancel() to
> virtblk_complete_request_with_ioerr()
> - Added comments for virtblk_complete_request_with_ioerr()
> - Renamed virtblk_broken_device_cleanup() to
> virtblk_cleanup_broken_device()
> - Added comments for virtblk_cleanup_broken_device()
> - Moved the broken vq check in virtblk_remove()
> - Fixed comment style to have first empty line
> - replaced freezed to frozen
> - Fixed comments rephrased
>
> v2->v3:
> - Addressed comments from Michael
> - updated comment for synchronizing with callbacks
>
> v1->v2:
> - Addressed comments from Stephan
> - fixed spelling to 'waiting'
> - Addressed comments from Michael
> - Dropped checking broken vq from queue_rq() and queue_rqs()
> because it is checked in lower layer routines in virtio core
>
> v0->v1:
> - Fixed comments from Stefan to rename a cleanup function
> - Improved logic for handling any outstanding requests
> in bio layer
> - improved cancel callback to sync with ongoing done()
> ---
> drivers/block/virtio_blk.c | 95 ++++++++++++++++++++++++++++++++++++++
> 1 file changed, 95 insertions(+)
>
> diff --git a/drivers/block/virtio_blk.c b/drivers/block/virtio_blk.c
> index 7cffea01d868..c5e383c0ac48 100644
> --- a/drivers/block/virtio_blk.c
> +++ b/drivers/block/virtio_blk.c
> @@ -1554,6 +1554,98 @@ static int virtblk_probe(struct virtio_device *vdev)
> return err;
> }
>
> +/*
> + * If the vq is broken, device will not complete requests.
> + * So we do it for the device.
> + */
> +static bool virtblk_complete_request_with_ioerr(struct request *rq, void *data)
> +{
> + struct virtblk_req *vbr = blk_mq_rq_to_pdu(rq);
> + struct virtio_blk *vblk = data;
> + struct virtio_blk_vq *vq;
> + unsigned long flags;
> +
> + vq = &vblk->vqs[rq->mq_hctx->queue_num];
> +
> + spin_lock_irqsave(&vq->lock, flags);
> +
> + vbr->in_hdr.status = VIRTIO_BLK_S_IOERR;
> + if (blk_mq_request_started(rq) && !blk_mq_request_completed(rq))
> + blk_mq_complete_request(rq);
> +
> + spin_unlock_irqrestore(&vq->lock, flags);
> + return true;
> +}
> +
> +/*
> + * If the device is broken, it will not use any buffers and waiting
> + * for that to happen is pointless. We'll do the cleanup in the driver,
> + * completing all requests for the device.
> + */
> +static void virtblk_cleanup_broken_device(struct virtio_blk *vblk)
> +{
> + struct request_queue *q = vblk->disk->queue;
> +
> + /*
> + * Start freezing the queue, so that new requests keeps waiting at the
> + * door of bio_queue_enter(). We cannot fully freeze the queue because
> + * frozen queue is an empty queue and there are pending requests, so
> + * only start freezing it.
> + */
> + blk_freeze_queue_start(q);
> +
> + /*
> + * When quiescing completes, all ongoing dispatches have completed
> + * and no new dispatch will happen towards the driver.
> + */
> + blk_mq_quiesce_queue(q);
> +
> + /*
> + * Synchronize with any ongoing VQ callbacks that may have started
> + * before the VQs were marked as broken. Any outstanding requests
> + * will be completed by virtblk_complete_request_with_ioerr().
> + */
> + virtio_synchronize_cbs(vblk->vdev);
> +
> + /*
> + * At this point, no new requests can enter the queue_rq() and
> + * completion routine will not complete any new requests either for the
> + * broken vq. Hence, it is safe to cancel all requests which are
> + * started.
> + */
> + blk_mq_tagset_busy_iter(&vblk->tag_set,
> + virtblk_complete_request_with_ioerr, vblk);
> + blk_mq_tagset_wait_completed_request(&vblk->tag_set);
> +
> + /*
> + * All pending requests are cleaned up. Time to resume so that disk
> + * deletion can be smooth. Start the HW queues so that when queue is
> + * unquiesced requests can again enter the driver.
> + */
> + blk_mq_start_stopped_hw_queues(q, true);
> +
> + /*
> + * Unquiescing will trigger dispatching any pending requests to the
> + * driver which has crossed bio_queue_enter() to the driver.
> + */
> + blk_mq_unquiesce_queue(q);
> +
> + /*
> + * Wait for all pending dispatches to terminate which may have been
> + * initiated after unquiescing.
> + */
> + blk_mq_freeze_queue_wait(q);
> +
> + /*
> + * Mark the disk dead so that once we unfreeze the queue, requests
> + * waiting at the door of bio_queue_enter() can be aborted right away.
> + */
> + blk_mark_disk_dead(vblk->disk);
> +
> + /* Unfreeze the queue so that any waiting requests will be aborted. */
> + blk_mq_unfreeze_queue_nomemrestore(q);
> +}
> +
> static void virtblk_remove(struct virtio_device *vdev)
> {
> struct virtio_blk *vblk = vdev->priv;
> @@ -1561,6 +1653,9 @@ static void virtblk_remove(struct virtio_device *vdev)
> /* Make sure no work handler is accessing the device. */
> flush_work(&vblk->config_work);
>
> + if (virtqueue_is_broken(vblk->vqs[0].vq))
> + virtblk_cleanup_broken_device(vblk);
> +
> del_gendisk(vblk->disk);
> blk_mq_free_tag_set(&vblk->tag_set);
>
> --
> 2.34.1
>
3 days, 14 hours
- 4
- 20
[PATCH v3 0/3] Samsung Exynos 7870 DECON driver support
by Kaustabh Chakraborty
This patch series aims at adding support for Exynos7870's DECON in the
Exynos7 DECON driver. It introduces a driver data struct so that support
for DECON on other SoCs can be added to it in the future.
It also fixes a few bugs in the driver, such as functions receiving bad
pointers.
Tested on Samsung Galaxy J7 Prime (samsung-on7xelte), Samsung Galaxy A2
Core (samsung-a2corelte), and Samsung Galaxy J6 (samsung-j6lte).
Signed-off-by: Kaustabh Chakraborty <kauschluss(a)disroot.org>
---
Changes in v3:
- Add a new commit documenting iommus and ports dt properties.
- Link to v2: https://lore.kernel.org/r/20250612-exynosdrm-decon-v2-0-d6c1d21c8057@disroo…
Changes in v2:
- Add a new commit to prevent an occasional panic under circumstances.
- Rewrite and redo [v1 2/6] to be a more sensible commit.
- Link to v1: https://lore.kernel.org/r/20240919-exynosdrm-decon-v1-0-6c5861c1cb04@disroo…
---
Kaustabh Chakraborty (3):
dt-bindings: display: samsung,exynos7-decon: add properties for iommus and ports
drm/exynos: exynos7_drm_decon: fix call of decon_commit()
drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling
.../bindings/display/samsung/samsung,exynos7-decon.yaml | 8 ++++++++
drivers/gpu/drm/exynos/exynos7_drm_decon.c | 8 ++++++--
2 files changed, 14 insertions(+), 2 deletions(-)
---
base-commit: 1b152eeca84a02bdb648f16b82ef3394007a9dcf
change-id: 20240917-exynosdrm-decon-4c228dd1d2bf
Best regards,
--
Kaustabh Chakraborty <kauschluss(a)disroot.org>
3 days, 14 hours
- 2
- 5
[PATCH] drm/gem: Acquire references on GEM handles for framebuffers
by Thomas Zimmermann
A GEM handle can be released while the GEM buffer object is attached
to a DRM framebuffer. This leads to the release of the dma-buf backing
the buffer object, if any. [1] Trying to use the framebuffer in further
mode-setting operations leads to a segmentation fault. Most easily
happens with driver that use shadow planes for vmap-ing the dma-buf
during a page flip. An example is shown below.
[ 156.791968] ------------[ cut here ]------------
[ 156.796830] WARNING: CPU: 2 PID: 2255 at drivers/dma-buf/dma-buf.c:1527 dma_buf_vmap+0x224/0x430
[...]
[ 156.942028] RIP: 0010:dma_buf_vmap+0x224/0x430
[ 157.043420] Call Trace:
[ 157.045898] <TASK>
[ 157.048030] ? show_trace_log_lvl+0x1af/0x2c0
[ 157.052436] ? show_trace_log_lvl+0x1af/0x2c0
[ 157.056836] ? show_trace_log_lvl+0x1af/0x2c0
[ 157.061253] ? drm_gem_shmem_vmap+0x74/0x710
[ 157.065567] ? dma_buf_vmap+0x224/0x430
[ 157.069446] ? __warn.cold+0x58/0xe4
[ 157.073061] ? dma_buf_vmap+0x224/0x430
[ 157.077111] ? report_bug+0x1dd/0x390
[ 157.080842] ? handle_bug+0x5e/0xa0
[ 157.084389] ? exc_invalid_op+0x14/0x50
[ 157.088291] ? asm_exc_invalid_op+0x16/0x20
[ 157.092548] ? dma_buf_vmap+0x224/0x430
[ 157.096663] ? dma_resv_get_singleton+0x6d/0x230
[ 157.101341] ? __pfx_dma_buf_vmap+0x10/0x10
[ 157.105588] ? __pfx_dma_resv_get_singleton+0x10/0x10
[ 157.110697] drm_gem_shmem_vmap+0x74/0x710
[ 157.114866] drm_gem_vmap+0xa9/0x1b0
[ 157.118763] drm_gem_vmap_unlocked+0x46/0xa0
[ 157.123086] drm_gem_fb_vmap+0xab/0x300
[ 157.126979] drm_atomic_helper_prepare_planes.part.0+0x487/0xb10
[ 157.133032] ? lockdep_init_map_type+0x19d/0x880
[ 157.137701] drm_atomic_helper_commit+0x13d/0x2e0
[ 157.142671] ? drm_atomic_nonblocking_commit+0xa0/0x180
[ 157.147988] drm_mode_atomic_ioctl+0x766/0xe40
[...]
[ 157.346424] ---[ end trace 0000000000000000 ]---
Acquiring GEM handles for the framebuffer's GEM buffer objects prevents
this from happening. The framebuffer's cleanup later puts the handle
references.
The Fixes tag points to commit 1a148af06000 ("drm/gem-shmem: Use dma_buf
from GEM object instance"), which triggers the segmentation fault. The
issue has been present before.
Suggested-by: Christian König <christian.koenig(a)amd.com>
Signed-off-by: Thomas Zimmermann <tzimmermann(a)suse.de>
Fixes: 1a148af06000 ("drm/gem-shmem: Use dma_buf from GEM object instance")
Cc: Thomas Zimmermann <tzimmermann(a)suse.de>
Cc: Anusha Srivatsa <asrivats(a)redhat.com>
Cc: Christian König <christian.koenig(a)amd.com>
Cc: Maarten Lankhorst <maarten.lankhorst(a)linux.intel.com>
Cc: Maxime Ripard <mripard(a)kernel.org>
Cc: Sumit Semwal <sumit.semwal(a)linaro.org>
Cc: "Christian König" <christian.koenig(a)amd.com>
Cc: linux-media(a)vger.kernel.org
Cc: dri-devel(a)lists.freedesktop.org
Cc: linaro-mm-sig(a)lists.linaro.org
Cc: <stable(a)vger.kernel.org>
---
drivers/gpu/drm/drm_gem.c | 44 ++++++++++++++++++--
drivers/gpu/drm/drm_gem_framebuffer_helper.c | 7 +++-
drivers/gpu/drm/drm_internal.h | 2 +
3 files changed, 48 insertions(+), 5 deletions(-)
diff --git a/drivers/gpu/drm/drm_gem.c b/drivers/gpu/drm/drm_gem.c
index 19d50d254fe6..8be50b3cc9c2 100644
--- a/drivers/gpu/drm/drm_gem.c
+++ b/drivers/gpu/drm/drm_gem.c
@@ -213,6 +213,35 @@ void drm_gem_private_object_fini(struct drm_gem_object *obj)
}
EXPORT_SYMBOL(drm_gem_private_object_fini);
+static void drm_gem_object_handle_get(struct drm_gem_object *obj)
+{
+ struct drm_device *dev = obj->dev;
+
+ drm_WARN_ON(dev, !mutex_is_locked(&dev->object_name_lock));
+
+ if (obj->handle_count++ == 0)
+ drm_gem_object_get(obj);
+}
+
+/**
+ * drm_gem_object_handle_get_unlocked - acquire reference on user-space handles
+ * @obj: GEM object
+ *
+ * Acquires a reference on the GEM buffer object's handle. Required
+ * to keep the GEM object alive. Call drm_gem_object_handle_put_unlocked()
+ * to release the reference.
+ */
+void drm_gem_object_handle_get_unlocked(struct drm_gem_object *obj)
+{
+ struct drm_device *dev = obj->dev;
+
+ guard(mutex)(&dev->object_name_lock);
+
+ drm_WARN_ON(dev, !obj->handle_count); // first ref taken in create-tail helper
+ drm_gem_object_handle_get(obj);
+}
+EXPORT_SYMBOL(drm_gem_object_handle_get_unlocked);
+
/**
* drm_gem_object_handle_free - release resources bound to userspace handles
* @obj: GEM object to clean up.
@@ -243,8 +272,14 @@ static void drm_gem_object_exported_dma_buf_free(struct drm_gem_object *obj)
}
}
-static void
-drm_gem_object_handle_put_unlocked(struct drm_gem_object *obj)
+/**
+ * drm_gem_object_handle_put_unlocked - releases reference on user-space handles
+ * @obj: GEM object
+ *
+ * Releases a reference on the GEM buffer object's handle. Possibly releases
+ * the GEM buffer object and associated dma-buf objects.
+ */
+void drm_gem_object_handle_put_unlocked(struct drm_gem_object *obj)
{
struct drm_device *dev = obj->dev;
bool final = false;
@@ -269,6 +304,7 @@ drm_gem_object_handle_put_unlocked(struct drm_gem_object *obj)
if (final)
drm_gem_object_put(obj);
}
+EXPORT_SYMBOL(drm_gem_object_handle_put_unlocked);
/*
* Called at device or object close to release the file's
@@ -390,8 +426,8 @@ drm_gem_handle_create_tail(struct drm_file *file_priv,
int ret;
WARN_ON(!mutex_is_locked(&dev->object_name_lock));
- if (obj->handle_count++ == 0)
- drm_gem_object_get(obj);
+
+ drm_gem_object_handle_get(obj);
/*
* Get the user-visible handle using idr. Preload and perform
diff --git a/drivers/gpu/drm/drm_gem_framebuffer_helper.c b/drivers/gpu/drm/drm_gem_framebuffer_helper.c
index 618ce725cd75..723f1d652c01 100644
--- a/drivers/gpu/drm/drm_gem_framebuffer_helper.c
+++ b/drivers/gpu/drm/drm_gem_framebuffer_helper.c
@@ -99,8 +99,10 @@ void drm_gem_fb_destroy(struct drm_framebuffer *fb)
{
unsigned int i;
- for (i = 0; i < fb->format->num_planes; i++)
+ for (i = 0; i < fb->format->num_planes; i++) {
+ drm_gem_object_handle_put_unlocked(fb->obj[i]);
drm_gem_object_put(fb->obj[i]);
+ }
drm_framebuffer_cleanup(fb);
kfree(fb);
@@ -185,6 +187,7 @@ int drm_gem_fb_init_with_funcs(struct drm_device *dev,
ret = -ENOENT;
goto err_gem_object_put;
}
+ drm_gem_object_handle_get_unlocked(objs[i]);
min_size = (height - 1) * mode_cmd->pitches[i]
+ drm_format_info_min_pitch(info, i, width)
@@ -195,6 +198,7 @@ int drm_gem_fb_init_with_funcs(struct drm_device *dev,
"GEM object size (%zu) smaller than minimum size (%u) for plane %d\n",
objs[i]->size, min_size, i);
drm_gem_object_put(objs[i]);
+ drm_gem_object_handle_put_unlocked(objs[i]);
ret = -EINVAL;
goto err_gem_object_put;
}
@@ -210,6 +214,7 @@ int drm_gem_fb_init_with_funcs(struct drm_device *dev,
while (i > 0) {
--i;
drm_gem_object_put(objs[i]);
+ drm_gem_object_handle_put_unlocked(objs[i]);
}
return ret;
}
diff --git a/drivers/gpu/drm/drm_internal.h b/drivers/gpu/drm/drm_internal.h
index 442eb31351dd..f7b414a813ae 100644
--- a/drivers/gpu/drm/drm_internal.h
+++ b/drivers/gpu/drm/drm_internal.h
@@ -161,6 +161,8 @@ void drm_sysfs_lease_event(struct drm_device *dev);
/* drm_gem.c */
int drm_gem_init(struct drm_device *dev);
+void drm_gem_object_handle_get_unlocked(struct drm_gem_object *obj);
+void drm_gem_object_handle_put_unlocked(struct drm_gem_object *obj);
int drm_gem_handle_create_tail(struct drm_file *file_priv,
struct drm_gem_object *obj,
u32 *handlep);
--
2.50.0
3 days, 15 hours
- 2
- 1
[PATCH v1 RESEND stable tags] nvmem: layouts: u-boot-env: remove crc32 endianness conversion
by Michael C. Pratt
On 11 Oct 2022, it was reported that the crc32 verification
of the u-boot environment failed only on big-endian systems
for the u-boot-env nvmem layout driver with the following error.
Invalid calculated CRC32: 0x88cd6f09 (expected: 0x096fcd88)
This problem has been present since the driver was introduced,
and before it was made into a layout driver.
The suggested fix at the time was to use further endianness
conversion macros in order to have both the stored and calculated
crc32 values to compare always represented in the system's endianness.
This was not accepted due to sparse warnings
and some disagreement on how to handle the situation.
Later on in a newer revision of the patch, it was proposed to use
cpu_to_le32() for both values to compare instead of le32_to_cpu()
and store the values as __le32 type to remove compilation errors.
The necessity of this is based on the assumption that the use of crc32()
requires endianness conversion because the algorithm uses little-endian,
however, this does not prove to be the case and the issue is unrelated.
Upon inspecting the current kernel code,
there already is an existing use of le32_to_cpu() in this driver,
which suggests there already is special handling for big-endian systems,
however, it is big-endian systems that have the problem.
This, being the only functional difference between architectures
in the driver combined with the fact that the suggested fix
was to use the exact same endianness conversion for the values
brings up the possibility that it was not necessary to begin with,
as the same endianness conversion for two values expected to be the same
is expected to be equivalent to no conversion at all.
After inspecting the u-boot environment of devices of both endianness
and trying to remove the existing endianness conversion,
the problem is resolved in an equivalent way as the other suggested fixes.
Ultimately, it seems that u-boot is agnostic to endianness
at least for the purpose of environment variables.
In other words, u-boot reads and writes the stored crc32 value
with the same endianness that the crc32 value is calculated with
in whichever endianness a certain architecture runs on.
Therefore, the u-boot-env driver does not need to convert endianness.
Remove the usage of endianness macros in the u-boot-env driver,
and change the type of local variables to maintain the same return type.
If there is a special situation in the case of endianness,
it would be a corner case and should be handled by a unique "compatible".
Even though it is not necessary to use endianness conversion macros here,
it may be useful to use them in the future for consistent error printing.
Fixes: d5542923f200 ("nvmem: add driver handling U-Boot environment variables")
Reported-by: INAGAKI Hiroshi <musashino.open(a)gmail.com>
Link: https://lore.kernel.org/all/20221011024928.1807-1-musashino.open@gmail.com
Cc: <stable(a)vger.kernel.org> # 6.12.x
Cc: <stable(a)vger.kernel.org> # 6.6.x: f4cf4e5: Revert "nvmem: add new config option"
Cc: <stable(a)vger.kernel.org> # 6.6.x: 7f38b70: of: device: Export of_device_make_bus_id()
Cc: <stable(a)vger.kernel.org> # 6.6.x: 4a1a402: nvmem: Move of_nvmem_layout_get_container() in another header
Cc: <stable(a)vger.kernel.org> # 6.6.x: fc29fd8: nvmem: core: Rework layouts to become regular devices
Cc: <stable(a)vger.kernel.org> # 6.6.x: 0331c61: nvmem: core: Expose cells through sysfs
Cc: <stable(a)vger.kernel.org> # 6.6.x: 401df0d: nvmem: layouts: refactor .add_cells() callback arguments
Cc: <stable(a)vger.kernel.org> # 6.6.x: 6d0ca4a: nvmem: layouts: store owner from modules with nvmem_layout_driver_register()
Cc: <stable(a)vger.kernel.org> # 6.6.x: 5f15811: nvmem: layouts: add U-Boot env layout
Cc: <stable(a)vger.kernel.org> # 6.6.x
Signed-off-by: Michael C. Pratt <mcpratt(a)pm.me>
---
drivers/nvmem/layouts/u-boot-env.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/nvmem/layouts/u-boot-env.c b/drivers/nvmem/layouts/u-boot-env.c
index 731e6f4f12b2..21f6dcf905dd 100644
--- a/drivers/nvmem/layouts/u-boot-env.c
+++ b/drivers/nvmem/layouts/u-boot-env.c
@@ -92,7 +92,7 @@ int u_boot_env_parse(struct device *dev, struct nvmem_device *nvmem,
size_t crc32_data_offset;
size_t crc32_data_len;
size_t crc32_offset;
- __le32 *crc32_addr;
+ uint32_t *crc32_addr;
size_t data_offset;
size_t data_len;
size_t dev_size;
@@ -143,8 +143,8 @@ int u_boot_env_parse(struct device *dev, struct nvmem_device *nvmem,
goto err_kfree;
}
- crc32_addr = (__le32 *)(buf + crc32_offset);
- crc32 = le32_to_cpu(*crc32_addr);
+ crc32_addr = (uint32_t *)(buf + crc32_offset);
+ crc32 = *crc32_addr;
crc32_data_len = dev_size - crc32_data_offset;
data_len = dev_size - data_offset;
base-commit: 38fec10eb60d687e30c8c6b5420d86e8149f7557
--
2.30.2
3 days, 16 hours
- 2
- 1
[PATCH v2] HID: appletb-kbd: fix memory corruption of input_handler_list
by Qasim Ijaz
In appletb_kbd_probe an input handler is initialised and then registered
with input core through input_register_handler(). When this happens input
core will add the input handler (specifically its node) to the global
input_handler_list. The input_handler_list is central to the functionality
of input core and is traversed in various places in input core. An example
of this is when a new input device is plugged in and gets registered with
input core.
The input_handler in probe is allocated as device managed memory. If a
probe failure occurs after input_register_handler() the input_handler
memory is freed, yet it will remain in the input_handler_list. This
effectively means the input_handler_list contains a dangling pointer
to data belonging to a freed input handler.
This causes an issue when any other input device is plugged in - in my
case I had an old PixArt HP USB optical mouse and I decided to
plug it in after a failure occurred after input_register_handler().
This lead to the registration of this input device via
input_register_device which involves traversing over every handler
in the corrupted input_handler_list and calling input_attach_handler(),
giving each handler a chance to bind to newly registered device.
The core of this bug is a UAF which causes memory corruption of
input_handler_list and to fix it we must ensure the input handler is
unregistered from input core, this is done through
input_unregister_handler().
