December 2022 - Linux-stable-mirror

[PATCH] usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail

by cy_huang

From: ChiYuan Huang <cy_huang(a)richtek.com> There's the altmode re-registeration issue after data role swap (DR_SWAP). Comparing to USBPD 2.0, in USBPD 3.0, it loose the limit that only DFP can initiate the VDM command to get partner identity information. For a USBPD 3.0 UFP device, it may already get the identity information from its port partner before DR_SWAP. If DR_SWAP send or receive at the mean time, 'send_discover' flag will be raised again. It causes discover identify action restart while entering ready state. And after all discover actions are done, the 'tcpm_register_altmodes' will be called. If old altmode is not unregistered, this sysfs create fail can be found. In 'DR_SWAP_CHANGE_DR' state case, only DFP will unregister altmodes. For UFP, the original altmodes keep registered. This patch fix the logic that after DR_SWAP, 'tcpm_unregister_altmodes' must be called whatever the current data role is. Fixes: ae8a2ca8a221 ("usb: typec: Group all TCPCI/TCPM code together) Reported-by: TommyYl Chen <tommyyl.chen(a)mediatek.com> Cc: stable(a)vger.kernel.org Signed-off-by: ChiYuan Huang <cy_huang(a)richtek.com> --- Hi, Below's the issue log for the reference. *TCPM [ 3.856679] AMS DISCOVER_MODES start [ 3.856687] PD TX, header: 0x188f [ 3.858827] PD TX complete, status: 0 [ 3.865330] PD RX, header: 0x2daf [1] [ 3.865340] Rx VDM cmd 0xff01a043 type 1 cmd 3 len 2 [ 3.865348] AMS DISCOVER_MODES finished [ 3.865352] Alternate mode 0: SVID 0xff01, VDO 1: 0x001c0045 [ 3.865362] AMS DISCOVER_MODES start [ 3.865367] PD TX, header: 0x1a8f [ 3.867802] PD TX complete, status: 0 [ 3.875208] PD RX, header: 0x2faf [1] [ 3.875216] Rx VDM cmd 0x413ca043 type 1 cmd 3 len 2 [ 3.875222] AMS DISCOVER_MODES finished [ 3.875225] Alternate mode 1: SVID 0x413c, VDO 1: 0x00000001 [ 3.938243] AMS GET_SINK_CAPABILITIES start [ 3.938255] state change SNK_READY -> AMS_START [rev3 GET_SINK_CAPABILITIES] [ 3.938266] state change AMS_START -> GET_SINK_CAP [rev3 GET_SINK_CAPABILITIES] [ 3.938274] PD TX, header: 0xe88 [ 3.940268] PD TX complete, status: 0 [ 3.940310] pending state change GET_SINK_CAP -> GET_SINK_CAP_TIMEOUT @ 60 ms [rev3 GET_SINK_CAPABILITIES] [ 3.946291] PD RX, header: 0x13a4 [1] [ 3.946295] Port partner FRS capable partner_frs_current:0 port_frs_current:0 enable:n [ 3.946298] state change GET_SINK_CAP -> SNK_READY [rev3 GET_SINK_CAPABILITIES] [ 3.946304] AMS GET_SINK_CAPABILITIES finished [ 4.239342] CC1: 5 -> 4, CC2: 0 -> 0 [state SNK_READY, polarity 0, connected] [ 4.256594] PD RX, header: 0x5a9 [1] [ 4.256603] state change SNK_READY -> DR_SWAP_ACCEPT [rev3 DATA_ROLE_SWAP] [ 4.256609] PD TX, header: 0x83 [ 4.258528] PD TX complete, status: 0 [ 4.258584] state change DR_SWAP_ACCEPT -> DR_SWAP_CHANGE_DR [rev3 DATA_ROLE_SWAP] [ 4.258591] Requesting mux state 1, usb-role 1, orientation 1 [ 4.259588] AMS DATA_ROLE_SWAP finished [ 4.259592] state change DR_SWAP_CHANGE_DR -> SNK_READY [rev3 NONE_AMS] [ 4.259605] AMS DISCOVER_IDENTITY start [ 4.259609] Sink TX No Go [ 4.260874] CC1: 4 -> 5, CC2: 0 -> 0 [state SNK_READY, polarity 0, connected] [ 4.359636] AMS DISCOVER_IDENTITY start [ 4.359642] PD TX, header: 0x12af [ 4.361884] PD TX complete, status: 0 [ 4.369433] PD RX, header: 0x578f [1] [ 4.369439] Rx VDM cmd 0xff00a041 type 1 cmd 1 len 5 [ 4.369448] AMS DISCOVER_IDENTITY finished [ 4.369515] Identity: 413c:c013.0712 [ 4.369521] AMS DISCOVER_SVIDS start [ 4.369524] PD TX, header: 0x14af [ 4.371696] PD TX complete, status: 0 [ 4.378564] PD RX, header: 0x398f [1] [ 4.378573] Rx VDM cmd 0xff00a042 type 1 cmd 2 len 3 [ 4.378579] AMS DISCOVER_SVIDS finished [ 4.378582] SVID 1: 0xff01 [ 4.378584] SVID 2: 0x413c [ 4.378594] AMS DISCOVER_MODES start [ 4.378597] PD TX, header: 0x16af [ 4.380696] PD TX complete, status: 0 [ 4.387008] PD RX, header: 0x2b8f [1] [ 4.387014] Rx VDM cmd 0xff01a043 type 1 cmd 3 len 2 [ 4.387021] AMS DISCOVER_MODES finished [ 4.387023] Alternate mode 0: SVID 0xff01, VDO 1: 0x001c0045 [ 4.387029] AMS DISCOVER_MODES start [ 4.387031] PD TX, header: 0x18af [ 4.389134] PD TX complete, status: 0 [ 4.395528] PD RX, header: 0x2d8f [1] [ 4.395538] Rx VDM cmd 0x413ca043 type 1 cmd 3 len 2 [ 4.395546] AMS DISCOVER_MODES finished [ 4.395548] Alternate mode 1: SVID 0x413c, VDO 1: 0x00000001 *Kernel TRACE sysfs: cannot create duplicate filename '/devices/platform/soc/11d01000.i2c/i2c-0/0-0034/mt6360-tcpc.6.auto/typec/port0/port0.0/partner' CPU: 2 PID: 299 Comm: mt6360-tcpc.6.a Tainted: GO 5.15.37-mtk+g880abc5122e7 #1 Hardware name: MediaTek MT8195 demo board (DT) Call trace: dump_backtrace+0x0/0x1ac show_stack+0x24/0x30 dump_stack_lvl+0x68/0x84 dump_stack+0x1c/0x38 sysfs_warn_dup+0x70/0x90 typec_probe+0xa4/0x134 [typec] really_probe.part.0+0xa4/0x310 __device_attach_driver+0x100/0x16c bus_for_each_drv+0x84/0xe0 __device_attach+0xe0/0x1ac device_add+0x39c/0x8b0 device_register+0x2c/0x40 typec_register_altmode+0x1f4/0x360 [typec] typec_partner_register_altmode+0x1c/0x30 [typec] tcpm_pd_rx_handler+0x19d4/0x1c0c [tcpm] kthread_worker_fn+0xb8/0x290 kthread+0x15c/0x170 ret_from_fork+0x10/0x20 [ 4.395962] typec_displayport port0-partner.2: failed to create symlinks [ 4.395967] typec_displayport: probe of port0-partner.2 failed with error -17 It seems it's a common issue if typec port supports the modal operation. --- drivers/usb/typec/tcpm/tcpm.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/drivers/usb/typec/tcpm/tcpm.c b/drivers/usb/typec/tcpm/tcpm.c index 904c7b4..59b366b 100644 --- a/drivers/usb/typec/tcpm/tcpm.c +++ b/drivers/usb/typec/tcpm/tcpm.c @@ -4594,14 +4594,13 @@ static void run_state_machine(struct tcpm_port *port) tcpm_set_state(port, ready_state(port), 0); break; case DR_SWAP_CHANGE_DR: - if (port->data_role == TYPEC_HOST) { - tcpm_unregister_altmodes(port); + tcpm_unregister_altmodes(port); + if (port->data_role == TYPEC_HOST) tcpm_set_roles(port, true, port->pwr_role, TYPEC_DEVICE); - } else { + else tcpm_set_roles(port, true, port->pwr_role, TYPEC_HOST); - } tcpm_ams_finish(port); tcpm_set_state(port, ready_state(port), 0); break; -- 2.7.4

2 years, 7 months

5
8
0 0

[RFC] IMA LSM based rule race condition issue on 4.19 LTS

by Guozihua (Scott)

Hi community. Previously our team reported a race condition in IMA relates to LSM based rules which would case IMA to match files that should be filtered out under normal condition. The issue was originally analyzed and fixed on mainstream. The patch and the discussion could be found here: https://lore.kernel.org/all/20220921125804.59490-1-guozihua@huawei.com/ After that, we did a regression test on 4.19 LTS and the same issue arises. Further analysis reveled that the issue is from a completely different cause. The cause is that selinux_audit_rule_init() would set the rule (which is a second level pointer) to NULL immediately after called. The relevant codes are as shown: security/selinux/ss/services.c: > int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule) > { > struct selinux_state *state = &selinux_state; > struct policydb *policydb = &state->ss->policydb; > struct selinux_audit_rule *tmprule; > struct role_datum *roledatum; > struct type_datum *typedatum; > struct user_datum *userdatum; > struct selinux_audit_rule **rule = (struct selinux_audit_rule **)vrule; > int rc = 0; > > *rule = NULL; *rule is set to NULL here, which means the rule on IMA side is also NULL. > > if (!state->initialized) > return -EOPNOTSUPP; ... > out: > read_unlock(&state->ss->policy_rwlock); > > if (rc) { > selinux_audit_rule_free(tmprule); > tmprule = NULL; > } > > *rule = tmprule; rule is updated at the end of the function. > > return rc; > } security/integrity/ima/ima_policy.c: > static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, > const struct cred *cred, u32 secid, > enum ima_hooks func, int mask) > {... > for (i = 0; i < MAX_LSM_RULES; i++) { > int rc = 0; > u32 osid; > int retried = 0; > > if (!rule->lsm[i].rule) > continue; Setting rule to NULL would lead to LSM based rule matching being skipped. > retry: > switch (i) { To solve this issue, there are multiple approaches we might take and I would like some input from the community. The first proposed solution would be to change selinux_audit_rule_init(). Remove the set to NULL bit and update the rule pointer with cmpxchg. > diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c > index a9f2bc8443bd..aa74b04ccaf7 100644 > --- a/security/selinux/ss/services.c > +++ b/security/selinux/ss/services.c > @@ -3297,10 +3297,9 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule) > struct type_datum *typedatum; > struct user_datum *userdatum; > struct selinux_audit_rule **rule = (struct selinux_audit_rule **)vrule; > + struct selinux_audit_rule *orig = rule; > int rc = 0; > > - *rule = NULL; > - > if (!state->initialized) > return -EOPNOTSUPP; > > @@ -3382,7 +3381,8 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule) > tmprule = NULL; > } > > - *rule = tmprule; > + if (cmpxchg(rule, orig, tmprule) != orig) > + selinux_audit_rule_free(tmprule); > > return rc; > } This solution would be an easy fix, but might influence other modules calling selinux_audit_rule_init() directly or indirectly (on 4.19 LTS, only auditfilter and IMA it seems). And it might be worth returning an error code such as -EAGAIN. Or, we can access rules via RCU, similar to what we do on 5.10. This could means more code change and testing. Reported-by: Huaxin Lu <luhuaxin1(a)huawei.com> -- Best GUO Zihua

2 years, 8 months

4
29
0 0

[PATCH v2 1/2] usb: misc: onboard_usb_hub: Don't create platform devices for DT nodes without 'vdd-supply'

by Matthias Kaehlcke

The primary task of the onboard_usb_hub driver is to control the power of an onboard USB hub. The driver gets the regulator from the device tree property "vdd-supply" of the hub's DT node. Some boards have device tree nodes for USB hubs supported by this driver, but don't specify a "vdd-supply". This is not an error per se, it just means that the onboard hub driver can't be used for these hubs, so don't create platform devices for such nodes. This change doesn't completely fix the reported regression. It should fix it for the RPi 3 B Plus and boards with similar hub configurations (compatible DT nodes without "vdd-supply"), boards that actually use the onboard hub driver could still be impacted by the race conditions discussed in that thread. Not creating the platform devices for nodes without "vdd-supply" is the right thing to do, independently from the race condition, which will be fixed in future patch. Fixes: 8bc063641ceb ("usb: misc: Add onboard_usb_hub driver") Link: https://lore.kernel.org/r/d04bcc45-3471-4417-b30b-5cf9880d785d@i2se.com/ Reported-by: Stefan Wahren <stefan.wahren(a)i2se.com> Signed-off-by: Matthias Kaehlcke <mka(a)chromium.org> --- Changes in v2: - don't create platform devices when "vdd-supply" is missing, rather than returning an error from _find_onboard_hub() - check for "vdd-supply" not "vdd" (Johan) - updated subject and commit message - added 'Link' tag (regzbot) drivers/usb/misc/onboard_usb_hub_pdevs.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/drivers/usb/misc/onboard_usb_hub_pdevs.c b/drivers/usb/misc/onboard_usb_hub_pdevs.c index ed22a18f4ab7..8cea53b0907e 100644 --- a/drivers/usb/misc/onboard_usb_hub_pdevs.c +++ b/drivers/usb/misc/onboard_usb_hub_pdevs.c @@ -101,6 +101,19 @@ void onboard_hub_create_pdevs(struct usb_device *parent_hub, struct list_head *p } } + /* + * The primary task of the onboard_usb_hub driver is to control + * the power of an USB onboard hub. Some boards have device tree + * nodes for USB hubs supported by this driver, but don't + * specify a "vdd-supply", which is needed by the driver. This is + * not a DT error per se, it just means that the onboard hub + * driver can't be used with these nodes, so don't create a + * a platform device for such a node. + */ + if (!of_get_property(np, "vdd-supply", NULL) && + !of_get_property(npc, "vdd-supply", NULL)) + goto node_put; + pdev = of_platform_device_create(np, NULL, &parent_hub->dev); if (!pdev) { dev_err(&parent_hub->dev, -- 2.39.0.314.g84b9a713c41-goog

2 years, 8 months

8
22
0 0

[PATCH 6/6] bus: mhi: ep: Save channel state locally during suspend and resume

by Manivannan Sadhasivam

During suspend and resume, the channel state needs to be saved locally. Otherwise, the endpoint may access the channels while they were being suspended and causing access violations. Fix it by saving the channel state locally during suspend and resume. Cc: <stable(a)vger.kernel.org> # 5.19 Fixes: e4b7b5f0f30a ("bus: mhi: ep: Add support for suspending and resuming channels") Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam(a)linaro.org> --- drivers/bus/mhi/ep/main.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/bus/mhi/ep/main.c b/drivers/bus/mhi/ep/main.c index 2362fcc8b32c..bcaaba97ef63 100644 --- a/drivers/bus/mhi/ep/main.c +++ b/drivers/bus/mhi/ep/main.c @@ -1122,6 +1122,7 @@ void mhi_ep_suspend_channels(struct mhi_ep_cntrl *mhi_cntrl) dev_dbg(&mhi_chan->mhi_dev->dev, "Suspending channel\n"); /* Set channel state to SUSPENDED */ + mhi_chan->state = MHI_CH_STATE_SUSPENDED; tmp &= ~CHAN_CTX_CHSTATE_MASK; tmp |= FIELD_PREP(CHAN_CTX_CHSTATE_MASK, MHI_CH_STATE_SUSPENDED); mhi_cntrl->ch_ctx_cache[i].chcfg = cpu_to_le32(tmp); @@ -1151,6 +1152,7 @@ void mhi_ep_resume_channels(struct mhi_ep_cntrl *mhi_cntrl) dev_dbg(&mhi_chan->mhi_dev->dev, "Resuming channel\n"); /* Set channel state to RUNNING */ + mhi_chan->state = MHI_CH_STATE_RUNNING; tmp &= ~CHAN_CTX_CHSTATE_MASK; tmp |= FIELD_PREP(CHAN_CTX_CHSTATE_MASK, MHI_CH_STATE_RUNNING); mhi_cntrl->ch_ctx_cache[i].chcfg = cpu_to_le32(tmp); -- 2.25.1

2 years, 8 months

2
1
0 0

[PATCH 5/6] bus: mhi: ep: Move chan->lock to the start of processing queued ch ring

by Manivannan Sadhasivam

There is a good chance that while the channel ring gets processed, the STOP or RESET command for the channel might be received from the MHI host. In those cases, the entire channel ring processing needs to be protected by chan->lock to prevent the race where the corresponding channel ring might be reset. While at it, let's also add a sanity check to make sure that the ring is started before processing it. Because, if the STOP/RESET command gets processed while mhi_ep_ch_ring_worker() waited for chan->lock, the ring would've been reset. Cc: <stable(a)vger.kernel.org> # 5.19 Fixes: 03c0bb8ec983 ("bus: mhi: ep: Add support for processing channel rings") Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam(a)linaro.org> --- drivers/bus/mhi/ep/main.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/drivers/bus/mhi/ep/main.c b/drivers/bus/mhi/ep/main.c index 0bce6610ebf1..2362fcc8b32c 100644 --- a/drivers/bus/mhi/ep/main.c +++ b/drivers/bus/mhi/ep/main.c @@ -730,24 +730,37 @@ static void mhi_ep_ch_ring_worker(struct work_struct *work) list_del(&itr->node); ring = itr->ring; + chan = &mhi_cntrl->mhi_chan[ring->ch_id]; + mutex_lock(&chan->lock); + + /* + * The ring could've stopped while we waited to grab the (chan->lock), so do + * a sanity check before going further. + */ + if (!ring->started) { + mutex_unlock(&chan->lock); + kfree(itr); + continue; + } + /* Update the write offset for the ring */ ret = mhi_ep_update_wr_offset(ring); if (ret) { dev_err(dev, "Error updating write offset for ring\n"); + mutex_unlock(&chan->lock); kfree(itr); continue; } /* Sanity check to make sure there are elements in the ring */ if (ring->rd_offset == ring->wr_offset) { + mutex_unlock(&chan->lock); kfree(itr); continue; } el = &ring->ring_cache[ring->rd_offset]; - chan = &mhi_cntrl->mhi_chan[ring->ch_id]; - mutex_lock(&chan->lock); dev_dbg(dev, "Processing the ring for channel (%u)\n", ring->ch_id); ret = mhi_ep_process_ch_ring(ring, el); if (ret) { -- 2.25.1

2 years, 8 months

2
1
0 0

[PATCH v1] mtd: parsers: ofpart: Fix parsing when size-cells is 0

by Francesco Dolcini

From: Francesco Dolcini <francesco.dolcini(a)toradex.com> Add a fallback mechanism to handle the case in which #size-cells is set to <0>. According to the DT binding the nand controller node should have set it to 0 and this is not compatible with the legacy way of specifying partitions directly as child nodes of the nand-controller node. This fixes a boot failure on colibri-imx7 and potentially other boards. Cc: stable(a)vger.kernel.org Fixes: 753395ea1e45 ("ARM: dts: imx7: Fix NAND controller size-cells") Link: https://lore.kernel.org/all/Y4dgBTGNWpM6SQXI@francesco-nb.int.toradex.com/ Signed-off-by: Francesco Dolcini <francesco.dolcini(a)toradex.com> --- drivers/mtd/parsers/ofpart_core.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/drivers/mtd/parsers/ofpart_core.c b/drivers/mtd/parsers/ofpart_core.c index 192190c42fc8..aa3b7fa61e50 100644 --- a/drivers/mtd/parsers/ofpart_core.c +++ b/drivers/mtd/parsers/ofpart_core.c @@ -122,6 +122,17 @@ static int parse_fixed_partitions(struct mtd_info *master, a_cells = of_n_addr_cells(pp); s_cells = of_n_size_cells(pp); + if (s_cells == 0) { + /* + * Use #size-cells = <1> for backward compatibility + * in case #size-cells is set to <0> and firmware adds + * OF partitions without setting it. + */ + pr_warn_once("%s: ofpart partition %pOF (%pOF) #size-cells is <0>, using <1> for backward compatibility.\n", + master->name, pp, + mtd_node); + s_cells = 1; + } if (len / 4 != a_cells + s_cells) { pr_debug("%s: ofpart partition %pOF (%pOF) error parsing reg property.\n", master->name, pp, -- 2.25.1

