April 2024 - Linux-stable-mirror

Re: [PATCH -next v2] riscv: kdump: fix crashkernel reserving problem on RISC-V

by Mingzheng Xing

>Hi, > >On 10/12/23 at 08:40pm, patchwork-bot+linux-riscv(a)kernel.org wrote: >> Hello: >> >> This patch was applied to riscv/linux.git (fixes) >> by Palmer Dabbelt <palmer(a)rivosinc.com>: > >This patches fixes a regression of one risc-v patch which Andrew picked >into his akpm tree. Later, Andrew merged those two into one patch, now >it shows up in next/master as: > >39365395046f riscv: kdump: use generic interface to simplify crashkernel reservation > >Maybe it can be droppped in risv-v git tree so as not to cause conflict >when merging. > Hi, If I understand right, after commit[1] is merged into Linus's tree, commit[2] doesn't need to be merged in, because [1] contains [2]. This may not have an effect on the master branch. But commit[2] goes into the 6.6.y branch alone and commit[1] doesn't, which creates a trouble in the 6.6 stable branch. commit 39365395046f ("riscv: kdump: use generic interface to simplify crashkernel reservation") [1] commit 1d6cd2146c2b ("riscv: kdump: fix crashkernel reserving problem on RISC-V") [2] Thanks, Mingzheng >Thanks >Baoquan > >> >> On Mon, 25 Sep 2023 10:43:33 +0800 you wrote: >> > When testing on risc-v QEMU environment with "crashkernel=" >> > parameter enabled, a problem occurred with the following >> > message: >> > >> > [ 0.000000] crashkernel low memory reserved: 0xf8000000 - 0x100000000 (128 MB) >> > [ 0.000000] crashkernel reserved: 0x0000000177e00000 - 0x0000000277e00000 (4096 MB) >> > [ 0.000000] ------------[ cut here ]------------ >> > [ 0.000000] WARNING: CPU: 0 PID: 0 at kernel/resource.c:779 __insert_resource+0x8e/0xd0 >> > [ 0.000000] Modules linked in: >> > [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc2-next-20230920 #1 >> > [ 0.000000] Hardware name: riscv-virtio,qemu (DT) >> > [ 0.000000] epc : __insert_resource+0x8e/0xd0 >> > [ 0.000000] ra : insert_resource+0x28/0x4e >> > [ 0.000000] epc : ffffffff80017344 ra : ffffffff8001742e sp : ffffffff81203db0 >> > [ 0.000000] gp : ffffffff812ece98 tp : ffffffff8120dac0 t0 : ff600001f7ff2b00 >> > [ 0.000000] t1 : 0000000000000000 t2 : 3428203030303030 s0 : ffffffff81203dc0 >> > [ 0.000000] s1 : ffffffff81211e18 a0 : ffffffff81211e18 a1 : ffffffff81289380 >> > [ 0.000000] a2 : 0000000277dfffff a3 : 0000000177e00000 a4 : 0000000177e00000 >> > [ 0.000000] a5 : ffffffff81289380 a6 : 0000000277dfffff a7 : 0000000000000078 >> > [ 0.000000] s2 : ffffffff81289380 s3 : ffffffff80a0bac8 s4 : ff600001f7ff2880 >> > [ 0.000000] s5 : 0000000000000280 s6 : 8000000a00006800 s7 : 000000000000007f >> > [ 0.000000] s8 : 0000000080017038 s9 : 0000000080038ea0 s10: 0000000000000000 >> > [ 0.000000] s11: 0000000000000000 t3 : ffffffff80a0bc00 t4 : ffffffff80a0bc00 >> > [ 0.000000] t5 : ffffffff80a0bbd0 t6 : ffffffff80a0bc00 >> > [ 0.000000] status: 0000000200000100 badaddr: 0000000000000000 cause: 0000000000000003 >> > [ 0.000000] [<ffffffff80017344>] __insert_resource+0x8e/0xd0 >> > [ 0.000000] ---[ end trace 0000000000000000 ]--- >> > [ 0.000000] Failed to add a Crash kernel resource at 177e00000 >> > >> > [...] >> >> Here is the summary with links: >> - [-next,v2] riscv: kdump: fix crashkernel reserving problem on RISC-V >> https://git.kernel.org/riscv/c/1d6cd2146c2b > > >> >> You are awesome, thank you! >> -- >> Deet-doot-dot, I am a bot. >> https://korg.docs.kernel.org/patchwork/pwbot.html >>

1 year, 1 month

1
0
0 0

[PATCH v3 1/2] arm64: dts: qcom: sa8155p-adp: fix SDHC2 CD pin configuration

by Volodymyr Babchuk

There are two issues with SDHC2 configuration for SA8155P-ADP, which prevent use of SDHC2 and causes issues with ethernet: - Card Detect pin for SHDC2 on SA8155P-ADP is connected to gpio4 of PMM8155AU_1, not to SoC itself. SoC's gpio4 is used for DWMAC TX. If sdhc driver probes after dwmac driver, it reconfigures gpio4 and this breaks Ethernet MAC. - pinctrl configuration mentions gpio96 as CD pin. It seems it was copied from some SM8150 example, because as mentioned above, correct CD pin is gpio4 on PMM8155AU_1. This patch fixes both mentioned issues by providing correct pin handle and pinctrl configuration. Fixes: 0deb2624e2d0 ("arm64: dts: qcom: sa8155p-adp: Add support for uSD card") Cc: stable(a)vger.kernel.org Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk(a)epam.com> --- In v3: - Moved regulator changes to a separate patch - Renamed pinctrl node - Moved pinctrl node so it will appear in alphabetical order In v2: - Added "Fixes:" tag - CCed stable ML - Fixed pinctrl configuration - Extended voltage range for L13C voltage regulator --- arch/arm64/boot/dts/qcom/sa8155p-adp.dts | 30 ++++++++++-------------- 1 file changed, 13 insertions(+), 17 deletions(-) diff --git a/arch/arm64/boot/dts/qcom/sa8155p-adp.dts b/arch/arm64/boot/dts/qcom/sa8155p-adp.dts index 5e4287f8c8cd1..b2cf2c988336c 100644 --- a/arch/arm64/boot/dts/qcom/sa8155p-adp.dts +++ b/arch/arm64/boot/dts/qcom/sa8155p-adp.dts @@ -367,6 +367,16 @@ queue0 { }; }; +&pmm8155au_1_gpios { + pmm8155au_1_sdc2_cd: sdc2-cd-default-state { + pins = "gpio4"; + function = "normal"; + input-enable; + bias-pull-up; + power-source = <0>; + }; +}; + &qupv3_id_1 { status = "okay"; }; @@ -384,10 +394,10 @@ &remoteproc_cdsp { &sdhc_2 { status = "okay"; - cd-gpios = <&tlmm 4 GPIO_ACTIVE_LOW>; + cd-gpios = <&pmm8155au_1_gpios 4 GPIO_ACTIVE_LOW>; pinctrl-names = "default", "sleep"; - pinctrl-0 = <&sdc2_on>; - pinctrl-1 = <&sdc2_off>; + pinctrl-0 = <&sdc2_on &pmm8155au_1_sdc2_cd>; + pinctrl-1 = <&sdc2_off &pmm8155au_1_sdc2_cd>; vqmmc-supply = <&vreg_l13c_2p96>; /* IO line power */ vmmc-supply = <&vreg_l17a_2p96>; /* Card power line */ bus-width = <4>; @@ -505,13 +515,6 @@ data-pins { bias-pull-up; /* pull up */ drive-strength = <16>; /* 16 MA */ }; - - sd-cd-pins { - pins = "gpio96"; - function = "gpio"; - bias-pull-up; /* pull up */ - drive-strength = <2>; /* 2 MA */ - }; }; sdc2_off: sdc2-off-state { @@ -532,13 +535,6 @@ data-pins { bias-pull-up; /* pull up */ drive-strength = <2>; /* 2 MA */ }; - - sd-cd-pins { - pins = "gpio96"; - function = "gpio"; - bias-pull-up; /* pull up */ - drive-strength = <2>; /* 2 MA */ - }; }; usb2phy_ac_en1_default: usb2phy-ac-en1-default-state { -- 2.44.0

1 year, 1 month

3
2
0 0

[char-misc] mei: me: add lunar lake point M DID

by Tomas Winkler

From: Alexander Usyskin <alexander.usyskin(a)intel.com> Add Lunar (Point) Lake M device id. Cc: <stable(a)vger.kernel.org> Signed-off-by: Alexander Usyskin <alexander.usyskin(a)intel.com> Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com> --- drivers/misc/mei/hw-me-regs.h | 2 ++ drivers/misc/mei/pci-me.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/drivers/misc/mei/hw-me-regs.h b/drivers/misc/mei/hw-me-regs.h index aac36750d2c54a658debcca5..c3a6657dcd4a291a09d2f5ab 100644 --- a/drivers/misc/mei/hw-me-regs.h +++ b/drivers/misc/mei/hw-me-regs.h @@ -115,6 +115,8 @@ #define MEI_DEV_ID_ARL_S 0x7F68 /* Arrow Lake Point S */ #define MEI_DEV_ID_ARL_H 0x7770 /* Arrow Lake Point H */ +#define MEI_DEV_ID_LNL_M 0xA870 /* Lunar Lake Point M */ + /* * MEI HW Section */ diff --git a/drivers/misc/mei/pci-me.c b/drivers/misc/mei/pci-me.c index b5757993c9b2af992c54468a..1db01718eafae806087c6bfe 100644 --- a/drivers/misc/mei/pci-me.c +++ b/drivers/misc/mei/pci-me.c @@ -122,6 +122,8 @@ static const struct pci_device_id mei_me_pci_tbl[] = { {MEI_PCI_DEVICE(MEI_DEV_ID_ARL_S, MEI_ME_PCH15_CFG)}, {MEI_PCI_DEVICE(MEI_DEV_ID_ARL_H, MEI_ME_PCH15_CFG)}, + {MEI_PCI_DEVICE(MEI_DEV_ID_LNL_M, MEI_ME_PCH15_CFG)}, + /* required last entry */ {0, } }; -- 2.44.0

