- Linux-stable-mirror - lists.linaro.org

[PATCH net] gve: defer interrupt enabling until NAPI registration

by Harshitha Ramamurthy

From: Ankit Garg <nktgrg(a)google.com> Currently, interrupts are automatically enabled immediately upon request. This allows interrupt to fire before the associated NAPI context is fully initialized and cause failures like below: [ 0.946369] Call Trace: [ 0.946369] <IRQ> [ 0.946369] __napi_poll+0x2a/0x1e0 [ 0.946369] net_rx_action+0x2f9/0x3f0 [ 0.946369] handle_softirqs+0xd6/0x2c0 [ 0.946369] ? handle_edge_irq+0xc1/0x1b0 [ 0.946369] __irq_exit_rcu+0xc3/0xe0 [ 0.946369] common_interrupt+0x81/0xa0 [ 0.946369] </IRQ> [ 0.946369] <TASK> [ 0.946369] asm_common_interrupt+0x22/0x40 [ 0.946369] RIP: 0010:pv_native_safe_halt+0xb/0x10 Use the `IRQF_NO_AUTOEN` flag when requesting interrupts to prevent auto enablement and explicitly enable the interrupt in NAPI initialization path (and disable it during NAPI teardown). This ensures that interrupt lifecycle is strictly coupled with readiness of NAPI context. Cc: stable(a)vger.kernel.org Fixes: 1dfc2e46117e ("gve: Refactor napi add and remove functions") Signed-off-by: Ankit Garg <nktgrg(a)google.com> Reviewed-by: Jordan Rhee <jordanrhee(a)google.com> Reviewed-by: Joshua Washington <joshwash(a)google.com> Signed-off-by: Harshitha Ramamurthy <hramamurthy(a)google.com> --- drivers/net/ethernet/google/gve/gve_main.c | 2 +- drivers/net/ethernet/google/gve/gve_utils.c | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/net/ethernet/google/gve/gve_main.c b/drivers/net/ethernet/google/gve/gve_main.c index 5a74760..96adbbe 100644 --- a/drivers/net/ethernet/google/gve/gve_main.c +++ b/drivers/net/ethernet/google/gve/gve_main.c @@ -558,7 +558,7 @@ static int gve_alloc_notify_blocks(struct gve_priv *priv) block->priv = priv; err = request_irq(priv->msix_vectors[msix_idx].vector, gve_is_gqi(priv) ? gve_intr : gve_intr_dqo, - 0, block->name, block); + IRQF_NO_AUTOEN, block->name, block); if (err) { dev_err(&priv->pdev->dev, "Failed to receive msix vector %d\n", i); diff --git a/drivers/net/ethernet/google/gve/gve_utils.c b/drivers/net/ethernet/google/gve/gve_utils.c index ace9b86..b53b7fc 100644 --- a/drivers/net/ethernet/google/gve/gve_utils.c +++ b/drivers/net/ethernet/google/gve/gve_utils.c @@ -112,11 +112,13 @@ void gve_add_napi(struct gve_priv *priv, int ntfy_idx, netif_napi_add_locked(priv->dev, &block->napi, gve_poll); netif_napi_set_irq_locked(&block->napi, block->irq); + enable_irq(block->irq); } void gve_remove_napi(struct gve_priv *priv, int ntfy_idx) { struct gve_notify_block *block = &priv->ntfy_blocks[ntfy_idx]; + disable_irq(block->irq); netif_napi_del_locked(&block->napi); } -- 2.52.0.322.g1dd061c0dc-goog

1 week

1
0
0 0

[PATCH 6.12.y 0/3] arm64: Early system register initialization fixes

by Wei-Lin Chang

Hi, This series is a v6.12-only backport (based on v6.12.62) of fixes for system register initialization issues affecting protected KVM on arm64. This affects some contemporary and upcoming hardware which will run the v6.12.y stable kernel, or something derived from it, such as the Android common kernel. The FEAT_E2H0 patches fix code introduced after v6.6, and so only need to be backported to v6.12. The SCTLR_EL1 patch fixes code introduced in v5.11, but practically speaking only affects recent hardware which is unlikely to run something older than v6.12. Note: Marc Zyngier performed the initial backport, which I have rebased and tested, hence both of our sign-offs being added to the tags from the upstream commits. I have tested the backport and observed they solve the problems as expected. Ahmed Genidi (1): KVM: arm64: Initialize SCTLR_EL1 in __kvm_hyp_init_cpu() Marc Zyngier (1): arm64: Revamp HCR_EL2.E2H RES1 detection Mark Rutland (1): KVM: arm64: Initialize HCR_EL2.E2H early arch/arm64/include/asm/el2_setup.h | 57 +++++++++++++++++++++++++--- arch/arm64/kernel/head.S | 22 ++--------- arch/arm64/kvm/hyp/nvhe/hyp-init.S | 10 +++-- arch/arm64/kvm/hyp/nvhe/psci-relay.c | 3 ++ 4 files changed, 65 insertions(+), 27 deletions(-) -- 2.43.0