2 years, 8 months

5
47
0 0

[PATCH 5.15 000/731] 5.15.86-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.86 release. There are 731 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 30 Dec 2022 14:41:39 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.86-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.86-rc1 Yassine Oudjana <y.oudjana(a)protonmail.com> extcon: usbc-tusb320: Call the Type-C IRQ handler only if a port is registered Lin Ma <linma(a)zju.edu.cn> media: dvbdev: fix refcnt bug Lin Ma <linma(a)zju.edu.cn> media: dvbdev: fix build warning due to comments Gaosheng Cui <cuigaosheng1(a)huawei.com> net: stmmac: fix errno when create_singlethread_workqueue() fails Arun Easi <aeasi(a)marvell.com> scsi: qla2xxx: Fix crash when I/O abort times out Filipe Manana <fdmanana(a)suse.com> btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range Chen Zhongjin <chenzhongjin(a)huawei.com> ovl: fix use inode directly in rcu-walk mode Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> fbdev: fbcon: release buffer when fbcon_do_set_font() failed Rickard x Andersson <rickaran(a)axis.com> gcov: add support for checksum field Yuan Can <yuancan(a)huawei.com> floppy: Fix memory leak in do_floppy_init() Johan Hovold <johan+linaro(a)kernel.org> regulator: core: fix deadlock on regulator enable Rasmus Villemoes <linux(a)rasmusvillemoes.dk> iio: adc128s052: add proper .data members in adc128_of_match table Nuno Sá <nuno.sa(a)analog.com> iio: adc: ad_sigma_delta: do not use internal iio_dev lock Zeng Heng <zengheng4(a)huawei.com> iio: fix memory leak in iio_device_register_eventset() Roberto Sassu <roberto.sassu(a)huawei.com> reiserfs: Add missing calls to reiserfs_security_free() Nathan Chancellor <nathan(a)kernel.org> security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6 Schspa Shi <schspa(a)gmail.com> 9p: set req refcount to zero to avoid uninitialized usage Isaac J. Manjarres <isaacmanjarres(a)google.com> loop: Fix the max_loop commandline argument treatment when it is set to 0 Enrik Berkhan <Enrik.Berkhan(a)inka.de> HID: mcp2221: don't connect hidraw Jason Gerecke <killertofu(a)gmail.com> HID: wacom: Ensure bootloader PID is usable in hidraw mode Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Prevent infinite loop in transaction errors recovery for streams Ferry Toth <ftoth(a)exalondelft.nl> usb: dwc3: core: defer probe on ulpi_read_id timeout Sven Peter <sven(a)svenpeter.dev> usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sm8250: fix USB-DP PHY registers Chunfeng Yun <chunfeng.yun(a)mediatek.com> usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq Pawel Laszczak <pawell(a)cadence.com> usb: cdnsp: fix lack of ZLP for ep0 Jiao Zhou <jiaozhou(a)google.com> ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list Edward Pacman <edward(a)edward-p.xyz> ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB wangdicheng <wangdicheng(a)kylinos.cn> ALSA: usb-audio: add the quirk for KT0206 device GUO Zihua <guozihua(a)huawei.com> ima: Simplify ima_lsm_copy_rule John Stultz <jstultz(a)google.com> pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES David Howells <dhowells(a)redhat.com> afs: Fix lost servers_outstanding count Yang Jihong <yangjihong1(a)huawei.com> perf debug: Set debug_peo_args and redirect_to_stderr variable to correct values in perf_quiet_option() John Stultz <jstultz(a)google.com> pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion Kees Cook <keescook(a)chromium.org> LoadPin: Ignore the "contents" argument of the LSM hooks Khaled Almahallawy <khaled.almahallawy(a)intel.com> drm/i915/display: Don't disable DDI/Transcoder when setting phy test pattern Hans de Goede <hdegoede(a)redhat.com> ASoC: rt5670: Remove unbalanced pm_runtime_put() Wang Jingjin <wangjingjin1(a)huawei.com> ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in rk_spdif_runtime_resume() Marek Szyprowski <m.szyprowski(a)samsung.com> ASoC: wm8994: Fix potential deadlock Wang Yufen <wangyufen(a)huawei.com> ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() Wang Jingjin <wangjingjin1(a)huawei.com> ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in rockchip_pdm_runtime_resume() Wang Yufen <wangyufen(a)huawei.com> ASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link() Wang Yufen <wangyufen(a)huawei.com> ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in mt8173_rt5650_rt5514_dev_probe() Cezary Rojewski <cezary.rojewski(a)intel.com> ASoC: Intel: Skylake: Fix driver hang during shutdown Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ALSA: hda: add snd_hdac_stop_streams() helper Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ALSA/ASoC: hda: move/rename snd_hdac_ext_stop_streams to hdac_stream.c Yang Yingliang <yangyingliang(a)huawei.com> hwmon: (jc42) Fix missing unlock on error in jc42_write() Tyler Hicks <code(a)tyhicks.com> KVM: selftests: Fix build regression by using accessor function Karolina Drobnik <karolinadrobnik(a)gmail.com> tools/include: Add _RET_IP_ and math definitions to kernel.h Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init() Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() Nathan Chancellor <nathan(a)kernel.org> drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid() Nathan Chancellor <nathan(a)kernel.org> drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid() Hawkins Jiawei <yin31149(a)gmail.com> hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() Nathan Chancellor <nathan(a)kernel.org> scsi: elx: libefc: Fix second parameter type in state callbacks Bart Van Assche <bvanassche(a)acm.org> scsi: ufs: Reduce the START STOP UNIT timeout Justin Tee <justin.tee(a)broadcom.com> scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs Zhiqi Song <songzhiqi1(a)huawei.com> crypto: hisilicon/hpre - fix resource leak in remove process Xiu Jianfeng <xiujianfeng(a)huawei.com> clk: st: Fix memory leak in st_of_quadfs_setup() Shigeru Yoshida <syoshida(a)redhat.com> media: si470x: Fix use-after-free in si470x_int_in_callback() Wolfram Sang <wsa+renesas(a)sang-engineering.com> mmc: renesas_sdhi: better reset from HS400 mode Kunihiko Hayashi <hayashi.kunihiko(a)socionext.com> mmc: f-sdh30: Add quirks for broken timeout clock capability Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: do not run mt76u_status_worker if the device is not running Rui Zhang <zr.zhang(a)vivo.com> regulator: core: fix use_count leakage when handling boot-on Andrii Nakryiko <andrii(a)kernel.org> libbpf: Avoid enum forward-declarations in public API in C++ mode Wesley Chalmers <Wesley.Chalmers(a)amd.com> drm/amd/display: Use the largest vready_offset in pipe group Ye Bin <yebin10(a)huawei.com> blk-mq: fix possible memleak when register 'hctx' failed Mazin Al Haddad <mazinalhaddad05(a)gmail.com> media: dvb-usb: fix memory leak in dvb_usb_adapter_init() Lin Ma <linma(a)zju.edu.cn> media: dvbdev: adopts refcnt to avoid UAF Yan Lei <yan_lei(a)dahuatech.com> media: dvb-frontends: fix leak of memory fw Maxim Korotkov <korotkov.maxim.s(a)gmail.com> ethtool: avoiding integer overflow in ethtool_phys_id() Stanislav Fomichev <sdf(a)google.com> bpf: Prevent decl_tag from being referenced in func_proto arg Stanislav Fomichev <sdf(a)google.com> ppp: associate skb with a device at tx Schspa Shi <schspa(a)gmail.com> mrp: introduce active flags to prevent UAF when applicant uninit Eric Dumazet <edumazet(a)google.com> ipv6/sit: use DEV_STATS_INC() to avoid data-races Eric Dumazet <edumazet(a)google.com> net: add atomic_long_t to net_device_stats fields Aurabindo Pillai <aurabindo.pillai(a)amd.com> drm/amd/display: fix array index out of bound error in bios parser Jiang Li <jiang.li(a)ugreen.com> md/raid1: stop mdx_raid1 thread when raid1 array run failed Li Zhong <floridsleeves(a)gmail.com> drivers/md/md-bitmap: check the return value of md_bitmap_get_counter() Nathan Chancellor <nathan(a)kernel.org> drm/mediatek: Fix return type of mtk_hdmi_bridge_mode_valid() Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/sti: Use drm_mode_copy() Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/rockchip: Use drm_mode_copy() Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/msm: Use drm_mode_copy() Nathan Chancellor <nathan(a)kernel.org> s390/lcs: Fix return type of lcs_start_xmit() Nathan Chancellor <nathan(a)kernel.org> s390/netiucv: Fix return type of netiucv_tx() Nathan Chancellor <nathan(a)kernel.org> s390/ctcm: Fix return type of ctc{mp,}m_tx() Nathan Chancellor <nathan(a)kernel.org> drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback Nathan Chancellor <nathan(a)kernel.org> drm/amdgpu: Fix type of second parameter in trans_msg() callback Kees Cook <keescook(a)chromium.org> igb: Do not free q_vector unless new one was allocated Minsuk Kang <linuxlovemin(a)yonsei.ac.kr> wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() Nathan Chancellor <nathan(a)kernel.org> hamradio: baycom_epp: Fix return type of baycom_send_packet() Nathan Chancellor <nathan(a)kernel.org> net: ethernet: ti: Fix return type of netcp_ndo_start_xmit() Stanislav Fomichev <sdf(a)google.com> bpf: make sure skb->len != 0 when redirecting to a tunneling device Jiri Slaby (SUSE) <jirislaby(a)kernel.org> qed (gcc13): use u16 for fid to be big enough Hamza Mahfooz <hamza.mahfooz(a)amd.com> Revert "drm/amd/display: Limit max DSC target bpp for specific monitors" gehao <gehao(a)kylinos.cn> drm/amd/display: prevent memory leak Zhang Yuchen <zhangyuchen.lcr(a)bytedance.com> ipmi: fix memleak when unload ipmi driver Amadeusz Sławiński <amadeuszx.slawinski(a)linux.intel.com> ASoC: codecs: rt298: Add quirk for KBL-R RVP platform Shigeru Yoshida <syoshida(a)redhat.com> wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: ath9k: verify the expected usb_endpoints are present Wright Feng <wright.feng(a)cypress.com> brcmfmac: return error when getting invalid max_flowrings from dongle Ming Qian <ming.qian(a)nxp.com> media: imx-jpeg: Disable useless interrupt to avoid kernel panic Doug Brown <doug(a)schmorgal.com> drm/etnaviv: add missing quirks for GC300 ZhangPeng <zhangpeng362(a)huawei.com> hfs: fix OOB Read in __hfs_brec_find Zheng Yejian <zhengyejian1(a)huawei.com> acct: fix potential integer overflow in encode_comp_t() Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix shift-out-of-bounds due to too large exponent of block size Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPICA: Fix error code path in acpi_ds_call_control_method() Hoi Pok Wu <wuhoipok(a)gmail.com> fs: jfs: fix shift-out-of-bounds in dbDiscardAG Dr. David Alan Gilbert <linux(a)treblig.org> jfs: Fix fortify moan in symlink Shigeru Yoshida <syoshida(a)redhat.com> udf: Avoid double brelse() in udf_rename() Dongliang Mu <mudongliangabcd(a)gmail.com> fs: jfs: fix shift-out-of-bounds in dbAllocAG Liu Shixin <liushixin2(a)huawei.com> binfmt_misc: fix shift-out-of-bounds in check_special_flags Gaurav Kohli <gauravkohli(a)linux.microsoft.com> x86/hyperv: Remove unregister syscore call from Hyper-V cleanup Guilherme G. Piccoli <gpiccoli(a)igalia.com> video: hyperv_fb: Avoid taking busy spinlock on panic path Mark Rutland <mark.rutland(a)arm.com> arm64: make is_ttbrX_addr() noinstr-safe Zqiang <qiang1.zhang(a)intel.com> rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> HID: amd_sfh: Add missing check for dma_alloc_coherent Eric Dumazet <edumazet(a)google.com> net: stream: purge sk_error_queue in sk_stream_kill_queues() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> myri10ge: Fix an error handling path in myri10ge_probe() David Howells <dhowells(a)redhat.com> rxrpc: Fix missing unlock in rxrpc_do_sendmsg() Cong Wang <cong.wang(a)bytedance.com> net_sched: reject TCF_EM_SIMPLE case for complex ematch module Yang Yingliang <yangyingliang(a)huawei.com> mailbox: zynq-ipi: fix error handling while device_register() fails Yang Yingliang <yangyingliang(a)huawei.com> mailbox: arm_mhuv2: Fix return value check in mhuv2_probe() Conor Dooley <conor.dooley(a)microchip.com> mailbox: mpfs: read the system controller's status Subash Abhinov Kasiviswanathan <quic_subashab(a)quicinc.com> skbuff: Account for tail adjustment during pull operations Chen-Yu Tsai <wenst(a)chromium.org> arm64: dts: mt8183: Fix Mali GPU clock Chun-Jie Chen <chun-jie.chen(a)mediatek.com> soc: mediatek: pm-domains: Fix the power glitch issue Eelco Chaudron <echaudro(a)redhat.com> openvswitch: Fix flow lookup to use unmasked key Jakub Kicinski <kuba(a)kernel.org> selftests: devlink: fix the fd redirect in dummy_reporter_test GUO Zihua <guozihua(a)huawei.com> rtc: mxc_v2: Add missing clk_disable_unprepare() Tan Tee Min <tee.min.tan(a)linux.intel.com> igc: Set Qbv start_time and end_time to end_time if not being configured in GCL Kurt Kanzenbach <kurt(a)linutronix.de> igc: Lift TAPRIO schedule restriction Tan Tee Min <tee.min.tan(a)linux.intel.com> igc: recalculate Qbv end_time by considering cycle time Tan Tee Min <tee.min.tan(a)linux.intel.com> igc: allow BaseTime 0 enrollment for Qbv Muhammad Husaini Zulkifli <muhammad.husaini.zulkifli(a)intel.com> igc: Add checking for basetime less than zero Vinicius Costa Gomes <vinicius.gomes(a)intel.com> igc: Use strict cycles for Qbv scheduling Vinicius Costa Gomes <vinicius.gomes(a)intel.com> igc: Enhance Qbv scheduling by using first flag bit Christoph Hellwig <hch(a)lst.de> blk-iocost: simplify ioc_name Li Zetao <lizetao1(a)huawei.com> r6040: Fix kmemleak in probe and remove Kirill Tkhai <tkhai(a)ya.ru> unix: Fix race in SOCK_SEQPACKET's unix_dgram_sendmsg() Minsuk Kang <linuxlovemin(a)yonsei.ac.kr> nfc: pn533: Clear nfc_target before being used Vladimir Oltean <vladimir.oltean(a)nxp.com> net: enetc: avoid buffer leaks on xdp_do_redirect() failure Kumar Kartikeya Dwivedi <memxor(a)gmail.com> selftests/bpf: Add test for unstable CT lookup API Yu Kuai <yukuai3(a)huawei.com> block, bfq: fix possible uaf for 'bfqq->bic' Yang Yingliang <yangyingliang(a)huawei.com> mISDN: hfcmulti: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> mISDN: hfcpci: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> mISDN: hfcsusb: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() Emeel Hakim <ehakim(a)nvidia.com> net: macsec: fix net device access prior to holding a lock Dan Aloni <dan.aloni(a)vastdata.com> nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: pcf85063: fix pcf85063_clkout_control Gaosheng Cui <cuigaosheng1(a)huawei.com> rtc: pic32: Move devm_rtc_allocate_device earlier in pic32_rtc_probe() Gaosheng Cui <cuigaosheng1(a)huawei.com> rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe() Qingfang DENG <dqfext(a)gmail.com> netfilter: flowtable: really fix NAT IPv6 offload Yang Yingliang <yangyingliang(a)huawei.com> mfd: pm8008: Fix return value check in pm8008_probe() Lee Jones <lee.jones(a)linaro.org> mfd: pm8008: Remove driver data structure pm8008_data Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> mfd: qcom_rpm: Fix an error handling path in qcom_rpm_probe() Matti Vaittinen <matti.vaittinen(a)fi.rohmeurope.com> mfd: bd957x: Fix Kconfig dependency on REGMAP_IRQ Nathan Lynch <nathanl(a)linux.ibm.com> powerpc/pseries/eeh: use correct API for error log size Haowen Bai <baihaowen(a)meizu.com> powerpc/eeh: Drop redundant spinlock initialization Shang XiaoJing <shangxiaojing(a)huawei.com> remoteproc: qcom: q6v5: Fix missing clk_disable_unprepare() in q6v5_wcss_qcs404_power_on() Yuan Can <yuancan(a)huawei.com> remoteproc: qcom_q6v5_pas: Fix missing of_node_put() in adsp_alloc_memory_region() Luca Weiss <luca.weiss(a)fairphone.com> remoteproc: qcom_q6v5_pas: detach power domains on remove Luca Weiss <luca.weiss(a)fairphone.com> remoteproc: qcom_q6v5_pas: disable wakeup on probe fail or remove Shang XiaoJing <shangxiaojing(a)huawei.com> remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio() Gaosheng Cui <cuigaosheng1(a)huawei.com> remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() Daniel Golle <daniel(a)makrotopia.org> pwm: mediatek: always use bus clock for PWM on MT7622 xinlei lee <xinlei.lee(a)mediatek.com> pwm: mtk-disp: Fix the parameters calculated by the enabled flag of disp_pwm Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> pwm: sifive: Call pwm_sifive_update_clock() while mutex is held Jason Gunthorpe <jgg(a)ziepe.ca> iommu/sun50i: Remove IOMMU_DOMAIN_IDENTITY Miaoqian Lin <linmq006(a)gmail.com> selftests/powerpc: Fix resource leaks Kajol Jain <kjain(a)linux.ibm.com> powerpc/hv-gpci: Fix hv_gpci event list Yang Yingliang <yangyingliang(a)huawei.com> powerpc/83xx/mpc832x_rdb: call platform_device_put() in error case in of_fsl_spi_probe() Nicholas Piggin <npiggin(a)gmail.com> powerpc/perf: callchain validate kernel stack pointer bounds Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> phy: qcom-qmp: create copies of QMP PHY driver Yang Yingliang <yangyingliang(a)huawei.com> powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data() Gustavo A. R. Silva <gustavoars(a)kernel.org> powerpc/xmon: Fix -Wswitch-unreachable warning in bpt_cmds Miaoqian Lin <linmq006(a)gmail.com> cxl: Fix refcount leak in cxl_calc_capp_routing Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> powerpc/52xx: Fix a resource leak in an error handling path Xie Shaowen <studentxswpy(a)163.com> macintosh/macio-adb: check the return value of ioremap() Yang Yingliang <yangyingliang(a)huawei.com> macintosh: fix possible memory leak in macio_add_one_device() Yuan Can <yuancan(a)huawei.com> iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe() Yang Yingliang <yangyingliang(a)huawei.com> iommu/amd: Fix pci device refcount leak in ppr_notifier() Alexander Stein <alexander.stein(a)ew.tq-group.com> rtc: pcf85063: Fix reading alarm Stefan Eichenberger <stefan.eichenberger(a)toradex.com> rtc: snvs: Allow a time difference on clock register read Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> rtc: cmos: Disable ACPI RTC event on removal Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> rtc: cmos: Rename ACPI-related functions Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> rtc: cmos: Eliminate forward declarations of some functions Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> rtc: cmos: Call rtc_wake_setup() from cmos_do_probe() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> rtc: cmos: Call cmos_wake_setup() from cmos_do_probe() Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: cmos: fix build on non-ACPI platforms Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> rtc: cmos: Fix wake alarm breakage Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> rtc: cmos: Fix event handler registration ordering issue Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0 Fenghua Yu <fenghua.yu(a)intel.com> dmaengine: idxd: Fix crc_val field for completion record Abdun Nihaal <abdun.nihaal(a)gmail.com> fs/ntfs3: Fix slab-out-of-bounds read in ntfs_trim_fs Jon Hunter <jonathanh(a)nvidia.com> pwm: tegra: Improve required rate calculation Matt Redfearn <matt.redfearn(a)mips.com> include/uapi/linux/swab: Fix potentially missing __always_inline Al Cooper <alcooperx(a)gmail.com> phy: usb: s2 WoL wakeup_count not incremented for USB->Eth devices Michael Riesch <michael.riesch(a)wolfvision.net> iommu/rockchip: fix permission bits in page table entries v2 Jernej Skrabec <jernej.skrabec(a)gmail.com> iommu/sun50i: Fix flush size Jernej Skrabec <jernej.skrabec(a)gmail.com> iommu/sun50i: Fix R/W permission check Jernej Skrabec <jernej.skrabec(a)gmail.com> iommu/sun50i: Consider all fault sources for reset Jernej Skrabec <jernej.skrabec(a)gmail.com> iommu/sun50i: Fix reset release Dan Carpenter <dan.carpenter(a)oracle.com> fs/ntfs3: Harden against integer overflows Kees Cook <keescook(a)chromium.org> overflow: Implement size_t saturating arithmetic helpers Shigeru Yoshida <syoshida(a)redhat.com> fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst() Arnd Bergmann <arnd(a)arndb.de> RDMA/siw: Fix pointer cast warning Namhyung Kim <namhyung(a)kernel.org> perf stat: Do not delay the workload with --delay Adrián Herrera Arcila <adrian.herrera(a)arm.com> perf stat: Refactor __run_perf_stat() common code ruanjinjie <ruanjinjie(a)huawei.com> power: supply: fix null pointer dereferencing in power_supply_get_battery_info Yuan Can <yuancan(a)huawei.com> power: supply: ab8500: Fix error handling in ab8500_charger_init() Yuan Can <yuancan(a)huawei.com> HSI: omap_ssi_core: Fix error handling in ssi_init() Zhang Qilong <zhangqilong3(a)huawei.com> power: supply: z2_battery: Fix possible memleak in z2_batt_probe() Ajay Kaher <akaher(a)vmware.com> perf symbol: correction while adjusting symbol Leo Yan <leo.yan(a)linaro.org> perf trace: Handle failure when trace point folder is missed Leo Yan <leo.yan(a)linaro.org> perf trace: Use macro RAW_SYSCALL_ARGS_NUM to replace number Leo Yan <leo.yan(a)linaro.org> perf trace: Return error if a system call doesn't exist Zeng Heng <zengheng4(a)huawei.com> power: supply: fix residue sysfs file in error handle route of __power_supply_register() Yang Yingliang <yangyingliang(a)huawei.com> HSI: omap_ssi_core: fix possible memory leak in ssi_probe() Yang Yingliang <yangyingliang(a)huawei.com> HSI: omap_ssi_core: fix unbalanced pm_runtime_disable() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() Randy Dunlap <rdunlap(a)infradead.org> fbdev: uvesafb: don't build on UML Randy Dunlap <rdunlap(a)infradead.org> fbdev: geode: don't build on UML Gaosheng Cui <cuigaosheng1(a)huawei.com> fbdev: ep93xx-fb: Add missing clk_disable_unprepare in ep93xxfb_probe() Xiongfeng Wang <wangxiongfeng2(a)huawei.com> fbdev: vermilion: decrease reference count in error path Shang XiaoJing <shangxiaojing(a)huawei.com> fbdev: via: Fix error in via_core_init() Yang Yingliang <yangyingliang(a)huawei.com> fbdev: pm2fb: fix missing pci_disable_device() Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> fbdev: ssd1307fb: Drop optional dependency Bjorn Andersson <bjorn.andersson(a)linaro.org> thermal/drivers/qcom/lmh: Fix irq handler return value Luca Weiss <luca.weiss(a)fairphone.com> thermal/drivers/qcom/temp-alarm: Fix inaccurate warning for gen2 Marcus Folkesson <marcus.folkesson(a)gmail.com> thermal/drivers/imx8mm_thermal: Validate temperature range Shang XiaoJing <shangxiaojing(a)huawei.com> samples: vfio-mdev: Fix missing pci_disable_device() in mdpy_fb_probe() Xiu Jianfeng <xiujianfeng(a)huawei.com> ksmbd: Fix resource leak in ksmbd_session_rpc_open() Zheng Yejian <zhengyejian1(a)huawei.com> tracing/hist: Fix issue of losting command info in error_log Jiasheng Jiang <jiasheng(a)iscas.ac.cn> usb: storage: Add check for kcalloc Zheyu Ma <zheyuma97(a)gmail.com> i2c: ismt: Fix an out-of-bounds bug in ismt_access() Yang Yingliang <yangyingliang(a)huawei.com> i2c: mux: reg: check return value after calling platform_get_resource() Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpiolib: protect the GPIO device against being dropped while in use by user-space Bartosz Golaszewski <brgl(a)bgdev.pl> gpiolib: make struct comments into real kernel docs Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpiolib: cdev: fix NULL-pointer dereferences Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> gpiolib: Get rid of redundant 'else' Chen Zhongjin <chenzhongjin(a)huawei.com> vme: Fix error not catched in fake_init() YueHaibing <yuehaibing(a)huawei.com> staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor() Dan Carpenter <error27(a)gmail.com> staging: rtl8192u: Fix use after free in ieee80211_rx() Hui Tang <tanghui20(a)huawei.com> i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe Yang Yingliang <yangyingliang(a)huawei.com> chardev: fix error handling in cdev_device_add() Yang Yingliang <yangyingliang(a)huawei.com> mcb: mcb-parse: fix error handing in chameleon_parse_gdd() Zhengchao Shao <shaozhengchao(a)huawei.com> drivers: mcb: fix resource leak in mcb_probe() John Keeping <john(a)metanate.com> usb: gadget: f_hid: fix refcount leak on error path John Keeping <john(a)metanate.com> usb: gadget: f_hid: fix f_hidg lifetime vs cdev Yang Yingliang <yangyingliang(a)huawei.com> usb: roles: fix of node refcount leak in usb_role_switch_is_parent() Yang Shen <shenyang39(a)huawei.com> coresight: trbe: remove cpuhp instance node before remove cpuhp state Fabrice Gasnier <fabrice.gasnier(a)foss.st.com> counter: stm32-lptimer-cnt: fix the check on arr and cmp registers update Ramona Bolboaca <ramona.bolboaca(a)analog.com> iio: adis: add '__adis_enable_irq()' implementation Jonathan Cameron <Jonathan.Cameron(a)huawei.com> iio:imu:adis: Move exports into IIO_ADISLIB namespace Nuno Sá <nuno.sa(a)analog.com> iio: adis: stylistic changes Nuno Sá <nuno.sa(a)analog.com> iio: adis: handle devices that cannot unmask the drdy pin Cosmin Tanislav <cosmin.tanislav(a)analog.com> iio: temperature: ltc2983: make bulk write buffer DMA-safe Yang Yingliang <yangyingliang(a)huawei.com> cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter() Yang Yingliang <yangyingliang(a)huawei.com> cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter() Yang Yingliang <yangyingliang(a)huawei.com> firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() Zheng Wang <zyytlz.wz(a)163.com> misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os ruanjinjie <ruanjinjie(a)huawei.com> misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() Yang Yingliang <yangyingliang(a)huawei.com> ocxl: fix pci device refcount leak when calling get_function_0() Yang Yingliang <yangyingliang(a)huawei.com> misc: ocxl: fix possible name leak in ocxl_file_register_afu() Zhengchao Shao <shaozhengchao(a)huawei.com> test_firmware: fix memory leak in test_firmware_init() Yuan Can <yuancan(a)huawei.com> serial: sunsab: Fix error handling in sunsab_init() Gabriel Somlo <gsomlo(a)gmail.com> serial: altera_uart: fix locking in polling mode Jiri Slaby <jirislaby(a)kernel.org> tty: serial: altera_uart_{r,t}x_chars() need only uart_port Jiri Slaby <jirislaby(a)kernel.org> tty: serial: clean up stop-tx part in altera_uart_tx_chars() Xiongfeng Wang <wangxiongfeng2(a)huawei.com> serial: pch: Fix PCI device refcount leak in pch_request_dma() Valentin Caron <valentin.caron(a)foss.st.com> serial: stm32: move dma_request_chan() before clk_prepare_enable() delisun <delisun(a)pateo.com.cn> serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle. Jiamei Xie <jiamei.xie(a)arm.com> serial: amba-pl011: avoid SBSA UART accessing DMACR register Marek Vasut <marex(a)denx.de> extcon: usbc-tusb320: Update state on probe even if no IRQ pending Marek Vasut <marex(a)denx.de> extcon: usbc-tusb320: Add USB TYPE-C support Marek Vasut <marex(a)denx.de> extcon: usbc-tusb320: Factor out extcon into dedicated functions Samuel Holland <samuel(a)sholland.org> usb: typec: Factor out non-PD fwnode properties Yassine Oudjana <y.oudjana(a)protonmail.com> extcon: usbc-tusb320: Add support for TUSB320L Yassine Oudjana <y.oudjana(a)protonmail.com> extcon: usbc-tusb320: Add support for mode setting and reset Sven Peter <sven(a)svenpeter.dev> usb: typec: tipd: Fix spurious fwnode_handle_put in error path Sven Peter <sven(a)svenpeter.dev> usb: typec: tipd: Cleanup resources if devm_tps6598_psy_register fails Yang Yingliang <yangyingliang(a)huawei.com> usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() Sven Peter <sven(a)svenpeter.dev> usb: typec: Check for ops->exit instead of ops->enter in altmode_exit Gaosheng Cui <cuigaosheng1(a)huawei.com> staging: vme_user: Fix possible UAF in tsi148_dma_list_add Linus Walleij <linus.walleij(a)linaro.org> usb: fotg210-udc: Fix ages old endianness issues Rafael Mendonca <rafaelmendsr(a)gmail.com> uio: uio_dmem_genirq: Fix deadlock between irq config and handling Rafael Mendonca <rafaelmendsr(a)gmail.com> uio: uio_dmem_genirq: Fix missing unlock in irq configuration Rafael Mendonca <rafaelmendsr(a)gmail.com> vfio: platform: Do not pass return buffer to ACPI _RST method Yang Yingliang <yangyingliang(a)huawei.com> class: fix possible memory leak in __class_register() Yuan Can <yuancan(a)huawei.com> serial: 8250_bcm7271: Fix error handling in brcmuart_init() Kartik <kkartik(a)nvidia.com> serial: tegra: Read DMA status before terminating Yang Yingliang <yangyingliang(a)huawei.com> drivers: dio: fix possible memory leak in dio_init() Palmer Dabbelt <palmer(a)rivosinc.com> RISC-V: Align the shadow stack Dragos Tatulea <dtatulea(a)nvidia.com> IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces Xiongfeng Wang <wangxiongfeng2(a)huawei.com> hwrng: geode - Fix PCI device refcount leak Xiongfeng Wang <wangxiongfeng2(a)huawei.com> hwrng: amd - Fix PCI device refcount leak Gaosheng Cui <cuigaosheng1(a)huawei.com> crypto: img-hash - Fix variable dereferenced before check 'hdev->req' Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix error code of CMD Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix page size cap from firmware Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix PBL page MTR find Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix AH attr queried by query_qp Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> orangefs: Fix sysfs not cleanup when dev init failed John Thomson <git(a)johnthomson.fastmail.com.au> PCI: mt7621: Add sentinel to quirks table Bjorn Helgaas <bhelgaas(a)google.com> PCI: mt7621: Rename mt7621_pci_ to mt7621_pcie_ Wang Yufen <wangyufen(a)huawei.com> RDMA/srp: Fix error return code in srp_parse_options() Wang Yufen <wangyufen(a)huawei.com> RDMA/hfi1: Fix error return code in parse_platform_config() Tong Tiangen <tongtiangen(a)huawei.com> riscv/mm: add arch hook arch_clear_hugepage_flags Shang XiaoJing <shangxiaojing(a)huawei.com> crypto: omap-sham - Use pm_runtime_resume_and_get() in omap_sham_probe() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> crypto: amlogic - Remove kcalloc without check Mark Zhang <markzhang(a)nvidia.com> RDMA/nldev: Fix failure to send large messages Yonggil Song <yonggil.song(a)samsung.com> f2fs: avoid victim selection from previous victim section Yuan Can <yuancan(a)huawei.com> RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps() Gaosheng Cui <cuigaosheng1(a)huawei.com> scsi: snic: Fix possible UAF in snic_tgt_create() Chen Zhongjin <chenzhongjin(a)huawei.com> scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails Shang XiaoJing <shangxiaojing(a)huawei.com> scsi: ipr: Fix WARNING in ipr_init() Yang Yingliang <yangyingliang(a)huawei.com> scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper() Yang Yingliang <yangyingliang(a)huawei.com> scsi: fcoe: Fix possible name leak when device_register() fails Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> scsi: scsi_debug: Fix a warning in resp_report_zones() Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> scsi: scsi_debug: Fix a warning in resp_verify() Chen Zhongjin <chenzhongjin(a)huawei.com> scsi: efct: Fix possible memleak in efct_device_init() Yang Yingliang <yangyingliang(a)huawei.com> scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device() Yang Yingliang <yangyingliang(a)huawei.com> scsi: hpsa: Fix error handling in hpsa_add_sas_host() Yang Yingliang <yangyingliang(a)huawei.com> scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() Daniel Jordan <daniel.m.jordan(a)oracle.com> padata: Fix list iterator in padata_do_serial() Daniel Jordan <daniel.m.jordan(a)oracle.com> padata: Always leave BHs disabled when running ->parallel() Zhang Yiqun <zhangyiqun(a)phytium.com.cn> crypto: tcrypt - Fix multibuffer skcipher speed test mem leak Yuan Can <yuancan(a)huawei.com> scsi: hpsa: Fix possible memory leak in hpsa_init_one() Serge Semin <Sergey.Semin(a)baikalelectronics.ru> dt-bindings: visconti-pcie: Fix interrupts array max constraints Serge Semin <Sergey.Semin(a)baikalelectronics.ru> dt-bindings: imx6q-pcie: Fix clock names for imx6sx and imx8mq Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed Zhengchao Shao <shaozhengchao(a)huawei.com> RDMA/hns: fix memory leak in hns_roce_alloc_mr() Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> crypto: ccree - Make cc_debugfs_global_fini() available for module init function Xiongfeng Wang <wangxiongfeng2(a)huawei.com> RDMA/hfi: Decrease PCI device reference count in error path Zeng Heng <zengheng4(a)huawei.com> PCI: Check for alloc failure in pci_request_irq() Luoyouming <luoyouming(a)huawei.com> RDMA/hns: Fix ext_sge num error when post send Luoyouming <luoyouming(a)huawei.com> RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data() Xiongfeng Wang <wangxiongfeng2(a)huawei.com> crypto: hisilicon/qm - add missing pci_dev_put() in q_num_set() Herbert Xu <herbert(a)gondor.apana.org.au> crypto: cryptd - Use request context instead of stack for sub-request Gaosheng Cui <cuigaosheng1(a)huawei.com> crypto: ccree - Remove debugfs when platform_driver_register failed Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> scsi: scsi_debug: Fix a warning in resp_write_scat() Bernard Metzler <bmt(a)zurich.ibm.com> RDMA/siw: Set defined status for work completion with undefined status Mark Zhang <markzhang(a)nvidia.com> RDMA/nldev: Return "-EAGAIN" if the cm_id isn't from expected port Mark Zhang <markzhang(a)nvidia.com> RDMA/core: Make sure "ib_port" is valid when access sysfs node Mark Zhang <markzhang(a)nvidia.com> RDMA/restrack: Release MR restrack when delete Nirmal Patel <nirmal.patel(a)linux.intel.com> PCI: vmd: Disable MSI remapping after suspend Leonid Ravich <lravich(a)gmail.com> IB/mad: Don't call to function that might sleep while in atomic context Bernard Metzler <bmt(a)zurich.ibm.com> RDMA/siw: Fix immediate work request flush to completion queue Bart Van Assche <bvanassche(a)acm.org> scsi: qla2xxx: Fix set-but-not-used variable warnings Shiraz Saleem <shiraz.saleem(a)intel.com> RDMA/irdma: Report the correct link speed Chao Yu <chao(a)kernel.org> f2fs: fix to destroy sbi->post_read_wq in error path of f2fs_fill_super() Dongdong Zhang <zhangdongdong1(a)oppo.com> f2fs: fix normal discard process Chao Yu <chao(a)kernel.org> f2fs: fix to invalidate dcc->f2fs_issue_discard in error path Xiu Jianfeng <xiujianfeng(a)huawei.com> apparmor: Fix memleak in alloc_ns() Corentin Labbe <clabbe(a)baylibre.com> crypto: rockchip - rework by using crypto_engine Corentin Labbe <clabbe(a)baylibre.com> crypto: rockchip - remove non-aligned handling Corentin Labbe <clabbe(a)baylibre.com> crypto: rockchip - better handle cipher key Corentin Labbe <clabbe(a)baylibre.com> crypto: rockchip - add fallback for ahash Corentin Labbe <clabbe(a)baylibre.com> crypto: rockchip - add fallback for cipher Corentin Labbe <clabbe(a)baylibre.com> crypto: rockchip - do not store mode globally Corentin Labbe <clabbe(a)baylibre.com> crypto: rockchip - do not do custom power management Zhang Qilong <zhangqilong3(a)huawei.com> f2fs: Fix the race condition of resize flag between resizefs Kunihiko Hayashi <hayashi.kunihiko(a)socionext.com> PCI: pci-epf-test: Register notifier if only core_init_notifier is enabled Leon Romanovsky <leon(a)kernel.org> RDMA/core: Fix order of nldev_exit call Vidya Sagar <vidyas(a)nvidia.com> PCI: dwc: Fix n_fts[] array overrun Xiu Jianfeng <xiujianfeng(a)huawei.com> apparmor: Use pointer to struct aa_label for lbs_cred Bart Van Assche <bvanassche(a)acm.org> scsi: core: Fix a race between scsi_done() and scsi_timeout() Natalia Petrova <n.petrova(a)fintech.ru> crypto: nitrox - avoid double free on error path in nitrox_sriov_init() Corentin Labbe <clabbe(a)baylibre.com> crypto: sun8i-ss - use dma_addr instead u32 Weili Qian <qianweili(a)huawei.com> crypto: hisilicon/qm - fix missing destroy qp_idr John Johansen <john.johansen(a)canonical.com> apparmor: Fix abi check to include v8 abi John Johansen <john.johansen(a)canonical.com> apparmor: fix lockdep warning when removing a namespace Gaosheng Cui <cuigaosheng1(a)huawei.com> apparmor: fix a memleak in multi_transaction_new() Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path Bartosz Staszewski <bartoszx.staszewski(a)intel.com> i40e: Fix the inability to attach XDP program on downed interface Piergiorgio Beruto <piergiorgio.beruto(a)gmail.com> stmmac: fix potential division by 0 Yang Yingliang <yangyingliang(a)huawei.com> Bluetooth: RFCOMM: don't call kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> Bluetooth: hci_core: don't call kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> Bluetooth: hci_bcsp: don't call kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> Bluetooth: hci_h5: don't call kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> Bluetooth: hci_ll: don't call kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> Bluetooth: hci_qca: don't call kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> Bluetooth: btusb: don't call kfree_skb() under spin_lock_irqsave() Wang ShaoBo <bobo.shaobowang(a)huawei.com> Bluetooth: btintel: Fix missing free skb in btintel_setup_combined() Inga Stotland <inga.stotland(a)intel.com> Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS Firo Yang <firo.yang(a)suse.com> sctp: sysctl: make extra pointers netns aware Eric Pilmore <epilmore(a)gigaio.com> ntb_netdev: Use dev_kfree_skb_any() in interrupt context Jerry Ray <jerry.ray(a)microchip.com> net: lan9303: Fix read error execution path Markus Schneider-Pargmann <msp(a)baylibre.com> can: tcan4x5x: Fix use of register error status mask Vivek Yadav <vivek.2311(a)samsung.com> can: m_can: Call the RAM init directly from m_can_chip_config Markus Schneider-Pargmann <msp(a)baylibre.com> can: tcan4x5x: Remove invalid write in clear_interrupts Tom Lendacky <thomas.lendacky(a)amd.com> net: amd-xgbe: Check only the minimum speed for active/passive cables Tom Lendacky <thomas.lendacky(a)amd.com> net: amd-xgbe: Fix logic around active and passive cables Yang Yingliang <yangyingliang(a)huawei.com> af_unix: call proto_unregister() in the error path in af_unix_init() Yang Yingliang <yangyingliang(a)huawei.com> net: amd: lance: don't call dev_kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> hamradio: don't call dev_kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> net: ethernet: dnet: don't call dev_kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> net: emaclite: don't call dev_kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> net: apple: bmac: don't call dev_kfree_skb() under spin_lock_irqsave() Yang Yingliang <yangyingliang(a)huawei.com> net: apple: mace: don't call dev_kfree_skb() under spin_lock_irqsave() Hangbin Liu <liuhangbin(a)gmail.com> net/tunnel: wait until all sk_user_data reader finish before releasing the sock Li Zetao <lizetao1(a)huawei.com> net: farsync: Fix kmemleak when rmmods farsync Yang Yingliang <yangyingliang(a)huawei.com> ethernet: s2io: don't call dev_kfree_skb() under spin_lock_irqsave() ruanjinjie <ruanjinjie(a)huawei.com> of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry() and find_dup_cset_prop() Yuan Can <yuancan(a)huawei.com> drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() Gaosheng Cui <cuigaosheng1(a)huawei.com> net: stmmac: fix possible memory leak in stmmac_dvr_probe() Zhang Changzhong <zhangchangzhong(a)huawei.com> net: stmmac: selftests: fix potential memleak in stmmac_test_arpoffload() Yongqiang Liu <liuyongqiang13(a)huawei.com> net: defxx: Fix missing err handling in dfx_init() Artem Chernyshev <artem.chernyshev(a)red-soft.ru> net: vmw_vsock: vmci: Check memcpy_from_msg() Xiu Jianfeng <xiujianfeng(a)huawei.com> clk: socfpga: Fix memory leak in socfpga_gate_init() Björn Töpel <bjorn(a)rivosinc.com> bpf: Do not zero-extend kfunc return values Yang Jihong <yangjihong1(a)huawei.com> blktrace: Fix output non-blktrace event when blk_classic option enabled Wang Yufen <wangyufen(a)huawei.com> wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware() Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtl8xxxu: Fix the channel width reporting Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h Kris Bahnsen <kris(a)embeddedTS.com> spi: spi-gpio: Don't set MOSI as an input if not 3WIRE mode Xiu Jianfeng <xiujianfeng(a)huawei.com> clk: samsung: Fix memory leak in _samsung_clk_register_pll() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> media: coda: Add check for kmalloc Jiasheng Jiang <jiasheng(a)iscas.ac.cn> media: coda: Add check for dcoda_iram_alloc Liang He <windhl(a)126.com> media: c8sectpfe: Add of_node_put() when breaking out of loop Yuan Can <yuancan(a)huawei.com> regulator: qcom-labibb: Fix missing of_node_put() in qcom_labibb_regulator_probe() Zhen Lei <thunder.leizhen(a)huawei.com> mmc: core: Normalize the error handling branch in sd_read_ext_regs() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> memstick/ms_block: Add check for alloc_ordered_workqueue Luis Chamberlain <mcgrof(a)kernel.org> memstick: ms_block: Add error handling support for add_disk() Wolfram Sang <wsa+renesas(a)sang-engineering.com> mmc: renesas_sdhi: alway populate SCC pointer Yang Yingliang <yangyingliang(a)huawei.com> mmc: mmci: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: wbsd: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: via-sdmmc: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: meson-gx: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: omap_hsmmc: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: atmel-mci: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: wmt-sdmmc: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: vub300: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: toshsd: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: rtsx_pci: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: pxamci: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: mxcmmc: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: moxart: fix return value check of mmc_add_host() Yang Yingliang <yangyingliang(a)huawei.com> mmc: alcor: fix return value check of mmc_add_host() Pu Lehui <pulehui(a)huawei.com> riscv, bpf: Emit fixed-length instructions for BPF_PSEUDO_FUNC Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.x: Fail client initialisation if state manager thread can't run Wang ShaoBo <bobo.shaobowang(a)huawei.com> SUNRPC: Fix missing release socket in rpc_sockname() Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> xprtrdma: Fix regbuf data not freed in rpcrdma_req_create() Gaosheng Cui <cuigaosheng1(a)huawei.com> ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt Liu Shixin <liushixin2(a)huawei.com> media: saa7164: fix missing pci_disable_device() Takashi Iwai <tiwai(a)suse.de> ALSA: pcm: Set missing stop_operating flag at undoing trigger start Eric Dumazet <edumazet(a)google.com> bpf, sockmap: fix race in sock_map_free() Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> hwmon: (jc42) Restore the min/max/critical temperatures on resume Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> hwmon: (jc42) Convert register access and caching to regmap/regcache Yang Yingliang <yangyingliang(a)huawei.com> regulator: core: fix resource leak in regulator_register() Chen Zhongjin <chenzhongjin(a)huawei.com> configfs: fix possible memory leak in configfs_create_dir() Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> hsr: Synchronize sequence number updates. Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> hsr: Synchronize sending frames to have always incremented outgoing seq nr. Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> hsr: Disable netpoll. Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> hsr: Avoid double remove of a node. Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> hsr: Add a rcu-read lock to hsr_forward_skb(). Christian Marangi <ansuelsmth(a)gmail.com> clk: qcom: clk-krait: fix wrong div2 functions Douglas Anderson <dianders(a)chromium.org> clk: qcom: lpass-sc7180: Fix pm_runtime usage Yang Yingliang <yangyingliang(a)huawei.com> regulator: core: fix module refcount leak in set_supply() Deren Wu <deren.wu(a)mediatek.com> wifi: mt76: fix coverity overrun-call in mt76_get_txpower() Lorenzo Bianconi <lorenzo(a)kernel.org> wifi: mt76: mt7921: fix reporting of TX AGGR histogram Xing Song <xing.song(a)mediatek.com> mt76: stop the radar detector after leaving dfs channel Chen Zhongjin <chenzhongjin(a)huawei.com> wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails Zhengchao Shao <shaozhengchao(a)huawei.com> wifi: mac80211: fix memory leak in ieee80211_if_add() Alexander Sverdlin <alexander.sverdlin(a)siemens.com> spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE Dan Carpenter <error27(a)gmail.com> bonding: uninitialized variable in bond_miimon_inspect() Pengcheng Yang <yangpc(a)wangsu.com> bpf, sockmap: Fix data loss caused by using apply_bytes on ingress redirect Pengcheng Yang <yangpc(a)wangsu.com> bpf, sockmap: Fix missing BPF_F_INGRESS flag when using apply_bytes Pengcheng Yang <yangpc(a)wangsu.com> bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data Randy Dunlap <rdunlap(a)infradead.org> Input: wistron_btns - disable on UML Florian Westphal <fw(a)strlen.de> netfilter: conntrack: set icmpv6 redirects as RELATED Zhang Qilong <zhangqilong3(a)huawei.com> ASoC: pcm512x: Fix PM disable depth imbalance in pcm512x_probe Konstantin Meskhidze <konstantin.meskhidze(a)huawei.com> drm/amdkfd: Fix memory leakage Xiongfeng Wang <wangxiongfeng2(a)huawei.com> drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() Xiongfeng Wang <wangxiongfeng2(a)huawei.com> drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() Guchun Chen <guchun.chen(a)amd.com> drm/amd/pm/smu11: BACO is supported when it's in BACO state Ricardo Ribalda <ribalda(a)chromium.org> ASoC: mediatek: mt8173: Enable IRQ when pdata is ready AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> ASoC: mediatek: mt8173: Fix debugfs registration for components Ben Greear <greearb(a)candelatech.com> wifi: iwlwifi: mvm: fix double free on tx path. Liu Shixin <liushixin2(a)huawei.com> ALSA: asihpi: fix missing pci_disable_device() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix an Oops in nfs_d_automount() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Fix a deadlock between nfs4_open_recover_helper() and delegreturn Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Fix a credential leak in _nfs4_discover_trunking() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.2: Fix initialisation of struct nfs4_label Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.2: Fix a memory stomp in decode_attr_security_label Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.2: Clear FATTR4_WORD2_SECURITY_LABEL when done decoding Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: mediatek: mtk-btcvsd: Add checks for write and read of mtk_btcvsd_snd Dmitry Torokhov <dmitry.torokhov(a)gmail.com> ASoC: dt-bindings: wcd9335: fix reset line polarity in example Zhang Zekun <zhangzekun11(a)huawei.com> drm/tegra: Add missing clk_disable_unprepare() in tegra_dc_probe() Aakarsh Jain <aakarsh.jain(a)samsung.com> media: s5p-mfc: Add variant data for MFC v7 hardware for Exynos 3250 SoC Baisong Zhong <zhongbaisong(a)huawei.com> media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() Chen Zhongjin <chenzhongjin(a)huawei.com> media: dvb-core: Fix ignored return value in dvb_register_frontend() ZhangPeng <zhangpeng362(a)huawei.com> pinctrl: pinconf-generic: add missing of_node_put() Dario Binacchi <dario.binacchi(a)amarulasolutions.com> clk: imx8mn: fix imx8mn_enet_phy_sels clocks list Dario Binacchi <dario.binacchi(a)amarulasolutions.com> clk: imx8mn: fix imx8mn_sai2_sels clocks list Dario Binacchi <dario.binacchi(a)amarulasolutions.com> clk: imx: replace osc_hdmi with dummy Dario Binacchi <dario.binacchi(a)amarulasolutions.com> clk: imx8mn: rename vpu_pll to m7_alt_pll Gautam Menghani <gautammenghani201(a)gmail.com> media: imon: fix a race condition in send_packet() Chen Zhongjin <chenzhongjin(a)huawei.com> media: vimc: Fix wrong function called when vimc_init() fails Yuan Can <yuancan(a)huawei.com> ASoC: qcom: Add checks for devm_kcalloc Wang ShaoBo <bobo.shaobowang(a)huawei.com> drbd: destroy workqueue when drbd device was freed Wang ShaoBo <bobo.shaobowang(a)huawei.com> drbd: remove call to memset before free device/resource/connection Zheng Yongjun <zhengyongjun3(a)huawei.com> mtd: maps: pxa2xx-flash: fix memory leak in probe Jonathan Toppins <jtoppins(a)redhat.com> bonding: fix link recovery in mode 2 when updelay is nonzero Yang Yingliang <yangyingliang(a)huawei.com> drm/amdgpu: fix pci device refcount leak Xiu Jianfeng <xiujianfeng(a)huawei.com> clk: rockchip: Fix memory leak in rockchip_clk_register_pll() Wang ShaoBo <bobo.shaobowang(a)huawei.com> regulator: core: use kfree_const() to free space conditionally Baisong Zhong <zhongbaisong(a)huawei.com> ALSA: seq: fix undefined behavior in bit shift for SNDRV_SEQ_FILTER_USE_EVENT Baisong Zhong <zhongbaisong(a)huawei.com> ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT ZhangPeng <zhangpeng362(a)huawei.com> pinctrl: k210: call of_node_put() Marcus Folkesson <marcus.folkesson(a)gmail.com> HID: hid-sensor-custom: set fixed size for custom attributes Stanislav Fomichev <sdf(a)google.com> bpf: Move skb->len == 0 checks into __bpf_redirect Allen-KH Cheng <allen-kh.cheng(a)mediatek.com> mtd: spi-nor: Fix the number of bytes for the dummy cycles Michael Walle <michael(a)walle.cc> mtd: spi-nor: hide jedec_id sysfs attribute if not present Eric Dumazet <edumazet(a)google.com> inet: add READ_ONCE(sk->sk_bound_dev_if) in inet_csk_bind_conflict() Christoph Hellwig <hch(a)lst.de> media: videobuf-dma-contig: use dma_mmap_coherent Yuan Can <yuancan(a)huawei.com> media: platform: exynos4-is: Fix error handling in fimc_md_init() Yang Yingliang <yangyingliang(a)huawei.com> media: solo6x10: fix possible memory leak in solo_sysfs_init() Chen Zhongjin <chenzhongjin(a)huawei.com> media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init() Douglas Anderson <dianders(a)chromium.org> Input: elants_i2c - properly handle the reset GPIO when power is off Hui Tang <tanghui20(a)huawei.com> mtd: lpddr2_nvm: Fix possible null-ptr-deref Rob Clark <robdclark(a)chromium.org> drm/msm/a6xx: Fix speed-bin detection vs probe-defer Xiu Jianfeng <xiujianfeng(a)huawei.com> wifi: ath10k: Fix return value in ath10k_pci_init() Christoph Hellwig <hch(a)lst.de> block: clear ->slave_dir when dropping the main slave_dir reference Xiu Jianfeng <xiujianfeng(a)huawei.com> ima: Fix misuse of dereference of pointer in template_desc_init_fields() GUO Zihua <guozihua(a)huawei.com> integrity: Fix memory leakage in keyring allocation error path Brian Starkey <brian.starkey(a)arm.com> drm/fourcc: Fix vsub/hsub for Q410 and Q401 Dave Stevenson <dave.stevenson(a)raspberrypi.com> drm/fourcc: Add packed 10bit YUV 4:2:0 format Konrad Dybcio <konrad.dybcio(a)linaro.org> regulator: qcom-rpmh: Fix PMR735a S3 regulator spec Joel Granados <j.granados(a)samsung.com> nvme: return err on nvme_init_non_mdts_limits fail Dan Carpenter <error27(a)gmail.com> amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() Yang Yingliang <yangyingliang(a)huawei.com> regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() Christoph Hellwig <hch(a)lst.de> nvmet: only allocate a single slab for bvecs David Michael <fedora.dm0(a)gmail.com> libbpf: Fix uninitialized warning in btf_dump_dump_type_data Zeng Heng <zengheng4(a)huawei.com> ASoC: pxa: fix null-pointer dereference in filter() Xinlei Lee <xinlei.lee(a)mediatek.com> drm/mediatek: Modify dpi power on/off sequence. Hanjun Guo <guohanjun(a)huawei.com> drm/radeon: Add the missed acpi_put_table() to fix memory leak Khazhismel Kumykov <khazhy(a)chromium.org> bfq: fix waker_bfqq inconsistency crash David Howells <dhowells(a)redhat.com> rxrpc: Fix ack.bufferSize to be 0 when generating an ack David Howells <dhowells(a)redhat.com> net, proc: Provide PROC_FS=n fallback for proc_create_net_single_write() Vladimir Zapolskiy <vladimir.zapolskiy(a)linaro.org> media: camss: Clean up received buffers on failed start of streaming Marek Vasut <marex(a)denx.de> wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port Randy Dunlap <rdunlap(a)infradead.org> Input: joystick - fix Kconfig warning for JOYSTICK_ADC Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com> mtd: Fix device name leak when register device failed in add_mtd_device() Manivannan Sadhasivam <mani(a)kernel.org> clk: qcom: gcc-sm8250: Use retention mode for USB GDSCs Andrii Nakryiko <andrii(a)kernel.org> bpf: propagate precision across all frames, not just the last one Martin KaFai Lau <kafai(a)fb.com> bpf: Check the other end of slot_type for STACK_SPILL Andrii Nakryiko <andrii(a)kernel.org> bpf: propagate precision in ALU/ALU64 operations Yang Yingliang <yangyingliang(a)huawei.com> media: platform: exynos4-is: fix return value check in fimc_md_probe() Liu Shixin <liushixin2(a)huawei.com> media: vivid: fix compose size exceed boundary Kumar Kartikeya Dwivedi <memxor(a)gmail.com> bpf: Fix slot type check in check_stack_write_var_off Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/hdmi: use devres helper for runtime PM management Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/hdmi: drop unused GPIO support GUO Zihua <guozihua(a)huawei.com> ima: Handle -ESTALE returned by ima_filter_rule_match() Marek Vasut <marex(a)denx.de> drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> spi: Update reference to struct spi_controller Marek Vasut <marex(a)denx.de> clk: renesas: r9a06g032: Repair grave increment error Zhang Qilong <zhangqilong3(a)huawei.com> drm/rockchip: lvds: fix PM usage counter unbalance in poweron Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_usb: Compare requested bittiming parameters with actual parameters in do_set_{,data}_bittiming Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_usb: Add struct kvaser_usb_busparams Anssi Hannula <anssi.hannula(a)bitwise.fi> can: kvaser_usb_leaf: Fix bogus restart events Anssi Hannula <anssi.hannula(a)bitwise.fi> can: kvaser_usb_leaf: Fix wrong CAN state after stopping Anssi Hannula <anssi.hannula(a)bitwise.fi> can: kvaser_usb_leaf: Fix improved state not being reported Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_usb: make use of units.h in assignment of frequency Anssi Hannula <anssi.hannula(a)bitwise.fi> can: kvaser_usb_leaf: Set Warning state even without bus errors Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_usb: kvaser_usb_leaf: Handle CMD_ERROR_EVENT Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_usb: kvaser_usb_leaf: Rename {leaf,usbcan}_cmd_error_event to {leaf,usbcan}_cmd_can_error_event Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_usb: kvaser_usb_leaf: Get capabilities from device Vincent Mailhol <mailhol.vincent(a)wanadoo.fr> can: kvaser_usb: do not increase tx statistics when sending error message frames Alan Maguire <alan.maguire(a)oracle.com> libbpf: Btf dedup identical struct test needs check for nested structs/arrays Marek Szyprowski <m.szyprowski(a)samsung.com> media: exynos4-is: don't rely on the v4l2_async_subdev internals Kuniyuki Iwashima <kuniyu(a)amazon.com> soreuseport: Fix socket selection for SO_INCOMING_CPU. Tang Bin <tangbin(a)cmss.chinamobile.com> venus: pm_helpers: Fix error check in vcodec_domains_get() Ricardo Ribalda <ribalda(a)chromium.org> media: i2c: ad5820: Fix error path Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> media: adv748x: afe: Select input port when initializing AFE Jiasheng Jiang <jiasheng(a)iscas.ac.cn> media: coda: jpeg: Add check for kmalloc Laurent Pinchart <laurent.pinchart+renesas(a)ideasonboard.com> media: v4l2-ctrls: Fix off-by-one error in integer menu control check Sean Anderson <sean.anderson(a)seco.com> powerpc: dts: t208x: Mark MAC1 and MAC2 as 10G Rafael Mendonca <rafaelmendsr(a)gmail.com> drm/amdgpu/powerplay/psm: Fix memory leak in power state init Andrew Jeffery <andrew(a)aj.id.au> ipmi: kcs: Poll OBF briefly to reduce OBE latency Niklas Cassel <niklas.cassel(a)wdc.com> ata: libata: fix NCQ autosense logic Sergey Shtylyov <s.shtylyov(a)omp.ru> ata: add/use ata_taskfile::{error|status} fields Hannes Reinecke <hare(a)suse.de> ata: libata: move ata_{port,link,dev}_dbg to standard pr_XXX() macros Shung-Hsi Yu <shung-hsi.yu(a)suse.com> libbpf: Fix null-pointer dereference in find_prog_by_sec_insn() Xu Kuohai <xukuohai(a)huawei.com> libbpf: Fix use-after-free in btf_dump_name_dups Abhinav Kumar <quic_abhinavk(a)quicinc.com> drm/bridge: adv7533: remove dynamic lane switching from adv7533 bridge Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtl8xxxu: Fix reading the vendor of combo chips Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() James Hurley <jahurley(a)nvidia.com> platform/mellanox: mlxbf-pmc: Fix event typo Cai Xinchen <caixinchen1(a)huawei.com> rapidio: devices: fix missing put_device in mport_cdev_open ZhangPeng <zhangpeng362(a)huawei.com> hfs: Fix OOB Write in hfs_asc2mac Gavrilov Ilia <Ilia.Gavrilov(a)infotecs.ru> relay: fix type mismatch when allocating memory in relay_create_buf() Zhang Qilong <zhangqilong3(a)huawei.com> eventfd: change int to __u64 in eventfd_signal() ifndef CONFIG_EVENTFD Wang Weiyang <wangweiyang2(a)huawei.com> rapidio: fix possible UAF when kfifo_alloc() fails Chen Zhongjin <chenzhongjin(a)huawei.com> fs: sysv: Fix sysv_nblocks() returns wrong value Trond Myklebust <trond.myklebust(a)hammerspace.com> lockd: set other missing fields when unlocking files Ladislav Michl <ladis(a)linux-mips.org> MIPS: OCTEON: warn only once if deprecated link status is being used Anastasia Belova <abelova(a)astralinux.ru> MIPS: BCM63xx: Add check for NULL for clk in clk_enable Yang Yingliang <yangyingliang(a)huawei.com> platform/x86: intel_scu_ipc: fix possible name leak in __intel_scu_ipc_register() Yu Liao <liaoyu15(a)huawei.com> platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]() Victor Ding <victording(a)chromium.org> platform/chrome: cros_ec_typec: zero out stale pointers Prashant Malani <pmalani(a)chromium.org> platform/chrome: cros_ec_typec: Cleanup switch handle return paths Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PM: runtime: Do not call __rpm_callback() from rpm_idle() Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource() Xiu Jianfeng <xiujianfeng(a)huawei.com> x86/xen: Fix memory leak in xen_init_lock_cpu() Xiu Jianfeng <xiujianfeng(a)huawei.com> x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() Oleg Nesterov <oleg(a)redhat.com> uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix Li Zetao <lizetao1(a)huawei.com> ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() Yang Yingliang <yangyingliang(a)huawei.com> clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare in dmtimer_systimer_init_clock() Vincent Donnefort <vdonnefort(a)google.com> cpu/hotplug: Do not bail-out in DYING/STARTING sections Phil Auld <pauld(a)redhat.com> cpu/hotplug: Make target_store() a nop when target == state Alexey Izbyshev <izbyshev(a)ispras.ru> futex: Resend potentially swallowed owner death notification Peter Zijlstra <peterz(a)infradead.org> futex: Move to kernel/futex/ John Thomson <git(a)johnthomson.fastmail.com.au> mips: ralink: mt7621: do not use kzalloc too early John Thomson <git(a)johnthomson.fastmail.com.au> mips: ralink: mt7621: soc queries and tests as functions John Thomson <git(a)johnthomson.fastmail.com.au> mips: ralink: mt7621: define MT7621_SYSC_BASE with __iomem Wolfram Sang <wsa+renesas(a)sang-engineering.com> clocksource/drivers/sh_cmt: Access registers according to spec Yang Yingliang <yangyingliang(a)huawei.com> rapidio: rio: fix possible name leak in rio_register_mport() Yang Yingliang <yangyingliang(a)huawei.com> rapidio: fix possible name leaks when rio_add_device() fails Akinobu Mita <akinobu.mita(a)gmail.com> debugfs: fix error when writing negative value to atomic_t debugfs file Akinobu Mita <akinobu.mita(a)gmail.com> lib/notifier-error-inject: fix error when writing -errno to debugfs file Akinobu Mita <akinobu.mita(a)gmail.com> libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value Xiongfeng Wang <wangxiongfeng2(a)huawei.com> cpufreq: amd_freq_sensitivity: Add missing pci_dev_put() Yang Yingliang <yangyingliang(a)huawei.com> genirq/irqdesc: Don't try to remove non-existing sysfs files Jeff Layton <jlayton(a)kernel.org> nfsd: don't call nfsd_file_put from client states seqfile display Chuck Lever <chuck.lever(a)oracle.com> NFSD: Finish converting the NFSv2 GETACL result encoder Haowen Bai <baihaowen(a)meizu.com> SUNRPC: Return true/false (not 1/0) from bool functions Yang Yingliang <yangyingliang(a)huawei.com> EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper() Wei Yongjun <weiyongjun1(a)huawei.com> irqchip/wpcm450: Fix memory leak in wpcm450_aic_of_init() Shang XiaoJing <shangxiaojing(a)huawei.com> irqchip: gic-pm: Use pm_runtime_resume_and_get() in gic_probe() Yang Yingliang <yangyingliang(a)huawei.com> thermal: core: fix some possible name leaks in error paths Yuan Can <yuancan(a)huawei.com> platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() Xiongfeng Wang <wangxiongfeng2(a)huawei.com> perf/x86/intel/uncore: Fix reference count leak in __uncore_imc_init_box() Xiongfeng Wang <wangxiongfeng2(a)huawei.com> perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map() Xiongfeng Wang <wangxiongfeng2(a)huawei.com> perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox() Xiongfeng Wang <wangxiongfeng2(a)huawei.com> perf/x86/intel/uncore: Fix reference count leak in sad_cfg_iio_topology() Yang Yingliang <yangyingliang(a)huawei.com> PNP: fix name memory leak in pnp_alloc_dev() Zhao Gongyi <zhaogongyi(a)huawei.com> selftests/efivarfs: Add checking of the test return value Yang Yingliang <yangyingliang(a)huawei.com> MIPS: vpe-cmp: fix possible memory leak while module exiting Yang Yingliang <yangyingliang(a)huawei.com> MIPS: vpe-mt: fix possible memory leak while module exiting Shang XiaoJing <shangxiaojing(a)huawei.com> ocfs2: fix memory leak in ocfs2_stack_glue_init() Gaosheng Cui <cuigaosheng1(a)huawei.com> lib/fonts: fix undefined behavior in bit shift for get_default_font Alexey Dobriyan <adobriyan(a)gmail.com> proc: fixup uptime selftest Barnabás Pőcze <pobrn(a)protonmail.com> timerqueue: Use rb_entry_safe() in timerqueue_getnext() Barnabás Pőcze <pobrn(a)protonmail.com> platform/x86: huawei-wmi: fix return value calculation wuchi <wuchi.zero(a)gmail.com> lib/debugobjects: fix stat count and optimize debug_objects_mem_init Chen Zhongjin <chenzhongjin(a)huawei.com> perf: Fix possible memleak in pmu_dev_alloc() Yipeng Zou <zouyipeng(a)huawei.com> selftests/ftrace: event_triggers: wait longer for test_event_enable Chen Hui <judy.chenhui(a)huawei.com> cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut() Ondrej Mosnacek <omosnace(a)redhat.com> fs: don't audit the capability check in simple_xattr_list() xiongxin <xiongxin(a)kylinos.cn> PM: hibernate: Fix mistake in kerneldoc comment Reinette Chatre <reinette.chatre(a)intel.com> x86/sgx: Reduce delay and interference of enclave release Al Viro <viro(a)zeniv.linux.org.uk> alpha: fix syscall entry in !AUDUT_SYSCALL case Al Viro <viro(a)zeniv.linux.org.uk> alpha: fix TIF_NOTIFY_SIGNAL handling Ulf Hansson <ulf.hansson(a)linaro.org> cpuidle: dt: Return the correct numbers of parsed idle states Qais Yousef <qais.yousef(a)arm.com> sched/uclamp: Make asym_fits_capacity() use util_fits_cpu() Dietmar Eggemann <dietmar.eggemann(a)arm.com> sched/core: Introduce sched_asym_cpucap_active() Vincent Guittot <vincent.guittot(a)linaro.org> sched/fair: Removed useless update of p->recent_used_cpu Qais Yousef <qais.yousef(a)arm.com> sched/uclamp: Make select_idle_capacity() use util_fits_cpu() Qais Yousef <qais.yousef(a)arm.com> sched/uclamp: Make task_fits_capacity() use util_fits_cpu() Qais Yousef <qais.yousef(a)arm.com> sched/uclamp: Fix relationship between uclamp and migration margin Vincent Donnefort <vincent.donnefort(a)arm.com> sched/fair: Cleanup task_util and capacity type Amir Goldstein <amir73il(a)gmail.com> ovl: remove privs in ovl_fallocate() Amir Goldstein <amir73il(a)gmail.com> ovl: remove privs in ovl_copyfile() Christian Brauner <brauner(a)kernel.org> ovl: use ovl_copy_{real,upper}attr() wrappers Amir Goldstein <amir73il(a)gmail.com> ovl: store lower path in ovl_inode Michael Kelley <mikelley(a)microsoft.com> tpm/tpm_crb: Fix error message in __crb_relinquish_locality() Yuan Can <yuancan(a)huawei.com> tpm/tpm_ftpm_tee: Fix error handling in ftpm_mod_init() Stephen Boyd <swboyd(a)chromium.org> pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP Doug Brown <doug(a)schmorgal.com> ARM: mmp: fix timer_read delay Wang Yufen <wangyufen(a)huawei.com> pstore/ram: Fix error return code in ramoops_probe() Kuniyuki Iwashima <kuniyu(a)amazon.com> seccomp: Move copy_seccomp() to no failure path. Pali Rohár <pali(a)kernel.org> arm64: dts: armada-3720-turris-mox: Add missing interrupt for RTC Pali Rohár <pali(a)kernel.org> ARM: dts: armada-39x: Fix compatible string for gpios Pali Rohár <pali(a)kernel.org> ARM: dts: armada-38x: Fix compatible string for gpios Pali Rohár <pali(a)kernel.org> ARM: dts: turris-omnia: Add switch port 6 node Pali Rohár <pali(a)kernel.org> ARM: dts: turris-omnia: Add ethernet aliases Pali Rohár <pali(a)kernel.org> ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port Pali Rohár <pali(a)kernel.org> ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port Pali Rohár <pali(a)kernel.org> ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port Pali Rohár <pali(a)kernel.org> ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port Pali Rohár <pali(a)kernel.org> ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port Pali Rohár <pali(a)kernel.org> ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mediatek: pumpkin-common: Fix devicetree warnings AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mt2712-evb: Fix usb vbus regulators unit names AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mt2712-evb: Fix vproc fixed regulators unit names AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mt2712e: Fix unit address for pinctrl node AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mt2712e: Fix unit_address_vs_reg warning for oscillators AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> arm64: dts: mt6779: Fix devicetree build warnings Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> ARM: dts: nuvoton: Remove bogus unit addresses from fixed-partition nodes Jayesh Choudhary <j-choudhary(a)ti.com> arm64: dts: ti: k3-j721e-main: Drop dma-coherent in crypto node Jayesh Choudhary <j-choudhary(a)ti.com> arm64: dts: ti: k3-am65-main: Drop dma-coherent in crypto node Shang XiaoJing <shangxiaojing(a)huawei.com> perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init() Shang XiaoJing <shangxiaojing(a)huawei.com> perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init() Yuan Can <yuancan(a)huawei.com> perf: arm_dsu: Fix hotplug callback leak in dsu_pmu_init() Mark Rutland <mark.rutland(a)arm.com> arm64: mm: kfence: only handle translation faults Alexandru Elisei <alexandru.elisei(a)arm.com> arm64: Treat ESR_ELx as a 64-bit register Zhang Qilong <zhangqilong3(a)huawei.com> soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe Zhang Qilong <zhangqilong3(a)huawei.com> soc: ti: knav_qmss_queue: Fix PM disable depth imbalance in knav_queue_probe Minghao Chi <chi.minghao(a)zte.com.cn> soc: ti: knav_qmss_queue: Use pm_runtime_resume_and_get instead of pm_runtime_get_sync Kory Maincent <kory.maincent(a)bootlin.com> arm: dts: spear600: Fix clcd interrupt Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sm6125: fix SDHCI CQE reg names Jiasheng Jiang <jiasheng(a)iscas.ac.cn> soc: qcom: apr: Add check for idr_alloc and of_property_read_string_index Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> soc: qcom: apr: make code more reuseable Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sm8250: drop bogus DP PHY clock Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sm8350: fix UFS PHY registers Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sm8250: fix UFS PHY registers Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: sm8150: fix UFS PHY registers Shawn Guo <shawn.guo(a)linaro.org> arm64: dts: qcom: Correct QMP PHY child node name Luca Weiss <luca.weiss(a)fairphone.com> soc: qcom: llcc: make irq truly optional Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sm8250: correct LPASS pin pull down Marijn Suijten <marijn.suijten(a)somainline.org> arm64: dts: qcom: pm660: Use unique ADC5_VCOIN address in node name Chen Jiahao <chenjiahao16(a)huawei.com> drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static Marek Vasut <marex(a)denx.de> ARM: dts: stm32: Fix AV96 WLAN regulator gpio property Marek Vasut <marex(a)denx.de> ARM: dts: stm32: Drop stm32mp15xc.dtsi from Avenger96 Marco Elver <elver(a)google.com> objtool, kcsan: Add volatile read/write instrumentation to whitelist Stephan Gerhold <stephan.gerhold(a)kernkonzept.com> arm64: dts: qcom: msm8916: Drop MSS fallback compatible Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sdm845-cheza: fix AP suspend pin bias Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sdm630: fix UART1 pin bias Luca Weiss <luca(a)z3ntu.xyz> ARM: dts: qcom: apq8064: fix coresight compatible Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> arm64: dts: qcom: msm8996: fix GPU OPP table Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> arm64: dts: qcom: msm8996: fix supported-hw in cpufreq OPP tables Yassine Oudjana <y.oudjana(a)protonmail.com> arm64: dts: qcom: msm8996: Add MSM8996 Pro support Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sm8250-sony-xperia-edo: fix touchscreen bias-disable Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins Ivaylo Dimitrov <ivo.g.dimitrov.75(a)gmail.com> usb: musb: remove extra check in musb_gadget_vbus_draw Martin Leung <Martin.Leung(a)amd.com> drm/amd/display: Manually adjust strobe for DCN303 ------------- Diffstat: .../ABI/testing/sysfs-bus-spi-devices-spi-nor | 3 + .../devicetree/bindings/pci/fsl,imx6q-pcie.yaml | 46 +- .../bindings/pci/toshiba,visconti-pcie.yaml | 7 +- .../devicetree/bindings/sound/qcom,wcd9335.txt | 2 +- Documentation/driver-api/spi.rst | 4 +- Documentation/fault-injection/fault-injection.rst | 10 +- Documentation/process/deprecated.rst | 20 +- MAINTAINERS | 2 +- Makefile | 4 +- arch/alpha/include/asm/thread_info.h | 2 +- arch/alpha/kernel/entry.S | 4 +- arch/arm/boot/dts/armada-370.dtsi | 2 +- arch/arm/boot/dts/armada-375.dtsi | 2 +- arch/arm/boot/dts/armada-380.dtsi | 4 +- arch/arm/boot/dts/armada-385-turris-omnia.dts | 18 +- arch/arm/boot/dts/armada-385.dtsi | 6 +- arch/arm/boot/dts/armada-38x.dtsi | 4 +- arch/arm/boot/dts/armada-39x.dtsi | 10 +- arch/arm/boot/dts/armada-xp-mv78230.dtsi | 8 +- arch/arm/boot/dts/armada-xp-mv78260.dtsi | 16 +- arch/arm/boot/dts/dove.dtsi | 2 +- arch/arm/boot/dts/nuvoton-npcm730-gbs.dts | 2 +- arch/arm/boot/dts/nuvoton-npcm730-gsj.dts | 2 +- arch/arm/boot/dts/nuvoton-npcm730-kudo.dts | 6 +- arch/arm/boot/dts/nuvoton-npcm750-evb.dts | 4 +- .../boot/dts/nuvoton-npcm750-runbmc-olympus.dts | 6 +- arch/arm/boot/dts/qcom-apq8064.dtsi | 2 +- arch/arm/boot/dts/spear600.dtsi | 2 +- arch/arm/boot/dts/stm32mp157a-dhcor-avenger96.dts | 1 - arch/arm/boot/dts/stm32mp15xx-dhcor-avenger96.dtsi | 2 +- arch/arm/mach-mmp/time.c | 11 +- .../boot/dts/marvell/armada-3720-turris-mox.dts | 3 + arch/arm64/boot/dts/mediatek/mt2712-evb.dts | 12 +- arch/arm64/boot/dts/mediatek/mt2712e.dtsi | 22 +- arch/arm64/boot/dts/mediatek/mt6779.dtsi | 8 +- arch/arm64/boot/dts/mediatek/mt6797.dtsi | 2 +- arch/arm64/boot/dts/mediatek/mt8183.dtsi | 2 +- arch/arm64/boot/dts/mediatek/pumpkin-common.dtsi | 6 +- arch/arm64/boot/dts/qcom/ipq6018-cp01-c1.dts | 2 + arch/arm64/boot/dts/qcom/ipq6018.dtsi | 2 +- arch/arm64/boot/dts/qcom/ipq8074.dtsi | 4 +- arch/arm64/boot/dts/qcom/msm8916.dtsi | 2 +- arch/arm64/boot/dts/qcom/msm8996.dtsi | 122 +- arch/arm64/boot/dts/qcom/msm8996pro.dtsi | 266 + arch/arm64/boot/dts/qcom/msm8998.dtsi | 6 +- arch/arm64/boot/dts/qcom/pm660.dtsi | 2 +- arch/arm64/boot/dts/qcom/sdm630.dtsi | 2 +- arch/arm64/boot/dts/qcom/sdm845-cheza.dtsi | 4 +- arch/arm64/boot/dts/qcom/sdm845.dtsi | 10 +- arch/arm64/boot/dts/qcom/sm6125.dtsi | 2 +- arch/arm64/boot/dts/qcom/sm8150.dtsi | 16 +- .../boot/dts/qcom/sm8250-sony-xperia-edo.dtsi | 2 +- arch/arm64/boot/dts/qcom/sm8250.dtsi | 30 +- arch/arm64/boot/dts/qcom/sm8350.dtsi | 12 +- arch/arm64/boot/dts/ti/k3-am65-main.dtsi | 1 - arch/arm64/boot/dts/ti/k3-j721e-main.dtsi | 1 - arch/arm64/include/asm/debug-monitors.h | 4 +- arch/arm64/include/asm/esr.h | 6 +- arch/arm64/include/asm/exception.h | 28 +- arch/arm64/include/asm/processor.h | 4 +- arch/arm64/include/asm/system_misc.h | 4 +- arch/arm64/include/asm/traps.h | 12 +- arch/arm64/kernel/debug-monitors.c | 12 +- arch/arm64/kernel/entry-common.c | 6 +- arch/arm64/kernel/fpsimd.c | 6 +- arch/arm64/kernel/hw_breakpoint.c | 4 +- arch/arm64/kernel/kgdb.c | 6 +- arch/arm64/kernel/probes/kprobes.c | 4 +- arch/arm64/kernel/probes/uprobes.c | 4 +- arch/arm64/kernel/traps.c | 66 +- arch/arm64/mm/fault.c | 78 +- arch/mips/bcm63xx/clk.c | 2 + .../cavium-octeon/executive/cvmx-helper-board.c | 2 +- arch/mips/cavium-octeon/executive/cvmx-helper.c | 2 +- arch/mips/include/asm/mach-ralink/mt7621.h | 4 +- arch/mips/kernel/vpe-cmp.c | 4 +- arch/mips/kernel/vpe-mt.c | 4 +- arch/mips/ralink/mt7621.c | 97 +- arch/powerpc/boot/dts/fsl/qoriq-fman3-0-10g-2.dtsi | 44 + arch/powerpc/boot/dts/fsl/qoriq-fman3-0-10g-3.dtsi | 44 + arch/powerpc/boot/dts/fsl/t2081si-post.dtsi | 4 +- arch/powerpc/perf/callchain.c | 1 + arch/powerpc/perf/hv-gpci-requests.h | 4 + arch/powerpc/perf/hv-gpci.c | 33 +- arch/powerpc/perf/hv-gpci.h | 1 + arch/powerpc/perf/req-gen/perf.h | 20 + arch/powerpc/platforms/52xx/mpc52xx_lpbfifo.c | 1 + arch/powerpc/platforms/83xx/mpc832x_rdb.c | 2 +- arch/powerpc/platforms/pseries/eeh_pseries.c | 14 +- arch/powerpc/sysdev/xive/spapr.c | 1 + arch/powerpc/xmon/xmon.c | 7 +- arch/riscv/include/asm/hugetlb.h | 6 + arch/riscv/kernel/traps.c | 2 +- arch/riscv/net/bpf_jit_comp64.c | 29 +- arch/x86/events/intel/uncore_snb.c | 3 + arch/x86/events/intel/uncore_snbep.c | 5 + arch/x86/hyperv/hv_init.c | 2 - arch/x86/kernel/cpu/sgx/encl.c | 23 +- arch/x86/kernel/uprobes.c | 4 +- arch/x86/xen/smp.c | 24 +- arch/x86/xen/smp_pv.c | 12 +- arch/x86/xen/spinlock.c | 6 +- block/bfq-iosched.c | 16 +- block/blk-iocost.c | 14 +- block/blk-mq-sysfs.c | 11 +- block/genhd.c | 2 + crypto/cryptd.c | 36 +- crypto/tcrypt.c | 9 - drivers/acpi/acpica/dsmethod.c | 10 +- drivers/acpi/acpica/utcopy.c | 7 - drivers/ata/acard-ahci.c | 2 +- drivers/ata/ahci.c | 4 +- drivers/ata/ahci_qoriq.c | 2 +- drivers/ata/ahci_xgene.c | 2 +- drivers/ata/libahci.c | 4 +- drivers/ata/libata-acpi.c | 52 +- drivers/ata/libata-core.c | 73 +- drivers/ata/libata-eh.c | 42 +- drivers/ata/libata-sata.c | 19 +- drivers/ata/libata-scsi.c | 22 +- drivers/ata/libata-sff.c | 6 +- drivers/ata/pata_ep93xx.c | 4 +- drivers/ata/pata_ixp4xx_cf.c | 6 +- drivers/ata/pata_ns87415.c | 4 +- drivers/ata/pata_octeon_cf.c | 4 +- drivers/ata/pata_samsung_cf.c | 2 +- drivers/ata/sata_highbank.c | 2 +- drivers/ata/sata_inic162x.c | 10 +- drivers/ata/sata_rcar.c | 4 +- drivers/ata/sata_svw.c | 10 +- drivers/ata/sata_vsc.c | 10 +- drivers/base/class.c | 5 + drivers/base/power/runtime.c | 12 +- drivers/block/drbd/drbd_main.c | 9 +- drivers/block/floppy.c | 4 +- drivers/block/loop.c | 28 +- drivers/bluetooth/btintel.c | 5 +- drivers/bluetooth/btusb.c | 6 +- drivers/bluetooth/hci_bcsp.c | 2 +- drivers/bluetooth/hci_h5.c | 2 +- drivers/bluetooth/hci_ll.c | 2 +- drivers/bluetooth/hci_qca.c | 2 +- drivers/char/hw_random/amd-rng.c | 18 +- drivers/char/hw_random/geode-rng.c | 36 +- drivers/char/ipmi/ipmi_msghandler.c | 8 +- drivers/char/ipmi/kcs_bmc_aspeed.c | 24 +- drivers/char/tpm/tpm_crb.c | 2 +- drivers/char/tpm/tpm_ftpm_tee.c | 8 +- drivers/clk/imx/clk-imx8mn.c | 34 +- drivers/clk/qcom/clk-krait.c | 2 + drivers/clk/qcom/gcc-sm8250.c | 4 +- drivers/clk/qcom/lpasscorecc-sc7180.c | 24 +- drivers/clk/renesas/r9a06g032-clocks.c | 3 +- drivers/clk/rockchip/clk-pll.c | 1 + drivers/clk/samsung/clk-pll.c | 1 + drivers/clk/socfpga/clk-gate.c | 5 +- drivers/clk/st/clkgen-fsyn.c | 5 +- drivers/clocksource/sh_cmt.c | 88 +- drivers/clocksource/timer-ti-dm-systimer.c | 4 +- drivers/counter/stm32-lptimer-cnt.c | 2 +- drivers/cpufreq/amd_freq_sensitivity.c | 2 + drivers/cpufreq/qcom-cpufreq-hw.c | 1 + drivers/cpuidle/dt_idle_states.c | 2 +- drivers/crypto/Kconfig | 5 + .../crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c | 2 +- drivers/crypto/amlogic/amlogic-gxl-core.c | 1 - drivers/crypto/amlogic/amlogic-gxl.h | 2 +- drivers/crypto/cavium/nitrox/nitrox_mbx.c | 1 + drivers/crypto/ccree/cc_debugfs.c | 2 +- drivers/crypto/ccree/cc_driver.c | 10 +- drivers/crypto/hisilicon/hpre/hpre_main.c | 10 +- drivers/crypto/hisilicon/qm.c | 7 +- drivers/crypto/hisilicon/qm.h | 6 +- drivers/crypto/img-hash.c | 8 +- drivers/crypto/omap-sham.c | 2 +- drivers/crypto/rockchip/rk3288_crypto.c | 193 +- drivers/crypto/rockchip/rk3288_crypto.h | 53 +- drivers/crypto/rockchip/rk3288_crypto_ahash.c | 197 +- drivers/crypto/rockchip/rk3288_crypto_skcipher.c | 413 +- drivers/dio/dio.c | 8 + drivers/edac/i10nm_base.c | 3 +- drivers/extcon/Kconfig | 2 +- drivers/extcon/extcon-usbc-tusb320.c | 402 +- drivers/firmware/raspberrypi.c | 1 + drivers/gpio/gpiolib-cdev.c | 268 +- drivers/gpio/gpiolib.c | 16 +- drivers/gpio/gpiolib.h | 39 + drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_bios.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 4 + drivers/gpu/drm/amd/amdgpu/amdgpu_virt.h | 5 +- .../drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c | 35 - drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c | 16 +- .../gpu/drm/amd/display/dc/dce60/dce60_resource.c | 3 + .../gpu/drm/amd/display/dc/dce80/dce80_resource.c | 2 + .../drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c | 30 +- drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 29 +- .../drm/amd/display/dc/dcn303/dcn303_resource.c | 14 + drivers/gpu/drm/amd/include/kgd_pp_interface.h | 3 +- drivers/gpu/drm/amd/pm/powerplay/amd_powerplay.c | 3 +- drivers/gpu/drm/amd/pm/powerplay/hwmgr/pp_psm.c | 2 + .../gpu/drm/amd/pm/powerplay/hwmgr/vega20_hwmgr.c | 3 +- drivers/gpu/drm/amd/pm/swsmu/smu11/smu_v11_0.c | 4 + drivers/gpu/drm/bridge/adv7511/adv7511.h | 3 +- drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 18 +- drivers/gpu/drm/bridge/adv7511/adv7533.c | 25 +- drivers/gpu/drm/drm_fourcc.c | 11 +- drivers/gpu/drm/etnaviv/etnaviv_gpu.c | 11 +- drivers/gpu/drm/fsl-dcu/fsl_dcu_drm_rgb.c | 5 +- drivers/gpu/drm/i915/display/intel_dp.c | 59 - drivers/gpu/drm/mediatek/mtk_dpi.c | 12 +- drivers/gpu/drm/mediatek/mtk_hdmi.c | 7 +- drivers/gpu/drm/msm/adreno/a6xx_gpu.c | 12 +- drivers/gpu/drm/msm/dp/dp_display.c | 2 +- drivers/gpu/drm/msm/hdmi/hdmi.c | 68 +- drivers/gpu/drm/msm/hdmi/hdmi.h | 13 +- drivers/gpu/drm/msm/hdmi/hdmi_hpd.c | 62 +- drivers/gpu/drm/panel/panel-sitronix-st7701.c | 10 +- drivers/gpu/drm/radeon/radeon_bios.c | 19 +- drivers/gpu/drm/rockchip/cdn-dp-core.c | 2 +- drivers/gpu/drm/rockchip/inno_hdmi.c | 2 +- drivers/gpu/drm/rockchip/rk3066_hdmi.c | 2 +- drivers/gpu/drm/rockchip/rockchip_lvds.c | 10 +- drivers/gpu/drm/sti/sti_dvo.c | 7 +- drivers/gpu/drm/sti/sti_hda.c | 7 +- drivers/gpu/drm/sti/sti_hdmi.c | 7 +- drivers/gpu/drm/tegra/dc.c | 4 +- drivers/hid/amd-sfh-hid/amd_sfh_client.c | 4 + drivers/hid/hid-mcp2221.c | 12 +- drivers/hid/hid-sensor-custom.c | 2 +- drivers/hid/wacom_sys.c | 8 + drivers/hid/wacom_wac.c | 4 + drivers/hid/wacom_wac.h | 1 + drivers/hsi/controllers/omap_ssi_core.c | 14 +- drivers/hv/ring_buffer.c | 13 + drivers/hwmon/Kconfig | 1 + drivers/hwmon/jc42.c | 243 +- drivers/hwtracing/coresight/coresight-trbe.c | 1 + drivers/i2c/busses/i2c-ismt.c | 3 + drivers/i2c/busses/i2c-pxa-pci.c | 10 +- drivers/i2c/muxes/i2c-mux-reg.c | 5 +- drivers/iio/accel/adis16201.c | 1 + drivers/iio/accel/adis16209.c | 1 + drivers/iio/adc/ad_sigma_delta.c | 8 +- drivers/iio/adc/ti-adc128s052.c | 14 +- drivers/iio/gyro/adis16136.c | 1 + drivers/iio/gyro/adis16260.c | 1 + drivers/iio/imu/adis.c | 98 +- drivers/iio/imu/adis16400.c | 1 + drivers/iio/imu/adis16460.c | 1 + drivers/iio/imu/adis16475.c | 1 + drivers/iio/imu/adis16480.c | 1 + drivers/iio/imu/adis_buffer.c | 10 +- drivers/iio/imu/adis_trigger.c | 9 +- drivers/iio/industrialio-event.c | 4 +- drivers/iio/temperature/ltc2983.c | 10 +- drivers/infiniband/core/device.c | 2 +- drivers/infiniband/core/mad.c | 5 - drivers/infiniband/core/nldev.c | 6 +- drivers/infiniband/core/restrack.c | 2 - drivers/infiniband/core/sysfs.c | 17 +- drivers/infiniband/hw/hfi1/affinity.c | 2 + drivers/infiniband/hw/hfi1/firmware.c | 6 + drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 52 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 5 + drivers/infiniband/hw/hns/hns_roce_mr.c | 4 +- drivers/infiniband/hw/irdma/verbs.c | 35 +- drivers/infiniband/sw/rxe/rxe_qp.c | 6 +- drivers/infiniband/sw/siw/siw_cq.c | 24 +- drivers/infiniband/sw/siw/siw_qp_tx.c | 2 +- drivers/infiniband/sw/siw/siw_verbs.c | 40 +- drivers/infiniband/ulp/ipoib/ipoib_netlink.c | 7 + drivers/infiniband/ulp/srp/ib_srp.c | 96 +- drivers/input/joystick/Kconfig | 1 + drivers/input/misc/Kconfig | 2 +- drivers/input/touchscreen/elants_i2c.c | 9 +- drivers/iommu/amd/iommu_v2.c | 1 + drivers/iommu/fsl_pamu.c | 2 +- drivers/iommu/rockchip-iommu.c | 10 +- drivers/iommu/sun50i-iommu.c | 16 +- drivers/irqchip/irq-gic-pm.c | 2 +- drivers/irqchip/irq-wpcm450-aic.c | 1 + drivers/isdn/hardware/mISDN/hfcmulti.c | 19 +- drivers/isdn/hardware/mISDN/hfcpci.c | 13 +- drivers/isdn/hardware/mISDN/hfcsusb.c | 12 +- drivers/macintosh/macio-adb.c | 4 + drivers/macintosh/macio_asic.c | 2 +- drivers/mailbox/arm_mhuv2.c | 4 +- drivers/mailbox/mailbox-mpfs.c | 31 +- drivers/mailbox/zynqmp-ipi-mailbox.c | 4 +- drivers/mcb/mcb-core.c | 4 +- drivers/mcb/mcb-parse.c | 2 +- drivers/md/md-bitmap.c | 27 +- drivers/md/raid1.c | 1 + drivers/media/dvb-core/dvb_ca_en50221.c | 2 +- drivers/media/dvb-core/dvb_frontend.c | 10 +- drivers/media/dvb-core/dvbdev.c | 32 +- drivers/media/dvb-frontends/bcm3510.c | 1 + drivers/media/i2c/ad5820.c | 10 +- drivers/media/i2c/adv748x/adv748x-afe.c | 4 + drivers/media/pci/saa7164/saa7164-core.c | 4 +- drivers/media/pci/solo6x10/solo6x10-core.c | 1 + drivers/media/platform/coda/coda-bit.c | 14 +- drivers/media/platform/coda/coda-jpeg.c | 10 +- drivers/media/platform/exynos4-is/fimc-core.c | 2 +- drivers/media/platform/exynos4-is/media-dev.c | 12 +- drivers/media/platform/imx-jpeg/mxc-jpeg-hw.c | 4 +- drivers/media/platform/qcom/camss/camss-video.c | 3 +- drivers/media/platform/qcom/venus/pm_helpers.c | 4 +- drivers/media/platform/s5p-mfc/s5p_mfc.c | 17 +- .../media/platform/sti/c8sectpfe/c8sectpfe-core.c | 1 + drivers/media/radio/si470x/radio-si470x-usb.c | 4 +- drivers/media/rc/imon.c | 6 +- drivers/media/test-drivers/vidtv/vidtv_bridge.c | 22 +- drivers/media/test-drivers/vimc/vimc-core.c | 2 +- drivers/media/test-drivers/vivid/vivid-vid-cap.c | 1 + drivers/media/usb/dvb-usb/az6027.c | 4 + drivers/media/usb/dvb-usb/dvb-usb-init.c | 4 +- drivers/media/v4l2-core/v4l2-ctrls-core.c | 2 +- drivers/media/v4l2-core/videobuf-dma-contig.c | 22 +- drivers/memstick/core/ms_block.c | 13 +- drivers/mfd/Kconfig | 1 + drivers/mfd/qcom-pm8008.c | 55 +- drivers/mfd/qcom_rpm.c | 4 +- drivers/misc/cxl/guest.c | 24 +- drivers/misc/cxl/pci.c | 21 +- drivers/misc/ocxl/config.c | 20 +- drivers/misc/ocxl/file.c | 7 +- drivers/misc/sgi-gru/grufault.c | 13 +- drivers/misc/sgi-gru/grumain.c | 22 +- drivers/misc/sgi-gru/grutables.h | 2 +- drivers/misc/tifm_7xx1.c | 2 +- drivers/mmc/core/sd.c | 11 +- drivers/mmc/host/alcor.c | 5 +- drivers/mmc/host/atmel-mci.c | 9 +- drivers/mmc/host/meson-gx-mmc.c | 4 +- drivers/mmc/host/mmci.c | 4 +- drivers/mmc/host/moxart-mmc.c | 4 +- drivers/mmc/host/mxcmmc.c | 4 +- drivers/mmc/host/omap_hsmmc.c | 4 +- drivers/mmc/host/pxamci.c | 7 +- drivers/mmc/host/renesas_sdhi_core.c | 14 +- drivers/mmc/host/rtsx_pci_sdmmc.c | 9 +- drivers/mmc/host/rtsx_usb_sdmmc.c | 11 +- drivers/mmc/host/sdhci_f_sdh30.c | 3 + drivers/mmc/host/toshsd.c | 6 +- drivers/mmc/host/via-sdmmc.c | 4 +- drivers/mmc/host/vub300.c | 11 +- drivers/mmc/host/wbsd.c | 12 +- drivers/mmc/host/wmt-sdmmc.c | 6 +- drivers/mtd/lpddr/lpddr2_nvm.c | 2 + drivers/mtd/maps/pxa2xx-flash.c | 2 + drivers/mtd/mtdcore.c | 4 +- drivers/mtd/spi-nor/core.c | 3 +- drivers/mtd/spi-nor/sysfs.c | 14 + drivers/net/bonding/bond_main.c | 13 +- drivers/net/can/m_can/m_can.c | 32 +- drivers/net/can/m_can/m_can_platform.c | 4 - drivers/net/can/m_can/tcan4x5x-core.c | 18 +- drivers/net/can/usb/kvaser_usb/kvaser_usb.h | 30 +- drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 115 +- drivers/net/can/usb/kvaser_usb/kvaser_usb_hydra.c | 174 +- drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c | 446 +- drivers/net/dsa/lan9303-core.c | 4 +- drivers/net/ethernet/amd/atarilance.c | 2 +- drivers/net/ethernet/amd/lance.c | 2 +- drivers/net/ethernet/amd/xgbe/xgbe-phy-v2.c | 23 +- drivers/net/ethernet/apple/bmac.c | 2 +- drivers/net/ethernet/apple/mace.c | 2 +- drivers/net/ethernet/dnet.c | 4 +- drivers/net/ethernet/freescale/enetc/enetc.c | 35 +- drivers/net/ethernet/intel/i40e/i40e_main.c | 36 +- drivers/net/ethernet/intel/igb/igb_main.c | 8 +- drivers/net/ethernet/intel/igc/igc.h | 3 + drivers/net/ethernet/intel/igc/igc_defines.h | 2 + drivers/net/ethernet/intel/igc/igc_main.c | 233 +- drivers/net/ethernet/intel/igc/igc_tsn.c | 13 +- drivers/net/ethernet/myricom/myri10ge/myri10ge.c | 1 + drivers/net/ethernet/neterion/s2io.c | 2 +- drivers/net/ethernet/qlogic/qed/qed_debug.c | 3 +- .../ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 2 + drivers/net/ethernet/rdc/r6040.c | 5 +- .../net/ethernet/stmicro/stmmac/stmmac_hwtstamp.c | 3 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 4 +- drivers/net/ethernet/stmicro/stmmac/stmmac_ptp.h | 2 +- .../net/ethernet/stmicro/stmmac/stmmac_selftests.c | 8 +- drivers/net/ethernet/ti/netcp_core.c | 2 +- drivers/net/ethernet/xilinx/xilinx_emaclite.c | 2 +- drivers/net/fddi/defxx.c | 22 +- drivers/net/hamradio/baycom_epp.c | 2 +- drivers/net/hamradio/scc.c | 6 +- drivers/net/macsec.c | 34 +- drivers/net/ntb_netdev.c | 4 +- drivers/net/ppp/ppp_generic.c | 2 + drivers/net/wan/farsync.c | 2 + drivers/net/wireless/ath/ar5523/ar5523.c | 6 + drivers/net/wireless/ath/ath10k/pci.c | 20 +- drivers/net/wireless/ath/ath9k/hif_usb.c | 46 +- .../broadcom/brcm80211/brcmfmac/firmware.c | 5 + .../wireless/broadcom/brcm80211/brcmfmac/pcie.c | 6 +- .../wireless/broadcom/brcm80211/brcmfmac/sdio.c | 1 + drivers/net/wireless/intel/iwlwifi/mvm/tx.c | 12 +- drivers/net/wireless/mediatek/mt76/mt76.h | 3 +- drivers/net/wireless/mediatek/mt76/mt7615/main.c | 3 +- drivers/net/wireless/mediatek/mt76/mt7915/main.c | 3 +- drivers/net/wireless/mediatek/mt76/mt7921/mac.c | 2 +- drivers/net/wireless/mediatek/mt76/usb.c | 11 +- drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu.h | 2 +- .../net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 26 +- drivers/net/wireless/rsi/rsi_91x_core.c | 4 +- drivers/net/wireless/rsi/rsi_91x_hal.c | 6 +- drivers/nfc/pn533/pn533.c | 4 + drivers/nvme/host/core.c | 2 +- drivers/nvme/target/core.c | 22 +- drivers/nvme/target/io-cmd-file.c | 16 +- drivers/nvme/target/nvmet.h | 3 +- drivers/of/overlay.c | 4 +- drivers/pci/controller/dwc/pcie-designware.c | 2 +- drivers/pci/controller/vmd.c | 5 + drivers/pci/endpoint/functions/pci-epf-test.c | 2 +- drivers/pci/irq.c | 2 + drivers/perf/arm_dmc620_pmu.c | 8 +- drivers/perf/arm_dsu_pmu.c | 6 +- drivers/perf/arm_smmuv3_pmu.c | 8 +- drivers/phy/broadcom/phy-brcm-usb.c | 6 +- drivers/phy/qualcomm/phy-qcom-qmp-combo.c | 6350 ++++++++++++++++++++ drivers/phy/qualcomm/phy-qcom-qmp-pcie-msm8996.c | 6350 ++++++++++++++++++++ drivers/phy/qualcomm/phy-qcom-qmp-pcie.c | 6350 ++++++++++++++++++++ drivers/phy/qualcomm/phy-qcom-qmp-ufs.c | 6350 ++++++++++++++++++++ drivers/phy/qualcomm/phy-qcom-qmp-usb.c | 6350 ++++++++++++++++++++ drivers/pinctrl/pinconf-generic.c | 4 +- drivers/pinctrl/pinctrl-k210.c | 4 +- drivers/platform/chrome/cros_ec_typec.c | 8 +- drivers/platform/chrome/cros_usbpd_notify.c | 6 +- drivers/platform/mellanox/mlxbf-pmc.c | 2 +- drivers/platform/x86/huawei-wmi.c | 20 +- drivers/platform/x86/intel_scu_ipc.c | 2 +- drivers/platform/x86/mxm-wmi.c | 8 +- drivers/pnp/core.c | 4 +- drivers/power/supply/ab8500_charger.c | 9 +- drivers/power/supply/power_supply_core.c | 7 +- drivers/power/supply/z2_battery.c | 6 +- drivers/pwm/pwm-mediatek.c | 2 +- drivers/pwm/pwm-mtk-disp.c | 5 +- drivers/pwm/pwm-sifive.c | 5 +- drivers/pwm/pwm-tegra.c | 4 +- drivers/rapidio/devices/rio_mport_cdev.c | 15 +- drivers/rapidio/rio-scan.c | 8 +- drivers/rapidio/rio.c | 9 +- drivers/regulator/core.c | 15 +- drivers/regulator/qcom-labibb-regulator.c | 1 + drivers/regulator/qcom-rpmh-regulator.c | 2 +- drivers/remoteproc/qcom_q6v5_pas.c | 4 + drivers/remoteproc/qcom_q6v5_wcss.c | 6 +- drivers/remoteproc/qcom_sysmon.c | 5 +- drivers/rtc/rtc-cmos.c | 366 +- drivers/rtc/rtc-mxc_v2.c | 4 +- drivers/rtc/rtc-pcf85063.c | 10 +- drivers/rtc/rtc-pic32.c | 8 +- drivers/rtc/rtc-snvs.c | 16 +- drivers/rtc/rtc-st-lpc.c | 1 + drivers/s390/net/ctcm_main.c | 11 +- drivers/s390/net/lcs.c | 8 +- drivers/s390/net/netiucv.c | 9 +- drivers/scsi/elx/efct/efct_driver.c | 1 + drivers/scsi/elx/libefc/efclib.h | 6 +- drivers/scsi/fcoe/fcoe.c | 1 + drivers/scsi/fcoe/fcoe_sysfs.c | 19 +- drivers/scsi/hpsa.c | 9 +- drivers/scsi/ipr.c | 10 +- drivers/scsi/lpfc/lpfc_sli.c | 6 +- drivers/scsi/mpt3sas/mpt3sas_transport.c | 2 + drivers/scsi/qla2xxx/qla_def.h | 22 +- drivers/scsi/qla2xxx/qla_init.c | 20 +- drivers/scsi/qla2xxx/qla_inline.h | 4 +- drivers/scsi/qla2xxx/qla_os.c | 4 +- drivers/scsi/scsi_debug.c | 11 +- drivers/scsi/scsi_error.c | 14 +- drivers/scsi/snic/snic_disc.c | 3 + drivers/scsi/ufs/ufshcd.c | 9 +- drivers/soc/mediatek/mtk-pm-domains.c | 2 +- drivers/soc/qcom/apr.c | 142 +- drivers/soc/qcom/llcc-qcom.c | 2 +- drivers/soc/ti/knav_qmss_queue.c | 6 +- drivers/soc/ti/smartreflex.c | 1 + drivers/spi/spi-gpio.c | 16 +- drivers/spi/spidev.c | 21 +- drivers/staging/iio/accel/adis16203.c | 1 + drivers/staging/iio/accel/adis16240.c | 1 + drivers/staging/mt7621-pci/pci-mt7621.c | 39 +- drivers/staging/rtl8192e/rtllib_rx.c | 2 +- drivers/staging/rtl8192u/ieee80211/ieee80211_rx.c | 4 +- drivers/thermal/imx8mm_thermal.c | 8 +- drivers/thermal/qcom/lmh.c | 2 +- drivers/thermal/qcom/qcom-spmi-temp-alarm.c | 3 +- drivers/thermal/thermal_core.c | 18 +- drivers/tty/serial/8250/8250_bcm7271.c | 10 +- drivers/tty/serial/altera_uart.c | 21 +- drivers/tty/serial/amba-pl011.c | 14 +- drivers/tty/serial/pch_uart.c | 4 + drivers/tty/serial/serial-tegra.c | 6 +- drivers/tty/serial/stm32-usart.c | 47 +- drivers/tty/serial/sunsab.c | 8 +- drivers/uio/uio_dmem_genirq.c | 13 +- drivers/usb/cdns3/cdnsp-ring.c | 42 +- drivers/usb/dwc3/core.c | 23 +- drivers/usb/gadget/function/f_hid.c | 53 +- drivers/usb/gadget/udc/fotg210-udc.c | 12 +- drivers/usb/host/xhci-mtk.c | 1 - drivers/usb/host/xhci-ring.c | 14 +- drivers/usb/host/xhci.h | 2 +- drivers/usb/musb/musb_gadget.c | 2 - drivers/usb/roles/class.c | 5 +- drivers/usb/storage/alauda.c | 2 + drivers/usb/typec/bus.c | 2 +- drivers/usb/typec/class.c | 43 + drivers/usb/typec/tcpm/tcpci.c | 5 +- drivers/usb/typec/tcpm/tcpm.c | 24 +- drivers/usb/typec/tipd/core.c | 4 +- drivers/vfio/platform/vfio_platform_common.c | 3 +- drivers/video/fbdev/Kconfig | 2 +- drivers/video/fbdev/core/fbcon.c | 3 +- drivers/video/fbdev/ep93xx-fb.c | 4 +- drivers/video/fbdev/geode/Kconfig | 1 + drivers/video/fbdev/hyperv_fb.c | 8 +- drivers/video/fbdev/pm2fb.c | 9 +- drivers/video/fbdev/uvesafb.c | 1 + drivers/video/fbdev/vermilion/vermilion.c | 4 +- drivers/video/fbdev/via/via-core.c | 9 +- drivers/vme/bridges/vme_fake.c | 2 + drivers/vme/bridges/vme_tsi148.c | 1 + drivers/xen/privcmd.c | 2 +- fs/afs/fs_probe.c | 5 +- fs/binfmt_misc.c | 8 +- fs/btrfs/file.c | 10 +- fs/char_dev.c | 2 +- fs/configfs/dir.c | 2 + fs/debugfs/file.c | 28 +- fs/f2fs/gc.c | 10 +- fs/f2fs/segment.c | 6 +- fs/f2fs/super.c | 2 +- fs/hfs/inode.c | 2 + fs/hfs/trans.c | 2 +- fs/hugetlbfs/inode.c | 6 +- fs/jfs/jfs_dmap.c | 27 +- fs/jfs/namei.c | 2 +- fs/ksmbd/mgmt/user_session.c | 8 +- fs/libfs.c | 22 +- fs/lockd/svcsubs.c | 17 +- fs/nfs/namespace.c | 2 +- fs/nfs/nfs4proc.c | 38 +- fs/nfs/nfs4state.c | 2 + fs/nfs/nfs4xdr.c | 12 +- fs/nfsd/nfs2acl.c | 32 +- fs/nfsd/nfs4callback.c | 4 +- fs/nfsd/nfs4state.c | 51 +- fs/nilfs2/the_nilfs.c | 73 +- fs/ntfs3/bitmap.c | 2 +- fs/ntfs3/super.c | 2 +- fs/ntfs3/xattr.c | 2 +- fs/ocfs2/stackglue.c | 8 +- fs/orangefs/orangefs-debugfs.c | 29 +- fs/orangefs/orangefs-mod.c | 8 +- fs/overlayfs/dir.c | 10 +- fs/overlayfs/file.c | 43 +- fs/overlayfs/inode.c | 19 +- fs/overlayfs/overlayfs.h | 13 +- fs/overlayfs/ovl_entry.h | 2 +- fs/overlayfs/super.c | 12 +- fs/overlayfs/util.c | 47 +- fs/pstore/Kconfig | 1 + fs/pstore/pmsg.c | 7 +- fs/pstore/ram.c | 2 + fs/pstore/ram_core.c | 6 +- fs/reiserfs/namei.c | 4 + fs/reiserfs/xattr_security.c | 2 +- fs/sysv/itree.c | 2 +- fs/udf/namei.c | 8 +- fs/xattr.c | 2 +- include/dt-bindings/clock/imx8mn-clock.h | 12 +- include/linux/debugfs.h | 19 +- include/linux/eventfd.h | 2 +- include/linux/fs.h | 12 +- include/linux/gpio/consumer.h | 35 +- include/linux/hyperv.h | 2 + include/linux/iio/imu/adis.h | 63 +- include/linux/libata.h | 79 +- include/linux/netdevice.h | 58 +- include/linux/overflow.h | 110 +- include/linux/proc_fs.h | 2 + include/linux/skmsg.h | 1 + include/linux/soc/qcom/apr.h | 12 +- include/linux/timerqueue.h | 2 +- include/linux/usb/typec.h | 3 + include/media/dvbdev.h | 32 +- include/net/dst.h | 5 +- include/net/mrp.h | 1 + include/net/sock_reuseport.h | 2 + include/net/tcp.h | 4 +- include/sound/hdaudio.h | 2 + include/sound/hdaudio_ext.h | 1 - include/sound/pcm.h | 36 +- include/trace/events/ib_mad.h | 13 +- include/uapi/drm/drm_fourcc.h | 11 + include/uapi/linux/idxd.h | 2 +- include/uapi/linux/swab.h | 2 +- include/uapi/sound/asequencer.h | 8 +- kernel/Makefile | 2 +- kernel/acct.c | 2 + kernel/bpf/btf.c | 5 + kernel/bpf/verifier.c | 127 +- kernel/cpu.c | 60 +- kernel/events/core.c | 8 +- kernel/fork.c | 17 +- kernel/futex/Makefile | 3 + kernel/{futex.c => futex/core.c} | 28 +- kernel/gcov/gcc_4_7.c | 5 + kernel/irq/internals.h | 2 + kernel/irq/irqdesc.c | 15 +- kernel/padata.c | 15 +- kernel/power/snapshot.c | 4 +- kernel/rcu/tree.c | 2 +- kernel/relay.c | 4 +- kernel/sched/cpudeadline.c | 2 +- kernel/sched/deadline.c | 4 +- kernel/sched/fair.c | 190 +- kernel/sched/rt.c | 4 +- kernel/sched/sched.h | 14 + kernel/trace/blktrace.c | 3 +- kernel/trace/trace_events_hist.c | 2 +- lib/debugobjects.c | 10 + lib/fonts/fonts.c | 4 +- lib/notifier-error-inject.c | 2 +- lib/test_firmware.c | 1 + lib/test_overflow.c | 98 + net/802/mrp.c | 18 +- net/9p/client.c | 5 + net/bluetooth/hci_core.c | 2 +- net/bluetooth/mgmt.c | 2 +- net/bluetooth/rfcomm/core.c | 2 +- net/bpf/test_run.c | 3 - net/core/dev.c | 14 +- net/core/filter.c | 11 +- net/core/skbuff.c | 3 + net/core/skmsg.c | 9 +- net/core/sock.c | 2 +- net/core/sock_map.c | 2 + net/core/sock_reuseport.c | 94 +- net/core/stream.c | 6 + net/dsa/tag_8021q.c | 11 +- net/ethtool/ioctl.c | 3 +- net/hsr/hsr_device.c | 22 +- net/hsr/hsr_forward.c | 7 +- net/hsr/hsr_framereg.c | 25 +- net/hsr/hsr_framereg.h | 3 + net/ipv4/inet_connection_sock.c | 12 +- net/ipv4/tcp_bpf.c | 19 +- net/ipv4/udp_tunnel_core.c | 1 + net/ipv6/sit.c | 22 +- net/mac80211/iface.c | 1 + net/netfilter/nf_conntrack_proto_icmpv6.c | 53 + net/netfilter/nf_flow_table_offload.c | 6 +- net/openvswitch/datapath.c | 25 +- net/rxrpc/output.c | 2 +- net/rxrpc/sendmsg.c | 2 +- net/sched/ematch.c | 2 + net/sctp/sysctl.c | 73 +- net/sunrpc/clnt.c | 2 +- net/sunrpc/xprtrdma/verbs.c | 2 +- net/tls/tls_sw.c | 6 +- net/unix/af_unix.c | 12 +- net/vmw_vsock/vmci_transport.c | 6 +- net/wireless/reg.c | 4 +- samples/vfio-mdev/mdpy-fb.c | 8 +- security/Kconfig.hardening | 3 + security/apparmor/apparmorfs.c | 4 +- security/apparmor/lsm.c | 4 +- security/apparmor/policy.c | 2 +- security/apparmor/policy_ns.c | 2 +- security/apparmor/policy_unpack.c | 2 +- security/integrity/digsig.c | 6 +- security/integrity/ima/ima_policy.c | 51 +- security/integrity/ima/ima_template.c | 4 +- security/loadpin/loadpin.c | 30 +- sound/core/pcm_native.c | 4 +- sound/drivers/mts64.c | 3 + sound/hda/ext/hdac_ext_stream.c | 17 - sound/hda/hdac_stream.c | 27 + sound/pci/asihpi/hpioctl.c | 2 +- sound/pci/hda/hda_controller.c | 4 +- sound/pci/hda/patch_hdmi.c | 1 + sound/pci/hda/patch_realtek.c | 27 + sound/soc/codecs/pcm512x.c | 8 +- sound/soc/codecs/rt298.c | 7 + sound/soc/codecs/rt5670.c | 2 - sound/soc/codecs/wm8994.c | 5 + sound/soc/generic/audio-graph-card.c | 4 +- sound/soc/intel/skylake/skl.c | 7 +- sound/soc/mediatek/common/mtk-btcvsd.c | 6 +- sound/soc/mediatek/mt8173/mt8173-afe-pcm.c | 71 +- sound/soc/mediatek/mt8173/mt8173-rt5650-rt5514.c | 7 +- .../mt8183/mt8183-mt6358-ts3a227-max98357.c | 14 +- sound/soc/pxa/mmp-pcm.c | 2 +- sound/soc/qcom/lpass-sc7180.c | 3 + sound/soc/rockchip/rockchip_pdm.c | 1 + sound/soc/rockchip/rockchip_spdif.c | 1 + sound/usb/quirks-table.h | 2 + tools/include/linux/kernel.h | 6 + tools/lib/bpf/bpf.h | 7 + tools/lib/bpf/btf.c | 8 +- tools/lib/bpf/btf_dump.c | 31 +- tools/lib/bpf/libbpf.c | 3 + tools/objtool/check.c | 10 + tools/perf/builtin-stat.c | 46 +- tools/perf/builtin-trace.c | 32 +- tools/perf/util/debug.c | 4 + tools/perf/util/symbol-elf.c | 2 +- tools/testing/selftests/bpf/config | 4 + tools/testing/selftests/bpf/prog_tests/bpf_nf.c | 48 + tools/testing/selftests/bpf/progs/test_bpf_nf.c | 109 + .../selftests/drivers/net/netdevsim/devlink.sh | 4 +- tools/testing/selftests/efivarfs/efivarfs.sh | 5 + .../ftrace/test.d/ftrace/func_event_triggers.tc | 15 +- .../kvm/memslot_modification_stress_test.c | 2 +- .../selftests/netfilter/conntrack_icmp_related.sh | 36 +- .../selftests/powerpc/dscr/dscr_sysfs_test.c | 5 +- tools/testing/selftests/proc/proc-uptime-002.c | 3 +- 727 files changed, 39668 insertions(+), 3853 deletions(-)

2 years, 8 months

17
753
0 0

[PATCH 3/6] bus: mhi: ep: Only send -ENOTCONN status if client driver is available

by Manivannan Sadhasivam

For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer dereference. Cc: <stable(a)vger.kernel.org> # 5.19 Fixes: e827569062a8 ("bus: mhi: ep: Add support for processing command rings") Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam(a)linaro.org> --- drivers/bus/mhi/ep/main.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/drivers/bus/mhi/ep/main.c b/drivers/bus/mhi/ep/main.c index 8b065a3cc848..7d68b00bdbcf 100644 --- a/drivers/bus/mhi/ep/main.c +++ b/drivers/bus/mhi/ep/main.c @@ -203,9 +203,11 @@ static int mhi_ep_process_cmd_ring(struct mhi_ep_ring *ring, struct mhi_ring_ele mhi_ep_mmio_disable_chdb(mhi_cntrl, ch_id); /* Send channel disconnect status to client drivers */ - result.transaction_status = -ENOTCONN; - result.bytes_xferd = 0; - mhi_chan->xfer_cb(mhi_chan->mhi_dev, &result); + if (mhi_chan->xfer_cb) { + result.transaction_status = -ENOTCONN; + result.bytes_xferd = 0; + mhi_chan->xfer_cb(mhi_chan->mhi_dev, &result); + } /* Set channel state to STOP */ mhi_chan->state = MHI_CH_STATE_STOP; @@ -235,9 +237,11 @@ static int mhi_ep_process_cmd_ring(struct mhi_ep_ring *ring, struct mhi_ring_ele mhi_ep_ring_reset(mhi_cntrl, ch_ring); /* Send channel disconnect status to client driver */ - result.transaction_status = -ENOTCONN; - result.bytes_xferd = 0; - mhi_chan->xfer_cb(mhi_chan->mhi_dev, &result); + if (mhi_chan->xfer_cb) { + result.transaction_status = -ENOTCONN; + result.bytes_xferd = 0; + mhi_chan->xfer_cb(mhi_chan->mhi_dev, &result); + } /* Set channel state to DISABLED */ mhi_chan->state = MHI_CH_STATE_DISABLED; -- 2.25.1

2 years, 8 months

2
1
0 0

[PATCH] drm/i915/: dell wyse 3040 shutdown fix

by Alexey Lukyanchuk

dell wyse 3040 doesn't peform poweroff properly, but instead remains in turned power on state. Additional mutex_lock and intel_crtc_wait_for_next_vblank in drivers/gpu/drm/i915/display/intel_crtc.c from feature 6.2 kernel resolve this trouble cc: stable(a)vger.kernel.org original commit Link: https://patchwork.freedesktop.org/patch/508926/ fixes: Signed-off-by: Alexey Lukyanchuk <skif(a)skif-web.ru> --- I got some troubles with this device (dell wyse 3040) since kernel 5.11 started to use i915_driver_shutdown function. I found solution here: https://lore.kernel.org/dri-devel/Y1wd6ZJ8LdJpCfZL@intel.com/#r --- drivers/gpu/drm/i915/display/intel_audio.c | 37 +++++++++++++++------- 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/drivers/gpu/drm/i915/display/intel_audio.c b/drivers/gpu/drm/i915/display/intel_audio.c index aacbc6da8..44344ecdf 100644 --- a/drivers/gpu/drm/i915/display/intel_audio.c +++ b/drivers/gpu/drm/i915/display/intel_audio.c @@ -336,6 +336,7 @@ static void g4x_audio_codec_disable(struct intel_encoder *encoder, const struct drm_connector_state *old_conn_state) { struct drm_i915_private *dev_priv = to_i915(encoder->base.dev); + struct intel_crtc *crtc = to_intel_crtc(old_crtc_state->uapi.crtc); u32 eldv, tmp; tmp = intel_de_read(dev_priv, G4X_AUD_VID_DID); @@ -348,6 +349,9 @@ static void g4x_audio_codec_disable(struct intel_encoder *encoder, tmp = intel_de_read(dev_priv, G4X_AUD_CNTL_ST); tmp &= ~eldv; intel_de_write(dev_priv, G4X_AUD_CNTL_ST, tmp); + + intel_crtc_wait_for_next_vblank(crtc); + intel_crtc_wait_for_next_vblank(crtc); } static void g4x_audio_codec_enable(struct intel_encoder *encoder, @@ -355,12 +359,15 @@ static void g4x_audio_codec_enable(struct intel_encoder *encoder, const struct drm_connector_state *conn_state) { struct drm_i915_private *dev_priv = to_i915(encoder->base.dev); + struct intel_crtc *crtc = to_intel_crtc(crtc_state->uapi.crtc); struct drm_connector *connector = conn_state->connector; const u8 *eld = connector->eld; u32 eldv; u32 tmp; int len, i; + intel_crtc_wait_for_next_vblank(crtc); + tmp = intel_de_read(dev_priv, G4X_AUD_VID_DID); if (tmp == INTEL_AUDIO_DEVBLC || tmp == INTEL_AUDIO_DEVCL) eldv = G4X_ELDV_DEVCL_DEVBLC; @@ -493,6 +500,7 @@ static void hsw_audio_codec_disable(struct intel_encoder *encoder, const struct drm_connector_state *old_conn_state) { struct drm_i915_private *dev_priv = to_i915(encoder->base.dev); + struct intel_crtc *crtc = to_intel_crtc(old_crtc_state->uapi.crtc); enum transcoder cpu_transcoder = old_crtc_state->cpu_transcoder; u32 tmp; @@ -508,6 +516,10 @@ static void hsw_audio_codec_disable(struct intel_encoder *encoder, tmp |= AUD_CONFIG_N_VALUE_INDEX; intel_de_write(dev_priv, HSW_AUD_CFG(cpu_transcoder), tmp); + + intel_crtc_wait_for_next_vblank(crtc); + intel_crtc_wait_for_next_vblank(crtc); + /* Invalidate ELD */ tmp = intel_de_read(dev_priv, HSW_AUD_PIN_ELD_CP_VLD); tmp &= ~AUDIO_ELD_VALID(cpu_transcoder); @@ -633,6 +645,7 @@ static void hsw_audio_codec_enable(struct intel_encoder *encoder, const struct drm_connector_state *conn_state) { struct drm_i915_private *dev_priv = to_i915(encoder->base.dev); + struct intel_crtc *crtc = to_intel_crtc(crtc_state->uapi.crtc); struct drm_connector *connector = conn_state->connector; enum transcoder cpu_transcoder = crtc_state->cpu_transcoder; const u8 *eld = connector->eld; @@ -651,12 +664,7 @@ static void hsw_audio_codec_enable(struct intel_encoder *encoder, tmp &= ~AUDIO_ELD_VALID(cpu_transcoder); intel_de_write(dev_priv, HSW_AUD_PIN_ELD_CP_VLD, tmp); - /* - * FIXME: We're supposed to wait for vblank here, but we have vblanks - * disabled during the mode set. The proper fix would be to push the - * rest of the setup into a vblank work item, queued here, but the - * infrastructure is not there yet. - */ + intel_crtc_wait_for_next_vblank(crtc); /* Reset ELD write address */ tmp = intel_de_read(dev_priv, HSW_AUD_DIP_ELD_CTRL(cpu_transcoder)); @@ -705,6 +713,8 @@ static void ilk_audio_codec_disable(struct intel_encoder *encoder, aud_cntrl_st2 = CPT_AUD_CNTRL_ST2; } + mutex_lock(&dev_priv->display.audio.mutex); + /* Disable timestamps */ tmp = intel_de_read(dev_priv, aud_config); tmp &= ~AUD_CONFIG_N_VALUE_INDEX; @@ -721,6 +731,10 @@ static void ilk_audio_codec_disable(struct intel_encoder *encoder, tmp = intel_de_read(dev_priv, aud_cntrl_st2); tmp &= ~eldv; intel_de_write(dev_priv, aud_cntrl_st2, tmp); + mutex_unlock(&dev_priv->display.audio.mutex); + + intel_crtc_wait_for_next_vblank(crtc); + intel_crtc_wait_for_next_vblank(crtc); } static void ilk_audio_codec_enable(struct intel_encoder *encoder, @@ -740,12 +754,7 @@ static void ilk_audio_codec_enable(struct intel_encoder *encoder, if (drm_WARN_ON(&dev_priv->drm, port == PORT_A)) return; - /* - * FIXME: We're supposed to wait for vblank here, but we have vblanks - * disabled during the mode set. The proper fix would be to push the - * rest of the setup into a vblank work item, queued here, but the - * infrastructure is not there yet. - */ + intel_crtc_wait_for_next_vblank(crtc); if (HAS_PCH_IBX(dev_priv)) { hdmiw_hdmiedid = IBX_HDMIW_HDMIEDID(pipe); @@ -767,6 +776,8 @@ static void ilk_audio_codec_enable(struct intel_encoder *encoder, eldv = IBX_ELD_VALID(port); + mutex_lock(&dev_priv->display.audio.mutex); + /* Invalidate ELD */ tmp = intel_de_read(dev_priv, aud_cntrl_st2); tmp &= ~eldv; @@ -798,6 +809,8 @@ static void ilk_audio_codec_enable(struct intel_encoder *encoder, else tmp |= audio_config_hdmi_pixel_clock(crtc_state); intel_de_write(dev_priv, aud_config, tmp); + + mutex_unlock(&dev_priv->display.audio.mutex); } /** -- 2.25.1

2 years, 8 months

4
12
0 0

[PATCH 0/2] net/af_packet: Fix kernel BUG in __skb_gso_segment

by Tudor Ambarus

The series is intended for stable(a)vger.kernel.org # 5.4+ Syzkaller reported the following bug on linux-5.{4, 10, 15}.y: https://syzkaller.appspot.com/bug?id=ce5575575f074c33ff80d104f5baee26f22e95… The upstream commit that introduces this bug is: 1ed1d5921139 ("net: skip virtio_net_hdr_set_proto if protocol already set") Upstream fixes the bug with the following commits, one of which introduces new support: e9d3f80935b6 ("net/af_packet: make sure to pull mac header") dfed913e8b55 ("net/af_packet: add VLAN support for AF_PACKET SOCK_RAW GSO") The additional logic and risk backported seems manageable. The blammed commit introduces a kernel BUG in __skb_gso_segment for AF_PACKET SOCK_RAW GSO VLAN tagged packets. What happens is that virtio_net_hdr_set_proto() exists early as skb->protocol is already set to ETH_P_ALL. Then in packet_parse_headers() skb->protocol is set to ETH_P_8021AD, but neither the network header position is adjusted, nor the mac header is pulled. Thus when we get to validate the xmit skb and enter skb_mac_gso_segment(), skb->mac_len has value 14, but vlan_depth gets updated to 18 after skb_network_protocol() is called. This causes the BUG_ON from __skb_pull(skb, vlan_depth) to be hit, as the mac header has not been pulled yet. The fixes from upstream backported cleanly without conflicts. I updated the commit message of the first patch to describe the problem encountered, and added Cc, Fixes, Reported-by and Tested-by tags. For the second patch I just added Cc to stable indicating the versions to be fixed, and added my Tested and Signed-off-by tags. I tested the patches on linux-5.{4, 10, 15}.y. Eric Dumazet (1): net/af_packet: make sure to pull mac header Hangbin Liu (1): net/af_packet: add VLAN support for AF_PACKET SOCK_RAW GSO net/packet/af_packet.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) -- 2.34.1

2 years, 8 months

2
3
0 0

Please apply to v5.15 stable: 96017bf90397 ("rcu-tasks: Simplify trc_read_check_handler() atomic operations")

by Joel Fernandes

Hello, Please apply 96017bf90397 ("rcu-tasks: Simplify trc_read_check_handler() atomic operations") to the stable v5.15 stable kernel. It made it in v5.16. I confirmed the patch fixes the following splat which happens twice on TRACE02: [ 765.941351] WARNING: CPU: 0 PID: 80 at kernel/rcu/tasks.h:895 trc_read_check_handler+0x61/0xe0 [ 765.949880] Modules linked in: [ 765.953006] CPU: 0 PID: 80 Comm: rcu_torture_rea Not tainted 5.15.86-rc1+ #25 [ 765.959982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 [ 765.967964] RIP: 0010:trc_read_check_handler+0x61/0xe0 [ 765.973050] Code: 01 00 89 c0 48 03 2c c5 80 f8 a5 ae c6 45 00 00 [..] [ 765.991768] RSP: 0000:ffffa64ac0003fb0 EFLAGS: 00010047 [ 765.997042] RAX: ffffffffad4f8610 RBX: ffffa26b41bd3000 RCX: ffffa26b5f4ac8c0 [ 766.004418] RDX: 0000000000000000 RSI: ffffffffae978121 RDI: ffffa26b41bd3000 [ 766.011502] RBP: ffffa26b41bd6000 R08: ffffa26b41bd3000 R09: 0000000000000000 [ 766.018778] R10: 0000000000000000 R11: ffffa64ac0003ff8 R12: 0000000000000000 [ 766.025943] R13: ffffa26b5f4ac8c0 R14: 0000000000000000 R15: 0000000000000000 [ 766.034383] FS: 0000000000000000(0000) GS:ffffa26b5f400000(0000) knlGS:0000000000000000 [ 766.042925] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 766.048775] CR2: 0000000000000000 CR3: 0000000001924000 CR4: 00000000000006f0 [ 766.055991] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 766.063135] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 766.070711] Call Trace: [ 766.073515] <IRQ> [ 766.075807] flush_smp_call_function_queue+0xec/0x1a0 [ 766.081087] __sysvec_call_function_single+0x3e/0x1d0 [ 766.086466] sysvec_call_function_single+0x89/0xc0 [ 766.091431] </IRQ> [ 766.093713] <TASK> [ 766.095930] asm_sysvec_call_function_single+0x16/0x20 Full kernel logs: http://box.joelfernandes.org:9080/job/rcutorture_stable/job/Linux%20Stable%… Cheers, - Joel

2 years, 8 months

2
2
0 0

[PATCH 5.10 0/2] wifi: rtlwifi: 8192de: fix IQK reload checking

by Semyon Verchenko

SVACE reports always true condition issue at tl92d_phy_reload_iqk_setting() in 5.10 stable releases. The problem has been fixed by the following patches which can be cleanly applied to the 5.10 branch. Found by Linux Verification Center (linuxtesting.org) with SVACE.

2 years, 8 months

2
3
0 0

Stable backport request

by Mimi Zohar

Stable team, Please backport these upstream commits to stable kernels: - c7423dbdbc9e ("ima: Handle -ESTALE returned by ima_filter_rule_match()" Dependency on: - d57378d3aa4d ("ima: Simplify ima_lsm_copy_rule") Known minor merge conflicts: - Commit: 65603435599f ("ima: Fix trivial typos in the comments") fixed "refrences" spelling, causes a merge conflict. - Commit 28073eb09c5a ("ima: Fix fall-through warnings for Clang") adds a "break;" before "default:", causes a merge conflict. Simplifies backporting to linux-5.4.y: - 465aee77aae8 ("ima: Free the entire rule when deleting a list of rules") except for the line "kfree(entry->keyrings);" - introduced in 5.6.y. - 39e5993d0d45 ("ima: Shallow copy the args_p member of ima_rule_entry.lsm elements") - b8867eedcf76 ("ima: Rename internal filter rule functions") - f60c826d0318 ("ima: Use kmemdup rather than kmalloc+memcpy") A patch for kernels prior to commit b16942455193 ("ima: use the lsm policy update notifier") will be posted separately. thanks, Mimi

2 years, 8 months

2
3
0 0

[PATCH v2] crypto: ccp - Allocate TEE ring and cmd buffer using DMA APIs

by Rijo Thomas

For AMD Secure Processor (ASP) to map and access TEE ring buffer, the ring buffer address sent by host to ASP must be a real physical address and the pages must be physically contiguous. In a virtualized environment though, when the driver is running in a guest VM, the pages allocated by __get_free_pages() may not be contiguous in the host (or machine) physical address space. Guests will see a guest (or pseudo) physical address and not the actual host (or machine) physical address. The TEE running on ASP cannot decipher pseudo physical addresses. It needs host or machine physical address. To resolve this problem, use DMA APIs for allocating buffers that must be shared with TEE. This will ensure that the pages are contiguous in host (or machine) address space. If the DMA handle is an IOVA, translate it into a physical address before sending it to ASP. This patch also exports two APIs (one for buffer allocation and another to free the buffer). This API can be used by AMD-TEE driver to share buffers with TEE. Fixes: 33960acccfbd ("crypto: ccp - add TEE support for Raven Ridge") Cc: Tom Lendacky <thomas.lendacky(a)amd.com> Cc: stable(a)vger.kernel.org Signed-off-by: Rijo Thomas <Rijo-john.Thomas(a)amd.com> Co-developed-by: Jeshwanth <JESHWANTHKUMAR.NK(a)amd.com> Signed-off-by: Jeshwanth <JESHWANTHKUMAR.NK(a)amd.com> Reviewed-by: Devaraj Rangasamy <Devaraj.Rangasamy(a)amd.com> --- v2: * Removed references to dma_buffer. * If psp_init() fails, clear reference to master device. * Handle gfp flags within psp_tee_alloc_buffer() instead of passing it as a function argument. * Added comments within psp_tee_alloc_buffer() to serve as future documentation. drivers/crypto/ccp/psp-dev.c | 13 ++-- drivers/crypto/ccp/tee-dev.c | 124 +++++++++++++++++++++++------------ drivers/crypto/ccp/tee-dev.h | 9 +-- include/linux/psp-tee.h | 49 ++++++++++++++ 4 files changed, 142 insertions(+), 53 deletions(-) diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c index c9c741ac8442..380f5caaa550 100644 --- a/drivers/crypto/ccp/psp-dev.c +++ b/drivers/crypto/ccp/psp-dev.c @@ -161,13 +161,13 @@ int psp_dev_init(struct sp_device *sp) goto e_err; } - ret = psp_init(psp); - if (ret) - goto e_irq; - if (sp->set_psp_master_device) sp->set_psp_master_device(sp); + ret = psp_init(psp); + if (ret) + goto e_clear; + /* Enable interrupt */ iowrite32(-1, psp->io_regs + psp->vdata->inten_reg); @@ -175,7 +175,10 @@ int psp_dev_init(struct sp_device *sp) return 0; -e_irq: +e_clear: + if (sp->clear_psp_master_device) + sp->clear_psp_master_device(sp); + sp_free_psp_irq(psp->sp, psp); e_err: sp->psp_data = NULL; diff --git a/drivers/crypto/ccp/tee-dev.c b/drivers/crypto/ccp/tee-dev.c index 5c9d47f3be37..5c43e6e166f1 100644 --- a/drivers/crypto/ccp/tee-dev.c +++ b/drivers/crypto/ccp/tee-dev.c @@ -12,8 +12,9 @@ #include <linux/mutex.h> #include <linux/delay.h> #include <linux/slab.h> +#include <linux/dma-direct.h> +#include <linux/iommu.h> #include <linux/gfp.h> -#include <linux/psp-sev.h> #include <linux/psp-tee.h> #include "psp-dev.h" @@ -21,25 +22,73 @@ static bool psp_dead; +struct psp_tee_buffer *psp_tee_alloc_buffer(unsigned long size) +{ + struct psp_device *psp = psp_get_master_device(); + struct psp_tee_buffer *buf; + struct iommu_domain *dom; + + if (!psp || !size) + return NULL; + + buf = kzalloc(sizeof(*buf), GFP_KERNEL); + if (!buf) + return NULL; + + /* The pages allocated for PSP Trusted OS must be physically + * contiguous in host (or machine) address space. Therefore, + * use DMA API to allocate memory. + */ + + buf->vaddr = dma_alloc_coherent(psp->dev, size, &buf->dma, + GFP_KERNEL | __GFP_ZERO); + if (!buf->vaddr || !buf->dma) { + kfree(buf); + return NULL; + } + + buf->size = size; + + /* Check whether IOMMU is present. If present, convert IOVA to + * physical address. In the absence of IOMMU, the DMA address + * is actually the physical address. + */ + + dom = iommu_get_domain_for_dev(psp->dev); + if (dom) + buf->paddr = iommu_iova_to_phys(dom, buf->dma); + else + buf->paddr = buf->dma; + + return buf; +} +EXPORT_SYMBOL(psp_tee_alloc_buffer); + +void psp_tee_free_buffer(struct psp_tee_buffer *buf) +{ + struct psp_device *psp = psp_get_master_device(); + + if (!psp || !buf) + return; + + dma_free_coherent(psp->dev, buf->size, buf->vaddr, buf->dma); + + kfree(buf); +} +EXPORT_SYMBOL(psp_tee_free_buffer); + static int tee_alloc_ring(struct psp_tee_device *tee, int ring_size) { struct ring_buf_manager *rb_mgr = &tee->rb_mgr; - void *start_addr; if (!ring_size) return -EINVAL; - /* We need actual physical address instead of DMA address, since - * Trusted OS running on AMD Secure Processor will map this region - */ - start_addr = (void *)__get_free_pages(GFP_KERNEL, get_order(ring_size)); - if (!start_addr) + rb_mgr->ring_buf = psp_tee_alloc_buffer(ring_size); + if (!rb_mgr->ring_buf) { + dev_err(tee->dev, "ring allocation failed\n"); return -ENOMEM; - - memset(start_addr, 0x0, ring_size); - rb_mgr->ring_start = start_addr; - rb_mgr->ring_size = ring_size; - rb_mgr->ring_pa = __psp_pa(start_addr); + } mutex_init(&rb_mgr->mutex); return 0; @@ -49,15 +98,8 @@ static void tee_free_ring(struct psp_tee_device *tee) { struct ring_buf_manager *rb_mgr = &tee->rb_mgr; - if (!rb_mgr->ring_start) - return; - - free_pages((unsigned long)rb_mgr->ring_start, - get_order(rb_mgr->ring_size)); + psp_tee_free_buffer(rb_mgr->ring_buf); - rb_mgr->ring_start = NULL; - rb_mgr->ring_size = 0; - rb_mgr->ring_pa = 0; mutex_destroy(&rb_mgr->mutex); } @@ -81,35 +123,35 @@ static int tee_wait_cmd_poll(struct psp_tee_device *tee, unsigned int timeout, return -ETIMEDOUT; } -static -struct tee_init_ring_cmd *tee_alloc_cmd_buffer(struct psp_tee_device *tee) +static struct psp_tee_buffer *tee_alloc_cmd_buffer(struct psp_tee_device *tee) { + struct psp_tee_buffer *cmd_buffer; struct tee_init_ring_cmd *cmd; - cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); - if (!cmd) + cmd_buffer = psp_tee_alloc_buffer(sizeof(*cmd)); + if (!cmd_buffer) return NULL; - cmd->hi_addr = upper_32_bits(tee->rb_mgr.ring_pa); - cmd->low_addr = lower_32_bits(tee->rb_mgr.ring_pa); - cmd->size = tee->rb_mgr.ring_size; + cmd = (struct tee_init_ring_cmd *)cmd_buffer->vaddr; + cmd->hi_addr = upper_32_bits(tee->rb_mgr.ring_buf->paddr); + cmd->low_addr = lower_32_bits(tee->rb_mgr.ring_buf->paddr); + cmd->size = tee->rb_mgr.ring_buf->size; dev_dbg(tee->dev, "tee: ring address: high = 0x%x low = 0x%x size = %u\n", cmd->hi_addr, cmd->low_addr, cmd->size); - return cmd; + return cmd_buffer; } -static inline void tee_free_cmd_buffer(struct tee_init_ring_cmd *cmd) +static inline void tee_free_cmd_buffer(struct psp_tee_buffer *cmd_buffer) { - kfree(cmd); + psp_tee_free_buffer(cmd_buffer); } static int tee_init_ring(struct psp_tee_device *tee) { int ring_size = MAX_RING_BUFFER_ENTRIES * sizeof(struct tee_ring_cmd); - struct tee_init_ring_cmd *cmd; - phys_addr_t cmd_buffer; + struct psp_tee_buffer *cmd_buffer; unsigned int reg; int ret; @@ -123,21 +165,19 @@ static int tee_init_ring(struct psp_tee_device *tee) tee->rb_mgr.wptr = 0; - cmd = tee_alloc_cmd_buffer(tee); - if (!cmd) { + cmd_buffer = tee_alloc_cmd_buffer(tee); + if (!cmd_buffer) { tee_free_ring(tee); return -ENOMEM; } - cmd_buffer = __psp_pa((void *)cmd); - /* Send command buffer details to Trusted OS by writing to * CPU-PSP message registers */ - iowrite32(lower_32_bits(cmd_buffer), + iowrite32(lower_32_bits(cmd_buffer->paddr), tee->io_regs + tee->vdata->cmdbuff_addr_lo_reg); - iowrite32(upper_32_bits(cmd_buffer), + iowrite32(upper_32_bits(cmd_buffer->paddr), tee->io_regs + tee->vdata->cmdbuff_addr_hi_reg); iowrite32(TEE_RING_INIT_CMD, tee->io_regs + tee->vdata->cmdresp_reg); @@ -157,7 +197,7 @@ static int tee_init_ring(struct psp_tee_device *tee) } free_buf: - tee_free_cmd_buffer(cmd); + tee_free_cmd_buffer(cmd_buffer); return ret; } @@ -167,7 +207,7 @@ static void tee_destroy_ring(struct psp_tee_device *tee) unsigned int reg; int ret; - if (!tee->rb_mgr.ring_start) + if (!tee->rb_mgr.ring_buf->vaddr) return; if (psp_dead) @@ -256,7 +296,7 @@ static int tee_submit_cmd(struct psp_tee_device *tee, enum tee_cmd_id cmd_id, do { /* Get pointer to ring buffer command entry */ cmd = (struct tee_ring_cmd *) - (tee->rb_mgr.ring_start + tee->rb_mgr.wptr); + (tee->rb_mgr.ring_buf->vaddr + tee->rb_mgr.wptr); rptr = ioread32(tee->io_regs + tee->vdata->ring_rptr_reg); @@ -305,7 +345,7 @@ static int tee_submit_cmd(struct psp_tee_device *tee, enum tee_cmd_id cmd_id, /* Update local copy of write pointer */ tee->rb_mgr.wptr += sizeof(struct tee_ring_cmd); - if (tee->rb_mgr.wptr >= tee->rb_mgr.ring_size) + if (tee->rb_mgr.wptr >= tee->rb_mgr.ring_buf->size) tee->rb_mgr.wptr = 0; /* Trigger interrupt to Trusted OS */ diff --git a/drivers/crypto/ccp/tee-dev.h b/drivers/crypto/ccp/tee-dev.h index 49d26158b71e..ee22d60177a2 100644 --- a/drivers/crypto/ccp/tee-dev.h +++ b/drivers/crypto/ccp/tee-dev.h @@ -16,6 +16,7 @@ #include <linux/device.h> #include <linux/mutex.h> +#include <linux/psp-tee.h> #define TEE_DEFAULT_TIMEOUT 10 #define MAX_BUFFER_SIZE 988 @@ -48,16 +49,12 @@ struct tee_init_ring_cmd { /** * struct ring_buf_manager - Helper structure to manage ring buffer. - * @ring_start: starting address of ring buffer - * @ring_size: size of ring buffer in bytes - * @ring_pa: physical address of ring buffer + * @ring_buf: ring buffer allocated for sharing with TEE * @wptr: index to the last written entry in ring buffer */ struct ring_buf_manager { struct mutex mutex; /* synchronizes access to ring buffer */ - void *ring_start; - u32 ring_size; - phys_addr_t ring_pa; + struct psp_tee_buffer *ring_buf; u32 wptr; }; diff --git a/include/linux/psp-tee.h b/include/linux/psp-tee.h index cb0c95d6d76b..670bb7877456 100644 --- a/include/linux/psp-tee.h +++ b/include/linux/psp-tee.h @@ -13,6 +13,7 @@ #include <linux/types.h> #include <linux/errno.h> +#include <linux/dma-mapping.h> /* This file defines the Trusted Execution Environment (TEE) interface commands * and the API exported by AMD Secure Processor driver to communicate with @@ -40,6 +41,22 @@ enum tee_cmd_id { TEE_CMD_ID_UNMAP_SHARED_MEM, }; +/** + * struct psp_tee_buffer - Structure that has buffer details of memory that can + * be shared with PSP TEE. + * + * @dma: DMA address of memory + * @paddr: Physical address of memory + * @vaddr: CPU virtual address of memory + * @size: Size of memory in bytes + */ +struct psp_tee_buffer { + dma_addr_t dma; + phys_addr_t paddr; + void *vaddr; + unsigned long size; +}; + #ifdef CONFIG_CRYPTO_DEV_SP_PSP /** * psp_tee_process_cmd() - Process command in Trusted Execution Environment @@ -75,6 +92,28 @@ int psp_tee_process_cmd(enum tee_cmd_id cmd_id, void *buf, size_t len, */ int psp_check_tee_status(void); +/** + * psp_tee_alloc_buffer() - Allocates memory of requested size using + * dma_alloc_coherent() API. + * + * This function can be used to allocate a shared memory region between the + * host and PSP TEE. + * + * Returns: + * non-NULL a valid pointer to struct psp_tee_buffer + * NULL on failure + */ +struct psp_tee_buffer *psp_tee_alloc_buffer(unsigned long size); + +/** + * psp_tee_free_buffer() - Deallocates memory using dma_free_coherent() API. + * + * This function can be used to release shared memory region between host + * and PSP TEE. + * + */ +void psp_tee_free_buffer(struct psp_tee_buffer *buffer); + #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ static inline int psp_tee_process_cmd(enum tee_cmd_id cmd_id, void *buf, @@ -87,5 +126,15 @@ static inline int psp_check_tee_status(void) { return -ENODEV; } + +static inline +struct psp_tee_buffer *psp_tee_alloc_buffer(unsigned long size) +{ + return NULL; +} + +static inline void psp_tee_free_buffer(struct psp_tee_buffer *buffer) +{ +} #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_TEE_H_ */ -- 2.25.1

2 years, 8 months

4
5
0 0

[PATCH] of/fdt: run soc memory setup when early_init_dt_scan_memory fails

by andreas＠rammhold.de

From: Andreas Rammhold <andreas(a)rammhold.de> If memory has been found early_init_dt_scan_memory now returns 1. If it hasn't found any memory it will return 0, allowing other memory setup mechanisms to carry on. Previously early_init_dt_scan_memory always returned 0 without distinguishing between any kind of memory setup being done or not. Any code path after the early_init_dt_scan memory call in the ramips plat_mem_setup code wouldn't be executed anymore. Making early_init_dt_scan_memory the only way to initialize the memory. Some boards, including my mt7621 based Cudy X6 board, depend on memory initialization being done via the soc_info.mem_detect function pointer. Those wouldn't be able to obtain memory and panic the kernel during early bootup with the message "early_init_dt_alloc_memory_arch: Failed to allocate 12416 bytes align=0x40". Fixes: 1f012283e936 ("of/fdt: Rework early_init_dt_scan_memory() to call directly") Cc: stable(a)vger.kernel.org Signed-off-by: Andreas Rammhold <andreas(a)rammhold.de> --- arch/mips/ralink/of.c | 2 +- drivers/of/fdt.c | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/arch/mips/ralink/of.c b/arch/mips/ralink/of.c index ea8072acf8d94..6873b02634219 100644 --- a/arch/mips/ralink/of.c +++ b/arch/mips/ralink/of.c @@ -63,7 +63,7 @@ void __init plat_mem_setup(void) dtb = get_fdt(); __dt_setup_arch(dtb); - if (!early_init_dt_scan_memory()) + if (early_init_dt_scan_memory()) return; if (soc_info.mem_detect) diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c index 7b571a6316397..4f88e8bbdd279 100644 --- a/drivers/of/fdt.c +++ b/drivers/of/fdt.c @@ -1099,7 +1099,7 @@ u64 __init dt_mem_next_cell(int s, const __be32 **cellp) */ int __init early_init_dt_scan_memory(void) { - int node; + int node, found_memory = 0; const void *fdt = initial_boot_params; fdt_for_each_subnode(node, fdt, 0) { @@ -1139,6 +1139,8 @@ int __init early_init_dt_scan_memory(void) early_init_dt_add_memory_arch(base, size); + found_memory = 1; + if (!hotpluggable) continue; @@ -1147,7 +1149,7 @@ int __init early_init_dt_scan_memory(void) base, base + size); } } - return 0; + return found_memory; } int __init early_init_dt_scan_chosen(char *cmdline) -- 2.38.1

2 years, 8 months

2
1
0 0

Cannot compile 6.1.2 kernel release

by Łukasz Kalamłacki

Hey, Do you have an issue compiling 6.1.2 linux kernel? I cannot compile it. Best, Łukasz

2 years, 8 months

5
12
0 0

[PATCH v2 stable 4.19 1/2] mm/khugepaged: fix GUP-fast interaction by sending IPI

by Jann Horn

Since commit 70cbc3cc78a99 ("mm: gup: fix the fast GUP race against THP collapse"), the lockless_pages_from_mm() fastpath rechecks the pmd_t to ensure that the page table was not removed by khugepaged in between. However, lockless_pages_from_mm() still requires that the page table is not concurrently freed. Fix it by sending IPIs (if the architecture uses semi-RCU-style page table freeing) before freeing/reusing page tables. Link: https://lkml.kernel.org/r/20221129154730.2274278-2-jannh@google.com Link: https://lkml.kernel.org/r/20221128180252.1684965-2-jannh@google.com Link: https://lkml.kernel.org/r/20221125213714.4115729-2-jannh@google.com Fixes: ba76149f47d8 ("thp: khugepaged") Signed-off-by: Jann Horn <jannh(a)google.com> Reviewed-by: Yang Shi <shy828301(a)gmail.com> Acked-by: David Hildenbrand <david(a)redhat.com> Cc: John Hubbard <jhubbard(a)nvidia.com> Cc: Peter Xu <peterx(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> [manual backport: two of the three places in khugepaged that can free ptes were refactored into a common helper between 5.15 and 6.0; TLB flushing was refactored between 5.4 and 5.10; TLB flushing was refactored between 4.19 and 5.4; pmd collapse for PTE-mapped THP was only added in 5.4; ugly hack needed in <=4.19 for s390] Signed-off-by: Jann Horn <jannh(a)google.com> --- added an incredibly ugly hack to work around the s390 issue reported in https://lore.kernel.org/all/Y5aaQqNH71IMVks0@sashalap/ include/asm-generic/tlb.h | 6 ++++++ mm/khugepaged.c | 15 +++++++++++++++ mm/memory.c | 5 +++++ 3 files changed, 26 insertions(+) diff --git a/include/asm-generic/tlb.h b/include/asm-generic/tlb.h index db72ad39853b..737f5cb0dc84 100644 --- a/include/asm-generic/tlb.h +++ b/include/asm-generic/tlb.h @@ -61,6 +61,12 @@ struct mmu_table_batch { extern void tlb_table_flush(struct mmu_gather *tlb); extern void tlb_remove_table(struct mmu_gather *tlb, void *table); +void tlb_remove_table_sync_one(void); + +#else + +static inline void tlb_remove_table_sync_one(void) { } + #endif /* diff --git a/mm/khugepaged.c b/mm/khugepaged.c index 5dd14ef2e1de..0f217bb9b534 100644 --- a/mm/khugepaged.c +++ b/mm/khugepaged.c @@ -23,6 +23,19 @@ #include <asm/pgalloc.h> #include "internal.h" +/* gross hack for <=4.19 stable */ +#ifdef CONFIG_S390 +static void tlb_remove_table_smp_sync(void *arg) +{ + /* Simply deliver the interrupt */ +} + +static void tlb_remove_table_sync_one(void) +{ + smp_call_function(tlb_remove_table_smp_sync, NULL, 1); +} +#endif + enum scan_result { SCAN_FAIL, SCAN_SUCCEED, @@ -1045,6 +1058,7 @@ static void collapse_huge_page(struct mm_struct *mm, _pmd = pmdp_collapse_flush(vma, address, pmd); spin_unlock(pmd_ptl); mmu_notifier_invalidate_range_end(mm, mmun_start, mmun_end); + tlb_remove_table_sync_one(); spin_lock(pte_ptl); isolated = __collapse_huge_page_isolate(vma, address, pte); @@ -1294,6 +1308,7 @@ static void retract_page_tables(struct address_space *mapping, pgoff_t pgoff) _pmd = pmdp_collapse_flush(vma, addr, pmd); spin_unlock(ptl); mm_dec_nr_ptes(mm); + tlb_remove_table_sync_one(); pte_free(mm, pmd_pgtable(_pmd)); } up_write(&mm->mmap_sem); diff --git a/mm/memory.c b/mm/memory.c index 800834cff4e6..b80ce6b3c8f4 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -362,6 +362,11 @@ static void tlb_remove_table_smp_sync(void *arg) /* Simply deliver the interrupt */ } +void tlb_remove_table_sync_one(void) +{ + smp_call_function(tlb_remove_table_smp_sync, NULL, 1); +} + static void tlb_remove_table_one(void *table) { /* base-commit: c1ccef20f08e192228a2056808113b453d18c094 -- 2.39.0.rc1.256.g54fd8350bd-goog

2 years, 8 months

2
5
0 0

[PATCH] VMCI: Use threaded irqs instead of tasklets

by vdasa＠vmware.com

From: Vishnu Dasa <vdasa(a)vmware.com> The vmci_dispatch_dgs() tasklet function calls vmci_read_data() which uses wait_event() resulting in invalid sleep in an atomic context (and therefore potentially in a deadlock). Use threaded irqs to fix this issue and completely remove usage of tasklets. [ 20.264639] BUG: sleeping function called from invalid context at drivers/misc/vmw_vmci/vmci_guest.c:145 [ 20.264643] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 762, name: vmtoolsd [ 20.264645] preempt_count: 101, expected: 0 [ 20.264646] RCU nest depth: 0, expected: 0 [ 20.264647] 1 lock held by vmtoolsd/762: [ 20.264648] #0: ffff0000874ae440 (sk_lock-AF_VSOCK){+.+.}-{0:0}, at: vsock_connect+0x60/0x330 [vsock] [ 20.264658] Preemption disabled at: [ 20.264659] [<ffff80000151d7d8>] vmci_send_datagram+0x44/0xa0 [vmw_vmci] [ 20.264665] CPU: 0 PID: 762 Comm: vmtoolsd Not tainted 5.19.0-0.rc8.20220727git39c3c396f813.60.fc37.aarch64 #1 [ 20.264667] Hardware name: VMware, Inc. VBSA/VBSA, BIOS VEFI 12/31/2020 [ 20.264668] Call trace: [ 20.264669] dump_backtrace+0xc4/0x130 [ 20.264672] show_stack+0x24/0x80 [ 20.264673] dump_stack_lvl+0x88/0xb4 [ 20.264676] dump_stack+0x18/0x34 [ 20.264677] __might_resched+0x1a0/0x280 [ 20.264679] __might_sleep+0x58/0x90 [ 20.264681] vmci_read_data+0x74/0x120 [vmw_vmci] [ 20.264683] vmci_dispatch_dgs+0x64/0x204 [vmw_vmci] [ 20.264686] tasklet_action_common.constprop.0+0x13c/0x150 [ 20.264688] tasklet_action+0x40/0x50 [ 20.264689] __do_softirq+0x23c/0x6b4 [ 20.264690] __irq_exit_rcu+0x104/0x214 [ 20.264691] irq_exit_rcu+0x1c/0x50 [ 20.264693] el1_interrupt+0x38/0x6c [ 20.264695] el1h_64_irq_handler+0x18/0x24 [ 20.264696] el1h_64_irq+0x68/0x6c [ 20.264697] preempt_count_sub+0xa4/0xe0 [ 20.264698] _raw_spin_unlock_irqrestore+0x64/0xb0 [ 20.264701] vmci_send_datagram+0x7c/0xa0 [vmw_vmci] [ 20.264703] vmci_datagram_dispatch+0x84/0x100 [vmw_vmci] [ 20.264706] vmci_datagram_send+0x2c/0x40 [vmw_vmci] [ 20.264709] vmci_transport_send_control_pkt+0xb8/0x120 [vmw_vsock_vmci_transport] [ 20.264711] vmci_transport_connect+0x40/0x7c [vmw_vsock_vmci_transport] [ 20.264713] vsock_connect+0x278/0x330 [vsock] [ 20.264715] __sys_connect_file+0x8c/0xc0 [ 20.264718] __sys_connect+0x84/0xb4 [ 20.264720] __arm64_sys_connect+0x2c/0x3c [ 20.264721] invoke_syscall+0x78/0x100 [ 20.264723] el0_svc_common.constprop.0+0x68/0x124 [ 20.264724] do_el0_svc+0x38/0x4c [ 20.264725] el0_svc+0x60/0x180 [ 20.264726] el0t_64_sync_handler+0x11c/0x150 [ 20.264728] el0t_64_sync+0x190/0x194 Signed-off-by: Vishnu Dasa <vdasa(a)vmware.com> Suggested-by: Zack Rusin <zackr(a)vmware.com> Reported-by: Nadav Amit <namit(a)vmware.com> Reported-by: Nathan Chancellor <nathan(a)kernel.org> Tested-by: Nathan Chancellor <nathan(a)kernel.org> Fixes: 463713eb6164 ("VMCI: dma dg: add support for DMA datagrams receive") Cc: <stable(a)vger.kernel.org> # v5.18+ Cc: VMware PV-Drivers Reviewers <pv-drivers(a)vmware.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Bryan Tan <bryantan(a)vmware.com> --- drivers/misc/vmw_vmci/vmci_guest.c | 49 ++++++++++++------------------ 1 file changed, 19 insertions(+), 30 deletions(-) diff --git a/drivers/misc/vmw_vmci/vmci_guest.c b/drivers/misc/vmw_vmci/vmci_guest.c index aa7b05de97dd..6ab717b4a5db 100644 --- a/drivers/misc/vmw_vmci/vmci_guest.c +++ b/drivers/misc/vmw_vmci/vmci_guest.c @@ -56,8 +56,6 @@ struct vmci_guest_device { bool exclusive_vectors; - struct tasklet_struct datagram_tasklet; - struct tasklet_struct bm_tasklet; struct wait_queue_head inout_wq; void *data_buffer; @@ -304,9 +302,8 @@ static int vmci_check_host_caps(struct pci_dev *pdev) * This function assumes that it has exclusive access to the data * in register(s) for the duration of the call. */ -static void vmci_dispatch_dgs(unsigned long data) +static void vmci_dispatch_dgs(struct vmci_guest_device *vmci_dev) { - struct vmci_guest_device *vmci_dev = (struct vmci_guest_device *)data; u8 *dg_in_buffer = vmci_dev->data_buffer; struct vmci_datagram *dg; size_t dg_in_buffer_size = VMCI_MAX_DG_SIZE; @@ -465,10 +462,8 @@ static void vmci_dispatch_dgs(unsigned long data) * Scans the notification bitmap for raised flags, clears them * and handles the notifications. */ -static void vmci_process_bitmap(unsigned long data) +static void vmci_process_bitmap(struct vmci_guest_device *dev) { - struct vmci_guest_device *dev = (struct vmci_guest_device *)data; - if (!dev->notification_bitmap) { dev_dbg(dev->dev, "No bitmap present in %s\n", __func__); return; @@ -486,13 +481,13 @@ static irqreturn_t vmci_interrupt(int irq, void *_dev) struct vmci_guest_device *dev = _dev; /* - * If we are using MSI-X with exclusive vectors then we simply schedule - * the datagram tasklet, since we know the interrupt was meant for us. + * If we are using MSI-X with exclusive vectors then we simply call + * vmci_dispatch_dgs(), since we know the interrupt was meant for us. * Otherwise we must read the ICR to determine what to do. */ if (dev->exclusive_vectors) { - tasklet_schedule(&dev->datagram_tasklet); + vmci_dispatch_dgs(dev); } else { unsigned int icr; @@ -502,12 +497,12 @@ static irqreturn_t vmci_interrupt(int irq, void *_dev) return IRQ_NONE; if (icr & VMCI_ICR_DATAGRAM) { - tasklet_schedule(&dev->datagram_tasklet); + vmci_dispatch_dgs(dev); icr &= ~VMCI_ICR_DATAGRAM; } if (icr & VMCI_ICR_NOTIFICATION) { - tasklet_schedule(&dev->bm_tasklet); + vmci_process_bitmap(dev); icr &= ~VMCI_ICR_NOTIFICATION; } @@ -536,7 +531,7 @@ static irqreturn_t vmci_interrupt_bm(int irq, void *_dev) struct vmci_guest_device *dev = _dev; /* For MSI-X we can just assume it was meant for us. */ - tasklet_schedule(&dev->bm_tasklet); + vmci_process_bitmap(dev); return IRQ_HANDLED; } @@ -638,10 +633,6 @@ static int vmci_guest_probe_device(struct pci_dev *pdev, vmci_dev->iobase = iobase; vmci_dev->mmio_base = mmio_base; - tasklet_init(&vmci_dev->datagram_tasklet, - vmci_dispatch_dgs, (unsigned long)vmci_dev); - tasklet_init(&vmci_dev->bm_tasklet, - vmci_process_bitmap, (unsigned long)vmci_dev); init_waitqueue_head(&vmci_dev->inout_wq); if (mmio_base != NULL) { @@ -808,8 +799,9 @@ static int vmci_guest_probe_device(struct pci_dev *pdev, * Request IRQ for legacy or MSI interrupts, or for first * MSI-X vector. */ - error = request_irq(pci_irq_vector(pdev, 0), vmci_interrupt, - IRQF_SHARED, KBUILD_MODNAME, vmci_dev); + error = request_threaded_irq(pci_irq_vector(pdev, 0), NULL, + vmci_interrupt, IRQF_SHARED, + KBUILD_MODNAME, vmci_dev); if (error) { dev_err(&pdev->dev, "Irq %u in use: %d\n", pci_irq_vector(pdev, 0), error); @@ -823,9 +815,9 @@ static int vmci_guest_probe_device(struct pci_dev *pdev, * between the vectors. */ if (vmci_dev->exclusive_vectors) { - error = request_irq(pci_irq_vector(pdev, 1), - vmci_interrupt_bm, 0, KBUILD_MODNAME, - vmci_dev); + error = request_threaded_irq(pci_irq_vector(pdev, 1), NULL, + vmci_interrupt_bm, 0, + KBUILD_MODNAME, vmci_dev); if (error) { dev_err(&pdev->dev, "Failed to allocate irq %u: %d\n", @@ -833,9 +825,11 @@ static int vmci_guest_probe_device(struct pci_dev *pdev, goto err_free_irq; } if (caps_in_use & VMCI_CAPS_DMA_DATAGRAM) { - error = request_irq(pci_irq_vector(pdev, 2), - vmci_interrupt_dma_datagram, - 0, KBUILD_MODNAME, vmci_dev); + error = request_threaded_irq(pci_irq_vector(pdev, 2), + NULL, + vmci_interrupt_dma_datagram, + 0, KBUILD_MODNAME, + vmci_dev); if (error) { dev_err(&pdev->dev, "Failed to allocate irq %u: %d\n", @@ -871,8 +865,6 @@ static int vmci_guest_probe_device(struct pci_dev *pdev, err_free_irq: free_irq(pci_irq_vector(pdev, 0), vmci_dev); - tasklet_kill(&vmci_dev->datagram_tasklet); - tasklet_kill(&vmci_dev->bm_tasklet); err_disable_msi: pci_free_irq_vectors(pdev); @@ -943,9 +935,6 @@ static void vmci_guest_remove_device(struct pci_dev *pdev) free_irq(pci_irq_vector(pdev, 0), vmci_dev); pci_free_irq_vectors(pdev); - tasklet_kill(&vmci_dev->datagram_tasklet); - tasklet_kill(&vmci_dev->bm_tasklet); - if (vmci_dev->notification_bitmap) { /* * The device reset above cleared the bitmap state of the -- 2.34.1

2 years, 8 months

3
2
0 0

[PATCH] docs: gdbmacros: print newest record

by John Ogness

@head_id points to the newest record, but the printing loop exits when it increments to this value (before printing). Exit the printing loop after the newest record has been printed. The python-based function in scripts/gdb/linux/dmesg.py already does this correctly. Fixes: e60768311af8 ("scripts/gdb: update for lockless printk ringbuffer") Cc: stable(a)vger.kernel.org Signed-off-by: John Ogness <john.ogness(a)linutronix.de> --- Documentation/admin-guide/kdump/gdbmacros.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Documentation/admin-guide/kdump/gdbmacros.txt b/Documentation/admin-guide/kdump/gdbmacros.txt index 82aecdcae8a6..030de95e3e6b 100644 --- a/Documentation/admin-guide/kdump/gdbmacros.txt +++ b/Documentation/admin-guide/kdump/gdbmacros.txt @@ -312,10 +312,10 @@ define dmesg set var $prev_flags = $info->flags end - set var $id = ($id + 1) & $id_mask if ($id == $end_id) loop_break end + set var $id = ($id + 1) & $id_mask end end document dmesg base-commit: 1b929c02afd37871d5afb9d498426f83432e71c2 -- 2.30.2

2 years, 8 months

2
2
0 0

[PATCH v2] usb: xhci: Check endpoint is valid before dereferencing it

by Jimmy Hu

When the host controller is not responding, all URBs queued to all endpoints need to be killed. This can cause a kernel panic if we dereference an invalid endpoint. Fix this by using xhci_get_virt_ep() helper to find the endpoint and checking if the endpoint is valid before dereferencing it. [233311.853271] xhci-hcd xhci-hcd.1.auto: xHCI host controller not responding, assume dead [233311.853393] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000e8 [233311.853964] pc : xhci_hc_died+0x10c/0x270 [233311.853971] lr : xhci_hc_died+0x1ac/0x270 [233311.854077] Call trace: [233311.854085] xhci_hc_died+0x10c/0x270 [233311.854093] xhci_stop_endpoint_command_watchdog+0x100/0x1a4 [233311.854105] call_timer_fn+0x50/0x2d4 [233311.854112] expire_timers+0xac/0x2e4 [233311.854118] run_timer_softirq+0x300/0xabc [233311.854127] __do_softirq+0x148/0x528 [233311.854135] irq_exit+0x194/0x1a8 [233311.854143] __handle_domain_irq+0x164/0x1d0 [233311.854149] gic_handle_irq.22273+0x10c/0x188 [233311.854156] el1_irq+0xfc/0x1a8 [233311.854175] lpm_cpuidle_enter+0x25c/0x418 [msm_pm] [233311.854185] cpuidle_enter_state+0x1f0/0x764 [233311.854194] do_idle+0x594/0x6ac [233311.854201] cpu_startup_entry+0x7c/0x80 [233311.854209] secondary_start_kernel+0x170/0x198 Fixes: 50e8725e7c42 ("xhci: Refactor command watchdog and fix split string.") Cc: stable(a)vger.kernel.org Signed-off-by: Jimmy Hu <hhhuuu(a)google.com> --- drivers/usb/host/xhci-ring.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c index ddc30037f9ce..f5b0e1ce22af 100644 --- a/drivers/usb/host/xhci-ring.c +++ b/drivers/usb/host/xhci-ring.c @@ -1169,7 +1169,10 @@ static void xhci_kill_endpoint_urbs(struct xhci_hcd *xhci, struct xhci_virt_ep *ep; struct xhci_ring *ring; - ep = &xhci->devs[slot_id]->eps[ep_index]; + ep = xhci_get_virt_ep(xhci, slot_id, ep_index); + if (!ep) + return; + if ((ep->ep_state & EP_HAS_STREAMS) || (ep->ep_state & EP_GETTING_NO_STREAMS)) { int stream_id; -- 2.39.0.314.g84b9a713c41-goog

2 years, 8 months

3
7
0 0

[PATCH v6] ufs: core: wlun suspend SSU/enter hibern8 fail recovery

by peter.wang＠mediatek.com

From: Peter Wang <peter.wang(a)mediatek.com> When SSU/enter hibern8 fail in wlun suspend flow, trigger error handler and return busy to break the suspend. If not, wlun runtime pm status become error and the consumer will stuck in runtime suspend status. Fixes: b294ff3e3449 ("scsi: ufs: core: Enable power management for wlun") Cc: stable(a)vger.kernel.org Signed-off-by: Peter Wang <peter.wang(a)mediatek.com> Reviewed-by: Stanley Chu <stanley.chu(a)mediatek.com> Reviewed-by: Bart Van Assche <bvanassche(a)acm.org> Reviewed-by: Adrian Hunter <adrian.hunter(a)intel.com> --- drivers/ufs/core/ufshcd.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/drivers/ufs/core/ufshcd.c b/drivers/ufs/core/ufshcd.c index b1f59a5fe632..31ed3fdb5266 100644 --- a/drivers/ufs/core/ufshcd.c +++ b/drivers/ufs/core/ufshcd.c @@ -6070,6 +6070,14 @@ void ufshcd_schedule_eh_work(struct ufs_hba *hba) } } +static void ufshcd_force_error_recovery(struct ufs_hba *hba) +{ + spin_lock_irq(hba->host->host_lock); + hba->force_reset = true; + ufshcd_schedule_eh_work(hba); + spin_unlock_irq(hba->host->host_lock); +} + static void ufshcd_clk_scaling_allow(struct ufs_hba *hba, bool allow) { down_write(&hba->clk_scaling_lock); @@ -9049,6 +9057,15 @@ static int __ufshcd_wl_suspend(struct ufs_hba *hba, enum ufs_pm_op pm_op) if (!hba->dev_info.b_rpm_dev_flush_capable) { ret = ufshcd_set_dev_pwr_mode(hba, req_dev_pwr_mode); + if (ret && pm_op != UFS_SHUTDOWN_PM) { + /* + * If return err in suspend flow, IO will hang. + * Trigger error handler and break suspend for + * error recovery. + */ + ufshcd_force_error_recovery(hba); + ret = -EBUSY; + } if (ret) goto enable_scaling; } @@ -9060,6 +9077,15 @@ static int __ufshcd_wl_suspend(struct ufs_hba *hba, enum ufs_pm_op pm_op) */ check_for_bkops = !ufshcd_is_ufs_dev_deepsleep(hba); ret = ufshcd_link_state_transition(hba, req_link_state, check_for_bkops); + if (ret && pm_op != UFS_SHUTDOWN_PM) { + /* + * If return err in suspend flow, IO will hang. + * Trigger error handler and break suspend for + * error recovery. + */ + ufshcd_force_error_recovery(hba); + ret = -EBUSY; + } if (ret) goto set_dev_active; -- 2.18.0

2 years, 8 months

5
5
0 0

[PATCH v4] media: uvcvideo: Fix race condition with usb_kill_urb

by Ricardo Ribalda

usb_kill_urb warranties that all the handlers are finished when it returns, but does not protect against threads that might be handling asynchronously the urb. For UVC, the function uvc_ctrl_status_event_async() takes care of control changes asynchronously. If the code is executed in the following order: CPU 0 CPU 1 ===== ===== uvc_status_complete() uvc_status_stop() uvc_ctrl_status_event_work() uvc_status_start() -> FAIL Then uvc_status_start will keep failing and this error will be shown: <4>[ 5.540139] URB 0000000000000000 submitted while active drivers/usb/core/urb.c:378 usb_submit_urb+0x4c3/0x528 Let's improve the current situation, by not re-submiting the urb if we are stopping the status event. Also process the queued work (if any) during stop. CPU 0 CPU 1 ===== ===== uvc_status_complete() uvc_status_stop() uvc_status_start() uvc_ctrl_status_event_work() -> FAIL Hopefully, with the usb layer protection this should be enough to cover all the cases. Cc: stable(a)vger.kernel.org Fixes: e5225c820c05 ("media: uvcvideo: Send a control event when a Control Change interrupt arrives") Reviewed-by: Yunke Cao <yunkec(a)chromium.org> Signed-off-by: Ricardo Ribalda <ribalda(a)chromium.org> --- uvc: Fix race condition on uvc Make sure that all the async work is finished when we stop the status urb. To: Yunke Cao <yunkec(a)chromium.org> To: Sergey Senozhatsky <senozhatsky(a)chromium.org> To: Max Staudt <mstaudt(a)google.com> To: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> To: Mauro Carvalho Chehab <mchehab(a)kernel.org> Cc: linux-media(a)vger.kernel.org Cc: linux-kernel(a)vger.kernel.org --- Changes in v4: - Replace bool with atomic_t to avoid compiler reordering - First complete the async work and then kill the urb to avoid race (Thanks Laurent!) - Link to v3: https://lore.kernel.org/r/20221212-uvc-race-v3-0-954efc752c9a@chromium.org Changes in v3: - Remove the patch for dev->status, makes more sense in another series, and makes the zero day less nervous. - Update reviewed-by (thanks Yunke!). - Link to v2: https://lore.kernel.org/r/20221212-uvc-race-v2-0-54496cc3b8ab@chromium.org Changes in v2: - Add a patch for not kalloc dev->status - Redo the logic mechanism, so it also works with suspend (Thanks Yunke!) - Link to v1: https://lore.kernel.org/r/20221212-uvc-race-v1-0-c52e1783c31d@chromium.org --- drivers/media/usb/uvc/uvc_ctrl.c | 3 +++ drivers/media/usb/uvc/uvc_status.c | 6 ++++++ drivers/media/usb/uvc/uvcvideo.h | 1 + 3 files changed, 10 insertions(+) diff --git a/drivers/media/usb/uvc/uvc_ctrl.c b/drivers/media/usb/uvc/uvc_ctrl.c index c95a2229f4fa..1be6897a7d6d 100644 --- a/drivers/media/usb/uvc/uvc_ctrl.c +++ b/drivers/media/usb/uvc/uvc_ctrl.c @@ -1442,6 +1442,9 @@ static void uvc_ctrl_status_event_work(struct work_struct *work) uvc_ctrl_status_event(w->chain, w->ctrl, w->data); + if (atomic_read(&dev->flush_status)) + return; + /* Resubmit the URB. */ w->urb->interval = dev->int_ep->desc.bInterval; ret = usb_submit_urb(w->urb, GFP_KERNEL); diff --git a/drivers/media/usb/uvc/uvc_status.c b/drivers/media/usb/uvc/uvc_status.c index 7518ffce22ed..4a95850cdc1b 100644 --- a/drivers/media/usb/uvc/uvc_status.c +++ b/drivers/media/usb/uvc/uvc_status.c @@ -304,10 +304,16 @@ int uvc_status_start(struct uvc_device *dev, gfp_t flags) if (dev->int_urb == NULL) return 0; + atomic_set(&dev->flush_status, 0); return usb_submit_urb(dev->int_urb, flags); } void uvc_status_stop(struct uvc_device *dev) { + struct uvc_ctrl_work *w = &dev->async_ctrl; + + atomic_set(&dev->flush_status, 1); + if (cancel_work_sync(&w->work)) + uvc_ctrl_status_event(w->chain, w->ctrl, w->data); usb_kill_urb(dev->int_urb); } diff --git a/drivers/media/usb/uvc/uvcvideo.h b/drivers/media/usb/uvc/uvcvideo.h index df93db259312..1274691f157f 100644 --- a/drivers/media/usb/uvc/uvcvideo.h +++ b/drivers/media/usb/uvc/uvcvideo.h @@ -560,6 +560,7 @@ struct uvc_device { struct usb_host_endpoint *int_ep; struct urb *int_urb; u8 *status; + atomic_t flush_status; struct input_dev *input; char input_phys[64]; --- base-commit: 0ec5a38bf8499f403f81cb81a0e3a60887d1993c change-id: 20221212-uvc-race-09276ea68bf8 Best regards, -- Ricardo Ribalda <ribalda(a)chromium.org>

2 years, 8 months

2
5
0 0

[PATCH v2 1/1] Revert "usb: ulpi: defer ulpi_register on ulpi_read_id timeout"

by Ferry Toth

This reverts commit 8a7b31d545d3a15f0e6f5984ae16f0ca4fd76aac. This patch results in some qemu test failures, specifically xilinx-zynq-a9 machine and zynq-zc702 as well as zynq-zed devicetree files, when trying to boot from USB drive. Fixes: 8a7b31d545d3 ("usb: ulpi: defer ulpi_register on ulpi_read_id timeout") Reported-by: Guenter Roeck <linux(a)roeck-us.net> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/lkml/20221220194334.GA942039@roeck-us.net/ Signed-off-by: Ferry Toth <ftoth(a)exalondelft.nl> --- drivers/usb/common/ulpi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/common/ulpi.c b/drivers/usb/common/ulpi.c index 60e8174686a1..d7c8461976ce 100644 --- a/drivers/usb/common/ulpi.c +++ b/drivers/usb/common/ulpi.c @@ -207,7 +207,7 @@ static int ulpi_read_id(struct ulpi *ulpi) /* Test the interface */ ret = ulpi_write(ulpi, ULPI_SCRATCH, 0xaa); if (ret < 0) - return ret; + goto err; ret = ulpi_read(ulpi, ULPI_SCRATCH); if (ret < 0) -- 2.37.2

2 years, 8 months

2
1
0 0

[PATCH v2] ext4: Fix possible use-after-free in ext4_find_extent

by Tudor Ambarus

syzbot reported a use-after-free Read in ext4_find_extent that is hit when using a corrupted file system. The bug was reported on Android 5.15, but using the same reproducer triggers the bug on v6.2-rc1 as well. Fix the use-after-free by checking the extent header magic. An alternative would be to check the values of EXT4_{FIRST,LAST}_{EXTENT,INDEX} used in ext4_ext_binsearch() and ext4_ext_binsearch_idx(), so that we make sure that pointers returned by EXT4_{FIRST,LAST}_{EXTENT,INDEX} don't exceed the bounds of the extent tree node. But this alternative will not squash the bug for the cases where eh->eh_entries fit into eh->eh_max. We could also try to check the sanity of the path, but costs more than checking just the header magic, so stick to the header magic sanity check. Link: https://syzkaller.appspot.com/bug?id=be6e90ce70987950e6deb3bac8418344ca8b96… Reported-by: syzbot+0827b4b52b5ebf65f219(a)syzkaller.appspotmail.com Cc: stable(a)vger.kernel.org Signed-off-by: Tudor Ambarus <tudor.ambarus(a)linaro.org> --- v2: drop wrong/uneeded le16_to_cpu() conversion for eh->eh_magic fs/ext4/extents.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c index 9de1c9d1a13d..bedc8c098449 100644 --- a/fs/ext4/extents.c +++ b/fs/ext4/extents.c @@ -894,6 +894,12 @@ ext4_find_extent(struct inode *inode, ext4_lblk_t block, gfp_flags |= __GFP_NOFAIL; eh = ext_inode_hdr(inode); + if (eh->eh_magic != EXT4_EXT_MAGIC) { + EXT4_ERROR_INODE(inode, "Extent header has invalid magic."); + ret = -EFSCORRUPTED; + goto err; + } + depth = ext_depth(inode); if (depth < 0 || depth > EXT4_MAX_EXTENT_DEPTH) { EXT4_ERROR_INODE(inode, "inode has invalid extent depth: %d", -- 2.34.1

2 years, 8 months

3
5
0 0

[PATCH] ASoC: qcom: lpass-cpu: Fix fallback SD line index handling

by Brian Norris

These indices should reference the ID placed within the dai_driver array, not the indices of the array itself. This fixes commit 4ff028f6c108 ("ASoC: qcom: lpass-cpu: Make I2S SD lines configurable"), which among others, broke IPQ8064 audio (sound/soc/qcom/lpass-ipq806x.c) because it uses ID 4 but we'd stop initializing the mi2s_playback_sd_mode and mi2s_capture_sd_mode arrays at ID 0. Fixes: 4ff028f6c108 ("ASoC: qcom: lpass-cpu: Make I2S SD lines configurable") Cc: <stable(a)vger.kernel.org> Signed-off-by: Brian Norris <computersforpeace(a)gmail.com> --- sound/soc/qcom/lpass-cpu.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sound/soc/qcom/lpass-cpu.c b/sound/soc/qcom/lpass-cpu.c index 54353842dc07..dbdaaa85ce48 100644 --- a/sound/soc/qcom/lpass-cpu.c +++ b/sound/soc/qcom/lpass-cpu.c @@ -1037,10 +1037,11 @@ static void of_lpass_cpu_parse_dai_data(struct device *dev, struct lpass_data *data) { struct device_node *node; - int ret, id; + int ret, i, id; /* Allow all channels by default for backwards compatibility */ - for (id = 0; id < data->variant->num_dai; id++) { + for (i = 0; i < data->variant->num_dai; i++) { + id = data->variant->dai_driver[i].id; data->mi2s_playback_sd_mode[id] = LPAIF_I2SCTL_MODE_8CH; data->mi2s_capture_sd_mode[id] = LPAIF_I2SCTL_MODE_8CH; } -- 2.39.0

2 years, 8 months

3
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror December 2022