- Linux-stable-mirror - lists.linaro.org

[PATCH v2] w1: therm: Fix off-by-one buffer overflow in alarms_store

by Thorsten Blum

The sysfs buffer passed to alarms_store() is allocated with 'size + 1' bytes and a NUL terminator is appended. However, the 'size' argument does not account for this extra byte. The original code then allocated 'size' bytes and used strcpy() to copy 'buf', which always writes one byte past the allocated buffer since strcpy() copies until the NUL terminator at index 'size'. Fix this by parsing the 'buf' parameter directly using simple_strtol() without allocating any intermediate memory or string copying. This removes the overflow while simplifying the code. Cc: stable(a)vger.kernel.org Fixes: e2c94d6f5720 ("w1_therm: adding alarm sysfs entry") Signed-off-by: Thorsten Blum <thorsten.blum(a)linux.dev> --- Compile-tested only. Changes in v2: - Fix buffer overflow instead of truncating the copy using strscpy() - Parse buffer directly using simple_strtol() as suggested by David - Update patch subject and description - Link to v1: https://lore.kernel.org/lkml/20251017170047.114224-2-thorsten.blum@linux.de… --- drivers/w1/slaves/w1_therm.c | 98 ++++++++++++------------------------ 1 file changed, 33 insertions(+), 65 deletions(-) diff --git a/drivers/w1/slaves/w1_therm.c b/drivers/w1/slaves/w1_therm.c index 9ccedb3264fb..046fa682d57d 100644 --- a/drivers/w1/slaves/w1_therm.c +++ b/drivers/w1/slaves/w1_therm.c @@ -1836,59 +1836,32 @@ static ssize_t alarms_store(struct device *device, struct w1_slave *sl = dev_to_w1_slave(device); struct therm_info info; u8 new_config_register[3]; /* array of data to be written */ - int temp, ret; - char *token = NULL; + long temp; + int ret; s8 tl, th; /* 1 byte per value + temp ring order */ - char *p_args, *orig; + const char *p = buf; + char *endp; - p_args = orig = kmalloc(size, GFP_KERNEL); - /* Safe string copys as buf is const */ - if (!p_args) { - dev_warn(device, - "%s: error unable to allocate memory %d\n", - __func__, -ENOMEM); - return size; + temp = simple_strtol(p, &endp, 10); + if (p == endp || *endp != ' ') { + dev_info(device, "%s: error parsing args %d\n", + __func__, -EINVAL); + goto err; } - strcpy(p_args, buf); - - /* Split string using space char */ - token = strsep(&p_args, " "); - - if (!token) { - dev_info(device, - "%s: error parsing args %d\n", __func__, -EINVAL); - goto free_m; - } - - /* Convert 1st entry to int */ - ret = kstrtoint (token, 10, &temp); - if (ret) { - dev_info(device, - "%s: error parsing args %d\n", __func__, ret); - goto free_m; - } - + /* Cast to short to eliminate out of range values */ tl = int_to_short(temp); - /* Split string using space char */ - token = strsep(&p_args, " "); - if (!token) { - dev_info(device, - "%s: error parsing args %d\n", __func__, -EINVAL); - goto free_m; - } - /* Convert 2nd entry to int */ - ret = kstrtoint (token, 10, &temp); - if (ret) { - dev_info(device, - "%s: error parsing args %d\n", __func__, ret); - goto free_m; + p = endp + 1; + temp = simple_strtol(p, &endp, 10); + if (p == endp) { + dev_info(device, "%s: error parsing args %d\n", + __func__, -EINVAL); + goto err; } - - /* Prepare to cast to short by eliminating out of range values */ + /* Cast to short to eliminate out of range values */ th = int_to_short(temp); - /* Reorder if required th and tl */ + /* Reorder if required */ if (tl > th) swap(tl, th); @@ -1897,35 +1870,30 @@ static ssize_t alarms_store(struct device *device, * (th : byte 2 - tl: byte 3) */ ret = read_scratchpad(sl, &info); - if (!ret) { - new_config_register[0] = th; /* Byte 2 */ - new_config_register[1] = tl; /* Byte 3 */ - new_config_register[2] = info.rom[4];/* Byte 4 */ - } else { - dev_info(device, - "%s: error reading from the slave device %d\n", - __func__, ret); - goto free_m; + if (ret) { + dev_info(device, "%s: error reading from the slave device %d\n", + __func__, ret); + goto err; } + new_config_register[0] = th; /* Byte 2 */ + new_config_register[1] = tl; /* Byte 3 */ + new_config_register[2] = info.rom[4]; /* Byte 4 */ /* Write data in the device RAM */ if (!SLAVE_SPECIFIC_FUNC(sl)) { - dev_info(device, - "%s: Device not supported by the driver %d\n", - __func__, -ENODEV); - goto free_m; + dev_info(device, "%s: Device not supported by the driver %d\n", + __func__, -ENODEV); + goto err; } ret = SLAVE_SPECIFIC_FUNC(sl)->write_data(sl, new_config_register); - if (ret) - dev_info(device, - "%s: error writing to the slave device %d\n", + if (ret) { + dev_info(device, "%s: error writing to the slave device %d\n", __func__, ret); + goto err; + } -free_m: - /* free allocated memory */ - kfree(orig); - +err: return size; } -- 2.51.0

5 days, 15 hours

1
1
0 0

FAILED: patch "[PATCH] ksmbd: transport_ipc: validate payload size before reading" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 6f40e50ceb99fc8ef37e5c56e2ec1d162733fef0 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025102920-mace-herbal-edee@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 6f40e50ceb99fc8ef37e5c56e2ec1d162733fef0 Mon Sep 17 00:00:00 2001 From: Qianchang Zhao <pioooooooooip(a)gmail.com> Date: Wed, 22 Oct 2025 15:27:47 +0900 Subject: [PATCH] ksmbd: transport_ipc: validate payload size before reading handle handle_response() dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message from ksmbd.mountd can lead to a 4-byte read past the declared payload size. Validate the size before dereferencing. This is a minimal fix to guard the initial handle read. Fixes: 0626e6641f6b ("cifsd: add server handler for central processing and tranport layers") Cc: stable(a)vger.kernel.org Reported-by: Qianchang Zhao <pioooooooooip(a)gmail.com> Signed-off-by: Qianchang Zhao <pioooooooooip(a)gmail.com> Acked-by: Namjae Jeon <linkinjeon(a)kernel.org> Signed-off-by: Steve French <stfrench(a)microsoft.com> diff --git a/fs/smb/server/transport_ipc.c b/fs/smb/server/transport_ipc.c index 46f87fd1ce1c..2c08cccfa680 100644 --- a/fs/smb/server/transport_ipc.c +++ b/fs/smb/server/transport_ipc.c @@ -263,10 +263,16 @@ static void ipc_msg_handle_free(int handle) static int handle_response(int type, void *payload, size_t sz) { - unsigned int handle = *(unsigned int *)payload; + unsigned int handle; struct ipc_msg_table_entry *entry; int ret = 0; + /* Prevent 4-byte read beyond declared payload size */ + if (sz < sizeof(unsigned int)) + return -EINVAL; + + handle = *(unsigned int *)payload; + ipc_update_last_active(); down_read(&ipc_msg_table_lock); hash_for_each_possible(ipc_msg_table, entry, ipc_table_hlist, handle) {

5 days, 16 hours

2
1
0 0

[PATCH V2] mm/slab: ensure all metadata in slab object are word-aligned

by Harry Yoo

When the SLAB_STORE_USER debug flag is used, any metadata placed after the original kmalloc request size (orig_size) is not properly aligned on 64-bit architectures because its type is unsigned int. When both KASAN and SLAB_STORE_USER are enabled, kasan_alloc_meta is misaligned. Note that 64-bit architectures without HAVE_EFFICIENT_UNALIGNED_ACCESS are assumed to require 64-bit accesses to be 64-bit aligned. See HAVE_64BIT_ALIGNED_ACCESS and commit adab66b71abf ("Revert: "ring-buffer: Remove HAVE_64BIT_ALIGNED_ACCESS"") for more details. Because not all architectures support unaligned memory accesses, ensure that all metadata (track, orig_size, kasan_{alloc,free}_meta) in a slab object are word-aligned. struct track, kasan_{alloc,free}_meta are aligned by adding __aligned(__alignof__(unsigned long)). For orig_size, use ALIGN(sizeof(unsigned int), sizeof(unsigned long)) to make clear that its size remains unsigned int but it must be aligned to a word boundary. On 64-bit architectures, this reserves 8 bytes for orig_size, which is acceptable since kmalloc's original request size tracking is intended for debugging rather than production use. Cc: stable(a)vger.kernel.org Fixes: 6edf2576a6cc ("mm/slub: enable debugging memory wasting of kmalloc") Acked-by: Andrey Konovalov <andreyknvl(a)gmail.com> Signed-off-by: Harry Yoo <harry.yoo(a)oracle.com> --- v1 -> v2: - Added Andrey's Acked-by. - Added references to HAVE_64BIT_ALIGNED_ACCESS and the commit that resurrected it. - Used __alignof__() instead of sizeof(), as suggested by Pedro (off-list). Note: either __alignof__ or sizeof() produces the exactly same mm/slub.o files, so there's no functional difference. Thanks! mm/kasan/kasan.h | 4 ++-- mm/slub.c | 16 +++++++++++----- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index 129178be5e64..b86b6e9f456a 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -265,7 +265,7 @@ struct kasan_alloc_meta { struct kasan_track alloc_track; /* Free track is stored in kasan_free_meta. */ depot_stack_handle_t aux_stack[2]; -}; +} __aligned(__alignof__(unsigned long)); struct qlist_node { struct qlist_node *next; @@ -289,7 +289,7 @@ struct qlist_node { struct kasan_free_meta { struct qlist_node quarantine_link; struct kasan_track free_track; -}; +} __aligned(__alignof__(unsigned long)); #endif /* CONFIG_KASAN_GENERIC */ diff --git a/mm/slub.c b/mm/slub.c index a585d0ac45d4..462a39d57b3a 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -344,7 +344,7 @@ struct track { int cpu; /* Was running on cpu */ int pid; /* Pid context */ unsigned long when; /* When did the operation occur */ -}; +} __aligned(__alignof__(unsigned long)); enum track_item { TRACK_ALLOC, TRACK_FREE }; @@ -1196,7 +1196,7 @@ static void print_trailer(struct kmem_cache *s, struct slab *slab, u8 *p) off += 2 * sizeof(struct track); if (slub_debug_orig_size(s)) - off += sizeof(unsigned int); + off += ALIGN(sizeof(unsigned int), __alignof__(unsigned long)); off += kasan_metadata_size(s, false); @@ -1392,7 +1392,8 @@ static int check_pad_bytes(struct kmem_cache *s, struct slab *slab, u8 *p) off += 2 * sizeof(struct track); if (s->flags & SLAB_KMALLOC) - off += sizeof(unsigned int); + off += ALIGN(sizeof(unsigned int), + __alignof__(unsigned long)); } off += kasan_metadata_size(s, false); @@ -7820,9 +7821,14 @@ static int calculate_sizes(struct kmem_cache_args *args, struct kmem_cache *s) */ size += 2 * sizeof(struct track); - /* Save the original kmalloc request size */ + /* + * Save the original kmalloc request size. + * Although the request size is an unsigned int, + * make sure that is aligned to word boundary. + */ if (flags & SLAB_KMALLOC) - size += sizeof(unsigned int); + size += ALIGN(sizeof(unsigned int), + __alignof__(unsigned long)); } #endif -- 2.43.0

