October 2024 - Linux-stable-mirror

by Mario Limonciello

Hi, "Panel replay" is a power saving technology that some display panels support. During 6.11 development we had to turn off panel replay due to reports of regressions. Those regressions have now been fixed, and I've confirmed that panel replay works again properly on 6.11 with the following series of commits. Can you please consider taking these back to 6.11.y so that users with these panels can get their power savings back? commit b68417613d41 ("drm/amd/display: Disable replay if VRR capability is false") commit f91a9af09dea ("drm/amd/display: Fix VRR cannot enable") commit df18a4de9e77 ("drm/amd/display: Reset VRR config during resume") commit be64336307a6 ("drm/amd/display: Re-enable panel replay feature") Thanks!

1 year

2
1
0 0

[PATCH 6.1] f2fs: Require FMODE_WRITE for atomic write ioctls

by Eric Biggers

From: Jann Horn <jannh(a)google.com> commit 4f5a100f87f32cb65d4bb1ad282a08c92f6f591e upstream. The F2FS ioctls for starting and committing atomic writes check for inode_owner_or_capable(), but this does not give LSMs like SELinux or Landlock an opportunity to deny the write access - if the caller's FSUID matches the inode's UID, inode_owner_or_capable() immediately returns true. There are scenarios where LSMs want to deny a process the ability to write particular files, even files that the FSUID of the process owns; but this can currently partially be bypassed using atomic write ioctls in two ways: - F2FS_IOC_START_ATOMIC_REPLACE + F2FS_IOC_COMMIT_ATOMIC_WRITE can truncate an inode to size 0 - F2FS_IOC_START_ATOMIC_WRITE + F2FS_IOC_ABORT_ATOMIC_WRITE can revert changes another process concurrently made to a file Fix it by requiring FMODE_WRITE for these operations, just like for F2FS_IOC_MOVE_RANGE. Since any legitimate caller should only be using these ioctls when intending to write into the file, that seems unlikely to break anything. Fixes: 88b88a667971 ("f2fs: support atomic writes") Cc: stable(a)vger.kernel.org Signed-off-by: Jann Horn <jannh(a)google.com> Reviewed-by: Chao Yu <chao(a)kernel.org> Reviewed-by: Eric Biggers <ebiggers(a)google.com> Signed-off-by: Jaegeuk Kim <jaegeuk(a)kernel.org> Signed-off-by: Eric Biggers <ebiggers(a)google.com> --- fs/f2fs/file.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c index 62f2521cd955e..2982cc5b37d78 100644 --- a/fs/f2fs/file.c +++ b/fs/f2fs/file.c @@ -2103,10 +2103,13 @@ static int f2fs_ioc_start_atomic_write(struct file *filp) struct f2fs_sb_info *sbi = F2FS_I_SB(inode); struct inode *pinode; loff_t isize; int ret; + if (!(filp->f_mode & FMODE_WRITE)) + return -EBADF; + if (!inode_owner_or_capable(mnt_userns, inode)) return -EACCES; if (!S_ISREG(inode->i_mode)) return -EINVAL; @@ -2200,10 +2203,13 @@ static int f2fs_ioc_commit_atomic_write(struct file *filp) { struct inode *inode = file_inode(filp); struct user_namespace *mnt_userns = file_mnt_user_ns(filp); int ret; + if (!(filp->f_mode & FMODE_WRITE)) + return -EBADF; + if (!inode_owner_or_capable(mnt_userns, inode)) return -EACCES; ret = mnt_want_write_file(filp); if (ret) @@ -2232,10 +2238,13 @@ static int f2fs_ioc_abort_atomic_write(struct file *filp) { struct inode *inode = file_inode(filp); struct user_namespace *mnt_userns = file_mnt_user_ns(filp); int ret; + if (!(filp->f_mode & FMODE_WRITE)) + return -EBADF; + if (!inode_owner_or_capable(mnt_userns, inode)) return -EACCES; ret = mnt_want_write_file(filp); if (ret) base-commit: aa4cd140bba57b7064b4c7a7141bebd336d32087 -- 2.47.0.rc0.187.ge670bccf7e-goog