1 year, 1 month

1
0
0 0

Apparently, the CPU is overheated

by Victor Porton

Since some version of Linux (I think since some 5.x), my computer started to turn off randomly, especially when under a load. A workaround is to put it into power saving mode (using Power in Gnome Settings). This makes it almost 2 times slower. Unmodified Asus X515EA. I recently updated BIOS to Asus's version 315, but this didn't help. Previously we cleared it from dust and replaced the thermal paste, but that didn't fix the problem. I am attaching dmidecode. In my previous email, I forgot to tell Linux version: $ uname -a Linux victor 6.5.0-28-generic #29-Ubuntu SMP PREEMPT_DYNAMIC Thu Mar 28 23:46:48 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux

1 year, 1 month

1
0
0 0

Extend Framework 13 quirk

by Mario Limonciello

Hi, The Framework 13 quirk for s2idle got extended to cover another BIOS version very recently. Can you please backport this to 6.6.y and later as well? f609e7b1b49e ("platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes") Thanks,

1 year, 1 month

1
0
0 0

Linux 6.6.28

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.28 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/admin-guide/hw-vuln/spectre.rst | 22 Documentation/admin-guide/kernel-parameters.txt | 12 Documentation/networking/device_drivers/ethernet/amazon/ena.rst | 1 Makefile | 2 arch/arm/boot/dts/nxp/imx/imx7s-warp.dts | 1 arch/arm/mach-omap2/board-n8x0.c | 23 arch/arm64/boot/dts/freescale/imx8-ss-conn.dtsi | 16 arch/arm64/boot/dts/freescale/imx8-ss-dma.dtsi | 36 arch/arm64/boot/dts/freescale/imx8-ss-lsio.dtsi | 16 arch/arm64/boot/dts/freescale/imx8qm-ss-dma.dtsi | 8 arch/x86/Kconfig | 21 arch/x86/events/core.c | 1 arch/x86/include/asm/apic.h | 3 arch/x86/kernel/apic/apic.c | 6 arch/x86/kernel/cpu/bugs.c | 82 - arch/x86/kernel/cpu/common.c | 48 block/blk-cgroup.c | 9 block/blk-cgroup.h | 2 block/blk-core.c | 2 drivers/accel/ivpu/ivpu_drv.c | 2 drivers/acpi/scan.c | 3 drivers/ata/libata-core.c | 2 drivers/ata/libata-scsi.c | 9 drivers/cxl/core/mbox.c | 5 drivers/cxl/core/regs.c | 5 drivers/firmware/arm_scmi/raw_mode.c | 7 drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 2 drivers/gpu/drm/amd/amdgpu/soc21.c | 27 drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c | 1 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 15 drivers/gpu/drm/amd/display/dc/clk_mgr/dcn316/dcn316_clk_mgr.c | 19 drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_4_ppt.c | 12 drivers/gpu/drm/ast/ast_dp.c | 3 drivers/gpu/drm/drm_client_modeset.c | 3 drivers/gpu/drm/i915/display/intel_cdclk.c | 7 drivers/gpu/drm/i915/display/intel_cdclk.h | 3 drivers/gpu/drm/i915/display/intel_ddi.c | 5 drivers/gpu/drm/i915/display/intel_vrr.c | 7 drivers/gpu/drm/msm/disp/dpu1/dpu_core_perf.c | 10 drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadowof.c | 7 drivers/gpu/drm/panfrost/panfrost_mmu.c | 13 drivers/gpu/drm/qxl/qxl_release.c | 50 drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 11 drivers/iommu/intel/perfmon.c | 2 drivers/iommu/intel/svm.c | 2 drivers/md/raid1.c | 2 drivers/media/cec/core/cec-adap.c | 14 drivers/mmc/host/omap.c | 48 drivers/net/dsa/mt7530.c | 229 ++- drivers/net/dsa/mt7530.h | 5 drivers/net/ethernet/amazon/ena/Makefile | 2 drivers/net/ethernet/amazon/ena/ena_com.c | 2 drivers/net/ethernet/amazon/ena/ena_ethtool.c | 1 drivers/net/ethernet/amazon/ena/ena_netdev.c | 688 ---------- drivers/net/ethernet/amazon/ena/ena_netdev.h | 83 - drivers/net/ethernet/amazon/ena/ena_xdp.c | 466 ++++++ drivers/net/ethernet/amazon/ena/ena_xdp.h | 152 ++ drivers/net/ethernet/broadcom/bnxt/bnxt.c | 2 drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.c | 6 drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c | 20 drivers/net/ethernet/marvell/octeontx2/nic/qos.c | 1 drivers/net/ethernet/mellanox/mlx5/core/en/ptp.h | 8 drivers/net/ethernet/mellanox/mlx5/core/en/qos.c | 33 drivers/net/ethernet/mellanox/mlx5/core/en/selq.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_tx.c | 7 drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 17 drivers/net/ethernet/mellanox/mlx5/core/main.c | 37 drivers/net/ethernet/mellanox/mlx5/core/pci_irq.c | 4 drivers/net/ethernet/mellanox/mlx5/core/sf/dev/driver.c | 22 drivers/net/ethernet/micrel/ks8851.h | 3 drivers/net/ethernet/micrel/ks8851_common.c | 16 drivers/net/ethernet/micrel/ks8851_par.c | 11 drivers/net/ethernet/micrel/ks8851_spi.c | 11 drivers/net/ethernet/microchip/sparx5/sparx5_port.c | 4 drivers/net/geneve.c | 4 drivers/platform/chrome/cros_ec_uart.c | 28 drivers/scsi/hisi_sas/hisi_sas_main.c | 2 drivers/scsi/qla2xxx/qla_edif.c | 2 drivers/scsi/sg.c | 20 drivers/vhost/vhost.c | 24 fs/btrfs/delayed-inode.c | 3 fs/btrfs/inode.c | 13 fs/btrfs/ioctl.c | 37 fs/btrfs/qgroup.c | 2 fs/btrfs/root-tree.c | 10 fs/btrfs/root-tree.h | 2 fs/btrfs/transaction.c | 17 fs/smb/client/cached_dir.c | 4 include/linux/dma-fence.h | 7 include/linux/irqflags.h | 2 include/linux/u64_stats_sync.h | 9 include/net/addrconf.h | 4 include/net/af_unix.h | 2 include/net/bluetooth/bluetooth.h | 11 include/net/ip_tunnels.h | 33 io_uring/net.c | 1 kernel/cpu.c | 3 kernel/kprobes.c | 18 kernel/power/suspend.c | 6 kernel/trace/ring_buffer.c | 6 kernel/trace/trace_events.c | 4 net/batman-adv/translation-table.c | 2 net/bluetooth/hci_request.c | 4 net/bluetooth/hci_sync.c | 66 net/bluetooth/iso.c | 14 net/bluetooth/l2cap_core.c | 3 net/bluetooth/sco.c | 23 net/ipv4/netfilter/arp_tables.c | 4 net/ipv4/netfilter/ip_tables.c | 4 net/ipv4/route.c | 4 net/ipv6/addrconf.c | 7 net/ipv6/ip6_fib.c | 7 net/ipv6/netfilter/ip6_tables.c | 4 net/openvswitch/conntrack.c | 5 net/unix/af_unix.c | 8 net/unix/garbage.c | 35 net/unix/scm.c | 8 net/xdp/xsk.c | 2 tools/testing/selftests/net/mptcp/mptcp_connect.sh | 53 tools/testing/selftests/net/mptcp/mptcp_join.sh | 30 tools/testing/selftests/timers/posix_timers.c | 2 122 files changed, 1750 insertions(+), 1250 deletions(-) Aaro Koskinen (6): ARM: OMAP2+: fix bogus MMC GPIO labels on Nokia N8x0 ARM: OMAP2+: fix N810 MMC gpiod table mmc: omap: fix broken slot switch lookup mmc: omap: fix deferred probe mmc: omap: restore original power up/down steps ARM: OMAP2+: fix USB regression on Nokia N8x0 Adam Dunlap (1): x86/apic: Force native_apic_mem_read() to use the MOV instruction Alex Constantino (1): Revert "drm/qxl: simplify qxl_fence_wait" Alex Deucher (1): drm/amdgpu: always force full reset for SOC21 Alexander Wetzel (2): scsi: sg: Avoid sg device teardown race scsi: sg: Avoid race in error handling & drop bogus warn Anna-Maria Behnsen (1): PM: s2idle: Make sure CPUs will wakeup directly on resume Archie Pusaka (1): Bluetooth: l2cap: Don't double set the HCI_CONN_MGMT_CONNECTED bit Arnd Bergmann (5): nouveau: fix function cast warning ipv6: fib: hide unused 'pn' variable ipv4/route: avoid unused-but-set-variable warning tracing: hide unused ftrace_event_id_fops irqflags: Explicitly ignore lockdep_hrtimer_exit() argument Arınç ÜNAL (1): net: dsa: mt7530: trap link-local frames regardless of ST Port State Boris Brezillon (1): drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() Boris Burkov (4): btrfs: qgroup: correctly model root qgroup rsv in convert btrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations btrfs: record delayed inode root in transaction btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans Carolina Jubran (2): net/mlx5e: Fix mlx5e_priv_init() cleanup flow net/mlx5e: HTB, Fix inconsistencies with QoS SQs number Cosmin Ratiu (2): net/mlx5: Properly link new fs rules into the tree net/mlx5: Correctly compare pkt reformat ids Cristian Marussi (1): firmware: arm_scmi: Make raw debugfs entries non-seekable Damien Le Moal (1): ata: libata-scsi: Fix ata_scsi_dev_rescan() error path Dan Carpenter (1): scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() Daniel Machon (1): net: sparx5: fix wrong config being used when reconfiguring PCS Daniel Sneddon (1): x86/bugs: Fix return type of spectre_bhi_state() Dave Jiang (1): cxl/core/regs: Fix usage of map->reg_type in cxl_decode_regblock() before assigned David Arinzon (7): net: ena: Fix potential sign extension issue net: ena: Wrong missing IO completions check order net: ena: Fix incorrect descriptor free behavior net: ena: Move XDP code to its new files net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() net: ena: Use tx_ring instead of xdp_ring for XDP channel TX net: ena: Set tx_info->xdpf value to NULL Dmitry Antipov (1): Bluetooth: Fix memory leak in hci_req_sync_complete() Dmitry Baryshkov (1): drm/msm/dpu: don't allow overriding data from catalog Eric Dumazet (3): xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING geneve: fix header validation in geneve[6]_xmit_skb netfilter: complete validation of user input Fabio Estevam (1): ARM: dts: imx7s-warp: Pass OV2680 link-frequencies Frank Li (7): arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order arm64: dts: imx8qm-ss-dma: fix can lpcg indices arm64: dts: imx8-ss-dma: fix can lpcg indices arm64: dts: imx8-ss-dma: fix adc lpcg indices arm64: dts: imx8-ss-conn: fix usb lpcg indices arm64: dts: imx8-ss-lsio: fix pwm lpcg indices arm64: dts: imx8-ss-dma: fix spi lpcg indices Fudongwang (1): drm/amd/display: fix disable otg wa logic in DCN316 Gavin Shan (2): vhost: Add smp_rmb() in vhost_vq_avail_empty() vhost: Add smp_rmb() in vhost_enable_notify() Geetha sowjanya (1): octeontx2-af: Fix NIX SQ mode and BP config Geliang Tang (1): selftests: mptcp: use += operator to append strings Gerd Bayer (2): s390/ism: fix receive message buffer allocation Revert "s390/ism: fix receive message buffer allocation" Greg Kroah-Hartman (1): Linux 6.6.28 Hans de Goede (1): ACPI: scan: Do not increase dep_unmet for already met dependencies Hariprasad Kelam (1): octeontx2-pf: Fix transmit scheduler resource leak Harish Kasiviswanathan (1): drm/amdkfd: Reset GPU on queue preemption failure Harry Wentland (2): drm/amd/display: Program VSC SDP colorimetry for all DP sinks >= 1.4 drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST Igor Pylypiv (1): ata: libata-core: Allow command duration limits detection for ACS-4 drives Ilya Maximets (1): net: openvswitch: fix unwanted error log on timeout policy probing Ingo Molnar (1): x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' Jacek Lawrynowicz (1): accel/ivpu: Fix deadlock in context_xa Jacob Pan (1): iommu/vt-d: Allocate local memory for page request queue Jammy Huang (1): drm/ast: Fix soft lockup Jiri Benc (1): ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr John Stultz (1): selftests: timers: Fix abs() warning in posix_timers test Josh Poimboeuf (6): x86/bugs: Fix BHI documentation x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES x86/bugs: Fix BHI handling of RRSBA x86/bugs: Clarify that syscall hardening isn't a BHI mitigation x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI Kuniyuki Iwashima (2): af_unix: Clear stale u->oob_skb. af_unix: Do not use atomic ops for unix_sk(sk)->inflight. Kwangjin Ko (1): cxl/core: Fix initialization of mbox_cmd.size_out in get event Lijo Lazar (1): drm/amdgpu: Reset dGPU if suspend got aborted Luiz Augusto von Dentz (5): Bluetooth: ISO: Align broadcast sync_timeout with connection timeout Bluetooth: ISO: Don't reject BT_ISO_QOS if parameters are unset Bluetooth: hci_sync: Use QoS to determine which PHY to scan Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY Bluetooth: SCO: Fix not validating setsockopt user input Marek Vasut (2): net: ks8851: Inline ks8851_rx_skb() net: ks8851: Handle softirqs at the end of IRQ thread to fix hang Michael Liang (1): net/mlx5: offset comp irq index in name by one Michal Luczaj (1): af_unix: Fix garbage collector racing against connect() Ming Lei (1): block: fix q->blkg_list corruption during disk rebind Moshe Shemesh (1): net/mlx5: SF, Stop waiting for FW as teardown was called Namhyung Kim (1): perf/x86: Fix out of range data Nini Song (1): media: cec: core: remove length check of Timer Status Noah Loomans (1): platform/chrome: cros_ec_uart: properly fix race condition Pavan Chebbi (1): bnxt_en: Reset PTP tx_avail after possible firmware reset Pavel Begunkov (1): io_uring/net: restore msg_control on sendzc retry Petr Tesarik (1): u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one file Rahul Rameshbabu (1): net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit Sean Christopherson (1): x86/cpu: Actually turn off mitigations by default for SPECULATION_MITIGATIONS=n Shay Drory (1): net/mlx5: Register devlink first under devlink lock Steve French (1): smb3: fix Open files on server counter going negative Steven Rostedt (Google) (1): ring-buffer: Only update pages_touched when a new page is touched Sven Eckelmann (1): batman-adv: Avoid infinite loop trying to resize local TT Tim Huang (2): drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 drm/amdgpu: fix incorrect number of active RBs for gfx11 Vikas Gupta (2): bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() bnxt_en: Fix error recovery for RoCE ulp client Ville Syrjälä (4): drm/i915/vrr: Disable VRR when using bigjoiner drm/client: Fully protect modes[] with dev->mode_config.mutex drm/i915/cdclk: Fix CDCLK programming order when pipes are active drm/i915: Disable port sync when bigjoiner is used Xiang Chen (1): scsi: hisi_sas: Modify the deadline for ata_wait_after_reset() Xuchun Shang (1): iommu/vt-d: Fix wrong use of pasid config Yu Kuai (1): raid1: fix use-after-free for original bio in raid1_write_request() Yuquan Wang (1): cxl/mem: Fix for the index of Clear Event Record Handle Zack Rusin (1): drm/vmwgfx: Enable DMA mappings with SEV Zheng Yejian (1): kprobes: Fix possible use-after-free issue on kprobe registration

