January 2025 - Linux-stable-mirror

[PATCH 6.1.y] block: fix integer overflow in BLKSECDISCARD

by Rajani kantha

From: Alexey Dobriyan <adobriyan(a)gmail.com> [ upstream commit 697ba0b6ec4ae04afb67d3911799b5e2043b4455 ] I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blk_ioctl_discard() but for secure erase. Same problem: uint64_t r[2] = {512, 18446744073709551104ULL}; ioctl(fd, BLKSECDISCARD, r); will enter near infinite loop inside blkdev_issue_secure_erase(): a.out: attempt to access beyond end of device loop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048 bio_check_eod: 3286214 callbacks suppressed Signed-off-by: Alexey Dobriyan <adobriyan(a)gmail.com> Link: https://lore.kernel.org/r/9e64057f-650a-46d1-b9f7-34af391536ef@p183 Signed-off-by: Jens Axboe <axboe(a)kernel.dk> Signed-off-by: Rajani Kantha <rajanikantha(a)engineer.com> --- block/ioctl.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/block/ioctl.c b/block/ioctl.c index c7390d8c9fc7..552da0ccbec0 100644 --- a/block/ioctl.c +++ b/block/ioctl.c @@ -115,7 +115,7 @@ static int blk_ioctl_discard(struct block_device *bdev, fmode_t mode, return -EINVAL; filemap_invalidate_lock(inode->i_mapping); - err = truncate_bdev_range(bdev, mode, start, start + len - 1); + err = truncate_bdev_range(bdev, mode, start, end - 1); if (err) goto fail; err = blkdev_issue_discard(bdev, start >> 9, len >> 9, GFP_KERNEL); @@ -127,7 +127,7 @@ static int blk_ioctl_discard(struct block_device *bdev, fmode_t mode, static int blk_ioctl_secure_erase(struct block_device *bdev, fmode_t mode, void __user *argp) { - uint64_t start, len; + uint64_t start, len, end; uint64_t range[2]; int err; @@ -142,11 +142,12 @@ static int blk_ioctl_secure_erase(struct block_device *bdev, fmode_t mode, len = range[1]; if ((start & 511) || (len & 511)) return -EINVAL; - if (start + len > bdev_nr_bytes(bdev)) + if (check_add_overflow(start, len, &end) || + end > bdev_nr_bytes(bdev)) return -EINVAL; filemap_invalidate_lock(bdev->bd_inode->i_mapping); - err = truncate_bdev_range(bdev, mode, start, start + len - 1); + err = truncate_bdev_range(bdev, mode, start, end - 1); if (!err) err = blkdev_issue_secure_erase(bdev, start >> 9, len >> 9, GFP_KERNEL); -- 2.35.3

4 weeks

1
0
0 0

[PATCH 6.6.y] block: fix integer overflow in BLKSECDISCARD

by Rajani kantha

From: Alexey Dobriyan <adobriyan(a)gmail.com> [ upstream commit 697ba0b6ec4ae04afb67d3911799b5e2043b4455 ] I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blk_ioctl_discard() but for secure erase. Same problem: uint64_t r[2] = {512, 18446744073709551104ULL}; ioctl(fd, BLKSECDISCARD, r); will enter near infinite loop inside blkdev_issue_secure_erase(): a.out: attempt to access beyond end of device loop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048 bio_check_eod: 3286214 callbacks suppressed Signed-off-by: Alexey Dobriyan <adobriyan(a)gmail.com> Link: https://lore.kernel.org/r/9e64057f-650a-46d1-b9f7-34af391536ef@p183 Signed-off-by: Jens Axboe <axboe(a)kernel.dk> Signed-off-by: Rajani Kantha <rajanikantha(a)engineer.com> --- block/ioctl.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/block/ioctl.c b/block/ioctl.c index 378603334284..231537f79a8c 100644 --- a/block/ioctl.c +++ b/block/ioctl.c @@ -115,7 +115,7 @@ static int blk_ioctl_discard(struct block_device *bdev, blk_mode_t mode, return -EINVAL; filemap_invalidate_lock(inode->i_mapping); - err = truncate_bdev_range(bdev, mode, start, start + len - 1); + err = truncate_bdev_range(bdev, mode, start, end - 1); if (err) goto fail; err = blkdev_issue_discard(bdev, start >> 9, len >> 9, GFP_KERNEL); @@ -127,7 +127,7 @@ static int blk_ioctl_discard(struct block_device *bdev, blk_mode_t mode, static int blk_ioctl_secure_erase(struct block_device *bdev, blk_mode_t mode, void __user *argp) { - uint64_t start, len; + uint64_t start, len, end; uint64_t range[2]; int err; @@ -142,11 +142,12 @@ static int blk_ioctl_secure_erase(struct block_device *bdev, blk_mode_t mode, len = range[1]; if ((start & 511) || (len & 511)) return -EINVAL; - if (start + len > bdev_nr_bytes(bdev)) + if (check_add_overflow(start, len, &end) || + end > bdev_nr_bytes(bdev)) return -EINVAL; filemap_invalidate_lock(bdev->bd_inode->i_mapping); - err = truncate_bdev_range(bdev, mode, start, start + len - 1); + err = truncate_bdev_range(bdev, mode, start, end - 1); if (!err) err = blkdev_issue_secure_erase(bdev, start >> 9, len >> 9, GFP_KERNEL); -- 2.35.3

4 weeks

1
0
0 0

[PATCH 6.6.y] cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value

by Rajani kantha

From: Anastasia Belova <abelova(a)astralinux.ru> [ upstream commit 5493f9714e4cdaf0ee7cec15899a231400cb1a9f ] cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return in case of error. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Anastasia Belova <abelova(a)astralinux.ru> Reviewed-by: Perry Yuan <perry.yuan(a)amd.com> Signed-off-by: Viresh Kumar <viresh.kumar(a)linaro.org> <Raj: on 6.6, there don't have function amd_pstate_update_limits() so applied the NULL checking in amd_pstate_adjust_perf() only> Signed-off-by: Rajani Kantha <rajanikantha(a)engineer.com> --- drivers/cpufreq/amd-pstate.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/drivers/cpufreq/amd-pstate.c b/drivers/cpufreq/amd-pstate.c index cdead37d0823..a64baa97e358 100644 --- a/drivers/cpufreq/amd-pstate.c +++ b/drivers/cpufreq/amd-pstate.c @@ -579,8 +579,13 @@ static void amd_pstate_adjust_perf(unsigned int cpu, unsigned long max_perf, min_perf, des_perf, cap_perf, lowest_nonlinear_perf, max_freq; struct cpufreq_policy *policy = cpufreq_cpu_get(cpu); - struct amd_cpudata *cpudata = policy->driver_data; unsigned int target_freq; + struct amd_cpudata *cpudata; + + if (!policy) + return; + + cpudata = policy->driver_data; if (policy->min != cpudata->min_limit_freq || policy->max != cpudata->max_limit_freq) amd_pstate_update_min_max_limit(policy); -- 2.35.3

