November 2024 - Linux-stable-mirror

[merged mm-hotfixes-stable] mm-revert-mm-shmem-fix-data-race-in-shmem_getattr.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm: revert "mm: shmem: fix data-race in shmem_getattr()" has been removed from the -mm tree. Its filename was mm-revert-mm-shmem-fix-data-race-in-shmem_getattr.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Andrew Morton <akpm(a)linux-foundation.org> Subject: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Date: Fri Nov 15 04:57:24 PM PST 2024 Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just to silence a syzbot sanitizer splat: added where there has never been any practical problem". Link: https://lkml.kernel.org/r/ZzdxKF39VEmXSSyN@tissot.1015granger.net [1] Fixes: d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") Acked-by: Hugh Dickins <hughd(a)google.com> Cc: Chuck Lever <chuck.lever(a)oracle.com> Cc: Jeongjun Park <aha310510(a)gmail.com> Cc: Yu Zhao <yuzhao(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/shmem.c | 2 -- 1 file changed, 2 deletions(-) --- a/mm/shmem.c~mm-revert-mm-shmem-fix-data-race-in-shmem_getattr +++ a/mm/shmem.c @@ -1166,9 +1166,7 @@ static int shmem_getattr(struct mnt_idma stat->attributes_mask |= (STATX_ATTR_APPEND | STATX_ATTR_IMMUTABLE | STATX_ATTR_NODUMP); - inode_lock_shared(inode); generic_fillattr(idmap, request_mask, inode, stat); - inode_unlock_shared(inode); if (shmem_huge_global_enabled(inode, 0, 0, false, NULL, 0)) stat->blksize = HPAGE_PMD_SIZE; _ Patches currently in -mm which might be from akpm(a)linux-foundation.org are fs-proc-vmcorec-fix-warning-when-config_mmu=n.patch

