- Linux-stable-mirror - lists.linaro.org

[PATCH v2 4/4] openat2: don't trigger automounts with RESOLVE_NO_XDEV

by Askar Safin

openat2 had a bug: if we pass RESOLVE_NO_XDEV, then openat2 doesn't traverse through automounts, but may still trigger them. (See the link for full bug report with reproducer.) This commit fixes this bug. Link: https://lore.kernel.org/linux-fsdevel/20250817075252.4137628-1-safinaskar@z… Fixes: fddb5d430ad9fa91b49b1 ("open: introduce openat2(2) syscall") Reviewed-by: Aleksa Sarai <cyphar(a)cyphar.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Askar Safin <safinaskar(a)zohomail.com> --- fs/namei.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/fs/namei.c b/fs/namei.c index c23e5a076ab3..bfa8232b94dc 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -1449,6 +1449,10 @@ static int follow_automount(struct path *path, int *count, unsigned lookup_flags dentry->d_inode) return -EISDIR; + /* No need to trigger automounts if mountpoint crossing is disabled. */ + if (lookup_flags & LOOKUP_NO_XDEV) + return -EXDEV; + if (count && (*count)++ >= MAXSYMLINKS) return -ELOOP; @@ -1472,6 +1476,10 @@ static int __traverse_mounts(struct path *path, unsigned flags, bool *jumped, /* Allow the filesystem to manage the transit without i_rwsem * being held. */ if (flags & DCACHE_MANAGE_TRANSIT) { + if (lookup_flags & LOOKUP_NO_XDEV) { + ret = -EXDEV; + break; + } ret = path->dentry->d_op->d_manage(path, false); flags = smp_load_acquire(&path->dentry->d_flags); if (ret < 0) -- 2.47.2

3 weeks

1
0
0 0

[PATCH V4 mm-hotfixes 2/3] mm: introduce and use {pgd,p4d}_populate_kernel()

by Harry Yoo

Introduce and use {pgd,p4d}_populate_kernel() in core MM code when populating PGD and P4D entries for the kernel address space. These helpers ensure proper synchronization of page tables when updating the kernel portion of top-level page tables. Until now, the kernel has relied on each architecture to handle synchronization of top-level page tables in an ad-hoc manner. For example, see commit 9b861528a801 ("x86-64, mem: Update all PGDs for direct mapping and vmemmap mapping changes"). However, this approach has proven fragile for following reasons: 1) It is easy to forget to perform the necessary page table synchronization when introducing new changes. For instance, commit 4917f55b4ef9 ("mm/sparse-vmemmap: improve memory savings for compound devmaps") overlooked the need to synchronize page tables for the vmemmap area. 2) It is also easy to overlook that the vmemmap and direct mapping areas must not be accessed before explicit page table synchronization. For example, commit 8d400913c231 ("x86/vmemmap: handle unpopulated sub-pmd ranges")) caused crashes by accessing the vmemmap area before calling sync_global_pgds(). To address this, as suggested by Dave Hansen, introduce _kernel() variants of the page table population helpers, which invoke architecture-specific hooks to properly synchronize page tables. These are introduced in a new header file, include/linux/pgalloc.h, so they can be called from common code. They reuse existing infrastructure for vmalloc and ioremap. Synchronization requirements are determined by ARCH_PAGE_TABLE_SYNC_MASK, and the actual synchronization is performed by arch_sync_kernel_mappings(). This change currently targets only x86_64, so only PGD and P4D level helpers are introduced. In theory, PUD and PMD level helpers can be added later if needed by other architectures. Currently this is a no-op, since no architecture sets PGTBL_{PGD,P4D}_MODIFIED in ARCH_PAGE_TABLE_SYNC_MASK. Cc: <stable(a)vger.kernel.org> Fixes: 8d400913c231 ("x86/vmemmap: handle unpopulated sub-pmd ranges") Suggested-by: Dave Hansen <dave.hansen(a)linux.intel.com> Signed-off-by: Harry Yoo <harry.yoo(a)oracle.com> --- include/linux/pgalloc.h | 24 ++++++++++++++++++++++++ include/linux/pgtable.h | 4 ++-- mm/kasan/init.c | 12 ++++++------ mm/percpu.c | 6 +++--- mm/sparse-vmemmap.c | 6 +++--- 5 files changed, 38 insertions(+), 14 deletions(-) create mode 100644 include/linux/pgalloc.h diff --git a/include/linux/pgalloc.h b/include/linux/pgalloc.h new file mode 100644 index 000000000000..290ab864320f --- /dev/null +++ b/include/linux/pgalloc.h @@ -0,0 +1,24 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _LINUX_PGALLOC_H +#define _LINUX_PGALLOC_H + +#include <linux/pgtable.h> +#include <asm/pgalloc.h> + +static inline void pgd_populate_kernel(unsigned long addr, pgd_t *pgd, + p4d_t *p4d) +{ + pgd_populate(&init_mm, pgd, p4d); + if (ARCH_PAGE_TABLE_SYNC_MASK & PGTBL_PGD_MODIFIED) + arch_sync_kernel_mappings(addr, addr); +} + +static inline void p4d_populate_kernel(unsigned long addr, p4d_t *p4d, + pud_t *pud) +{ + p4d_populate(&init_mm, p4d, pud); + if (ARCH_PAGE_TABLE_SYNC_MASK & PGTBL_P4D_MODIFIED) + arch_sync_kernel_mappings(addr, addr); +} + +#endif /* _LINUX_PGALLOC_H */ diff --git a/include/linux/pgtable.h b/include/linux/pgtable.h index ba699df6ef69..0cf5c6c3e483 100644 --- a/include/linux/pgtable.h +++ b/include/linux/pgtable.h @@ -1469,8 +1469,8 @@ static inline void modify_prot_commit_ptes(struct vm_area_struct *vma, unsigned /* * Architectures can set this mask to a combination of PGTBL_P?D_MODIFIED values - * and let generic vmalloc and ioremap code know when arch_sync_kernel_mappings() - * needs to be called. + * and let generic vmalloc, ioremap and page table update code know when + * arch_sync_kernel_mappings() needs to be called. */ #ifndef ARCH_PAGE_TABLE_SYNC_MASK #define ARCH_PAGE_TABLE_SYNC_MASK 0 diff --git a/mm/kasan/init.c b/mm/kasan/init.c index ced6b29fcf76..8fce3370c84e 100644 --- a/mm/kasan/init.c +++ b/mm/kasan/init.c @@ -13,9 +13,9 @@ #include <linux/mm.h> #include <linux/pfn.h> #include <linux/slab.h> +#include <linux/pgalloc.h> #include <asm/page.h> -#include <asm/pgalloc.h> #include "kasan.h" @@ -191,7 +191,7 @@ static int __ref zero_p4d_populate(pgd_t *pgd, unsigned long addr, pud_t *pud; pmd_t *pmd; - p4d_populate(&init_mm, p4d, + p4d_populate_kernel(addr, p4d, lm_alias(kasan_early_shadow_pud)); pud = pud_offset(p4d, addr); pud_populate(&init_mm, pud, @@ -212,7 +212,7 @@ static int __ref zero_p4d_populate(pgd_t *pgd, unsigned long addr, } else { p = early_alloc(PAGE_SIZE, NUMA_NO_NODE); pud_init(p); - p4d_populate(&init_mm, p4d, p); + p4d_populate_kernel(addr, p4d, p); } } zero_pud_populate(p4d, addr, next); @@ -251,10 +251,10 @@ int __ref kasan_populate_early_shadow(const void *shadow_start, * puds,pmds, so pgd_populate(), pud_populate() * is noops. */ - pgd_populate(&init_mm, pgd, + pgd_populate_kernel(addr, pgd, lm_alias(kasan_early_shadow_p4d)); p4d = p4d_offset(pgd, addr); - p4d_populate(&init_mm, p4d, + p4d_populate_kernel(addr, p4d, lm_alias(kasan_early_shadow_pud)); pud = pud_offset(p4d, addr); pud_populate(&init_mm, pud, @@ -273,7 +273,7 @@ int __ref kasan_populate_early_shadow(const void *shadow_start, if (!p) return -ENOMEM; } else { - pgd_populate(&init_mm, pgd, + pgd_populate_kernel(addr, pgd, early_alloc(PAGE_SIZE, NUMA_NO_NODE)); } } diff --git a/mm/percpu.c b/mm/percpu.c index d9cbaee92b60..a56f35dcc417 100644 --- a/mm/percpu.c +++ b/mm/percpu.c @@ -3108,7 +3108,7 @@ int __init pcpu_embed_first_chunk(size_t reserved_size, size_t dyn_size, #endif /* BUILD_EMBED_FIRST_CHUNK */ #ifdef BUILD_PAGE_FIRST_CHUNK -#include <asm/pgalloc.h> +#include <linux/pgalloc.h> #ifndef P4D_TABLE_SIZE #define P4D_TABLE_SIZE PAGE_SIZE @@ -3134,13 +3134,13 @@ void __init __weak pcpu_populate_pte(unsigned long addr) if (pgd_none(*pgd)) { p4d = memblock_alloc_or_panic(P4D_TABLE_SIZE, P4D_TABLE_SIZE); - pgd_populate(&init_mm, pgd, p4d); + pgd_populate_kernel(addr, pgd, p4d); } p4d = p4d_offset(pgd, addr); if (p4d_none(*p4d)) { pud = memblock_alloc_or_panic(PUD_TABLE_SIZE, PUD_TABLE_SIZE); - p4d_populate(&init_mm, p4d, pud); + p4d_populate_kernel(addr, p4d, pud); } pud = pud_offset(p4d, addr); diff --git a/mm/sparse-vmemmap.c b/mm/sparse-vmemmap.c index 41aa0493eb03..dbd8daccade2 100644 --- a/mm/sparse-vmemmap.c +++ b/mm/sparse-vmemmap.c @@ -27,9 +27,9 @@ #include <linux/spinlock.h> #include <linux/vmalloc.h> #include <linux/sched.h> +#include <linux/pgalloc.h> #include <asm/dma.h> -#include <asm/pgalloc.h> #include <asm/tlbflush.h> #include "hugetlb_vmemmap.h" @@ -229,7 +229,7 @@ p4d_t * __meminit vmemmap_p4d_populate(pgd_t *pgd, unsigned long addr, int node) if (!p) return NULL; pud_init(p); - p4d_populate(&init_mm, p4d, p); + p4d_populate_kernel(addr, p4d, p); } return p4d; } @@ -241,7 +241,7 @@ pgd_t * __meminit vmemmap_pgd_populate(unsigned long addr, int node) void *p = vmemmap_alloc_block_zero(PAGE_SIZE, node); if (!p) return NULL; - pgd_populate(&init_mm, pgd, p); + pgd_populate_kernel(addr, pgd, p); } return pgd; } -- 2.43.0

3 weeks

4
11
0 0

[PATCH v6] mm/slub: avoid accessing metadata when pointer is invalid in object_err()

by Li Qiong

object_err() reports details of an object for further debugging, such as the freelist pointer, redzone, etc. However, if the pointer is invalid, attempting to access object metadata can lead to a crash since it does not point to a valid object. In case the pointer is NULL or check_valid_pointer() returns false for the pointer, only print the pointer value and skip accessing metadata. Fixes: 81819f0fc828 ("SLUB core") Cc: <stable(a)vger.kernel.org> Signed-off-by: Li Qiong <liqiong(a)nfschina.com> --- v2: - rephrase the commit message, add comment for object_err(). v3: - check object pointer in object_err(). v4: - restore changes in alloc_consistency_checks(). v5: - rephrase message, fix code style. v6: - add checking 'object' if NULL. --- mm/slub.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/mm/slub.c b/mm/slub.c index 31e11ef256f9..972cf2bb2ee6 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -1104,7 +1104,12 @@ static void object_err(struct kmem_cache *s, struct slab *slab, return; slab_bug(s, reason); - print_trailer(s, slab, object); + if (!object || !check_valid_pointer(s, slab, object)) { + print_slab_info(slab); + pr_err("Invalid pointer 0x%p\n", object); + } else { + print_trailer(s, slab, object); + } add_taint(TAINT_BAD_PAGE, LOCKDEP_NOW_UNRELIABLE); WARN_ON(1); -- 2.30.2