4 weeks

1
1
0 0

SPI regression seen on ARM am335x in kernel 6.12.8 and 6.6.71

by Lars Pedersen

Hi. We have discovered an SPI regression when upgrading from 6.1.99 to a newer LTS version. Same error on kernel 6.6.71 and 6.12.8. I think we have identified the problem down to the reference clock calculation that seems to end up to zero in the spi-omap2-mcspi driver. Also we think it relates to commit 4c6ac5446d060f0bf435ccc8bc3aa7b7b5f718ad, where OMAP2_MCSPI_MAX_FREQ is used as fallback on error. In our case it seems to hit the else case. Snippets for device tree, spi-omap2-mcspi driver and kernel divide by zero error log with dynamic debug enabled. /Lars Pedersen diff --git a/drivers/spi/spi-omap2-mcspi.c b/drivers/spi/spi-omap2-mcspi.c index 67441b2cd603..8fedfc7db1fa 100644 --- a/drivers/spi/spi-omap2-mcspi.c +++ b/drivers/spi/spi-omap2-mcspi.c @@ -1559,12 +1559,13 @@ static int omap2_mcspi_probe(struct platform_device *pdev) dev_err(&pdev->dev, "Cannot request IRQ"); goto free_ctlr; } - + dev_dbg(&pdev->dev, "DEBUG_EXTRA pre calc\n"); mcspi->ref_clk = devm_clk_get_optional_enabled(&pdev->dev, NULL); if (IS_ERR(mcspi->ref_clk)) mcspi->ref_clk_hz = OMAP2_MCSPI_MAX_FREQ; else mcspi->ref_clk_hz = clk_get_rate(mcspi->ref_clk); + dev_dbg(&pdev->dev, "DEBUG_EXTRA: ref_clk_hz %d\n", mcspi->ref_clk_hz); ctlr->max_speed_hz = mcspi->ref_clk_hz; ctlr->min_speed_hz = mcspi->ref_clk_hz >> 15; ---8<--- /dts-v1/; #include "am33xx.dtsi" #include <dt-bindings/interrupt-controller/irq.h> ... &spi0 { status = "okay"; pinctrl-names = "default"; pinctrl-0 = <&spi0_pins_default>; ti,spi-num-cs = <1>; flash@0 { compatible = "jedec,spi-nor"; reg = <0>; spi-tx-bus-width = <1>; spi-rx-bus-width = <1>; spi-max-frequency = <10000000>; partitions { compatible = "fixed-partitions"; #address-cells = <1>; #size-cells = <1>; partition@0 { reg = <0x0 0x1f00000>; label = "radio-program"; }; partition@1f00000 { reg = <0x1f00000 0xe0000>; label = "linux-data"; read-only; }; partition@1fe0000 { reg = <0x1fe0000 0x10000>; label = "radio-config"; read-only; }; partition@1ff0000 { reg = <0x1ff0000 0x10000>; label = "baseband-config"; read-only; }; }; }; }; ---8<--- Jan 16 11:30:53 ptxdist kernel: omap2_mcspi 48030000.spi: DEBUG_EXTRA pre calc Jan 16 11:30:54 ptxdist kernel: omap2_mcspi 48030000.spi: DEBUG_EXTRA: ref_clk_hz 0 Jan 16 11:30:54 ptxdist kernel: omap2_mcspi 48030000.spi: registered host spi0 Jan 16 11:30:54 ptxdist kernel: Division by zero in kernel. Jan 16 11:30:54 ptxdist kernel: CPU: 0 UID: 0 PID: 161 Comm: (udev-worker) Not tainted 6.12.8 #1 Jan 16 11:30:54 ptxdist kernel: Hardware name: Generic AM33XX (Flattened Device Tree) Jan 16 11:30:54 ptxdist kernel: Call trace: Jan 16 11:30:54 ptxdist kernel: dump_backtrace from show_stack+0x20/0x38 Jan 16 11:30:54 ptxdist kernel: r7:c4a7ff00 r6:c0cef6bc r5:00000000 r4:600f0113 Jan 16 11:30:54 ptxdist kernel: show_stack from dump_stack_lvl+0x40/0x78 Jan 16 11:30:54 ptxdist kernel: dump_stack_lvl from dump_stack+0x18/0x28 Jan 16 11:30:54 ptxdist kernel: r7:c4a7ff00 r6:00000008 r5:c477dbc0 r4:c4a7ec00 Jan 16 11:30:54 ptxdist kernel: dump_stack from __div0+0x24/0x34 Jan 16 11:30:54 ptxdist kernel: __div0 from Ldiv0+0x8/0x10 Jan 16 11:30:54 ptxdist kernel: omap2_mcspi_setup_transfer [spi_omap2_mcspi] from omap2_mcspi_setup+0x134/0x20c [spi_omap2_mcspi] Jan 16 11:30:54 ptxdist kernel: r9:c4a7ff28 r8:c477dbd0 r7:c4a7ff00 r6:c4a7ec00 r5:c2572c10 r4:00000001 Jan 16 11:30:54 ptxdist kernel: omap2_mcspi_setup [spi_omap2_mcspi] from spi_setup+0x124/0x4f8 Jan 16 11:30:54 ptxdist kernel: r9:c4a7edaf r8:00000000 r7:c2572c10 r6:c4a7fc00 r5:00000000 r4:c4a7ec00 Jan 16 11:30:54 ptxdist kernel: spi_setup from __spi_add_device+0x15c/0x300 Jan 16 11:30:54 ptxdist kernel: r6:c4a7fc00 r5:c4a7ec00 r4:c4a7ed9f Jan 16 11:30:54 ptxdist kernel: __spi_add_device from of_register_spi_devices+0x74/0x1a8 Jan 16 11:30:54 ptxdist kernel: r10:c0fe67cc r9:c4a7fd98 r8:c4a7fdd4 r7:c4a7ec00 r6:c4a7fc00 r5:00000000 Jan 16 11:30:54 ptxdist kernel: r4:cfce0df4 Jan 16 11:30:54 ptxdist kernel: of_register_spi_devices from spi_register_controller+0x3d0/0x4d0 Jan 16 11:30:54 ptxdist kernel: r9:c4a7fd98 r8:c0fe67d4 r7:c4a7fda0 r6:00000000 r5:c0fe67d4 r4:c4a7fc00 Jan 16 11:30:54 ptxdist kernel: spi_register_controller from devm_spi_register_controller+0x54/0xbc Jan 16 11:30:54 ptxdist kernel: r10:bf006108 r9:c2572c10 r8:c4a7fc00 r7:c2572c10 r6:c4a7fc00 r5:c4a7ff00 Jan 16 11:30:54 ptxdist kernel: r4:c46cd2c0 Jan 16 11:30:54 ptxdist kernel: devm_spi_register_controller from omap2_mcspi_probe+0x51c/0x5cc [spi_omap2_mcspi] Jan 16 11:30:54 ptxdist kernel: r7:c4a7fc00 r6:c2572c10 r5:c4a7ff00 r4:c2572c10 Jan 16 11:30:54 ptxdist kernel: omap2_mcspi_probe [spi_omap2_mcspi] from platform_probe+0x6c/0xd0 Jan 16 11:30:54 ptxdist kernel: r10:d0481ed0 r9:00000001 r8:00000000 r7:c1028ef8 r6:bf004014 r5:c2572c10 Jan 16 11:30:54 ptxdist kernel: r4:00000000 Jan 16 11:30:54 ptxdist kernel: platform_probe from really_probe+0xf0/0x3ec Jan 16 11:30:54 ptxdist kernel: r7:c1028ef8 r6:bf004014 r5:00000000 r4:c2572c10 Jan 16 11:30:54 ptxdist kernel: really_probe from __driver_probe_device+0xac/0x13c Jan 16 11:30:54 ptxdist kernel: r8:c27a50b4 r7:0000007d r6:c2572c10 r5:bf004014 r4:c2572c10 Jan 16 11:30:54 ptxdist kernel: __driver_probe_device from driver_probe_device+0x40/0xe4 Jan 16 11:30:54 ptxdist kernel: r5:bf004014 r4:c1071d9c Jan 16 11:30:54 ptxdist kernel: driver_probe_device from __driver_attach+0x154/0x204 Jan 16 11:30:54 ptxdist kernel: r7:00000000 r6:c2572c54 r5:bf004014 r4:c2572c10 Jan 16 11:30:54 ptxdist kernel: __driver_attach from bus_for_each_dev+0x8c/0xf0 Jan 16 11:30:54 ptxdist kernel: r7:00000000 r6:c20e96c0 r5:c06404ec r4:bf004014 Jan 16 11:30:54 ptxdist kernel: bus_for_each_dev from driver_attach+0x2c/0x44 Jan 16 11:30:54 ptxdist kernel: r7:c20e96c0 r6:00000000 r5:c27a5080 r4:bf004014 Jan 16 11:30:54 ptxdist kernel: driver_attach from bus_add_driver+0x104/0x244 Jan 16 11:30:54 ptxdist kernel: bus_add_driver from driver_register+0x8c/0x164 Jan 16 11:30:54 ptxdist kernel: r8:00000000 r7:bf004100 r6:c101f840 r5:a7ac7714 r4:bf004014 Jan 16 11:30:54 ptxdist kernel: driver_register from __platform_driver_register+0x2c/0x40 Jan 16 11:30:54 ptxdist kernel: r5:a7ac7714 r4:c0fac2fc Jan 16 11:30:54 ptxdist kernel: __platform_driver_register from omap2_mcspi_driver_init+0x38/0x1000 [spi_omap2_mcspi] Jan 16 11:30:54 ptxdist kernel: omap2_mcspi_driver_init [spi_omap2_mcspi] from do_one_initcall+0x68/0x2b8 Jan 16 11:30:54 ptxdist kernel: r5:c2a95800 r4:bf008000 Jan 16 11:30:54 ptxdist kernel: do_one_initcall from do_init_module+0x64/0x218 Jan 16 11:30:54 ptxdist kernel: r8:bf004100 r7:bf004100 r6:c477d240 r5:00000000 r4:bf004100 Jan 16 11:30:54 ptxdist kernel: do_init_module from load_module+0x7e4/0xa18 Jan 16 11:30:54 ptxdist kernel: r6:00000000 r5:00000000 r4:00000000 Jan 16 11:30:54 ptxdist kernel: load_module from init_module_from_file+0xa4/0xec Jan 16 11:30:54 ptxdist kernel: r10:c477c080 r9:c1054a48 r8:c477c080 r7:c1054a38 r6:b5b1d7f0 r5:c477c080 Jan 16 11:30:54 ptxdist kernel: r4:00000000 Jan 16 11:30:54 ptxdist kernel: init_module_from_file from sys_finit_module+0x244/0x39c Jan 16 11:30:54 ptxdist kernel: r6:00000001 r5:000000f4 r4:c2a95800 Jan 16 11:30:54 ptxdist kernel: sys_finit_module from __sys_trace_return+0x0/0x10 Jan 16 11:30:54 ptxdist kernel: Exception stack(0xd0481fa8 to 0xd0481ff0) Jan 16 11:30:54 ptxdist kernel: 1fa0: 14cb6a00 00000000 0000001a b5b1d7f0 00000000 00000000 Jan 16 11:30:54 ptxdist kernel: 1fc0: 14cb6a00 00000000 00826358 0000017b 008456d0 b6f75934 b5b1739d 00000000 Jan 16 11:30:54 ptxdist kernel: 1fe0: bee9d538 bee9d528 b5b16643 b6c5d262 Jan 16 11:30:54 ptxdist kernel: r10:0000017b r9:c2a95800 r8:c01002c4 r7:0000017b r6:00826358 r5:00000000 Jan 16 11:30:54 ptxdist kernel: r4:14cb6a00 Jan 16 11:30:54 ptxdist kernel: Division by zero in kernel. Jan 16 11:30:54 ptxdist kernel: CPU: 0 UID: 0 PID: 161 Comm: (udev-worker) Not tainted 6.12.8 #1 Jan 16 11:30:54 ptxdist kernel: Hardware name: Generic AM33XX (Flattened Device Tree) Jan 16 11:30:54 ptxdist kernel: Call trace: Jan 16 11:30:54 ptxdist kernel: dump_backtrace from show_stack+0x20/0x38 Jan 16 11:30:54 ptxdist kernel: r7:c4a7ff00 r6:c0cef6bc r5:00000000 r4:600f0113 Jan 16 11:30:54 ptxdist kernel: show_stack from dump_stack_lvl+0x40/0x78 Jan 16 11:30:54 ptxdist kernel: dump_stack_lvl from dump_stack+0x18/0x28 Jan 16 11:30:54 ptxdist kernel: r7:c4a7ff00 r6:00000008 r5:c477dbc0 r4:c4a7ec00 Jan 16 11:30:54 ptxdist kernel: dump_stack from __div0+0x24/0x34 Jan 16 11:30:54 ptxdist kernel: __div0 from Ldiv0+0x8/0x10 Jan 16 11:30:54 ptxdist kernel: omap2_mcspi_setup_transfer [spi_omap2_mcspi] from omap2_mcspi_setup+0x134/0x20c [spi_omap2_mcspi] Jan 16 11:30:54 ptxdist kernel: r9:c4a7ff28 r8:c477dbd0 r7:c4a7ff00 r6:c4a7ec00 r5:c2572c10 r4:00000001 Jan 16 11:30:54 ptxdist kernel: omap2_mcspi_setup [spi_omap2_mcspi] from spi_setup+0x124/0x4f8 Jan 16 11:30:54 ptxdist kernel: r9:c4a7edaf r8:00000000 r7:c2572c10 r6:c4a7fc00 r5:00000000 r4:c4a7ec00 Jan 16 11:30:54 ptxdist kernel: spi_setup from __spi_add_device+0x15c/0x300 Jan 16 11:30:54 ptxdist kernel: r6:c4a7fc00 r5:c4a7ec00 r4:c4a7ed9f Jan 16 11:30:54 ptxdist kernel: __spi_add_device from of_register_spi_devices+0x74/0x1a8 Jan 16 11:30:54 ptxdist kernel: r10:c0fe67cc r9:c4a7fd98 r8:c4a7fdd4 r7:c4a7ec00 r6:c4a7fc00 r5:00000000 Jan 16 11:30:54 ptxdist kernel: r4:cfce0df4 Jan 16 11:30:54 ptxdist kernel: of_register_spi_devices from spi_register_controller+0x3d0/0x4d0 Jan 16 11:30:54 ptxdist kernel: r9:c4a7fd98 r8:c0fe67d4 r7:c4a7fda0 r6:00000000 r5:c0fe67d4 r4:c4a7fc00 Jan 16 11:30:54 ptxdist kernel: spi_register_controller from devm_spi_register_controller+0x54/0xbc Jan 16 11:30:54 ptxdist kernel: r10:bf006108 r9:c2572c10 r8:c4a7fc00 r7:c2572c10 r6:c4a7fc00 r5:c4a7ff00 Jan 16 11:30:54 ptxdist kernel: r4:c46cd2c0 Jan 16 11:30:54 ptxdist kernel: devm_spi_register_controller from omap2_mcspi_probe+0x51c/0x5cc [spi_omap2_mcspi] Jan 16 11:30:54 ptxdist kernel: r7:c4a7fc00 r6:c2572c10 r5:c4a7ff00 r4:c2572c10 Jan 16 11:30:54 ptxdist kernel: omap2_mcspi_probe [spi_omap2_mcspi] from platform_probe+0x6c/0xd0 Jan 16 11:30:54 ptxdist kernel: r10:d0481ed0 r9:00000001 r8:00000000 r7:c1028ef8 r6:bf004014 r5:c2572c10 Jan 16 11:30:54 ptxdist kernel: r4:00000000 Jan 16 11:30:54 ptxdist kernel: platform_probe from really_probe+0xf0/0x3ec Jan 16 11:30:54 ptxdist kernel: r7:c1028ef8 r6:bf004014 r5:00000000 r4:c2572c10 Jan 16 11:30:54 ptxdist kernel: really_probe from __driver_probe_device+0xac/0x13c Jan 16 11:30:54 ptxdist kernel: r8:c27a50b4 r7:0000007d r6:c2572c10 r5:bf004014 r4:c2572c10 Jan 16 11:30:54 ptxdist kernel: __driver_probe_device from driver_probe_device+0x40/0xe4 Jan 16 11:30:54 ptxdist kernel: r5:bf004014 r4:c1071d9c Jan 16 11:30:54 ptxdist kernel: driver_probe_device from __driver_attach+0x154/0x204 Jan 16 11:30:54 ptxdist kernel: r7:00000000 r6:c2572c54 r5:bf004014 r4:c2572c10 Jan 16 11:30:54 ptxdist kernel: __driver_attach from bus_for_each_dev+0x8c/0xf0 Jan 16 11:30:54 ptxdist kernel: r7:00000000 r6:c20e96c0 r5:c06404ec r4:bf004014 Jan 16 11:30:54 ptxdist kernel: bus_for_each_dev from driver_attach+0x2c/0x44 Jan 16 11:30:54 ptxdist kernel: r7:c20e96c0 r6:00000000 r5:c27a5080 r4:bf004014 Jan 16 11:30:54 ptxdist kernel: driver_attach from bus_add_driver+0x104/0x244 Jan 16 11:30:54 ptxdist kernel: bus_add_driver from driver_register+0x8c/0x164 Jan 16 11:30:54 ptxdist kernel: r8:00000000 r7:bf004100 r6:c101f840 r5:a7ac7714 r4:bf004014 Jan 16 11:30:54 ptxdist kernel: driver_register from __platform_driver_register+0x2c/0x40 Jan 16 11:30:54 ptxdist kernel: r5:a7ac7714 r4:c0fac2fc Jan 16 11:30:54 ptxdist kernel: __platform_driver_register from omap2_mcspi_driver_init+0x38/0x1000 [spi_omap2_mcspi] Jan 16 11:30:54 ptxdist kernel: omap2_mcspi_driver_init [spi_omap2_mcspi] from do_one_initcall+0x68/0x2b8 Jan 16 11:30:54 ptxdist kernel: r5:c2a95800 r4:bf008000 Jan 16 11:30:54 ptxdist kernel: do_one_initcall from do_init_module+0x64/0x218 Jan 16 11:30:54 ptxdist kernel: r8:bf004100 r7:bf004100 r6:c477d240 r5:00000000 r4:bf004100 Jan 16 11:30:54 ptxdist kernel: do_init_module from load_module+0x7e4/0xa18 Jan 16 11:30:54 ptxdist kernel: r6:00000000 r5:00000000 r4:00000000 Jan 16 11:30:54 ptxdist kernel: load_module from init_module_from_file+0xa4/0xec Jan 16 11:30:54 ptxdist kernel: r10:c477c080 r9:c1054a48 r8:c477c080 r7:c1054a38 r6:b5b1d7f0 r5:c477c080 Jan 16 11:30:54 ptxdist kernel: r4:00000000 Jan 16 11:30:54 ptxdist kernel: init_module_from_file from sys_finit_module+0x244/0x39c Jan 16 11:30:54 ptxdist kernel: r6:00000001 r5:000000f4 r4:c2a95800 Jan 16 11:30:54 ptxdist kernel: sys_finit_module from __sys_trace_return+0x0/0x10 Jan 16 11:30:54 ptxdist kernel: Exception stack(0xd0481fa8 to 0xd0481ff0) Jan 16 11:30:54 ptxdist kernel: 1fa0: 14cb6a00 00000000 0000001a b5b1d7f0 00000000 00000000 Jan 16 11:30:54 ptxdist kernel: 1fc0: 14cb6a00 00000000 00826358 0000017b 008456d0 b6f75934 b5b1739d 00000000 Jan 16 11:30:55 ptxdist kernel: 1fe0: bee9d538 bee9d528 b5b16643 b6c5d262 Jan 16 11:30:55 ptxdist kernel: r10:0000017b r9:c2a95800 r8:c01002c4 r7:0000017b r6:00826358 r5:00000000 Jan 16 11:30:55 ptxdist kernel: r4:14cb6a00 Jan 16 11:30:55 ptxdist kernel: spi spi0.0: setup: speed 0, sample leading edge, clk normal Jan 16 11:30:55 ptxdist kernel: spi spi0.0: setup mode 0, 8 bits/w, 10000000 Hz max --> 0

4 weeks

3
3
0 0

[PATCH] net/ncsi: wait for the last response to Deselect Package before configuring channel

by Paul Fertser

The NCSI state machine as it's currently implemented assumes that transition to the next logical state is performed either explicitly by calling `schedule_work(&ndp->work)` to re-queue itself or implicitly after processing the predefined (ndp->pending_req_num) number of replies. Thus to avoid the configuration FSM from advancing prematurely and getting out of sync with the process it's essential to not skip waiting for a reply. This patch makes the code wait for reception of the Deselect Package response for the last package probed before proceeding to channel configuration. Thanks go to Potin Lai and Cosmo Chou for the initial investigation and testing. Fixes: 8e13f70be05e ("net/ncsi: Probe single packages to avoid conflict") Cc: stable(a)vger.kernel.org Signed-off-by: Paul Fertser <fercerpav(a)gmail.com> --- net/ncsi/ncsi-manage.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/net/ncsi/ncsi-manage.c b/net/ncsi/ncsi-manage.c index 5cf55bde366d..bf8e27b84a66 100644 --- a/net/ncsi/ncsi-manage.c +++ b/net/ncsi/ncsi-manage.c @@ -1373,6 +1373,12 @@ static void ncsi_probe_channel(struct ncsi_dev_priv *ndp) nd->state = ncsi_dev_state_probe_package; break; case ncsi_dev_state_probe_package: + if (ndp->package_probe_id >= 8) { + /* Last package probed, finishing */ + ndp->flags |= NCSI_DEV_PROBED; + break; + } + ndp->pending_req_num = 1; nca.type = NCSI_PKT_CMD_SP; @@ -1489,13 +1495,8 @@ static void ncsi_probe_channel(struct ncsi_dev_priv *ndp) if (ret) goto error; - /* Probe next package */ + /* Probe next package after receiving response */ ndp->package_probe_id++; - if (ndp->package_probe_id >= 8) { - /* Probe finished */ - ndp->flags |= NCSI_DEV_PROBED; - break; - } nd->state = ncsi_dev_state_probe_package; ndp->active_package = NULL; break; -- 2.34.1