1 year

2
1
0 0

Please apply 0a6ad4d9e169 ("e1000e: avoid failing the system during pm_suspend") to 6.11.y

by Salvatore Bonaccorso

Hi, Andreas Beckmann reported in Debian in https://bugs.debian.org/1082795 that the commit 0a6ad4d9e169 ("e1000e: avoid failing the system during pm_suspend") indeed fixed his with suspending with his Lenovo Thinkpad T16 Gen 3, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082795#21 confirms the fix. Regards, Salvatore

1 year

2
1
0 0

[PATCH 2/4] ACPI: resource: Make Asus ExpertBook B2502 matches cover more models

by Hans de Goede

Like the various 14" Asus ExpertBook B2 B2402* models there are also 4 variants of the 15" Asus ExpertBook B2 B2502* models: B2502CBA: 12th gen Intel CPU, non flip B2502FBA: 12th gen Intel CPU, flip B2502CVA: 13th gen Intel CPU, non flip B2502FVA: 13th gen Intel CPU, flip Currently there already are DMI quirks for the B2502CBA, B2502FBA and B2502CVA models. Asus website shows that there also is a B2502FVA. Rather then adding a 4th quirk fold the 3 existing quirks into a single quirk covering B2502* to also cover the last model while at the same time reducing the number of quirks. Cc: All applicable <stable(a)vger.kernel.org> Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> --- drivers/acpi/resource.c | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) diff --git a/drivers/acpi/resource.c b/drivers/acpi/resource.c index cbe51ae6ae25..0eb52e372467 100644 --- a/drivers/acpi/resource.c +++ b/drivers/acpi/resource.c @@ -490,24 +490,10 @@ static const struct dmi_system_id irq1_level_low_skip_override[] = { }, }, { - /* Asus ExpertBook B2502 */ + /* Asus ExpertBook B2502 (B2502CBA / B2502FBA / B2502CVA / B2502FVA) */ .matches = { DMI_MATCH(DMI_SYS_VENDOR, "ASUSTeK COMPUTER INC."), - DMI_MATCH(DMI_BOARD_NAME, "B2502CBA"), - }, - }, - { - /* Asus ExpertBook B2502FBA */ - .matches = { - DMI_MATCH(DMI_SYS_VENDOR, "ASUSTeK COMPUTER INC."), - DMI_MATCH(DMI_BOARD_NAME, "B2502FBA"), - }, - }, - { - /* Asus ExpertBook B2502CVA */ - .matches = { - DMI_MATCH(DMI_SYS_VENDOR, "ASUSTeK COMPUTER INC."), - DMI_MATCH(DMI_BOARD_NAME, "B2502CVA"), + DMI_MATCH(DMI_BOARD_NAME, "B2502"), }, }, { -- 2.46.2

1 year

1
0
0 0

[PATCH 1/4] ACPI: resource: Make Asus ExpertBook B2402 matches cover more models

by Hans de Goede

The Asus ExpertBook B2402CBA / B2402FBA are the non flip / flip versions of the 14" Asus ExpertBook B2 with 12th gen Intel processors. It has been reported that the B2402FVA which is the 14" Asus ExpertBook B2 flip with 13th gen Intel processors needs to skip the IRQ override too. And looking at Asus website there also is a B2402CVA which is the non flip model with 13th gen Intel processors. Summarizing the following 4 models of the Asus ExpertBook B2 are known: B2402CBA: 12th gen Intel CPU, non flip B2402FBA: 12th gen Intel CPU, flip B2402CVA: 13th gen Intel CPU, non flip B2402FVA: 13th gen Intel CPU, flip Fold the 2 existing quirks for the B2402CBA and B2402FBA into a single quirk covering B2402* to also cover the 2 other models while at the same time reducing the number of quirks. Reported-by: Stefan Blum <stefan.blum(a)gmail.com> Closes: https://lore.kernel.org/platform-driver-x86/a983e6d5-c7ab-4758-be9b-7dcfc1b… Cc: All applicable <stable(a)vger.kernel.org> Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> --- drivers/acpi/resource.c | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/drivers/acpi/resource.c b/drivers/acpi/resource.c index 3d74ebe9dbd8..cbe51ae6ae25 100644 --- a/drivers/acpi/resource.c +++ b/drivers/acpi/resource.c @@ -483,17 +483,10 @@ static const struct dmi_system_id irq1_level_low_skip_override[] = { }, }, { - /* Asus ExpertBook B2402CBA */ + /* Asus ExpertBook B2402 (B2402CBA / B2402FBA / B2402CVA / B2402FVA) */ .matches = { DMI_MATCH(DMI_SYS_VENDOR, "ASUSTeK COMPUTER INC."), - DMI_MATCH(DMI_BOARD_NAME, "B2402CBA"), - }, - }, - { - /* Asus ExpertBook B2402FBA */ - .matches = { - DMI_MATCH(DMI_SYS_VENDOR, "ASUSTeK COMPUTER INC."), - DMI_MATCH(DMI_BOARD_NAME, "B2402FBA"), + DMI_MATCH(DMI_BOARD_NAME, "B2402"), }, }, { -- 2.46.2

