November 2022 - Linux-stable-mirror

[PATCH 1/2] mm/migrate: Fix read-only page got writable when recover pte

by Peter Xu

Ives van Hoorne from codesandbox.io reported an issue regarding possible data loss of uffd-wp when applied to memfds on heavily loaded systems. The sympton is some read page got data mismatch from the snapshot child VMs. Here I can also reproduce with a Rust reproducer that was provided by Ives that keeps taking snapshot of a 256MB VM, on a 32G system when I initiate 80 instances I can trigger the issues in ten minutes. It turns out that we got some pages write-through even if uffd-wp is applied to the pte. The problem is, when removing migration entries, we didn't really worry about write bit as long as we know it's not a write migration entry. That may not be true, for some memory types (e.g. writable shmem) mk_pte can return a pte with write bit set, then to recover the migration entry to its original state we need to explicit wr-protect the pte or it'll has the write bit set if it's a read migration entry. For uffd it can cause write-through. I didn't verify, but I think it'll be the same for mprotect()ed pages and after migration we can miss the sigbus instead. The relevant code on uffd was introduced in the anon support, which is commit f45ec5ff16a7 ("userfaultfd: wp: support swap and page migration", 2020-04-07). However anon shouldn't suffer from this problem because anon should already have the write bit cleared always, so that may not be a proper Fixes target. To satisfy the need on the backport, I'm attaching the Fixes tag to the uffd-wp shmem support. Since no one had issue with mprotect, so I assume that's also the kernel version we should start to backport for stable, and we shouldn't need to worry before that. Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: stable(a)vger.kernel.org Fixes: b1f9e876862d ("mm/uffd: enable write protection for shmem & hugetlbfs") Reported-by: Ives van Hoorne <ives(a)codesandbox.io> Signed-off-by: Peter Xu <peterx(a)redhat.com> --- mm/migrate.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/mm/migrate.c b/mm/migrate.c index dff333593a8a..8b6351c08c78 100644 --- a/mm/migrate.c +++ b/mm/migrate.c @@ -213,8 +213,14 @@ static bool remove_migration_pte(struct folio *folio, pte = pte_mkdirty(pte); if (is_writable_migration_entry(entry)) pte = maybe_mkwrite(pte, vma); - else if (pte_swp_uffd_wp(*pvmw.pte)) + else + /* NOTE: mk_pte can have write bit set */ + pte = pte_wrprotect(pte); + + if (pte_swp_uffd_wp(*pvmw.pte)) { + WARN_ON_ONCE(pte_write(pte)); pte = pte_mkuffd_wp(pte); + } if (folio_test_anon(folio) && !is_readable_migration_entry(entry)) rmap_flags |= RMAP_EXCLUSIVE; -- 2.37.3

2 years, 2 months

1
0
0 0

[PATCH v5] ceph: fix NULL pointer dereference for req->r_session

by xiubli＠redhat.com

From: Xiubo Li <xiubli(a)redhat.com> The request's r_session maybe changed when it was forwarded or resent. Both the forwarding and resending cases the requests will be protected by the mdsc->mutex. Cc: stable(a)vger.kernel.org URL: https://bugzilla.redhat.com/show_bug.cgi?id=2137955 Signed-off-by: Xiubo Li <xiubli(a)redhat.com> --- Changed in V5: - simplify the code by removing the "unlikely(s->s_mds >= max_sessions)" check. Changed in V4: - move mdsc->mutex acquisition and max_sessions assignment into "if (req1 || req2)" branch fs/ceph/caps.c | 48 ++++++++++++------------------------------------ 1 file changed, 12 insertions(+), 36 deletions(-) diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c index 894adfb4a092..065e9311b607 100644 --- a/fs/ceph/caps.c +++ b/fs/ceph/caps.c @@ -2297,7 +2297,6 @@ static int flush_mdlog_and_wait_inode_unsafe_requests(struct inode *inode) struct ceph_mds_client *mdsc = ceph_sb_to_client(inode->i_sb)->mdsc; struct ceph_inode_info *ci = ceph_inode(inode); struct ceph_mds_request *req1 = NULL, *req2 = NULL; - unsigned int max_sessions; int ret, err = 0; spin_lock(&ci->i_unsafe_lock); @@ -2315,28 +2314,24 @@ static int flush_mdlog_and_wait_inode_unsafe_requests(struct inode *inode) } spin_unlock(&ci->i_unsafe_lock); - /* - * The mdsc->max_sessions is unlikely to be changed - * mostly, here we will retry it by reallocating the - * sessions array memory to get rid of the mdsc->mutex - * lock. - */ -retry: - max_sessions = mdsc->max_sessions; - /* * Trigger to flush the journal logs in all the relevant MDSes * manually, or in the worst case we must wait at most 5 seconds * to wait the journal logs to be flushed by the MDSes periodically. */ - if ((req1 || req2) && likely(max_sessions)) { - struct ceph_mds_session **sessions = NULL; - struct ceph_mds_session *s; + if (req1 || req2) { struct ceph_mds_request *req; + struct ceph_mds_session **sessions; + struct ceph_mds_session *s; + unsigned int max_sessions; int i; + mutex_lock(&mdsc->mutex); + max_sessions = mdsc->max_sessions; + sessions = kcalloc(max_sessions, sizeof(s), GFP_KERNEL); if (!sessions) { + mutex_unlock(&mdsc->mutex); err = -ENOMEM; goto out; } @@ -2348,16 +2343,6 @@ static int flush_mdlog_and_wait_inode_unsafe_requests(struct inode *inode) s = req->r_session; if (!s) continue; - if (unlikely(s->s_mds >= max_sessions)) { - spin_unlock(&ci->i_unsafe_lock); - for (i = 0; i < max_sessions; i++) { - s = sessions[i]; - if (s) - ceph_put_mds_session(s); - } - kfree(sessions); - goto retry; - } if (!sessions[s->s_mds]) { s = ceph_get_mds_session(s); sessions[s->s_mds] = s; @@ -2370,16 +2355,6 @@ static int flush_mdlog_and_wait_inode_unsafe_requests(struct inode *inode) s = req->r_session; if (!s) continue; - if (unlikely(s->s_mds >= max_sessions)) { - spin_unlock(&ci->i_unsafe_lock); - for (i = 0; i < max_sessions; i++) { - s = sessions[i]; - if (s) - ceph_put_mds_session(s); - } - kfree(sessions); - goto retry; - } if (!sessions[s->s_mds]) { s = ceph_get_mds_session(s); sessions[s->s_mds] = s; @@ -2391,11 +2366,12 @@ static int flush_mdlog_and_wait_inode_unsafe_requests(struct inode *inode) /* the auth MDS */ spin_lock(&ci->i_ceph_lock); if (ci->i_auth_cap) { - s = ci->i_auth_cap->session; - if (!sessions[s->s_mds]) - sessions[s->s_mds] = ceph_get_mds_session(s); + s = ci->i_auth_cap->session; + if (!sessions[s->s_mds]) + sessions[s->s_mds] = ceph_get_mds_session(s); } spin_unlock(&ci->i_ceph_lock); + mutex_unlock(&mdsc->mutex); /* send flush mdlog request to MDSes */ for (i = 0; i < max_sessions; i++) { -- 2.31.1

2 years, 2 months

3
2
0 0

[PATCH v4] ceph: fix NULL pointer dereference for req->r_session

by xiubli＠redhat.com

From: Xiubo Li <xiubli(a)redhat.com> The request's r_session maybe changed when it was forwarded or resent. Cc: stable(a)vger.kernel.org URL: https://bugzilla.redhat.com/show_bug.cgi?id=2137955 Signed-off-by: Xiubo Li <xiubli(a)redhat.com> --- Changed in V4: - move mdsc->mutex acquisition and max_sessions assignment into "if (req1 || req2)" branch fs/ceph/caps.c | 54 +++++++++++++++----------------------------------- 1 file changed, 16 insertions(+), 38 deletions(-) diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c index 894adfb4a092..1c84be839087 100644 --- a/fs/ceph/caps.c +++ b/fs/ceph/caps.c @@ -2297,7 +2297,6 @@ static int flush_mdlog_and_wait_inode_unsafe_requests(struct inode *inode) struct ceph_mds_client *mdsc = ceph_sb_to_client(inode->i_sb)->mdsc; struct ceph_inode_info *ci = ceph_inode(inode); struct ceph_mds_request *req1 = NULL, *req2 = NULL; - unsigned int max_sessions; int ret, err = 0; spin_lock(&ci->i_unsafe_lock); @@ -2315,28 +2314,24 @@ static int flush_mdlog_and_wait_inode_unsafe_requests(struct inode *inode) } spin_unlock(&ci->i_unsafe_lock); - /* - * The mdsc->max_sessions is unlikely to be changed - * mostly, here we will retry it by reallocating the - * sessions array memory to get rid of the mdsc->mutex - * lock. - */ -retry: - max_sessions = mdsc->max_sessions; - /* * Trigger to flush the journal logs in all the relevant MDSes * manually, or in the worst case we must wait at most 5 seconds * to wait the journal logs to be flushed by the MDSes periodically. */ - if ((req1 || req2) && likely(max_sessions)) { - struct ceph_mds_session **sessions = NULL; - struct ceph_mds_session *s; + if (req1 || req2) { struct ceph_mds_request *req; + struct ceph_mds_session **sessions; + struct ceph_mds_session *s; + unsigned int max_sessions; int i; + mutex_lock(&mdsc->mutex); + max_sessions = mdsc->max_sessions; + sessions = kcalloc(max_sessions, sizeof(s), GFP_KERNEL); if (!sessions) { + mutex_unlock(&mdsc->mutex); err = -ENOMEM; goto out; } @@ -2346,18 +2341,8 @@ static int flush_mdlog_and_wait_inode_unsafe_requests(struct inode *inode) list_for_each_entry(req, &ci->i_unsafe_dirops, r_unsafe_dir_item) { s = req->r_session; - if (!s) + if (!s || unlikely(s->s_mds >= max_sessions)) continue; - if (unlikely(s->s_mds >= max_sessions)) { - spin_unlock(&ci->i_unsafe_lock); - for (i = 0; i < max_sessions; i++) { - s = sessions[i]; - if (s) - ceph_put_mds_session(s); - } - kfree(sessions); - goto retry; - } if (!sessions[s->s_mds]) { s = ceph_get_mds_session(s); sessions[s->s_mds] = s; @@ -2368,18 +2353,8 @@ static int flush_mdlog_and_wait_inode_unsafe_requests(struct inode *inode) list_for_each_entry(req, &ci->i_unsafe_iops, r_unsafe_target_item) { s = req->r_session; - if (!s) + if (!s || unlikely(s->s_mds >= max_sessions)) continue; - if (unlikely(s->s_mds >= max_sessions)) { - spin_unlock(&ci->i_unsafe_lock); - for (i = 0; i < max_sessions; i++) { - s = sessions[i]; - if (s) - ceph_put_mds_session(s); - } - kfree(sessions); - goto retry; - } if (!sessions[s->s_mds]) { s = ceph_get_mds_session(s); sessions[s->s_mds] = s; @@ -2391,11 +2366,14 @@ static int flush_mdlog_and_wait_inode_unsafe_requests(struct inode *inode) /* the auth MDS */ spin_lock(&ci->i_ceph_lock); if (ci->i_auth_cap) { - s = ci->i_auth_cap->session; - if (!sessions[s->s_mds]) - sessions[s->s_mds] = ceph_get_mds_session(s); + s = ci->i_auth_cap->session; + if (likely(s->s_mds < max_sessions) && + !sessions[s->s_mds]) { + sessions[s->s_mds] = ceph_get_mds_session(s); + } } spin_unlock(&ci->i_ceph_lock); + mutex_unlock(&mdsc->mutex); /* send flush mdlog request to MDSes */ for (i = 0; i < max_sessions; i++) { -- 2.31.1

