January 2025 - Linux-stable-mirror

[PATCH -stable,5.10 1/1] netfilter: nft_dynset: honor stateful expressions in set definition

by Pablo Neira Ayuso

commit fca05d4d61e65fa573a3768f9019a42143c03349 upstream. If the set definition contains stateful expressions, allocate them for the newly added entries from the packet path. [ This backport includes nft_set_elem_expr_clone() which has been taken from 8cfd9b0f8515 ("netfilter: nftables: generalize set expressions support") and skip redundant expressions when set already provides it per ce5379963b28 ("netfilter: nft_dynset: dump expressions when set definition contains no expressions") ] Fixes: 65038428b2c6 ("netfilter: nf_tables: allow to specify stateful expression in set definition") Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> --- include/net/netfilter/nf_tables.h | 2 ++ net/netfilter/nf_tables_api.c | 23 +++++++++++++++++++++++ net/netfilter/nft_dynset.c | 7 ++++++- 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h index 484f9cdf2dd0..0f1103c43cb8 100644 --- a/include/net/netfilter/nf_tables.h +++ b/include/net/netfilter/nf_tables.h @@ -731,6 +731,8 @@ void *nft_set_elem_init(const struct nft_set *set, const struct nft_set_ext_tmpl *tmpl, const u32 *key, const u32 *key_end, const u32 *data, u64 timeout, u64 expiration, gfp_t gfp); +int nft_set_elem_expr_clone(const struct nft_ctx *ctx, struct nft_set *set, + struct nft_expr **pexpr); void nft_set_elem_destroy(const struct nft_set *set, void *elem, bool destroy_expr); void nf_tables_set_elem_destroy(const struct nft_ctx *ctx, diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index 2bd1c7e7edc3..28ea2ed3f337 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -5548,6 +5548,29 @@ static int nft_set_elem_expr_setup(struct nft_ctx *ctx, return 0; } +int nft_set_elem_expr_clone(const struct nft_ctx *ctx, struct nft_set *set, + struct nft_expr **pexpr) +{ + struct nft_expr *expr; + int err; + + expr = kzalloc(set->expr->ops->size, GFP_KERNEL); + if (!expr) + goto err_expr; + + err = nft_expr_clone(expr, set->expr, GFP_KERNEL); + if (err < 0) { + kfree(expr); + goto err_expr; + } + *pexpr = expr; + + return 0; + +err_expr: + return -ENOMEM; +} + static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set, const struct nlattr *attr, u32 nlmsg_flags) { diff --git a/net/netfilter/nft_dynset.c b/net/netfilter/nft_dynset.c index 9461293182e8..fc81bda6cc6b 100644 --- a/net/netfilter/nft_dynset.c +++ b/net/netfilter/nft_dynset.c @@ -192,6 +192,10 @@ static int nft_dynset_init(const struct nft_ctx *ctx, err = -EOPNOTSUPP; goto err_expr_free; } + } else if (set->expr) { + err = nft_set_elem_expr_clone(ctx, set, &priv->expr); + if (err < 0) + return err; } nft_set_ext_prepare(&priv->tmpl); @@ -272,7 +276,8 @@ static int nft_dynset_dump(struct sk_buff *skb, const struct nft_expr *expr) nf_jiffies64_to_msecs(priv->timeout), NFTA_DYNSET_PAD)) goto nla_put_failure; - if (priv->expr && nft_expr_dump(skb, NFTA_DYNSET_EXPR, priv->expr)) + if (!priv->set->expr && priv->expr && + nft_expr_dump(skb, NFTA_DYNSET_EXPR, priv->expr)) goto nla_put_failure; if (nla_put_be32(skb, NFTA_DYNSET_FLAGS, htonl(flags))) goto nla_put_failure; -- 2.30.2

3 months, 1 week

2
1
0 0

[PATCH 6.6.y] f2fs: fix null-ptr-deref in f2fs_submit_page_bio()

by lanbincn＠qq.com

From: Ye Bin <yebin10(a)huawei.com> [ Upstream commit b7d0a97b28083084ebdd8e5c6bccd12e6ec18faa ] There's issue as follows when concurrently installing the f2fs.ko module and mounting the f2fs file system: KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027] RIP: 0010:__bio_alloc+0x2fb/0x6c0 [f2fs] Call Trace: <TASK> f2fs_submit_page_bio+0x126/0x8b0 [f2fs] __get_meta_page+0x1d4/0x920 [f2fs] get_checkpoint_version.constprop.0+0x2b/0x3c0 [f2fs] validate_checkpoint+0xac/0x290 [f2fs] f2fs_get_valid_checkpoint+0x207/0x950 [f2fs] f2fs_fill_super+0x1007/0x39b0 [f2fs] mount_bdev+0x183/0x250 legacy_get_tree+0xf4/0x1e0 vfs_get_tree+0x88/0x340 do_new_mount+0x283/0x5e0 path_mount+0x2b2/0x15b0 __x64_sys_mount+0x1fe/0x270 do_syscall_64+0x5f/0x170 entry_SYSCALL_64_after_hwframe+0x76/0x7e Above issue happens as the biset of the f2fs file system is not initialized before register "f2fs_fs_type". To address above issue just register "f2fs_fs_type" at the last in init_f2fs_fs(). Ensure that all f2fs file system resources are initialized. Fixes: f543805fcd60 ("f2fs: introduce private bioset") Signed-off-by: Ye Bin <yebin10(a)huawei.com> Reviewed-by: Chao Yu <chao(a)kernel.org> Signed-off-by: Jaegeuk Kim <jaegeuk(a)kernel.org> Signed-off-by: Bin Lan <lanbincn(a)qq.com> --- fs/f2fs/super.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c index b72fa103b963..aa0e7cc2489a 100644 --- a/fs/f2fs/super.c +++ b/fs/f2fs/super.c @@ -4931,9 +4931,6 @@ static int __init init_f2fs_fs(void) err = register_shrinker(&f2fs_shrinker_info, "f2fs-shrinker"); if (err) goto free_sysfs; - err = register_filesystem(&f2fs_fs_type); - if (err) - goto free_shrinker; f2fs_create_root_stats(); err = f2fs_init_post_read_processing(); if (err) @@ -4956,7 +4953,12 @@ static int __init init_f2fs_fs(void) err = f2fs_create_casefold_cache(); if (err) goto free_compress_cache; + err = register_filesystem(&f2fs_fs_type); + if (err) + goto free_casefold_cache; return 0; +free_casefold_cache: + f2fs_destroy_casefold_cache(); free_compress_cache: f2fs_destroy_compress_cache(); free_compress_mempool: @@ -4971,8 +4973,6 @@ static int __init init_f2fs_fs(void) f2fs_destroy_post_read_processing(); free_root_stats: f2fs_destroy_root_stats(); - unregister_filesystem(&f2fs_fs_type); -free_shrinker: unregister_shrinker(&f2fs_shrinker_info); free_sysfs: f2fs_exit_sysfs(); @@ -4996,6 +4996,7 @@ static int __init init_f2fs_fs(void) static void __exit exit_f2fs_fs(void) { + unregister_filesystem(&f2fs_fs_type); f2fs_destroy_casefold_cache(); f2fs_destroy_compress_cache(); f2fs_destroy_compress_mempool(); @@ -5004,7 +5005,6 @@ static void __exit exit_f2fs_fs(void) f2fs_destroy_iostat_processing(); f2fs_destroy_post_read_processing(); f2fs_destroy_root_stats(); - unregister_filesystem(&f2fs_fs_type); unregister_shrinker(&f2fs_shrinker_info); f2fs_exit_sysfs(); f2fs_destroy_garbage_collection_cache(); -- 2.43.0

3 months, 1 week

2
1
0 0

[PATCH v2 0/2] rust: lockdep: Fix soundness issue affecting LockClassKeys

by Mitchell Levy

This series is aimed at fixing a soundness issue with how dynamically allocated LockClassKeys are handled. Currently, LockClassKeys can be used without being Pin'd, which can break lockdep since it relies on address stability. Similarly, these keys are not automatically (de)registered with lockdep. At the suggestion of Alice Ryhl, this series includes a patch for -stable kernels that disables dynamically allocated keys. This prevents backported patches from using the unsound implementation. Currently, this series requires that all dynamically allocated LockClassKeys have a lifetime of 'static (i.e., they must be leaked after allocation). This is because Lock does not currently keep a reference to the LockClassKey, instead passing it to C via FFI. This causes a problem because the rust compiler would allow creating a 'static Lock with a 'a LockClassKey (with 'a < 'static) while C would expect the LockClassKey to live as long as the lock. This problem represents an avenue for future work. --- Changes from RFC: - Split into two commits so that dynamically allocated LockClassKeys are removed from stable kernels. (Thanks Alice Ryhl) - Extract calls to C lockdep functions into helpers so things build properly when LOCKDEP=n. (Thanks Benno Lossin) - Remove extraneous `get_ref()` calls. (Thanks Benno Lossin) - Provide better documentation for `new_dynamic()`. (Thanks Benno Lossin) - Ran rustfmt to fix formatting and some extraneous changes. (Thanks Alice Ryhl and Benno Lossin) - Link to RFC: https://lore.kernel.org/r/20240905-rust-lockdep-v1-1-d2c9c21aa8b2@gmail.com --- Changes in v2: - Dropped formatting change that's already fixed upstream (Thanks Dirk Behme). - Moved safety comment to the right point in the patch series (Thanks Dirk Behme and Boqun Feng). - Added an example of dynamic LockClassKey usage (Thanks Boqun Feng). - Link to v1: https://lore.kernel.org/r/20241004-rust-lockdep-v1-0-e9a5c45721fc@gmail.com --- Mitchell Levy (2): rust: lockdep: Remove support for dynamically allocated LockClassKeys rust: lockdep: Use Pin for all LockClassKey usages rust/helpers/helpers.c | 1 + rust/helpers/sync.c | 13 +++++++++ rust/kernel/sync.rs | 63 ++++++++++++++++++++++++++++++++++------- rust/kernel/sync/condvar.rs | 5 ++-- rust/kernel/sync/lock.rs | 9 ++---- rust/kernel/sync/lock/global.rs | 5 ++-- rust/kernel/sync/poll.rs | 2 +- rust/kernel/workqueue.rs | 3 +- 8 files changed, 78 insertions(+), 23 deletions(-) --- base-commit: 0c5928deada15a8d075516e6e0d9ee19011bb000 change-id: 20240905-rust-lockdep-d3e30521c8ba Best regards, -- Mitchell Levy <levymitchell0(a)gmail.com>