1 year

1
0
0 0

[PATCH v3] platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug

by Zach Wade

Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bounds". kasan report: [ 19.411889] ================================================================== [ 19.413702] BUG: KASAN: slab-out-of-bounds in _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common] [ 19.415634] Read of size 8 at addr ffff888829e65200 by task cpuhp/16/113 [ 19.417368] [ 19.418627] CPU: 16 PID: 113 Comm: cpuhp/16 Tainted: G E 6.9.0 #10 [ 19.420435] Hardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.20192059.B64.2207280713 07/28/2022 [ 19.422687] Call Trace: [ 19.424091] <TASK> [ 19.425448] dump_stack_lvl+0x5d/0x80 [ 19.426963] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common] [ 19.428694] print_report+0x19d/0x52e [ 19.430206] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 19.431837] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common] [ 19.433539] kasan_report+0xf0/0x170 [ 19.435019] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common] [ 19.436709] _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common] [ 19.438379] ? __pfx_sched_clock_cpu+0x10/0x10 [ 19.439910] isst_if_cpu_online+0x406/0x58f [isst_if_common] [ 19.441573] ? __pfx_isst_if_cpu_online+0x10/0x10 [isst_if_common] [ 19.443263] ? ttwu_queue_wakelist+0x2c1/0x360 [ 19.444797] cpuhp_invoke_callback+0x221/0xec0 [ 19.446337] cpuhp_thread_fun+0x21b/0x610 [ 19.447814] ? __pfx_cpuhp_thread_fun+0x10/0x10 [ 19.449354] smpboot_thread_fn+0x2e7/0x6e0 [ 19.450859] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 19.452405] kthread+0x29c/0x350 [ 19.453817] ? __pfx_kthread+0x10/0x10 [ 19.455253] ret_from_fork+0x31/0x70 [ 19.456685] ? __pfx_kthread+0x10/0x10 [ 19.458114] ret_from_fork_asm+0x1a/0x30 [ 19.459573] </TASK> [ 19.460853] [ 19.462055] Allocated by task 1198: [ 19.463410] kasan_save_stack+0x30/0x50 [ 19.464788] kasan_save_track+0x14/0x30 [ 19.466139] __kasan_kmalloc+0xaa/0xb0 [ 19.467465] __kmalloc+0x1cd/0x470 [ 19.468748] isst_if_cdev_register+0x1da/0x350 [isst_if_common] [ 19.470233] isst_if_mbox_init+0x108/0xff0 [isst_if_mbox_msr] [ 19.471670] do_one_initcall+0xa4/0x380 [ 19.472903] do_init_module+0x238/0x760 [ 19.474105] load_module+0x5239/0x6f00 [ 19.475285] init_module_from_file+0xd1/0x130 [ 19.476506] idempotent_init_module+0x23b/0x650 [ 19.477725] __x64_sys_finit_module+0xbe/0x130 [ 19.476506] idempotent_init_module+0x23b/0x650 [ 19.477725] __x64_sys_finit_module+0xbe/0x130 [ 19.478920] do_syscall_64+0x82/0x160 [ 19.480036] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 19.481292] [ 19.482205] The buggy address belongs to the object at ffff888829e65000 which belongs to the cache kmalloc-512 of size 512 [ 19.484818] The buggy address is located 0 bytes to the right of allocated 512-byte region [ffff888829e65000, ffff888829e65200) [ 