2 years, 2 months

3
2
0 0

[PATCH 6.0 000/197] 6.0.8-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.0.8 release. There are 197 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 10 Nov 2022 13:33:17 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.0.8-rc1.… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.0.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.0.8-rc1 Dokyung Song <dokyung.song(a)gmail.com> wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/sdvo: Setup DDC fully before output init Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/sdvo: Filter out invalid outputs more sensibly Leo Chen <sancchen(a)amd.com> drm/amd/display: Update DSC capabilitie for DCN314 Dillon Varone <Dillon.Varone(a)amd.com> drm/amd/display: Update latencies on DCN321 Graham Sider <Graham.Sider(a)amd.com> drm/amdgpu: disable GFXOFF during compute for GFX11 Brian Norris <briannorris(a)chromium.org> drm/rockchip: dsi: Force synchronous probe Brian Norris <briannorris(a)chromium.org> drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach Ronnie Sahlberg <lsahlber(a)redhat.com> cifs: fix regression in very old smb1 mounts Matthew Wilcox (Oracle) <willy(a)infradead.org> ext4,f2fs: fix readahead of verity data Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: update the emulation mode after CR0 write Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: update the emulation mode after rsm Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: introduce emulator_recalc_and_set_mode Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: em_sysexit should update ctxt->mode Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: smm: number of GPRs in the SMRAM image depends on the image format Marc Zyngier <maz(a)kernel.org> KVM: arm64: Fix SMPRI_EL1/TPIDR2_EL0 trapping on VHE Ryan Roberts <ryan.roberts(a)arm.com> KVM: arm64: Fix bad dereference on MTE-enabled systems Sean Christopherson <seanjc(a)google.com> KVM: Reject attempts to consume or refresh inactive gfn_to_pfn_cache Michal Luczaj <mhal(a)rbox.co> KVM: Initialize gfn_to_pfn_cache locks in dedicated helper Emanuele Giuseppe Esposito <eesposit(a)redhat.com> KVM: VMX: fully disable SGX if SECONDARY_EXEC_ENCLS_EXITING unavailable Sean Christopherson <seanjc(a)google.com> KVM: VMX: Ignore guest CPUID for host userspace writes to DEBUGCTL Sean Christopherson <seanjc(a)google.com> KVM: VMX: Fold vmx_supported_debugctl() into vcpu_supported_debugctl() Sean Christopherson <seanjc(a)google.com> KVM: VMX: Advertise PMU LBRs if and only if perf supports LBRs Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.8000001FH Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.80000001H Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.80000008H Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.8000001AH Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.80000006H Jiri Olsa <olsajiri(a)gmail.com> x86/syscall: Include asm/ptrace.h in syscall_wrapper header Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> x86/tdx: Panic on bad configs that #VE on "private" memory access Dave Hansen <dave.hansen(a)linux.intel.com> x86/tdx: Prepare for using "INFO" call for a second purpose Theodore Ts'o <tytso(a)mit.edu> ext4: update the backup superblock's at the end of the online resize Luís Henriques <lhenriques(a)suse.de> ext4: fix BUG_ON() when directory entry has invalid rec_len Ye Bin <yebin10(a)huawei.com> ext4: fix warning in 'ext4_da_release_space' Helge Deller <deller(a)gmx.de> parisc: Avoid printing the hardware path twice Helge Deller <deller(a)gmx.de> parisc: Export iosapic_serial_irq() symbol for serial port driver Helge Deller <deller(a)gmx.de> parisc: Make 8250_gsc driver dependend on CONFIG_PARISC Stefan Metzmacher <metze(a)samba.org> net: also flag accepted sockets supporting msghdr originated zerocopy Pavel Begunkov <asml.silence(a)gmail.com> net: remove SOCK_SUPPORT_ZC from sockmap Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Fix pebs event constraints for SPR Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[] Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Fix pebs event constraints for ICL Petr Benes <petr.benes(a)ysoft.com> ARM: dts: imx6dl-yapp4: Do not allow PM to switch PU regulator off on Q/QP Mark Rutland <mark.rutland(a)arm.com> arm64: entry: avoid kprobe recursion Pavel Begunkov <asml.silence(a)gmail.com> net/ulp: remove SOCK_SUPPORT_ZC from tls sockets Ard Biesheuvel <ardb(a)kernel.org> efi: efivars: Fix variable writes with unsupported query_variable_store() Ard Biesheuvel <ardb(a)kernel.org> efi: random: Use 'ACPI reclaim' memory for random seed Ard Biesheuvel <ardb(a)kernel.org> efi: random: reduce seed size to 32 bytes Mickaël Salaün <mic(a)digikod.net> selftests/landlock: Build without static libraries Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix readdir cache race Miklos Szeredi <mszeredi(a)redhat.com> fuse: add file_modified() to fallocate Gaosheng Cui <cuigaosheng1(a)huawei.com> capabilities: fix potential memleak on error path from vfs_getxattr_alloc() Zheng Yejian <zhengyejian1(a)huawei.com> tracing/histogram: Update document for KEYS_MAX size Rasmus Villemoes <linux(a)rasmusvillemoes.dk> tools/nolibc/string: Fix memcmp() implementation Steven Rostedt (Google) <rostedt(a)goodmis.org> ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters() Li Qiang <liq3ea(a)163.com> kprobe: reverse kp->flags when arm_kprobe failed Shang XiaoJing <shangxiaojing(a)huawei.com> tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd() Rafael Mendonca <rafaelmendsr(a)gmail.com> fprobe: Check rethook_alloc() return in rethook initialization Masami Hiramatsu (Google) <mhiramat(a)kernel.org> tracing/fprobe: Fix to check whether fprobe is registered correctly Li Huafei <lihuafei1(a)huawei.com> ftrace: Fix use-after-free for dynamic ftrace_ops Dan Williams <dan.j.williams(a)intel.com> cxl/region: Fix 'distance' calculation with passthrough ports Dan Williams <dan.j.williams(a)intel.com> cxl/region: Fix cxl_region leak, cleanup targets at region delete Dan Williams <dan.j.williams(a)intel.com> cxl/region: Fix region HPA ordering validation Vishal Verma <vishal.l.verma(a)intel.com> cxl/region: Fix decoder allocation crash Dan Williams <dan.j.williams(a)intel.com> cxl/pmem: Fix cxl_pmem_region and cxl_memdev leak Dan Williams <dan.j.williams(a)intel.com> ACPI: NUMA: Add CXL CFMWS 'nodes' to the possible nodes set Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> btrfs: fix a memory allocation failure test in btrfs_submit_direct Qu Wenruo <wqu(a)suse.com> btrfs: don't use btrfs_chunk::sub_stripes from disk David Sterba <dsterba(a)suse.com> btrfs: fix type of parameter generation in btrfs_get_dentry Josef Bacik <josef(a)toxicpanda.com> btrfs: fix tree mod log mishandling of reallocated nodes Filipe Manana <fdmanana(a)suse.com> btrfs: fix lost file sync on direct IO write with nowait and dsync iocb Geert Uytterhoeven <geert+renesas(a)glider.be> clk: renesas: r8a779g0: Add SASYNCPER clocks Eric Biggers <ebiggers(a)google.com> fscrypt: fix keyring memory leak on mount failure Eric Biggers <ebiggers(a)google.com> fscrypt: stop using keyrings subsystem for fscrypt_master_key Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix attempting to access uninitialized memory Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM Chen Zhongjin <chenzhongjin(a)huawei.com> i2c: piix4: Fix adapter not be removed in piix4_remove() Cristian Marussi <cristian.marussi(a)arm.com> arm64: dts: juno: Add thermal critical trip points Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Fix deferred_tx_wq release on error paths Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Fix devres allocation device in virtio transport Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Make Rx chan_setup fail on memory errors Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Suppress the driver's bind attributes Linus Walleij <linus.walleij(a)linaro.org> ARM: dts: ux500: Add trips to battery thermal zones Chen Jun <chenjun102(a)huawei.com> blk-mq: Fix kmemleak in blk_mq_init_allocated_queue Chen Zhongjin <chenzhongjin(a)huawei.com> block: Fix possible memory leak for rq_wb on add_disk failure Ming Lei <ming.lei(a)redhat.com> ublk_drv: return flag of UBLK_F_URING_CMD_COMP_IN_TASK in case of module Robert Beckett <bob.beckett(a)collabora.com> drm/i915: stop abusing swiotlb_max_segment John Keeping <john(a)metanate.com> drm/rockchip: fix fbdev on non-IOMMU devices Aurelien Jarno <aurelien(a)aurel32.net> drm/rockchip: dw_hdmi: filter regulator -EPROBE_DEFER error messages Ioana Ciornei <ioana.ciornei(a)nxp.com> arm64: dts: ls208xa: specify clock frequencies for the MDIO controllers Ioana Ciornei <ioana.ciornei(a)nxp.com> arm64: dts: ls1088a: specify clock frequencies for the MDIO controllers Ioana Ciornei <ioana.ciornei(a)nxp.com> arm64: dts: lx2160a: specify clock frequencies