5 days, 16 hours

2
2
0 0

[PATCH 5.10] comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()

by Andrey Troshin

From: Ian Abbott <abbotti(a)mev.co.uk> commit 3cd212e895ca2d58963fdc6422502b10dd3966bb upstream. syzbot reports a KMSAN kernel-infoleak in `do_insn_ioctl()`. A kernel buffer is allocated to hold `insn->n` samples (each of which is an `unsigned int`). For some instruction types, `insn->n` samples are copied back to user-space, unless an error code is being returned. The problem is that not all the instruction handlers that need to return data to userspace fill in the whole `insn->n` samples, so that there is an information leak. There is a similar syzbot report for `do_insnlist_ioctl()`, although it does not have a reproducer for it at the time of writing. One culprit is `insn_rw_emulate_bits()` which is used as the handler for `INSN_READ` or `INSN_WRITE` instructions for subdevices that do not have a specific handler for that instruction, but do have an `INSN_BITS` handler. For `INSN_READ` it only fills in at most 1 sample, so if `insn->n` is greater than 1, the remaining `insn->n - 1` samples copied to userspace will be uninitialized kernel data. Another culprit is `vm80xx_ai_insn_read()` in the "vm80xx" driver. It never returns an error, even if it fails to fill the buffer. Fix it in `do_insn_ioctl()` and `do_insnlist_ioctl()` by making sure that uninitialized parts of the allocated buffer are zeroed before handling each instruction. Thanks to Arnaud Lecomte for their fix to `do_insn_ioctl()`. That fix replaced the call to `kmalloc_array()` with `kcalloc()`, but it is not always necessary to clear the whole buffer. Fixes: ed9eccbe8970 ("Staging: add comedi core") Reported-by: syzbot+a5e45f768aab5892da5d(a)syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=a5e45f768aab5892da5d Reported-by: syzbot+fb4362a104d45ab09cf9(a)syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=fb4362a104d45ab09cf9 Cc: stable <stable(a)kernel.org> # 5.13+ Cc: Arnaud Lecomte <contact(a)arnaud-lcm.com> Signed-off-by: Ian Abbott <abbotti(a)mev.co.uk> Link: https://lore.kernel.org/r/20250725125324.80276-1-abbotti@mev.co.uk Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> [Andrey Troshin: backport fix from drivers/comedi/comedi_fops.c to drivers/staging/comedi/comedi_fops.c] Signed-off-by: Andrey Troshin <drtrosh(a)yandex-team.ru> --- Backport fix for CVE-2025-39684 Link: https://nvd.nist.gov/vuln/detail/CVE-2025-39684 --- drivers/staging/comedi/comedi_fops.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/staging/comedi/comedi_fops.c b/drivers/staging/comedi/comedi_fops.c index 854b8bdc57a1..0af6e4a2fad9 100644 --- a/drivers/staging/comedi/comedi_fops.c +++ b/drivers/staging/comedi/comedi_fops.c @@ -1582,6 +1582,9 @@ static int do_insnlist_ioctl(struct comedi_device *dev, memset(&data[n], 0, (MIN_SAMPLES - n) * sizeof(unsigned int)); } + } else { + memset(data, 0, max_t(unsigned int, n, MIN_SAMPLES) * + sizeof(unsigned int)); } ret = parse_insn(dev, insns + i, data, file); if (ret < 0) @@ -1665,6 +1668,8 @@ static int do_insn_ioctl(struct comedi_device *dev, memset(&data[insn->n], 0, (MIN_SAMPLES - insn->n) * sizeof(unsigned int)); } + } else { + memset(data, 0, n_data * sizeof(unsigned int)); } ret = parse_insn(dev, insn, data, file); if (ret < 0) -- 2.34.1

5 days, 16 hours

1
0
0 0

[PATCH 2/2] ASoC: renesas: rz-ssi: Use proper dma_buffer_pos after resume

by Claudiu

From: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> When the driver supports DMA, it enqueues four DMA descriptors per substream before the substream is started. New descriptors are enqueued in the DMA completion callback, and each time a new descriptor is queued, the dma_buffer_pos is incremented. During suspend, the DMA transactions are terminated. There might be cases where the four extra enqueued DMA descriptors are not completed and are instead canceled on suspend. However, the cancel operation does not take into account that the dma_buffer_pos was already incremented. Previously, the suspend code reinitialized dma_buffer_pos to zero, but this is not always correct. To avoid losing any audio periods during suspend/resume and to prevent clip sound, save the completed DMA buffer position in the DMA callback and reinitialize dma_buffer_pos on resume. Cc: stable(a)vger.kernel.org Fixes: 1fc778f7c833a ("ASoC: renesas: rz-ssi: Add suspend to RAM support") Signed-off-by: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> --- sound/soc/renesas/rz-ssi.c | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/sound/soc/renesas/rz-ssi.c b/sound/soc/renesas/rz-ssi.c index e00940814157..81b883e8ac92 100644 --- a/sound/soc/renesas/rz-ssi.c +++ b/sound/soc/renesas/rz-ssi.c @@ -85,6 +85,7 @@ struct rz_ssi_stream { struct snd_pcm_substream *substream; int fifo_sample_size; /* sample capacity of SSI FIFO */ int dma_buffer_pos; /* The address for the next DMA descriptor */ + int completed_dma_buf_pos; /* The address of the last completed DMA descriptor. */ int period_counter; /* for keeping track of periods transferred */ int sample_width; int buffer_pos; /* current frame position in the buffer */ @@ -215,6 +216,7 @@ static void rz_ssi_stream_init(struct rz_ssi_stream *strm, rz_ssi_set_substream(strm, substream); strm->sample_width = samples_to_bytes(runtime, 1); strm->dma_buffer_pos = 0; + strm->completed_dma_buf_pos = 0; strm->period_counter = 0; strm->buffer_pos = 0; @@ -437,6 +439,10 @@ static void rz_ssi_pointer_update(struct rz_ssi_stream *strm, int frames) snd_pcm_period_elapsed(strm->substream); strm->period_counter = current_period; } + + strm->completed_dma_buf_pos += runtime->period_size; + if (strm->completed_dma_buf_pos >= runtime->buffer_size) + strm->completed_dma_buf_pos = 0; } static int rz_ssi_pio_recv(struct rz_ssi_priv *ssi, struct rz_ssi_stream *strm) @@ -778,10 +784,14 @@ static int rz_ssi_dma_request(struct rz_ssi_priv *ssi, struct device *dev) return -ENODEV; } -static int rz_ssi_trigger_resume(struct rz_ssi_priv *ssi) +static int rz_ssi_trigger_resume(struct rz_ssi_priv *ssi, struct rz_ssi_stream *strm) { + struct snd_pcm_substream *substream = strm->substream; + struct snd_pcm_runtime *runtime = substream->runtime; int ret; + strm->dma_buffer_pos = strm->completed_dma_buf_pos + runtime->period_size; + if (rz_ssi_is_stream_running(&ssi->playback) || rz_ssi_is_stream_running(&ssi->capture)) return 0; @@ -794,16 +804,6 @@ static int rz_ssi_trigger_resume(struct rz_ssi_priv *ssi) ssi->hw_params_cache.channels); } -static void rz_ssi_streams_suspend(struct rz_ssi_priv *ssi) -{ - if (rz_ssi_is_stream_running(&ssi->playback) || - rz_ssi_is_stream_running(&ssi->capture)) - return; - - ssi->playback.dma_buffer_pos = 0; - ssi->capture.dma_buffer_pos = 0; -} - static int rz_ssi_dai_trigger(struct snd_pcm_substream *substream, int cmd, struct snd_soc_dai *dai) { @@ -813,7 +813,7 @@ static int rz_ssi_dai_trigger(struct snd_pcm_substream *substream, int cmd, switch (cmd) { case SNDRV_PCM_TRIGGER_RESUME: - ret = rz_ssi_trigger_resume(ssi); + ret = rz_ssi_trigger_resume(ssi, strm); if (ret) return ret; @@ -852,7 +852,6 @@ static int rz_ssi_dai_trigger(struct snd_pcm_substream *substream, int cmd, case SNDRV_PCM_TRIGGER_SUSPEND: rz_ssi_stop(ssi, strm); - rz_ssi_streams_suspend(ssi); break; case SNDRV_PCM_TRIGGER_STOP: -- 2.43.0