[ 63.191597] ==================================================================
[ 63.192094] BUG: KASAN: slab-use-after-free in input_attach_handler.isra.0+0x1a9/0x1e0
[ 63.192094] Read of size 8 at addr ffff888105ea7c80 by task kworker/0:2/54
[ 63.192094]
[ 63.192094] CPU: 0 UID: 0 PID: 54 Comm: kworker/0:2 Not tainted 6.16.0-rc2-00321-g2aa6621d
[ 63.192094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.164
[ 63.192094] Workqueue: usb_hub_wq hub_event
[ 63.192094] Call Trace:
[ 63.192094] <TASK>
[ 63.192094] dump_stack_lvl+0x53/0x70
[ 63.192094] print_report+0xce/0x670
[ 63.192094] kasan_report+0xce/0x100
[ 63.192094] input_attach_handler.isra.0+0x1a9/0x1e0
[ 63.192094] input_register_device+0x76c/0xd00
[ 63.192094] hidinput_connect+0x686d/0xad60
[ 63.192094] hid_connect+0xf20/0x1b10
[ 63.192094] hid_hw_start+0x83/0x100
[ 63.192094] hid_device_probe+0x2d1/0x680
[ 63.192094] really_probe+0x1c3/0x690
[ 63.192094] __driver_probe_device+0x247/0x300
[ 63.192094] driver_probe_device+0x49/0x210
[ 63.192094] __device_attach_driver+0x160/0x320
[ 63.192094] bus_for_each_drv+0x10f/0x190
[ 63.192094] __device_attach+0x18e/0x370
[ 63.192094] bus_probe_device+0x123/0x170
[ 63.192094] device_add+0xd4d/0x1460
[ 63.192094] hid_add_device+0x30b/0x910
[ 63.192094] usbhid_probe+0x920/0xe00
[ 63.192094] usb_probe_interface+0x363/0x9a0
[ 63.192094] really_probe+0x1c3/0x690
[ 63.192094] __driver_probe_device+0x247/0x300
[ 63.192094] driver_probe_device+0x49/0x210
[ 63.192094] __device_attach_driver+0x160/0x320
[ 63.192094] bus_for_each_drv+0x10f/0x190
[ 63.192094] __device_attach+0x18e/0x370
[ 63.192094] bus_probe_device+0x123/0x170
[ 63.192094] device_add+0xd4d/0x1460
[ 63.192094] usb_set_configuration+0xd14/0x1880
[ 63.192094] usb_generic_driver_probe+0x78/0xb0
[ 63.192094] usb_probe_device+0xaa/0x2e0
[ 63.192094] really_probe+0x1c3/0x690
[ 63.192094] __driver_probe_device+0x247/0x300
[ 63.192094] driver_probe_device+0x49/0x210
[ 63.192094] __device_attach_driver+0x160/0x320
[ 63.192094] bus_for_each_drv+0x10f/0x190
[ 63.192094] __device_attach+0x18e/0x370
[ 63.192094] bus_probe_device+0x123/0x170
[ 63.192094] device_add+0xd4d/0x1460
[ 63.192094] usb_new_device+0x7b4/0x1000
[ 63.192094] hub_event+0x234d/0x3fa0
[ 63.192094] process_one_work+0x5bf/0xfe0
[ 63.192094] worker_thread+0x777/0x13a0
[ 63.192094] </TASK>
[ 63.192094]
[ 63.192094] Allocated by task 54:
[ 63.192094] kasan_save_stack+0x33/0x60
[ 63.192094] kasan_save_track+0x14/0x30
[ 63.192094] __kasan_kmalloc+0x8f/0xa0
[ 63.192094] __kmalloc_node_track_caller_noprof+0x195/0x420
[ 63.192094] devm_kmalloc+0x74/0x1e0
[ 63.192094] appletb_kbd_probe+0x39/0x440
[ 63.192094] hid_device_probe+0x2d1/0x680
[ 63.192094] really_probe+0x1c3/0x690
[ 63.192094] __driver_probe_device+0x247/0x300
[ 63.192094] driver_probe_device+0x49/0x210
[ 63.192094] __device_attach_driver+0x160/0x320
[...]
[ 63.192094]
[ 63.192094] Freed by task 54:
[ 63.192094] kasan_save_stack+0x33/0x60
[ 63.192094] kasan_save_track+0x14/0x30
[ 63.192094] kasan_save_free_info+0x3b/0x60
[ 63.192094] __kasan_slab_free+0x37/0x50
[ 63.192094] kfree+0xcf/0x360
[ 63.192094] devres_release_group+0x1f8/0x3c0
[ 63.192094] hid_device_probe+0x315/0x680
[ 63.192094] really_probe+0x1c3/0x690
[ 63.192094] __driver_probe_device+0x247/0x300
[ 63.192094] driver_probe_device+0x49/0x210
[ 63.192094] __device_attach_driver+0x160/0x320
[...]
Fixes: 7d62ba8deacf ("HID: hid-appletb-kbd: add support for fn toggle between media and function mode")
Cc: stable(a)vger.kernel.org
Reviewed-by: Aditya Garg <gargaditya08(a)live.com>
Signed-off-by: Qasim Ijaz <qasdev00(a)gmail.com>
---
v2:
- Use correct "Fixes" tag
- clean up backtrace by removing "?" entries and a few lower level calls
drivers/hid/hid-appletb-kbd.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/hid/hid-appletb-kbd.c b/drivers/hid/hid-appletb-kbd.c
index d11c49665147..271d1b27b8dd 100644
--- a/drivers/hid/hid-appletb-kbd.c
+++ b/drivers/hid/hid-appletb-kbd.c
@@ -430,13 +430,15 @@ static int appletb_kbd_probe(struct hid_device *hdev, const struct hid_device_id
ret = appletb_kbd_set_mode(kbd, appletb_tb_def_mode);
if (ret) {
dev_err_probe(dev, ret, "Failed to set touchbar mode\n");
- goto close_hw;
+ goto unregister_handler;
}
hid_set_drvdata(hdev, kbd);
return 0;
+unregister_handler:
+ input_unregister_handler(&kbd->inp_handler);
close_hw:
if (kbd->backlight_dev) {
put_device(&kbd->backlight_dev->dev);
--
2.39.5
3 days, 17 hours
- 1
- 0
[PATCH] HID: appletb-kbd: fix memory corruption of input_handler_list
by Qasim Ijaz
In appletb_kbd_probe an input handler is initialised and then registered
with input core through input_register_handler(). When this happens input
core will add the input handler (specifically its node) to the global
input_handler_list. The input_handler_list is central to the functionality
of input core and is traversed in various places in input core. An example
of this is when a new input device is plugged in and gets registered with
input core.
The input_handler in probe is allocated as device managed memory. If a
probe failure occurs after input_register_handler() the input_handler
memory is freed, yet it will remain in the input_handler_list. This
effectively means the input_handler_list contains a dangling pointer
to data belonging to a freed input handler.
This causes an issue when any other input device is plugged in - in my
case I had an old PixArt HP USB optical mouse and I decided to
plug it in after a failure occurred after input_register_handler().
This lead to the registration of this input device via
input_register_device which involves traversing over every handler
in the corrupted input_handler_list and calling input_attach_handler(),
giving each handler a chance to bind to newly registered device.
The core of this bug is a UAF which causes memory corruption of
input_handler_list and to fix it we must ensure the input handler is
unregistered from input core, this is done through
input_unregister_handler().
[ 63.191597] ==================================================================
[ 63.192094] BUG: KASAN: slab-use-after-free in input_attach_handler.isra.0+0x1a9/0x1e0
[ 63.192094] Read of size 8 at addr ffff888105ea7c80 by task kworker/0:2/54
[ 63.192094]
[ 63.192094] CPU: 0 UID: 0 PID: 54 Comm: kworker/0:2 Not tainted 6.16.0-rc2-00321-g2aa6621d
[ 63.192094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.164
[ 63.192094] Workqueue: usb_hub_wq hub_event
[ 63.192094] Call Trace:
[ 63.192094] <TASK>
[ 63.192094] dump_stack_lvl+0x53/0x70
[ 63.192094] print_report+0xce/0x670
[ 63.192094] ? input_attach_handler.isra.0+0x1a9/0x1e0
[ 63.192094] kasan_report+0xce/0x100
[ 63.192094] ? input_attach_handler.isra.0+0x1a9/0x1e0
[ 63.192094] input_attach_handler.isra.0+0x1a9/0x1e0
[ 63.192094] input_register_device+0x76c/0xd00
[ 63.192094] hidinput_connect+0x686d/0xad60
[ 63.192094] ? __pfx_hidinput_connect+0x10/0x10
[ 63.192094] ? xhci_urb_enqueue+0x523/0x930
[ 63.192094] hid_connect+0xf20/0x1b10
[ 63.192094] ? mutex_unlock+0x7d/0xd0
[ 63.192094] ? __pfx_mutex_unlock+0x10/0x10
[ 63.192094] ? __pm_runtime_idle+0x95/0x1c0
[ 63.192094] ? __pfx_hid_connect+0x10/0x10
[ 63.192094] hid_hw_start+0x83/0x100
[ 63.192094] hid_device_probe+0x2d1/0x680
[ 63.192094] really_probe+0x1c3/0x690
[ 63.192094] __driver_probe_device+0x247/0x300
[ 63.192094] driver_probe_device+0x49/0x210
[ 63.192094] __device_attach_driver+0x160/0x320
[ 63.192094] ? __pfx___device_attach_driver+0x10/0x10
[ 63.192094] bus_for_each_drv+0x10f/0x190
[ 63.192094] ? __pfx_bus_for_each_drv+0x10/0x10
[ 63.192094] __device_attach+0x18e/0x370
[ 63.192094] ? __pfx___device_attach+0x10/0x10
[ 63.192094] ? kobject_get+0x50/0xe0
[ 63.192094] bus_probe_device+0x123/0x170
[ 63.192094] device_add+0xd4d/0x1460
[ 63.192094] ? __pfx_device_add+0x10/0x10
[ 63.192094] ? up_write+0x4d/0x90
[ 63.192094] ? __debugfs_create_file+0x377/0x5a0
[ 63.192094] hid_add_device+0x30b/0x910
[ 63.192094] ? __pfx_hid_add_device+0x10/0x10
[ 63.192094] usbhid_probe+0x920/0xe00
[ 63.192094] ? pm_runtime_enable+0xfa/0x2a0
[ 63.192094] usb_probe_interface+0x363/0x9a0
[ 63.192094] ? sysfs_do_create_link_sd+0x89/0x100
[ 63.192094] really_probe+0x1c3/0x690
[ 63.192094] __driver_probe_device+0x247/0x300
[ 63.192094] driver_probe_device+0x49/0x210
[ 63.192094] __device_attach_driver+0x160/0x320
[ 63.192094] ? __pfx___device_attach_driver+0x10/0x10
[ 63.192094] bus_for_each_drv+0x10f/0x190
[ 63.192094] ? __pfx_bus_for_each_drv+0x10/0x10
[ 63.192094] __device_attach+0x18e/0x370
[ 63.192094] ? __pfx___device_attach+0x10/0x10
[ 63.192094] ? kobject_get+0x50/0xe0
[ 63.192094] bus_probe_device+0x123/0x170
[ 63.192094] device_add+0xd4d/0x1460
[ 63.192094] ? __pfx_device_add+0x10/0x10
[ 63.192094] ? mutex_unlock+0x7d/0xd0
[ 63.192094] ? __pfx_mutex_unlock+0x10/0x10
[ 63.192094] usb_set_configuration+0xd14/0x1880
[ 63.192094] usb_generic_driver_probe+0x78/0xb0
[ 63.192094] usb_probe_device+0xaa/0x2e0
[ 63.192094] really_probe+0x1c3/0x690
[ 63.192094] __driver_probe_device+0x247/0x300
[ 63.192094] ? usb_generic_driver_match+0x58/0x80
[ 63.192094] driver_probe_device+0x49/0x210
[ 63.192094] __device_attach_driver+0x160/0x320
[ 63.192094] ? __pfx___device_attach_driver+0x10/0x10
[ 63.192094] bus_for_each_drv+0x10f/0x190
[ 63.192094] ? __pfx_bus_for_each_drv+0x10/0x10
[ 63.192094] __device_attach+0x18e/0x370
[ 63.192094] ? __pfx___device_attach+0x10/0x10
[ 63.192094] ? kobject_get+0x50/0xe0
[ 63.192094] bus_probe_device+0x123/0x170
[ 63.192094] device_add+0xd4d/0x1460
[ 63.192094] ? __pfx_device_add+0x10/0x10
[ 63.192094] ? add_device_randomness+0xb2/0xe0
[ 63.192094] usb_new_device+0x7b4/0x1000
[ 63.192094] hub_event+0x234d/0x3fa0
[ 63.192094] ? __pfx_hub_event+0x10/0x10
[ 63.192094] ? _raw_spin_lock_irqsave+0x85/0xe0
[ 63.192094] ? _raw_spin_lock_irqsave+0x85/0xe0
[ 63.192094] ? mutex_unlock+0x7d/0xd0
[ 63.192094] ? _raw_spin_lock_irq+0x80/0xe0
[ 63.192094] ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 63.192094] ? __pm_runtime_suspend+0x74/0x1c0
[ 63.192094] process_one_work+0x5bf/0xfe0
[ 63.192094] worker_thread+0x777/0x13a0
[ 63.192094] ? __kthread_parkme+0x99/0x180
[ 63.192094] ? __pfx_worker_thread+0x10/0x10
[ 63.192094] kthread+0x327/0x630
[ 63.192094] ? __pfx_kthread+0x10/0x10
[ 63.192094] ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 63.192094] ? __pfx_kthread+0x10/0x10
[ 63.192094] ? __pfx_kthread+0x10/0x10
[ 63.192094] ret_from_fork+0xff/0x1a0
[ 63.192094] ? __pfx_kthread+0x10/0x10
[ 63.192094] ret_from_fork_asm+0x1a/0x30
[ 63.192094] </TASK>
[ 63.192094]
[ 63.192094] Allocated by task 54:
[ 63.192094] kasan_save_stack+0x33/0x60
[ 63.192094] kasan_save_track+0x14/0x30
[ 63.192094] __kasan_kmalloc+0x8f/0xa0
[ 63.192094] __kmalloc_node_track_caller_noprof+0x195/0x420
[ 63.192094] devm_kmalloc+0x74/0x1e0
[ 63.192094] appletb_kbd_probe+0x39/0x440
[ 63.192094] hid_device_probe+0x2d1/0x680
[ 63.192094] really_probe+0x1c3/0x690
[ 63.192094] __driver_probe_device+0x247/0x300
[ 63.192094] driver_probe_device+0x49/0x210
[ 63.192094] __device_attach_driver+0x160/0x320
[...]
[ 63.192094]
[ 63.192094] Freed by task 54:
[ 63.192094] kasan_save_stack+0x33/0x60
[ 63.192094] kasan_save_track+0x14/0x30
[ 63.192094] kasan_save_free_info+0x3b/0x60
[ 63.192094] __kasan_slab_free+0x37/0x50
[ 63.192094] kfree+0xcf/0x360
[ 63.192094] devres_release_group+0x1f8/0x3c0
[ 63.192094] hid_device_probe+0x315/0x680
[ 63.192094] really_probe+0x1c3/0x690
[ 63.192094] __driver_probe_device+0x247/0x300
[ 63.192094] driver_probe_device+0x49/0x210
[ 63.192094] __device_attach_driver+0x160/0x320
[...]
Fixes: 93a0fc489481 ("HID: hid-appletb-kbd: add support for automatic brightness control while using the touchbar")
Cc: stable(a)vger.kernel.org
Signed-off-by: Qasim Ijaz <qasdev00(a)gmail.com>
---
drivers/hid/hid-appletb-kbd.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/hid/hid-appletb-kbd.c b/drivers/hid/hid-appletb-kbd.c
index d11c49665147..271d1b27b8dd 100644
--- a/drivers/hid/hid-appletb-kbd.c
+++ b/drivers/hid/hid-appletb-kbd.c
@@ -430,13 +430,15 @@ static int appletb_kbd_probe(struct hid_device *hdev, const struct hid_device_id
ret = appletb_kbd_set_mode(kbd, appletb_tb_def_mode);
if (ret) {
dev_err_probe(dev, ret, "Failed to set touchbar mode\n");
- goto close_hw;
+ goto unregister_handler;
}
hid_set_drvdata(hdev, kbd);
return 0;
+unregister_handler:
+ input_unregister_handler(&kbd->inp_handler);
close_hw:
if (kbd->backlight_dev) {
put_device(&kbd->backlight_dev->dev);
--
2.39.5
3 days, 17 hours
- 3
- 4
Linux 6.12.35
by Greg Kroah-Hartman
I'm announcing the release of the 6.12.35 kernel.
All users of the 6.12 kernel series must upgrade.
The updated 6.12.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/devicetree/bindings/i2c/nvidia,tegra20-i2c.yaml | 24 -
Documentation/kbuild/makefiles.rst | 14
Makefile | 2
arch/arm/mach-omap2/clockdomain.h | 1
arch/arm/mach-omap2/clockdomains33xx_data.c | 2
arch/arm/mach-omap2/cm33xx.c | 14
arch/arm/mach-omap2/pmic-cpcap.c | 6
arch/arm/mm/ioremap.c | 4
arch/arm64/Makefile | 2
arch/arm64/include/asm/tlbflush.h | 9
arch/arm64/kernel/ptrace.c | 2
arch/arm64/mm/mmu.c | 3
arch/loongarch/include/asm/irqflags.h | 16
arch/loongarch/include/asm/vdso/getrandom.h | 2
arch/loongarch/include/asm/vdso/gettimeofday.h | 6
arch/loongarch/mm/hugetlbpage.c | 3
arch/mips/vdso/Makefile | 1
arch/parisc/boot/compressed/Makefile | 1
arch/parisc/kernel/unaligned.c | 2
arch/powerpc/include/asm/ppc_asm.h | 2
arch/powerpc/kernel/eeh.c | 2
arch/powerpc/kernel/vdso/Makefile | 2
arch/powerpc/platforms/pseries/msi.c | 7
arch/riscv/kvm/vcpu_sbi_replace.c | 8
arch/s390/kvm/gaccess.c | 8
arch/s390/pci/pci.c | 45 +
arch/s390/pci/pci_bus.h | 7
arch/s390/pci/pci_event.c | 22
arch/s390/pci/pci_mmio.c | 2
arch/x86/include/asm/tdx.h | 2
arch/x86/kernel/cpu/sgx/main.c | 2
arch/x86/kvm/svm/svm.c | 2
arch/x86/kvm/vmx/vmx.c | 5
arch/x86/tools/insn_decoder_test.c | 5
arch/x86/virt/vmx/tdx/tdx.c | 5
block/blk-merge.c | 26 -
block/blk-zoned.c | 1
drivers/accel/ivpu/ivpu_fw.c | 12
drivers/accel/ivpu/ivpu_gem.c | 89 ++-
drivers/accel/ivpu/ivpu_gem.h | 2
drivers/acpi/acpica/amlresrc.h | 8
drivers/acpi/acpica/dsutils.c | 9
drivers/acpi/acpica/psobject.c | 52 --
drivers/acpi/acpica/rsaddr.c | 13
drivers/acpi/acpica/rscalc.c | 22
drivers/acpi/acpica/rslist.c | 12
drivers/acpi/acpica/utprint.c | 7
drivers/acpi/acpica/utresrc.c | 14
drivers/acpi/battery.c | 19
drivers/acpi/bus.c | 6
drivers/ata/ahci.c | 35 +
drivers/ata/pata_via.c | 3
drivers/atm/atmtcp.c | 4
drivers/base/platform-msi.c | 1
drivers/base/power/runtime.c | 2
drivers/base/swnode.c | 2
drivers/block/aoe/aoedev.c | 8
drivers/block/ublk_drv.c | 3
drivers/bluetooth/btusb.c | 4
drivers/bus/fsl-mc/fsl-mc-uapi.c | 4
drivers/bus/fsl-mc/mc-io.c | 19
drivers/bus/fsl-mc/mc-sys.c | 2
drivers/bus/mhi/ep/ring.c | 16
drivers/bus/mhi/host/pm.c | 18
drivers/bus/ti-sysc.c | 49 --
drivers/clk/meson/g12a.c | 1
drivers/clk/qcom/gcc-x1e80100.c | 4
drivers/clk/rockchip/clk-rk3036.c | 1
drivers/cpufreq/amd-pstate.c | 3
drivers/cpufreq/scmi-cpufreq.c | 36 +
drivers/crypto/intel/qat/qat_420xx/adf_drv.c | 8
drivers/crypto/intel/qat/qat_4xxx/adf_drv.c | 8
drivers/crypto/intel/qat/qat_c3xxx/adf_drv.c | 8
drivers/crypto/intel/qat/qat_c62x/adf_drv.c | 8
drivers/crypto/intel/qat/qat_dh895xcc/adf_drv.c | 8
drivers/crypto/marvell/cesa/cesa.c | 2
drivers/crypto/marvell/cesa/cesa.h | 9
drivers/crypto/marvell/cesa/tdma.c | 53 +-
drivers/dma-buf/udmabuf.c | 5
drivers/edac/altera_edac.c | 6
drivers/edac/amd64_edac.c | 1
drivers/firmware/arm_scmi/driver.c | 76 +--
drivers/firmware/arm_scmi/protocols.h | 2
drivers/firmware/sysfb.c | 26 -
drivers/gpio/gpio-mlxbf3.c | 54 +-
drivers/gpio/gpio-pca953x.c | 2
drivers/gpio/gpiolib-of.c | 9
drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c | 8
drivers/gpu/drm/i915/i915_pmu.c | 4
drivers/gpu/drm/msm/adreno/a6xx_gpu.c | 14
drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys_vid.c | 14
drivers/gpu/drm/msm/dsi/phy/dsi_phy_10nm.c | 7
drivers/gpu/drm/msm/registers/adreno/adreno_pm4.xml | 3
drivers/gpu/drm/nouveau/nouveau_backlight.c | 2
drivers/gpu/drm/solomon/ssd130x.c | 2
drivers/gpu/drm/v3d/v3d_sched.c | 8
drivers/gpu/drm/xe/display/xe_display.c | 43 +
drivers/gpu/drm/xe/display/xe_display.h | 4
drivers/gpu/drm/xe/xe_device.c | 40 +
drivers/gpu/drm/xe/xe_gt.c | 110 ++--
drivers/gpu/drm/xe/xe_gt.h | 1
drivers/hid/hid-asus.c | 107 ++++
drivers/hv/connection.c | 23
drivers/hwmon/ftsteutates.c | 9
drivers/hwmon/ltc4282.c | 7
drivers/hwmon/occ/common.c | 240 ++++------
drivers/i2c/busses/i2c-designware-slave.c | 2
drivers/i2c/busses/i2c-npcm7xx.c | 12
drivers/i2c/busses/i2c-tegra.c | 5
drivers/iio/accel/fxls8962af-core.c | 15
drivers/iio/adc/Kconfig | 1
drivers/iio/adc/ad7606_spi.c | 2
drivers/iio/adc/ad7944.c | 2
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 8
drivers/infiniband/core/iwcm.c | 29 -
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 2
drivers/input/keyboard/gpio_keys.c | 2
drivers/input/misc/ims-pcu.c | 6
drivers/input/misc/sparcspkr.c | 22
drivers/iommu/amd/iommu.c | 41 +
drivers/iommu/intel/iommu.c | 11
drivers/iommu/intel/iommu.h | 1
drivers/iommu/intel/nested.c | 4
drivers/md/dm-raid1.c | 5
drivers/md/dm-table.c | 8
drivers/md/dm-verity-fec.c | 4
drivers/md/dm-verity-target.c | 8
drivers/md/dm-verity-verify-sig.c | 17
drivers/media/common/videobuf2/videobuf2-dma-sg.c | 4
drivers/media/i2c/ccs-pll.c | 11
drivers/media/i2c/ds90ub913.c | 4
drivers/media/i2c/imx335.c | 5
drivers/media/i2c/ov2740.c | 4
drivers/media/i2c/ov5675.c | 5
drivers/media/i2c/ov8856.c | 9
drivers/media/pci/intel/ipu6/ipu6-dma.c | 4
drivers/media/pci/intel/ipu6/ipu6.c | 5
drivers/media/platform/imagination/e5010-jpeg-enc.c | 9
drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_hevc_req_multi_if.c | 2
drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c | 59 +-
drivers/media/platform/nxp/imx8-isi/imx8-isi-m2m.c | 14
drivers/media/platform/qcom/venus/core.c | 16
drivers/media/platform/ti/davinci/vpif.c | 4
drivers/media/platform/ti/omap3isp/ispccdc.c | 8
drivers/media/platform/ti/omap3isp/ispstat.c | 6
drivers/media/test-drivers/vidtv/vidtv_channel.c | 2
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 2
drivers/media/usb/dvb-usb/cxusb.c | 3
drivers/media/usb/gspca/stv06xx/stv06xx_hdcs.c | 7
drivers/media/usb/uvc/uvc_ctrl.c | 23
drivers/media/usb/uvc/uvc_driver.c | 27 -
drivers/media/v4l2-core/v4l2-dev.c | 14
drivers/mmc/core/card.h | 6
drivers/mmc/core/quirks.h | 10
drivers/mmc/core/sd.c | 32 +
drivers/mtd/nand/raw/qcom_nandc.c | 2
drivers/mtd/nand/raw/sunxi_nand.c | 2
drivers/net/can/kvaser_pciefd.c | 3
drivers/net/can/m_can/tcan4x5x-core.c | 9
drivers/net/ethernet/aquantia/atlantic/aq_main.c | 1
drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 2
drivers/net/ethernet/broadcom/bnxt/bnxt.c | 91 +++
drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.c | 29 -
drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.h | 1
drivers/net/ethernet/cadence/macb_main.c | 6
drivers/net/ethernet/cortina/gemini.c | 37 +
drivers/net/ethernet/dlink/dl2k.c | 14
drivers/net/ethernet/dlink/dl2k.h | 2
drivers/net/ethernet/emulex/benet/be_cmds.c | 2
drivers/net/ethernet/faraday/Kconfig | 1
drivers/net/ethernet/intel/e1000e/netdev.c | 14
drivers/net/ethernet/intel/e1000e/ptp.c | 8
drivers/net/ethernet/intel/i40e/i40e_common.c | 7
drivers/net/ethernet/intel/ice/ice_arfs.c | 48 ++
drivers/net/ethernet/intel/ice/ice_eswitch.c | 6
drivers/net/ethernet/intel/ice/ice_switch.c | 4
drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 4
drivers/net/ethernet/marvell/octeontx2/nic/cn10k.c | 9
drivers/net/ethernet/mellanox/mlx4/en_ethtool.c | 1
drivers/net/ethernet/mellanox/mlx5/core/steering/hws/mlx5hws_definer.c | 78 ++-
drivers/net/ethernet/mellanox/mlx5/core/vport.c | 18
drivers/net/ethernet/mellanox/mlxbf_gige/mlxbf_gige_main.c | 6
drivers/net/ethernet/meta/fbnic/fbnic_fw.c | 5
drivers/net/ethernet/microchip/lan743x_ethtool.c | 18
drivers/net/ethernet/microchip/lan743x_ptp.h | 4
drivers/net/ethernet/pensando/ionic/ionic_main.c | 3
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 7
drivers/net/ethernet/ti/am65-cpsw-nuss.c | 24 -
drivers/net/ethernet/vertexcom/mse102x.c | 15
drivers/net/netdevsim/netdev.c | 2
drivers/net/usb/asix.h | 1
drivers/net/usb/asix_common.c | 22
drivers/net/usb/asix_devices.c | 17
drivers/net/usb/ch9200.c | 7
drivers/net/vxlan/vxlan_core.c | 8
drivers/net/wireless/ath/ath11k/ce.c | 11
drivers/net/wireless/ath/ath11k/core.c | 55 ++
drivers/net/wireless/ath/ath11k/core.h | 7
drivers/net/wireless/ath/ath11k/dp_rx.c | 25 -
drivers/net/wireless/ath/ath11k/hal.c | 4
drivers/net/wireless/ath/ath11k/qmi.c | 9
drivers/net/wireless/ath/ath12k/ce.c | 11
drivers/net/wireless/ath/ath12k/ce.h | 6
drivers/net/wireless/ath/ath12k/dp_mon.c | 2
drivers/net/wireless/ath/ath12k/hal.c | 12
drivers/net/wireless/ath/ath12k/hal_desc.h | 2
drivers/net/wireless/ath/ath12k/pci.c | 5
drivers/net/wireless/ath/ath12k/wmi.c | 20
drivers/net/wireless/ath/carl9170/usb.c | 19
drivers/net/wireless/intel/iwlwifi/cfg/22000.c | 3
drivers/net/wireless/intel/iwlwifi/mvm/mac-ctxt.c | 4