3 months, 1 week

3
4
0 0

regression in 6.6.70: kexec_core.c:1075:(.text+0x1bffd0): undefined reference to `machine_crash_shutdown'

by Natanael Copa

Hi! When updating the Alpine Linux kernel to 6.6.70 I bumped into a new compile error: LD .tmp_vmlinux.kallsyms1 ld: vmlinux.o: in function `__crash_kexec': /home/ncopa/aports/main/linux-lts/src/linux-6.6/kernel/kexec_core.c:1075:(.text+0x1bffd0): undefined reference to `machine_crash_shutdown' ld: vmlinux.o: in function `do_kexec_load': /home/ncopa/aports/main/linux-lts/src/linux-6.6/kernel/kexec.c:166:(.text+0x1c1b4e): undefined reference to `arch_kexec_protect_crashkres' ld: /home/ncopa/aports/main/linux-lts/src/linux-6.6/kernel/kexec.c:105:(.text+0x1c1b94): undefined reference to `arch_kexec_unprotect_crashkres' make[2]: *** [/home/ncopa/aports/main/linux-lts/src/linux-6.6/scripts/Makefile.vmlinux:37: vmlinux] Error 1 make[1]: *** [/home/ncopa/aports/main/linux-lts/src/linux-6.6/Makefile:1164: vmlinux] Error 2 make: *** [/home/ncopa/aports/main/linux-lts/src/linux-6.6/Makefile:234: __sub-make] Error 2 $ grep -E '(CRASH_CORE|_KEXEC)' .config CONFIG_CRASH_CORE=y CONFIG_KEXEC_CORE=y CONFIG_KEXEC=y # CONFIG_KEXEC_FILE is not set # CONFIG_KEXEC_JUMP is not set CONFIG_ARCH_SUPPORTS_KEXEC=y CONFIG_ARCH_SUPPORTS_KEXEC_FILE=y CONFIG_ARCH_SUPPORTS_KEXEC_PURGATORY=y CONFIG_ARCH_SUPPORTS_KEXEC_SIG=y CONFIG_ARCH_SUPPORTS_KEXEC_SIG_FORCE=y CONFIG_ARCH_SUPPORTS_KEXEC_BZIMAGE_VERIFY_SIG=y CONFIG_ARCH_SUPPORTS_KEXEC_JUMP=y Looking at the git history I notice this commit: > From e5b1574a8ca28c40cf53eda43f6c3b016ed41e27 Mon Sep 17 00:00:00 2001 > From: Baoquan He <bhe(a)redhat.com> > Date: Wed, 24 Jan 2024 13:12:46 +0800 > Subject: x86, crash: wrap crash dumping code into crash related ifdefs > > [ Upstream commit a4eeb2176d89fdf2785851521577b94b31690a60 ] > > Now crash codes under kernel/ folder has been split out from kexec > code, crash dumping can be separated from kexec reboot in config > items on x86 with some adjustments. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=… So a wild guess is that the commit(s) that splits out crash codes under kernel/ directory from kexec code also needs to be backported to linux-6.6.y? https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=… Thanks! -nc

3 months, 1 week

2
1
0 0

[PATCH 6.6 000/222] 6.6.70-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.70 release. There are 222 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Jan 2025 15:11:04 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.70-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.70-rc1 Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Remove redundant checks for automatic debugfs dump Kashyap Desai <kashyap.desai(a)broadcom.com> RDMA/bnxt_re: Fix max SGEs for the Work Request Paolo Abeni <pabeni(a)redhat.com> mptcp: don't always assume copied data in mptcp_cleanup_rbuf() Paolo Abeni <pabeni(a)redhat.com> mptcp: fix recvbuffer adjust on sleeping rcvmsg Paolo Abeni <pabeni(a)redhat.com> mptcp: fix TCP options overflow. Seiji Nishikawa <snishika(a)redhat.com> mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() Alessandro Carminati <acarmina(a)redhat.com> mm/kmemleak: fix sleeping function called from invalid context at print message Yafang Shao <laoar.shao(a)gmail.com> mm/readahead: fix large folio support in async readahead Joshua Washington <joshwash(a)google.com> gve: guard XDP xmit NDO on existence of xdp queues Joshua Washington <joshwash(a)google.com> gve: guard XSK operations on the existence of queues David Hildenbrand <david(a)redhat.com> fs/proc/task_mmu: fix pagemap flags with PMD THP entries on 32bit Biju Das <biju.das.jz(a)bp.renesas.com> drm: adv7511: Fix use-after-free in adv7533_attach_dsi() Biju Das <biju.das.jz(a)bp.renesas.com> dt-bindings: display: adi,adv7533: Drop single lane support Biju Das <biju.das.jz(a)bp.renesas.com> drm: adv7511: Drop dsi single lane support Nikolay Kuratov <kniv(a)yandex-team.ru> net/sctp: Prevent autoclose integer overflow in sctp_association_init() Pascal Hambourg <pascal(a)plouf.fr.eu.org> sky2: Add device ID 11ab:4373 for Marvell 88E8075 Evgenii Shatokhin <e.shatokhin(a)yadro.com> pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking Dan Carpenter <dan.carpenter(a)linaro.org> RDMA/uverbs: Prevent integer overflow issue Kuan-Wei Chiu <visitorckw(a)gmail.com> scripts/sorttable: fix orc_sort_cmp() to maintain symmetry and transitivity Arnd Bergmann <arnd(a)arndb.de> kcov: mark in_softirq_really() as __always_inline Dennis Lam <dennis.lamerice(a)gmail.com> ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv Takashi Iwai <tiwai(a)suse.de> ALSA: seq: oss: Fix races at processing SysEx messages Daniel Schaefer <dhs(a)frame.work> ALSA hda/realtek: Add quirk for Framework F111:000C Takashi Iwai <tiwai(a)suse.de> ALSA: seq: Check UMP support for midi_version change Shung-Hsi Yu <shung-hsi.yu(a)suse.com> Revert "bpf: support non-r10 register spill/fill to/from stack in precision tracking" Masahiro Yamada <masahiroy(a)kernel.org> modpost: fix the missed iteration for the max bit in do_input() Masahiro Yamada <masahiroy(a)kernel.org> modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix the max WQE size for static WQE support Nathan Lynch <nathanl(a)linux.ibm.com> seq_buf: Make DECLARE_SEQ_BUF() usable Leon Romanovsky <leon(a)kernel.org> ARC: build: Try to guess GCC variant of cross compiler Uros Bizjak <ubizjak(a)gmail.com> irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_core: Fix sleeping function called from invalid context Daniele Palmas <dnlplm(a)gmail.com> net: usb: qmi_wwan: add Telit FE910C04 compositions Enzo Matsumiya <ematsumiya(a)suse.de> smb: client: destroy cfid_put_wq on module exit Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: set ATTR_CTIME flags when setting mtime Hobin Woo <hobin.woo(a)samsung.com> ksmbd: retry iterate_dir in smb2_query_dir Anton Protopopov <aspsk(a)isovalent.com> bpf: fix potential error return Adrian Ratiu <adrian.ratiu(a)collabora.com> sound: usb: format: don't warn that raw DSD is unsupported Adrian Ratiu <adrian.ratiu(a)collabora.com> sound: usb: enable DSD output for ddHiFi TC44C Vasiliy Kovalev <kovalev(a)altlinux.org> ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model Takashi Iwai <tiwai(a)suse.de> ALSA: hda/ca0132: Use standard HD-audio quirk matching helpers Filipe Manana <fdmanana(a)suse.com> btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount Prike Liang <Prike.Liang(a)amd.com> drm/amdkfd: Correct the migration DMA map direction Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: mac80211: wake the queues in case of failure in resume Issam Hamdi <ih(a)simonwunderlich.de> wifi: mac80211: fix mbss changed flags corruption on 32 bit systems Meghana Malladi <m-malladi(a)ti.com> net: ti: icssg-prueth: Fix clearing of IEP_CMP_CFG registers during iep_init Eric Dumazet <edumazet(a)google.com> ila: serialize calls to nf_register_net_hooks() Eric Dumazet <edumazet(a)google.com> af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Eric Dumazet <edumazet(a)google.com> af_packet: fix vlan_get_tci() vs MSG_PEEK Maciej S. Szmigiero <mail(a)maciej.szmigiero.name> net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() Eric Dumazet <edumazet(a)google.com> net: restrict SO_REUSEPORT to inet sockets Willem de Bruijn <willemb(a)google.com> net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets Liang Jie <liangjie(a)lixiang.com> net: sfc: Correct key_len for efx_tc_ct_zone_ht_params Li Zhijian <lizhijian(a)fujitsu.com> RDMA/rtrs: Ensure 'ib_sge list' is accessible Jinjian Song <jinjian.song(a)fibocom.com> net: wwan: t7xx: Fix FSM command timeout issue Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> net: mv643xx_eth: fix an OF node reference leak Vitalii Mordan <mordan(a)ispras.ru> eth: bcmsysport: fix call balance of priv->clk handling routines Tanya Agarwal <tanyaagarwal25699(a)gmail.com> ALSA: usb-audio: US16x08: Initialize array before use Antonio Pastor <antonio.pastor(a)gmail.com> net: llc: reset skb->transport_header Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext Rodrigo Vivi <rodrigo.vivi(a)intel.com> drm/i915/dg1: Fix power gate sequence. Jianbo Liu <jianbol(a)nvidia.com> net/mlx5e: Skip restore TC rules for vport rep without loaded flag Dragos Tatulea <dtatulea(a)nvidia.com> net/mlx5e: macsec: Maintain TX SA from encoding_sa Shahar Shitrit <shshitrit(a)nvidia.com> net/mlx5: DR, select MSIX vector 0 for completion queue creation Ilya Shchipletsov <rabbelkin(a)mail.ru> netrom: check buffer length before accessing it Xiao Liang <shaw.leon(a)gmail.com> net: Fix netns for ip_tunnel_init_flow() Ido Schimmel <idosch(a)nvidia.com> ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() Ido Schimmel <idosch(a)nvidia.com> ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() Ido Schimmel <idosch(a)nvidia.com> ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() Eric Dumazet <edumazet(a)google.com> ip_tunnel: annotate data-races around t->parms.link Wang Liang <wangliang74(a)huawei.com> net: fix memory leak in tcp_conn_request() Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> net: stmmac: restructure the error path of stmmac_probe_config_dt() Andrew Halaney <ahalaney(a)redhat.com> net: stmmac: don't create a MDIO bus if unnecessary Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix missing flush CQE for DWQE Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix warning storm caused by invalid input in IO path wenglianfa <wenglianfa(a)huawei.com> RDMA/hns: Fix mapping error of zero-hop WQE buffer Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Remove unused parameters and variables Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Refactor mtr find Tristram Ha <tristram.ha(a)microchip.com> net: dsa: microchip: Fix LAN937X set_ageing_time function Tristram Ha <tristram.ha(a)microchip.com> net: dsa: microchip: Fix KSZ9477 set_ageing_time function Stefan Ekenberg <stefan.ekenberg(a)axis.com> drm/bridge: adv7511_audio: Update Audio InfoFrame properly Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix the locking while accessing the QP table Damodharam Ammepalli <damodharam.ammepalli(a)broadcom.com> RDMA/bnxt_re: Fix MSN table size for variable wqe mode Damodharam Ammepalli <damodharam.ammepalli(a)broadcom.com> RDMA/bnxt_re: Add send queue size check for variable wqe Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Disable use of reserved wqes Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Add support for Variable WQE in Genp7 adapters Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix max_qp_wrs reported Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix reporting hw_ver in query_device Saravanan Vajravel <saravanan.vajravel(a)broadcom.com> RDMA/bnxt_re: Add check for path mtu in modify_qp Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix the check for 9060 condition Robert Beckett <bob.beckett(a)collabora.com> nvme-pci: 512 byte aligned dma pool segment quirk Kashyap Desai <kashyap.desai(a)broadcom.com> RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Avoid initializing the software queue for user queues Patrisious Haddad <phaddad(a)nvidia.com> RDMA/mlx5: Enforce same type port association for multiport RoCE Leon Romanovsky <leon(a)kernel.org> RDMA/bnxt_re: Remove always true dattr validity check Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Allow MSN table capability check Steven Rostedt <rostedt(a)goodmis.org> tracing: Check "%s" dereference via the field and not the TP_printk format Steven Rostedt <rostedt(a)goodmis.org> tracing: Fix trace_check_vprintf() when tp_printk is used Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Handle old buffer mappings for event strings and functions Kees Cook <keescook(a)chromium.org> seq_buf: Introduce DECLARE_SEQ_BUF and seq_buf_str() Matthew Wilcox (Oracle) <willy(a)infradead.org> powerpc: Remove initialisation of readpos Matthew Wilcox (Oracle) <willy(a)infradead.org> tracing: Move readpos from seq_buf to trace_seq Jeremy Kerr <jk(a)codeconstruct.com.au> net: mctp: handle skb cleanup on sock_queue failures Max Kellermann <max.kellermann(a)ionos.com> ceph: give up on paths longer than PATH_MAX Xiubo Li <xiubli(a)redhat.com> ceph: print cluster fsid and client global_id in all debug logs Xiubo Li <xiubli(a)redhat.com> libceph: add doutc and *_client debug macros support Steven Rostedt <rostedt(a)goodmis.org> tracing: Have process_string() also allow arrays Eric Biggers <ebiggers(a)google.com> mmc: sdhci-msm: fix crypto key eviction Johannes Thumshirn <johannes.thumshirn(a)wdc.com> btrfs: fix use-after-free in btrfs_encoded_read_endio() Thiébaud Weksteen <tweek(a)google.com> selinux: ignore unknown extended permissions Chao Yu <chao(a)kernel.org> f2fs: fix to wait dio completion Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> platform/x86: mlx-platform: call pci_dev_put() to balance the refcount Takashi Iwai <tiwai(a)suse.de> ALSA: ump: Shut up truncated string warning Michal Pecio <michal.pecio(a)gmail.com> usb: xhci: Avoid queuing redundant Stop Endpoint commands Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> usb: typec: ucsi: glink: fix off-by-one in connector_status Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Fix a deadlock issue related to automatic dump Uros Bizjak <ubizjak(a)gmail.com> cleanup: Remove address space of returned pointer Stefan Berger <stefanb(a)linux.ibm.com> crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes Jan Beulich <jbeulich(a)suse.com> memblock: make memblock_set_node() also warn about use of MAX_NUMNODES Chris Lu <chris.lu(a)mediatek.com> Bluetooth: btusb: mediatek: add callback function in btusb_disconnect Chris Lu <chris.lu(a)mediatek.com> Bluetooth: btusb: add callback function in btusb suspend/resume Filipe Manana <fdmanana(a)suse.com> btrfs: fix use-after-free when COWing tree bock and tracing is enabled Filipe Manana <fdmanana(a)suse.com> btrfs: rename and export __btrfs_cow_block() Xin Li (Intel) <xin(a)zytor.com> x86/fred: Clear WFE in missing-ENDBRANCH #CPs Xin Li <xin3.li(a)intel.com> x86/ptrace: Add FRED additional information to the pt_regs structure Xin Li <xin3.li(a)intel.com> x86/ptrace: Cleanup the definition of the pt_regs structure Qinxin Xia <xiaqinxin(a)huawei.com> ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A Yicong Yang <yangyicong(a)hisilicon.com> ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 Ranjan Kumar <ranjan.kumar(a)broadcom.com> scsi: mpi3mr: Start controller indexing from 0 Guixin Liu <kanie(a)linux.alibaba.com> scsi: mpi3mr: Use ida to manage mrioc ID Takashi Iwai <tiwai(a)suse.de> ALSA: ump: Update legacy substream names upon FB info update Takashi Iwai <tiwai(a)suse.de> ALSA: ump: Indicate the inactive group in legacy substream names Takashi Iwai <tiwai(a)suse.de> ALSA: ump: Don't open legacy substream for an inactive group Takashi Iwai <tiwai(a)suse.de> ALSA: ump: Use guard() for locking Jan Kara <jack(a)suse.cz> udf: Verify inode link counts before performing rename Al Viro <viro(a)zeniv.linux.org.uk> udf_rename(): only access the child content on cross-directory rename Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> watchdog: rzg2l_wdt: Remove reset de-assert from probe Andrea della Porta <andrea.porta(a)suse.com> of: address: Preserve the flags portion on 1:1 dma-ranges mapping Rob Herring <robh(a)kernel.org> of: address: Store number of bus flag cells rather than bool Herve Codina <herve.codina(a)bootlin.com> of: address: Remove duplicated functions Naman Jain <namjain(a)linux.microsoft.com> x86/hyperv: Fix hv tsc page based sched_clock for hibernation Baoquan He <bhe(a)redhat.com> x86, crash: wrap crash dumping code into crash related ifdefs Mario Limonciello <mario.limonciello(a)amd.com> thunderbolt: Don't display nvm_version unless upgrade supported Mika Westerberg <mika.westerberg(a)linux.intel.com> thunderbolt: Add support for Intel Panther Lake-M/P Mika Westerberg <mika.westerberg(a)linux.intel.com> thunderbolt: Add support for Intel Lunar Lake Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Turn NEC specific quirk for handling Stop Endpoint errors generic Michal Pecio <michal.pecio(a)gmail.com> usb: xhci: Limit Stop Endpoint retries Michal Pecio <michal.pecio(a)gmail.com> xhci: retry Stop Endpoint on buggy NEC controllers Nikita Yushchenko <nikita.yoush(a)cogentembedded.com> net: renesas: rswitch: fix possible early skb release K Prateek Nayak <kprateek.nayak(a)amd.com> softirq: Allow raising SCHED_SOFTIRQ from SMP-call-function on RT kernel Sebastian Ott <sebott(a)redhat.com> net/mlx5: unique names for per device caches Nilay Shroff <nilay(a)linux.ibm.com> Revert "nvme: make keep-alive synchronous operation" Nilay Shroff <nilay(a)linux.ibm.com> nvme: use helper nvme_ctrl_state in nvme_keep_alive_finish function Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> usb: typec: ucsi: glink: be more precise on orientation-aware ports Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> usb: typec: ucsi: glink: set orientation aware if supported Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> usb: typec: ucsi: add update_connector callback Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> usb: typec: ucsi: glink: move GPIO reading into connector_status callback Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> usb: typec: ucsi: add callback for connector status updates Nuno Sa <nuno.sa(a)analog.com> iio: adc: ad7192: properly check spi_get_device_match_data() Jonathan Cameron <Jonathan.Cameron(a)huawei.com> iio: adc: ad7192: Convert from of specific to fwnode property handling Xu Yang <xu.yang_2(a)nxp.com> usb: chipidea: udc: limit usb request length to max 16KB Xu Yang <xu.yang_2(a)nxp.com> usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag Tomer Maimon <tmaimon77(a)gmail.com> usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix warning in ni_fiemap Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Implement fallocate for compressed files Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> remoteproc: qcom: pas: enable SAR2130P audio DSP support Tengfei Fan <quic_tengfan(a)quicinc.com> remoteproc: qcom: pas: Add support for SA8775p ADSP, CDSP and GPDSP Nikita Travkin <nikita(a)trvn.ru> remoteproc: qcom: pas: Add sc7180 adsp Adam Young <admiyo(a)os.amperecomputing.com> mailbox: pcc: Check before sending MCTP PCC response ACK Sudeep Holla <sudeep.holla(a)arm.com> ACPI: PCC: Add PCC shared memory region command and status bitfields Huisong Li <lihuisong(a)huawei.com> mailbox: pcc: Support shared interrupt for multiple subspaces Huisong Li <lihuisong(a)huawei.com> mailbox: pcc: Add support for platform notification handling Devi Priya <quic_devipriy(a)quicinc.com> clk: qcom: clk-alpha-pll: Add NSS HUAYRA ALPHA PLL support for ipq9574 Rajendra Nayak <quic_rjendra(a)quicinc.com> clk: qcom: clk-alpha-pll: Add support for zonda ole pll configure Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Create all dump files during debugfs initialization Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Allocate DFX memory during dump trigger Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Directly call register snapshot instead of using workqueue Hao Qin <hao.qin(a)mediatek.com> Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 Jiande Lu <jiande.lu(a)mediatek.com> Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 Ulrik Strid <ulrik(a)strid.tech> Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 Jingyang Wang <wjy7717(a)126.com> Bluetooth: Add support ITTIM PE50-M75C Markus Elfring <elfring(a)users.sourceforge.net> Bluetooth: hci_conn: Reduce hci_conn_drop() calls in two functions Jarkko Nikula <jarkko.nikula(a)linux.intel.com> i2c: i801: Add support for Intel Panther Lake Jarkko Nikula <jarkko.nikula(a)linux.intel.com> i2c: i801: Add support for Intel Arrow Lake-H Kang Yang <quic_kangyang(a)quicinc.com> wifi: ath10k: avoid NULL pointer error during sdio remove Jeff Johnson <quic_jjohnson(a)quicinc.com> wifi: ath10k: Update Qualcomm Innovation Center, Inc. copyrights Kalle Valo <quic_kvalo(a)quicinc.com> wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() Rory Little <rory(a)candelatech.com> wifi: mac80211: Add non-atomic station iterator Karthikeyan Periyasamy <quic_periyasa(a)quicinc.com> wifi: ath12k: Optimize the mac80211 hw data access Ping-Ke Shih <pkshih(a)realtek.com> wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb Ping-Ke Shih <pkshih(a)realtek.com> wifi: mac80211: export ieee80211_purge_tx_queue() for drivers Ricardo Ribalda <ribalda(a)chromium.org> media: uvcvideo: Force UVC version to 1.0a for 0408:4033 Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: uvcvideo: Force UVC version to 1.0a for 0408:4035 Przemek Kitszel <przemyslaw.kitszel(a)intel.com> cleanup: Adjust scoped_guard() macros to avoid potential warning Peter Zijlstra <peterz(a)infradead.org> cleanup: Add conditional guard support Lukas Wunner <lukas(a)wunner.de> crypto: ecdsa - Avoid signed integer overflow on signature decoding Stefan Berger <stefanb(a)linux.ibm.com> crypto: ecdsa - Use ecc_digits_from_bytes to convert signature Stefan Berger <stefanb(a)linux.ibm.com> crypto: ecdsa - Rename keylen to bufsize where necessary Stefan Berger <stefanb(a)linux.ibm.com> crypto: ecdsa - Convert byte arrays with key coordinates to digits Brian Foster <bfoster(a)redhat.com> ext4: partial zero eof block on unaligned inode size extension Jeff Layton <jlayton(a)kernel.org> ext4: convert to new timestamp accessors Mike Rapoport (Microsoft) <rppt(a)kernel.org> memblock: allow zero threshold in validate_numa_converage() Liam Ni <zhiguangni01(a)gmail.com> NUMA: optimize detection of memory with no node id assigned by firmware Miguel Ojeda <ojeda(a)kernel.org> rust: allow `clippy::needless_lifetimes` Miguel Ojeda <ojeda(a)kernel.org> rust: relax most deny-level lints to warnings Alex Deucher <alexander.deucher(a)amd.com> Revert "drm/radeon: Delay Connector detecting when HPD singals is unstable" Shixiong Ou <oushixiong(a)kylinos.cn> drm/radeon: Delay Connector detecting when HPD singals is unstable Thomas Gleixner <tglx(a)linutronix.de> sched: Initialize idle tasks only once Selvarasu Ganesan <selvarasu.g(a)samsung.com> usb: dwc3: gadget: Add missing check for single port RAM in TxFIFO resizing logic Paulo Alcantara <pc(a)manguebit.com> smb: client: fix use-after-free of signing key Paulo Alcantara <pc(a)manguebit.com> smb: client: stop flooding dmesg in smb2_calc_signature() Ralph Boehme <slow(a)samba.org> fs/smb/client: implement chmod() for SMB3 POSIX Extensions ChenXiaoSong <chenxiaosong(a)kylinos.cn> smb/client: rename cifs_ace to smb_ace ChenXiaoSong <chenxiaosong(a)kylinos.cn> smb/client: rename cifs_acl to smb_acl ChenXiaoSong <chenxiaosong(a)kylinos.cn> smb/client: rename cifs_sid to smb_sid ChenXiaoSong <chenxiaosong(a)kylinos.cn> smb/client: rename cifs_ntsd to smb_ntsd Borislav Petkov (AMD) <bp(a)alien8.de> x86/mm: Carve out INVLPG inline asm for use by others Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> docs: media: update location of the media patches Fangzhi Zuo <Jerry.Zuo(a)amd.com> drm/amd/display: Fix incorrect DSC recompute trigger Agustin Gutierrez <agustin.gutierrez(a)amd.com> drm/amd/display: Fix DSC-re-computing ------------- Diffstat: Documentation/admin-guide/media/building.rst | 2 +- Documentation/admin-guide/media/saa7134.rst | 2 +- Documentation/arch/arm64/silicon-errata.rst | 5 +- .../bindings/display/bridge/adi,adv7533.yaml | 2 +- Documentation/i2c/busses/i2c-i801.rst | 2 + Makefile | 29 +- arch/arc/Makefile | 2 +- arch/loongarch/kernel/numa.c | 28 +- arch/powerpc/kernel/setup-common.c | 1 - arch/x86/entry/vsyscall/vsyscall_64.c | 2 +- arch/x86/include/asm/ptrace.h | 104 ++- arch/x86/include/asm/tlb.h | 4 + arch/x86/kernel/Makefile | 4 +- arch/x86/kernel/cet.c | 30 + arch/x86/kernel/cpu/mshyperv.c | 68 +- arch/x86/kernel/kexec-bzimage64.c | 4 + arch/x86/kernel/kvm.c | 4 +- arch/x86/kernel/machine_kexec_64.c | 3 + arch/x86/kernel/process_64.c | 2 +- arch/x86/kernel/reboot.c | 4 +- arch/x86/kernel/setup.c | 2 +- arch/x86/kernel/smp.c | 2 +- arch/x86/mm/numa.c | 34 +- arch/x86/mm/tlb.c | 3 +- arch/x86/xen/enlighten_hvm.c | 4 + arch/x86/xen/mmu_pv.c | 2 +- crypto/ecc.c | 22 + crypto/ecdsa.c | 51 +- drivers/acpi/arm64/iort.c | 9 + drivers/bluetooth/btusb.c | 47 ++ drivers/clk/qcom/clk-alpha-pll.c | 27 + drivers/clk/qcom/clk-alpha-pll.h | 5 + drivers/clocksource/hyperv_timer.c | 14 +- drivers/gpu/drm/amd/amdkfd/kfd_migrate.c | 4 +- .../amd/display/amdgpu_dm/amdgpu_dm_mst_types.c | 16 +- drivers/gpu/drm/bridge/adv7511/adv7511_audio.c | 14 +- drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 10 +- drivers/gpu/drm/bridge/adv7511/adv7533.c | 4 +- drivers/gpu/drm/i915/gt/intel_rc6.c | 2 +- drivers/i2c/busses/Kconfig | 2 + drivers/i2c/busses/i2c-i801.c | 9 + drivers/iio/adc/ad7192.c | 39 +- drivers/infiniband/core/uverbs_cmd.c | 16 +- drivers/infiniband/hw/bnxt_re/ib_verbs.c | 63 +- drivers/infiniband/hw/bnxt_re/main.c | 21 +- drivers/infiniband/hw/bnxt_re/qplib_fp.c | 93 +-- drivers/infiniband/hw/bnxt_re/qplib_fp.h | 19 +- drivers/infiniband/hw/bnxt_re/qplib_res.h | 6 + drivers/infiniband/hw/bnxt_re/qplib_sp.c | 26 +- drivers/infiniband/hw/bnxt_re/qplib_sp.h | 9 + drivers/infiniband/hw/bnxt_re/roce_hsi.h | 30 +- drivers/infiniband/hw/hns/hns_roce_alloc.c | 3 +- drivers/infiniband/hw/hns/hns_roce_cq.c | 11 +- drivers/infiniband/hw/hns/hns_roce_device.h | 12 +- drivers/infiniband/hw/hns/hns_roce_hem.c | 54 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 130 ++-- drivers/infiniband/hw/hns/hns_roce_mr.c | 95 +-- drivers/infiniband/hw/hns/hns_roce_qp.c | 4 +- drivers/infiniband/hw/hns/hns_roce_srq.c | 4 +- drivers/infiniband/hw/mlx5/main.c | 6 +- drivers/infiniband/ulp/rtrs/rtrs-srv.c | 2 +- drivers/irqchip/irq-gic.c | 2 +- drivers/mailbox/pcc.c | 136 +++- drivers/media/usb/uvc/uvc_driver.c | 22 + drivers/mmc/host/sdhci-msm.c | 16 +- drivers/net/dsa/microchip/ksz9477.c | 47 +- drivers/net/dsa/microchip/ksz9477_reg.h | 4 +- drivers/net/dsa/microchip/lan937x_main.c | 62 +- drivers/net/dsa/microchip/lan937x_reg.h | 9 +- drivers/net/ethernet/broadcom/bcmsysport.c | 21 +- drivers/net/ethernet/google/gve/gve_main.c | 25 +- drivers/net/ethernet/google/gve/gve_tx.c | 5 +- drivers/net/ethernet/marvell/mv643xx_eth.c | 14 +- drivers/net/ethernet/marvell/sky2.c | 1 + .../ethernet/mellanox/mlx5/core/en_accel/macsec.c | 4 + .../net/ethernet/mellanox/mlx5/core/esw/ipsec_fs.c | 6 +- drivers/net/ethernet/mellanox/mlx5/core/eswitch.h | 3 + .../ethernet/mellanox/mlx5/core/eswitch_offloads.c | 3 - drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 7 +- .../ethernet/mellanox/mlx5/core/steering/dr_send.c | 4 +- .../net/ethernet/mellanox/mlxsw/spectrum_span.c | 3 +- drivers/net/ethernet/renesas/rswitch.c | 5 +- drivers/net/ethernet/sfc/tc_conntrack.c | 2 +- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 120 ++-- drivers/net/ethernet/ti/icssg/icss_iep.c | 8 + drivers/net/usb/qmi_wwan.c | 3 + drivers/net/wireless/ath/ath10k/bmi.c | 1 + drivers/net/wireless/ath/ath10k/ce.c | 1 + drivers/net/wireless/ath/ath10k/core.c | 1 + drivers/net/wireless/ath/ath10k/core.h | 1 + drivers/net/wireless/ath/ath10k/coredump.c | 1 + drivers/net/wireless/ath/ath10k/coredump.h | 1 + drivers/net/wireless/ath/ath10k/debug.c | 1 + drivers/net/wireless/ath/ath10k/debugfs_sta.c | 1 + drivers/net/wireless/ath/ath10k/htc.c | 1 + drivers/net/wireless/ath/ath10k/htt.h | 1 + drivers/net/wireless/ath/ath10k/htt_rx.c | 1 + drivers/net/wireless/ath/ath10k/htt_tx.c | 1 + drivers/net/wireless/ath/ath10k/hw.c | 1 + drivers/net/wireless/ath/ath10k/hw.h | 1 + drivers/net/wireless/ath/ath10k/mac.c | 1 + drivers/net/wireless/ath/ath10k/pci.c | 1 + drivers/net/wireless/ath/ath10k/pci.h | 1 + drivers/net/wireless/ath/ath10k/qmi.c | 1 + drivers/net/wireless/ath/ath10k/qmi_wlfw_v01.c | 1 + drivers/net/wireless/ath/ath10k/qmi_wlfw_v01.h | 1 + drivers/net/wireless/ath/ath10k/rx_desc.h | 1 + drivers/net/wireless/ath/ath10k/sdio.c | 5 +- drivers/net/wireless/ath/ath10k/thermal.c | 1 + drivers/net/wireless/ath/ath10k/usb.h | 1 + drivers/net/wireless/ath/ath10k/wmi-tlv.h | 1 + drivers/net/wireless/ath/ath10k/wmi.c | 1 + drivers/net/wireless/ath/ath10k/wmi.h | 1 + drivers/net/wireless/ath/ath10k/wow.c | 1 + drivers/net/wireless/ath/ath12k/mac.c | 26 +- drivers/net/wireless/ath/ath12k/reg.c | 6 +- drivers/net/wireless/realtek/rtw88/sdio.c | 6 +- drivers/net/wireless/realtek/rtw88/usb.c | 5 +- drivers/net/wwan/iosm/iosm_ipc_mmio.c | 2 +- drivers/net/wwan/t7xx/t7xx_state_monitor.c | 26 +- drivers/net/wwan/t7xx/t7xx_state_monitor.h | 5 +- drivers/nvme/host/core.c | 27 +- drivers/nvme/host/nvme.h | 5 + drivers/nvme/host/pci.c | 9 +- drivers/of/address.c | 30 +- drivers/pinctrl/pinctrl-mcp23s08.c | 6 + drivers/platform/x86/mlx-platform.c | 2 + drivers/remoteproc/qcom_q6v5_pas.c | 94 +++ drivers/scsi/hisi_sas/hisi_sas.h | 3 +- drivers/scsi/hisi_sas/hisi_sas_main.c | 17 +- drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 200 +++--- drivers/scsi/mpi3mr/mpi3mr_os.c | 12 +- drivers/thunderbolt/nhi.c | 12 + drivers/thunderbolt/nhi.h | 6 + drivers/thunderbolt/retimer.c | 17 +- drivers/usb/chipidea/ci.h | 2 + drivers/usb/chipidea/ci_hdrc_imx.c | 1 + drivers/usb/chipidea/core.c | 2 + drivers/usb/chipidea/otg.c | 5 +- drivers/usb/chipidea/udc.c | 6 + drivers/usb/dwc3/core.h | 4 + drivers/usb/dwc3/gadget.c | 54 +- drivers/usb/host/xhci-ring.c | 42 +- drivers/usb/host/xhci.c | 21 +- drivers/usb/host/xhci.h | 2 + drivers/usb/typec/ucsi/ucsi.c | 9 + drivers/usb/typec/ucsi/ucsi.h | 5 + drivers/usb/typec/ucsi/ucsi_glink.c | 60 +- drivers/watchdog/rzg2l_wdt.c | 83 ++- fs/btrfs/ctree.c | 37 +- fs/btrfs/ctree.h | 7 + fs/btrfs/disk-io.c | 9 + fs/btrfs/inode.c | 2 +- fs/ceph/acl.c | 6 +- fs/ceph/addr.c | 279 ++++---- fs/ceph/caps.c | 708 ++++++++++++--------- fs/ceph/crypto.c | 39 +- fs/ceph/debugfs.c | 6 +- fs/ceph/dir.c | 218 ++++--- fs/ceph/export.c | 39 +- fs/ceph/file.c | 245 ++++--- fs/ceph/inode.c | 485 +++++++------- fs/ceph/ioctl.c | 13 +- fs/ceph/locks.c | 57 +- fs/ceph/mds_client.c | 563 +++++++++------- fs/ceph/mdsmap.c | 24 +- fs/ceph/metric.c | 5 +- fs/ceph/quota.c | 29 +- fs/ceph/snap.c | 174 ++--- fs/ceph/super.c | 70 +- fs/ceph/super.h | 6 + fs/ceph/xattr.c | 96 +-- fs/ext4/ext4.h | 20 +- fs/ext4/extents.c | 18 +- fs/ext4/ialloc.c | 4 +- fs/ext4/inline.c | 4 +- fs/ext4/inode.c | 72 ++- fs/ext4/ioctl.c | 13 +- fs/ext4/namei.c | 10 +- fs/ext4/super.c | 2 +- fs/ext4/xattr.c | 8 +- fs/f2fs/file.c | 13 + fs/ntfs3/attrib.c | 32 +- fs/ntfs3/frecord.c | 103 +-- fs/ntfs3/inode.c | 3 +- fs/ntfs3/ntfs_fs.h | 3 +- fs/ocfs2/quota_global.c | 2 +- fs/ocfs2/quota_local.c | 1 + fs/proc/task_mmu.c | 2 +- fs/smb/client/cifsacl.c | 266 ++++---- fs/smb/client/cifsacl.h | 20 +- fs/smb/client/cifsfs.c | 1 + fs/smb/client/cifsglob.h | 22 +- fs/smb/client/cifsproto.h | 26 +- fs/smb/client/cifssmb.c | 6 +- fs/smb/client/inode.c | 4 +- fs/smb/client/smb2inode.c | 4 +- fs/smb/client/smb2ops.c | 14 +- fs/smb/client/smb2pdu.c | 12 +- fs/smb/client/smb2pdu.h | 8 +- fs/smb/client/smb2proto.h | 4 +- fs/smb/client/smb2transport.c | 56 +- fs/smb/client/xattr.c | 4 +- fs/smb/server/smb2pdu.c | 22 +- fs/smb/server/vfs.h | 1 + fs/udf/namei.c | 17 +- include/acpi/pcc.h | 20 + include/clocksource/hyperv_timer.h | 2 + include/crypto/internal/ecc.h | 10 + include/linux/bpf_verifier.h | 31 +- include/linux/ceph/ceph_debug.h | 38 ++ include/linux/cleanup.h | 88 ++- include/linux/if_vlan.h | 16 +- include/linux/memblock.h | 1 + include/linux/mlx5/driver.h | 6 + include/linux/mutex.h | 3 +- include/linux/rwsem.h | 8 +- include/linux/seq_buf.h | 25 +- include/linux/spinlock.h | 15 + include/linux/trace_events.h | 6 +- include/linux/trace_seq.h | 2 + include/linux/usb/chipidea.h | 2 + include/net/bluetooth/hci_core.h | 108 ++-- include/net/mac80211.h | 31 + include/net/netfilter/nf_tables.h | 7 +- kernel/bpf/core.c | 6 +- kernel/bpf/verifier.c | 175 +++-- kernel/kcov.c | 2 +- kernel/sched/core.c | 12 +- kernel/softirq.c | 15 +- kernel/trace/trace.c | 231 ++----- kernel/trace/trace.h | 6 +- kernel/trace/trace_events.c | 44 +- kernel/trace/trace_output.c | 6 +- kernel/trace/trace_seq.c | 6 +- lib/seq_buf.c | 26 +- mm/kmemleak.c | 2 +- mm/memblock.c | 38 ++ mm/readahead.c | 6 +- mm/vmscan.c | 9 +- net/bluetooth/hci_conn.c | 13 +- net/bluetooth/hci_core.c | 10 +- net/bluetooth/iso.c | 6 + net/bluetooth/l2cap_core.c | 12 +- net/bluetooth/rfcomm/core.c | 6 + net/bluetooth/sco.c | 12 +- net/core/dev.c | 4 +- net/core/sock.c | 5 +- net/ipv4/ip_tunnel.c | 38 +- net/ipv4/tcp_input.c | 1 + net/ipv6/ila/ila_xlat.c | 16 +- net/llc/llc_input.c | 2 +- net/mac80211/ieee80211_i.h | 2 - net/mac80211/mesh.c | 6 +- net/mac80211/status.c | 1 + net/mac80211/util.c | 19 +- net/mctp/route.c | 36 +- net/mptcp/options.c | 7 + net/mptcp/protocol.c | 22 +- net/netrom/nr_route.c | 6 + net/packet/af_packet.c | 28 +- net/sctp/associola.c | 3 +- rust/Makefile | 4 +- scripts/mod/file2alias.c | 4 +- scripts/sorttable.h | 5 +- security/selinux/ss/services.c | 8 +- sound/core/seq/oss/seq_oss_synth.c | 2 + sound/core/seq/seq_clientmgr.c | 14 +- sound/core/ump.c | 61 +- sound/pci/hda/patch_ca0132.c | 37 +- sound/pci/hda/patch_realtek.c | 2 + sound/usb/format.c | 7 +- sound/usb/mixer_us16x08.c | 2 +- sound/usb/quirks.c | 2 + .../bpf/progs/verifier_subprog_precision.c | 23 +- tools/testing/selftests/bpf/verifier/precise.c | 38 +- 276 files changed, 4885 insertions(+), 3100 deletions(-)

3 months, 1 week

19
256
0 0

Linux 6.6.70

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.70 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/admin-guide/media/building.rst | 2 Documentation/admin-guide/media/saa7134.rst | 2 Documentation/arch/arm64/silicon-errata.rst | 5 Documentation/devicetree/bindings/display/bridge/adi,adv7533.yaml | 2 Documentation/i2c/busses/i2c-i801.rst | 2 Makefile | 2 arch/arc/Makefile | 2 arch/loongarch/kernel/numa.c | 28 - arch/powerpc/kernel/setup-common.c | 1 arch/x86/entry/vsyscall/vsyscall_64.c | 2 arch/x86/include/asm/ptrace.h | 104 +++ arch/x86/include/asm/tlb.h | 4 arch/x86/kernel/Makefile | 4 arch/x86/kernel/cet.c | 30 + arch/x86/kernel/cpu/mshyperv.c | 68 ++ arch/x86/kernel/kexec-bzimage64.c | 4 arch/x86/kernel/kvm.c | 4 arch/x86/kernel/machine_kexec_64.c | 3 arch/x86/kernel/process_64.c | 2 arch/x86/kernel/reboot.c | 4 arch/x86/kernel/setup.c | 2 arch/x86/kernel/smp.c | 2 arch/x86/mm/numa.c | 34 - arch/x86/mm/tlb.c | 3 arch/x86/xen/enlighten_hvm.c | 4 arch/x86/xen/mmu_pv.c | 2 crypto/ecc.c | 22 crypto/ecdsa.c | 51 - drivers/acpi/arm64/iort.c | 9 drivers/bluetooth/btusb.c | 47 + drivers/clk/qcom/clk-alpha-pll.c | 27 + drivers/clk/qcom/clk-alpha-pll.h | 5 drivers/clocksource/hyperv_timer.c | 14 drivers/gpu/drm/amd/amdkfd/kfd_migrate.c | 4 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c | 16 drivers/gpu/drm/bridge/adv7511/adv7511_audio.c | 14 drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 10 drivers/gpu/drm/bridge/adv7511/adv7533.c | 4 drivers/gpu/drm/i915/gt/intel_rc6.c | 2 drivers/i2c/busses/Kconfig | 2 drivers/i2c/busses/i2c-i801.c | 9 drivers/i2c/busses/i2c-xgene-slimpro.c | 16 drivers/iio/adc/ad7192.c | 39 - drivers/infiniband/core/uverbs_cmd.c | 16 drivers/infiniband/hw/bnxt_re/ib_verbs.c | 63 +- drivers/infiniband/hw/bnxt_re/main.c | 21 drivers/infiniband/hw/bnxt_re/qplib_fp.c | 93 +-- drivers/infiniband/hw/bnxt_re/qplib_fp.h | 19 drivers/infiniband/hw/bnxt_re/qplib_res.h | 6 drivers/infiniband/hw/bnxt_re/qplib_sp.c | 26 drivers/infiniband/hw/bnxt_re/qplib_sp.h | 9 drivers/infiniband/hw/bnxt_re/roce_hsi.h | 30 + drivers/infiniband/hw/hns/hns_roce_alloc.c | 3 drivers/infiniband/hw/hns/hns_roce_cq.c | 11 drivers/infiniband/hw/hns/hns_roce_device.h | 12 drivers/infiniband/hw/hns/hns_roce_hem.c | 54 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 130 ++-- drivers/infiniband/hw/hns/hns_roce_mr.c | 95 ++- drivers/infiniband/hw/hns/hns_roce_qp.c | 4 drivers/infiniband/hw/hns/hns_roce_srq.c | 4 drivers/infiniband/hw/mlx5/main.c | 6 drivers/infiniband/ulp/rtrs/rtrs-srv.c | 2 drivers/irqchip/irq-gic.c | 2 drivers/mailbox/pcc.c | 136 ++++- drivers/media/usb/uvc/uvc_driver.c | 22 drivers/mmc/host/sdhci-msm.c | 16 drivers/net/dsa/microchip/ksz9477.c | 47 + drivers/net/dsa/microchip/ksz9477_reg.h | 4 drivers/net/dsa/microchip/lan937x_main.c | 62 ++ drivers/net/dsa/microchip/lan937x_reg.h | 9 drivers/net/ethernet/broadcom/bcmsysport.c | 21 drivers/net/ethernet/google/gve/gve_main.c | 25 drivers/net/ethernet/google/gve/gve_tx.c | 5 drivers/net/ethernet/marvell/mv643xx_eth.c | 14 drivers/net/ethernet/marvell/sky2.c | 1 drivers/net/ethernet/mellanox/mlx5/core/en_accel/macsec.c | 4 drivers/net/ethernet/mellanox/mlx5/core/esw/ipsec_fs.c | 6 drivers/net/ethernet/mellanox/mlx5/core/eswitch.h | 3 drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c | 3 drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 7 drivers/net/ethernet/mellanox/mlx5/core/steering/dr_send.c | 4 drivers/net/ethernet/mellanox/mlxsw/spectrum_span.c | 3 drivers/net/ethernet/renesas/rswitch.c | 5 drivers/net/ethernet/sfc/tc_conntrack.c | 2 drivers/net/ethernet/stmicro/stmmac/stmmac_platform.c | 118 ++-- drivers/net/ethernet/ti/icssg/icss_iep.c | 8 drivers/net/usb/qmi_wwan.c | 3 drivers/net/wireless/ath/ath10k/bmi.c | 1 drivers/net/wireless/ath/ath10k/ce.c | 1 drivers/net/wireless/ath/ath10k/core.c | 1 drivers/net/wireless/ath/ath10k/core.h | 1 drivers/net/wireless/ath/ath10k/coredump.c | 1 drivers/net/wireless/ath/ath10k/coredump.h | 1 drivers/net/wireless/ath/ath10k/debug.c | 1 drivers/net/wireless/ath/ath10k/debugfs_sta.c | 1 drivers/net/wireless/ath/ath10k/htc.c | 1 drivers/net/wireless/ath/ath10k/htt.h | 1 drivers/net/wireless/ath/ath10k/htt_rx.c | 1 drivers/net/wireless/ath/ath10k/htt_tx.c | 1 drivers/net/wireless/ath/ath10k/hw.c | 1 drivers/net/wireless/ath/ath10k/hw.h | 1 drivers/net/wireless/ath/ath10k/mac.c | 1 drivers/net/wireless/ath/ath10k/pci.c | 1 drivers/net/wireless/ath/ath10k/pci.h | 1 drivers/net/wireless/ath/ath10k/qmi.c | 1 drivers/net/wireless/ath/ath10k/qmi_wlfw_v01.c | 1 drivers/net/wireless/ath/ath10k/qmi_wlfw_v01.h | 1 drivers/net/wireless/ath/ath10k/rx_desc.h | 1 drivers/net/wireless/ath/ath10k/sdio.c | 5 drivers/net/wireless/ath/ath10k/thermal.c | 1 drivers/net/wireless/ath/ath10k/usb.h | 1 drivers/net/wireless/ath/ath10k/wmi-tlv.h | 1 drivers/net/wireless/ath/ath10k/wmi.c | 1 drivers/net/wireless/ath/ath10k/wmi.h | 1 drivers/net/wireless/ath/ath10k/wow.c | 1 drivers/net/wireless/ath/ath12k/mac.c | 26 drivers/net/wireless/ath/ath12k/reg.c | 6 drivers/net/wireless/realtek/rtw88/sdio.c | 6 drivers/net/wireless/realtek/rtw88/usb.c | 5 drivers/net/wwan/iosm/iosm_ipc_mmio.c | 2 drivers/net/wwan/t7xx/t7xx_state_monitor.c | 26 drivers/net/wwan/t7xx/t7xx_state_monitor.h | 5 drivers/nvme/host/core.c | 27 - drivers/nvme/host/nvme.h | 5 drivers/nvme/host/pci.c | 9 drivers/of/address.c | 30 - drivers/pinctrl/pinctrl-mcp23s08.c | 6 drivers/platform/x86/mlx-platform.c | 2 drivers/remoteproc/qcom_q6v5_pas.c | 94 +++ drivers/scsi/hisi_sas/hisi_sas.h | 3 drivers/scsi/hisi_sas/hisi_sas_main.c | 17 drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 200 ++++--- drivers/scsi/mpi3mr/mpi3mr_os.c | 12 drivers/thunderbolt/nhi.c | 12 drivers/thunderbolt/nhi.h | 6 drivers/thunderbolt/retimer.c | 17 drivers/usb/chipidea/ci.h | 2 drivers/usb/chipidea/ci_hdrc_imx.c | 1 drivers/usb/chipidea/core.c | 2 drivers/usb/chipidea/otg.c | 5 drivers/usb/chipidea/udc.c | 6 drivers/usb/dwc3/core.h | 4 drivers/usb/dwc3/gadget.c | 54 +- drivers/usb/host/xhci-ring.c | 42 + drivers/usb/host/xhci.c | 21 drivers/usb/host/xhci.h | 2 drivers/usb/typec/ucsi/ucsi.c | 9 drivers/usb/typec/ucsi/ucsi.h | 5 drivers/usb/typec/ucsi/ucsi_glink.c | 60 +- drivers/watchdog/rzg2l_wdt.c | 83 +-- fs/btrfs/ctree.c | 37 - fs/btrfs/ctree.h | 7 fs/btrfs/disk-io.c | 9 fs/btrfs/inode.c | 2 fs/ceph/mds_client.c | 9 fs/ext4/ext4.h | 20 fs/ext4/extents.c | 18 fs/ext4/ialloc.c | 4 fs/ext4/inline.c | 4 fs/ext4/inode.c | 70 +- fs/ext4/ioctl.c | 13 fs/ext4/namei.c | 10 fs/ext4/super.c | 2 fs/ext4/xattr.c | 8 fs/f2fs/file.c | 13 fs/ntfs3/attrib.c | 32 - fs/ntfs3/frecord.c | 103 --- fs/ntfs3/inode.c | 3 fs/ntfs3/ntfs_fs.h | 3 fs/ocfs2/quota_global.c | 2 fs/ocfs2/quota_local.c | 1 fs/proc/task_mmu.c | 2 fs/smb/client/cifsacl.c | 266 +++++----- fs/smb/client/cifsacl.h | 20 fs/smb/client/cifsfs.c | 1 fs/smb/client/cifsglob.h | 22 fs/smb/client/cifsproto.h | 26 fs/smb/client/cifssmb.c | 6 fs/smb/client/inode.c | 4 fs/smb/client/smb2inode.c | 4 fs/smb/client/smb2ops.c | 14 fs/smb/client/smb2pdu.c | 12 fs/smb/client/smb2pdu.h | 8 fs/smb/client/smb2proto.h | 4 fs/smb/client/smb2transport.c | 56 +- fs/smb/client/xattr.c | 4 fs/smb/server/smb2pdu.c | 22 fs/smb/server/vfs.h | 1 fs/udf/namei.c | 17 include/acpi/pcc.h | 20 include/clocksource/hyperv_timer.h | 2 include/crypto/internal/ecc.h | 10 include/linux/bpf_verifier.h | 31 - include/linux/cleanup.h | 88 +++ include/linux/if_vlan.h | 16 include/linux/memblock.h | 1 include/linux/mlx5/driver.h | 6 include/linux/mutex.h | 3 include/linux/rwsem.h | 8 include/linux/seq_buf.h | 25 include/linux/spinlock.h | 15 include/linux/trace_events.h | 6 include/linux/trace_seq.h | 2 include/linux/usb/chipidea.h | 2 include/net/bluetooth/hci_core.h | 108 ++-- include/net/mac80211.h | 31 + include/net/netfilter/nf_tables.h | 7 kernel/bpf/core.c | 6 kernel/bpf/verifier.c | 175 ++---- kernel/kcov.c | 2 kernel/sched/core.c | 12 kernel/softirq.c | 15 kernel/trace/trace.c | 233 ++------ kernel/trace/trace.h | 6 kernel/trace/trace_events.c | 44 + kernel/trace/trace_output.c | 6 kernel/trace/trace_seq.c | 6 lib/seq_buf.c | 26 mm/kmemleak.c | 2 mm/memblock.c | 34 + mm/readahead.c | 6 mm/vmscan.c | 9 net/bluetooth/hci_conn.c | 13 net/bluetooth/hci_core.c | 10 net/bluetooth/iso.c | 6 net/bluetooth/l2cap_core.c | 12 net/bluetooth/rfcomm/core.c | 6 net/bluetooth/sco.c | 12 net/core/dev.c | 4 net/core/sock.c | 5 net/ipv4/ip_tunnel.c | 38 - net/ipv4/tcp_input.c | 1 net/ipv6/ila/ila_xlat.c | 16 net/llc/llc_input.c | 2 net/mac80211/ieee80211_i.h | 2 net/mac80211/mesh.c | 6 net/mac80211/status.c | 1 net/mac80211/util.c | 19 net/mctp/route.c | 36 - net/mptcp/options.c | 7 net/mptcp/protocol.c | 22 net/netrom/nr_route.c | 6 net/packet/af_packet.c | 28 - net/sctp/associola.c | 3 scripts/mod/file2alias.c | 4 scripts/sorttable.h | 5 security/selinux/ss/services.c | 8 sound/core/seq/oss/seq_oss_synth.c | 2 sound/core/seq/seq_clientmgr.c | 14 sound/core/ump.c | 61 +- sound/pci/hda/patch_ca0132.c | 37 - sound/pci/hda/patch_realtek.c | 2 sound/usb/format.c | 7 sound/usb/mixer_us16x08.c | 2 sound/usb/quirks.c | 2 tools/testing/selftests/bpf/progs/verifier_subprog_precision.c | 23 tools/testing/selftests/bpf/verifier/precise.c | 38 - 257 files changed, 3085 insertions(+), 1788 deletions(-) Adam Young (1): mailbox: pcc: Check before sending MCTP PCC response ACK Adrian Ratiu (2): sound: usb: enable DSD output for ddHiFi TC44C sound: usb: format: don't warn that raw DSD is unsupported Agustin Gutierrez (1): drm/amd/display: Fix DSC-re-computing Al Viro (1): udf_rename(): only access the child content on cross-directory rename Alessandro Carminati (1): mm/kmemleak: fix sleeping function called from invalid context at print message Andrea della Porta (1): of: address: Preserve the flags portion on 1:1 dma-ranges mapping Andrew Halaney (1): net: stmmac: don't create a MDIO bus if unnecessary Anton Protopopov (1): bpf: fix potential error return Antonio Pastor (1): net: llc: reset skb->transport_header Arnd Bergmann (1): kcov: mark in_softirq_really() as __always_inline Baoquan He (1): x86, crash: wrap crash dumping code into crash related ifdefs Biju Das (3): drm: adv7511: Drop dsi single lane support dt-bindings: display: adi,adv7533: Drop single lane support drm: adv7511: Fix use-after-free in adv7533_attach_dsi() Borislav Petkov (AMD) (1): x86/mm: Carve out INVLPG inline asm for use by others Brian Foster (1): ext4: partial zero eof block on unaligned inode size extension Chao Yu (1): f2fs: fix to wait dio completion ChenXiaoSong (4): smb/client: rename cifs_ntsd to smb_ntsd smb/client: rename cifs_sid to smb_sid smb/client: rename cifs_acl to smb_acl smb/client: rename cifs_ace to smb_ace Chengchang Tang (4): RDMA/hns: Refactor mtr find RDMA/hns: Remove unused parameters and variables RDMA/hns: Fix warning storm caused by invalid input in IO path RDMA/hns: Fix missing flush CQE for DWQE Chris Lu (2): Bluetooth: btusb: add callback function in btusb suspend/resume Bluetooth: btusb: mediatek: add callback function in btusb_disconnect Claudiu Beznea (3): watchdog: rzg2l_wdt: Remove reset de-assert from probe watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler Damodharam Ammepalli (2): RDMA/bnxt_re: Add send queue size check for variable wqe RDMA/bnxt_re: Fix MSN table size for variable wqe mode Dan Carpenter (1): RDMA/uverbs: Prevent integer overflow issue Daniel Schaefer (1): ALSA hda/realtek: Add quirk for Framework F111:000C Daniele Palmas (1): net: usb: qmi_wwan: add Telit FE910C04 compositions David Hildenbrand (1): fs/proc/task_mmu: fix pagemap flags with PMD THP entries on 32bit Dennis Lam (1): ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv Devi Priya (1): clk: qcom: clk-alpha-pll: Add NSS HUAYRA ALPHA PLL support for ipq9574 Dmitry Baryshkov (7): remoteproc: qcom: pas: enable SAR2130P audio DSP support usb: typec: ucsi: add callback for