3 weeks

5
6
0 0

[PATCH v2] serial: uartps: do not deassert RS485 RTS GPIO prematurely

by Martin Kaistra

After all bytes to be transmitted have been written to the FIFO register, the hardware might still be busy actually sending them. Thus, wait for the TX FIFO to be empty before starting the timer for the RTS after send delay. Cc: stable(a)vger.kernel.org Fixes: fccc9d9233f9 ("tty: serial: uartps: Add rs485 support to uartps driver") Signed-off-by: Martin Kaistra <martin.kaistra(a)linutronix.de> --- Changes in v2: - Add cc stable - Add timeout drivers/tty/serial/xilinx_uartps.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/tty/serial/xilinx_uartps.c b/drivers/tty/serial/xilinx_uartps.c index fe457bf1e15bb..e1dd3843d563c 100644 --- a/drivers/tty/serial/xilinx_uartps.c +++ b/drivers/tty/serial/xilinx_uartps.c @@ -429,7 +429,7 @@ static void cdns_uart_handle_tx(void *dev_id) struct uart_port *port = (struct uart_port *)dev_id; struct cdns_uart *cdns_uart = port->private_data; struct tty_port *tport = &port->state->port; - unsigned int numbytes; + unsigned int numbytes, tmout; unsigned char ch; if (kfifo_is_empty(&tport->xmit_fifo) || uart_tx_stopped(port)) { @@ -454,6 +454,13 @@ static void cdns_uart_handle_tx(void *dev_id) if (cdns_uart->port->rs485.flags & SER_RS485_ENABLED && (kfifo_is_empty(&tport->xmit_fifo) || uart_tx_stopped(port))) { + /* Wait for the tx fifo to be actually empty */ + for (tmout = 1000000; tmout; tmout--) { + if (cdns_uart_tx_empty(port) == TIOCSER_TEMT) + break; + udelay(1); + } + hrtimer_update_function(&cdns_uart->tx_timer, cdns_rs485_rx_callback); hrtimer_start(&cdns_uart->tx_timer, ns_to_ktime(cdns_calc_after_tx_delay(cdns_uart)), HRTIMER_MODE_REL); -- 2.39.5

3 weeks

2
4
0 0

[PATCH] ACPI: tables: FPDT: Fix memory leak in acpi_init_fpdt()

by Zhen Ni

acpi_put_table() is only called when kobject_create_and_add() or fpdt_process_subtable() fails, but not on the success path. This causes a memory leak if initialization succeeds. Ensure acpi_put_table() is called in all cases by adding a put_table label and routing both success and failure paths through it. Drop the err_subtable label since kobject_put() is only needed when fpdt_process_subtable() fails. Fixes: d1eb86e59be0 ("ACPI: tables: introduce support for FPDT table") Cc: stable(a)vger.kernel.org Signed-off-by: Zhen Ni <zhen.ni(a)easystack.cn> --- drivers/acpi/acpi_fpdt.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/drivers/acpi/acpi_fpdt.c b/drivers/acpi/acpi_fpdt.c index 271092f2700a..c8aea5bb187c 100644 --- a/drivers/acpi/acpi_fpdt.c +++ b/drivers/acpi/acpi_fpdt.c @@ -275,7 +275,7 @@ static int __init acpi_init_fpdt(void) struct acpi_table_header *header; struct fpdt_subtable_entry *subtable; u32 offset = sizeof(*header); - int result; + int result = 0; status = acpi_get_table(ACPI_SIG_FPDT, 0, &header); @@ -285,7 +285,7 @@ static int __init acpi_init_fpdt(void) fpdt_kobj = kobject_create_and_add("fpdt", acpi_kobj); if (!fpdt_kobj) { result = -ENOMEM; - goto err_nomem; + goto put_table; } while (offset < header->length) { @@ -295,8 +295,10 @@ static int __init acpi_init_fpdt(void) case SUBTABLE_S3PT: result = fpdt_process_subtable(subtable->address, subtable->type); - if (result) - goto err_subtable; + if (result) { + kobject_put(fpdt_kobj); + goto put_table; + } break; default: /* Other types are reserved in ACPI 6.4 spec. */ @@ -304,11 +306,8 @@ static int __init acpi_init_fpdt(void) } offset += sizeof(*subtable); } - return 0; -err_subtable: - kobject_put(fpdt_kobj); -err_nomem: +put_table: acpi_put_table(header); return result; } -- 2.20.1