1 week

2
4
0 0

[PATCH 6.18 000/614] 6.18.2-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.18.2 release. There are 614 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 18 Dec 2025 11:12:22 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.18.2-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.18.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.18.2-rc1 Junrui Luo <moonafterrain(a)outlook.com> ALSA: wavefront: Fix integer overflow in sample size validation Junrui Luo <moonafterrain(a)outlook.com> ALSA: wavefront: Clear substream pointers on close Denis Arefev <arefev(a)swemel.ru> ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() Antheas Kapenekakis <lkml(a)antheas.dev> ALSA: hda/tas2781: fix speaker id retrieval for multiple probes Antheas Kapenekakis <lkml(a)antheas.dev> ALSA: hda/realtek: Add match for ASUS Xbox Ally projects Junrui Luo <moonafterrain(a)outlook.com> ALSA: dice: fix buffer overflow in detect_stream_formats() Sven Peter <sven(a)kernel.org> usb: dwc3: dwc3_power_off_all_roothub_ports: Use ioremap_np when required Duoming Zhou <duoming(a)zju.edu.cn> usb: typec: ucsi: fix use-after-free caused by uec->work Diogo Ivo <diogo.ivo(a)tecnico.ulisboa.pt> usb: phy: Initialize struct usb_phy list_head Duoming Zhou <duoming(a)zju.edu.cn> usb: typec: ucsi: fix probe failure in gaokun_ucsi_probe() Haotien Hsu <haotienh(a)nvidia.com> usb: gadget: tegra-xudc: Always reinitialize data toggle when clear halt Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> efi/cper: align ARM CPER type with UEFI 2.9A/2.10 specs Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> efi/cper: Adjust infopfx size to accept an extra space Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> efi/cper: Add a new helper function to print bitmasks Evan Li <evan.li(a)linux.alibaba.com> perf/x86/intel: Fix NULL event dereference crash in handle_pmi_common() Dmitry Antipov <dmantipov(a)yandex.ru> ocfs2: fix memory leak in ocfs2_merge_rec_left() Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> cpu: Make atomic hotplug callbacks run with interrupts disabled on UP Dan Carpenter <dan.carpenter(a)linaro.org> irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() Thaumy Cheng <thaumy.love(a)gmail.com> perf/core: Fix missing read event generation on task exit Bart Van Assche <bvanassche(a)acm.org> scsi: ufs: core: Fix an error handler crash Duoming Zhou <duoming(a)zju.edu.cn> scsi: imm: Fix use-after-free bug caused by unfinished delayed work Haotian Zhang <vulab(a)iscas.ac.cn> dm log-writes: Add missing set_freezable() for freezable kthread Alexey Simakov <bigalex934(a)gmail.com> dm-raid: fix possible NULL dereference with undefined raid type Hemalatha Pinnamreddy <hemalatha.pinnamreddy2(a)amd.com> ASoC: amd: acp: update tdm channels for specific DAI Mohamed Khalfella <mkhalfella(a)purestorage.com> block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock Dibin Moolakadan Subrahmanian <dibin.moolakadan.subrahmanian(a)intel.com> drm/i915/fbdev: Hold runtime PM ref during fbdev BO creation Jani Nikula <jani.nikula(a)intel.com> drm/{i915, xe}/fbdev: deduplicate struct drm_mode_fb_cmd2 init Jani Nikula <jani.nikula(a)intel.com> drm/{i915, xe}/fbdev: pass struct drm_device to intel_fbdev_fb_alloc() Jani Nikula <jani.nikula(a)intel.com> drm/i915/fbdev: make intel_framebuffer_create() error return handling explicit Jani Nikula <jani.nikula(a)intel.com> drm/xe/fbdev: use the same 64-byte stride alignment as i915 Liyuan Pang <pangliyuan1(a)huawei.com> ARM: 9464/1: fix input-only operand modification in load_unaligned_zeropad() Junrui Luo <moonafterrain(a)outlook.com> ALSA: firewire-motu: add bounds check in put_user loop for DSP events Javier Martinez Canillas <javierm(a)redhat.com> regulator: spacemit: Align input supply name with the DT binding Nuno Sá <nuno.sa(a)analog.com> rtc: max31335: Fix ignored return value in set_alarm Haotian Zhang <vulab(a)iscas.ac.cn> rtc: gamecube: Check the return value of ioremap() Xiaogang Chen <xiaogang.chen(a)amd.com> drm/amdkfd: Use huge page size to check split svm range alignment Andres J Rosa <andyrosa(a)gmail.com> ALSA: uapi: Fix typo in asound.h comment Dave Kleikamp <dave.kleikamp(a)oracle.com> dma/pool: eliminate alloc_pages warning in atomic_pool_expand Troy Mitchell <troy.mitchell(a)linux.spacemit.com> i2c: spacemit: fix detect issue Kathara Sasikumar <katharasasikumar007(a)gmail.com> docs: hwmon: fix link to g762 devicetree binding Arnd Bergmann <arnd(a)arndb.de> gpio: tb10x: fix OF_GPIO dependency Mike Snitzer <snitzer(a)kernel.org> nfs/localio: remove 61 byte hole from needless ____cacheline_aligned Mike Snitzer <snitzer(a)hammerspace.com> nfs/localio: remove alignment size checking in nfs_is_local_dio_possible David Howells <dhowells(a)redhat.com> cifs: Fix handling of a beyond-EOF DIO/unbuffered read over SMB2 David Howells <dhowells(a)redhat.com> cifs: Fix handling of a beyond-EOF DIO/unbuffered read over SMB1 René Rebe <rene(a)exactco.de> drm/nouveau: fix circular dep oops from vendored i2c encoder Madhur Kumar <madhurkumar004(a)gmail.com> drm/nouveau: refactor deprecated strcpy Junrui Luo <moonafterrain(a)outlook.com> ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events Mark Brown <broonie(a)kernel.org> regulator: fixed: Rely on the core freeing the enable GPIO Dan Carpenter <dan.carpenter(a)linaro.org> drm/plane: Fix IS_ERR() vs NULL check in drm_plane_create_hotspot_properties() Caleb Sander Mateos <csander(a)purestorage.com> io_uring/kbuf: use READ_ONCE() for userspace-mapped memory Israel Rukshin <israelr(a)nvidia.com> nvme-auth: use kvfree() for memory allocated with kvcalloc() Shaurya Rane <ssrane_b23(a)ee.vjti.ac.in> block: fix memory leak in __blkdev_issue_zero_pages shechenglong <shechenglong(a)xfusion.com> block: fix comment for op_is_zone_mgmt() to include RESET_ALL Arnd Bergmann <arnd(a)arndb.de> drm/panel: novatek-nt35560: avoid on-stack device structure Cong Zhang <cong.zhang(a)oss.qualcomm.com> blk-mq: Abort suspend when wakeup events are pending Daeho Jeong <daehojeong(a)google.com> f2fs: revert summary entry count from 2048 to 512 in 16kb block support Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: ak5558: Disable regulator when error happens Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: ak4458: Disable regulator when error happens Hemalatha Pinnamreddy <hemalatha.pinnamreddy2(a)amd.com> ASoC: amd: acp: Audio is not resuming after s0ix Haotian Zhang <vulab(a)iscas.ac.cn> ASoC: bcm: bcm63xx-pcm-whistler: Check return value of of_dma_configure() Anton Khirnov <anton(a)khirnov.net> platform/x86: asus-wmi: use brightness_set_blocking() for kbd led Armin Wolf <W_Armin(a)gmx.de> fs/nls: Fix inconsistency between utf8_to_utf32() and utf32_to_utf8() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix inheritance of the block sizes when automounting Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags Trond Myklebust <trond.myklebust(a)hammerspace.com> Revert "nfs: ignore SB_RDONLY when mounting nfs" Trond Myklebust <trond.myklebust(a)hammerspace.com> Revert "nfs: clear SB_RDONLY before getting superblock" Trond Myklebust <trond.myklebust(a)hammerspace.com> Revert "nfs: ignore SB_RDONLY when remounting nfs" Akash Goel <akash.goel(a)arm.com> drm/panthor: Prevent potential UAF in group creation Jonathan Curley <jcurley(a)purestorage.com> NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Initialise verifiers for visible dentries in _nfs4_open_and_get_state Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Initialise verifiers for visible dentries in nfs_atomic_open() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Initialise verifiers for visible dentries in readdir and lookup Armin Wolf <W_Armin(a)gmx.de> fs/nls: Fix utf16 to utf8 conversion Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Avoid changing nlink when file removes and attribute updates race Abel Vesa <abel.vesa(a)linaro.org> kbuild: install-extmod-build: Properly fix CC expansion when ccache is used Haotian Zhang <vulab(a)iscas.ac.cn> rtc: amlogic-a4: fix double free caused by devm Daeho Jeong <daehojeong(a)google.com> f2fs: maintain one time GC mode is enabled during whole zoned GC cycle Xi Pardee <xi.pardee(a)linux.intel.com> platform/x86:intel/pmc: Update Arrow Lake telemetry GUID John Stultz <jstultz(a)google.com> sched/core: Fix psi_dequeue() for Proxy Execution xupengbo <xupengbo(a)oppo.com> sched/fair: Fix unfairness caused by stalled tg_load_avg_contrib when the last task migrates out Eric Sandeen <sandeen(a)redhat.com> 9p: fix cache/debug options printing in v9fs_show_options Abdun Nihaal <nihaal(a)cse.iitm.ac.in> fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe() Ian Rogers <irogers(a)google.com> perf stat: Allow no events to open if this is a "--null" run Haotian Zhang <vulab(a)iscas.ac.cn> pinctrl: single: Fix incorrect type for error return variable Ian Rogers <irogers(a)google.com> perf hist: In init, ensure mem_info is put on error paths Ian Rogers <irogers(a)google.com> perf kvm: Fix debug assertion Namhyung Kim <namhyung(a)kernel.org> perf tools: Fix split kallsyms DSO counting Namhyung Kim <namhyung(a)kernel.org> perf tools: Mark split kallsyms DSOs as loaded Namjae Jeon <linkinjeon(a)kernel.org> exfat: fix divide-by-zero in exfat_allocate_bitmap Shuhao Fu <sfual(a)cse.ust.hk> exfat: fix refcount leak in exfat_find Namhyung Kim <namhyung(a)kernel.org> perf jitdump: Add sym/str-tables to build-ID generation Xiang Mei <xmei5(a)asu.edu> net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: xrs700x: reject unsupported HSR configurations Xiaoliang Yang <xiaoliang.yang_1(a)nxp.com> net: hsr: create an API to get hsr port type Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: fix BCM5325/65 ARL entry VIDs Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: fix BCM5325/65 ARL entry multicast port masks Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: add support for bcm63xx ARL entry format Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: fix CPU port unicast ARL entries for BCM5325/65 Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: use same ARL search result offset for BCM5325/65 Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: add support for 5389/5397/5398 ARL entry format Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: move ARL entry functions into ops struct Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: split reading search entry into their own functions Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: provide accessors for accessing ARL_SRCH_CTL Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: move writing ARL entries into their own functions Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: move reading ARL entries into their own function Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: b53_arl_read{,25}(): use the entry for comparision Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: fix extracting VID from entry for BCM5325/65 Jonas Gorski <jonas.gorski(a)gmail.com> net: dsa: b53: fix VLAN_ID_IDX write size for BCM5325/65 Christophe Leroy (CS GROUP) <chleroy(a)kernel.org> um: Disable KASAN_INLINE when STATIC_LINK is selected Stefan Metzmacher <metze(a)samba.org> smb: client: relax WARN_ON_ONCE(SMBDIRECT_SOCKET_*) checks in recv_done() and smbd_conn_upcall() Stefan Metzmacher <metze(a)samba.org> smb: server: relax WARN_ON_ONCE(SMBDIRECT_SOCKET_*) checks in recv_done() and smb_direct_cm_handler() Stefan Metzmacher <metze(a)samba.org> smb: smbdirect: introduce SMBDIRECT_CHECK_STATUS_{WARN,DISCONNECT}() Stefan Metzmacher <metze(a)samba.org> smb: smbdirect: introduce SMBDIRECT_DEBUG_ERR_PTR() helper Johan Hovold <johan(a)kernel.org> clk: keystone: fix compile testing Yu Kuai <yukuai(a)fnnas.com> md/raid5: fix IO hang when array is broken with IO inflight Alexandru Gagniuc <mr.nuke.me(a)gmail.com> remoteproc: qcom_q6v5_wcss: fix parsing of qcom,halt-regs Kumar Kartikeya Dwivedi <memxor(a)gmail.com> rqspinlock: Use trylock fallback when per-CPU rqnode is busy Kumar Kartikeya Dwivedi <memxor(a)gmail.com> rqspinlock: Enclose lock/unlock within lock entry acquisitions Ivan Stepchenko <sid(a)itb.spb.ru> mtd: lpddr_cmds: fix signed shifts in lpddr_cmds Breno Leitao <leitao(a)debian.org> net: netpoll: initialize work queue before error checks Hangbin Liu <liuhangbin(a)gmail.com> selftests: bonding: add delay before each xvlan_over_bond connectivity check Robert Marko <robimarko(a)gmail.com> net: phy: aquantia: check for NVMEM deferral Mickaël Salaün <mic(a)digikod.net> landlock: Fix handling of disconnected directories Alex Williamson <alex.williamson(a)nvidia.com> vfio/pci: Use RCU for error/request triggers to avoid circular locking Dev Jain <dev.jain(a)arm.com> arm64/pageattr: Propagate return value from __change_memory_common Tianchu Chen <flynnnchen(a)tencent.com> spi: ch341: fix out-of-bounds memory access in ch341_transfer_one Haotian Zhang <vulab(a)iscas.ac.cn> mtd: rawnand: renesas: Handle devm_pm_runtime_enable() errors Alexey Kodanev <aleksei.kodanev(a)bell-sw.com> net: stmmac: fix rx limit check in stmmac_rx_zc() Antoine Tenart <atenart(a)kernel.org> net: vxlan: prevent NULL deref in vxlan_xmit_one Michal Schmidt <mschmidt(a)redhat.com> iavf: Implement settime64 with -EOPNOTSUPP Fernando Fernandez Mancera <fmancera(a)suse.de> netfilter: nft_connlimit: update the count if add was skipped Fernando Fernandez Mancera <fmancera(a)suse.de> netfilter: nf_conncount: rework API to use sk_buff directly Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: flowtable: check for maximum number of encapsulations in bridge vlan Ilias Stamatis <ilstam(a)amazon.com> Reinstate "resource: avoid unnecessary lookups in find_next_iomem_res()" Chen-Yu Tsai <wenst(a)chromium.org> arm64: dts: mediatek: mt8195: Fix address range for JPEG decoder core 1 sparkhuang <huangshaobo3(a)xiaomi.com> regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex Marek Szyprowski <m.szyprowski(a)samsung.com> ARM: dts: samsung: exynos4412-midas: turn off SDIO WLAN chip during system suspend Marek Szyprowski <m.szyprowski(a)samsung.com> ARM: dts: samsung: exynos4210-trats: turn off SDIO WLAN chip during system suspend Marek Szyprowski <m.szyprowski(a)samsung.com> ARM: dts: samsung: exynos4210-i9100: turn off SDIO WLAN chip during system suspend Marek Szyprowski <m.szyprowski(a)samsung.com> ARM: dts: samsung: universal_c210: turn off SDIO WLAN chip during system suspend Marek Szyprowski <m.szyprowski(a)samsung.com> soc: samsung: exynos-pmu: Fix structure initialization Mikhail Kshevetskiy <mikhail.kshevetskiy(a)iopsys.eu> spi: airoha-snfi: en7523: workaround flash damaging if UART_TXD was short to GND Cezary Rojewski <cezary.rojewski(a)intel.com> ASoC: Intel: catpt: Fix error path in hw_params() Michael S. Tsirkin <mst(a)redhat.com> virtio: clean up features qword/dword terms Alok Tiwari <alok.a.tiwari(a)oracle.com> vdpa/pds: use %pe for ERR_PTR() in event handler registration Mike Christie <michael.christie(a)oracle.com> vhost: Fix kthread worker cgroup failure handling Alok Tiwari <alok.a.tiwari(a)oracle.com> vdpa/mlx5: Fix incorrect error code reporting in query_virtqueues Michael S. Tsirkin <mst(a)redhat.com> virtio: fix map ops comment Michael S. Tsirkin <mst(a)redhat.com> virtio: fix virtqueue_set_affinity() docs Michael S. Tsirkin <mst(a)redhat.com> virtio: standardize Returns documentation style Michael S. Tsirkin <mst(a)redhat.com> virtio: fix grammar in virtio_map_ops docs Michael S. Tsirkin <mst(a)redhat.com> virtio: fix grammar in virtio_queue_info docs Michael S. Tsirkin <mst(a)redhat.com> virtio: fix whitespace in virtio_config_ops Michael S. Tsirkin <mst(a)redhat.com> virtio: fix typo in virtio_device_ready() comment Kriish Sharma <kriish.sharma2006(a)gmail.com> virtio: fix kernel-doc for mapping/free_coherent functions Alok Tiwari <alok.a.tiwari(a)oracle.com> virtio_vdpa: fix misleading return in void function Guenter Roeck <linux(a)roeck-us.net> of: Skip devicetree kunit tests when RISCV+ACPI doesn't populate root node Willem de Bruijn <willemb(a)google.com> selftests/net: packetdrill: pass send_omit_free to MSG_ZEROCOPY tests Yongjian Sun <sunyongjian1(a)huawei.com> ext4: improve integrity checking in __mb_check_buddy by enhancing order-0 validation Edward Adam Davis <eadavis(a)qq.com> bpf: Fix exclusive map memory leak Matthieu Buffet <matthieu(a)buffet.re> selftests/landlock: Fix makefile header list Kevin Brodsky <kevin.brodsky(a)arm.com> ublk: prevent invalid access with DEBUG René Rebe <rene(a)exactco.de> ACPI: processor_core: fix map_x2apic_id for amd-pstate on am4 Haotian Zhang <vulab(a)iscas.ac.cn> hwmon: sy7636a: Fix regulator_enable resource leak on error path Eric Huang <jinhuieric.huang(a)amd.com> drm/amdkfd: assign AID to uuid in topology for SPX mode Dan Carpenter <dan.carpenter(a)linaro.org> drm/amd/display: Fix logical vs bitwise bug in get_embedded_panel_info_v2_1() Will Rosenberg <whrosenb(a)asu.edu> kernfs: fix memory leak of kernfs_iattrs in __kernfs_new_node Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> misc: rp1: Fix an error handling path in rp1_probe() Christoph Hellwig <hch(a)lst.de> fs: lift the FMODE_NOCMTIME check into