1 year, 1 month

3
4
0 0

[PATCH 0/4] Please apply these MT7530 DSA subdriver patches to 5.15

by Arınç ÜNAL via B4 Relay

Hello. These are the remaining bugfix patches for the MT7530 DSA subdriver. They didn't apply as is to the 5.15 stable tree so I have submitted the adjusted versions in this thread. Please apply them in the order they were submitted. Signed-off-by: Arınç ÜNAL <arinc.unal(a)arinc9.com> --- Arınç ÜNAL (3): net: dsa: mt7530: set all CPU ports in MT7531_CPU_PMAP net: dsa: mt7530: fix improper frames on all 25MHz and 40MHz XTAL MT7530 net: dsa: mt7530: fix enabling EEE on MT7531 switch on all boards Vladimir Oltean (1): net: dsa: introduce preferred_default_local_cpu_port and use on MT7530 drivers/net/dsa/mt7530.c | 54 ++++++++++++++++++++++++++++++++++-------------- drivers/net/dsa/mt7530.h | 2 ++ include/net/dsa.h | 8 +++++++ net/dsa/dsa2.c | 24 ++++++++++++++++++++- 4 files changed, 71 insertions(+), 17 deletions(-) --- base-commit: c52b9710c83d3b8ab63bb217cc7c8b61e13f12cd change-id: 20240420-for-stable-5-15-backports-d1fca1fee8c9 Best regards, -- Arınç ÜNAL <arinc.unal(a)arinc9.com>

1 year, 1 month

1
4
0 0

Re: Patch "ravb: Group descriptor types used in Rx ring" has been added to the 6.8-stable tree

by Sergey Shtylyov

On 4/19/24 2:47 PM, Sasha Levin wrote: > This is a note to let you know that I've just added the patch titled > > ravb: Group descriptor types used in Rx ring > > to the 6.8-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > ravb-group-descriptor-types-used-in-rx-ring.patch > and it can be found in the queue-6.8 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > > commit fb17fd565be203e2aa62544a586a72430c457751 > Author: Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> > Date: Mon Mar 4 12:08:53 2024 +0100 > > ravb: Group descriptor types used in Rx ring > > [ Upstream commit 4123c3fbf8632e5c553222bf1c10b3a3e0a8dc06 ] > > The Rx ring can either be made up of normal or extended descriptors, not > a mix of the two at the same time. Make this explicit by grouping the > two variables in a rx_ring union. > > The extension of the storage for more than one queue of normal > descriptors from a single to NUM_RX_QUEUE queues have no practical > effect. But aids in making the code readable as the code that uses it > already piggyback on other members of struct ravb_private that are > arrays of max length NUM_RX_QUEUE, e.g. rx_desc_dma. This will also make > further refactoring easier. > > While at it, rename the normal descriptor Rx ring to make it clear it's > not strictly related to the GbEthernet E-MAC IP found in RZ/G2L, normal > descriptors could be used on R-Car SoCs too. > > Signed-off-by: Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> > Reviewed-by: Paul Barker <paul.barker.ct(a)bp.renesas.com> > Reviewed-by: Sergey Shtylyov <s.shtylyov(a)omp.ru> > Signed-off-by: David S. Miller <davem(a)davemloft.net> > Stable-dep-of: def52db470df ("net: ravb: Count packets instead of descriptors in R-Car RX path") Hm, I doubt this patch is actually necessary here... > Signed-off-by: Sasha Levin <sashal(a)kernel.org> [...] MBR, Sergey

1 year, 1 month

1
0
0 0

Apparently, the CPU is overheated

by Victor Porton

Since some version of Linux (I think since some 5.x), my computer started to turn off randomly, especially when under a load. A workaround is to put it into power saving mode (using Power in Gnome Settings). This makes it almost 2 times slower. Unmodified Asus X515EA. I recently updated BIOS to Asus's version 315, but this didn't help. Previously we cleared it from dust and replaced the thermal paste, but that didn't fix the problem. I am attaching dmidecode.

1 year, 1 month

1
0
0 0

[PATCH net v2] udp: don't be set unconnected if only UDP cmsg

by Yick Xie

If "udp_cmsg_send()" returned 0 (i.e. only UDP cmsg), "connected" should not be set to 0. Otherwise it stops the connected socket from using the cached route. Fixes: 2e8de8576343 ("udp: add gso segment cmsg") Signed-off-by: Yick Xie <yick.xie(a)gmail.com> Cc: stable(a)vger.kernel.org --- v2: Add Fixes tag v1: https://lore.kernel.org/netdev/20240414195213.106209-1-yick.xie@gmail.com/ --- net/ipv4/udp.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c index c02bf011d4a6..420905be5f30 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -1123,16 +1123,17 @@ int udp_sendmsg(struct sock *sk, struct msghdr *msg, size_t len) if (msg->msg_controllen) { err = udp_cmsg_send(sk, msg, &ipc.gso_size); - if (err > 0) + if (err > 0) { err = ip_cmsg_send(sk, msg, &ipc, sk->sk_family == AF_INET6); + connected = 0; + } if (unlikely(err < 0)) { kfree(ipc.opt); return err; } if (ipc.opt) free = 1; - connected = 0; } if (!ipc.opt) { struct ip_options_rcu *inet_opt; -- 2.34.1

1 year, 1 month

4
6
0 0

+ mm-hugetlb-fix-debug_locks_warn_on1-when-dissolve_free_hugetlb_folio.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-hugetlb-fix-debug_locks_warn_on1-when-dissolve_free_hugetlb_folio.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Miaohe Lin <linmiaohe(a)huawei.com> Subject: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() Date: Fri, 19 Apr 2024 16:58:19 +0800 When I did memory failure tests recently, below warning occurs: DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 8 PID: 1011 at kernel/locking/lockdep.c:232 __lock_acquire+0xccb/0x1ca0 Modules linked in: mce_inject hwpoison_inject CPU: 8 PID: 1011 Comm: bash Kdump: loaded Not tainted 6.9.0-rc3-next-20240410-00012-gdb69f219f4be #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 RIP: 0010:__lock_acquire+0xccb/0x1ca0 RSP: 0018:ffffa7a1c7fe3bd0 EFLAGS: 00000082 RAX: 0000000000000000 RBX: eb851eb853975fcf RCX: ffffa1ce5fc1c9c8 RDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffffa1ce5fc1c9c0 RBP: ffffa1c6865d3280 R08: ffffffffb0f570a8 R09: 0000000000009ffb R10: 0000000000000286 R11: ffffffffb0f2ad50 R12: ffffa1c6865d3d10 R13: ffffa1c6865d3c70 R14: 0000000000000000 R15: 0000000000000004 FS: 00007ff9f32aa740(0000) GS:ffffa1ce5fc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ff9f3134ba0 CR3: 00000008484e4000 CR4: 00000000000006f0 Call Trace: <TASK> lock_acquire+0xbe/0x2d0 _raw_spin_lock_irqsave+0x3a/0x60 hugepage_subpool_put_pages.part.0+0xe/0xc0 free_huge_folio+0x253/0x3f0 dissolve_free_huge_page+0x147/0x210 __page_handle_poison+0x9/0x70 memory_failure+0x4e6/0x8c0 hard_offline_page_store+0x55/0xa0 kernfs_fop_write_iter+0x12c/0x1d0 vfs_write+0x380/0x540 ksys_write+0x64/0xe0 do_syscall_64+0xbc/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7ff9f3114887 RSP: 002b:00007ffecbacb458 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007ff9f3114887 RDX: 000000000000000c RSI: 0000564494164e10 RDI: 0000000000000001 RBP: 0000564494164e10 R08: 00007ff9f31d1460 R09: 000000007fffffff R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c R13: 00007ff9f321b780 R14: 00007ff9f3217600 R15: 00007ff9f3216a00 </TASK> Kernel panic - not syncing: kernel: panic_on_warn set ... CPU: 8 PID: 1011 Comm: bash Kdump: loaded Not tainted 6.9.0-rc3-next-20240410-00012-gdb69f219f4be #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: <TASK> panic+0x326/0x350 check_panic_on_warn+0x4f/0x50 __warn+0x98/0x190 report_bug+0x18e/0x1a0 handle_bug+0x3d/0x70 exc_invalid_op+0x18/0x70 asm_exc_invalid_op+0x1a/0x20 RIP: 0010:__lock_acquire+0xccb/0x1ca0 RSP: 0018:ffffa7a1c7fe3bd0 EFLAGS: 00000082 RAX: 0000000000000000 RBX: eb851eb853975fcf RCX: ffffa1ce5fc1c9c8 RDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffffa1ce5fc1c9c0 RBP: ffffa1c6865d3280 R08: ffffffffb0f570a8 R09: 0000000000009ffb R10: 0000000000000286 R11: ffffffffb0f2ad50 R12: ffffa1c6865d3d10 R13: ffffa1c6865d3c70 R14: 0000000000000000 R15: 0000000000000004 lock_acquire+0xbe/0x2d0 _raw_spin_lock_irqsave+0x3a/0x60 hugepage_subpool_put_pages.part.0+0xe/0xc0 free_huge_folio+0x253/0x3f0 dissolve_free_huge_page+0x147/0x210 __page_handle_poison+0x9/0x70 memory_failure+0x4e6/0x8c0 hard_offline_page_store+0x55/0xa0 kernfs_fop_write_iter+0x12c/0x1d0 vfs_write+0x380/0x540 ksys_write+0x64/0xe0 do_syscall_64+0xbc/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7ff9f3114887 RSP: 002b:00007ffecbacb458 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007ff9f3114887 RDX: 000000000000000c RSI: 0000564494164e10 RDI: 0000000000000001 RBP: 0000564494164e10 R08: 00007ff9f31d1460 R09: 000000007fffffff R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c R13: 00007ff9f321b780 R14: 00007ff9f3217600 R15: 00007ff9f3216a00 </TASK> After git bisecting and digging into the code, I believe the root cause is that _deferred_list field of folio is unioned with _hugetlb_subpool field. In __update_and_free_hugetlb_folio(), folio->_deferred_list is initialized leading to corrupted folio->_hugetlb_subpool when folio is hugetlb. Later free_huge_folio() will use _hugetlb_subpool and above warning happens. But it is assumed hugetlb flag must have been cleared when calling folio_put() in update_and_free_hugetlb_folio(). This assumption is broken due to below race: CPU1 CPU2 dissolve_free_huge_page update_and_free_pages_bulk update_and_free_hugetlb_folio hugetlb_vmemmap_restore_folios folio_clear_hugetlb_vmemmap_optimized clear_flag = folio_test_hugetlb_vmemmap_optimized if (clear_flag) <-- False, it's already cleared. __folio_clear_hugetlb(folio) <-- Hugetlb is not cleared. folio_put free_huge_folio <-- free_the_page is expected. list_for_each_entry() __folio_clear_hugetlb <-- Too late. Fix this issue by checking whether folio is hugetlb directly instead of checking clear_flag to close the race window. Link: https://lkml.kernel.org/r/20240419085819.1901645-1-linmiaohe@huawei.com Fixes: 32c877191e02 ("hugetlb: do not clear hugetlb dtor until allocating vmemmap") Signed-off-by: Miaohe Lin <linmiaohe(a)huawei.com> Cc: Oscar Salvador <osalvador(a)suse.de> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/hugetlb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/hugetlb.c~mm-hugetlb-fix-debug_locks_warn_on1-when-dissolve_free_hugetlb_folio +++ a/mm/hugetlb.c @@ -1781,7 +1781,7 @@ static void __update_and_free_hugetlb_fo * If vmemmap pages were allocated above, then we need to clear the * hugetlb destructor under the hugetlb lock. */ - if (clear_dtor) { + if (folio_test_hugetlb(folio)) { spin_lock_irq(&hugetlb_lock); __clear_hugetlb_destructor(h, folio); spin_unlock_irq(&hugetlb_lock); _ Patches currently in -mm which might be from linmiaohe(a)huawei.com are mm-hugetlb-fix-debug_locks_warn_on1-when-dissolve_free_hugetlb_folio.patch

1 year, 1 month

1
0
0 0

[PATCH net v2] net: b44: set pause params only when interface is up

by Peter Münster

Hi, This patch fixes a kernel panic when using netifd. Could you please apply it also to linux-5.15.y at least? TIA and kind regards, -- Peter

1 year, 1 month

2
1
0 0

[PATCH] mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again

by Zach O'Keefe

(struct dirty_throttle_control *)->thresh is an unsigned long, but is passed as the u32 divisor argument to div_u64(). On architectures where unsigned long is 64 bytes, the argument will be implicitly truncated. Use div64_u64() instead of div_u64() so that the value used in the "is this a safe division" check is the same as the divisor. Also, remove redundant cast of the numerator to u64, as that should happen implicitly. This would be difficult to exploit in memcg domain, given the ratio-based arithmetic domain_drity_limits() uses, but is much easier in global writeback domain with a BDI_CAP_STRICTLIMIT-backing device, using e.g. vm.dirty_bytes=(1<<32)*PAGE_SIZE so that dtc->thresh == (1<<32) Fixes: f6789593d5ce ("mm/page-writeback.c: fix divide by zero in bdi_dirty_limits()") Cc: Maxim Patlasov <MPatlasov(a)parallels.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Zach O'Keefe <zokeefe(a)google.com> --- mm/page-writeback.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/page-writeback.c b/mm/page-writeback.c index cd4e4ae77c40a..02147b61712bc 100644 --- a/mm/page-writeback.c +++ b/mm/page-writeback.c @@ -1638,7 +1638,7 @@ static inline void wb_dirty_limits(struct dirty_throttle_control *dtc) */ dtc->wb_thresh = __wb_calc_thresh(dtc); dtc->wb_bg_thresh = dtc->thresh ? - div_u64((u64)dtc->wb_thresh * dtc->bg_thresh, dtc->thresh) : 0; + div64_u64(dtc->wb_thresh * dtc->bg_thresh, dtc->thresh) : 0; /* * In order to avoid the stacked BDI deadlock we need -- 2.43.0.429.g432eaa2c6b-goog

1 year, 1 month

2
4
0 0

Re: [bug-report] task info hung problem in fb_deferred_io_work()

by Harshit Mogalapalli

Hi Nam, +CC stable( heads up as this is a regression affecting 5.15.y and probably others, Greg: this was reproducible upstream so reported everything w.r.t upstream code but initially found on 5.15.y) On 19/04/24 20:29, Nam Cao wrote: > On 2024-04-18 Harshit Mogalapalli wrote: >> While fuzzing 5.15.y kernel with Syzkaller, we noticed a INFO: task hung >> bug in fb_deferred_io_work() > > I think the problem is because of improper offset address calculation. > The kernel calculate address offset with: > offset = vmf->address - vmf->vma->vm_start > > Now the problem is that your C program mmap the framebuffer at 2 > different offsets: > mmap(ptr, 4096, PROT_WRITE, MAP_FIXED | MAP_SHARED, fd, 0xff000); > mmap(ptr, 4096, PROT_WRITE, MAP_FIXED | MAP_SHARED, fd, 0); > > but the kernel doesn't take these different offsets into account. > So, 2 different pages are mistakenly recognized as the same page. > > Can you try the following patch? This patch works well against the reproducer, this simplified repro and the longer repro which syzkaller generated couldn't trigger any hang with the below patch applied. Thanks, Harshit > > Best regards, > Nam > > diff --git a/drivers/video/fbdev/core/fb_defio.c b/drivers/video/fbdev/core/fb_defio.c > index dae96c9f61cf..d5d6cd9e8b29 100644 > --- a/drivers/video/fbdev/core/fb_defio.c > +++ b/drivers/video/fbdev/core/fb_defio.c > @@ -196,7 +196,8 @@ static vm_fault_t fb_deferred_io_track_page(struct fb_info *info, unsigned long > */ > static vm_fault_t fb_deferred_io_page_mkwrite(struct fb_info *info, struct vm_fault *vmf) > { > - unsigned long offset = vmf->address - vmf->vma->vm_start; > + unsigned long offset = vmf->address - vmf->vma->vm_start > + + (vmf->vma->vm_pgoff << PAGE_SHIFT); > struct page *page = vmf->page; > > file_update_time(vmf->vma->vm_file); > >

1 year, 1 month

2
2
0 0

[PATCH stable 6.8.y] Revert "vmgenid: emit uevent when VMGENID updates"

by Jason A. Donenfeld

commit 3aadf100f93d80815685493d60cd8cab206403df upstream. This reverts commit ad6bcdad2b6724e113f191a12f859a9e8456b26d. I had nak'd it, and Greg said on the thread that it links that he wasn't going to take it either, especially since it's not his code or his tree, but then, seemingly accidentally, it got pushed up some months later, in what looks like a mistake, with no further discussion in the linked thread. So revert it, since it's clearly not intended. Fixes: ad6bcdad2b67 ("vmgenid: emit uevent when VMGENID updates") Cc: stable(a)vger.kernel.org Acked-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Link: https://lore.kernel.org/r/20230531095119.11202-2-bchalios@amazon.es Signed-off-by: Jason A. Donenfeld <Jason(a)zx2c4.com> --- drivers/virt/vmgenid.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/drivers/virt/vmgenid.c b/drivers/virt/vmgenid.c index b67a28da4702..a1c467a0e9f7 100644 --- a/drivers/virt/vmgenid.c +++ b/drivers/virt/vmgenid.c @@ -68,7 +68,6 @@ static int vmgenid_add(struct acpi_device *device) static void vmgenid_notify(struct acpi_device *device, u32 event) { struct vmgenid_state *state = acpi_driver_data(device); - char *envp[] = { "NEW_VMGENID=1", NULL }; u8 old_id[VMGENID_SIZE]; memcpy(old_id, state->this_id, sizeof(old_id)); @@ -76,7 +75,6 @@ static void vmgenid_notify(struct acpi_device *device, u32 event) if (!memcmp(old_id, state->this_id, sizeof(old_id))) return; add_vmfork_randomness(state->this_id, sizeof(state->this_id)); - kobject_uevent_env(&device->dev.kobj, KOBJ_CHANGE, envp); } static const struct acpi_device_id vmgenid_ids[] = { -- 2.44.0

1 year, 1 month

1
0
0 0

FAILED: patch "[PATCH] random: handle creditable entropy from atomic process context" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x e871abcda3b67d0820b4182ebe93435624e9c6a4 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024041901-roundish-flint-1143@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: e871abcda3b6 ("random: handle creditable entropy from atomic process context") bbc7e1bed1f5 ("random: add back async readiness notifier") 9148de3196ed ("random: reseed in delayed work rather than on-demand") f62384995e4c ("random: split initialization into early step and later step") 745558f95885 ("random: use hwgenerator randomness more frequently at early boot") 228dfe98a313 ("Merge tag 'char-misc-6.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e871abcda3b67d0820b4182ebe93435624e9c6a4 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" <Jason(a)zx2c4.com> Date: Wed, 17 Apr 2024 13:38:29 +0200 Subject: [PATCH] random: handle creditable entropy from atomic process context The entropy accounting changes a static key when the RNG has initialized, since it only ever initializes once. Static key changes, however, cannot be made from atomic context, so depending on where the last creditable entropy comes from, the static key change might need to be deferred to a worker. Previously the code used the execute_in_process_context() helper function, which accounts for whether or not the caller is in_interrupt(). However, that doesn't account for the case where the caller is actually in process context but is holding a spinlock. This turned out to be the case with input_handle_event() in drivers/input/input.c contributing entropy: [<ffffffd613025ba0>] die+0xa8/0x2fc [<ffffffd613027428>] bug_handler+0x44/0xec [<ffffffd613016964>] brk_handler+0x90/0x144 [<ffffffd613041e58>] do_debug_exception+0xa0/0x148 [<ffffffd61400c208>] el1_dbg+0x60/0x7c [<ffffffd61400c000>] el1h_64_sync_handler+0x38/0x90 [<ffffffd613011294>] el1h_64_sync+0x64/0x6c [<ffffffd613102d88>] __might_resched+0x1fc/0x2e8 [<ffffffd613102b54>] __might_sleep+0x44/0x7c [<ffffffd6130b6eac>] cpus_read_lock+0x1c/0xec [<ffffffd6132c2820>] static_key_enable+0x14/0x38 [<ffffffd61400ac08>] crng_set_ready+0x14/0x28 [<ffffffd6130df4dc>] execute_in_process_context+0xb8/0xf8 [<ffffffd61400ab30>] _credit_init_bits+0x118/0x1dc [<ffffffd6138580c8>] add_timer_randomness+0x264/0x270 [<ffffffd613857e54>] add_input_randomness+0x38/0x48 [<ffffffd613a80f94>] input_handle_event+0x2b8/0x490 [<ffffffd613a81310>] input_event+0x6c/0x98 According to Guoyong, it's not really possible to refactor the various drivers to never hold a spinlock there. And in_atomic() isn't reliable. So, rather than trying to be too fancy, just punt the change in the static key to a workqueue always. There's basically no drawback of doing this, as the code already needed to account for the static key not changing immediately, and given that it's just an optimization, there's not exactly a hurry to change the static key right away, so deferal is fine. Reported-by: Guoyong Wang <guoyong.wang(a)mediatek.com> Cc: stable(a)vger.kernel.org Fixes: f5bda35fba61 ("random: use static branch for crng_ready()") Signed-off-by: Jason A. Donenfeld <Jason(a)zx2c4.com> diff --git a/drivers/char/random.c b/drivers/char/random.c index 456be28ba67c..2597cb43f438 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -702,7 +702,7 @@ static void extract_entropy(void *buf, size_t len) static void __cold _credit_init_bits(size_t bits) { - static struct execute_work set_ready; + static DECLARE_WORK(set_ready, crng_set_ready); unsigned int new, orig, add; unsigned long flags; @@ -718,8 +718,8 @@ static void __cold _credit_init_bits(size_t bits) if (orig < POOL_READY_BITS && new >= POOL_READY_BITS) { crng_reseed(NULL); /* Sets crng_init to CRNG_READY under base_crng.lock. */ - if (static_key_initialized) - execute_in_process_context(crng_set_ready, &set_ready); + if (static_key_initialized && system_unbound_wq) + queue_work(system_unbound_wq, &set_ready); atomic_notifier_call_chain(&random_ready_notifier, 0, NULL); wake_up_interruptible(&crng_init_wait); kill_fasync(&fasync, SIGIO, POLL_IN); @@ -890,8 +890,8 @@ void __init random_init(void) /* * If we were initialized by the cpu or bootloader before jump labels - * are initialized, then we should enable the static branch here, where - * it's guaranteed that jump labels have been initialized. + * or workqueues are initialized, then we should enable the static + * branch here, where it's guaranteed that these have been initialized. */ if (!static_branch_likely(&crng_is_ready) && crng_init >= CRNG_READY) crng_set_ready(NULL);