10 months

1
0
0 0

[PATCH 5.4 00/67] 5.4.286-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.4.286 release. There are 67 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 17 Nov 2024 12:04:36 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.286-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.4.286-rc2 Linus Torvalds <torvalds(a)linux-foundation.org> mm: avoid leaving partial pfn mappings around in error case Linus Torvalds <torvalds(a)linux-foundation.org> 9p: fix slab cache name creation for real Christoph Hellwig <hch(a)lst.de> mm: add remap_pfn_range_notrack Alex Zhang <zhangalex(a)google.com> mm/memory.c: make remap_pfn_range() reject unaligned addr chenqiwu <chenqiwu(a)xiaomi.com> mm: fix ambiguous comments for better code readability WANG Wenhu <wenhu.wang(a)vivo.com> mm: clarify a confusing comment for remap_pfn_range() Li Nan <linan122(a)huawei.com> md/raid10: improve code of mrdev in raid10_sync_request Reinhard Speyerer <rspmn(a)arcor.de> net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Alessandro Zanni <alessandro.zanni87(a)gmail.com> fs: Fix uninitialized value issue in from_kuid and from_kgid Michael Ellerman <mpe(a)ellerman.id.au> powerpc/powernv: Free name on error in opal_event_init() Julian Vetter <jvetter(a)kalrayinc.com> sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Rik van Riel <riel(a)surriel.com> bpf: use kvzmalloc to allocate BPF verifier environment WangYuli <wangyuli(a)uniontech.com> HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Pedro Falcato <pedro.falcato(a)gmail.com> 9p: Avoid creating multiple slab caches with the same name Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Add endianness annotations Hyunwoo Kim <v4bel(a)theori.io> vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Hyunwoo Kim <v4bel(a)theori.io> hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer Zheng Yejian <zhengyejian1(a)huawei.com> ftrace: Fix possible use-after-free issue in ftrace_location() Chuck Lever <chuck.lever(a)oracle.com> NFSD: Fix NFSv4's PUTPUBFH operation Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Add quirks for Dell WD19 dock Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Support jack detection on Dell dock Andrew Kanner <andrew.kanner(a)gmail.com> ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3: Force propagation of the active state with a read-back Benoît Monin <benoit.monin(a)gmx.fr> USB: serial: option: add Quectel RG650V Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add Fibocom FG132 0x0112 composition Jack Wu <wojackbb(a)gmail.com> USB: serial: qcserial: add support for Sierra Wireless EM86xx Dan Carpenter <dan.carpenter(a)linaro.org> USB: serial: io_edgeport: fix use after free in debug printk Zijun Hu <quic_zijuhu(a)quicinc.com> usb: musb: sunxi: Fix accessing an released usb phy Qi Xi <xiqi2(a)huawei.com> fs/proc: fix compile warning about variable 'vmcore_mmap_ops' Benoit Sevens <bsevens(a)google.com> media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format Nikolay Aleksandrov <razor(a)blackwall.org> net: bridge: xmit: make sure we have at least eth header len bytes Michael Walle <michael(a)walle.cc> spi: fix use-after-free of the add_lock mutex Mark Brown <broonie(a)kernel.org> spi: Fix deadlock when adding SPI controllers on SPI buses Sean Nyekjaer <sean(a)geanix.com> mtd: rawnand: protect access to rawnand devices while in suspend Filipe Manana <fdmanana(a)suse.com> btrfs: reinitialize delayed ref list after deleting it from the list Roberto Sassu <roberto.sassu(a)huawei.com> nfs: Fix KMSAN warning in decode_getfattr_attrs() Zichen Xie <zichenxie0106(a)gmail.com> dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: fix potential out-of-bounds access on the first resume Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: optimize dirty bit checking with find_next_bit when resizing Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: fix out-of-bounds access to the dirty bitset when resizing Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: correct the number of origin blocks to match the target length Antonio Quartulli <antonio(a)mandelbit.com> drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Erik Schumacher <erik.schumacher(a)iris-sensing.com> pwm: imx-tpm: Use correct MODULO value for EPWM mode Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: v4l2-tpg: prevent the risk of a division by zero Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: cx24116: prevent overflows on SNR calculus Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: s5p-jpeg: prevent buffer overflows Murad Masimov <m.masimov(a)maxima.ru> ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: adv7604: prevent underflow condition when reporting colorspace Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvb_frontend: don't play tricks with underflow values Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvbdev: prevent the risk of out of memory access Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: stb0899_algo: initialize cfr before using it Peiyang Wang <wangpeiyang1(a)huawei.com> net: hns3: fix kernel crash when uninstalling driver Dario Binacchi <dario.binacchi(a)amarulasolutions.com> can: c_can: fix {rx,tx}_errors statistics Xin Long <lucien.xin(a)gmail.com> sctp: properly validate chunk size in sctp_sf_ootb() Wei Fang <wei.fang(a)nxp.com> net: enetc: set MAC address to the VF net_device Qinglang Miao <miaoqinglang(a)huawei.com> enetc: simplify the return expression of enetc_vf_set_mac_addr() Chen Ridong <chenridong(a)huawei.com> security/keys: fix slab-out-of-bounds in key_task_permission Jiri Kosina <jkosina(a)suse.com> HID: core: zero-initialize the report buffer Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: Fix the spi controller on rk3036 Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: drop grf reference from rk3036 hdmi Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: fix rk3036 acodec node Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards Diederik de Haas <didi.debian(a)cknow.org> arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 Geert Uytterhoeven <geert+renesas(a)glider.be> arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/rk3036-kylin.dts | 4 +- arch/arm/boot/dts/rk3036.dtsi | 14 +- arch/arm64/boot/dts/rockchip/rk3328.dtsi | 3 +- arch/arm64/boot/dts/rockchip/rk3368-lion.dtsi | 1 - arch/arm64/boot/dts/rockchip/rk3399-rock960.dtsi | 2 +- .../dts/rockchip/rk3399-sapphire-excavator.dts | 2 +- arch/powerpc/platforms/powernv/opal-irqchip.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 2 +- drivers/hid/hid-core.c | 2 +- drivers/hid/hid-multitouch.c | 5 + drivers/irqchip/irq-gic-v3.c | 7 + drivers/md/dm-cache-target.c | 35 ++--- drivers/md/dm-unstripe.c | 4 +- drivers/md/raid10.c | 23 +-- drivers/media/common/v4l2-tpg/v4l2-tpg-core.c | 3 + drivers/media/dvb-core/dvb_frontend.c | 4 +- drivers/media/dvb-core/dvbdev.c | 17 ++- drivers/media/dvb-frontends/cx24116.c | 7 +- drivers/media/dvb-frontends/stb0899_algo.c | 2 +- drivers/media/i2c/adv7604.c | 26 ++-- drivers/media/platform/s5p-jpeg/jpeg-core.c | 17 ++- drivers/media/usb/uvc/uvc_driver.c | 2 +- drivers/mtd/nand/raw/nand_base.c | 44 +++--- drivers/net/can/c_can/c_can.c | 7 +- drivers/net/ethernet/freescale/enetc/enetc_vf.c | 2 + drivers/net/ethernet/hisilicon/hns3/hnae3.c | 5 +- drivers/net/usb/qmi_wwan.c | 1 + drivers/pwm/pwm-imx-tpm.c | 4 +- drivers/spi/spi.c | 27 ++-- drivers/usb/musb/sunxi.c | 2 - drivers/usb/serial/io_edgeport.c | 8 +- drivers/usb/serial/option.c | 6 + drivers/usb/serial/qcserial.c | 2 + fs/btrfs/delayed-ref.c | 2 +- fs/nfs/inode.c | 1 + fs/nfsd/nfs4xdr.c | 10 +- fs/ocfs2/file.c | 9 +- fs/ocfs2/xattr.c | 3 +- fs/proc/vmcore.c | 9 +- include/linux/mm.h | 2 + include/linux/mm_types.h | 4 +- include/linux/mtd/rawnand.h | 2 + include/linux/spi/spi.h | 3 + kernel/bpf/verifier.c | 4 +- kernel/trace/ftrace.c | 30 ++-- mm/memory.c | 75 ++++++--- net/9p/client.c | 12 +- net/bridge/br_device.c | 5 + net/sctp/sm_statefuns.c | 2 +- net/vmw_vsock/hyperv_transport.c | 1 + net/vmw_vsock/virtio_transport_common.c | 1 + security/keys/keyring.c | 7 +- sound/Kconfig | 2 +- sound/firewire/tascam/amdtp-tascam.c | 2 +- sound/usb/mixer_quirks.c | 170 +++++++++++++++++++++ 57 files changed, 471 insertions(+), 184 deletions(-)