5 days, 17 hours

1
0
0 0

Linux 6.17.6

by Greg Kroah-Hartman

I'm announcing the release of the 6.17.6 kernel. All users of the 6.17 kernel series must upgrade. The updated 6.17.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.17.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/serial/renesas,scif.yaml | 1 Documentation/devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml | 10 Documentation/devicetree/bindings/usb/qcom,snps-dwc3.yaml | 3 Makefile | 6 arch/arm64/boot/dts/broadcom/bcm2712.dtsi | 3 arch/arm64/include/asm/pgtable.h | 3 arch/arm64/mm/copypage.c | 11 arch/arm64/tools/sysreg | 4 arch/m68k/include/asm/bitops.h | 25 +- arch/mips/mti-malta/malta-setup.c | 2 arch/nios2/kernel/setup.c | 15 + arch/powerpc/include/asm/pgtable.h | 12 - arch/powerpc/mm/book3s32/mmu.c | 4 arch/powerpc/mm/pgtable_32.c | 2 arch/powerpc/platforms/pseries/cmm.c | 2 arch/riscv/include/asm/hwprobe.h | 7 arch/riscv/include/asm/pgtable.h | 2 arch/riscv/include/asm/vdso/arch_data.h | 6 arch/riscv/kernel/cpu.c | 4 arch/riscv/kernel/cpufeature.c | 10 arch/riscv/kernel/pi/cmdline_early.c | 4 arch/riscv/kernel/pi/fdt_early.c | 40 +++ arch/riscv/kernel/pi/pi.h | 1 arch/riscv/kernel/sys_hwprobe.c | 90 ++++++- arch/riscv/kernel/unaligned_access_speed.c | 9 arch/riscv/kernel/vdso/hwprobe.c | 2 arch/riscv/mm/init.c | 11 arch/s390/mm/pgalloc.c | 13 - arch/x86/kernel/cpu/microcode/amd.c | 2 block/blk-settings.c | 10 drivers/acpi/acpica/tbprint.c | 6 drivers/android/binder.c | 11 drivers/base/arch_topology.c | 2 drivers/base/devcoredump.c | 136 +++++++----- drivers/block/nbd.c | 15 + drivers/comedi/comedi_buf.c | 2 drivers/cpufreq/amd-pstate.c | 6 drivers/cpuidle/governors/menu.c | 21 - drivers/firmware/arm_ffa/driver.c | 37 ++- drivers/firmware/arm_scmi/common.h | 32 ++ drivers/firmware/arm_scmi/driver.c | 54 +--- drivers/gpio/gpio-104-idio-16.c | 1 drivers/gpio/gpio-idio-16.c | 5 drivers/gpio/gpio-ljca.c | 14 - drivers/gpio/gpio-pci-idio-16.c | 1 drivers/gpio/gpio-regmap.c | 53 ++++ drivers/gpu/drm/amd/display/dc/hwss/dcn401/dcn401_hwseq.c | 3 drivers/gpu/drm/amd/display/dc/inc/hw/hw_shared.h | 8 drivers/gpu/drm/drm_panic.c | 54 ++++ drivers/gpu/drm/panthor/panthor_mmu.c | 10 drivers/gpu/drm/xe/xe_ggtt.c | 3 drivers/hwmon/cgbc-hwmon.c | 3 drivers/hwmon/pmbus/isl68137.c | 3 drivers/hwmon/pmbus/max34440.c | 12 - drivers/hwmon/sht3x.c | 27 +- drivers/irqchip/irq-gic-v3-its-fsl-mc-msi.c | 2 drivers/misc/fastrpc.c | 2 drivers/misc/lkdtm/fortify.c | 6 drivers/misc/mei/hw-me-regs.h | 2 drivers/misc/mei/pci-me.c | 2 drivers/misc/vmw_balloon.c | 8 drivers/most/most_usb.c | 13 - drivers/net/bonding/bond_main.c | 47 ++-- drivers/net/can/bxcan.c | 2 drivers/net/can/dev/netlink.c | 6 drivers/net/can/esd/esdacc.c | 2 drivers/net/can/rockchip/rockchip_canfd-tx.c | 2 drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 3 drivers/net/ethernet/freescale/enetc/enetc.c | 25 +- drivers/net/ethernet/freescale/enetc/enetc.h | 2 drivers/net/ethernet/hisilicon/Kconfig | 1 drivers/net/ethernet/mellanox/mlx5/core/en/params.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.h | 5 drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_fs.c | 25 ++ drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 51 +++- drivers/net/ethernet/renesas/ravb_main.c | 24 +- drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c | 9 drivers/net/ethernet/ti/am65-cpts.c | 63 +++-- drivers/net/ovpn/tcp.c | 26 +- drivers/net/phy/micrel.c | 4 drivers/net/phy/realtek/realtek_main.c | 16 - drivers/net/usb/rtl8150.c | 11 drivers/nvmem/rcar-efuse.c | 1 drivers/of/irq.c | 62 +++-- drivers/pci/msi/irqdomain.c | 2 drivers/pci/pci.c | 6 drivers/perf/hisilicon/hisi_uncore_pmu.c | 2 drivers/perf/hisilicon/hisi_uncore_pmu.h | 3 drivers/platform/mellanox/mlxbf-pmc.c | 1 drivers/platform/x86/dell/alienware-wmi-wmax.c | 12 - drivers/ptp/ptp_ocp.c | 2 drivers/s390/crypto/zcrypt_ep11misc.c | 4 drivers/spi/spi-airoha-snfi.c | 128 ++++++++--- drivers/spi/spi-cadence-quadspi.c | 5 drivers/spi/spi-nxp-fspi.c | 80 ++++++- drivers/spi/spi-rockchip-sfc.c | 12 - drivers/staging/gpib/agilent_82350b/agilent_82350b.c | 12 - drivers/staging/gpib/fmh_gpib/fmh_gpib.c | 5 drivers/staging/gpib/ni_usb/ni_usb_gpib.c | 13 - drivers/tty/serial/8250/8250_dw.c | 4 drivers/tty/serial/8250/8250_exar.c | 11 drivers/tty/serial/8250/8250_mtk.c | 6 drivers/tty/serial/sc16is7xx.c | 7 drivers/tty/serial/sh-sci.c | 14 - drivers/usb/core/quirks.c | 2 drivers/usb/gadget/legacy/raw_gadget.c | 2 drivers/usb/host/xhci-dbgcap.c | 15 + drivers/usb/serial/option.c | 10 drivers/usb/typec/tcpm/tcpm.c | 4 drivers/vfio/cdx/Makefile | 6 drivers/vfio/cdx/private.h | 14 + drivers/virtio/virtio_balloon.c | 2 fs/aio.c | 2 fs/btrfs/inode.c | 4 fs/btrfs/ref-verify.c | 2 fs/btrfs/send.c | 56 ++++ fs/btrfs/super.c | 8 fs/dlm/lock.c | 2 fs/dlm/lockspace.c | 2 fs/dlm/recover.c | 2 fs/erofs/zmap.c | 39 ++- fs/exec.c | 2 fs/gfs2/lock_dlm.c | 11 fs/hfs/bfind.c | 8 fs/hfs/brec.c | 27 ++ fs/hfs/mdb.c | 2 fs/hfsplus/bfind.c | 8 fs/hfsplus/bnode.c | 41 --- fs/hfsplus/btree.c | 6 fs/hfsplus/hfsplus_fs.h | 42 +++ fs/hfsplus/super.c | 25 +- fs/hugetlbfs/inode.c | 4 fs/jfs/jfs_metapage.c | 8 fs/notify/fdinfo.c | 6 fs/ocfs2/move_extents.c | 5 fs/smb/client/cifsglob.h | 2 fs/smb/client/inode.c | 5 fs/smb/client/smbdirect.c | 30 +- fs/smb/client/smbdirect.h | 2 fs/smb/server/transport_ipc.c | 8 fs/smb/server/transport_rdma.c | 11 fs/sysfs/group.c | 26 +- fs/xfs/scrub/nlinks.c | 34 ++- fs/xfs/xfs_super.c | 33 +- include/linux/arm_ffa.h | 21 + include/linux/exportfs.h | 7 include/linux/gpio/regmap.h | 16 + include/linux/hung_task.h | 8 include/linux/migrate.h | 11 include/linux/misc_cgroup.h | 2 include/linux/of_irq.h | 6 include/linux/skbuff.h | 3 include/linux/virtio_net.h | 4 io_uring/fdinfo.c | 8 io_uring/filetable.c | 2 io_uring/sqpoll.c | 65 +++-- io_uring/sqpoll.h | 1 io_uring/waitid.c | 2 kernel/dma/debug.c | 5 kernel/sched/fair.c | 9 kernel/sched/sched.h | 2 kernel/trace/rv/monitors/pagefault/Kconfig | 1 kernel/trace/rv/rv.c | 12 - mm/damon/core.c | 7 mm/damon/sysfs.c | 7 mm/huge_memory.c | 3 mm/migrate.c | 88 +++---- mm/migrate_device.c | 2 mm/mremap.c | 15 - mm/page_owner.c | 3 mm/slub.c | 23 +- mm/zsmalloc.c | 4 net/core/datagram.c | 44 +++ net/core/rtnetlink.c | 3 net/hsr/hsr_netlink.c | 8 net/mptcp/pm_kernel.c | 6 net/sctp/inqueue.c | 13 - net/smc/smc_inet.c | 13 - net/vmw_vsock/af_vsock.c | 38 +-- net/xfrm/espintcp.c | 6 rust/kernel/auxiliary.rs | 8 rust/kernel/device.rs | 4 tools/objtool/check.c | 1 tools/testing/selftests/net/mptcp/mptcp_join.sh | 8 tools/testing/selftests/net/sctp_hello.c | 17 - tools/testing/selftests/net/sctp_vrf.sh | 73 +++--- 187 files changed, 1853 insertions(+), 832 deletions(-) Akash Goel (1): drm/panthor: Fix kernel panic on partial unmap of a GPU VA region Aksh Garg (1): net: ethernet: ti: am65-cpts: fix timestamp loss due to race conditions Aleksander Jan Bajkowski (1): net: phy: realtek: fix rtl8221b-vm-cg name Alexander Aring (2): dlm: move to rinfo for all middle conversion cases dlm: check for defined force value in dlm_lockspace_release Alexander Usyskin (1): mei: me: add wildcat lake P DID Alexei Starovoitov (1): mm: don't spin in add_stack_record when gfp flags don't allow Alexey Simakov (1): sctp: avoid NULL dereference when chunk data buffer is missing Alexis Czezar Torreno (1): hwmon: (pmbus/max34440) Update adpm12160 coeff due to latest FW Alice Ryhl (1): binder: remove "invalid inc weak" check Alok Tiwari (2): io_uring: fix incorrect unlikely() usage in io_waitid_prep() io_uring: correct __must_hold annotation in io_install_fixed_file Amery Hung (2): net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for legacy RQ net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ Amit Dhingra (1): btrfs: ref-verify: fix IS_ERR() vs NULL check in btrfs_build_ref_tree() Andreas Gruenbacher (1): gfs2: Fix unlikely race in gdlm_put_lock Andrew Cooper (1): x86/microcode: Fix Entrysign revision check for Zen1/Naples Andrey Konovalov (1): usb: raw-gadget: do not limit transfer length Andy Shevchenko (1): sched: Remove never used code in mm_cid_get() Anup Patel (2): RISC-V: Define pgprot_dmacoherent() for non-coherent devices RISC-V: Don't print details of CPUs disabled in DT Artem Shimko (2): firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode serial: 8250_dw: handle reset control deassert error Catalin Marinas (1): arm64: mte: Do not warn if the page is already tagged in copy_highpage() Charlene Liu (1): drm/amd/display: increase max link count and fix link->enc NULL pointer access Christoph Hellwig (1): block: require LBA dma_alignment when using PI Christophe Leroy (1): powerpc/32: Remove PAGE_KERNEL_TEXT to fix startup failure Clément Léger (1): riscv: cpufeature: add validation for zfa, zfh and zfhmin Cosmin Tanislav (2): nvmem: rcar-efuse: add missing MODULE_DEVICE_TABLE tty: serial: sh-sci: fix RSCI FIFO overrun handling Cristian Marussi (2): firmware: arm_scmi: Account for failed debug initialization include: trace: Fix inflight count helper on failed initialization Daniel Golle (1): serial: 8250_mtk: Enable baud clock and manage in runtime PM Danilo Krummrich (1): rust: device: fix device context of Device::parent() Darrick J. Wong (2): xfs: fix locking in xchk_nlinks_collect_dir xfs: always warn about deprecated mount options Dave Penkler (3): staging: gpib: Fix no EOI on 1 and 2 byte writes staging: gpib: Return -EINTR on device clear staging: gpib: Fix sending clear and trigger events David Hildenbrand (3): mm/migrate: remove MIGRATEPAGE_UNMAP treewide: remove MIGRATEPAGE_SUCCESS vmw_balloon: indicate success when effectively deflating during migration David Howells (1): cifs: Fix TCP_Server_Info::credits to be signed David Thompson (1): platform/mellanox: mlxbf-pmc: add sysfs_attr_init() to count_clock init Deepanshu Kartikey (2): ocfs2: clear extent cache after moving/defragmenting extents comedi: fix divide-by-zero in comedi_buf_munge() Dewei Meng (1): btrfs: directly free partially initialized fs_info in btrfs_check_leaked_roots() Enze Li (1): mm/damon/core: fix potential memory leak by cleaning ops_filter in damon_destroy_scheme Erick Karanja (1): hwmon: (pmbus/isl68137) Fix child node reference leak on early return Fernando Fernandez Mancera (2): net: hsr: prevent creation of HSR device with slaves from another netns sysfs: check visibility before changing group attribute ownership Florian Eckert (1): serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 Fuad Tabba (1): arm64: sysreg: Correct sign definitions for EIESB and DoubleLock Gao Xiang (2): erofs: fix crafted invalid cases for encoded extents erofs: avoid infinite loops due to corrupted subpage compact indexes Geert Uytterhoeven (2): m68k: bitops: Fix find_*_bit() signatures dt-bindings: serial: sh-sci: Fix r8a78000 interrupts Greg Kroah-Hartman (1): Linux 6.17.6 Guenter Roeck (1): hwmon: (sht3x) Fix error handling Haibo Chen (3): spi: spi-nxp-fspi: add the support for sample data from DQS pad spi: spi-nxp-fspi: re-config the clock rate when operation require new clock rate spi: spi-nxp-fspi: limit the clock rate for different sample clock source selection Han Xu (1): spi: spi-nxp-fspi: add extra delay after dll locked Hao Ge (2): slab: Avoid race on slab->obj_exts in alloc_slab_obj_exts slab: Fix obj_ext mistakenly considered NULL due to race condition Haotian Zhang (1): gpio: ljca: Fix duplicated IRQ mapping Harald Freudenberger (1): s390/pkey: Forward keygenflags to ep11_unwrapkey Heiko Carstens (1): s390/mm: Use __GFP_ACCOUNT for user page table allocations Heiner Kallweit (1): net: hibmcge: select FIXED_PHY Huang Ying (1): arm64, mm: avoid always making PTE dirty in pte_mkwrite() Hugo Villeneuve (1): serial: sc16is7xx: remove useless enable of enhanced features Ioana Ciornei (2): dpaa2-eth: fix the pointer passed to PTR_ALIGN on Tx path gpio: regmap: add the .fixed_direction_output configuration parameter Jakub Acs (1): fs/notify: call exportfs_encode_fid with s_umount Jan Kara (1): expfs: Fix exportfs_can_encode_fh() for EXPORT_FH_FID Jason Wang (1): virtio-net: zero unused hash fields Jens Axboe (2): io_uring/sqpoll: switch away from getrusage() for CPU accounting io_uring/sqpoll: be smarter on when to update the stime usage Jianpeng Chang (1): net: enetc: fix the deadlock of enetc_mdio_lock Jiasheng Jiang (1): ptp: ocp: Fix typo using index 1 instead of i in SMA initialization loop Jingwei Wang (1): riscv: hwprobe: Fix stale vDSO data for late-initialized keys at boot Jocelyn Falempe (3): drm/panic: Fix drawing the logo on a small narrow screen drm/panic: Fix qr_code, ensure vmargin is positive drm/panic: Fix 24bit pixel crossing page boundaries Johannes Wiesböck (1): rtnetlink: Allow deleting FDB entries in user namespace Junhao Xie (1): misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup Junhui Liu (2): riscv: mm: Return intended SATP mode for noXlvl options riscv: mm: Use mmu-type from FDT to limit SATP mode Junjie Cao (1): lkdtm: fortify: Fix potential NULL dereference on kmalloc failure K Prateek Nayak (1): sched/fair: Block delayed tasks on throttled hierarchy during dequeue Kaushlendra Kumar (1): arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Kees Cook (1): PCI: Test for bit underflow in pcie_set_readrq() Krishna Kurapati (1): dt-bindings: usb: qcom,snps-dwc3: Fix bindings for X1E80100 Krzysztof Kozlowski (1): arm64: dts: broadcom: bcm2712: Add default GIC address cells Kurt Borja (1): platform/x86: alienware-wmi-wmax: Fix NULL pointer dereference in sleep handlers LI Qingwu (1): USB: serial: option: add Telit FN920C04 ECM compositions Lad Prabhakar (2): net: ravb: Enforce descriptor type ordering net: ravb: Ensure memory write completes before ringing TX doorbell Lance Yang (1): hung_task: fix warnings caused by unaligned lock pointers Li Qiang (1): hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc() Linus Torvalds (1): Unbreak 'make tools/*' for user-space targets Lorenzo Pieralisi (2): of/irq: Convert of_msi_map_id() callers to of_msi_xlate() of/irq: Add msi-parent check to of_msi_xlate() Lorenzo Stoakes (1): mm/mremap: correctly account old mapping after MREMAP_DONTUNMAP remap Ma Ke (1): staging: gpib: Fix device reference leak in fmh_gpib driver Maarten Lankhorst (1): devcoredump: Fix circular locking dependency with devcd->mutex. Maciej W. Rozycki (1): MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering Marc Kleine-Budde (4): can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() can: esd: acc_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() can: rockchip-canfd: rkcanfd_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() can: netlink: can_changelink(): allow disabling of automatic restart Marek Szyprowski (2): dma-debug: don't report false positives with DMA_BOUNCE_UNALIGNED_KMALLOC spi: rockchip-sfc: Fix DMA-API usage Mario Limonciello (AMD) (1): cpufreq/amd-pstate: Fix a regression leading to EPP 0 after hibernate Mathias Nyman (2): xhci: dbc: enable back DbC in resume if it was enabled before suspend xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event Mathieu Dubois-Briand (1): gpio: regmap: Allow to allocate regmap-irq device Matthew Brost (1): drm/xe: Check return value of GGTT workqueue allocation Matthieu Baerts (NGI0) (4): mptcp: pm: in-kernel: C-flag: handle late ADD_ADDR selftests: mptcp: join: mark 'flush re-add' as skipped if not supported selftests: mptcp: join: mark implicit tests as skipped if not supported selftests: mptcp: join: mark 'delete re-add signal' as skipped if not supported Mattijs Korpershoek (1): spi: cadence-quadspi: Fix pm_runtime unbalance on dma EPROBE_DEFER Michael Grzeschik (1): tcpm: switch check for role_sw device with fw_node Michal Pecio (1): net: usb: rtl8150: Fix frame padding Miguel Ojeda (1): objtool/rust: add one more `noreturn` Rust function Mikhail Kshevetskiy (4): spi: airoha: return an error for continuous mode dirmap creation cases spi: airoha: add support of dual/quad wires spi modes to exec_op() handler spi: airoha: switch back to non-dma mode in the case of error spi: airoha: fix reading/writing of flashes with more than one plane per lun Nam Cao (2): rv: Fully convert enabled_monitors to use list_head as iterator rv: Make rtapp/pagefault monitor depends on CONFIG_MMU Nathan Chancellor (1): net/mlx5e: Return 1 instead of 0 in invalid case in mlx5e_mpwrq_umr_entry_size() Nipun Gupta (1): vfio/cdx: update driver to build without CONFIG_GENERIC_MSI_IRQ Ondrej Mosnacek (1): nbd: override creds to kernel when calling sock_{send,recv}msg() Patrisious Haddad (1): net/mlx5: Fix IPsec cleanup over MPV device Paul Walmsley (2): riscv: cpufeature: avoid uninitialized variable in has_thead_homogeneous_vlenb() riscv: hwprobe: avoid uninitialized variable use in hwprobe_arch_id() Paulo Alcantara (1): smb: client: get rid of d_drop() in cifs_do_rename() Peter Robinson (1): arm64: dts: broadcom: bcm2712: Define VGIC interrupt Qianchang Zhao (1): ksmbd: transport_ipc: validate payload size before reading handle Qiuxu Zhuo (1): mm: prevent poison consumption when splitting THP Rafael J. Wysocki (1): Revert "cpuidle: menu: Avoid discarding useful information" Ralf Lici (3): espintcp: use datagram_poll_queue for socket readiness net: datagram: introduce datagram_poll_queue for custom receive queues ovpn: use datagram_poll_queue for socket readiness in TCP Randy Dunlap (1): cgroup/misc: fix misc_res_type kernel-doc warning Reinhard Speyerer (1): USB: serial: option: add Quectel RG255C Renjun Wang (1): USB: serial: option: add UNISOC UIS7720 Robert Marko (1): net: phy: micrel: always set shared->phydev for LAN8814 Sebastian Reichel (1): net: stmmac: dwmac-rk: Fix disabling set_clock_selection SeongJae Park (4): mm/damon/core: use damos_commit_quota_goal() for new goal commit mm/damon/core: fix list_add_tail() call on damon_call() mm/damon/sysfs: catch commit test ctx alloc failure mm/damon/sysfs: dealloc commit test ctx always Simon Schuster (1): nios2: ensure that memblock.current_limit is set when setting pfn limits Stefan Metzmacher (4): smb: client: queue post_recv_credits_work also if the peer raises the credit target smb: client: limit the range of info->receive_credit_target smb: client: make use of ib_wc_status_msg() and skip IB_WC_WR_FLUSH_ERR logging smb: server: let smb_direct_flush_send_list() invalidate a remote key first Stefano Garzarella (1): vsock: fix lock inversion in vsock_assign_transport() Sudeep Holla (1): firmware: arm_ffa: Add support for IMPDEF value in the memory access descriptor Tim Guttzeit (1): usb/core/quirks: Add Huawei ME906S to wakeup quirk Ting-Chang Hou (1): btrfs: send: fix duplicated rmdir operations when using extrefs Tonghao Zhang (2): net: bonding: fix possible peer notify event loss or dup issue net: bonding: update the slave array for broadcast mode Viacheslav Dubeyko (5): hfs: clear offset and space out of valid records in b-tree node hfs: make proper initalization of struct hfs_find_data hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Victoria Votokina (2): most: usb: Fix use-after-free in hdm_disconnect most: usb: hdm_probe: Fix calling put_device() before device initialization Wang Liang (1): net/smc: fix general protection fault in __smc_diag_dump Wei Fang (1): net: enetc: correct the value of ENETC_RXB_TRUESIZE William Breathitt Gray (3): gpio: pci-idio-16: Define maximum valid register address offset gpio: 104-idio-16: Define maximum valid register address offset gpio: idio-16: Define fixed direction of the GPIO lines Xi Ruoyao (1): ACPICA: Work around bogus -Wstringop-overread warning since GCC 11 Xichao Zhao (1): exec: Fix incorrect type for ret Xin Long (1): selftests: net: fix server bind failure in sctp_vrf.sh Xu Yang (1): dt-bindings: usb: dwc3-imx8mp: dma-range is required only for imx8mp Yang Chenzhi (1): hfs: validate record offset in hfsplus_bmap_alloc Yangtao Li (1): hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Yicong Yang (1): drivers/perf: hisi: Relax the event ID check in the framework tr1x_em (1): platform/x86: alienware-wmi-wmax: Add AWCC support to Dell G15 5530