drivers/net/wireless/intel/iwlwifi/pcie/trans.c | 6
drivers/net/wireless/intersil/p54/fwio.c | 2
drivers/net/wireless/intersil/p54/p54.h | 1
drivers/net/wireless/intersil/p54/txrx.c | 13
drivers/net/wireless/mediatek/mt76/mt76x2/usb.c | 2
drivers/net/wireless/mediatek/mt76/mt76x2/usb_init.c | 13
drivers/net/wireless/mediatek/mt76/mt7921/main.c | 5
drivers/net/wireless/mediatek/mt76/mt7925/init.c | 6
drivers/net/wireless/mediatek/mt76/mt7925/mcu.c | 20
drivers/net/wireless/mediatek/mt76/mt7925/mcu.h | 1
drivers/net/wireless/mediatek/mt76/mt7925/pci.c | 3
drivers/net/wireless/mediatek/mt76/mt7925/regs.h | 2
drivers/net/wireless/mediatek/mt76/mt7996/mac.c | 8
drivers/net/wireless/purelifi/plfxlc/usb.c | 4
drivers/net/wireless/realtek/rtlwifi/pci.c | 10
drivers/net/wireless/realtek/rtw88/hci.h | 8
drivers/net/wireless/realtek/rtw88/mac.c | 11
drivers/net/wireless/realtek/rtw88/mac.h | 2
drivers/net/wireless/realtek/rtw88/pci.c | 2
drivers/net/wireless/realtek/rtw88/sdio.c | 2
drivers/net/wireless/realtek/rtw88/usb.c | 57 ++
drivers/net/wireless/realtek/rtw89/cam.c | 3
drivers/net/wireless/realtek/rtw89/mac.c | 4
drivers/net/wireless/realtek/rtw89/phy.c | 10
drivers/net/wireless/realtek/rtw89/phy.h | 1
drivers/net/wireless/realtek/rtw89/rtw8922a_rfk.c | 5
drivers/net/wireless/virtual/mac80211_hwsim.c | 5
drivers/nvme/host/ioctl.c | 21
drivers/pci/controller/cadence/pcie-cadence-ep.c | 5
drivers/pci/controller/dwc/pcie-designware-ep.c | 5
drivers/pci/controller/dwc/pcie-dw-rockchip.c | 6
drivers/pci/hotplug/s390_pci_hpc.c | 2
drivers/pci/pci.c | 3
drivers/pci/quirks.c | 23
drivers/phy/freescale/phy-fsl-imx8mq-usb.c | 10
drivers/pinctrl/mvebu/pinctrl-armada-37xx.c | 21
drivers/pinctrl/pinctrl-mcp23s08.c | 8
drivers/platform/loongarch/loongson-laptop.c | 87 +--
drivers/platform/x86/amd/pmc/pmc.c | 2
drivers/platform/x86/amd/pmf/tee-if.c | 11
drivers/platform/x86/dell/dell_rbu.c | 6
drivers/platform/x86/ideapad-laptop.c | 19
drivers/platform/x86/intel/uncore-frequency/uncore-frequency-tpmi.c | 9
drivers/pmdomain/core.c | 4
drivers/power/supply/bq27xxx_battery.c | 2
drivers/power/supply/bq27xxx_battery_i2c.c | 13
drivers/power/supply/collie_battery.c | 1
drivers/power/supply/max17040_battery.c | 5
drivers/ptp/ptp_clock.c | 3
drivers/ptp/ptp_private.h | 22
drivers/pwm/pwm-axi-pwmgen.c | 23
drivers/rapidio/rio_cm.c | 3
drivers/regulator/max14577-regulator.c | 5
drivers/regulator/max20086-regulator.c | 4
drivers/remoteproc/remoteproc_core.c | 6
drivers/remoteproc/ti_k3_m4_remoteproc.c | 2
drivers/s390/scsi/zfcp_sysfs.c | 2
drivers/scsi/elx/efct/efct_hw.c | 5
drivers/scsi/lpfc/lpfc_hbadisc.c | 2
drivers/scsi/lpfc/lpfc_sli.c | 4
drivers/scsi/smartpqi/smartpqi_init.c | 84 +++
drivers/scsi/storvsc_drv.c | 10
drivers/soc/qcom/pmic_glink_altmode.c | 30 -
drivers/staging/iio/impedance-analyzer/ad5933.c | 2
drivers/tee/tee_core.c | 11
drivers/tty/serial/sh-sci.c | 48 +-
drivers/uio/uio_hv_generic.c | 7
drivers/video/console/dummycon.c | 18
drivers/video/console/vgacon.c | 2
drivers/video/fbdev/core/fbcon.c | 7
drivers/video/fbdev/core/fbmem.c | 22
drivers/video/screen_info_pci.c | 79 ++-
drivers/virt/coco/tsm.c | 31 +
drivers/watchdog/da9052_wdt.c | 1
fs/ceph/addr.c | 9
fs/ceph/super.c | 1
fs/configfs/dir.c | 2
fs/ext4/ext4.h | 7
fs/ext4/extents.c | 18
fs/ext4/file.c | 7
fs/ext4/inline.c | 2
fs/ext4/inode.c | 10
fs/f2fs/compress.c | 23
fs/f2fs/f2fs.h | 5
fs/f2fs/inode.c | 10
fs/f2fs/namei.c | 9
fs/f2fs/segment.c | 12
fs/f2fs/super.c | 12
fs/gfs2/lock_dlm.c | 3
fs/isofs/inode.c | 7
fs/isofs/isofs.h | 4
fs/isofs/rock.c | 40 -
fs/isofs/rock.h | 6
fs/isofs/util.c | 49 +-
fs/jbd2/transaction.c | 5
fs/jffs2/erase.c | 4
fs/jffs2/scan.c | 4
fs/jffs2/summary.c | 7
fs/nfs/nfs4proc.c | 5
fs/nfs/read.c | 3
fs/nfsd/nfs4proc.c | 3
fs/nfsd/nfs4xdr.c | 19
fs/nfsd/nfsctl.c | 26 -
fs/nfsd/nfssvc.c | 6
fs/overlayfs/file.c | 4
fs/smb/client/cached_dir.c | 14
fs/smb/client/cached_dir.h | 8
fs/smb/client/cifsglob.h | 1
fs/smb/client/connect.c | 17
fs/smb/client/namespace.c | 3
fs/smb/client/readdir.c | 28 -
fs/smb/client/reparse.c | 1
fs/smb/client/sess.c | 7
fs/smb/client/smb2pdu.c | 33 -
fs/smb/client/smbdirect.c | 5
fs/smb/client/transport.c | 14
fs/smb/server/connection.c | 2
fs/smb/server/connection.h | 1
fs/smb/server/smb2pdu.c | 11
fs/smb/server/transport_rdma.c | 10
fs/smb/server/transport_tcp.c | 3
fs/xattr.c | 1
include/acpi/actypes.h | 2
include/linux/acpi.h | 9
include/linux/atmdev.h | 6
include/linux/bus/stm32_firewall_device.h | 15
include/linux/f2fs_fs.h | 1
include/linux/hugetlb.h | 3
include/linux/mmc/card.h | 1
include/linux/tcp.h | 2
include/net/checksum.h | 2
include/net/ipv6.h | 9
include/net/mac80211.h | 16
include/trace/events/erofs.h | 18
include/uapi/linux/bpf.h | 2
io_uring/io-wq.c | 4
io_uring/io_uring.c | 2
io_uring/kbuf.c | 7
io_uring/sqpoll.c | 5
ipc/shm.c | 5
kernel/bpf/bpf_struct_ops.c | 2
kernel/bpf/btf.c | 4
kernel/bpf/helpers.c | 3
kernel/cgroup/legacy_freezer.c | 3
kernel/events/core.c | 80 ++-
kernel/exit.c | 17
kernel/sched/core.c | 4
kernel/sched/ext.c | 5
kernel/sched/ext.h | 2
kernel/time/clocksource.c | 2
kernel/trace/ftrace.c | 10
kernel/watchdog.c | 41 +
kernel/workqueue.c | 3
lib/Kconfig | 1
lib/Kconfig.debug | 9
lib/Makefile | 2
lib/longest_symbol_kunit.c | 82 +++
mm/hugetlb.c | 67 ++
mm/madvise.c | 2
mm/page-writeback.c | 2
mm/vma.c | 7
mm/vma_internal.h | 1
net/atm/common.c | 1
net/atm/lec.c | 12
net/atm/raw.c | 2
net/bridge/br_mst.c | 4
net/bridge/br_multicast.c | 103 +++-
net/bridge/br_private.h | 11
net/core/filter.c | 24 -
net/core/page_pool.c | 4
net/core/skbuff.c | 3
net/core/skmsg.c | 3
net/core/sock.c | 4
net/core/utils.c | 4
net/ipv4/route.c | 4
net/ipv4/tcp_fastopen.c | 3
net/ipv4/tcp_input.c | 79 +--
net/ipv6/calipso.c | 8
net/ipv6/ila/ila_common.c | 6
net/ipv6/ip6_output.c | 2
net/ipv6/raw.c | 8
net/ipv6/udp.c | 7
net/l2tp/l2tp_ip6.c | 8
net/mac80211/cfg.c | 2
net/mac80211/debugfs_sta.c | 6
net/mac80211/mesh_hwmp.c | 6
net/mac80211/rate.c | 2
net/mac80211/sta_info.c | 28 -
net/mac80211/sta_info.h | 11
net/mac80211/tx.c | 15
net/mpls/af_mpls.c | 4
net/netfilter/nft_set_pipapo.c | 6
net/nfc/nci/uart.c | 8
net/sched/sch_sfq.c | 10
net/sched/sch_taprio.c | 6
net/sctp/socket.c | 3
net/sunrpc/svc.c | 11
net/sunrpc/xprtrdma/svc_rdma_transport.c | 1
net/sunrpc/xprtsock.c | 5
net/tipc/crypto.c | 2
net/tipc/udp_media.c | 4
net/wireless/core.c | 6
net/xfrm/xfrm_user.c | 52 +-
rust/Makefile | 14
scripts/Makefile.compiler | 8
scripts/generate_rust_analyzer.py | 13
security/selinux/xfrm.c | 2
sound/pci/hda/cs35l41_hda_property.c | 6
sound/pci/hda/hda_intel.c | 2
sound/pci/hda/patch_realtek.c | 5
sound/soc/amd/acp/acp-sdw-sof-mach.c | 2
sound/soc/amd/yc/acp6x-mach.c | 9
sound/soc/codecs/tas2770.c | 30 +
sound/soc/codecs/wcd937x.c | 7
sound/soc/meson/meson-card-utils.c | 2
sound/soc/qcom/sdm845.c | 4
sound/soc/sdw_utils/soc_sdw_rt_amp.c | 2
sound/soc/tegra/tegra210_ahub.c | 2
sound/usb/mixer_maps.c | 12
tools/bpf/bpftool/cgroup.c | 12
tools/include/uapi/linux/bpf.h | 2
tools/lib/bpf/btf.c | 18
tools/lib/bpf/libbpf.c | 6
tools/perf/tests/tests-scripts.c | 1
tools/perf/util/print-events.c | 1
tools/testing/selftests/x86/Makefile | 2
tools/testing/selftests/x86/sigtrap_loop.c | 101 ++++
tools/testing/vma/vma_internal.h | 2
439 files changed, 3803 insertions(+), 1704 deletions(-)
Aditya Kumar Singh (2):
wifi: mac80211: validate SCAN_FLAG_AP in scan request during MLO
wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping
Ahmed Salem (1):
ACPICA: Avoid sequence overread in call to strncmp()
Akhil R (2):
i2c: tegra: check msg length in SMBUS block read
dt-bindings: i2c: nvidia,tegra20-i2c: Specify the required properties
Alan Maguire (2):
libbpf/btf: Fix string handling to support multi-split BTF
libbpf: Add identical pointer detection to btf_dedup_is_equiv()
Alexander Aring (1):
gfs2: move msleep to sleepable context
Alexander Sverdlin (1):
Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first"
Alexey Kodanev (1):
net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get()
Alok Tiwari (1):
emulex/benet: correct command version selection in be_cmd_get_stats()
Andreas Kemnade (1):
ARM: omap: pmic-cpcap: do not mess around without CPCAP or OMAP4
Andrew Morton (1):
drivers/rapidio/rio_cm.c: prevent possible heap overwrite
Andrew Zaborowski (1):
x86/sgx: Prevent attempts to reclaim poisoned pages
André Almeida (1):
ovl: Fix nested backing file paths
Anup Patel (2):
RISC-V: KVM: Fix the size parameter check in SBI SFENCE calls
RISC-V: KVM: Don't treat SBI HFENCE calls as NOPs
Armin Wolf (1):
ACPI: bus: Bail out if acpi_kobj registration fails
Arnd Bergmann (3):
parisc: fix building with gcc-15
hwmon: (occ) Rework attribute registration for stack usage
hwmon: (occ) fix unaligned accesses
Artem Sadovnikov (1):
jffs2: check that raw node were preallocated before writing summary
Arthur-Prince (1):
iio: adc: ti-ads1298: Kconfig: add kfifo dependency to fix module build
Avadhut Naik (1):
EDAC/amd64: Correct number of UMCs for family 19h models 70h-7fh
Balamurugan S (1):
wifi: ath12k: fix incorrect CE addresses
Baochen Qiang (2):
wifi: ath12k: fix a possible dead lock caused by ab->base_lock
wifi: ath11k: determine PM policy based on machine model
Beleswar Padhi (1):
remoteproc: k3-m4: Don't assert reset in detach routine
Benjamin Berg (1):
wifi: mac80211: do not offer a mesh path if forwarding is disabled
Benjamin Lin (1):
wifi: mt76: mt7996: drop fragments with multicast or broadcast RA
Bharath SM (2):
smb: improve directory cache reuse for readdir operations
smb: fix secondary channel creation issue with kerberos by populating hostname when adding channels
Bitterblue Smith (2):
wifi: rtw88: usb: Upload the firmware in bigger chunks
wifi: rtw88: usb: Reduce control message timeout to 500 ms
Brett Creeley (1):
ionic: Prevent driver/fw getting out of sync on devcmd(s)
Brett Werling (1):
can: tcan4x5x: fix power regulator retrieval during probe
Brian Foster (1):
ext4: only dirty folios when data journaling regular files
Chao Gao (1):
KVM: VMX: Flush shadow VMCS on emergency reboot
Chao Yu (5):
f2fs: fix to do sanity check on ino and xnid
f2fs: fix to do sanity check on sit_bitmap_size
f2fs: use vmalloc instead of kvmalloc in .init_{,de}compress_ctx
f2fs: fix to bail out in get_new_segment()
f2fs: fix to set atomic write status more clear
Charan Teja Kalla (1):
PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn()
Chen Linxuan (1):
RDMA/hns: initialize db in update_srq_db()
Chen Ridong (1):
cgroup,freezer: fix incomplete freezing when attaching tasks
Chris Chiu (1):
ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA
Christian Lamparter (1):
wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()
Christophe Leroy (1):
powerpc/vdso: Fix build of VDSO32 with pcrel
Chuck Lever (3):
NFSD: Implement FATTR4_CLONE_BLKSIZE attribute
SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls
svcrdma: Unregister the device if svc_rdma_accept() fails
Chuyi Zhou (1):
workqueue: Initialize wq_isolated_cpumask in workqueue_init_early()
Claudiu Beznea (2):
serial: sh-sci: Clean sci_ports[0] after at earlycon exit
serial: sh-sci: Increment the runtime usage counter for the earlycon device
Connor Abbott (2):
drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names
drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE
Da Xue (1):
clk: meson-g12a: add missing fclk_div2 to spicc
Damien Le Moal (1):
block: Clear BIO_EMULATES_ZONE_APPEND flag on BIO completion
Dan Carpenter (1):
Input: ims-pcu - check record size in ims_pcu_flash_firmware()
Dan Williams (1):
configfs-tsm-report: Fix NULL dereference of tsm_ops
Daniel Wagner (1):
scsi: lpfc: Use memcpy() for BIOS version
David (Ming Qiang) Wu (1):
drm/amdgpu: read back register after written for VCN v4.0.5
David Lechner (3):
pwm: axi-pwmgen: fix missing separate external clock
iio: adc: ad7944: mask high bits on direct read
iio: adc: ad7606_spi: fix reg write value mask
David Strahan (1):
scsi: smartpqi: Add new PCI IDs
David Thompson (2):
mlxbf_gige: return EPROBE_DEFER if PHY IRQ is not available
gpio: mlxbf3: only get IRQ for device instance 0
David Wei (1):
tcp: fix passive TFO socket having invalid NAPI ID
Denis Arefev (1):
media: vivid: Change the siize of the composing
Dennis Marttinen (1):
ceph: set superblock s_magic for IMA fsmagic matching
Dev Jain (1):
arm64: Restrict pagetable teardown to avoid false warning
Dexuan Cui (1):
scsi: storvsc: Increase the timeouts to storvsc_timeout
Dhananjay Ugwekar (1):
cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update
Dian-Syuan Yang (1):
wifi: rtw89: leave idle mode when setting WEP encryption for AP mode
Diederik de Haas (1):
PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit()
Dmitry Antipov (1):
wifi: carl9170: do not ping device which has failed to load firmware
Dmitry Nikiforov (1):
media: davinci: vpif: Fix memory leak in probe error path
Edip Hazuri (1):
ALSA: hda/realtek - Add mute LED support for HP Victus 16-s1xxx and HP Victus 15-fa1xxx
Edward Adam Davis (4):
media: cxusb: no longer judge rbuf when the write fails
media: vidtv: Terminating the subsequent process of initialization failure
wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled
wifi: cfg80211: init wiphy_work before allocating rfkill fails
Eric Dumazet (7):
tcp: always seek for minimal rtt in tcp_rcv_rtt_update()
tcp: remove zero TCP TS samples for autotuning
tcp: fix initial tp->rcvq_space.space value for passive TS enabled flows
tcp: add receive queue awareness in tcp_rcv_space_adjust()
net_sched: sch_sfq: reject invalid perturb period
net: atm: add lec_mutex
net: atm: fix /proc/net/atm/lec handling
Erick Shepherd (1):
mmc: Add quirk to disable DDR50 tuning
Fedor Pchelkin (2):
can: kvaser_pciefd: refine error prone echo_skb_max handling logic
jffs2: check jffs2_prealloc_raw_node_refs() result in few other places
Fei Shao (1):
media: mediatek: vcodec: Correct vsi_core framebuffer size
Frank Li (1):
platform-msi: Add msi_remove_device_irq_domain() in platform_device_msi_free_irqs_all()
GONG Ruiqi (1):
vgacon: Add check for vc_origin address range in vgacon_scroll()
Gabor Juhos (4):
pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name()
pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction()
pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction()
pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get()
Gabriel Shahrouzi (1):
staging: iio: ad5933: Correct settling cycles encoding per datasheet
Gao Xiang (1):
erofs: remove unused trace event erofs_destroy_inode
Gary Guo (1):
rust: compile libcore with edition 2024 for 1.87+
Gatien Chevallier (1):
Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer()
Gautam Menghani (1):
powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states
Giovanni Cabiddu (5):
crypto: qat - add shutdown handler to qat_c3xxx
crypto: qat - add shutdown handler to qat_420xx
crypto: qat - add shutdown handler to qat_4xxx
crypto: qat - add shutdown handler to qat_c62x
crypto: qat - add shutdown handler to qat_dh895xcc
Greg Kroah-Hartman (1):
Linux 6.12.35
Grzegorz Nitka (1):
ice: fix eswitch code memory leak in reset scenario
Gui-Dong Han (1):
hwmon: (ftsteutates) Fix TOCTOU race in fts_read()
Guilherme G. Piccoli (1):
clocksource: Fix the CPUs' choice in the watchdog per CPU verification
Haixia Qu (1):
tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer
Hans de Goede (1):
media: ov2740: Move pm-runtime cleanup on probe-errors to proper place
Hao Yao (1):
media: ipu6: Remove workaround for Meteor Lake ES2
Haoxiang Li (1):
media: imagination: fix a potential memory leak in e5010_probe()
Hari Chandrakanthan (1):
wifi: ath12k: fix link valid field initialization in the monitor Rx
Hector Martin (1):
ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change
Heiko Carstens (1):
s390/pci: Fix __pcilg_mio_inuser() inline assembly
Heiko Stuebner (1):
clk: rockchip: rk3036: mark ddrphy as critical
Heiner Kallweit (1):
net: ftgmac100: select FIXED_PHY
Helge Deller (1):
parisc/unaligned: Fix hex output to show 8 hex chars
Henk Vergonet (1):
wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R
Herbert Xu (1):
crypto: marvell/cesa - Do not chain submitted requests
Himal Prasad Ghimiray (1):
drm/xe/gt: Update handling of xe_force_wake_get return
Hou Tao (1):
bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()
Huacai Chen (2):
PCI: Add ACS quirk for Loongson PCIe
LoongArch: Avoid using $r0/$r1 as "mask" for csrxchg
Hyunwoo Kim (1):
net/sched: fix use-after-free in taprio_dev_notifier
I Hsin Cheng (1):
ASoC: intel/sdw_utils: Assign initial value in asoc_sdw_rt_amp_spk_rtd_init()
Ian Rogers (2):
perf evsel: Missed close() when probing hybrid core PMUs
perf test: Directory file descriptor leak
Ido Schimmel (1):
vxlan: Do not treat dst cache initialization errors as fatal
Ilpo Järvinen (1):
PCI: Fix lock symmetry in pci_slot_unlock()
Ilya Leoshkevich (1):
bpf: Pass the same orig_call value to trampoline functions
Ioana Ciornei (1):
bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device
Jacek Lawrynowicz (4):
accel/ivpu: Improve buffer object logging
accel/ivpu: Use firmware names from upstream repo
accel/ivpu: Use dma_resv_lock() instead of a custom mutex
accel/ivpu: Fix warning in ivpu_gem_bo_free()
Jacob Keller (1):
drm/nouveau/bl: increase buffer size to avoid truncate warning
Jaegeuk Kim (1):
f2fs: prevent kernel warning due to negative i_nlink from corrupted image
Jakub Kicinski (2):
net: clear the dst when changing skb protocol
eth: fbnic: avoid double free when failing to DMA-map FW msg
James A. MacInnes (1):
drm/msm/disp: Correct porch timing for SDM845
Jan Kara (1):
ext4: fix calculation of credits for extent tree modification
Jann Horn (3):
mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
tee: Prevent size calculation wraparound on 32-bit kernels
mm/hugetlb: unshare page tables during VMA split, not before
Jason Xing (3):
net: atlantic: generate software timestamp just before the doorbell
net: stmmac: generate software timestamp just before the doorbell
net: mlx4: add SOF_TIMESTAMPING_TX_SOFTWARE flag when getting ts info
Jeff Hugo (1):
bus: mhi: host: Fix conflict between power_up and SYSERR
Jeff Layton (2):
nfsd: use threads array as-is in netlink interface
sunrpc: handle SVC_GARBAGE during svc auth processing as auth error
Jens Axboe (4):
block: use plug request list tail for one-shot backmerge attempt
io_uring/kbuf: don't truncate end buffer for multiple buffer peeks
nvme: always punt polled uring_cmd end_io work to task_work
io_uring/sqpoll: don't put task_struct on tctx setup failure
Jeongjun Park (2):
jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()
ipc: fix to protect IPCS lookups using RCU
Jerry Lv (1):
power: supply: bq27xxx: Retrieve again when busy
Jiande Lu (1):
Bluetooth: btusb: Add new VID/PID 13d3/3630 for MT7925
Jiayuan Chen (1):
bpf, sockmap: Fix data lost during EAGAIN retries
Jinliang Zheng (1):
mm: fix ratelimit_pages update error in dirty_ratio_handler()
Joe Damato (1):
netdevsim: Mark NAPI ID on skb in nsim_rcv
Johan Hovold (6):
wifi: ath11k: fix rx completion meta data corruption
wifi: ath11k: fix ring-buffer corruption
wifi: ath12k: fix ring-buffer corruption
media: ov8856: suppress probe deferral errors
media: ov5675: suppress probe deferral errors
soc: qcom: pmic_glink_altmode: fix spurious DP hotplug events
Johannes Berg (1):
wifi: iwlwifi: mvm: fix beacon CCK flag
John Keeping (1):
drm/ssd130x: fix ssd132x_clear_screen() columns
Jonas 'Sortie' Termansen (1):
isofs: fix Y2038 and Y2156 issues in Rock Ridge TF entry
Jonathan Lane (1):
ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged
João Paulo Gonçalves (2):
regulator: max20086: Fix MAX200086 chip id
regulator: max20086: Change enable gpio to optional
Justin Sanders (1):
aoe: clean device rq_list in aoedev_downdev()
Justin Tee (1):
scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands
Kai Huang (1):
x86/virt/tdx: Avoid indirect calls to TDX assembly functions
Kalesh AP (2):
bnxt_en: Remove unused field "ref_count" in struct bnxt_ulp
bnxt_en: Fix double invocation of bnxt_ulp_stop()/bnxt_ulp_start()
Kang Yang (1):
wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET
Kees Cook (1):
fbcon: Make sure modelist not set on unregistered console
Khem Raj (1):
mips: Add -std= flag specified in KBUILD_CFLAGS to vdso CFLAGS
Kieran Bingham (1):
media: i2c: imx335: Fix frame size enumeration
Krishna Kumar (1):
net: ice: Perform accurate aRFS flow match
Krzysztof Hałasa (1):
usbnet: asix AX88772: leave the carrier control to phylink
Krzysztof Kozlowski (6):
ASoC: codecs: wcd9375: Fix double free of regulator supplies
ASoC: codecs: wcd937x: Drop unused buck_supply
bus: firewall: Fix missing static inline annotations for stubs
NFC: nci: uart: Set tty->disc_data only in success path
power: supply: collie: Fix wakeup source leaks on device unbind
drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate
Kuan-Chung Chen (1):
wifi: rtw89: 8922a: fix TX fail with wrong VCO setting
Kuniyuki Iwashima (4):
atm: Revert atm_account_tx() if copy_from_iter_full() fails.
mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu().
atm: atmtcp: Free invalid length skb in atmtcp_c_send().
calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().
Kyungwook Boo (1):
i40e: fix MMIO write access to an invalid page in i40e_clear_hw
Laurentiu Palcu (1):
media: nxp: imx8-isi: better handle the m2m usage_count
Laurentiu Tudor (1):
bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value
Leon Romanovsky (1):
xfrm: validate assignment of maximal possible SEQ number
Leon Yen (1):
wifi: mt76: mt7925: introduce thermal protection
Li Lingfeng (1):
nfsd: Initialize ssc before laundromat_work to prevent NULL dereference
Linus Torvalds (1):
Make 'cc-option' work correctly for the -Wno-xyzzy pattern
Linus Walleij (1):
net: ethernet: cortina: Use TOE/TSO on all TCP
Liwei Sun (1):
Bluetooth: btusb: Add new VID/PID 13d3/3584 for MT7922
Loic Poulain (1):
media: venus: Fix probe error handling
Long Li (3):
Drivers: hv: Allocate interrupt and monitor pages aligned to system page boundary
uio_hv_generic: Use correct size for interrupt and monitor pages
uio_hv_generic: Align ring size to system page
Lorenzo Stoakes (1):
KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY
Lu Baolu (1):
iommu/vt-d: Restore context entry setup order for aliased devices
Luke D. Jones (1):
hid-asus: check ROG Ally MCU version and warn
Luo Gengkun (2):
watchdog: fix watchdog may detect false positive of softlockup
perf/core: Fix WARN in perf_cgroup_switch()
Ma Ke (1):
media: v4l2-dev: fix error handling in __video_register_device()
Maarten Lankhorst (1):
drm/xe: Wire up device shutdown handler
Maninder Singh (2):
NFSD: unregister filesystem in case genl_register_family() fails
NFSD: fix race between nfsd registration and exports_proc
Manivannan Sadhasivam (1):
wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path
Marcus Folkesson (1):
watchdog: da9052_wdt: respect TWDMIN
Marek Szyprowski (3):
media: omap3isp: use sgtable-based scatterlist wrappers
media: videobuf2: use sgtable-based scatterlist wrappers
udmabuf: use sgtable-based scatterlist wrappers
Mario Limonciello (4):
ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case
iommu/amd: Allow matching ACPI HID devices without matching UIDs
platform/x86/amd: pmc: Clear metrics table at start of cycle
platform/x86/amd: pmf: Prevent amd_pmf_tee_deinit() from running twice
Martin Blumenstingl (1):
ASoC: meson: meson-card-utils: use of_property_present() for DT parsing
Martin KaFai Lau (1):
bpftool: Fix cgroup command to only show cgroup bpf programs
Mateusz Pacuszka (1):
ice: fix check for existing switch rule
Max Kellermann (1):
fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio()
Maíra Canal (1):
drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()`
Md Sadre Alam (1):
mtd: rawnand: qcom: Fix read len for onfi param page
Michael Lo (1):
wifi: mt76: mt7925: fix host interrupt register initialization
Michael Walle (1):
net: ethernet: ti: am65-cpsw: handle -EPROBE_DEFER
Miguel Ojeda (1):
kbuild: rust: add rustc-min-version support function
Mike Looijmans (1):
pinctrl: mcp23s08: Reset all pins to input at probe
Mike Tipton (1):
cpufreq: scmi: Skip SCMI devices that aren't used by the CPUs
Mikko Korhonen (1):
ata: ahci: Disallow LPM for Asus B550-F motherboard
Mikulas Patocka (3):
dm-mirror: fix a tiny race condition
dm-verity: fix a memory leak if some arguments are specified multiple times
dm: lock limits when reading them
Mina Almasry (1):
net: netmem: fix skb_ensure_writable with unreadable skbs
Ming Qian (4):
media: imx-jpeg: Drop the first error frames
media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead
media: imx-jpeg: Reset slot data pointers when freed
media: imx-jpeg: Cleanup after an allocation error
Mingcong Bai (1):
wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723
Miri Korenblit (1):
wifi: iwlwifi: pcie: make sure to lock rxq->read
Moon Yeounsu (1):
net: dlink: add synchronization for stats update
Muhammad Usama Anjum (1):
wifi: ath11k: Fix QMI memory reuse logic
Muna Sinada (1):
wifi: mac80211: VLAN traffic in multicast path
Murad Masimov (2):
fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var
fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var
Mykyta Yatsenko (1):
libbpf: Check bpf_map_skeleton link for NULL
Namjae Jeon (2):
ksmbd: fix null pointer dereference in destroy_previous_session
ksmbd: add free_transport ops in ksmbd connection
Narayana Murty N (1):
powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery
Nathan Chancellor (1):
x86/tools: Drop duplicate unlikely() definition in insn_decoder_test.c
Neal Cardwell (1):
tcp: fix tcp_packet_delayed() for tcp_is_non_sack_preventing_reopen() behavior
NeilBrown (1):
nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request
Niklas Cassel (3):
ata: ahci: Disallow LPM for ASUSPRO-D840SA motherboard
PCI: cadence-ep: Correct PBA offset in .set_msix() callback
PCI: dwc: ep: Correct PBA offset in .set_msix() callback
Niklas Schnelle (4):
s390/pci: Remove redundant bus removal and disable from zpci_release_device()
s390/pci: Prevent self deletion in disable_slot()
s390/pci: Allow re-add of a reserved but not yet removed device
s390/pci: Serialize device addition and removal
Niravkumar L Rabara (1):
EDAC/altera: Use correct write width with the INTTEST register
Nuno Sá (1):
hwmon: (ltc4282) avoid repeated register write
Pablo Neira Ayuso (1):
netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
Pali Rohár (1):
cifs: Remove duplicate fattr->cf_dtype assignment from wsl_to_fattr() function
Paul Aurich (1):
smb: Log an error when close_all_cached_dirs fails
Paul Chaignon (2):
net: Fix checksum update for ILA adj-transport
bpf: Fix L4 csum update on IPv6 in CHECKSUM_COMPLETE
Pavan Chebbi (2):
bnxt_en: Add a helper function to configure MRU and RSS
bnxt_en: Update MRU and RSS table of RSS contexts on queue reset
Pavel Begunkov (2):
io_uring: account drain memory to cgroup
io_uring/kbuf: account ring io_buffer_list memory
Peng Fan (1):
gpiolib: of: Add polarity quirk for s5m8767
Penglei Jiang (1):
io_uring: fix task leak issue in io_wq_create()
Peter Marheine (1):
ACPI: battery: negate current when discharging
Peter Oberparleiter (1):
scsi: s390: zfcp: Ensure synchronous unit_add
Peter Zijlstra (2):
perf: Fix sample vs do_exit()
perf: Fix cgroup state vs ERROR
Petr Malat (1):
sctp: Do not wake readers in __sctp_write_space()
Ping-Ke Shih (1):
wifi: rtw89: phy: add dummy C2H event handler for report of TAS power
Qasim Ijaz (1):
net: ch9200: fix uninitialised access during mii_nway_restart
Rand Deeb (1):
ixgbe: Fix unreachable retry logic in combined and byte I2C write functions
Rengarajan S (1):
net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices
Ricardo Ribalda (3):
media: uvcvideo: Return the number of processed controls
media: uvcvideo: Send control events for partial succeeds
media: uvcvideo: Fix deferred probing error
Richard Fitzgerald (1):
ALSA: hda/realtek: Add quirk for Asus GU605C
Rong Zhang (1):
platform/x86: ideapad-laptop: use usleep_range() for EC polling
Ronnie Sahlberg (1):
ublk: santizize the arguments from userspace when adding a device
Ross Stutterheim (1):
ARM: 9447/1: arm/memremap: fix arch_memremap_can_ram_remap()
Ruben Devos (1):
smb: client: add NULL check in automount_fullpath
Ryan Roberts (2):
arm64/mm: Close theoretical race where stale TLB entry remains valid
mm: close theoretical race where stale TLB entries could linger
Sakari Ailus (4):
media: ccs-pll: Start VT pre-PLL multiplier search from correct value
media: ccs-pll: Start OP pre-PLL multiplier search from correct value
media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div
media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case
Salah Triki (1):
wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn()
Samuel Williams (1):
wifi: mt76: mt7921: add 160 MHz AP for mt7922 device
Sarika Sharma (1):
wifi: ath12k: using msdu end descriptor to check for rx multicast packets
Sascha Hauer (1):
gpio: pca953x: fix wrong error probe return value
Scott Mayhew (1):
NFSv4: Don't check for OPEN feature support in v4.1
Sean Christopherson (1):
iommu/amd: Ensure GA log notifier callbacks finish running before module unload
Sean Nyekjaer (3):
iio: accel: fxls8962af: Fix temperature scan element sign
iio: imu: inv_icm42600: Fix temperature calculation
iio: accel: fxls8962af: Fix temperature calculation
Sebastian Andrzej Siewior (2):
ipv4/route: Use this_cpu_inc() for stats on PREEMPT_RT
net: page_pool: Don't recycle into cache on PREEMPT_RT
Sergio González Collado (1):
Kunit to check the longest symbol length
Sergio Perez Gonzalez (1):
net: macb: Check return value of dma_set_mask_and_coherent()
Seunghun Han (2):
ACPICA: fix acpi operand cache leak in dswstate.c
ACPICA: fix acpi parse and parseext cache leaks
Shawn Lin (1):
PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up()
Shin'ichiro Kawasaki (1):
RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction
Shung-Hsi Yu (1):
bpf: Use proper type to calculate bpf_raw_tp_null_args.mask index
Shyam Prasad N (6):
cifs: reset connections for all channels when reconnect requested
cifs: update dstaddr whenever channel iface is updated
cifs: dns resolution is needed only for primary channel
cifs: deal with the channel loading lag while picking channels
cifs: serialize other channels when query server interfaces is pending
cifs: do not disable interface polling on failure
Sibi Sankar (1):
firmware: arm_scmi: Ensure that the message-id supports fastchannel
Simon Horman (1):
pldmfw: Select CRC32 when PLDMFW is selected
Srinivas Pandruvada (1):
platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL
Stanislaw Gruszka (1):
media: intel/ipu6: Fix dma mask for non-secure mode
Stefan Binding (1):
ALSA: hda: cs35l41: Fix swapped l/r audio channels for Acer Helios laptops
Stefan Metzmacher (1):
smb: client: fix max_sge overflow in smb_extract_folioq_to_rdma()
Stefan Wahren (1):
net: vertexcom: mse102x: Return code for mse102x_rx_pkt_spi
Stephen Smalley (2):
fs/xattr.c: fix simple_xattr_list()
selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len
Stuart Hayes (2):
platform/x86: dell_rbu: Fix list usage
platform/x86: dell_rbu: Stop overwriting data buffer
Sukrut Bellary (1):
ARM: OMAP2+: Fix l4ls clk domain handling in STANDBY
Sumit Kumar (1):
bus: mhi: ep: Update read pointer only after buffer is written
Suraj P Kizhakkethil (1):
wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz
Svyatoslav Ryhel (1):
power: supply: max17040: adjust thermal channel scaling
Taehee Yoo (1):
eth: bnxt: fix out-of-range access of vnic_info array
Takashi Iwai (1):
ALSA: hda/intel: Add Thinkpad E15 to PM deny list
Talhah Peerbhai (1):
ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9
Tali Perry (1):
i2c: npcm: Add clock toggle recovery
Tamir Duberstein (1):
ACPICA: Apply pack(1) to union aml_resource
Tan En De (1):
i2c: designware: Invoke runtime suspend on quick slave re-registration
Taniya Das (1):
clk: qcom: gcc-x1e80100: Set FORCE MEM CORE for UFS clocks
Tasos Sahanidis (1):
ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330
Tejun Heo (1):
sched_ext, sched/core: Don't call scx_group_set_weight() prematurely from sched_create_group()
Tengda Wu (1):
arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()
Thadeu Lima de Souza Cascardo (1):
ext4: inline: fix len overflow in ext4_prepare_inline_data
Thomas Weißschuh (1):
LoongArch: vDSO: Correctly use asm parameters in syscall wrappers
Thomas Zimmermann (3):
sysfb: Fix screen_info type check for VGA
video: screen_info: Relocate framebuffers behind PCI bridges
dummycon: Trigger redraw when switching consoles with deferred takeover
Tianyang Zhang (1):
LoongArch: Fix panic caused by NULL-PMD in huge_pte_offset()
Toke Høiland-Jørgensen (1):
Revert "mac80211: Dynamically set CoDel parameters per station"
Tomi Valkeinen (1):
media: i2c: ds90ub913: Fix returned fmt from .set_fmt()
Tzung-Bi Shih (1):
drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled
Ulf Hansson (1):
pmdomain: core: Reset genpd->states to avoid freeing invalid data
Umang Jain (1):
media: imx335: Use correct register width for HNUM
Viacheslav Dubeyko (1):
ceph: avoid kernel BUG for encrypted inode with unaligned file size
Vijendar Mukunda (1):
ASoC: amd: sof_amd_sdw: Fix unlikely uninitialized variable use in create_sdw_dailinks()
Vinay Belgaumkar (1):
drm/xe/bmg: Update Wa_16023588340
Vitaliy Shevtsov (1):
scsi: elx: efct: Fix memory leak in efct_hw_parse_filter()
Vitaly Lifshits (1):
e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13
Vlad Dogaru (2):
net/mlx5: HWS, Fix IP version decision
net/mlx5: HWS, Harden IP version definer checks
Vladimir Oltean (2):
ptp: fix breakage after ptp_vclock_in_use() rework
ptp: allow reading of currently dialed frequency to succeed on free-running clocks
Víctor Gonzalo (1):
wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0
Wan Junjie (1):
bus: fsl-mc: fix GET/SET_TAILDROP command ids
WangYuli (1):
Input: sparcspkr - avoid unannotated fall-through
Wentao Liang (8):
ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params()
net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr()
net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid()
media: gspca: Add error handling for stv06xx_read_sensor()
mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk
mtd: nand: sunxi: Add randomizer configuration before randomizer enable
regulator: max14577: Add error check for max14577_read_reg()
octeontx2-pf: Add error log forcn10k_map_unmap_rq_policer()
Willem de Bruijn (2):
ipv6: remove leftover ip6 cookie initializer
ipv6: replace ipcm6_init calls with ipcm6_init_sk
Xiaolei Wang (2):
remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach()
remoteproc: core: Release rproc->clean_table after rproc_attach() fails
Xin Li (Intel) (1):
selftests/x86: Add a test to detect infinite SIGTRAP handler loop
Xu Yang (1):
phy: fsl-imx8mq-usb: fix phy_tx_vboost_level_from_property()
Yao Zi (3):
platform/loongarch: laptop: Get brightness setting from EC on probe
platform/loongarch: laptop: Unregister generic_sub_drivers on exit
platform/loongarch: laptop: Add backlight power control support
Ye Bin (1):
ftrace: Fix UAF when lookup kallsym after ftrace disabled
Yong Wang (2):
net: bridge: mcast: update multicast contex when vlan state is changed
net: bridge: mcast: re-implement br_multicast_{enable, disable}_port functions
Yosry Ahmed (1):
KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs
Yuanjun Gong (1):
ASoC: tegra210_ahub: Add check to of_device_get_match_data()
Zhang Yi (2):
ext4: factor out ext4_get_maxbytes()
ext4: ensure i_size is smaller than maxbytes
Zijun Hu (3):
configfs: Do not override creating attribute file failure in populate_attrs()
software node: Correct a OOB check in software_node_get_reference_args()
sock: Correct error checking condition for (assign|release)_proto_idx()
Zilin Guan (1):
tipc: use kfree_sensitive() for aead cleanup
gldrk (1):
ACPICA: utilities: Fix overflow check in vsnprintf()
wangdicheng (1):
ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card
zhangjian (1):
smb: client: fix first command failure during re-negotiation
3 days, 18 hours
- 1
- 1
Linux 6.6.95
by Greg Kroah-Hartman
I'm announcing the release of the 6.6.95 kernel.
All users of the 6.6 kernel series must upgrade.
The updated 6.6.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/admin-guide/kernel-parameters.txt | 2
Documentation/devicetree/bindings/i2c/nvidia,tegra20-i2c.yaml | 24 -
Makefile | 2
arch/arm/boot/dts/ti/omap/am335x-bone-common.dtsi | 2
arch/arm/mach-omap2/clockdomain.h | 1
arch/arm/mach-omap2/clockdomains33xx_data.c | 2
arch/arm/mach-omap2/cm33xx.c | 14
arch/arm/mach-omap2/pmic-cpcap.c | 6
arch/arm/mm/ioremap.c | 4
arch/arm64/include/asm/tlbflush.h | 9
arch/arm64/kernel/ptrace.c | 2
arch/arm64/mm/mmu.c | 3
arch/loongarch/include/asm/irqflags.h | 16
arch/loongarch/mm/hugetlbpage.c | 3
arch/mips/vdso/Makefile | 1
arch/parisc/boot/compressed/Makefile | 1
arch/parisc/kernel/unaligned.c | 2
arch/powerpc/include/asm/ppc_asm.h | 2
arch/powerpc/kernel/eeh.c | 2
arch/powerpc/kernel/vdso/Makefile | 2
arch/powerpc/platforms/pseries/msi.c | 7
arch/riscv/kvm/vcpu_sbi_replace.c | 8
arch/s390/kvm/gaccess.c | 8
arch/s390/pci/pci_mmio.c | 2
arch/x86/kernel/cpu/bugs.c | 10
arch/x86/kernel/cpu/sgx/main.c | 2
arch/x86/kvm/svm/svm.c | 2
arch/x86/kvm/vmx/vmx.c | 5
drivers/acpi/acpica/dsutils.c | 9
drivers/acpi/acpica/psobject.c | 52 --
drivers/acpi/acpica/utprint.c | 7
drivers/acpi/battery.c | 19
drivers/acpi/bus.c | 6
drivers/ata/pata_via.c | 3
drivers/atm/atmtcp.c | 4
drivers/base/power/runtime.c | 2
drivers/base/swnode.c | 2
drivers/block/aoe/aoedev.c | 8
drivers/block/ublk_drv.c | 3
drivers/bus/fsl-mc/fsl-mc-uapi.c | 4
drivers/bus/fsl-mc/mc-io.c | 19
drivers/bus/fsl-mc/mc-sys.c | 2
drivers/bus/mhi/ep/ring.c | 16
drivers/bus/mhi/host/pm.c | 18
drivers/bus/ti-sysc.c | 49 --
drivers/clk/meson/g12a.c | 1
drivers/clk/rockchip/clk-rk3036.c | 1
drivers/cpufreq/scmi-cpufreq.c | 36 +
drivers/cpufreq/tegra186-cpufreq.c | 7
drivers/crypto/marvell/cesa/cesa.c | 2
drivers/crypto/marvell/cesa/cesa.h | 9
drivers/crypto/marvell/cesa/tdma.c | 53 +-
drivers/dma-buf/udmabuf.c | 5
drivers/edac/altera_edac.c | 6
drivers/edac/amd64_edac.c | 1
drivers/gpio/gpio-mlxbf3.c | 54 +-
drivers/gpio/gpiolib-of.c | 9
drivers/gpu/drm/i915/i915_pmu.c | 4
drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys_vid.c | 14
drivers/gpu/drm/msm/dsi/phy/dsi_phy_10nm.c | 7
drivers/gpu/drm/nouveau/nouveau_backlight.c | 2
drivers/hv/connection.c | 23
drivers/hwmon/ftsteutates.c | 9
drivers/hwmon/occ/common.c | 240 ++++------
drivers/i2c/busses/i2c-designware-slave.c | 2
drivers/i2c/busses/i2c-npcm7xx.c | 12
drivers/i2c/busses/i2c-tegra.c | 5
drivers/iio/accel/fxls8962af-core.c | 15
drivers/iio/adc/ad7606_spi.c | 2
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 8
drivers/infiniband/core/iwcm.c | 29 -
drivers/input/keyboard/gpio_keys.c | 2
drivers/input/misc/ims-pcu.c | 6
drivers/input/misc/sparcspkr.c | 22
drivers/iommu/amd/iommu.c | 8
drivers/md/dm-raid1.c | 5
drivers/md/dm-verity-fec.c | 4
drivers/md/dm-verity-target.c | 8
drivers/md/dm-verity-verify-sig.c | 17
drivers/media/common/videobuf2/videobuf2-dma-sg.c | 4
drivers/media/i2c/ccs-pll.c | 11
drivers/media/i2c/ds90ub913.c | 4
drivers/media/i2c/ov5675.c | 5
drivers/media/i2c/ov8856.c | 9
drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_hevc_req_multi_if.c | 2
drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c | 59 +-
drivers/media/platform/nxp/imx8-isi/imx8-isi-m2m.c | 14
drivers/media/platform/qcom/venus/core.c | 16
drivers/media/platform/ti/davinci/vpif.c | 4
drivers/media/platform/ti/omap3isp/ispccdc.c | 8
drivers/media/platform/ti/omap3isp/ispstat.c | 6
drivers/media/test-drivers/vidtv/vidtv_channel.c | 2
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 2
drivers/media/usb/dvb-usb/cxusb.c | 3
drivers/media/usb/gspca/stv06xx/stv06xx_hdcs.c | 7
drivers/media/usb/uvc/uvc_ctrl.c | 23
drivers/media/usb/uvc/uvc_driver.c | 27 -
drivers/media/v4l2-core/v4l2-dev.c | 14
drivers/mmc/core/card.h | 6
drivers/mmc/core/quirks.h | 10
drivers/mmc/core/sd.c | 32 +
drivers/mtd/nand/raw/qcom_nandc.c | 2
drivers/mtd/nand/raw/sunxi_nand.c | 2
drivers/net/can/m_can/tcan4x5x-core.c | 9
drivers/net/ethernet/aquantia/atlantic/aq_main.c | 1
drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 2
drivers/net/ethernet/cadence/macb_main.c | 6
drivers/net/ethernet/cortina/gemini.c | 37 +
drivers/net/ethernet/dlink/dl2k.c | 14
drivers/net/ethernet/dlink/dl2k.h | 2
drivers/net/ethernet/emulex/benet/be_cmds.c | 2
drivers/net/ethernet/faraday/Kconfig | 1
drivers/net/ethernet/intel/e1000e/netdev.c | 14
drivers/net/ethernet/intel/e1000e/ptp.c | 8
drivers/net/ethernet/intel/i40e/i40e_common.c | 7
drivers/net/ethernet/intel/ice/ice_arfs.c | 48 ++
drivers/net/ethernet/intel/ice/ice_switch.c | 4
drivers/net/ethernet/marvell/octeontx2/nic/cn10k.c | 9
drivers/net/ethernet/mellanox/mlx4/en_ethtool.c | 1
drivers/net/ethernet/mellanox/mlx5/core/vport.c | 18
drivers/net/ethernet/microchip/lan743x_ethtool.c | 18
drivers/net/ethernet/microchip/lan743x_ptp.c | 2
drivers/net/ethernet/microchip/lan743x_ptp.h | 5
drivers/net/ethernet/pensando/ionic/ionic_main.c | 3
drivers/net/ethernet/ti/am65-cpsw-nuss.c | 24 -
drivers/net/ethernet/vertexcom/mse102x.c | 15
drivers/net/usb/asix.h | 1
drivers/net/usb/asix_common.c | 22
drivers/net/usb/asix_devices.c | 17
drivers/net/usb/ch9200.c | 7
drivers/net/vxlan/vxlan_core.c | 8
drivers/net/wireless/ath/ath11k/ce.c | 11
drivers/net/wireless/ath/ath11k/core.c | 55 ++
drivers/net/wireless/ath/ath11k/core.h | 7
drivers/net/wireless/ath/ath11k/dp_rx.c | 25 -
drivers/net/wireless/ath/ath11k/hal.c | 4
drivers/net/wireless/ath/ath11k/qmi.c | 9
drivers/net/wireless/ath/ath12k/ce.c | 11
drivers/net/wireless/ath/ath12k/ce.h | 6
drivers/net/wireless/ath/ath12k/dp_mon.c | 2
drivers/net/wireless/ath/ath12k/hal.c | 4
drivers/net/wireless/ath/ath12k/hal_desc.h | 2
drivers/net/wireless/ath/ath12k/pci.c | 3
drivers/net/wireless/ath/ath12k/wmi.c | 20
drivers/net/wireless/ath/carl9170/usb.c | 19
drivers/net/wireless/intel/iwlwifi/cfg/22000.c | 3
drivers/net/wireless/intel/iwlwifi/pcie/trans.c | 6
drivers/net/wireless/intersil/p54/fwio.c | 2
drivers/net/wireless/intersil/p54/p54.h | 1
drivers/net/wireless/intersil/p54/txrx.c | 13
drivers/net/wireless/mediatek/mt76/mt76x2/usb.c | 2
drivers/net/wireless/mediatek/mt76/mt76x2/usb_init.c | 13
drivers/net/wireless/mediatek/mt76/mt7921/main.c | 5
drivers/net/wireless/mediatek/mt76/mt7996/mac.c | 8
drivers/net/wireless/purelifi/plfxlc/usb.c | 4
drivers/net/wireless/realtek/rtlwifi/pci.c | 10
drivers/net/wireless/realtek/rtw88/usb.c | 2
drivers/net/wireless/realtek/rtw89/cam.c | 3
drivers/net/wireless/realtek/rtw89/pci.c | 69 ++
drivers/net/wireless/realtek/rtw89/pci.h | 1
drivers/net/wireless/virtual/mac80211_hwsim.c | 5
drivers/pci/controller/cadence/pcie-cadence-ep.c | 5
drivers/pci/controller/dwc/pcie-dw-rockchip.c | 2
drivers/pci/pci.c | 3
drivers/pci/quirks.c | 23
drivers/phy/freescale/phy-fsl-imx8mq-usb.c | 10
drivers/pinctrl/mvebu/pinctrl-armada-37xx.c | 21
drivers/pinctrl/pinctrl-mcp23s08.c | 8
drivers/platform/loongarch/loongson-laptop.c | 87 +--
drivers/platform/x86/amd/pmc/pmc.c | 2
drivers/platform/x86/dell/dell_rbu.c | 6
drivers/platform/x86/ideapad-laptop.c | 3
drivers/platform/x86/intel/uncore-frequency/uncore-frequency-tpmi.c | 9
drivers/power/supply/bq27xxx_battery.c | 2
drivers/power/supply/bq27xxx_battery_i2c.c | 13
drivers/power/supply/collie_battery.c | 1
drivers/ptp/ptp_clock.c | 3
drivers/ptp/ptp_private.h | 22
drivers/rapidio/rio_cm.c | 3
drivers/regulator/max14577-regulator.c | 5
drivers/regulator/max20086-regulator.c | 4
drivers/remoteproc/remoteproc_core.c | 6
drivers/s390/scsi/zfcp_sysfs.c | 2
drivers/scsi/elx/efct/efct_hw.c | 5
drivers/scsi/lpfc/lpfc_hbadisc.c | 2
drivers/scsi/lpfc/lpfc_sli.c | 4
drivers/scsi/storvsc_drv.c | 10
drivers/staging/iio/impedance-analyzer/ad5933.c | 2
drivers/tee/tee_core.c | 11
drivers/tty/serial/sh-sci.c | 16
drivers/uio/uio_hv_generic.c | 4
drivers/video/console/vgacon.c | 2
drivers/video/fbdev/core/fbcon.c | 7
drivers/video/fbdev/core/fbmem.c | 22
drivers/video/screen_info_pci.c | 79 ++-
drivers/watchdog/da9052_wdt.c | 1
fs/ceph/super.c | 1
fs/configfs/dir.c | 2
fs/ext4/ext4.h | 7
fs/ext4/extents.c | 18
fs/ext4/file.c | 7
fs/ext4/inline.c | 2
fs/ext4/inode.c | 10
fs/f2fs/compress.c | 23
fs/f2fs/f2fs.h | 5
fs/f2fs/inode.c | 10
fs/f2fs/namei.c | 9
fs/f2fs/segment.c | 6
fs/f2fs/super.c | 12
fs/gfs2/lock_dlm.c | 3
fs/jbd2/transaction.c | 5
fs/jffs2/erase.c | 4
fs/jffs2/scan.c | 4
fs/jffs2/summary.c | 7
fs/nfs/read.c | 3
fs/nfsd/nfs4proc.c | 3
fs/nfsd/nfssvc.c | 6
fs/smb/client/cached_dir.c | 14
fs/smb/client/cached_dir.h | 8
fs/smb/client/cifsglob.h | 1
fs/smb/client/connect.c | 17
fs/smb/client/namespace.c | 3
fs/smb/client/readdir.c | 28 -
fs/smb/client/reparse.c | 1
fs/smb/client/sess.c | 7
fs/smb/client/smb2pdu.c | 33 -
fs/smb/client/transport.c | 14
fs/smb/server/smb2pdu.c | 11
fs/xattr.c | 1
include/acpi/actypes.h | 2
include/linux/acpi.h | 9
include/linux/atmdev.h | 6
include/linux/hugetlb.h | 3
include/linux/mmc/card.h | 1
include/linux/netdevice.h | 3
include/net/checksum.h | 2
include/trace/events/erofs.h | 18
include/uapi/linux/bpf.h | 2
io_uring/io-wq.c | 4
io_uring/io_uring.c | 2
io_uring/kbuf.c | 2
ipc/shm.c | 5
kernel/bpf/helpers.c | 3
kernel/cgroup/legacy_freezer.c | 3
kernel/events/core.c | 80 ++-
kernel/exit.c | 17
kernel/time/clocksource.c | 2
kernel/trace/ftrace.c | 10
kernel/watchdog.c | 41 +
lib/Kconfig | 1
mm/huge_memory.c | 11
mm/hugetlb.c | 67 ++
mm/mmap.c | 6
mm/page-writeback.c | 2
net/atm/common.c | 1
net/atm/lec.c | 12
net/atm/raw.c | 2
net/bridge/br_mst.c | 4
net/bridge/br_multicast.c | 103 +++-
net/bridge/br_private.h | 11
net/core/filter.c | 24 -
net/core/skmsg.c | 3
net/core/sock.c | 4
net/core/utils.c | 4
net/ipv4/route.c | 4
net/ipv4/tcp_fastopen.c | 3
net/ipv4/tcp_input.c | 63 +-
net/ipv6/calipso.c | 8
net/ipv6/ila/ila_common.c | 6
net/mac80211/mesh_hwmp.c | 6
net/mac80211/tx.c | 6
net/mpls/af_mpls.c | 4
net/nfc/nci/uart.c | 8
net/sched/sch_sfq.c | 10
net/sched/sch_taprio.c | 6
net/sctp/socket.c | 3
net/sunrpc/svc.c | 11
net/sunrpc/xprtsock.c | 5
net/tipc/crypto.c | 2
net/tipc/udp_media.c | 4
net/wireless/core.c | 6
security/selinux/xfrm.c | 2
sound/pci/hda/hda_intel.c | 2
sound/pci/hda/patch_realtek.c | 1
sound/soc/amd/yc/acp6x-mach.c | 9
sound/soc/codecs/tas2770.c | 30 +
sound/soc/meson/meson-card-utils.c | 2
sound/soc/qcom/sdm845.c | 4
sound/soc/tegra/tegra210_ahub.c | 2
sound/usb/mixer_maps.c | 12
tools/include/uapi/linux/bpf.h | 2
tools/lib/bpf/btf.c | 16
tools/perf/util/print-events.c | 1
tools/testing/selftests/x86/Makefile | 2
tools/testing/selftests/x86/sigtrap_loop.c | 101 ++++
295 files changed, 2321 insertions(+), 1077 deletions(-)
Aditya Kumar Singh (1):
wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping
Ahmed Salem (1):
ACPICA: Avoid sequence overread in call to strncmp()
Akhil R (2):
i2c: tegra: check msg length in SMBUS block read
dt-bindings: i2c: nvidia,tegra20-i2c: Specify the required properties
Alan Maguire (1):
libbpf: Add identical pointer detection to btf_dedup_is_equiv()
Alexander Aring (1):
gfs2: move msleep to sleepable context
Alexander Sverdlin (1):
Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first"
Alexey Kodanev (1):
net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get()
Alok Tiwari (1):
emulex/benet: correct command version selection in be_cmd_get_stats()
Andreas Kemnade (1):
ARM: omap: pmic-cpcap: do not mess around without CPCAP or OMAP4
Andrew Morton (1):
drivers/rapidio/rio_cm.c: prevent possible heap overwrite
Andrew Zaborowski (1):
x86/sgx: Prevent attempts to reclaim poisoned pages
Anup Patel (2):
RISC-V: KVM: Fix the size parameter check in SBI SFENCE calls
RISC-V: KVM: Don't treat SBI HFENCE calls as NOPs
Armin Wolf (1):
ACPI: bus: Bail out if acpi_kobj registration fails
Arnd Bergmann (3):
parisc: fix building with gcc-15
hwmon: (occ) Rework attribute registration for stack usage
hwmon: (occ) fix unaligned accesses
Artem Sadovnikov (1):
jffs2: check that raw node were preallocated before writing summary
Avadhut Naik (1):
EDAC/amd64: Correct number of UMCs for family 19h models 70h-7fh
Balamurugan S (1):
wifi: ath12k: fix incorrect CE addresses
Baochen Qiang (2):
wifi: ath12k: fix a possible dead lock caused by ab->base_lock
wifi: ath11k: determine PM policy based on machine model
Benjamin Berg (1):
wifi: mac80211: do not offer a mesh path if forwarding is disabled
Benjamin Lin (1):
wifi: mt76: mt7996: drop fragments with multicast or broadcast RA
Bharath SM (2):
smb: improve directory cache reuse for readdir operations
smb: fix secondary channel creation issue with kerberos by populating hostname when adding channels
Bitterblue Smith (1):
wifi: rtw88: usb: Reduce control message timeout to 500 ms
Breno Leitao (1):
Revert "x86/bugs: Make spectre user default depend on MITIGATION_SPECTRE_V2" on v6.6 and older
Brett Creeley (1):
ionic: Prevent driver/fw getting out of sync on devcmd(s)
Brett Werling (1):
can: tcan4x5x: fix power regulator retrieval during probe
Brian Foster (1):
ext4: only dirty folios when data journaling regular files
Chao Gao (1):
KVM: VMX: Flush shadow VMCS on emergency reboot
Chao Yu (4):
f2fs: fix to do sanity check on ino and xnid
f2fs: fix to do sanity check on sit_bitmap_size
f2fs: use vmalloc instead of kvmalloc in .init_{,de}compress_ctx
f2fs: fix to set atomic write status more clear
Charan Teja Kalla (1):
PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn()
Chen Ridong (1):
cgroup,freezer: fix incomplete freezing when attaching tasks
Chin-Yen Lee (1):
wifi: rtw89: pci: use DBI function for 8852AE/8852BE/8851BE
Christian Lamparter (1):
wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()
Christophe Leroy (1):
powerpc/vdso: Fix build of VDSO32 with pcrel
Chuck Lever (1):
SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls
Claudiu Beznea (1):
serial: sh-sci: Increment the runtime usage counter for the earlycon device
Colin Foster (1):
ARM: dts: am335x-bone-common: Increase MDIO reset deassert time
Da Xue (1):
clk: meson-g12a: add missing fclk_div2 to spicc
Dan Carpenter (1):
Input: ims-pcu - check record size in ims_pcu_flash_firmware()
Daniel Wagner (1):
scsi: lpfc: Use memcpy() for BIOS version
David Lechner (1):
iio: adc: ad7606_spi: fix reg write value mask
David Thompson (1):
gpio: mlxbf3: only get IRQ for device instance 0
David Wei (1):
tcp: fix passive TFO socket having invalid NAPI ID
Denis Arefev (1):
media: vivid: Change the siize of the composing
Dennis Marttinen (1):
ceph: set superblock s_magic for IMA fsmagic matching
Dev Jain (1):
arm64: Restrict pagetable teardown to avoid false warning
Dexuan Cui (1):
scsi: storvsc: Increase the timeouts to storvsc_timeout
Dian-Syuan Yang (1):
wifi: rtw89: leave idle mode when setting WEP encryption for AP mode
Diederik de Haas (1):
PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit()
Dmitry Antipov (1):
wifi: carl9170: do not ping device which has failed to load firmware
Dmitry Nikiforov (1):
media: davinci: vpif: Fix memory leak in probe error path
Edward Adam Davis (4):
media: cxusb: no longer judge rbuf when the write fails
media: vidtv: Terminating the subsequent process of initialization failure
wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled
wifi: cfg80211: init wiphy_work before allocating rfkill fails
Eric Dumazet (5):
tcp: always seek for minimal rtt in tcp_rcv_rtt_update()
tcp: fix initial tp->rcvq_space.space value for passive TS enabled flows
net_sched: sch_sfq: reject invalid perturb period
net: atm: add lec_mutex
net: atm: fix /proc/net/atm/lec handling
Erick Shepherd (1):
mmc: Add quirk to disable DDR50 tuning
Fedor Pchelkin (1):
jffs2: check jffs2_prealloc_raw_node_refs() result in few other places
Fei Shao (1):
media: mediatek: vcodec: Correct vsi_core framebuffer size
GONG Ruiqi (1):
vgacon: Add check for vc_origin address range in vgacon_scroll()
Gabor Juhos (4):
pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name()
pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction()
pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction()
pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get()
Gabriel Shahrouzi (1):
staging: iio: ad5933: Correct settling cycles encoding per datasheet
Gao Xiang (1):
erofs: remove unused trace event erofs_destroy_inode
Gatien Chevallier (1):
Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer()
Gautam Menghani (1):
powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states
Gavin Guo (1):
mm/huge_memory: fix dereferencing invalid pmd migration entry
Geert Uytterhoeven (1):
ARM: dts: am335x-bone-common: Increase MDIO reset deassert delay to 50ms
Greg Kroah-Hartman (1):
Linux 6.6.95
Gui-Dong Han (1):
hwmon: (ftsteutates) Fix TOCTOU race in fts_read()
Guilherme G. Piccoli (1):
clocksource: Fix the CPUs' choice in the watchdog per CPU verification
Haixia Qu (1):
tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer
Hari Chandrakanthan (1):
wifi: ath12k: fix link valid field initialization in the monitor Rx
Hector Martin (1):
ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change
Heiko Carstens (1):
s390/pci: Fix __pcilg_mio_inuser() inline assembly
Heiko Stuebner (1):
clk: rockchip: rk3036: mark ddrphy as critical
Heiner Kallweit (1):
net: ftgmac100: select FIXED_PHY
Helge Deller (1):
parisc/unaligned: Fix hex output to show 8 hex chars
Henk Vergonet (1):
wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R
Herbert Xu (1):
crypto: marvell/cesa - Do not chain submitted requests
Hou Tao (1):
bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()
Huacai Chen (2):
PCI: Add ACS quirk for Loongson PCIe
LoongArch: Avoid using $r0/$r1 as "mask" for csrxchg
Hyunwoo Kim (1):
net/sched: fix use-after-free in taprio_dev_notifier
Ian Rogers (1):
perf evsel: Missed close() when probing hybrid core PMUs
Ido Schimmel (1):
vxlan: Do not treat dst cache initialization errors as fatal
Ilpo Järvinen (1):
PCI: Fix lock symmetry in pci_slot_unlock()
Ioana Ciornei (1):
bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device
Jacob Keller (1):
drm/nouveau/bl: increase buffer size to avoid truncate warning
Jaegeuk Kim (1):
f2fs: prevent kernel warning due to negative i_nlink from corrupted image
Jakub Kicinski (2):
net: clear the dst when changing skb protocol
net: make for_each_netdev_dump() a little more bug-proof
James A. MacInnes (1):
drm/msm/disp: Correct porch timing for SDM845
Jan Kara (1):
ext4: fix calculation of credits for extent tree modification
Jann Horn (3):
mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
tee: Prevent size calculation wraparound on 32-bit kernels
mm/hugetlb: unshare page tables during VMA split, not before
Jason Xing (2):
net: atlantic: generate software timestamp just before the doorbell
net: mlx4: add SOF_TIMESTAMPING_TX_SOFTWARE flag when getting ts info
Jeff Hugo (1):
bus: mhi: host: Fix conflict between power_up and SYSERR
Jeff Layton (1):
sunrpc: handle SVC_GARBAGE during svc auth processing as auth error
Jeongjun Park (2):
jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()
ipc: fix to protect IPCS lookups using RCU
Jerry Lv (1):
power: supply: bq27xxx: Retrieve again when busy
Jiayuan Chen (1):
bpf, sockmap: Fix data lost during EAGAIN retries
Jinliang Zheng (1):
mm: fix ratelimit_pages update error in dirty_ratio_handler()
Johan Hovold (5):
wifi: ath11k: fix rx completion meta data corruption
wifi: ath11k: fix ring-buffer corruption
wifi: ath12k: fix ring-buffer corruption
media: ov8856: suppress probe deferral errors
media: ov5675: suppress probe deferral errors
Jon Hunter (1):
Revert "cpufreq: tegra186: Share policy per cluster"
Jonathan Lane (1):
ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged
João Paulo Gonçalves (2):
regulator: max20086: Fix MAX200086 chip id
regulator: max20086: Change enable gpio to optional
Justin Sanders (1):
aoe: clean device rq_list in aoedev_downdev()
Justin Tee (1):
scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands
Kang Yang (1):
wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET
Kees Cook (1):
fbcon: Make sure modelist not set on unregistered console
Khem Raj (1):
mips: Add -std= flag specified in KBUILD_CFLAGS to vdso CFLAGS
Krishna Kumar (1):
net: ice: Perform accurate aRFS flow match
Krzysztof Hałasa (1):
usbnet: asix AX88772: leave the carrier control to phylink
Krzysztof Kozlowski (3):
NFC: nci: uart: Set tty->disc_data only in success path
power: supply: collie: Fix wakeup source leaks on device unbind
drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate
Kuniyuki Iwashima (4):
atm: Revert atm_account_tx() if copy_from_iter_full() fails.
mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu().
atm: atmtcp: Free invalid length skb in atmtcp_c_send().
calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().
Kyungwook Boo (1):
i40e: fix MMIO write access to an invalid page in i40e_clear_hw
Laurentiu Palcu (1):
media: nxp: imx8-isi: better handle the m2m usage_count
Laurentiu Tudor (1):
bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value
Li Lingfeng (1):
nfsd: Initialize ssc before laundromat_work to prevent NULL dereference
Linus Walleij (1):
net: ethernet: cortina: Use TOE/TSO on all TCP
Loic Poulain (1):
media: venus: Fix probe error handling
Long Li (2):
Drivers: hv: Allocate interrupt and monitor pages aligned to system page boundary
uio_hv_generic: Use correct size for interrupt and monitor pages
Lorenzo Stoakes (1):
KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY
Luo Gengkun (2):
watchdog: fix watchdog may detect false positive of softlockup
perf/core: Fix WARN in perf_cgroup_switch()
Ma Ke (1):
media: v4l2-dev: fix error handling in __video_register_device()
Marcus Folkesson (1):
watchdog: da9052_wdt: respect TWDMIN
Marek Szyprowski (3):
media: omap3isp: use sgtable-based scatterlist wrappers
media: videobuf2: use sgtable-based scatterlist wrappers
udmabuf: use sgtable-based scatterlist wrappers
Mario Limonciello (2):
ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case
platform/x86/amd: pmc: Clear metrics table at start of cycle
Martin Blumenstingl (1):
ASoC: meson: meson-card-utils: use of_property_present() for DT parsing
Mateusz Pacuszka (1):
ice: fix check for existing switch rule
Max Kellermann (1):
fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio()
Md Sadre Alam (1):
mtd: rawnand: qcom: Fix read len for onfi param page
Michael Walle (1):
net: ethernet: ti: am65-cpsw: handle -EPROBE_DEFER
Mike Looijmans (1):
pinctrl: mcp23s08: Reset all pins to input at probe
Mike Tipton (1):
cpufreq: scmi: Skip SCMI devices that aren't used by the CPUs
Mikulas Patocka (2):
dm-mirror: fix a tiny race condition
dm-verity: fix a memory leak if some arguments are specified multiple times
Ming Qian (4):
media: imx-jpeg: Drop the first error frames
media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead
media: imx-jpeg: Reset slot data pointers when freed
media: imx-jpeg: Cleanup after an allocation error
Mingcong Bai (1):
wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723
Miri Korenblit (1):
wifi: iwlwifi: pcie: make sure to lock rxq->read
Moon Yeounsu (1):
net: dlink: add synchronization for stats update
Muhammad Usama Anjum (1):
wifi: ath11k: Fix QMI memory reuse logic
Muna Sinada (1):
wifi: mac80211: VLAN traffic in multicast path
Murad Masimov (2):
fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var
fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var
Namjae Jeon (1):
ksmbd: fix null pointer dereference in destroy_previous_session
Narayana Murty N (1):
powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery
Neal Cardwell (1):
tcp: fix tcp_packet_delayed() for tcp_is_non_sack_preventing_reopen() behavior
NeilBrown (1):
nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request
Niklas Cassel (1):
PCI: cadence-ep: Correct PBA offset in .set_msix() callback
Niravkumar L Rabara (1):
EDAC/altera: Use correct write width with the INTTEST register
Pali Rohár (1):
cifs: Remove duplicate fattr->cf_dtype assignment from wsl_to_fattr() function
Paul Aurich (1):
smb: Log an error when close_all_cached_dirs fails
Paul Chaignon (2):
net: Fix checksum update for ILA adj-transport
bpf: Fix L4 csum update on IPv6 in CHECKSUM_COMPLETE
Pavel Begunkov (2):
io_uring: account drain memory to cgroup
io_uring/kbuf: account ring io_buffer_list memory
Peng Fan (1):
gpiolib: of: Add polarity quirk for s5m8767
Penglei Jiang (1):
io_uring: fix task leak issue in io_wq_create()
Peter Marheine (1):
ACPI: battery: negate current when discharging
Peter Oberparleiter (1):
scsi: s390: zfcp: Ensure synchronous unit_add
Peter Zijlstra (2):
perf: Fix sample vs do_exit()
perf: Fix cgroup state vs ERROR
Petr Malat (1):
sctp: Do not wake readers in __sctp_write_space()
Qasim Ijaz (1):
net: ch9200: fix uninitialised access during mii_nway_restart
Renato Caldas (1):
platform/x86: ideapad-laptop: add missing Ideapad Pro 5 fn keys
Rengarajan S (2):
net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices
net: microchip: lan743x: Reduce PTP timeout on HW failure
Ricardo Ribalda (3):
media: uvcvideo: Return the number of processed controls
media: uvcvideo: Send control events for partial succeeds
media: uvcvideo: Fix deferred probing error
Ronnie Sahlberg (1):
ublk: santizize the arguments from userspace when adding a device
Ross Stutterheim (1):
ARM: 9447/1: arm/memremap: fix arch_memremap_can_ram_remap()
Ruben Devos (1):
smb: client: add NULL check in automount_fullpath
Ryan Roberts (1):
arm64/mm: Close theoretical race where stale TLB entry remains valid
Sakari Ailus (4):
media: ccs-pll: Start VT pre-PLL multiplier search from correct value
media: ccs-pll: Start OP pre-PLL multiplier search from correct value
media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div
media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case
Salah Triki (1):
wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn()
Samuel Williams (1):
wifi: mt76: mt7921: add 160 MHz AP for mt7922 device
Sean Christopherson (1):
iommu/amd: Ensure GA log notifier callbacks finish running before module unload
Sean Nyekjaer (3):
iio: accel: fxls8962af: Fix temperature scan element sign
iio: imu: inv_icm42600: Fix temperature calculation
iio: accel: fxls8962af: Fix temperature calculation
Sebastian Andrzej Siewior (1):
ipv4/route: Use this_cpu_inc() for stats on PREEMPT_RT
Sergio Perez Gonzalez (1):
net: macb: Check return value of dma_set_mask_and_coherent()
Seunghun Han (2):
ACPICA: fix acpi operand cache leak in dswstate.c
ACPICA: fix acpi parse and parseext cache leaks
Shin'ichiro Kawasaki (1):
RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction
Shyam Prasad N (6):
cifs: reset connections for all channels when reconnect requested
cifs: update dstaddr whenever channel iface is updated
cifs: dns resolution is needed only for primary channel
cifs: deal with the channel loading lag while picking channels
cifs: serialize other channels when query server interfaces is pending
cifs: do not disable interface polling on failure
Simon Horman (1):
pldmfw: Select CRC32 when PLDMFW is selected
Srinivas Pandruvada (1):
platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL
Stefan Wahren (1):
net: vertexcom: mse102x: Return code for mse102x_rx_pkt_spi
Stephen Smalley (2):
fs/xattr.c: fix simple_xattr_list()
selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len
Stuart Hayes (2):
platform/x86: dell_rbu: Fix list usage
platform/x86: dell_rbu: Stop overwriting data buffer
Sukrut Bellary (1):
ARM: OMAP2+: Fix l4ls clk domain handling in STANDBY
Sumit Kumar (1):
bus: mhi: ep: Update read pointer only after buffer is written
Suraj P Kizhakkethil (1):
wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz
Takashi Iwai (1):
ALSA: hda/intel: Add Thinkpad E15 to PM deny list
Talhah Peerbhai (1):
ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9
Tali Perry (1):
i2c: npcm: Add clock toggle recovery
Tan En De (1):
i2c: designware: Invoke runtime suspend on quick slave re-registration
Tasos Sahanidis (1):
ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330
Tengda Wu (1):
arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()
Thadeu Lima de Souza Cascardo (1):
ext4: inline: fix len overflow in ext4_prepare_inline_data
Thomas Zimmermann (1):
video: screen_info: Relocate framebuffers behind PCI bridges
Tianyang Zhang (1):
LoongArch: Fix panic caused by NULL-PMD in huge_pte_offset()
Tomi Valkeinen (1):
media: i2c: ds90ub913: Fix returned fmt from .set_fmt()
Tzung-Bi Shih (1):
drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled
Vitaliy Shevtsov (1):
scsi: elx: efct: Fix memory leak in efct_hw_parse_filter()
Vitaly Lifshits (1):
e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13
Vladimir Oltean (2):
ptp: fix breakage after ptp_vclock_in_use() rework
ptp: allow reading of currently dialed frequency to succeed on free-running clocks
Víctor Gonzalo (1):
wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0
Wan Junjie (1):
bus: fsl-mc: fix GET/SET_TAILDROP command ids
WangYuli (1):
Input: sparcspkr - avoid unannotated fall-through
Wentao Liang (8):
ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params()
net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr()
net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid()
media: gspca: Add error handling for stv06xx_read_sensor()
mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk
mtd: nand: sunxi: Add randomizer configuration before randomizer enable
regulator: max14577: Add error check for max14577_read_reg()
octeontx2-pf: Add error log forcn10k_map_unmap_rq_policer()
Xiaolei Wang (2):
remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach()
remoteproc: core: Release rproc->clean_table after rproc_attach() fails
Xin Li (Intel) (1):
selftests/x86: Add a test to detect infinite SIGTRAP handler loop
Xu Yang (1):
phy: fsl-imx8mq-usb: fix phy_tx_vboost_level_from_property()
Yao Zi (3):
platform/loongarch: laptop: Get brightness setting from EC on probe
platform/loongarch: laptop: Unregister generic_sub_drivers on exit
platform/loongarch: laptop: Add backlight power control support
Ye Bin (1):
ftrace: Fix UAF when lookup kallsym after ftrace disabled
Yong Wang (2):
net: bridge: mcast: update multicast contex when vlan state is changed
net: bridge: mcast: re-implement br_multicast_{enable, disable}_port functions
Yosry Ahmed (1):
KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs
Yuanjun Gong (1):
ASoC: tegra210_ahub: Add check to of_device_get_match_data()
Zhang Yi (2):
ext4: factor out ext4_get_maxbytes()
ext4: ensure i_size is smaller than maxbytes
Zijun Hu (3):
configfs: Do not override creating attribute file failure in populate_attrs()
software node: Correct a OOB check in software_node_get_reference_args()
sock: Correct error checking condition for (assign|release)_proto_idx()
Zilin Guan (1):
tipc: use kfree_sensitive() for aead cleanup
gldrk (1):
ACPICA: utilities: Fix overflow check in vsnprintf()
wangdicheng (1):
ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card
zhangjian (1):
smb: client: fix first command failure during re-negotiation
3 days, 18 hours
- 1
- 1
Linux 6.1.142
by Greg Kroah-Hartman
I'm announcing the release of the 6.1.142 kernel.
All users of the 6.1 kernel series must upgrade.
The updated 6.1.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/ABI/testing/sysfs-fs-xfs | 8
Documentation/admin-guide/kernel-parameters.txt | 2
Documentation/devicetree/bindings/i2c/nvidia,tegra20-i2c.yaml | 24
Documentation/devicetree/bindings/vendor-prefixes.yaml | 2
Makefile | 6
arch/arm/boot/dts/am335x-bone-common.dtsi | 8
arch/arm/boot/dts/at91sam9263ek.dts | 2
arch/arm/boot/dts/qcom-apq8064.dtsi | 13
arch/arm/boot/dts/tny_a9263.dts | 2
arch/arm/boot/dts/usb_a9263.dts | 4
arch/arm/mach-aspeed/Kconfig | 1
arch/arm/mach-omap2/clockdomain.h | 1
arch/arm/mach-omap2/clockdomains33xx_data.c | 2
arch/arm/mach-omap2/cm33xx.c | 14
arch/arm/mach-omap2/pmic-cpcap.c | 6
arch/arm/mm/ioremap.c | 4
arch/arm64/Kconfig | 6
arch/arm64/boot/dts/freescale/imx8mm-beacon-som.dtsi | 1
arch/arm64/boot/dts/freescale/imx8mm-verdin.dtsi | 1
arch/arm64/boot/dts/freescale/imx8mn-beacon-som.dtsi | 1
arch/arm64/boot/dts/marvell/armada-3720-uDPU.dtsi | 8
arch/arm64/boot/dts/mediatek/mt6359.dtsi | 4
arch/arm64/boot/dts/mediatek/mt8195.dtsi | 50 +
arch/arm64/boot/dts/qcom/sda660-inforce-ifc6560.dts | 2
arch/arm64/boot/dts/qcom/sdm660-xiaomi-lavender.dts | 3
arch/arm64/boot/dts/qcom/sm8250.dtsi | 2
arch/arm64/boot/dts/rockchip/rk3399-puma-haikou.dts | 8
arch/arm64/boot/dts/ti/k3-am65-main.dtsi | 20
arch/arm64/boot/dts/ti/k3-j721e-sk.dts | 31 +
arch/arm64/configs/defconfig | 3
arch/arm64/kernel/fpsimd.c | 4
arch/arm64/kernel/ptrace.c | 2
arch/arm64/xen/hypercall.S | 21
arch/loongarch/include/asm/irqflags.h | 16
arch/m68k/mac/config.c | 2
arch/mips/Makefile | 2
arch/mips/boot/dts/loongson/loongson64c_4core_ls7a.dts | 1
arch/mips/vdso/Makefile | 1
arch/parisc/boot/compressed/Makefile | 1
arch/parisc/kernel/unaligned.c | 2
arch/powerpc/kernel/eeh.c | 2
arch/powerpc/kexec/crash.c | 5
arch/powerpc/platforms/book3s/vas-api.c | 9
arch/powerpc/platforms/powernv/memtrace.c | 8
arch/powerpc/platforms/pseries/msi.c | 7
arch/riscv/kvm/vcpu_sbi_replace.c | 8
arch/s390/kvm/gaccess.c | 8
arch/s390/net/bpf_jit_comp.c | 12
arch/s390/pci/pci_mmio.c | 2
arch/x86/kernel/cpu/bugs.c | 10
arch/x86/kernel/cpu/common.c | 17
arch/x86/kernel/cpu/mtrr/generic.c | 2
arch/x86/kernel/cpu/sgx/main.c | 2
arch/x86/kernel/ioport.c | 13
arch/x86/kernel/process.c | 6
arch/x86/kvm/svm/svm.c | 2
crypto/lrw.c | 4
crypto/xts.c | 4
drivers/acpi/acpica/dsutils.c | 9
drivers/acpi/acpica/psobject.c | 52 -
drivers/acpi/acpica/utprint.c | 7
drivers/acpi/apei/Kconfig | 1
drivers/acpi/apei/ghes.c | 2
drivers/acpi/battery.c | 19
drivers/acpi/bus.c | 6
drivers/acpi/cppc_acpi.c | 2
drivers/acpi/osi.c | 1
drivers/ata/pata_via.c | 3
drivers/atm/atmtcp.c | 4
drivers/base/power/domain.c | 2
drivers/base/power/main.c | 3
drivers/base/power/runtime.c | 2
drivers/base/swnode.c | 2
drivers/block/aoe/aoedev.c | 8
drivers/bluetooth/hci_qca.c | 14
drivers/bus/fsl-mc/fsl-mc-bus.c | 6
drivers/bus/fsl-mc/fsl-mc-uapi.c | 4
drivers/bus/fsl-mc/mc-io.c | 19
drivers/bus/fsl-mc/mc-sys.c | 2
drivers/bus/mhi/host/pm.c | 18
drivers/bus/ti-sysc.c | 49 -
drivers/clk/bcm/clk-raspberrypi.c | 2
drivers/clk/meson/g12a.c | 1
drivers/clk/qcom/dispcc-sm6350.c | 3
drivers/clk/qcom/gcc-msm8939.c | 4
drivers/clk/qcom/gcc-sm6350.c | 6
drivers/clk/qcom/gpucc-sm6350.c | 6
drivers/clk/rockchip/clk-rk3036.c | 1
drivers/counter/interrupt-cnt.c | 9
drivers/cpufreq/acpi-cpufreq.c | 2
drivers/cpufreq/scmi-cpufreq.c | 36 +
drivers/cpufreq/tegra186-cpufreq.c | 7
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c | 7
drivers/crypto/allwinner/sun8i-ce/sun8i-ce.h | 2
drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c | 2
drivers/crypto/marvell/cesa/cesa.c | 2
drivers/crypto/marvell/cesa/cesa.h | 9
drivers/crypto/marvell/cesa/cipher.c | 3
drivers/crypto/marvell/cesa/hash.c | 2
drivers/crypto/marvell/cesa/tdma.c | 53 +
drivers/dma-buf/udmabuf.c | 5
drivers/dma/ti/k3-udma.c | 3
drivers/edac/altera_edac.c | 6
drivers/edac/skx_common.c | 1
drivers/firmware/Kconfig | 1
drivers/firmware/arm_sdei.c | 11
drivers/firmware/efi/libstub/efi-stub-helper.c | 1
drivers/firmware/psci/psci.c | 4
drivers/gpu/drm/amd/display/dc/dml/Makefile | 3
drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c | 8
drivers/gpu/drm/bridge/lontium-lt9611uxc.c | 6
drivers/gpu/drm/meson/meson_drv.c | 2
drivers/gpu/drm/meson/meson_drv.h | 2
drivers/gpu/drm/meson/meson_encoder_hdmi.c | 29 -
drivers/gpu/drm/meson/meson_vclk.c | 226 ++++----
drivers/gpu/drm/meson/meson_vclk.h | 13
drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys_vid.c | 14
drivers/gpu/drm/msm/dsi/phy/dsi_phy_10nm.c | 7
drivers/gpu/drm/nouveau/nouveau_backlight.c | 2
drivers/gpu/drm/rcar-du/rcar_du_kms.c | 10
drivers/gpu/drm/tegra/rgb.c | 14
drivers/gpu/drm/vkms/vkms_crtc.c | 2
drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c | 26
drivers/hid/hid-hyperv.c | 4
drivers/hid/usbhid/hid-core.c | 25
drivers/hwmon/asus-ec-sensors.c | 4
drivers/hwmon/occ/common.c | 240 +++------
drivers/hwtracing/coresight/coresight-config.h | 2
drivers/hwtracing/coresight/coresight-syscfg.c | 49 +
drivers/i2c/busses/i2c-designware-slave.c | 2
drivers/i2c/busses/i2c-npcm7xx.c | 12
drivers/i2c/busses/i2c-tegra.c | 5
drivers/iio/accel/fxls8962af-core.c | 15
drivers/iio/adc/ad7124.c | 4
drivers/iio/adc/ad7606_spi.c | 2
drivers/iio/filter/admv8818.c | 224 ++++++--
drivers/iio/imu/inv_icm42600/inv_icm42600_temp.c | 8
drivers/infiniband/core/cm.c | 16
drivers/infiniband/core/cma.c | 3
drivers/infiniband/core/iwcm.c | 29 -
drivers/infiniband/hw/hns/hns_roce_ah.c | 1
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 1
drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 1
drivers/infiniband/hw/hns/hns_roce_main.c | 1
drivers/infiniband/hw/hns/hns_roce_restrack.c | 1
drivers/infiniband/hw/mlx5/qpc.c | 30 +
drivers/input/keyboard/gpio_keys.c | 2
drivers/input/misc/ims-pcu.c | 6
drivers/input/misc/sparcspkr.c | 22
drivers/input/rmi4/rmi_f34.c | 135 ++---
drivers/iommu/Kconfig | 1
drivers/iommu/amd/iommu.c | 8
drivers/iommu/iommu.c | 4
drivers/md/dm-raid1.c | 5
drivers/md/dm.c | 30 -
drivers/media/common/videobuf2/videobuf2-dma-sg.c | 4
drivers/media/i2c/ccs-pll.c | 11
drivers/media/i2c/ov8856.c | 9
drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c | 12
drivers/media/platform/qcom/venus/core.c | 16
drivers/media/platform/ti/davinci/vpif.c | 4
drivers/media/platform/ti/omap3isp/ispccdc.c | 8
drivers/media/platform/ti/omap3isp/ispstat.c | 6
drivers/media/test-drivers/vidtv/vidtv_channel.c | 2
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 2
drivers/media/usb/dvb-usb/cxusb.c | 3
drivers/media/usb/gspca/stv06xx/stv06xx_hdcs.c | 7
drivers/media/usb/uvc/uvc_ctrl.c | 23
drivers/media/usb/uvc/uvc_driver.c | 27 -
drivers/media/v4l2-core/v4l2-dev.c | 14
drivers/mfd/exynos-lpass.c | 1
drivers/mfd/stmpe-spi.c | 2
drivers/misc/vmw_vmci/vmci_host.c | 11
drivers/mmc/core/card.h | 6
drivers/mmc/core/quirks.h | 10
drivers/mmc/core/sd.c | 32 -
drivers/mtd/nand/ecc-mxic.c | 2
drivers/mtd/nand/raw/sunxi_nand.c | 2
drivers/net/can/m_can/tcan4x5x-core.c | 9
drivers/net/ethernet/aquantia/atlantic/aq_main.c | 1
drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 2
drivers/net/ethernet/cadence/macb_main.c | 6
drivers/net/ethernet/cortina/gemini.c | 37 +
drivers/net/ethernet/dlink/dl2k.c | 14
drivers/net/ethernet/dlink/dl2k.h | 2
drivers/net/ethernet/emulex/benet/be_cmds.c | 2
drivers/net/ethernet/faraday/Kconfig | 1
drivers/net/ethernet/google/gve/gve_main.c | 2
drivers/net/ethernet/google/gve/gve_tx_dqo.c | 3
drivers/net/ethernet/intel/i40e/i40e_common.c | 7
drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 11
drivers/net/ethernet/intel/ice/ice_arfs.c | 48 +
drivers/net/ethernet/intel/ice/ice_sched.c | 181 +++++-
drivers/net/ethernet/intel/ice/ice_switch.c | 4
drivers/net/ethernet/marvell/octeontx2/nic/cn10k.c | 9
drivers/net/ethernet/mediatek/mtk_star_emac.c | 4
drivers/net/ethernet/mellanox/mlx4/en_clock.c | 2
drivers/net/ethernet/mellanox/mlx4/en_ethtool.c | 1
drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 12
drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 5
drivers/net/ethernet/mellanox/mlx5/core/pagealloc.c | 2
drivers/net/ethernet/mellanox/mlx5/core/vport.c | 18
drivers/net/ethernet/microchip/lan743x_ethtool.c | 18
drivers/net/ethernet/microchip/lan743x_main.c | 4
drivers/net/ethernet/microchip/lan743x_ptp.c | 2
drivers/net/ethernet/microchip/lan743x_ptp.h | 5
drivers/net/ethernet/microchip/lan966x/lan966x_main.c | 1
drivers/net/ethernet/microchip/lan966x/lan966x_main.h | 1
drivers/net/ethernet/microchip/lan966x/lan966x_switchdev.c | 1
drivers/net/ethernet/microchip/lan966x/lan966x_vlan.c | 21
drivers/net/ethernet/pensando/ionic/ionic_main.c | 3
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 5
drivers/net/ethernet/stmicro/stmmac/stmmac_platform.c | 11
drivers/net/ethernet/stmicro/stmmac/stmmac_ptp.c | 2
drivers/net/ethernet/vertexcom/mse102x.c | 15
drivers/net/macsec.c | 40 +
drivers/net/phy/mdio_bus.c | 16
drivers/net/phy/mscc/mscc_ptp.c | 20
drivers/net/usb/aqc111.c | 10
drivers/net/usb/ch9200.c | 7
drivers/net/vmxnet3/vmxnet3_drv.c | 26
drivers/net/vxlan/vxlan_core.c | 8
drivers/net/wireguard/device.c | 1
drivers/net/wireless/ath/ath10k/snoc.c | 4
drivers/net/wireless/ath/ath11k/ce.c | 11
drivers/net/wireless/ath/ath11k/core.c | 37 -
drivers/net/wireless/ath/ath11k/core.h | 4
drivers/net/wireless/ath/ath11k/debugfs.c | 61 +-
drivers/net/wireless/ath/ath11k/dp_rx.c | 25
drivers/net/wireless/ath/ath11k/hal.c | 4
drivers/net/wireless/ath/ath11k/mac.c | 4
drivers/net/wireless/ath/ath11k/qmi.c | 9
drivers/net/wireless/ath/ath11k/testmode.c | 64 --
drivers/net/wireless/ath/ath11k/testmode.h | 8
drivers/net/wireless/ath/ath11k/wmi.c | 2
drivers/net/wireless/ath/ath9k/htc_drv_beacon.c | 3
drivers/net/wireless/ath/carl9170/usb.c | 19
drivers/net/wireless/intersil/p54/fwio.c | 2
drivers/net/wireless/intersil/p54/p54.h | 1
drivers/net/wireless/intersil/p54/txrx.c | 13
drivers/net/wireless/mac80211_hwsim.c | 5
drivers/net/wireless/mediatek/mt76/mt76x2/usb.c | 2
drivers/net/wireless/mediatek/mt76/mt76x2/usb_init.c | 13
drivers/net/wireless/mediatek/mt76/mt7921/main.c | 5
drivers/net/wireless/purelifi/plfxlc/usb.c | 4
drivers/net/wireless/realtek/rtlwifi/pci.c | 10
drivers/net/wireless/realtek/rtw88/coex.c | 2
drivers/net/wireless/realtek/rtw88/rtw8822c.c | 3
drivers/nvme/target/fcloop.c | 31 -
drivers/pci/controller/cadence/pcie-cadence-ep.c | 5
drivers/pci/controller/cadence/pcie-cadence-host.c | 11
drivers/pci/controller/dwc/pcie-dw-rockchip.c | 2
drivers/pci/controller/pcie-apple.c | 4
drivers/pci/pci.c | 3
drivers/pci/pcie/dpc.c | 2
drivers/pci/quirks.c | 23
drivers/phy/qualcomm/phy-qcom-qmp-usb.c | 6
drivers/pinctrl/mvebu/pinctrl-armada-37xx.c | 35 -
drivers/pinctrl/pinctrl-at91.c | 6
drivers/pinctrl/pinctrl-mcp23s08.c | 8
drivers/pinctrl/qcom/pinctrl-qcm2290.c | 9
drivers/platform/loongarch/loongson-laptop.c | 87 +--
drivers/platform/x86/dell/dell_rbu.c | 6
drivers/platform/x86/ideapad-laptop.c | 3
drivers/power/reset/at91-reset.c | 5
drivers/power/supply/bq27xxx_battery.c | 2
drivers/power/supply/bq27xxx_battery_i2c.c | 13
drivers/ptp/ptp_clock.c | 3
drivers/ptp/ptp_private.h | 12
drivers/rapidio/rio_cm.c | 3
drivers/regulator/max14577-regulator.c | 5
drivers/regulator/max20086-regulator.c | 10
drivers/remoteproc/qcom_wcnss_iris.c | 2
drivers/remoteproc/remoteproc_core.c | 6
drivers/remoteproc/ti_k3_r5_remoteproc.c | 8
drivers/rpmsg/qcom_smd.c | 2
drivers/rtc/class.c | 2
drivers/rtc/lib.c | 24
drivers/rtc/rtc-sh.c | 12
drivers/s390/scsi/zfcp_sysfs.c | 2
drivers/scsi/elx/efct/efct_hw.c | 5
drivers/scsi/hisi_sas/hisi_sas_main.c | 29 -
drivers/scsi/lpfc/lpfc_hbadisc.c | 2
drivers/scsi/lpfc/lpfc_sli.c | 4
drivers/scsi/qedf/qedf_main.c | 2
drivers/scsi/scsi_transport_iscsi.c | 11
drivers/scsi/storvsc_drv.c | 10
drivers/soc/aspeed/aspeed-lpc-snoop.c | 17
drivers/spi/spi-bcm63xx-hsspi.c | 2
drivers/spi/spi-bcm63xx.c | 2
drivers/spi/spi-sh-msiof.c | 13
drivers/spi/spi-tegra210-quad.c | 24
drivers/staging/iio/impedance-analyzer/ad5933.c | 2
drivers/staging/media/rkvdec/rkvdec.c | 10
drivers/tee/tee_core.c | 11
drivers/thunderbolt/ctl.c | 5
drivers/tty/serial/milbeaut_usio.c | 5
drivers/tty/serial/sh-sci.c | 97 ++-
drivers/tty/vt/vt_ioctl.c | 2
drivers/ufs/core/ufshcd.c | 7
drivers/uio/uio_hv_generic.c | 4
drivers/usb/cdns3/cdnsp-gadget.c | 21
drivers/usb/cdns3/cdnsp-gadget.h | 4
drivers/usb/class/usbtmc.c | 21
drivers/usb/core/hub.c | 16
drivers/usb/core/quirks.c | 3
drivers/usb/gadget/function/f_hid.c | 12
drivers/usb/renesas_usbhs/common.c | 50 +
drivers/usb/serial/pl2303.c | 2
drivers/usb/storage/unusual_uas.h | 7
drivers/usb/typec/tcpm/tcpci_maxim.c | 3
drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c | 57 +-
drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.h | 14
drivers/vfio/vfio_iommu_type1.c | 2
drivers/video/backlight/qcom-wled.c | 6
drivers/video/console/vgacon.c | 2
drivers/video/fbdev/core/fbcon.c | 7
drivers/video/fbdev/core/fbcvt.c | 2
drivers/video/fbdev/core/fbmem.c | 4
drivers/watchdog/da9052_wdt.c | 1
drivers/watchdog/exar_wdt.c | 2
fs/ceph/super.c | 1
fs/configfs/dir.c | 2
fs/ext4/ext4.h | 7
fs/ext4/extents.c | 18
fs/ext4/file.c | 7
fs/ext4/inline.c | 2
fs/ext4/inode.c | 3
fs/f2fs/data.c | 4
fs/f2fs/f2fs.h | 10
fs/f2fs/namei.c | 19
fs/f2fs/super.c | 12
fs/filesystems.c | 14
fs/gfs2/inode.c | 3
fs/gfs2/lock_dlm.c | 3
fs/jbd2/transaction.c | 5
fs/jffs2/erase.c | 4
fs/jffs2/scan.c | 4
fs/jffs2/summary.c | 7
fs/kernfs/dir.c | 5
fs/kernfs/file.c | 3
fs/namespace.c | 6
fs/nfs/super.c | 19
fs/nfsd/nfs4proc.c | 3
fs/nfsd/nfssvc.c | 6
fs/nilfs2/btree.c | 4
fs/nilfs2/direct.c | 3
fs/ntfs3/index.c | 8
fs/ocfs2/quota_local.c | 2
fs/smb/client/cached_dir.h | 8
fs/smb/client/connect.c | 8
fs/smb/client/readdir.c | 28 -
fs/smb/server/smb2pdu.c | 11
fs/squashfs/super.c | 5
fs/userfaultfd.c | 6
fs/xfs/Kconfig | 12
fs/xfs/libxfs/xfs_alloc.c | 10
fs/xfs/libxfs/xfs_dir2_data.c | 31 -
fs/xfs/libxfs/xfs_dir2_priv.h | 7
fs/xfs/libxfs/xfs_quota_defs.h | 2
fs/xfs/libxfs/xfs_refcount.c | 13
fs/xfs/libxfs/xfs_rmap.c | 10
fs/xfs/libxfs/xfs_trans_resv.c | 28 -
fs/xfs/scrub/bmap.c | 8
fs/xfs/xfs.h | 4
fs/xfs/xfs_bmap_util.c | 22
fs/xfs/xfs_buf_item.c | 32 +
fs/xfs/xfs_dquot_item.c | 31 +
fs/xfs/xfs_file.c | 33 -
fs/xfs/xfs_file.h | 15
fs/xfs/xfs_fsmap.c | 266 +++++-----
fs/xfs/xfs_inode.c | 29 -
fs/xfs/xfs_inode.h | 2
fs/xfs/xfs_inode_item.c | 32 +
fs/xfs/xfs_ioctl.c | 12
fs/xfs/xfs_iops.c | 1
fs/xfs/xfs_iops.h | 3
fs/xfs/xfs_rtalloc.c | 78 ++
fs/xfs/xfs_symlink.c | 8
fs/xfs/xfs_trace.h | 25
include/acpi/actypes.h | 2
include/linux/arm_sdei.h | 4
include/linux/atmdev.h | 6
include/linux/bio.h | 2
include/linux/hid.h | 3
include/linux/hugetlb.h | 3
include/linux/mlx5/driver.h | 1
include/linux/mm.h | 3
include/linux/mm_types.h | 3
include/linux/mmc/card.h | 1
include/net/bluetooth/hci_core.h | 1
include/net/checksum.h | 2
include/net/sock.h | 7
include/trace/events/erofs.h | 18
include/uapi/linux/bpf.h | 2
io_uring/io_uring.c | 10
ipc/shm.c | 5
kernel/bpf/core.c | 2
kernel/bpf/helpers.c | 3
kernel/cgroup/legacy_freezer.c | 3
kernel/events/core.c | 57 +-
kernel/exit.c | 17
kernel/power/wakelock.c | 3
kernel/time/clocksource.c | 2
kernel/time/posix-cpu-timers.c | 9
kernel/trace/bpf_trace.c | 2
kernel/trace/ftrace.c | 10
kernel/trace/trace.c | 2
kernel/trace/trace.h | 8
kernel/trace/trace_events_hist.c | 2
kernel/trace/trace_events_trigger.c | 20
lib/Kconfig | 1
mm/huge_memory.c | 11
mm/hugetlb.c | 83 ++-
mm/mmap.c | 8
mm/page-writeback.c | 2
net/atm/common.c | 1
net/atm/lec.c | 12
net/atm/raw.c | 2
net/bluetooth/eir.c | 10
net/bluetooth/hci_core.c | 15
net/bluetooth/hci_sync.c | 20
net/bluetooth/l2cap_core.c | 3
net/bluetooth/mgmt.c | 39 -
net/bluetooth/mgmt_util.c | 2
net/bridge/br_mst.c | 4
net/bridge/br_multicast.c | 103 +++
net/bridge/br_private.h | 11
net/bridge/netfilter/nf_conntrack_bridge.c | 12
net/core/filter.c | 5
net/core/skmsg.c | 56 +-
net/core/sock.c | 4
net/core/utils.c | 4
net/dsa/tag_brcm.c | 2
net/ipv4/route.c | 4
net/ipv4/tcp_fastopen.c | 3
net/ipv4/tcp_input.c | 63 +-
net/ipv4/udp_offload.c | 5
net/ipv6/calipso.c | 8
net/ipv6/ila/ila_common.c | 6
net/ipv6/netfilter.c | 12
net/ipv6/netfilter/nft_fib_ipv6.c | 13
net/ipv6/seg6_local.c | 6
net/mac80211/mesh_hwmp.c | 6
net/mpls/af_mpls.c | 4
net/ncsi/internal.h | 21
net/ncsi/ncsi-pkt.h | 23
net/ncsi/ncsi-rsp.c | 21
net/netfilter/nft_quota.c | 20
net/netfilter/nft_set_pipapo_avx2.c | 21
net/netfilter/nft_tunnel.c | 8
net/netlabel/netlabel_kapi.c | 5
net/nfc/nci/uart.c | 8
net/openvswitch/flow.c | 2
net/sched/sch_ets.c | 2
net/sched/sch_prio.c | 2
net/sched/sch_red.c | 2
net/sched/sch_sfq.c | 15
net/sched/sch_tbf.c | 2
net/sctp/socket.c | 3
net/tipc/crypto.c | 8
net/tipc/udp_media.c | 4
net/tls/tls_sw.c | 15
net/wireless/core.c | 6
scripts/Makefile.clang | 3
scripts/Makefile.compiler | 4
scripts/gcc-plugins/gcc-common.h | 32 +
scripts/gcc-plugins/randomize_layout_plugin.c | 40 -
security/selinux/xfrm.c | 2
sound/pci/hda/hda_intel.c | 2
sound/pci/hda/patch_realtek.c | 1
sound/soc/amd/yc/acp6x-mach.c | 9
sound/soc/apple/mca.c | 23
sound/soc/codecs/hda.c | 4
sound/soc/codecs/tas2764.c | 2
sound/soc/codecs/tas2770.c | 30 +
sound/soc/intel/avs/ipc.c | 4
sound/soc/meson/meson-card-utils.c | 2
sound/soc/qcom/sdm845.c | 4
sound/soc/tegra/tegra210_ahub.c | 2
sound/usb/implicit.c | 1
sound/usb/mixer_maps.c | 12
tools/bpf/resolve_btfids/Makefile | 2
tools/include/uapi/linux/bpf.h | 2
tools/lib/bpf/bpf_core_read.h | 6
tools/lib/bpf/btf.c | 16
tools/lib/bpf/libbpf.c | 2
tools/lib/bpf/linker.c | 4
tools/lib/bpf/nlattr.c | 15
tools/perf/Makefile.config | 2
tools/perf/builtin-record.c | 2
tools/perf/scripts/python/exported-sql-viewer.py | 5
tools/perf/tests/switch-tracking.c | 2
tools/perf/ui/browsers/hists.c | 2
tools/perf/util/intel-pt.c | 205 +++++++
tools/testing/selftests/seccomp/seccomp_bpf.c | 7
tools/testing/selftests/x86/Makefile | 2
tools/testing/selftests/x86/sigtrap_loop.c | 101 +++
usr/include/Makefile | 2
499 files changed, 4440 insertions(+), 2092 deletions(-)
Adam Ford (2):
arm64: dts: imx8mm-beacon: Fix RTC capacitive load
arm64: dts: imx8mn-beacon: Fix RTC capacitive load
Adrian Hunter (2):
perf intel-pt: Fix PEBS-via-PT data_src
perf scripts python: exported-sql-viewer.py: Fix pattern matching with Python 3
Ahmed S. Darwish (1):
x86/cpu: Sanitize CPUID(0x80000000) output
Ahmed Salem (1):
ACPICA: Avoid sequence overread in call to strncmp()
Akhil R (2):
i2c: tegra: check msg length in SMBUS block read
dt-bindings: i2c: nvidia,tegra20-i2c: Specify the required properties
Al Viro (2):
fix propagation graph breakage by MOVE_MOUNT_SET_GROUP move_mount(2)
do_change_type(): refuse to operate on unmounted/not ours mounts
Alan Maguire (1):
libbpf: Add identical pointer detection to btf_dedup_is_equiv()
Alexander Aring (1):
gfs2: move msleep to sleepable context
Alexander Shiyan (1):
power: reset: at91-reset: Optimize at91_reset()
Alexander Sverdlin (2):
counter: interrupt-cnt: Protect enable/disable OPs with mutex
Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first"
Alexandre Mergnat (2):
rtc: Make rtc_time64_to_tm() support dates before 1970
rtc: Fix offset calculation for .start_secs < 0
Alexei Safin (1):
hwmon: (asus-ec-sensors) check sensor index in read_string()
Alexey Gladkov (1):
mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE
Alexey Kodanev (2):
wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds
net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get()
Alexey Minnekhanov (3):
arm64: dts: qcom: sdm660-xiaomi-lavender: Add missing SD card detect GPIO
arm64: dts: qcom: sdm660-lavender: Add missing USB phy supply
arm64: dts: qcom: sda660-ifc6560: Fix dt-validate warning
Alexis Lothoré (1):
net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping
Alok Tiwari (4):
gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt
gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO
scsi: iscsi: Fix incorrect error path labels for flashnode operations
emulex/benet: correct command version selection in be_cmd_get_stats()
Amit Sunil Dhamne (1):
usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx()
Andre Przywara (1):
dt-bindings: vendor-prefixes: Add Liontron name
Andreas Gruenbacher (1):
gfs2: gfs2_create_inode error handling fix
Andreas Kemnade (1):
ARM: omap: pmic-cpcap: do not mess around without CPCAP or OMAP4
Andrew Lunn (1):
net: mdio: C22 is now optional, EOPNOTSUPP if not provided
Andrew Morton (1):
drivers/rapidio/rio_cm.c: prevent possible heap overwrite
Andrew Zaborowski (1):
x86/sgx: Prevent attempts to reclaim poisoned pages
Andrey Vatoropin (1):
fs/ntfs3: handle hdr_first_de() return value
Andy Shevchenko (1):
pinctrl: at91: Fix possible out-of-boundary access
AngeloGioacchino Del Regno (1):
arm64: dts: mediatek: mt8195: Reparent vdec1/2 and venc1 power domains
Anton Protopopov (3):
libbpf: Use proper errno value in linker
bpf: Fix uninitialized values in BPF_{CORE,PROBE}_READ
libbpf: Use proper errno value in nlattr
Anup Patel (2):
RISC-V: KVM: Fix the size parameter check in SBI SFENCE calls
RISC-V: KVM: Don't treat SBI HFENCE calls as NOPs
Armin Wolf (2):
ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions"
ACPI: bus: Bail out if acpi_kobj registration fails
Arnaldo Carvalho de Melo (2):
perf build: Warn when libdebuginfod devel files are not available
perf ui browser hists: Set actions->thread before calling do_zoom_thread()
Arnd Bergmann (4):
kbuild: hdrcheck: fix cross build with clang
parisc: fix building with gcc-15
hwmon: (occ) Rework attribute registration for stack usage
hwmon: (occ) fix unaligned accesses
Artem Sadovnikov (1):
jffs2: check that raw node were preallocated before writing summary
Baochen Qiang (3):
wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request()
wifi: ath11k: don't use static variables in ath11k_debugfs_fw_stats_process()
wifi: ath11k: don't wait when there is no vdev started
Bartosz Golaszewski (1):
Bluetooth: hci_qca: move the SoC type check to the right place
Benjamin Berg (1):
wifi: mac80211: do not offer a mesh path if forwarding is disabled
Benjamin Marzinski (2):
dm: don't change md if dm_table_set_restrictions() fails
dm: free table mempools if not used in __bind
Bharath SM (1):
smb: improve directory cache reuse for readdir operations
Biju Das (2):
drm: rcar-du: Fix memory leak in rcar_du_vsps_init()
drm/tegra: rgb: Fix the unbound reference count
Bjorn Helgaas (1):
PCI/DPC: Initialize aer_err_info before using it
Breno Leitao (1):
Revert "x86/bugs: Make spectre user default depend on MITIGATION_SPECTRE_V2" on v6.6 and older
Brett Creeley (1):
ionic: Prevent driver/fw getting out of sync on devcmd(s)
Brett Werling (1):
can: tcan4x5x: fix power regulator retrieval during probe
Brian Pellegrino (1):
iio: filter: admv8818: Support frequencies >= 2^32
Caleb Connolly (1):
ath10k: snoc: fix unbalanced IRQ enable in crash recovery
Carlos Fernandez (1):
macsec: MACsec SCI assignment for ES = 0
Cezary Rojewski (2):
ASoC: codecs: hda: Fix RPM usage count underflow
ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX
Chao Yu (4):
f2fs: fix to do sanity check on sbi->total_valid_block_count
f2fs: clean up w/ fscrypt_is_bounce_page()
f2fs: fix to detect gcing page in f2fs_is_cp_guaranteed()
f2fs: fix to do sanity check on sit_bitmap_size
Charalampos Mitrodimas (1):
net: tipc: fix refcount warning in tipc_aead_encrypt
Charan Teja Kalla (1):
PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn()
Charles Han (1):
drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table
Charles Yeh (1):
USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB
Chen Ridong (1):
cgroup,freezer: fix incomplete freezing when attaching tasks
Chenyuan Yang (1):
phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug
Christian Lamparter (1):
wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()
Christoph Hellwig (1):
xfs: fix the contact address for the sysfs ABI documentation
Christophe JAILLET (2):
drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe()
mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove()
Claudiu Beznea (4):
serial: sh-sci: Check if TX data was written to device in .tx_empty()
serial: sh-sci: Move runtime PM enable to sci_probe_single()
serial: sh-sci: Clean sci_ports[0] after at earlycon exit
serial: sh-sci: Increment the runtime usage counter for the earlycon device
Colin Foster (1):
ARM: dts: am335x-bone-common: Increase MDIO reset deassert time
Corentin Labbe (1):
crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions
Da Xue (1):
clk: meson-g12a: add missing fclk_div2 to spicc
Dan Carpenter (6):
remoteproc: qcom_wcnss_iris: Add missing put_device() on error in probe
rpmsg: qcom_smd: Fix uninitialized return variable in __qcom_smd_send()
net/mlx4_en: Prevent potential integer overflow calculating Hz
pmdomain: core: Fix error checking in genpd_dev_pm_attach_by_id()
regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt()
Input: ims-pcu - check record size in ims_pcu_flash_firmware()
Daniel Wagner (2):
nvmet-fcloop: access fcpreq only when holding reqlock
scsi: lpfc: Use memcpy() for BIOS version
Dapeng Mi (1):
perf record: Fix incorrect --user-regs comments
Darrick J. Wong (17):
xfs: fix interval filtering in multi-step fsmap queries
xfs: fix integer overflows in the fsmap rtbitmap and logdev backends
xfs: fix getfsmap reporting past the last rt extent
xfs: clean up the rtbitmap fsmap backend
xfs: fix logdev fsmap query result filtering
xfs: validate fsmap offsets specified in the query keys
xfs: fix xfs_btree_query_range callers to initialize btree rec fully
xfs: fix an agbno overflow in __xfs_getfsmap_datadev
xfs: verify buffer, inode, and dquot items every tx commit
xfs: use consistent uid/gid when grabbing dquots for inodes
xfs: declare xfs_file.c symbols in xfs_file.h
xfs: create a new helper to return a file's allocation unit
xfs: attr forks require attr, not attr2
xfs: conditionally allow FS_XFLAG_REALTIME changes if S_DAX is set
xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code
xfs: take m_growlock when running growfsrt
xfs: reset rootdir extent size hint after growfsrt
Dave Penkler (2):
usb: usbtmc: Fix timeout value in get_stb
usb: usbtmc: Fix read_stb function and get_stb ioctl
David Heimann (1):
ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1
David Lechner (1):
iio: adc: ad7606_spi: fix reg write value mask
David Wei (1):
tcp: fix passive TFO socket having invalid NAPI ID
Denis Arefev (1):
media: vivid: Change the siize of the composing
Dennis Marttinen (1):
ceph: set superblock s_magic for IMA fsmagic matching
Dexuan Cui (1):
scsi: storvsc: Increase the timeouts to storvsc_timeout
Diederik de Haas (1):
PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit()
Dmitry Antipov (3):
wifi: rtw88: do not ignore hardware read error during DPK
Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach()
wifi: carl9170: do not ping device which has failed to load firmware
Dmitry Baryshkov (1):
ARM: dts: qcom: apq8064 merge hw splinlock into corresponding syscon device
Dmitry Nikiforov (1):
media: davinci: vpif: Fix memory leak in probe error path
Dmitry Torokhov (1):
Input: synaptics-rmi - fix crash with unsupported versions of F34
Easwar Hariharan (1):
wifi: ath11k: convert timeouts to secs_to_jiffies()
Eddie James (1):
powerpc/crash: Fix non-smp kexec preparation
Edward Adam Davis (4):
media: cxusb: no longer judge rbuf when the write fails
media: vidtv: Terminating the subsequent process of initialization failure
wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled
wifi: cfg80211: init wiphy_work before allocating rfkill fails
Eric Dumazet (11):
net_sched: sch_sfq: fix a potential crash on gso_skb handling
net_sched: prio: fix a race in prio_tune()
net_sched: red: fix a race in __red_change()
net_sched: tbf: fix a race in tbf_change()
net_sched: ets: fix a race in ets_qdisc_change()
calipso: unlock rcu before returning -EAFNOSUPPORT
tcp: always seek for minimal rtt in tcp_rcv_rtt_update()
tcp: fix initial tp->rcvq_space.space value for passive TS enabled flows
net_sched: sch_sfq: reject invalid perturb period
net: atm: add lec_mutex
net: atm: fix /proc/net/atm/lec handling
Erick Shepherd (1):
mmc: Add quirk to disable DDR50 tuning
Faicker Mo (1):
net: openvswitch: Fix the dead loop of MPLS parse
Fedor Pchelkin (1):
jffs2: check jffs2_prealloc_raw_node_refs() result in few other places
Fernando Fernandez Mancera (1):
netfilter: nft_tunnel: fix geneve_opt dump
Finn Thain (1):
m68k: mac: Fix macintosh_config for Mac II
Florian Westphal (2):
netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy
netfilter: nf_set_pipapo_avx2: fix initial map fill
GONG Ruiqi (1):
vgacon: Add check for vc_origin address range in vgacon_scroll()
Gabor Juhos (7):
pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31
pinctrl: armada-37xx: set GPIO output value before setting direction
arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs
pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name()
pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction()
pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction()
pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get()
Gabriel Shahrouzi (1):
staging: iio: ad5933: Correct settling cycles encoding per datasheet
Gao Xiang (1):
erofs: remove unused trace event erofs_destroy_inode
Gatien Chevallier (1):
Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer()
Gautam Menghani (1):
powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states
Gautham R. Shenoy (1):
acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio()
Gavin Guo (1):
mm/huge_memory: fix dereferencing invalid pmd migration entry
Geert Uytterhoeven (2):
spi: sh-msiof: Fix maximum DMA transfer size
ARM: dts: am335x-bone-common: Increase MDIO reset deassert delay to 50ms
Govindaraj Saminathan (1):
wifi: ath11k: remove unused function ath11k_tm_event_wmi()
Greg Kroah-Hartman (2):
Revert "io_uring: ensure deferred completions are posted for multishot"
Linux 6.1.142
Guilherme G. Piccoli (1):
clocksource: Fix the CPUs' choice in the watchdog per CPU verification
Haixia Qu (1):
tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer
Hans Zhang (2):
efi/libstub: Describe missing 'out' parameter in efi_load_initrd
PCI: cadence: Fix runtime atomic count underflow
Haren Myneni (1):
powerpc/vas: Return -EINVAL if the offset is non-zero in mmap()
Hari Kalavakunta (1):
net: ncsi: Fix GCPS 64-bit member variables
Hector Martin (3):
ASoC: tas2764: Enable main IRQs
PCI: apple: Use gpiod_set_value_cansleep in probe flow
ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change
Heiko Carstens (1):
s390/pci: Fix __pcilg_mio_inuser() inline assembly
Heiko Stuebner (1):
clk: rockchip: rk3036: mark ddrphy as critical
Heiner Kallweit (1):
net: ftgmac100: select FIXED_PHY
Helge Deller (1):
parisc/unaligned: Fix hex output to show 8 hex chars
Henk Vergonet (1):
wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R
Henry Martin (5):
clk: bcm: rpi: Add NULL check in raspberrypi_clk_register()
soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()
backlight: pm8941: Add NULL check in wled_configure()
dmaengine: ti: Add NULL check in udma_probe()
serial: Fix potential null-ptr-deref in mlb_usio_probe()
Herbert Xu (5):
crypto: marvell/cesa - Handle zero-length skcipher requests
crypto: marvell/cesa - Avoid empty transfer descriptor
crypto: lrw - Only add ecb if it is not already there
crypto: xts - Only add ecb if it is not already there
crypto: marvell/cesa - Do not chain submitted requests
Hongyu Xie (1):
usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device
Horatiu Vultur (3):
net: phy: mscc: Fix memory leak when using one step timestamping
net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames
net: lan966x: Make sure to insert the vlan tags also in host mode
Hou Tao (1):
bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()
Huacai Chen (2):
PCI: Add ACS quirk for Loongson PCIe
LoongArch: Avoid using $r0/$r1 as "mask" for csrxchg
Huajian Yang (1):
netfilter: bridge: Move specific fragmented packet to slow_path instead of dropping it
Huang Yiwei (1):
firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES
I Hsin Cheng (1):
drm/meson: Use 1000ULL when operating with mode->clock
Ian Forbes (1):
drm/vmwgfx: Add seqno waiter for sync_files
Ido Schimmel (2):
seg6: Fix validation of nexthop addresses
vxlan: Do not treat dst cache initialization errors as fatal
Ilpo Järvinen (1):
PCI: Fix lock symmetry in pci_slot_unlock()
Ilya Leoshkevich (1):
s390/bpf: Store backchain even for leaf progs
Ioana Ciornei (2):
bus: fsl-mc: fix double-free on mc_dev
bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device
Jack Morgenstein (1):
RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work
Jacob Keller (1):
drm/nouveau/bl: increase buffer size to avoid truncate warning
Jacob Moroni (1):
IB/cm: use rwlock for MAD agent lock
Jaegeuk Kim (1):
f2fs: prevent kernel warning due to negative i_nlink from corrupted image
Jakub Raczynski (1):
net/mdiobus: Fix potential out-of-bounds read/write access
James A. MacInnes (1):
drm/msm/disp: Correct porch timing for SDM845
Jan Kara (1):
ext4: fix calculation of credits for extent tree modification
Jann Horn (3):
tee: Prevent size calculation wraparound on 32-bit kernels
mm/hugetlb: unshare page tables during VMA split, not before
mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
Jason Gunthorpe (1):
iommu: Protect against overflow in iommu_pgsize()
Jason Xing (2):
net: atlantic: generate software timestamp just before the doorbell
net: mlx4: add SOF_TIMESTAMPING_TX_SOFTWARE flag when getting ts info
Jeff Hugo (1):
bus: mhi: host: Fix conflict between power_up and SYSERR
Jeff Johnson (1):
wifi: ath11k: fix soc_dp_stats debugfs file permission
Jeongjun Park (3):
ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use()
jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()
ipc: fix to protect IPCS lookups using RCU
Jerry Lv (1):
power: supply: bq27xxx: Retrieve again when busy
Jianbo Liu (1):
net/mlx5e: Fix leak of Geneve TLV option object
Jiaqing Zhao (1):
x86/mtrr: Check if fixed-range MTRRs exist in mtrr_save_fixed_ranges()
Jiayi Li (1):
usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE
Jiayuan Chen (6):
bpf: fix ktls panic with sockmap
bpf, sockmap: fix duplicated data transmission
bpf, sockmap: Fix panic when calling skb_linearize
ktls, sockmap: Fix missing uncharge operation
bpf, sockmap: Avoid using sk_socket after free when sending
bpf, sockmap: Fix data lost during EAGAIN retries
Jinliang Zheng (1):
mm: fix ratelimit_pages update error in dirty_ratio_handler()
Joel Stanley (1):
ARM: aspeed: Don't select SRAM
Johan Hovold (3):
wifi: ath11k: fix rx completion meta data corruption
wifi: ath11k: fix ring-buffer corruption
media: ov8856: suppress probe deferral errors
John Garry (2):
xfs: Fix xfs_flush_unmap_range() range for RT
xfs: Fix xfs_prepare_shift() range for RT
Jon Hunter (1):
Revert "cpufreq: tegra186: Share policy per cluster"
Jonas Karlman (1):
media: rkvdec: Fix frame size enumeration
Jonathan Lane (1):
ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged
João Paulo Gonçalves (2):
regulator: max20086: Fix MAX200086 chip id
regulator: max20086: Change enable gpio to optional
Judith Mendez (2):
arm64: dts: ti: k3-am65-main: Fix sdhci node properties
arm64: dts: ti: k3-am65-main: Add missing taps to sdhci0
Julian Sun (1):
xfs: remove unused parameter in macro XFS_DQUOT_LOGRES
Julien Massot (2):
arm64: dts: mt6359: Add missing 'compatible' property to regulators node
arm64: dts: mt6359: Rename RTC node to match binding expectations
Junxian Huang (1):
RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h
Justin Sanders (1):
aoe: clean device rq_list in aoedev_downdev()
Justin Tee (1):
scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands
KaFai Wan (1):
bpf: Avoid __bpf_prog_ret0_warn when jit fails
Kees Cook (6):
watchdog: exar: Shorten identity name to fit correctly
drm/vkms: Adjust vkms_state->active_planes allocation type
scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops
randstruct: gcc-plugin: Remove bogus void member
randstruct: gcc-plugin: Fix attribute addition
fbcon: Make sure modelist not set on unregistered console
Khem Raj (1):
mips: Add -std= flag specified in KBUILD_CFLAGS to vdso CFLAGS
Kornel Dulęba (1):
arm64: Support ARM64_VA_BITS=52 when setting ARCH_MMAP_RND_BITS_MAX
Krishna Kumar (1):
net: ice: Perform accurate aRFS flow match
Krzysztof Kozlowski (2):
NFC: nci: uart: Set tty->disc_data only in success path
drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate
Kuniyuki Iwashima (5):
calipso: Don't call calipso functions for AF_INET sk.