10 months

5
4
0 0

[PATCH 5.15 00/22] 5.15.173-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.173 release. There are 22 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 17 Nov 2024 06:37:07 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.173-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.173-rc1 Linus Torvalds <torvalds(a)linux-foundation.org> 9p: fix slab cache name creation for real Jan Kara <jack(a)suse.cz> udf: Avoid directory type conversion failure due to ENOMEM Jan Kara <jack(a)suse.cz> udf: Allocate name buffer in directory iterator on heap Yuanzheng Song <songyuanzheng(a)huawei.com> mm/memory: add non-anonymous page check in the copy_present_page() Qun-Wei Lin <qun-wei.lin(a)mediatek.com> mm: krealloc: Fix MTE false alarm in __do_krealloc Hagar Hemdan <hagarhem(a)amazon.com> io_uring: fix possible deadlock in io_register_iowq_max_workers() Li Nan <linan122(a)huawei.com> md/raid10: improve code of mrdev in raid10_sync_request Reinhard Speyerer <rspmn(a)arcor.de> net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Hans de Goede <hdegoede(a)redhat.com> HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard Kenneth Albanowski <kenalba(a)chromium.org> HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad Alessandro Zanni <alessandro.zanni87(a)gmail.com> fs: Fix uninitialized value issue in from_kuid and from_kgid Yuan Can <yuancan(a)huawei.com> vDPA/ifcvf: Fix pci_read_config_byte() return code handling Michael Ellerman <mpe(a)ellerman.id.au> powerpc/powernv: Free name on error in opal_event_init() Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS Julian Vetter <jvetter(a)kalrayinc.com> sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Herbert Xu <herbert(a)gondor.apana.org.au> crypto: marvell/cesa - Disable hash algorithms Rik van Riel <riel(a)surriel.com> bpf: use kvzmalloc to allocate BPF verifier environment WangYuli <wangyuli(a)uniontech.com> HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Stefan Blum <stefanblum2004(a)gmail.com> HID: multitouch: Add support for B2402FVA track point SurajSonawane2415 <surajsonawane0215(a)gmail.com> block: Fix elevator_get_default() checking for NULL q->tag_set Sergey Matsievskiy <matsievskiysv(a)gmail.com> irqchip/ocelot: Fix trigger register address Pedro Falcato <pedro.falcato(a)gmail.com> 9p: Avoid creating multiple slab caches with the same name ------------- Diffstat: Makefile | 4 ++-- arch/powerpc/platforms/powernv/opal-irqchip.c | 1 + block/elevator.c | 4 ++-- drivers/crypto/marvell/cesa/hash.c | 12 ++++++------ drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 4 ++-- drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 4 +++- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 3 --- drivers/hid/hid-ids.h | 1 + drivers/hid/hid-lenovo.c | 8 ++++++++ drivers/hid/hid-multitouch.c | 13 +++++++++++++ drivers/irqchip/irq-mscc-ocelot.c | 4 ++-- drivers/md/raid10.c | 23 ++++++++++++----------- drivers/net/usb/qmi_wwan.c | 1 + drivers/vdpa/ifcvf/ifcvf_base.c | 2 +- fs/ocfs2/file.c | 9 ++++++--- fs/udf/directory.c | 27 +++++++++++++++++++-------- fs/udf/udfdecl.h | 2 +- io_uring/io_uring.c | 5 +++++ kernel/bpf/verifier.c | 4 ++-- mm/memory.c | 11 +++++++++++ mm/slab_common.c | 2 +- net/9p/client.c | 12 +++++++++++- sound/Kconfig | 2 +- 23 files changed, 111 insertions(+), 47 deletions(-)