3 weeks

2
1
0 0

[PATCH 6.12 000/444] 6.12.43-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.12.43 release. There are 444 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 20 Aug 2025 12:43:43 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.12.43-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.12.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.12.43-rc1 Lukas Wunner <lukas(a)wunner.de> PCI: Honor Max Link Speed when determining supported speeds Shin'ichiro Kawasaki <shinichiro.kawasaki(a)wdc.com> dm: split write BIOs on zone boundaries when zone append is not emulated Frederic Weisbecker <frederic(a)kernel.org> rcu: Fix racy re-initialization of irq_work causing hangs Yu Kuai <yukuai3(a)huawei.com> md: fix create on open mddev lifetime regression Ivan Lipski <ivan.lipski(a)amd.com> drm/amd/display: Allow DCN301 to clear update flags Arnd Bergmann <arnd(a)arndb.de> firmware: arm_scmi: Convert to SYSTEM_SLEEP_PM_OPS Jens Axboe <axboe(a)kernel.dk> io_uring/rw: cast rw->flags assignment to rwf_t Damien Le Moal <dlemoal(a)kernel.org> ata: libata-sata: Add link_power_management_supported sysfs attribute Miguel Ojeda <ojeda(a)kernel.org> rust: workaround `rustdoc` target modifiers bug Miguel Ojeda <ojeda(a)kernel.org> rust: kbuild: clean output before running `rustdoc` Siddharth Vadapalli <s-vadapalli(a)ti.com> arm64: dts: ti: k3-j722s-evm: Fix USB gpio-hog level for Type-C Hrushikesh Salunke <h-salunke(a)ti.com> arm64: dts: ti: k3-j722s-evm: Fix USB2.0_MUX_SEL to select Type-C Lukas Wunner <lukas(a)wunner.de> PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports Manivannan Sadhasivam <manivannan.sadhasivam(a)linaro.org> PCI: Allow PCI bridges to go to D3Hot on all non-x86 Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> PCI: Store all PCIe Supported Link Speeds Wang Zhaolong <wangzhaolong(a)huaweicloud.com> smb: client: fix netns refcount leak after net_passive changes Eric Dumazet <edumazet(a)google.com> net: better track kernel sockets lifetime Kuniyuki Iwashima <kuniyu(a)amazon.com> net: Add net_passive_inc() and net_passive_dec(). Thomas Weißschuh <linux(a)weissschuh.net> mfd: cros_ec: Separate charge-control probing from USB-PD Aditya Garg <gargaditya08(a)live.com> HID: apple: avoid setting up battery timer for devices without battery Naman Jain <namjain(a)linux.microsoft.com> tools/hv: fcopy: Fix irregularities with size of ring buffer Mikhail Lobanov <m.lobanov(a)rosa.ru> wifi: mac80211: check basic rates validity in sta_link_apply_parameters Aditya Garg <gargaditya08(a)live.com> HID: magicmouse: avoid setting up battery timer when not needed Pedro Falcato <pfalcato(a)suse.de> RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages Willy Tarreau <w(a)1wt.eu> tools/nolibc: fix spelling of FD_SETBITMASK in FD_* macros Marek Szyprowski <m.szyprowski(a)samsung.com> media: v4l2: Add support for NV12M tiled variants to v4l2_format_info() Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Do not mark valid metadata as invalid Vedang Nagar <quic_vnagar(a)quicinc.com> media: venus: Fix OOB read due to missing payload bound check Youngjun Lee <yjjuny.lee(a)samsung.com> media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() Breno Leitao <leitao(a)debian.org> mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock Waiman Long <longman(a)redhat.com> mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() Anshuman Khandual <anshuman.khandual(a)arm.com> mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Vlastimil Babka <vbabka(a)suse.cz> mm, slab: restore NUMA policy support for large kmalloc Randy Dunlap <rdunlap(a)infradead.org> parisc: Makefile: fix a typo in palo.conf Haiyang Zhang <haiyangz(a)microsoft.com> hv_netvsc: Fix panic during namespace deletion with VF Davide Caratti <dcaratti(a)redhat.com> net/sched: ets: use old 'nbands' while purging unused classes Sravan Kumar Gundu <sravankumarlpu(a)gmail.com> fbdev: Fix vmalloc out-of-bounds write in fast_imageblit Suren Baghdasaryan <surenb(a)google.com> userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry Andrey Albershteyn <aalbersh(a)redhat.com> xfs: fix scrub trace with null pointer in quotacheck Qu Wenruo <wqu(a)suse.com> btrfs: do not allow relocation of partially dropped subvolumes Boris Burkov <boris(a)bur.io> btrfs: fix iteration bug in __qgroup_excl_accounting() Naohiro Aota <naohiro.aota(a)wdc.com> btrfs: zoned: do not select metadata BG as finish target Filipe Manana <fdmanana(a)suse.com> btrfs: error on missing block group when unaccounting log tree extent buffers Filipe Manana <fdmanana(a)suse.com> btrfs: fix log tree replay failure due to file with 0 links and extents Filipe Manana <fdmanana(a)suse.com> btrfs: clear dirty status from extent buffer on error at insert_new_root() Filipe Manana <fdmanana(a)suse.com> btrfs: don't skip remaining extrefs if dir not found during log replay Filipe Manana <fdmanana(a)suse.com> btrfs: qgroup: fix qgroup create ioctl returning success after quotas disabled Qu Wenruo <wqu(a)suse.com> btrfs: populate otime when logging an inode item Boris Burkov <boris(a)bur.io> btrfs: fix ssd_spread overallocation Filipe Manana <fdmanana(a)suse.com> btrfs: don't ignore inode missing when replaying log tree Filipe Manana <fdmanana(a)suse.com> btrfs: qgroup: set quota enabled bit if quota disable fails flushing reservations Naohiro Aota <naohiro.aota(a)wdc.com> btrfs: zoned: do not remove unwritten non-data block group Filipe Manana <fdmanana(a)suse.com> btrfs: abort transaction during log replay if walk_log_tree() failed Johannes Thumshirn <johannes.thumshirn(a)wdc.com> btrfs: zoned: use filesystem size not disk size for reclaim decision Oliver Neukum <oneukum(a)suse.com> cdc-acm: fix race between initial clearing halt and open Eric Biggers <ebiggers(a)kernel.org> thunderbolt: Fix copy+paste error in match_service_id() Ian Abbott <abbotti(a)mev.co.uk> comedi: fix race between polling and detaching Myrrh Periwinkle <myrrhperiwinkle(a)qtmlabs.xyz> usb: typec: ucsi: Update power_supply on power role change Ricky Wu <ricky_wu(a)realtek.com> misc: rtsx: usb: Ensure mmc child device is active when card is present Xinyu Liu <katieeliu(a)tencent.com> usb: core: config: Prevent OOB read in SS endpoint companion parsing Zhang Yi <yi.zhang(a)huawei.com> ext4: initialize superblock fields in the kballoc-test.c kunit tests Baokun Li <libaokun1(a)huawei.com> ext4: fix largest free orders lists corruption on mb_optimize_scan switch Baokun Li <libaokun1(a)huawei.com> ext4: fix zombie groups in average fragment size lists Jason Gunthorpe <jgg(a)ziepe.ca> iommufd: Prevent ALIGN() overflow Nicolin Chen <nicolinc(a)nvidia.com> iommufd: Report unmapped bytes in the error path of iopt_unmap_iova_range Alexey Klimov <alexey.klimov(a)linaro.org> iommu/arm-smmu-qcom: Add SM6115 MDSS compatible Lu Baolu <baolu.lu(a)linux.intel.com> iommu/vt-d: Optimize iotlb_sync_map for non-caching/non-RWBF modes Shyam Prasad N <sprasad(a)microsoft.com> cifs: reset iface weights when we cannot find a candidate Christian Marangi <ansuelsmth(a)gmail.com> clk: qcom: gcc-ipq8074: fix broken freq table for nss_port6_tx_clk_src Damien Le Moal <dlemoal(a)kernel.org> dm: Always split write BIOs to zoned device limits Damien Le Moal <dlemoal(a)kernel.org> block: Introduce bio_needs_zone_write_plugging() Bijan Tabatabai <bijantabatab(a)micron.com> mm/damon/core: commit damos->target_nid Jack Xiao <Jack.Xiao(a)amd.com> drm/amdgpu: fix incorrect vm flags to map bo YiPeng Chai <YiPeng.Chai(a)amd.com> drm/amdgpu: fix vram reservation issue David Howells <dhowells(a)redhat.com> cifs: Fix collect_sample() to handle any iterator type Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: fsl_sai: replace regmap_write with regmap_update_bits Jiasheng Jiang <jiashengjiangcool(a)gmail.com> scsi: lpfc: Remove redundant assignment to avoid memory leak Meagan Lloyd <meaganlloyd(a)linux.microsoft.com> rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe Sergey Bashirov <sergeybashirov(a)gmail.com> pNFS: Fix uninited ptr deref in block/scsi layout Sergey Bashirov <sergeybashirov(a)gmail.com> pNFS: Handle RPC size limit for layoutcommits Sergey Bashirov <sergeybashirov(a)gmail.com> pNFS: Fix disk addr range check in block/scsi layout Sergey Bashirov <sergeybashirov(a)gmail.com> pNFS: Fix stripe mapping in block/scsi layout John Garry <john.g.garry(a)oracle.com> block: avoid possible overflow for chunk_sectors check in blk_stack_limits() Cezary Rojewski <cezary.rojewski(a)intel.com> ASoC: Intel: avs: Fix uninitialized pointer error in probe() Buday Csaba <buday.csaba(a)prolan.hu> net: phy: smsc: add proper reset flags for LAN8710A Thomas Croft <thomasmcft(a)gmail.com> ALSA: hda/realtek: add LG gram 16Z90R-A to alc269 fixup table Yu Kuai <yukuai3(a)huawei.com> lib/sbitmap: convert shallow_depth from one word to the whole sbitmap Stefan Metzmacher <metze(a)samba.org> smb: client: don't call init_waitqueue_head(&info->conn_wait) twice in _smbd_get_connection Calvin Owens <calvin(a)wbinvd.org> tools/power turbostat: Handle cap_get_proc() ENOSYS Calvin Owens <calvin(a)wbinvd.org> tools/power turbostat: Fix build with musl Len Brown <len.brown(a)intel.com> tools/power turbostat: Handle non-root legacy-uncore sysfs permissions Corey Minyard <corey(a)minyard.net> ipmi: Fix strcpy source and destination the same Yann E. MORIN <yann.morin.1998(a)free.fr> kconfig: lxdialog: fix 'space' to (de)select options Masahiro Yamada <masahiroy(a)kernel.org> kconfig: gconf: fix potential memory leak in renderer_edited() Masahiro Yamada <masahiroy(a)kernel.org> kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed() Breno Leitao <leitao(a)debian.org> ipmi: Use dev_warn_ratelimited() for incorrect message warnings Artem Sadovnikov <a.sadovnikov(a)ispras.ru> vfio/mlx5: fix possible overflow in tracking max message size John Garry <john.g.garry(a)oracle.com> scsi: aacraid: Stop using PCI_IRQ_AFFINITY Maurizio Lombardi <mlombard(a)redhat.com> scsi: target: core: Generate correct identifiers for PR OUT transport IDs Ranjan Kumar <ranjan.kumar(a)broadcom.com> scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans Shankari Anand <shankari.ak0208(a)gmail.com> kconfig: nconf: Ensure null termination where strncpy is used Keith Busch <kbusch(a)kernel.org> vfio/type1: conditional rescheduling while pinning Suchit Karunakaran <suchitkarunakaran(a)gmail.com> kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c John Ogness <john.ogness(a)linutronix.de> printk: nbcon: Allow reacquire during panic Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: check the generic conditions first Yuezhang Mo <Yuezhang.Mo(a)sony.com> exfat: add cluster chain loop check for dir fangzhong.zhou <myth5(a)myth5.com> i2c: Force DLL0945 touchpad i2c freq to 100khz John Johansen <john.johansen(a)canonical.com> apparmor: fix x_table_lookup when stacking is not the first entry Mateusz Guzik <mjguzik(a)gmail.com> apparmor: use the condition in AA_BUG_FMT even with debug disabled Benjamin Marzinski <bmarzins(a)redhat.com> dm-table: fix checking for rq stackable devices Mikulas Patocka <mpatocka(a)redhat.com> dm-mpath: don't print the "loaded" message if registering fails Jorge Marques <jorge.marques(a)analog.com> i3c: master: Initialize ret in i3c_i2c_notifier_call() Wolfram Sang <wsa+renesas(a)sang-engineering.com> i3c: don't fail if GETHDRCAP is unsupported Gabriel Totev <gabriel.totev(a)zetier.com> apparmor: shift ouid when mediating hard links in userns Meagan Lloyd <meaganlloyd(a)linux.microsoft.com> rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 Wolfram Sang <wsa+renesas(a)sang-engineering.com> i3c: add missing include to internal header Petr Pavlu <petr.pavlu(a)suse.com> module: Prevent silent truncation of module name in delete_module(2) Purva Yeshi <purvayeshi550(a)gmail.com> md: dm-zoned-target: Initialize return variable r to avoid uninitialized use Charles Keepax <ckeepax(a)opensource.cirrus.com> soundwire: Move handle_nested_irq outside of sdw_dev_lock Vijendar Mukunda <Vijendar.Mukunda(a)amd.com> soundwire: amd: cancel pending slave status handling workqueue during remove sequence Vijendar Mukunda <Vijendar.Mukunda(a)amd.com> soundwire: amd: serialize amd manager resume sequence during pm_prepare Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> clk: renesas: rzg2l: Postpone updating priv->clks[] Mario Limonciello <mario.limonciello(a)amd.com> crypto: ccp - Add missing bootloader info reg for pspv6 Bharat Bhushan <bbhushan2(a)marvell.com> crypto: octeontx2 - add timeout for load_fvc completion poll chenchangcheng <chenchangcheng(a)kylinos.cn> media: uvcvideo: Fix bandwidth issue for Alcor camera Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Add quirk for HP Webcam HD 2300 Alex Guo <alexguo1023(a)gmail.com> media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar Alex Guo <alexguo1023(a)gmail.com> media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() Wolfram Sang <wsa+renesas(a)sang-engineering.com> media: usb: hdpvr: disable zero-length read messages Dave Stevenson <dave.stevenson(a)raspberrypi.com> media: tc358743: Increase FIFO trigger level to 374 Dave Stevenson <dave.stevenson(a)raspberrypi.com> media: tc358743: Return an appropriate colorspace from tc358743_set_fmt Dave Stevenson <dave.stevenson(a)raspberrypi.com> media: tc358743: Check I2C succeeded during probe Cheick Traore <cheick.traore(a)foss.st.com> pinctrl: stm32: Manage irq affinity settings Damien Le Moal <dlemoal(a)kernel.org> scsi: mpi3mr: Correctly handle ATA device errors Damien Le Moal <dlemoal(a)kernel.org> scsi: mpt3sas: Correctly handle ATA device errors Abel Vesa <abel.vesa(a)linaro.org> power: supply: qcom_battmgr: Add lithium-polymer entry Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk Arnd Bergmann <arnd(a)arndb.de> RDMA/core: reduce stack using in nldev_stat_get_doit() Yury Norov [NVIDIA] <yury.norov(a)gmail.com> RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() Amelie Delaunay <amelie.delaunay(a)foss.st.com> dmaengine: stm32-dma: configure next sg only if there are more than 2 sgs Johan Adolfsson <johan.adolfsson(a)axis.com> leds: leds-lp50xx: Handle reg to get correct multi_index Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control Daniel Scally <dan.scally(a)ideasonboard.com> media: ipu-bridge: Add _HID for OV5670 Michal Wilczynski <m.wilczynski(a)samsung.com> clk: thead: Mark essential bus clocks as CLK_IGNORE_UNUSED Shiji Yang <yangshiji66(a)outlook.com> MIPS: lantiq: falcon: sysctrl: fix request memory check logic Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> MIPS: Don't crash in stack_top() for tasks without ABI or vDSO Markus Theil <theil.markus(a)gmail.com> crypto: jitter - fix intermediary handling Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix size of uverbs_copy_to() in BNXT_RE_METHOD_GET_TOGGLE_MEM Hans de Goede <hdegoede(a)redhat.com> media: hi556: Fix reset GPIO timings Arnaud Lecomte <contact(a)arnaud-lcm.com> jfs: upper bound check of