5 days, 17 hours

1
1
0 0

Linux 6.12.56

by Greg Kroah-Hartman

I'm announcing the release of the 6.12.56 kernel. All users of the 6.12 kernel series must upgrade. The updated 6.12.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml | 10 Makefile | 6 arch/arm64/boot/dts/broadcom/bcm2712.dtsi | 3 arch/arm64/include/asm/pgtable.h | 3 arch/arm64/mm/copypage.c | 9 arch/arm64/tools/sysreg | 4 arch/m68k/include/asm/bitops.h | 25 - arch/mips/mti-malta/malta-setup.c | 2 arch/nios2/kernel/setup.c | 15 arch/powerpc/include/asm/pgtable.h | 12 arch/powerpc/mm/book3s32/mmu.c | 4 arch/powerpc/mm/pgtable_32.c | 2 arch/riscv/include/asm/pgtable.h | 2 arch/riscv/kernel/cpu.c | 4 arch/riscv/kernel/sys_hwprobe.c | 6 arch/s390/mm/pgalloc.c | 13 arch/x86/kernel/cpu/microcode/amd.c | 2 drivers/acpi/acpica/tbprint.c | 6 drivers/android/binder.c | 11 drivers/base/arch_topology.c | 2 drivers/base/devcoredump.c | 138 +++-- drivers/block/nbd.c | 15 drivers/bluetooth/btintel.c | 28 - drivers/bluetooth/btintel.h | 3 drivers/comedi/comedi_buf.c | 2 drivers/cpuidle/governors/menu.c | 21 drivers/firmware/arm_scmi/common.h | 24 - drivers/firmware/arm_scmi/driver.c | 47 -- drivers/gpio/gpio-104-idio-16.c | 1 drivers/gpio/gpio-ljca.c | 14 drivers/gpio/gpio-pci-idio-16.c | 1 drivers/gpu/drm/amd/display/dc/hwss/dcn401/dcn401_hwseq.c | 3 drivers/gpu/drm/amd/display/dc/inc/hw/hw_shared.h | 8 drivers/gpu/drm/drm_panic.c | 8 drivers/gpu/drm/panthor/panthor_mmu.c | 10 drivers/hwmon/sht3x.c | 27 - drivers/misc/fastrpc.c | 2 drivers/misc/lkdtm/fortify.c | 6 drivers/misc/mei/hw-me-regs.h | 2 drivers/misc/mei/pci-me.c | 2 drivers/most/most_usb.c | 13 drivers/net/bonding/bond_main.c | 40 - drivers/net/can/bxcan.c | 2 drivers/net/can/dev/netlink.c | 6 drivers/net/can/esd/esdacc.c | 2 drivers/net/can/rockchip/rockchip_canfd-tx.c | 2 drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 3 drivers/net/ethernet/freescale/enetc/enetc.c | 25 - drivers/net/ethernet/freescale/enetc/enetc.h | 2 drivers/net/ethernet/mellanox/mlx5/core/en.h | 7 drivers/net/ethernet/mellanox/mlx5/core/en/params.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en/xdp.h | 6 drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.h | 5 drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_fs.c | 25 - drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 128 +++-- drivers/net/ethernet/renesas/ravb_main.c | 24 - drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c | 9 drivers/net/ethernet/ti/am65-cpts.c | 63 +- drivers/net/phy/micrel.c | 4 drivers/net/usb/rtl8150.c | 11 drivers/pci/pci.c | 6 drivers/perf/hisilicon/hisi_uncore_pmu.c | 2 drivers/perf/hisilicon/hisi_uncore_pmu.h | 3 drivers/platform/x86/amd/hsmp.c | 5 drivers/ptp/ptp_ocp.c | 2 drivers/spi/spi-airoha-snfi.c | 280 +++++++----- drivers/spi/spi-nxp-fspi.c | 6 drivers/tty/serial/8250/8250_dw.c | 4 drivers/tty/serial/8250/8250_exar.c | 11 drivers/tty/serial/8250/8250_mtk.c | 6 drivers/tty/serial/sc16is7xx.c | 7 drivers/usb/core/quirks.c | 2 drivers/usb/gadget/legacy/raw_gadget.c | 2 drivers/usb/host/xhci-dbgcap.c | 15 drivers/usb/serial/option.c | 10 drivers/usb/typec/tcpm/tcpm.c | 4 fs/btrfs/super.c | 8 fs/dlm/lockspace.c | 2 fs/exec.c | 2 fs/gfs2/lock_dlm.c | 11 fs/hfs/bfind.c | 8 fs/hfs/brec.c | 27 - fs/hfs/mdb.c | 2 fs/hfsplus/bfind.c | 8 fs/hfsplus/bnode.c | 41 - fs/hfsplus/btree.c | 6 fs/hfsplus/hfsplus_fs.h | 42 + fs/hfsplus/super.c | 25 - fs/notify/fdinfo.c | 6 fs/ocfs2/move_extents.c | 5 fs/smb/client/cifsglob.h | 2 fs/smb/server/transport_ipc.c | 8 fs/smb/server/transport_rdma.c | 11 fs/xfs/scrub/nlinks.c | 34 + fs/xfs/xfs_super.c | 33 - io_uring/fdinfo.c | 8 io_uring/filetable.c | 2 io_uring/sqpoll.c | 65 +- io_uring/sqpoll.h | 1 kernel/dma/debug.c | 5 kernel/power/energy_model.c | 58 +- kernel/sched/sched.h | 2 mm/huge_memory.c | 3 mm/migrate.c | 3 mm/slub.c | 23 net/core/rtnetlink.c | 3 net/sctp/inqueue.c | 13 net/smc/smc_inet.c | 13 net/vmw_vsock/af_vsock.c | 38 - tools/objtool/check.c | 1 tools/testing/selftests/net/mptcp/mptcp_join.sh | 6 tools/testing/selftests/net/sctp_hello.c | 17 tools/testing/selftests/net/sctp_vrf.sh | 73 +-- 114 files changed, 1176 insertions(+), 688 deletions(-) Akash Goel (1): drm/panthor: Fix kernel panic on partial unmap of a GPU VA region Aksh Garg (1): net: ethernet: ti: am65-cpts: fix timestamp loss due to race conditions Alexander Aring (1): dlm: check for defined force value in dlm_lockspace_release Alexander Usyskin (1): mei: me: add wildcat lake P DID Alexey Simakov (1): sctp: avoid NULL dereference when chunk data buffer is missing Alice Ryhl (1): binder: remove "invalid inc weak" check Alok Tiwari (1): io_uring: correct __must_hold annotation in io_install_fixed_file Amery Hung (2): net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for legacy RQ net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ Andreas Gruenbacher (1): gfs2: Fix unlikely race in gdlm_put_lock Andrew Cooper (1): x86/microcode: Fix Entrysign revision check for Zen1/Naples Andrey Konovalov (1): usb: raw-gadget: do not limit transfer length Andy Shevchenko (1): sched: Remove never used code in mm_cid_get() Anup Patel (2): RISC-V: Define pgprot_dmacoherent() for non-coherent devices RISC-V: Don't print details of CPUs disabled in DT Artem Shimko (2): firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode serial: 8250_dw: handle reset control deassert error Carolina Jubran (1): net/mlx5e: Reuse per-RQ XDP buffer to avoid stack zeroing overhead Catalin Marinas (1): arm64: mte: Do not warn if the page is already tagged in copy_highpage() Charlene Liu (1): drm/amd/display: increase max link count and fix link->enc NULL pointer access Christian Loehle (1): PM: EM: Fix late boot with holes in CPU topology Christophe Leroy (1): powerpc/32: Remove PAGE_KERNEL_TEXT to fix startup failure Cristian Marussi (1): firmware: arm_scmi: Account for failed debug initialization Daniel Golle (1): serial: 8250_mtk: Enable baud clock and manage in runtime PM Darrick J. Wong (2): xfs: fix locking in xchk_nlinks_collect_dir xfs: always warn about deprecated mount options David Howells (1): cifs: Fix TCP_Server_Info::credits to be signed Deepanshu Kartikey (2): ocfs2: clear extent cache after moving/defragmenting extents comedi: fix divide-by-zero in comedi_buf_munge() Dewei Meng (1): btrfs: directly free partially initialized fs_info in btrfs_check_leaked_roots() Florian Eckert (1): serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 Fuad Tabba (1): arm64: sysreg: Correct sign definitions for EIESB and DoubleLock Geert Uytterhoeven (1): m68k: bitops: Fix find_*_bit() signatures Greg Kroah-Hartman (1): Linux 6.12.56 Guenter Roeck (1): hwmon: (sht3x) Fix error handling Han Xu (1): spi: spi-nxp-fspi: add extra delay after dll locked Hao Ge (2): slab: Avoid race on slab->obj_exts in alloc_slab_obj_exts slab: Fix obj_ext mistakenly considered NULL due to race condition Haotian Zhang (1): gpio: ljca: Fix duplicated IRQ mapping Heiko Carstens (1): s390/mm: Use __GFP_ACCOUNT for user page table allocations Huang Ying (1): arm64, mm: avoid always making PTE dirty in pte_mkwrite() Hugo Villeneuve (1): serial: sc16is7xx: remove useless enable of enhanced features Ioana Ciornei (1): dpaa2-eth: fix the pointer passed to PTR_ALIGN on Tx path Jakub Acs (1): fs/notify: call exportfs_encode_fid with s_umount Jens Axboe (2): io_uring/sqpoll: switch away from getrusage() for CPU accounting io_uring/sqpoll: be smarter on when to update the stime usage Jianpeng Chang (1): net: enetc: fix the deadlock of enetc_mdio_lock Jiasheng Jiang (1): ptp: ocp: Fix typo using index 1 instead of i in SMA initialization loop Jocelyn Falempe (2): drm/panic: Fix drawing the logo on a small narrow screen drm/panic: Fix qr_code, ensure vmargin is positive Johannes Wiesböck (1): rtnetlink: Allow deleting FDB entries in user namespace Junhao Xie (1): misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup Junjie Cao (1): lkdtm: fortify: Fix potential NULL dereference on kmalloc failure Kaushlendra Kumar (1): arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Kees Cook (1): PCI: Test for bit underflow in pcie_set_readrq() Kiran K (1): Bluetooth: btintel: Add DSBR support for BlazarIW, BlazarU and GaP Krzysztof Kozlowski (1): arm64: dts: broadcom: bcm2712: Add default GIC address cells LI Qingwu (1): USB: serial: option: add Telit FN920C04 ECM compositions Lad Prabhakar (2): net: ravb: Enforce descriptor type ordering net: ravb: Ensure memory write completes before ringing TX doorbell Linus Torvalds (1): Unbreak 'make tools/*' for user-space targets Lorenzo Bianconi (1): spi: airoha: do not keep {tx,rx} dma buffer always mapped Maarten Lankhorst (1): devcoredump: Fix circular locking dependency with devcd->mutex. Maciej W. Rozycki (1): MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering Marc Kleine-Budde (4): can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() can: esd: acc_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() can: rockchip-canfd: rkcanfd_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() can: netlink: can_changelink(): allow disabling of automatic restart Marek Szyprowski (1): dma-debug: don't report false positives with DMA_BOUNCE_UNALIGNED_KMALLOC Mathias Nyman (2): xhci: dbc: enable back DbC in resume if it was enabled before suspend xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event Matthieu Baerts (NGI0) (2): selftests: mptcp: join: mark 'flush re-add' as skipped if not supported selftests: mptcp: join: mark implicit tests as skipped if not supported Michael Grzeschik (1): tcpm: switch check for role_sw device with fw_node Michal Pecio (1): net: usb: rtl8150: Fix frame padding Miguel Ojeda (1): objtool/rust: add one more `noreturn` Rust function Mikhail Kshevetskiy (4): spi: airoha: return an error for continuous mode dirmap creation cases spi: airoha: add support of dual/quad wires spi modes to exec_op() handler spi: airoha: switch back to non-dma mode in the case of error spi: airoha: fix reading/writing of flashes with more than one plane per lun Nathan Chancellor (1): net/mlx5e: Return 1 instead of 0 in invalid case in mlx5e_mpwrq_umr_entry_size() Ondrej Mosnacek (1): nbd: override creds to kernel when calling sock_{send,recv}msg() Patrisious Haddad (1): net/mlx5: Fix IPsec cleanup over MPV device Paul Walmsley (1): riscv: hwprobe: avoid uninitialized variable use in hwprobe_arch_id() Peter Robinson (1): arm64: dts: broadcom: bcm2712: Define VGIC interrupt Qianchang Zhao (1): ksmbd: transport_ipc: validate payload size before reading handle Qiuxu Zhuo (1): mm: prevent poison consumption when splitting THP Rafael J. Wysocki (4): PM: EM: Drop unused parameter from em_adjust_new_capacity() PM: EM: Slightly reduce em_check_capacity_update() overhead PM: EM: Move CPU capacity check to em_adjust_new_capacity() Revert "cpuidle: menu: Avoid discarding useful information" Reinhard Speyerer (1): USB: serial: option: add Quectel RG255C Renjun Wang (1): USB: serial: option: add UNISOC UIS7720 Robert Marko (1): net: phy: micrel: always set shared->phydev for LAN8814 Sebastian Reichel (1): net: stmmac: dwmac-rk: Fix disabling set_clock_selection Simon Schuster (1): nios2: ensure that memblock.current_limit is set when setting pfn limits Stefan Metzmacher (1): smb: server: let smb_direct_flush_send_list() invalidate a remote key first Stefano Garzarella (1): vsock: fix lock inversion in vsock_assign_transport() Suma Hegde (1): platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL Tim Guttzeit (1): usb/core/quirks: Add Huawei ME906S to wakeup quirk Tonghao Zhang (1): net: bonding: fix possible peer notify event loss or dup issue Viacheslav Dubeyko (5): hfs: clear offset and space out of valid records in b-tree node hfs: make proper initalization of struct hfs_find_data hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Victoria Votokina (2): most: usb: Fix use-after-free in hdm_disconnect most: usb: hdm_probe: Fix calling put_device() before device initialization Wang Liang (1): net/smc: fix general protection fault in __smc_diag_dump Wei Fang (1): net: enetc: correct the value of ENETC_RXB_TRUESIZE William Breathitt Gray (2): gpio: pci-idio-16: Define maximum valid register address offset gpio: 104-idio-16: Define maximum valid register address offset Xi Ruoyao (1): ACPICA: Work around bogus -Wstringop-overread warning since GCC 11 Xichao Zhao (1): exec: Fix incorrect type for ret Xin Long (1): selftests: net: fix server bind failure in sctp_vrf.sh Xu Yang (1): dt-bindings: usb: dwc3-imx8mp: dma-range is required only for imx8mp Yang Chenzhi (1): hfs: validate record offset in hfsplus_bmap_alloc Yangtao Li (1): hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Yicong Yang (1): drivers/perf: hisi: Relax the event ID check in the framework