10 months

10
31
0 0

[PATCH 6.6 00/48] 6.6.62-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.62 release. There are 48 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 17 Nov 2024 06:37:07 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.62-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.62-rc1 Linus Torvalds <torvalds(a)linux-foundation.org> 9p: fix slab cache name creation for real Hugh Dickins <hughd(a)google.com> mm/thp: fix deferred split unqueue naming and locking Kefeng Wang <wangkefeng.wang(a)huawei.com> mm: refactor folio_undo_large_rmappable() Matthew Wilcox (Oracle) <willy(a)infradead.org> mm: always initialise folio->_deferred_list Matthew Wilcox (Oracle) <willy(a)infradead.org> mm: support order-1 folios in the page cache Ryan Roberts <ryan.roberts(a)arm.com> mm/readahead: do not allow order-1 folio Hugh Dickins <hughd(a)google.com> mm: add page_rmappable_folio() wrapper Qun-Wei Lin <qun-wei.lin(a)mediatek.com> mm: krealloc: Fix MTE false alarm in __do_krealloc Hagar Hemdan <hagarhem(a)amazon.com> io_uring: fix possible deadlock in io_register_iowq_max_workers() Hou Tao <houtao1(a)huawei.com> bpf: Check validity of link->type in bpf_link_show_fdinfo() Reinhard Speyerer <rspmn(a)arcor.de> net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: fsl_micfil: Add sample rate constraint Yanteng Si <siyanteng(a)cqsoftware.com.cn> LoongArch: Use "Exception return address" to comment ERA Jack Yu <jack.yu(a)realtek.com> ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue Cyan Yang <cyan.yang(a)sifive.com> RISCV: KVM: use raw_spinlock for critical section in imsic Hans de Goede <hdegoede(a)redhat.com> HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard Kenneth Albanowski <kenalba(a)chromium.org> HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad Alessandro Zanni <alessandro.zanni87(a)gmail.com> fs: Fix uninitialized value issue in from_kuid and from_kgid Ilya Dudikov <ilyadud(a)mail.ru> ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA Christian Heusel <christian(a)heusel.eu> ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA Jiawei Ye <jiawei.ye(a)foxmail.com> bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 Zijian Zhang <zijianzhang(a)bytedance.com> bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx Yuan Can <yuancan(a)huawei.com> vDPA/ifcvf: Fix pci_read_config_byte() return code handling Breno Leitao <leitao(a)debian.org> nvme/host: Fix RCU list traversal to use SRCU primitive Kuniyuki Iwashima <kuniyu(a)amazon.com> smb: client: Fix use-after-free of network namespace. Nilay Shroff <nilay(a)linux.ibm.com> nvme: make keep-alive synchronous operation Nilay Shroff <nilay(a)linux.ibm.com> nvme-loop: flush off pending I/O while shutting down loop controller Linus Walleij <linus.walleij(a)linaro.org> net: phy: mdio-bcm-unimac: Add BCM6846 support Michael Ellerman <mpe(a)ellerman.id.au> powerpc/powernv: Free name on error in opal_event_init() Philip Yang <Philip.Yang(a)amd.com> drm/amdkfd: Accounting pdd vram_usage for svm Keith Busch <kbusch(a)kernel.org> nvme-multipath: defer partition scanning Will Deacon <will(a)kernel.org> kasan: Disable Software Tag-Based KASAN with GCC Showrya M N <showrya(a)chelsio.com> RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS Julian Vetter <jvetter(a)kalrayinc.com> sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Herbert Xu <herbert(a)gondor.apana.org.au> crypto: marvell/cesa - Disable hash algorithms Herbert Xu <herbert(a)gondor.apana.org.au> crypto: api - Fix liveliness check in crypto_alg_tested Rik van Riel <riel(a)surriel.com> bpf: use kvzmalloc to allocate BPF verifier environment Greg Joyce <gjoyce(a)linux.ibm.com> nvme: disable CC.CRIME (NVME_CC_CRIME) Robin Murphy <robin.murphy(a)arm.com> iommu/arm-smmu: Clarify MMU-500 CPRE workaround WangYuli <wangyuli(a)uniontech.com> HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Stefan Blum <stefanblum2004(a)gmail.com> HID: multitouch: Add support for B2402FVA track point SurajSonawane2415 <surajsonawane0215(a)gmail.com> block: Fix elevator_get_default() checking for NULL q->tag_set Hannes Reinecke <hare(a)suse.de> nvme: tcp: avoid race between queue_lock lock and destroy Sergey Matsievskiy <matsievskiysv(a)gmail.com> irqchip/ocelot: Fix trigger register address Eduard Zingerman <eddyz87(a)gmail.com> selftests/bpf: Verify that sync_linked_regs preserves subreg_def Pedro Falcato <pedro.falcato(a)gmail.com> 9p: Avoid creating multiple slab caches with the same name Dominique Martinet <asmadeus(a)codewreck.org> 9p: v9fs_fid_find: also lookup by inode if not found dentry ------------- Diffstat: Makefile | 4 +- arch/loongarch/include/asm/loongarch.h | 2 +- arch/powerpc/platforms/powernv/opal-irqchip.c | 1 + arch/riscv/kvm/aia_imsic.c | 8 +-- block/elevator.c | 4 +- crypto/algapi.c | 2 +- drivers/crypto/marvell/cesa/hash.c | 12 ++-- drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 6 +- drivers/gpu/drm/amd/amdkfd/kfd_priv.h | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_process.c | 4 +- drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 26 +++++++++ drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 4 +- drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 4 +- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 3 - drivers/hid/hid-ids.h | 1 + drivers/hid/hid-lenovo.c | 8 +++ drivers/hid/hid-multitouch.c | 13 +++++ drivers/infiniband/sw/siw/siw_qp_tx.c | 2 + drivers/iommu/arm/arm-smmu/arm-smmu-impl.c | 4 +- drivers/irqchip/irq-mscc-ocelot.c | 4 +- drivers/net/mdio/mdio-bcm-unimac.c | 1 + drivers/net/usb/qmi_wwan.c | 1 + drivers/nvme/host/core.c | 52 +++++++++-------- drivers/nvme/host/multipath.c | 33 +++++++++++ drivers/nvme/host/nvme.h | 1 + drivers/nvme/host/tcp.c | 7 ++- drivers/nvme/target/loop.c | 13 +++++ drivers/vdpa/ifcvf/ifcvf_base.c | 2 +- fs/9p/fid.c | 5 +- fs/ocfs2/file.c | 9 ++- fs/smb/client/connect.c | 14 ++++- include/net/tls.h | 12 +++- io_uring/io_uring.c | 5 ++ kernel/bpf/syscall.c | 14 +++-- kernel/bpf/verifier.c | 4 +- lib/Kconfig.kasan | 7 ++- mm/filemap.c | 2 - mm/huge_memory.c | 59 ++++++++++++------- mm/hugetlb.c | 1 + mm/internal.h | 27 ++++++++- mm/memcontrol.c | 29 ++++++++++ mm/mempolicy.c | 17 +----- mm/page_alloc.c | 21 +++---- mm/readahead.c | 11 +--- mm/slab_common.c | 2 +- net/9p/client.c | 12 +++- net/core/filter.c | 2 +- sound/Kconfig | 2 +- sound/soc/amd/yc/acp6x-mach.c | 14 +++++ sound/soc/codecs/rt722-sdca-sdw.c | 2 +- sound/soc/fsl/fsl_micfil.c | 38 ++++++++++++ .../selftests/bpf/progs/verifier_scalar_ids.c | 67 ++++++++++++++++++++++ 52 files changed, 456 insertions(+), 144 deletions(-)