connector status updates usb: typec: ucsi: glink: move GPIO reading into connector_status callback usb: typec: ucsi: add update_connector callback usb: typec: ucsi: glink: set orientation aware if supported usb: typec: ucsi: glink: be more precise on orientation-aware ports usb: typec: ucsi: glink: fix off-by-one in connector_status Dragos Tatulea (1): net/mlx5e: macsec: Maintain TX SA from encoding_sa Emmanuel Grumbach (1): wifi: mac80211: wake the queues in case of failure in resume Enzo Matsumiya (1): smb: client: destroy cfid_put_wq on module exit Eric Biggers (1): mmc: sdhci-msm: fix crypto key eviction Eric Dumazet (5): ip_tunnel: annotate data-races around t->parms.link net: restrict SO_REUSEPORT to inet sockets af_packet: fix vlan_get_tci() vs MSG_PEEK af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK ila: serialize calls to nf_register_net_hooks() Evgenii Shatokhin (1): pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking Fangzhi Zuo (1): drm/amd/display: Fix incorrect DSC recompute trigger Filipe Manana (3): btrfs: rename and export __btrfs_cow_block() btrfs: fix use-after-free when COWing tree bock and tracing is enabled btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount Greg Kroah-Hartman (1): Linux 6.6.70 Guixin Liu (1): scsi: mpi3mr: Use ida to manage mrioc ID Hao Qin (1): Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 Herve Codina (1): of: address: Remove duplicated functions Hobin Woo (1): ksmbd: retry iterate_dir in smb2_query_dir Huisong Li (2): mailbox: pcc: Add support for platform notification handling mailbox: pcc: Support shared interrupt for multiple subspaces Ido Schimmel (3): ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() Ilya Shchipletsov (1): netrom: check buffer length before accessing it Issam Hamdi (1): wifi: mac80211: fix mbss changed flags corruption on 32 bit systems Jan Kara (1): udf: Verify inode link counts before performing rename Jarkko Nikula (2): i2c: i801: Add support for Intel Arrow Lake-H i2c: i801: Add support for Intel Panther Lake Jeff Johnson (1): wifi: ath10k: Update Qualcomm Innovation Center, Inc. copyrights Jeff Layton (1): ext4: convert to new timestamp accessors Jeremy Kerr (1): net: mctp: handle skb cleanup on sock_queue failures Jianbo Liu (1): net/mlx5e: Skip restore TC rules for vport rep without loaded flag Jiande Lu (1): Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 Jingyang Wang (1): Bluetooth: Add support ITTIM PE50-M75C Jinjian Song (1): net: wwan: t7xx: Fix FSM command timeout issue Joe Hattori (3): platform/x86: mlx-platform: call pci_dev_put() to balance the refcount net: stmmac: restructure the error path of stmmac_probe_config_dt() net: mv643xx_eth: fix an OF node reference leak Johannes Thumshirn (1): btrfs: fix use-after-free in btrfs_encoded_read_endio() Jonathan Cameron (1): iio: adc: ad7192: Convert from of specific to fwnode property handling Joshua Washington (2): gve: guard XSK operations on the existence of queues gve: guard XDP xmit NDO on existence of xdp queues K Prateek Nayak (1): softirq: Allow raising SCHED_SOFTIRQ from SMP-call-function on RT kernel Kalesh AP (3): RDMA/bnxt_re: Fix the check for 9060 condition RDMA/bnxt_re: Fix reporting hw_ver in query_device RDMA/bnxt_re: Disable use of reserved wqes Kalle Valo (1): wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() Kang Yang (1): wifi: ath10k: avoid NULL pointer error during sdio remove Karthikeyan Periyasamy (1): wifi: ath12k: Optimize the mac80211 hw data access Kashyap Desai (2): RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters RDMA/bnxt_re: Fix max SGEs for the Work Request Kees Cook (1): seq_buf: Introduce DECLARE_SEQ_BUF and seq_buf_str() Konstantin Komarov (2): fs/ntfs3: Implement fallocate for compressed files fs/ntfs3: Fix warning in ni_fiemap Kuan-Wei Chiu (1): scripts/sorttable: fix orc_sort_cmp() to maintain symmetry and transitivity Laurent Pinchart (1): media: uvcvideo: Force UVC version to 1.0a for 0408:4035 Leon Romanovsky (2): RDMA/bnxt_re: Remove always true dattr validity check ARC: build: Try to guess GCC variant of cross compiler Li Zhijian (1): RDMA/rtrs: Ensure 'ib_sge list' is accessible Liam Ni (1): NUMA: optimize detection of memory with no node id assigned by firmware Liang Jie (1): net: sfc: Correct key_len for efx_tc_ct_zone_ht_params Luiz Augusto von Dentz (1): Bluetooth: hci_core: Fix sleeping function called from invalid context Lukas Wunner (1): crypto: ecdsa - Avoid signed integer overflow on signature decoding Maciej S. Szmigiero (1): net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() Mario Limonciello (1): thunderbolt: Don't display nvm_version unless upgrade supported Markus Elfring (1): Bluetooth: hci_conn: Reduce hci_conn_drop() calls in two functions Masahiro Yamada (2): modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host modpost: fix the missed iteration for the max bit in do_input() Mathias Nyman (1): xhci: Turn NEC specific quirk for handling Stop Endpoint errors generic Matthew Wilcox (Oracle) (2): tracing: Move readpos from seq_buf to trace_seq powerpc: Remove initialisation of readpos Mauro Carvalho Chehab (1): docs: media: update location of the media patches Max Kellermann (1): ceph: give up on paths longer than PATH_MAX Meghana Malladi (1): net: ti: icssg-prueth: Fix clearing of IEP_CMP_CFG registers during iep_init Michal Pecio (3): xhci: retry Stop Endpoint on buggy NEC controllers usb: xhci: Limit Stop Endpoint retries usb: xhci: Avoid queuing redundant Stop Endpoint commands Mika Westerberg (2): thunderbolt: Add support for Intel Lunar Lake thunderbolt: Add support for Intel Panther Lake-M/P Mike Rapoport (Microsoft) (1): memblock: allow zero threshold in validate_numa_converage() Naman Jain (1): x86/hyperv: Fix hv tsc page based sched_clock for hibernation Namjae Jeon (1): ksmbd: set ATTR_CTIME flags when setting mtime Nathan Lynch (1): seq_buf: Make DECLARE_SEQ_BUF() usable Nikita Travkin (1): remoteproc: qcom: pas: Add sc7180 adsp Nikita Yushchenko (1): net: renesas: rswitch: fix possible early skb release Nikolay Kuratov (1): net/sctp: Prevent autoclose integer overflow in sctp_association_init() Nilay Shroff (2): nvme: use helper nvme_ctrl_state in nvme_keep_alive_finish function Revert "nvme: make keep-alive synchronous operation" Nuno Sa (1): iio: adc: ad7192: properly check spi_get_device_match_data() Pablo Neira Ayuso (1): netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext Paolo Abeni (3): mptcp: fix TCP options overflow. mptcp: fix recvbuffer adjust on sleeping rcvmsg mptcp: don't always assume copied data in mptcp_cleanup_rbuf() Pascal Hambourg (1): sky2: Add device ID 11ab:4373 for Marvell 88E8075 Patrisious Haddad (1): RDMA/mlx5: Enforce same type port association for multiport RoCE Paulo Alcantara (2): smb: client: stop flooding dmesg in smb2_calc_signature() smb: client: fix use-after-free of signing key Peter Zijlstra (1): cleanup: Add conditional guard support Ping-Ke Shih (2): wifi: mac80211: export ieee80211_purge_tx_queue() for drivers wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb Prike Liang (1): drm/amdkfd: Correct the migration DMA map direction Przemek Kitszel (1): cleanup: Adjust scoped_guard() macros to avoid potential warning Qinxin Xia (1): ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A Rajendra Nayak (1): clk: qcom: clk-alpha-pll: Add support for zonda ole pll configure Ralph Boehme (1): fs/smb/client: implement chmod() for SMB3 POSIX Extensions Ranjan Kumar (1): scsi: mpi3mr: Start controller indexing from 0 Ricardo Ribalda (1): media: uvcvideo: Force UVC version to 1.0a for 0408:4033 Rob Herring (1): of: address: Store number of bus flag cells rather than bool Robert Beckett (1): nvme-pci: 512 byte aligned dma pool segment quirk Rodrigo Vivi (1): drm/i915/dg1: Fix power gate sequence. Rory Little (1): wifi: mac80211: Add non-atomic station iterator Saravanan Vajravel (1): RDMA/bnxt_re: Add check for path mtu in modify_qp Sebastian Ott (1): net/mlx5: unique names for per device caches Seiji Nishikawa (1): mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() Selvarasu Ganesan (1): usb: dwc3: gadget: Add missing check for single port RAM in TxFIFO resizing logic Selvin Xavier (6): RDMA/bnxt_re: Allow MSN table capability check RDMA/bnxt_re: Avoid initializing the software queue for user queues RDMA/bnxt_re: Fix max_qp_wrs reported RDMA/bnxt_re: Add support for Variable WQE in Genp7 adapters RDMA/bnxt_re: Fix the locking while accessing the QP table RDMA/bnxt_re: Fix the max WQE size for static WQE support Shahar Shitrit (1): net/mlx5: DR, select MSIX vector 0 for completion queue creation Shung-Hsi Yu (1): Revert "bpf: support non-r10 register spill/fill to/from stack in precision tracking" Stefan Berger (4): crypto: ecdsa - Convert byte arrays with key coordinates to digits crypto: ecdsa - Rename keylen to bufsize where necessary crypto: ecdsa - Use ecc_digits_from_bytes to convert signature crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes Stefan Ekenberg (1): drm/bridge: adv7511_audio: Update Audio InfoFrame properly Steven Rostedt (3): tracing: Have process_string() also allow arrays tracing: Fix trace_check_vprintf() when tp_printk is used tracing: Check "%s" dereference via the field and not the TP_printk format Steven Rostedt (Google) (1): tracing: Handle old buffer mappings for event strings and functions Sudeep Holla (2): i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros ACPI: PCC: Add PCC shared memory region command and status bitfields Takashi Iwai (8): ALSA: ump: Use guard() for locking ALSA: ump: Don't open legacy substream for an inactive group ALSA: ump: Indicate the inactive group in legacy substream names ALSA: ump: Update legacy substream names upon FB info update ALSA: ump: Shut up truncated string warning ALSA: hda/ca0132: Use standard HD-audio quirk matching helpers ALSA: seq: Check UMP support for midi_version change ALSA: seq: oss: Fix races at processing SysEx messages Tanya Agarwal (1): ALSA: usb-audio: US16x08: Initialize array before use Tengfei Fan (1): remoteproc: qcom: pas: Add support for SA8775p ADSP, CDSP and GPDSP Thiébaud Weksteen (1): selinux: ignore unknown extended permissions Thomas Gleixner (1): sched: Initialize idle tasks only once Tomer Maimon (1): usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag Tristram Ha (2): net: dsa: microchip: Fix KSZ9477 set_ageing_time function net: dsa: microchip: Fix LAN937X set_ageing_time function Ulrik Strid (1): Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 Uros Bizjak (2): cleanup: Remove address space of returned pointer irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base Vasiliy Kovalev (1): ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model Vitalii Mordan (1): eth: bcmsysport: fix call balance of priv->clk handling routines Wang Liang (1): net: fix memory leak in tcp_conn_request() Willem de Bruijn (1): net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets Xiao Liang (1): net: Fix netns for ip_tunnel_init_flow() Xin Li (2): x86/ptrace: Cleanup the definition of the pt_regs structure x86/ptrace: Add FRED additional information to the pt_regs structure Xin Li (Intel) (1): x86/fred: Clear WFE in missing-ENDBRANCH #CPs Xu Yang (2): usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag usb: chipidea: udc: limit usb request length to max 16KB Yafang Shao (1): mm/readahead: fix large folio support in async readahead Yicong Yang (1): ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 Yihang Li (5): scsi: hisi_sas: Directly call register snapshot instead of using workqueue scsi: hisi_sas: Allocate DFX memory during dump trigger scsi: hisi_sas: Create all dump files during debugfs initialization scsi: hisi_sas: Fix a deadlock issue related to automatic dump scsi: hisi_sas: Remove redundant checks for automatic debugfs dump wenglianfa (1): RDMA/hns: Fix mapping error of zero-hop WQE buffer

3 months, 1 week

2
4
0 0

[PATCH] brcmfmac: NULL pointer dereference on tx statistic update

by Marcel Hamer

On removal of the device or unloading of the kernel module a potential NULL pointer dereference occurs. The following sequence deletes the interface: brcmf_detach() brcmf_remove_interface() brcmf_del_if() Inside the brcmf_del_if() function the drvr->if2bss[ifidx] is updated to BRCMF_BSSIDX_INVALID (-1) if the bsscfgidx matches. After brcmf_remove_interface() call the brcmf_proto_detach() function is called providing the following sequence: brcmf_detach() brcmf_proto_detach() brcmf_proto_msgbuf_detach() brcmf_flowring_detach() brcmf_msgbuf_delete_flowring() brcmf_msgbuf_remove_flowring() brcmf_flowring_delete() brcmf_get_ifp() brcmf_txfinalize() Since brcmf_get_ip() can and actually will return NULL in this case the call to brcmf_txfinalize() will result in a NULL pointer dereference inside brcmf_txfinalize() when trying to update ifp->ndev->stats.tx_errors. This will only happen if a flowring still has an skb. Cc: stable(a)vger.kernel.org Signed-off-by: Marcel Hamer <marcel.hamer(a)windriver.com> Link: https://lore.kernel.org/all/b519e746-ddfd-421f-d897-7620d229e4b2@gmail.com/ --- drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c index c3a57e30c855..cf731bc7ae24 100644 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c @@ -549,7 +549,7 @@ void brcmf_txfinalize(struct brcmf_if *ifp, struct sk_buff *txp, bool success) wake_up(&ifp->pend_8021x_wait); } - if (!success) + if (!success && ifp) ifp->ndev->stats.tx_errors++; brcmu_pkt_buf_free_skb(txp); -- 2.34.1

3 months, 1 week

2
2
0 0

Linux 6.6.71

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.71 kernel. It's only needed if you could not properly build 6.6.70 as there is a configuration that is pretty common that would fail to build properly. That is now resolved. If you did not have a problem building 6.6.70, no need to upgrade at this point in time. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 +- arch/x86/kernel/Makefile | 4 ++-- arch/x86/kernel/cpu/mshyperv.c | 10 ++-------- arch/x86/kernel/kexec-bzimage64.c | 4 ---- arch/x86/kernel/kvm.c | 4 ++-- arch/x86/kernel/machine_kexec_64.c | 3 --- arch/x86/kernel/reboot.c | 4 ++-- arch/x86/kernel/setup.c | 2 +- arch/x86/kernel/smp.c | 2 +- arch/x86/xen/enlighten_hvm.c | 4 ---- arch/x86/xen/mmu_pv.c | 2 +- 11 files changed, 12 insertions(+), 29 deletions(-) Greg Kroah-Hartman (3): Revert "x86/hyperv: Fix hv tsc page based sched_clock for hibernation" Revert "x86, crash: wrap crash dumping code into crash related ifdefs" Linux 6.6.71 Naman Jain (1): x86/hyperv: Fix hv tsc page based sched_clock for hibernation

3 months, 1 week

1
1
0 0

[PATCH net v2 4/5] vsock: reset socket state when de-assigning the transport

by Stefano Garzarella

Transport's release() and destruct() are called when de-assigning the vsock transport. These callbacks can touch some socket state like sock flags, sk_state, and peer_shutdown. Since we are reassigning the socket to a new transport during vsock_connect(), let's reset these fields to have a clean state with the new transport. Fixes: c0cfa2d8a788 ("vsock: add multi-transports support") Cc: stable(a)vger.kernel.org Signed-off-by: Stefano Garzarella <sgarzare(a)redhat.com> --- net/vmw_vsock/af_vsock.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c index 5cf8109f672a..74d35a871644 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -491,6 +491,15 @@ int vsock_assign_transport(struct vsock_sock *vsk, struct vsock_sock *psk) */ vsk->transport->release(vsk); vsock_deassign_transport(vsk); + + /* transport's release() and destruct() can touch some socket + * state, since we are reassigning the socket to a new transport + * during vsock_connect(), let's reset these fields to have a + * clean state. + */ + sock_reset_flag(sk, SOCK_DONE); + sk->sk_state = TCP_CLOSE; + vsk->peer_shutdown = 0; } /* We increase the module refcnt to prevent the transport unloading -- 2.47.1

3 months, 1 week

2
2
0 0

[PATCH v2] samples/landlock: Fix possible NULL dereference in parse_path()

by Gax-c

From: Zichen Xie <zichenxie0106(a)gmail.com> malloc() may return NULL, leading to NULL dereference. Add a NULL check. Fixes: ba84b0bf5a16 ("samples/landlock: Add a sandbox manager example") Signed-off-by: Zichen Xie <zichenxie0106(a)gmail.com> Cc: stable(a)vger.kernel.org --- v2: Modify logic & Add Fixes tag. --- samples/landlock/sandboxer.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/samples/landlock/sandboxer.c b/samples/landlock/sandboxer.c index 57565dfd74a2..ef2a34173d84 100644 --- a/samples/landlock/sandboxer.c +++ b/samples/landlock/sandboxer.c @@ -91,6 +91,9 @@ static int parse_path(char *env_path, const char ***const path_list) } } *path_list = malloc(num_paths * sizeof(**path_list)); + if (*path_list == NULL) + return -1; + for (i = 0; i < num_paths; i++) (*path_list)[i] = strsep(&env_path, ENV_DELIMITER); @@ -127,6 +130,11 @@ static int populate_ruleset_fs(const char *const env_var, const int ruleset_fd, env_path_name = strdup(env_path_name); unsetenv(env_var); num_paths = parse_path(env_path_name, &path_list); + if (num_paths == -1) { + fprintf(stderr, "Failed to allocate memory\n"); + ret = 1; + goto out_free_name; + } if (num_paths == 1 && path_list[0][0] == '\0') { /* * Allows to not use all possible restrictions (e.g. use -- 2.34.1

3 months, 1 week

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror January 2025