tree index in dbAllocAG Edward Adam Davis <eadavis(a)qq.com> jfs: Regular file corruption check Lizhi Xu <lizhi.xu(a)windriver.com> jfs: truncate good inode pages when hard link is 0 jackysliu <1972843537(a)qq.com> scsi: bfa: Double-free fix Ziyan Fu <fuzy5(a)lenovo.com> watchdog: iTCO_wdt: Report error if timeout configuration fails Shiji Yang <yangshiji66(a)outlook.com> MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free} George Moussalem <george.moussalem(a)outlook.com> clk: qcom: ipq5018: keep XO clock always on Florin Leotescu <florin.leotescu(a)nxp.com> hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state Sebastian Reichel <sebastian.reichel(a)collabora.com> watchdog: dw_wdt: Fix default timeout Amir Mohammad Jahangirzad <a.jahangirzad(a)gmail.com> fs/orangefs: use snprintf() instead of sprintf() Showrya M N <showrya(a)chelsio.com> scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated Geraldo Nascimento <geraldogabriel(a)gmail.com> phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal Chen-Yu Tsai <wens(a)csie.org> mfd: axp20x: Set explicit ID for AXP313 regulator Pei Xiao <xiaopei01(a)kylinos.cn> clk: tegra: periph: Fix error handling and resolve unsigned compare warning Theodore Ts'o <tytso(a)mit.edu> ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr Zhiqi Song <songzhiqi1(a)huawei.com> crypto: hisilicon/hpre - fix dma unmap sequence Yongzhen Zhang <zhangyongzhen(a)kylinos.cn> fbdev: fix potential buffer overflow in do_register_framebuffer() Pali Rohár <pali(a)kernel.org> cifs: Fix calling CIFSFindFirst() for root path without msearch Aaron Plattner <aplattner(a)nvidia.com> watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition Roman Li <Roman.Li(a)amd.com> drm/amd/display: Disable dsc_power_gate for dcn314 by default Mario Limonciello <mario.limonciello(a)amd.com> drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported Mario Limonciello <mario.limonciello(a)amd.com> drm/amd/display: Only finalize atomic_obj if it was initialized Jason Wang <jasowang(a)redhat.com> vhost: fail early when __vhost_add_used() fails Will Deacon <will(a)kernel.org> vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325 Joel Fernandes <joelagnelf(a)nvidia.com> rcu: Fix rcu_read_unlock() deadloop due to IRQ work Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> drm/ttm: Respect the shrinker core free target Wayne Lin <Wayne.Lin(a)amd.com> drm/amd/display: Avoid trying AUX transactions on disconnected ports Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> drm/amd/display: Update DMCUB loading sequence for DCN3.5 Yonghong Song <yonghong.song(a)linux.dev> selftests/bpf: Fix a user_ringbuf failure with arm64 64KB page size Yonghong Song <yonghong.song(a)linux.dev> selftests/bpf: Fix ringbuf/ringbuf_write test failure with arm64 64KB page size Ihor Solodrai <isolodrai(a)meta.com> bpf: Make reg_not_null() true for CONST_PTR_TO_MAP Jakub Kicinski <kuba(a)kernel.org> uapi: in6: restore visibility of most IPv6 socket options Emily Deng <Emily.Deng(a)amd.com> drm/ttm: Should to return the evict error Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range Hari Kalavakunta <kalavakunta.hari.prasad(a)gmail.com> net: ncsi: Fix buffer overflow in fetching version id Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> drm/xe: Make dma-fences compliant with the safe access rules Shannon Nelson <shannon.nelson(a)amd.com> ionic: clean dbpage in de-init Thomas Fourier <fourier.thomas(a)gmail.com> wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() Chih-Kang Chang <gary.chang(a)realtek.com> wifi: rtw89: scan abort when assign/unassign_vif Breno Leitao <leitao(a)debian.org> ptp: Use ratelimite for freerun error message Yuan Chen <chenyuan(a)kylinos.cn> bpftool: Fix JSON writer resource leak in version command Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: prevent SWITCH_CTRL access on BCM5325 Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: prevent DIS_LEARNING access on BCM5325 Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325 Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: fix b53_imp_vlan_setup for BCM5325 Álvaro Fernández Rojas <noltari(a)gmail.com> net: dsa: b53: ensure BCM5325 PHYs are enabled Alok Tiwari <alok.a.tiwari(a)oracle.com> gve: Return error for unknown admin queue command Gal Pressman <gal(a)nvidia.com> net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs Gal Pressman <gal(a)nvidia.com> net: vlan: Make is_vlan_dev() a stub when VLAN is not configured Mario Limonciello <mario.limonciello(a)amd.com> drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual Heiner Kallweit <hkallweit1(a)gmail.com> dpaa_eth: don't use fixed_phy_change_carrier Nicolas Escande <nico.escande(a)gmail.com> neighbour: add support for NUD_PERMANENT proxy entries Stanislaw Gruszka <stf_xl(a)wp.pl> wifi: iwlegacy: Check rate_idx range after addition Mark Rutland <mark.rutland(a)arm.com> arm64: stacktrace: Check kretprobe_find_ret_addr() return value Mina Almasry <almasrymina(a)google.com> netmem: fix skb_frag_address_safe with unreadable skbs Thomas Fourier <fourier.thomas(a)gmail.com> powerpc: floppy: Add missing checks after DMA map Karthikeyan Kathirvel <quic_kathirve(a)quicinc.com> wifi: ath12k: Decrement TID on RX peer frag setup error handling Raj Kumar Bhagat <quic_rajkbhag(a)quicinc.com> wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 Thomas Fourier <fourier.thomas(a)gmail.com> wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`. Ramya Gnanasekar <ramya.gnanasekar(a)oss.qualcomm.com> wifi: mac80211: update radar_required in channel context after channel switch Alex Hung <alex.hung(a)amd.com> drm/amd/display: Initialize mode_select to 0 Wen Chen <Wen.Chen3(a)amd.com> drm/amd/display: Fix 'failed to blank crtc!' Pagadala Yesu Anjaneyulu <pagadala.yesu.anjaneyulu(a)intel.com> wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect Rand Deeb <rand.sec96(a)gmail.com> wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() Nathan Lynch <nathan.lynch(a)amd.com> lib: packing: Include necessary headers Hari Chandrakanthan <quic_haric(a)quicinc.com> wifi: ath12k: Fix station association with MBSSID Non-TX BSS Sarika Sharma <quic_sarishar(a)quicinc.com> wifi: ath12k: Add memset and update default rate value in wmi tx completion Kang Yang <kang.yang(a)oss.qualcomm.com> wifi: ath10k: shutdown driver when hardware is unreliable Ilya Bakoulin <Ilya.Bakoulin(a)amd.com> drm/amd/display: Separate set_gsl from set_gsl_source_select Jonas Rebmann <jre(a)pengutronix.de> net: fec: allow disable coalescing RubenKelevra <rubenkelevra(a)gmail.com> net: ieee8021q: fix insufficient table-size assertion Li Chen <chenl311(a)chinatelecom.cn> ACPI: Suppress misleading SPCR console message when SPCR table is absent Eric Work <work.eric(a)gmail.com> net: atlantic: add set_power to fw_ops for atl2 to fix wol Aakash Kumar S <saakashkumar(a)marvell.com> xfrm: Duplicate SPI Handling zhangjianrong <zhangjianrong5(a)huawei.com> net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() zhangjianrong <zhangjianrong5(a)huawei.com> net: thunderbolt: Enable end-to-end flow control also in transmit Matt Roper <matthew.d.roper(a)intel.com> drm/xe/xe_query: Use separate iterator while filling GT list Mark Brown <broonie(a)kernel.org> kselftest/arm64: Specify SVE data when testing VL set in sve-ptrace David Bauer <mail(a)david-bauer.net> wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtw89: Fix rtw89_mac_power_switch() for USB Alessio Belle <alessio.belle(a)imgtec.com> drm/imagination: Clear runtime PM errors while resetting the GPU Robin Murphy <robin.murphy(a)arm.com> perf/arm: Add missing .suppress_bind_attrs Yuan Chen <chenyuan(a)kylinos.cn> drm/msm: Add error handling for krealloc in metadata setup Rob Clark <robdclark(a)chromium.org> drm/msm: use trylock for debugfs Hari Chandrakanthan <quic_haric(a)quicinc.com> wifi: mac80211: fix rx link assignment for non-MLO stations Zqiang <qiang.zhang1211(a)gmail.com> rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer access Kuniyuki Iwashima <kuniyu(a)google.com> ipv6: mcast: Check inet6_dev->dead under idev->mc_lock in __ipv6_dev_mc_inc(). Thomas Fourier <fourier.thomas(a)gmail.com> (powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer Heiko Carstens <hca(a)linux.ibm.com> s390/early: Copy last breaking event address to pt_regs Miri Korenblit <miriam.rachel.korenblit(a)intel.com> wifi: mac80211: avoid weird state in error path Johannes Berg <johannes.berg(a)intel.com> wifi: mac80211: don't complete management TX on SAE commit Chris Mason <clm(a)fb.com> sched/fair: Bump sd->max_newidle_lb_cost when newidle balance fails Kamil Horák - 2N <kamilh(a)axis.com> net: phy: bcm54811: PHY initialization Sven Schnelle <svens(a)linux.ibm.com> s390/stp: Remove udelay from stp_sync_clock() Avraham Stern <avraham.stern(a)intel.com> wifi: iwlwifi: mvm: fix scan request validation Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> um: Re-evaluate thread flags repeatedly Miri Korenblit <miriam.rachel.korenblit(a)intel.com> wifi: iwlwifi: mvm: set gtk id also in older FWs Paul Chaignon <paul.chaignon(a)gmail.com> bpf: Forget ranges when refining tnum after JSET Juri Lelli <juri.lelli(a)redhat.com> sched/deadline: Fix accounting after global limits change Alok Tiwari <alok.a.tiwari(a)oracle.com> perf/cxlpmu: Remove unintended newline from IRQ name format string Biju Das <biju.das.jz(a)bp.renesas.com> net: phy: micrel: Add ksz9131_resume() Alok Tiwari <alok.a.tiwari(a)oracle.com> net: thunderx: Fix format-truncation warning in bgx_acpi_match_id() Oscar Maes <oscmaes92(a)gmail.com> net: ipv4: fix incorrect MTU in broadcast routes Johannes Berg <johannes.berg(a)intel.com> wifi: mac80211: don't unreserve never reserved chanctx Ilan Peer <ilan.peer(a)intel.com> wifi: cfg80211: Fix interface type validation Matt Johnston <matt(a)codeconstruct.com.au> net: mctp: Prevent duplicate binds Vincent Mailhol <mailhol.vincent(a)wanadoo.fr> can: ti_hecc: fix -Woverflow compiler warning Charlene Liu <Charlene.Liu(a)amd.com> drm/amd/display: limit clear_update_flags to dcn32 and above Paul E. McKenney <paulmck(a)kernel.org> rcu: Protect ->defer_qs_iw_pending from data race Umio Yasuno <coelacanth_dream(a)protonmail.com> drm/amd/pm: fix null pointer access Breno Leitao <leitao(a)debian.org> arm64: Mark kernel as tainted on SAE and SError panic Jack Ping CHNG <jchng(a)maxlinear.com> net: pcs: xpcs: mask readl() return value to 16 bits Leon Romanovsky <leon(a)kernel.org> net/mlx5e: Properly access RCU protected qdisc_sleeping variable Thomas Fourier <fourier.thomas(a)gmail.com> net: ag71xx: Add missing check after DMA map Thomas Fourier <fourier.thomas(a)gmail.com> et131x: Add missing check after DMA map Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB Chin-Yen Lee <timlee(a)realtek.com> wifi: rtw89: wow: Add Basic Rate IE to probe request in scheduled scan mode Ahmed Zaki <ahmed.zaki(a)intel.com> idpf: preserve coalescing settings across resets Eduard Zingerman <eddyz87(a)gmail.com> libbpf: Verify that arena map exists when adding arena relocations Alok Tiwari <alok.a.tiwari(a)oracle.com> be2net: Use correct byte order and format string for TCP seq and ack_seq Sven Schnelle <svens(a)linux.ibm.com> s390/time: Use monotonic clock in get_cycles() Johannes Berg <johannes.berg(a)intel.com> wifi: cfg80211: reject HTC bit for management frames Steven Rostedt <rostedt(a)goodmis.org> ktest.pl: Prevent recursion of default variable options Sarika Sharma <quic_sarishar(a)quicinc.com> wifi: ath12k: Correct tid cleanup when tid setup fails Oliver Neukum <oneukum(a)suse.com> net: usb: cdc-ncm: check for filtering capability Avraham Stern <avraham.stern(a)intel.com> wifi: iwlwifi: mvm: avoid outdated reorder buffer head_sn Anthoine Bourgeois <anthoine.bourgeois(a)vates.tech> xen/netfront: Fix TX response spurious interrupts Zijun Hu <zijun.hu(a)oss.qualcomm.com> Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() En-Wei Wu <en-wei.wu(a)canonical.com> Bluetooth: btusb: Add new VID/PID 0489/e14e for MT7925 Ben Hutchings <benh(a)debian.org> bootconfig: Fix unaligned access when building footer Steven Rostedt <rostedt(a)goodmis.org> powerpc/thp: tracing: Hide hugepage events under CONFIG_PPC_BOOK3S_64 Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> selftests: netfilter: Enable CONFIG_INET_SCTP_DIAG Florian Westphal <fw(a)strlen.de> netfilter: nft_set_pipapo: prefer kvmalloc for scratch maps Srinivas Kandagatla <srini(a)kernel.org> ASoC: qcom: use drvdata instead of component to keep id Xinxin Wan <xinxin.wan(a)intel.com> ASoC: codecs: rt5640: Retry DEVICE_ID verification Jonathan Santos <Jonathan.Santos(a)analog.com> iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros Christophe Leroy <christophe.leroy(a)csgroup.eu> ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop Lucy Thrun <lucy.thrun(a)digital-rabbithole.de> ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control Tomasz Michalec <tmichalec(a)google.com> platform/chrome: cros_ec_typec: Defer probe on missing EC parent Kees Cook <kees(a)kernel.org> platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com> soc: qcom: mdt_loader: Actually use the e_phoff Krzysztof Hałasa <khalasa(a)piap.pl> imx8m-blk-ctrl: set ISI panic write hurry level Gautham R. Shenoy <gautham.shenoy(a)amd.com> pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() Oliver Neukum <oneukum(a)suse.com> usb: core: usb_submit_urb: downgrade type check Tomasz Michalec <tmichalec(a)google.com> usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present Peter Ujfalusi <peter.ujfalusi(a)linux.intel.com> ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() Joseph Tilahun <jtilahun(a)astranis.com> tty: serial: fix print format specifiers Peter Ujfalusi <peter.ujfalusi(a)linux.intel.com> ASoC: SOF: topology: Parse the dapm_widget_tokens in case of DSPless mode Alok Tiwari <alok.a.tiwari(a)oracle.com> ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 Mark Brown <broonie(a)kernel.org> ASoC: hdac_hdmi: Rate limit logging on connection and disconnection Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/bugs: Avoid warning when overriding return thunk Takashi Iwai <tiwai(a)suse.de> ALSA: hda: Disable jack polling at shutdown Takashi Iwai <tiwai(a)suse.de> ALSA: hda: Handle the jack polling always via a work Gwendal Grignou <gwendal(a)chromium.org> platform/chrome: cros_ec_sensorhub: Retries when a sensor is not ready Ulf Hansson <ulf.hansson(a)linaro.org> mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() Hans de Goede <hansg(a)kernel.org> mei: bus: Check for still connected devices in mei_cl_bus_dev_release() Zijun Hu <zijun.hu(a)oss.qualcomm.com> char: misc: Fix improper and inaccurate error code returned by misc_init() Peter Robinson <pbrobinson(a)gmail.com> reset: brcmstb: Enable reset drivers for ARCH_BCM2835 Eliav Farber <farbere(a)amazon.com> pps: clients: gpio: fix interrupt handling order in remove path Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> selftests: vDSO: vdso_test_getrandom: Always print TAP header Breno Leitao <leitao(a)debian.org> ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path Sarthak Garg <quic_sartgarg(a)quicinc.com> mmc: sdhci-msm: Ensure SD card power isn't ON when card removed Sebastian Ott <sebott(a)redhat.com> ACPI: processor: fix acpi_object initialization tuhaowen <tuhaowen(a)uniontech.com> PM: sleep: console: Fix the black screen issue Hsin-Te Yuan <yuanhsinte(a)chromium.org> thermal: sysfs: Return ENODATA instead of EAGAIN for reads Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() Thierry Reding <treding(a)nvidia.com> firmware: tegra: Fix IVC dependency problems Peng Fan <peng.fan(a)nxp.com> firmware: arm_scmi: power_control: Ensure SCMI_SYSPOWER_IDLE is set early during resume Zhu Qiyu <qiyuzhu2(a)amd.com> ACPI: PRM: Reduce unnecessary printing to avoid user confusion Masami Hiramatsu (Google) <mhiramat(a)kernel.org> selftests: tracing: Use mutex_unlock for testing glob filter Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> tools/build: Fix s390(x) cross-compilation with clang Aaron Kling <webgeek1234(a)gmail.com> ARM: tegra: Use I/O memcpy to write to IRAM Michael Walle <mwalle(a)kernel.org> mfd: tps6594: Add TI TPS652G1 support Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpio: tps65912: check the return value of regmap_update_bits() David Lechner <dlechner(a)baylibre.com> iio: adc: ad_sigma_delta: don't overallocate scan buffer Thomas Weißschuh <linux(a)weissschuh.net> tools/nolibc: define time_t in terms of __kernel_old_time_t David Collins <david.collins(a)oss.qualcomm.com> thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed Shubhrajyoti Datta <shubhrajyoti.datta(a)amd.com> EDAC/synopsys: Clear the ECC counters on init Lifeng Zheng <zhenglifeng1(a)huawei.com> PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() Alexander Kochetkov <al.kochet(a)gmail.com> ARM: rockchip: fix kernel hang during smp initialization Li RongQing <lirongqing(a)baidu.com> cpufreq: intel_pstate: Add Granite Rapids support in no-HWP mode Lifeng Zheng <zhenglifeng1(a)huawei.com> cpufreq: Exit governor when failed to start old governor Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpio: wcd934x: check the return value of regmap_update_bits() Guillaume La Roque <glaroque(a)baylibre.com> pmdomain: ti: Select PM_GENERIC_DOMAINS André Draszik <andre.draszik(a)linaro.org> usb: typec: tcpm/tcpci_maxim: fix irq wake usage Hiago De Franco <hiago.franco(a)toradex.com> remoteproc: imx_rproc: skip clock enable when M-core is managed by the SCU Shuai Xue <xueshuai(a)linux.alibaba.com> ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered Maulik Shah <maulik.shah(a)oss.qualcomm.com> soc: qcom: rpmh-rsc: Add RSC version 4 support Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> firmware: qcom: scm: initialize tzmem before marking SCM as available Mario Limonciello <mario.limonciello(a)amd.com> usb: xhci: Avoid showing errors during surprise removal Jay Chen <shawn2000100(a)gmail.com> usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command Mario Limonciello <mario.limonciello(a)amd.com> usb: xhci: Avoid showing warnings for dying controller Benson Leung <bleung(a)chromium.org> usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default Cynthia Huang <cynthia(a)andestech.com> selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t Prashant Malani <pmalani(a)google.com> cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag Mario Limonciello <mario.limonciello(a)amd.com> platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list Su Hui <suhui(a)nfschina.com> usb: xhci: print xhci->xhc_state when queue_command failed Steven Rostedt <rostedt(a)goodmis.org> tracefs: Add d_delete to remove negative dentries Al Viro <viro(a)zeniv.linux.org.uk> securityfs: don't pin dentries twice, once is enough... Al Viro <viro(a)zeniv.linux.org.uk> fix locking in efi_secret_unlink() Wei Gao <wegao(a)suse.com> ext2: Handle fiemap on empty files to prevent EINVAL Christian Brauner <brauner(a)kernel.org> pidfs: raise SB_I_NODEV and SB_I_NOEXEC Xiao Ni <xni(a)redhat.com> md: Don't clear MD_CLOSING until mddev is freed Rong Zhang <ulin0208(a)gmail.com> fs/ntfs3: correctly create symlink for relative path Lizhi Xu <lizhi.xu(a)windriver.com> fs/ntfs3: Add sanity check for file name Damien Le Moal <dlemoal(a)kernel.org> ata: libata-sata: Disallow changing LPM state if not supported Damien Le Moal <dlemoal(a)kernel.org> ata: ahci: Disable DIPM if host lacks support Damien Le Moal <dlemoal(a)kernel.org> ata: ahci: Disallow LPM policy control if not supported Al Viro <viro(a)zeniv.linux.org.uk> better lockdep annotations for simple_recursive_removal() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix not erasing deleted b-tree node issue Sarah Newman <srn(a)prgmr.com> drbd: add missing kref_get in handle_write_conflicts Jan Kara <jack(a)suse.cz> udf: Verify partition map count Jan Kara <jack(a)suse.cz> loop: Avoid updating block size under exclusive owner Xiao Ni <xni(a)redhat.com> md: call del_gendisk in control path Andrew Price <anprice(a)redhat.com> gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops Andrew Price <anprice(a)redhat.com> gfs2: Validate i_depth for exhash directories Maurizio Lombardi <mlombard(a)redhat.com> nvme-tcp: log TLS handshake failures at error level John Garry <john.g.garry(a)oracle.com> md/raid10: set chunk_sectors limit John Garry <john.g.garry(a)oracle.com> dm-stripe: limit chunk_sectors to the stripe size Keith Busch <kbusch(a)kernel.org> nvme-pci: try function level reset on init failure NeilBrown <neil(a)brown.name> smb/server: avoid deadlock when linking with ReplaceIfExists Yeoreum Yun <yeoreum.yun(a)arm.com> firmware: arm_ffa: Change initcall level of ffa_init() to rootfs_initcall Kees Cook <kees(a)kernel.org> arm64: Handle KCOV __init vs inline mismatches Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix slab-out-of-bounds in hfs_bnode_read() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix general protection fault in hfs_find_init() Sven Stegemann <sven(a)stegemann.de> net: kcm: Fix race condition in kcm_unattach() Jakub Kicinski <kuba(a)kernel.org> tls: handle data disappearing from under the TLS ULP Jeongjun Park <aha310510(a)gmail.com> ptp: prevent possible ABBA deadlock in ptp_clock_freerun() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpuidle: governors: menu: Avoid using invalid recent intervals data Len Brown <len.brown(a)intel.com> intel_idle: Allow loading ACPI tables for any family Xin Long <lucien.xin(a)gmail.com> sctp: linearize cloned gso packets in sctp_rcv Alok Tiwari <alok.a.tiwari(a)oracle.com> net: ti: icss-iep: Fix incorrect type for return value in extts_enable() MD Danish Anwar <danishanwar(a)ti.com> net: ti: icssg-prueth: Fix emac link speed handling Florian Westphal <fw(a)strlen.de> netfilter: ctnetlink: fix refcount leak on table dump Sabrina Dubroca <sd(a)queasysnail.net> udp: also consider secpath when evaluating ipsec use for checksumming Jinjiang Tu <tujinjiang(a)huawei.com> mm/smaps: fix race between smaps_hugetlb_range and migration Al Viro <viro(a)zeniv.linux.org.uk> habanalabs: fix UAF in export_dmabuf() Maxim Levitsky <mlevitsk(a)redhat.com> KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest Maxim Levitsky <mlevitsk(a)redhat.com> KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs Maxim Levitsky <mlevitsk(a)redhat.com> KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter Sean Christopherson <seanjc(a)google.com> KVM: VMX: Extract checking of guest's DEBUGCTL into helper Sean Christopherson <seanjc(a)google.com> KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported Sean Christopherson <seanjc(a)google.com> KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag Sean Christopherson <seanjc(a)google.com> KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap Stefan Metzmacher <metze(a)samba.org> smb: client: don't wait for info->send_pending == 0 on error Stefan Metzmacher <metze(a)samba.org> smb: client: let send_done() cleanup before calling smbd_disconnect_rdma_connection() Li Zhijian <lizhijian(a)fujitsu.com> mm/memory-tier: fix abstract distance calculation overflow Damien Le Moal <dlemoal(a)kernel.org> block: Make REQ_OP_ZONE_FINISH a write operation Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI: processor: perflib: Move problematic pr->performance check Jiayi Li <lijiayi(a)kylinos.cn> ACPI: processor: perflib: Fix initial _PPC limit application Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Documentation: ACPI: Fix parent device references Jann Horn <jannh(a)google.com> eventpoll: Fix semi-unbounded recursion Sasha Levin <sashal(a)kernel.org> fs: Prevent file descriptor table allocations exceeding INT_MAX Eric Biggers <ebiggers(a)kernel.org> fscrypt: Don't use problematic non-inline crypto engines André Draszik <andre.draszik(a)linaro.org> clk: samsung: gs101: fix alternate mout_hsi0_usb20_ref parent clock André Draszik <andre.draszik(a)linaro.org> clk: samsung: gs101: fix CLK_DOUT_CMU_G3D_BUSD André Draszik <andre.draszik(a)linaro.org> clk: samsung: exynos850: fix a comment Ma Ke <make24(a)iscas.ac.cn> sunvdc: Balance device refcount in vdc_port_mpgroup_check Yao Zi <ziyao(a)disroot.org> LoongArch: Avoid in-place string operation on FDT content Huacai Chen <chenhuacai(a)kernel.org> LoongArch: Make relocate_new_kernel_size be a .quad value Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> LoongArch: Don't use %pK through printk() in unwinder Haoran Jiang <jianghaoran(a)kylinos.cn> LoongArch: BPF: Fix jump offset calculation in tailcall Huacai Chen <chenhuacai(a)kernel.org> PCI: Extend isolated function probing to LoongArch Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix the setting of capabilities when automounting a new filesystem Dai Ngo <dai.ngo(a)oracle.com> NFSD: detect mismatch of file handle and delegation stateid in OPEN op Jeff Layton <jlayton(a)kernel.org> nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Xu Yang <xu.yang_2(a)nxp.com> net: usb: asix_devices: add phy_mask for ax88772 mdio bus Johan Hovold <johan(a)kernel.org> net: dpaa: fix device leak when querying time stamp info Johan Hovold <johan(a)kernel.org> net: ti: icss-iep: fix device and OF node leaks at probe Johan Hovold <johan(a)kernel.org> net: mtk_eth_soc: fix device leak at probe Johan Hovold <johan(a)kernel.org> net: enetc: fix device and OF node leak at probe Johan Hovold <johan(a)kernel.org> net: gianfar: fix device leak when querying time stamp info Heiner Kallweit <hkallweit1(a)gmail.com> net: ftgmac100: fix potential NULL pointer access in ftgmac100_phy_disconnect Florian Larysch <fl(a)n621.de> net: phy: micrel: fix KSZ8081/KSZ8091 cable test Fedor Pchelkin <pchelkin(a)ispras.ru> netlink: avoid infinite retry looping in netlink_unicast() Daniel Golle <daniel(a)makrotopia.org> Revert "leds: trigger: netdev: Configure LED blink interval for HW offload" Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> leds: flash: leds-qcom-flash: Fix registry access after re-bind David Thompson <davthompson(a)nvidia.com> gpio: mlxbf3: use platform_get_irq_optional() David Thompson <davthompson(a)nvidia.com> Revert "gpio: mlxbf3: only get IRQ for device instance 0" David Thompson <davthompson(a)nvidia.com> gpio: mlxbf2: use platform_get_irq_optional() Harald Mommer <harald.mommer(a)oss.qualcomm.com> gpio: virtio: Fix config space reading. Wang Zhaolong <wangzhaolong(a)huaweicloud.com> smb: client: remove redundant lstrp update in negotiate protocol Steve French <stfrench(a)microsoft.com> smb3: fix for slab out of bounds on mount to ksmbd Christopher Eby <kreed(a)kreed.org> ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks Vasiliy Kovalev <kovalev(a)altlinux.org> ALSA: hda/realtek: Fix headset mic on HONOR BRB-X Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Validate UAC3 cluster segment descriptors Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Validate UAC3 power domain descriptors, too Pavel Begunkov <asml.silence(a)gmail.com> io_uring: don't use int for ABI ------------- Diffstat: Documentation/filesystems/fscrypt.rst | 37 +++---- Documentation/firmware-guide/acpi/i2c-muxes.rst | 8 +- Makefile | 4 +- arch/arm/mach-rockchip/platsmp.c | 15 +-- arch/arm/mach-tegra/reset.c | 2 +- arch/arm64/boot/dts/ti/k3-j722s-evm.dts | 4 +- arch/arm64/include/asm/acpi.h | 2 +- arch/arm64/kernel/acpi.c | 10 +- arch/arm64/kernel/stacktrace.c | 2 + arch/arm64/kernel/traps.c | 1 + arch/arm64/mm/fault.c | 1 + arch/arm64/mm/ptdump_debugfs.c | 3 - arch/loongarch/kernel/env.c | 13 ++- arch/loongarch/kernel/relocate_kernel.S | 2 +- arch/loongarch/kernel/unwind_orc.c | 2 +- arch/loongarch/net/bpf_jit.c | 21 +--- arch/mips/include/asm/vpe.h | 8 ++ arch/mips/kernel/process.c | 16 +-- arch/mips/lantiq/falcon/sysctrl.c | 23 ++--- arch/parisc/Makefile | 2 +- arch/powerpc/include/asm/floppy.h | 5 +- arch/powerpc/platforms/512x/mpc512x_lpbfifo.c | 6 +- arch/riscv/mm/ptdump.c | 3 - arch/s390/include/asm/timex.h | 13 ++- arch/s390/kernel/early.c | 1 + arch/s390/kernel/time.c | 2 +- arch/s390/mm/dump_pagetables.c | 2 - arch/um/include/asm/thread_info.h | 4 + arch/um/kernel/process.c | 18 ++-- arch/x86/include/asm/kvm-x86-ops.h | 1 - arch/x86/include/asm/kvm_host.h | 15 ++- arch/x86/include/asm/msr-index.h | 1 + arch/x86/kernel/cpu/bugs.c | 5 +- arch/x86/kvm/svm/svm.c | 14 +-- arch/x86/kvm/vmx/main.c | 3 +- arch/x86/kvm/vmx/nested.c | 21 +++- arch/x86/kvm/vmx/pmu_intel.c | 8 +- arch/x86/kvm/vmx/vmx.c | 57 ++++++----- arch/x86/kvm/vmx/vmx.h | 26 +++++ arch/x86/kvm/vmx/x86_ops.h | 2 +- arch/x86/kvm/x86.c | 25 ++++- block/bfq-iosched.c | 35 +++---- block/bfq-iosched.h | 3 +- block/blk-mq.c | 6 +- block/blk-settings.c | 2 +- block/blk-zoned.c | 20 +--- block/kyber-iosched.c | 9 +- block/mq-deadline.c | 16 +-- crypto/jitterentropy-kcapi.c | 9 +- drivers/accel/habanalabs/common/memory.c | 23 ++--- drivers/acpi/acpi_processor.c | 2 +- drivers/acpi/apei/ghes.c | 13 +++ drivers/acpi/prmt.c | 26 ++++- drivers/acpi/processor_perflib.c | 11 +++ drivers/ata/ahci.c | 12 ++- drivers/ata/ata_piix.c | 1 + drivers/ata/libahci.c | 1 + drivers/ata/libata-sata.c | 52 ++++++++-- drivers/base/power/runtime.c | 5 + drivers/block/drbd/drbd_receiver.c | 6 +- drivers/block/loop.c | 38 ++++++-- drivers/block/sunvdc.c | 4 +- drivers/bluetooth/btusb.c | 2 + drivers/char/ipmi/ipmi_msghandler.c | 8 +- drivers/char/ipmi/ipmi_watchdog.c | 59 ++++++++---- drivers/char/misc.c | 4 +- drivers/clk/qcom/gcc-ipq5018.c | 2 +- drivers/clk/qcom/gcc-ipq8074.c | 6 +- drivers/clk/renesas/rzg2l-cpg.c | 8 +- drivers/clk/samsung/clk-exynos850.c | 2 +- drivers/clk/samsung/clk-gs101.c | 4 +- drivers/clk/tegra/clk-periph.c | 4 +- drivers/clk/thead/clk-th1520-ap.c | 5 +- drivers/comedi/comedi_fops.c | 33 +++++-- drivers/comedi/comedi_internal.h | 1 + drivers/comedi/drivers.c | 13 ++- drivers/cpufreq/cppc_cpufreq.c | 2 +- drivers/cpufreq/cpufreq.c | 8 +- drivers/cpufreq/intel_pstate.c | 2 + drivers/cpuidle/governors/menu.c | 21 +++- drivers/crypto/ccp/sp-pci.c | 1 + drivers/crypto/hisilicon/hpre/hpre_crypto.c | 8 +- .../crypto/marvell/octeontx2/otx2_cptpf_ucode.c | 16 ++- drivers/devfreq/governor_userspace.c | 6 +- drivers/dma/stm32/stm32-dma.c | 2 +- drivers/edac/synopsys_edac.c | 93 +++++++++--------- drivers/firmware/arm_ffa/driver.c | 2 +- drivers/firmware/arm_scmi/scmi_power_control.c | 22 ++++- drivers/firmware/qcom/qcom_scm.c | 53 +++++----- drivers/firmware/tegra/Kconfig | 5 +- drivers/gpio/gpio-mlxbf2.c | 2 +- drivers/gpio/gpio-mlxbf3.c | 52 ++++------ drivers/gpio/gpio-tps65912.c | 7 +- drivers/gpio/gpio-virtio.c | 9 +- drivers/gpio/gpio-wcd934x.c | 7 +- drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c | 3 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 +- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_psr.c | 6 +- drivers/gpu/drm/amd/display/dc/core/dc.c | 6 +- .../drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c | 11 +-- drivers/gpu/drm/amd/display/dc/link/link_dpms.c | 3 +- .../gpu/drm/amd/display/dc/mpc/dcn401/dcn401_mpc.c | 2 +- .../display/dc/resource/dcn314/dcn314_resource.c | 1 + drivers/gpu/drm/amd/display/dmub/src/dmub_dcn35.c | 16 +-- drivers/gpu/drm/amd/pm/amdgpu_pm.c | 5 + drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 37 +++---- drivers/gpu/drm/imagination/pvr_power.c | 59 +++++++++++- drivers/gpu/drm/msm/msm_drv.c | 9 +- drivers/gpu/drm/msm/msm_gem.c | 3 +- drivers/gpu/drm/msm/msm_gem.h | 6 ++ drivers/gpu/drm/renesas/rz-du/rzg2l_mipi_dsi.c | 3 + drivers/gpu/drm/ttm/ttm_pool.c | 8 +- drivers/gpu/drm/ttm/ttm_resource.c | 3 + drivers/gpu/drm/xe/xe_guc_exec_queue_types.h | 2 + drivers/gpu/drm/xe/xe_guc_submit.c | 7 +- drivers/gpu/drm/xe/xe_hw_fence.c | 3 + drivers/gpu/drm/xe/xe_query.c | 27 +++--- drivers/hid/hid-apple.c | 17 ++-- drivers/hid/hid-magicmouse.c | 56 +++++++---- drivers/hwmon/emc2305.c | 10 +- drivers/i2c/i2c-core-acpi.c | 1 + drivers/i3c/internals.h | 1 + drivers/i3c/master.c | 4 +- drivers/idle/intel_idle.c | 2 +- drivers/iio/adc/ad7768-1.c | 23 ++++- drivers/iio/adc/ad_sigma_delta.c | 2 +- drivers/infiniband/core/nldev.c | 22 +++-- drivers/infiniband/hw/bnxt_re/ib_verbs.c | 2 +- drivers/infiniband/hw/hfi1/affinity.c | 44 +++++---- drivers/infiniband/sw/siw/siw_qp_tx.c | 5 +- drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 1 + drivers/iommu/intel/iommu.c | 19 +++- drivers/iommu/intel/iommu.h | 3 + drivers/iommu/iommufd/io_pagetable.c | 48 +++++---- drivers/leds/flash/leds-qcom-flash.c | 15 ++- drivers/leds/leds-lp50xx.c | 11 ++- drivers/leds/trigger/ledtrig-netdev.c | 16 +-- drivers/md/dm-ps-historical-service-time.c | 4 +- drivers/md/dm-ps-queue-length.c | 4 +- drivers/md/dm-ps-round-robin.c | 4 +- drivers/md/dm-ps-service-time.c | 4 +- drivers/md/dm-stripe.c | 1 + drivers/md/dm-table.c | 10 +- drivers/md/dm-zoned-target.c | 2 +- drivers/md/dm.c | 37 ++++--- drivers/md/md.c | 51 ++++++---- drivers/md/md.h | 26 ++++- drivers/md/raid10.c | 1 + drivers/media/dvb-frontends/dib7000p.c | 8 ++ drivers/media/i2c/hi556.c | 7 +- drivers/media/i2c/tc358743.c | 86 ++++++++++------- drivers/media/pci/intel/ipu-bridge.c | 2 + drivers/media/platform/qcom/venus/hfi_msgs.c | 83 +++++++++++----- drivers/media/usb/hdpvr/hdpvr-i2c.c | 6 ++ drivers/media/usb/uvc/uvc_driver.c | 12 +++ drivers/media/usb/uvc/uvc_video.c | 21 ++-- drivers/media/v4l2-core/v4l2-common.c | 14 ++- drivers/mfd/axp20x.c | 3 +- drivers/mfd/cros_ec_dev.c | 10 +- drivers/mfd/tps6594-core.c | 88 +++++++++++++++-- drivers/mfd/tps6594-i2c.c | 10 +- drivers/mfd/tps6594-spi.c | 10 +- drivers/misc/cardreader/rtsx_usb.c | 16 +-- drivers/misc/mei/bus.c | 6 ++ drivers/mmc/host/rtsx_usb_sdmmc.c | 4 +- drivers/mmc/host/sdhci-msm.c | 14 +++ drivers/net/can/ti_hecc.c | 2 +- drivers/net/dsa/b53/b53_common.c | 76 ++++++++++++--- drivers/net/dsa/b53/b53_regs.h | 7 +- drivers/net/ethernet/agere/et131x.c | 36 +++++++ drivers/net/ethernet/aquantia/atlantic/aq_hw.h | 2 + .../aquantia/atlantic/hw_atl2/hw_atl2_utils_fw.c | 39 ++++++++ drivers/net/ethernet/atheros/ag71xx.c | 9 ++ drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 4 +- drivers/net/ethernet/emulex/benet/be_main.c | 8 +- drivers/net/ethernet/faraday/ftgmac100.c | 7 +- drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 2 - drivers/net/ethernet/freescale/dpaa/dpaa_ethtool.c | 4 +- drivers/net/ethernet/freescale/enetc/enetc_pf.c | 14 ++- drivers/net/ethernet/freescale/fec_main.c | 34 +++---- drivers/net/ethernet/freescale/gianfar_ethtool.c | 4 +- drivers/net/ethernet/google/gve/gve_adminq.c | 1 + drivers/net/ethernet/intel/idpf/idpf.h | 19 ++++ drivers/net/ethernet/intel/idpf/idpf_ethtool.c | 36 +++++-- drivers/net/ethernet/intel/idpf/idpf_lib.c | 18 +++- drivers/net/ethernet/intel/idpf/idpf_main.c | 1 + drivers/net/ethernet/intel/idpf/idpf_txrx.c | 13 ++- drivers/net/ethernet/mediatek/mtk_wed.c | 1 - drivers/net/ethernet/mellanox/mlx5/core/en/qos.c | 2 +- drivers/net/ethernet/pensando/ionic/ionic_lif.c | 7 +- drivers/net/ethernet/ti/icssg/icss_iep.c | 26 +++-- drivers/net/ethernet/ti/icssg/icssg_prueth.c | 6 ++ drivers/net/hyperv/hyperv_net.h | 3 + drivers/net/hyperv/netvsc_drv.c | 29 +++++- drivers/net/pcs/pcs-xpcs-plat.c | 4 +- drivers/net/phy/broadcom.c | 25 ++++- drivers/net/phy/micrel.c | 12 ++- drivers/net/phy/smsc.c | 1 + drivers/net/thunderbolt/main.c | 21 ++-- drivers/net/usb/asix_devices.c | 1 + drivers/net/usb/cdc_ncm.c | 20 +++- drivers/net/wireless/ath/ath10k/core.c | 48 ++++++++- drivers/net/wireless/ath/ath10k/core.h | 11 ++- drivers/net/wireless/ath/ath10k/mac.c | 7 +- drivers/net/wireless/ath/ath10k/wmi.c | 6 ++ drivers/net/wireless/ath/ath12k/dp.c | 3 +- drivers/net/wireless/ath/ath12k/hw.c | 2 +- drivers/net/wireless/ath/ath12k/mac.c | 1 + drivers/net/wireless/ath/ath12k/wmi.c | 5 + drivers/net/wireless/intel/iwlegacy/4965-mac.c | 5 +- drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 2 +- drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 7 +- drivers/net/wireless/intel/iwlwifi/mvm/d3.c | 2 + drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c | 5 + drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 +- drivers/net/wireless/mediatek/mt76/mt7915/mcu.c | 25 +++-- drivers/net/wireless/realtek/rtlwifi/pci.c | 23 +++-- drivers/net/wireless/realtek/rtw89/chan.c | 6 ++ drivers/net/wireless/realtek/rtw89/fw.c | 9 +- drivers/net/wireless/realtek/rtw89/fw.h | 2 + drivers/net/wireless/realtek/rtw89/mac.c | 19 ++++ drivers/net/wireless/realtek/rtw89/reg.h | 1 + drivers/net/wireless/realtek/rtw89/wow.c | 5 +- drivers/net/xen-netfront.c | 5 - drivers/nvme/host/pci.c | 24 ++++- drivers/nvme/host/tcp.c | 11 ++- drivers/pci/pci-acpi.c | 4 +- drivers/pci/pci.c | 94 ++++++++++++------ drivers/pci/pci.h | 1 + drivers/pci/probe.c | 5 +- drivers/perf/arm-cmn.c | 1 + drivers/perf/arm-ni.c | 1 + drivers/perf/cxl_pmu.c | 2 +- drivers/phy/rockchip/phy-rockchip-pcie.c | 3 +- drivers/pinctrl/stm32/pinctrl-stm32.c | 1 + drivers/platform/chrome/cros_ec_sensorhub.c | 23 ++++- drivers/platform/chrome/cros_ec_typec.c | 4 +- drivers/platform/x86/amd/pmc/pmc-quirks.c | 9 ++ drivers/platform/x86/thinkpad_acpi.c | 4 +- drivers/pmdomain/imx/imx8m-blk-ctrl.c | 10 ++ drivers/pmdomain/ti/Kconfig | 2 +- drivers/power/supply/qcom_battmgr.c | 2 + drivers/pps/clients/pps-gpio.c | 5 +- drivers/ptp/ptp_clock.c | 2 +- drivers/ptp/ptp_private.h | 5 + drivers/ptp/ptp_vclock.c | 7 ++ drivers/remoteproc/imx_rproc.c | 4 +- drivers/reset/Kconfig | 10 +- drivers/rtc/rtc-ds1307.c | 15 ++- drivers/scsi/aacraid/comminit.c | 3 +- drivers/scsi/bfa/bfad_im.c | 1 + drivers/scsi/libiscsi.c | 3 +- drivers/scsi/lpfc/lpfc_debugfs.c | 1 - drivers/scsi/lpfc/lpfc_hbadisc.c | 3 +- drivers/scsi/lpfc/lpfc_scsi.c | 4 + drivers/scsi/mpi3mr/mpi3mr_os.c | 20 +++- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 19 ++++ drivers/scsi/scsi_scan.c | 2 +- drivers/scsi/scsi_transport_sas.c | 62 +++++++++--- drivers/soc/qcom/mdt_loader.c | 10 +- drivers/soc/qcom/rpmh-rsc.c | 2 +- drivers/soundwire/amd_manager.c | 7 +- drivers/soundwire/bus.c | 6 +- drivers/target/target_core_fabric_lib.c | 65 ++++++++++--- drivers/target/target_core_internal.h | 4 +- drivers/target/target_core_pr.c | 18 ++-- drivers/thermal/qcom/qcom-spmi-temp-alarm.c | 43 +++++++-- drivers/thermal/thermal_sysfs.c | 9 +- drivers/thunderbolt/domain.c | 2 +- drivers/tty/serial/serial_core.c | 44 ++++----- drivers/usb/class/cdc-acm.c | 11 ++- drivers/usb/core/config.c | 10 +- drivers/usb/core/urb.c | 2 +- drivers/usb/host/xhci-mem.c | 2 + drivers/usb/host/xhci-ring.c | 10 +- drivers/usb/host/xhci.c | 6 +- drivers/usb/typec/mux/intel_pmc_mux.c | 2 +- drivers/usb/typec/tcpm/tcpci_maxim_core.c | 46 ++++++--- drivers/usb/typec/ucsi/psy.c | 2 +- drivers/usb/typec/ucsi/ucsi.c | 1 + drivers/usb/typec/ucsi/ucsi.h | 7 +- drivers/vfio/pci/mlx5/cmd.c | 4 +- drivers/vfio/vfio_iommu_type1.c | 7 ++ drivers/vhost/vhost.c | 3 + drivers/video/fbdev/core/fbcon.c | 9 +- drivers/video/fbdev/core/fbmem.c | 3 + drivers/virt/coco/efi_secret/efi_secret.c | 10 +- drivers/watchdog/dw_wdt.c | 2 + drivers/watchdog/iTCO_wdt.c | 6 +- drivers/watchdog/sbsa_gwdt.c | 50 +++++++++- fs/btrfs/block-group.c | 27 +++++- fs/btrfs/ctree.c | 1 + fs/btrfs/extent-tree.c | 33 ++++--- fs/btrfs/qgroup.c | 13 ++- fs/btrfs/relocation.c | 19 ++++ fs/btrfs/transaction.c | 6 +- fs/btrfs/tree-log.c | 107 ++++++++++++++------- fs/btrfs/zoned.c | 5 +- fs/crypto/fscrypt_private.h | 17 ++++ fs/crypto/hkdf.c | 2 +- fs/crypto/keysetup.c | 3 +- fs/crypto/keysetup_v1.c | 3 +- fs/eventpoll.c | 60 +++++++++--- fs/exfat/dir.c | 12 +++ fs/exfat/fatent.c | 10 ++ fs/exfat/namei.c | 5 + fs/exfat/super.c | 32 +++--- fs/ext2/inode.c | 12 ++- fs/ext4/inline.c | 19 +++- fs/ext4/mballoc-test.c | 9 ++ fs/ext4/mballoc.c | 69 ++++++------- fs/f2fs/file.c | 24 ++--- fs/file.c | 15 +++ fs/gfs2/dir.c | 6 +- fs/gfs2/glops.c | 6 ++ fs/gfs2/meta_io.c | 2 + fs/hfs/bfind.c | 3 + fs/hfs/bnode.c | 93 ++++++++++++++++++ fs/hfs/btree.c | 57 ++++++++--- fs/hfs/extent.c | 2 +- fs/hfs/hfs_fs.h | 1 + fs/hfsplus/bnode.c | 92 ++++++++++++++++++ fs/hfsplus/unicode.c | 7 ++ fs/hfsplus/xattr.c | 6 +- fs/jfs/file.c | 3 + fs/jfs/inode.c | 2 +- fs/jfs/jfs_dmap.c | 6 ++ fs/libfs.c | 4 +- fs/nfs/blocklayout/blocklayout.c | 4 +- fs/nfs/blocklayout/dev.c | 5 +- fs/nfs/blocklayout/extent_tree.c | 20 +++- fs/nfs/client.c | 44 ++++++++- fs/nfs/internal.h | 2 +- fs/nfs/nfs4client.c | 20 +--- fs/nfs/nfs4proc.c | 2 +- fs/nfs/pnfs.c | 11 ++- fs/nfsd/nfs4state.c | 34 ++++++- fs/ntfs3/dir.c | 3 + fs/ntfs3/inode.c | 31 +++--- fs/orangefs/orangefs-debugfs.c | 2 +- fs/pidfs.c | 2 + fs/proc/task_mmu.c | 6 +- fs/smb/client/cifssmb.c | 10 ++ fs/smb/client/compress.c | 61 +++--------- fs/smb/client/connect.c | 10 +- fs/smb/client/sess.c | 9 ++ fs/smb/client/smb2ops.c | 11 ++- fs/smb/client/smbdirect.c | 25 ++--- fs/smb/server/smb2pdu.c | 16 +-- fs/tracefs/inode.c | 11 +++ fs/udf/super.c | 13 ++- fs/xfs/scrub/trace.h | 2 +- include/linux/blk_types.h | 6 +- include/linux/blkdev.h | 55 +++++++++++ include/linux/hypervisor.h | 3 + include/linux/if_vlan.h | 21 ++-- include/linux/libata.h | 1 + include/linux/memory-tiers.h | 2 +- include/linux/mfd/tps6594.h | 1 + include/linux/packing.h | 6 +- include/linux/pci.h | 16 ++- include/linux/sbitmap.h | 6 +- include/linux/skbuff.h | 8 +- include/linux/usb/cdc_ncm.h | 1 + include/linux/virtio_vsock.h | 7 +- include/net/cfg80211.h | 2 +- include/net/kcm.h | 1 - include/net/mac80211.h | 4 + include/net/neighbour.h | 1 + include/net/net_namespace.h | 16 +++ include/net/sock.h | 1 + include/trace/events/thp.h | 2 + include/uapi/linux/in6.h | 4 +- include/uapi/linux/io_uring.h | 2 +- include/uapi/linux/pci_regs.h | 1 + io_uring/rw.c | 2 +- kernel/bpf/verifier.c | 7 +- kernel/module/main.c | 10 +- kernel/power/console.c | 7 +- kernel/printk/nbcon.c | 63 +++++++----- kernel/rcu/tree.c | 2 + kernel/rcu/tree.h | 14 ++- kernel/rcu/tree_nocb.h | 5 +- kernel/rcu/tree_plugin.h | 44 ++++++--- kernel/sched/deadline.c | 4 +- kernel/sched/fair.c | 19 +++- kernel/sched/rt.c | 6 ++ lib/sbitmap.c | 56 +++++------ mm/damon/core.c | 1 + mm/kmemleak.c | 10 +- mm/ptdump.c | 2 + mm/slub.c | 7 +- mm/userfaultfd.c | 15 +-- net/bluetooth/hci_sock.c | 2 +- net/core/ieee8021q_helpers.c | 44 +++------ net/core/neighbour.c | 12 ++- net/core/net_namespace.c | 8 +- net/core/sock.c | 27 +++++- net/ipv4/route.c | 1 - net/ipv4/udp_offload.c | 2 +- net/ipv6/addrconf.c | 7 +- net/ipv6/mcast.c | 11 +-- net/kcm/kcmsock.c | 10 +- net/mac80211/cfg.c | 12 +-- net/mac80211/chan.c | 1 + net/mac80211/link.c | 9 +- net/mac80211/mlme.c | 12 ++- net/mac80211/rx.c | 12 ++- net/mctp/af_mctp.c | 28 +++++- net/mptcp/subflow.c | 5 +- net/ncsi/internal.h | 2 +- net/ncsi/ncsi-rsp.c | 1 + net/netfilter/nf_conntrack_netlink.c | 24 ++--- net/netfilter/nft_set_pipapo.c | 9 +- net/netlink/af_netlink.c | 12 +-- net/rds/tcp.c | 8 +- net/sched/sch_ets.c | 11 ++- net/sctp/input.c | 2 +- net/smc/af_smc.c | 5 +- net/sunrpc/svcsock.c | 5 +- net/sunrpc/xprtsock.c | 8 +- net/tls/tls.h | 2 +- net/tls/tls_strp.c | 11 ++- net/tls/tls_sw.c | 3 +- net/vmw_vsock/virtio_transport.c | 2 +- net/wireless/mlme.c | 3 +- net/xfrm/xfrm_state.c | 74 ++++++++------ rust/Makefile | 13 ++- scripts/kconfig/gconf.c | 8 +- scripts/kconfig/lxdialog/inputbox.c | 6 +- scripts/kconfig/lxdialog/menubox.c | 2 +- scripts/kconfig/nconf.c | 2 + scripts/kconfig/nconf.gui.c | 1 + security/apparmor/domain.c | 52 +++++----- security/apparmor/file.c | 6 +- security/apparmor/include/lib.h | 6 +- security/inode.c | 2 - sound/core/pcm_native.c | 19 +++- sound/pci/hda/hda_codec.c | 44 +++------ sound/pci/hda/patch_ca0132.c | 2 +- sound/pci/hda/patch_realtek.c | 3 + sound/pci/intel8x0.c | 2 +- sound/soc/codecs/hdac_hdmi.c | 10 +- sound/soc/codecs/rt5640.c | 5 + sound/soc/fsl/fsl_sai.c | 20 ++-- sound/soc/intel/avs/core.c | 3 +- sound/soc/qcom/lpass-platform.c | 27 ++++-- sound/soc/soc-core.c | 3 + sound/soc/soc-dapm.c | 4 + sound/soc/sof/topology.c | 15 ++- sound/usb/mixer_quirks.c | 14 +-- sound/usb/stream.c | 25 ++++- sound/usb/validate.c | 12 +++ tools/bootconfig/main.c | 24 ++--- tools/bpf/bpftool/main.c | 6 +- tools/hv/hv_fcopy_uio_daemon.c | 91 ++++++++++++++++-- tools/include/nolibc/std.h | 4 +- tools/include/nolibc/types.h | 4 +- tools/lib/bpf/libbpf.c | 5 + .../cpupower/utils/idle_monitor/mperf_monitor.c | 4 +- tools/power/x86/turbostat/turbostat.c | 14 ++- tools/scripts/Makefile.include | 4 +- tools/testing/ktest/ktest.pl | 5 +- tools/testing/selftests/arm64/fp/sve-ptrace.c | 3 +- tools/testing/selftests/bpf/prog_tests/ringbuf.c | 4 +- .../selftests/bpf/prog_tests/user_ringbuf.c | 10 +- .../selftests/bpf/progs/test_ringbuf_write.c | 4 +- .../testing/selftests/bpf/progs/verifier_unpriv.c | 2 +- .../ftrace/test.d/ftrace/func-filter-glob.tc | 2 +- tools/testing/selftests/futex/include/futextest.h | 11 +++ tools/testing/selftests/net/netfilter/config | 2 +- tools/testing/selftests/vDSO/vdso_test_getrandom.c | 6 +- 473 files changed, 4331 insertions(+), 1862 deletions(-)