10 months

12
59
0 0

[PATCH] PCI: dwc: ep: Fix advertised resizable BAR size again

by Niklas Cassel

The advertised resizable BAR size was fixed in commit 72e34b8593e0 ("PCI: dwc: endpoint: Fix advertised resizable BAR size"). Commit 867ab111b242 ("PCI: dwc: ep: Add a generic dw_pcie_ep_linkdown() API to handle Link Down event") was included shortly after this, and moved the code to another function. When the code was moved, this fix was mistakenly lost. According to the spec, it is illegal to not have a bit set in PCI_REBAR_CAP, and 1 MB is the smallest size allowed. Set bit 4 in PCI_REBAR_CAP, so that we actually advertise support for a 1 MB BAR size. Cc: stable(a)vger.kernel.org Fixes: 867ab111b242 ("PCI: dwc: ep: Add a generic dw_pcie_ep_linkdown() API to handle Link Down event") Signed-off-by: Niklas Cassel <cassel(a)kernel.org> --- drivers/pci/controller/dwc/pcie-designware-ep.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/pci/controller/dwc/pcie-designware-ep.c b/drivers/pci/controller/dwc/pcie-designware-ep.c index 43ba5c6738df1..cc8ff4a014368 100644 --- a/drivers/pci/controller/dwc/pcie-designware-ep.c +++ b/drivers/pci/controller/dwc/pcie-designware-ep.c @@ -689,7 +689,7 @@ static void dw_pcie_ep_init_non_sticky_registers(struct dw_pcie *pci) * for 1 MB BAR size only. */ for (i = 0; i < nbars; i++, offset += PCI_REBAR_CTRL) - dw_pcie_writel_dbi(pci, offset + PCI_REBAR_CAP, 0x0); + dw_pcie_writel_dbi(pci, offset + PCI_REBAR_CAP, BIT(4)); } dw_pcie_setup(pci); -- 2.47.0

10 months

2
1
0 0

Backport request

by Hemdan, Hagar Gamal Halim

Hi, Please backport commit: 0faf84caee63 ("cpufreq: Replace deprecated strncpy() with strscpy()") to stable trees 5.10.y, 5.15.y, 6.1.y and 6.6.y. This commit fixes possible Buffer not null terminated of "policy->last_governor" and "default_governor" in __cpufreq_offline() and cpufreq_core_init(). This bug was discovered and resolved using Coverity Static Analysis Security Testing (SAST) by Synopsys, Inc. Amazon Web Services Development Center Germany GmbH Krausenstr. 38 10117 Berlin Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss Eingetragen am Amtsgericht Charlottenburg unter HRB 257764 B Sitz: Berlin Ust-ID: DE 365 538 597