5 days, 17 hours

1
1
0 0

Linux 6.6.115

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.115 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml | 10 Makefile | 6 arch/arm64/include/asm/pgtable.h | 3 arch/m68k/include/asm/bitops.h | 25 - arch/mips/mti-malta/malta-setup.c | 2 arch/nios2/kernel/setup.c | 15 arch/powerpc/include/asm/pgtable.h | 12 arch/powerpc/mm/book3s32/mmu.c | 4 arch/powerpc/mm/pgtable_32.c | 2 arch/riscv/include/asm/pgtable.h | 2 arch/riscv/kernel/cpu.c | 4 arch/x86/kernel/cpu/microcode/amd.c | 2 arch/x86/kernel/cpu/resctrl/monitor.c | 8 drivers/acpi/acpica/tbprint.c | 6 drivers/android/binder.c | 11 drivers/base/arch_topology.c | 2 drivers/base/devcoredump.c | 138 ++++--- drivers/comedi/comedi_buf.c | 2 drivers/cpuidle/governors/menu.c | 21 - drivers/firmware/arm_scmi/common.h | 24 + drivers/firmware/arm_scmi/driver.c | 47 -- drivers/gpio/Kconfig | 4 drivers/gpio/gpio-104-idio-16.c | 1 drivers/gpio/gpio-ljca.c | 250 +++++++------ drivers/gpio/gpio-pci-idio-16.c | 1 drivers/hwmon/sht3x.c | 27 - drivers/misc/fastrpc.c | 2 drivers/misc/lkdtm/fortify.c | 6 drivers/misc/mei/hw-me-regs.h | 2 drivers/misc/mei/pci-me.c | 2 drivers/most/most_usb.c | 13 drivers/net/bonding/bond_main.c | 40 -- drivers/net/can/bxcan.c | 2 drivers/net/can/dev/netlink.c | 6 drivers/net/ethernet/amazon/ena/ena_netdev.c | 2 drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 3 drivers/net/ethernet/freescale/enetc/enetc.c | 27 + drivers/net/ethernet/freescale/enetc/enetc.h | 2 drivers/net/ethernet/freescale/fec_main.c | 2 drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 drivers/net/ethernet/intel/ice/ice_txrx_lib.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 2 drivers/net/ethernet/marvell/mvneta.c | 2 drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c | 2 drivers/net/ethernet/mediatek/mtk_eth_soc.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en.h | 7 drivers/net/ethernet/mellanox/mlx5/core/en/params.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en/xdp.h | 6 drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 128 ++++-- drivers/net/ethernet/netronome/nfp/nfd3/xsk.c | 2 drivers/net/ethernet/renesas/ravb_main.c | 24 + drivers/net/ethernet/sfc/efx_channels.c | 2 drivers/net/ethernet/sfc/siena/efx_channels.c | 2 drivers/net/ethernet/socionext/netsec.c | 2 drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c | 9 drivers/net/ethernet/ti/cpsw_priv.c | 2 drivers/net/usb/rtl8150.c | 11 drivers/perf/hisilicon/hisi_uncore_pmu.c | 2 drivers/perf/hisilicon/hisi_uncore_pmu.h | 3 drivers/s390/cio/device.c | 37 + drivers/spi/spi-nxp-fspi.c | 6 drivers/tty/serial/8250/8250_dw.c | 4 drivers/tty/serial/8250/8250_exar.c | 11 drivers/tty/serial/8250/8250_mtk.c | 6 drivers/usb/core/quirks.c | 2 drivers/usb/gadget/legacy/raw_gadget.c | 2 drivers/usb/host/xhci-dbgcap.c | 9 drivers/usb/serial/option.c | 10 drivers/usb/typec/tcpm/tcpm.c | 4 fs/dlm/lockspace.c | 2 fs/exec.c | 2 fs/fuse/dir.c | 2 fs/fuse/file.c | 75 ++- fs/fuse/fuse_i.h | 2 fs/hfs/bfind.c | 8 fs/hfs/brec.c | 27 + fs/hfs/mdb.c | 2 fs/hfsplus/bfind.c | 8 fs/hfsplus/bnode.c | 41 -- fs/hfsplus/btree.c | 6 fs/hfsplus/hfsplus_fs.h | 42 ++ fs/hfsplus/super.c | 25 - fs/notify/fdinfo.c | 6 fs/ocfs2/move_extents.c | 5 fs/smb/client/cifsglob.h | 2 fs/smb/server/transport_ipc.c | 8 fs/smb/server/transport_rdma.c | 11 fs/xfs/xfs_super.c | 33 + io_uring/filetable.c | 2 kernel/dma/debug.c | 5 kernel/sched/sched.h | 2 net/core/rtnetlink.c | 3 net/sctp/inqueue.c | 13 net/vmw_vsock/af_vsock.c | 38 - tools/testing/selftests/net/mptcp/mptcp_join.sh | 6 tools/testing/selftests/net/sctp_hello.c | 17 tools/testing/selftests/net/sctp_vrf.sh | 85 ++-- 99 files changed, 922 insertions(+), 603 deletions(-) Alexander Aring (1): dlm: check for defined force value in dlm_lockspace_release Alexander Usyskin (1): mei: me: add wildcat lake P DID Alexey Simakov (1): sctp: avoid NULL dereference when chunk data buffer is missing Alice Ryhl (1): binder: remove "invalid inc weak" check Alok Tiwari (1): io_uring: correct __must_hold annotation in io_install_fixed_file Amery Hung (2): net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for legacy RQ net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ Amir Goldstein (1): fuse: allocate ff->release_args only if release is needed Andrew Cooper (1): x86/microcode: Fix Entrysign revision check for Zen1/Naples Andrey Konovalov (1): usb: raw-gadget: do not limit transfer length Andy Shevchenko (1): sched: Remove never used code in mm_cid_get() Anup Patel (2): RISC-V: Define pgprot_dmacoherent() for non-coherent devices RISC-V: Don't print details of CPUs disabled in DT Artem Shimko (2): firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode serial: 8250_dw: handle reset control deassert error Babu Moger (1): x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Carolina Jubran (1): net/mlx5e: Reuse per-RQ XDP buffer to avoid stack zeroing overhead Christophe Leroy (1): powerpc/32: Remove PAGE_KERNEL_TEXT to fix startup failure Cristian Marussi (1): firmware: arm_scmi: Account for failed debug initialization Daniel Golle (1): serial: 8250_mtk: Enable baud clock and manage in runtime PM Darrick J. Wong (2): xfs: always warn about deprecated mount options fuse: fix livelock in synchronous file put from fuseblk workers David Howells (1): cifs: Fix TCP_Server_Info::credits to be signed Deepanshu Kartikey (2): ocfs2: clear extent cache after moving/defragmenting extents comedi: fix divide-by-zero in comedi_buf_munge() Florian Eckert (1): serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 Geert Uytterhoeven (1): m68k: bitops: Fix find_*_bit() signatures Greg Kroah-Hartman (1): Linux 6.6.115 Guenter Roeck (1): hwmon: (sht3x) Fix error handling Han Xu (1): spi: spi-nxp-fspi: add extra delay after dll locked Hangbin Liu (1): selftests/net: convert sctp_vrf.sh to run it in unique namespace Haotian Zhang (1): gpio: ljca: Fix duplicated IRQ mapping Haoyu Li (1): gpio: ljca: Initialize num before accessing item in ljca_gpio_config Huang Ying (1): arm64, mm: avoid always making PTE dirty in pte_mkwrite() Ioana Ciornei (1): dpaa2-eth: fix the pointer passed to PTR_ALIGN on Tx path Jakub Acs (1): fs/notify: call exportfs_encode_fid with s_umount Jianpeng Chang (1): net: enetc: fix the deadlock of enetc_mdio_lock Johannes Wiesböck (1): rtnetlink: Allow deleting FDB entries in user namespace Junhao Xie (1): misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup Junjie Cao (1): lkdtm: fortify: Fix potential NULL dereference on kmalloc failure Kaushlendra Kumar (1): arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() LI Qingwu (1): USB: serial: option: add Telit FN920C04 ECM compositions Lad Prabhakar (2): net: ravb: Enforce descriptor type ordering net: ravb: Ensure memory write completes before ringing TX doorbell Linus Torvalds (1): Unbreak 'make tools/*' for user-space targets Maarten Lankhorst (1): devcoredump: Fix circular locking dependency with devcd->mutex. Maciej W. Rozycki (1): MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering Marc Kleine-Budde (2): can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() can: netlink: can_changelink(): allow disabling of automatic restart Marek Szyprowski (1): dma-debug: don't report false positives with DMA_BOUNCE_UNALIGNED_KMALLOC Mathias Nyman (1): xhci: dbc: enable back DbC in resume if it was enabled before suspend Matthieu Baerts (NGI0) (2): selftests: mptcp: join: mark 'flush re-add' as skipped if not supported selftests: mptcp: join: mark implicit tests as skipped if not supported Michael Grzeschik (1): tcpm: switch check for role_sw device with fw_node Michal Pecio (1): net: usb: rtl8150: Fix frame padding Nathan Chancellor (1): net/mlx5e: Return 1 instead of 0 in invalid case in mlx5e_mpwrq_umr_entry_size() Qianchang Zhao (1): ksmbd: transport_ipc: validate payload size before reading handle Rafael J. Wysocki (1): Revert "cpuidle: menu: Avoid discarding useful information" Reinhard Speyerer (1): USB: serial: option: add Quectel RG255C Renjun Wang (1): USB: serial: option: add UNISOC UIS7720 Sebastian Andrzej Siewior (1): net: Tree wide: Replace xdp_do_flush_map() with xdp_do_flush(). Sebastian Reichel (1): net: stmmac: dwmac-rk: Fix disabling set_clock_selection Simon Schuster (1): nios2: ensure that memblock.current_limit is set when setting pfn limits Stefan Metzmacher (1): smb: server: let smb_direct_flush_send_list() invalidate a remote key first Stefano Garzarella (1): vsock: fix lock inversion in vsock_assign_transport() Tim Guttzeit (1): usb/core/quirks: Add Huawei ME906S to wakeup quirk Tonghao Zhang (1): net: bonding: fix possible peer notify event loss or dup issue Viacheslav Dubeyko (5): hfs: clear offset and space out of valid records in b-tree node hfs: make proper initalization of struct hfs_find_data hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Victoria Votokina (2): most: usb: Fix use-after-free in hdm_disconnect most: usb: hdm_probe: Fix calling put_device() before device initialization Vineeth Vijayan (1): s390/cio: Update purge function to unregister the unused subchannels Wei Fang (1): net: enetc: correct the value of ENETC_RXB_TRUESIZE Wentong Wu (1): gpio: update Intel LJCA USB GPIO driver William Breathitt Gray (2): gpio: pci-idio-16: Define maximum valid register address offset gpio: 104-idio-16: Define maximum valid register address offset Xi Ruoyao (1): ACPICA: Work around bogus -Wstringop-overread warning since GCC 11 Xichao Zhao (1): exec: Fix incorrect type for ret Xin Long (1): selftests: net: fix server bind failure in sctp_vrf.sh Xu Yang (1): dt-bindings: usb: dwc3-imx8mp: dma-range is required only for imx8mp Yang Chenzhi (1): hfs: validate record offset in hfsplus_bmap_alloc Yangtao Li (1): hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Yicong Yang (1): drivers/perf: hisi: Relax the event ID check in the framework