atm: Revert atm_account_tx() if copy_from_iter_full() fails.
mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu().
atm: atmtcp: Free invalid length skb in atmtcp_c_send().
calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().
Kyungwook Boo (1):
i40e: fix MMIO write access to an invalid page in i40e_clear_hw
Lad Prabhakar (1):
usb: renesas_usbhs: Reorder clock handling and power management in probe
Laurentiu Tudor (1):
bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value
Leo Yan (1):
perf tests switch-tracking: Fix timestamp comparison
Li Lingfeng (3):
nfs: clear SB_RDONLY before getting superblock
nfs: ignore SB_RDONLY when remounting nfs
nfsd: Initialize ssc before laundromat_work to prevent NULL dereference
Li RongQing (1):
vfio/type1: Fix error unwind in migration dirty bitmap allocation
Linus Walleij (1):
net: ethernet: cortina: Use TOE/TSO on all TCP
Liu Shixin (1):
mm: hugetlb: independent PMD page table shared count
Loic Poulain (1):
media: venus: Fix probe error handling
Long Li (1):
uio_hv_generic: Use correct size for interrupt and monitor pages
Longfang Liu (2):
hisi_acc_vfio_pci: fix XQE dma address error
hisi_acc_vfio_pci: add eq and aeq interruption restore
Lorenzo Stoakes (1):
KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY
Luca Weiss (3):
clk: qcom: dispcc-sm6350: Add *_wait_val values for GDSCs
clk: qcom: gcc-sm6350: Add *_wait_val values for GDSCs
clk: qcom: gpucc-sm6350: Add *_wait_val values for GDSCs
Luiz Augusto von Dentz (5):
Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION
Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete
Bluetooth: Fix NULL pointer deference on eir_get_service_data
Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance
Bluetooth: MGMT: Fix sparse errors
Ma Ke (1):
media: v4l2-dev: fix error handling in __video_register_device()
Marcus Folkesson (1):
watchdog: da9052_wdt: respect TWDMIN
Marek Szyprowski (3):
media: omap3isp: use sgtable-based scatterlist wrappers
media: videobuf2: use sgtable-based scatterlist wrappers
udmabuf: use sgtable-based scatterlist wrappers
Marek Vasut (1):
arm64: dts: imx8mm: Drop sd-vsel-gpios from i.MX8M Mini Verdin SoM
Mark Brown (1):
arm64/fpsimd: Discard stale CPU state when handling SME traps
Mark Rutland (1):
arm64/fpsimd: Fix merging of FPSIMD state during signal return
Martin Blumenstingl (5):
drm/meson: use unsigned long long / Hz for frequency types
drm/meson: fix debug log statement when setting the HDMI clocks
drm/meson: use vclk_freq instead of pixel_freq in debug print
drm/meson: fix more rounding issues with 59.94Hz modes
ASoC: meson: meson-card-utils: use of_property_present() for DT parsing
Martin Povišer (1):
ASoC: apple: mca: Constrain channels according to TDM mask
Masahiro Yamada (1):
kbuild: add $(CLANG_FLAGS) to KBUILD_CPPFLAGS
Mateusz Pacuszka (1):
ice: fix check for existing switch rule
Mathias Nyman (1):
usb: Flush altsetting 0 endpoints before reinitializating them after reset.
Matthew Wilcox (Oracle) (1):
bio: Fix bio_first_folio() for SPARSEMEM without VMEMMAP
Miaoqian Lin (2):
firmware: psci: Fix refcount leak in psci_dt_init
tracing: Fix error handling in event_trigger_parse()
Michal Koutný (1):
kernfs: Relax constraint in draining guard
Michal Kubiak (2):
ice: create new Tx scheduler nodes for new queues only
ice: fix rebuilding the Tx scheduler tree for large queue counts
Michal Luczaj (1):
net: Fix TOCTOU issue in sk_is_readable()
Mike Looijmans (1):
pinctrl: mcp23s08: Reset all pins to input at probe
Mike Tipton (1):
cpufreq: scmi: Skip SCMI devices that aren't used by the CPUs
Mikhail Arkhipov (1):
mtd: nand: ecc-mxic: Fix use of uninitialized variable ret
Mikulas Patocka (1):
dm-mirror: fix a tiny race condition
Ming Qian (1):
media: imx-jpeg: Drop the first error frames
Mingcong Bai (1):
wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723
Mirco Barone (1):
wireguard: device: enable threaded NAPI
Moon Yeounsu (1):
net: dlink: add synchronization for stats update
Moshe Shemesh (1):
net/mlx5: Ensure fw pages are always allocated on same NUMA
Muhammad Usama Anjum (1):
wifi: ath11k: Fix QMI memory reuse logic
Murad Masimov (2):
ocfs2: fix possible memory leak in ocfs2_finish_quota_recovery
fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var
Namjae Jeon (1):
ksmbd: fix null pointer dereference in destroy_previous_session
Narayana Murty N (1):
powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery
Nathan Chancellor (4):
drm/amd/display: Do not add '-mhard-float' to dml_ccflags for clang
mips: Include KBUILD_CPPFLAGS in CHECKFLAGS invocation
kbuild: Add CLANG_FLAGS to as-instr
kbuild: Add KBUILD_CPPFLAGS to as-option invocation
Neal Cardwell (1):
tcp: fix tcp_packet_delayed() for tcp_is_non_sack_preventing_reopen() behavior
NeilBrown (1):
nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request
Neill Kapron (1):
selftests/seccomp: fix syscall_restart test for arm compat
Nicolas Pitre (1):
vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl()
Nikita Zhandarovich (1):
net: usb: aqc111: fix error handling of usbnet read calls
Niklas Cassel (1):
PCI: cadence-ep: Correct PBA offset in .set_msix() callback
Niravkumar L Rabara (1):
EDAC/altera: Use correct write width with the INTTEST register
Nishanth Menon (1):
arm64: dts: ti: k3-am65-main: Drop deprecated ti,otap-del-sel property
Oleg Nesterov (1):
posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
Oliver Neukum (1):
net: usb: aqc111: debug info before sanitation
Ovidiu Panait (2):
crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare()
crypto: sun8i-ce - move fallback ahash_request to the end of the struct
Pan Taixi (1):
tracing: Fix compilation warning on arm32
Patrisious Haddad (2):
RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction
net/mlx5: Fix return value when searching for existing flow group
Paul Chaignon (2):
net: Fix checksum update for ILA adj-transport
bpf: Fix L4 csum update on IPv6 in CHECKSUM_COMPLETE
Pauli Virtanen (1):
Bluetooth: hci_core: fix list_for_each_entry_rcu usage
Pavel Begunkov (1):
io_uring: account drain memory to cgroup
Pawel Laszczak (2):
usb: cdnsp: Fix issue with detecting command completion event
usb: cdnsp: Fix issue with detecting USB 3.2 speed
Peter Marheine (1):
ACPI: battery: negate current when discharging
Peter Oberparleiter (1):
scsi: s390: zfcp: Ensure synchronous unit_add
Peter Xu (1):
mm/uffd: fix vma operation where start addr cuts part of vma
Peter Zijlstra (2):
perf: Ensure bpf_perf_link path is properly serialized
perf: Fix sample vs do_exit()
Petr Malat (1):
sctp: Do not wake readers in __sctp_write_space()
Phillip Lougher (1):
Squashfs: check return result of sb_min_blocksize
Qasim Ijaz (1):
net: ch9200: fix uninitialised access during mii_nway_restart
Qing Wang (1):
perf/core: Fix broken throttling when max_samples_per_tick=1
Qiuxu Zhuo (1):
EDAC/skx_common: Fix general protection fault
Quentin Schulz (2):
arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou
net: stmmac: platform: guarantee uniqueness of bus_id
Rafael J. Wysocki (1):
PM: sleep: Fix power.is_suspended cleanup for direct-complete devices
Renato Caldas (1):
platform/x86: ideapad-laptop: add missing Ideapad Pro 5 fn keys
Rengarajan S (2):
net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices
net: microchip: lan743x: Reduce PTP timeout on HW failure
Ricardo Ribalda (3):
media: uvcvideo: Return the number of processed controls
media: uvcvideo: Send control events for partial succeeds
media: uvcvideo: Fix deferred probing error
Ritesh Harjani (IBM) (1):
powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap
Robert Malz (2):
i40e: return false from i40e_reset_vf if reset is in progress
i40e: retry VFLR handling if there is ongoing VF reset
Rodrigo Gobbi (1):
wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready
Rolf Eike Beer (1):
iommu: remove duplicate selection of DMAR_TABLE
Ronak Doshi (1):
vmxnet3: correctly report gso type for UDP tunnels
Ross Stutterheim (1):
ARM: 9447/1: arm/memremap: fix arch_memremap_can_ram_remap()
Ryusuke Konishi (1):
nilfs2: do not propagate ENOENT error from nilfs_btree_propagate()
Sakari Ailus (4):
media: ccs-pll: Start VT pre-PLL multiplier search from correct value
media: ccs-pll: Start OP pre-PLL multiplier search from correct value
media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div
media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case
Salah Triki (1):
wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn()
Sam Winchenbach (3):
iio: filter: admv8818: fix band 4, state 15
iio: filter: admv8818: fix integer overflow
iio: filter: admv8818: fix range calculation
Samuel Williams (1):
wifi: mt76: mt7921: add 160 MHz AP for mt7922 device
Sanjeev Yadav (1):
scsi: core: ufs: Fix a hang in the error handler
Sean Christopherson (1):
iommu/amd: Ensure GA log notifier callbacks finish running before module unload
Sean Nyekjaer (3):
iio: accel: fxls8962af: Fix temperature scan element sign
iio: imu: inv_icm42600: Fix temperature calculation
iio: accel: fxls8962af: Fix temperature calculation
Sebastian Andrzej Siewior (1):
ipv4/route: Use this_cpu_inc() for stats on PREEMPT_RT
Sergey Senozhatsky (1):
thunderbolt: Do not double dequeue a configuration request
Sergey Shtylyov (1):
fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()
Sergio Perez Gonzalez (1):
net: macb: Check return value of dma_set_mask_and_coherent()
Seunghun Han (2):
ACPICA: fix acpi operand cache leak in dswstate.c
ACPICA: fix acpi parse and parseext cache leaks
Shengyu Qu (1):
ARM: dts: am335x-bone-common: Add GPIO PHY reset on revision C3 board
Shiming Cheng (1):
net: fix udp gso skb_segment after pull from frag_list
Shin'ichiro Kawasaki (1):
RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction
Shyam Prasad N (1):
cifs: reset connections for all channels when reconnect requested
Siddharth Vadapalli (1):
remoteproc: k3-r5: Drop check performed in k3_r5_rproc_{mbox_callback/kick}
Simon Horman (1):
pldmfw: Select CRC32 when PLDMFW is selected
Stefan Wahren (1):
net: vertexcom: mse102x: Return code for mse102x_rx_pkt_spi
Stefano Stabellini (1):
xen/arm: call uaccess_ttbr0_enable for dm_op hypercall
Stephen Smalley (1):
selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len
Steven Rostedt (1):
tracing: Rename event_trigger_alloc() to trigger_data_alloc()
Stone Zhang (1):
wifi: ath11k: fix node corruption in ar->arvifs list
Stuart Hayes (2):
platform/x86: dell_rbu: Fix list usage
platform/x86: dell_rbu: Stop overwriting data buffer
Su Hui (1):
soc: aspeed: lpc: Fix impossible judgment condition
Sukrut Bellary (1):
ARM: OMAP2+: Fix l4ls clk domain handling in STANDBY
Suleiman Souhlal (1):
tools/resolve_btfids: Fix build when cross compiling kernel with clang.
Takashi Iwai (1):
ALSA: hda/intel: Add Thinkpad E15 to PM deny list
Talhah Peerbhai (1):
ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9
Tali Perry (1):
i2c: npcm: Add clock toggle recovery
Tan En De (1):
i2c: designware: Invoke runtime suspend on quick slave re-registration
Tao Chen (1):
bpf: Fix WARN() in get_bpf_raw_tp_regs
Tasos Sahanidis (1):
ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330
Tengda Wu (1):
arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()
Terry Junge (1):
HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()
Thadeu Lima de Souza Cascardo (1):
ext4: inline: fix len overflow in ext4_prepare_inline_data
Thangaraj Samynathan (1):
net: lan743x: rename lan743x_reset_phy to lan743x_hw_reset_phy
Thomas Gleixner (1):
x86/iopl: Cure TIF_IO_BITMAP inconsistencies
Thomas Weißschuh (1):
kbuild: userprogs: fix bitsize and target detection on clang
Toke Høiland-Jørgensen (1):
wifi: ath9k_htc: Abort software beacon handling if disabled
Uwe Kleine-König (1):
iio: adc: ad7124: Fix 3dB filter frequency reading
Vignesh Raman (1):
arm64: defconfig: mediatek: enable PHY drivers
Viktor Malik (1):
libbpf: Fix buffer overflow in bpf_object__init_prog
Vincent Knecht (1):
clk: qcom: gcc-msm8939: Fix mclk0 & mclk1 for 24 MHz
Vishwaroop A (3):
spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers
spi: tegra210-quad: remove redundant error handling code
spi: tegra210-quad: modify chip select (CS) deactivation
Vitaliy Shevtsov (1):
scsi: elx: efct: Fix memory leak in efct_hw_parse_filter()
Vladimir Oltean (2):
ptp: fix breakage after ptp_vclock_in_use() rework
ptp: allow reading of currently dialed frequency to succeed on free-running clocks
Wan Junjie (1):
bus: fsl-mc: fix GET/SET_TAILDROP command ids
WangYuli (2):
MIPS: Loongson64: Add missing '#interrupt-cells' for loongson64c_ls7a
Input: sparcspkr - avoid unannotated fall-through
Wentao Liang (9):
nilfs2: add pointer check for nilfs_direct_propagate()
ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params()
net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr()
net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid()
media: gspca: Add error handling for stv06xx_read_sensor()
mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk
mtd: nand: sunxi: Add randomizer configuration before randomizer enable
regulator: max14577: Add error check for max14577_read_reg()
octeontx2-pf: Add error log forcn10k_map_unmap_rq_policer()
Wojciech Slenska (1):
pinctrl: qcom: pinctrl-qcm2290: Add missing pins
Wolfram Sang (3):
ARM: dts: at91: usb_a9263: fix GPIO for Dataflash chip select
ARM: dts: at91: at91sam9263: fix NAND chip selects
rtc: sh: assign correct interrupts with DT
Wupeng Ma (1):
VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify
Xiaolei Wang (2):
remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach()
remoteproc: core: Release rproc->clean_table after rproc_attach() fails
Xilin Wu (1):
arm64: dts: qcom: sm8250: Fix CPU7 opp table
Xin Li (Intel) (1):
selftests/x86: Add a test to detect infinite SIGTRAP handler loop
Yanqing Wang (1):
driver: net: ethernet: mtk_star_emac: fix suspend/resume issue
Yao Zi (3):
platform/loongarch: laptop: Get brightness setting from EC on probe
platform/loongarch: laptop: Unregister generic_sub_drivers on exit
platform/loongarch: laptop: Add backlight power control support
Ye Bin (1):
ftrace: Fix UAF when lookup kallsym after ftrace disabled
Yemike Abhilash Chandra (1):
arm64: dts: ti: k3-j721e-sk: Add DT nodes for power regulators
Yeoreum Yun (1):
coresight: prevent deactivate active config while enabling the config
Yihang Li (1):
scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk
Yong Wang (2):
net: bridge: mcast: update multicast contex when vlan state is changed
net: bridge: mcast: re-implement br_multicast_{enable, disable}_port functions
Yosry Ahmed (1):
KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs
Yuanjun Gong (1):
ASoC: tegra210_ahub: Add check to of_device_get_match_data()
Yunhui Cui (1):
ACPI: CPPC: Fix NULL pointer dereference when nosmp is used
Zhang Yi (2):
ext4: factor out ext4_get_maxbytes()
ext4: ensure i_size is smaller than maxbytes
Zhiguo Niu (2):
f2fs: use d_inode(dentry) cleanup dentry->d_inode
f2fs: fix to correct check conditions in f2fs_cross_rename
Zhongqiu Duan (1):
netfilter: nft_quota: match correctly when the quota just depleted
Zijun Hu (5):
PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks()
fs/filesystems: Fix potential unsigned integer underflow in fs_name()
configfs: Do not override creating attribute file failure in populate_attrs()
software node: Correct a OOB check in software_node_get_reference_args()
sock: Correct error checking condition for (assign|release)_proto_idx()
Zilin Guan (1):
tipc: use kfree_sensitive() for aead cleanup
Zizhi Wo (1):
xfs: Fix the owner setting issue for rmap query in xfs fsmap
gldrk (1):
ACPICA: utilities: Fix overflow check in vsnprintf()
lei lu (1):
xfs: don't walk off the end of a directory data block
wangdicheng (1):
ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card
zhangjian (1):
smb: client: fix first command failure during re-negotiation
Álvaro Fernández Rojas (3):
spi: bcm63xx-spi: fix shared reset
spi: bcm63xx-hsspi: fix shared reset
net: dsa: tag_brcm: legacy: fix pskb_may_pull length
3 days, 18 hours
- 1
- 1