10 months

2
1
0 0

[PATCH v4 3/3] drm: adv7511: Drop dsi single lane support

by Biju Das

As per [1] and [2], ADV7535/7533 supports only 2-, 3-, or 4-lane. Drop unsupported 1-lane. [1] https://www.analog.com/media/en/technical-documentation/data-sheets/ADV7535… [2] https://www.analog.com/media/en/technical-documentation/data-sheets/ADV7533… Fixes: 1e4d58cd7f88 ("drm/bridge: adv7533: Create a MIPI DSI device") Reported-by: Hien Huynh <hien.huynh.px(a)renesas.com> Cc: stable(a)vger.kernel.org Reviewed-by: Laurent Pinchart <laurent.pinchart+renesas(a)ideasonboard.com> Signed-off-by: Biju Das <biju.das.jz(a)bp.renesas.com> --- Changes in v4: - Added link to ADV7533 data sheet. - Collected tags Changes in v3: - Updated commit header and description - Updated fixes tag - Dropped single lane support Changes in v2: - Added the tag "Cc: stable(a)vger.kernel.org" in the sign-off area. - Dropped Archit Taneja invalid Mail address --- drivers/gpu/drm/bridge/adv7511/adv7533.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/bridge/adv7511/adv7533.c b/drivers/gpu/drm/bridge/adv7511/adv7533.c index 5d0e55ef4028..51ddd935b568 100644 --- a/drivers/gpu/drm/bridge/adv7511/adv7533.c +++ b/drivers/gpu/drm/bridge/adv7511/adv7533.c @@ -174,7 +174,7 @@ struct device_node *adv7533_parse_dt(struct device_node *np, of_property_read_u32(np, "adi,dsi-lanes", &num_lanes); - if (num_lanes < 1 || num_lanes > 4) + if (num_lanes < 2 || num_lanes > 4) return ERR_PTR(-EINVAL); adv->num_dsi_lanes = num_lanes; -- 2.43.0

10 months

1
0
0 0

[PATCH v4 2/3] dt-bindings: display: adi,adv7533: Drop single lane support

by Biju Das

As per [1] and [2], ADV7535/7533 supports only 2-, 3-, or 4-lane. Drop unsupported 1-lane from bindings. [1] https://www.analog.com/media/en/technical-documentation/data-sheets/ADV7535… [2] https://www.analog.com/media/en/technical-documentation/data-sheets/ADV7533… Fixes: 1e4d58cd7f88 ("drm/bridge: adv7533: Create a MIPI DSI device") Cc: stable(a)vger.kernel.org Acked-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> Reviewed-by: Geert Uytterhoeven <geert+renesas(a)glider.be> Reviewed-by: Laurent Pinchart <laurent.pinchart+renesas(a)ideasonboard.com> Signed-off-by: Biju Das <biju.das.jz(a)bp.renesas.com> --- v3->v4: * Added link to ADV7533 data sheet. * Collected tags. v3: * New patch. --- .../devicetree/bindings/display/bridge/adi,adv7533.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Documentation/devicetree/bindings/display/bridge/adi,adv7533.yaml b/Documentation/devicetree/bindings/display/bridge/adi,adv7533.yaml index df20a3c9c744..ec89115c74e4 100644 --- a/Documentation/devicetree/bindings/display/bridge/adi,adv7533.yaml +++ b/Documentation/devicetree/bindings/display/bridge/adi,adv7533.yaml @@ -90,7 +90,7 @@ properties: adi,dsi-lanes: description: Number of DSI data lanes connected to the DSI host. $ref: /schemas/types.yaml#/definitions/uint32 - enum: [ 1, 2, 3, 4 ] + enum: [ 2, 3, 4 ] "#sound-dai-cells": const: 0 -- 2.43.0

10 months

1
0
0 0

[RFC PATCH 0/6 6.6] Address rename/readdir bugs in fs/libfs.c

by cel＠kernel.org

From: Chuck Lever <chuck.lever(a)oracle.com> Address several bugs in v6.6's libfs/shmemfs, including CVE-2024-46701. Link: https://lore.kernel.org/stable/976C0DD5-4337-4C7D-92C6-A38C2EC335A4@oracle.… I'm still running the usual set of regression tests, but so far this set looks stable. I'm interested in hearing review comments and test results. Branch for testing: https://git.kernel.org/pub/scm/linux/kernel/git/cel/linux.git/log/?h=nfsd-6… Chuck Lever (5): libfs: Define a minimum directory offset libfs: Add simple_offset_empty() libfs: Fix simple_offset_rename_exchange() libfs: Add simple_offset_rename() API shmem: Fix shmem_rename2() yangerkun (1): libfs: fix infinite directory reads for offset dir fs/libfs.c | 135 +++++++++++++++++++++++++++++++++++++-------- include/linux/fs.h | 3 + mm/shmem.c | 7 +-- 3 files changed, 119 insertions(+), 26 deletions(-) -- 2.47.0