1 year, 1 month

2
1
0 0

FAILED: patch "[PATCH] random: handle creditable entropy from atomic process context" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x e871abcda3b67d0820b4182ebe93435624e9c6a4 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024041903-pentagon-deceiver-fe1d@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: e871abcda3b6 ("random: handle creditable entropy from atomic process context") bbc7e1bed1f5 ("random: add back async readiness notifier") 9148de3196ed ("random: reseed in delayed work rather than on-demand") f62384995e4c ("random: split initialization into early step and later step") 745558f95885 ("random: use hwgenerator randomness more frequently at early boot") 228dfe98a313 ("Merge tag 'char-misc-6.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e871abcda3b67d0820b4182ebe93435624e9c6a4 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" <Jason(a)zx2c4.com> Date: Wed, 17 Apr 2024 13:38:29 +0200 Subject: [PATCH] random: handle creditable entropy from atomic process context The entropy accounting changes a static key when the RNG has initialized, since it only ever initializes once. Static key changes, however, cannot be made from atomic context, so depending on where the last creditable entropy comes from, the static key change might need to be deferred to a worker. Previously the code used the execute_in_process_context() helper function, which accounts for whether or not the caller is in_interrupt(). However, that doesn't account for the case where the caller is actually in process context but is holding a spinlock. This turned out to be the case with input_handle_event() in drivers/input/input.c contributing entropy: [<ffffffd613025ba0>] die+0xa8/0x2fc [<ffffffd613027428>] bug_handler+0x44/0xec [<ffffffd613016964>] brk_handler+0x90/0x144 [<ffffffd613041e58>] do_debug_exception+0xa0/0x148 [<ffffffd61400c208>] el1_dbg+0x60/0x7c [<ffffffd61400c000>] el1h_64_sync_handler+0x38/0x90 [<ffffffd613011294>] el1h_64_sync+0x64/0x6c [<ffffffd613102d88>] __might_resched+0x1fc/0x2e8 [<ffffffd613102b54>] __might_sleep+0x44/0x7c [<ffffffd6130b6eac>] cpus_read_lock+0x1c/0xec [<ffffffd6132c2820>] static_key_enable+0x14/0x38 [<ffffffd61400ac08>] crng_set_ready+0x14/0x28 [<ffffffd6130df4dc>] execute_in_process_context+0xb8/0xf8 [<ffffffd61400ab30>] _credit_init_bits+0x118/0x1dc [<ffffffd6138580c8>] add_timer_randomness+0x264/0x270 [<ffffffd613857e54>] add_input_randomness+0x38/0x48 [<ffffffd613a80f94>] input_handle_event+0x2b8/0x490 [<ffffffd613a81310>] input_event+0x6c/0x98 According to Guoyong, it's not really possible to refactor the various drivers to never hold a spinlock there. And in_atomic() isn't reliable. So, rather than trying to be too fancy, just punt the change in the static key to a workqueue always. There's basically no drawback of doing this, as the code already needed to account for the static key not changing immediately, and given that it's just an optimization, there's not exactly a hurry to change the static key right away, so deferal is fine. Reported-by: Guoyong Wang <guoyong.wang(a)mediatek.com> Cc: stable(a)vger.kernel.org Fixes: f5bda35fba61 ("random: use static branch for crng_ready()") Signed-off-by: Jason A. Donenfeld <Jason(a)zx2c4.com> diff --git a/drivers/char/random.c b/drivers/char/random.c index 456be28ba67c..2597cb43f438 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -702,7 +702,7 @@ static void extract_entropy(void *buf, size_t len) static void __cold _credit_init_bits(size_t bits) { - static struct execute_work set_ready; + static DECLARE_WORK(set_ready, crng_set_ready); unsigned int new, orig, add; unsigned long flags; @@ -718,8 +718,8 @@ static void __cold _credit_init_bits(size_t bits) if (orig < POOL_READY_BITS && new >= POOL_READY_BITS) { crng_reseed(NULL); /* Sets crng_init to CRNG_READY under base_crng.lock. */ - if (static_key_initialized) - execute_in_process_context(crng_set_ready, &set_ready); + if (static_key_initialized && system_unbound_wq) + queue_work(system_unbound_wq, &set_ready); atomic_notifier_call_chain(&random_ready_notifier, 0, NULL); wake_up_interruptible(&crng_init_wait); kill_fasync(&fasync, SIGIO, POLL_IN); @@ -890,8 +890,8 @@ void __init random_init(void) /* * If we were initialized by the cpu or bootloader before jump labels - * are initialized, then we should enable the static branch here, where - * it's guaranteed that jump labels have been initialized. + * or workqueues are initialized, then we should enable the static + * branch here, where it's guaranteed that these have been initialized. */ if (!static_branch_likely(&crng_is_ready) && crng_init >= CRNG_READY) crng_set_ready(NULL);

1 year, 1 month

2
1
0 0

FAILED: patch "[PATCH] random: handle creditable entropy from atomic process context" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x e871abcda3b67d0820b4182ebe93435624e9c6a4 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024041905-obvious-blush-10d8@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: e871abcda3b6 ("random: handle creditable entropy from atomic process context") bbc7e1bed1f5 ("random: add back async readiness notifier") 9148de3196ed ("random: reseed in delayed work rather than on-demand") f62384995e4c ("random: split initialization into early step and later step") 745558f95885 ("random: use hwgenerator randomness more frequently at early boot") 228dfe98a313 ("Merge tag 'char-misc-6.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e871abcda3b67d0820b4182ebe93435624e9c6a4 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" <Jason(a)zx2c4.com> Date: Wed, 17 Apr 2024 13:38:29 +0200 Subject: [PATCH] random: handle creditable entropy from atomic process context The entropy accounting changes a static key when the RNG has initialized, since it only ever initializes once. Static key changes, however, cannot be made from atomic context, so depending on where the last creditable entropy comes from, the static key change might need to be deferred to a worker. Previously the code used the execute_in_process_context() helper function, which accounts for whether or not the caller is in_interrupt(). However, that doesn't account for the case where the caller is actually in process context but is holding a spinlock. This turned out to be the case with input_handle_event() in drivers/input/input.c contributing entropy: [<ffffffd613025ba0>] die+0xa8/0x2fc [<ffffffd613027428>] bug_handler+0x44/0xec [<ffffffd613016964>] brk_handler+0x90/0x144 [<ffffffd613041e58>] do_debug_exception+0xa0/0x148 [<ffffffd61400c208>] el1_dbg+0x60/0x7c [<ffffffd61400c000>] el1h_64_sync_handler+0x38/0x90 [<ffffffd613011294>] el1h_64_sync+0x64/0x6c [<ffffffd613102d88>] __might_resched+0x1fc/0x2e8 [<ffffffd613102b54>] __might_sleep+0x44/0x7c [<ffffffd6130b6eac>] cpus_read_lock+0x1c/0xec [<ffffffd6132c2820>] static_key_enable+0x14/0x38 [<ffffffd61400ac08>] crng_set_ready+0x14/0x28 [<ffffffd6130df4dc>] execute_in_process_context+0xb8/0xf8 [<ffffffd61400ab30>] _credit_init_bits+0x118/0x1dc [<ffffffd6138580c8>] add_timer_randomness+0x264/0x270 [<ffffffd613857e54>] add_input_randomness+0x38/0x48 [<ffffffd613a80f94>] input_handle_event+0x2b8/0x490 [<ffffffd613a81310>] input_event+0x6c/0x98 According to Guoyong, it's not really possible to refactor the various drivers to never hold a spinlock there. And in_atomic() isn't reliable. So, rather than trying to be too fancy, just punt the change in the static key to a workqueue always. There's basically no drawback of doing this, as the code already needed to account for the static key not changing immediately, and given that it's just an optimization, there's not exactly a hurry to change the static key right away, so deferal is fine. Reported-by: Guoyong Wang <guoyong.wang(a)mediatek.com> Cc: stable(a)vger.kernel.org Fixes: f5bda35fba61 ("random: use static branch for crng_ready()") Signed-off-by: Jason A. Donenfeld <Jason(a)zx2c4.com> diff --git a/drivers/char/random.c b/drivers/char/random.c index 456be28ba67c..2597cb43f438 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -702,7 +702,7 @@ static void extract_entropy(void *buf, size_t len) static void __cold _credit_init_bits(size_t bits) { - static struct execute_work set_ready; + static DECLARE_WORK(set_ready, crng_set_ready); unsigned int new, orig, add; unsigned long flags; @@ -718,8 +718,8 @@ static void __cold _credit_init_bits(size_t bits) if (orig < POOL_READY_BITS && new >= POOL_READY_BITS) { crng_reseed(NULL); /* Sets crng_init to CRNG_READY under base_crng.lock. */ - if (static_key_initialized) - execute_in_process_context(crng_set_ready, &set_ready); + if (static_key_initialized && system_unbound_wq) + queue_work(system_unbound_wq, &set_ready); atomic_notifier_call_chain(&random_ready_notifier, 0, NULL); wake_up_interruptible(&crng_init_wait); kill_fasync(&fasync, SIGIO, POLL_IN); @@ -890,8 +890,8 @@ void __init random_init(void) /* * If we were initialized by the cpu or bootloader before jump labels - * are initialized, then we should enable the static branch here, where - * it's guaranteed that jump labels have been initialized. + * or workqueues are initialized, then we should enable the static + * branch here, where it's guaranteed that these have been initialized. */ if (!static_branch_likely(&crng_is_ready) && crng_init >= CRNG_READY) crng_set_ready(NULL);

1 year, 1 month

2
1
0 0

[PATCH 4.19.y v6 2/2] tracing: Use var_refs[] for hist trigger reference checking

by George Guo

From: Tom Zanussi <tzanussi(a)gmail.com> commit e4f6d245031e04bdd12db390298acec0474a1a46 upstream. Since all the variable reference hist_fields are collected into hist_data->var_refs[] array, there's no need to go through all the fields looking for them, or in separate arrays like synth_var_refs[], which will be going away soon anyway. This also allows us to get rid of some unnecessary code and functions currently used for the same purpose. Link: http://lkml.kernel.org/r/1545246556.4239.7.camel@gmail.com Acked-by: Namhyung Kim <namhyung(a)kernel.org> Reviewed-by: Masami Hiramatsu <mhiramat(a)kernel.org> Signed-off-by: Tom Zanussi <tom.zanussi(a)linux.intel.com> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> Signed-off-by: George Guo <guodongtai(a)kylinos.cn> --- kernel/trace/trace_events_hist.c | 68 ++++++-------------------------- 1 file changed, 11 insertions(+), 57 deletions(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index e4f5b6894cf2..ede370225245 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -1289,49 +1289,13 @@ check_field_for_var_ref(struct hist_field *hist_field, struct hist_trigger_data *var_data, unsigned int var_idx) { - struct hist_field *found = NULL; - - if (hist_field && hist_field->flags & HIST_FIELD_FL_VAR_REF) { - if (hist_field->var.idx == var_idx && - hist_field->var.hist_data == var_data) { - found = hist_field; - } - } - - return found; -} - -static struct hist_field * -check_field_for_var_refs(struct hist_trigger_data *hist_data, - struct hist_field *hist_field, - struct hist_trigger_data *var_data, - unsigned int var_idx, - unsigned int level) -{ - struct hist_field *found = NULL; - unsigned int i; - - if (level > 3) - return found; - - if (!hist_field) - return found; - - found = check_field_for_var_ref(hist_field, var_data, var_idx); - if (found) - return found; - - for (i = 0; i < HIST_FIELD_OPERANDS_MAX; i++) { - struct hist_field *operand; + WARN_ON(!(hist_field && hist_field->flags & HIST_FIELD_FL_VAR_REF)); - operand = hist_field->operands[i]; - found = check_field_for_var_refs(hist_data, operand, var_data, - var_idx, level + 1); - if (found) - return found; - } + if (hist_field && hist_field->var.idx == var_idx && + hist_field->var.hist_data == var_data) + return hist_field; - return found; + return NULL; } /** @@ -1350,26 +1314,16 @@ static struct hist_field *find_var_ref(struct hist_trigger_data *hist_data, struct hist_trigger_data *var_data, unsigned int var_idx) { - struct hist_field *hist_field, *found = NULL; + struct hist_field *hist_field; unsigned int i; - for_each_hist_field(i, hist_data) { - hist_field = hist_data->fields[i]; - found = check_field_for_var_refs(hist_data, hist_field, - var_data, var_idx, 0); - if (found) - return found; - } - - for (i = 0; i < hist_data->n_synth_var_refs; i++) { - hist_field = hist_data->synth_var_refs[i]; - found = check_field_for_var_refs(hist_data, hist_field, - var_data, var_idx, 0); - if (found) - return found; + for (i = 0; i < hist_data->n_var_refs; i++) { + hist_field = hist_data->var_refs[i]; + if (check_field_for_var_ref(hist_field, var_data, var_idx)) + return hist_field; } - return found; + return NULL; } /** -- 2.34.1

1 year, 1 month

1
0
0 0

[PATCH 4.19.y v6 1/2] tracing: Remove hist trigger synth_var_refs

by George Guo

From: Tom Zanussi <tom.zanussi(a)linux.intel.com> commit 912201345f7c39e6b0ac283207be2b6641fa47b9 upstream. All var_refs are now handled uniformly and there's no reason to treat the synth_refs in a special way now, so remove them and associated functions. Link: http://lkml.kernel.org/r/b4d3470526b8f0426dcec125399dad9ad9b8589d.154516108… Acked-by: Namhyung Kim <namhyung(a)kernel.org> Reviewed-by: Masami Hiramatsu <mhiramat(a)kernel.org> Signed-off-by: Tom Zanussi <tom.zanussi(a)linux.intel.com> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> Signed-off-by: George Guo <guodongtai(a)kylinos.cn> --- kernel/trace/trace_events_hist.c | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index e004daf8cad5..e4f5b6894cf2 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -280,8 +280,6 @@ struct hist_trigger_data { struct action_data *actions[HIST_ACTIONS_MAX]; unsigned int n_actions; - struct hist_field *synth_var_refs[SYNTH_FIELDS_MAX]; - unsigned int n_synth_var_refs; struct field_var *field_vars[SYNTH_FIELDS_MAX]; unsigned int n_field_vars; unsigned int n_field_var_str; @@ -3708,20 +3706,6 @@ static void save_field_var(struct hist_trigger_data *hist_data, } -static void destroy_synth_var_refs(struct hist_trigger_data *hist_data) -{ - unsigned int i; - - for (i = 0; i < hist_data->n_synth_var_refs; i++) - destroy_hist_field(hist_data->synth_var_refs[i], 0); -} - -static void save_synth_var_ref(struct hist_trigger_data *hist_data, - struct hist_field *var_ref) -{ - hist_data->synth_var_refs[hist_data->n_synth_var_refs++] = var_ref; -} - static int check_synth_field(struct synth_event *event, struct hist_field *hist_field, unsigned int field_pos) @@ -3884,7 +3868,6 @@ static int onmatch_create(struct hist_trigger_data *hist_data, goto err; } - save_synth_var_ref(hist_data, var_ref); field_pos++; kfree(p); continue; @@ -4631,7 +4614,6 @@ static void destroy_hist_data(struct hist_trigger_data *hist_data) destroy_actions(hist_data); destroy_field_vars(hist_data); destroy_field_var_hists(hist_data); - destroy_synth_var_refs(hist_data); kfree(hist_data); } -- 2.34.1

1 year, 1 month

1
0
0 0

[PATCH v3 2/2] ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7

by ArcticLampyrid

This fixes the sound not working from internal speakers on Lenovo Legion Y9000X 2022 IAH7 models. Signed-off-by: ArcticLampyrid <ArcticLampyrid(a)outlook.com> Cc: <stable(a)vger.kernel.org> --- sound/pci/hda/cs35l41_hda_property.c | 2 ++ sound/pci/hda/patch_realtek.c | 1 + 2 files changed, 3 insertions(+) diff --git a/sound/pci/hda/cs35l41_hda_property.c b/sound/pci/hda/cs35l41_hda_property.c index 8fb688e41414..ee195737d388 100644 --- a/sound/pci/hda/cs35l41_hda_property.c +++ b/sound/pci/hda/cs35l41_hda_property.c @@ -109,6 +109,7 @@ static const struct cs35l41_config cs35l41_config_table[] = { { "10431F1F", 2, EXTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 1, -1, 0, 0, 0, 0 }, { "10431F62", 2, EXTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 1, 2, 0, 0, 0, 0 }, { "10433A60", 2, INTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 1, 2, 0, 1000, 4500, 24 }, + { "17AA386E", 2, EXTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 0, 2, -1, 0, 0, 0 }, { "17AA386F", 2, EXTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 0, -1, -1, 0, 0, 0 }, { "17AA3877", 2, EXTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 0, 1, -1, 0, 0, 0 }, { "17AA3878", 2, EXTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 0, 1, -1, 0, 0, 0 }, @@ -500,6 +501,7 @@ static const struct cs35l41_prop_model cs35l41_prop_model_table[] = { { "CSC3551", "10431F1F", generic_dsd_config }, { "CSC3551", "10431F62", generic_dsd_config }, { "CSC3551", "10433A60", generic_dsd_config }, + { "CSC3551", "17AA386E", generic_dsd_config }, { "CSC3551", "17AA386F", generic_dsd_config }, { "CSC3551", "17AA3877", generic_dsd_config }, { "CSC3551", "17AA3878", generic_dsd_config }, diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c index cdcb28aa9d7b..ac729187f6a7 100644 --- a/sound/pci/hda/patch_realtek.c +++ b/sound/pci/hda/patch_realtek.c @@ -10382,6 +10382,7 @@ static const struct snd_pci_quirk alc269_fixup_tbl[] = { SND_PCI_QUIRK(0x17aa, 0x3853, "Lenovo Yoga 7 15ITL5", ALC287_FIXUP_YOGA7_14ITL_SPEAKERS), SND_PCI_QUIRK(0x17aa, 0x3855, "Legion 7 16ITHG6", ALC287_FIXUP_LEGION_16ITHG6), SND_PCI_QUIRK(0x17aa, 0x3869, "Lenovo Yoga7 14IAL7", ALC287_FIXUP_YOGA9_14IAP7_BASS_SPK_PIN), + SND_PCI_QUIRK(0x17aa, 0x386e, "Legion Y9000X 2022 IAH7", ALC287_FIXUP_CS35L41_I2C_2), SND_PCI_QUIRK(0x17aa, 0x386f, "Legion 7i 16IAX7", ALC287_FIXUP_CS35L41_I2C_2), SND_PCI_QUIRK(0x17aa, 0x3870, "Lenovo Yoga 7 14ARB7", ALC287_FIXUP_YOGA7_14ARB7_I2C), SND_PCI_QUIRK(0x17aa, 0x3877, "Lenovo Legion 7 Slim 16ARHA7", ALC287_FIXUP_CS35L41_I2C_2), -- 2.44.0

1 year, 1 month

4
4
0 0

[PATCH 2/3] mm/hugetlb: Fix missing hugetlb_lock for resv uncharge

by Peter Xu

There is a recent report on UFFDIO_COPY over hugetlb: https://lore.kernel.org/all/000000000000ee06de0616177560@google.com/ 350: lockdep_assert_held(&hugetlb_lock); Should be an issue in hugetlb but triggered in an userfault context, where it goes into the unlikely path where two threads modifying the resv map together. Mike has a fix in that path for resv uncharge but it looks like the locking criteria was overlooked: hugetlb_cgroup_uncharge_folio_rsvd() will update the cgroup pointer, so it requires to be called with the lock held. Looks like a stable material, so have it copied. Reported-by: syzbot+4b8077a5fccc61c385a1(a)syzkaller.appspotmail.com Cc: Mina Almasry <almasrymina(a)google.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: linux-stable <stable(a)vger.kernel.org> Fixes: 79aa925bf239 ("hugetlb_cgroup: fix reservation accounting") Signed-off-by: Peter Xu <peterx(a)redhat.com> --- mm/hugetlb.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mm/hugetlb.c b/mm/hugetlb.c index 26ab9dfc7d63..3158a55ce567 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -3247,9 +3247,12 @@ struct folio *alloc_hugetlb_folio(struct vm_area_struct *vma, rsv_adjust = hugepage_subpool_put_pages(spool, 1); hugetlb_acct_memory(h, -rsv_adjust); - if (deferred_reserve) + if (deferred_reserve) { + spin_lock_irq(&hugetlb_lock); hugetlb_cgroup_uncharge_folio_rsvd(hstate_index(h), pages_per_huge_page(h), folio); + spin_unlock_irq(&hugetlb_lock); + } } if (!memcg_charge_ret) -- 2.44.0

1 year, 1 month

2
1
0 0

[PATCH 4.19.y v5 0/2] Double-free bug discovery on testing trigger-field-variable-support.tc

by George Guo

1) About v4-0001-tracing-Remove-hist-trigger-synth_var_refs.patch: The reason I am backporting this patch is that no one found the double-free bug at that time, then later the code was removed on upstream, but 4.19-stable has the bug. This is tested via "./ftracetest test.d/trigger/inter-event/ trigger-field-variable-support.tc" ================================================================== BUG: KASAN: use-after-free in destroy_hist_field+0x115/0x140 Read of size 4 at addr ffff888012e95318 by task ftracetest/1858 CPU: 1 PID: 1858 Comm: ftracetest Kdump: loaded Tainted: GE 4.19.90-89 #24 Source Version: Unknown Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0 Call Trace: dump_stack+0xcb/0x10b print_address_description.cold+0x54/0x249 kasan_report_error.cold+0x63/0xab ? destroy_hist_field+0x115/0x140 __asan_report_load4_noabort+0x8d/0xa0 ? destroy_hist_field+0x115/0x140 destroy_hist_field+0x115/0x140 destroy_hist_data+0x4e4/0x9a0 event_hist_trigger_free+0x212/0x2f0 ? update_cond_flag+0x128/0x170 ? event_hist_trigger_func+0x2880/0x2880 hist_unregister_trigger+0x2f2/0x4f0 event_hist_trigger_func+0x168c/0x2880 ? tracing_map_read_var_once+0xd0/0xd0 ? create_key_field+0x520/0x520 ? __mutex_lock_slowpath+0x10/0x10 event_trigger_write+0x2f4/0x490 ? trigger_start+0x180/0x180 ? __fget_light+0x369/0x5d0 ? count_memcg_event_mm+0x104/0x2b0 ? trigger_start+0x180/0x180 __vfs_write+0x81/0x100 vfs_write+0x1e1/0x540 ksys_write+0x12a/0x290 ? __ia32_sys_read+0xb0/0xb0 ? __close_fd+0x1d3/0x280 do_syscall_64+0xe3/0x2d0 entry_SYSCALL_64_after_hwframe+0x5c/0xc1 RIP: 0033:0x7efdd342ee04 Code: 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b3 0f 1f 80 00 00 00 00 48 8d 05 39 34 0c 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5 RSP: 002b:00007ffda01f5e08 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00000000000000b4 RCX: 00007efdd342ee04 RDX: 00000000000000b4 RSI: 000055c5b41b1e90 RDI: 0000000000000001 RBP: 000055c5b41b1e90 R08: 000000000000000a R09: 0000000000000000 R10: 000000000000000a R11: 0000000000000246 R12: 00007efdd34ed5c0 R13: 00000000000000b4 R14: 00007efdd34ed7c0 R15: 00000000000000b4 ================================================================== 2) About v4-0002-tracing-Use-var_refs-for-hist-trigger-reference-c.patch: Only v4-0001-tracing-Remove-hist-trigger-synth_var_refs.patch will lead to compilation errors: ../kernel/trace/trace_events_hist.c: In function ��find_var_ref��: ../kernel/trace/trace_events_hist.c:1364:36: error: ��struct hist_trigger_data�� has no member named ��n_synth_var_refs��; did you mean ��n_var_refs��? 1364 | for (i = 0; i < hist_data->n_synth_var_refs; i++) { | ^~~~~~~~~~~~~~~~ | n_var_refs ../kernel/trace/trace_events_hist.c:1365:41: error: ��struct hist_trigger_data�� has no member named ��synth_var_refs��; did you mean ��n_var_refs��? 1365 | hist_field = hist_data->synth_var_refs[i]; | ^~~~~~~~~~~~~~ | n_var_refs 3) Singing off my name on the V5. Tom Zanussi (2): tracing: Remove hist trigger synth_var_refs tracing: Use var_refs[] for hist trigger reference checking kernel/trace/trace_events_hist.c | 86 ++++---------------------------- 1 file changed, 11 insertions(+), 75 deletions(-) -- 2.34.1

1 year, 1 month

2
3
0 0

[PATCH] r8169: add missing conditional compiling for call to r8169_remove_leds

by Heiner Kallweit

[ Upstream commit 97e176fcbbf3c0f2bd410c9b241177c051f57176 ] Add missing dependency on CONFIG_R8169_LEDS. As-is a link error occurs if config option CONFIG_R8169_LEDS isn't enabled. Fixes: 19fa4f2a85d7 ("r8169: fix LED-related deadlock on module removal") Cc: <stable(a)vger.kernel.org> # 6.8.x Reported-by: Venkat Rao Bagalkote <venkat88(a)linux.vnet.ibm.com> Signed-off-by: Heiner Kallweit <hkallweit1(a)gmail.com> --- This for v6.8 only. --- drivers/net/ethernet/realtek/r8169_main.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/net/ethernet/realtek/r8169_main.c b/drivers/net/ethernet/realtek/r8169_main.c index 2cc1c36ab..32b73f398 100644 --- a/drivers/net/ethernet/realtek/r8169_main.c +++ b/drivers/net/ethernet/realtek/r8169_main.c @@ -4932,7 +4932,8 @@ static void rtl_remove_one(struct pci_dev *pdev) cancel_work_sync(&tp->wk.work); - r8169_remove_leds(tp->leds); + if (IS_ENABLED(CONFIG_R8169_LEDS)) + r8169_remove_leds(tp->leds); unregister_netdev(tp->dev); -- 2.44.0

1 year, 1 month

2
1
0 0

[Regression] USB ethernet AX88179 broken usb ethernet names

by Salvatore Bonaccorso

Hi, Roland Rosenfeld reported in Debian a regression after the update to the 6.1.85 based kernel, with his USB ethernet device not anymore able to use the usb ethernet names. https://bugs.debian.org/1069082 it is somehow linked to the already reported regression https://lore.kernel.org/regressions/ZhFl6xueHnuVHKdp@nuc/ but has another aspect. I'm quoting his original report: > Dear Maintainer, > > when upgrading from 6.1.76-1 to 6.1.85-1 my USB ethernet device > ID 0b95:1790 ASIX Electronics Corp. AX88179 Gigabit Ethernet > is no longer named enx00249bXXXXXX but eth0. > > I see the following in dmsg: > > [ 1.484345] usb 4-5: Manufacturer: ASIX Elec. Corp. > [ 1.484661] usb 4-5: SerialNumber: 0000249BXXXXXX > [ 1.496312] ax88179_178a 4-5:1.0 eth0: register 'ax88179_178a' at usb-0000:00:14.0-5, ASIX AX88179 USB 3.0 Gigabit Ethernet, d2:60:4c:YY:YY:YY > [ 1.497746] usbcore: registered new interface driver ax88179_178a > > Unplugging and plugging again does not solve the issue, but the > interface still is named eth0. > > Maybe it has to do with the following commit from > https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.85 > > commit fc77240f6316d17fc58a8881927c3732b1d75d51 > Author: Jose Ignacio Tornos Martinez <jtornosm(a)redhat.com> > Date: Wed Apr 3 15:21:58 2024 +0200 > > net: usb: ax88179_178a: avoid the interface always configured as random address > > commit 2e91bb99b9d4f756e92e83c4453f894dda220f09 upstream. > > After the commit d2689b6a86b9 ("net: usb: ax88179_178a: avoid two > consecutive device resets"), reset is not executed from bind operation and > mac address is not read from the device registers or the devicetree at that > moment. Since the check to configure if the assigned mac address is random > or not for the interface, happens after the bind operation from > usbnet_probe, the interface keeps configured as random address, although the > address is correctly read and set during open operation (the only reset > now). > > In order to keep only one reset for the device and to avoid the interface > always configured as random address, after reset, configure correctly the > suitable field from the driver, if the mac address is read successfully from > the device registers or the devicetree. Take into account if a locally > administered address (random) was previously stored. > > cc: stable(a)vger.kernel.org # 6.6+ > Fixes: d2689b6a86b9 ("net: usb: ax88179_178a: avoid two consecutive device resets") > Reported-by: Dave Stevenson <dave.stevenson(a)raspberrypi.com> > Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm(a)redhat.com> > Reviewed-by: Simon Horman <horms(a)kernel.org> > Link: https://lore.kernel.org/r/20240403132158.344838-1-jtornosm@redhat.com > Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > > Seems, that I'm not alone with this issue, there are also reports in > https://www.reddit.com/r/debian/comments/1c304xn/linuximageamd64_61851_usb_… > and https://infosec.space/@topher/112276500329020316 > > > All other (pci based) network interfaces still use there static names > (enp0s25, enp2s0, enp3s0), only the usb ethernet name is broken with > the new kernel. > > Greetings > Roland Roland confirmed that reverting both fc77240f6316 ("net: usb: ax88179_178a: avoid the interface always configured as random address") and 5c4cbec5106d ("net: usb: ax88179_178a: avoid two consecutive device resets") fixes the problem. Confirmation: https://bugs.debian.org/1069082#27 Regards, Salvatore

1 year, 1 month

2
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror April 2024