4 weeks

2
1
0 0

[PATCH 5.4] net: xen-netback: hash.c: Use built-in RCU list checking

by Hagar Hemdan

From: Madhuparna Bhowmik <madhuparnabhowmik04(a)gmail.com> commit f3265971ded98a069ad699b51b8a5ab95e9e5be1 upstream. list_for_each_entry_rcu has built-in RCU and lock checking. Pass cond argument to list_for_each_entry_rcu. Signed-off-by: Madhuparna Bhowmik <madhuparnabhowmik04(a)gmail.com> Acked-by: Wei Liu <wei.liu(a)kernel.org> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Hagar Hemdan <hagarhem(a)amazon.com> --- This is a dependency to fix CVE-2024-49936 in 5.4. diff --git a/drivers/net/xen-netback/hash.c b/drivers/net/xen-netback/hash.c --- a/drivers/net/xen-netback/hash.c +++ b/drivers/net/xen-netback/hash.c @@ -51,7 +51,8 @@ static void xenvif_add_hash(struct xenvif *vif, const u8 *tag, found = false; oldest = NULL; - list_for_each_entry_rcu(entry, &vif->hash.cache.list, link) { + list_for_each_entry_rcu(entry, &vif->hash.cache.list, link, + lockdep_is_held(&vif->hash.cache.lock)) { /* Make sure we don't add duplicate entries */ if (entry->len == len && memcmp(entry->tag, tag, len) == 0) @@ -102,7 +103,8 @@ static void xenvif_flush_hash(struct xenvif *vif) spin_lock_irqsave(&vif->hash.cache.lock, flags); - list_for_each_entry_rcu(entry, &vif->hash.cache.list, link) { + list_for_each_entry_rcu(entry, &vif->hash.cache.list, link, + lockdep_is_held(&vif->hash.cache.lock)) { list_del_rcu(&entry->link); vif->hash.cache.count--; kfree_rcu(entry, rcu);

4 weeks

2
3
0 0

Re: [PATCH] KVM: x86: switch hugepage recovery thread to vhost_task

by Alyssa Ross

On Wed, Jan 15, 2025 at 12:03:27PM -0700, Keith Busch wrote: > On Wed, Jan 15, 2025 at 06:10:05PM +0100, Paolo Bonzini wrote: > > You can implement something like pthread_once(): > > ... > > > Where to put it I don't know. It doesn't belong in > > include/linux/once.h. I'm okay with arch/x86/kvm/call_once.h and just > > pull it with #include "call_once.h". > > Thanks for the suggestion, I can work with that. As to where to put it, > I think the new 'struct once' needs to be a member of struct kvm_arch, > so I've put it in arch/x86/include/asm/. > > Here's the result with that folded in. If this is okay, I'll send a v2, > and can split out the call_once as a prep patch with your attribution if > you like. Has there been any progress here? I'm also affected by the crosvm regression, and it's been backported to the LTS stable kernel. (CCing the stable and regressions lists to make sure the regression is tracked.) #regzbot introduced: d96c77bd4eeb

4 weeks

2
2
0 0

[PATCH 6.6 00/72] 6.6.74-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.74 release. There are 72 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 23 Jan 2025 17:45:02 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.74-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.74-rc1 Wang Liang <wangliang74(a)huawei.com> net: fix data-races around sk->sk_forward_alloc Juergen Gross <jgross(a)suse.com> x86/xen: fix SLS mitigation in xen_hypercall_iret() Youzhong Yang <youzhong(a)gmail.com> nfsd: add list_head nf_gc to struct nfsd_file Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "drm/amdgpu: rework resume handling for display (v2)" Amir Goldstein <amir73il(a)gmail.com> fs: relax assertions on failure to encode file handles Amir Goldstein <amir73il(a)gmail.com> ovl: support encoding fid from inode with no alias Amir Goldstein <amir73il(a)gmail.com> ovl: pass realinode to ovl_encode_real_fh() instead of realdentry Mohammed Anees <pvmohammedanees2003(a)gmail.com> ocfs2: fix deadlock in ocfs2_get_system_file_inode Yu Kuai <yukuai3(a)huawei.com> block: fix uaf for flush rq while iterating tags Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com> iio: imu: inv_icm42600: fix spi burst write not supported Terry Tritton <terry.tritton(a)linaro.org> Revert "PCI: Use preserve_config in place of pci_flags" Christian König <christian.koenig(a)amd.com> drm/amdgpu: always sync the GFX pipe on ctx switch Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/fb: Relax clear color alignment to 64 bytes Koichiro Den <koichiro.den(a)canonical.com> hrtimers: Handle CPU state correctly on hotplug Tomas Krcka <krckatom(a)amazon.de> irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity() Yogesh Lal <quic_ylal(a)quicinc.com> irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> irqchip: Plug a OF node reference leak in platform_irqchip_probe() Xiaolei Wang <xiaolei.wang(a)windriver.com> pmdomain: imx8mp-blk-ctrl: add missing loop break condition Sean Anderson <sean.anderson(a)linux.dev> gpio: xilinx: Convert gpio_lock to raw spinlock Rik van Riel <riel(a)surriel.com> fs/proc: fix softlockup in __read_vmcore (part 2) Marco Nelissen <marco.nelissen(a)gmail.com> filemap: avoid truncating 64-bit offset to 32 bits Dave Airlie <airlied(a)redhat.com> nouveau/fence: handle cross device fences properly Stefano Garzarella <sgarzare(a)redhat.com> vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Stefano Garzarella <sgarzare(a)redhat.com> vsock: reset socket state when de-assigning the transport Stefano Garzarella <sgarzare(a)redhat.com> vsock/virtio: cancel close work in the destructor Stefano Garzarella <sgarzare(a)redhat.com> vsock/virtio: discard packets if the transport changes Stefano Garzarella <sgarzare(a)redhat.com> vsock/bpf: return early if transport is not assigned Heiner Kallweit <hkallweit1(a)gmail.com> net: ethernet: xgbe: re-add aneg to supported features in PHY quirks Paolo Abeni <pabeni(a)redhat.com> selftests: mptcp: avoid spurious errors on disconnect Paolo Abeni <pabeni(a)redhat.com> mptcp: fix spurious wake-up on under memory pressure Paolo Abeni <pabeni(a)redhat.com> mptcp: be sure to send ack when mptcp-level window re-opens Tomi Valkeinen <tomi.valkeinen+renesas(a)ideasonboard.com> i2c: atr: Fix client detach Kairui Song <kasong(a)tencent.com> zram: fix potential UAF of zram table Stefan Binding <sbinding(a)opensource.cirrus.com> ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA Juergen Gross <jgross(a)suse.com> x86/asm: Make serialize() always_inline Luis Chamberlain <mcgrof(a)kernel.org> nvmet: propagate npwg topology Hongguang Gao <hongguang.gao(a)broadcom.com> RDMA/bnxt_re: Fix to export port num to ib_query_qp Oleg Nesterov <oleg(a)redhat.com> poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() Marco Nelissen <marco.nelissen(a)gmail.com> iomap: avoid avoid truncating 64-bit offset to 32 bits Hans de Goede <hdegoede(a)redhat.com> ACPI: resource: acpi_dev_irq_override(): Check DMI match last Jakub Kicinski <kuba(a)kernel.org> selftests: tc-testing: reduce rshift value Manivannan Sadhasivam <mani(a)kernel.org> scsi: ufs: core: Honor runtime/system PM levels if set by host controller drivers Max Kellermann <max.kellermann(a)ionos.com> cachefiles: Parse the "secctx" immediately David Howells <dhowells(a)redhat.com> kheaders: Ignore silly-rename files Zhang Kunbo <zhangkunbo(a)huawei.com> fs: fix missing declaration of init_files Leo Stone <leocstone(a)gmail.com> hfs: Sanity check the root record Lizhi Xu <lizhi.xu(a)windriver.com> mac802154: check local interfaces before deleting sdata list Paulo Alcantara <pc(a)manguebit.com> smb: client: fix double free of TCP_Server_Info::hostname Wolfram Sang <wsa+renesas(a)sang-engineering.com> i2c: rcar: fix NACK handling when being a target Wolfram Sang <wsa+renesas(a)sang-engineering.com> i2c: mux: demux-pinctrl: check initial mux selection, too Pratyush Yadav <pratyush(a)kernel.org> Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data" David Lechner <dlechner(a)baylibre.com> hwmon: (tmp513) Fix division of negative numbers MD Danish Anwar <danishanwar(a)ti.com> soc: ti: pruss: Fix pruss APIs Maíra Canal <mcanal(a)igalia.com> drm/v3d: Ensure job pointer is set to NULL after job completion Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Add new keep_resv BO param Leon Romanovsky <leon(a)kernel.org> net/mlx5e: Always start IPsec sequence number from 1 Leon Romanovsky <leon(a)kernel.org> net/mlx5e: Rely on reqid in IPsec tunnel mode Leon Romanovsky <leon(a)kernel.org> net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel Mark Zhang <markzhang(a)nvidia.com> net/mlx5: Clear port select structure when fail to create Patrisious Haddad <phaddad(a)nvidia.com> net/mlx5: Fix RDMA TX steering prio Kevin Groeneveld <kgroeneveld(a)lenbrook.com> net: fec: handle page_pool_dev_alloc_pages error Sean Anderson <sean.anderson(a)linux.dev> net: xilinx: axienet: Fix IRQ coalescing packet count overflow Dan Carpenter <dan.carpenter(a)linaro.org> nfp: bpf: prevent integer overflow in nfp_bpf_event_output() Kuniyuki Iwashima <kuniyu(a)amazon.com> gtp: Destroy device along with udp socket's netns dismantle. Kuniyuki Iwashima <kuniyu(a)amazon.com> gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp(). Eric Dumazet <edumazet(a)google.com> gtp: use exit_batch_rtnl() method Eric Dumazet <edumazet(a)google.com> net: add exit_batch_rtnl() method Artem Chernyshev <artem.chernyshev(a)red-soft.ru> pktgen: Avoid out-of-bounds access in get_imix_entries Ilya Maximets <i.maximets(a)ovn.org> openvswitch: fix lockup on tx to unregistering netdev with carrier Michal Luczaj <mhal(a)rbox.co> bpf: Fix bpf_sk_select_reuseport() memory leak Sudheer Kumar Doredla <s-doredla(a)ti.com> net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() ------------- Diffstat: Makefile | 4 +- arch/x86/include/asm/special_insns.h | 2 +- arch/x86/xen/xen-asm.S | 2 +- block/blk-sysfs.c | 6 +-- block/genhd.c | 9 ++-- drivers/acpi/resource.c | 6 +-- drivers/block/zram/zram_drv.c | 1 + drivers/gpio/gpio-xilinx.c | 32 +++++++------- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 45 +------------------- drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c | 4 +- .../gpu/drm/amd/display/dc/dcn21/dcn21_resource.c | 2 +- drivers/gpu/drm/i915/display/intel_fb.c | 2 +- drivers/gpu/drm/nouveau/nouveau_fence.c | 6 ++- drivers/gpu/drm/v3d/v3d_irq.c | 4 ++ drivers/gpu/drm/vmwgfx/vmwgfx_bo.c | 3 +- drivers/gpu/drm/vmwgfx/vmwgfx_bo.h | 3 +- drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 7 +--- drivers/gpu/drm/vmwgfx/vmwgfx_gem.c | 1 + drivers/gpu/drm/vmwgfx/vmwgfx_shader.c | 7 +--- drivers/gpu/drm/vmwgfx/vmwgfx_ttm_buffer.c | 5 +-- drivers/hwmon/tmp513.c | 7 ++-- drivers/i2c/busses/i2c-rcar.c | 20 ++++++--- drivers/i2c/i2c-atr.c | 2 +- drivers/i2c/muxes/i2c-demux-pinctrl.c | 4 +- drivers/iio/imu/inv_icm42600/inv_icm42600.h | 1 + drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 11 +++++ drivers/iio/imu/inv_icm42600/inv_icm42600_spi.c | 3 +- drivers/infiniband/hw/bnxt_re/ib_verbs.c | 1 + drivers/infiniband/hw/bnxt_re/ib_verbs.h | 4 ++ drivers/infiniband/hw/bnxt_re/qplib_fp.c | 1 + drivers/infiniband/hw/bnxt_re/qplib_fp.h | 1 + drivers/irqchip/irq-gic-v3-its.c | 2 +- drivers/irqchip/irq-gic-v3.c | 2 +- drivers/irqchip/irqchip.c | 4 +- drivers/mtd/spi-nor/core.c | 2 +- drivers/net/ethernet/amd/xgbe/xgbe-phy-v2.c | 19 +-------- drivers/net/ethernet/freescale/fec_main.c | 19 ++++++--- .../ethernet/mellanox/mlx5/core/en_accel/ipsec.c | 22 +++++----- .../mellanox/mlx5/core/en_accel/ipsec_fs.c | 12 +++--- .../mellanox/mlx5/core/en_accel/ipsec_offload.c | 11 +++-- drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 1 + .../net/ethernet/mellanox/mlx5/core/lag/port_sel.c | 4 +- drivers/net/ethernet/netronome/nfp/bpf/offload.c | 3 +- drivers/net/ethernet/ti/cpsw_ale.c | 14 +++---- drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 6 +++ drivers/net/gtp.c | 42 +++++++++++-------- drivers/nvme/target/io-cmd-bdev.c | 2 +- drivers/pci/controller/pci-host-common.c | 4 ++ drivers/pci/probe.c | 20 +++++---- drivers/pmdomain/imx/imx8mp-blk-ctrl.c | 2 +- drivers/ufs/core/ufshcd.c | 9 ++-- fs/cachefiles/daemon.c | 14 +++---- fs/cachefiles/internal.h | 3 +- fs/cachefiles/security.c | 6 +-- fs/file.c | 1 + fs/hfs/super.c | 4 +- fs/iomap/buffered-io.c | 2 +- fs/nfsd/filecache.c | 18 ++++---- fs/nfsd/filecache.h | 1 + fs/notify/fdinfo.c | 4 +- fs/ocfs2/extent_map.c | 8 +++- fs/overlayfs/copy_up.c | 16 +++---- fs/overlayfs/export.c | 49 ++++++++++++---------- fs/overlayfs/namei.c | 4 +- fs/overlayfs/overlayfs.h | 2 +- fs/proc/vmcore.c | 2 + fs/smb/client/connect.c | 3 +- include/linux/hrtimer.h | 1 + include/linux/poll.h | 10 ++++- include/linux/pruss_driver.h | 12 +++--- include/net/net_namespace.h | 3 ++ kernel/cpu.c | 2 +- kernel/gen_kheaders.sh | 1 + kernel/time/hrtimer.c | 11 ++++- mm/filemap.c | 2 +- net/core/filter.c | 30 +++++++------ net/core/net_namespace.c | 31 +++++++++++++- net/core/pktgen.c | 6 +-- net/dccp/ipv6.c | 2 +- net/ipv6/tcp_ipv6.c | 4 +- net/mac802154/iface.c | 4 ++ net/mptcp/options.c | 6 ++- net/mptcp/protocol.h | 9 +++- net/openvswitch/actions.c | 4 +- net/vmw_vsock/af_vsock.c | 18 ++++++++ net/vmw_vsock/virtio_transport_common.c | 38 ++++++++++++----- net/vmw_vsock/vsock_bpf.c | 9 ++++ sound/pci/hda/patch_realtek.c | 1 + tools/testing/selftests/net/mptcp/mptcp_connect.c | 43 ++++++++++++++----- .../tc-testing/tc-tests/filters/flow.json | 4 +- 90 files changed, 479 insertions(+), 315 deletions(-)

4 weeks

11
82
0 0

[PATCH 6.1 00/64] 6.1.127-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.1.127 release. There are 64 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 23 Jan 2025 17:45:02 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.127-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.1.127-rc1 Wang Liang <wangliang74(a)huawei.com> net: fix data-races around sk->sk_forward_alloc Juergen Gross <jgross(a)suse.com> x86/xen: fix SLS mitigation in xen_hypercall_iret() Youzhong Yang <youzhong(a)gmail.com> nfsd: add list_head nf_gc to struct nfsd_file Gao Xiang <xiang(a)kernel.org> erofs: handle NONHEAD !delta[1] lclusters gracefully Gao Xiang <xiang(a)kernel.org> erofs: tidy up EROFS on-disk naming Kang Yang <quic_kangyang(a)quicinc.com> wifi: ath10k: avoid NULL pointer error during sdio remove Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "regmap: detach regmap from dev on regmap_exit" Suraj Sonawane <surajsonawane0215(a)gmail.com> scsi: sg: Fix slab-use-after-free read in sg_release() Zhu Yanjun <yanjun.zhu(a)linux.dev> RDMA/rxe: Fix the qp flush warnings in req Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "drm/amdgpu: rework resume handling for display (v2)" Yu Kuai <yukuai3(a)huawei.com> block: fix uaf for flush rq while iterating tags Vitaly Prosyak <vitaly.prosyak(a)amd.com> drm/amdgpu: fix usage slab after free Srinivasan Shanmugam <srinivasan.shanmugam(a)amd.com> drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' Javier Carrasco <javier.carrasco.cruz(a)gmail.com> iio: adc: rockchip_saradc: fix information leak in triggered buffer Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com> iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com> iio: imu: inv_icm42600: fix spi burst write not supported Terry Tritton <terry.tritton(a)linaro.org> Revert "PCI: Use preserve_config in place of pci_flags" Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/fb: Relax clear color alignment to 64 bytes Koichiro Den <koichiro.den(a)canonical.com> hrtimers: Handle CPU state correctly on hotplug Tomas Krcka <krckatom(a)amazon.de> irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity() Yogesh Lal <quic_ylal(a)quicinc.com> irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> irqchip: Plug a OF node reference leak in platform_irqchip_probe() Xiaolei Wang <xiaolei.wang(a)windriver.com> pmdomain: imx8mp-blk-ctrl: add missing loop break condition Zhongqiu Han <quic_zhonhan(a)quicinc.com> gpiolib: cdev: Fix use after free in lineinfo_changed_notify Rik van Riel <riel(a)surriel.com> fs/proc: fix softlockup in __read_vmcore (part 2) Marco Nelissen <marco.nelissen(a)gmail.com> filemap: avoid truncating 64-bit offset to 32 bits Stefano Garzarella <sgarzare(a)redhat.com> vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Stefano Garzarella <sgarzare(a)redhat.com> vsock: reset socket state when de-assigning the transport Stefano Garzarella <sgarzare(a)redhat.com> vsock/virtio: cancel close work in the destructor Stefano Garzarella <sgarzare(a)redhat.com> vsock/virtio: discard packets if the transport changes Heiner Kallweit <hkallweit1(a)gmail.com> net: ethernet: xgbe: re-add aneg to supported features in PHY quirks Paolo Abeni <pabeni(a)redhat.com> selftests: mptcp: avoid spurious errors on disconnect Paolo Abeni <pabeni(a)redhat.com> mptcp: be sure to send ack when mptcp-level window re-opens Kairui Song <kasong(a)tencent.com> zram: fix potential UAF of zram table Stefan Binding <sbinding(a)opensource.cirrus.com> ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA Juergen Gross <jgross(a)suse.com> x86/asm: Make serialize() always_inline Oleg Nesterov <oleg(a)redhat.com> poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() Marco Nelissen <marco.nelissen(a)gmail.com> iomap: avoid avoid truncating 64-bit offset to 32 bits Hans de Goede <hdegoede(a)redhat.com> ACPI: resource: acpi_dev_irq_override(): Check DMI match last Jakub Kicinski <kuba(a)kernel.org> selftests: tc-testing: reduce rshift value Manivannan Sadhasivam <mani(a)kernel.org> scsi: ufs: core: Honor runtime/system PM levels if set by host controller drivers Max Kellermann <max.kellermann(a)ionos.com> cachefiles: Parse the "secctx" immediately David Howells <dhowells(a)redhat.com> kheaders: Ignore silly-rename files Zhang Kunbo <zhangkunbo(a)huawei.com> fs: fix missing declaration of init_files Leo Stone <leocstone(a)gmail.com> hfs: Sanity check the root record Lizhi Xu <lizhi.xu(a)windriver.com> mac802154: check local interfaces before deleting sdata list Luis Chamberlain <mcgrof(a)kernel.org> nvmet: propagate npwg topology Wolfram Sang <wsa+renesas(a)sang-engineering.com> i2c: rcar: fix NACK handling when being a target Wolfram Sang <wsa+renesas(a)sang-engineering.com> i2c: mux: demux-pinctrl: check initial mux selection, too Pratyush Yadav <pratyush(a)kernel.org> Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data" David Lechner <dlechner(a)baylibre.com> hwmon: (tmp513) Fix division of negative numbers Maíra Canal <mcanal(a)igalia.com> drm/v3d: Ensure job pointer is set to NULL after job completion Mark Zhang <markzhang(a)nvidia.com> net/mlx5: Clear port select structure when fail to create Patrisious Haddad <phaddad(a)nvidia.com> net/mlx5: Fix RDMA TX steering prio Sean Anderson <sean.anderson(a)linux.dev> net: xilinx: axienet: Fix IRQ coalescing packet count overflow Dan Carpenter <dan.carpenter(a)linaro.org> nfp: bpf: prevent integer overflow in nfp_bpf_event_output() Kuniyuki Iwashima <kuniyu(a)amazon.com> gtp: Destroy device along with udp socket's netns dismantle. Kuniyuki Iwashima <kuniyu(a)amazon.com> gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp(). Eric Dumazet <edumazet(a)google.com> gtp: use exit_batch_rtnl() method Eric Dumazet <edumazet(a)google.com> net: add exit_batch_rtnl() method Artem Chernyshev <artem.chernyshev(a)red-soft.ru> pktgen: Avoid out-of-bounds access in get_imix_entries Ilya Maximets <i.maximets(a)ovn.org> openvswitch: fix lockup on tx to unregistering netdev with carrier Michal Luczaj <mhal(a)rbox.co> bpf: Fix bpf_sk_select_reuseport() memory leak Sudheer Kumar Doredla <s-doredla(a)ti.com> net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() ------------- Diffstat: Makefile | 4 +- arch/x86/include/asm/special_insns.h | 2 +- arch/x86/xen/xen-asm.S | 2 +- block/blk-sysfs.c | 6 +- block/genhd.c | 9 +- drivers/acpi/resource.c | 6 +- drivers/base/regmap/regmap.c | 12 -- drivers/block/zram/zram_drv.c | 1 + drivers/gpio/gpiolib-cdev.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 47 +------ drivers/gpu/drm/amd/amdgpu/amdgpu_vce.c | 6 +- .../gpu/drm/amd/display/dc/dcn21/dcn21_resource.c | 2 +- drivers/gpu/drm/i915/display/intel_fb.c | 2 +- drivers/gpu/drm/v3d/v3d_irq.c | 4 + drivers/hwmon/tmp513.c | 7 +- drivers/i2c/busses/i2c-rcar.c | 20 ++- drivers/i2c/muxes/i2c-demux-pinctrl.c | 4 +- drivers/iio/adc/rockchip_saradc.c | 2 + drivers/iio/imu/inv_icm42600/inv_icm42600.h | 1 + drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 18 ++- drivers/iio/imu/inv_icm42600/inv_icm42600_spi.c | 3 +- drivers/infiniband/sw/rxe/rxe_req.c | 6 +- drivers/irqchip/irq-gic-v3-its.c | 2 +- drivers/irqchip/irq-gic-v3.c | 2 +- drivers/irqchip/irqchip.c | 4 +- drivers/mtd/spi-nor/core.c | 2 +- drivers/net/ethernet/amd/xgbe/xgbe-phy-v2.c | 19 +-- drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 1 + .../net/ethernet/mellanox/mlx5/core/lag/port_sel.c | 4 +- drivers/net/ethernet/netronome/nfp/bpf/offload.c | 3 +- drivers/net/ethernet/ti/cpsw_ale.c | 14 +- drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 6 + drivers/net/gtp.c | 42 +++--- drivers/net/wireless/ath/ath10k/sdio.c | 4 +- drivers/nvme/target/io-cmd-bdev.c | 2 +- drivers/pci/controller/pci-host-common.c | 4 + drivers/pci/probe.c | 20 +-- drivers/scsi/sg.c | 2 +- drivers/soc/imx/imx8mp-blk-ctrl.c | 2 +- drivers/ufs/core/ufshcd.c | 9 +- fs/cachefiles/daemon.c | 14 +- fs/cachefiles/internal.h | 3 +- fs/cachefiles/security.c | 6 +- fs/erofs/erofs_fs.h | 143 +++++++++------------ fs/erofs/zmap.c | 133 ++++++++++--------- fs/file.c | 1 + fs/hfs/super.c | 4 +- fs/iomap/buffered-io.c | 2 +- fs/nfsd/filecache.c | 18 +-- fs/nfsd/filecache.h | 1 + fs/proc/vmcore.c | 2 + include/linux/hrtimer.h | 1 + include/linux/poll.h | 10 +- include/net/net_namespace.h | 3 + kernel/cpu.c | 2 +- kernel/gen_kheaders.sh | 1 + kernel/time/hrtimer.c | 11 +- mm/filemap.c | 2 +- net/core/filter.c | 30 +++-- net/core/net_namespace.c | 31 ++++- net/core/pktgen.c | 6 +- net/dccp/ipv6.c | 2 +- net/ipv6/tcp_ipv6.c | 4 +- net/mac802154/iface.c | 4 + net/mptcp/options.c | 6 +- net/openvswitch/actions.c | 4 +- net/vmw_vsock/af_vsock.c | 18 +++ net/vmw_vsock/virtio_transport_common.c | 38 ++++-- sound/pci/hda/patch_realtek.c | 1 + tools/testing/selftests/net/mptcp/mptcp_connect.c | 43 +++++-- .../tc-testing/tc-tests/filters/flow.json | 4 +- 71 files changed, 477 insertions(+), 379 deletions(-)

4 weeks

8
73
0 0

[PATCH 5.15 000/127] 5.15.177-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.177 release. There are 127 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 23 Jan 2025 17:45:02 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.177-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.177-rc1 Wang Liang <wangliang74(a)huawei.com> net: fix data-races around sk->sk_forward_alloc Suraj Sonawane <surajsonawane0215(a)gmail.com> scsi: sg: Fix slab-use-after-free read in sg_release() Juergen Gross <jgross(a)suse.com> x86/xen: fix SLS mitigation in xen_hypercall_iret() Youzhong Yang <youzhong(a)gmail.com> nfsd: add list_head nf_gc to struct nfsd_file Eric Dumazet <edumazet(a)google.com> ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() Stefano Garzarella <sgarzare(a)redhat.com> vsock/virtio: discard packets if the transport changes Tejun Heo <tj(a)kernel.org> blk-cgroup: Fix UAF in blkcg_unpin_online() Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "regmap: detach regmap from dev on regmap_exit" Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "drm/amdgpu: rework resume handling for display (v2)" Javier Carrasco <javier.carrasco.cruz(a)gmail.com> iio: adc: rockchip_saradc: fix information leak in triggered buffer Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com> iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on Jean-Baptiste Maneyrol <jean-baptiste.maneyrol(a)tdk.com> iio: imu: inv_icm42600: fix spi burst write not supported Terry Tritton <terry.tritton(a)linaro.org> Revert "PCI: Use preserve_config in place of pci_flags" Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/fb: Relax clear color alignment to 64 bytes Koichiro Den <koichiro.den(a)canonical.com> hrtimers: Handle CPU state correctly on hotplug Yogesh Lal <quic_ylal(a)quicinc.com> irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly Zhongqiu Han <quic_zhonhan(a)quicinc.com> gpiolib: cdev: Fix use after free in lineinfo_changed_notify Rik van Riel <riel(a)surriel.com> fs/proc: fix softlockup in __read_vmcore (part 2) Marco Nelissen <marco.nelissen(a)gmail.com> filemap: avoid truncating 64-bit offset to 32 bits Stefano Garzarella <sgarzare(a)redhat.com> vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Stefano Garzarella <sgarzare(a)redhat.com> vsock: reset socket state when de-assigning the transport Stefano Garzarella <sgarzare(a)redhat.com> vsock/virtio: cancel close work in the destructor Heiner Kallweit <hkallweit1(a)gmail.com> net: ethernet: xgbe: re-add aneg to supported features in PHY quirks Juergen Gross <jgross(a)suse.com> x86/asm: Make serialize() always_inline Kairui Song <kasong(a)tencent.com> zram: fix potential UAF of zram table Luis Chamberlain <mcgrof(a)kernel.org> nvmet: propagate npwg topology Oleg Nesterov <oleg(a)redhat.com> poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() Hans de Goede <hdegoede(a)redhat.com> ACPI: resource: acpi_dev_irq_override(): Check DMI match last David Howells <dhowells(a)redhat.com> kheaders: Ignore silly-rename files Zhang Kunbo <zhangkunbo(a)huawei.com> fs: fix missing declaration of init_files Leo Stone <leocstone(a)gmail.com> hfs: Sanity check the root record Lizhi Xu <lizhi.xu(a)windriver.com> mac802154: check local interfaces before deleting sdata list Wolfram Sang <wsa+renesas(a)sang-engineering.com> i2c: rcar: fix NACK handling when being a target Wolfram Sang <wsa+renesas(a)sang-engineering.com> i2c: mux: demux-pinctrl: check initial mux selection, too Pratyush Yadav <pratyush(a)kernel.org> Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data" David Lechner <dlechner(a)baylibre.com> hwmon: (tmp513) Fix division of negative numbers Maíra Canal <mcanal(a)igalia.com> drm/v3d: Ensure job pointer is set to NULL after job completion Patrisious Haddad <phaddad(a)nvidia.com> net/mlx5: Fix RDMA TX steering prio Maor Gottlieb <maorg(a)nvidia.com> net/mlx5: Refactor mlx5_get_flow_namespace Aharon Landau <aharonl(a)nvidia.com> net/mlx5: Add priorities for counters in RDMA namespaces Sean Anderson <sean.anderson(a)linux.dev> net: xilinx: axienet: Fix IRQ coalescing packet count overflow Dan Carpenter <dan.carpenter(a)linaro.org> nfp: bpf: prevent integer overflow in nfp_bpf_event_output() Kuniyuki Iwashima <kuniyu(a)amazon.com> gtp: Destroy device along with udp socket's netns dismantle. Kuniyuki Iwashima <kuniyu(a)amazon.com> gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp(). Eric Dumazet <edumazet(a)google.com> gtp: use exit_batch_rtnl() method Eric Dumazet <edumazet(a)google.com> net: add exit_batch_rtnl() method Artem Chernyshev <artem.chernyshev(a)red-soft.ru> pktgen: Avoid out-of-bounds access in get_imix_entries Michal Luczaj <mhal(a)rbox.co> bpf: Fix bpf_sk_select_reuseport() memory leak Sudheer Kumar Doredla <s-doredla(a)ti.com> net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() Justin Chen <justinpopo6(a)gmail.com> phy: usb: Fix clock imbalance for suspend/resume Justin Chen <justinpopo6(a)gmail.com> phy: usb: Use slow clock for wake enabled suspend Paolo Abeni <pabeni(a)redhat.com> mptcp: fix TCP options overflow. Geliang Tang <geliang.tang(a)suse.com> mptcp: drop port parameter of mptcp_pm_add_addr_signal Dennis Lam <dennis.lamerice(a)gmail.com> ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv Joseph Qi <joseph.qi(a)linux.alibaba.com> ocfs2: correct return value of ocfs2_local_free_info() Justin Chen <justin.chen(a)broadcom.com> phy: usb: Toggle the PHY power during init Al Cooper <alcooperx(a)gmail.com> phy: usb: Add "wake on" functionality for newer Synopsis XHCI controllers Andrea della Porta <andrea.porta(a)suse.com> of: address: Preserve the flags portion on 1:1 dma-ranges mapping Rob Herring <robh(a)kernel.org> of: address: Store number of bus flag cells rather than bool Herve Codina <herve.codina(a)bootlin.com> of: address: Remove duplicated functions Herve Codina <herve.codina(a)bootlin.com> of: address: Fix address translation when address-size is greater than 2 Rob Herring <robh(a)kernel.org> of/address: Add support for 3 address cell bus Rob Herring <robh(a)kernel.org> of: unittest: Add bus address range parsing tests Peter Geis <pgwipeout(a)gmail.com> arm64: dts: rockchip: add hevc power domain clock to rk3328 Yu Kuai <yukuai3(a)huawei.com> block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() Uwe Kleine-König <u.kleine-koenig(a)baylibre.com> iio: adc: ad7124: Disable all channels at probe time Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> iio: inkern: call iio_device_put() only on mapped devices Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> iio: adc: at91: call input_free_device() on allocated iio_dev Fabio Estevam <festevam(a)gmail.com> iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() Carlos Song <carlos.song(a)nxp.com> iio: gyro: fxas21002c: Fix missing data update in trigger handler Javier Carrasco <javier.carrasco.cruz(a)gmail.com> iio: adc: ti-ads8688: fix information leak in triggered buffer Javier Carrasco <javier.carrasco.cruz(a)gmail.com> iio: imu: kmx61: fix information leak in triggered buffer Javier Carrasco <javier.carrasco.cruz(a)gmail.com> iio: light: vcnl4035: fix information leak in triggered buffer Javier Carrasco <javier.carrasco.cruz(a)gmail.com> iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer Javier Carrasco <javier.carrasco.cruz(a)gmail.com> iio: pressure: zpa2326: fix information leak in triggered buffer Akash M <akash.m5(a)samsung.com> usb: gadget: f_fs: Remove WARN_ON in functionfs_bind Prashanth K <quic_prashk(a)quicinc.com> usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints Ma Ke <make_ruc2021(a)163.com> usb: fix reference leak in usb_new_device() Kai-Heng Feng <kaihengf(a)nvidia.com> USB: core: Disable LPM only for non-suspended ports Jun Yan <jerrysteve1101(a)gmail.com> USB: usblp: return error when setting unsupported protocol Lianqin Hu <hulianqin(a)vivo.com> usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null Li Huafei <lihuafei1(a)huawei.com> topology: Keep the cpumask unchanged when printing cpumap André Draszik <andre.draszik(a)linaro.org> usb: dwc3: gadget: fix writing NYET threshold Johan Hovold <johan(a)kernel.org> USB: serial: cp210x: add Phoenix Contact UPS Device Lubomir Rintel <lrintel(a)redhat.com> usb-storage: Add max sectors quirk for Nokia 208 Zicheng Qu <quzicheng(a)huawei.com> staging: iio: ad9832: Correct phase range check Zicheng Qu <quzicheng(a)huawei.com> staging: iio: ad9834: Correct phase range check Michal Hrusecky <michal.hrusecky(a)turris.com> USB: serial: option: add Neoway N723-EA support Chukun Pan <amadeus(a)jmu.edu.cn> USB: serial: option: add MeiG Smart SRM815 Gui-Dong Han <2045gemini(a)gmail.com> md/raid5: fix atomicity violation in raid5_cache_count Kuan-Wei Chiu <visitorckw(a)gmail.com> scripts/sorttable: fix orc_sort_cmp() to maintain symmetry and transitivity Kairui Song <kasong(a)tencent.com> zram: fix uninitialized ZRAM not releasing backing device Dominique Martinet <dominique.martinet(a)atmark-techno.com> zram: check comp is non-NULL before calling comp_destroy Sergey Senozhatsky <senozhatsky(a)chromium.org> drivers/block/zram/zram_drv.c: do not keep dangling zcomp pointer after zram reset Melissa Wen <mwen(a)igalia.com> drm/amd/display: increase MAX_SURFACES to the value supported by hw Hans de Goede <hdegoede(a)redhat.com> ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] Hans de Goede <hdegoede(a)redhat.com> ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] Nam Cao <namcao(a)linutronix.de> riscv: Fix sleeping in invalid context in die() Roman Li <Roman.Li(a)amd.com> drm/amd/display: Add check for granularity in dml ceil/floor helpers Matthieu Baerts (NGI0) <matttbe(a)kernel.org> sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy Matthieu Baerts (NGI0) <matttbe(a)kernel.org> sctp: sysctl: udp_port: avoid using current->nsproxy Matthieu Baerts (NGI0) <matttbe(a)kernel.org> sctp: sysctl: auth_enable: avoid using current->nsproxy Matthieu Baerts (NGI0) <matttbe(a)kernel.org> sctp: sysctl: rto_min/max: avoid using current->nsproxy Matthieu Baerts (NGI0) <matttbe(a)kernel.org> sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy Mikulas Patocka <mpatocka(a)redhat.com> dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY Krister Johansen <kjlx(a)templeofstupid.com> dm thin: make get_first_thin use rcu-safe list first function David Howells <dhowells(a)redhat.com> afs: Fix the maximum cell name length Wentao Liang <liangwentao(a)iscas.ac.cn> ksmbd: fix a missing return value check bug Jason-JH.Lin <jason-jh.lin(a)mediatek.com> drm/mediatek: Add support for 180-degree rotation in the display driver Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: conntrack: clamp maximum hashtable size to INT_MAX Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: imbalance in flowtable binding Benjamin Coddington <bcodding(a)redhat.com> tls: Fix tls_sw_sendmsg error handling Anumula Murali Mohan Reddy <anumula(a)chelsio.com> cxgb4: Avoid removal of uninserted tid Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> bnxt_en: Fix possible memory leak when hwrm_req_replace fails Eric Dumazet <edumazet(a)google.com> net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute Zhongqiu Duan <dzq.aishenghu0(a)gmail.com> tcp/dccp: allow a connection when sk_max_ack_backlog is zero Jason Xing <kernelxing(a)tencent.com> tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog Antonio Pastor <antonio.pastor(a)gmail.com> net: 802: LLC+SNAP OID:PID lookup on start of skb data Keisuke Nishimura <keisuke.nishimura(a)inria.fr> ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() Chen-Yu Tsai <wenst(a)chromium.org> ASoC: mediatek: disable buffer pre-allocation Yuezhang Mo <Yuezhang.Mo(a)sony.com> exfat: fix the infinite loop in __exfat_free_cluster() Yuezhang Mo <Yuezhang.Mo(a)sony.com> exfat: fix the infinite loop in exfat_readdir() Ming-Hung Tsai <mtsai(a)redhat.com> dm array: fix cursor index when skipping across block boundaries Ming-Hung Tsai <mtsai(a)redhat.com> dm array: fix unreleased btree blocks on closing a faulty array cursor Ming-Hung Tsai <mtsai(a)redhat.com> dm array: fix releasing a faulty array block twice in dm_array_cursor_end Zhang Yi <yi.zhang(a)huawei.com> jbd2: flush filesystem device before updating tail sequence Max Kellermann <max.kellermann(a)ionos.com> ceph: give up on paths longer than PATH_MAX ------------- Diffstat: Makefile | 4 +- arch/arm64/boot/dts/rockchip/rk3328.dtsi | 1 + arch/riscv/kernel/traps.c | 6 +- arch/x86/include/asm/special_insns.h | 2 +- arch/x86/xen/xen-asm.S | 2 +- block/bfq-iosched.c | 12 ++- drivers/acpi/resource.c | 24 ++++- drivers/base/regmap/regmap.c | 12 --- drivers/base/topology.c | 24 ++++- drivers/block/zram/zram_drv.c | 24 ++--- drivers/gpio/gpiolib-cdev.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 45 +-------- drivers/gpu/drm/amd/display/dc/dc.h | 2 +- .../gpu/drm/amd/display/dc/dml/dml_inline_defs.h | 8 ++ drivers/gpu/drm/i915/display/intel_fb.c | 2 +- drivers/gpu/drm/mediatek/mtk_disp_ovl.c | 12 ++- drivers/gpu/drm/v3d/v3d_irq.c | 4 + drivers/hwmon/tmp513.c | 7 +- drivers/i2c/busses/i2c-rcar.c | 20 +++- drivers/i2c/muxes/i2c-demux-pinctrl.c | 4 +- drivers/iio/adc/ad7124.c | 3 + drivers/iio/adc/at91_adc.c | 2 +- drivers/iio/adc/rockchip_saradc.c | 2 + drivers/iio/adc/ti-ads124s08.c | 4 +- drivers/iio/adc/ti-ads8688.c | 2 +- drivers/iio/dummy/iio_simple_dummy_buffer.c | 2 +- drivers/iio/gyro/fxas21002c_core.c | 11 ++- drivers/iio/imu/inv_icm42600/inv_icm42600.h | 1 + drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 18 +++- drivers/iio/imu/inv_icm42600/inv_icm42600_spi.c | 3 +- drivers/iio/imu/kmx61.c | 2 +- drivers/iio/inkern.c | 2 +- drivers/iio/light/vcnl4035.c | 2 +- drivers/iio/pressure/zpa2326.c | 2 + drivers/irqchip/irq-gic-v3.c | 2 +- drivers/md/dm-ebs-target.c | 2 +- drivers/md/dm-thin.c | 5 +- drivers/md/persistent-data/dm-array.c | 19 ++-- drivers/md/raid5.c | 14 +-- drivers/mtd/spi-nor/core.c | 2 +- drivers/net/ethernet/amd/xgbe/xgbe-phy-v2.c | 19 +--- drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.c | 3 +- drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 5 +- drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 95 ++++++++++++++---- drivers/net/ethernet/netronome/nfp/bpf/offload.c | 3 +- drivers/net/ethernet/ti/cpsw_ale.c | 14 +-- drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 6 ++ drivers/net/gtp.c | 42 ++++---- drivers/net/ieee802154/ca8210.c | 6 +- drivers/nvme/target/io-cmd-bdev.c | 2 +- drivers/of/address.c | 76 ++++++++++---- drivers/of/unittest-data/tests-address.dtsi | 9 +- drivers/of/unittest.c | 109 +++++++++++++++++++++ drivers/pci/controller/pci-host-common.c | 4 + drivers/pci/probe.c | 20 ++-- drivers/phy/broadcom/phy-brcm-usb-init-synopsys.c | 53 ++++++++-- drivers/phy/broadcom/phy-brcm-usb-init.h | 1 - drivers/phy/broadcom/phy-brcm-usb.c | 8 +- drivers/scsi/sg.c | 2 +- drivers/staging/iio/frequency/ad9832.c | 2 +- drivers/staging/iio/frequency/ad9834.c | 2 +- drivers/usb/class/usblp.c | 7 +- drivers/usb/core/hub.c | 6 +- drivers/usb/core/port.c | 7 +- drivers/usb/dwc3/core.h | 1 + drivers/usb/dwc3/gadget.c | 4 +- drivers/usb/gadget/function/f_fs.c | 2 +- drivers/usb/gadget/function/f_uac2.c | 1 + drivers/usb/gadget/function/u_serial.c | 8 +- drivers/usb/serial/cp210x.c | 1 + drivers/usb/serial/option.c | 4 +- drivers/usb/storage/unusual_devs.h | 7 ++ fs/afs/afs.h | 2 +- fs/afs/afs_vl.h | 1 + fs/afs/vl_alias.c | 8 +- fs/afs/vlclient.c | 2 +- fs/ceph/mds_client.c | 9 +- fs/exfat/dir.c | 3 +- fs/exfat/fatent.c | 10 ++ fs/file.c | 1 + fs/hfs/super.c | 4 +- fs/jbd2/commit.c | 4 +- fs/ksmbd/smb2pdu.c | 3 + fs/nfsd/filecache.c | 18 ++-- fs/nfsd/filecache.h | 1 + fs/ocfs2/quota_global.c | 2 +- fs/ocfs2/quota_local.c | 10 +- fs/proc/vmcore.c | 2 + include/linux/blk-cgroup.h | 6 +- include/linux/hrtimer.h | 1 + include/linux/mlx5/device.h | 2 + include/linux/mlx5/fs.h | 2 + include/linux/poll.h | 10 +- include/net/inet_connection_sock.h | 2 +- include/net/net_namespace.h | 3 + kernel/cpu.c | 2 +- kernel/gen_kheaders.sh | 1 + kernel/time/hrtimer.c | 11 ++- mm/filemap.c | 2 +- net/802/psnap.c | 4 +- net/core/filter.c | 30 +++--- net/core/net_namespace.c | 31 +++++- net/core/pktgen.c | 6 +- net/dccp/ipv6.c | 2 +- net/ipv6/route.c | 2 +- net/ipv6/tcp_ipv6.c | 4 +- net/mac802154/iface.c | 4 + net/mptcp/options.c | 12 ++- net/mptcp/pm.c | 7 +- net/mptcp/protocol.h | 2 +- net/netfilter/nf_conntrack_core.c | 5 +- net/netfilter/nf_tables_api.c | 15 ++- net/sched/cls_flow.c | 3 +- net/sctp/sysctl.c | 14 +-- net/tls/tls_sw.c | 2 +- net/vmw_vsock/af_vsock.c | 18 ++++ net/vmw_vsock/virtio_transport_common.c | 38 ++++--- scripts/sorttable.h | 6 +- .../soc/mediatek/common/mtk-afe-platform-driver.c | 4 +- 119 files changed, 830 insertions(+), 347 deletions(-)

4 weeks

8
135
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror January 2025