5 days, 17 hours

1
1
0 0

Linux 6.1.158

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.158 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/RCU/Design/Requirements/Requirements.rst | 2 Documentation/arm64/silicon-errata.rst | 2 Documentation/core-api/local_ops.rst | 2 Documentation/kernel-hacking/locking.rst | 17 Documentation/networking/seg6-sysctl.rst | 3 Documentation/timers/hrtimers.rst | 2 Documentation/translations/it_IT/kernel-hacking/locking.rst | 14 Documentation/translations/zh_CN/core-api/local_ops.rst | 2 Makefile | 2 arch/arm/mach-spear/time.c | 8 arch/arm64/Kconfig | 1 arch/arm64/include/asm/cputype.h | 2 arch/arm64/include/asm/pgtable.h | 3 arch/arm64/kernel/cpu_errata.c | 1 arch/arm64/kernel/cpufeature.c | 10 arch/arm64/kernel/mte.c | 2 arch/m68k/include/asm/bitops.h | 25 arch/mips/mti-malta/malta-setup.c | 2 arch/nios2/kernel/setup.c | 15 arch/powerpc/include/asm/pgtable.h | 12 arch/powerpc/mm/book3s32/mmu.c | 4 arch/powerpc/mm/pgtable_32.c | 2 arch/riscv/include/asm/pgtable.h | 2 arch/riscv/kernel/cpu.c | 4 arch/riscv/kernel/probes/kprobes.c | 13 arch/x86/kernel/cpu/resctrl/monitor.c | 8 drivers/acpi/acpica/tbprint.c | 6 drivers/android/binder.c | 11 drivers/base/arch_topology.c | 2 drivers/base/devcoredump.c | 138 +++-- drivers/base/power/runtime.c | 44 + drivers/bluetooth/hci_qca.c | 10 drivers/clocksource/arm_arch_timer.c | 12 drivers/clocksource/timer-sp804.c | 6 drivers/comedi/comedi_buf.c | 2 drivers/cpufreq/cppc_cpufreq.c | 14 drivers/cpuidle/governors/menu.c | 21 drivers/crypto/rockchip/rk3288_crypto_ahash.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 2 drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 drivers/gpu/drm/bridge/lontium-lt9211.c | 3 drivers/gpu/drm/exynos/exynos7_drm_decon.c | 98 +-- drivers/gpu/drm/rcar-du/rcar_mipi_dsi.c | 5 drivers/gpu/drm/rcar-du/rcar_mipi_dsi_regs.h | 8 drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 2 drivers/gpu/drm/scheduler/sched_main.c | 13 drivers/hid/hid-input.c | 5 drivers/hid/hid-multitouch.c | 28 - drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 5 drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 35 - drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 5 drivers/misc/fastrpc.c | 2 drivers/misc/lkdtm/fortify.c | 6 drivers/misc/mei/hw-me-regs.h | 2 drivers/misc/mei/pci-me.c | 2 drivers/most/most_usb.c | 13 drivers/net/bonding/bond_main.c | 40 - drivers/net/can/dev/netlink.c | 6 drivers/net/can/m_can/m_can_platform.c | 2 drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 drivers/net/ethernet/broadcom/tg3.c | 5 drivers/net/ethernet/dlink/dl2k.c | 23 drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 3 drivers/net/ethernet/freescale/enetc/enetc.h | 2 drivers/net/ethernet/intel/ixgbevf/defines.h | 6 drivers/net/ethernet/intel/ixgbevf/ipsec.c | 10 drivers/net/ethernet/intel/ixgbevf/ixgbevf.h | 13 drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 46 + drivers/net/ethernet/intel/ixgbevf/mbx.h | 8 drivers/net/ethernet/intel/ixgbevf/vf.c | 194 ++++++- drivers/net/ethernet/intel/ixgbevf/vf.h | 5 drivers/net/ethernet/mellanox/mlx5/core/en/params.c | 2 drivers/net/ethernet/realtek/r8169_main.c | 5 drivers/net/ethernet/renesas/ravb_main.c | 24 drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c | 9 drivers/net/usb/lan78xx.c | 38 + drivers/net/usb/r8152.c | 7 drivers/net/usb/rtl8150.c | 11 drivers/pci/controller/cadence/pci-j721e.c | 64 ++ drivers/pci/controller/dwc/pcie-tegra194.c | 10 drivers/pci/pci-sysfs.c | 10 drivers/phy/cadence/cdns-dphy.c | 131 +++-- drivers/s390/cio/device.c | 37 - drivers/tty/serial/8250/8250_dw.c | 4 drivers/tty/serial/8250/8250_exar.c | 11 drivers/usb/core/quirks.c | 2 drivers/usb/gadget/function/f_acm.c | 42 - drivers/usb/gadget/function/f_ecm.c | 48 - drivers/usb/gadget/function/f_ncm.c | 78 +-- drivers/usb/gadget/function/f_rndis.c | 85 +-- drivers/usb/gadget/legacy/raw_gadget.c | 2 drivers/usb/gadget/udc/core.c | 3 drivers/usb/host/xhci-dbgcap.c | 9 drivers/usb/serial/option.c | 10 fs/btrfs/free-space-tree.c | 15 fs/btrfs/relocation.c | 13 fs/dax.c | 2 fs/dcache.c | 2 fs/dlm/lockspace.c | 2 fs/exec.c | 2 fs/ext4/ext4_jbd2.c | 11 fs/ext4/inode.c | 8 fs/ext4/super.c | 17 fs/f2fs/data.c | 108 ++-- fs/f2fs/f2fs.h | 6 fs/f2fs/file.c | 16 fs/fuse/dir.c | 2 fs/fuse/file.c | 75 +- fs/fuse/fuse_i.h | 2 fs/hfs/bfind.c | 8 fs/hfs/brec.c | 27 - fs/hfs/mdb.c | 2 fs/hfsplus/bfind.c | 8 fs/hfsplus/bnode.c | 41 - fs/hfsplus/btree.c | 6 fs/hfsplus/hfsplus_fs.h | 42 + fs/hfsplus/super.c | 25 fs/hfsplus/unicode.c | 24 fs/jbd2/transaction.c | 13 fs/nfsd/blocklayout.c | 5 fs/nfsd/blocklayoutxdr.c | 7 fs/nfsd/flexfilelayout.c | 8 fs/nfsd/flexfilelayoutxdr.c | 3 fs/nfsd/nfs4layouts.c | 1 fs/nfsd/nfs4proc.c | 34 - fs/nfsd/nfs4xdr.c | 14 fs/nfsd/xdr4.h | 36 + fs/ocfs2/move_extents.c | 5 fs/smb/client/inode.c | 6 fs/smb/client/misc.c | 17 fs/smb/client/smb2ops.c | 8 fs/smb/server/ksmbd_netlink.h | 3 fs/smb/server/server.h | 1 fs/smb/server/smb2pdu.c | 4 fs/smb/server/transport_ipc.c | 9 fs/smb/server/transport_rdma.c | 11 fs/smb/server/transport_tcp.c | 69 +- fs/smb/server/transport_tcp.h | 1 fs/xfs/libxfs/xfs_log_format.h | 30 + fs/xfs/xfs_log.c | 8 fs/xfs/xfs_log_priv.h | 4 fs/xfs/xfs_log_recover.c | 34 - fs/xfs/xfs_ondisk.h | 2 fs/xfs/xfs_super.c | 33 - include/linux/cpufreq.h | 3 include/linux/mm.h | 2 include/linux/pci.h | 14 include/linux/pm_runtime.h | 4 include/linux/timer.h | 2 include/linux/usb/gadget.h | 25 include/net/ip_tunnels.h | 15 include/trace/events/f2fs.h | 11 io_uring/filetable.c | 2 kernel/padata.c | 6 kernel/sched/fair.c | 38 - kernel/time/timer.c | 311 +++++++++--- net/core/rtnetlink.c | 3 net/ipv4/ip_tunnel.c | 14 net/ipv4/tcp_output.c | 19 net/ipv6/ip6_tunnel.c | 3 net/sctp/inqueue.c | 13 net/tls/tls_main.c | 7 net/tls/tls_sw.c | 28 - net/vmw_vsock/af_vsock.c | 38 - rust/bindings/bindings_helper.h | 2 rust/bindings/lib.rs | 1 sound/firewire/amdtp-stream.h | 2 sound/soc/codecs/nau8821.c | 53 +- sound/usb/card.c | 10 tools/testing/selftests/net/mptcp/mptcp_join.sh | 6 tools/testing/selftests/vm/map_hugetlb.c | 7 175 files changed, 2091 insertions(+), 1070 deletions(-) Alexander Aring (1): dlm: check for defined force value in dlm_lockspace_release Alexander Usyskin (1): mei: me: add wildcat lake P DID Alexey Simakov (2): tg3: prevent use of uninitialized remote_adv and local_adv variables sctp: avoid NULL dereference when chunk data buffer is missing Alice Ryhl (1): binder: remove "invalid inc weak" check Alok Tiwari (2): drm/rockchip: vop2: use correct destination rectangle height check io_uring: correct __must_hold annotation in io_install_fixed_file Amir Goldstein (1): fuse: allocate ff->release_args only if release is needed Andrey Konovalov (1): usb: raw-gadget: do not limit transfer length Anup Patel (2): RISC-V: Define pgprot_dmacoherent() for non-coherent devices RISC-V: Don't print details of CPUs disabled in DT Artem Shimko (1): serial: 8250_dw: handle reset control deassert error Babu Moger (1): x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Bence Csókás (1): PM: runtime: Add new devm functions Benjamin Tissoires (1): HID: multitouch: fix sticky fingers Brian Norris (1): PCI/sysfs: Ensure devices are powered for config reads (part 2) Catalin Marinas (1): arm64: mte: Do not flag the zero page as PG_mte_tagged Christoph Hellwig (5): xfs: rename the old_crc variable in xlog_recover_process xfs: fix log CRC mismatches between i386 and other architectures f2fs: add a f2fs_get_block_locked helper f2fs: remove the create argument to f2fs_map_blocks f2fs: factor a f2fs_map_blocks_cached helper Christophe Leroy (1): powerpc/32: Remove PAGE_KERNEL_TEXT to fix startup failure Chuck Lever (1): NFSD: Define a proc_layoutcommit for the FlexFiles layout type Cristian Ciocaltea (3): ASoC: nau8821: Cancel jdet_work before handling jack ejection ASoC: nau8821: Generalize helper to clear IRQ status ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit Darrick J. Wong (2): fuse: fix livelock in synchronous file put from fuseblk workers xfs: always warn about deprecated mount options David Lechner (1): iio: imu: inv_icm42600: use = { } instead of memset() Deepanshu Kartikey (3): ext4: detect invalid INLINE_DATA + EXTENTS flag combination ocfs2: clear extent cache after moving/defragmenting extents comedi: fix divide-by-zero in comedi_buf_munge() Devarsh Thakkar (2): phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling phy: cadence: cdns-dphy: Update calibration wait time for startup state machine Dmitry Safonov (1): net/ip6_tunnel: Prevent perpetual tunnel growth Dmitry Torokhov (1): HID: hid-input: only ignore 0 battery events for digitizers Eric Dumazet (1): tcp: fix tcp_tso_should_defer() vs large RTT Eugene Korenevsky (1): cifs: parse_dfs_referrals: prevent oob on malformed input Fabian Vogt (1): riscv: kprobes: Fix probe address validation Filipe Manana (2): btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running btrfs: do not assert we found block group item when creating free space tree Florian Eckert (1): serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 Geert Uytterhoeven (1): m68k: bitops: Fix find_*_bit() signatures Greg Kroah-Hartman (1): Linux 6.1.158 Gui-Dong Han (1): drm/amdgpu: use atomic functions with memory barriers for vm fault info Huang Ying (1): arm64, mm: avoid always making PTE dirty in pte_mkwrite() I Viswanath (1): net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Ingo Molnar (1): sched/balancing: Rename newidle_balance() => sched_balance_newidle() Ioana Ciornei (1): dpaa2-eth: fix the pointer passed to PTR_ALIGN on Tx path Jaegeuk Kim (1): f2fs: fix wrong block mapping for multi-devices Jakub Acs (1): mm/ksm: fix flag-dropping behavior in ksm_madvise Jan Kara (1): vfs: Don't leak disconnected dentries on umount Jedrzej Jagielski (2): ixgbevf: fix getting link speed data for E610 devices ixgbevf: fix mailbox API compatibility by negotiating supported features Jiaming Zhang (1): ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card Johannes Wiesböck (1): rtnetlink: Allow deleting FDB entries in user namespace Junhao Xie (1): misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup Junjie Cao (1): lkdtm: fortify: Fix potential NULL dereference on kmalloc failure Kaushlendra Kumar (1): arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Kaustabh Chakraborty (3): drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions drm/exynos: exynos7_drm_decon: properly clear channels during bind drm/exynos: exynos7_drm_decon: remove ctx->suspended Kuen-Han Tsai (6): usb: gadget: Store endpoint pointer in usb_request usb: gadget: Introduce free_usb_request helper usb: gadget: f_rndis: Refactor bind path to use __free() usb: gadget: f_ecm: Refactor bind path to use __free() usb: gadget: f_acm: Refactor bind path to use __free() usb: gadget: f_ncm: Refactor bind path to use __free() LI Qingwu (1): USB: serial: option: add Telit FN920C04 ECM compositions Lad Prabhakar (2): net: ravb: Enforce descriptor type ordering net: ravb: Ensure memory write completes before ringing TX doorbell Leon Hwang (1): Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems" Linmao Li (1): r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Maarten Lankhorst (1): devcoredump: Fix circular locking dependency with devcd->mutex. Maciej W. Rozycki (1): MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering Marc Kleine-Budde (2): can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() can: netlink: can_changelink(): allow disabling of automatic restart Marek Vasut (2): drm/rcar-du: dsi: Fix 1/2/3 lane support drm/bridge: lt9211: Drop check for last nibble of version register Mario Limonciello (1): drm/amd: Check whether secure display TA loaded successfully Mark Rutland (2): arm64: cputype: Add Neoverse-V3AE definitions arm64: errata: Apply workarounds for Neoverse-V3AE Mathias Nyman (1): xhci: dbc: enable back DbC in resume if it was enabled before suspend Matthieu Baerts (NGI0) (2): selftests: mptcp: join: mark 'flush re-add' as skipped if not supported selftests: mptcp: join: mark implicit tests as skipped if not supported Michal Pecio (1): net: usb: rtl8150: Fix frame padding Namjae Jeon (1): ksmbd: browse interfaces list on FSCTL_QUERY_INTERFACE_INFO IOCTL Nathan Chancellor (1): net/mlx5e: Return 1 instead of 0 in invalid case in mlx5e_mpwrq_umr_entry_size() Nicolas Dichtel (1): doc: fix seg6_flowlabel path Niklas Cassel (1): PCI: tegra194: Reset BARs when running in PCIe endpoint mode Oleksij Rempel (1): net: usb: lan78xx: Add error handling to lan78xx_init_mac_address Piotr Kwapulinski (2): PCI: Add PCI_VDEVICE_SUB helper macro ixgbevf: Add support for Intel(R) E610 device Qianchang Zhao (1): ksmbd: transport_ipc: validate payload size before reading handle Rafael J. Wysocki (2): cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay Revert "cpuidle: menu: Avoid discarding useful information" Raju Rangoju (1): amd-xgbe: Avoid spurious link down messages during interface toggle Randy Dunlap (1): ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Reinhard Speyerer (1): USB: serial: option: add Quectel RG255C Renjun Wang (1): USB: serial: option: add UNISOC UIS7720 Sabrina Dubroca (4): tls: wait for async encrypt in case of error during latter iterations of sendmsg tls: always set record_type in tls_process_cmsg tls: wait for pending async decryptions if tls_strp_msg_hold fails tls: don't rely on tx_work during send() Sascha Hauer (1): net: tls: wait for async completion on last message Sean Nyekjaer (2): iio: imu: inv_icm42600: Simplify pm_runtime setup iio: imu: inv_icm42600: Avoid configuring if already pm_runtime suspended Sebastian Reichel (1): net: stmmac: dwmac-rk: Fix disabling set_clock_selection Sergey Bashirov (3): NFSD: Rework encoding and decoding of nfsd4_deviceid NFSD: Minor cleanup in layoutcommit processing NFSD: Fix last write offset handling in layoutcommit Shuhao Fu (1): smb: client: Fix refcount leak for cifs_sb_tlink Siddharth Vadapalli (2): PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists PCI: j721e: Fix programming sequence of "strap" settings Simon Schuster (1): nios2: ensure that memblock.current_limit is set when setting pfn limits Stefan Metzmacher (1): smb: server: let smb_direct_flush_send_list() invalidate a remote key first Stefano Garzarella (1): vsock: fix lock inversion in vsock_assign_transport() Steven Rostedt (Google) (4): ARM: spear: Do not use timer namespace for timer_shutdown() function clocksource/drivers/arm_arch_timer: Do not use timer namespace for timer_shutdown() function clocksource/drivers/sp804: Do not use timer namespace for timer_shutdown() function timers: Update the documentation to reflect on the new timer_shutdown() API Thadeu Lima de Souza Cascardo (1): HID: multitouch: fix name of Stylus input devices Theodore Ts'o (1): ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() Thomas Fourier (1): crypto: rockchip - Fix dma_unmap_sg() nents value Thomas Gleixner (8): Documentation: Remove bogus claim about del_timer_sync() timers: Replace BUG_ON()s Documentation: Replace del_timer/del_timer_sync() timers: Silently ignore timers with a NULL function timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode timers: Add shutdown mechanism to the internal functions timers: Provide timer_shutdown[_sync]() Bluetooth: hci_qca: Fix the teardown problem for real Tim Guttzeit (1): usb/core/quirks: Add Huawei ME906S to wakeup quirk Timur Kristóf (1): drm/amd/powerplay: Fix CIK shutdown temperature Tomi Valkeinen (1): phy: cdns-dphy: Store hs_clk_rate and return it Tonghao Zhang (1): net: bonding: fix possible peer notify event loss or dup issue Tvrtko Ursulin (1): drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies Viacheslav Dubeyko (6): hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() hfs: clear offset and space out of valid records in b-tree node hfs: make proper initalization of struct hfs_find_data hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Victoria Votokina (2): most: usb: Fix use-after-free in hdm_disconnect most: usb: hdm_probe: Fix calling put_device() before device initialization Vincent Guittot (1): sched/fair: Fix pelt lost idle time detection Vineeth Vijayan (1): s390/cio: Update purge function to unregister the unused subchannels Wei Fang (1): net: enetc: correct the value of ENETC_RXB_TRUESIZE Xi Ruoyao (1): ACPICA: Work around bogus -Wstringop-overread warning since GCC 11 Xiao Liang (1): padata: Reset next CPU when reorder sequence wraps around Xichao Zhao (1): exec: Fix incorrect type for ret Yang Chenzhi (1): hfs: validate record offset in hfsplus_bmap_alloc Yangtao Li (1): hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Yeounsu Moon (1): net: dlink: handle dma_map_single() failure properly Yi Cong (1): r8152: add error handling in rtl8152_driver_init Yuezhang Mo (1): dax: skip read lock assertion for read-only filesystems Zhang Yi (2): jbd2: ensure that all ongoing I/O complete before freeing blocks ext4: wait for ongoing I/O to complete before freeing blocks