file_update_time_flags Christoph Hellwig <hch(a)lst.de> fs: refactor file timestamp update logic Haotian Zhang <vulab(a)iscas.ac.cn> greybus: gb-beagleplay: Fix timeout handling in bootloader functions Alexandre Courbot <acourbot(a)nvidia.com> firmware_loader: make RUST_FW_LOADER_ABSTRACTIONS select FW_LOADER Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: fsl_xcvr: clear the channel status control memory Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Prevent recursive memory reclaim Jaroslav Kysela <perex(a)perex.cz> ASoC: nau8325: add missing build config Jaroslav Kysela <perex(a)perex.cz> ASoC: nau8325: use simple i2c probe function Johan Hovold <johan(a)kernel.org> clocksource/drivers/nxp-stm: Prevent driver unbind Johan Hovold <johan(a)kernel.org> clocksource/drivers/nxp-stm: Fix section mismatches Johan Hovold <johan(a)kernel.org> clocksource/drivers/nxp-pit: Prevent driver unbind Johan Hovold <johan(a)kernel.org> clocksource/drivers/arm_arch_timer_mmio: Prevent driver unbind Johan Hovold <johan(a)kernel.org> clocksource/drivers/stm: Fix double deregistration on probe failure Haotian Zhang <vulab(a)iscas.ac.cn> clocksource/drivers/ralink: Fix resource leaks in init error path Akash Goel <akash.goel(a)arm.com> drm/panthor: Avoid adding of kernel BOs to extobj list Guillaume La Roque <glaroque(a)baylibre.com> arm64: dts: amlogic: meson-g12b: Fix L2 cache reference for S922X CPUs Jijun Wang <jijun.wang(a)intel.com> RDMA/irdma: Fix SRQ shadow area address initialization Jacob Moroni <jmoroni(a)google.com> RDMA/irdma: Remove doorbell elision logic Jacob Moroni <jmoroni(a)google.com> RDMA/irdma: Do not set IBK_LOCAL_DMA_LKEY for GEN3+ Jacob Moroni <jmoroni(a)google.com> RDMA/irdma: Do not directly rely on IB_PD_UNSAFE_GLOBAL_RKEY Anil Samal <anil.samal(a)intel.com> RDMA/irdma: Add missing mutex destroy Krzysztof Czurylo <krzysztof.czurylo(a)intel.com> RDMA/irdma: Fix SIGBUS in AEQ destroy Tatyana Nikolova <tatyana.e.nikolova(a)intel.com> RDMA/irdma: Add a missing kfree of struct irdma_pci_f for GEN2 Krzysztof Czurylo <krzysztof.czurylo(a)intel.com> RDMA/irdma: Fix data race in irdma_free_pble Krzysztof Czurylo <krzysztof.czurylo(a)intel.com> RDMA/irdma: Fix data race in irdma_sc_ccq_arm Stephan Gerhold <stephan.gerhold(a)linaro.org> iommu/arm-smmu-qcom: Enable use of all SMR groups when running bare-metal Randy Dunlap <rdunlap(a)infradead.org> backlight: lp855x: Fix lp855x.h kernel-doc warnings Luca Ceresoli <luca.ceresoli(a)bootlin.com> backlight: led-bl: Add devlink to supplier LEDs Ria Thomas <ria.thomas(a)morsemicro.com> wifi: ieee80211: correct FILS status codes Christoph Hellwig <hch(a)lst.de> iomap: allocate s_dio_done_wq for async reads as well Christoph Hellwig <hch(a)lst.de> iomap: always run error completions in user context David Gow <davidgow(a)google.com> um: Don't rename vmap to kernel_vmap Timur Tabi <ttabi(a)nvidia.com> drm/nouveau: restrict the flush page to a 32-bit address Shawn Lin <shawn.lin(a)rock-chips.com> PCI: dwc: Fix wrong PORT_LOGIC_LTSSM_STATE_MASK definition Filipe Manana <fdmanana(a)suse.com> btrfs: fix leaf leak in an error path in btrfs_del_items() Qu Wenruo <wqu(a)suse.com> btrfs: make sure extent and csum paths are always released in scrub_raid56_parity_stripe() Boris Burkov <boris(a)bur.io> btrfs: fix racy bitfield write in btrfs_clear_space_info_full() Miquel Sabaté Solà <mssola(a)mssola.com> btrfs: fix double free of qgroup record after failure to add delayed ref head Alan Maguire <alan.maguire(a)oracle.com> selftests/bpf: Allow selftests to build with older xxd Alan Maguire <alan.maguire(a)oracle.com> bpftool: Allow bpftool to build with openssl < 3 Ryan Huang <tzukui(a)google.com> iommu/arm-smmu-v3: Fix error check in arm_smmu_alloc_cd_tables Jianglei Nie <niejianglei2021(a)163.com> staging: fbtft: core: fix potential memory leak in fbtft_probe_common() Dinh Nguyen <dinguyen(a)kernel.org> firmware: stratix10-svc: fix make htmldocs warning for stratix10_svc Zilin Guan <zilin(a)seu.edu.cn> mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Add missing locking in mt7996_mac_sta_rc_work() Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: skip ieee80211_iter_keys() on scanning link remove Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: skip deflink accounting for offchannel links Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: Move mt76_abort_scan out of mt76_reset_device() Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: grab mt76 mutex in mt7996_mac_sta_event() Shayne Chen <shayne.chen(a)mediatek.com> wifi: mt76: mt7996: fix EMI rings for RRO Shayne Chen <shayne.chen(a)mediatek.com> wifi: mt76: mt7996: fix using wrong phy to start in mt7996_mac_restart() Shayne Chen <shayne.chen(a)mediatek.com> wifi: mt76: mt7996: fix MLO set key and group key issues Shayne Chen <shayne.chen(a)mediatek.com> wifi: mt76: mt7996: fix MLD group index assignment Shayne Chen <shayne.chen(a)mediatek.com> wifi: mt76: mt7996: set link_valid field when initializing wcid Shayne Chen <shayne.chen(a)mediatek.com> wifi: mt76: mt7996: fix teardown command for an MLD peer Shayne Chen <shayne.chen(a)mediatek.com> wifi: mt76: mt7996: fix several fields in mt7996_mcu_bss_basic_tlv() Howard Hsu <howard-yh.hsu(a)mediatek.com> wifi: mt76: mt7996: fix implicit beamforming support for mt7992 StanleyYP Wang <StanleyYP.Wang(a)mediatek.com> wifi: mt76: mt7996: fix max nss value when getting rx chainmask Fedor Pchelkin <pchelkin(a)ispras.ru> Revert "wifi: mt76: mt792x: improve monitor interface handling" Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Remove useless check in mt7996_msdu_page_get_from_cache() Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: wed: use proper wed reference in mt76 wed driver callabacks Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7996: Remove unnecessary link_id checks in mt7996_tx Felix Fietkau <nbd(a)nbd.name> wifi: mt76: mt7996: fix null pointer deref in mt7996_conf_tx() Shenghao Ding <shenghao-ding(a)ti.com> ASoC: tas2781: correct the wrong period Baojun Xu <baojun.xu(a)ti.com> ASoC: tas2781: Correct the wrong chip ID for reset variable check Herbert Xu <herbert(a)gondor.apana.org.au> crypto: ahash - Zero positive err value in ahash_update_finish Herbert Xu <herbert(a)gondor.apana.org.au> crypto: ahash - Fix crypto_ahash_import with partial block data Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Pass correct flag for dma mr creation Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix the inline size for GenP7 devices Gao Xiang <xiang(a)kernel.org> erofs: limit the level of fs stacking for file-backed mounts Gao Xiang <xiang(a)kernel.org> erofs: correct FSDAX detection Fangyu Yu <fangyu.yu(a)linux.alibaba.com> RISC-V: KVM: Fix guest page fault within HLV* instructions Pengjie Zhang <zhangpengjie2(a)huawei.com> PM / devfreq: hisi: Fix potential UAF in OPP handling Haotian Zhang <vulab(a)iscas.ac.cn> crypto: ccree - Correctly handle return of sg_nents_for_len Haotian Zhang <vulab(a)iscas.ac.cn> crypto: starfive - Correctly handle return of sg_nents_for_len Martin Teichmann <martin.teichmann(a)xfel.eu> bpf: properly verify tail call behavior Xing Guo <higuoxing(a)gmail.com> selftests/bpf: Update test_tag to use sha256 Matt Bobrowski <mattbobrowski(a)google.com> selftests/bpf: Improve reliability of test_perf_branches_no_hw() Matt Bobrowski <mattbobrowski(a)google.com> selftests/bpf: skip test_perf_branches_hw() on unsupported platforms Dan Carpenter <dan.carpenter(a)linaro.org> regulator: pca9450: Fix error code in probe() Gopi Krishna Menon <krishnagopi487(a)gmail.com> usb: raw-gadget: cap raw_io transfer length to KMALLOC_MAX_SIZE Jisheng Zhang <jszhang(a)kernel.org> usb: dwc2: fix hang during suspend if set as peripheral Jisheng Zhang <jszhang(a)kernel.org> usb: dwc2: fix hang during shutdown if set as peripheral Oliver Neukum <oneukum(a)suse.com> usb: chaoskey: fix locking for O_NONBLOCK Zhao Yipeng <zhaoyipeng5(a)huawei.com> ima: Handle error code returned by ima_filter_rule_match() Ivan Pravdin <ipravdin.official(a)gmail.com> rtla: Fix -a overriding -t argument Tomas Glozar <tglozar(a)redhat.com> rtla/tests: Fix osnoise test calling timerlat Tomas Glozar <tglozar(a)redhat.com> rtla/tests: Extend action tests to 5s Jason Tian <jason(a)os.amperecomputing.com> RAS: Report all ARM processor CPER information to userspace Seungjin Bae <eeodqql09(a)gmail.com> wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() Charles Mirabile <cmirabil(a)redhat.com> clk: spacemit: Set clk_hw_onecell_data::num before using flex array Chen Ridong <chenridong(a)huawei.com> cpuset: Treat cpusets in attaching as populated Alexander Dahl <ada(a)thorsis.com> net: phy: adin1100: Fix software power-down ready condition Matt Bobrowski <mattbobrowski(a)google.com> selftests/bpf: Use ASSERT_STRNEQ to factor in long slab cache names Charles Keepax <ckeepax(a)opensource.cirrus.com> ASoC: SDCA: Fix missing dash in HIDE DisCo property Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> phy: rockchip: samsung-hdptx: Prevent Inter-Pair Skew from exceeding the limits Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> phy: rockchip: samsung-hdptx: Reduce ROPLL loop bandwidth Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> phy: rockchip: samsung-hdptx: Fix reported clock rate in high bpc mode Xiaolei Wang <xiaolei.wang(a)windriver.com> phy: freescale: Initialize priv->lock Shawn Lin <shawn.lin(a)rock-chips.com> phy: rockchip: naneng-combphy: Fix PCIe L1ss support RK3562 Shawn Lin <shawn.lin(a)rock-chips.com> phy: rockchip: naneng-combphy: Fix PCIe L1ss support RK3528 Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> phy: renesas: rcar-gen3-usb2: Fix an error handling path in rcar_gen3_phy_usb2_probe() Fenglin Wu <fenglin.wu(a)oss.qualcomm.com> leds: rgb: leds-qcom-lpg: Don't enable TRILED when configuring PWM Yuntao Wang <yuntao.wang(a)linux.dev> of/fdt: Fix incorrect use of dt_root_addr_cells in early_init_dt_check_kho() Yuntao Wang <yuntao.wang(a)linux.dev> of/fdt: Fix the len check in early_init_dt_check_for_usable_mem_range() Yuntao Wang <yuntao.wang(a)linux.dev> of/fdt: Fix the len check in early_init_dt_check_for_elfcorehdr() Yuntao Wang <yuntao.wang(a)linux.dev> of/fdt: Consolidate duplicate code into helper functions Haotian Zhang <vulab(a)iscas.ac.cn> mfd: mt6358-irq: Fix missing irq_domain_remove() in error path Haotian Zhang <vulab(a)iscas.ac.cn> mfd: mt6397-irq: Fix missing irq_domain_remove() in error path Tomas Glozar <tglozar(a)redhat.com> tools/rtla: Fix --on-threshold always triggering Costa Shulyupin <costa.shul(a)redhat.com> tools/rtla: Fix unassigned nr_cpus Chien Wong <m(a)xv97.com> wifi: mac80211: fix CMAC functions not handling errors Aashish Sharma <aashish(a)aashishsharma.net> iommu/vt-d: Fix unused invalidation hint in qi_desc_iotlb Vineeth Pillai (Google) <vineeth(a)bitbyteword.org> iommu/vt-d: Set INTEL_IOMMU_FLOPPY_WA depend on BLK_DEV_FD Vladimir Oltean <vladimir.oltean(a)nxp.com> net: phy: realtek: create rtl8211f_config_rgmii_delay() Zilin Guan <zilin(a)seu.edu.cn> scsi: qla2xxx: Fix improper freeing of purex item Shawn Lin <shawn.lin(a)rock-chips.com> scsi: ufs: rockchip: Reset controller on PRE_CHANGE of hce enable notify Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: bcm2835: Make sure the channel is enabled after pwm_request() Leo Yan <leo.yan(a)arm.com> perf arm_spe: Fix memset subclass in operation Fernando Fernandez Mancera <fmancera(a)suse.de> ipv6: clear RA flags when adding a static route Longbin Li <looong.bin(a)gmail.com> spi: sophgo: Fix incorrect use of bus width value macros Akhil P Oommen <akhilpo(a)oss.qualcomm.com> drm/msm/a6xx: Improve MX rail fallback in RPMH vote init Akhil P Oommen <akhilpo(a)oss.qualcomm.com> drm/msm/a6xx: Fix the gemnoc workaround Akhil P Oommen <akhilpo(a)oss.qualcomm.com> drm/msm/a6xx: Flush LRZ cache before PT switch Jay Liu <jay.liu(a)mediatek.com> drm/mediatek: Fix CCORR mtk_ctm_s31_32_to_s1_n function issue Edward Adam Davis <eadavis(a)qq.com> fs/ntfs3: Prevent memory leaks in add sub record Edward Adam Davis <eadavis(a)qq.com> fs/ntfs3: out1 also needs to put mi Ovidiu Panait <ovidiu.panait.rb(a)renesas.com> net: stmmac: Fix VLAN 0 deletion in vlan_del_hw_rx_fltr() Ritesh Harjani (IBM) <ritesh.list(a)gmail.com> powerpc/64s/ptdump: Fix kernel_hash_pagetable dump for ISA v3.00 HPTE format Ritesh Harjani (IBM) <ritesh.list(a)gmail.com> powerpc/64s/hash: Restrict stress_hpt_struct memblock region to within RMA limit Pu Lehui <pulehui(a)huawei.com> bpf: Fix invalid prog->stats access when update_effective_progs fails Inochi Amaoto <inochiama(a)gmail.com> net: stmmac: dwmac-sophgo: Add phy interface filter Inochi Amaoto <inochiama(a)gmail.com> net: phy: Add helper for fixing RGMII PHY mode based on internal mac delay Abdun Nihaal <nihaal(a)cse.iitm.ac.in> wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() Christian Bruel <christian.bruel(a)foss.st.com> PCI: stm32: Fix EP page_size alignment Christian Bruel <christian.bruel(a)foss.st.com> PCI: stm32: Fix LTSSM EP race with start link Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> drm/msm/a2xx: stop over-complaining about the legacy firmware Huiwen He <hehuiwen(a)kylinos.cn> drm/msm: fix missing NULL check after kcalloc in crashstate_get_bos() Huiwen He <hehuiwen(a)kylinos.cn> drm/msm: Fix NULL pointer dereference in crashstate_get_vm_logs() Guenter Roeck <linux(a)roeck-us.net> block/blk-throttle: Fix throttle slice time for SSDs Alexander Stein <alexander.stein(a)ew.tq-group.com> arm64: dts: imx95-tqma9596sa: reduce maximum FlexSPI frequency to 66MHz Markus Niebel <Markus.Niebel(a)ew.tq-group.com> arm64: dts: imx95-tqma9596sa: fix TPM5 pinctrl node name Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD/blocklayout: Fix minlength check in proc_layoutget Al Viro <viro(a)zeniv.linux.org.uk> tracefs: fix a leak in eventfs_create_events_dir() Al Viro <viro(a)zeniv.linux.org.uk> fuse_ctl_add_conn(): fix nlink breakage in case of early failure Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> iio: core: Clean up device correctly on iio_device_alloc() failure Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> iio: core: add missing mutex_destroy in iio_dev_release() Haotian Zhang <vulab(a)iscas.ac.cn> watchdog: starfive: Fix resource leak in probe error path Haotian Zhang <vulab(a)iscas.ac.cn> watchdog: wdat_wdt: Fix ACPI table leak in probe function Nuno Das Neves <nunodasneves(a)linux.microsoft.com> mshv: Fix create memory region overlap check Nuno Das Neves <nunodasneves(a)linux.microsoft.com> mshv: Fix deposit memory in MSHV_ROOT_HVCALL Martin KaFai Lau <martin.lau(a)kernel.org> bpf: Check skb->transport_header is set in bpf_skb_check_mtu Alexei Starovoitov <ast(a)kernel.org> selftests/bpf: Fix failure paths in send_signal test Menglong Dong <menglong8.dong(a)gmail.com> bpf: Handle return value of ftrace_set_filter_ip in register_fentry Sahil Chandna <chandna.sahil(a)gmail.com> bpf: Prevent nesting overflow in bpf_try_get_buffers Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> kbuild: don't enable CC_CAN_LINK if the dummy program generates warnings Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> PCI: Prevent resource tree corruption when BAR resize fails Aaron Kling <webgeek1234(a)gmail.com> soc/tegra: fuse: speedo-tegra210: Update speedo IDs Rene Rebe <rene(a)exactco.de> ps3disk: use memcpy_{from,to}_bvec index Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> drm/msm/dpu: drop dpu_hw_dsc_destroy() prototype Praveen Talari <praveen.talari(a)oss.qualcomm.com> arm64: dts: qcom: qrb2210-rb1: Fix UART3 wakeup IRQ storm Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: Use %u to printf unsigned int pwm_chip::npwm and pwm_chip::id Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> pwm: Simplify printf to emit chip->npwm in $debugfs/pwm Aleksei Nikiforov <aleksei.nikiforov(a)linux.ibm.com> s390/fpu: Fix false-positive kmsan report in fpu_vstl() Zilin Guan <zilin(a)seu.edu.cn> crypto: iaa - Fix incorrect return value in save_iaa_wq() Ian Rogers <irogers(a)google.com> perf vendor metrics s390: Avoid has_event(INSTRUCTIONS) FUKAUMI Naoki <naoki(a)radxa.com> arm64: dts: rockchip: Add eeprom vcc-supply for Radxa ROCK 3C FUKAUMI Naoki <naoki(a)radxa.com> arm64: dts: rockchip: Add eeprom vcc-supply for Radxa ROCK 5A FUKAUMI Naoki <naoki(a)radxa.com> arm64: dts: rockchip: Move the EEPROM to correct I2C bus on Radxa ROCK 5A Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> soc: renesas: rz-sysc: Populate readable_reg/writeable_reg in regmap config Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> soc: renesas: r9a09g056-sys: Populate max_register Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: keystone: Exit ks_pcie_probe() for invalid mode Leon Hwang <leon.hwang(a)linux.dev> bpf: Free special fields when update [lru_,]percpu_hash maps Lizhi Hou <lizhi.hou(a)amd.com> accel/amdxdna: Fix deadlock between context destroy and job timeout Lizhi Hou <lizhi.hou(a)amd.com> accel/amdxdna: Clear mailbox interrupt register during channel creation Chaitanya S Prakash <chaitanyas.prakash(a)arm.com> arm64/mm: Allow __create_pgd_mapping() to propagate pgtable_alloc() errors Haotian Zhang <vulab(a)iscas.ac.cn> leds: netxbig: Fix GPIO descriptor leak in error paths Haotian Zhang <vulab(a)iscas.ac.cn> scsi: sim710: Fix resource leak by adding missing ioport_unmap() calls Tony Battersby <tonyb(a)cybernetics.com> scsi: qla2xxx: Clear cmds after chip reset Haotian Zhang <vulab(a)iscas.ac.cn> ACPI: property: Fix fwnode refcount leak in acpi_fwnode_graph_parse_endpoint() Joseph Qi <joseph.qi(a)linux.alibaba.com> ocfs2: use correct endian in ocfs2_dinode_has_extents Dmitry Antipov <dmantipov(a)yandex.ru> ocfs2: relax BUG() to ocfs2_error() in __ocfs2_move_extent() Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> lib/vsprintf: Check pointer before dereferencing in time_and_date() Haotian Zhang <vulab(a)iscas.ac.cn> clk: renesas: r9a06g032: Fix memory leak in error path Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> clk: renesas: r9a09g077: Propagate rate changes to parent clocks Jayesh Choudhary <j-choudhary(a)ti.com> drm/tidss: Move OLDI mode validation to OLDI bridge mode_valid hook Jayesh Choudhary <j-choudhary(a)ti.com> drm/tidss: Remove max_pclk_khz and min_pclk_khz from tidss display features Namhyung Kim <namhyung(a)kernel.org> perf tools: Fix missing feature check for inherit + SAMPLE_READ Leo Yan <leo.yan(a)arm.com> coresight: etm4x: Properly control filter in CPU idle with FEAT_TRF Leo Yan <leo.yan(a)arm.com> coresight: etm4x: Add context synchronization before enabling trace Leo Yan <leo.yan(a)arm.com> coresight: etm4x: Correct polling IDLE bit Leo Yan <leo.yan(a)arm.com> coresight: etm3x: Always set tracer's device mode on target CPU Leo Yan <leo.yan(a)arm.com> coresight: etm4x: Always set tracer's device mode on target CPU Leo Yan <leo.yan(a)arm.com> coresight: Change device mode to atomic type Bartlomiej Kubik <kubik.bartlomiej(a)gmail.com> fs/ntfs3: Initialize allocated memory before use David Wei <dw(a)davidwei.uk> io_uring/zcrx: call netdev_queue_get_dma_dev() under instance lock David Wei <dw(a)davidwei.uk> net: export netdev_get_by_index_lock() Zheng Qixing <zhengqixing(a)huawei.com> nbd: defer config unlock in nbd_genl_connect Abdun Nihaal <nihaal(a)cse.iitm.ac.in> wifi: cw1200: Fix potential memory leak in cw1200_bh_rx_helper() Long Li <leo.lilong(a)huawei.com> macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/32: Fix unpaired stwcx. on interrupt exit Sourabh Jain <sourabhjain(a)linux.ibm.com> powerpc/kdump: Fix size calculation for hot-removed memory ranges Gautham R. Shenoy <gautham.shenoy(a)amd.com> cpufreq/amd-pstate: Call cppc_set_auto_sel() only for online CPUs Li Nan <linan122(a)huawei.com> md: init bioset in mddev_init Li Nan <linan122(a)huawei.com> md: delete md_redundancy_group when array is becoming inactive Bean Huo <beanhuo(a)micron.com> scsi: ufs: core: fix incorrect buffer duplication in ufshcd_read_string_desc() Akash Goel <akash.goel(a)arm.com> drm/panthor: Fix potential memleak of vma structure Edward Adam Davis <eadavis(a)qq.com> ntfs3: init run lock for extend inode Carl Worth <carl(a)os.amperecomputing.com> coresight: tmc: add the handle of the event to the path Jihed Chaibi <jihed.chaibi.dev(a)gmail.com> ARM: dts: stm32: stm32mp157c-phycore: Fix STMPE811 touchscreen node properties Ma Ke <make24(a)iscas.ac.cn> RDMA/rtrs: server: Fix error handling in get_or_create_srv Manivannan Sadhasivam <manivannan.sadhasivam(a)oss.qualcomm.com> dt-bindings: PCI: amlogic: Fix the register name of the DBI region Rodrigo Gobbi <rodrigo.gobbi.7(a)gmail.com> iio: imu: bmi270: fix dev_err_probe error msg Johan Hovold <johan(a)kernel.org> staging: most: remove broken i2c driver Mike McGowen <mike.mcgowen(a)microchip.com> scsi: smartpqi: Fix device resources accessed after device removal Haotian Zhang <vulab(a)iscas.ac.cn> scsi: stex: Fix reboot_notifier leak in probe error path Zheng Qixing <zhengqixing(a)huawei.com> nbd: defer config put in recv_work Xiao Ni <xni(a)redhat.com> md: avoid repeated calls to del_gendisk Yun Zhou <yun.zhou(a)windriver.com> md: fix rcu protection in md_wakeup_thread Xiao Ni <xni(a)redhat.com> md: delete mddev kobj before deleting gendisk kobj Gabor Juhos <j4g8y7(a)gmail.com> regulator: core: disable supply if enabling main regulator fails Dapeng Mi <dapeng1.mi(a)linux.intel.com> perf/x86/intel: Correct large PEBS flag check Dapeng Mi <dapeng1.mi(a)linux.intel.com> perf/x86: Fix NULL event access and potential PEBS record loss Pavel Begunkov <asml.silence(a)gmail.com> io_uring: use WRITE_ONCE for user shared memory FUKAUMI Naoki <naoki(a)radxa.com> arm64: dts: rockchip: Fix USB Type-C host mode for Radxa ROCK 5B+/5T Dan Carpenter <dan.carpenter(a)linaro.org> hfs: fix potential use after free in hfs_correct_next_unused_CNID() Lizhi Hou <lizhi.hou(a)amd.com> accel/amdxdna: Fix dma_fence leak when job is canceled Zhang Yi <yi.zhang(a)huawei.com> ext4: correct the checking of quota files before moving extents Manish Dharanenthiran <manish.dharanenthiran(a)oss.qualcomm.com> wifi: ath12k: Fix timeout error during beacon stats retrieval Haotian Zhang <vulab(a)iscas.ac.cn> mfd: da9055: Fix missing regmap_del_irq_chip() in error path Namhyung Kim <namhyung(a)kernel.org> perf annotate: Fix build with NO_SLANG=1 Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: rtw89: usb: fix leak in rtw89_usb_write_port() Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: rtw89: usb: use common error path for skbs in rtw89_usb_rx_handler() Wang Liang <wangliang74(a)huawei.com> locktorture: Fix memory leak in param_set_cpumask() Usama Arif <usamaarif642(a)gmail.com> efi/libstub: Fix page table access in 5-level to 4-level paging transition Usama Arif <usamaarif642(a)gmail.com> x86/boot: Fix page table access in 5-level to 4-level paging transition Xiaoqi Zhuang <xiaoqi.zhuang(a)oss.qualcomm.com> coresight: ETR: Fix ETR buffer use-after-free issue Niklas Cassel <cassel(a)kernel.org> arm64: tegra: Add pinctrl definitions for pcie-ep nodes Peter Zijlstra <peterz(a)infradead.org> entry,unwind/deferred: Fix unwind_reset_info() placement Jihed Chaibi <jihed.chaibi.dev(a)gmail.com> ARM: dts: omap3: n900: Correct obsolete TWL4030 power compatible Jihed Chaibi <jihed.chaibi.dev(a)gmail.com> ARM: dts: omap3: beagle-xm: Correct obsolete TWL4030 power compatible Yegor Yefremov <yegorslists(a)googlemail.com> ARM: dts: am335x-netcom-plus-2xx: add missing GPIO labels Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: am33xx: Add missing serial console speed Alan Maguire <alan.maguire(a)oracle.com> libbpf: Fix parsing of multi-split BTF Vishwaroop A <va(a)nvidia.com> spi: tegra210-quad: Fix timeout handling Matthew Brost <matthew.brost(a)intel.com> drm/xe: Enforce correct user fence signaling order using Christian Brauner <brauner(a)kernel.org> cleanup: fix scoped_class() Songtang Liu <liusongtang(a)bytedance.com> iommu/amd: Fix potential out-of-bounds read in iommu_mmio_show Christian Brauner <brauner(a)kernel.org> ns: initialize ns_list_node for initial namespaces Christian Brauner <brauner(a)kernel.org> ns: add NS_COMMON_INIT() Thomas Richard (TI.com) <thomas.richard(a)bootlin.com> firmware: ti_sci: Set IO Isolation only if the firmware is capable Boris Brezillon <boris.brezillon(a)collabora.com> drm/panthor: Fix UAF on kernel BO VA nodes Ketil Johnsen <ketil.johnsen(a)arm.com> drm/panthor: Fix race with suspend during unplug Ketil Johnsen <ketil.johnsen(a)arm.com> drm/panthor: Fix UAF race between device unplug and FW event processing Boris Brezillon <boris.brezillon(a)collabora.com> drm/panthor: Fix group_free_queue() for partially initialized queues Boris Brezillon <boris.brezillon(a)collabora.com> drm/panthor: Handle errors returned by drm_sched_entity_init() Tingmao Wang <m(a)maowtm.org> fs/9p: Don't open remote file with APPEND mode when writeback cache is used Mike Christie <michael.christie(a)oracle.com> scsi: target: Fix LUN/device R/W and total command stats Bart Van Assche <bvanassche(a)acm.org> scsi: target: Do not write NUL characters into ASCII configfs output Ahelenia Ziemiańska <nabijaczleweli(a)nabijaczleweli.xyz> power: supply: apm_power: only unset own apm_get_power_status Val Packett <val(a)packett.cool> power: supply: qcom_battmgr: support disabling charge control Val Packett <val(a)packett.cool> power: supply: qcom_battmgr: clamp charge control thresholds Ivan Abramov <i.abramov(a)mt-integration.ru> power: supply: wm831x: Check wm831x_set_bits() return value Murad Masimov <m.masimov(a)mt-integration.ru> power: supply: rt9467: Prevent using uninitialized local variable in rt9467_set_value_from_ranges() Ivan Abramov <i.abramov(a)mt-integration.ru> power: supply: rt9467: Return error on failure in rt9467_set_value_from_ranges() Ivan Abramov <i.abramov(a)mt-integration.ru> power: supply: max17040: Check iio_read_channel_processed() return code Ivan Abramov <i.abramov(a)mt-integration.ru> power: supply: cw2015: Check devm_delayed_work_autocancel() return code Haotian Zhang <vulab(a)iscas.ac.cn> power: supply: rt5033_charger: Fix device node reference leaks Frederic Weisbecker <frederic(a)kernel.org> timers/migration: Fix imbalanced NUMA trees Frederic Weisbecker <frederic(a)kernel.org> timers/migration: Remove locking on group connection Frederic Weisbecker <frederic(a)kernel.org> timers/migration: Convert "while" loops to use "for" Taniya Das <taniya.das(a)oss.qualcomm.com> clk: qcom: tcsrcc-glymur: Update register offsets for clock refs Shuai Xue <xueshuai(a)linux.alibaba.com> perf record: skip synthesize event when open evsel failed Namhyung Kim <namhyung(a)kernel.org> perf lock contention: Load kernel map before lookup Geert Uytterhoeven <geert+renesas(a)glider.be> drm/imagination: Fix reference to devm_platform_get_and_ioremap_resource() Christian Brauner <brauner(a)kernel.org> cgroup: add cgroup namespace to tree after owner is set Marek Vasut <marek.vasut+renesas(a)mailbox.org> arm64: dts: renesas: sparrow-hawk: Fix full-size DP connector node name and labels Kuan-Wei Chiu <visitorckw(a)gmail.com> interconnect: debugfs: Fix incorrect error handling for NULL path Lizhi Hou <lizhi.hou(a)amd.com> accel/amdxdna: Fix incorrect command state for timed out job Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> arm64: dts: qcom: msm8996: add interconnect paths to USB2 controller Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com> interconnect: qcom: msm8996: add missing link to SLAVE_USB_HS Rameshkumar Sundaram <rameshkumar.sundaram(a)oss.qualcomm.com> wifi: ath12k: unassign arvif on scan vdev create failure Rameshkumar Sundaram <rameshkumar.sundaram(a)oss.qualcomm.com> wifi: ath12k: enforce vdev limit in ath12k_mac_vdev_create() Baochen Qiang <baochen.qiang(a)oss.qualcomm.com> wifi: ath12k: fix error handling in creating hardware group Baochen Qiang <baochen.qiang(a)oss.qualcomm.com> wifi: ath12k: fix reusing m3 memory Abdun Nihaal <nihaal(a)cse.iitm.ac.in> wifi: ath12k: fix potential memory leak in ath12k_wow_arp_ns_offload() Jacob Keller <jacob.e.keller(a)intel.com> docs: kdoc: fix duplicate section warning message Arnd Bergmann <arnd(a)arndb.de> random: use offstack cpumask when necessary Stanley Chu <yschu(a)nuvoton.com> i3c: master: svc: Prevent incomplete IBI transaction Frank Li <Frank.Li(a)nxp.com> i3c: fix refcount inconsistency in i3c_master_register Aniket Limaye <a-limaye(a)ti.com> arm64: dts: ti: k3-j784s4: Fix I2C pinmux pull configuration Christian Brauner <brauner(a)kernel.org> pidfs: add missing BUILD_BUG_ON() assert on struct pidfd_info Christian Brauner <brauner(a)kernel.org> pidfs: add missing PIDFD_INFO_SIZE_VER1 Tomasz Rusinowicz <tomasz.rusinowicz(a)intel.com> accel/ivpu: Fix race condition when unbinding BOs Danilo Krummrich <dakr(a)kernel.org> drm: nova: select NOVA_CORE Haotian Zhang <vulab(a)iscas.ac.cn> pinctrl: stm32: fix hwspinlock resource leak in probe function Haotian Zhang <vulab(a)iscas.ac.cn> soc: qcom: smem: fix hwspinlock resource leak in probe error paths Taniya Das <taniya.das(a)oss.qualcomm.com> clk: qcom: gcc-qcs615: Update the SDCC clock to use shared_floor_ops Benjamin Berg <benjamin.berg(a)intel.com> tools/nolibc/dirent: avoid errno in readdir_r Benjamin Berg <benjamin.berg(a)intel.com> tools/nolibc/stdio: let perror work when NOLIBC_IGNORE_ERRNO is set Maciej Falkowski <maciej.falkowski(a)linux.intel.com> accel/ivpu: Remove skip of dma unmap for imported buffers Tengda Wu <wutengda(a)huaweicloud.com> x86/dumpstack: Prevent KASAN false positive warnings in __show_regs() Marek Vasut <marek.vasut+renesas(a)mailbox.org> drm/rcar-du: dsi: Fix missing parameter in RXSETR_...EN macros Peter Zijlstra <peterz(a)infradead.org> task_work: Fix NMI race condition Zhang Rui <rui.zhang(a)intel.com> perf/x86/intel/cstate: Remove PC3 support from LunarLake Arnaud Lecomte <contact(a)arnaud-lcm.com> bpf: Fix stackmap overflow check in __bpf_get_stackid() Arnaud Lecomte <contact(a)arnaud-lcm.com> bpf: Refactor stack map trace depth calculation into helper function Haotian Zhang <vulab(a)iscas.ac.cn> mtd: rawnand: lpc32xx_slc: fix GPIO descriptor leak on probe error and remove Aryan Srivastava <aryan.srivastava(a)alliedtelesis.co.nz> mtd: nand: relax ECC parameter validation check Aryan Srivastava <aryan.srivastava(a)alliedtelesis.co.nz> Revert "mtd: rawnand: marvell: fix layouts" Li Qiang <liqiang01(a)kylinos.cn> wifi: iwlwifi: mld: add null check for kzalloc() in iwl_mld_send_proto_offload() Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/userq: fix SDMA and compute validation Prike Liang <Prike.Liang(a)amd.com> drm/amdgpu: add userq object va track helpers Wolfram Sang <wsa+renesas(a)sang-engineering.com> ARM: dts: renesas: r9a06g032-rzn1d400-db: Drop invalid #cells properties Wolfram Sang <wsa+renesas(a)sang-engineering.com> ARM: dts: renesas: gose: Remove superfluous port property Zhu Yanjun <yanjun.zhu(a)linux.dev> RDMA/rxe: Fix null deref on srq->rq.queue after resize failure Loic Poulain <loic.poulain(a)oss.qualcomm.com> arm64: dts: qcom: qcm2290: Fix camss register prop ordering Kuniyuki Iwashima <kuniyu(a)google.com> sctp: Defer SCTP_DBG_OBJCNT_DEC() to sctp_destroy_sock(). Horatiu Vultur <horatiu.vultur(a)microchip.com> phy: mscc: Fix PTP for VSC8574 and VSC8572 Michal Suchanek <msuchanek(a)suse.de> perf hwmon_pmu: Fix uninitialized variable warning Eric Gonçalves <ghatto404(a)gmail.com> arm64: dts: qcom: sm8250-samsung-common: correct reserved pins Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com> arm64: dts: qcom: sdm845-starqltechn: Fix i2c-gpio node name Pengyu Luo <mitltlatltl(a)gmail.com> arm64: dts: qcom: sc8280xp: Fix shifted GPI DMA channels Val Packett <val(a)packett.cool> arm64: dts: qcom: x1-dell-thena: remove dp data-lanes Val Packett <val(a)packett.cool> arm64: dts: qcom: x1-dell-thena: Add missing pinctrl for eDP HPD Alexander Martinz <amartinz(a)shiftphones.com> arm64: dts: qcom: qcm6490-shift-otter: Add missing reserved-memory Krishna Chaitanya Chundru <krishna.chundru(a)oss.qualcomm.com> arm64: dts: qcom: sm8750-mtp: move PCIe GPIOs to pcieport0 node Neil Armstrong <neil.armstrong(a)linaro.org> arm64: dts: qcom: sm8650: set ufs as dma coherent Luca Weiss <luca.weiss(a)fairphone.com> arm64: dts: qcom: qcm6490-fairphone-fp5: Add supplies to simple-fb node Gergo Koteles <soyer(a)irl.hu> arm64: dts: qcom: sdm845-oneplus: Correct gpio used for slider Dzmitry Sankouski <dsankouski(a)gmail.com> arm64: dts: qcom: sdm845-starqltechn: fix max77705 interrupts Dzmitry Sankouski <dsankouski(a)gmail.com> arm64: dts: qcom: sdm845-starqltechn: remove (address|size)-cells Willy Tarreau <w(a)1wt.eu> tools/nolibc: x86: fix section mismatch caused by asm "mem*" functions Krishna Kurapati <krishna.kurapati(a)oss.qualcomm.com> arm64: dts: qcom: lemans: Add missing quirk for HS only USB controller Krishna Kurapati <krishna.kurapati(a)oss.qualcomm.com> arm64: dts: qcom: x1e80100: Add missing quirk for HS only USB controller Krishna Kurapati <krishna.kurapati(a)oss.qualcomm.com> arm64: dts: qcom: x1e80100: Fix compile warnings for USB HS controller Peng Fan <peng.fan(a)nxp.com> firmware: imx: scu-irq: fix OF node leak in Randolph Sapp <rs(a)ti.com> arm64: dts: ti: k3-am62p: Fix memory ranges for GPU Bhanu Seshu Kumar Valluri <bhanuseshukumar(a)gmail.com> PCI: endpoint: pci-epf-test: Fix sleeping function being called from atomic context Thomas Richard <thomas.richard(a)bootlin.com> leds: upboard: Fix module alias Przemek Kitszel <przemyslaw.kitszel(a)intel.com> ice: remove duplicate call to ice_deinit_hw() on error paths Przemek Kitszel <przemyslaw.kitszel(a)intel.com> ice: move ice_deinit_dev() to the end of deinit paths Przemek Kitszel <przemyslaw.kitszel(a)intel.com> ice: extract ice_init_dev() from ice_init() Przemek Kitszel <przemyslaw.kitszel(a)intel.com> ice: move ice_init_pf() out of ice_init_dev() Przemek Kitszel <przemyslaw.kitszel(a)intel.com> ice: move udp_tunnel_nic and misc IRQ setup into ice_init_pf() Przemek Kitszel <przemyslaw.kitszel(a)intel.com> ice: ice_init_pf: destroy mutexes and xarrays on memory alloc failure Przemek Kitszel <przemyslaw.kitszel(a)intel.com> ice: move ice_init_interrupt_scheme() prior ice_init_pf() Przemek Kitszel <przemyslaw.kitszel(a)intel.com> ice: move service task start out of ice_init_pf() Lizhi Hou <lizhi.hou(a)amd.com> accel/amdxdna: Fix uninitialized