10 months

5
14
0 0

[PATCHv2 5.15] udf: Allocate name buffer in directory iterator on heap

by Sergey Senozhatsky

From: Jan Kara <jack(a)suse.cz> [ Upstream commit 0aba4860b0d0216a1a300484ff536171894d49d8 ] Currently we allocate name buffer in directory iterators (struct udf_fileident_iter) on stack. These structures are relatively large (some 360 bytes on 64-bit architectures). For udf_rename() which needs to keep three of these structures in parallel the stack usage becomes rather heavy - 1536 bytes in total. Allocate the name buffer in the iterator from heap to avoid excessive stack usage. Link: https://lore.kernel.org/all/202212200558.lK9x1KW0-lkp@intel.com Reported-by: kernel test robot <lkp(a)intel.com> Signed-off-by: Jan Kara <jack(a)suse.cz> [ senozhatsky: explicitly include slab.h to address build failure reported by sashal@ ] Signed-off-by: Sergey Senozhatsky <senozhatsky(a)chromium.org> --- fs/udf/directory.c | 24 ++++++++++++++++-------- fs/udf/udfdecl.h | 2 +- 2 files changed, 17 insertions(+), 9 deletions(-) diff --git a/fs/udf/directory.c b/fs/udf/directory.c index e97ffae07833..a30898debdd1 100644 --- a/fs/udf/directory.c +++ b/fs/udf/directory.c @@ -19,6 +19,7 @@ #include <linux/bio.h> #include <linux/crc-itu-t.h> #include <linux/iversion.h> +#include <linux/slab.h> static int udf_verify_fi(struct udf_fileident_iter *iter) { @@ -248,9 +249,14 @@ int udf_fiiter_init(struct udf_fileident_iter *iter, struct inode *dir, iter->elen = 0; iter->epos.bh = NULL; iter->name = NULL; + iter->namebuf = kmalloc(UDF_NAME_LEN_CS0, GFP_KERNEL); + if (!iter->namebuf) + return -ENOMEM; - if (iinfo->i_alloc_type == ICBTAG_FLAG_AD_IN_ICB) - return udf_copy_fi(iter); + if (iinfo->i_alloc_type == ICBTAG_FLAG_AD_IN_ICB) { + err = udf_copy_fi(iter); + goto out; + } if (inode_bmap(dir, iter->pos >> dir->i_blkbits, &iter->epos, &iter->eloc, &iter->elen, &iter->loffset) != @@ -260,17 +266,17 @@ int udf_fiiter_init(struct udf_fileident_iter *iter, struct inode *dir, udf_err(dir->i_sb, "position %llu not allocated in directory (ino %lu)\n", (unsigned long long)pos, dir->i_ino); - return -EFSCORRUPTED; + err = -EFSCORRUPTED; + goto out; } err = udf_fiiter_load_bhs(iter); if (err < 0) - return err; + goto out; err = udf_copy_fi(iter); - if (err < 0) { +out: + if (err < 0) udf_fiiter_release(iter); - return err; - } - return 0; + return err; } int udf_fiiter_advance(struct udf_fileident_iter *iter) @@ -307,6 +313,8 @@ void udf_fiiter_release(struct udf_fileident_iter *iter) brelse(iter->bh[0]); brelse(iter->bh[1]); iter->bh[0] = iter->bh[1] = NULL; + kfree(iter->namebuf); + iter->namebuf = NULL; } static void udf_copy_to_bufs(void *buf1, int len1, void *buf2, int len2, diff --git a/fs/udf/udfdecl.h b/fs/udf/udfdecl.h index f764b4d15094..d35aa42bb577 100644 --- a/fs/udf/udfdecl.h +++ b/fs/udf/udfdecl.h @@ -99,7 +99,7 @@ struct udf_fileident_iter { struct extent_position epos; /* Position after the above extent */ struct fileIdentDesc fi; /* Copied directory entry */ uint8_t *name; /* Pointer to entry name */ - uint8_t namebuf[UDF_NAME_LEN_CS0]; /* Storage for entry name in case + uint8_t *namebuf; /* Storage for entry name in case * the name is split between two blocks */ }; -- 2.47.0.338.g60cca15819-goog

10 months

2
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror November 2024