5 days, 17 hours

1
1
0 0

Linux 5.15.196

by Greg Kroah-Hartman

I'm announcing the release of the 5.15.196 kernel. All users of the 5.15 kernel series must upgrade. The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/arm64/silicon-errata.rst | 2 Documentation/networking/seg6-sysctl.rst | 3 Makefile | 2 arch/arm64/Kconfig | 1 arch/arm64/include/asm/cputype.h | 2 arch/arm64/include/asm/pgtable.h | 3 arch/arm64/kernel/cpu_errata.c | 1 arch/m68k/include/asm/bitops.h | 25 ++- arch/mips/mti-malta/malta-setup.c | 2 arch/nios2/kernel/setup.c | 15 ++ arch/riscv/kernel/probes/kprobes.c | 13 + block/blk-crypto-fallback.c | 3 drivers/android/binder.c | 11 - drivers/base/arch_topology.c | 2 drivers/base/devcoredump.c | 138 ++++++++++++-------- drivers/base/power/runtime.c | 44 ++++++ drivers/comedi/comedi_buf.c | 2 drivers/cpufreq/cppc_cpufreq.c | 14 +- drivers/cpuidle/governors/menu.c | 21 +-- drivers/crypto/rockchip/rk3288_crypto_ahash.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 - drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 - drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 drivers/gpu/drm/exynos/exynos7_drm_decon.c | 98 ++++---------- drivers/hid/hid-multitouch.c | 27 ++- drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 5 drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 35 +---- drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 5 drivers/media/platform/s5p-mfc/s5p_mfc_cmd_v6.c | 35 +---- drivers/media/rc/lirc_dev.c | 15 +- drivers/media/rc/rc-main.c | 6 drivers/misc/mei/hw-me-regs.h | 2 drivers/misc/mei/pci-me.c | 2 drivers/most/most_usb.c | 13 - drivers/net/bonding/bond_main.c | 40 ++--- drivers/net/can/m_can/m_can_platform.c | 2 drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 drivers/net/ethernet/broadcom/tg3.c | 5 drivers/net/ethernet/dlink/dl2k.c | 23 ++- drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 3 drivers/net/ethernet/freescale/enetc/enetc.h | 2 drivers/net/ethernet/realtek/r8169_main.c | 5 drivers/net/ethernet/renesas/ravb_main.c | 8 + drivers/net/usb/aqc111.c | 2 drivers/net/usb/lan78xx.c | 42 ++++-- drivers/net/usb/r8152.c | 9 + drivers/net/usb/rndis_host.c | 2 drivers/net/usb/rtl8150.c | 13 + drivers/net/wireless/ath/ath11k/core.c | 6 drivers/net/wireless/ath/ath11k/hal.c | 16 ++ drivers/net/wireless/ath/ath11k/hal.h | 1 drivers/pci/controller/cadence/pci-j721e.c | 64 +++++++++ drivers/pci/controller/dwc/pcie-designware-ep.c | 1 drivers/pci/controller/dwc/pcie-tegra194.c | 28 +++- drivers/pci/controller/pcie-rcar-host.c | 83 ++++++------ drivers/pci/pci-sysfs.c | 10 + drivers/s390/cio/device.c | 37 +++-- drivers/tty/serial/8250/8250_exar.c | 11 + drivers/usb/core/quirks.c | 2 drivers/usb/gadget/function/f_acm.c | 42 ++---- drivers/usb/gadget/function/f_ncm.c | 78 ++++------- drivers/usb/gadget/legacy/raw_gadget.c | 2 drivers/usb/gadget/udc/core.c | 3 drivers/usb/host/xhci-dbgcap.c | 9 + drivers/usb/serial/option.c | 10 + fs/btrfs/relocation.c | 13 + fs/dax.c | 2 fs/dcache.c | 2 fs/dlm/lockspace.c | 2 fs/exec.c | 2 fs/ext4/inode.c | 8 + fs/f2fs/data.c | 2 fs/fuse/dir.c | 2 fs/fuse/file.c | 75 ++++++---- fs/fuse/fuse_i.h | 2 fs/hfs/bfind.c | 8 + fs/hfs/brec.c | 27 +++ fs/hfs/mdb.c | 2 fs/hfsplus/bfind.c | 8 + fs/hfsplus/bnode.c | 41 ----- fs/hfsplus/btree.c | 6 fs/hfsplus/hfsplus_fs.h | 42 ++++++ fs/hfsplus/super.c | 25 ++- fs/hfsplus/unicode.c | 24 +++ fs/jbd2/transaction.c | 13 + fs/nfsd/blocklayout.c | 5 fs/nfsd/blocklayoutxdr.c | 7 - fs/nfsd/flexfilelayout.c | 8 + fs/nfsd/flexfilelayoutxdr.c | 3 fs/nfsd/nfs4layouts.c | 1 fs/nfsd/nfs4proc.c | 34 ++-- fs/nfsd/nfs4xdr.c | 14 -- fs/nfsd/xdr4.h | 36 +++++ fs/ocfs2/move_extents.c | 5 fs/splice.c | 31 ++++ fs/xfs/libxfs/xfs_log_format.h | 30 ++++ fs/xfs/xfs_log.c | 8 - fs/xfs/xfs_log_priv.h | 4 fs/xfs/xfs_log_recover.c | 34 +++- fs/xfs/xfs_ondisk.h | 2 fs/xfs/xfs_super.c | 33 +++- include/linux/cpufreq.h | 3 include/linux/fs.h | 1 include/linux/net.h | 1 include/linux/netdevice.h | 9 + include/linux/pm_runtime.h | 4 include/linux/splice.h | 1 include/linux/usb/gadget.h | 25 +++ include/net/ip_tunnels.h | 15 ++ include/net/rtnetlink.h | 9 + include/net/sock.h | 1 include/uapi/linux/netlink.h | 1 kernel/padata.c | 6 kernel/sched/fair.c | 38 ++--- net/core/rtnetlink.c | 81 ++++++++--- net/ipv4/ip_tunnel.c | 14 -- net/ipv4/tcp_output.c | 19 ++ net/ipv6/ip6_tunnel.c | 3 net/sctp/inqueue.c | 13 + net/socket.c | 10 + net/tls/tls_main.c | 7 - net/tls/tls_sw.c | 22 ++- net/vmw_vsock/af_vsock.c | 38 ++--- sound/firewire/amdtp-stream.h | 2 sound/usb/card.c | 10 + tools/perf/tests/perf-record.c | 4 128 files changed, 1304 insertions(+), 727 deletions(-) Alexander Aring (1): dlm: check for defined force value in dlm_lockspace_release Alexander Usyskin (1): mei: me: add wildcat lake P DID Alexey Simakov (2): tg3: prevent use of uninitialized remote_adv and local_adv variables sctp: avoid NULL dereference when chunk data buffer is missing Alice Ryhl (1): binder: remove "invalid inc weak" check Amir Goldstein (1): fuse: allocate ff->release_args only if release is needed Andrey Konovalov (1): usb: raw-gadget: do not limit transfer length Arnd Bergmann (1): media: s5p-mfc: remove an unused/uninitialized variable Bence Csókás (1): PM: runtime: Add new devm functions Benjamin Tissoires (1): HID: multitouch: fix sticky fingers Brian Norris (1): PCI/sysfs: Ensure devices are powered for config reads (part 2) Christoph Hellwig (2): xfs: rename the old_crc variable in xlog_recover_process xfs: fix log CRC mismatches between i386 and other architectures Chuck Lever (1): NFSD: Define a proc_layoutcommit for the FlexFiles layout type Darrick J. Wong (2): fuse: fix livelock in synchronous file put from fuseblk workers xfs: always warn about deprecated mount options David Howells (1): splice, net: Add a splice_eof op to file-ops and socket-ops David Lechner (1): iio: imu: inv_icm42600: use = { } instead of memset() Deepanshu Kartikey (3): ext4: detect invalid INLINE_DATA + EXTENTS flag combination ocfs2: clear extent cache after moving/defragmenting extents comedi: fix divide-by-zero in comedi_buf_munge() Dmitry Safonov (1): net/ip6_tunnel: Prevent perpetual tunnel growth Eric Dumazet (1): tcp: fix tcp_tso_should_defer() vs large RTT Fabian Vogt (1): riscv: kprobes: Fix probe address validation Filipe Manana (1): btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running Florian Eckert (1): serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 Geert Uytterhoeven (1): m68k: bitops: Fix find_*_bit() signatures Greg Kroah-Hartman (1): Linux 5.15.196 Gui-Dong Han (1): drm/amdgpu: use atomic functions with memory barriers for vm fault info Huang Ying (1): arm64, mm: avoid always making PTE dirty in pte_mkwrite() I Viswanath (1): net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Ingo Molnar (1): sched/balancing: Rename newidle_balance() => sched_balance_newidle() Ioana Ciornei (1): dpaa2-eth: fix the pointer passed to PTR_ALIGN on Tx path Jaegeuk Kim (1): f2fs: fix wrong block mapping for multi-devices Jakub Kicinski (1): net: usb: use eth_hw_addr_set() instead of ether_addr_copy() Jan Kara (1): vfs: Don't leak disconnected dentries on umount Jiaming Zhang (1): ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card Johannes Wiesböck (1): rtnetlink: Allow deleting FDB entries in user namespace Kaushlendra Kumar (1): arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Kaustabh Chakraborty (3): drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions drm/exynos: exynos7_drm_decon: properly clear channels during bind drm/exynos: exynos7_drm_decon: remove ctx->suspended Kuen-Han Tsai (4): usb: gadget: Store endpoint pointer in usb_request usb: gadget: Introduce free_usb_request helper usb: gadget: f_ncm: Refactor bind path to use __free() usb: gadget: f_acm: Refactor bind path to use __free() LI Qingwu (1): USB: serial: option: add Telit FN920C04 ECM compositions Lad Prabhakar (1): net: ravb: Ensure memory write completes before ringing TX doorbell Linmao Li (1): r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Ma Ke (1): media: lirc: Fix error handling in lirc_register() Maarten Lankhorst (1): devcoredump: Fix circular locking dependency with devcd->mutex. Maciej W. Rozycki (1): MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering Marc Kleine-Budde (1): can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() Marek Vasut (4): PCI: rcar-host: Convert struct rcar_msi mask_lock into raw spinlock PCI: rcar: Finish transition to L1 state in rcar_pcie_config_access() PCI: rcar-host: Drop PMSR spinlock PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() Mark Rutland (2): arm64: cputype: Add Neoverse-V3AE definitions arm64: errata: Apply workarounds for Neoverse-V3AE Mathias Nyman (1): xhci: dbc: enable back DbC in resume if it was enabled before suspend Michal Pecio (1): net: usb: rtl8150: Fix frame padding Muhammad Usama Anjum (1): wifi: ath11k: HAL SRNG: don't deinitialize and re-initialize again Nicolas Dichtel (1): doc: fix seg6_flowlabel path Niklas Cassel (1): PCI: tegra194: Reset BARs when running in PCIe endpoint mode Niko Mauno (1): Revert "perf test: Don't leak workload gopipe in PERF_RECORD_*" Nikolay Aleksandrov (6): net: rtnetlink: add helper to extract msg type's kind net: rtnetlink: use BIT for flag values net: netlink: add NLM_F_BULK delete request modifier net: rtnetlink: add bulk delete support flag net: add ndo_fdb_del_bulk net: rtnetlink: add NLM_F_BULK support to rtnl_fdb_del Oleksij Rempel (1): net: usb: lan78xx: Add error handling to lan78xx_init_mac_address Rafael J. Wysocki (2): cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay Revert "cpuidle: menu: Avoid discarding useful information" Raju Rangoju (1): amd-xgbe: Avoid spurious link down messages during interface toggle Randy Dunlap (1): ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Reinhard Speyerer (1): USB: serial: option: add Quectel RG255C Renjun Wang (1): USB: serial: option: add UNISOC UIS7720 Sabrina Dubroca (3): tls: wait for async encrypt in case of error during latter iterations of sendmsg tls: always set record_type in tls_process_cmsg tls: don't rely on tx_work during send() Sascha Hauer (1): net: tls: wait for async completion on last message Sean Nyekjaer (2): iio: imu: inv_icm42600: Avoid configuring if already pm_runtime suspended iio: imu: inv_icm42600: Simplify pm_runtime setup Sergey Bashirov (3): NFSD: Rework encoding and decoding of nfsd4_deviceid NFSD: Minor cleanup in layoutcommit processing NFSD: Fix last write offset handling in layoutcommit Siddharth Vadapalli (2): PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists PCI: j721e: Fix programming sequence of "strap" settings Simon Schuster (1): nios2: ensure that memblock.current_limit is set when setting pfn limits Stefano Garzarella (1): vsock: fix lock inversion in vsock_assign_transport() Thomas Fourier (1): crypto: rockchip - Fix dma_unmap_sg() nents value Tim Guttzeit (1): usb/core/quirks: Add Huawei ME906S to wakeup quirk Timur Kristóf (1): drm/amd/powerplay: Fix CIK shutdown temperature Tonghao Zhang (1): net: bonding: fix possible peer notify event loss or dup issue Viacheslav Dubeyko (6): hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() hfs: clear offset and space out of valid records in b-tree node hfs: make proper initalization of struct hfs_find_data hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Victoria Votokina (2): most: usb: Fix use-after-free in hdm_disconnect most: usb: hdm_probe: Fix calling put_device() before device initialization Vidya Sagar (1): PCI: tegra194: Handle errors in BPMP response Vincent Guittot (1): sched/fair: Fix pelt lost idle time detection Vineeth Vijayan (1): s390/cio: Update purge function to unregister the unused subchannels Wei Fang (1): net: enetc: correct the value of ENETC_RXB_TRUESIZE Xiao Liang (1): padata: Reset next CPU when reorder sequence wraps around Xichao Zhao (1): exec: Fix incorrect type for ret Yang Chenzhi (1): hfs: validate record offset in hfsplus_bmap_alloc Yangtao Li (1): hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Yeounsu Moon (1): net: dlink: handle dma_map_single() failure properly Yi Cong (1): r8152: add error handling in rtl8152_driver_init Yu Kuai (1): blk-crypto: fix missing blktrace bio split events Yuezhang Mo (1): dax: skip read lock assertion for read-only filesystems Zhang Yi (1): jbd2: ensure that all ongoing I/O complete before freeing blocks Zhengchao Shao (1): net: rtnetlink: fix module reference count leak issue in rtnetlink_rcv_msg keliu (1): media: rc: Directly use ida_free()

5 days, 17 hours

1
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror