November 2024 - Linux-stable-mirror

[PATCH] x86/efi: Apply EFI Memory Attributes after kexec

by Nicolas Saenz Julienne

Kexec bypasses EFI's switch to virtual mode. In exchange, it has its own routine, kexec_enter_virtual_mode(), that replays the mappings made by the original kernel. Unfortunately, the function fails to reinstate EFI's memory attributes and runtime memory protections, which would've otherwise been set after entering virtual mode. Remediate this by calling efi_runtime_update_mappings() from it. Cc: stable(a)vger.kernel.org Fixes: 18141e89a76c ("x86/efi: Add support for EFI_MEMORY_ATTRIBUTES_TABLE") Signed-off-by: Nicolas Saenz Julienne <nsaenz(a)amazon.com> --- Notes: - I tested the Memory Attributes path using QEMU/OVMF. - Although care is taken to make sure the memory backing the EFI Memory Attributes table is preserved during runtime and reachable after kexec (see efi_memattr_init()). I don't see the same happening for the EFI properties table. Maybe it's just unnecessary as there's an assumption that the table will fall in memory preserved during runtime? Or for another reason? Otherwise, we'd need to make sure it isn't possible to set EFI_NX_PE_DATA on kexec. arch/x86/platform/efi/efi.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c index 88a96816de9a..b9b17892c495 100644 --- a/arch/x86/platform/efi/efi.c +++ b/arch/x86/platform/efi/efi.c @@ -784,6 +784,7 @@ static void __init kexec_enter_virtual_mode(void) efi_sync_low_kernel_mappings(); efi_native_runtime_setup(); + efi_runtime_update_mappings(); #endif } -- 2.40.1

10 months, 1 week

2
2
0 0

[PATCH 6.11 000/249] 6.11.7-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.11.7 release. There are 249 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat, 09 Nov 2024 06:45:18 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.11.7-rc2… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.11.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.11.7-rc2 Uladzislau Rezki (Sony) <urezki(a)gmail.com> rcu/kvfree: Refactor kvfree_rcu_queue_batch() Florian Westphal <fw(a)strlen.de> lib: alloc_tag_module_unload must wait for pending kfree_rcu calls Uladzislau Rezki (Sony) <urezki(a)gmail.com> rcu/kvfree: Add kvfree_rcu_barrier() API Conor Dooley <conor.dooley(a)microchip.com> RISC-V: disallow gcc + rust builds David Sterba <dsterba(a)suse.com> MIPS: export __cmpxchg_small() Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: handle default profile on on devices without fullscreen 3D Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Sequential field availability check in mi_enum_attr() Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/swsmu: default to fullscreen 3D profile for dGPUs Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/swsmu: fix ordering for setting workload_mask Tejas Upadhyay <tejas.upadhyay(a)intel.com> drm/xe: Write all slices if its mcr register Tejas Upadhyay <tejas.upadhyay(a)intel.com> drm/xe: Define STATELESS_COMPRESSION_CTRL as mcr register Shekhar Chauhan <shekhar.chauhan(a)intel.com> drm/xe/xe2: Add performance turning changes Akshata Jahagirdar <akshata.jahagirdar(a)intel.com> drm/xe/xe2: Introduce performance changes Sai Teja Pottumuttu <sai.teja.pottumuttu(a)intel.com> drm/xe/xe2hpg: Introduce performance tuning changes for Xe2_HPG Tejas Upadhyay <tejas.upadhyay(a)intel.com> drm/xe: Move enable host l2 VRAM post MCR init Tejas Upadhyay <tejas.upadhyay(a)intel.com> drm/xe/xe2hpg: Add Wa_15016589081 Thomas Zimmermann <tzimmermann(a)suse.de> drm/xe: Support 'nomodeset' kernel command-line option Juha-Pekka Heikkila <juhapekka.heikkila(a)gmail.com> drm/i915/display: Don't enable decompression on Xe2 with Tile4 Jouni Högander <jouni.hogander(a)intel.com> drm/i915/psr: Prevent Panel Replay if CRC calculation is enabled Jani Nikula <jani.nikula(a)intel.com> drm/xe/display: drop unused rawclk_freq and RUNTIME_INFO() Jani Nikula <jani.nikula(a)intel.com> drm/i915: move rawclk from runtime to display runtime info Suraj Kandpal <suraj.kandpal(a)intel.com> drm/i915/pps: Disable DPLS_GATING around pps sequence Mitul Golani <mitulkumar.ajitkumar.golani(a)intel.com> drm/i915/display/dp: Compute AS SDP when vrr is also enabled Suraj Kandpal <suraj.kandpal(a)intel.com> drm/i915/dp: Clear VSC SDP during post ddi disable routine Suraj Kandpal <suraj.kandpal(a)intel.com> drm/i915/hdcp: Add encoder check in hdcp2_get_capability Suraj Kandpal <suraj.kandpal(a)intel.com> drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability Mitul Golani <mitulkumar.ajitkumar.golani(a)intel.com> drm/i915/display: WA for Re-initialize dispcnlunitt1 xosc clock Mitul Golani <mitulkumar.ajitkumar.golani(a)intel.com> drm/i915/display: Cache adpative sync caps to use it later Matthew Auld <matthew.auld(a)intel.com> drm/i915: disable fbc due to Wa_16023588340 Gustavo Sousa <gustavo.sousa(a)intel.com> drm/i915: Skip programming FIA link enable bits for MTL+ Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: x1e80100: fix PCIe4 and PCIe6a PHY clocks Abel Vesa <abel.vesa(a)linaro.org> arm64: dts: qcom: x1e80100: Add Broadcast_AND region in LLCC block Haibo Chen <haibo.chen(a)nxp.com> arm64: dts: imx8ulp: correct the flexspi compatible string Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: x1e80100-crd: fix nvme regulator boot glitch Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: x1e80100-qcp: fix nvme regulator boot glitch Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: x1e80100: fix PCIe4 interconnect Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: x1e80100-vivobook-s15: fix nvme regulator boot glitch Konrad Dybcio <konradybcio(a)kernel.org> arm64: dts: qcom: x1e80100: Fix up BAR spaces Johan Hovold <johan+linaro(a)kernel.org> arm64: dts: qcom: x1e80100-yoga-slim7x: fix nvme regulator boot glitch Fabien Parent <fabien.parent(a)linaro.org> arm64: dts: qcom: msm8939: revert use of APCS mbox for RPM Conor Dooley <conor.dooley(a)microchip.com> riscv: dts: starfive: disable unused csi/camss nodes E Shattow <e(a)freeshell.de> riscv: dts: starfive: Update ethernet phy0 delay parameter values for Star64 Yu Zhao <yuzhao(a)google.com> mm: multi-gen LRU: use {ptep,pmdp}_clear_young_notify() Zhiguo Jiang <justinjiang(a)vivo.com> mm: shrink skip folio mapped by an exiting process Yu Zhao <yuzhao(a)google.com> mm: multi-gen LRU: remove MM_LEAF_OLD and MM_NONLEAF_TOTAL stats Yuanchu Xie <yuanchu(a)google.com> mm: multi-gen LRU: ignore non-leaf pmd_young for force_scan=true Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: fix regression when re-registering input handlers Vlastimil Babka <vbabka(a)suse.cz> mm, mmap: limit THP alignment of anonymous mappings to PMD-aligned sizes Gregory Price <gourry(a)gourry.net> vmscan,migrate: fix page count imbalance on node stats when demoting pages Johan Hovold <johan+linaro(a)kernel.org> gpiolib: fix debugfs dangling chip separator Johan Hovold <johan+linaro(a)kernel.org> gpiolib: fix debugfs newline separators Filipe Manana <fdmanana(a)suse.com> btrfs: fix defrag not merging contiguous extents due to merged extent maps Filipe Manana <fdmanana(a)suse.com> btrfs: fix extent map merging not happening for adjacent extents Jens Axboe <axboe(a)kernel.dk> io_uring/rw: fix missing NOWAIT check for O_DIRECT start write Matthew Brost <matthew.brost(a)intel.com> drm/xe: Don't short circuit TDR on jobs not started Matthew Brost <matthew.brost(a)intel.com> drm/xe: Add mmio read before GGTT invalidate Michal Wajdeczko <michal.wajdeczko(a)intel.com> drm/xe: Kill regs/xe_sriov_regs.h Michal Wajdeczko <michal.wajdeczko(a)intel.com> drm/xe: Fix register definition order in xe_regs.h Jinjie Ruan <ruanjinjie(a)huawei.com> drm/tests: hdmi: Fix memory leaks in drm_display_mode_from_cea_vic() Jinjie Ruan <ruanjinjie(a)huawei.com> drm/connector: hdmi: Fix memory leak in drm_display_mode_from_cea_vic() Jinjie Ruan <ruanjinjie(a)huawei.com> drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() Andrey Konovalov <andreyknvl(a)gmail.com> kasan: remove vmalloc_percpu test Keith Busch <kbusch(a)kernel.org> nvme: re-fix error-handling for io_uring nvme-passthrough Vitaliy Shevtsov <v.shevtsov(a)maxima.ru> nvmet-auth: assign dh_key to NULL after kfree_sensitive Christoffer Sandberg <cs(a)tuxedo.de> ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 Christoffer Sandberg <cs(a)tuxedo.de> ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 Christoph Hellwig <hch(a)lst.de> xfs: fix finding a last resort AG in xfs_filestream_pick_ag Andrzej Kacprowski <Andrzej.Kacprowski(a)intel.com> accel/ivpu: Fix NOC firewall interrupt handling Zhihao Cheng <chengzhihao1(a)huawei.com> btrfs: fix use-after-free of block device file in __btrfs_free_extra_devids() Matt Johnston <matt(a)codeconstruct.com.au> mctp i2c: handle NULL header address Gregory Price <gourry(a)gourry.net> resource,kexec: walk_system_ram_res_rev must retain resource flags Edward Adam Davis <eadavis(a)qq.com> ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow Sabyrzhan Tasbolatov <snovitoll(a)gmail.com> x86/traps: move kmsan check after instrumentation_begin Gatlin Newhouse <gatlin.newhouse(a)gmail.com> x86/traps: Enable UBSAN traps on x86 Matt Fleming <mfleming(a)cloudflare.com> mm/page_alloc: let GFP_ATOMIC order-0 allocs access highatomic reserves Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> fork: only invoke khugepaged, ksm hooks if no error Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> fork: do not invoke uffd on fork if error occurs Alexander Usyskin <alexander.usyskin(a)intel.com> mei: use kvmalloc for read buffer Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: init: protect sched with rcu_read_lock Jarkko Sakkinen <jarkko(a)kernel.org> tpm: Lazily flush the auth session Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/smu13: fix profile reporting Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> drm/amd/pm: Vangogh: Fix kernel memory out of bounds write Jarkko Sakkinen <jarkko(a)kernel.org> tpm: Rollback tpm2_load_null() Jarkko Sakkinen <jarkko(a)kernel.org> tpm: Return tpm2_sessions_init() when null key creation fails Hugh Dickins <hughd(a)google.com> iov_iter: fix copy_page_from_iter_atomic() if KMAP_LOCAL_FORCE_MAP Benjamin Segall <bsegall(a)google.com> posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone Shawn Wang <shawnwang(a)linux.alibaba.com> sched/numa: Fix the potential null pointer dereference in task_numa_work() Dan Williams <dan.j.williams(a)intel.com> cxl/acpi: Ensure ports ready at cxl_acpi_probe() return Dan Williams <dan.j.williams(a)intel.com> cxl/port: Fix cxl_bus_rescan() vs bus_rescan_devices() Peter Wang <peter.wang(a)mediatek.com> scsi: ufs: core: Fix another deadlock during RTC update Chunyan Zhang <zhangchunyan(a)iscas.ac.cn> riscv: Remove duplicated GET_RM Chunyan Zhang <zhangchunyan(a)iscas.ac.cn> riscv: Remove unused GENERATING_ASM_OFFSETS WangYuli <wangyuli(a)uniontech.com> riscv: Use '%u' to format the output of 'cpu' Miquel Sabaté Solà <mikisabate(a)gmail.com> riscv: Prevent a bad reference count on CPU nodes Heinrich Schuchardt <heinrich.schuchardt(a)canonical.com> riscv: efi: Set NX compat flag in PE/COFF header Kailang Yang <kailang(a)realtek.com> ALSA: hda/realtek: Limit internal Mic boost on Dell platform Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: edt-ft5x06 - fix regmap leak when probe fails Alexandre Ghiti <alexghiti(a)rivosinc.com> riscv: vdso: Prevent the compiler from inserting calls to memset() Frank Li <Frank.Li(a)nxp.com> spi: spi-fsl-dspi: Fix crash when not using GPIO chip select Naohiro Aota <naohiro.aota(a)wdc.com> btrfs: fix error propagation of split bios Qu Wenruo <wqu(a)suse.com> btrfs: merge btrfs_orig_bbio_end_io() into btrfs_bio_end_io() Richard Zhu <hongxing.zhu(a)nxp.com> phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check Chen Ridong <chenridong(a)huawei.com> cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction Xinyu Zhang <xizhang(a)purestorage.com> block: fix sanity checks in blk_rq_map_user_bvec Ben Chuang <ben.chuang(a)genesyslogic.com.tw> mmc: sdhci-pci-gli: GL9767: Fix low power mode in the SD Express process Ben Chuang <ben.chuang(a)genesyslogic.com.tw> mmc: sdhci-pci-gli: GL9767: Fix low power mode on the set clock function Dan Williams <dan.j.williams(a)intel.com> cxl/port: Fix CXL port initialization order when the subsystem is built-in Dan Williams <dan.j.williams(a)intel.com> cxl/port: Fix use-after-free, permit out-of-order decoder shutdown Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com> soc: qcom: pmic_glink: Handle GLINK intent allocation rejections Gil Fine <gil.fine(a)linux.intel.com> thunderbolt: Honor TMU requirements in the domain when setting TMU mode Mika Westerberg <mika.westerberg(a)linux.intel.com> thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan() Conor Dooley <conor.dooley(a)microchip.com> firmware: microchip: auto-update: fix poll_complete() to not report spurious timeout errors Chen Ridong <chenridong(a)huawei.com> mm: shrinker: avoid memleak in alloc_shrinker_info Wladislav Wiebe <wladislav.kw(a)gmail.com> tools/mm: -Werror fixes in page-types/slabinfo Jeongjun Park <aha310510(a)gmail.com> mm: shmem: fix data-race in shmem_getattr() Yunhui Cui <cuiyunhui(a)bytedance.com> RISC-V: ACPI: fix early_ioremap to early_memremap Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix potential deadlock with newly created symlinks Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix kernel bug due to missing clearing of checked flag Javier Carrasco <javier.carrasco.cruz(a)gmail.com> iio: light: veml6030: fix microlux value calculation Jinjie Ruan <ruanjinjie(a)huawei.com> iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() Jinjie Ruan <ruanjinjie(a)huawei.com> iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() Zicheng Qu <quzicheng(a)huawei.com> iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() Julien Stephan <jstephan(a)baylibre.com> dt-bindings: iio: adc: ad7380: fix ad7380-4 reference supply Zicheng Qu <quzicheng(a)huawei.com> staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: mvm: fix 6 GHz scan construction Ville Syrjälä <ville.syrjala(a)linux.intel.com> wifi: iwlegacy: Clear stale interrupts before resuming device Johannes Berg <johannes.berg(a)intel.com> wifi: cfg80211: clear wdev->cqm_config pointer on free Manikanta Pubbisetty <quic_mpubbise(a)quicinc.com> wifi: ath10k: Fix memory leak in management tx Felix Fietkau <nbd(a)nbd.name> wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower Edward Liaw <edliaw(a)google.com> Revert "selftests/mm: replace atomic_bool with pthread_barrier_t" Edward Liaw <edliaw(a)google.com> Revert "selftests/mm: fix deadlock for fork after pthread_create on ARM" Ovidiu Bunea <Ovidiu.Bunea(a)amd.com> Revert "drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35" Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "driver core: Fix uevent_show() vs driver detach race" Basavaraj Natikar <Basavaraj.Natikar(a)amd.com> xhci: Use pm_runtime_get to prevent RPM on unsupported systems Faisal Hassan <quic_faisalh(a)quicinc.com> xhci: Fix Link TRB DMA in command ring stopped completion event Johan Hovold <johan+linaro(a)kernel.org> phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend Johan Hovold <johan+linaro(a)kernel.org> phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend Johan Hovold <johan+linaro(a)kernel.org> phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Javier Carrasco <javier.carrasco.cruz(a)gmail.com> usb: typec: qcom-pmic-typec: fix missing fwnode removal in error path Javier Carrasco <javier.carrasco.cruz(a)gmail.com> usb: typec: qcom-pmic-typec: use fwnode_handle_put() to release fwnodes Amit Sunil Dhamne <amitsd(a)google.com> usb: typec: tcpm: restrict SNK_WAIT_CAPABILITIES_TIMEOUT transitions to non self-powered devices Javier Carrasco <javier.carrasco.cruz(a)gmail.com> usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() Zijun Hu <quic_zijuhu(a)quicinc.com> usb: phy: Fix API devm_usb_put_phy() can not release the phy Zongmin Zhou <zhouzongmin(a)kylinos.cn> usbip: tools: Fix detach_port() invalid port error path Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtlwifi: rtl8192du: Don't claim USB ID 0bda:8171 Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Add quirks for Dell WD19 dock Chuck Lever <chuck.lever(a)oracle.com> rpcrdma: Always release the rpcrdma_device's xa_array Chuck Lever <chuck.lever(a)oracle.com> NFSD: Never decrement pending_async_copies on error Chuck Lever <chuck.lever(a)oracle.com> NFSD: Initialize struct nfsd4_copy earlier Dimitri Sivanich <sivanich(a)hpe.com> misc: sgi-gru: Don't disable preemption in GRU driver Dai Ngo <dai.ngo(a)oracle.com> NFS: remove revoked delegation from server's delegation list Daniel Palmer <daniel(a)0x0f.com> net: amd: mvme147: Fix probe banner message Zhang Rui <rui.zhang(a)intel.com> thermal: intel: int340x: processor: Add MMIO RAPL PL4 support Zhang Rui <rui.zhang(a)intel.com> thermal: intel: int340x: processor: Remove MMIO RAPL CPU hotplug support Sumeet Pawnikar <sumeet.r.pawnikar(a)intel.com> powercap: intel_rapl_msr: Add PL4 support for Arrowlake-U Hans de Goede <hdegoede(a)redhat.com> ACPI: resource: Fold Asus Vivobook Pro N6506M* DMI quirks together Pali Rohár <pali(a)kernel.org> cifs: Fix creating native symlinks pointing to current or parent directory Pali Rohár <pali(a)kernel.org> cifs: Improve creating native symlinks pointing to directory Benjamin Marzinski <bmarzins(a)redhat.com> scsi: scsi_transport_fc: Allow setting rport state to current state Guilherme Giacomo Simoes <trintaeoitogc(a)gmail.com> rust: device: change the from_raw() function Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Additional check in ntfs_file_release Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix general protection fault in run_is_mapped_full Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Additional check in ni_clear() Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix possible deadlock in mi_read Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Add rough attr alloc_size check Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Stale inode instead of bad Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix warning possible deadlock in ntfs_set_state Andrew Ballance <andrewjballance(a)gmail.com> fs/ntfs3: Check if more than chunk-size bytes are written lei lu <llfamsec(a)gmail.com> ntfs3: Add bounds checking to mi_enum_attr() Boris Brezillon <boris.brezillon(a)collabora.com> drm/panthor: Report group as timedout when we fail to properly suspend Boris Brezillon <boris.brezillon(a)collabora.com> drm/panthor: Fail job creation when the group is dead Boris Brezillon <boris.brezillon(a)collabora.com> drm/panthor: Fix firmware initialization on systems with a page size > 4k Keith Busch <kbusch(a)kernel.org> nvme: module parameter to disable pi with offsets Jason Gunthorpe <jgg(a)ziepe.ca> PCI: Fix pci_enable_acs() support for the ACS quirks Shiju Jose <shiju.jose(a)huawei.com> cxl/events: Fix Trace DRAM Event Record Dan Carpenter <dan.carpenter(a)linaro.org> drm/tegra: Fix NULL vs IS_ERR() check in probe() Dan Carpenter <dan.carpenter(a)linaro.org> drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() Chun-Kuang Hu <chunkuang.hu(a)kernel.org> drm/mediatek: Use cmdq_pkt_create() and cmdq_pkt_destroy() Liankun Yang <liankun.yang(a)mediatek.com> drm/mediatek: Fix get efuse issue for MT8188 DPTX Hsin-Te Yuan <yuanhsinte(a)chromium.org> drm/mediatek: Fix color format MACROs in OVL Jason-JH.Lin <jason-jh.lin(a)mediatek.com> drm/mediatek: ovl: Remove the color format comment for ovl_fmt_convert() Paulo Alcantara <pc(a)manguebit.com> smb: client: set correct device number on nfs reparse points Paulo Alcantara <pc(a)manguebit.com> smb: client: fix parsing of device numbers Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> gpio: sloppy-logic-analyzer: Check for error code from devm_mutex_init() call Pierre Gondois <pierre.gondois(a)arm.com> ACPI: CPPC: Make rmw_lock a raw_spin_lock David Howells <dhowells(a)redhat.com> afs: Fix missing subdir edit when renamed between parent dirs Xiongfeng Wang <wangxiongfeng2(a)huawei.com> firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() Marco Elver <elver(a)google.com> kasan: Fix Software Tag-Based KASAN with GCC Christoph Hellwig <hch(a)lst.de> iomap: turn iomap_want_unshare_iter into an inline function Darrick J. Wong <djwong(a)kernel.org> fsdax: dax_unshare_iter needs to copy entire blocks Darrick J. Wong <djwong(a)kernel.org> fsdax: remove zeroing code from dax_unshare_iter Darrick J. Wong <djwong(a)kernel.org> iomap: share iomap_unshare_iter predicate code with fsdax Darrick J. Wong <djwong(a)kernel.org> iomap: don't bother unsharing delalloc extents Christoph Hellwig <hch(a)lst.de> iomap: improve shared block detection in iomap_unshare_iter Toke Høiland-Jørgensen <toke(a)redhat.com> bpf, test_run: Fix LIVE_FRAME frame update after a page has been recycled Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_payload: sanitize offset and length before calling skb_checksum() Daniel Golle <daniel(a)makrotopia.org> net: ethernet: mtk_wed: fix path of MT7988 WO firmware Ido Schimmel <idosch(a)nvidia.com> mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address Amit Cohen <amcohen(a)nvidia.com> mlxsw: pci: Sync Rx buffers for device Amit Cohen <amcohen(a)nvidia.com> mlxsw: pci: Sync Rx buffers for CPU Amit Cohen <amcohen(a)nvidia.com> mlxsw: spectrum_ptp: Add missing verification before pushing Tx header Benoît Monin <benoit.monin(a)gmx.fr> net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension Hou Tao <houtao1(a)huawei.com> bpf: Check the validity of nr_words in bpf_iter_bits_new() Hou Tao <houtao1(a)huawei.com> bpf: Add bpf_mem_alloc_check_size() helper Hou Tao <houtao1(a)huawei.com> bpf: Free dynamically allocated bits in bpf_iter_bits_destroy() Sungwoo Kim <iam(a)sung-woo.kim> Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs Eric Dumazet <edumazet(a)google.com> netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() Dong Chenchen <dongchenchen2(a)huawei.com> netfilter: Fix use-after-free in get_info() Wang Liang <wangliang74(a)huawei.com> net: fix crash when config small gso_max_size/gso_ipv4_max_size Byeonguk Jeong <jungbu2855(a)gmail.com> bpf: Fix out-of-bounds write in trie_get_next_key() Vladimir Oltean <vladimir.oltean(a)nxp.com> net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext() Zichen Xie <zichenxie0106(a)gmail.com> netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() Eduard Zingerman <eddyz87(a)gmail.com> bpf: Force checkpoint when jmp history is too long Pedro Tammela <pctammela(a)mojatatu.com> net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: allow -1 to be specified as file description from userspace Ido Schimmel <idosch(a)nvidia.com> ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() Ido Schimmel <idosch(a)nvidia.com> ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() Arkadiusz Kubalewski <arkadiusz.kubalewski(a)intel.com> ice: fix crash on probe for DPLL enabled E810 LOM Arkadiusz Kubalewski <arkadiusz.kubalewski(a)intel.com> ice: add callbacks for Embedded SYNC enablement on dpll pins Arkadiusz Kubalewski <arkadiusz.kubalewski(a)intel.com> dpll: add Embedded SYNC feature for a pin Wander Lairson Costa <wander(a)redhat.com> igb: Disable threaded IRQ for igb_msix_other Furong Xu <0x1207(a)gmail.com> net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data Ley Foon Tan <leyfoon.tan(a)starfivetech.com> net: stmmac: dwmac4: Fix high address display by updating reg_space[] from register values Cong Wang <cong.wang(a)bytedance.com> sock_map: fix a NULL pointer dereference in sock_map_link_update_prog() Aleksei Vetrov <vvvvvv(a)google.com> ASoC: dapm: fix bounds checker error in dapm_widget_list_create Jianbo Liu <jianbol(a)nvidia.com> macsec: Fix use-after-free while sending the offloading packet Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> Revert "wifi: iwlwifi: remove retry loops in start" Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: iwlwifi: mvm: don't add default link in fw restart flow Daniel Gabay <daniel.gabay(a)intel.com> wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() Miri Korenblit <miriam.rachel.korenblit(a)intel.com> wifi: iwlwifi: mvm: really send iwl_txpower_constraints_cmd Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: iwlwifi: mvm: don't leak a link on AP removal Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: synchronize the qp-handle table array Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix the usage of control path spin locks Patrisious Haddad <phaddad(a)nvidia.com> RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down Leon Romanovsky <leon(a)kernel.org> RDMA/cxgb4: Dump vendor specific QP details Geert Uytterhoeven <geert(a)linux-m68k.org> wifi: brcm80211: BRCM_TRACING should depend on TRACING Ping-Ke Shih <pkshih(a)realtek.com> wifi: rtw89: pci: early chips only enable 36-bit DMA on specific PCI hosts Remi Pommarel <repk(a)triplefau.lt> wifi: ath11k: Fix invalid ring usage in full monitor mode Felix Fietkau <nbd(a)nbd.name> wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys Geert Uytterhoeven <geert(a)linux-m68k.org> mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING Ben Hutchings <ben(a)decadent.org.uk> wifi: iwlegacy: Fix "field-spanning write" warning in il_enqueue_hcmd() John Garry <john.g.garry(a)oracle.com> scsi: scsi_debug: Fix do_device_access() handling of unexpected SG copy length Arnaldo Carvalho de Melo <acme(a)redhat.com> perf python: Fix up the build on architectures without HAVE_KVM_STAT_SUPPORT Jiri Slaby <jirislaby(a)kernel.org> perf trace: Fix non-listed archs in the syscalltbl routines Pei Xiao <xiaopei01(a)kylinos.cn> slub/kunit: fix a WARNING due to unwrapped __kmalloc_cache_noprof Georgi Djakov <djakov(a)kernel.org> spi: geni-qcom: Fix boot warning related to pm_runtime and devres Xiu Jianfeng <xiujianfeng(a)huawei.com> cgroup: Fix potential overflow issue when checking max_depth Frank Min <Frank.Min(a)amd.com> drm/amdgpu: fix random data corruption for sdma 7 ------------- Diffstat: .../devicetree/bindings/iio/adc/adi,ad7380.yaml | 21 ++ Documentation/driver-api/dpll.rst | 21 ++ Documentation/netlink/specs/dpll.yaml | 24 ++ Documentation/rust/arch-support.rst | 2 +- Makefile | 4 +- arch/arm64/boot/dts/freescale/imx8ulp.dtsi | 2 +- arch/arm64/boot/dts/qcom/msm8939.dtsi | 2 +- .../boot/dts/qcom/x1e80100-asus-vivobook-s15.dts | 2 + arch/arm64/boot/dts/qcom/x1e80100-crd.dts | 2 + .../boot/dts/qcom/x1e80100-lenovo-yoga-slim7x.dts | 2 + arch/arm64/boot/dts/qcom/x1e80100-qcp.dts | 2 + arch/arm64/boot/dts/qcom/x1e80100.dtsi | 34 ++- arch/mips/kernel/cmpxchg.c | 1 + arch/riscv/Kconfig | 2 +- arch/riscv/boot/dts/starfive/jh7110-common.dtsi | 2 - .../boot/dts/starfive/jh7110-pine64-star64.dts | 3 +- arch/riscv/kernel/acpi.c | 4 +- arch/riscv/kernel/asm-offsets.c | 2 - arch/riscv/kernel/cacheinfo.c | 7 +- arch/riscv/kernel/cpu-hotplug.c | 2 +- arch/riscv/kernel/efi-header.S | 2 +- arch/riscv/kernel/traps_misaligned.c | 2 - arch/riscv/kernel/vdso/Makefile | 1 + arch/x86/include/asm/bug.h | 12 + arch/x86/kernel/traps.c | 71 ++++- block/blk-map.c | 4 +- drivers/accel/ivpu/ivpu_debugfs.c | 9 + drivers/accel/ivpu/ivpu_hw.c | 1 + drivers/accel/ivpu/ivpu_hw.h | 1 + drivers/accel/ivpu/ivpu_hw_ip.c | 5 +- drivers/acpi/cppc_acpi.c | 9 +- drivers/acpi/resource.c | 18 +- drivers/base/core.c | 48 +++- drivers/base/module.c | 4 - drivers/char/tpm/tpm-chip.c | 10 + drivers/char/tpm/tpm-dev-common.c | 3 + drivers/char/tpm/tpm-interface.c | 6 +- drivers/char/tpm/tpm2-sessions.c | 100 ++++--- drivers/cxl/Kconfig | 1 + drivers/cxl/Makefile | 20 +- drivers/cxl/acpi.c | 7 + drivers/cxl/core/hdm.c | 50 +++- drivers/cxl/core/port.c | 13 +- drivers/cxl/core/region.c | 48 +--- drivers/cxl/core/trace.h | 17 +- drivers/cxl/cxl.h | 3 +- drivers/cxl/port.c | 17 +- drivers/dpll/dpll_netlink.c | 130 +++++++++ drivers/dpll/dpll_nl.c | 5 +- drivers/firmware/arm_sdei.c | 2 +- drivers/firmware/microchip/mpfs-auto-update.c | 42 +-- drivers/gpio/gpio-sloppy-logic-analyzer.c | 4 +- drivers/gpio/gpiolib.c | 4 +- drivers/gpu/drm/amd/amdgpu/sdma_v7_0.c | 9 +- drivers/gpu/drm/amd/display/dc/dml2/dml2_policy.c | 1 + drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 15 +- drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 4 +- .../gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c | 6 +- drivers/gpu/drm/i915/display/intel_alpm.c | 2 +- drivers/gpu/drm/i915/display/intel_backlight.c | 10 +- .../gpu/drm/i915/display/intel_display_device.c | 5 + .../gpu/drm/i915/display/intel_display_device.h | 2 + drivers/gpu/drm/i915/display/intel_display_power.c | 8 + .../drm/i915/display/intel_display_power_well.c | 4 +- drivers/gpu/drm/i915/display/intel_display_types.h | 1 + drivers/gpu/drm/i915/display/intel_display_wa.h | 8 + drivers/gpu/drm/i915/display/intel_dp.c | 29 +- drivers/gpu/drm/i915/display/intel_dp.h | 1 - drivers/gpu/drm/i915/display/intel_dp_aux.c | 4 +- drivers/gpu/drm/i915/display/intel_dp_hdcp.c | 11 +- drivers/gpu/drm/i915/display/intel_fbc.c | 6 + drivers/gpu/drm/i915/display/intel_hdcp.c | 7 +- drivers/gpu/drm/i915/display/intel_pps.c | 14 +- drivers/gpu/drm/i915/display/intel_psr.c | 6 + drivers/gpu/drm/i915/display/intel_tc.c | 3 + drivers/gpu/drm/i915/display/intel_vrr.c | 3 +- drivers/gpu/drm/i915/display/skl_universal_plane.c | 5 - drivers/gpu/drm/i915/intel_device_info.c | 5 - drivers/gpu/drm/i915/intel_device_info.h | 2 - drivers/gpu/drm/mediatek/mtk_crtc.c | 47 +--- drivers/gpu/drm/mediatek/mtk_disp_ovl.c | 9 +- drivers/gpu/drm/mediatek/mtk_dp.c | 85 +++++- drivers/gpu/drm/panthor/panthor_fw.c | 4 +- drivers/gpu/drm/panthor/panthor_gem.c | 11 +- drivers/gpu/drm/panthor/panthor_mmu.c | 16 +- drivers/gpu/drm/panthor/panthor_mmu.h | 1 + drivers/gpu/drm/panthor/panthor_sched.c | 20 +- drivers/gpu/drm/tegra/drm.c | 4 +- drivers/gpu/drm/tests/drm_connector_test.c | 24 +- drivers/gpu/drm/tests/drm_hdmi_state_helper_test.c | 8 +- drivers/gpu/drm/tests/drm_kunit_helpers.c | 42 +++ drivers/gpu/drm/xe/Makefile | 1 + drivers/gpu/drm/xe/compat-i915-headers/i915_drv.h | 1 - drivers/gpu/drm/xe/display/xe_display_wa.c | 16 ++ drivers/gpu/drm/xe/regs/xe_gt_regs.h | 17 +- drivers/gpu/drm/xe/regs/xe_regs.h | 10 +- drivers/gpu/drm/xe/regs/xe_sriov_regs.h | 23 -- drivers/gpu/drm/xe/xe_device_types.h | 6 - drivers/gpu/drm/xe/xe_ggtt.c | 10 + drivers/gpu/drm/xe/xe_gt.c | 10 +- drivers/gpu/drm/xe/xe_gt_sriov_pf.c | 2 +- drivers/gpu/drm/xe/xe_guc_submit.c | 18 +- drivers/gpu/drm/xe/xe_lmtt.c | 2 +- drivers/gpu/drm/xe/xe_module.c | 39 ++- drivers/gpu/drm/xe/xe_sriov.c | 2 +- drivers/gpu/drm/xe/xe_tuning.c | 21 +- drivers/gpu/drm/xe/xe_wa.c | 4 + drivers/iio/adc/ad7124.c | 2 +- drivers/iio/industrialio-gts-helper.c | 4 +- drivers/iio/light/veml6030.c | 2 +- drivers/infiniband/hw/bnxt_re/qplib_fp.c | 4 + drivers/infiniband/hw/bnxt_re/qplib_rcfw.c | 38 +-- drivers/infiniband/hw/bnxt_re/qplib_rcfw.h | 2 + drivers/infiniband/hw/cxgb4/provider.c | 1 + drivers/infiniband/hw/mlx5/qp.c | 4 +- drivers/input/input.c | 134 +++++----- drivers/input/touchscreen/edt-ft5x06.c | 19 +- drivers/misc/mei/client.c | 4 +- drivers/misc/sgi-gru/grukservices.c | 2 - drivers/misc/sgi-gru/grumain.c | 4 - drivers/misc/sgi-gru/grutlbpurge.c | 2 - drivers/mmc/host/sdhci-pci-gli.c | 38 ++- drivers/net/ethernet/amd/mvme147.c | 7 +- drivers/net/ethernet/intel/ice/ice_dpll.c | 293 ++++++++++++++++++++- drivers/net/ethernet/intel/ice/ice_dpll.h | 1 + drivers/net/ethernet/intel/ice/ice_ptp_hw.c | 21 +- drivers/net/ethernet/intel/ice/ice_ptp_hw.h | 1 + drivers/net/ethernet/intel/igb/igb_main.c | 2 +- drivers/net/ethernet/mediatek/mtk_wed_wo.h | 4 +- drivers/net/ethernet/mellanox/mlxsw/pci.c | 25 +- .../net/ethernet/mellanox/mlxsw/spectrum_ipip.c | 26 +- drivers/net/ethernet/mellanox/mlxsw/spectrum_ptp.c | 7 + drivers/net/ethernet/stmicro/stmmac/dwmac4_dma.c | 8 + drivers/net/ethernet/stmicro/stmmac/dwmac4_dma.h | 2 + drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 22 +- drivers/net/gtp.c | 22 +- drivers/net/macsec.c | 3 +- drivers/net/mctp/mctp-i2c.c | 3 + drivers/net/netdevsim/fib.c | 4 +- drivers/net/wireless/ath/ath10k/wmi-tlv.c | 7 +- drivers/net/wireless/ath/ath10k/wmi.c | 2 + drivers/net/wireless/ath/ath11k/dp_rx.c | 7 +- drivers/net/wireless/broadcom/brcm80211/Kconfig | 1 + drivers/net/wireless/intel/iwlegacy/common.c | 15 +- drivers/net/wireless/intel/iwlegacy/common.h | 12 + drivers/net/wireless/intel/iwlwifi/iwl-drv.c | 34 ++- drivers/net/wireless/intel/iwlwifi/iwl-drv.h | 3 + drivers/net/wireless/intel/iwlwifi/mvm/fw.c | 10 +- drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 12 +- .../net/wireless/intel/iwlwifi/mvm/mld-mac80211.c | 34 ++- drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8192du/sw.c | 1 - drivers/net/wireless/realtek/rtw89/pci.c | 48 +++- drivers/nvme/host/core.c | 19 +- drivers/nvme/host/ioctl.c | 7 +- drivers/nvme/target/auth.c | 1 + drivers/pci/pci.c | 14 +- drivers/phy/freescale/phy-fsl-imx8m-pcie.c | 10 +- drivers/phy/qualcomm/phy-qcom-qmp-usb-legacy.c | 1 + drivers/phy/qualcomm/phy-qcom-qmp-usb.c | 1 + drivers/phy/qualcomm/phy-qcom-qmp-usbc.c | 1 + drivers/powercap/intel_rapl_msr.c | 1 + drivers/scsi/scsi_debug.c | 10 +- drivers/scsi/scsi_transport_fc.c | 4 +- drivers/soc/qcom/pmic_glink.c | 25 +- drivers/spi/spi-fsl-dspi.c | 6 +- drivers/spi/spi-geni-qcom.c | 8 +- drivers/staging/iio/frequency/ad9832.c | 7 +- .../intel/int340x_thermal/processor_thermal_rapl.c | 70 ++--- drivers/thunderbolt/retimer.c | 5 +- drivers/thunderbolt/tb.c | 48 +++- drivers/ufs/core/ufshcd.c | 2 +- drivers/usb/host/xhci-pci.c | 6 +- drivers/usb/host/xhci-ring.c | 16 +- drivers/usb/phy/phy.c | 2 +- drivers/usb/typec/class.c | 1 + drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c | 10 +- drivers/usb/typec/tcpm/tcpm.c | 10 +- fs/afs/dir.c | 25 ++ fs/afs/dir_edit.c | 91 ++++++- fs/afs/internal.h | 2 + fs/btrfs/bio.c | 62 ++--- fs/btrfs/bio.h | 3 + fs/btrfs/defrag.c | 10 +- fs/btrfs/extent_map.c | 7 +- fs/btrfs/volumes.c | 1 + fs/dax.c | 49 ++-- fs/iomap/buffered-io.c | 7 +- fs/nfs/delegation.c | 5 + fs/nfsd/nfs4proc.c | 10 +- fs/nilfs2/namei.c | 3 + fs/nilfs2/page.c | 1 + fs/ntfs3/file.c | 9 +- fs/ntfs3/frecord.c | 4 +- fs/ntfs3/inode.c | 15 +- fs/ntfs3/lznt.c | 3 + fs/ntfs3/namei.c | 2 +- fs/ntfs3/ntfs_fs.h | 2 +- fs/ntfs3/record.c | 31 ++- fs/ocfs2/file.c | 8 + fs/smb/client/cifs_unicode.c | 17 +- fs/smb/client/reparse.c | 174 +++++++++++- fs/smb/client/reparse.h | 9 +- fs/smb/client/smb2inode.c | 3 +- fs/smb/client/smb2proto.h | 1 + fs/userfaultfd.c | 28 ++ fs/xfs/xfs_filestream.c | 23 +- fs/xfs/xfs_trace.h | 15 +- include/acpi/cppc_acpi.h | 2 +- include/drm/drm_kunit_helpers.h | 4 + include/linux/bpf_mem_alloc.h | 3 + include/linux/compiler-gcc.h | 4 + include/linux/device.h | 3 + include/linux/dpll.h | 15 ++ include/linux/input.h | 10 +- include/linux/iomap.h | 19 ++ include/linux/ksm.h | 10 +- include/linux/mmzone.h | 7 +- include/linux/rcutiny.h | 5 + include/linux/rcutree.h | 1 + include/linux/tick.h | 8 + include/linux/ubsan.h | 5 + include/linux/userfaultfd_k.h | 5 + include/net/ip_tunnels.h | 2 +- include/trace/events/afs.h | 7 +- include/uapi/linux/dpll.h | 3 + io_uring/rw.c | 23 +- kernel/bpf/cgroup.c | 19 +- kernel/bpf/helpers.c | 21 +- kernel/bpf/lpm_trie.c | 2 +- kernel/bpf/memalloc.c | 14 +- kernel/bpf/verifier.c | 9 +- kernel/cgroup/cgroup.c | 4 +- kernel/fork.c | 14 +- kernel/rcu/tree.c | 118 ++++++++- kernel/resource.c | 4 +- kernel/sched/fair.c | 4 +- lib/Kconfig.ubsan | 4 +- lib/codetag.c | 3 + lib/iov_iter.c | 6 +- lib/slub_kunit.c | 2 +- mm/kasan/kasan_test.c | 27 -- mm/migrate.c | 2 +- mm/mmap.c | 3 +- mm/page_alloc.c | 10 +- mm/rmap.c | 24 +- mm/shmem.c | 2 + mm/shrinker.c | 8 +- mm/vmscan.c | 109 ++++---- net/bluetooth/hci_sync.c | 18 +- net/bpf/test_run.c | 1 + net/core/dev.c | 4 + net/core/rtnetlink.c | 4 +- net/core/sock_map.c | 4 + net/ipv4/ip_tunnel.c | 2 +- net/ipv6/netfilter/nf_reject_ipv6.c | 15 +- net/mac80211/Kconfig | 2 +- net/mac80211/cfg.c | 3 +- net/mac80211/key.c | 42 +-- net/mptcp/protocol.c | 2 + net/netfilter/nft_payload.c | 3 + net/netfilter/x_tables.c | 2 +- net/sched/cls_api.c | 1 + net/sched/sch_api.c | 2 +- net/sunrpc/xprtrdma/ib_client.c | 1 + net/wireless/core.c | 1 + rust/kernel/device.rs | 15 +- rust/kernel/firmware.rs | 2 +- sound/pci/hda/patch_realtek.c | 23 +- sound/soc/codecs/cs42l51.c | 7 +- sound/soc/soc-dapm.c | 2 + sound/usb/mixer_quirks.c | 3 + tools/mm/page-types.c | 9 +- tools/mm/slabinfo.c | 4 +- tools/perf/util/python.c | 3 + tools/perf/util/syscalltbl.c | 10 + tools/testing/cxl/test/cxl.c | 14 +- tools/testing/selftests/mm/uffd-common.c | 5 +- tools/testing/selftests/mm/uffd-common.h | 3 +- tools/testing/selftests/mm/uffd-unit-tests.c | 21 +- tools/usb/usbip/src/usbip_detach.c | 1 + 281 files changed, 2933 insertions(+), 1083 deletions(-)

10 months, 1 week

14
16
0 0

[PATCH v6.1 1/1] net: sched: use RCU read-side critical section in taprio_dump()

by Lee Jones

From: Dmitry Antipov <dmantipov(a)yandex.ru> [ Upstream commit b22db8b8befe90b61c98626ca1a2fbb0505e9fe3 ] Fix possible use-after-free in 'taprio_dump()' by adding RCU read-side critical section there. Never seen on x86 but found on a KASAN-enabled arm64 system when investigating https://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa: [T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0 [T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862 [T15862] [T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2 [T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024 [T15862] Call trace: [T15862] dump_backtrace+0x20c/0x220 [T15862] show_stack+0x2c/0x40 [T15862] dump_stack_lvl+0xf8/0x174 [T15862] print_report+0x170/0x4d8 [T15862] kasan_report+0xb8/0x1d4 [T15862] __asan_report_load4_noabort+0x20/0x2c [T15862] taprio_dump+0xa0c/0xbb0 [T15862] tc_fill_qdisc+0x540/0x1020 [T15862] qdisc_notify.isra.0+0x330/0x3a0 [T15862] tc_modify_qdisc+0x7b8/0x1838 [T15862] rtnetlink_rcv_msg+0x3c8/0xc20 [T15862] netlink_rcv_skb+0x1f8/0x3d4 [T15862] rtnetlink_rcv+0x28/0x40 [T15862] netlink_unicast+0x51c/0x790 [T15862] netlink_sendmsg+0x79c/0xc20 [T15862] __sock_sendmsg+0xe0/0x1a0 [T15862] ____sys_sendmsg+0x6c0/0x840 [T15862] ___sys_sendmsg+0x1ac/0x1f0 [T15862] __sys_sendmsg+0x110/0x1d0 [T15862] __arm64_sys_sendmsg+0x74/0xb0 [T15862] invoke_syscall+0x88/0x2e0 [T15862] el0_svc_common.constprop.0+0xe4/0x2a0 [T15862] do_el0_svc+0x44/0x60 [T15862] el0_svc+0x50/0x184 [T15862] el0t_64_sync_handler+0x120/0x12c [T15862] el0t_64_sync+0x190/0x194 [T15862] [T15862] Allocated by task 15857: [T15862] kasan_save_stack+0x3c/0x70 [T15862] kasan_save_track+0x20/0x3c [T15862] kasan_save_alloc_info+0x40/0x60 [T15862] __kasan_kmalloc+0xd4/0xe0 [T15862] __kmalloc_cache_noprof+0x194/0x334 [T15862] taprio_change+0x45c/0x2fe0 [T15862] tc_modify_qdisc+0x6a8/0x1838 [T15862] rtnetlink_rcv_msg+0x3c8/0xc20 [T15862] netlink_rcv_skb+0x1f8/0x3d4 [T15862] rtnetlink_rcv+0x28/0x40 [T15862] netlink_unicast+0x51c/0x790 [T15862] netlink_sendmsg+0x79c/0xc20 [T15862] __sock_sendmsg+0xe0/0x1a0 [T15862] ____sys_sendmsg+0x6c0/0x840 [T15862] ___sys_sendmsg+0x1ac/0x1f0 [T15862] __sys_sendmsg+0x110/0x1d0 [T15862] __arm64_sys_sendmsg+0x74/0xb0 [T15862] invoke_syscall+0x88/0x2e0 [T15862] el0_svc_common.constprop.0+0xe4/0x2a0 [T15862] do_el0_svc+0x44/0x60 [T15862] el0_svc+0x50/0x184 [T15862] el0t_64_sync_handler+0x120/0x12c [T15862] el0t_64_sync+0x190/0x194 [T15862] [T15862] Freed by task 6192: [T15862] kasan_save_stack+0x3c/0x70 [T15862] kasan_save_track+0x20/0x3c [T15862] kasan_save_free_info+0x4c/0x80 [T15862] poison_slab_object+0x110/0x160 [T15862] __kasan_slab_free+0x3c/0x74 [T15862] kfree+0x134/0x3c0 [T15862] taprio_free_sched_cb+0x18c/0x220 [T15862] rcu_core+0x920/0x1b7c [T15862] rcu_core_si+0x10/0x1c [T15862] handle_softirqs+0x2e8/0xd64 [T15862] __do_softirq+0x14/0x20 Fixes: 18cdd2f0998a ("net/sched: taprio: taprio_dump and taprio_change are protected by rtnl_mutex") Acked-by: Vinicius Costa Gomes <vinicius.gomes(a)intel.com> Signed-off-by: Dmitry Antipov <dmantipov(a)yandex.ru> Link: https://patch.msgid.link/20241018051339.418890-2-dmantipov@yandex.ru Signed-off-by: Paolo Abeni <pabeni(a)redhat.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> (cherry picked from commit 5d282467245f267c0b9ada3f7f309ff838521536) [Lee: Backported from linux-6.6.y to linux-6.1.y and fixed conflicts] Signed-off-by: Lee Jones <lee(a)kernel.org> --- net/sched/sch_taprio.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/net/sched/sch_taprio.c b/net/sched/sch_taprio.c index 212fef2b72f5..1d5cdc987abd 100644 --- a/net/sched/sch_taprio.c +++ b/net/sched/sch_taprio.c @@ -1995,9 +1995,6 @@ static int taprio_dump(struct Qdisc *sch, struct sk_buff *skb) struct nlattr *nest, *sched_nest; unsigned int i; - oper = rtnl_dereference(q->oper_sched); - admin = rtnl_dereference(q->admin_sched); - opt.num_tc = netdev_get_num_tc(dev); memcpy(opt.prio_tc_map, dev->prio_tc_map, sizeof(opt.prio_tc_map)); @@ -2024,18 +2021,23 @@ static int taprio_dump(struct Qdisc *sch, struct sk_buff *skb) nla_put_u32(skb, TCA_TAPRIO_ATTR_TXTIME_DELAY, q->txtime_delay)) goto options_error; + rcu_read_lock(); + + oper = rtnl_dereference(q->oper_sched); + admin = rtnl_dereference(q->admin_sched); + if (taprio_dump_tc_entries(q, skb)) - goto options_error; + goto options_error_rcu; if (oper && dump_schedule(skb, oper)) - goto options_error; + goto options_error_rcu; if (!admin) goto done; sched_nest = nla_nest_start_noflag(skb, TCA_TAPRIO_ATTR_ADMIN_SCHED); if (!sched_nest) - goto options_error; + goto options_error_rcu; if (dump_schedule(skb, admin)) goto admin_error; @@ -2043,11 +2045,15 @@ static int taprio_dump(struct Qdisc *sch, struct sk_buff *skb) nla_nest_end(skb, sched_nest); done: + rcu_read_unlock(); return nla_nest_end(skb, nest); admin_error: nla_nest_cancel(skb, sched_nest); +options_error_rcu: + rcu_read_unlock(); + options_error: nla_nest_cancel(skb, nest); -- 2.47.0.277.g8800431eea-goog

10 months, 1 week

3
3
0 0

[PATCH 5.15 00/73] 5.15.171-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.171 release. There are 73 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 08 Nov 2024 12:02:47 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.171-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.171-rc1 Johannes Berg <johannes.berg(a)intel.com> mac80211: always have ieee80211_sta_restart() Jeongjun Park <aha310510(a)gmail.com> vt: prevent kernel-infoleak in con_font_get() Rob Clark <robdclark(a)chromium.org> drm/i915: Fix potential context UAFs Jason-JH.Lin <jason-jh.lin(a)mediatek.com> Revert "drm/mipi-dsi: Set the fwnode for mipi_dsi_device" Jeongjun Park <aha310510(a)gmail.com> mm: shmem: fix data-race in shmem_getattr() Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: mvm: fix 6 GHz scan construction Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix kernel bug due to missing clearing of checked flag Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/bugs: Use code segment selector for VERW operand Edward Adam Davis <eadavis(a)qq.com> ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow Matt Fleming <mfleming(a)cloudflare.com> mm/page_alloc: let GFP_ATOMIC order-0 allocs access highatomic reserves Mel Gorman <mgorman(a)techsingularity.net> mm/page_alloc: explicitly define how __GFP_HIGH non-blocking allocations accesses reserves Mel Gorman <mgorman(a)techsingularity.net> mm/page_alloc: explicitly define what alloc flags deplete min reserves Mel Gorman <mgorman(a)techsingularity.net> mm/page_alloc: explicitly record high-order atomic allocations in alloc_flags Mel Gorman <mgorman(a)techsingularity.net> mm/page_alloc: treat RT tasks similar to __GFP_HIGH Mel Gorman <mgorman(a)techsingularity.net> mm/page_alloc: rename ALLOC_HIGH to ALLOC_MIN_RESERVE Mel Gorman <mgorman(a)techsingularity.net> mm/page_alloc: split out buddy removal code from rmqueue into separate helper Wonhyuk Yang <vvghjk1234(a)gmail.com> mm/page_alloc: fix tracepoint mm_page_alloc_zone_locked() Eric Dumazet <edumazet(a)google.com> mm/page_alloc: call check_new_pages() while zone spinlock is not held Chunyan Zhang <zhangchunyan(a)iscas.ac.cn> riscv: Remove duplicated GET_RM Chunyan Zhang <zhangchunyan(a)iscas.ac.cn> riscv: Remove unused GENERATING_ASM_OFFSETS WangYuli <wangyuli(a)uniontech.com> riscv: Use '%u' to format the output of 'cpu' Heinrich Schuchardt <heinrich.schuchardt(a)canonical.com> riscv: efi: Set NX compat flag in PE/COFF header Alexandre Ghiti <alexghiti(a)rivosinc.com> riscv: vdso: Prevent the compiler from inserting calls to memset() Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix potential deadlock with newly created symlinks Javier Carrasco <javier.carrasco.cruz(a)gmail.com> iio: light: veml6030: fix microlux value calculation Zicheng Qu <quzicheng(a)huawei.com> iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() Zicheng Qu <quzicheng(a)huawei.com> staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() Ville Syrjälä <ville.syrjala(a)linux.intel.com> wifi: iwlegacy: Clear stale interrupts before resuming device Manikanta Pubbisetty <quic_mpubbise(a)quicinc.com> wifi: ath10k: Fix memory leak in management tx Felix Fietkau <nbd(a)nbd.name> wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "driver core: Fix uevent_show() vs driver detach race" Basavaraj Natikar <Basavaraj.Natikar(a)amd.com> xhci: Use pm_runtime_get to prevent RPM on unsupported systems Faisal Hassan <quic_faisalh(a)quicinc.com> xhci: Fix Link TRB DMA in command ring stopped completion event Javier Carrasco <javier.carrasco.cruz(a)gmail.com> usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() Zijun Hu <quic_zijuhu(a)quicinc.com> usb: phy: Fix API devm_usb_put_phy() can not release the phy Zongmin Zhou <zhouzongmin(a)kylinos.cn> usbip: tools: Fix detach_port() invalid port error path Dimitri Sivanich <sivanich(a)hpe.com> misc: sgi-gru: Don't disable preemption in GRU driver Dai Ngo <dai.ngo(a)oracle.com> NFS: remove revoked delegation from server's delegation list Daniel Palmer <daniel(a)0x0f.com> net: amd: mvme147: Fix probe banner message Benjamin Marzinski <bmarzins(a)redhat.com> scsi: scsi_transport_fc: Allow setting rport state to current state Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Additional check in ni_clear() Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix possible deadlock in mi_read Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix warning possible deadlock in ntfs_set_state Andrew Ballance <andrewjballance(a)gmail.com> fs/ntfs3: Check if more than chunk-size bytes are written Pierre Gondois <pierre.gondois(a)arm.com> ACPI: CPPC: Make rmw_lock a raw_spin_lock Xiongfeng Wang <wangxiongfeng2(a)huawei.com> firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_payload: sanitize offset and length before calling skb_checksum() Benoît Monin <benoit.monin(a)gmx.fr> net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension Dong Chenchen <dongchenchen2(a)huawei.com> netfilter: Fix use-after-free in get_info() Byeonguk Jeong <jungbu2855(a)gmail.com> bpf: Fix out-of-bounds write in trie_get_next_key() Zichen Xie <zichenxie0106(a)gmail.com> netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() Pedro Tammela <pctammela(a)mojatatu.com> net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT Pablo Neira Ayuso <pablo(a)netfilter.org> gtp: allow -1 to be specified as file description from userspace Ido Schimmel <idosch(a)nvidia.com> ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() Wander Lairson Costa <wander(a)redhat.com> igb: Disable threaded IRQ for igb_msix_other Furong Xu <0x1207(a)gmail.com> net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() Daniel Gabay <daniel.gabay(a)intel.com> wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: iwlwifi: mvm: disconnect station vifs if recovery failed Youghandhar Chintala <youghand(a)codeaurora.org> mac80211: Add support to trigger sta disconnect on hardware restart Johannes Berg <johannes.berg(a)intel.com> mac80211: do drv_reconfig_complete() before restarting all Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: synchronize the qp-handle table array Patrisious Haddad <phaddad(a)nvidia.com> RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down Leon Romanovsky <leon(a)kernel.org> RDMA/cxgb4: Dump vendor specific QP details Geert Uytterhoeven <geert(a)linux-m68k.org> wifi: brcm80211: BRCM_TRACING should depend on TRACING Felix Fietkau <nbd(a)nbd.name> wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys Geert Uytterhoeven <geert(a)linux-m68k.org> mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING Xiu Jianfeng <xiujianfeng(a)huawei.com> cgroup: Fix potential overflow issue when checking max_depth Koba Ko <kobak(a)nvidia.com> ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context Sudeep Holla <sudeep.holla(a)arm.com> ACPI: PRM: Change handler_addr type to void pointer Aubrey Li <aubrey.li(a)intel.com> ACPI: PRM: Remove unnecessary blank lines Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix user-after-free from session log off Donet Tom <donettom(a)linux.ibm.com> selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test ------------- Diffstat: Makefile | 4 +- arch/riscv/kernel/asm-offsets.c | 2 - arch/riscv/kernel/cpu-hotplug.c | 2 +- arch/riscv/kernel/efi-header.S | 2 +- arch/riscv/kernel/traps_misaligned.c | 2 - arch/riscv/kernel/vdso/Makefile | 1 + arch/x86/include/asm/nospec-branch.h | 11 +- drivers/acpi/cppc_acpi.c | 9 +- drivers/acpi/prmt.c | 33 ++-- drivers/base/core.c | 13 +- drivers/base/module.c | 4 - drivers/firmware/arm_sdei.c | 2 +- drivers/gpu/drm/drm_mipi_dsi.c | 2 +- drivers/gpu/drm/i915/gem/i915_gem_context.c | 24 ++- drivers/iio/adc/ad7124.c | 2 +- drivers/iio/light/veml6030.c | 2 +- drivers/infiniband/hw/bnxt_re/qplib_fp.c | 4 + drivers/infiniband/hw/bnxt_re/qplib_rcfw.c | 13 +- drivers/infiniband/hw/bnxt_re/qplib_rcfw.h | 2 + drivers/infiniband/hw/cxgb4/provider.c | 1 + drivers/infiniband/hw/mlx5/qp.c | 4 +- drivers/misc/sgi-gru/grukservices.c | 2 - drivers/misc/sgi-gru/grumain.c | 4 - drivers/misc/sgi-gru/grutlbpurge.c | 2 - drivers/net/ethernet/amd/mvme147.c | 7 +- drivers/net/ethernet/intel/igb/igb_main.c | 2 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 22 ++- drivers/net/gtp.c | 22 +-- drivers/net/netdevsim/fib.c | 4 +- drivers/net/wireless/ath/ath10k/wmi-tlv.c | 7 +- drivers/net/wireless/ath/ath10k/wmi.c | 2 + drivers/net/wireless/broadcom/brcm80211/Kconfig | 1 + drivers/net/wireless/intel/iwlegacy/common.c | 2 + drivers/net/wireless/intel/iwlwifi/mvm/fw.c | 22 ++- drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 3 +- drivers/scsi/scsi_transport_fc.c | 4 +- drivers/staging/iio/frequency/ad9832.c | 7 +- drivers/tty/vt/vt.c | 2 +- drivers/usb/host/xhci-pci.c | 6 +- drivers/usb/host/xhci-ring.c | 16 +- drivers/usb/phy/phy.c | 2 +- drivers/usb/typec/class.c | 1 + fs/ksmbd/mgmt/user_session.c | 26 ++- fs/ksmbd/mgmt/user_session.h | 4 + fs/ksmbd/server.c | 2 + fs/ksmbd/smb2pdu.c | 8 +- fs/nfs/delegation.c | 5 + fs/nilfs2/namei.c | 3 + fs/nilfs2/page.c | 1 + fs/ntfs3/frecord.c | 4 +- fs/ntfs3/lznt.c | 3 + fs/ntfs3/namei.c | 2 +- fs/ntfs3/ntfs_fs.h | 2 +- fs/ocfs2/file.c | 8 + include/acpi/cppc_acpi.h | 2 +- include/net/ip_tunnels.h | 2 +- include/net/mac80211.h | 10 ++ include/trace/events/kmem.h | 14 +- kernel/bpf/lpm_trie.c | 2 +- kernel/cgroup/cgroup.c | 4 +- mm/internal.h | 13 +- mm/page_alloc.c | 185 +++++++++++++--------- mm/shmem.c | 2 + net/core/dev.c | 4 + net/mac80211/Kconfig | 2 +- net/mac80211/cfg.c | 3 +- net/mac80211/ieee80211_i.h | 3 + net/mac80211/key.c | 42 +++-- net/mac80211/mlme.c | 14 +- net/mac80211/util.c | 45 ++++-- net/netfilter/nft_payload.c | 3 + net/netfilter/x_tables.c | 2 +- net/sched/sch_api.c | 2 +- sound/soc/codecs/cs42l51.c | 7 +- tools/testing/selftests/vm/hmm-tests.c | 2 +- tools/usb/usbip/src/usbip_detach.c | 1 + 76 files changed, 481 insertions(+), 230 deletions(-)

10 months, 1 week

12
85
0 0

[PATCH 6.1+] ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022

by WangYuli

From: Mingcong Bai <jeffbai(a)aosc.io> [ Upstream commit de156f3cf70e17dc6ff4c3c364bb97a6db961ffd ] Xiaomi Book Pro 14 2022 (MIA2210-AD) requires a quirk entry for its internal microphone to be enabled. This is likely due to similar reasons as seen previously on Redmi Book 14/15 Pro 2022 models (since they likely came with similar firmware): - commit dcff8b7ca92d ("ASoC: amd: yc: Add Xiaomi Redmi Book Pro 15 2022 into DMI table") - commit c1dd6bf61997 ("ASoC: amd: yc: Add Xiaomi Redmi Book Pro 14 2022 into DMI table") A quirk would likely be needed for Xiaomi Book Pro 15 2022 models, too. However, I do not have such device on hand so I will leave it for now. Signed-off-by: Mingcong Bai <jeffbai(a)aosc.io> Link: https://patch.msgid.link/20241106024052.15748-1-jeffbai@aosc.io Signed-off-by: Mark Brown <broonie(a)kernel.org> Signed-off-by: WangYuli <wangyuli(a)uniontech.com> --- sound/soc/amd/yc/acp6x-mach.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/sound/soc/amd/yc/acp6x-mach.c b/sound/soc/amd/yc/acp6x-mach.c index 76f5d926d1ea..e027bc1d35f4 100644 --- a/sound/soc/amd/yc/acp6x-mach.c +++ b/sound/soc/amd/yc/acp6x-mach.c @@ -381,6 +381,13 @@ static const struct dmi_system_id yc_acp_quirk_table[] = { DMI_MATCH(DMI_PRODUCT_NAME, "Redmi Book Pro 15 2022"), } }, + { + .driver_data = &acp6x_card, + .matches = { + DMI_MATCH(DMI_BOARD_VENDOR, "TIMI"), + DMI_MATCH(DMI_PRODUCT_NAME, "Xiaomi Book Pro 14 2022"), + } + }, { .driver_data = &acp6x_card, .matches = { -- 2.45.2

10 months, 1 week

2
1
0 0

[PATCH 5.4] NFSD: Fix NFSv4's PUTPUBFH operation

by cel＠kernel.org

From: Chuck Lever <chuck.lever(a)oracle.com> [ Upstream commit 202f39039a11402dcbcd5fece8d9fa6be83f49ae ] According to RFC 8881, all minor versions of NFSv4 support PUTPUBFH. Replace the XDR decoder for PUTPUBFH with a "noop" since we no longer want the minorversion check, and PUTPUBFH has no arguments to decode. (Ideally nfsd4_decode_noop should really be called nfsd4_decode_void). PUTPUBFH should now behave just like PUTROOTFH. Reported-by: Cedric Blancher <cedric.blancher(a)gmail.com> Fixes: e1a90ebd8b23 ("NFSD: Combine decode operations for v4 and v4.1") Cc: Dan Shelton <dan.f.shelton(a)gmail.com> Cc: Roland Mainz <roland.mainz(a)nrubsig.org> Cc: stable(a)vger.kernel.org [ cel: adjusted to apply to origin/linux-5.4.y ] Signed-off-by: Chuck Lever <chuck.lever(a)oracle.com> --- fs/nfsd/nfs4xdr.c | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) In response to: https://lore.kernel.org/stable/2024100703-decorated-bodacious-fa3c@gregkh/ here is a version of upstream commit 202f39039a11 ("NFSD: Fix NFSv4's PUTPUBFH operation") that applies to both origin/linux-5.4.y and origin/linux-4.19.y. diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c index 1d24fff2709c..55b18c145390 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c @@ -1068,14 +1068,6 @@ nfsd4_decode_putfh(struct nfsd4_compoundargs *argp, struct nfsd4_putfh *putfh) DECODE_TAIL; } -static __be32 -nfsd4_decode_putpubfh(struct nfsd4_compoundargs *argp, void *p) -{ - if (argp->minorversion == 0) - return nfs_ok; - return nfserr_notsupp; -} - static __be32 nfsd4_decode_read(struct nfsd4_compoundargs *argp, struct nfsd4_read *read) { @@ -1825,7 +1817,7 @@ static const nfsd4_dec nfsd4_dec_ops[] = { [OP_OPEN_CONFIRM] = (nfsd4_dec)nfsd4_decode_open_confirm, [OP_OPEN_DOWNGRADE] = (nfsd4_dec)nfsd4_decode_open_downgrade, [OP_PUTFH] = (nfsd4_dec)nfsd4_decode_putfh, - [OP_PUTPUBFH] = (nfsd4_dec)nfsd4_decode_putpubfh, + [OP_PUTPUBFH] = (nfsd4_dec)nfsd4_decode_noop, [OP_PUTROOTFH] = (nfsd4_dec)nfsd4_decode_noop, [OP_READ] = (nfsd4_dec)nfsd4_decode_read, [OP_READDIR] = (nfsd4_dec)nfsd4_decode_readdir, -- 2.47.0

10 months, 1 week

2
1
0 0

[PATCH v2 0/2] PCI: endpoint: fix bugs for both API pci_epc_destroy() and pci_epc_remove_epf()

by Zijun Hu

This patch series is to fix bugs for below 2 APIs: pci_epc_destroy() pci_epc_remove_epf() Signed-off-by: Zijun Hu <quic_zijuhu(a)quicinc.com> --- Changes in v2: - Correct title and commit messages, and remove RFC tag - Link to v1: https://lore.kernel.org/r/20241102-epc_rfc-v1-0-5026322df5bc@quicinc.com --- Zijun Hu (2): PCI: endpoint: Fix API pci_epc_destroy() releasing domain_nr ID faults PCI: endpoint: Fix API pci_epc_remove_epf() cleaning up wrong EPC of EPF drivers/pci/endpoint/pci-epc-core.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) --- base-commit: ad5df4a631fa7eeb8eb212d21ab3f6979fd1926e change-id: 20241102-epc_rfc-e1d9d03d5101 Best regards, -- Zijun Hu <quic_zijuhu(a)quicinc.com>

10 months, 1 week

3
6
0 0

[PATCH] LoongArch: Fix early_numa_add_cpu() usage for FDT systems

by Huacai Chen

early_numa_add_cpu() applies on physical CPU id rather than logical CPU id, so use cpuid instead of cpu. Cc: stable(a)vger.kernel.org Fixes: 3de9c42d02a79a5 ("LoongArch: Add all CPUs enabled by fdt to NUMA node 0") Reported-by: Bibo Mao <maobibo(a)loongson.cn> Signed-off-by: Huacai Chen <chenhuacai(a)loongson.cn> --- arch/loongarch/kernel/smp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/loongarch/kernel/smp.c b/arch/loongarch/kernel/smp.c index c0b498467ffa..5d59e9ce2772 100644 --- a/arch/loongarch/kernel/smp.c +++ b/arch/loongarch/kernel/smp.c @@ -302,7 +302,7 @@ static void __init fdt_smp_setup(void) __cpu_number_map[cpuid] = cpu; __cpu_logical_map[cpu] = cpuid; - early_numa_add_cpu(cpu, 0); + early_numa_add_cpu(cpuid, 0); set_cpuid_to_node(cpuid, 0); } -- 2.43.5

10 months, 1 week

1
0
0 0

[PATCH v2] usb: dwc3: gadget: Add TxFIFO resizing supports for single port RAM

by Selvarasu Ganesan

The existing implementation of the TxFIFO resizing logic only supports scenarios where more than one port RAM is used. However, there is a need to resize the TxFIFO in USB2.0-only mode where only a single port RAM is available. This commit introduces the necessary changes to support TxFIFO resizing in such scenarios. Cc: stable(a)vger.kernel.org # 6.12.x: fad16c82: usb: dwc3: gadget: Refine the logic for resizing Tx FIFOs Signed-off-by: Selvarasu Ganesan <selvarasu.g(a)samsung.com> --- Changes in v2: - Removed the code change that limits the number of FIFOs for bulk EP, as plan to address this issue in a separate patch. - Renamed the variable spram_type to is_single_port_ram for better understanding. - Link to v1: https://lore.kernel.org/lkml/20241107104040.502-1-selvarasu.g@samsung.com/ --- drivers/usb/dwc3/core.h | 4 +++ drivers/usb/dwc3/gadget.c | 54 +++++++++++++++++++++++++++++++++------ 2 files changed, 50 insertions(+), 8 deletions(-) diff --git a/drivers/usb/dwc3/core.h b/drivers/usb/dwc3/core.h index eaa55c0cf62f..8306b39e5c64 100644 --- a/drivers/usb/dwc3/core.h +++ b/drivers/usb/dwc3/core.h @@ -915,6 +915,7 @@ struct dwc3_hwparams { #define DWC3_MODE(n) ((n) & 0x7) /* HWPARAMS1 */ +#define DWC3_SPRAM_TYPE(n) (((n) >> 23) & 1) #define DWC3_NUM_INT(n) (((n) & (0x3f << 15)) >> 15) /* HWPARAMS3 */ @@ -925,6 +926,9 @@ struct dwc3_hwparams { #define DWC3_NUM_IN_EPS(p) (((p)->hwparams3 & \ (DWC3_NUM_IN_EPS_MASK)) >> 18) +/* HWPARAMS6 */ +#define DWC3_RAM0_DEPTH(n) (((n) & (0xffff0000)) >> 16) + /* HWPARAMS7 */ #define DWC3_RAM1_DEPTH(n) ((n) & 0xffff) diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c index 2fed2aa01407..4f2e063c9091 100644 --- a/drivers/usb/dwc3/gadget.c +++ b/drivers/usb/dwc3/gadget.c @@ -687,6 +687,44 @@ static int dwc3_gadget_calc_tx_fifo_size(struct dwc3 *dwc, int mult) return fifo_size; } +/** + * dwc3_gadget_calc_ram_depth - calculates the ram depth for txfifo + * @dwc: pointer to the DWC3 context + */ +static int dwc3_gadget_calc_ram_depth(struct dwc3 *dwc) +{ + int ram_depth; + int fifo_0_start; + bool is_single_port_ram; + int tmp; + + /* Check supporting RAM type by HW */ + is_single_port_ram = DWC3_SPRAM_TYPE(dwc->hwparams.hwparams1); + + /* + * If a single port RAM is utilized, then allocate TxFIFOs from + * RAM0. otherwise, allocate them from RAM1. + */ + ram_depth = is_single_port_ram ? DWC3_RAM0_DEPTH(dwc->hwparams.hwparams6) : + DWC3_RAM1_DEPTH(dwc->hwparams.hwparams7); + + + /* + * In a single port RAM configuration, the available RAM is shared + * between the RX and TX FIFOs. This means that the txfifo can begin + * at a non-zero address. + */ + if (is_single_port_ram) { + /* Check if TXFIFOs start at non-zero addr */ + tmp = dwc3_readl(dwc->regs, DWC3_GTXFIFOSIZ(0)); + fifo_0_start = DWC3_GTXFIFOSIZ_TXFSTADDR(tmp); + + ram_depth -= (fifo_0_start >> 16); + } + + return ram_depth; +} + /** * dwc3_gadget_clear_tx_fifos - Clears txfifo allocation * @dwc: pointer to the DWC3 context @@ -753,7 +791,7 @@ static int dwc3_gadget_resize_tx_fifos(struct dwc3_ep *dep) { struct dwc3 *dwc = dep->dwc; int fifo_0_start; - int ram1_depth; + int ram_depth; int fifo_size; int min_depth; int num_in_ep; @@ -773,7 +811,7 @@ static int dwc3_gadget_resize_tx_fifos(struct dwc3_ep *dep) if (dep->flags & DWC3_EP_TXFIFO_RESIZED) return 0; - ram1_depth = DWC3_RAM1_DEPTH(dwc->hwparams.hwparams7); + ram_depth = dwc3_gadget_calc_ram_depth(dwc); switch (dwc->gadget->speed) { case USB_SPEED_SUPER_PLUS: @@ -809,7 +847,7 @@ static int dwc3_gadget_resize_tx_fifos(struct dwc3_ep *dep) /* Reserve at least one FIFO for the number of IN EPs */ min_depth = num_in_ep * (fifo + 1); - remaining = ram1_depth - min_depth - dwc->last_fifo_depth; + remaining = ram_depth - min_depth - dwc->last_fifo_depth; remaining = max_t(int, 0, remaining); /* * We've already reserved 1 FIFO per EP, so check what we can fit in @@ -835,9 +873,9 @@ static int dwc3_gadget_resize_tx_fifos(struct dwc3_ep *dep) dwc->last_fifo_depth += DWC31_GTXFIFOSIZ_TXFDEP(fifo_size); /* Check fifo size allocation doesn't exceed available RAM size. */ - if (dwc->last_fifo_depth >= ram1_depth) { + if (dwc->last_fifo_depth >= ram_depth) { dev_err(dwc->dev, "Fifosize(%d) > RAM size(%d) %s depth:%d\n", - dwc->last_fifo_depth, ram1_depth, + dwc->last_fifo_depth, ram_depth, dep->endpoint.name, fifo_size); if (DWC3_IP_IS(DWC3)) fifo_size = DWC3_GTXFIFOSIZ_TXFDEP(fifo_size); @@ -3090,7 +3128,7 @@ static int dwc3_gadget_check_config(struct usb_gadget *g) struct dwc3 *dwc = gadget_to_dwc(g); struct usb_ep *ep; int fifo_size = 0; - int ram1_depth; + int ram_depth; int ep_num = 0; if (!dwc->do_fifo_resize) @@ -3113,8 +3151,8 @@ static int dwc3_gadget_check_config(struct usb_gadget *g) fifo_size += dwc->max_cfg_eps; /* Check if we can fit a single fifo per endpoint */ - ram1_depth = DWC3_RAM1_DEPTH(dwc->hwparams.hwparams7); - if (fifo_size > ram1_depth) + ram_depth = dwc3_gadget_calc_ram_depth(dwc); + if (fifo_size > ram_depth) return -ENOMEM; return 0; -- 2.17.1

10 months, 1 week

2
3
0 0

[merged mm-hotfixes-stable] nommu-pass-null-argument-to-vma_iter_prealloc.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: nommu: pass NULL argument to vma_iter_prealloc() has been removed from the -mm tree. Its filename was nommu-pass-null-argument-to-vma_iter_prealloc.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Hajime Tazaki <thehajime(a)gmail.com> Subject: nommu: pass NULL argument to vma_iter_prealloc() Date: Sat, 9 Nov 2024 07:28:34 +0900 When deleting a vma entry from a maple tree, it has to pass NULL to vma_iter_prealloc() in order to calculate internal state of the tree, but it passed a wrong argument. As a result, nommu kernels crashed upon accessing a vma iterator, such as acct_collect() reading the size of vma entries after do_munmap(). This commit fixes this issue by passing a right argument to the preallocation call. Link: https://lkml.kernel.org/r/20241108222834.3625217-1-thehajime@gmail.com Fixes: b5df09226450 ("mm: set up vma iterator for vma_iter_prealloc() calls") Signed-off-by: Hajime Tazaki <thehajime(a)gmail.com> Reviewed-by: Liam R. Howlett <Liam.Howlett(a)Oracle.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/nommu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/nommu.c~nommu-pass-null-argument-to-vma_iter_prealloc +++ a/mm/nommu.c @@ -573,7 +573,7 @@ static int delete_vma_from_mm(struct vm_ VMA_ITERATOR(vmi, vma->vm_mm, vma->vm_start); vma_iter_config(&vmi, vma->vm_start, vma->vm_end); - if (vma_iter_prealloc(&vmi, vma)) { + if (vma_iter_prealloc(&vmi, NULL)) { pr_warn("Allocation of vma tree for process %d failed\n", current->pid); return -ENOMEM; _ Patches currently in -mm which might be from thehajime(a)gmail.com are

10 months, 1 week

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror November 2024