19.487447] [ 19.488328] The buggy address belongs to the physical page: [ 19.489569] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888829e60c00 pfn:0x829e60 [ 19.491140] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.492466] anon flags: 0x57ffffc0000840(slab|head|node=1|zone=2|lastcpupid=0x1fffff) [ 19.493914] page_type: 0xffffffff() [ 19.494988] raw: 0057ffffc0000840 ffff88810004cc80 0000000000000000 0000000000000001 [ 19.496451] raw: ffff888829e60c00 0000000080200018 00000001ffffffff 0000000000000000 [ 19.497906] head: 0057ffffc0000840 ffff88810004cc80 0000000000000000 0000000000000001 [ 19.499379] head: ffff888829e60c00 0000000080200018 00000001ffffffff 0000000000000000 [ 19.500844] head: 0057ffffc0000003 ffffea0020a79801 ffffea0020a79848 00000000ffffffff [ 19.502316] head: 0000000800000000 0000000000000000 00000000ffffffff 0000000000000000 [ 19.503784] page dumped because: kasan: bad access detected [ 19.505058] [ 19.505970] Memory state around the buggy address: [ 19.507172] ffff888829e65100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.508599] ffff888829e65180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.510013] >ffff888829e65200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.510014] ^ [ 19.510016] ffff888829e65280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.510018] ffff888829e65300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.515367] ================================================================== The reason for this error is physical_package_ids assigned by VMware VMM are not continuous and have gaps. This will cause value returned by topology_physical_package_id() to be more than topology_max_packages(). Here the allocation uses topology_max_packages(). The call to topology_max_packages() returns maximum logical package ID not physical ID. Hence use topology_logical_package_id() instead of topology_physical_package_id(). Fixes: 9a1aac8a96dc ("platform/x86: ISST: PUNIT device mapping with Sub-NUMA clustering") Signed-off-by: Zach Wade <zachwade.k(a)gmail.com> --- drivers/platform/x86/intel/speed_select_if/isst_if_common.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/platform/x86/intel/speed_select_if/isst_if_common.c b/drivers/platform/x86/intel/speed_select_if/isst_if_common.c index 10e21563fa46..030c33070b84 100644 --- a/drivers/platform/x86/intel/speed_select_if/isst_if_common.c +++ b/drivers/platform/x86/intel/speed_select_if/isst_if_common.c @@ -316,7 +316,9 @@ static struct pci_dev *_isst_if_get_pci_dev(int cpu, int bus_no, int dev, int fn cpu >= nr_cpu_ids || cpu >= num_possible_cpus()) return NULL; - pkg_id = topology_physical_package_id(cpu); + pkg_id = topology_logical_package_id(cpu); + if (pkg_id >= topology_max_packages()) + return NULL; bus_number = isst_cpu_info[cpu].bus_info[bus_no]; if (bus_number < 0) -- 2.46.0

1 year

3
2
0 0

[PATCH v1] mpi3mr: Validating SAS port assignments

by Ranjan Kumar

Sanity on phy_mask was added by Tomas through [1]. It causes warning messages when >64 phys are detected (expander can have >64 phys) and devices connected to phys greater than 64 are dropped. phy_mask bitmap is only needed for controller phys(not required for expander phys).Controller phys can go maximum up to 64 and u64 is good enough to contain phy_mask bitmap. To suppress those warnings and allow devices to be discovered as before the [1], restrict the phy_mask setting and lowest phy setting only to the controller phys. [1]:https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/ drivers/scsi/mpi3mr?h=6.12/ scsi-queue&id=3668651def2c1622904e58b0280ee93121f2b10b Fixes: 3668651def2c ("mpi3mr: Sanitise num_phys") Cc: stable(a)vger.kernel.org Reported-by: Alexander Motin <mav(a)ixsystems.com> Signed-off-by: Ranjan Kumar <ranjan.kumar(a)broadcom.com> --- drivers/scsi/mpi3mr/mpi3mr.h | 4 +-- drivers/scsi/mpi3mr/mpi3mr_transport.c | 39 +++++++++++++++++--------- 2 files changed, 27 insertions(+), 16 deletions(-) diff --git a/drivers/scsi/mpi3mr/mpi3mr.h b/drivers/scsi/mpi3mr/mpi3mr.h index dc2cdd5f0311..3822efe349e1 100644 --- a/drivers/scsi/mpi3mr/mpi3mr.h +++ b/drivers/scsi/mpi3mr/mpi3mr.h @@ -541,8 +541,8 @@ struct mpi3mr_hba_port { * @port_list: List of ports belonging to a SAS node * @num_phys: Number of phys associated with port * @marked_responding: used while refresing the sas ports - * @lowest_phy: lowest phy ID of current sas port - * @phy_mask: phy_mask of current sas port + * @lowest_phy: lowest phy ID of current sas port, valid for controller port + * @phy_mask: phy_mask of current sas port, valid for controller port * @hba_port: HBA port entry * @remote_identify: Attached device identification * @rphy: SAS transport layer rphy object diff --git a/drivers/scsi/mpi3mr/mpi3mr_transport.c b/drivers/scsi/mpi3mr/mpi3mr_transport.c index ccd23def2e0c..3a685750f5cd 100644 --- a/drivers/scsi/mpi3mr/mpi3mr_transport.c +++ b/drivers/scsi/mpi3mr/mpi3mr_transport.c @@ -595,7 +595,7 @@ static enum sas_linkrate mpi3mr_convert_phy_link_rate(u8 link_rate) */ static void mpi3mr_delete_sas_phy(struct mpi3mr_ioc *mrioc, struct mpi3mr_sas_port *mr_sas_port, - struct mpi3mr_sas_phy *mr_sas_phy) + struct mpi3mr_sas_phy *mr_sas_phy, u8 host_node) { u64 sas_address = mr_sas_port->remote_identify.sas_address; @@ -605,9 +605,13 @@ static void mpi3mr_delete_sas_phy(struct mpi3mr_ioc *mrioc, list_del(&mr_sas_phy->port_siblings); mr_sas_port->num_phys--; - mr_sas_port->phy_mask &= ~(1 << mr_sas_phy->phy_id); - if (mr_sas_port->lowest_phy == mr_sas_phy->phy_id) - mr_sas_port->lowest_phy = ffs(mr_sas_port->phy_mask) - 1; + + if (host_node) { + mr_sas_port->phy_mask &= ~(1 << mr_sas_phy->phy_id); + + if (mr_sas_port->lowest_phy == mr_sas_phy->phy_id) + mr_sas_port->lowest_phy = ffs(mr_sas_port->phy_mask) - 1; + } sas_port_delete_phy(mr_sas_port->port, mr_sas_phy->phy); mr_sas_phy->phy_belongs_to_port = 0; } @@ -617,12 +621,13 @@ static void mpi3mr_delete_sas_phy(struct mpi3mr_ioc *mrioc, * @mrioc: Adapter instance reference * @mr_sas_port: Internal Port object * @mr_sas_phy: Internal Phy object + * @host_node: Flag to indicate this is a host_node * * Return: None. */ static void mpi3mr_add_sas_phy(struct mpi3mr_ioc *mrioc, struct mpi3mr_sas_port *mr_sas_port, - struct mpi3mr_sas_phy *mr_sas_phy) + struct mpi3mr_sas_phy *mr_sas_phy, u8 host_node) { u64 sas_address = mr_sas_port->remote_identify.sas_address; @@ -632,9 +637,12 @@ static void mpi3mr_add_sas_phy(struct mpi3mr_ioc *mrioc, list_add_tail(&mr_sas_phy->port_siblings, &mr_sas_port->phy_list); mr_sas_port->num_phys++; - mr_sas_port->phy_mask |= (1 << mr_sas_phy->phy_id); - if (mr_sas_phy->phy_id < mr_sas_port->lowest_phy) - mr_sas_port->lowest_phy = ffs(mr_sas_port->phy_mask) - 1; + if (host_node) { + mr_sas_port->phy_mask |= (1 << mr_sas_phy->phy_id); + + if (mr_sas_phy->phy_id < mr_sas_port->lowest_phy) + mr_sas_port->lowest_phy = ffs(mr_sas_port->phy_mask) - 1; + } sas_port_add_phy(mr_sas_port->port, mr_sas_phy->phy); mr_sas_phy->phy_belongs_to_port = 1; } @@ -675,7 +683,7 @@ static void mpi3mr_add_phy_to_an_existing_port(struct mpi3mr_ioc *mrioc, if (srch_phy == mr_sas_phy) return; } - mpi3mr_add_sas_phy(mrioc, mr_sas_port, mr_sas_phy); + mpi3mr_add_sas_phy(mrioc, mr_sas_port, mr_sas_phy, mr_sas_node->host_node); return; } } @@ -736,7 +744,7 @@ static void mpi3mr_del_phy_from_an_existing_port(struct mpi3mr_ioc *mrioc, mpi3mr_delete_sas_port(mrioc, mr_sas_port); else mpi3mr_delete_sas_phy(mrioc, mr_sas_port, - mr_sas_phy); + mr_sas_phy, mr_sas_node->host_node); return; } } @@ -1367,7 +1375,8 @@ static struct mpi3mr_sas_port *mpi3mr_sas_port_add(struct mpi3mr_ioc *mrioc, mpi3mr_sas_port_sanity_check(mrioc, mr_sas_node, mr_sas_port->remote_identify.sas_address, hba_port); - if (mr_sas_node->num_phys >= sizeof(mr_sas_port->phy_mask) * 8) + if (mr_sas_node->host_node && mr_sas_node->num_phys >= + sizeof(mr_sas_port->phy_mask) * 8) ioc_info(mrioc, "max port count %u could be too high\n", mr_sas_node->num_phys); @@ -1377,7 +1386,7 @@ static struct mpi3mr_sas_port *mpi3mr_sas_port_add(struct mpi3mr_ioc *mrioc, (mr_sas_node->phy[i].hba_port != hba_port)) continue; - if (i >= sizeof(mr_sas_port->phy_mask) * 8) { + if (mr_sas_node->host_node && (i >= sizeof(mr_sas_port->phy_mask) * 8)) { ioc_warn(mrioc, "skipping port %u, max allowed value is %zu\n", i, sizeof(mr_sas_port->phy_mask) * 8); goto out_fail; @@ -1385,7 +1394,8 @@ static struct mpi3mr_sas_port *mpi3mr_sas_port_add(struct mpi3mr_ioc *mrioc, list_add_tail(&mr_sas_node->phy[i].port_siblings, &mr_sas_port->phy_list); mr_sas_port->num_phys++; - mr_sas_port->phy_mask |= (1 << i); + if (mr_sas_node->host_node) + mr_sas_port->phy_mask |= (1 << i); } if (!mr_sas_port->num_phys) { @@ -1394,7 +1404,8 @@ static struct mpi3mr_sas_port *mpi3mr_sas_port_add(struct mpi3mr_ioc *mrioc, goto out_fail; } - mr_sas_port->lowest_phy = ffs(mr_sas_port->phy_mask) - 1; + if (mr_sas_node->host_node) + mr_sas_port->lowest_phy = ffs(mr_sas_port->phy_mask) - 1; if (mr_sas_port->remote_identify.device_type == SAS_END_DEVICE) { tgtdev = mpi3mr_get_tgtdev_by_addr(mrioc, -- 2.31.1

1 year

2
1
0 0

[PATCH v5 0/4] ov08x40: Enable use of ov08x40 on Qualcomm X1E80100 CRD

by Bryan O'Donoghue

Changes in v5: - Fixes smatch CI splat - Link to v4: https://lore.kernel.org/r/20241003-b4-master-24-11-25-ov08x40-v4-0-7ee2c45f… Changes in v4: - Drops link-frequencies from properties: as discussed here: https://lore.kernel.org/r/Zv6STSKeNNlT83ux@kekkonen.localdomain - Link to v3: https://lore.kernel.org/r/20241002-b4-master-24-11-25-ov08x40-v3-0-483bcdcf… Changes in v3: - Drops assigned-clock-* from description retains in example - Sakari, Krzysztof - Updates example fake clock names to ov08x40_* instead of copy/paste ov9282_clk -> ov08x40_clk, ov9282_clk_parent -> ov08x40_clk_parent - bod - Link to v2: https://lore.kernel.org/r/20241001-b4-master-24-11-25-ov08x40-v2-0-e478976b… Changes in v2: - Drops "-" in ovti,ov08x40.yaml after description: - Rob - Adds ":" after first line of description text - Rob - dts -> DT in commit log - Rob - Removes dependency on 'xvclk' as a name in yaml and driver - Sakari - Uses assigned-clock, assigned-clock-parents and assigned-clock-rates - Sakari - Drops clock-frequency - Sakarai, Krzysztof - Drops dovdd-supply, avdd-supply, dvdd-supply and reset-gpios as required, its perfectly possible not to have the reset GPIO or the power rails under control of the SoC. - bod - Link to v1: https://lore.kernel.org/r/20240926-b4-master-24-11-25-ov08x40-v1-0-e4d5fbd3… V1: This series brings fixes and updates to ov08x40 which allows for use of this sensor on the Qualcomm x1e80100 CRD but also on any other dts based system. Firstly there's a fix for the pseudo burst mode code that was added in 8f667d202384 ("media: ov08x40: Reduce start streaming time"). Not every I2C controller can handle an arbitrary sized write, this is the case on Qualcomm CAMSS/CCI I2C sensor interfaces which limit the transaction size and communicate this limit via I2C quirks. A simple fix to optionally break up the large submitted burst into chunks not exceeding adapter->quirk size fixes. Secondly then is addition of a yaml description for the ov08x40 and extension of the driver to support OF probe and powering on of the power rails from the driver instead of from ACPI. Once done the sensor works without further modification on the Qualcomm x1e80100 CRD. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue(a)linaro.org> --- Bryan O'Donoghue (4): media: ov08x40: Fix burst write sequence media: dt-bindings: Add OmniVision OV08X40 media: ov08x40: Rename ext_clk to xvclk media: ov08x40: Add OF probe support .../bindings/media/i2c/ovti,ov08x40.yaml | 114 +++++++++++++ drivers/media/i2c/ov08x40.c | 181 ++++++++++++++++++--- 2 files changed, 271 insertions(+), 24 deletions(-) --- base-commit: 2b7275670032a98cba266bd1b8905f755b3e650f change-id: 20240926-b4-master-24-11-25-ov08x40-c6f477aaa6a4 Best regards, -- Bryan O'Donoghue <bryan.odonoghue(a)linaro.org>

1 year

1
1
0 0

[PATCH 0/2] rust: lockdep: Fix soundness issue affecting LockClassKeys

by Mitchell Levy via B4 Relay

This series is aimed at fixing a soundness issue with how dynamically allocated LockClassKeys are handled. Currently, LockClassKeys can be used without being Pin'd, which can break lockdep since it relies on address stability. Similarly, these keys are not automatically (de)registered with lockdep. At the suggestion of Alice Ryhl, this series includes a patch for -stable kernels that disables dynamically allocated keys. This prevents backported patches from using the unsound implementation. Currently, this series requires that all dynamically allocated LockClassKeys have a lifetime of 'static (i.e., they must be leaked after allocation). This is because Lock does not currently keep a reference to the LockClassKey, instead passing it to C via FFI. This causes a problem because the rust compiler would allow creating a 'static Lock with a 'a LockClassKey (with 'a < 'static) while C would expect the LockClassKey to live as long as the lock. This problem represents an avenue for future work. --- Changes from RFC: - Split into two commits so that dynamically allocated LockClassKeys are removed from stable kernels. (Thanks Alice Ryhl) - Extract calls to C lockdep functions into helpers so things build properly when LOCKDEP=n. (Thanks Benno Lossin) - Remove extraneous `get_ref()` calls. (Thanks Benno Lossin) - Provide better documentation for `new_dynamic()`. (Thanks Benno Lossin) - Ran rustfmt to fix formatting and some extraneous changes. (Thanks Alice Ryhl and Benno Lossin) - Link to RFC: https://lore.kernel.org/r/20240905-rust-lockdep-v1-1-d2c9c21aa8b2@gmail.com --- Mitchell Levy (2): rust: lockdep: Remove support for dynamically allocated LockClassKeys rust: lockdep: Use Pin for all LockClassKey usages rust/helpers/helpers.c | 1 + rust/helpers/sync.c | 13 +++++++++++++ rust/kernel/lib.rs | 2 +- rust/kernel/sync.rs | 34 ++++++++++++++++++++++++---------- rust/kernel/sync/condvar.rs | 11 +++++++---- rust/kernel/sync/lock.rs | 4 ++-- rust/kernel/workqueue.rs | 2 +- 7 files changed, 49 insertions(+), 18 deletions(-) --- base-commit: 9852d85ec9d492ebef56dc5f229416c925758edc change-id: 20240905-rust-lockdep-d3e30521c8ba Best regards, -- Mitchell Levy <levymitchell0(a)gmail.com>

1 year

2
2
0 0

reply: [PATCH AUTOSEL 6.11 47/76] fs: nfs: fix missing refcnt by replacing folio_set_private by folio_attach_private

by 黄朝阳 (Zhaoyang Huang)

>From: Zhaoyang Huang <zhaoyang.huang(a)unisoc.com> > >[ Upstream commit 03e02b94171b1985dd0aa184296fe94425b855a3 ] > >This patch is inspired by a code review of fs codes which aims at folio's extra >refcnt that could introduce unwanted behavious when judging refcnt, such >as[1].That is, the folio passed to mapping_evict_folio carries the refcnts from >find_lock_entries, page_cache, corresponding to PTEs and folio's private if has. >However, current code doesn't take the refcnt for folio's private which could >have mapping_evict_folio miss the one to only PTE and lead to call >filemap_release_folio wrongly. > >[1] >long mapping_evict_folio(struct address_space *mapping, struct folio *folio) >{ ... >//current code will misjudge here if there is one pte on the folio which is be >deemed as the one as folio's private > if (folio_ref_count(folio) > > folio_nr_pages(folio) + folio_has_private(folio) + >1) > return 0; > if (!filemap_release_folio(folio, 0)) > return 0; > > return remove_mapping(mapping, folio); } > >Signed-off-by: Zhaoyang Huang <zhaoyang.huang(a)unisoc.com> >Signed-off-by: Anna Schumaker <anna.schumaker(a)oracle.com> >Signed-off-by: Sasha Levin <sashal(a)kernel.org> Sorry, this patch should be dropped since Trond has explained that there is no need to grab refcnt here as nfs_page has hold the refcount on this folio. >--- > fs/nfs/write.c | 6 ++---- > 1 file changed, 2 insertions(+), 4 deletions(-) > >diff --git a/fs/nfs/write.c b/fs/nfs/write.c index >d074d0ceb4f01..80c6ded5f74c6 100644 >--- a/fs/nfs/write.c >+++ b/fs/nfs/write.c >@@ -772,8 +772,7 @@ static void nfs_inode_add_request(struct nfs_page >*req) > nfs_lock_request(req); > spin_lock(&mapping->i_private_lock); > set_bit(PG_MAPPED, &req->wb_flags); >- folio_set_private(folio); >- folio->private = req; >+ folio_attach_private(folio, req); > spin_unlock(&mapping->i_private_lock); > atomic_long_inc(&nfsi->nrequests); > /* this a head request for a page group - mark it as having an @@ >-797,8 +796,7 @@ static void nfs_inode_remove_request(struct nfs_page >*req) > > spin_lock(&mapping->i_private_lock); > if (likely(folio)) { >- folio->private = NULL; >- folio_clear_private(folio); >+ folio_detach_private(folio); > clear_bit(PG_MAPPED, >&req->wb_head->wb_flags); > } > spin_unlock(&mapping->i_private_lock); >-- >2.43.0

1 year

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror October 2024