3 weeks

14
459
0 0

[PATCH] firmware: exynos-acpm: fix PMIC returned errno

by Tudor Ambarus

ACPM PMIC command handlers returned a u8 value when they should have returned either zero or negative error codes. Translate the APM PMIC errno to linux errno. Reported-by: Dan Carpenter <dan.carpenter(a)linaro.org> Closes: https://lore.kernel.org/linux-input/aElHlTApXj-W_o1r@stanley.mountain/ Fixes: a88927b534ba ("firmware: add Exynos ACPM protocol driver") Cc: stable(a)vger.kernel.org Signed-off-by: Tudor Ambarus <tudor.ambarus(a)linaro.org> --- drivers/firmware/samsung/exynos-acpm-pmic.c | 36 +++++++++++++++++++++++++---- 1 file changed, 31 insertions(+), 5 deletions(-) diff --git a/drivers/firmware/samsung/exynos-acpm-pmic.c b/drivers/firmware/samsung/exynos-acpm-pmic.c index 39b33a356ebd240506b6390163229a70a2d1fe68..a355ee194027c09431f275f0fd296f45652af536 100644 --- a/drivers/firmware/samsung/exynos-acpm-pmic.c +++ b/drivers/firmware/samsung/exynos-acpm-pmic.c @@ -5,6 +5,7 @@ * Copyright 2024 Linaro Ltd. */ #include <linux/bitfield.h> +#include <linux/errno.h> #include <linux/firmware/samsung/exynos-acpm-protocol.h> #include <linux/ktime.h> #include <linux/types.h> @@ -33,6 +34,26 @@ enum exynos_acpm_pmic_func { ACPM_PMIC_BULK_WRITE, }; +enum acpm_pmic_error_codes { + ACPM_PMIC_SUCCESS = 0, + ACPM_PMIC_ERR_READ = 1, + ACPM_PMIC_ERR_WRITE = 2, + ACPM_PMIC_ERR_MAX +}; + +static int acpm_pmic_linux_errmap[ACPM_PMIC_ERR_MAX] = { + 0, /* ACPM_PMIC_SUCCESS */ + -EACCES, /* Read register can't be accessed or issues to access it. */ + -EACCES, /* Write register can't be accessed or issues to access it. */ +}; + +static inline int acpm_pmic_to_linux_errno(int errno) +{ + if (errno >= ACPM_PMIC_SUCCESS && errno < ACPM_PMIC_ERR_MAX) + return acpm_pmic_linux_errmap[errno]; + return -EIO; +} + static inline u32 acpm_pmic_set_bulk(u32 data, unsigned int i) { return (data & ACPM_PMIC_BULK_MASK) << (ACPM_PMIC_BULK_SHIFT * i); @@ -79,7 +100,8 @@ int acpm_pmic_read_reg(const struct acpm_handle *handle, *buf = FIELD_GET(ACPM_PMIC_VALUE, xfer.rxd[1]); - return FIELD_GET(ACPM_PMIC_RETURN, xfer.rxd[1]); + return acpm_pmic_to_linux_errno(FIELD_GET(ACPM_PMIC_RETURN, + xfer.rxd[1])); } static void acpm_pmic_init_bulk_read_cmd(u32 cmd[4], u8 type, u8 reg, u8 chan, @@ -110,7 +132,8 @@ int acpm_pmic_bulk_read(const struct acpm_handle *handle, if (ret) return ret; - ret = FIELD_GET(ACPM_PMIC_RETURN, xfer.rxd[1]); + ret = acpm_pmic_to_linux_errno(FIELD_GET(ACPM_PMIC_RETURN, + xfer.rxd[1])); if (ret) return ret; @@ -150,7 +173,8 @@ int acpm_pmic_write_reg(const struct acpm_handle *handle, if (ret) return ret; - return FIELD_GET(ACPM_PMIC_RETURN, xfer.rxd[1]); + return acpm_pmic_to_linux_errno(FIELD_GET(ACPM_PMIC_RETURN, + xfer.rxd[1])); } static void acpm_pmic_init_bulk_write_cmd(u32 cmd[4], u8 type, u8 reg, u8 chan, @@ -190,7 +214,8 @@ int acpm_pmic_bulk_write(const struct acpm_handle *handle, if (ret) return ret; - return FIELD_GET(ACPM_PMIC_RETURN, xfer.rxd[1]); + return acpm_pmic_to_linux_errno(FIELD_GET(ACPM_PMIC_RETURN, + xfer.rxd[1])); } static void acpm_pmic_init_update_cmd(u32 cmd[4], u8 type, u8 reg, u8 chan, @@ -220,5 +245,6 @@ int acpm_pmic_update_reg(const struct acpm_handle *handle, if (ret) return ret; - return FIELD_GET(ACPM_PMIC_RETURN, xfer.rxd[1]); + return acpm_pmic_to_linux_errno(FIELD_GET(ACPM_PMIC_RETURN, + xfer.rxd[1])); } --- base-commit: c17b750b3ad9f45f2b6f7e6f7f4679844244f0b9 change-id: 20250820-acpm-pmix-fix-errno-92b3e6e17d1b Best regards, -- Tudor Ambarus <tudor.ambarus(a)linaro.org>

3 weeks

2
2
0 0

[PATCH AUTOSEL 6.16-5.15] fs: writeback: fix use-after-free in __mark_inode_dirty()

by Sasha Levin

From: Jiufei Xue <jiufei.xue(a)samsung.com> [ Upstream commit d02d2c98d25793902f65803ab853b592c7a96b29 ] An use-after-free issue occurred when __mark_inode_dirty() get the bdi_writeback that was in the progress of switching. CPU: 1 PID: 562 Comm: systemd-random- Not tainted 6.6.56-gb4403bd46a8e #1 ...... pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __mark_inode_dirty+0x124/0x418 lr : __mark_inode_dirty+0x118/0x418 sp : ffffffc08c9dbbc0 ........ Call trace: __mark_inode_dirty+0x124/0x418 generic_update_time+0x4c/0x60 file_modified+0xcc/0xd0 ext4_buffered_write_iter+0x58/0x124 ext4_file_write_iter+0x54/0x704 vfs_write+0x1c0/0x308 ksys_write+0x74/0x10c __arm64_sys_write+0x1c/0x28 invoke_syscall+0x48/0x114 el0_svc_common.constprop.0+0xc0/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x40/0xe4 el0t_64_sync_handler+0x120/0x12c el0t_64_sync+0x194/0x198 Root cause is: systemd-random-seed kworker ---------------------------------------------------------------------- ___mark_inode_dirty inode_switch_wbs_work_fn spin_lock(&inode->i_lock); inode_attach_wb locked_inode_to_wb_and_lock_list get inode->i_wb spin_unlock(&inode->i_lock); spin_lock(&wb->list_lock) spin_lock(&inode->i_lock) inode_io_list_move_locked spin_unlock(&wb->list_lock) spin_unlock(&inode->i_lock) spin_lock(&old_wb->list_lock) inode_do_switch_wbs spin_lock(&inode->i_lock) inode->i_wb = new_wb spin_unlock(&inode->i_lock) spin_unlock(&old_wb->list_lock) wb_put_many(old_wb, nr_switched) cgwb_release old wb released wb_wakeup_delayed() accesses wb, then trigger the use-after-free issue Fix this race condition by holding inode spinlock until wb_wakeup_delayed() finished. Signed-off-by: Jiufei Xue <jiufei.xue(a)samsung.com> Link: https://lore.kernel.org/20250728100715.3863241-1-jiufei.xue@samsung.com Reviewed-by: Jan Kara <jack(a)suse.cz> Signed-off-by: Christian Brauner <brauner(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- LLM Generated explanations, may be completely bogus: Based on my thorough analysis of the commit and the kernel code, here's my assessment: **Backport Status: YES** ## Extensive Explanation: This commit fixes a **critical use-after-free vulnerability** in the writeback subsystem that should definitely be backported to stable kernel trees. Here's why: ### 1. **Real Security Bug with Clear Impact** The commit fixes a genuine use-after-free vulnerability that occurs in `__mark_inode_dirty()`. The bug manifests as a kernel crash with a clear call trace showing memory corruption. This is not a theoretical issue - it has been observed in production (kernel 6.6.56). ### 2. **Race Condition Details** The race condition occurs between two concurrent operations: - **Thread A** (`__mark_inode_dirty`): Gets a reference to `inode->i_wb`, releases the inode lock, then calls `wb_wakeup_delayed(wb)` - **Thread B** (`inode_switch_wbs_work_fn`): Switches the inode's writeback context, releases the old wb via `wb_put_many()`, which can trigger `cgwb_release` and free the wb structure The vulnerability window exists because Thread A accesses the wb structure (`wb_wakeup_delayed(wb)`) after releasing the inode lock but before completing its operation, while Thread B can free that same wb structure in parallel. ### 3. **Minimal and Contained Fix** The fix is remarkably simple and surgical - it only reorders lock releases: ```c - spin_unlock(&wb->list_lock); - spin_unlock(&inode->i_lock); - trace_writeback_dirty_inode_enqueue(inode); - if (wakeup_bdi && (wb->bdi->capabilities & BDI_CAP_WRITEBACK)) wb_wakeup_delayed(wb); + + spin_unlock(&wb->list_lock); + spin_unlock(&inode->i_lock); + trace_writeback_dirty_inode_enqueue(inode); ``` The fix ensures that `wb_wakeup_delayed()` is called while still holding the locks, preventing the wb from being freed during the operation. This is a classic lock ordering fix with minimal code change (just moving 3 lines). ### 4. **Critical Subsystem** The writeback subsystem is fundamental to filesystem operations - it handles dirty page writeback, inode management, and I/O scheduling. A use-after-free here can lead to: - System crashes/panics - Data corruption - Security vulnerabilities (potential for exploitation) ### 5. **Matches Stable Criteria** This fix perfectly aligns with stable kernel rules: - **Fixes a real bug**: Documented use-after-free with crash trace - **Already upstream**: Has been reviewed by Jan Kara (filesystem maintainer) and merged by Christian Brauner - **Small change**: Only 6 lines moved, no new logic - **No new features**: Pure bug fix - **Low regression risk**: Simply extends existing lock protection slightly ### 6. **Similar Historical Fixes** The git history shows multiple similar use-after-free fixes in this subsystem have been backported: - `f87904c07551` - writeback: avoid use-after-free after removing device - `8e00c4e9dd85` - writeback: fix use-after-free in finish_writeback_work() - `614a4e377314` - writeback, cgroup: fix premature wb_put() ### 7. **CONFIG_CGROUP_WRITEBACK Dependency** While this bug primarily affects systems with `CONFIG_CGROUP_WRITEBACK` enabled (used for cgroup-aware writeback), this is a common configuration in modern distributions, especially those using cgroups v2 for container workloads. ### 8. **No Side Effects** The change has no functional side effects beyond fixing the race: - The trace event still fires at the same logical point - The wb_wakeup_delayed() still executes under the same conditions - Only the lock hold duration is slightly extended to cover the wb access This is a textbook example of a commit that should be backported to stable kernels - it fixes a serious bug with minimal, well-understood changes in a critical subsystem. fs/fs-writeback.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/fs/fs-writeback.c b/fs/fs-writeback.c index cc57367fb641..a07b8cf73ae2 100644 --- a/fs/fs-writeback.c +++ b/fs/fs-writeback.c @@ -2608,10 +2608,6 @@ void __mark_inode_dirty(struct inode *inode, int flags) wakeup_bdi = inode_io_list_move_locked(inode, wb, dirty_list); - spin_unlock(&wb->list_lock); - spin_unlock(&inode->i_lock); - trace_writeback_dirty_inode_enqueue(inode); - /* * If this is the first dirty inode for this bdi, * we have to wake-up the corresponding bdi thread @@ -2621,6 +2617,11 @@ void __mark_inode_dirty(struct inode *inode, int flags) if (wakeup_bdi && (wb->bdi->capabilities & BDI_CAP_WRITEBACK)) wb_wakeup_delayed(wb); + + spin_unlock(&wb->list_lock); + spin_unlock(&inode->i_lock); + trace_writeback_dirty_inode_enqueue(inode); + return; } } -- 2.50.1

3 weeks

1
10
0 0

FAILED: patch "[PATCH] x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x d8df126349dad855cdfedd6bbf315bad2e901c2f # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025082517-crazily-renewed-62e6@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d8df126349dad855cdfedd6bbf315bad2e901c2f Mon Sep 17 00:00:00 2001 From: Tianxiang Peng <txpeng(a)tencent.com> Date: Mon, 23 Jun 2025 17:31:53 +0800 Subject: [PATCH] x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Since 923f3a2b48bd ("x86/resctrl: Query LLC monitoring properties once during boot") resctrl_cpu_detect() has been moved from common CPU initialization code to the vendor-specific BSP init helper, while Hygon didn't put that call in their code. This triggers a division by zero fault during early booting stage on our machines with X86_FEATURE_CQM* supported, where get_rdt_mon_resources() tries to calculate mon_l3_config with uninitialized boot_cpu_data.x86_cache_occ_scale. Add the missing resctrl_cpu_detect() in the Hygon BSP init helper. [ bp: Massage commit message. ] Fixes: 923f3a2b48bd ("x86/resctrl: Query LLC monitoring properties once during boot") Signed-off-by: Tianxiang Peng <txpeng(a)tencent.com> Signed-off-by: Borislav Petkov (AMD) <bp(a)alien8.de> Reviewed-by: Hui Li <caelli(a)tencent.com> Cc: <stable(a)kernel.org> Link: https://lore.kernel.org/20250623093153.3016937-1-txpeng@tencent.com diff --git a/arch/x86/kernel/cpu/hygon.c b/arch/x86/kernel/cpu/hygon.c index 2154f12766fb..1fda6c3a2b65 100644 --- a/arch/x86/kernel/cpu/hygon.c +++ b/arch/x86/kernel/cpu/hygon.c @@ -16,6 +16,7 @@ #include <asm/spec-ctrl.h> #include <asm/delay.h> #include <asm/msr.h> +#include <asm/resctrl.h> #include "cpu.h" @@ -117,6 +118,8 @@ static void bsp_init_hygon(struct cpuinfo_x86 *c) x86_amd_ls_cfg_ssbd_mask = 1ULL << 10; } } + + resctrl_cpu_detect(c); } static void early_init_hygon(struct cpuinfo_x86 *c)

3 weeks

2
1
0 0

[PATCH] EDAC: altera: Delete an inappropriate dma_free_coherent() call in altr_sdr_mc_err_inject_write()

by Salah Triki

`dma_free_coherent()` must only be called if the corresponding `dma_alloc_coherent()` call has succeeded. Calling it when the allocation fails leads to undefined behavior. Add a check to ensure that the memory is only freed when the allocation was successful. Signed-off-by: Salah Triki <salah.triki(a)gmail.com> Fixes: 71bcada88b0f3 ("edac: altera: Add Altera SDRAM EDAC support") Cc: Markus Elfring <Markus.Elfring(a)web.de> Cc: Dinh Nguyen <dinguyen(a)kernel.org> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Tony Luck <tony.luck(a)intel.com> Cc: James Morse <james.morse(a)arm.com> Cc: Mauro Carvalho Chehab <mchehab(a)kernel.org> Cc: Robert Richter <rric(a)kernel.org> Cc: linux-edac(a)vger.kernel.org Cc: linux-kernel(a)vger.kernel.org Cc: stable(a)vger.kernel.org --- drivers/edac/altera_edac.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/edac/altera_edac.c b/drivers/edac/altera_edac.c index cae52c654a15..7685a8550d4b 100644 --- a/drivers/edac/altera_edac.c +++ b/drivers/edac/altera_edac.c @@ -128,7 +128,6 @@ static ssize_t altr_sdr_mc_err_inject_write(struct file *file, ptemp = dma_alloc_coherent(mci->pdev, 16, &dma_handle, GFP_KERNEL); if (!ptemp) { - dma_free_coherent(mci->pdev, 16, ptemp, dma_handle); edac_printk(KERN_ERR, EDAC_MC, "Inject: Buffer Allocation error\n"); return -ENOMEM; -- 2.43.0

3 weeks

4
3
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror