January 2025 - Linux-stable-mirror

[PATCH 6.6.y 1/2] erofs: handle overlapped pclusters out of crafted images properly

by Gao Xiang

commit 9e2f9d34dd12e6e5b244ec488bcebd0c2d566c50 upstream. syzbot reported a task hang issue due to a deadlock case where it is waiting for the folio lock of a cached folio that will be used for cache I/Os. After looking into the crafted fuzzed image, I found it's formed with several overlapped big pclusters as below: Ext: logical offset | length : physical offset | length 0: 0.. 16384 | 16384 : 151552.. 167936 | 16384 1: 16384.. 32768 | 16384 : … [View More] 155648.. 172032 | 16384 2: 32768.. 49152 | 16384 : 537223168.. 537239552 | 16384 ... Here, extent 0/1 are physically overlapped although it's entirely _impossible_ for normal filesystem images generated by mkfs. First, managed folios containing compressed data will be marked as up-to-date and then unlocked immediately (unlike in-place folios) when compressed I/Os are complete. If physical blocks are not submitted in the incremental order, there should be separate BIOs to avoid dependency issues. However, the current code mis-arranges z_erofs_fill_bio_vec() and BIO submission which causes unexpected BIO waits. Second, managed folios will be connected to their own pclusters for efficient inter-queries. However, this is somewhat hard to implement easily if overlapped big pclusters exist. Again, these only appear in fuzzed images so let's simply fall back to temporary short-lived pages for correctness. Additionally, it justifies that referenced managed folios cannot be truncated for now and reverts part of commit 2080ca1ed3e4 ("erofs: tidy up `struct z_erofs_bvec`") for simplicity although it shouldn't be any difference. Reported-by: syzbot+4fc98ed414ae63d1ada2(a)syzkaller.appspotmail.com Reported-by: syzbot+de04e06b28cfecf2281c(a)syzkaller.appspotmail.com Reported-by: syzbot+c8c8238b394be4a1087d(a)syzkaller.appspotmail.com Tested-by: syzbot+4fc98ed414ae63d1ada2(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/r/0000000000002fda01061e334873@google.com Fixes: 8e6c8fa9f2e9 ("erofs: enable big pcluster feature") Link: https://lore.kernel.org/r/20240910070847.3356592-1-hsiangkao@linux.alibaba.… Signed-off-by: Gao Xiang <hsiangkao(a)linux.alibaba.com> --- fs/erofs/zdata.c | 59 +++++++++++++++++++++++++----------------------- 1 file changed, 31 insertions(+), 28 deletions(-) diff --git a/fs/erofs/zdata.c b/fs/erofs/zdata.c index 1c0e6167d8e7..9fa07436a4da 100644 --- a/fs/erofs/zdata.c +++ b/fs/erofs/zdata.c @@ -1483,14 +1483,13 @@ static struct page *pickup_page_for_submission(struct z_erofs_pcluster *pcl, goto out; lock_page(page); - - /* only true if page reclaim goes wrong, should never happen */ - DBG_BUGON(justfound && PagePrivate(page)); - - /* the page is still in manage cache */ - if (page->mapping == mc) { + if (likely(page->mapping == mc)) { WRITE_ONCE(pcl->compressed_bvecs[nr].page, page); + /* + * The cached folio is still in managed cache but without + * a valid `->private` pcluster hint. Let's reconnect them. + */ if (!PagePrivate(page)) { /* * impossible to be !PagePrivate(page) for @@ -1504,22 +1503,24 @@ static struct page *pickup_page_for_submission(struct z_erofs_pcluster *pcl, SetPagePrivate(page); } - /* no need to submit io if it is already up-to-date */ - if (PageUptodate(page)) { - unlock_page(page); - page = NULL; + if (likely(page->private == (unsigned long)pcl)) { + /* don't submit cache I/Os again if already uptodate */ + if (PageUptodate(page)) { + unlock_page(page); + page = NULL; + + } + goto out; } - goto out; + /* + * Already linked with another pcluster, which only appears in + * crafted images by fuzzers for now. But handle this anyway. + */ + tocache = false; /* use temporary short-lived pages */ + } else { + DBG_BUGON(1); /* referenced managed folios can't be truncated */ + tocache = true; } - - /* - * the managed page has been truncated, it's unsafe to - * reuse this one, let's allocate a new cache-managed page. - */ - DBG_BUGON(page->mapping); - DBG_BUGON(!justfound); - - tocache = true; unlock_page(page); put_page(page); out_allocpage: @@ -1677,16 +1678,11 @@ static void z_erofs_submit_queue(struct z_erofs_decompress_frontend *f, end = cur + pcl->pclusterpages; do { - struct page *page; - - page = pickup_page_for_submission(pcl, i++, - &f->pagepool, mc); - if (!page) - continue; + struct page *page = NULL; if (bio && (cur != last_index + 1 || last_bdev != mdev.m_bdev)) { -submit_bio_retry: +drain_io: submit_bio(bio); if (memstall) { psi_memstall_leave(&pflags); @@ -1695,6 +1691,13 @@ static void z_erofs_submit_queue(struct z_erofs_decompress_frontend *f, bio = NULL; } + if (!page) { + page = pickup_page_for_submission(pcl, i++, + &f->pagepool, mc); + if (!page) + continue; + } + if (unlikely(PageWorkingset(page)) && !memstall) { psi_memstall_enter(&pflags); memstall = 1; @@ -1715,7 +1718,7 @@ static void z_erofs_submit_queue(struct z_erofs_decompress_frontend *f, } if (bio_add_page(bio, page, PAGE_SIZE, 0) < PAGE_SIZE) - goto submit_bio_retry; + goto drain_io; last_index = cur; bypass = false; -- 2.43.5 [View Less]

3 months, 3 weeks

2
2
0 0

[PATCH 5.10-6.1] ceph: give up on paths longer than PATH_MAX

by Ilya Dryomov

From: Max Kellermann <max.kellermann(a)ionos.com> commit 550f7ca98ee028a606aa75705a7e77b1bd11720f upstream. If the full path to be built by ceph_mdsc_build_path() happens to be longer than PATH_MAX, then this function will enter an endless (retry) loop, effectively blocking the whole task. Most of the machine becomes unusable, making this a very simple and effective DoS vulnerability. I cannot imagine why this retry was ever implemented, but it seems rather useless and harmful to me. … [View More]

3 months, 3 weeks

2
1
0 0

[PATCH net] netdev: prevent accessing NAPI instances from another namespace

by Jakub Kicinski

The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. The netlink API must ensure that at the very least NAPI instance belongs to the same netns as the owner of the genl sock. napi_by_id() can become static now, but it needs to move because of dev_get_by_napi_id(). Cc: stable(a)vger.kernel.org Fixes: 1287c1ae0fc2 ("netdev-genl: Support setting per-NAPI config values") Fixes: 27f91aaf49b3 ("netdev-genl: Add netlink framework functions for … [View More]napi") Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> --- Splitting this into fix per-version is a bit tricky, because we need to replace the napi_by_id() helper with a better one. I'll send the stable versions manually. CC: jdamato(a)fastly.com CC: almasrymina(a)google.com CC: amritha.nambiar(a)intel.com CC: sridhar.samudrala(a)intel.com --- net/core/dev.c | 43 +++++++++++++++++++++++++++++------------- net/core/dev.h | 3 ++- net/core/netdev-genl.c | 6 ++---- 3 files changed, 34 insertions(+), 18 deletions(-) diff --git a/net/core/dev.c b/net/core/dev.c index 7c63d97b13c1..e001df4cb486 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -753,6 +753,36 @@ int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, } EXPORT_SYMBOL_GPL(dev_fill_forward_path); +/* must be called under rcu_read_lock(), as we dont take a reference */ +static struct napi_struct *napi_by_id(unsigned int napi_id) +{ + unsigned int hash = napi_id % HASH_SIZE(napi_hash); + struct napi_struct *napi; + + hlist_for_each_entry_rcu(napi, &napi_hash[hash], napi_hash_node) + if (napi->napi_id == napi_id) + return napi; + + return NULL; +} + +/* must be called under rcu_read_lock(), as we dont take a reference */ +struct napi_struct *netdev_napi_by_id(struct net *net, unsigned int napi_id) +{ + struct napi_struct *napi; + + napi = napi_by_id(napi_id); + if (!napi) + return NULL; + + if (WARN_ON_ONCE(!napi->dev)) + return NULL; + if (!net_eq(net, dev_net(napi->dev))) + return NULL; + + return napi; +} + /** * __dev_get_by_name - find a device by its name * @net: the applicable net namespace @@ -6293,19 +6323,6 @@ bool napi_complete_done(struct napi_struct *n, int work_done) } EXPORT_SYMBOL(napi_complete_done); -/* must be called under rcu_read_lock(), as we dont take a reference */ -struct napi_struct *napi_by_id(unsigned int napi_id) -{ - unsigned int hash = napi_id % HASH_SIZE(napi_hash); - struct napi_struct *napi; - - hlist_for_each_entry_rcu(napi, &napi_hash[hash], napi_hash_node) - if (napi->napi_id == napi_id) - return napi; - - return NULL; -} - static void skb_defer_free_flush(struct softnet_data *sd) { struct sk_buff *skb, *next; diff --git a/net/core/dev.h b/net/core/dev.h index aa91eed55a40..08812a025a9b 100644 --- a/net/core/dev.h +++ b/net/core/dev.h @@ -22,6 +22,8 @@ struct sd_flow_limit { extern int netdev_flow_limit_table_len; +struct napi_struct *netdev_napi_by_id(struct net *net, unsigned int napi_id); + #ifdef CONFIG_PROC_FS int __init dev_proc_init(void); #else @@ -269,7 +271,6 @@ void xdp_do_check_flushed(struct napi_struct *napi); static inline void xdp_do_check_flushed(struct napi_struct *napi) { } #endif -struct napi_struct *napi_by_id(unsigned int napi_id); void kick_defer_list_purge(struct softnet_data *sd, unsigned int cpu); #define XMIT_RECURSION_LIMIT 8 diff --git a/net/core/netdev-genl.c b/net/core/netdev-genl.c index 125b660004d3..a3bdaf075b6b 100644 --- a/net/core/netdev-genl.c +++ b/net/core/netdev-genl.c @@ -167,8 +167,6 @@ netdev_nl_napi_fill_one(struct sk_buff *rsp, struct napi_struct *napi, void *hdr; pid_t pid; - if (WARN_ON_ONCE(!napi->dev)) - return -EINVAL; if (!(napi->dev->flags & IFF_UP)) return 0; @@ -234,7 +232,7 @@ int netdev_nl_napi_get_doit(struct sk_buff *skb, struct genl_info *info) rtnl_lock(); rcu_read_lock(); - napi = napi_by_id(napi_id); + napi = netdev_napi_by_id(genl_info_net(info), napi_id); if (napi) { err = netdev_nl_napi_fill_one(rsp, napi, info); } else { @@ -355,7 +353,7 @@ int netdev_nl_napi_set_doit(struct sk_buff *skb, struct genl_info *info) rtnl_lock(); rcu_read_lock(); - napi = napi_by_id(napi_id); + napi = netdev_napi_by_id(genl_info_net(info), napi_id); if (napi) { err = netdev_nl_napi_set_config(napi, info); } else { -- 2.47.1 [View Less]

3 months, 3 weeks

5
6
0 0

[PATCH v5 0/5] arm64: Support 2024 dpISA extensions

by Mark Brown

The 2024 architecture release includes a number of data processing extensions, mostly SVE and SME additions with a few others. These are all very straightforward extensions which add instructions but no architectural state so only need hwcaps and exposing of the ID registers to KVM guests and userspace. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Changes in v5: - Rebase onto arm64/for-next/cpufeature, which incorporates most of the sysreg updates from earlier versions. - … [View More]

3 months, 3 weeks

3
3
0 0

[PATCH v3] arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu()

by Mark Brown

In commit 892f7237b3ff ("arm64: Delay initialisation of cpuinfo_arm64::reg_{zcr,smcr}") we moved access to ZCR, SMCR and SMIDR later in the boot process in order to ensure that we don't attempt to interact with them if SVE or SME is disabled on the command line. Unfortunately when initialising the boot CPU in init_cpu_features() we work on a copy of the struct cpuinfo_arm64 for the boot CPU used only during boot, not the percpu copy used by the sysfs code. The expectation of the feature … [View More]identification code was that the ID registers would be read in __cpuinfo_store_cpu() and the values not modified by init_cpu_features(). The main reason for the original change was to avoid early accesses to ZCR on practical systems that were seen shipping with SVE reported in ID registers but traps enabled at EL3 and handled as fatal errors, SME was rolled in due to the similarity with SVE. Since then we have removed the early accesses to ZCR and SMCR in commits: abef0695f9665c3d ("arm64/sve: Remove ZCR pseudo register from cpufeature code") 391208485c3ad50f ("arm64/sve: Remove SMCR pseudo register from cpufeature code") so only the SMIDR_EL1 part of the change remains. Since SMIDR_EL1 is only trapped via FEAT_IDST and not the SME trap it is less likely to be affected by similar issues, and the factors that lead to issues with SVE are less likely to apply to SME. Since we have not yet seen practical SME systems that need to use a command line override (and are only just beginning to see SME systems at all) and the ID register read is much more likely to be safe let's just store SMIDR_EL1 along with all the other ID register reads in __cpuinfo_store_cpu(). This issue wasn't apparent when testing on emulated platforms that do not report values in SMIDR_EL1. Fixes: 892f7237b3ff ("arm64: Delay initialisation of cpuinfo_arm64::reg_{zcr,smcr}") Signed-off-by: Mark Brown <broonie(a)kernel.org> Cc: stable(a)vger.kernel.org --- Changes in v3: - Leave the override in place. - Link to v2: https://lore.kernel.org/r/20241216-arm64-fix-boot-cpu-smidr-v2-1-a99ffba2c3… Changes in v2: - Move the ID register read back to __cpuinfo_store_cpu(). - Remove the command line option for SME ID register override. - Link to v1: https://lore.kernel.org/r/20241214-arm64-fix-boot-cpu-smidr-v1-1-0745c40772… --- arch/arm64/kernel/cpufeature.c | 13 ------------- arch/arm64/kernel/cpuinfo.c | 10 ++++++++++ 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index 6ce71f444ed84f9056196bb21bbfac61c9687e30..818aca922ca6066eb4bdf79e153cccb24246c61b 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -1167,12 +1167,6 @@ void __init init_cpu_features(struct cpuinfo_arm64 *info) id_aa64pfr1_sme(read_sanitised_ftr_reg(SYS_ID_AA64PFR1_EL1))) { unsigned long cpacr = cpacr_save_enable_kernel_sme(); - /* - * We mask out SMPS since even if the hardware - * supports priorities the kernel does not at present - * and we block access to them. - */ - info->reg_smidr = read_cpuid(SMIDR_EL1) & ~SMIDR_EL1_SMPS; vec_init_vq_map(ARM64_VEC_SME); cpacr_restore(cpacr); @@ -1423,13 +1417,6 @@ void update_cpu_features(int cpu, id_aa64pfr1_sme(read_sanitised_ftr_reg(SYS_ID_AA64PFR1_EL1))) { unsigned long cpacr = cpacr_save_enable_kernel_sme(); - /* - * We mask out SMPS since even if the hardware - * supports priorities the kernel does not at present - * and we block access to them. - */ - info->reg_smidr = read_cpuid(SMIDR_EL1) & ~SMIDR_EL1_SMPS; - /* Probe vector lengths */ if (!system_capabilities_finalized()) vec_update_vq_map(ARM64_VEC_SME); diff --git a/arch/arm64/kernel/cpuinfo.c b/arch/arm64/kernel/cpuinfo.c index d79e88fccdfce427507e7a34c5959ce6309cbd12..c45633b5ae233fe78607fce3d623efb28a9f341a 100644 --- a/arch/arm64/kernel/cpuinfo.c +++ b/arch/arm64/kernel/cpuinfo.c @@ -482,6 +482,16 @@ static void __cpuinfo_store_cpu(struct cpuinfo_arm64 *info) if (id_aa64pfr0_mpam(info->reg_id_aa64pfr0)) info->reg_mpamidr = read_cpuid(MPAMIDR_EL1); + if (IS_ENABLED(CONFIG_ARM64_SME) && + id_aa64pfr1_sme(info->reg_id_aa64pfr1)) { + /* + * We mask out SMPS since even if the hardware + * supports priorities the kernel does not at present + * and we block access to them. + */ + info->reg_smidr = read_cpuid(SMIDR_EL1) & ~SMIDR_EL1_SMPS; + } + cpuinfo_detect_icache_policy(info); } --- base-commit: fac04efc5c793dccbd07e2d59af9f90b7fc0dca4 change-id: 20241213-arm64-fix-boot-cpu-smidr-386b8db292b2 Best regards, -- Mark Brown <broonie(a)kernel.org> [View Less]

3 months, 3 weeks

2
1
0 0

[PATCH] m68k: Fix VGA I/O defines

by Thomas Zimmermann

Including m86k's <asm/raw_io.h> in vga.h on nommu platforms results in conflicting defines with io_no.h for various I/O macros from the __raw_read and __raw_write families. An example error is In file included from arch/m68k/include/asm/vga.h:12, from include/video/vga.h:22, from include/linux/vgaarb.h:34, from drivers/video/aperture.c:12: >> arch/m68k/include/asm/raw_io.h:39: warning: "__raw_readb" redefined 39 | #define __raw_readb … [View More]in_8 | In file included from arch/m68k/include/asm/io.h:6, from include/linux/io.h:13, from include/linux/irq.h:20, from include/asm-generic/hardirq.h:17, from ./arch/m68k/include/generated/asm/hardirq.h:1, from include/linux/hardirq.h:11, from include/linux/interrupt.h:11, from include/linux/trace_recursion.h:5, from include/linux/ftrace.h:10, from include/linux/kprobes.h:28, from include/linux/kgdb.h:19, from include/linux/fb.h:6, from drivers/video/aperture.c:5: arch/m68k/include/asm/io_no.h:16: note: this is the location of the previous definition 16 | #define __raw_readb(addr) \ | Include <asm/io.h>, which avoid raw_io.h on nommu platforms. Also change the defined values of some of the read/write symbols in vga.h to __raw_read/__raw_write as the raw_in/raw_out symbols are not generally available. Signed-off-by: Thomas Zimmermann <tzimmermann(a)suse.de> Reported-by: kernel test robot <lkp(a)intel.com> Closes: https://lore.kernel.org/oe-kbuild-all/202501071629.DNEswlm8-lkp@intel.com/ Fixes: 5c3f968712ce ("m68k/video: Create <asm/vga.h>") Cc: Geert Uytterhoeven <geert(a)linux-m68k.org> Cc: linux-fbdev(a)vger.kernel.org Cc: dri-devel(a)lists.freedesktop.org Cc: Helge Deller <deller(a)gmx.de> Cc: <stable(a)vger.kernel.org> # v3.5+ --- arch/m68k/include/asm/vga.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/m68k/include/asm/vga.h b/arch/m68k/include/asm/vga.h index 4742e6bc3ab8..cdd414fa8710 100644 --- a/arch/m68k/include/asm/vga.h +++ b/arch/m68k/include/asm/vga.h @@ -9,7 +9,7 @@ */ #ifndef CONFIG_PCI -#include <asm/raw_io.h> +#include <asm/io.h> #include <asm/kmap.h> /* @@ -29,9 +29,9 @@ #define inw_p(port) 0 #define outb_p(port, val) do { } while (0) #define outw(port, val) do { } while (0) -#define readb raw_inb -#define writeb raw_outb -#define writew raw_outw +#define readb __raw_readb +#define writeb __raw_writeb +#define writew __raw_writew #endif /* CONFIG_PCI */ #endif /* _ASM_M68K_VGA_H */ -- 2.47.1 [View Less]

3 months, 3 weeks

2
1
0 0

[PATCH v2 2/2] mm: zswap: disable migration while using per-CPU acomp_ctx

by Yosry Ahmed

In zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, since neither preemption nor migration are disabled, it is possible that the operation continues on a different CPU. If the original CPU is hotunplugged while the acomp_ctx is still in use, we run into a UAF bug as the resources attached to the acomp_ctx are freed during hotunplug in zswap_cpu_comp_dead(). The problem was introduced … [View More]in commit 1ec3b5fe6eec ("mm/zswap: move to use crypto_acomp API for hardware acceleration") when the switch to the crypto_acomp API was made. Prior to that, the per-CPU crypto_comp was retrieved using get_cpu_ptr() which disables preemption and makes sure the CPU cannot go away from under us. Preemption cannot be disabled with the crypto_acomp API as a sleepable context is needed. Commit 8ba2f844f050 ("mm/zswap: change per-cpu mutex and buffer to per-acomp_ctx") increased the UAF surface area by making the per-CPU buffers dynamic, adding yet another resource that can be freed from under zswap compression/decompression by CPU hotunplug. This cannot be fixed by holding cpus_read_lock(), as it is possible for code already holding the lock to fall into reclaim and enter zswap (causing a deadlock). It also cannot be fixed by wrapping the usage of acomp_ctx in an SRCU critical section and using synchronize_srcu() in zswap_cpu_comp_dead(), because synchronize_srcu() is not allowed in CPU-hotplug notifiers (see Documentation/RCU/Design/Requirements/Requirements.rst). This can be fixed by refcounting the acomp_ctx, but it involves complexity in handling the race between the refcount dropping to zero in zswap_[de]compress() and the refcount being re-initialized when the CPU is onlined. Keep things simple for now and just disable migration while using the per-CPU acomp_ctx to block CPU hotunplug until the usage is over. Fixes: 1ec3b5fe6eec ("mm/zswap: move to use crypto_acomp API for hardware acceleration") Cc: <stable(a)vger.kernel.org> Signed-off-by: Yosry Ahmed <yosryahmed(a)google.com> Reported-by: Johannes Weiner <hannes(a)cmpxchg.org> Closes: https://lore.kernel.org/lkml/20241113213007.GB1564047@cmpxchg.org/ Reported-by: Sam Sun <samsun1006219(a)gmail.com> Closes: https://lore.kernel.org/lkml/CAEkJfYMtSdM5HceNsXUDf5haghD5+o2e7Qv4OcuruL4tP… --- mm/zswap.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/mm/zswap.c b/mm/zswap.c index f6316b66fb236..ecd86153e8a32 100644 --- a/mm/zswap.c +++ b/mm/zswap.c @@ -880,6 +880,18 @@ static int zswap_cpu_comp_dead(unsigned int cpu, struct hlist_node *node) return 0; } +/* Remain on the CPU while using its acomp_ctx to stop it from going offline */ +static struct crypto_acomp_ctx *acomp_ctx_get_cpu(struct crypto_acomp_ctx __percpu *acomp_ctx) +{ + migrate_disable(); + return raw_cpu_ptr(acomp_ctx); +} + +static void acomp_ctx_put_cpu(void) +{ + migrate_enable(); +} + static bool zswap_compress(struct page *page, struct zswap_entry *entry, struct zswap_pool *pool) { @@ -893,8 +905,7 @@ static bool zswap_compress(struct page *page, struct zswap_entry *entry, gfp_t gfp; u8 *dst; - acomp_ctx = raw_cpu_ptr(pool->acomp_ctx); - + acomp_ctx = acomp_ctx_get_cpu(pool->acomp_ctx); mutex_lock(&acomp_ctx->mutex); dst = acomp_ctx->buffer; @@ -950,6 +961,7 @@ static bool zswap_compress(struct page *page, struct zswap_entry *entry, zswap_reject_alloc_fail++; mutex_unlock(&acomp_ctx->mutex); + acomp_ctx_put_cpu(); return comp_ret == 0 && alloc_ret == 0; } @@ -960,7 +972,7 @@ static void zswap_decompress(struct zswap_entry *entry, struct folio *folio) struct crypto_acomp_ctx *acomp_ctx; u8 *src; - acomp_ctx = raw_cpu_ptr(entry->pool->acomp_ctx); + acomp_ctx = acomp_ctx_get_cpu(entry->pool->acomp_ctx); mutex_lock(&acomp_ctx->mutex); src = zpool_map_handle(zpool, entry->handle, ZPOOL_MM_RO); @@ -990,6 +1002,7 @@ static void zswap_decompress(struct zswap_entry *entry, struct folio *folio) if (src != acomp_ctx->buffer) zpool_unmap_handle(zpool, entry->handle); + acomp_ctx_put_cpu(); } /********************************* -- 2.47.1.613.gc27f4b7a9f-goog [View Less]

3 months, 3 weeks

6
23
0 0

[PATCH 1/1] usb: pd: fix the SenderResponseTimer conform to specification

by joswang

From: Jos Wang <joswang(a)lenovo.com> According to the USB PD3 CTS specification (https://usb.org/document-library/ usb-power-delivery-compliance-test-specification-0/ USB_PD3_CTS_Q4_2024_OR.zip), the requirements for tSenderResponse are different in PD2 and PD3 modes, see Table 19 Timing Table & Calculations. For PD2 mode, the tSenderResponse min 24ms and max 30ms; for PD3 mode, the tSenderResponse min 27ms and max 33ms. For the "TEST.PD.PROT.SRC.2 Get_Source_Cap No Request" test … [View More]

3 months, 3 weeks

3
4
0 0

[PATCH 6.1 00/81] 6.1.124-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.1.124 release. There are 81 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Jan 2025 15:11:04 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.124-rc… or in the git tree and … [View More]branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.1.124-rc1 Paolo Abeni <pabeni(a)redhat.com> mptcp: don't always assume copied data in mptcp_cleanup_rbuf() Paolo Abeni <pabeni(a)redhat.com> mptcp: fix recvbuffer adjust on sleeping rcvmsg Paolo Abeni <pabeni(a)redhat.com> mptcp: fix TCP options overflow. Seiji Nishikawa <snishika(a)redhat.com> mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() Yafang Shao <laoar.shao(a)gmail.com> mm/readahead: fix large folio support in async readahead Biju Das <biju.das.jz(a)bp.renesas.com> dt-bindings: display: adi,adv7533: Drop single lane support Biju Das <biju.das.jz(a)bp.renesas.com> drm: adv7511: Drop dsi single lane support Nikolay Kuratov <kniv(a)yandex-team.ru> net/sctp: Prevent autoclose integer overflow in sctp_association_init() Pascal Hambourg <pascal(a)plouf.fr.eu.org> sky2: Add device ID 11ab:4373 for Marvell 88E8075 Evgenii Shatokhin <e.shatokhin(a)yadro.com> pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking Dan Carpenter <dan.carpenter(a)linaro.org> RDMA/uverbs: Prevent integer overflow issue Arnd Bergmann <arnd(a)arndb.de> kcov: mark in_softirq_really() as __always_inline Takashi Iwai <tiwai(a)suse.de> ALSA: seq: oss: Fix races at processing SysEx messages Daniel Schaefer <dhs(a)frame.work> ALSA hda/realtek: Add quirk for Framework F111:000C Masahiro Yamada <masahiroy(a)kernel.org> modpost: fix the missed iteration for the max bit in do_input() Masahiro Yamada <masahiroy(a)kernel.org> modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host Michal Pecio <michal.pecio(a)gmail.com> usb: xhci: Avoid queuing redundant Stop Endpoint commands Leon Romanovsky <leon(a)kernel.org> ARC: build: Try to guess GCC variant of cross compiler Uros Bizjak <ubizjak(a)gmail.com> irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_core: Fix sleeping function called from invalid context Daniele Palmas <dnlplm(a)gmail.com> net: usb: qmi_wwan: add Telit FE910C04 compositions Hobin Woo <hobin.woo(a)samsung.com> ksmbd: retry iterate_dir in smb2_query_dir Anton Protopopov <aspsk(a)isovalent.com> bpf: fix potential error return Adrian Ratiu <adrian.ratiu(a)collabora.com> sound: usb: format: don't warn that raw DSD is unsupported Adrian Ratiu <adrian.ratiu(a)collabora.com> sound: usb: enable DSD output for ddHiFi TC44C Vasiliy Kovalev <kovalev(a)altlinux.org> ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model Filipe Manana <fdmanana(a)suse.com> btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount Prike Liang <Prike.Liang(a)amd.com> drm/amdkfd: Correct the migration DMA map direction Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: mac80211: wake the queues in case of failure in resume Filipe Manana <fdmanana(a)suse.com> btrfs: fix use-after-free when COWing tree bock and tracing is enabled Filipe Manana <fdmanana(a)suse.com> btrfs: rename and export __btrfs_cow_block() Eric Dumazet <edumazet(a)google.com> ila: serialize calls to nf_register_net_hooks() Eric Dumazet <edumazet(a)google.com> af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Eric Dumazet <edumazet(a)google.com> af_packet: fix vlan_get_tci() vs MSG_PEEK Maciej S. Szmigiero <mail(a)maciej.szmigiero.name> net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() Eric Dumazet <edumazet(a)google.com> net: restrict SO_REUSEPORT to inet sockets Willem de Bruijn <willemb(a)google.com> net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets Li Zhijian <lizhijian(a)fujitsu.com> RDMA/rtrs: Ensure 'ib_sge list' is accessible Jinjian Song <jinjian.song(a)fibocom.com> net: wwan: t7xx: Fix FSM command timeout issue Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> net: mv643xx_eth: fix an OF node reference leak Vitalii Mordan <mordan(a)ispras.ru> eth: bcmsysport: fix call balance of priv->clk handling routines Tanya Agarwal <tanyaagarwal25699(a)gmail.com> ALSA: usb-audio: US16x08: Initialize array before use Antonio Pastor <antonio.pastor(a)gmail.com> net: llc: reset skb->transport_header Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext Rodrigo Vivi <rodrigo.vivi(a)intel.com> drm/i915/dg1: Fix power gate sequence. Ilya Shchipletsov <rabbelkin(a)mail.ru> netrom: check buffer length before accessing it Xiao Liang <shaw.leon(a)gmail.com> net: Fix netns for ip_tunnel_init_flow() Ido Schimmel <idosch(a)nvidia.com> ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() Ido Schimmel <idosch(a)nvidia.com> ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() Ido Schimmel <idosch(a)nvidia.com> ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() Eric Dumazet <edumazet(a)google.com> ip_tunnel: annotate data-races around t->parms.link Christian Ehrig <cehrig(a)cloudflare.com> ipip,ip_tunnel,sit: Add FOU support for externally controlled ipip devices Wang Liang <wangliang74(a)huawei.com> net: fix memory leak in tcp_conn_request() Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> net: stmmac: restructure the error path of stmmac_probe_config_dt() Andrew Halaney <ahalaney(a)redhat.com> net: stmmac: don't create a MDIO bus if unnecessary Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> net: stmmac: platform: provide devm_stmmac_probe_config_dt() Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix missing flush CQE for DWQE Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix warning storm caused by invalid input in IO path wenglianfa <wenglianfa(a)huawei.com> RDMA/hns: Fix mapping error of zero-hop WQE buffer Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Remove unused parameters and variables Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Refactor mtr find Tristram Ha <tristram.ha(a)microchip.com> net: dsa: microchip: Fix LAN937X set_ageing_time function Oleksij Rempel <linux(a)rempel-privat.de> net: dsa: microchip: add ksz_rmw8() function Tristram Ha <tristram.ha(a)microchip.com> net: dsa: microchip: Fix KSZ9477 set_ageing_time function Stefan Ekenberg <stefan.ekenberg(a)axis.com> drm/bridge: adv7511_audio: Update Audio InfoFrame properly Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix the locking while accessing the QP table Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix max_qp_wrs reported Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix reporting hw_ver in query_device Saravanan Vajravel <saravanan.vajravel(a)broadcom.com> RDMA/bnxt_re: Add check for path mtu in modify_qp Patrisious Haddad <phaddad(a)nvidia.com> RDMA/mlx5: Enforce same type port association for multiport RoCE Jeremy Kerr <jk(a)codeconstruct.com.au> net: mctp: handle skb cleanup on sock_queue failures Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Turn NEC specific quirk for handling Stop Endpoint errors generic Michal Pecio <michal.pecio(a)gmail.com> usb: xhci: Limit Stop Endpoint retries Michal Pecio <michal.pecio(a)gmail.com> xhci: retry Stop Endpoint on buggy NEC controllers Mario Limonciello <mario.limonciello(a)amd.com> thunderbolt: Don't display nvm_version unless upgrade supported Mika Westerberg <mika.westerberg(a)linux.intel.com> thunderbolt: Add support for Intel Panther Lake-M/P Mika Westerberg <mika.westerberg(a)linux.intel.com> thunderbolt: Add support for Intel Lunar Lake Steven Rostedt <rostedt(a)goodmis.org> tracing: Have process_string() also allow arrays Johannes Thumshirn <johannes.thumshirn(a)wdc.com> btrfs: fix use-after-free in btrfs_encoded_read_endio() Thiébaud Weksteen <tweek(a)google.com> selinux: ignore unknown extended permissions Naman Jain <namjain(a)linux.microsoft.com> x86/hyperv: Fix hv tsc page based sched_clock for hibernation ------------- Diffstat: .../bindings/display/bridge/adi,adv7533.yaml | 2 +- Makefile | 4 +- arch/arc/Makefile | 2 +- arch/x86/kernel/cpu/mshyperv.c | 58 ++++++++ drivers/clocksource/hyperv_timer.c | 14 +- drivers/gpu/drm/amd/amdkfd/kfd_migrate.c | 4 +- drivers/gpu/drm/bridge/adv7511/adv7511_audio.c | 14 +- drivers/gpu/drm/bridge/adv7511/adv7533.c | 2 +- drivers/gpu/drm/i915/gt/intel_rc6.c | 2 +- drivers/infiniband/core/uverbs_cmd.c | 16 ++- drivers/infiniband/hw/bnxt_re/ib_verbs.c | 28 ++-- drivers/infiniband/hw/bnxt_re/qplib_fp.c | 2 + drivers/infiniband/hw/bnxt_re/qplib_sp.c | 2 +- drivers/infiniband/hw/hns/hns_roce_alloc.c | 3 +- drivers/infiniband/hw/hns/hns_roce_cq.c | 11 +- drivers/infiniband/hw/hns/hns_roce_device.h | 12 +- drivers/infiniband/hw/hns/hns_roce_hem.c | 54 +++++--- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 130 ++++++++--------- drivers/infiniband/hw/hns/hns_roce_mr.c | 95 ++++++++----- drivers/infiniband/hw/hns/hns_roce_qp.c | 4 +- drivers/infiniband/hw/hns/hns_roce_srq.c | 4 +- drivers/infiniband/hw/mlx5/main.c | 6 +- drivers/infiniband/ulp/rtrs/rtrs-srv.c | 2 +- drivers/irqchip/irq-gic.c | 2 +- drivers/net/dsa/microchip/ksz9477.c | 47 +++++-- drivers/net/dsa/microchip/ksz9477_reg.h | 4 +- drivers/net/dsa/microchip/ksz_common.h | 5 + drivers/net/dsa/microchip/lan937x_main.c | 62 ++++++++- drivers/net/dsa/microchip/lan937x_reg.h | 9 +- drivers/net/ethernet/broadcom/bcmsysport.c | 21 ++- drivers/net/ethernet/marvell/mv643xx_eth.c | 14 +- drivers/net/ethernet/marvell/sky2.c | 1 + .../net/ethernet/mellanox/mlxsw/spectrum_span.c | 3 +- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 153 +++++++++++++++------ .../net/ethernet/stmicro/stmmac/stmmac_platform.h | 2 + drivers/net/usb/qmi_wwan.c | 3 + drivers/net/wwan/iosm/iosm_ipc_mmio.c | 2 +- drivers/net/wwan/t7xx/t7xx_state_monitor.c | 26 ++-- drivers/net/wwan/t7xx/t7xx_state_monitor.h | 5 +- drivers/pinctrl/pinctrl-mcp23s08.c | 6 + drivers/thunderbolt/nhi.c | 12 ++ drivers/thunderbolt/nhi.h | 6 + drivers/thunderbolt/retimer.c | 17 ++- drivers/usb/host/xhci-ring.c | 42 +++++- drivers/usb/host/xhci.c | 21 ++- drivers/usb/host/xhci.h | 2 + fs/btrfs/ctree.c | 37 +++-- fs/btrfs/ctree.h | 7 + fs/btrfs/disk-io.c | 9 ++ fs/btrfs/inode.c | 2 +- fs/smb/server/smb2pdu.c | 12 +- fs/smb/server/vfs.h | 1 + include/clocksource/hyperv_timer.h | 2 + include/linux/if_vlan.h | 16 ++- include/linux/mlx5/driver.h | 6 + include/net/bluetooth/hci_core.h | 108 ++++++++++----- include/net/ip_tunnels.h | 28 ++-- include/net/netfilter/nf_tables.h | 7 +- kernel/bpf/core.c | 6 +- kernel/kcov.c | 2 +- kernel/trace/trace_events.c | 12 ++ mm/readahead.c | 6 +- mm/vmscan.c | 9 +- net/bluetooth/hci_core.c | 10 +- net/bluetooth/iso.c | 6 + net/bluetooth/l2cap_core.c | 12 +- net/bluetooth/rfcomm/core.c | 6 + net/bluetooth/sco.c | 12 +- net/core/dev.c | 4 +- net/core/sock.c | 5 +- net/ipv4/ip_tunnel.c | 60 +++++--- net/ipv4/ipip.c | 1 + net/ipv4/tcp_input.c | 1 + net/ipv6/ila/ila_xlat.c | 16 ++- net/ipv6/sit.c | 2 +- net/llc/llc_input.c | 2 +- net/mac80211/util.c | 3 + net/mctp/route.c | 36 +++-- net/mptcp/options.c | 7 + net/mptcp/protocol.c | 22 +-- net/netrom/nr_route.c | 6 + net/packet/af_packet.c | 28 +--- net/sctp/associola.c | 3 +- scripts/mod/file2alias.c | 4 +- security/selinux/ss/services.c | 8 +- sound/core/seq/oss/seq_oss_synth.c | 2 + sound/pci/hda/patch_realtek.c | 2 + sound/usb/format.c | 7 +- sound/usb/mixer_us16x08.c | 2 +- sound/usb/quirks.c | 2 + 90 files changed, 1031 insertions(+), 444 deletions(-) [View Less]

3 months, 3 weeks

12
92
0 0

[PATCH 6.12 000/156] 6.12.9-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.12.9 release. There are 156 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Jan 2025 15:11:04 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.12.9-rc1… or in the git tree and … [View More]branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.12.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.12.9-rc1 Paolo Abeni <pabeni(a)redhat.com> mptcp: don't always assume copied data in mptcp_cleanup_rbuf() Paolo Abeni <pabeni(a)redhat.com> mptcp: fix recvbuffer adjust on sleeping rcvmsg Paolo Abeni <pabeni(a)redhat.com> mptcp: fix TCP options overflow. Liu Shixin <liushixin2(a)huawei.com> mm: hugetlb: independent PMD page table shared count Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: reinstate ability to map write-sealed memfd mappings read-only Seiji Nishikawa <snishika(a)redhat.com> mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() Alessandro Carminati <acarmina(a)redhat.com> mm/kmemleak: fix sleeping function called from invalid context at print message Yafang Shao <laoar.shao(a)gmail.com> mm/readahead: fix large folio support in async readahead Joshua Washington <joshwash(a)google.com> gve: trigger RX NAPI instead of TX NAPI in gve_xsk_wakeup Joshua Washington <joshwash(a)google.com> gve: guard XDP xmit NDO on existence of xdp queues Joshua Washington <joshwash(a)google.com> gve: fix XDP allocation path in edge cases Joshua Washington <joshwash(a)google.com> gve: guard XSK operations on the existence of queues Joshua Washington <joshwash(a)google.com> gve: clean XDP queues in gve_tx_stop_ring_gqi Joshua Washington <joshwash(a)google.com> gve: process XSK TX descriptors as part of RX NAPI David Hildenbrand <david(a)redhat.com> fs/proc/task_mmu: fix pagemap flags with PMD THP entries on 32bit Baolin Wang <baolin.wang(a)linux.alibaba.com> mm: shmem: fix incorrect index alignment for within_size policy Baolin Wang <baolin.wang(a)linux.alibaba.com> mm: shmem: fix the update of 'shmem_falloc->nr_unswapped' SeongJae Park <sj(a)kernel.org> mm/damon/core: fix new damon_target objects leaks on damon_commit_targets() SeongJae Park <sj(a)kernel.org> mm/damon/core: fix ignored quota goals and filters of newly committed schemes Siddharth Vadapalli <s-vadapalli(a)ti.com> net: ethernet: ti: am65-cpsw: default to round-robin for host port receive Zilin Guan <zilin(a)seu.edu.cn> fgraph: Add READ_ONCE() when accessing fgraph_array[] Kees Cook <kees(a)kernel.org> wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* Biju Das <biju.das.jz(a)bp.renesas.com> drm: adv7511: Fix use-after-free in adv7533_attach_dsi() Biju Das <biju.das.jz(a)bp.renesas.com> dt-bindings: display: adi,adv7533: Drop single lane support Biju Das <biju.das.jz(a)bp.renesas.com> drm: adv7511: Drop dsi single lane support Pavel Begunkov <asml.silence(a)gmail.com> io_uring/rw: fix downgraded mshot read Nikolay Kuratov <kniv(a)yandex-team.ru> net/sctp: Prevent autoclose integer overflow in sctp_association_init() Henry Huang <henry.hj(a)antgroup.com> sched_ext: initialize kit->cursor.flags Pascal Hambourg <pascal(a)plouf.fr.eu.org> sky2: Add device ID 11ab:4373 for Marvell 88E8075 Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker Evgenii Shatokhin <e.shatokhin(a)yadro.com> pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking Dan Carpenter <dan.carpenter(a)linaro.org> RDMA/uverbs: Prevent integer overflow issue Tejun Heo <tj(a)kernel.org> sched_ext: Fix invalid irq restore in scx_ops_bypass() Kuan-Wei Chiu <visitorckw(a)gmail.com> scripts/sorttable: fix orc_sort_cmp() to maintain symmetry and transitivity Nikolaus Voss <nv(a)vosn.de> clk: clk-imx8mp-audiomix: fix function signature Yang Erkun <yangerkun(a)huawei.com> maple_tree: reload mas before the second call for mas_empty_area Arnd Bergmann <arnd(a)arndb.de> kcov: mark in_softirq_really() as __always_inline Dennis Lam <dennis.lamerice(a)gmail.com> ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv Takashi Iwai <tiwai(a)suse.de> ALSA: seq: oss: Fix races at processing SysEx messages Daniel Schaefer <dhs(a)frame.work> ALSA hda/realtek: Add quirk for Framework F111:000C Nirmoy Das <nirmoy.das(a)intel.com> drm/xe: Wait for migration job before unmapping pages Nirmoy Das <nirmoy.das(a)intel.com> drm/xe: Use non-interruptible wait when moving BO to system Kohei Enju <enjuk(a)amazon.com> ftrace: Fix function profiler's filtering functionality Takashi Iwai <tiwai(a)suse.de> ALSA: seq: Check UMP support for midi_version change Jens Axboe <axboe(a)kernel.dk> io_uring/kbuf: use pre-committed buffer address for non-pollable file Mark Zhang <markzhang(a)nvidia.com> RDMA/mlx5: Enable multiplane mode only when it is supported Takashi Iwai <tiwai(a)suse.de> Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" Thomas Weißschuh <linux(a)weissschuh.net> kbuild: pacman-pkg: provide versioned linux-api-headers package Masahiro Yamada <masahiroy(a)kernel.org> modpost: fix the missed iteration for the max bit in do_input() Mostafa Saleh <smostafa(a)google.com> scripts/mksysmap: Fix escape chars '$' Maksim Kiselev <bigunclemax(a)gmail.com> clk: thead: Fix TH1520 emmc and shdci clock rate Eduard Zingerman <eddyz87(a)gmail.com> bpf: consider that tail calls invalidate packet pointers Eduard Zingerman <eddyz87(a)gmail.com> bpf: refactor bpf_helper_changes_pkt_data to use helper number Leon Romanovsky <leon(a)kernel.org> ARC: build: Try to guess GCC variant of cross compiler Uros Bizjak <ubizjak(a)gmail.com> irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_core: Fix sleeping function called from invalid context Daniele Palmas <dnlplm(a)gmail.com> net: usb: qmi_wwan: add Telit FE910C04 compositions Enzo Matsumiya <ematsumiya(a)suse.de> smb: client: destroy cfid_put_wq on module exit Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: set ATTR_CTIME flags when setting mtime Hobin Woo <hobin.woo(a)samsung.com> ksmbd: retry iterate_dir in smb2_query_dir Anton Protopopov <aspsk(a)isovalent.com> bpf: fix potential error return Hardevsinh Palaniya <hardevsinh.palaniya(a)siliconsignals.io> ARC: bpf: Correct conditional check in 'check_jmp_32' Paul E. McKenney <paulmck(a)kernel.org> ARC: build: Use __force to suppress per-CPU cmpxchg warnings Vineet Gupta <vgupta(a)kernel.org> ARC: build: disallow invalid PAE40 + 4K page config Stephen Gordon <gordoste(a)iinet.net.au> ASoC: audio-graph-card: Call of_node_put() on correct node Niravkumar L Rabara <niravkumar.l.rabara(a)intel.com> spi: spi-cadence-qspi: Disable STIG mode for Altera SoCFPGA. Adrian Ratiu <adrian.ratiu(a)collabora.com> sound: usb: format: don't warn that raw DSD is unsupported Adrian Ratiu <adrian.ratiu(a)collabora.com> sound: usb: enable DSD output for ddHiFi TC44C Vasiliy Kovalev <kovalev(a)altlinux.org> ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model Takashi Iwai <tiwai(a)suse.de> ALSA: hda/ca0132: Use standard HD-audio quirk matching helpers Filipe Manana <fdmanana(a)suse.com> btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount Johannes Thumshirn <johannes.thumshirn(a)wdc.com> btrfs: handle bio_split() errors Vasiliy Kovalev <kovalev(a)altlinux.org> ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio Simon Trimmer <simont(a)opensource.cirrus.com> ALSA: hda: cs35l56: Remove calls to cs35l56_force_sync_asp1_registers_from_cache() Prike Liang <Prike.Liang(a)amd.com> drm/amdkfd: Correct the migration DMA map direction Victor Zhao <Victor.Zhao(a)amd.com> drm/amdgpu: use sjt mec fw on gfx943 for sriov Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: mac80211: wake the queues in case of failure in resume Aditya Kumar Singh <quic_adisi(a)quicinc.com> wifi: cfg80211: clear link ID from bitmap during link delete after clean up Issam Hamdi <ih(a)simonwunderlich.de> wifi: mac80211: fix mbss changed flags corruption on 32 bit systems Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Add Arrow Lake U support Filipe Manana <fdmanana(a)suse.com> btrfs: allow swap activation to be interruptible Meghana Malladi <m-malladi(a)ti.com> net: ti: icssg-prueth: Fix clearing of IEP_CMP_CFG registers during iep_init MD Danish Anwar <danishanwar(a)ti.com> net: ti: icssg-prueth: Fix firmware load sequence. Eric Dumazet <edumazet(a)google.com> ila: serialize calls to nf_register_net_hooks() Eric Dumazet <edumazet(a)google.com> af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Eric Dumazet <edumazet(a)google.com> af_packet: fix vlan_get_tci() vs MSG_PEEK Maciej S. Szmigiero <mail(a)maciej.szmigiero.name> net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() Eric Dumazet <edumazet(a)google.com> net: restrict SO_REUSEPORT to inet sockets Willem de Bruijn <willemb(a)google.com> net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets Liang Jie <liangjie(a)lixiang.com> net: sfc: Correct key_len for efx_tc_ct_zone_ht_params Jens Axboe <axboe(a)kernel.dk> io_uring/net: always initialize kmsg->msg.msg_inq upfront Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix error recovery sequence Li Zhijian <lizhijian(a)fujitsu.com> RDMA/rtrs: Ensure 'ib_sge list' is accessible Jinjian Song <jinjian.song(a)fibocom.com> net: wwan: t7xx: Fix FSM command timeout issue Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> net: mv643xx_eth: fix an OF node reference leak Vitalii Mordan <mordan(a)ispras.ru> eth: bcmsysport: fix call balance of priv->clk handling routines Tanya Agarwal <tanyaagarwal25699(a)gmail.com> ALSA: usb-audio: US16x08: Initialize array before use Leo Stone <leocstone(a)gmail.com> nvmet: Don't overflow subsysnqn Antonio Pastor <antonio.pastor(a)gmail.com> net: llc: reset skb->transport_header Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext Su Hui <suhui(a)nfschina.com> workqueue: add printf attribute to __alloc_workqueue() Rodrigo Vivi <rodrigo.vivi(a)intel.com> drm/i915/dg1: Fix power gate sequence. Suraj Kandpal <suraj.kandpal(a)intel.com> drm/i915/cx0_phy: Fix C10 pll programming sequence Zhu Yanjun <yanjun.zhu(a)linux.dev> RDMA/rxe: Remove the direct link to net_device Jianbo Liu <jianbol(a)nvidia.com> net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only Jianbo Liu <jianbol(a)nvidia.com> net/mlx5e: Skip restore TC rules for vport rep without loaded flag Dragos Tatulea <dtatulea(a)nvidia.com> net/mlx5e: macsec: Maintain TX SA from encoding_sa Shahar Shitrit <shshitrit(a)nvidia.com> net/mlx5: DR, select MSIX vector 0 for completion queue creation Kory Maincent <kory.maincent(a)bootlin.com> net: pse-pd: tps23881: Fix power on/off issue Ilya Shchipletsov <rabbelkin(a)mail.ru> netrom: check buffer length before accessing it Xiao Liang <shaw.leon(a)gmail.com> net: Fix netns for ip_tunnel_init_flow() Wang Liang <wangliang74(a)huawei.com> net: fix memory leak in tcp_conn_request() Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> net: stmmac: restructure the error path of stmmac_probe_config_dt() Lucas De Marchi <lucas.demarchi(a)intel.com> drm/xe: Fix fault on fd close after unbind Michal Wajdeczko <michal.wajdeczko(a)intel.com> drm/xe/pf: Use correct function to check LMEM provisioning John Harrison <John.C.Harrison(a)Intel.com> drm/xe: Revert some changes that break a mesa debug tool Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix missing flush CQE for DWQE Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix warning storm caused by invalid input in IO path Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix accessing invalid dip_ctx during destroying QP wenglianfa <wenglianfa(a)huawei.com> RDMA/hns: Fix mapping error of zero-hop WQE buffer Jakub Kicinski <kuba(a)kernel.org> netdev-genl: avoid empty messages in napi get Vladimir Oltean <vladimir.oltean(a)nxp.com> selftests: net: local_termination: require mausezahn Tristram Ha <tristram.ha(a)microchip.com> net: dsa: microchip: Fix LAN937X set_ageing_time function Tristram Ha <tristram.ha(a)microchip.com> net: dsa: microchip: Fix KSZ9477 set_ageing_time function Stefan Ekenberg <stefan.ekenberg(a)axis.com> drm/bridge: adv7511_audio: Update Audio InfoFrame properly Wei Fang <wei.fang(a)nxp.com> net: phy: micrel: Dynamically control external clock of KSZ PHY Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix the locking while accessing the QP table Damodharam Ammepalli <damodharam.ammepalli(a)broadcom.com> RDMA/bnxt_re: Fix MSN table size for variable wqe mode Damodharam Ammepalli <damodharam.ammepalli(a)broadcom.com> RDMA/bnxt_re: Add send queue size check for variable wqe Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Disable use of reserved wqes Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix max_qp_wrs reported Bernard Metzler <bmt(a)zurich.ibm.com> RDMA/siw: Remove direct link to net_device Chiara Meiohas <cmeiohas(a)nvidia.com> RDMA/nldev: Set error code in rdma_nl_notify_event Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix reporting hw_ver in query_device Saravanan Vajravel <saravanan.vajravel(a)broadcom.com> RDMA/bnxt_re: Add check for path mtu in modify_qp Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix the check for 9060 condition Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: iwlwifi: fix CRF name for Bz Robert Beckett <bob.beckett(a)collabora.com> nvme-pci: 512 byte aligned dma pool segment quirk Anumula Murali Mohan Reddy <anumula(a)chelsio.com> RDMA/core: Fix ENODEV error for iWARP test over vlan Kashyap Desai <kashyap.desai(a)broadcom.com> RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Avoid initializing the software queue for user queues Kashyap Desai <kashyap.desai(a)broadcom.com> RDMA/bnxt_re: Fix max SGEs for the Work Request Patrisious Haddad <phaddad(a)nvidia.com> RDMA/mlx5: Enforce same type port association for multiport RoCE guanjing <guanjing(a)cmss.chinamobile.com> sched_ext: fix application of sizeof to pointer Leon Romanovsky <leon(a)kernel.org> RDMA/bnxt_re: Remove always true dattr validity check Christoph Hellwig <hch(a)lst.de> btrfs: use bio_is_zone_append() in the completion handler Christoph Hellwig <hch(a)lst.de> block: lift bio_is_zone_append to bio.h Steven Rostedt <rostedt(a)goodmis.org> tracing: Have process_string() also allow arrays Lucas Stach <l.stach(a)pengutronix.de> pmdomain: core: add dummy release function to genpd device Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> pmdomain: imx: gpcv2: fix an OF node reference leak in imx_gpcv2_probe() Eric Biggers <ebiggers(a)google.com> mmc: sdhci-msm: fix crypto key eviction Thiébaud Weksteen <tweek(a)google.com> selinux: ignore unknown extended permissions Mingcong Bai <jeffbai(a)aosc.io> platform/x86: hp-wmi: mark 8A15 board for timed OMEN thermal profile Vishnu Sankar <vishnuocv(a)gmail.com> platform/x86: thinkpad-acpi: Add support for hotkey 0x1401 Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: fix backport of commit 73dae652dcac Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> platform/x86: mlx-platform: call pci_dev_put() to balance the refcount ------------- Diffstat: .../admin-guide/laptops/thinkpad-acpi.rst | 10 +- .../bindings/display/bridge/adi,adv7533.yaml | 2 +- Makefile | 4 +- arch/arc/Kconfig | 4 +- arch/arc/Makefile | 2 +- arch/arc/include/asm/cmpxchg.h | 2 +- arch/arc/net/bpf_jit_arcv2.c | 2 +- arch/x86/events/intel/core.c | 1 + block/blk.h | 9 - drivers/clk/imx/clk-imx8mp-audiomix.c | 3 +- drivers/clk/thead/clk-th1520-ap.c | 13 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 6 +- drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c | 10 +- drivers/gpu/drm/amd/amdkfd/kfd_migrate.c | 4 +- drivers/gpu/drm/bridge/adv7511/adv7511_audio.c | 14 +- drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 10 +- drivers/gpu/drm/bridge/adv7511/adv7533.c | 4 +- drivers/gpu/drm/i915/display/intel_cx0_phy.c | 12 +- drivers/gpu/drm/i915/gt/intel_rc6.c | 2 +- drivers/gpu/drm/xe/xe_bo.c | 12 +- drivers/gpu/drm/xe/xe_devcoredump.c | 15 +- drivers/gpu/drm/xe/xe_exec_queue.c | 9 + drivers/gpu/drm/xe/xe_gt_sriov_pf_config.c | 2 +- drivers/infiniband/core/cma.c | 16 ++ drivers/infiniband/core/nldev.c | 2 +- drivers/infiniband/core/uverbs_cmd.c | 16 +- drivers/infiniband/hw/bnxt_re/ib_verbs.c | 34 +-- drivers/infiniband/hw/bnxt_re/main.c | 8 +- drivers/infiniband/hw/bnxt_re/qplib_fp.c | 65 +++-- drivers/infiniband/hw/bnxt_re/qplib_fp.h | 3 +- drivers/infiniband/hw/bnxt_re/qplib_rcfw.c | 5 +- drivers/infiniband/hw/bnxt_re/qplib_sp.c | 18 +- drivers/infiniband/hw/hns/hns_roce_hem.c | 43 +++- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 11 +- drivers/infiniband/hw/hns/hns_roce_mr.c | 5 - drivers/infiniband/hw/mlx5/main.c | 8 +- drivers/infiniband/sw/rxe/rxe.c | 23 +- drivers/infiniband/sw/rxe/rxe.h | 3 +- drivers/infiniband/sw/rxe/rxe_mcast.c | 22 +- drivers/infiniband/sw/rxe/rxe_net.c | 24 +- drivers/infiniband/sw/rxe/rxe_verbs.c | 26 +- drivers/infiniband/sw/rxe/rxe_verbs.h | 11 +- drivers/infiniband/sw/siw/siw.h | 7 +- drivers/infiniband/sw/siw/siw_cm.c | 27 +- drivers/infiniband/sw/siw/siw_main.c | 15 +- drivers/infiniband/sw/siw/siw_verbs.c | 35 ++- drivers/infiniband/ulp/rtrs/rtrs-srv.c | 2 +- drivers/irqchip/irq-gic.c | 2 +- drivers/mmc/host/sdhci-msm.c | 16 +- drivers/net/dsa/microchip/ksz9477.c | 47 +++- drivers/net/dsa/microchip/ksz9477_reg.h | 4 +- drivers/net/dsa/microchip/lan937x_main.c | 62 ++++- drivers/net/dsa/microchip/lan937x_reg.h | 9 +- drivers/net/ethernet/broadcom/bcmsysport.c | 21 +- drivers/net/ethernet/google/gve/gve.h | 1 + drivers/net/ethernet/google/gve/gve_main.c | 63 +++-- drivers/net/ethernet/google/gve/gve_tx.c | 46 ++-- drivers/net/ethernet/marvell/mv643xx_eth.c | 14 +- drivers/net/ethernet/marvell/sky2.c | 1 + .../ethernet/mellanox/mlx5/core/en_accel/macsec.c | 4 + drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 19 +- drivers/net/ethernet/mellanox/mlx5/core/en_rep.c | 15 ++ .../net/ethernet/mellanox/mlx5/core/esw/ipsec_fs.c | 6 +- drivers/net/ethernet/mellanox/mlx5/core/eswitch.h | 3 + .../ethernet/mellanox/mlx5/core/eswitch_offloads.c | 5 +- .../ethernet/mellanox/mlx5/core/steering/dr_send.c | 4 +- .../net/ethernet/mellanox/mlxsw/spectrum_span.c | 3 +- drivers/net/ethernet/sfc/tc_conntrack.c | 2 +- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 43 ++-- drivers/net/ethernet/ti/am65-cpsw-nuss.c | 2 +- drivers/net/ethernet/ti/icssg/icss_iep.c | 8 + drivers/net/ethernet/ti/icssg/icssg_common.c | 25 -- drivers/net/ethernet/ti/icssg/icssg_config.c | 41 ++- drivers/net/ethernet/ti/icssg/icssg_config.h | 1 + drivers/net/ethernet/ti/icssg/icssg_prueth.c | 281 ++++++++++++++------- drivers/net/ethernet/ti/icssg/icssg_prueth.h | 5 +- drivers/net/ethernet/ti/icssg/icssg_prueth_sr1.c | 24 +- drivers/net/phy/micrel.c | 114 ++++++++- drivers/net/pse-pd/tps23881.c | 16 +- drivers/net/usb/qmi_wwan.c | 3 + drivers/net/wireless/intel/iwlwifi/cfg/bz.c | 1 + drivers/net/wireless/intel/iwlwifi/iwl-config.h | 1 + drivers/net/wireless/intel/iwlwifi/mvm/d3.c | 14 +- drivers/net/wireless/intel/iwlwifi/pcie/drv.c | 41 ++- drivers/net/wwan/iosm/iosm_ipc_mmio.c | 2 +- drivers/net/wwan/t7xx/t7xx_state_monitor.c | 26 +- drivers/net/wwan/t7xx/t7xx_state_monitor.h | 5 +- drivers/nvme/host/nvme.h | 5 + drivers/nvme/host/pci.c | 9 +- drivers/nvme/target/configfs.c | 11 +- drivers/pinctrl/pinctrl-mcp23s08.c | 6 + drivers/platform/x86/hp/hp-wmi.c | 4 +- drivers/platform/x86/mlx-platform.c | 2 + drivers/platform/x86/thinkpad_acpi.c | 4 +- drivers/pmdomain/core.c | 6 + drivers/pmdomain/imx/gpcv2.c | 4 +- drivers/spi/spi-cadence-quadspi.c | 10 +- fs/btrfs/bio.c | 23 +- fs/btrfs/disk-io.c | 9 + fs/btrfs/inode.c | 5 + fs/ocfs2/quota_global.c | 2 +- fs/ocfs2/quota_local.c | 1 + fs/proc/task_mmu.c | 2 +- fs/smb/client/cifsfs.c | 1 + fs/smb/server/smb2pdu.c | 22 +- fs/smb/server/vfs.h | 1 + include/linux/bio.h | 17 ++ include/linux/filter.h | 2 +- include/linux/if_vlan.h | 16 +- include/linux/memfd.h | 14 + include/linux/mlx5/driver.h | 7 + include/linux/mlx5/mlx5_ifc.h | 4 +- include/linux/mm.h | 57 +++-- include/linux/mm_types.h | 30 +++ include/net/bluetooth/hci_core.h | 108 +++++--- include/net/netfilter/nf_tables.h | 7 +- include/sound/cs35l56.h | 6 - io_uring/kbuf.c | 4 +- io_uring/net.c | 1 + io_uring/rw.c | 2 + kernel/bpf/core.c | 8 +- kernel/bpf/verifier.c | 2 +- kernel/kcov.c | 2 +- kernel/sched/ext.c | 4 +- kernel/trace/fgraph.c | 2 +- kernel/trace/ftrace.c | 8 +- kernel/trace/trace_events.c | 12 + kernel/workqueue.c | 23 +- lib/maple_tree.c | 1 + mm/damon/core.c | 10 +- mm/hugetlb.c | 16 +- mm/kmemleak.c | 2 +- mm/memfd.c | 2 +- mm/mmap.c | 4 + mm/readahead.c | 6 +- mm/shmem.c | 7 +- mm/vmscan.c | 9 +- net/bluetooth/hci_core.c | 10 +- net/bluetooth/iso.c | 6 + net/bluetooth/l2cap_core.c | 12 +- net/bluetooth/rfcomm/core.c | 6 + net/bluetooth/sco.c | 12 +- net/core/dev.c | 4 +- net/core/filter.c | 63 +++-- net/core/netdev-genl.c | 6 +- net/core/sock.c | 5 +- net/ipv4/ip_tunnel.c | 6 +- net/ipv4/tcp_input.c | 1 + net/ipv6/ila/ila_xlat.c | 16 +- net/llc/llc_input.c | 2 +- net/mac80211/cfg.c | 8 +- net/mac80211/mesh.c | 6 +- net/mac80211/util.c | 3 + net/mptcp/options.c | 7 + net/mptcp/protocol.c | 22 +- net/netrom/nr_route.c | 6 + net/packet/af_packet.c | 28 +- net/sctp/associola.c | 3 +- net/wireless/util.c | 3 +- scripts/mksysmap | 4 +- scripts/mod/file2alias.c | 2 +- scripts/package/PKGBUILD | 2 +- scripts/sorttable.h | 5 +- security/selinux/ss/services.c | 8 +- sound/core/seq/oss/seq_oss_synth.c | 2 + sound/core/seq/seq_clientmgr.c | 14 +- sound/core/ump.c | 2 +- sound/pci/hda/cs35l56_hda.c | 8 - sound/pci/hda/patch_ca0132.c | 37 +-- sound/pci/hda/patch_realtek.c | 24 ++ sound/soc/generic/audio-graph-card2.c | 2 +- sound/usb/format.c | 7 +- sound/usb/mixer_us16x08.c | 2 +- sound/usb/quirks.c | 2 + tools/sched_ext/scx_central.c | 2 +- tools/testing/selftests/bpf/progs/tc_bpf2bpf.c | 2 + .../selftests/net/forwarding/local_termination.sh | 1 - 177 files changed, 1698 insertions(+), 764 deletions(-) [View Less]

3 months, 3 weeks

19
175
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror January 2025