for the MDIO controllers Peng Fan <peng.fan(a)nxp.com> arm64: dts: imx93: correct gpio-ranges Peng Fan <peng.fan(a)nxp.com> arm64: dts: imx93: add gpio clk Peng Fan <peng.fan(a)nxp.com> arm64: dts: imx8: correct clock order Tim Harvey <tharvey(a)gateworks.com> ARM: dts: imx6qdl-gw59{10,13}: fix user pushbutton GPIO offset Li Jun <jun.li(a)nxp.com> arm64: dts: imx8mn: Correct the usb power domain Li Jun <jun.li(a)nxp.com> arm64: dts: imx8mn: remove otg1 power domain dependency on hsio Li Jun <jun.li(a)nxp.com> arm64: dts: imx8mm: correct usb power domains Li Jun <jun.li(a)nxp.com> arm64: dts: imx8mm: remove otg1/2 power domain dependency on hsio Max Krummenacher <max.krummenacher(a)toradex.com> arm64: dts: verdin-imx8mp: fix ctrl_sleep_moci Taniya Das <quic_tdas(a)quicinc.com> clk: qcom: Update the force mem core bit for GPU clocks Geert Uytterhoeven <geert+renesas(a)glider.be> clk: renesas: r8a779g0: Fix HSCIF parent clocks Jerry Snitselaar <jsnitsel(a)redhat.com> efi/tpm: Pass correct address to memblock_reserve Marek Vasut <marex(a)denx.de> arm64: dts: imx8mm: Enable CPLD_Dn pull down resistor on MX8Menlo Marek Vasut <marex(a)denx.de> clk: rs9: Fix I2C accessors Pavel Begunkov <asml.silence(a)gmail.com> bio: safeguard REQ_ALLOC_CACHE bio put Martin Tůma <martin.tuma(a)digiteqautomotive.com> i2c: xiic: Add platform module alias Xander Li <xander_li(a)kingston.com.tw> nvme-pci: disable write zeroes on various Kingston SSD YuBiao Wang <YuBiao.Wang(a)amd.com> drm/amdgpu: dequeue mes scheduler during fini Yifan Zha <Yifan.Zha(a)amd.com> drm/amdgpu: Program GC registers through RLCG interface in gfx_v11/gmc_v11 Nathan Chancellor <nathan(a)kernel.org> drm/amdkfd: Fix type of reset_type parameter in hqd_destroy() callback Kenneth Feng <kenneth.feng(a)amd.com> drm/amd/pm: skip loading pptable from driver on secure board for smu_v13_0_10 Danijel Slivka <danijel.slivka(a)amd.com> drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV case Samuel Bailey <samuel.bailey1(a)gmail.com> HID: saitek: add madcatz variant of MMO7 mouse device ID Uday Shankar <ushankar(a)purestorage.com> scsi: core: Restrict legal sdev_state transitions via sysfs Pavel Begunkov <asml.silence(a)gmail.com> io_uring: don't iopoll from io_ring_ctx_wait_and_kill() Jason A. Donenfeld <Jason(a)zx2c4.com> hwrng: bcm2835 - use hwrng_msleep() instead of cpu_relax() Ashish Kalra <ashish.kalra(a)amd.com> ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() Maxime Ripard <maxime(a)cerno.tech> drm/vc4: hdmi: Check the HSM rate at runtime_resume Sakari Ailus <sakari.ailus(a)linux.intel.com> media: v4l: subdev: Fail graciously when getting try data for NULL state Benjamin Gaignard <benjamin.gaignard(a)collabora.com> media: hantro: HEVC: Fix chroma offset computation Benjamin Gaignard <benjamin.gaignard(a)collabora.com> media: hantro: HEVC: Fix auxilary buffer size calculation Benjamin Gaignard <benjamin.gaignard(a)collabora.com> media: hantro: Store HEVC bit depth in context Hangyu Hua <hbh25y(a)gmail.com> media: meson: vdec: fix possible refcount leak in vdec_probe() Rory Liu <hellojacky0226(a)hotmail.com> media: platform: cros-ec: Add Kuldax to the match table Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: dvb-frontends/drxk: initialize err to 0 Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: Zero v4l2_subdev_format fields in when validating links Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: Use correct macro for gradient registers Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: Initialize color space on resizer sink and source pads Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: Don't pass the quantization to rkisp1_csm_config() Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: Fix source pad format configuration Olivier Moysan <olivier.moysan(a)foss.st.com> iio: adc: stm32-adc: fix channel sampling time init Dexuan Cui <decui(a)microsoft.com> vsock: fix possible infinite sleep in vsock_connectible_wait_data() Zhengchao Shao <shaozhengchao(a)huawei.com> ipv6: fix WARNING in ip6_route_net_exit_late() Ido Schimmel <idosch(a)nvidia.com> bridge: Fix flushing of dynamic FDB entries Chen Zhongjin <chenzhongjin(a)huawei.com> net, neigh: Fix null-ptr-deref in neigh_table_clear() Chen Zhongjin <chenzhongjin(a)huawei.com> net/smc: Fix possible leaked pernet namespace in smc_init() Liu Peibao <liupeibao(a)loongson.cn> stmmac: dwmac-loongson: fix invalid mdio_node Nick Child <nnac123(a)linux.ibm.com> ibmvnic: Free rwi on reset success Gaosheng Cui <cuigaosheng1(a)huawei.com> net: mdio: fix undefined behavior in bit shift for __mdiobus_register Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_conn: Fix not restoring ISO buffer count on disconnect Hawkins Jiawei <yin31149(a)gmail.com> Bluetooth: L2CAP: Fix memory leak in vhci_write Zhengchao Shao <shaozhengchao(a)huawei.com> Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() Soenke Huster <soenke.huster(a)eknoes.de> Bluetooth: virtio_bt: Use skb_put to set length Pauli Virtanen <pav(a)iki.fi> Bluetooth: hci_conn: Fix CIS connection dst_type handling Maxim Mikityanskiy <maxtram95(a)gmail.com> Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: enforce documented limit to prevent allocating huge memory Filipe Manana <fdmanana(a)suse.com> btrfs: fix ulist leaks in error paths of qgroup self tests Filipe Manana <fdmanana(a)suse.com> btrfs: fix inode list leak during backref walking at find_parent_nodes() Filipe Manana <fdmanana(a)suse.com> btrfs: fix inode list leak during backref walking at resolve_indirect_refs() Yang Yingliang <yangyingliang(a)huawei.com> isdn: mISDN: netjet: fix wrong check of device registration Yang Yingliang <yangyingliang(a)huawei.com> mISDN: fix possible memory leak in mISDN_register_device() Zhang Qilong <zhangqilong3(a)huawei.com> rose: Fix NULL pointer dereference in rose_send_frame() Zhengchao Shao <shaozhengchao(a)huawei.com> ipvs: fix WARNING in ip_vs_app_net_cleanup() Zhengchao Shao <shaozhengchao(a)huawei.com> ipvs: fix WARNING in __ip_vs_cleanup_batch() Jason A. Donenfeld <Jason(a)zx2c4.com> ipvs: use explicitly signed chars Horatiu Vultur <horatiu.vultur(a)microchip.com> net: lan966x: Fix unmapping of received frames using FDMA Horatiu Vultur <horatiu.vultur(a)microchip.com> net: lan966x: Fix FDMA when MTU is changed Horatiu Vultur <horatiu.vultur(a)microchip.com> net: lan966x: Adjust maximum frame size when vlan is enabled/disabled Horatiu Vultur <horatiu.vultur(a)microchip.com> net: lan966x: Fix the MTU calculation Jeff Layton <jlayton(a)kernel.org> nfsd: fix net-namespace logic in __nfsd_file_cache_purge Jeff Layton <jlayton(a)kernel.org> nfsd: fix nfsd_file_unhash_and_dispose Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> sfc: Fix an error handling path in efx_pci_probe() Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: release flow rule object from commit path Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: netlink notifier might race to release objects Ziyang Xuan <william.xuanziyang(a)huawei.com> net: tun: fix bugs for oversize packet when napi frags enabled Dan Carpenter <dan.carpenter(a)oracle.com> net: sched: Fix use after free in red_enqueue() Yang Yingliang <yangyingliang(a)huawei.com> ata: palmld: fix return value check in palmld_pata_probe() Sergey Shtylyov <s.shtylyov(a)omp.ru> ata: pata_legacy: fix pdc20230_set_piomode() Zhang Changzhong <zhangchangzhong(a)huawei.com> net: fec: fix improper use of NETDEV_TX_BUSY Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send() Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: fdp: Fix potential memory leak in fdp_nci_send() Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: fall back to default tagger if we can't load the one from DT Willy Tarreau <w(a)1wt.eu> tools/nolibc: Fix missing strlen() definition and infinite loop with gcc-12 Dan Carpenter <dan.carpenter(a)oracle.com> RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() Chen Zhongjin <chenzhongjin(a)huawei.com> RDMA/core: Fix null-ptr-deref in ib_core_cleanup() Chen Zhongjin <chenzhongjin(a)huawei.com> net: dsa: Fix possible memory leaks in dsa_loop_init() Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> nfs4: Fix kmemleak when allocate slot failed Benjamin Coddington <bcodding(a)redhat.com> NFSv4.2: Fixup CLONE dest file size for zero-length count Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: Handle RECLAIM_COMPLETE trunking errors Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Fix a potential state reclaim deadlock Li Zhijian <lizhijian(a)fujitsu.com> RDMA/rxe: Fix mr leak in RESPST_ERR_RNR Akira Yokosawa <akiyks(a)gmail.com> docs/process/howto: Replace C89 with C11 Yixing Liu <liuyixing1(a)huawei.com> RDMA/hns: Fix NULL pointer problem in free_mr_init() Yangyang Li <liyangyang20(a)huawei.com> RDMA/hns: Disable local invalidate operation Dean Luick <dean.luick(a)cornelisnetworks.com> IB/hfi1: Correctly move list in sc_disable() Håkon Bugge <haakon.bugge(a)oracle.com> RDMA/cma: Use output interface for net_dev check Jason Gunthorpe <jgg(a)ziepe.ca> drm/i915/gvt: Add missing vfio_unregister_group_dev() call Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> usb: dwc3: gadget: Don't delay End Transfer on delayed_status Wesley Cheng <quic_wcheng(a)quicinc.com> usb: dwc3: gadget: Force sending delayed status during soft disconnect ------------- Diffstat: Documentation/process/howto.rst | 2 +- Documentation/trace/histogram.rst | 2 +- Documentation/translations/it_IT/process/howto.rst | 2 +- Documentation/translations/ja_JP/howto.rst | 2 +- Documentation/translations/ko_KR/howto.rst | 2 +- Documentation/translations/zh_CN/process/howto.rst | 2 +- Documentation/translations/zh_TW/process/howto.rst | 2 +- Makefile | 4 +- arch/arm/boot/dts/imx6q-yapp4-crux.dts | 4 + arch/arm/boot/dts/imx6qdl-gw5910.dtsi | 2 +- arch/arm/boot/dts/imx6qdl-gw5913.dtsi | 2 +- arch/arm/boot/dts/imx6qp-yapp4-crux-plus.dts | 4 + arch/arm/boot/dts/ste-href.dtsi | 8 + arch/arm/boot/dts/ste-snowball.dts | 8 + arch/arm/boot/dts/ste-ux500-samsung-codina-tmo.dts | 8 + arch/arm/boot/dts/ste-ux500-samsung-codina.dts | 8 + arch/arm/boot/dts/ste-ux500-samsung-gavini.dts | 8 + arch/arm/boot/dts/ste-ux500-samsung-golden.dts | 8 + arch/arm/boot/dts/ste-ux500-samsung-janice.dts | 8 + arch/arm/boot/dts/ste-ux500-samsung-kyle.dts | 8 + arch/arm/boot/dts/ste-ux500-samsung-skomer.dts | 8 + arch/arm64/boot/dts/arm/juno-base.dtsi | 14 + arch/arm64/boot/dts/freescale/fsl-ls1088a.dtsi | 6 + arch/arm64/boot/dts/freescale/fsl-ls208xa.dtsi | 6 + arch/arm64/boot/dts/freescale/fsl-lx2160a.dtsi | 6 + arch/arm64/boot/dts/freescale/imx8-ss-conn.dtsi | 18 +- arch/arm64/boot/dts/freescale/imx8mm-mx8menlo.dts | 16 +- arch/arm64/boot/dts/freescale/imx8mm.dtsi | 8 +- arch/arm64/boot/dts/freescale/imx8mn.dtsi | 4 +- arch/arm64/boot/dts/freescale/imx8mp-verdin.dtsi | 20 +- arch/arm64/boot/dts/freescale/imx93.dtsi | 21 +- arch/arm64/kernel/entry-common.c | 3 +- arch/arm64/kvm/hyp/exception.c | 3 +- arch/arm64/kvm/hyp/include/hyp/switch.h | 20 + arch/arm64/kvm/hyp/nvhe/switch.c | 26 -- arch/arm64/kvm/hyp/vhe/switch.c | 8 - arch/parisc/include/asm/hardware.h | 12 +- arch/parisc/kernel/drivers.c | 14 +- arch/x86/coco/tdx/tdx.c | 25 +- arch/x86/events/intel/core.c | 1 + arch/x86/events/intel/ds.c | 18 +- arch/x86/include/asm/syscall_wrapper.h | 2 +- arch/x86/kvm/cpuid.c | 11 +- arch/x86/kvm/emulate.c | 108 +++-- arch/x86/kvm/vmx/capabilities.h | 19 +- arch/x86/kvm/vmx/vmx.c | 23 +- arch/x86/kvm/x86.c | 12 +- arch/x86/kvm/xen.c | 57 +-- block/bio.c | 2 +- block/blk-mq.c | 4 +- block/genhd.c | 1 + drivers/acpi/apei/ghes.c | 2 +- drivers/acpi/numa/srat.c | 1 + drivers/ata/pata_legacy.c | 5 +- drivers/ata/pata_palmld.c | 4 +- drivers/block/ublk_drv.c | 3 + drivers/bluetooth/virtio_bt.c | 2 +- drivers/char/hw_random/bcm2835-rng.c | 2 +- drivers/clk/clk-renesas-pcie.c | 65 ++- drivers/clk/qcom/gcc-sc7280.c | 1 + drivers/clk/qcom/gpucc-sc7280.c | 1 + drivers/clk/renesas/r8a779g0-cpg-mssr.c | 13 +- drivers/cxl/core/pmem.c | 2 + drivers/cxl/core/port.c | 11 +- drivers/cxl/core/region.c | 90 ++-- drivers/cxl/cxl.h | 4 +- drivers/cxl/pmem.c | 101 +++-- drivers/firmware/arm_scmi/driver.c | 9 +- drivers/firmware/arm_scmi/virtio.c | 26 +- drivers/firmware/efi/efi.c | 2 +- drivers/firmware/efi/libstub/random.c | 7 +- drivers/firmware/efi/tpm.c | 2 +- drivers/firmware/efi/vars.c | 68 +-- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c | 7 + drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gfx_v11.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 6 + drivers/gpu/drm/amd/amdgpu/amdgpu_virt.h | 4 + drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6 +- drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 2 +- drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c | 18 +- drivers/gpu/drm/amd/amdgpu/mes_v11_0.c | 42 +- .../drm/amd/display/dc/dcn314/dcn314_resource.c | 2 +- .../gpu/drm/amd/display/dc/dml/dcn321/dcn321_fpu.c | 10 +- drivers/gpu/drm/amd/include/kgd_kfd_interface.h | 5 +- drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c | 3 +- drivers/gpu/drm/i915/display/intel_sdvo.c | 58 ++- drivers/gpu/drm/i915/gem/i915_gem_internal.c | 19 +- drivers/gpu/drm/i915/gem/i915_gem_shmem.c | 2 +- drivers/gpu/drm/i915/gem/i915_gem_ttm.c | 4 +- drivers/gpu/drm/i915/gem/i915_gem_userptr.c | 2 +- drivers/gpu/drm/i915/gvt/kvmgt.c | 1 + drivers/gpu/drm/i915/i915_scatterlist.h | 34 +- drivers/gpu/drm/rockchip/dw-mipi-dsi-rockchip.c | 22 +- drivers/gpu/drm/rockchip/dw_hdmi-rockchip.c | 3 +- drivers/gpu/drm/rockchip/rockchip_drm_gem.c | 5 +- drivers/gpu/drm/vc4/vc4_hdmi.c | 20 + drivers/hid/hid-ids.h | 1 + drivers/hid/hid-quirks.c | 1 + drivers/hid/hid-saitek.c | 2 + drivers/i2c/busses/i2c-piix4.c | 1 + drivers/i2c/busses/i2c-xiic.c | 1 + drivers/iio/adc/stm32-adc.c | 11 +- drivers/infiniband/core/cma.c | 2 +- drivers/infiniband/core/device.c | 10 +- drivers/infiniband/core/nldev.c | 2 +- drivers/infiniband/hw/hfi1/pio.c | 3 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 15 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 2 - drivers/infiniband/hw/qedr/main.c | 9 +- drivers/infiniband/sw/rxe/rxe_resp.c | 4 +- drivers/isdn/hardware/mISDN/netjet.c | 2 +- drivers/isdn/mISDN/core.c | 5 +- drivers/media/cec/platform/cros-ec/cros-ec-cec.c | 4 + drivers/media/cec/platform/s5p/s5p_cec.c | 2 + drivers/media/dvb-frontends/drxk_hard.c | 2 +- .../platform/rockchip/rkisp1/rkisp1-capture.c | 7 +- .../media/platform/rockchip/rkisp1/rkisp1-isp.c | 40 +- .../media/platform/rockchip/rkisp1/rkisp1-params.c | 14 +- .../media/platform/rockchip/rkisp1/rkisp1-regs.h | 2 +- .../platform/rockchip/rkisp1/rkisp1-resizer.c | 4 + drivers/net/dsa/dsa_loop.c | 25 +- drivers/net/ethernet/freescale/fec_main.c | 4 +- drivers/net/ethernet/ibm/ibmvnic.c | 16 +- .../net/ethernet/microchip/lan966x/lan966x_fdma.c | 26 +- .../net/ethernet/microchip/lan966x/lan966x_main.c | 4 +- .../net/ethernet/microchip/lan966x/lan966x_main.h | 2 + .../net/ethernet/microchip/lan966x/lan966x_regs.h | 15 + .../net/ethernet/microchip/lan966x/lan966x_vlan.c | 6 + drivers/net/ethernet/sfc/efx.c | 8 +- .../net/ethernet/stmicro/stmmac/dwmac-loongson.c | 7 +- drivers/net/phy/mdio_bus.c | 2 +- drivers/net/tun.c | 3 +- .../wireless/broadcom/brcm80211/brcmfmac/fweh.c | 4 + drivers/nfc/fdp/fdp.c | 10 +- drivers/nfc/nfcmrvl/i2c.c | 7 +- drivers/nfc/nxp-nci/core.c | 7 +- drivers/nfc/s3fwrn5/core.c | 8 +- drivers/nvme/host/pci.c | 10 + drivers/parisc/iosapic.c | 1 + drivers/scsi/scsi_sysfs.c | 8 + drivers/staging/media/hantro/hantro_drv.c | 7 + drivers/staging/media/hantro/hantro_g2_hevc_dec.c | 2 +- drivers/staging/media/hantro/hantro_hevc.c | 4 +- drivers/staging/media/meson/vdec/vdec.c | 2 + drivers/tty/serial/8250/Kconfig | 2 +- fs/btrfs/backref.c | 54 ++- fs/btrfs/ctree.h | 5 +- fs/btrfs/export.c | 2 +- fs/btrfs/export.h | 2 +- fs/btrfs/extent-tree.c | 25 +- fs/btrfs/file.c | 22 +- fs/btrfs/inode.c | 16 +- fs/btrfs/tests/qgroup-tests.c | 20 +- fs/btrfs/volumes.c | 12 +- fs/cifs/connect.c | 11 +- fs/crypto/fscrypt_private.h | 71 ++- fs/crypto/hooks.c | 10 +- fs/crypto/keyring.c | 491 +++++++++++---------- fs/crypto/keysetup.c | 81 ++-- fs/crypto/policy.c | 8 +- fs/ext4/ioctl.c | 3 +- fs/ext4/migrate.c | 3 +- fs/ext4/namei.c | 10 +- fs/ext4/resize.c | 5 + fs/ext4/verity.c | 3 +- fs/f2fs/verity.c | 3 +- fs/fuse/file.c | 4 + fs/fuse/readdir.c | 10 +- fs/nfs/delegation.c | 36 +- fs/nfs/nfs42proc.c | 3 + fs/nfs/nfs4client.c | 1 + fs/nfs/nfs4state.c | 2 + fs/nfsd/filecache.c | 39 +- fs/super.c | 3 +- include/acpi/ghes.h | 2 +- include/linux/efi.h | 2 +- include/linux/fs.h | 2 +- include/linux/fscrypt.h | 4 +- include/linux/kvm_host.h | 24 +- include/media/v4l2-subdev.h | 6 + include/net/sock.h | 7 + io_uring/io_uring.c | 13 +- kernel/kprobes.c | 5 +- kernel/trace/fprobe.c | 5 +- kernel/trace/ftrace.c | 16 +- kernel/trace/kprobe_event_gen_test.c | 18 +- kernel/trace/ring_buffer.c | 11 + net/bluetooth/hci_conn.c | 18 +- net/bluetooth/iso.c | 14 +- net/bluetooth/l2cap_core.c | 84 +++- net/bridge/br_netlink.c | 2 +- net/bridge/br_sysfs_br.c | 2 +- net/core/neighbour.c | 2 +- net/dsa/dsa2.c | 13 +- net/ipv4/af_inet.c | 2 + net/ipv4/tcp_bpf.c | 4 +- net/ipv4/tcp_ulp.c | 3 + net/ipv4/udp_bpf.c | 4 +- net/ipv6/route.c | 14 +- net/netfilter/ipset/ip_set_hash_gen.h | 30 +- net/netfilter/ipvs/ip_vs_app.c | 10 +- net/netfilter/ipvs/ip_vs_conn.c | 30 +- net/netfilter/nf_tables_api.c | 8 +- net/rose/rose_link.c | 3 + net/sched/sch_red.c | 4 +- net/smc/af_smc.c | 6 +- net/sunrpc/sysfs.c | 12 +- net/unix/unix_bpf.c | 8 +- net/vmw_vsock/af_vsock.c | 5 +- security/commoncap.c | 6 +- tools/include/nolibc/string.h | 17 +- tools/testing/selftests/landlock/Makefile | 7 +- virt/kvm/pfncache.c | 62 ++- 213 files changed, 1962 insertions(+), 1102 deletions(-)

2 years, 2 months

14
211
0 0

[PATCH 5.15 000/144] 5.15.78-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.78 release. There are 144 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 10 Nov 2022 13:33:17 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.78-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.78-rc1 Dokyung Song <dokyung.song(a)gmail.com> wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/sdvo: Setup DDC fully before output init Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/sdvo: Filter out invalid outputs more sensibly Brian Norris <briannorris(a)chromium.org> drm/rockchip: dsi: Force synchronous probe Brian Norris <briannorris(a)chromium.org> drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach Ronnie Sahlberg <lsahlber(a)redhat.com> cifs: fix regression in very old smb1 mounts Matthew Wilcox (Oracle) <willy(a)infradead.org> ext4,f2fs: fix readahead of verity data Sumit Garg <sumit.garg(a)linaro.org> tee: Fix tee_shm_register() for kernel TEE drivers Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: update the emulation mode after CR0 write Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: update the emulation mode after rsm Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: introduce emulator_recalc_and_set_mode Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: em_sysexit should update ctxt->mode Ryan Roberts <ryan.roberts(a)arm.com> KVM: arm64: Fix bad dereference on MTE-enabled systems Emanuele Giuseppe Esposito <eesposit(a)redhat.com> KVM: VMX: fully disable SGX if SECONDARY_EXEC_ENCLS_EXITING unavailable Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.8000001FH Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.80000001H Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.80000008H Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.8000001AH Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.80000006H Jiri Olsa <olsajiri(a)gmail.com> x86/syscall: Include asm/ptrace.h in syscall_wrapper header Luís Henriques <lhenriques(a)suse.de> ext4: fix BUG_ON() when directory entry has invalid rec_len Ye Bin <yebin10(a)huawei.com> ext4: fix warning in 'ext4_da_release_space' Helge Deller <deller(a)gmx.de> parisc: Avoid printing the hardware path twice Helge Deller <deller(a)gmx.de> parisc: Export iosapic_serial_irq() symbol for serial port driver Helge Deller <deller(a)gmx.de> parisc: Make 8250_gsc driver dependend on CONFIG_PARISC Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Fix pebs event constraints for SPR Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[] Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Fix pebs event constraints for ICL Mark Rutland <mark.rutland(a)arm.com> arm64: entry: avoid kprobe recursion Ard Biesheuvel <ardb(a)kernel.org> efi: random: Use 'ACPI reclaim' memory for random seed Ard Biesheuvel <ardb(a)kernel.org> efi: random: reduce seed size to 32 bytes Miklos Szeredi <mszeredi(a)redhat.com> fuse: add file_modified() to fallocate Gaosheng Cui <cuigaosheng1(a)huawei.com> capabilities: fix potential memleak on error path from vfs_getxattr_alloc() Zheng Yejian <zhengyejian1(a)huawei.com> tracing/histogram: Update document for KEYS_MAX size Rasmus Villemoes <linux(a)rasmusvillemoes.dk> tools/nolibc/string: Fix memcmp() implementation Steven Rostedt (Google) <rostedt(a)goodmis.org> ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters() Li Qiang <liq3ea(a)163.com> kprobe: reverse kp->flags when arm_kprobe failed Shang XiaoJing <shangxiaojing(a)huawei.com> tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd() Kuniyuki Iwashima <kuniyu(a)amazon.com> tcp/udp: Make early_demux back namespacified. Li Huafei <lihuafei1(a)huawei.com> ftrace: Fix use-after-free for dynamic ftrace_ops David Sterba <dsterba(a)suse.com> btrfs: fix type of parameter generation in btrfs_get_dentry Josef Bacik <josef(a)toxicpanda.com> btrfs: fix tree mod log mishandling of reallocated nodes Filipe Manana <fdmanana(a)suse.com> btrfs: fix lost file sync on direct IO write with nowait and dsync iocb Eric Biggers <ebiggers(a)google.com> fscrypt: fix keyring memory leak on mount failure Eric Biggers <ebiggers(a)google.com> fscrypt: stop using keyrings subsystem for fscrypt_master_key Kuniyuki Iwashima <kuniyu(a)amazon.com> af_unix: Fix memory leaks of the whole sk due to OOB skb. Yu Kuai <yukuai3(a)huawei.com> block, bfq: protect 'bfqd->queued' by 'bfqd->lock' Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix attempting to access uninitialized memory Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM Chen Zhongjin <chenzhongjin(a)huawei.com> i2c: piix4: Fix adapter not be removed in piix4_remove() Cristian Marussi <cristian.marussi(a)arm.com> arm64: dts: juno: Add thermal critical trip points Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Fix devres allocation device in virtio transport Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Make Rx chan_setup fail on memory errors Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Suppress the driver's bind attributes Chen Zhongjin <chenzhongjin(a)huawei.com> block: Fix possible memory leak for rq_wb on add_disk failure Ioana Ciornei <ioana.ciornei(a)nxp.com> arm64: dts: ls208xa: specify clock frequencies for the MDIO controllers Ioana Ciornei <ioana.ciornei(a)nxp.com> arm64: dts: ls1088a: specify clock frequencies for the MDIO controllers Ioana Ciornei <ioana.ciornei(a)nxp.com> arm64: dts: lx2160a: specify clock frequencies for the MDIO controllers Peng Fan <peng.fan(a)nxp.com> arm64: dts: imx8: correct clock order Tim Harvey <tharvey(a)gateworks.com> ARM: dts: imx6qdl-gw59{10,13}: fix user pushbutton GPIO offset Taniya Das <quic_tdas(a)quicinc.com> clk: qcom: Update the force mem core bit for GPU clocks Jerry Snitselaar <jsnitsel(a)redhat.com> efi/tpm: Pass correct address to memblock_reserve Martin Tůma <martin.tuma(a)digiteqautomotive.com> i2c: xiic: Add platform module alias Danijel Slivka <danijel.slivka(a)amd.com> drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV case Samuel Bailey <samuel.bailey1(a)gmail.com> HID: saitek: add madcatz variant of MMO7 mouse device ID Uday Shankar <ushankar(a)purestorage.com> scsi: core: Restrict legal sdev_state transitions via sysfs Ashish Kalra <ashish.kalra(a)amd.com> ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() Sakari Ailus <sakari.ailus(a)linux.intel.com> media: v4l: subdev: Fail graciously when getting try data for NULL state Hangyu Hua <hbh25y(a)gmail.com> media: meson: vdec: fix possible refcount leak in vdec_probe() Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: dvb-frontends/drxk: initialize err to 0 Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: Zero v4l2_subdev_format fields in when validating links Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: Use correct macro for gradient registers Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: Initialize color space on resizer sink and source pads Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: Don't pass the quantization to rkisp1_csm_config() Peter Oberparleiter <oberpar(a)linux.ibm.com> s390/cio: fix out-of-bounds access on cio_ignore free Vineeth Vijayan <vneethv(a)linux.ibm.com> s390/cio: derive cdev information only for IO-subchannels Peter Oberparleiter <oberpar(a)linux.ibm.com> s390/boot: add secure boot trailer Heiko Carstens <hca(a)linux.ibm.com> s390/uaccess: add missing EX_TABLE entries to __clear_user() Linus Walleij <linus.walleij(a)linaro.org> mtd: parsers: bcm47xxpart: Fix halfblock reads Rafał Miłecki <rafal(a)milecki.pl> mtd: parsers: bcm47xxpart: print correct offset on read error Helge Deller <deller(a)gmx.de> fbdev: stifb: Fall back to cfb_fillrect() on 32-bit HCRX cards Helge Deller <deller(a)gmx.de> video/fbdev/stifb: Implement the stifb_fillrect() function Johan Hovold <johan+linaro(a)kernel.org> drm/msm/hdmi: fix IRQ lifetime Daniel Thompson <daniel.thompson(a)linaro.org> drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag Dexuan Cui <decui(a)microsoft.com> vsock: fix possible infinite sleep in vsock_connectible_wait_data() Zhengchao Shao <shaozhengchao(a)huawei.com> ipv6: fix WARNING in ip6_route_net_exit_late() Chen Zhongjin <chenzhongjin(a)huawei.com> net, neigh: Fix null-ptr-deref in neigh_table_clear() Chen Zhongjin <chenzhongjin(a)huawei.com> net/smc: Fix possible leaked pernet namespace in smc_init() Liu Peibao <liupeibao(a)loongson.cn> stmmac: dwmac-loongson: fix invalid mdio_node Nick Child <nnac123(a)linux.ibm.com> ibmvnic: Free rwi on reset success Gaosheng Cui <cuigaosheng1(a)huawei.com> net: mdio: fix undefined behavior in bit shift for __mdiobus_register Hawkins Jiawei <yin31149(a)gmail.com> Bluetooth: L2CAP: Fix memory leak in vhci_write Zhengchao Shao <shaozhengchao(a)huawei.com> Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() Soenke Huster <soenke.huster(a)eknoes.de> Bluetooth: virtio_bt: Use skb_put to set length Maxim Mikityanskiy <maxtram95(a)gmail.com> Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu Jozsef Kadlecsik <kadlec(a)netfilter.org> netfilter: ipset: enforce documented limit to prevent allocating huge memory Filipe Manana <fdmanana(a)suse.com> btrfs: fix ulist leaks in error paths of qgroup self tests Filipe Manana <fdmanana(a)suse.com> btrfs: fix inode list leak during backref walking at find_parent_nodes() Filipe Manana <fdmanana(a)suse.com> btrfs: fix inode list leak during backref walking at resolve_indirect_refs() Yang Yingliang <yangyingliang(a)huawei.com> isdn: mISDN: netjet: fix wrong check of device registration Yang Yingliang <yangyingliang(a)huawei.com> mISDN: fix possible memory leak in mISDN_register_device() Zhang Qilong <zhangqilong3(a)huawei.com> rose: Fix NULL pointer dereference in rose_send_frame() Zhengchao Shao <shaozhengchao(a)huawei.com> ipvs: fix WARNING in ip_vs_app_net_cleanup() Zhengchao Shao <shaozhengchao(a)huawei.com> ipvs: fix WARNING in __ip_vs_cleanup_batch() Jason A. Donenfeld <Jason(a)zx2c4.com> ipvs: use explicitly signed chars Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: release flow rule object from commit path Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: netlink notifier might race to release objects Ziyang Xuan <william.xuanziyang(a)huawei.com> net: tun: fix bugs for oversize packet when napi frags enabled Dan Carpenter <dan.carpenter(a)oracle.com> net: sched: Fix use after free in red_enqueue() Sergey Shtylyov <s.shtylyov(a)omp.ru> ata: pata_legacy: fix pdc20230_set_piomode() Zhang Changzhong <zhangchangzhong(a)huawei.com> net: fec: fix improper use of NETDEV_TX_BUSY Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send() Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: fdp: Fix potential memory leak in fdp_nci_send() Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: fall back to default tagger if we can't load the one from DT Dan Carpenter <dan.carpenter(a)oracle.com> RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() Chen Zhongjin <chenzhongjin(a)huawei.com> RDMA/core: Fix null-ptr-deref in ib_core_cleanup() Chen Zhongjin <chenzhongjin(a)huawei.com> net: dsa: Fix possible memory leaks in dsa_loop_init() Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> nfs4: Fix kmemleak when allocate slot failed Benjamin Coddington <bcodding(a)redhat.com> NFSv4.2: Fixup CLONE dest file size for zero-length count Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: Handle RECLAIM_COMPLETE trunking errors Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Fix a potential state reclaim deadlock Yangyang Li <liyangyang20(a)huawei.com> RDMA/hns: Disable local invalidate operation Wenpeng Liang <liangwenpeng(a)huawei.com> RDMA/hns: Use hr_reg_xxx() instead of remaining roce_set_xxx() Xinhao Liu <liuxinhao5(a)hisilicon.com> RDMA/hns: Remove magic number Dean Luick <dean.luick(a)cornelisnetworks.com> IB/hfi1: Correctly move list in sc_disable() Håkon Bugge <haakon.bugge(a)oracle.com> RDMA/cma: Use output interface for net_dev check Alexander Graf <graf(a)amazon.com> KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER Alexander Graf <graf(a)amazon.com> KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter() Aaron Lewis <aaronlewis(a)google.com> KVM: x86: Protect the unused bits in MSR exiting flags Roderick Colenbrander <roderick(a)gaikai.com> HID: playstation: add initial DualSense Edge controller support Baolin Wang <baolin.wang(a)linux.alibaba.com> mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page Shirish S <shirish.s(a)amd.com> drm/amd/display: explicitly disable psr_feature_enable appropriately Sean Christopherson <seanjc(a)google.com> KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1) Sean Christopherson <seanjc(a)google.com> KVM: x86: Trace re-injected exceptions Lukas Wunner <lukas(a)wunner.de> serial: ar933x: Deassert Transmit Enable on ->rs485_config() James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Rework MIB Rx Monitor debug info logic James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Adjust CMF total bytes and rxmonitor James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Adjust bytes received vales during cmf timer interval ------------- Diffstat: Documentation/trace/histogram.rst | 2 +- Makefile | 4 +- arch/arm/boot/dts/imx6qdl-gw5910.dtsi | 2 +- arch/arm/boot/dts/imx6qdl-gw5913.dtsi | 2 +- arch/arm64/boot/dts/arm/juno-base.dtsi | 14 + arch/arm64/boot/dts/freescale/fsl-ls1088a.dtsi | 6 + arch/arm64/boot/dts/freescale/fsl-ls208xa.dtsi | 6 + arch/arm64/boot/dts/freescale/fsl-lx2160a.dtsi | 6 + arch/arm64/boot/dts/freescale/imx8-ss-conn.dtsi | 18 +- arch/arm64/kernel/entry-common.c | 3 +- arch/arm64/kvm/hyp/exception.c | 3 +- arch/parisc/include/asm/hardware.h | 12 +- arch/parisc/kernel/drivers.c | 14 +- arch/s390/boot/compressed/vmlinux.lds.S | 13 +- arch/s390/lib/uaccess.c | 6 +- arch/x86/events/intel/core.c | 1 + arch/x86/events/intel/ds.c | 18 +- arch/x86/include/asm/syscall_wrapper.h | 2 +- arch/x86/kvm/cpuid.c | 11 +- arch/x86/kvm/emulate.c | 104 +++-- arch/x86/kvm/trace.h | 12 +- arch/x86/kvm/vmx/vmx.c | 5 + arch/x86/kvm/x86.c | 134 +++++- block/bfq-iosched.c | 4 +- block/genhd.c | 1 + drivers/acpi/apei/ghes.c | 2 +- drivers/ata/pata_legacy.c | 5 +- drivers/bluetooth/virtio_bt.c | 2 +- drivers/clk/qcom/gcc-sc7280.c | 1 + drivers/clk/qcom/gpucc-sc7280.c | 1 + drivers/firmware/arm_scmi/driver.c | 9 +- drivers/firmware/arm_scmi/virtio.c | 6 +- drivers/firmware/efi/efi.c | 2 +- drivers/firmware/efi/libstub/random.c | 7 +- drivers/firmware/efi/tpm.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 6 + drivers/gpu/drm/amd/amdgpu/amdgpu_virt.h | 4 + drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6 +- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_psr.c | 8 +- drivers/gpu/drm/i915/display/intel_sdvo.c | 58 ++- drivers/gpu/drm/msm/hdmi/hdmi.c | 4 +- drivers/gpu/drm/rockchip/dw-mipi-dsi-rockchip.c | 22 +- drivers/hid/hid-ids.h | 2 + drivers/hid/hid-playstation.c | 5 +- drivers/hid/hid-quirks.c | 1 + drivers/hid/hid-saitek.c | 2 + drivers/i2c/busses/i2c-piix4.c | 1 + drivers/i2c/busses/i2c-xiic.c | 1 + drivers/infiniband/core/cma.c | 2 +- drivers/infiniband/core/device.c | 10 +- drivers/infiniband/core/nldev.c | 2 +- drivers/infiniband/hw/hfi1/pio.c | 3 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 266 ++++------- drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 166 +++---- drivers/infiniband/hw/qedr/main.c | 9 +- drivers/isdn/hardware/mISDN/netjet.c | 2 +- drivers/isdn/mISDN/core.c | 5 +- drivers/media/cec/platform/cros-ec/cros-ec-cec.c | 2 + drivers/media/cec/platform/s5p/s5p_cec.c | 2 + drivers/media/dvb-frontends/drxk_hard.c | 2 +- .../platform/rockchip/rkisp1/rkisp1-capture.c | 7 +- .../media/platform/rockchip/rkisp1/rkisp1-params.c | 14 +- .../media/platform/rockchip/rkisp1/rkisp1-regs.h | 2 +- .../platform/rockchip/rkisp1/rkisp1-resizer.c | 4 + drivers/mtd/parsers/bcm47xxpart.c | 4 +- drivers/net/dsa/dsa_loop.c | 25 +- drivers/net/ethernet/freescale/fec_main.c | 4 +- drivers/net/ethernet/ibm/ibmvnic.c | 16 +- .../net/ethernet/stmicro/stmmac/dwmac-loongson.c | 7 +- drivers/net/phy/mdio_bus.c | 2 +- drivers/net/tun.c | 3 +- .../wireless/broadcom/brcm80211/brcmfmac/fweh.c | 4 + drivers/nfc/fdp/fdp.c | 10 +- drivers/nfc/nfcmrvl/i2c.c | 7 +- drivers/nfc/nxp-nci/core.c | 7 +- drivers/nfc/s3fwrn5/core.c | 8 +- drivers/parisc/iosapic.c | 1 + drivers/s390/cio/css.c | 3 +- drivers/scsi/lpfc/lpfc.h | 15 +- drivers/scsi/lpfc/lpfc_crtn.h | 8 + drivers/scsi/lpfc/lpfc_debugfs.c | 57 +-- drivers/scsi/lpfc/lpfc_debugfs.h | 2 +- drivers/scsi/lpfc/lpfc_init.c | 101 ++--- drivers/scsi/lpfc/lpfc_mem.c | 9 +- drivers/scsi/lpfc/lpfc_sli.c | 190 +++++++- drivers/scsi/scsi_sysfs.c | 8 + drivers/staging/media/meson/vdec/vdec.c | 2 + drivers/tee/tee_core.c | 3 + drivers/tee/tee_shm.c | 3 - drivers/tty/serial/8250/Kconfig | 2 +- drivers/tty/serial/ar933x_uart.c | 5 + drivers/video/fbdev/stifb.c | 46 +- fs/btrfs/backref.c | 54 ++- fs/btrfs/export.c | 2 +- fs/btrfs/export.h | 2 +- fs/btrfs/extent-tree.c | 25 +- fs/btrfs/file.c | 39 +- fs/btrfs/tests/qgroup-tests.c | 20 +- fs/cifs/connect.c | 11 +- fs/crypto/fscrypt_private.h | 71 ++- fs/crypto/hooks.c | 10 +- fs/crypto/keyring.c | 491 +++++++++++---------- fs/crypto/keysetup.c | 81 ++-- fs/crypto/policy.c | 8 +- fs/ext4/migrate.c | 3 +- fs/ext4/namei.c | 10 +- fs/ext4/verity.c | 3 +- fs/f2fs/verity.c | 3 +- fs/fuse/file.c | 4 + fs/nfs/delegation.c | 36 +- fs/nfs/nfs42proc.c | 3 + fs/nfs/nfs4client.c | 1 + fs/nfs/nfs4state.c | 2 + fs/super.c | 3 +- include/acpi/ghes.h | 2 +- include/linux/efi.h | 2 +- include/linux/fs.h | 2 +- include/linux/fscrypt.h | 4 +- include/linux/hugetlb.h | 8 +- include/media/v4l2-subdev.h | 6 + include/net/protocol.h | 4 - include/net/tcp.h | 2 +- include/net/udp.h | 2 +- kernel/kprobes.c | 5 +- kernel/trace/ftrace.c | 16 +- kernel/trace/kprobe_event_gen_test.c | 18 +- kernel/trace/ring_buffer.c | 11 + mm/gup.c | 14 +- mm/hugetlb.c | 27 +- net/bluetooth/l2cap_core.c | 84 +++- net/core/neighbour.c | 2 +- net/dsa/dsa2.c | 13 +- net/ipv4/af_inet.c | 14 +- net/ipv4/ip_input.c | 37 +- net/ipv4/sysctl_net_ipv4.c | 59 +-- net/ipv6/ip6_input.c | 23 +- net/ipv6/route.c | 14 +- net/ipv6/tcp_ipv6.c | 9 +- net/ipv6/udp.c | 9 +- net/netfilter/ipset/ip_set_hash_gen.h | 30 +- net/netfilter/ipvs/ip_vs_app.c | 10 +- net/netfilter/ipvs/ip_vs_conn.c | 30 +- net/netfilter/nf_tables_api.c | 8 +- net/rose/rose_link.c | 3 + net/sched/sch_red.c | 4 +- net/smc/af_smc.c | 6 +- net/sunrpc/sysfs.c | 12 +- net/unix/af_unix.c | 13 +- net/vmw_vsock/af_vsock.c | 5 +- security/commoncap.c | 6 +- tools/include/nolibc/nolibc.h | 4 +- 151 files changed, 1767 insertions(+), 1243 deletions(-)

2 years, 2 months

10
153
0 0

[PATCH 5.10 000/117] 5.10.154-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.10.154 release. There are 117 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 11 Nov 2022 08:21:58 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.154-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.10.154-rc2 Vasily Averin <vvs(a)virtuozzo.com> ipc: remove memcg accounting for sops objects in do_semtimedop() Dokyung Song <dokyung.song(a)gmail.com> wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/sdvo: Setup DDC fully before output init Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/sdvo: Filter out invalid outputs more sensibly Brian Norris <briannorris(a)chromium.org> drm/rockchip: dsi: Force synchronous probe Matthew Wilcox (Oracle) <willy(a)infradead.org> ext4,f2fs: fix readahead of verity data Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: update the emulation mode after CR0 write Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: introduce emulator_recalc_and_set_mode Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: em_sysexit should update ctxt->mode Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.80000001H Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.80000008H Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.8000001AH Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.80000006H Luís Henriques <lhenriques(a)suse.de> ext4: fix BUG_ON() when directory entry has invalid rec_len Ye Bin <yebin10(a)huawei.com> ext4: fix warning in 'ext4_da_release_space' Helge Deller <deller(a)gmx.de> parisc: Avoid printing the hardware path twice Helge Deller <deller(a)gmx.de> parisc: Export iosapic_serial_irq() symbol for serial port driver Helge Deller <deller(a)gmx.de> parisc: Make 8250_gsc driver dependend on CONFIG_PARISC Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[] Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Fix pebs event constraints for ICL Ard Biesheuvel <ardb(a)kernel.org> efi: random: Use 'ACPI reclaim' memory for random seed Ard Biesheuvel <ardb(a)kernel.org> efi: random: reduce seed size to 32 bytes Miklos Szeredi <mszeredi(a)redhat.com> fuse: add file_modified() to fallocate Gaosheng Cui <cuigaosheng1(a)huawei.com> capabilities: fix potential memleak on error path from vfs_getxattr_alloc() Zheng Yejian <zhengyejian1(a)huawei.com> tracing/histogram: Update document for KEYS_MAX size Rasmus Villemoes <linux(a)rasmusvillemoes.dk> tools/nolibc/string: Fix memcmp() implementation Li Qiang <liq3ea(a)163.com> kprobe: reverse kp->flags when arm_kprobe failed Shang XiaoJing <shangxiaojing(a)huawei.com> tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd() Kuniyuki Iwashima <kuniyu(a)amazon.com> tcp/udp: Make early_demux back namespacified. Li Huafei <lihuafei1(a)huawei.com> ftrace: Fix use-after-free for dynamic ftrace_ops David Sterba <dsterba(a)suse.com> btrfs: fix type of parameter generation in btrfs_get_dentry James Clark <james.clark(a)arm.com> coresight: cti: Fix hang in cti_disable_hw() Carlos Llamas <cmllamas(a)google.com> binder: fix UAF of alloc->vma in race with munmap() Vasily Averin <vvs(a)virtuozzo.com> memcg: enable accounting of ipc resources Sascha Hauer <s.hauer(a)pengutronix.de> mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on program/erase times Kuniyuki Iwashima <kuniyu(a)amazon.com> tcp/udp: Fix memory leak in ipv6_renew_options(). Eric Biggers <ebiggers(a)google.com> fscrypt: fix keyring memory leak on mount failure Eric Biggers <ebiggers(a)google.com> fscrypt: stop using keyrings subsystem for fscrypt_master_key Eric Biggers <ebiggers(a)google.com> fscrypt: simplify master key locking John Veness <john-linux(a)pelago.org.uk> ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices Yu Kuai <yukuai3(a)huawei.com> block, bfq: protect 'bfqd->queued' by 'bfqd->lock' Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix attempting to access uninitialized memory Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM Chen Zhongjin <chenzhongjin(a)huawei.com> i2c: piix4: Fix adapter not be removed in piix4_remove() Cristian Marussi <cristian.marussi(a)arm.com> arm64: dts: juno: Add thermal critical trip points Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Make Rx chan_setup fail on memory errors Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Suppress the driver's bind attributes Tim Harvey <tharvey(a)gateworks.com> ARM: dts: imx6qdl-gw59{10,13}: fix user pushbutton GPIO offset Jerry Snitselaar <jsnitsel(a)redhat.com> efi/tpm: Pass correct address to memblock_reserve Martin Tůma <martin.tuma(a)digiteqautomotive.com> i2c: xiic: Add platform module alias Danijel Slivka <danijel.slivka(a)amd.com> drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV case Samuel Bailey <samuel.bailey1(a)gmail.com> HID: saitek: add madcatz variant of MMO7 mouse device ID Uday Shankar <ushankar(a)purestorage.com> scsi: core: Restrict legal sdev_state transitions via sysfs Ashish Kalra <ashish.kalra(a)amd.com> ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() Hangyu Hua <hbh25y(a)gmail.com> media: meson: vdec: fix possible refcount leak in vdec_probe() Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: dvb-frontends/drxk: initialize err to 0 Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: Zero v4l2_subdev_format fields in when validating links Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: rkisp1: Initialize color space on resizer sink and source pads Peter Oberparleiter <oberpar(a)linux.ibm.com> s390/boot: add secure boot trailer Mario Limonciello <mario.limonciello(a)amd.com> xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices Linus Walleij <linus.walleij(a)linaro.org> mtd: parsers: bcm47xxpart: Fix halfblock reads Rafał Miłecki <rafal(a)milecki.pl> mtd: parsers: bcm47xxpart: print correct offset on read error Helge Deller <deller(a)gmx.de> fbdev: stifb: Fall back to cfb_fillrect() on 32-bit HCRX cards Helge Deller <deller(a)gmx.de> video/fbdev/stifb: Implement the stifb_fillrect() function Patrick Thompson <ptf(a)google.com> mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake Jisheng Zhang <Jisheng.Zhang(a)synaptics.com> mmc: sdhci-pci: Avoid comma separated statements Sascha Hauer <s.hauer(a)pengutronix.de> mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus Johan Hovold <johan+linaro(a)kernel.org> drm/msm/hdmi: fix IRQ lifetime Daniel Thompson <daniel.thompson(a)linaro.org> drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag Zhengchao Shao <shaozhengchao(a)huawei.com> ipv6: fix WARNING in ip6_route_net_exit_late() Chen Zhongjin <chenzhongjin(a)huawei.com> net, neigh: Fix null-ptr-deref in neigh_table_clear() Gaosheng Cui <cuigaosheng1(a)huawei.com> net: mdio: fix undefined behavior in bit shift for __mdiobus_register Zhengchao Shao <shaozhengchao(a)huawei.com> Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() Maxim Mikityanskiy <maxtram95(a)gmail.com> Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu Filipe Manana <fdmanana(a)suse.com> btrfs: fix ulist leaks in error paths of qgroup self tests Filipe Manana <fdmanana(a)suse.com> btrfs: fix inode list leak during backref walking at find_parent_nodes() Filipe Manana <fdmanana(a)suse.com> btrfs: fix inode list leak during backref walking at resolve_indirect_refs() Yang Yingliang <yangyingliang(a)huawei.com> isdn: mISDN: netjet: fix wrong check of device registration Yang Yingliang <yangyingliang(a)huawei.com> mISDN: fix possible memory leak in mISDN_register_device() Zhang Qilong <zhangqilong3(a)huawei.com> rose: Fix NULL pointer dereference in rose_send_frame() Zhengchao Shao <shaozhengchao(a)huawei.com> ipvs: fix WARNING in ip_vs_app_net_cleanup() Zhengchao Shao <shaozhengchao(a)huawei.com> ipvs: fix WARNING in __ip_vs_cleanup_batch() Jason A. Donenfeld <Jason(a)zx2c4.com> ipvs: use explicitly signed chars Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: release flow rule object from commit path Ziyang Xuan <william.xuanziyang(a)huawei.com> net: tun: fix bugs for oversize packet when napi frags enabled Dan Carpenter <dan.carpenter(a)oracle.com> net: sched: Fix use after free in red_enqueue() Sergey Shtylyov <s.shtylyov(a)omp.ru> ata: pata_legacy: fix pdc20230_set_piomode() Zhang Changzhong <zhangchangzhong(a)huawei.com> net: fec: fix improper use of NETDEV_TX_BUSY Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send() Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() wengjianfeng <wengjianfeng(a)yulong.com> NFC: nxp-nci: remove unnecessary labels Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: fdp: Fix potential memory leak in fdp_nci_send() Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> nfc: fdp: drop ftrace-like debugging messages Dan Carpenter <dan.carpenter(a)oracle.com> RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() Chen Zhongjin <chenzhongjin(a)huawei.com> RDMA/core: Fix null-ptr-deref in ib_core_cleanup() Chen Zhongjin <chenzhongjin(a)huawei.com> net: dsa: Fix possible memory leaks in dsa_loop_init() Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> nfs4: Fix kmemleak when allocate slot failed Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: Handle RECLAIM_COMPLETE trunking errors Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Fix a potential state reclaim deadlock Dean Luick <dean.luick(a)cornelisnetworks.com> IB/hfi1: Correctly move list in sc_disable() Håkon Bugge <haakon.bugge(a)oracle.com> RDMA/cma: Use output interface for net_dev check Alexander Graf <graf(a)amazon.com> KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER Alexander Graf <graf(a)amazon.com> KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter() Aaron Lewis <aaronlewis(a)google.com> KVM: x86: Protect the unused bits in MSR exiting flags Zhang Rui <rui.zhang(a)intel.com> x86/topology: Fix duplicated core ID within a package Zhang Rui <rui.zhang(a)intel.com> x86/topology: Fix multiple packages shown on a single-package system Yazen Ghannam <yazen.ghannam(a)amd.com> x86/topology: Set cpu_die_id only if DIE_TYPE found Sean Christopherson <seanjc(a)google.com> KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1) Sean Christopherson <seanjc(a)google.com> KVM: x86: Trace re-injected exceptions Sean Christopherson <seanjc(a)google.com> KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to vmcs02 Sean Christopherson <seanjc(a)google.com> KVM: nVMX: Pull KVM L0's desired controls directly from vmcs01 Lukas Wunner <lukas(a)wunner.de> serial: ar933x: Deassert Transmit Enable on ->rs485_config() Maciej W. Rozycki <macro(a)orcam.me.uk> serial: 8250: Let drivers request full 16550A feature probing ------------- Diffstat: Documentation/trace/histogram.rst | 2 +- Makefile | 4 +- arch/arm/boot/dts/imx6qdl-gw5910.dtsi | 2 +- arch/arm/boot/dts/imx6qdl-gw5913.dtsi | 2 +- arch/arm64/boot/dts/arm/juno-base.dtsi | 14 + arch/parisc/include/asm/hardware.h | 12 +- arch/parisc/kernel/drivers.c | 14 +- arch/s390/boot/compressed/vmlinux.lds.S | 13 +- arch/x86/events/intel/core.c | 1 + arch/x86/events/intel/ds.c | 9 +- arch/x86/kernel/cpu/topology.c | 26 +- arch/x86/kvm/cpuid.c | 8 +- arch/x86/kvm/emulate.c | 102 +++-- arch/x86/kvm/trace.h | 12 +- arch/x86/kvm/vmx/nested.c | 30 +- arch/x86/kvm/vmx/vmx.h | 6 +- arch/x86/kvm/x86.c | 134 +++++- block/bfq-iosched.c | 4 +- drivers/acpi/apei/ghes.c | 2 +- drivers/android/binder_alloc.c | 6 +- drivers/ata/pata_legacy.c | 5 +- drivers/firmware/arm_scmi/driver.c | 9 +- drivers/firmware/efi/efi.c | 2 +- drivers/firmware/efi/libstub/random.c | 7 +- drivers/firmware/efi/tpm.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c | 6 + drivers/gpu/drm/amd/amdgpu/amdgpu_virt.h | 4 + drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 6 +- drivers/gpu/drm/i915/display/intel_sdvo.c | 58 ++- drivers/gpu/drm/msm/hdmi/hdmi.c | 4 +- drivers/gpu/drm/rockchip/dw-mipi-dsi-rockchip.c | 6 + drivers/hid/hid-ids.h | 1 + drivers/hid/hid-quirks.c | 1 + drivers/hid/hid-saitek.c | 2 + drivers/hwtracing/coresight/coresight-cti-core.c | 5 - drivers/i2c/busses/i2c-piix4.c | 1 + drivers/i2c/busses/i2c-xiic.c | 1 + drivers/infiniband/core/cma.c | 2 +- drivers/infiniband/core/device.c | 10 +- drivers/infiniband/core/nldev.c | 2 +- drivers/infiniband/hw/hfi1/pio.c | 3 +- drivers/infiniband/hw/qedr/main.c | 9 +- drivers/isdn/hardware/mISDN/netjet.c | 2 +- drivers/isdn/mISDN/core.c | 5 +- drivers/media/cec/platform/cros-ec/cros-ec-cec.c | 2 + drivers/media/cec/platform/s5p/s5p_cec.c | 2 + drivers/media/dvb-frontends/drxk_hard.c | 2 +- drivers/mmc/host/sdhci-esdhc-imx.c | 17 +- drivers/mmc/host/sdhci-pci-core.c | 14 +- drivers/mtd/nand/raw/gpmi-nand/gpmi-nand.c | 6 +- drivers/mtd/parsers/bcm47xxpart.c | 4 +- drivers/net/dsa/dsa_loop.c | 25 +- drivers/net/ethernet/freescale/fec_main.c | 4 +- drivers/net/phy/mdio_bus.c | 2 +- drivers/net/tun.c | 3 +- .../wireless/broadcom/brcm80211/brcmfmac/fweh.c | 4 + drivers/nfc/fdp/fdp.c | 39 +- drivers/nfc/fdp/fdp.h | 1 - drivers/nfc/fdp/i2c.c | 12 +- drivers/nfc/nfcmrvl/i2c.c | 7 +- drivers/nfc/nxp-nci/core.c | 46 +- drivers/nfc/s3fwrn5/core.c | 8 +- drivers/parisc/iosapic.c | 1 + drivers/scsi/scsi_sysfs.c | 8 + drivers/staging/media/meson/vdec/vdec.c | 2 + drivers/staging/media/rkisp1/rkisp1-capture.c | 7 +- drivers/staging/media/rkisp1/rkisp1-resizer.c | 4 + drivers/tty/serial/8250/8250_port.c | 3 +- drivers/tty/serial/8250/Kconfig | 2 +- drivers/tty/serial/ar933x_uart.c | 5 + drivers/usb/host/xhci-pci.c | 32 +- drivers/video/fbdev/stifb.c | 46 +- fs/btrfs/backref.c | 54 ++- fs/btrfs/export.c | 2 +- fs/btrfs/export.h | 2 +- fs/btrfs/tests/qgroup-tests.c | 20 +- fs/crypto/fscrypt_private.h | 80 ++-- fs/crypto/hooks.c | 8 +- fs/crypto/keyring.c | 495 +++++++++++---------- fs/crypto/keysetup.c | 85 ++-- fs/crypto/policy.c | 8 +- fs/ext4/migrate.c | 3 +- fs/ext4/namei.c | 10 +- fs/ext4/verity.c | 3 +- fs/f2fs/verity.c | 3 +- fs/fuse/file.c | 4 + fs/nfs/delegation.c | 36 +- fs/nfs/nfs4client.c | 1 + fs/nfs/nfs4state.c | 2 + fs/super.c | 3 +- include/acpi/ghes.h | 2 +- include/linux/efi.h | 2 +- include/linux/fs.h | 2 +- include/linux/fscrypt.h | 4 +- include/linux/serial_core.h | 3 +- include/net/protocol.h | 4 - include/net/tcp.h | 2 +- include/net/udp.h | 1 + ipc/msg.c | 2 +- ipc/sem.c | 6 +- ipc/shm.c | 2 +- kernel/kprobes.c | 5 +- kernel/trace/ftrace.c | 16 +- kernel/trace/kprobe_event_gen_test.c | 18 +- net/bluetooth/l2cap_core.c | 77 +++- net/core/neighbour.c | 2 +- net/ipv4/af_inet.c | 14 +- net/ipv4/ip_input.c | 37 +- net/ipv4/sysctl_net_ipv4.c | 59 +-- net/ipv6/ip6_input.c | 26 +- net/ipv6/ipv6_sockglue.c | 7 + net/ipv6/route.c | 14 +- net/ipv6/tcp_ipv6.c | 9 +- net/ipv6/udp.c | 9 +- net/netfilter/ipvs/ip_vs_app.c | 10 +- net/netfilter/ipvs/ip_vs_conn.c | 30 +- net/netfilter/nf_tables_api.c | 6 +- net/rose/rose_link.c | 3 + net/sched/sch_red.c | 4 +- security/commoncap.c | 6 +- sound/usb/quirks-table.h | 52 +++ sound/usb/quirks.c | 1 + tools/include/nolibc/nolibc.h | 4 +- 123 files changed, 1285 insertions(+), 837 deletions(-)

2 years, 2 months

9
8
0 0

[PATCH 4.19 00/48] 4.19.265-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.19.265 release. There are 48 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 10 Nov 2022 13:33:17 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.265-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.19.265-rc1 Dokyung Song <dokyung.song(a)gmail.com> wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() Masahiro Yamada <yamada.masahiro(a)socionext.com> linux/bits.h: make BIT(), GENMASK(), and friends available in assembly Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: update the emulation mode after CR0 write Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: introduce emulator_recalc_and_set_mode Maxim Levitsky <mlevitsk(a)redhat.com> KVM: x86: emulator: em_sysexit should update ctxt->mode Jim Mattson <jmattson(a)google.com> KVM: x86: Mask off reserved bits in CPUID.80000008H Ye Bin <yebin10(a)huawei.com> ext4: fix warning in 'ext4_da_release_space' Helge Deller <deller(a)gmx.de> parisc: Avoid printing the hardware path twice Helge Deller <deller(a)gmx.de> parisc: Export iosapic_serial_irq() symbol for serial port driver Helge Deller <deller(a)gmx.de> parisc: Make 8250_gsc driver dependend on CONFIG_PARISC Ard Biesheuvel <ardb(a)kernel.org> efi: random: reduce seed size to 32 bytes John Veness <john-linux(a)pelago.org.uk> ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices Gaosheng Cui <cuigaosheng1(a)huawei.com> capabilities: fix potential memleak on error path from vfs_getxattr_alloc() Zheng Yejian <zhengyejian1(a)huawei.com> tracing/histogram: Update document for KEYS_MAX size Li Qiang <liq3ea(a)163.com> kprobe: reverse kp->flags when arm_kprobe failed Kuniyuki Iwashima <kuniyu(a)amazon.com> tcp/udp: Make early_demux back namespacified. David Sterba <dsterba(a)suse.com> btrfs: fix type of parameter generation in btrfs_get_dentry Yu Kuai <yukuai3(a)huawei.com> block, bfq: protect 'bfqd->queued' by 'bfqd->lock' Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix attempting to access uninitialized memory Martin Tůma <martin.tuma(a)digiteqautomotive.com> i2c: xiic: Add platform module alias Samuel Bailey <samuel.bailey1(a)gmail.com> HID: saitek: add madcatz variant of MMO7 mouse device ID Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: dvb-frontends/drxk: initialize err to 0 Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE Zhengchao Shao <shaozhengchao(a)huawei.com> ipv6: fix WARNING in ip6_route_net_exit_late() Chen Zhongjin <chenzhongjin(a)huawei.com> net, neigh: Fix null-ptr-deref in neigh_table_clear() Gaosheng Cui <cuigaosheng1(a)huawei.com> net: mdio: fix undefined behavior in bit shift for __mdiobus_register Zhengchao Shao <shaozhengchao(a)huawei.com> Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() Maxim Mikityanskiy <maxtram95(a)gmail.com> Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu Filipe Manana <fdmanana(a)suse.com> btrfs: fix ulist leaks in error paths of qgroup self tests Filipe Manana <fdmanana(a)suse.com> btrfs: fix inode list leak during backref walking at resolve_indirect_refs() Yang Yingliang <yangyingliang(a)huawei.com> isdn: mISDN: netjet: fix wrong check of device registration Yang Yingliang <yangyingliang(a)huawei.com> mISDN: fix possible memory leak in mISDN_register_device() Zhang Qilong <zhangqilong3(a)huawei.com> rose: Fix NULL pointer dereference in rose_send_frame() Zhengchao Shao <shaozhengchao(a)huawei.com> ipvs: fix WARNING in ip_vs_app_net_cleanup() Zhengchao Shao <shaozhengchao(a)huawei.com> ipvs: fix WARNING in __ip_vs_cleanup_batch() Jason A. Donenfeld <Jason(a)zx2c4.com> ipvs: use explicitly signed chars Ziyang Xuan <william.xuanziyang(a)huawei.com> net: tun: fix bugs for oversize packet when napi frags enabled Dan Carpenter <dan.carpenter(a)oracle.com> net: sched: Fix use after free in red_enqueue() Sergey Shtylyov <s.shtylyov(a)omp.ru> ata: pata_legacy: fix pdc20230_set_piomode() Zhang Changzhong <zhangchangzhong(a)huawei.com> net: fec: fix improper use of NETDEV_TX_BUSY Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() Shang XiaoJing <shangxiaojing(a)huawei.com> nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send() Dan Carpenter <dan.carpenter(a)oracle.com> RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() Chen Zhongjin <chenzhongjin(a)huawei.com> net: dsa: Fix possible memory leaks in dsa_loop_init() Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> nfs4: Fix kmemleak when allocate slot failed Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: Handle RECLAIM_COMPLETE trunking errors ------------- Diffstat: Documentation/trace/histogram.rst | 2 +- Makefile | 4 +- arch/parisc/include/asm/hardware.h | 12 +-- arch/parisc/kernel/drivers.c | 14 ++- arch/x86/kvm/cpuid.c | 1 + arch/x86/kvm/emulate.c | 102 +++++++++++++++------ block/bfq-iosched.c | 4 +- drivers/ata/pata_legacy.c | 5 +- drivers/firmware/efi/efi.c | 2 +- drivers/hid/hid-ids.h | 1 + drivers/hid/hid-quirks.c | 1 + drivers/hid/hid-saitek.c | 2 + drivers/i2c/busses/i2c-xiic.c | 1 + drivers/infiniband/hw/qedr/main.c | 9 +- drivers/isdn/hardware/mISDN/netjet.c | 2 +- drivers/isdn/mISDN/core.c | 5 +- drivers/media/dvb-frontends/drxk_hard.c | 2 +- drivers/media/platform/cros-ec-cec/cros-ec-cec.c | 2 + drivers/media/platform/s5p-cec/s5p_cec.c | 2 + drivers/net/dsa/dsa_loop.c | 25 +++-- drivers/net/ethernet/freescale/fec_main.c | 4 +- drivers/net/phy/mdio_bus.c | 2 +- drivers/net/tun.c | 3 +- .../wireless/broadcom/brcm80211/brcmfmac/fweh.c | 4 + drivers/nfc/nfcmrvl/i2c.c | 7 +- drivers/nfc/s3fwrn5/core.c | 8 +- drivers/parisc/iosapic.c | 1 + drivers/tty/serial/8250/Kconfig | 2 +- fs/btrfs/backref.c | 36 ++++---- fs/btrfs/export.c | 2 +- fs/btrfs/export.h | 2 +- fs/btrfs/tests/qgroup-tests.c | 20 +++- fs/ext4/migrate.c | 3 +- fs/nfs/nfs4client.c | 1 + fs/nfs/nfs4state.c | 2 + include/linux/bits.h | 17 ++-- include/linux/efi.h | 2 +- include/net/protocol.h | 4 - include/net/tcp.h | 2 + include/net/udp.h | 1 + kernel/kprobes.c | 5 +- net/bluetooth/l2cap_core.c | 52 +++++++++-- net/core/neighbour.c | 2 +- net/ipv4/af_inet.c | 14 +-- net/ipv4/ip_input.c | 32 ++++--- net/ipv4/sysctl_net_ipv4.c | 59 +----------- net/ipv6/ip6_input.c | 23 +++-- net/ipv6/route.c | 14 ++- net/ipv6/tcp_ipv6.c | 9 +- net/ipv6/udp.c | 9 +- net/netfilter/ipvs/ip_vs_app.c | 10 +- net/netfilter/ipvs/ip_vs_conn.c | 30 ++++-- net/rose/rose_link.c | 3 + net/sched/sch_red.c | 4 +- security/commoncap.c | 6 +- sound/usb/quirks-table.h | 58 ++++++++++++ sound/usb/quirks.c | 1 + 57 files changed, 415 insertions(+), 237 deletions(-)

2 years, 2 months

6
53
0 0

LTS 5.15 EOL Date

by Suleiman Souhlal

Hello, I saw that the projected EOL of LTS 5.15 is Oct 2023. How likely is it that the date will be extended? I'm guessing it's pretty likely, given that Android uses it. Thanks, -- Suleiman

2 years, 2 months

3
6
0 0

[PATCH] usb: cdnsp: Fix issue with Clear Feature Halt Endpoint

by Pawel Laszczak

During handling Clear Halt Endpoint Feature request, driver invokes Reset Endpoint command. Because this command has some issue with transition endpoint from Running to Idle state the driver must stop the endpoint by using Stop Endpoint command. cc: <stable(a)vger.kernel.org> Fixes: 3d82904559f4 ("usb: cdnsp: cdns3 Add main part of Cadence USBSSP DRD Driver") Reviewed-by: Peter Chen <peter.chen(a)kernel.org> Signed-off-by: Pawel Laszczak <pawell(a)cadence.com> --- Changelog: v2: - added comma in patch description drivers/usb/cdns3/cdnsp-gadget.c | 12 ++++-------- drivers/usb/cdns3/cdnsp-ring.c | 3 ++- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/drivers/usb/cdns3/cdnsp-gadget.c b/drivers/usb/cdns3/cdnsp-gadget.c index e2e7d16f43f4..0576f9b0e4aa 100644 --- a/drivers/usb/cdns3/cdnsp-gadget.c +++ b/drivers/usb/cdns3/cdnsp-gadget.c @@ -600,11 +600,11 @@ int cdnsp_halt_endpoint(struct cdnsp_device *pdev, trace_cdnsp_ep_halt(value ? "Set" : "Clear"); - if (value) { - ret = cdnsp_cmd_stop_ep(pdev, pep); - if (ret) - return ret; + ret = cdnsp_cmd_stop_ep(pdev, pep); + if (ret) + return ret; + if (value) { if (GET_EP_CTX_STATE(pep->out_ctx) == EP_STATE_STOPPED) { cdnsp_queue_halt_endpoint(pdev, pep->idx); cdnsp_ring_cmd_db(pdev); @@ -613,10 +613,6 @@ int cdnsp_halt_endpoint(struct cdnsp_device *pdev, pep->ep_state |= EP_HALTED; } else { - /* - * In device mode driver can call reset endpoint command - * from any endpoint state. - */ cdnsp_queue_reset_ep(pdev, pep->idx); cdnsp_ring_cmd_db(pdev); ret = cdnsp_wait_for_cmd_compl(pdev); diff --git a/drivers/usb/cdns3/cdnsp-ring.c b/drivers/usb/cdns3/cdnsp-ring.c index 25e5e51cf5a2..aa79bce89d8a 100644 --- a/drivers/usb/cdns3/cdnsp-ring.c +++ b/drivers/usb/cdns3/cdnsp-ring.c @@ -2081,7 +2081,8 @@ int cdnsp_cmd_stop_ep(struct cdnsp_device *pdev, struct cdnsp_ep *pep) u32 ep_state = GET_EP_CTX_STATE(pep->out_ctx); int ret = 0; - if (ep_state == EP_STATE_STOPPED || ep_state == EP_STATE_DISABLED) { + if (ep_state == EP_STATE_STOPPED || ep_state == EP_STATE_DISABLED || + ep_state == EP_STATE_HALTED) { trace_cdnsp_ep_stopped_or_disabled(pep->out_ctx); goto ep_stopped; } -- 2.25.1

2 years, 2 months

1
0
0 0

[PATCH] crypto: avoid unnecessary work when self-tests are disabled

by Eric Biggers

From: Eric Biggers <ebiggers(a)google.com> Currently, registering an algorithm with the crypto API always causes a notification to be posted to the "cryptomgr", which then creates a kthread to self-test the algorithm. However, if self-tests are disabled in the kconfig (as is the default option), then this kthread just notifies waiters that the algorithm has been tested, then exits. This causes a significant amount of overhead, especially in the kthread creation and destruction, which is not necessary at all. For example, in a quick test I found that booting a "minimum" x86_64 kernel with all the crypto options enabled (except for the self-tests) takes about 400ms until PID 1 can start. Of that, a full 13ms is spent just doing this pointless dance, involving a kthread being created, run, and destroyed over 200 times. That's over 3% of the entire kernel start time. Fix this by just skipping the creation of the test larval and the posting of the registration notification entirely, when self-tests are disabled. Also compile out the unnecessary code in algboss.c. While this patch is an optimization and not a "fix" per se, I've marked it as for stable, due to the large improvement it can make to boot time. Cc: stable(a)vger.kernel.org Signed-off-by: Eric Biggers <ebiggers(a)google.com> --- crypto/algapi.c | 3 ++- crypto/algboss.c | 11 +++++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/crypto/algapi.c b/crypto/algapi.c index 5c69ff8e8fa5c..018935cb8417d 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -226,7 +226,8 @@ static struct crypto_larval *crypto_alloc_test_larval(struct crypto_alg *alg) { struct crypto_larval *larval; - if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER)) + if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER) || + IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)) return NULL; larval = crypto_larval_alloc(alg->cra_name, diff --git a/crypto/algboss.c b/crypto/algboss.c index eb5fe84efb83e..e6f0443d08048 100644 --- a/crypto/algboss.c +++ b/crypto/algboss.c @@ -171,16 +171,18 @@ static int cryptomgr_schedule_probe(struct crypto_larval *larval) return NOTIFY_OK; } +#ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS +static int cryptomgr_schedule_test(struct crypto_alg *alg) +{ + return 0; +} +#else static int cryptomgr_test(void *data) { struct crypto_test_param *param = data; u32 type = param->type; int err = 0; -#ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS - goto skiptest; -#endif - if (type & CRYPTO_ALG_TESTED) goto skiptest; @@ -229,6 +231,7 @@ static int cryptomgr_schedule_test(struct crypto_alg *alg) err: return NOTIFY_OK; } +#endif /* !CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */ static int cryptomgr_notify(struct notifier_block *this, unsigned long msg, void *data) base-commit: f67dd6ce0723ad013395f20a3f79d8a437d3f455 -- 2.38.1

2 years, 2 months

2
3
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror November 2022