return value Baochen Qiang <baochen.qiang(a)oss.qualcomm.com> wifi: ath12k: restore register window after global reset Len Brown <len.brown(a)intel.com> tools/power turbostat: Regression fix Uncore MHz printed in hex Heiko Carstens <hca(a)linux.ibm.com> s390/ap: Don't leak debug feature files if AP instructions are not available Bart Van Assche <bvanassche(a)acm.org> scsi: ufs: core: Move the ufshcd_enable_intr() declaration Heiko Carstens <hca(a)linux.ibm.com> s390/smp: Fix fallback CPU detection Baochen Qiang <baochen.qiang(a)oss.qualcomm.com> wifi: ath11k: fix peer HE MCS assignment Baochen Qiang <baochen.qiang(a)oss.qualcomm.com> wifi: ath11k: fix VHT MCS assignment nieweiqiang <nieweiqiang(a)huawei.com> crypto: hisilicon/qm - restore original qos values Thorsten Blum <thorsten.blum(a)linux.dev> crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id Haotian Zhang <vulab(a)iscas.ac.cn> soc: qcom: gsbi: fix double disable caused by devm Luca Weiss <luca.weiss(a)fairphone.com> clk: qcom: camcc-sm7150: Fix PLL config of PLL2 Luca Weiss <luca.weiss(a)fairphone.com> clk: qcom: camcc-sm6350: Fix PLL config of PLL2 Luo Jie <quic_luoj(a)quicinc.com> clk: qcom: gcc-ipq5424: Correct the icc_first_node_id Taniya Das <taniya.das(a)oss.qualcomm.com> clk: qcom: gcc-glymur: Update the halt check flags for pipe clocks Taniya Das <taniya.das(a)oss.qualcomm.com> clk: qcom: gcc-sm8750: Add a new frequency for sdcc2 clock Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com> clk: qcom: rpmh: Define RPMH_IPA_CLK on QCS615 Vladimir Zapolskiy <vladimir.zapolskiy(a)linaro.org> clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as a parent to other Vladimir Zapolskiy <vladimir.zapolskiy(a)linaro.org> clk: qcom: camcc-sm8550: Specify Titan GDSC power domain as a parent to other Sherry Sun <sherry.sun(a)nxp.com> tty: serial: imx: Only configure the wake register when device is set as wakeup source Li Qiang <liqiang01(a)kylinos.cn> uio: uio_fsl_elbc_gpcm:: Add null pointer check to uio_fsl_elbc_gpcm_probe Geert Uytterhoeven <geert+renesas(a)glider.be> PCI: rcar-gen2: Drop ARM dependency from PCI_RCAR_GEN2 Peter Griffin <peter.griffin(a)linaro.org> arm64: dts: exynos: gs101: fix sysreg_apm reg property Peter Griffin <peter.griffin(a)linaro.org> arm64: dts: exynos: gs101: fix clock module unit reg sizes Tianyou Li <tianyou.li(a)intel.com> perf annotate: Check return value of evsel__get_arch() properly Joy Zou <joy.zou(a)nxp.com> arm64: dts: imx95-15x15-evk: add fan-supply property for pwm-fan Tim Harvey <tharvey(a)gateworks.com> arm64: dts: imx8mp-venice-gw702x: remove off-board sdhc1 Tim Harvey <tharvey(a)gateworks.com> arm64: dts: imx8mp-venice-gw702x: remove off-board uart Tim Harvey <tharvey(a)gateworks.com> arm64: dts: imx8mm-venice-gw72xx: remove unused sdhc1 pinctrl Tim Harvey <tharvey(a)gateworks.com> arm64: dts: freescale: imx8mp-venice-gw7905-2x: remove duplicate usdhc1 props Daniel Borkmann <daniel(a)iogearbox.net> bpf: Do not let BPF test infra emit invalid GSO types to stack Bart Van Assche <bvanassche(a)acm.org> block/mq-deadline: Switch back to a single dispatch list Bart Van Assche <bvanassche(a)acm.org> block/mq-deadline: Introduce dd_start_request() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> PCI: sg2042: Fix a reference count issue in sg2042_pcie_remove() T Pratham <t-pratham(a)ti.com> crypto: aead - Fix reqsize handling Ian Rogers <irogers(a)google.com> perf parse-events: Make X modifier more respectful of groups Randy Dunlap <rdunlap(a)infradead.org> firmware: qcom: tzmem: fix qcom_tzmem_policy kernel-doc Francesco Lavra <flavra(a)baylibre.com> iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member Kathiravan Thirumoorthy <kathiravan.thirumoorthy(a)oss.qualcomm.com> arm64: dts: qcom: ipq5424: correct the TF-A reserved memory to 512K Sidharth Seela <sidharthseela(a)gmail.com> ntfs3: Fix uninit buffer allocated by __getname() Raphael Pinsonneault-Thibeault <rpthibeault(a)gmail.com> ntfs3: fix uninit memory after failed mi_read in mi_format_new Herbert Xu <herbert(a)gondor.apana.org.au> crypto: authenc - Correctly pass EINPROGRESS back up to the caller Johan Hovold <johan(a)kernel.org> irqchip: Pass platform device to platform drivers Johan Hovold <johan(a)kernel.org> irqchip: Drop leftover brackets Johan Hovold <johan(a)kernel.org> irqchip/qcom-irq-combiner: Fix section mismatch Johan Hovold <johan(a)kernel.org> irqchip/starfive-jh8100: Fix section mismatch Johan Hovold <johan(a)kernel.org> irqchip/renesas-rzg2l: Fix section mismatch Johan Hovold <johan(a)kernel.org> irqchip/imx-mu-msi: Fix section mismatch Johan Hovold <johan(a)kernel.org> irqchip/irq-brcmstb-l2: Fix section mismatch Johan Hovold <johan(a)kernel.org> irqchip/irq-bcm7120-l2: Fix section mismatch Johan Hovold <johan(a)kernel.org> irqchip/irq-bcm7038-l1: Fix section mismatch Johan Hovold <johan(a)kernel.org> irqchip/bcm2712-mip: Fix section mismatch Johan Hovold <johan(a)kernel.org> irqchip/bcm2712-mip: Fix OF node reference imbalance Fernand Sieber <sieberf(a)amazon.com> sched/fair: Forfeit vruntime on yield Pradeep Kumar Chitrapu <quic_pradeepc(a)quicinc.com> wifi: ath12k: fix TX and RX MCS rate configurations in HE mode Baochen Qiang <baochen.qiang(a)oss.qualcomm.com> wifi: ath12k: fix VHT MCS assignment Sarika Sharma <sarika.sharma(a)oss.qualcomm.com> wifi: ath12k: Fix MSDU buffer types handling in RX error path Baochen Qiang <baochen.qiang(a)oss.qualcomm.com> wifi: ath11k: restore register window after global reset Kang Yang <kang.yang(a)oss.qualcomm.com> wifi: ath10k: move recovery check logic into a new work Danilo Krummrich <dakr(a)kernel.org> gpu: nova-core: gsp: do not unwrap() SGEntry Danilo Krummrich <dakr(a)kernel.org> gpu: nova-core: gsp: remove useless conversion Ian Rogers <irogers(a)google.com> perf parse-events: Fix legacy cache events if event is duplicated in a PMU Wludzik, Jozef <jozef.wludzik(a)intel.com> accel/ivpu: Fix race condition when mapping dmabuf Josh Poimboeuf <jpoimboe(a)kernel.org> objtool: Fix weak symbol detection Dylan Hatch <dylanbhatch(a)google.com> objtool: Fix standalone --hacks=jump_label Peng Fan <peng.fan(a)nxp.com> remoteproc: imx_rproc: Fix runtime PM cleanup and improve remove path Mavroudis Chatzilazaridis <mavchatz(a)protonmail.com> HID: logitech-hidpp: Do not assume FAP in hidpp_send_message_sync() Cyrille Pitchen <cyrille.pitchen(a)microchip.com> drm: atmel-hlcdc: fix atmel_xlcdc_plane_setup_scaler() Marek Vasut <marek.vasut+renesas(a)mailbox.org> clk: renesas: cpg-mssr: Read back reset registers to assure values latched Marek Vasut <marek.vasut+renesas(a)mailbox.org> clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle callback Biju Das <biju.das.jz(a)bp.renesas.com> pinctrl: renesas: rzg2l: Fix PMC restore Roberto Sassu <roberto.sassu(a)huawei.com> ima: Attach CREDS_CHECK IMA hook to bprm_creds_from_file LSM hook Abel Vesa <abel.vesa(a)linaro.org> pinctrl: qcom: glymur: Fix the gpio and egpio pin functions Abel Vesa <abel.vesa(a)linaro.org> pinctrl: qcom: glymur: Drop unnecessary platform data from match table Ian Rogers <irogers(a)google.com> perf bpf_counter: Fix opening of "any"(-1) CPU events Seungjin Bae <eeodqql09(a)gmail.com> USB: Fix descriptor count when handling invalid MBIM extended descriptor Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> tools/nolibc: handle NULL wstatus argument to waitpid() Mykyta Yatsenko <yatsenko(a)meta.com> bpf: Fix handling maps with no BTF and non-constant offsets for the bpf_wq Kumar Kartikeya Dwivedi <memxor(a)gmail.com> bpf: Fix sleepable context for async callbacks Siddharth Chintamaneni <sidchintamaneni(a)gmail.com> bpf: Cleanup unused func args in rqspinlock implementation Janusz Krzysztofik <janusz.krzysztofik(a)linux.intel.com> drm/vgem-fence: Fix potential deadlock on release Karol Wachowski <karol.wachowski(a)linux.intel.com> accel/ivpu: Fix DCT active percent format Jacek Lawrynowicz <jacek.lawrynowicz(a)linux.intel.com> accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context() Jacek Lawrynowicz <jacek.lawrynowicz(a)linux.intel.com> accel/ivpu: Rework bind/unbind of imported buffers Guido Günther <agx(a)sigxcpu.org> drm/panel: visionox-rm69299: Don't clear all mode flags Guido Günther <agx(a)sigxcpu.org> drm/panel: visionox-rm69299: Fix clock frequency for SHIFT6mq Karol Wachowski <karol.wachowski(a)linux.intel.com> accel/ivpu: Ensure rpm_runtime_put in case of engine reset/resume fail Lizhi Hou <lizhi.hou(a)amd.com> accel/amdxdna: Call dma_buf_vmap_unlocked() for imported object Lizhi Hou <lizhi.hou(a)amd.com> accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array() Mainak Sen <msen(a)nvidia.com> gpu: host1x: Fix race in syncpt alloc/free Konstantin Andreev <andreev(a)swemel.ru> smack: fix bug: setting task label silently ignores input garbage Konstantin Andreev <andreev(a)swemel.ru> smack: fix bug: unprivileged task can create labels Konstantin Andreev <andreev(a)swemel.ru> smack: fix bug: invalid label of unix socket file Konstantin Andreev <andreev(a)swemel.ru> smack: always "instantiate" inode in smack_inode_init_security() Konstantin Andreev <andreev(a)swemel.ru> smack: deduplicate xattr setting in smack_inode_init_security() Konstantin Andreev <andreev(a)swemel.ru> smack: deduplicate "does access rule request transmutation" Konstantin Andreev <andreev(a)swemel.ru> smack: fix bug: SMACK64TRANSMUTE set on non-directory ------------- Diffstat: Documentation/admin-guide/LSM/Smack.rst | 16 +- .../devicetree/bindings/pci/amlogic,axg-pcie.yaml | 6 +- Documentation/hwmon/g762.rst | 2 +- Makefile | 4 +- arch/arm/boot/dts/renesas/r8a7793-gose.dts | 1 - .../arm/boot/dts/renesas/r9a06g032-rzn1d400-db.dts | 2 - arch/arm/boot/dts/samsung/exynos4210-i9100.dts | 1 + arch/arm/boot/dts/samsung/exynos4210-trats.dts | 1 + .../boot/dts/samsung/exynos4210-universal_c210.dts | 1 + arch/arm/boot/dts/samsung/exynos4412-midas.dtsi | 1 + .../dts/st/stm32mp157c-phycore-stm32mp15-som.dtsi | 8 +- arch/arm/boot/dts/ti/omap/am335x-bone-common.dtsi | 2 +- arch/arm/boot/dts/ti/omap/am335x-boneblue.dts | 2 +- arch/arm/boot/dts/ti/omap/am335x-chiliboard.dts | 2 +- arch/arm/boot/dts/ti/omap/am335x-evm.dts | 2 +- arch/arm/boot/dts/ti/omap/am335x-evmsk.dts | 2 +- arch/arm/boot/dts/ti/omap/am335x-guardian.dts | 2 +- arch/arm/boot/dts/ti/omap/am335x-icev2.dts | 2 +- arch/arm/boot/dts/ti/omap/am335x-myirtech-myd.dts | 2 +- .../boot/dts/ti/omap/am335x-netcom-plus-2xx.dts | 8 +- .../arm/boot/dts/ti/omap/am335x-osd3358-sm-red.dts | 2 +- arch/arm/boot/dts/ti/omap/am335x-pdu001.dts | 2 +- arch/arm/boot/dts/ti/omap/am335x-pocketbeagle.dts | 2 +- arch/arm/boot/dts/ti/omap/am335x-sl50.dts | 2 +- arch/arm/boot/dts/ti/omap/omap3-beagle-xm.dts | 2 +- arch/arm/boot/dts/ti/omap/omap3-n900.dts | 2 +- arch/arm/include/asm/word-at-a-time.h | 10 +- arch/arm64/boot/dts/amlogic/meson-g12b.dtsi | 4 +- arch/arm64/boot/dts/exynos/google/gs101.dtsi | 18 +- .../boot/dts/freescale/imx8mm-venice-gw72xx.dtsi | 11 - .../boot/dts/freescale/imx8mp-venice-gw702x.dtsi | 51 --- .../boot/dts/freescale/imx8mp-venice-gw72xx.dtsi | 11 - arch/arm64/boot/dts/freescale/imx95-15x15-evk.dts | 1 + .../arm64/boot/dts/freescale/imx95-tqma9596sa.dtsi | 4 +- arch/arm64/boot/dts/mediatek/mt8195.dtsi | 2 +- arch/arm64/boot/dts/nvidia/tegra234.dtsi | 61 ++++ arch/arm64/boot/dts/qcom/ipq5424.dtsi | 2 +- arch/arm64/boot/dts/qcom/lemans.dtsi | 1 + arch/arm64/boot/dts/qcom/msm8996.dtsi | 3 + arch/arm64/boot/dts/qcom/qcm2290.dtsi | 10 +- arch/arm64/boot/dts/qcom/qcm6490-fairphone-fp5.dts | 2 + arch/arm64/boot/dts/qcom/qcm6490-shift-otter.dts | 5 + arch/arm64/boot/dts/qcom/qrb2210-rb1.dts | 2 +- arch/arm64/boot/dts/qcom/sc8280xp.dtsi | 170 +++++----- .../arm64/boot/dts/qcom/sdm845-oneplus-common.dtsi | 4 +- .../boot/dts/qcom/sdm845-samsung-starqltechn.dts | 16 +- .../arm64/boot/dts/qcom/sm8250-samsung-common.dtsi | 3 +- arch/arm64/boot/dts/qcom/sm8650.dtsi | 2 + arch/arm64/boot/dts/qcom/sm8750-mtp.dts | 6 +- arch/arm64/boot/dts/qcom/x1-dell-thena.dtsi | 5 +- arch/arm64/boot/dts/qcom/x1e80100.dtsi | 12 +- .../boot/dts/renesas/r8a779g3-sparrow-hawk.dts | 6 +- arch/arm64/boot/dts/rockchip/rk3566-rock-3c.dts | 1 + .../boot/dts/rockchip/rk3588-rock-5b-5bp-5t.dtsi | 4 +- .../boot/dts/rockchip/rk3588-rock-5b-plus.dts | 5 + arch/arm64/boot/dts/rockchip/rk3588-rock-5b.dts | 4 + arch/arm64/boot/dts/rockchip/rk3588-rock-5t.dts | 4 + arch/arm64/boot/dts/rockchip/rk3588s-rock-5a.dts | 15 +- arch/arm64/boot/dts/ti/k3-am62p.dtsi | 2 +- arch/arm64/boot/dts/ti/k3-am69-sk.dts | 8 +- .../boot/dts/ti/k3-j784s4-j742s2-evm-common.dtsi | 4 +- arch/arm64/mm/mmu.c | 214 +++++++----- arch/arm64/mm/pageattr.c | 5 +- arch/powerpc/kernel/entry_32.S | 10 +- arch/powerpc/kexec/ranges.c | 2 +- arch/powerpc/mm/book3s64/hash_utils.c | 10 +- arch/powerpc/mm/ptdump/hashpagetable.c | 6 + arch/riscv/kvm/vcpu_insn.c | 22 ++ arch/s390/include/asm/fpu-insn.h | 3 + arch/s390/kernel/smp.c | 1 + arch/um/Kconfig | 1 + arch/um/Makefile | 12 +- arch/um/include/asm/kasan.h | 4 - arch/x86/boot/compressed/pgtable_64.c | 11 +- arch/x86/events/core.c | 5 +- arch/x86/events/intel/core.c | 7 +- arch/x86/events/intel/cstate.c | 3 +- arch/x86/kernel/dumpstack.c | 23 +- block/blk-lib.c | 6 +- block/blk-mq.c | 35 +- block/blk-throttle.c | 9 +- block/mq-deadline.c | 129 ++++--- crypto/aead.c | 1 + crypto/ahash.c | 18 +- crypto/asymmetric_keys/asymmetric_type.c | 12 +- crypto/authenc.c | 75 +++-- drivers/accel/amdxdna/aie2_ctx.c | 22 +- drivers/accel/amdxdna/aie2_pci.c | 10 +- drivers/accel/amdxdna/amdxdna_ctx.c | 1 + drivers/accel/amdxdna/amdxdna_ctx.h | 1 + drivers/accel/amdxdna/amdxdna_gem.c | 47 ++- drivers/accel/amdxdna/amdxdna_mailbox.c | 1 + drivers/accel/ivpu/ivpu_gem.c | 97 ++++-- drivers/accel/ivpu/ivpu_gem.h | 2 +- drivers/accel/ivpu/ivpu_hw_btrs.c | 2 +- drivers/accel/ivpu/ivpu_hw_btrs.h | 2 +- drivers/accel/ivpu/ivpu_job.c | 6 +- drivers/accel/ivpu/ivpu_pm.c | 9 +- drivers/acpi/apei/ghes.c | 27 +- drivers/acpi/processor_core.c | 2 +- drivers/acpi/property.c | 1 + drivers/base/firmware_loader/Kconfig | 2 +- drivers/block/nbd.c | 5 +- drivers/block/ps3disk.c | 4 + drivers/block/ublk_drv.c | 4 +- drivers/char/random.c | 19 +- drivers/clk/Makefile | 3 +- drivers/clk/qcom/camcc-sm6350.c | 13 +- drivers/clk/qcom/camcc-sm7150.c | 6 +- drivers/clk/qcom/camcc-sm8550.c | 10 + drivers/clk/qcom/clk-rpmh.c | 1 + drivers/clk/qcom/gcc-glymur.c | 24 +- drivers/clk/qcom/gcc-ipq5424.c | 3 +- drivers/clk/qcom/gcc-qcs615.c | 6 +- drivers/clk/qcom/gcc-sm8750.c | 1 + drivers/clk/qcom/tcsrcc-glymur.c | 54 +-- drivers/clk/renesas/r9a06g032-clocks.c | 6 +- drivers/clk/renesas/r9a09g077-cpg.c | 4 +- drivers/clk/renesas/renesas-cpg-mssr.c | 57 ++-- drivers/clk/spacemit/ccu-k1.c | 4 +- drivers/clocksource/arm_arch_timer_mmio.c | 2 + drivers/clocksource/timer-nxp-pit.c | 3 +- drivers/clocksource/timer-nxp-stm.c | 23 +- drivers/clocksource/timer-ralink.c | 11 +- drivers/cpufreq/amd-pstate.c | 2 +- drivers/crypto/ccree/cc_buffer_mgr.c | 6 +- drivers/crypto/hisilicon/qm.c | 14 +- drivers/crypto/intel/iaa/iaa_crypto_main.c | 2 +- drivers/crypto/starfive/jh7110-hash.c | 6 +- drivers/devfreq/hisi_uncore_freq.c | 3 +- drivers/firmware/efi/cper-arm.c | 52 ++- drivers/firmware/efi/cper.c | 60 ++++ drivers/firmware/efi/libstub/x86-5lvl.c | 4 +- drivers/firmware/imx/imx-scu-irq.c | 4 +- drivers/firmware/stratix10-svc.c | 1 + drivers/firmware/ti_sci.c | 21 +- drivers/firmware/ti_sci.h | 2 + drivers/gpio/Kconfig | 1 - drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_userq.c | 44 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_userq.h | 12 +- drivers/gpu/drm/amd/amdgpu/mes_userqueue.c | 31 +- drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 46 ++- drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 4 +- drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c | 8 +- drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c | 27 +- drivers/gpu/drm/drm_plane.c | 8 +- drivers/gpu/drm/i915/display/intel_fbdev.c | 43 ++- drivers/gpu/drm/i915/display/intel_fbdev_fb.c | 42 +-- drivers/gpu/drm/i915/display/intel_fbdev_fb.h | 8 +- drivers/gpu/drm/imagination/pvr_device.c | 2 +- drivers/gpu/drm/mediatek/mtk_disp_ccorr.c | 23 +- drivers/gpu/drm/msm/adreno/a2xx_gpu.c | 2 +- drivers/gpu/drm/msm/adreno/a6xx_gmu.c | 34 +- drivers/gpu/drm/msm/adreno/a6xx_gpu.c | 10 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_dsc.h | 6 - drivers/gpu/drm/msm/msm_gpu.c | 21 +- .../gpu/drm/nouveau/dispnv04/nouveau_i2c_encoder.c | 20 -- .../drm/nouveau/include/dispnv04/i2c/encoder_i2c.h | 19 +- drivers/gpu/drm/nouveau/nouveau_fence.c | 6 +- drivers/gpu/drm/nouveau/nvkm/subdev/fb/base.c | 2 +- drivers/gpu/drm/nova/Kconfig | 1 + drivers/gpu/drm/panel/panel-novatek-nt35560.c | 8 +- drivers/gpu/drm/panel/panel-visionox-rm69299.c | 4 +- drivers/gpu/drm/panthor/panthor_device.c | 4 +- drivers/gpu/drm/panthor/panthor_gem.c | 20 +- drivers/gpu/drm/panthor/panthor_mmu.c | 18 +- drivers/gpu/drm/panthor/panthor_sched.c | 25 +- .../gpu/drm/renesas/rcar-du/rcar_mipi_dsi_regs.h | 4 +- drivers/gpu/drm/tidss/tidss_dispc.c | 93 +++-- drivers/gpu/drm/tidss/tidss_dispc.h | 3 - drivers/gpu/drm/tidss/tidss_drv.h | 2 + drivers/gpu/drm/tidss/tidss_oldi.c | 22 ++ drivers/gpu/drm/vgem/vgem_fence.c | 2 +- drivers/gpu/drm/xe/display/intel_fbdev_fb.c | 32 +- drivers/gpu/drm/xe/xe_exec_queue.c | 3 + drivers/gpu/host1x/syncpt.c | 4 +- drivers/gpu/nova-core/firmware/gsp.rs | 8 +- drivers/greybus/gb-beagleplay.c | 12 +- drivers/hid/hid-logitech-hidpp.c | 9 +- drivers/hv/mshv_root_main.c | 89 +++-- drivers/hwmon/sy7636a-hwmon.c | 7 +- drivers/hwtracing/coresight/coresight-etm-perf.c | 1 + drivers/hwtracing/coresight/coresight-etm3x-core.c | 59 ++-- drivers/hwtracing/coresight/coresight-etm4x-core.c | 103 ++++-- drivers/hwtracing/coresight/coresight-etm4x.h | 3 - drivers/hwtracing/coresight/coresight-tmc-etr.c | 10 +- drivers/i2c/busses/i2c-k1.c | 19 +- drivers/i3c/master.c | 8 +- drivers/i3c/master/svc-i3c-master.c | 22 +- drivers/iio/imu/bmi270/bmi270_spi.c | 2 +- drivers/iio/imu/st_lsm6dsx/st_lsm6dsx.h | 2 +- drivers/iio/industrialio-core.c | 17 +- drivers/infiniband/hw/bnxt_re/ib_verbs.c | 8 +- drivers/infiniband/hw/bnxt_re/qplib_sp.c | 8 +- drivers/infiniband/hw/bnxt_re/qplib_sp.h | 2 +- drivers/infiniband/hw/irdma/cm.c | 2 +- drivers/infiniband/hw/irdma/ctrl.c | 6 +- drivers/infiniband/hw/irdma/icrdma_if.c | 6 +- drivers/infiniband/hw/irdma/ig3rdma_if.c | 4 + drivers/infiniband/hw/irdma/main.h | 2 +- drivers/infiniband/hw/irdma/pble.c | 6 +- drivers/infiniband/hw/irdma/puda.c | 1 - drivers/infiniband/hw/irdma/uk.c | 31 +- drivers/infiniband/hw/irdma/user.h | 1 - drivers/infiniband/hw/irdma/verbs.c | 24 +- drivers/infiniband/hw/irdma/verbs.h | 3 +- drivers/infiniband/sw/rxe/rxe_srq.c | 7 +- drivers/infiniband/ulp/rtrs/rtrs-srv.c | 2 +- drivers/interconnect/debugfs-client.c | 7 +- drivers/interconnect/qcom/msm8996.c | 1 + drivers/iommu/amd/debugfs.c | 2 +- drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 2 +- drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 27 +- drivers/iommu/intel/Kconfig | 2 +- drivers/iommu/intel/iommu.h | 2 +- drivers/irqchip/irq-bcm2712-mip.c | 11 +- drivers/irqchip/irq-bcm7038-l1.c | 11 +- drivers/irqchip/irq-bcm7120-l2.c | 31 +- drivers/irqchip/irq-brcmstb-l2.c | 25 +- drivers/irqchip/irq-imx-mu-msi.c | 28 +- drivers/irqchip/irq-mchp-eic.c | 7 +- drivers/irqchip/irq-meson-gpio.c | 5 +- drivers/irqchip/irq-qcom-mpm.c | 6 +- drivers/irqchip/irq-renesas-rzg2l.c | 37 +- drivers/irqchip/irq-renesas-rzv2h.c | 32 +- drivers/irqchip/irq-starfive-jh8100-intc.c | 6 +- drivers/irqchip/irqchip.c | 10 +- drivers/irqchip/qcom-irq-combiner.c | 2 +- drivers/irqchip/qcom-pdc.c | 5 +- drivers/leds/leds-netxbig.c | 36 +- drivers/leds/leds-upboard.c | 2 +- drivers/leds/rgb/leds-qcom-lpg.c | 4 +- drivers/macintosh/mac_hid.c | 3 +- drivers/md/dm-log-writes.c | 1 + drivers/md/dm-raid.c | 2 + drivers/md/md.c | 92 ++--- drivers/md/md.h | 9 +- drivers/md/raid5.c | 6 +- drivers/mfd/da9055-core.c | 1 + drivers/mfd/mt6358-irq.c | 1 + drivers/mfd/mt6397-irq.c | 1 + drivers/misc/rp1/rp1_pci.c | 3 + drivers/mtd/lpddr/lpddr_cmds.c | 8 +- drivers/mtd/nand/raw/lpc32xx_slc.c | 2 + drivers/mtd/nand/raw/marvell_nand.c | 13 +- drivers/mtd/nand/raw/nand_base.c | 13 +- drivers/mtd/nand/raw/renesas-nand-controller.c | 5 +- drivers/net/dsa/b53/b53_common.c | 331 ++++++++++++------ drivers/net/dsa/b53/b53_priv.h | 111 +++++- drivers/net/dsa/b53/b53_regs.h | 41 ++- drivers/net/dsa/xrs700x/xrs700x.c | 11 + drivers/net/ethernet/intel/iavf/iavf_ptp.c | 7 + drivers/net/ethernet/intel/ice/devlink/devlink.c | 21 +- drivers/net/ethernet/intel/ice/ice.h | 4 + drivers/net/ethernet/intel/ice/ice_common.c | 3 + drivers/net/ethernet/intel/ice/ice_main.c | 169 +++++----- drivers/net/ethernet/stmicro/stmmac/dwmac-sophgo.c | 20 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +- drivers/net/ethernet/stmicro/stmmac/stmmac_vlan.c | 3 +- drivers/net/phy/adin1100.c | 2 +- drivers/net/phy/aquantia/aquantia_firmware.c | 2 +- drivers/net/phy/mscc/mscc_main.c | 6 +- drivers/net/phy/phy-core.c | 43 +++ drivers/net/phy/realtek/realtek_main.c | 65 ++-- drivers/net/vxlan/vxlan_core.c | 18 +- drivers/net/wireless/ath/ath10k/core.c | 20 +- drivers/net/wireless/ath/ath10k/core.h | 2 +- drivers/net/wireless/ath/ath10k/mac.c | 2 +- drivers/net/wireless/ath/ath11k/mac.c | 8 +- drivers/net/wireless/ath/ath11k/pci.c | 20 +- drivers/net/wireless/ath/ath11k/wmi.c | 20 +- drivers/net/wireless/ath/ath11k/wmi.h | 2 + drivers/net/wireless/ath/ath12k/core.c | 24 +- drivers/net/wireless/ath/ath12k/core.h | 1 - drivers/net/wireless/ath/ath12k/dp_rx.c | 70 +++- drivers/net/wireless/ath/ath12k/hal_rx.c | 10 +- drivers/net/wireless/ath/ath12k/mac.c | 28 +- drivers/net/wireless/ath/ath12k/pci.c | 20 +- drivers/net/wireless/ath/ath12k/qmi.c | 11 +- drivers/net/wireless/ath/ath12k/qmi.h | 5 +- drivers/net/wireless/ath/ath12k/wmi.c | 23 +- drivers/net/wireless/ath/ath12k/wmi.h | 2 + drivers/net/wireless/ath/ath12k/wow.c | 1 + drivers/net/wireless/intel/iwlwifi/mld/d3.c | 4 + drivers/net/wireless/mediatek/mt76/mac80211.c | 2 - drivers/net/wireless/mediatek/mt76/mt76.h | 9 + drivers/net/wireless/mediatek/mt76/mt7615/mcu.c | 4 +- drivers/net/wireless/mediatek/mt76/mt7915/mac.c | 2 + drivers/net/wireless/mediatek/mt76/mt792x_core.c | 1 - drivers/net/wireless/mediatek/mt76/mt7996/dma.c | 15 +- drivers/net/wireless/mediatek/mt76/mt7996/init.c | 19 +- drivers/net/wireless/mediatek/mt76/mt7996/mac.c | 18 +- drivers/net/wireless/mediatek/mt76/mt7996/main.c | 115 ++++--- drivers/net/wireless/mediatek/mt76/mt7996/mcu.c | 69 ++-- drivers/net/wireless/mediatek/mt76/mt7996/mmio.c | 1 + drivers/net/wireless/mediatek/mt76/mt7996/mt7996.h | 11 +- drivers/net/wireless/mediatek/mt76/wed.c | 10 +- drivers/net/wireless/realtek/rtl818x/rtl8180/dev.c | 9 +- drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 27 +- drivers/net/wireless/realtek/rtw89/usb.c | 13 +- drivers/net/wireless/st/cw1200/bh.c | 6 +- drivers/nvme/host/auth.c | 2 +- drivers/of/fdt.c | 85 +++-- drivers/of/of_kunit_helpers.c | 5 +- drivers/pci/controller/Kconfig | 7 +- drivers/pci/controller/cadence/pcie-sg2042.c | 3 - drivers/pci/controller/dwc/pci-keystone.c | 2 + drivers/pci/controller/dwc/pcie-designware.h | 2 +- drivers/pci/controller/dwc/pcie-stm32-ep.c | 41 +-- drivers/pci/endpoint/functions/pci-epf-test.c | 5 +- drivers/pci/setup-bus.c | 5 + drivers/phy/freescale/phy-fsl-imx8qm-hsio.c | 5 +- drivers/phy/renesas/phy-rcar-gen3-usb2.c | 20 +- drivers/phy/rockchip/phy-rockchip-naneng-combphy.c | 15 + drivers/phy/rockchip/phy-rockchip-samsung-hdptx.c | 27 +- drivers/pinctrl/pinctrl-single.c | 7 +- drivers/pinctrl/qcom/pinctrl-glymur.c | 6 +- drivers/pinctrl/renesas/pinctrl-rzg2l.c | 6 +- drivers/pinctrl/stm32/pinctrl-stm32.c | 2 +- drivers/platform/x86/asus-wmi.c | 8 +- drivers/platform/x86/intel/pmc/core.h | 2 +- drivers/power/supply/apm_power.c | 3 +- drivers/power/supply/cw2015_battery.c | 8 +- drivers/power/supply/max17040_battery.c | 6 +- drivers/power/supply/qcom_battmgr.c | 26 +- drivers/power/supply/rt5033_charger.c | 2 + drivers/power/supply/rt9467-charger.c | 6 +- drivers/power/supply/wm831x_power.c | 10 +- drivers/pwm/core.c | 5 +- drivers/pwm/pwm-bcm2835.c | 28 +- drivers/ras/ras.c | 40 ++- drivers/regulator/core.c | 37 +- drivers/regulator/fixed.c | 11 +- drivers/regulator/pca9450-regulator.c | 7 +- drivers/regulator/spacemit-p1.c | 4 +- drivers/remoteproc/imx_rproc.c | 9 +- drivers/remoteproc/qcom_q6v5_wcss.c | 8 +- drivers/rtc/rtc-amlogic-a4.c | 4 - drivers/rtc/rtc-gamecube.c | 4 + drivers/rtc/rtc-max31335.c | 6 +- drivers/s390/crypto/ap_bus.c | 8 +- drivers/scsi/imm.c | 1 + drivers/scsi/qla2xxx/qla_nvme.c | 2 +- drivers/scsi/qla2xxx/qla_os.c | 20 +- drivers/scsi/qla2xxx/qla_target.c | 5 +- drivers/scsi/qla2xxx/qla_target.h | 1 + drivers/scsi/sim710.c | 2 + drivers/scsi/smartpqi/smartpqi_init.c | 19 ++ drivers/scsi/stex.c | 1 + drivers/soc/qcom/qcom_gsbi.c | 8 - drivers/soc/qcom/smem.c | 3 +- drivers/soc/renesas/r9a08g045-sysc.c | 69 ++++ drivers/soc/renesas/r9a09g047-sys.c | 79 +++++ drivers/soc/renesas/r9a09g056-sys.c | 69 ++++ drivers/soc/renesas/r9a09g057-sys.c | 101 ++++++ drivers/soc/renesas/rz-sysc.c | 2 + drivers/soc/renesas/rz-sysc.h | 4 + drivers/soc/samsung/exynos-pmu.c | 7 +- drivers/soc/tegra/fuse/speedo-tegra210.c | 58 +++- drivers/spi/spi-airoha-snfi.c | 25 +- drivers/spi/spi-ch341.c | 2 +- drivers/spi/spi-sg2044-nor.c | 4 +- drivers/spi/spi-tegra210-quad.c | 22 +- drivers/staging/fbtft/fbtft-core.c | 4 +- drivers/staging/most/Kconfig | 2 - drivers/staging/most/Makefile | 1 - drivers/staging/most/i2c/Kconfig | 13 - drivers/staging/most/i2c/Makefile | 4 - drivers/staging/most/i2c/i2c.c | 374 --------------------- drivers/target/target_core_configfs.c | 1 - drivers/target/target_core_stat.c | 24 +- drivers/tty/serial/imx.c | 14 + drivers/ufs/core/ufshcd-priv.h | 2 + drivers/ufs/core/ufshcd.c | 27 +- drivers/ufs/host/ufs-rockchip.c | 19 +- drivers/uio/uio_fsl_elbc_gpcm.c | 7 + drivers/usb/core/message.c | 2 +- drivers/usb/dwc2/platform.c | 17 +- drivers/usb/dwc3/host.c | 5 +- drivers/usb/gadget/legacy/raw_gadget.c | 3 + drivers/usb/gadget/udc/tegra-xudc.c | 6 - drivers/usb/misc/chaoskey.c | 16 +- drivers/usb/phy/phy.c | 4 + drivers/usb/typec/ucsi/ucsi_huawei_gaokun.c | 2 + drivers/vdpa/mlx5/net/mlx5_vnet.c | 2 +- drivers/vdpa/pds/vdpa_dev.c | 2 +- drivers/vfio/pci/vfio_pci_core.c | 68 ++-- drivers/vfio/pci/vfio_pci_intrs.c | 52 +-- drivers/vfio/pci/vfio_pci_priv.h | 4 + drivers/vhost/net.c | 12 +- drivers/vhost/vhost.c | 4 +- drivers/video/backlight/led_bl.c | 13 + drivers/video/fbdev/ssd1307fb.c | 4 +- drivers/virtio/virtio.c | 12 +- drivers/virtio/virtio_debug.c | 10 +- drivers/virtio/virtio_pci_modern_dev.c | 6 +- drivers/virtio/virtio_ring.c | 7 +- drivers/virtio/virtio_vdpa.c | 2 +- drivers/watchdog/starfive-wdt.c | 4 +- drivers/watchdog/wdat_wdt.c | 64 ++-- fs/9p/v9fs.c | 4 +- fs/9p/vfs_file.c | 11 +- fs/9p/vfs_inode.c | 3 +- fs/9p/vfs_inode_dotl.c | 2 +- fs/btrfs/block-group.c | 6 +- fs/btrfs/ctree.c | 2 +- fs/btrfs/delayed-ref.c | 43 ++- fs/btrfs/scrub.c | 2 +- fs/btrfs/space-info.c | 22 +- fs/btrfs/space-info.h | 6 +- fs/erofs/super.c | 38 ++- fs/exfat/balloc.c | 2 +- fs/exfat/namei.c | 20 +- fs/ext4/mballoc.c | 49 ++- fs/ext4/move_extent.c | 2 +- fs/f2fs/f2fs.h | 2 + fs/f2fs/gc.c | 132 +++++--- fs/f2fs/recovery.c | 2 +- fs/f2fs/segment.c | 38 ++- fs/f2fs/segment.h | 8 +- fs/f2fs/super.c | 14 + fs/f2fs/sysfs.c | 7 + fs/fuse/control.c | 19 +- fs/gfs2/glock.c | 5 +- fs/gfs2/inode.c | 15 + fs/gfs2/inode.h | 1 + fs/gfs2/ops_fstype.c | 2 +- fs/hfs/catalog.c | 2 +- fs/inode.c | 58 ++-- fs/iomap/direct-io.c | 23 +- fs/kernfs/dir.c | 5 +- fs/nfs/client.c | 21 +- fs/nfs/dir.c | 27 +- fs/nfs/internal.h | 3 +- fs/nfs/localio.c | 4 +- fs/nfs/namespace.c | 11 +- fs/nfs/nfs4client.c | 18 +- fs/nfs/nfs4proc.c | 27 +- fs/nfs/pnfs.c | 1 + fs/nfs/super.c | 33 +- fs/nfsd/blocklayout.c | 4 +- fs/nls/nls_base.c | 27 +- fs/ntfs3/frecord.c | 8 +- fs/ntfs3/fsntfs.c | 9 +- fs/ntfs3/inode.c | 7 +- fs/ocfs2/alloc.c | 1 - fs/ocfs2/inode.c | 10 +- fs/ocfs2/move_extents.c | 8 +- fs/pidfs.c | 2 + fs/smb/client/cifssmb.c | 2 +- fs/smb/client/smb2pdu.c | 2 +- fs/smb/client/smbdirect.c | 28 +- fs/smb/common/smbdirect/smbdirect_socket.h | 51 +++ fs/smb/server/transport_rdma.c | 40 ++- fs/tracefs/event_inode.c | 3 +- include/asm-generic/mshyperv.h | 17 +- include/asm-generic/rqspinlock.h | 60 ++-- include/linux/blk_types.h | 5 +- include/linux/cleanup.h | 15 +- include/linux/coresight.h | 35 +- include/linux/cper.h | 12 +- include/linux/f2fs_fs.h | 5 +- include/linux/filter.h | 12 +- include/linux/firmware/qcom/qcom_tzmem.h | 15 +- include/linux/ieee80211.h | 4 +- include/linux/if_hsr.h | 9 + include/linux/irq-entry-common.h | 2 +- include/linux/irqchip.h | 8 +- include/linux/netdevice.h | 1 + include/linux/nfs_fs_sb.h | 5 + include/linux/ns_common.h | 11 + include/linux/of_fdt.h | 9 + include/linux/phy.h | 3 + include/linux/platform_data/lp855x.h | 4 +- include/linux/ras.h | 16 +- include/linux/soc/mediatek/mtk_wed.h | 1 + include/linux/vfio_pci_core.h | 10 +- include/linux/virtio.h | 2 +- include/linux/virtio_config.h | 24 +- include/linux/virtio_features.h | 29 +- include/linux/virtio_pci_modern.h | 8 +- include/net/netfilter/nf_conntrack_count.h | 15 +- include/ras/ras_event.h | 49 ++- include/sound/tas2781.h | 2 +- include/target/target_core_base.h | 12 +- include/uapi/linux/pidfd.h | 1 + include/uapi/sound/asound.h | 2 +- include/ufs/ufshcd.h | 1 - io_uring/io_uring.c | 10 +- io_uring/kbuf.c | 10 +- io_uring/zcrx.c | 16 +- kernel/bpf/hashtab.c | 10 +- kernel/bpf/helpers.c | 3 + kernel/bpf/rqspinlock.c | 36 +- kernel/bpf/stackmap.c | 62 ++-- kernel/bpf/syscall.c | 6 +- kernel/bpf/trampoline.c | 4 +- kernel/bpf/verifier.c | 89 +++-- kernel/cgroup/cpuset.c | 35 +- kernel/cgroup/namespace.c | 2 +- kernel/cpu.c | 25 +- kernel/dma/pool.c | 2 +- kernel/events/core.c | 22 +- kernel/locking/locktorture.c | 8 +- kernel/resource.c | 10 +- kernel/sched/fair.c | 17 +- kernel/sched/stats.h | 7 +- kernel/task_work.c | 8 +- kernel/time/timer_migration.c | 264 ++++++++------- lib/vsprintf.c | 6 +- net/bpf/test_run.c | 5 + net/core/dev.h | 1 - net/core/filter.c | 16 +- net/core/netpoll.c | 2 +- net/hsr/hsr_device.c | 20 ++ net/hsr/hsr_slave.c | 7 +- net/ipv6/ip6_fib.c | 4 + net/mac80211/aes_cmac.c | 63 +++- net/mac80211/aes_cmac.h | 8 +- net/mac80211/wpa.c | 20 +- net/netfilter/nf_conncount.c | 195 +++++++---- net/netfilter/nft_connlimit.c | 34 +- net/netfilter/nft_flow_offload.c | 9 +- net/netfilter/xt_connlimit.c | 14 +- net/openvswitch/conntrack.c | 16 +- net/sched/sch_cake.c | 60 ++-- net/sctp/socket.c | 5 +- scripts/cc-can-link.sh | 2 +- scripts/lib/kdoc/kdoc_parser.py | 16 +- scripts/package/install-extmod-build | 2 +- security/integrity/ima/ima_main.c | 40 ++- security/integrity/ima/ima_policy.c | 2 +- security/landlock/errata/abi-1.h | 16 + security/landlock/fs.c | 40 ++- security/smack/smack.h | 3 + security/smack/smack_access.c | 93 +++-- security/smack/smack_lsm.c | 277 ++++++++++----- sound/firewire/dice/dice-extension.c | 4 +- sound/firewire/motu/motu-hwdep.c | 7 +- sound/hda/codecs/realtek/alc269.c | 2 + sound/hda/codecs/side-codecs/cs35l41_hda.c | 2 + sound/hda/codecs/side-codecs/tas2781_hda_i2c.c | 44 +-- sound/isa/wavefront/wavefront_midi.c | 2 + sound/isa/wavefront/wavefront_synth.c | 4 +- sound/soc/amd/acp/acp-i2s.c | 2 + sound/soc/amd/acp/acp-legacy-common.c | 30 +- sound/soc/bcm/bcm63xx-pcm-whistler.c | 4 +- sound/soc/codecs/Kconfig | 5 + sound/soc/codecs/Makefile | 2 + sound/soc/codecs/ak4458.c | 10 +- sound/soc/codecs/ak5558.c | 10 +- sound/soc/codecs/nau8325.c | 3 +- sound/soc/codecs/tas2781-comlib-i2c.c | 2 +- sound/soc/codecs/tas2781-i2c.c | 2 +- sound/soc/fsl/fsl_xcvr.c | 2 +- sound/soc/intel/catpt/pcm.c | 4 +- sound/soc/sdca/sdca_functions.c | 2 +- tools/bpf/bpftool/sign.c | 6 + tools/include/nolibc/arch-x86.h | 6 +- tools/include/nolibc/dirent.h | 6 +- tools/include/nolibc/stdio.h | 4 + tools/include/nolibc/sys/wait.h | 18 +- tools/lib/bpf/btf.c | 4 +- tools/objtool/check.c | 3 +- tools/objtool/elf.c | 8 +- tools/perf/builtin-kvm.c | 2 +- tools/perf/builtin-record.c | 2 +- tools/perf/builtin-stat.c | 15 +- .../pmu-events/arch/s390/cf_z16/transaction.json | 8 +- .../pmu-events/arch/s390/cf_z17/transaction.json | 8 +- tools/perf/util/annotate.c | 2 +- .../util/arm-spe-decoder/arm-spe-pkt-decoder.c | 25 +- .../util/arm-spe-decoder/arm-spe-pkt-decoder.h | 15 +- tools/perf/util/bpf_counter.c | 7 +- tools/perf/util/bpf_lock_contention.c | 6 +- tools/perf/util/evsel.c | 2 +- tools/perf/util/genelf.c | 32 +- tools/perf/util/hist.c | 6 +- tools/perf/util/hist.h | 8 +- tools/perf/util/hwmon_pmu.c | 3 +- tools/perf/util/parse-events.c | 44 ++- tools/perf/util/parse-events.h | 3 +- tools/perf/util/parse-events.y | 2 +- tools/perf/util/symbol.c | 5 +- tools/power/x86/turbostat/turbostat.c | 12 +- tools/testing/selftests/bpf/.gitignore | 1 + tools/testing/selftests/bpf/Makefile | 6 +- .../selftests/bpf/prog_tests/kmem_cache_iter.c | 3 +- .../selftests/bpf/prog_tests/perf_branches.c | 22 +- .../testing/selftests/bpf/prog_tests/send_signal.c | 5 + .../selftests/bpf/progs/test_perf_branches.c | 3 + tools/testing/selftests/bpf/test_tag.c | 2 +- .../drivers/net/bonding/bond_macvlan_ipvlan.sh | 1 + tools/testing/selftests/landlock/Makefile | 2 +- .../tcp_syscall_bad_arg_sendmsg-empty-iov.pkt | 4 + .../net/packetdrill/tcp_zerocopy_basic.pkt | 2 + .../net/packetdrill/tcp_zerocopy_batch.pkt | 2 + .../net/packetdrill/tcp_zerocopy_client.pkt | 2 + .../net/packetdrill/tcp_zerocopy_closed.pkt | 2 + .../net/packetdrill/tcp_zerocopy_epoll_edge.pkt | 3 + .../packetdrill/tcp_zerocopy_epoll_exclusive.pkt | 3 + .../net/packetdrill/tcp_zerocopy_epoll_oneshot.pkt | 3 + .../packetdrill/tcp_zerocopy_fastopen-client.pkt | 2 + .../packetdrill/tcp_zerocopy_fastopen-server.pkt | 2 + .../net/packetdrill/tcp_zerocopy_maxfrags.pkt | 2 + .../net/packetdrill/tcp_zerocopy_small.pkt | 2 + tools/tracing/rtla/Makefile.rtla | 2 +- tools/tracing/rtla/src/common.c | 24 +- tools/tracing/rtla/src/osnoise_hist.c | 3 +- tools/tracing/rtla/src/osnoise_top.c | 3 +- tools/tracing/rtla/src/timerlat.c | 3 +- tools/tracing/rtla/src/timerlat_hist.c | 3 +- tools/tracing/rtla/src/timerlat_top.c | 3 +- tools/tracing/rtla/tests/osnoise.t | 6 +- tools/tracing/rtla/tests/timerlat.t | 4 +- 616 files changed, 6319 insertions(+), 3850 deletions(-)

1 week

20
645
0 0

[PATCH 6.1.y] net: openvswitch: fix middle attribute validation in push_nsh() action

by Adrian Yip

From: Ilya Maximets <i.maximets(a)ovn.org> [ Upstream commit 5ace7ef87f059d68b5f50837ef3e8a1a4870c36e ] The push_nsh() action structure looks like this: OVS_ACTION_ATTR_PUSH_NSH(OVS_KEY_ATTR_NSH(OVS_NSH_KEY_ATTR_BASE,...)) The outermost OVS_ACTION_ATTR_PUSH_NSH attribute is OK'ed by the nla_for_each_nested() inside __ovs_nla_copy_actions(). The innermost OVS_NSH_KEY_ATTR_BASE/MD1/MD2 are OK'ed by the nla_for_each_nested() inside nsh_key_put_from_nlattr(). But nothing checks if the attribute in the middle is OK. We don't even check that this attribute is the OVS_KEY_ATTR_NSH. We just do a double unwrap with a pair of nla_data() calls - first time directly while calling validate_push_nsh() and the second time as part of the nla_for_each_nested() macro, which isn't safe, potentially causing invalid memory access if the size of this attribute is incorrect. The failure may not be noticed during validation due to larger netlink buffer, but cause trouble later during action execution where the buffer is allocated exactly to the size: BUG: KASAN: slab-out-of-bounds in nsh_hdr_from_nlattr+0x1dd/0x6a0 [openvswitch] Read of size 184 at addr ffff88816459a634 by task a.out/22624 CPU: 8 UID: 0 PID: 22624 6.18.0-rc7+ #115 PREEMPT(voluntary) Call Trace: <TASK> dump_stack_lvl+0x51/0x70 print_address_description.constprop.0+0x2c/0x390 kasan_report+0xdd/0x110 kasan_check_range+0x35/0x1b0 __asan_memcpy+0x20/0x60 nsh_hdr_from_nlattr+0x1dd/0x6a0 [openvswitch] push_nsh+0x82/0x120 [openvswitch] do_execute_actions+0x1405/0x2840 [openvswitch] ovs_execute_actions+0xd5/0x3b0 [openvswitch] ovs_packet_cmd_execute+0x949/0xdb0 [openvswitch] genl_family_rcv_msg_doit+0x1d6/0x2b0 genl_family_rcv_msg+0x336/0x580 genl_rcv_msg+0x9f/0x130 netlink_rcv_skb+0x11f/0x370 genl_rcv+0x24/0x40 netlink_unicast+0x73e/0xaa0 netlink_sendmsg+0x744/0xbf0 __sys_sendto+0x3d6/0x450 do_syscall_64+0x79/0x2c0 entry_SYSCALL_64_after_hwframe+0x76/0x7e </TASK> Let's add some checks that the attribute is properly sized and it's the only one attribute inside the action. Technically, there is no real reason for OVS_KEY_ATTR_NSH to be there, as we know that we're pushing an NSH header already, it just creates extra nesting, but that's how uAPI works today. So, keeping as it is. Fixes: b2d0f5d5dc53 ("openvswitch: enable NSH support") Reported-by: Junvy Yang <zhuque(a)tencent.com> Signed-off-by: Ilya Maximets <i.maximets(a)ovn.org> Acked-by: Eelco Chaudron echaudro(a)redhat.com Reviewed-by: Aaron Conole <aconole(a)redhat.com> Link: https://patch.msgid.link/20251204105334.900379-1-i.maximets@ovn.org Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> (cherry picked from commit 5ace7ef87f059d68b5f50837ef3e8a1a4870c36e) Signed-off-by: Adrian Yip <adrian.ytw(a)gmail.com> --- net/openvswitch/flow_netlink.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c index d0b6e5872081..d4c8b4aa98b1 100644 --- a/net/openvswitch/flow_netlink.c +++ b/net/openvswitch/flow_netlink.c @@ -2786,13 +2786,20 @@ static int validate_and_copy_set_tun(const struct nlattr *attr, return err; } -static bool validate_push_nsh(const struct nlattr *attr, bool log) +static bool validate_push_nsh(const struct nlattr *a, bool log) { + struct nlattr *nsh_key = nla_data(a); struct sw_flow_match match; struct sw_flow_key key; + /* There must be one and only one NSH header. */ + if (!nla_ok(nsh_key, nla_len(a)) || + nla_total_size(nla_len(nsh_key)) != nla_len(a) || + nla_type(nsh_key) != OVS_KEY_ATTR_NSH) + return false; + ovs_match_init(&match, &key, true, NULL); - return !nsh_key_put_from_nlattr(attr, &match, false, true, log); + return !nsh_key_put_from_nlattr(nsh_key, &match, false, true, log); } /* Return false if there are any non-masked bits set. @@ -3346,7 +3353,7 @@ static int __ovs_nla_copy_actions(struct net *net, const struct nlattr *attr, return -EINVAL; } mac_proto = MAC_PROTO_NONE; - if (!validate_push_nsh(nla_data(a), log)) + if (!validate_push_nsh(a, log)) return -EINVAL; break; -- 2.52.0

1 week

1
0
0 0

[PATCH] powerpc/kexec: Enable SMT before waking offline CPUs

by Nysal Jan K.A.

If SMT is disabled or a partial SMT state is enabled, when a new kernel image is loaded for kexec, on reboot the following warning is observed: kexec: Waking offline cpu 228. WARNING: CPU: 0 PID: 9062 at arch/powerpc/kexec/core_64.c:223 kexec_prepare_cpus+0x1b0/0x1bc [snip] NIP kexec_prepare_cpus+0x1b0/0x1bc LR kexec_prepare_cpus+0x1a0/0x1bc Call Trace: kexec_prepare_cpus+0x1a0/0x1bc (unreliable) default_machine_kexec+0x160/0x19c machine_kexec+0x80/0x88 kernel_kexec+0xd0/0x118 __do_sys_reboot+0x210/0x2c4 system_call_exception+0x124/0x320 system_call_vectored_common+0x15c/0x2ec This occurs as add_cpu() fails due to cpu_bootable() returning false for CPUs that fail the cpu_smt_thread_allowed() check or non primary threads if SMT is disabled. Fix the issue by enabling SMT and resetting the number of SMT threads to the number of threads per core, before attempting to wake up all present CPUs. Fixes: 38253464bc82 ("cpu/SMT: Create topology_smt_thread_allowed()") Reported-by: Sachin P Bappalige <sachinpb(a)linux.ibm.com> Cc: stable(a)vger.kernel.org # v6.6+ Signed-off-by: Nysal Jan K.A. <nysal(a)linux.ibm.com> --- arch/powerpc/kexec/core_64.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/powerpc/kexec/core_64.c b/arch/powerpc/kexec/core_64.c index 222aa326dace..ff6df43720c4 100644 --- a/arch/powerpc/kexec/core_64.c +++ b/arch/powerpc/kexec/core_64.c @@ -216,6 +216,11 @@ static void wake_offline_cpus(void) { int cpu = 0; + lock_device_hotplug(); + cpu_smt_num_threads = threads_per_core; + cpu_smt_control = CPU_SMT_ENABLED; + unlock_device_hotplug(); + for_each_present_cpu(cpu) { if (!cpu_online(cpu)) { printk(KERN_INFO "kexec: Waking offline cpu %d.\n", -- 2.51.0

1 week

5
7
0 0

[PATCH] erofs: fix unexpected EIO under memory pressure

by Junbeom Yeom

erofs readahead could fail with ENOMEM under the memory pressure because it tries to alloc_page with GFP_NOWAIT | GFP_NORETRY, while GFP_KERNEL for a regular read. And if readahead fails (with non-uptodate folios), the original request will then fall back to synchronous read, and `.read_folio()` should return appropriate errnos. However, in scenarios where readahead and read operations compete, read operation could return an unintended EIO because of an incorrect error propagation. To resolve this, this patch modifies the behavior so that, when the PCL is for read(which means pcl.besteffort is true), it attempts actual decompression instead of propagating the privios error except initial EIO. - Page size: 4K - The original size of FileA: 16K - Compress-ratio per PCL: 50% (Uncompressed 8K -> Compressed 4K) [page0, page1] [page2, page3] [PCL0]---------[PCL1] - functions declaration: . pread(fd, buf, count, offset) . readahead(fd, offset, count) - Thread A tries to read the last 4K - Thread B tries to do readahead 8K from 4K - RA, besteffort == false - R, besteffort == true <process A> <process B> pread(FileA, buf, 4K, 12K) do readahead(page3) // failed with ENOMEM wait_lock(page3) if (!uptodate(page3)) goto do_read readahead(FileA, 4K, 8K) // Here create PCL-chain like below: // [null, page1] [page2, null] // [PCL0:RA]-----[PCL1:RA] ... do read(page3) // found [PCL1:RA] and add page3 into it, // and then, change PCL1 from RA to R ... // Now, PCL-chain is as below: // [null, page1] [page2, page3] // [PCL0:RA]-----[PCL1:R] // try to decompress PCL-chain... z_erofs_decompress_queue err = 0; // failed with ENOMEM, so page 1 // only for RA will not be uptodated. // it's okay. err = decompress([PCL0:RA], err) // However, ENOMEM propagated to next // PCL, even though PCL is not only // for RA but also for R. As a result, // it just failed with ENOMEM without // trying any decompression, so page2 // and page3 will not be uptodated. ** BUG HERE ** --> err = decompress([PCL1:R], err) return err as ENOMEM ... wait_lock(page3) if (!uptodate(page3)) return EIO <-- Return an unexpected EIO! ... Fixes: 2349d2fa02db ("erofs: sunset unneeded NOFAILs") Cc: stable(a)vger.kernel.org Reviewed-by: Jaewook Kim <jw5454.kim(a)samsung.com> Reviewed-by: Sungjong Seo <sj1557.seo(a)samsung.com> Signed-off-by: Junbeom Yeom <junbeom.yeom(a)samsung.com> --- fs/erofs/zdata.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/fs/erofs/zdata.c b/fs/erofs/zdata.c index 27b1f44d10ce..86bf6e087d34 100644 --- a/fs/erofs/zdata.c +++ b/fs/erofs/zdata.c @@ -1414,11 +1414,15 @@ static int z_erofs_decompress_queue(const struct z_erofs_decompressqueue *io, }; struct z_erofs_pcluster *next; int err = io->eio ? -EIO : 0; + int io_err = err; for (; be.pcl != Z_EROFS_PCLUSTER_TAIL; be.pcl = next) { + int propagate_err; + DBG_BUGON(!be.pcl); next = READ_ONCE(be.pcl->next); - err = z_erofs_decompress_pcluster(&be, err) ?: err; + propagate_err = READ_ONCE(be.pcl->besteffort) ? io_err : err; + err = z_erofs_decompress_pcluster(&be, propagate_err) ?: err; } return err; } -- 2.34.1

1 week

2
3
0 0

[PATCH v2] net: macb: Relocate mog_init_rings() callback from macb_mac_link_up() to macb_open()

by Xiaolei Wang

In the non-RT kernel, local_bh_disable() merely disables preemption, whereas it maps to an actual spin lock in the RT kernel. Consequently, when attempting to refill RX buffers via netdev_alloc_skb() in macb_mac_link_up(), a deadlock scenario arises as follows: Chain caused by macb_mac_link_up(): &bp->lock --> (softirq_ctrl.lock) Chain caused by macb_start_xmit(): (softirq_ctrl.lock) --> _xmit_ETHER#2 --> &bp->lock Notably, invoking the mog_init_rings() callback upon link establishment is unnecessary. Instead, we can exclusively call mog_init_rings() within the ndo_open() callback. This adjustment resolves the deadlock issue. Given that mog_init_rings() is only applicable to non-MACB_CAPS_MACB_IS_EMAC cases, we can simply move it to macb_open() and simultaneously eliminate the MACB_CAPS_MACB_IS_EMAC check. Fixes: 633e98a711ac ("net: macb: use resolved link config in mac_link_up()") Cc: stable(a)vger.kernel.org Suggested-by: Kevin Hao <kexin.hao(a)windriver.com> Signed-off-by: Xiaolei Wang <xiaolei.wang(a)windriver.com> --- V1: https://patchwork.kernel.org/project/netdevbpf/patch/20251128103647.351259-… V2: Update the correct lock dependency chain and add the Fix tag. drivers/net/ethernet/cadence/macb_main.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/net/ethernet/cadence/macb_main.c b/drivers/net/ethernet/cadence/macb_main.c index ca2386b83473..064fccdcf699 100644 --- a/drivers/net/ethernet/cadence/macb_main.c +++ b/drivers/net/ethernet/cadence/macb_main.c @@ -744,7 +744,6 @@ static void macb_mac_link_up(struct phylink_config *config, /* Initialize rings & buffers as clearing MACB_BIT(TE) in link down * cleared the pipeline and control registers. */ - bp->macbgem_ops.mog_init_rings(bp); macb_init_buffers(bp); for (q = 0, queue = bp->queues; q < bp->num_queues; ++q, ++queue) @@ -2991,6 +2990,8 @@ static int macb_open(struct net_device *dev) goto pm_exit; } + bp->macbgem_ops.mog_init_rings(bp); + for (q = 0, queue = bp->queues; q < bp->num_queues; ++q, ++queue) { napi_enable(&queue->napi_rx); napi_enable(&queue->napi_tx); -- 2.43.0

1 week

3
2
0 0

[PATCH] crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode

by Thorsten Blum

The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empty compression mode can be found, the function would return the out-of-bounds index IAA_COMP_MODES_MAX, which would cause an invalid array access in add_iaa_compression_mode(). Fix both issues by returning either a valid index or -EINVAL. Cc: stable(a)vger.kernel.org Fixes: b190447e0fa3 ("crypto: iaa - Add compression mode management along with fixed mode") Signed-off-by: Thorsten Blum <thorsten.blum(a)linux.dev> --- drivers/crypto/intel/iaa/iaa_crypto_main.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/drivers/crypto/intel/iaa/iaa_crypto_main.c b/drivers/crypto/intel/iaa/iaa_crypto_main.c index 23f585219fb4..8ee2a55ec449 100644 --- a/drivers/crypto/intel/iaa/iaa_crypto_main.c +++ b/drivers/crypto/intel/iaa/iaa_crypto_main.c @@ -221,15 +221,13 @@ static struct iaa_compression_mode *iaa_compression_modes[IAA_COMP_MODES_MAX]; static int find_empty_iaa_compression_mode(void) { - int i = -EINVAL; + int i; - for (i = 0; i < IAA_COMP_MODES_MAX; i++) { - if (iaa_compression_modes[i]) - continue; - break; - } + for (i = 0; i < IAA_COMP_MODES_MAX; i++) + if (!iaa_compression_modes[i]) + return i; - return i; + return -EINVAL; } static struct iaa_compression_mode *find_iaa_compression_mode(const char *name, int *idx) -- Thorsten Blum <thorsten.blum(a)linux.dev> GPG: 1D60 735E 8AEF 3BE4 73B6 9D84 7336 78FD 8DFE EAD4

1 week

3
2
0 0

[PATCH] crypto: octeontx: Fix length check to avoid truncation in ucode_load_store

by Thorsten Blum

OTX_CPT_UCODE_NAME_LENGTH limits the microcode name to 64 bytes. If a user writes a string of exactly 64 characters, the original code used 'strlen(buf) > 64' to check the length, but then strscpy() copies only 63 characters before adding a NUL terminator, silently truncating the copied string. Fix this off-by-one error by using 'count' directly for the length check to ensure long names are rejected early and copied without truncation. Cc: stable(a)vger.kernel.org Fixes: d9110b0b01ff ("crypto: marvell - add support for OCTEON TX CPT engine") Signed-off-by: Thorsten Blum <thorsten.blum(a)linux.dev> --- drivers/crypto/marvell/octeontx/otx_cptpf_ucode.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/marvell/octeontx/otx_cptpf_ucode.c b/drivers/crypto/marvell/octeontx/otx_cptpf_ucode.c index 9f5601c0280b..417a48f41350 100644 --- a/drivers/crypto/marvell/octeontx/otx_cptpf_ucode.c +++ b/drivers/crypto/marvell/octeontx/otx_cptpf_ucode.c @@ -1326,7 +1326,7 @@ static ssize_t ucode_load_store(struct device *dev, int del_grp_idx = -1; int ucode_idx = 0; - if (strlen(buf) > OTX_CPT_UCODE_NAME_LENGTH) + if (count >= OTX_CPT_UCODE_NAME_LENGTH) return -EINVAL; eng_grps = container_of(attr, struct otx_cpt_eng_grps, ucode_load_attr); -- Thorsten Blum <thorsten.blum(a)linux.dev> GPG: 1D60 735E 8AEF 3BE4 73B6 9D84 7336 78FD 8DFE EAD4

1 week

2
1
0 0

[PATCH v3 1/2] drm/xe/uapi: disallow bind queue sharing

by Matthew Auld

Currently this is very broken if someone attempts to create a bind queue and share it across multiple VMs. For example currently we assume it is safe to acquire the user VM lock to protect some of the bind queue state, but if allow sharing the bind queue with multiple VMs then this quickly breaks down. To fix this reject using a bind queue with any VM that is not the same VM that was originally passed when creating the bind queue. This a uAPI change, however this was more of an oversight on kernel side that we didn't reject this, and expectation is that userspace shouldn't be using bind queues in this way, so in theory this change should go unnoticed. Based on a patch from Matt Brost. v2 (Matt B): - Hold the vm lock over queue create, to ensure it can't be closed as we attach the user_vm to the queue. - Make sure we actually check for NULL user_vm in destruction path. v3: - Fix error path handling. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Reported-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com> Signed-off-by: Matthew Auld <matthew.auld(a)intel.com> Cc: José Roberto de Souza <jose.souza(a)intel.com> Cc: Matthew Brost <matthew.brost(a)intel.com> Cc: Michal Mrozek <michal.mrozek(a)intel.com> Cc: Carl Zhang <carl.zhang(a)intel.com> Cc: <stable(a)vger.kernel.org> # v6.8+ Acked-by: José Roberto de Souza <jose.souza(a)intel.com> --- drivers/gpu/drm/xe/xe_exec_queue.c | 32 +++++++++++++++++++++++- drivers/gpu/drm/xe/xe_exec_queue.h | 1 + drivers/gpu/drm/xe/xe_exec_queue_types.h | 6 +++++ drivers/gpu/drm/xe/xe_sriov_vf_ccs.c | 2 +- drivers/gpu/drm/xe/xe_vm.c | 7 +++++- 5 files changed, 45 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/xe/xe_exec_queue.c b/drivers/gpu/drm/xe/xe_exec_queue.c index 8724f8de67e2..779d7e7e2d2e 100644 --- a/drivers/gpu/drm/xe/xe_exec_queue.c +++ b/drivers/gpu/drm/xe/xe_exec_queue.c @@ -328,6 +328,7 @@ struct xe_exec_queue *xe_exec_queue_create_class(struct xe_device *xe, struct xe * @xe: Xe device. * @tile: tile which bind exec queue belongs to. * @flags: exec queue creation flags + * @user_vm: The user VM which this exec queue belongs to * @extensions: exec queue creation extensions * * Normalize bind exec queue creation. Bind exec queue is tied to migration VM @@ -341,6 +342,7 @@ struct xe_exec_queue *xe_exec_queue_create_class(struct xe_device *xe, struct xe */ struct xe_exec_queue *xe_exec_queue_create_bind(struct xe_device *xe, struct xe_tile *tile, + struct xe_vm *user_vm, u32 flags, u64 extensions) { struct xe_gt *gt = tile->primary_gt; @@ -377,6 +379,9 @@ struct xe_exec_queue *xe_exec_queue_create_bind(struct xe_device *xe, xe_exec_queue_put(q); return ERR_PTR(err); } + + if (user_vm) + q->user_vm = xe_vm_get(user_vm); } return q; @@ -407,6 +412,11 @@ void xe_exec_queue_destroy(struct kref *ref) xe_exec_queue_put(eq); } + if (q->user_vm) { + xe_vm_put(q->user_vm); + q->user_vm = NULL; + } + q->ops->destroy(q); } @@ -742,6 +752,22 @@ int xe_exec_queue_create_ioctl(struct drm_device *dev, void *data, XE_IOCTL_DBG(xe, eci[0].engine_instance != 0)) return -EINVAL; + vm = xe_vm_lookup(xef, args->vm_id); + if (XE_IOCTL_DBG(xe, !vm)) + return -ENOENT; + + err = down_read_interruptible(&vm->lock); + if (err) { + xe_vm_put(vm); + return err; + } + + if (XE_IOCTL_DBG(xe, xe_vm_is_closed_or_banned(vm))) { + up_read(&vm->lock); + xe_vm_put(vm); + return -ENOENT; + } + for_each_tile(tile, xe, id) { struct xe_exec_queue *new; @@ -749,9 +775,11 @@ int xe_exec_queue_create_ioctl(struct drm_device *dev, void *data, if (id) flags |= EXEC_QUEUE_FLAG_BIND_ENGINE_CHILD; - new = xe_exec_queue_create_bind(xe, tile, flags, + new = xe_exec_queue_create_bind(xe, tile, vm, flags, args->extensions); if (IS_ERR(new)) { + up_read(&vm->lock); + xe_vm_put(vm); err = PTR_ERR(new); if (q) goto put_exec_queue; @@ -763,6 +791,8 @@ int xe_exec_queue_create_ioctl(struct drm_device *dev, void *data, list_add_tail(&new->multi_gt_list, &q->multi_gt_link); } + up_read(&vm->lock); + xe_vm_put(vm); } else { logical_mask = calc_validate_logical_mask(xe, eci, args->width, diff --git a/drivers/gpu/drm/xe/xe_exec_queue.h b/drivers/gpu/drm/xe/xe_exec_queue.h index fda4d4f9bda8..37a9da22f420 100644 --- a/drivers/gpu/drm/xe/xe_exec_queue.h +++ b/drivers/gpu/drm/xe/xe_exec_queue.h @@ -28,6 +28,7 @@ struct xe_exec_queue *xe_exec_queue_create_class(struct xe_device *xe, struct xe u32 flags, u64 extensions); struct xe_exec_queue *xe_exec_queue_create_bind(struct xe_device *xe, struct xe_tile *tile, + struct xe_vm *user_vm, u32 flags, u64 extensions); void xe_exec_queue_fini(struct xe_exec_queue *q); diff --git a/drivers/gpu/drm/xe/xe_exec_queue_types.h b/drivers/gpu/drm/xe/xe_exec_queue_types.h index 771ffe35cd0c..3a4263c92b3d 100644 --- a/drivers/gpu/drm/xe/xe_exec_queue_types.h +++ b/drivers/gpu/drm/xe/xe_exec_queue_types.h @@ -54,6 +54,12 @@ struct xe_exec_queue { struct kref refcount; /** @vm: VM (address space) for this exec queue */ struct xe_vm *vm; + /** + * @user_vm: User VM (address space) for this exec queue (bind queues + * only) + */ + struct xe_vm *user_vm; + /** @class: class of this exec queue */ enum xe_engine_class class; /** diff --git a/drivers/gpu/drm/xe/xe_sriov_vf_ccs.c b/drivers/gpu/drm/xe/xe_sriov_vf_ccs.c index 052a5071e69f..db023fb66a27 100644 --- a/drivers/gpu/drm/xe/xe_sriov_vf_ccs.c +++ b/drivers/gpu/drm/xe/xe_sriov_vf_ccs.c @@ -350,7 +350,7 @@ int xe_sriov_vf_ccs_init(struct xe_device *xe) flags = EXEC_QUEUE_FLAG_KERNEL | EXEC_QUEUE_FLAG_PERMANENT | EXEC_QUEUE_FLAG_MIGRATE; - q = xe_exec_queue_create_bind(xe, tile, flags, 0); + q = xe_exec_queue_create_bind(xe, tile, NULL, flags, 0); if (IS_ERR(q)) { err = PTR_ERR(q); goto err_ret; diff --git a/drivers/gpu/drm/xe/xe_vm.c b/drivers/gpu/drm/xe/xe_vm.c index f9989a7a710c..7973d654540a 100644 --- a/drivers/gpu/drm/xe/xe_vm.c +++ b/drivers/gpu/drm/xe/xe_vm.c @@ -1614,7 +1614,7 @@ struct xe_vm *xe_vm_create(struct xe_device *xe, u32 flags, struct xe_file *xef) if (!vm->pt_root[id]) continue; - q = xe_exec_queue_create_bind(xe, tile, create_flags, 0); + q = xe_exec_queue_create_bind(xe, tile, vm, create_flags, 0); if (IS_ERR(q)) { err = PTR_ERR(q); goto err_close; @@ -3571,6 +3571,11 @@ int xe_vm_bind_ioctl(struct drm_device *dev, void *data, struct drm_file *file) } } + if (XE_IOCTL_DBG(xe, q && vm != q->user_vm)) { + err = -EINVAL; + goto put_exec_queue; + } + /* Ensure all UNMAPs visible */ xe_svm_flush(vm); -- 2.51.1

1 week

4
5
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror